def process_port_security(self, context, port): subnet_id = port['fixed_ips'][0]['subnet_id'] subnet_mapping = nuagedb.get_subnet_l2dom_by_id( context.session, subnet_id) vport = self._get_nuage_vport(port, subnet_mapping, required=False) if not vport: return if port.get(portsecurity.PORTSECURITY): self.client.update_vport_policygroups(vport['ID'], []) return l2dom_id, l3dom_id = get_l2_and_l3_sub_id(subnet_mapping) rtr_id = None if l3dom_id: rtr_id = (self.client.get_nuage_domain_id_from_subnet(l3dom_id)) params = { 'l2dom_id': l2dom_id, 'l3dom_id': l3dom_id, 'rtr_id': rtr_id, 'type': '', 'sg_type': constants.HARDWARE } policygroup_id = self.client.create_nuage_sec_grp_for_no_port_sec( params) self.client.update_vport_policygroups(vport['ID'], [policygroup_id])
def process_port_redirect_target(self, context, port, rtargets, n_rtargets_ids): if not is_attr_set(rtargets): port[ext_rtarget.REDIRECTTARGETS] = [] return subnet_mapping = nuagedb.get_subnet_l2dom_by_id( context.session, port['fixed_ips'][0]['subnet_id']) for n_rtarget_id in n_rtargets_ids: l2dom_id = subnet_mapping['nuage_subnet_id'] l3dom_id = subnet_mapping['nuage_subnet_id'] try: params = {'neutron_port_id': port['id']} l2_id, l3_id = get_l2_and_l3_sub_id(subnet_mapping) params['l2dom_id'] = l2_id params['l3dom_id'] = l3_id nuage_port = self.vsdclient.get_nuage_vport_by_neutron_id( params) nuage_port['l2dom_id'] = l2dom_id nuage_port['l3dom_id'] = l3dom_id if nuage_port and nuage_port.get('ID'): self.vsdclient.update_nuage_vport_redirect_target( n_rtarget_id, nuage_port.get('ID')) except Exception: raise port[ext_rtarget.REDIRECTTARGETS] = (list(n_rtargets_ids) if n_rtargets_ids else [])
def delete_gw_host_vport(self, context, port, subnet_mapping): port_params = { 'neutron_port_id': port['id'] } # Check if l2domain/subnet exist. In case of router_interface_delete, # subnet is deleted and then call comes to delete_port. In that # case, we just return vsd_subnet = self.vsdclient.get_nuage_subnet_by_mapping(subnet_mapping) if not vsd_subnet: return if self._is_vsd_mgd(subnet_mapping): port_params['l2dom_id'] = subnet_mapping['nuage_subnet_id'] port_params['l3dom_id'] = subnet_mapping['nuage_subnet_id'] else: l2_id, l3_id = get_l2_and_l3_sub_id(subnet_mapping) port_params['l2dom_id'] = l2_id port_params['l3dom_id'] = l3_id nuage_vport = self.vsdclient.get_nuage_vport_by_neutron_id( port_params, required=False) if nuage_vport and (nuage_vport['type'] == constants.HOST_VPORT): def_netpart = cfg.CONF.RESTPROXY.default_net_partition_name netpart = nuagedb.get_default_net_partition(context, def_netpart) self.vsdclient.delete_nuage_gateway_vport( context, nuage_vport.get('ID'), netpart['id'])
def _delete_port_redirect_target_bindings(self, context, port_id): port = self.core_plugin.get_port(context, port_id) subnet_id = port['fixed_ips'][0]['subnet_id'] subnet_mapping = nuagedb.get_subnet_l2dom_by_id( context.session, subnet_id) if subnet_mapping: l2dom_id, l3dom_id = get_l2_and_l3_sub_id(subnet_mapping) params = { 'neutron_port_id': port_id, 'l2dom_id': l2dom_id, 'l3dom_id': l3dom_id } self.vsdclient.delete_port_redirect_target_bindings(params)
def delete_subnet_postcommit(self, context): db_context = context._plugin_context subnet = context.current network = context.network.current mapping = context.nuage_mapping dual_stack_subnet = context.dual_stack_subnet if not mapping: return if self._is_os_mgd(mapping): if network.get('nuage_l2bridge'): with db_context.session.begin(subtransactions=True): l2bridge = nuagedb.get_nuage_l2bridge_blocking( db_context.session, network['nuage_l2bridge']) attempt = 0 while True: try: bridged_subnets = ( nuagedb.get_subnets_for_nuage_l2bridge( db_context.session, l2bridge['id'])) break except db_exc.DBDeadlock: if attempt < 25: LOG.debug("Retrying to get bridged subnets" " due to Deadlock.") attempt += 1 time.sleep(0.2) continue msg = ("Chance of a hanging L2Domain on VSD for" "resource nuage-l2bridge: %s", l2bridge['id']) raise Exception(msg) ipv4s = [ s['id'] for s in bridged_subnets if self._is_ipv4(s) and s['id'] != subnet['id'] ] ipv6s = [ s['id'] for s in bridged_subnets if self._is_ipv6(s) and s['id'] != subnet['id'] ] if ((self._is_ipv4(subnet) and ipv4s) or (self._is_ipv6(subnet) and ipv6s)): return elif not ipv4s and not ipv6s: l2bridge['nuage_subnet_id'] = None else: # Delete subnet from dualstack on vsd dual_stack_subnet = self.core_plugin.get_subnet( db_context, ipv4s[0] if ipv4s else ipv6s[0]) if dual_stack_subnet: v4 = v6 = None if self._is_ipv4(subnet): v6 = dual_stack_subnet else: v4 = dual_stack_subnet self.vsdclient.delete_subnet(mapping=mapping, ipv4_subnet=v4, ipv6_subnet=v6) return else: l2_id, l3_sub_id = get_l2_and_l3_sub_id(mapping) self.vsdclient.delete_subnet(l3_vsd_subnet_id=l3_sub_id, l2dom_id=l2_id, mapping=mapping) else: # VSD managed could be ipv6 + ipv4. If only one of the 2 is # deleted, the use permission should not be removed yet. # Also, there can be multiple subnets mapped to same VSD subnet. clean_groups = True other_mappings = nuagedb.get_subnet_l2doms_by_nuage_id( db_context.session, mapping['nuage_subnet_id']) if other_mappings: for other_mapping in other_mappings: other_subnet = context._plugin.get_subnet( db_context, other_mapping['subnet_id']) if subnet['tenant_id'] == other_subnet['tenant_id']: clean_groups = False break if clean_groups: self._cleanup_group(db_context, mapping['net_partition_id'], mapping['nuage_subnet_id'], subnet)