def _get_tenant_network_usages(request, usages, disabled_quotas, tenant_id):
enabled_quotas = ((NOVA_NETWORK_QUOTA_FIELDS | NEUTRON_QUOTA_FIELDS) -
disabled_quotas)
if not enabled_quotas:
return
# NOTE(amotoki): floatingip is Neutron quota and floating_ips is
# Nova quota. We need to check both.
if {'floatingip', 'floating_ips'} & enabled_quotas:
floating_ips = []
try:
if neutron.floating_ip_supported(request):
floating_ips = neutron.tenant_floating_ip_list(request)
except Exception:
pass
usages.tally('floating_ips', len(floating_ips))
if 'security_group' not in disabled_quotas:
security_groups = []
security_groups = neutron.security_group_list(request)
usages.tally('security_groups', len(security_groups))
if 'network' not in disabled_quotas:
networks = neutron.network_list(request, tenant_id=tenant_id)
usages.tally('networks', len(networks))
if 'subnet' not in disabled_quotas:
subnets = neutron.subnet_list(request, tenant_id=tenant_id)
usages.tally('subnets', len(subnets))
if 'router' not in disabled_quotas:
routers = neutron.router_list(request, tenant_id=tenant_id)
usages.tally('routers', len(routers))
def _get_tenant_network_usages(request, usages, disabled_quotas, tenant_id):
enabled_quotas = ((NOVA_NETWORK_QUOTA_FIELDS | NEUTRON_QUOTA_FIELDS)
- disabled_quotas)
if not enabled_quotas:
return
# NOTE(amotoki): floatingip is Neutron quota and floating_ips is
# Nova quota. We need to check both.
if {'floatingip', 'floating_ips'} & enabled_quotas:
floating_ips = []
try:
if neutron.floating_ip_supported(request):
floating_ips = neutron.tenant_floating_ip_list(request)
except Exception:
pass
usages.tally('floating_ips', len(floating_ips))
if 'security_group' not in disabled_quotas:
security_groups = []
security_groups = neutron.security_group_list(request)
usages.tally('security_groups', len(security_groups))
if 'network' not in disabled_quotas:
networks = neutron.network_list(request, tenant_id=tenant_id)
usages.tally('networks', len(networks))
if 'subnet' not in disabled_quotas:
subnets = neutron.subnet_list(request, tenant_id=tenant_id)
usages.tally('subnets', len(subnets))
if 'router' not in disabled_quotas:
routers = neutron.router_list(request, tenant_id=tenant_id)
usages.tally('routers', len(routers))
def update(self, request, **kwargs):
self.choices = [('', _('Application default security group'))]
# TODO(pbourke): remove sorted when supported natively in Horizon
# (https://bugs.launchpad.net/horizon/+bug/1692972)
for secgroup in sorted(neutron.security_group_list(request),
key=lambda e: e.name_or_id):
if not secgroup.name_or_id.startswith('murano--'):
self.choices.append((secgroup.name_or_id, secgroup.name_or_id))
def _get_tenant_network_usages_legacy(request, usages, disabled_quotas,
tenant_id):
warnings.warn(
"The legacy way to retrieve neutron resource usage is deprecated "
"in Ussuri release. Horizon will depend on 'quota_details' "
"neutron extension added in Pike release in future.",
DeprecationWarning)
qs = base.QuotaSet()
_get_neutron_quota_data(request, qs, disabled_quotas, tenant_id)
for quota in qs:
usages.add_quota(quota)
resource_lister = {
'network': (neutron.network_list, {
'tenant_id': tenant_id
}),
'subnet': (neutron.subnet_list, {
'tenant_id': tenant_id
}),
'port': (neutron.port_list, {
'tenant_id': tenant_id
}),
'router': (neutron.router_list, {
'tenant_id': tenant_id
}),
'floatingip': (neutron.tenant_floating_ip_list, {}),
}
for quota_name, lister_info in resource_lister.items():
if quota_name not in disabled_quotas:
lister = lister_info[0]
kwargs = lister_info[1]
try:
resources = lister(request, **kwargs)
except Exception:
resources = []
usages.tally(quota_name, len(resources))
# Security groups have to be processed separately so that rules may be
# processed in the same api call and in a single pass
add_sg = 'security_group' not in disabled_quotas
add_sgr = 'security_group_rule' not in disabled_quotas
if add_sg or add_sgr:
try:
security_groups = neutron.security_group_list(request)
num_rules = sum(
len(group['security_group_rules'])
for group in security_groups)
except Exception:
security_groups = []
num_rules = 0
if add_sg:
usages.tally('security_group', len(security_groups))
if add_sgr:
usages.tally('security_group_rule', num_rules)
def update(self, request, **kwargs):
self.choices = [('', _('Application default security group'))]
# TODO(pbourke): remove sorted when supported natively in Horizon
# (https://bugs.launchpad.net/horizon/+bug/1692972)
for secgroup in sorted(
neutron.security_group_list(request),
key=lambda e: e.name_or_id):
if not secgroup.name_or_id.startswith('murano--'):
self.choices.append((secgroup.name_or_id, secgroup.name_or_id))
def _get_tenant_network_usages_legacy(request, usages, disabled_quotas,
tenant_id):
qs = base.QuotaSet()
_get_neutron_quota_data(request, qs, disabled_quotas, tenant_id)
for quota in qs:
usages.add_quota(quota)
resource_lister = {
'network': (neutron.network_list, {
'tenant_id': tenant_id
}),
'subnet': (neutron.subnet_list, {
'tenant_id': tenant_id
}),
'port': (neutron.port_list, {
'tenant_id': tenant_id
}),
'router': (neutron.router_list, {
'tenant_id': tenant_id
}),
'floatingip': (neutron.tenant_floating_ip_list, {}),
}
for quota_name, lister_info in resource_lister.items():
if quota_name not in disabled_quotas:
lister = lister_info[0]
kwargs = lister_info[1]
try:
resources = lister(request, **kwargs)
except Exception:
resources = []
usages.tally(quota_name, len(resources))
# Security groups have to be processed separately so that rules may be
# processed in the same api call and in a single pass
add_sg = 'security_group' not in disabled_quotas
add_sgr = 'security_group_rule' not in disabled_quotas
if add_sg or add_sgr:
try:
security_groups = neutron.security_group_list(request)
num_rules = sum(
len(group['security_group_rules'])
for group in security_groups)
except Exception:
security_groups = []
num_rules = 0
if add_sg:
usages.tally('security_group', len(security_groups))
if add_sgr:
usages.tally('security_group_rule', num_rules)
def __init__(self, *args, **kwargs):
try:
request = args[0]
template_string = ""
if "template_upload" in kwargs:
template_upload = kwargs.pop('template_upload')
super(ImportNodegroupTemplateDetailsForm, self).__init__(
*args, **kwargs)
template_string = template_upload.read()
self.fields["template"].initial = template_string
else:
super(ImportNodegroupTemplateDetailsForm, self).__init__(
*args, **kwargs)
template_string = self.data["template"]
template_json = json.loads(template_string)
template_json = template_json["node_group_template"]
security_group_list = neutron.security_group_list(request)
security_group_choices = \
[(sg.id, sg.name) for sg in security_group_list]
self.fields["security_groups"].choices = security_group_choices
pools = neutron.floating_ip_pools_list(request)
pool_choices = [(pool.id, pool.name) for pool in pools]
pool_choices.insert(0, (None, "Do not assign floating IPs"))
self.fields["floating_ip_pool"].choices = pool_choices
flavors = nova_utils.flavor_list(request)
if flavors:
self.fields["flavor"].choices = nova_utils.sort_flavor_list(
request, flavors)
else:
self.fields["flavor"].choices = []
version = (template_json.get("hadoop_version", None) or
template_json["plugin_version"])
self.fields["image_id"].choices = \
self._populate_image_choices(request,
template_json["plugin_name"],
version)
except (ValueError, KeyError):
raise exceptions.BadRequest(_("Could not parse template"))
except Exception:
exceptions.handle(request)
def __init__(self, *args, **kwargs):
try:
request = args[0]
template_string = ""
if "template_upload" in kwargs:
template_upload = kwargs.pop('template_upload')
super(ImportNodegroupTemplateDetailsForm,
self).__init__(*args, **kwargs)
template_string = template_upload.read()
self.fields["template"].initial = template_string
else:
super(ImportNodegroupTemplateDetailsForm,
self).__init__(*args, **kwargs)
template_string = self.data["template"]
template_json = json.loads(template_string)
template_json = template_json["node_group_template"]
security_group_list = neutron.security_group_list(request)
security_group_choices = \
[(sg.id, sg.name) for sg in security_group_list]
self.fields["security_groups"].choices = security_group_choices
pools = neutron.floating_ip_pools_list(request)
pool_choices = [(pool.id, pool.name) for pool in pools]
pool_choices.insert(0, (None, "Do not assign floating IPs"))
self.fields["floating_ip_pool"].choices = pool_choices
flavors = nova_utils.flavor_list(request)
if flavors:
self.fields["flavor"].choices = nova_utils.sort_flavor_list(
request, flavors)
else:
self.fields["flavor"].choices = []
version = (template_json.get("hadoop_version", None)
or template_json["plugin_version"])
self.fields["image_id"].choices = \
self._populate_image_choices(request,
template_json["plugin_name"],
version)
except (ValueError, KeyError):
raise exceptions.BadRequest(_("Could not parse template"))
except Exception:
exceptions.handle(request)
def __init__(self, request, *args, **kwargs):
super(SecurityConfigAction, self).__init__(request, *args, **kwargs)
self.fields["security_autogroup"] = forms.BooleanField(
label=_("Auto Security Group"),
widget=forms.CheckboxInput(),
help_text=_("Create security group for this Node Group."),
required=False,
initial=True)
try:
groups = neutron.security_group_list(request)
except Exception:
exceptions.handle(request, _("Unable to get security group list."))
raise
security_group_list = [(sg.id, sg.name) for sg in groups]
self.fields["security_groups"] = forms.MultipleChoiceField(
label=_("Security Groups"),
widget=forms.CheckboxSelectMultiple(),
help_text=_("Launch instances in these security groups."),
choices=security_group_list,
required=False)
def __init__(self, request, *args, **kwargs):
super(SecurityConfigAction, self).__init__(request, *args, **kwargs)
self.fields["security_autogroup"] = forms.BooleanField(
label=_("Auto Security Group"),
widget=forms.CheckboxInput(),
help_text=_("Create security group for this Node Group."),
required=False,
initial=True)
try:
groups = neutron.security_group_list(request)
except Exception:
exceptions.handle(request,
_("Unable to get security group list."))
raise
security_group_list = [(sg.id, sg.name) for sg in groups]
self.fields["security_groups"] = forms.MultipleChoiceField(
label=_("Security Groups"),
widget=forms.CheckboxSelectMultiple(),
help_text=_("Launch instances in these security groups."),
choices=security_group_list,
required=False)
def setup_new_project(request, project_id, project_name, data):
unit_id = data.get('unit', None)
cloud_table = getattr(settings, 'UNIT_TABLE', {})
if not unit_id or not unit_id in cloud_table:
return
unit_data = cloud_table[unit_id]
prj_cname = re.sub(r'\s+', "-", project_name)
flow_step = 0
try:
cinder_params = dict()
for pkey, pvalue in unit_data.items():
if pkey == 'quota_total':
cinder_params['gigabytes'] = pvalue
elif pkey == 'quota_per_volume':
cinder_params['per_volume_gigabytes'] = pvalue
elif pkey.startswith('quota_'):
cinder_params['gigabytes_' + pkey[6:]] = pvalue
if len(cinder_params):
cinder_api.tenant_quota_update(request, project_id, **cinder_params)
except:
LOG.error("Cannot setup project quota", exc_info=True)
messages.error(request, _("Cannot setup project quota"))
try:
hyper_list = unit_data.get('hypervisors', [])
if len(hyper_list):
agg_prj_cname = "%s-%s" % (unit_data.get('aggregate_prefix', unit_id), prj_cname)
avail_zone = unit_data.get('availability_zone', 'nova')
new_aggr = nova_api.aggregate_create(request, agg_prj_cname, avail_zone)
flow_step += 1
for h_item in hyper_list:
nova_api.add_host_to_aggregate(request, new_aggr.id, h_item)
flow_step += 1
all_md = { 'filter_tenant_id' : project_id }
all_md.update(unit_data.get('metadata', {}))
nova_api.aggregate_set_metadata(request, new_aggr.id, all_md)
flow_step = 0
except:
if flow_step == 0:
err_msg = _("Cannot create host aggregate")
elif flow_step == 1:
err_msg = _("Cannot insert hypervisor in aggregate")
else:
err_msg = _("Cannot set metadata for aggregate")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
subnet_cidr = data['%s-net' % unit_id]
prj_lan_name = "%s-lan" % prj_cname
prj_net = neutron_api.network_create(request, tenant_id=project_id, name=prj_lan_name)
flow_step += 1
net_args = {
'cidr' : subnet_cidr,
'ip_version' : 4,
'dns_nameservers' : unit_data.get('nameservers', []),
'enable_dhcp' : True,
'tenant_id' : project_id,
'name' : "sub-%s-lan" % prj_cname
}
prj_sub = neutron_api.subnet_create(request, prj_net['id'], **net_args)
flow_step += 1
if 'lan_router' in unit_data:
neutron_api.router_add_interface(request, unit_data['lan_router'],
subnet_id=prj_sub['id'])
flow_step = 0
except:
if flow_step == 0:
err_msg = _("Cannot create network")
elif flow_step == 1:
err_msg = _("Cannot create sub-network")
else:
err_msg = _("Cannot add interface to router")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
subnet_cidr = data['%s-net' % unit_id]
def_sec_group = None
for sg_item in neutron_api.security_group_list(request, tenant_id=project_id):
if sg_item['name'].lower() == 'default':
def_sec_group = sg_item['id']
LOG.info("Found default security group %s" % def_sec_group)
break
flow_step += 1
sg_client = neutron_api.SecurityGroupManager(request).client
if not def_sec_group:
sg_params = {
'name': 'default',
'description': 'Default Security Group for ' + project_name,
'tenant_id': project_id
}
secgroup = sg_client.create_security_group({ 'security_group' : sg_params })
def_sec_group = SecurityGroup(secgroup.get('security_group'))
flow_step += 1
#
# Workaround: the tenant_id cannot be specified through high level API
#
port22_params = {
'security_group_id': def_sec_group,
'direction': 'ingress',
'ethertype': 'IPv4',
'protocol': 'tcp',
'port_range_min': 22,
'port_range_max': 22,
'remote_ip_prefix': subnet_cidr,
'tenant_id' : project_id
}
icmp_params = {
'security_group_id': def_sec_group,
'direction': 'ingress',
'ethertype': 'IPv4',
'protocol': 'icmp',
'remote_ip_prefix': subnet_cidr,
'tenant_id' : project_id
}
sg_client.create_security_group_rule({'security_group_rule': port22_params})
sg_client.create_security_group_rule({'security_group_rule': icmp_params})
except:
if flow_step == 0:
err_msg = _("Cannot retrieve default security group")
elif flow_step == 1:
err_msg = _("Cannot create default security group")
else:
err_msg = _("Cannot insert basic rules")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
new_tags = list()
new_tags.append(ORG_TAG_FMT % unit_data.get('organization', 'other'))
if '%s-ou' % unit_id in data:
new_tags.append(OU_TAG_FMT % data['%s-ou' % unit_id])
kclient = keystone_api.keystoneclient(request)
kclient.projects.update_tags(project_id, new_tags)
except:
LOG.error("Cannot add organization tags", exc_info=True)
messages.error(request, _("Cannot add organization tags"))
def setup_new_project(request, project_id, project_name, data):
try:
acct_table = getattr(settings, 'ACCOUNTING', None)
if acct_table:
uid = acct_table.get('user_id', None)
roleid = acct_table.get('role_id', None)
if uid and roleid:
keystone_api.add_tenant_user_role(request, project_id, uid, roleid)
except:
LOG.error("Cannot add user for accounting", exc_info=True)
messages.error(request, _("Cannot add user for accounting"))
unit_id = data.get('unit', None)
cloud_table = get_unit_table()
if not unit_id or not unit_id in cloud_table:
return
unit_data = cloud_table[unit_id]
prj_cname = re.sub(r'\s+', "-", project_name)
flow_step = 0
try:
cinder_params = dict()
for pkey, pvalue in unit_data.items():
if pkey == 'quota_total':
cinder_params['gigabytes'] = pvalue
elif pkey == 'quota_per_volume':
cinder_params['per_volume_gigabytes'] = pvalue
elif pkey.startswith('quota_'):
cinder_params['gigabytes_' + pkey[6:]] = pvalue
if len(cinder_params):
cinder_api.tenant_quota_update(request, project_id, **cinder_params)
except:
LOG.error("Cannot setup project quota", exc_info=True)
messages.error(request, _("Cannot setup project quota"))
try:
hyper_list = unit_data.get('hypervisors', [])
if len(hyper_list):
agg_prj_cname = "%s-%s" % (unit_data.get('aggregate_prefix', unit_id), prj_cname)
avail_zone = unit_data.get('availability_zone', 'nova')
new_aggr = nova_api.aggregate_create(request, agg_prj_cname, avail_zone)
flow_step += 1
for h_item in hyper_list:
nova_api.add_host_to_aggregate(request, new_aggr.id, h_item)
flow_step += 1
all_md = { 'filter_tenant_id' : project_id }
all_md.update(unit_data.get('metadata', {}))
nova_api.aggregate_set_metadata(request, new_aggr.id, all_md)
flow_step = 0
except:
if flow_step == 0:
err_msg = _("Cannot create host aggregate")
elif flow_step == 1:
err_msg = _("Cannot insert hypervisor in aggregate")
else:
err_msg = _("Cannot set metadata for aggregate")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
subnet_cidr = data['%s-net' % unit_id]
prj_lan_name = "%s-lan" % prj_cname
prj_net = neutron_api.network_create(request, tenant_id=project_id, name=prj_lan_name)
flow_step += 1
net_args = {
'cidr' : subnet_cidr,
'ip_version' : 4,
'dns_nameservers' : unit_data.get('nameservers', []),
'enable_dhcp' : True,
'tenant_id' : project_id,
'name' : "sub-%s-lan" % prj_cname
}
prj_sub = neutron_api.subnet_create(request, prj_net['id'], **net_args)
flow_step += 1
if 'lan_router' in unit_data:
f_ips = [{
"ip_address" : subnet_cidr.replace('0/24', '1'),
"subnet_id" : prj_sub['id']
}]
r_port = neutron_api.port_create(request, prj_net['id'],
tenant_id=project_id,
project_id=project_id,
fixed_ips=f_ips)
neutron_api.router_add_interface(request, unit_data['lan_router'],
port_id=r_port['id'])
flow_step = 0
except:
if flow_step == 0:
err_msg = _("Cannot create network")
elif flow_step == 1:
err_msg = _("Cannot create sub-network")
else:
err_msg = _("Cannot add interface to router")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
subnet_cidr = data['%s-net' % unit_id]
def_sec_group = None
for sg_item in neutron_api.security_group_list(request, tenant_id=project_id):
if sg_item['name'].lower() == 'default':
def_sec_group = sg_item['id']
LOG.info("Found default security group %s" % def_sec_group)
break
flow_step += 1
sg_client = neutron_api.SecurityGroupManager(request).client
if not def_sec_group:
sg_params = {
'name': 'default',
'description': 'Default Security Group for ' + project_name,
'tenant_id': project_id
}
secgroup = sg_client.create_security_group({ 'security_group' : sg_params })
def_sec_group = SecurityGroup(secgroup.get('security_group'))
flow_step += 1
#
# Workaround: the tenant_id cannot be specified through high level API
#
port22_params = {
'security_group_id': def_sec_group,
'direction': 'ingress',
'ethertype': 'IPv4',
'protocol': 'tcp',
'port_range_min': 22,
'port_range_max': 22,
'remote_ip_prefix': "0.0.0.0/0",
'tenant_id' : project_id
}
icmp_params = {
'security_group_id': def_sec_group,
'direction': 'ingress',
'ethertype': 'IPv4',
'protocol': 'icmp',
'remote_ip_prefix': "0.0.0.0/0",
'tenant_id' : project_id
}
sg_client.create_security_group_rule({'security_group_rule': port22_params})
sg_client.create_security_group_rule({'security_group_rule': icmp_params})
except:
if flow_step == 0:
err_msg = _("Cannot retrieve default security group")
elif flow_step == 1:
err_msg = _("Cannot create default security group")
else:
err_msg = _("Cannot insert basic rules")
LOG.error(err_msg, exc_info=True)
messages.error(request, err_msg)
try:
new_tags = list()
new_tags.append(ORG_TAG_FMT % unit_data.get('organization', 'other'))
for ou_id in data.get('%s-ou' % unit_id, []):
if ou_id.strip():
new_tags.append(OU_TAG_FMT % ou_id.strip())
kclient = keystone_api.keystoneclient(request)
kclient.projects.update_tags(project_id, new_tags)
except:
LOG.error("Cannot add organization tags", exc_info=True)
messages.error(request, _("Cannot add organization tags"))
