def _get_schema(self):
error, strm = Stream.open_block(Stream.open(self._db_sock))
if error:
raise Exception("Unable to connect to %s" % self._db_sock)
rpc = jsonrpc.Connection(strm)
req = jsonrpc.Message.create_request('get_schema', ['Open_vSwitch'])
error, resp = rpc.transact_block(req)
rpc.close()
if error or resp.error:
raise Exception('Unable to retrieve schema.')
return idl.SchemaHelper(None, resp.result)
def _check_and_set_ssl_files(self, schema_name):
priv_key_file = CONF.ovn_sb_private_key
cert_file = CONF.ovn_sb_certificate
ca_cert_file = CONF.ovn_sb_ca_cert
if priv_key_file:
Stream.ssl_set_private_key_file(priv_key_file)
if cert_file:
Stream.ssl_set_certificate_file(cert_file)
if ca_cert_file:
Stream.ssl_set_ca_cert_file(ca_cert_file)
def _check_and_set_ssl_files(schema_name):
if schema_name == 'OVN_Southbound':
priv_key_file = ovn_conf.get_ovn_sb_private_key()
cert_file = ovn_conf.get_ovn_sb_certificate()
ca_cert_file = ovn_conf.get_ovn_sb_ca_cert()
else:
priv_key_file = ovn_conf.get_ovn_nb_private_key()
cert_file = ovn_conf.get_ovn_nb_certificate()
ca_cert_file = ovn_conf.get_ovn_nb_ca_cert()
if priv_key_file:
Stream.ssl_set_private_key_file(priv_key_file)
if cert_file:
Stream.ssl_set_certificate_file(cert_file)
if ca_cert_file:
Stream.ssl_set_ca_cert_file(ca_cert_file)
def configure_ssl_conn():
"""
Configures required settings for an SSL based OVSDB client connection
:return: None
"""
req_ssl_opts = {'ssl_key_file': cfg.CONF.OVS.ssl_key_file,
'ssl_cert_file': cfg.CONF.OVS.ssl_cert_file,
'ssl_ca_cert_file': cfg.CONF.OVS.ssl_ca_cert_file}
for ssl_opt, ssl_file in req_ssl_opts.items():
if not ssl_file:
raise ovsdb_exc.OvsdbSslRequiredOptError(ssl_opt=ssl_opt)
elif not os.path.exists(ssl_file):
raise ovsdb_exc.OvsdbSslConfigNotFound(ssl_file=ssl_file)
# TODO(ihrachys): move to ovsdbapp
Stream.ssl_set_private_key_file(req_ssl_opts['ssl_key_file'])
Stream.ssl_set_certificate_file(req_ssl_opts['ssl_cert_file'])
Stream.ssl_set_ca_cert_file(req_ssl_opts['ssl_ca_cert_file'])
def get_connection(db_class, trigger=None, leader_info=None):
# The trigger is the start() method of the NeutronWorker class
if trigger and trigger.im_class == ovsdb_monitor.OvnWorker:
cls = ovsdb_monitor.OvnConnection
else:
cls = connection.Connection
Stream.ssl_set_private_key_file(cfg.get_ovn_ovsdb_private_key_file())
Stream.ssl_set_certificate_file(cfg.get_ovn_ovsdb_certificate_file())
Stream.ssl_set_ca_cert_file(cfg.get_ovn_ovsdb_ca_cert_file())
if db_class == OvsdbNbOvnIdl:
if leader_info is None:
leader_info = cfg.get_ovn_nb_connection()
return cls(leader_info, cfg.get_ovn_ovsdb_timeout(), 'OVN_Northbound')
elif db_class == OvsdbSbOvnIdl:
return cls(cfg.get_ovn_sb_connection(), cfg.get_ovn_ovsdb_timeout(),
'OVN_Southbound')