def create(self, context, listener, certificate=None):
default_pool = None
lb_id = listener.loadbalancer_id
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
edge_id = lb_binding['edge_id']
if listener.default_pool and listener.default_pool.id:
pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding(
context.session, lb_id, listener.default_pool.id)
if pool_binding:
default_pool = pool_binding['edge_pool_id']
edge_cert_id = None
if certificate:
try:
edge_cert_id = self._upload_certificate(
context, edge_id, listener.default_tls_container_id,
certificate)
except Exception:
with excutils.save_and_reraise_exception():
self.lbv2_driver.listener.failed_completion(context,
listener)
app_profile = listener_to_edge_app_profile(listener, edge_cert_id)
app_profile_id = None
try:
with locking.LockManager.get_lock(edge_id):
h = (self.vcns.create_app_profile(edge_id, app_profile))[0]
app_profile_id = lb_common.extract_resource_id(h['location'])
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.listener.failed_completion(context, listener)
LOG.error('Failed to create app profile on edge: %s',
lb_binding['edge_id'])
vse = listener_to_edge_vse(context, listener,
lb_binding['vip_address'],
default_pool,
app_profile_id)
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_vip(edge_id, vse)[0]
edge_vse_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_listener_binding(context.session,
lb_id,
listener.id,
app_profile_id,
edge_vse_id)
self.lbv2_driver.listener.successful_completion(context, listener)
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.listener.failed_completion(context, listener)
LOG.error('Failed to create vip on Edge: %s', edge_id)
self.vcns.delete_app_profile(edge_id, app_profile_id)
def create(self, context, listener, certificate=None):
default_pool = None
lb_id = listener.loadbalancer_id
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
edge_id = lb_binding['edge_id']
if listener.default_pool and listener.default_pool.id:
pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding(
context.session, lb_id, listener.id, listener.default_pool.id)
if pool_binding:
default_pool = pool_binding['edge_pool_id']
edge_cert_id = None
if certificate:
try:
edge_cert_id = self._upload_certificate(
context, edge_id, listener.default_tls_container_id,
certificate)
except Exception:
with excutils.save_and_reraise_exception():
self.lbv2_driver.listener.failed_completion(context,
listener)
app_profile = listener_to_edge_app_profile(listener, edge_cert_id)
app_profile_id = None
try:
with locking.LockManager.get_lock(edge_id):
h = (self.vcns.create_app_profile(edge_id, app_profile))[0]
app_profile_id = lb_common.extract_resource_id(h['location'])
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.listener.failed_completion(context, listener)
LOG.error(_LE('Failed to create app profile on edge: %s'),
lb_binding['edge_id'])
vse = listener_to_edge_vse(listener, lb_binding['vip_address'],
default_pool,
app_profile_id)
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_vip(edge_id, vse)[0]
edge_vse_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_listener_binding(context.session,
lb_id,
listener.id,
app_profile_id,
edge_vse_id)
self.lbv2_driver.listener.successful_completion(context, listener)
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.listener.failed_completion(context, listener)
LOG.error(_LE('Failed to create vip on Edge: %s'), edge_id)
self.vcns.delete_app_profile(edge_id, app_profile_id)
def _create_ssl_cert(self, edge_id=None):
# Create a self signed certificate in the backend if both Cert details
# and private key are not supplied in nsx.ini
if (not cfg.CONF.nsxv.metadata_nova_client_cert and
not cfg.CONF.nsxv.metadata_nova_client_priv_key):
h = self.nsxv_plugin.nsx_v.vcns.create_csr(edge_id)[0]
# Extract the CSR ID from header
csr_id = lbaas_common.extract_resource_id(h['location'])
# Create a self signed certificate
cert = self.nsxv_plugin.nsx_v.vcns.create_csr_cert(csr_id)[1]
cert_id = cert['objectId']
else:
# Raise an error if either the Cert path or the private key is not
# configured
error = None
if not cfg.CONF.nsxv.metadata_nova_client_cert:
error = _('Metadata certificate path not configured')
elif not cfg.CONF.nsxv.metadata_nova_client_priv_key:
error = _('Metadata client private key not configured')
if error:
raise nsxv_exc.NsxPluginException(err_msg=error)
pem_encoding = utils.read_file(
cfg.CONF.nsxv.metadata_nova_client_cert)
priv_key = utils.read_file(
cfg.CONF.nsxv.metadata_nova_client_priv_key)
request = {
'pemEncoding': pem_encoding,
'privateKey': priv_key}
cert = self.nsxv_plugin.nsx_v.vcns.upload_edge_certificate(
edge_id, request)[1]
cert_id = cert.get('certificates')[0]['objectId']
return cert_id
def create_pool(self, context, pool):
LOG.debug('Creating pool %s', pool)
edge_id = lb_common.get_lbaas_edge_id_for_subnet(
context, self.callbacks.plugin, pool['subnet_id'],
pool['tenant_id'])
if edge_id is None:
self.lbv1_driver.pool_failed(context, pool)
msg = _(
'No suitable Edge found for subnet %s') % pool['subnet_id']
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
# If Edge appliance is used for the 1st time for LB,
# enable LB acceleration
if not self.is_edge_in_use(context,
edge_id):
lb_common.enable_edge_acceleration(self.vcns, edge_id)
edge_pool = convert_lbaas_pool(pool)
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_pool(edge_id, edge_pool)[0]
edge_pool_id = lb_common.extract_resource_id(h['location'])
self.lbv1_driver.create_pool_successful(
context, pool, edge_id, edge_pool_id)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv1_driver.pool_failed(context, pool)
LOG.error(_LE('Failed to create pool %s'), pool['id'])
def create(self, context, hm):
lb_id = hm.pool.loadbalancer_id
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
edge_id = lb_binding['edge_id']
pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding(
context.session, lb_id, hm.pool.id)
if not pool_binding:
self.lbv2_driver.health_monitor.failed_completion(context, hm)
msg = _('Failed to create health monitor on edge: %s. '
'Binding not found') % edge_id
LOG.error(msg)
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_pool_id = pool_binding['edge_pool_id']
hm_binding = nsxv_db.get_nsxv_lbaas_monitor_binding(
context.session, lb_id, hm.pool.id, hm.id, edge_id)
edge_mon_id = None
if hm_binding:
edge_mon_id = hm_binding['edge_mon_id']
else:
edge_monitor = self._convert_lbaas_monitor(hm)
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_health_monitor(edge_id,
edge_monitor)[0]
edge_mon_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_monitor_binding(context.session, lb_id,
hm.pool.id, hm.id,
edge_id, edge_mon_id)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.health_monitor.failed_completion(
context, hm)
LOG.error('Failed to create health monitor on edge: %s',
edge_id)
try:
# Associate monitor with Edge pool
with locking.LockManager.get_lock(edge_id):
edge_pool = self.vcns.get_pool(edge_id, edge_pool_id)[1]
if edge_pool.get('monitorId'):
edge_pool['monitorId'].append(edge_mon_id)
else:
edge_pool['monitorId'] = [edge_mon_id]
self.vcns.update_pool(edge_id, edge_pool_id, edge_pool)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.health_monitor.failed_completion(context, hm)
LOG.error('Failed to create health monitor on edge: %s',
edge_id)
self.lbv2_driver.health_monitor.successful_completion(context, hm)
def _create_ssl_cert(self, edge_id=None):
# Create a self signed certificate in the backend if both Cert details
# and private key are not supplied in nsx.ini
if (not cfg.CONF.nsxv.metadata_nova_client_cert and
not cfg.CONF.nsxv.metadata_nova_client_priv_key):
h = self.nsxv_plugin.nsx_v.vcns.create_csr(edge_id)[0]
# Extract the CSR ID from header
csr_id = lbaas_common.extract_resource_id(h['location'])
# Create a self signed certificate
cert = self.nsxv_plugin.nsx_v.vcns.create_csr_cert(csr_id)[1]
cert_id = cert['objectId']
else:
# Raise an error if either the Cert path or the private key is not
# configured
error = None
if not cfg.CONF.nsxv.metadata_nova_client_cert:
error = _('Metadata certificate path not configured')
elif not cfg.CONF.nsxv.metadata_nova_client_priv_key:
error = _('Metadata client private key not configured')
if error:
raise nsxv_exc.NsxPluginException(err_msg=error)
pem_encoding = utils.read_file(
cfg.CONF.nsxv.metadata_nova_client_cert)
priv_key = utils.read_file(
cfg.CONF.nsxv.metadata_nova_client_priv_key)
request = {
'pemEncoding': pem_encoding,
'privateKey': priv_key}
cert = self.nsxv_plugin.nsx_v.vcns.upload_edge_certificate(
edge_id, request)[1]
cert_id = cert.get('certificates')[0]['objectId']
return cert_id
def create_pool(self, context, pool):
LOG.debug('Creating pool %s', pool)
edge_id = lb_common.get_lbaas_edge_id_for_subnet(
context, self.callbacks.plugin, pool['subnet_id'],
pool['tenant_id'])
if edge_id is None:
self.lbv1_driver.pool_failed(context, pool)
msg = _('No suitable Edge found for subnet %s') % pool['subnet_id']
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
# If Edge appliance is used for the 1st time for LB,
# enable LB acceleration
if not self.is_edge_in_use(context, edge_id):
lb_common.enable_edge_acceleration(self.vcns, edge_id)
edge_pool = convert_lbaas_pool(pool)
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_pool(edge_id, edge_pool)[0]
edge_pool_id = lb_common.extract_resource_id(h['location'])
self.lbv1_driver.create_pool_successful(context, pool, edge_id,
edge_pool_id)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv1_driver.pool_failed(context, pool)
LOG.error(_LE('Failed to create pool %s'), pool['id'])
def create(self, context, hm, completor):
lb_id = hm['pool']['loadbalancer_id']
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
edge_id = lb_binding['edge_id']
pool_id = hm['pool']['id']
pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding(
context.session, lb_id, pool_id)
if not pool_binding:
completor(success=False)
msg = _('Failed to create health monitor on edge: %s. '
'Binding not found') % edge_id
LOG.error(msg)
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_pool_id = pool_binding['edge_pool_id']
hm_binding = nsxv_db.get_nsxv_lbaas_monitor_binding(
context.session, lb_id, pool_id, hm['id'], edge_id)
edge_mon_id = None
if hm_binding:
edge_mon_id = hm_binding['edge_mon_id']
else:
edge_monitor = self._convert_lbaas_monitor(hm)
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_health_monitor(edge_id,
edge_monitor)[0]
edge_mon_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_monitor_binding(
context.session, lb_id, pool_id, hm['id'], edge_id,
edge_mon_id)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
completor(success=False)
LOG.error('Failed to create health monitor on edge: %s',
edge_id)
try:
# Associate monitor with Edge pool
with locking.LockManager.get_lock(edge_id):
edge_pool = self.vcns.get_pool(edge_id, edge_pool_id)[1]
if edge_pool.get('monitorId'):
edge_pool['monitorId'].append(edge_mon_id)
else:
edge_pool['monitorId'] = [edge_mon_id]
self.vcns.update_pool(edge_id, edge_pool_id, edge_pool)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
completor(success=False)
LOG.error('Failed to create health monitor on edge: %s',
edge_id)
completor(success=True)
def create(self, context, pol, completor):
# find out the edge to be updated, by the listener of this policy
listener = pol['listener']
lb_id = listener['loadbalancer_id']
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
if not lb_binding:
msg = _('No suitable Edge found for listener %s') % listener['id']
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
if (listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS or
listener['protocol'] == lb_const.LB_PROTOCOL_TERMINATED_HTTPS):
msg = _(
'L7 policy is not supported for %(prot)s listener %(ls)s') % {
'prot': listener['protocol'],
'ls': pol['listener_id']
}
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_id = lb_binding['edge_id']
app_rule = policy_to_application_rule(pol)
app_rule_id = None
try:
with locking.LockManager.get_lock(edge_id):
# create the backend application rule for this policy
h = (self.vcns.create_app_rule(edge_id, app_rule))[0]
app_rule_id = lb_common.extract_resource_id(h['location'])
# add the nsx application rule (neutron policy) to the nsx
# virtual server (neutron listener)
vse_id = self._get_vse_id(context, pol)
if vse_id:
self._add_app_rule_to_virtual_server(
edge_id, vse_id, app_rule_id, pol['position'])
except Exception as e:
with excutils.save_and_reraise_exception():
completor(success=False)
LOG.error(
'Failed to create L7policy on edge %(edge)s: '
'%(err)s', {
'edge': edge_id,
'err': e
})
if app_rule_id:
# Failed to add the rule to the vip: delete the rule
# from the backend.
try:
self.vcns.delete_app_rule(edge_id, app_rule_id)
except Exception:
pass
# save the nsx application rule id in the DB
nsxv_db.add_nsxv_lbaas_l7policy_binding(context.session, pol['id'],
edge_id, app_rule_id)
# complete the transaction
completor(success=True)
def create_vip(self, context, vip, pool_mapping):
LOG.debug('Create VIP %s', vip)
app_profile = convert_lbaas_app_profile(
vip['id'], vip.get('session_persistence', {}),
vip.get('protocol'))
if not pool_mapping:
msg = _('Pool %s in not mapped to any Edge appliance') % (
vip['pool_id'])
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_id = pool_mapping['edge_id']
try:
with locking.LockManager.get_lock(edge_id):
h = (self.vcns.create_app_profile(edge_id, app_profile))[0]
app_profile_id = lb_common.extract_resource_id(h['location'])
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv1_driver.vip_failed(context, vip)
LOG.error(_LE('Failed to create app profile on edge: %s'),
edge_id)
edge_vip = convert_lbaas_vip(vip, app_profile_id, pool_mapping)
try:
lb_common.add_vip_as_secondary_ip(self.vcns, edge_id,
vip['address'])
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_vip(edge_id, edge_vip)[0]
edge_vip_id = lb_common.extract_resource_id(h['location'])
edge_fw_rule_id = lb_common.add_vip_fw_rule(self.vcns,
edge_id, vip['id'],
vip['address'])
self.lbv1_driver.create_vip_successful(
context, vip, edge_id, app_profile_id, edge_vip_id,
edge_fw_rule_id)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv1_driver.vip_failed(context, vip)
LOG.error(_LE('Failed to create vip on Edge: %s'), edge_id)
with locking.LockManager.get_lock(edge_id):
self.vcns.delete_app_profile(edge_id, app_profile_id)
def create(self, context, hm):
listener = hm.pool.listener
lb_id = listener.loadbalancer_id
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
pool_binding = nsxv_db.get_nsxv_lbaas_pool_binding(
context.session, lb_id, listener.id, hm.pool.id)
edge_id = lb_binding['edge_id']
edge_pool_id = pool_binding['edge_pool_id']
hm_binding = nsxv_db.get_nsxv_lbaas_monitor_binding(
context.session, lb_id, listener.id, hm.pool.id, hm.id, edge_id)
edge_mon_id = None
if hm_binding:
edge_mon_id = hm_binding['edge_mon_id']
else:
edge_monitor = self._convert_lbaas_monitor(hm)
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_health_monitor(edge_id,
edge_monitor)[0]
edge_mon_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_monitor_binding(
context.session, lb_id, listener.id, hm.pool.id, hm.id,
edge_id, edge_mon_id)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.health_monitor.failed_completion(
context, hm)
LOG.error(_LE('Failed to create health monitor on edge: %s'
), edge_id)
try:
# Associate monitor with Edge pool
with locking.LockManager.get_lock(edge_id):
edge_pool = self.vcns.get_pool(edge_id, edge_pool_id)[1]
if edge_pool.get('monitorId'):
edge_pool['monitorId'].append(edge_mon_id)
else:
edge_pool['monitorId'] = [edge_mon_id]
self.vcns.update_pool(edge_id, edge_pool_id, edge_pool)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.health_monitor.failed_completion(context, hm)
LOG.error(
_LE('Failed to create health monitor on edge: %s'),
edge_id)
self.lbv2_driver.health_monitor.successful_completion(context, hm)
def create_vip(self, context, vip, pool_mapping):
LOG.debug('Create VIP %s', vip)
app_profile = convert_lbaas_app_profile(
vip['id'], vip.get('session_persistence', {}), vip.get('protocol'))
if not pool_mapping:
msg = _('Pool %s in not mapped to any Edge appliance') % (
vip['pool_id'])
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_id = pool_mapping['edge_id']
try:
with locking.LockManager.get_lock(edge_id):
h = (self.vcns.create_app_profile(edge_id, app_profile))[0]
app_profile_id = lb_common.extract_resource_id(h['location'])
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv1_driver.vip_failed(context, vip)
LOG.error(_LE('Failed to create app profile on edge: %s'),
edge_id)
edge_vip = convert_lbaas_vip(vip, app_profile_id, pool_mapping)
try:
lb_common.add_vip_as_secondary_ip(self.vcns, edge_id,
vip['address'])
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_vip(edge_id, edge_vip)[0]
edge_vip_id = lb_common.extract_resource_id(h['location'])
edge_fw_rule_id = lb_common.add_vip_fw_rule(
self.vcns, edge_id, vip['id'], vip['address'])
self.lbv1_driver.create_vip_successful(context, vip, edge_id,
app_profile_id, edge_vip_id,
edge_fw_rule_id)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv1_driver.vip_failed(context, vip)
LOG.error(_LE('Failed to create vip on Edge: %s'), edge_id)
with locking.LockManager.get_lock(edge_id):
self.vcns.delete_app_profile(edge_id, app_profile_id)
def create_pool_health_monitor(self, context, health_monitor, pool_id,
pool_mapping, mon_mappings):
LOG.debug('Create HM %s', health_monitor)
edge_mon_id = None
with locking.LockManager.get_lock(pool_mapping['edge_id']):
# 1st, we find if we already have a pool with the same monitor, on
# the same Edge appliance.
# If there is no pool on this Edge which is already associated with
# this monitor, create this monitor on Edge
if mon_mappings:
edge_mon_id = mon_mappings['edge_monitor_id']
else:
edge_monitor = convert_lbaas_monitor(health_monitor)
try:
h = self.vcns.create_health_monitor(
pool_mapping['edge_id'], edge_monitor)[0]
edge_mon_id = lb_common.extract_resource_id(h['location'])
except nsxv_exc.VcnsApiException:
self.lbv1_driver.pool_health_monitor_failed(context,
health_monitor,
pool_id)
with excutils.save_and_reraise_exception():
LOG.error(
_LE('Failed to associate monitor on edge: %s'),
pool_mapping['edge_id'])
try:
# Associate monitor with Edge pool
edge_pool = self.vcns.get_pool(pool_mapping['edge_id'],
pool_mapping['edge_pool_id'])[1]
if edge_pool['monitorId']:
edge_pool['monitorId'].append(edge_mon_id)
else:
edge_pool['monitorId'] = [edge_mon_id]
self.vcns.update_pool(pool_mapping['edge_id'],
pool_mapping['edge_pool_id'],
edge_pool)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv1_driver.pool_health_monitor_failed(context,
health_monitor,
pool_id)
LOG.error(
_LE('Failed to associate monitor on edge: %s'),
pool_mapping['edge_id'])
self.lbv1_driver.create_pool_health_monitor_successful(
context, health_monitor, pool_id, pool_mapping['edge_id'],
edge_mon_id)
def create(self, context, pool, completor):
pool_id = pool['id']
edge_pool = {
'name': 'pool_' + pool_id,
'description': pool.get('description', pool.get('name')),
'algorithm': lb_const.BALANCE_MAP.get(pool['lb_algorithm'],
'round-robin'),
'transparent': False
}
lb_id = pool['loadbalancer_id']
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
if not lb_binding:
msg = _(
'No suitable Edge found for pool %s') % pool_id
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_id = lb_binding['edge_id']
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_pool(edge_id, edge_pool)[0]
edge_pool_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_pool_binding(context.session, lb_id,
pool_id,
edge_pool_id)
if pool['listener']:
listener_binding = nsxv_db.get_nsxv_lbaas_listener_binding(
context.session, lb_id, pool['listener']['id'])
# Associate listener with pool
vse = listener_mgr.listener_to_edge_vse(
context,
pool['listener'],
lb_binding['vip_address'],
edge_pool_id,
listener_binding['app_profile_id'])
with locking.LockManager.get_lock(edge_id):
self.vcns.update_vip(edge_id, listener_binding['vse_id'],
vse)
# This action also set this pool as the default pool of the
# listener, so the application profile may need to be updated
if pool['session_persistence']:
listener_mgr.update_app_profile(
self.vcns, context, pool['listener'], edge_id)
completor(success=True)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
completor(success=False)
LOG.error('Failed to create pool %s', pool['id'])
def create(self, context, pool, completor):
pool_id = pool['id']
edge_pool = {
'name': 'pool_' + pool_id,
'description': pool.get('description', pool.get('name')),
'algorithm': lb_const.BALANCE_MAP.get(pool['lb_algorithm'],
'round-robin'),
'transparent': False
}
lb_id = pool['loadbalancer_id']
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
if not lb_binding:
msg = _(
'No suitable Edge found for pool %s') % pool_id
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_id = lb_binding['edge_id']
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_pool(edge_id, edge_pool)[0]
edge_pool_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_pool_binding(context.session, lb_id,
pool_id,
edge_pool_id)
if pool['listener']:
listener_binding = nsxv_db.get_nsxv_lbaas_listener_binding(
context.session, lb_id, pool['listener']['id'])
# Associate listener with pool
vse = listener_mgr.listener_to_edge_vse(
context,
pool['listener'],
lb_binding['vip_address'],
edge_pool_id,
listener_binding['app_profile_id'])
with locking.LockManager.get_lock(edge_id):
self.vcns.update_vip(edge_id, listener_binding['vse_id'],
vse)
# This action also set this pool as the default pool of the
# listener, so the application profile may need to be updated
if pool['session_persistence']:
listener_mgr.update_app_profile(
self.vcns, context, pool['listener'], edge_id)
completor(success=True)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
completor(success=False)
LOG.error('Failed to create pool %s', pool['id'])
def create(self, context, pol, completor):
# find out the edge to be updated, by the listener of this policy
listener = pol['listener']
lb_id = listener['loadbalancer_id']
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
if not lb_binding:
msg = _(
'No suitable Edge found for listener %s') % listener['id']
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
if (listener['protocol'] == lb_const.LB_PROTOCOL_HTTPS or
listener['protocol'] == lb_const.LB_PROTOCOL_TERMINATED_HTTPS):
msg = _(
'L7 policy is not supported for %(prot)s listener %(ls)s') % {
'prot': listener['protocol'], 'ls': pol['listener_id']}
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_id = lb_binding['edge_id']
app_rule = policy_to_application_rule(pol)
app_rule_id = None
try:
with locking.LockManager.get_lock(edge_id):
# create the backend application rule for this policy
h = (self.vcns.create_app_rule(edge_id, app_rule))[0]
app_rule_id = lb_common.extract_resource_id(h['location'])
# add the nsx application rule (neutron policy) to the nsx
# virtual server (neutron listener)
vse_id = self._get_vse_id(context, pol)
if vse_id:
self._add_app_rule_to_virtual_server(
edge_id, vse_id, app_rule_id, pol['position'])
except Exception as e:
with excutils.save_and_reraise_exception():
completor(success=False)
LOG.error('Failed to create L7policy on edge %(edge)s: '
'%(err)s',
{'edge': edge_id, 'err': e})
if app_rule_id:
# Failed to add the rule to the vip: delete the rule
# from the backend.
try:
self.vcns.delete_app_rule(edge_id, app_rule_id)
except Exception:
pass
# save the nsx application rule id in the DB
nsxv_db.add_nsxv_lbaas_l7policy_binding(context.session, pol['id'],
edge_id, app_rule_id)
# complete the transaction
completor(success=True)
def create_pool_health_monitor(self, context, health_monitor, pool_id,
pool_mapping, mon_mappings):
LOG.debug('Create HM %s', health_monitor)
edge_mon_id = None
with locking.LockManager.get_lock(pool_mapping['edge_id']):
# 1st, we find if we already have a pool with the same monitor, on
# the same Edge appliance.
# If there is no pool on this Edge which is already associated with
# this monitor, create this monitor on Edge
if mon_mappings:
edge_mon_id = mon_mappings['edge_monitor_id']
else:
edge_monitor = convert_lbaas_monitor(health_monitor)
try:
h = self.vcns.create_health_monitor(
pool_mapping['edge_id'], edge_monitor)[0]
edge_mon_id = lb_common.extract_resource_id(h['location'])
except nsxv_exc.VcnsApiException:
self.lbv1_driver.pool_health_monitor_failed(
context, health_monitor, pool_id)
with excutils.save_and_reraise_exception():
LOG.error(
_LE('Failed to associate monitor on edge: %s'),
pool_mapping['edge_id'])
try:
# Associate monitor with Edge pool
edge_pool = self.vcns.get_pool(pool_mapping['edge_id'],
pool_mapping['edge_pool_id'])[1]
if edge_pool['monitorId']:
edge_pool['monitorId'].append(edge_mon_id)
else:
edge_pool['monitorId'] = [edge_mon_id]
self.vcns.update_pool(pool_mapping['edge_id'],
pool_mapping['edge_pool_id'], edge_pool)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv1_driver.pool_health_monitor_failed(
context, health_monitor, pool_id)
LOG.error(_LE('Failed to associate monitor on edge: %s'),
pool_mapping['edge_id'])
self.lbv1_driver.create_pool_health_monitor_successful(
context, health_monitor, pool_id, pool_mapping['edge_id'],
edge_mon_id)
def create(self, context, pol):
# find out the edge to be updated, by the listener of this policy
lb_id = pol.listener.loadbalancer_id
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
if not lb_binding:
msg = _('No suitable Edge found for listener %s') % pol.listener_id
raise n_exc.BadRequest(resource='edge-lbaas', msg=msg)
edge_id = lb_binding['edge_id']
app_rule = policy_to_application_rule(pol)
app_rule_id = None
try:
with locking.LockManager.get_lock(edge_id):
# create the backend application rule for this policy
h = (self.vcns.create_app_rule(edge_id, app_rule))[0]
app_rule_id = lb_common.extract_resource_id(h['location'])
# add the nsx application rule (neutron policy) to the nsx
# virtual server (neutron listener)
vse_id = self._get_vse_id(context, pol)
if vse_id:
self._add_app_rule_to_virtual_server(
edge_id, vse_id, app_rule_id, pol.position)
except Exception as e:
with excutils.save_and_reraise_exception():
self.lbv2_driver.l7policy.failed_completion(context, pol)
LOG.error(
'Failed to create L7policy on edge %(edge)s: '
'%(err)s', {
'edge': edge_id,
'err': e
})
if app_rule_id:
# Failed to add the rule to the vip: delete the rule
# from the backend.
try:
self.vcns.delete_app_rule(edge_id, app_rule_id)
except Exception:
pass
# save the nsx application rule id in the DB
nsxv_db.add_nsxv_lbaas_l7policy_binding(context.session, pol.id,
edge_id, app_rule_id)
# complete the transaction
self.lbv2_driver.l7policy.successful_completion(context, pol)
def create(self, context, pool):
edge_pool = {
'name': 'pool_' + pool.id,
'description': getattr(pool, 'description', getattr(pool, 'name')),
'algorithm': lb_const.BALANCE_MAP.get(pool.lb_algorithm,
'round-robin'),
'transparent': False
}
lb_id = pool.loadbalancer_id
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
edge_id = lb_binding['edge_id']
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_pool(edge_id, edge_pool)[0]
edge_pool_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_pool_binding(context.session, lb_id,
pool.id,
edge_pool_id)
if pool.listener:
listener_binding = nsxv_db.get_nsxv_lbaas_listener_binding(
context.session, lb_id, pool.listener.id)
# Associate listener with pool
vse = listener_mgr.listener_to_edge_vse(
pool.listener,
lb_binding['vip_address'],
edge_pool_id,
listener_binding['app_profile_id'])
with locking.LockManager.get_lock(edge_id):
self.vcns.update_vip(edge_id, listener_binding['vse_id'],
vse)
self.lbv2_driver.pool.successful_completion(context, pool)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.pool.failed_completion(context, pool)
LOG.error(_LE('Failed to create pool %s'), pool['id'])
def create(self, context, pool):
edge_pool = {
'name': 'pool_' + pool.id,
'description': getattr(pool, 'description', getattr(pool, 'name')),
'algorithm': lb_const.BALANCE_MAP.get(pool.lb_algorithm,
'round-robin'),
'transparent': False
}
listener = pool.listener
lb_id = listener.loadbalancer_id
lb_binding = nsxv_db.get_nsxv_lbaas_loadbalancer_binding(
context.session, lb_id)
listener_binding = nsxv_db.get_nsxv_lbaas_listener_binding(
context.session, lb_id, listener.id)
edge_id = lb_binding['edge_id']
try:
with locking.LockManager.get_lock(edge_id):
h = self.vcns.create_pool(edge_id, edge_pool)[0]
edge_pool_id = lb_common.extract_resource_id(h['location'])
nsxv_db.add_nsxv_lbaas_pool_binding(context.session, lb_id,
listener.id,
pool.id,
edge_pool_id)
# Associate listener with pool
vse = listener_mgr.listener_to_edge_vse(
listener,
lb_binding['vip_address'],
edge_pool_id,
listener_binding['app_profile_id'])
with locking.LockManager.get_lock(edge_id):
self.vcns.update_vip(edge_id, listener_binding['vse_id'], vse)
self.lbv2_driver.pool.successful_completion(context, pool)
except nsxv_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
self.lbv2_driver.pool.failed_completion(context, pool)
LOG.error(_LE('Failed to create pool %s'), pool['id'])
