def _add_routing_instance(self, ri_conf):
gevent.idle()
ri_name = ri_conf.get("ri_name")
vn = ri_conf.get("vn")
is_l2 = ri_conf.get("is_l2", False)
is_l2_l3 = ri_conf.get("is_l2_l3", False)
import_targets = ri_conf.get("import_targets", set())
export_targets = ri_conf.get("export_targets", set())
prefixes = ri_conf.get("prefixes") or []
gateways = ri_conf.get("gateways") or []
router_external = ri_conf.get("router_external", False)
interfaces = ri_conf.get("interfaces", [])
vni = ri_conf.get("vni", None)
fip_map = ri_conf.get("fip_map", None)
network_id = ri_conf.get("network_id", None)
is_internal_vn = True if '_contrail_lr_internal_vn_' in vn.name \
else False
encapsulation_priorities = ri_conf.get("encapsulation_priorities") or [
"MPLSoGRE"
]
highest_encapsulation = encapsulation_priorities[0]
ri = RoutingInstance(name=ri_name)
is_master_int_vn = False
if vn:
is_nat = True if fip_map else False
ri.set_comment(
DMUtils.vn_ri_comment(vn, is_l2, is_l2_l3, is_nat,
router_external))
if is_internal_vn:
lr_uuid = DMUtils.extract_lr_uuid_from_internal_vn_name(
ri_name)
else:
if vn.logical_router is None:
# try updating logical router to handle DM restart
# vn.logical_router could be none as sequencing of
# locate object calls in device_manager.py
vn.set_logical_router(vn.fq_name[-1])
lr_uuid = vn.logical_router
if lr_uuid:
lr = LogicalRouterDM.get(lr_uuid)
if lr:
is_master_int_vn = lr.is_master
if is_internal_vn:
# set description only for interval VN/VRF
ri.set_description("__contrail_%s_%s" %
(lr.name, lr_uuid))
ri.set_is_master(is_master_int_vn)
ri.set_virtual_network_id(str(network_id))
ri.set_vxlan_id(str(vni))
ri.set_virtual_network_is_internal(is_internal_vn)
ri.set_is_public_network(router_external)
if is_l2_l3:
ri.set_virtual_network_mode('l2-l3')
elif is_l2:
ri.set_virtual_network_mode('l2')
if highest_encapsulation == "VXLAN":
ri.set_routing_instance_type("virtual-switch")
elif highest_encapsulation in ["MPLSoGRE", "MPLSoUDP"]:
ri.set_routing_instance_type("evpn")
else:
ri.set_virtual_network_mode('l3')
if not is_l2:
ri.set_routing_instance_type("vrf")
if fip_map is None and (router_external or not is_internal_vn):
# add RI prefixes for dc-gateway
self._add_ri_prefixes(vn, router_external, interfaces,
prefixes, ri)
if ri.get_routing_instance_type() != 'virtual-switch' and \
ri.get_virtual_network_mode() != 'l2':
self.ri_map[ri_name] = ri
# add irb physical interface and irb vni gateway settings for l2_l3
if self._is_gateway() and is_l2_l3 and not is_internal_vn:
__, li_map = self._add_or_lookup_pi(self.pi_map, 'irb', 'irb')
intf_unit = self._add_or_lookup_li(li_map,
'irb.' + str(network_id),
network_id)
if len(gateways) > 0:
if vn.has_ipv6_subnet is True:
intf_unit.set_is_virtual_router(True)
intf_unit.set_comment(
DMUtils.vn_irb_comment(vn, False, is_l2_l3,
router_external))
for (irb_ip, gateway) in gateways:
if len(gateway) and gateway != '0.0.0.0':
intf_unit.set_gateway(gateway)
self._add_ip_address(intf_unit,
irb_ip,
gateway=gateway)
else:
self._add_ip_address(intf_unit, irb_ip)
if (is_l2 and vni is not None
and self._is_evpn(self._physical_router)):
irb_name = 'irb.' + str(network_id)
self._add_ref_to_list(ri.get_routing_interfaces(), irb_name)
# add firewall config for public VRF
if router_external and is_l2 is False:
self._add_ri_vrf_firewall_config(prefixes, ri)
# add firewall config for DCI Network
if fip_map is not None:
self._add_ref_to_list(ri.get_interfaces(), interfaces[0].name)
self.firewall_config = self.firewall_config or Firewall(
comment=DMUtils.firewall_comment())
f = FirewallFilter(
name=DMUtils.make_private_vrf_filter_name(ri_name))
f.set_comment(DMUtils.vn_firewall_comment(vn, "private"))
self.firewall_config.add_firewall_filters(f)
term = Term(name=DMUtils.make_vrf_term_name(ri_name))
from_ = From()
for fip_user_ip in list(fip_map.keys()):
from_.add_source_address(
self._get_subnet_for_cidr(fip_user_ip))
term.set_from(from_)
term.set_then(Then(routing_instance=[ri_name]))
f.add_terms(term)
__, li_map = self._add_or_lookup_pi(self.pi_map, 'irb', 'irb')
intf_name = 'irb.' + str(network_id)
intf_unit = self._add_or_lookup_li(li_map, intf_name, network_id)
intf_unit.set_comment(DMUtils.vn_irb_fip_inet_comment(vn))
intf_unit.set_family("inet")
intf_unit.add_firewall_filters(
DMUtils.make_private_vrf_filter_name(ri_name))
self._add_ref_to_list(ri.get_routing_interfaces(), intf_name)
# fip services config
nat_rules = NatRules(allow_overlapping_nat_pools=True,
name=DMUtils.make_services_set_name(ri_name),
comment=DMUtils.service_set_comment(vn))
ri.set_nat_rules(nat_rules)
snat_rule = NatRule(name=DMUtils.make_snat_rule_name(ri_name),
comment=DMUtils.service_set_nat_rule_comment(
vn, "SNAT"),
direction="input",
translation_type="basic-nat44")
snat_rule.set_comment(DMUtils.snat_rule_comment())
nat_rules.add_rules(snat_rule)
dnat_rule = NatRule(name=DMUtils.make_dnat_rule_name(ri_name),
comment=DMUtils.service_set_nat_rule_comment(
vn, "DNAT"),
direction="output",
translation_type="dnat-44")
dnat_rule.set_comment(DMUtils.dnat_rule_comment())
nat_rules.add_rules(dnat_rule)
nat_rules.set_inside_interface(interfaces[0].name)
nat_rules.set_outside_interface(interfaces[1].name)
for pip, fip_vn in list(fip_map.items()):
fip = fip_vn["floating_ip"]
snat_rule.add_source_addresses(self._get_subnet_for_cidr(pip))
snat_rule.add_source_prefixes(self._get_subnet_for_cidr(fip))
dnat_rule.add_destination_addresses(
self._get_subnet_for_cidr(fip))
dnat_rule.add_destination_prefixes(
self._get_subnet_for_cidr(pip))
self._add_ref_to_list(ri.get_ingress_interfaces(),
interfaces[0].name)
self._add_ref_to_list(ri.get_egress_interfaces(),
interfaces[1].name)
for target in import_targets:
self._add_to_list(ri.get_import_targets(), target)
for target in export_targets:
self._add_to_list(ri.get_export_targets(), target)
def build_svc_chaining_ri_config(self, si_name, left_vrf_info,
right_vrf_info):
# left vrf
vn_obj = VirtualNetworkDM.get(left_vrf_info.get("vn_id"))
if vn_obj:
vrf_name = DMUtils.make_vrf_name(vn_obj.fq_name[-1],
vn_obj.vn_network_id, "l3")
network_id = vn_obj.vn_network_id
vxlan_id = vn_obj.get_vxlan_vni()
primary_ri = self._get_primary_ri(vn_obj)
et, it = self._get_export_import_targets(vn_obj, primary_ri)
is_internal_vn = (True if "_contrail_lr_internal_vn_"
in vn_obj.name else False)
left_ri = RoutingInstance(
name=vrf_name,
virtual_network_mode="l3",
export_targets=et,
import_targets=it,
virtual_network_id=str(network_id),
vxlan_id=str(vxlan_id),
is_public_network=vn_obj.router_external,
)
left_ri.set_routing_instance_type("vrf")
left_ri.set_virtual_network_is_internal(is_internal_vn)
if is_internal_vn:
lr = self.get_lr_name_from_ri(vrf_name)
if lr:
left_ri.set_description("__contrail_%s_%s" %
(lr.name, lr.uuid))
self.ri_map_leafspine[vrf_name] = left_ri
self._add_ref_to_list(
left_ri.get_routing_interfaces(),
"irb." + left_vrf_info.get("left_svc_unit"),
)
if left_vrf_info.get("srx_left_interface") and left_vrf_info.get(
"loopback_ip"):
protocols = RoutingInstanceProtocols()
bgp_name = si_name + "_left"
peer_bgp_name = (bgp_name + "_" +
left_vrf_info.get("srx_left_interface"))
peer_bgp = Bgp(
name=peer_bgp_name,
autonomous_system=left_vrf_info.get("peer"),
ip_address=left_vrf_info.get("srx_left_interface"),
)
bgp = Bgp(
name=bgp_name,
type_="external",
autonomous_system=left_vrf_info.get("local"),
)
bgp.add_peers(peer_bgp)
bgp.set_comment("PNF-Service-Chaining")
protocols.add_bgp(bgp)
pimrp = PimRp(ip_address=left_vrf_info.get("loopback_ip"))
pim = Pim(name=si_name + "_left")
pim.set_rp(pimrp)
pim.set_comment("PNF-Service-Chaining")
protocols.add_pim(pim)
self.ri_protocols_leafspine_map[vrf_name][bgp_name] = protocols
left_ri.set_protocols(
self._get_values_sorted_by_key(
self.ri_protocols_leafspine_map[vrf_name]))
# create new service chain ri for vni targets
for vn in left_vrf_info.get("tenant_vn") or []:
vn_obj = VirtualNetworkDM.get(vn)
if vn_obj:
vrf_name = DMUtils.make_vrf_name(vn_obj.fq_name[-1],
vn_obj.vn_network_id, "l3")
network_id = vn_obj.vn_network_id
vxlan_id = vn_obj.get_vxlan_vni()
primary_ri = self._get_primary_ri(vn_obj)
et, it = self._get_export_import_targets(vn_obj, primary_ri)
ri = RoutingInstance(
name=vrf_name,
virtual_network_mode="l3",
export_targets=et,
import_targets=it,
virtual_network_id=str(network_id),
vxlan_id=str(vxlan_id),
is_public_network=vn_obj.router_external,
)
vni_ri_left = RoutingInstance(name=si_name +
"_service_chain_left")
self.ri_map_leafspine[si_name +
"_service_chain_left"] = vni_ri_left
vni_ri_left.set_comment("PNF-Service-Chaining")
vni_ri_left.set_routing_instance_type("virtual-switch")
vni_ri_left.set_vxlan_id(left_vrf_info.get("left_svc_unit"))
for target in ri.get_export_targets():
self._add_to_list(vni_ri_left.get_export_targets(), target)
# right vrf
vn_obj = VirtualNetworkDM.get(right_vrf_info.get("vn_id"))
if vn_obj:
vrf_name = DMUtils.make_vrf_name(vn_obj.fq_name[-1],
vn_obj.vn_network_id, "l3")
network_id = vn_obj.vn_network_id
vxlan_id = vn_obj.get_vxlan_vni()
primary_ri = self._get_primary_ri(vn_obj)
et, it = self._get_export_import_targets(vn_obj, primary_ri)
is_internal_vn = (True if "_contrail_lr_internal_vn_"
in vn_obj.name else False)
right_ri = RoutingInstance(
name=vrf_name,
virtual_network_mode="l3",
export_targets=et,
import_targets=it,
virtual_network_id=str(network_id),
vxlan_id=str(vxlan_id),
is_public_network=vn_obj.router_external,
)
right_ri.set_routing_instance_type("vrf")
right_ri.set_virtual_network_is_internal(is_internal_vn)
if is_internal_vn:
lr = self.get_lr_name_from_ri(vrf_name)
if lr:
right_ri.set_description("__contrail_%s_%s" %
(lr.name, lr.uuid))
self.ri_map_leafspine[vrf_name] = right_ri
self._add_ref_to_list(
right_ri.get_routing_interfaces(),
"irb." + right_vrf_info.get("right_svc_unit"),
)
if right_vrf_info.get("srx_right_interface") and left_vrf_info.get(
"loopback_ip"):
protocols = RoutingInstanceProtocols()
bgp_name = si_name + "_right"
peer_bgp_name = (bgp_name + "_" +
right_vrf_info.get("srx_right_interface"))
peer_bgp = Bgp(
name=peer_bgp_name,
autonomous_system=right_vrf_info.get("peer"),
ip_address=right_vrf_info.get("srx_right_interface"),
)
bgp = Bgp(
name=bgp_name,
type_="external",
autonomous_system=right_vrf_info.get("local"),
)
bgp.add_peers(peer_bgp)
bgp.set_comment("PNF-Service-Chaining")
protocols.add_bgp(bgp)
pimrp = PimRp(ip_address=left_vrf_info.get("loopback_ip"))
pim = Pim(name=si_name + "_right")
pim.set_rp(pimrp)
pim.set_comment("PNF-Service-Chaining")
protocols.add_pim(pim)
self.ri_protocols_leafspine_map[vrf_name][bgp_name] = protocols
right_ri.set_protocols(
self._get_values_sorted_by_key(
self.ri_protocols_leafspine_map[vrf_name]))
# create new service chain ri for vni targets
for vn in right_vrf_info.get("tenant_vn") or []:
vn_obj = VirtualNetworkDM.get(vn)
if vn_obj:
vrf_name = DMUtils.make_vrf_name(vn_obj.fq_name[-1],
vn_obj.vn_network_id, "l3")
network_id = vn_obj.vn_network_id
vxlan_id = vn_obj.get_vxlan_vni()
primary_ri = self._get_primary_ri(vn_obj)
et, it = self._get_export_import_targets(vn_obj, primary_ri)
ri = RoutingInstance(
name=vrf_name,
virtual_network_mode="l3",
export_targets=et,
import_targets=it,
virtual_network_id=str(network_id),
vxlan_id=str(vxlan_id),
is_public_network=vn_obj.router_external,
)
vni_ri_right = RoutingInstance(name=si_name +
"_service_chain_right")
self.ri_map_leafspine[si_name +
"_service_chain_right"] = vni_ri_right
vni_ri_right.set_comment("PNF-Service-Chaining")
vni_ri_right.set_routing_instance_type("virtual-switch")
vni_ri_right.set_vxlan_id(right_vrf_info.get("right_svc_unit"))
for target in ri.get_export_targets():
self._add_to_list(vni_ri_right.get_export_targets(),
target)