def update_implicit_subnetpool(self, context, subnetpool): is_implicit = False if validators.is_attr_set(subnetpool.get('is_implicit')): is_implicit = subnetpool['is_implicit'] with context.session.begin(subtransactions=True): if is_implicit: # Verify feasibility. Only one implicit SP must exist per # tenant (or global) msg = _('There can be at most one implicit ' 'subnetpool per address family per tenant.') self._validate_implicit_subnetpool( context, subnetpool['id'], tenant=subnetpool['tenant_id'], msg=msg, ip_version=subnetpool['ip_version']) if subnetpool['shared']: # Check globally too msg = _('There can be at most one global implicit ' 'subnetpool per address family.') self._validate_implicit_subnetpool( context, subnetpool['id'], tenant=None, msg=msg, ip_version=subnetpool['ip_version']) db_obj = self._get_implicit_subnetpool(context, subnetpool['id']) if db_obj: db_obj.is_implicit = is_implicit db_obj = db_obj or ImplicitSubnetpool( subnetpool_id=subnetpool['id'], is_implicit=is_implicit) context.session.add(db_obj) return is_implicit
def _http_request(self, url, method_type, headers=None, body=None): try: h = httplib2.Http() resp, content = h.request(url, method=method_type, headers=headers, body=body, connection_type=UnixHTTPConnection) return resp, content except httplib2.ServerNotFoundError: raise RestClientException(_("Server Not Found")) except exceptions.Exception as e: raise RestClientException(_("httplib response error %s") % (e))
def _validate_str_list(data, valid_values=None): if not isinstance(data, list): msg = _("'%s' is not a list") % data LOG.debug(msg) return msg for item in data: msg = valid.validate_string(item) if msg: LOG.debug(msg) return msg if len(set(data)) != len(data): msg = _("Duplicate items in the list: '%s'") % ', '.join(data) LOG.debug(msg) return msg
def _unmap(self, session, name, type_tag, prefix, enforce): pos = len(prefix) + len(type_tag) + 1 if self._map(session, "", type_tag, prefix) == name[:pos]: return name[pos:] elif enforce: msg = _("Attempted to reverse-map invalid APIC name '%s'") % name raise exceptions.InternalError(details=msg)
def _http_request(self, url, method_type, headers=None, body=None): try: h = httplib2.Http() resp, content = h.request( url, method=method_type, headers=headers, body=body, connection_type=UnixHTTPConnection) return resp, content except httplib2.ServerNotFoundError: raise RestClientException(_("Server Not Found")) except exceptions.Exception as e: raise RestClientException(_("httplib response error %s") % (e))
class InvalidNetworkServiceParameters(GroupPolicyBadRequest): message = _("Resource Mapping Driver currently supports Network Service " "Parameters with the following types and values: " "type: 'ip_single' value: 'self_subnet'; " "type: 'ip_pool' value: 'nat_pool'; " "type: 'ip_single' value: 'nat_pool'; " "type: 'qos_maxrate' value: numerical of intended Kbps; " "type: 'qos_burstrate' value: numerical of intended Kbps.")
class NFPException(Exception): """Base NFP Exception To correctly use this class, inherit from it and define a 'message' property. That message will get printf'd with the keyword arguments provided to the constructor. """ message = _("An unknown exception occurred.") code = 500 headers = {} safe = False def __init__(self, message=None, **kwargs): self.kwargs = kwargs self.kwargs['message'] = message if 'code' not in self.kwargs: try: self.kwargs['code'] = self.code except AttributeError: pass for k, v in self.kwargs.items(): if isinstance(v, Exception): self.kwargs[k] = six.text_type(v) if self._should_format(): try: message = self.message % kwargs except Exception: exc_info = sys.exc_info() # kwargs doesn't match a variable in the message # log the issue and the kwargs LOG.exception('Exception in string format operation') for name, value in kwargs.items(): LOG.error("%(name)s: %(value)s", { 'name': name, 'value': value }) if CONF.fatal_exception_format_errors: six.reraise(*exc_info) # at least get the core message out if something happened message = self.message elif isinstance(message, Exception): message = six.text_type(message) self.msg = message super(NFPException, self).__init__(message) def _should_format(self): return self.kwargs['message'] is None or '%(message)' in self.message def __unicode__(self): return six.text_type(self.msg)
def connect(self): """Method used to connect socket server.""" self.sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) if self.timeout: self.sock.settimeout(self.timeout) try: self.sock.connect(self.socket_path) except socket.error as exc: raise RestClientException( _("Caught exception socket.error : %s") % exc)
def _timedout(self): if self._idle_count > self._idle_count_max: self._end_time = time.time() raise ConnectionIdleTimeOut( _("Connection (%(conn)d) - " "stime (%(start_time)s) - etime (%(end_time)s) - " "idle_count (%(idle)d) idle_count_max(%(idle_max)d)") % {'conn': self.identify(), 'start_time': self._start_time, 'end_time': self._end_time, 'idle': self._idle_count, 'idle_max': self._idle_count_max})
def _timedout(self): if self._idle_count > self._idle_count_max: self._end_time = time.time() raise ConnectionIdleTimeOut( _("Connection (%(conn)d) - " "stime (%(start_time)s) - etime (%(end_time)s) - " "idle_count (%(idle)d) idle_count_max(%(idle_max)d)") % { 'conn': self.identify(), 'start_time': self._start_time, 'end_time': self._end_time, 'idle': self._idle_count, 'idle_max': self._idle_count_max })
def load_plugin(namespace, plugin): try: # Try to resolve plugin by name mgr = driver.DriverManager(namespace, plugin) plugin_class = mgr.driver except RuntimeError as e1: # fallback to class name try: plugin_class = importutils.import_class(plugin) except ImportError as e2: LOG.exception("Error loading plugin by name, %s", e1) LOG.exception("Error loading plugin by class, %s", e2) raise ImportError(_("Plugin not found.")) return plugin_class()
def _create_implicit_l3_policy(self, context): tenant_id = context.current['tenant_id'] filter = {'tenant_id': [tenant_id], 'name': [self._default_l3p_name]} l3ps = self._get_l3_policies(context._plugin_context, filter) l3p = l3ps and l3ps[0] if not l3p: attrs = { 'tenant_id': tenant_id, 'name': self._default_l3p_name, 'description': _("Implicitly created L3 policy"), 'ip_version': self._default_ip_version, 'ip_pool': self._default_ip_pool, 'shared': context.current.get('shared', False), 'subnet_prefix_length': self._default_subnet_prefix_length } if self._proxy_group_enabled: attrs['proxy_ip_pool'] = (self._default_proxy_ip_pool) attrs['proxy_subnet_prefix_length'] = ( self._default_proxy_subnet_prefix_length) try: l3p = self._create_l3_policy(context._plugin_context, attrs) self._mark_l3_policy_owned(context._plugin_context.session, l3p['id']) except exc.DefaultL3PolicyAlreadyExists: with excutils.save_and_reraise_exception( reraise=False) as ctxt: LOG.debug( "Possible concurrent creation of default L3 " "policy for tenant %s", tenant_id) l3ps = self._get_l3_policies(context._plugin_context, filter) l3p = l3ps and l3ps[0] if not l3p: LOG.warning( "Caught DefaultL3PolicyAlreadyExists, " "but default L3 policy not concurrently " "created for tenant %s", tenant_id) ctxt.reraise = True except exc.OverlappingIPPoolsInSameTenantNotAllowed: with excutils.save_and_reraise_exception(): LOG.info( "Caught " "OverlappingIPPoolsinSameTenantNotAllowed " "during creation of default L3 policy for " "tenant %s", tenant_id) context.current['l3_policy_id'] = l3p['id']
def _create_implicit_l3_policy(self, context): tenant_id = context.current['tenant_id'] filter = {'tenant_id': [tenant_id], 'name': [self._default_l3p_name]} l3ps = self._get_l3_policies(context._plugin_context, filter) l3p = l3ps and l3ps[0] if not l3p: attrs = {'tenant_id': tenant_id, 'name': self._default_l3p_name, 'description': _("Implicitly created L3 policy"), 'ip_version': self._default_ip_version, 'ip_pool': self._default_ip_pool, 'shared': context.current.get('shared', False), 'subnet_prefix_length': self._default_subnet_prefix_length} if self._proxy_group_enabled: attrs['proxy_ip_pool'] = ( self._default_proxy_ip_pool) attrs['proxy_subnet_prefix_length'] = ( self._default_proxy_subnet_prefix_length) try: l3p = self._create_l3_policy(context._plugin_context, attrs) self._mark_l3_policy_owned(context._plugin_context.session, l3p['id']) except exc.DefaultL3PolicyAlreadyExists: with excutils.save_and_reraise_exception( reraise=False) as ctxt: LOG.debug("Possible concurrent creation of default L3 " "policy for tenant %s", tenant_id) l3ps = self._get_l3_policies(context._plugin_context, filter) l3p = l3ps and l3ps[0] if not l3p: LOG.warning( "Caught DefaultL3PolicyAlreadyExists, " "but default L3 policy not concurrently " "created for tenant %s", tenant_id) ctxt.reraise = True except exc.OverlappingIPPoolsInSameTenantNotAllowed: with excutils.save_and_reraise_exception(): LOG.info("Caught " "OverlappingIPPoolsinSameTenantNotAllowed " "during creation of default L3 policy for " "tenant %s", tenant_id) context.current['l3_policy_id'] = l3p['id']
def _create_implicit_l2_policy(self, context): attrs = {'tenant_id': context.current['tenant_id'], 'name': context.current['name'], 'description': _("Implicitly created L2 policy"), 'l3_policy_id': None, 'shared': context.current.get('shared', False), 'network_id': None} if context.current.get('proxied_group_id'): # The L3P has to be the same as the proxied group group = context._plugin.get_policy_target_group( context._plugin_context, context.current['proxied_group_id']) l2p = context._plugin.get_l2_policy( context._plugin_context, group['l2_policy_id']) attrs['l3_policy_id'] = l2p['l3_policy_id'] l2p = self._create_l2_policy(context._plugin_context, attrs) context.current['l2_policy_id'] = l2p['id'] self._mark_l2_policy_owned(context._plugin_context.session, l2p['id'])
def _create_domain(self, context): project_id = context.current['project_id'] tenant_name = context._plugin_context.tenant_name domain_name = generate_nsx_name(project_id, tenant_name) LOG.info('Creating domain %(domain)s for project %(project)s', {'domain': domain_name, 'project': project_id}) self.nsx_policy.domain.create_or_overwrite( name=domain_name, domain_id=project_id, description=_('Domain for tenant %s') % tenant_name) self.nsx_policy.deployment_map.create_or_overwrite( name=domain_name, map_id=project_id, domain_id=project_id, ep_id=SINGLE_ENTRY_ID)
def _create_implicit_l2_policy(self, context): attrs = { 'tenant_id': context.current['tenant_id'], 'name': context.current['name'], 'description': _("Implicitly created L2 policy"), 'l3_policy_id': None, 'shared': context.current.get('shared', False), 'network_id': None } if context.current.get('proxied_group_id'): # The L3P has to be the same as the proxied group group = context._plugin.get_policy_target_group( context._plugin_context, context.current['proxied_group_id']) l2p = context._plugin.get_l2_policy(context._plugin_context, group['l2_policy_id']) attrs['l3_policy_id'] = l2p['l3_policy_id'] l2p = self._create_l2_policy(context._plugin_context, attrs) context.current['l2_policy_id'] = l2p['id'] self._mark_l2_policy_owned(context._plugin_context.session, l2p['id'])
def _create_domain(self, context): project_id = context.current['project_id'] tenant_name = context._plugin_context.tenant_name domain_name = generate_nsx_name(project_id, tenant_name) LOG.info('Creating domain %(domain)s for project %(project)s', { 'domain': domain_name, 'project': project_id }) self.nsx_policy.domain.create_or_overwrite( name=domain_name, domain_id=project_id, description=_('Domain for tenant %s') % tenant_name) self.nsx_policy.deployment_map.create_or_overwrite( name=domain_name, map_id=project_id, domain_id=project_id, ep_id=SINGLE_ENTRY_ID)
# License for the specific language governing permissions and limitations # under the License. from oslo_config import cfg from gbpservice._i18n import _ # REVISIT: Auto-PTG is currently config driven to align with the # config driven behavior of the older driver but is slated for # removal. opts = [ cfg.BoolOpt('create_auto_ptg', default=True, help=_("Automatically create a PTG when a L2 Policy " "gets created. This is currently an aim_mapping " "policy driver specific feature.")), cfg.BoolOpt('create_per_l3p_implicit_contracts', default=True, help=_("This configuration is set to True to migrate a " "deployment that has l3_policies without implicit " "AIM contracts (these are deployments which have " "AIM implicit contracts per tenant). A Neutron server " "restart is required for this configuration to take " "effect. The creation of the implicit contracts " "happens at the time of the AIM policy driver " "initialization. The configuration can be set to " "False to avoid recreating the implicit contracts " "on subsequent Neutron server restarts. This " "option will be removed in the O release")), cfg.BoolOpt('advertise_mtu', # REVISIT: Move to apic_aim MD.
class NonIsomorphicNetworkRoutingUnsupported(exceptions.BadRequest): message = _("All router interfaces for a network must utilize the same " "VRF.")
def get_description(cls): return _("Extension exposing mapping of GBP resources to Cisco " "APIC constructs")
def get_description(cls): return _("Adds test attributes to group policy resources.")
def __init__(self, **kwargs): kwargs['reason'] = _('Subnet has SNAT IP addresses allocated') super(SnatPortsInUse, self).__init__(**kwargs)
def send_request(self, path, method_type, request_method='http', server_addr='127.0.0.1', headers=None, body=None): """Implementation for common interface for all unix crud requests. Return:Http Response """ # prepares path, body, url for sending unix request. if method_type.upper() != 'GET': body = jsonutils.dumps(body) body = zlib.compress(body) path = '/v1/nfp/' + path url = urlparse.urlunsplit(( request_method, server_addr, path, None, '')) try: resp, content = self._http_request(url, method_type, headers=headers, body=body) if content != '': content = zlib.decompress(content) message = "%s:%s" % (resp, content) LOG.info(message) except RestClientException as rce: message = "ERROR : %s" % (rce) LOG.error(message) raise rce success_code = [200, 201, 202, 204] # Evaluate responses into success and failures. # Raise exception for failure cases which needs # to be handled by caller. if success_code.__contains__(resp.status): return resp, content elif resp.status == 400: raise RestClientException(_("HTTPBadRequest: %s") % resp.reason) elif resp.status == 401: raise RestClientException(_("HTTPUnauthorized: %s") % resp.reason) elif resp.status == 403: raise RestClientException(_("HTTPForbidden: %s") % resp.reason) elif resp.status == 404: raise RestClientException(_("HttpNotFound: %s") % resp.reason) elif resp.status == 405: raise RestClientException( _("HTTPMethodNotAllowed: %s") % resp.reason) elif resp.status == 406: raise RestClientException(_("HTTPNotAcceptable: %s") % resp.reason) elif resp.status == 408: raise RestClientException( _("HTTPRequestTimeout: %s") % resp.reason) elif resp.status == 409: raise RestClientException(_("HTTPConflict: %s") % resp.reason) elif resp.status == 415: raise RestClientException( _("HTTPUnsupportedMediaType: %s") % resp.reason) elif resp.status == 417: raise RestClientException( _("HTTPExpectationFailed: %s") % resp.reason) elif resp.status == 500: raise RestClientException(_("HTTPServerError: %s") % resp.reason) else: raise Exception(_('Unhandled Exception code: %(st)s %(reason)s') % {'st': resp.status, 'reason': resp.reason})
class SubnetOverlapInRoutedVRF(exceptions.BadRequest): message = _("Subnets %(id1)s (%(cidr1)s) and %(id2)s (%(cidr2)s) mapped " "to %(vrf)s overlap.")
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_config import cfg from gbpservice._i18n import _ # REVISIT: Auto-PTG is currently config driven to align with the # config driven behavior of the older driver but is slated for # removal. opts = [ cfg.BoolOpt('create_auto_ptg', default=True, help=_("Automatically create a PTG when a L2 Policy " "gets created. This is currently an aim_mapping " "policy driver specific feature.")), cfg.BoolOpt('create_per_l3p_implicit_contracts', default=True, help=_("This configuration is set to True to migrate a " "deployment that has l3_policies without implicit " "AIM contracts (these are deployments which have " "AIM implicit contracts per tenant). A Neutron server " "restart is required for this configuration to take " "effect. The creation of the implicit contracts " "happens at the time of the AIM policy driver " "initialization. The configuration can be set to " "False to avoid recreating the implicit contracts " "on subsequent Neutron server restarts. This " "option will be removed in the O release")), cfg.BoolOpt(
from oslo_serialization import jsonutils import sqlalchemy as sa from gbpservice._i18n import _ from gbpservice.neutron.services.servicechain.plugins.ncp import ( exceptions as exc) from gbpservice.neutron.services.servicechain.plugins.ncp import driver_base from gbpservice.neutron.services.servicechain.plugins.ncp.node_drivers import ( openstack_heat_api_client as heat_api_client) LOG = logging.getLogger(__name__) service_chain_opts = [ cfg.IntOpt('stack_action_wait_time', default=15, help=_("Seconds to wait for pending stack operation " "to complete")), cfg.IntOpt('delete_vip_port_retries', default=10, help=_("Retries to check if LB VIP port is deleted")), cfg.StrOpt('heat_uri', default='http://localhost:8004/v1', help=_("Heat API server address to instantiate services " "specified in the service chain.")), cfg.StrOpt('exclude_pool_member_tag', default='ExcludePoolMember', help=_("Policy Targets created for the LB Pool Members should " "have this tag in their description")), ] cfg.CONF.register_opts(service_chain_opts, "heat_node_driver") EXCLUDE_POOL_MEMBER_TAG = cfg.CONF.heat_node_driver.exclude_pool_member_tag
def post(self, **body): """Method of REST server to handle all the post requests. This method sends an RPC cast to configurator according to the HTTP request. :param body: This method excepts dictionary as a parameter in HTTP request and send this dictionary to configurator with RPC cast. Returns: None """ try: global cache_ips global notifications body = None if pecan.request.is_body_readable: body = pecan.request.json_body # Assuming config list will have only one element config_data = body['config'][0] info_data = body['info'] context = info_data['context'] service_type = info_data['service_type'] resource = config_data['resource'] operation = context['operation'] msg1 = ("Request recieved :: %s" % body) LOG.info(msg1) if 'device_ip' in context: msg3 = ("POSTING DATA TO VM :: %s" % body) LOG.info(msg3) device_ip = context['device_ip'] ip = str(device_ip) if operation == 'delete': return msg5 = ("Verifying vm reachability on ip: %s, port: %s" % ( ip, self.vm_port)) LOG.info(msg5) is_vm_reachable = self._verify_vm_reachability(ip, self.vm_port) if is_vm_reachable: requests.post( 'http://' + ip + ':' + self.vm_port + '/v1/nfp/' + self.method_name, data=jsonutils.dumps(body)) msg4 = ("requests successfull for data: %s" % body) LOG.info(msg4) else: raise Exception(_('VM is not reachable')) cache_ips.add(device_ip) else: if (resource in NFP_SERVICE_LIST): result = "unhandled" self._push_notification(context, result, config_data, service_type) else: result = "Unsupported resource type" self._push_notification(context, result, config_data, service_type) except Exception as err: pecan.response.status = 400 msg = ("Failed to serve HTTP post request %s %s." % (self.method_name, str(err).capitalize())) LOG.error(msg) error_data = self._format_description(msg) return jsonutils.dumps(error_data)
def get_description(cls): return _("This extension enables creating L2 policy objects that " "use the same BridgeDomain on APIC")
class UnsupportedRoutingTopology(exceptions.BadRequest): message = _("All router interfaces for a network must share either the " "same router or the same subnet.")
class InternalError(exceptions.NeutronException): message = _("Internal mechanism driver error - %(details)s.") def __init__(self, **kwargs): kwargs.setdefault('details', _("See error log for details")) super(InternalError, self).__init__(**kwargs)
# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_config import cfg from gbpservice._i18n import _ service_chain_opts = [ cfg.ListOpt('node_drivers', default=['node_dummy'], help=_("An ordered list of service chain node drivers " "entrypoints to be loaded from the " "gbpservice.neutron.servicechain.ncp_drivers " "namespace.")), cfg.StrOpt('node_plumber', default='dummy_plumber', help=_("The plumber used by the Node Composition Plugin " "for service plumbing. Entrypoint loaded from the " "gbpservice.neutron.servicechain.ncp_plumbers " "namespace.")) ] cfg.CONF.register_opts(service_chain_opts, "node_composition_plugin")
def get_description(cls): return _("This extension supports a list of allowed VM name regexes " "that can be applied to the L3 policy resource.")
from gbpservice._i18n import _ from gbpservice.network.neutronv2 import local_api from gbpservice.neutron.extensions import driver_proxy_group as pg_ext from gbpservice.neutron.extensions import group_policy as gbp_ext from gbpservice.neutron.services.grouppolicy import ( group_policy_driver_api as api) from gbpservice.neutron.services.grouppolicy.common import exceptions as exc LOG = logging.getLogger(__name__) GBP_CONF = cfg.CONF.group_policy_group opts = [ cfg.StrOpt('default_l3_policy_name', default='default', help=_("Name of each tenant's default L3 policy.")), cfg.IntOpt('default_ip_version', default=4, help=_("IP version (4, 6 or 46) for implicitly created default " "L3 policies.")), cfg.StrOpt('default_ip_pool', default=GBP_CONF.default_ip_pool, help=_("IP pool for implicitly created default L3 policies, " "from which subnets are allocated for policy target " "groups.")), cfg.IntOpt('default_subnet_prefix_length', default=24, help=_("Subnet prefix length for implicitly created default L3 " "polices, controlling size of subnets allocated for " "policy target groups.")), cfg.StrOpt('default_external_segment_name',
from oslo_config import cfg from gbpservice._i18n import _ from gbpservice.neutron.extensions import group_policy as gp from gbpservice.neutron.services.grouppolicy.common import exceptions as gp_exc PROXY_TYPE_L2 = 'l2' PROXY_TYPE_L3 = 'l3' DEFAULT_PROXY_TYPE = PROXY_TYPE_L3 PROXY_GROUP = 'proxy_group' opts = [ cfg.StrOpt('default_proxy_ip_pool', default='192.168.0.0/16', help=_("Proxy IP pool for implicitly created default " "L3 policies, from which subnets are allocated for " "policy target groups with proxy_group_id set to a " "valid value.")), cfg.IntOpt('default_proxy_subnet_prefix_length', default=28, help=_("Proxy Subnet prefix length for implicitly created " "default L3 polices, controlling size of subnets " "allocated for policy target groups with proxy_group_id " "set to a valid value.")), ] cfg.CONF.register_opts(opts, "group_policy_proxy_group") PROXY_CONF = cfg.CONF.group_policy_proxy_group class ProxyGroupBadRequest(gp_exc.GroupPolicyBadRequest): message = _("Invalid input for Proxy Group extension, reason: %(msg)s")
from gbpservice.neutron.services.grouppolicy.common import constants as g_const from gbpservice.neutron.services.grouppolicy.common import exceptions as gpexc from gbpservice.neutron.services.grouppolicy.drivers import ( resource_mapping as api) LOG = logging.getLogger(__name__) SINGLE_ENTRY_ID = 'GBP' DRIVER_NAME = 'NSX Policy driver' DRIVER_OPT_GROUP = 'NSX_POLICY' NSX_V3_GROUP = 'nsx_v3' policy_opts = [ cfg.StrOpt('nsx_policy_manager', help=_("Nsx Policy manager IP address or host.")), cfg.StrOpt('nsx_policy_username', help=_("Nsx Policy username.")), cfg.StrOpt('nsx_policy_password', help=_("Nsx Policy password.")), cfg.StrOpt('nsx_manager_thumbprint', help=_("Thumbprint of nsx manager")) ] cfg.CONF.register_opts(policy_opts, DRIVER_OPT_GROUP) class HierarchicalContractsNotSupported(gpexc.GroupPolicyBadRequest): message = ("Hierarchy in rule sets is not supported with %s." % DRIVER_NAME)
class InvalidPreexistingBdForNetwork(exceptions.BadRequest): message = _("The Bridge Domain specified in apic:distinguished_names " "either does not exist in ACI or belongs to another network " "in this OpenStack instance.")
def get_description(cls): return _("Add proxy_group_id attribute to policy target groups.")
def __init__(self, **kwargs): kwargs.setdefault('details', _("See error log for details")) super(InternalError, self).__init__(**kwargs)
class PreExistingSVICannotBeConnectedToRouter(exceptions.BadRequest): message = _("A SVI network with pre-existing l3out is not allowed to " "be connected to a router.")
class UnscopedSharedNetworkProjectConflict(exceptions.BadRequest): message = _("Shared network %(net1)s from project %(proj1)s and shared " "network %(net2)s from project %(proj2)s cannot be combined " "in the same topology.")
class OnlyOneSubnetPerAddressFamilyInSVINetwork(exceptions.BadRequest): message = _("Only one subnet per address family is allowed in " "SVI network.")
class ScopeUpdateNotSupported(exceptions.BadRequest): message = _("Updating the address_scope of a subnetpool that is " "associated with routers is not currently supported.")
class ExhaustedApicRouterIdPool(exceptions.IpAddressGenerationFailure): message = _("All the IPs in the APIC router ID pool %(pool)s " "have been taken.")
class SnatPoolCannotBeUsedForFloatingIp(exceptions.InvalidInput): message = _("Floating IP cannot be allocated in SNAT host pool subnet.")
from gbpservice.neutron.services.grouppolicy import ( group_policy_driver_api as api) from gbpservice.neutron.services.grouppolicy.common import constants as gconst from gbpservice.neutron.services.grouppolicy.common import exceptions as exc from gbpservice.neutron.services.grouppolicy.common import utils as gutils from gbpservice.neutron.services.grouppolicy.drivers import nsp_manager from gbpservice.neutron.services.grouppolicy import sc_notifications LOG = logging.getLogger(__name__) SCI_CONSUMER_NOT_AVAILABLE = 'N/A' chain_mapping_opts = [ cfg.StrOpt('chain_owner_user', help=_("Chain owner username. If set, will be used in " "place of the Neutron service admin for retrieving " "tenant owner information through Keystone."), default=''), cfg.StrOpt('chain_owner_password', help=_("Chain owner password."), default='', secret=True), cfg.StrOpt('chain_owner_tenant_name', help=_("Name of the Tenant that will own the service chain " "instances for this driver. Leave empty for provider " "owned chains."), default=''), ] cfg.CONF.register_opts(chain_mapping_opts, "chain_mapping") cfg.CONF.import_opt('policy_drivers', 'gbpservice.neutron.services.grouppolicy.config',
class PreExistingSVICannotUseSameL3out(exceptions.BadRequest): message = _("Can not create a SVI network with pre-existing l3out " "if that l3out has been used by another SVI network.")
# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from oslo_config import cfg from gbpservice._i18n import _ group_policy_opts = [ cfg.ListOpt('policy_drivers', default=['dummy'], help=_("An ordered list of group policy driver " "entrypoints to be loaded from the " "gbpservice.neutron.group_policy.policy_drivers " "namespace.")), cfg.ListOpt('extension_drivers', default=[], help=_("An ordered list of extension driver " "entrypoints to be loaded from the " "gbpservice.neutron.group_policy.extension_drivers " "namespace.")), ] cfg.CONF.register_opts(group_policy_opts, "group_policy")
class ExternalSubnetOverlapInL3Out(exceptions.BadRequest): message = _("External subnet CIDR %(cidr)s overlaps with existing " "subnets in APIC L3Outside %(l3out)s.")
def get_description(cls): return _("This extension supports a list of (micro)segmentation " "labels that can be applied to the Policy Target resource.")
class ExternalSubnetNotAllowed(exceptions.BadRequest): message = _("Connecting port or subnet which is on external network " "%(network_id)s as a router interface is not allowed. " "External networks can only be used as router gateways.")
def get_description(cls): return _("Adds test attributes to ML2Plus resources.")
class ActiveActiveAAPSubnetConnectedToRouter(exceptions.BadRequest): message = _("Subnet %(subnet_id)s can not be connected to a router " "because its an active active AAP subnet.")
scc.VALID_INSERTION_MODES}, 'is_visible': True, 'default': None}, 'service_type': {'allow_post': True, 'allow_put': True, 'validate': {'type:string': None}, 'is_visible': True, 'required': True}, 'service_flavor': {'allow_post': True, 'allow_put': True, 'validate': {'type:string_or_none': None}, 'is_visible': True, 'default': None}, }, } service_chain_quota_opts = [ cfg.IntOpt('quota_servicechain_node', default=-1, help=_('Number of Service Chain Nodes allowed per tenant. ' 'A negative value means unlimited.')), cfg.IntOpt('quota_servicechain_spec', default=-1, help=_('Number of Service Chain Specs allowed per tenant. ' 'A negative value means unlimited.')), cfg.IntOpt('quota_servicechain_instance', default=-1, help=_('Number of Service Chain Instances allowed per tenant. ' 'A negative value means unlimited.')), cfg.IntOpt('quota_service_profile', default=-1, help=_('Number of Service Profiles allowed per tenant. ' 'A negative value means unlimited.')), ] cfg.CONF.register_opts(service_chain_quota_opts, 'QUOTAS')
def get_plugin_description(): return _("L3 Router Service Plugin using the APIC via AIM")