def delete_vdom(obj, context, **kwargs):
cls = fortinet_db.Fortinet_ML2_Namespace
namespace = fortinet_db.query_record(context, cls, **kwargs)
if namespace:
tenant_id = namespace.tenant_id
if not fortinet_db.query_count(context, l3_db.Router,
tenant_id=tenant_id) and \
not fortinet_db.query_count(context, models_v2.Network,
tenant_id=tenant_id) and \
not fortinet_db.query_count(context, l3_db.FloatingIP,
tenant_id=tenant_id):
try:
op(obj, context, resources.Vdom.get, name=namespace.vdom)
op(obj, context, resources.Vdom.delete, name=namespace.vdom)
except Exception as e:
resources.Exinfo(e)
fortinet_db.delete_record(context, cls, **kwargs)
else:
db_routers = fortinet_db.query_records(context, l3_db.Router,
tenant_id=tenant_id)
db_networks = fortinet_db.query_records(context, models_v2.Network,
tenant_id=tenant_id)
db_fips = fortinet_db.query_records(context, l3_db.FloatingIP,
tenant_id=tenant_id)
LOG.debug("Keeping vdom, because existing db_routers: %(routers)s,"
"db_networks: %(networks)s, db_fips: %(fips)s",
{'routers': db_routers, 'networks': db_networks,
'fips': db_fips})
return namespace
def delete_vdom(obj, context, **kwargs):
cls = fortinet_db.Fortinet_ML2_Namespace
namespace = fortinet_db.query_record(context, cls, **kwargs)
if namespace:
tenant_id = namespace.tenant_id
if not fortinet_db.query_count(context, l3_db.Router,
tenant_id=tenant_id) and \
not fortinet_db.query_count(context, models_v2.Network,
tenant_id=tenant_id) and \
not fortinet_db.query_count(context, l3_db.FloatingIP,
tenant_id=tenant_id):
try:
op(obj, context, resources.Vdom.get, name=namespace.vdom)
op(obj, context, resources.Vdom.delete, name=namespace.vdom)
except Exception as e:
resources.Exinfo(e)
fortinet_db.delete_record(context, cls, **kwargs)
else:
db_routers = fortinet_db.query_records(context,
l3_db.Router,
tenant_id=tenant_id)
db_networks = fortinet_db.query_records(context,
models_v2.Network,
tenant_id=tenant_id)
db_fips = fortinet_db.query_records(context,
l3_db.FloatingIP,
tenant_id=tenant_id)
LOG.debug(
"Keeping vdom, because existing db_routers: %(routers)s,"
"db_networks: %(networks)s, db_fips: %(fips)s", {
'routers': db_routers,
'networks': db_networks,
'fips': db_fips
})
return namespace
def delete_vlink(obj, context, tenant_id):
if fortinet_db.query_count(context, l3_db.Router,
tenant_id=tenant_id) or \
fortinet_db.query_count(context, l3_db.FloatingIP,
tenant_id=tenant_id):
db_routers = fortinet_db.query_records(context,
l3_db.Router,
tenant_id=tenant_id)
db_fips = fortinet_db.query_records(context,
l3_db.FloatingIP,
tenant_id=tenant_id)
LOG.debug(
"Keeping vlink, because existing data "
"db_routers: %(routers)s, db_fips: %(fips)s", {
'routers': db_routers,
'fips': db_fips
})
return False
vdom = fortinet_db.query_record(context,
fortinet_db.Fortinet_ML2_Namespace,
tenant_id=tenant_id).vdom
vlink_vlan = fortinet_db.query_record(
context,
fortinet_db.Fortinet_Vlink_Vlan_Allocation,
vdom=vdom,
allocated=True)
if not vlink_vlan:
return False
vlink_ip = fortinet_db.query_record(
context,
fortinet_db.Fortinet_Vlink_IP_Allocation,
vdom=vdom,
vlink_id=vlink_vlan.id,
allocated=True)
if not vlink_ip:
return False
"""
delete_fwpolicy(obj, context,
vdom=const.EXT_VDOM,
srcintf=vlink_vlan.inf_name_ext_vdom,
dstintf=obj._fortigate['ext_interface'],
nat='enable')"""
gateway_ip = get_ipaddr(netaddr.IPNetwork(vlink_ip.vlink_ip_subnet), 1)
delete_routerstatic(obj,
context,
vdom=vdom,
dst=const.EXT_DEF_DST,
device=vlink_vlan.inf_name_int_vdom,
gateway=gateway_ip)
delete_vlink_intf(obj, context, vlink_vlan)
fortinet_db.delete_record(context,
fortinet_db.Fortinet_Vlink_IP_Allocation,
vdom=vdom,
vlink_id=vlink_vlan.id)
fortinet_db.delete_record(context,
fortinet_db.Fortinet_Vlink_Vlan_Allocation,
id=vlink_vlan.id)
return True
def delete_vlink(obj, context, tenant_id):
if fortinet_db.query_count(context, l3_db.Router,
tenant_id=tenant_id) or \
fortinet_db.query_count(context, l3_db.FloatingIP,
tenant_id=tenant_id):
db_routers = fortinet_db.query_records(context, l3_db.Router,
tenant_id=tenant_id)
db_fips = fortinet_db.query_records(context, l3_db.FloatingIP,
tenant_id=tenant_id)
LOG.debug("Keeping vlink, because existing data "
"db_routers: %(routers)s, db_fips: %(fips)s",
{'routers': db_routers, 'fips': db_fips})
return False
vdom = fortinet_db.query_record(context,
fortinet_db.Fortinet_ML2_Namespace,
tenant_id=tenant_id).vdom
vlink_vlan = fortinet_db.query_record(context,
fortinet_db.Fortinet_Vlink_Vlan_Allocation,
vdom=vdom,
allocated=True)
if not vlink_vlan:
return False
vlink_ip = fortinet_db.query_record(context,
fortinet_db.Fortinet_Vlink_IP_Allocation,
vdom=vdom,
vlink_id=vlink_vlan.id,
allocated=True)
if not vlink_ip:
return False
"""
delete_fwpolicy(obj, context,
vdom=const.EXT_VDOM,
srcintf=vlink_vlan.inf_name_ext_vdom,
dstintf=obj._fortigate['ext_interface'],
nat='enable')"""
gateway_ip = get_ipaddr(netaddr.IPNetwork(vlink_ip.vlink_ip_subnet), 1)
delete_routerstatic(obj, context,
vdom=vdom,
dst=const.EXT_DEF_DST,
device=vlink_vlan.inf_name_int_vdom,
gateway=gateway_ip)
delete_vlink_intf(obj, context, vlink_vlan)
fortinet_db.delete_record(context,
fortinet_db.Fortinet_Vlink_IP_Allocation,
vdom=vdom,
vlink_id=vlink_vlan.id)
fortinet_db.delete_record(context,
fortinet_db.Fortinet_Vlink_Vlan_Allocation,
id=vlink_vlan.id)
return True
def create_router(self, context, router):
LOG.debug("create_router: router=%s", router)
# Limit one router per tenant
if not router.get('router', None):
return
tenant_id = router['router']['tenant_id']
if fortinet_db.query_count(context, l3_db.Router,
tenant_id=tenant_id):
raise Exception(_("FortinetL3ServicePlugin:create_router "
"Only support one router per tenant"))
with context.session.begin(subtransactions=True):
try:
namespace = utils.add_vdom(self, context, tenant_id=tenant_id)
utils.add_vlink(self, context, namespace.vdom)
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.error(_LE("Failed to create_router router=%(router)s"),
{"router": router})
utils._rollback_on_err(self, context, e)
utils.update_status(self, context, t_consts.TaskStatus.COMPLETED)
return super(FortinetL3ServicePlugin, self).\
create_router(context, router)
def create_router(self, context, router):
LOG.debug("create_router: router=%s", router)
# Limit one router per tenant
if not router.get('router', None):
return
tenant_id = router['router']['tenant_id']
if fortinet_db.query_count(context, l3_db.Router, tenant_id=tenant_id):
raise Exception(
_("FortinetL3ServicePlugin:create_router "
"Only support one router per tenant"))
with context.session.begin(subtransactions=True):
try:
namespace = utils.add_vdom(self, context, tenant_id=tenant_id)
utils.add_vlink(self, context, namespace.vdom)
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.error(_LE("Failed to create_router router=%(router)s"),
{"router": router})
utils._rollback_on_err(self, context, e)
utils.update_status(self, context, t_consts.TaskStatus.COMPLETED)
return super(FortinetL3ServicePlugin, self).\
create_router(context, router)
def port_migration(context, mech_driver, l3_driver):
"""
:param mech_driver:
:param context:
:return:
# table ports
port
{
'status': 'DOWN',
'binding: host_id': '',
'allowed_address_pairs': [],
'device_owner': 'network: router_interface',
'binding: profile': {
},
# table ipallocations
'fixed_ips': [{
'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7',
'ip_address': u'172.20.21.1'
}],
'id': 'fb66def6-bd5e-44a0-a3f7-7c0e8e08d9ff',
'security_groups': [],
'device_id': u'e4020c65-7003-468b-a34d-31af297397a0',
'name': '',
'admin_state_up': True,
'network_id': u'f8e34426-ccf7-429c-b726-3809d54cabdc',
'tenant_id': u'11513667f4ee4a14acb0985659456f24',
'binding: vif_details': {
},
'binding: vnic_type': 'normal',
'binding: vif_type': 'unbound',
'mac_address': u'00: 0c: 29: d9: 18: 3f'
}
"""
port = {
'device_owner': 'network: router_interface',
'fixed_ips': [{
'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7',
'ip_address': u'172.20.21.1'
}],
'id': 'fb66def6-bd5e-44a0-a3f7-7c0e8e08d9ff',
'device_id': u'e4020c65-7003-468b-a34d-31af297397a0',
'admin_state_up': True,
'network_id': u'f8e34426-ccf7-429c-b726-3809d54cabdc',
'tenant_id': u'11513667f4ee4a14acb0985659456f24',
'mac_address': u'00: 0c: 29: d9: 18: 3f'
}
ipallocation = {
'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7',
'ip_address': u'172.20.21.1'
}
MAC = utils.get_mac(mech_driver, context)
records = fortinet_db.query_records(context, models_v2.Port)
with Progress(len(records), 'port_migration') as p:
for record in records:
reset(port)
cls2dict(record, port)
if port['fixed_ips']:
fixed_ips = []
for fixed_ip in port['fixed_ips']:
cls2dict(fixed_ip, ipallocation)
fixed_ips.append(ipallocation)
port['fixed_ips'] = fixed_ips
if port['device_owner'] in [ROUTER_INTF, ROUTER_GW] and \
MAC not in port['mac_address']:
port['mac_address'] = MAC
if not fortinet_db.query_count(context, models_v2.Port,
mac_address=MAC,
network_id=record.network_id):
fortinet_db.update_record(context, record,
mac_address=MAC)
mech_context = Fake_mech_context(_plugin_context=context,
current=port)
mech_driver.create_port_precommit(mech_context)
mech_driver.create_port_postcommit(mech_context)
db_routerport = fortinet_db.query_record(context,
l3_db.RouterPort,
port_id=record.id)
if getattr(db_routerport, 'port_type', None) in [ROUTER_INTF]:
l3_driver.add_router_interface(context, port)
p.update()
def port_migration(context, mech_driver, l3_driver):
"""
:param mech_driver:
:param context:
:return:
# table ports
port
{
'status': 'DOWN',
'binding: host_id': '',
'allowed_address_pairs': [],
'device_owner': 'network: router_interface',
'binding: profile': {
},
# table ipallocations
'fixed_ips': [{
'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7',
'ip_address': u'172.20.21.1'
}],
'id': 'fb66def6-bd5e-44a0-a3f7-7c0e8e08d9ff',
'security_groups': [],
'device_id': u'e4020c65-7003-468b-a34d-31af297397a0',
'name': '',
'admin_state_up': True,
'network_id': u'f8e34426-ccf7-429c-b726-3809d54cabdc',
'tenant_id': u'11513667f4ee4a14acb0985659456f24',
'binding: vif_details': {
},
'binding: vnic_type': 'normal',
'binding: vif_type': 'unbound',
'mac_address': u'00: 0c: 29: d9: 18: 3f'
}
"""
port = {
'device_owner':
'network: router_interface',
'fixed_ips': [{
'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7',
'ip_address': u'172.20.21.1'
}],
'id':
'fb66def6-bd5e-44a0-a3f7-7c0e8e08d9ff',
'device_id':
u'e4020c65-7003-468b-a34d-31af297397a0',
'admin_state_up':
True,
'network_id':
u'f8e34426-ccf7-429c-b726-3809d54cabdc',
'tenant_id':
u'11513667f4ee4a14acb0985659456f24',
'mac_address':
u'00: 0c: 29: d9: 18: 3f'
}
ipallocation = {
'subnet_id': u'f645b09c-a34a-42fb-9c14-b999e43a54c7',
'ip_address': u'172.20.21.1'
}
MAC = utils.get_mac(mech_driver, context)
records = fortinet_db.query_records(context, models_v2.Port)
with Progress(len(records), 'port_migration') as p:
for record in records:
reset(port)
cls2dict(record, port)
if port['fixed_ips']:
fixed_ips = []
for fixed_ip in port['fixed_ips']:
cls2dict(fixed_ip, ipallocation)
fixed_ips.append(ipallocation)
port['fixed_ips'] = fixed_ips
if port['device_owner'] in [ROUTER_INTF, ROUTER_GW] and \
MAC not in port['mac_address']:
port['mac_address'] = MAC
if not fortinet_db.query_count(context,
models_v2.Port,
mac_address=MAC,
network_id=record.network_id):
fortinet_db.update_record(context, record, mac_address=MAC)
mech_context = Fake_mech_context(_plugin_context=context,
current=port)
mech_driver.create_port_precommit(mech_context)
mech_driver.create_port_postcommit(mech_context)
db_routerport = fortinet_db.query_record(context,
l3_db.RouterPort,
port_id=record.id)
if getattr(db_routerport, 'port_type', None) in [ROUTER_INTF]:
l3_driver.add_router_interface(context, port)
p.update()
