Python _ примеры использования

Пример #1

Файл: cisco_csr_db.py Проект: net-ranger/neutron-vpnaas

def create_tunnel_mapping(context, conn_info):
    """Create Cisco CSR IDs, using mapping table and OpenStack UUIDs."""
    conn_id = conn_info['id']
    ike_policy_id = conn_info['ikepolicy_id']
    ipsec_policy_id = conn_info['ipsecpolicy_id']
    tenant_id = conn_info['tenant_id']
    with context.session.begin():
        csr_tunnel_id = get_next_available_tunnel_id(context.session)
        csr_ike_id = determine_csr_ike_policy_id(ike_policy_id, conn_id,
                                                 context.session)
        csr_ipsec_id = determine_csr_ipsec_policy_id(ipsec_policy_id, conn_id,
                                                     context.session)
        map_entry = IdentifierMap(tenant_id=tenant_id,
                                  ipsec_site_conn_id=conn_id,
                                  csr_tunnel_id=csr_tunnel_id,
                                  csr_ike_policy_id=csr_ike_id,
                                  csr_ipsec_policy_id=csr_ipsec_id)
        try:
            context.session.add(map_entry)
            # Force committing to database
            context.session.flush()
        except db_exc.DBDuplicateEntry:
            msg = _("Attempt to create duplicate entry in Cisco CSR "
                    "mapping table for connection %s") % conn_id
            raise CsrInternalError(reason=msg)
        LOG.info(_LI("Mapped connection %(conn_id)s to Tunnel%(tunnel_id)d "
                     "using IKE policy ID %(ike_id)d and IPSec policy "
                     "ID %(ipsec_id)d"),
                 {'conn_id': conn_id, 'tunnel_id': csr_tunnel_id,
                  'ike_id': csr_ike_id, 'ipsec_id': csr_ipsec_id})

Пример #2

def get_next_available_id(session, table_field, id_type):
    """Find first unused id for the specified field in IdentifierMap table.

    As entries are removed, find the first "hole" and return that as the
    next available ID. To improve performance, artificially limit
    the number of entries to a smaller range. Currently, these IDs are
    globally unique. Could enhance in the future to be unique per router
    (CSR).
    """
    min_value = MAPPING_LIMITS[id_type][0]
    max_value = MAPPING_LIMITS[id_type][1]
    rows = session.query(table_field).order_by(table_field)
    used_ids = set([row[0] for row in rows])
    all_ids = set(range(min_value, max_value + min_value))
    available_ids = all_ids - used_ids
    if not available_ids:
        msg = _("No available Cisco CSR %(type)s IDs from "
                "%(min)d..%(max)d") % {
                    'type': id_type,
                    'min': min_value,
                    'max': max_value
                }
        LOG.error(msg)
        raise IndexError(msg)
    return available_ids.pop()

Пример #3

def create_tunnel_mapping(context, conn_info):
    """Create Cisco CSR IDs, using mapping table and OpenStack UUIDs."""
    conn_id = conn_info['id']
    ike_policy_id = conn_info['ikepolicy_id']
    ipsec_policy_id = conn_info['ipsecpolicy_id']
    tenant_id = conn_info['tenant_id']
    with context.session.begin():
        csr_tunnel_id = get_next_available_tunnel_id(context.session)
        csr_ike_id = determine_csr_ike_policy_id(ike_policy_id, conn_id,
                                                 context.session)
        csr_ipsec_id = determine_csr_ipsec_policy_id(ipsec_policy_id, conn_id,
                                                     context.session)
        map_entry = IdentifierMap(tenant_id=tenant_id,
                                  ipsec_site_conn_id=conn_id,
                                  csr_tunnel_id=csr_tunnel_id,
                                  csr_ike_policy_id=csr_ike_id,
                                  csr_ipsec_policy_id=csr_ipsec_id)
        try:
            context.session.add(map_entry)
            # Force committing to database
            context.session.flush()
        except db_exc.DBDuplicateEntry:
            msg = _("Attempt to create duplicate entry in Cisco CSR "
                    "mapping table for connection %s") % conn_id
            raise CsrInternalError(reason=msg)
        LOG.info(
            "Mapped connection %(conn_id)s to Tunnel%(tunnel_id)d "
            "using IKE policy ID %(ike_id)d and IPSec policy "
            "ID %(ipsec_id)d", {
                'conn_id': conn_id,
                'tunnel_id': csr_tunnel_id,
                'ike_id': csr_ike_id,
                'ipsec_id': csr_ipsec_id
            })

Пример #4

Файл: netns_wrapper.py Проект: hellochosen/neutron-vpnaas

def setup_conf():
    cli_opts = [
        cfg.DictOpt('mount_paths',
                    required=True,
                    help=_('Dict of paths to bind-mount (source:target) '
                           'prior to launch subprocess.')),
        cfg.ListOpt('cmd',
                    required=True,
                    help=_('Command line to execute as a subprocess '
                           'provided as comma-separated list of arguments.')),
        cfg.StrOpt('rootwrap_config',
                   default='/etc/neutron/rootwrap.conf',
                   help=_('Rootwrap configuration file.')),
    ]
    conf = cfg.CONF
    conf.register_cli_opts(cli_opts)
    return conf

Пример #5

Файл: netns_wrapper.py Проект: JinJingLin/neutron-vpnaas

def setup_conf():
    cli_opts = [
        cfg.DictOpt('mount_paths',
                    required=True,
                    help=_('Dict of paths to bind-mount (source:target) '
                           'prior to launch subprocess.')),
        cfg.ListOpt(
            'cmd',
            required=True,
            help=_('Command line to execute as a subprocess '
                   'provided as comma-separated list of arguments.')),
        cfg.StrOpt('rootwrap_config', default='/etc/neutron/rootwrap.conf',
                   help=_('Rootwrap configuration file.')),
    ]
    conf = cfg.CONF
    conf.register_cli_opts(cli_opts)
    return conf

Пример #6

Файл: vpn_validator.py Проект: JinJingLin/neutron-vpnaas

 def _validate_cidrs(self, cidrs):
     """Ensure valid IPv4/6 CIDRs."""
     for cidr in cidrs:
         msg = attributes._validate_subnet(cidr)
         if msg:
             raise vpnaas.InvalidEndpointInEndpointGroup(
                 group_type=constants.CIDR_ENDPOINT, endpoint=cidr,
                 why=_("Invalid CIDR"))

Пример #7

Файл: cisco_csr_db.py Проект: net-ranger/neutron-vpnaas

def lookup_policy(policy_type, policy_field, conn_id, session):
    """Obtain specified policy's mapping from other connection."""
    try:
        return session.query(policy_field).filter_by(
            ipsec_site_conn_id=conn_id).one()[0]
    except sql_exc.NoResultFound:
        msg = _("Database inconsistency between IPSec connection and "
                "Cisco CSR mapping table (%s)") % policy_type
        raise CsrInternalError(reason=msg)

Пример #8

def lookup_policy(policy_type, policy_field, conn_id, session):
    """Obtain specified policy's mapping from other connection."""
    try:
        return session.query(policy_field).filter_by(
            ipsec_site_conn_id=conn_id).one()[0]
    except sql_exc.NoResultFound:
        msg = _("Database inconsistency between IPSec connection and "
                "Cisco CSR mapping table (%s)") % policy_type
        raise CsrInternalError(reason=msg)

Пример #9

Файл: vpn_validator.py Проект: ibuystuff/neutron-vpnaas

 def _validate_cidrs(self, cidrs):
     """Ensure valid IPv4/6 CIDRs."""
     for cidr in cidrs:
         msg = validators.validate_subnet(cidr)
         if msg:
             raise vpnaas.InvalidEndpointInEndpointGroup(
                 group_type=constants.CIDR_ENDPOINT,
                 endpoint=cidr,
                 why=_("Invalid CIDR"))

Пример #10

Файл: vyatta_ipsec.py Проект: yo-iura/neutron-vpnaas

 def _get_router_gw_iface(self, vrouter, router_id):
     router = self.vpn_service.get_router(router_id)
     try:
         gw_interface = vrouter.get_ethernet_if_id(
             router['gw_port']['mac_address'])
     except KeyError:
         raise v_exc.InvalidL3AgentStateError(description=_(
             'Router id={0} have no external gateway.').format(
                 router['id']))
     return gw_interface

Пример #11

Файл: vpn_validator.py Проект: ibuystuff/neutron-vpnaas

 def _validate_subnets(self, context, subnet_ids):
     """Ensure UUIDs OK and subnets exist."""
     for subnet_id in subnet_ids:
         msg = validators.validate_uuid(subnet_id)
         if msg:
             raise vpnaas.InvalidEndpointInEndpointGroup(
                 group_type=constants.SUBNET_ENDPOINT,
                 endpoint=subnet_id,
                 why=_('Invalid UUID'))
         try:
             self.core_plugin.get_subnet(context, subnet_id)
         except nexception.SubnetNotFound:
             raise vpnaas.NonExistingSubnetInEndpointGroup(subnet=subnet_id)

Пример #12

Файл: vpn_validator.py Проект: JinJingLin/neutron-vpnaas

 def _validate_subnets(self, context, subnet_ids):
     """Ensure UUIDs OK and subnets exist."""
     for subnet_id in subnet_ids:
         msg = attributes._validate_uuid(subnet_id)
         if msg:
             raise vpnaas.InvalidEndpointInEndpointGroup(
                 group_type=constants.SUBNET_ENDPOINT, endpoint=subnet_id,
                 why=_('Invalid UUID'))
         try:
             self.core_plugin.get_subnet(context, subnet_id)
         except nexception.SubnetNotFound:
             raise vpnaas.NonExistingSubnetInEndpointGroup(
                 subnet=subnet_id)

Пример #13

Файл: cisco_csr_db.py Проект: net-ranger/neutron-vpnaas

def get_tunnel_mapping_for(conn_id, session):
    try:
        entry = session.query(IdentifierMap).filter_by(
            ipsec_site_conn_id=conn_id).one()
        LOG.debug("Mappings for IPSec connection %(conn)s - "
                  "tunnel=%(tunnel)s ike_policy=%(csr_ike)d "
                  "ipsec_policy=%(csr_ipsec)d",
                  {'conn': conn_id, 'tunnel': entry.csr_tunnel_id,
                   'csr_ike': entry.csr_ike_policy_id,
                   'csr_ipsec': entry.csr_ipsec_policy_id})
        return (entry.csr_tunnel_id, entry.csr_ike_policy_id,
                entry.csr_ipsec_policy_id)
    except sql_exc.NoResultFound:
        msg = _("Existing entry for IPSec connection %s not found in Cisco "
                "CSR mapping table") % conn_id
        raise CsrInternalError(reason=msg)

Пример #14

def get_tunnel_mapping_for(conn_id, session):
    try:
        entry = session.query(IdentifierMap).filter_by(
            ipsec_site_conn_id=conn_id).one()
        LOG.debug("Mappings for IPSec connection %(conn)s - "
                  "tunnel=%(tunnel)s ike_policy=%(csr_ike)d "
                  "ipsec_policy=%(csr_ipsec)d",
                  {'conn': conn_id, 'tunnel': entry.csr_tunnel_id,
                   'csr_ike': entry.csr_ike_policy_id,
                   'csr_ipsec': entry.csr_ipsec_policy_id})
        return (entry.csr_tunnel_id, entry.csr_ike_policy_id,
                entry.csr_ipsec_policy_id)
    except sql_exc.NoResultFound:
        msg = _("Existing entry for IPSec connection %s not found in Cisco "
                "CSR mapping table") % conn_id
        raise CsrInternalError(reason=msg)

Пример #15

Файл: cisco_csr_db.py Проект: net-ranger/neutron-vpnaas

def get_next_available_id(session, table_field, id_type):
    """Find first unused id for the specified field in IdentifierMap table.

    As entries are removed, find the first "hole" and return that as the
    next available ID. To improve performance, artificially limit
    the number of entries to a smaller range. Currently, these IDs are
    globally unique. Could enhance in the future to be unique per router
    (CSR).
    """
    min_value = MAPPING_LIMITS[id_type][0]
    max_value = MAPPING_LIMITS[id_type][1]
    rows = session.query(table_field).order_by(table_field)
    used_ids = set([row[0] for row in rows])
    all_ids = set(range(min_value, max_value + min_value))
    available_ids = all_ids - used_ids
    if not available_ids:
        msg = _("No available Cisco CSR %(type)s IDs from "
                "%(min)d..%(max)d") % {'type': id_type,
                                       'min': min_value,
                                       'max': max_value}
        LOG.error(msg)
        raise IndexError(msg)
    return available_ids.pop()

Пример #16

class IPsecSiteConnectionPeerCidrError(nexception.InvalidInput):
    message = _("ipsec_site_connection peer cidr %(peer_cidr)s is "
                "invalid CIDR")

Пример #17

Файл: vyatta_agent.py Проект: JinJingLin/neutron-vpnaas

#

from networking_brocade.vyatta.common import l3_agent as vyatta_l3
from neutron.agent import l3_agent as entry
from oslo_config import cfg

from neutron_vpnaas._i18n import _
from neutron_vpnaas.services.vpn import vyatta_vpn_service


vpn_agent_opts = [
    cfg.MultiStrOpt(
        'vpn_device_driver',
        default=['neutron_vpnaas.services.vpn.device_drivers.'
                 'vyatta_ipsec.VyattaIPSecDriver'],
        help=_("The vpn device drivers Neutron will use")),
]
cfg.CONF.register_opts(vpn_agent_opts, 'vpnagent')


class VyattaVPNAgent(vyatta_l3.L3AgentMiddleware):
    def __init__(self, host, conf=None):
        super(VyattaVPNAgent, self).__init__(host, conf)
        self.service = vyatta_vpn_service.VyattaVPNService(self)
        self.device_drivers = self.service.load_device_drivers(host)


def main():
    entry.main(
        manager='neutron_vpnaas.services.vpn.vyatta_agent.VyattaVPNAgent')

Пример #18

Файл: strongswan_ipsec.py Проект: yo-iura/neutron-vpnaas

from oslo_config import cfg

from neutron.agent.linux import ip_lib
from neutron.plugins.common import constants

from neutron_vpnaas._i18n import _
from neutron_vpnaas.services.vpn.device_drivers import ipsec

TEMPLATE_PATH = os.path.dirname(os.path.abspath(__file__))

strongswan_opts = [
    cfg.StrOpt('ipsec_config_template',
               default=os.path.join(TEMPLATE_PATH,
                                    'template/strongswan/ipsec.conf.template'),
               help=_('Template file for ipsec configuration.')),
    cfg.StrOpt('strongswan_config_template',
               default=os.path.join(
                   TEMPLATE_PATH,
                   'template/strongswan/strongswan.conf.template'),
               help=_('Template file for strongswan configuration.')),
    cfg.StrOpt('ipsec_secret_template',
               default=os.path.join(
                   TEMPLATE_PATH, 'template/strongswan/ipsec.secret.template'),
               help=_('Template file for ipsec secret configuration.')),
    cfg.StrOpt('default_config_area',
               default=os.path.join(TEMPLATE_PATH, '/etc/strongswan.d'),
               help=_('The area where default StrongSwan configuration '
                      'files are located.'))
]
cfg.CONF.register_opts(strongswan_opts, 'strongswan')

Пример #19

class DeviceDriverImportError(nexception.NeutronException):
    message = _("Can not load driver :%(device_driver)s")

Пример #20

class VPNStateInvalidToUpdate(nexception.BadRequest):
    message = _("Invalid state %(state)s of vpnaas resource %(id)s"
                " for updating")

Пример #21

class SubnetInUseByEndpointGroup(nexception.InUse):
    message = _("Subnet %(subnet_id)s is used by endpoint group %(group_id)s")

Пример #22

class VPNServiceInUse(nexception.InUse):
    message = _("VPNService %(vpnservice_id)s is still in use")

Пример #23

class MissingPeerCidrs(nexception.BadRequest):
    message = _("Missing peer CIDRs for IPsec site-to-site connection")

Пример #24

Файл: cisco_ipsec.py Проект: JinJingLin/neutron-vpnaas

from oslo_config import cfg
from oslo_log import log as logging
import oslo_messaging
from oslo_service import loopingcall

from neutron_vpnaas._i18n import _, _LE, _LI, _LW
from neutron_vpnaas.services.vpn.common import topics
from neutron_vpnaas.services.vpn import device_drivers
from neutron_vpnaas.services.vpn.device_drivers import (
    cisco_csr_rest_client as csr_client)


ipsec_opts = [
    cfg.IntOpt('status_check_interval',
               default=60,
               help=_("Status check interval for Cisco CSR IPSec connections"))
]
cfg.CONF.register_opts(ipsec_opts, 'cisco_csr_ipsec')

LOG = logging.getLogger(__name__)

RollbackStep = collections.namedtuple('RollbackStep',
                                      ['action', 'resource_id', 'title'])


class CsrResourceCreateFailure(nexception.NeutronException):
    message = _("Cisco CSR failed to create %(resource)s (%(which)s)")


class CsrAdminStateChangeFailure(nexception.NeutronException):
    message = _("Cisco CSR failed to change %(tunnel)s admin state to "

Пример #25

class WrongEndpointGroupType(nexception.BadRequest):
    message = _("Endpoint group %(which)s type is '%(group_type)s' and "
                "should be '%(expected)s'")

Пример #26

class InvalidEndpointGroup(nexception.BadRequest):
    message = _("Endpoint group%(suffix)s %(which)s cannot be specified, "
                "when VPN Service has subnet specified")

Пример #27

Файл: ipsec.py Проект: yo-iura/neutron-vpnaas

import oslo_messaging
from oslo_service import loopingcall

from neutron_vpnaas._i18n import _, _LE, _LI, _LW
from neutron_vpnaas.extensions import vpnaas
from neutron_vpnaas.services.vpn.common import topics
from neutron_vpnaas.services.vpn import device_drivers

LOG = logging.getLogger(__name__)
TEMPLATE_PATH = os.path.dirname(os.path.abspath(__file__))

ipsec_opts = [
    cfg.StrOpt(
        'config_base_dir',
        default='$state_path/ipsec',
        help=_('Location to store ipsec server config files')),
    cfg.IntOpt('ipsec_status_check_interval',
               default=60,
               help=_("Interval for checking ipsec status")),
    cfg.BoolOpt('enable_detailed_logging',
                default=False,
                help=_("Enable detail logging for ipsec pluto process. "
                       "If the flag set to True, the detailed logging will "
                       "be written into config_base_dir/<pid>/log. "
                       "Note: This setting applies to OpenSwan and LibreSwan "
                       "only. StrongSwan logs to syslog.")),
]
cfg.CONF.register_opts(ipsec_opts, 'ipsec')

openswan_opts = [
    cfg.StrOpt(

Пример #28

Файл: strongswan_ipsec.py Проект: openstack/neutron-vpnaas

from neutron.agent.linux import utils
from neutron_lib import constants

from neutron_vpnaas._i18n import _
from neutron_vpnaas.services.vpn.device_drivers import ipsec

LOG = logging.getLogger(__name__)
TEMPLATE_PATH = os.path.dirname(os.path.abspath(__file__))

strongswan_opts = [
    cfg.StrOpt(
        'ipsec_config_template',
        default=os.path.join(
            TEMPLATE_PATH,
            'template/strongswan/ipsec.conf.template'),
        help=_('Template file for ipsec configuration.')),
    cfg.StrOpt(
        'strongswan_config_template',
        default=os.path.join(
            TEMPLATE_PATH,
            'template/strongswan/strongswan.conf.template'),
        help=_('Template file for strongswan configuration.')),
    cfg.StrOpt(
        'ipsec_secret_template',
        default=os.path.join(
            TEMPLATE_PATH,
            'template/strongswan/ipsec.secret.template'),
        help=_('Template file for ipsec secret configuration.')),
    cfg.StrOpt(
        'default_config_area',
        default=os.path.join(

Пример #29

class IKEPolicyNotFound(nexception.NotFound):
    message = _("IKEPolicy %(ikepolicy_id)s could not be found")

Пример #30

class IPsecPolicyNotFound(nexception.NotFound):
    message = _("IPsecPolicy %(ipsecpolicy_id)s could not be found")

Пример #31

class MissingRequiredEndpointGroup(nexception.BadRequest):
    message = _("Missing endpoint group%(suffix)s %(which)s for IPSec "
                "site-to-site connection")

Пример #32

class SubnetInUseByVPNService(nexception.InUse):
    message = _("Subnet %(subnet_id)s is used by VPNService %(vpnservice_id)s")

Пример #33

class EndpointGroupInUse(nexception.BadRequest):
    message = _("Endpoint group %(group_id)s is in use and cannot be deleted")

Пример #34

class SubnetInUseByIPsecSiteConnection(nexception.InUse):
    message = _("Subnet %(subnet_id)s is used by ipsec site connection "
                "%(ipsec_site_connection_id)s")

Пример #35

class VPNServiceNotFound(nexception.NotFound):
    message = _("VPNService %(vpnservice_id)s could not be found")

Пример #36

class IPsecPolicyInUse(nexception.InUse):
    message = _("IPsecPolicy %(ipsecpolicy_id)s is in use by existing "
                "IPsecSiteConnection and can't be updated or deleted")

Пример #37

class IPsecSiteConnectionNotFound(nexception.NotFound):
    message = _("ipsec_site_connection %(ipsec_site_conn_id)s not found")

Пример #38

class SubnetIsNotConnectedToRouter(nexception.BadRequest):
    message = _("Subnet %(subnet_id)s is not "
                "connected to Router %(router_id)s")

Пример #39

class IPsecSiteConnectionDpdIntervalValueError(nexception.InvalidInput):
    message = _("ipsec_site_connection %(attr)s is "
                "equal to or less than dpd_interval")

Пример #40

class PeerCidrsInvalid(nexception.BadRequest):
    message = _("Peer CIDRs cannot be specified, when using endpoint "
                "groups")

Пример #41

class IPsecSiteConnectionMtuError(nexception.InvalidInput):
    message = _("ipsec_site_connection MTU %(mtu)d is too small "
                "for ipv%(version)s")