def get_gateway_port_vlan(self, tenant_id, gw_intf_id):
try:
vlan = gw_helper.get_gateway_port_vlan(self.restproxy, gw_intf_id)
# Get the perm if it exists
perm = gw_helper.get_tenant_perm(self.restproxy, gw_intf_id)
if perm:
vlan['assignedTo'] = perm['permittedEntityName']
ret = gw_helper.make_gw_vlan_dict(vlan)
return ret
except Exception as e:
if e.code == constants.RES_NOT_FOUND:
return []
raise
def get_gateway_vports(self, context, tenant_id, netpart_id, filters):
subnet_id = filters['subnet'][0]
nuage_subnet_id = filters['nuage_subnet_id'][0]
# Get the nuage l2domain/subnet corresponding to neutron subnet
# nuage_subnet_id passed in filters by plugin
subnet_mapping = nuagedb.get_subnet_l2dom_by_nuage_id(
context.session, nuage_subnet_id)
if not subnet_mapping:
msg = _("Nuage subnet for neutron subnet %(subn)s not found " %
{'subn': subnet_id}) # noqa H702
raise restproxy.RESTProxyError(msg)
if subnet_mapping['nuage_l2dom_tmplt_id']:
subnet_type = constants.L2DOMAIN
else:
subnet_type = constants.SUBNET
if 'id' in filters:
# This is to get vport by id
vport = gw_helper.get_nuage_vport(self.restproxy, filters['id'][0])
# Return an empty list for neutronclient get_res_by_id_or_name()
if not vport:
return []
if vport['parentID'] != subnet_mapping['nuage_subnet_id']:
return []
vport_list = [vport]
elif 'name' in filters:
# This is to get vport by name
vport = gw_helper.get_nuage_vport_by_name(
self.restproxy, subnet_mapping['nuage_subnet_id'],
filters['name'][0], subnet_type)
# Return an empty list for neutronclient get_res_by_id_or_name()
if not vport:
return []
if vport['parentID'] != subnet_mapping['nuage_subnet_id']:
return []
vport_list = [vport]
else:
if subnet_type == constants.SUBNET:
# Get all host/bridge vports
vport_list = gw_helper.get_vports_for_subnet(
self.restproxy, subnet_mapping['nuage_subnet_id'])
else:
# Get all host/bridge vports
vport_list = gw_helper.get_vports_for_l2domain(
self.restproxy, subnet_mapping['nuage_subnet_id'])
resp_list = []
for vport in vport_list:
vport_type = vport['type']
resp = dict()
if vport_type in [
constants.HOST_VPORT_TYPE, constants.BRIDGE_VPORT_TYPE
]:
resp['vport_id'] = vport['ID']
resp['vport_type'] = vport_type
resp['vport_name'] = vport['name']
# Get the host/bridge interface
nuage_interface = gw_helper.get_interface_by_vport(
self.restproxy, vport['ID'], vport_type)
resp['port_id'] = None
if nuage_interface:
resp['interface'] = nuage_interface['ID']
resp['port_id'] = strip_cms_id(
nuage_interface['externalID'])
if vport_type == constants.HOST_VPORT_TYPE:
resp['subnet_id'] = subnet_id
else:
resp['subnet_id'] = subnet_id
if not vport['VLANID']:
# Skip this vport as it does not have any vlan.
# This should never happen as if vport is created a vlan
# is always associated with it
continue
# Get the gw interface
nuage_vlan = gw_helper.get_gateway_port_vlan(
self.restproxy, vport['VLANID'])
resp['nuage_vlan_id'] = nuage_vlan['ID']
resp['gateway'] = nuage_vlan['gatewayID']
resp['gatewayport'] = nuage_vlan['parentID']
resp['value'] = nuage_vlan['value']
resp_list.append(resp)
if tenant_id:
updated_vport_list = []
for vport in resp_list:
ent_perm = gw_helper.get_ent_permission_on_vlan(
self.restproxy, vport['nuage_vlan_id'])
if ent_perm:
vlan_perm = self._check_tenant_perm(
vport['nuage_vlan_id'], tenant_id,
ent_perm['permittedEntityID'])
if vlan_perm:
updated_vport_list.append(vport)
return updated_vport_list
return resp_list
def _get_gateway_vport(self, context, tenant_id, netpart_id,
nuage_vlan_id):
# subnet is required to keep the o/p format consistent with
# create_gateway_vport o/p
ret = {
'subnet_id': None,
'interface': None,
'vport_id': None,
'vport_type': None,
'vport_name': None,
'port_id': None
}
# Get the gw interface
try:
nuage_vlan = gw_helper.get_gateway_port_vlan(
self.restproxy, nuage_vlan_id)
except Exception as e:
if e.code == constants.RES_NOT_FOUND:
return
raise
# Check for tenant permission
# tenant_id is None in case of admin. We don't check permissions
# for admin.netpart_id will be None when called from
# delete_gateway_vport. We don't have to check permissions for
# delete as client always calls get() before delete and we check
# permissions during get()
if tenant_id and netpart_id:
ent_perm = gw_helper.get_ent_permission_on_vlan(
self.restproxy, nuage_vlan['ID'])
has_perm = self._check_tenant_perm(nuage_vlan_id, tenant_id,
ent_perm['permittedEntityID'])
if not has_perm:
msg = _("Tenant %(ten)s does not have permission for vlan %("
"vlan)s" % {
'ten': tenant_id, # noqa H702
'vlan': nuage_vlan_id
})
LOG.warn(msg)
raise restproxy.RESTProxyError(msg)
ret['gateway'] = nuage_vlan['gatewayID']
ret['gatewayport'] = nuage_vlan['parentID']
ret['value'] = nuage_vlan['value']
# Check if it is associated with a vport
nuage_vport_id = nuage_vlan['vportID']
if not nuage_vport_id:
msg = _("Nuage gateway interface %s is not associated with any "
"vport" % nuage_vlan_id) # noqa H702
raise restproxy.RESTProxyError(msg)
# Get the vport
nuage_vport = gw_helper.get_nuage_vport(self.restproxy, nuage_vport_id)
if nuage_vport:
subnet_mapping = nuagedb.get_subnet_l2dom_by_nuage_id(
context.session, nuage_vport['parentID'])
ret['subnet_id'] = subnet_mapping["subnet_id"]
ret['nuage_subnet_id'] = nuage_vport['parentID']
nuage_vport_type = nuage_vport['type']
if nuage_vport_type == constants.BRIDGE_VPORT_TYPE:
# Get the bridge interface on the vport
nuage_br_intf = gw_helper.get_interface_by_vport(
self.restproxy, nuage_vport_id, nuage_vport_type)
if nuage_br_intf:
ret['interface'] = nuage_br_intf['ID']
elif nuage_vport_type == constants.HOST_VPORT_TYPE:
# Get the host interface on the vport
nuage_host_intf = gw_helper.get_interface_by_vport(
self.restproxy, nuage_vport_id, nuage_vport_type)
if nuage_host_intf:
ret['interface'] = nuage_host_intf['ID']
ret['port_id'] = strip_cms_id(
nuage_host_intf['externalID'])
else:
msg = _("Nuage vport associated with gateway interface %s is"
" not connected to a bridge/host interface" %
nuage_vlan_id) # noqa H702
raise restproxy.RESTProxyError(msg)
ret['vport_id'] = nuage_vport_id
ret['vport_type'] = nuage_vport_type
ret['vport_name'] = nuage_vport['name']
return ret
def delete_nuage_gateway_vport(self, context, nuage_vport_id,
def_netpart_id):
# Get the gw interface and vport info
tenant_id = context.tenant_id
resp = self.get_gateway_vport(context, tenant_id, None, nuage_vport_id)
if not resp:
return
subnet_id = resp['nuage_subnet_id']
# Get the neutron subnet-id associated with the vport
subnet_mapping = nuagedb.get_subnet_l2dom_by_nuage_id(
context.session, subnet_id)
# Delete the interface and vport
if resp['vport_type'] == constants.BRIDGE_VPORT_TYPE:
# Bridge/Host vport will always have a vlan associated with it
nuage_vlan = gw_helper.get_gateway_port_vlan(
self.restproxy, resp['vlanid'])
# Get the gateway associated with vlan
nuage_gw = gw_helper.get_gateway(self.restproxy,
nuage_vlan['gatewayID'])
if resp['interface']:
# Delete interface
gw_helper.delete_nuage_interface(self.restproxy,
resp['interface'],
constants.BRIDGE_VPORT_TYPE)
LOG.debug("Deleted bridge interface %s", resp['interface'])
# do not attempt to delete policygroup on vsd managed subnets
# as we do not create it in that case
if not subnet_mapping["nuage_managed_subnet"]:
if subnet_mapping['nuage_l2dom_tmplt_id']:
subnet_type = constants.L2DOMAIN
else:
subnet_type = constants.SUBNET
nuage_policygroup = gw_helper.get_policygroup_for_interface(
self.restproxy, subnet_mapping["subnet_id"],
nuage_gw['personality'], resp['vport_type'], subnet_type)
if nuage_policygroup:
# Check if policygroup has more than 1 vport associated
self._delete_policygroup(resp['interface'],
nuage_policygroup[0])
elif resp['vport_type'] == constants.HOST_VPORT_TYPE:
if resp['interface']:
# Delete the policygroup and interface
gw_helper.delete_nuage_interface(self.restproxy,
resp['interface'],
constants.HOST_VPORT_TYPE)
LOG.debug("Deleted host interface %s", resp['interface'])
# do not attempt to delete policygroup on vsd managed subnets
# as we do not create it in that case g
if not subnet_mapping["nuage_managed_subnet"]:
# Delete the policugroup
policy_group_id = gw_helper.get_policygroup_for_host_vport(
self.restproxy, resp['vport_id'])
if policy_group_id:
# Check if policygroup has more than 1 vport associated
self._delete_policygroup(resp['interface'],
policy_group_id)
# Delete the vport
# if 'vport_type' is not None, then 'vport_id' is not None
gw_helper.delete_nuage_vport(self.restproxy, resp['vport_id'])
LOG.debug("Deleted vport %s", resp['vport_id'])
# Remove Ent/Tenant permissions
netpart_id = None
perms = self._get_ent_permissions(resp['vlanid'])
if perms and perms['permittedEntityType'] == 'enterprise':
netpart_id = perms['permittedEntityID']
else:
netpart_id = def_netpart_id
if netpart_id != def_netpart_id:
perm = gw_helper.get_tenant_perm(self.restproxy, resp['vlanid'])
if perm:
num_grps = self.remove_tenant_perm(resp['vlanid'],
perm['permittedEntityName'],
netpart_id)
if num_grps == 0:
# Remove permissions for the enterprise if it exists
self.remove_ent_perm(resp['vlanid'])
LOG.debug("Deleted ent perissions on vlan %s",
resp['vlanid'])
else:
LOG.debug("Preserving ent permissions on default netpartition")
def get_gateway_port_vlans(self, tenant_id, netpart_id, filters):
if 'gateway' in filters and 'gatewayport' in filters:
# We dont't need the gateway that is being passed in.
# We should have verified that the gatewayport belongs
# to this gateway in previous call.
params = {'port_id': filters['gatewayport'][0]}
vlan_list = self._get_gateway_port_vlans(tenant_id, params)
elif 'gatewayport' in filters and 'name' in filters:
params = {'port_id': filters['gatewayport'][0]}
extra_params = {'vlan_value': filters['name'][0]}
vlan_list = self._get_gateway_port_vlans(tenant_id, params,
extra_params)
elif 'gatewayport' in filters and 'id' in filters:
params = {'port_id': filters['gatewayport'][0]}
extra_params = {'vlan_value': filters['id'][0]}
vlan_list = self._get_gateway_port_vlans(tenant_id, params,
extra_params)
elif 'name' in filters:
try:
vlan_list = [
gw_helper.get_gateway_port_vlan(self.restproxy,
filters['name'][0])
]
except Exception as e:
# If vlan does not exist return a empty list
if e.code == constants.RES_NOT_FOUND:
return []
raise
elif 'id' in filters:
vlan_list = [
gw_helper.get_gateway_port_vlan(self.restproxy,
filters['id'][0])
]
elif 'gatewayport' in filters:
params = {'port_id': filters['gatewayport'][0]}
vlan_list = self._get_gateway_port_vlans(tenant_id, params)
else:
# This is when no --gateway and --gatewayport option is specified
# in neutronclient
vlan_list = self._get_vlans_for_tenant(tenant_id, netpart_id)
if tenant_id:
updated_vlan_list = []
for vlan in vlan_list:
# Get permissions for each vlan
ent_perm = gw_helper.get_ent_permission_on_vlan(
self.restproxy, vlan['ID'])
if ent_perm:
vlan_perm = self._check_tenant_perm(
vlan['ID'], tenant_id, ent_perm['permittedEntityID'])
if vlan_perm:
vlan['assignedTo'] = tenant_id
updated_vlan_list.append(vlan)
return updated_vlan_list
else:
# Now get the assigned tenant_id for each vlan and update vlan in
# place
for vlan in vlan_list:
vlan_perm = gw_helper.get_tenant_perm(self.restproxy,
vlan['ID'])
if vlan_perm:
vlan['assignedTo'] = vlan_perm['permittedEntityName']
return vlan_list
