def add_prefix(self, prefix, type, description):
p = Prefix()
p.prefix = prefix
p.type = type
p.description = description
p.save()
return p
def freeprefix(nipap_deamon_ip, account_cb_alias, account_iam_alias, vpc_network, vpc_prefix):
# Lookup nipap daemon password cipher
nipapCfn = dynamodb.Table(os.environ['TAILOR_TABLENAME_NIPAPCFN'])
getNipapCfn = nipapCfn.get_item(
Key={
'nipapAlias': account_cb_alias
}
)
# Decrypt nipap daemon password
nipapDaemonPasswordCipherBlob = getNipapCfn['Item']['nipapDaemonPasswordCipherBlob']
nipapDeamonPassword = bytes(kms.decrypt(CiphertextBlob=b64decode(nipapDaemonPasswordCipherBlob))['Plaintext'])
# Look up free CIDR block
pynipap.xmlrpc_uri = "http://*****:*****@" + nipap_deamon_ip + ":1337"
a = pynipap.AuthOptions({
'authoritative_source': 'tailor_nipap_client'
})
# Allocate first available
new_prefix = Prefix()
new_prefix.description = account_iam_alias
new_prefix.type = "assignment"
# Save will communicate with the backend and ask for the next available desired prefix size
new_prefix.save({'from-prefix': [vpc_network], 'prefix_length': vpc_prefix})
# Read the assigned prefix from the new_prefix object
print("VPC Cidr is: ", new_prefix.prefix)
return new_prefix.prefix
def test_remove_prefix(self):
""" We should NOT be able to execute remove_prefix as read-only user
"""
p = Prefix()
p.id = 0
with self.assertRaises(NipapAuthorizationError):
p.remove()
def test_edit_prefix(self):
""" We should NOT be able to execute edit_prefix as read-only user
"""
p = Prefix()
p.id = 123
with self.assertRaises(NipapAuthorizationError):
p.save()
def add_prefix_to_vrf(self, vrfrt, prefix, type, description, status, tags=[]):
"""
Note: This function adds a prefix to a given VRF, if the prefix is used or
invalid, it will return None
:param vrfrt: String like "209:123"
:param prefix: String like "1.0.0.0/29"
:param type: String, must be on of the following: 'reservation', 'assignment', 'host'
:param description: String
:param status: String, must be "assigned" or "reserved"
:param tags: Array of Strings
:return: Prefix object or None
"""
myvrf = None
p = None
# get the vrf
myvrf = self.find_vrf('rt', vrfrt)
p = Prefix()
p.prefix = prefix
p.type = type
p.status = status
p.description = description
p.vrf = myvrf
p.tags = tags
try:
p.save()
except:
e = sys.exc_info()[0]
logging.error("Error: could not add prefix: %s" % e)
return p
def test_add_prefix(self):
""" We should NOT be able to execute add_prefix as read-only user
"""
p = Prefix()
p.prefix = '1.3.3.7'
with self.assertRaises(NipapAuthorizationError):
p.save()
def add_prefix(self, prefix, type, description, tags=None):
if tags is None:
tags = []
p = Prefix()
p.prefix = prefix
p.type = type
p.description = description
p.tags = tags
p.save()
return p
def add_prefix(self):
""" Add prefix according to the specification.
The following keys can be used:
vrf ID of VRF to place the prefix in
prefix the prefix to add if already known
family address family (4 or 6)
description A short description
expires Expiry time of assignment
comment Longer comment
node Hostname of node
type Type of prefix; reservation, assignment, host
status Status of prefix; assigned, reserved, quarantine
pool ID of pool
country Country where the prefix is used
added Timestamp of added prefix
last_modified Timestamp of last modify
order_id Order identifier
customer_id Customer identifier
vlan VLAN ID
alarm_priority Alarm priority of prefix
monitor If the prefix should be monitored or not
from-prefix A prefix the prefix is to be allocated from
from-pool A pool (ID) the prefix is to be allocated from
prefix_length Prefix length of allocated prefix
"""
p = Prefix()
# Sanitize input parameters
if 'vrf' in request.json:
try:
if request.json['vrf'] is None or len(
unicode(request.json['vrf'])) == 0:
p.vrf = None
else:
p.vrf = VRF.get(int(request.json['vrf']))
except ValueError:
return json.dumps({
'error':
1,
'message':
"Invalid VRF ID '%s'" % request.json['vrf']
})
except NipapError, e:
return json.dumps({
'error': 1,
'message': e.args,
'type': type(e).__name__
})
def add_prefix_from_pool(self, pool, family, description):
p = Prefix()
args = {}
args['from-pool'] = pool
args['family'] = family
p.type = pool.default_type
p.status = 'assigned'
try:
p.save(args)
return p
except NipapError as exc:
print("Error: could not add prefix: %s" % str(exc))
return None
def new_prefix():
p = Prefix()
p.monitor = True
p.alarm_priority = 'high'
p.vrf = DEFAULT_VRF
p.node = None
p.tags['infoblox-import'] = 1
p.customer_id = DEFAULT_CUSTOMER
p.authoritative_source = 'import'
# https://github.com/SpriteLink/NIPAP/issues/721
p.expires = '2100-01-30 00:00:00'
return p
def save_hosts():
for host in hosts:
try:
host.save()
continue
except:
pass
r = Prefix().search({
'operator': 'contains',
'val1': 'prefix',
'val2': host.prefix
})
for p in r['result']:
try:
p.type = 'assignment'
p.tags['guessed'] = 1
p.save()
except:
pass
try:
host.save()
continue
except:
pass
# this is a last and probably wrong attempt
# to fix the bad data in infoblox.
p = Prefix()
p.type = 'assignment'
p.description = 'AUTO: host container (import)'
p.tags['auto'] = 1
ip = ipaddr.IPNetwork(host.prefix)
p.prefix = str(ip.supernet(prefixlen_diff=1).network) + '/127'
p.save()
host.save()
def _thread_ipam_add_prefix(self):
try:
vrf_id = self.master.vrf_list.get(self.master.current_vrf.get())
self.new_prefix = Prefix()
self.new_prefix.prefix = self.val_prefix.get()
self.new_prefix.type = self.val_type.get()
self.new_prefix.status = self.val_status.get()
# TODO: set vrf
# self.new_prefix.vrf = self.master.ipam.get_vrf(vrf_id)
self.new_prefix.description = self.val_description.get()
self.master.ipam.save_prefix(self.new_prefix)
tmp_message = "Prefix %s added." % self.new_prefix.prefix
self.queue.put(
QueMsg(QueMsg.TYPE_STATUS, tmp_message, QueMsg.STATUS_OK))
self.event_generate('<<nipap_prefix_added>>', when='tail')
except NipapError as e:
self.queue.put(
QueMsg(QueMsg.TYPE_STATUS, e, QueMsg.STATUS_NIPAP_ERROR))
self.event_generate('<<nipap_error>>', when='tail')
except Exception as e:
self.queue.put(QueMsg(QueMsg.TYPE_STATUS, e, QueMsg.STATUS_ERROR))
self.event_generate('<<nipap_error>>', when='tail')
def run_task(self):
a = AuthOptions({'authoritative_source': 'yapt'})
pynipap.xmlrpc_uri = "http://{0}:{1}@{2}:{3}/XMLRPC".format(
self.grp_cfg.TASKS.Provision.Ipam.User,
self.grp_cfg.TASKS.Provision.Ipam.Password,
self.grp_cfg.TASKS.Provision.Ipam.Address,
self.grp_cfg.TASKS.Provision.Ipam.Port)
for prefix in self.grp_cfg.TASKS.Provision.Ipam.Prefixes:
try:
p = Prefix.find_free(None, {
'from-prefix': [prefix],
'prefix_length': 32
})
except socket.error as se:
self.update_task_state(
new_task_state=c.TASK_STATE_FAILED,
task_state_message=logmsg.IPAM_CONN_ERR.format(
se.strerror))
Tools.emit_log(task_name=self.task_name,
sample_device=self.sample_device,
message=logmsg.IPAM_CONN_ERR.format(
se.strerror))
return
except NipapAuthenticationError as nae:
self.update_task_state(
new_task_state=c.TASK_STATE_FAILED,
task_state_message=logmsg.IPAM_CONN_ERR.format(
nae.message))
Tools.emit_log(task_name=self.task_name,
sample_device=self.sample_device,
message=logmsg.IPAM_CONN_ERR.format(
nae.message))
return
if p:
self.shared[c.TASK_SHARED_IPAM].append(p)
new_prefix = Prefix()
new_prefix.prefix = p[0]
new_prefix.type = 'host'
new_prefix.description = self.sample_device.deviceSerial
try:
new_prefix.save()
self.update_task_state(
new_task_state=c.TASK_STATE_DONE,
task_state_message=c.TASK_STATE_MSG_DONE)
Tools.emit_log(
task_name=self.task_name,
task_state={
'taskState': self.task_state,
'taskStateMsg': c.TASK_STATE_MSG_DONE
},
sample_device=self.sample_device,
grp_cfg=self.grp_cfg,
shared=self.shared,
scope=c.LOGGER_SCOPE_ALL,
level=c.LOGGER_LEVEL_INFO,
message=logmsg.IPAM_PREFIX_OK.format(prefix))
except NipapValueError as nve:
self.update_task_state(
new_task_state=c.TASK_STATE_FAILED,
task_state_message=logmsg.IPAM_PREFIX_ERR.format(
nve.message))
Tools.emit_log(task_name=self.task_name,
sample_device=self.sample_device,
message=logmsg.IPAM_PREFIX_ERR.format(
nve.message))
else:
self.update_task_state(
new_task_state=c.TASK_STATE_FAILED,
task_state_message=logmsg.IPAM_PREFIX_FULL.format(prefix))
Tools.emit_log(task_name=self.task_name,
sample_device=self.sample_device,
message=logmsg.IPAM_PREFIX_FULL.format(prefix))
vrfs[v.rt] = v
vrfs[r['vrf'].strip()] = v
else:
print "Found invalid VRF %s" % str(r['vrf'])
print "done"
# Create prefixes
print "Creating prefixes... "
sql = "SELECT * FROM ip_net_plan order by schema, prefix"
curs_pg_old.execute(sql)
i = 0
t = time.time()
for r in curs_pg_old:
p = Prefix()
# find VRF
if r['vrf'] is not None:
p.vrf = vrfs[r['vrf'].strip()]
elif r['schema'] in s_vrfs:
p.vrf = s_vrfs[r['schema']]
# the rest of the prefix attributes...
p.prefix = r['prefix']
p.description = r['description']
p.comment = r['comment']
p.node = r['node']
if r['pool'] is not None:
p.pool = pools[r['pool']]
p.type = r['type']
def parse_line(self, line):
""" Parse one line
"""
try:
# text params, ie params from the text file
tp = self.split_columns(line)
except CommentLine:
# just ignore comments
return
if tp['prefix_type'] == 'reservation': # reservations / aggregates
print "Reservation:", tp['prefix'], tp['description']
p = Prefix()
p.schema = self.schema
p.prefix = tp['prefix']
p.type = 'reservation'
p.description = tp['description']
p.monitor = True
p.alarm_priority = 'low'
p.authoritative_source = 'nw'
p.save({})
return
elif tp['node'] == '.' and tp['description'] == '.':
# ignore prefixes without description or node set
return
elif tp['prefix_length'] == 32: # loopback
# if it's a loopback, the covering prefix will be a reservation and we can just insert an assignment.
# if this insert fails, it means the parent prefix is an assignment and we instead insert a host
try:
p = Prefix()
p.schema = self.schema
p.prefix = tp['prefix']
# loopbacks are always of type 'assignment'
p.type = 'assignment'
p.node = tp['node']
p.description = tp['description']
p.monitor = True
p.alarm_priority = tp['alarm_priority']
p.authoritative_source = 'nw'
p.save({})
print "Loopback:", tp['prefix']
return
except:
p = Prefix()
p.schema = self.schema
p.prefix = tp['prefix']
# loopbacks are always of type 'assignment'
p.type = 'host'
p.node = tp['node']
p.description = tp['description']
p.monitor = True
p.alarm_priority = tp['alarm_priority']
p.authoritative_source = 'nw'
p.save({})
print "Host:", tp['prefix']
return
elif tp['prefix_length'] == 30 or tp['prefix_length'] == 31: # link network
octets = tp['address'].split('.')
prefix_node1 = None
prefix_node2 = None
if tp['prefix_length'] == 30:
prefix_node1 = '.'.join(octets[:3] + [str( int(octets[3]) + 1 )] ) + '/32'
prefix_node2 = '.'.join(octets[:3] + [str( int(octets[3]) + 2 )] ) + '/32'
else:
prefix_node1 = '.'.join(octets) + '/32'
prefix_node2 = '.'.join(octets[:3] + [str( int(octets[3]) + 1 )] ) + '/32'
#m = re.match('(ETHER_KAP|ETHER_PORT|IP-KAP|IP-PORT|IP-SIPNET|IP-SNIX|IPSUR|L2L|RED-IPPORT|SNIX|SWIP|T2V-@|T2V-DIGTV|T2V-SUR)[0-9]{4,}', tp['order_id'])
m = re.match('.*[0-9]{6}$', tp['order_id'])
if m is not None or tp['type'] == 'CUSTOMER':
print "Customer link", tp['prefix'], ':', tp['description']
p = Prefix()
p.schema = self.schema
p.prefix = tp['prefix']
p.type = 'assignment'
p.description = tp['description']
p.alarm_priority = tp['alarm_priority']
p.authoritative_source = 'nw'
if tp['order_id'] != '.':
p.order_id = tp['order_id']
p.save({})
# insert node1 and node2
p1 = Prefix()
p1.schema = self.schema
p1.prefix = prefix_node1
p1.type = 'host'
p1.description = 'Some PE router'
p1.authoritative_source = 'nw'
p1.save({})
p2 = Prefix()
p2.schema = self.schema
p2.prefix = prefix_node2
p2.type = 'host'
p2.node = tp['node']
p2.description = 'CPE'
p2.authoritative_source = 'nw'
p2.save({})
return
m = re.match(r'([^\s]+)\s*<->\s*([^\s]+)', tp['description'])
if m is not None:
node1 = m.group(1)
node2 = m.group(2)
print "Link network: ", tp['prefix'], " ", node1, "<->", node2
p = Prefix()
p.schema = self.schema
p.prefix = tp['prefix']
p.type = 'assignment'
p.description = node1 + ' <-> ' + node2
p.monitor = True
p.alarm_priority = tp['alarm_priority']
p.authoritative_source = 'nw'
p.save({})
# insert node1 and node2
p1 = Prefix()
p1.schema = self.schema
p1.prefix = prefix_node1
p1.type = 'host'
p1.node = node1
p1.description = node1
p1.authoritative_source = 'nw'
p1.save({})
p2 = Prefix()
p2.schema = self.schema
p2.prefix = prefix_node2
p2.type = 'host'
p2.node = node2
p2.description = node2
p2.authoritative_source = 'nw'
p2.save({})
return
m = re.match('(DN)[0-9]{4,}', tp['order_id'])
if m is not None:
print "Internal order link network", tp['prefix'], ':', tp['description']
p = Prefix()
p.schema = self.schema
p.prefix = tp['prefix']
p.type = 'assignment'
p.description = tp['description']
p.monitor = True
p.alarm_priority = tp['alarm_priority']
p.authoritative_source = 'nw'
p.save({})
return
print "Other link network", tp['prefix'], ':', tp['description']
p = Prefix()
p.schema = self.schema
p.prefix = tp['prefix']
p.type = 'assignment'
p.description = tp['description']
p.monitor = True
p.alarm_priority = tp['alarm_priority']
p.authoritative_source = 'nw'
p.save({})
return
else:
try:
p = Prefix()
p.schema = self.schema
p.prefix = tp['prefix']
p.type = 'assignment'
p.description = tp['description']
p.monitor = True
p.alarm_priority = 'low'
p.authoritative_source = 'nw'
p.save({})
print "Other:", tp['prefix']
except NipapValueError, e:
print tp['prefix'], ':', e
sys.exit(1)
return