def update_ip_policy(context, id, ip_policy): LOG.info("update_ip_policy for tenant %s" % context.tenant_id) ipp = ip_policy["ip_policy"] with context.session.begin(): ipp_db = db_api.ip_policy_find(context, id=id, scope=db_api.ONE) if not ipp_db: raise quark_exceptions.IPPolicyNotFound(id=id) ip_policy_cidrs = ipp.get("exclude") network_ids = ipp.get("network_ids") subnet_ids = ipp.get("subnet_ids") if subnet_ids and network_ids: raise exceptions.BadRequest( resource="ip_policy", msg="network_ids and subnet_ids specified. only one allowed" ) models = [] all_subnets = [] if subnet_ids: for subnet in ipp_db["subnets"]: subnet["ip_policy"] = None subnets = db_api.subnet_find(context, id=subnet_ids, scope=db_api.ALL) if len(subnets) != len(subnet_ids): raise exceptions.SubnetNotFound(id=subnet_ids) if ip_policy_cidrs is not None: ensure_default_policy(ip_policy_cidrs, subnets) _validate_cidrs_fit_into_subnets(ip_policy_cidrs, subnets) all_subnets.extend(subnets) models.extend(subnets) if network_ids: for network in ipp_db["networks"]: network["ip_policy"] = None nets = db_api.network_find(context, id=network_ids, scope=db_api.ALL) if len(nets) != len(network_ids): raise exceptions.NetworkNotFound(net_id=network_ids) subnets = [subnet for net in nets for subnet in net.get("subnets", [])] if ip_policy_cidrs is not None: ensure_default_policy(ip_policy_cidrs, subnets) _validate_cidrs_fit_into_subnets(ip_policy_cidrs, subnets) all_subnets.extend(subnets) models.extend(nets) if not subnet_ids and not network_ids and ip_policy_cidrs is not None: ensure_default_policy(ip_policy_cidrs, ipp_db["subnets"]) _validate_cidrs_fit_into_subnets(ip_policy_cidrs, ipp_db["subnets"]) for model in models: if model["ip_policy"]: raise quark_exceptions.IPPolicyAlreadyExists(id=model["ip_policy"]["id"], n_id=model["id"]) model["ip_policy"] = ipp_db if ip_policy_cidrs: _validate_policy_with_routes(context, ip_policy_cidrs, all_subnets) ipp_db = db_api.ip_policy_update(context, ipp_db, **ipp) return v._make_ip_policy_dict(ipp_db)
def test_ip_policies_update(self): ip_policy_dict = dict(exclude=["192.168.10.0/32", "192.168.10.255/32"]) ip_policy = db_api.ip_policy_create(self.context, **ip_policy_dict) ip_policy_update_dict = dict(exclude=[ "192.168.10.0/32", "192.168.10.13/32", "192.168.10.255/32" ]) updated_ip_policy = db_api.ip_policy_update(self.context, ip_policy, **ip_policy_update_dict) self.assertEqual(updated_ip_policy["size"], 3)
def test_ip_policies_update(self): ip_policy_dict = dict(exclude=["192.168.10.0/32", "192.168.10.255/32"]) ip_policy = db_api.ip_policy_create(self.context, **ip_policy_dict) new_exclude_first_last = dict() for cidr in ("192.168.10.0/32", "192.168.10.13/32", "192.168.10.255/32"): new_exclude_first_last[cidr] = netaddr.IPNetwork(cidr).ipv6().first updated_ip_policy = db_api.ip_policy_update(self.context, ip_policy, exclude=new_exclude_first_last.keys()) self.assertEqual(len(updated_ip_policy["exclude"]), 3) for ippc in updated_ip_policy["exclude"]: self.assertEqual(new_exclude_first_last[ippc["cidr"]], ippc["first_ip"]) self.assertEqual(new_exclude_first_last[ippc["cidr"]], ippc["last_ip"])
def test_ip_policies_update(self): ip_policy_dict = dict(exclude=["192.168.10.0/32", "192.168.10.255/32"]) ip_policy = db_api.ip_policy_create(self.context, **ip_policy_dict) new_exclude_first_last = dict() for cidr in ("192.168.10.0/32", "192.168.10.13/32", "192.168.10.255/32"): new_exclude_first_last[cidr] = netaddr.IPNetwork(cidr).ipv6().first updated_ip_policy = db_api.ip_policy_update( self.context, ip_policy, exclude=new_exclude_first_last.keys()) self.assertEqual(len(updated_ip_policy["exclude"]), 3) for ippc in updated_ip_policy["exclude"]: self.assertEqual(new_exclude_first_last[ippc["cidr"]], ippc["first_ip"]) self.assertEqual(new_exclude_first_last[ippc["cidr"]], ippc["last_ip"])
def update_ip_policy(context, id, ip_policy): LOG.info("update_ip_policy for tenant %s" % context.tenant_id) ipp = ip_policy["ip_policy"] with context.session.begin(): ipp_db = db_api.ip_policy_find(context, id=id, scope=db_api.ONE) if not ipp_db: raise quark_exceptions.IPPolicyNotFound(id=id) network_ids = ipp.get("network_ids") subnet_ids = ipp.get("subnet_ids") models = [] if subnet_ids: for subnet in ipp_db["subnets"]: subnet["ip_policy"] = None subnets = db_api.subnet_find( context, id=subnet_ids, scope=db_api.ALL) if len(subnets) != len(subnet_ids): raise exceptions.SubnetNotFound(id=subnet_ids) models.extend(subnets) if network_ids: for network in ipp_db["networks"]: network["ip_policy"] = None nets = db_api.network_find(context, id=network_ids, scope=db_api.ALL) if len(nets) != len(network_ids): raise exceptions.NetworkNotFound(net_id=network_ids) models.extend(nets) for model in models: if model["ip_policy"]: raise quark_exceptions.IPPolicyAlreadyExists( id=model["ip_policy"]["id"], n_id=model["id"]) model["ip_policy"] = ipp_db ipp_db = db_api.ip_policy_update(context, ipp_db, **ipp) return v._make_ip_policy_dict(ipp_db)
def update_subnet(context, id, subnet): """Update values of a subnet. : param context: neutron api request context : param id: UUID representing the subnet to update. : param subnet: dictionary with keys indicating fields to update. valid keys are those that have a value of True for 'allow_put' as listed in the RESOURCE_ATTRIBUTE_MAP object in neutron/api/v2/attributes.py. """ LOG.info("update_subnet %s for tenant %s" % (id, context.tenant_id)) with context.session.begin(): subnet_db = db_api.subnet_find(context, None, None, None, False, id=id, scope=db_api.ONE) if not subnet_db: raise exceptions.SubnetNotFound(id=id) s = subnet["subnet"] always_pop = ["_cidr", "cidr", "first_ip", "last_ip", "ip_version", "segment_id", "network_id"] admin_only = ["do_not_use", "created_at", "tenant_id", "next_auto_assign_ip", "enable_dhcp"] utils.filter_body(context, s, admin_only, always_pop) dns_ips = utils.pop_param(s, "dns_nameservers", []) host_routes = utils.pop_param(s, "host_routes", []) gateway_ip = utils.pop_param(s, "gateway_ip", None) allocation_pools = utils.pop_param(s, "allocation_pools", None) if not CONF.QUARK.allow_allocation_pool_update: if allocation_pools: raise exceptions.BadRequest( resource="subnets", msg="Allocation pools cannot be updated.") alloc_pools = allocation_pool.AllocationPools( subnet_db["cidr"], policies=models.IPPolicy.get_ip_policy_cidrs(subnet_db)) else: alloc_pools = allocation_pool.AllocationPools(subnet_db["cidr"], allocation_pools) quota.QUOTAS.limit_check( context, context.tenant_id, alloc_pools_per_subnet=len(alloc_pools)) if gateway_ip: alloc_pools.validate_gateway_excluded(gateway_ip) default_route = None for route in host_routes: netaddr_route = netaddr.IPNetwork(route["destination"]) if netaddr_route.value == routes.DEFAULT_ROUTE.value: default_route = route break if default_route is None: route_model = db_api.route_find( context, cidr=str(routes.DEFAULT_ROUTE), subnet_id=id, scope=db_api.ONE) if route_model: db_api.route_update(context, route_model, gateway=gateway_ip) else: db_api.route_create(context, cidr=str(routes.DEFAULT_ROUTE), gateway=gateway_ip, subnet_id=id) if dns_ips: subnet_db["dns_nameservers"] = [] quota.QUOTAS.limit_check(context, context.tenant_id, dns_nameservers_per_subnet=len(dns_ips)) for dns_ip in dns_ips: subnet_db["dns_nameservers"].append(db_api.dns_create( context, ip=netaddr.IPAddress(dns_ip))) if host_routes: subnet_db["routes"] = [] quota.QUOTAS.limit_check(context, context.tenant_id, routes_per_subnet=len(host_routes)) for route in host_routes: subnet_db["routes"].append(db_api.route_create( context, cidr=route["destination"], gateway=route["nexthop"])) if CONF.QUARK.allow_allocation_pool_update: if isinstance(allocation_pools, list): cidrs = alloc_pools.get_policy_cidrs() ip_policies.ensure_default_policy(cidrs, [subnet_db]) subnet_db["ip_policy"] = db_api.ip_policy_update( context, subnet_db["ip_policy"], exclude=cidrs) # invalidate the cache db_api.subnet_update_set_alloc_pool_cache(context, subnet_db) subnet = db_api.subnet_update(context, subnet_db, **s) return v._make_subnet_dict(subnet)
def update_ip_policy(context, id, ip_policy): LOG.info("update_ip_policy for tenant %s" % context.tenant_id) ipp = ip_policy["ip_policy"] with context.session.begin(): ipp_db = db_api.ip_policy_find(context, id=id, scope=db_api.ONE) if not ipp_db: raise q_exc.IPPolicyNotFound(id=id) ip_policy_cidrs = ipp.get("exclude") network_ids = ipp.get("network_ids") subnet_ids = ipp.get("subnet_ids") if subnet_ids and network_ids: raise n_exc.BadRequest( resource="ip_policy", msg="network_ids and subnet_ids specified. only one allowed") models = [] all_subnets = [] if subnet_ids: for subnet in ipp_db["subnets"]: subnet["ip_policy"] = None subnets = db_api.subnet_find(context, id=subnet_ids, scope=db_api.ALL) if len(subnets) != len(subnet_ids): raise n_exc.SubnetNotFound(subnet_id=subnet_ids) if ip_policy_cidrs is not None: ensure_default_policy(ip_policy_cidrs, subnets) _validate_cidrs_fit_into_subnets(ip_policy_cidrs, subnets) all_subnets.extend(subnets) models.extend(subnets) if network_ids: for network in ipp_db["networks"]: network["ip_policy"] = None nets = db_api.network_find(context, id=network_ids, scope=db_api.ALL) if len(nets) != len(network_ids): raise n_exc.NetworkNotFound(net_id=network_ids) subnets = [ subnet for net in nets for subnet in net.get("subnets", []) ] if ip_policy_cidrs is not None: ensure_default_policy(ip_policy_cidrs, subnets) _validate_cidrs_fit_into_subnets(ip_policy_cidrs, subnets) all_subnets.extend(subnets) models.extend(nets) if not subnet_ids and not network_ids and ip_policy_cidrs is not None: ensure_default_policy(ip_policy_cidrs, ipp_db["subnets"]) _validate_cidrs_fit_into_subnets(ip_policy_cidrs, ipp_db["subnets"]) for model in models: if model["ip_policy"]: raise q_exc.IPPolicyAlreadyExists(id=model["ip_policy"]["id"], n_id=model["id"]) model["ip_policy"] = ipp_db if ip_policy_cidrs: _validate_policy_with_routes(context, ip_policy_cidrs, all_subnets) ipp_db = db_api.ip_policy_update(context, ipp_db, **ipp) return v._make_ip_policy_dict(ipp_db)
def update_subnet(context, id, subnet): """Update values of a subnet. : param context: neutron api request context : param id: UUID representing the subnet to update. : param subnet: dictionary with keys indicating fields to update. valid keys are those that have a value of True for 'allow_put' as listed in the RESOURCE_ATTRIBUTE_MAP object in neutron/api/v2/attributes.py. """ LOG.info("update_subnet %s for tenant %s" % (id, context.tenant_id)) with context.session.begin(): subnet_db = db_api.subnet_find(context, None, None, None, False, id=id, scope=db_api.ONE) if not subnet_db: raise exceptions.SubnetNotFound(id=id) s = subnet["subnet"] always_pop = [ "_cidr", "cidr", "first_ip", "last_ip", "ip_version", "segment_id", "network_id" ] admin_only = [ "do_not_use", "created_at", "tenant_id", "next_auto_assign_ip", "enable_dhcp" ] utils.filter_body(context, s, admin_only, always_pop) dns_ips = utils.pop_param(s, "dns_nameservers", []) host_routes = utils.pop_param(s, "host_routes", []) gateway_ip = utils.pop_param(s, "gateway_ip", None) allocation_pools = utils.pop_param(s, "allocation_pools", None) if not CONF.QUARK.allow_allocation_pool_update: if allocation_pools: raise exceptions.BadRequest( resource="subnets", msg="Allocation pools cannot be updated.") alloc_pools = allocation_pool.AllocationPools( subnet_db["cidr"], policies=models.IPPolicy.get_ip_policy_cidrs(subnet_db)) else: alloc_pools = allocation_pool.AllocationPools( subnet_db["cidr"], allocation_pools) quota.QUOTAS.limit_check(context, context.tenant_id, alloc_pools_per_subnet=len(alloc_pools)) if gateway_ip: alloc_pools.validate_gateway_excluded(gateway_ip) default_route = None for route in host_routes: netaddr_route = netaddr.IPNetwork(route["destination"]) if netaddr_route.value == routes.DEFAULT_ROUTE.value: default_route = route break if default_route is None: route_model = db_api.route_find(context, cidr=str(routes.DEFAULT_ROUTE), subnet_id=id, scope=db_api.ONE) if route_model: db_api.route_update(context, route_model, gateway=gateway_ip) else: db_api.route_create(context, cidr=str(routes.DEFAULT_ROUTE), gateway=gateway_ip, subnet_id=id) if dns_ips: subnet_db["dns_nameservers"] = [] quota.QUOTAS.limit_check(context, context.tenant_id, dns_nameservers_per_subnet=len(dns_ips)) for dns_ip in dns_ips: subnet_db["dns_nameservers"].append( db_api.dns_create(context, ip=netaddr.IPAddress(dns_ip))) if host_routes: subnet_db["routes"] = [] quota.QUOTAS.limit_check(context, context.tenant_id, routes_per_subnet=len(host_routes)) for route in host_routes: subnet_db["routes"].append( db_api.route_create(context, cidr=route["destination"], gateway=route["nexthop"])) if CONF.QUARK.allow_allocation_pool_update: if isinstance(allocation_pools, list): cidrs = alloc_pools.get_policy_cidrs() ip_policies.ensure_default_policy(cidrs, [subnet_db]) subnet_db["ip_policy"] = db_api.ip_policy_update( context, subnet_db["ip_policy"], exclude=cidrs) # invalidate the cache db_api.subnet_update_set_alloc_pool_cache(context, subnet_db) subnet = db_api.subnet_update(context, subnet_db, **s) return v._make_subnet_dict(subnet)
def test_ip_policies_update(self): ip_policy_dict = dict(exclude=["192.168.10.0/32", "192.168.10.255/32"]) ip_policy = db_api.ip_policy_create(self.context, **ip_policy_dict) ip_policy_update_dict = dict(exclude=["192.168.10.0/32", "192.168.10.13/32", "192.168.10.255/32"]) updated_ip_policy = db_api.ip_policy_update(self.context, ip_policy, **ip_policy_update_dict) self.assertEqual(updated_ip_policy["size"], 3)