Пример #1
0
 def get_fw_info(self):
     fw_main_data = []
     LOGGER.info("Getting firewall rules info for all csep and Data Center...")
     print "Getting firewall rules info for all csep and Data Center..."
     sites = DBSession.query(Site)
     if sites[0]:
         LOGGER.info("Got the site. Site name is " + to_str(sites[0L].name))
         site_id = sites[0L].id
         site_name = sites[0L].name
         nw_service_host = get_cms_network_service_node()
         if nw_service_host:
             fw = self.get_firewall(site_id)
             fw.set_chain_name(site_name)
             fw_data = self.dump(fw)
             fw_main_data.append(fw_data)
     csep_list = DBSession.query(CSEP)
     for each_csep in csep_list:
         LOGGER.info("Got the CSEP. CSEP name is " + to_str(each_csep.name))
         nw_service_host = each_csep.get_nw_service_host()
         if nw_service_host:
             fw = self.get_firewall(each_csep.id)
             fw.set_chain_name(each_csep.name)
             fw_data = self.dump(fw)
             fw_main_data.append(fw_data)
     return fw_main_data
Пример #2
0
 def add_firewall_for_entity(self, entity_id):
     LOGGER.info("Add firewall for CSEP/ Data Center...")
     if entity_id:
         csep = DBSession.query(CSEP).filter_by(id=entity_id).first()
         if csep:
             LOGGER.info("Got CSEP")
             nw_service_host = csep.get_nw_service_host()
             if nw_service_host:
                 fw = IptablesManager(csep.name)
                 self.fw_map[entity_id] = fw
                 LOGGER.info("Firewall is added to CSEP")
                 self.set_nw_service_host(fw, nw_service_host)
                 LOGGER.info("Network service host is added to firewall")
             return fw
         dc = DBSession.query(Site).filter_by(id=entity_id).first()
         if dc:
             LOGGER.info("Got DC")
             nw_service_host = get_cms_network_service_node()
             if nw_service_host:
                 fw = IptablesManager(dc.name)
                 self.fw_map[entity_id] = fw
                 LOGGER.info("Firewall is added to DC")
                 self.set_nw_service_host(fw, nw_service_host)
                 LOGGER.info("Network service host is added to firewall")
             return fw
Пример #3
0
 def init_firewall_for_all_csep(self):
     LOGGER.info("Applying firewall rules for all csep and Data Center...")
     print "Applying firewall rules for all CSEP and Data Center..."
     sites = DBSession.query(Site)
     if sites[0]:
         LOGGER.info("Got the site. Site name is " + to_str(sites[0].name))
         site_id = sites[0].id
         site_name = sites[0].name
         nw_service_host = get_cms_network_service_node()
         if nw_service_host:
             fw = IptablesManager(site_name)
             self.fw_map[site_id] = fw
             self.set_nw_service_host(fw, nw_service_host)
             self.dump(fw)
     csep_list = DBSession.query(CSEP)
     for each_csep in csep_list:
         csep_id = each_csep.id
         LOGGER.info("Got the CSEP. CSEP name is " + to_str(each_csep.name))
         nw_service_host = each_csep.get_nw_service_host()
         fw = None
         if nw_service_host:
             fw = IptablesManager(each_csep.name)
             self.fw_map[csep_id] = fw
             self.set_nw_service_host(fw, nw_service_host)
         nw_def_list = DBSession.query(CSEPDefLink).filter_by(csep_id=csep_id)
         for each_def in nw_def_list:
             nw_def_id = each_def.def_id
             self.set_firewall_for_network(csep_id, nw_def_id)
         ip_list = self.get_associated_public_ips(csep_id)
         for ip in ip_list:
             public_ip = IPManager().remove_cidr_format_from_ip(ip.ip)
             nw_vm_rel = DBSession.query(NetworkVMRelation).filter_by(public_ip_id=ip.id).first()
             if nw_vm_rel:
                 ip_rec = IPS.get_ip_by_id(nw_vm_rel.private_ip_id)
                 if ip_rec:
                     private_ip = IPManager().remove_cidr_format_from_ip(ip_rec.ip)
                     self.set_firewall_for_public_ip_mapping(csep_id, public_ip, private_ip)
         if fw:
             self.dump(fw)
Пример #4
0
    def delete_defn(self, defn, auth, defType, def_manager, grid_manager):
        LOGGER.info('Deleting definition...')
        #from stackone.cloud.DbModel.platforms.cms.CSEP import CSEP
        from stackone.model.SyncDefinition import SyncDef
        scope = defn.scope
        logical_delete = False
        if defn.is_deleted==True:
            vm_id = None
            ext_nw_svc_host = None
            csep_id = None

            if defType==constants.NETWORK:
                if defn.scope==constants.SCOPE_CP:
                    csep_defn = DBSession.query(CSEPDefLink).filter_by(def_id=defn.id).first()
                    if csep_defn:
                        csep_id = csep_defn.csep_id
                        csep = DBSession.query(CSEP).filter_by(id=csep_id).first()
                        if csep:
                            ext_nw_svc_host = csep.get_nw_service_host()
                else:
                    ext_nw_svc_host = get_cms_network_service_node()
                if ext_nw_svc_host:
                    if ext_nw_svc_host.is_up() and not ext_nw_svc_host.maintenance:
                        LOGGER.info('Syncing network service host - ' + to_str(ext_nw_svc_host.hostname))
                        group_id = None
                        site_id = None
                        defType = constants.NETWORK
                        op = constants.DETACH
                        update_status = True
                        errs = []
                        processor = None
                        sync_forcefully = None
                        use_auth = False
                        SyncDef().sync_node_defn(auth, ext_nw_svc_host, group_id, site_id, defn, defType, op, def_manager, update_status, errs, processor, sync_forcefully, csep_id, use_auth)
                        def_manager.remove_defn_dependencies(csep_id, defn.id, vm_id)
                    else:
                        LOGGER.info('Network Service Node (' + to_str(ext_nw_svc_host.hostname) + ') is down')
                        logical_delete = True
            if scope==constants.SCOPE_S:
                node_defn = DBSession.query(ServerDefLink).filter_by(def_id=defn.id, def_type=defType, status=constants.OUT_OF_SYNC).first()
                if node_defn:
                    node = grid_manager.getNode(auth, node_defn.server_id)
                    if node:
                        LOGGER.info('Definition ' + defn.name + ' is OUT_OF_SYNC on the server ' + node.hostname)
                else:
                    LOGGER.info('Allowing to delete definition...')
                    DBSession.query(ServerDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                    grid_manager.remove_vm_links_to_storage(defn.id)
                    def_manager.remove_storage_disk(defn.id)
                    DBSession.delete(defn)
            elif scope==constants.SCOPE_SP:
                rowGroupDef = DBSession.query(SPDefLink).filter_by(def_id=defn.id, def_type=defType).first()
                if rowGroupDef:
                    if rowGroupDef.oos_count>0:
                        LOGGER.info('Definition is OUT_OF_SYNC at server pool level')
                    else:
                        LOGGER.info('Allowing to delete definition...')
                        DBSession.query(SPDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                        DBSession.query(ServerDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                        grid_manager.remove_vm_links_to_storage(defn.id)
                        def_manager.remove_storage_disk(defn.id)
                        if logical_delete:
                            DBSession.delete(defn)
            elif scope==constants.SCOPE_DC:
                rowGroupDef = DBSession.query(DCDefLink).filter_by(def_id=defn.id, def_type=defType).first()
                if rowGroupDef:
                    if rowGroupDef.oos_count>0:
                        LOGGER.info('Definition is OUT_OF_SYNC at data center level')
                    else:
                        LOGGER.info('Allowing to delete definition...')
                        DBSession.query(DCDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                        DBSession.query(SPDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                        DBSession.query(ServerDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                        grid_manager.remove_vm_links_to_storage(defn.id)
                        def_manager.remove_storage_disk(defn.id)
                        DBSession.query(Storage_Stats).filter_by(storage_id=defn.id).delete()
                        group_defn = DBSession.query(DCDefLink).filter_by(def_id=defn.id, def_type=defType).first()
                        if not group_defn:
                            node_defn = DBSession.query(ServerDefLink).filter_by(def_id=defn.id, def_type=defType).first()
                            if not logical_delete and not node_defn:
                                DBSession.delete(defn)
                        transaction.commit()
            if scope==constants.SCOPE_CP:
                rowGroupDef = DBSession.query(CSEPDefLink).filter_by(def_id=defn.id, def_type=defType).first()
                if rowGroupDef:
                    if rowGroupDef.oos_count>0:
                        LOGGER.info('Definition is OUT_OF_SYNC at csep level')
                    else:
                        LOGGER.info('Allowing to delete definition...')
                        if not logical_delete:
                            DBSession.query(CSEPDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                        DBSession.query(SPDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                        DBSession.query(ServerDefLink).filter_by(def_id=defn.id, def_type=defType).delete()
                        grid_manager.remove_vm_links_to_storage(defn.id)
                        def_manager.remove_storage_disk(defn.id)
                        DBSession.query(Storage_Stats).filter_by(storage_id=defn.id).delete()
                        csep_defn = DBSession.query(CSEPDefLink).filter_by(def_id=defn.id, def_type=defType).first()
                        if not csep_defn:
                            node_defn = DBSession.query(ServerDefLink).filter_by(def_id=defn.id, def_type=defType).first()
                            if not logical_delete and not node_defn:
                                DBSession.delete(defn)
                    transaction.commit()