def get_metadata_status(resource, event, trigger, **kwargs):
if kwargs.get('property'):
properties = admin_utils.parse_multi_keyval_opt(kwargs['property'])
net_id = properties.get('network_id')
else:
net_id = None
edgeapi = utils.NeutronDbClient()
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
edgeapi.context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE)
md_rtr_ids = [edge['router_id'] for edge in edge_list]
router_bindings = nsxv_db.get_nsxv_router_bindings(
edgeapi.context.session, filters={'router_id': md_rtr_ids})
edge_ids = [b['edge_id'] for b in router_bindings]
_md_member_status('Metadata edge appliance: %s members', edge_ids)
if net_id:
as_provider_data = nsxv_db.get_edge_vnic_bindings_by_int_lswitch(
edgeapi.context.session, net_id)
providers = [asp['edge_id'] for asp in as_provider_data]
if providers:
LOG.info('Metadata providers for network %s', net_id)
_md_member_status('Edge %s', providers)
else:
LOG.info('No providers found for network %s', net_id)
def update_shared_secret(resource, event, trigger, **kwargs):
edgeapi = utils.NeutronDbClient()
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
edgeapi.context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE)
md_rtr_ids = [edge['router_id'] for edge in edge_list]
router_bindings = nsxv_db.get_nsxv_router_bindings(
edgeapi.context.session,
filters={'edge_type': [nsxv_constants.SERVICE_EDGE]})
edge_ids = list(set([binding['edge_id'] for binding in router_bindings
if (binding['router_id'] not in set(md_rtr_ids) and
not binding['router_id'].startswith(
vcns_constants.BACKUP_ROUTER_PREFIX) and
not binding['router_id'].startswith(
vcns_constants.PLR_EDGE_PREFIX))]))
for edge_id in edge_ids:
with locking.LockManager.get_lock(edge_id):
lb = nsxv_lb.NsxvLoadbalancer.get_loadbalancer(nsxv, edge_id)
virt = lb.virtual_servers.get(md_proxy.METADATA_VSE_NAME)
if not virt:
LOG.error("Virtual server not found for edge: %s", edge_id)
continue
virt.del_app_rule('insert-auth')
if cfg.CONF.nsxv.metadata_shared_secret:
signature = hmac.new(
bytearray(cfg.CONF.nsxv.metadata_shared_secret, 'ascii'),
bytearray(edge_id, 'ascii'),
hashlib.sha256).hexdigest()
sign = 'reqadd X-Metadata-Provider-Signature:' + signature
sign_app_rule = nsxv_lb.NsxvLBAppRule('insert-auth', sign)
virt.add_app_rule(sign_app_rule)
lb.submit_to_backend(nsxv, edge_id)
def get_metadata_status(resource, event, trigger, **kwargs):
if kwargs.get('property'):
properties = admin_utils.parse_multi_keyval_opt(kwargs['property'])
net_id = properties.get('network_id')
else:
net_id = None
edgeapi = utils.NeutronDbClient()
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
edgeapi.context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE)
md_rtr_ids = [edge['router_id'] for edge in edge_list]
router_bindings = nsxv_db.get_nsxv_router_bindings(
edgeapi.context.session,
filters={'router_id': md_rtr_ids})
edge_ids = [b['edge_id'] for b in router_bindings]
_md_member_status('Metadata edge appliance: %s members', edge_ids)
if net_id:
as_provider_data = nsxv_db.get_edge_vnic_bindings_by_int_lswitch(
edgeapi.context.session, net_id)
providers = [asp['edge_id'] for asp in as_provider_data]
if providers:
LOG.info('Metadata providers for network %s', net_id)
_md_member_status('Edge %s', providers)
else:
LOG.info('No providers found for network %s', net_id)
def get_db_internal_edge_ips(context):
ip_list = []
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
context.session, vcns_const.InternalEdgePurposes.INTER_EDGE_PURPOSE)
if edge_list:
ip_list = [edge['ext_ip_address'] for edge in edge_list]
return ip_list
def get_db_internal_edge_ips(context):
ip_list = []
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
context.session,
vcns_const.InternalEdgePurposes.INTER_EDGE_PURPOSE)
if edge_list:
ip_list = [edge['ext_ip_address'] for edge in edge_list]
return ip_list
def get_db_internal_edge_ips(context, az_name):
ip_list = []
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
context.session,
vcns_const.InternalEdgePurposes.INTER_EDGE_PURPOSE)
if edge_list:
# Take only the edges on this availability zone
ip_list = [edge['ext_ip_address'] for edge in edge_list
if nsxv_db.get_router_availability_zone(
context.session, edge['router_id']) == az_name]
return ip_list
def get_db_internal_edge_ips(context, az_name):
ip_list = []
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
context.session,
vcns_const.InternalEdgePurposes.INTER_EDGE_PURPOSE)
if edge_list:
# Take only the edges on this availability zone
ip_list = [edge['ext_ip_address'] for edge in edge_list
if nsxv_db.get_router_availability_zone(
context.session, edge['router_id']) == az_name]
return ip_list
def _get_internal_edge_ips(context, az_name):
# Get the list of internal networks for this AZ
db_net = nsxv_db.get_nsxv_internal_network_for_az(
context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE,
az_name)
internal_net = None
internal_subnet = None
if db_net:
internal_net = db_net['network_id']
internal_subnet = context.session.query(
models_v2.Subnet).filter_by(
network_id=internal_net).first().get('id')
# Get the list of internal edges for this AZ
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE)
edge_az_list = [edge for edge in edge_list if
nsxv_db.get_router_availability_zone(
context.session, edge['router_id']) == az_name]
md_rtr_ids = [edge['router_id'] for edge in edge_az_list]
edge_internal_ips = []
for edge in edge_az_list:
edge_internal_port = context.session.query(
models_v2.Port).filter_by(network_id=internal_net,
device_id=edge['router_id']).first()
if edge_internal_port:
edge_internal_ip = context.session.query(
models_v2.IPAllocation).filter_by(
port_id=edge_internal_port['id']).first()
edge_internal_ips.append(edge_internal_ip['ip_address'])
if not internal_net or not internal_subnet or not edge_internal_ips:
return None, None
LOG.info('Metadata proxy internal IPs are %s', edge_internal_ips)
return edge_internal_ips, md_rtr_ids
def nsx_redo_metadata_cfg_for_az(az, edgeapi):
LOG.info("Updating MetaData for availability zone: %s", az.name)
# Get the list of internal networks for this AZ
db_net = nsxv_db.get_nsxv_internal_network(
edgeapi.context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE, az.name)
internal_net = None
internal_subnet = None
if db_net:
internal_net = db_net['network_id']
internal_subnet = edgeapi.context.session.query(
models_v2.Subnet).filter_by(
network_id=internal_net).first().get('id')
# Get the list of internal edges for this AZ
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
edgeapi.context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE)
edge_az_list = [
edge for edge in edge_list if nsxv_db.get_router_availability_zone(
edgeapi.context.session, edge['router_id']) == az.name
]
md_rtr_ids = [edge['router_id'] for edge in edge_az_list]
edge_internal_ips = []
for edge in edge_az_list:
edge_internal_port = edgeapi.context.session.query(
models_v2.Port).filter_by(network_id=internal_net,
device_id=edge['router_id']).first()
if edge_internal_port:
edge_internal_ip = edgeapi.context.session.query(
models_v2.IPAllocation).filter_by(
port_id=edge_internal_port['id']).first()
edge_internal_ips.append(edge_internal_ip['ip_address'])
if not internal_net or not internal_subnet or not edge_internal_ips:
LOG.error("Metadata infrastructure is missing or broken. "
"It is recommended to restart neutron service before "
"proceeding with configuration restoration")
return
router_bindings = nsxv_db.get_nsxv_router_bindings(
edgeapi.context.session,
filters={
'edge_type': [nsxv_constants.SERVICE_EDGE],
'availability_zones': az.name
})
edge_ids = list(
set([
binding['edge_id'] for binding in router_bindings
if (binding['router_id'] not in set(md_rtr_ids)
and not binding['router_id'].startswith(
vcns_constants.BACKUP_ROUTER_PREFIX)
and not binding['router_id'].startswith(
vcns_constants.PLR_EDGE_PREFIX))
]))
for edge_id in edge_ids:
with locking.LockManager.get_lock(edge_id):
lb = nsxv_lb.NsxvLoadbalancer.get_loadbalancer(nsxv, edge_id)
virt = lb.virtual_servers.get(md_proxy.METADATA_VSE_NAME)
if virt:
pool = virt.default_pool
pool.members = {}
i = 0
s_port = cfg.CONF.nsxv.nova_metadata_port
for member_ip in edge_internal_ips:
i += 1
member = nsxv_lb.NsxvLBPoolMember(name='Member-%d' % i,
ip_address=member_ip,
port=s_port,
monitor_port=s_port)
pool.add_member(member)
lb.submit_to_backend(nsxv, edge_id)
def nsx_redo_metadata_cfg(resource, event, trigger, **kwargs):
edgeapi = utils.NeutronDbClient()
net_list = nsxv_db.get_nsxv_internal_network(
edgeapi.context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE)
internal_net = None
internal_subnet = None
if net_list:
internal_net = net_list[0]['network_id']
internal_subnet = edgeapi.context.session.query(
models_v2.Subnet).filter_by(
network_id=internal_net).first().get('id')
edge_list = nsxv_db.get_nsxv_internal_edges_by_purpose(
edgeapi.context.session,
vcns_constants.InternalEdgePurposes.INTER_EDGE_PURPOSE)
md_rtr_ids = [edge['router_id'] for edge in edge_list]
edge_internal_ips = []
for edge in edge_list:
edge_internal_port = edgeapi.context.session.query(
models_v2.Port).filter_by(network_id=internal_net,
device_id=edge['router_id']).first()
if edge_internal_port:
edge_internal_ip = edgeapi.context.session.query(
models_v2.IPAllocation).filter_by(
port_id=edge_internal_port['id']).first()
edge_internal_ips.append(edge_internal_ip['ip_address'])
if not internal_net or not internal_subnet or not edge_internal_ips:
LOG.error(_LE("Metadata infrastructure is missing or broken. "
"It is recommended to restart neutron service before "
"proceeding with configuration restoration"))
return
router_bindings = nsxv_db.get_nsxv_router_bindings(
edgeapi.context.session,
filters={'edge_type': [nsxv_constants.SERVICE_EDGE]})
edge_ids = list(set([binding['edge_id'] for binding in router_bindings
if (binding['router_id'] not in set(md_rtr_ids)
and not binding['router_id'].startswith(
vcns_constants.BACKUP_ROUTER_PREFIX)
and not binding['router_id'].startswith(
vcns_constants.PLR_EDGE_PREFIX))]))
for edge_id in edge_ids:
with locking.LockManager.get_lock(edge_id):
lb = nsxv_lb.NsxvLoadbalancer.get_loadbalancer(nsxv, edge_id)
virt = lb.virtual_servers.get(md_proxy.METADATA_VSE_NAME)
if virt:
pool = virt.default_pool
pool.members = {}
i = 0
s_port = cfg.CONF.nsxv.nova_metadata_port
for member_ip in edge_internal_ips:
i += 1
member = nsxv_lb.NsxvLBPoolMember(
name='Member-%d' % i,
ip_address=member_ip,
port=s_port,
monitor_port=s_port)
pool.add_member(member)
lb.submit_to_backend(nsxv, edge_id)
