Пример #1
0
 def _get_floating_ip(self, name, proj_obj, external_ip=None, vmi_obj=None):
     if vmi_obj:
         fip_refs = vmi_obj.get_floating_ip_back_refs()
         for ref in fip_refs or []:
             fip = FloatingIpKM.get(ref['uuid'])
             if fip:
                 return fip
             else:
                 break
     fip_pool = self._get_public_fip_pool()
     if fip_pool is None:
         return None
     fip_uuid = str(uuid.uuid4())
     fip_name = VncCommon.make_name(name, fip_uuid)
     fip_obj = FloatingIp(fip_name, fip_pool)
     fip_obj.uuid = fip_uuid
     fip_obj.set_project(proj_obj)
     if vmi_obj:
         fip_obj.set_virtual_machine_interface(vmi_obj)
     if external_ip:
         fip_obj.floating_ip_address = external_ip
     try:
         self._vnc_lib.floating_ip_create(fip_obj)
         fip = FloatingIpKM.locate(fip_obj.uuid)
     except Exception as e:
         string_buf = StringIO()
         cgitb_hook(file=string_buf, format="text")
         err_msg = string_buf.getvalue()
         self._logger.error("%s - %s" % (self._name, err_msg))
         return None
     return fip
Пример #2
0
    def _check_changed_labels(self, label_diff, vm):
        if not label_diff or not label_diff['changed']:
            return

        for vmi_id in vm.virtual_machine_interfaces:
            vmi = VirtualMachineInterfaceKM.get(vmi_id)
            if not vmi:
                return
            break

        # check if pod link to be deleted
        for sg_id in vmi.security_groups:
            sg = SecurityGroupKM.get(sg_id)
            if not sg or not sg.dst_pod_selector:
                continue
            dst_labels = sg.dst_pod_selector
            if set(changed_labels.keys()).intersection(set(dst_labels.keys())):
                self._sg_2_pod_link(vm.uuid, sg_id, 'DELETE')

        # check if rule has to be deleted
        for label in changed_labels.items():
            key = self._label_cache._get_key(label)

            policy_ids = self.policy_src_label_cache.get(key, [])
            for policy_id in policy_ids:
                sg = SecurityGroupKM.get(policy_id)
                if not sg:
                    continue
                sg_name = sg.name + "__ingress"
                sg_name = VncCommon.make_name(sg_name, sg.uuid)
                sg_id = self.get_kube_fq_name_to_uuid(SecurityGroupKM,
                                                      sg.namespace, sg_name)
                if sg_id:
                    self._sg_2_pod_link(pod_id, sg_id, 'DELETE')
Пример #3
0
    def _create_iip(self, pod_name, pod_namespace, vn_obj, vmi):
        # Instance-ip for pods are ALWAYS allocated from pod ipam on this
        # VN. Get the subnet uuid of the pod ipam on this VN, so we can request
        # an IP from it.
        vn = VirtualNetworkKM.find_by_name_or_uuid(vn_obj.get_uuid())
        pod_ipam_subnet_uuid = vn.get_ipam_subnet_uuid(
            vnc_kube_config.pod_ipam_fq_name())

        # Create instance-ip.
        display_name = VncCommon.make_display_name(pod_namespace, pod_name)
        iip_uuid = str(uuid.uuid1())
        iip_name = VncCommon.make_name(pod_name, iip_uuid)
        iip_obj = InstanceIp(name=iip_name,
                             subnet_uuid=pod_ipam_subnet_uuid,
                             display_name=display_name)
        iip_obj.uuid = iip_uuid
        iip_obj.add_virtual_network(vn_obj)

        # Creation of iip requires the vmi vnc object.
        vmi_obj = self._vnc_lib.virtual_machine_interface_read(
            fq_name=vmi.fq_name)
        iip_obj.add_virtual_machine_interface(vmi_obj)

        self.add_annotations(iip_obj, InstanceIpKM.kube_fq_name_key,
                             pod_namespace, pod_name)

        try:
            self._vnc_lib.instance_ip_create(iip_obj)
        except RefsExistError:
            self._vnc_lib.instance_ip_update(iip_obj)
        InstanceIpKM.locate(iip_obj.uuid)
        return iip_obj
Пример #4
0
    def create(self,
               k8s_event_type,
               service_ns,
               service_id,
               service_name,
               proj_obj,
               vn_obj,
               vip_address=None,
               subnet_uuid=None,
               tags=None):
        """
        Create a loadbalancer.
        """
        lb_name = VncCommon.make_name(service_name, service_id)
        lb_display_name = VncCommon.make_display_name(service_ns, service_name)
        if k8s_event_type == 'Service':
            lb_provider = 'native'
        elif k8s_event_type == 'Ingress':
            lb_provider = 'opencontrail'
        lb_obj = Loadbalancer(name=lb_name,
                              parent_obj=proj_obj,
                              loadbalancer_provider=lb_provider,
                              display_name=lb_display_name)

        lb_obj.uuid = service_id
        sas_obj = self._check_provider_exists(
            loadbalancer_provider=lb_provider)
        if sas_obj is not None:
            lb_obj.set_service_appliance_set(sas_obj)

        vmi_obj, vip_address = self._create_virtual_interface(proj_obj,
                                                              vn_obj,
                                                              service_ns,
                                                              service_name,
                                                              vip_address,
                                                              subnet_uuid,
                                                              tags=tags)
        if vmi_obj is None:
            return None
        lb_obj.set_virtual_machine_interface(vmi_obj)

        id_perms = IdPermsType(enable=True)
        props = LoadbalancerType(provisioning_status='ACTIVE',
                                 id_perms=id_perms,
                                 operating_status='ONLINE',
                                 vip_address=vip_address)
        lb_obj.set_loadbalancer_properties(props)

        LoadbalancerKM.add_annotations(self,
                                       lb_obj,
                                       service_ns,
                                       service_name,
                                       k8s_type=k8s_event_type)

        try:
            self._vnc_lib.loadbalancer_create(lb_obj)
        except RefsExistError:
            self._vnc_lib.loadbalancer_update(lb_obj)
        return lb_obj
Пример #5
0
 def _create_np_sg(self, spec, namespace, name, uuid, np_pod_selector):
     sg_name = VncCommon.make_name(name, uuid)
     sg = self._vnc_create_sg(spec,
                              namespace,
                              sg_name,
                              uuid,
                              np_pod_selector=np_pod_selector)
     return sg
Пример #6
0
    def _get_floating_ip(self,
                         name,
                         ns_name,
                         proj_obj,
                         external_ip=None,
                         vmi_obj=None,
                         specified_fip_pool_fq_name_str=None):
        fip_pool_fq_name = None
        if specified_fip_pool_fq_name_str != None:
            fip_pool_fq_name = get_fip_pool_fq_name_from_dict_string(
                specified_fip_pool_fq_name_str)
        if fip_pool_fq_name is None:
            ns = self._get_namespace(ns_name)
            fip_pool_fq_name = ns.get_annotated_ns_fip_pool_fq_name()
        if fip_pool_fq_name is None:
            if not vnc_kube_config.is_public_fip_pool_configured():
                return None
            try:
                fip_pool_fq_name = get_fip_pool_fq_name_from_dict_string(
                    self._args.public_fip_pool)
            except Exception as e:
                string_buf = StringIO()
                cgitb_hook(file=string_buf, format="text")
                err_msg = string_buf.getvalue()
                self._logger.error("%s - %s" % (self._name, err_msg))
                return None

        if vmi_obj:
            fip_refs = vmi_obj.get_floating_ip_back_refs()
            for ref in fip_refs or []:
                fip = FloatingIpKM.get(ref['uuid'])
                if fip and fip.fq_name[:-1] == fip_pool_fq_name:
                    return fip
                else:
                    break
        fip_pool = self._get_fip_pool_obj(fip_pool_fq_name)
        if fip_pool is None:
            return None
        fip_uuid = str(uuid.uuid4())
        fip_name = VncCommon.make_name(name, fip_uuid)
        fip_obj = FloatingIp(fip_name, fip_pool)
        fip_obj.uuid = fip_uuid
        fip_obj.set_project(proj_obj)
        if vmi_obj:
            fip_obj.set_virtual_machine_interface(vmi_obj)
        if external_ip:
            fip_obj.floating_ip_address = external_ip
        try:
            self._vnc_lib.floating_ip_create(fip_obj)
            fip = FloatingIpKM.locate(fip_obj.uuid)
        except Exception as e:
            string_buf = StringIO()
            cgitb_hook(file=string_buf, format="text")
            err_msg = string_buf.getvalue()
            self._logger.error("%s - %s" % (self._name, err_msg))
            return None
        return fip
 def _get_ingress_rule_list(self, spec, namespace, np_sg_name, np_sg_uuid):
     ingress_rule_list = []
     ingress_acl_rules = spec.get('ingress')
     if not ingress_acl_rules or not len(ingress_acl_rules):
         self._logger.error("%s - %s:%s Ingress Rules Not Available" \
             %(self._name, np_sg_name, np_sg_uuid))
         return ingress_rule_list
     ingress_pod_sg_index = 0
     for ingress_acl_rule in ingress_acl_rules:
         dst_port_list = []
         src_address_list = []
         ports = ingress_acl_rule.get('ports')
         if not ports:
             ports = []
             dst_port = self._get_ports()
             dst_port_list.append(dst_port)
         for port in ports:
             dst_port = self._get_ports(port)
             dst_port_list.append(dst_port)
         from_rules = ingress_acl_rule.get('from')
         if not from_rules:
             from_rules = []
             # allow-all-ns-sg
             ns_address_list = self._get_ns_address_list(np_sg_uuid)
             src_address_list.extend(ns_address_list)
             # allow-all-pods
             src_address = self._get_ns_address(namespace)
             src_address_list.append(src_address)
         for from_rule in from_rules:
             src_address = {}
             if 'namespaceSelector' in from_rule:
                 ns_address_list = []
                 ns_selector = from_rule.get('namespaceSelector')
                 ns_selector_labels = ns_selector.get('matchLabels')
                 if not ns_selector_labels:
                     ns_address_list = self._get_ns_address_list(np_sg_uuid)
                 else:
                     ns_address_list = \
                         self._get_ns_address_list(np_sg_uuid, ns_selector_labels)
                 if len(ns_address_list):
                     src_address_list.extend(ns_address_list)
             if 'podSelector' in from_rule:
                 pod_selector = from_rule.get('podSelector')
                 pod_selector_labels = pod_selector.get('matchLabels')
                 if not pod_selector_labels:
                     # allow-all-pods
                     src_address = self._get_ns_address(namespace)
                 else:
                     ingress_pod_sg_index += 1
                     src_sg_name = VncCommon.make_name(np_sg_name,
                                 'ingress', ingress_pod_sg_index)
                     src_address['pod_selector'] = pod_selector_labels
                     src_address['src_sg_name'] = src_sg_name
                 src_address_list.append(src_address)
         rule_list = self._get_rule_list(src_address_list, dst_port_list)
         ingress_rule_list.extend(rule_list)
     return ingress_rule_list
Пример #8
0
    def vnc_network_policy_delete(self, event, sg_uuid):
        self._delete_sg(sg_uuid)

        namespace = event['object']['metadata'].get('namespace')
        name = event['object']['metadata'].get('name')
        src_sg_name = 'from__' + VncCommon.make_name(name, sg_uuid)
        src_sg_uuid = self.get_kube_fq_name_to_uuid(SecurityGroupKM, namespace,
                                                    src_sg_name)
        self._delete_sg(src_sg_uuid)
Пример #9
0
 def _get_ingress_rule_list(self, spec, namespace, np_sg_name, np_sg_uuid):
     ingress_rule_list = []
     ingress_acl_rules = spec.get('ingress')
     if not ingress_acl_rules or not len(ingress_acl_rules):
         self._logger.error("%s - %s:%s Ingress Rules Not Available" \
             %(self._name, np_sg_name, np_sg_uuid))
         return ingress_rule_list
     ingress_pod_sg_index = 0
     for ingress_acl_rule in ingress_acl_rules:
         dst_port_list = []
         src_address_list = []
         ports = ingress_acl_rule.get('ports')
         if not ports:
             ports = []
             dst_port = self._get_ports()
             dst_port_list.append(dst_port)
         for port in ports:
             dst_port = self._get_ports(port)
             dst_port_list.append(dst_port)
         from_rules = ingress_acl_rule.get('from')
         if not from_rules:
             from_rules = []
             # allow-all-ns-sg
             ns_address_list = self._get_ns_address_list(np_sg_uuid)
             src_address_list.extend(ns_address_list)
             # allow-all-pods
             src_address = self._get_ns_address(namespace)
             src_address_list.append(src_address)
         for from_rule in from_rules:
             src_address = {}
             if 'namespaceSelector' in from_rule:
                 ns_address_list = []
                 ns_selector = from_rule.get('namespaceSelector')
                 ns_selector_labels = ns_selector.get('matchLabels')
                 if not ns_selector_labels:
                     ns_address_list = self._get_ns_address_list(np_sg_uuid)
                 else:
                     ns_address_list = \
                         self._get_ns_address_list(np_sg_uuid, ns_selector_labels)
                 if len(ns_address_list):
                     src_address_list.extend(ns_address_list)
             if 'podSelector' in from_rule:
                 pod_selector = from_rule.get('podSelector')
                 pod_selector_labels = pod_selector.get('matchLabels')
                 if not pod_selector_labels:
                     # allow-all-pods
                     src_address = self._get_ns_address(namespace)
                 else:
                     ingress_pod_sg_index += 1
                     src_sg_name = VncCommon.make_name(
                         np_sg_name, 'ingress', ingress_pod_sg_index)
                     src_address['pod_selector'] = pod_selector_labels
                     src_address['src_sg_name'] = src_sg_name
                 src_address_list.append(src_address)
         rule_list = self._get_rule_list(src_address_list, dst_port_list)
         ingress_rule_list.extend(rule_list)
     return ingress_rule_list
Пример #10
0
 def _create_dst_sg(self, event):
     uuid = event['object']['metadata'].get('uid')
     sg = SecurityGroupKM.get(uuid)
     if not sg:
         self._check_sg_uuid_change(event, uuid)
         name = event['object']['metadata'].get('name')
         sg_name = VncCommon.make_name(name, uuid)
         sg = self._create_sg(event, sg_name, uuid)
     else:
         sg = self._update_sg(event, sg)
     return sg
Пример #11
0
 def _create_src_sg(self, event, dst_uuid):
     namespace = event['object']['metadata'].get('namespace')
     name = event['object']['metadata'].get('name')
     sg_name = 'from__' + VncCommon.make_name(name, dst_uuid)
     sg_id = self.get_kube_fq_name_to_uuid(SecurityGroupKM, namespace,
                                           sg_name)
     if not sg_id:
         sg = self._create_sg(event, sg_name)
     else:
         sg = SecurityGroupKM.locate(sg_id)
     return sg
Пример #12
0
 def _add_src_pod_2_policy(self, pod_id, policy_list):
     for policy_id in policy_list:
         sg = SecurityGroupKM.get(policy_id)
         if not sg:
             continue
         if self._find_pods(sg.src_pod_selector, {pod_id}):
             sg_name = sg.name + "__ingress"
             sg_name = VncCommon.make_name(sg_name, sg.uuid)
             sg_id = self.get_kube_fq_name_to_uuid(SecurityGroupKM,
                                                   sg.namespace, sg_name)
             sg_id = SecurityGroupKM.get_kube_fq_name_to_uuid(sg_fq_name)
             if sg_id:
                 self._sg_2_pod_link(pod_id, sg_id, 'ADD')
Пример #13
0
    def create(self,
               lb_provider,
               vn_obj,
               service_ns,
               service_id,
               service_name,
               proj_obj,
               vip_address=None,
               subnet_uuid=None,
               annotations=None):
        """
        Create a loadbalancer.
        """
        lb_name = VncCommon.make_name(service_name, service_id)
        lb_display_name = VncCommon.make_display_name(service_ns, service_name)
        lb_obj = Loadbalancer(name=lb_name,
                              parent_obj=proj_obj,
                              loadbalancer_provider=lb_provider,
                              display_name=lb_display_name)

        lb_obj.uuid = service_id
        sas_obj = self._check_provider_exists(
            loadbalancer_provider=lb_provider)
        if sas_obj is not None:
            lb_obj.set_service_appliance_set(sas_obj)

        vmi_obj, vip_address = self._create_virtual_interface(
            proj_obj, vn_obj, service_ns, service_name, vip_address,
            subnet_uuid)
        if vmi_obj is None:
            return None

        lb_obj.set_virtual_machine_interface(vmi_obj)

        id_perms = IdPermsType(enable=True)
        props = LoadbalancerType(provisioning_status='ACTIVE',
                                 id_perms=id_perms,
                                 operating_status='ONLINE',
                                 vip_address=vip_address)
        lb_obj.set_loadbalancer_properties(props)
        for key in annotations:
            lb_obj.add_annotations(
                KeyValuePair(key=key, value=annotations[key]))

        try:
            self._vnc_lib.loadbalancer_create(lb_obj)
        except RefsExistError:
            self._vnc_lib.loadbalancer_update(lb_obj)
        return lb_obj
Пример #14
0
    def _create_vm(self, pod_namespace, pod_id, pod_name, labels):
        proj_fq_name = vnc_kube_config.cluster_project_fq_name(pod_namespace)
        vm_name = VncCommon.make_name(pod_name, pod_id)
        display_name=VncCommon.make_display_name(pod_namespace, pod_name)
        vm_obj = VirtualMachine(name=vm_name,display_name=display_name)
        vm_obj.uuid = pod_id

        VirtualMachineKM.add_annotations(self, vm_obj, pod_namespace, pod_name,
            k8s_uuid=str(pod_id), labels=json.dumps(labels))
        try:
            self._vnc_lib.virtual_machine_create(vm_obj)
        except RefsExistError:
            vm_obj = self._vnc_lib.virtual_machine_read(id=pod_id)
        vm = VirtualMachineKM.locate(vm_obj.uuid)
        return vm_obj
Пример #15
0
    def _get_floating_ip(self, name,
            proj_obj, external_ip=None, vmi_obj=None):
        if not vnc_kube_config.is_public_fip_pool_configured():
            return None

        try:
            fip_pool_fq_name = get_fip_pool_fq_name_from_dict_string(
                self._args.public_fip_pool)
        except Exception as e:
            string_buf = StringIO()
            cgitb_hook(file=string_buf, format="text")
            err_msg = string_buf.getvalue()
            self._logger.error("%s - %s" %(self._name, err_msg))
            return None

        if vmi_obj:
            fip_refs = vmi_obj.get_floating_ip_back_refs()
            for ref in fip_refs or []:
                fip = FloatingIpKM.get(ref['uuid'])
                if fip and fip.fq_name[:-1] == fip_pool_fq_name:
                    return fip
                else:
                    break
        fip_pool = self._get_public_fip_pool(fip_pool_fq_name)
        if fip_pool is None:
            return None
        fip_uuid = str(uuid.uuid4())
        fip_name = VncCommon.make_name(name, fip_uuid)
        fip_obj = FloatingIp(fip_name, fip_pool)
        fip_obj.uuid = fip_uuid
        fip_obj.set_project(proj_obj)
        if vmi_obj:
            fip_obj.set_virtual_machine_interface(vmi_obj)
        if external_ip:
            fip_obj.floating_ip_address = external_ip
        try:
            self._vnc_lib.floating_ip_create(fip_obj)
            fip = FloatingIpKM.locate(fip_obj.uuid)
        except Exception as e:
            string_buf = StringIO()
            cgitb_hook(file=string_buf, format="text")
            err_msg = string_buf.getvalue()
            self._logger.error("%s - %s" %(self._name, err_msg))
            return None
        return fip
Пример #16
0
    def _create_cluster_service_fip(self, pod_name, pod_namespace, vmi_uuid):
        """
        Isolated Pods in the cluster will be allocated a floating ip
        from the cluster service network, so that the pods can talk
        to cluster services.
        """
        if not self._service_fip_pool:
            return

        # Construct parent ref.
        fip_pool_obj = FloatingIpPool()
        fip_pool_obj.uuid = self._service_fip_pool.uuid
        fip_pool_obj.fq_name = self._service_fip_pool.fq_name
        fip_pool_obj.name = self._service_fip_pool.name

        # Create Floating-Ip object.
        obj_uuid = str(uuid.uuid1())
        display_name=VncCommon.make_display_name(pod_namespace, pod_name)
        name = VncCommon.make_name(pod_name, obj_uuid)
        fip_obj = FloatingIp(name="cluster-svc-fip-%s"% (name),
                    parent_obj=fip_pool_obj,
                    floating_ip_traffic_direction='egress',
                    display_name=display_name)
        fip_obj.uuid = obj_uuid

        # Creation of fip requires the vmi vnc object.
        vmi_obj = self._vnc_lib.virtual_machine_interface_read(
                      id=vmi_uuid)
        fip_obj.set_virtual_machine_interface(vmi_obj)

        self.add_annotations(fip_obj, FloatingIpKM.kube_fq_name_key,
            pod_namespace, pod_name)

        try:
            fip_uuid = self._vnc_lib.floating_ip_create(fip_obj)
        except RefsExistError:
            fip_uuid = self._vnc_lib.floating_ip_update(fip_obj)

        # Cached service floating ip.
        FloatingIpKM.locate(fip_uuid)

        return
Пример #17
0
 def _get_floating_ip(self, name, proj_obj, vmi_obj=None):
     fip_refs = vmi_obj.get_floating_ip_back_refs()
     for ref in fip_refs or []:
         fip = FloatingIpKM.get(ref['uuid'])
         if fip:
             return fip
         else:
             break
     fip_pool = self._get_public_fip_pool()
     if fip_pool is None:
         return None
     fip_uuid = str(uuid.uuid4())
     fip_name = VncCommon.make_name(name, fip_uuid)
     fip_obj = FloatingIp(fip_name, fip_pool)
     fip_obj.uuid = fip_uuid
     fip_obj.set_project(proj_obj)
     if vmi_obj:
         fip_obj.set_virtual_machine_interface(vmi_obj)
     self._vnc_lib.floating_ip_create(fip_obj)
     fip = FloatingIpKM.locate(fip_obj.uuid)
     return fip
Пример #18
0
    def create(self, k8s_event_type, service_ns, service_id, service_name,
               proj_obj, vn_obj, vip_address=None, subnet_uuid=None, tags=None):
        """
        Create a loadbalancer.
        """
        lb_name = VncCommon.make_name(service_name, service_id)
        lb_display_name = VncCommon.make_display_name(service_ns, service_name)
        if k8s_event_type == 'Service':
            lb_provider = 'native'
        elif k8s_event_type == 'Ingress':
            lb_provider = 'opencontrail'
        lb_obj = Loadbalancer(name=lb_name, parent_obj=proj_obj,
                    loadbalancer_provider=lb_provider,
                    display_name=lb_display_name)

        lb_obj.uuid = service_id
        sas_obj = self._check_provider_exists(loadbalancer_provider=lb_provider)
        if sas_obj is not None:
            lb_obj.set_service_appliance_set(sas_obj)

        vmi_obj, vip_address = self._create_virtual_interface(proj_obj,
            vn_obj, service_ns, service_name, service_id, k8s_event_type,
            vip_address, subnet_uuid, tags=tags)
        if vmi_obj is None:
            return None
        lb_obj.set_virtual_machine_interface(vmi_obj)

        id_perms = IdPermsType(enable=True)
        props = LoadbalancerType(provisioning_status='ACTIVE', id_perms=id_perms,
                      operating_status='ONLINE', vip_address=vip_address)
        lb_obj.set_loadbalancer_properties(props)

        LoadbalancerKM.add_annotations(self, lb_obj, service_ns, service_name,
            k8s_type=k8s_event_type)

        try:
            self._vnc_lib.loadbalancer_create(lb_obj)
        except RefsExistError:
            self._vnc_lib.loadbalancer_update(lb_obj)
        return lb_obj
Пример #19
0
    def _is_service_exists(self, service_name, service_namespace):
        resource_type = "services"
        service_info = self._kube.get_resource(resource_type,
                       service_name, service_namespace)
        if service_info and 'metadata' in service_info:
            uid = service_info['metadata'].get('uid')
            if not uid:
                return False, None
        else:
            return False, None
        name = VncCommon.make_name(service_name, uid)
        proj_fq_name = vnc_kube_config.cluster_project_fq_name(service_namespace)
        lb_fq_name = proj_fq_name + [name]
        try:
            lb_obj = self._vnc_lib.loadbalancer_read(fq_name=lb_fq_name)
        except NoIdError:
            return False, None

        if lb_obj is None:
            return False, None
        else:
            return True, lb_obj.uuid
Пример #20
0
    def _is_service_exists(self, service_name, service_namespace):
        resource_type = "services"
        service_info = self._kube.get_resource(resource_type,
                       service_name, service_namespace)
        if service_info and 'metadata' in service_info:
            uid = service_info['metadata'].get('uid')
            if not uid:
                return False, None
        else:
            return False, None
        name = VncCommon.make_name(service_name, uid)
        proj_fq_name = vnc_kube_config.cluster_project_fq_name(service_namespace)
        lb_fq_name = proj_fq_name + [name]
        try:
            lb_obj = self._vnc_lib.loadbalancer_read(fq_name=lb_fq_name)
        except NoIdError:
            return False, None

        if lb_obj is None:
            return False, None
        else:
            return True, lb_obj.uuid
Пример #21
0
    def _create_vmi(self, pod_name, pod_namespace, vm_obj, vn_obj, parent_vmi):
        proj_fq_name = vnc_kube_config.cluster_project_fq_name(pod_namespace)
        proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name)

        vmi_prop = None
        if self._is_pod_nested() and parent_vmi:
            # Pod is nested.
            # Allocate a vlan-id for this pod from the vlan space managed
            # in the VMI of the underlay VM.
            parent_vmi = VirtualMachineInterfaceKM.get(parent_vmi.uuid)
            vlan_id = parent_vmi.alloc_vlan()
            vmi_prop = VirtualMachineInterfacePropertiesType(
                sub_interface_vlan_tag=vlan_id)

        obj_uuid = str(uuid.uuid1())
        name = VncCommon.make_name(pod_name, obj_uuid)
        display_name = VncCommon.make_display_name(pod_namespace, pod_name)
        vmi_obj = VirtualMachineInterface(
            name=name,
            parent_obj=proj_obj,
            virtual_machine_interface_properties=vmi_prop,
            display_name=display_name)

        vmi_obj.uuid = obj_uuid
        vmi_obj.set_virtual_network(vn_obj)
        vmi_obj.set_virtual_machine(vm_obj)
        self._associate_security_groups(vmi_obj, proj_obj, pod_namespace)
        self.add_annotations(vmi_obj,
                             VirtualMachineInterfaceKM.kube_fq_name_key,
                             pod_namespace, pod_name)

        try:
            vmi_uuid = self._vnc_lib.virtual_machine_interface_create(vmi_obj)
        except RefsExistError:
            vmi_uuid = self._vnc_lib.virtual_machine_interface_update(vmi_obj)

        VirtualMachineInterfaceKM.locate(vmi_uuid)
        return vmi_uuid
Пример #22
0
    def _get_cluster_service_fip(self, name, ns_name, lb_obj):
        if not self._service_fip_pool:
            return None

        fip_pool = FloatingIpPool()
        fip_pool.uuid = self._service_fip_pool.uuid
        fip_pool.fq_name = self._service_fip_pool.fq_name
        fip_pool.name = self._service_fip_pool.name

        fip_uuid = str(uuid.uuid4())
        fip_name = VncCommon.make_name(name, fip_uuid)
        display_name=VncCommon.make_display_name(ns_name, name)
        fip_obj = FloatingIp(name="cluster-svc-fip-%s"% (fip_name),
                    parent_obj=fip_pool,
                    floating_ip_traffic_direction='egress',
                    display_name=display_name)
        fip_obj.uuid = fip_uuid

        proj_obj = self._get_project(ns_name)
        fip_obj.set_project(proj_obj)

        vmi_id = lb_obj.virtual_machine_interface_refs[0]['uuid']
        vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_id)
        if vmi_obj:
            fip_obj.set_virtual_machine_interface(vmi_obj)

        FloatingIpKM.add_annotations(self, fip_obj, name, ns_name)
        try:
            self._vnc_lib.floating_ip_create(fip_obj)
            fip = FloatingIpKM.locate(fip_obj.uuid)
        except Exception as e:
            string_buf = StringIO()
            cgitb_hook(file=string_buf, format="text")
            err_msg = string_buf.getvalue()
            self._logger.error("%s - %s" %(self._name, err_msg))

        return
Пример #23
0
    def _get_cluster_service_fip(self, name, ns_name, lb_obj):
        if not self._service_fip_pool:
            return None

        fip_pool = FloatingIpPool()
        fip_pool.uuid = self._service_fip_pool.uuid
        fip_pool.fq_name = self._service_fip_pool.fq_name
        fip_pool.name = self._service_fip_pool.name

        fip_uuid = str(uuid.uuid4())
        fip_name = VncCommon.make_name(name, fip_uuid)
        display_name = VncCommon.make_display_name(ns_name, name)
        fip_obj = FloatingIp(name="cluster-svc-fip-%s" % (fip_name),
                             parent_obj=fip_pool,
                             floating_ip_traffic_direction='egress',
                             display_name=display_name)
        fip_obj.uuid = fip_uuid

        proj_obj = self._get_project(ns_name)
        fip_obj.set_project(proj_obj)

        vmi_id = lb_obj.virtual_machine_interface_refs[0]['uuid']
        vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_id)
        if vmi_obj:
            fip_obj.set_virtual_machine_interface(vmi_obj)

        FloatingIpKM.add_annotations(self, fip_obj, name, ns_name)
        try:
            self._vnc_lib.floating_ip_create(fip_obj)
            fip = FloatingIpKM.locate(fip_obj.uuid)
        except Exception as e:
            string_buf = StringIO()
            cgitb_hook(file=string_buf, format="text")
            err_msg = string_buf.getvalue()
            self._logger.error("%s - %s" % (self._name, err_msg))

        return
 def _create_np_sg(self, spec, namespace, name, uuid, np_pod_selector):
     sg_name = VncCommon.make_name(name, uuid)
     sg = self._vnc_create_sg(spec, namespace,
             sg_name, uuid, np_pod_selector=np_pod_selector)
     return sg
Пример #25
0
    def _create_virtual_interface(self,
                                  proj_obj,
                                  vn_obj,
                                  service_ns,
                                  service_name,
                                  vip_address=None,
                                  subnet_uuid=None):
        vmi_uuid = str(uuid.uuid4())
        vmi_name = VncCommon.make_name(service_name, vmi_uuid)
        vmi_display_name = VncCommon.make_display_name(service_ns,
                                                       service_name)
        #Check if VMI exists, if yes, delete it.
        vmi_obj = VirtualMachineInterface(name=vmi_name,
                                          parent_obj=proj_obj,
                                          display_name=vmi_display_name)
        try:
            vmi_id = self._vnc_lib.fq_name_to_id('virtual-machine-interface',
                                                 vmi_obj.get_fq_name())
            if vmi_id:
                self.logger.error("Duplicate LB Interface %s, delete it" %
                                  vmi_obj.get_fq_name())
                vmi = VirtualMachineInterfaceKM.get(vmi_id)
                iip_ids = vmi.instance_ips
                for iip_id in list(iip_ids):
                    iip_obj = self._vnc_lib.instance_ip_read(id=iip_id)

                    fip_refs = iip_obj.get_floating_ips()
                    for fip_ref in fip_refs or []:
                        fip = self._vnc_lib.floating_ip_read(
                            id=fip_ref['uuid'])
                        fip.set_virtual_machine_interface_list([])
                        self._vnc_lib.floating_ip_update(fip)
                        self._vnc_lib.floating_ip_delete(id=fip_ref['uuid'])
                    self._vnc_lib.instance_ip_delete(id=iip_obj.uuid)
                self._vnc_lib.virtual_machine_interface_delete(id=vmi_id)
        except NoIdError:
            pass

        #Create LB VMI
        vmi_obj.name = vmi_name
        vmi_obj.uuid = vmi_uuid
        vmi_obj.set_virtual_network(vn_obj)
        vmi_obj.set_virtual_machine_interface_device_owner("K8S:LOADBALANCER")
        sg_name = "-".join(
            [vnc_kube_config.cluster_name(), service_ns, 'default'])
        sg_obj = SecurityGroup(sg_name, proj_obj)
        vmi_obj.add_security_group(sg_obj)
        sg_name = "-".join([vnc_kube_config.cluster_name(), service_ns, "sg"])
        sg_obj = SecurityGroup(sg_name, proj_obj)
        vmi_obj.add_security_group(sg_obj)
        try:
            self.logger.debug("Create LB Interface %s " %
                              vmi_obj.get_fq_name())
            self._vnc_lib.virtual_machine_interface_create(vmi_obj)
            VirtualMachineInterfaceKM.locate(vmi_obj.uuid)
        except BadRequest as e:
            self.logger.warning("LB (%s) Interface create failed %s " %
                                (service_name, str(e)))
            return None, None

        try:
            vmi_obj = self._vnc_lib.virtual_machine_interface_read(
                id=vmi_obj.uuid)
        except NoIdError:
            self.logger.warning("Read Service VMI failed for"
                                " service (" + service_name + ")" +
                                " with NoIdError for vmi(" + vmi_id + ")")
            return None, None

        #Create InstanceIP <--- LB VMI
        iip_uuid = str(uuid.uuid4())
        iip_name = VncCommon.make_name(service_name, iip_uuid)
        iip_display_name = VncCommon.make_display_name(service_ns,
                                                       service_name)
        iip_obj = InstanceIp(name=iip_name, display_name=iip_display_name)
        iip_obj.uuid = iip_uuid
        iip_obj.set_virtual_network(vn_obj)
        if subnet_uuid:
            iip_obj.set_subnet_uuid(subnet_uuid)
        iip_obj.set_virtual_machine_interface(vmi_obj)
        iip_obj.set_display_name(service_name)
        if vip_address:
            iip_obj.set_instance_ip_address(vip_address)
        try:
            self.logger.debug("Create LB VMI InstanceIp %s " %
                              iip_obj.get_fq_name())
            self._vnc_lib.instance_ip_create(iip_obj)
        except RefsExistError:
            self._vnc_lib.instance_ip_update(iip_obj)
        InstanceIpKM.locate(iip_obj.uuid)
        iip_obj = self._vnc_lib.instance_ip_read(id=iip_obj.uuid)
        vip_address = iip_obj.get_instance_ip_address()
        self.logger.debug("Created LB VMI InstanceIp %s with VIP %s" %
                          (iip_obj.get_fq_name(), vip_address))

        return vmi_obj, vip_address
Пример #26
0
    def _create_virtual_interface(self, proj_obj, vn_obj, service_ns,
            service_name, vip_address=None, subnet_uuid=None):
        vmi_uuid = str(uuid.uuid4())
        vmi_name = VncCommon.make_name(service_name, vmi_uuid)
        vmi_display_name = VncCommon.make_display_name(service_ns, service_name)
        #Check if VMI exists, if yes, delete it.
        vmi_obj = VirtualMachineInterface(name=vmi_name, parent_obj=proj_obj,
                    display_name=vmi_display_name)
        try:
            vmi_id = self._vnc_lib.fq_name_to_id('virtual-machine-interface',vmi_obj.get_fq_name())
            if vmi_id:
                self.logger.error("Duplicate LB Interface %s, delete it" %
                                    vmi_obj.get_fq_name())
                vmi = VirtualMachineInterfaceKM.get(vmi_id)
                iip_ids = vmi.instance_ips
                for iip_id in list(iip_ids):
                    iip_obj = self._vnc_lib.instance_ip_read(id=iip_id)

                    fip_refs = iip_obj.get_floating_ips()
                    for fip_ref in fip_refs or []:
                        fip = self._vnc_lib.floating_ip_read(id=fip_ref['uuid'])
                        fip.set_virtual_machine_interface_list([])
                        self._vnc_lib.floating_ip_update(fip)
                        self._vnc_lib.floating_ip_delete(id=fip_ref['uuid'])
                    self._vnc_lib.instance_ip_delete(id=iip_obj.uuid)
                self._vnc_lib.virtual_machine_interface_delete(id=vmi_id)
        except NoIdError:
            pass

        #Create LB VMI
        vmi_obj.name = vmi_name
        vmi_obj.uuid = vmi_uuid
        vmi_obj.set_virtual_network(vn_obj)
        vmi_obj.set_virtual_machine_interface_device_owner("K8S:LOADBALANCER")
        sg_name = "-".join([vnc_kube_config.cluster_name(),
            service_ns, 'default'])
        sg_obj = SecurityGroup(sg_name, proj_obj)
        vmi_obj.add_security_group(sg_obj)
        sg_name = "-".join([vnc_kube_config.cluster_name(), service_ns, "sg"])
        sg_obj = SecurityGroup(sg_name, proj_obj)
        vmi_obj.add_security_group(sg_obj)
        try:
            self.logger.debug("Create LB Interface %s " % vmi_obj.get_fq_name())
            self._vnc_lib.virtual_machine_interface_create(vmi_obj)
            VirtualMachineInterfaceKM.locate(vmi_obj.uuid)
        except BadRequest as e:
            self.logger.warning("LB (%s) Interface create failed %s " % (service_name, str(e)))
            return None, None

        try:
            vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_obj.uuid)
        except NoIdError:
            self.logger.warning("Read Service VMI failed for"
                " service (" + service_name + ")" + " with NoIdError for vmi(" + vmi_id + ")")
            return None, None

        #Create InstanceIP <--- LB VMI
        iip_uuid = str(uuid.uuid4())
        iip_name = VncCommon.make_name(service_name, iip_uuid)
        iip_display_name = VncCommon.make_display_name(service_ns, service_name)
        iip_obj = InstanceIp(name=iip_name, display_name=iip_display_name)
        iip_obj.uuid = iip_uuid
        iip_obj.set_virtual_network(vn_obj)
        if subnet_uuid:
            iip_obj.set_subnet_uuid(subnet_uuid)
        iip_obj.set_virtual_machine_interface(vmi_obj)
        iip_obj.set_display_name(service_name)
        if vip_address:
            iip_obj.set_instance_ip_address(vip_address)
        try:
            self.logger.debug("Create LB VMI InstanceIp %s " % iip_obj.get_fq_name())
            self._vnc_lib.instance_ip_create(iip_obj)
        except RefsExistError:
            self._vnc_lib.instance_ip_update(iip_obj)
        InstanceIpKM.locate(iip_obj.uuid)
        iip_obj = self._vnc_lib.instance_ip_read(id=iip_obj.uuid)
        vip_address = iip_obj.get_instance_ip_address()
        self.logger.debug("Created LB VMI InstanceIp %s with VIP %s" %
                          (iip_obj.get_fq_name(), vip_address))

        return vmi_obj, vip_address