def GenerateObjects(self, node, topospec):
vpc_count = 0
for p in topospec.vpc:
count = max(1, getattr(p, 'count', 0))
vpc_count += count
for c in range(count):
obj = None
if hasattr(p, "nat46"):
if p.nat46 is True and not utils.IsPipelineArtemis():
continue
if utils.IsReconfigInProgress(node):
if getattr(p, 'id', None):
obj = self.GetVpcObject(node, p.id)
obj.ObjUpdate(p, clone=False)
if not obj:
obj = VpcObject(node, p, c, p.count)
self.Objs[node].update({obj.VPCId: obj})
obj.GenerateChildren(p)
if obj.IsUnderlayVPC():
EzAccessStoreClient[node].SetUnderlayVPC(obj)
# Write the flow and nexthop config to agent hook file
if utils.IsFlowInstallationNeeded():
self.__write_cfg(vpc_count)
if utils.IsPipelineApulu():
# Associate Nexthop objects
if utils.IsReconfigInProgress(node): return
ipsec.encrypt_client.AssociateObjects(node)
ipsec.decrypt_client.AssociateObjects(node)
NhGroupClient.CreateAllocator(node)
NhClient.AssociateObjects(node)
NhGroupClient.AssociateObjects(node)
tunnel.client.FillUnderlayNhGroups(node)
route.client.FillNhGroups(node)
tunnel.client.FillIpsecObjects(node)
return
def GenerateObjects(self, node, topospec):
def __get_port_mode(port, mode='auto'):
if mode == 'switch':
return topo.PortTypes.SWITCH
elif mode == 'host':
return topo.PortTypes.HOST
if EzAccessStoreClient[node].IsHostMode():
return topo.PortTypes.SWITCH
elif EzAccessStoreClient[node].IsBitwMode():
if port == UplinkPorts.UplinkPort0:
return topo.PortTypes.HOST
elif port == UplinkPorts.UplinkPort1:
return topo.PortTypes.SWITCH
return topo.PortTypes.NONE
portlist = getattr(topospec, 'uplink', None)
if portlist is None:
return
if utils.IsReconfigInProgress(node):
return
for spec in portlist:
entryspec = spec.entry
port = getattr(entryspec, 'port')
mode = __get_port_mode(port, getattr(entryspec, 'mode', 'auto'))
obj = PortObject(node, port, mode)
self.__objs.update({obj.PortId: obj})
if obj.IsHostPort():
EzAccessStoreClient[node].SetHostPort(obj.Port)
elif obj.IsSwitchPort():
EzAccessStoreClient[node].SetSwitchPort(obj.Port)
return
def GenerateObjects(self, node, topospec):
if utils.IsReconfigInProgress(node):
return
obj = DeviceObject(node, topospec.device)
self.Objs[node].update({0: obj})
EzAccessStoreClient[node].SetDevice(obj)
return
def GenerateObjects(self, node, topospec):
if utils.IsReconfigInProgress(node):
return
if (hasattr(topospec, 'security_profile')):
obj = SecurityProfileObject(node, topospec.security_profile)
self.Objs[node].update({obj.SecurityProfileId: obj})
EzAccessStoreClient[node].SetSecurityProfile(obj)
return
def AddToReconfigState(self, op):
if utils.IsReconfigInProgress(self.Node):
if op == 'create':
self.NodeObj.ReconfigState.Created.append(self)
elif op == 'update':
self.NodeObj.ReconfigState.Updated.append(self)
else:
assert(0)
return
def GenerateObjects(self, node, parent, topospec):
if not utils.IsL3InterfaceSupported():
return
if utils.IsReconfigInProgress(node):
return
iflist = getattr(topospec, 'interface', [])
self.__generate_l3_uplink_interfaces(node, parent, iflist)
self.__generate_loopback_interfaces(node, iflist)
self.__generate_control_interfaces(node, parent, iflist)
return
def GenerateHostInterfaces(self, node, topospec):
if not utils.IsInterfaceSupported():
return
if utils.IsReconfigInProgress(node):
return
if not utils.IsDol():
self.__generate_host_interfaces_iota(node, topospec)
else:
if hasattr(topospec, 'hostinterface'):
self.__generate_host_interfaces_dol(node,
topospec.hostinterface)
return
def GenerateObjects(self, node, mirrorsessionspec):
if not hasattr(mirrorsessionspec, 'mirror'):
return
if utils.IsReconfigInProgress(node):
return
def __add_mirror_session(spec):
obj = MirrorSessionObject(node, spec)
self.Objs[node].update({obj.Id: obj})
for mirror_session_spec_obj in mirrorsessionspec.mirror:
__add_mirror_session(mirror_session_spec_obj)
return
def RollbackAttributes(self):
if utils.IsReconfigInProgress(self.Node):
utils.ModifyPolicyDependency(self, True)
attrlist = [
"IngV4SecurityPolicyIds", "EgV4SecurityPolicyIds", "MeterEn"
]
self.RollbackMany(attrlist)
utils.ModifyPolicyDependency(self, False)
else:
attrlist = [
"SourceGuard", "TxPolicer", "RxPolicer", "MaxSessions",
"MeterEn"
]
self.RollbackMany(attrlist)
return
def GenerateObjects(self, node, parent, subnet_spec):
if getattr(subnet_spec, 'vnic', None) == None:
return
def __get_mirrors(spec, attr):
vnicmirror = getattr(spec, attr, None)
ms = [mirrorspec.msid for mirrorspec in vnicmirror or []]
return ms
for spec in subnet_spec.vnic:
if utils.IsReconfigInProgress(node):
id = getattr(spec, 'id', None)
if id:
obj = self.GetVnicObject(node, id)
if obj:
obj.ObjUpdate(spec)
else:
#TODO test this
rxmirror = __get_mirrors(spec, 'rxmirror')
txmirror = __get_mirrors(spec, 'txmirror')
obj = VnicObject(node, parent, spec, rxmirror,
txmirror)
self.Objs[node].update({obj.VnicId: obj})
self.__l2mapping_objs[node].update({
(obj.MACAddr.getnum(), obj.SUBNET.UUID.GetUuid(),
obj.VlanId()):
obj
})
utils.AddToReconfigState(obj, 'create')
else:
for obj in list(self.Objs[node].values()):
obj.ObjUpdate(spec)
continue
for c in range(spec.count):
# Alternate src dst validations
rxmirror = __get_mirrors(spec, 'rxmirror')
txmirror = __get_mirrors(spec, 'txmirror')
obj = VnicObject(node, parent, spec, rxmirror, txmirror)
self.Objs[node].update({obj.VnicId: obj})
self.__l2mapping_objs[node].update({
(obj.MACAddr.getnum(), obj.SUBNET.UUID.GetUuid(),
obj.VlanId()):
obj
})
return
def GenerateObjects(self, node, topospecobj):
if not hasattr(topospecobj, 'policer'):
return
if utils.IsReconfigInProgress(node):
return
rxpol = []
txpol = []
for policer_spec_obj in topospecobj.policer:
obj = PolicerObject(node, policer_spec_obj)
self.Objs[node].update({obj.PolicerId: obj})
if (policer_spec_obj.direction == 'ingress'):
rxpol.append(obj)
self.rxpolicercount += 1
else:
txpol.append(obj)
self.txpolicercount += 1
if len(rxpol):
self.rxpoliceriter[node] = utils.rrobiniter(rxpol)
if len(txpol):
self.txpoliceriter[node] = utils.rrobiniter(txpol)
return
def GenerateObjects(self, node, parent, vpc_spec_obj):
poolid = 0
for spec in vpc_spec_obj.subnet:
id = getattr(spec, 'id', None)
if id:
obj = self.GetSubnetObject(node, id)
if utils.IsReconfigInProgress(node):
if obj:
obj.ObjUpdate(spec)
obj.GenerateChildren(node, spec)
else:
#TODO test this
obj = SubnetObject(node, parent, spec, poolid)
self.Objs[node].update({obj.SubnetId: obj})
utils.AddToReconfigState(obj, 'create')
return
v6prefixlen = getattr(spec, 'v6prefixlen', 0)
parent.InitSubnetPefixPools(poolid, v6prefixlen, spec.v4prefixlen)
for c in range(spec.count):
obj = SubnetObject(node, parent, spec, poolid)
self.Objs[node].update({obj.SubnetId: obj})
poolid = poolid + 1
return
def GenerateObjects(self, node):
if utils.IsReconfigInProgress(node):
return
obj = EventObject(node)
self.Objs[node] = obj
def GenerateObjects(self, node):
if utils.IsReconfigInProgress(node):
return
self.GenerateTechSupportObjects(node)
def GenerateObjects(self, node, parent, vpc_spec_obj):
vpcpeerid = parent.GetVPCPeerId()
if not self.__supported:
return
vpcid = parent.VPCId
isV4Stack = utils.IsV4Stack(parent.Stack)
isV6Stack = utils.IsV6Stack(parent.Stack) and self.__v6supported
self.__v4objs[node][vpcid] = dict()
self.__v6objs[node][vpcid] = dict()
self.__v4iter[node][vpcid] = None
self.__v6iter[node][vpcid] = None
if utils.IsNatSupported():
if ResmgrClient[node].RemoteInternetNonNatTunAllocator == None and \
ResmgrClient[node].RemoteInternetNatTunAllocator == None:
logger.info(
"Skipping route creation as there are no Internet tunnels")
return
def __get_adjacent_routes(base, count):
routes = OrderedDict()
ipaddr = ipaddress.ip_network(base)
af = ipaddr.version
spec = routetbl_spec_obj
priority = topo.DEFAULT_ROUTE_PRIORITY
priorityType = getattr(spec, "priority", None)
if priorityType:
priority = __get_priority(priorityType, True)
nh_type, nh_id, nhgid, vpcid, tunnelid, nat_type, service_nat_prefix, \
dnat_ip, classpriority, meteren = __get_route_attribs(spec, af)
obj = RouteObject(node, ipaddr, priority, nh_type, nh_id, nhgid, \
vpcid, tunnelid, nat_type, service_nat_prefix, \
dnat_ip, classpriority, meteren)
routes.update({obj.Id: obj})
c = 1
while c < count:
ipaddr = utils.GetNextSubnet(ipaddr)
if priorityType:
priority = __get_priority(priorityType, False, priority)
nh_type, nh_id, nhgid, vpcid, tunnelid, nat_type, service_nat_prefix, \
dnat_ip, classpriority, meteren = __get_route_attribs(spec, af)
obj = RouteObject(node, ipaddr, priority, nh_type, nh_id, \
nhgid, vpcid, tunnelid, nat_type, \
service_nat_prefix, dnat_ip, classpriority, \
meteren)
routes.update({obj.Id: obj})
c += 1
return routes
def __get_overlap(basepfx, base, count):
# for overlap, add user specified base prefix with original prefixlen
routes = __get_user_specified_routes([basepfx])
routes = utils.MergeDicts(routes,
__get_adjacent_routes(base, count))
return routes
def __get_first_subnet(ip, prefixlen):
for ip in ip.subnets(new_prefix=prefixlen):
return (ip)
return
def __add_v4routetable(v4routes, spec):
obj = RouteTableObject(node, parent, utils.IP_VERSION_4, v4routes,
spec.routetype, tunobj, vpcpeerid, spec)
self.__v4objs[node][vpcid].update({obj.RouteTblId: obj})
self.Objs[node].update({obj.RouteTblId: obj})
def __add_v6routetable(v6routes, spec):
obj = RouteTableObject(node, parent, utils.IP_VERSION_6, v6routes,
spec.routetype, tunobj, vpcpeerid, spec)
self.__v6objs[node][vpcid].update({obj.RouteTblId: obj})
self.Objs[node].update({obj.RouteTblId: obj})
def __derive_nh_type_info(spec):
routetype = spec.routetype
if 'vpc_peer' in routetype:
return 'vpcpeer'
elif 'blackhole' in routetype:
return 'blackhole'
elif utils.IsPipelineArtemis():
# handle service tunnel case, return tep
return "nh"
elif utils.IsPipelineApulu():
if 'overlay-ecmp' in spec.teptype:
return "nhg"
else:
return "tep"
else:
return "tep"
def __internet_tunnel_get(nat, teptype=None):
if teptype is not None:
if "service" in teptype:
if "remoteservice" == teptype:
return ResmgrClient[node].RemoteSvcTunAllocator.rrnext(
)
return ResmgrClient[node].SvcTunAllocator.rrnext()
if "underlay" in teptype:
if "underlay-ecmp" == teptype:
return ResmgrClient[
node].UnderlayECMPTunAllocator.rrnext()
return ResmgrClient[node].UnderlayTunAllocator.rrnext()
if "overlay-ecmp" in teptype:
# Fill NhGroup later
return None
if nat is False:
return ResmgrClient[
node].RemoteInternetNonNatTunAllocator.rrnext()
else:
return ResmgrClient[node].RemoteInternetNatTunAllocator.rrnext(
)
def __get_tunnel(spec):
routetype = spec.routetype
nat, teptype = __get_nat_teptype_from_spec(spec)
tunobj = __internet_tunnel_get(nat, teptype)
return tunobj
def __get_nexthop(af):
nh = None
if af == utils.IP_VERSION_4:
nh = NexthopClient.GetV4Nexthop(node, parent.VPCId)
else:
nh = NexthopClient.GetV6Nexthop(node, parent.VPCId)
return nh
def __get_route_attribs(spec, af=utils.IP_VERSION_4):
nhid = 0
nhgid = 0
vpcid = 0
tunnelid = 0
nat_type = None
service_nat_prefix = getattr(spec, 'servicenatprefix', None)
classpriority = getattr(spec, 'classpriority', 0)
meteren = getattr(spec, 'meteren', False)
dnat_ip = getattr(spec, 'dnatip', None)
natspec = getattr(spec, 'nat', None)
if natspec:
nat_type = getattr(natspec, 'type', None)
nat_level = getattr(natspec, 'level', None)
nh_type = __derive_nh_type_info(spec)
if nh_type == "vpcpeer":
vpcid = vpcpeerid
elif nh_type == "tep":
tunobj = __get_tunnel(spec)
if utils.IsPipelineArtemis() and tunobj.IsSvc():
# service tunnel case
nh_type = "nh"
nexthop = __get_nexthop(af)
nh_id = nexthop.NexthopId
else:
tunnelid = tunobj.Id
elif nh_type == "nh":
nexthop = __get_nexthop(af)
if nexthop:
nhid = nexthop.NexthopId
elif nh_type == "nhg":
nhgid = 1 # fill later
return nh_type, nhid, nhgid, vpcid, tunnelid, nat_type, \
service_nat_prefix, dnat_ip, classpriority, meteren
def __get_priority(priotype, firstVal=False, priority=0):
if priotype == "increasing":
if firstVal: return topo.MIN_ROUTE_PRIORITY
return (priority - 1)
elif priotype == "decreasing":
if firstVal: return topo.MAX_ROUTE_PRIORITY
return (priority + 1)
elif priotype == "random":
return (random.randint(topo.MAX_ROUTE_PRIORITY,
topo.MIN_ROUTE_PRIORITY))
else:
logger.error("Unknown priority type", priotype)
return (random.randint(topo.MAX_ROUTE_PRIORITY,
topo.MIN_ROUTE_PRIORITY))
def __get_user_specified_routes(routespec):
routes = OrderedDict()
spec = routetbl_spec_obj
priorityType = getattr(spec, "priority", None)
priority = topo.DEFAULT_ROUTE_PRIORITY
if priorityType:
priority = __get_priority(spec.priority, True)
if routespec:
for route in routespec:
if priorityType:
priority = __get_priority(spec.priority, False,
priority)
nh_type, nh_id, nhgid, vpcid, tunnelid, nat_type, \
service_nat_prefix, dnat_ip, classpriority, \
meteren = __get_route_attribs(spec)
obj = RouteObject(node, ipaddress.ip_network(route.replace('\\', '/')),\
priority, nh_type, nh_id, nhgid, vpcid, tunnelid,\
nat_type, service_nat_prefix, dnat_ip,\
classpriority, meteren)
routes.update({obj.Id: obj})
return routes
def __add_user_specified_routetable(spec):
if isV4Stack:
__add_v4routetable(__get_user_specified_routes(spec.v4routes),
spec)
if isV6Stack:
__add_v6routetable(__get_user_specified_routes(spec.v6routes),
spec)
def __get_valid_route_count_per_route_table(count):
if count > Resmgr.MAX_ROUTES_PER_ROUTE_TBL:
return Resmgr.MAX_ROUTES_PER_ROUTE_TBL
return count
def __get_nat_teptype_from_spec(routetbl_spec_obj):
nat = False
natSpec = getattr(routetbl_spec_obj, 'nat', None)
if natSpec:
level = getattr(natSpec, 'level')
if level == 'tunnel' and not utils.IsPipelineApulu():
nat = True
teptype = getattr(routetbl_spec_obj, 'teptype', None)
return nat, teptype
for routetbl_spec_obj in vpc_spec_obj.routetbl:
if utils.IsReconfigInProgress(node):
id = getattr(routetbl_spec_obj, 'id', None)
if id:
obj = self.GetRouteTableObject(node, id)
if obj:
obj.ObjUpdate(routetbl_spec_obj)
else:
for obj in list(self.Objs[node].values()):
obj.ObjUpdate(routetbl_spec_obj)
continue
routetbltype = routetbl_spec_obj.type
routetype = routetbl_spec_obj.routetype
nat, teptype = __get_nat_teptype_from_spec(routetbl_spec_obj)
tunobj = __internet_tunnel_get(nat, teptype)
if routetbltype == "specific":
__add_user_specified_routetable(routetbl_spec_obj)
continue
routetablecount = routetbl_spec_obj.count
v4routecount = __get_valid_route_count_per_route_table(
routetbl_spec_obj.nv4routes)
v6routecount = __get_valid_route_count_per_route_table(
routetbl_spec_obj.nv6routes)
v4prefixlen = routetbl_spec_obj.v4prefixlen
v6prefixlen = routetbl_spec_obj.v6prefixlen
v4base = __get_first_subnet(
ipaddress.ip_network(
routetbl_spec_obj.v4base.replace('\\', '/')), v4prefixlen)
v6base = __get_first_subnet(
ipaddress.ip_network(
routetbl_spec_obj.v6base.replace('\\', '/')), v6prefixlen)
# get user specified routes if any for 'base' routetbltype
user_specified_v4routes = __get_user_specified_routes(
routetbl_spec_obj.v4routes)
user_specified_v6routes = __get_user_specified_routes(
routetbl_spec_obj.v6routes)
v4routecount -= len(user_specified_v4routes)
v6routecount -= len(user_specified_v6routes)
if 'overlap' in routetype:
v4routecount -= 1
v6routecount -= 1
for i in range(routetablecount):
if 'adjacent' in routetype:
if isV4Stack:
routes = utils.MergeDicts(user_specified_v4routes, \
__get_adjacent_routes(v4base, v4routecount-1))
__add_v4routetable(routes, routetbl_spec_obj)
v4base = utils.GetNextSubnet(
routes.get(list(routes)[-1]).ipaddr)
if isV6Stack:
routes = utils.MergeDicts(user_specified_v6routes, \
__get_adjacent_routes(v6base, v6routecount-1))
__add_v6routetable(routes, routetbl_spec_obj)
v6base = utils.GetNextSubnet(
routes.get(list(routes)[-1]).ipaddr)
elif 'overlap' in routetype:
if isV4Stack:
routes = utils.MergeDicts(user_specified_v4routes, \
__get_overlap(routetbl_spec_obj.v4base, v4base, v4routecount))
__add_v4routetable(routes, routetbl_spec_obj)
v4base = utils.GetNextSubnet(
routes.get(list(routes)[-1]).ipaddr)
if isV6Stack:
routes = utils.MergeDicts(user_specified_v6routes, \
__get_overlap(routetbl_spec_obj.v6base, v6base, v6routecount))
__add_v6routetable(routes, routetbl_spec_obj)
v6base = utils.GetNextSubnet(
routes.get(list(routes)[-1]).ipaddr)
if self.__v6objs[node][vpcid]:
self.__v6iter[node][vpcid] = utils.rrobiniter(
self.__v6objs[node][vpcid].values())
if self.__v4objs[node][vpcid]:
self.__v4iter[node][vpcid] = utils.rrobiniter(
self.__v4objs[node][vpcid].values())
