def task_create_ibm_ike_policy(self, task_id, cloud_id, region, ike_policy_id): """Create and configure ike policy""" ibm_ike_policy = doosradb.session.query(IBMIKEPolicy).filter_by(id=ike_policy_id).first() if not ibm_ike_policy: return self.resource_type = "ike_policies" self.resource = ibm_ike_policy self.report_utils.update_reporting( task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS ) configured_ike_policy = self.ibm_manager.rias_ops.fetch_ops.get_all_ike_policies(name=ibm_ike_policy.name) configured_ike_policy = configured_ike_policy[0] if configured_ike_policy else None if not configured_ike_policy: ibm_ike_policy.status = CREATING doosradb.session.commit() configured_ike_policy = configure_and_save_obj_confs(self.ibm_manager, ibm_ike_policy) ibm_ike_policy.status = CREATED ibm_ike_policy.resource_id = configured_ike_policy.resource_id doosradb.session.commit() LOGGER.info( "IBM IKE Policy with name '{}' created successfully".format(ibm_ike_policy.name) ) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_ike_policy) self.report_utils.update_reporting( task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS )
def task_create_ibm_vpn(self, task_id, cloud_id, region, vpn_id): """Create and configure VPN and Connections """ ibm_vpn_gateway = doosradb.session.query(IBMVpnGateway).filter_by(id=vpn_id).first() if not ibm_vpn_gateway: return ibm_vpn_gateway.status = CREATING doosradb.session.commit() self.resource = ibm_vpn_gateway self.resource_type = "vpn_gateways" self.report_utils.update_reporting( task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS ) configured_vpn_gateway = configure_and_save_obj_confs(self.ibm_manager, ibm_vpn_gateway) ibm_vpn_gateway.status = CREATED ibm_vpn_gateway.resource_id = configured_vpn_gateway.resource_id ibm_vpn_gateway.gateway_status = configured_vpn_gateway.gateway_status ibm_vpn_gateway.public_ip = configured_vpn_gateway.public_ip doosradb.session.commit() LOGGER.info("IBM VPN with name '{}' created successfully".format(ibm_vpn_gateway.name)) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_vpn_gateway) self.report_utils.update_reporting( task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS )
def task_configure_ibm_vpn_connection(self, task_id, cloud_id, region, vpn_connection_id, resource_group=None): """Configure vpn connection""" ibm_vpn_connection = doosradb.session.query(IBMVpnConnection).filter_by(id=vpn_connection_id).first() if not ibm_vpn_connection: return if resource_group: ibm_resource_group = IBMResourceGroup(name=resource_group, cloud_id=cloud_id) ibm_resource_group = ibm_resource_group.get_existing_from_db() or ibm_resource_group ibm_vpn_connection.ibm_resource_group = ibm_resource_group doosradb.session.commit() self.resource = ibm_vpn_connection self.resource_type = "vpn_connections" self.report_utils.update_reporting( task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS ) configured_vpn_connection = configure_and_save_obj_confs(self.ibm_manager, ibm_vpn_connection) ibm_vpn_connection = configured_vpn_connection.make_copy().add_update_db(ibm_vpn_connection.ibm_vpn_gateway) LOGGER.info("IBM VPN Connection with name '{}' created successfully".format(ibm_vpn_connection.name)) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_vpn_connection) self.report_utils.update_reporting( task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS )
def task_create_ibm_route(self, task_id, cloud_id, region, route_id): """Create IBMRoute and configures on ibm cloud""" ibm_route = doosradb.session.query(IBMVpcRoute).filter_by( id=route_id).first() if not ibm_route: return ibm_route.status = CREATING doosradb.session.commit() self.resource = ibm_route self.resource_type = "routes" self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS) configured_route = configure_and_save_obj_confs(self.ibm_manager, ibm_route) ibm_route = configured_route.make_copy().add_update_db( ibm_route.ibm_vpc_network) ibm_route.status = CREATED doosradb.session.commit() LOGGER.info("IBM Route with name '{route}' created successfully".format( route=ibm_route.name)) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_route) self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS)
def task_create_ibm_floating_ip(self, task_id, cloud_id, region, floating_ip_id): """Create and configure floating ip""" ibm_floating_ip = doosradb.session.query(IBMFloatingIP).filter_by( id=floating_ip_id).first() self.resource = ibm_floating_ip self.resource_type = "floating_ips" self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS) configured_floating_ip = configure_and_save_obj_confs( self.ibm_manager, ibm_floating_ip) ibm_floating_ip.status = CREATED ibm_floating_ip.resource_id = configured_floating_ip.resource_id ibm_floating_ip = configured_floating_ip.make_copy().add_update_db() LOGGER.info( "IBM Floating IP with name '{name}' created successfully".format( name=ibm_floating_ip.name)) self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS)
def create_ibm_k8s_workerpool(ibm_manager, k8s_workerpool_id): """ This request Creates a K8s Workerpool for given Cluster for IBM cloud :return: """ LOGGER.info( "Task ibm k8s creation for Workerpool ID: {k8s_workerpool} initiated". format(k8s_workerpool=k8s_workerpool_id)) configured_k8s_workerpool = None k8s_workerpool = doosradb.session.query( KubernetesClusterWorkerPool).filter_by(id=k8s_workerpool_id).first() if not k8s_workerpool: LOGGER.info( "No KubernetesCluster found for ID: {}".format(k8s_workerpool_id)) return try: configured_k8s_workerpool = configure_and_save_obj_confs( ibm_manager, k8s_workerpool) except (IBMAuthError, IBMConnectError, IBMExecuteError, IBMInvalidRequestError, Exception) as ex: LOGGER.info( f"K8s CLUSTER WORKERPOOL ID {k8s_workerpool_id} GOT EXCEPTION:") LOGGER.info(ex) doosradb.session.delete(k8s_workerpool) doosradb.session.commit() else: k8s_workerpool.resource_id = configured_k8s_workerpool.resource_id LOGGER.info( f"K8s CLUSTER WORKERPOOL NAME {k8s_workerpool.name} CREATED") doosradb.session.commit() return configured_k8s_workerpool
def task_create_ibm_load_balancer(self, task_id, cloud_id, region, load_balancer_id): """Create and configure load balancer""" ibm_load_balancer = doosradb.session.query(IBMLoadBalancer).filter_by( id=load_balancer_id, status=CREATION_PENDING).first() if not ibm_load_balancer: LOGGER.info( "No IBMLoadBalancer found for ID: {}".format(load_balancer_id)) return ibm_load_balancer.status = CREATING doosradb.session.commit() self.resource = ibm_load_balancer self.resource_type = "load_balancers" self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS) configured_lb = configure_and_save_obj_confs(self.ibm_manager, ibm_load_balancer) ibm_load_balancer.status = CREATED ibm_load_balancer.resource_id = configured_lb.resource_id ibm_load_balancer.provisioning_status = configured_lb.provisioning_status doosradb.session.commit() LOGGER.info("IBM Load Balancer with name '{}' created successfully".format( ibm_load_balancer.name)) self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS)
def task_add_ibm_security_group(self, task_id, cloud_id, region, security_group_id): """Create and configure Security Group""" ibm_security_group = doosradb.session.query(IBMSecurityGroup).filter_by(id=security_group_id).first() if not ibm_security_group: return ibm_security_group.status = CREATING doosradb.session.commit() self.resource = ibm_security_group self.resource_type = "security_groups" self.report_utils.update_reporting( task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS ) configured_security_group = configure_and_save_obj_confs(self.ibm_manager, ibm_security_group) ibm_security_group = configured_security_group.make_copy().add_update_db(ibm_security_group.ibm_vpc_network) LOGGER.info( "IBM Security Group with name '{}' created successfully".format(ibm_security_group.name)) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_security_group) self.report_utils.update_reporting( task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS )
def task_add_ibm_address_prefix(self, task_id, cloud_id, region, addr_prefix_id): """Create and configure address prefixes""" ibm_address_prefix = doosradb.session.query(IBMAddressPrefix).filter_by( id=addr_prefix_id).first() if not ibm_address_prefix: return ibm_address_prefix.status = CREATING doosradb.session.commit() self.resource = ibm_address_prefix self.resource_type = "address_prefixes" self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS) configured_address_prefix = configure_and_save_obj_confs( self.ibm_manager, ibm_address_prefix) ibm_address_prefix.status = CREATED ibm_address_prefix.resource_id = configured_address_prefix.resource_id doosradb.session.commit() LOGGER.info( "IBM Address Prefix with name '{}' created successfully".format( ibm_address_prefix.name)) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_address_prefix) self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS)
def task_create_ibm_ssh_key(self, task_id, cloud_id, region, ssh_key_id, resource_group=None): """Create and configure ssh key""" ibm_ssh_key = doosradb.session.query(IBMSshKey).filter_by( id=ssh_key_id).first() if not ibm_ssh_key: return self.resource = ibm_ssh_key self.resource_type = "ssh_keys" self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS) configured_ssh_key = self.ibm_manager.rias_ops.fetch_ops.get_all_ssh_keys( name=ibm_ssh_key.name, public_key=ibm_ssh_key.public_key) configured_ssh_key = configured_ssh_key[0] if configured_ssh_key else None if not configured_ssh_key: ibm_ssh_key.status = CREATING if resource_group: ibm_resource_group = IBMResourceGroup(name=resource_group, cloud_id=cloud_id) ibm_resource_group = ibm_resource_group.get_existing_from_db( ) or ibm_resource_group ibm_ssh_key.ibm_resource_group = ibm_resource_group doosradb.session.commit() self.resource = ibm_ssh_key configured_ssh_key = configure_and_save_obj_confs( self.ibm_manager, ibm_ssh_key) ibm_ssh_key.status = CREATED ibm_ssh_key.resource_id = configured_ssh_key.resource_id doosradb.session.commit() LOGGER.info("IBM SSH Key with name '{}' created successfully".format( ibm_ssh_key.name)) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_ssh_key) self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS)
def task_create_ibm_public_gateway(self, task_id, cloud_id, region, public_gateway_id, resource_group=None): """Create and configure public gateway""" ibm_public_gateway = doosradb.session.query(IBMPublicGateway).filter_by( id=public_gateway_id).first() if not ibm_public_gateway: return ibm_public_gateway.status = CREATING if resource_group: ibm_resource_group = IBMResourceGroup(name=resource_group, cloud_id=cloud_id) ibm_resource_group = ibm_resource_group.get_existing_from_db( ) or ibm_resource_group ibm_public_gateway.ibm_resource_group = ibm_resource_group doosradb.session.commit() self.resource = ibm_public_gateway self.resource_type = "public_gateways" self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS) configured_public_gateway = configure_and_save_obj_confs( self.ibm_manager, ibm_public_gateway) ibm_public_gateway = configured_public_gateway.make_copy().add_update_db( ibm_public_gateway.ibm_vpc_network) LOGGER.info( "IBM Public Gateway with name '{}' created successfully".format( ibm_public_gateway.name)) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_public_gateway) self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS)
def create_ibm_k8s_cluster(ibm_manager, k8s_cluster_id): """ This request Creates a K8s Cluster for IBM cloud and handles the exceptions :return: """ LOGGER.info( "Task ibm k8s creation for cluster: {k8s_cluster} initiated".format( k8s_cluster=k8s_cluster_id)) k8s_cluster = doosradb.session.query(KubernetesCluster).filter_by( id=k8s_cluster_id).first() if not k8s_cluster: LOGGER.info( "No KubernetesCluster found for ID: {}".format(k8s_cluster_id)) return configured_k8s_cluster = dict() try: k8s_cluster.status = CREATING k8s_cluster.state = CLUSTER_DEPLOYING configured_k8s_cluster = configure_and_save_obj_confs( ibm_manager, k8s_cluster) except (IBMAuthError, IBMConnectError, IBMExecuteError, IBMInvalidRequestError, Exception) as ex: LOGGER.info(f"K8s CLUSTER with ID {k8s_cluster_id} GOT EXCEPTION") LOGGER.info(ex) traceback.print_exc() if k8s_cluster: k8s_cluster.status = ERROR_CREATING k8s_cluster.state = FAILURE doosradb.session.commit() else: k8s_cluster.status = CREATED k8s_cluster.state = CLUSTER_NORMAL k8s_cluster.pod_subnet = configured_k8s_cluster.pod_subnet k8s_cluster.service_subnet = configured_k8s_cluster.service_subnet k8s_cluster.kube_version = configured_k8s_cluster.kube_version LOGGER.info(f"k8s CLUSTER NAME {configured_k8s_cluster.name} CREATED") doosradb.session.commit() return configured_k8s_cluster
def task_create_ibm_acl(self, task_id, cloud_id, region, acl_id, resource_group=None): """Create and configure ACL""" ibm_acl = doosradb.session.query(IBMNetworkAcl).filter_by( id=acl_id).first() if not ibm_acl: return ibm_acl.status = CREATING if resource_group: ibm_resource_group = IBMResourceGroup(name=resource_group, cloud_id=cloud_id) ibm_resource_group = ibm_resource_group.get_existing_from_db( ) or ibm_resource_group ibm_acl.ibm_resource_group = ibm_resource_group doosradb.session.commit() self.resource = ibm_acl self.resource_type = "acls" self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=IN_PROGRESS) configured_acl = configure_and_save_obj_confs(self.ibm_manager, ibm_acl) ibm_acl.status = CREATED ibm_acl.resource_id = configured_acl.resource_id doosradb.session.commit() LOGGER.info("IBM ACL with name '{acl}' created successfully".format( acl=ibm_acl.name)) log_resource_billing(self.cloud.project.user_id, self.cloud.project.id, ibm_acl) self.report_utils.update_reporting(task_id=task_id, resource_name=self.resource.name, resource_type=self.resource_type, stage=PROVISIONING, status=SUCCESS)
def configure_ibm_instance(name, vpc_id, data): from doosra.ibm.common.utils import configure_and_save_obj_confs """ This request provisions a new instance from an instance template. The instance template object is structured in the same way as a retrieved instance, and contains the information necessary to provision the new instance. The instance is automatically started. :return: """ ibm_instance, objs_to_configure = None, list() ibm_vpc_network = IBMVpcNetwork.query.get(vpc_id) if not ibm_vpc_network: current_app.logger.debug( "IBM VPC Network with ID {} not found".format(vpc_id)) return current_app.logger.info( "Deploying IBM Instance '{name}' on IBM Cloud".format(name=name)) try: ibm_manager = IBMManager(ibm_vpc_network.ibm_cloud, ibm_vpc_network.region) existing_resource_group = ibm_manager.resource_ops.fetch_ops.get_resource_groups( data['resource_group']) if not existing_resource_group: raise IBMInvalidRequestError( "Resource Group with name '{}' not configured".format( data['resource_group'])) existing_resource_group = existing_resource_group[0] existing_instance = ibm_manager.rias_ops.fetch_ops.get_all_instances( name) if existing_instance: raise IBMInvalidRequestError( "IBM VSI with name '{}' already configured".format(name)) existing_vpc = ibm_manager.rias_ops.fetch_ops.get_all_vpcs( ibm_vpc_network.name) if not existing_vpc: raise IBMInvalidRequestError( "IBM VPC Network with name '{}' not found".format( ibm_vpc_network.name)) existing_instance_profile = ibm_manager.rias_ops.fetch_ops.get_all_instance_profiles( data['instance_profile']) if not existing_instance_profile: raise IBMInvalidRequestError( "IBM Instance Profile '{}' not found".format( data['instance_profile'])) existing_instance_profile = existing_instance_profile[0] existing_image = ibm_manager.rias_ops.fetch_ops.get_all_images( data['image']) if not existing_image: raise IBMInvalidRequestError( "IBM Image with name '{}' not found".format(data['image'])) existing_image = existing_image[0] ssh_keys = list() if data.get('ssh_keys'): for ssh_key in data['ssh_keys']: existing_ssh_key = ibm_manager.rias_ops.fetch_ops.get_all_ssh_keys( public_key=ssh_key) if existing_ssh_key: ibm_ssh_key = existing_ssh_key[0] else: ssh_key_name = ibm_manager.rias_ops.fetch_ops.get_available_ssh_key_name( ) ibm_ssh_key = IBMSshKey( ssh_key_name, "rsa", ssh_key, ibm_vpc_network.region, cloud_id=ibm_vpc_network.ibm_cloud.id) objs_to_configure.append(ibm_ssh_key) ssh_keys.append(ibm_ssh_key) volume_attachments = list() if data.get('volume_attachments'): for volume_attachment in data['volume_attachments']: ibm_boot_volume_attachment = IBMVolumeAttachment( volume_attachment['name'], type_="data", is_delete=volume_attachment['auto_delete']) volume_profile = ibm_manager.rias_ops.fetch_ops.get_all_volume_profiles( volume_attachment['volume_profile_name']) if volume_profile: volume_profile = volume_profile[0] ibm_volume = IBMVolume(name=volume_attachment['name'], capacity=volume_attachment['capacity'], zone=data['zone'], encryption="provider_managed", cloud_id=ibm_vpc_network.ibm_cloud.id, region=ibm_vpc_network.region) ibm_volume.volume_profile = volume_profile ibm_boot_volume_attachment.volume = ibm_volume volume_attachments.append(ibm_boot_volume_attachment) volume_profile = ibm_manager.rias_ops.fetch_ops.get_all_volume_profiles( name="general-purpose") if volume_profile: volume_profile = volume_profile[0] ibm_volume = IBMVolume(name=VOLUME_NAME.format(name), capacity=100, zone=data['zone'], iops=3000, encryption="provider_managed", cloud_id=ibm_vpc_network.ibm_cloud.id, region=ibm_vpc_network.region) ibm_boot_volume_attachment = IBMVolumeAttachment( VOLUME_ATTACHMENT_NAME.format(name), type_="boot", is_delete=True) ibm_volume.volume_profile = volume_profile ibm_boot_volume_attachment.volume = ibm_volume volume_attachments.append(ibm_boot_volume_attachment) network_interfaces_to_add = list() if data.get('network_interfaces'): interface_count = 0 for interface in data['network_interfaces']: ibm_network_interface = IBMNetworkInterface( NETWORK_INTERFACE_NAME.format(name, interface_count), is_primary=interface['is_primary']) interface_count = interface_count + 1 subnet = doosradb.session.query(IBMSubnet).filter_by( id=interface['subnet_id']).first() existing_subnet = ibm_manager.rias_ops.fetch_ops.get_all_subnets( name=subnet.name, zone=subnet.zone, vpc=subnet.ibm_vpc_network.name) if not existing_subnet: raise IBMInvalidRequestError( "IBM Subnet with name '{}' not found".format( subnet.name)) security_groups = list( map( lambda security_group_: doosradb.session.query( IBMSecurityGroup).filter_by(id=security_group_). first().make_copy(), interface['security_groups'])) for security_group in security_groups: existing_security_group = ibm_manager.rias_ops.fetch_ops.get_all_security_groups( security_group.name, ibm_vpc_network.name) if not existing_security_group: raise IBMInvalidRequestError( "IBM Security Group with name '{}' not found". format(security_group.name)) ibm_network_interface.ibm_subnet = subnet.make_copy() ibm_network_interface.security_groups.extend(security_groups) if interface.get('reserve_floating_ip'): floating_ip_name = ibm_manager.rias_ops.fetch_ops.get_available_floating_ip_name( ) ibm_floating_ip = IBMFloatingIP( name=floating_ip_name, zone=data["zone"], cloud_id=ibm_vpc_network.ibm_cloud.id, region=ibm_vpc_network.region) ibm_network_interface.floating_ip = ibm_floating_ip network_interfaces_to_add.append(ibm_network_interface) ibm_instance = IBMInstance(name=name, zone=data['zone'], user_data=data.get('user_data'), cloud_id=ibm_vpc_network.ibm_cloud.id, region=ibm_vpc_network.region) ibm_instance.ibm_image = existing_image ibm_instance.ibm_resource_group = existing_resource_group ibm_instance.ibm_instance_profile = existing_instance_profile ibm_instance.network_interfaces = network_interfaces_to_add ibm_instance.volume_attachments = volume_attachments ibm_instance.ssh_keys = ssh_keys ibm_instance = ibm_instance.make_copy().add_update_db(ibm_vpc_network) objs_to_configure.append(ibm_instance) for ibm_network_interface in ibm_instance.network_interfaces.all(): if ibm_network_interface.floating_ip: objs_to_configure.append(ibm_network_interface.floating_ip) for obj in objs_to_configure: configure_and_save_obj_confs(ibm_manager, obj, ibm_vpc_network) except (IBMAuthError, IBMConnectError, IBMExecuteError, IBMInvalidRequestError) as ex: current_app.logger.info(ex) if isinstance(ex, IBMAuthError): ibm_vpc_network.ibm_cloud.status = INVALID for obj in objs_to_configure: if not obj.status == CREATED: obj.status = ERROR_CREATING if ibm_instance: ibm_instance.status = ERROR_CREATING doosradb.session.commit() else: ibm_instance.status = CREATED doosradb.session.commit() return ibm_instance
def configure_ibm_vpc(cloud_id, name, region, data): """ Configure VPC on IBM cloud. A VPC is a virtual network that belongs to an account and provides logical isolation from other networks. A VPC is made up of resources in one or more zones. VPCs are global, and each can contain resources in zones from any region. :return: """ ibm_vpc_network, objs_to_configure = None, list() cloud = IBMCloud.query.get(cloud_id) if not cloud: current_app.logger.debug( "IBM Cloud with ID '{}' not found".format(cloud_id)) return current_app.logger.info( "Deploying VPC '{name}' in region '{region} 'on IBM Cloud".format( name=name, region=region)) try: ibm_manager = IBMManager(cloud, region) existing_resource_group = ibm_manager.resource_ops.fetch_ops.get_resource_groups( data['resource_group']) if not existing_resource_group: raise IBMInvalidRequestError( "Resource Group with name '{}' not configured".format( data['resource_group'])) existing_vpc = ibm_manager.rias_ops.fetch_ops.get_all_vpcs(name=name) if existing_vpc: raise IBMInvalidRequestError( "VPC with name '{}' already configured in region '{}'".format( name, region)) ibm_vpc_network = IBMVpcNetwork( name=name, region=region, classic_access=data.get('classic_access'), cloud_id=cloud_id, address_prefix_management=data.get('address_prefix_management')) ibm_vpc_network.ibm_resource_group = existing_resource_group[0] objs_to_configure.append(ibm_vpc_network) if data.get('address_prefixes'): for addr_prefix in data['address_prefixes']: ibm_address_prefix = IBMAddressPrefix( addr_prefix.get('name'), addr_prefix['zone'], addr_prefix['address'], is_default=addr_prefix.get('is_default')) if not ibm_address_prefix.is_default: objs_to_configure.append(ibm_address_prefix) ibm_vpc_network.address_prefixes.append(ibm_address_prefix) if data.get('public_gateways'): for public_gateway in data['public_gateways']: ibm_public_gateway = IBMPublicGateway( name=public_gateway['name'], zone=public_gateway['zone'], region=ibm_vpc_network.region) ibm_vpc_network.public_gateways.append(ibm_public_gateway) objs_to_configure.append(ibm_public_gateway) if data.get('network_acls'): for acl in data['network_acls']: ibm_acl = IBMNetworkAcl(acl['name'], region) for rule in acl['rules']: ibm_rule = IBMNetworkAclRule(rule['name'], rule['action'], rule.get('destination'), rule['direction'], rule.get('source'), rule['protocol'], rule.get('port_max'), rule.get('port_min'), rule.get('source_port_max'), rule.get('source_port_min'), rule.get('code'), rule.get('type')) ibm_acl.rules.append(ibm_rule) objs_to_configure.append(ibm_acl) if data.get('ssh_keys'): for ssh_key in data['ssh_keys']: ibm_ssh_key = IBMSshKey(ssh_key['name'], "rsa", ssh_key['public_key'], ibm_vpc_network.region, cloud_id=cloud_id) objs_to_configure.append(ibm_ssh_key) if data.get('subnets'): for subnet in data['subnets']: ibm_subnet = IBMSubnet(subnet['name'], subnet['zone'], subnet['ip_cidr_block'], cloud_id=cloud_id, region=ibm_vpc_network.region) ibm_subnet.ibm_address_prefix = [ address_prefix for address_prefix in ibm_vpc_network.address_prefixes.all() if address_prefix.name == subnet['address_prefix'] ][0] if subnet.get('network_acl'): ibm_subnet.network_acl = \ [obj for obj in objs_to_configure if obj.name == subnet['network_acl']['name'] and get_obj_type(obj) == IBMNetworkAcl.__name__][0] if subnet.get('public_gateway'): ibm_subnet.ibm_public_gateway = [ public_gateway for public_gateway in ibm_vpc_network.public_gateways.all() if public_gateway.name == subnet['public_gateway'] ][0] ibm_vpc_network.subnets.append(ibm_subnet) objs_to_configure.append(ibm_subnet) if data.get('security_groups'): for security_group in data['security_groups']: ibm_security_group = IBMSecurityGroup( name=security_group['name'], region=ibm_vpc_network.region) for rule in security_group['rules']: ibm_security_group_rule = IBMSecurityGroupRule( rule['direction'], rule['protocol'], rule.get('code'), rule.get('type'), rule.get('port_min'), rule.get('port_max'), rule.get('address'), rule.get('cidr_block')) if rule.get('security_group'): ibm_security_group_rule.rule_type = "security-group" ibm_security_group.rules.append(ibm_security_group_rule) ibm_security_group.ibm_vpc_network = ibm_vpc_network ibm_security_group.ibm_resource_group = existing_resource_group[ 0] ssh_keys_to_configure = list() if data.get('instances'): for instance in data['instances']: existing_instance = ibm_manager.rias_ops.fetch_ops.get_all_instances( instance['name']) if existing_instance: raise IBMInvalidRequestError( "IBM VSI with name '{}' already configured".format( instance['name'])) instance_profile = ibm_manager.rias_ops.fetch_ops.get_all_instance_profiles( instance['instance_profile']) if not instance_profile: raise IBMInvalidRequestError( "IBM Instance Profile '{}' not found".format( instance['instance_profile'])) existing_image = ibm_manager.rias_ops.fetch_ops.get_all_images( instance['image']) if not existing_image: raise IBMInvalidRequestError( "IBM Image with name '{}' not found".format( instance['image'])) ibm_instance = IBMInstance(name=instance['name'], zone=instance['zone'], user_data=instance.get('user_data'), cloud_id=cloud_id, region=region) ssh_keys = list() if instance.get('ssh_keys'): ibm_ssh_key = None for ssh_key in instance['ssh_keys']: for ssh_key_ in ssh_keys_to_configure: if ssh_key_.public_key == ssh_key['public_key']: ibm_ssh_key = ssh_key_ break if not ibm_ssh_key: existing_ssh_key = ibm_manager.rias_ops.fetch_ops.get_all_ssh_keys( public_key=ssh_key['public_key']) if existing_ssh_key: ibm_ssh_key = existing_ssh_key[0] else: ssh_key_name = ibm_manager.rias_ops.fetch_ops.get_available_ssh_key_name( ) ibm_ssh_key = IBMSshKey(ssh_key_name, "rsa", ssh_key['public_key'], ibm_vpc_network.region, cloud_id=cloud_id) objs_to_configure.append(ibm_ssh_key) ssh_keys_to_configure.append(ibm_ssh_key) ibm_instance.ssh_keys.append(ibm_ssh_key) ssh_keys.append(ibm_ssh_key) ibm_instance.ssh_keys = ssh_keys floating_ips_to_add = list() network_interfaces_to_add = list() if instance.get('network_interfaces'): interface_count = 0 is_primary = True for interface in instance['network_interfaces']: ibm_network_interface = IBMNetworkInterface( NETWORK_INTERFACE_NAME.format( name, interface_count), is_primary) interface_count = interface_count + 1 is_primary = False ibm_network_interface.ibm_subnet = [ subnet_ for subnet_ in ibm_vpc_network.subnets.all() if subnet_.name == interface['subnet'] ][0].make_copy() if interface.get('security_groups'): for sec_group in interface['security_groups']: ibm_network_interface.security_group = [ sec_group_ for sec_group_ in ibm_vpc_network.security_groups.all() if sec_group_.name == sec_group ][0].make_copy() if interface.get('reserve_floating_ip'): floating_ip_name = ibm_manager.rias_ops.fetch_ops.get_available_floating_ip_name( ) ibm_floating_ip = IBMFloatingIP( floating_ip_name, ibm_vpc_network.region, ibm_instance.zone, cloud_id=cloud_id) ibm_network_interface.floating_ip = ibm_floating_ip floating_ips_to_add.append(ibm_floating_ip) network_interfaces_to_add.append(ibm_network_interface) volume_attachments = list() if instance.get('volume_attachments'): for volume_attachment in instance['volume_attachments']: ibm_boot_volume_attachment = IBMVolumeAttachment( volume_attachment['name'], type_="data", is_delete=volume_attachment['auto_delete']) volume_profile = ibm_manager.rias_ops.fetch_ops.get_all_volume_profiles( volume_attachment['volume_profile_name']) ibm_volume = IBMVolume( name=volume_attachment['name'], capacity=volume_attachment['capacity'], zone=instance['zone'], encryption="provider_managed", cloud_id=cloud_id, region=region) ibm_volume.volume_profile = volume_profile[0] ibm_boot_volume_attachment.volume = ibm_volume volume_attachments.append(ibm_boot_volume_attachment) volume_profile = ibm_manager.rias_ops.fetch_ops.get_all_volume_profiles( name="general-purpose") ibm_volume = IBMVolume(name=VOLUME_NAME.format( instance['name']), capacity=100, zone=instance['zone'], iops=3000, encryption="provider_managed", region=region, cloud_id=cloud_id) ibm_boot_volume_attachment = IBMVolumeAttachment( VOLUME_ATTACHMENT_NAME.format(instance['name']), type_="boot", is_delete=True) ibm_volume.volume_profile = volume_profile[0] ibm_boot_volume_attachment.volume = ibm_volume volume_attachments.append(ibm_boot_volume_attachment) ibm_instance.ibm_image = existing_image[0] ibm_instance.ibm_resource_group = ibm_vpc_network.ibm_resource_group ibm_instance.ibm_instance_profile = instance_profile[0] ibm_instance.network_interfaces = network_interfaces_to_add ibm_instance.volume_attachments = volume_attachments ibm_instance.ssh_keys = ssh_keys ibm_instance.ibm_vpc_network = ibm_vpc_network objs_to_configure.append(ibm_instance) objs_to_configure.extend(floating_ips_to_add) if data.get('load_balancers'): for load_balancer in data['load_balancers']: existing_load_balancer = ibm_manager.rias_ops.fetch_ops.get_all_load_balancers( name=load_balancer["name"]) if existing_load_balancer: raise IBMInvalidRequestError( "IBM Load Balancer with name '{}' already configured". format(load_balancer["name"])) ibm_load_balancer = IBMLoadBalancer(load_balancer['name'], load_balancer['is_public'], data['region'], cloud_id=cloud_id) subnets_list = list() for subnet in load_balancer['subnets']: ibm_subnet = [ subnet_ for subnet_ in ibm_vpc_network.subnets.all() if subnet_.name == subnet ][0] subnets_list.append(ibm_subnet) pools_list = list() if data.get('pools'): for pool in load_balancer['pools']: ibm_pool = IBMPool(pool['name'], pool['algorithm'], pool['protocol'], pool.get('session_persistence')) if pool.get('health_monitor'): health_check = pool['health_monitor'] ibm_health_check = IBMHealthCheck( health_check.get('delay'), health_check.get('max_retries'), health_check.get('timeout'), health_check.get('protocol'), health_check.get('url_path'), health_check.get('port')) ibm_pool.health_check = ibm_health_check if pool.get('members'): for member in pool['members']: ibm_pool_member = IBMPoolMember( member.get('port'), member.get('weight')) ibm_pool_member.instance = \ [instance_ for instance_ in ibm_vpc_network.instances.all() if instance_.name == member['instance']][0] ibm_pool.pool_members.append(ibm_pool_member) pools_list.append(ibm_pool) listeners_list = list() if data.get('listeners'): for listener in load_balancer['listeners']: ibm_listener = IBMListener( listener['port'], listener['protocol'], listener.get('connection_limit')) if listener.get('default_pool'): for pool in pools_list: if pool.name == listener['default_pool']: ibm_listener.ibm_pool = pool break listeners_list.append(ibm_listener) ibm_load_balancer.subnets = subnets_list ibm_load_balancer.pools = pools_list ibm_load_balancer.listeners = listeners_list ibm_load_balancer.ibm_resource_group = ibm_vpc_network.ibm_resource_group ibm_vpc_network.load_balancers.append(ibm_load_balancer) objs_to_configure.append(ibm_load_balancer) ike_policies_to_configure, ipsec_policies_to_configure = list(), list() if data.get('ike_policies'): for ike_policy in data['ike_policies']: ibm_ike_policy = IBMIKEPolicy( ike_policy['name'], data['region'], ike_policy['key_lifetime'], authentication_algorithm=ike_policy[ 'authentication_algorithm'], encryption_algorithm=ike_policy['encryption_algorithm'], ike_version=ike_policy['ike_version'], dh_group=ike_policy['dh_group']) ike_policies_to_configure.append(ibm_ike_policy) if data.get('ipsec_policies'): for ipsec_policy in data['ipsec_policies']: ibm_ipsec_policy = IBMIPSecPolicy( ipsec_policy['name'], data['region'], data['key_lifetime'], authentication_algorithm=data['authentication_algorithm'], encryption_algorithm=data['encryption_algorithm'], pfs_dh_group=data['pfs']) ipsec_policies_to_configure.append(ibm_ipsec_policy) if data.get('vpns'): for vpn in data['vpns']: ibm_vpn_gateway = IBMVpnGateway(vpn['name'], region=data['region'], cloud_id=cloud_id) for connection in vpn['connections']: ibm_vpn_connection = IBMVpnConnection( connection['name'], connection['peer_address'], connection['pre_shared_secret'], json.dumps(connection['local_cidrs']), json.dumps(connection['peer_cidrs']), connection['dead_peer_detection'].get('interval'), connection['dead_peer_detection'].get('timeout'), dpd_action=connection['dead_peer_detection'].get( 'action')) if connection.get('ike_policy'): ibm_ike_policy = [ ike_policy for ike_policy in ike_policies_to_configure if ike_policy.name == connection['ike_policy'] ][0] ibm_vpn_connection.ibm_ike_policy = ibm_ike_policy if connection.get('ipsec_policy'): ibm_ipsec_policy = [ ipsec_policy for ipsec_policy in ipsec_policies_to_configure if ipsec_policy.name == connection['ipsec_policy'] ][0] ibm_vpn_connection.ibm_ipsec_policy = ibm_ipsec_policy ibm_vpn_gateway.vpn_connections.append(ibm_vpn_connection) ibm_vpn_gateway.ibm_vpc_network = ibm_vpc_network ibm_vpn_gateway.ibm_subnet = \ [subnet for subnet in ibm_vpc_network.subnets.all() if subnet.name == vpn['subnet']][0] ibm_vpn_gateway.ibm_resource_group = existing_resource_group[0] ibm_vpc_network.add_update_db() for obj in objs_to_configure: configure_and_save_obj_confs(ibm_manager, obj) except (IBMAuthError, IBMConnectError, IBMExecuteError, IBMInvalidRequestError) as ex: current_app.logger.info(ex) if isinstance(ex, IBMAuthError): cloud.status = INVALID for obj in objs_to_configure: if obj.status == CREATING: obj.status = ERROR_CREATING doosradb.session.commit() else: ibm_vpc_network.status = CREATED doosradb.session.commit() return ibm_vpc_network