def deploy_networkipv4(network_id, user): """Loads template for creating Network IPv4 equipment configuration, creates file and apply config. :param network_id: NetworkIPv4 Id Returns: List with status of equipments output """ try: netv4_obj = get_networkipv4_by_id(network_id) routers = netv4_obj.vlan.ambiente.routers if not routers: raise exceptions.NoEnvironmentRoutersFoundException() if facade_eqpt.all_equipments_are_in_maintenance(routers): raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException() if user: if not facade_eqpt.all_equipments_can_update_config(routers, user): raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException( 'User does not have permission to update conf in eqpt. ' 'Verify the permissions of user group with equipment group' '.Network:{}'.format(netv4_obj.id)) except ObjectDoesNotExistException, e: raise ObjectDoesNotExistException(e.detail)
def _validate_vip_to_apply(vip_request, update=False, user=None): vip = get_vip_request_by_id(vip_request.get('id')) # validate vip with same ipv4 ou ipv6 vip_with_ip = get_vip_request_by_ip(vip.ipv4, vip.ipv6, vip.environmentvip) vip_with_ip = vip_with_ip.exclude(id=vip.id).exclude( created=False).distinct() if vip_with_ip.count() > 0: raise exceptions.AlreadyVipRequestException() if update and not vip.created: raise exceptions.VipRequestNotCreated(vip.id) if not update and vip.created: raise exceptions.VipRequestAlreadyCreated(vip.id) equips = facade_eqpt.get_eqpt_by_envvip(vip_request['environmentvip']) conf = EnvironmentVip.objects.get(id=vip_request['environmentvip']).conf if facade_eqpt.all_equipments_are_in_maintenance(equips): raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException() if user: if not facade_eqpt.all_equipments_can_update_config(equips, user): raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException( 'User does not have permission to update conf in eqpt. \ Verify the permissions of user group with equipment group. Vip:{}' .format(vip_request['id'])) cluster_unit = vip.ipv4.networkipv4.cluster_unit if vip.ipv4 else vip.ipv6.networkipv6.cluster_unit return equips, conf, cluster_unit
def _validate_pool_to_apply(pool, update=False, user=None): server_pool = ServerPool.objects.get(id=pool['id']) if not server_pool: raise exceptions.PoolNotExist() if update and not server_pool.pool_created: raise exceptions.PoolNotCreated(server_pool.id) equips = Equipamento.objects.filter( maintenance=0, equipamentoambiente__ambiente__id=server_pool.environment.id, tipo_equipamento__tipo_equipamento=u'Balanceador').distinct() if facade_eqpt.all_equipments_are_in_maintenance(equips): raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException() if user: if not facade_eqpt.all_equipments_can_update_config(equips, user): raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException( 'User does not have permission to update conf in eqpt. ' 'Verify the permissions of user group with equipment ' 'group. Pool:{}'.format(pool['id'])) return equips
def undeploy_networkipv4(network_id, user): """Loads template for removing Network IPv4 equipment configuration, creates file and apply config. :param network_id: NetworkIPv4 Id Returns: List with status of equipments output """ netv4_obj = get_networkipv4_by_id(network_id) routers = netv4_obj.vlan.ambiente.routers if not routers: raise exceptions.NoEnvironmentRoutersFoundException() if facade_eqpt.all_equipments_are_in_maintenance(routers): raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException() if user: if not facade_eqpt.all_equipments_can_update_config(routers, user): raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException( 'User does not have permission to update conf in eqpt. ' 'Verify the permissions of user group with equipment group. ' 'Network:{}'.format(netv4_obj.id)) # lock network id to prevent multiple requests to same id with distributedlock(LOCK_NETWORK_IPV4 % netv4_obj.id): with distributedlock(LOCK_VLAN % netv4_obj.vlan.id): if netv4_obj.active == 0: return 'Network already not active. Nothing to do.' # load dict with all equipment attributes dict_ips = get_dict_v4_to_use_in_configuration_deploy( user, netv4_obj, routers) status_deploy = dict() # TODO implement threads for equipment in routers: # generate config file file_to_deploy = _generate_config_file( dict_ips, equipment, TEMPLATE_NETWORKv4_DEACTIVATE) lockvar = LOCK_EQUIPMENT_DEPLOY_CONFIG_NETWORK_SCRIPT % ( equipment.id) # deploy config file in equipments status_deploy[ equipment.id] = deploy_config_in_equipment_synchronous( file_to_deploy, equipment, lockvar) netv4_obj.deactivate_v3() # transaction.commit() if netv4_obj.vlan.ativada == 1: # if there are no other networks active in vlan, remove int # vlan if not _has_active_network_in_vlan(netv4_obj.vlan): # remove int vlan for equipment in routers: if equipment.maintenance is not True: pass # Delete SVI status_deploy[equipment.id] += _remove_svi( equipment, netv4_obj.vlan.num_vlan) # Need verify this call netv4_obj.vlan.deactivate_v3() return status_deploy
def deploy_networkipv6(network_id, user): """Loads template for creating Network IPv6 equipment configuration, creates file and apply config. Args: NetworkIPv6 object Equipamento objects list Returns: List with status of equipments output """ netv6_obj = get_networkipv6_by_id(network_id) routers = netv6_obj.vlan.ambiente.routers if not routers: raise exceptions.NoEnvironmentRoutersFoundException() if facade_eqpt.all_equipments_are_in_maintenance(routers): raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException() if user: if not facade_eqpt.all_equipments_can_update_config(routers, user): raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException( 'User does not have permission to update conf in eqpt. ' 'Verify the permissions of user group with equipment group. ' 'Network:{}'.format(netv6_obj.id)) # lock network id to prevent multiple requests to same id with distributedlock(LOCK_NETWORK_IPV6 % netv6_obj.id): with distributedlock(LOCK_VLAN % netv6_obj.vlan.id): if netv6_obj.active == 1: return 'Network already active. Nothing to do.' # load dict with all equipment attributes dict_ips = get_dict_v6_to_use_in_configuration_deploy( user, netv6_obj, routers) status_deploy = dict() # TODO implement threads for equipment in routers: # generate config file file_to_deploy = _generate_config_file( dict_ips, equipment, TEMPLATE_NETWORKv6_ACTIVATE) # deploy config file in equipments lockvar = LOCK_EQUIPMENT_DEPLOY_CONFIG_NETWORK_SCRIPT % ( equipment.id) status_deploy[ equipment.id] = deploy_config_in_equipment_synchronous( file_to_deploy, equipment, lockvar) netv6_obj.activate_v3() # transaction.commit() if netv6_obj.vlan.ativada == 0: netv6_obj.vlan.activate_v3() return status_deploy
def prepare_apply(load_balance, vip, created=True, user=None): vip_request = copy.deepcopy(vip) id_vip = str(vip_request.get('id')) equips, conf, cluster_unit = _validate_vip_to_apply( vip_request, created, user) cache_group = OptionVip.objects.get( id=vip_request.get('options').get('cache_group')) traffic_return = OptionVip.objects.get( id=vip_request.get('options').get('traffic_return')) timeout = OptionVip.objects.get( id=vip_request.get('options').get('timeout')) persistence = OptionVip.objects.get( id=vip_request.get('options').get('persistence')) if vip_request['ipv4']: ipv4 = Ip.get_by_pk( vip_request['ipv4']) if vip_request['ipv4'] else None vip_request['ipv4'] = {'id': ipv4.id, 'ip_formated': ipv4.ip_formated} if vip_request['ipv6']: ipv6 = Ipv6.get_by_pk( vip_request['ipv6']) if vip_request['ipv6'] else None vip_request['ipv6'] = {'id': ipv6.id, 'ip_formated': ipv6.ip_formated} if conf: conf = json.loads(conf) vip_request['options'] = dict() vip_request['options']['cache_group'] = { 'id': cache_group.id, 'nome_opcao_txt': cache_group.nome_opcao_txt } vip_request['options']['traffic_return'] = { 'id': traffic_return.id, 'nome_opcao_txt': traffic_return.nome_opcao_txt } vip_request['options']['timeout'] = { 'id': timeout.id, 'nome_opcao_txt': timeout.nome_opcao_txt } vip_request['options']['persistence'] = { 'id': persistence.id, 'nome_opcao_txt': persistence.nome_opcao_txt } vip_request['options']['cluster_unit'] = cluster_unit try: vip_request['options']['dscp'] = VipRequestDSCP.objects.get( vip_request=vip_request['id']).dscp except: vip_request['options']['dscp'] = None pass for idx, port in enumerate(vip_request['ports']): for i, pl in enumerate(port['pools']): pool = get_pool_by_id(pl['server_pool']) pool_serializer = pool_slz.PoolV3Serializer(pool) l7_rule = OptionVip.objects.get(id=pl['l7_rule']).nome_opcao_txt healthcheck = pool_serializer.data['healthcheck'] healthcheck['identifier'] = reserve_name_healthcheck( pool_serializer.data['identifier']) healthcheck['new'] = True vip_request['ports'][idx]['pools'][i]['server_pool'] = { 'id': pool_serializer.data['id'], 'nome': pool_serializer.data['identifier'], 'lb_method': pool_serializer.data['lb_method'], 'healthcheck': healthcheck, 'action': pool_serializer.data['servicedownaction']['name'], 'pool_created': pool_serializer.data['pool_created'], 'pools_members': [{ 'id': pool_member['id'], 'identifier': pool_member['identifier'], 'ip': pool_member['ip']['ip_formated'] if pool_member['ip'] else pool_member['ipv6']['ip_formated'], 'port': pool_member['port_real'], 'member_status': pool_member['member_status'], 'limit': pool_member['limit'], 'priority': pool_member['priority'], 'weight': pool_member['weight'] } for pool_member in pool_serializer.data['server_pool_members'] ] } vip_request['ports'][idx]['pools'][i]['l7_rule'] = l7_rule l7_protocol = OptionVip.objects.get(id=port['options']['l7_protocol']) l4_protocol = OptionVip.objects.get(id=port['options']['l4_protocol']) vip_request['ports'][idx]['options'] = dict() vip_request['ports'][idx]['options']['l7_protocol'] = { 'id': l7_protocol.id, 'nome_opcao_txt': l7_protocol.nome_opcao_txt } vip_request['ports'][idx]['options']['l4_protocol'] = { 'id': l4_protocol.id, 'nome_opcao_txt': l4_protocol.nome_opcao_txt } vip_request['conf'] = conf if conf: for idx, layer in enumerate(conf['conf']['layers']): requiments = layer.get('requiments') if requiments: # validate for port for idx_port, port in enumerate(vip['ports']): for requiment in requiments: condicionals = requiment.get('condicionals') for condicional in condicionals: validated = True validations = condicional.get('validations') for validation in validations: if validation.get('type') == 'optionvip': validated &= valid_expression( validation.get('operator'), int(vip['options'][validation.get( 'variable')]), int(validation.get('value'))) if validation.get('type') == 'portoptionvip': validated &= valid_expression( validation.get('operator'), int(port['options'][validation.get( 'variable')]), int(validation.get('value'))) if validation.get( 'type') == 'field' and validation.get( 'variable') == 'cluster_unit': validated &= valid_expression( validation.get('operator'), cluster_unit, validation.get('value')) if validated: use = condicional.get('use') for item in use: definitions = item.get('definitions') eqpts = item.get('eqpts') if eqpts: eqpts = Equipamento.objects.filter( id__in=eqpts, maintenance=0, tipo_equipamento__tipo_equipamento= u'Balanceador').distinct() if facade_eqpt.all_equipments_are_in_maintenance( equips): raise exceptions_eqpt.AllEquipmentsAreInMaintenanceException( ) if user: if not facade_eqpt.all_equipments_can_update_config( equips, user): raise exceptions_eqpt.UserDoesNotHavePermInAllEqptException( 'User does not have permission to update conf in eqpt. \ Verify the permissions of user group with equipment group. Vip:{}' .format(vip_request['id'])) for eqpt in eqpts: eqpt_id = str(eqpt.id) if not load_balance.get(eqpt_id): equipment_access = EquipamentoAcesso.search( equipamento=eqpt.id) plugin = PluginFactory.factory( eqpt) load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'vips': [], 'layers': {}, } idx_layer = str(idx) idx_port_str = str(port['port']) if not load_balance[eqpt_id][ 'layers'].get(id_vip): load_balance[eqpt_id][ 'layers'][id_vip] = dict() if load_balance[eqpt_id]['layers'][ id_vip].get(idx_layer): if load_balance[eqpt_id][ 'layers'][id_vip].get( idx_layer).get( 'definitions' ).get( idx_port_str): load_balance[eqpt_id][ 'layers'][id_vip][ idx_layer][ 'definitions'][ idx_port_str] += definitions else: load_balance[eqpt_id][ 'layers'][id_vip][ idx_layer][ 'definitions'][ idx_port_str] = definitions else: load_balance[eqpt_id][ 'layers'][id_vip][ idx_layer] = { 'vip_request': vip_request, 'definitions': { idx_port_str: definitions } } # In first validated==True stops conditionals. # Removing this break will add a wrong # conditional. break for e in equips: eqpt_id = str(e.id) if not load_balance.get(eqpt_id): equipment_access = EquipamentoAcesso.search(equipamento=e.id) plugin = PluginFactory.factory(e) load_balance[eqpt_id] = { 'plugin': plugin, 'access': equipment_access, 'vips': [], 'layers': {}, } load_balance[eqpt_id]['vips'].append({'vip_request': vip_request}) return load_balance