def test_delete_rule_priority(self): ip_lib.IpRule('sudo').delete_rule_priority(100) self.execute.assert_called_once_with('', 'rule', ('del', 'priority', 100), 'sudo', None, log_fail_as_error=True)
def floating_ip_added_dist(self, fip, fip_cidr): """Add floating IP to FIP namespace.""" floating_ip = fip['floating_ip_address'] fixed_ip = fip['fixed_ip_address'] rule_pr = self.fip_ns.allocate_rule_priority() self.floating_ips_dict[floating_ip] = rule_pr fip_2_rtr_name = self.fip_ns.get_int_device_name(self.router_id) ip_rule = ip_lib.IpRule(self.root_helper, namespace=self.ns_name) ip_rule.add(fixed_ip, dvr_fip_ns.FIP_RT_TBL, rule_pr) #Add routing rule in fip namespace fip_ns_name = self.fip_ns.get_name() rtr_2_fip, _ = self.rtr_fip_subnet.get_pair() device = ip_lib.IPDevice(fip_2_rtr_name, self.root_helper, namespace=fip_ns_name) device.route.add_route(fip_cidr, str(rtr_2_fip.ip)) interface_name = ( self.fip_ns.get_ext_device_name( self.fip_ns.agent_gateway_port['id'])) ip_lib.send_garp_for_proxyarp(fip_ns_name, interface_name, floating_ip, self.agent_conf.send_arp_for_ha, self.root_helper) # update internal structures self.dist_fip_count = self.dist_fip_count + 1
def _test_delete_rule(self, ip, table, priority): ip_version = netaddr.IPNetwork(ip).version ip_lib.IpRule().delete(ip, table, priority) self.execute.assert_called_once_with([ip_version], 'rule', ('del', 'table', table, 'priority', priority), run_as_root=True, namespace=None, log_fail_as_error=True)
def _test_add_rule_exists(self, ip, table, priority, output): self.execute.return_value = output ip_version = netaddr.IPNetwork(ip).version ip_lib.IpRule().add(ip, table, priority) self.execute.assert_called_once_with([ip_version], 'rule', ['show'], run_as_root=True, namespace=None, log_fail_as_error=True)
def test_add_rule_from(self): ip_lib.IpRule('sudo').add_rule_from('192.168.45.100', 2, 100) self.execute.assert_called_once_with( '', 'rule', ('add', 'from', '192.168.45.100', 'lookup', 2, 'priority', 100), 'sudo', None, log_fail_as_error=True)
def _test_add_rule(self, ip, table, priority): ip_version = netaddr.IPNetwork(ip).version ip_lib.IpRule('sudo').add(ip, table, priority) self.execute.assert_called_once_with( [ip_version], 'rule', ('add', 'from', ip, 'table', table, 'priority', priority), 'sudo', None, log_fail_as_error=True)
def _snat_redirect_remove(self, ri, sn_port, sn_int): """Removes rules and routes for SNAT redirection.""" try: ip_cidr = sn_port['ip_cidr'] snat_idx = self._get_snat_idx(ip_cidr) ns_ipr = ip_lib.IpRule(namespace=ri.ns_name) ns_ipd = ip_lib.IPDevice(sn_int, namespace=ri.ns_name) ns_ipd.route.delete_gateway(table=snat_idx) ns_ipr.delete(ip_cidr, snat_idx, snat_idx) except Exception: LOG.exception(_LE('DVR: removed snat failed'))
def _test_add_rule(self, ip, table, priority): ip_version = netaddr.IPNetwork(ip).version ip_lib.IpRule().add(ip, table, priority) call_1 = mock.call([ip_version], 'rule', ['show'], run_as_root=True, namespace=None, log_fail_as_error=True) call_2 = mock.call().splitlines() # This is for call().splitlines().__iter__(), which can't be mocked call_3 = mock.ANY call_4 = mock.call([ip_version], 'rule', ('add', 'from', ip, 'table', table, 'priority', priority), run_as_root=True, namespace=None, log_fail_as_error=True) self.execute.assert_has_calls([call_1, call_2, call_3, call_4])
def _snat_redirect_add(self, ri, gateway, sn_port, sn_int): """Adds rules and routes for SNAT redirection.""" try: ip_cidr = sn_port['ip_cidr'] snat_idx = self._get_snat_idx(ip_cidr) ns_ipr = ip_lib.IpRule(namespace=ri.ns_name) ns_ipd = ip_lib.IPDevice(sn_int, namespace=ri.ns_name) ns_ipd.route.add_gateway(gateway, table=snat_idx) ns_ipr.add(ip_cidr, snat_idx, snat_idx) ns_ipr.netns.execute([ 'sysctl', '-w', 'net.ipv4.conf.%s.' 'send_redirects=0' % sn_int ]) except Exception: LOG.exception(_LE('DVR: error adding redirection logic'))
def floating_ip_removed_dist(self, fip_cidr): """Remove floating IP from FIP namespace.""" floating_ip = fip_cidr.split('/')[0] rtr_2_fip_name = self.fip_ns.get_rtr_ext_device_name(self.router_id) fip_2_rtr_name = self.fip_ns.get_int_device_name(self.router_id) if self.rtr_fip_subnet is None: self.rtr_fip_subnet = self.local_subnets.allocate(self.router_id) rtr_2_fip, fip_2_rtr = self.rtr_fip_subnet.get_pair() fip_ns_name = self.fip_ns.get_name() if floating_ip in self.floating_ips_dict: rule_pr = self.floating_ips_dict[floating_ip] ip_rule = ip_lib.IpRule(self.root_helper, namespace=self.ns_name) ip_rule.delete(floating_ip, dvr_fip_ns.FIP_RT_TBL, rule_pr) self.fip_ns.deallocate_rule_priority(rule_pr) #TODO(rajeev): Handle else case - exception/log? device = ip_lib.IPDevice(fip_2_rtr_name, self.root_helper, namespace=fip_ns_name) device.route.delete_route(fip_cidr, str(rtr_2_fip.ip)) # check if this is the last FIP for this router self.dist_fip_count = self.dist_fip_count - 1 if self.dist_fip_count == 0: #remove default route entry device = ip_lib.IPDevice(rtr_2_fip_name, self.root_helper, namespace=self.ns_name) ns_ip = ip_lib.IPWrapper(self.root_helper, namespace=fip_ns_name) device.route.delete_gateway(str(fip_2_rtr.ip), table=dvr_fip_ns.FIP_RT_TBL) self.fip_ns.local_subnets.release(self.router_id) self.rtr_fip_subnet = None ns_ip.del_veth(fip_2_rtr_name) is_last = self.fip_ns.unsubscribe(self.router_id) if is_last: # TODO(Carl) I can't help but think that another router could # come in and want to start using this namespace while this is # destroying it. The two could end up conflicting on # creating/destroying interfaces and such. I think I'd like a # semaphore to sync creation/deletion of this namespace. self.fip_ns.destroy() self.fip_ns = None
def floating_ip_removed_dist(self, ri, fip_cidr): """Remove floating IP from FIP namespace.""" floating_ip = fip_cidr.split('/')[0] rtr_2_fip_name = self.get_rtr_int_device_name(ri.router_id) fip_2_rtr_name = self.get_fip_int_device_name(ri.router_id) if ri.rtr_fip_subnet is None: ri.rtr_fip_subnet = self.local_subnets.allocate(ri.router_id) rtr_2_fip, fip_2_rtr = ri.rtr_fip_subnet.get_pair() fip_ns_name = self.get_fip_ns_name(str(self._fetch_external_net_id())) ip_rule_rtr = ip_lib.IpRule(self.root_helper, namespace=ri.ns_name) if floating_ip in ri.floating_ips_dict: rule_pr = ri.floating_ips_dict[floating_ip] ip_rule_rtr.delete_rule_priority(rule_pr) self.fip_priorities.add(rule_pr) #TODO(rajeev): Handle else case - exception/log? device = ip_lib.IPDevice(fip_2_rtr_name, self.root_helper, namespace=fip_ns_name) device.route.delete_route(fip_cidr, str(rtr_2_fip.ip)) # check if this is the last FIP for this router ri.dist_fip_count = ri.dist_fip_count - 1 if ri.dist_fip_count == 0: #remove default route entry device = ip_lib.IPDevice(rtr_2_fip_name, self.root_helper, namespace=ri.ns_name) ns_ip = ip_lib.IPWrapper(self.root_helper, namespace=fip_ns_name) device.route.delete_gateway(str(fip_2_rtr.ip), table=FIP_RT_TBL) self.local_subnets.release(ri.router_id) ri.rtr_fip_subnet = None ns_ip.del_veth(fip_2_rtr_name) is_last = self._fip_ns_unsubscribe(ri.router_id) # clean up fip-namespace if this is the last FIP if is_last: self._destroy_fip_namespace(fip_ns_name)