def _add_rule_below(self, context, ref_rule_id, edge_id, firewall_rule):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(context.session, ref_rule_id, edge_id)
ref_vcns_rule_id = rule_map.rule_vseid
fwr_vse_next = self._get_firewall_rule_next(context, edge_id, ref_vcns_rule_id)
fwr_req = self._convert_firewall_rule(context, firewall_rule)
if fwr_vse_next:
ref_vcns_rule_id = fwr_vse_next["ruleId"]
try:
header = self.vcns.add_firewall_rule_above(edge_id, int(ref_vcns_rule_id), fwr_req)[0]
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to add firewall rule above: " "%(rule_id)s with edge_id: %(edge_id)s"),
{"rule_id": ref_vcns_rule_id, "edge_id": edge_id},
)
else:
# append the rule at the bottom
try:
header = self.vcns.add_firewall_rule(edge_id, fwr_req)[0]
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(_("Failed to append a firewall rule" "with edge_id: %s"), edge_id)
objuri = header["location"]
fwr_vseid = objuri[objuri.rfind("/") + 1 :]
map_info = {"rule_id": firewall_rule["id"], "rule_vseid": fwr_vseid, "edge_id": edge_id}
vcns_db.add_vcns_edge_firewallrule_binding(context.session, map_info)
def _add_rule_above(self, context, ref_rule_id, edge_id, firewall_rule):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(
context.session, ref_rule_id, edge_id)
ref_vcns_rule_id = rule_map.rule_vseid
fwr_req = self._convert_firewall_rule(context, firewall_rule)
try:
header = self.vcns.add_firewall_rule_above(edge_id,
ref_vcns_rule_id,
fwr_req)[0]
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to add firewall rule above: "
"%(rule_id)s with edge_id: %(edge_id)s"), {
'rule_id': ref_vcns_rule_id,
'edge_id': edge_id
})
objuri = header['location']
fwr_vseid = objuri[objuri.rfind("/") + 1:]
map_info = {
'rule_id': firewall_rule['id'],
'rule_vseid': fwr_vseid,
'edge_id': edge_id
}
vcns_db.add_vcns_edge_firewallrule_binding(context.session, map_info)
def delete_firewall_rule(self, context, id, edge_id):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(context.session, id, edge_id)
vcns_rule_id = rule_map.rule_vseid
try:
self.vcns.delete_firewall_rule(edge_id, vcns_rule_id)
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to delete firewall rule: %(rule_id)s " "with edge_id: %(edge_id)s"),
{"rule_id": id, "edge_id": edge_id},
)
vcns_db.delete_vcns_edge_firewallrule_binding(context.session, id)
def update_firewall_rule(self, context, id, edge_id, firewall_rule):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(context.session, id, edge_id)
vcns_rule_id = rule_map.rule_vseid
fwr_req = self._convert_firewall_rule(context, firewall_rule)
try:
self.vcns.update_firewall_rule(edge_id, vcns_rule_id, fwr_req)
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to update firewall rule: %(rule_id)s " "with edge_id: %(edge_id)s"),
{"rule_id": id, "edge_id": edge_id},
)
def update_firewall_rule(self, context, id, edge_id, firewall_rule):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(
context.session, id, edge_id)
vcns_rule_id = rule_map.rule_vseid
fwr_req = self._convert_firewall_rule(context, firewall_rule)
try:
self.vcns.update_firewall_rule(edge_id, vcns_rule_id, fwr_req)
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to update firewall rule: %(rule_id)s "
"with edge_id: %(edge_id)s"), {
'rule_id': id,
'edge_id': edge_id
})
def delete_firewall_rule(self, context, id, edge_id):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(
context.session, id, edge_id)
vcns_rule_id = rule_map.rule_vseid
try:
self.vcns.delete_firewall_rule(edge_id, vcns_rule_id)
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to delete firewall rule: %(rule_id)s "
"with edge_id: %(edge_id)s"), {
'rule_id': id,
'edge_id': edge_id
})
vcns_db.delete_vcns_edge_firewallrule_binding(context.session, id)
def get_firewall_rule(self, context, id, edge_id):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(context.session, id, edge_id)
if rule_map is None:
msg = _("No rule id:%s found in the edge_firewall_binding") % id
LOG.error(msg)
raise vcns_exc.VcnsNotFound(resource="vcns_firewall_rule_bindings", msg=msg)
vcns_rule_id = rule_map.rule_vseid
try:
response = self.vcns.get_firewall_rule(edge_id, vcns_rule_id)[1]
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to get firewall rule: %(rule_id)s " "with edge_id: %(edge_id)s"),
{"rule_id": id, "edge_id": edge_id},
)
return self._restore_firewall_rule(context, edge_id, response)
def _add_rule_above(self, context, ref_rule_id, edge_id, firewall_rule):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(context.session, ref_rule_id, edge_id)
ref_vcns_rule_id = rule_map.rule_vseid
fwr_req = self._convert_firewall_rule(context, firewall_rule)
try:
header = self.vcns.add_firewall_rule_above(edge_id, ref_vcns_rule_id, fwr_req)[0]
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to add firewall rule above: " "%(rule_id)s with edge_id: %(edge_id)s"),
{"rule_id": ref_vcns_rule_id, "edge_id": edge_id},
)
objuri = header["location"]
fwr_vseid = objuri[objuri.rfind("/") + 1 :]
map_info = {"rule_id": firewall_rule["id"], "rule_vseid": fwr_vseid, "edge_id": edge_id}
vcns_db.add_vcns_edge_firewallrule_binding(context.session, map_info)
def get_firewall_rule(self, context, id, edge_id):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(
context.session, id, edge_id)
if rule_map is None:
msg = _("No rule id:%s found in the edge_firewall_binding") % id
LOG.error(msg)
raise vcns_exc.VcnsNotFound(
resource='vcns_firewall_rule_bindings', msg=msg)
vcns_rule_id = rule_map.rule_vseid
try:
response = self.vcns.get_firewall_rule(
edge_id, vcns_rule_id)[1]
except vcns_exc.VcnsApiException as e:
LOG.exception(_("Failed to get firewall rule: %(rule_id)s "
"with edge_id: %(edge_id)s"), {
'rule_id': id,
'edge_id': edge_id})
raise e
return self._restore_firewall_rule(context, edge_id, response)
def get_firewall_rule(self, context, id, edge_id):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(
context.session, id, edge_id)
if rule_map is None:
msg = _("No rule id:%s found in the edge_firewall_binding") % id
LOG.error(msg)
raise vcns_exc.VcnsNotFound(resource='vcns_firewall_rule_bindings',
msg=msg)
vcns_rule_id = rule_map.rule_vseid
try:
response = self.vcns.get_firewall_rule(edge_id, vcns_rule_id)[1]
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to get firewall rule: %(rule_id)s "
"with edge_id: %(edge_id)s"), {
'rule_id': id,
'edge_id': edge_id
})
return self._restore_firewall_rule(context, edge_id, response)
def _add_rule_below(self, context, ref_rule_id, edge_id, firewall_rule):
rule_map = vcns_db.get_vcns_edge_firewallrule_binding(
context.session, ref_rule_id, edge_id)
ref_vcns_rule_id = rule_map.rule_vseid
fwr_vse_next = self._get_firewall_rule_next(context, edge_id,
ref_vcns_rule_id)
fwr_req = self._convert_firewall_rule(context, firewall_rule)
if fwr_vse_next:
ref_vcns_rule_id = fwr_vse_next['ruleId']
try:
header = self.vcns.add_firewall_rule_above(
edge_id, int(ref_vcns_rule_id), fwr_req)[0]
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to add firewall rule above: "
"%(rule_id)s with edge_id: %(edge_id)s"), {
'rule_id': ref_vcns_rule_id,
'edge_id': edge_id
})
else:
# append the rule at the bottom
try:
header = self.vcns.add_firewall_rule(edge_id, fwr_req)[0]
except vcns_exc.VcnsApiException:
with excutils.save_and_reraise_exception():
LOG.exception(
_("Failed to append a firewall rule"
"with edge_id: %s"), edge_id)
objuri = header['location']
fwr_vseid = objuri[objuri.rfind("/") + 1:]
map_info = {
'rule_id': firewall_rule['id'],
'rule_vseid': fwr_vseid,
'edge_id': edge_id
}
vcns_db.add_vcns_edge_firewallrule_binding(context.session, map_info)
