def main(): eventlet.monkey_patch() opts = [ cfg.StrOpt('network_id'), cfg.StrOpt('router_id'), cfg.StrOpt('pid_file'), cfg.BoolOpt('daemonize', default=True), cfg.IntOpt('metadata_port', default=9697, help="TCP Port to listen for metadata server requests."), ] cfg.CONF.register_opts(opts) cfg.CONF(args=sys.argv, project='quantum') config.setup_logging(cfg.CONF) proxy = ProxyDaemon(cfg.CONF.pid_file, cfg.CONF.metadata_port, network_id=cfg.CONF.network_id, router_id=cfg.CONF.router_id) if cfg.CONF.daemonize: proxy.start() else: proxy.run()
class DhcpAgent(object): OPTS = [ cfg.StrOpt('root_helper', default='sudo'), cfg.IntOpt('resync_interval', default=30), cfg.StrOpt('dhcp_driver', default='quantum.agent.linux.dhcp.Dnsmasq', help="The driver used to manage the DHCP server."), cfg.BoolOpt('use_namespaces', default=True, help="Allow overlapping IP.") ] def __init__(self, conf): self.needs_resync = False self.conf = conf self.cache = NetworkCache() self.dhcp_driver_cls = importutils.import_class(conf.dhcp_driver) ctx = context.RequestContext('quantum', 'quantum', is_admin=True) self.plugin_rpc = DhcpPluginApi(topics.PLUGIN, ctx) self.device_manager = DeviceManager(self.conf, self.plugin_rpc) self.notifications = agent_rpc.NotificationDispatcher() self.lease_relay = DhcpLeaseRelay(self.update_lease) def run(self): """Activate the DHCP agent.""" self.sync_state() self.periodic_resync() self.lease_relay.start() self.notifications.run_dispatch(self) def call_driver(self, action, network): """Invoke an action on a DHCP driver instance.""" if self.conf.use_namespaces: namespace = NS_PREFIX + network.id else: namespace = None try: # the Driver expects something that is duck typed similar to # the base models. driver = self.dhcp_driver_cls(self.conf, network, self.conf.root_helper, self.device_manager, namespace) getattr(driver, action)() return True except Exception, e: self.needs_resync = True LOG.exception('Unable to %s dhcp.' % action)
class UnixDomainMetadataProxy(object): OPTS = [ cfg.StrOpt('metadata_proxy_socket', default='$state_path/metadata_proxy', help='Location for Metadata Proxy UNIX domain socket') ] def __init__(self, conf): self.conf = conf dirname = os.path.dirname(cfg.CONF.metadata_proxy_socket) if os.path.isdir(dirname): try: os.unlink(cfg.CONF.metadata_proxy_socket) except OSError: if os.path.exists(cfg.CONF.metadata_proxy_socket): raise else: os.makedirs(dirname, 0755) def run(self): server = UnixDomainWSGIServer('quantum-metadata-agent') server.start(MetadataProxyHandler(self.conf), self.conf.metadata_proxy_socket) server.wait()
class DhcpLeaseRelay(object): """UNIX domain socket server for processing lease updates. Network namespace isolation prevents the DHCP process from notifying Quantum directly. This class works around the limitation by using the domain socket to pass the information. This class handles message. receiving and then calls the callback method. """ OPTS = [ cfg.StrOpt('dhcp_lease_relay_socket', default='$state_path/dhcp/lease_relay', help='Location to DHCP lease relay UNIX domain socket') ] def __init__(self, lease_update_callback): self.callback = lease_update_callback dirname = os.path.dirname(cfg.CONF.dhcp_lease_relay_socket) if os.path.isdir(dirname): try: os.unlink(cfg.CONF.dhcp_lease_relay_socket) except OSError: if os.path.exists(cfg.CONF.dhcp_lease_relay_socket): raise else: os.makedirs(dirname, 0755) def _validate_field(self, value, regex): """Validate value against a regular expression and return if valid.""" match = re.match(regex, value) if match: return value raise ValueError(_("Value %s does not match regex: %s") % (value, regex)) def _handler(self, client_sock, client_addr): """Handle incoming lease relay stream connection. This method will only read the first 1024 bytes and then close the connection. The limit exists to limit the impact of misbehaving clients. """ try: msg = client_sock.recv(1024) data = jsonutils.loads(msg) client_sock.close() network_id = self._validate_field(data['network_id'], attributes.UUID_PATTERN) ip_address = str(netaddr.IPAddress(data['ip_address'])) lease_remaining = int(data['lease_remaining']) self.callback(network_id, ip_address, lease_remaining) except ValueError, e: LOG.warn(_('Unable to parse lease relay msg to dict.')) LOG.warn(_('Exception value: %s') % e) LOG.warn(_('Message representation: %s') % repr(msg)) except Exception, e: LOG.exception(_('Unable update lease. Exception'))
def setup_conf(): bind_opts = [ cfg.StrOpt('state_path', default='/var/lib/quantum', help='Top-level directory for maintaining dhcp state'), ] conf = cfg.CommonConfigOpts() conf.register_opts(bind_opts) return conf
def setUp(self): root_helper_opt = [ cfg.StrOpt('root_helper', default='sudo'), ] self.conf = config.setup_conf() self.conf.register_opts(interface.OPTS) self.conf.register_opts(root_helper_opt) self.ip_dev_p = mock.patch.object(ip_lib, 'IPDevice') self.ip_dev = self.ip_dev_p.start() self.ip_p = mock.patch.object(ip_lib, 'IPWrapper') self.ip = self.ip_p.start() self.device_exists_p = mock.patch.object(ip_lib, 'device_exists') self.device_exists = self.device_exists_p.start()
def setup_conf(): """Setup the cfg for the clean up utility. Use separate setup_conf for the utility because there are many options from the main config that do not apply during clean-up. """ opts = [ cfg.StrOpt('root_helper', default='sudo'), cfg.StrOpt('dhcp_driver', default='quantum.agent.linux.dhcp.Dnsmasq', help="The driver used to manage the DHCP server."), cfg.StrOpt('state_path', default='.', help='Top-level directory for maintaining dhcp state'), cfg.BoolOpt('force', default=False, help='Delete the namespace by removing all devices.'), ] conf = cfg.CommonConfigOpts() conf.register_opts(opts) conf.register_opts(dhcp.OPTS) config.setup_logging(conf) return conf
class MetadataProxyHandler(object): OPTS = [ cfg.StrOpt('admin_user'), cfg.StrOpt('admin_password'), cfg.StrOpt('admin_tenant_name'), cfg.StrOpt('auth_url'), cfg.StrOpt('auth_strategy', default='keystone'), cfg.StrOpt('auth_region'), cfg.StrOpt('nova_metadata_ip', default='127.0.0.1', help="IP address used by Nova metadata server."), cfg.IntOpt('nova_metadata_port', default=8775, help="TCP Port used by Nova metadata server."), cfg.StrOpt('metadata_proxy_shared_secret', default='', help='Shared secret to sign instance-id request') ] def __init__(self, conf): self.conf = conf self.qclient = client.Client(username=self.conf.admin_user, password=self.conf.admin_password, tenant_name=self.conf.admin_tenant_name, auth_url=self.conf.auth_url, auth_strategy=self.conf.auth_strategy, region_name=self.conf.auth_region) @webob.dec.wsgify(RequestClass=wsgi.Request) def __call__(self, req): try: LOG.debug(_("Request: %s"), req) instance_id = self._get_instance_id(req) if instance_id: return self._proxy_request(instance_id, req) else: return webob.exc.HTTPNotFound() except Exception, e: LOG.exception(_("Unexpected error.")) msg = _('An unknown error has occurred. ' 'Please try your request again.') return webob.exc.HTTPInternalServerError(explanation=unicode(msg))
def setUp(self): root = os.path.dirname(os.path.dirname(__file__)) args = ['--config-file', os.path.join(root, 'etc', 'quantum.conf.test')] self.conf = config.setup_conf() self.conf.register_opts(dhcp.OPTS) self.conf.register_opt(cfg.StrOpt('dhcp_lease_relay_socket', default='$state_path/dhcp/lease_relay')) self.conf(args=args) self.conf.set_override('state_path', '') self.conf.use_namespaces = True self.replace_p = mock.patch('quantum.agent.linux.dhcp.replace_file') self.execute_p = mock.patch('quantum.agent.linux.utils.execute') self.safe = self.replace_p.start() self.execute = self.execute_p.start()
from quantum.openstack.common import cfg DEFAULT_VLAN_RANGES = ['default:1000:2999'] DEFAULT_INTERFACE_MAPPINGS = ['default:eth1'] vlan_opts = [ cfg.ListOpt('network_vlan_ranges', default=DEFAULT_VLAN_RANGES, help="List of <physical_network>:<vlan_min>:<vlan_max> " "or <physical_network>"), ] database_opts = [ cfg.StrOpt('sql_connection', default='sqlite://'), cfg.IntOpt('sql_max_retries', default=-1), cfg.IntOpt('reconnect_interval', default=2), ] bridge_opts = [ cfg.ListOpt('physical_interface_mappings', default=DEFAULT_INTERFACE_MAPPINGS, help="List of <physical_network>:<physical_interface>"), ] agent_opts = [ cfg.IntOpt('polling_interval', default=2), cfg.StrOpt('root_helper', default='sudo'), cfg.BoolOpt('rpc', default=True), ]
from quantum.common import rpc as q_rpc from quantum.common import topics from quantum import context as qcontext from quantum.db import api as db from quantum.db import db_base_plugin_v2 from quantum.db import dhcp_rpc_base from quantum.db import models_v2 from quantum.openstack.common import cfg from quantum.openstack.common import log as logging from quantum.openstack.common import rpc from quantum.plugins.bigswitch.version import version_string_with_vcs LOG = logging.getLogger(__name__) database_opts = [ cfg.StrOpt('sql_connection', default='sqlite://'), cfg.IntOpt('sql_max_retries', default=-1), cfg.IntOpt('reconnect_interval', default=2), ] restproxy_opts = [ cfg.StrOpt('servers', default='localhost:8800'), cfg.StrOpt('serverauth', default='username:password'), cfg.BoolOpt('serverssl', default=False), cfg.BoolOpt('syncdata', default=False), cfg.IntOpt('servertimeout', default=10), ] cfg.CONF.register_opts(database_opts, "DATABASE") cfg.CONF.register_opts(restproxy_opts, "RESTPROXY")
from quantum.openstack.common import importutils from quantum.openstack.common import jsonutils from quantum.openstack.common.rpc import common as rpc_common # for convenience, are not modified. pformat = pprint.pformat Timeout = eventlet.timeout.Timeout LOG = rpc_common.LOG RemoteError = rpc_common.RemoteError RPCException = rpc_common.RPCException zmq_opts = [ cfg.StrOpt('rpc_zmq_bind_address', default='*', help='ZeroMQ bind address. Should be a wildcard (*), ' 'an ethernet interface, or IP. ' 'The "host" option should point or resolve to this ' 'address.'), # The module.Class to use for matchmaking. cfg.StrOpt( 'rpc_zmq_matchmaker', default=('quantum.openstack.common.rpc.' 'matchmaker.MatchMakerLocalhost'), help='MatchMaker driver', ), # The following port is unassigned by IANA as of 2012-05-21 cfg.IntOpt('rpc_zmq_port', default=9501, help='ZeroMQ receiver listening port'),
class DeviceManager(object): OPTS = [ cfg.StrOpt('admin_user'), cfg.StrOpt('admin_password'), cfg.StrOpt('admin_tenant_name'), cfg.StrOpt('auth_url'), cfg.StrOpt('auth_strategy', default='keystone'), cfg.StrOpt('auth_region'), cfg.StrOpt('interface_driver', help="The driver used to manage the virtual interface.") ] def __init__(self, conf, plugin): self.conf = conf self.plugin = plugin if not conf.interface_driver: LOG.error(_('You must specify an interface driver')) self.driver = importutils.import_object(conf.interface_driver, conf) def get_interface_name(self, network, port=None): """Return interface(device) name for use by the DHCP process.""" if not port: device_id = self.get_device_id(network) port = self.plugin.get_dhcp_port(network.id, device_id) return self.driver.get_device_name(port) def get_device_id(self, network): """Return a unique DHCP device ID for this host on the network.""" # There could be more than one dhcp server per network, so create # a device id that combines host and network ids host_uuid = uuid.uuid5(uuid.NAMESPACE_DNS, socket.gethostname()) return 'dhcp%s-%s' % (host_uuid, network.id) def setup(self, network, reuse_existing=False): """Create and initialize a device for network's DHCP on this host.""" device_id = self.get_device_id(network) port = self.plugin.get_dhcp_port(network.id, device_id) interface_name = self.get_interface_name(network, port) if self.conf.use_namespaces: namespace = NS_PREFIX + network.id else: namespace = None if ip_lib.device_exists(interface_name, self.conf.root_helper, namespace): if not reuse_existing: raise exceptions.PreexistingDeviceFailure( dev_name=interface_name) LOG.debug(_('Reusing existing device: %s.') % interface_name) else: self.driver.plug(network.id, port.id, interface_name, port.mac_address, namespace=namespace) ip_cidrs = [] for fixed_ip in port.fixed_ips: subnet = fixed_ip.subnet net = netaddr.IPNetwork(subnet.cidr) ip_cidr = '%s/%s' % (fixed_ip.ip_address, net.prefixlen) ip_cidrs.append(ip_cidr) self.driver.init_l3(interface_name, ip_cidrs, namespace=namespace) return interface_name def destroy(self, network, device_name): """Destroy the device used for the network's DHCP on this host.""" if self.conf.use_namespaces: namespace = NS_PREFIX + network.id else: namespace = None self.driver.unplug(device_name, namespace=namespace) self.plugin.release_dhcp_port(network.id, self.get_device_id(network))
class L3NATAgent(object): OPTS = [ cfg.StrOpt('admin_user'), cfg.StrOpt('admin_password'), cfg.StrOpt('admin_tenant_name'), cfg.StrOpt('auth_url'), cfg.StrOpt('auth_strategy', default='keystone'), cfg.StrOpt('auth_region'), cfg.StrOpt('root_helper', default='sudo'), cfg.StrOpt('external_network_bridge', default='br-ex', help="Name of bridge used for external network traffic."), cfg.StrOpt('interface_driver', help="The driver used to manage the virtual interface."), cfg.IntOpt('polling_interval', default=3, help="The time in seconds between state poll requests."), cfg.StrOpt('metadata_ip', default='', help="IP address used by Nova metadata server."), cfg.IntOpt('metadata_port', default=8775, help="TCP Port used by Nova metadata server."), cfg.IntOpt('send_arp_for_ha', default=3, help="Send this many gratuitous ARPs for HA setup, " "set it below or equal to 0 to disable this feature."), cfg.BoolOpt('use_namespaces', default=True, help="Allow overlapping IP."), cfg.StrOpt('router_id', default='', help="If namespaces is disabled, the l3 agent can only" " confgure a router that has the matching router ID."), cfg.BoolOpt('handle_internal_only_routers', default=True, help="Agent should implement routers with no gateway"), cfg.StrOpt('gateway_external_network_id', default='', help="UUID of external network for routers implemented " "by the agents."), ] def __init__(self, conf): self.conf = conf self.router_info = {} if not conf.interface_driver: LOG.error(_('You must specify an interface driver')) sys.exit(1) try: self.driver = importutils.import_object(conf.interface_driver, conf) except: LOG.exception(_("Error importing interface driver '%s'"), conf.interface_driver) sys.exit(1) self.polling_interval = conf.polling_interval self.qclient = client.Client( username=self.conf.admin_user, password=self.conf.admin_password, tenant_name=self.conf.admin_tenant_name, auth_url=self.conf.auth_url, auth_strategy=self.conf.auth_strategy, region_name=self.conf.auth_region ) if self.conf.use_namespaces: self._destroy_all_router_namespaces() def _destroy_all_router_namespaces(self): """Destroy all router namespaces on the host to eliminate all stale linux devices, iptables rules, and namespaces. """ root_ip = ip_lib.IPWrapper(self.conf.root_helper) for ns in root_ip.get_namespaces(self.conf.root_helper): if ns.startswith(NS_PREFIX): try: self._destroy_router_namespace(ns) except: LOG.exception(_("Couldn't delete namespace '%s'"), ns) def _destroy_router_namespace(self, namespace): ns_ip = ip_lib.IPWrapper(self.conf.root_helper, namespace=namespace) for d in ns_ip.get_devices(exclude_loopback=True): if d.name.startswith(INTERNAL_DEV_PREFIX): # device is on default bridge self.driver.unplug(d.name, namespace=namespace, prefix=INTERNAL_DEV_PREFIX) elif d.name.startswith(EXTERNAL_DEV_PREFIX): self.driver.unplug(d.name, bridge=self.conf.external_network_bridge, namespace=namespace, prefix=EXTERNAL_DEV_PREFIX) #(TODO) Address the failure for the deletion of the namespace def _create_router_namespace(self, ri): ip_wrapper_root = ip_lib.IPWrapper(self.conf.root_helper) ip_wrapper = ip_wrapper_root.ensure_namespace(ri.ns_name()) ip_wrapper.netns.execute(['sysctl', '-w', 'net.ipv4.ip_forward=1']) def daemon_loop(self): #TODO(danwent): this simple diff logic does not handle if # details of a router port (e.g., IP, mac) are changed behind # our back. Will fix this properly with update notifications. while True: try: self.do_single_loop() except: LOG.exception(_("Error running l3_nat daemon_loop")) time.sleep(self.polling_interval) def _fetch_external_net_id(self): """Find UUID of single external network for this agent""" if self.conf.gateway_external_network_id: return self.conf.gateway_external_network_id params = {'router:external': True} ex_nets = self.qclient.list_networks(**params)['networks'] if len(ex_nets) > 1: raise Exception(_("Must configure 'gateway_external_network_id' " "if Quantum has more than one external " "network.")) if len(ex_nets) == 0: return None return ex_nets[0]['id'] def do_single_loop(self): if (self.conf.external_network_bridge and not ip_lib.device_exists(self.conf.external_network_bridge)): LOG.error(_("External network bridge '%s' does not exist"), self.conf.external_network_bridge) return prev_router_ids = set(self.router_info) cur_router_ids = set() target_ex_net_id = self._fetch_external_net_id() # identify and update new or modified routers for r in self.qclient.list_routers()['routers']: if not r['admin_state_up']: continue ex_net_id = (r['external_gateway_info'] and r['external_gateway_info'].get('network_id')) if not ex_net_id and not self.conf.handle_internal_only_routers: continue if ex_net_id and ex_net_id != target_ex_net_id: continue # If namespaces are disabled, only process the router associated # with the configured agent id. if (self.conf.use_namespaces or r['id'] == self.conf.router_id): cur_router_ids.add(r['id']) else: continue if r['id'] not in self.router_info: self._router_added(r['id']) ri = self.router_info[r['id']] self.process_router(ri) # identify and remove routers that no longer exist for router_id in prev_router_ids - cur_router_ids: self._router_removed(router_id) prev_router_ids = cur_router_ids def _router_added(self, router_id): ri = RouterInfo(router_id, self.conf.root_helper, self.conf.use_namespaces) self.router_info[router_id] = ri if self.conf.use_namespaces: self._create_router_namespace(ri) for c, r in self.metadata_filter_rules(): ri.iptables_manager.ipv4['filter'].add_rule(c, r) for c, r in self.metadata_nat_rules(): ri.iptables_manager.ipv4['nat'].add_rule(c, r) ri.iptables_manager.apply() def _router_removed(self, router_id): ri = self.router_info[router_id] for c, r in self.metadata_filter_rules(): ri.iptables_manager.ipv4['filter'].remove_rule(c, r) for c, r in self.metadata_nat_rules(): ri.iptables_manager.ipv4['nat'].remove_rule(c, r) ri.iptables_manager.apply() del self.router_info[router_id] self._destroy_router_namespace(ri.ns_name()) def _set_subnet_info(self, port): ips = port['fixed_ips'] if not ips: raise Exception(_("Router port %s has no IP address") % port['id']) if len(ips) > 1: LOG.error(_("Ignoring multiple IPs on router port %s"), port['id']) port['subnet'] = self.qclient.show_subnet( ips[0]['subnet_id'])['subnet'] prefixlen = netaddr.IPNetwork(port['subnet']['cidr']).prefixlen port['ip_cidr'] = "%s/%s" % (ips[0]['ip_address'], prefixlen) def process_router(self, ri): ex_gw_port = self._get_ex_gw_port(ri) internal_ports = self.qclient.list_ports( device_id=ri.router_id, device_owner=l3_db.DEVICE_OWNER_ROUTER_INTF)['ports'] existing_port_ids = set([p['id'] for p in ri.internal_ports]) current_port_ids = set([p['id'] for p in internal_ports if p['admin_state_up']]) new_ports = [p for p in internal_ports if p['id'] in current_port_ids and p['id'] not in existing_port_ids] old_ports = [p for p in ri.internal_ports if p['id'] not in current_port_ids] for p in new_ports: self._set_subnet_info(p) ri.internal_ports.append(p) self.internal_network_added(ri, ex_gw_port, p['network_id'], p['id'], p['ip_cidr'], p['mac_address']) for p in old_ports: ri.internal_ports.remove(p) self.internal_network_removed(ri, ex_gw_port, p['id'], p['ip_cidr']) internal_cidrs = [p['ip_cidr'] for p in ri.internal_ports] if ex_gw_port and not ri.ex_gw_port: self._set_subnet_info(ex_gw_port) self.external_gateway_added(ri, ex_gw_port, internal_cidrs) elif not ex_gw_port and ri.ex_gw_port: self.external_gateway_removed(ri, ri.ex_gw_port, internal_cidrs) if ri.ex_gw_port or ex_gw_port: self.process_router_floating_ips(ri, ex_gw_port) ri.ex_gw_port = ex_gw_port def process_router_floating_ips(self, ri, ex_gw_port): floating_ips = self.qclient.list_floatingips( router_id=ri.router_id)['floatingips'] existing_floating_ip_ids = set([fip['id'] for fip in ri.floating_ips]) cur_floating_ip_ids = set([fip['id'] for fip in floating_ips]) id_to_fip_map = {} for fip in floating_ips: if fip['port_id']: if fip['id'] not in existing_floating_ip_ids: ri.floating_ips.append(fip) self.floating_ip_added(ri, ex_gw_port, fip['floating_ip_address'], fip['fixed_ip_address']) # store to see if floatingip was remapped id_to_fip_map[fip['id']] = fip floating_ip_ids_to_remove = (existing_floating_ip_ids - cur_floating_ip_ids) for fip in ri.floating_ips: if fip['id'] in floating_ip_ids_to_remove: ri.floating_ips.remove(fip) self.floating_ip_removed(ri, ri.ex_gw_port, fip['floating_ip_address'], fip['fixed_ip_address']) else: # handle remapping of a floating IP new_fip = id_to_fip_map[fip['id']] new_fixed_ip = new_fip['fixed_ip_address'] existing_fixed_ip = fip['fixed_ip_address'] if (new_fixed_ip and existing_fixed_ip and new_fixed_ip != existing_fixed_ip): floating_ip = fip['floating_ip_address'] self.floating_ip_removed(ri, ri.ex_gw_port, floating_ip, existing_fixed_ip) self.floating_ip_added(ri, ri.ex_gw_port, floating_ip, new_fixed_ip) ri.floating_ips.remove(fip) ri.floating_ips.append(new_fip) def _get_ex_gw_port(self, ri): ports = self.qclient.list_ports( device_id=ri.router_id, device_owner=l3_db.DEVICE_OWNER_ROUTER_GW)['ports'] if not ports: return None elif len(ports) == 1: return ports[0] else: LOG.error(_("Ignoring multiple gateway ports for router %s"), ri.router_id) def _send_gratuitous_arp_packet(self, ri, interface_name, ip_address): if self.conf.send_arp_for_ha > 0: arping_cmd = ['arping', '-A', '-U', '-I', interface_name, '-c', self.conf.send_arp_for_ha, ip_address] try: if self.conf.use_namespaces: ip_wrapper = ip_lib.IPWrapper(self.conf.root_helper, namespace=ri.ns_name()) ip_wrapper.netns.execute(arping_cmd, check_exit_code=True) else: utils.execute(arping_cmd, check_exit_code=True, root_helper=self.conf.root_helper) except Exception as e: LOG.error(_("Failed sending gratuitous ARP: %s") % str(e)) def get_internal_device_name(self, port_id): return (INTERNAL_DEV_PREFIX + port_id)[:self.driver.DEV_NAME_LEN] def get_external_device_name(self, port_id): return (EXTERNAL_DEV_PREFIX + port_id)[:self.driver.DEV_NAME_LEN] def external_gateway_added(self, ri, ex_gw_port, internal_cidrs): interface_name = self.get_external_device_name(ex_gw_port['id']) ex_gw_ip = ex_gw_port['fixed_ips'][0]['ip_address'] if not ip_lib.device_exists(interface_name, root_helper=self.conf.root_helper, namespace=ri.ns_name()): self.driver.plug(ex_gw_port['network_id'], ex_gw_port['id'], interface_name, ex_gw_port['mac_address'], bridge=self.conf.external_network_bridge, namespace=ri.ns_name(), prefix=EXTERNAL_DEV_PREFIX) self.driver.init_l3(interface_name, [ex_gw_port['ip_cidr']], namespace=ri.ns_name()) ip_address = ex_gw_port['ip_cidr'].split('/')[0] self._send_gratuitous_arp_packet(ri, interface_name, ip_address) gw_ip = ex_gw_port['subnet']['gateway_ip'] if ex_gw_port['subnet']['gateway_ip']: cmd = ['route', 'add', 'default', 'gw', gw_ip] if self.conf.use_namespaces: ip_wrapper = ip_lib.IPWrapper(self.conf.root_helper, namespace=ri.ns_name()) ip_wrapper.netns.execute(cmd, check_exit_code=False) else: utils.execute(cmd, check_exit_code=False, root_helper=self.conf.root_helper) for (c, r) in self.external_gateway_nat_rules(ex_gw_ip, internal_cidrs, interface_name): ri.iptables_manager.ipv4['nat'].add_rule(c, r) ri.iptables_manager.apply() def external_gateway_removed(self, ri, ex_gw_port, internal_cidrs): interface_name = self.get_external_device_name(ex_gw_port['id']) if ip_lib.device_exists(interface_name, root_helper=self.conf.root_helper, namespace=ri.ns_name()): self.driver.unplug(interface_name, bridge=self.conf.external_network_bridge, namespace=ri.ns_name(), prefix=EXTERNAL_DEV_PREFIX) ex_gw_ip = ex_gw_port['fixed_ips'][0]['ip_address'] for c, r in self.external_gateway_nat_rules(ex_gw_ip, internal_cidrs, interface_name): ri.iptables_manager.ipv4['nat'].remove_rule(c, r) ri.iptables_manager.apply() def metadata_filter_rules(self): rules = [] if self.conf.metadata_ip: rules.append(('INPUT', '-s 0.0.0.0/0 -d %s ' '-p tcp -m tcp --dport %s ' '-j ACCEPT' % (self.conf.metadata_ip, self.conf.metadata_port))) return rules def metadata_nat_rules(self): rules = [] if self.conf.metadata_ip: rules.append(('PREROUTING', '-s 0.0.0.0/0 -d 169.254.169.254/32 ' '-p tcp -m tcp --dport 80 -j DNAT ' '--to-destination %s:%s' % (self.conf.metadata_ip, self.conf.metadata_port))) return rules def external_gateway_nat_rules(self, ex_gw_ip, internal_cidrs, interface_name): rules = [('POSTROUTING', '! -i %(interface_name)s ' '! -o %(interface_name)s -m conntrack ! ' '--ctstate DNAT -j ACCEPT' % locals())] for cidr in internal_cidrs: rules.extend(self.internal_network_nat_rules(ex_gw_ip, cidr)) return rules def internal_network_added(self, ri, ex_gw_port, network_id, port_id, internal_cidr, mac_address): interface_name = self.get_internal_device_name(port_id) if not ip_lib.device_exists(interface_name, root_helper=self.conf.root_helper, namespace=ri.ns_name()): self.driver.plug(network_id, port_id, interface_name, mac_address, namespace=ri.ns_name(), prefix=INTERNAL_DEV_PREFIX) self.driver.init_l3(interface_name, [internal_cidr], namespace=ri.ns_name()) ip_address = internal_cidr.split('/')[0] self._send_gratuitous_arp_packet(ri, interface_name, ip_address) if ex_gw_port: ex_gw_ip = ex_gw_port['fixed_ips'][0]['ip_address'] for c, r in self.internal_network_nat_rules(ex_gw_ip, internal_cidr): ri.iptables_manager.ipv4['nat'].add_rule(c, r) ri.iptables_manager.apply() def internal_network_removed(self, ri, ex_gw_port, port_id, internal_cidr): interface_name = self.get_internal_device_name(port_id) if ip_lib.device_exists(interface_name, root_helper=self.conf.root_helper, namespace=ri.ns_name()): self.driver.unplug(interface_name, namespace=ri.ns_name(), prefix=INTERNAL_DEV_PREFIX) if ex_gw_port: ex_gw_ip = ex_gw_port['fixed_ips'][0]['ip_address'] for c, r in self.internal_network_nat_rules(ex_gw_ip, internal_cidr): ri.iptables_manager.ipv4['nat'].remove_rule(c, r) ri.iptables_manager.apply() def internal_network_nat_rules(self, ex_gw_ip, internal_cidr): rules = [('snat', '-s %s -j SNAT --to-source %s' % (internal_cidr, ex_gw_ip))] if self.conf.metadata_ip: rules.append(('POSTROUTING', '-s %s -d %s/32 -j ACCEPT' % (internal_cidr, self.conf.metadata_ip))) return rules def floating_ip_added(self, ri, ex_gw_port, floating_ip, fixed_ip): ip_cidr = str(floating_ip) + '/32' interface_name = self.get_external_device_name(ex_gw_port['id']) device = ip_lib.IPDevice(interface_name, self.conf.root_helper, namespace=ri.ns_name()) if not ip_cidr in [addr['cidr'] for addr in device.addr.list()]: net = netaddr.IPNetwork(ip_cidr) device.addr.add(net.version, ip_cidr, str(net.broadcast)) self._send_gratuitous_arp_packet(ri, interface_name, floating_ip) for chain, rule in self.floating_forward_rules(floating_ip, fixed_ip): ri.iptables_manager.ipv4['nat'].add_rule(chain, rule) ri.iptables_manager.apply() def floating_ip_removed(self, ri, ex_gw_port, floating_ip, fixed_ip): ip_cidr = str(floating_ip) + '/32' net = netaddr.IPNetwork(ip_cidr) interface_name = self.get_external_device_name(ex_gw_port['id']) device = ip_lib.IPDevice(interface_name, self.conf.root_helper, namespace=ri.ns_name()) device.addr.delete(net.version, ip_cidr) for chain, rule in self.floating_forward_rules(floating_ip, fixed_ip): ri.iptables_manager.ipv4['nat'].remove_rule(chain, rule) ri.iptables_manager.apply() def floating_forward_rules(self, floating_ip, fixed_ip): return [('PREROUTING', '-d %s -j DNAT --to %s' % (floating_ip, fixed_ip)), ('OUTPUT', '-d %s -j DNAT --to %s' % (floating_ip, fixed_ip)), ('float-snat', '-s %s -j SNAT --to %s' % (fixed_ip, floating_ip))]
import tempfile import textwrap import netaddr from quantum.agent.linux import ip_lib from quantum.agent.linux import utils from quantum.openstack.common import cfg from quantum.openstack.common import importutils from quantum.openstack.common import jsonutils LOG = logging.getLogger(__name__) OPTS = [ cfg.StrOpt('dhcp_confs', default='$state_path/dhcp', help='Location to store DHCP server config files'), cfg.IntOpt('dhcp_lease_time', default=120, help='Lifetime of a DHCP lease in seconds'), cfg.StrOpt('dhcp_domain', default='openstacklocal', help='Domain to use for building the hostnames'), cfg.StrOpt('dnsmasq_config_file', help='Override the default dnsmasq settings with this file'), cfg.StrOpt('dnsmasq_dns_server', help='Use another DNS server before any in /etc/resolv.conf.'), ] IPV4 = 4 IPV6 = 6
default=-1, help='default number of resource allowed per tenant, ' 'minus for unlimited'), cfg.IntOpt('quota_network', default=10, help='number of networks allowed per tenant,' 'minus for unlimited'), cfg.IntOpt('quota_subnet', default=10, help='number of subnets allowed per tenant, ' 'minus for unlimited'), cfg.IntOpt('quota_port', default=50, help='number of ports allowed per tenant, minus for unlimited'), cfg.StrOpt('quota_driver', default='quantum.quota.ConfDriver', help='default driver to use for quota checks'), ] # Register the configuration options cfg.CONF.register_opts(quota_opts, 'QUOTAS') class ConfDriver(object): """ Driver to perform necessary checks to enforce quotas and obtain quota information. The default driver utilizes the default values in quantum.conf. """ def _get_quotas(self, context, resources, keys): """ A helper method which retrieves the quotas for the specific
""" import os import sys from paste import deploy from quantum.api.v2 import attributes from quantum.openstack.common import cfg from quantum.openstack.common import log as logging from quantum.version import version_info as quantum_version LOG = logging.getLogger(__name__) core_opts = [ cfg.StrOpt('bind_host', default='0.0.0.0'), cfg.IntOpt('bind_port', default=9696), cfg.StrOpt('api_paste_config', default="api-paste.ini"), cfg.StrOpt('api_extensions_path', default=""), cfg.StrOpt('policy_file', default="policy.json"), cfg.StrOpt('auth_strategy', default='keystone'), cfg.StrOpt('core_plugin', default='quantum.plugins.sample.SamplePlugin.FakePlugin'), cfg.ListOpt('service_plugins', default=[]), cfg.StrOpt('base_mac', default="fa:16:3e:00:00:00"), cfg.IntOpt('mac_generation_retries', default=16), cfg.BoolOpt('allow_bulk', default=True), cfg.IntOpt('max_dns_nameservers', default=5), cfg.IntOpt('max_subnet_host_routes', default=20), cfg.StrOpt('state_path', default='.'), cfg.IntOpt('dhcp_lease_duration', default=120),
import os import stat import sys import traceback from quantum.openstack.common import cfg from quantum.openstack.common.gettextutils import _ from quantum.openstack.common import jsonutils from quantum.openstack.common import local from quantum.openstack.common import notifier log_opts = [ cfg.StrOpt('logging_context_format_string', default='%(asctime)s %(levelname)s %(name)s [%(request_id)s ' '%(user_id)s %(project_id)s] %(instance)s' '%(message)s', help='format string to use for log messages with context'), cfg.StrOpt('logging_default_format_string', default='%(asctime)s %(levelname)s %(name)s [-] %(instance)s' '%(message)s', help='format string to use for log messages without context'), cfg.StrOpt('logging_debug_format_suffix', default='from (pid=%(process)d) %(funcName)s ' '%(pathname)s:%(lineno)d', help='data to append to log format when level is DEBUG'), cfg.StrOpt('logging_exception_prefix', default='%(asctime)s TRACE %(name)s %(instance)s', help='prefix each line of exception output with this format'), cfg.ListOpt('default_log_levels', default=[
""" import logging import logging.handlers import os import sys from paste import deploy from quantum.openstack.common import cfg from quantum.version import version_string LOG = logging.getLogger(__name__) bind_opts = [ cfg.StrOpt('bind_host', default='0.0.0.0'), cfg.IntOpt('bind_port', default=9696), cfg.StrOpt('api_paste_config', default="api-paste.ini"), cfg.StrOpt('api_extensions_path', default=""), cfg.StrOpt('core_plugin', default='quantum.plugins.sample.SamplePlugin.FakePlugin'), cfg.StrOpt('base_mac', default="fa:16:3e:00:00:00"), cfg.IntOpt('mac_generation_retries', default=16) ] # Register the configuration options cfg.CONF.register_opts(bind_opts) def parse(args): cfg.CONF(args=args,
import logging import logging.handlers import os import sys from paste import deploy from quantum.api.v2 import attributes from quantum.openstack.common import cfg from quantum.version import version_string LOG = logging.getLogger(__name__) core_opts = [ cfg.StrOpt('bind_host', default='0.0.0.0'), cfg.IntOpt('bind_port', default=9696), cfg.StrOpt('api_paste_config', default="api-paste.ini"), cfg.StrOpt('api_extensions_path', default=""), cfg.StrOpt('policy_file', default="policy.json"), cfg.StrOpt('auth_strategy', default='keystone'), cfg.StrOpt('core_plugin', default='quantum.plugins.sample.SamplePlugin.FakePlugin'), cfg.StrOpt('base_mac', default="fa:16:3e:00:00:00"), cfg.IntOpt('mac_generation_retries', default=16), cfg.BoolOpt('allow_bulk', default=True), cfg.IntOpt('max_dns_nameservers', default=5), cfg.IntOpt('max_subnet_host_routes', default=20), cfg.StrOpt('state_path', default='.'), cfg.IntOpt('dhcp_lease_duration', default=120), ]
exceptions.OutOfBoundsAllocationPool: webob.exc.HTTPBadRequest, exceptions.InvalidAllocationPool: webob.exc.HTTPBadRequest, exceptions.InvalidSharedSetting: webob.exc.HTTPConflict, exceptions.HostRoutesExhausted: webob.exc.HTTPBadRequest, exceptions.DNSNameServersExhausted: webob.exc.HTTPBadRequest, } QUOTAS = quota.QUOTAS def _get_hostname(): return socket.gethostname() # Register the configuration options cfg.CONF.register_opt(cfg.StrOpt('host', default=_get_hostname())) def _fields(request): """ Extracts the list of fields to return """ return [v for v in request.GET.getall('fields') if v] def _filters(request, attr_info): """ Extracts the filters from the request string Returns a dict of lists for the filters:
import eventlet import greenlet import qpid.messaging import qpid.messaging.exceptions from quantum.openstack.common import cfg from quantum.openstack.common.gettextutils import _ from quantum.openstack.common import jsonutils from quantum.openstack.common.rpc import amqp as rpc_amqp from quantum.openstack.common.rpc import common as rpc_common LOG = logging.getLogger(__name__) qpid_opts = [ cfg.StrOpt('qpid_hostname', default='localhost', help='Qpid broker hostname'), cfg.StrOpt('qpid_port', default='5672', help='Qpid broker port'), cfg.StrOpt('qpid_username', default='', help='Username for qpid connection'), cfg.StrOpt('qpid_password', default='', help='Password for qpid connection'), cfg.StrOpt('qpid_sasl_mechanisms', default='', help='Space separated list of SASL mechanisms to use for auth'), cfg.IntOpt('qpid_heartbeat', default=60, help='Seconds between connection keepalive heartbeats'), cfg.StrOpt('qpid_protocol',
from quantum.openstack.common import context from quantum.openstack.common.gettextutils import _ from quantum.openstack.common import importutils from quantum.openstack.common import jsonutils from quantum.openstack.common import log as logging from quantum.openstack.common import timeutils LOG = logging.getLogger(__name__) notifier_opts = [ cfg.MultiStrOpt('notification_driver', default=[], deprecated_name='list_notifier_drivers', help='Driver or drivers to handle sending notifications'), cfg.StrOpt('default_notification_level', default='INFO', help='Default notification level for outgoing notifications'), cfg.StrOpt('default_publisher_id', default='$host', help='Default publisher_id for outgoing notifications'), ] CONF = cfg.CONF CONF.register_opts(notifier_opts) WARN = 'WARN' INFO = 'INFO' ERROR = 'ERROR' CRITICAL = 'CRITICAL' DEBUG = 'DEBUG'
# Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from quantum.openstack.common import cfg database_opts = [ cfg.StrOpt('sql_connection', default='sqlite://'), cfg.IntOpt('reconnect_interval', default=2), ] ovs_opts = [ cfg.BoolOpt('enable_tunneling', default=False), cfg.StrOpt('integration_bridge', default='br-int'), cfg.StrOpt('tunnel_bridge', default='br-tun'), cfg.StrOpt('local_ip', default='10.0.0.3'), cfg.IntOpt('vlan_min', default=1), cfg.IntOpt('vlan_max', default=4094), ] agent_opts = [ cfg.IntOpt('polling_interval', default=2), cfg.StrOpt('root_helper', default='sudo'),
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. # # @author: Sumit Naiksatam, Cisco Systems, Inc. # @author: Rohit Agarwalla, Cisco Systems, Inc. from quantum.openstack.common import cfg vlan_opts = [ cfg.IntOpt('vlan_start', default=1000), cfg.IntOpt('vlan_end', default=3000), ] database_opts = [ cfg.StrOpt('sql_connection', default='sqlite://'), cfg.IntOpt('reconnect_interval', default=2), ] bridge_opts = [ cfg.StrOpt('physical_interface', default='eth1'), ] agent_opts = [ cfg.IntOpt('polling_interval', default=2), cfg.StrOpt('root_helper', default='sudo'), ] def parse(config_file): conf = cfg.ConfigOpts(default_config_files=[config_file])
The MatchMaker classes should except a Topic or Fanout exchange key and return keys for direct exchanges, per (approximate) AMQP parlance. """ import contextlib import itertools import json import logging from quantum.openstack.common import cfg from quantum.openstack.common.gettextutils import _ matchmaker_opts = [ # Matchmaker ring file cfg.StrOpt('matchmaker_ringfile', default='/etc/nova/matchmaker_ring.json', help='Matchmaker ring file (JSON)'), ] CONF = cfg.CONF CONF.register_opts(matchmaker_opts) LOG = logging.getLogger(__name__) contextmanager = contextlib.contextmanager class MatchMakerException(Exception): """Signified a match could not be found.""" message = _("Match not found by MatchMaker.") class Exchange(object):
import webob.exc as w_exc from quantum.api.v2 import attributes from quantum.common import exceptions as q_exc from quantum.common import utils from quantum.db import db_base_plugin_v2 from quantum.db import model_base from quantum.db import models_v2 from quantum.extensions import l3 from quantum.openstack.common import cfg from quantum import policy LOG = logging.getLogger(__name__) l3_opts = [ cfg.StrOpt('metadata_ip_address', default='127.0.0.1'), cfg.IntOpt('metadata_port', default=8775) ] # Register the configuration options cfg.CONF.register_opts(l3_opts) DEVICE_OWNER_ROUTER_INTF = "network:router_interface" DEVICE_OWNER_ROUTER_GW = "network:router_gateway" DEVICE_OWNER_FLOATINGIP = "network:floatingip" class Router(model_base.BASEV2, models_v2.HasId, models_v2.HasTenant): """Represents a v2 quantum router.""" name = sa.Column(sa.String(255)) status = sa.Column(sa.String(16))
# Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. from quantum.openstack.common import cfg database_opts = [ cfg.StrOpt('sql_connection', default='sqlite://'), cfg.IntOpt('sql_max_retries', default=-1), cfg.IntOpt('reconnect_interval', default=2), ] ovs_opts = [ cfg.StrOpt('integration_bridge', default='br-int'), cfg.StrOpt('openflow_controller', default='127.0.0.1:6633'), cfg.StrOpt('openflow_rest_api', default='127.0.0.1:8080'), cfg.IntOpt('tunnel_key_min', default=1), cfg.IntOpt('tunnel_key_max', default=0xffffff), cfg.StrOpt('tunnel_ip', default=None), cfg.StrOpt('tunnel_interface', default=None), cfg.IntOpt('ovsdb_port', default=6634), cfg.StrOpt('ovsdb_ip', default=None), cfg.StrOpt('ovsdb_interface', default=None),
import eventlet import greenlet import kombu import kombu.connection import kombu.entity import kombu.messaging from quantum.openstack.common import cfg from quantum.openstack.common.gettextutils import _ from quantum.openstack.common import network_utils from quantum.openstack.common.rpc import amqp as rpc_amqp from quantum.openstack.common.rpc import common as rpc_common kombu_opts = [ cfg.StrOpt('kombu_ssl_version', default='', help='SSL version to use (valid only if SSL enabled)'), cfg.StrOpt('kombu_ssl_keyfile', default='', help='SSL key file (valid only if SSL enabled)'), cfg.StrOpt('kombu_ssl_certfile', default='', help='SSL cert file (valid only if SSL enabled)'), cfg.StrOpt('kombu_ssl_ca_certs', default='', help=('SSL certification authority file ' '(valid only if SSL enabled)')), cfg.StrOpt('rabbit_host', default='localhost', help='The RabbitMQ broker address where a single node is used'), cfg.IntOpt('rabbit_port',
import socket import sys import urlparse import eventlet import httplib2 import webob from quantum.agent.linux import daemon from quantum.common import config from quantum.openstack.common import cfg from quantum.openstack.common import log as logging from quantum import wsgi proxy_socket = cfg.StrOpt('metadata_proxy_socket', default='$state_path/metadata_proxy', help='Location of Metadata Proxy UNIX domain socket') cfg.CONF.register_opt(proxy_socket) LOG = logging.getLogger(__name__) class UnixDomainHTTPConnection(httplib.HTTPConnection): """Connection class for HTTP over UNIX domain socket.""" def __init__(self, host, port=None, strict=None, timeout=None, proxy_info=None):