def create(self, context, member): """ Create a loadbalancer_member object. """ m = member['member'] try: pool = self._api.loadbalancer_pool_read(id=m['pool_id']) except NoIdError: raise loadbalancer.PoolNotFound(pool_id=m['pool_id']) tenant_id = self._get_tenant_id_for_create(context, m) if str(uuid.UUID(tenant_id)) != pool.parent_uuid: raise n_exc.NotAuthorized() obj_uuid = uuidutils.generate_uuid() props = self.make_properties(m) id_perms = IdPermsType(enable=True) member_db = LoadbalancerMember(obj_uuid, pool, loadbalancer_member_properties=props, id_perms=id_perms) member_db.uuid = obj_uuid self._api.loadbalancer_member_create(member_db) return self.make_dict(member_db)
def create(self, context, loadbalancer): """ Create a loadbalancer. """ l = loadbalancer['loadbalancer'] tenant_id = self._get_tenant_id_for_create(context, l) project = self._project_read(project_id=tenant_id) obj_uuid = uuidutils.generate_uuid() name = self._get_resource_name('loadbalancer', project, l['name'], obj_uuid) id_perms = IdPermsType(enable=True, description=l['description']) lb = Loadbalancer(name, project, id_perms=id_perms, display_name=l['name']) lb.uuid = obj_uuid vmi, vip_address = self._create_virtual_interface(project, obj_uuid, l['vip_subnet_id'], l.get('vip_address')) lb.set_virtual_machine_interface(vmi) props = self.make_properties(l) props.set_vip_address(vip_address) lb.set_loadbalancer_properties(props) self._api.loadbalancer_create(lb) return self.make_dict(lb)
def test_vip_get(self): def get_vip(*args, **kwargs): return self.loadbalancer.get_vip(*args, **kwargs) self.plugin.return_value.get_vip.side_effect = get_vip vip_id = _uuid() id_perms = IdPermsType(uuid=vip_id, enable=True) props = self._virtual_ip_properties_build() vip = VirtualIp(virtual_ip_properties=props, id_perms=id_perms, display_name='vip1') vip.parent_uuid = _uuid() vip.uuid = vip_id instance = self.api_server instance.virtual_ip_read.return_value = vip return_value = { 'name': 'vip1', 'admin_state_up': True, 'tenant_id': vip.parent_uuid, 'status': "ACTIVE", 'id': vip_id } res = self.api.get(_get_path('lb/vips', id=vip_id, fmt=self.fmt)) self.assertEqual(res.status_int, exc.HTTPOk.code) res = self.deserialize(res) self.assertIn('vip', res) self.assertDictContainsSubset(return_value, res['vip'])
def create(self, context, loadbalancer): """ Create a loadbalancer. """ l = loadbalancer['loadbalancer'] if (l['provider'] == ATTR_NOT_SPECIFIED): l['provider'] = "opencontrail" sas_obj = self.check_provider_exists(l['provider']) tenant_id = self._get_tenant_id_for_create(context, l) project = self._project_read(project_id=tenant_id) obj_uuid = uuidutils.generate_uuid() name = self._get_resource_name('loadbalancer', project, l['name'], obj_uuid) id_perms = IdPermsType(enable=True, description=l['description']) lb = Loadbalancer(name, project, uuid=obj_uuid, loadbalancer_provider=l['provider'], id_perms=id_perms, display_name=l['name']) lb.set_service_appliance_set(sas_obj) vmi, vip_address = self._create_virtual_interface( project, obj_uuid, l['vip_subnet_id'], l.get('vip_address')) lb.set_virtual_machine_interface(vmi) l['provisioning_status'] = 'ACTIVE' l['operating_status'] = 'ONLINE' props = self.make_properties(l) props.set_vip_address(vip_address) lb.set_loadbalancer_properties(props) self._api.loadbalancer_create(lb) return self.make_dict(lb)
def create(self, context, healthmonitor): """ Create a loadbalancer_healtmonitor object. """ m = healthmonitor['healthmonitor'] tenant_id = self._get_tenant_id_for_create(context, m) project = self._project_read(project_id=tenant_id) uuid = uuidutils.generate_uuid() props = self.make_properties(m) id_perms = IdPermsType(enable=True) monitor_db = LoadbalancerHealthmonitor( uuid, project, loadbalancer_healthmonitor_properties=props, id_perms=id_perms, display_name=m['name']) monitor_db.uuid = uuid try: pool = self._api.loadbalancer_pool_read(id=m['pool_id']) except NoIdError: raise loadbalancerv2.EntityNotFound(name='Pool', id=m['pool_id']) exist_hm_refs = pool.get_loadbalancer_healthmonitor_refs() if exist_hm_refs is not None: raise loadbalancerv2.OneHealthMonitorPerPool( pool_id=m['pool_id'], hm_id=exist_hm_refs[0]['uuid']) self._api.loadbalancer_healthmonitor_create(monitor_db) self._api.ref_update('loadbalancer-pool', m['pool_id'], 'loadbalancer-healthmonitor', uuid, None, 'ADD') return self.make_dict(monitor_db)
def create(self, context, pool): """ Create a loadbalancer_pool object. """ p = pool['pool'] tenant_id = self._get_tenant_id_for_create(context, p) project = self._project_read(project_id=tenant_id) uuid = uuidutils.generate_uuid() name = self._get_resource_name('loadbalancer-pool', project, p['name'], uuid) props = self.make_properties(p) id_perms = IdPermsType(uuid=uuid, enable=True, description=p['description']) pool = LoadbalancerPool(name, project, loadbalancer_pool_properties=props, loadbalancer_pool_provider=p['provider'], id_perms=id_perms, display_name=p['name']) pool.uuid = uuid if p['health_monitors']: for hm in p['health_monitors']: try: mon = self._api.loadbalancer_healthmonitor_read(id=hm) except NoIdError: raise loadbalancer.HealthMonitorNotFound(monitor_id=hm) pool.add_loadbalancer_healthmonitor(mon) self._api.loadbalancer_pool_create(pool) return self.make_dict(pool)
def create(self, context, listener): l = listener['listener'] tenant_id = self._get_tenant_id_for_create(context, l) project = self._project_read(project_id=tenant_id) if l['loadbalancer_id']: try: lb = self._api.loadbalancer_read(id=l['loadbalancer_id']) except NoIdError: raise loadbalancer.EntityNotFound(id=v['loadbalancer_id']) project_id = lb.parent_uuid if str(uuid.UUID(tenant_id)) != project_id: raise n_exc.NotAuthorized() else: lb = None obj_uuid = uuidutils.generate_uuid() name = self._get_resource_name('listener', project, l['name'], obj_uuid) id_perms = IdPermsType(enable=True, description=l['description']) ll = LoadbalancerListener(name, project, id_perms=id_perms, display_name=l['name']) ll.uuid = obj_uuid if lb: ll.set_loadbalancer(lb) props = self.make_properties(l) ll.set_loadbalancer_listener_properties(props) self._api.loadbalancer_listener_create(ll) return self.make_dict(ll)
def _create_member(self, member_id, pool_id): id_perms = IdPermsType(uuid=member_id, enable=True) props = self._loadbalancer_member_properties_build() member = LoadbalancerMember(loadbalancer_member_properties=props, id_perms=id_perms) member.uuid = member_id member.parent_uuid = pool_id return member
def _create_monitor(self, health_monitor_id, tenant_id): id_perms = IdPermsType(uuid=health_monitor_id, enable=True) props = self._loadbalancer_healthmonitor_properties_build() monitor = LoadbalancerHealthmonitor( health_monitor_id, loadbalancer_healthmonitor_properties=props, id_perms=id_perms) monitor.parent_uuid = tenant_id monitor.uuid = health_monitor_id return monitor
def _create_pool(self, pool_id, tenant_id=None): if tenant_id is None: tenant_id = _uuid() id_perms = IdPermsType(uuid=pool_id, enable=True) props = self._loadbalancer_pool_properties_build() pool = LoadbalancerPool(loadbalancer_pool_properties=props, id_perms=id_perms, display_name='pool1') pool.parent_uuid = tenant_id pool.uuid = pool_id return pool
def create(self, context, vip): """ Create a VIP. """ v = vip['vip'] tenant_id = self._get_tenant_id_for_create(context, v) project = self._project_read(project_id=tenant_id) if v['pool_id']: try: pool = self._api.loadbalancer_pool_read(id=v['pool_id']) except NoIdError: raise loadbalancer.PoolNotFound(pool_id=v['pool_id']) project_id = pool.parent_uuid if str(uuid.UUID(tenant_id)) != project_id: raise n_exc.NotAuthorized() protocol = pool.get_loadbalancer_pool_properties().get_protocol() if protocol != v['protocol']: raise loadbalancer.ProtocolMismatch(vip_proto=v['protocol'], pool_proto=protocol) if pool.get_virtual_ip_back_refs(): raise loadbalancer.VipExists(pool_id=v['pool_id']) else: pool = None obj_uuid = uuidutils.generate_uuid() name = self._get_resource_name('virtual-ip', project, v['name'], obj_uuid) id_perms = IdPermsType(enable=True, description=v['description']) vip = VirtualIp(name, project, id_perms=id_perms, display_name=v['name']) vip.uuid = obj_uuid if pool: vip.set_loadbalancer_pool(pool) vmi, vip_address = self._create_virtual_interface( project, obj_uuid, v['subnet_id'], v.get('address')) vip.set_virtual_machine_interface(vmi) props = self.make_properties(v) props.set_address(vip_address) vip.set_virtual_ip_properties(props) self._api.virtual_ip_create(vip) return self.make_dict(vip)
def create(self, context, pool): """ Create a loadbalancer_pool object. """ p = pool['pool'] tenant_id = self._get_tenant_id_for_create(context, p) project = self._project_read(project_id=tenant_id) if p['listener_id']: try: ll = self._api.loadbalancer_listener_read(id=p['listener_id']) except NoIdError: raise loadbalancerv2.EntityNotFound(name='Listener', id=p['listener_id']) project_id = ll.parent_uuid if str(uuid.UUID(tenant_id)) != project_id: raise NotAuthorized() else: ll = None pool_uuid = uuidutils.generate_uuid() name = self._get_resource_name('loadbalancer-pool', project, p['name'], pool_uuid) props = self.make_properties(p) id_perms = IdPermsType(enable=True, description=p['description']) pool = LoadbalancerPool(name, project, uuid=pool_uuid, loadbalancer_pool_properties=props, id_perms=id_perms, display_name=p['name']) if ll: pool_exists = ll.get_loadbalancer_pool_back_refs() if pool_exists is not None: raise loadbalancerv2.OnePoolPerListener( listener_id=p['listener_id'], pool_id=pool_exists[0]['uuid']) pool.set_loadbalancer_listener(ll) # Custom attributes if p['custom_attributes'] != ATTR_NOT_SPECIFIED: custom_attributes = KeyValuePairs() self.create_update_custom_attributes(p['custom_attributes'], custom_attributes) pool.set_loadbalancer_pool_custom_attributes(custom_attributes) self._api.loadbalancer_pool_create(pool) return self.make_dict(pool)
def create(self, context, vip): """ Create a VIP. """ v = vip['vip'] tenant_id = self._get_tenant_id_for_create(context, v) project = self._project_read(project_id=tenant_id) if v['pool_id']: try: pool = self._api.loadbalancer_pool_read(id=v['pool_id']) except NoIdError: raise loadbalancer.PoolNotFound(pool_id=v['pool_id']) project_id = pool.parent_uuid if tenant_id != project_id: raise n_exc.NotAuthorized() # TODO: check that the pool has no vip configured # if pool.protocol != v['protocol']: # raise loadbalancer.ProtocolMismatch( # vip_proto=v['protocol'], pool_proto=pool.protocol) else: pool = None uuid = uuidutils.generate_uuid() name = self._get_resource_name('virtual-ip', project, v['name'], uuid) props = self.make_properties(v) id_perms = IdPermsType(uuid=uuid, enable=True, description=v['description']) vip = VirtualIp(name, project, virtual_ip_properties=props, id_perms=id_perms, display_name=v['name']) vip.uuid = uuid if pool: vip.set_loadbalancer_pool(pool) vmi = self._create_virtual_interface(project, uuid, v['subnet_id'], v.get('address')) vip.set_virtual_machine_interface(vmi) self._api.virtual_ip_create(vip) return self.make_dict(vip)
def create(self, context, health_monitor): """ Create a loadbalancer_healtmonitor object. """ m = health_monitor['health_monitor'] tenant_id = self._get_tenant_id_for_create(context, m) project = self._project_read(project_id=tenant_id) uuid = uuidutils.generate_uuid() props = self.make_properties(m) id_perms = IdPermsType(enable=True) monitor_db = LoadbalancerHealthmonitor( uuid, project, loadbalancer_healthmonitor_properties=props, id_perms=id_perms) monitor_db.uuid = uuid self._api.loadbalancer_healthmonitor_create(monitor_db) return self.make_dict(monitor_db)
def create_security_group(self, proj_obj): def _get_rule(ingress, sg, prefix, ethertype): sgr_uuid = str(uuid.uuid4()) if sg: addr = AddressType(security_group=proj_obj.get_fq_name_str() + ':' + sg) elif prefix: addr = AddressType(subnet=SubnetType(prefix, 0)) local_addr = AddressType(security_group='local') if ingress: src_addr = addr dst_addr = local_addr else: src_addr = local_addr dst_addr = addr rule = PolicyRuleType(rule_uuid=sgr_uuid, direction='>', protocol='any', src_addresses=[src_addr], src_ports=[PortType(0, 65535)], dst_addresses=[dst_addr], dst_ports=[PortType(0, 65535)], ethertype=ethertype) return rule rules = [] rules.append(_get_rule(True, 'default', None, 'IPv4')) rules.append(_get_rule(True, 'default', None, 'IPv6')) sg_rules = PolicyEntriesType(rules) # create security group id_perms = IdPermsType( enable=True, description=KMTestCase.DEFAULT_SECGROUP_DESCRIPTION) sg_obj = SecurityGroup(name='default', parent_obj=proj_obj, id_perms=id_perms, security_group_entries=sg_rules) self._vnc_lib.security_group_create(sg_obj) self._vnc_lib.chown(sg_obj.get_uuid(), proj_obj.get_uuid()) return sg_obj
def create(self, context, pool): """ Create a loadbalancer_pool object. """ p = pool['pool'] try: sas_fq_name = ["default-global-system-config"] sas_fq_name.append(p['provider']) sas_obj = self._api.service_appliance_set_read(fq_name=sas_fq_name) except NoIdError: raise pconf.ServiceProviderNotFound( provider=p['provider'], service_type=constants.LOADBALANCER) tenant_id = self._get_tenant_id_for_create(context, p) project = self._project_read(project_id=tenant_id) uuid = uuidutils.generate_uuid() name = self._get_resource_name('loadbalancer-pool', project, p['name'], uuid) props = self.make_properties(p) id_perms = IdPermsType(enable=True, description=p['description']) pool = LoadbalancerPool(name, project, loadbalancer_pool_properties=props, loadbalancer_pool_provider=p['provider'], id_perms=id_perms, display_name=p['name']) pool.uuid = uuid if p['health_monitors']: for hm in p['health_monitors']: try: mon = self._api.loadbalancer_healthmonitor_read(id=hm) except NoIdError: raise loadbalancer.HealthMonitorNotFound(monitor_id=hm) pool.add_loadbalancer_healthmonitor(mon) pool.set_service_appliance_set(sas_obj) self._api.loadbalancer_pool_create(pool) return self.make_dict(pool)
def update_object(self, member_db, id, m): if 'pool_id' in m and self._get_member_pool_id( member_db) != m['pool_id']: try: pool = self._api.loadbalancer_pool_read(id=m['pool_id']) except NoIdError: raise loadbalancer.PoolNotFound(pool_id=m['pool_id']) db_props = member_db.get_loadbalancer_member_properties() members = pool.get_loadbalancer_members() for member in members or []: member_obj = self._api.loadbalancer_member_read( id=member['uuid']) props = member_obj.get_loadbalancer_member_properties() if ((props.get_address() == db_props.get_address()) and (props.get_protocol_port() == db_props.get_protocol_port())): raise loadbalancer.MemberExists( address=props.get_address(), port=props.get_protocol_port(), pool=m['pool_id']) # delete member from old pool props = member_db.get_loadbalancer_member_properties() obj_uuid = member_db.uuid self._api.loadbalancer_member_delete(id=member_db.uuid) # create member for the new pool with same uuid and props id_perms = IdPermsType(enable=True) member_obj = LoadbalancerMember( obj_uuid, pool, loadbalancer_member_properties=props, id_perms=id_perms) member_obj.uuid = obj_uuid self._api.loadbalancer_member_create(member_obj) return True return False
"VmRenamedEvent", "VmReconfiguredEvent", "VmRegisteredEvent", "VmRemovedEvent", "DVPortgroupCreatedEvent", "DVPortgroupReconfiguredEvent", "DVPortgroupRenamedEvent", "DVPortgroupDestroyedEvent", ] VM_UPDATE_FILTERS = ["runtime.host"] WAIT_FOR_UPDATE_TIMEOUT = 20 SUPERVISOR_TIMEOUT = 25 WAIT_FOR_VM_RETRY = 10 TEMP_VM_RENAME_PHRASES = ["vmfs", "volumes"] HISTORY_COLLECTOR_PAGE_SIZE = 1000 VNC_PROJECT_DOMAIN = "default-domain" VNC_PROJECT_NAME = "admin" ID_PERMS = IdPermsType(creator="vcenter-fabric-manager", enable=True) VNC_TOPOLOGY_OBJECTS = [ "node", "port", "physical_interface", "physical_router", ] TOPOLOGY_UPDATE_MESSAGE_TIMEOUT = 5
'guest.toolsRunningStatus', 'guest.net', 'runtime.powerState', ] VNC_ROOT_DOMAIN = 'default-domain' VNC_VCENTER_PROJECT = 'vCenter' VNC_VCENTER_IPAM = 'vCenter-ipam' VNC_VCENTER_IPAM_FQN = [VNC_ROOT_DOMAIN, VNC_VCENTER_PROJECT, VNC_VCENTER_IPAM] VNC_VCENTER_DEFAULT_SG = 'default' VNC_VCENTER_DEFAULT_SG_FQN = [VNC_ROOT_DOMAIN, VNC_VCENTER_PROJECT, VNC_VCENTER_DEFAULT_SG] CONTRAIL_VM_NAME = 'ContrailVM' CONTRAIL_NETWORK = 'VM-PG' VLAN_ID_RANGE_START = 1 VLAN_ID_RANGE_END = 4095 ID_PERMS_CREATOR = 'vcenter-manager' ID_PERMS = IdPermsType(creator=ID_PERMS_CREATOR, enable=True) SET_VLAN_ID_RETRY_LIMIT = 2 WAIT_FOR_PORT_RETRY_TIME = 1 # 1s WAIT_FOR_PORT_RETRY_LIMIT = int(old_div(30,WAIT_FOR_PORT_RETRY_TIME)) # Timeout after 30s WAIT_FOR_UPDATE_TIMEOUT = 60 SUPERVISOR_TIMEOUT = 80 HISTORY_COLLECTOR_PAGE_SIZE = 1000 VMFS = 'vmfs'
def _update_security_groups(self, ns_name, proj_obj, network_policy): def _get_rule(ingress, sg, prefix, ethertype): sgr_uuid = str(uuid.uuid4()) if sg: if ':' not in sg: sg_fq_name = proj_obj.get_fq_name_str() + ':' + sg else: sg_fq_name = sg addr = AddressType(security_group=sg_fq_name) elif prefix: addr = AddressType(subnet=SubnetType(prefix, 0)) local_addr = AddressType(security_group='local') if ingress: src_addr = addr dst_addr = local_addr else: src_addr = local_addr dst_addr = addr rule = PolicyRuleType(rule_uuid=sgr_uuid, direction='>', protocol='any', src_addresses=[src_addr], src_ports=[PortType(0, 65535)], dst_addresses=[dst_addr], dst_ports=[PortType(0, 65535)], ethertype=ethertype) return rule sg_dict = {} # create default security group sg_name = "-".join( [vnc_kube_config.cluster_name(), ns_name, 'default']) DEFAULT_SECGROUP_DESCRIPTION = "Default security group" id_perms = IdPermsType(enable=True, description=DEFAULT_SECGROUP_DESCRIPTION) rules = [] ingress = True egress = True if network_policy and 'ingress' in network_policy: ingress_policy = network_policy['ingress'] if ingress_policy and 'isolation' in ingress_policy: isolation = ingress_policy['isolation'] if isolation == 'DefaultDeny': ingress = False if ingress: rules.append(_get_rule(True, None, '0.0.0.0', 'IPv4')) rules.append(_get_rule(True, None, '::', 'IPv6')) if egress: rules.append(_get_rule(False, None, '0.0.0.0', 'IPv4')) rules.append(_get_rule(False, None, '::', 'IPv6')) sg_rules = PolicyEntriesType(rules) sg_obj = SecurityGroup(name=sg_name, parent_obj=proj_obj, id_perms=id_perms, security_group_entries=sg_rules) SecurityGroupKM.add_annotations(self, sg_obj, namespace=ns_name, name=sg_obj.name, k8s_type=self._k8s_event_type) try: self._vnc_lib.security_group_create(sg_obj) self._vnc_lib.chown(sg_obj.get_uuid(), proj_obj.get_uuid()) except RefsExistError: self._vnc_lib.security_group_update(sg_obj) sg_obj = self._vnc_lib.security_group_read(sg_obj.fq_name) sg_uuid = sg_obj.get_uuid() SecurityGroupKM.locate(sg_uuid) sg_dict[sg_name] = sg_uuid # create namespace security group ns_sg_name = "-".join([vnc_kube_config.cluster_name(), ns_name, 'sg']) NAMESPACE_SECGROUP_DESCRIPTION = "Namespace security group" id_perms = IdPermsType(enable=True, description=NAMESPACE_SECGROUP_DESCRIPTION) sg_obj = SecurityGroup(name=ns_sg_name, parent_obj=proj_obj, id_perms=id_perms, security_group_entries=None) SecurityGroupKM.add_annotations(self, sg_obj, namespace=ns_name, name=sg_obj.name, k8s_type=self._k8s_event_type) try: self._vnc_lib.security_group_create(sg_obj) self._vnc_lib.chown(sg_obj.get_uuid(), proj_obj.get_uuid()) except RefsExistError: pass sg_obj = self._vnc_lib.security_group_read(sg_obj.fq_name) sg_uuid = sg_obj.get_uuid() SecurityGroupKM.locate(sg_uuid) sg_dict[ns_sg_name] = sg_uuid return sg_dict
def _update_security_groups(self, ns_name, proj_obj): def _get_rule(ingress, sg, prefix, ethertype): sgr_uuid = str(uuid.uuid4()) if sg: if ':' not in sg: sg_fq_name = proj_obj.get_fq_name_str() + ':' + sg else: sg_fq_name = sg addr = AddressType(security_group=sg_fq_name) elif prefix: addr = AddressType(subnet=SubnetType(prefix, 0)) local_addr = AddressType(security_group='local') if ingress: src_addr = addr dst_addr = local_addr else: src_addr = local_addr dst_addr = addr rule = PolicyRuleType(rule_uuid=sgr_uuid, direction='>', protocol='any', src_addresses=[src_addr], src_ports=[PortType(0, 65535)], dst_addresses=[dst_addr], dst_ports=[PortType(0, 65535)], ethertype=ethertype) return rule # create default security group sg_name = vnc_kube_config.get_default_sg_name(ns_name) DEFAULT_SECGROUP_DESCRIPTION = "Default security group" id_perms = IdPermsType(enable=True, description=DEFAULT_SECGROUP_DESCRIPTION) rules = [] ingress = True egress = True if ingress: rules.append(_get_rule(True, None, '0.0.0.0', 'IPv4')) rules.append(_get_rule(True, None, '::', 'IPv6')) if egress: rules.append(_get_rule(False, None, '0.0.0.0', 'IPv4')) rules.append(_get_rule(False, None, '::', 'IPv6')) sg_rules = PolicyEntriesType(rules) sg_obj = SecurityGroup(name=sg_name, parent_obj=proj_obj, id_perms=id_perms, security_group_entries=sg_rules) SecurityGroupKM.add_annotations(self, sg_obj, namespace=ns_name, name=sg_obj.name, k8s_type=self._k8s_event_type) try: self._vnc_lib.security_group_create(sg_obj) self._vnc_lib.chown(sg_obj.get_uuid(), proj_obj.get_uuid()) except RefsExistError: self._vnc_lib.security_group_update(sg_obj) sg = SecurityGroupKM.locate(sg_obj.get_uuid()) return sg