upstream/oracle/userland-gate: components/openstack/neutron/files/agent/evs_l3

3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	1	# vim: tabstop=4 shiftwidth=4 softtabstop=4
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	2
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	3	# Copyright 2012 Nicira Networks, Inc. All rights reserved.
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	4	#
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	5	# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved.
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	6	#
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	7	# Licensed under the Apache License, Version 2.0 (the "License"); you may
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	8	# not use this file except in compliance with the License. You may obtain
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	9	# a copy of the License at
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	10	#
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	11	# http://www.apache.org/licenses/LICENSE-2.0
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	12	#
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	13	# Unless required by applicable law or agreed to in writing, software
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	14	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	15	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	16	# License for the specific language governing permissions and limitations
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	17	# under the License.
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	18	#
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	19	# @author: Dan Wendlandt, Nicira, Inc
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	20	# @author: Girish Moodalbail, Oracle, Inc.
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	21	#
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	22
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	23	"""
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	24	Based off generic l3_agent (neutron/agent/l3_agent) code
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	25	"""
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	26
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	27	import netaddr
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	28
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	29	from oslo.config import cfg
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	30
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	31	from neutron.agent import l3_agent
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	32	from neutron.agent.linux import utils
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	33	from neutron.agent.solaris import interface
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	34	from neutron.agent.solaris import ipfilters_manager
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	35	from neutron.agent.solaris import net_lib
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	36	from neutron.common import constants as l3_constants
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	37	from neutron.openstack.common import log as logging
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	38
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	39
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	40	LOG = logging.getLogger(__name__)
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	41	INTERNAL_DEV_PREFIX = 'l3i'
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	42	EXTERNAL_DEV_PREFIX = 'l3e'
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	43	FLOATING_IP_CIDR_SUFFIX = '/32'
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	44
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	45
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	46	class RouterInfo(object):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	47
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	48	def __init__(self, router_id, root_helper, use_namespaces, router):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	49	self.router_id = router_id
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	50	self.ex_gw_port = None
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	51	self._snat_enabled = None
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	52	self._snat_action = None
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	53	self.internal_ports = []
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	54	# We do not need either root_helper or namespace, so set them to None
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	55	self.root_helper = None
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	56	self.use_namespaces = None
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	57	# Invoke the setter for establishing initial SNAT action
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	58	self.router = router
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	59	self.ipfilters_manager = ipfilters_manager.IPfiltersManager()
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	60	self.routes = []
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	61
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	62	@property
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	63	def router(self):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	64	return self._router
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	65
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	66	@router.setter
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	67	def router(self, value):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	68	self._router = value
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	69	if not self._router:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	70	return
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	71	# enable_snat by default if it wasn't specified by plugin
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	72	self._snat_enabled = self._router.get('enable_snat', True)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	73	# Set a SNAT action for the router
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	74	if self._router.get('gw_port'):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	75	self._snat_action = ('add_rules' if self._snat_enabled
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	76	else 'remove_rules')
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	77	elif self.ex_gw_port:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	78	# Gateway port was removed, remove rules
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	79	self._snat_action = 'remove_rules'
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	80
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	81	def ns_name(self):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	82	pass
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	83
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	84	def perform_snat_action(self, snat_callback, *args):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	85	# Process SNAT rules for attached subnets
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	86	if self._snat_action:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	87	snat_callback(self, self._router.get('gw_port'),
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	88	*args, action=self._snat_action)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	89	self._snat_action = None
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	90
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	91
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	92	class EVSL3NATAgent(l3_agent.L3NATAgent):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	93
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	94	RouterInfo = RouterInfo
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	95
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	96	OPTS = [
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	97	cfg.StrOpt('external_network_datalink', default='net0',
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	98	help=_("Name of the datalink that connects to "
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	99	"an external network.")),
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	100	cfg.BoolOpt('allow_forwarding_between_networks', default=False,
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	101	help=_("Allow forwarding of packets between tenant's "
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	102	"networks")),
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	103	]
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	104
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	105	def __init__(self, host, conf=None):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	106	cfg.CONF.register_opts(self.OPTS)
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	107	cfg.CONF.register_opts(interface.OPTS)
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	108	super(EVSL3NATAgent, self).__init__(host=host, conf=conf)
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	109
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	110	def _router_added(self, router_id, router):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	111	ri = RouterInfo(router_id, self.root_helper,
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	112	self.conf.use_namespaces, router)
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	113	self.router_info[router_id] = ri
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	114
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	115	def _router_removed(self, router_id):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	116	ri = self.router_info[router_id]
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	117	ri.router['gw_port'] = None
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	118	ri.router[l3_constants.INTERFACE_KEY] = []
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	119	ri.router[l3_constants.FLOATINGIP_KEY] = []
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	120	self.process_router(ri)
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	121	del self.router_info[router_id]
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	122
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	123	def process_router(self, ri):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	124	ex_gw_port = self._get_ex_gw_port(ri)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	125	internal_ports = ri.router.get(l3_constants.INTERFACE_KEY, [])
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	126	existing_port_ids = set([p['id'] for p in ri.internal_ports])
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	127	current_port_ids = set([p['id'] for p in internal_ports
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	128	if p['admin_state_up']])
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	129	new_ports = [p for p in internal_ports if
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	130	p['id'] in current_port_ids and
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	131	p['id'] not in existing_port_ids]
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	132	old_ports = [p for p in ri.internal_ports if
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	133	p['id'] not in current_port_ids]
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	134	for p in new_ports:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	135	self._set_subnet_info(p)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	136	ri.internal_ports.append(p)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	137	self.internal_network_added(ri, p)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	138
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	139	for p in old_ports:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	140	ri.internal_ports.remove(p)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	141	self.internal_network_removed(ri, p)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	142
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	143	internal_cidrs = [p['ip_cidr'] for p in ri.internal_ports]
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	144	# TODO(salv-orlando): RouterInfo would be a better place for
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	145	# this logic too
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	146	ex_gw_port_id = (ex_gw_port and ex_gw_port['id'] or
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	147	ri.ex_gw_port and ri.ex_gw_port['id'])
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	148
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	149	interface_name = None
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	150	if ex_gw_port_id:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	151	interface_name = self.get_external_device_name(ex_gw_port_id)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	152	if ex_gw_port and not ri.ex_gw_port:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	153	self._set_subnet_info(ex_gw_port)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	154	self.external_gateway_added(ri, ex_gw_port,
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	155	interface_name, internal_cidrs)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	156	elif not ex_gw_port and ri.ex_gw_port:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	157	self.external_gateway_removed(ri, ri.ex_gw_port,
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	158	interface_name, internal_cidrs)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	159
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	160	# We don't need this since our IPnat rules are bi-directional
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	161	# Process SNAT rules for external gateway
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	162	# ri.perform_snat_action(self._handle_router_snat_rules,
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	163	# internal_cidrs, interface_name)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	164
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	165	# Process DNAT rules for floating IPs
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	166	if ex_gw_port:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	167	self.process_router_floating_ips(ri, ex_gw_port)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	168
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	169	ri.ex_gw_port = ex_gw_port
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	170	ri.enable_snat = ri.router.get('enable_snat')
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	171	self.routes_updated(ri)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	172
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	173	def process_router_floating_ips(self, ri, ex_gw_port):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	174	"""Configure the router's floating IPs
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	175	Configures floating ips using ipnat(1m) on the router's gateway device.
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	176
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	177	Cleans up floating ips that should not longer be configured.
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	178	"""
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	179	ifname = self.get_external_device_name(ex_gw_port['id'])
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	180	ipintf = net_lib.IPInterface(ifname)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	181	ipaddr_list = ipintf.ipaddr_list()['static']
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	182
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	183	existing_cidrs = set([addr for addr in ipaddr_list])
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	184	new_cidrs = set()
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	185
3201 6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	186	existing_nat_rules = [nat_rule for nat_rule in
6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	187	ri.ipfilters_manager.ipv4['nat']]
6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	188	new_nat_rules = []
6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	189
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	190	# Loop once to ensure that floating ips are configured.
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	191	for fip in ri.router.get(l3_constants.FLOATINGIP_KEY, []):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	192	fip_ip = fip['floating_ip_address']
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	193	fip_cidr = str(fip_ip) + FLOATING_IP_CIDR_SUFFIX
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	194	new_cidrs.add(fip_cidr)
3201 6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	195	fixed_cidr = str(fip['fixed_ip_address']) + '/32'
6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	196	nat_rule = 'bimap %s %s -> %s' % (ifname, fixed_cidr, fip_cidr)
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	197
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	198	if fip_cidr not in existing_cidrs:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	199	ipintf.create_address(fip_cidr)
3201 6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	200	ri.ipfilters_manager.add_nat_rules([nat_rule])
6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	201	new_nat_rules.append(nat_rule)
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	202
3201 6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	203	# remove all the old NAT rules
6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	204	ri.ipfilters_manager.remove_nat_rules(list(set(existing_nat_rules) -
6839f7d1f036 18686478 kstat warning every minute in nova-compute log on SPARC david.comay@oracle.com parents: 3198 diff changeset	205	set(new_nat_rules)))
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	206
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	207	# Clean up addresses that no longer belong on the gateway interface.
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	208	for ip_cidr in existing_cidrs - new_cidrs:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	209	if ip_cidr.endswith(FLOATING_IP_CIDR_SUFFIX):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	210	ipintf.delete_address(ip_cidr)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	211
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	212	def get_internal_device_name(self, port_id):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	213	# Because of the way how dnsmasq works on Solaris, the length
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	214	# of datalink name cannot exceed 16 (includes terminating nul
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	215	# character). So, the linkname can only have 15 characters and
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	216	# the last two characters are set aside for '_0'. So, we only
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	217	# have 13 characters left.
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	218	dname = (INTERNAL_DEV_PREFIX + port_id)[:13]
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	219	dname += '_0'
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	220	return dname.replace('-', '_')
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	221
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	222	def get_external_device_name(self, port_id):
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	223	# please see the comment above
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	224	dname = (EXTERNAL_DEV_PREFIX + port_id)[:13]
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	225	dname += '_0'
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	226	return dname.replace('-', '_')
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	227
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	228	def external_gateway_added(self, ri, ex_gw_port,
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	229	external_dlname, internal_cidrs):
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	230
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	231	if not net_lib.Datalink.datalink_exists(external_dlname):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	232	dl = net_lib.Datalink(external_dlname)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	233	# need to determine the VLAN ID for the VNIC
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	234	evsname = ex_gw_port['network_id']
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	235	tenantname = ex_gw_port['tenant_id']
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	236	cmd = ['/usr/sbin/evsadm', 'show-evs', '-co', 'vid',
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	237	'-f', 'tenant=%s' % tenantname, evsname]
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	238	try:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	239	stdout = utils.execute(cmd)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	240	except Exception as err:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	241	LOG.error(_("Failed to retrieve the VLAN ID associated "
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	242	"with the external network, and it is required "
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	243	"to create external gateway port: %s") % err)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	244	return
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	245	vid = stdout.splitlines()[0].strip()
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	246	if vid == "":
3198 46289f36c1ca 19073547 editing built-in flavors fails with name too long Drew Fisher <drew.fisher@oracle.com> parents: 3178 diff changeset	247	LOG.error(_("External Network does not have a VLAN ID "
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	248	"associated with it, and it is required to "
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	249	"create external gateway port"))
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	250	return
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	251	mac_address = ex_gw_port['mac_address']
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	252	dl.create_vnic(self.conf.external_network_datalink,
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	253	mac_address=mac_address, vid=vid)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	254	self.driver.init_l3(external_dlname, [ex_gw_port['ip_cidr']])
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	255
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	256	# TODO(gmoodalb): wrap route(1m) command within a class in net_lib.py
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	257	gw_ip = ex_gw_port['subnet']['gateway_ip']
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	258	if gw_ip:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	259	cmd = ['/usr/bin/pfexec', '/usr/sbin/route', 'add', 'default',
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	260	gw_ip]
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	261	utils.execute(cmd, check_exit_code=False)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	262
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	263	# for each of the internal ports, add Policy Based
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	264	# Routing (PBR) rule
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	265	for port in ri.internal_ports:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	266	internal_dlname = self.get_internal_device_name(port['id'])
3438 40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	267	rules = ['pass in on %s to %s:%s from any to !%s' %
40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	268	(internal_dlname, external_dlname, gw_ip,
40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	269	port['subnet']['cidr'])]
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	270	ipversion = netaddr.IPNetwork(port['subnet']['cidr']).version
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	271	ri.ipfilters_manager.add_ipf_rules(rules, ipversion)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	272
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	273	def external_gateway_removed(self, ri, ex_gw_port,
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	274	external_dlname, internal_cidrs):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	275
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	276	gw_ip = ex_gw_port['subnet']['gateway_ip']
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	277	if gw_ip:
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	278	# remove PBR rules
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	279	for port in ri.internal_ports:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	280	internal_dlname = self.get_internal_device_name(port['id'])
3438 40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	281	rules = ['pass in on %s to %s:%s from any to !%s' %
40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	282	(internal_dlname, external_dlname, gw_ip,
40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	283	port['subnet']['cidr'])]
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	284	ipversion = netaddr.IPNetwork(port['subnet']['cidr']).version
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	285	ri.ipfilters_manager.remove_ipf_rules(rules, ipversion)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	286
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	287	cmd = ['/usr/bin/pfexec', '/usr/sbin/route', 'delete', 'default',
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	288	gw_ip]
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	289	utils.execute(cmd, check_exit_code=False)
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	290
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	291	if net_lib.Datalink.datalink_exists(external_dlname):
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	292	self.driver.fini_l3(external_dlname)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	293	self.driver.unplug(external_dlname)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	294
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	295	def _get_ippool_name(self, mac_address, suffix=None):
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	296	# Generate a unique-name for ippool(1m) from that last 3
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	297	# bytes of mac-address. It is called pool name, but it is
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	298	# actually a 32 bit integer
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	299	name = mac_address.split(':')[3:]
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	300	if suffix:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	301	name.append(suffix)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	302	return int("".join(name), 16)
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	303
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	304	def internal_network_added(self, ri, port):
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	305	internal_dlname = self.get_internal_device_name(port['id'])
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	306	# driver just returns if datalink and IP interface already exists
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	307	self.driver.plug(port['tenant_id'], port['network_id'], port['id'],
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	308	internal_dlname)
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	309	self.driver.init_l3(internal_dlname, [port['ip_cidr']])
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	310
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	311	# Since we support shared router model, we need to block the new
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	312	# internal port from reaching other tenant's ports
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	313	block_pname = self._get_ippool_name(port['mac_address'])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	314	ri.ipfilters_manager.add_ippool(block_pname, None)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	315	if self.conf.allow_forwarding_between_networks:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	316	# If allow_forwarding_between_networks is set, then we need to
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	317	# allow forwarding of packets between same tenant's ports.
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	318	allow_pname = self._get_ippool_name(port['mac_address'], '0')
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	319	ri.ipfilters_manager.add_ippool(allow_pname, None)
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	320
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	321	# walk through the other internal ports and retrieve their
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	322	# cidrs and at the same time add the new internal port's
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	323	# cidr to them
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	324	port_subnet = port['subnet']['cidr']
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	325	block_subnets = []
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	326	allow_subnets = []
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	327	for internal_port in ri.internal_ports:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	328	if internal_port['mac_address'] == port['mac_address']:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	329	continue
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	330	if (self.conf.allow_forwarding_between_networks and
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	331	internal_port['tenant_id'] == port['tenant_id']):
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	332	allow_subnets.append(internal_port['subnet']['cidr'])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	333	# we need to add the port's subnet to this internal_port's
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	334	# allowed_subnet_pool
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	335	iport_allow_pname = \
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	336	self._get_ippool_name(internal_port['mac_address'], '0')
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	337	ri.ipfilters_manager.add_ippool(iport_allow_pname,
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	338	[port_subnet])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	339	else:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	340	block_subnets.append(internal_port['subnet']['cidr'])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	341	iport_block_pname = \
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	342	self._get_ippool_name(internal_port['mac_address'])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	343	ri.ipfilters_manager.add_ippool(iport_block_pname,
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	344	[port_subnet])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	345	# update the new port's pool with other ports' subnet
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	346	ri.ipfilters_manager.add_ippool(block_pname, block_subnets)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	347	if self.conf.allow_forwarding_between_networks:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	348	ri.ipfilters_manager.add_ippool(allow_pname, allow_subnets)
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	349
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	350	# now setup the IPF rules
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	351	rules = ['block in quick on %s from %s to pool/%d' %
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	352	(internal_dlname, port_subnet, block_pname)]
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	353	# pass in packets between networks that belong to same tenant
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	354	if self.conf.allow_forwarding_between_networks:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	355	rules.append('pass in quick on %s from %s to pool/%d' %
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	356	(internal_dlname, port_subnet, allow_pname))
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	357	# if the external gateway is already setup for the shared router,
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	358	# then we need to add Policy Based Routing (PBR) for this internal
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	359	# network
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	360	ex_gw_port = ri.ex_gw_port
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	361	ex_gw_ip = (ex_gw_port['subnet']['gateway_ip'] if ex_gw_port else None)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	362	if ex_gw_ip:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	363	external_dlname = self.get_external_device_name(ex_gw_port['id'])
3438 40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	364	rules.append('pass in on %s to %s:%s from any to !%s' %
40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	365	(internal_dlname, external_dlname, ex_gw_ip,
40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	366	port_subnet))
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	367
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	368	ipversion = netaddr.IPNetwork(port_subnet).version
3198 46289f36c1ca 19073547 editing built-in flavors fails with name too long Drew Fisher <drew.fisher@oracle.com> parents: 3178 diff changeset	369	ri.ipfilters_manager.add_ipf_rules(rules, ipversion)
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	370
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	371	def internal_network_removed(self, ri, port):
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	372	internal_dlname = self.get_internal_device_name(port['id'])
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	373	port_subnet = port['subnet']['cidr']
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	374	# remove all the IP filter rules that we added during
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	375	# internal network addition
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	376	block_pname = self._get_ippool_name(port['mac_address'])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	377	rules = ['block in quick on %s from %s to pool/%d' %
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	378	(internal_dlname, port_subnet, block_pname)]
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	379	if self.conf.allow_forwarding_between_networks:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	380	allow_pname = self._get_ippool_name(port['mac_address'], '0')
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	381	rules.append('pass in quick on %s from %s to pool/%d' %
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	382	(internal_dlname, port_subnet, allow_pname))
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	383
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	384	# remove all the IP filter rules that we added during
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	385	# external network addition
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	386	ex_gw_port = ri.ex_gw_port
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	387	ex_gw_ip = (ex_gw_port['subnet']['gateway_ip'] if ex_gw_port else None)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	388	if ex_gw_ip:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	389	external_dlname = self.get_external_device_name(ex_gw_port['id'])
3438 40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	390	rules.append('pass in on %s to %s:%s from any to !%s' %
40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	391	(internal_dlname, external_dlname, ex_gw_ip,
40c3d53194f6 19898528 PBR rule must not forward packets addressed to internal default gateway Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3364 diff changeset	392	port_subnet))
3364 25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	393	ipversion = netaddr.IPNetwork(port['subnet']['cidr']).version
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	394	ri.ipfilters_manager.remove_ipf_rules(rules, ipversion)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	395
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	396	# remove the ippool
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	397	ri.ipfilters_manager.remove_ippool(block_pname, None)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	398	if self.conf.allow_forwarding_between_networks:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	399	ri.ipfilters_manager.remove_ippool(allow_pname, None)
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	400
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	401	for internal_port in ri.internal_ports:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	402	if (self.conf.allow_forwarding_between_networks and
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	403	internal_port['tenant_id'] == port['tenant_id']):
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	404	iport_allow_pname = \
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	405	self._get_ippool_name(internal_port['mac_address'], '0')
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	406	ri.ipfilters_manager.remove_ippool(iport_allow_pname,
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	407	[port_subnet])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	408	else:
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	409	iport_block_pname = \
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	410	self._get_ippool_name(internal_port['mac_address'])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	411	ri.ipfilters_manager.remove_ippool(iport_block_pname,
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	412	[port_subnet])
25975ce9e810 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 3201 diff changeset	413
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	414	if net_lib.Datalink.datalink_exists(internal_dlname):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	415	self.driver.fini_l3(internal_dlname)
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	416	self.driver.unplug(internal_dlname)
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	417
3178 77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	418	def routers_updated(self, context, routers):
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	419	super(EVSL3NATAgent, self).routers_updated(context, routers)
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	420	if routers:
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	421	# If router's interface was removed, then the VNIC associated
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	422	# with that interface must be deleted immediately. The EVS
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	423	# plugin can delete the virtual port iff the VNIC associated
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	424	# with that virtual port is deleted first.
77584387a894 PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 3028 diff changeset	425	self._rpc_loop()
3028 5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	426
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	427	def routes_updated(self, ri):
5e73a3a3f66a PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	428	pass

author	Girish Moodalbail <Girish.Moodalbail@oracle.COM>
	Wed, 29 Oct 2014 10:08:29 -0700
branch	s11u2-sru
changeset 3438	40c3d53194f6
parent 3364	25975ce9e810
child 4072	db0cec748ec0
permissions	-rw-r--r--