| author | Drew Fisher <drew.fisher@oracle.com> |
| Wed, 11 Jun 2014 17:13:12 -0700 | |
| changeset 1944 | 56ac2df1785b |
| parent 1792 | 5cea652172c6 |
| child 1977 | 12e9c20eef5a |
| permissions | -rw-r--r-- |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
1 |
#!/usr/bin/python2.6 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
2 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
3 |
# Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
4 |
# |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
5 |
# Licensed under the Apache License, Version 2.0 (the "License"); you may |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
6 |
# not use this file except in compliance with the License. You may obtain |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
7 |
# a copy of the License at |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
8 |
# |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
9 |
# http://www.apache.org/licenses/LICENSE-2.0 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
10 |
# |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
11 |
# Unless required by applicable law or agreed to in writing, software |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
12 |
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
13 |
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
14 |
# License for the specific language governing permissions and limitations |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
15 |
# under the License. |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
16 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
17 |
import os |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
18 |
import re |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
19 |
import sys |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
20 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
21 |
import netaddr |
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
22 |
import smf_include |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
23 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
24 |
from subprocess import CalledProcessError, Popen, PIPE, check_call |
|
1792
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
25 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
26 |
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
27 |
def start(): |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
28 |
# verify paths are valid |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
29 |
for f in sys.argv[2:4]: |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
30 |
if not os.path.exists(f) or not os.access(f, os.R_OK): |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
31 |
print '%s does not exist or is not readable' % f |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
32 |
return smf_include.SMF_EXIT_ERR_CONFIG |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
33 |
|
|
1792
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
34 |
# System-wide forwarding (either ipv4 or ipv6 or both) must be enabled |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
35 |
# before neutron-l3-agent can be started. |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
36 |
cmd = ["/usr/sbin/ipadm", "show-prop", "-c", "-p", "forwarding", |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
37 |
"-o", "current", "ipv4"] |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
38 |
p = Popen(cmd, stdout=PIPE, stderr=PIPE) |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
39 |
output, error = p.communicate() |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
40 |
if p.returncode != 0: |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
41 |
print "failed to determine if IPv4 forwarding is enabled or not" |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
42 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
43 |
v4fwding = "on" in output |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
44 |
|
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
45 |
cmd = ["/usr/sbin/ipadm", "show-prop", "-c", "-p", "forwarding", |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
46 |
"-o", "current", "ipv6"] |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
47 |
p = Popen(cmd, stdout=PIPE, stderr=PIPE) |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
48 |
output, error = p.communicate() |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
49 |
if p.returncode != 0: |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
50 |
print "failed to determine if IPv6 forwarding is enabled or not" |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
51 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
52 |
v6fwding = "on" in output |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
53 |
|
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
54 |
if not any((v4fwding, v6fwding)): |
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
55 |
print "System-wide IPv4 or IPv6 (or both) forwarding must be " \ |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
56 |
"enabled before enabling neutron-l3-agent" |
|
1792
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
57 |
return smf_include.SMF_EXIT_ERR_CONFIG |
|
5cea652172c6
18416129 neutron-l3-agent should include dependency on ipfilter service
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
1760
diff
changeset
|
58 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
59 |
cmd = "/usr/lib/neutron/neutron-l3-agent --config-file %s " \ |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
60 |
"--config-file %s" % tuple(sys.argv[2:4]) |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
61 |
smf_include.smf_subprocess(cmd) |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
62 |
|
|
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
63 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
64 |
def stop(): |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
65 |
try: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
66 |
# first kill the SMF contract |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
67 |
check_call(["/usr/bin/pkill", "-c", sys.argv[2]]) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
68 |
except CalledProcessError as err: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
69 |
print "failed to kill the SMF contract: %s" % (err) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
70 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
71 |
# remove VNICs associated with L3 agent |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
72 |
cmd = ["/usr/sbin/ipadm", "show-if", "-p", "-o", "ifname"] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
73 |
p = Popen(cmd, stdout=PIPE, stderr=PIPE) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
74 |
output, error = p.communicate() |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
75 |
if p.returncode != 0: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
76 |
print "failed to retrieve IP interface names" |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
77 |
return smf_include.SMF_EXIT_ERR_CONFIG |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
78 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
79 |
ifnames = output.splitlines() |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
80 |
# L3 agent datalinks are always 15 characters in length. They start |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
81 |
# with either 'l3i' or 'l3e', end with '_0', and in between they are |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
82 |
# hexadecimal digits. |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
83 |
prog = re.compile('l3[ie][0-9A-Fa-f\_]{10}_0')
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
84 |
for ifname in ifnames: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
85 |
if not prog.search(ifname): |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
86 |
continue |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
87 |
try: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
88 |
# first remove the IP |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
89 |
check_call(["/usr/bin/pfexec", "/usr/sbin/ipadm", "delete-ip", |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
90 |
ifname]) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
91 |
# next remove the VNIC |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
92 |
check_call(["/usr/bin/pfexec", "/usr/sbin/dladm", "delete-vnic", |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
93 |
ifname]) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
94 |
except CalledProcessError as err: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
95 |
print "failed to remove datalinks used by L3 agent: %s" % (err) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
96 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
97 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
98 |
# remove IP Filter rules added by neutron-l3-agent |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
99 |
cmd = ["/usr/bin/pfexec", "/usr/sbin/ipfstat", "-io"] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
100 |
p = Popen(cmd, stdout=PIPE, stderr=PIPE) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
101 |
output, error = p.communicate() |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
102 |
if p.returncode != 0: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
103 |
print "failed to retrieve IP Filter rules" |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
104 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
105 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
106 |
ipfilters = output.splitlines() |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
107 |
# L3 agent IP Filter rules are of the form |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
108 |
# block in quick on l3i64cbb496_a_0 from ... to pool/15417332 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
109 |
prog = re.compile('on l3i[0-9A-Fa-f\_]{10}_0')
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
110 |
ippool_names = [] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
111 |
for ipf in ipfilters: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
112 |
if not prog.search(ipf): |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
113 |
continue |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
114 |
# capture the IP pool name |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
115 |
ippool_names.append(ipf.split('pool/')[1])
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
116 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
117 |
try: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
118 |
# remove the IP Filter rule |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
119 |
p = Popen(["echo", ipf], stdout=PIPE) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
120 |
check_call(["/usr/bin/pfexec", "/usr/sbin/ipf", "-r", "-f", "-"], |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
121 |
stdin=p.stdout) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
122 |
except CalledProcessError as err: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
123 |
print "failed to remove IP Filter rule %s: %s" % (ipf, err) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
124 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
125 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
126 |
# remove IP Pools added by neutron-l3-agent |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
127 |
for ippool_name in ippool_names: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
128 |
try: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
129 |
check_call(["/usr/bin/pfexec", "/usr/sbin/ippool", "-R", |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
130 |
"-m", ippool_name, "-t", "tree"]) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
131 |
except CalledProcessError as err: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
132 |
print "failed to remove IP Pool %s: %s" % (ippool_name, err) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
133 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
134 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
135 |
# remove IP NAT rules added by neutron-l3-agent |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
136 |
cmd = ["/usr/bin/pfexec", "/usr/sbin/ipnat", "-lR"] |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
137 |
p = Popen(cmd, stdout=PIPE, stderr=PIPE) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
138 |
output, error = p.communicate() |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
139 |
if p.returncode != 0: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
140 |
print "failed to retrieve IP NAT rules" |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
141 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
142 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
143 |
ipnat_rules = output.splitlines() |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
144 |
# L3 agent IP NAT rules are of the form |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
145 |
# bimap l3e64ccc496_a_0 192.168.1.3/32 -> 172.16.10.3/32 |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
146 |
prog = re.compile('l3e[0-9A-Fa-f\_]{10}_0')
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
147 |
for ipnat_rule in ipnat_rules: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
148 |
if not prog.search(ipnat_rule): |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
149 |
continue |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
150 |
# remove the IP NAT rule |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
151 |
try: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
152 |
p = Popen(["echo", ipnat_rule], stdout=PIPE) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
153 |
check_call(["/usr/bin/pfexec", "/usr/sbin/ipnat", "-r", "-f", "-"], |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
154 |
stdin=p.stdout) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
155 |
except CalledProcessError as err: |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
156 |
print "failed to remove IP NAT rule %s: %s" % (ipnat_rule, err) |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
157 |
return smf_include.SMF_EXIT_ERR_FATAL |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
158 |
|
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
159 |
return smf_include.SMF_EXIT_OK |
|
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1792
diff
changeset
|
160 |
|
|
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
161 |
if __name__ == "__main__": |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
162 |
os.putenv("LC_ALL", "C")
|
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
163 |
smf_include.smf_main() |