upstream/oracle/userland-gate: components/openstack/neutron/files/agent/l3/solaris

1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	1	# vim: tabstop=4 shiftwidth=4 softtabstop=4
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	2
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	3	# Copyright 2012 VMware, Inc. All rights reserved.
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	4	#
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	5	# Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	6	#
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	7	# Licensed under the Apache License, Version 2.0 (the "License"); you may
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	8	# not use this file except in compliance with the License. You may obtain
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	9	# a copy of the License at
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	10	#
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	11	# http://www.apache.org/licenses/LICENSE-2.0
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	12	#
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	13	# Unless required by applicable law or agreed to in writing, software
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	14	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	15	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	16	# License for the specific language governing permissions and limitations
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	17	# under the License.
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	18	#
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	19
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	20	"""
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	21	Based off of generic l3_agent (neutron/agent/l3/agent.py) code
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	22	"""
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	23
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	24	import errno
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	25	import netaddr
56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	26
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	27	from oslo_config import cfg
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	28	from oslo_log import log as logging
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	29
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	30	from neutron._i18n import _, _LE, _LW
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	31	from neutron.agent.common import ovs_lib
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	32	from neutron.agent.l3 import agent as l3_agent
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	33	from neutron.agent.l3 import router_info as router
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	34	from neutron.agent.linux import utils
56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	35	from neutron.agent.solaris import interface
56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	36	from neutron.agent.solaris import net_lib
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	37	from neutron.agent.solaris import packetfilter
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	38	from neutron.agent.solaris import ra
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	39	from neutron.callbacks import events
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	40	from neutron.callbacks import registry
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	41	from neutron.callbacks import resources
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	42	from neutron.common import constants as l3_constants
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	43	from neutron.common import exceptions as n_exc
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	44	from neutron.common import ipv6_utils
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	45	from neutron.common import utils as common_utils
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	46
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	47	from neutron_vpnaas.services.vpn import vpn_service
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	48	import neutron_vpnaas.services.vpn.agent as neutron_vpnaas
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	49
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	50	LOG = logging.getLogger(__name__)
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	51	INTERNAL_DEV_PREFIX = 'l3i'
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	52	EXTERNAL_DEV_PREFIX = 'l3e'
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	53	FLOATING_IP_CIDR_SUFFIX = '/32'
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	54
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	55
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	56	class SolarisRouterInfo(router.RouterInfo):
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	57
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	58	def __init__(self, router_id, router, agent_conf, interface_driver,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	59	use_ipv6=False):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	60	super(SolarisRouterInfo, self).__init__(router_id, router, agent_conf,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	61	interface_driver, use_ipv6)
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	62	self.pf = packetfilter.PacketFilter("_auto/neutron:l3:agent")
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	63	self.iptables_manager = None
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	64	self.remove_route = False
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	65	self.router_namespace = None
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	66	self.ns_name = None
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	67	self.ipnet_gwportname = dict()
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	68	self.tenant_subnets = dict()
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	69	self.tenant_subnets['all_tenants'] = set()
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	70
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	71	def initialize(self, process_monitor):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	72	"""Initialize the router on the system.
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	73
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	74	This differs from __init__ in that this method actually affects the
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	75	system creating namespaces, starting processes, etc. The other merely
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	76	initializes the python object. This separates in-memory object
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	77	initialization from methods that actually go do stuff to the system.
1987 6fa18b7a0af6 19158668 associating a new floating ip removes existing ipnat rules and re-adds them Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1977 diff changeset	78
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	79	:param process_monitor: The agent's process monitor instance.
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	80	"""
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	81	self.process_monitor = process_monitor
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	82	self.radvd = ra.NDPD(self.router_id, self.get_internal_device_name)
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	83
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	84	def get_internal_device_name(self, port_id):
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	85	# Because of the way how dnsmasq works on Solaris, the length
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	86	# of datalink name cannot exceed 16 (includes terminating nul
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	87	# character). So, the linkname can only have 15 characters and
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	88	# the last two characters are set aside for '_0'. So, we only
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	89	# have 13 characters left.
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	90	dname = (INTERNAL_DEV_PREFIX + port_id)[:13]
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	91	dname += '_0'
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	92	return dname.replace('-', '_')
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	93
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	94	def get_external_device_name(self, port_id):
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	95	# please see the comment above
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	96	dname = (EXTERNAL_DEV_PREFIX + port_id)[:13]
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	97	dname += '_0'
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	98	return dname.replace('-', '_')
353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	99
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	100	def update_routing_table(self, operation, route):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	101	if operation == 'replace':
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	102	operation = 'change'
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	103	cmd = ['/usr/sbin/route', 'get', route['destination']]
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	104	try:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	105	utils.execute(cmd, log_fail_as_error=False)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	106	except:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	107	operation = 'add'
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	108	cmd = ['/usr/sbin/route', operation, route['destination'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	109	route['nexthop']]
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	110	utils.execute(cmd)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	111	else:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	112	assert operation == 'delete'
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	113	cmd = ['/usr/sbin/route', 'delete', route['destination'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	114	route['nexthop']]
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	115	utils.execute(cmd)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	116
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	117	def _add_floating_ip_rules(self, interface_name, fip, fip_statuses):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	118	fixed_ip = fip['fixed_ip_address']
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	119	fip_ip = fip['floating_ip_address']
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	120	for ipnet, gwportname in self.ipnet_gwportname.iteritems():
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	121	if fixed_ip in ipnet:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	122	break
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	123	else:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	124	fip_statuses[fip['id']] = l3_constants.FLOATINGIP_STATUS_ERROR
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	125	LOG.warn(_("Unable to configure IP address for floating IP(%s)"
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	126	" '%s' for '%s'") % (fip['id'], fip_ip, fixed_ip))
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	127	return False
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	128
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	129	label = 'fip_%s' % str(fip_ip)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	130	fip_rules = ['pass out quick from %s to any nat-to %s static-port '
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	131	'label %s_out reply-to %s@%s' % (fixed_ip, fip_ip, label,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	132	fixed_ip, gwportname)]
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	133	fip_rules.append('pass in quick from any to %s rdr-to %s label %s_in '
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	134	'route-to %s@%s' % (fip_ip, fixed_ip, label,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	135	fixed_ip, gwportname))
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	136	self.pf.add_rules(fip_rules, [interface_name, fip_ip])
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	137	return True
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	138
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	139	def process_floating_ip_addresses(self, interface_name):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	140	"""Configure IP addresses on router's external gateway interface.
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	141
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	142	Ensures addresses for existing floating IPs and cleans up
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	143	those that should not longer be configured.
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	144	"""
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	145
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	146	fip_statuses = {}
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	147	if interface_name is None:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	148	LOG.debug('No Interface for floating IPs router: %s',
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	149	self.router['id'])
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	150	return fip_statuses
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	151
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	152	ipintf = net_lib.IPInterface(interface_name)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	153	ipaddr_list = ipintf.ipaddr_list()['static']
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	154
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	155	existing_cidrs = set(ipaddr_list)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	156	new_cidrs = set()
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	157
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	158	floating_ips = self.get_floating_ips()
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	159	# Loop once to ensure that floating ips are configured.
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	160	for fip in floating_ips:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	161	fixed_ip = fip['fixed_ip_address']
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	162	fip_ip = fip['floating_ip_address']
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	163	fip_cidr = str(fip_ip) + FLOATING_IP_CIDR_SUFFIX
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	164	new_cidrs.add(fip_cidr)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	165	fip_statuses[fip['id']] = l3_constants.FLOATINGIP_STATUS_ACTIVE
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	166	if fip_cidr not in existing_cidrs:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	167	try:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	168	ipintf.create_address(fip_cidr, ifcheck=False,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	169	addrcheck=False)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	170	if not self._add_floating_ip_rules(interface_name, fip,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	171	fip_statuses):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	172	continue
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	173	net_lib.send_ip_addr_adv_notif(interface_name,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	174	fip['floating_ip_address'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	175	self.agent_conf)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	176	except Exception as err:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	177	# any exception occurred here should cause the floating IP
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	178	# to be set in error state
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	179	fip_statuses[fip['id']] = (
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	180	l3_constants.FLOATINGIP_STATUS_ERROR)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	181	LOG.warn(_("Unable to configure IP address for "
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	182	"floating IP: %s: %s") % (fip['id'], err))
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	183	# remove the fip_cidr address if it was added
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	184	try:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	185	ipintf.delete_address(fip_cidr)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	186	except:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	187	pass
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	188	continue
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	189	else:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	190	existing_anchor_rules = self.pf.list_anchor_rules(
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	191	[interface_name, fip_ip])
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	192	# check if existing fip has been reassigned
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	193	fip_reassigned = any([fixed_ip not in rule for rule in
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	194	existing_anchor_rules])
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	195	if fip_reassigned:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	196	LOG.debug("Floating ip '%s' reassigned to '%s'",
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	197	fip_ip, fixed_ip)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	198	# flush rules associated with old fixed_ip and add
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	199	# new rules for the new fixed_ip
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	200	self.pf.remove_anchor([interface_name, fip_ip])
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	201	if not self._add_floating_ip_rules(interface_name, fip,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	202	fip_statuses):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	203	continue
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	204	elif fip_statuses[fip['id']] == fip['status']:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	205	# mark the status as not changed. we can't remove it
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	206	# because that's how the caller determines that it was
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	207	# removed (TODO(gmoodalb): check this)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	208	fip_statuses[fip['id']] = router.FLOATINGIP_STATUS_NOCHANGE
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	209
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	210	LOG.debug("Floating ip %(id)s added, status %(status)s",
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	211	{'id': fip['id'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	212	'status': fip_statuses.get(fip['id'])})
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	213
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	214	# Clean up addresses that no longer belong on the gateway interface and
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	215	# remove the binat-to PF rule associated with them
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	216	for ip_cidr in existing_cidrs - new_cidrs:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	217	if ip_cidr.endswith(FLOATING_IP_CIDR_SUFFIX):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	218	LOG.debug("Removing floating ip %s from interface %s",
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	219	ip_cidr, ipintf)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	220	self.pf.remove_anchor([interface_name, ip_cidr.split('/')[0]])
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	221	ipintf.delete_address(ip_cidr, addrcheck=False)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	222	return fip_statuses
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	223
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	224	def delete(self, agent):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	225	self.router['gw_port'] = None
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	226	self.router[l3_constants.INTERFACE_KEY] = []
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	227	self.router[l3_constants.FLOATINGIP_KEY] = []
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	228	self.process_delete(agent)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	229	self.disable_radvd()
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	230
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	231	def internal_network_added(self, port):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	232	internal_dlname = self.get_internal_device_name(port['id'])
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	233	LOG.debug("adding internal network: port(%s), interface(%s)",
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	234	port['id'], internal_dlname)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	235	# driver just returns if datalink and IP interface already exists
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	236	self.driver.plug(port['tenant_id'], port['network_id'], port['id'],
6123 806b9ac912fa 23480374 network_info is incorrectly checked against None when it can be [] as well chaithan.prakash@oracle.com <chaithan.prakash@oracle.com> parents: 6031 diff changeset	237	internal_dlname, port['mac_address'],
6153 e1758cabe679 23549840 Unable to create dhcp and l3 vnics with EVS interface driver chaithan.prakash@oracle.com <chaithan.prakash@oracle.com> parents: 6123 diff changeset	238	vif_type=port.get('binding:vif_type'))
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	239	fixed_ips = port['fixed_ips']
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	240	ip_cidrs = common_utils.fixed_ip_cidrs(fixed_ips)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	241	self.driver.init_l3(internal_dlname, ip_cidrs)
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	242	for fixed_ip in fixed_ips:
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	243	net_lib.send_ip_addr_adv_notif(internal_dlname,
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	244	fixed_ip['ip_address'],
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	245	self.agent_conf)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	246
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	247	port_subnet = port['subnets'][0]['cidr']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	248	ipversion = netaddr.IPNetwork(port_subnet).version
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	249	rules = []
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	250	# if metadata is enabled, then we need to redirect all the packets
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	251	# arriving at 169.254.169.254:80 to neutron-metadata-proxy server
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	252	# listening at self.agent_conf.metadata_port
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	253	if self.agent_conf.enable_metadata_proxy and ipversion == 4:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	254	rules.append('pass in quick proto tcp to 169.254.169.254/32 '
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	255	'port 80 rdr-to 127.0.0.1 port %s label metadata_%s'
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	256	% (self.agent_conf.metadata_port, internal_dlname))
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	257
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	258	# Since we support shared router model, we need to block the new
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	259	# internal port from reaching other tenant's ports. However, if
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	260	# allow_forwarding_between_networks is set, then we need to
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	261	# allow forwarding of packets between same tenant's ports.
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	262	block_tblname = 'block_%s' % internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	263	rules.append('block in quick to <%s> label %s' %
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	264	(block_tblname, block_tblname))
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	265	if self.agent_conf.allow_forwarding_between_networks:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	266	allow_tblname = 'allow_%s' % internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	267	rules.append('pass in quick to <%s> reply-to %s label %s' %
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	268	(allow_tblname, internal_dlname, allow_tblname))
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	269
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	270	# finally add all the rules in one shot
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	271	self.pf.add_rules(rules, [internal_dlname, 'normal'])
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	272
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	273	ex_gw_port = self.ex_gw_port
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	274	if not ex_gw_port:
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	275	return
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	276
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	277	ex_gw_ip = ex_gw_port['subnets'][0]['gateway_ip']
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	278	if not ex_gw_ip:
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	279	return
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	280
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	281	if netaddr.IPAddress(ex_gw_ip).version != 4 or ipversion != 4:
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	282	return
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	283
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	284	# if the external gateway is already setup for the shared router,
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	285	# then we need to add Policy Based Routing (PBR) for both inbound
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	286	# and outbound for this internal network
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	287	external_dlname = self.get_external_device_name(ex_gw_port['id'])
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	288	label = 'pbr_%s' % internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	289	pbr_rules = ['pass in quick to !%s route-to {(%s %s)} label %s_in' %
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	290	(port_subnet, external_dlname, ex_gw_ip, label)]
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	291	pbr_rules.append('pass out quick received-on %s reply-to %s@%s '
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	292	'label %s_out' % (external_dlname, ex_gw_ip,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	293	external_dlname, label))
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	294
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	295	self.pf.add_rules(pbr_rules, [internal_dlname, 'pbr'])
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	296	if self._snat_enabled:
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	297	ex_gw_port_ip = ex_gw_port['fixed_ips'][0]['ip_address']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	298	label = 'snat_%s' % internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	299	snat_rule = ('pass out quick from %s to any nat-to %s label %s '
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	300	'reply-to %s' % (port_subnet, ex_gw_port_ip, label,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	301	internal_dlname))
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	302	self.pf.add_rules([snat_rule], [external_dlname, internal_dlname])
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	303
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	304	def internal_network_removed(self, port):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	305	internal_dlname = self.get_internal_device_name(port['id'])
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	306	LOG.debug("removing internal network: port(%s) interface(%s)",
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	307	port['id'], internal_dlname)
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	308	# remove the anchor and tables associated with this internal port
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	309	self.pf.remove_anchor_recursively([internal_dlname])
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	310	if self.ex_gw_port and self._snat_enabled:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	311	external_dlname = self.\
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	312	get_external_device_name(self.ex_gw_port['id'])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	313	self.pf.remove_anchor_recursively([external_dlname,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	314	internal_dlname])
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	315	if net_lib.Datalink.datalink_exists(internal_dlname):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	316	self.driver.unplug(internal_dlname)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	317
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	318	def _get_existing_devices(self):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	319	return net_lib.Datalink.show_link()
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	320
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	321	def internal_network_updated(self, interface_name, ip_cidrs):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	322	pass
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	323
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	324	def _apply_common_rules(self, all_subnets, internal_ports):
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	325	v4_subnets = [subnet for subnet in all_subnets
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	326	if netaddr.IPNetwork(subnet).version == 4]
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	327	if not v4_subnets:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	328	return
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	329
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	330	# add rule for metadata and broadcast
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	331	allsubnets_tblname = "all_v4_subnets"
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	332	common_aname = "common"
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	333	self.pf.replace_table_entry(allsubnets_tblname, v4_subnets,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	334	[common_aname])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	335	rules = []
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	336	# don't forward broadcast packets out of the internal subnet
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	337	rules.append('pass in quick from <%s> to 255.255.255.255 label '
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	338	'%s_bcast' % (allsubnets_tblname, common_aname))
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	339	self.pf.add_rules(rules, [common_aname])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	340
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	341	def _pre_setup_pf_rules(self, new_ports, old_ports, internal_ports):
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	342	"""We are going to do some amount of book keeping (for later use) and
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	343	also pre-setup PF skeleton rules ahead of time to improve PF setup
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	344	time.
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	345	"""
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	346
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	347	# Process PF anchor rules for internal ports in bulk as this
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	348	# significantly improves the PF setup time. Capture the anchor
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	349	# rules that will be placed under _auto/neutron:l3:agent.
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	350	new_anchor_rules = set()
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	351	for p in new_ports:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	352	port_id = p['id']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	353	tenant_id = p['tenant_id']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	354	subnet = p['subnets'][0]['cidr']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	355	internal_dlname = self.get_internal_device_name(port_id)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	356	anchor_rule = 'anchor "%s/*" on %s all' % (internal_dlname,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	357	internal_dlname)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	358	new_anchor_rules.add(anchor_rule)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	359	ipnet = netaddr.IPNetwork(subnet)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	360	if ipnet.version == 4:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	361	self.ipnet_gwportname[ipnet] = internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	362	# Capture all the subnets across all tenants and subnets
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	363	# per-tenant. We will setup PF tables for each internal network
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	364	# ahead of time
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	365	self.tenant_subnets['all_tenants'].add(subnet)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	366	if tenant_id not in self.tenant_subnets:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	367	self.tenant_subnets[tenant_id] = set()
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	368	self.tenant_subnets[tenant_id].add(subnet)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	369
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	370	old_anchor_rules = set()
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	371	for p in old_ports:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	372	port_id = p['id']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	373	tenant_id = p['tenant_id']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	374	subnet = p['subnets'][0]['cidr']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	375	internal_dlname = self.get_internal_device_name(port_id)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	376	anchor_rule = 'anchor "%s/*" on %s all' % (internal_dlname,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	377	internal_dlname)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	378	old_anchor_rules.add(anchor_rule)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	379	ipnet = netaddr.IPNetwork(subnet)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	380	if ipnet.version == 4:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	381	self.ipnet_gwportname.pop(ipnet, None)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	382	self.tenant_subnets['all_tenants'].discard(subnet)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	383	if tenant_id in self.tenant_subnets:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	384	self.tenant_subnets[tenant_id].discard(subnet)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	385
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	386	existing_anchor_rules = set(self.pf.list_anchor_rules())
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	387	final_anchor_rules = ((existing_anchor_rules \| new_anchor_rules) -
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	388	old_anchor_rules)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	389	# add an anchor rule to capture rules common amongst all the
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	390	# internal ports under 'common' anchor
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	391	if internal_ports:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	392	final_anchor_rules.add('anchor "common" all')
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	393	# add rule for metadata and broadcast for all tenant's networks
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	394	self._apply_common_rules(self.tenant_subnets['all_tenants'],
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	395	internal_ports)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	396	else:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	397	final_anchor_rules.discard('anchor "common" all')
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	398	# Now that there are no internal ports, remove the common anchor
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	399	# that captures rules common amongst all the internal ports
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	400	self.pf.remove_anchor_recursively(['common'])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	401	self.pf.add_rules(list(sorted(final_anchor_rules)))
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	402
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	403	# Since we support shared router model, we need to block the new
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	404	# internal port from reaching other tenant's ports. However, if
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	405	# allow_forwarding_between_networks is set, then we need to
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	406	# allow forwarding of packets between same tenant's ports
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	407	block_subnets = set()
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	408	allow_subnets = set()
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	409	for p in internal_ports:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	410	subnet = p['subnets'][0]['cidr']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	411	tenant_id = p['tenant_id']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	412	if self.agent_conf.allow_forwarding_between_networks:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	413	allow_subnets = self.tenant_subnets[tenant_id] - set([subnet])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	414	block_subnets = (self.tenant_subnets['all_tenants'] -
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	415	self.tenant_subnets[tenant_id])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	416	else:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	417	block_subnets = (self.tenant_subnets['all_tenants'] -
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	418	set([subnet]))
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	419	# add table entry in the global scope
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	420	internal_dlname = self.get_internal_device_name(p['id'])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	421	block_tblname = "block_%s" % internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	422	self.pf.replace_table_entry(block_tblname, list(block_subnets),
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	423	[internal_dlname, 'normal'])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	424	if allow_subnets:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	425	allow_tblname = "allow_%s" % internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	426	self.pf.replace_table_entry(allow_tblname, list(allow_subnets),
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	427	[internal_dlname, 'normal'])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	428
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	429	def _process_internal_ports(self, pd):
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	430	existing_port_ids = set([p['id'] for p in self.internal_ports])
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	431
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	432	internal_ports = self.router.get(l3_constants.INTERFACE_KEY, [])
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	433	current_port_ids = set([p['id'] for p in internal_ports
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	434	if p['admin_state_up']])
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	435
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	436	new_port_ids = current_port_ids - existing_port_ids
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	437	new_ports = [p for p in internal_ports if p['id'] in new_port_ids]
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	438	old_ports = [p for p in self.internal_ports if
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	439	p['id'] not in current_port_ids]
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	440	# updated_ports = self._get_updated_ports(self.internal_ports,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	441	# internal_ports)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	442
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	443	if old_ports or new_ports:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	444	self._pre_setup_pf_rules(new_ports, old_ports, internal_ports)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	445
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	446	enable_ra = False
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	447	for p in new_ports:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	448	self.internal_network_added(p)
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	449	LOG.debug("appending port %s to internal_ports cache", p)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	450	self.internal_ports.append(p)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	451	enable_ra = enable_ra or self._port_has_ipv6_subnet(p)
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	452	for subnet in p['subnets']:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	453	if ipv6_utils.is_ipv6_pd_enabled(subnet):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	454	interface_name = self.get_internal_device_name(p['id'])
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	455	pd.enable_subnet(self.router_id, subnet['id'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	456	subnet['cidr'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	457	interface_name, p['mac_address'])
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	458
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	459	for p in old_ports:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	460	self.internal_network_removed(p)
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	461	LOG.debug("removing port %s from internal_ports cache", p)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	462	self.internal_ports.remove(p)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	463	enable_ra = enable_ra or self._port_has_ipv6_subnet(p)
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	464	for subnet in p['subnets']:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	465	if ipv6_utils.is_ipv6_pd_enabled(subnet):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	466	pd.disable_subnet(self.router_id, subnet['id'])
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	467
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	468	# updated_cidres = []
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	469	# if updated_ports:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	470	# for index, p in enumerate(internal_ports):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	471	# if not updated_ports.get(p['id']):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	472	# continue
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	473	# self.internal_ports[index] = updated_ports[p['id']]
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	474	# interface_name = self.get_internal_device_name(p['id'])
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	475	# ip_cidrs = common_utils.fixed_ip_cidrs(p['fixed_ips'])
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	476	# LOG.debug("updating internal network for port %s", p)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	477	# updated_cidrs += ip_cidrs
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	478
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	479	# self.driver.init_l3(interface_name, ip_cidrs=ip_cidrs,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	480	# namespace=self.ns_name)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	481	# enable_ra = enable_ra or self._port_has_ipv6_subnet(p)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	482
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	483	# # Check if there is any pd prefix update
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	484	# for p in internal_ports:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	485	# if p['id'] in (set(current_port_ids) & set(existing_port_ids)):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	486	# for subnet in p.get('subnets', []):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	487	# if ipv6_utils.is_ipv6_pd_enabled(subnet):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	488	# old_prefix = pd.update_subnet(self.router_id,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	489	# subnet['id'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	490	# subnet['cidr'])
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	491	# if old_prefix:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	492	# self._internal_network_updated(p, subnet['id'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	493	# subnet['cidr'],
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	494	# old_prefix,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	495	# updated_cidrs)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	496	# enable_ra = True
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	497	# Enable RA
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	498	if enable_ra:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	499	self.radvd.enable(internal_ports)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	500
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	501	# remove any internal stale router interfaces (i.e., l3i.. VNICs)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	502	existing_devices = self._get_existing_devices()
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	503	current_internal_devs = set(n for n in existing_devices
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	504	if n.startswith(INTERNAL_DEV_PREFIX))
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	505	current_port_devs = set(self.get_internal_device_name(port_id)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	506	for port_id in current_port_ids)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	507	stale_devs = current_internal_devs - current_port_devs
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	508	for stale_dev in stale_devs:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	509	LOG.debug(_('Deleting stale internal router device: %s'),
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	510	stale_dev)
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	511	pd.remove_stale_ri_ifname(self.router_id, stale_dev)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	512	self.driver.unplug(stale_dev)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	513
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	514	# TODO(gmoodalb): need to do more work on ipv6 gateway
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	515	def external_gateway_added(self, ex_gw_port, external_dlname):
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	516	LOG.debug("External gateway added: port(%s), interface(%s)",
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	517	ex_gw_port, external_dlname)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	518	# TODO(gmoodalb): add MTU to plug()?
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	519	self.driver.plug(ex_gw_port['tenant_id'], ex_gw_port['network_id'],
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	520	ex_gw_port['id'], external_dlname,
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	521	ex_gw_port['mac_address'],
6123 806b9ac912fa 23480374 network_info is incorrectly checked against None when it can be [] as well chaithan.prakash@oracle.com <chaithan.prakash@oracle.com> parents: 6031 diff changeset	522	bridge=self.agent_conf.external_network_bridge,
6153 e1758cabe679 23549840 Unable to create dhcp and l3 vnics with EVS interface driver chaithan.prakash@oracle.com <chaithan.prakash@oracle.com> parents: 6123 diff changeset	523	vif_type=ex_gw_port.get('binding:vif_type'))
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	524	ip_cidrs = common_utils.fixed_ip_cidrs(ex_gw_port['fixed_ips'])
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	525	self.driver.init_l3(external_dlname, ip_cidrs)
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	526	for fixed_ip in ex_gw_port['fixed_ips']:
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	527	net_lib.send_ip_addr_adv_notif(external_dlname,
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	528	fixed_ip['ip_address'],
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	529	self.agent_conf)
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	530
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	531	# add nested anchor rule first
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	532	anchor_option = "on %s" % external_dlname
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	533	self.pf.add_nested_anchor_rule(None, external_dlname, anchor_option)
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	534
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	535	gw_ip = ex_gw_port['subnets'][0]['gateway_ip']
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	536	if gw_ip:
56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	537	cmd = ['/usr/bin/pfexec', '/usr/sbin/route', 'add', 'default',
56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	538	gw_ip]
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	539	stdout = utils.execute(cmd, extra_ok_codes=[errno.EEXIST])
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	540	if 'entry exists' not in stdout:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	541	self.remove_route = True
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	542
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	543	# for each of the internal ports, add Policy Based Routing (PBR)
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	544	# rule iff ex_gw_ip is IPv4 and the internal port is IPv4
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	545	if netaddr.IPAddress(gw_ip).version != 4:
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	546	return
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	547	for port in self.internal_ports:
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	548	port_subnet = port['subnets'][0]['cidr']
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	549	if netaddr.IPNetwork(port_subnet).version != 4:
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	550	continue
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	551	internal_dlname = self.get_internal_device_name(port['id'])
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	552	label = 'pbr_%s' % internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	553	pbr_rules = ['pass in quick to !%s route-to {(%s %s)} '
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	554	'label %s_in' % (port_subnet, external_dlname,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	555	gw_ip, label)]
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	556	pbr_rules.append('pass out quick received-on %s reply-to %s@%s'
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	557	' label %s_out' % (external_dlname, gw_ip,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	558	external_dlname, label))
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	559	self.pf.add_rules(pbr_rules, [internal_dlname, 'pbr'])
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	560
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	561	def external_gateway_updated(self, ex_gw_port, external_dlname):
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	562	# There is nothing to do on Solaris
5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	563	pass
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	564
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	565	def external_gateway_removed(self, ex_gw_port, external_dlname):
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	566	LOG.debug("External gateway removed: port(%s), interface(%s)",
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	567	ex_gw_port, external_dlname)
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	568	# remove nested anchor rule first
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	569	self.pf.remove_nested_anchor_rule(None, external_dlname)
48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	570
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	571	gw_ip = ex_gw_port['subnets'][0]['gateway_ip']
1944 56ac2df1785b PSARC/2014/207 OpenStack Glance Update to Havana Drew Fisher <drew.fisher@oracle.com> parents: 1760 diff changeset	572	if gw_ip:
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	573	# remove PBR rules
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	574	for port in self.internal_ports:
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	575	internal_dlname = self.get_internal_device_name(port['id'])
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	576	self.pf.remove_anchor([internal_dlname, 'pbr'])
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	577
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	578	if self.remove_route:
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	579	cmd = ['/usr/bin/pfexec', '/usr/sbin/route', 'delete',
5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	580	'default', gw_ip]
5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	581	utils.execute(cmd, check_exit_code=False)
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	582
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	583	if net_lib.Datalink.datalink_exists(external_dlname):
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	584	self.driver.unplug(external_dlname,
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	585	self.agent_conf.external_network_bridge)
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	586
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	587	def _process_external_gateway(self, ex_gw_port, pd):
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	588	# TODO(Carl) Refactor to clarify roles of ex_gw_port vs self.ex_gw_port
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	589	ex_gw_port_id = (ex_gw_port and ex_gw_port['id'] or
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	590	self.ex_gw_port and self.ex_gw_port['id'])
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	591
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	592	ex_gw_port_status = None
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	593	interface_name = None
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	594	if ex_gw_port_id:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	595	interface_name = self.get_external_device_name(ex_gw_port_id)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	596	if ex_gw_port:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	597	if not self.ex_gw_port:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	598	self.external_gateway_added(ex_gw_port, interface_name)
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	599	pd.add_gw_interface(self.router['id'], interface_name)
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	600	ex_gw_port_status = 'added'
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	601	elif not self._gateway_ports_equal(ex_gw_port, self.ex_gw_port):
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	602	self.external_gateway_updated(ex_gw_port, interface_name)
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	603	ex_gw_port_status = 'updated'
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	604	elif not ex_gw_port and self.ex_gw_port:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	605	self.external_gateway_removed(self.ex_gw_port, interface_name)
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	606	pd.remove_gw_interface(self.router['id'])
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	607	ex_gw_port_status = 'removed'
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	608
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	609	# Remove any external stale router interfaces (i.e., l3e.. VNICs)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	610	existing_devices = self._get_existing_devices()
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	611	stale_devs = [dev for dev in existing_devices
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	612	if dev.startswith(EXTERNAL_DEV_PREFIX) and
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	613	dev != interface_name]
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	614	for stale_dev in stale_devs:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	615	LOG.debug(_('Deleting stale external router device: %s'),
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	616	stale_dev)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	617	self.driver.unplug(stale_dev)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	618
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	619	# Process SNAT rules for external gateway
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	620	gw_port = self._router.get('gw_port')
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	621	self._handle_router_snat_rules(gw_port, interface_name,
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	622	ex_gw_port_status)
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	623
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	624	def external_gateway_snat_rules(self, ex_gw_port_ip, external_dlname):
5579 48110757c6c6 PSARC/2016/116 OpenStack Neutron support for Packet Filter Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5405 diff changeset	625	rules = {}
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	626	for port in self.internal_ports:
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	627	ip_cidr = port['subnets'][0]['cidr']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	628	if netaddr.IPNetwork(ip_cidr).version == 4:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	629	internal_dlname = self.get_internal_device_name(port['id'])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	630	label = 'snat_%s' % internal_dlname
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	631	rule = ('pass out quick from %s to any nat-to %s label %s '
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	632	'reply-to %s' % (ip_cidr, ex_gw_port_ip, label,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	633	internal_dlname))
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	634	rules[internal_dlname] = [rule]
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	635
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	636	return rules
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	637
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	638	def _handle_router_snat_rules(self, ex_gw_port, external_dlname,
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	639	ex_gw_port_status):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	640	# Todo(gmoodalb): need this when we support address_scope
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	641	# self.process_external_port_address_scope_routing(iptables_manager)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	642
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	643	# Remove all the old SNAT rules
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	644	# This is safe because if use_namespaces is set as False
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	645	# then the agent can only configure one router, otherwise
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	646	# each router's SNAT rules will be in their own namespace
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	647	if ex_gw_port_status in ['removed', 'updated']:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	648	snat_anchors = self.pf.list_anchors([external_dlname])
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	649	for snat_anchor in snat_anchors:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	650	if "/l3i" in snat_anchor:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	651	self.pf.remove_anchor(snat_anchor.split('/')[-2:])
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	652
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	653	# And add them back if the action is add_rules
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	654	if ex_gw_port_status in ['added', 'updated']:
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	655	# NAT rules are added only if ex_gw_port has an IPv4 address
6555 321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	656	ex_gw_port_ip = ex_gw_port['fixed_ips'][0]['ip_address']
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	657	if netaddr.IPAddress(ex_gw_port_ip).version != 4:
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	658	return
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	659	port_rules = self.external_gateway_snat_rules(ex_gw_port_ip,
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	660	external_dlname)
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	661	for internal_dlname, rules in port_rules.iteritems():
321727f908b3 22724517 neutron L3 agent takes a very long time to (re)build virtual network topology Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6184 diff changeset	662	self.pf.add_rules(rules, [external_dlname, internal_dlname])
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	663
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	664	def process_external(self, agent):
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	665	fip_statuses = {}
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	666	try:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	667	ex_gw_port = self.get_ex_gw_port()
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	668	self._process_external_gateway(ex_gw_port, agent.pd)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	669	# TODO(Carl) Return after setting existing_floating_ips and
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	670	# still call update_fip_statuses?
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	671	if not ex_gw_port:
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	672	return
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	673
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	674	# Once NAT rules for floating IPs are safely in place
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	675	# configure their addresses on the external gateway port
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	676	interface_name = self.get_external_device_name(ex_gw_port['id'])
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	677	fip_statuses = self.configure_fip_addresses(interface_name)
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	678	except n_exc.FloatingIpSetupException:
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	679	# All floating IPs must be put in error state
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	680	LOG.exception(_LE("Failed to process floating IPs."))
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	681	fip_statuses = self.put_fips_in_error_state()
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	682	finally:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	683	self.update_fip_statuses(agent, fip_statuses)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	684
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	685	def process_external_port_address_scope_routing(self, iptables_manager):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	686	pass
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	687
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	688	def process_address_scope(self):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	689	pass
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	690
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	691
6561 6c1204ee2522 24415249 hg rename agent/evs_l3_agent.py to agent/l3/solaris_agent.py Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6555 diff changeset	692	class L3NATAgent(l3_agent.L3NATAgentWithStateReport):
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	693	OPTS = [
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	694	cfg.BoolOpt('allow_forwarding_between_networks', default=False,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	695	help=_("Allow forwarding of packets between tenant's "
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	696	"networks")),
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	697	]
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	698
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	699	def __init__(self, host, conf=None):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	700	cfg.CONF.register_opts(self.OPTS)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	701	cfg.CONF.register_opts(interface.OPTS)
6561 6c1204ee2522 24415249 hg rename agent/evs_l3_agent.py to agent/l3/solaris_agent.py Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 6555 diff changeset	702	super(L3NATAgent, self).__init__(host=host, conf=conf)
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	703	cfg.CONF.register_opts(neutron_vpnaas.vpn_agent_opts, 'vpnagent')
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	704	self.service = vpn_service.VPNService(self)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	705	self.device_drivers = self.service.load_device_drivers(host)
2083 87196737f09f 19571319 datalink protection kicks in if L3 agent and DHCP agent are on the same m/c Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 1987 diff changeset	706
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	707	def _check_config_params(self):
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	708	"""Check items in configuration files.
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	709
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	710	Check for required and invalid configuration items.
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	711	The actual values are not verified for correctness.
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	712	"""
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	713	if not self.conf.interface_driver:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	714	msg = _LE('An interface driver must be specified')
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	715	LOG.error(msg)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	716	raise SystemExit(1)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	717
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	718	if not self.conf.router_id:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	719	msg = _LE('Router id (router_id) is required to be set.')
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	720	LOG.error(msg)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	721	raise SystemExit(1)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	722
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	723	if self.conf.ipv6_gateway:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	724	# ipv6_gateway configured. Check for valid v6 link-local address.
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	725	try:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	726	msg = _LE("%s used in config as ipv6_gateway is not a valid "
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	727	"IPv6 link-local address."),
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	728	ip_addr = netaddr.IPAddress(self.conf.ipv6_gateway)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	729	if ip_addr.version != 6 or not ip_addr.is_link_local():
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	730	LOG.error(msg, self.conf.ipv6_gateway)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	731	raise SystemExit(1)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	732	except netaddr.AddrFormatError:
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	733	LOG.error(msg, self.conf.ipv6_gateway)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	734	raise SystemExit(1)
8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	735
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	736	def _router_added(self, router_id, router):
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	737	args = []
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	738	kwargs = {
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	739	'router_id': router_id,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	740	'router': router,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	741	'use_ipv6': self.use_ipv6,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	742	'agent_conf': self.conf,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	743	'interface_driver': self.driver,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	744	}
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	745	ri = SolarisRouterInfo(args, *kwargs)
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	746	registry.notify(resources.ROUTER, events.BEFORE_CREATE,
66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	747	self, router=ri)
3998 5bd484384122 PSARC 2015/110 OpenStack service updates for Juno Danek Duvall <danek.duvall@oracle.com> parents: 2174 diff changeset	748
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	749	self.router_info[router_id] = ri
1760 353323c7bdc1 PSARC/2013/350 OpenStack for Solaris (Umbrella) Drew Fisher <drew.fisher@oracle.com> parents: diff changeset	750
5405 66fd59fecd68 PSARC 2015/535 OpenStack service updates for Kilo Devjani Ray <devjani.ray@oracle.com> parents: 4975 diff changeset	751	ri.initialize(self.process_monitor)
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	752
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	753	def _process_router_if_compatible(self, router):
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	754	if (self.conf.external_network_bridge and not ovs_lib.BaseOVS().
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	755	bridge_exists(self.conf.external_network_bridge)):
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	756	LOG.error(_("The external network bridge '%s' does not exist"),
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	757	self.conf.external_network_bridge)
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	758	return
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	759
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	760	# We don't support namespaces so only process the router associated
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	761	# with the configured agent id.
6848 8e252a37ed0d PSARC 2016/268 Neutron EVS Plugin EOF Laszlo Peter <laszlo.peter@oracle.com> parents: 6561 diff changeset	762	if (router['id'] != self.conf.router_id):
6031 1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	763	raise n_exc.RouterNotCompatibleWithAgent(router_id=router['id'])
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	764
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	765	# Either ex_net_id or handle_internal_only_routers must be set
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	766	ex_net_id = (router['external_gateway_info'] or {}).get('network_id')
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	767	if not ex_net_id and not self.conf.handle_internal_only_routers:
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	768	raise n_exc.RouterNotCompatibleWithAgent(router_id=router['id'])
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	769
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	770	# If target_ex_net_id and ex_net_id are set they must be equal
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	771	target_ex_net_id = self._fetch_external_net_id()
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	772	if (target_ex_net_id and ex_net_id and ex_net_id != target_ex_net_id):
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	773	# Double check that our single external_net_id has not changed
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	774	# by forcing a check by RPC.
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	775	if ex_net_id != self._fetch_external_net_id(force=True):
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	776	raise n_exc.RouterNotCompatibleWithAgent(
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	777	router_id=router['id'])
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	778
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	779	if router['id'] not in self.router_info:
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	780	self._process_added_router(router)
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	781	else:
1aaf20a19738 PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver Girish Moodalbail <Girish.Moodalbail@oracle.COM> parents: 5579 diff changeset	782	self._process_updated_router(router)

author	Laszlo Peter <laszlo.peter@oracle.com>
	Wed, 07 Sep 2016 14:48:41 -0700
changeset 6848	8e252a37ed0d
parent 6561	6c1204ee2522
permissions	-rw-r--r--