diff --git a/gbpservice/nfp/common/nfp_debugger.py b/gbpservice/nfp/common/nfp_debugger.py deleted file mode 100644 index 6983327d61..0000000000 --- a/gbpservice/nfp/common/nfp_debugger.py +++ /dev/null @@ -1,16 +0,0 @@ -import sys -import pdb - - -class ForkedPdb(pdb.Pdb): - """A Pdb subclass that may be used - from a forked multiprocessing child - - """ - def interaction(self, *args, **kwargs): - _stdin = sys.stdin - try: - sys.stdin = file('/dev/stdin') - pdb.Pdb.interaction(self, *args, **kwargs) - finally: - sys.stdin = _stdin diff --git a/gbpservice/nfp/config_orchestrator/agent/firewall.py b/gbpservice/nfp/config_orchestrator/agent/firewall.py index 8694ad58ca..f69d6e580f 100644 --- a/gbpservice/nfp/config_orchestrator/agent/firewall.py +++ b/gbpservice/nfp/config_orchestrator/agent/firewall.py @@ -11,22 +11,29 @@ # under the License. import uuid import six -import oslo_messaging as messaging +import ast +import copy from gbpservice.nfp.common import constants from gbpservice.nfp.core.poll import poll_event_desc, PollEventDesc -from gbpservice.nfp.config_orchestrator.agent import topics -from gbpservice.nfp.config_orchestrator.agent.common import \ - prepare_request_data from gbpservice.nfp.lib.transport import send_request_to_configurator, \ RPCClient from neutron._i18n import _LI, _LW, _LE from neutron_lib import exceptions as n_exce -from oslo_log import log as logging -from oslo_log import helpers as log_helpers from gbpservice.nfp.config_orchestrator.callbacks import firewall_agent_api \ as api +from gbpservice.nfp.config_orchestrator.agent import common +from gbpservice.nfp.config_orchestrator.agent import topics as a_topics +from gbpservice.nfp.core import common as nfp_common +from gbpservice.nfp.lib import transport + +from neutron_fwaas.db.firewall import firewall_db + +from oslo_log import helpers as log_helpers +from oslo_log import log as oslo_logging +import oslo_messaging as messaging -LOG = logging.getLogger(__name__) +LOGGER = oslo_logging.getLogger(__name__) +LOG = nfp_common.log REMOVE_ROUTER_INTERFACE = 'remove_router_interface' ADD_ROUTER_INTERFACE = 'add_router_interface' @@ -36,8 +43,243 @@ class ServiceProfileNotFound(n_exce.NeutronException): message = _('Service Profile not found for Firewall ID - (firewall)%s.' 'Specify profile id to render firewall.') +""" +RPC handler for Firwrall service +""" -class FwAgent(PollEventDesc): + +class FwAgent(firewall_db.Firewall_db_mixin): + + RPC_API_VERSION = '1.0' + target = messaging.Target(version=RPC_API_VERSION) + + def __init__(self, conf, sc): + super(FwAgent, self).__init__() + self._conf = conf + self._sc = sc + self._db_inst = super(FwAgent, self) + + def _get_firewalls(self, context, tenant_id, + firewall_policy_id, description): + filters = {'tenant_id': [tenant_id], + 'firewall_policy_id': [firewall_policy_id]} + args = {'context': context, 'filters': filters} + firewalls = self._db_inst.get_firewalls(**args) + for firewall in firewalls: + firewall['description'] = description + return firewalls + + def _get_firewall_policies(self, context, tenant_id, + firewall_policy_id, description): + filters = {'tenant_id': [tenant_id], + 'id': [firewall_policy_id]} + args = {'context': context, 'filters': filters} + firewall_policies = self._db_inst.get_firewall_policies(**args) + return firewall_policies + + def _get_firewall_rules(self, context, tenant_id, + firewall_policy_id, description): + filters = {'tenant_id': [tenant_id], + 'firewall_policy_id': [firewall_policy_id]} + args = {'context': context, 'filters': filters} + firewall_rules = self._db_inst.get_firewall_rules(**args) + return firewall_rules + + def _get_firewall_context(self, **kwargs): + firewalls = self._get_firewalls(**kwargs) + firewall_policies = self._get_firewall_policies(**kwargs) + firewall_rules = self._get_firewall_rules(**kwargs) + return {'firewalls': firewalls, + 'firewall_policies': firewall_policies, + 'firewall_rules': firewall_rules} + + def _get_core_context(self, context, filters): + return common.get_core_context(context, + filters, + self._conf.host) + + def _context(self, **kwargs): + context = kwargs.get('context') + if context.is_admin: + kwargs['tenant_id'] = context.tenant_id + db = self._get_firewall_context(**kwargs) + # Commenting below as ports, subnets and routers data not need + # by firewall with present configurator + + # db.update(self._get_core_context(context, filters)) + return db + + def _prepare_resource_context_dicts(self, **kwargs): + # Prepare context_dict + context = kwargs.get('context') + ctx_dict = context.to_dict() + # Collecting db entry required by configurator. + # Addind service_info to neutron context and sending + # dictionary format to the configurator. + db = self._context(**kwargs) + rsrc_ctx_dict = copy.deepcopy(ctx_dict) + rsrc_ctx_dict.update({'service_info': db}) + return ctx_dict, rsrc_ctx_dict + + def _data_wrapper(self, context, firewall, host, nf, reason): + # Hardcoding the position for fetching data since we are owning + # its positional change + description = ast.literal_eval((nf['description'].split('\n'))[1]) + fw_mac = description['provider_ptg_info'][0] + firewall.update({'description': str(description)}) + kwargs = {'context': context, + 'firewall_policy_id': firewall[ + 'firewall_policy_id'], + 'description': str(description), + 'tenant_id': firewall['tenant_id']} + + ctx_dict, rsrc_ctx_dict = self.\ + _prepare_resource_context_dicts(**kwargs) + nfp_context = {'network_function_id': nf['id'], + 'neutron_context': ctx_dict, + 'fw_mac': fw_mac, + 'requester': 'nas_service'} + resource = resource_type = 'firewall' + resource_data = {resource: firewall, + 'host': host, + 'neutron_context': rsrc_ctx_dict} + body = common.prepare_request_data(nfp_context, resource, + resource_type, resource_data, + description['service_vendor']) + return body + + def _fetch_nf_from_resource_desc(self, desc): + desc_dict = ast.literal_eval(desc) + nf_id = desc_dict['network_function_id'] + return nf_id + + @log_helpers.log_method_call + def create_firewall(self, context, firewall, host): + # Fetch nf_id from description of the resource + nf_id = self._fetch_nf_from_resource_desc(firewall["description"]) + nf = common.get_network_function_details(context, nf_id) + body = self._data_wrapper(context, firewall, host, nf, 'CREATE') + transport.send_request_to_configurator(self._conf, + context, body, "CREATE") + + @log_helpers.log_method_call + def delete_firewall(self, context, firewall, host): + # Fetch nf_id from description of the resource + nf_id = self._fetch_nf_from_resource_desc(firewall["description"]) + nf = common.get_network_function_details(context, nf_id) + body = self._data_wrapper(context, firewall, host, nf, 'DELETE') + transport.send_request_to_configurator(self._conf, + context, body, "DELETE") + + +class FirewallNotifier(object): + + def __init__(self, conf, sc): + self._sc = sc + self._conf = conf + + def _trigger_service_event(self, context, event_type, event_id, + request_data): + event_data = {'resource': None, + 'context': context.to_dict()} + event_data['resource'] = {'eventtype': event_type, + 'eventid': event_id, + 'eventdata': request_data} + ev = self._sc.new_event(id=event_id, + key=event_id, data=event_data) + self._sc.post_event(ev) + + def _prepare_request_data(self, context, + nf_id, resource_id, + fw_mac, service_type): + request_data = None + try: + request_data = common.get_network_function_map( + context, nf_id) + # Adding Service Type # + request_data.update({"service_type": service_type, + "fw_mac": fw_mac, + "neutron_resource_id": resource_id, + "LogMetaID": nf_id}) + except Exception as e: + LOG(LOGGER, 'ERROR', '%s' % (e)) + return request_data + return request_data + + def set_firewall_status(self, context, notification_data): + notification = notification_data['notification'][0] + notification_info = notification_data['info'] + resource_data = notification['data'] + firewall_id = resource_data['firewall_id'] + status = resource_data['status'] + nf_id = notification_info['context']['network_function_id'] + fw_mac = notification_info['context']['fw_mac'] + service_type = notification_info['service_type'] + msg = ("Config Orchestrator received " + "firewall_configuration_create_complete API, making an " + "set_firewall_status RPC call for firewall: %s & status " + " %s" % (firewall_id, status)) + LOG(LOGGER, 'INFO', '%s' % (msg)) + firewall = resource_data['firewall'] + if firewall.get('neutron_mode'): + NeutronFwAgent(self._conf, self._sc).set_firewall_status(context, + firewall) + else: + # RPC call to plugin to set firewall status + rpcClient = transport.RPCClient(a_topics.FW_NFP_PLUGIN_TOPIC) + rpcClient.cctxt.cast(context, 'set_firewall_status', + host=resource_data['host'], + firewall_id=firewall_id, + status=status) + + # Sending An Event for visiblity # + event_data = {'context': context.to_dict(), + 'nf_id': nf_id, + 'fw_mac': fw_mac, + 'service_type': service_type, + 'resource_id': firewall_id, + } + ev = self._sc.new_event(id='SERVICE_CREATE_PENDING', + key='SERVICE_CREATE_PENDING', + data=event_data, max_times=24) + self._sc.poll_event(ev) + + def firewall_deleted(self, context, notification_data): + notification = notification_data['notification'][0] + notification_info = notification_data['info'] + resource_data = notification['data'] + firewall_id = resource_data['firewall_id'] + nf_id = notification_info['context']['network_function_id'] + fw_mac = notification_info['context']['fw_mac'] + service_type = notification_info['service_type'] + resource_id = firewall_id + + msg = ("Config Orchestrator received " + "firewall_configuration_delete_complete API, making an " + "firewall_deleted RPC call for firewall: %s" % (firewall_id)) + LOG(LOGGER, 'INFO', '%s' % (msg)) + + firewall = resource_data['firewall'] + if firewall.get('neutron_mode'): + NeutronFwAgent(self._conf, self._sc).firewall_deleted(context, + firewall) + else: + # RPC call to plugin to update firewall deleted + rpcClient = transport.RPCClient(a_topics.FW_NFP_PLUGIN_TOPIC) + rpcClient.cctxt.cast(context, 'firewall_deleted', + host=resource_data['host'], + firewall_id=firewall_id) + + # Sending An Event for visiblity # + request_data = self._prepare_request_data(context, nf_id, + resource_id, + fw_mac, service_type) + LOG(LOGGER, 'INFO', "%s : %s " % (request_data, nf_id)) + self._trigger_service_event(context, 'SERVICE', 'SERVICE_DELETED', + request_data) + + +class NeutronFwAgent(PollEventDesc): RPC_API_VERSION = '1.0' target = messaging.Target(version=RPC_API_VERSION) @@ -46,15 +288,15 @@ def __init__(self, conf, sc): self._conf = conf self._sc = sc self.oc_fw_plugin_rpc = api.FWaaSPluginApiMixin( - topics.FW_NFP_PLUGIN_TOPIC, self._conf.host) + a_topics.FW_NFP_PLUGIN_TOPIC, self._conf.host) @property def so_rpc_client(self): - return RPCClient(topics.NFP_NSO_TOPIC) + return RPCClient(a_topics.NFP_NSO_TOPIC) @property def fw_plugin_client(self): - return RPCClient(topics.FW_NFP_PLUGIN_TOPIC) + return RPCClient(a_topics.FW_NFP_PLUGIN_TOPIC) def event_method_mapping(self, event_id): event_handler_mapping = { @@ -150,32 +392,29 @@ def create_firewall(self, context, firewall, host): if is_neutron_mode: self.process_create_firewall_service(context, firewall, host) else: - self.call_configurator_for_config(context, firewall, host) + return self.oc_fw_plugin_rpc.set_firewall_status(context, firewall[ + 'id'], constants.ERROR) def update_firewall(self, context, firewall, host): pass @log_helpers.log_method_call def delete_firewall(self, context, firewall, host): - resource = 'firewall' firewall = self.get_extra_details_for_firewall_delete(context, firewall) if 'services_to_delete' in firewall and not firewall[ 'services_to_delete']: self.oc_fw_plugin_rpc.firewall_deleted(context, firewall['id']) - kwargs = {resource: firewall, 'host': host, 'context': - context.to_dict()} - body = prepare_request_data(resource, kwargs, "firewall") + # (VK): get the nf_id + nf_id = None + self.call_configurator_for_config( + context, firewall=firewall, + host=self._conf.host, nf_id, "DELETE") LOG.info(_LI("Firewall - %(id)s delete started") % {'id': firewall[ 'id']}) - send_request_to_configurator(self._conf, context, body, "DELETE") - def firewall_configuration_create_complete(self, context, **kwargs): + def set_firewall_status(self, context, firewall): # Currently proxy agent is sending like - kwargs = {'kwargs': {}}. Bad - kwargs = kwargs['kwargs'] - firewall = kwargs['firewall'] - if 'neutron_mode' not in firewall: - return self.update_status(context, firewall) _erred_services = [service['id'] for service in firewall[ 'erred_services']] erred_services = [service for service in firewall[ @@ -196,33 +435,35 @@ def firewall_configuration_create_complete(self, context, **kwargs): LOG.info(_LI("Firewall - %(id)s creation completed.") % {'id': firewall['id']}) - def firewall_configuration_delete_complete(self, context, **kwargs): - kwargs = kwargs['kwargs'] - firewall = kwargs['firewall'] - if 'neutron_mode' in firewall: - try: - # Have no idea whether this will work or not. - self.delete_firewall_instances(context, firewall) - except Exception, err: - LOG.error(_LE("Exception - %(err)s occurred while deleting " - "firewall instances. ") % {'err': err}) - self.oc_fw_plugin_rpc.set_firewall_status(context, firewall[ - 'id'], constants.ERROR) - else: - status = firewall['status'] - if status == constants.SUCCESS: - self.oc_fw_plugin_rpc.firewall_deleted(context, firewall['id']) - else: - self.oc_fw_plugin_rpc.set_firewall_status(context, firewall[ - 'id'], constants.ERROR) + def firewall_deleted(self, context, firewall): + try: + # Have no idea whether this will work or not. + self.delete_firewall_instances(context, firewall) + except Exception, err: + LOG.error(_LE("Exception - %(err)s occurred while deleting " + "firewall instances. ") % {'err': err}) + self.oc_fw_plugin_rpc.set_firewall_status(context, firewall[ + 'id'], constants.ERROR) - def call_configurator_for_config(self, context, firewall, host): - resource = 'firewall' - kwargs = {resource: firewall, - 'host': host, - 'context': context.to_dict()} - body = prepare_request_data(resource, kwargs, "firewall") - send_request_to_configurator(self._conf, context, body, "CREATE") + def call_configurator_for_config(self, context, firewall, host, nf_id, + method): + resource = resource_type = 'firewall' + # REVIEW (VK): fw_mac required for visibility + fw_mac = firewall['description']['provider_ptg_info'][0] + ctx_dict = context.to_dict() + nfp_context = {'network_function_id': nf_id, + 'neutron_context': ctx_dict, + 'fw_mac': fw_mac, + 'requester': 'nas_service'} + resource_data = {resource: firewall, + 'host': host, + 'neutron_context': ctx_dict} + + body = common.prepare_request_data(nfp_context, resource, + resource_type, resource_data, + 'neutron_vyos') + transport.send_request_to_configurator(self._conf, + context, body, method) def get_extra_details_for_firewall_delete(self, context, firewall): if not self._is_network_function_mode_neutron(firewall) or\ @@ -338,9 +579,9 @@ def process_post_delete(self, nw_function_data): # service_ids = [service['service_id'] for service in erred_services] # if service_ids: # pass - # self.so_rpc_client.cctxt.cast(nw_function_data['context'], - # 'admin_down_interfaces', - # port_ids=service_ids) + # self.so_rpc_client.cctxt.cast(nw_function_data['context'], + # 'admin_down_interfaces', + # port_ids=service_ids) # for service in erred_services: # self.so_rpc_client.cctxt.cast(nw_function_data['context'], @@ -450,10 +691,11 @@ def post_process_create_firewall_service(self, nw_fun_data): LOG.info(_LI("Sending configuration request to configurator for " "firewall - %s"), firewall['id']) # Batch processing, have no other choice. + # (VK): get nf_id + nf_id = None self.call_configurator_for_config( - nw_fun_data['context'], firewall=nw_fun_data[ - 'network_function_data']['resource_data'], - host=self._conf.host) + nw_fun_data['context'], firewall, self._conf.host, nf_id, + "CREATE") elif nw_fun_data.get('l3_notification'): kwargs = {'port': nw_fun_data['service_info'][0]['port']['id']} # self.so_rpc_client.cctxt.call( diff --git a/gbpservice/nfp/config_orchestrator/agent/vpn.py b/gbpservice/nfp/config_orchestrator/agent/vpn.py index e048422fbd..fbe1f279e8 100644 --- a/gbpservice/nfp/config_orchestrator/agent/vpn.py +++ b/gbpservice/nfp/config_orchestrator/agent/vpn.py @@ -561,7 +561,7 @@ def wait_for_device_ready(self, event): vpn_plugin = transport.RPCClient(a_topics.VPN_NFP_PLUGIN_TOPIC) self._sc.poll_event_done(event) vpnsvc_status = [{ - 'id': nw_function_info_data['resource_data']['resource']['id'], + 'id': nw_function_info_data['resource_data']['id'], 'status': nw_func['status'], 'updated_pending_status': True, 'ipsec_site_connections': {}}] diff --git a/gbpservice/nfp/config_orchestrator/modules/agent.py b/gbpservice/nfp/config_orchestrator/modules/agent.py index 65e2621089..32dc6fad92 100644 --- a/gbpservice/nfp/config_orchestrator/modules/agent.py +++ b/gbpservice/nfp/config_orchestrator/modules/agent.py @@ -10,7 +10,6 @@ # License for the specific language governing permissions and limitations # under the License. -from oslo_log import log as logging from gbpservice.nfp.config_orchestrator.agent import firewall as fw from gbpservice.nfp.config_orchestrator.agent import loadbalancer as lb from gbpservice.nfp.config_orchestrator.agent import notification_handler as nh @@ -23,8 +22,6 @@ from gbpservice.nfp.core.rpc import RpcAgent from oslo_config import cfg -LOG = logging.getLogger(__name__) - def rpc_init(sc, conf): fwrpcmgr = fw.FwAgent(conf, sc) @@ -85,9 +82,8 @@ def rpc_init(sc, conf): manager=nhrpcmgr, ) - sc.register_rpc_agents([fwagent, vpnagent, notificationagent, nfp_l3_agent]) - # sc.register_rpc_agents([fwagent, lbagent, vpnagent, notificationagent, - # nfp_l3_agent]) + sc.register_rpc_agents([fwagent, lbagent, vpnagent, notificationagent, + nfp_l3_agent]) def events_init(sc, conf, nfp_agents_obj): @@ -126,5 +122,5 @@ def __init__(self, controller, config): self._controller = controller self._config = config self.vpn_agent = vp.NeutronVpnaasAgent(self._config, self._controller) - self.fw_agent = fw.FwAgent(self._config, self._controller) + self.fw_agent = fw.NeutronFwAgent(self._config, self._controller) self.nfp_l3_agent = NFPL3Agent(sc=self._controller, conf=self._config) diff --git a/gbpservice/nfp/configurator/agents/firewall.py b/gbpservice/nfp/configurator/agents/firewall.py index 48507914da..36cc38f62f 100644 --- a/gbpservice/nfp/configurator/agents/firewall.py +++ b/gbpservice/nfp/configurator/agents/firewall.py @@ -14,7 +14,6 @@ import oslo_messaging as messaging import requests -from oslo_config import cfg from oslo_log import log as logging from gbpservice.nfp.configurator.agents import agent_base @@ -25,13 +24,6 @@ LOG = logging.getLogger(__name__) -rest_timeout = [ - cfg.IntOpt( - 'rest_timeout', - default=360, - help=("rest api timeout"))] -cfg.CONF.register_opts(rest_timeout) - """ Implements Fwaas response path to Neutron plugin. Methods of this class are invoked by the FwaasEventHandler class @@ -46,8 +38,8 @@ def __init__(self, sc, host, drivers, rpcmgr): super(FwaasRpcSender, self).__init__(sc, drivers, rpcmgr) self.host = host - def firewall_configuration_create_complete(self, context, firewall_id, - status, firewall=None): + def set_firewall_status(self, agent_info, + firewall_id, status, firewall=None): """ Enqueues the response from FwaaS operation to neutron plugin. :param context: Neutron context @@ -56,19 +48,20 @@ def firewall_configuration_create_complete(self, context, firewall_id, """ - msg = {'receiver': const.NEUTRON, - 'resource': const.SERVICE_TYPE, - 'method': 'firewall_configuration_create_complete', - 'kwargs': {'context': context, - 'host': self.host, - 'firewall_id': firewall_id, - 'status': status, - 'firewall': firewall} + msg = {'info': {'service_type': const.SERVICE_TYPE, + 'context': agent_info['context']}, + 'notification': [{ + 'resource': agent_info['resource'], + 'data': {'firewall_id': firewall_id, + 'host': self.host, + 'status': status, + 'notification_type': ( + 'set_firewall_status'), + 'firewall': firewall}}] } self.notify._notification(msg) - def firewall_configuration_delete_complete(self, context, firewall_id, - status, firewall=None): + def firewall_deleted(self, agent_info, firewall_id, firewall=None): """ Enqueues the response from FwaaS operation to neutron plugin. :param context: Neutron context @@ -76,14 +69,15 @@ def firewall_configuration_delete_complete(self, context, firewall_id, """ - msg = {'receiver': const.NEUTRON, - 'resource': const.SERVICE_TYPE, - 'method': 'firewall_configuration_delete_complete', - 'kwargs': {'context': context, - 'host': self.host, - 'status': status, - 'firewall_id': firewall_id, - 'firewall': firewall} + msg = {'info': {'service_type': const.SERVICE_TYPE, + 'context': agent_info['context']}, + 'notification': [{ + 'resource': agent_info['resource'], + 'data': {'firewall_id': firewall_id, + 'host': self.host, + 'notification_type': ( + 'firewall_deleted'), + 'firewall': firewall}}] } self.notify._notification(msg) @@ -171,7 +165,7 @@ def delete_firewall(self, context, firewall, host): class FWaasEventHandler(object): - def __init__(self, sc, drivers, rpcmgr): + def __init__(self, sc, drivers, rpcmgr, conf): """ Instantiates class object. :param sc: Service Controller object that is used to communicate @@ -182,18 +176,19 @@ def __init__(self, sc, drivers, rpcmgr): """ self.sc = sc + self.conf = conf self.drivers = drivers - self.host = cfg.CONF.host + self.host = self.conf.host self.rpcmgr = rpcmgr self.plugin_rpc = FwaasRpcSender(sc, self.host, self.drivers, self.rpcmgr) - def _get_driver(self): + def _get_driver(self, service_vendor): """ Retrieves driver object given the service type """ - driver_id = const.SERVICE_TYPE + driver_id = const.SERVICE_TYPE + service_vendor return self.drivers[driver_id] def _is_firewall_rule_exists(self, fw): @@ -222,7 +217,15 @@ def handle_event(self, ev): % (os.getpid(), ev.id)) LOG.debug(msg) - driver = self._get_driver() + # The context here in ev.data is the neutron context that was + # renamed to context in the agent_base. This erstwhile + # neutron context contains the agent info which in turn contains + # the API context alongside other relevant information like + # service vendor and type. Agent info is constructed inside + # the demuxer library. + service_vendor = ev.data['context']['agent_info']['service_vendor'] + driver = self._get_driver(service_vendor) + self.method = getattr(driver, "%s" % (ev.id.lower())) self.invoke_driver_for_plugin_api(ev) except Exception as err: @@ -237,44 +240,43 @@ def invoke_driver_for_plugin_api(self, ev): """ - context = ev.data.get('context') + context = ev.data['context'] + agent_info = context.pop('agent_info') firewall = ev.data.get('firewall') host = ev.data.get('host') - res = (const.STATUS_ERROR, firewall) + if ev.id == const.FIREWALL_CREATE_EVENT: if not self._is_firewall_rule_exists(firewall): msg = ("Firewall status set to ACTIVE") LOG.debug(msg) - return self.plugin_rpc.firewall_configuration_create_complete( - context, firewall['id'], const.STATUS_ACTIVE, firewall) + return self.plugin_rpc.set_firewall_status( + agent_info, + firewall['id'], const.STATUS_ACTIVE, firewall) # Added to handle in service vm agents. VM agent will add # default DROP rule. # if not self._is_firewall_rule_exists(firewall): - # self.plugin_rpc.firewall_configuration_create_complete( + # self.plugin_rpc.set_firewall_status( # context, firewall['id'], const.STATUS_ACTIVE) try: - res = self.method(context, firewall, host) + status = self.method(context, firewall, host) except Exception as err: - self.plugin_rpc.firewall_configuration_create_complete( - context, firewall['id'], const.STATUS_ERROR, - firewall=res[1]) + self.plugin_rpc.set_firewall_status( + agent_info, firewall['id'], const.STATUS_ERROR, firewall) msg = ("Failed to configure Firewall and status is " "changed to ERROR. %s." % str(err).capitalize()) LOG.error(msg) else: - self.plugin_rpc.firewall_configuration_create_complete( - context, firewall['id'], status=res[0], firewall=res[1]) - msg = ("Configured Firewall and status set to %s" % res[0]) + self.plugin_rpc.set_firewall_status( + agent_info, firewall['id'], status, firewall) + msg = ("Configured Firewall and status set to %s" % status) LOG.info(msg) elif ev.id == const.FIREWALL_DELETE_EVENT: if not self._is_firewall_rule_exists(firewall): - return self.plugin_rpc.firewall_configuration_delete_complete( - context, firewall['id'], const.STATUS_SUCCESS, - firewall=res[1]) + return self.plugin_rpc.firewall_deleted( + agent_info, firewall['id'], firewall) try: - res = self.method(context, firewall, host) - status = res[0] + status = self.method(context, firewall, host) except requests.ConnectionError: # FIXME It can't be correct everytime msg = ("There is a connection error for firewall %r of " @@ -283,46 +285,46 @@ def invoke_driver_for_plugin_api(self, ev): "broken. For now marking that as delete." % (firewall['id'], firewall['tenant_id'])) LOG.warning(msg) - self.plugin_rpc.firewall_configuration_delete_complete( - context, firewall['id'], status=res[0], firewall=res[1]) + self.plugin_rpc.firewall_deleted( + agent_info, firewall['id'], firewall) except Exception as err: # TODO(VIKASH) Is it correct to raise ? As the subsequent # attempt to clean will only re-raise the last one.And it # can go on and on and may not be ever recovered. - self.plugin_rpc.firewall_configuration_delete_complete( - context, firewall['id'], const.STATUS_ERROR, - firewall=res[1]) + self.plugin_rpc.set_firewall_status( + agent_info, firewall['id'], const.STATUS_ERROR, firewall) msg = ("Failed to delete Firewall and status is " "changed to ERROR. %s." % str(err).capitalize()) LOG.error(msg) + # raise(err) else: if status == const.STATUS_ERROR: - self.plugin_rpc.firewall_configuration_delete_complete( - context, firewall['id'], status, firewall=res[1]) + self.plugin_rpc.set_firewall_status( + agent_info, firewall['id'], status, firewall) else: msg = ("Firewall %r deleted of tenant: %r" % ( firewall['id'], firewall['tenant_id'])) LOG.info(msg) - self.plugin_rpc.firewall_configuration_delete_complete( - context, firewall['id'], status, firewall=res[1]) + self.plugin_rpc.firewall_deleted( + agent_info, firewall['id'], firewall) elif ev.id == const.FIREWALL_UPDATE_EVENT: if not self._is_firewall_rule_exists(firewall): - return self.plugin_rpc.firewall_configuration_create_complete( - context, firewall['id'], const.STATUS_ACTIVE, firewall) + return self.plugin_rpc.set_firewall_status( + agent_info, + const.STATUS_ACTIVE, firewall) try: - res = self.method(context, firewall, host) - status = res[0] + status = self.method(context, firewall, host) except Exception as err: - self.plugin_rpc.firewall_configuration_create_complete( - context, firewall['id'], 'ERROR', firewall=res[1]) + self.plugin_rpc.set_firewall_status( + agent_info, firewall['id'], const.STATUS_ERROR, firewall) msg = ("Failed to update Firewall and status is " "changed to ERROR. %s." % str(err).capitalize()) LOG.error(msg) else: - self.plugin_rpc.firewall_configuration_create_complete( - context, firewall['id'], status, firewall=res[1]) + self.plugin_rpc.set_firewall_status( + agent_info, firewall['id'], status, firewall) msg = ("Updated Firewall and status set to %s" % status) LOG.info(msg) else: @@ -330,7 +332,7 @@ def invoke_driver_for_plugin_api(self, ev): raise Exception(msg) -def events_init(sc, drivers, rpcmgr): +def events_init(sc, drivers, rpcmgr, conf): """Registers events with core service controller. All the events will come to handle_event method of class instance @@ -350,11 +352,11 @@ def events_init(sc, drivers, rpcmgr): evs = [] for event in event_id_list: evs.append(nfp_event.Event(id=event, handler=FWaasEventHandler( - sc, drivers, rpcmgr))) + sc, drivers, rpcmgr, conf))) sc.register_events(evs) -def load_drivers(): +def load_drivers(conf): """Imports all the driver files corresponding to this agent. Returns: Dictionary of driver objects with a specified service type and @@ -366,7 +368,7 @@ def load_drivers(): drivers = ld.load_drivers(const.DRIVERS_DIR) for service_type, driver_name in drivers.iteritems(): - driver_obj = driver_name() + driver_obj = driver_name(conf=conf) drivers[service_type] = driver_obj return drivers @@ -397,7 +399,7 @@ def init_agent(cm, sc, conf): """ try: - drivers = load_drivers() + drivers = load_drivers(conf) except Exception as err: msg = ("Fwaas failed to load drivers. %s" % (str(err).capitalize())) @@ -409,7 +411,7 @@ def init_agent(cm, sc, conf): rpcmgr = FWaasRpcManager(sc, conf) try: - events_init(sc, drivers, rpcmgr) + events_init(sc, drivers, rpcmgr, conf) except Exception as err: msg = ("Fwaas Events initialization unsuccessful. %s" % (str(err).capitalize())) diff --git a/gbpservice/nfp/configurator/drivers/firewall/vyos/vyos_neutron_fw_driver.py b/gbpservice/nfp/configurator/drivers/firewall/vyos/vyos_neutron_fw_driver.py index 62612416a4..4162041921 100644 --- a/gbpservice/nfp/configurator/drivers/firewall/vyos/vyos_neutron_fw_driver.py +++ b/gbpservice/nfp/configurator/drivers/firewall/vyos/vyos_neutron_fw_driver.py @@ -15,8 +15,8 @@ class NeutronVYOSFWDriver(FwaasDriver): - service_type = "firewall" - service_vendor = "neutron vyos" + service_type = const.SERVICE_TYPE + service_vendor = "neutron_vyos" def __init__(self, conf): super(FwaasDriver, self).__init__() @@ -47,7 +47,8 @@ def create_firewall(self, context, firewall, host): else: configured_services.append(service) - firewall.update(config_erred_services=config_erred_services, + firewall.update(neutron_mode=True, + config_erred_services=config_erred_services, configured_services=configured_services, description=fw_desc) status = "ACTIVE" if configured_services else "ERROR" @@ -78,7 +79,8 @@ def delete_firewall(self, context, firewall, host): else: config_deleted_services.append(service) - firewall.update(delete_erred_services=delete_erred_services, + firewall.update(neutron_mode=True, + delete_erred_services=delete_erred_services, config_deleted_services=config_deleted_services, description=fw_desc) status = "ERROR" if delete_erred_services else "SUCCESS" diff --git a/gbpservice/nfp/configurator/drivers/vpn/vyos/vyos_vpn_driver.py b/gbpservice/nfp/configurator/drivers/vpn/vyos/vyos_vpn_driver.py index d50addf9c4..90e495708c 100644 --- a/gbpservice/nfp/configurator/drivers/vpn/vyos/vyos_vpn_driver.py +++ b/gbpservice/nfp/configurator/drivers/vpn/vyos/vyos_vpn_driver.py @@ -1157,11 +1157,6 @@ def create_ipsec_conn(self, context, resource_data): "with local cidr." % t_lcidr) LOG.error(msg) self._error_state(context, conn, msg) - if len(conn['peer_cidrs']) != 1: - msg = ("IPSec: Invalid number of peer CIDR. Should not be" - " less than 1.") - LOG.error(msg) - self._error_state(context, conn, msg) try: tenant_conns = self._ipsec_get_tenant_conns( diff --git a/gbpservice/nfp/neutron_aas_plugins/extension_patch/patch_l3_notification.py b/gbpservice/nfp/neutron_aas_plugins/extension_patch/patch_l3_notification.py index 8b7dd72f50..a84c3e094d 100644 --- a/gbpservice/nfp/neutron_aas_plugins/extension_patch/patch_l3_notification.py +++ b/gbpservice/nfp/neutron_aas_plugins/extension_patch/patch_l3_notification.py @@ -47,7 +47,8 @@ def _agent_notification(self, context, method, router_ids, operation, version='1.1') cctxt.cast(context, method, routers=[router_id]) - if not send_rpc_to_nfp or not operation or operation.lower() == REMOVE_ROUTER_INTERFACE: + if not send_rpc_to_nfp or not operation or operation.lower() == \ + REMOVE_ROUTER_INTERFACE: return subnet_id = data.get('subnet_id') if subnet_id: @@ -92,7 +93,7 @@ def _agent_notification(self, context, method, router_ids, operation, name=name, admin_state_up=True, device_id='', device_owner='', description=new_interface['device_id'], - tenant_id='ef89412b8e1840a293899476112f9298') + tenant_id='') _context = plugin_context.get_admin_context() _context.tenant_id = new_interface['tenant_id'] port_list.append(core_plugin.create_port( diff --git a/gbpservice/nfp/neutron_aas_plugins/nfp_fw/nfp_fw_plugin.py b/gbpservice/nfp/neutron_aas_plugins/nfp_fw/nfp_fw_plugin.py index 4f339be66c..e04bb7c2f4 100644 --- a/gbpservice/nfp/neutron_aas_plugins/nfp_fw/nfp_fw_plugin.py +++ b/gbpservice/nfp/neutron_aas_plugins/nfp_fw/nfp_fw_plugin.py @@ -54,7 +54,7 @@ def get_router_interfaces_details(self, context, **kwargs): new_port.update(name="oc_owned_prov_%s" % _id.split('-')[ 0], admin_state_up=True, device_id='', device_owner='', description=new_port['device_id'], - tenant_id='ef89412b8e1840a293899476112f9298') + tenant_id='') _context = plugin_context.get_admin_context() _context.tenant_id = port['tenant_id'] _port = self._core_plugin.create_port(