func (c *consistencyChecker) globalNetworkCheckPolicyAttachment(network *types.VirtualNetwork) bool {
policyName := makeGlobalNetworkPolicyName(c.config, network.GetFQName())
policy, err := types.NetworkPolicyByName(c.client, strings.Join(policyName, ":"))
if err != nil {
glog.V(3).Infof("No network policy for %s", network.GetName())
return true
}
policyRefs, err := network.GetNetworkPolicyRefs()
if err != nil {
glog.Error(err)
return true
}
for _, ref := range policyRefs {
if ref.Uuid == policy.GetUuid() {
glog.V(5).Infof("Network %s attached to %s", network.GetName(), policy.GetUuid())
return true
}
}
err = policyAttach(c.client, network, policy)
if err != nil {
glog.Error(err)
} else {
glog.Infof("attached global network %s to policy", strings.Join(network.GetFQName(), ":"))
}
return false
}
func (c *consistencyChecker) networkEvalPolicyRefs(network *types.VirtualNetwork, services ServiceIdList, lastIterationMap networkConnectionMap) (bool, error) {
policyRefs, err := network.GetNetworkPolicyRefs()
if err != nil {
return false, err
}
consistent := true
serviceDeleteList := make([]string, 0)
gblNetworkDeleteList := make(map[string]string, 0)
networkCSN := strings.Join(network.GetFQName(), ":")
for _, ref := range policyRefs {
if len(ref.To) < 3 {
glog.Errorf("unexpected policy id %+v", ref.To)
continue
}
if serviceName, err := serviceNameFromPolicyName(ref.To[len(ref.To)-1]); err == nil {
namespace := ref.To[1]
if !services.Contains(namespace, serviceName) {
consistent = false
if lastIterationMap == nil || c.connectionShouldDelete(network, lastIterationMap, ref.To) {
serviceDeleteList = append(serviceDeleteList, ref.Uuid)
}
}
} else if targetName, err := globalNetworkFromPolicyName(c.config, ref.To); err == nil {
if targetName == networkCSN {
continue
}
if !networkAccessGlobalNetworks(c.config, network.GetFQName()) ||
!isGlobalNetworkName(c.config, targetName) {
consistent = false
if lastIterationMap == nil || c.connectionShouldDelete(network, lastIterationMap, ref.To) {
glog.Infof("Delete connection %s %s", networkCSN, targetName)
gblNetworkDeleteList[ref.Uuid] = targetName
} else {
glog.Infof("Network connection %s %s not used by global network configuration", networkCSN, targetName)
}
}
}
}
if len(gblNetworkDeleteList) > 0 {
c.networkMgr.DeleteConnections(network, gblNetworkDeleteList)
}
if len(serviceDeleteList) > 0 {
c.serviceMgr.DeleteConnections(network, serviceDeleteList)
}
return consistent, nil
}
func (m *ServiceManagerImpl) PurgeStalePolicyRefs(network *types.VirtualNetwork, services ServiceIdList,
doDelete func(string, string) bool) error {
purgeList := make([]string, 0)
refs, err := network.GetNetworkPolicyRefs()
if err != nil {
return err
}
for _, ref := range refs {
if len(ref.To) < 3 {
glog.Errorf("unexpected policy id %+v", ref.To)
continue
}
namespace := ref.To[1]
serviceName := ref.To[len(ref.To)-1]
if !services.Contains(namespace, serviceName) && doDelete(namespace, serviceName) {
purgeList = append(purgeList, ref.Uuid)
}
}
if len(purgeList) == 0 {
return nil
}
for _, policyId := range purgeList {
network.DeleteNetworkPolicy(policyId)
}
err = m.client.Update(network)
if err != nil {
return err
}
for _, policyId := range purgeList {
policy, err := types.NetworkPolicyByUuid(m.client, policyId)
if err != nil {
glog.Error(err)
continue
}
refs, err := policy.GetVirtualNetworkBackRefs()
if err != nil {
glog.Error(err)
}
if len(refs) == 0 {
err = m.client.Delete(policy)
if err != nil {
glog.Error(err)
}
}
}
return nil
}
func policyDetach(client contrail.ApiClient, network *types.VirtualNetwork, policyName string) error {
refs, err := network.GetNetworkPolicyRefs()
if err != nil {
glog.Errorf("get network policy-refs %s: %v", network.GetName(), err)
return err
}
for _, ref := range refs {
if strings.Join(ref.To, ":") == policyName {
network.DeleteNetworkPolicy(ref.Uuid)
err := client.Update(network)
if err != nil {
glog.Errorf("Update network %s policies: %v", network.GetName(), err)
}
return err
}
}
return nil
}
func (m *ServiceManagerImpl) detachPolicy(network *types.VirtualNetwork, policyName string) error {
refs, err := network.GetNetworkPolicyRefs()
if err != nil {
glog.Errorf("get network policy-refs %s: %v", network.GetName(), err)
return err
}
for _, ref := range refs {
if strings.Join(ref.To, ":") == policyName {
network.DeleteNetworkPolicy(ref.Uuid)
err := m.client.Update(network)
if err != nil {
glog.Errorf("Update network %s policies: %v", network.GetName(), err)
}
return err
}
}
return nil
}
func (m *NetworkManagerImpl) DeleteNetwork(network *types.VirtualNetwork) error {
refs, err := network.GetNetworkPolicyRefs()
if err != nil {
glog.Errorf("Get %s policy refs: %v", network.GetName(), err)
}
m.client.Delete(network)
for _, ref := range refs {
obj, err := m.client.FindByUuid("network-policy", ref.Uuid)
if err != nil {
glog.Errorf("Get policy %s: %v", ref.Uuid, err)
}
policy := obj.(*types.NetworkPolicy)
npRefs, err := policy.GetVirtualNetworkBackRefs()
if len(npRefs) == 0 {
m.client.Delete(policy)
}
}
return nil
}
func policyAttach(client contrail.ApiClient, network *types.VirtualNetwork, policy *types.NetworkPolicy) error {
refs, err := network.GetNetworkPolicyRefs()
if err != nil {
glog.Errorf("get network policy-refs %s: %v", network.GetName(), err)
return err
}
for _, ref := range refs {
if ref.Uuid == policy.GetUuid() {
return nil
}
}
network.AddNetworkPolicy(policy,
types.VirtualNetworkPolicyType{
Sequence: &types.SequenceType{Major: 10, Minor: 0},
})
err = client.Update(network)
if err != nil {
glog.Errorf("Update network %s policies: %v", network.GetName(), err)
return err
}
return nil
}
func (m *ServiceManagerImpl) attachPolicy(network *types.VirtualNetwork, policy *types.NetworkPolicy) error {
refs, err := network.GetNetworkPolicyRefs()
if err != nil {
glog.Errorf("get network policy-refs %s: %v", network.GetName(), err)
return err
}
for _, ref := range refs {
if ref.Uuid == policy.GetUuid() {
return nil
}
}
network.AddNetworkPolicy(policy,
types.VirtualNetworkPolicyType{
Sequence: &types.SequenceType{10, 0},
})
err = m.client.Update(network)
if err != nil {
glog.Errorf("Update network %s policies: %v", network.GetName(), err)
return err
}
return nil
}
func buildNetworkInfo(net *types.VirtualNetwork, detail bool) (
*NetworkInfo, error) {
var subnets []string
var policies []string
refList, err := net.GetNetworkIpamRefs()
if err != nil {
return nil, err
}
for _, ref := range refList {
attr := ref.Attr.(types.VnSubnetsType)
for _, ipamSubnet := range attr.IpamSubnets {
subnets = append(subnets, fmt.Sprintf("%s/%d",
ipamSubnet.Subnet.IpPrefix,
ipamSubnet.Subnet.IpPrefixLen))
}
}
if detail {
refList, err = net.GetNetworkPolicyRefs()
for _, ref := range refList {
policies = append(policies, strings.Join(ref.To, ":"))
}
}
info := &NetworkInfo{
net.GetUuid(),
net.GetName(),
net.GetIdPerms().Enable,
net.GetVirtualNetworkProperties().NetworkId,
net.GetVirtualNetworkProperties().AllowTransit,
net.GetVirtualNetworkProperties().ForwardingMode,
subnets,
policies,
net.GetRouteTargetList().RouteTarget,
}
return info, err
}
