Exemplo n.º 1
0
func (m *InstanceManager) LocateInterface(
	network *types.VirtualNetwork, instance *types.VirtualMachine) *types.VirtualMachineInterface {
	tenant := network.GetFQName()[len(network.GetFQName())-2]
	fqn := interfaceFQName(m.config.DefaultDomain, tenant, instance.GetName())

	obj, err := m.client.FindByName(
		"virtual-machine-interface", strings.Join(fqn, ":"))

	if err == nil {
		nic := obj.(*types.VirtualMachineInterface)
		// TODO(prm): ensure network is as expected, else update.
		return nic
	}

	nic := new(types.VirtualMachineInterface)
	nic.SetFQName("project", fqn)
	nic.AddVirtualMachine(instance)
	if network != nil {
		nic.AddVirtualNetwork(network)
	}
	err = m.client.Create(nic)
	if err != nil {
		glog.Errorf("Create interface %s: %v", instance.GetName(), err)
		return nil
	}
	obj, err = m.client.FindByUuid(nic.GetType(), nic.GetUuid())
	if err != nil {
		glog.Errorf("Get vmi %s: %v", nic.GetUuid(), err)
		return nil
	}
	return obj.(*types.VirtualMachineInterface)
}
Exemplo n.º 2
0
func (m *ServiceManagerImpl) locatePolicyRule(policy *types.NetworkPolicy, lhs, rhs *types.VirtualNetwork) error {
	lhsName := strings.Join(lhs.GetFQName(), ":")
	rhsName := strings.Join(rhs.GetFQName(), ":")

	entries := policy.GetNetworkPolicyEntries()
	for _, rule := range entries.PolicyRule {
		if rule.SrcAddresses[0].VirtualNetwork == lhsName &&
			rule.DstAddresses[0].VirtualNetwork == rhsName {
			return nil
		}
	}
	rule := new(types.PolicyRuleType)
	rule.Protocol = "any"
	rule.Direction = "<>"
	rule.SrcAddresses = []types.AddressType{types.AddressType{
		VirtualNetwork: lhsName,
	}}
	rule.DstAddresses = []types.AddressType{types.AddressType{
		VirtualNetwork: rhsName,
	}}
	rule.SrcPorts = []types.PortType{types.PortType{-1, -1}}
	rule.DstPorts = []types.PortType{types.PortType{-1, -1}}
	rule.ActionList = &types.ActionListType{
		SimpleAction: "pass",
	}

	entries.AddPolicyRule(rule)
	policy.SetNetworkPolicyEntries(&entries)
	err := m.client.Update(policy)
	if err != nil {
		glog.Errorf("policy-rule: %v", err)
		return err
	}
	return nil
}
Exemplo n.º 3
0
func (c *consistencyChecker) globalNetworkCheckPolicyAttachment(network *types.VirtualNetwork) bool {
	policyName := makeGlobalNetworkPolicyName(c.config, network.GetFQName())
	policy, err := types.NetworkPolicyByName(c.client, strings.Join(policyName, ":"))
	if err != nil {
		glog.V(3).Infof("No network policy for %s", network.GetName())
		return true
	}
	policyRefs, err := network.GetNetworkPolicyRefs()
	if err != nil {
		glog.Error(err)
		return true
	}

	for _, ref := range policyRefs {
		if ref.Uuid == policy.GetUuid() {
			glog.V(5).Infof("Network %s attached to %s", network.GetName(), policy.GetUuid())
			return true
		}
	}

	err = policyAttach(c.client, network, policy)
	if err != nil {
		glog.Error(err)
	} else {
		glog.Infof("attached global network %s to policy", strings.Join(network.GetFQName(), ":"))
	}
	return false
}
Exemplo n.º 4
0
func (c *Controller) globalNetworkConnectionUpdate(network *types.VirtualNetwork) {
	if !networkAccessGlobalNetworks(c.config, network.GetFQName()) {
		return
	}
	// connect to each of the global-networks
	for _, gbl := range c.config.GlobalNetworks {
		err := c.networkMgr.Connect(network, gbl)
		if err != nil {
			glog.Error(err)
			continue
		}
		glog.V(2).Infof("Connected %s to %s", strings.Join(network.GetFQName(), ":"), gbl)
	}
}
Exemplo n.º 5
0
func (c *consistencyChecker) networkEvalPolicyRefs(network *types.VirtualNetwork, services ServiceIdList, lastIterationMap networkConnectionMap) (bool, error) {
	policyRefs, err := network.GetNetworkPolicyRefs()
	if err != nil {
		return false, err
	}
	consistent := true
	serviceDeleteList := make([]string, 0)
	gblNetworkDeleteList := make(map[string]string, 0)
	networkCSN := strings.Join(network.GetFQName(), ":")
	for _, ref := range policyRefs {
		if len(ref.To) < 3 {
			glog.Errorf("unexpected policy id %+v", ref.To)
			continue
		}

		if serviceName, err := serviceNameFromPolicyName(ref.To[len(ref.To)-1]); err == nil {
			namespace := ref.To[1]
			if !services.Contains(namespace, serviceName) {
				consistent = false
				if lastIterationMap == nil || c.connectionShouldDelete(network, lastIterationMap, ref.To) {
					serviceDeleteList = append(serviceDeleteList, ref.Uuid)
				}
			}
		} else if targetName, err := globalNetworkFromPolicyName(c.config, ref.To); err == nil {
			if targetName == networkCSN {
				continue
			}
			if !networkAccessGlobalNetworks(c.config, network.GetFQName()) ||
				!isGlobalNetworkName(c.config, targetName) {
				consistent = false
				if lastIterationMap == nil || c.connectionShouldDelete(network, lastIterationMap, ref.To) {
					glog.Infof("Delete connection %s %s", networkCSN, targetName)
					gblNetworkDeleteList[ref.Uuid] = targetName
				} else {
					glog.Infof("Network connection %s %s not used by global network configuration", networkCSN, targetName)
				}
			}
		}
	}

	if len(gblNetworkDeleteList) > 0 {
		c.networkMgr.DeleteConnections(network, gblNetworkDeleteList)
	}

	if len(serviceDeleteList) > 0 {
		c.serviceMgr.DeleteConnections(network, serviceDeleteList)
	}
	return consistent, nil
}
Exemplo n.º 6
0
func (m *NetworkManagerImpl) LocateFloatingIp(network *types.VirtualNetwork, resourceName, targetAddress string) (*types.FloatingIp, error) {
	obj, err := m.client.FindByName("floating-ip-pool", makePoolName(network))
	if err != nil {
		glog.Errorf("Get floating-ip-pool %s: %v", network.GetName(), err)
		return nil, err
	}
	pool := obj.(*types.FloatingIpPool)

	fqn := AppendConst(pool.GetFQName(), resourceName)
	obj, err = m.client.FindByName("floating-ip", strings.Join(fqn, ":"))
	if err == nil {
		fip := obj.(*types.FloatingIp)
		if targetAddress != "" && fip.GetFloatingIpAddress() != targetAddress {
			fip.SetFloatingIpAddress(targetAddress)
			err = m.client.Update(fip)
			if err != nil {
				glog.Errorf("Update floating-ip %s: %v", resourceName, err)
				return nil, err
			}
		}
		return fip, nil
	}

	projectFQN := network.GetFQName()[0 : len(network.GetFQName())-1]
	obj, err = m.client.FindByName("project", strings.Join(projectFQN, ":"))
	if err != nil {
		glog.Errorf("Get project %s: %v", projectFQN[len(projectFQN)-1], err)
		return nil, err
	}
	project := obj.(*types.Project)

	fip := new(types.FloatingIp)
	fip.SetParent(pool)
	fip.SetName(resourceName)
	if targetAddress != "" {
		fip.SetFloatingIpAddress(targetAddress)
	}
	fip.AddProject(project)
	err = m.client.Create(fip)
	if err != nil {
		glog.Errorf("Create floating-ip %s: %v", resourceName, err)
		return nil, err
	}
	if targetAddress == "" {
		fip, err = types.FloatingIpByUuid(m.client, fip.GetUuid())
	}
	return fip, err
}
Exemplo n.º 7
0
// connectionShouldDelete returns true when a connection should be deleted.
// When a connection is first considered to be stale it is added to a GC list; if it is considered to be stale
// in two consistency runs, it is deleted.
func (c *consistencyChecker) connectionShouldDelete(network *types.VirtualNetwork, lastIterationMap networkConnectionMap, policyName []string) bool {
	networkName := strings.Join(network.GetFQName(), ":")
	policyCSN := strings.Join(policyName, ":")
	if entry, ok := lastIterationMap[networkName]; ok {
		if _, exists := entry[policyCSN]; exists {
			glog.Infof("%s network connection %s delete", networkName, policyCSN)
			return true
		}
	}

	gcPolicies, exists := c.staleConnectionMap[networkName]
	if !exists {
		gcPolicies = make(policySet, 0)
		c.staleConnectionMap[networkName] = gcPolicies
	}
	glog.Infof("%s network connection %s not used by pod specifications", networkName, policyCSN)
	gcPolicies[policyCSN] = true
	return false
}
Exemplo n.º 8
0
// Connect creates a network-policy and corresponding policy rule (when they do not exist) in order to
// connect the source network with the target. The target network may or not exist yet.
func (m *NetworkManagerImpl) Connect(network *types.VirtualNetwork, targetCSN string) error {
	targetName := strings.Split(targetCSN, ":")
	policy, err := m.locatePolicy(targetName)
	if err != nil {
		return err
	}

	policyAttach(m.client, network, policy)

	target, err := types.VirtualNetworkByName(m.client, targetCSN)
	if err == nil {
		err = policyAttach(m.client, target, policy)
		if err != nil {
			glog.Error(err)
		}
	}

	err = policyLocateRuleByFQN(m.client, policy, network.GetFQName(), targetName)
	if err != nil {
		return err
	}
	return nil
}
Exemplo n.º 9
0
func policyLocateRule(client contrail.ApiClient, policy *types.NetworkPolicy, lhs, rhs *types.VirtualNetwork) error {
	return policyLocateRuleByFQN(client, policy, lhs.GetFQName(), rhs.GetFQName())
}
Exemplo n.º 10
0
func makePoolName(network *types.VirtualNetwork) string {
	fqn := make([]string, len(network.GetFQName()), len(network.GetFQName())+1)
	copy(fqn, network.GetFQName())
	fqn = append(fqn, fqn[len(fqn)-1])
	return strings.Join(fqn, ":")
}