openstack
/
neutron-vpnaas
Code Issues Proposed changes
neutron-vpnaas/neutron_vpnaas/services/vpn/plugin.py

224 lines
9.6 KiB
Python
Raw Blame History

# (c) Copyright 2013 Hewlett-Packard Development Company, L.P.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from neutron.db import servicetype_db as st_db
from neutron.services import provider_configuration as pconf
from neutron.services import service_base
from neutron_lib import context as ncontext
from neutron_lib import exceptions as lib_exc
from neutron_lib.exceptions import flavors as flav_exc
from neutron_lib.plugins import constants
from neutron_lib.plugins import directory
from oslo_log import log as logging
from neutron_vpnaas.db.vpn import vpn_db
from neutron_vpnaas.extensions import vpn_flavors
LOG = logging.getLogger(__name__)
def add_provider_configuration(type_manager, service_type):
type_manager.add_provider_configuration(
service_type,
pconf.ProviderConfiguration('neutron_vpnaas'))
class VPNPlugin(vpn_db.VPNPluginDb):
"""Implementation of the VPN Service Plugin.
This class manages the workflow of VPNaaS request/response.
Most DB related works are implemented in class
vpn_db.VPNPluginDb.
"""
supported_extension_aliases = ["vpnaas",
"vpn-endpoint-groups",
"service-type",
"vpn-flavors"]
path_prefix = "/vpn"
class VPNDriverPlugin(VPNPlugin, vpn_db.VPNPluginRpcDbMixin):
"""VpnPlugin which supports VPN Service Drivers."""
#TODO(nati) handle ikepolicy and ipsecpolicy update usecase
def __init__(self):
super(VPNDriverPlugin, self).__init__()
self.service_type_manager = st_db.ServiceTypeManager.get_instance()
add_provider_configuration(self.service_type_manager, constants.VPN)
# Load the service driver from neutron.conf.
self.drivers, self.default_provider = service_base.load_drivers(
constants.VPN, self)
self._check_orphan_vpnservice_associations()
# Associate driver names to driver objects
for driver_name, driver in self.drivers.items():
driver.name = driver_name
LOG.info(("VPN plugin using service drivers: %(service_drivers)s, "
"default: %(default_driver)s"),
{'service_drivers': self.drivers.keys(),
'default_driver': self.default_provider})
vpn_db.subscribe()
@property
def _flavors_plugin(self):
return directory.get_plugin(constants.FLAVORS)
def _check_orphan_vpnservice_associations(self):
context = ncontext.get_admin_context()
vpnservices = self.get_vpnservices(context)
vpnservice_ids = [vpnservice['id'] for vpnservice in vpnservices]
stm = self.service_type_manager
provider_names = stm.get_provider_names_by_resource_ids(
context, vpnservice_ids)
lost_providers = set()
lost_vpnservices = []
for vpnservice_id, provider in provider_names.items():
if provider not in self.drivers:
lost_providers.add(provider)
lost_vpnservices.append(vpnservice_id)
if lost_providers or lost_vpnservices:
# Provider are kept internally, we need to inform users about
# the related VPN services.
msg = (
"Delete associated vpnservices %(vpnservices)s before "
"removing providers %(providers)s."
) % {'vpnservices': lost_vpnservices,
'providers': list(lost_providers)}
LOG.exception(msg)
raise SystemExit(msg)
# Deal with upgrade. Associate existing VPN services to default
# provider.
unasso_vpnservices = [
vpnservice_id for vpnservice_id in vpnservice_ids
if vpnservice_id not in provider_names]
if unasso_vpnservices:
LOG.info(
("Associating VPN services %(unasso_vpnservices)s to "
"default provider %(default_provider)s."),
{'unasso_vpnservices': unasso_vpnservices,
'default_provider': self.default_provider})
for vpnservice_id in unasso_vpnservices:
stm.add_resource_association(
context, constants.VPN,
self.default_provider, vpnservice_id)
def _get_provider_for_flavor(self, context, flavor_id):
if flavor_id:
if self._flavors_plugin is None:
raise vpn_flavors.FlavorsPluginNotLoaded()
fl_db = self._flavors_plugin.get_flavor(context, flavor_id)
if fl_db['service_type'] != constants.VPN:
raise lib_exc.InvalidServiceType(
service_type=fl_db['service_type'])
if not fl_db['enabled']:
raise flav_exc.FlavorDisabled()
providers = self._flavors_plugin.get_flavor_next_provider(
context, fl_db['id'])
provider = providers[0].get('provider')
if provider not in self.drivers:
raise vpn_flavors.NoProviderFoundForFlavor(flavor_id=flavor_id)
else:
# Use default provider
provider = self.default_provider
LOG.debug("Selected provider %s", provider)
return provider
def _get_driver_for_vpnservice(self, context, vpnservice):
stm = self.service_type_manager
provider_names = stm.get_provider_names_by_resource_ids(
context, [vpnservice['id']])
provider = provider_names.get(vpnservice['id'])
return self.drivers[provider]
def _get_driver_for_ipsec_site_connection(self, context,
ipsec_site_connection):
# Only vpnservice_id is required as the vpnservice should be already
# associated with a provider after its creation.
vpnservice = {'id': ipsec_site_connection['vpnservice_id']}
return self._get_driver_for_vpnservice(context, vpnservice)
def create_ipsec_site_connection(self, context, ipsec_site_connection):
driver = self._get_driver_for_ipsec_site_connection(
context, ipsec_site_connection['ipsec_site_connection'])
driver.validator.validate_ipsec_site_connection(
context,
ipsec_site_connection['ipsec_site_connection'])
ipsec_site_connection = super(
VPNDriverPlugin, self).create_ipsec_site_connection(
context, ipsec_site_connection)
driver.create_ipsec_site_connection(context, ipsec_site_connection)
return ipsec_site_connection
def delete_ipsec_site_connection(self, context, ipsec_conn_id):
ipsec_site_connection = self.get_ipsec_site_connection(
context, ipsec_conn_id)
super(VPNDriverPlugin, self).delete_ipsec_site_connection(
context, ipsec_conn_id)
driver = self._get_driver_for_ipsec_site_connection(
context, ipsec_site_connection)
driver.delete_ipsec_site_connection(context, ipsec_site_connection)
def update_ipsec_site_connection(
self, context,
ipsec_conn_id, ipsec_site_connection):
old_ipsec_site_connection = self.get_ipsec_site_connection(
context, ipsec_conn_id)
driver = self._get_driver_for_ipsec_site_connection(
context, old_ipsec_site_connection)
driver.validator.validate_ipsec_site_connection(
context,
ipsec_site_connection['ipsec_site_connection'])
ipsec_site_connection = super(
VPNDriverPlugin, self).update_ipsec_site_connection(
context,
ipsec_conn_id,
ipsec_site_connection)
driver.update_ipsec_site_connection(
context, old_ipsec_site_connection, ipsec_site_connection)
return ipsec_site_connection
def create_vpnservice(self, context, vpnservice):
provider = self._get_provider_for_flavor(
context, vpnservice['vpnservice'].get('flavor_id'))
vpnservice = super(
VPNDriverPlugin, self).create_vpnservice(context, vpnservice)
self.service_type_manager.add_resource_association(
context, constants.VPN, provider, vpnservice['id'])
driver = self.drivers[provider]
driver.create_vpnservice(context, vpnservice)
return vpnservice
def update_vpnservice(self, context, vpnservice_id, vpnservice):
old_vpn_service = self.get_vpnservice(context, vpnservice_id)
new_vpn_service = super(
VPNDriverPlugin, self).update_vpnservice(context, vpnservice_id,
vpnservice)
driver = self._get_driver_for_vpnservice(context, old_vpn_service)
driver.update_vpnservice(context, old_vpn_service, new_vpn_service)
return new_vpn_service
def delete_vpnservice(self, context, vpnservice_id):
vpnservice = self._get_vpnservice(context, vpnservice_id)
super(VPNDriverPlugin, self).delete_vpnservice(context, vpnservice_id)
driver = self._get_driver_for_vpnservice(context, vpnservice)
self.service_type_manager.del_resource_associations(
context, [vpnservice_id])
driver.delete_vpnservice(context, vpnservice)
View Git Blame Copy Permalink