x/group-based-policy
Code Issues Proposed changes

NFP[Contrib] - Vyos service day0 configuration

Browse Source 
Vyos service day0 configuration installation. Vyos password is
by default 'vyos' after installation. User can still customize
the password in the day0 file before service launch.

Change-Id: I5041f8b8fcfe1e70c3c2b54076d586ca87b54925
Closes-Bug: 1681471
This commit is contained in:
Rajendra Machani
2017-04-10 20:31:24 +05:30
parent 59bceed641
commit 3b30dc4757
9 changed files with 281 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
devstack/lib/nfp
View File

@@ -414,7 +414,12 @@ function copy_nfp_files_and_start_process {
sudo rm -rf /etc/nfp* sudo rm -rf /etc/nfp*
sudo cp -r bin/nfp.ini /etc/ sudo cp -r bin/nfp.ini /etc/
sudo cp -r bin/nfp_proxy /usr/bin/ sudo cp -r bin/nfp_proxy /usr/bin/
[[ $NFP_DEVSTACK_MODE = advanced ]] && sudo bash -c 'cat '$NFPSERVICE_DIR'/gbpservice/contrib/nfp/bin/nfp.ini >> /etc/nfp.ini' if [[ $NFP_DEVSTACK_MODE = advanced ]]; then
sudo bash -c 'cat '$NFPSERVICE_DIR'/gbpservice/contrib/nfp/bin/nfp.ini >> /etc/nfp.ini'
sudo mkdir -p /etc/nfp/vyos/
sudo cp -r $NFPSERVICE_DIR/gbpservice/contrib/nfp/bin/vyos.day0 /etc/nfp/vyos/
sudo sed -i 's/"password": ""/"password": "vyos"/' /etc/nfp/vyos/vyos.day0
fi
if [[ $NFP_DEVSTACK_MODE = base ]]; then if [[ $NFP_DEVSTACK_MODE = base ]]; then
configurator_ip=127.0.0.1 configurator_ip=127.0.0.1
configurator_port=8080 configurator_port=8080

6
gbpservice/contrib/nfp/bin/vyos.day0 Normal file
View File

@@ -0,0 +1,6 @@
{
"vyos": {
"username": "vyos",
"password": ""
}
}

5
gbpservice/contrib/nfp/configurator/drivers/base/base_driver.py
View File

@@ -100,7 +100,7 @@ class BaseDriver(object):
return const.FAILED return const.FAILED
return const.SUCCESS return const.SUCCESS
def _configure_log_forwarding(self, url, mgmt_ip, port): def _configure_log_forwarding(self, url, mgmt_ip, port, headers=None):
""" Configures log forwarding IP address in Service VMs. """ Configures log forwarding IP address in Service VMs.
:param url: url format that is used to invoke the Service VM API :param url: url format that is used to invoke the Service VM API
@@ -131,7 +131,8 @@ class BaseDriver(object):
LOG.info(msg) LOG.info(msg)
try: try:
resp = requests.post(url, data, timeout=self.timeout) resp = requests.post(url, data=data,
timeout=self.timeout, headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to service at: " msg = ("Failed to establish connection to service at: "
"%r for configuring log forwarding. ERROR: %r" % "%r for configuring log forwarding. ERROR: %r" %

124
gbpservice/contrib/nfp/configurator/drivers/firewall/vyos/vyos_fw_driver.py
View File

@@ -20,6 +20,8 @@ from gbpservice._i18n import _LI
from gbpservice.contrib.nfp.configurator.drivers.base import base_driver from gbpservice.contrib.nfp.configurator.drivers.base import base_driver
from gbpservice.contrib.nfp.configurator.drivers.firewall.vyos import ( from gbpservice.contrib.nfp.configurator.drivers.firewall.vyos import (
vyos_fw_constants as const) vyos_fw_constants as const)
from gbpservice.contrib.nfp.configurator.lib import (
generic_config_constants as gen_cfg_const)
from gbpservice.contrib.nfp.configurator.lib import constants as common_const from gbpservice.contrib.nfp.configurator.lib import constants as common_const
from gbpservice.contrib.nfp.configurator.lib import data_parser from gbpservice.contrib.nfp.configurator.lib import data_parser
from gbpservice.contrib.nfp.configurator.lib import fw_constants as fw_const from gbpservice.contrib.nfp.configurator.lib import fw_constants as fw_const
@@ -39,11 +41,12 @@ class RestApi(object):
def __init__(self, timeout): def __init__(self, timeout):
self.timeout = timeout self.timeout = timeout
def request_type_to_api_map(self, url, data, request_type): def request_type_to_api_map(self, url, data, request_type, headers):
return getattr(requests, request_type)(url, return getattr(requests, request_type)(url,
data=data, timeout=self.timeout) data=data, timeout=self.timeout,
headers=headers)
def fire(self, url, data, request_type): def fire(self, url, data, request_type, headers):
""" Invokes REST POST call to the Service VM. """ Invokes REST POST call to the Service VM.
:param url: URL to connect. :param url: URL to connect.
@@ -59,8 +62,8 @@ class RestApi(object):
"vm with data %s" "vm with data %s"
% (url, request_type, data)) % (url, request_type, data))
LOG.debug(msg) LOG.debug(msg)
resp = self.request_type_to_api_map(url, resp = self.request_type_to_api_map(url, data,
data, request_type.lower()) request_type.lower(), headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to the service at URL: %r. " msg = ("Failed to establish connection to the service at URL: %r. "
"ERROR: %r" % (url, str(err).capitalize())) "ERROR: %r" % (url, str(err).capitalize()))
@@ -93,7 +96,72 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
def __init__(self): def __init__(self):
self.parse = data_parser.DataParser() self.parse = data_parser.DataParser()
def _configure_static_ips(self, resource_data): def _parse_vm_context(self, context):
try:
username = str(context['service_vm_context'][
'vyos']['username'])
password = str(context['service_vm_context'][
'vyos']['password'])
headers = {'Content-Type': 'application/json',
'username': username,
'password': password}
return headers
except Exception as e:
msg = ("Failed to get header from context. ERROR: %s" % e)
LOG.error(msg)
raise Exception(msg)
def configure_healthmonitor(self, context, resource_data):
vm_status = super(FwGenericConfigDriver, self).configure_healthmonitor(
context, resource_data)
if resource_data['nfds'][0]['periodicity'] == gen_cfg_const.INITIAL:
if vm_status == common_const.SUCCESS:
try:
resp = self.configure_user(context, resource_data)
if resp != common_const.STATUS_SUCCESS:
return common_const.FAILURE
except Exception as e:
msg = ("Failed to configure user. ERROR: %s" % e)
LOG.error(msg)
return common_const.FAILURE
return vm_status
def configure_user(self, context, resource_data):
headers = self._parse_vm_context(context)
resource_data = self.parse.parse_data(common_const.HEALTHMONITOR,
resource_data)
mgmt_ip = resource_data['mgmt_ip']
url = const.request_url % (mgmt_ip,
self.port,
'change_auth')
data = {}
LOG.info(_LI("Initiating POST request to configure Authentication "
"service at mgmt ip:%(mgmt_ip)s"),
{'mgmt_ip': mgmt_ip})
err_msg = ("Change Auth POST request to the VyOS firewall "
"service at %s failed. " % url)
try:
resp = self.rest_api.fire(url, data, common_const.POST, headers)
except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg)
return err_msg
if resp is common_const.STATUS_SUCCESS:
msg = ("Configured user authentication successfully"
" for vyos service at %r." % mgmt_ip)
LOG.info(msg)
return resp
err_msg += (("Failed to change Authentication para Status code "
"Status code: %r, Reason: %r" %
(resp['status'], resp['reason']))
if type(resp) is dict
else ("Reason: " + resp))
LOG.error(err_msg)
return err_msg
def _configure_static_ips(self, context, resource_data):
""" Configure static IPs for provider and stitching interfaces """ Configure static IPs for provider and stitching interfaces
of service VM. of service VM.
@@ -105,7 +173,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
static_ips_info = dict( static_ips_info = dict(
provider_ip=resource_data.get('provider_ip'), provider_ip=resource_data.get('provider_ip'),
provider_cidr=resource_data.get('provider_cidr'), provider_cidr=resource_data.get('provider_cidr'),
@@ -126,7 +194,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
err_msg = ("Static IP POST request to the VyOS firewall " err_msg = ("Static IP POST request to the VyOS firewall "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.POST) resp = self.rest_api.fire(url, data, common_const.POST, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)
@@ -158,14 +226,14 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
resource_data = self.parse.parse_data(common_const.INTERFACES, resource_data = self.parse.parse_data(common_const.INTERFACES,
resource_data) resource_data)
mgmt_ip = resource_data['mgmt_ip'] mgmt_ip = resource_data['mgmt_ip']
try: try:
result_log_forward = self._configure_log_forwarding( result_log_forward = self._configure_log_forwarding(
const.request_url, mgmt_ip, self.port) const.request_url, mgmt_ip, self.port, headers)
except Exception as err: except Exception as err:
msg = ("Failed to configure log forwarding for service at %s. " msg = ("Failed to configure log forwarding for service at %s. "
"Error: %s" % (mgmt_ip, err)) "Error: %s" % (mgmt_ip, err))
@@ -182,7 +250,8 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
LOG.error(msg) LOG.error(msg)
try: try:
result_static_ips = self._configure_static_ips(resource_data) result_static_ips = self._configure_static_ips(context,
resource_data)
except Exception as err: except Exception as err:
msg = ("Failed to add static IPs. Error: %s" % err) msg = ("Failed to add static IPs. Error: %s" % err)
LOG.error(msg) LOG.error(msg)
@@ -204,7 +273,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
err_msg = ("Add persistent rule POST request to the VyOS firewall " err_msg = ("Add persistent rule POST request to the VyOS firewall "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.POST) resp = self.rest_api.fire(url, data, common_const.POST, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)
@@ -226,7 +295,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
LOG.error(err_msg) LOG.error(err_msg)
return err_msg return err_msg
def _clear_static_ips(self, resource_data): def _clear_static_ips(self, context, resource_data):
""" Clear static IPs for provider and stitching """ Clear static IPs for provider and stitching
interfaces of the service VM. interfaces of the service VM.
@@ -238,7 +307,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
static_ips_info = dict( static_ips_info = dict(
provider_ip=resource_data.get('provider_ip'), provider_ip=resource_data.get('provider_ip'),
provider_cidr=resource_data.get('provider_cidr'), provider_cidr=resource_data.get('provider_cidr'),
@@ -260,7 +329,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
err_msg = ("Static IP DELETE request to the VyOS firewall " err_msg = ("Static IP DELETE request to the VyOS firewall "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.DELETE) resp = self.rest_api.fire(url, data, common_const.DELETE, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)
@@ -292,11 +361,11 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
resource_data = self.parse.parse_data(common_const.INTERFACES, resource_data = self.parse.parse_data(common_const.INTERFACES,
resource_data) resource_data)
try: try:
result_static_ips = self._clear_static_ips(resource_data) result_static_ips = self._clear_static_ips(context, resource_data)
except Exception as err: except Exception as err:
msg = ("Failed to remove static IPs. Error: %s" % err) msg = ("Failed to remove static IPs. Error: %s" % err)
LOG.error(msg) LOG.error(msg)
@@ -324,7 +393,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
err_msg = ("Persistent rule DELETE request to the VyOS firewall " err_msg = ("Persistent rule DELETE request to the VyOS firewall "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.DELETE) resp = self.rest_api.fire(url, data, common_const.DELETE, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)
@@ -354,7 +423,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
forward_routes = resource_data.get('forward_route') forward_routes = resource_data.get('forward_route')
resource_data = self.parse.parse_data(common_const.ROUTES, resource_data = self.parse.parse_data(common_const.ROUTES,
resource_data) resource_data)
@@ -385,7 +454,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
err_msg = ("Configure routes POST request to the VyOS firewall " err_msg = ("Configure routes POST request to the VyOS firewall "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.POST) resp = self.rest_api.fire(url, data, common_const.POST, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)
@@ -415,7 +484,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
resource_data = self.parse.parse_data(common_const.ROUTES, resource_data = self.parse.parse_data(common_const.ROUTES,
resource_data) resource_data)
mgmt_ip = resource_data.get('mgmt_ip') mgmt_ip = resource_data.get('mgmt_ip')
@@ -435,7 +504,7 @@ class FwGenericConfigDriver(base_driver.BaseDriver):
err_msg = ("Routes DELETE request to the VyOS firewall " err_msg = ("Routes DELETE request to the VyOS firewall "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.DELETE) resp = self.rest_api.fire(url, data, common_const.DELETE, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)
@@ -486,7 +555,7 @@ class FwaasDriver(FwGenericConfigDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context['agent_info']['context'])
resource_data = self.parse.parse_data(common_const.FIREWALL, context) resource_data = self.parse.parse_data(common_const.FIREWALL, context)
LOG.info(_LI("Processing request 'Create Firewall' in FWaaS Driver " LOG.info(_LI("Processing request 'Create Firewall' in FWaaS Driver "
@@ -504,7 +573,7 @@ class FwaasDriver(FwGenericConfigDriver):
err_msg = ("Configure firewall POST request to the VyOS " err_msg = ("Configure firewall POST request to the VyOS "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.POST) resp = self.rest_api.fire(url, data, common_const.POST, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)
@@ -534,6 +603,7 @@ class FwaasDriver(FwGenericConfigDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context['agent_info']['context'])
LOG.info(_LI("Processing request 'Update Firewall' in FWaaS Driver " LOG.info(_LI("Processing request 'Update Firewall' in FWaaS Driver "
"for Firewall ID:%(f_id)s"), "for Firewall ID:%(f_id)s"),
{'f_id': firewall['id']}) {'f_id': firewall['id']})
@@ -549,7 +619,7 @@ class FwaasDriver(FwGenericConfigDriver):
err_msg = ("Update firewall POST request to the VyOS " err_msg = ("Update firewall POST request to the VyOS "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.PUT) resp = self.rest_api.fire(url, data, common_const.PUT, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)
@@ -579,7 +649,7 @@ class FwaasDriver(FwGenericConfigDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context['agent_info']['context'])
LOG.info(_LI("Processing request 'Delete Firewall' in FWaaS Driver " LOG.info(_LI("Processing request 'Delete Firewall' in FWaaS Driver "
"for Firewall ID:%(f_id)s"), "for Firewall ID:%(f_id)s"),
{'f_id': firewall['id']}) {'f_id': firewall['id']})
@@ -595,7 +665,7 @@ class FwaasDriver(FwGenericConfigDriver):
err_msg = ("Delete firewall POST request to the VyOS " err_msg = ("Delete firewall POST request to the VyOS "
"service at %s failed. " % url) "service at %s failed. " % url)
try: try:
resp = self.rest_api.fire(url, data, common_const.DELETE) resp = self.rest_api.fire(url, data, common_const.DELETE, headers)
except Exception as err: except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize()) err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg) LOG.error(err_msg)

165
gbpservice/contrib/nfp/configurator/drivers/vpn/vyos/vyos_vpn_driver.py
View File

@@ -16,9 +16,13 @@ import requests
import six import six
import time import time
from neutron._i18n import _LI
from gbpservice.contrib.nfp.configurator.drivers.base import base_driver from gbpservice.contrib.nfp.configurator.drivers.base import base_driver
from gbpservice.contrib.nfp.configurator.drivers.vpn.vyos import ( from gbpservice.contrib.nfp.configurator.drivers.vpn.vyos import (
vyos_vpn_constants as const) vyos_vpn_constants as const)
from gbpservice.contrib.nfp.configurator.lib import (
generic_config_constants as gen_cfg_const)
from gbpservice.contrib.nfp.configurator.lib import constants as common_const from gbpservice.contrib.nfp.configurator.lib import constants as common_const
from gbpservice.contrib.nfp.configurator.lib import data_parser from gbpservice.contrib.nfp.configurator.lib import data_parser
from gbpservice.contrib.nfp.configurator.lib import vpn_constants as vpn_const from gbpservice.contrib.nfp.configurator.lib import vpn_constants as vpn_const
@@ -52,7 +56,7 @@ class RestApi(object):
return '&'.join([str(k) + '=' + str(v) return '&'.join([str(k) + '=' + str(v)
for k, v in six.iteritems(args)]) for k, v in six.iteritems(args)])
def post(self, api, args): def post(self, api, args, headers):
""" """
Makes ReST call to the service VM to post the configurations. Makes ReST call to the service VM to post the configurations.
@@ -68,7 +72,8 @@ class RestApi(object):
data = jsonutils.dumps(args) data = jsonutils.dumps(args)
try: try:
resp = requests.post(url, data=data, timeout=self.timeout) resp = requests.post(url, data=data, timeout=self.timeout,
headers=headers)
message = jsonutils.loads(resp.text) message = jsonutils.loads(resp.text)
msg = "POST url %s %d" % (url, resp.status_code) msg = "POST url %s %d" % (url, resp.status_code)
LOG.debug(msg) LOG.debug(msg)
@@ -87,7 +92,7 @@ class RestApi(object):
LOG.error(msg) LOG.error(msg)
raise requests.exceptions.HTTPError(msg) raise requests.exceptions.HTTPError(msg)
def put(self, api, args): def put(self, api, args, headers):
""" """
Makes ReST call to the service VM to put the configurations. Makes ReST call to the service VM to put the configurations.
@@ -103,7 +108,8 @@ class RestApi(object):
data = jsonutils.dumps(args) data = jsonutils.dumps(args)
try: try:
resp = requests.put(url, data=data, timeout=self.timeout) resp = requests.put(url, data=data, timeout=self.timeout,
headers=headers)
msg = "PUT url %s %d" % (url, resp.status_code) msg = "PUT url %s %d" % (url, resp.status_code)
LOG.debug(msg) LOG.debug(msg)
if resp.status_code == 200: if resp.status_code == 200:
@@ -118,7 +124,7 @@ class RestApi(object):
% (url, str(err).capitalize())) % (url, str(err).capitalize()))
LOG.error(msg) LOG.error(msg)
def delete(self, api, args, data=None): def delete(self, api, args, headers, data=None):
""" """
Makes ReST call to the service VM to delete the configurations. Makes ReST call to the service VM to delete the configurations.
@@ -139,7 +145,8 @@ class RestApi(object):
if data: if data:
data = jsonutils.dumps(data) data = jsonutils.dumps(data)
try: try:
resp = requests.delete(url, timeout=self.timeout, data=data) resp = requests.delete(url, timeout=self.timeout, data=data,
headers=headers)
message = jsonutils.loads(resp.text) message = jsonutils.loads(resp.text)
msg = "DELETE url %s %d" % (url, resp.status_code) msg = "DELETE url %s %d" % (url, resp.status_code)
LOG.debug(msg) LOG.debug(msg)
@@ -157,7 +164,7 @@ class RestApi(object):
LOG.error(msg) LOG.error(msg)
raise requests.exceptions.HTTPError(msg) raise requests.exceptions.HTTPError(msg)
def get(self, api, args): def get(self, api, args, headers):
""" """
Makes ReST call to the service VM to put the configurations. Makes ReST call to the service VM to put the configurations.
@@ -174,7 +181,8 @@ class RestApi(object):
const.CONFIGURATION_SERVER_PORT, api) const.CONFIGURATION_SERVER_PORT, api)
try: try:
resp = requests.get(url, params=args, timeout=self.timeout) resp = requests.get(url, params=args, timeout=self.timeout,
headers=headers)
msg = "GET url %s %d" % (url, resp.status_code) msg = "GET url %s %d" % (url, resp.status_code)
LOG.debug(msg) LOG.debug(msg)
if resp.status_code == 200: if resp.status_code == 200:
@@ -305,7 +313,75 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
self.timeout = const.REST_TIMEOUT self.timeout = const.REST_TIMEOUT
self.parse = data_parser.DataParser() self.parse = data_parser.DataParser()
def _configure_static_ips(self, resource_data): def _parse_vm_context(self, context):
try:
username = str(context['service_vm_context'][
'vyos']['username'])
password = str(context['service_vm_context'][
'vyos']['password'])
headers = {'Content-Type': 'application/json',
'username': username,
'password': password}
return headers
except Exception as e:
msg = ("Failed to get header from context. ERROR: %s" % e)
LOG.error(msg)
raise Exception(msg)
def configure_healthmonitor(self, context, resource_data):
vm_status = super(VpnGenericConfigDriver,
self).configure_healthmonitor(
context, resource_data)
if resource_data['nfds'][0]['periodicity'] == gen_cfg_const.INITIAL:
if vm_status == common_const.SUCCESS:
try:
resp = self.configure_user(context, resource_data)
if resp not in common_const.SUCCESS_CODES:
return common_const.FAILURE
except Exception as e:
msg = ("Failed to configure user. ERROR: %s" % e)
LOG.error(msg)
return common_const.FAILURE
return vm_status
def configure_user(self, context, resource_data):
headers = self._parse_vm_context(context)
resource_data = self.parse.parse_data(common_const.HEALTHMONITOR,
resource_data)
mgmt_ip = resource_data['mgmt_ip']
url = const.request_url % (mgmt_ip,
self.port,
'change_auth')
data = {}
LOG.info(_LI("Initiating POST request to configure Authentication "
"service at mgmt ip:%(mgmt_ip)s"),
{'mgmt_ip': mgmt_ip})
err_msg = ("Change Auth POST request to the VyOS firewall "
"service at %s failed. " % url)
try:
resp = requests.post(url, data=data, headers=headers)
except Exception as err:
err_msg += ("Reason: %r" % str(err).capitalize())
LOG.error(err_msg)
return err_msg
if (resp.status_code in common_const.SUCCESS_CODES) and (
resp.json().get('status') is True):
msg = ("Configured user authentication successfully"
" for vyos service at %r." % mgmt_ip)
LOG.info(msg)
return resp.status_code
err_msg += (("Failed to change Authentication para Status code"
": %r, Reason: %r" %
(resp.status_code, resp.json().get('reason')))
if type(resp.json()) is dict
else ("Reason: " + resp))
LOG.error(err_msg)
return err_msg
def _configure_static_ips(self, context, resource_data):
""" Configure static IPs for provider and stitching interfaces """ Configure static IPs for provider and stitching interfaces
of service VM. of service VM.
@@ -317,7 +393,7 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
static_ips_info = dict( static_ips_info = dict(
provider_ip=resource_data.get('provider_ip'), provider_ip=resource_data.get('provider_ip'),
provider_cidr=resource_data.get('provider_cidr'), provider_cidr=resource_data.get('provider_cidr'),
@@ -336,7 +412,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
"service at: %r" % mgmt_ip) "service at: %r" % mgmt_ip)
LOG.info(msg) LOG.info(msg)
try: try:
resp = requests.post(url, data, timeout=self.timeout) resp = requests.post(url, data, timeout=self.timeout,
headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to primary service at: " msg = ("Failed to establish connection to primary service at: "
"%r. ERROR: %r" % "%r. ERROR: %r" %
@@ -382,14 +459,14 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
resource_data = self.parse.parse_data(common_const.INTERFACES, resource_data = self.parse.parse_data(common_const.INTERFACES,
resource_data) resource_data)
mgmt_ip = resource_data['mgmt_ip'] mgmt_ip = resource_data['mgmt_ip']
try: try:
result_log_forward = self._configure_log_forwarding( result_log_forward = self._configure_log_forwarding(
const.request_url, mgmt_ip, self.port) const.request_url, mgmt_ip, self.port, headers)
except Exception as err: except Exception as err:
msg = ("Failed to configure log forwarding for service at %s. " msg = ("Failed to configure log forwarding for service at %s. "
"Error: %s" % (mgmt_ip, err)) "Error: %s" % (mgmt_ip, err))
@@ -406,7 +483,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
LOG.error(msg) LOG.error(msg)
try: try:
result_static_ips = self._configure_static_ips(resource_data) result_static_ips = self._configure_static_ips(context,
resource_data)
except Exception as err: except Exception as err:
msg = ("Failed to add static IPs. Error: %s" % err) msg = ("Failed to add static IPs. Error: %s" % err)
LOG.error(msg) LOG.error(msg)
@@ -429,7 +507,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
"service at: %r" % mgmt_ip) "service at: %r" % mgmt_ip)
LOG.info(msg) LOG.info(msg)
try: try:
resp = requests.post(url, data, timeout=self.timeout) resp = requests.post(url, data, timeout=self.timeout,
headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to primary service at: " msg = ("Failed to establish connection to primary service at: "
"%r. ERROR: %r" % "%r. ERROR: %r" %
@@ -462,7 +541,7 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
time.sleep(10) time.sleep(10)
return common_const.STATUS_SUCCESS return common_const.STATUS_SUCCESS
def _clear_static_ips(self, resource_data): def _clear_static_ips(self, context, resource_data):
""" Clear static IPs for provider and stitching """ Clear static IPs for provider and stitching
interfaces of the service VM. interfaces of the service VM.
@@ -474,7 +553,7 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
static_ips_info = dict( static_ips_info = dict(
provider_ip=resource_data.get('provider_ip'), provider_ip=resource_data.get('provider_ip'),
provider_cidr=resource_data.get('provider_cidr'), provider_cidr=resource_data.get('provider_cidr'),
@@ -493,7 +572,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
"service at: %r" % mgmt_ip) "service at: %r" % mgmt_ip)
LOG.info(msg) LOG.info(msg)
try: try:
resp = requests.delete(url, data=data, timeout=self.timeout) resp = requests.delete(url, data=data, timeout=self.timeout,
headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to primary service at: " msg = ("Failed to establish connection to primary service at: "
"%r. ERROR: %r" % "%r. ERROR: %r" %
@@ -538,11 +618,11 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
resource_data = self.parse.parse_data(common_const.INTERFACES, resource_data = self.parse.parse_data(common_const.INTERFACES,
resource_data) resource_data)
try: try:
result_static_ips = self._clear_static_ips(resource_data) result_static_ips = self._clear_static_ips(context, resource_data)
except Exception as err: except Exception as err:
msg = ("Failed to remove static IPs. Error: %s" % err) msg = ("Failed to remove static IPs. Error: %s" % err)
LOG.error(msg) LOG.error(msg)
@@ -569,7 +649,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
try: try:
data = jsonutils.dumps(rule_info) data = jsonutils.dumps(rule_info)
resp = requests.delete(url, data=data, timeout=self.timeout) resp = requests.delete(url, data=data, timeout=self.timeout,
headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to service at: %r. " msg = ("Failed to establish connection to service at: %r. "
"ERROR: %r" % "ERROR: %r" %
@@ -610,6 +691,7 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
Returns: SUCCESS/Failure message with reason. Returns: SUCCESS/Failure message with reason.
""" """
headers = self._parse_vm_context(context)
forward_routes = resource_data.get('forward_route') forward_routes = resource_data.get('forward_route')
resource_data = self.parse.parse_data(common_const.ROUTES, resource_data = self.parse.parse_data(common_const.ROUTES,
resource_data) resource_data)
@@ -633,7 +715,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
try: try:
resp = requests.post( resp = requests.post(
stitching_url, data=st_data, timeout=self.timeout) stitching_url, data=st_data, timeout=self.timeout,
headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to service at: " msg = ("Failed to establish connection to service at: "
"%r. ERROR: %r" % (mgmt_ip, "%r. ERROR: %r" % (mgmt_ip,
@@ -659,7 +742,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
"primary service at: %r" % mgmt_ip) "primary service at: %r" % mgmt_ip)
LOG.info(msg) LOG.info(msg)
try: try:
resp = requests.post(url, data=data, timeout=self.timeout) resp = requests.post(url, data=data, timeout=self.timeout,
headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to service at: " msg = ("Failed to establish connection to service at: "
"%r. ERROR: %r" % (mgmt_ip, str(err).capitalize())) "%r. ERROR: %r" % (mgmt_ip, str(err).capitalize()))
@@ -708,6 +792,7 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
""" """
# clear the static stitching gateway route # clear the static stitching gateway route
headers = self._parse_vm_context(context)
resource_data = self.parse.parse_data(common_const.ROUTES, resource_data = self.parse.parse_data(common_const.ROUTES,
resource_data) resource_data)
mgmt_ip = resource_data.get('mgmt_ip') mgmt_ip = resource_data.get('mgmt_ip')
@@ -721,7 +806,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
{'gateway_ip': resource_data.get('stitching_gw_ip')}) {'gateway_ip': resource_data.get('stitching_gw_ip')})
try: try:
resp = requests.post( resp = requests.post(
stitching_url, data=st_data, timeout=self.timeout) stitching_url, data=st_data, timeout=self.timeout,
headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to service at: " msg = ("Failed to establish connection to service at: "
"%r. ERROR: %r" % (mgmt_ip, "%r. ERROR: %r" % (mgmt_ip,
@@ -740,7 +826,8 @@ class VpnGenericConfigDriver(base_driver.BaseDriver):
% mgmt_ip) % mgmt_ip)
LOG.info(msg) LOG.info(msg)
try: try:
resp = requests.delete(url, data=data, timeout=self.timeout) resp = requests.delete(url, data=data, timeout=self.timeout,
headers=headers)
except requests.exceptions.ConnectionError as err: except requests.exceptions.ConnectionError as err:
msg = ("Failed to establish connection to primary service at: " msg = ("Failed to establish connection to primary service at: "
" %r. ERROR: %r" % (mgmt_ip, err)) " %r. ERROR: %r" % (mgmt_ip, err))
@@ -920,7 +1007,7 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
Returns: None Returns: None
""" """
headers = self._parse_vm_context(context['agent_info']['context'])
conn = resource_data.get('resource') conn = resource_data.get('resource')
description = conn['description'] description = conn['description']
svc_context = self.agent.get_vpn_servicecontext( svc_context = self.agent.get_vpn_servicecontext(
@@ -952,13 +1039,15 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
peer_cidrs_from_2 = conn['peer_cidrs'][1:] peer_cidrs_from_2 = conn['peer_cidrs'][1:]
conn['peer_cidrs'] = [conn['peer_cidrs'][0]] conn['peer_cidrs'] = [conn['peer_cidrs'][0]]
svc_context['service']['cidr'] = self._get_stitching_cidr(conn) svc_context['service']['cidr'] = self._get_stitching_cidr(conn)
RestApi(mgmt_fip).post("create-ipsec-site-conn", svc_context) RestApi(mgmt_fip).post(
"create-ipsec-site-conn", svc_context, headers)
if peer_cidrs_from_2: if peer_cidrs_from_2:
tunnel = {} tunnel = {}
tunnel['peer_address'] = conn['peer_address'] tunnel['peer_address'] = conn['peer_address']
tunnel['local_cidr'] = tunnel_local_cidr tunnel['local_cidr'] = tunnel_local_cidr
tunnel['peer_cidrs'] = peer_cidrs_from_2 tunnel['peer_cidrs'] = peer_cidrs_from_2
RestApi(mgmt_fip).post("create-ipsec-site-tunnel", tunnel) RestApi(mgmt_fip).post(
"create-ipsec-site-tunnel", tunnel, headers)
self._init_state(context, conn) self._init_state(context, conn)
def _ipsec_create_tunnel(self, context, mgmt_fip, conn): def _ipsec_create_tunnel(self, context, mgmt_fip, conn):
@@ -971,6 +1060,7 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
Returns: None Returns: None
""" """
headers = self._parse_vm_context(context['agent_info']['context'])
tunnel_local_cidr, _ = ( tunnel_local_cidr, _ = (
self._get_ipsec_tunnel_local_cidr_from_vpnsvc(conn)) self._get_ipsec_tunnel_local_cidr_from_vpnsvc(conn))
@@ -978,7 +1068,8 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
tunnel['peer_address'] = conn['peer_address'] tunnel['peer_address'] = conn['peer_address']
tunnel['local_cidr'] = tunnel_local_cidr tunnel['local_cidr'] = tunnel_local_cidr
tunnel['peer_cidrs'] = conn['peer_cidrs'] tunnel['peer_cidrs'] = conn['peer_cidrs']
RestApi(mgmt_fip).post("create-ipsec-site-tunnel", tunnel) RestApi(mgmt_fip).post(
"create-ipsec-site-tunnel", tunnel, headers)
self._init_state(context, conn) self._init_state(context, conn)
def _ipsec_get_tenant_conns(self, context, mgmt_fip, conn, def _ipsec_get_tenant_conns(self, context, mgmt_fip, conn,
@@ -1081,7 +1172,7 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
Returns: None Returns: None
""" """
headers = self._parse_vm_context(context['agent_info']['context'])
conn = resource_data.get('resource') conn = resource_data.get('resource')
lcidr = resource_data['provider_cidr'] lcidr = resource_data['provider_cidr']
@@ -1091,7 +1182,7 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
tunnel['peer_cidrs'] = conn['peer_cidrs'] tunnel['peer_cidrs'] = conn['peer_cidrs']
try: try:
RestApi(mgmt_fip).delete( RestApi(mgmt_fip).delete(
"delete-ipsec-site-tunnel", tunnel) "delete-ipsec-site-tunnel", tunnel, headers)
self.agent.ipsec_site_conn_deleted(context, conn['id']) self.agent.ipsec_site_conn_deleted(context, conn['id'])
except Exception as err: except Exception as err:
msg = ("IPSec: Failed to delete IPSEC tunnel. %s" msg = ("IPSec: Failed to delete IPSEC tunnel. %s"
@@ -1112,17 +1203,17 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
""" """
try: try:
headers = self._parse_vm_context(context['agent_info']['context'])
RestApi(mgmt_fip).delete( RestApi(mgmt_fip).delete(
"delete-ipsec-site-conn", "delete-ipsec-site-conn",
{'peer_address': conn['peer_address']}) {'peer_address': conn['peer_address']}, headers)
self.agent.ipsec_site_conn_deleted(context, conn['id']) self.agent.ipsec_site_conn_deleted(context, conn['id'])
except Exception as err: except Exception as err:
msg = ("IPSec: Failed to delete IPSEC conn. %s" msg = ("IPSec: Failed to delete IPSEC conn. %s"
% str(err).capitalize()) % str(err).capitalize())
LOG.error(msg) LOG.error(msg)
def _ipsec_is_state_changed(self, svc_context, conn, fip): def _ipsec_is_state_changed(self, context, svc_context, conn, fip):
""" """
Make GET request to the service VM to get the status of the site conn. Make GET request to the service VM to get the status of the site conn.
@@ -1132,7 +1223,7 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
Returns: None Returns: None
""" """
headers = self._parse_vm_context(context['agent_info']['context'])
c_state = None c_state = None
lcidr, _ = self._get_ipsec_tunnel_local_cidr_from_vpnsvc(conn) lcidr, _ = self._get_ipsec_tunnel_local_cidr_from_vpnsvc(conn)
if conn['status'] == vpn_const.STATE_INIT: if conn['status'] == vpn_const.STATE_INIT:
@@ -1142,7 +1233,7 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
'peer_cidr': conn['peer_cidrs'][0]} 'peer_cidr': conn['peer_cidrs'][0]}
output = RestApi(fip).get( output = RestApi(fip).get(
"get-ipsec-site-tunnel-state", "get-ipsec-site-tunnel-state",
tunnel) tunnel, headers)
state = output['state'] state = output['state']
if state.upper() == 'UP' and ( if state.upper() == 'UP' and (
@@ -1287,7 +1378,7 @@ class VpnaasIpsecDriver(VpnGenericConfigDriver):
conn = svc_context['siteconns'][0]['connection'] conn = svc_context['siteconns'][0]['connection']
try: try:
state, changed = self._ipsec_is_state_changed( state, changed = self._ipsec_is_state_changed(context,
svc_context, conn, fip) svc_context, conn, fip)
except Exception as err: except Exception as err:
msg = ("Failed to check if IPSEC state is changed. %s" msg = ("Failed to check if IPSEC state is changed. %s"

3
gbpservice/contrib/nfp/tools/setup_nfp.py
View File

@@ -98,6 +98,9 @@ def set_keystone_authtoken_section():
def configure_nfp(): def configure_nfp():
commands.getoutput("cat /usr/lib/python2.7/site-packages/gbpservice/contrib/nfp/bin/nfp.ini >> /etc/nfp.ini") commands.getoutput("cat /usr/lib/python2.7/site-packages/gbpservice/contrib/nfp/bin/nfp.ini >> /etc/nfp.ini")
commands.getoutput("mkdir -p /etc/nfp/vyos/")
commands.getoutput("cp -r /usr/lib/python2.7/site-packages/gbpservice/contrib/nfp/bin/vyos.day0 /etc/nfp/vyos/")
commands.getoutput("sed -i 's/\"password\": \"\"/\"password\": \"vyos\"/' /etc/nfp/vyos/vyos.day0")
set_keystone_authtoken_section() set_keystone_authtoken_section()
check_if_apic_sys() check_if_apic_sys()
curr_service_plugins = commands.getoutput("crudini --get /etc/neutron/neutron.conf DEFAULT service_plugins") curr_service_plugins = commands.getoutput("crudini --get /etc/neutron/neutron.conf DEFAULT service_plugins")

17
gbpservice/contrib/tests/unit/nfp/configurator/drivers/firewall/test_vyos_fw_driver.py
View File

@@ -60,7 +60,8 @@ class FwGenericConfigDriverTestCase(base.BaseTestCase):
data = jsonutils.dumps(self.fo.static_ip_data()) data = jsonutils.dumps(self.fo.static_ip_data())
mock_post.assert_called_with( mock_post.assert_called_with(
self.fo.get_url_for_api('add_static_ip'), self.fo.get_url_for_api('add_static_ip'),
data=data, timeout=self.fo.timeout) data=data, headers=self.fo.fake_header,
timeout=self.fo.timeout)
def test_configure_interfaces(self): def test_configure_interfaces(self):
""" Implements test case for configure interfaces method """ Implements test case for configure interfaces method
@@ -85,6 +86,7 @@ class FwGenericConfigDriverTestCase(base.BaseTestCase):
data = jsonutils.dumps(self.fo.data_for_interface) data = jsonutils.dumps(self.fo.data_for_interface)
mock_post.assert_called_with(self.fo.get_url_for_api('add_inte'), mock_post.assert_called_with(self.fo.get_url_for_api('add_inte'),
data=data, data=data,
headers=self.fo.fake_header,
timeout=self.fo.timeout) timeout=self.fo.timeout)
def test_clear_interfaces(self): def test_clear_interfaces(self):
@@ -105,7 +107,7 @@ class FwGenericConfigDriverTestCase(base.BaseTestCase):
data = jsonutils.dumps(self.fo.data_for_interface) data = jsonutils.dumps(self.fo.data_for_interface)
mock_delete.assert_called_with( mock_delete.assert_called_with(
self.fo.get_url_for_api('del_inte'), self.fo.get_url_for_api('del_inte'),
data=data, data=data, headers=self.fo.fake_header,
timeout=self.fo.timeout) timeout=self.fo.timeout)
def test_configure_source_routes(self): def test_configure_source_routes(self):
@@ -129,7 +131,8 @@ class FwGenericConfigDriverTestCase(base.BaseTestCase):
data = jsonutils.dumps(data) data = jsonutils.dumps(data)
mock_post.assert_called_with( mock_post.assert_called_with(
self.fo.get_url_for_api('add_src_route'), self.fo.get_url_for_api('add_src_route'),
data=data, timeout=self.fo.timeout) data=data, headers=self.fo.fake_header,
timeout=self.fo.timeout)
def test_delete_source_routes(self): def test_delete_source_routes(self):
""" Implements test case for clear routes method """ Implements test case for clear routes method
@@ -152,7 +155,8 @@ class FwGenericConfigDriverTestCase(base.BaseTestCase):
data = jsonutils.dumps(data) data = jsonutils.dumps(data)
mock_delete.assert_called_with( mock_delete.assert_called_with(
self.fo.get_url_for_api('del_src_route'), self.fo.get_url_for_api('del_src_route'),
data=data, timeout=self.fo.timeout) data=data, headers=self.fo.fake_header,
timeout=self.fo.timeout)
class FwaasDriverTestCase(base.BaseTestCase): class FwaasDriverTestCase(base.BaseTestCase):
@@ -192,6 +196,7 @@ class FwaasDriverTestCase(base.BaseTestCase):
self.fo.firewall, self.fo.host) self.fo.firewall, self.fo.host)
mock_post.assert_called_with(self.fo.get_url_for_api('config_fw'), mock_post.assert_called_with(self.fo.get_url_for_api('config_fw'),
data=self.firewall, data=self.firewall,
headers=self.fo.fake_header,
timeout=self.fo.timeout) timeout=self.fo.timeout)
def test_update_firewall_fwaasdriver(self): def test_update_firewall_fwaasdriver(self):
@@ -210,6 +215,7 @@ class FwaasDriverTestCase(base.BaseTestCase):
self.fo.firewall, self.fo.host) self.fo.firewall, self.fo.host)
mock_put.assert_called_with(self.fo.get_url_for_api('update_fw'), mock_put.assert_called_with(self.fo.get_url_for_api('update_fw'),
data=self.firewall, data=self.firewall,
headers=self.fo.fake_header,
timeout=self.fo.timeout) timeout=self.fo.timeout)
def test_delete_firewall_fwaasdriver(self): def test_delete_firewall_fwaasdriver(self):
@@ -228,4 +234,5 @@ class FwaasDriverTestCase(base.BaseTestCase):
self.fo.firewall, self.fo.host) self.fo.firewall, self.fo.host)
mock_delete.assert_called_with( mock_delete.assert_called_with(
self.fo.get_url_for_api('delete_fw'), self.fo.get_url_for_api('delete_fw'),
data=self.firewall, timeout=self.fo.timeout) data=self.firewall, headers=self.fo.fake_header,
timeout=self.fo.timeout)

28
gbpservice/contrib/tests/unit/nfp/configurator/test_data/fw_test_data.py
View File

@@ -18,15 +18,17 @@ class FakeObjects(object):
sc = 'sc' sc = 'sc'
empty_dict = {} empty_dict = {}
context = 'APIcontext' context = {'service_vm_context': {'vyos': {
neutron_context = { 'username': 'name',
'agent_info': { 'password': 'password'}}}
'service_type': 'firewall', neutron_context = {'agent_info': {'service_type': 'firewall',
'notification_data': {}, 'notification_data': {},
'service_vendor': 'vyos', 'service_vendor': 'vyos',
'resource': 'firewall', 'resource': 'firewall',
'context': 'APIcontext'}, 'context': 'APIcontext'
'neutron context for *aaS': {}} },
'neutron context for *aaS': {}
}
firewall = {'id': 'firewall'} firewall = {'id': 'firewall'}
host = 'host' host = 'host'
conf = 'conf' conf = 'conf'
@@ -35,6 +37,9 @@ class FakeObjects(object):
drivers = 'drivers' drivers = 'drivers'
data_for_interface = dict(provider_mac="fa:16:3e:d9:4c:33", data_for_interface = dict(provider_mac="fa:16:3e:d9:4c:33",
stitching_mac="fa:16:3e:da:ca:4d") stitching_mac="fa:16:3e:da:ca:4d")
fake_header = {'username': 'name',
'password': 'password',
'Content-Type': 'application/json'}
data_for_add_src_route = [{'source_cidr': "11.0.1.0/24", data_for_add_src_route = [{'source_cidr': "11.0.1.0/24",
'gateway_ip': "192.168.0.1"}, 'gateway_ip': "192.168.0.1"},
{'source_cidr': "192.168.0.0/28", {'source_cidr': "192.168.0.0/28",
@@ -76,7 +81,10 @@ class FakeObjects(object):
'resource': 'firewall', 'resource': 'firewall',
'service_vendor': 'vyos', 'service_vendor': 'vyos',
'context': {'requester': 'device_orch', 'context': {'requester': 'device_orch',
'logging_context': {}}, 'logging_context': {},
'service_vm_context': {'vyos':
{'username': 'name',
'password': 'password'}}},
'resource_type': 'firewall'}, 'resource_type': 'firewall'},
'notification_data': {}, 'service_info': {}, 'notification_data': {}, 'service_info': {},
"resource_data": { "resource_data": {

22
gbpservice/nfp/common/utils.py
View File

@@ -61,12 +61,8 @@ def is_vpn_in_service_chain(sc_specs):
return False return False
def get_config_file(dir_name, service_vendor): def get_config_file(service_vendor):
file_name = '' file_name = service_vendor + '.day0'
for _file in os.listdir(dir_name):
if _file.startswith(service_vendor):
file_name = _file
break
return file_name return file_name
@@ -76,16 +72,16 @@ def get_service_vm_context(service_vendor, tenant_name=None):
:param tenant_name :param tenant_name
- Day0 file name must start with service vendor name followed by - Day0 file name must start with service vendor name followed by
string '_day0' string '.day0'
e.g Vyos day0 file name can be vyos_day0.json or vyos_day0 e.g Vyos day0 file name must be vyos.day0
- File format can be of any type like text file, json file etc - File format can be of any type like text file, json file etc
- service vendor specific default day0 config file - service vendor specific default day0 config file
/etc/nfp/<service_vendor>/<day0_file> /etc/nfp/<service_vendor>/<day0_file>
e.g /etc/nfp/vyos/vyos_day0.json e.g /etc/nfp/vyos/vyos.day0
- tenant specific vendor day0 config file - tenant specific vendor day0 config file
/etc/nfp/<service_vendor>/<tenant_name>/<day0_file> /etc/nfp/<service_vendor>/<tenant_name>/<day0_file>
e.g /etc/nfp/vyos/services/vyos_day0.json e.g /etc/nfp/vyos/services/vyos.day0
Returns - day0 config file Returns - day0 config file
""" """
@@ -96,14 +92,12 @@ def get_service_vm_context(service_vendor, tenant_name=None):
if tenant_name: if tenant_name:
tenant_day0_dir = vendor_day0_dir + tenant_name + '/' tenant_day0_dir = vendor_day0_dir + tenant_name + '/'
if os.path.isdir(tenant_day0_dir): if os.path.isdir(tenant_day0_dir):
file_name = get_config_file(tenant_day0_dir, file_name = get_config_file(service_vendor)
service_vendor)
if file_name: if file_name:
day0_config_file = tenant_day0_dir + file_name day0_config_file = tenant_day0_dir + file_name
else: else:
if os.path.isdir(vendor_day0_dir): if os.path.isdir(vendor_day0_dir):
file_name = get_config_file(vendor_day0_dir, file_name = get_config_file(service_vendor)
service_vendor)
day0_config_file = vendor_day0_dir + file_name day0_config_file = vendor_day0_dir + file_name
else: else:
day0_config_file = '/fake_file_path' day0_config_file = '/fake_file_path'