F #4302: Relaxing NSX_STATUS to operate without credentials (#4754)

Co-authored-by: mouyaq <amoya@opennebula.io>
2025-03-16 22:50:10 +03:00 · 2020-05-18 17:31:26 +02:00 · 2020-05-18 17:31:26 +02:00 · 62899e470c
commit 62899e470c
parent 641c01b1d3
5 changed files with 45 additions and 80 deletions
--- a/src/vmm_mad/remotes/lib/nsx_driver/distributed_firewall.rb
+++ b/src/vmm_mad/remotes/lib/nsx_driver/distributed_firewall.rb
@ -196,12 +196,10 @@ module NSXDriver
            vm = VCenterDriver::VirtualMachine
                 .new_one(vi_client, deploy_id, one_vm)

-            # NSX Objects needed
-            ls = LogicalSwitch.new(@nsx_client)
-
            # Search NSX Nics
            # First try to search only new attached NSX Nics
-            nsx_nics = ls.nsx_nics(template_xml, only_attached)
+            nsx_nics = NSXDriver::LogicalSwitch.nsx_nics(template_xml,
+                                                         only_attached)
            # If there is no NSX Nics
            return if nsx_nics.empty?

@ -251,10 +249,9 @@ module NSXDriver
            vm_id = template_xml.xpath('/VM/ID').text
            vm_deploy_id = template_xml.xpath('/VM/DEPLOY_ID').text

-            # Search NSX Nics
-            ls = LogicalSwitch.new(@nsx_client)
            # First try to search only new attached NSX Nics
-            nsx_nics = ls.nsx_nics(template_xml, only_detached)
+            nsx_nics = NSXDriver::LogicalSwitch.nsx_nics(template_xml,
+                                                         only_detached)

            # If there is no NSX Nics
            return if nsx_nics.empty?
--- a/src/vmm_mad/remotes/lib/nsx_driver/logical_switch.rb
+++ b/src/vmm_mad/remotes/lib/nsx_driver/logical_switch.rb
@ -53,7 +53,7 @@ module NSXDriver

        # Return nsx nics of type NSX-V and NSX-T
        # If only_new_attached = true --> Only returns new attached nsx nics
-        def nsx_nics(template_xml, only_new_attached = true)
+        def self.nsx_nics(template_xml, only_new_attached = true)
            if only_new_attached == true
                nics = template_xml.xpath('//TEMPLATE/NIC[ATTACH="YES"]')
            else
--- a/src/vnm_mad/remotes/vcenter/clean
+++ b/src/vnm_mad/remotes/vcenter/clean
@ -69,19 +69,39 @@ end
 nsx_status = one_host['TEMPLATE/NSX_STATUS']
 exit 0 if nsx_status.nil?

-# Clear rules
-nsx_client = NSXDriver::NSXClient.new_from_id(one_host['ID'])
-dfw = NSXDriver::DistributedFirewall.new_child(nsx_client)
+# Exit if there is no NSX_PASSWORD
+nsx_password = one_host['TEMPLATE/NSX_PASSWORD']
+exit 0 if nsx_password.nil?

-begin
-    dfw.clear_rules(template, modified?(template))
-rescue StandardError => e
-    OpenNebula.log_error('Error deleting security groups rules ' \
-        "due to \"#{e.message}\"")
-    if VCenterDriver::CONFIG[:debug_information]
-        OpenNebula.error_message(e.backtrace)
+# OpenNebula VM
+vmid = template_xml.xpath('//VM/ID')
+one_vm = VCenterDriver::VIHelper.one_item(OpenNebula::VirtualMachine, vmid)
+
+rc = one_vm.info
+if OpenNebula.is_error?(rc)
+    err_msg = rc.message
+    raise err_msg
+end
+
+# Get all modified or all NSX Nics
+is_modified = modified?(template)
+nsx_nics = NSXDriver::LogicalSwitch.nsx_nics(template_xml,
+                                             is_modified)
+vm_state = one_vm.state_str
+unless nsx_nics.empty? || (vm_state != 'POWEROFF')
+    begin
+        # Clear rules
+        nsx_client = NSXDriver::NSXClient.new_from_id(one_host['ID'])
+        dfw = NSXDriver::DistributedFirewall.new_child(nsx_client)
+        dfw.clear_rules(template, modified?(template))
+    rescue StandardError => e
+        OpenNebula.log_error('Error deleting security groups rules ' \
+            "due to \"#{e.message}\"")
+        if VCenterDriver::CONFIG[:debug_information]
+            OpenNebula.error_message(e.backtrace)
+        end
+        exit 1
    end
-    exit 1
 end

 exit 0
--- a/src/vnm_mad/remotes/vcenter/post
+++ b/src/vnm_mad/remotes/vcenter/post
@ -53,7 +53,6 @@ end

 template = Base64.decode64(STDIN.read)
 deploy_id = ARGV[0]
-
 template_xml = Nokogiri::XML(template)

 # OpenNebula host
@ -71,6 +70,10 @@ end
 nsx_status = one_host['TEMPLATE/NSX_STATUS']
 exit 0 if nsx_status.nil?

+# Exit if there is no NSX_PASSWORD
+nsx_password = one_host['TEMPLATE/NSX_PASSWORD']
+exit 0 if nsx_password.nil?
+
 # OpenNebula VM
 vmid = template_xml.xpath('//VM/ID')
 one_vm = VCenterDriver::VIHelper.one_item(OpenNebula::VirtualMachine, vmid)
@ -81,17 +84,16 @@ if OpenNebula.is_error?(rc)
    raise err_msg
 end

-# NSX Objects
-nsx_client = NSXDriver::NSXTClient.new_from_id(one_host['ID'])
-dfw = NSXDriver::DistributedFirewall.new_child(nsx_client)
-ls = NSXDriver::LogicalSwitch.new(nsx_client)
-
 # Get all modified or all NSX Nics
 is_modified = modified?(template)
-nsx_nics = ls.nsx_nics(template_xml, is_modified)
+nsx_nics = NSXDriver::LogicalSwitch.nsx_nics(template_xml,
+                                             is_modified)
 vm_state = one_vm.state_str
 unless nsx_nics.empty? || (vm_state == 'POWEROFF')
    begin
+        # NSX Objects
+        nsx_client = NSXDriver::NSXTClient.new_from_id(one_host['ID'])
+        dfw = NSXDriver::DistributedFirewall.new_child(nsx_client)
        dfw.create_rules(deploy_id, template, is_modified)
    rescue StandardError => e
        dfw.clear_rules(template, is_modified)
--- a/src/vnm_mad/remotes/vcenter/pre
+++ b/src/vnm_mad/remotes/vcenter/pre
@ -15,59 +15,5 @@
 # See the License for the specific language governing permissions and        #
 # limitations under the License.                                             #
 #--------------------------------------------------------------------------- #
-# Define libraries location
-ONE_LOCATION = ENV['ONE_LOCATION']
-
-if !ONE_LOCATION
-    RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
-    GEMS_LOCATION     = '/usr/share/one/gems'
-    VMDIR             = '/var/lib/one'
-    CONFIG_FILE       = '/var/lib/one/config'
-else
-    RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby'
-    GEMS_LOCATION     = ONE_LOCATION + '/share/gems'
-    VMDIR             = ONE_LOCATION + '/var'
-    CONFIG_FILE       = ONE_LOCATION + '/var/config'
-end
-
-if File.directory?(GEMS_LOCATION)
-    Gem.use_paths(GEMS_LOCATION)
-end
-
-$LOAD_PATH << RUBY_LIB_LOCATION
-
-$LOAD_PATH << File.dirname(__FILE__)
-$LOAD_PATH << File.join(File.dirname(__FILE__), '..')
-
-require 'vnmmad'
-require 'nokogiri'
-require 'opennebula'
-require 'vcenter_driver'
-require 'nsx_driver'
-
-template = Base64.decode64(STDIN.read)
-template_xml = Nokogiri::XML(template)
-
-# Check Host exists
-host_name = template_xml
-            .xpath('//HISTORY_RECORDS/HISTORY[last()]/HOSTNAME').text
-
-one_host = VCenterDriver::VIHelper
-           .find_by_name(OpenNebula::HostPool, host_name)
-rc = one_host.info
-if OpenNebula.is_error?(rc)
-    err_msg = rc.message
-    raise err_msg
-end
-
-# Exit if there is no NSX
-nsx_status = one_host['TEMPLATE/NSX_STATUS']
-exit 0 if nsx_status.nil?
-
-unless nsx_status == 'OK'
-    OpenNebula.log_error('NSX_STATUS is not OK')
-    OpenNebula.error_message('NSX_STATUS is not OK')
-    exit 1
-end

 exit 0