shaba/one
1
0
Fork 0
mirror of https://github.com/OpenNebula/one.git synced 2025-02-28 17:57:22 +03:00
Code Releases Wiki Activity

F #3042: Packet public networking

Browse Source 
* code linting
    * add new files into install.sh
    * decrypt secrets in ipam/hook
    * fix use of <<~EOF

(cherry picked from commit f9e469b10f662e28bab4084858bb5bca768dae99)
This commit is contained in:
Alejandro Huertas 2019-07-04 12:38:25 +02:00 committed by Ruben S. Montero
parent 1a56d89890
commit 6796f5093d
No known key found for this signature in database
GPG Key ID: A0CEA6FA880A1D87
11 changed files with 213 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
install.sh
View File

@ -325,6 +325,7 @@ VAR_DIRS="$VAR_LOCATION/remotes \
$VAR_LOCATION/remotes/vnm/vcenter/pre.d \
$VAR_LOCATION/remotes/vnm/vcenter/post.d \
$VAR_LOCATION/remotes/vnm/vcenter/clean.d \
$VAR_LOCATION/remotes/vnm/alias_sdnat \
$VAR_LOCATION/remotes/tm/ \
$VAR_LOCATION/remotes/tm/dummy \
$VAR_LOCATION/remotes/tm/shared \
@ -339,6 +340,7 @@ VAR_DIRS="$VAR_LOCATION/remotes \
$VAR_LOCATION/remotes/hooks/ft \
$VAR_LOCATION/remotes/hooks/vcenter \
$VAR_LOCATION/remotes/hooks/raft \
$VAR_LOCATION/remotes/hooks/alias_ip \
$VAR_LOCATION/remotes/datastore \
$VAR_LOCATION/remotes/datastore/dummy \
$VAR_LOCATION/remotes/datastore/fs \
@ -359,7 +361,8 @@ VAR_DIRS="$VAR_LOCATION/remotes \
$VAR_LOCATION/remotes/auth/server_x509 \
$VAR_LOCATION/remotes/auth/server_cipher \
$VAR_LOCATION/remotes/auth/dummy \
$VAR_LOCATION/remotes/ipam/dummy"
$VAR_LOCATION/remotes/ipam/dummy \
$VAR_LOCATION/remotes/ipam/packet"
SUNSTONE_DIRS="$SUNSTONE_LOCATION/routes \
$SUNSTONE_LOCATION/models \
@ -501,6 +504,7 @@ INSTALL_FILES=(
MARKETPLACE_DRIVER_S3_SCRIPTS:$VAR_LOCATION/remotes/market/s3
MARKETPLACE_DRIVER_LXC_SCRIPTS:$VAR_LOCATION/remotes/market/linuxcontainers
IPAM_DRIVER_DUMMY_SCRIPTS:$VAR_LOCATION/remotes/ipam/dummy
IPAM_DRIVER_PACKET_SCRIPTS:$VAR_LOCATION/remotes/ipam/packet
NETWORK_FILES:$VAR_LOCATION/remotes/vnm
NETWORK_ETC_FILES:$VAR_LOCATION/remotes/etc/vnm
NETWORK_8021Q_FILES:$VAR_LOCATION/remotes/vnm/802.1Q
@ -512,6 +516,7 @@ INSTALL_FILES=(
NETWORK_OVSWITCH_FILES:$VAR_LOCATION/remotes/vnm/ovswitch
NETWORK_OVSWITCH_VXLAN_FILES:$VAR_LOCATION/remotes/vnm/ovswitch_vxlan
NETWORK_VCENTER_FILES:$VAR_LOCATION/remotes/vnm/vcenter
NETWORK_ALIAS_SDNAT_FILES:$VAR_LOCATION/remotes/vnm/alias_sdnat
EXAMPLE_SHARE_FILES:$SHARE_LOCATION/examples
WEBSOCKIFY_SHARE_RUN_FILES:$SHARE_LOCATION/websockify
WEBSOCKIFY_SHARE_MODULE_FILES:$SHARE_LOCATION/websockify/websockify
@ -522,6 +527,7 @@ INSTALL_FILES=(
HOOK_FT_FILES:$VAR_LOCATION/remotes/hooks/ft
HOOK_VCENTER_FILES:$VAR_LOCATION/remotes/hooks/vcenter
HOOK_RAFT_FILES:$VAR_LOCATION/remotes/hooks/raft
HOOK_ALIAS_IP_FILES:$VAR_LOCATION/remotes/hooks/alias_ip
COMMON_CLOUD_LIB_FILES:$LIB_LOCATION/ruby/cloud
CLOUD_AUTH_LIB_FILES:$LIB_LOCATION/ruby/cloud/CloudAuth
ECO_LIB_FILES:$LIB_LOCATION/ruby/cloud/econe
@ -1162,6 +1168,12 @@ NETWORK_VCENTER_FILES="src/vnm_mad/remotes/vcenter/pre \
src/vnm_mad/remotes/vcenter/post \
src/vnm_mad/remotes/vcenter/clean"
NETWORK_ALIAS_SDNAT_FILES="src/vnm_mad/remotes/alias_sdnat/AliasSDNAT.rb \
src/vnm_mad/remotes/alias_sdnat/clean \
src/vnm_mad/remotes/alias_sdnat/post \
src/vnm_mad/remotes/alias_sdnat/pre \
src/vnm_mad/remotes/alias_sdnat/update_sg "
#-------------------------------------------------------------------------------
# Virtual Network Manager drivers configuration to be installed under $REMOTES_LOCATION/etc/vnm
#-------------------------------------------------------------------------------
@ -1169,7 +1181,7 @@ NETWORK_VCENTER_FILES="src/vnm_mad/remotes/vcenter/pre \
NETWORK_ETC_FILES="src/vnm_mad/remotes/OpenNebulaNetwork.conf"
#-------------------------------------------------------------------------------
# IPAM drivers to be installed under $REMOTES_LOCATION/ipam
# IPAM dummy drivers to be installed under $REMOTES_LOCATION/ipam
#-------------------------------------------------------------------------------
IPAM_DRIVER_DUMMY_SCRIPTS="src/ipamm_mad/remotes/dummy/register_address_range \
src/ipamm_mad/remotes/dummy/unregister_address_range \
@ -1177,6 +1189,15 @@ IPAM_DRIVER_DUMMY_SCRIPTS="src/ipamm_mad/remotes/dummy/register_address_range \
src/ipamm_mad/remotes/dummy/get_address \
src/ipamm_mad/remotes/dummy/free_address"
#-------------------------------------------------------------------------------
# IPAM Packet drivers to be installed under $REMOTES_LOCATION/ipam
#-------------------------------------------------------------------------------
IPAM_DRIVER_PACKET_SCRIPTS="src/ipamm_mad/remotes/packet/register_address_range \
src/ipamm_mad/remotes/packet/unregister_address_range \
src/ipamm_mad/remotes/packet/allocate_address \
src/ipamm_mad/remotes/packet/get_address \
src/ipamm_mad/remotes/packet/free_address"
#-------------------------------------------------------------------------------
# Transfer Manager commands, to be installed under $LIB_LOCATION/tm_commands
# - SHARED TM, $VAR_LOCATION/tm/shared
@ -1643,6 +1664,12 @@ HOOK_VCENTER_FILES="share/hooks/vcenter/create_vcenter_net.rb \
HOOK_RAFT_FILES="share/hooks/raft/vip.sh"
#-------------------------------------------------------------------------------
# HOOK scripts, to be installed under $VAR_LOCATION/remotes/hooks/alias_ip
#-------------------------------------------------------------------------------
HOOK_ALIAS_IP_FILES="share/hooks/alias_ip/alias_ip.rb"
#-------------------------------------------------------------------------------
# Installation scripts, to be installed under $SHARE_LOCATION
#-------------------------------------------------------------------------------

50
share/hooks/alias_ip/alias_ip.rb
View File

@ -16,7 +16,7 @@
# limitations under the License. #
#--------------------------------------------------------------------------- #
ONE_LOCATION = ENV["ONE_LOCATION"]
ONE_LOCATION = ENV['ONE_LOCATION']
if !ONE_LOCATION
RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
@ -28,11 +28,13 @@ else
LOG_FILE = ONE_LOCATION + '/var/hook-alias_ip.log'
end
$: << RUBY_LIB_LOCATION
$: << PACKET_LOCATION
$LOAD_PATH << RUBY_LIB_LOCATION
$LOAD_PATH << PACKET_LOCATION
# rubocop:disable Style/MixinUsage
require 'opennebula'
include OpenNebula
# rubocop:enable Style/MixinUsage
require 'base64'
require 'open3'
@ -43,15 +45,15 @@ require 'packet'
VM_ID = ARGV[0]
VM_XML = Base64.decode64(ARGV[1])
if VM_ID.nil? or VM_ID.empty? or VM_XML.nil? or VM_XML.empty?
STDERR.puts "USAGE: <VM ID> <VM XML>"
if VM_ID.nil? || VM_ID.empty? || VM_XML.nil? || VM_XML.empty?
STDERR.puts 'USAGE: <VM ID> <VM XML>'
exit(-1)
end
##########
# Helpers
def log(msg, level='I')
def log(msg, level = 'I')
File.open(LOG_FILE, 'a') do |f|
msg.lines do |l|
f.puts "[#{Time.now}][VM #{VM_ID}][#{level}] #{l}"
@ -81,7 +83,7 @@ def find_packet_ip_assignment(packet_client, id, cidr)
begin
packet_ip = packet_client.get_ip(assignment_id)
rescue StandardError => e
rescue StandardError
next
end
@ -92,7 +94,7 @@ def find_packet_ip_assignment(packet_client, id, cidr)
end
end
return nil
nil
end
def device_has_ip?(packet_client, device_id, ip_id)
@ -100,14 +102,24 @@ def device_has_ip?(packet_client, device_id, ip_id)
return true if ip_address['id'] == ip_id
end
return false
false
end
def manage_packet(assign=true, host, ip, ar)
def manage_packet(host, ip, address_range, assign = true)
cidr = "#{ip}/32"
ar_token = ar['PACKET_TOKEN']
ar_deploy_id = ar['DEPLOY_ID']
system = OpenNebula::System.new(OpenNebula::Client.new)
config = system.get_configuration
if OpenNebula.is_error?(config)
STDERR.puts("Error getting oned configuration : #{config.message}")
exit(-1)
end
token = config['ONE_KEY']
ar_token = OpenNebula.decrypt({ :value => address_range['PACKET_TOKEN'] },
token)[:value]
ar_deploy_id = address_range['DEPLOY_ID']
packet_client = Packet::Client.new(ar_token)
packet_ip = find_packet_ip_assignment(packet_client, ar_deploy_id, cidr)
@ -139,12 +151,11 @@ def manage_packet(assign=true, host, ip, ar)
end
end
##########
# Main
begin
client = Client.new()
client = Client.new
rescue StandardError => e
STDERR.puts(e.to_s)
exit(-1)
@ -162,7 +173,7 @@ log("Alias hook triggered for state=#{vm_state_str}")
# if VM is associated with particular host, get the
# metadata and force the operation to assign
# the aliased IPs to the host
if %w{ACTIVE SUSPENDED POWEROFF}.include? vm_state_str
if %w[ACTIVE SUSPENDED POWEROFF].include? vm_state_str
assign = true
host_id = xml_vm['/VM/HISTORY_RECORDS/HISTORY[last()]/HID']
host = one_fetch(client, OpenNebula::Host, host_id)
@ -170,7 +181,7 @@ end
# process each NIC_ALIAS and check each address host assignment
xml_vm.each('/VM/TEMPLATE/NIC_ALIAS') do |nic|
next unless nic['IP'] #or nic['IP6']
next unless nic['IP'] # or nic['IP6']
nic_ip = nic['IP']
vnet_id = nic['NETWORK_ID']
@ -186,8 +197,9 @@ xml_vm.each('/VM/TEMPLATE/NIC_ALIAS') do |nic|
last_seq = xml_vm['/VM/HISTORY_RECORDS/HISTORY[last()]/SEQ'].to_i
[last_seq, last_seq-1].each do |seq|
action_id = vm["/VM/HISTORY_RECORDS/HISTORY[SEQ=#{seq}]/ACTION"].to_i
[last_seq, last_seq - 1].each do |seq|
action_id = vm["/VM/HISTORY_RECORDS/HISTORY[SEQ=#{seq}]/ACTION"]
action_id = action_id.to_i
case OpenNebula::VirtualMachine::HISTORY_ACTION[action_id]
when 'none'
@ -204,7 +216,7 @@ xml_vm.each('/VM/TEMPLATE/NIC_ALIAS') do |nic|
vnet.each("/VNET/AR_POOL/AR[AR_ID=#{ar_id}]") do |ar|
case ar['IPAM_MAD']
when 'packet'
manage_packet(nic_assign, host, nic_ip, ar)
manage_packet(host, nic_ip, ar, nic_assign)
end
end
end

2
share/linters/.rubocop.yml
View File

@ -273,7 +273,9 @@ AllCops:
- share/vendor/ruby/gems/packethost/lib/packet/client/ssh_keys.rb
- share/vendor/ruby/gems/packethost/lib/packet/client/users.rb
- share/vendor/ruby/gems/packethost/lib/packet/client/operating_systems.rb
- share/vendor/ruby/gems/packethost/lib/packet/client/ips.rb
- share/vendor/ruby/gems/packethost/lib/packet/ssh_key.rb
- share/vendor/ruby/gems/packethost/lib/packet/ip.rb
- share/vendor/ruby/gems/packethost/lib/packet/plan.rb
- share/vendor/ruby/gems/packethost/lib/packet/user.rb
- share/vendor/ruby/gems/packethost/lib/packethost.rb

18
src/ipamm_mad/remotes/packet/allocate_address
View File

@ -43,12 +43,15 @@ ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
if !ONE_LOCATION
PACKET_LOCATION = '/usr/lib/one/ruby/vendors/packethost/lib'
IPAM_STATE_LOCATION = '/var/lib/one/ipam_state'
RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
else
PACKET_LOCATION = ONE_LOCATION + '/lib/ruby/vendors/packethost/lib'
IPAM_STATE_LOCATION = ONE_LOCATION + '/var/ipam_state'
RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby'
end
$LOAD_PATH << PACKET_LOCATION
$LOAD_PATH << RUBY_LIB_LOCATION
# gem 'packethost', '> 0.0.8'
@ -56,6 +59,7 @@ require 'packet'
require 'base64'
require 'nokogiri'
require 'fileutils'
require 'opennebula'
data = Nokogiri::XML(Base64.decode64(ARGV[0]))
@ -71,6 +75,17 @@ if ar_size.to_i != 1
exit(-1)
end
system = OpenNebula::System.new(OpenNebula::Client.new)
config = system.get_configuration
if OpenNebula.is_error?(config)
STDERR.puts("Error getting oned configuration : #{config.message}")
exit(-1)
end
token = config['ONE_KEY']
ar_token = OpenNebula.decrypt({ :value => ar_token }, token)[:value]
packet = Packet::Client.new
packet.auth_token = ar_token
@ -85,13 +100,12 @@ begin
ipam_state_f = ipam_state_dir + '/' + ar_ip
if ! File.exists?(ipam_state_f) && cidrs.include?("#{ar_ip}/32")
if !File.exist?(ipam_state_f) && cidrs.include?("#{ar_ip}/32")
File.new(ipam_state_f, 'w')
exit(0)
else
exit(-1)
end
rescue StandardError => e
error_str = "ERROR MESSAGE --8<------\n"
error_str << e.to_s

23
src/ipamm_mad/remotes/packet/free_address
View File

@ -37,17 +37,21 @@ ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
if !ONE_LOCATION
PACKET_LOCATION = '/usr/lib/one/ruby/vendors/packethost/lib'
IPAM_STATE_LOCATION = '/var/lib/one/ipam_state'
RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
else
PACKET_LOCATION = ONE_LOCATION + '/lib/ruby/vendors/packethost/lib'
IPAM_STATE_LOCATION = ONE_LOCATION + '/var/ipam_state'
RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby'
end
$LOAD_PATH << PACKET_LOCATION
$LOAD_PATH << RUBY_LIB_LOCATION
require 'packet'
require 'base64'
require 'nokogiri'
require 'fileutils'
require 'opennebula'
def find_packet_ip_assignment(packet_client, id, cidr)
packet_client.get_ip(id).assignments.each do |a|
@ -55,7 +59,7 @@ def find_packet_ip_assignment(packet_client, id, cidr)
begin
packet_ip = packet_client.get_ip(assignment_id)
rescue StandardError => e
rescue StandardError
next
end
@ -66,10 +70,9 @@ def find_packet_ip_assignment(packet_client, id, cidr)
end
end
return nil
nil
end
###
data = Nokogiri::XML(Base64.decode64(ARGV[0]))
@ -84,6 +87,17 @@ if ar_size.to_i != 1
exit(-1)
end
system = OpenNebula::System.new(OpenNebula::Client.new)
config = system.get_configuration
if OpenNebula.is_error?(config)
STDERR.puts("Error getting oned configuration : #{config.message}")
exit(-1)
end
token = config['ONE_KEY']
ar_token = OpenNebula.decrypt({ :value => ar_token }, token)[:value]
packet = Packet::Client.new
packet.auth_token = ar_token
@ -91,7 +105,7 @@ begin
ipam_state_dir = IPAM_STATE_LOCATION + "/packet/#{ar_deploy_id}"
ipam_state_f = ipam_state_dir + '/' + ar_ip
if File.exists? ipam_state_f
if File.exist? ipam_state_f
File.unlink(ipam_state_f)
end
@ -99,7 +113,6 @@ begin
cidr = ar_ip + '/32'
packet_ip = find_packet_ip_assignment(packet, ar_deploy_id, cidr)
packet.delete_ip(packet_ip) if packet_ip
rescue StandardError => e
error_str = "ERROR MESSAGE --8<------\n"
error_str << e.to_s

39
src/ipamm_mad/remotes/packet/get_address
View File

@ -50,12 +50,15 @@ ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
if !ONE_LOCATION
PACKET_LOCATION = '/usr/lib/one/ruby/vendors/packethost/lib'
IPAM_STATE_LOCATION = '/var/lib/one/ipam_state'
RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
else
PACKET_LOCATION = ONE_LOCATION + '/lib/ruby/vendors/packethost/lib'
IPAM_STATE_LOCATION = ONE_LOCATION + '/var/ipam_state'
RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby'
end
$LOAD_PATH << PACKET_LOCATION
$LOAD_PATH << RUBY_LIB_LOCATION
# gem 'packethost', '> 0.0.8'
@ -63,6 +66,7 @@ require 'packet'
require 'base64'
require 'nokogiri'
require 'fileutils'
require 'opennebula'
data = Nokogiri::XML(Base64.decode64(ARGV[0]))
@ -77,6 +81,17 @@ if ar_size.to_i != 1
exit(-1)
end
system = OpenNebula::System.new(OpenNebula::Client.new)
config = system.get_configuration
if OpenNebula.is_error?(config)
STDERR.puts("Error getting oned configuration : #{config.message}")
exit(-1)
end
token = config['ONE_KEY']
ar_token = OpenNebula.decrypt({ :value => ar_token }, token)[:value]
packet = Packet::Client.new
packet.auth_token = ar_token
@ -94,15 +109,16 @@ begin
# check and create state file
ipam_state_f = ipam_state_dir + '/' + ip_start
next if File.exists? ipam_state_f
next if File.exist? ipam_state_f
File.new(ipam_state_f, 'w')
puts <<-EOT
ADDRESS = [
IP = "#{ip_start}",
SIZE = "#{ar_size}"
]
EOT
puts <<-EOF
ADDRESS = [
IP = "#{ip_start}",
SIZE = "#{ar_size}"
]
EOF
exit(0)
end
@ -112,16 +128,15 @@ EOT
# if cidrs.size
# ip_start = cidrs[0].split('/')[0]
#
# puts <<-EOT
#ADDRESS = [
# puts <<-EOF
# ADDRESS = [
# IP = "#{ip_start}",
# SIZE = "#{ar_size}"
#]
#EOT
# ]
# EOF
# else
# exit(-1)
# end
rescue StandardError => e
error_str = "ERROR MESSAGE --8<------\n"
error_str << e.to_s

39
src/ipamm_mad/remotes/packet/register_address_range
View File

@ -72,20 +72,36 @@ ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
if !ONE_LOCATION
PACKET_LOCATION = '/usr/lib/one/ruby/vendors/packethost/lib'
RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
else
PACKET_LOCATION = ONE_LOCATION + '/lib/ruby/vendors/packethost/lib'
RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby'
end
$LOAD_PATH << PACKET_LOCATION
$LOAD_PATH << RUBY_LIB_LOCATION
require 'packet'
require 'base64'
require 'nokogiri'
require 'opennebula'
data = Nokogiri::XML(Base64.decode64(ARGV[0]))
ar_token = data.xpath('//AR/PACKET_TOKEN').text
system = OpenNebula::System.new(OpenNebula::Client.new)
config = system.get_configuration
if OpenNebula.is_error?(config)
STDERR.puts("Error getting oned configuration : #{config.message}")
exit(-1)
end
token = config['ONE_KEY']
packet = Packet::Client.new
packet.auth_token = data.xpath('//AR/PACKET_TOKEN').text
packet.auth_token = OpenNebula.decrypt({ :value => ar_token }, token)[:value]
ip = Packet::Ip.new
ip.project_id = data.xpath('//AR/PACKET_PROJECT').text
@ -96,17 +112,16 @@ ip.quantity = data.xpath('//AR/SIZE').text.to_i
begin
packet.create_ip(ip)
puts <<-EOT
AR = [
TYPE = "IP4",
IP = "#{ip.network}",
SIZE = "#{ip.quantity}",
IPAM_MAD = "packet",
DEPLOY_ID = "#{ip.id}",
PACKET_TOKEN = "#{packet.auth_token}"
]
EOT
puts <<-EOF
AR = [
TYPE = "IP4",
IP = "#{ip.network}",
SIZE = "#{ip.quantity}",
IPAM_MAD = "packet",
DEPLOY_ID = "#{ip.id}",
PACKET_TOKEN = "#{ar_token}"
]
EOF
rescue StandardError => e
error_str = "ERROR MESSAGE --8<------\n"
error_str << e.to_s

19
src/ipamm_mad/remotes/packet/unregister_address_range
View File

@ -36,26 +36,41 @@ ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
if !ONE_LOCATION
PACKET_LOCATION = '/usr/lib/one/ruby/vendors/packethost/lib'
RUBY_LIB_LOCATION = '/usr/lib/one/ruby'
else
PACKET_LOCATION = ONE_LOCATION + '/lib/ruby/vendors/packethost/lib'
RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby'
end
$LOAD_PATH << PACKET_LOCATION
$LOAD_PATH << RUBY_LIB_LOCATION
# gem 'packethost', '> 0.0.8'
require 'packet'
require 'base64'
require 'nokogiri'
require 'opennebula'
data = Nokogiri::XML(Base64.decode64(ARGV[0]))
token = data.xpath('//AR/PACKET_TOKEN').text
ar_token = data.xpath('//AR/PACKET_TOKEN').text
deploy_id = data.xpath('//AR/DEPLOY_ID').text.to_s
system = OpenNebula::System.new(OpenNebula::Client.new)
config = system.get_configuration
if OpenNebula.is_error?(config)
STDERR.puts("Error getting oned configuration : #{config.message}")
exit(-1)
end
token = config['ONE_KEY']
ar_token = OpenNebula.decrypt({ :value => ar_token }, token)[:value]
begin
packet = Packet::Client.new
packet.auth_token = token
packet.auth_token = ar_token
packet.delete_ip(deploy_id)
rescue StandardError => e
error_str = "ERROR MESSAGE --8<------\n"

58
src/vnm_mad/remotes/alias_sdnat/AliasSDNAT.rb
View File

@ -1,3 +1,4 @@
# rubocop:disable Naming/FileName
# -------------------------------------------------------------------------- #
# Copyright 2002-2019, OpenNebula Project, OpenNebula Systems #
# #
@ -16,18 +17,21 @@
require 'vnmmad'
# Alias SDnat Driver
class AliasSDNATDriver < VNMMAD::VNMDriver
DRIVER = 'alias_sdnat'
XPATH_FILTER = "TEMPLATE/NIC_ALIAS[VN_MAD='alias_sdnat'] | TEMPLATE/NIC[ALIAS_IDS=*]"
def initialize(vm, xpath_filter = nil, deploy_id = nil)
DRIVER = 'alias_sdnat'
XPATH_FILTER = "TEMPLATE/NIC_ALIAS[VN_MAD='alias_sdnat'] | " \
'TEMPLATE/NIC[ALIAS_IDS=*]'
def initialize(virtual_machine, xpath_filter = nil, deploy_id = nil)
@locking = true
xpath_filter ||= XPATH_FILTER
super(vm, xpath_filter, deploy_id)
super(virtual_machine, xpath_filter, deploy_id)
end
def iptables(params, stdout=false)
def iptables(params, stdout = false)
if stdout
commands = VNMMAD::VNMNetwork::Commands.new
commands.add :iptables, params
@ -45,7 +49,7 @@ class AliasSDNATDriver < VNMMAD::VNMDriver
"-j DNAT --to-destination #{parent_ip}")
end
def nat_drop(parent_ip, alias_ip, strict=false)
def nat_drop(parent_ip, alias_ip, strict = false)
iptables_s = iptables('-t nat -S', true)
# drop any line related to PRE/POSTROUTING of parent/alias IPs
@ -53,28 +57,28 @@ class AliasSDNATDriver < VNMMAD::VNMDriver
line.chomp!
# matches for various rule parts
pre1 = line.match(/^-A PREROUTING -d #{alias_ip}\//i)
pre1 = line.match(%r{^-A PREROUTING -d #{alias_ip}/}i)
pre2 = line.match(/--to-destination #{parent_ip}$/i)
post1 = line.match(/^-A POSTROUTING -s #{parent_ip}\//i)
post1 = line.match(%r{^-A POSTROUTING -s #{parent_ip}/}i)
post2 = line.match(/--to-source #{alias_ip}$/i)
drop_rule = "-t nat #{line.sub('-A ', '-D ')}"
if strict && ((pre1 && pre2) || (post1 && post2))
iptables(drop_rule)
elsif ! strict && (pre1 || pre2 || post1 || post2)
elsif !strict && (pre1 || pre2 || post1 || post2)
iptables(drop_rule)
end
# iptables("-t nat #{line.sub('-A ', '-D ')}") if
# line =~ /^-A PREROUTING -d #{alias_ip}\//i or
# line =~ /--to-destination #{parent_ip}$/i or
# line =~ /^-A POSTROUTING -s #{parent_ip}\//i or
# line =~ /--to-source #{alias_ip}$/i
# iptables("-t nat #{line.sub('-A ', '-D ')}") if
# line =~ /^-A PREROUTING -d #{alias_ip}\//i or
# line =~ /--to-destination #{parent_ip}$/i or
# line =~ /^-A POSTROUTING -s #{parent_ip}\//i or
# line =~ /--to-source #{alias_ip}$/i
end
end
def process_nat(activate=true, attach_nic_alias_id=nil)
def process_nat(activate = true, attach_nic_alias_id = nil)
lock
# create Alias IP <-> NIC IP mapping tables
@ -82,12 +86,13 @@ class AliasSDNATDriver < VNMMAD::VNMDriver
nic_aliases = {}
process do |nic|
if nic[:alias_id] and nic[:parent_id] and nic[:ip]
next if attach_nic_alias_id && attach_nic_alias_id != nic[:nic_id]
if nic[:alias_id] && nic[:parent_id] && nic[:ip]
next if attach_nic_alias_id &&
attach_nic_alias_id != nic[:nic_id]
nic_aliases[ nic[:ip] ] = nic[:parent_id]
elsif nic[:alias_ids] and nic[:ip]
nic_parents[ nic[:nic_id] ] = nic[:ip]
nic_aliases[nic[:ip]] = nic[:parent_id]
elsif nic[:alias_ids] && nic[:ip]
nic_parents[nic[:nic_id]] = nic[:ip]
else
STDERR.puts "Problem with NIC #{nic}"
exit 1
@ -96,10 +101,10 @@ class AliasSDNATDriver < VNMMAD::VNMDriver
# cleanup any related mapping rules
nic_aliases.each do |alias_ip, parent_id|
parent_ip = nic_parents[ parent_id ]
parent_ip = nic_parents[parent_id]
if parent_ip
strict = ! attach_nic_alias_id.nil?
strict = !attach_nic_alias_id.nil?
nat_drop(parent_ip, alias_ip, strict)
else
@ -110,10 +115,12 @@ class AliasSDNATDriver < VNMMAD::VNMDriver
if activate
# create mapping rules
# rubocop:disable Metrics/LineLength
# iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j SNAT --to-source 10.0.0.41
# iptables -t nat -A PREROUTING -d 10.0.0.41 -j DNAT --to-destination 192.168.0.250
# rubocop:enable Metrics/LineLength
nic_aliases.each do |alias_ip, parent_id|
parent_ip = nic_parents[ parent_id ]
parent_ip = nic_parents[parent_id]
nat_add(parent_ip, alias_ip) if parent_ip
end
@ -125,7 +132,7 @@ class AliasSDNATDriver < VNMMAD::VNMDriver
def activate
process_nat
return 0
0
end
def deactivate
@ -133,7 +140,8 @@ class AliasSDNATDriver < VNMMAD::VNMDriver
process_nat(false, attach_nic_alias_id)
return 0
0
end
end
# rubocop:enable Naming/FileName

6
src/vnm_mad/remotes/alias_sdnat/clean
View File

@ -16,8 +16,8 @@
# limitations under the License. #
#--------------------------------------------------------------------------- #
$: << File.dirname(__FILE__)
$: << File.join(File.dirname(__FILE__), "..")
$LOAD_PATH << File.dirname(__FILE__)
$LOAD_PATH << File.join(File.dirname(__FILE__), '..')
require 'AliasSDNAT'
@ -28,7 +28,7 @@ xpath_filter = AliasSDNATDriver::XPATH_FILTER
begin
drv = AliasSDNATDriver.from_base64(template64, xpath_filter, deploy_id)
drv.deactivate
rescue Exception => e
rescue StandardError => e
OpenNebula.log_error(e.message)
OpenNebula.log_error(e.backtrace)
exit 1

6
src/vnm_mad/remotes/alias_sdnat/post
View File

@ -16,8 +16,8 @@
# limitations under the License. #
#--------------------------------------------------------------------------- #
$: << File.dirname(__FILE__)
$: << File.join(File.dirname(__FILE__), "..")
$LOAD_PATH << File.dirname(__FILE__)
$LOAD_PATH << File.join(File.dirname(__FILE__), '..')
require 'AliasSDNAT'
@ -28,7 +28,7 @@ xpath_filter = AliasSDNATDriver::XPATH_FILTER
begin
drv = AliasSDNATDriver.from_base64(template64, xpath_filter, deploy_id)
drv.activate
rescue Exception => e
rescue StandardError => e
OpenNebula.log_error(e.message)
OpenNebula.log_error(e.backtrace)
exit 1