Revision a4658bbe
| b/snf-cyclades-app/synnefo/api/management/commands/network-modify.py | ||
|---|---|---|
| 37 | 37 |
|
| 38 | 38 |
from synnefo.db.models import (Network, Backend, BackendNetwork, |
| 39 | 39 |
pooled_rapi_client) |
| 40 |
from synnefo.management.common import (validate_network_info, get_network, |
|
| 41 |
get_backend) |
|
| 40 |
from synnefo.management.common import (get_network, get_backend) |
|
| 42 | 41 |
from snf_django.management.utils import parse_bool |
| 42 |
from synnefo.logic import networks |
|
| 43 | 43 |
from synnefo.logic.backend import create_network, delete_network |
| 44 | 44 |
|
| 45 | 45 |
HELP_MSG = """Modify a network. |
| ... | ... | |
| 144 | 144 |
network = get_network(args[0]) |
| 145 | 145 |
|
| 146 | 146 |
# Validate subnet |
| 147 |
if options.get('subnet'):
|
|
| 148 |
validate_network_info(options) |
|
| 147 |
subnet = options["subnet"] or network.subnet |
|
| 148 |
gateway = options["gateway"] or network.gateway |
|
| 149 |
subnet6 = options["subnet6"] or network.subnet6 |
|
| 150 |
gateway6 = options["gateway6"] or network.gateway6 |
|
| 151 |
networks.validate_network_params(subnet, gateway, subnet6, gateway6) |
|
| 149 | 152 |
|
| 150 | 153 |
# Validate state |
| 151 | 154 |
state = options.get('state')
|
| b/snf-cyclades-app/synnefo/api/util.py | ||
|---|---|---|
| 31 | 31 |
# interpreted as representing official policies, either expressed |
| 32 | 32 |
# or implied, of GRNET S.A. |
| 33 | 33 |
|
| 34 |
import ipaddr |
|
| 35 |
|
|
| 36 | 34 |
from base64 import b64encode, b64decode |
| 37 | 35 |
from hashlib import sha256 |
| 38 | 36 |
from logging import getLogger |
| ... | ... | |
| 55 | 53 |
from synnefo.db.pools import EmptyPool |
| 56 | 54 |
|
| 57 | 55 |
from synnefo.plankton.utils import image_backend |
| 58 |
from synnefo.settings import MAX_CIDR_BLOCK |
|
| 59 | 56 |
|
| 60 | 57 |
from synnefo.cyclades_settings import cyclades_services, BASE_HOST |
| 61 | 58 |
from synnefo.lib.services import get_service_path |
| ... | ... | |
| 231 | 228 |
raise faults.ItemNotFound("Floating IP does not exist.")
|
| 232 | 229 |
|
| 233 | 230 |
|
| 234 |
def validate_network_params(subnet=None, gateway=None, subnet6=None, |
|
| 235 |
gateway6=None): |
|
| 236 |
if (subnet is None) and (subnet6 is None): |
|
| 237 |
raise faults.BadRequest("subnet or subnet6 is required")
|
|
| 238 |
|
|
| 239 |
if subnet: |
|
| 240 |
try: |
|
| 241 |
# Use strict option to not all subnets with host bits set |
|
| 242 |
network = ipaddr.IPv4Network(subnet, strict=True) |
|
| 243 |
except ValueError: |
|
| 244 |
raise faults.BadRequest("Invalid network IPv4 subnet")
|
|
| 245 |
|
|
| 246 |
# Check that network size is allowed! |
|
| 247 |
if not validate_network_size(network.prefixlen): |
|
| 248 |
raise faults.OverLimit(message="Unsupported network size", |
|
| 249 |
details="Network mask must be in range" |
|
| 250 |
" (%s, 29]" % MAX_CIDR_BLOCK) |
|
| 251 |
if gateway: # Check that gateway belongs to network |
|
| 252 |
try: |
|
| 253 |
gateway = ipaddr.IPv4Address(gateway) |
|
| 254 |
except ValueError: |
|
| 255 |
raise faults.BadRequest("Invalid network IPv4 gateway")
|
|
| 256 |
if not gateway in network: |
|
| 257 |
raise faults.BadRequest("Invalid network IPv4 gateway")
|
|
| 258 |
|
|
| 259 |
if subnet6: |
|
| 260 |
try: |
|
| 261 |
# Use strict option to not all subnets with host bits set |
|
| 262 |
network6 = ipaddr.IPv6Network(subnet6, strict=True) |
|
| 263 |
except ValueError: |
|
| 264 |
raise faults.BadRequest("Invalid network IPv6 subnet")
|
|
| 265 |
if gateway6: |
|
| 266 |
try: |
|
| 267 |
gateway6 = ipaddr.IPv6Address(gateway6) |
|
| 268 |
except ValueError: |
|
| 269 |
raise faults.BadRequest("Invalid network IPv6 gateway")
|
|
| 270 |
if not gateway6 in network6: |
|
| 271 |
raise faults.BadRequest("Invalid network IPv6 gateway")
|
|
| 272 |
|
|
| 273 |
|
|
| 274 |
def validate_network_size(cidr_block): |
|
| 275 |
"""Return True if network size is allowed.""" |
|
| 276 |
return cidr_block <= 29 and cidr_block > MAX_CIDR_BLOCK |
|
| 277 |
|
|
| 278 |
|
|
| 279 | 231 |
def allocate_public_address(backend): |
| 280 | 232 |
"""Get a public IP for any available network of a backend.""" |
| 281 | 233 |
# Guarantee exclusive access to backend, because accessing the IP pools of |
| b/snf-cyclades-app/synnefo/logic/networks.py | ||
|---|---|---|
| 30 | 30 |
# documentation are those of the authors and should not be |
| 31 | 31 |
# interpreted as representing official policies, either expressed |
| 32 | 32 |
# or implied, of GRNET S.A. |
| 33 |
import ipaddr |
|
| 34 |
|
|
| 33 | 35 |
from functools import wraps |
| 34 | 36 |
from django.db import transaction |
| 35 | 37 |
|
| 38 |
from django.conf import settings |
|
| 36 | 39 |
from snf_django.lib.api import faults |
| 37 | 40 |
from synnefo.api import util |
| 38 | 41 |
from synnefo import quotas |
| ... | ... | |
| 80 | 83 |
raise faults.BadRequest("IPv6 only networks can not be"
|
| 81 | 84 |
" pools.") |
| 82 | 85 |
# Check that network parameters are valid |
| 83 |
util.validate_network_params(subnet, gateway, subnet6, gateway6)
|
|
| 86 |
validate_network_params(subnet, gateway, subnet6, gateway6) |
|
| 84 | 87 |
|
| 85 | 88 |
try: |
| 86 | 89 |
fmode, flink, fmac_prefix, ftags = util.values_from_flavor(flavor) |
| ... | ... | |
| 165 | 168 |
# If network does not exist in any backend, update the network state |
| 166 | 169 |
backend_mod.update_network_state(network) |
| 167 | 170 |
return network |
| 171 |
|
|
| 172 |
|
|
| 173 |
def validate_network_params(subnet=None, gateway=None, subnet6=None, |
|
| 174 |
gateway6=None): |
|
| 175 |
if (subnet is None) and (subnet6 is None): |
|
| 176 |
raise faults.BadRequest("subnet or subnet6 is required")
|
|
| 177 |
|
|
| 178 |
if subnet: |
|
| 179 |
try: |
|
| 180 |
# Use strict option to not all subnets with host bits set |
|
| 181 |
network = ipaddr.IPv4Network(subnet, strict=True) |
|
| 182 |
except ValueError: |
|
| 183 |
raise faults.BadRequest("Invalid network IPv4 subnet")
|
|
| 184 |
|
|
| 185 |
# Check that network size is allowed! |
|
| 186 |
prefixlen = network.prefixlen |
|
| 187 |
if not prefixlen <= 29 and prefixlen > settings.MAX_CIDR_BLOCK: |
|
| 188 |
raise faults.OverLimit(message="Unsupported network size", |
|
| 189 |
details="Network mask must be in range" |
|
| 190 |
" (%s, 29]" |
|
| 191 |
% settings.MAX_CIDR_BLOCK) |
|
| 192 |
if gateway: # Check that gateway belongs to network |
|
| 193 |
try: |
|
| 194 |
gateway = ipaddr.IPv4Address(gateway) |
|
| 195 |
except ValueError: |
|
| 196 |
raise faults.BadRequest("Invalid network IPv4 gateway")
|
|
| 197 |
if not gateway in network: |
|
| 198 |
raise faults.BadRequest("Invalid network IPv4 gateway")
|
|
| 199 |
|
|
| 200 |
if subnet6: |
|
| 201 |
try: |
|
| 202 |
# Use strict option to not all subnets with host bits set |
|
| 203 |
network6 = ipaddr.IPv6Network(subnet6, strict=True) |
|
| 204 |
except ValueError: |
|
| 205 |
raise faults.BadRequest("Invalid network IPv6 subnet")
|
|
| 206 |
if gateway6: |
|
| 207 |
try: |
|
| 208 |
gateway6 = ipaddr.IPv6Address(gateway6) |
|
| 209 |
except ValueError: |
|
| 210 |
raise faults.BadRequest("Invalid network IPv6 gateway")
|
|
| 211 |
if not gateway6 in network6: |
|
| 212 |
raise faults.BadRequest("Invalid network IPv6 gateway")
|
|
| b/snf-cyclades-app/synnefo/management/common.py | ||
|---|---|---|
| 52 | 52 |
return vm.operstate |
| 53 | 53 |
|
| 54 | 54 |
|
| 55 |
def validate_network_info(options): |
|
| 56 |
subnet = options['subnet'] |
|
| 57 |
gateway = options['gateway'] |
|
| 58 |
subnet6 = options['subnet6'] |
|
| 59 |
gateway6 = options['gateway6'] |
|
| 60 |
|
|
| 61 |
try: |
|
| 62 |
util.validate_network_params(subnet, gateway) |
|
| 63 |
except (faults.BadRequest, faults.OverLimit) as e: |
|
| 64 |
raise CommandError(e) |
|
| 65 |
|
|
| 66 |
return subnet, gateway, subnet6, gateway6 |
|
| 67 |
|
|
| 68 |
|
|
| 69 | 55 |
def get_backend(backend_id): |
| 70 | 56 |
try: |
| 71 | 57 |
backend_id = int(backend_id) |
Also available in: Unified diff