Revision a4658bbe
b/snf-cyclades-app/synnefo/api/management/commands/network-modify.py | ||
---|---|---|
37 | 37 |
|
38 | 38 |
from synnefo.db.models import (Network, Backend, BackendNetwork, |
39 | 39 |
pooled_rapi_client) |
40 |
from synnefo.management.common import (validate_network_info, get_network, |
|
41 |
get_backend) |
|
40 |
from synnefo.management.common import (get_network, get_backend) |
|
42 | 41 |
from snf_django.management.utils import parse_bool |
42 |
from synnefo.logic import networks |
|
43 | 43 |
from synnefo.logic.backend import create_network, delete_network |
44 | 44 |
|
45 | 45 |
HELP_MSG = """Modify a network. |
... | ... | |
144 | 144 |
network = get_network(args[0]) |
145 | 145 |
|
146 | 146 |
# Validate subnet |
147 |
if options.get('subnet'): |
|
148 |
validate_network_info(options) |
|
147 |
subnet = options["subnet"] or network.subnet |
|
148 |
gateway = options["gateway"] or network.gateway |
|
149 |
subnet6 = options["subnet6"] or network.subnet6 |
|
150 |
gateway6 = options["gateway6"] or network.gateway6 |
|
151 |
networks.validate_network_params(subnet, gateway, subnet6, gateway6) |
|
149 | 152 |
|
150 | 153 |
# Validate state |
151 | 154 |
state = options.get('state') |
b/snf-cyclades-app/synnefo/api/util.py | ||
---|---|---|
31 | 31 |
# interpreted as representing official policies, either expressed |
32 | 32 |
# or implied, of GRNET S.A. |
33 | 33 |
|
34 |
import ipaddr |
|
35 |
|
|
36 | 34 |
from base64 import b64encode, b64decode |
37 | 35 |
from hashlib import sha256 |
38 | 36 |
from logging import getLogger |
... | ... | |
55 | 53 |
from synnefo.db.pools import EmptyPool |
56 | 54 |
|
57 | 55 |
from synnefo.plankton.utils import image_backend |
58 |
from synnefo.settings import MAX_CIDR_BLOCK |
|
59 | 56 |
|
60 | 57 |
from synnefo.cyclades_settings import cyclades_services, BASE_HOST |
61 | 58 |
from synnefo.lib.services import get_service_path |
... | ... | |
231 | 228 |
raise faults.ItemNotFound("Floating IP does not exist.") |
232 | 229 |
|
233 | 230 |
|
234 |
def validate_network_params(subnet=None, gateway=None, subnet6=None, |
|
235 |
gateway6=None): |
|
236 |
if (subnet is None) and (subnet6 is None): |
|
237 |
raise faults.BadRequest("subnet or subnet6 is required") |
|
238 |
|
|
239 |
if subnet: |
|
240 |
try: |
|
241 |
# Use strict option to not all subnets with host bits set |
|
242 |
network = ipaddr.IPv4Network(subnet, strict=True) |
|
243 |
except ValueError: |
|
244 |
raise faults.BadRequest("Invalid network IPv4 subnet") |
|
245 |
|
|
246 |
# Check that network size is allowed! |
|
247 |
if not validate_network_size(network.prefixlen): |
|
248 |
raise faults.OverLimit(message="Unsupported network size", |
|
249 |
details="Network mask must be in range" |
|
250 |
" (%s, 29]" % MAX_CIDR_BLOCK) |
|
251 |
if gateway: # Check that gateway belongs to network |
|
252 |
try: |
|
253 |
gateway = ipaddr.IPv4Address(gateway) |
|
254 |
except ValueError: |
|
255 |
raise faults.BadRequest("Invalid network IPv4 gateway") |
|
256 |
if not gateway in network: |
|
257 |
raise faults.BadRequest("Invalid network IPv4 gateway") |
|
258 |
|
|
259 |
if subnet6: |
|
260 |
try: |
|
261 |
# Use strict option to not all subnets with host bits set |
|
262 |
network6 = ipaddr.IPv6Network(subnet6, strict=True) |
|
263 |
except ValueError: |
|
264 |
raise faults.BadRequest("Invalid network IPv6 subnet") |
|
265 |
if gateway6: |
|
266 |
try: |
|
267 |
gateway6 = ipaddr.IPv6Address(gateway6) |
|
268 |
except ValueError: |
|
269 |
raise faults.BadRequest("Invalid network IPv6 gateway") |
|
270 |
if not gateway6 in network6: |
|
271 |
raise faults.BadRequest("Invalid network IPv6 gateway") |
|
272 |
|
|
273 |
|
|
274 |
def validate_network_size(cidr_block): |
|
275 |
"""Return True if network size is allowed.""" |
|
276 |
return cidr_block <= 29 and cidr_block > MAX_CIDR_BLOCK |
|
277 |
|
|
278 |
|
|
279 | 231 |
def allocate_public_address(backend): |
280 | 232 |
"""Get a public IP for any available network of a backend.""" |
281 | 233 |
# Guarantee exclusive access to backend, because accessing the IP pools of |
b/snf-cyclades-app/synnefo/logic/networks.py | ||
---|---|---|
30 | 30 |
# documentation are those of the authors and should not be |
31 | 31 |
# interpreted as representing official policies, either expressed |
32 | 32 |
# or implied, of GRNET S.A. |
33 |
import ipaddr |
|
34 |
|
|
33 | 35 |
from functools import wraps |
34 | 36 |
from django.db import transaction |
35 | 37 |
|
38 |
from django.conf import settings |
|
36 | 39 |
from snf_django.lib.api import faults |
37 | 40 |
from synnefo.api import util |
38 | 41 |
from synnefo import quotas |
... | ... | |
80 | 83 |
raise faults.BadRequest("IPv6 only networks can not be" |
81 | 84 |
" pools.") |
82 | 85 |
# Check that network parameters are valid |
83 |
util.validate_network_params(subnet, gateway, subnet6, gateway6)
|
|
86 |
validate_network_params(subnet, gateway, subnet6, gateway6) |
|
84 | 87 |
|
85 | 88 |
try: |
86 | 89 |
fmode, flink, fmac_prefix, ftags = util.values_from_flavor(flavor) |
... | ... | |
165 | 168 |
# If network does not exist in any backend, update the network state |
166 | 169 |
backend_mod.update_network_state(network) |
167 | 170 |
return network |
171 |
|
|
172 |
|
|
173 |
def validate_network_params(subnet=None, gateway=None, subnet6=None, |
|
174 |
gateway6=None): |
|
175 |
if (subnet is None) and (subnet6 is None): |
|
176 |
raise faults.BadRequest("subnet or subnet6 is required") |
|
177 |
|
|
178 |
if subnet: |
|
179 |
try: |
|
180 |
# Use strict option to not all subnets with host bits set |
|
181 |
network = ipaddr.IPv4Network(subnet, strict=True) |
|
182 |
except ValueError: |
|
183 |
raise faults.BadRequest("Invalid network IPv4 subnet") |
|
184 |
|
|
185 |
# Check that network size is allowed! |
|
186 |
prefixlen = network.prefixlen |
|
187 |
if not prefixlen <= 29 and prefixlen > settings.MAX_CIDR_BLOCK: |
|
188 |
raise faults.OverLimit(message="Unsupported network size", |
|
189 |
details="Network mask must be in range" |
|
190 |
" (%s, 29]" |
|
191 |
% settings.MAX_CIDR_BLOCK) |
|
192 |
if gateway: # Check that gateway belongs to network |
|
193 |
try: |
|
194 |
gateway = ipaddr.IPv4Address(gateway) |
|
195 |
except ValueError: |
|
196 |
raise faults.BadRequest("Invalid network IPv4 gateway") |
|
197 |
if not gateway in network: |
|
198 |
raise faults.BadRequest("Invalid network IPv4 gateway") |
|
199 |
|
|
200 |
if subnet6: |
|
201 |
try: |
|
202 |
# Use strict option to not all subnets with host bits set |
|
203 |
network6 = ipaddr.IPv6Network(subnet6, strict=True) |
|
204 |
except ValueError: |
|
205 |
raise faults.BadRequest("Invalid network IPv6 subnet") |
|
206 |
if gateway6: |
|
207 |
try: |
|
208 |
gateway6 = ipaddr.IPv6Address(gateway6) |
|
209 |
except ValueError: |
|
210 |
raise faults.BadRequest("Invalid network IPv6 gateway") |
|
211 |
if not gateway6 in network6: |
|
212 |
raise faults.BadRequest("Invalid network IPv6 gateway") |
b/snf-cyclades-app/synnefo/management/common.py | ||
---|---|---|
52 | 52 |
return vm.operstate |
53 | 53 |
|
54 | 54 |
|
55 |
def validate_network_info(options): |
|
56 |
subnet = options['subnet'] |
|
57 |
gateway = options['gateway'] |
|
58 |
subnet6 = options['subnet6'] |
|
59 |
gateway6 = options['gateway6'] |
|
60 |
|
|
61 |
try: |
|
62 |
util.validate_network_params(subnet, gateway) |
|
63 |
except (faults.BadRequest, faults.OverLimit) as e: |
|
64 |
raise CommandError(e) |
|
65 |
|
|
66 |
return subnet, gateway, subnet6, gateway6 |
|
67 |
|
|
68 |
|
|
69 | 55 |
def get_backend(backend_id): |
70 | 56 |
try: |
71 | 57 |
backend_id = int(backend_id) |
Also available in: Unified diff