From 2a1fc4e770c0688ac1fcb41e1c62bf36a2719d28 Mon Sep 17 00:00:00 2001 From: montesmoreno Date: Mon, 9 Jan 2017 16:46:04 +0000 Subject: [PATCH] Implemented option to disable port-security for openstack. Implemented option to specify floating_ip in openstack. Solved 2 bugs in floating_ip implementation for Openstack Change-Id: I1d6463f9743924dacd93d522f625ecef34b0decf Signed-off-by: montesmoreno --- database_utils/migrate_mano_db.sh | 20 ++++++ db_base.py | 7 ++- nfvo.py | 9 +++ nfvo_db.py | 43 ++++++++++++- openmano_schemas.py | 4 +- openmanod.py | 6 +- .../examples/scenario_vnf_floating_ip.yaml | 40 ++++++++++++ .../scenario_vnf_no_port_security.yaml | 40 ++++++++++++ vimconn_openstack.py | 50 ++++++++++++++- vnfs/examples/vnf_floating_ip.yaml | 61 +++++++++++++++++++ vnfs/examples/vnf_no_port_security.yaml | 61 +++++++++++++++++++ 11 files changed, 329 insertions(+), 12 deletions(-) create mode 100644 scenarios/examples/scenario_vnf_floating_ip.yaml create mode 100644 scenarios/examples/scenario_vnf_no_port_security.yaml create mode 100644 vnfs/examples/vnf_floating_ip.yaml create mode 100644 vnfs/examples/vnf_no_port_security.yaml diff --git a/database_utils/migrate_mano_db.sh b/database_utils/migrate_mano_db.sh index 208ec7d0..9fc49665 100755 --- a/database_utils/migrate_mano_db.sh +++ b/database_utils/migrate_mano_db.sh @@ -185,6 +185,7 @@ DATABASE_TARGET_VER_NUM=0 [ $OPENMANO_VER_NUM -ge 4059 ] && DATABASE_TARGET_VER_NUM=15 #0.4.59=> 15 [ $OPENMANO_VER_NUM -ge 5002 ] && DATABASE_TARGET_VER_NUM=16 #0.5.2 => 16 [ $OPENMANO_VER_NUM -ge 5003 ] && DATABASE_TARGET_VER_NUM=17 #0.5.3 => 17 +[ $OPENMANO_VER_NUM -ge 5004 ] && DATABASE_TARGET_VER_NUM=18 #0.5.4 => 18 #TODO ... put next versions here @@ -696,6 +697,25 @@ function downgrade_from_17(){ echo "DELETE FROM schema_version WHERE version_int='17';" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 } +function upgrade_to_18(){ + echo " upgrade database from version 0.17 to version 0.18" + echo " add columns 'floating_ip' and 'port_security' at tables 'interfaces' and 'instance_interfaces'" + echo "ALTER TABLE interfaces ADD floating_ip BOOL DEFAULT 0 NOT NULL COMMENT 'Indicates if a floating_ip must be associated to this interface';" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 + echo "ALTER TABLE interfaces ADD port_security BOOL DEFAULT 1 NOT NULL COMMENT 'Indicates if port security must be enabled or disabled. By default it is enabled';" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 + echo "ALTER TABLE instance_interfaces ADD floating_ip BOOL DEFAULT 0 NOT NULL COMMENT 'Indicates if a floating_ip must be associated to this interface';" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 + echo "ALTER TABLE instance_interfaces ADD port_security BOOL DEFAULT 1 NOT NULL COMMENT 'Indicates if port security must be enabled or disabled. By default it is enabled';" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 + echo "INSERT INTO schema_version (version_int, version, openmano_ver, comments, date) VALUES (18, '0.18', '0.5.4', 'Add columns \'floating_ip\' and \'port_security\' at tables \'interfaces\' and \'instance_interfaces\'', '2017-01-09');" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 +} +function downgrade_from_18(){ + echo " downgrade database from version 0.18 to version 0.17" + echo " remove columns 'floating_ip' and 'port_security' from tables 'interfaces' and 'instance_interfaces'" + echo "ALTER TABLE interfaces DROP COLUMN floating_ip;" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 + echo "ALTER TABLE interfaces DROP COLUMN port_security;" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 + echo "ALTER TABLE instance_interfaces DROP COLUMN floating_ip;" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 + echo "ALTER TABLE instance_interfaces DROP COLUMN port_security;" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 + echo "DELETE FROM schema_version WHERE version_int='18';" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 +} + function upgrade_to_X(){ echo " change 'datacenter_nets'" echo "ALTER TABLE datacenter_nets ADD COLUMN vim_tenant_id VARCHAR(36) NOT NULL AFTER datacenter_id, DROP INDEX name_datacenter_id, ADD UNIQUE INDEX name_datacenter_id (name, datacenter_id, vim_tenant_id);" | $DBCMD || ! echo "ERROR. Aborted!" || exit -1 diff --git a/db_base.py b/db_base.py index 807c73d5..10f94045 100644 --- a/db_base.py +++ b/db_base.py @@ -125,8 +125,11 @@ def _convert_str2boolean(data, items): _convert_str2boolean(data[k], items) if k in items: if type(data[k]) is str: - if data[k]=="false" or data[k]=="False": data[k]=False - elif data[k]=="true" or data[k]=="True": data[k]=True + if data[k]=="false" or data[k]=="False" or data[k]=="0": data[k]=False + elif data[k]=="true" or data[k]=="True" or data[k]=="1": data[k]=True + elif type(data[k]) is int: + if data[k]==0: data[k]=False + elif data[k]==1: data[k]=True if type(data) is tuple or type(data) is list: for k in data: if type(k) is dict or type(k) is tuple or type(k) is list: diff --git a/nfvo.py b/nfvo.py index 0d60ff72..e64ba1c9 100644 --- a/nfvo.py +++ b/nfvo.py @@ -1481,6 +1481,10 @@ def start_scenario(mydb, tenant_id, scenario_id, instance_scenario_name, instanc netDict['vpci'] = iface['vpci'] if "mac" in iface and iface["mac"] is not None: netDict['mac_address'] = iface['mac'] + if "port-security" in iface and iface["port-security"] is not None: + netDict['port_security'] = iface['port-security'] + if "floating-ip" in iface and iface["floating-ip"] is not None: + netDict['floating_ip'] = iface['floating-ip'] netDict['name'] = iface['internal_name'] if iface['net_id'] is None: for vnf_iface in sce_vnf["interfaces"]: @@ -2001,6 +2005,11 @@ def create_instance(mydb, tenant_id, instance_dict): netDict['vpci'] = iface['vpci'] if "mac" in iface and iface["mac"] is not None: netDict['mac_address'] = iface['mac'] + logger.debug("Pablo iface %s", str(iface)) + if "port-security" in iface and iface["port-security"] is not None: + netDict['port_security'] = iface['port-security'] + if "floating-ip" in iface and iface["floating-ip"] is not None: + netDict['floating_ip'] = iface['floating-ip'] netDict['name'] = iface['internal_name'] if iface['net_id'] is None: for vnf_iface in sce_vnf["interfaces"]: diff --git a/nfvo_db.py b/nfvo_db.py index 6ab73e95..5e51c3b1 100644 --- a/nfvo_db.py +++ b/nfvo_db.py @@ -93,12 +93,20 @@ class nfvo_db(db_base.db_base): if 'bridge-ifaces' in vm: bridgeInterfacesDict[vm['name']] = {} for bridgeiface in vm['bridge-ifaces']: + if 'port-security' in bridgeiface: + bridgeiface['port_security'] = bridgeiface.pop('port-security') + if 'floating-ip' in bridgeiface: + bridgeiface['floating_ip'] = bridgeiface.pop('floating-ip') db_base._convert_bandwidth(bridgeiface, logger=self.logger) bridgeInterfacesDict[vm['name']][bridgeiface['name']] = {} bridgeInterfacesDict[vm['name']][bridgeiface['name']]['vpci'] = bridgeiface.get('vpci',None) bridgeInterfacesDict[vm['name']][bridgeiface['name']]['mac'] = bridgeiface.get('mac_address',None) bridgeInterfacesDict[vm['name']][bridgeiface['name']]['bw'] = bridgeiface.get('bandwidth', None) bridgeInterfacesDict[vm['name']][bridgeiface['name']]['model'] = bridgeiface.get('model', None) + bridgeInterfacesDict[vm['name']][bridgeiface['name']]['port_security'] = \ + int(bridgeiface.get('port_security', True)) + bridgeInterfacesDict[vm['name']][bridgeiface['name']]['floating_ip'] = \ + int(bridgeiface.get('floating_ip', False)) #For each internal connection, we add it to the interfaceDict and we create the appropriate net in the NFVO database. #print "Adding new nets (VNF internal nets) to the NFVO database (if any)" @@ -133,6 +141,10 @@ class nfvo_db(db_base.db_base): ifaceItem["mac"] = bridgeInterfacesDict[ element['VNFC'] ][ element['local_iface_name'] ]['mac_address'] ifaceItem["bw"] = bridgeInterfacesDict[ element['VNFC'] ][ element['local_iface_name'] ]['bw'] ifaceItem["model"] = bridgeInterfacesDict[ element['VNFC'] ][ element['local_iface_name'] ]['model'] + ifaceItem["port_security"] = \ + bridgeInterfacesDict[element['VNFC']][element['local_iface_name']]['port_security'] + ifaceItem["floating_ip"] = \ + bridgeInterfacesDict[element['VNFC']][element['local_iface_name']]['floating_ip'] internalconnList.append(ifaceItem) #print "Internal net id in NFVO DB: %s" % net_id @@ -161,6 +173,10 @@ class nfvo_db(db_base.db_base): myIfaceDict["bw"] = bridgeInterfacesDict[ iface['VNFC'] ][ iface['local_iface_name'] ]['bw'] myIfaceDict["model"] = bridgeInterfacesDict[ iface['VNFC'] ][ iface['local_iface_name'] ]['model'] myIfaceDict["mac"] = bridgeInterfacesDict[ iface['VNFC'] ][ iface['local_iface_name'] ]['mac'] + myIfaceDict["port_security"] = \ + bridgeInterfacesDict[iface['VNFC']][iface['local_iface_name']]['port_security'] + myIfaceDict["floating_ip"] = \ + bridgeInterfacesDict[iface['VNFC']][iface['local_iface_name']]['floating_ip'] print "Iface name: %s" % iface['name'] created_time += 0.00001 iface_id = self._new_row_internal('interfaces', myIfaceDict, add_uuid=True, root_uuid=vnf_id, created_time=created_time) @@ -222,11 +238,19 @@ class nfvo_db(db_base.db_base): bridgeInterfacesDict[vm['name']] = {} for bridgeiface in vm['bridge-ifaces']: db_base._convert_bandwidth(bridgeiface, logger=self.logger) + if 'port-security' in bridgeiface: + bridgeiface['port_security'] = bridgeiface.pop('port-security') + if 'floating-ip' in bridgeiface: + bridgeiface['floating_ip'] = bridgeiface.pop('floating-ip') bridgeInterfacesDict[vm['name']][bridgeiface['name']] = {} bridgeInterfacesDict[vm['name']][bridgeiface['name']]['vpci'] = bridgeiface.get('vpci',None) bridgeInterfacesDict[vm['name']][bridgeiface['name']]['mac'] = bridgeiface.get('mac_address',None) bridgeInterfacesDict[vm['name']][bridgeiface['name']]['bw'] = bridgeiface.get('bandwidth', None) bridgeInterfacesDict[vm['name']][bridgeiface['name']]['model'] = bridgeiface.get('model', None) + bridgeInterfacesDict[vm['name']][bridgeiface['name']]['port_security'] = \ + int(bridgeiface.get('port_security', True)) + bridgeInterfacesDict[vm['name']][bridgeiface['name']]['floating_ip'] = \ + int(bridgeiface.get('floating_ip', False)) #For each internal connection, we add it to the interfaceDict and we create the appropriate net in the NFVO database. #print "Adding new nets (VNF internal nets) to the NFVO database (if any)" @@ -287,6 +311,10 @@ class nfvo_db(db_base.db_base): ifaceItem["mac"] = bridgeInterfacesDict[ element['VNFC'] ][ element['local_iface_name'] ]['mac'] ifaceItem["bw"] = bridgeInterfacesDict[ element['VNFC'] ][ element['local_iface_name'] ]['bw'] ifaceItem["model"] = bridgeInterfacesDict[ element['VNFC'] ][ element['local_iface_name'] ]['model'] + ifaceItem["port_security"] = \ + bridgeInterfacesDict[element['VNFC']][element['local_iface_name']]['port_security'] + ifaceItem["floating_ip"] = \ + bridgeInterfacesDict[element['VNFC']][element['local_iface_name']]['floating_ip'] internalconnList.append(ifaceItem) #print "Internal net id in NFVO DB: %s" % net_id @@ -315,6 +343,10 @@ class nfvo_db(db_base.db_base): myIfaceDict["bw"] = bridgeInterfacesDict[ iface['VNFC'] ][ iface['local_iface_name'] ]['bw'] myIfaceDict["model"] = bridgeInterfacesDict[ iface['VNFC'] ][ iface['local_iface_name'] ]['model'] myIfaceDict["mac"] = bridgeInterfacesDict[ iface['VNFC'] ][ iface['local_iface_name'] ]['mac'] + myIfaceDict["port_security"] = \ + bridgeInterfacesDict[iface['VNFC']][iface['local_iface_name']]['port_security'] + myIfaceDict["floating_ip"] = \ + bridgeInterfacesDict[iface['VNFC']][iface['local_iface_name']]['floating_ip'] print "Iface name: %s" % iface['name'] created_time += 0.00001 iface_id = self._new_row_internal('interfaces', myIfaceDict, add_uuid=True, root_uuid=vnf_id, created_time=created_time) @@ -643,13 +675,17 @@ class nfvo_db(db_base.db_base): vm['vim_flavor_id']=vim_flavor_dict['vim_id'] #interfaces - cmd = "SELECT uuid,internal_name,external_name,net_id,type,vpci,mac,bw,model,ip_address" \ + cmd = "SELECT uuid,internal_name,external_name,net_id,type,vpci,mac,bw,model,ip_address," \ + "floating_ip, port_security" \ " FROM interfaces" \ " WHERE vm_id='{}'" \ " ORDER BY created_at".format(vm['uuid']) self.logger.debug(cmd) self.cur.execute(cmd) vm['interfaces'] = self.cur.fetchall() + for index in range(0,len(vm['interfaces'])): + vm['interfaces'][index]['port-security'] = vm['interfaces'][index].pop("port_security") + vm['interfaces'][index]['floating-ip'] = vm['interfaces'][index].pop("floating_ip") #nets every net of a vms cmd = "SELECT uuid,name,type,description FROM nets WHERE vnf_id='{}'".format(vnf['vnf_id']) self.logger.debug(cmd) @@ -700,7 +736,7 @@ class nfvo_db(db_base.db_base): net['vim_id']=d_net['vim_net_id'] db_base._convert_datetime2str(scenario_dict) - db_base._convert_str2boolean(scenario_dict, ('public','shared','external') ) + db_base._convert_str2boolean(scenario_dict, ('public','shared','external','port-security','floating-ip') ) return scenario_dict except (mdb.Error, AttributeError) as e: self._format_error(e, tries) @@ -846,7 +882,8 @@ class nfvo_db(db_base.db_base): interface_type='external' if interface['external_name'] is not None else 'internal' INSERT_={'instance_vm_id': instance_vm_uuid, 'instance_net_id': net_scene2instance[net_id][datacenter_site_id], 'interface_id': interface['uuid'], 'vim_interface_id': interface.get('vim_id'), 'type': interface_type, - 'ip_address': interface.get('ip_address') } + 'ip_address': interface.get('ip_address'), 'floating_ip': int(interface.get('floating-ip',False)), + 'port_security': int(interface.get('port-security',True))} #created_time += 0.00001 interface_uuid = self._new_row_internal('instance_interfaces', INSERT_, True, instance_uuid) #, created_time) interface['uuid'] = interface_uuid #overwrite scnario uuid by instance uuid diff --git a/openmano_schemas.py b/openmano_schemas.py index 013234f5..a8c92a0f 100644 --- a/openmano_schemas.py +++ b/openmano_schemas.py @@ -450,7 +450,9 @@ bridge_interfaces_schema={ "bandwidth":bandwidth_schema, "vpci":pci_schema, "mac_address": mac_schema, - "model": {"type":"string", "enum":["virtio","e1000","ne2k_pci","pcnet","rtl8139"]} + "model": {"type":"string", "enum":["virtio","e1000","ne2k_pci","pcnet","rtl8139"]}, + "port-security": {"type" : "boolean"}, + "floating-ip": {"type" : "boolean"} }, "additionalProperties": False, "required": ["name"] diff --git a/openmanod.py b/openmanod.py index b50ca9dd..d00f6182 100755 --- a/openmanod.py +++ b/openmanod.py @@ -33,9 +33,9 @@ It loads the configuration file and launches the http_server thread that will li ''' __author__="Alfonso Tierno, Gerardo Garcia, Pablo Montes" __date__ ="$26-aug-2014 11:09:29$" -__version__="0.5.3-r511" -version_date="Dec 2016" -database_version="0.17" #expected database schema version +__version__="0.5.4-r512" +version_date="Jan 2017" +database_version="0.18" #expected database schema version import httpserver import time diff --git a/scenarios/examples/scenario_vnf_floating_ip.yaml b/scenarios/examples/scenario_vnf_floating_ip.yaml new file mode 100644 index 00000000..61da9e75 --- /dev/null +++ b/scenarios/examples/scenario_vnf_floating_ip.yaml @@ -0,0 +1,40 @@ +## +# Copyright 2015 Telefónica Investigación y Desarrollo, S.A.U. +# This file is part of openmano +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# For those usages not covered by the Apache License, Version 2.0 please +# contact with: nfvlabs@tid.es +## +--- +schema_version: 2 +scenario: + name: vnf_floating_ip + description: vnf_floating_ip + public: false # if available for other tenants + vnfs: + vnf_floating_ip: # vnf name in the scenario + #identify an already openmano uploaded VNF either by vnf_id (uuid, prefered) or vnf_name + #vnf_id: 0c0dcc20-c5d5-11e6-a9fb-fa163e2ae06e #prefered id method + vnf_name: vnf_floating_ip #can fail if several vnfs matches this name + #graph: {"y":399,"x":332,"ifaces":{"left":[["xe0","d"],["xe1","d"]],"bottom":[["eth0","v"],["eth1","m"]]}} + networks: + internal: + # Connections based on external networks (datacenter nets) must include the external network in the list of nodes + type: bridge + external: true #this will be connected outside + interfaces: + - vnf_floating_ip: mgmt0 + diff --git a/scenarios/examples/scenario_vnf_no_port_security.yaml b/scenarios/examples/scenario_vnf_no_port_security.yaml new file mode 100644 index 00000000..df0a53b5 --- /dev/null +++ b/scenarios/examples/scenario_vnf_no_port_security.yaml @@ -0,0 +1,40 @@ +## +# Copyright 2015 Telefónica Investigación y Desarrollo, S.A.U. +# This file is part of openmano +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# For those usages not covered by the Apache License, Version 2.0 please +# contact with: nfvlabs@tid.es +## +--- +schema_version: 2 +scenario: + name: vnf_no_port_security + description: vnf_no_port_security + public: false # if available for other tenants + vnfs: + vnf_no_port_security: # vnf name in the scenario + #identify an already openmano uploaded VNF either by vnf_id (uuid, prefered) or vnf_name + #vnf_id: 0c0dcc20-c5d5-11e6-a9fb-fa163e2ae06e #prefered id method + vnf_name: vnf_no_port_security #can fail if several vnfs matches this name + #graph: {"y":399,"x":332,"ifaces":{"left":[["xe0","d"],["xe1","d"]],"bottom":[["eth0","v"],["eth1","m"]]}} + networks: + internal: + # Connections based on external networks (datacenter nets) must include the external network in the list of nodes + type: bridge + external: true #this will be connected outside + interfaces: + - vnf_no_port_security: mgmt0 + diff --git a/vimconn_openstack.py b/vimconn_openstack.py index cdd11784..c5b4ce1f 100644 --- a/vimconn_openstack.py +++ b/vimconn_openstack.py @@ -62,6 +62,7 @@ netStatus2manoFormat={'ACTIVE':'ACTIVE','PAUSED':'PAUSED','INACTIVE':'INACTIVE', #global var to have a timeout creating and deleting volumes volume_timeout = 60 +server_timeout = 60 class vimconnector(vimconn.vimconnector): def __init__(self, uuid, name, tenant_id, tenant_name, url, url_admin=None, user=None, passwd=None, log_level=None, config={}): @@ -705,6 +706,8 @@ class vimconnector(vimconn.vimconnector): port_dict["name"]=name if net.get("mac_address"): port_dict["mac_address"]=net["mac_address"] + if "port_security" in net: + port_dict["port_security_enabled"]=net["port_security"] new_port = self.neutron.create_port({"port": port_dict }) net["mac_adress"] = new_port["port"]["mac_address"] net["vim_id"] = new_port["port"]["id"] @@ -804,11 +807,26 @@ class vimconnector(vimconn.vimconnector): pool_id = None floating_ips = self.neutron.list_floatingips().get("floatingips", ()) for floating_network in external_network: + # wait until vm is active + elapsed_time = 0 + while elapsed_time < server_timeout: + status = self.nova.servers.get(server.id).status + if status == 'ACTIVE': + break + time.sleep(1) + elapsed_time += 1 + + #if we exceeded the timeout rollback + if elapsed_time >= server_timeout: + self.delete_vminstance(server.id) + raise vimconn.vimconnException('Timeout creating instance ' + name, + http_code=vimconn.HTTP_Request_Timeout) + assigned = False while(assigned == False): if floating_ips: ip = floating_ips.pop(0) - if not ip.get("port_id", False): + if not ip.get("port_id", False) and ip.get('tenant_id') == server.tenant_id: free_floating_ip = ip.get("floating_ip_address") try: fix_ip = floating_network.get('ip') @@ -818,8 +836,25 @@ class vimconnector(vimconn.vimconnector): self.delete_vminstance(server.id) raise vimconn.vimconnException(type(e).__name__ + ": Cannot create floating_ip "+ str(e), http_code=vimconn.HTTP_Conflict) else: - pool_id = floating_network.get('net_id') - param = {'floatingip': {'floating_network_id': pool_id}} + #Find the external network + external_nets = list() + for net in self.neutron.list_networks()['networks']: + if net['router:external']: + external_nets.append(net) + + if len(external_nets) == 0: + self.delete_vminstance(server.id) + raise vimconn.vimconnException("Cannot create floating_ip automatically since no external " + "network is present", + http_code=vimconn.HTTP_Conflict) + if len(external_nets) > 1: + self.delete_vminstance(server.id) + raise vimconn.vimconnException("Cannot create floating_ip automatically since multiple " + "external networks are present", + http_code=vimconn.HTTP_Conflict) + + pool_id = external_nets[0].get('id') + param = {'floatingip': {'floating_network_id': pool_id, 'tenant_id': server.tenant_id}} try: #self.logger.debug("Creating floating IP") new_floating_ip = self.neutron.create_floatingip(param) @@ -837,6 +872,15 @@ class vimconnector(vimconn.vimconnector): # error_text= "vm instance %s not found" % vm_id except (ksExceptions.ClientException, nvExceptions.ClientException, ConnectionError ) as e: + # delete the volumes we just created + if block_device_mapping != None: + for volume_id in block_device_mapping.itervalues(): + self.cinder.volumes.delete(volume_id) + + # delete ports we just created + for net_item in net_list_vim: + if 'port-id' in net_item: + self.neutron.delete_port(net_item['port_id']) self._format_exception(e) except TypeError as e: raise vimconn.vimconnException(type(e).__name__ + ": "+ str(e), http_code=vimconn.HTTP_Bad_Request) diff --git a/vnfs/examples/vnf_floating_ip.yaml b/vnfs/examples/vnf_floating_ip.yaml new file mode 100644 index 00000000..b8fe82a1 --- /dev/null +++ b/vnfs/examples/vnf_floating_ip.yaml @@ -0,0 +1,61 @@ +## +# Copyright 2015 Telefónica Investigación y Desarrollo, S.A.U. +# This file is part of openmano +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# For those usages not covered by the Apache License, Version 2.0 please +# contact with: nfvlabs@tid.es +## +--- +vnf: + name: vnf_floating_ip + description: VNF disabling port_security option in mgmt interface + # class: parent # Optional. Used to organize VNFs + external-connections: + - name: mgmt0 + type: mgmt # "mgmt" (autoconnect to management net), "bridge", "data" + VNFC: vnf_floating_ip # Virtual Machine this interface belongs to + local_iface_name: mgmt0 # interface name inside this Virtual Machine (must be defined in the VNFC section) + description: Management interface + VNFC: # Virtual machine array + - name: vnf_floating_ip # name of Virtual Machine + description: vnf_floating_ip +# VNFC image: /path/to/imagefolder/TEMPLATE-VM.qcow2 + image name: ubuntu16.04 + image checksum: 7373edba82a31eedd182d29237b746cf + # image metadata: {"bus":"ide", "os_type":"windows", "use_incremental": "no" } #Optional + # processor: #Optional + # model: Intel(R) Xeon(R) CPU E5-4620 0 @ 2.20GHz + # features: ["64b", "iommu", "lps", "tlbps", "hwsv", "dioc", "ht"] + # hypervisor: #Optional + # type: QEMU-kvm + # version: "10002|12001|2.6.32-358.el6.x86_64" + vcpus: 1 # Only for traditional cloud VMs. Number of virtual CPUs (oversubscription is allowed). + ram: 1000 # Only for traditional cloud VMs. Memory in MBytes (not from hugepages, oversubscription is allowed) + disk: 5 # disk size in GiB, by default 1 + #numas: + #- paired-threads: 5 # "cores", "paired-threads", "threads" + # paired-threads-id: [ [0,1], [2,3], [4,5], [6,7], [8,9] ] # By default follows incremental order + # memory: 14 # GBytes + # interfaces: [] + bridge-ifaces: + - name: mgmt0 + vpci: "0000:00:0a.0" # Optional. Virtual PCI address + bandwidth: 1 Mbps # Optional. Informative only + floating-ip: True + # mac_address: '20:33:45:56:77:46' #avoid this option if possible + # model: 'virtio' # ("virtio","e1000","ne2k_pci","pcnet","rtl8139") By default, it is automatically filled by libvirt + # Additional Virtual Machines would be included here + diff --git a/vnfs/examples/vnf_no_port_security.yaml b/vnfs/examples/vnf_no_port_security.yaml new file mode 100644 index 00000000..1c26c242 --- /dev/null +++ b/vnfs/examples/vnf_no_port_security.yaml @@ -0,0 +1,61 @@ +## +# Copyright 2015 Telefónica Investigación y Desarrollo, S.A.U. +# This file is part of openmano +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# For those usages not covered by the Apache License, Version 2.0 please +# contact with: nfvlabs@tid.es +## +--- +vnf: + name: vnf_no_port_security + description: VNF disabling port_security option in mgmt interface + # class: parent # Optional. Used to organize VNFs + external-connections: + - name: mgmt0 + type: mgmt # "mgmt" (autoconnect to management net), "bridge", "data" + VNFC: vnf_no_port_security # Virtual Machine this interface belongs to + local_iface_name: mgmt0 # interface name inside this Virtual Machine (must be defined in the VNFC section) + description: Management interface + VNFC: # Virtual machine array + - name: vnf_no_port_security # name of Virtual Machine + description: vnf_no_port_security +# VNFC image: /path/to/imagefolder/TEMPLATE-VM.qcow2 + image name: ubuntu16.04 + image checksum: 7373edba82a31eedd182d29237b746cf + # image metadata: {"bus":"ide", "os_type":"windows", "use_incremental": "no" } #Optional + # processor: #Optional + # model: Intel(R) Xeon(R) CPU E5-4620 0 @ 2.20GHz + # features: ["64b", "iommu", "lps", "tlbps", "hwsv", "dioc", "ht"] + # hypervisor: #Optional + # type: QEMU-kvm + # version: "10002|12001|2.6.32-358.el6.x86_64" + vcpus: 1 # Only for traditional cloud VMs. Number of virtual CPUs (oversubscription is allowed). + ram: 1000 # Only for traditional cloud VMs. Memory in MBytes (not from hugepages, oversubscription is allowed) + disk: 5 # disk size in GiB, by default 1 + #numas: + #- paired-threads: 5 # "cores", "paired-threads", "threads" + # paired-threads-id: [ [0,1], [2,3], [4,5], [6,7], [8,9] ] # By default follows incremental order + # memory: 14 # GBytes + # interfaces: [] + bridge-ifaces: + - name: mgmt0 + vpci: "0000:00:0a.0" # Optional. Virtual PCI address + bandwidth: 1 Mbps # Optional. Informative only + port-security: False + # mac_address: '20:33:45:56:77:46' #avoid this option if possible + # model: 'virtio' # ("virtio","e1000","ne2k_pci","pcnet","rtl8139") By default, it is automatically filled by libvirt + # Additional Virtual Machines would be included here + -- 2.25.1