Scott Baker | b63ea79 | 2016-08-11 10:24:48 -0700 | [diff] [blame] | 1 | import os |
| 2 | import base64 |
| 3 | import socket |
| 4 | from django.db.models import F, Q |
| 5 | from xos.config import Config |
| 6 | from xos.settings import RESTAPI_HOSTNAME, RESTAPI_PORT |
Scott Baker | 8b75e85 | 2016-08-16 15:04:59 -0700 | [diff] [blame] | 7 | from synchronizers.openstack.openstacksyncstep import OpenStackSyncStep |
Scott Baker | b63ea79 | 2016-08-11 10:24:48 -0700 | [diff] [blame] | 8 | from core.models.instance import Instance |
| 9 | from core.models.slice import Slice, SlicePrivilege, ControllerSlice |
| 10 | from core.models.network import Network, NetworkSlice, ControllerNetwork |
Sapan Bhatia | 259205e | 2017-01-24 19:32:59 +0100 | [diff] [blame] | 11 | from synchronizers.base.ansible_helper import * |
Scott Baker | b63ea79 | 2016-08-11 10:24:48 -0700 | [diff] [blame] | 12 | from synchronizers.base.syncstep import * |
| 13 | from xos.logger import observer_logger as logger |
| 14 | |
| 15 | def escape(s): |
| 16 | s = s.replace('\n',r'\n').replace('"',r'\"') |
| 17 | return s |
| 18 | |
| 19 | class SyncInstances(OpenStackSyncStep): |
| 20 | provides=[Instance] |
| 21 | requested_interval=0 |
| 22 | observes=Instance |
| 23 | playbook='sync_instances.yaml' |
| 24 | |
| 25 | def fetch_pending(self, deletion=False): |
| 26 | objs = super(SyncInstances, self).fetch_pending(deletion) |
| 27 | objs = [x for x in objs if x.isolation=="vm"] |
| 28 | return objs |
| 29 | |
| 30 | def get_userdata(self, instance, pubkeys): |
| 31 | userdata = '#cloud-config\n\nopencloud:\n slicename: "%s"\n hostname: "%s"\n restapi_hostname: "%s"\n restapi_port: "%s"\n' % (instance.slice.name, instance.node.name, RESTAPI_HOSTNAME, str(RESTAPI_PORT)) |
| 32 | userdata += 'ssh_authorized_keys:\n' |
| 33 | for key in pubkeys: |
| 34 | userdata += ' - %s\n' % key |
| 35 | return userdata |
| 36 | |
| 37 | def sort_nics(self, nics): |
| 38 | result = [] |
| 39 | |
| 40 | # Enforce VTN's network order requirement. The access network must be |
| 41 | # inserted into the first slot. The management network must be inserted |
| 42 | # into the second slot. |
| 43 | |
| 44 | # move the private and/or access network to the first spot |
| 45 | for nic in nics[:]: |
| 46 | network=nic.get("network", None) |
| 47 | if network: |
| 48 | tem = network.template |
| 49 | if (tem.visibility == "private") and (tem.translation=="none") and ("management" not in tem.name): |
| 50 | result.append(nic) |
| 51 | nics.remove(nic) |
| 52 | |
| 53 | # move the management network to the second spot |
Scott Baker | ead6af4 | 2016-10-11 16:40:40 -0700 | [diff] [blame] | 54 | for nic in nics[:]: |
Scott Baker | b63ea79 | 2016-08-11 10:24:48 -0700 | [diff] [blame] | 55 | network=nic.get("network", None) |
| 56 | if network: |
| 57 | tem = network.template |
| 58 | if (tem.visibility == "private") and (tem.translation=="none") and ("management" in tem.name): |
| 59 | #MCORD |
| 60 | # if len(result)!=1: |
| 61 | # raise Exception("Management network needs to be inserted in slot 1, but there are %d private nics" % len(result)) |
| 62 | result.append(nic) |
| 63 | nics.remove(nic) |
| 64 | |
| 65 | # add everything else. For VTN there probably shouldn't be any more. |
| 66 | result.extend(nics) |
| 67 | |
| 68 | return result |
| 69 | |
| 70 | def map_sync_inputs(self, instance): |
Scott Baker | e13170a | 2017-01-26 09:57:37 -0800 | [diff] [blame^] | 71 | |
| 72 | # sanity check - make sure model_policy for slice has run |
| 73 | if ((not instance.slice.policed) or (instance.slice.policed < instance.slice.updated)): |
| 74 | raise DeferredException("Instance %s waiting on Slice %s to execute model policies" % (instance, slice.name)) |
| 75 | |
| 76 | # sanity check - make sure model_policy for all slice networks have run |
| 77 | for network in instance.slice.ownedNetworks.all(): |
| 78 | if ((not network.policed) or (network.policed < network.updated)): |
| 79 | raise DeferredException("Instance %s waiting on Network %s to execute model policies" % (instance, network.name)) |
| 80 | |
Scott Baker | b63ea79 | 2016-08-11 10:24:48 -0700 | [diff] [blame] | 81 | inputs = {} |
| 82 | metadata_update = {} |
| 83 | if (instance.numberCores): |
| 84 | metadata_update["cpu_cores"] = str(instance.numberCores) |
| 85 | |
| 86 | for tag in instance.slice.tags.all(): |
| 87 | if tag.name.startswith("sysctl-"): |
| 88 | metadata_update[tag.name] = tag.value |
| 89 | |
| 90 | slice_memberships = SlicePrivilege.objects.filter(slice=instance.slice) |
| 91 | pubkeys = set([sm.user.public_key for sm in slice_memberships if sm.user.public_key]) |
| 92 | if instance.creator.public_key: |
| 93 | pubkeys.add(instance.creator.public_key) |
| 94 | |
| 95 | if instance.slice.creator.public_key: |
| 96 | pubkeys.add(instance.slice.creator.public_key) |
| 97 | |
| 98 | if instance.slice.service and instance.slice.service.public_key: |
| 99 | pubkeys.add(instance.slice.service.public_key) |
| 100 | |
| 101 | nics=[] |
| 102 | |
| 103 | # handle ports the were created by the user |
| 104 | port_ids=[] |
| 105 | for port in Port.objects.filter(instance=instance): |
| 106 | if not port.port_id: |
| 107 | raise DeferredException("Instance %s waiting on port %s" % (instance, port)) |
| 108 | nics.append({"kind": "port", "value": port.port_id, "network": port.network}) |
| 109 | |
| 110 | # we want to exclude from 'nics' any network that already has a Port |
| 111 | existing_port_networks = [port.network for port in Port.objects.filter(instance=instance)] |
| 112 | |
| 113 | networks = [ns.network for ns in NetworkSlice.objects.filter(slice=instance.slice) if ns.network not in existing_port_networks] |
| 114 | controller_networks = ControllerNetwork.objects.filter(network__in=networks, |
| 115 | controller=instance.node.site_deployment.controller) |
| 116 | |
Scott Baker | 6c69a12 | 2016-12-07 16:08:55 -0800 | [diff] [blame] | 117 | for network in networks: |
| 118 | if not ControllerNetwork.objects.filter(network=network, controller=instance.node.site_deployment.controller).exists(): |
| 119 | raise DeferredException("Instance %s Private Network %s lacks ControllerNetwork object" % (instance, network.name)) |
| 120 | |
Scott Baker | b63ea79 | 2016-08-11 10:24:48 -0700 | [diff] [blame] | 121 | #controller_networks = self.sort_controller_networks(controller_networks) |
| 122 | for controller_network in controller_networks: |
| 123 | # Lenient exception - causes slow backoff |
| 124 | if controller_network.network.template.visibility == 'private' and \ |
| 125 | controller_network.network.template.translation == 'none': |
| 126 | if not controller_network.net_id: |
| 127 | raise DeferredException("Instance %s Private Network %s has no id; Try again later" % (instance, controller_network.network.name)) |
| 128 | nics.append({"kind": "net", "value": controller_network.net_id, "network": controller_network.network}) |
| 129 | |
| 130 | # now include network template |
| 131 | network_templates = [network.template.shared_network_name for network in networks \ |
| 132 | if network.template.shared_network_name] |
| 133 | |
| 134 | #driver = self.driver.client_driver(caller=instance.creator, tenant=instance.slice.name, controller=instance.controllerNetwork) |
| 135 | driver = self.driver.admin_driver(tenant='admin', controller=instance.node.site_deployment.controller) |
| 136 | nets = driver.shell.neutron.list_networks()['networks'] |
| 137 | for net in nets: |
| 138 | if net['name'] in network_templates: |
| 139 | nics.append({"kind": "net", "value": net['id'], "network": None}) |
| 140 | |
| 141 | if (not nics): |
| 142 | for net in nets: |
| 143 | if net['name']=='public': |
| 144 | nics.append({"kind": "net", "value": net['id'], "network": None}) |
| 145 | |
| 146 | nics = self.sort_nics(nics) |
| 147 | |
| 148 | image_name = None |
| 149 | controller_images = instance.image.controllerimages.filter(controller=instance.node.site_deployment.controller) |
| 150 | if controller_images: |
| 151 | image_name = controller_images[0].image.name |
| 152 | logger.info("using image from ControllerImage object: " + str(image_name)) |
| 153 | |
| 154 | if image_name is None: |
| 155 | controller_driver = self.driver.admin_driver(controller=instance.node.site_deployment.controller) |
| 156 | images = controller_driver.shell.glanceclient.images.list() |
| 157 | for image in images: |
| 158 | if image.name == instance.image.name or not image_name: |
| 159 | image_name = image.name |
| 160 | logger.info("using image from glance: " + str(image_name)) |
| 161 | |
| 162 | try: |
| 163 | legacy = Config().observer_legacy |
| 164 | except: |
| 165 | legacy = False |
| 166 | |
| 167 | if (legacy): |
| 168 | host_filter = instance.node.name.split('.',1)[0] |
| 169 | else: |
| 170 | host_filter = instance.node.name.strip() |
| 171 | |
| 172 | availability_zone_filter = 'nova:%s'%host_filter |
| 173 | instance_name = '%s-%d'%(instance.slice.name,instance.id) |
| 174 | self.instance_name = instance_name |
| 175 | |
| 176 | userData = self.get_userdata(instance, pubkeys) |
| 177 | if instance.userData: |
| 178 | userData += instance.userData |
| 179 | |
| 180 | controller = instance.node.site_deployment.controller |
| 181 | fields = {'endpoint':controller.auth_url, |
| 182 | 'endpoint_v3': controller.auth_url_v3, |
| 183 | 'domain': controller.domain, |
| 184 | 'admin_user': instance.creator.email, |
| 185 | 'admin_password': instance.creator.remote_password, |
| 186 | 'project_name': instance.slice.name, |
| 187 | 'tenant': instance.slice.name, |
| 188 | 'tenant_description': instance.slice.description, |
| 189 | 'name':instance_name, |
| 190 | 'ansible_tag':instance_name, |
| 191 | 'availability_zone': availability_zone_filter, |
| 192 | 'image_name':image_name, |
| 193 | 'flavor_name':instance.flavor.name, |
| 194 | 'nics':nics, |
| 195 | 'meta':metadata_update, |
| 196 | 'user_data':r'%s'%escape(userData)} |
| 197 | return fields |
| 198 | |
| 199 | |
| 200 | def map_sync_outputs(self, instance, res): |
| 201 | instance_id = res[0]['openstack']['OS-EXT-SRV-ATTR:instance_name'] |
| 202 | instance_uuid = res[0]['id'] |
| 203 | |
| 204 | try: |
| 205 | hostname = res[0]['openstack']['OS-EXT-SRV-ATTR:hypervisor_hostname'] |
| 206 | ip = socket.gethostbyname(hostname) |
| 207 | instance.ip = ip |
| 208 | except: |
| 209 | pass |
| 210 | |
| 211 | instance.instance_id = instance_id |
| 212 | instance.instance_uuid = instance_uuid |
| 213 | instance.instance_name = self.instance_name |
| 214 | instance.save() |
| 215 | |
| 216 | |
| 217 | def map_delete_inputs(self, instance): |
| 218 | controller_register = json.loads(instance.node.site_deployment.controller.backend_register) |
| 219 | |
| 220 | if (controller_register.get('disabled',False)): |
| 221 | raise InnocuousException('Controller %s is disabled'%instance.node.site_deployment.controller.name) |
| 222 | |
| 223 | instance_name = '%s-%d'%(instance.slice.name,instance.id) |
| 224 | controller = instance.node.site_deployment.controller |
| 225 | input = {'endpoint':controller.auth_url, |
| 226 | 'admin_user': instance.creator.email, |
| 227 | 'admin_password': instance.creator.remote_password, |
Andy Bavier | 9e65a35 | 2016-09-30 15:39:02 -0400 | [diff] [blame] | 228 | 'project_name': instance.slice.name, |
Scott Baker | b63ea79 | 2016-08-11 10:24:48 -0700 | [diff] [blame] | 229 | 'tenant': instance.slice.name, |
| 230 | 'tenant_description': instance.slice.description, |
| 231 | 'name':instance_name, |
| 232 | 'ansible_tag':instance_name, |
| 233 | 'delete': True} |
| 234 | return input |