Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(neutron-understack): more ASA #566

Draft
wants to merge 8 commits into
base: main
Choose a base branch
from
Draft
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion components/neutron/aio-values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ conf:
type_drivers: "vlan,local,understack_vxlan"
neutron:
DEFAULT:
service_plugins: "l3_understack,segments"
service_plugins: "l3_understack,segments,trunk"
# we don't want HA L3 routers. It's a Python value so we need to quote it in YAML.
l3_ha: "False"
# we aren't using availability zones so having calls attempt to add things to
Expand Down
24 changes: 12 additions & 12 deletions components/openstack-2024.2-jammy.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -35,18 +35,18 @@ images:
ironic_retrive_swift_config: "docker.io/openstackhelm/heat:2024.2-ubuntu_jammy"

# neutron
neutron_db_sync: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_dhcp: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_l3: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_l2gw: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_linuxbridge_agent: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_metadata: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_ovn_metadata: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_openvswitch_agent: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_server: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_rpc_server: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_bagpipe_bgp: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_netns_cleanup_cron: "ghcr.io/rackerlabs/understack/neutron:2024.2-ubuntu_jammy"
neutron_db_sync: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_dhcp: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_l3: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_l2gw: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_linuxbridge_agent: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_metadata: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_ovn_metadata: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_openvswitch_agent: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_server: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_rpc_server: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_bagpipe_bgp: "ghcr.io/rackerlabs/understack/neutron:pr-566"
neutron_netns_cleanup_cron: "ghcr.io/rackerlabs/understack/neutron:pr-566"

# nova
nova_api: "docker.io/openstackhelm/nova:2024.2-ubuntu_jammy"
Expand Down
53 changes: 53 additions & 0 deletions python/neutron-understack/neutron_understack/cisco_asa.py
Original file line number Diff line number Diff line change
Expand Up @@ -106,3 +106,56 @@ def delete_nat(self, inside_ip_addr: str) -> bool:
]

return self._make_request("delete_nat", cmds)

def create_inside_interface(
self,
asa_phys_inf: str,
asa_inside_inf: str,
vlan: int,
gateway_ip: str,
standby_ip: str,
netmask: str,
) -> bool:
cmds = [
f"interface {asa_phys_inf}.{vlan}",
f"vlan {vlan}",
f"nameif {asa_inside_inf}",
f"ip address {gateway_ip} {netmask} standby {standby_ip}",
]
return self._make_request("create_inside_interface", cmds)

def delete_inside_interface(self, asa_phys_inf: str, vlan: int) -> bool:
cmds = [
f"no interface {asa_phys_inf}.{vlan}",
]
return self._make_request("delete_inside_interface", cmds)

def create_interface_access_list(self, asa_inside_inf: str) -> bool:
cmds = [
f"access-list {asa_inside_inf} permit ip any any",
f"access-group {asa_inside_inf} in interface {asa_inside_inf}",
]
return self._make_request("create_interface_access_list", cmds)

def delete_interface_access_list(self, asa_inside_inf: str) -> bool:
cmds = [
f"no access-list {asa_inside_inf} permit ip any any",
]
return self._make_request("delete_interface_access_list", cmds)

def create_default_pat(
self, outside_ip_addr: str, asa_outside_inf: str, asa_inside_inf: str
) -> bool:
cmds = [
f"object network OBJ-{outside_ip_addr}",
# next entry spans two lines NO COMMA so its one command
f"nat ({asa_inside_inf},{asa_outside_inf}) after-auto source "
f"dynamic any OBJ-{outside_ip_addr}",
]
return self._make_request("create_default_pat", cmds)

def delete_default_pat(self, outside_ip_addr: str) -> bool:
cmds = [
f"no object network OBJ-{outside_ip_addr}",
]
return self._make_request("delete_default_pat", cmds)
10 changes: 10 additions & 0 deletions python/neutron-understack/neutron_understack/config.py
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,16 @@
help="ASA interface for outside connections",
default="OUTSIDE",
),
cfg.StrOpt(
"outside_physical",
help="Physical Interface for outside connections",
default="GigabitEthernet1/1",
),
cfg.StrOpt(
"inside_physical",
help="Physical Interface for inside connections",
default="GigabitEthernet1/2",
),
]


Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,27 +24,38 @@ def __init__(self, l3plugin):
super().__init__(l3plugin)
self.core_plugin = directory.get_plugin()

@registry.receives(resources.ROUTER_INTERFACE, [events.AFTER_CREATE])
@registry.receives(
resources.ROUTER_INTERFACE,
[events.AFTER_CREATE, events.AFTER_UPDATE, events.AFTER_DELETE],
)
def _process_router_interface_create(self, resource, event, trigger, payload):
router = payload.states[0]
LOG.debug("router_interface_early %s %s", event, payload.metadata)
router = payload.states[0] if len(payload.states) >= 1 else None
context = payload.context
port = payload.metadata["port"]
subnets = payload.metadata["subnets"]
port = payload.metadata.get("port")
subnets = payload.metadata.get("subnets")
LOG.debug(
"router_interface_create1 %s / %s / %s / %s", router, context, port, subnets
)
LOG.debug(
"router_interface_create2 %s / %s / %s / %s",
resource,
"router_interface_create2 %s / %s",
event,
trigger,
payload,
payload.metadata,
)

@registry.receives(resources.FLOATING_IP, [events.AFTER_CREATE])
def _process_floatingip_create(self, resource, event, trigger, payload):
@registry.receives(
resources.ROUTER_GATEWAY,
[events.AFTER_CREATE, events.AFTER_UPDATE, events.AFTER_DELETE],
)
def _process_router_gateway(self, resource, event, trigger, payload):
LOG.debug("router_gateway_early %s %s", event, payload.metadata)

LOG.debug(
"floatingip_create %s / %s / %s / %s", resource, event, trigger, payload
"router_gateway %s / %s / %s / %s",
event,
payload.metadata,
payload.states[0],
payload.states[1],
)

@registry.receives(resources.FLOATING_IP, [events.AFTER_UPDATE])
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@

from neutron_understack import config
from neutron_understack.nautobot import Nautobot
from neutron_understack.trunk import UnderStackTrunkDriver
from neutron_understack.undersync import Undersync

LOG = logging.getLogger(__name__)
Expand Down Expand Up @@ -110,6 +111,7 @@ def initialize(self):
conf = cfg.CONF.ml2_understack
self.nb = Nautobot(conf.nb_url, conf.nb_token)
self.undersync = Undersync(conf.undersync_token, conf.undersync_url)
self.trunk_driver = UnderStackTrunkDriver.create(self)

def create_network_precommit(self, context):
log_call("create_network_precommit", context)
Expand Down
28 changes: 28 additions & 0 deletions python/neutron-understack/neutron_understack/trunk.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
from neutron.services.trunk.drivers import base as trunk_base
from neutron_lib.api.definitions import portbindings
from neutron_lib.services.trunk import constants as trunk_consts
from oslo_config import cfg

SUPPORTED_INTERFACES = (portbindings.VIF_TYPE_OTHER,)

SUPPORTED_SEGMENTATION_TYPES = (trunk_consts.SEGMENTATION_TYPE_VLAN,)


class UnderStackTrunkDriver(trunk_base.DriverBase):
@property
def is_loaded(self):
try:
return "understack" in cfg.CONF.ml2.mechanism_drivers
except cfg.NoSuchOptError:
return False

@classmethod
def create(cls, plugin_driver):
cls.plugin_driver = plugin_driver
return cls(
"understack",
SUPPORTED_INTERFACES,
SUPPORTED_SEGMENTATION_TYPES,
None,
can_trunk_bound_port=True,
)
Loading