opennebula 6.10.3 → 6.99.85.pre

data/lib/nsx_rule.rb

@@ -1,206 +0,0 @@
-# -------------------------------------------------------------------------- #
-# Copyright 2002-2024, OpenNebula Project, OpenNebula Systems                #
-#                                                                            #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
-# not use this file except in compliance with the License. You may obtain    #
-# a copy of the License at                                                   #
-#                                                                            #
-# http://www.apache.org/licenses/LICENSE-2.0                                 #
-#                                                                            #
-# Unless required by applicable law or agreed to in writing, software        #
-# distributed under the License is distributed on an "AS IS" BASIS,          #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
-# See the License for the specific language governing permissions and        #
-# limitations under the License.                                             #
-#--------------------------------------------------------------------------- #
-
-require 'ipaddr'
-
-# Module NSXDriver
-module NSXDriver
-
-    ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
-
-    if !ONE_LOCATION
-        RUBY_LIB_LOCATION = '/usr/lib/one/ruby' \
-            unless defined?(RUBY_LIB_LOCATION)
-        GEMS_LOCATION     = '/usr/share/one/gems' \
-            unless defined?(GEMS_LOCATION)
-    else
-        RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby' \
-            unless defined?(RUBY_LIB_LOCATION)
-        GEMS_LOCATION     = ONE_LOCATION + '/share/gems' \
-            unless defined?(GEMS_LOCATION)
-    end
-
-# rubocop: disable all
-# %%RUBYGEMS_SETUP_BEGIN%%
-if File.directory?(GEMS_LOCATION)
-    real_gems_path = File.realpath(GEMS_LOCATION)
-    if !defined?(Gem) || Gem.path != [real_gems_path]
-        $LOAD_PATH.reject! {|l| l =~ /vendor_ruby/ }
-
-        # Suppress warnings from Rubygems
-        # https://github.com/OpenNebula/one/issues/5379
-        begin
-            verb = $VERBOSE
-            $VERBOSE = nil
-            require 'rubygems'
-            Gem.use_paths(real_gems_path)
-        ensure
-            $VERBOSE = verb
-        end
-    end
-end
-# %%RUBYGEMS_SETUP_END%%
-# rubocop: enable all
-
-    $LOAD_PATH << RUBY_LIB_LOCATION
-
-    require 'nsxt_rule'
-    require 'nsxv_rule'
-
-    # Class Logical Switch
-    module NSXRule
-
-        include NSXTRule
-        include NSXVRule
-
-        def to_nets(ip_start, size)
-            nets = []
-            ipaddr = IPAddr.new ip_start
-            ip_i = ipaddr.to_i
-
-            if ipaddr.ipv4?
-                ip_length = 32
-            elsif ipaddr.ipv6?
-                ip_length = 128
-            else
-                return
-            end
-
-            # Find the largest address block (look for the first 1-bit)
-            lblock = 0
-
-            lblock += 1 while ip_i[lblock] == 0 && lblock < ip_length
-
-            # Allocate whole blocks till the size fits
-            while size >= 2**lblock
-                nets << "#{IPAddr.new(ip_i, ipaddr.family)}" \
-                        "/#{ip_length-lblock}"
-
-                ip_i += 2**lblock
-                size -= 2**lblock
-
-                lblock += 1 while ip_i[lblock] == 0 && lblock < ip_length
-            end
-
-            # Fit remaining address blocks
-            ip_length.downto(0) do |i|
-                next if size[i] == 0
-
-                nets << "#{IPAddr.new(ip_i, ipaddr.family)}/#{ip_length-i}"
-
-                ip_i += 2**i
-            end
-
-            nets
-        end
-
-        # Adapt port from ["22, 443"] to '22, 443'
-        # Adapt port from ["22", "443"] to '22, 443'
-        def parse_ports(rule_ports)
-            unless rule_ports.empty?
-                rule_ports = rule_ports.join(',')
-            end
-            rule_ports
-        end
-
-        def extract_vnet_data(vnet_id)
-            if vnet_id == ''
-                return {
-                    :nsxid => '',
-                    :name => ''
-                }
-            end
-            # Create client to communicate with OpenNebula
-            one_client = OpenNebula::Client.new
-            # Get the network XML from OpenNebula
-            # This is potentially different from the Netowrk Template
-            # provided as the API call argument
-            one_vnet = OpenNebula::VirtualNetwork.new_with_id(vnet_id,
-                                                              one_client)
-            rc = one_vnet.info
-            if OpenNebula.is_error?(rc)
-                err_msg = rc.message
-                raise CreateNetworkError, err_msg
-            end
-            {
-                :nsxid => one_vnet['TEMPLATE/NSX_ID'],
-                :name => one_vnet['NAME']
-            }
-        end
-
-        def extract_rule_data(xml_rule)
-            sg_id = xml_rule.xpath('SECURITY_GROUP_ID').text
-            sg_name = xml_rule.xpath('SECURITY_GROUP_NAME').text
-            in_out = xml_rule.xpath('RULE_TYPE').text.upcase
-            in_out == 'INBOUND' ? sg_direction = 'IN' : sg_direction = 'OUT'
-            # Protocol: TCP, UDP, ICMP...
-            sg_protocol = xml_rule.xpath('PROTOCOL').text
-            if sg_protocol == 'ICMP'
-                sg_icmp_type = xml_rule.xpath('ICMP_TYPE').text
-            end
-            # OpenNebula network ID
-            sg_network_id = xml_rule.xpath('NETWORK_ID').text
-            vnet_data = extract_vnet_data(sg_network_id)
-
-            # ip / netmask
-            sg_ip = xml_rule.xpath('IP').text
-            sg_ipsize = xml_rule.xpath('SIZE').text
-            sg_subnets = []
-            if sg_ip != '' && sg_ipsize != ''
-                sg_subnets = to_nets(sg_ip, sg_ipsize.to_i)
-            end
-            # Ports
-            sg_ports = ''
-            sg_range_port = xml_rule.xpath('RANGE').text
-            if sg_range_port
-                if sg_range_port.index(':')
-                    sg_port_from = sg_range_port[0..sg_range_port.index(':')-1]
-                    sg_port_to = sg_range_port[sg_range_port.index(':')+1,
-                                               sg_range_port.length]
-                    sg_ports = "#{sg_port_from}-#{sg_port_to}"
-                else
-                    sg_ports = sg_range_port
-                end
-            end
-            # Create hash with data
-            {
-                :id => sg_id,
-                :name => sg_name,
-                :direction => sg_direction,
-                :protocol => sg_protocol,
-                :icmp_type => sg_icmp_type,
-                :network_id => sg_network_id,
-                :network_name => vnet_data[:name],
-                :network_nsxid => vnet_data[:nsxid],
-                :subnets => sg_subnets,
-                :ports => sg_ports.split(',')
-            }
-        end
-
-        def rule_spec(rule, vm_data, nic_data, nsx_client)
-            case nsx_client.nsx_type
-            when NSXDriver::NSXConstants::NSXT
-                nsxt_rule_spec(rule, vm_data, nic_data)
-            when NSXDriver::NSXConstants::NSXV
-                nsxv_rule_spec(rule, vm_data, nic_data)
-            else
-                raise "Unsupported NSX type: #{nsx_type}"
-            end
-        end
-
-    end
-
-end

data/lib/nsxt_client.rb

@@ -1,189 +0,0 @@
-# -------------------------------------------------------------------------- #
-# Copyright 2002-2024, OpenNebula Project, OpenNebula Systems                #
-#                                                                            #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
-# not use this file except in compliance with the License. You may obtain    #
-# a copy of the License at                                                   #
-#                                                                            #
-# http://www.apache.org/licenses/LICENSE-2.0                                 #
-#                                                                            #
-# Unless required by applicable law or agreed to in writing, software        #
-# distributed under the License is distributed on an "AS IS" BASIS,          #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
-# See the License for the specific language governing permissions and        #
-# limitations under the License.                                             #
-#--------------------------------------------------------------------------- #
-module NSXDriver
-
-    ONE_LOCATION = ENV['ONE_LOCATION'] unless defined?(ONE_LOCATION)
-
-    if !ONE_LOCATION
-        RUBY_LIB_LOCATION = '/usr/lib/one/ruby' \
-            unless defined?(RUBY_LIB_LOCATION)
-        GEMS_LOCATION     = '/usr/share/one/gems' \
-            unless defined?(GEMS_LOCATION)
-    else
-        RUBY_LIB_LOCATION = ONE_LOCATION + '/lib/ruby' \
-            unless defined?(RUBY_LIB_LOCATION)
-        GEMS_LOCATION     = ONE_LOCATION + '/share/gems' \
-            unless defined?(GEMS_LOCATION)
-    end
-
-# rubocop: disable all
-# %%RUBYGEMS_SETUP_BEGIN%%
-if File.directory?(GEMS_LOCATION)
-    real_gems_path = File.realpath(GEMS_LOCATION)
-    if !defined?(Gem) || Gem.path != [real_gems_path]
-        $LOAD_PATH.reject! {|l| l =~ /vendor_ruby/ }
-
-        # Suppress warnings from Rubygems
-        # https://github.com/OpenNebula/one/issues/5379
-        begin
-            verb = $VERBOSE
-            $VERBOSE = nil
-            require 'rubygems'
-            Gem.use_paths(real_gems_path)
-        ensure
-            $VERBOSE = verb
-        end
-    end
-end
-# %%RUBYGEMS_SETUP_END%%
-# rubocop: enable all
-
-    $LOAD_PATH << RUBY_LIB_LOCATION
-
-    # Class NSXTClient
-    class NSXTClient < NSXClient
-
-        # ATTIBUTES
-        attr_accessor :nsxmgr
-        attr_accessor :nsx_user
-        attr_accessor :nsx_password
-        attr_accessor :nsx_type
-
-        # CONSTRUCTORS
-        def initialize(nsxmgr, nsx_user, nsx_password)
-            super(nsxmgr, nsx_user, nsx_password)
-            @nsx_type = NSXConstants::NSXT
-        end
-
-        # Prepare headers
-        def add_headers(aditional_headers = [])
-            headers = NSXConstants::HEADER_JSON.clone
-            unless aditional_headers.empty?
-                aditional_headers.each do |header|
-                    headers[header.keys[0]] = header.values[0]
-                end
-            end
-            headers
-        end
-
-        # METHODS
-        def get(url, aditional_headers = [], valid_codes = [])
-            if valid_codes.empty?
-                valid_codes = [NSXConstants::CODE_OK,
-                               NSXConstants::CODE_NO_CONTENT]
-            end
-            uri = URI.parse(@nsxmgr + url)
-            headers = add_headers(aditional_headers)
-            request = Net::HTTP::Get.new(uri.request_uri, headers)
-            request.basic_auth(@nsx_user, @nsx_password)
-            response = Net::HTTP.start(uri.host, uri.port, :use_ssl => true,
-                :verify_mode => OpenSSL::SSL::VERIFY_NONE) do |https|
-                    https.request(request)
-                end
-            response = check_response(response, valid_codes)
-            JSON.parse(response.body)
-        end
-
-        def get_full_response(url, aditional_headers = [], valid_codes = [])
-            if valid_codes.empty?
-                valid_codes = [NSXConstants::CODE_OK,
-                               NSXConstants::CODE_NO_CONTENT]
-            end
-            uri = URI.parse(@nsxmgr + url)
-            headers = add_headers(aditional_headers)
-            request = Net::HTTP::Get.new(uri.request_uri, headers)
-            request.basic_auth(@nsx_user, @nsx_password)
-            response = Net::HTTP.start(uri.host, uri.port, :use_ssl => true,
-                :verify_mode => OpenSSL::SSL::VERIFY_NONE) do |https|
-                    https.request(request)
-                end
-            check_response(response, valid_codes)
-        end
-
-        # Return: id of the created object
-        def post(url, data, aditional_headers = [], valid_codes = [])
-            if valid_codes.empty?
-                valid_codes = [NSXConstants::CODE_CREATED,
-                               NSXConstants::CODE_OK]
-            end
-            uri = URI.parse(@nsxmgr + url)
-            headers = add_headers(aditional_headers)
-            request = Net::HTTP::Post.new(uri.request_uri, headers)
-            request.body = data
-            request.basic_auth(@nsx_user, @nsx_password)
-            response = Net::HTTP.start(uri.host, uri.port, :use_ssl => true,
-                :verify_mode => OpenSSL::SSL::VERIFY_NONE) do |https|
-                    https.request(request)
-                end
-            response = check_response(response, valid_codes)
-            response_json = JSON.parse(response.body)
-            response_json['id']
-        end
-
-        def put(url, data, aditional_headers = [], valid_codes = [])
-            if valid_codes.empty?
-                valid_codes = [NSXConstants::CODE_CREATED,
-                               NSXConstants::CODE_OK]
-            end
-            uri = URI.parse(@nsxmgr + url)
-            headers = add_headers(aditional_headers)
-            request = Net::HTTP::Put.new(uri.request_uri, headers)
-            request.body = data
-            request.basic_auth(@nsx_user, @nsx_password)
-            response = Net::HTTP.start(uri.host, uri.port, :use_ssl => true,
-                :verify_mode => OpenSSL::SSL::VERIFY_NONE) do |https|
-                    https.request(request)
-                end
-            response = check_response(response, valid_codes)
-            response_json = JSON.parse(response.body)
-            response_json['id']
-        end
-
-        def delete(url, aditional_headers = [], valid_codes = [])
-            if valid_codes.empty?
-                valid_codes = [NSXConstants::CODE_OK,
-                               NSXConstants::CODE_NO_CONTENT]
-            end
-            uri = URI.parse(@nsxmgr + url)
-            headers = add_headers(aditional_headers)
-            request = Net::HTTP::Delete.new(uri.request_uri, headers)
-            request.basic_auth(@nsx_user, @nsx_password)
-            response = Net::HTTP.start(uri.host, uri.port, :use_ssl => true,
-                :verify_mode => OpenSSL::SSL::VERIFY_NONE) do |https|
-                    https.request(request)
-                end
-            check_response(response, valid_codes)
-        end
-
-        def get_token(url, aditional_headers = [], valid_codes = [])
-            if valid_codes.empty?
-                valid_codes = [NSXConstants::CODE_OK]
-            end
-            uri = URI.parse(@nsxmgr + url)
-            headers = add_headers(aditional_headers)
-            request = Net::HTTP::Post.new(uri.request_uri, headers)
-            request.basic_auth(@nsx_user, @nsx_password)
-            response = Net::HTTP.start(uri.host, uri.port, :use_ssl => true,
-                :verify_mode => OpenSSL::SSL::VERIFY_NONE) do |https|
-                    https.request(request)
-                end
-            response = check_response(response, valid_codes)
-            response.body
-        end
-
-    end
-
-end

data/lib/nsxt_dfw.rb

@@ -1,196 +0,0 @@
-# -------------------------------------------------------------------------- #
-# Copyright 2002-2024, OpenNebula Project, OpenNebula Systems                #
-#                                                                            #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
-# not use this file except in compliance with the License. You may obtain    #
-# a copy of the License at                                                   #
-#                                                                            #
-# http://www.apache.org/licenses/LICENSE-2.0                                 #
-#                                                                            #
-# Unless required by applicable law or agreed to in writing, software        #
-# distributed under the License is distributed on an "AS IS" BASIS,          #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
-# See the License for the specific language governing permissions and        #
-# limitations under the License.                                             #
-#--------------------------------------------------------------------------- #
-module NSXDriver
-
-    # Class Logical Switch
-    class NSXTdfw < DistributedFirewall
-
-        # ATTRIBUTES
-        attr_reader :one_section_id
-
-        # CONSTRUCTOR
-        # Creates OpenNebula section if not exists
-        def initialize(nsx_client)
-            super(nsx_client)
-            # Construct base URLs
-            @base_url = NSXConstants::NSXT_DFW_BASE
-            @url_sections = @base_url + \
-                            NSXConstants::NSXT_DFW_SECTIONS
-            @one_section_id = init_section
-        end
-
-        # Sections
-        # Creates OpenNebula section if not exists and returns
-        # its section_id. Returns its section_id if OpenNebula
-        # section already exists
-        def init_section
-            one_section = section_by_name(NSXConstants::ONE_SECTION_NAME)
-            one_section ||= create_section(NSXConstants::ONE_SECTION_NAME)
-            return one_section['id'] if one_section
-        end
-
-        # Get all sections
-        # Params:
-        # - None
-        # Return
-        # - nil | sections
-        def sections
-            result = @nsx_client.get(@url_sections)
-            result['results']
-        end
-
-        # Get section by id
-        # Params:
-        # - section_id: [String] ID of the section or @one_section_id
-        # Return
-        # - nil | section
-        def section_by_id(section_id = @one_section_id)
-            url = @url_sections + '/' + section_id
-            @nsx_client.get(url)
-        end
-
-        # Get section by name
-        # Params:
-        # - section_name: Name of the section
-        # Return
-        # - nil | section
-        def section_by_name(section_name)
-            result = nil
-            all_sections = sections
-            return result unless all_sections
-
-            all_sections.each do |section|
-                result = section if section['display_name'] == section_name
-            end
-            result
-        end
-
-        # Create new section and return the section
-        def create_section(section_name)
-            section_spec = %(
-              {
-                  "display_name": "#{section_name}",
-                  "section_type": "LAYER3",
-                  "stateful": true
-              }
-            )
-            section_id = @nsx_client.post(@url_sections, section_spec)
-            result = section_by_id(section_id)
-            raise 'Section was not created in DFW' unless result
-
-            result
-        end
-
-        # Delete section
-        # Params:
-        # - section_id: [String] ID of the section or @one_section_id
-        def delete_section(section_id = @one_section_id)
-            url = @url_sections + '/' + section_id
-            @nsx_client.delete(url)
-        end
-
-        # Rules
-        # Get all rules of a Section, OpenNebula section if it's not defined
-        # Return:
-        # - [Array]
-        def rules(section_id = @one_section_id)
-            url = @url_sections + '/' + section_id + '/rules'
-            @nsx_client.get(url)
-        end
-
-        # Get rule by id
-        # Return:
-        # rule | nil
-        def rule_by_id(rule_id)
-            url = @base_url + '/rules/' + rule_id
-            valid_codes = [NSXConstants::CODE_CREATED,
-                           NSXConstants::CODE_OK,
-                           NSXConstants::CODE_BAD_REQUEST,
-                           NSXConstants::CODE_NOT_FOUND]
-            additional_headers = []
-            @nsx_client.get(url, additional_headers, valid_codes)
-        end
-
-        # Get rules by name
-        # Return:
-        #  - Array with rules or an empty array
-        def rules_by_name(rule_name, section_id = @one_section_id)
-            rules = []
-            return rules unless section_id
-
-            all_rules = rules(section_id)
-            return rules unless all_rules
-
-            all_rules['results'].each do |rule|
-                rules << rule if rule['display_name'] == rule_name
-            end
-            rules
-        end
-
-        # Get rule by regex
-        # Return:
-        #  - Array with rules or an empty array
-        def rules_by_regex(regex, section_id = @one_section_id)
-            rules = []
-            return rules unless section_id
-
-            all_rules = rules(section_id)
-            return rules unless all_rules
-
-            all_rules['results'].each do |rule|
-                rules << rule if rule['display_name'].match(regex)
-            end
-            rules
-        end
-
-        # Create new rule
-        def create_rule(rule_spec, section_id = @one_section_id)
-            # Get revision from section
-            section = section_by_id(section_id)
-            unless section
-                error_msg = "Section with id #{section_id} not found"
-                error = NSXError::ObjectNotFound
-                        .new(error_msg)
-                raise error
-            end
-            revision_id = section['_revision']
-            rule_spec['_revision'] = revision_id
-            rule_spec = rule_spec.to_json
-            url = @url_sections + '/' + section_id + '/rules'
-            @nsx_client.post(url, rule_spec)
-        end
-
-        # Update rule
-        def update_rule(rule_id, rule_spec, section_id = @one_section_id)
-            url = @url_sections + '/' + section_id + '/rules/' + rule_id
-            rule = rule_by_id(rule_id)
-            raise "Rule id #{rule_id} not found" unless rule
-
-            rule_spec['_revision'] = rule['_revision']
-            rule_spec = rule_spec.to_json
-            @nsx_client.put(url, rule_spec)
-        end
-
-        # Delete rule
-        def delete_rule(rule_id, section_id = @one_section_id)
-            url = @url_sections + '/' + section_id + '/rules/' + rule_id
-            # Delete receive a 200 OK also if the rule doesn't exist
-            @nsx_client.delete(url)
-        end
-
-    end
-
-end

data/lib/nsxt_logical_port.rb

@@ -1,94 +0,0 @@
-# -------------------------------------------------------------------------- #
-# Copyright 2002-2024, OpenNebula Project, OpenNebula Systems                #
-#                                                                            #
-# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
-# not use this file except in compliance with the License. You may obtain    #
-# a copy of the License at                                                   #
-#                                                                            #
-# http://www.apache.org/licenses/LICENSE-2.0                                 #
-#                                                                            #
-# Unless required by applicable law or agreed to in writing, software        #
-# distributed under the License is distributed on an "AS IS" BASIS,          #
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
-# See the License for the specific language governing permissions and        #
-# limitations under the License.                                             #
-#--------------------------------------------------------------------------- #
-module NSXDriver
-
-    # Class NSXTLogicalPort
-    class NSXTLogicalPort < LogicalPort
-
-        # ATTRIBUTES
-        attr_reader :id, :name, :type, :url
-
-        # CONSTRUCTOR
-        # Logical port class variables:
-        # @lp_id
-        # @url_lp
-        # @lp_name
-        # @lp_type
-        def initialize(nsx_client, id = nil, data = nil)
-            super(nsx_client)
-            # lpid can be:
-            #   - Logical port attach ID
-            if id
-                initialize_with_id(id)
-            else
-                if data
-                    begin
-                        @id = new_logical_port(data)
-                    rescue NSXError::IncorrectResponseCodeError => e
-                        raise 'Logical Port not created in ' \
-                        "NSX Manager: #{e.message}"
-                    end
-                    unless @id
-                        raise 'Logical Port not created in NSX Manager: '\
-                              'generic error'
-                    end
-                    # Construct logical port class variables
-                    @url = NSXConstants::NSXT_LP_BASE + @id
-                    @name = lp_name
-                    @type = lp_type
-                end
-            end
-        end
-
-        # Creates a NSXTLogicalPort from its id
-        def initialize_with_id(id)
-            @id = lp_with_attachid(id)
-            # Construct URL of the created logical switch
-            @url = NSXConstants::NSXT_LP_BASE + @id
-            return unless lp?
-
-            @name = lp_name
-            @type = lp_type
-        end
-
-        # Check if logical port exists
-        def lp?
-            @nsx_client.get(@url)
-        end
-
-        # Get logical port id from attach id
-        def lp_with_attachid(attach_id)
-            lps = @nsx_client.get(NSXConstants::NSXT_LP_BASE)
-            lps['results'].each do |lp|
-                return lp['id'] if lp['attachment']['id'] == attach_id
-            end
-        end
-
-        # # Get logical port display name
-        def lp_name
-            lp = @nsx_client.get(@url)
-            lp['display_name']
-        end
-
-        # # Get resource type
-        def lp_type
-            lp = @nsx_client.get(@url)
-            lp['resource_type']
-        end
-
-    end
-
-end