smart_proxy_ipam 0.0.9 → 0.0.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 903c2fe4707574d5898ba16c5974484b6969b30d93bb7111068fd4f612e44432
-  data.tar.gz: 7c274fbb32851d7dea75a900a5f76fcaad0d317ef3ea1422274f5db265ca2be6
+  metadata.gz: f3812263cf984e604cf0b7272bf9519cf503ea883b46a353a6f1edbcaefe7eab
+  data.tar.gz: 11a128c3d83dc3f6c2b4c9157846076a351c4dc0ab82c4c7b332ddcb1a23349f
 SHA512:
-  metadata.gz: 2377fc0504d1ca888c3d3710d00a1ab4f993c16f122e8d8570c5c8d60d89bcc9b9cf0dd7c8b3c7af182b2b02b8f2318c4addf54c270c682b13e76cdfdc6316c7
-  data.tar.gz: 63a7b1dec614cd796c68542a63b2263c5bcfd08d4043e1095535154d4f67d1b5c1d00dd90bc06b6ae657e0306c31c08a73a35fff10ed04f9305022bfd0fb7bbf
+  metadata.gz: 517e692d368b9febe9d8c34eba7b9e9e7e919714cf7d560d6df4483f28e0e8bb3f8ef485030cd68f08458a7c87dacb358e8a4aac1bd4882b95df0c696415587e
+  data.tar.gz: 5bb0c0a9bf0ce71d58d2fc234429568882d210436b21589acbc74d96a4bddcca6b6ccb4f4ae371f805368db9fa71bda6bc21c946a2ed00b52090ce7f2e5a7179

data/lib/smart_proxy_ipam/phpipam/phpipam_api.rb

@@ -10,11 +10,6 @@ module Proxy::Phpipam
     include ::Proxy::Log
     helpers ::Proxy::Helpers
 
-    get '/providers' do
-      content_type :json
-      {:ipam_providers => ['phpIPAM']}.to_json
-    end
-
     # Gets the next available IP address based on a given subnet
     # 
     # Input:   cidr(string): CIDR address in the format: "100.20.20.0/24"
@@ -29,26 +24,30 @@ module Proxy::Phpipam
 
       begin
         cidr = params[:cidr]
+        mac = params[:mac]
 
         if not cidr
           return {:error => "A 'cidr' parameter for the subnet must be provided(e.g. 100.10.10.0/24)"}.to_json
         end
+        if not mac
+          return {:error => "A 'mac' address must be provided(e.g. 00:0a:95:9d:68:10)"}.to_json
+        end
 
         phpipam_client = PhpipamClient.new
-        response = phpipam_client.get_subnet(cidr)
+        subnet = JSON.parse(phpipam_client.get_subnet(cidr))
 
-        if response['message'] && response['message'].downcase == "no subnets found"
+        if !subnet.kind_of?(Array) && subnet['message'] && subnet['message'].downcase == "no subnets found"
           return {:error => "The specified subnet does not exist in External IPAM."}.to_json
         end
-  
-        subnet_id = JSON.parse(response)[0]['id']
-        response = phpipam_client.get_next_ip(subnet_id)
+        
+        subnet_id = subnet[0]['id']
+        ip = phpipam_client.get_next_ip(subnet_id, mac, cidr)
 
-        if response['message'] && response['message'].downcase == "no free addresses found"
+        if !ip.kind_of?(Array) && ip['message'] && ip['message'].downcase == "no free addresses found"
           return {:error => "There are no more free addresses in subnet #{cidr}"}.to_json
         end
 
-        {:cidr => cidr, :next_ip => response['data']}.to_json
+        {:cidr => cidr, :next_ip => ip['next_ip']}.to_json
       rescue Errno::ECONNREFUSED
         return {:error => "Unable to connect to External IPAM server"}.to_json
       end
@@ -115,9 +114,9 @@ module Proxy::Phpipam
       end
     end
 
-    # Get a list of subnets for given external ipam section
+    # Get a list of subnets for given external ipam section/group
     #
-    # Input: section_id(integer). The id of the external ipam section
+    # Input: section_name(string). The name of the external ipam section/group
     # Returns: Array of subnets(as json) in "data" key on success, hash with error otherwise
     # Examples:
     #   Response if success: 
@@ -169,19 +168,19 @@ module Proxy::Phpipam
     #       "time":0.012
     #     }
     #   Response if :error =>   
-    #     {"error":"Unable to connect to phpIPAM server"}
-    get '/sections/:section_id/subnets' do
+    #     {"error":"Unable to connect to External IPAM server"}
+    get '/sections/:section_name/subnets' do
       content_type :json 
 
       begin
-        section_id = params[:section_id]
+        section_name = URI.decode(params[:section_name])
         
-        if not section_id
-          return {:error => "A 'section_id' must be provided"}.to_json
+        if not section_name
+          return {:error => "A 'section_name' must be provided"}.to_json
         end
 
         phpipam_client = PhpipamClient.new
-        subnets = phpipam_client.get_subnets(section_id)
+        subnets = phpipam_client.get_subnets(section_name)
         subnets.to_json
       rescue Errno::ECONNREFUSED
         return {:error => "Unable to connect to External IPAM server"}.to_json

data/lib/smart_proxy_ipam/phpipam/phpipam_client.rb

@@ -1,37 +1,37 @@
 require 'yaml'
-require 'logger'
 require 'json' 
 require 'net/http'
+require 'monitor'
+require 'concurrent'
 require 'smart_proxy_ipam/ipam'
 require 'smart_proxy_ipam/ipam_main'
 
 module Proxy::Phpipam
   class PhpipamClient
+    include Proxy::Log
+
+    MAX_RETRIES = 5
+    DEFAULT_CLEANUP_INTERVAL = 120  # 2 mins
+    @@ip_cache = nil
+
     def initialize 
-      conf = Proxy::Ipam.get_config[:phpipam]
-      @phpipam_config = {
-        :url => conf[:url], 
-        :user => conf[:user], 
-        :password => conf[:password]
-      }
-      @api_base = "#{conf[:url]}/api/#{conf[:user]}/"
+      @conf = Proxy::Ipam.get_config[:phpipam]
+      @api_base = "#{@conf[:url]}/api/#{@conf[:user]}/"
       @token = nil
-    end
-
-    def init_reservations
-      @@ipam_reservations = {}
+      @m = Monitor.new
+      init_cache if @@ip_cache.nil?
+      start_cleanup_task
     end
 
     def get_subnet(cidr)
-      url = "subnets/cidr/#{cidr.to_s}"
-      subnets = get(url)
+      subnets = get("subnets/cidr/#{cidr.to_s}")
       response = []
 
       if subnets
         if subnets['message'] && subnets['message'].downcase == 'no subnets found'
           return {:message => "no subnets found"}.to_json
         else 
-          # Only return the relevant fields to Foreman
+          # Only return the relevant fields
           subnets['data'].each do |subnet|
             response.push({
               :id => subnet['id'],
@@ -68,12 +68,16 @@ module Proxy::Phpipam
       response
     end
 
-    def get_subnets(section_id)
-      subnets = get("sections/#{section_id.to_s}/subnets/")
-      response = []
+    def get_subnets(section_name)
+      sections = get_sections
+      section = sections.select {|section| section[:name] == section_name}
+      return {:error => "Section '#{section_name}' not found"}.to_json if section.size == 0
+      section_id = section[0][:id].to_s 
+      subnets = get("sections/#{section_id}/subnets/")
+      response = [] 
 
       if subnets && subnets['data']
-        # Only return the relevant data
+        # Only return the relevant fields
         subnets['data'].each do |subnet|
           response.push({
             :id => subnet['id'],
@@ -92,7 +96,7 @@ module Proxy::Phpipam
       usage = get_subnet_usage(subnet_id)
 
       # We need to check subnet usage first in the case there are zero ips in the subnet. Checking
-      # the ip existence on an empty subnet returns a malformed response from phpIPAM, containing
+      # the ip existence on an empty subnet returns a malformed response from phpIPAM(v1.3), containing
       # HTML in the JSON response.
       if usage['data']['used'] == "0"
         return {:ip => ip, :exists => false}.to_json
@@ -116,9 +120,120 @@ module Proxy::Phpipam
       delete("addresses/#{ip}/#{subnet_id.to_s}/") 
     end
 
-    def get_next_ip(subnet_id)
-      url = "subnets/#{subnet_id.to_s}/first_free/"
-      get(url)
+    def get_next_ip(subnet_id, mac, cidr)
+      response = get("subnets/#{subnet_id.to_s}/first_free/")
+      subnet_hash = @@ip_cache[cidr.to_sym]
+
+      return response if response['message']
+
+      if subnet_hash&.key?(mac.to_sym)
+        response['next_ip'] = @@ip_cache[cidr.to_sym][mac.to_sym]
+      else
+        new_ip = response['data']
+        ip_not_in_cache = subnet_hash&.key(new_ip).nil?
+
+        if ip_not_in_cache
+          next_ip = new_ip.to_s
+          add_ip_to_cache(new_ip, mac, cidr)
+        else
+          next_ip = find_new_ip(subnet_id, new_ip, mac, cidr)
+        end
+
+        if next_ip.nil?
+          response['error'] = "Unable to find another available IP address in subnet #{cidr}"
+          return response
+        end
+
+        unless usable_ip(next_ip, cidr)
+          response['error'] = "It is possible that there are no more free addresses in subnet #{cidr}. Available IP's may be cached, and could become available after in-memory IP cache is cleared(up to #{CLEAR_CACHE_DELAY} seconds)."
+          return response
+        end
+
+        response['next_ip'] = next_ip
+      end
+
+      response
+    end
+
+    def start_cleanup_task
+      logger.info("Starting allocated ip address maintenance (used by get_next_ip call).")
+      @timer_task = Concurrent::TimerTask.new(:execution_interval => DEFAULT_CLEANUP_INTERVAL) { init_cache }
+      @timer_task.execute
+    end
+
+    private
+
+    # @@ip_cache structure
+    # {  
+    #   "100.55.55.0/24":{  
+    #      "00:0a:95:9d:68:10": "100.55.55.1"
+    #   },
+    #   "123.11.33.0/24":{  
+    #     "00:0a:95:9d:68:33": "123.11.33.1",
+    #     "00:0a:95:9d:68:34": "123.11.33.2",
+    #     "00:0a:95:9d:68:35": "123.11.33.3"
+    #   }
+    # }
+    def init_cache
+      logger.debug("Clearing ip cache.")
+      @m.synchronize do
+        @@ip_cache = {}
+      end
+    end
+
+    def add_ip_to_cache(ip, mac, cidr)
+      logger.debug("Adding IP #{ip} to cache for subnet #{cidr}")
+      @m.synchronize do
+        if @@ip_cache.key?(cidr.to_sym)
+          @@ip_cache[cidr.to_sym][mac.to_sym] = ip.to_s
+        else
+          @@ip_cache = @@ip_cache.merge({cidr.to_sym => {mac.to_sym => ip.to_s}})
+        end
+      end
+    end
+
+    # Called when next available IP from external IPAM has been cached by another user/host, but 
+    # not actually persisted in external IPAM. Try to increment the IP(MAX_RETRIES times), and 
+    # see if it is available in external IPAM.
+    def find_new_ip(subnet_id, ip, mac, cidr)
+      found_ip = nil
+      temp_ip = ip
+      retry_count = 0
+
+      loop do
+        new_ip = increment_ip(temp_ip)
+        verify_ip = JSON.parse(ip_exists(new_ip, subnet_id))
+
+        # If new IP doesn't exist in IPAM and not in the cache
+        if verify_ip['exists'] == false && !ip_exists_in_cache(new_ip, cidr)
+          found_ip = new_ip.to_s
+          add_ip_to_cache(found_ip, mac, cidr)
+          break
+        end
+
+        temp_ip = new_ip
+        retry_count += 1
+        break if retry_count >= MAX_RETRIES
+      end
+
+      # Return the original IP found in external ipam if no new ones found after MAX_RETRIES
+      return ip if found_ip.nil?
+
+      found_ip
+    end
+
+    def increment_ip(ip)
+      IPAddr.new(ip.to_s).succ.to_s
+    end
+
+    def ip_exists_in_cache(ip, cidr)
+      @@ip_cache[cidr.to_sym] && !@@ip_cache[cidr.to_sym].key(ip).nil?
+    end
+
+    # Checks if given IP is within a subnet. Broadcast address is considered unusable
+    def usable_ip(ip, cidr)
+      network = IPAddr.new(cidr)
+      network.include?(IPAddr.new(ip)) && network.to_range.last != ip
     end
 
     def get(path, body=nil)
@@ -166,7 +281,7 @@ module Proxy::Phpipam
     def authenticate
       auth_uri = URI(@api_base + '/user/')
       request = Net::HTTP::Post.new(auth_uri)
-      request.basic_auth @phpipam_config[:user], @phpipam_config[:password]
+      request.basic_auth @conf[:user], @conf[:password]
 
       response = Net::HTTP.start(auth_uri.hostname, auth_uri.port) {|http|
         http.request(request)
@@ -174,6 +289,6 @@ module Proxy::Phpipam
 
       response = JSON.parse(response.body)
       @token = response['data']['token']
-    end
+    end    
   end
 end

data/lib/smart_proxy_ipam/version.rb

@@ -1,6 +1,6 @@
 
 module Proxy
   module Ipam
-    VERSION = '0.0.9'
+    VERSION = '0.0.10'
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: smart_proxy_ipam
 version: !ruby/object:Gem::Version
-  version: 0.0.9
+  version: 0.0.10
 platform: ruby
 authors:
 - Christopher Smith
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-12 00:00:00.000000000 Z
+date: 2019-08-22 00:00:00.000000000 Z
 dependencies: []
 description: Smart proxy plugin for IPAM integration with various IPAM providers
 email: chrisjsmith001@gmail.com
@@ -49,8 +49,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.7
+rubygems_version: 3.0.6
 signing_key: 
 specification_version: 4
 summary: Smart proxy plugin for IPAM integration with various IPAM providers