Update network settings

21c8e5de · Christos Stavrakakis · bd491ac0 · 21c8e5de · 21c8e5de · 21c8e5de
Commit 21c8e5de authored Jul 12, 2012 by Christos Stavrakakis
--- a/snf-cyclades-app/synnefo/api/networks.py
+++ b/snf-cyclades-app/synnefo/api/networks.py
@@ -157,7 +157,7 @@ def create_network(request):
        # TODO: Fix this temp values:
        subnet = d.get('cidr', '192.168.1.0/24')
        gateway = d.get('gateway', None)
-        type = d.get('type', 'PRIVATE_VLAN')
+        type = d.get('type', 'PRIVATE_MAC_FILTERED')
        dhcp = d.get('dhcp', True)
    except (KeyError, ValueError):
        raise BadRequest('Malformed request.')
@@ -165,13 +165,19 @@ def create_network(request):
    if type == 'PUBLIC_ROUTED':
        raise Unauthorized('Can not create a public network.')

+    mac_prefix = None
    try:
-        if type == 'PRIVATE_FILTERED':
-            link = settings.GANETI_PRIVATE_BRIDGE
+        if type == 'PRIVATE_MAC_FILTERED':
+            link = settings.PRIVATE_MAC_FILTERED_BRIDGE
            mac_prefix = MacPrefixPool.get_available().value
-        else:  # PRIVATE_VLAN
+        elif type == 'PRIVATE_PHYSICAL_VLAN':
            link = BridgePool.get_available().value
-            mac_prefix = None
+        elif type == 'CUSTOM_ROUTED':
+            link = settings.CUSTOM_ROUTED_ROUTING_TABLE
+        elif type == 'CUSTOM_BRIDGED':
+            link = settings.CUSTOM_BRIDGED_BRIDGE
+        else:
+            raise BadRequest('Unknown network type')
    except Pool.PoolExhausted:
        raise OverLimit('Network count limit exceeded.')


--- a/snf-cyclades-app/synnefo/app_settings/default/api.py
+++ b/snf-cyclades-app/synnefo/app_settings/default/api.py
@@ -21,33 +21,64 @@ POLL_LIMIT = 3600
 # Network Configuration
 #

-# Synnefo assigns this link id to NICs connected on the public network.
-# An IP pool should be associated with this link by the Ganeti administrator.
-GANETI_PUBLIC_NETWORK = 'snf-1'
-GANETI_PRIVATE_BRIDGE = 'br2990'
-# This link id is assigned to NICs that should be isolated from anything else
-# (e.g., right before the NIC gets deleted).
-# This value is also hardcoded in a fixture in db/fixtures/initial_data.json.
-GANETI_NULL_LINK = 'snf_public'
-
-# The pool of private network links to use is
-# $GANETI_LINK_PREFIX{1..$GANETI_MAX_LINK_NUMBER}.
-#
-# The prefix to use for private network links.
-GANETI_LINK_PREFIX = 'prv'
-# The number of private network links to use.
-GANETI_MAX_LINK_NUMBER = 100
+# Name of the network in Ganeti corresponding to the default public network.
+# All created VMs will obtain an IP from this network.
+GANETI_PUBLIC_NETWORK = 'snf-net-1'
+
+ENABLED_NETWORKS = ['PUBLIC_ROUTED',
+                    'PRIVATE_MAC_FILTERED',
+                    'PRIVATE_PHYSICAL_VLAN']
+                    # CUSTOM_ROUTED,
+                    # CUSTOM_BRIDGED,
+
+# Settings for PUBLIC_ROUTED network:
+# -----------------------------------
+# In this case VMCs act as routers that forward the traffic to/from VMs, based
+# on the defined routing table($PUBLIC_ROUTED_ROUTING_TABLE) and ip rules, that
+# exist in every node, implenting an IP-less routed and proxy-arp setup.
+# (This value is also hardcoded in fixture db/fixtures/initial_data.json)
+PUBLIC_ROUTED_ROUTING_TABLE = 'snf_public'
+PUBLIC_ROUTED_TAGS = ['ip-less-routed']
+
+# Settings for PRIVATE_MAC_FILTERED network:
+# ------------------------------------------
+# All networks of this type are bridged to the same bridge. Isolation between
+# networks is achieved by assigning a unique MAC-prefix to each network and
+# filtering packets via ebtables.
+PRIVATE_MAC_FILTERED_BRIDGE = 'br0'
 # The first mac prefix to use
-GANETI_BASE_MAC_PREFIX = 'aa:00:01'
-# The number of mac prefixes to use.
-GANETI_MAX_MAC_PREFIX_NUMBER = 4096
+PRIVATE_MAC_FILTERED_BASE_MAC_PREFIX = 'aa:00:00'
+PRIVATE_MAC_FILTERED_MAX_PREFIX_NUMBER = 8192
+PRIVATE_MAC_FILTERED_TAGS = ['private-filtered']
+
+# Settings for PRIVATE_PHSICAL_VLAN network:
+# ------------------------------------------
+# Each network of this type is mapped to an isolated physical VLAN, which must
+# be preconfigured in the backend. Each vlan corresponds to a bridge named
+# $PRIVATE_PHYSICAL_VLAN_PREFIX{1..$PRIVATE_PHYSICAL_VLAN_MAX_NUMBER} (e.g. prv5)
+# VirtualMachine's taps are eventually bridged to the corresponding bridge.
+PRIVATE_PHYSICAL_VLAN_BRIDGE_PREFIX = 'prv'
+# The max limit of physical vlan pool
+PRIVATE_PHYSICAL_VLAN_MAX_NUMBER = 100
+
+
+# Settings for CUSTOM_ROUTED:
+# ---------------------------
+# Same as PUBLIC_ROUTED but with custom values
+CUSTOM_ROUTED_ROUTING_TABLE = 'custom_routing_table'
+CUSTOM_ROUTED_TAGS = []
+
+# Settings for CUSTOM_BRIDGED:
+# ---------------------------
+# Same as PRIVATE_BRIDGED but with custom values
+CUSTOM_BRIDGED_BRIDGE = 'custom_bridge'
+CUSTOM_BRIDGED_TAGS = []

 # Firewalling
 GANETI_FIREWALL_ENABLED_TAG = 'synnefo:network:0:protected'
 GANETI_FIREWALL_DISABLED_TAG = 'synnefo:network:0:unprotected'
 GANETI_FIREWALL_PROTECTED_TAG = 'synnefo:network:0:limited'

-
 # The default firewall profile that will be in effect if no tags are defined
 DEFAULT_FIREWALL_PROFILE = 'DISABLED'


--- a/snf-cyclades-app/synnefo/db/models.py
+++ b/snf-cyclades-app/synnefo/db/models.py
@@ -430,22 +430,20 @@ class Network(models.Model):

    NETWORK_TYPES = (
        ('PUBLIC_ROUTED', 'Public routed network'),
-        ('PRIVATE_VLAN', 'Private vlan network'),
-        ('PRIVATE_FILTERED', 'Private network with mac-filtering')
+        ('PRIVATE_PHYSICAL_VLAN', 'Private vlan network'),
+        ('PRIVATE_MAC_FILTERED', 'Private network with mac-filtering'),
+        ('CUSTOM_ROUTED', 'Custom routed network'),
+        ('CUSTOM_BRIDGED', 'Custom bridged network')
    )

-    NETWORK_TAGS = {
-        'PUBLIC_ROUTED': ['ip-less-routed'],
-        'PRIVATE_VLAN': ['physical-vlan'],
-        'PRIVATE_FILTERED': ['mac-filtered']
-    }

    name = models.CharField('Network Name', max_length=128)
    userid = models.CharField('User ID of the owner', max_length=128, null=True)
    subnet = models.CharField('Subnet', max_length=32, default='10.0.0.0/24')
    gateway = models.CharField('Gateway', max_length=32, null=True)
    dhcp = models.BooleanField('DHCP', default=True)
-    type = models.CharField(choices=NETWORK_TYPES, max_length=50, default='PRIVATE_VLAN')
+    type = models.CharField(choices=NETWORK_TYPES, max_length=50,
+                            default='PRIVATE_PHYSICAL_VLAN')
    link = models.CharField('Network Link', max_length=128, null=True)
    mac_prefix = models.CharField('MAC Prefix', max_length=32, null=True)
    public = models.BooleanField(default=False)
@@ -495,7 +493,7 @@ class Network(models.Model):
        """Return the network tag to be used in backend

        """
-        return Network.NETWORK_TAGS[self.type]
+        return getattr(snf_settings, self.type + '_TAGS')

    def __unicode__(self):
        return self.name
@@ -667,22 +665,22 @@ class Pool(models.Model):


 class BridgePool(Pool):
-    max_index = snf_settings.GANETI_MAX_LINK_NUMBER
+    max_index = snf_settings.PRIVATE_PHYSICAL_VLAN_MAX_NUMBER

    @staticmethod
    def value_from_index(index):
-        return snf_settings.GANETI_LINK_PREFIX + str(index)
+        return snf_settings.PRIVATE_PHYSICAL_VLAN_BRIDGE_PREFIX + str(index)


 class MacPrefixPool(Pool):
-    max_index = snf_settings.GANETI_MAX_MAC_PREFIX_NUMBER
+    max_index = snf_settings.PRIVATE_MAC_FILTERED_MAX_PREFIX_NUMBER

    @staticmethod
    def value_from_index(index):
        """Convert number to mac prefix

        """
-        high = snf_settings.GANETI_BASE_MAC_PREFIX
+        high = snf_settings.PRIVATE_MAC_FILTERED_BASE_MAC_PREFIX
        a = hex(int(high.replace(":", ""), 16) + index).replace("0x", '')
        mac_prefix = ":".join([a[x:x + 2] for x in xrange(0, len(a), 2)])
        return mac_prefix
--- a/snf-cyclades-app/synnefo/logic/backend.py
+++ b/snf-cyclades-app/synnefo/logic/backend.py
@@ -407,7 +407,10 @@ def connect_network(network, backend_jobs=None):

    """

-    mode = network.public and 'routed' or 'bridged'
+    if network.type in ('PUBLIC_ROUTED', 'CUSTOM_ROUTED'):
+        mode = 'routed'
+    else:
+        mode = 'bridged'

    if not backend_jobs:
        backend_jobs = [(backend, []) for backend in
@@ -424,7 +427,10 @@ def connect_network_group(backend, network, group):
    """Connect a network to a specific nodegroup of a backend.

    """
-    mode = network.public and 'routed' or 'bridged'
+    if network.type in ('PUBLIC_ROUTED', 'CUSTOM_ROUTED'):
+        mode = 'routed'
+    else:
+        mode = 'bridged'

    return backend.client.ConnectNetwork(network.backend_id, group, mode,
                                         network.link)
@@ -617,7 +623,10 @@ def _create_network_synced(network, backend):


 def connect_network_synced(network, backend):
-    mode = network.public and 'routed' or 'bridged'
+    if network.type in ('PUBLIC_ROUTED', 'CUSTOM_ROUTED'):
+        mode = 'routed'
+    else:
+        mode = 'bridged'
    client = backend.client

    for group in client.GetGroups():