neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent module

neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent module

class neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent.FWaaSL3AgentExtension(host, conf)

Bases: neutron_lib.agent.l3_extension.L3AgentExtension

FWaaS Agent support to be used by Neutron L3 agent.

SUPPORTED_RESOURCE_TYPES = [<class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallGroup'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallPolicy'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallRuleV2'>]
add_router(context, new_router)

On router add, get fw with rules from plugin and update driver.

Handles agent restart, when a router is added, query the plugin to check if this router is in the router list for any firewall. If so install firewall rules on this router.

consume_api(agent_api)

Consume the AgentAPI instance from the AgentExtensionsManager.

Allows an extension to gain access to resources internal to the neutron agent and otherwise unavailable to the extension. Examples of such resources include bridges, ports, and routers.

Parameters:agent_api – An instance of an agent-specific API.
create_firewall(**kwargs)

Handle Rpc from plugin to create a firewall.

delete_firewall(**kwargs)

Handle Rpc from plugin to delete a firewall.

delete_router(context, new_router)

Handles router deletion. There is basically nothing to do for this in the context of FWaaS with an IPTables driver; the namespace will already have been deleted, taking the IPTables rules with it.

ha_state_change(context, data)

Change router state from agent extension.

Called on HA router state change.

Parameters:
  • context – rpc context
  • data – dict of router_id and new state
initialize(connection, driver_type)

Perform agent core resource extension initialization.

Parameters:
  • connection – RPC connection that can be reused by the extension to define its RPC endpoints
  • driver_type – String that defines the agent type to the extension. Can be used to choose the right backend implementation.

Called after all extensions have been loaded. No resource (port, policy, router, etc.) handling will be called before this method.

process_services_sync(ctx)
start_rpc_listeners(conf)
update_firewall(**kwargs)

Handle Rpc from plugin to update a firewall.

update_router(context, updated_router)

The update_router method is just a synonym for add_router

class neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent.FWaaSL3PluginApi(topic, host)

Bases: neutron_fwaas.services.firewall.service_drivers.agents.firewall_agent_api.FWaaSPluginApiMixin

Agent side of the FWaaS agent to FWaaS Plugin RPC API.

get_firewalls_for_tenant(context, **kwargs)

Get the Firewalls with rules from the Plugin to send to driver.

get_tenants_with_firewalls(context, **kwargs)

Get all Tenants that have Firewalls configured from plugin.

class neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent.L3WithFWaaS(conf=None)

Bases: neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent.FWaaSL3AgentExtension

Creative Commons Attribution 3.0 License

Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.