neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent_v2 module

class neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent_v2.FWaaSL3AgentExtension(host, conf)

Bases: L3AgentExtension

FWaaS agent extension.

SUPPORTED_RESOURCE_TYPES = [<class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallGroup'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallPolicy'>, <class 'neutron_fwaas.db.firewall.v2.firewall_db_v2.FirewallRuleV2'>]
add_router(context, new_router)

Handles agent restart and router add. Fetches firewall groups from plugin and updates driver.

consume_api(agent_api)

Consume the AgentAPI instance from the AgentExtensionsManager.

Allows an extension to gain access to resources internal to the neutron agent and otherwise unavailable to the extension. Examples of such resources include bridges, ports, and routers.

Parameters:

agent_api – An instance of an agent-specific API.

create_firewall_group(context, firewall_group, host)

Handles RPC from plugin to create a firewall group.

delete_firewall_group(context, firewall_group, host)

Handles RPC from plugin to delete a firewall group.

delete_router(context, new_router)

Handles router deletion. There is basically nothing to do for this in the context of FWaaS with an IPTables driver; the namespace will already have been deleted, taking the IPTables rules with it.

ha_state_change(context, data)

Change router state from agent extension.

Called on HA router state change.

Parameters:

  • context – rpc context

  • data – dict of router_id and new state

initialize(connection, driver_type)

Perform agent core resource extension initialization.

Parameters:

  • connection – RPC connection that can be reused by the extension to define its RPC endpoints

  • driver_type – String that defines the agent type to the extension. Can be used to choose the right backend implementation.

Called after all extensions have been loaded. No resource (port, policy, router, etc.) handling will be called before this method.

process_services_sync(ctx)

Syncs with plugin and applies the sync data.

start_rpc_listeners(host, conf)
update_firewall_group(context, firewall_group, host)

Handles RPC from plugin to update a firewall group.

update_network(context, data)

Handle a network update event.

Called on network update.

Parameters:

  • context – RPC context.

  • data – dict of network data.

update_router(context, updated_router)

Handles agent restart and router update. Fetches firewall groups from plugin and updates driver.

class neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent_v2.FWaaSL3PluginApi(topic, host)

Bases: FWaaSPluginApiMixin

Agent side of the FWaaS agent-to-plugin RPC API.

firewall_group_deleted(context, fwg_id, **kwargs)

Notifies the plugin that a firewall group has been deleted.

get_firewall_groups_for_project(context, **kwargs)

Fetches a project’s firewall groups from the plugin.

get_projects_with_firewall_groups(context, **kwargs)

Fetches from the plugin all projects that have firewall groups configured.

set_firewall_group_status(context, fwg_id, status, **kwargs)

Sets firewall group’s status on the plugin.

class neutron_fwaas.services.firewall.service_drivers.agents.l3reference.firewall_l3_agent_v2.L3WithFWaaS(conf=None)

Bases: FWaaSL3AgentExtension