当前位置: 首页>>代码示例>>Python>>正文


Python refcount.RefHelper类代码示例

本文整理汇总了Python中calico.felix.refcount.RefHelper的典型用法代码示例。如果您正苦于以下问题:Python RefHelper类的具体用法?Python RefHelper怎么用?Python RefHelper使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了RefHelper类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: __init__

    def __init__(self, profile_id, ip_version, iptables_updater, ipset_mgr):
        super(ProfileRules, self).__init__(qualifier=profile_id)
        assert profile_id is not None

        self.id = profile_id
        self.ip_version = ip_version
        self._ipset_mgr = ipset_mgr
        self._iptables_updater = iptables_updater
        self._ipset_refs = RefHelper(self, ipset_mgr, self._on_ipsets_acquired)

        # Latest profile update - a profile dictionary.
        self._pending_profile = None
        # Currently-programmed profile dictionary.
        self._profile = None

        # State flags.
        self._notified_ready = False
        self._cleaned_up = False
        self._dead = False
        self._dirty = True

        self.chain_names = {
            "inbound": profile_to_chain_name("inbound", profile_id),
            "outbound": profile_to_chain_name("outbound", profile_id),
        }
        _log.info("Profile %s has chain names %s",
                  profile_id, self.chain_names)
开发者ID:nikolayvoronchikhin,项目名称:calico,代码行数:27,代码来源:profilerules.py

示例2: __init__

    def __init__(self, config, endpoint_id, ip_type, iptables_updater,
                 dispatch_chains, rules_manager):
        super(LocalEndpoint, self).__init__(qualifier="%s(%s)" %
                                            (endpoint_id.endpoint, ip_type))
        assert isinstance(dispatch_chains, DispatchChains)
        assert isinstance(rules_manager, RulesManager)

        self.endpoint_id = endpoint_id

        self.config = config
        self.ip_type = ip_type
        self.ip_version = futils.IP_TYPE_TO_VERSION[ip_type]
        self.iptables_updater = iptables_updater
        self.dispatch_chains = dispatch_chains
        self.rules_mgr = rules_manager
        self.rules_ref_helper = RefHelper(self, rules_manager,
                                          self._on_profiles_ready)

        # Will be filled in as we learn about the OS interface and the
        # endpoint config.
        self.endpoint = None
        self._iface_name = None
        self._suffix = None

        # Track whether the last attempt to program the dataplane succeeded.
        # We'll force a reprogram next time we get a kick.
        self._failed = False
        # And whether we've received an update since last time we programmed.
        self._dirty = False
开发者ID:ruo91,项目名称:calico,代码行数:29,代码来源:endpoint.py

示例3: __init__

    def __init__(self, config, combined_id, ip_type, iptables_updater,
                 dispatch_chains, rules_manager, status_reporter):
        """
        Controls a single local endpoint.

        :param combined_id: EndpointId for this endpoint.
        :param ip_type: IP type for this endpoint (IPv4 or IPv6)
        :param iptables_updater: IptablesUpdater to use
        :param dispatch_chains: DispatchChains to use
        :param rules_manager: RulesManager to use
        """
        super(LocalEndpoint, self).__init__(qualifier="%s(%s)" %
                                            (combined_id.endpoint, ip_type))
        assert isinstance(dispatch_chains, DispatchChains)
        assert isinstance(rules_manager, RulesManager)

        self.config = config

        self.combined_id = combined_id
        self.ip_type = ip_type

        # Other actors we need to talk to.
        self.iptables_updater = iptables_updater
        self.dispatch_chains = dispatch_chains
        self.rules_mgr = rules_manager
        self.status_reporter = status_reporter

        # Helper for acquiring/releasing profiles.
        self.rules_ref_helper = RefHelper(self, rules_manager,
                                          self._on_profiles_ready)

        # Per-batch state.
        self._pending_endpoint = None
        self._endpoint_update_pending = False
        self._mac_changed = False

        # Current endpoint data.
        self.endpoint = None

        # Will be filled in as we learn about the OS interface and the
        # endpoint config.
        self._mac = None
        self._iface_name = None
        self._suffix = None

        # Track the success/failure of our dataplane programming.
        self._chains_programmed = False
        self._iptables_in_sync = False
        self._device_in_sync = False

        # Oper-state of the Linux interface.
        self._device_is_up = None  # Unknown

        # Our last status report.  Used for de-dupe.
        self._last_status = None

        # One-way flags to indicate that we should clean up/have cleaned up.
        self._unreferenced = False
        self._added_to_dispatch_chains = False
        self._cleaned_up = False
开发者ID:sudeshm,项目名称:calico,代码行数:60,代码来源:endpoint.py

示例4: __init__

    def __init__(self, config, combined_id, ip_type, iptables_updater,
                 dispatch_chains, rules_manager):
        """
        Controls a single local endpoint.

        :param combined_id: EndpointId for this endpoint.
        :param ip_type: IP type for this endpoint (IPv4 or IPv6)
        :param iptables_updater: IptablesUpdater to use
        :param dispatch_chains: DispatchChains to use
        :param rules_manager: RulesManager to use
        """
        super(LocalEndpoint, self).__init__(qualifier="%s(%s)" %
                                            (combined_id.endpoint, ip_type))
        assert isinstance(dispatch_chains, DispatchChains)
        assert isinstance(rules_manager, RulesManager)

        self.config = config

        self.combined_id = combined_id
        self.ip_type = ip_type

        self.iptables_updater = iptables_updater
        self.dispatch_chains = dispatch_chains
        self.rules_mgr = rules_manager

        self.rules_ref_helper = RefHelper(self, rules_manager,
                                          self._on_profiles_ready)

        self._pending_endpoint = None
        self._endpoint_update_pending = False
        self._mac_changed = False

        # Will be filled in as we learn about the OS interface and the
        # endpoint config.
        self.endpoint = None
        self._mac = None
        self._iface_name = None
        self._suffix = None

        # Keep track of which dependencies we're missing.
        self._missing_deps = self._calculate_missing_deps()

        # Track the success/failure of our dataplane programming.
        self._iptables_in_sync = False
        self._device_in_sync = False

        # One-way flags to indicate that we should clean up/have cleaned up.
        self._unreferenced = False
        self._added_to_dispatch_chains = False
        self._cleaned_up = False
开发者ID:vi4m,项目名称:calico,代码行数:50,代码来源:endpoint.py

示例5: __init__

    def __init__(self, config, combined_id, ip_type, iptables_updater,
                 dispatch_chains, rules_manager):
        """
        Controls a single local endpoint.

        :param combined_id: EndpointId for this endpoint.
        :param ip_type: IP type for this endpoint (IPv4 or IPv6)
        :param iptables_updater: IptablesUpdater to use
        :param dispatch_chains: DispatchChains to use
        :param rules_manager: RulesManager to use
        """
        super(LocalEndpoint, self).__init__(qualifier="%s(%s)" %
                                            (combined_id.endpoint, ip_type))
        assert isinstance(dispatch_chains, DispatchChains)
        assert isinstance(rules_manager, RulesManager)

        self.combined_id = combined_id

        self.config = config
        self.ip_type = ip_type
        self.ip_version = futils.IP_TYPE_TO_VERSION[ip_type]
        if self.ip_type == IPV4:
            self.nets_key = "ipv4_nets"
        else:
            self.nets_key = "ipv6_nets"
        self.iptables_updater = iptables_updater
        self.dispatch_chains = dispatch_chains
        self.rules_mgr = rules_manager
        self.rules_ref_helper = RefHelper(self, rules_manager,
                                          self._on_profiles_ready)

        # Will be filled in as we learn about the OS interface and the
        # endpoint config.
        self.endpoint = None
        self._mac = None
        self._iface_name = None
        self._suffix = None

        # Track whether the last attempt to program the dataplane succeeded.
        # We'll force a reprogram next time we get a kick.
        self._failed = False
        # And whether we've received an update since last time we programmed.
        self._dirty = False
开发者ID:nikolayvoronchikhin,项目名称:calico,代码行数:43,代码来源:endpoint.py

示例6: __init__

    def __init__(self, iptables_generator, profile_id, ip_version,
                 iptables_updater, ipset_mgr):
        super(ProfileRules, self).__init__(qualifier=profile_id)
        assert profile_id is not None

        self.iptables_generator = iptables_generator
        self.id = profile_id
        self.ip_version = ip_version
        self._ipset_mgr = ipset_mgr
        self._iptables_updater = iptables_updater
        self._ipset_refs = RefHelper(self, ipset_mgr, self._on_ipsets_acquired)

        # Latest profile update - a profile dictionary.
        self._pending_profile = None
        # Currently-programmed profile dictionary.
        self._profile = None
        self._required_tags = set()

        # State flags.
        self._notified_ready = False
        self._cleaned_up = False
        self._dead = False
        self._dirty = True
开发者ID:DockerLab,项目名称:calico,代码行数:23,代码来源:profilerules.py

示例7: __init__

    def __init__(self, profile_id, ip_version, iptables_updater, ipset_mgr):
        super(ProfileRules, self).__init__(qualifier=profile_id)
        assert profile_id is not None

        self.id = profile_id
        self.ip_version = ip_version
        self.ipset_mgr = ipset_mgr
        self._iptables_updater = iptables_updater
        self.notified_ready = False

        self.ipset_refs = RefHelper(self, ipset_mgr, self._maybe_update)

        self._profile = None
        """
        :type dict|None: filled in by first update.  Reset to None on delete.
        """
        self.dead = False

        self.chain_names = {
            "inbound": profile_to_chain_name("inbound", profile_id),
            "outbound": profile_to_chain_name("outbound", profile_id),
        }
        _log.info("Profile %s has chain names %s",
                  profile_id, self.chain_names)
开发者ID:ahrkrak,项目名称:calico,代码行数:24,代码来源:profilerules.py

示例8: LocalEndpoint

class LocalEndpoint(RefCountedActor):
    def __init__(self, config, combined_id, ip_type, iptables_updater, dispatch_chains, rules_manager, status_reporter):
        """
        Controls a single local endpoint.

        :param combined_id: EndpointId for this endpoint.
        :param ip_type: IP type for this endpoint (IPv4 or IPv6)
        :param iptables_updater: IptablesUpdater to use
        :param dispatch_chains: DispatchChains to use
        :param rules_manager: RulesManager to use
        """
        super(LocalEndpoint, self).__init__(qualifier="%s(%s)" % (combined_id.endpoint, ip_type))
        assert isinstance(dispatch_chains, DispatchChains)
        assert isinstance(rules_manager, RulesManager)

        self.config = config
        self.iptables_generator = config.plugins["iptables_generator"]

        self.combined_id = combined_id
        self.ip_type = ip_type

        # Other actors we need to talk to.
        self.iptables_updater = iptables_updater
        self.dispatch_chains = dispatch_chains
        self.rules_mgr = rules_manager
        self.status_reporter = status_reporter

        # Helper for acquiring/releasing profiles.
        self.rules_ref_helper = RefHelper(self, rules_manager, self._on_profiles_ready)

        # Per-batch state.
        self._pending_endpoint = None
        self._endpoint_update_pending = False
        self._mac_changed = False

        # Current endpoint data.
        self.endpoint = None

        # Will be filled in as we learn about the OS interface and the
        # endpoint config.
        self._mac = None
        self._iface_name = None
        self._suffix = None

        # Track the success/failure of our dataplane programming.
        self._chains_programmed = False
        self._iptables_in_sync = False
        self._device_in_sync = False

        # Oper-state of the Linux interface.
        self._device_is_up = None  # Unknown

        # Our last status report.  Used for de-dupe.
        self._last_status = None

        # One-way flags to indicate that we should clean up/have cleaned up.
        self._unreferenced = False
        self._added_to_dispatch_chains = False
        self._cleaned_up = False

    @property
    def nets_key(self):
        if self.ip_type == IPV4:
            return "ipv4_nets"
        else:
            return "ipv6_nets"

    @property
    def _admin_up(self):
        return not self._unreferenced and self.endpoint and self.endpoint.get("state") == "active"

    @actor_message()
    def on_endpoint_update(self, endpoint, force_reprogram=False):
        """
        Called when this endpoint has received an update.
        :param dict[str]|NoneType endpoint: endpoint parameter dictionary.
        """
        _log.info("%s updated: %s", self, endpoint)
        assert not self._unreferenced, "Update after being unreferenced"

        # Store off the update, to be handled in _finish_msg_batch.
        self._pending_endpoint = endpoint
        self._endpoint_update_pending = True
        if force_reprogram:
            self._iptables_in_sync = False
            self._device_in_sync = False

    @actor_message()
    def on_interface_update(self, iface_up):
        """
        Actor event to report that the interface is either up or changed.
        """
        _log.info("Endpoint %s received interface kick: %s", self.combined_id, iface_up)
        assert not self._unreferenced, "Interface kick after unreference"

        # Use a flag so that we coalesce any duplicate updates in
        # _finish_msg_batch.
        self._device_in_sync = False
        self._device_is_up = iface_up

#.........这里部分代码省略.........
开发者ID:ndonegan,项目名称:calico,代码行数:101,代码来源:endpoint.py

示例9: LocalEndpoint

class LocalEndpoint(RefCountedActor):

    def __init__(self, config, combined_id, ip_type, iptables_updater,
                 dispatch_chains, rules_manager):
        """
        Controls a single local endpoint.

        :param combined_id: EndpointId for this endpoint.
        :param ip_type: IP type for this endpoint (IPv4 or IPv6)
        :param iptables_updater: IptablesUpdater to use
        :param dispatch_chains: DispatchChains to use
        :param rules_manager: RulesManager to use
        """
        super(LocalEndpoint, self).__init__(qualifier="%s(%s)" %
                                            (combined_id.endpoint, ip_type))
        assert isinstance(dispatch_chains, DispatchChains)
        assert isinstance(rules_manager, RulesManager)

        self.config = config

        self.combined_id = combined_id
        self.ip_type = ip_type

        self.iptables_updater = iptables_updater
        self.dispatch_chains = dispatch_chains
        self.rules_mgr = rules_manager

        self.rules_ref_helper = RefHelper(self, rules_manager,
                                          self._on_profiles_ready)

        self._pending_endpoint = None
        self._endpoint_update_pending = False
        self._mac_changed = False

        # Will be filled in as we learn about the OS interface and the
        # endpoint config.
        self.endpoint = None
        self._mac = None
        self._iface_name = None
        self._suffix = None

        # Keep track of which dependencies we're missing.
        self._missing_deps = self._calculate_missing_deps()

        # Track the success/failure of our dataplane programming.
        self._iptables_in_sync = False
        self._device_in_sync = False

        # One-way flags to indicate that we should clean up/have cleaned up.
        self._unreferenced = False
        self._added_to_dispatch_chains = False
        self._cleaned_up = False

    @property
    def nets_key(self):
        if self.ip_type == IPV4:
            return "ipv4_nets"
        else:
            return "ipv6_nets"

    @actor_message()
    def on_endpoint_update(self, endpoint, force_reprogram=False):
        """
        Called when this endpoint has received an update.
        :param dict[str]|NoneType endpoint: endpoint parameter dictionary.
        """
        _log.info("%s updated: %s", self, endpoint)
        assert not self._unreferenced, "Update after being unreferenced"

        # Store off the update, to be handled in _finish_msg_batch.
        self._pending_endpoint = endpoint
        self._endpoint_update_pending = True
        if force_reprogram:
            self._iptables_in_sync = False
            self._device_in_sync = False

    @actor_message()
    def on_interface_update(self):
        """
        Actor event to report that the interface is either up or changed.
        """
        _log.info("Endpoint %s received interface kick", self.combined_id)

        # Use a flag so that we coalesce any duplicate updates in
        # _finish_msg_batch.
        self._device_in_sync = False

    @actor_message()
    def on_unreferenced(self):
        """
        Overrides RefCountedActor:on_unreferenced.
        """
        _log.info("%s now unreferenced, cleaning up", self)

        # We should be deleted before being unreferenced.
        assert self.endpoint is None or (self._pending_endpoint is None and
                                         self._endpoint_update_pending)

        # Defer the processing to _finish_msg_batch.
        self._unreferenced = True
#.........这里部分代码省略.........
开发者ID:vi4m,项目名称:calico,代码行数:101,代码来源:endpoint.py

示例10: LocalEndpoint

class LocalEndpoint(RefCountedActor):
    def __init__(self, config, combined_id, ip_type, iptables_updater, dispatch_chains, rules_manager):
        """
        Controls a single local endpoint.

        :param combined_id: EndpointId for this endpoint.
        :param ip_type: IP type for this endpoint (IPv4 or IPv6)
        :param iptables_updater: IptablesUpdater to use
        :param dispatch_chains: DispatchChains to use
        :param rules_manager: RulesManager to use
        """
        super(LocalEndpoint, self).__init__(qualifier="%s(%s)" % (combined_id.endpoint, ip_type))
        assert isinstance(dispatch_chains, DispatchChains)
        assert isinstance(rules_manager, RulesManager)

        self.combined_id = combined_id

        self.config = config
        self.ip_type = ip_type
        self.ip_version = futils.IP_TYPE_TO_VERSION[ip_type]
        if self.ip_type == IPV4:
            self.nets_key = "ipv4_nets"
        else:
            self.nets_key = "ipv6_nets"
        self.iptables_updater = iptables_updater
        self.dispatch_chains = dispatch_chains
        self.rules_mgr = rules_manager
        self.rules_ref_helper = RefHelper(self, rules_manager, self._on_profiles_ready)

        # Will be filled in as we learn about the OS interface and the
        # endpoint config.
        self.endpoint = None
        self._mac = None
        self._iface_name = None
        self._suffix = None

        # Track whether the last attempt to program the dataplane succeeded.
        # We'll force a reprogram next time we get a kick.
        self._failed = False
        # And whether we've received an update since last time we programmed.
        self._dirty = False

    @actor_message()
    def on_endpoint_update(self, endpoint, force_reprogram=False):
        """
        Called when this endpoint has received an update.
        :param dict[str] endpoint: endpoint parameter dictionary.
        """
        _log.info("%s updated: %s", self, endpoint)
        mac_changed = False

        if not endpoint and not self.endpoint:
            # First time we have been called, but it's a delete! Maybe some
            # odd timing window, but we have nothing to tidy up.
            return

        if endpoint and endpoint["mac"] != self._mac:
            # Either we have not seen this MAC before, or it has changed.
            self._mac = endpoint["mac"]
            mac_changed = True

        if endpoint and not self.endpoint:
            # This is the first time we have seen the endpoint, so extract the
            # interface name and endpoint ID.
            self._iface_name = endpoint["name"]
            self._suffix = interface_to_suffix(self.config, self._iface_name)

        was_ready = self._ready

        # Activate the required profile IDs (and deactivate any that we no
        # longer need).
        if endpoint:
            new_profile_ids = set(endpoint["profile_ids"])
        else:
            new_profile_ids = set()
        # Note: we don't actually need to wait for the activation to finish
        # due to the dependency management in the iptables layer.
        self.rules_ref_helper.replace_all(new_profile_ids)

        if endpoint != self.endpoint or force_reprogram:
            self._dirty = True

        # Store off the endpoint we were passed.
        self.endpoint = endpoint

        if endpoint:
            # Configure the network interface; may fail if not there yet (in
            # which case we'll just do it when the interface comes up).
            self._configure_interface(mac_changed)
        else:
            # Remove the network programming.
            self._deconfigure_interface()

        self._maybe_update(was_ready)
        _log.debug("%s finished processing update", self)

    @actor_message()
    def on_unreferenced(self):
        """
        Overrides RefCountedActor:on_unreferenced.
#.........这里部分代码省略.........
开发者ID:kasisnu,项目名称:calico,代码行数:101,代码来源:endpoint.py

示例11: setUp

 def setUp(self):
     super(TestRefHelper, self).setUp()
     self._rh = RefHelper(self._rm,
                          self._rm,
                          self._rm.ready_callback)
开发者ID:elfchief,项目名称:calico,代码行数:5,代码来源:test_refcount.py

示例12: TestRefHelper

class TestRefHelper(TestReferenceManager):
    def setUp(self):
        super(TestRefHelper, self).setUp()
        self._rh = RefHelper(self._rm,
                             self._rm,
                             self._rm.ready_callback)

    def test_no_refs(self):
        # With no references, we're ready but haven't been notified
        self.assertFalse(self._rm._ready_called)
        self.assertTrue(self._rh.ready)

        # Discarding non-existent references is allowed
        self._rh.discard_ref("foo")

    def test_acquire_discard_1(self):
        # Acquire a reference to 'foo' - it won't be ready immediately
        self._rh.acquire_ref("foo")
        self.assertFalse(self._rm._ready_called)
        self.assertFalse(self._rh.ready)

        # Spin the actor framework - we become ready
        _, obj = self.call_via_cb(self._rm.get_and_incref, "bar", async=True)
        self.assertTrue(self._rm._ready_called)
        self.assertTrue(self._rh.ready)
        self.assertEqual(next(self._rh.iteritems())[0], "foo")

        # Acquiring an already-acquired reference is idempotent
        self._rh.acquire_ref("foo")
        self.assertTrue(self._rh.ready)

        # Discard the reference
        self._rh.discard_ref("foo")
        _, obj = self.call_via_cb(self._rm.get_and_incref, "baz", async=True)
        self.assertTrue(self._rh.ready)

    def test_sync_acquire_discard(self):
        # Acquire a reference and discard it before it's become ready
        self._rh.acquire_ref("foo")
        self.assertFalse(self._rh.ready)

        self._rh.discard_ref("foo")
        self.assertTrue(self._rh.ready)

        # Spin the actor framework
        _, obj = self.call_via_cb(self._rm.get_and_incref, "bar", async=True)

    def test_acquire_discard_2(self):
        # Acquire two references
        self._rh.acquire_ref("foo")
        _, obj = self.call_via_cb(self._rm.get_and_incref, "bar", async=True)
        self._rh.acquire_ref("baz")
        self.assertFalse(self._rh.ready)
        _, obj = self.call_via_cb(self._rm.get_and_incref, "bar2", async=True)
        acq_ids = list(key for key, value in self._rh.iteritems())
        self.assertItemsEqual(acq_ids, ["foo", "baz"])
        self.assertTrue(self._rh.ready)

        # Discard them all!
        self._rh.discard_all()
开发者ID:elfchief,项目名称:calico,代码行数:60,代码来源:test_refcount.py

示例13: ProfileRules

class ProfileRules(RefCountedActor):
    """
    Actor that owns the per-profile rules chains.
    """
    def __init__(self, iptables_generator, profile_id, ip_version,
                 iptables_updater, ipset_mgr):
        super(ProfileRules, self).__init__(qualifier=profile_id)
        assert profile_id is not None

        self.iptables_generator = iptables_generator
        self.id = profile_id
        self.ip_version = ip_version
        self._ipset_mgr = ipset_mgr
        self._iptables_updater = iptables_updater
        self._ipset_refs = RefHelper(self, ipset_mgr, self._on_ipsets_acquired)

        # Latest profile update - a profile dictionary.
        self._pending_profile = None
        # Currently-programmed profile dictionary.
        self._profile = None
        # The IDs of the tags and selector ipsets it requires.
        self._required_ipsets = set()

        # State flags.
        self._notified_ready = False
        self._cleaned_up = False
        self._dead = False
        self._dirty = True

    @actor_message()
    def on_profile_update(self, profile, force_reprogram=False):
        """
        Update the programmed iptables configuration with the new
        profile.

        :param dict[str]|NoneType profile: Dictionary of all profile data or
            None if profile is to be deleted.
        """
        _log.debug("%s: Profile update: %s", self, profile)
        assert not self._dead, "Shouldn't receive updates after we're dead."
        self._pending_profile = profile
        self._dirty |= force_reprogram

    @actor_message()
    def on_unreferenced(self):
        """
        Called to tell us that this profile is no longer needed.
        """
        # Flag that we're dead and then let finish_msg_batch() do the cleanup.
        self._dead = True

    def _on_ipsets_acquired(self):
        """
        Callback from the RefHelper once it's acquired all the ipsets we
        need.

        This is called from an actor_message on our greenlet.
        """
        # Nothing to do here, if this is being called then we're already in
        # a message batch so _finish_msg_batch() will get called next.
        _log.info("All required ipsets acquired.")

    def _finish_msg_batch(self, batch, results):
        # Due to dependency management in IptablesUpdater, we don't need to
        # worry about programming the dataplane before notifying so do it on
        # this common code path.
        if not self._notified_ready:
            self._notify_ready()
            self._notified_ready = True

        if self._dead:
            # Only want to clean up once.  Note: we can get here a second time
            # if we had a pending ipset incref in-flight when we were asked
            # to clean up.
            if not self._cleaned_up:
                try:
                    _log.info("%s unreferenced, removing our chains", self)
                    self._delete_chains()
                    self._ipset_refs.discard_all()
                    self._ipset_refs = None  # Break ref cycle.
                    self._profile = None
                    self._pending_profile = None
                finally:
                    self._cleaned_up = True
                    self._notify_cleanup_complete()
        else:
            if self._pending_profile != self._profile:
                _log.debug("Profile data changed, updating ipset references.")
                # Make sure that all the new tags and selectors are active.
                # We can't discard unneeded ones until we've updated iptables.
                new_tags_and_sels = extract_tags_and_selectors_from_profile(
                    self._pending_profile
                )
                for tag_or_sel in new_tags_and_sels:
                    _log.debug("Requesting ipset for tag %s", tag_or_sel)
                    # Note: acquire_ref() is a no-op if already acquired.
                    self._ipset_refs.acquire_ref(tag_or_sel)

                self._dirty = True
                self._profile = self._pending_profile
#.........这里部分代码省略.........
开发者ID:huainansto,项目名称:calico,代码行数:101,代码来源:profilerules.py

示例14: LocalEndpoint

class LocalEndpoint(RefCountedActor):

    def __init__(self, config, combined_id, ip_type, iptables_updater,
                 dispatch_chains, rules_manager, fip_manager, status_reporter):
        """
        Controls a single local endpoint.

        :param combined_id: EndpointId for this endpoint.
        :param ip_type: IP type for this endpoint (IPv4 or IPv6)
        :param iptables_updater: IptablesUpdater to use
        :param dispatch_chains: DispatchChains to use
        :param rules_manager: RulesManager to use
        :param fip_manager: FloatingIPManager to use
        """
        super(LocalEndpoint, self).__init__(qualifier="%s(%s)" %
                                             (combined_id.endpoint, ip_type))
        assert isinstance(rules_manager, RulesManager)

        self.config = config
        self.iptables_generator = config.plugins["iptables_generator"]

        self.combined_id = combined_id
        self.ip_type = ip_type

        # Other actors we need to talk to.
        self.iptables_updater = iptables_updater
        self.dispatch_chains = dispatch_chains
        self.rules_mgr = rules_manager
        self.status_reporter = status_reporter
        self.fip_manager = fip_manager

        # Helper for acquiring/releasing profiles.
        self._rules_ref_helper = RefHelper(self, rules_manager,
                                           self._on_profiles_ready)

        # List of global policies that we care about.
        self._pol_ids_by_tier = OrderedDict()

        # List of explicit profile IDs that we've processed.
        self._explicit_profile_ids = None

        # Per-batch state.
        self._pending_endpoint = None
        self._endpoint_update_pending = False
        self._mac_changed = False
        # IPs that no longer belong to this endpoint and need cleaning up.
        self._removed_ips = set()

        # Current endpoint data.
        self.endpoint = None

        # Will be filled in as we learn about the OS interface and the
        # endpoint config.
        self._mac = None
        self._iface_name = None
        self._suffix = None

        # Track the success/failure of our dataplane programming.
        self._chains_programmed = False
        self._iptables_in_sync = False
        self._device_in_sync = False
        self._profile_ids_dirty = False

        # Oper-state of the Linux interface.
        self._device_is_up = None  # Unknown

        # Our last status report.  Used for de-dupe.
        self._last_status = None

        # One-way flags to indicate that we should clean up/have cleaned up.
        self._unreferenced = False
        self._added_to_dispatch_chains = False
        self._cleaned_up = False

    @property
    def nets_key(self):
        if self.ip_type == IPV4:
            return "ipv4_nets"
        else:
            return "ipv6_nets"

    @property
    def nat_key(self):
        return nat_key(self.ip_type)

    @property
    def _admin_up(self):
        return (not self._unreferenced and
                self.endpoint and
                self.endpoint.get("state", "active") == "active")

    @actor_message()
    def on_endpoint_update(self, endpoint, force_reprogram=False):
        """
        Called when this endpoint has received an update.
        :param dict[str]|NoneType endpoint: endpoint parameter dictionary.
        """
        _log.info("%s updated: %s", self, endpoint)
        assert not self._unreferenced, "Update after being unreferenced"

#.........这里部分代码省略.........
开发者ID:is00hcw,项目名称:calico,代码行数:101,代码来源:endpoint.py

示例15: ProfileRules

class ProfileRules(RefCountedActor):
    """
    Actor that owns the per-profile rules chains.
    """
    def __init__(self, profile_id, ip_version, iptables_updater, ipset_mgr):
        super(ProfileRules, self).__init__(qualifier=profile_id)
        assert profile_id is not None

        self.id = profile_id
        self.ip_version = ip_version
        self.ipset_mgr = ipset_mgr
        self._iptables_updater = iptables_updater
        self.notified_ready = False

        self.ipset_refs = RefHelper(self, ipset_mgr, self._maybe_update)

        self._profile = None
        """
        :type dict|None: filled in by first update.  Reset to None on delete.
        """
        self.dead = False

        self.chain_names = {
            "inbound": profile_to_chain_name("inbound", profile_id),
            "outbound": profile_to_chain_name("outbound", profile_id),
        }
        _log.info("Profile %s has chain names %s",
                  profile_id, self.chain_names)

    @actor_message()
    def on_profile_update(self, profile):
        """
        Update the programmed iptables configuration with the new
        profile.
        """
        _log.debug("%s: Profile update: %s", self, profile)
        assert profile is None or profile["id"] == self.id
        assert not self.dead, "Shouldn't receive updates after we're dead."

        old_tags = extract_tags_from_profile(self._profile)
        new_tags = extract_tags_from_profile(profile)

        removed_tags = old_tags - new_tags
        added_tags = new_tags - old_tags
        for tag in removed_tags:
            _log.debug("Queueing ipset for tag %s for decref", tag)
            self.ipset_refs.discard_ref(tag)
        for tag in added_tags:
            _log.debug("Requesting ipset for tag %s", tag)
            self.ipset_refs.acquire_ref(tag)

        self._profile = profile
        self._maybe_update()

    def _maybe_update(self):
        if self.dead:
            _log.info("Not updating: profile is dead.")
        elif not self.ipset_refs.ready:
            _log.info("Can't program rules %s yet, waiting on ipsets",
                      self.id)
        else:
            _log.info("Ready to program rules for %s", self.id)
            self._update_chains()

    @actor_message()
    def on_unreferenced(self):
        """
        Called to tell us that this profile is no longer needed.  Removes
        our iptables configuration.
        """
        try:
            _log.info("%s unreferenced, removing our chains", self)
            self.dead = True
            chains = []
            for direction in ["inbound", "outbound"]:
                chain_name = self.chain_names[direction]
                chains.append(chain_name)
            self._iptables_updater.delete_chains(chains, async=False)
            self.ipset_refs.discard_all()
            self.ipset_refs = None # Break ref cycle.
            self._profile = None
        finally:
            self._notify_cleanup_complete()

    def _update_chains(self):
        """
        Updates the chains in the dataplane.
        """
        _log.info("%s Programming iptables with our chains.", self)
        updates = {}
        for direction in ("inbound", "outbound"):
            _log.debug("Updating %s chain for profile %s", direction,
                       self.id)
            new_profile = self._profile or {}
            _log.debug("Profile %s: %s", self.id, self._profile)
            rules_key = "%s_rules" % direction
            new_rules = new_profile.get(rules_key, [])
            chain_name = self.chain_names[direction]
            tag_to_ip_set_name = {}
            for tag, ipset in self.ipset_refs.iteritems():
#.........这里部分代码省略.........
开发者ID:ahrkrak,项目名称:calico,代码行数:101,代码来源:profilerules.py


注:本文中的calico.felix.refcount.RefHelper类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。