Commit f4064583 authored by Morten Knutsen's avatar Morten Knutsen

Add code to clean security groups and dns ptr records. Bump version.

parent eccabe03
......@@ -2,7 +2,7 @@
from __future__ import absolute_import, division, print_function, unicode_literals
import etcd
import argparse
from nova_router import neighbors
from nova_router import neighbors,security_groups,dns_rr
from scvmm_client import odata
import logging
import uuid
......@@ -11,7 +11,11 @@ try:
except ImportError:
from ConfigParser import SafeConfigParser # pylint: disable=F0401
DESCRIPTION = "Remove ip/mac bindings for VMs that no longer exists"
Remove ip/mac bindings for VMs that no longer exists.
Also remove mac-addresses from security groups in etcd.
Also reset PTR-records in DNS.
def parse_args():
......@@ -39,6 +43,7 @@ def main():
ssl_cert=conf.get('etcd', 'cert'), verify=conf.get('etcd', 'cacert'))
vmm_client = odata.VMMClient(conf.get('spf', 'vmm_baseurl'), conf.get('spf', 'username'),
conf.get('spf', 'password'))
pdns_url = conf.get('pdns', 'url')
nics = set()
for nic in vmm_client.query_collection("VirtualNetworkAdapters"):
......@@ -55,12 +60,33 @@ def main():
ipaddr = neighbors.get_ipaddress_from_mac(etcd_client, mac, addrtype)
if ipaddr is not None:
if not args.noop:
# Remove ip/mac binding"Removing address {} from mac {}".format(ipaddr, mac))
neighbors.remove_pair(etcd_client, mac, ipaddr, addrtype)
# Remove DNS PTR record"Cleaning DNS PTR record for address {}".format(ipaddr))
ptr_record = dns_rr.get_ptr_record(pdns_url, ipaddr, addrtype != neighbors.V4)
dns_rr.remove_record(pdns_url, ptr_record['id'])
else:"Would have removed address {} from mac {}".format(ipaddr, mac))"Would have cleaned DNS PTR records for address {}".format(ipaddr))
ptr_record = dns_rr.get_ptr_record(pdns_url, ipaddr, addrtype != neighbors.V4)"Would have clean record: {}".format(ptr_record))
logging.debug("found owner for mac {}".format(mac))
# Remove from security groups
groups = security_groups.get_security_groups(etcd_client)
for group in groups:
_, members = security_groups.get_group_members(etcd_client, group)
for mac in members:
if not mac in nics:
if not args.noop:"Removing mac {} from security group with id {}".format(mac, group))
security_groups.delete_mac_from_group(etcd_client, group, mac)
else:"Would have removed mac {} from group with id {}".format(mac, group))
if __name__ == '__main__':
......@@ -15,7 +15,7 @@ requires = [
description='Uninett nova router',
"Programming Language :: Python",
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment