fix security groups removed from novaclient
Change-Id: Ie93aca03ca540bc9697df8460e5cca8533053071
This commit is contained in:
parent
7f3f6ab12b
commit
8bbd410cdb
|
@ -74,7 +74,7 @@ class BaseCompute(object):
|
||||||
availability_zone=avail_zone,
|
availability_zone=avail_zone,
|
||||||
userdata=user_data,
|
userdata=user_data,
|
||||||
config_drive=config_drive,
|
config_drive=config_drive,
|
||||||
security_groups=[sec_group.id])
|
security_groups=[sec_group['id']])
|
||||||
self.res_logger.log('instances', self.vm_name, instance.id)
|
self.res_logger.log('instances', self.vm_name, instance.id)
|
||||||
|
|
||||||
if not instance:
|
if not instance:
|
||||||
|
@ -140,63 +140,84 @@ class BaseCompute(object):
|
||||||
|
|
||||||
class SecGroup(object):
|
class SecGroup(object):
|
||||||
|
|
||||||
|
def __init__(self, novaclient, neutronclient):
|
||||||
def __init__(self, novaclient):
|
|
||||||
self.secgroup = None
|
self.secgroup = None
|
||||||
self.secgroup_name = None
|
self.secgroup_name = None
|
||||||
self.novaclient = novaclient
|
self.novaclient = novaclient
|
||||||
|
self.neutronclient = neutronclient
|
||||||
|
|
||||||
def create_secgroup_with_rules(self, group_name):
|
def create_secgroup_with_rules(self, group_name):
|
||||||
group = self.novaclient.security_groups.create(name=group_name,
|
body = {
|
||||||
description="Test sec group")
|
'security_group': {
|
||||||
|
'name': group_name,
|
||||||
|
'description': 'Test sec group'
|
||||||
|
}
|
||||||
|
}
|
||||||
|
group = self.neutronclient.create_security_group(body)['security_group']
|
||||||
|
|
||||||
|
body = {
|
||||||
|
'security_group_rule': {
|
||||||
|
'direction': 'ingress',
|
||||||
|
'security_group_id': group['id'],
|
||||||
|
'remote_group_id': None
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
# Allow ping traffic
|
# Allow ping traffic
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
body['security_group_rule']['protocol'] = 'icmp'
|
||||||
ip_protocol="icmp",
|
body['security_group_rule']['port_range_min'] = None
|
||||||
from_port=-1,
|
body['security_group_rule']['port_range_max'] = None
|
||||||
to_port=-1)
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
# Allow SSH traffic
|
# Allow SSH traffic
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
body['security_group_rule']['protocol'] = 'tcp'
|
||||||
ip_protocol="tcp",
|
body['security_group_rule']['port_range_min'] = 22
|
||||||
from_port=22,
|
body['security_group_rule']['port_range_max'] = 22
|
||||||
to_port=22)
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
# Allow HTTP traffic
|
# Allow HTTP traffic
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
body['security_group_rule']['protocol'] = 'tcp'
|
||||||
ip_protocol="tcp",
|
body['security_group_rule']['port_range_min'] = 80
|
||||||
from_port=80,
|
body['security_group_rule']['port_range_max'] = 80
|
||||||
to_port=80)
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
# Allow Redis traffic
|
# Allow Redis traffic
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
body['security_group_rule']['protocol'] = 'tcp'
|
||||||
ip_protocol="tcp",
|
body['security_group_rule']['port_range_min'] = 6379
|
||||||
from_port=6379,
|
body['security_group_rule']['port_range_max'] = 6379
|
||||||
to_port=6379)
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
# Allow Nuttcp traffic
|
# Allow Nuttcp traffic
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
body['security_group_rule']['protocol'] = 'tcp'
|
||||||
ip_protocol="tcp",
|
body['security_group_rule']['port_range_min'] = 5000
|
||||||
from_port=5000,
|
body['security_group_rule']['port_range_max'] = 6000
|
||||||
to_port=6000)
|
self.neutronclient.create_security_group_rule(body)
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
|
||||||
ip_protocol="tcp",
|
|
||||||
from_port=12000,
|
|
||||||
to_port=13000)
|
|
||||||
|
|
||||||
|
body['security_group_rule']['protocol'] = 'tcp'
|
||||||
|
body['security_group_rule']['port_range_min'] = 12000
|
||||||
|
body['security_group_rule']['port_range_max'] = 13000
|
||||||
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
|
body['security_group_rule']['protocol'] = 'udp'
|
||||||
|
body['security_group_rule']['port_range_min'] = 123
|
||||||
|
body['security_group_rule']['port_range_max'] = 123
|
||||||
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
|
body['security_group_rule']['protocol'] = 'udp'
|
||||||
|
body['security_group_rule']['port_range_min'] = 5000
|
||||||
|
body['security_group_rule']['port_range_max'] = 6000
|
||||||
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
|
body['security_group_rule']['protocol'] = 'udp'
|
||||||
|
body['security_group_rule']['port_range_min'] = 12000
|
||||||
|
body['security_group_rule']['port_range_max'] = 14000
|
||||||
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
|
body['security_group_rule']['protocol'] = 'udp'
|
||||||
|
body['security_group_rule']['port_range_min'] = 319
|
||||||
|
body['security_group_rule']['port_range_max'] = 320
|
||||||
|
self.neutronclient.create_security_group_rule(body)
|
||||||
|
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
|
||||||
ip_protocol="udp",
|
|
||||||
from_port=123,
|
|
||||||
to_port=123)
|
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
|
||||||
ip_protocol="udp",
|
|
||||||
from_port=5000,
|
|
||||||
to_port=6000)
|
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
|
||||||
ip_protocol="udp",
|
|
||||||
from_port=12000,
|
|
||||||
to_port=14000)
|
|
||||||
self.novaclient.security_group_rules.create(group.id,
|
|
||||||
ip_protocol="udp",
|
|
||||||
from_port=319,
|
|
||||||
to_port=320)
|
|
||||||
self.secgroup = group
|
self.secgroup = group
|
||||||
self.secgroup_name = group_name
|
self.secgroup_name = group_name
|
||||||
|
|
||||||
|
@ -211,12 +232,12 @@ class SecGroup(object):
|
||||||
|
|
||||||
for _ in range(10):
|
for _ in range(10):
|
||||||
try:
|
try:
|
||||||
self.novaclient.security_groups.delete(self.secgroup)
|
self.neutronclient.delete_security_group(self.secgroup['id'])
|
||||||
return True
|
return True
|
||||||
except Exception:
|
except Exception:
|
||||||
time.sleep(2)
|
time.sleep(2)
|
||||||
|
|
||||||
LOG.error('Failed while deleting security group %s.' % self.secgroup.id)
|
LOG.error('Failed while deleting security group %s.' % self.secgroup['id'])
|
||||||
return False
|
return False
|
||||||
|
|
||||||
class KeyPair(object):
|
class KeyPair(object):
|
||||||
|
|
|
@ -152,12 +152,12 @@ class BaseNetwork(object):
|
||||||
"""
|
"""
|
||||||
# Create the security groups first
|
# Create the security groups first
|
||||||
for secgroup_count in range(config_scale['secgroups_per_network']):
|
for secgroup_count in range(config_scale['secgroups_per_network']):
|
||||||
secgroup_instance = base_compute.SecGroup(self.nova_client)
|
secgroup_instance = base_compute.SecGroup(self.nova_client, self.neutron_client)
|
||||||
self.secgroup_list.append(secgroup_instance)
|
self.secgroup_list.append(secgroup_instance)
|
||||||
secgroup_name = network_prefix + "-SG" + str(secgroup_count)
|
secgroup_name = network_prefix + "-SG" + str(secgroup_count)
|
||||||
secgroup_instance.create_secgroup_with_rules(secgroup_name)
|
secgroup_instance.create_secgroup_with_rules(secgroup_name)
|
||||||
self.res_logger.log('sec_groups', secgroup_instance.secgroup.name,
|
self.res_logger.log('sec_groups', secgroup_instance.secgroup['name'],
|
||||||
secgroup_instance.secgroup.id)
|
secgroup_instance.secgroup['id'])
|
||||||
|
|
||||||
LOG.info("Scheduled to create VMs for network %s..." % network_prefix)
|
LOG.info("Scheduled to create VMs for network %s..." % network_prefix)
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@ python-glanceclient>=2.6.0
|
||||||
python-openstackclient>=3.11.0
|
python-openstackclient>=3.11.0
|
||||||
python-neutronclient>=6.2.0
|
python-neutronclient>=6.2.0
|
||||||
# migrate security group API to neutron client before moving to nova client 8.0.0
|
# migrate security group API to neutron client before moving to nova client 8.0.0
|
||||||
python-novaclient<8.0.0
|
python-novaclient>=8.0.0
|
||||||
python-keystoneclient>=3.10.0
|
python-keystoneclient>=3.10.0
|
||||||
attrdict>=2.0.0
|
attrdict>=2.0.0
|
||||||
hdrhistogram>=0.5.2
|
hdrhistogram>=0.5.2
|
||||||
|
|
Loading…
Reference in New Issue