From: Tony Mack <tmack@paris.CS.Princeton.EDU>
Date: Fri, 31 Aug 2012 02:05:49 +0000 (-0400)
Subject: include firewall rules in openstack manifest rspec
X-Git-Tag: sfa-3.0-0~118
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=0988a22d73fd502b090614825fe6fd4e50d48bb2;p=sfa.git

include firewall rules in openstack manifest rspec
---

diff --git a/sfa/openstack/osaggregate.py b/sfa/openstack/osaggregate.py
index 09d9f465..3738a6be 100644
--- a/sfa/openstack/osaggregate.py
+++ b/sfa/openstack/osaggregate.py
@@ -18,6 +18,7 @@ from sfa.rspecs.elements.login import Login
 from sfa.rspecs.elements.disk_image import DiskImage
 from sfa.rspecs.elements.services import Services
 from sfa.rspecs.elements.interface import Interface
+from sfa.rspecs.elements.fw_rule import FWRule
 from sfa.util.xrn import Xrn
 from sfa.planetlab.plxrn import PlXrn 
 from sfa.openstack.osxrn import OSXrn, hrn_to_os_slicename
@@ -140,15 +141,32 @@ class OSAggregate:
         rspec_node['sliver_id'] = OSXrn(name=instance.name, type='slice', id=instance.id).get_urn() 
         if instance.metadata.get('client_id'):
             rspec_node['client_id'] = instance.metadata.get('client_id')
+
+        # get sliver details
         flavor = self.driver.shell.nova_manager.flavors.find(id=instance.flavor['id'])
-        rspec_node['slivers'] = [self.instance_to_sliver(flavor)]
+        sliver = self.instance_to_sliver(flavor)
+        # get firewall rules
+        fw_rules = []
+        group_name = instance.metadata.get('security_groups')
+        if group_name:
+            group = self.driver.shell.nova_manager.security_groups.find(name=group_name)
+            for rule in group.rules:
+                port_range ="%s:%s" % (rule['from_port'], rule['to_port'])
+                fw_rule = FWRule({'protocol': rule['ip_protocol'],
+                                  'port_range': port_range,
+                                  'cidr_ip': rule['ip_range']['cidr']})
+                fw_rules.append(fw_rule)
+        sliver['fw_rules'] = fw_rules 
+        rspec_node['slivers'] = [sliver]
+
+        # get disk image
         image = self.driver.shell.image_manager.get_images(id=instance.image['id'])
         if isinstance(image, list) and len(image) > 0:
             image = image[0]
         disk_image = image_to_rspec_disk_image(image)
         sliver['disk_image'] = [disk_image]
 
-        # build interfaces            
+        # get interfaces            
         rspec_node['services'] = []
         rspec_node['interfaces'] = []
         addresses = instance.addresses
diff --git a/sfa/rspecs/elements/versions/plosv1FWRule.py b/sfa/rspecs/elements/versions/plosv1FWRule.py
index 974fc3d9..744a36f3 100644
--- a/sfa/rspecs/elements/versions/plosv1FWRule.py
+++ b/sfa/rspecs/elements/versions/plosv1FWRule.py
@@ -7,11 +7,12 @@ class PLOSv1FWRule:
         if not rules:
             return 
         for rule in rules:
-            rule_elem = xml.add_element('plos:fw_rule')
+            rule_elem = xml.add_element('{%s}fw_rule' % xml.namespaces['plos'])
             rule_elem.set('protocol', rule.get('protocol'))
             rule_elem.set('port_range', rule.get('port_range'))
             rule_elem.set('cidr_ip', rule.get('cidr_ip'))
-            rule_elem.set('icmp_type_code', rule.get('icmp_type_code'))
+            if rule.get('icmp_type_code'):
+                rule_elem.set('icmp_type_code', rule.get('icmp_type_code'))
               
     @staticmethod
     def get_rules(xml):