From 8bf16b82640cc98629bef158b8e56d0032afcb7d Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Thu, 30 Aug 2012 21:51:07 -0400 Subject: [PATCH] include firewall rules in openstack manifest rspec --- sfa/openstack/osaggregate.py | 28 +++++++++++++++----- sfa/rspecs/elements/versions/pgv2Node.py | 1 - sfa/rspecs/elements/versions/plosv1FWRule.py | 5 ++-- 3 files changed, 24 insertions(+), 10 deletions(-) diff --git a/sfa/openstack/osaggregate.py b/sfa/openstack/osaggregate.py index b9f6487a..8d4b8360 100644 --- a/sfa/openstack/osaggregate.py +++ b/sfa/openstack/osaggregate.py @@ -17,6 +17,7 @@ from sfa.rspecs.elements.login import Login from sfa.rspecs.elements.disk_image import DiskImage from sfa.rspecs.elements.services import Services from sfa.rspecs.elements.interface import Interface +from sfa.rspecs.elements.fw_rule import FWRule from sfa.util.xrn import Xrn from sfa.planetlab.plxrn import PlXrn from sfa.openstack.osxrn import OSXrn, hrn_to_os_slicename @@ -101,23 +102,35 @@ class OSAggregate: rspec_node['component_id'] = node_xrn.urn rspec_node['component_name'] = node_xrn.name rspec_node['component_manager_id'] = Xrn(self.driver.hrn, 'authority+cm').get_urn() - rspec_node['slivers'] = [] - if instance.metadata.get('client_id'): rspec_node['client_id'] = instance.metadata.get('client_id') - + + # get sliver details + sliver_xrn = OSXrn(xrn=slice_xrn, type='slice', id=instance.id) + rspec_node['sliver_id'] = sliver_xrn.get_urn() flavor = self.driver.shell.nova_manager.flavors.find(id=instance.flavor['id']) sliver = instance_to_sliver(flavor) - rspec_node['slivers'].append(sliver) - sliver_xrn = OSXrn(xrn=slice_xrn, type='slice', id=instance.id) - rspec_node['sliver_id'] = sliver_xrn.get_urn() + # get firewall rules + fw_rules = [] + group_name = instance.metadata.get('security_groups') + if group_name: + group = self.driver.shell.nova_manager.security_groups.find(name=group_name) + for rule in group.rules: + port_range ="%s:%s" % (rule['from_port'], rule['to_port']) + fw_rule = FWRule({'protocol': rule['ip_protocol'], + 'port_range': port_range, + 'cidr_ip': rule['ip_range']['cidr']}) + fw_rules.append(fw_rule) + sliver['fw_rules'] = fw_rules + rspec_node['slivers']= [sliver] + # get disk image image = self.driver.shell.image_manager.get_images(id=instance.image['id']) if isinstance(image, list) and len(image) > 0: image = image[0] disk_image = image_to_rspec_disk_image(image) sliver['disk_image'] = [disk_image] - # build interfaces + # get interfaces rspec_node['services'] = [] rspec_node['interfaces'] = [] addresses = instance.addresses @@ -151,6 +164,7 @@ class OSAggregate: 'port':'22', 'username': 'root'}) service = Services({'login': login}) rspec_node['services'].append(service) + rspec_nodes.append(rspec_node) return rspec_nodes diff --git a/sfa/rspecs/elements/versions/pgv2Node.py b/sfa/rspecs/elements/versions/pgv2Node.py index 88787b52..51916898 100644 --- a/sfa/rspecs/elements/versions/pgv2Node.py +++ b/sfa/rspecs/elements/versions/pgv2Node.py @@ -58,7 +58,6 @@ class PGv2Node: for initscript in node.get('pl_initscripts', []): slivers['tags'].append({'name': 'initscript', 'value': initscript['name']}) PGv2SliverType.add_slivers(node_elem, slivers) - return node_elems @staticmethod diff --git a/sfa/rspecs/elements/versions/plosv1FWRule.py b/sfa/rspecs/elements/versions/plosv1FWRule.py index 974fc3d9..744a36f3 100644 --- a/sfa/rspecs/elements/versions/plosv1FWRule.py +++ b/sfa/rspecs/elements/versions/plosv1FWRule.py @@ -7,11 +7,12 @@ class PLOSv1FWRule: if not rules: return for rule in rules: - rule_elem = xml.add_element('plos:fw_rule') + rule_elem = xml.add_element('{%s}fw_rule' % xml.namespaces['plos']) rule_elem.set('protocol', rule.get('protocol')) rule_elem.set('port_range', rule.get('port_range')) rule_elem.set('cidr_ip', rule.get('cidr_ip')) - rule_elem.set('icmp_type_code', rule.get('icmp_type_code')) + if rule.get('icmp_type_code'): + rule_elem.set('icmp_type_code', rule.get('icmp_type_code')) @staticmethod def get_rules(xml): -- 2.43.0