Python sync_security_group_rules Beispiele

Programmiersprache: Python

Namespace / Paketname: instance.openstack_utils

Methode / Funktion: sync_security_group_rules

Beispiele auf hotexamples.com: 2

Python sync_security_group_rules - 2 Beispiele gefunden. Dies sind die am besten bewerteten Python Beispiele für die instance.openstack_utils.sync_security_group_rules, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

Datei: test_openstack_utils.py Projekt: alanoe/opencraft

    def test_sync_security_group_rules(self, rule_definitions, existing_rules,
                                       expected_adds, expected_deletes):
        """
        Test sync_security_group_rules()
        """
        network = Mock()
        network.security_group_rules.return_value = existing_rules
        security_group = SecurityGroup.new(
            id="00000000-1234-1234-1234-000000000000")
        openstack_utils.sync_security_group_rules(security_group,
                                                  rule_definitions,
                                                  network=network)

        network.security_group_rules.assert_called_once_with(
            security_group_id=security_group.id)
        self.assertEqual(network.create_security_group_rule.call_count,
                         len(expected_adds))
        add_call_kwargs = [
            c[1] for c in network.create_security_group_rule.call_args_list
        ]
        for rule in add_call_kwargs:
            self.assertEqual(rule.pop("security_group_id"), security_group.id)
        self.assertEqual(add_call_kwargs, expected_adds)
        self.assertEqual(network.delete_security_group_rule.call_count,
                         len(expected_deletes))
        deleted_ids = [
            c[0][0].id
            for c in network.delete_security_group_rule.call_args_list
        ]
        self.assertEqual(deleted_ids, expected_deletes)

Beispiel #2

Datei anzeigen

Datei: openedx_appserver.py Projekt: sshyran/opencraft

    def check_security_groups(self):
        """
        For security reasons, every edxapp AppServer should be in a security
        group that only allows access to a few ports, like 443 and 22.

        The security group with the name specified by
        settings.OPENEDX_APPSERVER_SECURITY_GROUP_NAME is created and managed
        by this code.
        """
        self.logger.info('Checking security groups (OpenStack firewall settings)')
        network = get_openstack_connection(self.instance.openstack_region).network
        main_security_group = network.find_security_group(settings.OPENEDX_APPSERVER_SECURITY_GROUP_NAME)
        if not main_security_group:
            # We need to create this security group:
            main_security_group = network.create_security_group(name=settings.OPENEDX_APPSERVER_SECURITY_GROUP_NAME)
        description = 'Security group for Open EdX AppServers. Managed automatically by OpenCraft IM.'
        if main_security_group.description != description:
            network.update_security_group(main_security_group, description=description)

        # We manage this security group - update its rules to match the configured list of rules
        sync_security_group_rules(main_security_group, OPENEDX_APPSERVER_SECURITY_GROUP_RULES, network=network)

        # For any additional security groups, just verify that the group exists:
        groups = self.security_groups
        groups.remove(main_security_group.name) # We already checked this group
        for group_name in groups:
            if network.find_security_group(group_name) is None:
                raise Exception("Unable to find the OpenStack network security group called '{}'.".format(group_name))