Ejemplo n.º 1
0
def security_group_delete_task(firewall):
    rc = create_rc_by_security(firewall)
    start = datetime.datetime.now()
    try:
        LOG.info(u"Firewall delete task start, [%s].", firewall)
        network.security_group_delete(rc, firewall.firewall_id)
    except Exception:
        end = datetime.datetime.now()
        LOG.exception(u"Firewall delete api call failed, [%s], "
                      "apply [%s] seconds.",
                      firewall, (end - start).seconds)
        return False
    else: 
        for rule in firewall.firewallrules_set.all():
            rule.firewall_rules_id = None
            rule.deleted = True
            rule.delete()
        firewall.firewall_id = None
        firewall.deleted = True
        firewall.save()
       
        end = datetime.datetime.now()
        LOG.info(u"Firewall delete task succeed, [%s], "
                 "apply [%s] seconds.",
                 firewall, (end - start).seconds)


        return True
Ejemplo n.º 2
0
def security_group_rule_create_task(firewall_rule=None):
    assert firewall_rule
    rc = create_rc_by_security(firewall_rule)
    start = datetime.datetime.now()
    try:
        LOG.info(u"Firewall rule create task start, [%s].", firewall_rule)
        rule = network.security_group_rule_create(rc,
                            parent_group_id=firewall_rule.firewall.firewall_id,
                            direction=firewall_rule.direction,
                            ethertype=firewall_rule.ether_type,
                            ip_protocol=firewall_rule.protocol,
                            from_port=firewall_rule.port_range_min,
                            to_port=firewall_rule.port_range_max,
                            cidr=firewall_rule.remote_ip_prefix,
                            group_id=firewall_rule.remote_group_id)
    except Exception as e:
        firewall_rule.delete()
        end = datetime.datetime.now()
        LOG.exception(u"Firewall rule create api call failed, [%s], "
                       "apply [%s] seconds.",
                        firewall_rule, (end-start).seconds)
        return False
    else:
        firewall_rule.firewall_rules_id = rule.id
        firewall_rule.save()
        end = datetime.datetime.now()
        LOG.info(u"Firewall rule create task succeed, [%s], "
                       "apply [%s] seconds.",
                        firewall_rule, (end-start).seconds)
        return True
Ejemplo n.º 3
0
def security_group_create_task(firewall=None):
    if not firewall:
        return
    rc = create_rc_by_security(firewall)
    security_group = network.security_group_create(rc, firewall.name, firewall.desc)
    firewall.firewall_id = security_group.id
    firewall.save()
Ejemplo n.º 4
0
def security_group_create_task(firewall=None):
    if not firewall:
        return
    rc = create_rc_by_security(firewall)
    security_group = network.security_group_create(rc, firewall.name,
                                                   firewall.desc)
    firewall.firewall_id = security_group.id
    firewall.save()
Ejemplo n.º 5
0
def server_update_security_groups_task(instance, firewall=None):
    if not firewall:
        return
    rc = create_rc_by_security(firewall)
    try:
        LOG.info("Update server security group ,server_id[%s],security_group[%s]" % (instance.uuid, firewall.firewall_id))
        network.server_update_security_groups(rc, instance.uuid, [firewall.firewall_id])
    except Exception as e:
        LOG.error("Update server security group error, msg: %s" % e)
        raise e
Ejemplo n.º 6
0
def security_group_rule_delete_task(firewall_rule=None):
    if not firewall_rule:
        return

    rc = create_rc_by_security(firewall_rule)
    try:
        network.security_group_rule_delete(rc, firewall_rule.firewall_rules_id)
        firewall_rule.firewall_rules_id = ''
        firewall_rule.deleted = True
        firewall_rule.save()
    except Exception as e:
        LOG.info("Delete firewall rule error %s" % e)
        raise e
Ejemplo n.º 7
0
def server_update_security_groups_task(instance, firewall=None):
    if not firewall:
        return
    rc = create_rc_by_security(firewall)
    try:
        LOG.info(
            "Update server security group ,server_id[%s],security_group[%s]" %
            (instance.uuid, firewall.firewall_id))
        network.server_update_security_groups(rc, instance.uuid,
                                              [firewall.firewall_id])
    except Exception as e:
        LOG.error("Update server security group error, msg: %s" % e)
        raise e
Ejemplo n.º 8
0
def security_group_rule_delete_task(firewall_rule=None):
    if not firewall_rule:
        return

    rc = create_rc_by_security(firewall_rule)
    try:
        network.security_group_rule_delete(rc, firewall_rule.firewall_rules_id)
        firewall_rule.firewall_rules_id = ''
        firewall_rule.deleted = True
        firewall_rule.save()
    except Exception as e:
        LOG.info("Delete firewall rule error %s" % e)
        raise e
Ejemplo n.º 9
0
def security_group_rule_create_task(firewall_rule=None):
    if not firewall_rule:
        return
    rc = create_rc_by_security(firewall_rule)

    try:
        rule = network.security_group_rule_create(rc, parent_group_id=firewall_rule.firewall.firewall_id,
                                           direction=firewall_rule.direction,
                                           ethertype=firewall_rule.ether_type,
                                           ip_protocol=firewall_rule.protocol,
                                           from_port=firewall_rule.port_range_min,
                                           to_port=firewall_rule.port_range_max,
                                           cidr=firewall_rule.remote_ip_prefix,
                                           group_id=firewall_rule.remote_group_id)
        firewall_rule.firewall_rules_id = rule.id
        firewall_rule.save()
    except Exception as e:
        firewall_rule.delete()
        raise e
Ejemplo n.º 10
0
def security_group_delete_task(firewall=None):
    if not firewall:
        return
    rc = create_rc_by_security(firewall)
    try:
        security_group = network.security_group_delete(rc, firewall.firewall_id)
        firewall.firewall_id = ""
        firewall.deleted = True
        firewall.save()
        firewall_rule_set = FirewallRules.objects.filter(firewall=firewall.id)
        if not firewall_rule_set:
            return
        for rule in firewall_rule_set:
            rule.firewall_rules_id = ''
            rule.deleted = True
            rule.save()
    except Exception as e:
        LOG.error("Firewall delete error, msg: %s" % e)
        raise e
Ejemplo n.º 11
0
def security_group_create_task(firewall):
    assert firewall
    rc = create_rc_by_security(firewall)
    start = datetime.datetime.now()
    try:
        LOG.info(u"Firewall create task start, [%s]." % firewall)
        security_group = network.security_group_create(rc,
                                firewall.name, firewall.desc)
    except Exception as ex:
        end = datetime.datetime.now()
        LOG.exception(u"Firewall create api call failed, [%s], "
                    "apply [%s] seconds." % (firewall, (end-start).seconds))
        return False
    else:
        end = datetime.datetime.now()
        LOG.info(u"Firewall create task succeed, [%s], "
                    "apply [%s] seconds." % (firewall, (end-start).seconds))
        firewall.firewall_id = security_group.id
        firewall.save()
        return True
Ejemplo n.º 12
0
def security_group_delete_task(firewall=None):
    if not firewall:
        return
    rc = create_rc_by_security(firewall)
    try:
        security_group = network.security_group_delete(rc,
                                                       firewall.firewall_id)
        firewall.firewall_id = ""
        firewall.deleted = True
        firewall.save()
        firewall_rule_set = FirewallRules.objects.filter(firewall=firewall.id)
        if not firewall_rule_set:
            return
        for rule in firewall_rule_set:
            rule.firewall_rules_id = ''
            rule.deleted = True
            rule.save()
    except Exception as e:
        LOG.error("Firewall delete error, msg: %s" % e)
        raise e
Ejemplo n.º 13
0
def security_group_rule_create_task(firewall_rule=None):
    if not firewall_rule:
        return
    rc = create_rc_by_security(firewall_rule)

    try:
        rule = network.security_group_rule_create(
            rc,
            parent_group_id=firewall_rule.firewall.firewall_id,
            direction=firewall_rule.direction,
            ethertype=firewall_rule.ether_type,
            ip_protocol=firewall_rule.protocol,
            from_port=firewall_rule.port_range_min,
            to_port=firewall_rule.port_range_max,
            cidr=firewall_rule.remote_ip_prefix,
            group_id=firewall_rule.remote_group_id)
        firewall_rule.firewall_rules_id = rule.id
        firewall_rule.save()
    except Exception as e:
        firewall_rule.delete()
        raise e
Ejemplo n.º 14
0
def server_update_security_groups_task(instance, firewall=None):
    assert firewall
    rc = create_rc_by_security(firewall)
    start = datetime.datetime.now()
    try:
        LOG.info(u"Instance change firewall task start, [%s][%s]." % (
                                    instance, firewall))
        network.server_update_security_groups(rc, instance.uuid, [firewall.firewall_id])
    except Exception as e:
        end = datetime.datetime.now()
        LOG.exception(u"Instance change firewall api call failed, "
                    "[%s][%s], apply [%s] seconds." % (
                    instance, firewall, (end-start).seconds))
        return False
    else:
        end = datetime.datetime.now()
        LOG.info(u"Instance change firewall task succeed, [%s][%s], "
                 "apply [%s] seconds." % (
                    instance, firewall, (end-start).seconds))
        instance.firewall_group = firewall
        instance.save()
        return True
Ejemplo n.º 15
0
def security_group_rule_delete_task(firewall_rule):
    assert firewall_rule
    rc = create_rc_by_security(firewall_rule)
    start = datetime.datetime.now()
    try:
        LOG.info(u"Firewall rule delete task start, [%s].", firewall_rule)
        if firewall_rule.firewall_rules_id:
            network.security_group_rule_delete(rc,
                        firewall_rule.firewall_rules_id)
    except Exception as e:
        end = datetime.datetime.now()
        LOG.exception(u"Firewall rule delete api call failed, [%s], "
                      "apply [%s] seconds.",
                      firewall_rule, (end-start).seconds)
        return False
    else:
        firewall_rule.delete()
        end = datetime.datetime.now()
        LOG.info(u"Firewall rule delete task succeed, [%s], "
                      "apply [%s] seconds.",
                      firewall_rule, (end-start).seconds)
        return True