def delete_secgroup(cls, label, cloud, tenant):
try:
# Find the secgroup from the cloud
nova_client = CloudProvider.set(cloud)
sec_group = nova_client.security_groups.find(name=label)
if not sec_group:
return None
# delete the secgroup in the cloud
nova_client.security_groups.delete(sec_group)
# perform local db deletion
sec_group = cls.get(label, tenant, cloud)
if sec_group:
# Delete all rules for group
cls.delete_all_rules(sec_group)
cls.cm_db.delete(sec_group)
return "Security Group [{}] for cloud [{}], & tenant [{}] deleted".format(label, cloud, tenant)
else:
return None
except Exception as ex:
Console.error(ex.message, ex)
return
def list(cls, project, cloud="general"):
"""
This method queries the database to fetch list of secgroups
filtered by cloud, tenant.
:param project:
:param cloud:
:return:
"""
# noinspection PyUnreachableCode
try:
"""
elements = cls.cm_db.query(model.SECGROUP).filter(
model.SECGROUP.cloud == cloud,
model.SECGROUP.project == project
).all()
d = cls.toDict(elements)
"""
nova_client = CloudProvider.set(cloud)
os_result = nova_client.security_groups.list()
d = SecGroup.convert_list_to_dict(os_result)
return dict_printer(d, order=["Id", "Name", "Description"], output="table")
except Exception as ex:
Console.error(ex.message, ex)
def add_rule(cls, secgroup, from_port, to_port, protocol, cidr):
try:
# Get the nova client object
nova_client = CloudProvider.set(secgroup.cloud)
# Create add secgroup rules to the cloud
rule_id = nova_client.security_group_rules.create(
secgroup.uuid, ip_protocol=protocol, from_port=from_port, to_port=to_port, cidr=cidr
)
"""
ruleObj = model.SECGROUPRULE(
uuid=str(rule_id),
name=secgroup.name,
groupid=secgroup.uuid,
cloud=secgroup.cloud,
user=secgroup.user,
project=secgroup.project,
fromPort=from_port,
toPort=to_port,
protocol=protocol,
cidr=cidr
)
cls.cm_db.add(ruleObj)
"""
ruleObj = cls.cm_db.db_obj_dict(
"secgrouprule",
uuid=str(rule_id),
name=secgroup.name,
groupid=secgroup.uuid,
cloud=secgroup.cloud,
user=secgroup.user,
project=secgroup.project,
fromPort=from_port,
toPort=to_port,
protocol=protocol,
cidr=cidr,
)
cls.cm_db.add_obj(ruleObj)
cls.cm_db.save()
Console.ok(
"Added rule [{} | {} | {} | {}] to secgroup [{}]".format(
from_port, to_port, protocol, cidr, secgroup.name
)
)
except Exception as ex:
Console.error(ex.message, ex)
return
def create(cls, label, cloudname=None, tenant=None):
"""
Method creates a new security group in database
& returns the uuid of the created group
:param label:
:param cloudname:
:param tenant:
:return:
"""
# Get user from cloudmesh.yaml
user = cls.getUser(cloudname)
uuid = None
if not cls.get(label, tenant, cloudname):
# Create the security group in OS cloud
try:
nova_client = CloudProvider.set(cloudname)
secgroup = nova_client.security_groups.create(name=label, description="Security group {}".format(label))
if secgroup:
uuid = secgroup.id
else:
print("Failed to create security group, {}".format(secgroup))
return None
except Exception, e:
print("Exception creating security group in cloud, {}".format(e))
return None
secgroup_obj = cls.cm_db.db_obj_dict(
"secgroup", name=label, uuid=uuid, cloud=cloudname, user=user, project=tenant
)
"""
secgroup_obj = model.SECGROUP(
label,
uuid=uuid,
cloud=cloudname,
user=user,
project=tenant
)
cls.cm_db.add(secgroup_obj)
"""
cls.cm_db.add_obj(secgroup_obj)
cls.cm_db.save()
return uuid
def delete_rule(cls, secgroup, from_port, to_port, protocol, cidr):
try:
args = {
"groupid": secgroup.uuid,
"fromPort": from_port,
"toPort": to_port,
"protocol": protocol,
"cidr": cidr,
}
rule = cls.cm_db.find("secgrouprule", output="object", **args).first()
"""
rule = cls.cm_db.query(model.SECGROUPRULE).filter(
model.SECGROUPRULE.groupid == secgroup.uuid,
model.SECGROUPRULE.fromPort == from_port,
model.SECGROUPRULE.toPort == to_port,
model.SECGROUPRULE.protocol == protocol,
model.SECGROUPRULE.cidr == cidr
).first()
"""
if rule is not None:
# get the nova client for cloud
nova_client = CloudProvider.set(secgroup.cloud)
# delete the rule from the cloud
nova_client.security_group_rules.delete(rule.uuid)
# delete the local db record
cls.cm_db.delete(rule)
return "Rule [{} | {} | {} | {}] deleted".format(from_port, to_port, protocol, cidr)
else:
return None
except Exception as ex:
Console.error(ex.message, ex)
return
for key in element.__dict__.keys():
if not key.startswith("_sa"):
d[element.id][key] = str(element.__dict__[key])
# Form dict without iterating
else:
d[item.id] = {}
for key in item.__dict__.keys():
if not key.startswith("_sa"):
d[item.id][key] = str(item.__dict__[key])
# return the dict
return d
if __name__ == "__main__":
nova = CloudProvider.set("india")
# groups = nova.security_groups.list()
# print(groups)
# print("\n\n")
# d = SecGroup.convert_list_to_dict(groups)
# print(d)
# security_group = nova.security_groups.create(name="oct17_secgroup", description="Created by Gourav")
print("Created sec group\n")
# rule = nova.security_group_rules.create(security_group.id, ip_protocol="icmp",
# from_port=-1, to_port=-1, cidr="0.0.0.0/0")
print("Created sec group rules\n")
# print(rule)
for key in element.__dict__.keys():
if not key.startswith("_sa"):
d[element.id][key] = str(element.__dict__[key])
# Form dict without iterating
else:
d[item.id] = {}
for key in item.__dict__.keys():
if not key.startswith("_sa"):
d[item.id][key] = str(item.__dict__[key])
# return the dict
return d
if __name__ == '__main__':
nova = CloudProvider.set("kilo")
# groups = nova.security_groups.list()
# print(groups)
# print("\n\n")
# d = SecGroup.convert_list_to_dict(groups)
# print(d)
# security_group = nova.security_groups.create(name="oct17_secgroup", description="Created by Gourav")
print("Created sec group\n")
# rule = nova.security_group_rules.create(security_group.id, ip_protocol="icmp",
# from_port=-1, to_port=-1, cidr="0.0.0.0/0")
print("Created sec group rules\n")
# print(rule)
output='dict')
ruleid = None
for rule in rules:
if 'cidr' in rule['ip_range']:
if (db_rule["fromPort"] == str(rule['from_port']) and
db_rule["toPort"] == str(rule['to_port']) and
db_rule["protocol"] == rule['ip_protocol'] and
db_rule["cidr"] == rule['ip_range']['cidr']
):
ruleid = rule['id'] #uuid for the rule
return ruleid
if __name__ == '__main__':
nova = CloudProvider.set("kilo")
# groups = nova.security_groups.list()
# print(groups)
# print("\n\n")
# d = SecGroup.convert_list_to_dict(groups)
# print(d)
# security_group = nova.security_groups.create(name="oct17_secgroup", description="Created by Gourav")
print("Created sec group\n")
# rule = nova.security_group_rules.create(security_group.id, ip_protocol="icmp",
# from_port=-1, to_port=-1, cidr="0.0.0.0/0")
print("Created sec group rules\n")
# print(rule)
