def _create_security_group(context, group_name, group_description,
vpc_id=None, default=False):
neutron = clients.neutron(context)
with common.OnCrashCleaner() as cleaner:
try:
secgroup_body = (
{'security_group': {'name': group_name,
'description': group_description}})
os_security_group = neutron.create_security_group(
secgroup_body)['security_group']
except neutron_exception.OverQuotaClient:
raise exception.ResourceLimitExceeded(resource='security groups')
cleaner.addCleanup(neutron.delete_security_group,
os_security_group['id'])
if vpc_id:
# NOTE(Alex) Check if such vpc exists
ec2utils.get_db_item(context, vpc_id)
item = {'vpc_id': vpc_id, 'os_id': os_security_group['id']}
if not default:
security_group = db_api.add_item(context, 'sg', item)
else:
item['id'] = ec2utils.change_ec2_id_kind(vpc_id, 'sg')
# NOTE(andrey-mp): try to add item with specific id
# and catch exception if it exists
security_group = db_api.restore_item(context, 'sg', item)
return {'return': 'true',
'groupId': security_group['id']}
def _create_security_group(context,
group_name,
group_description,
vpc_id=None,
default=False):
nova = clients.nova(context)
with common.OnCrashCleaner() as cleaner:
try:
os_security_group = nova.security_groups.create(
group_name, group_description)
except nova_exception.OverLimit:
raise exception.ResourceLimitExceeded(resource='security groups')
cleaner.addCleanup(nova.security_groups.delete, os_security_group.id)
if vpc_id:
# NOTE(Alex) Check if such vpc exists
ec2utils.get_db_item(context, vpc_id)
item = {'vpc_id': vpc_id, 'os_id': os_security_group.id}
if not default:
security_group = db_api.add_item(context, 'sg', item)
else:
item['id'] = ec2utils.change_ec2_id_kind(vpc_id, 'sg')
# NOTE(andrey-mp): try to add item with specific id
# and catch exception if it exists
security_group = db_api.restore_item(context, 'sg', item)
return {'return': 'true', 'groupId': security_group['id']}
def create_security_group(context, group_name, group_description, vpc_id=None):
nova = clients.nova(context)
if vpc_id and group_name != vpc_id:
security_groups = describe_security_groups(context,
filter=[{
'name': 'vpc-id',
'value': [vpc_id]
}, {
'name':
'group-name',
'value': [group_name]
}])['securityGroupInfo']
if security_groups:
raise exception.InvalidGroupDuplicate(name=group_name)
with common.OnCrashCleaner() as cleaner:
try:
# TODO(Alex): Shouldn't allow creation of groups with existing
# name if in the same VPC or in EC2-Classic.
os_security_group = nova.security_groups.create(
group_name, group_description)
except nova_exception.OverLimit:
raise exception.ResourceLimitExceeded(resource='security groups')
cleaner.addCleanup(nova.security_groups.delete, os_security_group.id)
if vpc_id:
# NOTE(Alex) Check if such vpc exists
ec2utils.get_db_item(context, vpc_id)
security_group = db_api.add_item(context, 'sg', {
'vpc_id': vpc_id,
'os_id': os_security_group.id
})
return {'return': 'true', 'groupId': security_group['id']}
return {'return': 'true'}
def create_key_pair(context, key_name):
_validate_name(key_name)
nova = clients.nova(context)
try:
key_pair = nova.keypairs.create(key_name)
except nova_exception.OverLimit:
raise exception.ResourceLimitExceeded(resource='keypairs')
except nova_exception.Conflict:
raise exception.InvalidKeyPairDuplicate(key_name=key_name)
formatted_key_pair = _format_key_pair(key_pair)
formatted_key_pair['keyMaterial'] = key_pair.private_key
return formatted_key_pair
def import_key_pair(context, key_name, public_key_material):
_validate_name(key_name)
if not public_key_material:
raise exception.MissingParameter(
_('The request must contain the parameter PublicKeyMaterial'))
nova = clients.nova(context)
public_key = base64.b64decode(public_key_material).decode("utf-8")
try:
key_pair = nova.keypairs.create(key_name, public_key)
except nova_exception.OverLimit:
raise exception.ResourceLimitExceeded(resource='keypairs')
except nova_exception.Conflict:
raise exception.InvalidKeyPairDuplicate(key_name=key_name)
return _format_key_pair(key_pair)
def _create_security_group(context,
group_name,
group_description,
vpc_id=None):
nova = clients.nova(context)
with common.OnCrashCleaner() as cleaner:
try:
os_security_group = nova.security_groups.create(
group_name, group_description)
except nova_exception.OverLimit:
raise exception.ResourceLimitExceeded(resource='security groups')
cleaner.addCleanup(nova.security_groups.delete, os_security_group.id)
if vpc_id:
# NOTE(Alex) Check if such vpc exists
ec2utils.get_db_item(context, vpc_id)
security_group = db_api.add_item(context, 'sg', {
'vpc_id': vpc_id,
'os_id': os_security_group.id
})
return {'return': 'true', 'groupId': security_group['id']}
