def check_and_repair_default_groups(self, os_groups, db_groups):
vpcs = ec2utils.get_db_items(self.context, 'vpc', None)
os_groups_dict = {g['name']: g['id'] for g in os_groups}
db_groups_dict = {g['os_id']: g['vpc_id'] for g in db_groups}
had_to_repair = False
for vpc in vpcs:
os_group = os_groups_dict.get(vpc['id'])
if os_group:
db_group = db_groups_dict.get(os_group)
if db_group and db_group == vpc['id']:
continue
had_to_repair = True
_create_default_security_group(self.context, vpc)
return had_to_repair
def modify_network_interface_attribute(context,
network_interface_id,
description=None,
source_dest_check=None,
security_group_id=None,
attachment=None):
params_count = (int(description is not None) +
int(source_dest_check is not None) +
int(security_group_id is not None) +
int(attachment is not None))
if params_count != 1:
raise exception.InvalidParameterCombination(
'Multiple attributes specified')
network_interface = ec2utils.get_db_item(context, network_interface_id)
if description is not None:
network_interface['description'] = description
db_api.update_item(context, network_interface)
neutron = clients.neutron(context)
if security_group_id is not None:
os_groups = [
sg['os_id']
for sg in ec2utils.get_db_items(context, 'sg', security_group_id)
]
neutron.update_port(network_interface['os_id'],
{'port': {
'security_groups': os_groups
}})
if source_dest_check is not None:
allowed = [] if source_dest_check else [{'ip_address': '0.0.0.0/0'}]
neutron.update_port(network_interface['os_id'],
{'port': {
'allowed_address_pairs': allowed
}})
network_interface['source_dest_check'] = source_dest_check
db_api.update_item(context, network_interface)
if attachment:
attachment_id = attachment.get('attachment_id')
delete_on_termination = attachment.get('delete_on_termination')
if attachment_id is None or delete_on_termination is None:
raise exception.MissingParameter(
_('The request must contain the parameter attachment '
'deleteOnTermination'))
attachment_id_own = ec2utils.change_ec2_id_kind(
network_interface['id'], 'eni-attach')
if ('instance_id' not in network_interface
or attachment_id_own != attachment_id):
raise exception.InvalidAttachmentIDNotFound(id=attachment_id)
network_interface['delete_on_termination'] = delete_on_termination
db_api.update_item(context, network_interface)
return True
def check_and_repair_default_groups(self, os_groups, db_groups):
vpcs = ec2utils.get_db_items(self.context, 'vpc', None)
os_groups_dict = {g['name']: g['id'] for g in os_groups}
db_groups_dict = {g['os_id']: g['vpc_id'] for g in db_groups}
had_to_repair = False
for vpc in vpcs:
os_group = os_groups_dict.get(vpc['id'])
if os_group:
db_group = db_groups_dict.get(os_group)
if db_group and db_group == vpc['id']:
continue
had_to_repair = True
_create_default_security_group(self.context, vpc)
return had_to_repair
def modify_network_interface_attribute(context, network_interface_id,
description=None,
source_dest_check=None,
security_group_id=None,
attachment=None):
params_count = (
int(description is not None) +
int(source_dest_check is not None) +
int(security_group_id is not None) +
int(attachment is not None))
if params_count != 1:
raise exception.InvalidParameterCombination(
'Multiple attributes specified')
network_interface = ec2utils.get_db_item(context, network_interface_id)
if description is not None:
network_interface['description'] = description
db_api.update_item(context, network_interface)
neutron = clients.neutron(context)
if security_group_id is not None:
os_groups = [sg['os_id']
for sg in ec2utils.get_db_items(context, 'sg',
security_group_id)]
neutron.update_port(network_interface['os_id'],
{'port': {'security_groups': os_groups}})
if source_dest_check is not None:
allowed = [] if source_dest_check else [{'ip_address': '0.0.0.0/0'}]
neutron.update_port(network_interface['os_id'],
{'port': {'allowed_address_pairs': allowed}})
network_interface['source_dest_check'] = source_dest_check
db_api.update_item(context, network_interface)
if attachment:
attachment_id = attachment.get('attachment_id')
delete_on_termination = attachment.get('delete_on_termination')
if attachment_id is None or delete_on_termination is None:
raise exception.MissingParameter(
_('The request must contain the parameter attachment '
'deleteOnTermination'))
attachment_id_own = ec2utils.change_ec2_id_kind(
network_interface['id'], 'eni-attach')
if ('instance_id' not in network_interface
or attachment_id_own != attachment_id):
raise exception.InvalidAttachmentIDNotFound(id=attachment_id)
network_interface['delete_on_termination'] = delete_on_termination
db_api.update_item(context, network_interface)
return True
def get_db_items(self):
return ec2utils.get_db_items(self.context, self.KIND, self.ids)
def check_with_filter(item_ids):
res = ec2utils.get_db_items('fake_context', 'fake', item_ids)
self.assertThat(res, matchers.ListMatches(items))
db_api.get_items_by_ids.assert_called_once_with(
'fake_context', set(item_ids))
db_api.reset_mock()
def check_with_no_filter(empty_filter):
res = ec2utils.get_db_items('fake_context', 'fake', empty_filter)
self.assertThat(res, matchers.ListMatches(items))
db_api.get_items.assert_called_once_with('fake_context', 'fake')
db_api.reset_mock()
def check_with_filter(item_ids):
res = ec2utils.get_db_items('fake_context', 'fake', item_ids)
self.assertThat(res, matchers.ListMatches(items))
db_api.get_items_by_ids.assert_called_once_with(
'fake_context', set(item_ids))
db_api.reset_mock()
def check_with_no_filter(empty_filter):
res = ec2utils.get_db_items('fake_context', 'fake', empty_filter)
self.assertThat(res, matchers.ListMatches(items))
db_api.get_items.assert_called_once_with('fake_context', 'fake')
db_api.reset_mock()
def get_db_items(self):
return ec2utils.get_db_items(self.context, self.KIND, self.ids)
