def security_group_delete_task(firewall): rc = create_rc_by_security(firewall) start = datetime.datetime.now() try: LOG.info(u"Firewall delete task start, [%s].", firewall) network.security_group_delete(rc, firewall.firewall_id) except Exception: end = datetime.datetime.now() LOG.exception(u"Firewall delete api call failed, [%s], " "apply [%s] seconds.", firewall, (end - start).seconds) return False else: for rule in firewall.firewallrules_set.all(): rule.firewall_rules_id = None rule.deleted = True rule.delete() firewall.firewall_id = None firewall.deleted = True firewall.save() end = datetime.datetime.now() LOG.info(u"Firewall delete task succeed, [%s], " "apply [%s] seconds.", firewall, (end - start).seconds) return True
def security_group_rule_create_task(firewall_rule=None): assert firewall_rule rc = create_rc_by_security(firewall_rule) start = datetime.datetime.now() try: LOG.info(u"Firewall rule create task start, [%s].", firewall_rule) rule = network.security_group_rule_create(rc, parent_group_id=firewall_rule.firewall.firewall_id, direction=firewall_rule.direction, ethertype=firewall_rule.ether_type, ip_protocol=firewall_rule.protocol, from_port=firewall_rule.port_range_min, to_port=firewall_rule.port_range_max, cidr=firewall_rule.remote_ip_prefix, group_id=firewall_rule.remote_group_id) except Exception as e: firewall_rule.delete() end = datetime.datetime.now() LOG.exception(u"Firewall rule create api call failed, [%s], " "apply [%s] seconds.", firewall_rule, (end-start).seconds) return False else: firewall_rule.firewall_rules_id = rule.id firewall_rule.save() end = datetime.datetime.now() LOG.info(u"Firewall rule create task succeed, [%s], " "apply [%s] seconds.", firewall_rule, (end-start).seconds) return True
def security_group_create_task(firewall=None): if not firewall: return rc = create_rc_by_security(firewall) security_group = network.security_group_create(rc, firewall.name, firewall.desc) firewall.firewall_id = security_group.id firewall.save()
def server_update_security_groups_task(instance, firewall=None): if not firewall: return rc = create_rc_by_security(firewall) try: LOG.info("Update server security group ,server_id[%s],security_group[%s]" % (instance.uuid, firewall.firewall_id)) network.server_update_security_groups(rc, instance.uuid, [firewall.firewall_id]) except Exception as e: LOG.error("Update server security group error, msg: %s" % e) raise e
def security_group_rule_delete_task(firewall_rule=None): if not firewall_rule: return rc = create_rc_by_security(firewall_rule) try: network.security_group_rule_delete(rc, firewall_rule.firewall_rules_id) firewall_rule.firewall_rules_id = '' firewall_rule.deleted = True firewall_rule.save() except Exception as e: LOG.info("Delete firewall rule error %s" % e) raise e
def server_update_security_groups_task(instance, firewall=None): if not firewall: return rc = create_rc_by_security(firewall) try: LOG.info( "Update server security group ,server_id[%s],security_group[%s]" % (instance.uuid, firewall.firewall_id)) network.server_update_security_groups(rc, instance.uuid, [firewall.firewall_id]) except Exception as e: LOG.error("Update server security group error, msg: %s" % e) raise e
def security_group_rule_create_task(firewall_rule=None): if not firewall_rule: return rc = create_rc_by_security(firewall_rule) try: rule = network.security_group_rule_create(rc, parent_group_id=firewall_rule.firewall.firewall_id, direction=firewall_rule.direction, ethertype=firewall_rule.ether_type, ip_protocol=firewall_rule.protocol, from_port=firewall_rule.port_range_min, to_port=firewall_rule.port_range_max, cidr=firewall_rule.remote_ip_prefix, group_id=firewall_rule.remote_group_id) firewall_rule.firewall_rules_id = rule.id firewall_rule.save() except Exception as e: firewall_rule.delete() raise e
def security_group_delete_task(firewall=None): if not firewall: return rc = create_rc_by_security(firewall) try: security_group = network.security_group_delete(rc, firewall.firewall_id) firewall.firewall_id = "" firewall.deleted = True firewall.save() firewall_rule_set = FirewallRules.objects.filter(firewall=firewall.id) if not firewall_rule_set: return for rule in firewall_rule_set: rule.firewall_rules_id = '' rule.deleted = True rule.save() except Exception as e: LOG.error("Firewall delete error, msg: %s" % e) raise e
def security_group_create_task(firewall): assert firewall rc = create_rc_by_security(firewall) start = datetime.datetime.now() try: LOG.info(u"Firewall create task start, [%s]." % firewall) security_group = network.security_group_create(rc, firewall.name, firewall.desc) except Exception as ex: end = datetime.datetime.now() LOG.exception(u"Firewall create api call failed, [%s], " "apply [%s] seconds." % (firewall, (end-start).seconds)) return False else: end = datetime.datetime.now() LOG.info(u"Firewall create task succeed, [%s], " "apply [%s] seconds." % (firewall, (end-start).seconds)) firewall.firewall_id = security_group.id firewall.save() return True
def security_group_rule_create_task(firewall_rule=None): if not firewall_rule: return rc = create_rc_by_security(firewall_rule) try: rule = network.security_group_rule_create( rc, parent_group_id=firewall_rule.firewall.firewall_id, direction=firewall_rule.direction, ethertype=firewall_rule.ether_type, ip_protocol=firewall_rule.protocol, from_port=firewall_rule.port_range_min, to_port=firewall_rule.port_range_max, cidr=firewall_rule.remote_ip_prefix, group_id=firewall_rule.remote_group_id) firewall_rule.firewall_rules_id = rule.id firewall_rule.save() except Exception as e: firewall_rule.delete() raise e
def server_update_security_groups_task(instance, firewall=None): assert firewall rc = create_rc_by_security(firewall) start = datetime.datetime.now() try: LOG.info(u"Instance change firewall task start, [%s][%s]." % ( instance, firewall)) network.server_update_security_groups(rc, instance.uuid, [firewall.firewall_id]) except Exception as e: end = datetime.datetime.now() LOG.exception(u"Instance change firewall api call failed, " "[%s][%s], apply [%s] seconds." % ( instance, firewall, (end-start).seconds)) return False else: end = datetime.datetime.now() LOG.info(u"Instance change firewall task succeed, [%s][%s], " "apply [%s] seconds." % ( instance, firewall, (end-start).seconds)) instance.firewall_group = firewall instance.save() return True
def security_group_rule_delete_task(firewall_rule): assert firewall_rule rc = create_rc_by_security(firewall_rule) start = datetime.datetime.now() try: LOG.info(u"Firewall rule delete task start, [%s].", firewall_rule) if firewall_rule.firewall_rules_id: network.security_group_rule_delete(rc, firewall_rule.firewall_rules_id) except Exception as e: end = datetime.datetime.now() LOG.exception(u"Firewall rule delete api call failed, [%s], " "apply [%s] seconds.", firewall_rule, (end-start).seconds) return False else: firewall_rule.delete() end = datetime.datetime.now() LOG.info(u"Firewall rule delete task succeed, [%s], " "apply [%s] seconds.", firewall_rule, (end-start).seconds) return True