Exemple #1
0
    def _update_secgrp_rule(self, context, rule_id):
        compute, project = self.gce_svc, self.gce_project
        name = self._gce_secgrp_id(rule_id)
        try:
            gce_firewall_info = gceutils.get_firewall_rule(
                compute, project, name)
        except gce_errors.HttpError:
            return

        try:
            core_plugin = NeutronManager.get_plugin()
        except AttributeError:
            core_plugin = directory.get_plugin()
        rule = core_plugin.get_security_group_rule(context, rule_id)

        network_link = gce_firewall_info['network']
        try:
            gce_rule = self._convert_secgrp_rule_to_gce(rule, network_link)
            LOG.info("Update GCE firewall rule %s" % name)
            operation = gceutils.update_firewall_rule(compute, project, name,
                                                      gce_rule)
            gceutils.wait_for_operation(compute, project, operation)
        except Exception as e:
            LOG.exception("An error occurred while updating security "
                          "group: %s" % e)
            LOG.error("Deleting existing GCE firewall rule %s" % name)
            operation = gceutils.delete_firewall_rule(compute, project, name)
            gceutils.wait_for_operation(compute, project, operation)
Exemple #2
0
 def _delete_secgrp_rule(self, context, rule_id):
     name = self._gce_secgrp_id(rule_id)
     compute, project = self.gce_svc, self.gce_project
     try:
         LOG.warn("Delete existing GCE firewall rule %s,"
                  "as firewall rule update not GCE compatible." % name)
         operation = gceutils.delete_firewall_rule(compute, project, name)
         gceutils.wait_for_operation(compute, project, operation)
     except gce_errors.HttpError:
         pass