def _update_secgrp_rule(self, context, rule_id): compute, project = self.gce_svc, self.gce_project name = self._gce_secgrp_id(rule_id) try: gce_firewall_info = gceutils.get_firewall_rule( compute, project, name) except gce_errors.HttpError: return try: core_plugin = NeutronManager.get_plugin() except AttributeError: core_plugin = directory.get_plugin() rule = core_plugin.get_security_group_rule(context, rule_id) network_link = gce_firewall_info['network'] try: gce_rule = self._convert_secgrp_rule_to_gce(rule, network_link) LOG.info("Update GCE firewall rule %s" % name) operation = gceutils.update_firewall_rule(compute, project, name, gce_rule) gceutils.wait_for_operation(compute, project, operation) except Exception as e: LOG.exception("An error occurred while updating security " "group: %s" % e) LOG.error("Deleting existing GCE firewall rule %s" % name) operation = gceutils.delete_firewall_rule(compute, project, name) gceutils.wait_for_operation(compute, project, operation)
def _delete_secgrp_rule(self, context, rule_id): name = self._gce_secgrp_id(rule_id) compute, project = self.gce_svc, self.gce_project try: LOG.warn("Delete existing GCE firewall rule %s," "as firewall rule update not GCE compatible." % name) operation = gceutils.delete_firewall_rule(compute, project, name) gceutils.wait_for_operation(compute, project, operation) except gce_errors.HttpError: pass