def _update_secgrp_rule(self, context, rule_id): compute, project = self.gce_svc, self.gce_project name = self._gce_secgrp_id(rule_id) try: gce_firewall_info = gceutils.get_firewall_rule( compute, project, name) except gce_errors.HttpError: return try: core_plugin = NeutronManager.get_plugin() except AttributeError: core_plugin = directory.get_plugin() rule = core_plugin.get_security_group_rule(context, rule_id) network_link = gce_firewall_info['network'] try: gce_rule = self._convert_secgrp_rule_to_gce(rule, network_link) LOG.info("Update GCE firewall rule %s" % name) operation = gceutils.update_firewall_rule(compute, project, name, gce_rule) gceutils.wait_for_operation(compute, project, operation) except Exception as e: LOG.exception("An error occurred while updating security " "group: %s" % e) LOG.error("Deleting existing GCE firewall rule %s" % name) operation = gceutils.delete_firewall_rule(compute, project, name) gceutils.wait_for_operation(compute, project, operation)
def delete_subnet_postcommit(self, context): compute, project, region = self.gce_svc, self.gce_project, self.gce_region cidr = context.current['cidr'] if self.is_private_network(cidr): name = self._gce_subnet_name(context) operation = gceutils.delete_subnet(compute, project, region, name) gceutils.wait_for_operation(compute, project, operation) LOG.info( _LI("Deleted subnet %s in region %s on GCE") % (name, region))
def _delete_secgrp_rule(self, context, rule_id): name = self._gce_secgrp_id(rule_id) compute, project = self.gce_svc, self.gce_project try: LOG.warn("Delete existing GCE firewall rule %s," "as firewall rule update not GCE compatible." % name) operation = gceutils.delete_firewall_rule(compute, project, name) gceutils.wait_for_operation(compute, project, operation) except gce_errors.HttpError: pass
def create_subnet_postcommit(self, context): compute, project, region = self.gce_svc, self.gce_project, self.gce_region network_name = self._gce_subnet_network_name(context) name = self._gce_subnet_name(context) cidr = context.current['cidr'] if self.is_private_network(cidr): network = gceutils.get_network(compute, project, network_name) network_link = network['selfLink'] operation = gceutils.create_subnet(compute, project, region, name, cidr, network_link) gceutils.wait_for_operation(compute, project, operation) LOG.info( _LI("Created subnet %s in region %s on GCE") % (name, region))
def _create_secgrp_rule(self, context, rule, network_link): compute, project = self.gce_svc, self.gce_project try: gce_rule = self._convert_secgrp_rule_to_gce(rule, network_link) except SecurityGroupInvalidDirection: LOG.warn("Egress rules are not supported on GCE.") return except Exception as e: LOG.exception( "An error occurred while creating security group: %s" % e) raise e LOG.info("Create GCE firewall rule %s" % gce_rule) operation = gceutils.create_firewall_rule(compute, project, gce_rule) gceutils.wait_for_operation(compute, project, operation)
def create_network_postcommit(self, context): compute, project = self.gce_svc, self.gce_project name = self._gce_network_name(context) operation = gceutils.create_network(compute, project, name) gceutils.wait_for_operation(compute, project, operation) LOG.info('Created network on GCE %s' % name)