def create(self, req, body):
"""Creates a new security group."""
context = req.environ['engine.context']
if not body:
raise exc.HTTPUnprocessableEntity()
security_group = body.get('security_group', None)
if security_group is None:
raise exc.HTTPUnprocessableEntity()
group_name = security_group.get('name', None)
group_description = security_group.get('description', None)
self._validate_security_group_property(group_name, "name")
self._validate_security_group_property(group_description,
"description")
group_name = group_name.strip()
group_description = group_description.strip()
LOG.audit(_("Create Security Group %s"), group_name, context=context)
self.compute_api.ensure_default_security_group(context)
if db.security_group_exists(context, context.project_id, group_name):
msg = _('Security group %s already exists') % group_name
raise exc.HTTPBadRequest(explanation=msg)
group = {'user_id': context.user_id,
'project_id': context.project_id,
'name': group_name,
'description': group_description}
group_ref = db.security_group_create(context, group)
return {'security_group': self._format_security_group(context,
group_ref)}
def create(self, req, body):
context = req.environ["engine.context"]
self.compute_api.ensure_default_security_group(context)
name = body["security_group"].get("name")
description = body["security_group"].get("description")
if db.security_group_exists(context, context.project_id, name):
raise exception.ApiError(_("group %s already exists") % name)
group = {"user_id": context.user_id, "project_id": context.project_id, "name": name, "description": description}
group_ref = db.security_group_create(context, group)
return {"security_group": self._format_security_group(context, group_ref)}
def create(self, req, body):
context = req.environ['engine.context']
self.compute_api.ensure_default_security_group(context)
name = body['security_group'].get('name')
description = body['security_group'].get('description')
if db.security_group_exists(context, context.project_id, name):
raise exception.ApiError(_('group %s already exists') % name)
group = {
'user_id': context.user_id,
'project_id': context.project_id,
'name': name,
'description': description
}
group_ref = db.security_group_create(context, group)
return {
'security_group': self._format_security_group(context, group_ref)
}
def setup_security_group(self, context):
group_name = '%s%s' % (context.project_id, FLAGS.vpn_key_suffix)
if db.security_group_exists(context, context.project_id, group_name):
return group_name
group = {'user_id': context.user_id,
'project_id': context.project_id,
'name': group_name,
'description': 'Group for vpn'}
group_ref = db.security_group_create(context, group)
rule = {'parent_group_id': group_ref['id'],
'cidr': '0.0.0.0/0',
'protocol': 'udp',
'from_port': 1194,
'to_port': 1194}
db.security_group_rule_create(context, rule)
rule = {'parent_group_id': group_ref['id'],
'cidr': '0.0.0.0/0',
'protocol': 'icmp',
'from_port': -1,
'to_port': -1}
db.security_group_rule_create(context, rule)
# NOTE(vish): No need to trigger the group since the instance
# has not been run yet.
return group_name