Esempio n. 1
0
    def create(self, req, body):
        """Creates a new security group."""
        context = req.environ['engine.context']
        if not body:
            raise exc.HTTPUnprocessableEntity()

        security_group = body.get('security_group', None)

        if security_group is None:
            raise exc.HTTPUnprocessableEntity()

        group_name = security_group.get('name', None)
        group_description = security_group.get('description', None)

        self._validate_security_group_property(group_name, "name")
        self._validate_security_group_property(group_description,
                                               "description")
        group_name = group_name.strip()
        group_description = group_description.strip()

        LOG.audit(_("Create Security Group %s"), group_name, context=context)
        self.compute_api.ensure_default_security_group(context)
        if db.security_group_exists(context, context.project_id, group_name):
            msg = _('Security group %s already exists') % group_name
            raise exc.HTTPBadRequest(explanation=msg)

        group = {'user_id': context.user_id,
                 'project_id': context.project_id,
                 'name': group_name,
                 'description': group_description}
        group_ref = db.security_group_create(context, group)

        return {'security_group': self._format_security_group(context,
                                                                 group_ref)}
Esempio n. 2
0
    def create(self, req, body):
        context = req.environ["engine.context"]
        self.compute_api.ensure_default_security_group(context)
        name = body["security_group"].get("name")
        description = body["security_group"].get("description")
        if db.security_group_exists(context, context.project_id, name):
            raise exception.ApiError(_("group %s already exists") % name)

        group = {"user_id": context.user_id, "project_id": context.project_id, "name": name, "description": description}
        group_ref = db.security_group_create(context, group)

        return {"security_group": self._format_security_group(context, group_ref)}
Esempio n. 3
0
    def create(self, req, body):
        context = req.environ['engine.context']
        self.compute_api.ensure_default_security_group(context)
        name = body['security_group'].get('name')
        description = body['security_group'].get('description')
        if db.security_group_exists(context, context.project_id, name):
            raise exception.ApiError(_('group %s already exists') % name)

        group = {
            'user_id': context.user_id,
            'project_id': context.project_id,
            'name': name,
            'description': description
        }
        group_ref = db.security_group_create(context, group)

        return {
            'security_group': self._format_security_group(context, group_ref)
        }
Esempio n. 4
0
 def setup_security_group(self, context):
     group_name = '%s%s' % (context.project_id, FLAGS.vpn_key_suffix)
     if db.security_group_exists(context, context.project_id, group_name):
         return group_name
     group = {'user_id': context.user_id,
              'project_id': context.project_id,
              'name': group_name,
              'description': 'Group for vpn'}
     group_ref = db.security_group_create(context, group)
     rule = {'parent_group_id': group_ref['id'],
             'cidr': '0.0.0.0/0',
             'protocol': 'udp',
             'from_port': 1194,
             'to_port': 1194}
     db.security_group_rule_create(context, rule)
     rule = {'parent_group_id': group_ref['id'],
             'cidr': '0.0.0.0/0',
             'protocol': 'icmp',
             'from_port': -1,
             'to_port': -1}
     db.security_group_rule_create(context, rule)
     # NOTE(vish): No need to trigger the group since the instance
     #             has not been run yet.
     return group_name