def index(self, req, server_id):
"""Returns a list of security groups for the given instance."""
context = _authorize_context(req)
instance = common.get_instance(self.compute_api, context, server_id)
try:
groups = security_group_api.get_instance_security_groups(
context, instance, True)
except (exception.SecurityGroupNotFound,
exception.InstanceNotFound) as exp:
msg = exp.format_message()
raise exc.HTTPNotFound(explanation=msg)
# Optimize performance here by loading up the group_rule_data per
# rule['group_id'] ahead of time so we're not doing redundant
# security group lookups for each rule.
group_rule_data_by_rule_group_id = (
self._get_group_rule_data_by_rule_group_id(context, groups))
result = [self._format_security_group(context, group,
group_rule_data_by_rule_group_id)
for group in groups]
return {'security_groups':
list(sorted(result,
key=lambda k: (k['tenant_id'], k['name'])))}
def test_instance_empty_security_groups(self):
port_list = {'ports': [{'id': 1, 'device_id': uuids.instance,
'security_groups': []}]}
self.mocked_client.list_ports.return_value = port_list
result = sg_api.get_instance_security_groups(
self.context, objects.Instance(uuid=uuids.instance))
self.assertEqual([], result)
self.mocked_client.list_ports.assert_called_once_with(
device_id=[uuids.instance])
def __init__(self,
instance,
address=None,
content=None,
extra_md=None,
network_info=None,
network_metadata=None,
request_context=None):
"""Creation of this object should basically cover all time consuming
collection. Methods after that should not cause time delays due to
network operations or lengthy cpu operations.
The user should then get a single instance and make multiple method
calls on it.
"""
if not content:
content = []
ctxt = context.get_admin_context()
# NOTE(danms): Sanitize the instance to limit the amount of stuff
# inside that may not pickle well (i.e. context). We also touch
# some of the things we'll lazy load later to make sure we keep their
# values in what we cache.
instance.ec2_ids
instance.keypairs
instance.device_metadata
instance.numa_topology
instance = objects.Instance.obj_from_primitive(
instance.obj_to_primitive())
# The default value of mimeType is set to MIME_TYPE_TEXT_PLAIN
self.set_mimetype(MIME_TYPE_TEXT_PLAIN)
self.instance = instance
self.extra_md = extra_md
self.availability_zone = instance.get('availability_zone')
self.security_groups = security_group_api.get_instance_security_groups(
ctxt, instance)
self.mappings = _format_instance_mapping(ctxt, instance)
if instance.user_data is not None:
self.userdata_raw = base64.decode_as_bytes(instance.user_data)
else:
self.userdata_raw = None
self.address = address
# expose instance metadata.
self.launch_metadata = utils.instance_meta(instance)
self.password = password.extract_password(instance)
self.uuid = instance.uuid
self.content = {}
self.files = []
# get network info, and the rendered network template
if network_info is None:
network_info = instance.info_cache.network_info
# expose network metadata
if network_metadata is None:
self.network_metadata = netutils.get_network_metadata(network_info)
else:
self.network_metadata = network_metadata
self.ip_info = netutils.get_ec2_ip_info(network_info)
self.network_config = None
cfg = netutils.get_injected_network_template(network_info)
if cfg:
key = "%04i" % len(self.content)
self.content[key] = cfg
self.network_config = {
"name": "network_config",
'content_path': "/%s/%s" % (CONTENT_DIR, key)
}
# 'content' is passed in from the configdrive code in
# nova/virt/libvirt/driver.py. That's how we get the injected files
# (personalities) in. AFAIK they're not stored in the db at all,
# so are not available later (web service metadata time).
for (path, contents) in content:
key = "%04i" % len(self.content)
self.files.append({
'path': path,
'content_path': "/%s/%s" % (CONTENT_DIR, key)
})
self.content[key] = contents
self.route_configuration = None
# NOTE(mikal): the decision to not pass extra_md here like we
# do to the StaticJSON driver is deliberate. extra_md will
# contain the admin password for the instance, and we shouldn't
# pass that to external services.
self.vendordata_providers = {
'StaticJSON':
vendordata_json.JsonFileVendorData(instance=instance,
address=address,
extra_md=extra_md,
network_info=network_info),
'DynamicJSON':
vendordata_dynamic.DynamicVendorData(instance=instance,
address=address,
network_info=network_info,
context=request_context)
}