def setup_security_group(self, context):
group_name = '%s%s' % (context.project_id, CONF.vpn_key_suffix)
group = {'user_id': context.user_id,
'project_id': context.project_id,
'name': group_name,
'description': 'Group for vpn'}
try:
group_ref = db.security_group_create(context, group)
except exception.SecurityGroupExists:
return group_name
rule = {'parent_group_id': group_ref['id'],
'cidr': '0.0.0.0/0',
'protocol': 'udp',
'from_port': 1194,
'to_port': 1194}
db.security_group_rule_create(context, rule)
rule = {'parent_group_id': group_ref['id'],
'cidr': '0.0.0.0/0',
'protocol': 'icmp',
'from_port': -1,
'to_port': -1}
db.security_group_rule_create(context, rule)
# NOTE(vish): No need to trigger the group since the instance
# has not been run yet.
return group_name
def setup_security_group(self, context):
group_name = '%s%s' % (context.project_id, CONF.vpn_key_suffix)
group = {
'user_id': context.user_id,
'project_id': context.project_id,
'name': group_name,
'description': 'Group for vpn'
}
try:
group_ref = db.security_group_create(context, group)
except exception.SecurityGroupExists:
return group_name
rule = {
'parent_group_id': group_ref['id'],
'cidr': '0.0.0.0/0',
'protocol': 'udp',
'from_port': 1194,
'to_port': 1194
}
db.security_group_rule_create(context, rule)
rule = {
'parent_group_id': group_ref['id'],
'cidr': '0.0.0.0/0',
'protocol': 'icmp',
'from_port': -1,
'to_port': -1
}
db.security_group_rule_create(context, rule)
# NOTE(vish): No need to trigger the group since the instance
# has not been run yet.
return group_name
def create(self):
if self.obj_attr_is_set('id'):
raise exception.ObjectActionError(action='create',
reason='already created')
updates = self.obj_get_changes()
parent_group = updates.pop('parent_group', None)
if parent_group:
updates['parent_group_id'] = parent_group.id
grantee_group = updates.pop('grantee_group', None)
if grantee_group:
updates['group_id'] = grantee_group.id
db_rule = db.security_group_rule_create(self._context, updates)
self._from_db_object(self._context, self, db_rule)