예제 #1
0
    def do_secgroup(self, args, arguments):
        """
        ::

            Usage:
                secgroup list [--cloud=CLOUD] [--tenant=TENANT]
                secgroup create [--cloud=CLOUD] [--tenant=TENANT] LABEL
                secgroup delete [--cloud=CLOUD] [--tenant=TENANT] LABEL
                secgroup rules-list [--cloud=CLOUD] [--tenant=TENANT] LABEL
                secgroup rules-add [--cloud=CLOUD] [--tenant=TENANT] LABEL FROMPORT TOPORT PROTOCOL CIDR
                secgroup rules-delete [--cloud=CLOUD] [--tenant=TENANT] LABEL FROMPORT TOPORT PROTOCOL CIDR
                secgroup -h | --help
                secgroup --version

            Options:
                -h                  help message
                --cloud=CLOUD       Name of the IaaS cloud e.g. india_openstack_grizzly.
                --tenant=TENANT     Name of the tenant, e.g. fg82.

            Arguments:
                LABEL         The label/name of the security group
                FROMPORT      Staring port of the rule, e.g. 22
                TOPORT        Ending port of the rule, e.g. 22
                PROTOCOL      Protocol applied, e.g. TCP,UDP,ICMP
                CIDR          IP address range in CIDR format, e.g., 129.79.0.0/16

            Description:
                security_group command provides list/add/delete
                security_groups for a tenant of a cloud, as well as
                list/add/delete of rules for a security group from a
                specified cloud and tenant.


            Examples:
                $ secgroup list --cloud india --tenant fg82
                $ secgroup rules-list --cloud india --tenant fg82 default
                $ secgroup create --cloud india --tenant fg82 webservice
                $ secgroup rules-add --cloud india --tenant fg82 webservice 8080 8088 TCP "129.79.0.0/16"

        """
        # pprint(arguments)

        cloud = arguments["--cloud"] or Default.get_cloud()

        if arguments["list"]:
            # if no arguments read default
            tenant = arguments["--tenant"] or Default.get("tenant")

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return
            if not tenant:
                Console.error("Default tenant not set!")
                return ""

            result = SecGroup.list(tenant, cloud)
            if result:
                print(result)
            else:
                Console.error(
                    "No Security Groups found in the cloudmesh database!")
            return ""

        elif arguments["create"]:
            # if no arguments read default
            tenant = arguments["--tenant"] or Default.get("tenant", cloud)
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return
            if not tenant:
                Console.error("Default tenant not set!")
                return ""

            # Create returns uuid of created sec-group
            uuid = SecGroup.create(label, cloud, tenant)

            if uuid:
                Console.ok("Created a new security group [{}] with UUID [{}]"
                           .format(label, uuid))
            else:
                Console.error("Exiting!")
            return ""

        elif arguments["delete"]:
            # if no arguments read default
            tenant = arguments["--tenant"] or Default.get("tenant", cloud)
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""
            if not tenant:
                Console.error("Default tenant not set!")
                return ""

            result = SecGroup.delete_secgroup(label, cloud, tenant)
            if result:
                print(result)
            else:
                Console.error("Security Group [{}, {}, {}] could not be "
                              "deleted".format(label, cloud, tenant))

            return ""

        elif arguments["rules-delete"]:
            # if no arguments read default
            cloud = arguments["--cloud"]
            tenant = arguments["--tenant"] or Default.get("tenant", cloud)

            label = arguments["LABEL"]
            from_port = arguments["FROMPORT"]
            to_port = arguments["TOPORT"]
            protocol = arguments["PROTOCOL"]
            cidr = arguments["CIDR"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""
            if not tenant:
                Console.error("Default tenant not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, tenant, cloud)
            if sec_group:
                # Get the rules
                result = SecGroup.delete_rule(sec_group, from_port, to_port,
                                              protocol, cidr)
                if result:
                    print(result)
                else:
                    Console.error(
                        "Rule [{} | {} | {} | {}] could not be deleted"
                        .format(from_port, to_port, protocol, cidr))

            return ""

        elif arguments["rules-list"]:
            # if no arguments read default
            tenant = arguments["--tenant"] or Default.get("tenant", cloud)
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""
            if not tenant:
                Console.error("Default tenant not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, tenant, cloud)
            if sec_group:
                # Get the rules
                result = SecGroup.get_rules(sec_group.uuid)
                print(result)
            else:
                Console.error(
                    "Security Group with label [{}], cloud [{}], and "
                    "tenant [{}] not found!"
                    .format(label, cloud, tenant))
                return ""

        elif arguments["rules-add"]:
            # if no arguments read default
            tenant = arguments["--tenant"] or Default.get("tenant", cloud)

            label = arguments["LABEL"]
            from_port = arguments["FROMPORT"]
            to_port = arguments["TOPORT"]
            protocol = arguments["PROTOCOL"]
            cidr = arguments["CIDR"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""
            if not tenant:
                Console.error("Default tenant not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, tenant, cloud)
            if sec_group:
                # Add rules to the security group
                SecGroup.add_rule(sec_group, from_port, to_port, protocol,
                                  cidr)
            else:
                Console.error(
                    "Security Group with label [{}], cloud [{}], and tenant [{"
                    "}] not found!".format(label, cloud, tenant))
                return ""

        # TODO: Add Implementation
        elif arguments["--version"]:
            Console.ok('Version: ')

        return ""
예제 #2
0
    def do_secgroup(self, args, arguments):
        """
        ::

            Usage:
                secgroup list [--cloud=CLOUD]
                secgroup create [--cloud=CLOUD] LABEL
                secgroup delete [--cloud=CLOUD] LABEL
                secgroup rules-list [--cloud=CLOUD] LABEL
                secgroup rules-add [--cloud=CLOUD] LABEL FROMPORT TOPORT PROTOCOL CIDR
                secgroup rules-delete [--cloud=CLOUD] [--all] LABEL [FROMPORT] [TOPORT] [PROTOCOL] [CIDR]
                secgroup refresh [--cloud=CLOUD]
                secgroup -h | --help
                secgroup --version

            Options:
                -h                  help message
                --cloud=CLOUD       Name of the IaaS cloud e.g. india_openstack_grizzly.

            Arguments:
                LABEL         The label/name of the security group
                FROMPORT      Staring port of the rule, e.g. 22
                TOPORT        Ending port of the rule, e.g. 22
                PROTOCOL      Protocol applied, e.g. TCP,UDP,ICMP
                CIDR          IP address range in CIDR format, e.g., 129.79.0.0/16

            Description:
                security_group command provides list/add/delete
                security_groups for a tenant of a cloud, as well as
                list/add/delete of rules for a security group from a
                specified cloud and tenant.


            Examples:
                secgroup list --cloud india
                secgroup rules-list --cloud=kilo default
                secgroup create --cloud=kilo webservice
                secgroup rules-add --cloud=kilo webservice 8080 8088 TCP 129.79.0.0/16
                secgroup rules-delete --cloud=kilo webservice 8080 8088 TCP 129.79.0.0/16
                secgroup rules-delete --all


        """
        # pprint(arguments)

        cloud = arguments["--cloud"] or Default.get_cloud()

        # if refresh ON, pull data from cloud to db
        if arguments["refresh"] or \
                Default.refresh():
            msg = "Refresh secgroup for cloud {:}.".format(cloud)
            if SecGroup.refresh(cloud):
                Console.ok("{:} ok".format(msg))
            else:
                Console.error("{:} failed".format(msg))

        # list all security-groups in cloud
        if arguments["list"]:
            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return

            result = SecGroup.list(cloud=cloud)
            if result:
                print(result)
            else:
                Console.error(
                    "No Security Groups found in the cloudmesh database!")
            return ""

        # Create a security-group
        elif arguments["create"]:
            # if no arguments read default
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return

            # Create returns uuid of created sec-group
            uuid = SecGroup.create(label, cloud)

            if uuid:
                Console.ok("Created a new security group [{}] with UUID [{}]"
                           .format(label, uuid))
            else:
                Console.error("Exiting!")
            return ""

        # Delete a security-group
        elif arguments["delete"]:
            # if no arguments read default
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""

            result = SecGroup.delete_secgroup(label, cloud)
            if result is not None:
                Console.ok("Security Group [{}] in cloud [{}] deleted successfully." \
                           .format(label, cloud))
            else:
                Console.error("Failed to delete Security Group [{}] in cloud [{}]"
                              .format(label, cloud))

            return ""

        # Delete security group rule
        elif arguments["rules-delete"]:
            # if no arguments read default
            cloud = arguments["--cloud"] or Default.get_cloud()

            label = arguments["LABEL"]
            from_port = arguments["FROMPORT"]
            to_port = arguments["TOPORT"]
            protocol = arguments["PROTOCOL"]
            cidr = arguments["CIDR"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, cloud)
            if sec_group:

                # delete all rules for secgroup
                if arguments["--all"]:
                    SecGroup.delete_all_rules(secgroup=sec_group)
                    return ""

                # Get the rules
                result = SecGroup.delete_rule(cloud=cloud,
                                              secgroup=sec_group,
                                              from_port=from_port,
                                              to_port=to_port,
                                              protocol=protocol,
                                              cidr=cidr)
                if result:
                    Console.ok(result)
                else:
                    Console.error(
                        "Rule [{} | {} | {} | {}] could not be deleted"
                            .format(from_port, to_port, protocol, cidr))

            return ""

        # list security group rules
        elif arguments["rules-list"]:
            # if no arguments read default
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, cloud)
            if sec_group:
                # Get the rules
                result = SecGroup.get_rules(sec_group.uuid)
                print(result)
            else:
                Console.error(
                    "Security Group with label [{}] in cloud [{}] not found!"
                        .format(label, cloud))
                return ""

        # add rule to security group
        elif arguments["rules-add"]:
            label = arguments["LABEL"]
            from_port = arguments["FROMPORT"]
            to_port = arguments["TOPORT"]
            protocol = arguments["PROTOCOL"]
            cidr = arguments["CIDR"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, cloud)
            if sec_group:
                # Add rules to the security group
                SecGroup.add_rule(cloud=cloud,
                                  secgroup=sec_group,
                                  from_port=from_port,
                                  to_port=to_port,
                                  protocol=protocol,
                                  cidr=cidr)
            else:
                Console.error(
                    "Security Group with label [{}] in cloud [{}] not found!".format(label, cloud))
                return ""

        # TODO: Add Implementation
        elif arguments["--version"]:
            Console.ok('Version: ')

        return ""
예제 #3
0
    def do_secgroup(self, args, arguments):
        """
        ::

            Usage:
                secgroup list [--cloud=CLOUD]
                secgroup create [--cloud=CLOUD] LABEL
                secgroup delete [--cloud=CLOUD] LABEL
                secgroup rules-list [--cloud=CLOUD] LABEL
                secgroup rules-add [--cloud=CLOUD] LABEL FROMPORT TOPORT PROTOCOL CIDR
                secgroup rules-delete [--cloud=CLOUD] [--all] LABEL [FROMPORT] [TOPORT] [PROTOCOL] [CIDR]
                secgroup refresh [--cloud=CLOUD]
                secgroup -h | --help
                secgroup --version

            Options:
                -h                  help message
                --cloud=CLOUD       Name of the IaaS cloud e.g. india_openstack_grizzly.

            Arguments:
                LABEL         The label/name of the security group
                FROMPORT      Staring port of the rule, e.g. 22
                TOPORT        Ending port of the rule, e.g. 22
                PROTOCOL      Protocol applied, e.g. TCP,UDP,ICMP
                CIDR          IP address range in CIDR format, e.g., 129.79.0.0/16

            Description:
                security_group command provides list/add/delete
                security_groups for a tenant of a cloud, as well as
                list/add/delete of rules for a security group from a
                specified cloud and tenant.


            Examples:
                secgroup list --cloud india
                secgroup rules-list --cloud=kilo default
                secgroup create --cloud=kilo webservice
                secgroup rules-add --cloud=kilo webservice 8080 8088 TCP 129.79.0.0/16
                secgroup rules-delete --cloud=kilo webservice 8080 8088 TCP 129.79.0.0/16
                secgroup rules-delete --all


        """
        # pprint(arguments)

        cloud = arguments["--cloud"] or Default.get_cloud()

        # if refresh ON, pull data from cloud to db
        if arguments["refresh"] or \
                Default.refresh():
            msg = "Refresh secgroup for cloud {:}.".format(cloud)
            if SecGroup.refresh(cloud):
                Console.ok("{:} ok".format(msg))
            else:
                Console.error("{:} failed".format(msg))

        # list all security-groups in cloud
        if arguments["list"]:
            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return

            result = SecGroup.list(cloud=cloud)
            if result:
                print(result)
            else:
                Console.error(
                    "No Security Groups found in the cloudmesh database!")
            return ""

        # Create a security-group
        elif arguments["create"]:
            # if no arguments read default
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return

            # Create returns uuid of created sec-group
            uuid = SecGroup.create(label, cloud)

            if uuid:
                Console.ok(
                    "Created a new security group [{}] with UUID [{}]".format(
                        label, uuid))
            else:
                Console.error("Exiting!")
            return ""

        # Delete a security-group
        elif arguments["delete"]:
            # if no arguments read default
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""

            result = SecGroup.delete_secgroup(label, cloud)
            if result is not None:
                Console.ok("Security Group [{}] in cloud [{}] deleted successfully." \
                           .format(label, cloud))
            else:
                Console.error(
                    "Failed to delete Security Group [{}] in cloud [{}]".
                    format(label, cloud))

            return ""

        # Delete security group rule
        elif arguments["rules-delete"]:
            # if no arguments read default
            cloud = arguments["--cloud"] or Default.get_cloud()

            label = arguments["LABEL"]
            from_port = arguments["FROMPORT"]
            to_port = arguments["TOPORT"]
            protocol = arguments["PROTOCOL"]
            cidr = arguments["CIDR"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, cloud)
            if sec_group:

                # delete all rules for secgroup
                if arguments["--all"]:
                    SecGroup.delete_all_rules(secgroup=sec_group)
                    return ""

                # Get the rules
                result = SecGroup.delete_rule(cloud=cloud,
                                              secgroup=sec_group,
                                              from_port=from_port,
                                              to_port=to_port,
                                              protocol=protocol,
                                              cidr=cidr)
                if result:
                    Console.ok(result)
                else:
                    Console.error(
                        "Rule [{} | {} | {} | {}] could not be deleted".format(
                            from_port, to_port, protocol, cidr))

            return ""

        # list security group rules
        elif arguments["rules-list"]:
            # if no arguments read default
            label = arguments["LABEL"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, cloud)
            if sec_group:
                # Get the rules
                result = SecGroup.get_rules(sec_group.uuid)
                print(result)
            else:
                Console.error(
                    "Security Group with label [{}] in cloud [{}] not found!".
                    format(label, cloud))
                return ""

        # add rule to security group
        elif arguments["rules-add"]:
            label = arguments["LABEL"]
            from_port = arguments["FROMPORT"]
            to_port = arguments["TOPORT"]
            protocol = arguments["PROTOCOL"]
            cidr = arguments["CIDR"]

            # If default not set, terminate
            if not cloud:
                Console.error("Default cloud not set!")
                return ""

            # Get the security group
            sec_group = SecGroup.get(label, cloud)
            if sec_group:
                # Add rules to the security group
                SecGroup.add_rule(cloud=cloud,
                                  secgroup=sec_group,
                                  from_port=from_port,
                                  to_port=to_port,
                                  protocol=protocol,
                                  cidr=cidr)
            else:
                Console.error(
                    "Security Group with label [{}] in cloud [{}] not found!".
                    format(label, cloud))
                return ""

        # TODO: Add Implementation
        elif arguments["--version"]:
            Console.ok('Version: ')

        return ""
예제 #4
0
    def do_secgroup(self, args, arguments):
        """
        ::

            Usage:
                secgroup list [--format=FORMAT]
                secgroup list --cloud=CLOUD [--format=FORMAT]
                secgroup list GROUP [--format=FORMAT]
                secgroup add GROUP RULE FROMPORT TOPORT PROTOCOL CIDR
                secgroup delete GROUP [--cloud=CLOUD]
                secgroup delete GROUP RULE
                secgroup upload [GROUP] [--cloud=CLOUD]

            Options:
                --format=FORMAT Specify output format, in one of the following:
                                table, csv, json, yaml, dict. The default value
                                is 'table'.
                --cloud=CLOUD   Name of the IaaS cloud e.g. kilo,chameleoon.
                                The clouds are defined in the yaml file.
                                If the name "all" is used for the cloud all
                                clouds will be selected.

            Arguments:
                RULE          The security group rule name
                GROUP         The label/name of the security group
                FROMPORT      Staring port of the rule, e.g. 22
                TOPORT        Ending port of the rule, e.g. 22
                PROTOCOL      Protocol applied, e.g. TCP,UDP,ICMP
                CIDR          IP address range in CIDR format, e.g.,
                              129.79.0.0/16

            Description:
                security_group command provides list/add/delete
                security_groups for a tenant of a cloud, as well as
                list/add/delete of rules for a security group from a
                specified cloud and tenant.


            Examples:
                secgroup list
                secgroup list --cloud=kilo
                secgroup add my_new_group webapp 8080 8080 tcp 0.0.0.0/0
                seggroup delete my_group my_rule
                secgroup delete my_unused_group --cloud=kilo
                secgroup upload --cloud=kilo

            Description:

                Security groups are first assembled in a local database.
                Once they are defined they can be added to the clouds.

                secgroup list [--format=FORMAT]
                    lists all security groups and rules in the database

                secgroup list GROUP [--format=FORMAT]
                    lists a given security group and its rules defined
                    locally in the database

                secgroup list --cloud=CLOUD [--format=FORMAT]
                    lists the security groups and rules on the specified clouds.

                secgroup add GROUP RULE FROMPORT TOPORT PROTOCOL CIDR
                    adds a security rule with the given group and the details
                    of the security ruls

                secgroup delete GROUP [--cloud=CLOUD]
                    Deletes a security group from the local database. To make
                    the change on the remote cloud, using the 'upload' command
                    afterwards.
                    If the --cloud parameter is specified, the change would be
                    made directly on the specified cloud

                secgroup delete GROUP RULE
                    deletes the given rule from the group. To make this change
                    on the remote cloud, using 'upload' command.

                secgroup upload [GROUP] [--cloud=CLOUD...]
                    uploads a given group to the given cloud. If the cloud is
                    not specified the default cloud is used.
                    If the parameter for cloud is "all" the rules and groups
                    will be uploaded to all active clouds.
                    This will synchronize the changes (add/delete on security
                    groups, rules) made locally to the remote cloud(s).

        """

        arg = dotdict(arguments)
        if arguments["--cloud"] is not None:
            is_cloud = True
            arg.cloud = arguments["--cloud"] or Default.cloud
        else:
            is_cloud = False

        arg.FORMAT = arguments["--format"] or 'table'

        # list all security-groups in cloud

        if arguments["list"]:

            if not is_cloud:

                if arg.RULE is None:
                    print(SecGroup.list(group=arg.GROUP, name=arg.RULE, output=arg.FORMAT))
                else:
                    print(SecGroup.list(group=arg.GROUP, output=arg.FORMAT))

            else:

                print(SecGroup.list(category=arg.cloud, output=arg.FORMAT))

        elif arguments["add"]:

            try:
                SecGroup.add_rule_to_db(
                    name=arg.RULE,
                    group=arg.GROUP,
                    from_port=arg.FROMPORT,
                    to_port=arg.TOPORT,
                    protocol=arg.PROTOCOL,
                    cidr=arg.CIDR)
            except:
                Console.error("Problem adding security group to db")


        # Delete a security-group
        elif arguments["delete"]:
            if arg["RULE"] is not None:
                SecGroup.delete_rule_from_db(group=arg["GROUP"],
                                             name=arg["RULE"])
            else:
                self._delete(arg)

        elif arguments["upload"]:

            # rewrite the _delete
            #
            # upload does not implicitly deleting a secgroup anymore
            # instead, it will check and update the rules only
            # self._delete(arg)
            SecGroup.upload(cloud=arg.cloud, group=arg.GROUP)

        return ""
예제 #5
0
    def do_secgroup(self, args, arguments):
        """
        ::

            Usage:
                secgroup list [--format=FORMAT]
                secgroup list --cloud=CLOUD [--format=FORMAT]
                secgroup list GROUP [--format=FORMAT]
                secgroup add GROUP RULE FROMPORT TOPORT PROTOCOL CIDR
                secgroup delete GROUP [--cloud=CLOUD]
                secgroup delete GROUP RULE
                secgroup upload [GROUP] [--cloud=CLOUD]

            Options:
                --format=FORMAT Specify output format, in one of the following:
                                table, csv, json, yaml, dict. The default value
                                is 'table'.
                --cloud=CLOUD   Name of the IaaS cloud e.g. kilo,chameleoon.
                                The clouds are defined in the yaml file.
                                If the name "all" is used for the cloud all
                                clouds will be selected.

            Arguments:
                RULE          The security group rule name
                GROUP         The label/name of the security group
                FROMPORT      Staring port of the rule, e.g. 22
                TOPORT        Ending port of the rule, e.g. 22
                PROTOCOL      Protocol applied, e.g. TCP,UDP,ICMP
                CIDR          IP address range in CIDR format, e.g.,
                              129.79.0.0/16

            Description:
                security_group command provides list/add/delete
                security_groups for a tenant of a cloud, as well as
                list/add/delete of rules for a security group from a
                specified cloud and tenant.


            Examples:
                secgroup list
                secgroup list --cloud=kilo
                secgroup add my_new_group webapp 8080 8080 tcp 0.0.0.0/0
                seggroup delete my_group my_rule
                secgroup delete my_unused_group --cloud=kilo
                secgroup upload --cloud=kilo

            Description:

                Security groups are first assembled in a local database.
                Once they are defined they can be added to the clouds.

                secgroup list [--format=FORMAT]
                    lists all security groups and rules in the database

                secgroup list GROUP [--format=FORMAT]
                    lists a given security group and its rules defined
                    locally in the database

                secgroup list --cloud=CLOUD [--format=FORMAT]
                    lists the security groups and rules on the specified clouds.

                secgroup add GROUP RULE FROMPORT TOPORT PROTOCOL CIDR
                    adds a security rule with the given group and the details
                    of the security ruls

                secgroup delete GROUP [--cloud=CLOUD]
                    Deletes a security group from the local database. To make
                    the change on the remote cloud, using the 'upload' command
                    afterwards.
                    If the --cloud parameter is specified, the change would be
                    made directly on the specified cloud

                secgroup delete GROUP RULE
                    deletes the given rule from the group. To make this change
                    on the remote cloud, using 'upload' command.

                secgroup upload [GROUP] [--cloud=CLOUD...]
                    uploads a given group to the given cloud. If the cloud is
                    not specified the default cloud is used.
                    If the parameter for cloud is "all" the rules and groups
                    will be uploaded to all active clouds.
                    This will synchronize the changes (add/delete on security
                    groups, rules) made locally to the remote cloud(s).

        """

        arg = dotdict(arguments)
        if arguments["--cloud"] is not None:
            is_cloud = True
            arg.cloud = arguments["--cloud"] or Default.cloud
        else:
            is_cloud = False

        arg.FORMAT = arguments["--format"] or 'table'

        # list all security-groups in cloud

        if arguments["list"]:

            if not is_cloud:

                if arg.RULE is None:
                    print(
                        SecGroup.list(group=arg.GROUP,
                                      name=arg.RULE,
                                      output=arg.FORMAT))
                else:
                    print(SecGroup.list(group=arg.GROUP, output=arg.FORMAT))

            else:

                print(SecGroup.list(category=arg.cloud, output=arg.FORMAT))

        elif arguments["add"]:

            try:
                SecGroup.add_rule_to_db(name=arg.RULE,
                                        group=arg.GROUP,
                                        from_port=arg.FROMPORT,
                                        to_port=arg.TOPORT,
                                        protocol=arg.PROTOCOL,
                                        cidr=arg.CIDR)
            except:
                Console.error("Problem adding security group to db")

        # Delete a security-group
        elif arguments["delete"]:
            if arg["RULE"] is not None:
                SecGroup.delete_rule_from_db(group=arg["GROUP"],
                                             name=arg["RULE"])
            else:
                self._delete(arg)

        elif arguments["upload"]:

            # rewrite the _delete
            #
            # upload does not implicitly deleting a secgroup anymore
            # instead, it will check and update the rules only
            # self._delete(arg)
            SecGroup.upload(cloud=arg.cloud, group=arg.GROUP)

        return ""
예제 #6
0
    def do_secgroup(self, args, arguments):
        """
        ::

            Usage:
                secgroup list
                secgroup list --cloud=CLOUD [--format=FORMAT]
                secgroup list GROUP [RULE] [--format=FORMAT]
                secgroup add GROUP RULE FROMPORT TOPORT PROTOCOL CIDR
                secgroup delete GROUP [--cloud=CLOUD]
                secgroup upload [GROUP] [--cloud=CLOUD]

            Options:
                --cloud=CLOUD       Name of the IaaS cloud e.g. kilo, chameleoon. The clouds are defined in the yaml
                                    file. If the name "all" is used for the cloud all clouds will be selected.

            Arguments:
                RULE          The security group rule name
                GROUP         The label/name of the security group
                FROMPORT      Staring port of the rule, e.g. 22
                TOPORT        Ending port of the rule, e.g. 22
                PROTOCOL      Protocol applied, e.g. TCP,UDP,ICMP
                CIDR          IP address range in CIDR format, e.g., 129.79.0.0/16

            Description:
                security_group command provides list/add/delete
                security_groups for a tenant of a cloud, as well as
                list/add/delete of rules for a security group from a
                specified cloud and tenant.


            Examples:
                secgroup list --cloud india
                secgroup rules-list --cloud=kilo default
                secgroup create --cloud=kilo webservice
                secgroup rules-add --cloud=kilo webservice 8080 8088 TCP 129.79.0.0/16
                secgroup rules-delete --cloud=kilo webservice 8080 8088 TCP 129.79.0.0/16
                secgroup rules-delete --all

            Description:

                Security groups are first assembled in a local database. Once they are defined they can be added to the
                clouds.

                secgroup list
                    lists all security groups and rules in the database

                secgroup list --cloud=CLOUD... [--format=FORMAT]
                    lists the security groups and rules on the specified clouds.

                secgroup list GROUP [RULE] [--format=FORMAT]
                    lists a given security group. If in addition the RULE is specified it only lists the RULE

                secgroup add GROUP RULE FROMPORT TOPORT PROTOCOL CIDR
                    adds a security rule with the given group and teh details of the security ruls

                secgroup delete GROUP
                    deletes all security rules related to the specified group

                secgroup delete GROUP RULE
                    deletes just the given rule from the group

                secgroup upload [GROUP] [--cloud=CLOUD...]
                    uploads a given group to the given cloud. if the cloud is not specified the default cloud is used.
                    If the parameter for cloud is "all" the rules and groups will be uploaded to all active clouds.


            Example:

                cm secgroup list
                cm secgroup list --cloud=kilo
                cm secgroup add  cm-gregor-default web 80 80 tcp  0.0.0.0/0
                cm secgroup add  cm-gregor-default ssh 22 22 tcp  0.0.0.0/0
                cm secgroup upload --cloud=kilo
        """

        arg = dotdict(arguments)
        if arguments["--cloud"] is not None:
            is_cloud = True
            arg.cloud = arguments["--cloud"] or Default.cloud
        else:
            is_cloud = False

        arg.FORMAT = arguments["--format"] or 'table'

        # list all security-groups in cloud

        if arguments["list"]:

            if not is_cloud:

                if arg.RULE is None:
                    print(SecGroup.list(group=arg.GROUP, name=arg.RULE, output=arg.FORMAT))
                else:
                    print(SecGroup.list(group=arg.GROUP, output=arg.FORMAT))

            else:

                print(SecGroup.list(category=arg.cloud, output=arg.FORMAT))

        elif arguments["add"]:

            try:
                SecGroup.add_rule_to_db(
                    name=arg.RULE,
                    group=arg.GROUP,
                    from_port=arg.FROMPORT,
                    to_port=arg.TOPORT,
                    protocol=arg.PROTOCOL,
                    cidr=arg.CIDR)
            except:
                Console.error("Problem adding security group to db")


        # Delete a security-group
        elif arguments["delete"]:
            # if no arguments read default

            # If default not set, terminate
            if arg.cloud is None:
                SecGroup.delete(group=arg.GROUP)
            else:
                result = SecGroup.delete_secgroup(name=arg.GROUP, cloud=arg.cloud)
                if result is not None:
                    Console.ok("Security Group={GROUP} in cloud={cloud} deleted successfully."
                           .format(**arg))
                else:
                    Console.error("Failed to delete Security Group={GROUP} in cloud={cloud}"
                              .format(**arg))

        elif arguments["upload"]:

            SecGroup.upload(cloud=arg.cloud, group=arg.GROUP)

        return ""
예제 #7
0
    def do_secgroup(self, args, arguments):
        """
        ::

            Usage:
                secgroup list
                secgroup list --cloud=CLOUD [--format=FORMAT]
                secgroup list GROUP [RULE] [--format=FORMAT]
                secgroup add GROUP RULE FROMPORT TOPORT PROTOCOL CIDR
                secgroup delete GROUP [--cloud=CLOUD]
                secgroup upload [GROUP] [--cloud=CLOUD]

            Options:
                --cloud=CLOUD       Name of the IaaS cloud e.g. kilo, chameleoon. The clouds are defined in the yaml
                                    file. If the name "all" is used for the cloud all clouds will be selected.

            Arguments:
                RULE          The security group rule name
                GROUP         The label/name of the security group
                FROMPORT      Staring port of the rule, e.g. 22
                TOPORT        Ending port of the rule, e.g. 22
                PROTOCOL      Protocol applied, e.g. TCP,UDP,ICMP
                CIDR          IP address range in CIDR format, e.g., 129.79.0.0/16

            Description:
                security_group command provides list/add/delete
                security_groups for a tenant of a cloud, as well as
                list/add/delete of rules for a security group from a
                specified cloud and tenant.


            Examples:
                secgroup list --cloud india
                secgroup rules-list --cloud=kilo default
                secgroup create --cloud=kilo webservice
                secgroup rules-add --cloud=kilo webservice 8080 8088 TCP 129.79.0.0/16
                secgroup rules-delete --cloud=kilo webservice 8080 8088 TCP 129.79.0.0/16
                secgroup rules-delete --all

            Description:

                Security groups are first assembled in a local database. Once they are defined they can be added to the
                clouds.

                secgroup list
                    lists all security groups and rules in the database

                secgroup list --cloud=CLOUD... [--format=FORMAT]
                    lists the security groups and rules on the specified clouds.

                secgroup list GROUP [RULE] [--format=FORMAT]
                    lists a given security group. If in addition the RULE is specified it only lists the RULE

                secgroup add GROUP RULE FROMPORT TOPORT PROTOCOL CIDR
                    adds a security rule with the given group and teh details of the security ruls

                secgroup delete GROUP
                    deletes all security rules related to the specified group

                secgroup delete GROUP RULE
                    deletes just the given rule from the group

                secgroup upload [GROUP] [--cloud=CLOUD...]
                    uploads a given group to the given cloud. if the cloud is not specified the default cloud is used.
                    If the parameter for cloud is "all" the rules and groups will be uploaded to all active clouds.


            Example:

                cm secgroup list
                cm secgroup list --cloud=kilo
                cm secgroup add  cm-gregor-default web 80 80 tcp  0.0.0.0/0
                cm secgroup add  cm-gregor-default ssh 22 22 tcp  0.0.0.0/0
                cm secgroup upload --cloud=kilo
        """

        arg = dotdict(arguments)
        if arguments["--cloud"] is not None:
            is_cloud = True
            arg.cloud = arguments["--cloud"] or Default.cloud
        else:
            is_cloud = False

        arg.FORMAT = arguments["--format"] or 'table'

        # list all security-groups in cloud

        if arguments["list"]:

            if not is_cloud:

                if arg.RULE is None:
                    print(
                        SecGroup.list(group=arg.GROUP,
                                      name=arg.RULE,
                                      output=arg.FORMAT))
                else:
                    print(SecGroup.list(group=arg.GROUP, output=arg.FORMAT))

            else:

                print(SecGroup.list(category=arg.cloud, output=arg.FORMAT))

        elif arguments["add"]:

            try:
                SecGroup.add_rule_to_db(name=arg.RULE,
                                        group=arg.GROUP,
                                        from_port=arg.FROMPORT,
                                        to_port=arg.TOPORT,
                                        protocol=arg.PROTOCOL,
                                        cidr=arg.CIDR)
            except:
                Console.error("Problem adding security group to db")

        # Delete a security-group
        elif arguments["delete"]:

            self._delete(arg)

        elif arguments["upload"]:

            # rewrite the _delete
            #
            # upload does not implicitly deleting a secgroup anymore
            # instead, it will check and update the rules only
            # self._delete(arg)
            SecGroup.upload(cloud=arg.cloud, group=arg.GROUP)

        return ""