예제 #1
0
    def update_security_group_on_port(self, context, id, port, original_port,
                                      updated_port):
        """Update security groups on port.

        This method returns a flag which indicates request notification
        is required and does not perform notification itself.
        It is because another changes for the port may require notification.
        """
        need_notify = False
        port_updates = port['port']
        if (ext_sg.SECURITYGROUPS in port_updates
                and not utils.compare_elements(
                    original_port.get(ext_sg.SECURITYGROUPS),
                    port_updates[ext_sg.SECURITYGROUPS])):
            # delete the port binding and read it with the new rules
            port_updates[ext_sg.SECURITYGROUPS] = (
                self._get_security_groups_on_port(context, port))
            self._delete_port_security_group_bindings(context, id)
            self._process_port_create_security_group(
                context, updated_port, port_updates[ext_sg.SECURITYGROUPS])
            need_notify = True
        else:
            updated_port[ext_sg.SECURITYGROUPS] = (
                original_port[ext_sg.SECURITYGROUPS])
        return need_notify
예제 #2
0
    def update_security_group_on_port(self, context, id, port,
                                      original_port, updated_port):
        """Update security groups on port.

        This method returns a flag which indicates request notification
        is required and does not perform notification itself.
        It is because another changes for the port may require notification.
        """
        need_notify = False
        port_updates = port['port']
        if (ext_sg.SECURITYGROUPS in port_updates and
            not utils.compare_elements(
                original_port.get(ext_sg.SECURITYGROUPS),
                port_updates[ext_sg.SECURITYGROUPS])):
            # delete the port binding and read it with the new rules
            port_updates[ext_sg.SECURITYGROUPS] = (
                self._get_security_groups_on_port(context, port))
            self._delete_port_security_group_bindings(context, id)
            self._process_port_create_security_group(
                context,
                updated_port,
                port_updates[ext_sg.SECURITYGROUPS])
            need_notify = True
        else:
            updated_port[ext_sg.SECURITYGROUPS] = (
                original_port[ext_sg.SECURITYGROUPS])
        return need_notify
    def update_port(self, context, port_id, port):
        original_port = self.get_port(context, port_id)
        session = context.session
        port_updated = False
        with session.begin(subtransactions=True):
            # delete the port binding and read it with the new rules
            if ext_sg.SECURITYGROUPS in port['port']:
                port['port'][ext_sg.SECURITYGROUPS] = (
                    self._get_security_groups_on_port(context, port))
                self._delete_port_security_group_bindings(context, port_id)
                # process_port_create_security_group also needs port id
                port['port']['id'] = port_id
                self._process_port_create_security_group(
                    context,
                    port['port'],
                    port['port'][ext_sg.SECURITYGROUPS])
                port_updated = True

            port = super(BrocadePluginV2, self).update_port(
                context, port_id, port)

        if original_port['admin_state_up'] != port['admin_state_up']:
            port_updated = True

        if (original_port['fixed_ips'] != port['fixed_ips'] or
            not utils.compare_elements(
                original_port.get(ext_sg.SECURITYGROUPS),
                port.get(ext_sg.SECURITYGROUPS))):
            self.notifier.security_groups_member_updated(
                context, port.get(ext_sg.SECURITYGROUPS))

        if port_updated:
            self._notify_port_updated(context, port)

        return self._extend_port_dict_binding(context, port)
예제 #4
0
    def update_port(self, context, port_id, port):
        original_port = self.get_port(context, port_id)
        session = context.session
        port_updated = False
        with session.begin(subtransactions=True):
            # delete the port binding and read it with the new rules
            if ext_sg.SECURITYGROUPS in port['port']:
                port['port'][ext_sg.SECURITYGROUPS] = (
                    self._get_security_groups_on_port(context, port))
                self._delete_port_security_group_bindings(context, port_id)
                # process_port_create_security_group also needs port id
                port['port']['id'] = port_id
                self._process_port_create_security_group(
                    context, port['port'], port['port'][ext_sg.SECURITYGROUPS])
                port_updated = True
            port_data = port['port']
            port = super(BrocadePluginV2,
                         self).update_port(context, port_id, port)
            self._process_portbindings_create_and_update(
                context, port_data, port)
        if original_port['admin_state_up'] != port['admin_state_up']:
            port_updated = True

        if (original_port['fixed_ips'] != port['fixed_ips']
                or not utils.compare_elements(
                    original_port.get(ext_sg.SECURITYGROUPS),
                    port.get(ext_sg.SECURITYGROUPS))):
            self.notifier.security_groups_member_updated(
                context, port.get(ext_sg.SECURITYGROUPS))

        if port_updated:
            self._notify_port_updated(context, port)

        return port
 def check_and_notify_security_group_member_changed(self, context, original_port, updated_port):
     sg_change = not utils.compare_elements(
         original_port.get(ext_sg.SECURITYGROUPS), updated_port.get(ext_sg.SECURITYGROUPS)
     )
     if sg_change:
         self.notify_security_groups_member_updated_bulk(context, [original_port, updated_port])
     elif original_port["fixed_ips"] != updated_port["fixed_ips"]:
         self.notify_security_groups_member_updated(context, updated_port)
예제 #6
0
 def check_and_notify_security_group_member_changed(
         self, context, original_port, updated_port):
     sg_change = not utils.compare_elements(
         original_port.get(ext_sg.SECURITYGROUPS),
         updated_port.get(ext_sg.SECURITYGROUPS))
     if sg_change:
         self.notify_security_groups_member_updated_bulk(
             context, [original_port, updated_port])
     elif original_port['fixed_ips'] != updated_port['fixed_ips']:
         self.notify_security_groups_member_updated(context, updated_port)
    def is_security_group_member_updated(self, context, original_port, updated_port):
        """Check security group member updated or not.

        This method returns a flag which indicates request notification
        is required and does not perform notification itself.
        It is because another changes for the port may require notification.
        """
        need_notify = False
        if original_port["fixed_ips"] != updated_port["fixed_ips"] or not utils.compare_elements(
            original_port.get(ext_sg.SECURITYGROUPS), updated_port.get(ext_sg.SECURITYGROUPS)
        ):
            need_notify = True
        return need_notify
예제 #8
0
    def is_address_pairs_attribute_updated(self, port, update_attrs):
        """Check if the address pairs attribute is being updated.

        This method returns a flag which indicates whether there is an update
        and therefore a port update notification should be sent to agents or
        third party controllers.
        """
        new_pairs = update_attrs.get(addr_pair.ADDRESS_PAIRS)
        if new_pairs and not utils.compare_elements(
                port.get(addr_pair.ADDRESS_PAIRS), new_pairs):
            return True
        # Missing or unchanged address pairs in attributes mean no update
        return False
예제 #9
0
    def is_address_pairs_attribute_updated(self, port, update_attrs):
        """Check if the address pairs attribute is being updated.

        This method returns a flag which indicates whether there is an update
        and therefore a port update notification should be sent to agents or
        third party controllers.
        """
        new_pairs = update_attrs.get(addr_pair.ADDRESS_PAIRS)
        if new_pairs and not utils.compare_elements(
            port.get(addr_pair.ADDRESS_PAIRS), new_pairs):
            return True
        # Missing or unchanged address pairs in attributes mean no update
        return False
예제 #10
0
    def is_security_group_member_updated(self, context, original_port,
                                         updated_port):
        """Check security group member updated or not.

        This method returns a flag which indicates request notification
        is required and does not perform notification itself.
        It is because another changes for the port may require notification.
        """
        need_notify = False
        if (original_port['fixed_ips'] != updated_port['fixed_ips']
                or not utils.compare_elements(
                    original_port.get(ext_sg.SECURITYGROUPS),
                    updated_port.get(ext_sg.SECURITYGROUPS))):
            need_notify = True
        return need_notify
예제 #11
0
    def _process_port_update_provider_security_group(self, context, port,
                                                     original_port,
                                                     updated_port):
        p = port['port']
        provider_sg_specified = (provider_sg.PROVIDER_SECURITYGROUPS in p
                                 and p[provider_sg.PROVIDER_SECURITYGROUPS] !=
                                 n_constants.ATTR_NOT_SPECIFIED)
        provider_sg_changed = (
            provider_sg_specified and not n_utils.compare_elements(
                original_port[provider_sg.PROVIDER_SECURITYGROUPS],
                p[provider_sg.PROVIDER_SECURITYGROUPS]))
        sg_changed = (set(original_port[ext_sg.SECURITYGROUPS]) != set(
            updated_port[ext_sg.SECURITYGROUPS]))

        if provider_sg_changed:
            port['port']['tenant_id'] = original_port['id']
            port['port']['id'] = original_port['id']
            updated_port[provider_sg.PROVIDER_SECURITYGROUPS] = (
                self._get_provider_security_groups_on_port(context, port))
        else:
            if sg_changed:
                self._check_invalid_security_groups_specified(context, p)
            updated_port[provider_sg.PROVIDER_SECURITYGROUPS] = (
                original_port[provider_sg.PROVIDER_SECURITYGROUPS])

        if provider_sg_changed or sg_changed:
            if not sg_changed:
                query = context.session.query(
                    securitygroups_db.SecurityGroupPortBinding)
                for sg in original_port[provider_sg.PROVIDER_SECURITYGROUPS]:
                    binding = query.filter_by(port_id=p['id'],
                                              security_group_id=sg).one()
                    context.session.delete(binding)
            self._process_port_create_provider_security_group(
                context, updated_port,
                updated_port[provider_sg.PROVIDER_SECURITYGROUPS])