def migrate_exclude_ports(resource, event, trigger, **kwargs): _nsx_client = v3_utils.get_nsxv3_client() nsxlib = v3_utils.get_connected_nsxlib() version = nsxlib.get_version() if not nsx_utils.is_nsx_version_2_0_0(version): LOG.info("Migration only supported from 2.0 onwards") LOG.info("Version is %s", version) return admin_cxt = neutron_context.get_admin_context() plugin = PortsPlugin() _port_client = resources.LogicalPort(_nsx_client) exclude_list = nsxlib.firewall_section.get_excludelist() for member in exclude_list['members']: if member['target_type'] == 'LogicalPort': port_id = member['target_id'] # Get port try: nsx_port = _port_client.get(port_id) except nsx_exc.ResourceNotFound: LOG.info("Port %s not found", port_id) continue # Validate its a neutron port is_neutron_port = False for tag in nsx_port['tags']: if tag['scope'] == 'os-neutron-port-id': is_neutron_port = True neutron_port_id = tag['tag'] break if not is_neutron_port: LOG.info("Port %s is not a neutron port", port_id) continue # Check if this port exists in the DB try: plugin.get_port(admin_cxt, neutron_port_id) except Exception: LOG.info("Port %s is not defined in DB", neutron_port_id) continue # Update tag for the port tags_update = [{ 'scope': security.PORT_SG_SCOPE, 'tag': nsxlib_consts.EXCLUDE_PORT }] _port_client.update(port_id, None, tags_update=tags_update) # Remove port from the exclude list nsxlib.firewall_section.remove_member_from_fw_exclude_list( port_id, nsxlib_consts.TARGET_TYPE_LOGICAL_PORT) LOG.info("Port %s successfully updated", port_id)
def migrate_exclude_ports(resource, event, trigger, **kwargs): _nsx_client = v3_utils.get_nsxv3_client() nsxlib = v3_utils.get_connected_nsxlib() version = nsxlib.get_version() if not nsx_utils.is_nsx_version_2_0_0(version): LOG.info("Migration only supported from 2.0 onwards") LOG.info("Version is %s", version) return admin_cxt = neutron_context.get_admin_context() plugin = PortsPlugin() _port_client = resources.LogicalPort(_nsx_client) exclude_list = nsxlib.firewall_section.get_excludelist() for member in exclude_list['members']: if member['target_type'] == 'LogicalPort': port_id = member['target_id'] # Get port try: nsx_port = _port_client.get(port_id) except nsx_exc.ResourceNotFound: LOG.info("Port %s not found", port_id) continue # Validate its a neutron port is_neutron_port = False for tag in nsx_port.get('tags', []): if tag['scope'] == 'os-neutron-port-id': is_neutron_port = True neutron_port_id = tag['tag'] break if not is_neutron_port: LOG.info("Port %s is not a neutron port", port_id) continue # Check if this port exists in the DB try: plugin.get_port(admin_cxt, neutron_port_id) except Exception: LOG.info("Port %s is not defined in DB", neutron_port_id) continue # Update tag for the port tags_update = [{'scope': security.PORT_SG_SCOPE, 'tag': nsxlib_consts.EXCLUDE_PORT}] _port_client.update(port_id, None, tags_update=tags_update) # Remove port from the exclude list nsxlib.firewall_section.remove_member_from_fw_exclude_list( port_id, nsxlib_consts.TARGET_TYPE_LOGICAL_PORT) LOG.info("Port %s successfully updated", port_id)