Commit Graph

5 Commits

Author SHA1 Message Date
Stan Lagun
bb2d0e5a84 Support for multi-regional apps was added
Now all OpenStack resource classes inherit CloudResource
that provides getRegion method and regionName property.
This allows to assign resources to different regions.
getRegion() returns CloudRegion instance that resource or it
parent belong to. CloudRegion has the similar interface to
Environment class and is the correct way to get HeatStack
instance associated with the regoin, default network
configuration, security group manager and agent listener
instances. Environment acts as the default region so backward
compatibility is not broken. However new applications
should not use environment to set security group rules but
rather a region(s) of their instance(s) in order to work correctly
when their instances were configured to use region other then
the default.

Change-Id: I4dbf40c65042e9a354f3bfadfcd63a63e6e3e418
2016-08-12 07:09:58 -07:00
Hidekazu Nakamura
c0bfff29bd Fix defaultGroupName of SecurityGroupManager Class
If the environment name contains '/', default security group
resource name contains '/' and heat deployment fails.

This patch changes defaultGroupName of SecurityGroupManager Class
 to 'MuranoSecurityGroup-' + environment id.

Change-Id: I68266815c40b9ccccca9c34bf6ed70db5f176fe0
Closes-Bug: #1590497
2016-06-17 14:40:01 +09:00
Dmytro Dovbii
186612daf7 [Core-Library] Add ability to specify direction and ethetype for groups
Previously there was no way to specify in which direction security rule
should be applied, only ingress was supported. Also it was impossible
to create IPv6 rules.
This patch added ability to specify direction and ethertype for
Neutron security groups and direction - for AWS security groups

Change-Id: Iba5be7a8a94c34eab3e0e06f95e5358a84a5dd7b
Closes-Bug: #1532317
2016-01-22 13:10:03 +00:00
Lin Yang
46d993702f Add Apache 2.0 license info to core library
Change-Id: Ifa74af1b7c9f3f7a90273def336932ae67509955
Closes-Bug: #1506102
2015-10-15 15:47:03 +08:00
Alexander Tivelkov
796a0b2c9d Nova Network support
Adds a support for Nova Network if Neutron is not present in the
current OpenStack deployment.

Supporting the Nova Network requires modifications in three different
parts of generated Heat Stack:
	1) Generated Security Groups and their rules should be of type
	   'AWS::EC2::SecurityGroup', not 'OS::Neutron::SecurityGroup'
	2) Security Group assignments should go to security_groups property
	   of Instance resource, not the network port (as port concept is
	   not present when using NovaNetwork)
	3) FloatingIP should be of type OS::Nova::FloatingIP and should be
	   associated with an Instance by OS::Nova::FloatingIPAssociation
	   resource.

To achieve p1 a SecurityGroupManager class of Core Library is made
abstract and is inherited by two concrete implementations:
NeutronSecurityGroupManager (containing the old MuranoPL code which
generated templates based on OS::Neutron::SecurityGroup) and a new
AwsSecurityGroupManager, which generates AWS-compliant firewall rules
which are consumed by NovaNetwork.

The particular concreate instance of this class is generated by the
default network of environment: Network class has got a new method called
generateSecurityGroupManager which returns an appropriate implementation.

For pp 2-3 a new inheritor of Network class has been added to the Core
Library: an io.murano.resources.NovaNetwork. It generates FloatingIP
association resources if needed and returns a securityGroupName object
as one of the outputs of its joinInstance methods.
The Instance class has been modified to properly handle these types of
outputs.
The instance of the NovaNetwork class is generated at the API side
when a new Environment is created and a is assigned to the
defaultNetworks.environment property of the environment if the neutron
is not defined in keystone.

Also this change moves the auth_utils module from engine to common, as
Keystone Client it contains is now used by the API process as well.

This changed is based on some of the code from the outdated changeset
I6f4b7908bd4bbcd375f64705c7dd06e3954f1ec7

Co-Authored-By: Alexander Tivelkov <ativelkov@mirantis.com>
Co-Authored-By: Stan Lagun <slagun@mirantis.com>

DocImpact

Change-Id: I4c48f33de100a5730ba1d086540d0d99e8fbf9b1
Implements-Blueprint: nova-network-support
2015-04-08 13:09:21 +03:00