695bf560c0
blueprint quantum-security-group Rule table view * Add direction and ethertype columns (which are specific to Neutron) It may be better to hide "Direction" and "Ether Type" columns unless Quantum security group is enabled. * Merge ip_protocol/from_port/to_port into one column for better view * Use "::/0" for IPv6 ANY instead of "0.0.0.0/0" * Rename "Source" column to "Remote". (The naming "source" does not fit egress rules) * Display security group name in the title of rule detail view Rule creation form * New arguments 'direction' and 'ethertype' in security_group_rule_create() * Set the default value of 'direction' to 'ingress' in forms.handle() * Rename 'ip_protocol' to 'rule_menu' and 'source' to 'remote' Note that rule_menu is retrieved from rule.ip_protocol in the unit tests since they are tests for custom TCP/UDP/ICMP rules. Network abstraction layer for security group management * Move security group methods to api.network * Add Neutron security group API implementation * Move base classes for network abstraction to a separate module (api/network_base.py) to avoid circulated import between api.network and api.nova/api.neutron Add a configuration parameter to control Neutron security group support * Neutron security group support is enabled when Neutron is enabled and enable_security_group in OPENSTACK_NEUTRON_NETWORK in settings is True. * Not all neutron plugins support security group, so we need a way to control neutron security group is enabled or not. * It can be determined by supported extension list from Neutron and it is a possible future work. Move get_int_or_uuid to openstack_dashboard/utils/filters. * get_int_or_uuid is now used in security_group implementation as well as floating IP logics. * In addition the depth of the directory tree becomes longer and it is hard to fit the import line in 80 chars. It is a good chance to move it to a common directory. Add __repr__ to API**Wrapper to make it easier to debug. Limitations: Neutron supports per-port security group. security groups can be associated with a port instead of an instace and each port can have a different set of security groups. It is not a scope of this BP and is a future work. Change-Id: I5410e88043a364596037b9ebcc566cd50b317614 |
||
---|---|---|
.. | ||
__init__.py | ||
filters.py |