Browse Source

Fixed creation neutron api mapping for security groups

Fixed creation of security group and security group rule via
neutronclient api mapping.
There was a switch from novaclient to neutronclient
for creating a security groups and rules in change
5d5666b10e but
the argument mapping for this function has not been changed.

Change-Id: I1774b73c61adb3b44a61f3f56f99e85f278deb83
Closes-Bug: 1716922
(cherry picked from commit c93f5833e4)
(cherry picked from commit 7d7022f743)
Jan Vondra 1 year ago
parent
commit
21d6184097

+ 12
- 10
manila/network/neutron/api.py View File

@@ -383,23 +383,25 @@ class API(object):
383 383
     def security_group_create(self, name, description=""):
384 384
         try:
385 385
             return self.client.create_security_group(
386
-                {"name": name, "description": description})
386
+                {'security_group': {"name": name, "description": description}})
387 387
         except neutron_client_exc.NeutronClientException as e:
388 388
             raise exception.NetworkException(
389 389
                 code=e.status_code, message=e.message)
390 390
 
391 391
     def security_group_rule_create(self, parent_group_id,
392 392
                                    ip_protocol=None, from_port=None,
393
-                                   to_port=None, cidr=None, group_id=None):
393
+                                   to_port=None, cidr=None, group_id=None,
394
+                                   direction="ingress"):
395
+        request = {"security_group_id": parent_group_id,
396
+                   "protocol": ip_protocol, "remote_ip_prefix": cidr,
397
+                   "remote_group_id": group_id, "direction": direction}
398
+        if ip_protocol != "icmp":
399
+            request["port_range_min"] = from_port
400
+            request["port_range_max"] = to_port
401
+
394 402
         try:
395
-            return self.client.create_security_group_rule({
396
-                "parent_group_id": parent_group_id,
397
-                "ip_protocol": ip_protocol,
398
-                "from_port": from_port,
399
-                "to_port": to_port,
400
-                "cidr": cidr,
401
-                "group_id": group_id,
402
-            })
403
+            return self.client.create_security_group_rule(
404
+                {"security_group_rule": request})
403 405
         except neutron_client_exc.NeutronClientException as e:
404 406
             raise exception.NetworkException(
405 407
                 code=e.status_code, message=e.message)

+ 0
- 1
manila/share/drivers/service_instance.py View File

@@ -344,7 +344,6 @@ class ServiceInstanceManager(object):
344 344
                 name, description)['security_group']
345 345
             for protocol, ports in const.SERVICE_INSTANCE_SECGROUP_DATA:
346 346
                 self.network_helper.neutron_api.security_group_rule_create(
347
-                    context,
348 347
                     parent_group_id=sg['id'],
349 348
                     ip_protocol=protocol,
350 349
                     from_port=ports[0],

+ 4
- 0
releasenotes/notes/bug-1716922-security-group-creation-failed-d46085d11370d918.yaml View File

@@ -0,0 +1,4 @@
1
+---
2
+fixes:
3
+  - Fixed creation of security group and security group rule - neutronclient
4
+    mapping

Loading…
Cancel
Save