Merge "Fixed creation neutron api mapping for security groups" into stable/pike

2017-11-08 17:34:12 +00:00 · 2017-11-08 17:34:12 +00:00 · 521af40982
commit 521af40982
parent e42d81d220 7d7022f743
3 changed files with 16 additions and 11 deletions
--- a/manila/network/neutron/api.py
+++ b/manila/network/neutron/api.py
@ -382,23 +382,25 @@ class API(object):
    def security_group_create(self, name, description=""):
        try:
            return self.client.create_security_group(
-                {"name": name, "description": description})
+                {'security_group': {"name": name, "description": description}})
        except neutron_client_exc.NeutronClientException as e:
            raise exception.NetworkException(
                code=e.status_code, message=e.message)

    def security_group_rule_create(self, parent_group_id,
                                   ip_protocol=None, from_port=None,
-                                   to_port=None, cidr=None, group_id=None):
+                                   to_port=None, cidr=None, group_id=None,
+                                   direction="ingress"):
+        request = {"security_group_id": parent_group_id,
+                   "protocol": ip_protocol, "remote_ip_prefix": cidr,
+                   "remote_group_id": group_id, "direction": direction}
+        if ip_protocol != "icmp":
+            request["port_range_min"] = from_port
+            request["port_range_max"] = to_port
+
        try:
-            return self.client.create_security_group_rule({
-                "parent_group_id": parent_group_id,
-                "ip_protocol": ip_protocol,
-                "from_port": from_port,
-                "to_port": to_port,
-                "cidr": cidr,
-                "group_id": group_id,
-            })
+            return self.client.create_security_group_rule(
+                {"security_group_rule": request})
        except neutron_client_exc.NeutronClientException as e:
            raise exception.NetworkException(
                code=e.status_code, message=e.message)
--- a/manila/share/drivers/service_instance.py
+++ b/manila/share/drivers/service_instance.py
@ -336,7 +336,6 @@ class ServiceInstanceManager(object):
                name, description)['security_group']
            for protocol, ports in const.SERVICE_INSTANCE_SECGROUP_DATA:
                self.network_helper.neutron_api.security_group_rule_create(
-                    context,
                    parent_group_id=sg['id'],
                    ip_protocol=protocol,
                    from_port=ports[0],
--- a/releasenotes/notes/bug-1716922-security-group-creation-failed-d46085d11370d918.yaml
+++ b/releasenotes/notes/bug-1716922-security-group-creation-failed-d46085d11370d918.yaml
@ -0,0 +1,4 @@
+---
+fixes:
+  - Fixed creation of security group and security group rule - neutronclient
+    mapping