Browse Source

Merge "Disable security group rule when create port" into stable/ocata

tags/4.0.2
Zuul 11 months ago
parent
commit
fda79f4ce4

+ 6
- 3
manila/network/neutron/api.py View File

@@ -173,14 +173,17 @@ class API(object):
173 173
 
174 174
     def create_port(self, tenant_id, network_id, host_id=None, subnet_id=None,
175 175
                     fixed_ip=None, device_owner=None, device_id=None,
176
-                    mac_address=None, security_group_ids=None, dhcp_opts=None,
177
-                    **kwargs):
176
+                    mac_address=None, port_security_enabled=True,
177
+                    security_group_ids=None, dhcp_opts=None, **kwargs):
178 178
         try:
179 179
             port_req_body = {'port': {}}
180 180
             port_req_body['port']['network_id'] = network_id
181 181
             port_req_body['port']['admin_state_up'] = True
182 182
             port_req_body['port']['tenant_id'] = tenant_id
183
-            if security_group_ids:
183
+            if not port_security_enabled:
184
+                port_req_body['port']['port_security_enabled'] = (
185
+                    port_security_enabled)
186
+            elif security_group_ids:
184 187
                 port_req_body['port']['security_groups'] = security_group_ids
185 188
             if mac_address:
186 189
                 port_req_body['port']['mac_address'] = mac_address

+ 2
- 1
manila/share/drivers/service_instance.py View File

@@ -992,7 +992,8 @@ class NeutronNetworkHelper(BaseNetworkhelper):
992 992
         elif not ports:
993 993
             port = self.neutron_api.create_port(
994 994
                 self.admin_project_id, network_id, subnet_id=subnet_id,
995
-                device_id=device_id, device_owner='manila:share', host_id=host)
995
+                device_id=device_id, device_owner='manila:share', host_id=host,
996
+                port_security_enabled=False)
996 997
         else:
997 998
             port = ports[0]
998 999
         return port

+ 2
- 2
manila/tests/share/drivers/test_service_instance.py View File

@@ -2030,7 +2030,7 @@ class NeutronNetworkHelperTestCase(test.TestCase):
2030 2030
         instance.neutron_api.create_port.assert_called_once_with(
2031 2031
             instance.admin_project_id, instance.service_network_id,
2032 2032
             device_id='manila-share', device_owner='manila:share',
2033
-            host_id='fake_host', subnet_id=None)
2033
+            host_id='fake_host', subnet_id=None, port_security_enabled=False)
2034 2034
         service_instance.socket.gethostname.assert_called_once_with()
2035 2035
         self.assertFalse(instance.neutron_api.update_port_fixed_ips.called)
2036 2036
         self.assertEqual(fake_service_port, result)
@@ -2084,7 +2084,7 @@ class NeutronNetworkHelperTestCase(test.TestCase):
2084 2084
         instance.neutron_api.create_port.assert_called_once_with(
2085 2085
             instance.admin_project_id, instance.service_network_id,
2086 2086
             device_id='manila-share', device_owner='manila:share',
2087
-            host_id='fake_host', subnet_id=None)
2087
+            host_id='fake_host', subnet_id=None, port_security_enabled=False)
2088 2088
         service_instance.socket.gethostname.assert_called_once_with()
2089 2089
         self.assertFalse(instance.neutron_api.update_port_fixed_ips.called)
2090 2090
         self.assertEqual(fake_service_port, result)

Loading…
Cancel
Save