Merge "Disable security group rule when create port" into stable/ocata
This commit is contained in:
commit
fda79f4ce4
|
@ -173,14 +173,17 @@ class API(object):
|
||||||
|
|
||||||
def create_port(self, tenant_id, network_id, host_id=None, subnet_id=None,
|
def create_port(self, tenant_id, network_id, host_id=None, subnet_id=None,
|
||||||
fixed_ip=None, device_owner=None, device_id=None,
|
fixed_ip=None, device_owner=None, device_id=None,
|
||||||
mac_address=None, security_group_ids=None, dhcp_opts=None,
|
mac_address=None, port_security_enabled=True,
|
||||||
**kwargs):
|
security_group_ids=None, dhcp_opts=None, **kwargs):
|
||||||
try:
|
try:
|
||||||
port_req_body = {'port': {}}
|
port_req_body = {'port': {}}
|
||||||
port_req_body['port']['network_id'] = network_id
|
port_req_body['port']['network_id'] = network_id
|
||||||
port_req_body['port']['admin_state_up'] = True
|
port_req_body['port']['admin_state_up'] = True
|
||||||
port_req_body['port']['tenant_id'] = tenant_id
|
port_req_body['port']['tenant_id'] = tenant_id
|
||||||
if security_group_ids:
|
if not port_security_enabled:
|
||||||
|
port_req_body['port']['port_security_enabled'] = (
|
||||||
|
port_security_enabled)
|
||||||
|
elif security_group_ids:
|
||||||
port_req_body['port']['security_groups'] = security_group_ids
|
port_req_body['port']['security_groups'] = security_group_ids
|
||||||
if mac_address:
|
if mac_address:
|
||||||
port_req_body['port']['mac_address'] = mac_address
|
port_req_body['port']['mac_address'] = mac_address
|
||||||
|
|
|
@ -992,7 +992,8 @@ class NeutronNetworkHelper(BaseNetworkhelper):
|
||||||
elif not ports:
|
elif not ports:
|
||||||
port = self.neutron_api.create_port(
|
port = self.neutron_api.create_port(
|
||||||
self.admin_project_id, network_id, subnet_id=subnet_id,
|
self.admin_project_id, network_id, subnet_id=subnet_id,
|
||||||
device_id=device_id, device_owner='manila:share', host_id=host)
|
device_id=device_id, device_owner='manila:share', host_id=host,
|
||||||
|
port_security_enabled=False)
|
||||||
else:
|
else:
|
||||||
port = ports[0]
|
port = ports[0]
|
||||||
return port
|
return port
|
||||||
|
|
|
@ -2030,7 +2030,7 @@ class NeutronNetworkHelperTestCase(test.TestCase):
|
||||||
instance.neutron_api.create_port.assert_called_once_with(
|
instance.neutron_api.create_port.assert_called_once_with(
|
||||||
instance.admin_project_id, instance.service_network_id,
|
instance.admin_project_id, instance.service_network_id,
|
||||||
device_id='manila-share', device_owner='manila:share',
|
device_id='manila-share', device_owner='manila:share',
|
||||||
host_id='fake_host', subnet_id=None)
|
host_id='fake_host', subnet_id=None, port_security_enabled=False)
|
||||||
service_instance.socket.gethostname.assert_called_once_with()
|
service_instance.socket.gethostname.assert_called_once_with()
|
||||||
self.assertFalse(instance.neutron_api.update_port_fixed_ips.called)
|
self.assertFalse(instance.neutron_api.update_port_fixed_ips.called)
|
||||||
self.assertEqual(fake_service_port, result)
|
self.assertEqual(fake_service_port, result)
|
||||||
|
@ -2084,7 +2084,7 @@ class NeutronNetworkHelperTestCase(test.TestCase):
|
||||||
instance.neutron_api.create_port.assert_called_once_with(
|
instance.neutron_api.create_port.assert_called_once_with(
|
||||||
instance.admin_project_id, instance.service_network_id,
|
instance.admin_project_id, instance.service_network_id,
|
||||||
device_id='manila-share', device_owner='manila:share',
|
device_id='manila-share', device_owner='manila:share',
|
||||||
host_id='fake_host', subnet_id=None)
|
host_id='fake_host', subnet_id=None, port_security_enabled=False)
|
||||||
service_instance.socket.gethostname.assert_called_once_with()
|
service_instance.socket.gethostname.assert_called_once_with()
|
||||||
self.assertFalse(instance.neutron_api.update_port_fixed_ips.called)
|
self.assertFalse(instance.neutron_api.update_port_fixed_ips.called)
|
||||||
self.assertEqual(fake_service_port, result)
|
self.assertEqual(fake_service_port, result)
|
||||||
|
|
Loading…
Reference in New Issue