Remove unused refresh_security_group_members() call
This call was replaced with refresh_instance_security_groups() in
compute rpc version 1.41(!) Since we just reached version 4.0 it
should be fairly safe to just remove all traces of this without
backwards compatibility being an issue.
The original change that replaced and made this call no longer being
used was commit 2afbbab23a
.
Change-Id: I60d314f68a984fa8e6d36f46b5ae595f0afabe73
This commit is contained in:
parent
b1e6b22859
commit
4ee60b92ed
|
@ -1356,15 +1356,6 @@ class ComputeManager(manager.Manager):
|
|||
"""
|
||||
return self.driver.refresh_security_group_rules(security_group_id)
|
||||
|
||||
@wrap_exception()
|
||||
def refresh_security_group_members(self, context, security_group_id):
|
||||
"""Tell the virtualization driver to refresh security group members.
|
||||
|
||||
Passes straight through to the virtualization driver.
|
||||
|
||||
"""
|
||||
return self.driver.refresh_security_group_members(security_group_id)
|
||||
|
||||
@object_compat
|
||||
@wrap_exception()
|
||||
def refresh_instance_security_rules(self, context, instance):
|
||||
|
|
|
@ -306,6 +306,8 @@ class ComputeAPI(object):
|
|||
... Liberty supports messaging version 4.5. So, any changes to
|
||||
existing methods in 4.x after that point should be done so that they
|
||||
can handle the version_cap being set to 4.5
|
||||
|
||||
* ... - Remove refresh_security_group_members()
|
||||
'''
|
||||
|
||||
VERSION_ALIASES = {
|
||||
|
@ -931,13 +933,6 @@ class ComputeAPI(object):
|
|||
cctxt.cast(ctxt, 'refresh_security_group_rules',
|
||||
security_group_id=security_group_id)
|
||||
|
||||
def refresh_security_group_members(self, ctxt, security_group_id,
|
||||
host):
|
||||
version = '4.0'
|
||||
cctxt = self.client.prepare(server=host, version=version)
|
||||
cctxt.cast(ctxt, 'refresh_security_group_members',
|
||||
security_group_id=security_group_id)
|
||||
|
||||
def refresh_instance_security_rules(self, ctxt, host, instance):
|
||||
version = '4.4'
|
||||
if not self.client.can_send_version(version):
|
||||
|
|
|
@ -334,10 +334,6 @@ class ComputeRpcAPITestCase(test.NoDBTestCase):
|
|||
self._test_compute_api('refresh_security_group_rules', 'cast',
|
||||
security_group_id='id', host='host', version='4.0')
|
||||
|
||||
def test_refresh_security_group_members(self):
|
||||
self._test_compute_api('refresh_security_group_members', 'cast',
|
||||
security_group_id='id', host='host', version='4.0')
|
||||
|
||||
def test_refresh_instance_security_rules(self):
|
||||
expected_args = {'instance': self.fake_instance_obj}
|
||||
self._test_compute_api('refresh_instance_security_rules', 'cast',
|
||||
|
|
|
@ -1463,13 +1463,6 @@ class IronicDriverTestCase(test.NoDBTestCase):
|
|||
self.driver.refresh_provider_fw_rules()
|
||||
mock_rpfr.assert_called_once_with()
|
||||
|
||||
@mock.patch.object(firewall.NoopFirewallDriver,
|
||||
'refresh_security_group_members', create=True)
|
||||
def test_refresh_security_group_members(self, mock_rsgm):
|
||||
fake_group = 'fake-security-group-members'
|
||||
self.driver.refresh_security_group_members(fake_group)
|
||||
mock_rsgm.assert_called_once_with(fake_group)
|
||||
|
||||
@mock.patch.object(firewall.NoopFirewallDriver,
|
||||
'refresh_instance_security_rules', create=True)
|
||||
def test_refresh_security_group_rules(self, mock_risr):
|
||||
|
|
|
@ -614,12 +614,6 @@ class _VirtDriverTestCase(_FakeDriverBackendTestCase):
|
|||
instance_ref, network_info = self._get_running_instance()
|
||||
self.connection.refresh_security_group_rules(1)
|
||||
|
||||
@catch_notimplementederror
|
||||
def test_refresh_security_group_members(self):
|
||||
# FIXME: Create security group and add the instance to it
|
||||
instance_ref, network_info = self._get_running_instance()
|
||||
self.connection.refresh_security_group_members(1)
|
||||
|
||||
@catch_notimplementederror
|
||||
def test_refresh_instance_security_rules(self):
|
||||
# FIXME: Create security group and add the instance to it
|
||||
|
|
|
@ -898,43 +898,6 @@ class ComputeDriver(object):
|
|||
# TODO(Vek): Need to pass context in for access to auth_token
|
||||
raise NotImplementedError()
|
||||
|
||||
def refresh_security_group_members(self, security_group_id):
|
||||
"""This method is called when a security group is added to an instance.
|
||||
|
||||
This message is sent to the virtualization drivers on hosts that are
|
||||
running an instance that belongs to a security group that has a rule
|
||||
that references the security group identified by `security_group_id`.
|
||||
It is the responsibility of this method to make sure any rules
|
||||
that authorize traffic flow with members of the security group are
|
||||
updated and any new members can communicate, and any removed members
|
||||
cannot.
|
||||
|
||||
Scenario:
|
||||
* we are running on host 'H0' and we have an instance 'i-0'.
|
||||
* instance 'i-0' is a member of security group 'speaks-b'
|
||||
* group 'speaks-b' has an ingress rule that authorizes group 'b'
|
||||
* another host 'H1' runs an instance 'i-1'
|
||||
* instance 'i-1' is a member of security group 'b'
|
||||
|
||||
When 'i-1' launches or terminates we will receive the message
|
||||
to update members of group 'b', at which time we will make
|
||||
any changes needed to the rules for instance 'i-0' to allow
|
||||
or deny traffic coming from 'i-1', depending on if it is being
|
||||
added or removed from the group.
|
||||
|
||||
In this scenario, 'i-1' could just as easily have been running on our
|
||||
host 'H0' and this method would still have been called. The point was
|
||||
that this method isn't called on the host where instances of that
|
||||
group are running (as is the case with
|
||||
:py:meth:`refresh_security_group_rules`) but is called where references
|
||||
are made to authorizing those instances.
|
||||
|
||||
An error should be raised if the operation cannot complete.
|
||||
|
||||
"""
|
||||
# TODO(Vek): Need to pass context in for access to auth_token
|
||||
raise NotImplementedError()
|
||||
|
||||
def refresh_provider_fw_rules(self):
|
||||
"""This triggers a firewall update based on database changes.
|
||||
|
||||
|
|
|
@ -427,9 +427,6 @@ class FakeDriver(driver.ComputeDriver):
|
|||
def refresh_security_group_rules(self, security_group_id):
|
||||
return True
|
||||
|
||||
def refresh_security_group_members(self, security_group_id):
|
||||
return True
|
||||
|
||||
def refresh_instance_security_rules(self, instance):
|
||||
return True
|
||||
|
||||
|
|
|
@ -94,14 +94,6 @@ class FirewallDriver(object):
|
|||
"""
|
||||
raise NotImplementedError()
|
||||
|
||||
def refresh_security_group_members(self, security_group_id):
|
||||
"""Refresh security group members from data store
|
||||
|
||||
Gets called when an instance gets added to or removed from
|
||||
the security group.
|
||||
"""
|
||||
raise NotImplementedError()
|
||||
|
||||
def refresh_instance_security_rules(self, instance):
|
||||
"""Refresh security group rules from data store
|
||||
|
||||
|
@ -422,10 +414,6 @@ class IptablesFirewallDriver(FirewallDriver):
|
|||
def instance_filter_exists(self, instance, network_info):
|
||||
pass
|
||||
|
||||
def refresh_security_group_members(self, security_group):
|
||||
self.do_refresh_security_group_rules(security_group)
|
||||
self.iptables.apply()
|
||||
|
||||
def refresh_security_group_rules(self, security_group):
|
||||
self.do_refresh_security_group_rules(security_group)
|
||||
self.iptables.apply()
|
||||
|
|
|
@ -1006,16 +1006,6 @@ class IronicDriver(virt_driver.ComputeDriver):
|
|||
"""
|
||||
self.firewall_driver.refresh_security_group_rules(security_group_id)
|
||||
|
||||
def refresh_security_group_members(self, security_group_id):
|
||||
"""Refresh security group members from data store.
|
||||
|
||||
Invoked when instances are added/removed to a security group.
|
||||
|
||||
:param security_group_id: The security group id.
|
||||
|
||||
"""
|
||||
self.firewall_driver.refresh_security_group_members(security_group_id)
|
||||
|
||||
def refresh_provider_fw_rules(self):
|
||||
"""Triggers a firewall update based on database changes."""
|
||||
self.firewall_driver.refresh_provider_fw_rules()
|
||||
|
|
|
@ -4970,9 +4970,6 @@ class LibvirtDriver(driver.ComputeDriver):
|
|||
def refresh_security_group_rules(self, security_group_id):
|
||||
self.firewall_driver.refresh_security_group_rules(security_group_id)
|
||||
|
||||
def refresh_security_group_members(self, security_group_id):
|
||||
self.firewall_driver.refresh_security_group_members(security_group_id)
|
||||
|
||||
def refresh_instance_security_rules(self, instance):
|
||||
self.firewall_driver.refresh_instance_security_rules(instance)
|
||||
|
||||
|
|
|
@ -610,14 +610,6 @@ class XenAPIDriver(driver.ComputeDriver):
|
|||
"""
|
||||
return self._vmops.refresh_security_group_rules(security_group_id)
|
||||
|
||||
def refresh_security_group_members(self, security_group_id):
|
||||
"""Updates security group rules for all instances associated with a
|
||||
given security group.
|
||||
|
||||
Invoked when instances are added/removed to a security group.
|
||||
"""
|
||||
return self._vmops.refresh_security_group_members(security_group_id)
|
||||
|
||||
def refresh_instance_security_rules(self, instance):
|
||||
"""Updates security group rules for specified instance.
|
||||
|
||||
|
|
|
@ -2045,10 +2045,6 @@ class VMOps(object):
|
|||
"""recreates security group rules for every instance."""
|
||||
self.firewall_driver.refresh_security_group_rules(security_group_id)
|
||||
|
||||
def refresh_security_group_members(self, security_group_id):
|
||||
"""recreates security group rules for every instance."""
|
||||
self.firewall_driver.refresh_security_group_members(security_group_id)
|
||||
|
||||
def refresh_instance_security_rules(self, instance):
|
||||
"""recreates security group rules for specified instance."""
|
||||
self.firewall_driver.refresh_instance_security_rules(instance)
|
||||
|
|
Loading…
Reference in New Issue