From 4ee60b92ed2c77cdb395169a8db5fb90cc59974f Mon Sep 17 00:00:00 2001 From: Hans Lindgren Date: Wed, 13 May 2015 11:33:58 +0200 Subject: [PATCH] Remove unused refresh_security_group_members() call This call was replaced with refresh_instance_security_groups() in compute rpc version 1.41(!) Since we just reached version 4.0 it should be fairly safe to just remove all traces of this without backwards compatibility being an issue. The original change that replaced and made this call no longer being used was commit 2afbbab23a9d845cde511baa1e574fdcf5ab5171. Change-Id: I60d314f68a984fa8e6d36f46b5ae595f0afabe73 --- nova/compute/manager.py | 9 ------ nova/compute/rpcapi.py | 9 ++---- nova/tests/unit/compute/test_rpcapi.py | 4 --- nova/tests/unit/virt/ironic/test_driver.py | 7 ---- nova/tests/unit/virt/test_virt_drivers.py | 6 ---- nova/virt/driver.py | 37 ---------------------- nova/virt/fake.py | 3 -- nova/virt/firewall.py | 12 ------- nova/virt/ironic/driver.py | 10 ------ nova/virt/libvirt/driver.py | 3 -- nova/virt/xenapi/driver.py | 8 ----- nova/virt/xenapi/vmops.py | 4 --- 12 files changed, 2 insertions(+), 110 deletions(-) diff --git a/nova/compute/manager.py b/nova/compute/manager.py index 9fb449cb82ef..5918e8377175 100644 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -1356,15 +1356,6 @@ class ComputeManager(manager.Manager): """ return self.driver.refresh_security_group_rules(security_group_id) - @wrap_exception() - def refresh_security_group_members(self, context, security_group_id): - """Tell the virtualization driver to refresh security group members. - - Passes straight through to the virtualization driver. - - """ - return self.driver.refresh_security_group_members(security_group_id) - @object_compat @wrap_exception() def refresh_instance_security_rules(self, context, instance): diff --git a/nova/compute/rpcapi.py b/nova/compute/rpcapi.py index dddee7b068cf..e9ae27614913 100644 --- a/nova/compute/rpcapi.py +++ b/nova/compute/rpcapi.py @@ -306,6 +306,8 @@ class ComputeAPI(object): ... Liberty supports messaging version 4.5. So, any changes to existing methods in 4.x after that point should be done so that they can handle the version_cap being set to 4.5 + + * ... - Remove refresh_security_group_members() ''' VERSION_ALIASES = { @@ -931,13 +933,6 @@ class ComputeAPI(object): cctxt.cast(ctxt, 'refresh_security_group_rules', security_group_id=security_group_id) - def refresh_security_group_members(self, ctxt, security_group_id, - host): - version = '4.0' - cctxt = self.client.prepare(server=host, version=version) - cctxt.cast(ctxt, 'refresh_security_group_members', - security_group_id=security_group_id) - def refresh_instance_security_rules(self, ctxt, host, instance): version = '4.4' if not self.client.can_send_version(version): diff --git a/nova/tests/unit/compute/test_rpcapi.py b/nova/tests/unit/compute/test_rpcapi.py index cc60fb60a620..075853dc10c2 100644 --- a/nova/tests/unit/compute/test_rpcapi.py +++ b/nova/tests/unit/compute/test_rpcapi.py @@ -334,10 +334,6 @@ class ComputeRpcAPITestCase(test.NoDBTestCase): self._test_compute_api('refresh_security_group_rules', 'cast', security_group_id='id', host='host', version='4.0') - def test_refresh_security_group_members(self): - self._test_compute_api('refresh_security_group_members', 'cast', - security_group_id='id', host='host', version='4.0') - def test_refresh_instance_security_rules(self): expected_args = {'instance': self.fake_instance_obj} self._test_compute_api('refresh_instance_security_rules', 'cast', diff --git a/nova/tests/unit/virt/ironic/test_driver.py b/nova/tests/unit/virt/ironic/test_driver.py index cd0128315123..2862a19e60d6 100644 --- a/nova/tests/unit/virt/ironic/test_driver.py +++ b/nova/tests/unit/virt/ironic/test_driver.py @@ -1463,13 +1463,6 @@ class IronicDriverTestCase(test.NoDBTestCase): self.driver.refresh_provider_fw_rules() mock_rpfr.assert_called_once_with() - @mock.patch.object(firewall.NoopFirewallDriver, - 'refresh_security_group_members', create=True) - def test_refresh_security_group_members(self, mock_rsgm): - fake_group = 'fake-security-group-members' - self.driver.refresh_security_group_members(fake_group) - mock_rsgm.assert_called_once_with(fake_group) - @mock.patch.object(firewall.NoopFirewallDriver, 'refresh_instance_security_rules', create=True) def test_refresh_security_group_rules(self, mock_risr): diff --git a/nova/tests/unit/virt/test_virt_drivers.py b/nova/tests/unit/virt/test_virt_drivers.py index d17c0ef54204..5adcdfb296ab 100644 --- a/nova/tests/unit/virt/test_virt_drivers.py +++ b/nova/tests/unit/virt/test_virt_drivers.py @@ -614,12 +614,6 @@ class _VirtDriverTestCase(_FakeDriverBackendTestCase): instance_ref, network_info = self._get_running_instance() self.connection.refresh_security_group_rules(1) - @catch_notimplementederror - def test_refresh_security_group_members(self): - # FIXME: Create security group and add the instance to it - instance_ref, network_info = self._get_running_instance() - self.connection.refresh_security_group_members(1) - @catch_notimplementederror def test_refresh_instance_security_rules(self): # FIXME: Create security group and add the instance to it diff --git a/nova/virt/driver.py b/nova/virt/driver.py index 7ad53bf41ec0..bd8a65dc7128 100644 --- a/nova/virt/driver.py +++ b/nova/virt/driver.py @@ -898,43 +898,6 @@ class ComputeDriver(object): # TODO(Vek): Need to pass context in for access to auth_token raise NotImplementedError() - def refresh_security_group_members(self, security_group_id): - """This method is called when a security group is added to an instance. - - This message is sent to the virtualization drivers on hosts that are - running an instance that belongs to a security group that has a rule - that references the security group identified by `security_group_id`. - It is the responsibility of this method to make sure any rules - that authorize traffic flow with members of the security group are - updated and any new members can communicate, and any removed members - cannot. - - Scenario: - * we are running on host 'H0' and we have an instance 'i-0'. - * instance 'i-0' is a member of security group 'speaks-b' - * group 'speaks-b' has an ingress rule that authorizes group 'b' - * another host 'H1' runs an instance 'i-1' - * instance 'i-1' is a member of security group 'b' - - When 'i-1' launches or terminates we will receive the message - to update members of group 'b', at which time we will make - any changes needed to the rules for instance 'i-0' to allow - or deny traffic coming from 'i-1', depending on if it is being - added or removed from the group. - - In this scenario, 'i-1' could just as easily have been running on our - host 'H0' and this method would still have been called. The point was - that this method isn't called on the host where instances of that - group are running (as is the case with - :py:meth:`refresh_security_group_rules`) but is called where references - are made to authorizing those instances. - - An error should be raised if the operation cannot complete. - - """ - # TODO(Vek): Need to pass context in for access to auth_token - raise NotImplementedError() - def refresh_provider_fw_rules(self): """This triggers a firewall update based on database changes. diff --git a/nova/virt/fake.py b/nova/virt/fake.py index ea2cb9bd8528..17ee33ad8647 100644 --- a/nova/virt/fake.py +++ b/nova/virt/fake.py @@ -427,9 +427,6 @@ class FakeDriver(driver.ComputeDriver): def refresh_security_group_rules(self, security_group_id): return True - def refresh_security_group_members(self, security_group_id): - return True - def refresh_instance_security_rules(self, instance): return True diff --git a/nova/virt/firewall.py b/nova/virt/firewall.py index c460fd403867..5e7b655309c6 100644 --- a/nova/virt/firewall.py +++ b/nova/virt/firewall.py @@ -94,14 +94,6 @@ class FirewallDriver(object): """ raise NotImplementedError() - def refresh_security_group_members(self, security_group_id): - """Refresh security group members from data store - - Gets called when an instance gets added to or removed from - the security group. - """ - raise NotImplementedError() - def refresh_instance_security_rules(self, instance): """Refresh security group rules from data store @@ -422,10 +414,6 @@ class IptablesFirewallDriver(FirewallDriver): def instance_filter_exists(self, instance, network_info): pass - def refresh_security_group_members(self, security_group): - self.do_refresh_security_group_rules(security_group) - self.iptables.apply() - def refresh_security_group_rules(self, security_group): self.do_refresh_security_group_rules(security_group) self.iptables.apply() diff --git a/nova/virt/ironic/driver.py b/nova/virt/ironic/driver.py index b1b8de289630..83f7757de37c 100644 --- a/nova/virt/ironic/driver.py +++ b/nova/virt/ironic/driver.py @@ -1006,16 +1006,6 @@ class IronicDriver(virt_driver.ComputeDriver): """ self.firewall_driver.refresh_security_group_rules(security_group_id) - def refresh_security_group_members(self, security_group_id): - """Refresh security group members from data store. - - Invoked when instances are added/removed to a security group. - - :param security_group_id: The security group id. - - """ - self.firewall_driver.refresh_security_group_members(security_group_id) - def refresh_provider_fw_rules(self): """Triggers a firewall update based on database changes.""" self.firewall_driver.refresh_provider_fw_rules() diff --git a/nova/virt/libvirt/driver.py b/nova/virt/libvirt/driver.py index 80103003de3a..38ee4783c48e 100644 --- a/nova/virt/libvirt/driver.py +++ b/nova/virt/libvirt/driver.py @@ -4970,9 +4970,6 @@ class LibvirtDriver(driver.ComputeDriver): def refresh_security_group_rules(self, security_group_id): self.firewall_driver.refresh_security_group_rules(security_group_id) - def refresh_security_group_members(self, security_group_id): - self.firewall_driver.refresh_security_group_members(security_group_id) - def refresh_instance_security_rules(self, instance): self.firewall_driver.refresh_instance_security_rules(instance) diff --git a/nova/virt/xenapi/driver.py b/nova/virt/xenapi/driver.py index 785dc46e6a76..083180b19be9 100644 --- a/nova/virt/xenapi/driver.py +++ b/nova/virt/xenapi/driver.py @@ -610,14 +610,6 @@ class XenAPIDriver(driver.ComputeDriver): """ return self._vmops.refresh_security_group_rules(security_group_id) - def refresh_security_group_members(self, security_group_id): - """Updates security group rules for all instances associated with a - given security group. - - Invoked when instances are added/removed to a security group. - """ - return self._vmops.refresh_security_group_members(security_group_id) - def refresh_instance_security_rules(self, instance): """Updates security group rules for specified instance. diff --git a/nova/virt/xenapi/vmops.py b/nova/virt/xenapi/vmops.py index 06b2761e1b2f..df5215cd3346 100644 --- a/nova/virt/xenapi/vmops.py +++ b/nova/virt/xenapi/vmops.py @@ -2045,10 +2045,6 @@ class VMOps(object): """recreates security group rules for every instance.""" self.firewall_driver.refresh_security_group_rules(security_group_id) - def refresh_security_group_members(self, security_group_id): - """recreates security group rules for every instance.""" - self.firewall_driver.refresh_security_group_members(security_group_id) - def refresh_instance_security_rules(self, instance): """recreates security group rules for specified instance.""" self.firewall_driver.refresh_instance_security_rules(instance)