Updating {add,remove}_security_group in compute.api to use instance
uuids instead of instance ids. blueprint internal-uuids Change-Id: I7ba998c67a6b42961657876a8eaa797aa8c29896
This commit is contained in:
Naveed Massjouni
@@ -447,10 +447,11 @@ class API(base.Base):
|
||||
instance = dict(launch_index=num, **base_options)
|
||||
instance = self.db.instance_create(context, instance)
|
||||
instance_id = instance['id']
|
||||
instance_uuid = instance['uuid']
|
||||
|
||||
for security_group_id in security_groups:
|
||||
self.db.instance_add_security_group(elevated,
|
||||
instance_id,
|
||||
instance_uuid,
|
||||
security_group_id)
|
||||
|
||||
# BlockDeviceMapping table
|
||||
@@ -677,7 +678,7 @@ class API(base.Base):
|
||||
{'method': 'refresh_provider_fw_rules', 'args': {}})
|
||||
|
||||
def _is_security_group_associated_with_server(self, security_group,
|
||||
instance_id):
|
||||
instance_uuid):
|
||||
"""Check if the security group is already associated
|
||||
with the instance. If Yes, return True.
|
||||
"""
|
||||
@@ -689,10 +690,9 @@ class API(base.Base):
|
||||
if not instances:
|
||||
return False
|
||||
|
||||
inst_id = None
|
||||
for inst_id in (instance['id'] for instance in instances \
|
||||
if instance_id == instance['id']):
|
||||
return True
|
||||
for inst in instances:
|
||||
if (instance_uuid == inst['uuid']):
|
||||
return True
|
||||
|
||||
return False
|
||||
|
||||
@@ -703,20 +703,21 @@ class API(base.Base):
|
||||
security_group_name)
|
||||
|
||||
instance_id = instance['id']
|
||||
instance_uuid = instance['uuid']
|
||||
|
||||
#check if the security group is associated with the server
|
||||
if self._is_security_group_associated_with_server(security_group,
|
||||
instance_id):
|
||||
instance_uuid):
|
||||
raise exception.SecurityGroupExistsForInstance(
|
||||
security_group_id=security_group['id'],
|
||||
instance_id=instance_id)
|
||||
instance_id=instance_uuid)
|
||||
|
||||
#check if the instance is in running state
|
||||
if instance['power_state'] != power_state.RUNNING:
|
||||
raise exception.InstanceNotRunning(instance_id=instance_id)
|
||||
raise exception.InstanceNotRunning(instance_id=instance_uuid)
|
||||
|
||||
self.db.instance_add_security_group(context.elevated(),
|
||||
instance_id,
|
||||
instance_uuid,
|
||||
security_group['id'])
|
||||
host = instance['host']
|
||||
rpc.cast(context,
|
||||
@@ -731,20 +732,21 @@ class API(base.Base):
|
||||
security_group_name)
|
||||
|
||||
instance_id = instance['id']
|
||||
instance_uuid = instance['uuid']
|
||||
|
||||
#check if the security group is associated with the server
|
||||
if not self._is_security_group_associated_with_server(security_group,
|
||||
instance_id):
|
||||
instance_uuid):
|
||||
raise exception.SecurityGroupNotExistsForInstance(
|
||||
security_group_id=security_group['id'],
|
||||
instance_id=instance_id)
|
||||
instance_id=instance_uuid)
|
||||
|
||||
#check if the instance is in running state
|
||||
if instance['power_state'] != power_state.RUNNING:
|
||||
raise exception.InstanceNotRunning(instance_id=instance_id)
|
||||
raise exception.InstanceNotRunning(instance_id=instance_uuid)
|
||||
|
||||
self.db.instance_remove_security_group(context.elevated(),
|
||||
instance_id,
|
||||
instance_uuid,
|
||||
security_group['id'])
|
||||
host = instance['host']
|
||||
rpc.cast(context,
|
||||
|
||||
@@ -1588,11 +1588,12 @@ def instance_update(context, instance_id, values):
|
||||
return instance_ref
|
||||
|
||||
|
||||
def instance_add_security_group(context, instance_id, security_group_id):
|
||||
def instance_add_security_group(context, instance_uuid, security_group_id):
|
||||
"""Associate the given security group with the given instance"""
|
||||
session = get_session()
|
||||
with session.begin():
|
||||
instance_ref = instance_get(context, instance_id, session=session)
|
||||
instance_ref = instance_get_by_uuid(context, instance_uuid,
|
||||
session=session)
|
||||
security_group_ref = security_group_get(context,
|
||||
security_group_id,
|
||||
session=session)
|
||||
@@ -1601,12 +1602,13 @@ def instance_add_security_group(context, instance_id, security_group_id):
|
||||
|
||||
|
||||
@require_context
|
||||
def instance_remove_security_group(context, instance_id, security_group_id):
|
||||
def instance_remove_security_group(context, instance_uuid, security_group_id):
|
||||
"""Disassociate the given security group from the given instance"""
|
||||
session = get_session()
|
||||
|
||||
instance_ref = instance_get_by_uuid(context, instance_uuid,
|
||||
session=session)
|
||||
session.query(models.SecurityGroupInstanceAssociation).\
|
||||
filter_by(instance_id=instance_id).\
|
||||
filter_by(instance_id=instance_ref['id']).\
|
||||
filter_by(security_group_id=security_group_id).\
|
||||
update({'deleted': True,
|
||||
'deleted_at': utils.utcnow(),
|
||||
|
||||
@@ -22,6 +22,7 @@ import webob
|
||||
from nova.api.openstack.v2.contrib import security_groups
|
||||
import nova.db
|
||||
from nova import exception
|
||||
from nova import utils
|
||||
from nova import test
|
||||
from nova.tests.api.openstack import fakes
|
||||
|
||||
@@ -86,12 +87,13 @@ def return_server_by_uuid(context, server_uuid):
|
||||
|
||||
|
||||
def return_non_running_server(context, server_id):
|
||||
return {'id': server_id, 'power_state': 0x02,
|
||||
return {'id': server_id, 'power_state': 0x02, 'uuid': FAKE_UUID,
|
||||
'host': "localhost", 'name': 'asdf'}
|
||||
|
||||
|
||||
def return_security_group_by_name(context, project_id, group_name):
|
||||
return {'id': 1, 'name': group_name, "instances": [{'id': 1}]}
|
||||
return {'id': 1, 'name': group_name,
|
||||
"instances": [{'id': 1, 'uuid': FAKE_UUID}]}
|
||||
|
||||
|
||||
def return_security_group_without_instances(context, project_id, group_name):
|
||||
|
||||
@@ -1320,9 +1320,9 @@ class IptablesFirewallTestCase(test.TestCase):
|
||||
'to_port': 81,
|
||||
'group_id': src_secgroup['id']})
|
||||
|
||||
db.instance_add_security_group(admin_ctxt, instance_ref['id'],
|
||||
db.instance_add_security_group(admin_ctxt, instance_ref['uuid'],
|
||||
secgroup['id'])
|
||||
db.instance_add_security_group(admin_ctxt, src_instance_ref['id'],
|
||||
db.instance_add_security_group(admin_ctxt, src_instance_ref['uuid'],
|
||||
src_secgroup['id'])
|
||||
instance_ref = db.instance_get(admin_ctxt, instance_ref['id'])
|
||||
src_instance_ref = db.instance_get(admin_ctxt, src_instance_ref['id'])
|
||||
@@ -1664,6 +1664,7 @@ class NWFilterTestCase(test.TestCase):
|
||||
|
||||
instance_ref = self._create_instance()
|
||||
inst_id = instance_ref['id']
|
||||
inst_uuid = instance_ref['uuid']
|
||||
|
||||
def _ensure_all_called(mac):
|
||||
instance_filter = 'nova-instance-%s-%s' % (instance_ref['name'],
|
||||
@@ -1679,7 +1680,7 @@ class NWFilterTestCase(test.TestCase):
|
||||
|
||||
self.security_group = self.setup_and_return_security_group()
|
||||
|
||||
db.instance_add_security_group(self.context, inst_id,
|
||||
db.instance_add_security_group(self.context, inst_uuid,
|
||||
self.security_group.id)
|
||||
instance = db.instance_get(self.context, inst_id)
|
||||
|
||||
@@ -1713,10 +1714,11 @@ class NWFilterTestCase(test.TestCase):
|
||||
|
||||
instance_ref = self._create_instance()
|
||||
inst_id = instance_ref['id']
|
||||
inst_uuid = instance_ref['uuid']
|
||||
|
||||
self.security_group = self.setup_and_return_security_group()
|
||||
|
||||
db.instance_add_security_group(self.context, inst_id,
|
||||
db.instance_add_security_group(self.context, inst_uuid,
|
||||
self.security_group.id)
|
||||
|
||||
instance = db.instance_get(self.context, inst_id)
|
||||
|
||||
Reference in New Issue
Block a user