Minimise number of auto security groups
Change-Id: Iee37425f97d6f7c35a83fe290caf76f5d0dc012e Closes-bug: 1578850
This commit is contained in:
parent
8ee0fae38e
commit
64355f5af5
@ -32,6 +32,8 @@ LOG = logging.getLogger(__name__)
|
|||||||
SSH_PORT = 22
|
SSH_PORT = 22
|
||||||
INSTANCE_RESOURCE_NAME = "inst"
|
INSTANCE_RESOURCE_NAME = "inst"
|
||||||
SERVER_GROUP_PARAM_NAME = "servgroup"
|
SERVER_GROUP_PARAM_NAME = "servgroup"
|
||||||
|
AUTO_SECURITY_GROUP_PARAM_NAME = "autosecgroup"
|
||||||
|
|
||||||
# TODO(vgridnev): Using insecure flag until correct way to pass certificate
|
# TODO(vgridnev): Using insecure flag until correct way to pass certificate
|
||||||
# will be invented
|
# will be invented
|
||||||
WAIT_CONDITION_SCRIPT_TEMPLATE = '''
|
WAIT_CONDITION_SCRIPT_TEMPLATE = '''
|
||||||
@ -215,6 +217,9 @@ class ClusterStack(object):
|
|||||||
for ng in self.cluster.node_groups:
|
for ng in self.cluster.node_groups:
|
||||||
resources.update(self._serialize_ng_group(ng, outputs))
|
resources.update(self._serialize_ng_group(ng, outputs))
|
||||||
|
|
||||||
|
for ng in self.cluster.node_groups:
|
||||||
|
resources.update(self._serialize_auto_security_group(ng))
|
||||||
|
|
||||||
return resources
|
return resources
|
||||||
|
|
||||||
def _serialize_ng_group(self, ng, outputs):
|
def _serialize_ng_group(self, ng, outputs):
|
||||||
@ -224,9 +229,15 @@ class ClusterStack(object):
|
|||||||
outputs[ng.name + "-instances"] = {
|
outputs[ng.name + "-instances"] = {
|
||||||
"value": {"get_attr": [ng.name, "instance"]}}
|
"value": {"get_attr": [ng.name, "instance"]}}
|
||||||
properties = {"instance_index": "%index%"}
|
properties = {"instance_index": "%index%"}
|
||||||
|
|
||||||
if ng.cluster.anti_affinity:
|
if ng.cluster.anti_affinity:
|
||||||
properties[SERVER_GROUP_PARAM_NAME] = {
|
properties[SERVER_GROUP_PARAM_NAME] = {
|
||||||
'get_resource': _get_aa_group_name(ng.cluster)}
|
'get_resource': _get_aa_group_name(ng.cluster)}
|
||||||
|
|
||||||
|
if ng.auto_security_group:
|
||||||
|
properties[AUTO_SECURITY_GROUP_PARAM_NAME] = {
|
||||||
|
'get_resource': g.generate_auto_security_group_name(ng)}
|
||||||
|
|
||||||
return {
|
return {
|
||||||
ng.name: {
|
ng.name: {
|
||||||
"type": "OS::Heat::ResourceGroup",
|
"type": "OS::Heat::ResourceGroup",
|
||||||
@ -242,8 +253,13 @@ class ClusterStack(object):
|
|||||||
|
|
||||||
def _serialize_ng_file(self, ng):
|
def _serialize_ng_file(self, ng):
|
||||||
parameters = {"instance_index": {"type": "string"}}
|
parameters = {"instance_index": {"type": "string"}}
|
||||||
|
|
||||||
if ng.cluster.anti_affinity:
|
if ng.cluster.anti_affinity:
|
||||||
parameters[SERVER_GROUP_PARAM_NAME] = {'type': "string"}
|
parameters[SERVER_GROUP_PARAM_NAME] = {'type': "string"}
|
||||||
|
|
||||||
|
if ng.auto_security_group:
|
||||||
|
parameters[AUTO_SECURITY_GROUP_PARAM_NAME] = {'type': "string"}
|
||||||
|
|
||||||
return yaml.safe_dump({
|
return yaml.safe_dump({
|
||||||
"heat_template_version": heat_common.HEAT_TEMPLATE_VERSION,
|
"heat_template_version": heat_common.HEAT_TEMPLATE_VERSION,
|
||||||
"description": self._node_group_description(ng),
|
"description": self._node_group_description(ng),
|
||||||
@ -326,9 +342,6 @@ class ClusterStack(object):
|
|||||||
|
|
||||||
inst_name = _get_inst_name(ng)
|
inst_name = _get_inst_name(ng)
|
||||||
|
|
||||||
if ng.auto_security_group:
|
|
||||||
resources.update(self._serialize_auto_security_group(ng))
|
|
||||||
|
|
||||||
if ng.floating_ip_pool:
|
if ng.floating_ip_pool:
|
||||||
resources.update(self._serialize_nova_floating(ng))
|
resources.update(self._serialize_nova_floating(ng))
|
||||||
|
|
||||||
@ -492,8 +505,7 @@ class ClusterStack(object):
|
|||||||
node_group_sg = list(node_group.security_groups or [])
|
node_group_sg = list(node_group.security_groups or [])
|
||||||
if node_group.auto_security_group:
|
if node_group.auto_security_group:
|
||||||
node_group_sg += [
|
node_group_sg += [
|
||||||
{"get_resource": g.generate_auto_security_group_name(
|
{"get_param": AUTO_SECURITY_GROUP_PARAM_NAME}
|
||||||
node_group)}
|
|
||||||
]
|
]
|
||||||
return node_group_sg
|
return node_group_sg
|
||||||
|
|
||||||
|
@ -98,7 +98,7 @@ class TestClusterTemplate(BaseTestClusterTemplate):
|
|||||||
actual = heat_template._get_security_groups(ng1)
|
actual = heat_template._get_security_groups(ng1)
|
||||||
self.assertEqual(expected, actual)
|
self.assertEqual(expected, actual)
|
||||||
|
|
||||||
expected = ['3', '4', {'get_resource': 'cluster-worker-2'}]
|
expected = ['3', '4', {'get_param': 'autosecgroup'}]
|
||||||
actual = heat_template._get_security_groups(ng2)
|
actual = heat_template._get_security_groups(ng2)
|
||||||
self.assertEqual(expected, actual)
|
self.assertEqual(expected, actual)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user