Browse Source

[MP2P] Amend default security group post migration

Ensure the expression captures both migrated ports and newly
created ports.

Change-Id: I0664d7aee37430f4d1c31aac408b2528430e6ab7
changes/39/788139/1
Salvatore Orlando 3 weeks ago
committed by Salvatore Orlando
parent
commit
ec55691f84
1 changed files with 22 additions and 0 deletions
  1. +22
    -0
      vmware_nsx/shell/admin/plugins/nsxv3/resources/migration.py

+ 22
- 0
vmware_nsx/shell/admin/plugins/nsxv3/resources/migration.py View File

@ -50,6 +50,7 @@ from vmware_nsxlib.v3 import nsx_constants
from vmware_nsxlib.v3.policy import constants as policy_constants
from vmware_nsxlib.v3.policy import core_resources as policy_resources
from vmware_nsxlib.v3.policy import utils as policy_utils
from vmware_nsxlib.v3 import security
LOG = logging.getLogger(__name__)
@ -1398,6 +1399,27 @@ def post_migration_actions(nsxlib, nsxpolicy, nsxpolicy_admin, plugin):
LOG.info("Starting post-migration actions")
ctx = context.get_admin_context()
# -- Amend default security group criteria
mp_scope_and_tag = "%s|%s" % (security.PORT_SG_SCOPE,
v3_plugin.NSX_V3_DEFAULT_SECTION)
p_scope_and_tag = "%s|" % (p_plugin.NSX_P_PORT_RESOURCE_TYPE)
mp_condition = nsxpolicy.group.build_condition(
cond_val=mp_scope_and_tag,
cond_key=policy_constants.CONDITION_KEY_TAG,
cond_member_type=policy_constants.CONDITION_MEMBER_PORT)
p_condition = nsxpolicy.group.build_condition(
cond_val=p_scope_and_tag,
cond_key=policy_constants.CONDITION_KEY_TAG,
cond_member_type=policy_constants.CONDITION_MEMBER_PORT)
final_conditions = nsxpolicy.group.build_union_condition(
conditions=[mp_condition, p_condition])
nsxpolicy.group.update_with_conditions(
p_plugin.NSX_P_GLOBAL_DOMAIN_ID,
p_plugin.NSX_P_DEFAULT_GROUP,
conditions=final_conditions)
LOG.info("Match criteria for default SG group updated")
# -- Update Lb tags on loadbalancer service
pol_lb_services = nsxpolicy.load_balancer.lb_service.list()
for lb_srv in pol_lb_services:


Loading…
Cancel
Save