PEP-8 fixes

author: Soren Hansen <soren@linux2go.dk> 2011-02-21 14:16:42 +0100
committer: Soren Hansen <soren@linux2go.dk> 2011-02-21 14:16:42 +0100
commit: a57dffb5fdfbfac59b9ddbe7b33d6f03b7b748ba (patch)
tree: fb18aff9227a4466f830a28faa86c88f3a2019ba
parent: 15203c9ceaa94f0cd5bad96622ee93af7662bcce (diff)
5 files changed, 37 insertions, 29 deletions
diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py
index d4cfbbde9..b5d1323a1 100644
--- a/nova/network/linux_net.py
+++ b/nova/network/linux_net.py
@@ -129,8 +129,10 @@ class IptablesTable(object):
         try:
             self.rules.remove(IptablesRule(*args, **kwargs))
         except ValueError:
-            LOG.debug(_("Tried to remove rule that wasn't there: %r %r"),
-                      args, kwargs)
+            LOG.debug(_("Tried to remove rule that wasn't there:"
+                        " %(args)r %(kwargs)r"), {'args': args,
+                                                  'kwargs': kwargs})
+
 
 class IptablesManager(object):
     def __init__(self, execute=None):
@@ -142,9 +144,9 @@ class IptablesManager(object):
         else:
             self.execute = execute
 
-        self.ipv4 = { 'filter': IptablesTable(),
-                      'nat': IptablesTable() }
-        self.ipv6 = { 'filter': IptablesTable() }
+        self.ipv4 = {'filter': IptablesTable(),
+                     'nat': IptablesTable()}
+        self.ipv6 = {'filter': IptablesTable()}
 
         self.ipv4['nat'].add_chain('SNATTING')
         self.ipv4['nat'].add_rule('POSTROUTING',
@@ -155,11 +157,18 @@ class IptablesManager(object):
         self.ipv4['filter'].add_rule('FORWARD',
                                     '-j %s-local' % (binary_name,),
                                     wrap=False)
-
         self.ipv4['filter'].add_rule('OUTPUT',
                                     '-j %s-local' % (binary_name,),
                                     wrap=False)
 
+        self.ipv6['filter'].add_chain('local')
+        self.ipv6['filter'].add_rule('FORWARD',
+                                    '-j %s-local' % (binary_name,),
+                                    wrap=False)
+        self.ipv6['filter'].add_rule('OUTPUT',
+                                    '-j %s-local' % (binary_name,),
+                                    wrap=False)
+
         # Wrap the builtin chains
         builtin_chains = {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
                           'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']}
@@ -172,7 +181,6 @@ class IptablesManager(object):
                                           wrap=False)
         self.semaphore = semaphore.Semaphore()
 
-
     def apply(self):
         with self.semaphore:
             s = [('iptables', self.ipv4)]
@@ -184,7 +192,8 @@ class IptablesManager(object):
                     current_table, _ = self.execute('sudo %s-save -t %s' %
                                                     (cmd, table), attempts=5)
                     current_lines = current_table.split('\n')
-                    new_filter = self.modify_rules(current_lines, tables[table])
+                    new_filter = self.modify_rules(current_lines,
+                                                   tables[table])
                     self.execute('sudo %s-restore' % (cmd,),
                                  process_input='\n'.join(new_filter),
                                  attempts=5)
@@ -285,17 +294,20 @@ def ensure_floating_forward(floating_ip, fixed_ip):
         iptables_manager.ipv4['nat'].add_rule(chain, rule)
     iptables_manager.apply()
 
+
 def remove_floating_forward(floating_ip, fixed_ip):
     """Remove forwarding for floating ip"""
     for chain, rule in floating_forward_rules(floating_ip, fixed_ip):
         iptables_manager.ipv4['nat'].remove_rule(chain, rule)
     iptables_manager.apply()
 
+
 def floating_forward_rules(floating_ip, fixed_ip):
     return [("PREROUTING", "-d %s -j DNAT --to %s" % (floating_ip, fixed_ip)),
             ("OUTPUT", "-d %s -j DNAT --to %s" % (floating_ip, fixed_ip)),
             ("SNATTING", "-d %s -j SNAT --to %s" % (fixed_ip, floating_ip))]
 
+
 def ensure_vlan_bridge(vlan_num, bridge, net_attrs=None):
     """Create a vlan and bridge unless they already exist"""
     interface = ensure_vlan(vlan_num)
diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index b28d64245..c9a62a391 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -42,15 +42,14 @@ class IptablesManagerTestCase(test.TestCase):
 :INPUT ACCEPT [2223527:305688874]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [2172501:140856656]
--A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT 
--A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT 
--A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT 
--A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT 
--A FORWARD -d 192.168.122.0/24 -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
--A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT 
--A FORWARD -i virbr0 -o virbr0 -j ACCEPT 
--A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable 
--A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable 
+-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
+-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
+-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
+-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
+-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
+-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
+-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
+-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
 COMMIT
 # Completed on Fri Feb 18 15:17:05 2011"""
 
@@ -77,8 +76,7 @@ COMMIT
 
         # TODO(soren): Add stuff for ipv6
         check_matrix = {4: {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
-                            'nat': ['PREROUTING', 'INPUT',
-                                    'OUTPUT', 'POSTROUTING']} }
+                            'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']}}
 
         for ip_version in check_matrix:
             ip = getattr(self.manager, 'ipv%d' % ip_version)
@@ -90,7 +88,6 @@ COMMIT
                                     (chain,) in new_lines)
                     self.assertTrue('-A %s -j run_tests.py-%s' % \
                                     (chain, chain) in new_lines)
-                print '\n'.join(new_lines)
 
 
 class NetworkTestCase(test.TestCase):
diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py
index a88e01818..11201788c 100644
--- a/nova/tests/test_virt.py
+++ b/nova/tests/test_virt.py
@@ -345,7 +345,8 @@ class IptablesFirewallTestCase(test.TestCase):
         self.fw.prepare_instance_filter(instance_ref)
         self.fw.apply_instance_filter(instance_ref)
 
-        in_rules = filter(lambda l: not l.startswith('#'), self.in_filter_rules)
+        in_rules = filter(lambda l: not l.startswith('#'),
+                          self.in_filter_rules)
         for rule in in_rules:
             if not 'nova' in rule:
                 self.assertTrue(rule in self.out_rules,
diff --git a/nova/utils.py b/nova/utils.py
index 644bf18fd..5b44bccb5 100644
--- a/nova/utils.py
+++ b/nova/utils.py
@@ -126,7 +126,8 @@ def fetchfile(url, target):
     execute("curl --fail %s -o %s" % (url, target))
 
 
-def execute(cmd, process_input=None, addl_env=None, check_exit_code=True, attempts=1):
+def execute(cmd, process_input=None, addl_env=None, check_exit_code=True,
+            attempts=1):
     while attempts > 0:
         attempts -= 1
         try:
@@ -150,17 +151,16 @@ def execute(cmd, process_input=None, addl_env=None, check_exit_code=True, attemp
                                                 stdout=stdout,
                                                 stderr=stderr,
                                                 cmd=cmd)
-            # NOTE(termie): this appears to be necessary to let the subprocess call
-            #               clean something up in between calls, without it two
-            #               execute calls in a row hangs the second one
+            # NOTE(termie): this appears to be necessary to let the subprocess
+            #               call clean something up in between calls, without
+            #               it two execute calls in a row hangs the second one
             greenthread.sleep(0)
             return result
         except ProcessExecutionError:
             if not attempts:
                 raise
             else:
-                greenthread.sleep(random.randint(50,300)/100)
-                pass
+                greenthread.sleep(random.randint(20, 200) / 100.0)
 
 
 def ssh_execute(ssh, cmd, process_input=None,
diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index 0c355e48e..7f74e3505 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -1303,11 +1303,9 @@ class IptablesFirewallDriver(FirewallDriver):
                 cidrv6 = self._project_cidrv6_for_instance(instance)
                 ipv6_rules += ['-s %s -j ACCEPT' % (cidrv6,)]
 
-
         security_groups = db.security_group_get_by_instance(ctxt,
                                                             instance['id'])
 
-
         # then, security group chains and rules
         for security_group in security_groups:
             rules = db.security_group_rule_get_by_security_group(ctxt,
author	Soren Hansen <soren@linux2go.dk>	2011-02-21 14:16:42 +0100
committer	Soren Hansen <soren@linux2go.dk>	2011-02-21 14:16:42 +0100
commit	a57dffb5fdfbfac59b9ddbe7b33d6f03b7b748ba (patch)
tree	fb18aff9227a4466f830a28faa86c88f3a2019ba
parent	15203c9ceaa94f0cd5bad96622ee93af7662bcce (diff)