diff options
author | Aaron Rosen <arosen@nicira.com> | 2013-02-15 10:49:12 -0800 |
---|---|---|
committer | Aaron Rosen <arosen@nicira.com> | 2013-02-20 11:33:46 -0800 |
commit | c3ed3dfcf99e9162616960bad5c7b7a36d3b2453 (patch) | |
tree | 27a60cd70cfcfef5f24476f194affe1bf0594410 /nova/compute | |
parent | d562012f34eadfe6b68dd5ebe06a2fa565de3b2e (diff) | |
download | nova-c3ed3dfcf99e9162616960bad5c7b7a36d3b2453.tar.gz nova-c3ed3dfcf99e9162616960bad5c7b7a36d3b2453.tar.xz nova-c3ed3dfcf99e9162616960bad5c7b7a36d3b2453.zip |
Add Nova quantum security group proxy
Implements blueprint nova-quantum-security-group-proxy
Change-Id: I21d70f1dc8e61d6412d14e30ab2aa1a83a711de2
Diffstat (limited to 'nova/compute')
-rw-r--r-- | nova/compute/api.py | 4 | ||||
-rwxr-xr-x | nova/compute/manager.py | 20 |
2 files changed, 20 insertions, 4 deletions
diff --git a/nova/compute/api.py b/nova/compute/api.py index 90b1e9176..cc07a998a 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -2747,6 +2747,10 @@ class SecurityGroupAPI(base.Base, security_group_base.SecurityGroupBase): Sub-set of the Compute API related to managing security groups and security group rules """ + + # The nova seurity group api does not use a uuid for the id. + id_is_uuid = False + def __init__(self, **kwargs): super(SecurityGroupAPI, self).__init__(**kwargs) self.security_group_rpcapi = compute_rpcapi.SecurityGroupAPI() diff --git a/nova/compute/manager.py b/nova/compute/manager.py index ed95ff8df..afeb9f02e 100755 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -57,6 +57,7 @@ from nova.image import glance from nova import manager from nova import network from nova.network import model as network_model +from nova.network.security_group import openstack_driver from nova.openstack.common import excutils from nova.openstack.common import jsonutils from nova.openstack.common import lockutils @@ -332,7 +333,8 @@ class ComputeManager(manager.SchedulerDependentManager): self.compute_rpcapi = compute_rpcapi.ComputeAPI() self.scheduler_rpcapi = scheduler_rpcapi.SchedulerAPI() self.conductor_api = conductor.API() - + self.is_quantum_security_groups = ( + openstack_driver.is_quantum_security_groups()) super(ComputeManager, self).__init__(service_name="compute", *args, **kwargs) @@ -716,6 +718,13 @@ class ComputeManager(manager.SchedulerDependentManager): """Launch a new instance with specified options.""" context = context.elevated() + # If quantum security groups pass requested security + # groups to allocate_for_instance() + if request_spec and self.is_quantum_security_groups: + security_groups = request_spec.get('security_group') + else: + security_groups = [] + try: self._check_instance_exists(context, instance) image_meta = self._check_image_size(context, instance) @@ -747,7 +756,7 @@ class ComputeManager(manager.SchedulerDependentManager): macs = self.driver.macs_for_instance(instance) network_info = self._allocate_network(context, instance, - requested_networks, macs) + requested_networks, macs, security_groups) self._instance_update( context, instance['uuid'], @@ -982,7 +991,8 @@ class ComputeManager(manager.SchedulerDependentManager): expected_task_state=(task_states.SCHEDULING, None)) - def _allocate_network(self, context, instance, requested_networks, macs): + def _allocate_network(self, context, instance, requested_networks, macs, + security_groups): """Allocate networks for an instance and return the network info.""" instance = self._instance_update(context, instance['uuid'], vm_state=vm_states.BUILDING, @@ -994,7 +1004,9 @@ class ComputeManager(manager.SchedulerDependentManager): network_info = self.network_api.allocate_for_instance( context, instance, vpn=is_vpn, requested_networks=requested_networks, - macs=macs, conductor_api=self.conductor_api) + macs=macs, + conductor_api=self.conductor_api, + security_groups=security_groups) except Exception: LOG.exception(_('Instance failed network setup'), instance=instance) |