diff options
| -rw-r--r-- | nova/api/ec2/cloud.py | 70 | ||||
| -rw-r--r-- | nova/api/openstack/contrib/volumes.py | 53 | ||||
| -rw-r--r-- | nova/api/openstack/servers.py | 6 | ||||
| -rw-r--r-- | nova/compute/api.py | 6 | ||||
| -rw-r--r-- | nova/compute/manager.py | 7 | ||||
| -rw-r--r-- | nova/db/sqlalchemy/api.py | 6 | ||||
| -rw-r--r-- | nova/network/api.py | 3 | ||||
| -rw-r--r-- | nova/tests/api/openstack/test_servers.py | 10 | ||||
| -rw-r--r-- | nova/tests/test_api.py | 6 | ||||
| -rw-r--r-- | nova/tests/test_cloud.py | 19 | ||||
| -rw-r--r-- | nova/tests/test_db_api.py | 86 |
11 files changed, 233 insertions, 39 deletions
diff --git a/nova/api/ec2/cloud.py b/nova/api/ec2/cloud.py index 10720a804..0294c09c5 100644 --- a/nova/api/ec2/cloud.py +++ b/nova/api/ec2/cloud.py @@ -539,15 +539,18 @@ class CloudController(object): return rules if 'ip_ranges' in kwargs: rules = self._cidr_args_split(kwargs) + else: + rules = [kwargs] finalset = [] for rule in rules: if 'groups' in rule: groups_values = self._groups_args_split(rule) for groups_value in groups_values: - finalset.append(groups_value) + final = self._rule_dict_last_step(context, **groups_value) + finalset.append(final) else: - if rule: - finalset.append(rule) + final = self._rule_dict_last_step(context, **rule) + finalset.append(final) return finalset def _cidr_args_split(self, kwargs): @@ -590,6 +593,9 @@ class CloudController(object): db.security_group_get_by_name(context.elevated(), source_project_id, source_security_group_name) + notfound = exception.SecurityGroupNotFound + if not source_security_group: + raise notfound(security_group_id=source_security_group_name) values['group_id'] = source_security_group['id'] elif cidr_ip: # If this fails, it throws an exception. This is what we want. @@ -628,7 +634,7 @@ class CloudController(object): for rule in security_group.rules: if 'group_id' in values: if rule['group_id'] == values['group_id']: - return True + return rule['id'] else: is_duplicate = True for key in ('cidr', 'from_port', 'to_port', 'protocol'): @@ -636,7 +642,7 @@ class CloudController(object): is_duplicate = False break if is_duplicate: - return True + return rule['id'] return False def revoke_security_group_ingress(self, context, group_name=None, @@ -659,22 +665,30 @@ class CloudController(object): msg = "Revoke security group ingress %s" LOG.audit(_(msg), security_group['name'], context=context) + prevalues = [] + try: + prevalues = kwargs['ip_permissions'] + except KeyError: + prevalues.append(kwargs) + rule_id = None + for values in prevalues: + rulesvalues = self._rule_args_to_dict(context, values) + if not rulesvalues: + err = "%s Not enough parameters to build a valid rule" + raise exception.ApiError(_(err % rulesvalues)) - criteria = self._rule_args_to_dict(context, kwargs)[0] - if criteria is None: - raise exception.ApiError(_("Not enough parameters to build a " - "valid rule.")) - - for rule in security_group.rules: - match = True - for (k, v) in criteria.iteritems(): - if getattr(rule, k, False) != v: - match = False - if match: - db.security_group_rule_destroy(context, rule['id']) - self.compute_api.trigger_security_group_rules_refresh(context, - security_group_id=security_group['id']) - return True + for values_for_rule in rulesvalues: + values_for_rule['parent_group_id'] = security_group.id + rule_id = self._security_group_rule_exists(security_group, + values_for_rule) + if rule_id: + db.security_group_rule_destroy(context, rule_id) + if rule_id: + # NOTE(vish): we removed a rule, so refresh + self.compute_api.trigger_security_group_rules_refresh( + context, + security_group_id=security_group['id']) + return True raise exception.ApiError(_("No rule for the specified parameters.")) # TODO(soren): This has only been tested with Boto as the client. @@ -721,15 +735,17 @@ class CloudController(object): postvalues.append(values_for_rule) for values_for_rule in postvalues: - security_group_rule = db.security_group_rule_create(context, - values_for_rule) + security_group_rule = db.security_group_rule_create( + context, + values_for_rule) - self.compute_api.trigger_security_group_rules_refresh(context, - security_group_id=security_group['id']) + if postvalues: + self.compute_api.trigger_security_group_rules_refresh( + context, + security_group_id=security_group['id']) + return True - group = db.security_group_get_by_name(context, context.project_id, - security_group['name']) - return True + raise exception.ApiError(_("No rule for the specified parameters.")) def _get_source_project_id(self, context, source_security_group_owner_id): if source_security_group_owner_id: diff --git a/nova/api/openstack/contrib/volumes.py b/nova/api/openstack/contrib/volumes.py index 827e36097..867fe301e 100644 --- a/nova/api/openstack/contrib/volumes.py +++ b/nova/api/openstack/contrib/volumes.py @@ -22,10 +22,12 @@ from nova import compute from nova import exception from nova import flags from nova import log as logging +from nova import quota from nova import volume from nova.api.openstack import common from nova.api.openstack import extensions from nova.api.openstack import faults +from nova.api.openstack import servers LOG = logging.getLogger("nova.api.volumes") @@ -297,6 +299,53 @@ class VolumeAttachmentController(object): return {'volumeAttachments': res} +class BootFromVolumeController(servers.ControllerV11): + """The boot from volume API controller for the Openstack API.""" + + def _create_instance(self, context, instance_type, image_href, **kwargs): + try: + return self.compute_api.create(context, instance_type, + image_href, **kwargs) + except quota.QuotaError as error: + self.helper._handle_quota_error(error) + except exception.ImageNotFound as error: + msg = _("Can not find requested image") + raise faults.Fault(exc.HTTPBadRequest(explanation=msg)) + + def create(self, req, body): + """ Creates a new server for a given user """ + extra_values = None + try: + + def get_kwargs(context, instance_type, image_href, **kwargs): + kwargs['context'] = context + kwargs['instance_type'] = instance_type + kwargs['image_href'] = image_href + return kwargs + + extra_values, kwargs = self.helper.create_instance(req, body, + get_kwargs) + + block_device_mapping = body['server'].get('block_device_mapping') + kwargs['block_device_mapping'] = block_device_mapping + + instances = self._create_instance(**kwargs) + except faults.Fault, f: + return f + + # We can only return 1 instance via the API, if we happen to + # build more than one... instances is a list, so we'll just + # use the first one.. + inst = instances[0] + for key in ['instance_type', 'image_ref']: + inst[key] = extra_values[key] + + builder = self._get_view_builder(req) + server = builder.build(inst, is_detail=True) + server['server']['adminPass'] = extra_values['password'] + return server + + class Volumes(extensions.ExtensionDescriptor): def get_name(self): return "Volumes" @@ -330,4 +379,8 @@ class Volumes(extensions.ExtensionDescriptor): collection_name='servers')) resources.append(res) + res = extensions.ResourceExtension('os-volumes_boot', + BootFromVolumeController()) + resources.append(res) + return resources diff --git a/nova/api/openstack/servers.py b/nova/api/openstack/servers.py index 7bef1d9b2..d7cabb067 100644 --- a/nova/api/openstack/servers.py +++ b/nova/api/openstack/servers.py @@ -447,7 +447,6 @@ class ControllerV10(Controller): def _action_rebuild(self, info, request, instance_id): context = request.environ['nova.context'] - instance_id = int(instance_id) try: image_id = info["rebuild"]["imageId"] @@ -459,7 +458,7 @@ class ControllerV10(Controller): try: self.compute_api.rebuild(context, instance_id, image_id) except exception.BuildInProgress: - msg = _("Instance %d is currently being rebuilt.") % instance_id + msg = _("Instance %s is currently being rebuilt.") % instance_id LOG.debug(msg) raise exc.HTTPConflict(explanation=msg) @@ -560,7 +559,6 @@ class ControllerV11(Controller): def _action_rebuild(self, info, request, instance_id): context = request.environ['nova.context'] - instance_id = int(instance_id) try: image_href = info["rebuild"]["imageRef"] @@ -581,7 +579,7 @@ class ControllerV11(Controller): self.compute_api.rebuild(context, instance_id, image_href, name, metadata, personalities) except exception.BuildInProgress: - msg = _("Instance %d is currently being rebuilt.") % instance_id + msg = _("Instance %s is currently being rebuilt.") % instance_id LOG.debug(msg) raise exc.HTTPConflict(explanation=msg) diff --git a/nova/compute/api.py b/nova/compute/api.py index c49c0d95c..d1e5647d2 100644 --- a/nova/compute/api.py +++ b/nova/compute/api.py @@ -561,6 +561,7 @@ class API(base.Base): self.db.queue_get_for(context, FLAGS.compute_topic, host), {'method': 'refresh_provider_fw_rules', 'args': {}}) + @scheduler_api.reroute_compute("update") def update(self, context, instance_id, **kwargs): """Updates the instance in the datastore. @@ -776,6 +777,7 @@ class API(base.Base): raise exception.Error(_("Unable to find host for Instance %s") % instance_id) + @scheduler_api.reroute_compute("backup") def backup(self, context, instance_id, name, backup_type, rotation, extra_properties=None): """Backup the given instance @@ -792,6 +794,7 @@ class API(base.Base): extra_properties=extra_properties) return recv_meta + @scheduler_api.reroute_compute("snapshot") def snapshot(self, context, instance_id, name, extra_properties=None): """Snapshot the given instance. @@ -834,10 +837,12 @@ class API(base.Base): params=params) return recv_meta + @scheduler_api.reroute_compute("reboot") def reboot(self, context, instance_id): """Reboot the given instance.""" self._cast_compute_message('reboot_instance', context, instance_id) + @scheduler_api.reroute_compute("rebuild") def rebuild(self, context, instance_id, image_href, name=None, metadata=None, files_to_inject=None): """Rebuild the given instance with the provided metadata.""" @@ -1024,6 +1029,7 @@ class API(base.Base): """Unrescue the given instance.""" self._cast_compute_message('unrescue_instance', context, instance_id) + @scheduler_api.reroute_compute("set_admin_password") def set_admin_password(self, context, instance_id, password=None): """Set the root/admin password for the given instance.""" host = self._find_host(context, instance_id) diff --git a/nova/compute/manager.py b/nova/compute/manager.py index 667d231ae..83a218580 100644 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -430,7 +430,10 @@ class ComputeManager(manager.SchedulerDependentManager): image_ref = kwargs.get('image_ref') instance_ref.image_ref = image_ref instance_ref.injected_files = kwargs.get('injected_files', []) - self.driver.spawn(context, instance_ref, network_info) + network_info = self.network_api.get_instance_nw_info(context, + instance_ref) + bd_mapping = self._setup_block_device_mapping(context, instance_id) + self.driver.spawn(context, instance_ref, network_info, bd_mapping) self._update_image_ref(context, instance_id, image_ref) self._update_launched_at(context, instance_id) @@ -869,7 +872,7 @@ class ComputeManager(manager.SchedulerDependentManager): """ self.network_api.add_fixed_ip_to_instance(context, instance_id, - network_id) + self.host, network_id) self.inject_network_info(context, instance_id) self.reset_network(context, instance_id) diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py index ba03cabbc..d7810098a 100644 --- a/nova/db/sqlalchemy/api.py +++ b/nova/db/sqlalchemy/api.py @@ -1173,9 +1173,9 @@ def instance_get_active_by_window(context, begin, end=None): """Return instances that were continuously active over the given window""" session = get_session() query = session.query(models.Instance).\ - options(joinedload_all('fixed_ip.floating_ips')).\ + options(joinedload_all('fixed_ips.floating_ips')).\ options(joinedload('security_groups')).\ - options(joinedload_all('fixed_ip.network')).\ + options(joinedload_all('fixed_ips.network')).\ options(joinedload('instance_type')).\ filter(models.Instance.launched_at < begin) if end: @@ -1269,7 +1269,7 @@ def instance_get_project_vpn(context, project_id): options(joinedload_all('fixed_ips.floating_ips')).\ options(joinedload('virtual_interfaces')).\ options(joinedload('security_groups')).\ - options(joinedload_all('fixed_ip.network')).\ + options(joinedload_all('fixed_ips.network')).\ options(joinedload('metadata')).\ options(joinedload('instance_type')).\ filter_by(project_id=project_id).\ diff --git a/nova/network/api.py b/nova/network/api.py index 33a9fe239..247768722 100644 --- a/nova/network/api.py +++ b/nova/network/api.py @@ -164,9 +164,10 @@ class API(base.Base): {'method': 'deallocate_for_instance', 'args': args}) - def add_fixed_ip_to_instance(self, context, instance_id, network_id): + def add_fixed_ip_to_instance(self, context, instance_id, host, network_id): """Adds a fixed ip to instance from specified network.""" args = {'instance_id': instance_id, + 'host': host, 'network_id': network_id} rpc.cast(context, FLAGS.network_topic, {'method': 'add_fixed_ip_to_instance', diff --git a/nova/tests/api/openstack/test_servers.py b/nova/tests/api/openstack/test_servers.py index e6895086a..4ca79434f 100644 --- a/nova/tests/api/openstack/test_servers.py +++ b/nova/tests/api/openstack/test_servers.py @@ -97,6 +97,12 @@ def return_server_with_power_state(power_state): return _return_server +def return_server_with_uuid_and_power_state(power_state): + def _return_server(context, id): + return stub_instance(id, uuid=FAKE_UUID, power_state=power_state) + return _return_server + + def return_servers(context, user_id=1): return [stub_instance(i, user_id) for i in xrange(5)] @@ -1854,6 +1860,8 @@ class ServersTest(test.TestCase): state = power_state.BUILDING new_return_server = return_server_with_power_state(state) self.stubs.Set(nova.db.api, 'instance_get', new_return_server) + self.stubs.Set(nova.db, 'instance_get_by_uuid', + return_server_with_uuid_and_power_state(state)) req = webob.Request.blank('/v1.0/servers/1/action') req.method = 'POST' @@ -1902,6 +1910,8 @@ class ServersTest(test.TestCase): state = power_state.BUILDING new_return_server = return_server_with_power_state(state) self.stubs.Set(nova.db.api, 'instance_get', new_return_server) + self.stubs.Set(nova.db, 'instance_get_by_uuid', + return_server_with_uuid_and_power_state(state)) req = webob.Request.blank('/v1.1/servers/1/action') req.method = 'POST' diff --git a/nova/tests/test_api.py b/nova/tests/test_api.py index 26ac5ff24..fe7fd8402 100644 --- a/nova/tests/test_api.py +++ b/nova/tests/test_api.py @@ -213,7 +213,11 @@ class ApiEc2TestCase(test.TestCase): self.http = FakeHttplibConnection( self.app, '%s:8773' % (self.host), False) # pylint: disable=E1103 - self.ec2.new_http_connection(host, is_secure).AndReturn(self.http) + if boto.Version >= '2': + self.ec2.new_http_connection(host or '%s:8773' % (self.host), + is_secure).AndReturn(self.http) + else: + self.ec2.new_http_connection(host, is_secure).AndReturn(self.http) return self.http def test_return_valid_isoformat(self): diff --git a/nova/tests/test_cloud.py b/nova/tests/test_cloud.py index 136082cc1..f87edc407 100644 --- a/nova/tests/test_cloud.py +++ b/nova/tests/test_cloud.py @@ -287,7 +287,7 @@ class CloudTestCase(test.TestCase): 'ip_protocol': u'tcp'}]} self.assertTrue(authz(self.context, group_name=sec['name'], **kwargs)) - def test_authorize_security_group_ingress_ip_permissions_groups(self): + def test_authorize_security_group_fail_missing_source_group(self): kwargs = {'project_id': self.context.project_id, 'name': 'test'} sec = db.security_group_create(self.context, kwargs) authz = self.cloud.authorize_security_group_ingress @@ -295,6 +295,23 @@ class CloudTestCase(test.TestCase): 'ip_ranges':{'1': {'cidr_ip': u'0.0.0.0/0'}, '2': {'cidr_ip': u'10.10.10.10/32'}}, 'groups': {'1': {'user_id': u'someuser', + 'group_name': u'somegroup1'}}, + 'ip_protocol': u'tcp'}]} + self.assertRaises(exception.SecurityGroupNotFound, authz, + self.context, group_name=sec['name'], **kwargs) + + def test_authorize_security_group_ingress_ip_permissions_groups(self): + kwargs = {'project_id': self.context.project_id, 'name': 'test'} + sec = db.security_group_create(self.context, + {'project_id': 'someuser', + 'name': 'somegroup1'}) + sec = db.security_group_create(self.context, + {'project_id': 'someuser', + 'name': 'othergroup2'}) + sec = db.security_group_create(self.context, kwargs) + authz = self.cloud.authorize_security_group_ingress + kwargs = {'ip_permissions': [{'to_port': 81, 'from_port': 81, + 'groups': {'1': {'user_id': u'someuser', 'group_name': u'somegroup1'}, '2': {'user_id': u'someuser', 'group_name': u'othergroup2'}}, diff --git a/nova/tests/test_db_api.py b/nova/tests/test_db_api.py new file mode 100644 index 000000000..107fd03e3 --- /dev/null +++ b/nova/tests/test_db_api.py @@ -0,0 +1,86 @@ +# vim: tabstop=4 shiftwidth=4 softtabstop=4 + +# Copyright 2010 United States Government as represented by the +# Administrator of the National Aeronautics and Space Administration. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +"""Unit tests for the DB API""" + +from nova import test +from nova import context +from nova import db +from nova import flags +from nova.auth import manager + +FLAGS = flags.FLAGS + + +def _setup_networking(instance_id, ip='1.2.3.4', flo_addr='1.2.1.2'): + ctxt = context.get_admin_context() + network_ref = db.project_get_networks(ctxt, + 'fake', + associate=True)[0] + vif = {'address': '56:12:12:12:12:12', + 'network_id': network_ref['id'], + 'instance_id': instance_id} + vif_ref = db.virtual_interface_create(ctxt, vif) + + fixed_ip = {'address': ip, + 'network_id': network_ref['id'], + 'virtual_interface_id': vif_ref['id'], + 'allocated': True, + 'instance_id': instance_id} + db.fixed_ip_create(ctxt, fixed_ip) + fix_ref = db.fixed_ip_get_by_address(ctxt, ip) + db.floating_ip_create(ctxt, {'address': flo_addr, + 'fixed_ip_id': fix_ref.id}) + + +class DbApiTestCase(test.TestCase): + def setUp(self): + super(DbApiTestCase, self).setUp() + self.manager = manager.AuthManager() + self.user = self.manager.create_user('admin', 'admin', 'admin', True) + self.project = self.manager.create_project('proj', 'admin', 'proj') + self.context = context.RequestContext(user=self.user, + project=self.project) + + def tearDown(self): + self.manager.delete_project(self.project) + self.manager.delete_user(self.user) + super(DbApiTestCase, self).tearDown() + + def test_instance_get_project_vpn(self): + result = db.fixed_ip_get_all(self.context) + values = {'instance_type_id': FLAGS.default_instance_type, + 'image_ref': FLAGS.vpn_image_id, + 'project_id': self.project.id + } + instance = db.instance_create(self.context, values) + result = db.instance_get_project_vpn(self.context, self.project.id) + self.assertEqual(instance.id, result.id) + + def test_instance_get_project_vpn_joins(self): + result = db.fixed_ip_get_all(self.context) + values = {'instance_type_id': FLAGS.default_instance_type, + 'image_ref': FLAGS.vpn_image_id, + 'project_id': self.project.id + } + instance = db.instance_create(self.context, values) + _setup_networking(instance.id) + result = db.instance_get_project_vpn(self.context, self.project.id) + self.assertEqual(instance.id, result.id) + self.assertEqual(result['fixed_ips'][0]['floating_ips'][0].address, + '1.2.1.2') |