OpenStack Compute (nova)

Merge lp:~anso/nova/lp704280 into lp:~hudson-openstack/nova/trunk

  1. lp704280
  2. Merge into trunk
Proposed by Todd Willey
Status: Merged
Approved by: Todd Willey
Approved revision: 575
Merged at revision: 575
Proposed branch: lp:~anso/nova/lp704280
Merge into: lp:~hudson-openstack/nova/trunk
Diff against target: 58 lines (+48/-0)
1 file modified
nova/virt/fake.py (+48/-0)
To merge this branch: bzr merge lp:~anso/nova/lp704280
Reviewer Review Type Date Requested Status
Jay Pipes (community) Approve
Devin Carlen (community) Approve
Review via email: mp+46573@code.launchpad.net

Description of the change

Add refresh_security_group_* methods to nova/virt/fake.py, as FakeConnection is the reference for documentation and method signatures that should be implemented by virt connection drivers.

To post a comment you must log in.
Revision history for this message
Devin Carlen (devcamcar) wrote :

approve

review: Approve
Revision history for this message
Jay Pipes (jaypipes) wrote :

w00tness.

review: Approve
Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Attempt to merge into lp:nova failed due to conflicts:

text conflict in nova/virt/fake.py

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Attempt to merge into lp:nova failed due to conflicts:

text conflict in nova/virt/fake.py

lp:~anso/nova/lp704280 updated
575. By Todd Willey

Merge trunk.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'nova/virt/fake.py'
2--- nova/virt/fake.py 2011-01-19 16:14:23 +0000
3+++ nova/virt/fake.py 2011-01-18 19:35:42 +0000
4@@ -310,6 +310,54 @@
5 'username': 'fakeuser',
6 'password': 'fakepassword'}
7
8+ def refresh_security_group_rules(self, security_group_id):
9+ """This method is called after a change to security groups.
10+
11+ All security groups and their associated rules live in the datastore,
12+ and calling this method should apply the updated rules to instances
13+ running the specified security group.
14+
15+ An error should be raised if the operation cannot complete.
16+
17+ """
18+ return True
19+
20+ def refresh_security_group_members(self, security_group_id):
21+ """This method is called when a security group is added to an instance.
22+
23+ This message is sent to the virtualization drivers on hosts that are
24+ running an instance that belongs to a security group that has a rule
25+ that references the security group identified by `security_group_id`.
26+ It is the responsiblity of this method to make sure any rules
27+ that authorize traffic flow with members of the security group are
28+ updated and any new members can communicate, and any removed members
29+ cannot.
30+
31+ Scenario:
32+ * we are running on host 'H0' and we have an instance 'i-0'.
33+ * instance 'i-0' is a member of security group 'speaks-b'
34+ * group 'speaks-b' has an ingress rule that authorizes group 'b'
35+ * another host 'H1' runs an instance 'i-1'
36+ * instance 'i-1' is a member of security group 'b'
37+
38+ When 'i-1' launches or terminates we will recieve the message
39+ to update members of group 'b', at which time we will make
40+ any changes needed to the rules for instance 'i-0' to allow
41+ or deny traffic coming from 'i-1', depending on if it is being
42+ added or removed from the group.
43+
44+ In this scenario, 'i-1' could just as easily have been running on our
45+ host 'H0' and this method would still have been called. The point was
46+ that this method isn't called on the host where instances of that
47+ group are running (as is the case with
48+ :method:`refresh_security_group_rules`) but is called where references
49+ are made to authorizing those instances.
50+
51+ An error should be raised if the operation cannot complete.
52+
53+ """
54+ return True
55+
56 def get_cpu_info(self):
57 """This method is supported only libvirt. """
58 return