OpenStack Compute (nova)

Merge lp:~xtoddx/nova/provider-fw-rules-list into lp:~hudson-openstack/nova/trunk

  1. provider-fw-rules-list
  2. Merge into trunk
Proposed by Vish Ishaya
Status: Merged
Approved by: Vish Ishaya
Approved revision: 629
Merged at revision: 1214
Proposed branch: lp:~xtoddx/nova/provider-fw-rules-list
Merge into: lp:~hudson-openstack/nova/trunk
Diff against target: 31 lines (+16/-0)
2 files modified
nova/api/ec2/admin.py (+8/-0)
nova/tests/test_adminapi.py (+8/-0)
To merge this branch: bzr merge lp:~xtoddx/nova/provider-fw-rules-list
Reviewer Review Type Date Requested Status
Vish Ishaya Pending
Devin Carlen Pending
Brian Lamar Pending
Review via email: mp+65848@code.launchpad.net

This proposal supersedes a proposal from 2011-06-11.

Description of the change

Add ability to list existing provider firewall blocks.

To post a comment you must log in.
Revision history for this message
Brian Lamar (blamar) wrote : Posted in a previous version of this proposal

Can you add tests for verification?

review: Needs Fixing
Revision history for this message
Dan Prince (dan-prince) wrote : Posted in a previous version of this proposal

Hi Todd,

Given this depends on lp:~xtoddx/nova/provider-fw-rules which is a WIP should it still be ready for review?

Revision history for this message
Vish Ishaya (vishvananda) wrote : Posted in a previous version of this proposal

nice. lgtm

review: Approve
Revision history for this message
Devin Carlen (devcamcar) wrote : Posted in a previous version of this proposal

lgtm

review: Approve
Revision history for this message
Devin Carlen (devcamcar) wrote : Posted in a previous version of this proposal

Approving this since Brian's comments were addressed.

Revision history for this message
Devin Carlen (devcamcar) wrote : Posted in a previous version of this proposal

Er, spoke too soon. Will wait for pre-req branch to land.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Posted in a previous version of this proposal

No proposals found for merge of lp:~xtoddx/nova/provider-fw-rules into lp:nova.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'nova/api/ec2/admin.py'
2--- nova/api/ec2/admin.py 2011-06-14 18:34:03 +0000
3+++ nova/api/ec2/admin.py 2011-06-25 02:03:44 +0000
4@@ -369,3 +369,11 @@
5 raise exception.ApiError(_('Duplicate rule'))
6 self.compute_api.trigger_provider_fw_rules_refresh(context)
7 return {'status': 'OK', 'message': 'Added %s rules' % rules_added}
8+
9+ def describe_external_address_blocks(self, context):
10+ blocks = db.provider_fw_rule_get_all(context)
11+ # NOTE(todd): use a set since we have icmp/udp/tcp rules with same cidr
12+ blocks = set([b.cidr for b in blocks])
13+ blocks = [{'cidr': b} for b in blocks]
14+ return {'externalIpBlockInfo':
15+ list(sorted(blocks, key=lambda k: k['cidr']))}
16
17=== modified file 'nova/tests/test_adminapi.py'
18--- nova/tests/test_adminapi.py 2011-06-23 17:59:26 +0000
19+++ nova/tests/test_adminapi.py 2011-06-25 02:03:44 +0000
20@@ -87,3 +87,11 @@
21 result = self.api.block_external_addresses(self.context, '1.1.1.1/32')
22 self.assertEqual('OK', result['status'])
23 self.assertEqual('Added 3 rules', result['message'])
24+
25+ def test_list_blocked_ips(self):
26+ """Make sure we can see the external blocks that exist."""
27+ self.api.block_external_addresses(self.context, '1.1.1.2/32')
28+ result = self.api.describe_external_address_blocks(self.context)
29+ num = len(db.provider_fw_rule_get_all(self.context))
30+ # we only list IP, not tcp/udp/icmp rules
31+ self.assertEqual(num / 3, len(result['externalIpBlockInfo']))