OpenStack Compute (nova)

Merge lp:~xtoddx/nova/provider-fw-rules-list into lp:~hudson-openstack/nova/trunk

  1. provider-fw-rules-list
  2. Merge into trunk
Proposed by Vish Ishaya
Status: Merged
Approved by: Vish Ishaya
Approved revision: 629
Merged at revision: 1214
Proposed branch: lp:~xtoddx/nova/provider-fw-rules-list
Merge into: lp:~hudson-openstack/nova/trunk
Diff against target: 31 lines (+16/-0)
2 files modified
nova/api/ec2/admin.py (+8/-0)
nova/tests/test_adminapi.py (+8/-0)
To merge this branch: bzr merge lp:~xtoddx/nova/provider-fw-rules-list
Reviewer Review Type Date Requested Status
Vish Ishaya Pending
Devin Carlen Pending
Brian Lamar Pending
Review via email: mp+65848@code.launchpad.net

This proposal supersedes a proposal from 2011-06-11.

Description of the change

Add ability to list existing provider firewall blocks.

To post a comment you must log in.
Revision history for this message
Brian Lamar (blamar) wrote : Posted in a previous version of this proposal

Can you add tests for verification?

review: Needs Fixing
Revision history for this message
Dan Prince (dan-prince) wrote : Posted in a previous version of this proposal

Hi Todd,

Given this depends on lp:~xtoddx/nova/provider-fw-rules which is a WIP should it still be ready for review?

Revision history for this message
Vish Ishaya (vishvananda) wrote : Posted in a previous version of this proposal

nice. lgtm

review: Approve
Revision history for this message
Devin Carlen (devcamcar) wrote : Posted in a previous version of this proposal

lgtm

review: Approve
Revision history for this message
Devin Carlen (devcamcar) wrote : Posted in a previous version of this proposal

Approving this since Brian's comments were addressed.

Revision history for this message
Devin Carlen (devcamcar) wrote : Posted in a previous version of this proposal

Er, spoke too soon. Will wait for pre-req branch to land.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Posted in a previous version of this proposal

No proposals found for merge of lp:~xtoddx/nova/provider-fw-rules into lp:nova.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'nova/api/ec2/admin.py'
--- nova/api/ec2/admin.py 2011-06-14 18:34:03 +0000
+++ nova/api/ec2/admin.py 2011-06-25 02:03:44 +0000
@@ -369,3 +369,11 @@
369 raise exception.ApiError(_('Duplicate rule'))369 raise exception.ApiError(_('Duplicate rule'))
370 self.compute_api.trigger_provider_fw_rules_refresh(context)370 self.compute_api.trigger_provider_fw_rules_refresh(context)
371 return {'status': 'OK', 'message': 'Added %s rules' % rules_added}371 return {'status': 'OK', 'message': 'Added %s rules' % rules_added}
372
373 def describe_external_address_blocks(self, context):
374 blocks = db.provider_fw_rule_get_all(context)
375 # NOTE(todd): use a set since we have icmp/udp/tcp rules with same cidr
376 blocks = set([b.cidr for b in blocks])
377 blocks = [{'cidr': b} for b in blocks]
378 return {'externalIpBlockInfo':
379 list(sorted(blocks, key=lambda k: k['cidr']))}
372380
=== modified file 'nova/tests/test_adminapi.py'
--- nova/tests/test_adminapi.py 2011-06-23 17:59:26 +0000
+++ nova/tests/test_adminapi.py 2011-06-25 02:03:44 +0000
@@ -87,3 +87,11 @@
87 result = self.api.block_external_addresses(self.context, '1.1.1.1/32')87 result = self.api.block_external_addresses(self.context, '1.1.1.1/32')
88 self.assertEqual('OK', result['status'])88 self.assertEqual('OK', result['status'])
89 self.assertEqual('Added 3 rules', result['message'])89 self.assertEqual('Added 3 rules', result['message'])
90
91 def test_list_blocked_ips(self):
92 """Make sure we can see the external blocks that exist."""
93 self.api.block_external_addresses(self.context, '1.1.1.2/32')
94 result = self.api.describe_external_address_blocks(self.context)
95 num = len(db.provider_fw_rule_get_all(self.context))
96 # we only list IP, not tcp/udp/icmp rules
97 self.assertEqual(num / 3, len(result['externalIpBlockInfo']))