x/vmware-nsx
Code Issues Proposed changes
vmware-nsx/tools/python_nsxadmin/admin/plugins/nsxv3/resources/securitygroups.py
Akash Gangil f88a8cfb7b Use prettytable and rename python-nsxadmin - to _ 
This patch dumps the tabulate package in favor of prettytable
since its a global requirement and is used by all openstack
clients. So users won't have to install a package separately.

We also refactor python-nsxadmin to python_nsxadmin. Since setup.cfg
does not like names with '-'

Change-Id: Ib510c7b40673b747e0712a656d19e18e4ff4accb
2015-12-02 06:12:02 -08:00

158 lines
6.2 KiB
Python
Raw Blame History

# Copyright 2015 VMware, Inc. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import logging
from admin.plugins.common import constants
from admin.plugins.common import formatters
from admin.plugins.common.utils import output_header
from admin.plugins.common.utils import query_yes_no
from admin.shell import Operations
from neutron.callbacks import registry
from neutron import context as neutron_context
from neutron.db import common_db_mixin as common_db
from neutron.db import securitygroups_db as sg_db
from vmware_nsx._i18n import _LI
from vmware_nsx.nsxlib.v3 import dfw_api as firewall
LOG = logging.getLogger(__name__)
class NeutronSecurityGroupApi(sg_db.SecurityGroupDbMixin,
common_db.CommonDbMixin):
def __init__(self):
self.sg_api = super(NeutronSecurityGroupApi, self)
self.neutron_admin_context = neutron_context.get_admin_context()
def get_security_groups(self):
self.sg_api.get_security_groups(self.neutron_admin_context)
def delete_security_group(self, sg_id):
self.sg_api.delete_security_group(self.neutron_admin_context,
sg_id)
neutron_sg = NeutronSecurityGroupApi()
@output_header
def nsx_list_security_groups(resource, event, trigger, **kwargs):
sections = firewall.list_sections()
LOG.info(formatters.output_formatter(constants.FIREWALL_SECTIONS,
sections, ['display_name', 'id']))
nsgroups = firewall.list_nsgroups()
LOG.info(formatters.output_formatter(constants.FIREWALL_NSX_GROUPS,
nsgroups, ['display_name', 'id']))
return bool(sections) or bool(nsgroups)
@output_header
def nsx_delete_security_groups(resource, event, trigger, **kwargs):
if kwargs['force'] is False:
if nsx_list_security_groups(resource, event, trigger, **kwargs):
user_confirm = query_yes_no('Do you want to delete the following '
'NSX firewall sections/nsgroups?',
default='no')
if user_confirm is False:
LOG.info(_LI('NSX security groups cleanup aborted by user'))
return
sections = firewall.list_sections()
# NOTE(gangila): We use -1 indexing because we trying to delete default
# security group on NSX Manager raises an exception.
if sections:
NON_DEFAULT_SECURITY_GROUPS = -1
for section in sections[:NON_DEFAULT_SECURITY_GROUPS]:
LOG.info(_LI("Deleting firewall section %(display_name)s, "
"section id %(id)s"),
{'display_name': section['display_name'],
'id': section['id']})
firewall.delete_section(section['id'])
nsgroups = firewall.list_nsgroups()
if nsgroups:
for nsgroup in nsgroups:
LOG.info(_LI("Deleting ns-group %(display_name)s, "
"ns-group id %(id)s"),
{'display_name': nsgroup['display_name'],
'id': nsgroup['id']})
firewall.delete_nsgroup(nsgroup['id'])
@output_header
def neutron_list_security_groups(resource, event, trigger, **kwargs):
security_groups = neutron_sg.get_security_groups()
LOG.info(formatters.output_formatter(constants.SECURITY_GROUPS,
security_groups, ['name', 'id']))
return bool(security_groups)
@output_header
def neutron_delete_security_groups(resource, event, trigger, **kwargs):
if kwargs['force'] is False:
if neutron_list_security_groups(resource, event, trigger, **kwargs):
user_confirm = query_yes_no('Do you want to delete the followin '
'neutron security groups?',
default='no')
if user_confirm is False:
LOG.info(_LI('Neutron security groups cleanup aborted by '
'user'))
return
security_groups = neutron_sg.get_security_groups()
if not security_groups:
return
for security_group in security_groups:
try:
LOG.info(_LI('Trying to delete %(sg_id)s'),
{'sg_id': security_group['id']})
neutron_sg.delete_security_group(security_group['id'])
LOG.info(_LI("Deleted security group name: %(name)s id: %(id)s"),
{'name': security_group['name'],
'id': security_group['id']})
except Exception as e:
LOG.warning(str(e))
registry.subscribe(nsx_list_security_groups,
constants.SECURITY_GROUPS,
Operations.LIST.value)
registry.subscribe(nsx_list_security_groups,
constants.SECURITY_GROUPS,
Operations.NSX_LIST.value)
registry.subscribe(neutron_list_security_groups,
constants.SECURITY_GROUPS,
Operations.LIST.value)
registry.subscribe(neutron_list_security_groups,
constants.SECURITY_GROUPS,
Operations.NEUTRON_LIST.value)
registry.subscribe(nsx_delete_security_groups,
constants.SECURITY_GROUPS,
Operations.CLEAN.value)
registry.subscribe(nsx_delete_security_groups,
constants.SECURITY_GROUPS,
Operations.NSX_CLEAN.value)
registry.subscribe(neutron_delete_security_groups,
constants.SECURITY_GROUPS,
Operations.CLEAN.value)
registry.subscribe(neutron_delete_security_groups,
constants.SECURITY_GROUPS,
Operations.NEUTRON_CLEAN.value)
View Git Blame Copy Permalink