Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gutyán Gábor
/
circlestack
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
76bd4c77
authored
Aug 19, 2018
by
Szabolcs Gelencsér
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add default public security group
parent
7507ef24
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
45 additions
and
15 deletions
+45
-15
circle/circle/settings/base.py
+2
-0
circle/dashboard/templates/dashboard/vm-detail.html
+1
-1
circle/dashboard/views/vm.py
+6
-4
circle/network/models.py
+33
-0
circle/vm/operations.py
+3
-10
No files found.
circle/circle/settings/base.py
View file @
76bd4c77
...
...
@@ -599,6 +599,8 @@ DEFAULT_EXTERNAL_NETWORK_NAME = "Smart1"
DEFAULT_PUBLIC_ROUTER_NAME_FOR_USER
=
"default_public"
DEFAULT_PUBLIC_ROUTED_NET_NAME_FOR_USER
=
"default_public_routed"
DEFAULT_PUBLIC_SECURITY_GROUP_FOR_USER
=
"default_public"
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN
=
"bme"
OPENSTACK_KEYSTONE_URL
=
"https://proxy.bmec4e.niif.hu:5000"
WEBSSO_ENABLED
=
True
#TODO: it is always enabled, refactor openstack_auth
...
...
circle/dashboard/templates/dashboard/vm-detail.html
View file @
76bd4c77
...
...
@@ -111,7 +111,7 @@
<h3>
{% trans "Connection details" %}
</h3>
<dl
class=
"dl-horizontal vm-details-connection"
>
<dt>
{% trans "Protocol" %}
</dt>
<dd>
{{
instance.
access_method|upper }}
</dd>
<dd>
{{ access_method|upper }}
</dd>
<dt>
{% trans "Host" %}
</dt>
<dd>
{% if instance.get_connect_port %}
...
...
circle/dashboard/views/vm.py
View file @
76bd4c77
...
...
@@ -48,7 +48,7 @@ from common.models import (
)
from
firewall.models
import
Vlan
,
Host
,
Rule
# from manager.scheduler import SchedulerError
from
network.models
import
DefaultPublicRouter
,
DefaultPublicRoutedNet
from
network.models
import
DefaultPublicRouter
,
DefaultPublicRoutedNet
,
DefaultPublicSecurityGroup
from
openstack_api.nova
import
Server
from
request.forms
import
TemplateRequestForm
,
LeaseRequestForm
from
request.models
import
TemplateAccessType
,
LeaseType
...
...
@@ -139,7 +139,8 @@ class VmDetailView(LoginRequiredMixin, GraphMixin, DetailView):
# 'connect_commands': user.profile.get_connect_commands(instance),
'hide_tutorial'
:
hide_tutorial
,
'fav'
:
Favourite
.
objects
.
filter
(
user
=
user
.
id
,
instance
=
instance
.
id
)
.
exists
(),
'instance'
:
self
.
object
'instance'
:
self
.
object
,
'access_method'
:
'ssh'
})
vm_lease
=
VmLease
.
get_or_create_lease
(
instance
.
id
)
...
...
@@ -1088,9 +1089,9 @@ class VmPlainImageCreate(LoginRequiredMixin, TemplateView):
return
self
.
render_to_response
(
context
)
def
post
(
self
,
request
,
*
args
,
**
kwargs
):
server_created
=
None
if
request
.
POST
.
get
(
"internet_access"
)
or
not
settings
.
IS_NET_OMISSION_SUPPORTED
:
default_public_routed_net_id
=
DefaultPublicRoutedNet
.
get_id
(
request
)
security_group
=
DefaultPublicSecurityGroup
.
get
(
request
)
server_created
=
openstack_api
.
nova
.
server_create
(
request
,
request
.
POST
.
get
(
"name"
),
...
...
@@ -1098,7 +1099,8 @@ class VmPlainImageCreate(LoginRequiredMixin, TemplateView):
request
.
POST
.
get
(
"flavor"
),
nics
=
({
'net-id'
:
default_public_routed_net_id
,
},)
},),
security_groups
=
[
security_group
.
id
]
)
else
:
server_created
=
openstack_api
.
nova
.
server_create
(
...
...
circle/network/models.py
View file @
76bd4c77
...
...
@@ -172,3 +172,36 @@ class DefaultPublicRoutedNet(object):
@classmethod
def
get_id
(
cls
,
request
):
return
DefaultPublicRoutedNet
.
__create_if_not_exists
(
request
)
.
id
class
DefaultPublicSecurityGroup
(
object
):
@classmethod
def
_create_security_group
(
cls
,
request
):
name
=
settings
.
DEFAULT_PUBLIC_SECURITY_GROUP_FOR_USER
security_group
=
openstack_api
.
neutron
.
security_group_create
(
request
,
name
,
name
)
openstack_api
.
neutron
.
security_group_rule_create
(
request
,
security_group
.
id
,
"ingress"
,
"IPv4"
,
None
,
None
,
None
,
"0.0.0.0/0"
,
None
,
)
return
security_group
@classmethod
def
__get
(
cls
,
request
):
sec_groups
=
openstack_api
.
neutron
.
security_group_list
(
request
)
sec_groups
=
[
sg
for
sg
in
sec_groups
if
sg
.
name
==
settings
.
DEFAULT_PUBLIC_SECURITY_GROUP_FOR_USER
]
return
sec_groups
[
0
]
if
len
(
sec_groups
)
>
0
else
None
@classmethod
def
__create_if_not_exists
(
cls
,
request
):
default_public_sg
=
DefaultPublicSecurityGroup
.
__get
(
request
)
if
default_public_sg
is
None
:
default_public_sg
=
DefaultPublicSecurityGroup
.
_create_security_group
(
request
)
return
default_public_sg
@classmethod
def
get
(
cls
,
request
):
return
DefaultPublicSecurityGroup
.
__create_if_not_exists
(
request
)
circle/vm/operations.py
View file @
76bd4c77
...
...
@@ -34,6 +34,8 @@ from django.utils import timezone
from
django.utils.translation
import
ugettext_lazy
as
_
,
ugettext_noop
from
django.conf
import
settings
from
django.db.models
import
Q
from
network.models
import
DefaultPublicSecurityGroup
from
openstack_api.nova
import
Server
from
sizefield.utils
import
filesizeformat
...
...
@@ -191,16 +193,7 @@ class AddInterfaceOperation(InstanceOperation):
def
_operation
(
self
,
request
,
user
,
system
,
vlan
,
managed
=
None
):
interface
=
openstack_api
.
nova
.
interface_attach
(
request
,
self
.
instance
,
net_id
=
vlan
)
security_group
=
openstack_api
.
neutron
.
security_group_create
(
request
,
interface
.
port_id
,
interface
.
port_id
)
# TODO: add UI elements to adjust this
openstack_api
.
neutron
.
security_group_rule_create
(
request
,
security_group
.
id
,
"ingress"
,
"IPv4"
,
None
,
None
,
None
,
"0.0.0.0/0"
,
None
,
)
security_group
=
DefaultPublicSecurityGroup
.
get
(
request
)
openstack_api
.
neutron
.
port_update
(
request
,
interface
.
port_id
,
security_groups
=
[
security_group
.
id
])
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment