Ask Your Question
0

security groups support in openstacksdk?

asked 2016-03-07 09:09:58 -0600

gavin-brebner-orange gravatar image

I am experimenting with the openstacksdk and have managed to get most things working. However it looks as if there is no support currently for creating VMs with anything other than the default security group? Can someone confirm? Is there any workaround / fix planned?

I use compute.create_server to get a valid Server object and use the server id to get the appropriate port by searching for the one with the correct device_id. However any attempt to update the security_group_ids of the port leads to a "bad request" - it seems to be fixed using the default group.

Creating the port in advance would seem more logical, but there is no port attribute in the Server class, so no way of specifying the port at server creation time.

What am I missing?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-03-07 11:39:48 -0600

gavin-brebner-orange gravatar image

OK - it looks like the secret is that you can create a port in advance, then you can provide it via the (non-documented) networks attribute :

     newvm = self.osclient.compute.create_server(name=name,
                                                image_id=image.id,
                                                flavor_id=fl.id,
                                                networks=[{"port": port.id}],
                                                key_name=key_name,
                                                availability_zone=availability_zone)

The other gotcha in this is that in creating the port, you need to be careful how you specify the list of security group IDs.

port = conn.network.create_port(network_id=network.id, security_group_ids=[mysecgroup.id])

will not work, however

port = conn.network.create_port(network_id=network.id, security_groups=[str(mysecgroup.id)])

does - so note security_groups NOT security_group_ids as documented, and the explicit str() which is required.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

Stats

Asked: 2016-03-07 03:53:09 -0600

Seen: 133 times

Last updated: Mar 07 '16