The nova.network.sg Module

Implement Security Groups abstraction and API.

The nova security_group_handler flag specifies which class is to be used to implement the security group calls.

The NullSecurityGroupHandler provides a “no-op” plugin that is loaded by default and has no impact on current system behavior. In the future, special purposes classes that inherit from SecurityGroupHandlerBase will provide enhanced functionality and will be loadable via the security_group_handler flag.

class NullSecurityGroupHandler

Bases: nova.network.sg.SecurityGroupHandlerBase

trigger_instance_add_security_group_refresh(context, instance, group_name)

Called when a security group gains a new member.

Parameters:

• context – the security context.
• instance – the instance to be associated.
• group_name – the name of the security group to be associated.

trigger_instance_remove_security_group_refresh(context, instance, group_name)

Called when a security group loses a member.

Parameters:

• context – the security context.
• instance – the instance to be associated.
• group_name – the name of the security group to be associated.

trigger_security_group_create_refresh(context, group)

Called when a rule is added to a security_group.

Parameters:

• context – the security context.
• group – the new group added. group is a dictionary that contains the following: user_id, project_id, name, description).

trigger_security_group_destroy_refresh(context, security_group_id)

Called when a rule is added to a security_group.

Parameters:

• context – the security context.
• security_group_id – the security group identifier.

trigger_security_group_members_refresh(context, group_ids)

Called when a security group gains or loses a member.

Parameters:

• context – the security context.
• group_ids – a list of security group identifiers.

trigger_security_group_rule_create_refresh(context, rule_ids)

Called when a rule is added to a security_group.

Parameters:

• context – the security context.
• rule_ids – a list of rule ids that have been affected.

trigger_security_group_rule_destroy_refresh(context, rule_ids)

Called when a rule is removed from a security_group.

Parameters:

• context – the security context.
• rule_ids – a list of rule ids that have been affected.

class SecurityGroupHandlerBase

Bases: object

trigger_instance_add_security_group_refresh(context, instance, group_name)

Called when a security group gains a new member.

Parameters:

• context – the security context.
• instance – the instance to be associated.
• group_name – the name of the security group to be associated.

trigger_instance_remove_security_group_refresh(context, instance, group_name)

Called when a security group loses a member.

Parameters:

• context – the security context.
• instance – the instance to be associated.
• group_name – the name of the security group to be associated.

trigger_security_group_create_refresh(context, group)

Called when a security group is created

Parameters:

• context – the security context.
• group – the new group added. group is a dictionary that contains the following: user_id, project_id, name, description).

trigger_security_group_destroy_refresh(context, security_group_id)

Called when a security group is deleted

Parameters:

• context – the security context.
• security_group_id – the security group identifier.

trigger_security_group_members_refresh(context, group_ids)

Called when a security group gains or loses a member.

Parameters:

• context – the security context.
• group_ids – a list of security group identifiers.

trigger_security_group_rule_create_refresh(context, rule_ids)

Called when a rule is added to a security_group.

Parameters:

• context – the security context.
• rule_ids – a list of rule ids that have been affected.

trigger_security_group_rule_destroy_refresh(context, rule_ids)

Called when a rule is removed from a security_group.

Parameters:

• context – the security context.
• rule_ids – a list of rule ids that have been affected.