diff --git a/install.sh b/install.sh index 04017cb22f..6560589439 100755 --- a/install.sh +++ b/install.sh @@ -268,7 +268,6 @@ VAR_DIRS="$VAR_LOCATION/remotes \ $VAR_LOCATION/remotes/vnm/ovswitch \ $VAR_LOCATION/remotes/vnm/ovswitch_brcompat \ $VAR_LOCATION/remotes/vnm/vmware \ - $VAR_LOCATION/remotes/vnm/security_groups \ $VAR_LOCATION/remotes/tm/ \ $VAR_LOCATION/remotes/tm/dummy \ $VAR_LOCATION/remotes/tm/shared \ @@ -455,7 +454,6 @@ INSTALL_FILES=( NETWORK_OVSWITCH_FILES:$VAR_LOCATION/remotes/vnm/ovswitch NETWORK_OVSWITCH_BRCOMPAT_FILES:$VAR_LOCATION/remotes/vnm/ovswitch_brcompat NETWORK_VMWARE_FILES:$VAR_LOCATION/remotes/vnm/vmware - NETWORK_SG_FILES:$VAR_LOCATION/remotes/vnm/security_groups EXAMPLE_SHARE_FILES:$SHARE_LOCATION/examples WEBSOCKIFY_SHARE_FILES:$SHARE_LOCATION/websockify INSTALL_GEMS_SHARE_FILE:$SHARE_LOCATION @@ -971,10 +969,6 @@ NETWORK_VMWARE_FILES="src/vnm_mad/remotes/vmware/clean \ src/vnm_mad/remotes/vmware/pre \ src/vnm_mad/remotes/vmware/VMware.rb" -NETWORK_SG_FILES="src/vnm_mad/remotes/security_groups/clean \ - src/vnm_mad/remotes/security_groups/post \ - src/vnm_mad/remotes/security_groups/pre" - #------------------------------------------------------------------------------- # Transfer Manager commands, to be installed under $LIB_LOCATION/tm_commands # - SHARED TM, $VAR_LOCATION/tm/shared diff --git a/src/vnm_mad/remotes/fw/clean b/src/vnm_mad/remotes/fw/clean index 8082ba65aa..6a454dda31 100755 --- a/src/vnm_mad/remotes/fw/clean +++ b/src/vnm_mad/remotes/fw/clean @@ -20,7 +20,15 @@ $: << File.dirname(__FILE__) $: << File.join(File.dirname(__FILE__), "..") require 'OpenNebulaNetwork' +require 'SecurityGroups' require 'Firewall' -fw = OpenNebulaFirewall.from_base64(ARGV[0]) -fw.deactivate +template64 = ARGV[0] + +if OpenNebulaNetwork.has_fw_attrs?(template64) + fw = OpenNebulaFirewall.from_base64(template64) + fw.deactivate +else + sg = OpenNebulaSG.from_base64(template64) + sg.deactivate +end diff --git a/src/vnm_mad/remotes/fw/post b/src/vnm_mad/remotes/fw/post index 8e5a29a6f1..8fae58c232 100755 --- a/src/vnm_mad/remotes/fw/post +++ b/src/vnm_mad/remotes/fw/post @@ -20,10 +20,38 @@ $: << File.dirname(__FILE__) $: << File.join(File.dirname(__FILE__), "..") require 'OpenNebulaNetwork' +require 'SecurityGroups' require 'Firewall' template64 = ARGV[0] deploy_id = ARGV[1] -fw = OpenNebulaFirewall.from_base64(template64, deploy_id) -fw.activate +if OpenNebulaNetwork.has_fw_attrs?(template64) + fw = OpenNebulaFirewall.from_base64(template64, deploy_id) + fw.activate +else + sg = OpenNebulaSG.from_base64(template64, deploy_id) + begin + sg.activate + rescue OpenNebulaSGError => e + error = e.error + stage = e.stage + + OpenNebula.log_error(error.message) + OpenNebula.log_error(error.backtrace) + + case stage + when :bootstrap, :security_groups + OpenNebula.log_info("Deactivating security groups for #{deploy_id}.") + + sg.deactivate + when :deactivate + OpenNebula.log_error("Error deactivating security group rules for #{deploy_id}. Please verify manually.") + end + exit 1 + rescue Exception => error + OpenNebula.log_error(error.message) + OpenNebula.log_error(error.backtrace) + exit 1 + end +end diff --git a/src/vnm_mad/remotes/fw/pre b/src/vnm_mad/remotes/fw/pre index d240d61f7d..6ae943159e 100755 --- a/src/vnm_mad/remotes/fw/pre +++ b/src/vnm_mad/remotes/fw/pre @@ -16,4 +16,4 @@ # limitations under the License. # #--------------------------------------------------------------------------- # -exit 0 \ No newline at end of file +exit 0 diff --git a/src/vnm_mad/remotes/security_groups/clean b/src/vnm_mad/remotes/security_groups/clean deleted file mode 100755 index 6a454dda31..0000000000 --- a/src/vnm_mad/remotes/security_groups/clean +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env ruby - -# -------------------------------------------------------------------------- # -# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. You may obtain # -# a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -#--------------------------------------------------------------------------- # - -$: << File.dirname(__FILE__) -$: << File.join(File.dirname(__FILE__), "..") - -require 'OpenNebulaNetwork' -require 'SecurityGroups' -require 'Firewall' - -template64 = ARGV[0] - -if OpenNebulaNetwork.has_fw_attrs?(template64) - fw = OpenNebulaFirewall.from_base64(template64) - fw.deactivate -else - sg = OpenNebulaSG.from_base64(template64) - sg.deactivate -end diff --git a/src/vnm_mad/remotes/security_groups/post b/src/vnm_mad/remotes/security_groups/post deleted file mode 100755 index 8fae58c232..0000000000 --- a/src/vnm_mad/remotes/security_groups/post +++ /dev/null @@ -1,57 +0,0 @@ -#!/usr/bin/env ruby - -# -------------------------------------------------------------------------- # -# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. You may obtain # -# a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -#--------------------------------------------------------------------------- # - -$: << File.dirname(__FILE__) -$: << File.join(File.dirname(__FILE__), "..") - -require 'OpenNebulaNetwork' -require 'SecurityGroups' -require 'Firewall' - -template64 = ARGV[0] -deploy_id = ARGV[1] - -if OpenNebulaNetwork.has_fw_attrs?(template64) - fw = OpenNebulaFirewall.from_base64(template64, deploy_id) - fw.activate -else - sg = OpenNebulaSG.from_base64(template64, deploy_id) - begin - sg.activate - rescue OpenNebulaSGError => e - error = e.error - stage = e.stage - - OpenNebula.log_error(error.message) - OpenNebula.log_error(error.backtrace) - - case stage - when :bootstrap, :security_groups - OpenNebula.log_info("Deactivating security groups for #{deploy_id}.") - - sg.deactivate - when :deactivate - OpenNebula.log_error("Error deactivating security group rules for #{deploy_id}. Please verify manually.") - end - exit 1 - rescue Exception => error - OpenNebula.log_error(error.message) - OpenNebula.log_error(error.backtrace) - exit 1 - end -end diff --git a/src/vnm_mad/remotes/security_groups/pre b/src/vnm_mad/remotes/security_groups/pre deleted file mode 100755 index 6ae943159e..0000000000 --- a/src/vnm_mad/remotes/security_groups/pre +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -# -------------------------------------------------------------------------- # -# Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); you may # -# not use this file except in compliance with the License. You may obtain # -# a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -#--------------------------------------------------------------------------- # - -exit 0