[libcloud] Firewall Configurations, was Fwd: svn commit: r902984 - /incubator/libcloud/trunk/libcloud/drivers/ec2.py

[Paul Querna]

Any thoughts about how we should make generic firewall configurations?

For ec2 specifically, its kinda annoying if you boot a node and you
can't... access it at all :)


---------- Forwarded message ----------
From:  <pque...@apache.org>
Date: Mon, Jan 25, 2010 at 1:37 PM
Subject: svn commit: r902984 - /incubator/libcloud/trunk/libcloud/drivers/ec2.py
To: libcloud-comm...@incubator.apache.org


Author: pquerna
Date: Mon Jan 25 21:37:44 2010
New Revision: 902984

URL: http://svn.apache.org/viewvc?rev=902984&view=rev
Log:
Add create_security_group and authorize_security_group_permissive to ec2 driver.

Modified:
   incubator/libcloud/trunk/libcloud/drivers/ec2.py

Modified: incubator/libcloud/trunk/libcloud/drivers/ec2.py
URL: 
http://svn.apache.org/viewvc/incubator/libcloud/trunk/libcloud/drivers/ec2.py?rev=902984&r1=902983&r2=902984&view=diff
==============================================================================
--- incubator/libcloud/trunk/libcloud/drivers/ec2.py (original)
+++ incubator/libcloud/trunk/libcloud/drivers/ec2.py Mon Jan 25 21:37:44 2010
@@ -270,6 +270,42 @@
                    self.connection.request('/', params=params).object)
        return images

+    def create_security_group(self, name, description):
+        params = {'Action': 'CreateSecurityGroup',
+                  'GroupName': name,
+                  'GroupDescription': description}
+        return self.connection.request('/', params=params).object
+
+    def authorize_security_group_permissive(self, name):
+        results = []
+        params = {'Action': 'AuthorizeSecurityGroupIngress',
+                  'GroupName': name,
+                  'IpProtocol': 'tcp',
+                  'FromPort': '0',
+                  'ToPort': '65535',
+                  'CidrIp': '0.0.0.0/0'}
+        try:
+            results.append(self.connection.request('/',
params=params.copy()).object)
+        except Exception, e:
+            if e.args[0].find("InvalidPermission.Duplicate") == -1:
+                raise e
+        params['IpProtocol'] = 'udp'
+
+        try:
+            results.append(self.connection.request('/',
params=params.copy()).object)
+        except Exception, e:
+            if e.args[0].find("InvalidPermission.Duplicate") == -1:
+                raise e
+
+        params.update({'IpProtocol': 'icmp', 'FromPort': '-1', 'ToPort': '-1'})
+
+        try:
+            results.append(self.connection.request('/',
params=params.copy()).object)
+        except Exception, e:
+            if e.args[0].find("InvalidPermission.Duplicate") == -1:
+                raise e
+        return results
+
    # name doesn't apply to EC2 nodes.
    def create_node(self, **kwargs):
        name = kwargs["name"]