[CLOUDSTACK-10020] Changes to make marvin work with projects and VPCs (#2206)

Co-authored-by: dahn <daan.hoogland@shapeblue.com>
2025-10-26 08:42:29 +01:00 · 2020-10-24 07:00:57 -04:00 · 2020-10-24 07:00:57 -04:00 · 5316810aa3
commit 5316810aa3
parent f4f35a8995
1 changed files with 76 additions and 35 deletions
--- a/tools/marvin/marvin/lib/base.py
+++ b/tools/marvin/marvin/lib/base.py
@ -451,34 +451,53 @@ class VirtualMachine:
    @classmethod
    def access_ssh_over_nat(
            cls, apiclient, services, virtual_machine, allow_egress=False,
-            networkid=None):
+            networkid=None, vpcid=None):
        """
        Program NAT and PF rules to open up ssh access to deployed guest
        @return:
        """
-        public_ip = PublicIPAddress.create(
-            apiclient=apiclient,
-            accountid=virtual_machine.account,
-            zoneid=virtual_machine.zoneid,
-            domainid=virtual_machine.domainid,
-            services=services,
-            networkid=networkid
-        )
-        FireWallRule.create(
-            apiclient=apiclient,
-            ipaddressid=public_ip.ipaddress.id,
-            protocol='TCP',
-            cidrlist=['0.0.0.0/0'],
-            startport=22,
-            endport=22
-        )
-        nat_rule = NATRule.create(
-            apiclient=apiclient,
-            virtual_machine=virtual_machine,
-            services=services,
-            ipaddressid=public_ip.ipaddress.id
-        )
-        if allow_egress:
+        # VPCs have ACLs managed differently
+        if vpcid:
+            public_ip = PublicIPAddress.create(
+                apiclient=apiclient,
+                accountid=virtual_machine.account,
+                zoneid=virtual_machine.zoneid,
+                domainid=virtual_machine.domainid,
+                services=services,
+                vpcid=vpcid
+            )
+
+            nat_rule = NATRule.create(
+                apiclient=apiclient,
+                virtual_machine=virtual_machine,
+                services=services,
+                ipaddressid=public_ip.ipaddress.id,
+                networkid=networkid)
+        else:
+            public_ip = PublicIPAddress.create(
+                apiclient=apiclient,
+                accountid=virtual_machine.account,
+                zoneid=virtual_machine.zoneid,
+                domainid=virtual_machine.domainid,
+                services=services,
+                networkid=networkid,
+            )
+
+            FireWallRule.create(
+                apiclient=apiclient,
+                ipaddressid=public_ip.ipaddress.id,
+                protocol='TCP',
+                cidrlist=['0.0.0.0/0'],
+                startport=22,
+                endport=22
+            )
+            nat_rule = NATRule.create(
+                apiclient=apiclient,
+                virtual_machine=virtual_machine,
+                services=services,
+                ipaddressid=public_ip.ipaddress.id)
+
+        if allow_egress and not vpcid:
            try:
                EgressFireWallRule.create(
                    apiclient=apiclient,
@ -502,7 +521,7 @@ class VirtualMachine:
               hostid=None, keypair=None, ipaddress=None, mode='default',
               method='GET', hypervisor=None, customcpunumber=None,
               customcpuspeed=None, custommemory=None, rootdisksize=None,
-               rootdiskcontroller=None, macaddress=None, datadisktemplate_diskoffering_list={}):
+               rootdiskcontroller=None, vpcid=None, macaddress=None, datadisktemplate_diskoffering_list={}):
        """Create the instance"""

        cmd = deployVirtualMachine.deployVirtualMachineCmd()
@ -654,7 +673,8 @@ class VirtualMachine:
                        services,
                        virtual_machine,
                        allow_egress=allow_egress,
-                        networkid=cmd.networkids[0] if cmd.networkids else None)
+                        networkid=cmd.networkids[0] if cmd.networkids else None,
+                        vpcid=vpcid)
                elif mode.lower() == 'basic':
                    if virtual_machine.publicip is not None:
                        # EIP/ELB (netscaler) enabled zone
@ -1042,7 +1062,7 @@ class Volume:

    @classmethod
    def create_custom_disk(cls, apiclient, services, account=None,
-                           domainid=None, diskofferingid=None):
+                           domainid=None, diskofferingid=None, projectid=None):
        """Create Volume from Custom disk offering"""
        cmd = createVolume.createVolumeCmd()
        cmd.name = services["diskname"]
@ -1065,19 +1085,22 @@ class Volume:

        if account:
            cmd.account = account
-        else:
+        elif "account" in services:
            cmd.account = services["account"]

        if domainid:
            cmd.domainid = domainid
-        else:
+        elif "domainid" in services:
            cmd.domainid = services["domainid"]

+        if projectid:
+            cmd.projectid = projectid
+
        return Volume(apiclient.createVolume(cmd).__dict__)

    @classmethod
    def create_from_snapshot(cls, apiclient, snapshot_id, services,
-                             account=None, domainid=None):
+                             account=None, domainid=None, projectid=None):
        """Create Volume from snapshot"""
        cmd = createVolume.createVolumeCmd()
        cmd.name = "-".join([services["diskname"], random_gen()])
@ -1091,12 +1114,16 @@ class Volume:
            cmd.ispublic = False
        if account:
            cmd.account = account
-        else:
+        elif "account" in services:
            cmd.account = services["account"]
        if domainid:
            cmd.domainid = domainid
-        else:
+        elif "domainid" in services:
            cmd.domainid = services["domainid"]
+
+        if projectid:
+            cmd.projectid = projectid
+
        return Volume(apiclient.createVolume(cmd).__dict__)

    @classmethod
@ -1445,8 +1472,8 @@ class Template:
        return Template(apiclient.createTemplate(cmd).__dict__)

    @classmethod
-    def create_from_snapshot(cls, apiclient, snapshot, services,
-                             random_name=True):
+    def create_from_snapshot(cls, apiclient, snapshot, services, account=None,
+                             domainid=None, projectid=None, random_name=True):
        """Create Template from snapshot"""
        # Create template from Snapshot ID
        cmd = createTemplate.createTemplateCmd()
@ -1485,6 +1512,17 @@ class Template:
            raise Exception(
                "Unable to find Ostype is required for creating template")

+        cmd.snapshotid = snapshot.id
+
+        if account:
+            cmd.account = account
+        if domainid:
+            cmd.domainid = domainid
+        if projectid:
+            cmd.projectid = projectid
+
+        return Template(apiclient.createTemplate(cmd).__dict__)
+
    def delete(self, apiclient, zoneid=None):
        """Delete Template"""

@ -3921,7 +3959,7 @@ class VpnCustomerGateway:

    @classmethod
    def create(cls, apiclient, services, name, gateway, cidrlist,
-               account=None, domainid=None):
+               account=None, domainid=None, projectid=None):
        """Create VPN Customer Gateway"""
        cmd = createVpnCustomerGateway.createVpnCustomerGatewayCmd()
        cmd.name = name
@ -3945,6 +3983,9 @@ class VpnCustomerGateway:
            cmd.account = account
        if domainid:
            cmd.domainid = domainid
+        if projectid:
+            cmd.projectid = projectid
+
        return VpnCustomerGateway(
            apiclient.createVpnCustomerGateway(cmd).__dict__)