NSX|V: provide admin utility to update default cluster section
Have an admin utility to update the default cluster section. This
will save restarting neutron every time a cluster is added/deleted.
Admin utility command is:
nsxadmin -r firewall-sections -o nsx-update
The cluster modefs still need to be updated in the nsx.ini file
Change-Id: If750c150a1b624b5a321dc744e0f538b3a58c5b5
This commit is contained in:
Gary Kotton
garyk
parent
228181c7da
commit
d85dd105b8
@ -197,6 +197,10 @@ Security Groups, Firewall and Spoofguard
|
|||||||
|
|
||||||
nsxadmin -r firewall-sections -o nsx-reorder
|
nsxadmin -r firewall-sections -o nsx-reorder
|
||||||
|
|
||||||
|
- Update the default cluster section
|
||||||
|
|
||||||
|
nsxadmin -r firewall-sections -o nsx-update
|
||||||
|
|
||||||
Metadata
|
Metadata
|
||||||
~~~~~~~~
|
~~~~~~~~
|
||||||
|
|
||||||
|
|||||||
@ -406,6 +406,14 @@ def migrate_sg_to_policy(resource, event, trigger, **kwargs):
|
|||||||
LOG.info("Done.")
|
LOG.info("Done.")
|
||||||
|
|
||||||
|
|
||||||
|
@admin_utils.output_header
|
||||||
|
def firewall_update_cluster_default_fw_section(resource, event, trigger,
|
||||||
|
**kwargs):
|
||||||
|
with utils.NsxVPluginWrapper() as plugin:
|
||||||
|
plugin._create_cluster_default_fw_section()
|
||||||
|
LOG.info("Cluster default FW section updated.")
|
||||||
|
|
||||||
|
|
||||||
registry.subscribe(migrate_sg_to_policy,
|
registry.subscribe(migrate_sg_to_policy,
|
||||||
constants.SECURITY_GROUPS,
|
constants.SECURITY_GROUPS,
|
||||||
shell.Operations.MIGRATE_TO_POLICY.value)
|
shell.Operations.MIGRATE_TO_POLICY.value)
|
||||||
@ -413,3 +421,7 @@ registry.subscribe(migrate_sg_to_policy,
|
|||||||
registry.subscribe(reorder_firewall_sections,
|
registry.subscribe(reorder_firewall_sections,
|
||||||
constants.FIREWALL_SECTIONS,
|
constants.FIREWALL_SECTIONS,
|
||||||
shell.Operations.NSX_REORDER.value)
|
shell.Operations.NSX_REORDER.value)
|
||||||
|
|
||||||
|
registry.subscribe(firewall_update_cluster_default_fw_section,
|
||||||
|
constants.FIREWALL_SECTIONS,
|
||||||
|
shell.Operations.NSX_UPDATE.value)
|
||||||
|
|||||||
@ -150,6 +150,10 @@ nsxv_resources = {
|
|||||||
constants.FIREWALL_NSX_GROUPS: Resource(
|
constants.FIREWALL_NSX_GROUPS: Resource(
|
||||||
constants.FIREWALL_NSX_GROUPS, [Operations.LIST.value,
|
constants.FIREWALL_NSX_GROUPS, [Operations.LIST.value,
|
||||||
Operations.LIST_MISMATCHES.value]),
|
Operations.LIST_MISMATCHES.value]),
|
||||||
|
constants.FIREWALL_SECTIONS: Resource(constants.FIREWALL_SECTIONS,
|
||||||
|
[Operations.LIST.value,
|
||||||
|
Operations.LIST_MISMATCHES.value,
|
||||||
|
Operations.NSX_UPDATE.value]),
|
||||||
constants.METADATA: Resource(
|
constants.METADATA: Resource(
|
||||||
constants.METADATA, [Operations.NSX_UPDATE.value,
|
constants.METADATA, [Operations.NSX_UPDATE.value,
|
||||||
Operations.NSX_UPDATE_SECRET.value,
|
Operations.NSX_UPDATE_SECRET.value,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user