Skip to content

Commit

Permalink
Merge pull request #571 from deNBI/feat/project_sec_group
Browse files Browse the repository at this point in the history
fix(Security Groups): Locking mechanisms for checking security groups project wise
  • Loading branch information
dweinholz authored Aug 19, 2024
2 parents 719d1d4 + 37c46bb commit cb9d26b
Showing 1 changed file with 36 additions and 24 deletions.
60 changes: 36 additions & 24 deletions simple_vm_client/openstack_connector/openstack_connector.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import sys
import urllib
import urllib.parse
import threading
from contextlib import closing
from typing import Union
from uuid import uuid4
Expand Down Expand Up @@ -54,6 +55,9 @@

ALL_TEMPLATES = [BIOCONDA]

lock_dict = {}
lock_access = threading.Lock()


class OpenStackConnector:
def __init__(self, config_file: str):
Expand Down Expand Up @@ -1034,33 +1038,41 @@ def get_or_create_vm_security_group(self, openstack_id):

def get_or_create_project_security_group(self, project_name, project_id):
security_group_name = f"{project_name}_{project_id}"
logger.info(
f"Check if Security Group for project - [{project_name}-{project_id}] exists... "
)
sec = self.openstack_connection.get_security_group(
name_or_id=security_group_name
)
if sec:

with lock_access:
if security_group_name not in lock_dict:
lock_dict[security_group_name] = threading.Lock()
lock = lock_dict[security_group_name]

with lock:
logger.info(
f"Security group [{project_name}-{project_id}] already exists."
f"Check if Security Group for project - [{project_name}-{project_id}] exists... "
)
return sec["id"]
sec = self.openstack_connection.get_security_group(
name_or_id=security_group_name
)
if sec:
logger.info(
f"Security group [{project_name}-{project_id}] already exists."
)
return sec["id"]

logger.info(
f"No security Group for [{project_name}-{project_id}] exists. Creating.. "
)
new_security_group = self.openstack_connection.create_security_group(
name=security_group_name, description=f"{project_name} Security Group"
)
self.openstack_connection.network.create_security_group_rule(
direction="ingress",
protocol="tcp",
port_range_max=22,
port_range_min=22,
security_group_id=new_security_group["id"],
remote_group_id=new_security_group["id"],
)
return new_security_group["id"]
logger.info(
f"No security Group for [{project_name}-{project_id}] exists. Creating.. "
)
new_security_group = self.openstack_connection.create_security_group(
name=security_group_name, description=f"{project_name} Security Group"
)
self.openstack_connection.network.create_security_group_rule(
direction="ingress",
protocol="tcp",
port_range_max=22,
port_range_min=22,
security_group_id=new_security_group["id"],
remote_group_id=new_security_group["id"],
)
return new_security_group["id"]


def get_limits(self) -> dict[str, str]:
logger.info("Get Limits")
Expand Down

0 comments on commit cb9d26b

Please sign in to comment.