ML2PortSecurityExtensionDriver is working

本文主要是介绍ML2PortSecurityExtensionDriver is working，希望对大家解决编程问题提供一定的参考价值，需要的开发者们随着小编来一起学习吧！

在openstack的kilo版本终于加上了这个ML2PortSecurityExtensionDriver，这样在openstack里做NFV的实验就会轻松很多，因为很多时候需要让流量通过VM;

Openstack kilo的最新port-security介绍文档如下
http://specs.openstack.org/openstack/neutron-specs/specs/kilo/ml2-ovs-portsecurity.html
Openstack kilo的最新port-security配置文档如下
https://wiki.openstack.org/wiki/Neutron/ML2PortSecurityExtensionDriver

port-security代码如下：

from neutron.api import extensions
from neutron.api.v2 import attributes
from neutron.common import exceptions as nexceptionclass PortSecurityPortHasSecurityGroup(nexception.InUse):message = _("Port has security group associated. Cannot disable port ""security or ip address until security group is removed")class PortSecurityAndIPRequiredForSecurityGroups(nexception.InvalidInput):message = _("Port security must be enabled and port must have an IP"" address in order to use security groups.")class PortSecurityBindingNotFound(nexception.InvalidExtensionEnv):message = _("Port does not have port security binding.")PORTSECURITY = 'port_security_enabled'
EXTENDED_ATTRIBUTES_2_0 = {'networks': {PORTSECURITY: {'allow_post': True, 'allow_put': True,'convert_to': attributes.convert_to_boolean,'enforce_policy': True,'default': True,'is_visible': True},},'ports': {PORTSECURITY: {'allow_post': True, 'allow_put': True,'convert_to': attributes.convert_to_boolean,'default': attributes.ATTR_NOT_SPECIFIED,'enforce_policy': True,'is_visible': True},}
}class Portsecurity(extensions.ExtensionDescriptor):"""Extension class supporting port security."""@classmethoddef get_name(cls):return "Port Security"@classmethoddef get_alias(cls):return "port-security"@classmethoddef get_description(cls):return "Provides port security"@classmethoddef get_updated(cls):return "2012-07-23T10:00:00-00:00"def get_extended_resources(self, version):if version == "2.0":return EXTENDED_ATTRIBUTES_2_0else:return {}