nova和neutron都可以,但是感觉还是用neutron好。
import neutronclient.v2_0.client as neclient
neutron = neclient.Client(username='admin',password='password',tenant_name='admin',auth_url='http://ip:5000/v2.0')
s1 = neutron.create_security_group(body={'security_group':{'name':'block'}})
for r in s1['security_group']['security_group_rules']:
neutron.delete_security_group_rule(security_group_rule=r['id'])
sgs = neutron.list_security_groups()['security_groups']
s2 = ''
for sg in sgs:
if sg['name']=='block':
s2 = sg
break
if s2!='':
neutron.create_security_group_rule(body={"security_group_rule": {
"direction": "ingress",
"ethertype": "IPv4",
"protocol": None,
"remote_ip_prefix":"192.168.0.0/16",
"security_group_id":s2['id'] }
})
neutron.create_security_group_rule(body={"security_group_rule": {
"direction": "egress",
"ethertype": "IPv4",
"protocol": None,
"remote_ip_prefix":"192.168.0.0/16",
"security_group_id":s2['id'] }
})
文档感觉很low,去binding python的文档看neutron的简直想死 http://docs.openstack.org/developer/python-neutronclient/ 。。。只能去看源码
看参数还是得去看原生api http://developer.openstack.org/api-ref-networking-v2-ext.html