def _security_group_rule_create(self, sg_id, sg_rule)
sg_vnc = self._vnc_lib.security_group_read(id=sg_id)
#read the group - API request 1
rules = sg_vnc.get_security_group_entries()
#get the rules from the group
rules.add_policy_rule(sg_rule)
#add sg_rule to SG rules
sg_vnc.set_security_group_entries(rules)
#prepare object for update
self._vnc_lib.security_group_update(sg_vnc)
#update SG - API request 2
If there was API request to update the same SG with self._vnc_lib.security_group_update(sg_vnc), adding rule 5 on existing 4 rules, and if landed in time between API request 1 and API request 2 above, then it will be lost. It's because of the time for "API request 1" there were 4 rules.
API returns 200/OK as it's doing correctly what was requested - to update SG adding rules one by one.
Solution could be to accept the list or rules, loop it and do rules.add_policy_rule(sg_rule),
but we'll need a new methods as we're sending only one rule in existing ones.
https:/ /github. com/Juniper/ contrail- controller/ blob/R3. 2/src/config/ vnc_openstack/ vnc_openstack/ __init_ _.py#L1079 /github. com/Juniper/ contrail- controller/ blob/R3. 2/src/config/ vnc_openstack/ vnc_openstack/ neutron_ plugin_ interface. py#L614 /github. com/Juniper/ contrail- controller/ blob/R3. 2/src/config/ vnc_openstack/ vnc_openstack/ neutron_ plugin_ interface. py#L584 /github. com/Juniper/ contrail- controller/ blob/R3. 2/src/config/ vnc_openstack/ vnc_openstack/ neutron_ plugin_ db.py#L4628 /github. com/Juniper/ contrail- controller/ blob/R3. 2/src/config/ vnc_openstack/ vnc_openstack/ neutron_ plugin_ db.py#L1265 /github. com/Juniper/ contrail- controller/ blob/R3. 2/src/config/ vnc_openstack/ vnc_openstack/ neutron_ plugin_ db.py#L395
https:/
https:/
https:/
https:/
https:/
def _security_ group_rule_ create( self, sg_id, sg_rule) lib.security_ group_read( id=sg_id) get_security_ group_entries( ) policy_ rule(sg_ rule) set_security_ group_entries( rules) lib.security_ group_update( sg_vnc)
sg_vnc = self._vnc_
#read the group - API request 1
rules = sg_vnc.
#get the rules from the group
rules.add_
#add sg_rule to SG rules
sg_vnc.
#prepare object for update
self._vnc_
#update SG - API request 2
If there was API request to update the same SG with self._vnc_ lib.security_ group_update( sg_vnc) , adding rule 5 on existing 4 rules, and if landed in time between API request 1 and API request 2 above, then it will be lost. It's because of the time for "API request 1" there were 4 rules.
API returns 200/OK as it's doing correctly what was requested - to update SG adding rules one by one.
Solution could be to accept the list or rules, loop it and do rules.add_ policy_ rule(sg_ rule),
but we'll need a new methods as we're sending only one rule in existing ones.