Fix various bugs and add "floating IP handler" to the OpenStack provider #301
The original code was faulty, because the ex_find_or_import_keypair_by_key_material function returned a key pair object, and that object was placed in params['KeyName'], which was later expected to contain only the key name, not the key pair object. This fix places only the key name in params['KeyName'].
In Python 3, the original code didn't work, because there is no `encode` function for binaries: (Python3.3)>>> [x.encode("hex") for x in b"abc"] Traceback (most recent call last): File "<stdin>", line 1, in <module> File "<stdin>", line 1, in <listcomp> AttributeError: 'int' object has no attribute 'encode' String do have an `encode` method, but it is a different function from the `encode` in Python 2: (Python3.3)>>> [x.encode("hex") for x in "abc"] Traceback (most recent call last): File "<stdin>", line 1, in <module> File "<stdin>", line 1, in <listcomp> LookupError: unknown encoding: hex So I added a "hexadigits" function to our compatibility module (py3) and used that in _to_md5_fingerprint.
In Python 3, the original code didn't work, because there we cannot concatenate a string and a byte string. The new code produces two binaries in Python 3 and two string in Python 2, so they can be concatenated in both versions.
If the cidr_ips parameter in this function is None, and therefore the IpPermissions.1.IpRanges.1.CidrIp is not present in the request to the EC2 API, the request is not performed. (The response does not indicate an error, but the security rule is not created). This behaviour is not documented in http://docs.aws.amazon.com/AWSEC2/latest/APIReference/ApiReference-query-AuthorizeSecurityGroupIngress.html, but it is reproducable. The following request didn't work: Action=AuthorizeSecurityGroupIngress GroupId=sg-a4b44ece IpPermissions.1.FromPort=22 IpPermissions.1.IpProtocol=tcp IpPermissions.1.ToPort=22 AWSAccessKeyId=... Signature=... SignatureMethod=HmacSHA256 SignatureVersion=2 Timestamp=2014-04-16T07%3A43%3A21Z Version=2013-10-15 While this one did (the only difference is adding CidrIp): Action=AuthorizeSecurityGroupIngress GroupId=sg-a4b44ece IpPermissions.1.FromPort=22 IpPermissions.1.IpProtocol=tcp IpPermissions.1.ToPort=22 IpPermissions.1.IpRanges.1.CidrIp=0.0.0.0/0 AWSAccessKeyId=... Signature=... SignatureMethod=HmacSHA256 SignatureVersion=2 Timestamp=2014-04-16T07%3A43%3A21Z Version=2013-10-15
According to https://wiki.openstack.org/wiki/Os-security-groups#Delete_Security_Group and my own experiments with the HP cloud, the provider's answer upon success is not NO_CONTENT (HTTP status code 204) but ACCEPTED (HTTP status code 202). So I modified to code to accept ACCEPTED. I still kept NO_CONTENT (I would think it was put there because some provider did return NO_CONTENT).
The Compute API of the HP Cloud used by Libcloud  does not support floating IP pools, but it does support floating IPs. (To be more precise, one needs to use floating IPs if he wants to access the instance from outside the cloud.) So I added floating ip handling methods to the OpenStack_1_1_NodeDriver class.  HP Helion Public Cloud v13.5 Compute Service: https://docs.hpcloud.com/api/v13/compute/#3.10Extensions
I updated three commits:
@hcs42 Btw, I know this has already been merged, but what do you think about this approach - https://issues.apache.org/jira/browse/LIBCLOUD-567?focusedCommentId=14012135&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14012135 ?
The following PR shows that after I proposed my solution for the problem of using floating IP addressed with ex_create_floating_ip_handler, in the end we went for a different solution (ex_create_floating_ip): apache/libcloud#301 This commit changes elibcloud accordingly.
apache-libcloud 0.15.0 fixed some Python 3 compatibility bugs which might critical: apache/libcloud#301 https://libcloud.readthedocs.org/en/latest/changelog.html#changes-with-apache-libcloud-0-15-0