diff --git a/pkg/compute/models/guests.go b/pkg/compute/models/guests.go index a7bc6f14c9..cb54d43da8 100644 --- a/pkg/compute/models/guests.go +++ b/pkg/compute/models/guests.go @@ -4378,8 +4378,8 @@ func (self *SGuest) getSecgroupExternalIds(provider *SCloudprovider) []string { return externalIds } -func (self *SGuest) getSecgroupByCache(provider *SCloudprovider, vpcId string, externalId string) (*SSecurityGroup, error) { - q := SecurityGroupCacheManager.Query().Equals("manager_id", provider.Id).Equals("external_id", externalId).Equals("vpc_id", vpcId) +func (self *SGuest) getSecgroupByCache(provider *SCloudprovider, externalId string) (*SSecurityGroup, error) { + q := SecurityGroupCacheManager.Query().Equals("manager_id", provider.Id).Equals("external_id", externalId) cache := SSecurityGroupCache{} cache.SetModelManager(SecurityGroupCacheManager, &cache) count, err := q.CountWithError() @@ -4413,17 +4413,11 @@ func (self *SGuest) setSecgroupPublicScope(secgroup *SSecurityGroup) error { func (self *SGuest) SyncVMSecgroups(ctx context.Context, userCred mcclient.TokenCredential, provider *SCloudprovider, secgroupIds []string) compare.SyncResult { syncResult := compare.SyncResult{} - vpc, err := self.GetVpc() - if err != nil { - syncResult.AddError(err) - return syncResult - } - secgroupExternalIds := self.getSecgroupExternalIds(provider) _secgroupIds := []string{} for _, secgroupId := range secgroupIds { - secgroup, err := self.getSecgroupByCache(provider, vpc.GetId(), secgroupId) + secgroup, err := self.getSecgroupByCache(provider, secgroupId) if err != nil { syncResult.AddError(err) continue diff --git a/pkg/compute/regiondrivers/ctyun.go b/pkg/compute/regiondrivers/ctyun.go index b6b78ffb38..b6186d42f6 100644 --- a/pkg/compute/regiondrivers/ctyun.go +++ b/pkg/compute/regiondrivers/ctyun.go @@ -49,7 +49,3 @@ func (self *SCtyunRegionDriver) ValidateCreateLoadbalancerAclData(ctx context.Co func (self *SCtyunRegionDriver) ValidateCreateLoadbalancerCertificateData(ctx context.Context, userCred mcclient.TokenCredential, data *jsonutils.JSONDict) (*jsonutils.JSONDict, error) { return nil, httperrors.NewNotImplementedError("%s does not currently support creating loadbalancer certificate", self.GetProvider()) } - -func (self *SCtyunRegionDriver) IsSecurityGroupBelongVpc() bool { - return true -} diff --git a/pkg/compute/regiondrivers/huawei.go b/pkg/compute/regiondrivers/huawei.go index ce1d7f1b4b..5d955d362c 100644 --- a/pkg/compute/regiondrivers/huawei.go +++ b/pkg/compute/regiondrivers/huawei.go @@ -2124,10 +2124,6 @@ func (self *SHuaWeiRegionDriver) DealNatGatewaySpec(spec string) string { return "" } -func (self *SHuaWeiRegionDriver) IsSecurityGroupBelongVpc() bool { - return true -} - func (self *SHuaWeiRegionDriver) ValidateCreateDBInstanceData(ctx context.Context, userCred mcclient.TokenCredential, ownerId mcclient.IIdentityProvider, input api.DBInstanceCreateInput, skus []models.SDBInstanceSku, network *models.SNetwork) (api.DBInstanceCreateInput, error) { if len(input.MasterInstanceId) > 0 && input.Engine == api.DBINSTANCE_TYPE_SQLSERVER { return input, httperrors.NewInputParameterError("Not support create read-only dbinstance for %s", input.Engine) diff --git a/pkg/multicloud/ctyun/securitygroup.go b/pkg/multicloud/ctyun/securitygroup.go index fd76efe7af..22001b315f 100644 --- a/pkg/multicloud/ctyun/securitygroup.go +++ b/pkg/multicloud/ctyun/securitygroup.go @@ -28,7 +28,6 @@ import ( type SSecurityGroup struct { region *SRegion - vpc *SVpc ResSecurityGroupID string `json:"resSecurityGroupId"` Name string `json:"name"` @@ -354,7 +353,7 @@ func (self *SSecurityGroup) GetSecurityRule(remoteRule SSecurityGroupRule, withR func (self *SSecurityGroup) GetVpcId() string { if len(self.VpcID) == 0 { - return "normal" + return "classic" } return self.VpcID @@ -411,10 +410,13 @@ func (self *SRegion) GetSecurityGroups(vpcId string) ([]SSecurityGroup, error) { func (self *SRegion) CreateSecurityGroup(vpcId, name string) (*SSecurityGroup, error) { params := map[string]jsonutils.JSONObject{ "regionId": jsonutils.NewString(self.GetId()), - "vpcId": jsonutils.NewString(vpcId), "name": jsonutils.NewString(name), } + if len(vpcId) > 0 && (vpcId != "classic" && vpcId != "normal") { + params["vpcId"] = jsonutils.NewString(vpcId) + } + resp, err := self.client.DoPost("/apiproxy/v3/createSecurityGroup", params) if err != nil { return nil, errors.Wrap(err, "SRegion.CreateSecurityGroup.DoPost") @@ -430,12 +432,6 @@ func (self *SRegion) CreateSecurityGroup(vpcId, name string) (*SSecurityGroup, e return nil, errors.Wrap(err, "SRegion.CreateSecurityGroup.GetISecurityGroupById") } - vpc, err := self.GetVpc(vpcId) - if err != nil { - return nil, errors.Wrap(err, "SRegion.CreateSecurityGroup.GetVpc") - } - - secgroup.vpc = vpc secgroup.region = self return secgroup, nil } diff --git a/pkg/multicloud/ctyun/vpc.go b/pkg/multicloud/ctyun/vpc.go index c0aaab847e..ca5dc46616 100644 --- a/pkg/multicloud/ctyun/vpc.go +++ b/pkg/multicloud/ctyun/vpc.go @@ -149,7 +149,6 @@ func (self *SVpc) fetchSecurityGroups() error { self.secgroups = make([]cloudprovider.ICloudSecurityGroup, len(secgroups)) for i := 0; i < len(secgroups); i++ { - secgroups[i].vpc = self self.secgroups[i] = &secgroups[i] } diff --git a/pkg/multicloud/huawei/region.go b/pkg/multicloud/huawei/region.go index 315b95cd8e..21f72fcd26 100644 --- a/pkg/multicloud/huawei/region.go +++ b/pkg/multicloud/huawei/region.go @@ -724,7 +724,7 @@ func (self *SRegion) CreateSecurityGroup(vpcId string, name string, desc string) params := jsonutils.NewDict() secgroupObj := jsonutils.NewDict() secgroupObj.Add(jsonutils.NewString(name), "name") - if len(vpcId) > 0 { + if len(vpcId) > 0 && (vpcId != "classic" && vpcId != "normal") { secgroupObj.Add(jsonutils.NewString(vpcId), "vpc_id") } params.Add(secgroupObj, "security_group") diff --git a/pkg/multicloud/huawei/securitygroup.go b/pkg/multicloud/huawei/securitygroup.go index 608273e533..d5199dd864 100644 --- a/pkg/multicloud/huawei/securitygroup.go +++ b/pkg/multicloud/huawei/securitygroup.go @@ -59,7 +59,6 @@ type SecurityGroupRuleDetail struct { // https://support.huaweicloud.com/api-vpc/zh-cn_topic_0020090615.html type SSecurityGroup struct { region *SRegion - vpc *SVpc // 安全组对应的vpc可能为空 ID string `json:"id"` Name string `json:"name"` @@ -129,9 +128,9 @@ func (self *SSecurityGroup) GetId() string { } func (self *SSecurityGroup) GetVpcId() string { - // 无vpc关联的安全组统一返回normal + // 无vpc关联的安全组统一返回classic if len(self.VpcID) == 0 { - return "normal" + return "classic" } return self.VpcID @@ -286,10 +285,6 @@ func (self *SRegion) GetSecurityGroupDetails(secGroupId string) (*SSecurityGroup } securitygroup.region = self - if len(securitygroup.VpcID) > 0 && securitygroup.VpcID != "default" { - securitygroup.vpc, err = self.getVpc(securitygroup.VpcID) - } - return &securitygroup, err } @@ -306,27 +301,10 @@ func (self *SRegion) GetSecurityGroups(vpcId string, name string) ([]SSecurityGr return nil, err } - vpcCache := map[string]*SVpc{} + // security 中的vpc字段只是一个标识,实际可以跨vpc使用 for i := range securitygroups { securitygroup := &securitygroups[i] securitygroup.region = self - // 未绑定VPC的安全组 - // todo:确认 vpc_id = default的安全组有什么含义? - if len(securitygroup.VpcID) == 0 || securitygroup.VpcID == "default" { - continue - } - - if vpc, exists := vpcCache[securitygroup.VpcID]; exists { - securitygroup.vpc = vpc - } else { - vpc, err := self.getVpc(securitygroup.VpcID) - if err != nil { - return nil, err - } - - vpcCache[securitygroup.VpcID] = vpc - securitygroup.vpc = vpc - } } result := []SSecurityGroup{} diff --git a/pkg/multicloud/huawei/vpc.go b/pkg/multicloud/huawei/vpc.go index 6777e83dea..212956456d 100644 --- a/pkg/multicloud/huawei/vpc.go +++ b/pkg/multicloud/huawei/vpc.go @@ -87,16 +87,13 @@ func (self *SVpc) fetchNetworks() error { // 华为云安全组可以被同region的VPC使用 func (self *SVpc) fetchSecurityGroups() error { - // todo: vpc 和 安全组的关联关系还需要进一步确认。 secgroups, err := self.region.GetSecurityGroups("", "") if err != nil { return err } self.secgroups = make([]cloudprovider.ICloudSecurityGroup, len(secgroups)) - // 这里已经填充了vpc。 所以是不是不需要在GetSecurityGroups方法中填充vpc和region了? for i := 0; i < len(secgroups); i++ { - secgroups[i].vpc = self self.secgroups[i] = &secgroups[i] } return nil