- port_name = server_name + "-" + network.name + "-port"
- self.ports[network.name] = {"stack_name": port_name}
- template.add_port(port_name, network.stack_name,
- network.subnet_stack_name,
- sec_group_id=self.secgroup_name,
- provider=network.provider)
- port_name_list.append(port_name)
-
- if self.floating_ip:
- external_network = self.floating_ip["external_network"]
- if network.has_route_to(external_network):
- self.floating_ip["stack_name"] = server_name + "-fip"
- template.add_floating_ip(self.floating_ip["stack_name"],
- external_network,
- port_name,
- network.router.stack_if_name,
- self.secgroup_name)
- self.floating_ip_assoc["stack_name"] = \
- server_name + "-fip-assoc"
- template.add_floating_ip_association(
- self.floating_ip_assoc["stack_name"],
- self.floating_ip["stack_name"],
- port_name)
+ # if explicit mapping skip unused networks
+ if self.network_ports:
+ try:
+ ports = self.network_ports[network.name]
+ except KeyError:
+ # no port for this network
+ continue
+ else:
+ if isinstance(ports, six.string_types):
+ # because strings are iterable we have to check specifically
+ raise SyntaxError("network_port must be a list '{}'".format(ports))
+ # convert port subdicts into their just port name
+ # port subdicts are used to override Heat IP address,
+ # but we just need the port name
+ # we allow duplicates here and let Heat raise the error
+ ports = [next(iter(p)) if isinstance(p, dict) else p for p in ports]
+ # otherwise add a port for every network with port name as network name
+ else:
+ ports = [network.name]
+ net_flags = network.net_flags
+ for port in ports:
+ port_name = "{0}-{1}-port".format(server_name, port)
+ port_info = {"stack_name": port_name, "port": port}
+ if net_flags:
+ port_info['net_flags'] = net_flags
+ self.ports.setdefault(network.name, []).append(port_info)
+ # we can't use secgroups if port_security_enabled is False
+ if network.port_security_enabled is False:
+ sec_group_id = None
+ else:
+ # if port_security_enabled is None we still need to add to secgroup
+ sec_group_id = self.secgroup_name
+ # don't refactor to pass in network object, that causes JSON
+ # circular ref encode errors
+ template.add_port(port_name, network,
+ sec_group_id=sec_group_id,
+ provider=network.provider,
+ allowed_address_pairs=network.allowed_address_pairs)
+ if network.is_public():
+ port_name_list.insert(0, port_name)
+ else:
+ port_name_list.append(port_name)
+
+ if self.floating_ip:
+ external_network = self.floating_ip["external_network"]
+ if network.has_route_to(external_network):
+ self.floating_ip["stack_name"] = server_name + "-fip"
+ template.add_floating_ip(self.floating_ip["stack_name"],
+ external_network,
+ port_name,
+ network.router.stack_if_name,
+ sec_group_id)
+ self.floating_ip_assoc["stack_name"] = \
+ server_name + "-fip-assoc"
+ template.add_floating_ip_association(
+ self.floating_ip_assoc["stack_name"],
+ self.floating_ip["stack_name"],
+ port_name)