neutron

How can I get quantum ports list associated with a security group

Asked by kedar kulkarni

Hi,

As we can get security groups associated with a quantum port when port-show is called, can we also get ports associated with a particular security group when security group show is called.

There is no quantum api to get this information,

Is there any specific reason that it is not provided?

What will you suggest me, because i need ports list associated with a security group.

Thank you in advance.

Question information

Language:
English Edit question
Status:
Solved
For:
neutron Edit question
Assignee:
No assignee Edit question
Solved by:
ZhiQiang Fan
Solved:
Last query:
Last reply:
Revision history for this message
Best ZhiQiang Fan (aji-zqfan) said : 		#1

when you want to update a port, you can use `quantum -v port-update 53b71c17-96e9-4a4d-ac1c-b14c46986ed6 -- --security-groups list=true b634eb8b-6548-4423-879e-fa8af0e14a3a` to alter security-groups via single command line, because the api /ports/port_id PUT method accept a request body, and the dict object is serialized to the request body. the -v option will let you see the interactive detials

when you want to filter ports, you can use command like `quantum -v port-list -- --status active` to filter ports which are active

sadly, the api /ports GET method doesn't require request body, and since the security-groups is a list object, it will not be recognized in the url, so i think there is no such way can support the port-list and filtered by security-groups in a single command

however, if you truly want it, you can write a shell script which may be very slow to get all ports and filter them by security-groups

good luck

Revision history for this message
kedar kulkarni (kedar-kulkarni) said : 		#2

So to solve this, i have written an extension which takes sgid as a parameter and retrieves ports associated with that security-group.

call _get_port_security_group_bindings to get the required information. pass sgid as a filter to this call.

Revision history for this message
kedar kulkarni (kedar-kulkarni) said : 		#3

Thanks Zhiqiang Fan, that solved my question.