ironic_inspector.pxe_filter.iptables module¶
- class ironic_inspector.pxe_filter.iptables.IptablesFilter[source]¶
Bases:
BaseFilterA PXE boot filtering interface implementation.
- init_filter()[source]¶
Base driver initialization logic. Locked.
- Raises:
InvalidFilterDriverState
- Returns:
nothing.
- reset()[source]¶
Reset internal driver state.
This method is called by the fsm_context manager upon exception as well as by the tear_down_filter method. A subclass might wish to override as necessary, though must not lock the driver. The overriding subclass should up-call.
- Returns:
nothing.
- sync(ironic)[source]¶
Sync firewall filter rules for introspection.
Gives access to PXE boot port for any machine, except for those, whose MAC is registered in Ironic and is not on introspection right now.
This function is called from both introspection initialization code and from periodic task. This function is supposed to be resistant to unexpected iptables state.
init()function must be called once before any call to this function. This function is usingeventletsemaphore to serialize access from different green threads.- Parameters:
ironic – an ironic client instance.
- Returns:
nothing.
