From 8f93669e7b52024e54e13ed2daaaf40a5c38f290 Mon Sep 17 00:00:00 2001 From: Dan Radez Date: Wed, 13 Jul 2016 17:07:19 -0400 Subject: Adding mock-detached util function and cleaning up util help output - mock-detached will add or remove firewall rules to block traffic that would pull resources from the internet durning a deploy These firewall rule may need to be added to, just starting with http and https traffic figuring that would block the majority of cases. - making updates to util help message according to: https://en.wikipedia.org/wiki/Usage_message Change-Id: I3c90999f977dd8f49c48399d312ed128b37bea6d Signed-off-by: Dan Radez --- ci/util.sh | 34 +++++++++++++++++++++++++++------- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/ci/util.sh b/ci/util.sh index f55e1e0f..ad7f0788 100755 --- a/ci/util.sh +++ b/ci/util.sh @@ -21,13 +21,19 @@ resolve_cmd() { } display_usage() { - echo -e "Usage:\n$0 [arguments] \n" - echo -e " undercloud : Connect to Undercloud VM as and execute command \n" - echo -e " Optional: Defaults to 'stack', Optional: Defaults to none\n" - echo -e " overcloud : Connect to an Overcloud and execute command \n" - echo -e " Required in format controller|compute. Example: controller0\n" - echo -e " Optional: Defaults to none\n" - echo -e " debug-stack : Print parsed deployment failures to stdout \n" + echo -e "Usage:\n$0 subcommand [ arguments ]\n" + echo -e "Arguments:\n" + echo -e " undercloud [ user [ command ] ] Connect to Undercloud VM as user and optionally execute a command\n" + echo -e " user Optional: Defaults to 'stack'\n" + echo -e " command Optional: Defaults to none\n" + echo -e "" + echo -e " overcloud [ node [ command ] ] Connect to an Overcloud node and optionally execute a command\n" + echo -e " node Required: in format controller|compute. Example: controller0\n" + echo -e " command Optional: Defaults to none\n" + echo -e "" + echo -e " debug-stack Print parsed deployment failures to stdout \n" + echo -e "" + echo -e " mock-detached on | off Add firewall rules to the jump host to mock a detached deployment \n" } ##translates the command line argument @@ -77,6 +83,20 @@ parse_cmdline() { undercloud_connect stack "$(typeset -f debug_stack); debug_stack" exit 0 ;; + mock-detached) + if [ "$2" == "on" ]; then + echo "Blocking output http and https traffic" + iptables -A OUTPUT -p tcp --dport 80 -j REJECT + iptables -A OUTPUT -p tcp --dport 443 -j REJECT + elif [ "$2" == "off" ]; then + echo "Allowing output http and https traffic" + iptables -D OUTPUT -p tcp --dport 80 -j REJECT + iptables -D OUTPUT -p tcp --dport 443 -j REJECT + else + display_usage + fi + exit 0 + ;; *) echo -e "\n\nThis script is used to interact with Apex deployments\n\n" echo "Use -h to display help" -- cgit 1.2.3-korg