bugfix: delete extra firewalls in virtual deployment

Change-Id: I179b5aab51958c0cd4653e65bbd74df5cfd7c53e
Signed-off-by: SerenaFeng <feng.xiaowei@zte.com.cn>

3 files changed, 9 insertions, 1 deletions

diff --git a/ci/deploy/deploy.sh b/ci/deploy/deploy.sh
index 3118d083..050219bf 100755
--- a/ci/deploy/deploy.sh
+++ b/ci/deploy/deploy.sh
@@ -369,6 +369,12 @@ fi
 echo "====== post deploy ======"
 ssh $SSH_PARAS $DAISY_IP "bash $REMOTE_SPACE/deploy/post.sh -n $NETWORK"
 
+echo "====== disable iptable rules ======"
+sudo iptables -D FORWARD -o daisy1 -j REJECT --reject-with icmp-port-unreachable
+sudo iptables -D FORWARD -i daisy1 -j REJECT --reject-with icmp-port-unreachable
+sudo iptables -D FORWARD -o daisy2 -j REJECT --reject-with icmp-port-unreachable
+sudo iptables -D FORWARD -i daisy2 -j REJECT --reject-with icmp-port-unreachable
+
 echo "====== deploy successfully ======"
 
 exit 0
diff --git a/deploy/post.sh b/deploy/post.sh
index df3c280c..3fae69bc 100755
--- a/deploy/post.sh
+++ b/deploy/post.sh
@@ -46,3 +46,5 @@ do
 done
 
 python $PYTHONPATH/deploy/post/execute.py -nw $NETWORK
+openstack security group rule create --proto icmp default
+openstack security group rule create --proto tcp --dst-port 22 default
diff --git a/deploy/tempest.py b/deploy/tempest.py
index 3510528a..148e8ba3 100644
--- a/deploy/tempest.py
+++ b/deploy/tempest.py
@@ -217,7 +217,7 @@ def add_host_role(cluster_id, host_id, host_exp_name, host_real_name, vip):
         role_lb_update_meta = {'nodes': [host_id],
                                'cluster_id': cluster_id, 'vip': vip}
         client.roles.update(lb_role_id, **role_lb_update_meta)
-    if host_exp_name in ['computer01', 'computer02']:
+    if host_exp_name in ['computer01', 'computer02', 'computer03', 'computer04']:
         role_computer_update_meta = {'nodes': [host_id],
                                      'cluster_id': cluster_id}
         client.roles.update(computer_role_id, **role_computer_update_meta)