diff options
author | Nikolas Hermanns <nikolas.hermanns@ericsson.com> | 2017-04-03 14:07:21 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@opnfv.org> | 2017-04-03 14:07:21 +0000 |
commit | 66d5110ec9e2fd504bc31a11592196b9d742c188 (patch) | |
tree | e407635d42de862c3df90568e7b3edb7a6372f11 | |
parent | 1754fe0cd71c3f28aad047fd125d2e2fd6590d7d (diff) | |
parent | 0e26e7dfd4ff41ae7c8389218bca138346864922 (diff) |
Merge "Fix security group rule conflict"
-rw-r--r-- | sdnvpn/lib/utils.py | 61 | ||||
-rw-r--r-- | sdnvpn/test/functest/testcase_3.py | 5 | ||||
-rw-r--r-- | sdnvpn/test/functest/testcase_7.py | 4 | ||||
-rw-r--r-- | sdnvpn/test/functest/testcase_8.py | 4 |
4 files changed, 58 insertions, 16 deletions
diff --git a/sdnvpn/lib/utils.py b/sdnvpn/lib/utils.py index 90fce4a..eb59446 100644 --- a/sdnvpn/lib/utils.py +++ b/sdnvpn/lib/utils.py @@ -343,22 +343,57 @@ def assert_and_get_compute_nodes(nova_client, required_node_number=2): return compute_nodes -def open_icmp_ssh(neutron_client, security_group_id): - os_utils.create_secgroup_rule(neutron_client, - security_group_id, - 'ingress', - 'icmp') - os_utils.create_secgroup_rule(neutron_client, - security_group_id, - 'tcp', - 80, 80) +def open_icmp(neutron_client, security_group_id): + if os_utils.check_security_group_rules(neutron_client, + security_group_id, + 'ingress', + 'icmp'): + + if not os_utils.create_secgroup_rule(neutron_client, + security_group_id, + 'ingress', + 'icmp'): + logger.error("Failed to create icmp security group rule...") + else: + logger.info("This rule exists for security group: %s" + % security_group_id) + + +def open_http_port(neutron_client, security_group_id): + if os_utils.check_security_group_rules(neutron_client, + security_group_id, + 'ingress', + 'tcp', + 80, 80): + + if not os_utils.create_secgroup_rule(neutron_client, + security_group_id, + 'ingress', + 'tcp', + 80, 80): + + logger.error("Failed to create http security group rule...") + else: + logger.info("This rule exists for security group: %s" + % security_group_id) def open_bgp_port(neutron_client, security_group_id): - os_utils.create_secgroup_rule(neutron_client, - security_group_id, - 'tcp', - 179, 179) + if os_utils.check_security_group_rules(neutron_client, + security_group_id, + 'ingress', + 'tcp', + 179, 179): + + if not os_utils.create_secgroup_rule(neutron_client, + security_group_id, + 'ingress', + 'tcp', + 179, 179): + logger.error("Failed to create bgp security group rule...") + else: + logger.info("This rule exists for security group: %s" + % security_group_id) def exec_cmd(cmd, verbose): diff --git a/sdnvpn/test/functest/testcase_3.py b/sdnvpn/test/functest/testcase_3.py index 09e71bd..2e6d6b0 100644 --- a/sdnvpn/test/functest/testcase_3.py +++ b/sdnvpn/test/functest/testcase_3.py @@ -52,6 +52,7 @@ def main(): if "running" in node.run_cmd("sudo systemctl status opendaylight")] computes = [node for node in openstack_nodes if node.is_compute()] + msg = ("Verify that OpenDaylight can start/communicate with zrpcd/Quagga") results.record_action(msg) results.add_to_summary(0, "-") @@ -151,7 +152,9 @@ def main(): sg_id = os_utils.create_security_group_full(neutron_client, TESTCASE_CONFIG.secgroup_name, TESTCASE_CONFIG.secgroup_descr) - test_utils.open_icmp_ssh(neutron_client, sg_id) + test_utils.open_icmp(neutron_client, sg_id) + test_utils.open_http_port(neutron_client, sg_id) + test_utils.open_bgp_port(neutron_client, sg_id) net_id, _, _ = test_utils.create_network(neutron_client, TESTCASE_CONFIG.net_1_name, diff --git a/sdnvpn/test/functest/testcase_7.py b/sdnvpn/test/functest/testcase_7.py index 3bc9afb..00e9eef 100644 --- a/sdnvpn/test/functest/testcase_7.py +++ b/sdnvpn/test/functest/testcase_7.py @@ -74,7 +74,9 @@ def main(): sg_id = os_utils.create_security_group_full(neutron_client, TESTCASE_CONFIG.secgroup_name, TESTCASE_CONFIG.secgroup_descr) - test_utils.open_icmp_ssh(neutron_client, sg_id) + test_utils.open_icmp(neutron_client, sg_id) + test_utils.open_http_port(neutron_client, sg_id) + vm_2 = test_utils.create_instance( nova_client, TESTCASE_CONFIG.instance_2_name, diff --git a/sdnvpn/test/functest/testcase_8.py b/sdnvpn/test/functest/testcase_8.py index 1fdfa00..dc479b5 100644 --- a/sdnvpn/test/functest/testcase_8.py +++ b/sdnvpn/test/functest/testcase_8.py @@ -73,7 +73,9 @@ def main(): sg_id = os_utils.create_security_group_full(neutron_client, TESTCASE_CONFIG.secgroup_name, TESTCASE_CONFIG.secgroup_descr) - test_utils.open_icmp_ssh(neutron_client, sg_id) + test_utils.open_icmp(neutron_client, sg_id) + test_utils.open_http_port(neutron_client, sg_id) + vm_2 = test_utils.create_instance( nova_client, TESTCASE_CONFIG.instance_2_name, |