summaryrefslogtreecommitdiffstats
path: root/sdnvpn/lib/utils.py
diff options
context:
space:
mode:
authortomsou <soth@intracom-telecom.com>2017-03-28 12:20:37 +0000
committerNikolas Hermanns <nikolas.hermanns@ericsson.com>2017-04-03 14:07:28 +0000
commit2648675ac9e71f3de44c3a0c26135cdeec5c97d1 (patch)
tree9c2fb50d47ae8e262e5ee50493895ebaef770e1a /sdnvpn/lib/utils.py
parent85eb1a22ae325283a1e23677af4d784e66be694d (diff)
Fix security group rule conflict
-open_icmp_ssh function, that creates security group rules for icmp and http (here the name of the function is misleading), is splitted into 2 new functions one for each rule (open_icmp() and open_http_port()). Test cases that used the old function have been updated -In the original implementation of open_icmp_ssh() and open_bgp_port(), the direction parameter was missing. This was leading to an error message -A check for the existence of security group rule has been added and used before the creation of each security group rule. If a rule already exists, an info message is printed and the testcase continues This change is strongly dependent on https://gerrit.opnfv.org/gerrit/#/c/31925 of Functest repo. NOT TO BE MERGED before JIRA: SDNVPN-103 Change-Id: Icb96954556f6d7294cf3454f045dbca4b9be672d Signed-off-by: tomsou <soth@intracom-telecom.com> (cherry picked from commit 0e26e7dfd4ff41ae7c8389218bca138346864922)
Diffstat (limited to 'sdnvpn/lib/utils.py')
-rw-r--r--sdnvpn/lib/utils.py61
1 files changed, 48 insertions, 13 deletions
diff --git a/sdnvpn/lib/utils.py b/sdnvpn/lib/utils.py
index 90fce4a..eb59446 100644
--- a/sdnvpn/lib/utils.py
+++ b/sdnvpn/lib/utils.py
@@ -343,22 +343,57 @@ def assert_and_get_compute_nodes(nova_client, required_node_number=2):
return compute_nodes
-def open_icmp_ssh(neutron_client, security_group_id):
- os_utils.create_secgroup_rule(neutron_client,
- security_group_id,
- 'ingress',
- 'icmp')
- os_utils.create_secgroup_rule(neutron_client,
- security_group_id,
- 'tcp',
- 80, 80)
+def open_icmp(neutron_client, security_group_id):
+ if os_utils.check_security_group_rules(neutron_client,
+ security_group_id,
+ 'ingress',
+ 'icmp'):
+
+ if not os_utils.create_secgroup_rule(neutron_client,
+ security_group_id,
+ 'ingress',
+ 'icmp'):
+ logger.error("Failed to create icmp security group rule...")
+ else:
+ logger.info("This rule exists for security group: %s"
+ % security_group_id)
+
+
+def open_http_port(neutron_client, security_group_id):
+ if os_utils.check_security_group_rules(neutron_client,
+ security_group_id,
+ 'ingress',
+ 'tcp',
+ 80, 80):
+
+ if not os_utils.create_secgroup_rule(neutron_client,
+ security_group_id,
+ 'ingress',
+ 'tcp',
+ 80, 80):
+
+ logger.error("Failed to create http security group rule...")
+ else:
+ logger.info("This rule exists for security group: %s"
+ % security_group_id)
def open_bgp_port(neutron_client, security_group_id):
- os_utils.create_secgroup_rule(neutron_client,
- security_group_id,
- 'tcp',
- 179, 179)
+ if os_utils.check_security_group_rules(neutron_client,
+ security_group_id,
+ 'ingress',
+ 'tcp',
+ 179, 179):
+
+ if not os_utils.create_secgroup_rule(neutron_client,
+ security_group_id,
+ 'ingress',
+ 'tcp',
+ 179, 179):
+ logger.error("Failed to create bgp security group rule...")
+ else:
+ logger.info("This rule exists for security group: %s"
+ % security_group_id)
def exec_cmd(cmd, verbose):