Harmonize vxlan-tool calls

Renamed vxlan_firewall and vxlan_tool_stop to start_vxlan_tool and stop_vxlan_tool respectively. Added some comments to explain their behavior. Cleaned both functions to use ".format()" string formatting, which improves readability. Modified behavior of start_vxlan_tool: now it does NOT block traffic by default Change-Id: I6754b020a474be1e9adf2d83e7c9f5053930b702 Signed-off-by: Juan Vidal <juan.vidal.allende@ericsson.com>
author: Juan Vidal <juan.vidal.allende@ericsson.com> 2017-03-24 15:16:21 +0000
committer: Juan Vidal <juan.vidal.allende@ericsson.com> 2017-04-05 09:54:53 +0000
commit: 8a66eac4bbb898d943d461845e371381425a9cf7 (patch)
tree: 3439ef943c73f78fc5f7b137a665c922a28a2399 /sfc
parent: 6d6d321145befb9f823a9d8af40e5dce83f0dbc7 (diff)
4 files changed, 38 insertions, 26 deletions
diff --git a/sfc/lib/utils.py b/sfc/lib/utils.py
index ba29a8a6..fb14ff60 100644
--- a/sfc/lib/utils.py
+++ b/sfc/lib/utils.py
@@ -240,8 +240,8 @@ def create_instance(nova_client, name, flavor, image_id, network_id, sg_id,
 
 def ping(remote, retries=100, retry_timeout=1):
     cmd = 'ping -c1 -w{timeout} {remote}'.format(
-           timeout=retry_timeout,
-           remote=remote)
+          timeout=retry_timeout,
+          remote=remote)
 
     while retries > 0:
         rc, _, _ = run_cmd(cmd)
@@ -305,20 +305,32 @@ def start_http_server(ip):
     return True
 
 
-def vxlan_firewall(sf, iface="eth0", port="22", block=True):
-    """Set firewall using vxlan_tool.py on a given machine, Can be VM"""
-    cmd = "python vxlan_tool.py -i %s -d forward -v off" % iface
-    if block:
-        cmd = "python vxlan_tool.py -i eth0 -d forward -v off -b %s" % port
+def start_vxlan_tool(remote_ip, interface="eth0", block=None):
+    """
+    Starts vxlan_tool on a remote host.
+    vxlan_tool.py converts a regular Service Function into a NSH-aware SF
+    when the "--do forward" option is used, it decrements the NSI appropiately.
+    'block' parameters allows to specify a port where packets will be dropped.
+    """
+    command = "nohup python /root/vxlan_tool.py"
+    options = "{do} {interface} {block_option}".format(
+        do="--do forward",
+        interface="--interface {}".format(interface),
+        block_option="--block {}".format(block) if block is not None else "")
+    output_redirection = "> /dev/null 2>&1"
+
+    full_command = "{command} {options} {output_redirection} &".format(
+        command=command,
+        options=options,
+        output_redirection=output_redirection)
 
-    cmd = "sh -c 'cd /root;nohup " + cmd + " > /dev/null 2>&1 &'"
-    run_cmd_remote(sf, cmd)
-    time.sleep(7)
+    return run_cmd_remote(remote_ip, full_command)
 
 
-def vxlan_tool_stop(sf):
-    cmd = "pkill -f vxlan_tool.py"
-    run_cmd_remote(sf, cmd)
+def stop_vxlan_tool(remote_ip):
+    """ Stops vxlan_tool on a remote host"""
+    command = "pkill -f vxlan_tool.py"
+    return run_cmd_remote(remote_ip, command)
 
 
 def netcat(source_ip, destination_ip, destination_port, source_port=None,
@@ -540,8 +552,7 @@ def wait_for_classification_rules(ovs_logger, compute_nodes, odl_ip, odl_port,
             time.sleep(1)
 
         if timeout <= 0:
-            logger.error(
-                    "Timeout but classification rules are not updated")
+            logger.error("Timeout but classification rules are not updated")
 
     except Exception, e:
         logger.error('Error when waiting for classification rules: %s' % e)
diff --git a/sfc/tests/functest/sfc_one_chain_two_service_functions.py b/sfc/tests/functest/sfc_one_chain_two_service_functions.py
index bdf6f1b4..d28c6178 100644
--- a/sfc/tests/functest/sfc_one_chain_two_service_functions.py
+++ b/sfc/tests/functest/sfc_one_chain_two_service_functions.py
@@ -198,10 +198,9 @@ def main():
             '\033[91mFailed to start HTTP server on %s\033[0m' % server_ip)
         sys.exit(1)
 
-    logger.info("Starting vxlan_tool on %s" % sf2)
-    test_utils.vxlan_firewall(sf2, block=False)
-    logger.info("Starting vxlan_tool on %s" % sf1)
-    test_utils.vxlan_firewall(sf1, block=False)
+    for sf in (sf1, sf2):
+        logger.info("Starting vxlan_tool on %s" % sf)
+        test_utils.start_vxlan_tool(sf)
 
     logger.info("Wait for ODL to update the classification rules in OVS")
     t1.join()
@@ -219,8 +218,9 @@ def main():
     logger.info("Changing the vxlan_tool to block HTTP traffic")
 
     # Make SF1 block now http traffic
-    test_utils.vxlan_tool_stop(sf1)
-    test_utils.vxlan_firewall(sf1, port="80")
+    test_utils.stop_vxlan_tool(sf1)
+    logger.info("Starting HTTP firewall on %s" % sf1)
+    test_utils.start_vxlan_tool(sf1, block="80")
 
     logger.info("Test HTTP again")
     if test_utils.is_http_blocked(client_ip, srv_prv_ip):
diff --git a/sfc/tests/functest/sfc_symmetric_chain.py b/sfc/tests/functest/sfc_symmetric_chain.py
index 7f58f770..1a699ca3 100644
--- a/sfc/tests/functest/sfc_symmetric_chain.py
+++ b/sfc/tests/functest/sfc_symmetric_chain.py
@@ -216,7 +216,7 @@ def main():
 
     blocked_port = TESTCASE_CONFIG.blocked_source_port
     logger.info("Firewall started, blocking traffic port %d" % blocked_port)
-    test_utils.vxlan_firewall(sf_floating_ip, port=blocked_port)
+    test_utils.start_vxlan_tool(sf_floating_ip, block=blocked_port)
 
     logger.info("Wait for ODL to update the classification rules in OVS")
     t1.join()
@@ -234,7 +234,8 @@ def main():
         results.add_to_summary(2, "FAIL", "HTTP works")
 
     logger.info("Test if HTTP from port %s is blocked" % blocked_port)
-    if test_utils.is_http_blocked(client_floating_ip, server_ip, blocked_port):
+    if test_utils.is_http_blocked(
+            client_floating_ip, server_ip, blocked_port):
         results.add_to_summary(2, "PASS", "HTTP Blocked")
     else:
         error = ('\033[91mTEST 2 [FAILED] ==> HTTP WORKS\033[0m')
diff --git a/sfc/tests/functest/sfc_two_chains_SSH_and_HTTP.py b/sfc/tests/functest/sfc_two_chains_SSH_and_HTTP.py
index 2c688412..a774672d 100644
--- a/sfc/tests/functest/sfc_two_chains_SSH_and_HTTP.py
+++ b/sfc/tests/functest/sfc_two_chains_SSH_and_HTTP.py
@@ -213,10 +213,10 @@ def main():
             '\033[91mFailed to start HTTP server on %s\033[0m' % server_ip)
         sys.exit(1)
 
-    logger.info("Starting HTTP firewall on %s" % sf2)
-    test_utils.vxlan_firewall(sf2, port="80")
     logger.info("Starting SSH firewall on %s" % sf1)
-    test_utils.vxlan_firewall(sf1, port="22")
+    test_utils.start_vxlan_tool(sf1, block="22")
+    logger.info("Starting HTTP firewall on %s" % sf2)
+    test_utils.start_vxlan_tool(sf2, block="80")
 
     logger.info("Wait for ODL to update the classification rules in OVS")
     t1.join()
author	Juan Vidal <juan.vidal.allende@ericsson.com>	2017-03-24 15:16:21 +0000
committer	Juan Vidal <juan.vidal.allende@ericsson.com>	2017-04-05 09:54:53 +0000
commit	8a66eac4bbb898d943d461845e371381425a9cf7 (patch)
tree	3439ef943c73f78fc5f7b137a665c922a28a2399 /sfc
parent	6d6d321145befb9f823a9d8af40e5dce83f0dbc7 (diff)