From dacf2b5d84226f3844dfc0b949ef81446d4c353a Mon Sep 17 00:00:00 2001 From: Manuel Buil Date: Mon, 3 Sep 2018 17:02:53 +0200 Subject: Remove port security from vnfs when no-mano If the ports have security enabled, the traffic is dropped due to the anti-spoofing Change-Id: I6fbc63a3d959d9d55dfd1d64e12e1d0e7ec48bcb Signed-off-by: Manuel Buil --- sfc/lib/openstack_utils.py | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) (limited to 'sfc/lib') diff --git a/sfc/lib/openstack_utils.py b/sfc/lib/openstack_utils.py index 06d19eaa..6d890ebc 100644 --- a/sfc/lib/openstack_utils.py +++ b/sfc/lib/openstack_utils.py @@ -134,18 +134,25 @@ class OpenStackSFC: return sec_group def create_instance(self, vm_name, flavor_name, image_creator, network, - secgrp, av_zone, ports): + secgrp, av_zone, ports, port_security=True): logger.info("Creating the instance {}...".format(vm_name)) port_settings = [] for port in ports: - port_settings.append(PortConfig(name=port, - network_name=network.name)) - - instance_settings = VmInstanceConfig( - name=vm_name, flavor=flavor_name, - security_group_names=str(secgrp.name), - port_settings=port_settings, - availability_zone=av_zone) + port_settings.append( + PortConfig(name=port, + port_security_enabled=port_security, + network_name=network.name)) + if port_security: + instance_settings = VmInstanceConfig( + name=vm_name, flavor=flavor_name, + security_group_names=str(secgrp.name), + port_settings=port_settings, + availability_zone=av_zone) + else: + instance_settings = VmInstanceConfig( + name=vm_name, flavor=flavor_name, + port_settings=port_settings, + availability_zone=av_zone) instance_creator = cr_inst.OpenStackVmInstance( self.os_creds, -- cgit 1.2.3-korg