summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJingLu5 <lvjing5@huawei.com>2017-08-01 08:24:01 +0000
committerRoss Brattain <ross.b.brattain@intel.com>2017-08-01 13:21:21 +0000
commit90e5786f6e5bd3235e3d1c307782b8cae9d7b958 (patch)
tree1bafd5d49b7c6dc8d6ea84bdc5c7c94103254c99
parent5ad208bd8d0c1798179de226f28f1e1ec03033fa (diff)
Bugfix: port_security_enabled issue
JIRA: YARDSTICK-765 When port_security_enabled is not set, VMs are assigned with security group 'default'. When using 'default' security group, all egress traffic and intercommunication in the default group are allowed and all ingress from outside of the default group is dropped by default (in the default security group). This causes yardstick cannot ssh into VMs. If port_security_enabled is not set, we should still add the security group that created by yardstick to the VMs. Change-Id: Ifd22fb452e0077581b6900f8f51c4e3c342a30aa Signed-off-by: JingLu5 <lvjing5@huawei.com>
-rw-r--r--yardstick/benchmark/contexts/model.py7
1 files changed, 4 insertions, 3 deletions
diff --git a/yardstick/benchmark/contexts/model.py b/yardstick/benchmark/contexts/model.py
index aed1a3f60..2db96bade 100644
--- a/yardstick/benchmark/contexts/model.py
+++ b/yardstick/benchmark/contexts/model.py
@@ -257,10 +257,11 @@ class Server(Object): # pragma: no cover
port_name = server_name + "-" + network.name + "-port"
self.ports[network.name] = {"stack_name": port_name}
# we can't use secgroups if port_security_enabled is False
- if network.port_security_enabled:
- sec_group_id = self.secgroup_name
- else:
+ if network.port_security_enabled is False:
sec_group_id = None
+ else:
+ # if port_security_enabled is None we still need to add to secgroup
+ sec_group_id = self.secgroup_name
# don't refactor to pass in network object, that causes JSON
# circular ref encode errors
template.add_port(port_name, network.stack_name, network.subnet_stack_name,