From 691565bc0a854ffd08fbdc42d42e349f144c1975 Mon Sep 17 00:00:00 2001 From: Alon Kochba Date: Tue, 1 Nov 2016 11:29:56 +0200 Subject: [PATCH] Add SG configuration to netvirt vpnservice suite VMs Change-Id: I836686f1a20481140d47f79a627067cc0c39a298 Signed-off-by: Alon Kochba --- csit/libraries/OpenStackOperations.robot | 8 +++--- .../vpnservice/basic_vpnservice.robot | 26 +++++++++++++------ 2 files changed, 22 insertions(+), 12 deletions(-) diff --git a/csit/libraries/OpenStackOperations.robot b/csit/libraries/OpenStackOperations.robot index e3f01cc23b..522d94c210 100644 --- a/csit/libraries/OpenStackOperations.robot +++ b/csit/libraries/OpenStackOperations.robot @@ -77,11 +77,11 @@ Create SubNet Should Contain ${output} Created a new subnet Create Port - [Arguments] ${network_name} ${port_name} + [Arguments] ${network_name} ${port_name} ${sg}=default [Documentation] Create Port with neutron request. ${devstack_conn_id}= Get ControlNode Connection Switch Connection ${devstack_conn_id} - ${output}= Write Commands Until Prompt neutron -v port-create ${network_name} --name ${port_name} 30s + ${output}= Write Commands Until Prompt neutron -v port-create ${network_name} --name ${port_name} --security-group ${sg} 30s Close Connection Log ${output} Should Contain ${output} Created a new port @@ -197,13 +197,13 @@ Create Vm Instances \ Wait Until Keyword Succeeds 25s 5s Verify VM Is ACTIVE ${VmElement} Create Vm Instance With Port On Compute Node - [Arguments] ${port_name} ${vm_instance_name} ${compute_node} ${image}=cirros-0.3.4-x86_64-uec ${flavor}=m1.nano + [Arguments] ${port_name} ${vm_instance_name} ${compute_node} ${image}=cirros-0.3.4-x86_64-uec ${flavor}=m1.nano ${sg}=default [Documentation] Create One VM instance using given ${port_name} and for given ${compute_node} ${devstack_conn_id}= Get ControlNode Connection Switch Connection ${devstack_conn_id} ${port_id}= Get Port Id ${port_name} ${devstack_conn_id} ${hostname_compute_node}= Run Command On Remote System ${compute_node} hostname - ${output}= Write Commands Until Prompt nova boot --image ${image} --flavor ${flavor} --nic port-id=${port_id} ${vm_instance_name} --availability-zone nova:${hostname_compute_node} 30s + ${output}= Write Commands Until Prompt nova boot --image ${image} --flavor ${flavor} --nic port-id=${port_id} ${vm_instance_name} --security-groups ${sg} --availability-zone nova:${hostname_compute_node} 30s Log ${output} Wait Until Keyword Succeeds 25s 5s Verify VM Is ACTIVE ${vm_instance_name} diff --git a/csit/suites/openstack/vpnservice/basic_vpnservice.robot b/csit/suites/openstack/vpnservice/basic_vpnservice.robot index 69eb0fb1d5..d34ba938da 100644 --- a/csit/suites/openstack/vpnservice/basic_vpnservice.robot +++ b/csit/suites/openstack/vpnservice/basic_vpnservice.robot @@ -57,12 +57,22 @@ Create Neutron Subnets Should Contain ${SUB_LIST} ${SUBNETS[0]} Should Contain ${SUB_LIST} ${SUBNETS[1]} +Add Ssh Allow Rule + [Documentation] Allow all TCP/UDP/ICMP packets for this suite + Neutron Security Group Create sg-vpnservice + Neutron Security Group Rule Create sg-vpnservice direction=ingress port_range_max=65535 port_range_min=1 protocol=tcp remote_ip_prefix=0.0.0.0/0 + Neutron Security Group Rule Create sg-vpnservice direction=egress port_range_max=65535 port_range_min=1 protocol=tcp remote_ip_prefix=0.0.0.0/0 + Neutron Security Group Rule Create sg-vpnservice direction=ingress protocol=icmp remote_ip_prefix=0.0.0.0/0 + Neutron Security Group Rule Create sg-vpnservice direction=egress protocol=icmp remote_ip_prefix=0.0.0.0/0 + Neutron Security Group Rule Create sg-vpnservice direction=ingress port_range_max=65535 port_range_min=1 protocol=udp remote_ip_prefix=0.0.0.0/0 + Neutron Security Group Rule Create sg-vpnservice direction=egress port_range_max=65535 port_range_min=1 protocol=udp remote_ip_prefix=0.0.0.0/0 + Create Neutron Ports [Documentation] Create four ports under previously created subnets - Create Port ${NETWORKS[0]} ${PORT_LIST[0]} - Create Port ${NETWORKS[0]} ${PORT_LIST[1]} - Create Port ${NETWORKS[1]} ${PORT_LIST[2]} - Create Port ${NETWORKS[1]} ${PORT_LIST[3]} + Create Port ${NETWORKS[0]} ${PORT_LIST[0]} sg=sg-vpnservice + Create Port ${NETWORKS[0]} ${PORT_LIST[1]} sg=sg-vpnservice + Create Port ${NETWORKS[1]} ${PORT_LIST[2]} sg=sg-vpnservice + Create Port ${NETWORKS[1]} ${PORT_LIST[3]} sg=sg-vpnservice Check OpenDaylight Neutron Ports [Documentation] Checking OpenDaylight Neutron API for known ports @@ -72,10 +82,10 @@ Check OpenDaylight Neutron Ports Create Nova VMs [Documentation] Create Vm instances on compute node with port - Create Vm Instance With Port On Compute Node ${PORT_LIST[0]} ${VM_INSTANCES[0]} ${OS_COMPUTE_1_IP} - Create Vm Instance With Port On Compute Node ${PORT_LIST[1]} ${VM_INSTANCES[1]} ${OS_COMPUTE_2_IP} - Create Vm Instance With Port On Compute Node ${PORT_LIST[2]} ${VM_INSTANCES[2]} ${OS_COMPUTE_1_IP} - Create Vm Instance With Port On Compute Node ${PORT_LIST[3]} ${VM_INSTANCES[3]} ${OS_COMPUTE_2_IP} + Create Vm Instance With Port On Compute Node ${PORT_LIST[0]} ${VM_INSTANCES[0]} ${OS_COMPUTE_1_IP} sg=sg-vpnservice + Create Vm Instance With Port On Compute Node ${PORT_LIST[1]} ${VM_INSTANCES[1]} ${OS_COMPUTE_2_IP} sg=sg-vpnservice + Create Vm Instance With Port On Compute Node ${PORT_LIST[2]} ${VM_INSTANCES[2]} ${OS_COMPUTE_1_IP} sg=sg-vpnservice + Create Vm Instance With Port On Compute Node ${PORT_LIST[3]} ${VM_INSTANCES[3]} ${OS_COMPUTE_2_IP} sg=sg-vpnservice Log Check for routes Wait Until Keyword Succeeds 30s 10s Wait For Routes To Propogate -- 2.36.6