本文整理汇总了Python中marvin.lib.base.FireWallRule类的典型用法代码示例。如果您正苦于以下问题:Python FireWallRule类的具体用法?Python FireWallRule怎么用?Python FireWallRule使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了FireWallRule类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: createNetworkRulesForVM
def createNetworkRulesForVM(apiclient, virtualmachine, ruletype,
account, networkruledata):
"""Acquire IP, create Firewall and NAT/StaticNAT rule
(associating it with given vm) for that IP"""
try:
public_ip = PublicIPAddress.create(
apiclient,accountid=account.name,
zoneid=virtualmachine.zoneid,domainid=account.domainid,
networkid=virtualmachine.nic[0].networkid)
FireWallRule.create(
apiclient,ipaddressid=public_ip.ipaddress.id,
protocol='TCP', cidrlist=[networkruledata["fwrule"]["cidr"]],
startport=networkruledata["fwrule"]["startport"],
endport=networkruledata["fwrule"]["endport"]
)
if ruletype == NAT_RULE:
# Create NAT rule
NATRule.create(apiclient, virtualmachine,
networkruledata["natrule"],ipaddressid=public_ip.ipaddress.id,
networkid=virtualmachine.nic[0].networkid)
elif ruletype == STATIC_NAT_RULE:
# Enable Static NAT for VM
StaticNATRule.enable(apiclient,public_ip.ipaddress.id,
virtualmachine.id, networkid=virtualmachine.nic[0].networkid)
except Exception as e:
[FAIL, e]
return [PASS, public_ip]
示例2: create_vm
def create_vm(self, pfrule=False, egress_policy=True, RR=False):
self.create_network_offering(egress_policy, RR)
# Creating network using the network offering created
self.debug("Creating network with network offering: %s" % self.network_offering.id)
self.network = Network.create(
self.apiclient,
self.services["network"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=self.network_offering.id,
zoneid=self.zone.id,
)
self.debug("Created network with ID: %s" % self.network.id)
self.debug("Deploying instance in the account: %s" % self.account.name)
project = None
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.domain.id,
serviceofferingid=self.service_offering.id,
mode=self.zone.networktype if pfrule else "basic",
networkids=[str(self.network.id)],
projectid=project.id if project else None,
)
self.debug("Deployed instance %s in account: %s" % (self.virtual_machine.id, self.account.name))
# Checking if VM is running or not, in case it is deployed in error state, test case fails
self.vm_list = list_virtual_machines(self.apiclient, id=self.virtual_machine.id)
self.assertEqual(validateList(self.vm_list)[0], PASS, "vm list validation failed, vm list is %s" % self.vm_list)
self.assertEqual(
str(self.vm_list[0].state).lower(),
"running",
"VM state should be running, it is %s" % self.vm_list[0].state,
)
self.public_ip = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=self.network.id,
)
# Open up firewall port for SSH
FireWallRule.create(
self.apiclient,
ipaddressid=self.public_ip.ipaddress.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=["0.0.0.0/0"],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"],
)
self.debug("Creating NAT rule for VM ID: %s" % self.virtual_machine.id)
# Create NAT rule
NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], self.public_ip.ipaddress.id)
return
示例3: acquire_Public_Ip
def acquire_Public_Ip(self):
"""Acquires the public IP"""
try:
self.debug("Acquiring public IP for account: %s" %
self.account.name)
public_ip = PublicIPAddress.create(
self.apiclient,
self.virtual_machine.account,
self.virtual_machine.zoneid,
self.virtual_machine.domainid,
self.services["virtual_machine"]
)
self.debug("Acquired public IP: %s" %
public_ip.ipaddress.ipaddress)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.ipaddress.id,
protocol='TCP',
cidrlist=[self.services["fwrule"]["cidr"]],
startport=self.services["fwrule"]["startport"],
endport=self.services["fwrule"]["endport"]
)
return public_ip
except Exception as e:
self.fail("Failed to acquire new public IP: %s" % e)
示例4: test_router_dns_guestipquery
def test_router_dns_guestipquery(self):
"""Checks that guest VM can query VR DNS"""
self.logger.debug("Starting test_router_dns_guestipquery...")
public_ip = self.test_router_common()[0]
self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.id,
protocol=self.services["natrule1"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule1"]["publicport"],
endport=self.services["natrule1"]["publicport"]
)
self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm.id)
nat_rule1 = NATRule.create(
self.apiclient,
self.vm,
self.services["natrule1"],
public_ip.id
)
nat_rules = list_nat_rules(
self.apiclient,
id=nat_rule1.id
)
self.assertEqual(
isinstance(nat_rules, list),
True,
"Check for list NAT rules response return valid data"
)
self.assertTrue(
len(nat_rules) >= 1,
"Check for list NAT rules to have at least one rule"
)
self.assertEqual(
nat_rules[0].state,
'Active',
"Check list port forwarding rules"
)
result = None
try:
self.logger.debug("SSH into guest VM with IP: %s" % nat_rule1.ipaddress)
ssh = self.vm.get_ssh_client(ipaddress=nat_rule1.ipaddress, port=self.services['natrule1']["publicport"], retries=8)
result = str(ssh.execute("nslookup google.com"))
except Exception as e:
self.fail("Failed to SSH into VM - %s due to exception: %s" % (nat_rule1.ipaddress, e))
if not result:
self.fail("Did not to receive any response from the guest VM, failing.")
self.assertTrue("google.com" in result and "#53" in result,
"VR DNS should serve requests from guest network, unable to get valid nslookup result from guest VM.")
示例5: test_isolate_network_FW_PF_default_routes
def test_isolate_network_FW_PF_default_routes(self):
"""Stop existing router, add a PF rule and check we can access the VM """
self.logger.debug("Starting test_isolate_network_FW_PF_default_routes...")
routers = list_routers(self.apiclient, account=self.account.name, domainid=self.account.domainid)
self.assertEqual(isinstance(routers, list), True, "Check for list routers response return valid data")
self.assertNotEqual(len(routers), 0, "Check list router response")
router = routers[0]
self.assertEqual(router.state, "Running", "Check list router response for router state")
public_ips = list_publicIP(
self.apiclient, account=self.account.name, domainid=self.account.domainid, zoneid=self.zone.id
)
self.assertEqual(isinstance(public_ips, list), True, "Check for list public IPs response return valid data")
public_ip = public_ips[0]
self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_1.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=["0.0.0.0/0"],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"],
)
self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_1.id)
# Create NAT rule
nat_rule = NATRule.create(self.apiclient, self.vm_1, self.services["natrule"], public_ip.id)
nat_rules = list_nat_rules(self.apiclient, id=nat_rule.id)
self.assertEqual(isinstance(nat_rules, list), True, "Check for list NAT rules response return valid data")
self.assertEqual(nat_rules[0].state, "Active", "Check list port forwarding rules")
result = "failed"
try:
ssh_command = "ping -c 3 8.8.8.8"
self.logger.debug("SSH into VM with ID: %s" % nat_rule.ipaddress)
ssh = self.vm_1.get_ssh_client(
ipaddress=nat_rule.ipaddress, port=self.services["natrule"]["publicport"], retries=5
)
result = str(ssh.execute(ssh_command))
self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 packets received")))
except:
self.fail("Failed to SSH into VM - %s" % (public_ip.ipaddress.ipaddress))
self.assertEqual(result.count("3 packets received"), 1, "Ping to outside world from VM should be successful")
return
示例6: setUp
def setUp(self):
self.apiclient = self.testClient.getApiClient()
self.dbclient = self.testClient.getDbConnection()
self.account = Account.create(
self.apiclient,
self.services["account"],
domainid=self.domain.id
)
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
self.virtual_machine_2 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
self.public_ip = PublicIPAddress.create(
self.apiclient,
self.virtual_machine.account,
self.virtual_machine.zoneid,
self.virtual_machine.domainid,
self.services["virtual_machine"]
)
FireWallRule.create(
self.apiclient,
ipaddressid=self.public_ip.ipaddress.id,
protocol='TCP',
cidrlist=[self.services["fwrule"]["cidr"]],
startport=self.services["fwrule"]["startport"],
endport=self.services["fwrule"]["endport"]
)
self.cleanup = [self.account, ]
return
示例7: deploy_firewallrule
def deploy_firewallrule(self, firewallrule, publicipaddress):
firewall = FireWallRule.create(
self.api_client,
data=firewallrule['data'],
ipaddress=publicipaddress
)
self.logger.debug('>>> ISOLATED NETWORKS FIREWALL RULE => ID: %s => Start Port: %s '
'=> End Port: %s => CIDR: %s => Protocol: %s => State: %s '
'=> Network: %s => IP: %s',
firewall.id, firewall.startport, firewall.endport, firewall.cidrlist,
firewall.protocol, firewall.state, firewall.networkid, firewall.ipaddress)
示例8: create_FirewallRule
def create_FirewallRule(self, public_ip, rule=None):
if not rule:
rule = self.test_data["ingress_rule"]
self.debug("Adding an Ingress Firewall rule to make Guest VMs accessible through Static NAT - %s" % rule)
return FireWallRule.create(self.api_client,
ipaddressid=public_ip.ipaddress.id,
protocol=rule["protocol"],
cidrlist=rule["cidrlist"],
startport=rule["startport"],
endport=rule["endport"]
)
示例9: createNetworkRules
def createNetworkRules(self, rule, ipaddressobj, networkid):
""" Create specified rule on acquired public IP and
default network of virtual machine
"""
# Open up firewall port for SSH
self.fw_rule = FireWallRule.create(
self.apiclient,
ipaddressid=ipaddressobj.ipaddress.id,
protocol=self.services["fwrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["fwrule"]["startport"],
endport=self.services["fwrule"]["endport"]
)
if rule == STATIC_NAT_RULE:
StaticNATRule.enable(
self.apiclient,
ipaddressobj.ipaddress.id,
self.virtual_machine.id,
networkid
)
elif rule == LB_RULE:
self.lb_rule = LoadBalancerRule.create(
self.apiclient,
self.services["lbrule"],
ipaddressid=ipaddressobj.ipaddress.id,
accountid=self.account.name,
networkid=self.virtual_machine.nic[0].networkid,
domainid=self.account.domainid)
vmidipmap = [{"vmid": str(self.virtual_machine.id),
"vmip": str(self.virtual_machine.nic[0].ipaddress)}]
self.lb_rule.assign(
self.apiclient,
vmidipmap=vmidipmap
)
else:
self.nat_rule = NATRule.create(
self.apiclient,
self.virtual_machine,
self.services["natrule"],
ipaddressobj.ipaddress.id
)
return
示例10: test_router_dhcphosts
def test_router_dhcphosts(self):
"""Check that the /etc/dhcphosts.txt doesn't contain duplicate IPs"""
self.logger.debug("Starting test_router_dhcphosts...")
routers = list_routers(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid
)
self.assertEqual(
isinstance(routers, list),
True,
"Check for list routers response return valid data"
)
self.assertNotEqual(
len(routers),
0,
"Check list router response"
)
router = routers[0]
self.assertEqual(
router.state,
'Running',
"Check list router response for router state"
)
public_ips = list_publicIP(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
zoneid=self.zone.id
)
self.assertEqual(
isinstance(public_ips, list),
True,
"Check for list public IPs response return valid data"
)
public_ip = public_ips[0]
self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_1.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.id,
protocol=self.services["natrule1"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule1"]["publicport"],
endport=self.services["natrule1"]["publicport"]
)
self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_1.id)
# Create NAT rule
nat_rule1 = NATRule.create(
self.apiclient,
self.vm_1,
self.services["natrule1"],
public_ip.id
)
self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_2.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.id,
protocol=self.services["natrule2"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule2"]["publicport"],
endport=self.services["natrule2"]["publicport"]
)
self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_2.id)
# Create NAT rule
nat_rule2 = NATRule.create(
self.apiclient,
self.vm_2,
self.services["natrule2"],
public_ip.id
)
nat_rules = list_nat_rules(
self.apiclient,
id=nat_rule1.id
)
self.assertEqual(
isinstance(nat_rules, list),
True,
"Check for list NAT rules response return valid data"
)
self.assertEqual(
nat_rules[0].state,
'Active',
"Check list port forwarding rules"
)
nat_rules = list_nat_rules(
self.apiclient,
#.........这里部分代码省略.........
示例11: test_isolate_network_password_server
def test_isolate_network_password_server(self):
"""Check the password file in the Router VM"""
self.logger.debug("Starting test_isolate_network_password_server...")
routers = list_routers(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid
)
self.assertEqual(
isinstance(routers, list),
True,
"Check for list routers response return valid data"
)
self.assertNotEqual(
len(routers),
0,
"Check list router response"
)
router = routers[0]
self.assertEqual(
router.state,
'Running',
"Check list router response for router state"
)
public_ips = list_publicIP(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
zoneid=self.zone.id
)
self.assertEqual(
isinstance(public_ips, list),
True,
"Check for list public IPs response return valid data"
)
public_ip = public_ips[0]
self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_1.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.id,
protocol=self.services["natrule1"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule1"]["publicport"],
endport=self.services["natrule1"]["publicport"]
)
self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_1.id)
# Create NAT rule
nat_rule1 = NATRule.create(
self.apiclient,
self.vm_1,
self.services["natrule1"],
public_ip.id
)
self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_2.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.id,
protocol=self.services["natrule2"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule2"]["publicport"],
endport=self.services["natrule2"]["publicport"]
)
self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_2.id)
# Create NAT rule
nat_rule2 = NATRule.create(
self.apiclient,
self.vm_2,
self.services["natrule2"],
public_ip.id
)
nat_rules = list_nat_rules(
self.apiclient,
id=nat_rule1.id
)
self.assertEqual(
isinstance(nat_rules, list),
True,
"Check for list NAT rules response return valid data"
)
self.assertEqual(
nat_rules[0].state,
'Active',
"Check list port forwarding rules"
)
nat_rules = list_nat_rules(
self.apiclient,
#.........这里部分代码省略.........
示例12: test_02_isolate_network_FW_PF_default_routes_egress_false
def test_02_isolate_network_FW_PF_default_routes_egress_false(self):
""" Test redundant router internals """
self.logger.debug("Starting test_02_isolate_network_FW_PF_default_routes_egress_false...")
self.logger.debug("Creating Network Offering with default egress FALSE")
network_offering_egress_false = NetworkOffering.create(self.apiclient,
self.services["network_offering_egress_false"],
conservemode=True)
network_offering_egress_false.update(self.apiclient, state='Enabled')
self.logger.debug("Creating Network with Network Offering ID %s" % network_offering_egress_false.id)
network = Network.create(self.apiclient,
self.services["network"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=network_offering_egress_false.id,
zoneid=self.zone.id)
self.logger.debug("Deploying Virtual Machine on Network %s" % network.id)
virtual_machine = VirtualMachine.create(self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.domain.id,
serviceofferingid=self.service_offering.id,
networkids=[str(network.id)])
self.logger.debug("Deployed VM in network: %s" % network.id)
self.cleanup.insert(0, network_offering_egress_false)
self.cleanup.insert(0, network)
self.cleanup.insert(0, virtual_machine)
self.logger.debug("Starting test_isolate_network_FW_PF_default_routes...")
routers = list_routers(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid
)
self.assertEqual(
isinstance(routers, list),
True,
"Check for list routers response return valid data"
)
self.assertNotEqual(
len(routers),
0,
"Check list router response"
)
router = routers[0]
self.assertEqual(
router.state,
'Running',
"Check list router response for router state"
)
public_ips = list_publicIP(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
zoneid=self.zone.id
)
self.assertEqual(
isinstance(public_ips, list),
True,
"Check for list public IPs response return valid data"
)
public_ip = public_ips[0]
self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"]
)
self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
# Create NAT rule
nat_rule = NATRule.create(
self.apiclient,
virtual_machine,
self.services["natrule"],
public_ip.id
)
nat_rules = list_nat_rules(
self.apiclient,
id=nat_rule.id
)
self.assertEqual(
#.........这里部分代码省略.........
示例13: test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false
#.........这里部分代码省略.........
self.logger.debug("Listing routers for network: %s" % network.name)
routers = Router.list(
self.apiclient,
networkid=network.id,
listall=True
)
self.assertEqual(
isinstance(routers, list),
True,
"list router should return Master and backup routers"
)
self.assertEqual(
len(routers),
2,
"Length of the list router should be 2 (Backup & master)"
)
public_ips = list_publicIP(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
zoneid=self.zone.id
)
self.assertEqual(
isinstance(public_ips, list),
True,
"Check for list public IPs response return valid data"
)
public_ip = public_ips[0]
self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"]
)
self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
nat_rule = NATRule.create(
self.apiclient,
virtual_machine,
self.services["natrule"],
public_ip.id
)
expected = 0
ssh_command = "ping -c 3 8.8.8.8"
check_string = " 0% packet loss"
result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
self.assertEqual(
result,
expected,
"Ping to outside world from VM should NOT be successful"
)
expected = 0
ssh_command = "wget -t 1 -T 1 www.google.com"
check_string = "HTTP request sent, awaiting response... 200 OK"
result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
示例14: test_RVR_Network_FW_PF_SSH_default_routes
#.........这里部分代码省略.........
self.apiclient,
id=virtual_machine.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List Vms should return a valid list"
)
vm = vms[0]
self.assertEqual(
vm.state,
"Running",
"VM should be in running state after deployment"
)
self.logger.debug("Listing routers for network: %s" % network.name)
routers = Router.list(
self.apiclient,
networkid=network.id,
listall=True
)
self.assertEqual(
isinstance(routers, list),
True,
"list router should return Master and backup routers"
)
self.assertEqual(
len(routers),
2,
"Length of the list router should be 2 (Backup & master)"
)
self.logger.debug("Associating public IP for network: %s" % network.name)
public_ip = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id
)
self.logger.debug("Associated %s with network %s" % (
public_ip.ipaddress.ipaddress,
network.id
))
public_ips = list_publicIP(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
zoneid=self.zone.id
)
self.assertEqual(
isinstance(public_ips, list),
True,
"Check for list public IPs response return valid data"
)
public_ip_1 = public_ips[0]
self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip_1.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"]
)
self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
nat_rule = NATRule.create(
self.apiclient,
virtual_machine,
self.services["natrule"],
public_ip_1.id
)
self.cleanup.insert(0, network)
self.cleanup.insert(0, virtual_machine)
result = 'failed'
try:
ssh_command = "ping -c 3 8.8.8.8"
ssh = virtual_machine.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress, retries=5)
self.logger.debug("Ping to google.com from VM")
result = str(ssh.execute(ssh_command))
self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 packets received")))
except:
self.fail("Failed to SSH into VM - %s" % (public_ip.ipaddress.ipaddress))
self.assertEqual(
result.count("3 packets received"),
1,
"Ping to outside world from VM should be successful"
)
return
示例15: test_07_associate_public_ip
def test_07_associate_public_ip(self):
"""Test associate public IP within the project
"""
# Validate the following
# 1. Create a project
# 2. Add some public Ips to the project
# 3. Verify public IP assigned can only used to create PF/LB rules
# inside project
networks = Network.list(self.apiclient, projectid=self.project.id, listall=True)
self.assertEqual(isinstance(networks, list), True, "Check list networks response returns a valid response")
self.assertNotEqual(len(networks), 0, "Check list networks response returns a valid network")
network = networks[0]
self.debug("Associating public IP for project: %s" % self.project.id)
public_ip = PublicIPAddress.create(
self.apiclient,
zoneid=self.virtual_machine.zoneid,
services=self.services["server"],
networkid=network.id,
projectid=self.project.id,
)
self.cleanup.append(public_ip)
# Create NAT rule
self.debug("Creating a NAT rule within project, VM ID: %s" % self.virtual_machine.id)
nat_rule = NATRule.create(
self.apiclient,
self.virtual_machine,
self.services["natrule"],
public_ip.ipaddress.id,
projectid=self.project.id,
)
self.debug("created a NAT rule with ID: %s" % nat_rule.id)
nat_rule_response = NATRule.list(self.apiclient, id=nat_rule.id)
self.assertEqual(isinstance(nat_rule_response, list), True, "Check list response returns a valid list")
self.assertNotEqual(len(nat_rule_response), 0, "Check Port Forwarding Rule is created")
self.assertEqual(nat_rule_response[0].id, nat_rule.id, "Check Correct Port forwarding Rule is returned")
# Create Load Balancer rule and assign VMs to rule
self.debug("Created LB rule for public IP: %s" % public_ip.ipaddress)
lb_rule = LoadBalancerRule.create(
self.apiclient, self.services["lbrule"], public_ip.ipaddress.id, projectid=self.project.id
)
self.debug("Assigning VM: %s to LB rule: %s" % (self.virtual_machine.name, lb_rule.id))
lb_rule.assign(self.apiclient, [self.virtual_machine])
lb_rules = list_lb_rules(self.apiclient, id=lb_rule.id)
self.assertEqual(isinstance(lb_rules, list), True, "Check list response returns a valid list")
# verify listLoadBalancerRules lists the added load balancing rule
self.assertNotEqual(len(lb_rules), 0, "Check Load Balancer Rule in its List")
self.assertEqual(lb_rules[0].id, lb_rule.id, "Check List Load Balancer Rules returns valid Rule")
# Create Firewall rule with configurations from settings file
fw_rule = FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.ipaddress.id,
protocol="TCP",
cidrlist=[self.services["fw_rule"]["cidr"]],
startport=self.services["fw_rule"]["startport"],
endport=self.services["fw_rule"]["endport"],
projectid=self.project.id,
)
self.debug("Created firewall rule: %s" % fw_rule.id)
# After Router start, FW rule should be in Active state
fw_rules = FireWallRule.list(self.apiclient, id=fw_rule.id)
self.assertEqual(isinstance(fw_rules, list), True, "Check for list FW rules response return valid data")
self.assertEqual(fw_rules[0].state, "Active", "Check list load balancing rules")
self.assertEqual(
fw_rules[0].startport, str(self.services["fw_rule"]["startport"]), "Check start port of firewall rule"
)
self.assertEqual(
fw_rules[0].endport, str(self.services["fw_rule"]["endport"]), "Check end port of firewall rule"
)
self.debug("Deploying VM for account: %s" % self.account.name)
virtual_machine_1 = VirtualMachine.create(
self.apiclient,
self.services["server"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
)
self.cleanup.append(virtual_machine_1)
self.debug("VM state after deploy: %s" % virtual_machine_1.state)
# Verify VM state
self.assertEqual(virtual_machine_1.state, "Running", "Check VM state is Running or not")
self.debug("Creating NAT rule for VM (ID: %s) outside project" % virtual_machine_1.id)
with self.assertRaises(Exception):
NATRule.create(self.apiclient, virtual_machine_1, self.services["natrule"], public_ip.ipaddress.id)
self.debug("Creating LB rule for public IP: %s outside project" % public_ip.ipaddress)
with self.assertRaises(Exception):
LoadBalancerRule.create(
self.apiclient, self.services["lbrule"], public_ip.ipaddress.id, accountid=self.account.name
#.........这里部分代码省略.........