cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r...@apache.org
Subject [4/5] git commit: updated refs/heads/master to be41921
Date Tue, 13 Oct 2015 20:39:18 GMT
CLOUDSTACK-8934 - Fix the AclIP class to make it configure the default FW policy


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/cd8c3e97
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/cd8c3e97
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/cd8c3e97

Branch: refs/heads/master
Commit: cd8c3e97f594639292075d9a704dc7c382a103ca
Parents: b4dc392
Author: Wilder Rodrigues <wrodrigues@schubergphilis.com>
Authored: Sat Oct 10 12:02:47 2015 +0200
Committer: Wilder Rodrigues <wrodrigues@schubergphilis.com>
Committed: Sun Oct 11 14:57:33 2015 +0200

----------------------------------------------------------------------
 .../VirtualNetworkApplianceManagerImpl.java     |  2 +-
 .../debian/config/opt/cloud/bin/configure.py    |  8 +++-
 .../component/test_routers_network_ops.py       | 45 ++++++++++----------
 3 files changed, 30 insertions(+), 25 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/cd8c3e97/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index 9eda2a2..f0e5f09 100644
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -1975,7 +1975,7 @@ Configurable, StateListener<State, VirtualMachine.Event, VirtualMachine>
{
         final NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
         final Boolean defaultEgressPolicy = offering.getEgressDefaultPolicy();
 
-        // The default on the router is set to Deny all. So, if the default configuration
in the offering is set to treu (Allow), we change the Egress here
+        // The default on the router is set to Deny all. So, if the default configuration
in the offering is set to true (Allow), we change the Egress here
         if (defaultEgressPolicy) {
             final List<String> sourceCidr = new ArrayList<String>();
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/cd8c3e97/systemvm/patches/debian/config/opt/cloud/bin/configure.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index c3c4cae..55a4b94 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -86,8 +86,14 @@ class CsAcl(CsDataBag):
                 self.rule['first_port'] = obj['src_port_range'][0]
                 self.rule['last_port'] = obj['src_port_range'][1]
             self.rule['allowed'] = True
-            self.rule['cidr'] = obj['source_cidr_list']
+
+            if self.rule['type'] == 'all' and not obj['source_cidr_list']:
+                self.rule['cidr'] = ['0.0.0.0/0']
+            else:
+                self.rule['cidr'] = obj['source_cidr_list']
+
             self.rule['action'] = "ACCEPT"
+            logging.debug("AclIP created for rule ==> %s", self.rule)
 
         def create(self):
             for cidr in self.rule['cidr']:

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/cd8c3e97/test/integration/component/test_routers_network_ops.py
----------------------------------------------------------------------
diff --git a/test/integration/component/test_routers_network_ops.py b/test/integration/component/test_routers_network_ops.py
index 95ede49..ba3e5e4 100644
--- a/test/integration/component/test_routers_network_ops.py
+++ b/test/integration/component/test_routers_network_ops.py
@@ -32,7 +32,8 @@ from marvin.lib.base import (ServiceOffering,
                              FireWallRule,
                              PublicIPAddress,
                              NetworkOffering,
-                             Network)
+                             Network,
+                             Router)
 from marvin.lib.common import (get_zone,
                                get_template,
                                get_domain,
@@ -62,7 +63,7 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
         cls.domain = get_domain(cls.api_client)
         cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
         cls.services['mode'] = cls.zone.networktype
-        template = get_template(
+        cls.template = get_template(
             cls.api_client,
             cls.zone.id,
             cls.services["ostype"]
@@ -157,34 +158,17 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
              )
         nw_response = networks[0]
 
-        self.logger.debug("Network state: %s" % nw_response.state)
-        self.assertEqual(
-                    nw_response.state,
-                    "Allocated",
-                    "The network should be in allocated state after creation"
-                    )
-
-        self.logger.debug("Listing routers for network: %s" % network.name)
-        routers = Router.list(
-                              self.apiclient,
-                              networkid=network.id,
-                              listall=True
-                              )
-        self.assertEqual(
-            routers,
-            None,
-            "Routers should not be spawned when network is in allocated state"
-            )
-
         self.logger.debug("Deploying VM in account: %s" % self.account.name)
         virtual_machine = VirtualMachine.create(
                                   self.apiclient,
                                   self.services["virtual_machine"],
+                                  templateid=self.template.id,
                                   accountid=self.account.name,
                                   domainid=self.account.domainid,
                                   serviceofferingid=self.service_offering.id,
                                   networkids=[str(network.id)]
                                   )
+        
         self.logger.debug("Deployed VM in network: %s" % network.id)
 
         vms = VirtualMachine.list(
@@ -234,10 +218,25 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
                                         network.id
                                         ))
 
+        public_ips = list_publicIP(
+            self.apiclient,
+            account=self.account.name,
+            domainid=self.account.domainid,
+            zoneid=self.zone.id
+        )
+
+        self.assertEqual(
+            isinstance(public_ips, list),
+            True,
+            "Check for list public IPs response return valid data"
+        )
+
+        public_ip_1 = public_ips[0]
+
         self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
         FireWallRule.create(
             self.apiclient,
-            ipaddressid=public_ip.id,
+            ipaddressid=public_ip_1.id,
             protocol=self.services["natrule"]["protocol"],
             cidrlist=['0.0.0.0/0'],
             startport=self.services["natrule"]["publicport"],
@@ -249,7 +248,7 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
             self.apiclient,
             virtual_machine,
             self.services["natrule"],
-            public_ip.id
+            public_ip_1.id
         )
 
         self.cleanup.insert(0, network)


Mime
View raw message