Get back VMTasks scenarios

We need to check existing security group rules in proper way at
allow_ash context

Change-Id: I1cf53a75f702787808daebf85231d43bfe57daea

CHANGELOG.rst

@@ -35,6 +35,8 @@ Changed
 
 * Updated upper-constraints
 
+* Improved check for existing rules at *allow_ssh* context.
+
 [1.5.0] - 2019-05-29
 --------------------
 

rally-jobs/neutron.yaml

@@ -712,3 +712,105 @@
       sla:
         failure_rate:
           max: 0
+
+  VMTasks.boot_runcommand_delete:
+    -
+      args:
+        flavor:
+            name: "m1.tiny"
+        image:
+            name: {{image_name}}
+        command:
+          script_file: "~/.rally/extra/instance_test.sh"
+          interpreter: "/bin/sh"
+        username: "cirros"
+      runner:
+        type: "constant"
+        times: {{smoke or 2}}
+        concurrency: {{smoke or 2}}
+      context:
+        users:
+          tenants: {{smoke or 2}}
+          users_per_tenant: {{smoke or 2}}
+        network: {}
+      sla:
+        failure_rate:
+          max: 0
+    -
+      args:
+        flavor:
+            name: "m1.tiny"
+        image:
+            name: {{image_name}}
+        command:
+          script_file: "~/.rally/extra/instance_test.sh"
+          interpreter: "/bin/sh"
+        username: "cirros"
+        volume_args:
+            size: 2
+      runner:
+        type: "constant"
+        times: {{smoke or 2}}
+        concurrency: {{smoke or 2}}
+      context:
+        users:
+          tenants: {{smoke or 2}}
+          users_per_tenant: {{smoke or 1}}
+        network: {}
+      sla:
+        failure_rate:
+          max: 0
+    -
+      args:
+        flavor:
+          name: {{flavor_name}}
+        image:
+          name: {{image_name}}
+        floating_network: "public"
+        command:
+          script_inline: |
+            time_seconds(){ (time -p $1 ) 2>&1 |awk '/real/{print $2}'; }
+            file=/tmp/test.img
+            c=100 #100M
+            write_seq=$(time_seconds "dd if=/dev/zero of=$file bs=1M count=$c")
+            read_seq=$(time_seconds "dd if=$file of=/dev/null bs=1M count=$c")
+            [ -f $file ] && rm $file
+
+            echo "{
+                \"write_seq\": $write_seq,
+                \"read_seq\": $read_seq
+                }"
+          interpreter: "/bin/sh"
+        username: "cirros"
+      runner:
+        type: "constant"
+        times: 2
+        concurrency: 2
+      context:
+        users:
+          tenants: 1
+          users_per_tenant: 1
+        network: {}
+      sla:
+        failure_rate:
+          max: 0
+
+  VMTasks.dd_load_test:
+    -
+      args:
+        flavor:
+            name: "m1.tiny"
+        image:
+            name: {{image_name}}
+        floating_network: "public"
+        force_delete: false
+        username: "cirros"
+      runner:
+        type: "constant"
+        times: 2
+        concurrency: 2
+      context:
+        users:
+          tenants: 2
+          users_per_tenant: 1
+        network: {}

rally_openstack/contexts/network/allow_ssh.py

@@ -25,6 +25,39 @@ from rally_openstack.wrappers import network
 LOG = logging.getLogger(__name__)
 
 
+# This method is simplified version to what neutron has
+def _rule_to_key(rule):
+    def _normalize_rule_value(key, value):
+        # This string is used as a placeholder for str(None), but shorter.
+        none_char = "+"
+
+        default = {
+            "port_range_min": "1",
+            "port_range_max": "65535"
+        }
+
+        if key == "remote_ip_prefix":
+            all_address = ["0.0.0.0/0", "::/0", None]
+            if value in all_address:
+                return none_char
+        elif value is None:
+            return default.get(key, none_char)
+        return str(value)
+
+    # NOTE(andreykurilin): there are more actual comparison keys, but this set
+    #   should be enough for us.
+    comparison_keys = [
+        "direction",
+        "port_range_max",
+        "port_range_min",
+        "protocol",
+        "remote_ip_prefix",
+        "security_group_id"
+    ]
+    return "_".join([_normalize_rule_value(x, rule.get(x))
+                     for x in comparison_keys])
+
+
 def _prepare_open_secgroup(credential, secgroup_name):
     """Generate secgroup allowing all tcp/udp/icmp access.
 
@@ -53,30 +86,29 @@ def _prepare_open_secgroup(credential, secgroup_name):
             "port_range_max": 65535,
             "port_range_min": 1,
             "remote_ip_prefix": "0.0.0.0/0",
-            "direction": "ingress"
+            "direction": "ingress",
+            "security_group_id": rally_open["id"]
         },
         {
             "protocol": "udp",
             "port_range_max": 65535,
             "port_range_min": 1,
             "remote_ip_prefix": "0.0.0.0/0",
-            "direction": "ingress"
+            "direction": "ingress",
+            "security_group_id": rally_open["id"]
         },
         {
             "protocol": "icmp",
             "remote_ip_prefix": "0.0.0.0/0",
-            "direction": "ingress"
+            "direction": "ingress",
+            "security_group_id": rally_open["id"]
         }
     ]
 
-    def rule_match(criteria, existing_rule):
+    existing_rules = set(
-        return all(existing_rule[key] == value
+        _rule_to_key(r) for r in rally_open.get("security_group_rules", []))
-                   for key, value in criteria.items())
-
     for new_rule in rules_to_add:
-        if not any(rule_match(new_rule, existing_rule) for existing_rule
+        if _rule_to_key(new_rule) not in existing_rules:
-                   in rally_open.get("security_group_rules", [])):
-            new_rule["security_group_id"] = rally_open["id"]
             neutron.create_security_group_rule(
                 {"security_group_rule": new_rule})