diff --git a/vmtp/compute.py b/vmtp/compute.py index 9e99a7a..6a4c199 100644 --- a/vmtp/compute.py +++ b/vmtp/compute.py @@ -20,12 +20,12 @@ import time import glanceclient.exc as glance_exception import novaclient +import novaclient.exceptions as exceptions class Compute(object): - def __init__(self, nova_client, neutron_client, config): + def __init__(self, nova_client, config): self.novaclient = nova_client - self.neutronclient = neutron_client self.config = config def find_image(self, image_name): @@ -153,7 +153,7 @@ class Compute(object): retry_count=10): if sec_group: - security_groups = [sec_group['id']] + security_groups = [sec_group.name] else: security_groups = None # Also attach the created security group for the test @@ -250,7 +250,7 @@ class Compute(object): ''' if host_list: for hyp in host_list: - if hyp.host_name == host: + if hyp.host == host: return self.normalize_az_host(hyp.zone, host) # no match on host print('Error: passed host name does not exist: ' + host) @@ -384,60 +384,72 @@ class Compute(object): # Create a new security group with appropriate rules def security_group_create(self): # check first the security group exists - sec_groups = self.neutronclient.list_security_groups()['security_groups'] - group = [x for x in sec_groups if x['name'] == self.config.security_group_name] - if len(group) > 0: - return group[0] - - body = { - 'security_group': { - 'name': self.config.security_group_name, - 'description': 'PNS Security Group' - } - } - group = self.neutronclient.create_security_group(body)['security_group'] - self.security_group_add_rules(group) - return group + # May throw exceptions.NoUniqueMatch or NotFound + try: + group = self.novaclient.security_groups.find(name=self.config.security_group_name) + return group + except exceptions.NotFound: + group = self.novaclient.security_groups.create(name=self.config.security_group_name, + description="PNS Security group") + # Once security group try to find it iteratively + # (this check may no longer be necessary) + for _ in range(self.config.generic_retry_count): + group = self.novaclient.security_groups.get(group) + if group: + self.security_group_add_rules(group) + return group + else: + time.sleep(1) + return None + # except exceptions.NoUniqueMatch as exc: + # raise exc # Delete a security group def security_group_delete(self, group): if group: print "Deleting security group" - self.neutronclient.delete_security_group(group['id']) + self.novaclient.security_groups.delete(group) # Add rules to the security group def security_group_add_rules(self, group): - body = { - 'security_group_rule': { - 'direction': 'ingress', 'security_group_id': group['id'], 'remote_group_id': None - } - } - if self.config.ipv6_mode: - body['security_group_rule']['ethertype'] = 'IPv6' - body['security_group_rule']['remote_ip_prefix'] = '::/0' - else: - body['security_group_rule']['ethertype'] = 'IPv4' - body['security_group_rule']['remote_ip_prefix'] = '0.0.0.0/0' - # Allow ping traffic - body['security_group_rule']['protocol'] = 'icmp' - body['security_group_rule']['port_range_min'] = None - body['security_group_rule']['port_range_max'] = None - self.neutronclient.create_security_group_rule(body) - + self.novaclient.security_group_rules.create(group.id, + ip_protocol="icmp", + from_port=-1, + to_port=-1) + if self.config.ipv6_mode: + self.novaclient.security_group_rules.create(group.id, + ip_protocol="icmp", + from_port=-1, + to_port=-1, + cidr="::/0") # Allow SSH traffic - body['security_group_rule']['protocol'] = 'tcp' - body['security_group_rule']['port_range_min'] = 22 - body['security_group_rule']['port_range_max'] = 22 - self.neutronclient.create_security_group_rule(body) - + self.novaclient.security_group_rules.create(group.id, + ip_protocol="tcp", + from_port=22, + to_port=22) # Allow TCP/UDP traffic for perf tools like iperf/nuttcp # 5001: Data traffic (standard iperf data port) # 5002: Control traffic (non standard) # note that 5000/tcp is already picked by openstack keystone - body['security_group_rule']['protocol'] = 'tcp' - body['security_group_rule']['port_range_min'] = 5001 - body['security_group_rule']['port_range_max'] = 5002 - self.neutronclient.create_security_group_rule(body) - body['security_group_rule']['protocol'] = 'udp' - self.neutronclient.create_security_group_rule(body) + if not self.config.ipv6_mode: + self.novaclient.security_group_rules.create(group.id, + ip_protocol="tcp", + from_port=5001, + to_port=5002) + self.novaclient.security_group_rules.create(group.id, + ip_protocol="udp", + from_port=5001, + to_port=5001) + else: + # IPV6 rules addition + self.novaclient.security_group_rules.create(group.id, + ip_protocol="tcp", + from_port=5001, + to_port=5002, + cidr="::/0") + self.novaclient.security_group_rules.create(group.id, + ip_protocol="udp", + from_port=5001, + to_port=5001, + cidr="::/0") diff --git a/vmtp/instance.py b/vmtp/instance.py index 750ddcf..6d36f25 100644 --- a/vmtp/instance.py +++ b/vmtp/instance.py @@ -13,9 +13,7 @@ # under the License. # -import os import re -import stat import monitor from netaddr import IPAddress @@ -92,7 +90,7 @@ class Instance(object): if self.config.vnic_type: # create the VM by passing a port ID instead of a net ID self.port = self.net.create_port(int_net['id'], - [sec_group['id']], + [sec_group.id], self.config.vnic_type) nics = [{'port-id': self.port['id']}] # no need to create server with a security group since @@ -242,8 +240,6 @@ class Instance(object): self.buginf('tool %s already present - skipping install', tool_name) return True - # first chmod the local copy since git does not keep the permission - os.chmod(source, stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO) # scp over the tool binary self.buginf('Copying %s to target...', tool_name) diff --git a/vmtp/vmtp.py b/vmtp/vmtp.py index 13554b2..bfe8ef2 100755 --- a/vmtp/vmtp.py +++ b/vmtp/vmtp.py @@ -201,7 +201,7 @@ class VmtpTest(object): nova_client = Client(**creds_nova) neutron = neutronclient.Client(**creds) - self.comp = compute.Compute(nova_client, neutron, self.config) + self.comp = compute.Compute(nova_client, self.config) # Add the appropriate public key to openstack self.comp.init_key_pair(self.config.public_key_name, self.instance_access)