openstack/devstack
Code Issues Proposed changes

Clean up security groups in exercises

Browse Source 
* fix problem with deleting security groups too early in
  floating_ips.sh and euca.sh
* create and clean up security groups
* cosmetic cleanups

Change-Id: Ie45e03f889c540ec83f27a02b10e787060c5d4d7
This commit is contained in:
Dean Troyer 2012-08-17 14:11:55 -05:00
parent 40f351e598
commit 96288ba9a9
4 changed files with 49 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
exercises/boot_from_volume.sh
View File

@ -49,6 +49,10 @@ DEFAULT_FLOATING_POOL=${DEFAULT_FLOATING_POOL:-nova}
# Default user # Default user
DEFAULT_INSTANCE_USER=${DEFAULT_INSTANCE_USER:-cirros} DEFAULT_INSTANCE_USER=${DEFAULT_INSTANCE_USER:-cirros}
# Security group name
SECGROUP=${SECGROUP:-boot_secgroup}
# Launching servers # Launching servers
# ================= # =================
@ -72,7 +76,6 @@ if ! timeout $ACTIVE_TIMEOUT sh -c "while nova show $INSTANCE_NAME; do sleep 1;
fi fi
# Configure Security Groups # Configure Security Groups
SECGROUP=${SECGROUP:-test_secgroup}
nova secgroup-delete $SECGROUP || true nova secgroup-delete $SECGROUP || true
nova secgroup-create $SECGROUP "$SECGROUP description" nova secgroup-create $SECGROUP "$SECGROUP description"
nova secgroup-add-rule $SECGROUP icmp -1 -1 0.0.0.0/0 nova secgroup-add-rule $SECGROUP icmp -1 -1 0.0.0.0/0
@ -246,8 +249,8 @@ nova delete $INSTANCE_NAME || \
die "Failure deleting instance $INSTANCE_NAME" die "Failure deleting instance $INSTANCE_NAME"
# Wait for termination # Wait for termination
if ! timeout $ACTIVE_TIMEOUT sh -c "while nova show $INSTANCE_NAME; do sleep 1; done"; then if ! timeout $TERMINATE_TIMEOUT sh -c "while nova list | grep -q $VM_UUID; do sleep 1; done"; then
echo "server didn't terminate!" echo "Server $NAME not deleted"
exit 1 exit 1
fi fi
@ -256,8 +259,7 @@ nova floating-ip-delete $FLOATING_IP || \
die "Failure deleting floating IP $FLOATING_IP" die "Failure deleting floating IP $FLOATING_IP"
# Delete a secgroup # Delete a secgroup
nova secgroup-delete $SECGROUP || \ nova secgroup-delete $SECGROUP || die "Failure deleting security group $SECGROUP"
die "Failure deleting security group $SECGROUP"
set +o xtrace set +o xtrace
echo "*********************************************************************" echo "*********************************************************************"

11
exercises/euca.sh
View File

@ -43,6 +43,9 @@ DEFAULT_INSTANCE_TYPE=${DEFAULT_INSTANCE_TYPE:-m1.tiny}
# Boot this image, use first AMI-format image if unset # Boot this image, use first AMI-format image if unset
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ami} DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ami}
# Security group name
SECGROUP=${SECGROUP:-euca_secgroup}
# Launching a server # Launching a server
# ================== # ==================
@ -50,9 +53,6 @@ DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ami}
# Find a machine image to boot # Find a machine image to boot
IMAGE=`euca-describe-images | grep machine | grep ${DEFAULT_IMAGE_NAME} | cut -f2 | head -n1` IMAGE=`euca-describe-images | grep machine | grep ${DEFAULT_IMAGE_NAME} | cut -f2 | head -n1`
# Define secgroup
SECGROUP=euca_secgroup
# Add a secgroup # Add a secgroup
if ! euca-describe-groups | grep -q $SECGROUP; then if ! euca-describe-groups | grep -q $SECGROUP; then
euca-add-group -d "$SECGROUP description" $SECGROUP euca-add-group -d "$SECGROUP description" $SECGROUP
@ -119,14 +119,13 @@ euca-terminate-instances $INSTANCE || \
die "Failure terminating instance $INSTANCE" die "Failure terminating instance $INSTANCE"
# Assure it has terminated within a reasonable time # Assure it has terminated within a reasonable time
if ! timeout $TERMINATE_TIMEOUT sh -c "while euca-describe-instances $INSTANCE | grep -q running; do sleep 1; done"; then if ! timeout $TERMINATE_TIMEOUT sh -c "while euca-describe-instances $INSTANCE | grep -q $INSTANCE; do sleep 1; done"; then
echo "server didn't terminate within $TERMINATE_TIMEOUT seconds" echo "server didn't terminate within $TERMINATE_TIMEOUT seconds"
exit 1 exit 1
fi fi
# Delete group # Delete group
euca-delete-group $SECGROUP || \ euca-delete-group $SECGROUP || die "Failure deleting security group $SECGROUP"
die "Failure deleting security group $SECGROUP"
set +o xtrace set +o xtrace
echo "*********************************************************************" echo "*********************************************************************"

8
exercises/floating_ips.sh
View File

@ -200,12 +200,12 @@ nova floating-ip-delete $FLOATING_IP || die "Failure deleting floating IP $FLOAT
# Delete second floating IP # Delete second floating IP
nova floating-ip-delete $TEST_FLOATING_IP || die "Failure deleting floating IP $TEST_FLOATING_IP" nova floating-ip-delete $TEST_FLOATING_IP || die "Failure deleting floating IP $TEST_FLOATING_IP"
# shutdown the server # Shutdown the server
nova delete $VM_UUID || die "Failure deleting instance $NAME" nova delete $VM_UUID || die "Failure deleting instance $NAME"
# make sure the VM shuts down within a reasonable time # Wait for termination
if ! timeout $TERMINATE_TIMEOUT sh -c "while nova show $VM_UUID | grep status | grep -q ACTIVE; do sleep 1; done"; then if ! timeout $TERMINATE_TIMEOUT sh -c "while nova list | grep -q $VM_UUID; do sleep 1; done"; then
echo "server didn't shut down!" echo "Server $NAME not deleted"
exit 1 exit 1
fi fi

35
exercises/volumes.sh
View File

@ -43,6 +43,9 @@ DEFAULT_INSTANCE_TYPE=${DEFAULT_INSTANCE_TYPE:-m1.tiny}
# Boot this image, use first AMi image if unset # Boot this image, use first AMi image if unset
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ami} DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-ami}
# Security group name
SECGROUP=${SECGROUP:-vol_secgroup}
# Launching a server # Launching a server
# ================== # ==================
@ -62,6 +65,25 @@ glance image-list
# Grab the id of the image to launch # Grab the id of the image to launch
IMAGE=$(glance image-list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1) IMAGE=$(glance image-list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
# Security Groups
# ---------------
# List of secgroups:
nova secgroup-list
# Create a secgroup
if ! nova secgroup-list | grep -q $SECGROUP; then
nova secgroup-create $SECGROUP "$SECGROUP description"
if ! timeout $ASSOCIATE_TIMEOUT sh -c "while ! nova secgroup-list | grep -q $SECGROUP; do sleep 1; done"; then
echo "Security group not created"
exit 1
fi
fi
# Configure Security Group Rules
nova secgroup-add-rule $SECGROUP icmp -1 -1 0.0.0.0/0
nova secgroup-add-rule $SECGROUP tcp 22 22 0.0.0.0/0
# determinine instance type # determinine instance type
# ------------------------- # -------------------------
@ -171,8 +193,17 @@ if ! timeout $ACTIVE_TIMEOUT sh -c "while ! nova volume-list | grep $VOL_NAME; d
exit 1 exit 1
fi fi
# shutdown the server # Shutdown the server
nova delete $NAME || die "Failure deleting instance $NAME" nova delete $VM_UUID || die "Failure deleting instance $NAME"
# Wait for termination
if ! timeout $TERMINATE_TIMEOUT sh -c "while nova list | grep -q $VM_UUID; do sleep 1; done"; then
echo "Server $NAME not deleted"
exit 1
fi
# Delete a secgroup
nova secgroup-delete $SECGROUP || die "Failure deleting security group $SECGROUP"
set +o xtrace set +o xtrace
echo "*********************************************************************" echo "*********************************************************************"