Merge "[Stateless SG] Fix usage of the default stateless SG"
This commit is contained in:
commit
d270ea2d0a
|
@ -166,12 +166,18 @@ class BaseNetworkSecGroupTest(base.BaseTempestTestCase):
|
|||
servers=servers)
|
||||
|
||||
def _test_default_sec_grp_scenarios(self):
|
||||
# Ensure that SG used in tests is stateful or stateless as required
|
||||
default_sg_id = self.os_primary.network_client.list_security_groups()[
|
||||
'security_groups'][0]['id']
|
||||
self.os_primary.network_client.update_security_group(
|
||||
default_sg_id, stateful=not self.stateless_sg)
|
||||
if self.stateless_sg:
|
||||
self.create_ingress_metadata_secgroup_rule(
|
||||
secgroup_id=default_sg_id)
|
||||
server_ssh_clients, fips, servers = self.create_vm_testing_sec_grp()
|
||||
|
||||
# Check ssh connectivity when you add sec group rule, enabling ssh
|
||||
self.create_loginable_secgroup_rule(
|
||||
self.os_primary.network_client.list_security_groups()[
|
||||
'security_groups'][0]['id']
|
||||
)
|
||||
self.create_loginable_secgroup_rule(default_sg_id)
|
||||
self.check_connectivity(fips[0]['floating_ip_address'],
|
||||
CONF.validation.image_ssh_user,
|
||||
self.keypair['private_key'])
|
||||
|
@ -187,6 +193,10 @@ class BaseNetworkSecGroupTest(base.BaseTempestTestCase):
|
|||
servers=servers)
|
||||
|
||||
# Check ICMP connectivity from VM to external network
|
||||
if self.stateless_sg:
|
||||
# NOTE(slaweq): in case of stateless SG explicit ingress rule for
|
||||
# the ICMP replies needs to be added too
|
||||
self.create_pingable_secgroup_rule(default_sg_id)
|
||||
subnets = self.os_admin.network_client.list_subnets(
|
||||
network_id=CONF.network.public_network_id)['subnets']
|
||||
ext_net_ip = None
|
||||
|
|
Loading…
Reference in New Issue