From 622456a7158559fca913441e88f9d34ac5214550 Mon Sep 17 00:00:00 2001
From: Alexey Zaytsev <azaytsev@mirantis.com>
Date: Mon, 12 Sep 2016 17:18:27 +0300
Subject: [PATCH] OS-Faults mechanism to close/open service ports on nodes

The following methods were added for service "mysql":
- "unplug" - appends rule to iptables to blocking port on node
- "plug" - for unblocking

Change-Id: I4fc89eab9d786597a232c3117b1817157e8f6bcb
---
 os_faults/api/service.py  | 22 ++++++++++++++++++++++
 os_faults/drivers/fuel.py | 21 +++++++++++++++++++++
 2 files changed, 43 insertions(+)

diff --git a/os_faults/api/service.py b/os_faults/api/service.py
index 55d4885..0df7391 100644
--- a/os_faults/api/service.py
+++ b/os_faults/api/service.py
@@ -68,3 +68,25 @@ class Service(object):
         :param nodes: NodesCollection
         """
         raise NotImplementedError
+
+    def freeze(self, nodes=None, sec=None):
+        """SIGSTOP
+
+        Send SIGSTOP to Service into network on all nodes or on particular
+        subset. If sec is defined - it mean Service will be stopped for
+        a wile.
+
+        :param nodes: NodesCollection
+        :param sec: int
+        """
+        raise NotImplementedError
+
+    def unfreeze(self, nodes=None):
+        """SIGCONT
+
+        Send SIGCONT to Service into network on all nodes or on particular
+        subset.
+
+        :param nodes: NodesCollection
+        """
+        raise NotImplementedError
diff --git a/os_faults/drivers/fuel.py b/os_faults/drivers/fuel.py
index f6aec20..942516f 100644
--- a/os_faults/drivers/fuel.py
+++ b/os_faults/drivers/fuel.py
@@ -162,6 +162,20 @@ class FuelService(service.Service):
         logging.info('UNFREEZE %s, result: %s', str(self.__class__),
                      task_result)
 
+    def plug(self, nodes=None):
+        nodes = nodes or self.get_nodes()
+        task_result = self._run_task(
+            {'command': self.PLUG_CMD.format(self.PORT)}, nodes)
+        logging.info('Open port %s, result: %s', str(self.__class__),
+                     task_result)
+
+    def unplug(self, nodes=None):
+        nodes = nodes or self.get_nodes()
+        task_result = self._run_task(
+            {'command': self.UNPLUG_CMD.format(self.PORT)}, nodes)
+        logging.info('Close port %s, result: %s', str(self.__class__),
+                     task_result)
+
 
 class KeystoneService(FuelService):
     GET_NODES_CMD = 'bash -c "ps ax | grep \'[k]eystone-main\'"'
@@ -198,6 +212,13 @@ class MySQLService(FuelService):
                       'chmod 770 $tf; nohup $tf &"')
     UNFREEZE_CMD = ('bash -c "ps ax | grep [m]ysqld'
                     ' | awk {\'print $1\'} | xargs kill -18"')
+    PORT = 3307
+    PLUG_CMD = ('bash -c "rule=`iptables -L INPUT -n --line-numbers | '
+                'grep \"MySQL_temporary_DROP\" | cut -d \' \' -f1`; '
+                'for arg in $rule; do iptables -D INPUT -p tcp --dport {0} '
+                '-j DROP -m comment --comment "MySQL_temporary_DROP"; done"')
+    UNPLUG_CMD = ('bash -c "iptables -I INPUT 1 -p tcp --dport {0} -j DROP '
+                  '-m comment --comment \"MySQL_temporary_DROP\""')
 
 
 class RabbitMQService(FuelService):