Merge "Tempest: Change external network to public network"
This commit is contained in:
commit
ed68eb5385
|
@ -54,8 +54,9 @@ NetworkGroup = [
|
|||
cfg.StrOpt('host_in_search_domain',
|
||||
default='mail',
|
||||
help="host exists in dns_search_domain"),
|
||||
cfg.StrOpt('external_network_cidr',
|
||||
help="external network cidr"),
|
||||
cfg.StrOpt('public_network_cidr',
|
||||
help="Public network cidr which provides external network"
|
||||
" connectivity"),
|
||||
]
|
||||
|
||||
nsxv_group = cfg.OptGroup(name='nsxv',
|
||||
|
|
|
@ -55,8 +55,8 @@ class TestMicroSegmentationOps(manager.NetworkScenarioTest):
|
|||
if not test.is_extension_enabled(ext, 'network'):
|
||||
msg = "%s extension not enabled." % ext
|
||||
raise cls.skipException(msg)
|
||||
if not (CONF.network.external_network_cidr):
|
||||
msg = "External network CIDR must be defined in network section."
|
||||
if not (CONF.network.public_network_cidr):
|
||||
msg = "public_network_cidr must be defined in network section."
|
||||
raise cls.skipException(msg)
|
||||
|
||||
@classmethod
|
||||
|
@ -76,8 +76,8 @@ class TestMicroSegmentationOps(manager.NetworkScenarioTest):
|
|||
# Common rules to allow the following traffic
|
||||
# 1. Egress ICMP IPv4 any any
|
||||
# 2. Egress ICMP IPv6 any any
|
||||
# 3. Ingress ICMP IPv4 from exteranl network
|
||||
# 4. Ingress TCP 22 (SSH) from external network
|
||||
# 3. Ingress ICMP IPv4 from public network
|
||||
# 4. Ingress TCP 22 (SSH) from public network
|
||||
common_ruleset = [
|
||||
dict(
|
||||
direction='egress',
|
||||
|
@ -93,12 +93,12 @@ class TestMicroSegmentationOps(manager.NetworkScenarioTest):
|
|||
protocol='tcp',
|
||||
port_range_min=22,
|
||||
port_range_max=22,
|
||||
remote_ip_prefix=CONF.network.external_network_cidr
|
||||
remote_ip_prefix=CONF.network.public_network_cidr
|
||||
),
|
||||
dict(
|
||||
direction='ingress',
|
||||
protocol='icmp',
|
||||
remote_ip_prefix=CONF.network.external_network_cidr
|
||||
remote_ip_prefix=CONF.network.public_network_cidr
|
||||
)
|
||||
]
|
||||
# Rules that are specific to web tier network
|
||||
|
@ -146,7 +146,7 @@ class TestMicroSegmentationOps(manager.NetworkScenarioTest):
|
|||
for ruleset in web_rulesets:
|
||||
self._create_security_group_rule(secgroup=web_sg, **ruleset)
|
||||
for ruleset in app_rulesets:
|
||||
self._create_security_group_rule(secgroup=web_sg, **ruleset)
|
||||
self._create_security_group_rule(secgroup=app_sg, **ruleset)
|
||||
return (web_sg, app_sg)
|
||||
|
||||
def _create_network_topo(self, **kwargs):
|
||||
|
|
Loading…
Reference in New Issue