def createNetworkRulesForVM(apiclient, virtualmachine, ruletype,
account, networkruledata):
"""Acquire IP, create Firewall and NAT/StaticNAT rule
(associating it with given vm) for that IP"""
try:
public_ip = PublicIPAddress.create(
apiclient,accountid=account.name,
zoneid=virtualmachine.zoneid,domainid=account.domainid,
networkid=virtualmachine.nic[0].networkid)
FireWallRule.create(
apiclient,ipaddressid=public_ip.ipaddress.id,
protocol='TCP', cidrlist=[networkruledata["fwrule"]["cidr"]],
startport=networkruledata["fwrule"]["startport"],
endport=networkruledata["fwrule"]["endport"]
)
if ruletype == NAT_RULE:
# Create NAT rule
NATRule.create(apiclient, virtualmachine,
networkruledata["natrule"],ipaddressid=public_ip.ipaddress.id,
networkid=virtualmachine.nic[0].networkid)
elif ruletype == STATIC_NAT_RULE:
# Enable Static NAT for VM
StaticNATRule.enable(apiclient,public_ip.ipaddress.id,
virtualmachine.id, networkid=virtualmachine.nic[0].networkid)
except Exception as e:
[FAIL, e]
return [PASS, public_ip]
def create_StaticNatRule_For_VM(self, vm, public_ip, network):
self.debug("Enabling static NAT for IP: %s" % public_ip.ipaddress.ipaddress)
try:
StaticNATRule.enable(
self.apiclient, ipaddressid=public_ip.ipaddress.id, virtualmachineid=vm.id, networkid=network.id
)
self.debug("Static NAT enabled for IP: %s" % public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("Failed to enable static NAT on IP: %s - %s" % (public_ip.ipaddress.ipaddress, e))
def create_StaticNatRule_For_VM(self, vm, public_ip, network):
self.debug("Enabling static NAT for IP: %s" %
public_ip.ipaddress.ipaddress)
try:
StaticNATRule.enable(self.apiclient,
ipaddressid=public_ip.ipaddress.id,
virtualmachineid=vm.id,
networkid=network.id)
self.debug("Static NAT enabled for IP: %s" %
public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("Failed to enable static NAT on IP: %s - %s" %
(public_ip.ipaddress.ipaddress, e))
def delete_StaticNatRule_For_VM(self, vm, public_ip):
self.debug("Disabling static NAT for IP: %s" %
public_ip.ipaddress.ipaddress)
try:
StaticNATRule.disable(
self.apiclient,
ipaddressid=public_ip.ipaddress.id,
virtualmachineid=vm.id,
)
self.debug("Static NAT disabled for IP: %s" %
public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("Failed to disabled static NAT on IP: %s - %s" %
(public_ip.ipaddress.ipaddress, e))
def delete_StaticNatRule_For_VM(self, vm, public_ip):
self.debug("Disabling static NAT for IP: %s" %
public_ip.ipaddress.ipaddress)
try:
StaticNATRule.disable(
self.apiclient,
ipaddressid=public_ip.ipaddress.id,
virtualmachineid=vm.id,
)
self.debug("Static NAT disabled for IP: %s" %
public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("Failed to disabled static NAT on IP: %s - %s" % (
public_ip.ipaddress.ipaddress, e))
def test_disable_static_nat(self, value):
""" Add secondary IP to NIC of a VM"""
# Steps:
# 1. Create Account and create network in it (isoalted/ shared/ vpc)
# 2. Deploy a VM in this network and account
# 3. Add 2 secondary IPs to the default nic of VM
# 4. Acquire public IP, open firewall for it, and
# enable static NAT rule for this public IP to the 1st secondary IP
# 5. Disable the static nat rule and enable it again
# Validations:
# 1. Verify step 5 by listing seconday IP and checking the appropriate flag
self.account = Account.create(self.apiclient,self.services["account"],domainid=self.domain.id)
self.cleanup.append(self.account)
network = createNetwork(self, value)
try:
virtual_machine = VirtualMachine.create(self.apiclient,self.services["virtual_machine"],
networkids=[network.id],serviceofferingid=self.service_offering.id,
accountid=self.account.name,domainid=self.account.domainid)
except Exception as e:
self.fail("vm creation failed: %s" % e)
try:
ipaddress_1 = NIC.addIp(self.apiclient, id=virtual_machine.nic[0].id)
except Exception as e:
self.fail("Failed while adding secondary IP to NIC of vm %s" % virtual_machine.id)
public_ip = PublicIPAddress.create(self.api_client,accountid=self.account.name,
zoneid=self.zone.id,domainid=self.account.domainid,
networkid=network.id, vpcid = network.vpcid if value == VPC_NETWORK else None)
if value != VPC_NETWORK:
FireWallRule.create(self.apiclient,ipaddressid=public_ip.ipaddress.id,
protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]],
startport=self.services["fwrule"]["startport"],endport=self.services["fwrule"]["endport"])
StaticNATRule.enable(self.apiclient, public_ip.ipaddress.id, virtual_machine.id,
network.id, vmguestip=ipaddress_1.ipaddress)
self.VerifyStaticNatForPublicIp(public_ip.ipaddress.id, True)
# Disabling static NAT
StaticNATRule.disable(self.apiclient, public_ip.ipaddress.id)
self.VerifyStaticNatForPublicIp(public_ip.ipaddress.id, False)
StaticNATRule.enable(self.apiclient, public_ip.ipaddress.id, virtual_machine.id,
network.id, vmguestip=ipaddress_1.ipaddress)
self.VerifyStaticNatForPublicIp(public_ip.ipaddress.id, True)
public_ip.delete(self.apiclient)
return
def createNetworkRules(self, virtual_machine, network, vmguestip, networktype, ruletype):
""" Acquire public ip in the given network, open firewall if required and
create NAT rule for the public ip to the given guest vm ip address"""
try:
public_ip = PublicIPAddress.create(self.api_client,accountid=self.account.name,
zoneid=self.zone.id,domainid=self.account.domainid,
networkid=network.id, vpcid = network.vpcid if networktype == VPC_NETWORK else None)
if networktype != VPC_NETWORK:
FireWallRule.create(self.apiclient,ipaddressid=public_ip.ipaddress.id,
protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]],
startport=self.services["fwrule"]["startport"],endport=self.services["fwrule"]["endport"])
if ruletype == "nat":
NATRule.create(self.api_client, virtual_machine,
self.services["natrule"],ipaddressid=public_ip.ipaddress.id,
networkid=network.id, vmguestip = vmguestip)
elif ruletype == "staticnat":
StaticNATRule.enable(self.apiclient, public_ip.ipaddress.id, virtual_machine.id, network.id, vmguestip=vmguestip)
except Exception:
return FAIL
return PASS
