def create_checker(self, test_obj): kvm_sg_checker_chain = checker_header.CheckerChain() checker_dict = {} for nic_uuid in test_obj.get_all_nics(): target_vm = test_obj.get_vm_by_nic(nic_uuid) if target_vm.state == vm_header.RUNNING: if test_lib.lib_is_vm_sim(target_vm.vm): kvm_sg_checker_chain.add_checker(db_checker.zstack_sg_db_checker(True), test_obj) continue if not test_lib.lib_is_vm_kvm(target_vm.vm): continue if test_obj.get_nic_tcp_ingress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_tcp_ingress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_internal_vms_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_tcp_ingress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_tcp_egress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_tcp_egress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) if not test_obj.get_nic_tcp_ingress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_tcp_internal_vms_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_tcp_egress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_udp_ingress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_udp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_udp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_udp_egress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_udp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_udp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_icmp_ingress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_icmp_ingress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_internal_vms_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_icmp_ingress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_icmp_egress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_icmp_egress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) #if not test_obj.get_nic_icmp_ingress_rules(nic_uuid): # checker = sg_checker.zstack_kvm_sg_icmp_internal_vms_checker() # checker.set_nic_uuid(nic_uuid) # kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_icmp_egress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) else: #TODO: only do iptables rules check checker = sg_checker.zstack_kvm_sg_tcp_ingress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_egress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_egress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_ingress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_udp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_udp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) for test_vm in test_obj.get_detached_vm(): vm = test_vm.vm if not test_lib.lib_is_vm_kvm(vm): continue checker = sg_checker.zstack_kvm_sg_tcp_ingress_exist_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_egress_exist_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_egress_exist_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_ingress_exist_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_udp_ingress_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_udp_egress_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) return kvm_sg_checker_chain
def create_checker(self, test_obj): kvm_sg_checker_chain = checker_header.CheckerChain() checker_dict = {} for nic_uuid in test_obj.get_all_nics(): target_vm = test_obj.get_vm_by_nic(nic_uuid) if target_vm.state == vm_header.RUNNING: if test_lib.lib_is_vm_sim(target_vm.vm): kvm_sg_checker_chain.add_checker( db_checker.zstack_sg_db_checker(True), test_obj) continue if not test_lib.lib_is_vm_kvm(target_vm.vm): continue if test_obj.get_nic_tcp_ingress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_tcp_ingress_exist_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_internal_vms_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_tcp_ingress_exist_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_tcp_egress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_tcp_egress_exist_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) if not test_obj.get_nic_tcp_ingress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_tcp_internal_vms_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker( checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_tcp_egress_exist_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_udp_ingress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_udp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_udp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_udp_egress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_udp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_udp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_icmp_ingress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_icmp_ingress_exist_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_internal_vms_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_icmp_ingress_exist_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) if test_obj.get_nic_icmp_egress_rules(nic_uuid): checker = sg_checker.zstack_kvm_sg_icmp_egress_exist_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, True, test_obj) #if not test_obj.get_nic_icmp_ingress_rules(nic_uuid): # checker = sg_checker.zstack_kvm_sg_icmp_internal_vms_checker() # checker.set_nic_uuid(nic_uuid) # kvm_sg_checker_chain.add_checker(checker, True, test_obj) else: checker = sg_checker.zstack_kvm_sg_icmp_egress_exist_checker( ) checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) else: #TODO: only do iptables rules check checker = sg_checker.zstack_kvm_sg_tcp_ingress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_egress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_egress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_ingress_exist_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_udp_ingress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_udp_egress_checker() checker.set_nic_uuid(nic_uuid) kvm_sg_checker_chain.add_checker(checker, False, test_obj) for test_vm in test_obj.get_detached_vm(): vm = test_vm.vm if not test_lib.lib_is_vm_kvm(vm): continue checker = sg_checker.zstack_kvm_sg_tcp_ingress_exist_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_tcp_egress_exist_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_egress_exist_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_icmp_ingress_exist_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_udp_ingress_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) checker = sg_checker.zstack_kvm_sg_udp_egress_checker() checker.set_vm(vm) kvm_sg_checker_chain.add_checker(checker, False, test_obj) return kvm_sg_checker_chain