def test_disabled_network_port_security(self):
network_client = self.manager.networks_client
port_client = self.manager.ports_client
net_id, network, subnet =\
self.create_project_network_subnet('admin')
kwargs = {'port_security_enabled': 'false'}
# Update network to disbale port security
network_client.update_network(network_id=net_id, **kwargs)
name = 'disabled-port-security-port'
kwargs = {'name': name, 'network_id': net_id}
# Create port under network
port = HELO.create_port(self, client=port_client, **kwargs)
port_id = port['id']
# Check port security of created port
port_details = port_client.show_port(port_id=port_id)
if (port_details['port']['port_security_enabled'] == 'false'):
LOG.info("Port security of port is disabled")
kwargs = {'port_security_enabled': 'true'}
# Update port security of network to enabled
network_client.update_network(network_id=net_id, **kwargs)
name = 'disabled-port-security-port'
kwargs = {'name': name, 'network_id': net_id}
port = HELO.create_port(self, client=port_client, **kwargs)
port_id = port['id']
port_details = port_client.show_port(port_id=port_id)
if (port_details['port']['port_security_enabled'] == 'true'):
LOG.info("Port security of port is enabled")
def test_exclude_list_with_multiple_ports(self):
port_client = self.manager.ports_client
self.green = self.setup_vm_environment(self.manager, 'green', True)
vm_id = self.green['serv1']['id']
net_id = self.green['network']['id']
name = 'disabled-port-security-port1'
kwargs = {
'name': name,
'network_id': net_id,
'port_security_enabled': 'false',
'security_groups': []
}
port1 = HELO.create_port(self, client=port_client, **kwargs)
port2 = HELO.create_port(self, client=port_client, **kwargs)
port1_id = port1['id']
kwargs = {'port_id': port1_id}
self.interface_client.create_interface(vm_id, **kwargs)
items = self.vsm.get_excluded_vm_name_list()
exclude_list = [item.encode('utf-8') for item in items]
for exclude_vm in exclude_list:
if vm_id in exclude_vm:
LOG.info("Vm in exclude list")
name = 'disabled-port-security-port2'
kwargs = {
'name': name,
'network_id': net_id,
'port_security_enabled': 'false'
}
port2_id = port2['id']
kwargs = {'port_id': port2_id}
self.interface_client.create_interface(vm_id, **kwargs)
items = self.vsm.get_excluded_vm_name_list()
exclude_list = [item.encode('utf-8') for item in items]
for exclude_vm in exclude_list:
if vm_id in exclude_vm:
LOG.info("Vm in exclude list")
port_client.update_port(port_id=port2_id, port_security_enabled='true')
items = self.vsm.get_excluded_vm_name_list()
exclude_list = [item.encode('utf-8') for item in items]
for exclude_vm in exclude_list:
if vm_id in exclude_vm:
LOG.info("Vm in exclude list")
port_client.update_port(port_id=port1_id, port_security_enabled='true')
items = self.vsm.get_excluded_vm_name_list()
exclude_list = [item.encode('utf-8') for item in items]
if exclude_vm in exclude_list:
if vm_id not in exclude_vm:
LOG.info("Vm not in exclude list")
self.interface_client.delete_interface(vm_id, port1_id)
self.interface_client.delete_interface(vm_id, port2_id)
def test_exclude_list_with_new_attach_port(self):
port_client = self.manager.ports_client
self.green = self.setup_vm_environment(self.manager, 'green', True)
vm_id = self.green['serv1']['id']
net_id = self.green['network']['id']
name = 'disabled-port-security-port'
kwargs = {
'name': name,
'network_id': net_id,
'port_security_enabled': 'false',
'security_groups': []
}
# Create Port
port = HELO.create_port(self, client=port_client, **kwargs)
port_id = port['id']
kwargs = {'port_id': port_id}
# Attach interface to vm
self.interface_client.create_interface(vm_id, **kwargs)
# Fetch exclude list information from beckend
items = self.vsm.get_excluded_vm_name_list()
exclude_list = [item.encode('utf-8') for item in items]
for exclude_vm in exclude_list:
if vm_id in exclude_vm:
LOG.info("Vm in exclude list")
# Update Port security to disabled
port_client.update_port(port_id=port_id, port_security_enabled='true')
items = self.vsm.get_excluded_vm_name_list()
exclude_list = [item.encode('utf-8') for item in items]
if exclude_vm in exclude_list:
if vm_id not in exclude_vm:
LOG.info("Vm not in exclude list")
# Detach interface from vm
self.interface_client.delete_interface(vm_id, port_id)
def create_port(self, network_id):
port_client = self.manager.ports_client
return HELO.create_port(self,
network_id=network_id,
client=port_client)