def createNetworkRulesForVM(apiclient, virtualmachine, ruletype, account, networkruledata): """Acquire IP, create Firewall and NAT/StaticNAT rule (associating it with given vm) for that IP""" try: public_ip = PublicIPAddress.create( apiclient,accountid=account.name, zoneid=virtualmachine.zoneid,domainid=account.domainid, networkid=virtualmachine.nic[0].networkid) FireWallRule.create( apiclient,ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[networkruledata["fwrule"]["cidr"]], startport=networkruledata["fwrule"]["startport"], endport=networkruledata["fwrule"]["endport"] ) if ruletype == NAT_RULE: # Create NAT rule NATRule.create(apiclient, virtualmachine, networkruledata["natrule"],ipaddressid=public_ip.ipaddress.id, networkid=virtualmachine.nic[0].networkid) elif ruletype == STATIC_NAT_RULE: # Enable Static NAT for VM StaticNATRule.enable(apiclient,public_ip.ipaddress.id, virtualmachine.id, networkid=virtualmachine.nic[0].networkid) except Exception as e: [FAIL, e] return [PASS, public_ip]
def create_StaticNatRule_For_VM(self, vm, public_ip, network): self.debug("Enabling static NAT for IP: %s" % public_ip.ipaddress.ipaddress) try: StaticNATRule.enable( self.apiclient, ipaddressid=public_ip.ipaddress.id, virtualmachineid=vm.id, networkid=network.id ) self.debug("Static NAT enabled for IP: %s" % public_ip.ipaddress.ipaddress) except Exception as e: self.fail("Failed to enable static NAT on IP: %s - %s" % (public_ip.ipaddress.ipaddress, e))
def create_StaticNatRule_For_VM(self, vm, public_ip, network): self.debug("Enabling static NAT for IP: %s" % public_ip.ipaddress.ipaddress) try: StaticNATRule.enable(self.apiclient, ipaddressid=public_ip.ipaddress.id, virtualmachineid=vm.id, networkid=network.id) self.debug("Static NAT enabled for IP: %s" % public_ip.ipaddress.ipaddress) except Exception as e: self.fail("Failed to enable static NAT on IP: %s - %s" % (public_ip.ipaddress.ipaddress, e))
def delete_StaticNatRule_For_VM(self, vm, public_ip): self.debug("Disabling static NAT for IP: %s" % public_ip.ipaddress.ipaddress) try: StaticNATRule.disable( self.apiclient, ipaddressid=public_ip.ipaddress.id, virtualmachineid=vm.id, ) self.debug("Static NAT disabled for IP: %s" % public_ip.ipaddress.ipaddress) except Exception as e: self.fail("Failed to disabled static NAT on IP: %s - %s" % (public_ip.ipaddress.ipaddress, e))
def delete_StaticNatRule_For_VM(self, vm, public_ip): self.debug("Disabling static NAT for IP: %s" % public_ip.ipaddress.ipaddress) try: StaticNATRule.disable( self.apiclient, ipaddressid=public_ip.ipaddress.id, virtualmachineid=vm.id, ) self.debug("Static NAT disabled for IP: %s" % public_ip.ipaddress.ipaddress) except Exception as e: self.fail("Failed to disabled static NAT on IP: %s - %s" % ( public_ip.ipaddress.ipaddress, e))
def test_disable_static_nat(self, value): """ Add secondary IP to NIC of a VM""" # Steps: # 1. Create Account and create network in it (isoalted/ shared/ vpc) # 2. Deploy a VM in this network and account # 3. Add 2 secondary IPs to the default nic of VM # 4. Acquire public IP, open firewall for it, and # enable static NAT rule for this public IP to the 1st secondary IP # 5. Disable the static nat rule and enable it again # Validations: # 1. Verify step 5 by listing seconday IP and checking the appropriate flag self.account = Account.create(self.apiclient,self.services["account"],domainid=self.domain.id) self.cleanup.append(self.account) network = createNetwork(self, value) try: virtual_machine = VirtualMachine.create(self.apiclient,self.services["virtual_machine"], networkids=[network.id],serviceofferingid=self.service_offering.id, accountid=self.account.name,domainid=self.account.domainid) except Exception as e: self.fail("vm creation failed: %s" % e) try: ipaddress_1 = NIC.addIp(self.apiclient, id=virtual_machine.nic[0].id) except Exception as e: self.fail("Failed while adding secondary IP to NIC of vm %s" % virtual_machine.id) public_ip = PublicIPAddress.create(self.api_client,accountid=self.account.name, zoneid=self.zone.id,domainid=self.account.domainid, networkid=network.id, vpcid = network.vpcid if value == VPC_NETWORK else None) if value != VPC_NETWORK: FireWallRule.create(self.apiclient,ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]], startport=self.services["fwrule"]["startport"],endport=self.services["fwrule"]["endport"]) StaticNATRule.enable(self.apiclient, public_ip.ipaddress.id, virtual_machine.id, network.id, vmguestip=ipaddress_1.ipaddress) self.VerifyStaticNatForPublicIp(public_ip.ipaddress.id, True) # Disabling static NAT StaticNATRule.disable(self.apiclient, public_ip.ipaddress.id) self.VerifyStaticNatForPublicIp(public_ip.ipaddress.id, False) StaticNATRule.enable(self.apiclient, public_ip.ipaddress.id, virtual_machine.id, network.id, vmguestip=ipaddress_1.ipaddress) self.VerifyStaticNatForPublicIp(public_ip.ipaddress.id, True) public_ip.delete(self.apiclient) return
def createNetworkRules(self, virtual_machine, network, vmguestip, networktype, ruletype): """ Acquire public ip in the given network, open firewall if required and create NAT rule for the public ip to the given guest vm ip address""" try: public_ip = PublicIPAddress.create(self.api_client,accountid=self.account.name, zoneid=self.zone.id,domainid=self.account.domainid, networkid=network.id, vpcid = network.vpcid if networktype == VPC_NETWORK else None) if networktype != VPC_NETWORK: FireWallRule.create(self.apiclient,ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]], startport=self.services["fwrule"]["startport"],endport=self.services["fwrule"]["endport"]) if ruletype == "nat": NATRule.create(self.api_client, virtual_machine, self.services["natrule"],ipaddressid=public_ip.ipaddress.id, networkid=network.id, vmguestip = vmguestip) elif ruletype == "staticnat": StaticNATRule.enable(self.apiclient, public_ip.ipaddress.id, virtual_machine.id, network.id, vmguestip=vmguestip) except Exception: return FAIL return PASS