def acl_table(duthosts, rand_one_dut_hostname, setup, stage, ip_version): """Apply ACL table configuration and remove after tests. Args: duthosts: All DUTs belong to the testbed. rand_one_dut_hostname: hostname of a random chosen dut to run test. setup: Parameters for the ACL tests. stage: The ACL stage under test. ip_version: The IP version under test Yields: The ACL table configuration. """ table_name = "DATA_{}_{}_TEST".format(stage.upper(), ip_version.upper()) acl_table_config = { "table_name": table_name, "table_ports": ",".join(setup["acl_table_ports"]['']), "table_stage": stage, "table_type": "L3" if ip_version == "ipv4" else "L3V6" } logger.info("Generated ACL table configuration:\n{}".format( pprint.pformat(acl_table_config))) dut_to_analyzer_map = {} for duthost in duthosts: loganalyzer = LogAnalyzer(ansible_host=duthost, marker_prefix="acl") loganalyzer.load_common_config() dut_to_analyzer_map[duthost] = loganalyzer try: loganalyzer.expect_regex = [LOG_EXPECT_ACL_TABLE_CREATE_RE] # Ignore any other errors to reduce noise loganalyzer.ignore_regex = [r".*"] with loganalyzer: create_or_remove_acl_table(duthost, acl_table_config, setup, "add") except LogAnalyzerError as err: # Cleanup Config DB if table creation failed logger.error( "ACL table creation failed, attempting to clean-up...") create_or_remove_acl_table(duthost, acl_table_config, setup, "remove") raise err try: yield acl_table_config finally: for duthost, loganalyzer in dut_to_analyzer_map.items(): loganalyzer.expect_regex = [LOG_EXPECT_ACL_TABLE_REMOVE_RE] with loganalyzer: create_or_remove_acl_table(duthost, acl_table_config, setup, "remove")
def acl_rules(self, duthosts, localhost, setup, acl_table, populate_vlan_arp_entries, tbinfo, ip_version): """Setup/teardown ACL rules for the current set of tests. Args: duthosts: All DUTs belong to the testbed. rand_one_dut_hostname: hostname of a random chosen dut to run test. localhost: The host from which tests are run. setup: Parameters for the ACL tests. acl_table: Configuration info for the ACL table. populate_vlan_arp_entries: A function to populate ARP/FDB tables for VLAN interfaces. """ dut_to_analyzer_map = {} for duthost in duthosts: loganalyzer = LogAnalyzer(ansible_host=duthost, marker_prefix="acl_rules") loganalyzer.load_common_config() dut_to_analyzer_map[duthost] = loganalyzer try: loganalyzer.expect_regex = [LOG_EXPECT_ACL_RULE_CREATE_RE] # Ignore any other errors to reduce noise loganalyzer.ignore_regex = [r".*"] with loganalyzer: self.setup_rules(duthost, acl_table, ip_version) self.post_setup_hook(duthost, localhost, populate_vlan_arp_entries, tbinfo) assert self.check_rule_counters( duthost), "Rule counters should be ready!" except LogAnalyzerError as err: # Cleanup Config DB if rule creation failed logger.error( "ACL rule application failed, attempting to clean-up...") self.teardown_rules(duthost) raise err try: yield finally: for duthost, loganalyzer in dut_to_analyzer_map.items(): loganalyzer.expect_regex = [LOG_EXPECT_ACL_RULE_REMOVE_RE] with loganalyzer: logger.info("Removing ACL rules") self.teardown_rules(duthost)