Also add the dhcp ipv6 rules to the default security group.
Change-Id: I4d4fb9ea65eef36fbd816d7c4a671d4fe35356a8
This commit is contained in:
parent
e579cc5943
commit
b1dcabc1a5
|
@ -282,6 +282,38 @@ class ApicMechanismDriver(api_plus.MechanismDriver,
|
|||
conn_track='normal')
|
||||
self.aim.create(aim_ctx, dhcp_ingress_rule, overwrite=True)
|
||||
|
||||
dname = aim_utils.sanitize_display_name(
|
||||
'DefaultSecurityGroupDhcp6EgressRule')
|
||||
dhcp6_egress_rule = aim_resource.SecurityGroupRule(
|
||||
tenant_name=COMMON_TENANT_NAME,
|
||||
security_group_name=sg_name,
|
||||
security_group_subject_name='default',
|
||||
name='dhcp6_egress',
|
||||
display_name=dname,
|
||||
direction='egress',
|
||||
ethertype='ipv6',
|
||||
ip_protocol='udp',
|
||||
from_port='547',
|
||||
to_port='547',
|
||||
conn_track='normal')
|
||||
self.aim.create(aim_ctx, dhcp6_egress_rule, overwrite=True)
|
||||
|
||||
dname = aim_utils.sanitize_display_name(
|
||||
'DefaultSecurityGroupDhcp6IngressRule')
|
||||
dhcp6_ingress_rule = aim_resource.SecurityGroupRule(
|
||||
tenant_name=COMMON_TENANT_NAME,
|
||||
security_group_name=sg_name,
|
||||
security_group_subject_name='default',
|
||||
name='dhcp6_ingress',
|
||||
display_name=dname,
|
||||
direction='ingress',
|
||||
ethertype='ipv6',
|
||||
ip_protocol='udp',
|
||||
from_port='546',
|
||||
to_port='546',
|
||||
conn_track='normal')
|
||||
self.aim.create(aim_ctx, dhcp6_ingress_rule, overwrite=True)
|
||||
|
||||
def _setup_keystone_notification_listeners(self):
|
||||
targets = [oslo_messaging.Target(
|
||||
exchange=self.keystone_notification_exchange,
|
||||
|
|
|
@ -920,6 +920,40 @@ class TestAimMapping(ApicAimTestCase):
|
|||
self.assertEqual('68', sg_rule.to_port)
|
||||
self.assertEqual('normal', sg_rule.conn_track)
|
||||
|
||||
# Check DHCP6 egress SecurityGroupRule.
|
||||
sg_rule = self._get_sg_rule(
|
||||
'dhcp6_egress', 'default', sg_aname, 'common')
|
||||
self.assertEqual('common', sg_rule.tenant_name)
|
||||
self.assertEqual(sg_aname, sg_rule.security_group_name)
|
||||
self.assertEqual('default', sg_rule.security_group_subject_name)
|
||||
self.assertEqual('dhcp6_egress', sg_rule.name)
|
||||
self.assertEqual(
|
||||
'DefaultSecurityGroupDhcp6EgressRule', sg_rule.display_name)
|
||||
self.assertEqual('egress', sg_rule.direction)
|
||||
self.assertEqual('ipv6', sg_rule.ethertype)
|
||||
self.assertEqual('udp', sg_rule.ip_protocol)
|
||||
self.assertEqual([], sg_rule.remote_ips)
|
||||
self.assertEqual('547', sg_rule.from_port)
|
||||
self.assertEqual('547', sg_rule.to_port)
|
||||
self.assertEqual('normal', sg_rule.conn_track)
|
||||
|
||||
# Check DHCP6 ingress SecurityGroupRule.
|
||||
sg_rule = self._get_sg_rule(
|
||||
'dhcp6_ingress', 'default', sg_aname, 'common')
|
||||
self.assertEqual('common', sg_rule.tenant_name)
|
||||
self.assertEqual(sg_aname, sg_rule.security_group_name)
|
||||
self.assertEqual('default', sg_rule.security_group_subject_name)
|
||||
self.assertEqual('dhcp6_ingress', sg_rule.name)
|
||||
self.assertEqual(
|
||||
'DefaultSecurityGroupDhcp6IngressRule', sg_rule.display_name)
|
||||
self.assertEqual('ingress', sg_rule.direction)
|
||||
self.assertEqual('ipv6', sg_rule.ethertype)
|
||||
self.assertEqual('udp', sg_rule.ip_protocol)
|
||||
self.assertEqual([], sg_rule.remote_ips)
|
||||
self.assertEqual('546', sg_rule.from_port)
|
||||
self.assertEqual('546', sg_rule.to_port)
|
||||
self.assertEqual('normal', sg_rule.conn_track)
|
||||
|
||||
def test_network_lifecycle(self):
|
||||
# Test create.
|
||||
net = self._make_network(self.fmt, 'net1', True)['network']
|
||||
|
|
Loading…
Reference in New Issue