devstack/exercises/sec_groups.sh
Dean Troyer da85cdadd9 Exercise cleanup
* Make common steps consistent
* Make comments consistent

aggregates.sh
boot_from_volume.sh
client-args.sh
client-env.sh
euca.sh
floating_ips.sh
sec_groups.sh
swift.sh
volumes.sh

Change-Id: Ib93dcdfdead93c259e3cd184fbc5ccc0a4a87c9a
2013-02-15 12:34:33 -06:00

77 lines
2.1 KiB
Bash
Executable File

#!/usr/bin/env bash
# **sec_groups.sh**
# Test security groups via the command line
echo "*********************************************************************"
echo "Begin DevStack Exercise: $0"
echo "*********************************************************************"
# This script exits on an error so that errors don't compound and you see
# only the first error that occured.
set -o errexit
# Print the commands being run so that we can see the command that triggers
# an error. It is also useful for following allowing as the install occurs.
set -o xtrace
# Settings
# ========
# Keep track of the current directory
EXERCISE_DIR=$(cd $(dirname "$0") && pwd)
TOP_DIR=$(cd $EXERCISE_DIR/..; pwd)
# Import common functions
source $TOP_DIR/functions
# Import configuration
source $TOP_DIR/openrc
# Import exercise configuration
source $TOP_DIR/exerciserc
# Testing Security Groups
# =======================
# List security groups
nova secgroup-list
# Create random name for new sec group and create secgroup of said name
SEC_GROUP_NAME="ex-secgroup-$(openssl rand -hex 4)"
nova secgroup-create $SEC_GROUP_NAME 'a test security group'
# Add some rules to the secgroup
RULES_TO_ADD=( 22 3389 5900 )
for RULE in "${RULES_TO_ADD[@]}"; do
nova secgroup-add-rule $SEC_GROUP_NAME tcp $RULE $RULE 0.0.0.0/0
done
# Check to make sure rules were added
SEC_GROUP_RULES=( $(nova secgroup-list-rules $SEC_GROUP_NAME | grep -v \- | grep -v 'Source Group' | cut -d '|' -f3 | tr -d ' ') )
for i in "${RULES_TO_ADD[@]}"; do
skip=
for j in "${SEC_GROUP_RULES[@]}"; do
[[ $i == $j ]] && { skip=1; break; }
done
[[ -n $skip ]] || exit 1
done
# Delete rules and secgroup
for RULE in "${RULES_TO_ADD[@]}"; do
nova secgroup-delete-rule $SEC_GROUP_NAME tcp $RULE $RULE 0.0.0.0/0
done
# Delete secgroup
nova secgroup-delete $SEC_GROUP_NAME || \
die "Failure deleting security group $SEC_GROUP_NAME"
set +o xtrace
echo "*********************************************************************"
echo "SUCCESS: End DevStack Exercise: $0"
echo "*********************************************************************"