diff options
author | vamahaja <vamahaja@redhat.com> | 2019-09-25 19:19:47 +0530 |
---|---|---|
committer | Nitin Goyal <nigoyal@redhat.com> | 2019-10-17 12:39:36 +0530 |
commit | d0ef143cc10a74ea2f8a311e1f97088c9b9edcfc (patch) | |
tree | c29d7a2f738be5d2fbd8f0297250b921f15a191d | |
parent | 3f426edceec3b33976bb3c00d7bc63ee0de3cbfb (diff) |
Add library to add/remove iptables rule on host
Change-Id: I1055b232711c95fdbf89ba9fe8b9d61a561fbcd5
Signed-off-by: vamahaja <vamahaja@redhat.com>
-rw-r--r-- | openshift-storage-libs/openshiftstoragelibs/node_ops.py | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/openshift-storage-libs/openshiftstoragelibs/node_ops.py b/openshift-storage-libs/openshiftstoragelibs/node_ops.py index 8ca5674b..5811e157 100644 --- a/openshift-storage-libs/openshiftstoragelibs/node_ops.py +++ b/openshift-storage-libs/openshiftstoragelibs/node_ops.py @@ -4,6 +4,7 @@ from glustolibs.gluster.exceptions import ExecutionError from glusto.core import Glusto as g from openshiftstoragelibs.cloundproviders.vmware import VmWare +from openshiftstoragelibs import command from openshiftstoragelibs import exceptions from openshiftstoragelibs import waiter @@ -178,3 +179,52 @@ def power_on_vm_by_name(name, timeout=600, interval=10): g.log.info(e) if w.expired: raise exceptions.CloudProviderError(e) + + +def node_add_iptables_rules(node, chain, rules, raise_on_error=True): + """Append iptables rules + + Args: + node (str): Node on which iptables rules should be added. + chain (str): iptables chain in which rule(s) need to be appended. + rules (str|tuple|list): Rule(s) which need(s) to be added to a chain. + Reuturns: + None + Exception: + AssertionError: In case command fails to execute and + raise_on_error set to True + """ + rules = rules if hasattr(rules, '__iter__') else [rules] + + add_iptables_rule_cmd = "iptables --append %s %s" + check_iptables_rule_cmd = "iptables --check %s %s" + for rule in rules: + try: + command.cmd_run(check_iptables_rule_cmd % (chain, rule), node) + except AssertionError: + command.cmd_run( + add_iptables_rule_cmd % (chain, rule), node, + raise_on_error=raise_on_error) + + +def node_delete_iptables_rules(node, chain, rules, raise_on_error=True): + """Delete iptables rules + + Args: + node (str): Node on which iptables rules should be deleted. + chain (str): iptables chain from which rule(s) need to be deleted. + rules (str|tuple|list): Rule(s) which need(s) to be deleted from + a chain. + Reuturns: + None + Exception: + AssertionError: In case command fails to execute and + raise_on_error set to True + """ + rules = rules if hasattr(rules, '__iter__') else [rules] + + delete_iptables_rule_cmd = "iptables --delete %s %s" + for rule in rules: + command.cmd_run( + delete_iptables_rule_cmd % (chain, rule), node, + raise_on_error=raise_on_error) |