summaryrefslogtreecommitdiffstats
path: root/openshift-storage-libs
diff options
context:
space:
mode:
authorvamahaja <vamahaja@redhat.com>2019-09-25 19:19:47 +0530
committerNitin Goyal <nigoyal@redhat.com>2019-10-17 12:39:36 +0530
commitd0ef143cc10a74ea2f8a311e1f97088c9b9edcfc (patch)
treec29d7a2f738be5d2fbd8f0297250b921f15a191d /openshift-storage-libs
parent3f426edceec3b33976bb3c00d7bc63ee0de3cbfb (diff)
Add library to add/remove iptables rule on host
Change-Id: I1055b232711c95fdbf89ba9fe8b9d61a561fbcd5 Signed-off-by: vamahaja <vamahaja@redhat.com>
Diffstat (limited to 'openshift-storage-libs')
-rw-r--r--openshift-storage-libs/openshiftstoragelibs/node_ops.py50
1 files changed, 50 insertions, 0 deletions
diff --git a/openshift-storage-libs/openshiftstoragelibs/node_ops.py b/openshift-storage-libs/openshiftstoragelibs/node_ops.py
index 8ca5674..5811e15 100644
--- a/openshift-storage-libs/openshiftstoragelibs/node_ops.py
+++ b/openshift-storage-libs/openshiftstoragelibs/node_ops.py
@@ -4,6 +4,7 @@ from glustolibs.gluster.exceptions import ExecutionError
from glusto.core import Glusto as g
from openshiftstoragelibs.cloundproviders.vmware import VmWare
+from openshiftstoragelibs import command
from openshiftstoragelibs import exceptions
from openshiftstoragelibs import waiter
@@ -178,3 +179,52 @@ def power_on_vm_by_name(name, timeout=600, interval=10):
g.log.info(e)
if w.expired:
raise exceptions.CloudProviderError(e)
+
+
+def node_add_iptables_rules(node, chain, rules, raise_on_error=True):
+ """Append iptables rules
+
+ Args:
+ node (str): Node on which iptables rules should be added.
+ chain (str): iptables chain in which rule(s) need to be appended.
+ rules (str|tuple|list): Rule(s) which need(s) to be added to a chain.
+ Reuturns:
+ None
+ Exception:
+ AssertionError: In case command fails to execute and
+ raise_on_error set to True
+ """
+ rules = rules if hasattr(rules, '__iter__') else [rules]
+
+ add_iptables_rule_cmd = "iptables --append %s %s"
+ check_iptables_rule_cmd = "iptables --check %s %s"
+ for rule in rules:
+ try:
+ command.cmd_run(check_iptables_rule_cmd % (chain, rule), node)
+ except AssertionError:
+ command.cmd_run(
+ add_iptables_rule_cmd % (chain, rule), node,
+ raise_on_error=raise_on_error)
+
+
+def node_delete_iptables_rules(node, chain, rules, raise_on_error=True):
+ """Delete iptables rules
+
+ Args:
+ node (str): Node on which iptables rules should be deleted.
+ chain (str): iptables chain from which rule(s) need to be deleted.
+ rules (str|tuple|list): Rule(s) which need(s) to be deleted from
+ a chain.
+ Reuturns:
+ None
+ Exception:
+ AssertionError: In case command fails to execute and
+ raise_on_error set to True
+ """
+ rules = rules if hasattr(rules, '__iter__') else [rules]
+
+ delete_iptables_rule_cmd = "iptables --delete %s %s"
+ for rule in rules:
+ command.cmd_run(
+ delete_iptables_rule_cmd % (chain, rule), node,
+ raise_on_error=raise_on_error)