| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226 |
- # Copyright 2020 Dell Inc. or its subsidiaries. All Rights Reserved.
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- ---
- # OMNIA_UKP_US_VFKP_TC_007
- # Execute k8s_firewalld role in manager and compute nodes with os installed centos 7.9
- - name: OMNIA_UKP_US_VFKP_TC_007
- hosts: manager, compute
- gather_facts: false
- vars_files:
- - test_vars/test_k8s_firewalld_vars.yml
- - ../roles/k8s_firewalld/vars/main.yml
- tasks:
- - block:
- - name: Call k8s_firewalld role
- include_role:
- name: ../roles/k8s_firewalld
- tags: TC_007
- - name: Start and enable firewalld
- service:
- name: firewalld
- state: started
- enabled: yes
- tags: TC_007, VERIFY_007
- - name: Checking firewalld open ports on manager node
- command: firewall-cmd --list-ports
- register: manager_firewalld_ports
- when: "'manager' in group_names"
- tags: TC_007, VERIFY_007
- - name: Checking firewalld open ports on compute node
- command: firewall-cmd --list-ports
- register: compute_firewalld_ports
- when: "'compute' in group_names"
- tags: TC_007, VERIFY_007
- - name: Validating K8s port on manager node
- assert:
- that:
- - "'6443' in manager_firewalld_ports.stdout"
- - "'2379-2380' in manager_firewalld_ports.stdout"
- - "'10250' in manager_firewalld_ports.stdout"
- - "'10251' in manager_firewalld_ports.stdout"
- - "'10252' in manager_firewalld_ports.stdout"
- fail_msg: "{{ manager_k8s_ports_status_fail_msg }}"
- success_msg: "{{ manager_k8s_ports_status_success_msg }}"
- when: "'manager' in group_names"
- tags: TC_007, VERIFY_007
- - name: Validating K8s port on compute node
- assert:
- that:
- - "'10250' in compute_firewalld_ports.stdout"
- - "'30000-32767' in compute_firewalld_ports.stdout"
- fail_msg: "{{ compute_k8s_ports_status_fail_msg }}"
- success_msg: "{{ compute_k8s_ports_status_success_msg }}"
- when: "'compute' in group_names"
- tags: TC_007, VERIFY_007
- - name: Validating Calico udp/tcp ports on manager nodes
- assert:
- that:
- - "'4789' in manager_firewalld_ports.stdout"
- - "'5473' in manager_firewalld_ports.stdout"
- - "'179' in manager_firewalld_ports.stdout"
- fail_msg: "{{ calico_ports_manager_fail_msg }}"
- success_msg: "{{ calico_ports_manager_success_msg }}"
- when: "k8s_cni == 'calico' and 'manager' in group_names"
- tags: TC_007, VERIFY_007
- - name: Validating Calico udp/tcp ports on compute nodes
- assert:
- that:
- - "'4789' in compute_firewalld_ports.stdout"
- - "'5473' in compute_firewalld_ports.stdout"
- - "'179' in compute_firewalld_ports.stdout"
- fail_msg: "{{ calico_ports_compute_fail_msg }}"
- success_msg: "{{ calico_ports_compute_success_msg }}"
- when: "k8s_cni == 'calico' and 'compute' in group_names"
- tags: TC_007, VERIFY_007
- - name: Validating Flannel ports on manager nodes
- assert:
- that:
- - "'8285' in manager_firewalld_ports.stdout"
- - "'8472' in manager_firewalld_ports.stdout"
- fail_msg: "{{ flannel_ports_manager_fail_msg }}"
- success_msg: "{{ flannel_ports_manager_success_msg }}"
- when: "k8s_cni == 'flannel' and 'manager' in group_names"
- tags: TC_007, VERIFY_007
- - name: Validating Flannel ports on compute nodes
- assert:
- that:
- - "'8285' in compute_firewalld_ports.stdout"
- - "'8472' in compute_firewalld_ports.stdout"
- fail_msg: "{{ flannel_ports_compute_fail_msg }}"
- success_msg: "{{ flannel_ports_compute_success_msg }}"
- when: "k8s_cni == 'flannel' and 'compute' in group_names"
- tags: TC_007, VERIFY_007
- - name: Stop and disable firewalld
- service:
- name: firewalld
- state: stopped
- enabled: no
- tags: TC_007, VERIFY_007
- # OMNIA_UKP_US_VFKP_TC_008
- # Execute k8s_firewalld role in manager and compute nodes with K8s ports already opened
- - name: OMNIA_UKP_US_VFKP_TC_008
- hosts: manager, compute
- gather_facts: false
- vars_files:
- - test_vars/test_k8s_firewalld_vars.yml
- - ../roles/k8s_firewalld/vars/main.yml
- tasks:
- - block:
- - name: Call k8s_firewalld role
- include_role:
- name: ../roles/k8s_firewalld
- tags: TC_008
- - name: Start and enable firewalld
- service:
- name: firewalld
- state: started
- enabled: yes
- tags: TC_008, VERIFY_008
- - name: Checking firewalld open ports on manager node
- command: firewall-cmd --list-ports
- register: manager_firewalld_ports
- when: "'manager' in group_names"
- tags: TC_008, VERIFY_008
- - name: Checking firewalld open ports on compute node
- command: firewall-cmd --list-ports
- register: compute_firewalld_ports
- when: "'compute' in group_names"
- tags: TC_008, VERIFY_008
- - name: Validating K8s port on manager node
- assert:
- that:
- - "'6443' in manager_firewalld_ports.stdout"
- - "'2379-2380' in manager_firewalld_ports.stdout"
- - "'10250' in manager_firewalld_ports.stdout"
- - "'10251' in manager_firewalld_ports.stdout"
- - "'10252' in manager_firewalld_ports.stdout"
- fail_msg: "{{ manager_k8s_ports_status_fail_msg }}"
- success_msg: "{{ manager_k8s_ports_status_success_msg }}"
- when: "'manager' in group_names"
- tags: TC_008, VERIFY_008
- - name: Validating K8s port on compute node
- assert:
- that:
- - "'10250' in compute_firewalld_ports.stdout"
- - "'30000-32767' in compute_firewalld_ports.stdout"
- fail_msg: "{{ compute_k8s_ports_status_fail_msg }}"
- success_msg: "{{ compute_k8s_ports_status_success_msg }}"
- when: "'compute' in group_names"
- tags: TC_008, VERIFY_008
- - name: Validating Calico udp/tcp ports on manager nodes
- assert:
- that:
- - "'4789' in manager_firewalld_ports.stdout"
- - "'5473' in manager_firewalld_ports.stdout"
- - "'179' in manager_firewalld_ports.stdout"
- fail_msg: "{{ calico_ports_manager_fail_msg }}"
- success_msg: "{{ calico_ports_manager_success_msg }}"
- when: "k8s_cni == 'calico' and 'manager' in group_names"
- tags: TC_008, VERIFY_008
- - name: Validating Calico udp/tcp ports on compute nodes
- assert:
- that:
- - "'4789' in compute_firewalld_ports.stdout"
- - "'5473' in compute_firewalld_ports.stdout"
- - "'179' in compute_firewalld_ports.stdout"
- fail_msg: "{{ calico_ports_compute_fail_msg }}"
- success_msg: "{{ calico_ports_compute_success_msg }}"
- when: "k8s_cni == 'calico' and 'compute' in group_names"
- tags: TC_008, VERIFY_008
- - name: Validating Flannel ports on manager nodes
- assert:
- that:
- - "'8285' in manager_firewalld_ports.stdout"
- - "'8472' in manager_firewalld_ports.stdout"
- fail_msg: "{{ flannel_ports_manager_fail_msg }}"
- success_msg: "{{ flannel_ports_manager_success_msg }}"
- when: "k8s_cni == 'flannel' and 'manager' in group_names"
- tags: TC_008, VERIFY_008
- - name: Validating Flannel ports on compute nodes
- assert:
- that:
- - "'8285' in compute_firewalld_ports.stdout"
- - "'8472' in compute_firewalld_ports.stdout"
- fail_msg: "{{ flannel_ports_compute_fail_msg }}"
- success_msg: "{{ flannel_ports_compute_success_msg }}"
- when: "k8s_cni == 'flannel' and 'compute' in group_names"
- tags: TC_008, VERIFY_008
- - name: Stop and disable firewalld
- service:
- name: firewalld
- state: stopped
- enabled: no
- tags: TC_008, VERIFY_008
|
