Merge pull request #198 from dev4unet/master

보안그룹 룰 변경 및 확인
cloud-barista · May 12, 2020 · da3e11a · da3e11a
2 parents 792781c + 40232af
commit da3e11a
Show file tree

Hide file tree

Showing 6 changed files with 1,366 additions and 37 deletions.
diff --git a/cloud-control-manager/cloud-driver/drivers/alibaba/main/Test_Resources.go b/cloud-control-manager/cloud-driver/drivers/alibaba/main/Test_Resources.go
@@ -339,8 +339,8 @@ func handleSecurity() {
 	//config := readConfigFile()
 	//VmID := config.Aws.VmID
 
-	securityName := "CB-SecurityTest1"
-	securityId := "sg-6weeb9xaodr65g7bq10c"
+	securityName := "CB-SecurityTestIcmp"
+	securityId := "sg-6wedru4yb4m6qqfvd3sj"
 	vpcId := "vpc-6wei16ufuimfcct41o0xh"
 
 	for {
@@ -400,6 +400,13 @@ func handleSecurity() {
 							IPProtocol: "tcp",
 							Direction:  "inbound",
 						},
+						{
+							FromPort:   "-1",
+							ToPort:     "-1",
+							IPProtocol: "icmp",
+							Direction:  "inbound",
+						},
+
 						{
 							FromPort:   "443",
 							ToPort:     "443",
@@ -908,8 +915,8 @@ func main() {
 	//handleVMSpec()
 	//handleImage() //AMI
 	//handleKeyPair()
-	//handleSecurity()
-	handleVM()
+	handleSecurity()
+	//handleVM()
 
 	//handlePublicIP() // PublicIP 생성 후 conf
 

diff --git a/cloud-control-manager/cloud-driver/drivers/aws/main/Test_Resources.go b/cloud-control-manager/cloud-driver/drivers/aws/main/Test_Resources.go
@@ -36,8 +36,142 @@ func init() {
 	cblog.SetLevel("debug")
 }
 
-// Test SecurityHandler
 func handleSecurity() {
+	cblogger.Debug("Start Security Resource Test")
+
+	ResourceHandler, err := getResourceHandler("Security")
+	if err != nil {
+		panic(err)
+	}
+	handler := ResourceHandler.(irs.SecurityHandler)
+
+	//config := readConfigFile()
+	//VmID := config.Aws.VmID
+
+	securityName := "CB-SecurityTest1"
+	securityId := "sg-0d6a2bb960481ce68"
+	vpcId := "vpc-c0479cab"
+
+	for {
+		fmt.Println("Security Management")
+		fmt.Println("0. Quit")
+		fmt.Println("1. Security List")
+		fmt.Println("2. Security Create")
+		fmt.Println("3. Security Get")
+		fmt.Println("4. Security Delete")
+
+		var commandNum int
+		inputCnt, err := fmt.Scan(&commandNum)
+		if err != nil {
+			panic(err)
+		}
+
+		if inputCnt == 1 {
+			switch commandNum {
+			case 0:
+				return
+
+			case 1:
+				result, err := handler.ListSecurity()
+				if err != nil {
+					cblogger.Infof(" Security 목록 조회 실패 : ", err)
+				} else {
+					cblogger.Info("Security 목록 조회 결과")
+					//cblogger.Info(result)
+					spew.Dump(result)
+					if result != nil {
+						securityId = result[0].IId.SystemId // 조회 및 삭제를 위해 생성된 ID로 변경
+					}
+				}
+
+			case 2:
+				cblogger.Infof("[%s] Security 생성 테스트", securityName)
+
+				securityReqInfo := irs.SecurityReqInfo{
+					IId:    irs.IID{NameId: securityName},
+					VpcIID: irs.IID{SystemId: vpcId},
+					SecurityRules: &[]irs.SecurityRuleInfo{ //보안 정책 설정
+						{
+							FromPort:   "20",
+							ToPort:     "22",
+							IPProtocol: "tcp",
+							Direction:  "inbound",
+						},
+
+						{
+							FromPort:   "80",
+							ToPort:     "80",
+							IPProtocol: "tcp",
+							Direction:  "inbound",
+						},
+						{
+							FromPort:   "8080",
+							ToPort:     "8080",
+							IPProtocol: "tcp",
+							Direction:  "inbound",
+						},
+						{
+							FromPort:   "-1",
+							ToPort:     "-1",
+							IPProtocol: "icmp",
+							Direction:  "inbound",
+						},
+						{
+							FromPort:   "443",
+							ToPort:     "443",
+							IPProtocol: "tcp",
+							Direction:  "outbound",
+						},
+						{
+							FromPort:   "8443",
+							ToPort:     "9999",
+							IPProtocol: "tcp",
+							Direction:  "outbound",
+						},
+						/*
+							{
+								//FromPort:   "8443",
+								//ToPort:     "9999",
+								IPProtocol: "-1", // 모두 허용 (포트 정보 없음)
+								Direction:  "inbound",
+							},
+						*/
+					},
+				}
+
+				result, err := handler.CreateSecurity(securityReqInfo)
+				if err != nil {
+					cblogger.Infof(securityName, " Security 생성 실패 : ", err)
+				} else {
+					cblogger.Infof("[%s] Security 생성 결과 : [%v]", securityName, result)
+					spew.Dump(result)
+				}
+
+			case 3:
+				cblogger.Infof("[%s] Security 조회 테스트", securityId)
+				result, err := handler.GetSecurity(irs.IID{SystemId: securityId})
+				if err != nil {
+					cblogger.Infof(securityId, " Security 조회 실패 : ", err)
+				} else {
+					cblogger.Infof("[%s] Security 조회 결과 : [%v]", securityId, result)
+					spew.Dump(result)
+				}
+
+			case 4:
+				cblogger.Infof("[%s] Security 삭제 테스트", securityId)
+				result, err := handler.DeleteSecurity(irs.IID{SystemId: securityId})
+				if err != nil {
+					cblogger.Infof(securityId, " Security 삭제 실패 : ", err)
+				} else {
+					cblogger.Infof("[%s] Security 삭제 결과 : [%s]", securityId, result)
+				}
+			}
+		}
+	}
+}
+
+// Test SecurityHandler
+func handleSecurityOld() {
 	cblogger.Debug("Start handler")
 
 	ResourceHandler, err := getResourceHandler("Security")
@@ -937,16 +1071,15 @@ func main() {
 		}
 	*/
 
-	//handleVNetwork() //VPC
+	//handleVPC()
 	//handleKeyPair()
 	//handlePublicIP() // PublicIP 생성 후 conf
-	//handleSecurity()
-	handleVM()
+	handleSecurity()
+	//handleVM()
 
 	//handleImage() //AMI
 	//handleVNic() //Lancard
 	//handleVMSpec()
-	//handleVPC()
 
 	/*
 		KeyPairHandler, err := setKeyPairHandler()