[ODL-SFC] Open port 22 in default secgroup for sfc scenario

JIRA: SFC-48

After some troublehsooting done in Boron RC3.5, vPing
doesn't work because the instances are created on 2
security groups. One (vping-sg) opens port 22 but
the default secgroup doesn't. This patch allows port
22 also on the default and therefore vPing passes.

This patch is to workaround a bug in ODL. The bug
will be reported to the corresponding community.

Change-Id: I807249d42cebe7c8dccd78a3496c1d34996d73ee
Signed-off-by: jose.lausuch <jose.lausuch@ericsson.com>
(cherry picked from commit 738246d6c7ea3e175f49d75b87c60ed3a0a0f601)

diff --git a/ci/exec_test.sh b/ci/exec_test.sh
index e402e0c..791a80b 100755 (executable)
--- a/ci/exec_test.sh
+++ b/ci/exec_test.sh
@@ -60,6 +60,18 @@ function odl_tests(){
     fi
 }
 
+function sfc_prepare(){
+    ids=($(neutron security-group-list|grep default|awk '{print $2}'))
+    for id in ${ids[@]}; do
+        if ! neutron security-group-show $id|grep 22 &>/dev/null; then
+            neutron security-group-rule-create --protocol tcp \
+                --port-range-min 22 --port-range-max 22 --direction ingress $id
+            neutron security-group-rule-create --protocol tcp \
+                --port-range-min 22 --port-range-max 22 --direction egress $id
+        fi
+    done
+}
+
 function run_test(){
     test_name=$1
     serial_flag=""
@@ -200,6 +212,10 @@ done
 echo "Sourcing Credentials ${FUNCTEST_CONF_DIR}/openstack.creds to run the test.."
 source ${FUNCTEST_CONF_DIR}/openstack.creds
 
+# ODL Boron workaround to create additional flow rules to allow port 22 TCP
+if [[ $DEPLOY_SCENARIO == *"odl_l2-sfc"* ]]; then
+    sfc_prepare
+fi
 
 # Run test
 run_test $TEST