Difference between revisions of "Neutron/FWaaS/HowToInstall"
(→Checkout Test branches) |
(→CLI Walkthough) |
||
| Line 13: | Line 13: | ||
| − | == CLI Walkthough == | + | == CLI/REST Walkthough == |
| + | |||
| + | export q_url=http://<quantum-server-ip>:9696/v2.0 | ||
| + | |||
| + | and | ||
| + | |||
| + | export auth_token=<auth_token> | ||
| + | |||
| + | where <auth_token> is the token obtained from: | ||
| + | |||
| + | keystone token-get | ||
| + | |||
| + | Using curl you can do the following: | ||
| + | |||
| + | To list firewalls, firewall_policies, firewall_rules: | ||
| + | |||
| + | curl -X GET -H "X-Auth-Token: $auth_token" $q_url/fw/firewalls | python -mjson.tool | ||
| + | curl -X GET -H "X-Auth-Token: $auth_token" $q_url/fw/firewall_policies | python -mjson.tool | ||
| + | curl -X GET -H "X-Auth-Token: $auth_token" $q_url/fw/firewall_rules | python -mjson.tool | ||
| + | |||
| + | Create firewall rule: | ||
| + | curl -X POST -H "X-Auth-Token: $auth_token" -H "Content-type:application/json" -d '{"firewall_rule": {"protocol": "tcp", "destination_port": "80", "action": "allow"}}' $q_url/fw/firewall_rules | ||
| + | |||
| + | Create firwall policy: | ||
| + | curl -X POST -H "X-Auth-Token: $auth_token" -H "Content-type:application/json" -d '{"firewall_policy": {"name": "fwasspolicy"} }' $q_url/fw/firewall_policies | ||
| + | |||
| + | Add rule to policy (this could have been done while creating the firewall policy too): | ||
| + | curl -X PUT -H "X-Auth-Token: $auth_token" -H "Content-type:application/json" -d '{"firewall_policy": {"firewall_rule_list": ["1d47c609-8fd1-4aad-97fd-157887c47b4f"]}}' $q_url/fw/firewall_policies/9c50d2d0-3a85-4ed7-a20f-bef8c08233e3 | ||
| + | |||
| + | Create the firewall with the policy association: | ||
| + | curl -X POST -H "X-Auth-Token: $auth_token" -H "Content-type:application/json" -d '{"firewall": {"name": "fwasstest", "firewall_policy_id": "9c50d2d0-3a85-4ed7-a20f-bef8c08233e3"} }' $q_url/fw/firewalls | ||
| + | |||
| + | Delete the firewall: | ||
| + | curl -X DELETE -H "X-Auth-Token: $auth_token" $q_url/fw/firewalls/9649548e-b87f-4c56-bbb7-5ee84b316da1 | ||
=== Setup === | === Setup === | ||
=== Cleanup === | === Cleanup === | ||
Revision as of 05:35, 8 July 2013
Contents
Installation
Checkout Test branches
API, Agent and Driver code: https://review.openstack.org/#/c/34074/
CLI (not tested well yet): https://review.openstack.org/#/c/33187/
Setup Params
CLI/REST Walkthough
export q_url=http://<quantum-server-ip>:9696/v2.0
and
export auth_token=<auth_token>
where <auth_token> is the token obtained from:
keystone token-get
Using curl you can do the following:
To list firewalls, firewall_policies, firewall_rules:
curl -X GET -H "X-Auth-Token: $auth_token" $q_url/fw/firewalls | python -mjson.tool curl -X GET -H "X-Auth-Token: $auth_token" $q_url/fw/firewall_policies | python -mjson.tool curl -X GET -H "X-Auth-Token: $auth_token" $q_url/fw/firewall_rules | python -mjson.tool
Create firewall rule: curl -X POST -H "X-Auth-Token: $auth_token" -H "Content-type:application/json" -d '{"firewall_rule": {"protocol": "tcp", "destination_port": "80", "action": "allow"}}' $q_url/fw/firewall_rules
Create firwall policy: curl -X POST -H "X-Auth-Token: $auth_token" -H "Content-type:application/json" -d '{"firewall_policy": {"name": "fwasspolicy"} }' $q_url/fw/firewall_policies
Add rule to policy (this could have been done while creating the firewall policy too): curl -X PUT -H "X-Auth-Token: $auth_token" -H "Content-type:application/json" -d '{"firewall_policy": {"firewall_rule_list": ["1d47c609-8fd1-4aad-97fd-157887c47b4f"]}}' $q_url/fw/firewall_policies/9c50d2d0-3a85-4ed7-a20f-bef8c08233e3
Create the firewall with the policy association: curl -X POST -H "X-Auth-Token: $auth_token" -H "Content-type:application/json" -d '{"firewall": {"name": "fwasstest", "firewall_policy_id": "9c50d2d0-3a85-4ed7-a20f-bef8c08233e3"} }' $q_url/fw/firewalls
Delete the firewall: curl -X DELETE -H "X-Auth-Token: $auth_token" $q_url/fw/firewalls/9649548e-b87f-4c56-bbb7-5ee84b316da1
