From ea55a002cf9669b70ac47bdbe270dd78301bc328 Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Mon, 23 Apr 2018 16:54:03 +0200 Subject: [PATCH] network: Fix security groups for CentOS (#2590) On RHEL/CentOS/Fedora the bridge related sysctl rules are enabled in kernel by default but can only be disabled. Enabling those keys will fail, causing iptables/ebtables tables to not be created and fails SG on CentOS. This also fixes an integration test case, which assumes first few tests complete within 3 minutes. In nested env the value may be large, this increases the value to 20 minutes. Signed-off-by: Rohit Yadav --- scripts/vm/network/security_group.py | 3 +-- test/integration/smoke/test_routers.py | 4 ++-- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py index 6a11057b237..19aa7359081 100755 --- a/scripts/vm/network/security_group.py +++ b/scripts/vm/network/security_group.py @@ -1154,8 +1154,7 @@ def addFWFramework(brname): execute("sysctl -w net.bridge.bridge-nf-call-iptables=1") execute("sysctl -w net.bridge.bridge-nf-call-ip6tables=1") except: - logging.debug("failed to turn on bridge netfilter") - return False + logging.warn("failed to turn on bridge netfilter") brfw = getBrfw(brname) try: diff --git a/test/integration/smoke/test_routers.py b/test/integration/smoke/test_routers.py index dfd5916892f..f84afdb4529 100644 --- a/test/integration/smoke/test_routers.py +++ b/test/integration/smoke/test_routers.py @@ -521,9 +521,9 @@ class TestRouterServices(cloudstackTestCase): ) if str(result[3]) == "min,": self.assertEqual( - (int(result[2]) < 3), + (int(result[2]) < 20), True, - "Check uptime is less than 3 mins or not" + "Check uptime is less than 20 mins or not" ) else: self.assertEqual(