public void CreateVMWithNetworkSecurityGroupOnNIC() { using (var undoContext = UndoContext.Current) { undoContext.Start(); using (NetworkTestBase _testFixture = new NetworkTestBase()) { // setup bool storageAccountCreated = false; bool hostedServiceCreated = false; string serviceName = _testFixture.GenerateRandomName(); string deploymentName = _testFixture.GenerateRandomName(); string roleName = _testFixture.GenerateRandomName(); string networkInterfaceName = _testFixture.GenerateRandomName(); string location = _testFixture.ManagementClient.GetDefaultLocation("Storage", "Compute", "PersistentVMRole"); string virtualNetworkName = "virtualNetworkSiteName"; string subnetName = "FrontEndSubnet5"; string storageAccountName = _testFixture.GenerateRandomName().ToLower(); // create Network Security Group string securityGroupName = _testFixture.GenerateRandomNetworkSecurityGroupName(); string securityGroupLabel = _testFixture.GenerateRandomName(); string securityGroupLocation = "North Central US"; _testFixture.CreateNetworkSecurityGroup(securityGroupName, securityGroupLabel, securityGroupLocation); _testFixture.CreateStorageAccount(location, storageAccountName, out storageAccountCreated); _testFixture.SetSimpleVirtualNetwork(); _testFixture.CreateHostedService(location, serviceName, out hostedServiceCreated); var multiNICVMDeployment = _testFixture.CreateMultiNICIaaSDeploymentParameters( serviceName, deploymentName, roleName, networkInterfaceName, storageAccountName, virtualNetworkName, subnetName); var configurationSets = multiNICVMDeployment.Roles.Single( r => string.Equals(r.RoleName, roleName)).ConfigurationSets; configurationSets .Single( cs => string.Equals(cs.ConfigurationSetType, ConfigurationSetTypes.NetworkConfiguration)) .NetworkInterfaces.Single(nic => string.Equals(nic.Name, networkInterfaceName)) .NetworkSecurityGroup = securityGroupName; try { // action 1: create Deployment with NSG _testFixture.ComputeClient.VirtualMachines.CreateDeployment( serviceName, multiNICVMDeployment); // assert 1 NetworkSecurityGroupGetAssociationResponse response = _testFixture.NetworkClient.NetworkSecurityGroups.GetForNetworkInterface( serviceName, deploymentName, roleName, networkInterfaceName); Assert.Equal(securityGroupName, response.Name); var deployment = _testFixture.ComputeClient.Deployments.GetBySlot(serviceName, DeploymentSlot.Production); Assert.Equal( securityGroupName, deployment.Roles.Single(r => string.Equals(r.RoleName, roleName)) .ConfigurationSets.Single( cs => string.Equals(cs.ConfigurationSetType, ConfigurationSetTypes.NetworkConfiguration)) .NetworkInterfaces.Single(nic => string.Equals(nic.Name, networkInterfaceName)) .NetworkSecurityGroup); // action 2: update deployment without NSG configurationSets .Single( cs => string.Equals(cs.ConfigurationSetType, ConfigurationSetTypes.NetworkConfiguration)) .NetworkInterfaces.Single(nic => string.Equals(nic.Name, networkInterfaceName)) .NetworkSecurityGroup = null; _testFixture.ComputeClient.VirtualMachines.Update(serviceName, deploymentName, roleName, new VirtualMachineUpdateParameters() { RoleName = roleName, ConfigurationSets = configurationSets, OSVirtualHardDisk = _testFixture.GetOSVirtualHardDisk(storageAccountName, serviceName) }); // assert 2 deployment = _testFixture.ComputeClient.Deployments.GetBySlot(serviceName, DeploymentSlot.Production); Assert.Null( deployment.Roles.Single(r => string.Equals(r.RoleName, roleName)) .ConfigurationSets.Single( cs => string.Equals(cs.ConfigurationSetType, ConfigurationSetTypes.NetworkConfiguration)) .NetworkInterfaces.Single(nic => string.Equals(nic.Name, networkInterfaceName)) .NetworkSecurityGroup); } finally { if (hostedServiceCreated) { _testFixture.ComputeClient.HostedServices.DeleteAll(serviceName); } } } } }
public void AddAndRemoveNetworkSecurityGroupToRole() { using (var undoContext = UndoContext.Current) { undoContext.Start(); using (NetworkTestBase _testFixture = new NetworkTestBase()) { // setup bool storageAccountCreated = false; bool hostedServiceCreated = false; string serviceName = _testFixture.GenerateRandomName(); string deploymentName = _testFixture.GenerateRandomName(); string roleName = "WebRole1"; string location = _testFixture.ManagementClient.GetDefaultLocation("Storage", "Compute", "PersistentVMRole"); string storageAccountName = _testFixture.GenerateRandomName().ToLower(); // create Network Security Group string securityGroupName = _testFixture.GenerateRandomNetworkSecurityGroupName(); string securityGroupLabel = _testFixture.GenerateRandomName(); string securityGroupLocation = "North Central US"; _testFixture.CreateNetworkSecurityGroup(securityGroupName, securityGroupLabel, securityGroupLocation); _testFixture.CreateStorageAccount(location, storageAccountName, out storageAccountCreated); _testFixture.SetSimpleVirtualNetwork(); _testFixture.CreateHostedService(location, serviceName, out hostedServiceCreated); var deployment = _testFixture.CreatePaaSDeployment( storageAccountName, serviceName, deploymentName, NetworkTestConstants.OneWebOneWorkerPkgFilePath, NetworkTestConstants.VnetOneWebOneWorkerCscfgFilePath, startDeployment: true); try { // action 1 var associationParams = new NetworkSecurityGroupAddAssociationParameters(securityGroupName); _testFixture.NetworkClient.NetworkSecurityGroups.AddToRole(serviceName, deploymentName, roleName, associationParams); // assert 1 NetworkSecurityGroupGetAssociationResponse response = _testFixture.NetworkClient.NetworkSecurityGroups.GetForRole(serviceName, deploymentName, roleName); Assert.Equal(associationParams.Name, response.Name); // action 2 _testFixture.NetworkClient.NetworkSecurityGroups.RemoveFromRole( serviceName, deploymentName, roleName, securityGroupName); // assert 2 Assert.Throws <CloudException>(() => _testFixture.NetworkClient.NetworkSecurityGroups.GetForRole(serviceName, deploymentName, roleName)); } finally { if (storageAccountCreated) { _testFixture.StorageClient.StorageAccounts.Delete(storageAccountName); } if (hostedServiceCreated) { _testFixture.ComputeClient.HostedServices.DeleteAll(serviceName); } } } } }
public void AddAndRemoveNetworkSecurityGroupToNIC() { using (var undoContext = UndoContext.Current) { undoContext.Start(); using (NetworkTestBase _testFixture = new NetworkTestBase()) { // setup bool storageAccountCreated = false; bool hostedServiceCreated = false; string serviceName = _testFixture.GenerateRandomName(); string deploymentName = _testFixture.GenerateRandomName(); string roleName = _testFixture.GenerateRandomName(); string networkInterfaceName = _testFixture.GenerateRandomName(); string location = _testFixture.ManagementClient.GetDefaultLocation("Storage", "Compute", "PersistentVMRole"); string virtualNetworkName = "virtualNetworkSiteName"; string subnetName = "FrontEndSubnet5"; string storageAccountName = _testFixture.GenerateRandomName().ToLower(); // create Network Security Group string securityGroupName = _testFixture.GenerateRandomNetworkSecurityGroupName(); string securityGroupLabel = _testFixture.GenerateRandomName(); string securityGroupLocation = "North Central US"; _testFixture.CreateNetworkSecurityGroup(securityGroupName, securityGroupLabel, securityGroupLocation); _testFixture.CreateStorageAccount(location, storageAccountName, out storageAccountCreated); _testFixture.SetSimpleVirtualNetwork(); _testFixture.CreateHostedService(location, serviceName, out hostedServiceCreated); _testFixture.ComputeClient.VirtualMachines.CreateDeployment( serviceName, _testFixture.CreateMultiNICIaaSDeploymentParameters( serviceName, deploymentName, roleName, networkInterfaceName, storageAccountName, virtualNetworkName, subnetName)); try { // action 1 var associationParams = new NetworkSecurityGroupAddAssociationParameters(securityGroupName); _testFixture.NetworkClient.NetworkSecurityGroups.AddToNetworkInterface( serviceName, deploymentName, roleName, networkInterfaceName, associationParams); // assert 1 NetworkSecurityGroupGetAssociationResponse response = _testFixture.NetworkClient.NetworkSecurityGroups.GetForNetworkInterface( serviceName, deploymentName, roleName, networkInterfaceName); Assert.Equal(associationParams.Name, response.Name); // action 2 _testFixture.NetworkClient.NetworkSecurityGroups.RemoveFromNetworkInterface( serviceName, deploymentName, roleName, networkInterfaceName, securityGroupName); // assert 2 Assert.Throws <CloudException>(() => _testFixture.NetworkClient.NetworkSecurityGroups.GetForNetworkInterface( serviceName, deploymentName, roleName, networkInterfaceName)); } finally { if (hostedServiceCreated) { _testFixture.ComputeClient.HostedServices.DeleteAll(serviceName); } } } } }
public override void ExecuteCmdlet() { NetworkSecurityGroupGetAssociationResponse assocResponse = null; string warningAssociationNotFullyCrated = null; if (string.Equals(this.ParameterSetName, GetNetworkSecurityGroupAssociationForSubnet)) { assocResponse = Client.GetNetworkSecurityGroupForSubnet(VirtualNetworkName, SubnetName); warningAssociationNotFullyCrated = string.Format( Resources.NetworkSecurityGroupNotActiveInSubnet, assocResponse.Name, VirtualNetworkName, SubnetName); } else { this.obtainedDeploymentName = Client.GetDeploymentName(this.VM, this.Slot, this.ServiceName); if (string.Equals(this.ParameterSetName, GetNetworkSecurityGroupAssociationForIaaSRole)) { this.RoleName = this.VM.Name; } if (string.IsNullOrEmpty(this.NetworkInterfaceName)) { assocResponse = Client.GetNetworkSecurityGroupForRole( this.ServiceName, this.obtainedDeploymentName, this.RoleName); warningAssociationNotFullyCrated = string.Format( Resources.NetworkSecurityGroupNotActiveInRole, assocResponse.Name, this.ServiceName, this.obtainedDeploymentName, this.RoleName); } else { assocResponse = Client.GetNetworkSecurityGroupForNetworkInterface( this.ServiceName, this.obtainedDeploymentName, this.RoleName, this.NetworkInterfaceName); warningAssociationNotFullyCrated = string.Format( Resources.NetworkSecurityGroupNotActiveInNIC, assocResponse.Name, this.ServiceName, this.obtainedDeploymentName, this.RoleName, this.NetworkInterfaceName); } } if (assocResponse.State != "Created") { WriteWarningWithTimestamp(warningAssociationNotFullyCrated); } INetworkSecurityGroup securityGroup = Client.GetNetworkSecurityGroup(assocResponse.Name, Detailed); WriteObject(securityGroup); }