Add service ports, ssh port, SNAT rule in nftables
ref: INF-138
Change-Id: I94a80467b30416a288b4a2ac6325427123df4d7d
diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml
index a96350c..1c1a647 100644
--- a/molecule/default/verify.yml
+++ b/molecule/default/verify.yml
@@ -6,7 +6,52 @@
- name: Verify
hosts: all
+ become: true
+ vars:
+ nginx_static_dir: "/srv/sites"
tasks:
- - name: example assertion
- assert:
- that: true
+ - name: Create a test file to be served for port 8080, 8081 nginx server
+ lineinfile:
+ path: "{{ nginx_static_dir }}/{{ item }}.example.com/index.html"
+ line: "This file is served from {{ item }}.example.com"
+ mode: 0644
+ create: true
+ with_items:
+ - "port8080"
+ - "port8081"
+ - name: Create Docker container script
+ file:
+ dest: /tmp/docker_script.sh
+ state: touch
+ - name: Write content into Docker container script
+ lineinfile:
+ dest: /tmp/docker_script.sh
+ line: "{{ item }}"
+ with_items:
+ - "curl 172.17.0.1:8080 --connect-timeout 1 || exit 1"
+ - "curl 172.17.0.1:8081 --connect-timeout 1 || exit 1"
+ - "curl 172.27.0.1:8080 --connect-timeout 1 || exit 1"
+ - "curl 172.27.0.1:8081 --connect-timeout 1 && exit 1"
+ - "sleep 3600"
+ - name: Start a testing container
+ docker_container:
+ name: curl
+ image: curlimages/curl
+ state: started
+ entrypoint: "sh script.sh"
+ networks:
+ - name: bridge
+ - name: limited_network
+ volumes:
+ - /tmp/docker_script.sh:/script.sh
+ - name: Sleep for 5 seconds for curl execution
+ wait_for:
+ timeout: 5
+ - name: Get container's information
+ docker_container_info:
+ name: curl
+ register: result
+ - name: Check container is live (it'll be live if test pass)
+ docker_container_info:
+ name: curl
+ failed_when: result.container["State"]["Running"] != true