documentation on exercise
diff --git a/exercise.sh b/exercise.sh
index 35ff403..8923b3e 100755
--- a/exercise.sh
+++ b/exercise.sh
@@ -59,8 +59,8 @@
# Create a secgroup
nova secgroup-create $SECGROUP "test_secgroup description"
-# Flavors
-# -------
+# determine flavor
+# ----------------
# List of flavors:
nova flavor-list
@@ -72,6 +72,16 @@
nova boot --flavor $FLAVOR --image $IMAGE $NAME --security_groups=$SECGROUP
+# Testing
+# =======
+
+# First check if it spins up (becomes active and responds to ping on
+# internal ip). If you run this script from a nova node, you should
+# bypass security groups and have direct access to the server.
+
+# Waiting for boot
+# ----------------
+
# let's give it 10 seconds to launch
sleep 10
@@ -89,7 +99,11 @@
sleep 5
ping -c1 -w1 $IP
-# allow icmp traffic
+
+# Security Groups & Floating IPs
+# ------------------------------
+
+# allow icmp traffic (ping)
nova secgroup-add-rule $SECGROUP icmp -1 -1 0.0.0.0/0
# List rules for a secgroup
@@ -99,31 +113,31 @@
nova floating-ip-create
# store floating address
-FIP=`nova floating-ip-list | grep None | head -1 | cut -d '|' -f2 | sed 's/ //g'`
+FLOATING_IP=`nova floating-ip-list | grep None | head -1 | cut -d '|' -f2 | sed 's/ //g'`
# add floating ip to our server
-nova add-floating-ip $NAME $FIP
+nova add-floating-ip $NAME $FLOATING_IP
# sleep for a smidge
sleep 1
-# ping our fip
-ping -c1 -w1 $FIP
+# ping our floating ip
+ping -c1 -w1 $FLOATING_IP
-# dis-allow icmp traffic
+# dis-allow icmp traffic (ping)
nova secgroup-delete-rule $SECGROUP icmp -1 -1 0.0.0.0/0
# sleep for a smidge
sleep 1
-# ping our fip
-if ( ping -c1 -w1 $FIP); then
+# ping our floating ip
+if ( ping -c1 -w1 $FLOATING_IP ); then
print "Security group failure - ping should not be allowed!"
exit 1
fi
# de-allocate the floating ip
-nova floating-ip-delete $FIP
+nova floating-ip-delete $FLOATING_IP
# shutdown the server
nova delete $NAME