You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by da...@apache.org on 2015/12/09 16:12:31 UTC
[1/4] git commit: updated refs/heads/master to 7043958
Repository: cloudstack
Updated Branches:
refs/heads/master 738b78886 -> 704395899
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/smoke/test_routers_network_ops.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_routers_network_ops.py b/test/integration/smoke/test_routers_network_ops.py
new file mode 100644
index 0000000..94c0774
--- /dev/null
+++ b/test/integration/smoke/test_routers_network_ops.py
@@ -0,0 +1,1020 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# Import Local Modules
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.cloudstackAPI import (stopVirtualMachine,
+ stopRouter,
+ startRouter)
+from marvin.lib.utils import (cleanup_resources,
+ get_process_status,
+ get_host_credentials)
+from marvin.lib.base import (ServiceOffering,
+ VirtualMachine,
+ Account,
+ ServiceOffering,
+ NATRule,
+ NetworkACL,
+ FireWallRule,
+ PublicIPAddress,
+ NetworkOffering,
+ Network,
+ Router,
+ EgressFireWallRule)
+from marvin.lib.common import (get_zone,
+ get_template,
+ get_domain,
+ list_virtual_machines,
+ list_networks,
+ list_configurations,
+ list_routers,
+ list_nat_rules,
+ list_publicIP,
+ list_firewall_rules,
+ list_hosts)
+
+# Import System modules
+import time
+import logging
+
+def check_router_command(virtual_machine, public_ip, ssh_command, check_string, test_case, retries=5):
+ result = 'failed'
+ try:
+ ssh = virtual_machine.get_ssh_client(ipaddress=public_ip, retries=retries)
+ result = str(ssh.execute(ssh_command))
+ except Exception as e:
+ test_case.fail("Failed to SSH into the Virtual Machine: %s" % e)
+
+ logging.debug("Result from SSH into the Virtual Machine: %s" % result)
+ return result.count(check_string)
+
+class TestRedundantIsolateNetworks(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+
+ cls.logger = logging.getLogger('TestRedundantIsolateNetworks')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.testClient = super(TestRedundantIsolateNetworks, cls).getClsTestClient()
+ cls.api_client = cls.testClient.getApiClient()
+
+ cls.services = cls.testClient.getParsedTestDataConfig()
+ # Get Zone, Domain and templates
+ cls.domain = get_domain(cls.api_client)
+ cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.services['mode'] = cls.zone.networktype
+ cls.template = get_template(
+ cls.api_client,
+ cls.zone.id,
+ cls.services["ostype"]
+ )
+ cls.services["virtual_machine"]["zoneid"] = cls.zone.id
+
+ # Create an account, network, VM and IP addresses
+ cls.account = Account.create(
+ cls.api_client,
+ cls.services["account"],
+ admin=True,
+ domainid=cls.domain.id
+ )
+ cls.service_offering = ServiceOffering.create(
+ cls.api_client,
+ cls.services["service_offering"]
+ )
+
+ cls.services["nw_off_persistent_RVR_egress_true"] = cls.services["nw_off_persistent_RVR"].copy()
+ cls.services["nw_off_persistent_RVR_egress_true"]["egress_policy"] = "true"
+
+ cls.services["nw_off_persistent_RVR_egress_false"] = cls.services["nw_off_persistent_RVR"].copy()
+ cls.services["nw_off_persistent_RVR_egress_false"]["egress_policy"] = "false"
+
+ cls.services["egress_80"] = {
+ "startport": 80,
+ "endport": 80,
+ "protocol": "TCP",
+ "cidrlist": ["0.0.0.0/0"]
+ }
+
+ cls.services["egress_53"] = {
+ "startport": 53,
+ "endport": 53,
+ "protocol": "UDP",
+ "cidrlist": ["0.0.0.0/0"]
+ }
+
+ cls._cleanup = [
+ cls.service_offering,
+ cls.account
+ ]
+
+ return
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.api_client, cls._cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.cleanup = []
+ return
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.api_client, self.cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
+ def test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true(self):
+ """ Test redundant router internals """
+ self.logger.debug("Starting test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true...")
+
+ self.logger.debug("Creating Network Offering with default egress TRUE")
+ network_offering_egress_true = NetworkOffering.create(
+ self.apiclient,
+ self.services["nw_off_persistent_RVR_egress_true"],
+ conservemode=True
+ )
+ network_offering_egress_true.update(self.api_client, state='Enabled')
+
+ self.logger.debug("Creating network with network offering: %s" % network_offering_egress_true.id)
+ network = Network.create(
+ self.apiclient,
+ self.services["network"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=network_offering_egress_true.id,
+ zoneid=self.zone.id
+ )
+ self.logger.debug("Created network with ID: %s" % network.id)
+
+ networks = Network.list(
+ self.apiclient,
+ id=network.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(networks, list),
+ True,
+ "List networks should return a valid response for created network"
+ )
+ nw_response = networks[0]
+
+ self.logger.debug("Deploying VM in account: %s" % self.account.name)
+ virtual_machine = VirtualMachine.create(
+ self.apiclient,
+ self.services["virtual_machine"],
+ templateid=self.template.id,
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(network.id)]
+ )
+
+ self.logger.debug("Deployed VM in network: %s" % network.id)
+
+ self.cleanup.insert(0, network_offering_egress_true)
+ self.cleanup.insert(0, network)
+ self.cleanup.insert(0, virtual_machine)
+
+ vms = VirtualMachine.list(
+ self.apiclient,
+ id=virtual_machine.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(vms, list),
+ True,
+ "List Vms should return a valid list"
+ )
+ vm = vms[0]
+ self.assertEqual(
+ vm.state,
+ "Running",
+ "VM should be in running state after deployment"
+ )
+
+ self.logger.debug("Listing routers for network: %s" % network.name)
+ routers = Router.list(
+ self.apiclient,
+ networkid=network.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(routers, list),
+ True,
+ "list router should return Master and backup routers"
+ )
+ self.assertEqual(
+ len(routers),
+ 2,
+ "Length of the list router should be 2 (Backup & master)"
+ )
+
+ public_ips = list_publicIP(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ zoneid=self.zone.id
+ )
+
+ public_ip = public_ips[0]
+
+ self.assertEqual(
+ isinstance(public_ips, list),
+ True,
+ "Check for list public IPs response return valid data"
+ )
+
+ self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
+ FireWallRule.create(
+ self.apiclient,
+ ipaddressid=public_ip.id,
+ protocol=self.services["natrule"]["protocol"],
+ cidrlist=['0.0.0.0/0'],
+ startport=self.services["natrule"]["publicport"],
+ endport=self.services["natrule"]["publicport"]
+ )
+
+ self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
+ nat_rule = NATRule.create(
+ self.apiclient,
+ virtual_machine,
+ self.services["natrule"],
+ public_ip.id
+ )
+
+ # Test SSH after closing port 22
+ expected = 1
+ ssh_command = "ping -c 3 8.8.8.8"
+ check_string = "3 packets received"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Ping to outside world from VM should be successful!"
+ )
+
+ expected = 1
+ ssh_command = "wget -t 1 -T 5 www.google.com"
+ check_string = "HTTP request sent, awaiting response... 200 OK"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Attempt to retrieve google.com index page should be successful!"
+ )
+
+ EgressFireWallRule.create(
+ self.apiclient,
+ networkid=network.id,
+ protocol=self.services["egress_80"]["protocol"],
+ startport=self.services["egress_80"]["startport"],
+ endport=self.services["egress_80"]["endport"],
+ cidrlist=self.services["egress_80"]["cidrlist"]
+ )
+
+ expected = 0
+ ssh_command = "wget -t 1 -T 1 www.google.com"
+ check_string = "HTTP request sent, awaiting response... 200 OK"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Attempt to retrieve google.com index page should NOT be successful once rule is added!"
+ )
+
+ return
+
+ @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
+ def test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false(self):
+ """ Test redundant router internals """
+ self.logger.debug("Starting test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false...")
+
+ self.logger.debug("Creating Network Offering with default egress FALSE")
+ network_offering_egress_false = NetworkOffering.create(
+ self.apiclient,
+ self.services["nw_off_persistent_RVR_egress_false"],
+ conservemode=True
+ )
+ network_offering_egress_false.update(self.api_client, state='Enabled')
+
+ self.logger.debug("Creating network with network offering: %s" % network_offering_egress_false.id)
+ network = Network.create(
+ self.apiclient,
+ self.services["network"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=network_offering_egress_false.id,
+ zoneid=self.zone.id
+ )
+ self.logger.debug("Created network with ID: %s" % network.id)
+
+ networks = Network.list(
+ self.apiclient,
+ id=network.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(networks, list),
+ True,
+ "List networks should return a valid response for created network"
+ )
+ nw_response = networks[0]
+
+ self.logger.debug("Deploying VM in account: %s" % self.account.name)
+ virtual_machine = VirtualMachine.create(
+ self.apiclient,
+ self.services["virtual_machine"],
+ templateid=self.template.id,
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(network.id)]
+ )
+
+ self.logger.debug("Deployed VM in network: %s" % network.id)
+
+ self.cleanup.insert(0, network_offering_egress_false)
+ self.cleanup.insert(0, network)
+ self.cleanup.insert(0, virtual_machine)
+
+ vms = VirtualMachine.list(
+ self.apiclient,
+ id=virtual_machine.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(vms, list),
+ True,
+ "List Vms should return a valid list"
+ )
+ vm = vms[0]
+ self.assertEqual(
+ vm.state,
+ "Running",
+ "VM should be in running state after deployment"
+ )
+
+ self.logger.debug("Listing routers for network: %s" % network.name)
+ routers = Router.list(
+ self.apiclient,
+ networkid=network.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(routers, list),
+ True,
+ "list router should return Master and backup routers"
+ )
+ self.assertEqual(
+ len(routers),
+ 2,
+ "Length of the list router should be 2 (Backup & master)"
+ )
+
+ public_ips = list_publicIP(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ zoneid=self.zone.id
+ )
+
+ self.assertEqual(
+ isinstance(public_ips, list),
+ True,
+ "Check for list public IPs response return valid data"
+ )
+
+ public_ip = public_ips[0]
+
+ self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
+ FireWallRule.create(
+ self.apiclient,
+ ipaddressid=public_ip.id,
+ protocol=self.services["natrule"]["protocol"],
+ cidrlist=['0.0.0.0/0'],
+ startport=self.services["natrule"]["publicport"],
+ endport=self.services["natrule"]["publicport"]
+ )
+
+ self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
+ nat_rule = NATRule.create(
+ self.apiclient,
+ virtual_machine,
+ self.services["natrule"],
+ public_ip.id
+ )
+
+ expected = 0
+ ssh_command = "ping -c 3 8.8.8.8"
+ check_string = "3 packets received"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Ping to outside world from VM should NOT be successful"
+ )
+
+ expected = 0
+ ssh_command = "wget -t 1 -T 1 www.google.com"
+ check_string = "HTTP request sent, awaiting response... 200 OK"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Attempt to retrieve google.com index page should NOT be successful"
+ )
+
+ EgressFireWallRule.create(
+ self.apiclient,
+ networkid=network.id,
+ protocol=self.services["egress_80"]["protocol"],
+ startport=self.services["egress_80"]["startport"],
+ endport=self.services["egress_80"]["endport"],
+ cidrlist=self.services["egress_80"]["cidrlist"]
+ )
+
+ EgressFireWallRule.create(
+ self.apiclient,
+ networkid=network.id,
+ protocol=self.services["egress_53"]["protocol"],
+ startport=self.services["egress_53"]["startport"],
+ endport=self.services["egress_53"]["endport"],
+ cidrlist=self.services["egress_53"]["cidrlist"]
+ )
+
+ expected = 1
+ ssh_command = "wget -t 1 -T 5 www.google.com"
+ check_string = "HTTP request sent, awaiting response... 200 OK"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Attempt to retrieve google.com index page should be successful once rule is added!"
+ )
+
+ return
+
+ @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
+ def test_03_RVR_Network_check_router_state(self):
+ """ Test redundant router internals """
+ self.logger.debug("Starting test_03_RVR_Network_check_router_state...")
+
+ hypervisor = self.testClient.getHypervisorInfo()
+
+ self.logger.debug("Creating Network Offering with default egress FALSE")
+ network_offering_egress_false = NetworkOffering.create(
+ self.apiclient,
+ self.services["nw_off_persistent_RVR_egress_false"],
+ conservemode=True
+ )
+ network_offering_egress_false.update(self.apiclient, state='Enabled')
+
+ self.logger.debug("Creating network with network offering: %s" % network_offering_egress_false.id)
+ network = Network.create(
+ self.apiclient,
+ self.services["network"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=network_offering_egress_false.id,
+ zoneid=self.zone.id
+ )
+ self.logger.debug("Created network with ID: %s" % network.id)
+
+ networks = Network.list(
+ self.apiclient,
+ id=network.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(networks, list),
+ True,
+ "List networks should return a valid response for created network"
+ )
+ nw_response = networks[0]
+
+ self.logger.debug("Deploying VM in account: %s" % self.account.name)
+ virtual_machine = VirtualMachine.create(
+ self.apiclient,
+ self.services["virtual_machine"],
+ templateid=self.template.id,
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(network.id)]
+ )
+
+ self.logger.debug("Deployed VM in network: %s" % network.id)
+
+ self.cleanup.insert(0, network_offering_egress_false)
+ self.cleanup.insert(0, network)
+ self.cleanup.insert(0, virtual_machine)
+
+ vms = VirtualMachine.list(
+ self.apiclient,
+ id=virtual_machine.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(vms, list),
+ True,
+ "List Vms should return a valid list"
+ )
+ vm = vms[0]
+ self.assertEqual(
+ vm.state,
+ "Running",
+ "VM should be in running state after deployment"
+ )
+
+ self.logger.debug("Listing routers for network: %s" % network.name)
+ routers = Router.list(
+ self.apiclient,
+ networkid=network.id,
+ listall=True
+ )
+ self.assertEqual(
+ isinstance(routers, list),
+ True,
+ "list router should return Master and backup routers"
+ )
+ self.assertEqual(
+ len(routers),
+ 2,
+ "Length of the list router should be 2 (Backup & master)"
+ )
+
+ vals = ["MASTER", "BACKUP", "UNKNOWN"]
+ cnts = [0, 0, 0]
+
+ result = "UNKNOWN"
+ for router in routers:
+ if router.state == "Running":
+ hosts = list_hosts(
+ self.apiclient,
+ zoneid=router.zoneid,
+ type='Routing',
+ state='Up',
+ id=router.hostid
+ )
+ self.assertEqual(
+ isinstance(hosts, list),
+ True,
+ "Check list host returns a valid list"
+ )
+ host = hosts[0]
+
+ if hypervisor.lower() in ('vmware', 'hyperv'):
+ result = str(get_process_status(
+ self.apiclient.connection.mgtSvr,
+ 22,
+ self.apiclient.connection.user,
+ self.apiclient.connection.passwd,
+ router.linklocalip,
+ "sh /opt/cloud/bin/checkrouter.sh ",
+ hypervisor=hypervisor
+ ))
+ else:
+ try:
+ host.user, host.passwd = get_host_credentials(
+ self.config, host.ipaddress)
+ result = str(get_process_status(
+ host.ipaddress,
+ 22,
+ host.user,
+ host.passwd,
+ router.linklocalip,
+ "sh /opt/cloud/bin/checkrouter.sh "
+ ))
+
+ except KeyError:
+ self.skipTest(
+ "Marvin configuration has no host credentials to\
+ check router services")
+
+ if result.count(vals[0]) == 1:
+ cnts[vals.index(vals[0])] += 1
+
+ if cnts[vals.index('MASTER')] != 1:
+ self.fail("No Master or too many master routers found %s" % cnts[vals.index('MASTER')])
+
+ return
+
+
+class TestIsolatedNetworks(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+
+ cls.logger = logging.getLogger('TestIsolatedNetworks')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.testClient = super(TestIsolatedNetworks, cls).getClsTestClient()
+ cls.api_client = cls.testClient.getApiClient()
+
+ cls.services = cls.testClient.getParsedTestDataConfig()
+ # Get Zone, Domain and templates
+ cls.domain = get_domain(cls.api_client)
+ cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.services['mode'] = cls.zone.networktype
+ cls.template = get_template(
+ cls.api_client,
+ cls.zone.id,
+ cls.services["ostype"]
+ )
+ cls.services["virtual_machine"]["zoneid"] = cls.zone.id
+
+ # Create an account, network, VM and IP addresses
+ cls.account = Account.create(
+ cls.api_client,
+ cls.services["account"],
+ admin=True,
+ domainid=cls.domain.id
+ )
+ cls.service_offering = ServiceOffering.create(
+ cls.api_client,
+ cls.services["service_offering"]
+ )
+
+ cls.services["network_offering_egress_true"] = cls.services["network_offering"].copy()
+ cls.services["network_offering_egress_true"]["egress_policy"] = "true"
+
+ cls.services["network_offering_egress_false"] = cls.services["network_offering"].copy()
+ cls.services["network_offering_egress_false"]["egress_policy"] = "false"
+
+ cls.services["egress_80"] = {
+ "startport": 80,
+ "endport": 80,
+ "protocol": "TCP",
+ "cidrlist": ["0.0.0.0/0"]
+ }
+
+ cls._cleanup = [
+ cls.service_offering,
+ cls.account
+ ]
+
+ return
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.api_client, cls._cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.cleanup = []
+ return
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
+ def test_01_isolate_network_FW_PF_default_routes_egress_true(self):
+ """ Test redundant router internals """
+ self.logger.debug("Starting test_01_isolate_network_FW_PF_default_routes_egress_true...")
+
+ self.logger.debug("Creating Network Offering with default egress TRUE")
+ network_offering_egress_true = NetworkOffering.create(self.apiclient,
+ self.services["network_offering_egress_true"],
+ conservemode=True)
+
+ network_offering_egress_true.update(self.apiclient, state='Enabled')
+
+ self.logger.debug("Creating Network with Network Offering ID %s" % network_offering_egress_true.id)
+ network = Network.create(self.apiclient,
+ self.services["network"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=network_offering_egress_true.id,
+ zoneid=self.zone.id)
+
+ self.logger.debug("Deploying Virtual Machine on Network %s" % network.id)
+ virtual_machine = VirtualMachine.create(self.apiclient,
+ self.services["virtual_machine"],
+ templateid=self.template.id,
+ accountid=self.account.name,
+ domainid=self.domain.id,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(network.id)])
+
+ self.logger.debug("Deployed VM in network: %s" % network.id)
+
+ self.cleanup.insert(0, network_offering_egress_true)
+ self.cleanup.insert(0, network)
+ self.cleanup.insert(0, virtual_machine)
+
+ self.logger.debug("Starting test_isolate_network_FW_PF_default_routes...")
+ routers = list_routers(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid
+ )
+
+ self.assertEqual(
+ isinstance(routers, list),
+ True,
+ "Check for list routers response return valid data"
+ )
+
+ self.assertNotEqual(
+ len(routers),
+ 0,
+ "Check list router response"
+ )
+
+ router = routers[0]
+
+ self.assertEqual(
+ router.state,
+ 'Running',
+ "Check list router response for router state"
+ )
+
+ public_ips = list_publicIP(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ zoneid=self.zone.id
+ )
+
+ self.assertEqual(
+ isinstance(public_ips, list),
+ True,
+ "Check for list public IPs response return valid data"
+ )
+
+ public_ip = public_ips[0]
+
+ self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
+ FireWallRule.create(
+ self.apiclient,
+ ipaddressid=public_ip.id,
+ protocol=self.services["natrule"]["protocol"],
+ cidrlist=['0.0.0.0/0'],
+ startport=self.services["natrule"]["publicport"],
+ endport=self.services["natrule"]["publicport"]
+ )
+
+ self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
+ # Create NAT rule
+ nat_rule = NATRule.create(
+ self.apiclient,
+ virtual_machine,
+ self.services["natrule"],
+ public_ip.id
+ )
+
+ nat_rules = list_nat_rules(
+ self.apiclient,
+ id=nat_rule.id
+ )
+ self.assertEqual(
+ isinstance(nat_rules, list),
+ True,
+ "Check for list NAT rules response return valid data"
+ )
+ self.assertEqual(
+ nat_rules[0].state,
+ 'Active',
+ "Check list port forwarding rules"
+ )
+
+ # Test SSH after closing port 22
+ expected = 1
+ ssh_command = "ping -c 3 8.8.8.8"
+ check_string = "3 packets received"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Ping to outside world from VM should be successful!"
+ )
+
+ expected = 1
+ ssh_command = "wget -t 1 -T 5 www.google.com"
+ check_string = "HTTP request sent, awaiting response... 200 OK"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Attempt to retrieve google.com index page should be successful!"
+ )
+
+ EgressFireWallRule.create(
+ self.apiclient,
+ networkid=network.id,
+ protocol=self.services["egress_80"]["protocol"],
+ startport=self.services["egress_80"]["startport"],
+ endport=self.services["egress_80"]["endport"],
+ cidrlist=self.services["egress_80"]["cidrlist"]
+ )
+
+ expected = 0
+ ssh_command = "wget -t 1 -T 1 www.google.com"
+ check_string = "HTTP request sent, awaiting response... 200 OK"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Attempt to retrieve google.com index page should NOT be successful once rule is added!"
+ )
+
+ return
+
+ @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
+ def test_02_isolate_network_FW_PF_default_routes_egress_false(self):
+ """ Test redundant router internals """
+ self.logger.debug("Starting test_02_isolate_network_FW_PF_default_routes_egress_false...")
+
+ self.logger.debug("Creating Network Offering with default egress FALSE")
+ network_offering_egress_false = NetworkOffering.create(self.apiclient,
+ self.services["network_offering_egress_false"],
+ conservemode=True)
+
+ network_offering_egress_false.update(self.apiclient, state='Enabled')
+
+ self.logger.debug("Creating Network with Network Offering ID %s" % network_offering_egress_false.id)
+ network = Network.create(self.apiclient,
+ self.services["network"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=network_offering_egress_false.id,
+ zoneid=self.zone.id)
+
+ self.logger.debug("Deploying Virtual Machine on Network %s" % network.id)
+ virtual_machine = VirtualMachine.create(self.apiclient,
+ self.services["virtual_machine"],
+ templateid=self.template.id,
+ accountid=self.account.name,
+ domainid=self.domain.id,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(network.id)])
+
+ self.logger.debug("Deployed VM in network: %s" % network.id)
+
+ self.cleanup.insert(0, network_offering_egress_false)
+ self.cleanup.insert(0, network)
+ self.cleanup.insert(0, virtual_machine)
+
+ self.logger.debug("Starting test_isolate_network_FW_PF_default_routes...")
+ routers = list_routers(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid
+ )
+
+ self.assertEqual(
+ isinstance(routers, list),
+ True,
+ "Check for list routers response return valid data"
+ )
+
+ self.assertNotEqual(
+ len(routers),
+ 0,
+ "Check list router response"
+ )
+
+ router = routers[0]
+
+ self.assertEqual(
+ router.state,
+ 'Running',
+ "Check list router response for router state"
+ )
+
+ public_ips = list_publicIP(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ zoneid=self.zone.id
+ )
+
+ self.assertEqual(
+ isinstance(public_ips, list),
+ True,
+ "Check for list public IPs response return valid data"
+ )
+
+ public_ip = public_ips[0]
+
+ self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
+ FireWallRule.create(
+ self.apiclient,
+ ipaddressid=public_ip.id,
+ protocol=self.services["natrule"]["protocol"],
+ cidrlist=['0.0.0.0/0'],
+ startport=self.services["natrule"]["publicport"],
+ endport=self.services["natrule"]["publicport"]
+ )
+
+ self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
+ # Create NAT rule
+ nat_rule = NATRule.create(
+ self.apiclient,
+ virtual_machine,
+ self.services["natrule"],
+ public_ip.id
+ )
+
+ nat_rules = list_nat_rules(
+ self.apiclient,
+ id=nat_rule.id
+ )
+ self.assertEqual(
+ isinstance(nat_rules, list),
+ True,
+ "Check for list NAT rules response return valid data"
+ )
+ self.assertEqual(
+ nat_rules[0].state,
+ 'Active',
+ "Check list port forwarding rules"
+ )
+
+ expected = 0
+ ssh_command = "ping -c 3 8.8.8.8"
+ check_string = "3 packets received"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Ping to outside world from VM should NOT be successful"
+ )
+
+ expected = 0
+ ssh_command = "wget -t 1 -T 1 www.google.com"
+ check_string = "HTTP request sent, awaiting response... 200 OK"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Attempt to retrieve google.com index page should NOT be successful"
+ )
+
+ EgressFireWallRule.create(
+ self.apiclient,
+ networkid=network.id,
+ protocol=self.services["egress_80"]["protocol"],
+ startport=self.services["egress_80"]["startport"],
+ endport=self.services["egress_80"]["endport"],
+ cidrlist=self.services["egress_80"]["cidrlist"]
+ )
+
+ expected = 1
+ ssh_command = "wget -t 1 -T 5 www.google.com"
+ check_string = "HTTP request sent, awaiting response... 200 OK"
+ result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
+
+ self.assertEqual(
+ result,
+ expected,
+ "Attempt to retrieve google.com index page should be successful once rule is added!"
+ )
+
+ return
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/smoke/test_vpc_redundant.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_vpc_redundant.py b/test/integration/smoke/test_vpc_redundant.py
new file mode 100644
index 0000000..9bdf6c9
--- /dev/null
+++ b/test/integration/smoke/test_vpc_redundant.py
@@ -0,0 +1,669 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+""" Test redundancy features for VPC routers
+"""
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import (stopRouter,
+ startRouter,
+ destroyRouter,
+ rebootRouter,
+ Account,
+ VpcOffering,
+ VPC,
+ ServiceOffering,
+ NATRule,
+ NetworkACL,
+ PublicIPAddress,
+ NetworkOffering,
+ Network,
+ VirtualMachine,
+ LoadBalancerRule)
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template,
+ list_routers,
+ list_hosts)
+from marvin.lib.utils import (cleanup_resources,
+ get_process_status,
+ get_host_credentials)
+import socket
+import time
+import inspect
+import logging
+
+class Services:
+ """Test VPC network services - Port Forwarding Rules Test Data Class.
+ """
+
+ def __init__(self):
+ self.services = {
+ "account": {
+ "email": "test@test.com",
+ "firstname": "Test",
+ "lastname": "User",
+ "username": "test",
+ # Random characters are appended for unique
+ # username
+ "password": "password",
+ },
+ "host1": None,
+ "host2": None,
+ "service_offering": {
+ "name": "Tiny Instance",
+ "displaytext": "Tiny Instance",
+ "cpunumber": 1,
+ "cpuspeed": 100,
+ "memory": 128,
+ },
+ "network_offering": {
+ "name": 'VPC Network offering',
+ "displaytext": 'VPC Network off',
+ "guestiptype": 'Isolated',
+ "supportedservices": 'Vpn,Dhcp,Dns,SourceNat,PortForwarding,Lb,UserData,StaticNat,NetworkACL',
+ "traffictype": 'GUEST',
+ "availability": 'Optional',
+ "useVpc": 'on',
+ "serviceProviderList": {
+ "Vpn": 'VpcVirtualRouter',
+ "Dhcp": 'VpcVirtualRouter',
+ "Dns": 'VpcVirtualRouter',
+ "SourceNat": 'VpcVirtualRouter',
+ "PortForwarding": 'VpcVirtualRouter',
+ "Lb": 'VpcVirtualRouter',
+ "UserData": 'VpcVirtualRouter',
+ "StaticNat": 'VpcVirtualRouter',
+ "NetworkACL": 'VpcVirtualRouter'
+ },
+ },
+ "network_offering_no_lb": {
+ "name": 'VPC Network offering',
+ "displaytext": 'VPC Network off',
+ "guestiptype": 'Isolated',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,UserData,StaticNat,NetworkACL',
+ "traffictype": 'GUEST',
+ "availability": 'Optional',
+ "useVpc": 'on',
+ "serviceProviderList": {
+ "Dhcp": 'VpcVirtualRouter',
+ "Dns": 'VpcVirtualRouter',
+ "SourceNat": 'VpcVirtualRouter',
+ "PortForwarding": 'VpcVirtualRouter',
+ "UserData": 'VpcVirtualRouter',
+ "StaticNat": 'VpcVirtualRouter',
+ "NetworkACL": 'VpcVirtualRouter'
+ },
+ },
+ "vpc_offering": {
+ "name": 'Redundant VPC off',
+ "displaytext": 'Redundant VPC off',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
+ "serviceProviderList": {
+ "Vpn": 'VpcVirtualRouter',
+ "Dhcp": 'VpcVirtualRouter',
+ "Dns": 'VpcVirtualRouter',
+ "SourceNat": 'VpcVirtualRouter',
+ "PortForwarding": 'VpcVirtualRouter',
+ "Lb": 'VpcVirtualRouter',
+ "UserData": 'VpcVirtualRouter',
+ "StaticNat": 'VpcVirtualRouter',
+ "NetworkACL": 'VpcVirtualRouter'
+ },
+ "serviceCapabilityList": {
+ "SourceNat": {
+ "RedundantRouter": 'true'
+ }
+ },
+ },
+ "vpc": {
+ "name": "TestVPC",
+ "displaytext": "TestVPC",
+ "cidr": '10.0.0.1/24'
+ },
+ "network": {
+ "name": "Test Network",
+ "displaytext": "Test Network",
+ "netmask": '255.255.255.0'
+ },
+ "lbrule": {
+ "name": "SSH",
+ "alg": "leastconn",
+ # Algorithm used for load balancing
+ "privateport": 22,
+ "publicport": 2222,
+ "openfirewall": False,
+ "startport": 22,
+ "endport": 2222,
+ "protocol": "TCP",
+ "cidrlist": '0.0.0.0/0',
+ },
+ "lbrule_http": {
+ "name": "HTTP",
+ "alg": "leastconn",
+ # Algorithm used for load balancing
+ "privateport": 80,
+ "publicport": 8888,
+ "openfirewall": False,
+ "startport": 80,
+ "endport": 8888,
+ "protocol": "TCP",
+ "cidrlist": '0.0.0.0/0',
+ },
+ "natrule": {
+ "privateport": 22,
+ "publicport": 22,
+ "startport": 22,
+ "endport": 22,
+ "protocol": "TCP",
+ "cidrlist": '0.0.0.0/0',
+ },
+ "http_rule": {
+ "privateport": 80,
+ "publicport": 80,
+ "startport": 80,
+ "endport": 80,
+ "cidrlist": '0.0.0.0/0',
+ "protocol": "TCP"
+ },
+ "virtual_machine": {
+ "displayname": "Test VM",
+ "username": "root",
+ "password": "password",
+ "ssh_port": 22,
+ "privateport": 22,
+ "publicport": 22,
+ "protocol": 'TCP',
+ },
+ "ostype": 'CentOS 5.3 (64-bit)',
+ "timeout": 10,
+ }
+
+
+class TestVPCRedundancy(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+ # We want to fail quicker if it's failure
+ socket.setdefaulttimeout(60)
+
+ cls.testClient = super(TestVPCRedundancy, cls).getClsTestClient()
+ cls.api_client = cls.testClient.getApiClient()
+
+ cls.services = Services().services
+ # Get Zone, Domain and templates
+ cls.domain = get_domain(cls.api_client)
+ cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.template = get_template(
+ cls.api_client,
+ cls.zone.id,
+ cls.services["ostype"])
+ cls.services["virtual_machine"]["zoneid"] = cls.zone.id
+ cls.services["virtual_machine"]["template"] = cls.template.id
+
+ cls.service_offering = ServiceOffering.create(
+ cls.api_client,
+ cls.services["service_offering"])
+ cls._cleanup = [cls.service_offering]
+
+ cls.logger = logging.getLogger('TestVPCRedundancy')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ return
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.api_client, cls._cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def setUp(self):
+ self.routers = []
+ self.networks = []
+ self.ips = []
+
+ self.apiclient = self.testClient.getApiClient()
+ self.hypervisor = self.testClient.getHypervisorInfo()
+
+ self.account = Account.create(
+ self.apiclient,
+ self.services["account"],
+ admin=True,
+ domainid=self.domain.id)
+
+ self.logger.debug("Creating a VPC offering..")
+ self.vpc_off = VpcOffering.create(
+ self.apiclient,
+ self.services["vpc_offering"])
+
+ self.logger.debug("Enabling the VPC offering created")
+ self.vpc_off.update(self.apiclient, state='Enabled')
+
+ self.logger.debug("Creating a VPC network in the account: %s" % self.account.name)
+ self.services["vpc"]["cidr"] = '10.1.1.1/16'
+ self.vpc = VPC.create(
+ self.apiclient,
+ self.services["vpc"],
+ vpcofferingid=self.vpc_off.id,
+ zoneid=self.zone.id,
+ account=self.account.name,
+ domainid=self.account.domainid)
+
+ self.cleanup = [self.vpc, self.vpc_off, self.account]
+ return
+
+ def tearDown(self):
+ try:
+ #Stop/Destroy the routers so we are able to remove the networks. Issue CLOUDSTACK-8935
+ self.destroy_routers()
+ cleanup_resources(self.api_client, self.cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def query_routers(self, count=2, showall=False):
+ self.routers = list_routers(self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ )
+ if not showall:
+ self.routers = [r for r in self.routers if r.state != "Stopped"]
+ self.assertEqual(
+ isinstance(self.routers, list), True,
+ "Check for list routers response return valid data")
+
+ self.assertEqual(
+ len(self.routers), count,
+ "Check that %s routers were indeed created" % count)
+
+ def check_master_status(self,count=2, showall=False):
+ vals = ["MASTER", "BACKUP", "UNKNOWN"]
+ cnts = [0, 0, 0]
+
+ result = "UNKNOWN"
+ self.query_routers(count, showall)
+ for router in self.routers:
+ if router.state == "Running":
+ hosts = list_hosts(
+ self.apiclient,
+ zoneid=router.zoneid,
+ type='Routing',
+ state='Up',
+ id=router.hostid
+ )
+ self.assertEqual(
+ isinstance(hosts, list),
+ True,
+ "Check list host returns a valid list"
+ )
+ host = hosts[0]
+
+ if self.hypervisor.lower() in ('vmware', 'hyperv'):
+ result = str(get_process_status(
+ self.apiclient.connection.mgtSvr,
+ 22,
+ self.apiclient.connection.user,
+ self.apiclient.connection.passwd,
+ router.linklocalip,
+ "sh /opt/cloud/bin/checkrouter.sh ",
+ hypervisor=self.hypervisor
+ ))
+ else:
+ try:
+ host.user, host.passwd = get_host_credentials(
+ self.config, host.ipaddress)
+ result = str(get_process_status(
+ host.ipaddress,
+ 22,
+ host.user,
+ host.passwd,
+ router.linklocalip,
+ "sh /opt/cloud/bin/checkrouter.sh "
+ ))
+
+ except KeyError:
+ self.skipTest(
+ "Marvin configuration has no host credentials to\
+ check router services")
+
+ if result.count(vals[0]) == 1:
+ cnts[vals.index(vals[0])] += 1
+
+ if cnts[vals.index('MASTER')] != 1:
+ self.fail("No Master or too many master routers found %s" % cnts[vals.index('MASTER')])
+
+ def stop_router(self, router):
+ self.logger.debug('Stopping router %s' % router.id)
+ cmd = stopRouter.stopRouterCmd()
+ cmd.id = router.id
+ self.apiclient.stopRouter(cmd)
+
+ def reboot_router(self, router):
+ self.logger.debug('Rebooting router %s' % router.id)
+ cmd = rebootRouter.rebootRouterCmd()
+ cmd.id = router.id
+ self.apiclient.rebootRouter(cmd)
+
+ def stop_router_by_type(self, type):
+ self.check_master_status(2)
+ self.logger.debug('Stopping %s router' % type)
+ for router in self.routers:
+ if router.redundantstate == type:
+ self.stop_router(router)
+
+ def reboot_router_by_type(self, type):
+ self.check_master_status(2)
+ self.logger.debug('Rebooting %s router' % type)
+ for router in self.routers:
+ if router.redundantstate == type:
+ self.reboot_router(router)
+
+ def destroy_routers(self):
+ self.logger.debug('Destroying routers')
+ for router in self.routers:
+ self.stop_router(router)
+ cmd = destroyRouter.destroyRouterCmd()
+ cmd.id = router.id
+ self.apiclient.destroyRouter(cmd)
+ self.routers = []
+
+ def start_routers(self):
+ self.check_master_status(2, showall=True)
+ self.logger.debug('Starting stopped routers')
+ for router in self.routers:
+ self.logger.debug('Router %s has state %s' % (router.id, router.state))
+ if router.state == "Stopped":
+ self.logger.debug('Starting stopped router %s' % router.id)
+ cmd = startRouter.startRouterCmd()
+ cmd.id = router.id
+ self.apiclient.startRouter(cmd)
+
+ def create_network(self, net_offerring, gateway='10.1.1.1', vpc=None):
+ try:
+ self.logger.debug('Create NetworkOffering')
+ net_offerring["name"] = "NET_OFF-" + str(gateway)
+ nw_off = NetworkOffering.create(
+ self.apiclient,
+ net_offerring,
+ conservemode=False)
+
+ nw_off.update(self.apiclient, state='Enabled')
+
+ self.logger.debug('Created and Enabled NetworkOffering')
+
+ self.services["network"]["name"] = "NETWORK-" + str(gateway)
+ self.logger.debug('Adding Network=%s' % self.services["network"])
+ obj_network = Network.create(
+ self.apiclient,
+ self.services["network"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=nw_off.id,
+ zoneid=self.zone.id,
+ gateway=gateway,
+ vpcid=vpc.id if vpc else self.vpc.id
+ )
+
+ self.logger.debug("Created network with ID: %s" % obj_network.id)
+ except Exception, e:
+ self.fail('Unable to create a Network with offering=%s because of %s ' % (net_offerring, e))
+ o = networkO(obj_network)
+
+ vm1 = self.deployvm_in_network(obj_network)
+ vm2 = self.deployvm_in_network(obj_network)
+ self.cleanup.insert(2, obj_network)
+ self.cleanup.insert(3, nw_off)
+
+ o.add_vm(vm1)
+ o.add_vm(vm2)
+ return o
+
+ def deployvm_in_network(self, network, host_id=None):
+ try:
+ self.logger.debug('Creating VM in network=%s' % network.name)
+ vm = VirtualMachine.create(
+ self.apiclient,
+ self.services["virtual_machine"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(network.id)],
+ hostid=host_id
+ )
+
+ self.logger.debug('Created VM=%s in network=%s' % (vm.id, network.name))
+ self.cleanup.insert(0, vm)
+ return vm
+ except:
+ self.fail('Unable to create VM in a Network=%s' % network.name)
+
+ def acquire_publicip(self, network):
+ self.logger.debug("Associating public IP for network: %s" % network.name)
+ public_ip = PublicIPAddress.create(
+ self.apiclient,
+ accountid=self.account.name,
+ zoneid=self.zone.id,
+ domainid=self.account.domainid,
+ networkid=network.id,
+ vpcid=self.vpc.id
+ )
+ self.logger.debug("Associated %s with network %s" % (
+ public_ip.ipaddress.ipaddress,
+ network.id
+ ))
+ return public_ip
+
+ def create_natrule(self, vm, public_ip, network, services=None):
+ self.logger.debug("Creating NAT rule in network for vm with public IP")
+ if not services:
+ services = self.services["natrule"]
+ nat_rule = NATRule.create(
+ self.apiclient,
+ vm,
+ services,
+ ipaddressid=public_ip.ipaddress.id,
+ openfirewall=False,
+ networkid=network.id,
+ vpcid=self.vpc.id)
+
+ self.logger.debug("Adding NetworkACL rules to make NAT rule accessible")
+ nwacl_nat = NetworkACL.create(
+ self.apiclient,
+ networkid=network.id,
+ services=services,
+ traffictype='Ingress'
+ )
+ self.logger.debug('nwacl_nat=%s' % nwacl_nat.__dict__)
+
+ return nat_rule
+
+ def check_ssh_into_vm(self, vm, public_ip, expectFail=False, retries=5):
+ self.logger.debug("Checking if we can SSH into VM=%s on public_ip=%s (%r)" %
+ (vm.name, public_ip.ipaddress.ipaddress, expectFail))
+ vm.ssh_client = None
+ try:
+ if 'retries' in inspect.getargspec(vm.get_ssh_client).args:
+ vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress, retries=retries)
+ else:
+ vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
+ if expectFail:
+ self.fail("SSH into VM=%s on public_ip=%s is successful (Not Expected)" %
+ (vm.name, public_ip.ipaddress.ipaddress))
+ else:
+ self.logger.debug("SSH into VM=%s on public_ip=%s is successful" %
+ (vm.name, public_ip.ipaddress.ipaddress))
+ except:
+ if expectFail:
+ self.logger.debug("Failed to SSH into VM - %s (Expected)" % (public_ip.ipaddress.ipaddress))
+ else:
+ self.fail("Failed to SSH into VM - %s" % (public_ip.ipaddress.ipaddress))
+
+ @attr(tags=["advanced", "intervlan"], required_hardware="true")
+ def test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL(self):
+ """ Create a redundant VPC with two networks with two VMs in each network """
+ self.logger.debug("Starting test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL")
+ self.query_routers()
+ self.networks.append(self.create_network(self.services["network_offering"], "10.1.1.1"))
+ self.networks.append(self.create_network(self.services["network_offering_no_lb"], "10.1.2.1"))
+ self.check_master_status(2)
+ self.add_nat_rules()
+ self.do_vpc_test(False)
+
+ self.stop_router_by_type("MASTER")
+ self.check_master_status(1)
+ self.do_vpc_test(False)
+
+ self.delete_nat_rules()
+ self.check_master_status(1)
+ self.do_vpc_test(True)
+ self.delete_public_ip()
+
+ self.start_routers()
+ self.add_nat_rules()
+ self.check_master_status(2)
+ self.do_vpc_test(False)
+
+ @attr(tags=["advanced", "intervlan"], required_hardware="true")
+ def test_02_redundant_VPC_default_routes(self):
+ """ Create a redundant VPC with two networks with two VMs in each network and check default routes"""
+ self.logger.debug("Starting test_02_redundant_VPC_default_routes")
+ self.query_routers()
+ self.networks.append(self.create_network(self.services["network_offering"], "10.1.1.1"))
+ self.networks.append(self.create_network(self.services["network_offering_no_lb"], "10.1.2.1"))
+ self.check_master_status(2)
+ self.add_nat_rules()
+ self.do_default_routes_test()
+
+ @attr(tags=["advanced", "intervlan"], required_hardware="true")
+ def test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers(self):
+ """ Create a redundant VPC with two networks with two VMs in each network """
+ self.logger.debug("Starting test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL")
+ self.query_routers()
+ self.networks.append(self.create_network(self.services["network_offering"], "10.1.1.1"))
+ self.check_master_status(2)
+ self.add_nat_rules()
+ self.do_vpc_test(False)
+
+ self.reboot_router_by_type("MASTER")
+ self.check_master_status(2)
+ self.do_vpc_test(False)
+
+ self.reboot_router_by_type("MASTER")
+ self.check_master_status(2)
+ self.do_vpc_test(False)
+
+ def delete_nat_rules(self):
+ for o in self.networks:
+ for vm in o.get_vms():
+ if vm.get_nat() is not None:
+ vm.get_nat().delete(self.apiclient)
+ vm.set_nat(None)
+
+ def delete_public_ip(self):
+ for o in self.networks:
+ for vm in o.get_vms():
+ if vm.get_ip() is not None:
+ vm.get_ip().delete(self.apiclient)
+ vm.set_ip(None)
+ vm.set_nat(None)
+
+ def add_nat_rules(self):
+ for o in self.networks:
+ for vm in o.get_vms():
+ if vm.get_ip() is None:
+ vm.set_ip(self.acquire_publicip(o.get_net()))
+ if vm.get_nat() is None:
+ vm.set_nat(self.create_natrule(vm.get_vm(), vm.get_ip(), o.get_net()))
+
+ def do_vpc_test(self, expectFail):
+ retries = 5
+ if expectFail:
+ retries = 2
+ for o in self.networks:
+ for vm in o.get_vms():
+ self.check_ssh_into_vm(vm.get_vm(), vm.get_ip(), expectFail=expectFail, retries=retries)
+
+ def do_default_routes_test(self):
+ for o in self.networks:
+ for vmObj in o.get_vms():
+ ssh_command = "ping -c 3 8.8.8.8"
+
+ # Should be able to SSH VM
+ result = 'failed'
+ try:
+ vm = vmObj.get_vm()
+ public_ip = vmObj.get_ip()
+ self.logger.debug("SSH into VM: %s" % public_ip.ipaddress.ipaddress)
+
+ ssh = vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
+
+ self.logger.debug("Ping to google.com from VM")
+ result = str(ssh.execute(ssh_command))
+
+ self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 packets received")))
+ except Exception as e:
+ self.fail("SSH Access failed for %s: %s" % \
+ (vmObj.get_ip(), e)
+ )
+
+ self.assertEqual(
+ result.count("3 packets received"),
+ 1,
+ "Ping to outside world from VM should be successful"
+ )
+
+
+class networkO(object):
+ def __init__(self, net):
+ self.network = net
+ self.vms = []
+
+ def get_net(self):
+ return self.network
+
+ def add_vm(self, vm):
+ self.vms.append(vmsO(vm))
+
+ def get_vms(self):
+ return self.vms
+
+
+class vmsO(object):
+ def __init__(self, vm):
+ self.vm = vm
+ self.ip = None
+ self.nat = None
+
+ def get_vm(self):
+ return self.vm
+
+ def get_ip(self):
+ return self.ip
+
+ def get_nat(self):
+ return self.nat
+
+ def set_ip(self, ip):
+ self.ip = ip
+
+ def set_nat(self, nat):
+ self.nat = nat
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/smoke/test_vpc_router_nics.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_vpc_router_nics.py b/test/integration/smoke/test_vpc_router_nics.py
new file mode 100644
index 0000000..cb0734d
--- /dev/null
+++ b/test/integration/smoke/test_vpc_router_nics.py
@@ -0,0 +1,514 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+""" Test VPC nics after router is destroyed """
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import (stopRouter,
+ startRouter,
+ destroyRouter,
+ Account,
+ VpcOffering,
+ VPC,
+ ServiceOffering,
+ NATRule,
+ NetworkACL,
+ PublicIPAddress,
+ NetworkOffering,
+ Network,
+ VirtualMachine,
+ LoadBalancerRule)
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template,
+ list_routers)
+from marvin.lib.utils import cleanup_resources
+import socket
+import time
+import inspect
+import logging
+
+class Services:
+ """Test VPC network services - Port Forwarding Rules Test Data Class.
+ """
+
+ def __init__(self):
+ self.services = {
+ "account": {
+ "email": "test@test.com",
+ "firstname": "Test",
+ "lastname": "User",
+ "username": "test",
+ # Random characters are appended for unique
+ # username
+ "password": "password",
+ },
+ "service_offering": {
+ "name": "Tiny Instance",
+ "displaytext": "Tiny Instance",
+ "cpunumber": 1,
+ "cpuspeed": 100,
+ "memory": 128,
+ },
+ "network_offering": {
+ "name": 'VPC Network offering',
+ "displaytext": 'VPC Network off',
+ "guestiptype": 'Isolated',
+ "supportedservices": 'Vpn,Dhcp,Dns,SourceNat,PortForwarding,Lb,UserData,StaticNat,NetworkACL',
+ "traffictype": 'GUEST',
+ "availability": 'Optional',
+ "useVpc": 'on',
+ "serviceProviderList": {
+ "Vpn": 'VpcVirtualRouter',
+ "Dhcp": 'VpcVirtualRouter',
+ "Dns": 'VpcVirtualRouter',
+ "SourceNat": 'VpcVirtualRouter',
+ "PortForwarding": 'VpcVirtualRouter',
+ "Lb": 'VpcVirtualRouter',
+ "UserData": 'VpcVirtualRouter',
+ "StaticNat": 'VpcVirtualRouter',
+ "NetworkACL": 'VpcVirtualRouter'
+ },
+ },
+ "network_offering_no_lb": {
+ "name": 'VPC Network offering',
+ "displaytext": 'VPC Network off',
+ "guestiptype": 'Isolated',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,UserData,StaticNat,NetworkACL',
+ "traffictype": 'GUEST',
+ "availability": 'Optional',
+ "useVpc": 'on',
+ "serviceProviderList": {
+ "Dhcp": 'VpcVirtualRouter',
+ "Dns": 'VpcVirtualRouter',
+ "SourceNat": 'VpcVirtualRouter',
+ "PortForwarding": 'VpcVirtualRouter',
+ "UserData": 'VpcVirtualRouter',
+ "StaticNat": 'VpcVirtualRouter',
+ "NetworkACL": 'VpcVirtualRouter'
+ },
+ },
+ "vpc_offering": {
+ "name": 'VPC off',
+ "displaytext": 'VPC off',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
+ },
+ "vpc": {
+ "name": "TestVPC",
+ "displaytext": "TestVPC",
+ "cidr": '10.0.0.1/24'
+ },
+ "network": {
+ "name": "Test Network",
+ "displaytext": "Test Network",
+ "netmask": '255.255.255.0'
+ },
+ "lbrule": {
+ "name": "SSH",
+ "alg": "leastconn",
+ # Algorithm used for load balancing
+ "privateport": 22,
+ "publicport": 2222,
+ "openfirewall": False,
+ "startport": 22,
+ "endport": 2222,
+ "protocol": "TCP",
+ "cidrlist": '0.0.0.0/0',
+ },
+ "lbrule_http": {
+ "name": "HTTP",
+ "alg": "leastconn",
+ # Algorithm used for load balancing
+ "privateport": 80,
+ "publicport": 8888,
+ "openfirewall": False,
+ "startport": 80,
+ "endport": 8888,
+ "protocol": "TCP",
+ "cidrlist": '0.0.0.0/0',
+ },
+ "natrule": {
+ "privateport": 22,
+ "publicport": 22,
+ "startport": 22,
+ "endport": 22,
+ "protocol": "TCP",
+ "cidrlist": '0.0.0.0/0',
+ },
+ "http_rule": {
+ "privateport": 80,
+ "publicport": 80,
+ "startport": 80,
+ "endport": 80,
+ "cidrlist": '0.0.0.0/0',
+ "protocol": "TCP"
+ },
+ "virtual_machine": {
+ "displayname": "Test VM",
+ "username": "root",
+ "password": "password",
+ "ssh_port": 22,
+ "privateport": 22,
+ "publicport": 22,
+ "protocol": 'TCP',
+ },
+ "ostype": 'CentOS 5.3 (64-bit)',
+ "timeout": 10,
+ }
+
+
+class TestVPCNics(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+ # We want to fail quicker if it's failure
+ socket.setdefaulttimeout(60)
+
+ cls.testClient = super(TestVPCNics, cls).getClsTestClient()
+ cls.api_client = cls.testClient.getApiClient()
+
+ cls.services = Services().services
+ # Get Zone, Domain and templates
+ cls.domain = get_domain(cls.api_client)
+ cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.template = get_template(
+ cls.api_client,
+ cls.zone.id,
+ cls.services["ostype"])
+ cls.services["virtual_machine"]["zoneid"] = cls.zone.id
+ cls.services["virtual_machine"]["template"] = cls.template.id
+
+ cls.service_offering = ServiceOffering.create(
+ cls.api_client,
+ cls.services["service_offering"])
+ cls._cleanup = [cls.service_offering]
+
+ cls.logger = logging.getLogger('TestVPCNics')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ return
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.api_client, cls._cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def setUp(self):
+ self.routers = []
+ self.networks = []
+ self.ips = []
+ self.apiclient = self.testClient.getApiClient()
+ self.account = Account.create(
+ self.apiclient,
+ self.services["account"],
+ admin=True,
+ domainid=self.domain.id)
+
+ self.logger.debug("Creating a VPC offering..")
+ self.vpc_off = VpcOffering.create(
+ self.apiclient,
+ self.services["vpc_offering"])
+
+ self.logger.debug("Enabling the VPC offering created")
+ self.vpc_off.update(self.apiclient, state='Enabled')
+
+ self.logger.debug("Creating a VPC network in the account: %s" % self.account.name)
+ self.services["vpc"]["cidr"] = '10.1.1.1/16'
+ self.vpc = VPC.create(
+ self.apiclient,
+ self.services["vpc"],
+ vpcofferingid=self.vpc_off.id,
+ zoneid=self.zone.id,
+ account=self.account.name,
+ domainid=self.account.domainid)
+
+ self.cleanup = [self.vpc, self.vpc_off, self.account]
+ return
+
+ def tearDown(self):
+ try:
+ self.destroy_routers()
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ self.logger.debug("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def query_routers(self):
+ self.routers = list_routers(self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ )
+
+ self.assertEqual(
+ isinstance(self.routers, list), True,
+ "Check for list routers response return valid data")
+
+ def stop_router(self, router):
+ self.logger.debug('Stopping router')
+ cmd = stopRouter.stopRouterCmd()
+ cmd.id = router.id
+ self.apiclient.stopRouter(cmd)
+
+ def destroy_routers(self):
+ self.logger.debug('Destroying routers')
+ for router in self.routers:
+ self.stop_router(router)
+ cmd = destroyRouter.destroyRouterCmd()
+ cmd.id = router.id
+ self.apiclient.destroyRouter(cmd)
+ self.routers = []
+
+ def create_network(self, net_offerring, gateway='10.1.1.1', vpc=None):
+ try:
+ self.logger.debug('Create NetworkOffering')
+ net_offerring["name"] = "NET_OFF-" + str(gateway)
+ nw_off = NetworkOffering.create(
+ self.apiclient,
+ net_offerring,
+ conservemode=False)
+
+ nw_off.update(self.apiclient, state='Enabled')
+ self.logger.debug('Created and Enabled NetworkOffering')
+
+ self.services["network"]["name"] = "NETWORK-" + str(gateway)
+ self.logger.debug('Adding Network=%s' % self.services["network"])
+ obj_network = Network.create(
+ self.apiclient,
+ self.services["network"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=nw_off.id,
+ zoneid=self.zone.id,
+ gateway=gateway,
+ vpcid=vpc.id if vpc else self.vpc.id
+ )
+
+
+ self.logger.debug("Created network with ID: %s" % obj_network.id)
+ except Exception, e:
+ self.fail('Unable to create a Network with offering=%s because of %s ' % (net_offerring, e))
+ o = networkO(obj_network)
+
+ vm1 = self.deployvm_in_network(obj_network)
+
+ self.cleanup.insert(1, obj_network)
+ self.cleanup.insert(2, nw_off)
+
+ o.add_vm(vm1)
+ return o
+
+ def deployvm_in_network(self, network):
+ try:
+ self.logger.debug('Creating VM in network=%s' % network.name)
+ vm = VirtualMachine.create(
+ self.apiclient,
+ self.services["virtual_machine"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(network.id)]
+ )
+
+ self.logger.debug('Created VM=%s in network=%s' % (vm.id, network.name))
+ self.cleanup.insert(0, vm)
+ return vm
+ except:
+ self.fail('Unable to create VM in a Network=%s' % network.name)
+
+ def acquire_publicip(self, network):
+ self.logger.debug("Associating public IP for network: %s" % network.name)
+ public_ip = PublicIPAddress.create(
+ self.apiclient,
+ accountid=self.account.name,
+ zoneid=self.zone.id,
+ domainid=self.account.domainid,
+ networkid=network.id,
+ vpcid=self.vpc.id
+ )
+ self.logger.debug("Associated %s with network %s" % (
+ public_ip.ipaddress.ipaddress,
+ network.id
+ ))
+ return public_ip
+
+ def create_natrule(self, vm, public_ip, network, services=None):
+ self.logger.debug("Creating NAT rule in network for vm with public IP")
+ if not services:
+ services = self.services["natrule"]
+ nat_rule = NATRule.create(
+ self.apiclient,
+ vm,
+ services,
+ ipaddressid=public_ip.ipaddress.id,
+ openfirewall=False,
+ networkid=network.id,
+ vpcid=self.vpc.id)
+
+ self.logger.debug("Adding NetworkACL rules to make NAT rule accessible")
+ nwacl_nat = NetworkACL.create(
+ self.apiclient,
+ networkid=network.id,
+ services=services,
+ traffictype='Ingress'
+ )
+ self.logger.debug('nwacl_nat=%s' % nwacl_nat.__dict__)
+ return nat_rule
+
+ @attr(tags=["advanced", "intervlan"], required_hardware="true")
+ def test_01_VPC_nics_after_destroy(self):
+ """ Create a VPC with two networks with one VM in each network and test nics after destroy"""
+ self.logger.debug("Starting test_01_VPC_nics_after_destroy")
+ self.query_routers()
+
+ net1 = self.create_network(self.services["network_offering"], "10.1.1.1")
+ net2 = self.create_network(self.services["network_offering_no_lb"], "10.1.2.1")
+
+ self.networks.append(net1)
+ self.networks.append(net2)
+
+ self.add_nat_rules()
+ self.check_ssh_into_vm()
+
+ self.destroy_routers()
+ time.sleep(30)
+
+ net1.add_vm(self.deployvm_in_network(net1.get_net()))
+ self.query_routers()
+
+ self.add_nat_rules()
+ self.check_ssh_into_vm()
+
+ @attr(tags=["advanced", "intervlan"], required_hardware="true")
+ def test_02_VPC_default_routes(self):
+ """ Create a VPC with two networks with one VM in each network and test default routes"""
+ self.logger.debug("Starting test_02_VPC_default_routes")
+ self.query_routers()
+
+ net1 = self.create_network(self.services["network_offering"], "10.1.1.1")
+ net2 = self.create_network(self.services["network_offering_no_lb"], "10.1.2.1")
+
+ self.networks.append(net1)
+ self.networks.append(net2)
+
+ self.add_nat_rules()
+ self.do_default_routes_test()
+
+ def delete_nat_rules(self):
+ for o in self.networks:
+ for vm in o.get_vms():
+ if vm.get_nat() is not None:
+ vm.get_nat().delete(self.apiclient)
+ vm.set_nat(None)
+
+ def add_nat_rules(self):
+ for o in self.networks:
+ for vm in o.get_vms():
+ if vm.get_ip() is None:
+ vm.set_ip(self.acquire_publicip(o.get_net()))
+ if vm.get_nat() is None:
+ vm.set_nat(self.create_natrule(vm.get_vm(), vm.get_ip(), o.get_net()))
+ time.sleep(5)
+
+ def check_ssh_into_vm(self):
+ for o in self.networks:
+ for vm in o.get_vms():
+ try:
+ virtual_machine = vm.get_vm()
+ virtual_machine.ssh_client = None
+
+ public_ip = vm.get_ip()
+
+ self.logger.debug("Checking if we can SSH into VM=%s on public_ip=%s" %
+ (virtual_machine.name, public_ip.ipaddress.ipaddress))
+
+ virtual_machine.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
+ self.logger.debug("SSH into VM=%s on public_ip=%s is successful" %
+ (virtual_machine.name, public_ip.ipaddress.ipaddress))
+ except:
+ self.fail("Failed to SSH into VM - %s" % (public_ip.ipaddress.ipaddress))
+
+ def do_default_routes_test(self):
+ for o in self.networks:
+ for vmObj in o.get_vms():
+ ssh_command = "ping -c 3 8.8.8.8"
+
+ # Should be able to SSH VM
+ result = 'failed'
+ try:
+ vm = vmObj.get_vm()
+ public_ip = vmObj.get_ip()
+ self.logger.debug("SSH into VM: %s" % public_ip.ipaddress.ipaddress)
+
+ ssh = vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
+
+ self.logger.debug("Ping to google.com from VM")
+ result = str(ssh.execute(ssh_command))
+
+ self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 packets received")))
+ except Exception as e:
+ self.fail("SSH Access failed for %s: %s" % \
+ (vmObj.get_ip(), e)
+ )
+
+ self.assertEqual(
+ result.count("3 packets received"),
+ 1,
+ "Ping to outside world from VM should be successful"
+ )
+
+
+class networkO(object):
+ def __init__(self, net):
+ self.network = net
+ self.vms = []
+
+ def get_net(self):
+ return self.network
+
+ def add_vm(self, vm):
+ self.vms.append(vmsO(vm))
+
+ def get_vms(self):
+ return self.vms
+
+
+class vmsO(object):
+ def __init__(self, vm):
+ self.vm = vm
+ self.ip = None
+ self.nat = None
+
+ def get_vm(self):
+ return self.vm
+
+ def get_ip(self):
+ return self.ip
+
+ def get_nat(self):
+ return self.nat
+
+ def set_ip(self, ip):
+ self.ip = ip
+
+ def set_nat(self, nat):
+ self.nat = nat
[3/4] git commit: updated refs/heads/master to 7043958
Posted by da...@apache.org.
CLOUDSTACK-9120 - Moves tests to the smoke directory
- Those tests are doing a lot more than component tests would do. They require hardware and a lot of resources from real hypervisors.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/fb92de52
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/fb92de52
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/fb92de52
Branch: refs/heads/master
Commit: fb92de52623f5a5a354cf78f5e91dafa3ee6f337
Parents: 738b788
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Authored: Tue Dec 8 20:28:07 2015 +0100
Committer: Wilder Rodrigues <wr...@schubergphilis.com>
Committed: Tue Dec 8 20:28:07 2015 +0100
----------------------------------------------------------------------
.../component/test_router_dhcphosts.py | 381 -------
.../test_routers_iptables_default_policy.py | 678 ------------
.../component/test_routers_network_ops.py | 1020 ------------------
.../integration/component/test_vpc_redundant.py | 669 ------------
.../component/test_vpc_router_nics.py | 514 ---------
test/integration/smoke/test_router_dhcphosts.py | 381 +++++++
.../test_routers_iptables_default_policy.py | 678 ++++++++++++
.../smoke/test_routers_network_ops.py | 1020 ++++++++++++++++++
test/integration/smoke/test_vpc_redundant.py | 669 ++++++++++++
test/integration/smoke/test_vpc_router_nics.py | 514 +++++++++
10 files changed, 3262 insertions(+), 3262 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/component/test_router_dhcphosts.py
----------------------------------------------------------------------
diff --git a/test/integration/component/test_router_dhcphosts.py b/test/integration/component/test_router_dhcphosts.py
deleted file mode 100644
index 4c2ec4c..0000000
--- a/test/integration/component/test_router_dhcphosts.py
+++ /dev/null
@@ -1,381 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# Import Local Modules
-from nose.plugins.attrib import attr
-from marvin.cloudstackTestCase import cloudstackTestCase
-from marvin.cloudstackAPI import (stopVirtualMachine,
- stopRouter,
- startRouter)
-from marvin.lib.utils import (cleanup_resources,
- get_process_status)
-from marvin.lib.base import (ServiceOffering,
- VirtualMachine,
- Account,
- ServiceOffering,
- NATRule,
- NetworkACL,
- FireWallRule,
- PublicIPAddress,
- NetworkOffering,
- Network,
- Router)
-from marvin.lib.common import (get_zone,
- get_template,
- get_domain,
- list_virtual_machines,
- list_networks,
- list_configurations,
- list_routers,
- list_nat_rules,
- list_publicIP,
- list_firewall_rules,
- list_hosts)
-
-# Import System modules
-import time
-import logging
-
-
-class TestRouterDHCPHosts(cloudstackTestCase):
-
- @classmethod
- def setUpClass(cls):
-
- cls.logger = logging.getLogger('TestRouterDHCPHosts')
- cls.stream_handler = logging.StreamHandler()
- cls.logger.setLevel(logging.DEBUG)
- cls.logger.addHandler(cls.stream_handler)
-
- cls.testClient = super(TestRouterDHCPHosts, cls).getClsTestClient()
- cls.api_client = cls.testClient.getApiClient()
-
- cls.services = cls.testClient.getParsedTestDataConfig()
- # Get Zone, Domain and templates
- cls.domain = get_domain(cls.api_client)
- cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
- cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
- cls.api_client,
- cls.zone.id,
- cls.services["ostype"]
- )
-
- cls.services["virtual_machine"]["zoneid"] = cls.zone.id
-
- cls.logger.debug("Creating Admin Account for domain %s on zone %s" % (cls.domain.id, cls.zone.id))
- # Create an account, network, VM and IP addresses
- cls.account = Account.create(
- cls.api_client,
- cls.services["account"],
- admin=True,
- domainid=cls.domain.id
- )
-
- cls.logger.debug("Creating Service Offering on zone %s" % (cls.zone.id))
- cls.service_offering = ServiceOffering.create(
- cls.api_client,
- cls.services["service_offering"]
- )
-
- cls.services["isolated_network_offering"]["egress_policy"] = "true"
-
- cls.logger.debug("Creating Network Offering on zone %s" % (cls.zone.id))
- cls.network_offering = NetworkOffering.create(cls.api_client,
- cls.services["isolated_network_offering"],
- conservemode=True)
-
- cls.network_offering.update(cls.api_client, state='Enabled')
-
- cls.logger.debug("Creating Network for Account %s using offering %s" % (cls.account.name, cls.network_offering.id))
- cls.network = Network.create(cls.api_client,
- cls.services["network"],
- accountid=cls.account.name,
- domainid=cls.account.domainid,
- networkofferingid=cls.network_offering.id,
- zoneid=cls.zone.id)
-
- cls.logger.debug("Creating VM1 for Account %s using offering %s with IP 10.1.1.50" % (cls.account.name, cls.service_offering.id))
- cls.vm_1 = VirtualMachine.create(cls.api_client,
- cls.services["virtual_machine"],
- templateid=cls.template.id,
- accountid=cls.account.name,
- domainid=cls.domain.id,
- serviceofferingid=cls.service_offering.id,
- networkids=[str(cls.network.id)],
- ipaddress="10.1.1.50")
-
- cls.logger.debug("Creating VM2 for Account %s using offering %s with IP 10.1.1.51" % (cls.account.name, cls.service_offering.id))
- cls.vm_2 = VirtualMachine.create(cls.api_client,
- cls.services["virtual_machine"],
- templateid=cls.template.id,
- accountid=cls.account.name,
- domainid=cls.domain.id,
- serviceofferingid=cls.service_offering.id,
- networkids=[str(cls.network.id)],
- ipaddress="10.1.1.51")
-
- cls.services["natrule1"] = {
- "privateport": 22,
- "publicport": 222,
- "protocol": "TCP"
- }
-
- cls.services["natrule2"] = {
- "privateport": 22,
- "publicport": 223,
- "protocol": "TCP"
- }
-
- cls.services["configurableData"] = {
- "host": {
- "password": "password",
- "username": "root",
- "port": 22
- },
- "input": "INPUT",
- "forward": "FORWARD"
- }
-
- cls._cleanup = [
- cls.vm_2,
- cls.network,
- cls.network_offering,
- cls.service_offering,
- cls.account
- ]
-
- return
-
- @classmethod
- def tearDownClass(cls):
- try:
- cleanup_resources(cls.api_client, cls._cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def setUp(self):
- self.apiclient = self.testClient.getApiClient()
- self.cleanup = []
- return
-
- def tearDown(self):
- try:
- cleanup_resources(self.apiclient, self.cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def test_ssh_command(self, vm, nat_rule, rule_label):
- result = 'failed'
- try:
- ssh_command = "ping -c 3 8.8.8.8"
- self.logger.debug("SSH into VM with IP: %s" % nat_rule.ipaddress)
-
- ssh = vm.get_ssh_client(ipaddress=nat_rule.ipaddress, port=self.services[rule_label]["publicport"], retries=5)
- result = str(ssh.execute(ssh_command))
-
- self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 packets received")))
- except:
- self.fail("Failed to SSH into VM - %s" % (nat_rule.ipaddress))
-
- self.assertEqual(
- result.count("3 packets received"),
- 1,
- "Ping to outside world from VM should be successful"
- )
-
- def test_dhcphosts(self, vm, router):
- hosts = list_hosts(
- self.apiclient,
- id=router.hostid)
-
- self.assertEqual(
- isinstance(hosts, list),
- True,
- "Check for list hosts response return valid data")
-
- host = hosts[0]
- host.user = self.services["configurableData"]["host"]["username"]
- host.passwd = self.services["configurableData"]["host"]["password"]
- host.port = self.services["configurableData"]["host"]["port"]
- #mac1,10.7.32.101,infinite
- try:
- result = get_process_status(
- host.ipaddress,
- host.port,
- host.user,
- host.passwd,
- router.linklocalip,
- "cat /etc/dhcphosts.txt | grep %s | sed 's/\,/ /g' | awk '{print $2}'" % (vm.nic[0].ipaddress))
- except KeyError:
- self.skipTest(
- "Provide a marvin config file with host\
- credentials to run %s" %
- self._testMethodName)
-
- self.logger.debug("cat /etc/dhcphosts.txt | grep %s | sed 's/\,/ /g' | awk '{print $2}' RESULT IS ==> %s" % (vm.nic[0].ipaddress, result))
- res = str(result)
-
- self.assertEqual(
- res.count(vm.nic[0].ipaddress),
- 1,
- "DHCP hosts file contains duplicate IPs ==> %s!" % res)
-
- @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
- def test_router_dhcphosts(self):
- """Check that the /etc/dhcphosts.txt doesn't contain duplicate IPs"""
-
- self.logger.debug("Starting test_router_dhcphosts...")
- routers = list_routers(
- self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid
- )
-
- self.assertEqual(
- isinstance(routers, list),
- True,
- "Check for list routers response return valid data"
- )
-
- self.assertNotEqual(
- len(routers),
- 0,
- "Check list router response"
- )
-
- router = routers[0]
-
- self.assertEqual(
- router.state,
- 'Running',
- "Check list router response for router state"
- )
-
- public_ips = list_publicIP(
- self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid,
- zoneid=self.zone.id
- )
-
- self.assertEqual(
- isinstance(public_ips, list),
- True,
- "Check for list public IPs response return valid data"
- )
-
- public_ip = public_ips[0]
-
- self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_1.id)
- FireWallRule.create(
- self.apiclient,
- ipaddressid=public_ip.id,
- protocol=self.services["natrule1"]["protocol"],
- cidrlist=['0.0.0.0/0'],
- startport=self.services["natrule1"]["publicport"],
- endport=self.services["natrule1"]["publicport"]
- )
-
- self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_1.id)
- # Create NAT rule
- nat_rule1 = NATRule.create(
- self.apiclient,
- self.vm_1,
- self.services["natrule1"],
- public_ip.id
- )
-
- self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_2.id)
- FireWallRule.create(
- self.apiclient,
- ipaddressid=public_ip.id,
- protocol=self.services["natrule2"]["protocol"],
- cidrlist=['0.0.0.0/0'],
- startport=self.services["natrule2"]["publicport"],
- endport=self.services["natrule2"]["publicport"]
- )
-
- self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_2.id)
- # Create NAT rule
- nat_rule2 = NATRule.create(
- self.apiclient,
- self.vm_2,
- self.services["natrule2"],
- public_ip.id
- )
-
- nat_rules = list_nat_rules(
- self.apiclient,
- id=nat_rule1.id
- )
- self.assertEqual(
- isinstance(nat_rules, list),
- True,
- "Check for list NAT rules response return valid data"
- )
- self.assertEqual(
- nat_rules[0].state,
- 'Active',
- "Check list port forwarding rules"
- )
-
- nat_rules = list_nat_rules(
- self.apiclient,
- id=nat_rule2.id
- )
- self.assertEqual(
- isinstance(nat_rules, list),
- True,
- "Check for list NAT rules response return valid data"
- )
- self.assertEqual(
- nat_rules[0].state,
- 'Active',
- "Check list port forwarding rules"
- )
-
- self.logger.debug("Testing SSH to VMs %s and %s" % (self.vm_1.id, self.vm_2.id))
- self.test_ssh_command(self.vm_1, nat_rule1, "natrule1")
- self.test_ssh_command(self.vm_2, nat_rule2, "natrule2")
-
- self.logger.debug("Testing DHCP hosts for VMs %s and %s" % (self.vm_1.id, self.vm_2.id))
- self.test_dhcphosts(self.vm_1, router)
- self.test_dhcphosts(self.vm_2, router)
-
- self.logger.debug("Deleting and Expunging VM %s with ip %s" % (self.vm_1.id, self.vm_1.nic[0].ipaddress))
- self.vm_1.delete(self.apiclient)
-
- self.logger.debug("Creating new VM using the same IP as the one which was deleted => IP 10.1.1.50")
- self.vm_1 = VirtualMachine.create(self.apiclient,
- self.services["virtual_machine"],
- templateid=self.template.id,
- accountid=self.account.name,
- domainid=self.domain.id,
- serviceofferingid=self.service_offering.id,
- networkids=[str(self.network.id)],
- ipaddress="10.1.1.50")
-
- self.cleanup.append(self.vm_1)
-
- self.logger.debug("Testing DHCP hosts for VMs %s and %s" % (self.vm_1.id, self.vm_2.id))
- self.test_dhcphosts(self.vm_1, router)
- self.test_dhcphosts(self.vm_2, router)
-
- return
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/component/test_routers_iptables_default_policy.py
----------------------------------------------------------------------
diff --git a/test/integration/component/test_routers_iptables_default_policy.py b/test/integration/component/test_routers_iptables_default_policy.py
deleted file mode 100644
index a1bec4c..0000000
--- a/test/integration/component/test_routers_iptables_default_policy.py
+++ /dev/null
@@ -1,678 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-""" Test VPC nics after router is destroyed """
-
-from nose.plugins.attrib import attr
-from marvin.cloudstackTestCase import cloudstackTestCase
-from marvin.lib.base import (stopRouter,
- startRouter,
- destroyRouter,
- Account,
- VpcOffering,
- VPC,
- ServiceOffering,
- NATRule,
- NetworkACL,
- PublicIPAddress,
- NetworkOffering,
- Network,
- VirtualMachine,
- LoadBalancerRule)
-from marvin.lib.common import (get_domain,
- get_zone,
- get_template,
- list_routers,
- list_hosts)
-from marvin.lib.utils import (cleanup_resources,
- get_process_status)
-import socket
-import time
-import inspect
-import logging
-
-
-class Services:
- """Test VPC network services - Port Forwarding Rules Test Data Class.
- """
-
- def __init__(self):
- self.services = {
- "configurableData": {
- "host": {
- "password": "password",
- "username": "root",
- "port": 22
- },
- "input": "INPUT",
- "forward": "FORWARD"
- },
- "account": {
- "email": "test@test.com",
- "firstname": "Test",
- "lastname": "User",
- "username": "test",
- # Random characters are appended for unique
- # username
- "password": "password",
- },
- "service_offering": {
- "name": "Tiny Instance",
- "displaytext": "Tiny Instance",
- "cpunumber": 1,
- "cpuspeed": 100,
- "memory": 128,
- },
- "shared_network_offering_sg": {
- "name": "MySharedOffering-sg",
- "displaytext": "MySharedOffering-sg",
- "guestiptype": "Shared",
- "supportedservices": "Dhcp,Dns,UserData,SecurityGroup",
- "specifyVlan": "False",
- "specifyIpRanges": "False",
- "traffictype": "GUEST",
- "serviceProviderList": {
- "Dhcp": "VirtualRouter",
- "Dns": "VirtualRouter",
- "UserData": "VirtualRouter",
- "SecurityGroup": "SecurityGroupProvider"
- }
- },
- "network_offering": {
- "name": 'Test Network offering',
- "displaytext": 'Test Network offering',
- "guestiptype": 'Isolated',
- "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding',
- "traffictype": 'GUEST',
- "availability": 'Optional',
- "serviceProviderList": {
- "Dhcp": 'VirtualRouter',
- "Dns": 'VirtualRouter',
- "SourceNat": 'VirtualRouter',
- "PortForwarding": 'VirtualRouter',
- },
- },
- "vpc_network_offering": {
- "name": 'VPC Network offering',
- "displaytext": 'VPC Network off',
- "guestiptype": 'Isolated',
- "supportedservices": 'Vpn,Dhcp,Dns,SourceNat,PortForwarding,Lb,UserData,StaticNat,NetworkACL',
- "traffictype": 'GUEST',
- "availability": 'Optional',
- "useVpc": 'on',
- "serviceProviderList": {
- "Vpn": 'VpcVirtualRouter',
- "Dhcp": 'VpcVirtualRouter',
- "Dns": 'VpcVirtualRouter',
- "SourceNat": 'VpcVirtualRouter',
- "PortForwarding": 'VpcVirtualRouter',
- "Lb": 'VpcVirtualRouter',
- "UserData": 'VpcVirtualRouter',
- "StaticNat": 'VpcVirtualRouter',
- "NetworkACL": 'VpcVirtualRouter'
- },
- },
- "vpc_network_offering_no_lb": {
- "name": 'VPC Network offering',
- "displaytext": 'VPC Network off',
- "guestiptype": 'Isolated',
- "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,UserData,StaticNat,NetworkACL',
- "traffictype": 'GUEST',
- "availability": 'Optional',
- "useVpc": 'on',
- "serviceProviderList": {
- "Dhcp": 'VpcVirtualRouter',
- "Dns": 'VpcVirtualRouter',
- "SourceNat": 'VpcVirtualRouter',
- "PortForwarding": 'VpcVirtualRouter',
- "UserData": 'VpcVirtualRouter',
- "StaticNat": 'VpcVirtualRouter',
- "NetworkACL": 'VpcVirtualRouter'
- },
- },
- "vpc_offering": {
- "name": 'VPC off',
- "displaytext": 'VPC off',
- "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
- },
- "redundant_vpc_offering": {
- "name": 'Redundant VPC off',
- "displaytext": 'Redundant VPC off',
- "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
- "serviceProviderList": {
- "Vpn": 'VpcVirtualRouter',
- "Dhcp": 'VpcVirtualRouter',
- "Dns": 'VpcVirtualRouter',
- "SourceNat": 'VpcVirtualRouter',
- "PortForwarding": 'VpcVirtualRouter',
- "Lb": 'VpcVirtualRouter',
- "UserData": 'VpcVirtualRouter',
- "StaticNat": 'VpcVirtualRouter',
- "NetworkACL": 'VpcVirtualRouter'
- },
- "serviceCapabilityList": {
- "SourceNat": {
- "RedundantRouter": 'true'
- }
- },
- },
- "vpc": {
- "name": "TestVPC",
- "displaytext": "TestVPC",
- "cidr": '10.1.1.1/16'
- },
- "network": {
- "name": "Test Network",
- "displaytext": "Test Network",
- "netmask": '255.255.255.0'
- },
- "natrule": {
- "privateport": 22,
- "publicport": 22,
- "startport": 22,
- "endport": 22,
- "protocol": "TCP",
- "cidrlist": '0.0.0.0/0',
- },
- "virtual_machine": {
- "displayname": "Test VM",
- "username": "root",
- "password": "password",
- "ssh_port": 22,
- "privateport": 22,
- "publicport": 22,
- "protocol": 'TCP',
- },
- "ostype": 'CentOS 5.3 (64-bit)',
- "timeout": 10,
- }
-
-
-class TestVPCIpTablesPolicies(cloudstackTestCase):
-
- @classmethod
- def setUpClass(cls):
- # We want to fail quicker if it's failure
- socket.setdefaulttimeout(60)
-
- cls.testClient = super(TestVPCIpTablesPolicies, cls).getClsTestClient()
- cls.apiclient = cls.testClient.getApiClient()
-
- cls.services = Services().services
- # Get Zone, Domain and templates
- cls.domain = get_domain(cls.apiclient)
- cls.zone = get_zone(cls.apiclient, cls.testClient.getZoneForTests())
- cls.template = get_template(
- cls.apiclient,
- cls.zone.id,
- cls.services["ostype"])
-
- cls.services["virtual_machine"]["zoneid"] = cls.zone.id
- cls.services["virtual_machine"]["template"] = cls.template.id
-
- cls.account = Account.create(
- cls.apiclient,
- cls.services["account"],
- admin=True,
- domainid=cls.domain.id)
-
- cls.service_offering = ServiceOffering.create(
- cls.apiclient,
- cls.services["service_offering"])
-
-
- cls.logger = logging.getLogger('TestVPCIpTablesPolicies')
- cls.stream_handler = logging.StreamHandler()
- cls.logger.setLevel(logging.DEBUG)
- cls.logger.addHandler(cls.stream_handler)
-
- cls.entity_manager = EntityManager(cls.apiclient, cls.services, cls.service_offering, cls.account, cls.zone, cls.logger)
-
- cls._cleanup = [cls.service_offering, cls.account]
- return
-
- @classmethod
- def tearDownClass(cls):
- try:
- cleanup_resources(cls.apiclient, cls._cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def setUp(self):
- self.logger.debug("Creating a VPC offering.")
- self.vpc_off = VpcOffering.create(
- self.apiclient,
- self.services["vpc_offering"])
-
- self.logger.debug("Enabling the VPC offering created")
- self.vpc_off.update(self.apiclient, state='Enabled')
-
- self.logger.debug("Creating a VPC network in the account: %s" % self.account.name)
-
- self.vpc = VPC.create(
- self.apiclient,
- self.services["vpc"],
- vpcofferingid=self.vpc_off.id,
- zoneid=self.zone.id,
- account=self.account.name,
- domainid=self.account.domainid)
-
- self.cleanup = [self.vpc, self.vpc_off]
- self.entity_manager.set_cleanup(self.cleanup)
- return
-
- def tearDown(self):
- try:
- self.entity_manager.destroy_routers()
- cleanup_resources(self.apiclient, self.cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- @attr(tags=["advanced", "intervlan"], required_hardware="true")
- def test_01_single_VPC_iptables_policies(self):
- """ Test iptables default INPUT/FORWARD policies on VPC router """
- self.logger.debug("Starting test_01_single_VPC_iptables_policies")
-
- routers = self.entity_manager.query_routers()
-
- self.assertEqual(
- isinstance(routers, list), True,
- "Check for list routers response return valid data")
-
- self.entity_manager.create_network(self.services["vpc_network_offering"], self.vpc.id, "10.1.1.1")
- self.entity_manager.create_network(self.services["vpc_network_offering_no_lb"], self.vpc.id, "10.1.2.1")
-
- self.entity_manager.add_nat_rules(self.vpc.id)
- self.entity_manager.do_vpc_test()
-
- for router in routers:
- if not router.isredundantrouter and router.vpcid:
- hosts = list_hosts(
- self.apiclient,
- id=router.hostid)
- self.assertEqual(
- isinstance(hosts, list),
- True,
- "Check for list hosts response return valid data")
-
- host = hosts[0]
- host.user = self.services["configurableData"]["host"]["username"]
- host.passwd = self.services["configurableData"]["host"]["password"]
- host.port = self.services["configurableData"]["host"]["port"]
- tables = [self.services["configurableData"]["input"], self.services["configurableData"]["forward"]]
-
- for table in tables:
- try:
- result = get_process_status(
- host.ipaddress,
- host.port,
- host.user,
- host.passwd,
- router.linklocalip,
- 'iptables -L %s' % table)
- except KeyError:
- self.skipTest(
- "Provide a marvin config file with host\
- credentials to run %s" %
- self._testMethodName)
-
- self.logger.debug("iptables -L %s: %s" % (table, result))
- res = str(result)
-
- self.assertEqual(
- res.count("DROP"),
- 1,
- "%s Default Policy should be DROP" % table)
-
-
-class TestRouterIpTablesPolicies(cloudstackTestCase):
-
- @classmethod
- def setUpClass(cls):
- # We want to fail quicker if it's failure
- socket.setdefaulttimeout(60)
-
- cls.testClient = super(TestRouterIpTablesPolicies, cls).getClsTestClient()
- cls.apiclient = cls.testClient.getApiClient()
-
- cls.services = Services().services
- # Get Zone, Domain and templates
- cls.domain = get_domain(cls.apiclient)
- cls.zone = get_zone(cls.apiclient, cls.testClient.getZoneForTests())
- cls.template = get_template(
- cls.apiclient,
- cls.zone.id,
- cls.services["ostype"])
-
- cls.services["virtual_machine"]["zoneid"] = cls.zone.id
- cls.services["virtual_machine"]["template"] = cls.template.id
-
- cls.account = Account.create(
- cls.apiclient,
- cls.services["account"],
- admin=True,
- domainid=cls.domain.id)
-
- cls.service_offering = ServiceOffering.create(
- cls.apiclient,
- cls.services["service_offering"])
-
- cls.logger = logging.getLogger('TestRouterIpTablesPolicies')
- cls.stream_handler = logging.StreamHandler()
- cls.logger.setLevel(logging.DEBUG)
- cls.logger.addHandler(cls.stream_handler)
-
- cls.entity_manager = EntityManager(cls.apiclient, cls.services, cls.service_offering, cls.account, cls.zone, cls.logger)
-
- cls._cleanup = [cls.service_offering, cls.account]
- return
-
- @classmethod
- def tearDownClass(cls):
- try:
- cleanup_resources(cls.apiclient, cls._cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def setUp(self):
- self.cleanup = []
- self.entity_manager.set_cleanup(self.cleanup)
- return
-
- def tearDown(self):
- try:
- cleanup_resources(self.apiclient, self.cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- @attr(tags=["advanced", "intervlan"], required_hardware="true")
- def test_02_routervm_iptables_policies(self):
- """ Test iptables default INPUT/FORWARD policy on RouterVM """
-
- self.logger.debug("Starting test_02_routervm_iptables_policies")
-
- vm1 = self.entity_manager.deployvm()
-
- routers = self.entity_manager.query_routers()
-
- self.assertEqual(
- isinstance(routers, list), True,
- "Check for list routers response return valid data")
-
- for router in routers:
- if not router.isredundantrouter and not router.vpcid:
- hosts = list_hosts(
- self.apiclient,
- id=router.hostid)
- self.assertEqual(
- isinstance(hosts, list),
- True,
- "Check for list hosts response return valid data")
-
- host = hosts[0]
- host.user = self.services["configurableData"]["host"]["username"]
- host.passwd = self.services["configurableData"]["host"]["password"]
- host.port = self.services["configurableData"]["host"]["port"]
- tables = [self.services["configurableData"]["input"], self.services["configurableData"]["forward"]]
-
- for table in tables:
- try:
- result = get_process_status(
- host.ipaddress,
- host.port,
- host.user,
- host.passwd,
- router.linklocalip,
- 'iptables -L %s' % table)
- except KeyError:
- self.skipTest(
- "Provide a marvin config file with host\
- credentials to run %s" %
- self._testMethodName)
-
- self.logger.debug("iptables -L %s: %s" % (table, result))
- res = str(result)
-
- self.assertEqual(
- res.count("DROP"),
- 1,
- "%s Default Policy should be DROP" % table)
-
-
-class EntityManager(object):
-
- def __init__(self, apiclient, services, service_offering, account, zone, logger):
- self.apiclient = apiclient
- self.services = services
- self.service_offering = service_offering
- self.account = account
- self.zone = zone
- self.logger = logger
-
- self.cleanup = []
- self.networks = []
- self.routers = []
- self.ips = []
-
- def set_cleanup(self, cleanup):
- self.cleanup = cleanup
-
- def add_nat_rules(self, vpc_id):
- for o in self.networks:
- for vm in o.get_vms():
- if vm.get_ip() is None:
- vm.set_ip(self.acquire_publicip(o.get_net(), vpc_id))
- if vm.get_nat() is None:
- vm.set_nat(self.create_natrule(vm.get_vm(), vm.get_ip(), o.get_net(), vpc_id))
- time.sleep(5)
-
- def do_vpc_test(self):
- for o in self.networks:
- for vm in o.get_vms():
- self.check_ssh_into_vm(vm.get_vm(), vm.get_ip())
-
- def create_natrule(self, vm, public_ip, network, vpc_id):
- self.logger.debug("Creating NAT rule in network for vm with public IP")
-
- nat_rule_services = self.services["natrule"]
-
- nat_rule = NATRule.create(
- self.apiclient,
- vm,
- nat_rule_services,
- ipaddressid=public_ip.ipaddress.id,
- openfirewall=False,
- networkid=network.id,
- vpcid=vpc_id)
-
- self.logger.debug("Adding NetworkACL rules to make NAT rule accessible")
- nwacl_nat = NetworkACL.create(
- self.apiclient,
- networkid=network.id,
- services=nat_rule_services,
- traffictype='Ingress'
- )
- self.logger.debug('nwacl_nat=%s' % nwacl_nat.__dict__)
- return nat_rule
-
- def check_ssh_into_vm(self, vm, public_ip):
- self.logger.debug("Checking if we can SSH into VM=%s on public_ip=%s" %
- (vm.name, public_ip.ipaddress.ipaddress))
- vm.ssh_client = None
- try:
- vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
- self.logger.debug("SSH into VM=%s on public_ip=%s is successful" %
- (vm.name, public_ip.ipaddress.ipaddress))
- except:
- raise Exception("Failed to SSH into VM - %s" % (public_ip.ipaddress.ipaddress))
-
- def create_network(self, net_offerring, vpc_id, gateway='10.1.1.1'):
- try:
- self.logger.debug('Create NetworkOffering')
- net_offerring["name"] = "NET_OFF-" + str(gateway)
- nw_off = NetworkOffering.create(
- self.apiclient,
- net_offerring,
- conservemode=False)
-
- nw_off.update(self.apiclient, state='Enabled')
- self.logger.debug('Created and Enabled NetworkOffering')
-
- self.services["network"]["name"] = "NETWORK-" + str(gateway)
- self.logger.debug('Adding Network=%s to VPC ID %s' % (self.services["network"], vpc_id))
- obj_network = Network.create(
- self.apiclient,
- self.services["network"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- networkofferingid=nw_off.id,
- zoneid=self.zone.id,
- gateway=gateway,
- vpcid=vpc_id)
-
- self.logger.debug("Created network with ID: %s" % obj_network.id)
- except Exception, e:
- raise Exception('Unable to create a Network with offering=%s because of %s ' % (net_offerring, e))
-
- o = networkO(obj_network)
-
- vm1 = self.deployvm_in_network(obj_network)
- self.cleanup.insert(1, obj_network)
- self.cleanup.insert(2, nw_off)
-
- o.add_vm(vm1)
- self.networks.append(o)
- return o
-
- def deployvm_in_network(self, network):
- try:
- self.logger.debug('Creating VM in network=%s' % network.name)
- vm = VirtualMachine.create(
- self.apiclient,
- self.services["virtual_machine"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id,
- networkids=[str(network.id)])
-
- self.logger.debug('Created VM=%s in network=%s' % (vm.id, network.name))
- self.cleanup.insert(0, vm)
- return vm
- except:
- raise Exception('Unable to create VM in a Network=%s' % network.name)
-
- def deployvm(self):
- try:
- self.logger.debug('Creating VM')
- vm = VirtualMachine.create(
- self.apiclient,
- self.services["virtual_machine"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id)
-
- self.cleanup.insert(0, vm)
- self.logger.debug('Created VM=%s' % vm.id)
- return vm
- except:
- raise Exception('Unable to create VM')
-
- def acquire_publicip(self, network, vpc_id):
- self.logger.debug("Associating public IP for network: %s" % network.name)
- public_ip = PublicIPAddress.create(
- self.apiclient,
- accountid=self.account.name,
- zoneid=self.zone.id,
- domainid=self.account.domainid,
- networkid=network.id,
- vpcid=vpc_id)
- self.logger.debug("Associated %s with network %s" % (
- public_ip.ipaddress.ipaddress,
- network.id))
-
- self.ips.append(public_ip)
- return public_ip
-
- def query_routers(self):
- self.routers = list_routers(self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid)
-
- return self.routers
-
- def stop_router(self, router):
- self.logger.debug('Stopping router')
- cmd = stopRouter.stopRouterCmd()
- cmd.id = router.id
- self.apiclient.stopRouter(cmd)
-
- def destroy_routers(self):
- self.logger.debug('Destroying routers')
- for router in self.routers:
- self.stop_router(router)
- cmd = destroyRouter.destroyRouterCmd()
- cmd.id = router.id
- self.apiclient.destroyRouter(cmd)
- self.routers = []
-
- def start_routers(self):
- self.logger.debug('Starting routers')
- for router in self.routers:
- cmd = startRouter.startRouterCmd()
- cmd.id = router.id
- self.apiclient.startRouter(cmd)
-
-
-class networkO(object):
- def __init__(self, net):
- self.network = net
- self.vms = []
-
- def get_net(self):
- return self.network
-
- def add_vm(self, vm):
- self.vms.append(vmsO(vm))
-
- def get_vms(self):
- return self.vms
-
-
-class vmsO(object):
- def __init__(self, vm):
- self.vm = vm
- self.ip = None
- self.nat = None
-
- def get_vm(self):
- return self.vm
-
- def get_ip(self):
- return self.ip
-
- def get_nat(self):
- return self.nat
-
- def set_ip(self, ip):
- self.ip = ip
-
- def set_nat(self, nat):
- self.nat = nat
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/component/test_routers_network_ops.py
----------------------------------------------------------------------
diff --git a/test/integration/component/test_routers_network_ops.py b/test/integration/component/test_routers_network_ops.py
deleted file mode 100644
index 94c0774..0000000
--- a/test/integration/component/test_routers_network_ops.py
+++ /dev/null
@@ -1,1020 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# Import Local Modules
-from nose.plugins.attrib import attr
-from marvin.cloudstackTestCase import cloudstackTestCase
-from marvin.cloudstackAPI import (stopVirtualMachine,
- stopRouter,
- startRouter)
-from marvin.lib.utils import (cleanup_resources,
- get_process_status,
- get_host_credentials)
-from marvin.lib.base import (ServiceOffering,
- VirtualMachine,
- Account,
- ServiceOffering,
- NATRule,
- NetworkACL,
- FireWallRule,
- PublicIPAddress,
- NetworkOffering,
- Network,
- Router,
- EgressFireWallRule)
-from marvin.lib.common import (get_zone,
- get_template,
- get_domain,
- list_virtual_machines,
- list_networks,
- list_configurations,
- list_routers,
- list_nat_rules,
- list_publicIP,
- list_firewall_rules,
- list_hosts)
-
-# Import System modules
-import time
-import logging
-
-def check_router_command(virtual_machine, public_ip, ssh_command, check_string, test_case, retries=5):
- result = 'failed'
- try:
- ssh = virtual_machine.get_ssh_client(ipaddress=public_ip, retries=retries)
- result = str(ssh.execute(ssh_command))
- except Exception as e:
- test_case.fail("Failed to SSH into the Virtual Machine: %s" % e)
-
- logging.debug("Result from SSH into the Virtual Machine: %s" % result)
- return result.count(check_string)
-
-class TestRedundantIsolateNetworks(cloudstackTestCase):
-
- @classmethod
- def setUpClass(cls):
-
- cls.logger = logging.getLogger('TestRedundantIsolateNetworks')
- cls.stream_handler = logging.StreamHandler()
- cls.logger.setLevel(logging.DEBUG)
- cls.logger.addHandler(cls.stream_handler)
-
- cls.testClient = super(TestRedundantIsolateNetworks, cls).getClsTestClient()
- cls.api_client = cls.testClient.getApiClient()
-
- cls.services = cls.testClient.getParsedTestDataConfig()
- # Get Zone, Domain and templates
- cls.domain = get_domain(cls.api_client)
- cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
- cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
- cls.api_client,
- cls.zone.id,
- cls.services["ostype"]
- )
- cls.services["virtual_machine"]["zoneid"] = cls.zone.id
-
- # Create an account, network, VM and IP addresses
- cls.account = Account.create(
- cls.api_client,
- cls.services["account"],
- admin=True,
- domainid=cls.domain.id
- )
- cls.service_offering = ServiceOffering.create(
- cls.api_client,
- cls.services["service_offering"]
- )
-
- cls.services["nw_off_persistent_RVR_egress_true"] = cls.services["nw_off_persistent_RVR"].copy()
- cls.services["nw_off_persistent_RVR_egress_true"]["egress_policy"] = "true"
-
- cls.services["nw_off_persistent_RVR_egress_false"] = cls.services["nw_off_persistent_RVR"].copy()
- cls.services["nw_off_persistent_RVR_egress_false"]["egress_policy"] = "false"
-
- cls.services["egress_80"] = {
- "startport": 80,
- "endport": 80,
- "protocol": "TCP",
- "cidrlist": ["0.0.0.0/0"]
- }
-
- cls.services["egress_53"] = {
- "startport": 53,
- "endport": 53,
- "protocol": "UDP",
- "cidrlist": ["0.0.0.0/0"]
- }
-
- cls._cleanup = [
- cls.service_offering,
- cls.account
- ]
-
- return
-
- @classmethod
- def tearDownClass(cls):
- try:
- cleanup_resources(cls.api_client, cls._cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def setUp(self):
- self.apiclient = self.testClient.getApiClient()
- self.cleanup = []
- return
-
- def tearDown(self):
- try:
- cleanup_resources(self.api_client, self.cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
- def test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true(self):
- """ Test redundant router internals """
- self.logger.debug("Starting test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true...")
-
- self.logger.debug("Creating Network Offering with default egress TRUE")
- network_offering_egress_true = NetworkOffering.create(
- self.apiclient,
- self.services["nw_off_persistent_RVR_egress_true"],
- conservemode=True
- )
- network_offering_egress_true.update(self.api_client, state='Enabled')
-
- self.logger.debug("Creating network with network offering: %s" % network_offering_egress_true.id)
- network = Network.create(
- self.apiclient,
- self.services["network"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- networkofferingid=network_offering_egress_true.id,
- zoneid=self.zone.id
- )
- self.logger.debug("Created network with ID: %s" % network.id)
-
- networks = Network.list(
- self.apiclient,
- id=network.id,
- listall=True
- )
- self.assertEqual(
- isinstance(networks, list),
- True,
- "List networks should return a valid response for created network"
- )
- nw_response = networks[0]
-
- self.logger.debug("Deploying VM in account: %s" % self.account.name)
- virtual_machine = VirtualMachine.create(
- self.apiclient,
- self.services["virtual_machine"],
- templateid=self.template.id,
- accountid=self.account.name,
- domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id,
- networkids=[str(network.id)]
- )
-
- self.logger.debug("Deployed VM in network: %s" % network.id)
-
- self.cleanup.insert(0, network_offering_egress_true)
- self.cleanup.insert(0, network)
- self.cleanup.insert(0, virtual_machine)
-
- vms = VirtualMachine.list(
- self.apiclient,
- id=virtual_machine.id,
- listall=True
- )
- self.assertEqual(
- isinstance(vms, list),
- True,
- "List Vms should return a valid list"
- )
- vm = vms[0]
- self.assertEqual(
- vm.state,
- "Running",
- "VM should be in running state after deployment"
- )
-
- self.logger.debug("Listing routers for network: %s" % network.name)
- routers = Router.list(
- self.apiclient,
- networkid=network.id,
- listall=True
- )
- self.assertEqual(
- isinstance(routers, list),
- True,
- "list router should return Master and backup routers"
- )
- self.assertEqual(
- len(routers),
- 2,
- "Length of the list router should be 2 (Backup & master)"
- )
-
- public_ips = list_publicIP(
- self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid,
- zoneid=self.zone.id
- )
-
- public_ip = public_ips[0]
-
- self.assertEqual(
- isinstance(public_ips, list),
- True,
- "Check for list public IPs response return valid data"
- )
-
- self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
- FireWallRule.create(
- self.apiclient,
- ipaddressid=public_ip.id,
- protocol=self.services["natrule"]["protocol"],
- cidrlist=['0.0.0.0/0'],
- startport=self.services["natrule"]["publicport"],
- endport=self.services["natrule"]["publicport"]
- )
-
- self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
- nat_rule = NATRule.create(
- self.apiclient,
- virtual_machine,
- self.services["natrule"],
- public_ip.id
- )
-
- # Test SSH after closing port 22
- expected = 1
- ssh_command = "ping -c 3 8.8.8.8"
- check_string = "3 packets received"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Ping to outside world from VM should be successful!"
- )
-
- expected = 1
- ssh_command = "wget -t 1 -T 5 www.google.com"
- check_string = "HTTP request sent, awaiting response... 200 OK"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Attempt to retrieve google.com index page should be successful!"
- )
-
- EgressFireWallRule.create(
- self.apiclient,
- networkid=network.id,
- protocol=self.services["egress_80"]["protocol"],
- startport=self.services["egress_80"]["startport"],
- endport=self.services["egress_80"]["endport"],
- cidrlist=self.services["egress_80"]["cidrlist"]
- )
-
- expected = 0
- ssh_command = "wget -t 1 -T 1 www.google.com"
- check_string = "HTTP request sent, awaiting response... 200 OK"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Attempt to retrieve google.com index page should NOT be successful once rule is added!"
- )
-
- return
-
- @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
- def test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false(self):
- """ Test redundant router internals """
- self.logger.debug("Starting test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false...")
-
- self.logger.debug("Creating Network Offering with default egress FALSE")
- network_offering_egress_false = NetworkOffering.create(
- self.apiclient,
- self.services["nw_off_persistent_RVR_egress_false"],
- conservemode=True
- )
- network_offering_egress_false.update(self.api_client, state='Enabled')
-
- self.logger.debug("Creating network with network offering: %s" % network_offering_egress_false.id)
- network = Network.create(
- self.apiclient,
- self.services["network"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- networkofferingid=network_offering_egress_false.id,
- zoneid=self.zone.id
- )
- self.logger.debug("Created network with ID: %s" % network.id)
-
- networks = Network.list(
- self.apiclient,
- id=network.id,
- listall=True
- )
- self.assertEqual(
- isinstance(networks, list),
- True,
- "List networks should return a valid response for created network"
- )
- nw_response = networks[0]
-
- self.logger.debug("Deploying VM in account: %s" % self.account.name)
- virtual_machine = VirtualMachine.create(
- self.apiclient,
- self.services["virtual_machine"],
- templateid=self.template.id,
- accountid=self.account.name,
- domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id,
- networkids=[str(network.id)]
- )
-
- self.logger.debug("Deployed VM in network: %s" % network.id)
-
- self.cleanup.insert(0, network_offering_egress_false)
- self.cleanup.insert(0, network)
- self.cleanup.insert(0, virtual_machine)
-
- vms = VirtualMachine.list(
- self.apiclient,
- id=virtual_machine.id,
- listall=True
- )
- self.assertEqual(
- isinstance(vms, list),
- True,
- "List Vms should return a valid list"
- )
- vm = vms[0]
- self.assertEqual(
- vm.state,
- "Running",
- "VM should be in running state after deployment"
- )
-
- self.logger.debug("Listing routers for network: %s" % network.name)
- routers = Router.list(
- self.apiclient,
- networkid=network.id,
- listall=True
- )
- self.assertEqual(
- isinstance(routers, list),
- True,
- "list router should return Master and backup routers"
- )
- self.assertEqual(
- len(routers),
- 2,
- "Length of the list router should be 2 (Backup & master)"
- )
-
- public_ips = list_publicIP(
- self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid,
- zoneid=self.zone.id
- )
-
- self.assertEqual(
- isinstance(public_ips, list),
- True,
- "Check for list public IPs response return valid data"
- )
-
- public_ip = public_ips[0]
-
- self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
- FireWallRule.create(
- self.apiclient,
- ipaddressid=public_ip.id,
- protocol=self.services["natrule"]["protocol"],
- cidrlist=['0.0.0.0/0'],
- startport=self.services["natrule"]["publicport"],
- endport=self.services["natrule"]["publicport"]
- )
-
- self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
- nat_rule = NATRule.create(
- self.apiclient,
- virtual_machine,
- self.services["natrule"],
- public_ip.id
- )
-
- expected = 0
- ssh_command = "ping -c 3 8.8.8.8"
- check_string = "3 packets received"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Ping to outside world from VM should NOT be successful"
- )
-
- expected = 0
- ssh_command = "wget -t 1 -T 1 www.google.com"
- check_string = "HTTP request sent, awaiting response... 200 OK"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Attempt to retrieve google.com index page should NOT be successful"
- )
-
- EgressFireWallRule.create(
- self.apiclient,
- networkid=network.id,
- protocol=self.services["egress_80"]["protocol"],
- startport=self.services["egress_80"]["startport"],
- endport=self.services["egress_80"]["endport"],
- cidrlist=self.services["egress_80"]["cidrlist"]
- )
-
- EgressFireWallRule.create(
- self.apiclient,
- networkid=network.id,
- protocol=self.services["egress_53"]["protocol"],
- startport=self.services["egress_53"]["startport"],
- endport=self.services["egress_53"]["endport"],
- cidrlist=self.services["egress_53"]["cidrlist"]
- )
-
- expected = 1
- ssh_command = "wget -t 1 -T 5 www.google.com"
- check_string = "HTTP request sent, awaiting response... 200 OK"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Attempt to retrieve google.com index page should be successful once rule is added!"
- )
-
- return
-
- @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
- def test_03_RVR_Network_check_router_state(self):
- """ Test redundant router internals """
- self.logger.debug("Starting test_03_RVR_Network_check_router_state...")
-
- hypervisor = self.testClient.getHypervisorInfo()
-
- self.logger.debug("Creating Network Offering with default egress FALSE")
- network_offering_egress_false = NetworkOffering.create(
- self.apiclient,
- self.services["nw_off_persistent_RVR_egress_false"],
- conservemode=True
- )
- network_offering_egress_false.update(self.apiclient, state='Enabled')
-
- self.logger.debug("Creating network with network offering: %s" % network_offering_egress_false.id)
- network = Network.create(
- self.apiclient,
- self.services["network"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- networkofferingid=network_offering_egress_false.id,
- zoneid=self.zone.id
- )
- self.logger.debug("Created network with ID: %s" % network.id)
-
- networks = Network.list(
- self.apiclient,
- id=network.id,
- listall=True
- )
- self.assertEqual(
- isinstance(networks, list),
- True,
- "List networks should return a valid response for created network"
- )
- nw_response = networks[0]
-
- self.logger.debug("Deploying VM in account: %s" % self.account.name)
- virtual_machine = VirtualMachine.create(
- self.apiclient,
- self.services["virtual_machine"],
- templateid=self.template.id,
- accountid=self.account.name,
- domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id,
- networkids=[str(network.id)]
- )
-
- self.logger.debug("Deployed VM in network: %s" % network.id)
-
- self.cleanup.insert(0, network_offering_egress_false)
- self.cleanup.insert(0, network)
- self.cleanup.insert(0, virtual_machine)
-
- vms = VirtualMachine.list(
- self.apiclient,
- id=virtual_machine.id,
- listall=True
- )
- self.assertEqual(
- isinstance(vms, list),
- True,
- "List Vms should return a valid list"
- )
- vm = vms[0]
- self.assertEqual(
- vm.state,
- "Running",
- "VM should be in running state after deployment"
- )
-
- self.logger.debug("Listing routers for network: %s" % network.name)
- routers = Router.list(
- self.apiclient,
- networkid=network.id,
- listall=True
- )
- self.assertEqual(
- isinstance(routers, list),
- True,
- "list router should return Master and backup routers"
- )
- self.assertEqual(
- len(routers),
- 2,
- "Length of the list router should be 2 (Backup & master)"
- )
-
- vals = ["MASTER", "BACKUP", "UNKNOWN"]
- cnts = [0, 0, 0]
-
- result = "UNKNOWN"
- for router in routers:
- if router.state == "Running":
- hosts = list_hosts(
- self.apiclient,
- zoneid=router.zoneid,
- type='Routing',
- state='Up',
- id=router.hostid
- )
- self.assertEqual(
- isinstance(hosts, list),
- True,
- "Check list host returns a valid list"
- )
- host = hosts[0]
-
- if hypervisor.lower() in ('vmware', 'hyperv'):
- result = str(get_process_status(
- self.apiclient.connection.mgtSvr,
- 22,
- self.apiclient.connection.user,
- self.apiclient.connection.passwd,
- router.linklocalip,
- "sh /opt/cloud/bin/checkrouter.sh ",
- hypervisor=hypervisor
- ))
- else:
- try:
- host.user, host.passwd = get_host_credentials(
- self.config, host.ipaddress)
- result = str(get_process_status(
- host.ipaddress,
- 22,
- host.user,
- host.passwd,
- router.linklocalip,
- "sh /opt/cloud/bin/checkrouter.sh "
- ))
-
- except KeyError:
- self.skipTest(
- "Marvin configuration has no host credentials to\
- check router services")
-
- if result.count(vals[0]) == 1:
- cnts[vals.index(vals[0])] += 1
-
- if cnts[vals.index('MASTER')] != 1:
- self.fail("No Master or too many master routers found %s" % cnts[vals.index('MASTER')])
-
- return
-
-
-class TestIsolatedNetworks(cloudstackTestCase):
-
- @classmethod
- def setUpClass(cls):
-
- cls.logger = logging.getLogger('TestIsolatedNetworks')
- cls.stream_handler = logging.StreamHandler()
- cls.logger.setLevel(logging.DEBUG)
- cls.logger.addHandler(cls.stream_handler)
-
- cls.testClient = super(TestIsolatedNetworks, cls).getClsTestClient()
- cls.api_client = cls.testClient.getApiClient()
-
- cls.services = cls.testClient.getParsedTestDataConfig()
- # Get Zone, Domain and templates
- cls.domain = get_domain(cls.api_client)
- cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
- cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
- cls.api_client,
- cls.zone.id,
- cls.services["ostype"]
- )
- cls.services["virtual_machine"]["zoneid"] = cls.zone.id
-
- # Create an account, network, VM and IP addresses
- cls.account = Account.create(
- cls.api_client,
- cls.services["account"],
- admin=True,
- domainid=cls.domain.id
- )
- cls.service_offering = ServiceOffering.create(
- cls.api_client,
- cls.services["service_offering"]
- )
-
- cls.services["network_offering_egress_true"] = cls.services["network_offering"].copy()
- cls.services["network_offering_egress_true"]["egress_policy"] = "true"
-
- cls.services["network_offering_egress_false"] = cls.services["network_offering"].copy()
- cls.services["network_offering_egress_false"]["egress_policy"] = "false"
-
- cls.services["egress_80"] = {
- "startport": 80,
- "endport": 80,
- "protocol": "TCP",
- "cidrlist": ["0.0.0.0/0"]
- }
-
- cls._cleanup = [
- cls.service_offering,
- cls.account
- ]
-
- return
-
- @classmethod
- def tearDownClass(cls):
- try:
- cleanup_resources(cls.api_client, cls._cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def setUp(self):
- self.apiclient = self.testClient.getApiClient()
- self.cleanup = []
- return
-
- def tearDown(self):
- try:
- cleanup_resources(self.apiclient, self.cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
- def test_01_isolate_network_FW_PF_default_routes_egress_true(self):
- """ Test redundant router internals """
- self.logger.debug("Starting test_01_isolate_network_FW_PF_default_routes_egress_true...")
-
- self.logger.debug("Creating Network Offering with default egress TRUE")
- network_offering_egress_true = NetworkOffering.create(self.apiclient,
- self.services["network_offering_egress_true"],
- conservemode=True)
-
- network_offering_egress_true.update(self.apiclient, state='Enabled')
-
- self.logger.debug("Creating Network with Network Offering ID %s" % network_offering_egress_true.id)
- network = Network.create(self.apiclient,
- self.services["network"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- networkofferingid=network_offering_egress_true.id,
- zoneid=self.zone.id)
-
- self.logger.debug("Deploying Virtual Machine on Network %s" % network.id)
- virtual_machine = VirtualMachine.create(self.apiclient,
- self.services["virtual_machine"],
- templateid=self.template.id,
- accountid=self.account.name,
- domainid=self.domain.id,
- serviceofferingid=self.service_offering.id,
- networkids=[str(network.id)])
-
- self.logger.debug("Deployed VM in network: %s" % network.id)
-
- self.cleanup.insert(0, network_offering_egress_true)
- self.cleanup.insert(0, network)
- self.cleanup.insert(0, virtual_machine)
-
- self.logger.debug("Starting test_isolate_network_FW_PF_default_routes...")
- routers = list_routers(
- self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid
- )
-
- self.assertEqual(
- isinstance(routers, list),
- True,
- "Check for list routers response return valid data"
- )
-
- self.assertNotEqual(
- len(routers),
- 0,
- "Check list router response"
- )
-
- router = routers[0]
-
- self.assertEqual(
- router.state,
- 'Running',
- "Check list router response for router state"
- )
-
- public_ips = list_publicIP(
- self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid,
- zoneid=self.zone.id
- )
-
- self.assertEqual(
- isinstance(public_ips, list),
- True,
- "Check for list public IPs response return valid data"
- )
-
- public_ip = public_ips[0]
-
- self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
- FireWallRule.create(
- self.apiclient,
- ipaddressid=public_ip.id,
- protocol=self.services["natrule"]["protocol"],
- cidrlist=['0.0.0.0/0'],
- startport=self.services["natrule"]["publicport"],
- endport=self.services["natrule"]["publicport"]
- )
-
- self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
- # Create NAT rule
- nat_rule = NATRule.create(
- self.apiclient,
- virtual_machine,
- self.services["natrule"],
- public_ip.id
- )
-
- nat_rules = list_nat_rules(
- self.apiclient,
- id=nat_rule.id
- )
- self.assertEqual(
- isinstance(nat_rules, list),
- True,
- "Check for list NAT rules response return valid data"
- )
- self.assertEqual(
- nat_rules[0].state,
- 'Active',
- "Check list port forwarding rules"
- )
-
- # Test SSH after closing port 22
- expected = 1
- ssh_command = "ping -c 3 8.8.8.8"
- check_string = "3 packets received"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Ping to outside world from VM should be successful!"
- )
-
- expected = 1
- ssh_command = "wget -t 1 -T 5 www.google.com"
- check_string = "HTTP request sent, awaiting response... 200 OK"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Attempt to retrieve google.com index page should be successful!"
- )
-
- EgressFireWallRule.create(
- self.apiclient,
- networkid=network.id,
- protocol=self.services["egress_80"]["protocol"],
- startport=self.services["egress_80"]["startport"],
- endport=self.services["egress_80"]["endport"],
- cidrlist=self.services["egress_80"]["cidrlist"]
- )
-
- expected = 0
- ssh_command = "wget -t 1 -T 1 www.google.com"
- check_string = "HTTP request sent, awaiting response... 200 OK"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Attempt to retrieve google.com index page should NOT be successful once rule is added!"
- )
-
- return
-
- @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
- def test_02_isolate_network_FW_PF_default_routes_egress_false(self):
- """ Test redundant router internals """
- self.logger.debug("Starting test_02_isolate_network_FW_PF_default_routes_egress_false...")
-
- self.logger.debug("Creating Network Offering with default egress FALSE")
- network_offering_egress_false = NetworkOffering.create(self.apiclient,
- self.services["network_offering_egress_false"],
- conservemode=True)
-
- network_offering_egress_false.update(self.apiclient, state='Enabled')
-
- self.logger.debug("Creating Network with Network Offering ID %s" % network_offering_egress_false.id)
- network = Network.create(self.apiclient,
- self.services["network"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- networkofferingid=network_offering_egress_false.id,
- zoneid=self.zone.id)
-
- self.logger.debug("Deploying Virtual Machine on Network %s" % network.id)
- virtual_machine = VirtualMachine.create(self.apiclient,
- self.services["virtual_machine"],
- templateid=self.template.id,
- accountid=self.account.name,
- domainid=self.domain.id,
- serviceofferingid=self.service_offering.id,
- networkids=[str(network.id)])
-
- self.logger.debug("Deployed VM in network: %s" % network.id)
-
- self.cleanup.insert(0, network_offering_egress_false)
- self.cleanup.insert(0, network)
- self.cleanup.insert(0, virtual_machine)
-
- self.logger.debug("Starting test_isolate_network_FW_PF_default_routes...")
- routers = list_routers(
- self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid
- )
-
- self.assertEqual(
- isinstance(routers, list),
- True,
- "Check for list routers response return valid data"
- )
-
- self.assertNotEqual(
- len(routers),
- 0,
- "Check list router response"
- )
-
- router = routers[0]
-
- self.assertEqual(
- router.state,
- 'Running',
- "Check list router response for router state"
- )
-
- public_ips = list_publicIP(
- self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid,
- zoneid=self.zone.id
- )
-
- self.assertEqual(
- isinstance(public_ips, list),
- True,
- "Check for list public IPs response return valid data"
- )
-
- public_ip = public_ips[0]
-
- self.logger.debug("Creating Firewall rule for VM ID: %s" % virtual_machine.id)
- FireWallRule.create(
- self.apiclient,
- ipaddressid=public_ip.id,
- protocol=self.services["natrule"]["protocol"],
- cidrlist=['0.0.0.0/0'],
- startport=self.services["natrule"]["publicport"],
- endport=self.services["natrule"]["publicport"]
- )
-
- self.logger.debug("Creating NAT rule for VM ID: %s" % virtual_machine.id)
- # Create NAT rule
- nat_rule = NATRule.create(
- self.apiclient,
- virtual_machine,
- self.services["natrule"],
- public_ip.id
- )
-
- nat_rules = list_nat_rules(
- self.apiclient,
- id=nat_rule.id
- )
- self.assertEqual(
- isinstance(nat_rules, list),
- True,
- "Check for list NAT rules response return valid data"
- )
- self.assertEqual(
- nat_rules[0].state,
- 'Active',
- "Check list port forwarding rules"
- )
-
- expected = 0
- ssh_command = "ping -c 3 8.8.8.8"
- check_string = "3 packets received"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Ping to outside world from VM should NOT be successful"
- )
-
- expected = 0
- ssh_command = "wget -t 1 -T 1 www.google.com"
- check_string = "HTTP request sent, awaiting response... 200 OK"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Attempt to retrieve google.com index page should NOT be successful"
- )
-
- EgressFireWallRule.create(
- self.apiclient,
- networkid=network.id,
- protocol=self.services["egress_80"]["protocol"],
- startport=self.services["egress_80"]["startport"],
- endport=self.services["egress_80"]["endport"],
- cidrlist=self.services["egress_80"]["cidrlist"]
- )
-
- expected = 1
- ssh_command = "wget -t 1 -T 5 www.google.com"
- check_string = "HTTP request sent, awaiting response... 200 OK"
- result = check_router_command(virtual_machine, nat_rule.ipaddress, ssh_command, check_string, self)
-
- self.assertEqual(
- result,
- expected,
- "Attempt to retrieve google.com index page should be successful once rule is added!"
- )
-
- return
[2/4] git commit: updated refs/heads/master to 7043958
Posted by da...@apache.org.
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/component/test_vpc_redundant.py
----------------------------------------------------------------------
diff --git a/test/integration/component/test_vpc_redundant.py b/test/integration/component/test_vpc_redundant.py
deleted file mode 100644
index 9bdf6c9..0000000
--- a/test/integration/component/test_vpc_redundant.py
+++ /dev/null
@@ -1,669 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-""" Test redundancy features for VPC routers
-"""
-
-from nose.plugins.attrib import attr
-from marvin.cloudstackTestCase import cloudstackTestCase
-from marvin.lib.base import (stopRouter,
- startRouter,
- destroyRouter,
- rebootRouter,
- Account,
- VpcOffering,
- VPC,
- ServiceOffering,
- NATRule,
- NetworkACL,
- PublicIPAddress,
- NetworkOffering,
- Network,
- VirtualMachine,
- LoadBalancerRule)
-from marvin.lib.common import (get_domain,
- get_zone,
- get_template,
- list_routers,
- list_hosts)
-from marvin.lib.utils import (cleanup_resources,
- get_process_status,
- get_host_credentials)
-import socket
-import time
-import inspect
-import logging
-
-class Services:
- """Test VPC network services - Port Forwarding Rules Test Data Class.
- """
-
- def __init__(self):
- self.services = {
- "account": {
- "email": "test@test.com",
- "firstname": "Test",
- "lastname": "User",
- "username": "test",
- # Random characters are appended for unique
- # username
- "password": "password",
- },
- "host1": None,
- "host2": None,
- "service_offering": {
- "name": "Tiny Instance",
- "displaytext": "Tiny Instance",
- "cpunumber": 1,
- "cpuspeed": 100,
- "memory": 128,
- },
- "network_offering": {
- "name": 'VPC Network offering',
- "displaytext": 'VPC Network off',
- "guestiptype": 'Isolated',
- "supportedservices": 'Vpn,Dhcp,Dns,SourceNat,PortForwarding,Lb,UserData,StaticNat,NetworkACL',
- "traffictype": 'GUEST',
- "availability": 'Optional',
- "useVpc": 'on',
- "serviceProviderList": {
- "Vpn": 'VpcVirtualRouter',
- "Dhcp": 'VpcVirtualRouter',
- "Dns": 'VpcVirtualRouter',
- "SourceNat": 'VpcVirtualRouter',
- "PortForwarding": 'VpcVirtualRouter',
- "Lb": 'VpcVirtualRouter',
- "UserData": 'VpcVirtualRouter',
- "StaticNat": 'VpcVirtualRouter',
- "NetworkACL": 'VpcVirtualRouter'
- },
- },
- "network_offering_no_lb": {
- "name": 'VPC Network offering',
- "displaytext": 'VPC Network off',
- "guestiptype": 'Isolated',
- "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,UserData,StaticNat,NetworkACL',
- "traffictype": 'GUEST',
- "availability": 'Optional',
- "useVpc": 'on',
- "serviceProviderList": {
- "Dhcp": 'VpcVirtualRouter',
- "Dns": 'VpcVirtualRouter',
- "SourceNat": 'VpcVirtualRouter',
- "PortForwarding": 'VpcVirtualRouter',
- "UserData": 'VpcVirtualRouter',
- "StaticNat": 'VpcVirtualRouter',
- "NetworkACL": 'VpcVirtualRouter'
- },
- },
- "vpc_offering": {
- "name": 'Redundant VPC off',
- "displaytext": 'Redundant VPC off',
- "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
- "serviceProviderList": {
- "Vpn": 'VpcVirtualRouter',
- "Dhcp": 'VpcVirtualRouter',
- "Dns": 'VpcVirtualRouter',
- "SourceNat": 'VpcVirtualRouter',
- "PortForwarding": 'VpcVirtualRouter',
- "Lb": 'VpcVirtualRouter',
- "UserData": 'VpcVirtualRouter',
- "StaticNat": 'VpcVirtualRouter',
- "NetworkACL": 'VpcVirtualRouter'
- },
- "serviceCapabilityList": {
- "SourceNat": {
- "RedundantRouter": 'true'
- }
- },
- },
- "vpc": {
- "name": "TestVPC",
- "displaytext": "TestVPC",
- "cidr": '10.0.0.1/24'
- },
- "network": {
- "name": "Test Network",
- "displaytext": "Test Network",
- "netmask": '255.255.255.0'
- },
- "lbrule": {
- "name": "SSH",
- "alg": "leastconn",
- # Algorithm used for load balancing
- "privateport": 22,
- "publicport": 2222,
- "openfirewall": False,
- "startport": 22,
- "endport": 2222,
- "protocol": "TCP",
- "cidrlist": '0.0.0.0/0',
- },
- "lbrule_http": {
- "name": "HTTP",
- "alg": "leastconn",
- # Algorithm used for load balancing
- "privateport": 80,
- "publicport": 8888,
- "openfirewall": False,
- "startport": 80,
- "endport": 8888,
- "protocol": "TCP",
- "cidrlist": '0.0.0.0/0',
- },
- "natrule": {
- "privateport": 22,
- "publicport": 22,
- "startport": 22,
- "endport": 22,
- "protocol": "TCP",
- "cidrlist": '0.0.0.0/0',
- },
- "http_rule": {
- "privateport": 80,
- "publicport": 80,
- "startport": 80,
- "endport": 80,
- "cidrlist": '0.0.0.0/0',
- "protocol": "TCP"
- },
- "virtual_machine": {
- "displayname": "Test VM",
- "username": "root",
- "password": "password",
- "ssh_port": 22,
- "privateport": 22,
- "publicport": 22,
- "protocol": 'TCP',
- },
- "ostype": 'CentOS 5.3 (64-bit)',
- "timeout": 10,
- }
-
-
-class TestVPCRedundancy(cloudstackTestCase):
-
- @classmethod
- def setUpClass(cls):
- # We want to fail quicker if it's failure
- socket.setdefaulttimeout(60)
-
- cls.testClient = super(TestVPCRedundancy, cls).getClsTestClient()
- cls.api_client = cls.testClient.getApiClient()
-
- cls.services = Services().services
- # Get Zone, Domain and templates
- cls.domain = get_domain(cls.api_client)
- cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
- cls.template = get_template(
- cls.api_client,
- cls.zone.id,
- cls.services["ostype"])
- cls.services["virtual_machine"]["zoneid"] = cls.zone.id
- cls.services["virtual_machine"]["template"] = cls.template.id
-
- cls.service_offering = ServiceOffering.create(
- cls.api_client,
- cls.services["service_offering"])
- cls._cleanup = [cls.service_offering]
-
- cls.logger = logging.getLogger('TestVPCRedundancy')
- cls.stream_handler = logging.StreamHandler()
- cls.logger.setLevel(logging.DEBUG)
- cls.logger.addHandler(cls.stream_handler)
-
- return
-
- @classmethod
- def tearDownClass(cls):
- try:
- cleanup_resources(cls.api_client, cls._cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def setUp(self):
- self.routers = []
- self.networks = []
- self.ips = []
-
- self.apiclient = self.testClient.getApiClient()
- self.hypervisor = self.testClient.getHypervisorInfo()
-
- self.account = Account.create(
- self.apiclient,
- self.services["account"],
- admin=True,
- domainid=self.domain.id)
-
- self.logger.debug("Creating a VPC offering..")
- self.vpc_off = VpcOffering.create(
- self.apiclient,
- self.services["vpc_offering"])
-
- self.logger.debug("Enabling the VPC offering created")
- self.vpc_off.update(self.apiclient, state='Enabled')
-
- self.logger.debug("Creating a VPC network in the account: %s" % self.account.name)
- self.services["vpc"]["cidr"] = '10.1.1.1/16'
- self.vpc = VPC.create(
- self.apiclient,
- self.services["vpc"],
- vpcofferingid=self.vpc_off.id,
- zoneid=self.zone.id,
- account=self.account.name,
- domainid=self.account.domainid)
-
- self.cleanup = [self.vpc, self.vpc_off, self.account]
- return
-
- def tearDown(self):
- try:
- #Stop/Destroy the routers so we are able to remove the networks. Issue CLOUDSTACK-8935
- self.destroy_routers()
- cleanup_resources(self.api_client, self.cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def query_routers(self, count=2, showall=False):
- self.routers = list_routers(self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid,
- )
- if not showall:
- self.routers = [r for r in self.routers if r.state != "Stopped"]
- self.assertEqual(
- isinstance(self.routers, list), True,
- "Check for list routers response return valid data")
-
- self.assertEqual(
- len(self.routers), count,
- "Check that %s routers were indeed created" % count)
-
- def check_master_status(self,count=2, showall=False):
- vals = ["MASTER", "BACKUP", "UNKNOWN"]
- cnts = [0, 0, 0]
-
- result = "UNKNOWN"
- self.query_routers(count, showall)
- for router in self.routers:
- if router.state == "Running":
- hosts = list_hosts(
- self.apiclient,
- zoneid=router.zoneid,
- type='Routing',
- state='Up',
- id=router.hostid
- )
- self.assertEqual(
- isinstance(hosts, list),
- True,
- "Check list host returns a valid list"
- )
- host = hosts[0]
-
- if self.hypervisor.lower() in ('vmware', 'hyperv'):
- result = str(get_process_status(
- self.apiclient.connection.mgtSvr,
- 22,
- self.apiclient.connection.user,
- self.apiclient.connection.passwd,
- router.linklocalip,
- "sh /opt/cloud/bin/checkrouter.sh ",
- hypervisor=self.hypervisor
- ))
- else:
- try:
- host.user, host.passwd = get_host_credentials(
- self.config, host.ipaddress)
- result = str(get_process_status(
- host.ipaddress,
- 22,
- host.user,
- host.passwd,
- router.linklocalip,
- "sh /opt/cloud/bin/checkrouter.sh "
- ))
-
- except KeyError:
- self.skipTest(
- "Marvin configuration has no host credentials to\
- check router services")
-
- if result.count(vals[0]) == 1:
- cnts[vals.index(vals[0])] += 1
-
- if cnts[vals.index('MASTER')] != 1:
- self.fail("No Master or too many master routers found %s" % cnts[vals.index('MASTER')])
-
- def stop_router(self, router):
- self.logger.debug('Stopping router %s' % router.id)
- cmd = stopRouter.stopRouterCmd()
- cmd.id = router.id
- self.apiclient.stopRouter(cmd)
-
- def reboot_router(self, router):
- self.logger.debug('Rebooting router %s' % router.id)
- cmd = rebootRouter.rebootRouterCmd()
- cmd.id = router.id
- self.apiclient.rebootRouter(cmd)
-
- def stop_router_by_type(self, type):
- self.check_master_status(2)
- self.logger.debug('Stopping %s router' % type)
- for router in self.routers:
- if router.redundantstate == type:
- self.stop_router(router)
-
- def reboot_router_by_type(self, type):
- self.check_master_status(2)
- self.logger.debug('Rebooting %s router' % type)
- for router in self.routers:
- if router.redundantstate == type:
- self.reboot_router(router)
-
- def destroy_routers(self):
- self.logger.debug('Destroying routers')
- for router in self.routers:
- self.stop_router(router)
- cmd = destroyRouter.destroyRouterCmd()
- cmd.id = router.id
- self.apiclient.destroyRouter(cmd)
- self.routers = []
-
- def start_routers(self):
- self.check_master_status(2, showall=True)
- self.logger.debug('Starting stopped routers')
- for router in self.routers:
- self.logger.debug('Router %s has state %s' % (router.id, router.state))
- if router.state == "Stopped":
- self.logger.debug('Starting stopped router %s' % router.id)
- cmd = startRouter.startRouterCmd()
- cmd.id = router.id
- self.apiclient.startRouter(cmd)
-
- def create_network(self, net_offerring, gateway='10.1.1.1', vpc=None):
- try:
- self.logger.debug('Create NetworkOffering')
- net_offerring["name"] = "NET_OFF-" + str(gateway)
- nw_off = NetworkOffering.create(
- self.apiclient,
- net_offerring,
- conservemode=False)
-
- nw_off.update(self.apiclient, state='Enabled')
-
- self.logger.debug('Created and Enabled NetworkOffering')
-
- self.services["network"]["name"] = "NETWORK-" + str(gateway)
- self.logger.debug('Adding Network=%s' % self.services["network"])
- obj_network = Network.create(
- self.apiclient,
- self.services["network"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- networkofferingid=nw_off.id,
- zoneid=self.zone.id,
- gateway=gateway,
- vpcid=vpc.id if vpc else self.vpc.id
- )
-
- self.logger.debug("Created network with ID: %s" % obj_network.id)
- except Exception, e:
- self.fail('Unable to create a Network with offering=%s because of %s ' % (net_offerring, e))
- o = networkO(obj_network)
-
- vm1 = self.deployvm_in_network(obj_network)
- vm2 = self.deployvm_in_network(obj_network)
- self.cleanup.insert(2, obj_network)
- self.cleanup.insert(3, nw_off)
-
- o.add_vm(vm1)
- o.add_vm(vm2)
- return o
-
- def deployvm_in_network(self, network, host_id=None):
- try:
- self.logger.debug('Creating VM in network=%s' % network.name)
- vm = VirtualMachine.create(
- self.apiclient,
- self.services["virtual_machine"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id,
- networkids=[str(network.id)],
- hostid=host_id
- )
-
- self.logger.debug('Created VM=%s in network=%s' % (vm.id, network.name))
- self.cleanup.insert(0, vm)
- return vm
- except:
- self.fail('Unable to create VM in a Network=%s' % network.name)
-
- def acquire_publicip(self, network):
- self.logger.debug("Associating public IP for network: %s" % network.name)
- public_ip = PublicIPAddress.create(
- self.apiclient,
- accountid=self.account.name,
- zoneid=self.zone.id,
- domainid=self.account.domainid,
- networkid=network.id,
- vpcid=self.vpc.id
- )
- self.logger.debug("Associated %s with network %s" % (
- public_ip.ipaddress.ipaddress,
- network.id
- ))
- return public_ip
-
- def create_natrule(self, vm, public_ip, network, services=None):
- self.logger.debug("Creating NAT rule in network for vm with public IP")
- if not services:
- services = self.services["natrule"]
- nat_rule = NATRule.create(
- self.apiclient,
- vm,
- services,
- ipaddressid=public_ip.ipaddress.id,
- openfirewall=False,
- networkid=network.id,
- vpcid=self.vpc.id)
-
- self.logger.debug("Adding NetworkACL rules to make NAT rule accessible")
- nwacl_nat = NetworkACL.create(
- self.apiclient,
- networkid=network.id,
- services=services,
- traffictype='Ingress'
- )
- self.logger.debug('nwacl_nat=%s' % nwacl_nat.__dict__)
-
- return nat_rule
-
- def check_ssh_into_vm(self, vm, public_ip, expectFail=False, retries=5):
- self.logger.debug("Checking if we can SSH into VM=%s on public_ip=%s (%r)" %
- (vm.name, public_ip.ipaddress.ipaddress, expectFail))
- vm.ssh_client = None
- try:
- if 'retries' in inspect.getargspec(vm.get_ssh_client).args:
- vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress, retries=retries)
- else:
- vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
- if expectFail:
- self.fail("SSH into VM=%s on public_ip=%s is successful (Not Expected)" %
- (vm.name, public_ip.ipaddress.ipaddress))
- else:
- self.logger.debug("SSH into VM=%s on public_ip=%s is successful" %
- (vm.name, public_ip.ipaddress.ipaddress))
- except:
- if expectFail:
- self.logger.debug("Failed to SSH into VM - %s (Expected)" % (public_ip.ipaddress.ipaddress))
- else:
- self.fail("Failed to SSH into VM - %s" % (public_ip.ipaddress.ipaddress))
-
- @attr(tags=["advanced", "intervlan"], required_hardware="true")
- def test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL(self):
- """ Create a redundant VPC with two networks with two VMs in each network """
- self.logger.debug("Starting test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL")
- self.query_routers()
- self.networks.append(self.create_network(self.services["network_offering"], "10.1.1.1"))
- self.networks.append(self.create_network(self.services["network_offering_no_lb"], "10.1.2.1"))
- self.check_master_status(2)
- self.add_nat_rules()
- self.do_vpc_test(False)
-
- self.stop_router_by_type("MASTER")
- self.check_master_status(1)
- self.do_vpc_test(False)
-
- self.delete_nat_rules()
- self.check_master_status(1)
- self.do_vpc_test(True)
- self.delete_public_ip()
-
- self.start_routers()
- self.add_nat_rules()
- self.check_master_status(2)
- self.do_vpc_test(False)
-
- @attr(tags=["advanced", "intervlan"], required_hardware="true")
- def test_02_redundant_VPC_default_routes(self):
- """ Create a redundant VPC with two networks with two VMs in each network and check default routes"""
- self.logger.debug("Starting test_02_redundant_VPC_default_routes")
- self.query_routers()
- self.networks.append(self.create_network(self.services["network_offering"], "10.1.1.1"))
- self.networks.append(self.create_network(self.services["network_offering_no_lb"], "10.1.2.1"))
- self.check_master_status(2)
- self.add_nat_rules()
- self.do_default_routes_test()
-
- @attr(tags=["advanced", "intervlan"], required_hardware="true")
- def test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers(self):
- """ Create a redundant VPC with two networks with two VMs in each network """
- self.logger.debug("Starting test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL")
- self.query_routers()
- self.networks.append(self.create_network(self.services["network_offering"], "10.1.1.1"))
- self.check_master_status(2)
- self.add_nat_rules()
- self.do_vpc_test(False)
-
- self.reboot_router_by_type("MASTER")
- self.check_master_status(2)
- self.do_vpc_test(False)
-
- self.reboot_router_by_type("MASTER")
- self.check_master_status(2)
- self.do_vpc_test(False)
-
- def delete_nat_rules(self):
- for o in self.networks:
- for vm in o.get_vms():
- if vm.get_nat() is not None:
- vm.get_nat().delete(self.apiclient)
- vm.set_nat(None)
-
- def delete_public_ip(self):
- for o in self.networks:
- for vm in o.get_vms():
- if vm.get_ip() is not None:
- vm.get_ip().delete(self.apiclient)
- vm.set_ip(None)
- vm.set_nat(None)
-
- def add_nat_rules(self):
- for o in self.networks:
- for vm in o.get_vms():
- if vm.get_ip() is None:
- vm.set_ip(self.acquire_publicip(o.get_net()))
- if vm.get_nat() is None:
- vm.set_nat(self.create_natrule(vm.get_vm(), vm.get_ip(), o.get_net()))
-
- def do_vpc_test(self, expectFail):
- retries = 5
- if expectFail:
- retries = 2
- for o in self.networks:
- for vm in o.get_vms():
- self.check_ssh_into_vm(vm.get_vm(), vm.get_ip(), expectFail=expectFail, retries=retries)
-
- def do_default_routes_test(self):
- for o in self.networks:
- for vmObj in o.get_vms():
- ssh_command = "ping -c 3 8.8.8.8"
-
- # Should be able to SSH VM
- result = 'failed'
- try:
- vm = vmObj.get_vm()
- public_ip = vmObj.get_ip()
- self.logger.debug("SSH into VM: %s" % public_ip.ipaddress.ipaddress)
-
- ssh = vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
-
- self.logger.debug("Ping to google.com from VM")
- result = str(ssh.execute(ssh_command))
-
- self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 packets received")))
- except Exception as e:
- self.fail("SSH Access failed for %s: %s" % \
- (vmObj.get_ip(), e)
- )
-
- self.assertEqual(
- result.count("3 packets received"),
- 1,
- "Ping to outside world from VM should be successful"
- )
-
-
-class networkO(object):
- def __init__(self, net):
- self.network = net
- self.vms = []
-
- def get_net(self):
- return self.network
-
- def add_vm(self, vm):
- self.vms.append(vmsO(vm))
-
- def get_vms(self):
- return self.vms
-
-
-class vmsO(object):
- def __init__(self, vm):
- self.vm = vm
- self.ip = None
- self.nat = None
-
- def get_vm(self):
- return self.vm
-
- def get_ip(self):
- return self.ip
-
- def get_nat(self):
- return self.nat
-
- def set_ip(self, ip):
- self.ip = ip
-
- def set_nat(self, nat):
- self.nat = nat
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/component/test_vpc_router_nics.py
----------------------------------------------------------------------
diff --git a/test/integration/component/test_vpc_router_nics.py b/test/integration/component/test_vpc_router_nics.py
deleted file mode 100644
index cb0734d..0000000
--- a/test/integration/component/test_vpc_router_nics.py
+++ /dev/null
@@ -1,514 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-""" Test VPC nics after router is destroyed """
-
-from nose.plugins.attrib import attr
-from marvin.cloudstackTestCase import cloudstackTestCase
-from marvin.lib.base import (stopRouter,
- startRouter,
- destroyRouter,
- Account,
- VpcOffering,
- VPC,
- ServiceOffering,
- NATRule,
- NetworkACL,
- PublicIPAddress,
- NetworkOffering,
- Network,
- VirtualMachine,
- LoadBalancerRule)
-from marvin.lib.common import (get_domain,
- get_zone,
- get_template,
- list_routers)
-from marvin.lib.utils import cleanup_resources
-import socket
-import time
-import inspect
-import logging
-
-class Services:
- """Test VPC network services - Port Forwarding Rules Test Data Class.
- """
-
- def __init__(self):
- self.services = {
- "account": {
- "email": "test@test.com",
- "firstname": "Test",
- "lastname": "User",
- "username": "test",
- # Random characters are appended for unique
- # username
- "password": "password",
- },
- "service_offering": {
- "name": "Tiny Instance",
- "displaytext": "Tiny Instance",
- "cpunumber": 1,
- "cpuspeed": 100,
- "memory": 128,
- },
- "network_offering": {
- "name": 'VPC Network offering',
- "displaytext": 'VPC Network off',
- "guestiptype": 'Isolated',
- "supportedservices": 'Vpn,Dhcp,Dns,SourceNat,PortForwarding,Lb,UserData,StaticNat,NetworkACL',
- "traffictype": 'GUEST',
- "availability": 'Optional',
- "useVpc": 'on',
- "serviceProviderList": {
- "Vpn": 'VpcVirtualRouter',
- "Dhcp": 'VpcVirtualRouter',
- "Dns": 'VpcVirtualRouter',
- "SourceNat": 'VpcVirtualRouter',
- "PortForwarding": 'VpcVirtualRouter',
- "Lb": 'VpcVirtualRouter',
- "UserData": 'VpcVirtualRouter',
- "StaticNat": 'VpcVirtualRouter',
- "NetworkACL": 'VpcVirtualRouter'
- },
- },
- "network_offering_no_lb": {
- "name": 'VPC Network offering',
- "displaytext": 'VPC Network off',
- "guestiptype": 'Isolated',
- "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,UserData,StaticNat,NetworkACL',
- "traffictype": 'GUEST',
- "availability": 'Optional',
- "useVpc": 'on',
- "serviceProviderList": {
- "Dhcp": 'VpcVirtualRouter',
- "Dns": 'VpcVirtualRouter',
- "SourceNat": 'VpcVirtualRouter',
- "PortForwarding": 'VpcVirtualRouter',
- "UserData": 'VpcVirtualRouter',
- "StaticNat": 'VpcVirtualRouter',
- "NetworkACL": 'VpcVirtualRouter'
- },
- },
- "vpc_offering": {
- "name": 'VPC off',
- "displaytext": 'VPC off',
- "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
- },
- "vpc": {
- "name": "TestVPC",
- "displaytext": "TestVPC",
- "cidr": '10.0.0.1/24'
- },
- "network": {
- "name": "Test Network",
- "displaytext": "Test Network",
- "netmask": '255.255.255.0'
- },
- "lbrule": {
- "name": "SSH",
- "alg": "leastconn",
- # Algorithm used for load balancing
- "privateport": 22,
- "publicport": 2222,
- "openfirewall": False,
- "startport": 22,
- "endport": 2222,
- "protocol": "TCP",
- "cidrlist": '0.0.0.0/0',
- },
- "lbrule_http": {
- "name": "HTTP",
- "alg": "leastconn",
- # Algorithm used for load balancing
- "privateport": 80,
- "publicport": 8888,
- "openfirewall": False,
- "startport": 80,
- "endport": 8888,
- "protocol": "TCP",
- "cidrlist": '0.0.0.0/0',
- },
- "natrule": {
- "privateport": 22,
- "publicport": 22,
- "startport": 22,
- "endport": 22,
- "protocol": "TCP",
- "cidrlist": '0.0.0.0/0',
- },
- "http_rule": {
- "privateport": 80,
- "publicport": 80,
- "startport": 80,
- "endport": 80,
- "cidrlist": '0.0.0.0/0',
- "protocol": "TCP"
- },
- "virtual_machine": {
- "displayname": "Test VM",
- "username": "root",
- "password": "password",
- "ssh_port": 22,
- "privateport": 22,
- "publicport": 22,
- "protocol": 'TCP',
- },
- "ostype": 'CentOS 5.3 (64-bit)',
- "timeout": 10,
- }
-
-
-class TestVPCNics(cloudstackTestCase):
-
- @classmethod
- def setUpClass(cls):
- # We want to fail quicker if it's failure
- socket.setdefaulttimeout(60)
-
- cls.testClient = super(TestVPCNics, cls).getClsTestClient()
- cls.api_client = cls.testClient.getApiClient()
-
- cls.services = Services().services
- # Get Zone, Domain and templates
- cls.domain = get_domain(cls.api_client)
- cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
- cls.template = get_template(
- cls.api_client,
- cls.zone.id,
- cls.services["ostype"])
- cls.services["virtual_machine"]["zoneid"] = cls.zone.id
- cls.services["virtual_machine"]["template"] = cls.template.id
-
- cls.service_offering = ServiceOffering.create(
- cls.api_client,
- cls.services["service_offering"])
- cls._cleanup = [cls.service_offering]
-
- cls.logger = logging.getLogger('TestVPCNics')
- cls.stream_handler = logging.StreamHandler()
- cls.logger.setLevel(logging.DEBUG)
- cls.logger.addHandler(cls.stream_handler)
-
- return
-
- @classmethod
- def tearDownClass(cls):
- try:
- cleanup_resources(cls.api_client, cls._cleanup)
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- def setUp(self):
- self.routers = []
- self.networks = []
- self.ips = []
- self.apiclient = self.testClient.getApiClient()
- self.account = Account.create(
- self.apiclient,
- self.services["account"],
- admin=True,
- domainid=self.domain.id)
-
- self.logger.debug("Creating a VPC offering..")
- self.vpc_off = VpcOffering.create(
- self.apiclient,
- self.services["vpc_offering"])
-
- self.logger.debug("Enabling the VPC offering created")
- self.vpc_off.update(self.apiclient, state='Enabled')
-
- self.logger.debug("Creating a VPC network in the account: %s" % self.account.name)
- self.services["vpc"]["cidr"] = '10.1.1.1/16'
- self.vpc = VPC.create(
- self.apiclient,
- self.services["vpc"],
- vpcofferingid=self.vpc_off.id,
- zoneid=self.zone.id,
- account=self.account.name,
- domainid=self.account.domainid)
-
- self.cleanup = [self.vpc, self.vpc_off, self.account]
- return
-
- def tearDown(self):
- try:
- self.destroy_routers()
- cleanup_resources(self.apiclient, self.cleanup)
- except Exception as e:
- self.logger.debug("Warning: Exception during cleanup : %s" % e)
- return
-
- def query_routers(self):
- self.routers = list_routers(self.apiclient,
- account=self.account.name,
- domainid=self.account.domainid,
- )
-
- self.assertEqual(
- isinstance(self.routers, list), True,
- "Check for list routers response return valid data")
-
- def stop_router(self, router):
- self.logger.debug('Stopping router')
- cmd = stopRouter.stopRouterCmd()
- cmd.id = router.id
- self.apiclient.stopRouter(cmd)
-
- def destroy_routers(self):
- self.logger.debug('Destroying routers')
- for router in self.routers:
- self.stop_router(router)
- cmd = destroyRouter.destroyRouterCmd()
- cmd.id = router.id
- self.apiclient.destroyRouter(cmd)
- self.routers = []
-
- def create_network(self, net_offerring, gateway='10.1.1.1', vpc=None):
- try:
- self.logger.debug('Create NetworkOffering')
- net_offerring["name"] = "NET_OFF-" + str(gateway)
- nw_off = NetworkOffering.create(
- self.apiclient,
- net_offerring,
- conservemode=False)
-
- nw_off.update(self.apiclient, state='Enabled')
- self.logger.debug('Created and Enabled NetworkOffering')
-
- self.services["network"]["name"] = "NETWORK-" + str(gateway)
- self.logger.debug('Adding Network=%s' % self.services["network"])
- obj_network = Network.create(
- self.apiclient,
- self.services["network"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- networkofferingid=nw_off.id,
- zoneid=self.zone.id,
- gateway=gateway,
- vpcid=vpc.id if vpc else self.vpc.id
- )
-
-
- self.logger.debug("Created network with ID: %s" % obj_network.id)
- except Exception, e:
- self.fail('Unable to create a Network with offering=%s because of %s ' % (net_offerring, e))
- o = networkO(obj_network)
-
- vm1 = self.deployvm_in_network(obj_network)
-
- self.cleanup.insert(1, obj_network)
- self.cleanup.insert(2, nw_off)
-
- o.add_vm(vm1)
- return o
-
- def deployvm_in_network(self, network):
- try:
- self.logger.debug('Creating VM in network=%s' % network.name)
- vm = VirtualMachine.create(
- self.apiclient,
- self.services["virtual_machine"],
- accountid=self.account.name,
- domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id,
- networkids=[str(network.id)]
- )
-
- self.logger.debug('Created VM=%s in network=%s' % (vm.id, network.name))
- self.cleanup.insert(0, vm)
- return vm
- except:
- self.fail('Unable to create VM in a Network=%s' % network.name)
-
- def acquire_publicip(self, network):
- self.logger.debug("Associating public IP for network: %s" % network.name)
- public_ip = PublicIPAddress.create(
- self.apiclient,
- accountid=self.account.name,
- zoneid=self.zone.id,
- domainid=self.account.domainid,
- networkid=network.id,
- vpcid=self.vpc.id
- )
- self.logger.debug("Associated %s with network %s" % (
- public_ip.ipaddress.ipaddress,
- network.id
- ))
- return public_ip
-
- def create_natrule(self, vm, public_ip, network, services=None):
- self.logger.debug("Creating NAT rule in network for vm with public IP")
- if not services:
- services = self.services["natrule"]
- nat_rule = NATRule.create(
- self.apiclient,
- vm,
- services,
- ipaddressid=public_ip.ipaddress.id,
- openfirewall=False,
- networkid=network.id,
- vpcid=self.vpc.id)
-
- self.logger.debug("Adding NetworkACL rules to make NAT rule accessible")
- nwacl_nat = NetworkACL.create(
- self.apiclient,
- networkid=network.id,
- services=services,
- traffictype='Ingress'
- )
- self.logger.debug('nwacl_nat=%s' % nwacl_nat.__dict__)
- return nat_rule
-
- @attr(tags=["advanced", "intervlan"], required_hardware="true")
- def test_01_VPC_nics_after_destroy(self):
- """ Create a VPC with two networks with one VM in each network and test nics after destroy"""
- self.logger.debug("Starting test_01_VPC_nics_after_destroy")
- self.query_routers()
-
- net1 = self.create_network(self.services["network_offering"], "10.1.1.1")
- net2 = self.create_network(self.services["network_offering_no_lb"], "10.1.2.1")
-
- self.networks.append(net1)
- self.networks.append(net2)
-
- self.add_nat_rules()
- self.check_ssh_into_vm()
-
- self.destroy_routers()
- time.sleep(30)
-
- net1.add_vm(self.deployvm_in_network(net1.get_net()))
- self.query_routers()
-
- self.add_nat_rules()
- self.check_ssh_into_vm()
-
- @attr(tags=["advanced", "intervlan"], required_hardware="true")
- def test_02_VPC_default_routes(self):
- """ Create a VPC with two networks with one VM in each network and test default routes"""
- self.logger.debug("Starting test_02_VPC_default_routes")
- self.query_routers()
-
- net1 = self.create_network(self.services["network_offering"], "10.1.1.1")
- net2 = self.create_network(self.services["network_offering_no_lb"], "10.1.2.1")
-
- self.networks.append(net1)
- self.networks.append(net2)
-
- self.add_nat_rules()
- self.do_default_routes_test()
-
- def delete_nat_rules(self):
- for o in self.networks:
- for vm in o.get_vms():
- if vm.get_nat() is not None:
- vm.get_nat().delete(self.apiclient)
- vm.set_nat(None)
-
- def add_nat_rules(self):
- for o in self.networks:
- for vm in o.get_vms():
- if vm.get_ip() is None:
- vm.set_ip(self.acquire_publicip(o.get_net()))
- if vm.get_nat() is None:
- vm.set_nat(self.create_natrule(vm.get_vm(), vm.get_ip(), o.get_net()))
- time.sleep(5)
-
- def check_ssh_into_vm(self):
- for o in self.networks:
- for vm in o.get_vms():
- try:
- virtual_machine = vm.get_vm()
- virtual_machine.ssh_client = None
-
- public_ip = vm.get_ip()
-
- self.logger.debug("Checking if we can SSH into VM=%s on public_ip=%s" %
- (virtual_machine.name, public_ip.ipaddress.ipaddress))
-
- virtual_machine.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
- self.logger.debug("SSH into VM=%s on public_ip=%s is successful" %
- (virtual_machine.name, public_ip.ipaddress.ipaddress))
- except:
- self.fail("Failed to SSH into VM - %s" % (public_ip.ipaddress.ipaddress))
-
- def do_default_routes_test(self):
- for o in self.networks:
- for vmObj in o.get_vms():
- ssh_command = "ping -c 3 8.8.8.8"
-
- # Should be able to SSH VM
- result = 'failed'
- try:
- vm = vmObj.get_vm()
- public_ip = vmObj.get_ip()
- self.logger.debug("SSH into VM: %s" % public_ip.ipaddress.ipaddress)
-
- ssh = vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
-
- self.logger.debug("Ping to google.com from VM")
- result = str(ssh.execute(ssh_command))
-
- self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 packets received")))
- except Exception as e:
- self.fail("SSH Access failed for %s: %s" % \
- (vmObj.get_ip(), e)
- )
-
- self.assertEqual(
- result.count("3 packets received"),
- 1,
- "Ping to outside world from VM should be successful"
- )
-
-
-class networkO(object):
- def __init__(self, net):
- self.network = net
- self.vms = []
-
- def get_net(self):
- return self.network
-
- def add_vm(self, vm):
- self.vms.append(vmsO(vm))
-
- def get_vms(self):
- return self.vms
-
-
-class vmsO(object):
- def __init__(self, vm):
- self.vm = vm
- self.ip = None
- self.nat = None
-
- def get_vm(self):
- return self.vm
-
- def get_ip(self):
- return self.ip
-
- def get_nat(self):
- return self.nat
-
- def set_ip(self, ip):
- self.ip = ip
-
- def set_nat(self, nat):
- self.nat = nat
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/smoke/test_router_dhcphosts.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_router_dhcphosts.py b/test/integration/smoke/test_router_dhcphosts.py
new file mode 100644
index 0000000..4c2ec4c
--- /dev/null
+++ b/test/integration/smoke/test_router_dhcphosts.py
@@ -0,0 +1,381 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# Import Local Modules
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.cloudstackAPI import (stopVirtualMachine,
+ stopRouter,
+ startRouter)
+from marvin.lib.utils import (cleanup_resources,
+ get_process_status)
+from marvin.lib.base import (ServiceOffering,
+ VirtualMachine,
+ Account,
+ ServiceOffering,
+ NATRule,
+ NetworkACL,
+ FireWallRule,
+ PublicIPAddress,
+ NetworkOffering,
+ Network,
+ Router)
+from marvin.lib.common import (get_zone,
+ get_template,
+ get_domain,
+ list_virtual_machines,
+ list_networks,
+ list_configurations,
+ list_routers,
+ list_nat_rules,
+ list_publicIP,
+ list_firewall_rules,
+ list_hosts)
+
+# Import System modules
+import time
+import logging
+
+
+class TestRouterDHCPHosts(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+
+ cls.logger = logging.getLogger('TestRouterDHCPHosts')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.testClient = super(TestRouterDHCPHosts, cls).getClsTestClient()
+ cls.api_client = cls.testClient.getApiClient()
+
+ cls.services = cls.testClient.getParsedTestDataConfig()
+ # Get Zone, Domain and templates
+ cls.domain = get_domain(cls.api_client)
+ cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.services['mode'] = cls.zone.networktype
+ cls.template = get_template(
+ cls.api_client,
+ cls.zone.id,
+ cls.services["ostype"]
+ )
+
+ cls.services["virtual_machine"]["zoneid"] = cls.zone.id
+
+ cls.logger.debug("Creating Admin Account for domain %s on zone %s" % (cls.domain.id, cls.zone.id))
+ # Create an account, network, VM and IP addresses
+ cls.account = Account.create(
+ cls.api_client,
+ cls.services["account"],
+ admin=True,
+ domainid=cls.domain.id
+ )
+
+ cls.logger.debug("Creating Service Offering on zone %s" % (cls.zone.id))
+ cls.service_offering = ServiceOffering.create(
+ cls.api_client,
+ cls.services["service_offering"]
+ )
+
+ cls.services["isolated_network_offering"]["egress_policy"] = "true"
+
+ cls.logger.debug("Creating Network Offering on zone %s" % (cls.zone.id))
+ cls.network_offering = NetworkOffering.create(cls.api_client,
+ cls.services["isolated_network_offering"],
+ conservemode=True)
+
+ cls.network_offering.update(cls.api_client, state='Enabled')
+
+ cls.logger.debug("Creating Network for Account %s using offering %s" % (cls.account.name, cls.network_offering.id))
+ cls.network = Network.create(cls.api_client,
+ cls.services["network"],
+ accountid=cls.account.name,
+ domainid=cls.account.domainid,
+ networkofferingid=cls.network_offering.id,
+ zoneid=cls.zone.id)
+
+ cls.logger.debug("Creating VM1 for Account %s using offering %s with IP 10.1.1.50" % (cls.account.name, cls.service_offering.id))
+ cls.vm_1 = VirtualMachine.create(cls.api_client,
+ cls.services["virtual_machine"],
+ templateid=cls.template.id,
+ accountid=cls.account.name,
+ domainid=cls.domain.id,
+ serviceofferingid=cls.service_offering.id,
+ networkids=[str(cls.network.id)],
+ ipaddress="10.1.1.50")
+
+ cls.logger.debug("Creating VM2 for Account %s using offering %s with IP 10.1.1.51" % (cls.account.name, cls.service_offering.id))
+ cls.vm_2 = VirtualMachine.create(cls.api_client,
+ cls.services["virtual_machine"],
+ templateid=cls.template.id,
+ accountid=cls.account.name,
+ domainid=cls.domain.id,
+ serviceofferingid=cls.service_offering.id,
+ networkids=[str(cls.network.id)],
+ ipaddress="10.1.1.51")
+
+ cls.services["natrule1"] = {
+ "privateport": 22,
+ "publicport": 222,
+ "protocol": "TCP"
+ }
+
+ cls.services["natrule2"] = {
+ "privateport": 22,
+ "publicport": 223,
+ "protocol": "TCP"
+ }
+
+ cls.services["configurableData"] = {
+ "host": {
+ "password": "password",
+ "username": "root",
+ "port": 22
+ },
+ "input": "INPUT",
+ "forward": "FORWARD"
+ }
+
+ cls._cleanup = [
+ cls.vm_2,
+ cls.network,
+ cls.network_offering,
+ cls.service_offering,
+ cls.account
+ ]
+
+ return
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.api_client, cls._cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def setUp(self):
+ self.apiclient = self.testClient.getApiClient()
+ self.cleanup = []
+ return
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def test_ssh_command(self, vm, nat_rule, rule_label):
+ result = 'failed'
+ try:
+ ssh_command = "ping -c 3 8.8.8.8"
+ self.logger.debug("SSH into VM with IP: %s" % nat_rule.ipaddress)
+
+ ssh = vm.get_ssh_client(ipaddress=nat_rule.ipaddress, port=self.services[rule_label]["publicport"], retries=5)
+ result = str(ssh.execute(ssh_command))
+
+ self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 packets received")))
+ except:
+ self.fail("Failed to SSH into VM - %s" % (nat_rule.ipaddress))
+
+ self.assertEqual(
+ result.count("3 packets received"),
+ 1,
+ "Ping to outside world from VM should be successful"
+ )
+
+ def test_dhcphosts(self, vm, router):
+ hosts = list_hosts(
+ self.apiclient,
+ id=router.hostid)
+
+ self.assertEqual(
+ isinstance(hosts, list),
+ True,
+ "Check for list hosts response return valid data")
+
+ host = hosts[0]
+ host.user = self.services["configurableData"]["host"]["username"]
+ host.passwd = self.services["configurableData"]["host"]["password"]
+ host.port = self.services["configurableData"]["host"]["port"]
+ #mac1,10.7.32.101,infinite
+ try:
+ result = get_process_status(
+ host.ipaddress,
+ host.port,
+ host.user,
+ host.passwd,
+ router.linklocalip,
+ "cat /etc/dhcphosts.txt | grep %s | sed 's/\,/ /g' | awk '{print $2}'" % (vm.nic[0].ipaddress))
+ except KeyError:
+ self.skipTest(
+ "Provide a marvin config file with host\
+ credentials to run %s" %
+ self._testMethodName)
+
+ self.logger.debug("cat /etc/dhcphosts.txt | grep %s | sed 's/\,/ /g' | awk '{print $2}' RESULT IS ==> %s" % (vm.nic[0].ipaddress, result))
+ res = str(result)
+
+ self.assertEqual(
+ res.count(vm.nic[0].ipaddress),
+ 1,
+ "DHCP hosts file contains duplicate IPs ==> %s!" % res)
+
+ @attr(tags=["advanced", "advancedns", "ssh"], required_hardware="true")
+ def test_router_dhcphosts(self):
+ """Check that the /etc/dhcphosts.txt doesn't contain duplicate IPs"""
+
+ self.logger.debug("Starting test_router_dhcphosts...")
+ routers = list_routers(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid
+ )
+
+ self.assertEqual(
+ isinstance(routers, list),
+ True,
+ "Check for list routers response return valid data"
+ )
+
+ self.assertNotEqual(
+ len(routers),
+ 0,
+ "Check list router response"
+ )
+
+ router = routers[0]
+
+ self.assertEqual(
+ router.state,
+ 'Running',
+ "Check list router response for router state"
+ )
+
+ public_ips = list_publicIP(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ zoneid=self.zone.id
+ )
+
+ self.assertEqual(
+ isinstance(public_ips, list),
+ True,
+ "Check for list public IPs response return valid data"
+ )
+
+ public_ip = public_ips[0]
+
+ self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_1.id)
+ FireWallRule.create(
+ self.apiclient,
+ ipaddressid=public_ip.id,
+ protocol=self.services["natrule1"]["protocol"],
+ cidrlist=['0.0.0.0/0'],
+ startport=self.services["natrule1"]["publicport"],
+ endport=self.services["natrule1"]["publicport"]
+ )
+
+ self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_1.id)
+ # Create NAT rule
+ nat_rule1 = NATRule.create(
+ self.apiclient,
+ self.vm_1,
+ self.services["natrule1"],
+ public_ip.id
+ )
+
+ self.logger.debug("Creating Firewall rule for VM ID: %s" % self.vm_2.id)
+ FireWallRule.create(
+ self.apiclient,
+ ipaddressid=public_ip.id,
+ protocol=self.services["natrule2"]["protocol"],
+ cidrlist=['0.0.0.0/0'],
+ startport=self.services["natrule2"]["publicport"],
+ endport=self.services["natrule2"]["publicport"]
+ )
+
+ self.logger.debug("Creating NAT rule for VM ID: %s" % self.vm_2.id)
+ # Create NAT rule
+ nat_rule2 = NATRule.create(
+ self.apiclient,
+ self.vm_2,
+ self.services["natrule2"],
+ public_ip.id
+ )
+
+ nat_rules = list_nat_rules(
+ self.apiclient,
+ id=nat_rule1.id
+ )
+ self.assertEqual(
+ isinstance(nat_rules, list),
+ True,
+ "Check for list NAT rules response return valid data"
+ )
+ self.assertEqual(
+ nat_rules[0].state,
+ 'Active',
+ "Check list port forwarding rules"
+ )
+
+ nat_rules = list_nat_rules(
+ self.apiclient,
+ id=nat_rule2.id
+ )
+ self.assertEqual(
+ isinstance(nat_rules, list),
+ True,
+ "Check for list NAT rules response return valid data"
+ )
+ self.assertEqual(
+ nat_rules[0].state,
+ 'Active',
+ "Check list port forwarding rules"
+ )
+
+ self.logger.debug("Testing SSH to VMs %s and %s" % (self.vm_1.id, self.vm_2.id))
+ self.test_ssh_command(self.vm_1, nat_rule1, "natrule1")
+ self.test_ssh_command(self.vm_2, nat_rule2, "natrule2")
+
+ self.logger.debug("Testing DHCP hosts for VMs %s and %s" % (self.vm_1.id, self.vm_2.id))
+ self.test_dhcphosts(self.vm_1, router)
+ self.test_dhcphosts(self.vm_2, router)
+
+ self.logger.debug("Deleting and Expunging VM %s with ip %s" % (self.vm_1.id, self.vm_1.nic[0].ipaddress))
+ self.vm_1.delete(self.apiclient)
+
+ self.logger.debug("Creating new VM using the same IP as the one which was deleted => IP 10.1.1.50")
+ self.vm_1 = VirtualMachine.create(self.apiclient,
+ self.services["virtual_machine"],
+ templateid=self.template.id,
+ accountid=self.account.name,
+ domainid=self.domain.id,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(self.network.id)],
+ ipaddress="10.1.1.50")
+
+ self.cleanup.append(self.vm_1)
+
+ self.logger.debug("Testing DHCP hosts for VMs %s and %s" % (self.vm_1.id, self.vm_2.id))
+ self.test_dhcphosts(self.vm_1, router)
+ self.test_dhcphosts(self.vm_2, router)
+
+ return
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fb92de52/test/integration/smoke/test_routers_iptables_default_policy.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_routers_iptables_default_policy.py b/test/integration/smoke/test_routers_iptables_default_policy.py
new file mode 100644
index 0000000..a1bec4c
--- /dev/null
+++ b/test/integration/smoke/test_routers_iptables_default_policy.py
@@ -0,0 +1,678 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+""" Test VPC nics after router is destroyed """
+
+from nose.plugins.attrib import attr
+from marvin.cloudstackTestCase import cloudstackTestCase
+from marvin.lib.base import (stopRouter,
+ startRouter,
+ destroyRouter,
+ Account,
+ VpcOffering,
+ VPC,
+ ServiceOffering,
+ NATRule,
+ NetworkACL,
+ PublicIPAddress,
+ NetworkOffering,
+ Network,
+ VirtualMachine,
+ LoadBalancerRule)
+from marvin.lib.common import (get_domain,
+ get_zone,
+ get_template,
+ list_routers,
+ list_hosts)
+from marvin.lib.utils import (cleanup_resources,
+ get_process_status)
+import socket
+import time
+import inspect
+import logging
+
+
+class Services:
+ """Test VPC network services - Port Forwarding Rules Test Data Class.
+ """
+
+ def __init__(self):
+ self.services = {
+ "configurableData": {
+ "host": {
+ "password": "password",
+ "username": "root",
+ "port": 22
+ },
+ "input": "INPUT",
+ "forward": "FORWARD"
+ },
+ "account": {
+ "email": "test@test.com",
+ "firstname": "Test",
+ "lastname": "User",
+ "username": "test",
+ # Random characters are appended for unique
+ # username
+ "password": "password",
+ },
+ "service_offering": {
+ "name": "Tiny Instance",
+ "displaytext": "Tiny Instance",
+ "cpunumber": 1,
+ "cpuspeed": 100,
+ "memory": 128,
+ },
+ "shared_network_offering_sg": {
+ "name": "MySharedOffering-sg",
+ "displaytext": "MySharedOffering-sg",
+ "guestiptype": "Shared",
+ "supportedservices": "Dhcp,Dns,UserData,SecurityGroup",
+ "specifyVlan": "False",
+ "specifyIpRanges": "False",
+ "traffictype": "GUEST",
+ "serviceProviderList": {
+ "Dhcp": "VirtualRouter",
+ "Dns": "VirtualRouter",
+ "UserData": "VirtualRouter",
+ "SecurityGroup": "SecurityGroupProvider"
+ }
+ },
+ "network_offering": {
+ "name": 'Test Network offering',
+ "displaytext": 'Test Network offering',
+ "guestiptype": 'Isolated',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding',
+ "traffictype": 'GUEST',
+ "availability": 'Optional',
+ "serviceProviderList": {
+ "Dhcp": 'VirtualRouter',
+ "Dns": 'VirtualRouter',
+ "SourceNat": 'VirtualRouter',
+ "PortForwarding": 'VirtualRouter',
+ },
+ },
+ "vpc_network_offering": {
+ "name": 'VPC Network offering',
+ "displaytext": 'VPC Network off',
+ "guestiptype": 'Isolated',
+ "supportedservices": 'Vpn,Dhcp,Dns,SourceNat,PortForwarding,Lb,UserData,StaticNat,NetworkACL',
+ "traffictype": 'GUEST',
+ "availability": 'Optional',
+ "useVpc": 'on',
+ "serviceProviderList": {
+ "Vpn": 'VpcVirtualRouter',
+ "Dhcp": 'VpcVirtualRouter',
+ "Dns": 'VpcVirtualRouter',
+ "SourceNat": 'VpcVirtualRouter',
+ "PortForwarding": 'VpcVirtualRouter',
+ "Lb": 'VpcVirtualRouter',
+ "UserData": 'VpcVirtualRouter',
+ "StaticNat": 'VpcVirtualRouter',
+ "NetworkACL": 'VpcVirtualRouter'
+ },
+ },
+ "vpc_network_offering_no_lb": {
+ "name": 'VPC Network offering',
+ "displaytext": 'VPC Network off',
+ "guestiptype": 'Isolated',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,UserData,StaticNat,NetworkACL',
+ "traffictype": 'GUEST',
+ "availability": 'Optional',
+ "useVpc": 'on',
+ "serviceProviderList": {
+ "Dhcp": 'VpcVirtualRouter',
+ "Dns": 'VpcVirtualRouter',
+ "SourceNat": 'VpcVirtualRouter',
+ "PortForwarding": 'VpcVirtualRouter',
+ "UserData": 'VpcVirtualRouter',
+ "StaticNat": 'VpcVirtualRouter',
+ "NetworkACL": 'VpcVirtualRouter'
+ },
+ },
+ "vpc_offering": {
+ "name": 'VPC off',
+ "displaytext": 'VPC off',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
+ },
+ "redundant_vpc_offering": {
+ "name": 'Redundant VPC off',
+ "displaytext": 'Redundant VPC off',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
+ "serviceProviderList": {
+ "Vpn": 'VpcVirtualRouter',
+ "Dhcp": 'VpcVirtualRouter',
+ "Dns": 'VpcVirtualRouter',
+ "SourceNat": 'VpcVirtualRouter',
+ "PortForwarding": 'VpcVirtualRouter',
+ "Lb": 'VpcVirtualRouter',
+ "UserData": 'VpcVirtualRouter',
+ "StaticNat": 'VpcVirtualRouter',
+ "NetworkACL": 'VpcVirtualRouter'
+ },
+ "serviceCapabilityList": {
+ "SourceNat": {
+ "RedundantRouter": 'true'
+ }
+ },
+ },
+ "vpc": {
+ "name": "TestVPC",
+ "displaytext": "TestVPC",
+ "cidr": '10.1.1.1/16'
+ },
+ "network": {
+ "name": "Test Network",
+ "displaytext": "Test Network",
+ "netmask": '255.255.255.0'
+ },
+ "natrule": {
+ "privateport": 22,
+ "publicport": 22,
+ "startport": 22,
+ "endport": 22,
+ "protocol": "TCP",
+ "cidrlist": '0.0.0.0/0',
+ },
+ "virtual_machine": {
+ "displayname": "Test VM",
+ "username": "root",
+ "password": "password",
+ "ssh_port": 22,
+ "privateport": 22,
+ "publicport": 22,
+ "protocol": 'TCP',
+ },
+ "ostype": 'CentOS 5.3 (64-bit)',
+ "timeout": 10,
+ }
+
+
+class TestVPCIpTablesPolicies(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+ # We want to fail quicker if it's failure
+ socket.setdefaulttimeout(60)
+
+ cls.testClient = super(TestVPCIpTablesPolicies, cls).getClsTestClient()
+ cls.apiclient = cls.testClient.getApiClient()
+
+ cls.services = Services().services
+ # Get Zone, Domain and templates
+ cls.domain = get_domain(cls.apiclient)
+ cls.zone = get_zone(cls.apiclient, cls.testClient.getZoneForTests())
+ cls.template = get_template(
+ cls.apiclient,
+ cls.zone.id,
+ cls.services["ostype"])
+
+ cls.services["virtual_machine"]["zoneid"] = cls.zone.id
+ cls.services["virtual_machine"]["template"] = cls.template.id
+
+ cls.account = Account.create(
+ cls.apiclient,
+ cls.services["account"],
+ admin=True,
+ domainid=cls.domain.id)
+
+ cls.service_offering = ServiceOffering.create(
+ cls.apiclient,
+ cls.services["service_offering"])
+
+
+ cls.logger = logging.getLogger('TestVPCIpTablesPolicies')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.entity_manager = EntityManager(cls.apiclient, cls.services, cls.service_offering, cls.account, cls.zone, cls.logger)
+
+ cls._cleanup = [cls.service_offering, cls.account]
+ return
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.apiclient, cls._cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def setUp(self):
+ self.logger.debug("Creating a VPC offering.")
+ self.vpc_off = VpcOffering.create(
+ self.apiclient,
+ self.services["vpc_offering"])
+
+ self.logger.debug("Enabling the VPC offering created")
+ self.vpc_off.update(self.apiclient, state='Enabled')
+
+ self.logger.debug("Creating a VPC network in the account: %s" % self.account.name)
+
+ self.vpc = VPC.create(
+ self.apiclient,
+ self.services["vpc"],
+ vpcofferingid=self.vpc_off.id,
+ zoneid=self.zone.id,
+ account=self.account.name,
+ domainid=self.account.domainid)
+
+ self.cleanup = [self.vpc, self.vpc_off]
+ self.entity_manager.set_cleanup(self.cleanup)
+ return
+
+ def tearDown(self):
+ try:
+ self.entity_manager.destroy_routers()
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ @attr(tags=["advanced", "intervlan"], required_hardware="true")
+ def test_01_single_VPC_iptables_policies(self):
+ """ Test iptables default INPUT/FORWARD policies on VPC router """
+ self.logger.debug("Starting test_01_single_VPC_iptables_policies")
+
+ routers = self.entity_manager.query_routers()
+
+ self.assertEqual(
+ isinstance(routers, list), True,
+ "Check for list routers response return valid data")
+
+ self.entity_manager.create_network(self.services["vpc_network_offering"], self.vpc.id, "10.1.1.1")
+ self.entity_manager.create_network(self.services["vpc_network_offering_no_lb"], self.vpc.id, "10.1.2.1")
+
+ self.entity_manager.add_nat_rules(self.vpc.id)
+ self.entity_manager.do_vpc_test()
+
+ for router in routers:
+ if not router.isredundantrouter and router.vpcid:
+ hosts = list_hosts(
+ self.apiclient,
+ id=router.hostid)
+ self.assertEqual(
+ isinstance(hosts, list),
+ True,
+ "Check for list hosts response return valid data")
+
+ host = hosts[0]
+ host.user = self.services["configurableData"]["host"]["username"]
+ host.passwd = self.services["configurableData"]["host"]["password"]
+ host.port = self.services["configurableData"]["host"]["port"]
+ tables = [self.services["configurableData"]["input"], self.services["configurableData"]["forward"]]
+
+ for table in tables:
+ try:
+ result = get_process_status(
+ host.ipaddress,
+ host.port,
+ host.user,
+ host.passwd,
+ router.linklocalip,
+ 'iptables -L %s' % table)
+ except KeyError:
+ self.skipTest(
+ "Provide a marvin config file with host\
+ credentials to run %s" %
+ self._testMethodName)
+
+ self.logger.debug("iptables -L %s: %s" % (table, result))
+ res = str(result)
+
+ self.assertEqual(
+ res.count("DROP"),
+ 1,
+ "%s Default Policy should be DROP" % table)
+
+
+class TestRouterIpTablesPolicies(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+ # We want to fail quicker if it's failure
+ socket.setdefaulttimeout(60)
+
+ cls.testClient = super(TestRouterIpTablesPolicies, cls).getClsTestClient()
+ cls.apiclient = cls.testClient.getApiClient()
+
+ cls.services = Services().services
+ # Get Zone, Domain and templates
+ cls.domain = get_domain(cls.apiclient)
+ cls.zone = get_zone(cls.apiclient, cls.testClient.getZoneForTests())
+ cls.template = get_template(
+ cls.apiclient,
+ cls.zone.id,
+ cls.services["ostype"])
+
+ cls.services["virtual_machine"]["zoneid"] = cls.zone.id
+ cls.services["virtual_machine"]["template"] = cls.template.id
+
+ cls.account = Account.create(
+ cls.apiclient,
+ cls.services["account"],
+ admin=True,
+ domainid=cls.domain.id)
+
+ cls.service_offering = ServiceOffering.create(
+ cls.apiclient,
+ cls.services["service_offering"])
+
+ cls.logger = logging.getLogger('TestRouterIpTablesPolicies')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ cls.entity_manager = EntityManager(cls.apiclient, cls.services, cls.service_offering, cls.account, cls.zone, cls.logger)
+
+ cls._cleanup = [cls.service_offering, cls.account]
+ return
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.apiclient, cls._cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ def setUp(self):
+ self.cleanup = []
+ self.entity_manager.set_cleanup(self.cleanup)
+ return
+
+ def tearDown(self):
+ try:
+ cleanup_resources(self.apiclient, self.cleanup)
+ except Exception as e:
+ raise Exception("Warning: Exception during cleanup : %s" % e)
+ return
+
+ @attr(tags=["advanced", "intervlan"], required_hardware="true")
+ def test_02_routervm_iptables_policies(self):
+ """ Test iptables default INPUT/FORWARD policy on RouterVM """
+
+ self.logger.debug("Starting test_02_routervm_iptables_policies")
+
+ vm1 = self.entity_manager.deployvm()
+
+ routers = self.entity_manager.query_routers()
+
+ self.assertEqual(
+ isinstance(routers, list), True,
+ "Check for list routers response return valid data")
+
+ for router in routers:
+ if not router.isredundantrouter and not router.vpcid:
+ hosts = list_hosts(
+ self.apiclient,
+ id=router.hostid)
+ self.assertEqual(
+ isinstance(hosts, list),
+ True,
+ "Check for list hosts response return valid data")
+
+ host = hosts[0]
+ host.user = self.services["configurableData"]["host"]["username"]
+ host.passwd = self.services["configurableData"]["host"]["password"]
+ host.port = self.services["configurableData"]["host"]["port"]
+ tables = [self.services["configurableData"]["input"], self.services["configurableData"]["forward"]]
+
+ for table in tables:
+ try:
+ result = get_process_status(
+ host.ipaddress,
+ host.port,
+ host.user,
+ host.passwd,
+ router.linklocalip,
+ 'iptables -L %s' % table)
+ except KeyError:
+ self.skipTest(
+ "Provide a marvin config file with host\
+ credentials to run %s" %
+ self._testMethodName)
+
+ self.logger.debug("iptables -L %s: %s" % (table, result))
+ res = str(result)
+
+ self.assertEqual(
+ res.count("DROP"),
+ 1,
+ "%s Default Policy should be DROP" % table)
+
+
+class EntityManager(object):
+
+ def __init__(self, apiclient, services, service_offering, account, zone, logger):
+ self.apiclient = apiclient
+ self.services = services
+ self.service_offering = service_offering
+ self.account = account
+ self.zone = zone
+ self.logger = logger
+
+ self.cleanup = []
+ self.networks = []
+ self.routers = []
+ self.ips = []
+
+ def set_cleanup(self, cleanup):
+ self.cleanup = cleanup
+
+ def add_nat_rules(self, vpc_id):
+ for o in self.networks:
+ for vm in o.get_vms():
+ if vm.get_ip() is None:
+ vm.set_ip(self.acquire_publicip(o.get_net(), vpc_id))
+ if vm.get_nat() is None:
+ vm.set_nat(self.create_natrule(vm.get_vm(), vm.get_ip(), o.get_net(), vpc_id))
+ time.sleep(5)
+
+ def do_vpc_test(self):
+ for o in self.networks:
+ for vm in o.get_vms():
+ self.check_ssh_into_vm(vm.get_vm(), vm.get_ip())
+
+ def create_natrule(self, vm, public_ip, network, vpc_id):
+ self.logger.debug("Creating NAT rule in network for vm with public IP")
+
+ nat_rule_services = self.services["natrule"]
+
+ nat_rule = NATRule.create(
+ self.apiclient,
+ vm,
+ nat_rule_services,
+ ipaddressid=public_ip.ipaddress.id,
+ openfirewall=False,
+ networkid=network.id,
+ vpcid=vpc_id)
+
+ self.logger.debug("Adding NetworkACL rules to make NAT rule accessible")
+ nwacl_nat = NetworkACL.create(
+ self.apiclient,
+ networkid=network.id,
+ services=nat_rule_services,
+ traffictype='Ingress'
+ )
+ self.logger.debug('nwacl_nat=%s' % nwacl_nat.__dict__)
+ return nat_rule
+
+ def check_ssh_into_vm(self, vm, public_ip):
+ self.logger.debug("Checking if we can SSH into VM=%s on public_ip=%s" %
+ (vm.name, public_ip.ipaddress.ipaddress))
+ vm.ssh_client = None
+ try:
+ vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
+ self.logger.debug("SSH into VM=%s on public_ip=%s is successful" %
+ (vm.name, public_ip.ipaddress.ipaddress))
+ except:
+ raise Exception("Failed to SSH into VM - %s" % (public_ip.ipaddress.ipaddress))
+
+ def create_network(self, net_offerring, vpc_id, gateway='10.1.1.1'):
+ try:
+ self.logger.debug('Create NetworkOffering')
+ net_offerring["name"] = "NET_OFF-" + str(gateway)
+ nw_off = NetworkOffering.create(
+ self.apiclient,
+ net_offerring,
+ conservemode=False)
+
+ nw_off.update(self.apiclient, state='Enabled')
+ self.logger.debug('Created and Enabled NetworkOffering')
+
+ self.services["network"]["name"] = "NETWORK-" + str(gateway)
+ self.logger.debug('Adding Network=%s to VPC ID %s' % (self.services["network"], vpc_id))
+ obj_network = Network.create(
+ self.apiclient,
+ self.services["network"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=nw_off.id,
+ zoneid=self.zone.id,
+ gateway=gateway,
+ vpcid=vpc_id)
+
+ self.logger.debug("Created network with ID: %s" % obj_network.id)
+ except Exception, e:
+ raise Exception('Unable to create a Network with offering=%s because of %s ' % (net_offerring, e))
+
+ o = networkO(obj_network)
+
+ vm1 = self.deployvm_in_network(obj_network)
+ self.cleanup.insert(1, obj_network)
+ self.cleanup.insert(2, nw_off)
+
+ o.add_vm(vm1)
+ self.networks.append(o)
+ return o
+
+ def deployvm_in_network(self, network):
+ try:
+ self.logger.debug('Creating VM in network=%s' % network.name)
+ vm = VirtualMachine.create(
+ self.apiclient,
+ self.services["virtual_machine"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.service_offering.id,
+ networkids=[str(network.id)])
+
+ self.logger.debug('Created VM=%s in network=%s' % (vm.id, network.name))
+ self.cleanup.insert(0, vm)
+ return vm
+ except:
+ raise Exception('Unable to create VM in a Network=%s' % network.name)
+
+ def deployvm(self):
+ try:
+ self.logger.debug('Creating VM')
+ vm = VirtualMachine.create(
+ self.apiclient,
+ self.services["virtual_machine"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.service_offering.id)
+
+ self.cleanup.insert(0, vm)
+ self.logger.debug('Created VM=%s' % vm.id)
+ return vm
+ except:
+ raise Exception('Unable to create VM')
+
+ def acquire_publicip(self, network, vpc_id):
+ self.logger.debug("Associating public IP for network: %s" % network.name)
+ public_ip = PublicIPAddress.create(
+ self.apiclient,
+ accountid=self.account.name,
+ zoneid=self.zone.id,
+ domainid=self.account.domainid,
+ networkid=network.id,
+ vpcid=vpc_id)
+ self.logger.debug("Associated %s with network %s" % (
+ public_ip.ipaddress.ipaddress,
+ network.id))
+
+ self.ips.append(public_ip)
+ return public_ip
+
+ def query_routers(self):
+ self.routers = list_routers(self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid)
+
+ return self.routers
+
+ def stop_router(self, router):
+ self.logger.debug('Stopping router')
+ cmd = stopRouter.stopRouterCmd()
+ cmd.id = router.id
+ self.apiclient.stopRouter(cmd)
+
+ def destroy_routers(self):
+ self.logger.debug('Destroying routers')
+ for router in self.routers:
+ self.stop_router(router)
+ cmd = destroyRouter.destroyRouterCmd()
+ cmd.id = router.id
+ self.apiclient.destroyRouter(cmd)
+ self.routers = []
+
+ def start_routers(self):
+ self.logger.debug('Starting routers')
+ for router in self.routers:
+ cmd = startRouter.startRouterCmd()
+ cmd.id = router.id
+ self.apiclient.startRouter(cmd)
+
+
+class networkO(object):
+ def __init__(self, net):
+ self.network = net
+ self.vms = []
+
+ def get_net(self):
+ return self.network
+
+ def add_vm(self, vm):
+ self.vms.append(vmsO(vm))
+
+ def get_vms(self):
+ return self.vms
+
+
+class vmsO(object):
+ def __init__(self, vm):
+ self.vm = vm
+ self.ip = None
+ self.nat = None
+
+ def get_vm(self):
+ return self.vm
+
+ def get_ip(self):
+ return self.ip
+
+ def get_nat(self):
+ return self.nat
+
+ def set_ip(self, ip):
+ self.ip = ip
+
+ def set_nat(self, nat):
+ self.nat = nat
[4/4] git commit: updated refs/heads/master to 7043958
Posted by da...@apache.org.
Merge pull request #1195 from ekholabs/refactor/smoke_tests-CLOUDSTACK-9120
CLOUDSTACK-9120 - As a Developer I want the new component tests to be moved into the smoke directoryThis PR only moves the tests I wrote form the ```component``` to the ```smoke``` directory. Given the nature of the tests, the should be moved.
- Those tests are doing a lot more than component tests would do. They require hardware and a lot of resources from real hypervisors.
I'm now running the five test files that were moved and will post results once they are done.
* pr/1195:
CLOUDSTACK-9120 - Moves tests to the smoke directory
Signed-off-by: Daan Hoogland <da...@onecht.net>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/70439589
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/70439589
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/70439589
Branch: refs/heads/master
Commit: 70439589979e618bca97e2303141a7c8b28170fa
Parents: 738b788 fb92de5
Author: Daan Hoogland <da...@onecht.net>
Authored: Wed Dec 9 16:12:10 2015 +0100
Committer: Daan Hoogland <da...@onecht.net>
Committed: Wed Dec 9 16:12:10 2015 +0100
----------------------------------------------------------------------
.../component/test_router_dhcphosts.py | 381 -------
.../test_routers_iptables_default_policy.py | 678 ------------
.../component/test_routers_network_ops.py | 1020 ------------------
.../integration/component/test_vpc_redundant.py | 669 ------------
.../component/test_vpc_router_nics.py | 514 ---------
test/integration/smoke/test_router_dhcphosts.py | 381 +++++++
.../test_routers_iptables_default_policy.py | 678 ++++++++++++
.../smoke/test_routers_network_ops.py | 1020 ++++++++++++++++++
test/integration/smoke/test_vpc_redundant.py | 669 ++++++++++++
test/integration/smoke/test_vpc_router_nics.py | 514 +++++++++
10 files changed, 3262 insertions(+), 3262 deletions(-)
----------------------------------------------------------------------