diff --git a/setup.cfg b/setup.cfg
index c94dbafdca..c93a66ecc5 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -21,8 +21,6 @@ classifier =
[files]
packages =
vmware_nsx
- vmware_nsx_tempest
-
[entry_points]
console_scripts =
neutron-check-nsx-config = vmware_nsx.check_nsx_config:main
@@ -53,8 +51,6 @@ vmware_nsx.neutron.nsxv.router_type_drivers =
shared = vmware_nsx.plugins.nsx_v.drivers.shared_router_driver:RouterSharedDriver
distributed = vmware_nsx.plugins.nsx_v.drivers.distributed_router_driver:RouterDistributedDriver
exclusive = vmware_nsx.plugins.nsx_v.drivers.exclusive_router_driver:RouterExclusiveDriver
-tempest.test_plugins =
- vmware-nsx-tempest-plugin = vmware_nsx_tempest.plugin:VMwareNsxTempestPlugin
oslo.config.opts =
nsx = vmware_nsx.opts:list_opts
networking_sfc.flowclassifier.drivers =
diff --git a/tools/misc-sanity-checks.sh b/tools/misc-sanity-checks.sh
index 56dbb2db03..7d6ce26e90 100755
--- a/tools/misc-sanity-checks.sh
+++ b/tools/misc-sanity-checks.sh
@@ -59,23 +59,10 @@ check_identical_policy_files () {
fi
}
-check_no_duplicate_api_test_idempotent_ids() {
- # For API tests, an idempotent ID is assigned to each single API test,
- # those IDs should be unique
- output=$(check-uuid --package vmware_nsx_tempest)
- if [ "$?" -ne 0 ]; then
- echo "There are duplicate idempotent ids in the API tests" >>$FAILURES
- echo "please, assign unique uuids to each API test:" >>$FAILURES
- echo "$output" >>$FAILURES
- fi
-}
-
# Add your checks here...
check_no_symlinks_allowed
check_pot_files_errors
#check_identical_policy_files
-# Remove the comment below when we figure out how to consume pyshark
-#check_no_duplicate_api_test_idempotent_ids
# Fail, if there are emitted failures
if [ -f $FAILURES ]; then
diff --git a/tox.ini b/tox.ini
index 431fb7895a..0b5d36389f 100644
--- a/tox.ini
+++ b/tox.ini
@@ -106,7 +106,6 @@ import-order-style = pep8
[hacking]
import_exceptions = vmware_nsx._i18n,
- vmware_nsx_tempest._i18n
local-check-factory = neutron_lib.hacking.checks.factory
[testenv:genconfig]
diff --git a/vmware_nsx_tempest/README.rst b/vmware_nsx_tempest/README.rst
deleted file mode 100644
index d7092834a2..0000000000
--- a/vmware_nsx_tempest/README.rst
+++ /dev/null
@@ -1,92 +0,0 @@
-Welcome!
-========
-vmware_nsx_tempest is a plugin module to openstack tempest project.
-
-If you are not familiar with tempest, please refer to::
-
- https://docs.openstack.org/developer/tempest
-
-It is implemented with tempest external plugin.
-The official design sepcification is at::
-
- https://review.openstack.org/#/c/184992/
-
-Overview
-========
-
-vmware_nsx_tempest hosts vmware_nsx's functional api and scenario tests.
-
-All vmware_nsx_tempest tests are in "master" branch. For this reason,
-it is recommended to have your own developer version of vmware-nsx repo
-installed outside the devstack folder, /opt/stack/.
-
-For example at /opt/devtest folder. In doing so, you can install
-editable vmware-nsx repo under tempest VENV environemnt.
-
-Installation:
--------------
-
-#. On your own development folder, for example /opt/devtest/,
- install your own tempest development env at /opt/devtest/os-tempest/::
-
- $ cd /opt/devtest
- $ git clone https://github.com/openstack/tempest os-tempest
-
-#. Install virtualenv with the following command::
-
- $ cd /opt/devtest/os-tempest
- $ ./run_tempest.sh -u not_exist_tests
-
-#. Install vmware-nsx master branch at /opt/devtest/vmware-nsx::
-
- $ cd /opt/devtest
- $ git clone https://github.com/openstack/vmware-nsx
-
-#. Install vmware_nsx_tempest in your tempest development environment::
-
- $ cd /opt/devtest/os-tempest
- $ source .venv/bin/activate
- $ pip install -e /opt/devtest/vmware-nsx/
-
- Run command::
-
- $ pip show vmware-nsx
-
- You should observe the following statements::
-
- Location: /opt/devtest/vmware-nsx
-
- and under section of Entry-points::
-
- [tempest.test_plugins]
- vmware-nsx-tempest-plugin = vmware_nsx_tempest.plugin:VMwareNsxTempestPlugin
-
-#. Validate installed vmware_nsx_tempest successfully do::
-
- $ cd /opt/devtest/os-tempest
- $ tools/with_venv.sh testr list-tests vmware_nsx_tempest.*l2_gateway
-
-Your installation failed, if no tests are shown.
-
-Execution:
-----------
-
-vmware_nsx_tempest tests are tempest tests, you need to
-run from tempest directory. For example, to run only l2-gateway tests::
-
- $ cd /opt/devtest/os-tempest
- $ ./run_tempest.sh -t vmware_nsx_tempest.*test_l2_gateway
- $ ./run_tempest.sh -d vmware_nsx_tempest.tests.nsxv.api.test_l2_gateway_connection.L2GatewayConnectionTest.test_csuld_single_device_interface_vlan
-
-TechNote on vmware_nsx_tempest:
--------------------------------
-
-vmware_nsx_tempest is a plugin to tempest, not neutron, nor vmware_nsx.
-
-It is defined by tempest.test_plugins.
-
-Modules within vmware_nsx_tempest can not see resources defined
-by vmware_nsx. Commands like following are not acceptable, unless
-vmware_nsx is installed in your tempest environment::
-
- import vmware_nsx.shell.admin.plugins.common.utils as admin_utils
diff --git a/vmware_nsx_tempest/__init__.py b/vmware_nsx_tempest/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/_i18n.py b/vmware_nsx_tempest/_i18n.py
deleted file mode 100644
index d4f8a00aec..0000000000
--- a/vmware_nsx_tempest/_i18n.py
+++ /dev/null
@@ -1,32 +0,0 @@
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import oslo_i18n
-
-DOMAIN = "vmware-nsx-tempest"
-
-_translators = oslo_i18n.TranslatorFactory(domain=DOMAIN)
-
-# The primary translation function using the well-known name "_"
-_ = _translators.primary
-
-# The contextual translation function using the name "_C"
-_C = _translators.contextual_form
-
-# The plural translation function using the name "_P"
-_P = _translators.plural_form
-
-
-def get_available_languages():
- return oslo_i18n.get_available_languages(DOMAIN)
diff --git a/vmware_nsx_tempest/common/__init__.py b/vmware_nsx_tempest/common/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/common/constants.py b/vmware_nsx_tempest/common/constants.py
deleted file mode 100644
index 62a5dcef9c..0000000000
--- a/vmware_nsx_tempest/common/constants.py
+++ /dev/null
@@ -1,61 +0,0 @@
-# Copyright 2017 VMware, Inc.
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log
-
-LOG = log.getLogger(__name__)
-
-# General constants.
-ONE_SEC = 1
-
-# L2GW constants.
-L2GW = "l2_gateway"
-L2GWS = L2GW + "s"
-L2_GWS_BASE_URI = "/l2-gateways"
-EXPECTED_HTTP_RESPONSE_200 = "200"
-EXPECTED_HTTP_RESPONSE_201 = "201"
-EXPECTED_HTTP_RESPONSE_204 = "204"
-L2GWC = "l2_gateway_connection"
-
-# MAC Learning constants
-MAC_SW_PROFILE = "MacManagementSwitchingProfile"
-PORT_SEC_PROFILE = "SpoofGuardSwitchingProfile"
-SEC_GRPS_PROFILE = "SwitchSecuritySwitchingProfile"
-
-# NSXV3 MDProxy constants.
-MD_ERROR_CODE_WHEN_LS_BOUNDED = "10026"
-INTERVAL_BETWEEN_EXEC_RETRY_ON_SSH = 5
-MAX_NO_OF_TIMES_EXECUTION_OVER_SSH = 30
-MD_BASE_URL = "http://169.254.169.254/"
-
-# NSXV3 Port Security constants.
-NSX_BACKEND_TIME_INTERVAL = 30
-NSX_BACKEND_SMALL_TIME_INTERVAL = 10
-NSX_BACKEND_VERY_SMALL_TIME_INTERVAL = 5
-
-# DFW
-NSX_FIREWALL_REALIZED_TIMEOUT = 120
-
-# FWaaS
-NO_OF_ENTRIES = 20
-EXCLUSIVE_ROUTER = 'exclusive'
-DISTRIBUTED_ROUTER = 'distributed'
-TCP_PROTOCOL = 'tcp'
-ICMP_PROTOCOL = 'icmp'
-
-# NSXV3 Firewall
-NSX_FIREWALL_REALIZED_DELAY = 2
-
-APPLIANCE_NAME_STARTS_WITH = "vmw_"
diff --git a/vmware_nsx_tempest/config.py b/vmware_nsx_tempest/config.py
deleted file mode 100644
index b173af3274..0000000000
--- a/vmware_nsx_tempest/config.py
+++ /dev/null
@@ -1,199 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_config import cfg
-from tempest import config
-
-service_option = cfg.BoolOpt("vmware_nsx",
- default=True,
- help="Whether or not vmware_nsx is expected to be"
- " available")
-
-scenario_group = config.scenario_group
-ScenarioGroup = [
- cfg.FloatOpt('waitfor_disassoc',
- default=15.0,
- help="Wait for seconds after disassociation."),
- cfg.FloatOpt('waitfor_assoc',
- default=5.0,
- help="Waitfor seconds after association."),
- cfg.FloatOpt('waitfor_connectivity',
- default=120.0,
- help="Wait for seconds to become connected."),
- cfg.ListOpt('outside_world_servers',
- default=["8.8.8.8", "8.8.4.4"],
- help="List of servers reside outside of openstack env."
- " which is used to test default gateway behavior"
- " when VMs are under logical routers,"
- " & DNS are local to provider's settings."),
- cfg.DictOpt('flat_alloc_pool_dict',
- default={},
- help="Define flat network ip range."
- " required attributes are gateway, start, end"
- " and cidr. Example value: gateway:10.1.1.253,"
- " start:10.1.1.30,end:10.1.1.49,cidr=10.1.1.0/24"),
- cfg.DictOpt('xnet_multiple_subnets_dict',
- default={},
- help="External network with multiple subnets."
- " The primary subnet ip-range will be shrinked,"
- " This is for the 2nd subnet, required attrs:"
- " start:10.1.1.31,end:10.1.1.33,cidr=10.1.2.0/24"
- " AND limit to only 3 ip addresses defined."),
-]
-
-network_group = config.network_group
-NetworkGroup = [
- cfg.StrOpt('l2gw_switch',
- default='',
- help="Distributed Virtual Portgroup to create VLAN port."),
- cfg.DictOpt('l2gw_switch_dict',
- default={},
- help="dict version of l2gw_switch:"
- "device_name:,interfaces:,segmentation_id:,"),
- cfg.StrOpt('dns_search_domain',
- default='vmware.com',
- help="a valid domain that contains host defined at"
- " attribute host_in_search_domain"),
- cfg.StrOpt('host_in_search_domain',
- default='mail',
- help="host exists in dns_search_domain"),
- cfg.StrOpt('public_network_cidr',
- default='',
- help="Public network cidr which provides external network"
- " connectivity"),
- cfg.StrOpt('backend',
- default='nsxv',
- help="NSX backend, valid values are nsxv|nsxv3"),
-]
-
-nsxv_group = cfg.OptGroup(name='nsxv',
- title="NSX-v Configuration Options")
-NSXvGroup = [
- cfg.StrOpt('manager_uri',
- default='https://10.0.0.10',
- help="NSX-v manager ip address"),
- cfg.StrOpt('user',
- default='admin',
- help="NSX-v manager username"),
- cfg.StrOpt('password',
- default='default',
- help="NSX-v manager password"),
- cfg.StrOpt('vdn_scope_id',
- default='vdnscope-1',
- help="NSX-v vdn scope id"),
- cfg.IntOpt('max_mtz',
- default=3,
- help="Max Multiple Transport Zones used for testing."),
- cfg.DictOpt('flat_alloc_pool_dict',
- default={},
- help=" Define flat network ip range."
- " required attributes are gateway, start, end"
- " and cidr. Example value: gateway:10.1.1.253,"
- " start:10.1.1.30,end:10.1.1.49,cidr=10.1.1.0/24"),
- cfg.StrOpt('vlan_physical_network',
- default='',
- help="physval_network to create vlan."),
- cfg.IntOpt('provider_vlan_id',
- default=888,
- help="The default vlan_id for admin vlan."),
- cfg.IntOpt('create_router_http_timeout',
- default=900,
- help="Specific for router_size tests. This value defines"
- " how long http.request should retry."),
- cfg.BoolOpt('no_router_type',
- default=False,
- help="router_type is NSXv extension."
- "Set it to True allow tests to remove this attribute"
- " when creating router."),
- cfg.ListOpt('bugs_to_resolve',
- default=[],
- help="Bugs to be resolved. Define this at tempest.conf and"
- " test case testtools.skipIf(condition, reasons) to"
- " skip test cannot be run at specific plugin env."),
- cfg.StrOpt('default_policy_id',
- default='',
- help="NSX security-policy ID used to create all tenants"
- " default security-group-policy."
- " This must be the same as the one at vmware/nsx.ini"),
- cfg.StrOpt('alt_policy_id',
- default='',
- help="NSX security-policy ID used to create the 2nd"
- " security-group-policy, and != default_policy_id."),
- cfg.BoolOpt('allow_tenant_rules_with_policy',
- default=False,
- help="Default=False; a tenant cannot create security-group."
- " If True, tenant can create non-policy security-group."
- " Sync this value with nsx.ini file."),
-]
-
-
-l2gw_group = cfg.OptGroup(name='l2gw',
- title="l2-gateway Configuration Options")
-L2gwGroup = [
- cfg.DictOpt('vlan_subnet_ipv4_dict',
- default={},
- help="Tenant's VLAN subnet cdir to connect to l2gw/VXLAN."
- " Example: cidr=192.168.99.0/24,start:192.168.99.41"
- " ,end:192.168.99.50,gateway=192.168.99.253"),
- cfg.StrOpt('device_one_vlan',
- default="",
- help="l2g2 device with one VLAN"
- " l2gw-1::dvportgroup-14420|3845"),
- cfg.StrOpt('device_multiple_vlans',
- default="",
- help="l2gw device with multiple VLANs"
- " l2gw-x::dvportgroup-14429|3880#3381#3382"),
- cfg.StrOpt('multiple_interfaces_multiple_vlans',
- default="",
- help="l2gw multiple devices, interface has multiple VLANs"
- " m-ifs::dvportgroup-144|138#246;dvportgroup-155|339"),
- cfg.StrOpt('vlan_1',
- default="16",
- help="VLAN id"),
- cfg.StrOpt('vlan_2',
- default="17",
- help="VLAN id"),
- cfg.StrOpt("subnet_1_cidr",
- default="192.168.1.0/24",
- help="Subnet 1 network cidr."
- "Example: 1.1.1.0/24"),
- cfg.StrOpt('vm_on_vds_tz1_vlan16_ip',
- default="192.168.1.203",
- help="IPv4 IP address of VM3"),
- cfg.StrOpt('vm_on_switch_vlan16',
- default="192.168.1.204",
- help="IPv4 IP address of VM4"),
- cfg.StrOpt('vm_on_vds_tz2_vlan16_ip',
- default="192.168.1.205",
- help="IPv4 IP address of VM5"),
- cfg.StrOpt('vm_on_vds_tz2_vlan17_ip',
- default="192.168.1.206",
- help="IPv4 IP address of VM6"),
-]
-
-nsxv3_group = cfg.OptGroup(name='nsxv3',
- title="NSXv3 Configuration Options")
-
-NSXv3Group = [
- cfg.StrOpt('nsx_manager',
- default='',
- help="NSX manager IP address"),
- cfg.StrOpt('nsx_user',
- default='admin',
- help="NSX manager username"),
- cfg.StrOpt('nsx_password',
- default='default',
- help="NSX manager password"),
- cfg.BoolOpt('native_dhcp_metadata',
- default=False,
- help="Enable or disable Native DHCP and MDProxy for nsxv3"),
-]
diff --git a/vmware_nsx_tempest/doc/README-AdminPolicy.rst b/vmware_nsx_tempest/doc/README-AdminPolicy.rst
deleted file mode 100644
index 29f9387409..0000000000
--- a/vmware_nsx_tempest/doc/README-AdminPolicy.rst
+++ /dev/null
@@ -1,90 +0,0 @@
-Admin Policy
-============
-
-Admin policy, neutron extension secuirty-group-policy provides organization
-to enforce traffic forwarding utilizing NSX security policy.
-
-The "Admin Policy" feature is admin priviledge, normal project/tenant is not
-able to create security-group-policy.
-
-This feature can be enabled from devstack or manually.
-
-Enable security-group-policy extention at bring up devstack
-===========================================================
-
-You can enable security-group-policy when starting up devstack.
-However, if the policy-id does not exist, starting will fail.
-
-To enable it, add the following tokens to local.conf:
-
- NSXV_USE_NSX_POLICIES=True
- NSXV_DEFAULT_POLICY_ID=policy-11
- NSXV_ALLOW_TENANT_RULES_WITH_POLICY=True
-
-Change values according to your needs though.
-
-Enable security-group-policy extention manually
-===============================================
-
-Instruction is from the view of devstack
-
-#. Add following items to /etc/neutron/policy.json::
-
- "create_security_group:logging": "rule:admin_only",
- "update_security_group:logging": "rule:admin_only",
- "get_security_group:logging": "rule:admin_only",
- "create_security_group:provider": "rule:admin_only",
- "create_port:provider_security_groups": "rule:admin_only",
- "create_security_group:policy": "rule:admin_only",
- "update_security_group:policy": "rule:admin_only",
-
-#. Add following key=value pair to session [nsxv] of /etc/neutron/plugin/vmware/nsx.ini::
-
- use_nsx_policies = True
- default_policy_id = policy-11
- allow_tenant_rules_with_policy = False
-
- # NOTE: For automation, set allow_tenant_rules_with_policy to True
-
-tempest.conf
-============
-
-At session [nsxv] add the following 3 key=value pair:
-
- default_policy_id = policy-11
- alt_policy_id = policy-22
- allow_tenant_rules_with_policy = False
-
- # NOTE: default_policy_id and allow_tenant_rules_with_policy need to match nsx.ini
-
-default_policy_id and alt_policy_id:
-
- For API tests, both must exist at NSX.
-
- For scenario tests, please refer to nsxv/scenario/test_admin_policy_basic_ops.py
-
- In short::
-
- policy-11 (policy-AA at script & test-plan) firewall rules::
- action-1: dhcp-in/any/policy-security-groups/dhcp/Allow
- action-2: dhcp-out/policy-security-groups/dhcp/Allow
- action-3: ping-in/any/policy-security-groups/ICMP/Allow
- action-4: ping-out/policy-security-groups/any/ICMP/Allow/
- action-5: ssh-in/any/policy-security-groups/SSH/Allow/
- action-6: ssh-in/any/policy-security-groups/SSH/Allow/
- action-7: http-ok/any/policy-security-groups/HTTP,HTTPS/Allow/
- action-8: sorry-nothing-allowed/any/policy-security-groups/Any/Reject
-
- You can import policy-AA to NSX using the admin-policy-AA.blueprint
-
- policy-22 (policy-BB at script & test-plan) firewall rules::
- action-1: dhcp-in/any/policy-security-groups/dhcp/Allow
- action-2: dhcp-out/policy-security-groups/dhcp/Allow
- action-3: group-ping/policy-security-groups/policy-security-groups/ICMP/Allow/
- action-4: ssh-in/any/policy-security-groups/SSH/Allow/
- action-5: ssh-in/any/policy-security-groups/SSH/Allow/
- action-6: http-ok/any/policy-security-groups/HTTP,HTTPS/Allow/
- pction-7: sorry-nothing-allowed/any/policy-security-groups/Any/Reject
-
- NOTE on ping: same as policy-11 but only allowed from policy-security-groups
- You can import policy-BB to NSX using the admin-policy-BB.blueprint
diff --git a/vmware_nsx_tempest/doc/README-LBaaS.rst b/vmware_nsx_tempest/doc/README-LBaaS.rst
deleted file mode 100644
index fb463e2ce2..0000000000
--- a/vmware_nsx_tempest/doc/README-LBaaS.rst
+++ /dev/null
@@ -1,74 +0,0 @@
-Overview
-========
-
-This document describes what LBaaS tests are not supported at different
-NSX plugin's and backends.
-
-NOTE::
-
- All LBaaS API & Scenario tests should PASS with exceptions
- due to NSX plugins and features supported by backend.
-
- For how tests can be skipped for specific plugin and backend,
- please refer to paragraph "Config for Test Execution".
-
-NOTE::
-
- We no longer support LBaaS v1. So this document and LBaaS tests
- only applys to releases from Mitaka/Marvin or later.
-
-Limitation:
------------
-
-NSX-v with VMware LBaaS driver::
-
- #. LBaaS networks need to attach to exclusive router
- #. One tenant per subnet
- #. L7 switching not supported
-
-NSX-v3 with Octavia driver::
-
- #. upstream implemenation - all tests should PASS.
- #. scenario tests take long time, it might fail with fixture timeout.
-
-Config for Test execution:
---------------------------
-
-Following configuration attributes used to controll test execution::
-
- #. no_router_type at group/session nsxv
-
- Default is False, and is used to run LBaaS tests in NSX-v environment.
- To run in NSX-t environment, set it to True
-
- #. bugs_to_resolve at group/session nsxv
-
- For test to skip if bug-ID presented in this attribute.
- The test will use testtools.skipIf(condition, reason) to skip if its ID in the bugs_to_resolve list.
-
-local.conf:
-----------
-NSX-v::
- [nsxv]
- no_router_type=False
- bugs_to_resolve=1641902,1715126,1703396,1739510
-
-NSX-v3::
- [compute]
- build_timeout=900
- build_interval=2
-
- [nsxv]
- no_router_type=True
-
-Execution:
-----------
-
-#. Use testr list-tests command to generate test suite for run API and Scenario tests::
-
- tools/with_venv.sh testr list-tests nsxv.api.lbaas
- tools/with_venv.sh testr list-tests nsxv.scenarion.test_lbaas
-
-#. l7 switching tests take long time to complete. If got fixture timeout, do::
-
- OS_TEST_TIMEOUT=2400 ./run_tempest.sh -t test_lbaas_l7_switching_ops
diff --git a/vmware_nsx_tempest/doc/admin-policy-AA.blueprint b/vmware_nsx_tempest/doc/admin-policy-AA.blueprint
deleted file mode 100644
index 2f928fe6d6..0000000000
--- a/vmware_nsx_tempest/doc/admin-policy-AA.blueprint
+++ /dev/null
@@ -1,341 +0,0 @@
-
- admin-policy-AA
- 8 firewall rules - ping, ssh from anywhere are OK
-
- 0
- security-policy-AA
- Security Policy AA
-
- false
- 0
- false
- 5500
-
- firewall
-
- 0
- dhcp-in
-
- false
- 0
- firewall
- 1
- true
- false
- false
-
-
- 0
- DHCP-Client
-
- false
- 0
- true
-
- UDP
- 68
-
-
-
- 0
- DHCP-Server
-
- false
- 0
- true
-
- UDP
- 67
-
-
-
- false
- false
- allow
- inbound
- false
-
-
- 0
- dhcp-out
-
- false
- 0
- firewall
- 2
- true
- false
- false
-
-
- 0
- DHCP-Client
-
- false
- 0
- true
-
- UDP
- 68
-
-
-
- 0
- DHCP-Server
-
- false
- 0
- true
-
- UDP
- 67
-
-
-
- false
- false
- allow
- outbound
- false
-
-
- 0
- ping-in
- Everyone can ping me
-
- false
- 0
- firewall
- 3
- true
- false
- false
-
-
- 0
- ICMP Echo
-
- false
- 0
- true
-
- ICMP
- echo-request
-
-
-
- 0
- ICMP Redirect
-
- false
- 0
- true
-
- ICMP
- redirect
-
-
-
- 0
- ICMP Echo Reply
-
- false
- 0
- true
-
- ICMP
- echo-reply
-
-
-
- false
- false
- allow
- inbound
- false
-
-
- 0
- ping-out
-
- false
- 0
- firewall
- 4
- true
- false
- false
-
-
- 0
- ICMP Echo
-
- false
- 0
- true
-
- ICMP
- echo-request
-
-
-
- 0
- ICMP Redirect
-
- false
- 0
- true
-
- ICMP
- redirect
-
-
-
- 0
- ICMP Echo Reply
-
- false
- 0
- true
-
- ICMP
- echo-reply
-
-
-
- false
- false
- allow
- outbound
- false
-
-
- 0
- ssh-in-ok
-
- false
- 0
- firewall
- 5
- true
- false
- false
-
-
- 0
- SSH
-
- false
- 0
- true
-
- TCP
- 22
-
-
-
- false
- false
- allow
- inbound
- false
-
-
- 0
- ssh-out-ok
-
- false
- 0
- firewall
- 6
- true
- false
- false
-
-
- 0
- SSH
-
- false
- 0
- true
-
- TCP
- 22
-
-
-
- false
- false
- allow
- outbound
- false
-
-
- 0
- HTTP-ok
- All can http(s) me
-
- false
- 0
- firewall
- 7
- true
- false
- false
-
-
- 0
- HTTP
-
- false
- 0
- true
-
- TCP
- 80
-
-
-
- 0
- HTTPS
-
- false
- 0
- true
-
- TCP
- 443
-
-
-
- false
- false
- allow
- inbound
- false
-
-
- 0
- sorry-nothing-allowed
-
- false
- 0
- firewall
- 8
- true
- false
- false
- false
- false
- reject
- inbound
- false
-
-
-
- firewall
- in_sync
-
-
-
diff --git a/vmware_nsx_tempest/doc/admin-policy-BB.blueprint b/vmware_nsx_tempest/doc/admin-policy-BB.blueprint
deleted file mode 100644
index f8a512adb1..0000000000
--- a/vmware_nsx_tempest/doc/admin-policy-BB.blueprint
+++ /dev/null
@@ -1,285 +0,0 @@
-
- admin-policy-BB
- policy-BB, ssh from anywhere are OK, but ping limited to same security-group
-
- 0
- security-policy-BB
- Security Policy BB
-
- false
- 0
- false
- 5600
-
- firewall
-
- 0
- dhcp-in
-
- false
- 0
- firewall
- 1
- true
- false
- false
-
-
- 0
- DHCP-Client
-
- false
- 0
- true
-
- UDP
- 68
-
-
-
- 0
- DHCP-Server
-
- false
- 0
- true
-
- UDP
- 67
-
-
-
- false
- false
- allow
- inbound
- false
-
-
- 0
- dhcp-out
-
- false
- 0
- firewall
- 2
- true
- false
- false
-
-
- 0
- DHCP-Client
-
- false
- 0
- true
-
- UDP
- 68
-
-
-
- 0
- DHCP-Server
-
- false
- 0
- true
-
- UDP
- 67
-
-
-
- false
- false
- allow
- outbound
- false
-
-
- 0
- group-ping-ok
- icmp only allowed from VM with same security-policy
-
- false
- 0
- firewall
- 3
- true
- false
- false
-
-
- 0
- ICMP Echo
-
- false
- 0
- true
-
- ICMP
- echo-request
-
-
-
- 0
- ICMP Redirect
-
- false
- 0
- true
-
- ICMP
- redirect
-
-
-
- 0
- ICMP Echo Reply
-
- false
- 0
- true
-
- ICMP
- echo-reply
-
-
-
- false
- false
- allow
- intra
- false
-
-
- 0
- ssh-in-ok
-
- false
- 0
- firewall
- 4
- true
- false
- false
-
-
- 0
- SSH
-
- false
- 0
- true
-
- TCP
- 22
-
-
-
- false
- false
- allow
- inbound
- false
-
-
- 0
- ssh-out-ok
-
- false
- 0
- firewall
- 5
- true
- false
- false
-
-
- 0
- SSH
-
- false
- 0
- true
-
- TCP
- 22
-
-
-
- false
- false
- allow
- outbound
- false
-
-
- 0
- group-HTTP
-
- false
- 0
- firewall
- 6
- true
- false
- false
-
-
- 0
- HTTP
-
- false
- 0
- true
-
- TCP
- 80
-
-
-
- 0
- HTTPS
-
- false
- 0
- true
-
- TCP
- 443
-
-
-
- false
- false
- allow
- intra
- false
-
-
- 0
- sorry-nothing-allowed
-
- false
- 0
- firewall
- 7
- true
- false
- false
- false
- false
- reject
- inbound
- false
-
-
-
- firewall
- in_sync
-
-
-
diff --git a/vmware_nsx_tempest/lib/__init__.py b/vmware_nsx_tempest/lib/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/lib/appliance_manager.py b/vmware_nsx_tempest/lib/appliance_manager.py
deleted file mode 100644
index 91cf121838..0000000000
--- a/vmware_nsx_tempest/lib/appliance_manager.py
+++ /dev/null
@@ -1,234 +0,0 @@
-# Copyright 2017 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import collections
-
-import netaddr
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import exceptions as lib_exc
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-
-
-class ApplianceManager(manager.NetworkScenarioTest):
- server_details = collections.namedtuple('server_details',
- ['server', 'floating_ip',
- 'networks'])
-
- def setUp(self):
- super(ApplianceManager, self).setUp()
- self.topology_routers = {}
- self.topology_networks = {}
- self.topology_subnets = {}
- self.topology_servers = {}
- self.topology_servers_floating_ip = []
- self.topology_public_network_id = CONF.network.public_network_id
- self.topology_config_drive = CONF.compute_feature_enabled.config_drive
- self.topology_keypairs = {}
- self.servers_details = {}
-
- def get_internal_ips(self, server, network, device="network"):
- internal_ips = [p['fixed_ips'][0]['ip_address'] for p in
- self.os_admin.ports_client.list_ports(
- tenant_id=server['tenant_id'],
- network_id=network['id'])['ports'] if
- p['device_owner'].startswith(device)]
- return internal_ips
-
- def _verify_empty_security_group_status(self, security_group):
- ip_protocols = ["IPV6", "IPV4"]
- nsx_fw_section, nsx_fw_section_rules = \
- self.nsx_client.get_firewall_section_and_rules(
- security_group['name'], security_group['id'])
- msg = "Newly created empty security group does not meet criteria !!!"
- self.assertEqual(nsx_fw_section["rule_count"], 2, msg)
- self.assertEqual(nsx_fw_section_rules[0]["action"], "ALLOW", msg)
- self.assertEqual(nsx_fw_section_rules[1]["action"], "ALLOW", msg)
- self.assertEqual(nsx_fw_section_rules[0]["direction"], "OUT", msg)
- self.assertEqual(nsx_fw_section_rules[1]["direction"], "OUT", msg)
- self.assertIn(nsx_fw_section_rules[0]["ip_protocol"], ip_protocols,
- msg)
- self.assertIn(nsx_fw_section_rules[1]["ip_protocol"], ip_protocols,
- msg)
-
- def create_topology_empty_security_group(self, namestart="vmw_"):
- security_group = self._create_empty_security_group(namestart=namestart)
- self._verify_empty_security_group_status(security_group)
- return security_group
-
- def add_security_group_rule(self, security_group, rule):
- return self._create_security_group_rule(secgroup=security_group,
- **rule)
-
- def get_server_key(self, server):
- return self.topology_keypairs[server['key_name']]['private_key']
-
- def create_topology_router(self, router_name, routers_client=None,
- **kwargs):
- if not routers_client:
- routers_client = self.routers_client
- router_name_ = constants.APPLIANCE_NAME_STARTS_WITH + router_name
- router = self._create_router(namestart=router_name_, **kwargs)
- public_network_info = {"external_gateway_info": dict(
- network_id=self.topology_public_network_id)}
- routers_client.update_router(router['id'], **public_network_info)
- self.topology_routers[router_name] = router
- return router
-
- def create_topology_network(self, network_name, networks_client=None,
- tenant_id=None, port_security_enabled=True, **kwargs):
- if not networks_client:
- networks_client = self.networks_client
- if not tenant_id:
- tenant_id = networks_client.tenant_id
- network_name_ = constants.APPLIANCE_NAME_STARTS_WITH + network_name
- name = data_utils.rand_name(network_name_)
- # Neutron disables port security by default so we have to check the
- # config before trying to create the network with port_security_enabled
- if CONF.network_feature_enabled.port_security:
- port_security_enabled = True
- result = networks_client.create_network(
- name=name, tenant_id=tenant_id,
- port_security_enabled=port_security_enabled, **kwargs)
- network = result['network']
- self.assertEqual(network['name'], name)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- networks_client.delete_network, network['id'])
- self.topology_networks[network_name] = network
- return network
-
- def create_topology_subnet(
- self, subnet_name, network, routers_client=None,
- subnets_client=None, router_id=None, ip_version=4, cidr=None,
- mask_bits=None, **kwargs):
- subnet_name_ = constants.APPLIANCE_NAME_STARTS_WITH + subnet_name
- if not subnets_client:
- subnets_client = self.subnets_client
- if not routers_client:
- routers_client = self.routers_client
-
- def cidr_in_use(cidr, tenant_id):
- """Check cidr existence
- :returns: True if subnet with cidr already exist in tenant
- False else
- """
- cidr_in_use = \
- self.os_admin.subnets_client.list_subnets(tenant_id=tenant_id,
- cidr=cidr)['subnets']
- return len(cidr_in_use) != 0
-
- if ip_version == 6:
- tenant_cidr = (cidr or netaddr.IPNetwork(
- CONF.network.project_network_v6_cidr))
- mask_bits = mask_bits or CONF.network.project_network_v6_mask_bits
- else:
- tenant_cidr = cidr or netaddr.IPNetwork(
- CONF.network.project_network_cidr)
- mask_bits = mask_bits or CONF.network.project_network_mask_bits
- str_cidr = str(tenant_cidr)
- if not cidr:
- # Repeatedly attempt subnet creation with sequential cidr
- # blocks until an unallocated block is found.
- for subnet_cidr in tenant_cidr.subnet(mask_bits):
- str_cidr = str(subnet_cidr)
- if not cidr_in_use(str_cidr, tenant_id=network['tenant_id']):
- break
- else:
- if cidr_in_use(str_cidr, tenant_id=network['tenant_id']):
- LOG.error("Specified subnet %r is in use" % str_cidr)
- raise
- subnet = dict(name=data_utils.rand_name(subnet_name_),
- network_id=network['id'], tenant_id=network['tenant_id'],
- cidr=str_cidr, ip_version=ip_version, **kwargs)
- try:
- result = None
- result = subnets_client.create_subnet(**subnet)
- except lib_exc.Conflict as e:
- is_overlapping_cidr = 'overlaps with another subnet' in str(e)
- if not is_overlapping_cidr:
- raise
- self.assertIsNotNone(result, 'Unable to allocate tenant network')
- subnet = result['subnet']
- self.assertEqual(subnet['cidr'], str_cidr)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- subnets_client.delete_subnet, subnet['id'])
- self.topology_subnets[subnet_name] = subnet
- if router_id:
- if not routers_client:
- routers_client = self.routers_client
- routers_client.add_router_interface(
- router_id, subnet_id=subnet["id"])
- self.addCleanup(
- test_utils.call_and_ignore_notfound_exc,
- routers_client.remove_router_interface, router_id,
- subnet_id=subnet["id"])
- return subnet
-
- def create_topology_security_group(self, **kwargs):
- return self._create_security_group(**kwargs)
-
- def create_topology_instance(
- self, server_name, networks, security_groups=None,
- config_drive=None, keypair=None, image_id=None,
- clients=None, create_floating_ip=True, **kwargs):
- # Define security group for server.
- if security_groups:
- kwargs["security_groups"] = security_groups
- else:
- _sg = self.create_topology_security_group()
- _security_groups = [{'name': _sg['name']}]
- kwargs["security_groups"] = _security_groups
- # Define config drive for server.
- if not config_drive:
- kwargs["config_drive"] = self.topology_config_drive
- else:
- kwargs["config_drive"] = config_drive
- if not keypair:
- keypair = self.create_keypair()
- self.topology_keypairs[keypair['name']] = keypair
- kwargs["key_name"] = keypair['name']
- else:
- kwargs["key_name"] = keypair['name']
- # Define image id for server.
- if image_id:
- kwargs["image_id"] = image_id
- server_name_ = constants.APPLIANCE_NAME_STARTS_WITH + server_name
- # Collect all the networks for server.
- networks_ = []
- for net in networks:
- net_ = {"uuid": net["id"]}
- networks_.append(net_)
- # Deploy server with all teh args.
- server = self.create_server(
- name=server_name_, networks=networks_, clients=clients, **kwargs)
- if create_floating_ip:
- floating_ip = self.create_floating_ip(server)
- server["floating_ip"] = floating_ip
- self.topology_servers_floating_ip.append(floating_ip)
- else:
- floating_ip = None
- server_details = self.server_details(server=server,
- floating_ip=floating_ip,
- networks=networks)
- self.servers_details[server_name] = server_details
- self.topology_servers[server_name] = server
- return server
diff --git a/vmware_nsx_tempest/lib/feature_manager.py b/vmware_nsx_tempest/lib/feature_manager.py
deleted file mode 100644
index db63e1565b..0000000000
--- a/vmware_nsx_tempest/lib/feature_manager.py
+++ /dev/null
@@ -1,172 +0,0 @@
-# Copyright 2017 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest import config
-from tempest.lib.common.utils import test_utils
-
-from vmware_nsx_tempest._i18n import _
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.lib import traffic_manager
-from vmware_nsx_tempest.services import nsx_client
-from vmware_nsx_tempest.services import openstack_network_clients
-
-LOG = constants.log.getLogger(__name__)
-
-CONF = config.CONF
-
-
-# It includes feature related function such CRUD Mdproxy, L2GW or QoS
-class FeatureManager(traffic_manager.TrafficManager):
- @classmethod
- def setup_clients(cls):
- """
- Create various client connections. Such as NSXv3 and L2 Gateway.
- """
- super(FeatureManager, cls).setup_clients()
- try:
- manager = getattr(cls.os_admin, "manager", cls.os_admin)
- net_client = getattr(manager, "networks_client")
- _params = manager.default_params_withy_timeout_values.copy()
- except AttributeError as attribute_err:
- LOG.warning(
- "Failed to locate the attribute, Error: %(err_msg)s",
- {"err_msg": attribute_err.__str__()})
- _params = {}
- cls.l2gw_client = openstack_network_clients.L2GatewayClient(
- net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- cls.nsx_client = nsx_client.NSXClient(
- CONF.network.backend,
- CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
- cls.l2gwc_client = openstack_network_clients.L2GatewayConnectionClient(
- net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
-
- #
- # L2Gateway base class. To get basics of L2GW.
- #
- def create_l2gw(self, l2gw_name, l2gw_param):
- """
- Creates L2GW and returns the response.
-
- :param l2gw_name: name of the L2GW
- :param l2gw_param: L2GW parameters
-
- :return: response of L2GW create API
- """
- LOG.info("l2gw name: %(name)s, l2gw_param: %(devices)s ",
- {"name": l2gw_name, "devices": l2gw_param})
- devices = []
- for device_dict in l2gw_param:
- interface = [{"name": device_dict["iname"],
- "segmentation_id": device_dict[
- "vlans"]}] if "vlans" in device_dict else [
- {"name": device_dict["iname"]}]
- device = {"device_name": device_dict["dname"],
- "interfaces": interface}
- devices.append(device)
- l2gw_request_body = {"devices": devices}
- LOG.info(" l2gw_request_body: %s", l2gw_request_body)
- rsp = self.l2gw_client.create_l2_gateway(
- name=l2gw_name, **l2gw_request_body)
- LOG.info(" l2gw response: %s", rsp)
- self.addCleanup(
- test_utils.call_and_ignore_notfound_exc,
- self.l2gw_client.delete_l2_gateway, rsp[constants.L2GW]["id"])
- return rsp, devices
-
- def delete_l2gw(self, l2gw_id):
- """
- Delete L2gw.
-
- :param l2gw_id: L2GW id to delete l2gw.
-
- :return: response of the l2gw delete API.
- """
- LOG.info("L2GW id: %(id)s to be deleted.", {"id": l2gw_id})
- rsp = self.l2gw_client.delete_l2_gateway(l2gw_id)
- LOG.info("response : %(rsp)s", {"rsp": rsp})
- return rsp
-
- def update_l2gw(self, l2gw_id, l2gw_new_name, devices):
- """
- Update existing L2GW.
-
- :param l2gw_id: L2GW id to update its parameters.
- :param l2gw_new_name: name of the L2GW.
- :param devices: L2GW parameters.
-
- :return: Response of the L2GW update API.
- """
- rsp = self.l2gw_client.update_l2_gateway(l2gw_id,
- name=l2gw_new_name, **devices)
- return rsp
-
- def nsx_bridge_cluster_info(self):
- """
- Collect the device and interface name of the nsx brdige cluster.
-
- :return: nsx bridge id and display name.
- """
- response = self.nsx_client.get_bridge_cluster_info()
- if len(response) == 0:
- raise RuntimeError(_("NSX bridge cluster information is null"))
- return [(x.get("id"), x.get("display_name")) for x in response]
-
- def create_l2gw_connection(self, l2gwc_param):
- """
- Creates L2GWC and return the response.
-
- :param l2gwc_param: L2GWC parameters.
-
- :return: response of L2GWC create API.
- """
- LOG.info("l2gwc param: %(param)s ", {"param": l2gwc_param})
- l2gwc_request_body = {"l2_gateway_id": l2gwc_param["l2_gateway_id"],
- "network_id": l2gwc_param["network_id"]}
- if "segmentation_id" in l2gwc_param:
- l2gwc_request_body["segmentation_id"] = l2gwc_param[
- "segmentation_id"]
- LOG.info("l2gwc_request_body: %s", l2gwc_request_body)
- rsp = self.l2gwc_client.create_l2_gateway_connection(
- **l2gwc_request_body)
- LOG.info("l2gwc response: %s", rsp)
- self.addCleanup(
- test_utils.call_and_ignore_notfound_exc,
- self.l2gwc_client.delete_l2_gateway_connection,
- rsp[constants.L2GWC]["id"])
- return rsp
-
- def delete_l2gw_connection(self, l2gwc_id):
- """
- Delete L2GWC and returns the response.
-
- :param l2gwc_id: L2GWC id to delete L2GWC.
-
- :return: response of the l2gwc delete API.
- """
- LOG.info("L2GW connection id: %(id)s to be deleted",
- {"id": l2gwc_id})
- rsp = self.l2gwc_client.delete_l2_gateway_connection(l2gwc_id)
- LOG.info("response : %(rsp)s", {"rsp": rsp})
- return rsp
diff --git a/vmware_nsx_tempest/lib/traffic_manager.py b/vmware_nsx_tempest/lib/traffic_manager.py
deleted file mode 100644
index 3a396c44bd..0000000000
--- a/vmware_nsx_tempest/lib/traffic_manager.py
+++ /dev/null
@@ -1,65 +0,0 @@
-# Copyright 2017 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from vmware_nsx_tempest.lib import appliance_manager
-
-
-class TrafficManager(appliance_manager.ApplianceManager):
- def check_server_internal_ips_using_floating_ip(self, floating_ip, server,
- address_list, should_connect=True):
- ip_address = floating_ip['floating_ip_address']
- private_key = self.get_server_key(server)
- ssh_source = self.get_remote_client(ip_address,
- private_key=private_key)
- for remote_ip in address_list:
- self.check_remote_connectivity(ssh_source, remote_ip,
- should_succeed=should_connect)
-
- def check_network_internal_connectivity(self, network, floating_ip, server,
- should_connect=True):
- """via ssh check VM internal connectivity:
- - ping internal gateway and DHCP port, implying in-tenant connectivity
- pinging both, because L3 and DHCP agents might be on different nodes
- """
- # get internal ports' ips:
- # get all network ports in the new network
- internal_ips = self.get_internal_ips(server, network, device="network")
- self.check_server_internal_ips_using_floating_ip(floating_ip, server,
- internal_ips, should_connect)
-
- def check_vm_internal_connectivity(self, network, floating_ip, server,
- should_connect=True):
- # test internal connectivity to the other VM on the same network
- compute_ips = self.get_internal_ips(server, network, device="compute")
- self.check_server_internal_ips_using_floating_ip(floating_ip, server,
- compute_ips, should_connect)
-
- def using_floating_ip_check_server_and_project_network_connectivity(self,
- server_details, network=None):
- if not network:
- network = server_details.networks[0]
- floating_ip = server_details.floating_ip
- server = server_details.server
- self.check_network_internal_connectivity(network, floating_ip, server)
- self.check_vm_internal_connectivity(network, floating_ip, server)
-
- def check_cross_network_connectivity(self, network1,
- floating_ip_on_network2, server_on_network2, should_connect=False):
- # test internal connectivity to the other VM on the same network
- remote_ips = self.get_internal_ips(server_on_network2, network1,
- device="compute")
- self.check_server_internal_ips_using_floating_ip(
- floating_ip_on_network2, server_on_network2, remote_ips,
- should_connect)
diff --git a/vmware_nsx_tempest/plugin.py b/vmware_nsx_tempest/plugin.py
deleted file mode 100644
index db36053117..0000000000
--- a/vmware_nsx_tempest/plugin.py
+++ /dev/null
@@ -1,60 +0,0 @@
-# Copyright 2015 VMware, Inc.
-#
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import os
-
-from tempest import config
-from tempest.test_discover import plugins
-
-from vmware_nsx_tempest import config as config_nsx
-
-
-_opts = [
- (config_nsx.scenario_group, config_nsx.ScenarioGroup),
- (config_nsx.network_group, config_nsx.NetworkGroup),
- (config_nsx.nsxv_group, config_nsx.NSXvGroup),
- (config_nsx.l2gw_group, config_nsx.L2gwGroup),
- (config_nsx.nsxv3_group, config_nsx.NSXv3Group)
-]
-
-
-class VMwareNsxTempestPlugin(plugins.TempestPlugin):
-
- """Our addon configuration is defined at vmware_nsx_tempest/config.py
-
- 1. register_opts() to register group/opts to Tempest
- 2. get_opt_lists() to pass config to Tempest
-
- The official plugin is defined at
- https://docs.openstack.org/developer/tempest/plugin.html
- """
-
- def load_tests(self):
- mydir = os.path.dirname(os.path.abspath(__file__))
- base_path = os.path.split(mydir)[0]
- test_dir = "vmware_nsx_tempest/tests"
- test_fullpath = os.path.join(base_path, test_dir)
- return test_fullpath, base_path
-
- def register_opts(self, conf):
- conf.register_opt(config_nsx.service_option,
- group='service_available')
- for group, option in _opts:
- config.register_opt_group(conf, group, option)
-
- def get_opt_lists(self):
- return [(group.name, option) for group, option in _opts
- ].append(('service_available', [config_nsx.service_option]))
diff --git a/vmware_nsx_tempest/services/README.rst b/vmware_nsx_tempest/services/README.rst
deleted file mode 100644
index c3e6f8591d..0000000000
--- a/vmware_nsx_tempest/services/README.rst
+++ /dev/null
@@ -1,42 +0,0 @@
-This folder contains services for managing NSX-v, NSX-v3.
-
-Services provided:
-
-# OpenStack tempest service clients
-l2_gateway_client.py
- based on tempest BaseNetworkClient implements client APIs to manage
- neutron l2-gateway resources
-
-l2_gateway_connection_client.py
- based on tempest BaseNetworkClient implements client APIs to manage
- neutron l2-gateway-connection resources
-
-lbaas v2 clients: ported from neutron_lbaas to comply with tempest services.
- lbaas/load_balancers_client.py
- lbaas/listeners_client.py
- lbaas/pools_client.py
- lbaas/health_monitorys_client.py
- lbaas/members_client.py
-
-lbv1_client.py
- based on tempest BaseNetworkClient implements client APIs to manage
- neutron v1 load-balancer resources
-
-network_client_base.py
- due to tempest network services are in the process of migrating to
- tempest-lib, some features to be used by tests are not in
- BaseNetworkClient. Inherent here and used by all vmware-nsx-tempest
- client for now.
-
-# NSX speific services
-nsxv_client.py implements API to manage NSX-v components
- - Logical switch (Tenant network)
- - Edge (Service edge, DHCP edge, and VDR edge)
- - DFW firewall rules (Security group)
- - SpoofGuard
-
-nsxv3_client.py implements API to manage NSX backend resources:
- - logical switch
- - firewall section
- - nsgroup
- - logical router
diff --git a/vmware_nsx_tempest/services/__init__.py b/vmware_nsx_tempest/services/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/services/base_l2gw.py b/vmware_nsx_tempest/services/base_l2gw.py
deleted file mode 100644
index 4f857e116b..0000000000
--- a/vmware_nsx_tempest/services/base_l2gw.py
+++ /dev/null
@@ -1,103 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Copyright 2015 Hewlett-Packard Development Company, L.P.
-# Copyright 2015 OpenStack Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest import config
-
-from vmware_nsx_tempest.common import constants
-
-LOG = constants.log.getLogger(__name__)
-
-CONF = config.CONF
-SEGMENTATION_ID_DELIMITER = "#"
-INTERFACE_SEG_ID_DELIMITER = "|"
-DEVICE_INTERFACE_DELIMITER = "::"
-DEVICE_DELIMITER = ","
-INTERFACE_DELIMITER = ";"
-"""
- Sample for providing input for gateway creation in config is noted below
- Options provide flexibility to user to create l2gateway
- For single device ,single interface with single vlan
- l2gw_switch = device_name1::int_name1|vlan1
- For single device multiple interfaces with single or multiple vlans
- l2gw_switch = device_name1::int_name1|vlan1#vlan2;int_name2|vlan3
- For multiple devices with mutiple interfaces having single or mutiple vlan
- l2gw_switch = device_n1::int_n1|vlan1,device_n2::int_n2|vlan2#vlan3
-"""
-
-
-def get_interface(interfaces):
- interface_dict = []
- for interface in interfaces:
- if INTERFACE_SEG_ID_DELIMITER in interface:
- int_name = interface.split(INTERFACE_SEG_ID_DELIMITER)[0]
- segid = interface.split(INTERFACE_SEG_ID_DELIMITER)[1]
- if SEGMENTATION_ID_DELIMITER in segid:
- segid = segid.split(SEGMENTATION_ID_DELIMITER)
- else:
- segid = [segid]
- interface_detail = {'name': int_name, 'segmentation_id': segid}
- else:
- interface_detail = {'name': interface}
- interface_dict.append(interface_detail)
- return interface_dict
-
-
-def get_device_interface(device_name, interface):
- if INTERFACE_DELIMITER in interface:
- interface_dict = interface.split(INTERFACE_DELIMITER)
- interfaces = get_interface(interface_dict)
- else:
- interfaces = get_interface([interface])
- device = {'device_name': device_name,
- 'interfaces': interfaces}
- return device
-
-
-def get_l2gw_body(l2gw_conf):
- device_dict = []
- devices = l2gw_conf.split(DEVICE_DELIMITER)
- for device in devices:
- if DEVICE_INTERFACE_DELIMITER in device:
- device_name = device.split(DEVICE_INTERFACE_DELIMITER)[0]
- interface = device.split(DEVICE_INTERFACE_DELIMITER)[1]
- device = get_device_interface(device_name, interface)
- device_dict.append(device)
- body = {'devices': device_dict}
- return body
-
-
-def form_dict_devices(devices):
- seg_ids = []
- devices1 = dict()
- int_seg = []
- for device in devices:
- device_name = device['device_name']
- interfaces = device['interfaces']
- for interface in interfaces:
- interface_name = interface['name']
- int_seg.append(interface_name)
- seg_id = interface['segmentation_id']
- if type(seg_id) is list:
- for segid in seg_id:
- seg_ids.append(segid)
- else:
- seg_ids.append(seg_id)
- int_seg.append(seg_id)
- devices1.setdefault(device_name, []).append(int_seg)
- int_seg = []
- return devices1
diff --git a/vmware_nsx_tempest/services/fwaas_client.py b/vmware_nsx_tempest/services/fwaas_client.py
deleted file mode 100644
index 3b63dad0e5..0000000000
--- a/vmware_nsx_tempest/services/fwaas_client.py
+++ /dev/null
@@ -1,131 +0,0 @@
-# Copyright (c) 2015 Midokura SARL
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest import config
-from tempest.lib import exceptions as lib_exc
-
-from vmware_nsx_tempest.services import network_client_base as base
-CONF = config.CONF
-
-
-class FWaaSV1Client(base.BaseNetworkClient):
-
- def create_firewall(self, **kwargs):
- uri = '/fw/firewalls'
- post_data = {'firewall': kwargs}
- return self.create_resource(uri, post_data)
-
- def update_firewall(self, firewall_id, **kwargs):
- uri = '/fw/firewalls/%s' % firewall_id
- post_data = {'firewall': kwargs}
- return self.update_resource(uri, post_data)
-
- def show_firewall(self, firewall_id, **fields):
- uri = '/fw/firewalls/%s' % firewall_id
- return self.show_resource(uri, **fields)
-
- def delete_firewall(self, firewall_id):
- uri = '/fw/firewalls/%s' % firewall_id
- return self.delete_resource(uri)
-
- def list_firewalls(self, **filters):
- uri = '/fw/firewalls'
- return self.list_resources(uri, **filters)
-
- def create_firewall_rule(self, **kwargs):
- uri = '/fw/firewall_rules'
- post_data = {'firewall_rule': kwargs}
- return self.create_resource(uri, post_data)
-
- def update_firewall_rule(self, firewall_rule_id, **kwargs):
- uri = '/fw/firewall_rules/%s' % firewall_rule_id
- post_data = {'firewall_rule': kwargs}
- return self.update_resource(uri, post_data)
-
- def show_firewall_rule(self, firewall_rule_id, **fields):
- uri = '/fw/firewall_rules/%s' % firewall_rule_id
- return self.show_resource(uri, **fields)
-
- def delete_firewall_rule(self, firewall_rule_id):
- uri = '/fw/firewall_rules/%s' % firewall_rule_id
- return self.delete_resource(uri)
-
- def list_firewall_rules(self, **filters):
- uri = '/fw/firewall_rules'
- return self.list_resources(uri, **filters)
-
- def is_resource_deleted(self, id):
- try:
- self.show_firewall(id)
- except lib_exc.NotFound:
- return True
- return False
-
- def create_firewall_policy(self, **kwargs):
- uri = '/fw/firewall_policies'
- post_data = {'firewall_policy': kwargs}
- return self.create_resource(uri, post_data)
-
- def update_firewall_policy(self, firewall_policy_id, **kwargs):
- uri = '/fw/firewall_policies/%s' % firewall_policy_id
- post_data = {'firewall_policy': kwargs}
- return self.update_resource(uri, post_data)
-
- def show_firewall_policy(self, firewall_policy_id, **fields):
- uri = '/fw/firewall_policies/%s' % firewall_policy_id
- return self.show_resource(uri, **fields)
-
- def delete_firewall_policy(self, firewall_policy_id):
- uri = '/fw/firewall_policies/%s' % firewall_policy_id
- return self.delete_resource(uri)
-
- def list_firewall_policies(self, **filters):
- uri = '/fw/firewall_policies'
- return self.list_resources(uri, **filters)
-
- def insert_firewall_rule_in_policy(self, firewall_policy_id,
- firewall_rule_id, insert_after='',
- insert_before=''):
- uri = '/fw/firewall_policies/%s/insert_rule' % firewall_policy_id
- data = {
- 'firewall_rule_id': firewall_rule_id,
- 'insert_after': insert_after,
- 'insert_before': insert_before,
- }
- return self.update_resource(uri, data)
-
- def remove_firewall_rule_from_policy(self, firewall_policy_id,
- firewall_rule_id):
- uri = '/fw/firewall_policies/%s/remove_rule' % firewall_policy_id
- data = {
- 'firewall_rule_id': firewall_rule_id,
- }
- return self.update_resource(uri, data)
-
-
-def get_client(client_mgr):
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = FWaaSV1Client(net_client.auth_provider,
- net_client.service,
- net_client.region,
-
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/l2_gateway_client.py b/vmware_nsx_tempest/services/l2_gateway_client.py
deleted file mode 100644
index fcdd6c3ec6..0000000000
--- a/vmware_nsx_tempest/services/l2_gateway_client.py
+++ /dev/null
@@ -1,82 +0,0 @@
-# Copyright 2016 VMware, Inc.
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-from oslo_log import log
-
-from tempest.lib.services.network import base
-
-from vmware_nsx_tempest.common import constants
-
-LOG = log.getLogger(__name__)
-
-
-class L2GatewayClient(base.BaseNetworkClient):
- """
- Request resources via API for L2GatewayClient
- l2 gateway create request
- l2 gateway update request
- l2 gateway show request
- l2 gateway delete request
- l2 gateway list all request
- """
-
- def create_l2_gateway(self, **kwargs):
- uri = constants.L2_GWS_BASE_URI
- post_data = {constants.L2GW: kwargs}
- LOG.info("URI : %(uri)s, posting data : %(post_data)s",
- {"uri": uri, "post_data": post_data})
- return self.create_resource(uri, post_data)
-
- def update_l2_gateway(self, l2_gateway_id, **kwargs):
- uri = constants.L2_GWS_BASE_URI + "/" + l2_gateway_id
- post_data = {constants.L2GW: kwargs}
- constants.LOG.info(
- "URI : %(uri)s, posting data : %(post_data)s",
- {"uri": uri, "post_data": post_data})
- return self.update_resource(uri, post_data)
-
- def show_l2_gateway(self, l2_gateway_id, **fields):
- uri = constants.L2_GWS_BASE_URI + "/" + l2_gateway_id
- LOG.info("URI : %(uri)s", {"uri": uri})
- return self.show_resource(uri, **fields)
-
- def delete_l2_gateway(self, l2_gateway_id):
- uri = constants.L2_GWS_BASE_URI + "/" + l2_gateway_id
- LOG.info("URI : %(uri)s", {"uri": uri})
- return self.delete_resource(uri)
-
- def list_l2_gateways(self, **filters):
- uri = constants.L2_GWS_BASE_URI
- LOG.info("URI : %(uri)s", {"uri": uri})
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr):
- """
- Create a l2-gateway client from manager or networks_client
- """
- try:
- manager = getattr(client_mgr, "manager", client_mgr)
- net_client = getattr(manager, "networks_client")
- _params = manager.default_params_withy_timeout_values.copy()
- except AttributeError as attribute_err:
- LOG.warning("Failed to locate the attribute, Error: %(err_msg)s",
- {"err_msg": attribute_err.__str__()})
- _params = {}
- client = L2GatewayClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/l2_gateway_connection_client.py b/vmware_nsx_tempest/services/l2_gateway_connection_client.py
deleted file mode 100644
index c1d23e5af8..0000000000
--- a/vmware_nsx_tempest/services/l2_gateway_connection_client.py
+++ /dev/null
@@ -1,69 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class L2GatewayConnectionClient(base.BaseNetworkClient):
- resource = 'l2_gateway_connection'
- resource_plural = 'l2_gateway_connections'
- path = 'l2-gateway-connections'
- resource_base_path = '/%s' % path
- resource_object_path = '/%s/%%s' % path
-
- def create_l2_gateway_connection(self, **kwargs):
- uri = self.resource_base_path
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_l2_gateway_connection(self, l2_gateway_id, **kwargs):
- uri = self.resource_object_path % l2_gateway_id
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_l2_gateway_connection(self, l2_gateway_id, **fields):
- uri = self.resource_object_path % l2_gateway_id
- return self.show_resource(uri, **fields)
-
- def delete_l2_gateway_connection(self, l2_gateway_id):
- uri = self.resource_object_path % l2_gateway_id
- return self.delete_resource(uri)
-
- def list_l2_gateway_connections(self, **filters):
- uri = self.resource_base_path
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr):
- """create a l2-gateway client from manager or networks_client
-
- For itempest user:
- from itempest import load_our_solar_system as osn
- from vmware_nsx_tempest.services import l2_gateway_connection_client
- l2gwc_client = l2_gateway_connection_client.get_client(osn.adm.manager)
- For tempest user:
- l2gwc_client = l2_gateway_connection_client.get_client(cls.os_adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = L2GatewayConnectionClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/lbaas/__init__.py b/vmware_nsx_tempest/services/lbaas/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/services/lbaas/health_monitors_client.py b/vmware_nsx_tempest/services/lbaas/health_monitors_client.py
deleted file mode 100644
index aa231bb75c..0000000000
--- a/vmware_nsx_tempest/services/lbaas/health_monitors_client.py
+++ /dev/null
@@ -1,72 +0,0 @@
-# Copyright 2014 Rackspace US Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class HealthMonitorsClient(base.BaseNetworkClient):
- resource = 'healthmonitor'
- resource_plural = 'healthmonitors'
- path = 'lbaas/healthmonitors'
- resource_base_path = '/%s' % path
- resource_object_path = '/%s/%%s' % path
-
- def create_health_monitor(self, **kwargs):
- uri = self.resource_base_path
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_health_monitor(self, health_monitor_id, **kwargs):
- uri = self.resource_object_path % health_monitor_id
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_health_monitor(self, health_monitor_id, **fields):
- uri = self.resource_object_path % health_monitor_id
- return self.show_resource(uri, **fields)
-
- def delete_health_monitor(self, health_monitor_id):
- uri = self.resource_object_path % health_monitor_id
- return self.delete_resource(uri)
-
- def list_health_monitors(self, **filters):
- uri = self.resource_base_path
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr):
- """create a lbaas health_monitors client from manager or networks_client
-
- For itempest user:
- from itempest import load_our_solar_system as osn
- from vmware_nsx_tempest.services.lbaas import health_monitors_client
- healthmonitors_client = health_monitors_client.get_client(
- osn.adm.manager)
- For tempest user:
- healthmonitors_client = health_monitors_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = HealthMonitorsClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/lbaas/l7policies_client.py b/vmware_nsx_tempest/services/lbaas/l7policies_client.py
deleted file mode 100644
index 03fccb3f32..0000000000
--- a/vmware_nsx_tempest/services/lbaas/l7policies_client.py
+++ /dev/null
@@ -1,59 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class L7PoliciesClient(base.BaseNetworkClient):
- resource = 'l7policy'
- resource_plural = 'l7policies'
- resource_base_path = '/lbaas/l7policies'
- resource_object_path = '/lbaas/l7policies/%s'
-
- def create_l7policy(self, **kwargs):
- uri = self.resource_base_path
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_l7policy(self, policy_id, **kwargs):
- uri = self.resource_object_path % (policy_id)
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_l7policy(self, policy_id, **fields):
- uri = self.resource_object_path % (policy_id)
- return self.show_resource(uri, **fields)
-
- def delete_l7policy(self, policy_id):
- uri = self.resource_object_path % (policy_id)
- return self.delete_resource(uri)
-
- def list_l7policies(self, **filters):
- uri = self.resource_base_path
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr):
- """create a lbaas l7policies client from manager or networks_client"""
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = L7PoliciesClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/lbaas/l7rules_client.py b/vmware_nsx_tempest/services/lbaas/l7rules_client.py
deleted file mode 100644
index 4a76abb585..0000000000
--- a/vmware_nsx_tempest/services/lbaas/l7rules_client.py
+++ /dev/null
@@ -1,60 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class L7RulesClient(base.BaseNetworkClient):
- resource = 'rule'
- resource_plural = 'rules'
- resource_base_path = '/lbaas/l7policies/%s/rules'
- resource_object_path = '/lbaas/l7policies/%s/rules/%s'
-
- def create_l7rule(self, policy_id, **kwargs):
- uri = self.resource_base_path % policy_id
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_l7rule(self, policy_id, rule_id, **kwargs):
- uri = self.resource_object_path % (policy_id, rule_id)
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_l7rule(self, policy_id, rule_id, **fields):
- uri = self.resource_object_path % (policy_id, rule_id)
- return self.show_resource(uri, **fields)
-
- def delete_l7rule(self, policy_id, rule_id):
- uri = self.resource_object_path % (policy_id, rule_id)
- return self.delete_resource(uri)
-
- def list_l7rules(self, policy_id, **filters):
- uri = self.resource_base_path % policy_id
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr):
- """create a lbaas l7rules client from manager or networks_client"""
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = L7RulesClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/lbaas/listeners_client.py b/vmware_nsx_tempest/services/lbaas/listeners_client.py
deleted file mode 100644
index 46cdd0fda0..0000000000
--- a/vmware_nsx_tempest/services/lbaas/listeners_client.py
+++ /dev/null
@@ -1,71 +0,0 @@
-# Copyright 2014 Rackspace US Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class ListenersClient(base.BaseNetworkClient):
- resource = 'listener'
- resource_plural = 'listeners'
- path = 'lbaas/listeners'
- resource_base_path = '/%s' % path
- resource_object_path = '/%s/%%s' % path
-
- def create_listener(self, **kwargs):
- uri = self.resource_base_path
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_listener(self, listener_id, **kwargs):
- uri = self.resource_object_path % listener_id
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_listener(self, listener_id, **fields):
- uri = self.resource_object_path % listener_id
- return self.show_resource(uri, **fields)
-
- def delete_listener(self, listener_id):
- uri = self.resource_object_path % listener_id
- return self.delete_resource(uri)
-
- def list_listeners(self, **filters):
- uri = self.resource_base_path
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr):
- """create a lbaas listener client from manager or networks_client
-
- For itempest user:
- from itempest import load_our_solar_system as osn
- from vmware_nsx_tempest.services.lbaas import pools_client
- lbaas_client = pools_client.get_client(osn.adm.manager)
- For tempest user:
- lbaas_client = pools_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = ListenersClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/lbaas/load_balancers_client.py b/vmware_nsx_tempest/services/lbaas/load_balancers_client.py
deleted file mode 100644
index 4f882ce6e6..0000000000
--- a/vmware_nsx_tempest/services/lbaas/load_balancers_client.py
+++ /dev/null
@@ -1,141 +0,0 @@
-# Copyright 2014 Rackspace US Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import time
-
-from tempest.lib import exceptions
-from tempest.lib.services.network import base
-
-from vmware_nsx_tempest._i18n import _
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-LB_NOTFOUND = "loadbalancer {lb_id} not found"
-
-
-class LoadBalancersClient(base.BaseNetworkClient):
- resource = 'loadbalancer'
- resource_plural = 'loadbalancers'
- path = 'lbaas/loadbalancers'
- resource_base_path = '/%s' % path
- resource_object_path = '/%s/%%s' % path
- resource_object_status_path = '/%s/%%s/statuses' % path
- resource_object_stats_path = '/%s/%%s/stats' % path
-
- def create_load_balancer(self, **kwargs):
- uri = self.resource_base_path
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_load_balancer(self, load_balancer_id, **kwargs):
- uri = self.resource_object_path % load_balancer_id
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_load_balancer(self, load_balancer_id, **fields):
- uri = self.resource_object_path % load_balancer_id
- return self.show_resource(uri, **fields)
-
- def show_load_balancer_status_tree(self, load_balancer_id, **fields):
- uri = self.resource_object_status_path % load_balancer_id
- return self.show_resource(uri, **fields)
-
- def show_load_balancer_stats(self, load_balancer_id, **fields):
- uri = self.resource_object_stats_path % load_balancer_id
- return self.show_resource(uri, **fields)
-
- def delete_load_balancer(self, load_balancer_id):
- uri = self.resource_object_path % load_balancer_id
- return self.delete_resource(uri)
-
- def list_load_balancers(self, **filters):
- uri = self.resource_base_path
- return self.list_resources(uri, **filters)
-
- def wait_for_load_balancer_status(self, load_balancer_id,
- provisioning_status='ACTIVE',
- operating_status='ONLINE',
- is_delete_op=False):
- """Must have utility method for load-balancer CRUD operation.
-
- This is the method you must call to make sure load_balancer_id is
- in provisioning_status=ACTIVE and opration_status=ONLINE status
- before manipulating any lbaas resource under load_balancer_id.
- """
-
- interval_time = self.build_interval
- timeout = self.build_timeout
- end_time = time.time() + timeout
- lb = None
- while time.time() < end_time:
- try:
- lb = self.show_load_balancer(load_balancer_id)
- if not lb:
- if is_delete_op:
- break
- else:
- raise Exception(
- LB_NOTFOUND.format(lb_id=load_balancer_id))
- lb = lb.get(self.resource, lb)
- if (lb.get('provisioning_status') == provisioning_status and
- lb.get('operating_status') == operating_status):
- break
- time.sleep(interval_time)
- except exceptions.NotFound as e:
- if is_delete_op:
- break
- else:
- raise e
- else:
- if is_delete_op:
- raise exceptions.TimeoutException(
- _("Waited for load balancer {lb_id} to be deleted for "
- "{timeout} seconds but can still observe that it "
- "exists.").format(
- lb_id=load_balancer_id,
- timeout=timeout))
- else:
- raise exceptions.TimeoutException(
- _("Wait for load balancer ran for {timeout} seconds and "
- "did not observe {lb_id} reach {provisioning_status} "
- "provisioning status and {operating_status} "
- "operating status.").format(
- timeout=timeout,
- lb_id=load_balancer_id,
- provisioning_status=provisioning_status,
- operating_status=operating_status))
- return lb
-
-
-def get_client(client_mgr):
- """create a lbaas load-balancers client from manager or networks_client
-
- For itempest user:
- from itempest import load_our_solar_system as osn
- from vmware_nsx_tempest.services.lbaas import load_balancers_client
- lbaas_client = load_balancers_client.get_client(osn.adm.manager)
- For tempest user:
- lbaas_client = load_balancers_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = LoadBalancersClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/lbaas/members_client.py b/vmware_nsx_tempest/services/lbaas/members_client.py
deleted file mode 100644
index 4c61d056d3..0000000000
--- a/vmware_nsx_tempest/services/lbaas/members_client.py
+++ /dev/null
@@ -1,70 +0,0 @@
-# Copyright 2014 Rackspace US Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class MembersClient(base.BaseNetworkClient):
- resource = 'member'
- resource_plural = 'members'
- path = 'lbaas/members'
- resource_base_path = '/lbaas/pools/%s/members'
- resource_object_path = '/lbaas/pools/%s/members/%s'
-
- def create_member(self, pool_id, **kwargs):
- uri = self.resource_base_path % pool_id
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_member(self, pool_id, member_id, **kwargs):
- uri = self.resource_object_path % (pool_id, member_id)
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_member(self, pool_id, member_id, **fields):
- uri = self.resource_object_path % (pool_id, member_id)
- return self.show_resource(uri, **fields)
-
- def delete_member(self, pool_id, member_id):
- uri = self.resource_object_path % (pool_id, member_id)
- return self.delete_resource(uri)
-
- def list_members(self, pool_id, **filters):
- uri = self.resource_base_path % pool_id
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr):
- """create a lbaas members client from manager or networks_client
-
- For itempest user:
- from itempest import load_our_solar_system as osn
- from vmware_nsx_tempest.services.lbaas import members_client
- members_client = members_client.get_client(osn.adm.manager)
- For tempest user:
- members_client = members_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = MembersClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/lbaas/pools_client.py b/vmware_nsx_tempest/services/lbaas/pools_client.py
deleted file mode 100644
index 6a83eab7d5..0000000000
--- a/vmware_nsx_tempest/services/lbaas/pools_client.py
+++ /dev/null
@@ -1,70 +0,0 @@
-# Copyright 2014 Rackspace US Inc. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class PoolsClient(base.BaseNetworkClient):
- resource = 'pool'
- resource_plural = 'pools'
- path = 'lbaas/pools'
- resource_base_path = '/%s' % path
- resource_object_path = '/%s/%%s' % path
-
- def create_pool(self, **kwargs):
- uri = self.resource_base_path
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_pool(self, pool_id, **kwargs):
- uri = self.resource_object_path % pool_id
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_pool(self, pool_id, **fields):
- uri = self.resource_object_path % pool_id
- return self.show_resource(uri, **fields)
-
- def delete_pool(self, pool_id):
- uri = self.resource_object_path % pool_id
- return self.delete_resource(uri)
-
- def list_pools(self, **filters):
- uri = self.resource_base_path
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr):
- """create a lbaas pools client from manager or networks_client
-
- For itempest user:
- from itempest import load_our_solar_system as osn
- from vmware_nsx_tempest.services.lbaas import pools_client
- pools_client = pools_client.get_client(osn.adm.manager)
- For tempest user:
- pools_client = pools_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = PoolsClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/load_balancer_v1_client.py b/vmware_nsx_tempest/services/load_balancer_v1_client.py
deleted file mode 100644
index 89e8724332..0000000000
--- a/vmware_nsx_tempest/services/load_balancer_v1_client.py
+++ /dev/null
@@ -1,320 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import time
-
-from tempest.lib.common.utils import misc as misc_utils
-from tempest.lib import exceptions as lib_exc
-
-from tempest import exceptions
-from vmware_nsx_tempest._i18n import _
-from vmware_nsx_tempest.services import network_client_base as base
-
-POOL_RID = 'pools'
-VIP_RID = 'vips'
-HEALTHMONITOR_RID = 'health_monitors'
-MEMBER_RID = 'members'
-
-
-class LoadBalancerV1Client(base.BaseNetworkClient):
-
- def _list_lb(self, lb_resource, **filters):
- resource_name_s, resource_name_p = _g_resource_namelist(lb_resource)
- req_uri = '/lb/%s' % (resource_name_p)
- return self.list_resources(req_uri, **filters)
-
- def _show_lb(self, lb_resource, resource_id, **fields):
- resource_name_s, resource_name_p = _g_resource_namelist(lb_resource)
- req_uri = '/lb/%s/%s' % (resource_name_p, resource_id)
- return self.show_resource(req_uri, **fields)
-
- def _delete_lb(self, lb_resource, resource_id):
- resource_name_s, resource_name_p = _g_resource_namelist(lb_resource)
- req_uri = '/lb/%s/%s' % (resource_name_p, resource_id)
- return self.delete_resource(req_uri)
-
- def _create_lb(self, lb_resource, **kwargs):
- resource_name_s, resource_name_p = _g_resource_namelist(lb_resource)
- req_uri = '/lb/%s' % (resource_name_p)
- post_body = {resource_name_s: kwargs}
- return self.create_resource(req_uri, post_body)
-
- def _update_lb(self, lb_resource, resource_id, **kwargs):
- resource_name_s, resource_name_p = _g_resource_namelist(lb_resource)
- req_uri = '/lb/%s/%s' % (resource_name_p, resource_id)
- post_body = {resource_name_s: kwargs}
- return self.update_resource(req_uri, post_body)
-
- def show_agent_hosting_pool(self, pool_id):
- """Get loadbalancer agent hosting a pool."""
- req_uri = "/lb/pools/%s/loadbalancer-agent" % (pool_id)
- return self.show_resource(req_uri)
-
- def associate_health_monitor_with_pool(self, health_monitor_id, pool_id):
- """Create a mapping between a health monitor and a pool."""
- post_body = {'health_monitor': {'id': health_monitor_id}}
- req_uri = '/lb/pools/%s/%s' % (pool_id, HEALTHMONITOR_RID)
- return self.create_resource(req_uri, post_body)
-
- def create_health_monitor(self, **kwargs):
- """Create a health monitor."""
- create_kwargs = dict(
- type=kwargs.pop('type', 'TCP'),
- max_retries=kwargs.pop('nax_retries', 3),
- timeout=kwargs.pop('timeout', 1),
- delay=kwargs.pop('delay', 4),
- )
- create_kwargs.update(**kwargs)
- return self._create_lb(HEALTHMONITOR_RID, **create_kwargs)
-
- def delete_health_monitor(self, health_monitor_id):
- """Delete a given health monitor."""
- return self._delete_lb(HEALTHMONITOR_RID, health_monitor_id)
-
- def disassociate_health_monitor_with_pool(self, health_monitor_id,
- pool_id):
- """Remove a mapping from a health monitor to a pool."""
- req_uri = ('/lb/pools/%s/%s/%s'
- % (pool_id, HEALTHMONITOR_RID, health_monitor_id))
- return self.delete_resource(req_uri)
-
- def list_health_monitors(self, **filters):
- """List health monitors that belong to a given tenant."""
- return self._list_lb(HEALTHMONITOR_RID, **filters)
-
- def show_health_monitor(self, health_monitor_id):
- """Show information of a given health monitor."""
- return self._show_lb(HEALTHMONITOR_RID, health_monitor_id)
-
- def update_health_monitor(self, health_monitor_id,
- show_then_update=False, **kwargs):
- """Update a given health monitor."""
- body = (self.show_health_monitor(health_monitor_id)['health_monitor']
- if show_then_update else {})
- body.update(**kwargs)
- return self._update_lb(HEALTHMONITOR_RID,
- health_monitor_id, **body)
-
- # tempest create_member(self,protocol_port, pool, ip_version)
- # we use pool_id
- def create_member(self, protocol_port, pool_id,
- ip_version=4, **kwargs):
- """Create a member."""
- create_kwargs = dict(
- protocol_port=protocol_port,
- pool_id=pool_id,
- address=("fd00:abcd" if ip_version == 6 else "10.0.9.46"),
- )
- create_kwargs.update(**kwargs)
- return self._create_lb(MEMBER_RID, **create_kwargs)
-
- def delete_member(self, member_id):
- """Delete a given member."""
- return self._delete_lb(MEMBER_RID, member_id)
-
- def list_members(self, **filters):
- """List members that belong to a given tenant."""
- return self._list_lb(MEMBER_RID, **filters)
-
- def show_member(self, member_id):
- """Show information of a given member."""
- return self._show_lb(MEMBER_RID, member_id)
-
- def update_member(self, member_id,
- show_then_update=False, **kwargs):
- """Update a given member."""
- body = (self.show_member(member_id)['member']
- if show_then_update else {})
- body.update(**kwargs)
- return self._update_lb(MEMBER_RID, member_id, **body)
-
- def create_pool(self, name, lb_method, protocol, subnet_id,
- **kwargs):
- """Create a pool."""
- lb_method = lb_method or 'ROUND_ROBIN'
- protocol = protocol or 'HTTP'
- create_kwargs = dict(
- name=name, lb_method=lb_method,
- protocol=protocol, subnet_id=subnet_id,
- )
- create_kwargs.update(kwargs)
- return self._create_lb(POOL_RID, **create_kwargs)
-
- def delete_pool(self, pool_id):
- """Delete a given pool."""
- return self._delete_lb(POOL_RID, pool_id)
-
- def list_pools(self, **filters):
- """List pools that belong to a given tenant."""
- return self._list_lb(POOL_RID, **filters)
-
- def list_lb_pool_stats(self, pool_id, **filters):
- """Retrieve stats for a given pool."""
- req_uri = '/lb/pools/%s/stats' % (pool_id)
- return self.list_resources(req_uri, **filters)
-
- def list_pool_on_agents(self, **filters):
- """List the pools on a loadbalancer agent."""
- pass
-
- def show_pool(self, pool_id):
- """Show information of a given pool."""
- return self._show_lb(POOL_RID, pool_id)
-
- def update_pool(self, pool_id, show_then_update=False, **kwargs):
- """Update a given pool."""
- body = (self.show_pool(pool_id)['pool']
- if show_then_update else {})
- body.update(**kwargs)
- return self._update_lb(POOL_RID, pool_id, **body)
-
- def create_vip(self, pool_id, **kwargs):
- """Create a vip."""
- create_kwargs = dict(
- pool_id=pool_id,
- protocol=kwargs.pop('protocol', 'HTTP'),
- protocol_port=kwargs.pop('protocol_port', 80),
- name=kwargs.pop('name', None),
- address=kwargs.pop('address', None),
- )
- for k in create_kwargs.keys():
- if create_kwargs[k] is None:
- create_kwargs.pop(k)
- create_kwargs.update(**kwargs)
- # subnet_id needed to create vip
- return self._create_lb(VIP_RID, **create_kwargs)
-
- def delete_vip(self, vip_id):
- """Delete a given vip."""
- return self._delete_lb(VIP_RID, vip_id)
-
- def list_vips(self, **filters):
- """List vips that belong to a given tenant."""
- return self._list_lb(VIP_RID, **filters)
-
- def show_vip(self, vip_id):
- """Show information of a given vip."""
- return self._show_lb(VIP_RID, vip_id)
-
- def update_vip(self, vip_id, show_then_update=False, **kwargs):
- """Update a given vip."""
- body = (self.show_vip(vip_id)['vip']
- if show_then_update else {})
- body.update(**kwargs)
- return self._update_lb(VIP_RID, vip_id, **body)
-
- # Following 3 methods are specifically to load-balancer V1 client.
- # They are being implemented by the pareant tempest.lib.common.rest_client
- # with different calling signatures, only id, no resoure_type. Because,
- # starting in Liberty release, each resource should have its own client.
- # Since V1 is deprecated, we are not going to change it, and
- # copy following 2 methods for V1 LB client only.
- def wait_for_resource_deletion(self, resource_type, id, client=None):
- """Waits for a resource to be deleted."""
- start_time = int(time.time())
- while True:
- if self.is_resource_deleted(resource_type, id, client=client):
- return
- if int(time.time()) - start_time >= self.build_timeout:
- raise exceptions.TimeoutException
- time.sleep(self.build_interval)
-
- def is_resource_deleted(self, resource_type, id, client=None):
- if client is None:
- client = self
- method = 'show_' + resource_type
- try:
- getattr(client, method)(id)
- except AttributeError:
- raise Exception(_("Unknown resource type %s ") % resource_type)
- except lib_exc.NotFound:
- return True
- return False
-
- def wait_for_resource_status(self, fetch, status, interval=None,
- timeout=None):
- """This has different calling signature then rest_client.
-
- @summary: Waits for a network resource to reach a status
- @param fetch: the callable to be used to query the resource status
- @type fecth: callable that takes no parameters and returns the resource
- @param status: the status that the resource has to reach
- @type status: String
- @param interval: the number of seconds to wait between each status
- query
- @type interval: Integer
- @param timeout: the maximum number of seconds to wait for the resource
- to reach the desired status
- @type timeout: Integer
- """
- if not interval:
- interval = self.build_interval
- if not timeout:
- timeout = self.build_timeout
- start_time = time.time()
-
- while time.time() - start_time <= timeout:
- resource = fetch()
- if resource['status'] == status:
- return
- time.sleep(interval)
-
- # At this point, the wait has timed out
- message = 'Resource %s' % (str(resource))
- message += ' failed to reach status %s' % status
- message += ' (current: %s)' % resource['status']
- message += ' within the required time %s' % timeout
- caller = misc_utils.find_test_caller()
- if caller:
- message = '(%s) %s' % (caller, message)
- raise exceptions.TimeoutException(message)
-
-
-def _g_resource_namelist(lb_resource):
- if lb_resource[-1] == 's':
- return (lb_resource[:-1], lb_resource)
- return (lb_resource, lb_resource + "s")
-
-
-def destroy_tenant_lb(lbv1_client):
- for o in lbv1_client.list_members():
- lbv1_client.delete_member(o['id'])
- for o in lbv1_client.list_health_monitors():
- lbv1_client.delete_health_monitor(o['id'])
- for o in lbv1_client.list_vips():
- lbv1_client.delete_vip(o['id'])
- for o in lbv1_client.list_pools():
- lbv1_client.delete_pool(o['id'])
-
-
-def get_client(client_mgr):
- """create a v1 load balancer client
-
- For itempest user:
- from itempest import load_our_solar_system as osn
- from vmware_nsx_tempest.services import load_balancer_v1_client
- lbv1 = load_balancer_v1_client.get_client(osn.adm.manager)
- For tempest user:
- lbv1 = load_balancer_v1_client.get_client(cls.os_adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = LoadBalancerV1Client(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- return client
diff --git a/vmware_nsx_tempest/services/network_client_base.py b/vmware_nsx_tempest/services/network_client_base.py
deleted file mode 100644
index 77a9f3a46f..0000000000
--- a/vmware_nsx_tempest/services/network_client_base.py
+++ /dev/null
@@ -1,52 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-from tempest import config
-from tempest.lib.services.network import base
-
-CONF = config.CONF
-
-
-# netowrk/json/base.py does not include thoese method in network_client
-class BaseNetworkClient(base.BaseNetworkClient):
- def __init__(self, auth_provider, service, region,
- endpoint_type=None, build_interval=None, build_timeout=None,
- disable_ssl_certificate_validation=None, ca_certs=None,
- trace_requests=None, **kwargs):
- dsca = disable_ssl_certificate_validation
- super(base.BaseNetworkClient, self).__init__(
- auth_provider, service, region,
- endpoint_type=endpoint_type,
- build_interval=build_interval,
- build_timeout=build_timeout,
- disable_ssl_certificate_validation=dsca,
- ca_certs=ca_certs,
- trace_requests=trace_requests)
-
-
-default_params = {
- 'disable_ssl_certificate_validation': True,
- 'ca_certs': None,
- 'trace_requests': ''}
-default_params_2 = {
- 'catalog_type': 'network',
- 'region': 'nova',
- 'endpoint_type': 'publicURL',
- 'build_timeout': 300,
- 'build_interval': 1}
-
-default_params_3 = config.service_client_config()
-
-default_params_with_timeout_values = {
- 'build_interval': CONF.network.build_interval,
- 'build_timeout': CONF.network.build_timeout
-}
-default_params_with_timeout_values.update(default_params_3)
diff --git a/vmware_nsx_tempest/services/nsx_client.py b/vmware_nsx_tempest/services/nsx_client.py
deleted file mode 100644
index 046bbf10fc..0000000000
--- a/vmware_nsx_tempest/services/nsx_client.py
+++ /dev/null
@@ -1,46 +0,0 @@
-# Copyright 2017 VMware Inc
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-from oslo_log import log as logging
-
-from vmware_nsx_tempest.services import nsxv3_client
-
-LOG = logging.getLogger(__name__)
-
-
-class NSXClient(object):
- """Base NSX REST client"""
- def __init__(self, backend, host, username, password, *args, **kwargs):
- self.backend = backend.lower()
- self.host = host
- self.username = username
- self.password = password
- if backend.lower() == "nsxv3":
- self.nsx = nsxv3_client.NSXV3Client(host, username, password)
-
- def get_firewall_section_and_rules(self, *args, **kwargs):
- if self.backend == "nsxv3":
- firewall_section = self.nsx.get_firewall_section(
- *args, **kwargs)
- firewall_section_rules = self.nsx.get_firewall_section_rules(
- firewall_section)
- return firewall_section, firewall_section_rules
- else:
- #TODO(ddoshi) define else for nsxv
- pass
-
- def get_bridge_cluster_info(self, *args, **kwargs):
- if self.backend == "nsxv3":
- return self.nsx.get_bridge_cluster_info(
- *args, **kwargs)
diff --git a/vmware_nsx_tempest/services/nsxv3_client.py b/vmware_nsx_tempest/services/nsxv3_client.py
deleted file mode 100644
index 0eea523f58..0000000000
--- a/vmware_nsx_tempest/services/nsxv3_client.py
+++ /dev/null
@@ -1,560 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import base64
-from copy import deepcopy
-import time
-
-import requests
-import six.moves.urllib.parse as urlparse
-
-from oslo_log import log as logging
-from oslo_serialization import jsonutils
-
-from vmware_nsx_tempest.common import constants
-
-requests.packages.urllib3.disable_warnings()
-
-LOG = logging.getLogger(__name__)
-
-
-class NSXV3Client(object):
- """Base NSXv3 REST client"""
- API_VERSION = "v1"
-
- def __init__(self, host, username, password, *args, **kwargs):
- self.host = host
- self.username = username
- self.password = password
- self.version = None
- self.endpoint = None
- self.content_type = "application/json"
- self.accept_type = "application/json"
- self.verify = False
- self.secure = True
- self.interface = "json"
- self.url = None
- self.headers_non_super_admin = self.__set_headers()
- self.headers = deepcopy(self.headers_non_super_admin)
- self.headers_super_admin = self.__set_headers(super_admin=True)
- self.api_version = NSXV3Client.API_VERSION
-
- def __set_endpoint(self, endpoint):
- self.endpoint = endpoint
-
- def get_endpoint(self):
- return self.endpoint
-
- def __set_content_type(self, content_type):
- self.content_type = content_type
-
- def get_content_type(self):
- return self.content_type
-
- def __set_accept_type(self, accept_type):
- self.accept_type = accept_type
-
- def get_accept_type(self):
- return self.accept_type
-
- def __set_api_version(self, api_version):
- self.api_version = api_version
-
- def get_api_version(self):
- return self.api_version
-
- def __set_url(self, api=None, secure=None, host=None, endpoint=None):
- api = self.api_version if api is None else api
- secure = self.secure if secure is None else secure
- host = self.host if host is None else host
- endpoint = self.endpoint if endpoint is None else endpoint
- http_type = 'https' if secure else 'http'
- self.url = '%s://%s/api/%s%s' % (http_type, host, api, endpoint)
-
- def get_url(self):
- return self.url
-
- def __set_headers(self, content=None, accept=None, super_admin=False):
- content_type = self.content_type if content is None else content
- accept_type = self.accept_type if accept is None else accept
- auth_cred = self.username + ":" + self.password
- auth = base64.b64encode(auth_cred)
- headers = {}
- headers['Authorization'] = "Basic %s" % auth
- headers['Content-Type'] = content_type
- headers['Accept'] = accept_type
- if super_admin:
- headers['X-Allow-Overwrite'] = 'true'
- return headers
-
- def get(self, endpoint=None, params=None, cursor=None):
- """
- Basic query method for json API request
- """
- self.__set_url(endpoint=endpoint)
- if cursor:
- op = "&" if urlparse.urlparse(self.url).query else "?"
- self.url += op + "cursor=" + cursor
- response = requests.get(self.url, headers=self.headers,
- verify=self.verify, params=params)
- return response
-
- def put(self, endpoint=None, body=None):
- """
- Basic put API method on endpoint
- """
- self.__set_url(endpoint=endpoint)
- response = requests.put(self.url, headers=self.headers,
- verify=self.verify, data=jsonutils.dumps(body))
- return response
-
- def ca_put_request(self, component, comp_id, body):
- """
- NSX-T API Put request for certificate Management
- """
- endpoint = ("/%s/%s" % (component, comp_id))
- response = self.put(endpoint=endpoint, body=body)
- return response
-
- def delete(self, endpoint=None, params=None):
- """
- Basic delete API method on endpoint
- """
- self.__set_url(endpoint=endpoint)
- response = requests.delete(self.url, headers=self.headers,
- verify=self.verify, params=params)
- return response
-
- def ca_delete_request(self, component=None, comp_id=None):
- """
- NSX-T API delete request for certificate Management
- """
- endpoint = ("/%s/%s" % (component, comp_id))
- response = self.delete(endpoint=endpoint)
- return response
-
- def delete_super_admin(self, endpoint=None, params=None):
- """
- Basic delete API method for NSX super admin on endpoint
- """
- self.__set_url(endpoint=endpoint)
- response = requests.delete(self.url, headers=self.headers_super_admin,
- verify=self.verify, params=params)
- return response
-
- def post(self, endpoint=None, body=None):
- """
- Basic post API method on endpoint
- """
- self.__set_url(endpoint=endpoint)
- response = requests.post(self.url, headers=self.headers,
- verify=self.verify,
- data=jsonutils.dumps(body))
- return response
-
- def get_logical_resources(self, endpoint):
- """
- Get logical resources based on the endpoint
-
- Getting the logical resource based on the end point. Parse the response
- for the cursor. If cursor is present, query url for multiple pages to
- get all the logical resources.
- """
- results = []
- response = self.get(endpoint=endpoint)
- res_json = response.json()
- cursor = res_json.get("cursor")
- if res_json.get("results"):
- results.extend(res_json["results"])
- while cursor:
- page = self.get(endpoint=endpoint, cursor=cursor).json()
- results.extend(page.get("results", []))
- cursor = page.get("cursor")
- return results
-
- def get_transport_zones(self):
- """
- Retrieve all transport zones
- """
- return self.get_logical_resources("/transport-zones")
-
- def get_logical_ports(self):
- """
- Retrieve all logical ports on NSX backend
- """
- return self.get_logical_resources("/logical-ports")
-
- def get_logical_port(self, os_name):
- """
- Get the logical port based on the os_name provided.
- The name of the logical port shoud match the os_name.
- Return the logical port if found, otherwise return None.
- """
- if not os_name:
- LOG.error("Name of OS port should be present "
- "in order to query backend logical port created")
- return None
- lports = self.get_logical_ports()
- return self.get_nsx_resource_by_name(lports, os_name)
-
- def get_logical_port_info(self, lport):
- """
- Retrieve attributes of a given logical port
- """
- lport_uri = "/logical-ports/%s" % lport
-
- response = self.get(endpoint=lport_uri)
- res_json = response.json()
- return res_json
-
- def get_switching_profile(self, switch_profile):
- """
- Retrieve attributes of a given nsx switching profile
- """
- sw_profile_uri = "/switching-profiles/%s" % switch_profile
- response = self.get(endpoint=sw_profile_uri)
- res_json = response.json()
- return res_json
-
- def get_os_logical_ports(self):
- """
- Retrieve all logical ports created from OpenStack
- """
- lports = self.get_logical_ports()
- return self.get_os_resources(lports)
-
- def update_logical_port_attachment(self, lports):
- """
- Update the logical port attachment
-
- In order to delete logical ports, we need to detach
- the VIF attachment on the ports first.
- """
- for p in lports:
- p['attachment'] = None
- endpoint = "/logical-ports/%s" % p['id']
- response = self.put(endpoint=endpoint, body=p)
- if response.status_code != requests.codes.ok:
- LOG.error("Failed to update lport %s", p['id'])
-
- def cleanup_os_logical_ports(self):
- """
- Delete all logical ports created by OpenStack
- """
- lports = self.get_logical_ports()
- os_lports = self.get_os_resources(lports)
- LOG.info("Number of OS Logical Ports to be deleted: %s",
- len(os_lports))
- # logical port vif detachment
- self.update_logical_port_attachment(os_lports)
- for p in os_lports:
- endpoint = '/logical-ports/%s' % p['id']
- response = self.delete(endpoint=endpoint)
- if response.status_code == requests.codes.ok:
- LOG.info("Successfully deleted logical port %s", p['id'])
- else:
- LOG.error("Failed to delete lport %(port_id)s, response "
- "code %(code)s",
- {'port_id': p['id'], 'code': response.status_code})
-
- def get_os_resources(self, resources):
- """
- Get all logical resources created by OpenStack
- """
- os_resources = [r for r in resources if 'tags' in r
- for tag in r['tags']
- if 'os-project-id' in tag.values()]
- return os_resources
-
- def get_nsx_resource_by_name(self, nsx_resources, nsx_name):
- """
- Get the NSX component created from OpenStack by name.
-
- The name should be converted from os_name to nsx_name.
- If found exact one match return it, otherwise report error.
- """
- nsx_resource = [n for n in nsx_resources if
- n['display_name'] == nsx_name]
- if len(nsx_resource) == 0:
- LOG.warning("Backend nsx resource %s NOT found!", nsx_name)
- return None
- if len(nsx_resource) > 1:
- LOG.error("More than 1 nsx resources found: %s!",
- nsx_resource)
- return None
- else:
- LOG.info("Found nsgroup: %s", nsx_resource[0])
- return nsx_resource[0]
-
- def get_logical_switches(self):
- """
- Retrieve all logical switches on NSX backend
- """
- return self.get_logical_resources("/logical-switches")
-
- def get_logical_switch_profiles(self):
- """
- Retrieve all switching profiles on NSX backend
- """
- return self.get_logical_resources("/switching-profiles")
-
- def get_switching_profiles(self):
- """
- Retrieve all switching profiles on NSX backend
- """
- return self.get_logical_resources("/switching-profiles")
-
- def get_bridge_cluster_info(self):
- """
- Get bridge cluster information.
-
- :return: returns bridge cluster id and bridge cluster name.
- """
- return self.get_logical_resources("/bridge-clusters")
-
- def get_logical_switch(self, os_name, os_uuid):
- """
- Get the logical switch based on the name and uuid provided.
-
- The name of the logical switch should follow
- _...
- Return logical switch if found, otherwise return None
- """
- if not os_name or not os_uuid:
- LOG.error("Name and uuid of OpenStack L2 network need to be "
- "present in order to query backend logical switch!")
- return None
- nsx_name = os_name + "_" + os_uuid[:5] + "..." + os_uuid[-5:]
- lswitches = self.get_logical_switches()
- return self.get_nsx_resource_by_name(lswitches, nsx_name)
-
- def get_lswitch_ports(self, ls_id):
- """
- Return all the logical ports that belong to this lswitch
- """
- lports = self.get_logical_ports()
- return [p for p in lports if p['logical_switch_id'] is ls_id]
-
- def get_firewall_sections(self):
- """
- Retrieve all firewall sections
- """
- return self.get_logical_resources("/firewall/sections")
-
- def get_firewall_section(self, os_name, os_uuid):
- """
- Get the firewall section by os_name and os_uuid
- """
- if not os_name or not os_uuid:
- LOG.error("Name and uuid of OS security group should be "
- "present in order to query backend FW section "
- "created")
- return None
- nsx_name = os_name + " - " + os_uuid
- nsx_firewall_time_counter = 0
- nsx_dfw_section = None
- # wait till timeout or till dfw section
- while nsx_firewall_time_counter < \
- constants.NSX_FIREWALL_REALIZED_TIMEOUT and \
- not nsx_dfw_section:
- nsx_firewall_time_counter += 1
- fw_sections = self.get_firewall_sections()
- nsx_dfw_section = self.get_nsx_resource_by_name(fw_sections,
- nsx_name)
- time.sleep(constants.ONE_SEC)
- return nsx_dfw_section
-
- def get_firewall_section_rules(self, fw_section):
- """
- Retrieve all fw rules for a given fw section
- """
- endpoint = "/firewall/sections/%s/rules" % fw_section['id']
- return self.get_logical_resources(endpoint)
-
- def get_firewall_section_rule(self, fw_section, os_uuid):
- """
- Get the firewall section rule based on the name
- """
- fw_rules = self.get_firewall_section_rules(fw_section)
- nsx_name = os_uuid
- return self.get_nsx_resource_by_name(fw_rules, nsx_name)
-
- def get_ns_groups(self):
- """
- Retrieve all NSGroups on NSX backend
- """
- return self.get_logical_resources("/ns-groups")
-
- def get_neutron_ns_group_id(self):
- """
- Retrieve NSGroup Id
- """
- nsx_nsgroup = self.get_ns_groups()
- for group in nsx_nsgroup:
- if group['display_name'] == 'neutron_excluded_port_nsgroup':
- nsgroup_id = group['id']
- return nsgroup_id
-
- def get_ns_group_port_members(self, ns_group_id):
- """
- Retrieve NSGroup port members
- """
- endpoint = "/ns-groups/%s/effective-logical-port-members" % ns_group_id
- response = self.get(endpoint=endpoint)
- res_json = response.json()
- return res_json
-
- def get_ns_group(self, os_name, os_uuid):
- """
- Get the NSGroup based on the name provided.
- The name of the nsgroup should follow
- -
- Return nsgroup if found, otherwise return None
- """
- if not os_name or not os_uuid:
- LOG.error("Name and uuid of OS security group should be "
- "present in order to query backend nsgroup created")
- return None
- nsx_name = os_name + " - " + os_uuid
- nsgroups = self.get_ns_groups()
- return self.get_nsx_resource_by_name(nsgroups, nsx_name)
-
- def get_logical_routers(self, tier=None):
- """
- Retrieve all the logical routers based on router type. If tier
- is None, it will return all logical routers.
- """
- if tier:
- endpoint = "/logical-routers?router_type=%s" % tier
- else:
- endpoint = "/logical-routers"
- return self.get_logical_resources(endpoint)
-
- def get_logical_router(self, os_name, os_uuid):
- """
- Get the logical router based on the os_name and os_uuid provided.
- The name of the logical router shoud follow
- _...
- Return the logical router if found, otherwise return None.
- """
- if not os_name or not os_uuid:
- LOG.error("Name and uuid of OS router should be present "
- "in order to query backend logical router created")
- return None
- nsx_name = os_name + "_" + os_uuid[:5] + "..." + os_uuid[-5:]
- lrouters = self.get_logical_routers()
- return self.get_nsx_resource_by_name(lrouters, nsx_name)
-
- def get_logical_router_ports(self, lrouter):
- """
- Get all logical ports attached to lrouter
- """
- endpoint = "/logical-router-ports?logical_router_id=%s" % lrouter['id']
- return self.get_logical_resources(endpoint)
-
- def get_logical_router_nat_rules(self, lrouter):
- """
- Get all user defined NAT rules of the specific logical router
- """
- if not lrouter:
- LOG.error("Logical router needs to be present in order "
- "to get the NAT rules")
- return None
- endpoint = "/logical-routers/%s/nat/rules" % lrouter['id']
- return self.get_logical_resources(endpoint)
-
- def get_logical_router_advertisement(self, lrouter):
- """Get logical router advertisement"""
- if not lrouter:
- LOG.error("Logical router needs to be present in order "
- "to get router advertisement!")
- return None
- endpoint = "/logical-routers/%s/routing/advertisement" % lrouter['id']
- response = self.get(endpoint)
- return response.json()
-
- def get_logical_dhcp_servers(self):
- """
- Get all logical DHCP servers on NSX backend
- """
- return self.get_logical_resources("/dhcp/servers")
-
- def get_logical_dhcp_server(self, os_name, os_uuid):
- """
- Get the logical dhcp server based on the name and uuid provided.
-
- The name of the logical dhcp server should follow
- _...
- Return logical dhcp server if found, otherwise return None
- """
- if not os_name or not os_uuid:
- LOG.error("Name and uuid of OpenStack L2 network need to be "
- "present in order to query backend logical dhcp "
- "server!")
- return None
- nsx_name = os_name + "_" + os_uuid[:5] + "..." + os_uuid[-5:]
- dhcp_servers = self.get_logical_dhcp_servers()
- return self.get_nsx_resource_by_name(dhcp_servers, nsx_name)
-
- def get_dhcp_server_static_bindings(self, dhcp_server):
- """
- Get all DHCP static bindings of a logical DHCP server
- """
- endpoint = "/dhcp/servers/%s/static-bindings" % dhcp_server
- return self.get_logical_resources(endpoint)
-
- def get_md_proxies(self):
- """
- Get md proxies.
-
- :return: returns list of md proxies information.
- """
- return self.get_logical_resources("/md-proxies")
-
- def get_nsx_certificate(self):
- """
- Get all certificates registered with backend
- """
- endpoint = "/trust-management/certificates/"
- response = self.get(endpoint)
- return response.json()
-
- def get_openstack_client_certificate(self):
- """
- Get self signed openstack client certificate
- """
- cert_response = self.get_nsx_certificate()
- for cert in cert_response['results']:
- if (cert["_create_user"] == "admin" and cert[
- "resource_type"] == "certificate_self_signed" and cert[
- "display_name"] != "NSX MP Client Certificate for Key "
- "Manager"):
- LOG.info('Client certificate created')
- return cert
- LOG.error("Client Certificate not created")
- return None
-
- def delete_md_proxy(self, uuid):
- """
- Delete md proxies.
- """
- return self.delete_logical_resources("/md-proxies/%s" % uuid)
-
- def delete_logical_resources(self, endpoint):
- """
- Delete logical resources based on the endpoint.
- """
- response = self.delete(endpoint=endpoint)
- return response.json()
diff --git a/vmware_nsx_tempest/services/nsxv_client.py b/vmware_nsx_tempest/services/nsxv_client.py
deleted file mode 100644
index 1a18eb6f3b..0000000000
--- a/vmware_nsx_tempest/services/nsxv_client.py
+++ /dev/null
@@ -1,347 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import base64
-import re
-
-from oslo_log import log as logging
-from oslo_serialization import jsonutils
-import requests
-from tempest import config
-
-import vmware_nsx_tempest.services.utils as utils
-
-requests.packages.urllib3.disable_warnings()
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-
-
-class VSMClient(object):
- """NSX-v client.
-
- The client provides the API operations on its components.
- The purpose of this rest client is to query backend components after
- issuing corresponding API calls from OpenStack. This is to make sure
- the API calls has been realized on the NSX-v backend.
- """
- API_VERSION = "2.0"
-
- def __init__(self, host, username, password, *args, **kwargs):
- self.force = True if 'force' in kwargs else False
- self.host = host
- self.username = username
- self.password = password
- self.version = None
- self.endpoint = None
- self.content_type = "application/json"
- self.accept_type = "application/json"
- self.verify = False
- self.secure = True
- self.interface = "json"
- self.url = None
- self.headers = None
- self.api_version = VSMClient.API_VERSION
- self.default_scope_id = None
-
- self.__set_headers()
- self._version = self.get_vsm_version()
-
- def __set_endpoint(self, endpoint):
- self.endpoint = endpoint
-
- def get_endpoint(self):
- return self.endpoint
-
- def __set_content_type(self, content_type):
- self.content_type = content_type
-
- def get_content_type(self):
- return self.content_type
-
- def __set_accept_type(self, accept_type):
- self.accept_type = accept_type
-
- def get_accept_type(self):
- return self.accept_type
-
- def __set_api_version(self, api_version):
- self.api_version = api_version
-
- def get_api_version(self):
- return self.api_version
-
- def __set_url(self, version=None, secure=None, host=None, endpoint=None):
- version = self.api_version if version is None else version
- secure = self.secure if secure is None else secure
- host = self.host if host is None else host
- endpoint = self.endpoint if endpoint is None else endpoint
- http_type = 'https' if secure else 'http'
- self.url = '%s://%s/api/%s%s' % (http_type, host, version, endpoint)
-
- def get_url(self):
- return self.url
-
- def __set_headers(self, content=None, accept=None):
- content_type = self.content_type if content is None else content
- accept_type = self.accept_type if accept is None else accept
- auth_cred = self.username + ":" + self.password
- auth = base64.b64encode(auth_cred)
- headers = {}
- headers['Authorization'] = "Basic %s" % auth
- headers['Content-Type'] = content_type
- headers['Accept'] = accept_type
- self.headers = headers
-
- def get(self, endpoint=None, params=None):
- """Basic query GET method for json API request."""
- self.__set_url(endpoint=endpoint)
- response = requests.get(self.url, headers=self.headers,
- verify=self.verify, params=params)
- return response
-
- def delete(self, endpoint=None, params=None):
- """Basic delete API method on endpoint."""
- self.__set_url(endpoint=endpoint)
- response = requests.delete(self.url, headers=self.headers,
- verify=self.verify, params=params)
- return response
-
- def post(self, endpoint=None, body=None):
- """Basic post API method on endpoint."""
- self.__set_url(endpoint=endpoint)
- response = requests.post(self.url, headers=self.headers,
- verify=self.verify,
- data=jsonutils.dumps(body))
- return response
-
- def get_all_vdn_scopes(self):
- """Retrieve existing network scopes"""
- self.__set_api_version('2.0')
- self.__set_endpoint("/vdn/scopes")
- response = self.get()
- return response.json()['allScopes']
-
- # return the vdn_scope_id for the priamry Transport Zone
- def get_vdn_scope_id(self):
- """Retrieve existing network scope id."""
- scopes = self.get_all_vdn_scopes()
- if len(scopes) == 0:
- return scopes[0]['objectId']
- return CONF.nsxv.vdn_scope_id
-
- def get_vdn_scope_by_id(self, scope_id):
- """Retrieve existing network scopes id"""
- self.__set_api_version('2.0')
- self.__set_endpoint("/vdn/scopes/%s" % scope_id)
- return self.get().json()
-
- def get_vdn_scope_by_name(self, name):
- """Retrieve network scope id of existing scope name:
-
- nsxv_client.get_vdn_scope_id_by_name('TZ1')
- """
- scopes = self.get_all_vdn_scopes()
- if name is None:
- for scope in scopes:
- if scope['objectId'] == CONF.nsxv.vdn_scope_id:
- return scope
- else:
- for scope in scopes:
- if scope['name'] == name:
- return scope
- return None
-
- def get_all_logical_switches(self, vdn_scope_id=None):
- lswitches = []
- self.__set_api_version('2.0')
- vdn_scope_id = vdn_scope_id or self.get_vdn_scope_id()
- endpoint = "/vdn/scopes/%s/virtualwires" % (vdn_scope_id)
- self.__set_endpoint(endpoint)
- response = self.get()
- paging_info = response.json()['dataPage']['pagingInfo']
- page_size = int(paging_info['pageSize'])
- total_count = int(paging_info['totalCount'])
- msg = ("There are total %s logical switches and page size is %s"
- % (total_count, page_size))
- LOG.debug(msg)
- pages = utils.ceil(total_count, page_size)
- LOG.debug("Total pages: %s" % pages)
- for i in range(pages):
- start_index = page_size * i
- params = {'startindex': start_index}
- response = self.get(params=params)
- lswitches += response.json()['dataPage']['data']
- return lswitches
-
- def get_logical_switch(self, name):
- """Get the logical switch based on the name.
-
- The uuid of the OpenStack L2 network. Return ls if found,
- otherwise return None.
- """
- lswitches = self.get_all_logical_switches()
- lswitch = [ls for ls in lswitches if ls['name'] == name]
- if len(lswitch) == 0:
- LOG.debug('logical switch %s NOT found!' % name)
- lswitch = None
- else:
- ls = lswitch[0]
- LOG.debug('Found lswitch: %s' % ls)
- return ls
-
- def delete_logical_switch(self, name):
- """Delete logical switch based on name.
-
- The name of the logical switch on NSX-v is the uuid
- of the openstack l2 network.
- """
- ls = self.get_logical_switch(name)
- if ls is not None:
- endpoint = '/vdn/virtualwires/%s' % ls['objectId']
- response = self.delete(endpoint=endpoint)
- if response.status_code == 200:
- LOG.debug('Successfully deleted logical switch %s' % name)
- else:
- LOG.debug('ERROR @delete ls=%s failed with response code %s' %
- (name, response.status_code))
-
- def get_all_edges(self):
- """Get all edges on NSX-v backend."""
- self.__set_api_version('4.0')
- self.__set_endpoint('/edges')
- edges = []
- response = self.get()
- paging_info = response.json()['edgePage']['pagingInfo']
- page_size = int(paging_info['pageSize'])
- total_count = int(paging_info['totalCount'])
- msg = "There are total %s edges and page size is %s" % (total_count,
- page_size)
- LOG.debug(msg)
- pages = utils.ceil(total_count, page_size)
- for i in range(pages):
- start_index = page_size * i
- params = {'startindex': start_index}
- response = self.get(params=params)
- edges += response.json()['edgePage']['data']
- return edges
-
- def get_edge_firewall_rules(self, edge_Id):
- """Get nsx-edge firewall info based on edge_id.
-
- Return firewall rules if found ,else return None.
- """
- self.__set_api_version('4.0')
- self.__set_endpoint('/edges/%s/firewall/config ' % edge_Id)
- response = self.get()
- rules = response.json()['firewallRules']['firewallRules']
- if len(rules) == 0:
- rules = None
- return rules
-
- def get_firewall(self):
- """Get all firewall on NSX-v beckend.
-
- Return firewalls if found, else return None.
- """
- self.__set_api_version('4.0')
- self.__set_endpoint('/firewall/globalroot-0/config')
- response = self.get()
- paging_info = response.json()
- if len(paging_info) == 0:
- paging_info = None
- return paging_info
-
- def get_edge(self, name):
- """Get edge based on the name, which is OpenStack router.
-
- Return edge if found, else return None.
- """
- edges = self.get_all_edges()
- edge = [e for e in edges if e['name'] == name]
- if len(edge) == 0:
- LOG.debug('Edge %s NOT found!' % name)
- edge = None
- else:
- edge = edge[0]
- LOG.debug('Found edge: %s' % edge)
- return edge
-
- def get_dhcp_edge_config(self, edge_id):
- """Get dhcp edge config.
-
- Return edge information.
- """
- self.__set_api_version('4.0')
- self.__set_endpoint('/edges/%s/dhcp/config' % edge_id)
- response = self.get()
- return response
-
- def get_excluded_vm_name_list(self):
- """Get excluded vm's list info from beckend.
-
- After disabling port security of vm port, vm will get added
- in exclude list.This method returns the list of vm's present
- in exclude list.
- Returns exclude list of vm's name.
- """
- self.__set_api_version('2.1')
- self.__set_endpoint('/app/excludelist')
- response = self.get()
- response_list = []
- exclude_list = []
- response_list = response.json()[
- 'excludeListConfigurationDto']['excludeMembers']
- exclude_list = [member['member']['name'] for member in response_list
- if member['member']['name']]
- return exclude_list
-
- def get_dhcp_edge_info(self):
- """Get dhcp edge info.
-
- Return edge if found, else return None.
- """
- edges = self.get_all_edges()
- edge_list = []
- for e in edges:
- if (not e['edgeStatus'] == 'GREY'
- and not e['state'] == 'undeployed'):
- p = re.compile(r'dhcp*')
- if (p.match(e['name'])):
- edge_list.append(e['recentJobInfo']['edgeId'])
- count = 0
- result_edge = {}
- for edge_id in edge_list:
- response = self.get_dhcp_edge_config(edge_id)
- paging_info = response.json()
- if (paging_info['staticBindings']['staticBindings']):
- result_edge[count] = paging_info
- count += 1
- else:
- LOG.debug('Host Routes are not avilable for %s ' % edge_id)
- if (count > 0):
- edge = result_edge[0]
- else:
- edge = None
- return edge
-
- def get_vsm_version(self):
- """Get the VSM client version including major, minor, patch, & build#.
-
- Build number, e.g. 6.2.0.2986609
- return: vsm version
- """
- self.__set_api_version('1.0')
- self.__set_endpoint('/appliance-management/global/info')
- response = self.get()
- json_ver = response.json()['versionInfo']
- return '.'.join([json_ver['majorVersion'], json_ver['minorVersion'],
- json_ver['patchVersion'], json_ver['buildNumber']])
diff --git a/vmware_nsx_tempest/services/openstack_network_clients.py b/vmware_nsx_tempest/services/openstack_network_clients.py
deleted file mode 100644
index 87525f6d21..0000000000
--- a/vmware_nsx_tempest/services/openstack_network_clients.py
+++ /dev/null
@@ -1,100 +0,0 @@
-# Copyright 2017 VMware, Inc.
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-from oslo_log import log
-
-from tempest.lib.services.network import base
-
-from vmware_nsx_tempest.common import constants
-
-LOG = log.getLogger(__name__)
-
-
-class L2GatewayClient(base.BaseNetworkClient):
- """
- Request resources via API for L2GatewayClient
- l2 gateway create request
- l2 gateway update request
- l2 gateway show request
- l2 gateway delete request
- l2 gateway list all request
- """
-
- def create_l2_gateway(self, **kwargs):
- uri = constants.L2_GWS_BASE_URI
- post_data = {constants.L2GW: kwargs}
- LOG.info("URI : %(uri)s, posting data : %(post_data)s",
- {"uri": uri, "post_data": post_data})
- return self.create_resource(uri, post_data)
-
- def update_l2_gateway(self, l2_gateway_id, **kwargs):
- uri = constants.L2_GWS_BASE_URI + "/" + l2_gateway_id
- post_data = {constants.L2GW: kwargs}
- constants.LOG.info(
- "URI : %(uri)s, posting data : %(post_data)s",
- {"uri": uri, "post_data": post_data})
- return self.update_resource(uri, post_data)
-
- def show_l2_gateway(self, l2_gateway_id, **fields):
- uri = constants.L2_GWS_BASE_URI + "/" + l2_gateway_id
- LOG.info("URI : %(uri)s", {"uri": uri})
- return self.show_resource(uri, **fields)
-
- def delete_l2_gateway(self, l2_gateway_id):
- uri = constants.L2_GWS_BASE_URI + "/" + l2_gateway_id
- LOG.info("URI : %(uri)s", {"uri": uri})
- return self.delete_resource(uri)
-
- def list_l2_gateways(self, **filters):
- uri = constants.L2_GWS_BASE_URI
- LOG.info("URI : %(uri)s", {"uri": uri})
- return self.list_resources(uri, **filters)
-
-
-class L2GatewayConnectionClient(base.BaseNetworkClient):
- """
- Request resources via API for L2GatewayClient
- l2 gateway connection create request
- l2 gateway connection update request
- l2 gateway connection show request
- l2 gateway connection delete request
- l2 gateway connection list all request
- """
- resource = 'l2_gateway_connection'
- resource_plural = 'l2_gateway_connections'
- path = 'l2-gateway-connections'
- resource_base_path = '/%s' % path
- resource_object_path = '/%s/%%s' % path
-
- def create_l2_gateway_connection(self, **kwargs):
- uri = self.resource_base_path
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_l2_gateway_connection(self, l2_gateway_id, **kwargs):
- uri = self.resource_object_path % l2_gateway_id
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_l2_gateway_connection(self, l2_gateway_id, **fields):
- uri = self.resource_object_path % l2_gateway_id
- return self.show_resource(uri, **fields)
-
- def delete_l2_gateway_connection(self, l2_gateway_id):
- uri = self.resource_object_path % l2_gateway_id
- return self.delete_resource(uri)
-
- def list_l2_gateway_connections(self, **filters):
- uri = self.resource_base_path
- return self.list_resources(uri, **filters)
diff --git a/vmware_nsx_tempest/services/qos/__init__.py b/vmware_nsx_tempest/services/qos/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/services/qos/bandwidth_limit_rules_client.py b/vmware_nsx_tempest/services/qos/bandwidth_limit_rules_client.py
deleted file mode 100644
index 60800339b5..0000000000
--- a/vmware_nsx_tempest/services/qos/bandwidth_limit_rules_client.py
+++ /dev/null
@@ -1,68 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class BandwidthLimitRulesClient(base.BaseNetworkClient):
- resource = 'bandwidth_limit_rule'
- resource_plural = 'bandwidth_limit_rules'
- path = 'qos/policies'
- resource_base_path = '/%s/%%s/bandwidth_limit_rules' % path
- resource_object_path = '/%s/%%s/bandwidth_limit_rules/%%s' % path
-
- def create_bandwidth_limit_rule(self, policy_id, **kwargs):
- uri = self.resource_base_path % policy_id
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_bandwidth_limit_rule(self, rule_id, policy_id, **kwargs):
- uri = self.resource_object_path % (policy_id, rule_id)
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_bandwidth_limit_rule(self, rule_id, policy_id, **fields):
- uri = self.resource_object_path % (policy_id, rule_id)
- return self.show_resource(uri, **fields)
-
- def delete_bandwidth_limit_rule(self, rule_id, policy_id):
- uri = self.resource_object_path % (policy_id, rule_id)
- return self.delete_resource(uri)
-
- def list_bandwidth_limit_rules(self, policy_id, **filters):
- uri = self.resource_base_path % policy_id
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr,
- set_property=False,
- with_name="qos_bandwidth_limit_rules_client"):
- """create a qos bandwidth limit rules client
-
- For tempest user:
- client = bandwidth_limit_rules_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = BandwidthLimitRulesClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- if set_property:
- setattr(manager, with_name, client)
- return client
diff --git a/vmware_nsx_tempest/services/qos/base_qos.py b/vmware_nsx_tempest/services/qos/base_qos.py
deleted file mode 100644
index 192cea3695..0000000000
--- a/vmware_nsx_tempest/services/qos/base_qos.py
+++ /dev/null
@@ -1,147 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from vmware_nsx_tempest.services.qos import (
- bandwidth_limit_rules_client as bandwidth_limit_rules_client)
-from vmware_nsx_tempest.services.qos import (
- dscp_marking_rules_client as dscp_marking_rules_client)
-from vmware_nsx_tempest.services.qos import (
- policies_client as policies_client)
-from vmware_nsx_tempest.services.qos import (
- rule_types_client as rule_types_client)
-
-RULE_TYPE_BANDWIDTH_LIMIT = "bandwidth_limit"
-RULE_TYPE_DSCP_MARK = "dscp_marking"
-VALID_RULE_TYPES = [RULE_TYPE_BANDWIDTH_LIMIT, RULE_TYPE_DSCP_MARK]
-QOS_POLICY_ID = 'qos_policy_id'
-
-
-class BaseQosClient(object):
- def __init__(self, manager, set_property=True):
- self.policies_client = policies_client.get_client(
- manager, set_property)
- self.bandwidths_client = (
- bandwidth_limit_rules_client.get_client(
- manager, set_property))
- self.dscps_client = dscp_marking_rules_client.get_client(
- manager, set_property)
- self.types_client = rule_types_client.get_client(manager, True)
-
- def resp_body(self, result, item):
- return result.get(item, result)
-
- def create_policy(self, name, description, shared, **kwargs):
- result = self.policies_client.create_policy(
- name=name,
- description=description,
- shared=shared,
- **kwargs
- )
- return self.resp_body(result, 'policy')
-
- def delete_policy(self, policy_id_or_name):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.policies_client.delete_policy(policy_id)
- return self.resp_body(result, 'policy')
-
- def list_policies(self, **filters):
- result = self.policies_client.list_policies(**filters)
- return self.resp_body(result, 'policies')
-
- def update_policy(self, policy_id_or_name, **kwargs):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.policies_client.update_policy(policy_id, **kwargs)
- return self.resp_body(result, 'policy')
-
- def show_policy(self, policy_id_or_name, **fields):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.policies_client.show_policy(policy_id, **fields)
- return self.resp_body(result, 'policy')
-
- def create_bandwidth_limit_rule(self, policy_id_or_name,
- max_kbps, max_burst_kbps,
- **kwargs):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.bandwidths_client.create_bandwidth_limit_rule(
- policy_id,
- max_kbps=max_kbps, max_burst_kbps=max_burst_kbps,
- **kwargs)
- return self.resp_body(result, 'bandwidth_limit_rule')
-
- def delete_bandwidth_limit_rule(self, rule_id, policy_id_or_name):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.bandwidths_client.delete_bandwidth_limit_rule(
- rule_id, policy_id)
- return self.resp_body(result, 'bandwidth_limit_rule')
-
- def update_bandwidth_limit_rule(self, rule_id, policy_id_or_name,
- **kwargs):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.bandwidths_client.update_bandwidth_limit_rule(
- rule_id, policy_id, **kwargs)
- return self.resp_body(result, 'bandwidth_limit_rule')
-
- def list_bandwidth_limit_rules(self, policy_id_or_name, **filters):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.bandwidths_client.list_bandwidth_limit_rules(
- policy_id, **filters)
- return self.resp_body(result, 'bandwidth_limit_rules')
-
- def show_bandwidth_limit_rule(self, rule_id, policy_id_or_name,
- **fields):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.bandwidths_client.show_bandwidth_limit_rule(
- rule_id, policy_id)
- return self.resp_body(result, 'bandwidth_limit_rule')
-
- def create_dscp_marking_rule(self, policy_id_or_name, dscp_mark,
- **kwargs):
- policy_id = self.get_policy_id(policy_id_or_name)
- kwargs['dscp_mark'] = dscp_mark
- result = self.dscps_client.create_dscp_marking_rule(
- policy_id, **kwargs)
- return self.resp_body(result, 'dscp_marking_rule')
-
- def delete_dscp_marking_rule(self, rule_id, policy_id_or_name):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.dscps_client.delete_dscp_marking_rule(rule_id,
- policy_id)
- return self.resp_body(result, 'dscp_marking_rule')
-
- def update_dscp_marking_rule(self, rule_id, policy_id_or_name,
- **kwargs):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.dscps_client.update_dscp_marking_rule(
- rule_id, policy_id, **kwargs)
- return self.resp_body(result, 'dscp_marking_rule')
-
- def list_dscp_marking_rules(self, policy_id_or_name, **filters):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.dscps_client.list_dscp_marking_rules(
- policy_id, **filters)
- return self.resp_body(result, 'dscp_marking_rules')
-
- def show_dscp_marking_rule(self, rule_id, policy_id_or_name, **fields):
- policy_id = self.get_policy_id(policy_id_or_name)
- result = self.dscps_client.show_dscp_marking_rule(
- rule_id, policy_id, **fields)
- return self.resp_body(result, 'dscp_marking_rule')
-
- def list_rule_types(self):
- result = self.types_client.list_rule_types()
- return self.resp_body(result, 'rule_types')
-
- def available_rule_types(self):
- return self.list_rule_types()
-
- def get_policy_id(self, policy_id_or_name):
- return self.policies_client.get_policy_id(policy_id_or_name)
diff --git a/vmware_nsx_tempest/services/qos/dscp_marking_rules_client.py b/vmware_nsx_tempest/services/qos/dscp_marking_rules_client.py
deleted file mode 100644
index cb40814d29..0000000000
--- a/vmware_nsx_tempest/services/qos/dscp_marking_rules_client.py
+++ /dev/null
@@ -1,68 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class DscpMarkingRulesClient(base.BaseNetworkClient):
- resource = 'dscp_marking_rule'
- resource_plural = 'dscp_marking_rules'
- path = 'qos/policies'
- resource_base_path = '/%s/%%s/dscp_marking_rules' % path
- resource_object_path = '/%s/%%s/dscp_marking_rules/%%s' % path
-
- def create_dscp_marking_rule(self, policy_id, **kwargs):
- uri = self.resource_base_path % policy_id
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_dscp_marking_rule(self, rule_id, policy_id, **kwargs):
- uri = self.resource_object_path % (policy_id, rule_id)
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_dscp_marking_rule(self, rule_id, policy_id, **fields):
- uri = self.resource_object_path % (policy_id, rule_id)
- return self.show_resource(uri, **fields)
-
- def delete_dscp_marking_rule(self, rule_id, policy_id):
- uri = self.resource_object_path % (policy_id, rule_id)
- return self.delete_resource(uri)
-
- def list_dscp_marking_rules(self, policy_id, **filters):
- uri = self.resource_base_path % policy_id
- return self.list_resources(uri, **filters)
-
-
-def get_client(client_mgr,
- set_property=False,
- with_name="qos_dscp_marking_rules_client"):
- """create a qos dscp marking rules client
-
- For tempest user:
- client = dscp_marking_rules_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = DscpMarkingRulesClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- if set_property:
- setattr(manager, with_name, client)
- return client
diff --git a/vmware_nsx_tempest/services/qos/policies_client.py b/vmware_nsx_tempest/services/qos/policies_client.py
deleted file mode 100644
index 63af0b5825..0000000000
--- a/vmware_nsx_tempest/services/qos/policies_client.py
+++ /dev/null
@@ -1,76 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class PoliciesClient(base.BaseNetworkClient):
- resource = 'policy'
- resource_plural = 'policies'
- path = 'qos/policies'
- resource_base_path = '/%s' % path
- resource_object_path = '/%s/%%s' % path
-
- def create_policy(self, **kwargs):
- uri = self.resource_base_path
- post_data = {self.resource: kwargs}
- return self.create_resource(uri, post_data)
-
- def update_policy(self, policy_id, **kwargs):
- uri = self.resource_object_path % policy_id
- post_data = {self.resource: kwargs}
- return self.update_resource(uri, post_data)
-
- def show_policy(self, policy_id, **fields):
- uri = self.resource_object_path % policy_id
- return self.show_resource(uri, **fields)
-
- def delete_policy(self, policy_id):
- uri = self.resource_object_path % policy_id
- return self.delete_resource(uri)
-
- def list_policies(self, **filters):
- uri = self.resource_base_path
- return self.list_resources(uri, **filters)
-
- # utility
- def get_policy_id(self, policy_id_or_name):
- policies = self.list_policies(name=policy_id_or_name)
- policy_list = policies[self.resource_plural]
- if len(policy_list) > 0:
- return policy_list[0]['id']
- return policy_id_or_name
-
-
-def get_client(client_mgr,
- set_property=False,
- with_name="qos_policies_client"):
- """create a qos policies client from manager or networks_client
-
- For tempest user:
- client = policies_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = PoliciesClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- if set_property:
- setattr(manager, with_name, client)
- return client
diff --git a/vmware_nsx_tempest/services/qos/rule_types_client.py b/vmware_nsx_tempest/services/qos/rule_types_client.py
deleted file mode 100644
index 6000a25449..0000000000
--- a/vmware_nsx_tempest/services/qos/rule_types_client.py
+++ /dev/null
@@ -1,50 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib.services.network import base
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class RuleTypesClient(base.BaseNetworkClient):
- resource = 'rule_type'
- resource_plural = 'rule_types'
- path = 'qos/rule-types'
- resource_base_path = '/%s' % path
- resource_object_path = '/%s/%%s' % path
-
- def list_rule_types(self):
- uri = self.resource_base_path
- return self.list_resources(uri)
-
-
-def get_client(client_mgr,
- set_property=False,
- with_name="qos_rule_types_client"):
- """create a qos rule_types client from manager or networks_client
-
- For tempest user:
- client = rule_types_client.get_client(osn.adm)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = RuleTypesClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- if set_property:
- setattr(manager, with_name, client)
- return client
diff --git a/vmware_nsx_tempest/services/tags_client.py b/vmware_nsx_tempest/services/tags_client.py
deleted file mode 100644
index d671199eeb..0000000000
--- a/vmware_nsx_tempest/services/tags_client.py
+++ /dev/null
@@ -1,137 +0,0 @@
-# Copyright 2016 VMware, Inc.
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_serialization import jsonutils
-
-from tempest.lib.services.network import base
-
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-
-class BaseTagsClient(base.BaseNetworkClient):
- """Why base client for tags_client:
-
- https://bugs.launchpad.net/neutron/+bug/1606659
- tag-add is a CREATE operation; then expected resp_code is 201
- however it is using http PUT operation to accomplish it.
- """
-
- def update_resource(self, uri, post_data, resp_code=None):
- """allow different response code."""
- if resp_code:
- req_uri = self.uri_prefix + uri
- req_post_data = jsonutils.dumps(post_data)
- resp, body = self.put(req_uri, req_post_data)
- body = jsonutils.loads(body)
- self.expected_success(resp_code, resp.status)
- return base.rest_client.ResponseBody(
- resp, body)
- else:
- return super(BaseTagsClient, self).update_resource(
- uri, post_data)
-
-
-class TagsClient(BaseTagsClient):
- resource_base_path = '/{resource_type}/{resource_id}/tags'
- resource_object_path = '/{resource_type}/{resource_id}/tags/{tag}'
-
- def add_tag(self, **kwargs):
- """add a tag to network resource.
-
- neutron tag-add
- --resource resource
- --resource-type network --tag TAG
- """
- uri = self.resource_object_path.format(
- **self._fix_args(**kwargs))
- # https://bugs.launchpad.net/neutron/+bug/1606659
- return self.update_resource(uri, None, 201)
-
- def remove_tag(self, **kwargs):
- """remove a tag from network resource.
-
- neutron tag-remove
- --resource resource
- --resource-type network --tag TAG
- """
- if 'all' in kwargs:
- return self.remove_all_tags(**kwargs)
- uri = self.resource_object_path.format(
- **self._fix_args(**kwargs))
- return self.delete_resource(uri)
-
- def remove_all_tags(self, **kwargs):
- """remove all tags from network resource.
-
- neutron tag-remove
- --resource resource
- --resource-type network --all
- """
- uri = self.resource_base_path.format(
- **self._fix_args(**kwargs))
- return self.delete_resource(uri)
-
- def replace_tag(self, **kwargs):
- """replace network resource's tag with list of tags.
-
- neutron tag-replace
- --resource resource
- --resource-type network --tag TAG
- """
- tag_list = kwargs.pop('tags', None)
- kwargs = self._fix_args(**kwargs)
- if 'tag' in kwargs:
- uri = self.resource_object_path.format(**kwargs)
- else:
- uri = self.resource_base_path.format(**kwargs)
- update_body = None if tag_list is None else {"tags": tag_list}
- return self.update_resource(uri, update_body)
-
- def _fix_args(self, **kwargs):
- """Fix key-value of input fields.
-
- resource can be name, to simplify the design, only ID accepted.
- """
- if 'resource' in kwargs and 'resource_id' not in kwargs:
- kwargs['resource_id'] = kwargs['resource']
- if 'resource_type' in kwargs:
- if kwargs['resource_type'][-1] != 's':
- kwargs['resource_type'] += "s"
- else:
- kwargs['resource_type'] = 'networks'
- return kwargs
-
-
-def get_client(client_mgr,
- set_property=False, with_name="tags_client"):
- """create tags_client from networks_client.
-
- Create network tags_client from manager or networks_client.
- client = tags_client.get_client(manager)
- """
- manager = getattr(client_mgr, 'manager', client_mgr)
- net_client = getattr(manager, 'networks_client')
- try:
- _params = base_client.default_params_with_timeout_values.copy()
- except Exception:
- _params = {}
- client = TagsClient(net_client.auth_provider,
- net_client.service,
- net_client.region,
- net_client.endpoint_type,
- **_params)
- if set_property:
- setattr(manager, with_name, client)
- return client
diff --git a/vmware_nsx_tempest/services/utils.py b/vmware_nsx_tempest/services/utils.py
deleted file mode 100644
index 6ec6c66cbe..0000000000
--- a/vmware_nsx_tempest/services/utils.py
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright 2015 OpenStack Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-
-def ceil(a, b):
- if b == 0:
- return 0
- div = a / b
- mod = 0 if a % b is 0 else 1
- return div + mod
diff --git a/vmware_nsx_tempest/tests/__init__.py b/vmware_nsx_tempest/tests/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/api/__init__.py b/vmware_nsx_tempest/tests/api/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/api/test_network_tags.py b/vmware_nsx_tempest/tests/api/test_network_tags.py
deleted file mode 100644
index 705b49f9e6..0000000000
--- a/vmware_nsx_tempest/tests/api/test_network_tags.py
+++ /dev/null
@@ -1,446 +0,0 @@
-# Copyright 2016 VMware, Inc.
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib import decorators
-from tempest.lib import exceptions
-from tempest import test
-
-from vmware_nsx_tempest._i18n import _
-from vmware_nsx_tempest.services import tags_client
-
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-MAX_TAG_LEN = 60
-
-
-class BaseTagsTest(base.BaseNetworkTest):
- """Base class for Tags Test."""
-
- @classmethod
- def skip_checks(cls):
- """skip tests if the tags feauture is not enabled."""
- super(BaseTagsTest, cls).skip_checks()
- if not test.is_extension_enabled('tag', 'network'):
- msg = "network tag extension not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- """setup resources."""
- super(BaseTagsTest, cls).resource_setup()
- cls.primary_mgr = cls.get_client_manager()
- cls.tags_client = tags_client.get_client(cls.primary_mgr)
-
- @classmethod
- def resource_cleanup(cls):
- """cleanup resources before handing over to framework."""
- super(BaseTagsTest, cls).resource_cleanup()
-
- @classmethod
- def list_networks(cls, **filters):
- nets = cls.networks_client.list_networks(**filters)
- return nets.get('networks')
-
- @classmethod
- def tag_add(cls, network_id, tag, resource_type='network'):
- cls.tags_client.add_tag(resource_type=resource_type,
- resource_id=network_id,
- tag=tag)
- network = cls.networks_client.show_network(network_id)
- return network.get('network')
-
- @classmethod
- def tag_remove(cls, network_id, tag, resource_type='network'):
- cls.tags_client.remove_tag(resource_type=resource_type,
- resource_id=network_id,
- tag=tag)
- network = cls.networks_client.show_network(network_id)
- return network.get('network')
-
- @classmethod
- def tag_replace(cls, network_id, tags, resource_type='network'):
- req_body = dict(resource_type=resource_type, resource_id=network_id)
- if type(tags) in (list, tuple, set):
- req_body['tags'] = tags
- else:
- req_body['tags'] = [tags]
- cls.tags_client.replace_tag(**req_body)
- network = cls.networks_client.show_network(network_id)
- return network.get('network')
-
- def network_add_tag(self, network_id, tag):
- network = self.tag_add(network_id, tag, 'network')
- self.assertIn(tag, network['tags'])
- return network
-
- def network_remove_tag(self, network_id, tag):
- network = self.tag_remove(network_id, tag, 'network')
- self.assertNotIn(tag, network['tags'])
- return network
-
- def network_replace_tags(self, network_id, tags=None):
- if tags is None:
- tags = ['a', 'ab', 'abc']
- network = self.tag_replace(network_id, tags, 'network')
- self.assertEqual(len(tags), len(network['tags']))
- for tag in tags:
- self.assertIn(tag, network['tags'])
- return network
-
-
-class NetworkTagAddTest(BaseTagsTest):
- """neutron tag-add test."""
-
- @classmethod
- def resource_setup(cls):
- """setup resources."""
- super(NetworkTagAddTest, cls).resource_setup()
- cls.net = cls.create_network()
-
- @decorators.idempotent_id('0e37a579-aff3-47ba-9f1f-3ac4482fce16')
- def test_add_tags(self):
- """neutron tag-add operations."""
- tags = ['a', 'gold', 'T' * MAX_TAG_LEN]
- network_id = self.net.get('id')
- # check we can add tag one at time
- for tag in tags:
- network = self.network_add_tag(network_id, tag)
- # and all added tags exist.
- for tag in tags:
- self.assertIn(tag, network['tags'])
-
- @decorators.idempotent_id('eb52eac3-5e79-4183-803a-a3d97ceb171d')
- @decorators.attr(type='negative')
- def test_add_tag_one_char_too_long(self):
- tag_too_long = 'a' * (MAX_TAG_LEN + 1)
- network_id = self.net.get('id')
- self.assertRaises(exceptions.BadRequest,
- self.network_add_tag,
- network_id, tag_too_long)
-
- @decorators.idempotent_id('d08f3fbe-dc6f-4f3c-b9b2-4d9957884edf')
- @decorators.attr(type='negative')
- def test_add_tag_empty_one(self):
- network_id = self.net.get('id')
- self.assertRaises(exceptions.NotFound,
- self.network_add_tag,
- network_id, '')
-
-
-class NetworkTagRemoveTest(BaseTagsTest):
- """neutron tag-remove test."""
-
- @classmethod
- def resource_setup(cls):
- """setup resources."""
- super(NetworkTagRemoveTest, cls).resource_setup()
- cls.net = cls.create_network()
-
- @decorators.idempotent_id('178fbd96-900f-4c3d-8cd1-5525f4cf2b81')
- def test_remove_tags(self):
- """neutron tag-remove operations."""
- network_id = self.net.get('id')
- tag = 'spinning-tail'
- self.network_add_tag(network_id, tag)
- self.network_remove_tag(network_id, tag)
-
- @decorators.idempotent_id('1fe5a8b2-ff5d-4250-b930-21b1a3b48055')
- @decorators.attr(type='negative')
- def test_remove_all_tags(self):
- network_id = self.net.get('id')
- self.network_replace_tags(network_id)
- req_body = dict(resource_type='network',
- resource_id=network_id, all=True)
- self.tags_client.remove_tag(**req_body)
- network = self.networks_client.show_network(network_id)['network']
- self.assertEqual(len(network['tags']), 0)
-
- @decorators.idempotent_id('591337b0-a2e6-4d72-984c-e5b6a6ec12d2')
- @decorators.attr(type='negative')
- def test_remove_not_exist_tag(self):
- """neutron tag-remove operations."""
- network_id = self.net.get('id')
- tag_not_tagged = 'talking-head'
- self.assertRaises(exceptions.NotFound,
- self.network_remove_tag,
- network_id, tag_not_tagged)
-
-
-class NetworkTagReplaceTest(BaseTagsTest):
- """neutron tag-replace test."""
-
- @classmethod
- def resource_setup(cls):
- """setup resources."""
- super(NetworkTagReplaceTest, cls).resource_setup()
- cls.net = cls.create_network()
-
- @decorators.idempotent_id('7d4fb288-2f2d-4f47-84af-be3175b057b5')
- def test_replace_tags(self):
- """neutron tag-replace operations."""
- network_id = self.net.get('id')
- tags = ['east', 'south', 'west', 'north']
- self.network_replace_tags(network_id, tags)
- new_tags = ['BIG', 'small']
- self.network_replace_tags(network_id, new_tags)
- # EQ to remove all
- empty_tags = []
- self.network_replace_tags(network_id, empty_tags)
-
- @decorators.idempotent_id('20a05e9e-0b25-4085-b89f-fd5f0c57d2fa')
- @decorators.attr(type='negative')
- def test_replace_tags_one_char_too_long(self):
- tags_too_long = ['aaa', 'z' * (MAX_TAG_LEN + 1)]
- network_id = self.net.get('id')
- self.assertRaises(exceptions.BadRequest,
- self.network_replace_tags,
- network_id, tags_too_long)
-
-
-class NetworkTagFilterTest(BaseTagsTest):
- """searching networks using tags querying params.
-
- Four query parameters are supported:
-
- Q-param Q-procedure
- ------------ -----------
- tags x_and_y
- tags-any x_or_y
- not-tags not_x_and_y
- not-tags-any not_x_or_y
- """
-
- @classmethod
- def resource_setup(cls):
- """setup default values for filtering tests."""
- super(NetworkTagFilterTest, cls).resource_setup()
- cls.a_b_c = ['a', 'ab', 'abc']
- cls.not_tagged_tags = ['talking-head', 'spinning-tail']
- cls._tags = (['east', 'gold', 'production'],
- ['west', 'silver', 'development'],
- ['north', 'brown', 'development', 'abc'],
- ['south', 'brown', 'testing', 'a'],
- ['west', 'gold', 'production', 'ab'],
- ['east', 'silver', 'testing'],
- ['north', 'gold', 'production'],
- ['south', 'silver', 'testing'])
- cls.QQ = {'router:external': False}
- cls.GG = {}
- for ix in range(0, len(cls._tags)):
- net = cls.create_network()
- tags = cls._tags[ix]
- net = cls.tag_replace(net['id'], tags=tags)
- if not (set(net['tags']) == set(cls._tags[ix])):
- raise Exception(
- _("tags[%s] are not tag-replace successfully.") % tags)
- net_id = net['id']
- cls.GG[net_id] = set(net['tags'])
-
- def check_matched_search_list(self, matched_nets, m_net_list, title):
- LOG.info(_("Expected_nets[{0}]: {1}").format(title, m_net_list))
- LOG.info(_("Number of matched_nets: {0}").format(len(matched_nets)))
- self.assertEqual(len(matched_nets), len(m_net_list))
- for net in matched_nets:
- self.assertIn(net['id'], m_net_list)
-
- @decorators.idempotent_id('9646af99-7e04-4724-ac54-4a938de764f1')
- def test_tags_only_one_network(self):
- """each tag in self.a_b_c only tag one network."""
- for tag in self.a_b_c:
- filters = {'tags': tag}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.assertEqual(len(nets), 1)
-
- @decorators.idempotent_id('5632b745-651a-444f-922d-6434e060991a')
- def test_tags_any_only_one_network(self):
- """each tag in self.a_b_c only tag one network."""
- for tag in self.a_b_c:
- filters = {'tags-any': tag}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.assertEqual(len(nets), 1)
-
- @decorators.idempotent_id('a0d8c21b-1ec0-4c6d-b5d8-72baebabde26')
- def test_tags_not_tagged(self):
- """search with tags for tags not being tagged."""
- for tag in self.not_tagged_tags:
- filters = {'tags': tag}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.assertEqual(len(nets), 0)
-
- @decorators.idempotent_id('1049eac1-028b-4664-aeb7-c7656240622d')
- def test_tags_any_not_tagged(self):
- """search with tags-any for tags not being tagged."""
- for tag in self.not_tagged_tags:
- filters = {'tags-any': tag}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.assertEqual(len(nets), 0)
-
- @decorators.idempotent_id('a9b42503-5dd1-490d-b0c6-673951cc86a1')
- def test_tags(self):
- """find networks having tags (and operation)"""
- tags = ['gold', 'production']
- m_net_list = x_and_y(tags, self.GG)
- filters = {'tags': tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list, 'tags')
-
- @decorators.idempotent_id('c38e788d-749e-401a-8bbb-26e36a7b573f')
- def test_tags_any(self):
- """find networks having tags-any (or operation)"""
- tags = ['gold', 'production']
- m_net_list = x_or_y(tags, self.GG)
- filters = {'tags-any': tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list, 'tags-any')
-
- @decorators.idempotent_id('e7bb1cea-3271-418c-bfe2-038fff6187e6')
- def test_not_tags(self):
- """find networks not having not-tags (and operation)"""
- tags = ['gold', 'production']
- m_net_list = not_x_and_y(tags, self.GG)
- filters = {'not-tags': tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list, 'not-tags')
-
- @decorators.idempotent_id('c36a1d00-c131-4297-86c1-a3fc06c61629')
- def test_not_tags_any(self):
- """find networks not having not-tags-any (or operation)"""
- tags = ['gold', 'production']
- m_net_list = not_x_or_y(tags, self.GG)
- filters = {'not-tags-any': tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list, 'not-tags-any')
-
- @decorators.idempotent_id('4345e944-6b2b-4106-a208-ce07cefe764f')
- def test_tags_any_not_tags(self):
- """find networks having tags-any and not-tags."""
- tags = ['gold', 'production']
- not_tags = ['west']
- m_net_list = not_x_and_y(not_tags, self.GG,
- x_or_y(tags, self.GG))
- filters = {'tags-any': tags, 'not-tags': not_tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list,
- 'tags-any & not-tags')
-
- @decorators.idempotent_id('0d635ba7-5c94-4a24-b7a8-d3b413d1ec83')
- @decorators.skip_because(bug="1611054")
- def test_tags_tags_any(self):
- """finding networks using tags and tags-any."""
- tags = ['production']
- tags_any = ['east', 'west']
- m_net_list = x_or_y(tags_any, self.GG,
- x_and_y(tags, self.GG))
- filters = {'tags': tags, 'tags-any': tags_any}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list,
- 'tags & tags-any')
-
- @decorators.idempotent_id('2067a8fc-2d7b-4085-a6c2-7e454f6f26f3')
- def test_tags_not_tags_any(self):
- """finding networks using tags and not-tags-any."""
- tags = ['gold', 'production']
- not_tags = ['east', 'west', 'silver']
- m_net_list = not_x_or_y(not_tags, self.GG,
- x_and_y(tags, self.GG))
- filters = {'tags': tags, 'not-tags-any': not_tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list,
- 'tags & not-tags-any')
-
- @decorators.idempotent_id('f2bbf51c-e32e-4664-a0db-59eed493c3d1')
- def test_tags_not_tags_any2(self):
- """finding networks using tags and not-tags-any."""
- tags = ['gold', 'production']
- not_tags = ['west', 'east']
- m_net_list = not_x_or_y(not_tags, self.GG,
- x_and_y(tags, self.GG))
- filters = {'tags': tags, 'not-tags-any': not_tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list,
- 'tags & not-tags-any2')
-
- @decorators.idempotent_id('7b17dfa8-f7ac-47c2-b814-35c5ed1c325b')
- def test_tags_not_tags(self):
- """finding networks using tags and not-tags."""
- tags = ['gold', 'production']
- not_tags = ['west']
- m_net_list = not_x_and_y(not_tags, self.GG,
- x_and_y(tags, self.GG))
- filters = {'tags': tags, 'not-tags': not_tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.check_matched_search_list(nets, m_net_list,
- 'tags & not-tags')
-
- @decorators.idempotent_id('f723f717-660b-4d8e-ae9f-014f0a3f812d')
- def test_tags_not_tags_itself(self):
- """"tags and not-tags itself is always an empty set."""
- tags = ['gold', 'production']
- not_x_and_y(tags, self.GG, x_and_y(tags, self.GG))
- filters = {'tags': tags, 'not-tags': tags}
- filters.update(self.QQ)
- nets = self.list_networks(**filters)
- self.assertEqual(0, len(nets))
-
-
-# search/filter methods
-# K_sets: Dict of sets
-def x_and_y(x_and_y, K_sets, on_keys=None):
- """tags=x_and_y"""
- s_xy = set(x_and_y)
- xy_s = [k for k, S in K_sets.items()
- if (on_keys is None or k in on_keys) and s_xy.issubset(S)]
- return xy_s
-
-
-def not_x_and_y(x_and_y, K_sets, on_keys=None):
- """not-tags=x_and_y"""
- s_xy = set(x_and_y)
- xy_s = [k for k, S in K_sets.items()
- if (on_keys is None or k in on_keys) and not s_xy.issubset(S)]
- return xy_s
-
-
-def x_or_y(x_or_y, K_sets, on_keys=None):
- """tags-any=x_or_y"""
- s_xy = set(x_or_y)
- xy_s = [k for k, S in K_sets.items()
- if (on_keys is None or k in on_keys) and len(S & s_xy) > 0]
- return xy_s
-
-
-def not_x_or_y(x_or_y, K_sets, on_keys=None):
- """not tags-any=x_or_y"""
- s_xy = set(x_or_y)
- xy_s = [k for k, S in K_sets.items()
- if (on_keys is None or k in on_keys) and len(S & s_xy) == 0]
- return xy_s
diff --git a/vmware_nsx_tempest/tests/api/test_qos.py b/vmware_nsx_tempest/tests/api/test_qos.py
deleted file mode 100644
index 23a763e82b..0000000000
--- a/vmware_nsx_tempest/tests/api/test_qos.py
+++ /dev/null
@@ -1,856 +0,0 @@
-# Copyright 2017 VMware, Inc.
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import testtools
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions
-from tempest import test
-
-from vmware_nsx_tempest.services.qos import base_qos
-
-CONF = config.CONF
-
-
-class BaseQosTest(base.BaseAdminNetworkTest):
- """Base class for Qos Test.
-
- 1. Setup QoS clients for admin and primary users.
- 2. Manages qos resources creation and deletion.
- 3. Manages network/port creation and deletion as network cannot be
- deleted if ports are associated which test framework won't handle.
- """
-
- @classmethod
- def skip_checks(cls):
- """skip tests if qos is not enabled."""
- super(BaseQosTest, cls).skip_checks()
- if not test.is_extension_enabled('qos', 'network'):
- msg = "q-qos extension not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- """setup resources."""
- super(BaseQosTest, cls).resource_setup()
- cls.admin_mgr = cls.get_client_manager(credential_type='admin')
- cls.primary_mgr = cls.get_client_manager()
- cls.adm_qos_client = base_qos.BaseQosClient(cls.admin_mgr)
- cls.pri_qos_client = base_qos.BaseQosClient(cls.primary_mgr)
- cls.qos_available_rule_types = (
- cls.adm_qos_client.available_rule_types())
- cls.policies_created = []
-
- @classmethod
- def resource_cleanup(cls):
- """cleanup resources before handing over to framework."""
- for network in cls.networks:
- # network cannot be deleted if its ports have policy associated.
- port_list = cls.admin_mgr.ports_client.list_ports(
- network_id=network['id'])['ports']
- for port in port_list:
- test_utils.call_and_ignore_notfound_exc(
- cls.delete_port, port['id'])
- test_utils.call_and_ignore_notfound_exc(
- cls.delete_network, network['id'])
- for policy in cls.policies_created:
- test_utils.call_and_ignore_notfound_exc(
- cls.adm_qos_client.delete_policy, policy['id'])
- super(BaseQosTest, cls).resource_cleanup()
-
- @classmethod
- def create_port(cls, network, client_mgr=None, **kwargs):
- """create port."""
- client_mgr = client_mgr if client_mgr else cls.admin_mgr
- body = client_mgr.ports_client.create_port(
- network_id=network['id'], **kwargs)
- port = body.get('port', body)
- cls.ports.append(port)
- return port
-
- @classmethod
- def update_port(cls, port_id, client_mgr=None, **kwargs):
- """update port."""
- client_mgr = client_mgr if client_mgr else cls.admin_mgr
- body = client_mgr.ports_client.update_port(
- port_id, **kwargs)
- return body.get('port', body)
-
- @classmethod
- def show_port(cls, port_id, client_mgr=None):
- """show port."""
- client_mgr = client_mgr if client_mgr else cls.admin_mgr
- body = client_mgr.ports_client.show_port(port_id)
- return body.get('port', body)
-
- @classmethod
- def delete_port(cls, port_id, client_mgr=None, **kwargs):
- """delete port."""
- client_mgr = client_mgr if client_mgr else cls.admin_mgr
- body = client_mgr.ports_client.delete_port(port_id)
- return body.get('port', body)
-
- @classmethod
- def create_network(cls, network_name=None, client_mgr=None, **kwargs):
- """create network."""
- network_name = network_name or data_utils.rand_name('qos-net')
- client_mgr = client_mgr if client_mgr else cls.admin_mgr
-
- body = client_mgr.networks_client.create_network(
- name=network_name, **kwargs)
- network = body['network']
- cls.networks.append(network)
- return network
-
- @classmethod
- def create_shared_network(cls, network_name=None, client_mgr=None,
- **kwargs):
- """create shared network."""
- return cls.create_network(network_name, client_mgr,
- shared=True, **kwargs)
-
- @classmethod
- def show_network(cls, network_id, client_mgr=None):
- """show network."""
- client_mgr = client_mgr if client_mgr else cls.admin_mgr
- network = client_mgr.networks_client.show_network(network_id)
- return network.get('network', network)
-
- @classmethod
- def update_network(cls, network_id, client_mgr=None, **kwargs):
- """update network."""
- client_mgr = client_mgr if client_mgr else cls.admin_mgr
- network = client_mgr.networks_client.update_network(
- network_id, **kwargs)
- return network.get('network', network)
-
- @classmethod
- def delete_network(cls, network_id, client_mgr=None):
- """delete network."""
- client_mgr = client_mgr if client_mgr else cls.admin_mgr
- network = client_mgr.networks_client.delete_network(network_id)
- return network.get('network', network)
-
- @classmethod
- def create_qos_policy(cls, name='test-policy',
- description='test policy desc',
- shared=False,
- qos_client=None, **kwargs):
- """create qos policy."""
- qos_client = qos_client if qos_client else cls.adm_qos_client
- policy = qos_client.create_policy(
- name=name, description=description,
- shared=shared, **kwargs)
- cls.policies_created.append(policy)
- return policy
-
- @classmethod
- def create_qos_bandwidth_limit_rule(cls, policy_id,
- qos_client=None, **kwargs):
- """create qos-bandwidth-limit-rule."""
- qos_client = qos_client if qos_client else cls.adm_qos_client
- rule = qos_client.create_bandwidth_limit_rule(policy_id, **kwargs)
- return rule
-
- @classmethod
- def create_qos_dscp_marking_rule(cls, policy_id, dscp_mark,
- qos_client=None, **kwargs):
- """create qos-dscp-marking-rule."""
- qos_client = qos_client if qos_client else cls.adm_qos_client
- rule = qos_client.create_dscp_marking_rule(
- policy_id, dscp_mark, **kwargs)
- return rule
-
-
-class QosPolicyTest(BaseQosTest):
- """QoS Policy CURD operations.
-
- test qos policies and network/port association and disassociation.
- """
-
- @decorators.idempotent_id('108fbdf7-3463-4e47-9871-d07f3dcf5bbb')
- def test_create_policy(self):
- """qos-policy-create: create policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy desc1',
- shared=False)
-
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- # Test 'show policy'
- retrieved_policy = self.adm_qos_client.show_policy(policy['id'])
- self.assertEqual('test-policy', retrieved_policy['name'])
- self.assertEqual('test policy desc1',
- retrieved_policy['description'])
- self.assertFalse(retrieved_policy['shared'])
-
- # Test 'list policies'
- policies = self.adm_qos_client.list_policies()
- policies_ids = [p['id'] for p in policies]
- self.assertIn(policy['id'], policies_ids)
-
- @decorators.idempotent_id('f8d20e92-f06d-4805-b54f-230f77715815')
- def test_list_policy_filter_by_name(self):
- """qos-policy-list --name=: list policies."""
- name1 = data_utils.rand_name('test-policy')
- name2 = name1 + "0"
- policy_name1 = self.create_qos_policy(
- name=name1, description='test policy', shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy_name1['id'])
- policy_name2 = self.create_qos_policy(
- name=name2, description='test policy', shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy_name2['id'])
- policies = self.adm_qos_client.list_policies(name=name1)
- self.assertEqual(1, len(policies))
-
- retrieved_policy = policies[0]
- self.assertEqual(name1, retrieved_policy['name'])
-
- @decorators.idempotent_id('8e88a54b-f0b2-4b7d-b061-a15d93c2c7d6')
- def test_policy_update(self):
- """qos-policy-update POLICY_ID."""
- policy = self.create_qos_policy(name='test-policy',
- description='',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- self.adm_qos_client.update_policy(policy['id'],
- description='test policy desc2',
- shared=True)
-
- retrieved_policy = self.adm_qos_client.show_policy(policy['id'])
- self.assertEqual('test policy desc2',
- retrieved_policy['description'])
- self.assertTrue(retrieved_policy['shared'])
- self.assertEmpty(retrieved_policy['rules'])
-
- @decorators.idempotent_id('1cb42653-54bd-4a9a-b888-c55e18199201')
- def test_delete_policy(self):
- """qos-policy-delete POLICY_ID."""
- policy = self.create_qos_policy(
- 'test-policy', 'desc', True)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- retrieved_policy = self.adm_qos_client.show_policy(policy['id'])
- self.assertEqual('test-policy', retrieved_policy['name'])
-
- self.adm_qos_client.delete_policy(policy['id'])
- self.assertRaises(exceptions.NotFound,
- self.adm_qos_client.show_policy, policy['id'])
-
- def _test_list_admin_rule_types(self):
- """qos-available-rule-types: available rule type from admin view."""
- self._test_list_rule_types(self.adm_qos_client)
-
- def _test_list_regular_rule_types(self):
- """qos-available-rule-types: available rule type from project view."""
- self._test_list_rule_types(self.pri_qos_client)
-
- def _test_list_rule_types(self, client):
- # List supported rule types
- # TODO(QoS): since in gate we run both ovs and linuxbridge ml2 drivers,
- # and since Linux Bridge ml2 driver does not have QoS support yet, ml2
- # plugin reports no rule types are supported. Once linuxbridge will
- # receive support for QoS, the list of expected rule types will change.
- #
- # In theory, we could make the test conditional on which ml2 drivers
- # are enabled in gate (or more specifically, on which supported qos
- # rules are claimed by core plugin), but that option doesn't seem to be
- # available thru tempest.lib framework
- expected_rule_types = []
- expected_rule_details = ['type']
-
- rule_types = client.available_rule_types()
- actual_rule_types = [rule['type'] for rule in rule_types]
-
- # TODO(akang): seems not correct
- # Verify that only required fields present in rule details
- for rule in actual_rule_types:
- self.assertEqual(tuple(rule.keys()), tuple(expected_rule_details))
-
- # Verify if expected rules are present in the actual rules list
- for rule in expected_rule_types:
- self.assertIn(rule, actual_rule_types)
-
- def _disassociate_network(self, network_id, client_mgr=None):
- self.update_network(network_id, client_mgr=client_mgr,
- qos_policy_id=None)
- updated_network = self.show_network(network_id,
- client_mgr=client_mgr)
- self.assertIsNone(updated_network['qos_policy_id'])
-
- @decorators.idempotent_id('65b9ef75-1911-406a-bbdb-ca1d68d528b0')
- def test_policy_association_with_admin_network(self):
- """admin can create network with non-shared policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_shared_network('test network',
- qos_policy_id=policy['id'])
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- retrieved_network = self.show_network(network['id'])
- self.assertEqual(
- policy['id'], retrieved_network['qos_policy_id'])
- self._disassociate_network(network['id'], self.admin_mgr)
-
- @decorators.idempotent_id('1738de5d-0476-4163-9022-5e1b548c208e')
- def test_policy_association_with_tenant_network(self):
- """project/tenant can create network with shared policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=True)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_network('test network',
- client_mgr=self.primary_mgr,
- qos_policy_id=policy['id'])
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- retrieved_network = self.show_network(network['id'],
- client_mgr=self.primary_mgr)
- self.assertEqual(
- policy['id'], retrieved_network['qos_policy_id'])
-
- self._disassociate_network(network['id'], self.primary_mgr)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('9efe63d0-836f-4cc2-b00c-468e63aa614e')
- def test_policy_association_with_network_nonexistent_policy(self):
- """Can not attach network to a nonexist policy."""
- network = self.create_network(
- 'test network',
- qos_policy_id='9efe63d0-836f-4cc2-b00c-468e63aa614e')
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- retrieved_network = self.show_network(network['id'])
- # check if network is not attached to the policy
- self.assertIsNone(retrieved_network['qos_policy_id'],
- 'Error: Network is attached to non-existent policy')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('1aa55a79-324f-47d9-a076-894a8fc2448b')
- def test_policy_association_with_network_non_shared_policy(self):
- """tenant/project can not attach network with not-shared policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_network(
- 'test network',
- qos_policy_id=policy['id'],
- client_mgr=self.primary_mgr)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- retrieved_network = self.show_network(network['id'],
- client_mgr=self.primary_mgr)
- # check if network is not attached to the policy
- self.assertIsNone(retrieved_network['qos_policy_id'],
- 'Error: Network is attached to QoS policy')
-
- @decorators.idempotent_id('10a9392c-1359-4cbb-989f-fb768e5834a8')
- def test_policy_update_association_with_admin_network(self):
- """admin can create associate non-shared policy to network."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_shared_network('test network')
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- retrieved_network = self.show_network(network['id'])
- self.assertIsNone(retrieved_network['qos_policy_id'])
-
- self.update_network(
- network['id'], qos_policy_id=policy['id'])
- retrieved_network = self.show_network(network['id'])
- self.assertEqual(
- policy['id'], retrieved_network['qos_policy_id'])
-
- self._disassociate_network(network['id'], self.admin_mgr)
-
- def _disassociate_port(self, port_id, client_mgr=None):
- client_mgr = client_mgr if client_mgr else self.admin_mgr
- self.update_port(port_id, qos_policy_id=None,
- client_mgr=client_mgr)
- updated_port = self.show_port(port_id, client_mgr=client_mgr)
- self.assertIsNone(updated_port['qos_policy_id'])
-
- @decorators.attr(type='nsxv3')
- @decorators.attr(type='negative')
- @decorators.idempotent_id('98fcd95e-84cf-4746-860e-44692e674f2e')
- def test_policy_association_with_port_shared_policy(self):
- """test port can associate shared policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=True)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_shared_network('test network')
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- port = self.create_port(network, qos_policy_id=policy['id'],
- client_mgr=self.primary_mgr)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_port, port['id'])
- retrieved_port = self.show_port(port['id'],
- client_mgr=self.primary_mgr)
- self.assertEqual(
- policy['id'], retrieved_port['qos_policy_id'])
-
- self._disassociate_port(port['id'], client_mgr=self.primary_mgr)
-
- @decorators.attr(type='negative')
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('49e02f5a-e1dd-41d5-9855-cfa37f2d195e')
- def test_policy_association_with_port_nonexistent_policy(self):
- """test port cannot be created with nonexist policy."""
- network = self.create_shared_network('test network')
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- self.assertRaises(
- exceptions.NotFound,
- self.create_port,
- network,
- qos_policy_id='49e02f5a-e1dd-41d5-9855-cfa37f2d195e')
-
- @decorators.attr(type='negative')
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('f53d961c-9fe5-4422-8b66-7add972c6031')
- def test_policy_association_with_port_non_shared_policy(self):
- """project/tenant can not associate port with non-shared policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_shared_network('test network')
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- port = self.create_port(network, qos_policy_id=policy['id'],
- client_mgr=self.primary_mgr)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_port, port['id'])
- retrieved_port = self.show_port(port['id'],
- client_mgr=self.primary_mgr)
- # check if port is not attached to the policy
- self.assertIsNone(retrieved_port['qos_policy_id'],
- 'Error:Port is attached to qos policy')
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('f8163237-fba9-4db5-9526-bad6d2343c76')
- def test_policy_update_association_with_port_shared_policy(self):
- """project/tenant can update port with shared policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=True)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_shared_network('test network')
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- port = self.create_port(network, client_mgr=self.primary_mgr)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_port, port['id'])
- retrieved_port = self.show_port(port['id'],
- client_mgr=self.primary_mgr)
- self.assertIsNone(retrieved_port['qos_policy_id'])
-
- self.update_port(port['id'], qos_policy_id=policy['id'],
- client_mgr=self.primary_mgr)
- retrieved_port = self.show_port(port['id'],
- client_mgr=self.primary_mgr)
- self.assertEqual(
- policy['id'], retrieved_port['qos_policy_id'])
-
- self._disassociate_port(port['id'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('18163237-8ba9-4db5-9525-bad6d2343c75')
- def test_delete_not_allowed_if_policy_in_use_by_network(self):
- """can not delete policy if used by network."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=True)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_shared_network(
- 'test network', qos_policy_id=policy['id'])
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- self.assertRaises(
- exceptions.Conflict,
- self.adm_qos_client.delete_policy, policy['id'])
-
- self._disassociate_network(network['id'], self.admin_mgr)
- self.adm_qos_client.delete_policy(policy['id'])
-
- @decorators.attr(type='negative')
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('24153230-84a9-4dd5-9525-bad6d2343c75')
- def test_delete_not_allowed_if_policy_in_use_by_port(self):
- """can not delete policy if used by port."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=True)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- network = self.create_shared_network('test network')
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, network['id'])
- port = self.create_port(network, qos_policy_id=policy['id'],
- client_mgr=self.primary_mgr)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_port, port['id'])
- self.assertRaises(
- exceptions.Conflict,
- self.adm_qos_client.delete_policy, policy['id'])
-
- self._disassociate_port(port['id'], client_mgr=self.primary_mgr)
- self.adm_qos_client.delete_policy(policy['id'])
-
- @decorators.idempotent_id('a2a5849b-dd06-4b18-9664-0b6828a1fc27')
- def test_qos_policy_delete_with_rules(self):
- """Policy with rules attached can be deleted."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- self.adm_qos_client.create_bandwidth_limit_rule(
- policy['id'], 200, 1337)
-
- self.adm_qos_client.delete_policy(policy['id'])
-
- with testtools.ExpectedException(exceptions.NotFound):
- self.adm_qos_client.show_policy(policy['id'])
-
-
-class QosBandwidthLimitRuleTest(BaseQosTest):
- """QoS Bandwidth limit rule CURD operations."""
-
- @decorators.idempotent_id('8a59b00b-3e9c-4787-92f8-93a5cdf5e378')
- def test_rule_create(self):
- """qos-bandwidth-limit-rule-create POLICY_ID."""
- qos_client = self.adm_qos_client
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- rule = self.create_qos_bandwidth_limit_rule(
- policy_id=policy['id'], max_kbps=200, max_burst_kbps=1337)
-
- # Test 'show rule'
- retrieved_rule = qos_client.show_bandwidth_limit_rule(
- rule['id'], policy['id'])
- self.assertEqual(rule['id'], retrieved_rule['id'])
- self.assertEqual(200, retrieved_rule['max_kbps'])
- self.assertEqual(1337, retrieved_rule['max_burst_kbps'])
-
- # Test 'list rules'
- rules = qos_client.list_bandwidth_limit_rules(policy['id'])
- rules_ids = [r['id'] for r in rules]
- self.assertIn(rule['id'], rules_ids)
-
- # Test 'show policy'
- retrieved_policy = qos_client.show_policy(policy['id'])
- policy_rules = retrieved_policy['rules']
- self.assertEqual(1, len(policy_rules))
- self.assertEqual(rule['id'], policy_rules[0]['id'])
- self.assertEqual(base_qos.RULE_TYPE_BANDWIDTH_LIMIT,
- policy_rules[0]['type'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('8a59b00b-ab01-4787-92f8-93a5cdf5e378')
- def test_rule_create_fail_for_the_same_type(self):
- """One bandwidth limit rule per policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- self.create_qos_bandwidth_limit_rule(
- policy_id=policy['id'], max_kbps=200, max_burst_kbps=1337)
-
- self.assertRaises(exceptions.Conflict,
- self.create_qos_bandwidth_limit_rule,
- policy_id=policy['id'],
- max_kbps=201, max_burst_kbps=1338)
-
- @decorators.idempotent_id('149a6988-2568-47d2-931e-2dbc858943b3')
- def test_rule_update(self):
- """qos-bandwidth-limit-rule-update RULE-ID POLICY_ID."""
- qos_client = self.adm_qos_client
- max_kbps = 200
- max_burst_kbps = 1337
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- rule = self.create_qos_bandwidth_limit_rule(
- policy_id=policy['id'], max_kbps=1, max_burst_kbps=1)
-
- qos_client.update_bandwidth_limit_rule(
- rule['id'], policy['id'],
- max_kbps=max_kbps, max_burst_kbps=max_burst_kbps)
-
- retrieved_rule = qos_client.show_bandwidth_limit_rule(
- rule['id'], policy['id'])
- self.assertEqual(max_kbps, retrieved_rule['max_kbps'])
- self.assertEqual(max_burst_kbps, retrieved_rule['max_burst_kbps'])
-
- @decorators.idempotent_id('67ee6efd-7b33-4a68-927d-275b4f8ba958')
- def test_rule_delete(self):
- """qos-bandwidth-limit-rule-delete RULE-ID POLICY_ID."""
- qos_client = self.adm_qos_client
- max_kbps = 200
- max_burst_kbps = 1337
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- rule = self.create_qos_bandwidth_limit_rule(
- policy['id'],
- max_kbps=max_kbps, max_burst_kbps=max_burst_kbps)
-
- retrieved_rule = qos_client.show_bandwidth_limit_rule(
- rule['id'], policy['id'])
- self.assertEqual(rule['id'], retrieved_rule['id'])
-
- qos_client.delete_bandwidth_limit_rule(
- rule['id'], policy['id'])
- self.assertRaises(exceptions.NotFound,
- qos_client.show_bandwidth_limit_rule,
- rule['id'], policy['id'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('f211222c-5808-46cb-a961-983bbab6b852')
- def test_rule_create_rule_nonexistent_policy(self):
- """Cannot create rule with nonexist policy."""
- self.assertRaises(
- exceptions.NotFound,
- self.create_qos_bandwidth_limit_rule,
- 'policy', max_kbps=200, max_burst_kbps=1337)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('eed8e2a6-22da-421b-89b9-935a2c1a1b50')
- def test_policy_create_forbidden_for_regular_tenants(self):
- """project/tenant cannot create policy."""
- self.assertRaises(
- exceptions.Forbidden,
- self.create_qos_policy,
- 'test-policy', 'test policy', False,
- qos_client=self.pri_qos_client)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('a4a2e7ad-786f-4927-a85a-e545a93bd274')
- def test_rule_create_forbidden_for_regular_tenants(self):
- """project/tenant cannot create rule."""
- self.assertRaises(
- exceptions.Forbidden,
- self.create_qos_bandwidth_limit_rule,
- 'policy', max_kbps=1, max_burst_kbps=2,
- qos_client=self.pri_qos_client)
-
- @decorators.idempotent_id('ce0bd0c2-54d9-4e29-85f1-cfb36ac3ebe2')
- def test_get_rules_by_policy(self):
- """qos-bandwidth-limit-rule-list POLICY_ID."""
- policy1 = self.create_qos_policy(name='test-policy1',
- description='test policy1',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy1['id'])
- rule1 = self.create_qos_bandwidth_limit_rule(
- policy_id=policy1['id'], max_kbps=200, max_burst_kbps=1337)
-
- policy2 = self.create_qos_policy(name='test-policy2',
- description='test policy2',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy2['id'])
- rule2 = self.create_qos_bandwidth_limit_rule(
- policy_id=policy2['id'], max_kbps=5000, max_burst_kbps=2523)
-
- # Test 'list rules'
- rules = self.adm_qos_client.list_bandwidth_limit_rules(policy1['id'])
- rules_ids = [r['id'] for r in rules]
- self.assertIn(rule1['id'], rules_ids)
- self.assertNotIn(rule2['id'], rules_ids)
-
-
-class QosDscpMarkingRuleTest(BaseQosTest):
- """QoS Dscp Marking Rule CRUD operation."""
-
- VALID_DSCP_MARK1 = 56
- VALID_DSCP_MARK2 = 48
-
- @decorators.idempotent_id('8a59b40b-3e9c-4787-92f8-93a5cdf5e378')
- def test_rule_create(self):
- """qos-dscp-marking-rule-create POLICY_ID."""
- qos_client = self.adm_qos_client
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- rule = self.create_qos_dscp_marking_rule(
- policy['id'], self.VALID_DSCP_MARK1)
-
- # Test 'show rule'
- retrieved_rule = qos_client.show_dscp_marking_rule(
- rule['id'], policy['id'])
- self.assertEqual(rule['id'], retrieved_rule['id'])
- self.assertEqual(self.VALID_DSCP_MARK1, retrieved_rule['dscp_mark'])
-
- # Test 'list rules'
- rules = qos_client.list_dscp_marking_rules(policy['id'])
- rules_ids = [r['id'] for r in rules]
- self.assertIn(rule['id'], rules_ids)
-
- # Test 'show policy'
- retrieved_policy = qos_client.show_policy(policy['id'])
- policy_rules = retrieved_policy['rules']
- self.assertEqual(1, len(policy_rules))
- self.assertEqual(rule['id'], policy_rules[0]['id'])
- self.assertEqual(base_qos.RULE_TYPE_DSCP_MARK,
- policy_rules[0]['type'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('8b59b10b-ab01-4787-92f8-93a5cdf5e378')
- def test_rule_create_fail_for_the_same_type(self):
- """One dscp marking rule per policy."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- self.create_qos_dscp_marking_rule(
- policy['id'], self.VALID_DSCP_MARK1)
-
- self.assertRaises(exceptions.Conflict,
- self.create_qos_dscp_marking_rule,
- policy_id=policy['id'],
- dscp_mark=self.VALID_DSCP_MARK2)
-
- @decorators.idempotent_id('249a6988-2568-47d2-931e-2dbc858943b3')
- def test_rule_update(self):
- """qos-dscp-marking-rule-create POLICY_ID."""
- qos_client = self.adm_qos_client
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- rule = self.create_qos_dscp_marking_rule(
- policy['id'], self.VALID_DSCP_MARK1)
-
- qos_client.update_dscp_marking_rule(
- rule['id'], policy['id'], dscp_mark=self.VALID_DSCP_MARK2)
-
- retrieved_rule = qos_client.show_dscp_marking_rule(
- rule['id'], policy['id'])
- self.assertEqual(self.VALID_DSCP_MARK2, retrieved_rule['dscp_mark'])
-
- @decorators.idempotent_id('67ed6efd-7b33-4a68-927d-275b4f8ba958')
- def test_rule_delete(self):
- """qos-dscp-marking-rule-delete POLICY_ID."""
- qos_client = self.adm_qos_client
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- rule = self.create_qos_dscp_marking_rule(
- policy['id'], self.VALID_DSCP_MARK1)
-
- retrieved_rule = qos_client.show_dscp_marking_rule(
- rule['id'], policy['id'])
- self.assertEqual(rule['id'], retrieved_rule['id'])
-
- qos_client.delete_dscp_marking_rule(rule['id'], policy['id'])
- self.assertRaises(exceptions.NotFound,
- qos_client.show_dscp_marking_rule,
- rule['id'], policy['id'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('f215222c-5808-46cb-a961-983bbab6b852')
- def test_rule_create_rule_nonexistent_policy(self):
- """can not create dscp marking rule with nonexist policy."""
- self.assertRaises(
- exceptions.NotFound,
- self.create_qos_dscp_marking_rule,
- 'policy', self.VALID_DSCP_MARK1)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('a4a2e3ad-786f-4927-a85a-e545a93bd274')
- def test_rule_create_forbidden_for_regular_tenants(self):
- """project/tenant can not create dscp marking rule."""
- self.assertRaises(
- exceptions.Forbidden,
- self.create_qos_dscp_marking_rule,
- 'policy', self.VALID_DSCP_MARK1,
- qos_client=self.pri_qos_client)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('32646b08-4f05-4493-a48a-bde768a18533')
- def test_invalid_rule_create(self):
- """Can not create rule with invalid dscp_mark value."""
- policy = self.create_qos_policy(name='test-policy',
- description='test policy',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- self.assertRaises(
- exceptions.BadRequest,
- self.create_qos_dscp_marking_rule,
- policy['id'], 58)
-
- @decorators.idempotent_id('cf0bd0c2-54d9-4e29-85f1-cfb36ac3ebe2')
- def test_get_rules_by_policy(self):
- """qos-dscp-marking-rule-list POLICY_ID."""
- policy1 = self.create_qos_policy(name='test-policy1',
- description='test policy1',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy1['id'])
- rule1 = self.create_qos_dscp_marking_rule(
- policy1['id'], self.VALID_DSCP_MARK1)
-
- policy2 = self.create_qos_policy(name='test-policy2',
- description='test policy2',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy2['id'])
- rule2 = self.create_qos_dscp_marking_rule(
- policy2['id'], self.VALID_DSCP_MARK2)
-
- # Test 'list rules'
- rules = self.adm_qos_client.list_dscp_marking_rules(policy1['id'])
- rules_ids = [r['id'] for r in rules]
- self.assertIn(rule1['id'], rules_ids)
- self.assertNotIn(rule2['id'], rules_ids)
diff --git a/vmware_nsx_tempest/tests/base.py b/vmware_nsx_tempest/tests/base.py
deleted file mode 100644
index 56b1878f62..0000000000
--- a/vmware_nsx_tempest/tests/base.py
+++ /dev/null
@@ -1,23 +0,0 @@
-# -*- coding: utf-8 -*-
-
-# Copyright 2010-2011 OpenStack Foundation
-# Copyright (c) 2013 Hewlett-Packard Development Company, L.P.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib import base
-
-
-class TestCase(base.BaseTestCase):
-
- """Test case base class for all unit tests."""
diff --git a/vmware_nsx_tempest/tests/dvs/README.rst b/vmware_nsx_tempest/tests/dvs/README.rst
deleted file mode 100644
index aba7e3770f..0000000000
--- a/vmware_nsx_tempest/tests/dvs/README.rst
+++ /dev/null
@@ -1,6 +0,0 @@
-Placeholder for dvs plugin specific automated tests
-directory:
- dvs/
- api/
- scenario/
-
diff --git a/vmware_nsx_tempest/tests/dvs/__init__.py b/vmware_nsx_tempest/tests/dvs/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/dvs/api/__init__.py b/vmware_nsx_tempest/tests/dvs/api/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/dvs/api/base_dvs.py b/vmware_nsx_tempest/tests/dvs/api/base_dvs.py
deleted file mode 100644
index 949651d8b0..0000000000
--- a/vmware_nsx_tempest/tests/dvs/api/base_dvs.py
+++ /dev/null
@@ -1,157 +0,0 @@
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import netaddr
-
-from tempest.api.network import base
-from tempest import config
-from tempest import exceptions
-from tempest.lib.common.utils import data_utils
-import tempest.test
-
-CONF = config.CONF
-
-
-class BaseDvsAdminNetworkTest(base.BaseAdminNetworkTest):
-
- @classmethod
- def resource_cleanup(cls):
- for port in cls.ports:
- cls.admin_ports_client.delete_port(port['id'])
- for subnet in cls.subnets:
- cls.admin_subnets_client.delete_subnet(subnet['id'])
- for network in cls.networks:
- cls.admin_networks_client.delete_network(network['id'])
- # clean up ports, subnets and networks
- cls.ports = []
- cls.subnets = []
- cls.networks = []
-
- @classmethod
- def create_network(cls, **kwargs):
- """Wrapper utility that returns a test admin provider network."""
- network_name = (kwargs.get('net_name')
- or data_utils.rand_name('test-adm-net-'))
- net_type = kwargs.get('net_type', "flat")
- if tempest.test.is_extension_enabled('provider', 'network'):
- body = {'name': network_name}
- body.update({'provider:network_type': net_type,
- 'provider:physical_network': 'dvs'})
- if net_type == 'vlan':
- _vlanid = kwargs.get('seg_id')
- body.update({'provider:segmentation_id': _vlanid})
-
- body = cls.admin_networks_client.create_network(**body)
- network = body['network']
- cls.networks.append(network)
- return network
-
- @classmethod
- def create_subnet(cls, network):
- """Wrapper utility that returns a test subnet."""
- # The cidr and mask_bits depend on the ip version.
- if cls._ip_version == 4:
- cidr = netaddr.IPNetwork(CONF.network.project_network_cidr
- or "192.168.101.0/24")
- mask_bits = CONF.network.project_network_mask_bits or 24
- elif cls._ip_version == 6:
- cidr = netaddr.IPNetwork(CONF.network.project_network_v6_cidr)
- mask_bits = CONF.network.project_network_v6_mask_bits
- # Find a cidr that is not in use yet and create a subnet with it
- for subnet_cidr in cidr.subnet(mask_bits):
- try:
- body = cls.admin_subnets_client.create_subnet(
- network_id=network['id'],
- cidr=str(subnet_cidr),
- ip_version=cls._ip_version)
- break
- except exceptions.BadRequest as e:
- is_overlapping_cidr = 'overlaps with another subnet' in str(e)
- if not is_overlapping_cidr:
- raise
- else:
- message = 'Available CIDR for subnet creation could not be found'
- raise exceptions.BuildErrorException(message)
- subnet = body['subnet']
- cls.subnets.append(subnet)
- return subnet
-
- @classmethod
- def create_port(cls, network_id, **kwargs):
- """Wrapper utility that returns a test port."""
- body = cls.admin_ports_client.create_port(network_id=network_id,
- **kwargs)
- port = body['port']
- cls.ports.append(port)
- return port
-
- @classmethod
- def update_network(cls, network_id, client=None, **kwargs):
- net_client = client if client else cls.admin_networks_client
- return net_client.update_network(network_id, **kwargs)
-
- @classmethod
- def delete_network(cls, network_id, client=None):
- net_client = client if client else cls.admin_networks_client
- return net_client.delete_network(network_id)
-
- @classmethod
- def show_network(cls, network_id, client=None, **kwargs):
- net_client = client if client else cls.admin_networks_client
- return net_client.show_network(network_id, **kwargs)
-
- @classmethod
- def list_networks(cls, client=None, **kwargs):
- net_client = client if client else cls.admin_networks_client
- return net_client.list_networks(**kwargs)
-
- @classmethod
- def update_subnet(cls, subnet_id, client=None, **kwargs):
- net_client = client if client else cls.admin_subnets_client
- return net_client.update_subnet(subnet_id, **kwargs)
-
- @classmethod
- def delete_subnet(cls, subnet_id, client=None):
- net_client = client if client else cls.admin_subnets_client
- return net_client.delete_subnet(subnet_id)
-
- @classmethod
- def show_subnet(cls, subnet_id, client=None, **kwargs):
- net_client = client if client else cls.admin_subnets_client
- return net_client.show_subnet(subnet_id, **kwargs)
-
- @classmethod
- def list_subnets(cls, client=None, **kwargs):
- net_client = client if client else cls.admin_subnets_client
- return net_client.list_subnets(**kwargs)
-
- @classmethod
- def delete_port(cls, port_id, client=None):
- net_client = client if client else cls.admin_ports_client
- return net_client.delete_port(port_id)
-
- @classmethod
- def show_port(cls, port_id, client=None, **kwargs):
- net_client = client if client else cls.admin_ports_client
- return net_client.show_port(port_id, **kwargs)
-
- @classmethod
- def list_ports(cls, client=None, **kwargs):
- net_client = client if client else cls.admin_ports_client
- return net_client.list_ports(**kwargs)
-
- @classmethod
- def update_port(cls, port_id, client=None, **kwargs):
- net_client = client if client else cls.admin_ports_client
- return net_client.update_port(port_id, **kwargs)
diff --git a/vmware_nsx_tempest/tests/dvs/api/test_networks_admin_actions.py b/vmware_nsx_tempest/tests/dvs/api/test_networks_admin_actions.py
deleted file mode 100644
index c15e598401..0000000000
--- a/vmware_nsx_tempest/tests/dvs/api/test_networks_admin_actions.py
+++ /dev/null
@@ -1,122 +0,0 @@
-# Copyright 2014 VMware.inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import base_dvs as base
-
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-
-
-class AdminNetworksTestJSON(base.BaseDvsAdminNetworkTest):
- _interface = 'json'
-
- """
- Test admin actions for networks, subnets.
-
- create/update/delete an admin network
- create/update/delete an admin subnets
-
- """
-
- @classmethod
- def resource_setup(cls):
- super(AdminNetworksTestJSON, cls).resource_setup()
- name = data_utils.rand_name('admin-network-')
- cls.network = cls.create_network(net_name=name)
- cls.name = cls.network['name']
- cls.subnet = cls.create_subnet(cls.network)
- cls.cidr = cls.subnet['cidr']
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('1dcead1d-d773-4da1-9534-0b984ca684b3')
- def test_create_update_delete_flat_network_subnet(self):
- # Create an admin network
- name = data_utils.rand_name('admin-network-')
- network = self.create_network(net_name=name, net_type='flat')
- net_id = network['id']
- # Verify an exception thrown when updating network
- new_name = "New_network"
- # create a subnet and verify it is an admin tenant subnet
- subnet = self.create_subnet(network)
- subnet_id = subnet['id']
- self.assertEqual(network['tenant_id'], subnet['tenant_id'])
- # Verify subnet update
- new_name = "New_subnet"
- body = self.update_subnet(subnet_id, name=new_name)
- updated_subnet = body['subnet']
- self.assertEqual(updated_subnet['name'], new_name)
- # Delete subnet and network
- body = self.delete_subnet(subnet_id)
- # Remove subnet from cleanup list
- self.subnets.pop()
- body = self.delete_network(net_id)
- self.networks.pop()
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('15d3d53c-3328-401f-b8f5-3a29aee2ea3a')
- def test_create_update_delete_vlan_network_subnet(self):
- # Create an admin network
- name = data_utils.rand_name('admin-network-')
- network = self.create_network(net_name=name,
- net_type='vlan',
- seg_id=1000)
- net_id = network['id']
- # Verify an exception thrown when updating network
- new_name = "New_network"
- # create a subnet and verify it is an admin tenant subnet
- subnet = self.create_subnet(network)
- subnet_id = subnet['id']
- self.assertEqual(network['tenant_id'], subnet['tenant_id'])
- # Verify subnet update
- new_name = "New_subnet"
- body = self.update_subnet(subnet_id, name=new_name)
- updated_subnet = body['subnet']
- self.assertEqual(updated_subnet['name'], new_name)
- # Delete subnet and network
- body = self.delete_subnet(subnet_id)
- # Remove subnet from cleanup list
- self.subnets.pop()
- body = self.delete_network(net_id)
- self.networks.pop()
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('838aee5f-92f2-47b9-86c6-629a04aa6269')
- def test_show_network(self):
- # Verify the details of a network
- body = self.show_network(self.network['id'])
- network = body['network']
- for key in ['id', 'name', 'provider:network_type',
- 'provider:physical_network']:
- self.assertEqual(network[key], self.network[key])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('b86d50ef-39a7-4136-8c89-e5e534fe92aa')
- def test_list_networks(self):
- # Verify the network exists in the list of all networks
- body = self.list_networks()
- networks = [network['id'] for network in body['networks']
- if network['id'] == self.network['id']]
- self.assertNotEmpty(networks, "Created network not found in the list")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('ee3f8b79-da3f-4394-9bea-012488202257')
- def test_show_subnet(self):
- # Verify the details of a subnet
- body = self.show_subnet(self.subnet['id'])
- subnet = body['subnet']
- self.assertNotEmpty(subnet, "Subnet returned has no fields")
- for key in ['id', 'cidr']:
- self.assertIn(key, subnet)
- self.assertEqual(subnet[key], self.subnet[key])
diff --git a/vmware_nsx_tempest/tests/dvs/api/test_ports_admin_actions.py b/vmware_nsx_tempest/tests/dvs/api/test_ports_admin_actions.py
deleted file mode 100644
index ff0a7b99bd..0000000000
--- a/vmware_nsx_tempest/tests/dvs/api/test_ports_admin_actions.py
+++ /dev/null
@@ -1,98 +0,0 @@
-# Copyright 2014 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import base_dvs as base
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-
-
-class AdminPortsTestJSON(base.BaseDvsAdminNetworkTest):
- _interface = 'json'
-
- """
- Test the following operations for ports:
-
- port create
- port delete
- port list
- port show
- port update
- """
-
- @classmethod
- def resource_setup(cls):
- super(AdminPortsTestJSON, cls).resource_setup()
- name = data_utils.rand_name('admin-ports-')
- cls.network = cls.create_network(net_name=name)
- cls.port = cls.create_port(cls.network['id'])
-
- @decorators.idempotent_id('c3f751d4-e358-44b9-bfd2-3d563c4a2d04')
- def test_create_update_delete_port(self):
- # Verify port creation
- network_id = self.network['id']
- port = self.create_port(network_id)
- self.assertTrue(port['admin_state_up'])
- # Verify port update
- new_name = "New_Port"
- body = self.update_port(
- port['id'],
- name=new_name,
- admin_state_up=False)
- updated_port = body['port']
- self.assertEqual(updated_port['name'], new_name)
- self.assertFalse(updated_port['admin_state_up'])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('d3dcd23b-7d5a-4720-8d88-473fb154d609')
- def test_show_port(self):
- # Verify the details of port
- body = self.show_port(self.port['id'])
- port = body['port']
- self.assertIn('id', port)
- self.assertEqual(port['id'], self.port['id'])
- self.assertEqual(self.port['admin_state_up'], port['admin_state_up'])
- self.assertEqual(self.port['device_id'], port['device_id'])
- self.assertEqual(self.port['device_owner'], port['device_owner'])
- self.assertEqual(self.port['mac_address'], port['mac_address'])
- self.assertEqual(self.port['name'], port['name'])
- self.assertEqual(self.port['security_groups'],
- port['security_groups'])
- self.assertEqual(self.port['network_id'], port['network_id'])
- self.assertEqual(self.port['security_groups'],
- port['security_groups'])
- self.assertEqual(port['fixed_ips'], [])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('c5f74042-c512-4569-b9b9-bc2bf46e77e1')
- def test_list_ports(self):
- # Verify the port exists in the list of all ports
- body = self.list_ports()
- ports = [port['id'] for port in body['ports']
- if port['id'] == self.port['id']]
- self.assertNotEmpty(ports, "Created port not found in the list")
-
- @decorators.idempotent_id('2775f96c-a09b-49e1-a5a4-adb83a3e91c7')
- @decorators.attr(type='smoke')
- def test_list_ports_fields(self):
- # Verify specific fields of ports
- fields = ['binding:vif_type', 'id', 'mac_address']
- body = self.list_ports(fields=fields)
- ports = body['ports']
- self.assertNotEmpty(ports, "Port list returned is empty")
- # Asserting the fields returned are correct
- # Verify binding:vif_type is dvs
- for port in ports:
- self.assertEqual(sorted(fields), sorted(port.keys()))
- self.assertEqual(port.get(fields[0]), 'dvs')
diff --git a/vmware_nsx_tempest/tests/dvs/scenario/__init__.py b/vmware_nsx_tempest/tests/dvs/scenario/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/dvs/scenario/test_network_basic_ops.py b/vmware_nsx_tempest/tests/dvs/scenario/test_network_basic_ops.py
deleted file mode 100644
index b8e48cd60d..0000000000
--- a/vmware_nsx_tempest/tests/dvs/scenario/test_network_basic_ops.py
+++ /dev/null
@@ -1,193 +0,0 @@
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import netaddr
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest import exceptions
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-
-
-class TestDvsNetworkBasicOps(manager.NetworkScenarioTest):
-
- """
- This smoke test suite assumes that Nova has been configured to
- boot VM's with Neutron-managed VDS networking, and attempts to
- verify network connectivity as follows:
-
- """
- def setUp(self):
- super(TestDvsNetworkBasicOps, self).setUp()
- self._ip_version = 4
- self.keypairs = {}
- self.servers = []
- self.admin_net_client = self.admin_manager.networks_client
- self.admin_subnet_client = self.admin_manager.subnets_client
-
- def _setup_network(self):
- self.network = self._create_network()
- self.subnet = self._create_subnet(self.network)
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def _create_network(self, network_name=None):
- """Wrapper utility that returns a test admin provider network."""
- network_name = network_name or data_utils.rand_name('test-adm-net-')
- if test.is_extension_enabled('provider', 'network'):
- body = {'name': network_name}
- body.update({'provider:network_type': 'flat',
- 'provider:physical_network': 'dvs',
- 'shared': True})
- body = self.admin_net_client.create_network(**body)
- self.addCleanup(self.admin_net_client.delete_network,
- body['network']['id'])
- return body['network']
-
- def _create_subnet(self, network):
- # The cidr and mask_bits depend on the ip version.
- if self._ip_version == 4:
- cidr = netaddr.IPNetwork(CONF.network.project_network_cidr
- or "192.168.101.0/24")
- mask_bits = CONF.network.project_network_mask_bits or 24
- elif self._ip_version == 6:
- cidr = netaddr.IPNetwork(CONF.network.project_network_v6_cidr)
- mask_bits = CONF.network.project_network_v6_mask_bits
- # Find a cidr that is not in use yet and create a subnet with it
- for subnet_cidr in cidr.subnet(mask_bits):
- try:
- body = self.admin_subnet_client.create_subnet(
- network_id=network['id'],
- cidr=str(subnet_cidr),
- ip_version=self._ip_version)
- break
- except exceptions.BadRequest as e:
- is_overlapping_cidr = 'overlaps with another subnet' in str(e)
- if not is_overlapping_cidr:
- raise
- else:
- message = ('Available CIDR for subnet creation '
- 'could not be found')
- raise exceptions.BuildErrorException(message)
- return body['subnet']
-
- def _check_networks(self):
- """
- Checks that we see the newly created network/subnet via
- checking the result of list_[networks,subnets]
- """
-
- seen_nets = self.admin_manager.networks_client.list_networks()
- seen_names = [n['name'] for n in seen_nets['networks']]
- seen_ids = [n['id'] for n in seen_nets['networks']]
- self.assertIn(self.network['name'], seen_names)
- self.assertIn(self.network['id'], seen_ids)
-
- seen_subnets = self.admin_manager.subnets_client.list_subnets()
- seen_net_ids = [n['network_id'] for n in seen_subnets['subnets']]
- seen_subnet_ids = [n['id'] for n in seen_subnets['subnets']]
- self.assertIn(self.network['id'], seen_net_ids)
- self.assertIn(self.subnet['id'], seen_subnet_ids)
-
- def _create_server(self):
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- networks = [{'uuid': self.network['id']}]
-
- name = data_utils.rand_name('server-smoke')
- server = self.create_server(name=name,
- networks=networks,
- key_name=keypair['name'],
- wait_until='ACTIVE')
- self.servers.append(server)
- return server
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _check_server_connectivity(self, address_list,
- should_connect=True):
- private_key = self._get_server_key(self.servers[0])
- ip_address = address_list[0]
- ssh_source = self.get_remote_client(ip_address,
- private_key=private_key)
- for remote_ip in address_list:
- if should_connect:
- msg = "Timed out waiting for "
- "%s to become reachable" % remote_ip
- else:
- msg = "ip address %s is reachable" % remote_ip
- try:
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, remote_ip, should_connect),
- msg)
- except Exception:
- LOG.exception("Unable to access {dest} via ping to "
- "fix-ip {src}".format(dest=remote_ip,
- src=ip_address))
- raise
-
- def _check_network_internal_connectivity(self, network,
- should_connect=True):
- """
- via ssh check VM internal connectivity:
- - ping internal gateway and DHCP port, implying in-tenant connectivity
- pinging both, because L3 and DHCP agents might be on different nodes
- """
- server = self.servers[0]
- # get internal ports' ips:
- # get all network ports in the new network
- internal_ips = ([p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=server['tenant_id'],
- network_id=network['id'])
- if p['device_owner'].startswith('compute')])
-
- self._check_server_connectivity(internal_ips,
- should_connect)
-
- @decorators.attr(type='smoke')
- @test.services('compute', 'network')
- @decorators.idempotent_id('b977dce6-6527-4676-9b66-862b22058f0f')
- def test_network_basic_ops(self):
- """
- For a freshly-booted VM with an IP address ("port") on a given
- network:
-
- - the Tempest host can ping the IP address. This implies, but
- does not guarantee (see the ssh check that follows), that the
- VM has been assigned the correct IP address and has
- connectivity to the Tempest host.
-
- - the Tempest host can perform key-based authentication to an
- ssh server hosted at the IP address. This check guarantees
- that the IP address is associated with the target VM.
-
- - the Tempest host can ssh into the VM via the IP address and
- successfully execute the following:
- """
- self._setup_network()
- self._check_networks()
- self._create_server()
- self._check_network_internal_connectivity(self.network)
diff --git a/vmware_nsx_tempest/tests/nsxv/README.rst b/vmware_nsx_tempest/tests/nsxv/README.rst
deleted file mode 100644
index e1eae0bf54..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/README.rst
+++ /dev/null
@@ -1,6 +0,0 @@
-Placeholder for NSX-v plugin specific automated tests
-directory:
- nsxv/
- api/
- scenario/
- scale/
diff --git a/vmware_nsx_tempest/tests/nsxv/__init__.py b/vmware_nsx_tempest/tests/nsxv/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/nsxv/api/README.rst b/vmware_nsx_tempest/tests/nsxv/api/README.rst
deleted file mode 100644
index bc76868ad6..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/README.rst
+++ /dev/null
@@ -1 +0,0 @@
-Placeholder for nsxv neutron plugin specific API tests.
diff --git a/vmware_nsx_tempest/tests/nsxv/api/__init__.py b/vmware_nsx_tempest/tests/nsxv/api/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/nsxv/api/base_provider.py b/vmware_nsx_tempest/tests/nsxv/api/base_provider.py
deleted file mode 100644
index 05a79cf597..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/base_provider.py
+++ /dev/null
@@ -1,215 +0,0 @@
-# Copyright 2015 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import netaddr
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import exceptions
-from tempest import test
-
-CONF = config.CONF
-
-
-class BaseAdminNetworkTest(base.BaseAdminNetworkTest):
- # NOTE(akang): This class inherits from BaseAdminNetworkTest.
- # By default client is cls.client, but for provider network,
- # the client is admin_client. The test class should pass
- # client=self.admin_client, if it wants to create provider
- # network/subnet.
-
- @classmethod
- def skip_checks(cls):
- super(BaseAdminNetworkTest, cls).skip_checks()
- if not test.is_extension_enabled('provider', 'network'):
- msg = "Network Provider Extension not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(BaseAdminNetworkTest, cls).resource_setup()
- cls.admin_netwk_info = []
- cls.admin_port_info = []
-
- @classmethod
- def resource_cleanup(cls):
- if CONF.service_available.neutron:
- for netwk_info in cls.admin_netwk_info:
- net_client, network = netwk_info
- try:
- test_utils.call_and_ignore_notfound_exc(
- net_client.delete_network, network['id'])
- except Exception:
- pass
- for port_info in cls.admin_port_info:
- port_client, port = port_info
- try:
- test_utils.call_and_ignore_notfound_exc(
- port_client.delete_port, port['id'])
- except Exception:
- pass
- super(BaseAdminNetworkTest, cls).resource_cleanup()
-
- @classmethod
- def create_network(cls, network_name=None, client=None,
- **kwargs):
- net_client = client if client else cls.admin_networks_client
- network_name = network_name or data_utils.rand_name('ADM-network-')
- post_body = {'name': network_name}
- post_body.update(kwargs)
- body = net_client.create_network(**post_body)
- network = body['network']
- cls.admin_netwk_info.append([net_client, network])
- return body
-
- @classmethod
- def update_network(cls, network_id, client=None, **kwargs):
- net_client = client if client else cls.admin_networks_client
- return net_client.update_network(network_id, **kwargs)
-
- @classmethod
- def delete_network(cls, network_id, client=None):
- net_client = client if client else cls.admin_networks_client
- return net_client.delete_network(network_id)
-
- @classmethod
- def show_network(cls, network_id, client=None, **kwargs):
- net_client = client if client else cls.admin_networks_client
- return net_client.show_network(network_id, **kwargs)
-
- @classmethod
- def list_networks(cls, client=None, **kwargs):
- net_client = client if client else cls.admin_networks_client
- return net_client.list_networks(**kwargs)
-
- @classmethod
- def create_subnet(cls, network, client=None,
- gateway='', cidr=None, mask_bits=None,
- ip_version=None, cidr_offset=0, **kwargs):
- ip_version = (ip_version if ip_version is not None
- else cls._ip_version)
- net_client = client if client else cls.admin_subnets_client
- post_body = get_subnet_create_options(
- network['id'], ip_version,
- gateway=gateway, cidr=cidr, cidr_offset=cidr_offset,
- mask_bits=mask_bits, **kwargs)
- return net_client.create_subnet(**post_body)
-
- @classmethod
- def update_subnet(cls, subnet_id, client=None, **kwargs):
- net_client = client if client else cls.admin_subnets_client
- return net_client.update_subnet(subnet_id, **kwargs)
-
- @classmethod
- def delete_subnet(cls, subnet_id, client=None):
- net_client = client if client else cls.admin_subnets_client
- return net_client.delete_subnet(subnet_id)
-
- @classmethod
- def show_subnet(cls, subnet_id, client=None, **kwargs):
- net_client = client if client else cls.admin_subnets_client
- return net_client.show_subnet(subnet_id, **kwargs)
-
- @classmethod
- def list_subnets(cls, client=None, **kwargs):
- net_client = client if client else cls.admin_subnets_client
- return net_client.list_subnets(**kwargs)
-
- @classmethod
- def create_port(cls, network_id, port_name=None, client=None, **kwargs):
- port_client = client if client else cls.admin_ports_client
- port_name = port_name or data_utils.rand_name('ADM-port-')
- post_body = {'name': port_name,
- 'network_id': network_id}
- post_body.update(kwargs)
- body = port_client.create_port(**post_body)
- port = body['port']
- cls.admin_port_info.append([port_client, port])
- return body
-
- @classmethod
- def update_port(cls, port_id, client=None, **kwargs):
- port_client = client if client else cls.admin_ports_client
- return port_client.update_port(port_id, **kwargs)
-
- @classmethod
- def delete_port(cls, port_id, client=None):
- port_client = client if client else cls.admin_ports_client
- return port_client.delete_port(port_id)
-
- @classmethod
- def list_ports(cls, client=None, **kwargs):
- port_client = client if client else cls.admin_ports_client
- return port_client.list_ports(**kwargs)
-
- # add other create methods, i.e. security-group, port, floatingip
- # if needed.
-
-
-def get_subnet_create_options(network_id, ip_version=4,
- gateway='', cidr=None, mask_bits=None,
- num_subnet=1, gateway_offset=1, cidr_offset=0,
- **kwargs):
-
- """When cidr_offset>0 it request only one subnet-options:
-
- subnet = get_subnet_create_options('abcdefg', 4, num_subnet=4)[3]
- subnet = get_subnet_create_options('abcdefg', 4, cidr_offset=3)
- """
-
- gateway_not_set = (gateway == '')
- if ip_version == 4:
- cidr = cidr or netaddr.IPNetwork(CONF.network.project_network_cidr)
- mask_bits = mask_bits or CONF.network.project_network_mask_bits
- elif ip_version == 6:
- cidr = (
- cidr or netaddr.IPNetwork(CONF.network.project_network_v6_cidr))
- mask_bits = mask_bits or CONF.network.project_network_v6_mask_bits
- # Find a cidr that is not in use yet and create a subnet with it
- subnet_list = []
- if cidr_offset > 0:
- num_subnet = cidr_offset + 1
- for subnet_cidr in cidr.subnet(mask_bits):
- if gateway_not_set:
- gateway_ip = gateway or (
- str(netaddr.IPAddress(subnet_cidr) + gateway_offset))
- else:
- gateway_ip = gateway
- try:
- subnet_body = dict(
- network_id=network_id,
- cidr=str(subnet_cidr),
- ip_version=ip_version,
- gateway_ip=gateway_ip,
- **kwargs)
- if num_subnet <= 1:
- return subnet_body
- subnet_list.append(subnet_body)
- if len(subnet_list) >= num_subnet:
- if cidr_offset > 0:
- # user request the 'cidr_offset'th of cidr
- return subnet_list[cidr_offset]
- # user request list of cidr
- return subnet_list
- except exceptions.BadRequest as e:
- is_overlapping_cidr = 'overlaps with another subnet' in str(e)
- if not is_overlapping_cidr:
- raise
- else:
- message = 'Available CIDR for subnet creation could not be found'
- raise exceptions.BuildErrorException(message)
- return {}
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/__init__.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/base.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/base.py
deleted file mode 100644
index 7a25e328d3..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/base.py
+++ /dev/null
@@ -1,516 +0,0 @@
-# Copyright 2015 Rackspace
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# 2016-03 (akang)
-# ported from neutron-lbaas to comply to tempest framework
-# NSX-v require vip-subnet attached to exclusive router
-
-from oslo_log import log as logging
-
-from tempest.api.network import base
-from tempest import config
-from tempest import test
-
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import exceptions
-
-from vmware_nsx_tempest.services.lbaas import health_monitors_client
-from vmware_nsx_tempest.services.lbaas import l7policies_client
-from vmware_nsx_tempest.services.lbaas import l7rules_client
-from vmware_nsx_tempest.services.lbaas import listeners_client
-from vmware_nsx_tempest.services.lbaas import load_balancers_client
-from vmware_nsx_tempest.services.lbaas import members_client
-from vmware_nsx_tempest.services.lbaas import pools_client
-
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-NO_ROUTER_TYPE = CONF.nsxv.no_router_type
-L7_POLICY_ACTIONS = ('REJECT', 'REDIRECT_TO_URL', 'REDIRECT_TO_POOL')
-L7_RULE_TYPES = ('HOSTNAME', 'PATH', 'FILE_TYPE', 'HEADER', 'COOKIE')
-L7_RULE_COMPARISON_TYPES = ('REGEXP', 'STARTS_WITH', 'ENDS_WITH',
- 'CONTAINS', 'EQUAL_TO')
-
-
-class BaseTestCase(base.BaseNetworkTest):
-
- # This class picks non-admin credentials and run the tempest tests
-
- _lbs_to_delete = []
- _setup_lbaas_non_admin_resource = True
-
- @classmethod
- def skip_checks(cls):
- super(BaseTestCase, cls).skip_checks()
- if not test.is_extension_enabled('lbaasv2', 'network'):
- msg = "lbaasv2 extension not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(BaseTestCase, cls).resource_setup()
-
- if cls._setup_lbaas_non_admin_resource:
- mgr = cls.get_client_manager()
- cls.create_lbaas_clients(mgr)
- cls.setup_lbaas_core_network()
-
- @classmethod
- def create_lbaas_clients(cls, mgr):
- cls.load_balancers_client = load_balancers_client.get_client(mgr)
- cls.listeners_client = listeners_client.get_client(mgr)
- cls.pools_client = pools_client.get_client(mgr)
- cls.members_client = members_client.get_client(mgr)
- cls.health_monitors_client = health_monitors_client.get_client(mgr)
- # l7-switching clients
- cls.l7policies_client = l7policies_client.get_client(cls.manager)
- cls.l7rules_client = l7rules_client.get_client(cls.manager)
-
- @classmethod
- def setup_lbaas_core_network(cls):
- rand_number = data_utils.rand_name()
- network_name = 'lbaas-network-' + rand_number
- router_name = 'lbaas-router-' + rand_number
- cls.network = cls.create_network(network_name)
- cls.subnet = cls.create_subnet(cls.network)
- cls.tenant_id = cls.subnet.get('tenant_id')
- cls.subnet_id = cls.subnet.get('id')
- # NSX-v: load-balancer's subnet need to attach to exclusive-router
- if not CONF.nsxv.manager_uri:
- router_cfg = dict(router_name=router_name)
- else:
- router_cfg = dict(router_name=router_name, router_type='exclusive')
- if NO_ROUTER_TYPE:
- # router_type is NSX-v extension.
- router_cfg.pop('router_type', None)
- cls.router = cls.create_router(**router_cfg)
- cls.create_router_interface(cls.router['id'], cls.subnet['id'])
-
- @classmethod
- def resource_cleanup(cls):
- for lb_id in cls._lbs_to_delete:
- try:
- statuses = cls._show_load_balancer_status_tree(lb_id)
- lb = statuses.get('loadbalancer')
- except exceptions.NotFound:
- continue
- for listener in lb.get('listeners', []):
- for policy in listener.get('l7policies'):
- test_utils.call_and_ignore_notfound_exc(
- cls.l7policies_client.delete_l7policy,
- policy.get('id'))
- cls._wait_for_load_balancer_status(lb_id)
- for pool in listener.get('pools'):
- cls.delete_lb_pool_resources(lb_id, pool)
- # delete listener
- test_utils.call_and_ignore_notfound_exc(
- cls.listeners_client.delete_listener,
- listener.get('id'))
- cls._wait_for_load_balancer_status(lb_id)
- # delete pools not attached to listener, but loadbalancer
- for pool in lb.get('pools', []):
- cls.delete_lb_pool_resources(lb_id, pool)
- # delete load-balancer
- test_utils.call_and_ignore_notfound_exc(
- cls._delete_load_balancer, lb_id)
- # NSX-v: delete exclusive router
- cls.delete_router(cls.router)
- super(BaseTestCase, cls).resource_cleanup()
-
- @classmethod
- def delete_lb_pool_resources(cls, lb_id, pool):
- # delete pool's health-monitor
- hm = pool.get('healthmonitor')
- if hm:
- test_utils.call_and_ignore_notfound_exc(
- cls.health_monitors_client.delete_health_monitor,
- pool.get('healthmonitor').get('id'))
- cls._wait_for_load_balancer_status(lb_id)
- # delete pool's members
- members = pool.get('members', [])
- for member in members:
- test_utils.call_and_ignore_notfound_exc(
- cls.members_client.delete_member,
- pool.get('id'), member.get('id'))
- cls._wait_for_load_balancer_status(lb_id)
- # delete pool
- test_utils.call_and_ignore_notfound_exc(
- cls.pools_client.delete_pool, pool.get('id'))
- cls._wait_for_load_balancer_status(lb_id)
-
- @classmethod
- def setUpClass(cls):
- cls.LOG = logging.getLogger(cls._get_full_case_name())
- super(BaseTestCase, cls).setUpClass()
-
- def setUp(cls):
- cls.LOG.info(('Starting: {0}').format(cls._testMethodName))
- super(BaseTestCase, cls).setUp()
-
- def tearDown(cls):
- super(BaseTestCase, cls).tearDown()
- cls.LOG.info(('Finished: {0}').format(cls._testMethodName))
-
- @classmethod
- def _create_load_balancer(cls, wait=True, **lb_kwargs):
- lb = cls.load_balancers_client.create_load_balancer(**lb_kwargs)
- lb = lb.get('loadbalancer', lb)
- cls._lbs_to_delete.append(lb.get('id'))
- if wait:
- cls._wait_for_load_balancer_status(lb.get('id'))
-
- port = cls.ports_client.show_port(lb['vip_port_id'])
- cls.ports.append(port['port'])
- return lb
-
- @classmethod
- def _create_active_load_balancer(cls, **kwargs):
- lb = cls._create_load_balancer(**kwargs)
- lb = lb.get('loadbalancer', lb)
- lb = cls._wait_for_load_balancer_status(lb.get('id'))
- return lb
-
- @classmethod
- def _delete_load_balancer(cls, load_balancer_id, wait=True):
- cls.load_balancers_client.delete_load_balancer(load_balancer_id)
- if wait:
- cls._wait_for_load_balancer_status(
- load_balancer_id, delete=True)
-
- @classmethod
- def _update_load_balancer(cls, load_balancer_id, wait=True, **lb_kwargs):
- lb = cls.load_balancers_client.update_load_balancer(
- load_balancer_id, **lb_kwargs)
- lb = lb.get('loadbalancer', lb)
- if wait:
- cls._wait_for_load_balancer_status(
- load_balancer_id)
- return lb
-
- @classmethod
- def _show_load_balancer(cls, load_balancer_id):
- lb = cls.load_balancers_client.show_load_balancer(load_balancer_id)
- lb = lb.get('loadbalancer', lb)
- return lb
-
- @classmethod
- def _list_load_balancers(cls, **filters):
- lbs = cls.load_balancers_client.list_load_balancers(**filters)
- lb_list = lbs.get('loadbalancers', lbs)
- return lb_list
-
- @classmethod
- def _wait_for_load_balancer_status(cls, load_balancer_id,
- provisioning_status='ACTIVE',
- operating_status='ONLINE',
- delete=False):
- return cls.load_balancers_client.wait_for_load_balancer_status(
- load_balancer_id,
- provisioning_status=provisioning_status,
- operating_status=operating_status,
- is_delete_op=delete)
-
- @classmethod
- def _show_load_balancer_status_tree(cls, load_balancer_id):
- statuses = cls.load_balancers_client.show_load_balancer_status_tree(
- load_balancer_id=load_balancer_id)
- statuses = statuses.get('statuses', statuses)
- return statuses
-
- @classmethod
- def _show_load_balancer_stats(cls, load_balancer_id):
- stats = cls.load_balancers_client.show_load_balancer_stats(
- load_balancer_id=load_balancer_id)
- stats = stats.get('stats', stats)
- return stats
-
- @classmethod
- def _create_listener(cls, wait=True, **listener_kwargs):
- listener = cls.listeners_client.create_listener(**listener_kwargs)
- listener = listener.get('listener', listener)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
- return listener
-
- @classmethod
- def _delete_listener(cls, listener_id, wait=True):
- cls.listeners_client.delete_listener(listener_id)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
-
- @classmethod
- def _update_listener(cls, listener_id, wait=True, **listener_kwargs):
- listener = cls.listeners_client.update_listener(
- listener_id, **listener_kwargs)
- listener = listener.get('listener', listener)
- if wait:
- cls._wait_for_load_balancer_status(
- cls.load_balancer.get('id'))
- return listener
-
- @classmethod
- def _show_listener(cls, listener_id):
- listener = cls.listeners_client.show_listener(listener_id)
- listener = listener.get('listener', listener)
- return listener
-
- @classmethod
- def _list_listeners(cls, **filters):
- lbs = cls.listeners_client.list_listeners(**filters)
- lb_list = lbs.get('listeners', lbs)
- return lb_list
-
- @classmethod
- def _create_pool(cls, wait=True, **pool_kwargs):
- pool = cls.pools_client.create_pool(**pool_kwargs)
- pool = pool.get('pool', pool)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
- return pool
-
- @classmethod
- def _delete_pool(cls, pool_id, wait=True):
- cls.pools_client.delete_pool(pool_id)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
-
- @classmethod
- def _update_pool(cls, pool_id, wait=True, **pool_kwargs):
- pool = cls.pools_client.update_pool(pool_id, **pool_kwargs)
- pool = pool.get('pool', pool)
- if wait:
- cls._wait_for_load_balancer_status(
- cls.load_balancer.get('id'))
- return pool
-
- @classmethod
- def _show_pool(cls, pool_id):
- pool = cls.pools_client.show_pool(pool_id)
- pool = pool.get('pool', pool)
- return pool
-
- @classmethod
- def _list_pools(cls, **filters):
- pools = cls.pools_client.list_pools(**filters)
- pool_list = pools.get('pools', pools)
- return pool_list
-
- def _create_health_monitor(self, wait=True, cleanup=True,
- **health_monitor_kwargs):
- hm = self.health_monitors_client.create_health_monitor(
- **health_monitor_kwargs)
- hm = hm.get('healthmonitor', hm)
- if cleanup:
- self.addCleanup(self._delete_health_monitor, hm.get('id'))
- if wait:
- self._wait_for_load_balancer_status(self.load_balancer.get('id'))
- return hm
-
- def _delete_health_monitor(self, health_monitor_id, wait=True):
- self.health_monitors_client.delete_health_monitor(health_monitor_id)
- if wait:
- self._wait_for_load_balancer_status(self.load_balancer.get('id'))
-
- def _update_health_monitor(self, health_monitor_id, wait=True,
- **health_monitor_kwargs):
- hm = self.health_monitors_client.update_health_monitor(
- health_monitor_id, **health_monitor_kwargs)
- hm = hm.get('healthmonitor', hm)
- if wait:
- self._wait_for_load_balancer_status(
- self.load_balancer.get('id'))
- return hm
-
- def _show_health_monitor(self, health_monitor_id):
- hm = self.health_monitors_client.show_health_monitor(health_monitor_id)
- hm = hm.get('healthmonitor', hm)
- return hm
-
- def _list_health_monitors(self, **filters):
- hms = self.health_monitors_client.list_health_monitors(**filters)
- hm_list = hms.get('healthmonitors', hms)
- return hm_list
-
- @classmethod
- def _create_member(cls, pool_id, wait=True, **member_kwargs):
- member = cls.members_client.create_member(pool_id, **member_kwargs)
- member = member.get('member', member)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
- return member
-
- @classmethod
- def _delete_member(cls, pool_id, member_id, wait=True):
- cls.members_client.delete_member(pool_id, member_id)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
-
- @classmethod
- def _update_member(cls, pool_id, member_id, wait=True,
- **member_kwargs):
- member = cls.members_client.update_member(
- pool_id, member_id, **member_kwargs)
- member = member.get('member', member)
- if wait:
- cls._wait_for_load_balancer_status(
- cls.load_balancer.get('id'))
- return member
-
- @classmethod
- def _show_member(cls, pool_id, member_id):
- member = cls.members_client.show_member(pool_id, member_id)
- member = member.get('member', member)
- return member
-
- @classmethod
- def _list_members(cls, pool_id, **filters):
- members = cls.members_client.list_members(pool_id, **filters)
- member_list = members.get('members', members)
- return member_list
-
- @classmethod
- def _create_l7policy(cls, wait=True, **kwargs):
- l7policy = cls.l7policies_client.create_l7policy(**kwargs)
- l7policy = l7policy.get('l7policy', l7policy)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
- return l7policy
-
- @classmethod
- def _delete_l7policy(cls, policy_id, wait=True):
- cls.l7policies_client.delete_l7policy(policy_id)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
-
- @classmethod
- def _update_l7policy(cls, policy_id, wait=True, **kwargs):
- l7policy = cls.l7policies_client.update_l7policy(policy_id, **kwargs)
- l7policy = l7policy.get('l7policy', l7policy)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
- return l7policy
-
- @classmethod
- def _show_l7policy(cls, policy_id, **fields):
- l7policy = cls.l7policies_client.show_l7policy(policy_id, **fields)
- l7policy = l7policy.get('l7policy', l7policy)
- return l7policy
-
- @classmethod
- def _list_l7policies(cls, **filters):
- l7policies = cls.l7policies_client.list_l7policies(**filters)
- l7policies = l7policies.get('l7policies', l7policies)
- return l7policies
-
- @classmethod
- def _create_l7rule(cls, policy_id, wait=True, **kwargs):
- l7rule = cls.l7rules_client.create_l7rule(policy_id, **kwargs)
- l7rule = l7rule.get('rule', l7rule)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
- return l7rule
-
- @classmethod
- def _delete_l7rule(cls, policy_id, rule_id, wait=True):
- cls.l7rules_client.delete_l7rule(policy_id, rule_id)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
-
- @classmethod
- def _update_l7rule(cls, policy_id, rule_id, wait=True, **kwargs):
- l7rule = cls.l7rules_client.update_l7rule(policy_id, rule_id,
- **kwargs)
- l7rule = l7rule.get('rule', l7rule)
- if wait:
- cls._wait_for_load_balancer_status(cls.load_balancer.get('id'))
- return l7rule
-
- @classmethod
- def _show_l7rule(cls, policy_id, rule_id, **fields):
- l7rule = cls.l7rules_client.show_l7rule(policy_id, rule_id, **fields)
- l7rule = l7rule.get('rule', l7rule)
- return l7rule
-
- @classmethod
- def _list_l7rules(cls, policy_id, **filters):
- l7rules = cls.l7rules_client.list_l7rules(policy_id, **filters)
- l7rules = l7rules.get('rules', l7rules)
- return l7rules
-
- @classmethod
- def _check_status_tree(cls, load_balancer_id, listener_ids=None,
- pool_ids=None, health_monitor_id=None,
- member_ids=None):
- statuses = cls._show_load_balancer_status_tree(load_balancer_id)
- load_balancer = statuses['loadbalancer']
- assert 'ONLINE' == load_balancer['operating_status']
- assert 'ACTIVE' == load_balancer['provisioning_status']
-
- if listener_ids:
- cls._check_status_tree_thing(listener_ids,
- load_balancer['listeners'])
- if pool_ids:
- cls._check_status_tree_thing(pool_ids,
- load_balancer['listeners']['pools'])
- if member_ids:
- cls._check_status_tree_thing(
- member_ids,
- load_balancer['listeners']['pools']['members'])
- if health_monitor_id:
- health_monitor = (
- load_balancer['listeners']['pools']['health_monitor'])
- assert health_monitor_id == health_monitor['id']
- assert 'ACTIVE' == health_monitor['provisioning_status']
-
- @classmethod
- def _check_status_tree_thing(cls, actual_thing_ids, status_tree_things):
- found_things = 0
- status_tree_things = status_tree_things
- assert len(actual_thing_ids) == len(status_tree_things)
- for actual_thing_id in actual_thing_ids:
- for status_tree_thing in status_tree_things:
- if status_tree_thing['id'] == actual_thing_id:
- assert 'ONLINE' == (
- status_tree_thing['operating_status'])
- assert 'ACTIVE' == (
- status_tree_thing['provisioning_status'])
- found_things += 1
- assert len(actual_thing_ids) == found_things
-
- @classmethod
- def _get_full_case_name(cls):
- name = '{module}:{case_name}'.format(
- module=cls.__module__,
- case_name=cls.__name__
- )
- return name
-
-
-class BaseAdminTestCase(BaseTestCase):
-
- # This class picks admin credentials and run the tempest tests
- _setup_lbaas_non_admin_resource = False
-
- @classmethod
- def resource_setup(cls):
- super(BaseAdminTestCase, cls).resource_setup()
-
- cls.admin_mgr = cls.get_client_manager(credential_type='admin')
- cls.admin_tenant_id = cls.admin_mgr.networks_client.tenant_id
- cls.create_lbaas_clients(cls.admin_mgr)
- cls.setup_lbaas_core_network()
-
- @classmethod
- def resource_cleanup(cls):
- super(BaseAdminTestCase, cls).resource_cleanup()
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_health_monitors_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_health_monitors_admin.py
deleted file mode 100644
index c341bafe97..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_health_monitors_admin.py
+++ /dev/null
@@ -1,101 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-from oslo_utils import uuidutils
-
-from tempest import config
-from tempest.lib import decorators
-from tempest.lib import exceptions as ex
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class TestHealthMonitors(base.BaseAdminTestCase):
-
- """Tests the following operations in the Neutron-LBaaS API
-
- using the REST client for Health Monitors with ADMIN role:
-
- create health monitor with missing tenant_id
- create health monitor with empty tenant id
- create health monitor with another tenant_id
- """
-
- @classmethod
- def resource_setup(cls):
- super(TestHealthMonitors, cls).resource_setup()
- cls.load_balancer = cls._create_load_balancer(
- tenant_id=cls.subnet.get('tenant_id'),
- vip_subnet_id=cls.subnet.get('id'))
- cls.listener = cls._create_listener(
- loadbalancer_id=cls.load_balancer.get('id'),
- protocol='HTTP', protocol_port=80)
- cls.pool = cls._create_pool(
- protocol='HTTP', lb_algorithm='ROUND_ROBIN',
- listener_id=cls.listener.get('id'))
-
- @classmethod
- def resource_cleanup(cls):
- super(TestHealthMonitors, cls).resource_cleanup()
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('24cf7da4-b829-4df5-a133-b6cef97ec560')
- def test_create_health_monitor_missing_tenant_id_field(self):
- """Test if admin user can
-
- create health monitor with a missing tenant id field.
- """
- hm = self._create_health_monitor(type='HTTP', delay=3, max_retries=10,
- timeout=5,
- pool_id=self.pool.get('id'))
-
- admin_hm = self._show_health_monitor(hm.get('id'))
- admin_tenant_id = admin_hm.get('tenant_id')
- hm_tenant_id = hm.get('tenant_id')
- self.assertEqual(admin_tenant_id, hm_tenant_id)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('acbff982-15d6-43c5-a015-e72b7df30998')
- def test_create_health_monitor_empty_tenant_id_field(self):
- """Test with admin user
-
- creating health monitor with an empty tenant id field should fail.
- Kilo: @decorators.skip_because(bug="1638148")
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10,
- timeout=5,
- pool_id=self.pool.get('id'),
- tenant_id="")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('a318d351-a72e-46dc-a094-8a751e4fa7aa')
- def test_create_health_monitor_for_another_tenant_id_field(self):
- """Test with admin user
-
- create health Monitors for another tenant id.
- """
-
- tenantid = uuidutils.generate_uuid()
- hm = self._create_health_monitor(type='HTTP', delay=3, max_retries=10,
- timeout=5,
- pool_id=self.pool.get('id'),
- tenant_id=tenantid)
-
- self.assertEqual(hm.get('tenant_id'), tenantid)
- self.assertNotEqual(hm.get('tenant_id'),
- self.subnet.get('tenant_id'))
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_health_monitors_non_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_health_monitors_non_admin.py
deleted file mode 100644
index 755ec6d513..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_health_monitors_non_admin.py
+++ /dev/null
@@ -1,687 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.lib import decorators
-from tempest.lib import exceptions as ex
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-
-class TestHealthMonitors(base.BaseTestCase):
-
- """Tests the following operations in the Neutron-LBaaS API
-
- using the REST client for Health Monitors:
- list pools
- create pool
- get pool
- update pool
- delete pool
- """
-
- @classmethod
- def resource_setup(cls):
- super(TestHealthMonitors, cls).resource_setup()
- cls.load_balancer = cls._create_load_balancer(
- tenant_id=cls.subnet.get('tenant_id'),
- vip_subnet_id=cls.subnet.get('id'))
- cls.listener = cls._create_listener(
- loadbalancer_id=cls.load_balancer.get('id'),
- protocol='HTTP', protocol_port=80)
- cls.pool = cls._create_pool(
- protocol='HTTP', lb_algorithm='ROUND_ROBIN',
- listener_id=cls.listener.get('id'))
- cls.create_basic_hm_kwargs = {'type': 'HTTP', 'delay': 3,
- 'max_retries': 10, 'timeout': 5,
- 'pool_id': cls.pool.get('id')}
-
- # possible cause is bug#1638601: can not delete health monitor
- # temparary solution
- def remove_existing_health_monitors(self):
- """remove all existing hm because one pool can only one hm
-
- During testing, because bug#163860 and
- one pool can only have one health_monitor,
- we delete hm before testing -- acutally not very effective.
-
- hm_list = self._list_health_monitors()
- for hm in hm_list:
- test_utils.call_and_igonre_not_found_exc(
- self._delete_health_monitor,
- hm.get('id'))
- """
- return None
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('3c223a4d-3733-4daa-a6e3-69a31f9e7304')
- def test_list_health_monitors_empty(self):
- hm_list = self._list_health_monitors()
- self.assertEmpty(hm_list)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('76880edd-b01c-4b80-ba4d-1d10f35aaeb7')
- def test_list_health_monitors_one(self):
- hm = self._create_health_monitor(**self.create_basic_hm_kwargs)
- hm_list = self._list_health_monitors()
- self.assertIn(hm, hm_list)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('22b984d5-8284-4f7c-90c4-407d0e872ea8')
- def test_list_health_monitors_two(self):
- hm1 = self._create_health_monitor(**self.create_basic_hm_kwargs)
- new_listener = self._create_listener(
- loadbalancer_id=self.load_balancer.get('id'),
- protocol='HTTP', protocol_port=88)
- self.addCleanup(self._delete_listener, new_listener.get('id'))
- new_pool = self._create_pool(
- protocol='HTTP', lb_algorithm='ROUND_ROBIN',
- listener_id=new_listener.get('id'))
- self.addCleanup(self._delete_pool, new_pool.get('id'))
- hm2 = self._create_health_monitor(
- type='HTTP', max_retries=10, delay=3, timeout=5,
- pool_id=new_pool.get('id'))
- hm_list = self._list_health_monitors()
- self.assertEqual(2, len(hm_list))
- self.assertIn(hm1, hm_list)
- self.assertIn(hm2, hm_list)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('ca49b640-259c-49ee-be9c-b425a4bbd2cf')
- def test_get_health_monitor(self):
- hm = self._create_health_monitor(**self.create_basic_hm_kwargs)
- hm_test = self._show_health_monitor(hm.get('id'))
- self.assertEqual(hm, hm_test)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('80ded4c2-2277-4e19-8280-3519b22a999e')
- def test_create_health_monitor(self):
- new_hm = self._create_health_monitor(**self.create_basic_hm_kwargs)
- hm = self._show_health_monitor(new_hm.get('id'))
- self.assertEqual(new_hm, hm)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('387f669b-7a02-4ab3-880d-719dd79ff853')
- def test_create_health_monitor_missing_attribute(self):
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type=['smoke', 'negative'])
- @decorators.idempotent_id('bf2ec88e-91d3-48f5-b9f2-be3dab21445c')
- def test_create_health_monitor_missing_required_field_type(self):
- """Test if a non_admin user can
-
- create a health monitor with type missing
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type=['smoke', 'negative'])
- @decorators.idempotent_id('85110a81-d905-40f1-92c0-7dafb1617915')
- def test_create_health_monitor_missing_required_field_delay(self):
- """Test if a non_admin user can
-
- create a health monitor with delay missing
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type=['smoke', 'negative'])
- @decorators.idempotent_id('10ed9396-271a-4edd-948d-93ad44df2713')
- def test_create_health_monitor_missing_required_field_timeout(self):
- """Test if a non_admin user can
-
- create a health monitor with timeout missing
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type=['smoke', 'negative'])
- @decorators.idempotent_id('69614cb5-9078-4b93-8dfa-45d59ac240f8')
- def test_create_health_monitor_missing_required_field_max_retries(self):
- """Test if a non_admin user
-
- can create a health monitor with max_retries missing
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, timeout=5,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type=['smoke', 'negative'])
- @decorators.idempotent_id('543d1f68-1b3a-49c8-bc6c-3eb8123b6e9a')
- def test_create_health_monitor_missing_required_field_pool_id(self):
- """Test if a non_admin user
-
- can create a health monitor with pool_id missing
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('4f8d17d2-3e52-4e34-83c7-4398b328c559')
- def test_create_health_monitor_missing_admin_state_up(self):
- """Test if a non_admin user
-
- can create a health monitor with admin_state_up missing
- """
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- hm_test = self._show_health_monitor(hm.get('id'))
- self.assertEqual(hm, hm_test)
- self.assertEqual(True, hm_test.get('admin_state_up'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('6e1066d3-f358-446e-a574-5d4ceaf0b51d')
- def test_create_health_monitor_missing_http_method(self):
- """Test if a non_admin user
-
- can create a health monitor with http_method missing
- """
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- hm_test = self._show_health_monitor(hm.get('id'))
- self.assertEqual(hm, hm_test)
- self.assertEqual('GET', hm_test.get('http_method'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('9b25196f-7476-4ed7-9542-1f22a76b79f8')
- def test_create_health_monitor_missing_url_path(self):
- """Test if a non_admin user
-
- can create a health monitor with url_path missing
- """
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- hm_test = self._show_health_monitor(hm.get('id'))
- self.assertEqual(hm, hm_test)
- self.assertEqual('/', hm_test.get('url_path'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('c69da922-1c46-4b9b-8b8b-2e700d506a9c')
- def test_create_health_monitor_missing_expected_codes(self):
- """Test if a non_admin user
-
- can create a health monitor with expected_codes missing
- """
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- hm_test = self._show_health_monitor(hm.get('id'))
- self.assertEqual(hm, hm_test)
- self.assertEqual('200', hm_test.get('expected_codes'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('a00cb8e0-cd0b-44d0-85b0-5935a0297e37')
- def test_create_health_monitor_invalid_tenant_id(self):
- """Test create health monitor with invalid tenant_id"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- tenant_id='blah',
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('fcd93a6d-1fec-4031-9c18-611f4f3b270e')
- def test_create_health_monitor_invalid_type(self):
- """Test create health monitor with invalid type"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='blah', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('3c2829d9-5d51-4bcc-b83e-f28f6e6d0bc3')
- def test_create_health_monitor_invalid_delay(self):
- """Test create health monitor with invalid delay"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay='blah', max_retries=10,
- timeout=5, pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('7155e366-72a2-47a0-9fcf-25e38a3ef7f7')
- def test_create_health_monitor_invalid_max_retries(self):
- """Test create health monitor with invalid max_retries"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries='blah',
- timeout=5, pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('fb5d0016-5ea6-4697-8049-e80473e67880')
- def test_create_health_monitor_invalid_timeout(self):
- """Test create health monitor with invalid timeout"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10,
- timeout='blah', pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('7f3e6e95-3eac-4a46-983a-ba1fd3b0afdf')
- def test_create_health_monitor_invalid_pool_id(self):
- """Test create health monitor with invalid pool id"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('f5aacc27-3573-4749-9cb9-3261fcabf1e9')
- def test_create_health_monitor_invalid_admin_state_up(self):
- """Test if a non_admin user
-
- can create a health monitor with invalid admin_state_up
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'),
- admin_state_up='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('0f9f2488-aefb-44c9-a08b-67b715e63091')
- def test_create_health_monitor_invalid_expected_codes(self):
- """Test if a non_admin user
-
- can create a health monitor with invalid expected_codes
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'),
- expected_codes='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('0d637b7f-52ea-429f-8f97-584a5a9118aa')
- def test_create_health_monitor_invalid_url_path(self):
- """Test if a non_admin user
-
- can create a health monitor with invalid url_path
- Kilo: @decorators.skip_because(bug="1641652")
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'), url_path='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('7d4061c4-1fbc-43c3-81b5-2d099a120297')
- def test_create_health_monitor_invalid_http_method(self):
- """Test if a non_admin user
-
- can create a health monitor with invalid http_method
- Kilo: @decorators.skip_because(bug="1641643")
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'), http_method='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('b655cee7-df0d-4531-bd98-a4918d2e752a')
- def test_create_health_monitor_empty_type(self):
- """Test create health monitor with empty type"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('d843c9f4-507e-462f-8f2b-319af23029db')
- def test_create_health_monitor_empty_delay(self):
- """Test create health monitor with empty delay"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay='', max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('bb9cb2b0-2684-4f4d-b344-6e7b0c58b019')
- def test_create_health_monitor_empty_timeout(self):
- """Test create health monitor with empty timeout"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout='',
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('3b52441d-5e8a-4d17-b772-bd261d0c2656')
- def test_create_health_monitor_empty_max_retries(self):
- """Test create health monitor with empty max_retries"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries='', timeout=5,
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('397aa201-25c1-4828-8c60-9cee5c4d89ab')
- # NSX-v does reject empty pool_id
- def test_create_health_monitor_empty_max_pool_id(self):
- """Test create health monitor with empty pool_id"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('e806c916-877c-41dc-bacb-aabd9684a540')
- # NSX-v does reject empty admin_state_up
- def test_create_health_monitor_empty_max_admin_state_up(self):
- """Test create health monitor with empty admin_state_up"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'), admin_state_up='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('9c8e8fe8-a3a2-481b-9ac8-eb9ecccd8330')
- def test_create_health_monitor_empty_max_http_method(self):
- """Test create health monitor with empty http_method
-
- Kilo: @decorators.skip_because(bug="1639340")
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'), http_method='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('9016c846-fc7c-4063-9f01-61fad37c435d')
- def test_create_health_monitor_empty_max_url_path(self):
- """Test create health monitor with empty url_path
-
- Kilo: @decorators.skip_because(bug="1639340")
- """
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'), url_path='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('5df60d27-55ec-42a9-96cd-3affa611c8b1')
- # NSX-v does reject empty expected_codes
- def test_create_health_monitor_empty_expected_codes(self):
- """Test create health monitor with empty expected_codes"""
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10, timeout=5,
- pool_id=self.pool.get('id'), expected_codes='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('da63bd3a-89d5-40dd-b920-420263cbfd93')
- def test_create_health_monitor_invalid_attribute(self):
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries='twenty one',
- pool_id=self.pool.get('id'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('2005ded4-7d26-4946-8d22-e05bf026bd44')
- def test_create_health_monitor_extra_attribute(self):
- self.assertRaises(ex.BadRequest, self._create_health_monitor,
- type='HTTP', delay=3, max_retries=10,
- pool_id=self.pool.get('id'), subnet_id=10)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('79b4a4f9-1d2d-4df0-a11b-dd97f973dff2')
- def test_update_health_monitor(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- max_retries = 1
- new_hm = self._update_health_monitor(
- hm.get('id'), max_retries=max_retries)
- self.assertEqual(max_retries, new_hm.get('max_retries'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('9496ba1f-e917-4972-883b-432e44f3cf19')
- def test_update_health_monitor_missing_admin_state_up(self):
- """Test update health monitor with missing admin state field"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- new_hm = self._update_health_monitor(hm.get('id'))
- self.assertEqual(True, new_hm.get('admin_state_up'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('88570f22-cb68-47b4-a020-52b75af818d3')
- def test_update_health_monitor_missing_delay(self):
- """Test update health monitor with missing delay field"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- new_hm = self._update_health_monitor(hm.get('id'))
- self.assertEqual(hm.get('delay'), new_hm.get('delay'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('45ace70d-28a5-405d-95cd-b2c92ccaa593')
- def test_update_health_monitor_missing_timeout(self):
- """Test update health monitor with missing timeout field"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- new_hm = self._update_health_monitor(hm.get('id'))
- self.assertEqual(hm.get('timeout'), new_hm.get('timeout'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('269af536-2352-4772-bf35-268df9f4542c')
- def test_update_health_monitor_missing_max_retries(self):
- """Test update health monitor with missing max retries field"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- new_hm = self._update_health_monitor(hm.get('id'))
- self.assertEqual(hm.get('max_retries'), new_hm.get('max_retries'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('318d972f-9cd1-42ef-9b8b-2f91ba785ac7')
- def test_update_health_monitor_missing_http_method(self):
- """Test update health monitor with missing http_method field"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- new_hm = self._update_health_monitor(hm.get('id'))
- self.assertEqual(hm.get('http_method'), new_hm.get('http_method'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('4b97ab67-889d-480c-bedc-f06d86479bb5')
- def test_update_health_monitor_missing_url_path(self):
- """Test update health monitor with missing url_path field"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- new_hm = self._update_health_monitor(hm.get('id'))
- self.assertEqual(hm.get('url_path'), new_hm.get('url_path'))
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('095cdb91-0937-4ae1-8b46-5edd10f00a1e')
- def test_update_health_monitor_missing_expected_codes(self):
- """Test update health monitor with missing expected_codes field"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
-
- new_hm = self._update_health_monitor(hm.get('id'))
- self.assertEqual(hm.get('expected_codes'),
- new_hm.get('expected_codes'))
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('646d74ed-9afe-4710-a677-c36f85482731')
- def test_update_health_monitor_invalid_attribute(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), max_retries='blue')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('9d717551-82ab-4073-a269-8b05b67d8306')
- def test_update_health_monitor_invalid_admin_state_up(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), admin_state_up='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('b865dc8a-695b-4f15-891c-e73b7402ddeb')
- def test_update_health_monitor_invalid_delay(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), delay='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('813c8bc1-7ba6-4ae5-96f3-1fdb10ae7be3')
- def test_update_health_monitor_invalid_timeout(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), timeout='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('05456473-5014-43ae-97a2-3790e4987526')
- def test_update_health_monitor_invalid_max_retries(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), max_retries='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('1e2fb718-de77-46a3-8897-6f5aff6cab5e')
- def test_update_health_monitor_invalid_http_method(self):
- """Kilo: @decorators.skip_because(bug="1641643")"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), http_method='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('07d62a55-18b3-4b74-acb2-b73a0b5e4364')
- def test_update_health_monitor_invalid_url_path(self):
- """Kilo: @decorators.skip_because(bug="1641652")"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), url_path='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('47c96e10-4863-4635-8bc6-371d460f61bc')
- def test_update_health_monitor_invalid_expected_codes(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), expected_codes='blah')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('8594b3a3-70e8-4dfa-8928-18bc1cc7ab4a')
- def test_update_health_monitor_empty_admin_state_up(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), admin_state_up='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('1e1b761d-5114-4931-935d-1069d66e2bb1')
- def test_update_health_monitor_empty_delay(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), empty_delay='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('e6e4a6b7-50b4-465d-be02-44fd5f258bb6')
- def test_update_health_monitor_empty_timeout(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), timeout='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('65d05adf-a399-4457-bd83-92c43c1eca01')
- def test_update_health_monitor_empty_max_retries(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), max_retries='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('0c464bb3-ff84-4816-9237-4583e4da9881')
- def test_update_health_monitor_empty_empty_http_method(self):
- """Kilo: @decorators.skip_because(bug="1639340")"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), http_method='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('3e87c0a8-ef15-457c-a58f-270de8c5c76c')
- def test_update_health_monitor_empty_url_path(self):
- """Kilo: @decorators.skip_because(bug="1639340")"""
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), url_path='')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('d45189e6-db9f-44d1-b5ad-8b7691e781ee')
- def test_update_health_monitor_empty_expected_codes(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), expected_codes='')
-
- @decorators.attr(type=['smoke', 'negative'])
- @decorators.idempotent_id('cf70e44e-8060-494a-b577-d656726ba3d8')
- def test_update_health_monitor_extra_attribute(self):
- hm = self._create_health_monitor(type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self.assertRaises(ex.BadRequest,
- self._update_health_monitor,
- hm.get('id'), protocol='UDP')
-
- @decorators.attr(type=['smoke', 'negative'])
- @decorators.idempotent_id('fe44e0d9-957b-44cf-806b-af7819444864')
- def test_delete_health_monitor(self):
- """Kilo: @decorators.skip_because(bug="1639340")"""
- hm = self._create_health_monitor(cleanup=False, type='HTTP', delay=3,
- max_retries=10, timeout=5,
- pool_id=self.pool.get('id'))
- self._delete_health_monitor(hm.get('id'))
- self.assertRaises(ex.NotFound,
- self._show_health_monitor,
- hm.get('id'))
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_l7policies_non_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_l7policies_non_admin.py
deleted file mode 100644
index 82603d03a5..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_l7policies_non_admin.py
+++ /dev/null
@@ -1,157 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest import config
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-PROTOCOL_PORT = 80
-
-
-class TestL7Policies(base.BaseTestCase):
-
- @classmethod
- def skip_checks(cls):
- super(TestL7Policies, cls).skip_checks()
- if '1739510' in CONF.nsxv.bugs_to_resolve:
- msg = ("skip lbaas_l7_switching_ops because bug=1739150"
- " -- l7 switching is not supported")
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(TestL7Policies, cls).resource_setup()
- cls.load_balancer = cls._create_load_balancer(
- tenant_id=cls.subnet.get('tenant_id'),
- vip_subnet_id=cls.subnet.get('id'),
- wait=True)
- cls.loadbalancer_id = cls.load_balancer.get('id')
- cls.listener = cls._create_listener(
- loadbalancer_id=cls.load_balancer.get('id'),
- protocol='HTTP', protocol_port=80)
- cls.listener_id = cls.listener.get('id')
- cls.pool = cls._create_pool(protocol='HTTP',
- tenant_id=cls.tenant_id,
- lb_algorithm='ROUND_ROBIN',
- listener_id=cls.listener_id)
- cls.pool_id = cls.pool.get('id')
- cls.pool7 = cls._create_pool(protocol='HTTP',
- tenant_id=cls.tenant_id,
- lb_algorithm='ROUND_ROBIN',
- loadbalancer_id=cls.loadbalancer_id)
- cls.pool7_id = cls.pool7.get('id')
-
- @classmethod
- def resource_cleanup(cls):
- super(TestL7Policies, cls).resource_cleanup()
-
- def remove_all_policies(self):
- policies = self._list_l7policies()
- for policy in policies:
- self._delete_l7policy(policy.get('id'))
- policies = self._list_l7policies()
- self.assertEmpty(policies)
-
- def create_to_pool_policy(self, to_position=None, name='policy-pool'):
- policy_kwargs = dict(
- action='REDIRECT_TO_POOL', name=name,
- redirect_pool_id=self.pool7_id,
- listener_id=self.listener_id)
- if to_position:
- policy_kwargs['position'] = to_position
- policy = self._create_l7policy(**policy_kwargs)
- self.assertEqual(policy.get('name'), name)
- self.assertEqual(policy.get('listener_id'), self.listener_id)
- self.assertEqual(policy.get('redirect_pool_id'), self.pool7_id)
- return policy
-
- def create_to_url_policy(self, redirect_url=None, to_position=None,
- name='policy-url'):
- policy_kwargs = dict(
- action='REDIRECT_TO_URL', name=name,
- redirect_url=redirect_url,
- redirect_pool_id=self.pool7_id,
- listener_id=self.listener_id)
- if to_position:
- policy_kwargs['position'] = to_position
- policy = self._create_l7policy(**policy_kwargs)
- self.assertEqual(policy.get('name'), name)
- self.assertEqual(policy.get('listener_id'), self.listener_id)
- self.assertEqual(policy.get('redirect_pool_id'), self.pool7_id)
- return policy
-
- def create_reject_policy(self, to_position=1, name='policy-reject'):
- policy_kwargs = dict(
- action='REJECT', name=name,
- redirect_pool_id=self.pool7_id,
- listener_id=self.listener_id)
- if to_position:
- policy_kwargs['position'] = to_position
- policy = self._create_l7policy(**policy_kwargs)
- self.assertEqual(policy.get('name'), name)
- self.assertEqual(policy.get('listener_id'), self.listener_id)
- self.assertEqual(policy.get('redirect_pool_id'), self.pool7_id)
- return policy
-
- @decorators.idempotent_id('465c9bea-53de-4a1f-ae00-fa2ee52d250b')
- def test_l7policies_crud_ops(self):
- policy = self.create_to_pool_policy()
- # update
- new_policy_name = policy.get('name') + "-update"
- policy2 = self._update_l7policy(policy.get('id'),
- name=new_policy_name)
- self.assertEqual(policy2.get('name'), new_policy_name)
- # show
- s_policy = self._show_l7policy(policy.get('id'))
- self.assertEqual(policy2.get('name'), s_policy.get('name'))
- # list
- policies = self._list_l7policies()
- policy_id_list = [x.get('id') for x in policies]
- self.assertIn(policy.get('id'), policy_id_list)
- # delete
- self._delete_l7policy(policy.get('id'))
- policies = self._list_l7policies()
- policy_id_list = [x.get('id') for x in policies]
- self.assertNotIn(policy.get('id'), policy_id_list)
-
- @decorators.idempotent_id('726588f4-970a-4f32-8253-95766ddaa7b4')
- def test_policy_position(self):
- self.remove_all_policies()
- policy1 = self.create_to_pool_policy()
- self.assertEqual(policy1.get('position'), 1)
- # create reject_policy at position=1
- policy2 = self.create_reject_policy(to_position=1)
- self.assertEqual(policy2.get('position'), 1)
- policy1A = self._show_l7policy(policy1.get('id'))
- self.assertEqual(policy1A.get('position'), 2)
- # create to_url_policy at position=2
- policy3 = self.create_to_url_policy(to_position=2)
- self.assertEqual(policy3.get('position'), 2)
- policy2A = self._show_l7policy(policy2.get('id'))
- self.assertEqual(policy2A.get('position'), 1)
- policy1A = self._show_l7policy(policy1.get('id'))
- self.assertEqual(policy1A.get('position'), 3)
- # delete policy3, policy1 position==2
- self._delete_l7policy(policy3.get('id'))
- policy1A = self._show_l7policy(policy1.get('id'))
- self.assertEqual(policy1A.get('position'), 2)
- policy2A = self._show_l7policy(policy2.get('id'))
- self.assertEqual(policy2A.get('position'), 1)
- self._delete_l7policy(policy2.get('id'))
- policies = self._list_l7policies()
- self.assertEqual(len(policies), 1)
- self.assertEqual(policy1.get('id'), policies[0].get('id'))
- self._delete_l7policy(policy1.get('id'))
- policies = self._list_l7policies()
- self.assertEmpty(policies)
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_l7rules_non_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_l7rules_non_admin.py
deleted file mode 100644
index e506342f14..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_l7rules_non_admin.py
+++ /dev/null
@@ -1,89 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest import config
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-PROTOCOL_PORT = 80
-
-
-class TestL7Rules(base.BaseTestCase):
-
- @classmethod
- def skip_checks(cls):
- super(TestL7Rules, cls).skip_checks()
- if '1739510' in CONF.nsxv.bugs_to_resolve:
- msg = ("skip lbaas_l7_switching_ops because bug=1739150"
- " -- l7 switching is not supported")
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(TestL7Rules, cls).resource_setup()
- cls.load_balancer = cls._create_load_balancer(
- tenant_id=cls.subnet.get('tenant_id'),
- vip_subnet_id=cls.subnet.get('id'),
- wait=True)
- cls.loadbalancer_id = cls.load_balancer.get('id')
- cls.listener = cls._create_listener(
- loadbalancer_id=cls.load_balancer.get('id'),
- protocol='HTTP', protocol_port=80)
- cls.listener_id = cls.listener.get('id')
- cls.pool = cls._create_pool(protocol='HTTP',
- tenant_id=cls.tenant_id,
- lb_algorithm='ROUND_ROBIN',
- listener_id=cls.listener_id)
- cls.pool_id = cls.pool.get('id')
- cls.pool7 = cls._create_pool(protocol='HTTP',
- tenant_id=cls.tenant_id,
- lb_algorithm='ROUND_ROBIN',
- loadbalancer_id=cls.loadbalancer_id)
- cls.pool7_id = cls.pool7.get('id')
- cls.policy7 = cls._create_l7policy(action='REDIRECT_TO_POOL',
- name='policy1',
- redirect_pool_id=cls.pool7_id,
- listener_id=cls.listener_id)
- cls.policy7_id = cls.policy7.get('id')
-
- @classmethod
- def resource_cleanup(cls):
- super(TestL7Rules, cls).resource_cleanup()
-
- @decorators.idempotent_id('27e8a3a1-bd3a-40e5-902d-fe9bc79ebf1f')
- def test_l7rules_crud_ops(self):
- rule = self._create_l7rule(self.policy7_id,
- type='PATH',
- compare_type='STARTS_WITH',
- value='/api')
- self.assertEqual(rule.get('compare_type'), 'STARTS_WITH')
- self.assertEqual(rule.get('value'), '/api')
- self.assertEqual(rule.get('type'), 'PATH')
- # update
- new_value = '/v2/api'
- rule2 = self._update_l7rule(self.policy7_id, rule.get('id'),
- value=new_value)
- self.assertEqual(rule2.get('value'), new_value)
- # show
- s_rule = self._show_l7rule(self.policy7_id, rule.get('id'))
- self.assertEqual(s_rule.get('value'), new_value)
- # list
- rules = self._list_l7rules(self.policy7_id)
- rule_id_list = [x.get('id') for x in rules]
- self.assertIn(rule.get('id'), rule_id_list)
- # delete
- self._delete_l7rule(self.policy7_id, rule.get('id'))
- rules = self._list_l7rules(self.policy7_id)
- rule_id_list = [x.get('id') for x in rules]
- self.assertNotIn(rule.get('id'), rule_id_list)
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_listeners_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_listeners_admin.py
deleted file mode 100644
index 7e1fbd232c..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_listeners_admin.py
+++ /dev/null
@@ -1,110 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib import decorators
-from tempest.lib import exceptions as ex
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class ListenersTest(base.BaseAdminTestCase):
-
- """Tests the listener creation operation in admin scope
-
- in the Neutron-LBaaS API using the REST client for Listeners:
-
- """
-
- @classmethod
- def resource_setup(cls):
- super(ListenersTest, cls).resource_setup()
- cls.create_lb_kwargs = {'tenant_id': cls.subnet['tenant_id'],
- 'vip_subnet_id': cls.subnet['id']}
- cls.load_balancer = cls._create_active_load_balancer(
- **cls.create_lb_kwargs)
- cls.protocol = 'HTTP'
- cls.port = 80
- cls.load_balancer_id = cls.load_balancer['id']
- cls.create_listener_kwargs = {'loadbalancer_id': cls.load_balancer_id,
- 'protocol': cls.protocol,
- 'protocol_port': cls.port}
- cls.listener = cls._create_listener(
- **cls.create_listener_kwargs)
- cls.listener_id = cls.listener['id']
-
- @classmethod
- def resource_cleanup(cls):
- super(ListenersTest, cls).resource_cleanup()
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('f84bfb35-7f73-4576-b2ca-26193850d2bf')
- def test_create_listener_empty_tenant_id(self):
- """Test create listener with an empty tenant id should fail
-
- Kilo: @decorators.skip_because(bug="1638738")
- """
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8081
- create_new_listener_kwargs['tenant_id'] = ""
- self.assertRaises(ex.BadRequest,
- self._create_listener,
- **create_new_listener_kwargs)
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('71ebb8d6-ff2a-410d-a089-b086f195609d')
- def test_create_listener_invalid_tenant_id(self):
- """Test create listener with an invalid tenant id"""
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8082
- create_new_listener_kwargs['tenant_id'] = "&^%123"
- new_listener = self._create_listener(
- **create_new_listener_kwargs)
- new_listener_id = new_listener['id']
- self.addCleanup(self._delete_listener, new_listener_id)
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id, new_listener_id])
- listener = self._show_listener(new_listener_id)
- self.assertEqual(new_listener, listener)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('55eaeab9-a21e-470c-8861-5af1ded9d64a')
- def test_create_listener_missing_tenant_id(self):
- """Test create listener with an missing tenant id.
-
- Verify that creating a listener in admin scope with
- a missing tenant_id creates the listener with admin
- tenant_id.
- """
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8083
- admin_listener = self._create_listener(
- **create_new_listener_kwargs)
- admin_listener_id = admin_listener['id']
- self.addCleanup(self._delete_listener, admin_listener_id)
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id, admin_listener_id])
- listener = self._show_listener(admin_listener_id)
- self.assertEqual(admin_listener, listener)
- self.assertEqual(admin_listener.get('tenant_id'),
- listener.get('tenant_id'))
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_listeners_non_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_listeners_non_admin.py
deleted file mode 100644
index 7daac282c2..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_listeners_non_admin.py
+++ /dev/null
@@ -1,603 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib import decorators
-from tempest.lib import exceptions
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class ListenersTest(base.BaseTestCase):
-
- """Tests the following operations in the Neutron-LBaaS API
-
- using the REST client for Listeners:
-
- list listeners
- create listener
- get listener
- update listener
- delete listener
- """
-
- @classmethod
- def resource_setup(cls):
- super(ListenersTest, cls).resource_setup()
- cls.create_lb_kwargs = {'tenant_id': cls.subnet['tenant_id'],
- 'vip_subnet_id': cls.subnet['id']}
- cls.load_balancer = cls._create_active_load_balancer(
- **cls.create_lb_kwargs)
- cls.protocol = 'HTTP'
- cls.port = 80
- cls.load_balancer_id = cls.load_balancer['id']
- cls.create_listener_kwargs = {'loadbalancer_id': cls.load_balancer_id,
- 'protocol': cls.protocol,
- 'protocol_port': cls.port}
- cls.listener = cls._create_listener(**cls.create_listener_kwargs)
- cls.listener_id = cls.listener['id']
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('32ae6156-d809-49fc-a45b-55269660651c')
- def test_get_listener(self):
- """Test get listener"""
- listener = self._show_listener(self.listener_id)
- self.assertEqual(self.listener, listener)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('4013ab83-924a-4c53-982e-83388d7ad4d9')
- def test_list_listeners(self):
- """Test get listeners with one listener"""
- listeners = self._list_listeners()
- self.assertEqual(len(listeners), 1)
- self.assertIn(self.listener, listeners)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('04f58729-3f93-4616-bb9d-8baaff3542b2')
- def test_list_listeners_two(self):
- """Test get listeners with two listeners"""
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8080
- new_listener = self._create_listener(
- **create_new_listener_kwargs)
- new_listener_id = new_listener['id']
- self.addCleanup(self._delete_listener, new_listener_id)
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id, new_listener_id])
- listeners = self._list_listeners()
- self.assertEqual(len(listeners), 2)
- self.assertIn(self.listener, listeners)
- self.assertIn(new_listener, listeners)
- self.assertNotEqual(self.listener, new_listener)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('7989096b-95c2-4b26-86b1-5aec0a2d8386')
- def test_create_listener(self):
- """Test create listener"""
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8081
- new_listener = self._create_listener(
- **create_new_listener_kwargs)
- new_listener_id = new_listener['id']
- self.addCleanup(self._delete_listener, new_listener_id)
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id, new_listener_id])
- listener = self._show_listener(new_listener_id)
- self.assertEqual(new_listener, listener)
- self.assertNotEqual(self.listener, new_listener)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('f7ef7f56-b791-48e8-9bbe-838a3ed94519')
- def test_create_listener_missing_field_loadbalancer(self):
- """Test create listener with a missing required field loadbalancer"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- protocol_port=self.port,
- protocol=self.protocol)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('c392301c-3d9a-4123-85c3-124e4e3253f6')
- def test_create_listener_missing_field_protocol(self):
- """Test create listener with a missing required field protocol"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('12c1c5b5-81a9-4384-811e-7131f65f3b1b')
- def test_create_listener_missing_field_protocol_port(self):
- """Test create listener with a missing required field protocol_port"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol=self.protocol)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('214a7acc-eacb-4828-ad27-b7f4774947cf')
- def test_create_listener_missing_admin_state_up(self):
- """Test create listener with a missing admin_state_up field"""
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8083
- new_listener = self._create_listener(
- **create_new_listener_kwargs)
- new_listener_id = new_listener['id']
- self.addCleanup(self._delete_listener, new_listener_id)
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id, new_listener_id])
- listener = self._show_listener(new_listener_id)
- self.assertEqual(new_listener, listener)
- self.assertTrue(new_listener['admin_state_up'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('86d892dd-9025-4051-a160-8bf1bbb8c64d')
- def test_create_listener_invalid_load_balancer_id(self):
- """Test create listener with an invalid load_balancer_id"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id="234*",
- protocol_port=self.port,
- protocol=self.protocol)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('fb430d68-e68d-4bd0-b43d-f1175ad5a819')
- def test_create_listener_invalid_protocol(self):
- """Test create listener with an invalid protocol"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port,
- protocol="UDP")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('8e472e7e-a5c2-4dba-ac5c-993f6e6bb229')
- def test_create_listener_invalid_protocol_port(self):
- """Test create listener with an invalid protocol_port"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port="9999999",
- protocol=self.protocol)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('57fc90f4-95e4-4f3c-8f53-32c7282b956e')
- def test_create_listener_invalid_admin_state_up(self):
- """Test update listener with an invalid admin_state_up"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- protocol_port=self.port,
- protocol=self.protocol,
- admin_state_up="abc123")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('556e1ab9-051c-4e9c-aaaa-f11d15de070b')
- def test_create_listener_invalid_tenant_id(self):
- """Test create listener with an invalid tenant id"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port,
- protocol=self.protocol,
- tenant_id="&^%123")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('59d32fd7-06f6-4466-bdd4-0be23b15970c')
- def test_create_listener_invalid_name(self):
- """Test create listener with an invalid name
-
- Kilo: @decorators.skip_because(bug="1637877")
- """
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port,
- protocol=self.protocol,
- name='a' * 256)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('95457f70-2c1a-4c14-aa80-db8e803d78a9')
- def test_create_listener_invalid_description(self):
- """Test create listener with an invalid description
-
- Kilo: @decorators.skip_because(bug="1637877")
- """
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port,
- protocol=self.protocol,
- description='a' * 256)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('177d337f-fe0c-406c-92f1-a25c0103bd0f')
- def test_create_listener_invalid_connection_limit(self):
- """Test create listener_ids
-
- with an invalid value for connection _limit field
- """
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port,
- protocol=self.protocol,
- connection_limit="&^%123")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('8af7b033-8ff7-4bdb-8949-76809745d8a9')
- def test_create_listener_empty_load_balancer_id(self):
- """Test create listener with an empty load_balancer_id"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id="",
- protocol_port=self.port,
- protocol=self.protocol)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('242af61b-ce50-46e2-926a-6801600dcee4')
- def test_create_listener_empty_protocol(self):
- """Test create listener with an empty protocol"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port,
- protocol="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('4866af4c-2b91-4bce-af58-af77f19d9119')
- def test_create_listener_empty_protocol_port(self):
- """Test create listener with an empty protocol_port"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port="",
- protocol=self.protocol)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('09636ad1-a9d5-4c03-92db-ae5d9847993d')
- def test_create_listener_empty_admin_state_up(self):
- """Test update listener with an empty admin_state_up"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- protocol_port=self.port,
- protocol=self.protocol,
- admin_state_up="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('46fc3784-d676-42f7-953b-a23c1d62323d')
- def test_create_listener_empty_tenant_id(self):
- """Test create listener with an empty tenant id
-
- Kilo: @decorators.skip_because(bug="1638701")
- """
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port,
- protocol=self.protocol,
- tenant_id="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('b4120626-a47e-4b4e-9b64-017e595c4daf')
- def test_create_listener_empty_name(self):
- """Test create listener with an empty name"""
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8081
- create_new_listener_kwargs['name'] = ""
- new_listener = self._create_listener(
- **create_new_listener_kwargs)
- new_listener_id = new_listener['id']
- self.addCleanup(self._delete_listener, new_listener_id)
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id, new_listener_id])
- listener = self._show_listener(new_listener_id)
- self.assertEqual(new_listener, listener)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('af067d00-d496-4f02-87d6-40624c34d492')
- def test_create_listener_empty_description(self):
- """Test create listener with an empty description"""
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8082
- create_new_listener_kwargs['description'] = ""
- new_listener = self._create_listener(
- **create_new_listener_kwargs)
- new_listener_id = new_listener['id']
- self.addCleanup(self._delete_listener, new_listener_id)
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id, new_listener_id])
- listener = self._show_listener(new_listener_id)
- self.assertEqual(new_listener, listener)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('dd271757-c447-4579-a417-f9d0871b145c')
- def test_create_listener_empty_connection_limit(self):
- """Test create listener with an empty connection _limit field"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- loadbalancer_id=self.load_balancer_id,
- protocol_port=self.port,
- protocol=self.protocol,
- connection_limit="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('a1602217-e1b4-4f85-8a5e-d474477333f3')
- def test_create_listener_incorrect_attribute(self):
- """Test create a listener withan extra, incorrect field"""
- self.assertRaises(exceptions.BadRequest,
- self._create_listener,
- incorrect_attribute="incorrect_attribute",
- **self.create_listener_kwargs)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('27c443ff-3aee-4ae6-8b9a-6abf3d5443bf')
- def test_update_listener(self):
- """Test update listener"""
- self._update_listener(self.listener_id,
- name='new_name')
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
- listener = self._show_listener(self.listener_id)
- self.assertEqual(listener.get('name'), 'new_name')
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('a709e4da-01ef-4dda-a336-f5e37268b5ea')
- def test_update_listener_invalid_tenant_id(self):
- """Test update listener with an invalid tenant id"""
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- tenant_id="&^%123")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('d88dd3d5-a52f-4306-ba53-e8f6f4e1b399')
- def test_update_listener_invalid_admin_state_up(self):
- """Test update a listener with an invalid admin_state_up"""
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- admin_state_up="$23")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('7c0efb63-90d9-43d0-b959-eb841ef39832')
- def test_update_listener_invalid_name(self):
- """Test update a listener with an invalid name
-
- Kilo: @decorators.skip_because(bug="1637877")
- """
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- name='a' * 256)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('ba9bfad8-dbb0-4cbc-b2e3-52bf72bc1fc5')
- def test_update_listener_invalid_description(self):
- """Test update a listener with an invalid description
-
- Kilo: @decorators.skip_because(bug="1637877")
- """
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- description='a' * 256)
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('dcafa50b-cece-4904-bcc9-a0dd1ac99a7e')
- def test_update_listener_invalid_connection_limit(self):
- """Test update a listener with an invalid connection_limit"""
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- connection_limit="$23")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('27e009c5-3c79-414d-863d-24b731f03123')
- def test_update_listener_incorrect_attribute(self):
- """Test update a listener with an extra, incorrect field"""
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- name="listener_name123",
- description="listener_description123",
- admin_state_up=True,
- connection_limit=10,
- vip_subnet_id="123321123")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('e8bdd948-7bea-494b-8a4a-e730b70f2882')
- def test_update_listener_missing_name(self):
- """Test update listener with a missing name"""
- old_listener = self._show_listener(self.listener_id)
- old_name = old_listener['name']
- self._update_listener(self.listener_id,
- description='updated')
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
- listener = self._show_listener(self.listener_id)
- self.assertEqual(listener.get('name'), old_name)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('7e0194b8-9315-452d-9de5-d48f227b626f')
- def test_update_listener_missing_description(self):
- """Test update listener with a missing description"""
- old_listener = self._show_listener(self.listener_id)
- old_description = old_listener['description']
- self._update_listener(self.listener_id,
- name='updated_name')
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
- listener = self._show_listener(self.listener_id)
- self.assertEqual(listener.get('description'), old_description)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('285dd3f2-fcb8-4ccb-b9ce-d6207b29a2f8')
- def test_update_listener_missing_admin_state_up(self):
- """Test update listener with a missing admin_state_up"""
- old_listener = self._show_listener(self.listener_id)
- old_admin_state_up = old_listener['admin_state_up']
- self._update_listener(self.listener_id,
- name='updated_name')
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
- listener = self._show_listener(self.listener_id)
- self.assertEqual(listener.get('admin_state_up'), old_admin_state_up)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('5c510338-0f8a-4d1e-805b-f8458f2e80ee')
- def test_update_listener_missing_connection_limit(self):
- """Test update listener with a missing connection_limit"""
- old_listener = self._show_listener(self.listener_id)
- old_connection_limit = old_listener['connection_limit']
- self._update_listener(self.listener_id,
- name='updated_name')
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
- listener = self._show_listener(self.listener_id)
- self.assertEqual(listener.get('connection_limit'),
- old_connection_limit)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('677205d9-9d97-4232-a8e3-d17ebf42ff05')
- def test_update_listener_empty_tenant_id(self):
- """Test update listener with an empty tenant id"""
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- tenant_id="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('6e9f8fdb-48b0-4c4e-9b29-460576b125ff')
- def test_update_listener_empty_admin_state_up(self):
- """Test update a listener with an empty admin_state_up"""
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- admin_state_up="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('cf619b8d-1916-4144-85c7-e5a34e0d7a2b')
- def test_update_listener_empty_name(self):
- """Test update a listener with an empty name"""
- self._update_listener(self.listener_id,
- name="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
- listener = self._show_listener(self.listener_id)
- self.assertEqual(listener.get('name'), "")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('a9b6f721-c3c1-4d22-a3e5-7e89b58fa3a7')
- def test_update_listener_empty_description(self):
- """Test update a listener with an empty description"""
- self._update_listener(self.listener_id,
- description="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
- listener = self._show_listener(self.listener_id)
- self.assertEqual(listener.get('description'), "")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('7ddcf46b-068b-449c-9dde-ea4021dd76bf')
- def test_update_listener_empty_connection_limit(self):
- """Test update a listener with an empty connection_limit"""
- self.assertRaises(exceptions.BadRequest,
- self._update_listener,
- listener_id=self.listener_id,
- connection_limit="")
- self._check_status_tree(load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('c891c857-fa89-4775-92d8-5320321b86cd')
- def test_delete_listener(self):
- """Test delete listener"""
- create_new_listener_kwargs = self.create_listener_kwargs
- create_new_listener_kwargs['protocol_port'] = 8083
- new_listener = self._create_listener(**create_new_listener_kwargs)
- new_listener_id = new_listener['id']
- self._check_status_tree(
- load_balancer_id=self.load_balancer_id,
- listener_ids=[self.listener_id, new_listener_id])
- listener = self._show_listener(new_listener_id)
- self.assertEqual(new_listener, listener)
- self.assertNotEqual(self.listener, new_listener)
- self._delete_listener(new_listener_id)
- self.assertRaises(exceptions.NotFound,
- self._show_listener,
- new_listener_id)
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_load_balancers_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_load_balancers_admin.py
deleted file mode 100644
index 375ce92986..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_load_balancers_admin.py
+++ /dev/null
@@ -1,115 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-import testtools
-
-from tempest import config
-from tempest.lib import decorators
-from tempest.lib import exceptions as ex
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class LoadBalancersTest(base.BaseAdminTestCase):
-
- """Tests the following operations in the Neutron-LBaaS API
-
- using the REST client for Load Balancers with default credentials:
-
- list load balancers
- create load balancer
- get load balancer
- update load balancer
- delete load balancer
- """
-
- @classmethod
- def resource_setup(cls):
- super(LoadBalancersTest, cls).resource_setup()
- cls.create_lb_kwargs = {'tenant_id': cls.subnet['tenant_id'],
- 'vip_subnet_id': cls.subnet['id']}
- cls.load_balancer = \
- cls._create_active_load_balancer(**cls.create_lb_kwargs)
- cls.load_balancer_id = cls.load_balancer['id']
-
- @decorators.attr(type='smoke')
- @testtools.skipIf('1641902' in CONF.nsxv.bugs_to_resolve,
- "skip_because bug=1641902")
- @decorators.idempotent_id('0008ae1e-77a2-45d9-b81e-0e3119b5a26d')
- def test_create_load_balancer_missing_tenant_id_field_for_admin(self):
- """Test create load balancer with a missing tenant id field.
-
- Verify tenant_id matches when creating loadbalancer vs.
- load balancer(admin tenant)
- Kilo: @decorators.skip_because(bug="1641902")
- """
- load_balancer = self._create_load_balancer(
- vip_subnet_id=self.subnet['id'])
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- admin_lb = self._show_load_balancer(
- load_balancer.get('id'))
- self.assertEqual(load_balancer.get('tenant_id'),
- admin_lb.get('tenant_id'))
- self._wait_for_load_balancer_status(load_balancer['id'])
-
- @decorators.attr(type='smoke')
- @testtools.skipIf('1715126' in CONF.nsxv.bugs_to_resolve,
- "skip_because bug=1715126")
- @decorators.idempotent_id('37620941-47c1-40b2-84d8-db17ff823ebc')
- def test_create_load_balancer_missing_tenant_id_for_other_tenant(self):
- """Test create load balancer with a missing tenant id field.
-
- Verify tenant_id does not match of subnet(non-admin tenant) vs.
- load balancer(admin tenant)
- Kilo: @decorators.skip_because(bug="1638571")
- """
- load_balancer = self._create_load_balancer(
- vip_subnet_id=self.subnet['id'])
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- self.assertNotEqual(load_balancer.get('tenant_id'),
- self.subnet['tenant_id'])
- self._wait_for_load_balancer_status(load_balancer['id'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('5bf483f5-ae28-47f5-8805-642da0ffcb40')
- # Empty tenant_id causing ServerFault
- def test_create_load_balancer_empty_tenant_id_field(self):
- """Test create load balancer with empty tenant_id field should fail
-
- Kilo: @decorators.skip_because(bug="1638148")
- """
- self.assertRaises(ex.BadRequest,
- self._create_load_balancer,
- vip_subnet_id=self.subnet['id'],
- wait=False,
- tenant_id="")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('19fc8a44-1280-49f3-be5b-0d30e6e43363')
- # NSX-v: 2nd tenant_id at the same subnet not supported; got serverFault
- def test_create_load_balancer_for_another_tenant(self):
- """Test create load balancer for other tenant
-
- Kilo: @decorators.skip_because(bug="1638571")
- """
- tenant = 'deffb4d7c0584e89a8ec99551565713c'
- load_balancer = self._create_load_balancer(
- vip_subnet_id=self.subnet['id'],
- tenant_id=tenant)
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- self.assertEqual(load_balancer.get('tenant_id'), tenant)
- self._wait_for_load_balancer_status(load_balancer['id'])
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_load_balancers_non_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_load_balancers_non_admin.py
deleted file mode 100644
index 93cdb3f621..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_load_balancers_non_admin.py
+++ /dev/null
@@ -1,497 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import netaddr
-
-from oslo_log import log as logging
-import testtools
-
-from tempest import config
-from tempest.lib import decorators
-from tempest.lib import exceptions
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class LoadBalancersTest(base.BaseTestCase):
-
- """Tests the following operations in the Neutron-LBaaS API
-
- using the REST client for Load Balancers with default credentials:
-
- list load balancers
- create load balancer
- get load balancer
- update load balancer
- delete load balancer
- """
-
- @classmethod
- def resource_setup(cls):
- super(LoadBalancersTest, cls).resource_setup()
- cls.create_lb_kwargs = {'tenant_id': cls.subnet['tenant_id'],
- 'vip_subnet_id': cls.subnet['id']}
- cls.load_balancer = \
- cls._create_active_load_balancer(**cls.create_lb_kwargs)
- cls.load_balancer_id = cls.load_balancer['id']
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('b7ea6c09-e077-4a67-859b-b2cd01e3b46b')
- def test_list_load_balancers(self):
- """Test list load balancers with one load balancer"""
- load_balancers = self._list_load_balancers()
- self.assertEqual(len(load_balancers), 1)
- self.assertIn(self.load_balancer, load_balancers)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('8c2302df-ca94-4950-9826-eb996630a392')
- def test_list_load_balancers_two(self):
- """Test list load balancers with two load balancers"""
- new_load_balancer = self._create_active_load_balancer(
- **self.create_lb_kwargs)
- new_load_balancer_id = new_load_balancer['id']
- self.addCleanup(self._delete_load_balancer, new_load_balancer_id)
- load_balancers = self._list_load_balancers()
- self.assertEqual(len(load_balancers), 2)
- self.assertIn(self.load_balancer, load_balancers)
- self.assertIn(new_load_balancer, load_balancers)
- self.assertNotEqual(self.load_balancer, new_load_balancer)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('56345a78-1d53-4c05-9d7b-3e5cf34c22aa')
- def test_get_load_balancer(self):
- """Test get load balancer"""
- load_balancer = self._show_load_balancer(
- self.load_balancer_id)
- self.assertEqual(self.load_balancer, load_balancer)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('5bf80330-d908-4025-9467-bca1727525c8')
- def test_create_load_balancer(self):
- """Test create load balancer"""
- new_load_balancer = self._create_active_load_balancer(
- **self.create_lb_kwargs)
- new_load_balancer_id = new_load_balancer['id']
- self.addCleanup(self._delete_load_balancer, new_load_balancer_id)
- load_balancer = self._show_load_balancer(
- new_load_balancer_id)
- self.assertEqual(new_load_balancer, load_balancer)
- self.assertNotEqual(self.load_balancer, new_load_balancer)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('66bf5390-154f-4627-af61-2c1c30325d6f')
- def test_create_load_balancer_missing_vip_subnet_id_field(self):
- """Test create load balancer
-
- with a missing required vip_subnet_id field
- """
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- tenant_id=self.subnet['tenant_id'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('8e78a7e6-2da3-4f79-9f66-fd1447277883')
- def test_create_load_balancer_empty_provider_field(self):
- """Test create load balancer with an empty provider field"""
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- provider="")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('def37122-3f9a-47f5-b7b5-b5c0d5e7e5ca')
- def test_create_load_balancer_empty_description_field(self):
- """Test create load balancer with an empty description field"""
- load_balancer = self._create_active_load_balancer(
- vip_subnet_id=self.subnet['id'], description="")
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- self.assertEqual(load_balancer.get('description'), "")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('69944c74-3ea1-4c06-8d28-82120721a13e')
- def test_create_load_balancer_empty_vip_address_field(self):
- """Test create load balancer with empty vip_address field"""
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- vip_subnet_id=self.subnet['id'],
- vip_address="")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('63bbe788-f3a6-444f-89b3-8c740425fc39')
- def test_create_load_balancer_missing_admin_state_up(self):
- """Test create load balancer with a missing admin_state_up field"""
- load_balancer = self._create_active_load_balancer(
- vip_subnet_id=self.subnet['id'])
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- self.assertEqual(load_balancer.get('admin_state_up'), True)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('499f164a-e926-47a6-808a-14f3c29d04c9')
- def test_create_load_balancer_empty_admin_state_up_field(self):
- """Test create load balancer with empty admin_state_up field"""
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- vip_subnet_id=self.subnet['id'],
- admin_state_up="")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('e4511356-0e78-457c-a310-8515b2dedad4')
- def test_create_load_balancer_missing_name(self):
- """Test create load balancer with a missing name field"""
- load_balancer = self._create_load_balancer(
- vip_subnet_id=self.subnet['id'])
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- self.assertEqual(load_balancer.get('name'), '')
- self._wait_for_load_balancer_status(load_balancer['id'])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('6bd4a92c-7498-4b92-aeae-bce0b74608e3')
- def test_create_load_balancer_empty_name(self):
- """Test create load balancer with an empty name field"""
- load_balancer = self._create_load_balancer(
- vip_subnet_id=self.subnet['id'], name="")
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- self.assertEqual(load_balancer.get('name'), "")
- self._wait_for_load_balancer_status(load_balancer['id'])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('e605b1ea-5179-4035-8100-c24d0164a5a5')
- def test_create_load_balancer_missing_description(self):
- """Test create load balancer with a missing description field"""
- load_balancer = self._create_load_balancer(
- vip_subnet_id=self.subnet['id'])
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- self.assertEqual(load_balancer.get('description'), '')
- self._wait_for_load_balancer_status(load_balancer['id'])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('9f718024-340b-405f-817f-311392353c32')
- def test_create_load_balancer_missing_vip_address(self):
- """Test create load balancer
-
- with a missing vip_address field,checks for
- ipversion and actual ip address
- """
- load_balancer = self._create_active_load_balancer(
- vip_subnet_id=self.subnet['id'])
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- load_balancer_ip_initial = load_balancer['vip_address']
- ip = netaddr.IPAddress(load_balancer_ip_initial)
- self.assertEqual(ip.version, 4)
- load_balancer = self._show_load_balancer(
- load_balancer['id'])
- load_balancer_final = load_balancer['vip_address']
- self.assertEqual(load_balancer_ip_initial, load_balancer_final)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('f599ccbd-73e8-4e27-96a5-d9e0e3419a9f')
- def test_create_load_balancer_missing_provider_field(self):
- """Test create load balancer with a missing provider field"""
- load_balancer = self._create_active_load_balancer(
- vip_subnet_id=self.subnet['id'])
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- load_balancer_initial = load_balancer['provider']
- load_balancer = self._show_load_balancer(
- load_balancer['id'])
- load_balancer_final = load_balancer['provider']
- self.assertEqual(load_balancer_initial, load_balancer_final)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('377166eb-f581-4383-bc2e-54fdeed73e42')
- def test_create_load_balancer_invalid_vip_subnet_id(self):
- """Test create load balancer with an invalid vip subnet id"""
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- vip_subnet_id="abc123")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('512bec06-5259-4e93-b482-7ec3346c794a')
- def test_create_load_balancer_empty_vip_subnet_id(self):
- """Test create load balancer with an empty vip subnet id"""
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- vip_subnet_id="")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('02bd6d0e-820e-46fb-89cb-1d335e7aaa02')
- def test_create_load_balancer_invalid_tenant_id(self):
- """Test create load balancer with an invalid tenant id"""
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- tenant_id="&^%123")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('b8c56e4a-9644-4119-8fc9-130841caf662')
- def test_create_load_balancer_invalid_name(self):
- """Test create load balancer with an invalid name
-
- Kilo: @decorators.skip_because(bug="1637877")
- """
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- tenant_id=self.subnet['tenant_id'],
- vip_subnet_id=self.subnet['id'],
- name='n' * 256)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('d638ae60-7de5-45da-a7d9-53eca4998980')
- def test_create_load_balancer_invalid_description(self):
- """Test create load balancer with an invalid description
-
- Kilo: @decorators.skip_because(bug="1637877")
- """
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- tenant_id=self.subnet['tenant_id'],
- vip_subnet_id=self.subnet['id'],
- description='d' * 256)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('56768aa6-b26e-48aa-8118-956c62930d79')
- def test_create_load_balancer_incorrect_attribute(self):
- """Test create a load balancer with an extra, incorrect field"""
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- tenant_id=self.subnet['tenant_id'],
- vip_subnet_id=self.subnet['id'],
- protocol_port=80)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('a130e70f-9d76-4bff-89de-3e564952b244')
- def test_create_load_balancer_missing_tenant_id_field(self):
- """Test create load balancer with a missing tenant id field"""
- load_balancer = self._create_load_balancer(
- vip_subnet_id=self.subnet['id'])
- self.addCleanup(self._delete_load_balancer, load_balancer['id'])
- self.assertEqual(load_balancer.get('tenant_id'),
- self.subnet['tenant_id'])
- self._wait_for_load_balancer_status(load_balancer['id'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('25261cca-0c38-4dc8-bb40-f7692035740f')
- def test_create_load_balancer_empty_tenant_id_field(self):
- """Test create load balancer with empty tenant_id field"""
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- vip_subnet_id=self.subnet['id'],
- wait=False,
- tenant_id="")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('10de328d-c754-484b-841f-313307f92935')
- def test_create_load_balancer_other_tenant_id_field(self):
- """Test create load balancer for other tenant"""
- tenant = 'deffb4d7c0584e89a8ec99551565713c'
- self.assertRaises(exceptions.BadRequest,
- self._create_load_balancer,
- wait=False,
- vip_subnet_id=self.subnet['id'],
- tenant_id=tenant)
-
- @decorators.attr(type='negative')
- @testtools.skipIf('1703396' in CONF.nsxv.bugs_to_resolve,
- "skip_because bug=1703396")
- @decorators.idempotent_id('9963cbf5-97d0-4ab9-96e5-6cbd65c98714')
- def test_create_load_balancer_invalid_flavor_field(self):
- """Test create load balancer with an invalid flavor field"""
- self.assertRaises(exceptions.NotFound,
- self._create_load_balancer,
- vip_subnet_id=self.subnet['id'],
- flavor_id="NO_SUCH_FLAVOR")
-
- @decorators.attr(type='negative')
- @testtools.skipIf('1703396' in CONF.nsxv.bugs_to_resolve,
- "skip_because bug=1703396")
- @decorators.idempotent_id('f7319e32-0fad-450e-8f53-7567f56e8223')
- def test_create_load_balancer_provider_flavor_conflict(self):
- """Test create load balancer with both a provider and a flavor"""
- self.assertRaises(exceptions.Conflict,
- self._create_load_balancer,
- vip_subnet_id=self.subnet['id'],
- flavor_id="NO_SUCH_FLAVOR",
- provider="NO_SUCH_PROVIDER")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('1d92d98f-550f-4f05-a246-cdf4525459a2')
- def test_update_load_balancer(self):
- """Test update load balancer"""
- self._update_load_balancer(self.load_balancer_id,
- name='new_name')
- load_balancer = self._show_load_balancer(
- self.load_balancer_id)
- self.assertEqual(load_balancer.get('name'), 'new_name')
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('474ca200-8dea-4d20-8468-abc0169a445b')
- def test_update_load_balancer_empty_name(self):
- """Test update load balancer with empty name"""
- self._update_load_balancer(self.load_balancer_id,
- name="")
- load_balancer = self._show_load_balancer(
- self.load_balancer_id)
- self.assertEqual(load_balancer.get('name'), "")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('551be885-215d-4941-8870-651cbc871162')
- def test_update_load_balancer_invalid_name(self):
- """Test update load balancer with invalid name
-
- Kilo: @decorators.skip_because(bug="1637877")
- """
- self.assertRaises(exceptions.BadRequest,
- self._update_load_balancer,
- load_balancer_id=self.load_balancer_id,
- wait=False,
- name='a' * 256)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('62eef0ba-3859-4c8f-9e6a-8d6918754597')
- def test_update_load_balancer_missing_name(self):
- """Test update load balancer with missing name"""
- loadbalancer = self._show_load_balancer(
- self.load_balancer_id)
- load_balancer_initial = loadbalancer['name']
- self._update_load_balancer(self.load_balancer_id)
- load_balancer = self._show_load_balancer(
- self.load_balancer_id)
- load_balancer_new = load_balancer['name']
- self.assertEqual(load_balancer_initial, load_balancer_new)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('ab3550c6-8b21-463c-bc5d-e79cbae3432f')
- def test_update_load_balancer_invalid_description(self):
- """Test update load balancer with invalid description
-
- Kilo: @decorators.skip_because(bug="1637877")
- """
- self.assertRaises(exceptions.BadRequest,
- self._update_load_balancer,
- load_balancer_id=self.load_balancer_id,
- wait=False,
- description='a' * 256)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('157ebdbf-4ad2-495d-b880-c1b1a8edc46d')
- def test_update_load_balancer_empty_description(self):
- """Test update load balancer with empty description"""
- self._update_load_balancer(self.load_balancer_id,
- description="")
- load_balancer = self._show_load_balancer(
- self.load_balancer_id)
- self.assertEqual(load_balancer.get('description'), "")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('d13fa2f5-e8df-4d53-86a8-68583941200c')
- def test_update_load_balancer_missing_description(self):
- """Test update load balancer with missing description"""
- loadbalancer = self._show_load_balancer(
- self.load_balancer_id)
- load_balancer_initial = loadbalancer['description']
- self._update_load_balancer(self.load_balancer_id)
- load_balancer = self._show_load_balancer(
- self.load_balancer_id)
- load_balancer_new = load_balancer['description']
- self.assertEqual(load_balancer_initial, load_balancer_new)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('96e46a1a-62e7-47f1-98c5-9983f89e622f')
- def test_update_load_balancer_invalid_admin_state_up_field(self):
- """Test update load balancer with an invalid admin_state_up"""
- self.assertRaises(exceptions.BadRequest,
- self._update_load_balancer,
- load_balancer_id=self.load_balancer_id,
- wait=False,
- admin_state_up="a&^%$jbc123")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('48f1e227-8b15-4389-a050-7ce76f4b4d46')
- def test_update_load_balancer_empty_admin_state_up_field(self):
- """Test update load balancer with an empty admin_state_up"""
- self.assertRaises(exceptions.BadRequest,
- self._update_load_balancer,
- load_balancer_id=self.load_balancer_id,
- wait=False,
- admin_state_up="")
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('a9182e53-ddaa-4f41-af54-585d983279ba')
- def test_update_load_balancer_missing_admin_state_up(self):
- """Test update load balancer with missing admin state field"""
- loadbalancer = self._show_load_balancer(
- self.load_balancer_id)
- load_balancer_initial = loadbalancer['admin_state_up']
- self._update_load_balancer(self.load_balancer_id)
- self.assertEqual(load_balancer_initial, True)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('bfbe9339-d083-4a88-b6d6-015522809c3a')
- def test_update_load_balancer_incorrect_attribute(self):
- """Test update a load balancer with an extra, invalid attribute"""
- self.assertRaises(exceptions.BadRequest,
- self._update_load_balancer,
- load_balancer_id=self.load_balancer_id,
- wait=False,
- name="lb_name",
- description="lb_name_description",
- admin_state_up=True,
- port=80)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('d2258984-6e9a-41d6-bffa-0543c8b1f2b0')
- def test_get_load_balancer_status_tree(self):
- """Test get load balancer status tree"""
- statuses = self._show_load_balancer_status_tree(
- self.load_balancer_id)
- load_balancer = statuses['loadbalancer']
- self.assertEqual("ONLINE", load_balancer['operating_status'])
- self.assertEqual("ACTIVE", load_balancer['provisioning_status'])
- self.assertEmpty(load_balancer['listeners'])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('a23677a9-b770-4894-8be9-cd66590c228b')
- def test_get_load_balancer_stats(self):
- """Test get load balancer stats"""
- stats = self._show_load_balancer_stats(
- self.load_balancer_id)
- self.assertEqual(0, stats['bytes_in'])
- self.assertEqual(0, stats['bytes_out'])
- self.assertEqual(0, stats['total_connections'])
- self.assertEqual(0, stats['active_connections'])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('f289f8df-a867-45cd-bee3-7ff08f5e96e0')
- def test_delete_load_balancer(self):
- """Test delete load balancer"""
- new_load_balancer = self._create_active_load_balancer(
- **self.create_lb_kwargs)
- new_load_balancer_id = new_load_balancer['id']
- load_balancer = self._show_load_balancer(
- new_load_balancer_id)
- self.assertEqual(new_load_balancer, load_balancer)
- self.assertNotEqual(self.load_balancer, new_load_balancer)
- self._delete_load_balancer(new_load_balancer_id)
- self.assertRaises(exceptions.NotFound,
- self._show_load_balancer,
- new_load_balancer_id)
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_members_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_members_admin.py
deleted file mode 100644
index cce7ad67d3..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_members_admin.py
+++ /dev/null
@@ -1,84 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib import decorators
-from tempest.lib import exceptions as ex
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class MemberTest(base.BaseAdminTestCase):
- """Test the member creation operation in admin scope in Neutron-LBaaS API
-
- using the REST client for members:
-
- """
-
- @classmethod
- def resource_setup(cls):
- super(MemberTest, cls).resource_setup()
- # core network setup is moved to base class
- cls.load_balancer = cls._create_active_load_balancer(
- tenant_id=cls.tenant_id,
- vip_subnet_id=cls.subnet.get('id'))
- cls.load_balancer_id = cls.load_balancer.get("id")
- cls._wait_for_load_balancer_status(cls.load_balancer_id)
- cls.listener = cls._create_listener(
- loadbalancer_id=cls.load_balancer.get('id'),
- protocol='HTTP', protocol_port=80)
- cls.listener_id = cls.listener.get('id')
- cls.pool = cls._create_pool(protocol='HTTP',
- tenant_id=cls.tenant_id,
- lb_algorithm='ROUND_ROBIN',
- listener_id=cls.listener_id)
- cls.pool_id = cls.pool.get('id')
-
- @classmethod
- def resource_cleanup(cls):
- super(MemberTest, cls).resource_cleanup()
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('03eeec24-78d8-4c2f-8d6c-4a78817f352e')
- def test_create_member_invalid_tenant_id(self):
- """Test create member with invalid tenant_id"""
- member_opts = {}
- member_opts['address'] = "127.0.0.1"
- # avoid port=80 to avoid duplicate port during failed testings
- member_opts['protocol_port'] = 84
- member_opts['subnet_id'] = self.subnet_id
- member_opts['tenant_id'] = "$232!$pw"
- member = self._create_member(self.pool_id, **member_opts)
- self.addCleanup(self._delete_member, self.pool_id, member['id'])
- self.assertEqual(member['subnet_id'], self.subnet_id)
- self.assertEqual(member['tenant_id'], "$232!$pw")
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('01c9ea0c-bdfe-4108-95d1-69ecdc0a1f26')
- def test_create_member_empty_tenant_id(self):
- """Test create member with an empty tenant_id should fail
-
- Kilo: @decorators.skip_because(bug="1638148")
- """
- member_opts = {}
- member_opts['address'] = "127.0.0.1"
- member_opts['protocol_port'] = 80
- member_opts['subnet_id'] = self.subnet_id
- member_opts['tenant_id'] = ""
- self.assertRaises(ex.BadRequest, self._create_member,
- self.pool_id, **member_opts)
diff --git a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_members_non_admin.py b/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_members_non_admin.py
deleted file mode 100644
index 1595c91380..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/lbaas/test_members_non_admin.py
+++ /dev/null
@@ -1,479 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib import decorators
-from tempest.lib import exceptions as ex
-
-from vmware_nsx_tempest.tests.nsxv.api.lbaas import base
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class MemberTest(base.BaseTestCase):
-
- """Test the following operations in Neutron-LBaaS API
-
- using the REST client for members:
-
- list members of a pool
- create a member of a Pool
- update a pool member
- delete a member
- """
-
- @classmethod
- def resource_setup(cls):
- super(MemberTest, cls).resource_setup()
- # core network setup is moved to base class
- cls.load_balancer = cls._create_active_load_balancer(
- tenant_id=cls.tenant_id,
- vip_subnet_id=cls.subnet.get('id'))
- cls.load_balancer_id = cls.load_balancer.get("id")
- cls.listener = cls._create_listener(
- loadbalancer_id=cls.load_balancer.get('id'),
- protocol='HTTP', protocol_port=80)
- cls.listener_id = cls.listener.get('id')
- cls.pool = cls._create_pool(protocol='HTTP',
- tenant_id=cls.tenant_id,
- lb_algorithm='ROUND_ROBIN',
- listener_id=cls.listener_id)
- cls.pool_id = cls.pool.get('id')
-
- @classmethod
- def resource_cleanup(cls):
- super(MemberTest, cls).resource_cleanup()
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('6dcdc53c-52cf-4b6e-aeec-d13df68ed001')
- def test_list_empty_members(self):
- """Test that pool members are empty."""
- members = self._list_members(self.pool_id)
- self.assertEmpty(members,
- msg='Initial pool was supposed to be empty')
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('346e49ce-0665-4995-a03a-b007052d3619')
- def test_list_3_members(self):
- """Test that we can list members. """
- member_ips_exp = set([u"127.0.0.0", u"127.0.0.1", u"127.0.0.2"])
- for ip in member_ips_exp:
- member_opts = self.build_member_opts()
- member_opts["address"] = ip
- member = self._create_member(self.pool_id, **member_opts)
- self.addCleanup(self._delete_member, self.pool_id, member['id'])
- members = self._list_members(self.pool_id)
- self.assertEqual(3, len(members))
- for member in members:
- self.assertEqual(member["tenant_id"], self.tenant_id)
- self.assertEqual(member["protocol_port"], 80)
- self.assertEqual(member["subnet_id"], self.subnet_id)
- found_member_ips = set([m["address"] for m in members])
- self.assertEqual(found_member_ips, member_ips_exp)
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('3121bbdc-81e4-40e3-bf66-3ceefd72a0f5')
- def test_add_member(self):
- """Test that we can add a single member."""
- expect_empty_members = self._list_members(self.pool_id)
- self.assertEmpty(expect_empty_members)
- member_opts = self.build_member_opts()
- member = self._create_member(self.pool_id, **member_opts)
- member_id = member.get("id")
- self.addCleanup(self._delete_member, self.pool_id, member_id)
- self.assertEqual(member_opts["address"], member["address"])
- self.assertEqual(self.tenant_id, member["tenant_id"])
- self.assertEqual(80, member["protocol_port"])
- self.assertEqual(self.subnet_id, member["subnet_id"])
- # Should have default values for admin_state_up and weight
- self.assertEqual(True, member["admin_state_up"])
- self.assertEqual(1, member["weight"])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('fc513a45-4c24-42ea-8807-a9b86a81ee56')
- def test_get_member(self):
- """Test that we can fetch a member by id."""
- member_opts = self.build_member_opts()
- member_id = self._create_member(self.pool_id,
- **member_opts)["id"]
- self.addCleanup(self._delete_member, self.pool_id, member_id)
- member = self._show_member(self.pool_id, member_id)
- self.assertEqual(member_id, member["id"])
- self.assertEqual(member_opts["address"], member["address"])
- self.assertEqual(member_opts["tenant_id"], member["tenant_id"])
- self.assertEqual(member_opts["protocol_port"], member["protocol_port"])
- self.assertEqual(member_opts["subnet_id"], member["subnet_id"])
-
- @decorators.attr(type='smoke')
- @decorators.idempotent_id('2cead036-5a63-43a4-9d9d-03c9b744c101')
- def test_create_member_missing_required_field_tenant_id(self):
- """Test if a non_admin user can create a member_opts
-
- with tenant_id missing
- """
- member_opts = {}
- member_opts['address'] = "127.0.0.1"
- member_opts['protocol_port'] = 80
- member_opts['subnet_id'] = self.subnet_id
- member = self._create_member(self.pool_id, **member_opts)
- self.addCleanup(self._delete_member, self.pool_id, member['id'])
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('d7ed0870-a065-4fbd-8d95-0ea4d12063c2')
- def test_create_member_missing_required_field_address(self):
- """Test create a member with missing field address"""
- member_opts = {}
- member_opts['protocol_port'] = 80
- member_opts['subnet_id'] = self.subnet_id
- self.assertRaises(ex.BadRequest, self._create_member,
- self.pool_id, **member_opts)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('8d2b9a53-aac7-4fb9-b068-47647289aa21')
- def test_create_member_missing_required_field_protocol_port(self):
- """Test create a member with missing field protocol_port"""
- member_opts = {}
- member_opts['address'] = "127.0.0.1"
- member_opts['subnet_id'] = self.subnet_id
- self.assertRaises(ex.BadRequest, self._create_member,
- self.pool_id, **member_opts)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('9710cd4c-aac0-4b71-b295-82a88c67b0b8')
- def test_create_member_missing_required_field_subnet_id(self):
- """Test create a member with missing field subnet_id """
- member_opts = {}
- member_opts['protocol_port'] = 80
- member_opts['address'] = "127.0.0.1"
- self.assertRaises(ex.BadRequest, self._create_member,
- self.pool_id, **member_opts)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('a6814c49-758d-490a-9557-ef03f0d78c44')
- def test_raises_BadRequest_when_missing_attrs_during_member_create(self):
- """Test failure on missing attributes on member create."""
- member_opts = {}
- self.assertRaises(ex.BadRequest, self._create_member,
- self.pool_id, **member_opts)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('840bfa84-1d16-4149-a863-6f7afec1682f')
- def test_create_member_invalid_tenant_id(self):
- """Test create member with invalid tenant_id"""
- member_opts = {}
- member_opts['address'] = "127.0.0.1"
- member_opts['protocol_port'] = 80
- member_opts['subnet_id'] = self.subnet_id
- member_opts['tenant_id'] = "$232!$pw"
- self.assertRaises(ex.BadRequest, self._create_member,
- self.pool_id, **member_opts)
-
- @decorators.attr(type='negative')
- @decorators.idempotent_id('a99dbd0a-5f8c-4c96-8900-1a7d297d913b')
- def test_create_member_invalid_address(self):
- """Test create member with invalid address"""
- member_opts = {}
- member_opts['address'] = "127$%= cidr.prefixlen:
- return netaddr.IPAddress(cidr) + 1
- else:
- for subnet in cidr.subnet(mask_bits):
- return netaddr.IPAddress(subnet) + 1
-
- @classmethod
- def _get_allocation_pools_from_gateway(cls, ip_version):
- """Return allocation range for subnet of given gateway."""
- gateway = cls._get_gateway_from_tempest_conf(ip_version)
- return [{'start': str(gateway + 2), 'end': str(gateway + 3)}]
-
- def subnet_dict(self, include_keys):
- """Return a subnet dict which has include_keys and their corresponding
- value from self._subnet_data
- """
- return dict((key, self._subnet_data[self._ip_version][key])
- for key in include_keys)
-
- def _create_network(self, _auto_clean_up=True, network_name=None,
- **kwargs):
- network_name = network_name or data_utils.rand_name('adm-netwk')
- post_body = {'name': network_name}
- post_body.update(kwargs)
- LOG.debug("create ADM network: %s", str(post_body))
- body = self.create_network(client=self.admin_networks_client,
- **post_body)
- network = body['network']
- if _auto_clean_up:
- self.addCleanup(self._try_delete_network, network['id'])
- return network
-
- # when you call _delete_network() you mean it is part of test,
- # so we will not pass exception
- def _delete_network(self, net_id):
- self._remove_network_from_book(net_id)
- return self.delete_network(net_id)
-
- def _remove_network_from_book(self, net_id):
- for idx, netwk_info in zip(range(0, len(self.admin_netwk_info)),
- self.admin_netwk_info):
- net_client, network = netwk_info
- if network['id'] == net_id:
- self.admin_netwk_info.pop(idx)
- return
-
- # call _try_delete_network() for teardown purpose, so pass exception
- def _try_delete_network(self, net_id):
- # delete network, if it exists
- self._remove_network_from_book(net_id)
- try:
- self.delete_network(net_id)
- # if network is not found, this means it was deleted in the test
- except exceptions.NotFound:
- pass
-
- # by default, subnet will be deleted when its network is deleted
- def _create_subnet(self, network, gateway='', cidr=None, mask_bits=None,
- ip_version=None, cidr_offset=0,
- _auto_clean_up=False, **kwargs):
- body = self.create_subnet(network,
- gateway=gateway,
- cidr=cidr,
- mask_bits=mask_bits,
- ip_version=ip_version,
- cidr_offset=cidr_offset,
- **kwargs)
- subnet = body['subnet']
- if _auto_clean_up:
- self.addCleanup(self._try_delete_subnet, subnet['id'])
- return subnet
-
- def _try_delete_subnet(self, net_id):
- # delete subnet, if it exists
- try:
- self.delete_subnet(net_id)
- # if network is not found, this means it was deleted in the test
- except exceptions.NotFound:
- pass
-
- def _compare_resource_attrs(self, actual, expected):
- exclude_keys = set(actual).symmetric_difference(expected)
- self.assertThat(actual, custom_matchers.MatchesDictExceptForKeys(
- expected, exclude_keys))
-
- def _create_verify_delete_subnet(self, cidr=None, mask_bits=None,
- **kwargs):
- network = self._create_network(_auto_clean_up=True)
- net_id = network['id']
- gateway = kwargs.pop('gateway', None)
- subnet = self._create_subnet(network, gateway, cidr, mask_bits,
- **kwargs)
- compare_args_full = dict(gateway_ip=gateway, cidr=cidr,
- mask_bits=mask_bits, **kwargs)
- compare_args = (dict((k, v)
- for k, v in six.iteritems(compare_args_full)
- if v is not None))
-
- if 'dns_nameservers' in set(subnet).intersection(compare_args):
- self.assertEqual(sorted(compare_args['dns_nameservers']),
- sorted(subnet['dns_nameservers']))
- del subnet['dns_nameservers'], compare_args['dns_nameservers']
-
- self._compare_resource_attrs(subnet, compare_args)
- self._delete_network(net_id)
-
- @decorators.idempotent_id('2ecbc3ab-93dd-44bf-a827-95beeb008e9a')
- def test_create_update_delete_network_subnet(self):
- # Create a network
- network = self._create_network(_auto_clean_up=True)
- net_id = network['id']
- self.assertEqual('ACTIVE', network['status'])
- # Verify network update
- new_name = data_utils.rand_name('new-adm-netwk')
- body = self.update_network(net_id, name=new_name)
- updated_net = body['network']
- self.assertEqual(updated_net['name'], new_name)
- # Find a cidr that is not in use yet and create a subnet with it
- subnet = self._create_subnet(network)
- subnet_id = subnet['id']
- # Verify subnet update
- new_name = data_utils.rand_name('new-subnet')
- body = self.update_subnet(subnet_id, name=new_name)
- updated_subnet = body['subnet']
- self.assertEqual(updated_subnet['name'], new_name)
- self._delete_network(net_id)
-
- @decorators.idempotent_id('a2cf6398-aece-4256-88a6-0dfe8aa44975')
- def test_show_network(self):
- # Verify the details of a network
- body = self.show_network(self.network['id'])
- network = body['network']
- for key in ['id', 'name']:
- self.assertEqual(network[key], self.network[key])
-
- @decorators.idempotent_id('5b42067d-4b9d-4f04-bb6a-adb9756ebe0c')
- def test_show_network_fields(self):
- # Verify specific fields of a network
- fields = ['id', 'name']
- body = self.show_network(self.network['id'], fields=fields)
- network = body['network']
- self.assertEqual(sorted(network.keys()), sorted(fields))
- for field_name in fields:
- self.assertEqual(network[field_name], self.network[field_name])
-
- @decorators.idempotent_id('324be3c2-457d-4e21-b0b3-5106bbbf1a28')
- def test_list_networks(self):
- # Verify the network exists in the list of all networks
- body = self.list_networks()
- networks = [network['id'] for network in body['networks']
- if network['id'] == self.network['id']]
- self.assertNotEmpty(networks, "Created network not found in the list")
-
- @decorators.idempotent_id('3a934a8d-6b52-427e-af49-3dfdd224fdeb')
- def test_list_networks_fields(self):
- # Verify specific fields of the networks
- fields = ['id', 'name']
- body = self.list_networks(fields=fields)
- networks = body['networks']
- self.assertNotEmpty(networks, "Network list returned is empty")
- for network in networks:
- self.assertEqual(sorted(network.keys()), sorted(fields))
-
- @decorators.idempotent_id('5f6616c4-bfa7-4308-8eab-f45d75c94c6d')
- def test_show_subnet(self):
- # Verify the details of a subnet
- body = self.show_subnet(self.subnet['id'])
- subnet = body['subnet']
- self.assertNotEmpty(subnet, "Subnet returned has no fields")
- for key in ['id', 'cidr']:
- self.assertIn(key, subnet)
- self.assertEqual(subnet[key], self.subnet[key])
-
- @decorators.idempotent_id('2f326955-551e-4e9e-a4f6-e5db77c34c8d')
- def test_show_subnet_fields(self):
- # Verify specific fields of a subnet
- fields = ['id', 'network_id']
- body = self.show_subnet(self.subnet['id'], fields=fields)
- subnet = body['subnet']
- self.assertEqual(sorted(subnet.keys()), sorted(fields))
- for field_name in fields:
- self.assertEqual(subnet[field_name], self.subnet[field_name])
-
- @decorators.idempotent_id('66631557-2466-4827-bba6-d961b0242be3')
- def test_list_subnets(self):
- # Verify the subnet exists in the list of all subnets
- body = self.list_subnets()
- subnets = [subnet['id'] for subnet in body['subnets']
- if subnet['id'] == self.subnet['id']]
- self.assertNotEmpty(subnets, "Created subnet not found in the list")
-
- @decorators.idempotent_id('3d5ea69b-f122-43e7-b7f4-c78586629eb8')
- def test_list_subnets_fields(self):
- # Verify specific fields of subnets
- fields = ['id', 'network_id']
- body = self.list_subnets(fields=fields)
- subnets = body['subnets']
- self.assertNotEmpty(subnets, "Subnet list returned is empty")
- for subnet in subnets:
- self.assertEqual(sorted(subnet.keys()), sorted(fields))
-
- @decorators.idempotent_id('e966bb2f-402c-49b7-8147-b275cee584c4')
- def test_delete_network_with_subnet(self):
- # Creates a network
- network = self._create_network(_auto_clean_up=True)
- net_id = network['id']
-
- # Find a cidr that is not in use yet and create a subnet with it
- subnet = self._create_subnet(network)
- subnet_id = subnet['id']
-
- # Delete network while the subnet still exists
- self._delete_network(net_id)
-
- # Verify that the subnet got automatically deleted.
- self.assertRaises(exceptions.NotFound,
- self.show_subnet, subnet_id)
-
- @decorators.idempotent_id('8aba0e1b-4b70-4181-a8a4-792c08db699d')
- def test_create_delete_subnet_without_gateway(self):
- self._create_verify_delete_subnet()
-
- @decorators.idempotent_id('67364a4b-6725-4dbe-84cf-504bdb20ac06')
- def test_create_delete_subnet_with_gw(self):
- self._create_verify_delete_subnet(
- **self.subnet_dict(['gateway']))
-
- @decorators.idempotent_id('f8f43e65-5090-4902-b5d2-2b610505cca6')
- def test_create_delete_subnet_with_allocation_pools(self):
- self._create_verify_delete_subnet(
- **self.subnet_dict(['allocation_pools']))
-
- @decorators.idempotent_id('5b085669-97e6-48e0-b99e-315a9b4d8482')
- def test_create_delete_subnet_with_gw_and_allocation_pools(self):
- self._create_verify_delete_subnet(**self.subnet_dict(
- ['gateway', 'allocation_pools']))
-
- @decorators.skip_because(bug="1501827")
- @decorators.idempotent_id('3c4c36a1-684b-4e89-8e71-d528f19322a0')
- def test_create_delete_subnet_with_host_routes_and_dns_nameservers(self):
- self._create_verify_delete_subnet(
- **self.subnet_dict(['host_routes', 'dns_nameservers']))
-
- @decorators.idempotent_id('df518c87-b817-48b5-9365-bd1daaf68955')
- def test_create_delete_subnet_with_dns_nameservers(self):
- self._create_verify_delete_subnet(
- **self.subnet_dict(['dns_nameservers']))
-
- @decorators.idempotent_id('b6822feb-6760-4052-b550-f0fe8bac7451')
- def test_create_delete_subnet_with_dhcp_enabled(self):
- self._create_verify_delete_subnet(enable_dhcp=True)
-
- @decorators.skip_because(bug="1501827")
- @decorators.idempotent_id('3c4c36a1-684a-4e89-8e71-d528f19324a0')
- def test_update_subnet_gw_dns_host_routes_dhcp(self):
- network = self._create_network(_auto_clean_up=True)
- subnet_attrs = ['gateway', 'host_routes',
- 'dns_nameservers', 'allocation_pools']
- subnet_dict = self.subnet_dict(subnet_attrs)
- subnet = self._create_subnet(network, **subnet_dict)
- subnet_id = subnet['id']
- new_gateway = str(netaddr.IPAddress(
- self._subnet_data[self._ip_version]['gateway']) + 1)
- # Verify subnet update
- new_host_routes = self._subnet_data[self._ip_version][
- 'new_host_routes']
-
- new_dns_nameservers = self._subnet_data[self._ip_version][
- 'new_dns_nameservers']
- kwargs = {'host_routes': new_host_routes,
- 'dns_nameservers': new_dns_nameservers,
- 'gateway_ip': new_gateway, 'enable_dhcp': True}
-
- new_name = "New_subnet"
- body = self.update_subnet(subnet_id, name=new_name, **kwargs)
- updated_subnet = body['subnet']
- kwargs['name'] = new_name
- self.assertEqual(sorted(updated_subnet['dns_nameservers']),
- sorted(kwargs['dns_nameservers']))
- del subnet['dns_nameservers'], kwargs['dns_nameservers']
-
- self._compare_resource_attrs(updated_subnet, kwargs)
- self._delete_network(network['id'])
-
- @decorators.idempotent_id('a5caa7d9-ab71-4278-a57c-d6631b7474f8')
- def test_update_subnet_gw_dns_dhcp(self):
- network = self._create_network(_auto_clean_up=True)
- subnet_attrs = ['gateway',
- 'dns_nameservers', 'allocation_pools']
- subnet_dict = self.subnet_dict(subnet_attrs)
- subnet = self._create_subnet(network, **subnet_dict)
- subnet_id = subnet['id']
- new_gateway = str(netaddr.IPAddress(
- self._subnet_data[self._ip_version]['gateway']) + 1)
- # Verify subnet update
- new_dns_nameservers = self._subnet_data[self._ip_version][
- 'new_dns_nameservers']
- kwargs = {'dns_nameservers': new_dns_nameservers,
- 'gateway_ip': new_gateway, 'enable_dhcp': True}
-
- new_name = "New_subnet"
- body = self.update_subnet(subnet_id, name=new_name, **kwargs)
- updated_subnet = body['subnet']
- kwargs['name'] = new_name
- self.assertEqual(sorted(updated_subnet['dns_nameservers']),
- sorted(kwargs['dns_nameservers']))
- del subnet['dns_nameservers'], kwargs['dns_nameservers']
-
- self._compare_resource_attrs(updated_subnet, kwargs)
- self._delete_network(network['id'])
-
- @decorators.skip_because(bug="1501827")
- @decorators.idempotent_id('a5caa7d5-ab71-4278-a57c-d6631b7474f8')
- def test_create_delete_subnet_all_attributes(self):
- self._create_verify_delete_subnet(
- enable_dhcp=True,
- **self.subnet_dict(['gateway',
- 'host_routes',
- 'dns_nameservers']))
-
- @decorators.idempotent_id('a5caa7d9-ab71-4278-a57c-d6631b7474c8')
- def test_create_delete_subnet_with_gw_dns(self):
- self._create_verify_delete_subnet(
- enable_dhcp=True,
- **self.subnet_dict(['gateway',
- 'dns_nameservers']))
-
- @decorators.idempotent_id('3c4c36a1-684b-4e89-8e71-d518f19324a0')
- def test_add_upd_del_multiple_overlapping_networks_subnet(self):
- r0, R1 = 0, 3 # (todo) get from CONF
- return self._add_upd_del_multiple_networks_subnet(
- r0, R1, "ovla-netwk")
-
- @decorators.idempotent_id('5267bf9d-de82-4af9-914a-8320e9f4c38c')
- def test_add_upd_del_multiple_nonoverlapping_networks_subnet(self):
- r0, R1 = 1, 4 # (todo) get from CONF
- return self._add_upd_del_multiple_networks_subnet(
- r0, R1, "noov-netwk", _step_cidr=2)
-
- def _add_upd_del_multiple_networks_subnet(self, r0, R1,
- name_prefix="m-network",
- _step_cidr=0):
- m_name = data_utils.rand_name(name_prefix)
- netwk = []
- for x in range(r0, R1):
- network = self._create_network(_auto_clean_up=True)
- net_id = network['id']
- self.assertEqual('ACTIVE', network['status'])
- new_name = m_name + "-%02d" % x
- body = self.update_network(net_id, name=new_name)
- network = body['network']
- cidr_offset = (x * _step_cidr) if _step_cidr > 0 else 0
- subnet = self._create_subnet(network, cidr_offset=cidr_offset)
- subnet_id = subnet['id']
- netwk.append([x, net_id, subnet_id])
- for x, net_id, subnet_id in netwk:
- # make sure subnet is updatable after creation
- new_name = m_name + "-%02d-snet" % x
- body = self.update_subnet(subnet_id, name=new_name)
- updated_subnet = body['subnet']
- self.assertEqual(updated_subnet['name'], new_name)
- self._delete_network(net_id)
diff --git a/vmware_nsx_tempest/tests/nsxv/api/test_tenant_delete.py b/vmware_nsx_tempest/tests/nsxv/api/test_tenant_delete.py
deleted file mode 100644
index 2a99fbeb20..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/test_tenant_delete.py
+++ /dev/null
@@ -1,264 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import os
-import subprocess
-
-import base_provider as base
-from oslo_log import log as logging
-import six
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-
-
-class ProjectDeleteTest(base.BaseAdminNetworkTest):
- """Check Purge network resources using tenant-Id.
-
- Validate that network resources which are not in use should get
- deleted once neutron purge is called.
- """
- @classmethod
- def skip_checks(cls):
- super(ProjectDeleteTest, cls).skip_checks()
- if not (CONF.network.project_networks_reachable
- or CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
- if not (CONF.auth.admin_username and CONF.auth.admin_password and
- CONF.auth.admin_project_name):
- msg = ('admin_username admin_password and admin_project_name\
- should be provided in tempest.conf')
- raise cls.skipException(msg)
- process_obj = subprocess.Popen('neutron --version', shell=True,
- stdout=subprocess.PIPE,
- stderr=subprocess.STDOUT)
- neutron_version = process_obj.stdout.readlines()
- if neutron_version[0] < '4.1.2':
- msg = ("Please update neutron verion,"
- "run pip --upgrade pip and"
- "pip install python-neutronclient upgrade")
- raise cls.skipException(msg)
-
- @classmethod
- def setup_clients(cls):
- super(ProjectDeleteTest, cls).setup_clients()
-
- @classmethod
- def resource_setup(cls):
- super(ProjectDeleteTest, cls).resource_setup()
-
- @classmethod
- def create_tenant(self):
- self.admin_manager.tenants_client
-
- @classmethod
- def create_network_subnet(self, cidr=None, cidr_offset=0):
- network_name = data_utils.rand_name('project-network-')
- resp = self.create_network(network_name)
- network = resp.get('network', resp)
- net_id = network['id']
- resp = self.create_subnet(network,
- name=network_name,
- cidr=cidr,
- cidr_offset=cidr_offset)
- subnet = resp.get('subnet', resp)
- resp = self.show_network(net_id)
- s_network = resp.get('network', resp)
- return (net_id, s_network, subnet)
-
- def create_router_by_type(self, router_type, name=None, **kwargs):
- routers_client = self.admin_manager.routers_client
- router_name = name or data_utils.rand_name('mtz-')
- create_kwargs = dict(name=router_name, external_gateway_info={
- "network_id": CONF.network.public_network_id})
- if router_type in ('shared', 'exclusive'):
- create_kwargs['router_type'] = router_type
- elif router_type in ('distributed'):
- create_kwargs['distributed'] = True
- kwargs.update(create_kwargs)
- router = routers_client.create_router(**kwargs)
- router = router['router'] if 'router' in router else router
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- routers_client.delete_router, router['id'])
- self.assertEqual(router['name'], router_name)
- return (routers_client, router)
-
- def create_router_and_add_interfaces(self, router_type, nets):
- (routers_client, router) = self.create_router_by_type(router_type)
- for net_id, (network, subnet) in six.iteritems(nets):
- # register to cleanup before adding interfaces so interfaces
- # and router can be deleted if test is aborted.
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- routers_client.remove_router_interface,
- router['id'], subnet_id=subnet['id'])
- routers_client.add_router_interface(
- router['id'], subnet_id=subnet['id'])
- return router
-
- @decorators.idempotent_id('44e24f6b-9d9e-41a7-9d54-09d79b77dea5')
- def test_project_delete_purge_using_non_admin(self):
- nets = {}
- net_id, network, subnet = self.create_network_subnet(cidr_offset=0)
- nets[net_id] = (network, subnet)
- router_type = 'shared'
- self.create_router_and_add_interfaces(router_type, nets)
- uri = CONF.identity.uri
- os.environ['OS_AUTH_URL'] = uri
- os.environ['OS_REGION_NAME'] = 'nova'
- os.environ['OS_USERNAME'] = CONF.auth.admin_username
- os.environ['OS_TENANT_NAME'] = CONF.auth.admin_project_name
- os.environ['OS_PASSWORD'] = CONF.auth.admin_password
- name = data_utils.rand_name('tenant-delete-')
- tenant = self.admin_manager.tenants_client.create_tenant(name=name)
- username = name + 'user'
- kwargs = {'name': username, 'pass': 'password'}
- tenant_user = self.admin_manager.users_client.create_user(**kwargs)
- os.environ['OS_USERNAME'] = tenant_user['user']['username']
- os.environ['OS_TENANT_NAME'] = tenant['tenant']['name']
- os.environ['OS_PASSWORD'] = 'password'
- local_tenant_id = network['tenant_id']
- purge_output =\
- os.popen('neutron --insecure purge %s --tenant-id=%s' %
- (local_tenant_id,
- tenant['tenant']['id'])).read().strip()
- self.assertEqual(purge_output, '')
- os.environ['OS_USERNAME'] = CONF.auth.admin_username
- os.environ['OS_TENANT_NAME'] = CONF.auth.admin_project_name
- os.environ['OS_PASSWORD'] = CONF.auth.admin_password
- admin_tenant_id = os.popen(
- "openstack --insecure project list | grep admin | awk '{print $2}'")\
- .read()
- purge_output =\
- os.popen('neutron --insecure purge %s --tenant-id=%s' %
- (local_tenant_id, admin_tenant_id)).read().strip()
- self.assertIn('Purging resources: 100% complete', purge_output)
-
- @decorators.idempotent_id('77ec7045-f8f0-4aa1-8e1d-68c0647fda89')
- def test_project_delete_no_resource_for_deletion(self):
- name = data_utils.rand_name('tenant-delete-')
- network_client = self.admin_manager.networks_client
- create_kwargs = dict(name=name)
- network = network_client.create_network(**create_kwargs)
- network_client.delete_network(network['network']['id'])
- uri = CONF.identity.uri
- os.environ['OS_AUTH_URL'] = uri
- os.environ['OS_REGION_NAME'] = 'nova'
- os.environ['OS_USERNAME'] = CONF.auth.admin_username
- os.environ['OS_TENANT_NAME'] = CONF.auth.admin_project_name
- os.environ['OS_PASSWORD'] = CONF.auth.admin_password
- local_tenant_id = network['network']['tenant_id']
- admin_tenant_id = os.popen(
- "openstack --insecure project list | grep admin | awk '{print $2}'")\
- .read()
- purge_output =\
- os.popen('neutron --insecure purge %s --tenant-id=%s' %
- (local_tenant_id, admin_tenant_id)).read().strip()
- purge_output =\
- os.popen('neutron --insecure purge %s --tenant-id=%s' %
- (local_tenant_id, admin_tenant_id)).read().strip()
- LOG.debug("create VLAN network: %s", (purge_output))
- check_output = 'Tenant has no supported resources'
- self.assertIn(check_output, purge_output)
- LOG.debug("Testcase run completed")
-
- @decorators.idempotent_id('38bf4e22-c67a-42db-9e9d-a087369207d4')
- def test_project_delete_with_all_resorces_deleted(self):
- name = data_utils.rand_name('tenant-delete-')
- security_client = self.admin_manager.security_groups_client
- create_kwargs = dict(name=name)
- sec_group = security_client.create_security_group(**create_kwargs)
- network_name = name
- resp = self.create_network(network_name)
- network = resp.get('network', resp)
- routers_client = self.admin_manager.routers_client
- create_kwargs = dict(name=name)
- router = routers_client.create_router(**create_kwargs)
- floatingip_client = self.admin_manager.floating_ips_client
- create_kwargs = {'floating_network_id': CONF.network.public_network_id}
- floatingip = floatingip_client.create_floatingip(**create_kwargs)
- uri = CONF.identity.uri
- os.environ['OS_AUTH_URL'] = uri
- os.environ['OS_REGION_NAME'] = 'nova'
- os.environ['OS_USERNAME'] = CONF.auth.admin_username
- os.environ['OS_TENANT_NAME'] = CONF.auth.admin_project_name
- os.environ['OS_PASSWORD'] = CONF.auth.admin_password
- self.admin_networks_client
- local_tenant_id = network['tenant_id']
- admin_tenant_id = os.popen(
- "openstack --insecure project list | grep admin | awk '{print $2}'")\
- .read()
- purge_output =\
- os.popen('neutron --insecure purge %s --tenant-id=%s' %
- (local_tenant_id, admin_tenant_id)).read().strip()
- LOG.debug("create VLAN network: %s", (purge_output))
- check_output = ("Deleted 2 security_groups, 1 router, 1 network, "
- "1 floatingip")
- self.assertIn(check_output, purge_output)
- list_of_sec_groups = security_client.list_security_groups()
- self.assertNotIn(sec_group['security_group']['id'], list_of_sec_groups)
- list_of_networks = self.admin_manager.networks_client.list_networks()
- self.assertNotIn(network['id'], list_of_networks)
- list_of_routers = routers_client.list_routers()
- self.assertNotIn(router['router']['id'], list_of_routers)
- list_of_floatingips = floatingip_client.list_floatingips()
- self.assertNotIn(floatingip['floatingip']['id'], list_of_floatingips)
- LOG.debug("Testcase run completed")
-
- @decorators.idempotent_id('d617d637-5b2d-4ac8-93ce-80060d495bb2')
- def test_project_delete_with_some_resources_left(self):
- network_name = data_utils.rand_name('tenant-delete-')
- resp = self.create_network(network_name)
- network = resp.get('network', resp)
- net_id = network['id']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_network, net_id)
- resp = self.create_subnet(network,
- name=network_name,
- cidr=None,
- cidr_offset=0)
- subnet = resp.get('subnet', resp)
- resp = self.show_network(net_id)
- s_network = resp.get('network', resp)
- net_subnets = s_network['subnets']
- self.assertIn(subnet['id'], net_subnets)
- uri = CONF.identity.uri
- os.environ['OS_AUTH_URL'] = uri
- os.environ['OS_REGION_NAME'] = 'nova'
- os.environ['OS_USERNAME'] = CONF.auth.admin_username
- os.environ['OS_TENANT_NAME'] = CONF.auth.admin_project_name
- os.environ['OS_PASSWORD'] = CONF.auth.admin_password
- self.admin_networks_client
- local_tenant_id = network['tenant_id']
- cmd = ("openstack --insecure project list |"
- " grep admin | awk '{print $2}'")
- admin_tenant_id = os.popen(cmd).read()
- purge_output =\
- os.popen('neutron --insecure purge %s --tenant-id=%s' %
- (local_tenant_id, admin_tenant_id)).read().strip()
- check_output = 'Deleted 1 security_group, 1 network'
- self.assertIn(check_output, purge_output)
- check_output = 'The following resources could not be deleted: 1 port'
- self.assertIn(check_output, purge_output)
- list_of_subnets = self.admin_manager.subnets_client.list_subnets()
- self.assertNotIn(subnet['id'], list_of_subnets)
- list_of_networks = self.admin_manager.networks_client.list_networks()
- self.assertNotIn(network['id'], list_of_networks)
- LOG.debug("create VLAN network: %s", (purge_output))
diff --git a/vmware_nsx_tempest/tests/nsxv/api/test_v1_fwaas.py b/vmware_nsx_tempest/tests/nsxv/api/test_v1_fwaas.py
deleted file mode 100644
index c9dc5614ba..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/test_v1_fwaas.py
+++ /dev/null
@@ -1,921 +0,0 @@
-# Copyright 2014 NEC Corporation. All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import re
-import time
-
-from neutron_lib import constants as nl_constants
-import six
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions as lib_exc
-from tempest import test
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import fwaas_client as FWAASC
-from vmware_nsx_tempest.services import nsxv_client
-
-CONF = config.CONF
-
-
-class FWaaSTestJSON(base.BaseNetworkTest):
-
- """
- Tests the following operations in the Neutron API using the REST client for
- Neutron:
-
- CRUD firewall rules
- CRUD firewall policies
- CRUD firewall rules
- Insert firewall rule to policy
- Remove firewall rule from policy
- Insert firewall rule after/before rule in policy
- Update firewall policy audited attribute
- Create exclusive router and attach to Firewall and check backend
- Create distributed router and attach to Firewall and check backend
- Create exclusive/distributed router and attach to Firewall and
- check backend
- """
- @classmethod
- def resource_setup(cls):
- super(FWaaSTestJSON, cls).resource_setup()
- cls.fwaasv1_client = FWAASC.get_client(cls.manager)
- if not test.is_extension_enabled('fwaas', 'network'):
- msg = "FWaaS Extension not enabled."
- raise cls.skipException(msg)
- manager_ip = re.search(r"(\d{1,3}\.){3}\d{1,3}",
- CONF.nsxv.manager_uri).group(0)
- cls.vsm = nsxv_client.VSMClient(
- manager_ip, CONF.nsxv.user, CONF.nsxv.password)
-
- cls.fw_rule = cls.fwaasv1_client.create_firewall_rule(action="allow",
- protocol="tcp")
- cls.fw_policy = cls.fwaasv1_client.create_firewall_policy()
-
- def create_firewall_rule(self, **kwargs):
- body = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- **kwargs)
- fw_rule = body['firewall_rule']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.fwaasv1_client.delete_firewall_rule,
- fw_rule['id'])
- return fw_rule
-
- def create_firewall_policy(self, **kwargs):
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name("fw-policy"),
- **kwargs)
- fw_policy = body['firewall_policy']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.fwaasv1_client.delete_firewall_policy,
- fw_policy['id'])
- return fw_policy
-
- def delete_firewall_and_wait(self, firewall_id):
- self.fwaasv1_client.delete_firewall(firewall_id)
- self._wait_firewall_while(firewall_id, [nl_constants.PENDING_DELETE],
- not_found_ok=True)
-
- def create_firewall(self, **kwargs):
- body = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("fw"),
- **kwargs)
- fw = body['firewall']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_firewall_and_wait,
- fw['id'])
- return fw
-
- def _wait_firewall_while(self, firewall_id, statuses, not_found_ok=False):
- start = int(time.time())
- if not_found_ok:
- expected_exceptions = (lib_exc.NotFound)
- else:
- expected_exceptions = ()
- while True:
- try:
- fw = self.fwaasv1_client.show_firewall(firewall_id)
- except expected_exceptions:
- break
- status = fw['firewall']['status']
- if status not in statuses:
- break
- if int(time.time()) - start >= self.fwaasv1_client.build_timeout:
- msg = ("Firewall %(firewall)s failed to reach "
- "non PENDING status (current %(status)s)") % {
- "firewall": firewall_id,
- "status": status,
- }
- raise lib_exc.TimeoutException(msg)
- time.sleep(constants.NSX_BACKEND_VERY_SMALL_TIME_INTERVAL)
-
- def _wait_firewall_ready(self, firewall_id):
- self._wait_firewall_while(firewall_id,
- [nl_constants.PENDING_CREATE,
- nl_constants.PENDING_UPDATE])
-
- def _try_delete_router(self, router):
- # delete router, if it exists
- try:
- self.delete_router(router)
- # if router is not found, this means it was deleted in the test
- except lib_exc.NotFound:
- pass
-
- def _try_delete_policy(self, policy_id):
- # delete policy, if it exists
- try:
- self.fwaasv1_client.delete_firewall_policy(policy_id)
- # if policy is not found, this means it was deleted in the test
- except lib_exc.NotFound:
- pass
-
- def _try_delete_rule(self, rule_id):
- # delete rule, if it exists
- try:
- self.fwaasv1_client.delete_firewall_rule(rule_id)
- # if rule is not found, this means it was deleted in the test
- except lib_exc.NotFound:
- pass
-
- def _try_delete_firewall(self, fw_id):
- # delete firewall, if it exists
- try:
- self.fwaasv1_client.delete_firewall(fw_id)
- # if firewall is not found, this means it was deleted in the test
- except lib_exc.NotFound:
- pass
- self.fwaasv1_client.wait_for_resource_deletion(fw_id)
-
- def _wait_until_ready(self, fw_id):
- target_states = ('ACTIVE', 'CREATED')
-
- def _wait():
- firewall = self.fwaasv1_client.show_firewall(fw_id)
- firewall = firewall['firewall']
- return firewall['status'] in target_states
- if not test_utils.call_until_true(_wait, CONF.network.build_timeout,
- CONF.network.build_interval):
- m = ("Timed out waiting for firewall %s to reach %s state(s)" %
- (fw_id, target_states))
- raise lib_exc.TimeoutException(m)
-
- def _wait_until_deleted(self, fw_id):
- def _wait():
- try:
- firewall = self.fwaasv1_client.show_firewall(fw_id)
- except lib_exc.NotFound:
- return True
- fw_status = firewall['firewall']['status']
- if fw_status == 'ERROR':
- raise lib_exc.DeleteErrorException(resource_id=fw_id)
-
- if not test_utils.call_until_true(_wait, CONF.network.build_timeout,
- CONF.network.build_interval):
- m = ("Timed out waiting for firewall %s deleted" % fw_id)
- raise lib_exc.TimeoutException(m)
-
- def _check_firewall_rule_exists_at_backend(self, rules,
- firewall_rule_name):
- for rule in rules:
- if rule['name'] in firewall_rule_name:
- self.assertIn(rule['name'], firewall_rule_name)
- return True
- return False
-
- def _create_firewall_rule_name(self, body):
- firewall_rule_name = body['firewall_rule']['name']
- firewall_rule_name = "Fwaas-" + firewall_rule_name
- return firewall_rule_name
-
- def _create_firewall_advanced_topo(self, router_type):
- fw_rule_id_list = []
- router = self.create_router_by_type(router_type)
- self.addCleanup(self._try_delete_router, router)
- edges = self.vsm.get_all_edges()
- for key in edges:
- if router['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- rules_before = len(rules)
- for rule_id in range(0, constants.NO_OF_ENTRIES):
- if rule_id % 2 == 0:
- action = "allow"
- protocol = "tcp"
- else:
- action = "allow"
- protocol = "udp"
- firewall_rule = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action=action,
- protocol=protocol)
- fw_rule_id = firewall_rule['firewall_rule']['id']
- firewall_name = self._create_firewall_rule_name(firewall_rule)
- self.addCleanup(self._try_delete_rule, fw_rule_id)
- fw_rule_id_list.append(fw_rule_id)
- # Update firewall policy
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name("fw-policy"))
- fw_policy_id = body['firewall_policy']['id']
- self.addCleanup(self._try_delete_policy, fw_policy_id)
- # Insert rule to firewall policy
- for fw_rule_id in fw_rule_id_list:
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- fw_policy_id, fw_rule_id, '', '')
- firewall_1 = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=fw_policy_id,
- router_ids=[router['id']])
- created_firewall = firewall_1['firewall']
- self.addCleanup(self._try_delete_firewall, created_firewall['id'])
- # Wait for the firewall resource to become ready
- self._wait_until_ready(created_firewall['id'])
- firewall_topo = dict(router=router, firewall_name=firewall_name,
- fw_policy_id=fw_policy_id,
- firewall_id=created_firewall['id'],
- rules_before=rules_before)
- return firewall_topo
-
- def _create_firewall_basic_topo(self, router_type, policy=None):
- router = self.create_router_by_type(router_type)
- self.addCleanup(self._try_delete_router, router)
- body = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="allow",
- protocol="tcp")
- fw_rule_id1 = body['firewall_rule']['id']
- firewall_name = self._create_firewall_rule_name(body)
- self.addCleanup(self._try_delete_rule, fw_rule_id1)
- # Create firewall policy
- if not policy:
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name("fw-policy"))
- fw_policy_id = body['firewall_policy']['id']
- self.addCleanup(self._try_delete_policy, fw_policy_id)
- # Insert rule to firewall policy
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- fw_policy_id, fw_rule_id1, '', '')
- else:
- fw_policy_id = policy
- # Create firewall
- firewall_1 = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=fw_policy_id,
- router_ids=[router['id']])
- created_firewall = firewall_1['firewall']
- self.addCleanup(self._try_delete_firewall, created_firewall['id'])
- # Wait for the firewall resource to become ready
- self._wait_until_ready(created_firewall['id'])
- firewall_topo = dict(router=router, firewall_name=firewall_name,
- fw_policy_id=fw_policy_id,
- fw_rule_id1=fw_rule_id1,
- firewall_id=created_firewall['id'])
- return firewall_topo
-
- def _get_list_fw_rule_ids(self, fw_policy_id):
- fw_policy = self.fwaasv1_client.show_firewall_policy(
- fw_policy_id)
- return [ruleid for ruleid in fw_policy['firewall_policy']
- ['firewall_rules']]
-
- def create_router_by_type(self, router_type, name=None, **kwargs):
- routers_client = self.manager.routers_client
- router_name = name or data_utils.rand_name('mtz-')
- create_kwargs = dict(name=router_name, external_gateway_info={
- "network_id": CONF.network.public_network_id})
- if router_type in ('shared', 'exclusive'):
- create_kwargs['router_type'] = router_type
- elif router_type in ('distributed'):
- create_kwargs['distributed'] = True
- kwargs.update(create_kwargs)
- router = routers_client.create_router(**kwargs)
- router = router['router'] if 'router' in router else router
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- routers_client.delete_router, router['id'])
- self.assertEqual(router['name'], router_name)
- return router
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('c72197f1-b5c6-453f-952e-007acea6df86')
- def test_list_firewall_rules(self):
- # List firewall rules
- fw_rules = self.fwaasv1_client.list_firewall_rules()
- fw_rules = fw_rules['firewall_rules']
- self.assertEqual(self.fw_rule['firewall_rule']['id'],
- fw_rules[0]['id'])
- self.assertEqual(self.fw_rule['firewall_rule']['name'],
- fw_rules[0]['name'])
- self.assertEqual(self.fw_rule['firewall_rule']['action'],
- fw_rules[0]['action'])
- self.assertEqual(self.fw_rule['firewall_rule']['protocol'],
- fw_rules[0]['protocol'])
- self.assertEqual(self.fw_rule['firewall_rule']['enabled'],
- fw_rules[0]['enabled'])
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('ef92ba0d-f7c2-46cb-ad4b-21c62cfa85a0')
- def test_create_update_delete_firewall_rule(self):
- # Create firewall rule
- body = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="allow",
- protocol="tcp")
- fw_rule_id = body['firewall_rule']['id']
- self.addCleanup(self._try_delete_rule, fw_rule_id)
-
- # Update firewall rule
- body = self.fwaasv1_client.update_firewall_rule(fw_rule_id,
- action="deny")
- self.assertEqual("deny", body["firewall_rule"]['action'])
-
- # Delete firewall rule
- self.fwaasv1_client.delete_firewall_rule(fw_rule_id)
- # Confirm deletion
- fw_rules = self.fwaasv1_client.list_firewall_rules()
- self.assertNotIn(fw_rule_id,
- [m['id'] for m in fw_rules['firewall_rules']])
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('264e8b67-a1ef-4ba1-8757-808b249a5320')
- def test_show_firewall_rule(self):
- # show a created firewall rule
- fw_rule = self.fwaasv1_client.show_firewall_rule(
- self.fw_rule['firewall_rule']['id'])
- for key, value in six.iteritems(fw_rule['firewall_rule']):
- self.assertEqual(self.fw_rule['firewall_rule'][key], value)
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('029cd998-9dd4-4a0a-b79d-8bafd8223bda')
- def test_list_firewall_policies(self):
- fw_policies = self.fwaasv1_client.list_firewall_policies()
- fw_policies = fw_policies['firewall_policies']
- self.assertEqual(self.fw_policy['firewall_policy']['id'],
- fw_policies[0]['id'])
- self.assertEqual(self.fw_policy['firewall_policy']['name'],
- fw_policies[0]['name'])
- self.assertEqual(self.fw_policy['firewall_policy']['firewall_rules'],
- fw_policies[0]['firewall_rules'])
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('28c261c8-4fb3-4630-8a9b-707c93536a54')
- def test_create_update_delete_firewall_policy(self):
- # Create firewall policy
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name("fw-policy"))
- fw_policy_id = body['firewall_policy']['id']
- self.addCleanup(self._try_delete_policy, fw_policy_id)
-
- # Update firewall policy
- body = self.fwaasv1_client.update_firewall_policy(
- fw_policy_id,
- name="updated_policy")
- updated_fw_policy = body["firewall_policy"]
- self.assertEqual("updated_policy", updated_fw_policy['name'])
-
- # Delete firewall policy
- self.fwaasv1_client.delete_firewall_policy(fw_policy_id)
- # Confirm deletion
- fw_policies = self.fwaasv1_client.list_firewall_policies()
- fw_policies = fw_policies['firewall_policies']
- self.assertNotIn(fw_policy_id, [m['id'] for m in fw_policies])
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('8bc7ad6d-4163-4def-9e1d-b9d24d9e8bf8')
- def test_show_firewall_policy(self):
- # show a created firewall policy
- fw_policy = self.fwaasv1_client.show_firewall_policy(
- self.fw_policy['firewall_policy']['id'])
- fw_policy = fw_policy['firewall_policy']
- for key, value in six.iteritems(fw_policy):
- self.assertEqual(self.fw_policy['firewall_policy'][key], value)
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('0c320840-f3e4-4960-987d-a6f06d327fe1')
- def test_create_show_delete_firewall(self):
- # Create tenant network resources required for an ACTIVE firewall
- network = self.create_network()
- subnet = self.create_subnet(network)
- router = self.create_router_by_type('exclusive')
- self.addCleanup(self._try_delete_router, router)
- self.routers_client.add_router_interface(router['id'],
- subnet_id=subnet['id'])
- # Create firewall
- body = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=self.fw_policy['firewall_policy']['id'])
- created_firewall = body['firewall']
- firewall_id = created_firewall['id']
- self.addCleanup(self._try_delete_firewall, firewall_id)
- # Wait for the firewall resource to become ready
- self._wait_until_ready(firewall_id)
- # show a created firewall
- firewall = self.fwaasv1_client.show_firewall(firewall_id)
- firewall = firewall['firewall']
- for key, value in six.iteritems(firewall):
- if key == 'status':
- continue
- self.assertEqual(created_firewall[key], value)
- # list firewall
- firewalls = self.fwaasv1_client.list_firewalls()
- firewalls = firewalls['firewalls']
- # Delete firewall
- self.fwaasv1_client.delete_firewall(firewall_id)
- # Wait for the firewall resource to be deleted
- self._wait_until_deleted(firewall_id)
- # Confirm deletion
- firewalls = self.fwaasv1_client.list_firewalls()['firewalls']
- self.assertNotIn(firewall_id, [m['id'] for m in firewalls])
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('d9b23b3a-66ea-4591-9f8f-fa5a71fe0645')
- def test_firewall_insertion_mode_add_remove_mix_router(self):
- # Create legacy routers
- router1 = self.create_router_by_type('exclusive')
- self.addCleanup(self._try_delete_router, router1)
- router2 = self.create_router_by_type('distributed')
- self.addCleanup(self._try_delete_router, router2)
-
- # Create firewall on a router1
- body = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=self.fw_policy['firewall_policy']['id'],
- router_ids=[router1['id']])
- created_firewall = body['firewall']
- firewall_id = created_firewall['id']
- self.addCleanup(self._try_delete_firewall, firewall_id)
- self.assertEqual([router1['id']], created_firewall['router_ids'])
- # Legacy routers are scheduled on L3 agents on network plug events
- # Hence firewall resource will not became ready at this stage
- network = self.create_network()
- subnet = self.create_subnet(network)
- self.routers_client.add_router_interface(router1['id'],
- subnet_id=subnet['id'])
- # Wait for the firewall resource to become ready
- self._wait_until_ready(firewall_id)
- # Add router2 to the firewall
- body = self.fwaasv1_client.update_firewall(
- firewall_id, router_ids=[router1['id'], router2['id']])
- updated_firewall = body['firewall']
- self.assertIn(router2['id'], updated_firewall['router_ids'])
- self.assertEqual(2, len(updated_firewall['router_ids']))
- # Wait for the firewall resource to become ready
- self._wait_until_ready(firewall_id)
- # Remove router1 from the firewall
- body = self.fwaasv1_client.update_firewall(
- firewall_id, router_ids=[router2['id']])
- updated_firewall = body['firewall']
- self.assertNotIn(router1['id'], updated_firewall['router_ids'])
- self.assertEqual(1, len(updated_firewall['router_ids']))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('964e0254-e7f2-4bbe-a4c8-db09da8d79ee')
- def test_firewall_insertion_mode_add_remove_router(self):
- # Create legacy routers
- router1 = self.create_router_by_type('exclusive')
- self.addCleanup(self._try_delete_router, router1)
- router2 = self.create_router_by_type('exclusive')
- self.addCleanup(self._try_delete_router, router2)
-
- # Create firewall on a router1
- body = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=self.fw_policy['firewall_policy']['id'],
- router_ids=[router1['id']])
- created_firewall = body['firewall']
- firewall_id = created_firewall['id']
- self.addCleanup(self._try_delete_firewall, firewall_id)
-
- self.assertEqual([router1['id']], created_firewall['router_ids'])
-
- # Legacy routers are scheduled on L3 agents on network plug events
- # Hence firewall resource will not became ready at this stage
- network = self.create_network()
- subnet = self.create_subnet(network)
- self.routers_client.add_router_interface(router1['id'],
- subnet_id=subnet['id'])
- # Wait for the firewall resource to become ready
- self._wait_until_ready(firewall_id)
-
- # Add router2 to the firewall
- body = self.fwaasv1_client.update_firewall(
- firewall_id, router_ids=[router1['id'], router2['id']])
- updated_firewall = body['firewall']
- self.assertIn(router2['id'], updated_firewall['router_ids'])
- self.assertEqual(2, len(updated_firewall['router_ids']))
-
- # Wait for the firewall resource to become ready
- self._wait_until_ready(firewall_id)
-
- # Remove router1 from the firewall
- body = self.fwaasv1_client.update_firewall(
- firewall_id, router_ids=[router2['id']])
- updated_firewall = body['firewall']
- self.assertNotIn(router1['id'], updated_firewall['router_ids'])
- self.assertEqual(1, len(updated_firewall['router_ids']))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('662b252f-fa1b-49fe-8599-a37feab9fae8')
- def test_firewall_insertion_one_policy_two_router_backend(self):
- # Create router required for an ACTIVE firewall
- edge_id_excl = 0
- edge_id_dist = 0
- firewall_topo1 = self._create_firewall_basic_topo('exclusive')
- firewall_topo2 = \
- self._create_firewall_basic_topo('distributed',
- firewall_topo1['fw_policy_id'])
- edges = self.vsm.get_all_edges()
- firewall_topo2['router']['name'] += '-plr'
- for key in edges:
- if firewall_topo1['router']['name'] in key['name']:
- edge_id_excl = key['id']
- if firewall_topo2['router']['name'] in key['name']:
- edge_id_dist = key['id']
- if edge_id_excl and edge_id_dist:
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id_excl)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo1['firewall_name']))
- rules = self.vsm.get_edge_firewall_rules(edge_id_dist)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo1['firewall_name']))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('00330ef3-0a2e-4556-84d1-448d09c5ca2e')
- def test_firewall_insertion_two_policy_two_router_backend(self):
- # Create router required for an ACTIVE firewall
- edge_id_excl = 0
- edge_id_dist = 0
- firewall_topo1 = self._create_firewall_basic_topo('exclusive')
- firewall_topo2 = self._create_firewall_basic_topo('distributed')
- edges = self.vsm.get_all_edges()
- firewall_topo2['router']['name'] += '-plr'
- for key in edges:
- if firewall_topo1['router']['name'] in key['name']:
- edge_id_excl = key['id']
- if firewall_topo2['router']['name'] in key['name']:
- edge_id_dist = key['id']
- if edge_id_excl and edge_id_dist:
- break
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- rules = self.vsm.get_edge_firewall_rules(edge_id_excl)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo1['firewall_name']))
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- rules = self.vsm.get_edge_firewall_rules(edge_id_dist)
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo2['firewall_name']))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('8092bd48-e4c1-4709-8a3b-70e7bf6a78c9')
- def test_firewall_insertion_mode_two_firewall_rules_check_backend(self):
- rule_no = 1
- # Create router required for an ACTIVE firewall
- firewall_topo = self._create_firewall_basic_topo('exclusive')
- # Create second firewall rule
- firewall_rule_2 = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="deny",
- protocol="icmp")
- fw_rule_id2 = firewall_rule_2['firewall_rule']['id']
- firewall_rule_name_2 = \
- "Fwaas-" + firewall_rule_2['firewall_rule']['name']
- self.addCleanup(self._try_delete_rule, fw_rule_id2)
- self.addCleanup(self._try_delete_policy, firewall_topo['fw_policy_id'])
- self.addCleanup(self._try_delete_firewall,
- firewall_topo['firewall_id'])
- # Insert rule-2 to firewall policy
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- firewall_topo['fw_policy_id'], fw_rule_id2, '',
- firewall_topo['fw_rule_id1'])
- self._wait_firewall_ready(firewall_topo['firewall_id'])
- edges = self.vsm.get_all_edges()
- for key in edges:
- if firewall_topo['router']['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- for rule in rules:
- if rule['name'] in ('VSERule', 'MDServiceIP', 'MDInterEdgeNet'):
- continue
- if rule_no == 1:
- self.assertIn(rule['name'], firewall_rule_name_2,
- "Rule exists at position 1")
- rule_no += rule_no
- continue
- if rule_no == 2:
- self.assertIn(rule['name'], firewall_topo['firewall_name'],
- "Rule exists at position 2")
- break
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('da65de07-a60f-404d-ad1d-2d2c71a3b6a5')
- def test_firewall_add_delete_between_routers(self):
- firewall_topo = self._create_firewall_basic_topo('exclusive')
- router = self.create_router_by_type('exclusive')
- self.addCleanup(self._try_delete_router, router)
- self.fwaasv1_client.update_firewall(
- firewall_topo['firewall_id'],
- router_ids=[router['id']])
- self._wait_firewall_ready(firewall_topo['firewall_id'])
- edges = self.vsm.get_all_edges()
- for key in edges:
- if router['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules,
- firewall_topo['firewall_name']))
- self.fwaasv1_client.update_firewall(
- firewall_topo['firewall_id'],
- router_ids=[router['id'], firewall_topo['router']['id']])
- self._wait_firewall_ready(firewall_topo['firewall_id'])
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo['firewall_name']))
- edges = self.vsm.get_all_edges()
- for key in edges:
- if firewall_topo['router']['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo['firewall_name']))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('c60ceff5-d51f-451d-b6e6-cb983d16ab6b')
- def test_firewall_insertion_with_multiple_rules_check_backend(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = self._create_firewall_basic_topo('exclusive')
- edges = self.vsm.get_all_edges()
- for key in edges:
- if firewall_topo['router']['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo['firewall_name']))
- firewall_rule_2 = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="allow",
- protocol="tcp")
- fw_rule_id2 = firewall_rule_2['firewall_rule']['id']
- firewall_name_2 = self._create_firewall_rule_name(firewall_rule_2)
- self.addCleanup(self._try_delete_rule, fw_rule_id2)
- # Update firewall policy
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- firewall_topo['fw_policy_id'], fw_rule_id2,
- firewall_topo['fw_rule_id1'], '')
- self._wait_firewall_ready(firewall_topo['firewall_id'])
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_name_2))
- firewall_rule_3 = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="allow",
- protocol="tcp")
- fw_rule_id3 = firewall_rule_3['firewall_rule']['id']
- firewall_name_3 = self._create_firewall_rule_name(firewall_rule_3)
- self.addCleanup(self._try_delete_rule, fw_rule_id3)
- # Update firewall policy
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- firewall_topo['fw_policy_id'], fw_rule_id3, fw_rule_id2, '')
- self._wait_firewall_ready(firewall_topo['firewall_id'])
- self.addCleanup(self._try_delete_policy, firewall_topo['fw_policy_id'])
- self.addCleanup(self._try_delete_firewall,
- firewall_topo['firewall_id'])
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_name_3))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('a1734149-9c4b-46d3-86c8-d61f57458095')
- def test_firewall_add_remove_rule_check_backend(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = self._create_firewall_basic_topo('exclusive')
- edges = self.vsm.get_all_edges()
- for key in edges:
- if firewall_topo['router']['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo['firewall_name']))
- self.fwaasv1_client.remove_firewall_rule_from_policy(
- firewall_topo['fw_policy_id'], firewall_topo['fw_rule_id1'])
- self.delete_firewall_and_wait(firewall_topo['firewall_id'])
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- False, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo['firewall_name']))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('e1111959-c36a-41d6-86ee-ea6c0b927eb3')
- def test_firewall_insertion_mode_one_firewall_rule_check_backend(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = self._create_firewall_basic_topo('exclusive')
- edges = self.vsm.get_all_edges()
- for key in edges:
- if firewall_topo['router']['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, firewall_topo['firewall_name']))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('e434b3c9-1148-499a-bb52-b094cdb0a186')
- def test_firewall_insertion_mode_one_firewall_per_router(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = self._create_firewall_basic_topo('exclusive')
- # Try to create firewall with the same router
- self.assertRaisesRegexp(
- lib_exc.Conflict,
- "already associated with other Firewall",
- self.fwaasv1_client.create_firewall,
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=self.fw_policy['firewall_policy']['id'],
- router_ids=[firewall_topo['router']['id']])
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('d162abb2-9c14-45d6-bed1-06646a66803a')
- def test_firewall_insertion_mode_one_firewall_per_dist_router(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = self._create_firewall_basic_topo('distributed')
- # Try to create firewall with the same router
- self.assertRaisesRegexp(
- lib_exc.Conflict,
- "already associated with other Firewall",
- self.fwaasv1_client.create_firewall,
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=self.fw_policy['firewall_policy']['id'],
- router_ids=[firewall_topo['router']['id']])
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('d5531558-9b18-40bc-9388-3eded0894a85')
- def test_firewall_rule_insertion_position_removal_rule_from_policy(self):
- # Create firewall rule
- body = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="allow",
- protocol="tcp")
- fw_rule_id1 = body['firewall_rule']['id']
- self.addCleanup(self._try_delete_rule, fw_rule_id1)
- # Create firewall policy
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name("fw-policy"))
- fw_policy_id = body['firewall_policy']['id']
- self.addCleanup(self._try_delete_policy, fw_policy_id)
- # Insert rule to firewall policy
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- fw_policy_id, fw_rule_id1, '', '')
- # Verify insertion of rule in policy
- self.assertIn(fw_rule_id1, self._get_list_fw_rule_ids(fw_policy_id))
- # Create another firewall rule
- body = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="allow",
- protocol="icmp")
- fw_rule_id2 = body['firewall_rule']['id']
- self.addCleanup(self._try_delete_rule, fw_rule_id2)
- # Insert rule to firewall policy after the first rule
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- fw_policy_id, fw_rule_id2, fw_rule_id1, '')
- # Verify the position of rule after insertion
- fw_rule = self.fwaasv1_client.show_firewall_rule(
- fw_rule_id2)
- self.assertEqual(int(fw_rule['firewall_rule']['position']), 2)
- # Remove rule from the firewall policy
- self.fwaasv1_client.remove_firewall_rule_from_policy(
- fw_policy_id, fw_rule_id2)
- # Insert rule to firewall policy before the first rule
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- fw_policy_id, fw_rule_id2, '', fw_rule_id1)
- # Verify the position of rule after insertion
- fw_rule = self.fwaasv1_client.show_firewall_rule(
- fw_rule_id2)
- self.assertEqual(int(fw_rule['firewall_rule']['position']), 1)
- # Remove rule from the firewall policy
- self.fwaasv1_client.remove_firewall_rule_from_policy(
- fw_policy_id, fw_rule_id2)
- # Verify removal of rule from firewall policy
- self.assertNotIn(fw_rule_id2, self._get_list_fw_rule_ids(fw_policy_id))
- # Remove rule from the firewall policy
- self.fwaasv1_client.remove_firewall_rule_from_policy(
- fw_policy_id, fw_rule_id1)
- # Verify removal of rule from firewall policy
- self.assertNotIn(fw_rule_id1, self._get_list_fw_rule_ids(fw_policy_id))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('901dae30-b148-43d9-ac86-09777aeaba20')
- def test_update_firewall_name_at_backend_excl_edge(self):
- firewall_topo = self._create_firewall_basic_topo('exclusive')
- fw_rule_id = firewall_topo['fw_rule_id1']
- body = self.fwaasv1_client.update_firewall_rule(fw_rule_id,
- name="updated_rule")
- updated_fw_rule = body["firewall_rule"]
- self.assertEqual("updated_rule", updated_fw_rule['name'])
- time.sleep(constants.NSX_FIREWALL_REALIZED_TIMEOUT)
- edges = self.vsm.get_all_edges()
- for key in edges:
- if firewall_topo['router']['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- time.sleep(constants.NSX_BACKEND_VERY_SMALL_TIME_INTERVAL)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, "Fwaas-updated_rule"))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('471ebc13-8e3b-4aca-85b8-747935bf0559')
- def test_update_firewall_name_at_backend_dist_edge(self):
- firewall_topo = self._create_firewall_basic_topo('distributed')
- fw_rule_id = firewall_topo['fw_rule_id1']
- body = self.fwaasv1_client.update_firewall_rule(fw_rule_id,
- name="updated_rule")
- updated_fw_rule = body["firewall_rule"]
- self.assertEqual("updated_rule", updated_fw_rule['name'])
- time.sleep(constants.NSX_FIREWALL_REALIZED_TIMEOUT)
- edges = self.vsm.get_all_edges()
- firewall_topo['router']['name'] += '-plr'
- for key in edges:
- if firewall_topo['router']['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- time.sleep(constants.NSX_BACKEND_VERY_SMALL_TIME_INTERVAL)
- self.assertEqual(
- True, self._check_firewall_rule_exists_at_backend(
- rules, "Fwaas-updated_rule"))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('0bdc9670-17b8-4dd5-80c8-dc6e956fc6ef')
- def test_create_multiple_firewall_rules_check_at_backend(self):
- firewall_topo = self._create_firewall_advanced_topo('exclusive')
- edges = self.vsm.get_all_edges()
- for key in edges:
- if firewall_topo['router']['name'] in key['name']:
- edge_id = key['id']
- break
- firewall_rules = self.vsm.get_edge_firewall_rules(edge_id)
- total_rules = firewall_topo['rules_before'] + len(firewall_rules)
- self.assertGreaterEqual(total_rules, constants.NO_OF_ENTRIES,
- "Firewall Rules are greater than %s" %
- constants.NO_OF_ENTRIES)
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('0249db39-6284-456a-9449-2adacdca4d3b')
- def test_update_firewall_policy_audited_attribute(self):
- # Create firewall rule
- body = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="allow",
- protocol="icmp")
- fw_rule_id = body['firewall_rule']['id']
- self.addCleanup(self._try_delete_rule, fw_rule_id)
- # Create firewall policy
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name('fw-policy'))
- fw_policy_id = body['firewall_policy']['id']
- self.addCleanup(self._try_delete_policy, fw_policy_id)
- self.assertFalse(body['firewall_policy']['audited'])
- # Update firewall policy audited attribute to true
- self.fwaasv1_client.update_firewall_policy(fw_policy_id,
- audited=True)
- # Insert Firewall rule to firewall policy
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- fw_policy_id, fw_rule_id, '', '')
- body = self.fwaasv1_client.show_firewall_policy(
- fw_policy_id)
- self.assertFalse(body['firewall_policy']['audited'])
diff --git a/vmware_nsx_tempest/tests/nsxv/api/test_v1_lbaas.py b/vmware_nsx_tempest/tests/nsxv/api/test_v1_lbaas.py
deleted file mode 100644
index 0e981b283f..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/test_v1_lbaas.py
+++ /dev/null
@@ -1,495 +0,0 @@
-# Copyright 2013 OpenStack Foundation
-# Copyright 2015 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import six
-
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-
-from tempest.api.network import base
-from tempest import config
-from tempest import test
-
-from vmware_nsx_tempest.services import load_balancer_v1_client as LBV1C
-from vmware_nsx_tempest.services import network_client_base as base_client
-
-CONF = config.CONF
-
-
-class LoadBalancerTestJSON(base.BaseNetworkTest):
- """
- Tests the following operations in the Neutron API using the REST client
- for
- Neutron:
-
- create vIP, and Pool
- show vIP
- list vIP
- update vIP
- delete vIP
- update pool
- delete pool
- show pool
- list pool
- health monitoring operations
- """
-
- @classmethod
- def skip_checks(cls):
- super(LoadBalancerTestJSON, cls).skip_checks()
- if not test.is_extension_enabled('lbaas', 'network'):
- msg = "lbaas extension not enabled."
- raise cls.skipException(msg)
- if not test.is_extension_enabled('nsxv-router-type', 'network'):
- msg = "nsxv-router-type extension is not enabled"
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(LoadBalancerTestJSON, cls).resource_setup()
- _params = base_client.default_params_with_timeout_values.copy()
- for p in _params.keys():
- if p in ['service', 'region', 'endpoint_type']:
- _params.pop(p)
- cls.lbv1_client = LBV1C.get_client(cls.manager)
- cls.network = cls.create_network()
- cls.name = cls.network['name']
- cls.subnet = cls.create_subnet(cls.network)
- cls.ext_net_id = CONF.network.public_network_id
- cls.router = cls.create_router(data_utils.rand_name('router-'),
- admin_state_up=True,
- external_network_id=cls.ext_net_id,
- router_type='exclusive')
- cls.create_router_interface(cls.router['id'], cls.subnet['id'])
- pool_name = data_utils.rand_name('pool-')
- vip_name = data_utils.rand_name('vip-')
- cls.pool = cls.lbv1_client.create_pool(
- pool_name, "ROUND_ROBIN", "HTTP", cls.subnet['id'])['pool']
- cls.vip = cls.lbv1_client.create_vip(cls.pool['id'],
- subnet_id=cls.subnet['id'],
- name=vip_name,
- protocol="HTTP",
- protocol_port=80)['vip']
- cls.member = cls.lbv1_client.create_member(
- 80, cls.pool['id'], cls._ip_version)['member']
- cls.member_address = ("10.0.9.47" if cls._ip_version == 4
- else "2015::beef")
- cls.health_monitor = cls.lbv1_client.create_health_monitor(
- delay=4, max_retries=3, type="TCP", timeout=1)['health_monitor']
-
- @classmethod
- def resource_cleanup(cls):
- """
- Cleanup the lb resources first and then call resource_cleanup
- in BaseNetworkTest to cleanup other network resources. NSX-v
- plugin requires the lb resources to be deleted before we can
- delete subnet or remove interface from router.
- """
- # Cleanup lb health monitors
- if cls.health_monitor:
- test_utils.call_and_ignore_notfound_exc(
- cls.lbv1_client.delete_health_monitor,
- cls.health_monitor['id'])
- cls.health_monitor = None
-
- # Cleanup members
- if cls.member:
- test_utils.call_and_ignore_notfound_exc(
- cls.lbv1_client.delete_member, cls.member['id'])
- cls.member = None
-
- # Cleanup vips
- if cls.vip:
- test_utils.call_and_ignore_notfound_exc(
- cls.lbv1_client.delete_vip, cls.vip['id'])
- cls.vip = None
-
- # Cleanup pool
- if cls.pool:
- test_utils.call_and_ignore_notfound_exc(
- cls.lbv1_client.delete_pool, cls.pool['id'])
- cls.pool = None
-
- super(LoadBalancerTestJSON, cls).resource_cleanup()
-
- def _check_list_with_filter(self, obj_name, attr_exceptions, **kwargs):
- create_obj = getattr(self.lbv1_client, 'create_' + obj_name)
- delete_obj = getattr(self.lbv1_client, 'delete_' + obj_name)
- list_objs = getattr(self.lbv1_client, 'list_' + obj_name + 's')
-
- body = create_obj(**kwargs)
- obj = body[obj_name]
- self.addCleanup(delete_obj, obj['id'])
- for key, value in six.iteritems(obj):
- # It is not relevant to filter by all arguments. That is why
- # there is a list of attr to except
- if key not in attr_exceptions:
- body = list_objs(**{key: value})
- objs = [v[key] for v in body[obj_name + 's']]
- self.assertIn(value, objs)
-
- @decorators.idempotent_id('1c959a37-feb3-4d58-b5fc-58ba653de065')
- def test_list_vips(self):
- # Verify the vIP exists in the list of all vIPs
- body = self.lbv1_client.list_vips()
- vips = body['vips']
- self.assertIn(self.vip['id'], [v['id'] for v in vips])
-
- @decorators.idempotent_id('687b7fd1-fd15-4ffd-8166-f376407a6081')
- def test_list_vips_with_filter(self):
- pool_name = data_utils.rand_name("pool-")
- vip_name = data_utils.rand_name('vip-')
- body = self.lbv1_client.create_pool(pool_name,
- lb_method="ROUND_ROBIN",
- protocol="HTTPS",
- subnet_id=self.subnet['id'])
- pool = body['pool']
- self.addCleanup(self.lbv1_client.delete_pool, pool['id'])
- attr_exceptions = ['status', 'session_persistence',
- 'status_description']
- self._check_list_with_filter(
- 'vip', attr_exceptions, name=vip_name, protocol="HTTPS",
- protocol_port=81, subnet_id=self.subnet['id'], pool_id=pool['id'],
- description=data_utils.rand_name('description-'),
- admin_state_up=False)
-
- @decorators.idempotent_id('73dfc119-b64b-4e56-90d2-df61d7181098')
- def test_create_update_delete_pool_vip(self):
- # Creates a vip
- pool_name = data_utils.rand_name("pool-")
- vip_name = data_utils.rand_name('vip-')
- address = self.subnet['allocation_pools'][0]['end']
- body = self.lbv1_client.create_pool(
- pool_name,
- lb_method='ROUND_ROBIN',
- protocol='HTTP',
- subnet_id=self.subnet['id'])
- pool = body['pool']
- body = self.lbv1_client.create_vip(pool['id'],
- name=vip_name,
- protocol="HTTP",
- protocol_port=80,
- subnet_id=self.subnet['id'],
- address=address)
- vip = body['vip']
- vip_id = vip['id']
- # Confirm VIP's address correctness with a show
- body = self.lbv1_client.show_vip(vip_id)
- vip = body['vip']
- self.assertEqual(address, vip['address'])
- # Verification of vip update
- new_name = "New_vip"
- new_description = "New description"
- persistence_type = "HTTP_COOKIE"
- update_data = {"session_persistence": {
- "type": persistence_type}}
- body = self.lbv1_client.update_vip(vip_id,
- name=new_name,
- description=new_description,
- connection_limit=10,
- admin_state_up=False,
- **update_data)
- updated_vip = body['vip']
- self.assertEqual(new_name, updated_vip['name'])
- self.assertEqual(new_description, updated_vip['description'])
- self.assertEqual(10, updated_vip['connection_limit'])
- self.assertFalse(updated_vip['admin_state_up'])
- self.assertEqual(persistence_type,
- updated_vip['session_persistence']['type'])
- self.lbv1_client.delete_vip(vip['id'])
- self.lbv1_client.wait_for_resource_deletion('vip', vip['id'])
- # Verification of pool update
- new_name = "New_pool"
- body = self.lbv1_client.update_pool(pool['id'],
- name=new_name,
- description="new_description",
- lb_method='LEAST_CONNECTIONS')
- updated_pool = body['pool']
- self.assertEqual(new_name, updated_pool['name'])
- self.assertEqual('new_description', updated_pool['description'])
- self.assertEqual('LEAST_CONNECTIONS', updated_pool['lb_method'])
- self.lbv1_client.delete_pool(pool['id'])
-
- @decorators.idempotent_id('277a99ce-4b3e-451d-a18a-d26c0376d176')
- def test_show_vip(self):
- # Verifies the details of a vip
- body = self.lbv1_client.show_vip(self.vip['id'])
- vip = body['vip']
- for key, value in six.iteritems(vip):
- # 'status' should not be confirmed in api tests
- if key != 'status':
- self.assertEqual(self.vip[key], value)
-
- @decorators.idempotent_id('432470dd-836b-4555-8388-af95a1c74d32')
- def test_show_pool(self):
- # Here we need to new pool without any dependence with vips
- pool_name = data_utils.rand_name("pool-")
- body = self.lbv1_client.create_pool(pool_name,
- lb_method='ROUND_ROBIN',
- protocol='HTTP',
- subnet_id=self.subnet['id'])
- pool = body['pool']
- self.addCleanup(self.lbv1_client.delete_pool, pool['id'])
- # Verifies the details of a pool
- body = self.lbv1_client.show_pool(pool['id'])
- shown_pool = body['pool']
- for key, value in six.iteritems(pool):
- # 'status' should not be confirmed in api tests
- if key != 'status':
- self.assertEqual(value, shown_pool[key])
-
- @decorators.idempotent_id('c9951820-7b24-4e67-8c0c-41065ec66071')
- def test_list_pools(self):
- # Verify the pool exists in the list of all pools
- body = self.lbv1_client.list_pools()
- pools = body['pools']
- self.assertIn(self.pool['id'], [p['id'] for p in pools])
-
- @decorators.idempotent_id('55a1fb8e-e88e-4042-a46a-13a0282e4990')
- def test_list_pools_with_filters(self):
- attr_exceptions = ['status', 'vip_id', 'members', 'provider',
- 'status_description']
- self._check_list_with_filter(
- 'pool', attr_exceptions, name=data_utils.rand_name("pool-"),
- lb_method="ROUND_ROBIN", protocol="HTTPS",
- subnet_id=self.subnet['id'],
- description=data_utils.rand_name('description-'),
- admin_state_up=False)
-
- @decorators.idempotent_id('dd441433-de8f-4992-a721-0755dec737ff')
- def test_list_members(self):
- # Verify the member exists in the list of all members
- body = self.lbv1_client.list_members()
- members = body['members']
- self.assertIn(self.member['id'], [m['id'] for m in members])
-
- @decorators.idempotent_id('ccebe68a-f096-478d-b495-f17d5c0eac7b')
- def test_list_members_with_filters(self):
- attr_exceptions = ['status', 'status_description']
- self._check_list_with_filter('member', attr_exceptions,
- address=self.member_address,
- protocol_port=80,
- pool_id=self.pool['id'])
-
- @decorators.idempotent_id('b4efe862-0439-4260-828c-cc09ff7e12a6')
- def test_create_update_delete_member(self):
- # Creates a member
- body = self.lbv1_client.create_member(address=self.member_address,
- protocol_port=80,
- pool_id=self.pool['id'])
- member = body['member']
- # Verification of member update
- body = self.lbv1_client.update_member(member['id'],
- admin_state_up=False)
- updated_member = body['member']
- self.assertFalse(updated_member['admin_state_up'])
- # Verification of member delete
- self.lbv1_client.delete_member(member['id'])
-
- @decorators.idempotent_id('4806ca47-b3a0-4280-9962-6631c6815e93')
- def test_show_member(self):
- # Verifies the details of a member
- body = self.lbv1_client.show_member(self.member['id'])
- member = body['member']
- for key, value in six.iteritems(member):
- # 'status' should not be confirmed in api tests
- if key != 'status':
- self.assertEqual(self.member[key], value)
-
- @decorators.idempotent_id('65c4d817-d8d2-44df-9c15-86fc7b910044')
- def test_list_health_monitors(self):
- # Verify the health monitor exists in the list of all health monitors
- body = self.lbv1_client.list_health_monitors()
- health_monitors = body['health_monitors']
- self.assertIn(self.health_monitor['id'],
- [h['id'] for h in health_monitors])
-
- @decorators.idempotent_id('a2c749a0-4eac-4acc-b729-6b469c3c616a')
- def test_list_health_monitors_with_filters(self):
- attr_exceptions = ['status', 'status_description', 'pools']
- self._check_list_with_filter('health_monitor', attr_exceptions,
- delay=5, max_retries=4, type="TCP",
- timeout=2)
-
- @decorators.idempotent_id('94f1e066-de6e-4cd8-b352-533d216956b7')
- def test_create_update_delete_health_monitor(self):
- # Creates a health_monitor
- body = self.lbv1_client.create_health_monitor(delay=4,
- max_retries=3,
- type="TCP",
- timeout=1)
- health_monitor = body['health_monitor']
- # Verification of health_monitor update
- body = (self.lbv1_client.update_health_monitor
- (health_monitor['id'],
- admin_state_up=False))
- updated_health_monitor = body['health_monitor']
- self.assertFalse(updated_health_monitor['admin_state_up'])
- # Verification of health_monitor delete
- body = self.lbv1_client.delete_health_monitor(health_monitor['id'])
-
- @decorators.idempotent_id('82943dcf-d424-43f0-890f-4b796f5043dc')
- def test_create_health_monitor_http_type(self):
- hm_type = "HTTP"
- body = self.lbv1_client.create_health_monitor(delay=4,
- max_retries=3,
- type=hm_type,
- timeout=1)
- health_monitor = body['health_monitor']
- self.addCleanup(self.lbv1_client.delete_health_monitor,
- health_monitor['id'])
- self.assertEqual(hm_type, health_monitor['type'])
-
- @decorators.idempotent_id('b1279c46-822a-4406-bb16-6a6ce7bf4e4e')
- def test_update_health_monitor_http_method(self):
- body = self.lbv1_client.create_health_monitor(delay=4,
- max_retries=3,
- type="HTTP",
- timeout=1)
- health_monitor = body['health_monitor']
- self.addCleanup(self.lbv1_client.delete_health_monitor,
- health_monitor['id'])
- body = (self.lbv1_client.update_health_monitor
- (health_monitor['id'],
- http_method="POST",
- url_path="/home/user",
- expected_codes="290"))
- updated_health_monitor = body['health_monitor']
- self.assertEqual("POST", updated_health_monitor['http_method'])
- self.assertEqual("/home/user", updated_health_monitor['url_path'])
- self.assertEqual("290", updated_health_monitor['expected_codes'])
-
- @decorators.idempotent_id('7beabd44-0200-4cc4-b18d-5fb1f44cf36c')
- def test_show_health_monitor(self):
- # Verifies the details of a health_monitor
- body = self.lbv1_client.show_health_monitor(self.health_monitor['id'])
- health_monitor = body['health_monitor']
- for key, value in six.iteritems(health_monitor):
- # 'status' should not be confirmed in api tests
- if key != 'status':
- self.assertEqual(self.health_monitor[key], value)
-
- @decorators.idempotent_id('5386d600-1372-4f99-b0f2-316401718ac4')
- def test_associate_disassociate_health_monitor_with_pool(self):
- # Verify that a health monitor can be associated with a pool
- self.lbv1_client.associate_health_monitor_with_pool(
- self.health_monitor['id'], self.pool['id'])
- body = self.lbv1_client.show_health_monitor(
- self.health_monitor['id'])
- health_monitor = body['health_monitor']
- body = self.lbv1_client.show_pool(self.pool['id'])
- pool = body['pool']
- self.assertIn(pool['id'],
- [p['pool_id'] for p in health_monitor['pools']])
- self.assertIn(health_monitor['id'], pool['health_monitors'])
- # Verify that a health monitor can be disassociated from a pool
- (self.lbv1_client.disassociate_health_monitor_with_pool
- (self.health_monitor['id'], self.pool['id']))
- body = self.lbv1_client.show_pool(self.pool['id'])
- pool = body['pool']
- body = self.lbv1_client.show_health_monitor(
- self.health_monitor['id'])
- health_monitor = body['health_monitor']
- self.assertNotIn(health_monitor['id'], pool['health_monitors'])
- self.assertNotIn(pool['id'],
- [p['pool_id'] for p in health_monitor['pools']])
-
- @decorators.idempotent_id('17a6b730-0780-46c9-bca0-cec67387e469')
- def test_get_lb_pool_stats(self):
- # Verify the details of pool stats
- body = self.lbv1_client.list_lb_pool_stats(self.pool['id'])
- stats = body['stats']
- self.assertIn("bytes_in", stats)
- self.assertIn("total_connections", stats)
- self.assertIn("active_connections", stats)
- self.assertIn("bytes_out", stats)
-
- @decorators.idempotent_id('a113c740-6194-4622-a187-8343ad3e5208')
- def test_update_list_of_health_monitors_associated_with_pool(self):
- (self.lbv1_client.associate_health_monitor_with_pool
- (self.health_monitor['id'], self.pool['id']))
- self.lbv1_client.update_health_monitor(
- self.health_monitor['id'], admin_state_up=False)
- body = self.lbv1_client.show_pool(self.pool['id'])
- health_monitors = body['pool']['health_monitors']
- for health_monitor_id in health_monitors:
- body = self.lbv1_client.show_health_monitor(health_monitor_id)
- self.assertFalse(body['health_monitor']['admin_state_up'])
- (self.lbv1_client.disassociate_health_monitor_with_pool
- (self.health_monitor['id'], self.pool['id']))
-
- @decorators.idempotent_id('a2843ec6-80d8-4617-b985-8c8565daac8d')
- def test_update_admin_state_up_of_pool(self):
- self.lbv1_client.update_pool(self.pool['id'],
- admin_state_up=False)
- body = self.lbv1_client.show_pool(self.pool['id'])
- pool = body['pool']
- self.assertFalse(pool['admin_state_up'])
-
- @decorators.idempotent_id('fd45c684-b847-472f-a7e8-a3f70e8e08e0')
- def test_show_vip_associated_with_pool(self):
- body = self.lbv1_client.show_pool(self.pool['id'])
- pool = body['pool']
- body = self.lbv1_client.show_vip(pool['vip_id'])
- vip = body['vip']
- self.assertEqual(self.vip['name'], vip['name'])
- self.assertEqual(self.vip['id'], vip['id'])
-
- @decorators.idempotent_id('1ac0ca5f-7d6a-4ac4-b286-d68c92a98405')
- def test_show_members_associated_with_pool(self):
- body = self.lbv1_client.show_pool(self.pool['id'])
- members = body['pool']['members']
- for member_id in members:
- body = self.lbv1_client.show_member(member_id)
- self.assertIsNotNone(body['member']['status'])
- self.assertEqual(member_id, body['member']['id'])
- self.assertIsNotNone(body['member']['admin_state_up'])
-
- @decorators.idempotent_id('4fa308fa-ac2b-4acf-87db-adfe2ee4739c')
- def test_update_pool_related_to_member(self):
- # Create new pool
- pool_name = data_utils.rand_name("pool-")
- body = self.lbv1_client.create_pool(
- pool_name,
- lb_method='ROUND_ROBIN',
- protocol='HTTP',
- subnet_id=self.subnet['id'])
- new_pool = body['pool']
- self.addCleanup(self.lbv1_client.delete_pool, new_pool['id'])
- # Update member with new pool's id
- body = self.lbv1_client.update_member(self.member['id'],
- pool_id=new_pool['id'])
- # Confirm with show that pool_id change
- body = self.lbv1_client.show_member(self.member['id'])
- member = body['member']
- self.assertEqual(member['pool_id'], new_pool['id'])
- # Update member with old pool id, this is needed for clean up
- body = self.lbv1_client.update_member(self.member['id'],
- pool_id=self.pool['id'])
-
- @decorators.idempotent_id('0af2ff6b-a896-433d-8107-3c76262a9dfa')
- def test_update_member_weight(self):
- self.lbv1_client.update_member(self.member['id'],
- weight=2)
- body = self.lbv1_client.show_member(self.member['id'])
- member = body['member']
- self.assertEqual(2, member['weight'])
-
-
-@decorators.skip_because(bug="1402007")
-class LoadBalancerIpV6TestJSON(LoadBalancerTestJSON):
- _ip_version = 6
diff --git a/vmware_nsx_tempest/tests/nsxv/api/test_vlan_network.py b/vmware_nsx_tempest/tests/nsxv/api/test_vlan_network.py
deleted file mode 100644
index 4a7c395f65..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/api/test_vlan_network.py
+++ /dev/null
@@ -1,169 +0,0 @@
-# Copyright 2015 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import random
-
-from tempest import config
-
-from oslo_log import log as logging
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-import test_subnets as SNET
-
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-
-VLAN_PHYSICAL_NETWORK = CONF.nsxv.vlan_physical_network or None
-VLAN_ID_PROVIDER = CONF.nsxv.provider_vlan_id
-
-
-class VlanNetworksTestJSON(SNET.SubnetTestJSON):
- _interface = 'json'
- _vlanid = int(VLAN_ID_PROVIDER)
- _provider_network_body = {
- 'name': data_utils.rand_name('VLAN-%04d-network' % _vlanid),
- 'provider:network_type': 'vlan',
- 'provider:physical_network': VLAN_PHYSICAL_NETWORK,
- 'provider:segmentation_id': _vlanid}
-
- @classmethod
- def resource_setup(cls):
- cls.vlan_range = (2001, 2999)
- cls.vlan_assigned = []
- super(VlanNetworksTestJSON, cls).resource_setup()
-
- def get_next_vlan(self):
- next_vlan = self.next_vlan
- self.next_vlan += 1
- if self.next_vlan > self.vlan_range[1]:
- self.next_vlan = self.vlan_range[0]
- return next_vlan
-
- def get_vlan(self):
- for x in range(0, 10):
- next_vlan = random.randint(*self.vlan_range)
- if next_vlan in self.vlan_assigned:
- continue
- else:
- self.vlan_assigned.append(next_vlan)
- return next_vlan
- return 3000
-
- def _create_network(self, _auto_clean_up=True, network_name=None,
- **kwargs):
- segmentation_id = kwargs.pop('provider:segmentation_id', None)
- if not segmentation_id:
- segmentation_id = self.get_vlan()
- network_name = (network_name or
- data_utils.rand_name(
- 'vlan-' + str(segmentation_id) + '-netwk'))
- post_body = {'name': network_name,
- 'provider:network_type': 'vlan',
- 'provider:physical_network': VLAN_PHYSICAL_NETWORK,
- 'provider:segmentation_id': segmentation_id}
- post_body.update(kwargs)
- for k, v in post_body.items():
- if not v:
- post_body.pop(k)
- LOG.debug("create VLAN network: %s", str(post_body))
- body = self.create_network(**post_body)
- network = body['network']
- if _auto_clean_up:
- self.addCleanup(self._try_delete_network, network['id'])
- return network
-
- @decorators.idempotent_id('c5f98016-dee3-42f1-8c23-b9cd1e625561')
- def test_create_network(self):
- # Create a network as an admin user specifying the
- # vlan network type attribute
- provider_attrs = {
- 'provider:network_type': 'vlan',
- 'provider:physical_network': VLAN_PHYSICAL_NETWORK,
- 'provider:segmentation_id': 1002}
- network = self._create_network(_auto_clean_up=False, **provider_attrs)
- # Verifies parameters
- self.assertIsNotNone(network['id'])
- self.assertEqual(network.get('provider:network_type'), 'vlan')
- if VLAN_PHYSICAL_NETWORK:
- self.assertEqual(network.get('provider:physical_network'),
- VLAN_PHYSICAL_NETWORK)
- self.assertEqual(network.get('provider:segmentation_id'), 1002)
- self._delete_network(network['id'])
-
- @decorators.idempotent_id('714e69eb-bb31-4cfc-9804-8e988f04ca65')
- def test_update_network(self):
- # Update flat network as an admin user specifying the
- # flat network attribute
- net_profile = {'shared': True, '_auto_clean_up': False,
- 'provider:segmentation_id': 1003}
- network = self._create_network(**net_profile)
- self.assertEqual(network.get('shared'), True)
- new_name = network['name'] + "-updated"
- update_body = {'shared': False, 'name': new_name}
- body = self.update_network(network['id'], **update_body)
- updated_network = body['network']
- # Verify that name and shared parameters were updated
- self.assertEqual(updated_network['shared'], False)
- self.assertEqual(updated_network['name'], new_name)
- # get flat network attributes and verify them
- body = self.show_network(network['id'])
- updated_network = body['network']
- # Verify that name and shared parameters were updated
- self.assertEqual(updated_network['shared'], False)
- self.assertEqual(updated_network['name'], new_name)
- self.assertEqual(updated_network['status'], network['status'])
- self.assertEqual(updated_network['subnets'], network['subnets'])
- self._delete_network(network['id'])
-
- @decorators.idempotent_id('8a8b9f2c-37f8-4c53-b8e3-0c9c0910380f')
- def test_list_networks(self):
- # Create flat network
- net_profile = {'shared': True, '_auto_clean_up': False,
- 'provider:segmentation_id': 1004}
- network = self._create_network(**net_profile)
- # List networks as a normal user and confirm it is available
- body = self.list_networks(client=self.networks_client)
- networks_list = [net['id'] for net in body['networks']]
- self.assertIn(network['id'], networks_list)
- update_body = {'shared': False}
- body = self.update_network(network['id'], **update_body)
- # List networks as a normal user and confirm it is not available
- body = self.list_networks(client=self.networks_client)
- networks_list = [net['id'] for net in body['networks']]
- self.assertNotIn(network['id'], networks_list)
- self._delete_network(network['id'])
-
- @decorators.idempotent_id('5807958d-9ee2-48a5-937e-ddde092956a6')
- def test_show_network_attributes(self):
- # Create flat network
- net_profile = {'shared': True, '_auto_clean_up': False,
- 'provider:segmentation_id': 1005}
- network = self._create_network(**net_profile)
- # Show a flat network as a normal user and confirm the
- # flat network attribute is returned.
- body = self.show_network(network['id'], client=self.networks_client)
- show_net = body['network']
- self.assertEqual(network['name'], show_net['name'])
- self.assertEqual(network['id'], show_net['id'])
- # provider attributes are for admin only
- body = self.show_network(network['id'])
- show_net = body['network']
- net_attr_list = show_net.keys()
- for attr in ('admin_state_up', 'port_security_enabled', 'shared',
- 'status', 'subnets', 'tenant_id', 'router:external',
- 'provider:network_type', 'provider:physical_network',
- 'provider:segmentation_id'):
- self.assertIn(attr, net_attr_list)
- self._delete_network(network['id'])
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/__init__.py b/vmware_nsx_tempest/tests/nsxv/scenario/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/manager_topo_deployment.py b/vmware_nsx_tempest/tests/nsxv/scenario/manager_topo_deployment.py
deleted file mode 100644
index c5855f1c09..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/manager_topo_deployment.py
+++ /dev/null
@@ -1,818 +0,0 @@
-# Copyright 2015 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import collections
-import os
-import re
-import shlex
-import subprocess
-import time
-import traceback
-
-from tempest.common.utils.linux import remote_client
-from tempest.common import waiters
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import exceptions
-from tempest import test
-
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as HELO)
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-LOG = manager.log.getLogger(__name__)
-
-Floating_IP_tuple = collections.namedtuple(
- 'Floating_IP_tuple', ['floating_ip', 'server'])
-
-Z_VM2_DEST = "VM[%(h_ipaddr)s] %(msg)s [%(helper)s %(d_ipaddr)s]"
-
-# Before checking for floatingIP and server connectivity, we need to wait
-# x seconds for the control-plane to push configuration to data-plane
-# prior to process add/update/delete requests.
-WAITTIME_AFTER_DISASSOC_FLOATINGIP = CONF.scenario.waitfor_disassoc
-WAITTIME_AFTER_ASSOC_FLOATINGIP = CONF.scenario.waitfor_assoc
-WAITTIME_FOR_CONNECTIVITY = CONF.scenario.waitfor_connectivity
-DNS_SERVERS_IPV4 = CONF.network.dns_servers
-OUTSIDE_WORLD_SERVERS = CONF.scenario.outside_world_servers
-# iptype
-IPTYPE_FLOATING = 'floating-ip'
-IPTYPE_FIXED = 'fixed-ip'
-IPTYPE_OUTSIDE_SERVER = 'outside-server'
-
-
-class TopoDeployScenarioManager(manager.NetworkScenarioTest):
- """Purposes for TopoDeployScenarionManager:
-
- 1. Each deployment scenarion create its network resources, so
- call set_network_resource at setup_credentials() to overwrite it.
- 2. setUp() is for test framework. Test case topology is part of
- test and is configured during test() cycle.
- 3. net_resources.py overwrite resourses.py so the method to add
- interfaces to routers are inline with CLI, and support router
- owned by admin, but subnets are primary/alt clients.
- -- mechanism removed with patch 320495
- -- we are relaying on the test framework to delete resources
- in the reverse order of creating.
- 4. Ping is used for Data-plane testing. OUTSIDE_WORLD_SERVERS ping
- test make sense when tenant's DNS is pirvate to provider.
- 5. Teardown is high cost, each test should perform its un-config to
- complete the whole tenant life-cycle.
- WARNING: you need to increase your quota to run in parallel as
- you might run out of quota when things went wrong.
- """
-
- # defined at test.py; used to create client managers
- credentials = ['admin', 'primary', 'alt']
- # router attributes used to create the tenant's router
- tenant_router_attrs = {}
-
- @classmethod
- def skip_checks(cls):
- super(TopoDeployScenarioManager, cls).skip_checks()
- for ext in ['router', 'security-group']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
- @classmethod
- def check_preconditions(cls):
- super(TopoDeployScenarioManager, cls).check_preconditions()
- if not (CONF.network.project_networks_reachable or
- CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- cls.enabled = False
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- # Each client's network is created when client manager is created,
- # and client manager is created at setup_credentials.
- # topo-deploy scenarion manager asks not to create network resources.
- cls.set_network_resources(False, False, False, False)
- super(TopoDeployScenarioManager, cls).setup_credentials()
-
- @classmethod
- def resource_setup(cls):
- super(TopoDeployScenarioManager, cls).resource_setup()
- cls.namestart = 'topo-deploy-tenant'
- cls.public_network_id = CONF.network.public_network_id
- # The creation of the 2nd tenant is defined by class.credentials
- # cls.alt_manager = clients.Manager(credentials=cls.alt_credentials())
- cls.alt_tenant_id = cls.alt_manager.identity_client.tenant_id
-
- @classmethod
- def resource_cleanup(cls):
- super(TopoDeployScenarioManager, cls).resource_cleanup()
-
- def setUp(self):
- super(TopoDeployScenarioManager, self).setUp()
- self.cleanup_waits = []
- self.addCleanup(self._wait_for_cleanups)
- self.servers_on_net = {}
-
- def tearDown(self):
- super(TopoDeployScenarioManager, self).tearDown()
-
- def addCleanup_with_wait(self, waiter_callable, thing_id, thing_id_param,
- cleanup_callable, cleanup_args=None,
- cleanup_kwargs=None, waiter_client=None):
- """Adds wait for async resource deletion at the end of cleanups
-
- @param waiter_callable: callable to wait for the resource to delete
- with the following waiter_client if specified.
- @param thing_id: the id of the resource to be cleaned-up
- @param thing_id_param: the name of the id param in the waiter
- @param cleanup_callable: method to load pass to self.addCleanup with
- the following *cleanup_args, **cleanup_kwargs.
- usually a delete method.
- """
- if cleanup_args is None:
- cleanup_args = []
- if cleanup_kwargs is None:
- cleanup_kwargs = {}
- self.addCleanup(cleanup_callable, *cleanup_args, **cleanup_kwargs)
- wait_dict = {
- 'waiter_callable': waiter_callable,
- thing_id_param: thing_id
- }
- if waiter_client:
- wait_dict['client'] = waiter_client
- self.cleanup_waits.append(wait_dict)
-
- def _wait_for_cleanups(self):
- # To handle async delete actions, a list of waits is added
- # which will be iterated over as the last step of clearing the
- # cleanup queue. That way all the delete calls are made up front
- # and the tests won't succeed unless the deletes are eventually
- # successful. This is the same basic approach used in the api tests to
- # limit cleanup execution time except here it is multi-resource,
- # because of the nature of the scenario tests.
- for wait in self.cleanup_waits:
- waiter_callable = wait.pop('waiter_callable')
- waiter_callable(**wait)
-
- # overwrite parent class which does not accept NSX-v extension
- def _create_router(self, client_mgr=None, tenant_id=None,
- namestart='topo-deploy', **kwargs):
- client_mgr = client_mgr or self.manager
- routers_client = getattr(client_mgr, "routers_client")
- router = HELO.router_create(self, client=routers_client,
- tenant_id=tenant_id,
- namestart=namestart,
- **kwargs)
- return router
-
- def _router_set_gateway(self, router_id, network_id, client=None):
- routers_client = client or self.routers_client
- return HELO.router_gateway_set(self, router_id, network_id,
- client=routers_client)
-
- def _router_clear_gateway(self, router_id, client=None):
- routers_client = client or self.routers_client
- return HELO.router_gateway_clear(self, router_id,
- client=routers_client)
-
- def _router_update_extra_routes(self, router_id, routes, client=None):
- routers_client = client or self.routers_client
- router = routers_client.update_route(self, router_id,
- routes=routes)
- return router['router']
-
- def _router_delete_extra_routes(self, router_id, client=None):
- routers_client = client or self.routers_client
- return HELO.router_delete_extra_routes(self, router_id,
- routers_client)
-
- def _router_add_interface(self, net_router, net_subnet, client_mgr):
- routers_client = client_mgr.routers_client
- return HELO.router_interface_add(self, net_router['id'],
- net_subnet['id'], routers_client)
-
- def router_interface_add(self, router_id, subnet_id, client=None):
- routers_client = client or self.routers_client
- return HELO.router_interface_add(self, router_id, subnet_id,
- routers_client)
-
- def router_interface_delete(self, router_id, subnet_id, client=None):
- routers_client = client or self.routers_client
- return HELO.router_interface_delete(self, router_id, subnet_id,
- routers_client)
-
- def create_server_on_network(self, networks, security_groups=None,
- name=None, image=None, wait_on_boot=True,
- flavor=None, servers_client=None,
- key_name=None, tenant_id=None):
- name = name or data_utils.rand_name('topo-deploy-vm')
- if security_groups is None:
- security_groups = [{'name': 'default'}]
- if type(networks) in (list, tuple):
- network_ifs = [{'uuid': nw['id']} for nw in networks]
- else:
- network_ifs = [{'uuid': networks['id']}]
- create_kwargs = {
- 'networks': network_ifs,
- 'security_groups': security_groups,
- }
- if key_name:
- create_kwargs['key_name'] = key_name
- if tenant_id:
- if not (servers_client and servers_client.tenant_id == tenant_id):
- create_kwargs['tenant_id'] = tenant_id
- LOG.debug("TopoDeploy Create server name=%(name)s"
- ", create_kwargs=%(create_kwargs)s",
- {'name': name, 'create_kwargs': str(create_kwargs)})
- server = self.create_server(
- name=name, image=image, wait_on_boot=wait_on_boot,
- servers_client=servers_client, flavor=flavor,
- tenant_id=tenant_id, create_kwargs=create_kwargs)
- return server
-
- # overwrite parent classes; add servers_client
- # BUG https://bugs.launchpad.net/tempest/+bug/1416175
- def create_server(self, name=None, image=None, flavor=None,
- wait_on_boot=True, wait_on_delete=True,
- servers_client=None, tenant_id=None,
- create_kwargs=None):
- """Creates VM instance.
-
- @param image: image from which to create the instance
- @param wait_on_boot: wait for status ACTIVE before continue
- @param wait_on_delete: force synchronous delete on cleanup
- @param servers_client: the servers_client to create VM
- @param create_kwargs: additional details for instance creation
- @return: server dict
- """
- name = name or data_utils.rand_name('topo-deploy-vm')
- image = image or CONF.compute.image_ref
- flavor = flavor or CONF.compute.flavor_ref
- servers_client = servers_client or self.servers_client
- create_kwargs = create_kwargs or {}
- if type(tenant_id) in (str, unicode):
- if servers_client.tenant_id != tenant_id:
- create_kwargs['tenant_id'] = tenant_id
-
- xmsg = ("Creating a server name=%(name)s, image=%(image)s"
- ", flavor=%(flavor)s, create_kwargs=%(create_kwargs)s" %
- {'name': name, 'image': image, 'flavor': flavor,
- 'create_kwargs': str(create_kwargs)})
- LOG.debug(xmsg)
- server_resp = servers_client.create_server(
- name=name, imageRef=image, flavorRef=flavor, **create_kwargs)
- server = server_resp['server']
- if wait_on_delete:
- self.addCleanup(
- waiters.wait_for_server_termination,
- servers_client, server['id'])
- self.addCleanup_with_wait(
- waiter_callable=waiters.wait_for_server_termination,
- thing_id=server['id'], thing_id_param='server_id',
- waiter_client=servers_client,
- cleanup_callable=test_utils.call_and_ignore_notfound_exc,
- cleanup_args=[servers_client.delete_server, server['id']])
- if wait_on_boot:
- waiters.wait_for_server_status(
- client=servers_client,
- server_id=server['id'], status='ACTIVE')
- # The instance retrieved on creation is missing network
- # details, necessitating retrieval after it becomes active to
- # ensure correct details.
- server_resp = servers_client.show_server(server['id'])
- server = server_resp['server']
- self.assertEqual(server['name'], name)
- self.servers_on_net[server['id']] = server
- return server
-
- def create_provider_network(self, client_mgr=None, create_body=None):
- name = create_body.get('name', None) or data_utils.rand_name('P-net')
- create_body['name'] = name
- client_mgr = client_mgr or self.admin_manager
- net_network = HELO.create_network(
- self, client=client_mgr.networks_client, **create_body)
- return net_network
-
- def create_provider_subnet(self, client_mgr=None, create_body=None):
- client_mgr = client_mgr or self.admin_manager
- subnets_client = client_mgr.subnets_client
- body = subnets_client.create_subnet(**create_body)
- net_subnet = body['subnet']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- subnets_client.delete_subnet,
- net_subnet['id'])
- return net_subnet
-
- def setup_project_network(self, external_network_id,
- client_mgr=None,
- namestart=None, client=None,
- tenant_id=None, cidr_offset=0,
- **kwargs):
- """NOTE:
-
- Refer to create_networks@scenario/manager.py which might refer
- to public_router_id which we dont' want to use.
-
- The test class can define class variable tenant_router_attrs
- to create different type of routers, or overwrite with kwargs.
- """
- name = namestart or data_utils.rand_name('topo-deploy-tenant')
- client_mgr = client_mgr or self.manager
- # _create_router() edits distributed and router_type
- # Child classes use class var tenant_router_attrs to define
- # tenant's router type, however, caller can overwrite it with kwargs.
- distributed = kwargs.get('distributed',
- self.tenant_router_attrs.get('distributed'))
- router_type = kwargs.get('router_type',
- self.tenant_router_attrs.get('router_type'))
- net_router = self._create_router(
- client_mgr=client_mgr, tenant_id=tenant_id,
- namestart=name,
- distributed=distributed, router_type=router_type)
- self._router_set_gateway(net_router['id'], external_network_id,
- client=client_mgr.routers_client)
- net_network, net_subnet = self.create_network_subnet(
- client_mgr=client_mgr, name=net_router['name'],
- tenant_id=tenant_id, cidr_offset=cidr_offset)
- self._router_add_interface(net_router, net_subnet, client_mgr)
- return net_network, net_subnet, net_router
-
- def create_network_subnet(self, client_mgr=None,
- tenant_id=None, name=None, cidr_offset=0):
- client_mgr = client_mgr or self.manager
- tenant_id = tenant_id or _g_tenant_id(client_mgr.networks_client)
- name = name or data_utils.rand_name('topo-deploy-network')
- net_network = self.create_network(
- client=client_mgr.networks_client,
- tenant_id=tenant_id, name=name)
- net_subnet = self.create_subnet(
- client=client_mgr.subnets_client,
- network=net_network,
- cidr_offset=cidr_offset, name=net_network['name'])
- return net_network, net_subnet
-
- # cloned from _create_network@manager.py. Allow name parameter
- def create_network(self, client=None, tenant_id=None, name=None,
- **kwargs):
- networks_client = client or self.networks_client
- tenant_id = tenant_id or _g_tenant_id(networks_client)
- name = name or data_utils.rand_name('topo-deploy-network')
- return HELO.create_network(self, client=networks_client,
- tenant_id=tenant_id, name=name,
- **kwargs)
-
- def create_subnet(self, network, client=None,
- gateway='', cidr=None, mask_bits=None,
- ip_version=None, cidr_offset=0,
- allocation_pools=None, dns_nameservers=None,
- **kwargs):
- subnets_client = client or self.subnets_client
- kwargs.update(client=subnets_client, gateway=gateway,
- cidr=cidr, cidr_offset=cidr_offset,
- mask_bits=mask_bits, ip_version=ip_version,
- allocation_pools=allocation_pools,
- dns_nameservers=dns_nameservers)
- return HELO.create_subnet(self, network, **kwargs)
-
- def create_floatingip_for_server(self, server, external_network_id=None,
- port_id=None, client_mgr=None,
- and_check_assigned=True):
- client_mgr = client_mgr or self.manager
- net_floatingip = self.create_floating_ip(
- server,
- external_network_id=external_network_id,
- port_id=port_id,
- client=client_mgr.floating_ips_client)
- if port_id:
- # attached to port, will not check ip assignement & reachability
- return net_floatingip
- serv_fip = net_floatingip['floating_ip_address']
- # in some condiction, remove the serv_fip from your local known_hosts
- # can solve the ssh "Connection refused" problem.
- rm_sshkey(serv_fip)
- if not and_check_assigned:
- # caller will do the floatingip assigned to server and ping tests
- return net_floatingip
- self._waitfor_floatingip_assigned_to_server(client_mgr.servers_client,
- server.get('id'))
- server_pingable = self._waitfor_associated_floatingip(net_floatingip)
- STEPINTO_DEBUG_IF_TRUE(not server_pingable)
- self.assertTrue(
- server_pingable,
- msg=("Expect server to be reachable after"
- " floating-ip[%s] assigned." % serv_fip))
- return net_floatingip
-
- def _waitfor_floatingip_assigned_to_server(self, server_client, server_id,
- on_network=None,
- extra_timeout=60):
- timeout = server_client.build_timeout + extra_timeout
- interval = server_client.build_interval
- start_time = time.time()
- while time.time() - start_time < timeout:
- sv = server_client.show_server(server_id)
- sv = sv.get('server', sv)
- fip = self.get_server_ip_address(sv, 'floating')
- if fip:
- elapse_time = time.time() - start_time
- xmsg = ("%s Take %d seconds to assign floatingip to server[%s]"
- % ("OS-STATS:", int(elapse_time), sv.get('name')))
- LOG.debug(xmsg)
- return fip
- time.sleep(interval)
- raise Exception(
- "Server[%s] did not get its floatingip in %s seconds" %
- (server_id, timeout))
-
- def get_server_ip_address(self, server, ip_type='fixed',
- network_name=None):
- if network_name and server['addresses'].get(network_name):
- s_if = network_name
- else:
- s_if = server['addresses'].keys()[0]
-
- for s_address in server['addresses'][s_if]:
- if s_address['OS-EXT-IPS:type'] == ip_type:
- return s_address.get('addr')
- return None
-
- def _waitfor_associated_floatingip(self, net_floatingip):
- host_ip = net_floatingip['floating_ip_address']
- return self.waitfor_host_connected(host_ip)
-
- def waitfor_host_connected(self, host_ip, ping_timeout=5, msg=None):
- PING_START = 'ping-progress-start'
- PING_INSESSION = 'ping-progress-in-session'
- PING_DONE = 'ping-progress-completed'
- PING_TIMEOUT = 'ping-progress-timeout'
- if msg and type(msg) in (str, unicode):
- xmsg = ("waitfor_host_connected ip=%(ip)s! %(msg)s" %
- {'ip': host_ip, 'msg': msg})
- LOG.debug(xmsg)
- t0 = time.time()
- t1 = time.time() + WAITTIME_FOR_CONNECTIVITY
- LOG.debug("VM-IP[%(ip)s] %(msg)s: %(t1)s.",
- {'ip': host_ip, 'msg': PING_START, 't1': t0})
- while (time.time() < t1):
- # waitfor backend to create floatingip & linkages
- time.sleep(WAITTIME_AFTER_ASSOC_FLOATINGIP)
- server_pingable = self.ping_ip_address(
- host_ip, ping_timeout=ping_timeout)
- if server_pingable:
- xmsg = ("VM-IP[%(ip)s] %(msg)s: %(t1)s (%(t2)s)." %
- {'ip': host_ip, 'msg': PING_DONE,
- 't1': time.time(), 't2': (time.time() - t0)})
- LOG.debug(xmsg)
- break
- xmsg = ("VM-IP[%(ip)s] %(msg)s, redo after %(t1)s seconds." %
- {'ip': host_ip, 'msg': PING_INSESSION,
- 't1': WAITTIME_AFTER_ASSOC_FLOATINGIP})
- LOG.debug(xmsg)
- if not server_pingable:
- xmsg = ("VM-IP[%(ip)s] %(msg)s: %(t1)s (%(t2)s)." %
- {'ip': host_ip, 'msg': PING_TIMEOUT,
- 't1': time.time(), 't2': (time.time() - t0)})
- LOG.debug(xmsg)
- return server_pingable
-
- def disassociate_floatingip(self, net_floatingip, client=None,
- and_delete=False):
- floating_ips_client = client or self.floating_ips_client
- kwargs = dict(port_id=None)
- floating_ip = floating_ips_client.update_floatingip(
- net_floatingip['id'], **kwargs)
- floating_ip = floating_ip.get('floatingip', floating_ip)
- self.assertIsNone(floating_ip['port_id'])
- if and_delete:
- floating_ips_client.delete_floatingip(floating_ip['id'])
- return floating_ip
-
- def associate_floatingip(self, net_floatingip, to_server, client=None):
- floating_ips_client = client or self.floating_ips_client
- port_id, _ = self._get_server_port_id_and_ip4(to_server)
- kwargs = dict(port_id=port_id)
- floating_ip = floating_ips_client.update_floatingip(
- net_floatingip['id'], **kwargs)['floatingip']
- self.assertEqual(port_id, floating_ip['port_id'])
- return floating_ip
-
- def check_networks(self, net_network, net_subnet=None, net_router=None):
- return HELO.check_networks(self, net_network, net_subnet, net_router)
-
- # use this carefully, as it expect existence of floating_ip_tuple
- def check_public_network_connectivity(self, should_connect=True,
- msg=None, ping_timeout=30):
- """Verifies connectivty
-
- To a VM via public network and floating IP, and verifies
- floating IP has resource status is correct.
-
- @param should_connect: bool. determines if connectivity check is
- negative or positive.
- @param msg: Failure message to add to Error message. Should describe
- the place in the test scenario where the method was called,
- to indicate the context of the failure
- """
- floating_ip, server = self.floating_ip_tuple
- return self._check_floatingip_connectivity(
- floating_ip, server, should_connect, msg, ping_timeout)
-
- def _check_floatingip_connectivity(self, floating_ip, server,
- should_connect=True,
- msg=None, ping_timeout=30,
- floating_ips_client=None):
- ip_address = floating_ip['floating_ip_address']
- floatingip_status = 'ACTIVE' if should_connect else 'DOWN'
- is_pingable = self.ping_ip_address(ip_address,
- ping_timeout=ping_timeout)
- msg = msg if msg else (
- "Timeout out waiting for %s to become reachable" % ip_address)
- if should_connect:
- self.assertTrue(is_pingable, msg=msg)
- else:
- self.assertFalse(is_pingable, msg=msg)
- self.check_floating_ip_status(floating_ip, floatingip_status,
- floating_ips_client)
-
- def check_floating_ip_status(self, floating_ip, status,
- floating_ips_client=None):
- """Verifies floatingip reaches the given status
-
- :param dict floating_ip: floating IP dict to check status
- :param status: target status
- :raises: AssertionError if status doesn't match
- """
- floating_ips_client = floating_ips_client or self.floating_ips_client
- floatingip_id = floating_ip['id']
-
- def refresh():
- result = (floating_ips_client.
- show_floatingip(floatingip_id)['floatingip'])
- return status == result['status']
-
- test_utils.call_until_true(refresh,
- CONF.network.build_timeout,
- CONF.network.build_interval)
- floating_ip = floating_ips_client.show_floatingip(
- floatingip_id)['floatingip']
- self.assertEqual(status, floating_ip['status'],
- message="FloatingIP: {fp} is at status: {cst}. "
- "failed to reach status: {st}"
- .format(fp=floating_ip, cst=floating_ip['status'],
- st=status))
- LOG.info("FloatingIP: {fp} is at status: {st}"
- .format(fp=floating_ip, st=status))
-
- def get_image_userpass(self):
- return (CONF.validation.image_ssh_user,
- CONF.validation.image_ssh_password)
-
- def get_server_image(self):
- return CONF.compute.image_ref
-
- def get_server_flavor(self):
- return CONF.compute.flavor_ref
-
-
-# common utilities
-def make_node_info(net_floatingip, username, password,
- include_outside_servers=False):
- floating_ip_address = net_floatingip['floating_ip_address']
- fixed_ip_address = net_floatingip['fixed_ip_address']
- node = dict(ipaddr=floating_ip_address,
- username=username, password=password)
- node['dest'] = [dict(ipaddr=floating_ip_address,
- reachable=None, helper=IPTYPE_FLOATING),
- dict(ipaddr=fixed_ip_address,
- reachable=None, helper=IPTYPE_FIXED)]
- if include_outside_servers:
- outside_servers = dict(ipaddr=OUTSIDE_WORLD_SERVERS[0],
- reachable=None, helper=IPTYPE_OUTSIDE_SERVER)
- node['dest'].append(outside_servers)
-
- return node
-
-
-# we want to check the dest[iptype] is not reachable for
-# at least (x_contd=2+=1 to make it is not really reachable.
-def check_host_not_reachable(host, dest_list, iptype_list,
- time_out=10, repeat_cnt=12,
- x_contd=2):
- not_connected = 0
- for x in range(0, 12):
- not_reachable = check_host_is_reachable(
- host, dest_list, iptype_list, time_out=time_out)
- if not_reachable:
- not_connected += 1
- else:
- not_connected = 0
- if not_connected > x_contd:
- return True
- return False
-
-
-# check_hosts_connectivity
-def check_host_is_reachable(host, dest_list, iptype_list, time_out=120):
- rm_sshkey(host['ipaddr'])
- ssh_client = get_remote_client_by_password(host['ipaddr'],
- host['username'],
- host['password'])
- n_not_reachable = 0
- for dest in dest_list:
- for iptype in iptype_list:
- if not dest_has_iptype(dest, iptype):
- dest['reachable'] = None
- continue
- dest['reachable'] = is_reachable(
- ssh_client, dest['ipaddr'], time_out=time_out)
- if not dest['reachable']:
- n_not_reachable += 1
- xmsg = {'h_ipaddr': host['ipaddr'],
- 'msg': "can-not-reach-dest",
- 'helper': dest['helper'],
- 'd_ipaddr': dest['ipaddr']}
- LOG.debug(Z_VM2_DEST, xmsg)
- else:
- xmsg = {'h_ipaddr': host['ipaddr'],
- 'msg': "can-not-dest",
- 'helper': dest['helper'],
- 'd_ipaddr': dest['ipaddr']}
- LOG.debug(Z_VM2_DEST, xmsg)
- return (False if n_not_reachable else True)
-
-
-def dest_has_iptype(dest, iptype):
- if ('helper' in dest and
- re.search(iptype, dest['helper'], re.I)):
- return True
- return False
-
-
-def check_hosts_connectivity(host, dest_list, ignore_helper=None,
- time_out=120):
- rm_sshkey(host['ipaddr'])
- ssh_client = get_remote_client_by_password(host['ipaddr'],
- host['username'],
- host['password'])
- n_not_reachable = 0
- for dest in dest_list:
- # caller can say to ignore dest ipaddr
- if ('helper' in dest and type(ignore_helper) in (str, unicode) and
- re.search(ignore_helper, dest['helper'], re.I)):
- dest['reachable'] = None
- continue
- dest['reachable'] = is_reachable(ssh_client, dest['ipaddr'],
- time_out=time_out)
- if not dest['reachable']:
- n_not_reachable += 1
- xmsg = {'h_ipaddr': host['ipaddr'],
- 'msg': "can-not-reach-dest",
- 'helper': dest['helper'],
- 'd_ipaddr': dest['ipaddr']}
- LOG.debug(Z_VM2_DEST, xmsg)
- else:
- xmsg = {'h_ipaddr': host['ipaddr'],
- 'msg': "can-reach-dest",
- 'helper': dest['helper'],
- 'd_ipaddr': dest['ipaddr']}
- LOG.debug(Z_VM2_DEST, xmsg)
-
- return n_not_reachable
-
-
-def rm_sshkey(ip_addr):
- # ssh-keygen -f "/home/stack/.ssh/known_hosts" -R 10.34.57.3
- kh_file = os.path.join(os.environ.get('HOME', '/home/stack'),
- '.ssh/known_hosts')
- cmd = ['ssh-keygen', '-f', kh_file, '-R', ip_addr]
-
- proc = subprocess.Popen(cmd, stdout=subprocess.PIPE,
- stderr=subprocess.PIPE)
- proc.communicate()
- return proc.returncode
-
-
-def is_reachable(ssh_client, dest_ip, time_out=60.0, ping_timeout=5.0):
- for now in run_till_timeout(time_out, ping_timeout):
- reachable = dest_is_reachable(ssh_client, dest_ip)
- if reachable:
- return True
- LOG.debug("DEST[%(ip)s] NOT-REACHABLE, retry in %(t1)s seconds.",
- {'ip': dest_ip, 't1': time_out})
- return False
-
-
-def isnot_reachable(ssh_client, dest_ip, time_out=60.0, ping_timeout=5.0,
- idle_time=2.0):
- if idle_time > 0.0:
- time.sleep(idle_time)
- for now in run_till_timeout(time_out, ping_timeout):
- reachable = dest_is_reachable(ssh_client, dest_ip)
- if not reachable:
- return True
- LOG.debug("DEST[%(ip)s] IS-REACHABLE, retry in %(t1)s seconds.",
- {'ip': dest_ip, 't1': time_out})
- return False
-
-
-def dest_is_reachable(ssh_client, dest_ip):
- XPTN = r"(\d+).*transmit.*(\d+).*receive.*(\d+).*loss"
- try:
- result = ssh_client.ping_host(dest_ip)
- m = re.search(XPTN, result, (re.I | re.M))
- if m and int(m.group(1)) > 0 and int(m.group(3)) == 0:
- return True
- else:
- return False
- except Exception:
- tb_str = traceback.format_exc()
- mesg = ("ERROR on testing dest_ip[%s] is reachable:\n%s" %
- (dest_ip, tb_str))
- LOG.debug(mesg)
- return False
-
-
-def run_till_timeout(seconds_to_try, interval=5.0):
- now, end_time = time.time(), time.time() + seconds_to_try
- while now < end_time:
- yield now
- time.sleep(interval)
- now = time.time()
-
-
-def _g_tenant_id(os_client):
- try:
- return os_client.tenant_id
- except Exception:
- return os_client.rest_client.tenant_id
-
-
-def get_remote_client_by_password(client_ip, username, password):
- ssh_client = remote_client.RemoteClient(client_ip, username, password)
- return ssh_client
-
-
-def delete_all_servers(tenant_servers_client, trys=5):
- # try at least trys+1 time to delete servers, otherwise
- # network resources can not be deleted
- for s in tenant_servers_client.list_servers()['servers']:
- tenant_servers_client.delete_server(s['id'])
- for x in range(0, trys):
- try:
- waitfor_servers_terminated(tenant_servers_client)
- return
- except Exception:
- pass
- # last try
- waitfor_servers_terminated(tenant_servers_client)
-
-
-def waitfor_servers_terminated(tenant_servers_client, pause=2.0):
- while (True):
- s_list = tenant_servers_client.list_servers()['servers']
- if len(s_list) < 1:
- return
- time.sleep(pause)
-
-
-def copy_file_to_host(file_from, dest, host, username, pkey):
- dest = "%s@%s:%s" % (username, host, dest)
- cmd = "scp -v -o UserKnownHostsFile=/dev/null " \
- "-o StrictHostKeyChecking=no " \
- "-i %(pkey)s %(file1)s %(dest)s" % {'pkey': pkey,
- 'file1': file_from,
- 'dest': dest}
- args = shlex.split(cmd.encode('utf-8'))
- subprocess_args = {'stdout': subprocess.PIPE,
- 'stderr': subprocess.STDOUT}
- proc = subprocess.Popen(args, **subprocess_args)
- stdout, stderr = proc.communicate()
- if proc.returncode != 0:
- raise exceptions.SSHExecCommandFailed(cmd,
- proc.returncode,
- stdout,
- stderr)
- return stdout
-
-
-def STEPINTO_DEBUG_IF_TRUE(want2debug=False):
- """Betting you are not set OS_TEST_TIMEOUT=24-hours running tempest"""
- t_timeout = int(os.environ.get('OS_TEST_TIMEOUT', 0))
- if want2debug and t_timeout > 86400:
- # uncomment following statements to turn on debuggging
- # import pdb
- # pdb.set_trace()
- pass
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/network_addon_methods.py b/vmware_nsx_tempest/tests/nsxv/scenario/network_addon_methods.py
deleted file mode 100644
index 768fd6d8be..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/network_addon_methods.py
+++ /dev/null
@@ -1,286 +0,0 @@
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-# This module contains the methods added to test class that to be shared by
-# scenario tests that are inherent from tempest/scneario/manager.py or
-# manager_topo_deployment.py
-
-import netaddr
-from oslo_log import log
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import exceptions
-
-CONF = config.CONF
-LOG = log.getLogger(__name__)
-NO_ROUTER_TYPE = CONF.nsxv.no_router_type
-
-
-# following router methods are not support by upstream tempest,
-def router_create(SELF, client=None, tenant_id=None,
- namestart='nsxv-router',
- admin_state_up=True, **kwargs):
- routers_client = client or SELF.routers_client
- no_router_type = kwargs.pop('no_router_type', False)
- if tenant_id:
- if routers_client.tenant_id != tenant_id:
- kwargs['tenant_id'] = tenant_id
- distributed = kwargs.pop('distributed', None)
- router_type = kwargs.pop('router_type', None)
- if distributed:
- kwargs['distributed'] = True
- elif router_type in ('shared', 'exclusive'):
- kwargs['router_type'] = router_type
- name = kwargs.pop('name', None) or data_utils.rand_name(namestart)
- kwargs['name'] = name
- kwargs['admin_state_up'] = admin_state_up
- if NO_ROUTER_TYPE or no_router_type:
- # router_type is NSX-v extension.
- # caller can set no_router_type=True to remove it
- kwargs.pop('router_type', None)
- result = routers_client.create_router(**kwargs)
- router = result['router']
- SELF.addCleanup(test_utils.call_and_ignore_notfound_exc,
- routers_client.delete_router, router['id'])
- SELF.assertEqual(router['name'], name)
- return router
-
-
-def router_delete(SELF, router_id):
- routers_client = SELF.routers_client
- routers_client.delete_router(router_id)
-
-
-def router_gateway_set(SELF, router_id, network_id, client=None):
- routers_client = client or SELF.routers_client
- routers_client.update_router(
- router_id,
- external_gateway_info=dict(network_id=network_id))
- SELF.addCleanup(test_utils.call_and_ignore_notfound_exc,
- router_gateway_clear, SELF,
- router_id, client=routers_client)
- router = routers_client.show_router(router_id)
- return router.get('router', router)
-
-
-def router_gateway_clear(SELF, router_id, client=None):
- routers_client = client or SELF.routers_client
- routers_client.update_router(
- router_id,
- external_gateway_info=dict())
- router = routers_client.show_router(router_id)
- return router.get('router', router)
-
-
-def router_update_extra_routes(SELF, router_id, routes, client=None):
- routers_client = client or SELF.routers_client
- router = routers_client.update_route(router_id, routes=routes)
- return router.get('router', router)
-
-
-def router_delete_extra_routes(SELF, router_id, client=None):
- routers_client = client or SELF.routers_client
- router = routers_client.update_route(router_id, routes=None)
- return router.get('router', router)
-
-
-def router_interface_add(SELF, router_id, subnet_id, client=None):
- routers_client = client or SELF.routers_client
- routers_client.add_router_interface(router_id,
- subnet_id=subnet_id)
- SELF.addCleanup(test_utils.call_and_ignore_notfound_exc,
- routers_client.remove_router_interface,
- router_id, subnet_id=subnet_id)
-
-
-def router_interface_delete(SELF, router_id, subnet_id, client=None):
- routers_client = client or SELF.routers_client
- routers_client.remove_router_interface(router_id, subnet_id=subnet_id)
-
-
-def router_add_interface(SELF, net_router, net_subnet, client_mgr):
- routers_client = client_mgr.routers_client
- return router_interface_add(SELF, net_router['id'], net_subnet['id'],
- routers_client)
-
-
-def router_port_interface_add(SELF, router_id, port_id, client=None):
- routers_client = client or SELF.routers_client
- routers_client.add_router_interface(router_id,
- port_id=port_id)
- SELF.addCleanup(test_utils.call_and_ignore_notfound_exc,
- routers_client.remove_router_interface,
- router_id, port_id=port_id)
-
-
-def router_add_port_interface(SELF, net_router, net_port, client_mgr):
- routers_client = client_mgr.routers_client
- return router_port_interface_add(SELF, net_router['id'], net_port['id'],
- routers_client)
-
-
-def check_networks(SELF, t_network, t_subnet=None, t_router=None):
- """Checks that we see the newly created network/subnet/router.
-
- checking the result of list_[networks,routers,subnets]
- """
-
- seen_nets = SELF.admin_manager.networks_client.list_networks()['networks']
- seen_names = [n['name'] for n in seen_nets]
- seen_ids = [n['id'] for n in seen_nets]
- SELF.assertIn(t_network['name'], seen_names)
- SELF.assertIn(t_network['id'], seen_ids)
-
- if t_subnet:
- seen_subnets = SELF.admin_manager.subnets_client.list_subnets()
- seen_net_ids = [n['network_id'] for n in seen_subnets['subnets']]
- seen_subnet_ids = [n['id'] for n in seen_subnets['subnets']]
- SELF.assertIn(t_network['id'], seen_net_ids)
- SELF.assertIn(t_subnet['id'], seen_subnet_ids)
-
- if t_router:
- seen_routers = SELF.admin_manager.routers_client.list_routers()
- seen_router_ids = [n['id'] for n in seen_routers['routers']]
- seen_router_names = [n['name'] for n in seen_routers['routers']]
- SELF.assertIn(t_router['name'],
- seen_router_names)
- SELF.assertIn(t_router['id'],
- seen_router_ids)
-
-
-def create_network_subnet(SELF, client_mgr=None, name=None,
- tenant_id=None, cidr_offset=0):
- client_mgr = client_mgr or SELF.manager
- networks_client = client_mgr.networks_client
- subnets_client = client_mgr.subnets_client
- tenant_id = tenant_id or networks_client.tenant_id
- name = name or data_utils.rand_name('network')
- net_network = create_network(SELF, client=networks_client,
- tenant_id=tenant_id, name=name)
- net_subnet = create_subnet(SELF, client=subnets_client,
- network=net_network,
- name=net_network['name'],
- cidr_offset=cidr_offset)
- return net_network, net_subnet
-
-
-# cloned from _create_network@manager.py. Allow name parameter
-def create_network(SELF, client=None, tenant_id=None, name=None, **kwargs):
- networks_client = client or SELF.networks_client
- tenant_id = tenant_id or networks_client.tenant_id
- name = name or data_utils.rand_name('network')
- body = networks_client.create_network(name=name,
- tenant_id=tenant_id,
- **kwargs)
- net_network = body['network']
- SELF.addCleanup(test_utils.call_and_ignore_notfound_exc,
- networks_client.delete_network,
- net_network['id'])
- SELF.assertEqual(net_network['name'], name)
- return net_network
-
-
-def create_port(SELF, client=None, **kwargs):
- if not client:
- client = SELF.port_client
- result = client.create_port(**kwargs)
- net_port = result['port']
- SELF.assertIsNotNone(result, 'Unable to allocate port')
- SELF.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_port,
- net_port['id'])
-
- return net_port
-
-
-# gateway=None means don't set gateway_ip in subnet
-def create_subnet(SELF, network, client=None,
- gateway='', cidr=None, mask_bits=None,
- ip_version=None, cidr_offset=0,
- allocation_pools=None, dns_nameservers=None,
- **kwargs):
- subnets_client = client or SELF.subnets_client
- network_id = network['id']
- ip_version = ip_version or 4
- post_body = get_subnet_create_options(
- network_id, ip_version,
- gateway=gateway, cidr=cidr, cidr_offset=cidr_offset,
- mask_bits=mask_bits, **kwargs)
- if allocation_pools:
- post_body['allocation_pools'] = allocation_pools
- if dns_nameservers:
- post_body['dns_nameservers'] = dns_nameservers
- LOG.debug("create_subnet args: %s", post_body)
- body = subnets_client.create_subnet(**post_body)
- net_subnet = body['subnet']
- SELF.addCleanup(test_utils.call_and_ignore_notfound_exc,
- subnets_client.delete_subnet,
- net_subnet['id'])
- return net_subnet
-
-
-# utilities
-def get_subnet_create_options(network_id, ip_version=4,
- gateway='', cidr=None, mask_bits=None,
- num_subnet=1, gateway_offset=1, cidr_offset=0,
- **kwargs):
- """When cidr_offset>0 it request only one subnet-options:
-
- subnet = get_subnet_create_options('abcdefg', 4, num_subnet=4)[3]
- subnet = get_subnet_create_options('abcdefg', 4, cidr_offset=3)
- """
-
- gateway_not_set = (gateway == '')
- if ip_version == 4:
- cidr = cidr or netaddr.IPNetwork(CONF.network.project_network_cidr)
- mask_bits = mask_bits or CONF.network.project_network_mask_bits
- elif ip_version == 6:
- cidr = (
- cidr or netaddr.IPNetwork(CONF.network.project_network_v6_cidr))
- mask_bits = mask_bits or CONF.network.project_network_v6_mask_bits
- # Find a cidr that is not in use yet and create a subnet with it
- subnet_list = []
- if cidr_offset > 0:
- num_subnet = cidr_offset + 1
- for subnet_cidr in cidr.subnet(mask_bits):
- if gateway_not_set:
- gateway_ip = gateway or (
- str(netaddr.IPAddress(subnet_cidr) + gateway_offset))
- else:
- gateway_ip = gateway
- try:
- subnet_body = dict(network_id=network_id,
- cidr=str(subnet_cidr),
- ip_version=ip_version,
- gateway_ip=gateway_ip,
- **kwargs)
- if num_subnet <= 1:
- return subnet_body
- subnet_list.append(subnet_body)
- if len(subnet_list) >= num_subnet:
- if cidr_offset > 0:
- # user request the 'cidr_offset'th of cidr
- return subnet_list[cidr_offset]
- # user request list of cidr
- return subnet_list
- except exceptions.BadRequest as e:
- is_overlapping_cidr = 'overlaps with another subnet' in str(e)
- if not is_overlapping_cidr:
- raise
- else:
- message = 'Available CIDR for subnet creation could not be found'
- raise exceptions.BuildErrorException(message)
- return {}
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_admin_policy_basic_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_admin_policy_basic_ops.py
deleted file mode 100644
index 9a43437235..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_admin_policy_basic_ops.py
+++ /dev/null
@@ -1,594 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import time
-
-import six
-from tempest.common import waiters
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- manager_topo_deployment as dmgr)
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as HELO)
-
-CONF = config.CONF
-LOG = dmgr.manager.log.getLogger(__name__)
-
-
-class TestAdminPolicyBasicOps(dmgr.TopoDeployScenarioManager):
- """Test VMs with security-group-policy traffic is managed by NSX
-
- Test topology:
- TOPO:
-
- logical-router nasa-router] -- [ public GW]
- |
- +--- [Tenant jpl interface/subnet x.y.34.0/24]
- | | |
- | + [vm-nasa-jpl-3] + [vm-nasa-jpl-4]
- |
- +--- [Tenant ames interface/subnet x.y.12.0/24]
- | | |
- | + [vm-nasa-ames-1] + [vm-nasa-ames-2]
-
- Test topology setup and traffic forwarding validation:
-
- 1. 2 tenants (ames, jpl) each tenant has 2 VMs, and boot with
- security-group with policy==policy_AA which must allow
- ping and ssh services as automation relys on this to make
- sure test environment network connectivity is an OK.
- NOTE:
- primary user: ames -- NASA Ames Research Center
- alt user: jpl -- NASA Jet Propulsion Laboratory
- 2. Admin create router (nasa-router) with both tenants' network
- so tenant:ames and tenant:jpl can talk to each other
- according to policy_AA.
- 3. under policy_AA, all servers can be ping and ssh from anywhere
- 4. Admin change tenant:jpl's policy to policy_BB
- 5. Tenant jpl's VMs are not pingable, ssh still OK
- Tenant ames's MVs, both ping and ssh are OK
- 6. Admin change tenant:ames's policy to policy_BB
- VMs from ames and jpl are not pingalbe; ssh is OK
-
- ATTENTION:
- config nsxv.default_policy_id is policy_AA
- config nsxv.alt_policy_is is policy_BB
-
- The testbed needs to have policy_AA and policy_BB created
- and matched with the default_policy_id & alt_plicy_id under
- session nsxv of tempest.conf or devstack local.conf.
-
- Test Configuration setup:
- please refer to vmware_nsx_tempest/doc/README-AdminPolicy.rst
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestAdminPolicyBasicOps, cls).skip_checks()
- if not test.is_extension_enabled('security-group-policy', 'network'):
- msg = "Extension security-group-policy is not enabled."
- raise cls.skipException(msg)
- if not (CONF.nsxv.alt_policy_id.startswith('policy-') and
- CONF.nsxv.default_policy_id.startswith('policy-')):
- msg = "default and alt policy ids not set correctly."
- raise cls.skipException(msg)
-
- @classmethod
- def setup_clients(cls):
- super(TestAdminPolicyBasicOps, cls).setup_clients()
- cls.cmgr_adm = cls.get_client_manager('admin')
- cls.cmgr_ames = cls.get_client_manager('primary')
- cls.cmgr_jpl = cls.get_client_manager('alt')
-
- @classmethod
- def resource_setup(cls):
- super(TestAdminPolicyBasicOps, cls).resource_setup()
- cls.policy_AA = CONF.nsxv.default_policy_id
- cls.policy_BB = CONF.nsxv.alt_policy_id
- cls.conn_timeout = CONF.scenario.waitfor_connectivity
-
- @classmethod
- def resource_cleanup(cls):
- super(TestAdminPolicyBasicOps, cls).resource_cleanup()
-
- def setUp(self):
- super(TestAdminPolicyBasicOps, self).setUp()
- self.server_id_list = []
- self.exc_step = 0
- self.exc_msg = ("Admin-Policy-Traffic-Forwarding"
- " Validation Steps:\n")
-
- def tearDown(self):
- # delete all servers and make sure they are terminated
- servers_client = self.cmgr_adm.servers_client
- server_id_list = getattr(self, 'server_id_list', [])
- for server_id in server_id_list:
- servers_client.delete_server(server_id)
- for server_id in server_id_list:
- waiters.wait_for_server_termination(servers_client, server_id)
- # delete all floating-ips
- if hasattr(self, 'fip_nasa_ames_1'):
- self.delete_floatingip(self.cmgr_ames, self.fip_nasa_ames_1)
- if hasattr(self, 'fip_nasa_jpl_3'):
- self.delete_floatingip(self.cmgr_jpl, self.fip_nasa_jpl_3)
- super(TestAdminPolicyBasicOps, self).tearDown()
-
- def log_exc_msg(self, msg):
- self.exc_step += 1
- self.exc_msg += ("#%02d %s %s\n" %
- (self.exc_step, time.strftime("%H:%M:%S"), msg))
-
- def delete_floatingip(self, cmgr, net_floatingip):
- test_utils.call_and_ignore_notfound_exc(
- cmgr.floating_ips_client.delete_floatingip,
- net_floatingip.get('id'))
-
- def delete_security_group(self, sg_client, sg_id):
- sg_client.delete_security_group(sg_id)
-
- def update_security_group_policy(self, sg_id, policy_id):
- sg_client = self.cmgr_adm.security_groups_client
- sg = sg_client.update_security_group(sg_id, policy=policy_id)
- sg = sg.get('security_group', sg)
- self.assertEqual(policy_id, sg.get('policy'))
- return sg
-
- def create_security_group_policy(self, policy_id, tenant_id,
- name_prefix=None):
- sg_name = data_utils.rand_name(name_prefix or 'admin-policy')
- sg_client = self.cmgr_adm.security_groups_client
- sg_dict = dict(name=sg_name, policy=policy_id)
- if tenant_id:
- sg_dict['tenant_id'] = tenant_id
- sg = sg_client.create_security_group(**sg_dict)
- sg = sg.get('security_group', sg)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_security_group,
- sg_client, sg.get('id'))
- return sg
-
- def create_networks(self, cmgr,
- name_prefix=None, cidr_offset=0):
- net_name = data_utils.rand_name(name_prefix or 'admin-policy')
- network = self.create_network(client=cmgr.networks_client,
- name=net_name)
- network = network.get('network', network)
- subnet_kwargs = dict(name=net_name, cidr_offset=cidr_offset)
- subnet = self.create_subnet(network,
- client=cmgr.subnets_client,
- **subnet_kwargs)
- subnet = subnet.get('subnet', subnet)
- return (network, subnet)
-
- def create_router_by_type(self, router_type, client=None, **kwargs):
- routers_client = client or self.cmgr_adm.routers_client
- create_kwargs = dict(namestart='nasa-router', external_gateway_info={
- "network_id": CONF.network.public_network_id})
- if router_type in ('shared', 'exclusive'):
- create_kwargs['router_type'] = router_type
- elif router_type in ('distributed'):
- create_kwargs['distributed'] = True
- create_kwargs.update(**kwargs)
- router = HELO.router_create(self, client=routers_client,
- **create_kwargs)
- return router
-
- def create_router_and_add_interfaces(self, router_type, subnet_list):
- routers_client = self.cmgr_adm.routers_client
- router = self.create_router_by_type(router_type)
- for subnet in subnet_list:
- HELO.router_interface_add(self, router['id'], subnet['id'],
- client=routers_client)
- # check interfaces/subnets are added to router
- router_port_list = self.get_router_port_list(self.cmgr_adm,
- router['id'])
- for subnet in subnet_list:
- added = self.rports_have_subnet_id(router_port_list, subnet['id'])
- self.assertTrue(
- added,
- "subnet_id:%s is not added to router" % subnet['id'])
- return router
-
- def rports_have_subnet_id(self, router_port_list, subnet_id):
- for rport in router_port_list:
- for fips in rport.get('fixed_ips', []):
- if subnet_id == fips['subnet_id']:
- return True
- return False
-
- def get_router_port_list(self, cmgr, router_id):
- device_owner = u'network:router_interface'
- ports_client = cmgr.ports_client
- port_list = ports_client.list_ports(device_id=router_id,
- device_owner=device_owner)
- port_list = port_list.get('ports', port_list)
- return port_list
-
- def create_servers_on_networks(self, cmgr, sv_name, networks_info):
- network = networks_info.get('network')
- security_group = networks_info.get('security_group')
- security_groups = [{'name': security_group['id']}]
- svr = self.create_server_on_network(
- network, security_groups, name=sv_name,
- wait_on_boot=False,
- servers_client=cmgr.servers_client)
- self.server_id_list.append(svr.get('id'))
- return svr
-
- def get_server_info(self, cmgr, server_id):
- """Get server's ip addresses"""
- svr = cmgr.servers_client.show_server(server_id)
- svr = svr.get('server', svr)
- sinfo = dict(id=svr['id'], name=svr['name'],
- security_gropus=svr['security_groups'],
- fixed_ip_address=None, floating_ip_address=None)
- addresses = svr.get('addresses')
- for n_addresses in six.itervalues(addresses):
- for n_addr in n_addresses:
- if n_addr['OS-EXT-IPS:type'] == 'fixed':
- if not sinfo['fixed_ip_address']:
- sinfo['fixed_ip_address'] = n_addr['addr']
- elif n_addr['OS-EXT-IPS:type'] == 'floating':
- if not sinfo['floating_ip_address']:
- sinfo['floating_ip_address'] = n_addr['addr']
- return sinfo
-
- def create_floatingip_for_server(self, cmgr, server):
- username, password = self.get_image_userpass()
- try:
- floatingip = super(
- TestAdminPolicyBasicOps,
- self).create_floatingip_for_server(
- server, client_mgr=cmgr, and_check_assigned=True)
- except Exception as ex:
- floatingip = None
- msg = (self.exc_msg +
- ("\n**FAIL to associate floatingip to server[%s]\n%s"
- % (server['name'], str(ex))))
- self.assertTrue(floatingip, msg)
- fix_ip = floatingip['fixed_ip_address']
- float_ip = floatingip['floating_ip_address']
- self.log_exc_msg((" floatingip[%s] created for server[%s,%s]"
- " and is pingable." %
- (float_ip, server.get('name'), fix_ip)))
- return floatingip
-
- def wait_for_servers_become_active(self):
- servers_client = self.cmgr_adm.servers_client
- for server_id in self.server_id_list:
- waiters.wait_for_server_status(
- servers_client, server_id, 'ACTIVE')
-
- def find_servers_ips(self):
- self.server_ips = {}
- self.jpl_ips = {}
- self.server_ips['1'] = self.get_server_info(
- self.cmgr_ames, self.vm_nasa_ames_1['id'])
- self.server_ips['2'] = self.get_server_info(
- self.cmgr_ames, self.vm_nasa_ames_2['id'])
- self.server_ips['3'] = self.get_server_info(
- self.cmgr_jpl, self.vm_nasa_jpl_3['id'])
- self.server_ips['4'] = self.get_server_info(
- self.cmgr_jpl, self.vm_nasa_jpl_4['id'])
-
- def create_nasa_ames_network_and_servers(self, security_group=None):
- sg = security_group or self.sg_ames
- net, subnet = self.create_networks(self.cmgr_ames, 'nasa-ames', 1)
- self.netinfo_ames = dict(network=net, subnet=subnet,
- security_group=sg)
- self.vm_nasa_ames_1 = self.create_servers_on_networks(
- self.cmgr_ames, 'vm-nasa-ames-1', self.netinfo_ames)
- self.vm_nasa_ames_2 = self.create_servers_on_networks(
- self.cmgr_ames, 'vm-nasa-ames-2', self.netinfo_ames)
-
- def create_nasa_jpl_network_and_servers(self, security_group=None):
- sg = security_group or self.sg_jpl
- # jpl and ames attached to the same router, CIDR cannot overlap
- net, subnet = self.create_networks(self.cmgr_jpl, 'nasa-jpl', 3)
- self.netinfo_jpl = dict(network=net, subnet=subnet,
- security_group=sg)
- self.vm_nasa_jpl_3 = self.create_servers_on_networks(
- self.cmgr_jpl, 'vm-nasa-jpl-3', self.netinfo_jpl)
- self.vm_nasa_jpl_4 = self.create_servers_on_networks(
- self.cmgr_jpl, 'vm-nasa-jpl-4', self.netinfo_jpl)
-
- def create_nasa_topo(self, router_type=None):
- router_type = router_type or 'shared'
- self.sg_ames = self.create_security_group_policy(
- self.policy_AA,
- self.cmgr_ames.networks_client.tenant_id,
- name_prefix='nasa-ames')
- self.sg_jpl = self.create_security_group_policy(
- self.policy_AA,
- self.cmgr_jpl.networks_client.tenant_id,
- name_prefix='nasa-jpl')
- self.create_nasa_ames_network_and_servers(self.sg_ames)
- self.create_nasa_jpl_network_and_servers(self.sg_jpl)
- subnet_list = [self.netinfo_ames.get('subnet'),
- self.netinfo_jpl.get('subnet')]
- self.nasa_router = self.create_router_and_add_interfaces(
- router_type, subnet_list)
- self.wait_for_servers_become_active()
- # associate floating-ip to servers and pingable
- self.fip_nasa_ames_1 = self.create_floatingip_for_server(
- self.cmgr_ames, self.vm_nasa_ames_1)
- self.fip_nasa_jpl_3 = self.create_floatingip_for_server(
- self.cmgr_jpl, self.vm_nasa_jpl_3)
- self.find_servers_ips()
-
- def host_ssh_reachable(self, host_id, host_ip):
- username, password = self.get_image_userpass()
- try:
- ssh_client = dmgr.get_remote_client_by_password(
- host_ip, username, password)
- except Exception as ex:
- ssh_client = None
- msg = (self.exc_msg +
- ("\n**FAIL to ssh to host[%s=%s]\n%s" %
- (host_id, str(ex))))
- self.assertTrue(ssh_client, msg)
- self.log_exc_msg(
- (" SSH host[%s] floatingip[%s] OK" % (host_id, host_ip)))
- return ssh_client
-
- def host_can_reach_ips(self, host_id, host_ssh, ip_type, ip_list):
- for dest_ip in ip_list:
- reachable = dmgr.is_reachable(host_ssh, dest_ip,
- time_out=self.conn_timeout)
- msg = (self.exc_msg +
- ("\n *FAILURE* VM[%s] cannot PING %s[%s]" %
- (host_id, ip_type, dest_ip)))
- if not reachable:
- reachable = dmgr.is_reachable(host_ssh, dest_ip,
- time_out=self.conn_timeout)
- dmgr.STEPINTO_DEBUG_IF_TRUE(not reachable)
- self.assertTrue(reachable, msg)
- self.log_exc_msg(
- (" VM[%s] can PING %s[%s]" % (host_id, ip_type, dest_ip)))
-
- def host_cannot_reach_ips(self, host_id, host_ssh, ip_type, ip_list):
- for dest_ip in ip_list:
- not_reachable = dmgr.isnot_reachable(host_ssh, dest_ip,
- time_out=self.conn_timeout,
- ping_timeout=5.0)
- msg = (self.exc_msg +
- ("\n *FAILURE* VM[%s] shouldn't able to PING %s[%s]" %
- (host_id, ip_type, dest_ip)))
- if not not_reachable:
- not_reachable = dmgr.isnot_reachable(
- host_ssh, dest_ip, time_out=self.conn_timeout,
- ping_timeout=5.0)
- dmgr.STEPINTO_DEBUG_IF_TRUE(not not_reachable)
- self.assertTrue(not_reachable, msg)
- self.log_exc_msg(
- (" VM[%s] is not able to PING %s[%s]" %
- (host_id, ip_type, dest_ip)))
-
- def ican_reach_ip(self, ip_addr, ping_timeout=5):
- ip_type = 'floating-ip'
- for x in range(int(self.conn_timeout / ping_timeout)):
- reachable = self.ping_ip_address(ip_addr,
- ping_timeout=ping_timeout)
- if reachable:
- break
- time.sleep(2.0)
- msg = (self.exc_msg +
- ("\n *FAILURE* Tempest cannot PING %s[%s]" %
- (ip_type, ip_addr)))
- if not reachable:
- reachable = self.ping_ip_address(ip_addr,
- ping_timeout=ping_timeout)
- dmgr.STEPINTO_DEBUG_IF_TRUE(not reachable)
- self.assertTrue(reachable, msg)
- self.log_exc_msg(" Tempest can PING %s[%s]" % (ip_type, ip_addr))
-
- def icannot_reach_ip(self, ip_addr, ping_timeout=5):
- ip_type = 'floating-ip'
- for x in range(int(self.conn_timeout / ping_timeout)):
- reachable = self.ping_ip_address(ip_addr,
- ping_timeout=ping_timeout)
- if not reachable:
- break
- time.sleep(ping_timeout)
- msg = (self.exc_msg +
- ("\n *FAILURE* Tempest should not PING %s[%s]" %
- (ip_type, ip_addr)))
- if reachable:
- reachable = self.ping_ip_address(ip_addr,
- ping_timeout=ping_timeout)
- dmgr.STEPINTO_DEBUG_IF_TRUE(reachable)
- self.assertFalse(reachable, msg)
- self.log_exc_msg((" Tempest isnot able to PING %s[%s]" %
- (ip_type, ip_addr)))
-
- def run_admin_policy_op_scenario(self, router_type):
- self.log_exc_msg(("Setup admin-policy test with router-type[%s]" %
- router_type))
- self.create_nasa_topo(router_type)
- self.jpl_private_ips = [y['fixed_ip_address']
- for x, y in six.iteritems(self.server_ips)
- if x > '2']
- self.ames_private_ips = [y['fixed_ip_address']
- for x, y in six.iteritems(self.server_ips)
- if x < '3']
-
- self.run_policy_AA_on_ames_AA_on_jpl()
- self.run_policy_AA_on_ames_BB_on_jpl()
- self.run_policy_BB_on_ames_BB_on_jpl()
-
- dmgr.LOG.debug(self.exc_msg)
-
- def run_policy_AA_on_ames_AA_on_jpl(self):
- self.log_exc_msg(("### tenant:jpl=policy_AA[%s]"
- ", tenant:ames=policy_AA[%s]" %
- (self.policy_AA, self.policy_AA)))
- # at the beginning, can ssh to VM with floating-ip
- self.log_exc_msg(
- "Tempest can ping & ssh vm-nasa-ames-1's floatingip")
- self.ican_reach_ip(self.fip_nasa_ames_1['floating_ip_address'])
- ames_1_ssh = self.host_ssh_reachable(
- "nasa-ames-1",
- self.fip_nasa_ames_1['floating_ip_address'])
-
- # from vm-nasa-ames-1 can ping all other private-ips
- self.log_exc_msg(("vm-nasa-ames-1[%s] can ping all private-ips"
- % (self.server_ips['1']['fixed_ip_address'])))
- self.host_can_reach_ips('nasa-ames-1', ames_1_ssh,
- 'ame-private-ip', self.ames_private_ips)
- self.host_can_reach_ips('nasa-ames-1', ames_1_ssh,
- 'jp-private-ip', self.jpl_private_ips)
- # from vm-nasa-jpl_3 can ping all other private-ips
- self.log_exc_msg(
- "Tempest can ping & ssh vm-nasa-jpl-3's floatingip")
- self.ican_reach_ip(self.fip_nasa_jpl_3['floating_ip_address'])
- jpl_3_ssh = self.host_ssh_reachable(
- "nasa-jpl-3",
- self.fip_nasa_jpl_3['floating_ip_address'])
- self.log_exc_msg(("vm-nasa-jpl-3[%s] can ping all private-ips"
- % (self.server_ips['3']['fixed_ip_address'])))
- self.host_can_reach_ips('nasa-jpl-3', jpl_3_ssh,
- 'jp-private-ip', self.jpl_private_ips)
- self.host_can_reach_ips('nasa-jpl-3', jpl_3_ssh,
- 'ames-private-ip', self.ames_private_ips)
- # within VM can ping both tanants' floating-ips
- self.log_exc_msg(
- "vm-nasa-ames-1 can ping vm-nasa-jpl-1's floatingip")
- self.host_can_reach_ips(
- 'nasa-ames-1', ames_1_ssh, 'jpl-floating-ip',
- [self.fip_nasa_jpl_3['floating_ip_address']])
- self.log_exc_msg(
- "vm-nasa-jpl-3 can ping vm-nasa-ames-3's floatingip")
- self.host_can_reach_ips(
- 'nasa-jpl-3', jpl_3_ssh, 'nasa-floating-ip',
- [self.fip_nasa_ames_1['floating_ip_address']])
-
- def run_policy_AA_on_ames_BB_on_jpl(self):
- # from vm-nasa-ames-1 can ping all other private-ips
- self.log_exc_msg(
- ("Update tenant:jpl to use policy_BB[%s] with group-ping"
- % self.policy_BB))
- # admin update jpl to policy_BB_GP
- self.update_security_group_policy(self.sg_jpl['id'], self.policy_BB)
- # cannot ping vm-nasa-jpl-3, can ssh to both tenants' floating-ips
- self.log_exc_msg(("### tenant:jpl=policy_BB[%s]"
- ", tenant:ames=policy_AA[%s]" %
- (self.policy_BB, self.policy_AA)))
- self.log_exc_msg(
- "Tempest can ping & ssh vm-nasa-ames-1's floatingip")
- self.ican_reach_ip(self.fip_nasa_ames_1['floating_ip_address'])
- ames_1_ssh = self.host_ssh_reachable(
- "nasa-ames-1",
- self.fip_nasa_ames_1['floating_ip_address'])
- self.log_exc_msg("Tempest can ssh vm-nasa-jpl-3's floatingip"
- ", but not ping")
- self.icannot_reach_ip(self.fip_nasa_jpl_3['floating_ip_address'])
- jpl_3_ssh = self.host_ssh_reachable(
- "nasa-jpl-3",
- self.fip_nasa_jpl_3['floating_ip_address'])
- # vm-nasa-jpl_3 can ping its private-ips, not other tenants
- self.log_exc_msg(("vm-nasa-jpl-3[%s] can reach all private-ips"
- % (self.server_ips['3']['fixed_ip_address'])))
- self.host_can_reach_ips('nasa-jpl-3', jpl_3_ssh,
- 'jpl-private-ip', self.jpl_private_ips)
- self.host_can_reach_ips('nasa-jpl-3', jpl_3_ssh,
- 'ames-private-ip', self.ames_private_ips)
- # nasa_ames_1 can not ping private-ips of tenant jpl
- # as policy_BB:ping only allowed from the same security-group
- self.log_exc_msg(("vm-nasa-ames-1[%s] can reach ames's rivate-ips"
- ", not jpl's private-ips"
- % (self.server_ips['1']['fixed_ip_address'])))
- self.host_can_reach_ips('nasa-ames-1', ames_1_ssh,
- 'ames-private-ip', self.ames_private_ips)
- self.host_cannot_reach_ips('nasa-ames-1', ames_1_ssh,
- 'jpl-private-ip', self.jpl_private_ips)
- self.log_exc_msg(
- "vm-nasa-ames-1 cannot ping vm-nasa-jpl-1's floatingip")
- self.host_cannot_reach_ips(
- 'nasa-ames-1', ames_1_ssh, 'jpl-floating-ip',
- [self.fip_nasa_jpl_3['floating_ip_address']])
- self.log_exc_msg(
- "vm-nasa-jpl-3 cannot ping vm-nasa-ames-3's floatingip")
- self.host_cannot_reach_ips(
- 'nasa-jpl-3', jpl_3_ssh, 'ames-floating-ip',
- [self.fip_nasa_ames_1['floating_ip_address']])
-
- def run_policy_BB_on_ames_BB_on_jpl(self):
- ### tenant jpl:policy_BB_GP, tenant ames:policy_BB_GP
- self.log_exc_msg(
- ("Update tenant:ames to use policy_BB[%s] with group-ping"
- % self.policy_BB))
- # admin update ames to policy_BB
- self.update_security_group_policy(self.sg_ames['id'], self.policy_BB)
- # cannot ping all VMs, but can ssh to both tenants' floating-ips
- self.log_exc_msg(("### tenant:jpl=policy_BB[%s]"
- ", tenant:ames=policy_BB[%s]" %
- (self.policy_BB, self.policy_BB)))
- self.log_exc_msg("Tempest can ssh vvm-nasa-ames-1's floatingip &"
- " vm-nasa-jpl-3's floatingip, but not ping.")
- self.icannot_reach_ip(self.fip_nasa_ames_1['floating_ip_address'])
- self.icannot_reach_ip(self.fip_nasa_jpl_3['floating_ip_address'])
- ames_1_ssh = self.host_ssh_reachable(
- "nasa-ames-1",
- self.fip_nasa_ames_1['floating_ip_address'])
- jpl_3_ssh = self.host_ssh_reachable(
- "nasa-jpl-3",
- self.fip_nasa_jpl_3['floating_ip_address'])
- self.log_exc_msg(("vm-nasa-jpl-3[%s] can reach jpl private-ips"
- ", not ames"
- % (self.server_ips['3']['fixed_ip_address'])))
- self.host_can_reach_ips('nasa-jpl-3', jpl_3_ssh,
- 'private-ip', self.jpl_private_ips)
- self.host_cannot_reach_ips('nasa-jpl-3', jpl_3_ssh,
- 'private-ip', self.ames_private_ips)
- self.log_exc_msg(("vm-nasa-ames-1[%s] can reach ames private-ips"
- ", not jpl"
- % (self.server_ips['1']['fixed_ip_address'])))
- self.host_can_reach_ips('nasa-ames-1', ames_1_ssh,
- 'private-ip', self.ames_private_ips)
- self.host_cannot_reach_ips('nasa-ames-1', ames_1_ssh,
- 'private-ip', self.jpl_private_ips)
- self.log_exc_msg(
- "vm-nasa-ames-1 cannot ping vm-nasa-jpl-1's floatingip")
- self.host_cannot_reach_ips(
- 'nasa-ames-1', ames_1_ssh, 'floating-ip',
- [self.fip_nasa_jpl_3['floating_ip_address']])
- self.log_exc_msg(
- "vm-nasa-jpl-3 cannot ping vm-nasa-ames-3's floatingip")
- self.host_cannot_reach_ips(
- 'nasa-jpl-3', jpl_3_ssh, 'floating-ip',
- [self.fip_nasa_ames_1['floating_ip_address']])
-
-
-class TestAdminPolicySharedRouter(TestAdminPolicyBasicOps):
- @decorators.idempotent_id('78f45717-5f95-4ef5-b2a4-a1b4700ef688')
- def test_admin_policy_ops_with_shared_router(self):
- self.run_admin_policy_op_scenario('shared')
-
-
-class TestAdminPolicyExclusiveRouter(TestAdminPolicyBasicOps):
- @decorators.idempotent_id('68345852-da2e-4f46-816b-0afc59470a45')
- def test_admin_policy_ops_with_exclusive_router(self):
- self.run_admin_policy_op_scenario('exclusive')
-
-
-class TestAdminPolicyDistributedRouter(TestAdminPolicyBasicOps):
- @decorators.idempotent_id('76adbfbb-a2e5-40fa-8930-84e7ece87bd5')
- def test_admin_policy_ops_with_distributed_router(self):
- self.run_admin_policy_op_scenario('distributed')
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_deployments.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_deployments.py
deleted file mode 100644
index 563e19ed2c..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_deployments.py
+++ /dev/null
@@ -1,578 +0,0 @@
-# Copyright 2015 OpenStack Foundation
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import time
-
-from tempest import config
-from tempest import test
-
-import manager_topo_deployment as dmgr
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-
-CONF = config.CONF
-LOG = dmgr.manager.log.getLogger(__name__)
-
-FLAT_ALLOC_DICT = CONF.scenario.flat_alloc_pool_dict
-Z_DEPLOY_TOPO = "tc[%s] deploying"
-Z_DEPLOY_DELETE_SERVER = "tc[%s] deploy delete-server"
-Z_DEPLOY_COMPLETED = "tc[%s] deploy test-completed."
-
-
-class TestSimpleFlatNetwork(dmgr.TopoDeployScenarioManager):
-
- """TestSimpleFlatNetwork: with 1 flat network/subnet
-
- 1. client:admin create FLAT network.
- 2. client:primary boot a server (icmp/ssh security rules enabled)
- on the flat network.
- 3. check the server is reachable.
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestSimpleFlatNetwork, cls).skip_checks()
- if not FLAT_ALLOC_DICT:
- msg = "FLAT network allocation pool not defined."
- raise cls.skipException(msg)
-
- def setUp(self):
- super(TestSimpleFlatNetwork, self).setUp()
- self.info_flat1 = FLAT_ALLOC_DICT
-
- def tearDown(self):
- super(TestSimpleFlatNetwork, self).tearDown()
-
- def create_network(self, name=None, shared=True):
- name = name or data_utils.rand_name('FLAT-net')
- post_body = {'name': name,
- 'provider:network_type': 'flat',
- 'shared': shared}
- net_flat = self.create_provider_network(create_body=post_body)
- return net_flat
-
- def create_subnet(self, net_network, info_flat):
- alloc_pool = [{'start': info_flat['start'],
- 'end': info_flat['end']}]
- post_body = {'name': net_network['name'],
- 'network_id': net_network['id'],
- 'ip_version': 4,
- 'gateway_ip': info_flat['gateway'],
- 'cidr': info_flat['cidr'],
- 'allocation_pools': alloc_pool,
- 'dns_nameservers': CONF.network.dns_servers}
- net_subnet = self.create_provider_subnet(create_body=post_body)
- return net_subnet
-
- def check_server_connected(self, serv):
- serv_net = list(serv['addresses'].keys())[0]
- serv_addr = serv['addresses'][serv_net][0]
- host_ip = serv_addr['addr']
- # host_mac = serv_addr['OS-EXT-IPS-MAC:mac_addr']
- # host_ver = serv_addr['version']
- self.waitfor_host_connected(host_ip)
-
- @decorators.idempotent_id('bc081b8d-49eb-4710-9442-c6b225ef16f0')
- @test.services('compute', 'network')
- def test_simple_flat_network(self):
- # provider actions
- self.net_network = self.create_network()
- self.net_subnet = self.create_subnet(self.net_network, self.info_flat1)
- # tenant actions
- self.security_group = self._create_security_group(
- security_groups_client=self.security_groups_client,
- security_group_rules_client=self.security_group_rules_client,
- namestart='FLAT-tenant')
- security_groups = [{'name': self.security_group['id']}]
- self.serv1 = self.create_server_on_network(
- self.net_network, security_groups,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=self.net_network['name'])
- self.check_server_connected(self.serv1)
- LOG.debug(Z_DEPLOY_DELETE_SERVER, "flat-network")
- self.servers_client.delete_server(self.serv1['id'])
- LOG.debug(Z_DEPLOY_COMPLETED, "flat-network")
-
-
-class TestTenantConnectivity(dmgr.TopoDeployScenarioManager):
-
- """TestTenantConnectivity: router attached with one network/subnet
-
- 1. boot server #1 with icmp/ssh security rules enabled.
- 2. create/associate floatingip associate to server #1
- 3. disassociate floatingip from server #1
- 4. check server #1 is not reachable.
- 5. boot server #2, and associated with the last floatingip.
- 6. check the 2nd and outside-world-server are reachable.
- """
-
- def setUp(self):
- super(TestTenantConnectivity, self).setUp()
- self.servers = []
-
- def tearDown(self):
- # do mini teardown if test failed already
- super(TestTenantConnectivity, self).tearDown()
-
- @decorators.idempotent_id('3c6cd4fe-de25-47ef-b638-a6bbb312da09')
- @test.services('compute', 'network')
- def test_tenant_connectivity(self):
- LOG.debug(Z_DEPLOY_TOPO, "tenant connectivity")
- client_mgr = self.manager
- username, password = self.get_image_userpass()
- # create security_group with loginable rules
- self.security_group = self._create_security_group(
- security_groups_client=client_mgr.security_groups_client,
- security_group_rules_client=client_mgr.security_group_rules_client,
- namestart='deploy-connect')
- self.network, self.subnet, self.router = self.setup_project_network(
- self.public_network_id, client_mgr=client_mgr,
- namestart='deploy-connect')
- self.check_networks(self.network, self.subnet, self.router)
- security_groups = [{'name': self.security_group['id']}]
- self.serv1 = self.create_server_on_network(
- self.network, security_groups,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=self.network['name'])
- self.fip1 = self.create_floatingip_for_server(
- self.serv1, client_mgr=client_mgr)
- msg = "Associate floatingip[%s] sever#1" % self.fip1
- self._check_floatingip_connectivity(
- self.fip1, self.serv1, should_connect=True, msg=msg)
- # VM is reachable from public; check VM can reach outside world
- node1 = dmgr.make_node_info(self.fip1, username, password, True)
- is_reachable = dmgr.check_host_is_reachable(
- node1, node1['dest'], ['outside'])
- self.assertTrue(
- is_reachable,
- "VM=%s CAN-NOT-REACH-OUTSIDE-WORLD" % (node1['ipaddr']))
- LOG.debug('tenant[%s] CAN-REACH-OUTSIDE-WORLD',
- node1['ipaddr'])
- self.disassociate_floatingip(self.fip1,
- client=self.manager.floating_ips_client)
- time.sleep(dmgr.WAITTIME_AFTER_DISASSOC_FLOATINGIP)
- msg = "after disassociate floatingip[%s] from server#1" % self.fip1
- self._check_floatingip_connectivity(
- self.fip1, self.serv1, should_connect=False, msg=msg)
- self.serv2 = self.create_server_on_network(
- self.network, security_groups,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=self.network['name'])
- self.associate_floatingip(self.fip1, self.serv2,
- client=self.manager.floating_ips_client)
- server_pingable = self._waitfor_associated_floatingip(self.fip1)
- self.assertTrue(
- server_pingable,
- msg="Expect server#2 to be reachable after floatingip assigned.")
- self.disassociate_floatingip(self.fip1,
- client=self.manager.floating_ips_client,
- and_delete=True)
- LOG.debug(Z_DEPLOY_DELETE_SERVER, "tenant connectivity")
- self.servers_client.delete_server(self.serv1['id'])
- self.servers_client.delete_server(self.serv2['id'])
- # self._router_unset_gateway(self.router['id'])
- LOG.debug(Z_DEPLOY_COMPLETED, "tenant connectivity")
-
-
-class TestMultiTenantsNetwork(dmgr.TopoDeployScenarioManager):
-
- """TestMultiTenantsNetwork: with router, attached with 1 network/subnet
-
- 1. boot 2 servers (icmp/ssh rules enabled) on primary(green) network.
- 2. create/associate floatingip to each server.
- 3. check VM-A can reach VM-B's fixed IP
- 4. chekc VM-B can reach VM-A's fixed IP
- 5. repeat 1-4 with alt-tenant (red), however its cidr is different
- from the primary network for negative test. We don't want to ping
- fixed-ip that being assigned to both tenents.
- 6. check VM@primary can not access VM@alt with fixed-ip
- 7. check VM@primary can access floatingip of VM@alt
- """
-
- def tearDown(self):
- # do mini teardown if test failed already
- try:
- self.remove_project_network(False)
- except Exception:
- pass
-
- super(TestMultiTenantsNetwork, self).tearDown()
-
- def remove_project_network(self, from_test=True):
- for tn in ['green', 'red']:
- tenant = getattr(self, tn, None)
- if tenant and 'fip1' in tenant:
- servers_client = tenant['client_mgr'].servers_client
- dmgr.delete_all_servers(servers_client)
- fip_client = tenant['client_mgr'].floating_ips_client
- self.disassociate_floatingip(tenant['fip1'],
- client=fip_client,
- and_delete=True)
- self.disassociate_floatingip(tenant['fip2'],
- client=fip_client,
- and_delete=True)
- tenant.pop('fip1')
-
- def create_project_network_env(self, client_mgr, t_id,
- check_outside_world=True,
- cidr_offset=1):
- username, password = self.get_image_userpass()
- t_security_group = self._create_security_group(
- security_groups_client=client_mgr.security_groups_client,
- security_group_rules_client=client_mgr.security_group_rules_client,
- namestart="deploy-multi-tenant")
- t_network, t_subnet, t_router = self.setup_project_network(
- self.public_network_id, client_mgr,
- namestart=("deploy-%s-tenant" % t_id),
- cidr_offset=cidr_offset)
- self.check_networks(t_network, t_subnet, t_router)
- name1 = t_network['name'] + "-A"
- name2 = t_network['name'] + "-B"
- security_groups = [{'name': t_security_group['name']}]
- servers_client = client_mgr.servers_client
- t_serv1 = self.create_server_on_network(
- t_network, security_groups,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=name1,
- servers_client=servers_client, wait_on_boot=False)
- t_serv2 = self.create_server_on_network(
- t_network, security_groups,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- servers_client=servers_client, name=name2)
- t_fip1 = self.create_floatingip_for_server(
- t_serv1, client_mgr=client_mgr)
- t_fip2 = self.create_floatingip_for_server(
- t_serv2, client_mgr=client_mgr)
- node1 = dmgr.make_node_info(t_fip1, username, password,
- check_outside_world)
- node2 = dmgr.make_node_info(t_fip2, username, password,
- check_outside_world)
- T = dict(security_group=t_security_group,
- network=t_network, subnet=t_subnet,
- router=t_router, client_mgr=client_mgr,
- serv1=t_serv1, fip1=t_fip1, node1=node1,
- serv2=t_serv2, fip2=t_fip2, node2=node2)
- is_reachable = dmgr.check_host_is_reachable(
- node1, node2['dest'], [dmgr.IPTYPE_FIXED])
- self.assertTrue(
- is_reachable,
- ("VM-A-%s=%s CANNOT-REACH VM-B-%s=%s" %
- (t_id, str(node1), t_id, str(node2))))
- is_reachable = dmgr.check_host_is_reachable(
- node2, node1['dest'], [dmgr.IPTYPE_FIXED])
- self.assertTrue(
- True,
- ("VM-B-%s=%s CANNOT-REACH VM-A-%s=%s" %
- (t_id, str(node2), t_id, str(node1))))
- return T
-
- @decorators.idempotent_id('19d19cd0-9686-49c9-acea-a9db28f7458c')
- @test.services('compute', 'network')
- def test_multi_tenants_network(self):
- LOG.debug(Z_DEPLOY_TOPO, "multi tenant network")
- self.green = self.create_project_network_env(
- self.manager, 'green', True)
- # in multiple tenant environment, ip overlay could happen
- # for the 2nd tenent give it a different ip-range to
- # make sure private-ip at tenat-1 is not the same being
- # assigned to tenant-2
- self.red = self.create_project_network_env(
- self.alt_manager, 'red', False, cidr_offset=3)
- # t1 can reach t2's public interface
- is_rechable = dmgr.check_host_is_reachable(
- self.green['node1'], self.red['node2']['dest'],
- [dmgr.IPTYPE_FLOATING])
- self.assertTrue(
- is_rechable,
- ("t1:VM-A=%s CANNOT-REACH t2:VM-A=[floating-ip %s]" %
- (str(self.green['node1']), str(self.red['node2']))))
- # Do the reachable first, then check other VM's fixed-ip
- # is not reachable - again tenants should not have overlay IPs.
- not_reachable = dmgr.check_host_not_reachable(
- self.green['node1'], self.red['node2']['dest'],
- [dmgr.IPTYPE_FIXED], 10, 20, 2)
- self.assertFalse(
- not_reachable,
- ("t1:VM-A=%s SHOULD-NOT-REACH t2:VM-B=[fixed-ip %s]" %
- (str(self.green['node1']), str(self.red['node2']))))
- self.remove_project_network()
- LOG.debug(Z_DEPLOY_COMPLETED, "multi tenant network")
-
-
-class TestProviderRouterTenantNetwork(dmgr.TopoDeployScenarioManager):
-
- """TestProviderRouterTenantNetwork:
-
- 1. admin client create a router, gw to external network
- 2. primary client (yellow) create a network
- 3. alt client (blue) create a network
- 4. admin client add primary network and alt network to router
- 5. primary client boot a server, icmp/ssh enabled, to its network
- 6. alt client boot a server, icmp/ssh enabled, to its network
- 7. primary client create floatingip to its server
- 8. alt client create floatingip to its server
- 9. check primary server can reach fixed-ip & floating-ip of alt server
- 10. check alt server can reach fixed-ip & floating-ip of primary server
- """
-
- def setUp(self):
- super(TestProviderRouterTenantNetwork, self).setUp()
-
- def tearDown(self):
- # do mini teardown if test failed already
- try:
- self.remove_project_network(False)
- except Exception:
- pass
- super(TestProviderRouterTenantNetwork, self).tearDown()
-
- def remove_project_network(self, from_test=True):
- router_id = self.p_router['id']
- for tn in ['yellow', 'blue']:
- tenant = getattr(self, tn, None)
- if tenant and 'fip' in tenant:
- servers_client = tenant['client_mgr'].servers_client
- dmgr.delete_all_servers(servers_client)
- fip_client = tenant['client_mgr'].floating_ips_client
- self.disassociate_floatingip(tenant['fip'],
- client=fip_client,
- and_delete=True)
- tenant.pop('fip')
- self.router_interface_delete(
- router_id, tenant['subnet']['id'],
- self.admin_manager.routers_client)
- self.admin_manager.networks_client.delete_network(
- tenant['network']['id'])
- tenant.pop('subnet')
- tenant.pop('network')
- self._router_clear_gateway(
- router_id, client=self.admin_manager.routers_client)
-
- def create_project_network_env(self, t_id, client_mgr=None,
- tenant_id=None, cidr_offset=0, **kwargs):
- tenant = self.create_tenant_network(t_id, client_mgr, tenant_id,
- cidr_offset, **kwargs)
- tenant = self.create_server_and_assign_floatingip(tenant)
- return tenant
-
- def create_tenant_network(self, t_id, client_mgr=None,
- tenant_id=None, cidr_offset=0, **kwargs):
- namestart = "deploy-%s-tenant" % t_id
- name = data_utils.rand_name(namestart)
- client_mgr = client_mgr or self.manager
- security_groups_client = client_mgr.security_groups_client
- security_group_rules_client = client_mgr.security_group_rules_client
- t_network, t_subnet = self.create_network_subnet(
- client_mgr, name=name, tenant_id=tenant_id,
- cidr_offset=cidr_offset,)
- t_security_group = self._create_security_group(
- security_groups_client=security_groups_client,
- security_group_rules_client=security_group_rules_client,
- namestart=namestart, tenant_id=tenant_id)
- self._router_add_interface(
- self.p_router, t_subnet, self.admin_manager)
- return dict(id=t_id, network=t_network, subnet=t_subnet,
- client_mgr=client_mgr, security_group=t_security_group)
-
- def create_server_and_assign_floatingip(self, tenant):
- t_network = tenant['network']
- t_security_group = tenant['security_group']
- client_mgr = tenant['client_mgr']
- servers_client = client_mgr.servers_client
- security_groups = [{'name': t_security_group['name']}]
- t_serv = self.create_server_on_network(
- t_network, security_groups,
- name=t_network['name'],
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- servers_client=servers_client)
- t_fip = self.create_floatingip_for_server(
- t_serv, client_mgr=client_mgr)
- tenant.update(serv=t_serv, fip=t_fip)
- return tenant
-
- @decorators.idempotent_id('a31712de-33ad-4dc2-9755-1a0631a4f66a')
- @test.services('compute', 'network')
- def test_provider_router_project_network(self):
- # provider router owned by admin_manager
- self.p_router = self._create_router(
- client_mgr=self.admin_manager, namestart="deploy-provider-router",
- distributed=self.tenant_router_attrs.get('distributed'),
- router_type=self.tenant_router_attrs.get('router_type'))
- self._router_set_gateway(self.p_router['id'], self.public_network_id,
- client=self.admin_manager.routers_client)
- self.yellow = self.create_project_network_env(
- 'yellow', self.manager, cidr_offset=1)
- self.blue = self.create_project_network_env(
- 'blue', self.alt_manager, cidr_offset=2)
- username, password = self.get_image_userpass()
- yellow = dmgr.make_node_info(self.yellow['fip'], username, password)
- blue = dmgr.make_node_info(self.blue['fip'], username, password)
- is_reachable = dmgr.check_host_is_reachable(
- yellow, blue['dest'], [dmgr.IPTYPE_FLOATING])
- self.assertTrue(
- is_reachable,
- "VM-yello=%s CANNOT-REACH VM-blue=%s" % (str(yellow), str(blue)))
- is_reachable = dmgr.check_host_is_reachable(
- blue, yellow['dest'], [dmgr.IPTYPE_FLOATING])
- self.assertTrue(
- is_reachable,
- "VM-blue=%s CANNOT-REACH VM-yellow=%s" % (str(blue), str(yellow)))
- self.remove_project_network()
-
-
-# exclusive router
-class TestTenantConnectivityWithExclusiveRouter(
- TestTenantConnectivity):
-
- """TestTenantConnectivityWithExclusiveRouter:
-
- samet as TestTenantConnectivity, except router is exclusive.
- """
-
- # router attributes used to create the tenant's router
- tenant_router_attrs = {'router_type': 'exclusive'}
-
- @classmethod
- def skip_checks(cls):
- super(TestTenantConnectivityWithExclusiveRouter,
- cls).skip_checks()
- for ext in ['nsxv-router-type']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
-
-class TestMultiTenantsNetworkWithExclusiveRouter(
- TestMultiTenantsNetwork):
-
- """TestMultiTenantsNetworkWithExclusiveRouter:
-
- samet as TenantNetwork , except router is exclusive.
- """
-
- tenant_router_attrs = {'router_type': 'exclusive'}
-
- @classmethod
- def skip_checks(cls):
- super(TestMultiTenantsNetworkWithExclusiveRouter,
- cls).skip_checks()
- for ext in ['nsxv-router-type']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
-
-class TestProviderExclusiveRouterTenantNetwork(
- TestProviderRouterTenantNetwork):
-
- """TestProviderExclusiveRouterTenantNetwork:
-
- same as TestProviderRouterTenantNework, except router is exclusive.
- """
-
- tenant_router_attrs = {'router_type': 'exclusive'}
-
- @classmethod
- def skip_checks(cls):
- super(TestProviderExclusiveRouterTenantNetwork,
- cls).skip_checks()
- for ext in ['nsxv-router-type']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
-
-# distributed router
-class TestTenantConnectivityWithDistributedRouter(
- TestTenantConnectivity):
-
- """TestTenantConnectivityWithDistributedRouter:
-
- same as TestTenantConnectivity, except router is distributed.
- """
-
- # router attributes used to create the tenant's router
- tenant_router_attrs = {'distributed': True}
-
- @classmethod
- def skip_checks(cls):
- super(TestTenantConnectivityWithDistributedRouter,
- cls).skip_checks()
- for ext in ['dvr', 'nsxv-router-type']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
-
-class TestMultiTenantsNetworkWithDistributedRouter(
- TestMultiTenantsNetwork):
-
- """TestMultiTenantsNetworkWithDistributedRouter:
-
- same as TestMultiTenantsNetwork, except router is distributed.
- """
-
- tenant_router_attrs = {'distributed': True}
-
- @classmethod
- def skip_checks(cls):
- super(TestMultiTenantsNetworkWithDistributedRouter,
- cls).skip_checks()
- for ext in ['dvr', 'nsxv-router-type']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
-
-class TestProviderDistributedRouterTenantNetwork(
- TestProviderRouterTenantNetwork):
-
- """TestProviderDistributedRouterTenantNetwork:
-
- same as TestProviderRouterTenantNework, except router is distributed.
- """
-
- tenant_router_attrs = {'distributed': True}
-
- @classmethod
- def skip_checks(cls):
- super(TestProviderDistributedRouterTenantNetwork,
- cls).skip_checks()
- for ext in ['dvr', 'nsxv-router-type']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
-
-def _g_service_client(req_mgr, client_name):
- s_client = getattr(req_mgr, client_name, None)
- if s_client:
- return s_client
- return req_mgr.networks_client
-
-
-# self vs req: there are possible 3 client managers (admin, pri, 2nd)
-# in each class, but the default is the primary, other clients need aslo
-# to create resources, so you should call this to get proper client.
-def _g_neutron_service_client(self_mgr, req_mgr, client_name):
- if req_mgr:
- return _g_service_client(req_mgr, client_name)
- return _g_service_client(self_mgr, client_name)
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_dhcp_121.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_dhcp_121.py
deleted file mode 100644
index 1dd7be86ad..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_dhcp_121.py
+++ /dev/null
@@ -1,514 +0,0 @@
-# Copyright 2016 OpenStack Foundation
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import re
-import socket
-import struct
-import sys
-import time
-
-import netaddr
-from tempest.common.utils.linux import remote_client
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions
-
-from vmware_nsx_tempest.services import nsxv_client
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- manager_topo_deployment as dmgr)
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as HELO)
-
-CONF = config.CONF
-LOG = dmgr.manager.log.getLogger(__name__)
-
-DHCP_121_DEPLOY_TOPO = "Testcase DHCP-121 option [%s] deploying"
-DHCP_121_DEPLOY_COMPLETED = "Testcase [%s] deploy test-completed."
-Metadataserver_ip = '169.254.169.254'
-
-
-class TestDHCP121BasicOps(dmgr.TopoDeployScenarioManager):
- """Base class provides DHCP 121 options operations.
-
- 1) Creates an instance
- 2) Ssh to instance and then check below information:
- a) check metadata routes avialable or not
- b) check host routes avialble or not
- c) clear host-routes from subnet and check routes present on vm or not
- d) update subnet to disbale dhcp and check metadata routes not visible
- on instance
- 3) Check at beckend(nsx-v) for host-routes and metadata route information
- 4) Delete of host routes from subnet will make it deleted from beckend
- 5) Negative test where try to make subnet dhcp disable but host-routes
- present and vice-versa
- 6) Create large no of host-routes for subnet and check validation at
- beckend
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestDHCP121BasicOps, cls).skip_checks()
- if not ((CONF.network.project_networks_reachable
- or CONF.network.public_network_id) and
- CONF.network.public_network_cidr):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
- manager_ip = re.search(r"(\d{1,3}\.){3}\d{1,3}",
- CONF.nsxv.manager_uri).group(0)
- cls.vsm = nsxv_client.VSMClient(
- manager_ip, CONF.nsxv.user, CONF.nsxv.password)
- nsxv_version = cls.vsm.get_vsm_version()
- # Raise skip testcase exception if nsx-v version is less than 6.2.3
- if (nsxv_version and nsxv_version < '6.2.3'):
- msg = ('NSX-v version should be greater than or equal to 6.2.3')
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(TestDHCP121BasicOps, cls).resource_setup()
-
- @classmethod
- def resource_cleanup(cls):
- super(TestDHCP121BasicOps, cls).resource_cleanup()
-
- def tearDown(self):
- self.remove_project_network()
- super(TestDHCP121BasicOps, self).tearDown()
-
- def remove_project_network(self):
- project_name = 'green'
- tenant = getattr(self, project_name, None)
- if tenant:
- servers_client = tenant['client_mgr'].servers_client
- dmgr.delete_all_servers(servers_client)
- self.disassociate_floatingip(tenant['fip1'],
- and_delete=True)
-
- def check_server_connected(self, serv):
- # Fetch tenant-network from where vm deployed
- serv_net = list(serv['addresses'].keys())[0]
- serv_addr = serv['addresses'][serv_net][0]
- host_ip = serv_addr['addr']
- self.waitfor_host_connected(host_ip)
-
- def create_project_network_subnet(self,
- name_prefix='dhcp-project'):
- network_name = data_utils.rand_name(name_prefix)
- network, subnet = self.create_network_subnet(
- name=network_name)
- return (network['id'], network, subnet)
-
- def dhcp_121_metadata_hostroutes_check_on_vm_nsxv(self, vm_env):
- self.serv_fip = vm_env['fip1']['floating_ip_address']
- username, password = self.get_image_userpass()
- # Connect to instance launched using ssh lib
- client = remote_client.RemoteClient(self.serv_fip, username=username,
- password=password)
- # Executes route over launched instance
- cmd = ('/sbin/route -n')
- out_data = client.exec_command(cmd)
- self.assertIn(Metadataserver_ip, out_data)
- LOG.info("Metadata routes available on vm")
- cmd = ('wget http://169.254.169.254 -O sample.txt')
- client.exec_command(cmd)
- cmd = ('cat sample.txt')
- out_data = client.exec_command(cmd)
- # Check metadata server inforamtion available or not
- self.assertIn('latest', out_data)
- LOG.info("metadata server is acessible")
- # Fetch dhcp edge infor from nsx-v
- exc_edge = self.vsm.get_dhcp_edge_info()
- self.assertIsNotNone(exc_edge)
- # Fetch host-route and metadata info from nsx-v
- dhcp_options_info = {}
- dhcp_options_info = \
- exc_edge['staticBindings']['staticBindings'][0]['dhcpOptions']
- # Check Host Route information avaialable at beckend
- self.assertIn(
- Metadataserver_ip,
- dhcp_options_info['option121'][
- 'staticRoutes'][0]['destinationSubnet'])
- # Storing sec-group, network, subnet, router, server info in dict
- project_dict = dict(security_group=vm_env['security_group'],
- network=vm_env['network'], subnet=vm_env['subnet'],
- router=vm_env['router'],
- client_mgr=vm_env['client_mgr'],
- serv1=vm_env['serv1'], fip1=vm_env['fip1'])
- return project_dict
-
- def dhcp_121_hostroutes_clear(self, vm_env):
- # Fetch next hop information from tempest.conf
- next_hop = CONF.network.project_network_cidr
- self.nexthop_host_route = next_hop.rsplit('.', 1)[0]
- # Floating-ip of VM
- self.serv_fip = vm_env['fip1']['floating_ip_address']
- username, password = self.get_image_userpass()
- subnet_id = vm_env['subnet']['id']
- subnet_info = self.subnets_client.show_subnet(subnet_id)
- self.nexthop1 = subnet_info['subnet']['gateway_ip']
- # Update subnet with host routes
- public_net_cidr = CONF.network.public_network_cidr
- _subnet_data = {'host_routes': [{'destination': '10.20.0.0/32',
- 'nexthop': '10.100.1.1'}],
- 'new_host_routes': [{'destination': public_net_cidr,
- 'nexthop': self.nexthop1}]}
- new_host_routes = _subnet_data['new_host_routes']
- kwargs = {'host_routes': new_host_routes}
- new_name = "New_subnet"
- # Update subnet with host-route info
- self.subnets_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- # Connect to instance launched using ssh lib
- client = remote_client.RemoteClient(self.serv_fip, username=username,
- password=password)
- # Executes route over instance launched
- fixed_ip = vm_env['fip1']['fixed_ip_address']
- client._renew_lease_udhcpc(fixed_ip)
- cmd = ('/sbin/route -n')
- out_data = client.exec_command(cmd)
- self.assertIn(
- _subnet_data['new_host_routes'][0]['nexthop'], out_data)
- self.assertIn(self.nexthop_host_route, out_data)
- LOG.info("Host routes available on vm")
- # Check Host route info at beckend
- exc_edge = self.vsm.get_dhcp_edge_info()
- self.assertIsNotNone(exc_edge)
- # Fetch host-route and metadata info from nsx-v
- dhcp_options_info = {}
- dhcp_options_info = exc_edge['staticBindings']['staticBindings'][0][
- 'dhcpOptions']['option121']['staticRoutes']
- # Check Host Route information avaialable at beckend
- for destination_net in dhcp_options_info:
- dest = _subnet_data['new_host_routes'][0]['destination']
- dest_subnet = destination_net['destinationSubnet']
- dest_router = destination_net['router']
- if (dest in dest_subnet and self.nexthop1 in dest_router):
- LOG.info("Host routes available on nsxv")
- # Update subnet with no host-routes
- _subnet_data1 = {'new_host_routes': []}
- new_host_routes = _subnet_data1['new_host_routes']
- kwargs = {'host_routes': new_host_routes}
- new_name = "New_subnet"
- self.subnets_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- # Executes route over instance launched
- fixed_ip = vm_env['fip1']['fixed_ip_address']
- client._renew_lease_udhcpc(fixed_ip)
- cmd = ('/sbin/route -n')
- out_data = client.exec_command(cmd)
- self.assertIsNotNone(out_data)
- # Check Host routes on VM shouldn't be avialable
- self.assertNotIn(
- _subnet_data['new_host_routes'][0]['destination'], out_data)
- # Check Host-routes at beckend after deletion
- exc_edge = self.vsm.get_dhcp_edge_info()
- self.assertIsNotNone(exc_edge)
- dhcp_options_info = []
- dhcp_options_info = exc_edge['staticBindings']['staticBindings'][0][
- 'dhcpOptions']['option121']['staticRoutes']
- # Check Host Route information avaialable at beckend
- for destination_net in dhcp_options_info:
- if (_subnet_data['new_host_routes'][0]['destination']
- not in destination_net['destinationSubnet']):
- LOG.info("Host routes not available on nsxv")
- project_dict = dict(security_group=vm_env['security_group'],
- network=vm_env['network'], subnet=vm_env['subnet'],
- router=vm_env['router'],
- client_mgr=vm_env['client_mgr'],
- serv1=vm_env['serv1'], fip1=vm_env['fip1'])
- return project_dict
-
- def create_project_network_subnet_with_cidr(self,
- name_prefix='dhcp-project',
- cidr=None):
- network_name = data_utils.rand_name(name_prefix)
- network, subnet = self.create_network_subnet_with_cidr(
- name=network_name, cidr=cidr)
- return (network, subnet)
-
- def create_port(self, network_id):
- port_client = self.manager.ports_client
- return HELO.create_port(self, network_id=network_id,
- client=port_client)
-
- def create_network_subnet_with_cidr(self, client_mgr=None,
- tenant_id=None, name=None, cidr=None):
- client_mgr = client_mgr or self.manager
- tenant_id = tenant_id
- name = name or data_utils.rand_name('topo-deploy-network')
- net_network = self.create_network(
- client=client_mgr.networks_client,
- tenant_id=tenant_id, name=name)
- net_subnet = self.create_subnet(
- client=client_mgr.subnets_client,
- network=net_network,
- cidr=cidr, name=net_network['name'])
- return net_network, net_subnet
-
- def setup_vm_enviornment(self, client_mgr, t_id,
- check_outside_world=True,
- cidr_offset=0):
- t_network, t_subnet, t_router = self.setup_project_network(
- self.public_network_id, namestart=("deploy-%s-dhcp" % t_id),
- cidr_offset=1)
- t_security_group = self._create_security_group(
- security_groups_client=self.security_groups_client,
- security_group_rules_client=self.security_group_rules_client,
- namestart='adm')
- username, password = self.get_image_userpass()
- security_groups = [{'name': t_security_group['id']}]
- t_serv1 = self.create_server_on_network(
- t_network, security_groups,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=t_network['name'])
- self.check_server_connected(t_serv1)
- t_floatingip = self.create_floatingip_for_server(
- t_serv1, client_mgr=self.admin_manager)
- msg = ("Associate t_floatingip[%s] to server[%s]"
- % (t_floatingip, t_serv1['name']))
- self._check_floatingip_connectivity(
- t_floatingip, t_serv1, should_connect=True, msg=msg)
- vm_enviornment = dict(security_group=t_security_group,
- network=t_network, subnet=t_subnet,
- router=t_router, client_mgr=client_mgr,
- serv1=t_serv1, fip1=t_floatingip)
- return vm_enviornment
-
-
-class TestDhcpMetadata(TestDHCP121BasicOps):
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('95d06aba-895f-47f8-b47d-ae48c6853a85')
- def test_dhcp_121_metadata_check_on_vm_nsxv(self):
- LOG.info("Testcase DHCP-121 option metadata check on vm and "
- "on nsx deploying")
- self.vm_env = self.setup_vm_enviornment(self.manager, 'green', True)
- self.green = self.dhcp_121_metadata_hostroutes_check_on_vm_nsxv(
- self.vm_env)
- LOG.info("Testcase DHCP-121 option metadata check on vm and on "
- "nsx completed")
-
-
-class TestDhcpHostroutesClear(TestDHCP121BasicOps):
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('6bec6eb4-8632-493d-a895-a3ee87cb3002')
- def test_dhcp_121_hostroutes_clear(self):
- LOG.info("Testcase DHCP-121 option host routes clear deploying")
- self.vm_env = self.setup_vm_enviornment(self.manager, 'green', True)
- self.green = self.dhcp_121_hostroutes_clear(self.vm_env)
- LOG.info("Testcase DHCP-121 option host routes clear completed")
-
-
-class TestDhcpNegative(TestDHCP121BasicOps):
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('a58dc6c5-9f28-4184-baf7-37ded52593c4')
- def test_dhcp121_negative_test(self):
- LOG.info("Testcase DHCP-121 option negative test deploying")
- t_net_id, t_network, t_subnet =\
- self.create_project_network_subnet('admin')
- subnet_id = t_subnet['id']
- kwargs = {'enable_dhcp': 'false'}
- new_name = "New_subnet"
- # Update subnet with disable dhcp subnet
- self.subnets_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- # Fetch next hop information from tempest.conf
- next_hop = CONF.network.project_network_cidr
- self.nexthop_host_route = next_hop.rsplit('.', 1)[0]
- self.nexthop1 = self.nexthop_host_route + ".2"
- username, password = self.get_image_userpass()
- # Update subnet with host routes
- _subnet_data = {'host_routes': [{'destination': '10.20.0.0/32',
- 'nexthop': '10.100.1.1'}],
- 'new_host_routes': [{'destination': '10.20.0.0/32',
- 'nexthop': self.nexthop1}]}
- new_host_routes = _subnet_data['new_host_routes']
- kwargs = {'host_routes': new_host_routes}
- new_name = "New_subnet"
- # Update subnet with host-route info
- try:
- self.subnets_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- except exceptions.BadRequest:
- e = sys.exc_info()[0].__dict__['message']
- if (e == "Bad request"):
- LOG.info("Invalid input for operation: "
- "Host routes can only be supported when "
- "DHCP is enabled")
- pass
- subnet_id = t_subnet['id']
- kwargs = {'enable_dhcp': 'true'}
- new_name = "New_subnet"
- # Update subnet with disable dhcp subnet
- self.subnets_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- # Update subnet with host routes
- _subnet_data = {'host_routes': [{'destination': '10.20.0.0/32',
- 'nexthop': '10.100.1.1'}],
- 'new_host_routes': [{'destination': '10.20.0.0/32',
- 'nexthop': self.nexthop1}]}
- new_host_routes = _subnet_data['new_host_routes']
- kwargs = {'host_routes': new_host_routes}
- new_name = "Subnet_host_routes"
- # Update subnet with host-route info
- self.subnets_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- # Disable dhcp subnet
- kwargs = {'enable_dhcp': 'false'}
- # Update subnet with disable dhcp subnet
- try:
- self.subnets_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- except exceptions.BadRequest:
- e = sys.exc_info()[0].__dict__['message']
- if (e == "Bad request"):
- LOG.info("Can't disable DHCP while using host routes")
- pass
- LOG.info("Testcase DHCP-121 option negative test completed")
-
-
-class TestDhcpMultiHostRoute(TestDHCP121BasicOps):
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('c3ca96d7-b704-4d94-b42d-e7bae94b82cd')
- def test_dhcp121_multi_host_route(self):
- LOG.info("Testcase DHCP-121 option multi host routes deploying")
- t_net_id, t_network, t_subnet =\
- self.create_project_network_subnet('admin')
- # Fetch next hop information from tempest.conf
- next_hop = CONF.network.project_network_cidr
- self.nexthop_host_route = next_hop.rsplit('.', 1)[0]
- self.nexthop1 = self.nexthop_host_route + ".2"
- # Update subnet with host routes
- _subnet_data = {'host_routes': [{'destination': '10.20.0.0/32',
- 'nexthop': '10.100.1.1'}],
- 'new_host_routes': [{'destination': '10.20.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.21.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.22.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.23.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.24.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.25.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.26.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.27.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.28.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.29.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.30.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.31.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.32.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.33.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.34.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.35.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.36.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.37.0.0/32',
- 'nexthop': self.nexthop1},
- {'destination': '10.38.0.0/32',
- 'nexthop': self.nexthop1}]}
- new_host_routes = _subnet_data['new_host_routes']
- kwargs = {'host_routes': new_host_routes}
- new_name = "New_subnet"
- subnet_id = t_subnet['id']
- # Update subnet with host-route info
- subnet = self.subnets_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- '''
- Above No of host-routes added are 19 so checking len of
- subnet host_routes equal to 19 or not
- '''
- if (len(subnet['subnet']['host_routes']) == 19):
- LOG.info("Multiple entries for host routes available")
- LOG.info("Testcase DHCP-121 option multi host routes completed")
-
-
-class TestDhcpHostRoutesBetweenVms(TestDHCP121BasicOps):
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('34e6d23f-db00-446e-8299-57ff2c0911b2')
- def test_host_routes_between_vms(self):
- client_mgr = self.manager
- next_hop = CONF.network.project_network_cidr
- ip = next_hop.rsplit('/', 1)[0]
- ip2int = lambda ipstr: struct.unpack('!I', socket.inet_aton(ipstr))[0]
- ss = (ip2int(ip))
- int2ip = lambda n: socket.inet_ntoa(struct.pack('!I', n))
- new_network_cidr = (int2ip(ss + 256))
- net_mask = str(CONF.network.project_network_mask_bits)
- new_network_cidr = new_network_cidr + '/' + net_mask
- cidr = netaddr.IPNetwork(new_network_cidr)
- self.green = self.setup_vm_enviornment(self.manager, 'green', True)
- network, subnet =\
- self.create_project_network_subnet_with_cidr('dhcp121-tenant',
- cidr=cidr)
- net_id = network['id']
- # Create Port
- port = self.create_port(net_id)
- HELO.router_add_port_interface(self, net_router=self.green['router'],
- net_port=port, client_mgr=client_mgr)
- t_security_group = self._create_security_group(
- security_groups_client=self.security_groups_client,
- security_group_rules_client=self.security_group_rules_client,
- namestart='adm')
- username, password = self.get_image_userpass()
- security_groups = [{'name': t_security_group['name']}]
- _subnet_data = {'host_routes': [{'destination': '10.20.0.0/32',
- 'nexthop': '10.100.1.1'}],
- 'new_host_routes': [{
- 'destination': CONF.network.public_network_cidr,
- 'nexthop': port['fixed_ips'][0]['ip_address']}]}
- subnet_client = client_mgr.subnets_client
- subnet_id = subnet['id']
- new_name = "New_subnet"
- new_host_routes = _subnet_data['new_host_routes']
- kwargs = {'host_routes': new_host_routes}
- # Update subnet with host-route info
- subnet_client.update_subnet(
- subnet_id, name=new_name, **kwargs)
- # launched dest vm
- t_serv2 = self.create_server_on_network(
- network, security_groups,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=network['name'])
- self.check_server_connected(t_serv2)
- time.sleep(dmgr.WAITTIME_FOR_CONNECTIVITY)
- # Connect to instance launched using ssh lib
- self.serv_fip = self.green['fip1']['floating_ip_address']
- username, password = self.get_image_userpass()
- client = remote_client.RemoteClient(self.serv_fip, username=username,
- password=password)
- network_name = network['name']
- dest_ip = t_serv2['addresses'][network_name][0]['addr']
- # Ping dest vm from source vm
- cmd = ('ping %s -c 3' % dest_ip)
- out_data = client.exec_command(cmd)
- desired_output = "64 bytes from %s" % dest_ip
- self.assertIn(desired_output, out_data)
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_dns_search_domain_basic_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_dns_search_domain_basic_ops.py
deleted file mode 100644
index fc0eee3ed8..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_dns_search_domain_basic_ops.py
+++ /dev/null
@@ -1,238 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.common import waiters
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions
-
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- manager_topo_deployment as dmgr)
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as HELO)
-
-CONF = config.CONF
-DNS_SEARCH_DOMAIN = 'dns_search_domain'
-
-
-class TestDnsSearchDomainBasicOps(dmgr.TopoDeployScenarioManager):
- """Test dns_search_domain working in subnets w/wo dns_search_domain.
-
- network's subnet with dns_search_domain configured:
- CONF.network.host_in_search_domain can be resolved,
- update dns_search_dmain='' then host can not be resolved.
- network's subnet without dns_search_domain configured:
- CONF.network.host_in_search_domain can not be resolved,
- update dns_search_dmain to CONF.network_dns_search_domain,
- then host can be resolved.
-
- Verify above 2 scenarios under shared/exclusive/distributed routers.
- """
- @classmethod
- def resource_setup(cls):
- super(TestDnsSearchDomainBasicOps, cls).resource_setup()
- cls.dns_search_domain = CONF.network.dns_search_domain
- cls.host_in_search_domain = CONF.network.host_in_search_domain
-
- @classmethod
- def resource_cleanup(cls):
- # lately, server up and down take long time. let's delete servers
- # before test's auto cleanup kickin.
- dmgr.delete_all_servers(cls.servers_client)
- super(TestDnsSearchDomainBasicOps, cls).resource_cleanup()
-
- def create_networks(self, dns_search_domain=None, cidr_offset=0):
- prefix_name = 'dns-search' if dns_search_domain else 'no-search'
- network_name = data_utils.rand_name(prefix_name)
- network = self.create_network(client=self.networks_client,
- name=network_name)
- network = network.get('network', network)
- subnet_kwargs = dict(name=network_name,
- dns_nameservers=CONF.network.dns_servers,
- cidr_offset=cidr_offset)
- if dns_search_domain:
- subnet_kwargs[DNS_SEARCH_DOMAIN] = dns_search_domain
- subnet = self.create_subnet(network,
- client=self.subnets_client,
- **subnet_kwargs)
- subnet = subnet.get('subnet', subnet)
- if dns_search_domain:
- self.assertEqual(dns_search_domain, subnet[DNS_SEARCH_DOMAIN])
- return (network, subnet, dns_search_domain)
-
- def create_router_by_type(self, router_type, client=None,
- name=None, **kwargs):
- routers_client = client or self.admin_manager.routers_client
- create_kwargs = dict(namestart='dns-search', external_gateway_info={
- "network_id": CONF.network.public_network_id})
- if router_type in ('shared', 'exclusive'):
- create_kwargs['router_type'] = router_type
- elif router_type in ('distributed'):
- create_kwargs['distributed'] = True
- create_kwargs.update(**kwargs)
- router = HELO.router_create(self, client=routers_client,
- **create_kwargs)
- return router
-
- def create_router_and_add_interfaces(self, router_type, net_list,
- client_mgr=None):
- client_mgr = client_mgr or self.admin_manager
- routers_client = client_mgr.routers_client
- router = self.create_router_by_type(router_type,
- client=routers_client)
- for (network, subnet, dns_search_domain) in net_list:
- HELO.router_interface_add(self, router['id'], subnet['id'],
- client=routers_client)
- return router
-
- def setup_tenant_networks(self, router_type):
- self.networks_with_search_domain = self.create_networks(
- self.dns_search_domain, cidr_offset=1)
- self.networks_wo_search_domain = self.create_networks(
- None, cidr_offset=2)
- net_list = [self.networks_with_search_domain,
- self.networks_wo_search_domain]
- router = self.create_router_and_add_interfaces(router_type, net_list)
- return (router, net_list)
-
- def create_security_group_with_loginable_rules(self):
- security_group = self._create_security_group(
- security_groups_client=self.security_groups_client,
- namestart='dns-search-')
- return security_group
-
- def wait_for_servers_become_active(self, server_id_list):
- servers_client = self.admin_manager.servers_client
- for server_id in server_id_list:
- waiters.wait_for_server_status(
- servers_client, server_id, 'ACTIVE')
-
- def create_servers_on_networks(self, networks_info, security_group):
- servers_client = self.servers_client
- (network, subnet, dns_search_domain) = networks_info
- security_groups = [{'name': security_group['id']}]
- svr = self.create_server_on_network(
- network, security_groups, name=network['name'],
- wait_on_boot=False,
- servers_client=self.servers_client)
- server_info = dict(
- server=svr, network=network, subnet=subnet,
- dns_search_domain=dns_search_domain,
- security_group=security_group,
- servers_client=servers_client)
- return server_info
-
- def create_floatingip_for_server(self, server):
- username, password = self.get_image_userpass()
- floatingip = super(TestDnsSearchDomainBasicOps,
- self).create_floatingip_for_server(
- server, client_mgr=self.admin_manager)
- msg = ("Associate floatingip[%s] to server[%s]"
- % (floatingip, server['name']))
- self._check_floatingip_connectivity(
- floatingip, server, should_connect=True, msg=msg)
- serv_fip = floatingip['floating_ip_address']
- dmgr.rm_sshkey(serv_fip)
- ssh_client = dmgr.get_remote_client_by_password(
- serv_fip, username, password)
- return (floatingip, ssh_client)
-
- def _test_host_cannot_be_resolved(self):
- """"test CONF.network.host_in_dns_search_dmain can not be resolved.
-
- The network/subnet does not define dns_search_domain and
- its host_in_search_domain in dns_search_domain can not be resolved.
-
- Later, update dns_search_domain to CONF.network.dns_search_domain,
- then the host can be resovled.
- """
- floatingip, sshc = self.create_floatingip_for_server(
- self.net_wo_search['server'])
- ping_cmd = 'ping -c3 %s' % self.host_in_search_domain
- self.assertRaises(exceptions.SSHExecCommandFailed,
- sshc.exec_command,
- ping_cmd)
- subnet = self.net_wo_search['subnet']
- subnet = self.subnets_client.update_subnet(
- subnet['id'],
- dns_search_domain=self.dns_search_domain)
- subnet = subnet.get('subnet', subnet)
- self.assertEqual(subnet[DNS_SEARCH_DOMAIN],
- self.dns_search_domain)
- # renew dhcp lease to force dns_search_domain update too
- sshc.renew_lease(floatingip['fixed_ip_address'],
- dhcp_client=CONF.scenario.dhcp_client)
- sshc.exec_command(ping_cmd)
-
- def _test_host_can_be_resolved(self):
- """"test CONF.network.host_in_dns_search_dmain can be resolved.
-
- The network/subnet has dns_search_domain defined and
- its host_in_search_domain is in dns_search_domain should be resolved.
-
- Later, update dns_search_domain to '', then the host is not resovled.
- """
- floatingip, sshc = self.create_floatingip_for_server(
- self.net_w_search['server'])
- ping_cmd = 'ping -c3 %s' % self.host_in_search_domain
- sshc.exec_command(ping_cmd)
- subnet = self.net_w_search['subnet']
- subnet = self.subnets_client.update_subnet(
- subnet['id'], dns_search_domain='')
- subnet = subnet.get('subnet', subnet)
- self.assertEqual(subnet[DNS_SEARCH_DOMAIN], '')
- # renew dhcp lease to force dns_search_domain update too
- sshc.renew_lease(floatingip['fixed_ip_address'],
- dhcp_client=CONF.scenario.dhcp_client)
- self.assertRaises(exceptions.SSHExecCommandFailed,
- sshc.exec_command,
- ping_cmd)
-
- # entry point for dns_search_domain test for different router-type
- def run_dns_search_domain_basic_ops(self, router_type):
- router, net_list = self.setup_tenant_networks(router_type)
- security_group = self.create_security_group_with_loginable_rules()
- self.net_w_search = self.create_servers_on_networks(
- self.networks_with_search_domain, security_group)
- self.net_wo_search = self.create_servers_on_networks(
- self.networks_wo_search_domain, security_group)
- server_id_list = [self.net_w_search['server']['id'],
- self.net_wo_search['server']['id']]
- self.wait_for_servers_become_active(server_id_list)
- self._test_host_can_be_resolved()
- self._test_host_cannot_be_resolved()
-
-
-class TestDnsSearchDomainOpsOverSharedRouter(TestDnsSearchDomainBasicOps):
-
- @decorators.idempotent_id('5556cdce-075c-437a-9d9d-f1e4583e9f4c')
- def test_dns_search_domain_ops_over_shared_router(self):
- return self.run_dns_search_domain_basic_ops('shared')
-
-
-class TestDnsSearchDomainOpsOverExclusiveRouter(TestDnsSearchDomainBasicOps):
-
- @decorators.idempotent_id('6878c3cf-88d2-46ef-b366-b2a49bfa1e0a')
- def test_dns_search_domain_ops_over_exclusive_router(self):
- return self.run_dns_search_domain_basic_ops('exclusive')
-
-
-class TestDnsSearchDomainOpsOverDistributedeRouter(
- TestDnsSearchDomainBasicOps):
-
- @decorators.idempotent_id('ad24cb58-532a-4675-9bbc-98ec4c296716')
- def test_dns_search_domain_ops_over_distributed_router(self):
- return self.run_dns_search_domain_basic_ops('distributed')
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_dvr_basic_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_dvr_basic_ops.py
deleted file mode 100644
index e04cb9168c..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_dvr_basic_ops.py
+++ /dev/null
@@ -1,466 +0,0 @@
-# Copyright 2012 OpenStack Foundation
-# Copyright 2015 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import collections
-import re
-import time
-
-from oslo_log import log as logging
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as HELO)
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-FIP_OPS_TIMEOUT = 10
-LOG = logging.getLogger(__name__)
-
-Floating_IP_tuple = collections.namedtuple('Floating_IP_tuple',
- ['floating_ip', 'server'])
-
-
-class TestDvrBasicOps(manager.NetworkScenarioTest):
-
- """
- This smoke test suite assumes that Nova has been configured to
- boot VM's with Neutron-managed networking, and attempts to
- verify network connectivity as follows:
-
- There are presumed to be two types of networks: tenant and
- public. A tenant network may or may not be reachable from the
- Tempest host. A public network is assumed to be reachable from
- the Tempest host, and it should be possible to associate a public
- ('floating') IP address with a tenant ('fixed') IP address to
- facilitate external connectivity to a potentially unroutable
- tenant IP address.
-
- This test suite can be configured to test network connectivity to
- a VM via a tenant network, a public network, or both. If both
- networking types are to be evaluated, tests that need to be
- executed remotely on the VM (via ssh) will only be run against
- one of the networks (to minimize test execution time).
-
- Determine which types of networks to test as follows:
-
- * Configure tenant network checks (via the
- 'project_networks_reachable' key) if the Tempest host should
- have direct connectivity to tenant networks. This is likely to
- be the case if Tempest is running on the same host as a
- single-node devstack installation with IP namespaces disabled.
-
- * Configure checks for a public network if a public network has
- been configured prior to the test suite being run and if the
- Tempest host should have connectivity to that public network.
- Checking connectivity for a public network requires that a
- value be provided for 'public_network_id'. A value can
- optionally be provided for 'public_router_id' if tenants will
- use a shared router to access a public network (as is likely to
- be the case when IP namespaces are not enabled). If a value is
- not provided for 'public_router_id', a router will be created
- for each tenant and use the network identified by
- 'public_network_id' as its gateway.
-
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestDvrBasicOps, cls).skip_checks()
- if not (CONF.network.project_networks_reachable or
- CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
- for ext in ['router', 'security-group', 'dvr']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- # Ask framework to not create network resources for these tests.
- cls.set_network_resources()
- super(TestDvrBasicOps, cls).setup_credentials()
-
- def setUp(self):
- super(TestDvrBasicOps, self).setUp()
- self.keypairs = {}
- self.servers = []
-
- def _setup_network_and_servers(self, **kwargs):
- boot_with_port = kwargs.pop('boot_with_port', False)
- self.security_group = self._create_security_group()
- self.network, self.subnet, self.router = self.create_networks(**kwargs)
- self.check_networks()
-
- self.port_id = None
- if boot_with_port:
- # create a port on the network and boot with that
- self.port_id = self._create_port(self.network['id'])['id']
-
- name = data_utils.rand_name('server-smoke')
- server = self._create_server(name, self.network, self.port_id)
- self._check_project_network_connectivity()
-
- floating_ip = self.create_floating_ip(server)
- self.floating_ip_tuple = Floating_IP_tuple(floating_ip, server)
-
- # overwrite super class who does not accept router attributes
- def create_networks(self, dns_nameservers=None, **kwargs):
- namestart = 'dvr-ops'
- routers_client = self.routers_client
- networks_client = self.networks_client
- subnets_client = self.subnets_client
- network = self._create_network(
- networks_client=networks_client,
- namestart=namestart)
-
- router_kwargs = dict(client=routers_client, namestart=namestart)
- for k in kwargs.keys():
- if k in ('distributed', 'router_type', 'router_size'):
- router_kwargs[k] = kwargs.pop(k)
- router = self._create_router(**router_kwargs)
- HELO.router_gateway_set(self, router['id'],
- CONF.network.public_network_id,
- routers_client)
-
- subnet_kwargs = dict(network=network,
- namestart=namestart,
- subnets_client=subnets_client)
- # use explicit check because empty list is a valid option
- if dns_nameservers is not None:
- subnet_kwargs['dns_nameservers'] = dns_nameservers
- subnet = self._create_subnet(**subnet_kwargs)
- HELO.router_interface_add(self, router['id'], subnet['id'],
- routers_client)
- return network, subnet, router
-
- # overwrite super class
- def _create_router(self, client=None, tenant_id=None,
- namestart='dvr-ops', **kwargs):
- return HELO.router_create(self, client,
- tenant_id=tenant_id,
- namestart=namestart,
- admin_state_up=True,
- **kwargs)
-
- def check_networks(self):
- HELO.check_networks(self, self.network, self.subnet, self.router)
-
- def _create_server(self, name, network, port_id=None):
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- security_groups = [{'name': self.security_group['name']}]
- create_kwargs = {
- 'networks': [
- {'uuid': network['id']},
- ],
- 'key_name': keypair['name'],
- 'security_groups': security_groups,
- 'wait_until': 'ACTIVE',
- }
- if port_id is not None:
- create_kwargs['networks'][0]['port'] = port_id
- server = self.create_server(name=name, **create_kwargs)
- self.servers.append(server)
- return server
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _check_project_network_connectivity(self):
- ssh_login = CONF.validation.image_ssh_user
- for server in self.servers:
- # call the common method in the parent class
- super(TestDvrBasicOps, self).\
- _check_tenant_network_connectivity(
- server, ssh_login, self._get_server_key(server),
- servers_for_debug=self.servers)
-
- def check_public_network_connectivity(
- self, should_connect=True, msg=None,
- should_check_floating_ip_status=True):
- """Verifies connectivty to a VM via public network and floating IP,
- and verifies floating IP has resource status is correct.
-
- :param should_connect: bool. determines if connectivity check is
- negative or positive.
- :param msg: Failure message to add to Error message. Should describe
- the place in the test scenario where the method was called,
- to indicate the context of the failure
- :param should_check_floating_ip_status: bool. should status of
- floating_ip be checked or not
- """
- ssh_login = CONF.validation.image_ssh_user
- floating_ip, server = self.floating_ip_tuple
- ip_address = floating_ip['floating_ip_address']
- private_key = None
- floatingip_status = 'DOWN'
- if should_connect:
- private_key = self._get_server_key(server)
- floatingip_status = 'ACTIVE'
- # Check FloatingIP Status before initiating a connection
- if should_check_floating_ip_status:
- self.check_floating_ip_status(floating_ip, floatingip_status)
- # call the common method in the parent class
- super(TestDvrBasicOps, self).check_public_network_connectivity(
- ip_address, ssh_login, private_key, should_connect, msg,
- self.servers)
-
- def _disassociate_floating_ips(self):
- floating_ip, server = self.floating_ip_tuple
- self._disassociate_floating_ip(floating_ip)
- self.floating_ip_tuple = Floating_IP_tuple(
- floating_ip, None)
-
- def _reassociate_floating_ips(self):
- floating_ip, server = self.floating_ip_tuple
- name = data_utils.rand_name('new_server-smoke')
- # create a new server for the floating ip
- server = self._create_server(name, self.network)
- self._associate_floating_ip(floating_ip, server)
- self.floating_ip_tuple = Floating_IP_tuple(
- floating_ip, server)
-
- def _create_new_network(self, create_gateway=False):
- self.new_net = self._create_network()
- if create_gateway:
- self.new_subnet = self._create_subnet(
- network=self.new_net)
- else:
- self.new_subnet = self._create_subnet(
- network=self.new_net,
- gateway_ip=None)
-
- def _get_server_nics(self, ssh_client):
- reg = re.compile(r'(?P\d+): (?P\w+):')
- ipatxt = ssh_client.exec_command("ip address")
- return reg.findall(ipatxt)
-
- def _list_subnets(self, *args, **kwargs):
- """List subnets using admin creds """
- subnets_list = self.admin_manager.subnets_client.list_subnets(
- *args, **kwargs)
- return subnets_list['subnets']
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def _check_network_internal_connectivity(self, network,
- should_connect=True):
- """
- via ssh check VM internal connectivity:
- - ping internal gateway and DHCP port, implying in-tenant connectivity
- pinging both, because L3 and DHCP agents might be on different nodes
- """
- floating_ip, server = self.floating_ip_tuple
- # get internal ports' ips:
- # get all network ports in the new network
- internal_ips = (p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=server['tenant_id'],
- network_id=network['id'])
- if (p['device_owner'].startswith('network') and
- not p['device_owner'].endswith('dhcp')))
-
- self._check_server_connectivity(floating_ip,
- internal_ips,
- should_connect)
-
- def _check_network_external_connectivity(self):
- """
- ping public network default gateway to imply external connectivity
-
- """
- if not CONF.network.public_network_id:
- msg = 'public network not defined.'
- LOG.debug(msg)
- return
-
- # We ping the external IP from the instance using its floating IP
- # which is always IPv4, so we must only test connectivity to
- # external IPv4 IPs if the external network is dualstack.
- v4_subnets = [s for s in self._list_subnets(
- network_id=CONF.network.public_network_id) if s['ip_version'] == 4]
- self.assertEqual(1, len(v4_subnets),
- "Found %d IPv4 subnets" % len(v4_subnets))
-
- external_ips = [v4_subnets[0]['gateway_ip']]
- self._check_server_connectivity(self.floating_ip_tuple.floating_ip,
- external_ips)
-
- def _check_server_connectivity(self, floating_ip, address_list,
- should_connect=True):
- ip_address = floating_ip['floating_ip_address']
- private_key = self._get_server_key(self.floating_ip_tuple.server)
- # ssh_source = self._ssh_to_server(ip_address, private_key)
- ssh_source = self.get_remote_client(ip_address,
- private_key=private_key)
-
- for remote_ip in address_list:
- if should_connect:
- msg = "Timed out waiting for "
- "%s to become reachable" % remote_ip
- else:
- msg = "ip address %s is reachable" % remote_ip
- try:
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, remote_ip, should_connect),
- msg)
- except Exception:
- LOG.debug("Unable to access {dest} via ssh to "
- "floating-ip {src}".format(dest=remote_ip,
- src=floating_ip))
- raise
-
- @decorators.idempotent_id('62eb50a8-45f3-4eec-acc4-f01cee10a011')
- @test.services('compute', 'network')
- def test_dvr_network_basic_ops(self):
- """
- For a freshly-booted VM with an IP address ("port") on a given
- network:
-
- - the Tempest host can ping the IP address. This implies, but
- does not guarantee (see the ssh check that follows), that the
- VM has been assigned the correct IP address and has
- connectivity to the Tempest host.
-
- - the Tempest host can perform key-based authentication to an
- ssh server hosted at the IP address. This check guarantees
- that the IP address is associated with the target VM.
-
- - the Tempest host can ssh into the VM via the IP address and
- successfully execute the following:
-
- - ping an external IP address, implying external connectivity.
-
- - ping an external hostname, implying that dns is correctly
- configured.
-
- - ping an internal IP address, implying connectivity to another
- VM on the same network.
-
- - detach the floating-ip from the VM and verify that it becomes
- unreachable
-
- - associate detached floating ip to a new VM and verify connectivity.
- VMs are created with unique keypair so connectivity also asserts that
- floating IP is associated with the new VM instead of the old one
-
- Verifies that floating IP status is updated correctly after each change
-
-
- """
- self._setup_network_and_servers(distributed=True)
- LOG.debug("Sleeping %ss after associate floating ip %s" %
- (FIP_OPS_TIMEOUT, self.floating_ip_tuple))
- self.check_public_network_connectivity(should_connect=True)
- self._check_network_internal_connectivity(network=self.network)
- self._check_network_external_connectivity()
- self._disassociate_floating_ips()
- LOG.debug("Sleeping %ss after disassociate floating ip %s" %
- (FIP_OPS_TIMEOUT, self.floating_ip_tuple))
- self.check_public_network_connectivity(should_connect=False,
- msg="after disassociate "
- "floating ip")
- self._reassociate_floating_ips()
- LOG.debug("Sleeping %ss after reassociate floating ip %s" %
- (FIP_OPS_TIMEOUT, self.floating_ip_tuple))
- self.check_public_network_connectivity(should_connect=True,
- msg="after re-associate "
- "floating ip")
-
- @decorators.idempotent_id('d99b62ec-28ce-44db-a195-edb74037a354')
- @test.services('compute', 'network')
- def test_dvr_connectivity_between_vms_on_different_networks(self):
- """
- For a freshly-booted VM with an IP address ("port") on a given
- network:
-
- - the Tempest host can ping the IP address.
-
- - the Tempest host can ssh into the VM via the IP address and
- successfully execute the following:
-
- - ping an external IP address, implying external connectivity.
-
- - ping an external hostname, implying that dns is correctly
- configured.
-
- - ping an internal IP address, implying connectivity to another
- VM on the same network.
-
- - Create another network on the same tenant with subnet, create
- an VM on the new network.
-
- - Ping the new VM from previous VM failed since the new network
- was not attached to router yet.
-
- - Attach the new network to the router, Ping the new VM from
- previous VM succeed.
-
- """
- self._setup_network_and_servers(distributed=True)
- LOG.debug("Sleeping %ss after associate floating ip %s" %
- (FIP_OPS_TIMEOUT, self.floating_ip_tuple))
- time.sleep(FIP_OPS_TIMEOUT)
- self.check_public_network_connectivity(should_connect=True)
- self._check_network_internal_connectivity(network=self.network)
- self._check_network_external_connectivity()
- self._create_new_network(create_gateway=True)
- name = data_utils.rand_name('server-smoke')
- self._create_server(name, self.new_net)
- self._check_network_internal_connectivity(network=self.new_net,
- should_connect=False)
- HELO.router_interface_add(self, self.router['id'],
- self.new_subnet['id'])
- self._check_network_internal_connectivity(network=self.new_net,
- should_connect=True)
-
- @decorators.idempotent_id('a73fd605-d55e-4151-b25e-41e7a7ff2258')
- @test.services('compute', 'network')
- def test_dvr_update_router_admin_state(self):
- """
- 1. Check public connectivity before updating
- admin_state_up attribute of router to False
- 2. Check public connectivity after updating
- admin_state_up attribute of router to False
- 3. Check public connectivity after updating
- admin_state_up attribute of router to True
- """
- self._setup_network_and_servers(distributed=True)
- LOG.debug("Sleeping %ss after associate floating ip %s" %
- (FIP_OPS_TIMEOUT, self.floating_ip_tuple))
- time.sleep(FIP_OPS_TIMEOUT)
- self.check_public_network_connectivity(
- should_connect=True, msg="before updating "
- "admin_state_up of router to False")
- self._update_router_admin_state(self.router, False)
- # TODO(alokmaurya): Remove should_check_floating_ip_status=False check
- # once bug 1396310 is fixed
-
- self.check_public_network_connectivity(
- should_connect=False, msg="after updating "
- "admin_state_up of router to False",
- should_check_floating_ip_status=False)
- self._update_router_admin_state(self.router, True)
- self.check_public_network_connectivity(
- should_connect=True, msg="after updating "
- "admin_state_up of router to True")
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_l7_switching_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_l7_switching_ops.py
deleted file mode 100644
index 8a0d65e82e..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_l7_switching_ops.py
+++ /dev/null
@@ -1,184 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import time
-
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.services.lbaas import l7policies_client
-from vmware_nsx_tempest.services.lbaas import l7rules_client
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- test_lbaas_round_robin_ops as lbaas_ops)
-
-
-class TestL7SwitchingOps(lbaas_ops.LBaasRoundRobinBaseTest):
-
- """This test validates lbaas l7 switching with round-robin opertion.
-
- Test leverage test_lbaas_round_robin to create the basic round-robin
- operation, and then build l7 pool and members to forwarding url path
- starts_with value specified.
-
- Manual operation can be found at test proc: https://goo.gl/btDMXy
- """
-
- @classmethod
- def resource_setup(cls):
- super(TestL7SwitchingOps, cls).resource_setup()
- cls.create_lbaas_clients(cls.manager)
- cls.l7policies_client = l7policies_client.get_client(cls.manager)
- cls.l7rules_client = l7rules_client.get_client(cls.manager)
-
- @classmethod
- def setup_credentials(cls):
- super(TestL7SwitchingOps, cls).setup_credentials()
-
- def setUp(self):
- super(TestL7SwitchingOps, self).setUp()
- self.switching_startswith_value1 = "/api"
- self.switching_startswith_value2 = "/api2"
- self.reject_startswith = "/api/v1"
- self.pool7 = None
- self.l7policy1 = None
- self.l7rule1 = None
- self.l7rule_kwargs = dict(type='PATH',
- compare_type='STARTS_WITH',
- value=self.switching_startswith_value1)
- self.l7policy_reject = None
-
- def tearDown(self):
- lb_id = self.loadbalancer['id']
- # teardown lbaas l7 provision
- for policy in [self.l7policy1, self.l7policy_reject]:
- if policy:
- self.l7policies_client.delete_l7policy(policy.get('id'))
- self.wait_for_load_balancer_status(lb_id)
- if self.pool7:
- self.pools_client.delete_pool(self.pool7.get('id'))
- self.wait_for_load_balancer_status(lb_id)
- super(TestL7SwitchingOps, self).tearDown()
-
- def create_and_start_l7_web_servers(self):
- key_name = self.keypair['name']
- network_name = self.network['name']
- security_groups = [{'name': self.security_group['id']}]
- self.server7 = self.create_server_on_network(
- self.network, name=(network_name + "-7"),
- security_groups=security_groups,
- key_name=key_name, wait_on_boot=False,
- servers_client=self.manager.servers_client)
- self.server8 = self.create_server_on_network(
- self.network, name=(network_name + "-8"),
- security_groups=security_groups,
- key_name=key_name, wait_on_boot=False,
- servers_client=self.manager.servers_client)
- self.l7_server_list = [self.server7, self.server8]
- self.wait_for_servers_become_active(self.l7_server_list)
- self.start_web_servers(self.l7_server_list)
-
- def build_l7_switching(self):
- subnet_id = self.subnet.get('id')
- lb_id = self.loadbalancer['id']
- l7_name = self.loadbalancer['name'] + "-7"
- redirect_to_listener_id = self.listener.get('id')
- # build_l7_pool(loadbalancer_id):
- self.pool7 = self.pools_client .create_pool(
- loadbalancer_id=lb_id,
- lb_algorithm=self.lb_algorithm, protocol=self.protocol_type,
- name=l7_name)['pool']
- self.wait_for_load_balancer_status(lb_id)
- pool_id = self.pool7['id']
- self.member7_list = []
- for server in self.l7_server_list:
- fip = server['_floating_ip']
- fixed_ip_address = fip['fixed_ip_address']
- member = self.members_client.create_member(
- pool_id, subnet_id=subnet_id,
- address=fixed_ip_address,
- protocol_port=self.protocol_port)
- self.wait_for_load_balancer_status(lb_id)
- self.member7_list.append(member)
- l7policy_kwargs = dict(action="REDIRECT_TO_POOL",
- redirect_pool_id=pool_id,
- listener_id=redirect_to_listener_id,
- name='policy1')
- l7policy1 = self.l7policies_client.create_l7policy(**l7policy_kwargs)
- self.l7policy1 = l7policy1.get(u'l7policy', l7policy1)
- policy_id = self.l7policy1.get('id')
- self.l7rule1 = self.l7rules_client.create_l7rule(
- policy_id, **self.l7rule_kwargs)['rule']
- l7policy_kwargs = dict(action="REJECT", position=1,
- redirect_pool_id=pool_id,
- listener_id=redirect_to_listener_id,
- name='policy-reject')
- l7policy1 = self.l7policies_client.create_l7policy(**l7policy_kwargs)
- self.l7policy_reject = l7policy1.get(u'l7policy', l7policy1)
- self.reject_policy_id = self.l7policy_reject.get('id')
- l7rule_kwargs = dict(type='PATH',
- compare_type='STARTS_WITH',
- value=self.reject_startswith)
- self.l7rule_reject = self.l7rules_client.create_l7rule(
- self.reject_policy_id, **l7rule_kwargs)['rule']
-
- def check_l7_switching(self, start_path, expected_server_list,
- send_count=6):
- self.do_http_request(start_path, send_count)
- for sv_name, cnt in self.http_cnt.items():
- self.assertIn(sv_name, expected_server_list)
- self.assertTrue(cnt > 0)
-
- def validate_l7_switching(self):
- l7_sv_name_list = [s['name'] for s in self.l7_server_list]
- rr_sv_name_list = [s['name'] for s in self.rr_server_list]
- reject_name_list = ["403"]
-
- # URL prefix api switching to pool7
- self.check_l7_switching('api', l7_sv_name_list, 6)
- # URL prefix ap/i switching to pool1
- self.check_l7_switching('ap/i', rr_sv_name_list, 6)
- # URL prefix api2 switching to pool7
- self.check_l7_switching('api2', l7_sv_name_list, 6)
-
- # URL /api/v1 should be rejected, status=403
- self.check_l7_switching('api/v1', reject_name_list, 6)
-
- # change rule starts_with's value to /api2
- # and /api & /api/2 will be swithed to default pool
- policy_id = self.l7policy1.get('id')
- rule_id = self.l7rule1.get('id')
- self.l7rule_kwargs['value'] = self.switching_startswith_value2
- self.l7rule2 = self.l7rules_client.update_l7rule(
- policy_id, rule_id, **self.l7rule_kwargs)['rule']
- time.sleep(2.0)
- # URL prefix api switching to pool
- self.check_l7_switching('api', rr_sv_name_list, 6)
- # URL prefix api switching to pool
- self.check_l7_switching('api/2', rr_sv_name_list, 6)
- # URL prefix api2 switching to pool7
- self.check_l7_switching('api2', l7_sv_name_list, 6)
- # URL prefix api2 switching to pool
- self.check_l7_switching('xapi2', rr_sv_name_list, 6)
-
- # URL /api/v1 should be rejected, status=403
- self.check_l7_switching('api/v1', reject_name_list, 6)
-
- @decorators.idempotent_id('f11e19e4-16b5-41c7-878d-59b9e943e3ce')
- @test.services('compute', 'network')
- def test_lbaas_l7_switching_ops(self):
- self.create_lbaas_networks()
- self.start_web_servers()
- self.create_project_lbaas()
- self.check_project_lbaas()
- # do l7 provision and testing
- self.create_and_start_l7_web_servers()
- self.build_l7_switching()
- self.validate_l7_switching()
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_round_robin_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_round_robin_ops.py
deleted file mode 100644
index 9df72e2b7f..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_round_robin_ops.py
+++ /dev/null
@@ -1,393 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import tempfile
-import time
-
-from tempest.common import waiters
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest import test
-import urllib3
-
-from vmware_nsx_tempest.services.lbaas import health_monitors_client
-from vmware_nsx_tempest.services.lbaas import listeners_client
-from vmware_nsx_tempest.services.lbaas import load_balancers_client
-from vmware_nsx_tempest.services.lbaas import members_client
-from vmware_nsx_tempest.services.lbaas import pools_client
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- manager_topo_deployment as dmgr)
-
-
-CONF = config.CONF
-LOG = dmgr.manager.log.getLogger(__name__)
-
-
-class LBaasRoundRobinBaseTest(dmgr.TopoDeployScenarioManager):
- """Base class to support LBaaS ROUND-ROBIN test.
-
- It provides the methods to create loadbalancer network, and
- start web servers.
-
- Default lb_algorithm is ROUND_ROBIND.
- """
-
- tenant_router_attrs = {'router_type': 'exclusive'}
-
- @classmethod
- def skip_checks(cls):
- super(LBaasRoundRobinBaseTest, cls).skip_checks()
- cfg = CONF.network
- if not test.is_extension_enabled('lbaasv2', 'network'):
- msg = 'lbaasv2 extension is not enabled.'
- raise cls.skipException(msg)
- if not (cfg.project_networks_reachable or cfg.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(LBaasRoundRobinBaseTest, cls).resource_setup()
- cls.create_lbaas_clients(cls.manager)
-
- @classmethod
- def create_lbaas_clients(cls, mgr):
- cls.load_balancers_client = load_balancers_client.get_client(mgr)
- cls.listeners_client = listeners_client.get_client(mgr)
- cls.pools_client = pools_client.get_client(mgr)
- cls.members_client = members_client.get_client(mgr)
- cls.health_monitors_client = health_monitors_client.get_client(mgr)
-
- @classmethod
- def setup_credentials(cls):
- # Ask framework to not create network resources for these tests.
- cls.set_network_resources()
- super(LBaasRoundRobinBaseTest, cls).setup_credentials()
-
- def setUp(self):
- super(LBaasRoundRobinBaseTest, self).setUp()
- CONF.validation.ssh_shell_prologue = ''
- self.namestart = 'lbaas-ops'
- self.poke_counters = 10
- self.protocol_type = 'HTTP'
- self.protocol_port = 80
- self.lb_algorithm = "ROUND_ROBIN"
- self.hm_delay = 4
- self.hm_max_retries = 3
- self.hm_timeout = 10
- self.hm_type = 'PING'
- self.server_names = []
- self.loadbalancer = None
- self.vip_fip = None
- self.web_service_start_delay = 2.5
-
- def tearDown(self):
- if self.vip_fip:
- LOG.debug("tearDown lbass vip fip")
- self.disassociate_floatingip(self.vip_fip, and_delete=True)
- if self.loadbalancer:
- LOG.debug("tearDown lbass")
- lb_id = self.loadbalancer['id']
- self.delete_loadbalancer_resources(lb_id)
-
- # make sure servers terminated before teardown network resources
- LOG.debug("tearDown lbaas servers")
- server_id_list = []
- for servid in ['server1', 'server2', 'server7', 'server8']:
- server = getattr(self, servid, None)
- if server:
- if '_floating_ip' in server:
- fip = server['_floating_ip']
- self.disassociate_floatingip(fip, and_delete=True)
- self.manager.servers_client.delete_server(server['id'])
- server_id_list.append(server['id'])
- for server_id in server_id_list:
- waiters.wait_for_server_termination(
- self.manager.servers_client, server_id)
- # delete lbaas network before handing back to framework
- super(LBaasRoundRobinBaseTest, self).tearDown()
- LOG.debug("tearDown lbaas exiting...")
-
- def delete_loadbalancer_resources(self, lb_id):
- lb_client = self.load_balancers_client
- statuses = lb_client.show_load_balancer_status_tree(lb_id)
- statuses = statuses.get('statuses', statuses)
- lb = statuses.get('loadbalancer')
- for listener in lb.get('listeners', []):
- for policy in listener.get('l7policies'):
- test_utils.call_and_ignore_notfound_exc(
- self.l7policies_client.delete_policy,
- policy.get('id'))
- for pool in listener.get('pools'):
- self.delete_lb_pool_resources(lb_id, pool)
- test_utils.call_and_ignore_notfound_exc(
- self.listeners_client.delete_listener,
- listener.get('id'))
- self.wait_for_load_balancer_status(lb_id)
- # delete pools not attached to listener, but loadbalancer
- for pool in lb.get('pools', []):
- self.delete_lb_pool_resources(lb_id, pool)
- test_utils.call_and_ignore_notfound_exc(
- lb_client.delete_load_balancer, lb_id)
- self.load_balancers_client.wait_for_load_balancer_status(
- lb_id, is_delete_op=True)
- lbs = lb_client.list_load_balancers()['loadbalancers']
- self.assertEqual(0, len(lbs))
-
- def delete_lb_pool_resources(self, lb_id, pool):
- pool_id = pool.get('id')
- hm = pool.get('healthmonitor')
- if hm:
- test_utils.call_and_ignore_notfound_exc(
- self.health_monitors_client.delete_health_monitor,
- pool.get('healthmonitor').get('id'))
- self.wait_for_load_balancer_status(lb_id)
- test_utils.call_and_ignore_notfound_exc(
- self.pools_client.delete_pool, pool.get('id'))
- self.wait_for_load_balancer_status(lb_id)
- for member in pool.get('members', []):
- test_utils.call_and_ignore_notfound_exc(
- self.members_client.delete_member,
- pool_id, member.get('id'))
- self.wait_for_load_balancer_status(lb_id)
-
- def wait_for_load_balancer_status(self, lb_id):
- # Wait for load balancer become ONLINE and ACTIVE
- self.load_balancers_client.wait_for_load_balancer_status(lb_id)
-
- def create_lbaas_networks(self):
- """Create network, subnet and router for lbaasv2 environment."""
- self.network, self.subnet, self.router = self.setup_project_network(
- self.public_network_id, client_mgr=self.manager,
- namestart=self.namestart)
- self._create_security_group_for_test()
- security_groups = [{'name': self.security_group['id']}]
- self.keypair = self.create_keypair()
- key_name = self.keypair['name']
- network_name = self.network['name']
- self.server1 = self.create_server_on_network(
- self.network, name=(network_name + "-1"),
- security_groups=security_groups,
- key_name=key_name, wait_on_boot=False,
- servers_client=self.manager.servers_client)
- self.server2 = self.create_server_on_network(
- self.network, name=(network_name + "-2"),
- security_groups=security_groups,
- key_name=key_name,
- servers_client=self.manager.servers_client)
- self.rr_server_list = [self.server1, self.server2]
- self.wait_for_servers_become_active(self.rr_server_list)
-
- def wait_for_servers_become_active(self, server_list):
- for serv in server_list:
- waiters.wait_for_server_status(
- self.manager.servers_client,
- serv['id'], 'ACTIVE')
-
- def _create_security_group_for_test(self):
- self.security_group = self._create_security_group()
- self._create_security_group_rules_for_port(self.protocol_port)
-
- def _create_security_group_rules_for_port(self, port):
- rule = {
- 'direction': 'ingress',
- 'protocol': 'tcp',
- 'port_range_min': port,
- 'port_range_max': port,
- }
- self._create_security_group_rule(
- secgroup=self.security_group,
- **rule)
-
- def start_web_servers(self, server_list=None):
- """Start predefined servers:
-
- 1. SSH to the instance
- 2. Start http backends listening on port 80
- """
- server_list = server_list or self.rr_server_list
- for server in server_list:
- fip = self.create_floatingip_for_server(
- server, self.public_network_id,
- client_mgr=self.manager)
- server['_floating_ip'] = fip
- server_fip = fip['floating_ip_address']
- self.start_web_server(server, server_fip, server['name'])
- # need to wait for web server to be able to response
- time.sleep(self.web_service_start_delay)
- for server in server_list:
- server_name = server['name']
- fip = server['_floating_ip']
- web_fip = fip['floating_ip_address']
- response = self.send_request(web_fip)
- # by design, each lbaas member server response its server_name
- self.assertEqual(response, server_name)
- self.server_names.append(server_name)
-
- def start_web_server(self, server, server_fip, server_name):
- """start server's web service which return its server_name."""
-
- private_key = self.keypair['private_key']
- username = CONF.validation.image_ssh_user
- ssh_client = self.get_remote_client(
- server_fip, private_key=private_key)
-
- # Write a backend's response into a file
- resp = ('echo -ne "HTTP/1.1 200 OK\r\nContent-Length: %d\r\n'
- 'Connection: close\r\nContent-Type: text/html; '
- 'charset=UTF-8\r\n\r\n%s"; cat >/dev/null')
-
- with tempfile.NamedTemporaryFile() as script:
- script.write(resp % (len(server_name), server_name))
- script.flush()
- with tempfile.NamedTemporaryFile() as key:
- key.write(private_key)
- key.flush()
- dmgr.copy_file_to_host(script.name,
- "/tmp/script",
- server_fip, username, key.name)
-
- # Start netcat
- start_server = ('while true; do '
- 'sudo nc -ll -p %(port)s -e sh /tmp/%(script)s; '
- 'done > /dev/null &')
- cmd = start_server % {'port': self.protocol_port,
- 'script': 'script'}
- ssh_client.exec_command(cmd)
- return server_name
-
- def send_request(self, web_ip):
- try:
- url_path = "http://{0}/".format(web_ip)
- # lbaas servers use nc, might be slower to response
- http = urllib3.PoolManager(retries=10)
- resp = http.request('GET', url_path)
- return resp.data.strip()
- except Exception:
- return None
-
- def create_project_lbaas(self):
- vip_subnet_id = self.subnet['id']
- lb_name = data_utils.rand_name(self.namestart)
- self.loadbalancer = self.load_balancers_client.create_load_balancer(
- name=lb_name, vip_subnet_id=vip_subnet_id)['loadbalancer']
- lb_id = self.loadbalancer['id']
- self.wait_for_load_balancer_status(lb_id)
-
- self.listener = self.listeners_client.create_listener(
- loadbalancer_id=lb_id, protocol=self.protocol_type,
- protocol_port=self.protocol_port, name=lb_name)['listener']
- self.wait_for_load_balancer_status(lb_id)
-
- self.pool = self.pools_client .create_pool(
- listener_id=self.listener['id'],
- lb_algorithm=self.lb_algorithm, protocol=self.protocol_type,
- name=lb_name)['pool']
- self.wait_for_load_balancer_status(lb_id)
- pool_id = self.pool['id']
-
- self.healthmonitor = (
- self.health_monitors_client.create_health_monitor(
- pool_id=pool_id, type=self.hm_type,
- delay=self.hm_delay, max_retries=self.hm_max_retries,
- timeout=self.hm_timeout))
- self.wait_for_load_balancer_status(lb_id)
-
- self.members = []
- for server in [self.server1, self.server2]:
- fip = server['_floating_ip']
- fixed_ip_address = fip['fixed_ip_address']
- member = self.members_client.create_member(
- pool_id, subnet_id=vip_subnet_id,
- address=fixed_ip_address,
- protocol_port=self.protocol_port)
- self.wait_for_load_balancer_status(lb_id)
- self.members.append(member)
-
- # Currently the ovs-agent is not enforcing security groups on the
- # vip port - see https://bugs.launchpad.net/neutron/+bug/1163569
- # However the linuxbridge-agent does, and it is necessary to add a
- # security group with a rule that allows tcp port 80 to the vip port.
- # NSX-v lbaasv2 OK, but for upstream neutron-lbaas needs this.
- self.ports_client.update_port(
- self.loadbalancer['vip_port_id'],
- security_groups=[self.security_group['id']])
- # create lbaas public interface
- self.vip_fip = self.create_floatingip_for_server(
- self.loadbalancer, self.public_network_id,
- port_id=self.loadbalancer['vip_port_id'],
- client_mgr=self.manager)
- self.vip_ip_address = self.vip_fip['floating_ip_address']
- for x in range(1, 8):
- time.sleep(2)
- resp = self.send_request(self.vip_ip_address)
- if resp:
- break
- LOG.debug('#%d LBaaS-VIP get NO response from its members', x)
- return self.vip_ip_address
-
- def do_http_request(self, start_path='', send_counts=None):
- statuses = self.load_balancers_client.show_load_balancer_status_tree(
- self.loadbalancer['id'])
- statuses = statuses.get('statuses', statuses)
- self.http_cnt = {}
- http = urllib3.PoolManager(retries=10)
- send_counts = send_counts or self.poke_counters
- send_counts = (send_counts * 2) / 2
- url_path = "http://{0}/{1}".format(self.vip_ip_address, start_path)
- for x in range(send_counts):
- resp = http.request('GET', url_path)
- if resp.status == 200:
- self.count_response(resp.data.strip())
- else:
- self.count_response(str(resp.status))
- return self.http_cnt
-
- def check_project_lbaas(self):
- self.do_http_request(send_counts=self.poke_counters)
- # should response from 2 servers
- self.assertEqual(2, len(self.http_cnt))
- # ROUND_ROUBIN, so equal counts
- s0 = self.server_names[0]
- s1 = self.server_names[1]
- self.assertEqual(self.http_cnt[s0], self.http_cnt[s1])
-
- def count_response(self, response):
- if response in self.http_cnt:
- self.http_cnt[response] += 1
- else:
- self.http_cnt[response] = 1
-
-
-class TestLBaasRoundRobinOps(LBaasRoundRobinBaseTest):
-
- """This test checks basic load balancer V2 ROUND-ROBIN operation.
-
- The following is the scenario outline:
- 1. Create network with exclusive router, and 2 servers
- 2. SSH to each instance and start web server
- 3. Create a load balancer with 1 listener, 1 pool, 1 healthmonitor
- and 2 members and with ROUND_ROBIN algorithm.
- 4. Associate loadbalancer's vip_address with a floating ip
- 5. Send NUM requests to vip's floating ip and check that they are shared
- between the two servers.
- """
-
- @decorators.idempotent_id('077d2a5c-4938-448f-a80f-8e65f5cc49d7')
- @test.services('compute', 'network')
- def test_lbaas_round_robin_ops(self):
- self.create_lbaas_networks()
- self.start_web_servers(self.rr_server_list)
- self.create_project_lbaas()
- self.check_project_lbaas()
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_multiple_transport_zones_basic_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_multiple_transport_zones_basic_ops.py
deleted file mode 100644
index 046a54cbbf..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_multiple_transport_zones_basic_ops.py
+++ /dev/null
@@ -1,291 +0,0 @@
-# Copyright 2016 OpenStack Foundation
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import re
-
-import six
-from tempest.common import waiters
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.services import nsxv_client
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- manager_topo_deployment as dmgr)
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as HELO)
-
-CONF = config.CONF
-
-
-class TestMultipleTransportZonesBasicOps(dmgr.TopoDeployScenarioManager):
-
- """Base class provides MTZ networks basic operations:
-
- 1: create MTZ networks and a tenant network.
- 2: create router and attached networks at step 1.
- 3: Boot one VM at each network.
- 4: select one VM, assign floatingip and from it ping other VMs'
- fixed-ip to assure that VMs attached to different vdn_scope_ids,
- and tennat network are asscessible.
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestMultipleTransportZonesBasicOps, cls).skip_checks()
- if not (CONF.network.project_networks_reachable
- or CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
- for ext in ['router', 'provider']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(TestMultipleTransportZonesBasicOps, cls).resource_setup()
- manager_ip = re.search(r"(\d{1,3}\.){3}\d{1,3}",
- CONF.nsxv.manager_uri).group(0)
- cls.vsm = nsxv_client.VSMClient(
- manager_ip, CONF.nsxv.user, CONF.nsxv.password)
- cls.nsxv_scope_ids = cls.get_all_scope_id_list(with_default_scope=True)
- if len(cls.nsxv_scope_ids) < 2:
- msg = "Only one transport zone deployed. Need at least 2."
- raise cls.skipException(msg)
- cls.provider_network_type = getattr(CONF.nsxv,
- "provider_network_type",
- 'vxlan')
- cls.MAX_MTZ = getattr(CONF.nsxv, 'max_mtz', 0) or 3
-
- @classmethod
- def resource_cleanup(cls):
- super(TestMultipleTransportZonesBasicOps, cls).resource_cleanup()
-
- @classmethod
- def get_all_scope_id_list(cls, with_default_scope=False):
- """return all scope IDs w/wo the default scope defined in NSX."""
- scopes = cls.vsm.get_all_vdn_scopes()
- scope_id_list = [x['objectId'] for x in scopes]
- if with_default_scope:
- return scope_id_list
- try:
- scope_id_list.remove(CONF.nsxv.vdn_scope_id)
- except Exception:
- pass
- return scope_id_list
-
- def setup(self):
- super(TestMultipleTransportZonesBasicOps, self).setUp()
- self.tp_svrs = {}
-
- def tearDown(self):
- self.delete_all_servers()
- super(TestMultipleTransportZonesBasicOps, self).tearDown()
-
- def create_project_network_subnet(self, name_prefix='mtz-project',
- client_mgr=None):
- client_mgr = client_mgr or self.manager
- network_name = data_utils.rand_name(name_prefix)
- network, subnet = HELO.create_network_subnet(
- self, client_mgr=client_mgr, name=network_name)
- return (network['id'], network, subnet)
-
- def create_mtz_network_subnet(self, scope_id, tenant_project_id,
- cidr=None, cidr_offset=0):
- """MTZ networks can only be created by ADMIN
-
- All tenant network resources will be created by ADMIN.
- """
- networks_client = self.admin_manager.networks_client
- subnets_client = self.admin_manager.subnets_client
- network_name = data_utils.rand_name('mtz-net')
- create_body = {'name': network_name,
- 'provider:network_type': self.provider_network_type,
- 'provider:physical_network': scope_id}
- network = HELO.create_network(self, client=networks_client,
- tenant_id=tenant_project_id,
- **create_body)
- subnet = HELO.create_subnet(self, network, client=subnets_client,
- name=network_name,
- tenant_id=tenant_project_id,
- cidr=cidr, cidr_offset=cidr_offset)
- lswitch_list = self.vsm.get_all_logical_switches(scope_id)
- lswitch_list = [x for x in lswitch_list if x['name'] == network['id']]
- msg = ("network=%s is not configured by specified vdn_scope_id=%s"
- % (network['id'], scope_id))
- self.assertTrue(len(lswitch_list) == 1, msg=msg)
- return (network['id'], network, subnet)
-
- def create_router_by_type(self, router_type, client=None,
- name=None, **kwargs):
- routers_client = client or self.manager.routers_client
- create_kwargs = dict(namestart='mtz-', external_gateway_info={
- "network_id": CONF.network.public_network_id})
- if router_type in ('shared', 'exclusive'):
- create_kwargs['router_type'] = router_type
- elif router_type in ('distributed'):
- create_kwargs['distributed'] = True
- create_kwargs.update(**kwargs)
- router = HELO.router_create(self, client=routers_client,
- **create_kwargs)
- return router
-
- def create_router_and_add_interfaces(self, router_type, nets,
- client_mgr=None):
- client_mgr = client_mgr or self.admin_manager
- routers_client = client_mgr.routers_client
- router = self.create_router_by_type(router_type,
- client=routers_client)
- if router_type == 'exclusive':
- router_nsxv_name = '%s-%s' % (router['name'], router['id'])
- exc_edge = self.vsm.get_edge(router_nsxv_name)
- self.assertIsNotNone(exc_edge)
- self.assertEqual(exc_edge['edgeType'], 'gatewayServices')
- for net_id, (s_id, network, subnet, sg) in six.iteritems(nets):
- # import pdb; pdb.set_trace()
- HELO.router_interface_add(self, router['id'], subnet['id'],
- client=routers_client)
- return router
-
- def clear_router_gateway_and_interfaces(self, router, nets, client=None):
- routers_client = client or self.manager.routers_client
- HELO.router_gateway_clear(self, router['id'],
- client=routers_client)
- for net_id, (s_id, network, subnet, sg) in six.iteritems(nets):
- test_utils.call_and_ignore_notfound_exc(
- HELO.router_interface_delete,
- self, router['id'], subnet['id'], client=routers_client)
-
- def _test_router_with_network_and_mtz_networks(self, router_type):
- """router attached with multiple TZs and one tenant network."""
- client_mgr = self.manager
- scope_id_list = self.get_all_scope_id_list(with_default_scope=True)
- nets = {}
- net_id, network, subnet = self.create_project_network_subnet(
- 'mtz-tenant', client_mgr=client_mgr)
- tenant_project_id = client_mgr.networks_client.tenant_id
- # create security_group with loginable rules
- security_group = self._create_security_group(
- security_groups_client=client_mgr.security_groups_client,
- security_group_rules_client=client_mgr.security_group_rules_client,
- namestart='mtz-tenant')
- nets[net_id] = [None, network, subnet, security_group]
- for cidr_step in range(0, self.MAX_MTZ):
- s_id = scope_id_list[cidr_step % len(scope_id_list)]
- net_id, network, subnet = self.create_mtz_network_subnet(
- s_id, tenant_project_id, cidr_offset=(cidr_step + 2))
- nets[net_id] = [s_id, network, subnet, security_group]
- router = self.create_router_and_add_interfaces(router_type, nets,
- client_mgr=client_mgr)
- return router, nets
-
- def run_servers_connectivity_test(self, servers):
- # select one from the servers
- net_id_list = servers.keys()
- net_id = net_id_list[0]
- other_net_id_list = net_id_list[1:]
- username, password = self.get_image_userpass()
- nsv = self.tp_svrs[net_id]
- serv = nsv['server']
- floatingip = self.create_floatingip_for_server(
- serv, client_mgr=self.manager)
- msg = ("Associate floatingip[%s] to server[%s]"
- % (floatingip, serv['name']))
- self._check_floatingip_connectivity(
- floatingip, serv, should_connect=True, msg=msg)
- serv_fip = floatingip['floating_ip_address']
- dmgr.rm_sshkey(serv_fip)
- ssh_client = dmgr.get_remote_client_by_password(
- serv_fip, username, password)
- not_reachable_list = []
- for nid in other_net_id_list:
- o_svr = servers[nid]['server']
- o_net = servers[nid]['network']
- o_ipaddr = self.get_server_fixed_ip(o_svr, o_net)
- reachable = dmgr.is_reachable(ssh_client, o_ipaddr)
- if not reachable:
- not_reachable_list.append(o_ipaddr)
- self.assertTrue(
- len(not_reachable_list) == 0,
- ("Following Servers are not reachable: %s" % not_reachable_list))
-
- def get_server_fixed_ip(self, server, network):
- addr_list = server['addresses'][network['name']]
- for addr in addr_list:
- if addr['OS-EXT-IPS:type'] == 'fixed':
- return addr['addr']
- return None
-
- def wait_for_servers_become_active(self, servers, client=None):
- servers_client = client or self.admin_manager.servers_client
- net_id_list = servers.keys()
- for net_id in net_id_list:
- nsv = self.tp_svrs[net_id]
- serv = nsv['server']
- waiters.wait_for_server_status(
- servers_client, serv['id'], 'ACTIVE')
- # update server context. A server might not have ip address
- # if not in running/active state
- act_server = servers_client.show_server(serv['id'])
- self.tp_svrs[net_id]['server'] = act_server.get('server',
- act_server)
-
- def delete_all_servers(self, client=None):
- servers_client = client or self.admin_manager.servers_client
- for net_id in six.iterkeys(self.tp_svrs):
- server = self.tp_svrs[net_id]['server']
- test_utils.call_and_ignore_notfound_exc(
- servers_client.delete, server['id'])
- dmgr.waitfor_servers_terminated(servers_client)
-
- def run_mtz_basic_ops(self, router_type):
- self.tp_svrs = {}
- router, nets = self._test_router_with_network_and_mtz_networks(
- router_type)
- servers_client = self.manager.servers_client
- for net_id in six.iterkeys(nets):
- s_id, network, subnet, security_group = nets[net_id]
- """
- servers_client = (self.manager.servers_client if s_id is None
- else self.admin_manager.servers_client)
- """
- security_groups = [{'name': security_group['id']}]
- svr = self.create_server_on_network(
- network, security_groups,
- name=network['name'],
- servers_client=servers_client,
- wait_on_boot=False)
- self.tp_svrs[net_id] = dict(server=svr, s_id=s_id,
- network=network, subnet=subnet,
- security_group=security_group,
- servers_client=servers_client)
- self.wait_for_servers_become_active(self.tp_svrs)
- self.run_servers_connectivity_test(self.tp_svrs)
-
-
-class TestMTZBasicOpsOverSharedRouter(TestMultipleTransportZonesBasicOps):
- @decorators.idempotent_id('190790fe-4cc4-4bb3-ae3e-4fa2031ca4e2')
- def test_mtz_basic_ops_over_shared_router(self):
- self.run_mtz_basic_ops(router_type='shared')
-
-
-class TestMTZBasicOpsOverExclusiveRouter(TestMultipleTransportZonesBasicOps):
- @decorators.idempotent_id('caf2be55-ea49-4783-87bf-103fcc5783db')
- def test_mtz_basic_ops_over_exclusive_router(self):
- self.run_mtz_basic_ops(router_type='exclusive')
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_network_basic_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_network_basic_ops.py
deleted file mode 100644
index b66694cf18..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_network_basic_ops.py
+++ /dev/null
@@ -1,43 +0,0 @@
-# Copyright 2016 VMware Inc.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.scenario import test_network_basic_ops as network_ops
-
-
-class TestNetworkBasicOps(network_ops.TestNetworkBasicOps):
-
- # NSX-v does not allow tenants to access dhcp service.
- # Overwirte parent class to skip dhcp service testing.
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def _check_network_internal_connectivity(self, network,
- should_connect=True):
- floating_ip, server = self.floating_ip_tuple
- # get internal ports' ips:
- # get all network ports in the new network
- # NSX-v: dhcp is not reachable
- internal_ips = (p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=server['tenant_id'],
- network_id=network['id'])
- if (p['device_owner'].startswith('network') and
- not p['device_owner'].endswith('dhcp')))
-
- self._check_server_connectivity(floating_ip,
- internal_ips,
- should_connect)
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_spoofguard_policy.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_spoofguard_policy.py
deleted file mode 100644
index 792320f919..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_spoofguard_policy.py
+++ /dev/null
@@ -1,466 +0,0 @@
-# Copyright 2016 OpenStack Foundation
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import re
-import time
-
-from tempest.common.utils.linux import remote_client
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import nsxv_client
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- manager_topo_deployment as dmgr)
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as HELO)
-
-CONF = config.CONF
-LOG = dmgr.manager.log.getLogger(__name__)
-
-
-class TestSpoofGuardBasicOps(dmgr.TopoDeployScenarioManager):
- """Base class provides Spoof Guard basic operations.
-
- 1) Create network, subnet and port
- 2) Boot an instance using network.
- 2) Ssh to instance and then check below information:
- a) check exclude list whether vm exists in exclude list or not
- b) update port-security to disable and check vm exists in exclude list
- or not
- c) Launch multiple instances anc checks their existence in exclude list
- with port-security disabled/enabled.
- d) Launch instances and check ping packets between various vm's with
- port-security disabled/enabled.
- e) Enabled/disablling of network and check behavior w.r.t. port in that
- network.
- 3) Check at beckend(nsx-v) for exclude list.
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestSpoofGuardBasicOps, cls).skip_checks()
- manager_ip = re.search(r"(\d{1,3}\.){3}\d{1,3}",
- CONF.nsxv.manager_uri).group(0)
- cls.vsm = nsxv_client.VSMClient(
- manager_ip, CONF.nsxv.user, CONF.nsxv.password)
- nsxv_version = cls.vsm.get_vsm_version()
- # Raise skip testcase exception if nsx-v version is less than 6.2.3
- if (nsxv_version and nsxv_version < '6.2.3'):
- msg = ('NSX-v version should be greater than or equal to 6.2.3')
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(TestSpoofGuardBasicOps, cls).resource_setup()
-
- @classmethod
- def resource_cleanup(cls):
- super(TestSpoofGuardBasicOps, cls).resource_cleanup()
-
- def setUp(self):
- super(TestSpoofGuardBasicOps, self).setUp()
- self.keypairs = {}
-
- def tearDown(self):
- self.remove_project_network()
- super(TestSpoofGuardBasicOps, self).tearDown()
-
- def remove_project_network(self):
- project_name = 'green'
- tenant = getattr(self, project_name, None)
- if tenant:
- servers_client = tenant['client_mgr'].servers_client
- dmgr.delete_all_servers(servers_client)
- self.disassociate_floatingip(tenant['fip1'],
- and_delete=True)
-
- def create_project_network_subnet(self,
- name_prefix='spoofguard-project'):
- network_name = data_utils.rand_name(name_prefix)
- network, subnet = self.create_network_subnet(
- name=network_name)
- return (network['id'], network, subnet)
-
- def check_server_connected(self, serv):
- # Fetch tenant-network from where vm deployed
- serv_net = list(serv['addresses'].keys())[0]
- serv_addr = serv['addresses'][serv_net][0]
- host_ip = serv_addr['addr']
- self.waitfor_host_connected(host_ip)
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _create_sec_group(self):
- # Create security group
- sg_name = data_utils.rand_name('disable-spoof')
- sg_desc = sg_name + " description"
- secgroup = self.compute_security_groups_client.create_security_group(
- name=sg_name, description=sg_desc)['security_group']
- self.addCleanup(
- test_utils.call_and_ignore_notfound_exc,
- self.compute_security_groups_client.delete_security_group,
- secgroup['id'])
-
- def setup_vm_environment(self, client_mgr, t_id,
- check_outside_world=True,
- cidr_offset=0):
- sg_name = data_utils.rand_name('disable-spoof')
- sg_desc = sg_name + " description"
- t_security_group = \
- self.compute_security_groups_client.create_security_group(
- name=sg_name, description=sg_desc)['security_group']
- self.addCleanup(
- test_utils.call_and_ignore_notfound_exc,
- self.compute_security_groups_client.delete_security_group,
- t_security_group['id'])
- rule = {'direction': 'ingress', 'protocol': 'tcp'}
- self._create_security_group_rule(secgroup=t_security_group, **rule)
- rule = {'direction': 'ingress'}
- rule_id = self._create_security_group_rule(secgroup=t_security_group,
- **rule)['id']
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- t_network, t_subnet, t_router = self.setup_project_network(
- self.public_network_id, namestart=("deploy-%s-spoofuard" % t_id),
- cidr_offset=0)
- username, password = self.get_image_userpass()
- security_groups = [{'name': t_security_group['id']}]
- key_name = keypair['name']
- t_serv1 = self.create_server_on_network(
- t_network, security_groups, key_name=key_name,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=t_network['name'])
- self.check_server_connected(t_serv1)
- t_floatingip = self.create_floatingip_for_server(
- t_serv1, client_mgr=client_mgr)
- msg = ("Associate t_floatingip[%s] to server[%s]"
- % (t_floatingip, t_serv1['name']))
- self._check_floatingip_connectivity(
- t_floatingip, t_serv1, should_connect=True, msg=msg)
- vm_environment = dict(security_group=t_security_group,
- network=t_network, subnet=t_subnet,
- router=t_router, client_mgr=client_mgr,
- serv1=t_serv1, fip1=t_floatingip,
- rule_id=rule_id)
- return vm_environment
-
- def get_port_id(self, port_client, vm_info):
- tenant_name = vm_info['name']
- fixed_ip = vm_info['addresses'][tenant_name][0]['addr']
- list_ports = port_client.list_ports()
- list_ports_extract = list_ports['ports']
- for port in list_ports_extract:
- if port['fixed_ips'][0]['ip_address'] == fixed_ip:
- port_id = port['id']
- return port_id
-
-
-class TestSpoofGuardFeature(TestSpoofGuardBasicOps):
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('2804f55d-3221-440a-9fa8-ab16a8932634')
- def test_exclude_list_with_new_attach_port(self):
- port_client = self.manager.ports_client
- self.green = self.setup_vm_environment(self.manager, 'green', True)
- vm_id = self.green['serv1']['id']
- net_id = self.green['network']['id']
- name = 'disabled-port-security-port'
- kwargs = {'name': name, 'network_id': net_id,
- 'port_security_enabled': 'false',
- 'security_groups': []}
- # Create Port
- port = HELO.create_port(self, client=port_client, **kwargs)
- port_id = port['id']
- kwargs = {'port_id': port_id}
- # Attach interface to vm
- self.interface_client.create_interface(vm_id, **kwargs)
- # Fetch exclude list information from beckend
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- for exclude_vm in exclude_list:
- if vm_id in exclude_vm:
- LOG.info("Vm in exclude list")
- # Update Port security to disabled
- port_client.update_port(
- port_id=port_id,
- port_security_enabled='true')
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- if exclude_vm in exclude_list:
- if vm_id not in exclude_vm:
- LOG.info("Vm not in exclude list")
- # Detach interface from vm
- self.interface_client.delete_interface(vm_id, port_id)
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('a5420350-2658-47e4-9e2b-490b200e9f41')
- def test_spoofguard_with_ping_between_servers_on_same_network(self):
- username, password = self.get_image_userpass()
- image = self.get_server_image()
- flavor = self.get_server_flavor()
- port_client = self.manager.ports_client
- self.green = self.setup_vm_environment(self.manager, 'green', True)
- security_groups = [{'name': self.green['security_group']['id']}]
- # Boot instance vm2
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- key_name = keypair['name']
- t_serv2 = self.create_server_on_network(
- self.green['network'], security_groups,
- key_name=key_name,
- image=image,
- flavor=flavor,
- name=self.green['network']['name'])
- self.check_server_connected(t_serv2)
- t_floatingip2 = self.create_floatingip_for_server(
- t_serv2, client_mgr=self.manager)
- msg = ("Associate t_floatingip[%s] to server[%s]"
- % (t_floatingip2, t_serv2['name']))
- self._check_floatingip_connectivity(
- t_floatingip2, t_serv2, should_connect=True, msg=msg)
- public_ip_vm_1 = self.green['fip1']['floating_ip_address']
- public_ip_vm_2 = t_floatingip2['floating_ip_address']
- private_ip_vm_1 = \
- self.green['fip1']['fixed_ip_address']
- private_ip_vm_2 = \
- t_floatingip2['fixed_ip_address']
- private_key_1 = self._get_server_key(self.green['serv1'])
- client1 = remote_client.RemoteClient(public_ip_vm_1, username=username,
- pkey=private_key_1,
- password=password)
- private_key_2 = self._get_server_key(t_serv2)
- client2 = remote_client.RemoteClient(public_ip_vm_2, username=username,
- pkey=private_key_2,
- password=password)
- self.assertEqual(True, dmgr.is_reachable(client1, private_ip_vm_2),
- "Destination is reachable")
- port1_id = self.green['fip1']['port_id']
- # Update vm1 port to disbale port security
- port_client.update_port(
- port_id=port1_id,
- port_security_enabled='false',
- security_groups=[])
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self.compute_security_group_rules_client.\
- delete_security_group_rule(self.green['rule_id'])
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self.assertEqual(False, dmgr.is_reachable(client1, private_ip_vm_2),
- "Destination is not reachable")
- self.assertEqual(True, dmgr.is_reachable(client2, private_ip_vm_1),
- "Destination is reachable")
-
- def create_port(self, network_id):
- port_client = self.manager.ports_client
- return HELO.create_port(self, network_id=network_id,
- client=port_client)
-
- def create_network_subnet_with_cidr(self, client_mgr=None,
- tenant_id=None, name=None, cidr=None):
- client_mgr = client_mgr or self.manager
- tenant_id = tenant_id
- name = name or data_utils.rand_name('topo-deploy-network')
- net_network = self.create_network(
- client=client_mgr.networks_client,
- tenant_id=tenant_id, name=name)
- cidr_offset = 16
- net_subnet = self.create_subnet(
- client=client_mgr.subnets_client,
- network=net_network,
- cidr=cidr, cidr_offset=cidr_offset, name=net_network['name'])
- return net_network, net_subnet
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('38c213df-bfc2-4681-9c9c-3a31c05b0e6f')
- def test_exclude_with_multiple_vm(self):
- image = self.get_server_image()
- flavor = self.get_server_flavor()
- port_client = self.manager.ports_client
- self.green = self.setup_vm_environment(self.manager, 'green', True)
- vm_id = self.green['serv1']['id']
- security_groups = [{'name': self.green['security_group']['id']}]
- # Boot instance vm2
- t_serv2 = self.create_server_on_network(
- self.green['network'], security_groups,
- image=image,
- flavor=flavor,
- name=self.green['network']['name'])
- # Boot instance vm3
- t_serv3 = self.create_server_on_network(
- self.green['network'], security_groups,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=self.green['network']['name'])
- self.check_server_connected(t_serv2)
- port1_id = self.green['fip1']['port_id']
- port2_id = self.get_port_id(port_client=port_client, vm_info=t_serv2)
- port3_id = self.get_port_id(port_client=port_client, vm_info=t_serv3)
- # Update vm1 port to disbale port security
- port_client.update_port(
- port_id=port1_id,
- port_security_enabled='false',
- security_groups=[])
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- for exclude_vm in exclude_list:
- if vm_id in exclude_vm:
- LOG.info("Vm1 in exclude list")
- vm2_id = t_serv2['id']
- # Update vm2 port to disable port security
- port_client.update_port(
- port_id=port2_id,
- port_security_enabled='false',
- security_groups=[])
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- # Check vm2 in exclude list or not
- for exclude_vm in exclude_list:
- if vm2_id in exclude_vm:
- LOG.info("Vm2 in exclude list")
- vm3_id = t_serv3['id']
- # Update vm3 port to enable port security
- port_client.update_port(
- port_id=port3_id,
- port_security_enabled='false',
- security_groups=[])
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- # Check vm3 in exclude list or not
- for exclude_vm in exclude_list:
- if vm3_id in exclude_vm:
- LOG.info("Vm3 in exclude list")
- # Update vm1 port to enable port security
- port_client.update_port(
- port_id=port1_id,
- port_security_enabled='true')
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- # Check vm should not be in exclude list
- for exclude_vm in exclude_list:
- if vm_id not in exclude_vm:
- LOG.info("Vm1 not in exclude list")
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('f034d3e9-d717-4bcd-8e6e-18e9ada7b81a')
- def test_exclude_list_with_single_vm_port(self):
- port_client = self.manager.ports_client
- self.green = self.setup_vm_environment(self.manager, 'green', True)
- port_id = self.green['fip1']['port_id']
- # Update vm port to disable port security
- port_client.update_port(
- port_id=port_id,
- port_security_enabled='false',
- security_groups=[])
- vm_id = self.green['serv1']['id']
- # Check vm in exclude list or not
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- for exclude_vm in exclude_list:
- if vm_id in exclude_vm:
- LOG.info("Vm in exclude list")
- port_client.update_port(
- port_id=port_id,
- port_security_enabled='true')
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- if exclude_vm in exclude_list:
- if vm_id not in exclude_vm:
- LOG.info("Vm not in exclude list")
- self.interface_client.delete_interface(vm_id, port_id)
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('3ad04e37-2a9f-4465-86e7-94993eecdfa1')
- def test_disabled_network_port_security(self):
- network_client = self.manager.networks_client
- port_client = self.manager.ports_client
- net_id, network, subnet =\
- self.create_project_network_subnet('admin')
- kwargs = {'port_security_enabled': 'false'}
- # Update network to disbale port security
- network_client.update_network(network_id=net_id, **kwargs)
- name = 'disabled-port-security-port'
- kwargs = {'name': name, 'network_id': net_id}
- # Create port under network
- port = HELO.create_port(self, client=port_client, **kwargs)
- port_id = port['id']
- # Check port security of created port
- port_details = port_client.show_port(port_id=port_id)
- if (port_details['port']['port_security_enabled'] == 'false'):
- LOG.info("Port security of port is disabled")
- kwargs = {'port_security_enabled': 'true'}
- # Update port security of network to enabled
- network_client.update_network(network_id=net_id, **kwargs)
- name = 'disabled-port-security-port'
- kwargs = {'name': name, 'network_id': net_id}
- port = HELO.create_port(self, client=port_client, **kwargs)
- port_id = port['id']
- port_details = port_client.show_port(port_id=port_id)
- if (port_details['port']['port_security_enabled'] == 'true'):
- LOG.info("Port security of port is enabled")
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('c8683cb7-4be5-4670-95c6-344a0aea3667')
- def test_exclude_list_with_multiple_ports(self):
- port_client = self.manager.ports_client
- self.green = self.setup_vm_environment(self.manager, 'green', True)
- vm_id = self.green['serv1']['id']
- net_id = self.green['network']['id']
- name = 'disabled-port-security-port1'
- kwargs = {'name': name, 'network_id': net_id,
- 'port_security_enabled': 'false',
- 'security_groups': []}
- port1 = HELO.create_port(self, client=port_client, **kwargs)
- port2 = HELO.create_port(self, client=port_client, **kwargs)
- port1_id = port1['id']
- kwargs = {'port_id': port1_id}
- self.interface_client.create_interface(vm_id, **kwargs)
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- for exclude_vm in exclude_list:
- if vm_id in exclude_vm:
- LOG.info("Vm in exclude list")
- name = 'disabled-port-security-port2'
- kwargs = {'name': name, 'network_id': net_id,
- 'port_security_enabled': 'false'}
- port2_id = port2['id']
- kwargs = {'port_id': port2_id}
- self.interface_client.create_interface(vm_id, **kwargs)
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- for exclude_vm in exclude_list:
- if vm_id in exclude_vm:
- LOG.info("Vm in exclude list")
- port_client.update_port(
- port_id=port2_id,
- port_security_enabled='true')
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- for exclude_vm in exclude_list:
- if vm_id in exclude_vm:
- LOG.info("Vm in exclude list")
- port_client.update_port(
- port_id=port1_id,
- port_security_enabled='true')
- items = self.vsm.get_excluded_vm_name_list()
- exclude_list = [item.encode('utf-8') for item in items]
- if exclude_vm in exclude_list:
- if vm_id not in exclude_vm:
- LOG.info("Vm not in exclude list")
- self.interface_client.delete_interface(vm_id, port1_id)
- self.interface_client.delete_interface(vm_id, port2_id)
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_v1_fwaas_basic_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_v1_fwaas_basic_ops.py
deleted file mode 100644
index 4a2b152292..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_v1_fwaas_basic_ops.py
+++ /dev/null
@@ -1,486 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import os
-import re
-import time
-
-from neutron_lib import constants as nl_constants
-import paramiko
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions as lib_exc
-from tempest import test
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import fwaas_client as FWAASC
-from vmware_nsx_tempest.services import nsxv_client
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- manager_topo_deployment as dmgr)
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as NAM)
-
-CONF = config.CONF
-
-
-class FWaaSTestBasicOps(dmgr.TopoDeployScenarioManager):
-
- """
- Tests the following scenario cases for FWaaS:
-
- Add ICMP FWAAS rule and check north south traffic
- Add TCP FWAAS rule and check north south traffic
- Update ICMP FWAAS rule and check north south traffic
- Update TCP FWAAS rule and check north south traffic
- Check above scenario's with exclusive and distributed router
- """
- @classmethod
- def resource_setup(cls):
- super(FWaaSTestBasicOps, cls).resource_setup()
- cls.fwaasv1_client = FWAASC.get_client(cls.manager)
- if not test.is_extension_enabled('fwaas', 'network'):
- msg = "FWaaS Extension not enabled."
- raise cls.skipException(msg)
- manager_ip = re.search(r"(\d{1,3}\.){3}\d{1,3}",
- CONF.nsxv.manager_uri).group(0)
- cls.vsm = nsxv_client.VSMClient(
- manager_ip, CONF.nsxv.user, CONF.nsxv.password)
-
- cls.fw_rule = cls.fwaasv1_client.create_firewall_rule(action="allow",
- protocol="tcp")
- cls.fw_policy = cls.fwaasv1_client.create_firewall_policy()
-
- def create_firewall_rule(self, **kwargs):
- body = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- **kwargs)
- fw_rule = body['firewall_rule']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.fwaasv1_client.delete_firewall_rule,
- fw_rule['id'])
- return fw_rule
-
- def create_firewall_policy(self, **kwargs):
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name("fw-policy"),
- **kwargs)
- fw_policy = body['firewall_policy']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.fwaasv1_client.delete_firewall_policy,
- fw_policy['id'])
- return fw_policy
-
- def delete_firewall_and_wait(self, firewall_id):
- self.fwaasv1_client.delete_firewall(firewall_id)
- self._wait_firewall_while(firewall_id, [nl_constants.PENDING_DELETE],
- not_found_ok=True)
-
- def create_firewall(self, **kwargs):
- body = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("fw"),
- **kwargs)
- fw = body['firewall']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_firewall_and_wait,
- fw['id'])
- return fw
-
- def check_server_connected(self, serv):
- # Fetch tenant-network from where vm deployed
- serv_net = list(serv['addresses'].keys())[0]
- serv_addr = serv['addresses'][serv_net][0]
- host_ip = serv_addr['addr']
- self.waitfor_host_connected(host_ip)
-
- def _wait_firewall_while(self, firewall_id, statuses, not_found_ok=False):
- start = int(time.time())
- if not_found_ok:
- expected_exceptions = (lib_exc.NotFound)
- else:
- expected_exceptions = ()
- while True:
- try:
- fw = self.fwaasv1_client.show_firewall(firewall_id)
- except expected_exceptions:
- break
- status = fw['firewall']['status']
- if status not in statuses:
- break
- if int(time.time()) - start >= self.fwaasv1_client.build_timeout:
- msg = ("Firewall %(firewall)s failed to reach "
- "non PENDING status (current %(status)s)") % {
- "firewall": firewall_id,
- "status": status,
- }
- raise lib_exc.TimeoutException(msg)
- time.sleep(constants.NSX_BACKEND_VERY_SMALL_TIME_INTERVAL)
-
- def _wait_firewall_ready(self, firewall_id):
- self._wait_firewall_while(firewall_id,
- [nl_constants.PENDING_CREATE,
- nl_constants.PENDING_UPDATE])
-
- def _delete_router_if_exists(self, router):
- # delete router, if it exists
- try:
- routers_client = self.manager.routers_client
- routers_client.delete_router(router['id'])
- # if router is not found, this means it was deleted in the test
- except lib_exc.NotFound:
- pass
-
- def _delete_policy_if_exists(self, policy_id):
- # delete policy, if it exists
- try:
- self.fwaasv1_client.delete_firewall_policy(policy_id)
- # if policy is not found, this means it was deleted in the test
- except lib_exc.NotFound:
- pass
-
- def _delete_rule_if_exists(self, rule_id):
- # delete rule, if it exists
- try:
- self.fwaasv1_client.delete_firewall_rule(rule_id)
- # if rule is not found, this means it was deleted in the test
- except lib_exc.NotFound:
- pass
-
- def _delete_firewall_if_exists(self, fw_id):
- # delete firewall, if it exists
- try:
- self.fwaasv1_client.delete_firewall(fw_id)
- # if firewall is not found, this means it was deleted in the test
- except lib_exc.NotFound:
- pass
- self.fwaasv1_client.wait_for_resource_deletion(fw_id)
-
- def _wait_until_ready(self, fw_id):
- target_states = ('ACTIVE', 'CREATED')
-
- def _wait():
- firewall = self.fwaasv1_client.show_firewall(fw_id)
- firewall = firewall['firewall']
- return firewall['status'] in target_states
- if not test_utils.call_until_true(_wait, CONF.network.build_timeout,
- CONF.network.build_interval):
- m = ("Timed out waiting for firewall %s to reach %s state(s)" %
- (fw_id, target_states))
- raise lib_exc.TimeoutException(m)
-
- def _wait_until_deleted(self, fw_id):
- def _wait():
- try:
- firewall = self.fwaasv1_client.show_firewall(fw_id)
- except lib_exc.NotFound:
- return True
- fw_status = firewall['firewall']['status']
- if fw_status == 'ERROR':
- raise lib_exc.DeleteErrorException(resource_id=fw_id)
-
- if not test_utils.call_until_true(_wait, CONF.network.build_timeout,
- CONF.network.build_interval):
- m = ("Timed out waiting for firewall %s deleted" % fw_id)
- raise lib_exc.TimeoutException(m)
-
- def _check_firewall_rule_exists_at_backend(self, rules,
- firewall_rule_name):
- for rule in rules:
- if rule['name'] in firewall_rule_name:
- self.assertIn(rule['name'], firewall_rule_name)
- return True
- return False
-
- def _test_ping_from_external_network(self, fip_ip):
- out = os.popen('ping -c 2 %s' % fip_ip).read().strip()
- return out
-
- def _test_ssh_connectivity_from_external_network(self, fip_ip):
- ssh = paramiko.SSHClient()
- ssh.set_missing_host_key_policy(
- paramiko.AutoAddPolicy())
- try:
- ssh.connect(fip_ip, self.username, self.password, timeout=10)
- except Exception as e:
- return str(e)
-
- def _create_firewall_rule_name(self, body):
- firewall_rule_name = body['firewall_rule']['name']
- firewall_rule_name = "Fwaas-" + firewall_rule_name
- return firewall_rule_name
-
- def _create_firewall_advanced_topo(self, router_type):
- fw_rule_id_list = []
- router = self.create_router_by_type(router_type)
- self.addCleanup(self._delete_router_if_exists, router)
- edges = self.vsm.get_all_edges()
- for key in edges:
- if router['name'] in key['name']:
- edge_id = key['id']
- break
- rules = self.vsm.get_edge_firewall_rules(edge_id)
- rules_before = len(rules)
- for rule_id in range(0, constants.NO_OF_ENTRIES):
- if rule_id % 2 == 0:
- action = "allow"
- protocol = "tcp"
- else:
- action = "allow"
- protocol = "udp"
- firewall_rule = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action=action,
- protocol=protocol)
- fw_rule_id = firewall_rule['firewall_rule']['id']
- firewall_name = self._create_firewall_rule_name(firewall_rule)
- self.addCleanup(self._delete_rule_if_exists, fw_rule_id)
- fw_rule_id_list.append(fw_rule_id)
- # Update firewall policy
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name("fw-policy"))
- fw_policy_id = body['firewall_policy']['id']
- self.addCleanup(self._delete_policy_if_exists, fw_policy_id)
- # Insert rule to firewall policy
- for fw_rule_id in fw_rule_id_list:
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- fw_policy_id, fw_rule_id, '', '')
- firewall_1 = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=fw_policy_id,
- router_ids=[router['id']])
- created_firewall = firewall_1['firewall']
- self.addCleanup(self._delete_firewall_if_exists,
- created_firewall['id'])
- # Wait for the firewall resource to become ready
- self._wait_until_ready(created_firewall['id'])
- firewall_topo = dict(router=router, firewall_name=firewall_name,
- fw_policy_id=fw_policy_id,
- firewall_id=created_firewall['id'],
- rules_before=rules_before)
- return firewall_topo
-
- def _create_firewall_basic_topo(self, router_type, protocol_name,
- policy=None):
- self.keypairs = {}
- router = self.create_router_by_type(router_type)
- self.addCleanup(self._delete_router_if_exists, router)
- body = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="allow",
- protocol=protocol_name)
- fw_rule_id1 = body['firewall_rule']['id']
- firewall_name = self._create_firewall_rule_name(body)
- self.addCleanup(self._delete_rule_if_exists, fw_rule_id1)
- # Create firewall policy
- if not policy:
- body = self.fwaasv1_client.create_firewall_policy(
- name=data_utils.rand_name("fw-policy"))
- fw_policy_id = body['firewall_policy']['id']
- self.addCleanup(self._delete_policy_if_exists, fw_policy_id)
- # Insert rule to firewall policy
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- fw_policy_id, fw_rule_id1, '', '')
- else:
- fw_policy_id = policy
- # Create firewall
- firewall_1 = self.fwaasv1_client.create_firewall(
- name=data_utils.rand_name("firewall"),
- firewall_policy_id=fw_policy_id,
- router_ids=[router['id']])
- created_firewall = firewall_1['firewall']
- self.addCleanup(self._delete_firewall_if_exists,
- created_firewall['id'])
- # Wait for the firewall resource to become ready
- self._wait_until_ready(created_firewall['id'])
- sg_name = data_utils.rand_name('sg')
- sg_desc = sg_name + " description"
- t_security_group = \
- self.compute_security_groups_client.create_security_group(
- name=sg_name, description=sg_desc)['security_group']
- self.addCleanup(
- test_utils.call_and_ignore_notfound_exc,
- self.compute_security_groups_client.delete_security_group,
- t_security_group['id'])
- rule = {'direction': 'ingress', 'protocol': 'tcp'}
- self._create_security_group_rule(secgroup=t_security_group, **rule)
- rule = {'direction': 'ingress'}
- rule_id = self._create_security_group_rule(secgroup=t_security_group,
- **rule)['id']
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- client_mgr = self.manager
- tenant_id = t_security_group['tenant_id']
- network, subnet = self.create_network_subnet(client_mgr=client_mgr,
- tenant_id=tenant_id,
- cidr_offset=0)
- subnet_id = subnet['id']
- router_id = router['id']
- routers_client = client_mgr.routers_client
- NAM.router_interface_add(self, router_id, subnet_id,
- routers_client)
- self.username, self.password = self.get_image_userpass()
- security_groups = [{'name': t_security_group['id']}]
- key_name = keypair['name']
- t_serv1 = self.create_server_on_network(
- network, security_groups, key_name=key_name,
- image=self.get_server_image(),
- flavor=self.get_server_flavor(),
- name=network['name'])
- self.check_server_connected(t_serv1)
- t_floatingip = self.create_floatingip_for_server(
- t_serv1, client_mgr=client_mgr)
- msg = ("Associate t_floatingip[%s] to server[%s]"
- % (t_floatingip, t_serv1['name']))
- self._check_floatingip_connectivity(
- t_floatingip, t_serv1, should_connect=True, msg=msg)
- firewall_topo = dict(router=router, firewall_name=firewall_name,
- fw_policy_id=fw_policy_id,
- fw_rule_id1=fw_rule_id1,
- firewall_id=created_firewall['id'],
- security_group=t_security_group,
- network=network, subnet=subnet,
- client_mgr=client_mgr, serv1=t_serv1,
- fip1=t_floatingip,
- rule_id=rule_id)
- return firewall_topo
-
- def _perform_operations_on_firewall(self, firewall_topo, protocol_name):
- self._check_floatingip_connectivity(
- firewall_topo['fip1'], firewall_topo['serv1'],
- should_connect=True)
- firewall_rule_2 = self.fwaasv1_client.create_firewall_rule(
- name=data_utils.rand_name("fw-rule"),
- action="deny",
- protocol=protocol_name)
- fw_rule_id2 = firewall_rule_2['firewall_rule']['id']
- self.addCleanup(self._delete_rule_if_exists, fw_rule_id2)
- self.addCleanup(self._delete_policy_if_exists,
- firewall_topo['fw_policy_id'])
- self.addCleanup(self._delete_firewall_if_exists,
- firewall_topo['firewall_id'])
- # Insert rule-2 to firewall policy
- self.fwaasv1_client.insert_firewall_rule_in_policy(
- firewall_topo['fw_policy_id'], fw_rule_id2, '',
- firewall_topo['fw_rule_id1'])
- self._wait_firewall_ready(firewall_topo['firewall_id'])
- return fw_rule_id2
-
- def _get_list_fw_rule_ids(self, fw_policy_id):
- fw_policy = self.fwaasv1_client.show_firewall_policy(
- fw_policy_id)
- return [ruleid for ruleid in fw_policy['firewall_policy']
- ['firewall_rules']]
-
- def create_router_by_type(self, router_type, name=None, **kwargs):
- routers_client = self.manager.routers_client
- router_name = name or data_utils.rand_name('fwaas-')
- create_kwargs = dict(name=router_name, external_gateway_info={
- "network_id": CONF.network.public_network_id})
- if router_type in ('shared', 'exclusive'):
- create_kwargs['router_type'] = router_type
- elif router_type in ('distributed'):
- create_kwargs['distributed'] = True
- kwargs.update(create_kwargs)
- router = routers_client.create_router(**kwargs)
- router = router['router'] if 'router' in router else router
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- routers_client.delete_router, router['id'])
- self.assertEqual(router['name'], router_name)
- return router
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('e2ab2d1a-4dc0-4efd-b03d-8c2322b427f0')
- def test_firewall_icmp_rule_with_exclusive_router(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = \
- self._create_firewall_basic_topo(constants.EXCLUSIVE_ROUTER,
- constants.ICMP_PROTOCOL)
- fip_ip = firewall_topo['fip1']['floating_ip_address']
- self._perform_operations_on_firewall(firewall_topo,
- constants.ICMP_PROTOCOL)
- out = self._test_ping_from_external_network(fip_ip)
- self.assertIn("0 received", str(out))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('fd39455a-232e-4f7f-b102-2853688335dc')
- def test_firewall_tcp_rule_with_exclusive_router(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = \
- self._create_firewall_basic_topo(constants.EXCLUSIVE_ROUTER,
- constants.TCP_PROTOCOL)
- fip_ip = firewall_topo['fip1']['floating_ip_address']
- self._perform_operations_on_firewall(firewall_topo,
- constants.TCP_PROTOCOL)
- out = self._test_ssh_connectivity_from_external_network(fip_ip)
- self.assertIn("Servname not supported", out)
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('3628448a-5977-44e3-b34a-690e4e2ba847')
- def test_firewall_icmp_rule_with_distributed_router(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = \
- self._create_firewall_basic_topo(constants.DISTRIBUTED_ROUTER,
- constants.ICMP_PROTOCOL)
- fip_ip = firewall_topo['fip1']['floating_ip_address']
- self._perform_operations_on_firewall(firewall_topo,
- constants.ICMP_PROTOCOL)
- out = self._test_ping_from_external_network(fip_ip)
- self.assertIn("0 received", str(out))
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('0aeb2acc-0b68-4cca-889d-078f61bbe5b2')
- def test_firewall_tcp_rule_with_distributed_router(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = \
- self._create_firewall_basic_topo(constants.DISTRIBUTED_ROUTER,
- constants.TCP_PROTOCOL)
- fip_ip = firewall_topo['fip1']['floating_ip_address']
- self._perform_operations_on_firewall(firewall_topo,
- constants.TCP_PROTOCOL)
- out = self._test_ssh_connectivity_from_external_network(fip_ip)
- self.assertIn("Servname not supported", out)
-
- @decorators.attr(type='nsxv')
- @decorators.idempotent_id('4a0306e5-663c-4981-8177-e8a255a8859c')
- def test_firewall_update_delete_ops_on_exclusive_router(self):
- # Create router required for an ACTIVE firewall
- firewall_topo = \
- self._create_firewall_basic_topo(constants.EXCLUSIVE_ROUTER,
- constants.ICMP_PROTOCOL)
- firewall_rule_id = \
- self._perform_operations_on_firewall(firewall_topo,
- constants.ICMP_PROTOCOL)
- fip_ip = firewall_topo['fip1']['floating_ip_address']
- out = self._test_ping_from_external_network(fip_ip)
- self.assertIn("0 received", str(out))
- self.fwaasv1_client.update_firewall_rule(
- firewall_rule_id,
- action="allow")
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- out = self._test_ping_from_external_network(fip_ip)
- self.assertIn("64 bytes from ", str(out))
- self.fwaasv1_client.update_firewall_rule(
- firewall_rule_id, protocol="tcp",
- action="deny")
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- out = self._test_ssh_connectivity_from_external_network(fip_ip)
- self.assertIn("Servname not supported", out)
- out = self._test_ping_from_external_network(fip_ip)
- self.assertIn("64 bytes from ", str(out))
- self.fwaasv1_client.update_firewall_rule(
- firewall_rule_id, action="allow")
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- out = self._test_ssh_connectivity_from_external_network(fip_ip)
- self._wait_firewall_ready(firewall_topo['firewall_id'])
- out = self._test_ping_from_external_network(fip_ip)
- self.assertIn("64 bytes from ", str(out))
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_v1_lbaas_basic_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_v1_lbaas_basic_ops.py
deleted file mode 100644
index 9edd0cde6f..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_v1_lbaas_basic_ops.py
+++ /dev/null
@@ -1,440 +0,0 @@
-# Copyright 2014 Mirantis.inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import shlex
-import subprocess
-import tempfile
-import time
-import urllib2
-
-import six
-from tempest import config
-from tempest import exceptions
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.services import load_balancer_v1_client as LBV1C
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- network_addon_methods as HELO)
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-
-
-class TestLBaaSBasicOps(manager.NetworkScenarioTest):
-
- """This test checks basic load balancing.
-
- The following is the scenario outline:
- 1. Create an instance
- 2. SSH to the instance and start two servers
- 3. Create a load balancer with two members and with ROUND_ROBIN algorithm
- associate the VIP with a floating ip
- 4. Send NUM requests to the floating ip and check that they are shared
- between the two servers.
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestLBaaSBasicOps, cls).skip_checks()
- cfg = CONF.network
- if not test.is_extension_enabled('lbaas', 'network'):
- msg = 'LBaaS Extension is not enabled'
- raise cls.skipException(msg)
- if not (cfg.project_networks_reachable or cfg.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- # Ask framework to not create network resources for these tests.
- cls.set_network_resources()
- super(TestLBaaSBasicOps, cls).setup_credentials()
-
- def setUp(self):
- super(TestLBaaSBasicOps, self).setUp()
- # https://review.openstack.org/#/c/262571/
- CONF.validation.ssh_shell_prologue = ''
- self.servers_keypairs = {}
- self.members = []
- self.floating_ips = {}
- self.server_ips = {}
- self.port1 = 80
- self.port2 = 88
- self.num = 50
- self.server_ips = {}
- self.server_fixed_ips = {}
- self.lbv1_client = LBV1C.get_client(self.manager)
- self._create_security_group_for_test()
- self._set_net_and_subnet()
-
- def tearDown(self):
- for s_id in self.server_ips.keys():
- try:
- self.servers_client.delete_server(s_id)
- except Exception:
- pass
- try:
- for mem in self.members:
- mem.delete()
- self.vip.delete()
- self.pool.delete()
- except Exception:
- pass
- super(TestLBaaSBasicOps, self).tearDown()
-
- def _set_net_and_subnet(self):
- """Create network, subnet and router.
-
- Query and set appropriate network and subnet attributes to be used
- for the test. Existing tenant networks are used if they are found.
- The configured private network and associated subnet is used as a
- fallback in absence of tenant networking.
- """
- self.network, self.subnet, self.router = (
- self.create_networks(router_type='exclusive'))
- self.check_networks()
-
- # overwrite super class who does not accept router attributes
- def create_networks(self, dns_nameservers=None, **kwargs):
- namestart = 'lbv1-ops'
- routers_client = self.routers_client
- networks_client = self.networks_client
- subnets_client = self.subnets_client
-
- router_kwargs = dict(client=routers_client, namestart=namestart)
- for k in kwargs.keys():
- if k in ('distributed', 'router_type', 'router_size'):
- router_kwargs[k] = kwargs.pop(k)
- router = self._create_router(**router_kwargs)
- HELO.router_gateway_set(self, router['id'],
- CONF.network.public_network_id)
-
- network = self._create_network(
- routers_client=routers_client,
- networks_client=networks_client,
- namestart=namestart)
-
- subnet_kwargs = dict(network=network,
- namestart=namestart,
- subnets_client=subnets_client)
- # use explicit check because empty list is a valid option
- if dns_nameservers is not None:
- subnet_kwargs['dns_nameservers'] = dns_nameservers
- subnet = self._create_subnet(**subnet_kwargs)
- HELO.router_interface_add(self, router['id'], subnet['id'],
- routers_client)
- return network, subnet, router
-
- # overwrite super class
- def _create_router(self, client=None, tenant_id=None,
- namestart='router-lbv1', **kwargs):
- return HELO.router_create(self, client,
- tenant_id=tenant_id,
- namestart=namestart,
- admin_state_up=True,
- **kwargs)
-
- def check_networks(self):
- HELO.check_networks(self, self.network, self.subnet, self.router)
-
- def _create_security_group_for_test(self):
- self.security_group = self._create_security_group()
- self._create_security_group_rules_for_port(self.port1)
- self._create_security_group_rules_for_port(self.port2)
-
- def _create_security_group_rules_for_port(self, port):
- rule = {
- 'direction': 'ingress',
- 'protocol': 'tcp',
- 'port_range_min': port,
- 'port_range_max': port,
- }
- self._create_security_group_rule(
- secgroup=self.security_group,
- **rule)
-
- def _create_server(self, name):
- keypair = self.create_keypair()
- security_groups = [{'name': self.security_group['name']}]
- create_kwargs = {
- 'networks': [
- {'uuid': self.network['id']},
- ],
- 'key_name': keypair['name'],
- 'security_groups': security_groups,
- 'wait_until': 'ACTIVE',
- }
- net_name = self.network['name']
- server = self.create_server(name=name, **create_kwargs)
- serv_id = server['id']
- self.servers_keypairs[serv_id] = keypair
- if (CONF.network.public_network_id and not
- CONF.network.project_networks_reachable):
- public_network_id = CONF.network.public_network_id
- floating_ip = self.create_floating_ip(
- server, public_network_id)
- self.floating_ips[floating_ip] = server
- self.server_ips[serv_id] = floating_ip['floating_ip_address']
- else:
- self.server_ips[serv_id] = self._server_ip(server, net_name)
- self.server_fixed_ips[serv_id] = self._server_ip(server, net_name)
- self.assertTrue(self.servers_keypairs)
- return server
-
- def _server_ip(self, server, net_name):
- return server['addresses'][net_name][0]['addr']
-
- def _create_servers(self):
- for count in range(2):
- self._create_server(name=("server%s" % (count + 1)))
- self.assertEqual(len(self.servers_keypairs), 2)
-
- def _start_servers(self):
- """Start two hardcoded named servers: server1 & server2
-
- 1. SSH to the instance
- 2. Start two http backends listening on ports 80 and 88 respectively
- """
- for server_id, ip in six.iteritems(self.server_ips):
- private_key = self.servers_keypairs[server_id]['private_key']
- # server = self.servers_client.show_server(server_id)['server']
- # server['name'] is not 'server1' as 2015-12 due to upstream change
- # server_name = server['name']
- username = CONF.validation.image_ssh_user
- ssh_client = self.get_remote_client(
- ip,
- private_key=private_key)
-
- # Write a backend's response into a file
- resp = ('echo -ne "HTTP/1.1 200 OK\r\nContent-Length: 7\r\n'
- 'Connection: close\r\nContent-Type: text/html; '
- 'charset=UTF-8\r\n\r\n%s"; cat >/dev/null')
-
- with tempfile.NamedTemporaryFile() as script:
- script.write(resp % 'server1')
- script.flush()
- with tempfile.NamedTemporaryFile() as key:
- key.write(private_key)
- key.flush()
- copy_file_to_host(script.name,
- "/tmp/script1",
- ip,
- username, key.name)
-
- # Start netcat
- start_server = ('while true; do '
- 'sudo nc -ll -p %(port)s -e sh /tmp/%(script)s; '
- 'done > /dev/null &')
- cmd = start_server % {'port': self.port1,
- 'script': 'script1'}
- # https://review.openstack.org/#/c/262571/
- # ssh_client.exec_command(cmd, False)
- ssh_client.exec_command(cmd)
-
- if len(self.server_ips) == 1:
- with tempfile.NamedTemporaryFile() as script:
- script.write(resp % 'server2')
- script.flush()
- with tempfile.NamedTemporaryFile() as key:
- key.write(private_key)
- key.flush()
- copy_file_to_host(script.name,
- "/tmp/script2", ip,
- username, key.name)
- cmd = start_server % {'port': self.port2,
- 'script': 'script2'}
- # https://review.openstack.org/#/c/262571/
- # ssh_client.exec_command(cmd, False)
- ssh_client.exec_command(cmd)
-
- def _check_connection(self, check_ip, port=80):
- def try_connect(ip, port):
- try:
- resp = urllib2.urlopen("http://{0}:{1}/".format(ip, port))
- if resp.getcode() == 200:
- return True
- return False
- except IOError:
- return False
- except urllib2.HTTPError:
- return False
- timeout = CONF.validation.ping_timeout
- start = time.time()
- while not try_connect(check_ip, port):
- if (time.time() - start) > timeout:
- message = "Timed out trying to connect to %s" % check_ip
- raise exceptions.TimeoutException(message)
-
- def _create_pool(self):
- """Create a pool with ROUND_ROBIN algorithm."""
- pool_name = data_utils.rand_name('pool-')
- pool = self.lbv1_client.create_pool(
- pool_name,
- lb_method='ROUND_ROBIN',
- protocol='HTTP',
- subnet_id=self.subnet['id'])
- self.pool = pool.get('pool', pool)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.lbv1_client.delete_pool,
- self.pool['id'])
- self.assertTrue(self.pool)
- return self.pool
-
- def _create_vip(self, pool_id, **kwargs):
- result = self.lbv1_client.create_vip(pool_id, **kwargs)
- vip = result.get('vip', result)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.lbv1_client.delete_vip,
- vip['id'])
- return vip
-
- def _create_member(self, protocol_port, pool_id, ip_version=4, **kwargs):
- result = self.lbv1_client.create_member(protocol_port, pool_id,
- ip_version, **kwargs)
- member = result.get('member', result)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.lbv1_client.delete_member,
- member['id'])
-
- def _create_members(self):
- """Create two members.
-
- In case there is only one server, create both members with the same ip
- but with different ports to listen on.
- """
-
- pool_id = self.pool['id']
- for server_id, ip in six.iteritems(self.server_fixed_ips):
- if len(self.server_fixed_ips) == 1:
- member1 = self._create_member(address=ip,
- protocol_port=self.port1,
- pool_id=pool_id)
- member2 = self._create_member(address=ip,
- protocol_port=self.port2,
- pool_id=pool_id)
- self.members.extend([member1, member2])
- else:
- member = self._create_member(address=ip,
- protocol_port=self.port1,
- pool_id=pool_id)
- self.members.append(member)
- self.assertTrue(self.members)
-
- def _assign_floating_ip_to_vip(self, vip):
- public_network_id = CONF.network.public_network_id
- vip_id = vip['id']
- port_id = vip['port_id']
- floating_ip = self.create_floating_ip(vip, public_network_id,
- port_id=port_id)
- #?# self.floating_ips.setdefault(vip_id, [])
- self.floating_ips[vip_id].append(floating_ip)
- # Check for floating ip status before you check load-balancer
- self.check_floating_ip_status(floating_ip, "ACTIVE")
-
- def _create_load_balancer(self):
- self._create_pool()
- self._create_members()
- vip_id = self.vip['id']
- self.vip = self._create_vip(protocol='HTTP',
- protocol_port=80,
- subnet_id=self.subnet['id'],
- pool_id=self.pool['id'])
- self.vip_wait_for_status(self.vip, 'ACTIVE')
- if (CONF.network.public_network_id and not
- CONF.network.project_networks_reachable):
- self._assign_floating_ip_to_vip(self.vip)
- self.vip_ip = self.floating_ips[
- vip_id][0]['floating_ip_address']
- else:
- self.vip_ip = self.vip['address']
-
- # Currently the ovs-agent is not enforcing security groups on the
- # vip port - see https://bugs.launchpad.net/neutron/+bug/1163569
- # However the linuxbridge-agent does, and it is necessary to add a
- # security group with a rule that allows tcp port 80 to the vip port.
- self.ports_client.update_port(
- self.vip['port_id'],
- security_groups=[self.security_group['id']])
-
- def vip_wait_for_status(self, vip, status='ACTIVE'):
- # vip is DelatableVip
- interval = self.lbv1_client.build_interval
- timeout = self.lbv1_client.build_timeout
- start_time = time.time()
-
- vip_id = vip['id']
- while time.time() - start_time <= timeout:
- resource = self.lbv1_client.show_vip(vip_id)['vip']
- if resource['status'] == status:
- return
- time.sleep(interval)
- message = "Wait for VIP become ACTIVE"
- raise exceptions.TimeoutException(message)
-
- def _check_load_balancing(self):
- """http to load balancer to check message handled by both servers.
-
- 1. Send NUM requests on the floating ip associated with the VIP
- 2. Check that the requests are shared between the two servers
- """
-
- self._check_connection(self.vip_ip)
- self._send_requests(self.vip_ip, ["server1", "server2"])
-
- def _send_requests(self, vip_ip, servers):
- counters = dict.fromkeys(servers, 0)
- for i in range(self.num):
- try:
- server = urllib2.urlopen("http://{0}/".format(vip_ip)).read()
- counters[server] += 1
- # HTTP exception means fail of server, so don't increase counter
- # of success and continue connection tries
- except urllib2.HTTPError:
- continue
- # Assert that each member of the pool gets balanced at least once
- for member, counter in six.iteritems(counters):
- self.assertGreater(counter, 0, 'Member %s never balanced' % member)
-
- @decorators.idempotent_id('e81b5af1-d854-4e16-9d2d-16187bdf1334')
- @test.services('compute', 'network')
- def test_load_balancer_basic(self):
- self._create_server('server1')
- self._start_servers()
- self._create_load_balancer()
- self._check_load_balancing()
-
-
-def copy_file_to_host(file_from, dest, host, username, pkey):
- dest = "%s@%s:%s" % (username, host, dest)
- cmd = "scp -v -o UserKnownHostsFile=/dev/null " \
- "-o StrictHostKeyChecking=no " \
- "-i %(pkey)s %(file1)s %(dest)s" % {'pkey': pkey,
- 'file1': file_from,
- 'dest': dest}
- args = shlex.split(cmd.encode('utf-8'))
- subprocess_args = {'stdout': subprocess.PIPE,
- 'stderr': subprocess.STDOUT}
- proc = subprocess.Popen(args, **subprocess_args)
- stdout, stderr = proc.communicate()
- if proc.returncode != 0:
- raise exceptions.CommandFailed(cmd,
- proc.returncode,
- stdout,
- stderr)
- return stdout
diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_xnet_multiple_subnets_basic_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_xnet_multiple_subnets_basic_ops.py
deleted file mode 100644
index 132c5cd55f..0000000000
--- a/vmware_nsx_tempest/tests/nsxv/scenario/test_xnet_multiple_subnets_basic_ops.py
+++ /dev/null
@@ -1,301 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import time
-
-from tempest.common import waiters
-from tempest import config
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.tests.nsxv.scenario import (
- manager_topo_deployment as dmgr)
-
-CONF = config.CONF
-
-
-class TestXnetMultiSubnetsOps(dmgr.TopoDeployScenarioManager):
- """Test NSX external network can support multiple subnets/cidrs.
-
- With multiple subnets, VMs get its floatingip from all subnets
- attached to the external network.
-
- This test validates that VM can get its floatingip from all subnets,
- and are reachable. However due to the physical network routing issue,
- we can only validate at devstack environment:
-
- 1. VM's floatingip is pingable
- 2. can ssh to VM's floatingip.
- 3. from VM can ping other VMs' private address.
-
- If this test fail and were not able to revert to its original subnet
- ip ranges, other tempest tests require floatingip's might FAIL.
-
- The test will shrink the primary subnet range to 3 ip addresses.
- Note: the 1st one is already used by the router1@devstack.
-
- The 2nd subnet is set with CONF.scenario.xnet_multiple_subnets_dict,
- and no-gateway is required. Make sure the 2nd CIRD is reachable by
- your devstack.
-
- LIMITATION:
- This test can only be done at devstack environment, other environment,
- for example VIO can not be executed unless you can modify the physical
- network to route the 2nd subnet cidr to the OS environment.
-
- This test validates data-path from the devstack host itself:
- 1. Ping to floating-ips
- 2. ssh to VM
- 3. from VM ping other VMs' private ip address
-
- ATTENTION:
- Because, this test consumes floatingip's so both subnets ip-ranges
- will be used. NO OTHER TESTS should run when executing this test.
-
- Run this test module sequencially :
-
- ./run_tempest.sh -t
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestXnetMultiSubnetsOps, cls).skip_checks()
- if not CONF.scenario.xnet_multiple_subnets_dict:
- msg = 'scenario.xnet_multiple_subnets_dict must be set.'
- raise cls.skipException(msg)
- if not CONF.network.public_network_id:
- msg = ('network.public_network_id must be defined.')
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(TestXnetMultiSubnetsOps, cls).resource_setup()
- cls.xnet_subnets = [None, None]
- cls.public_network_id = CONF.network.public_network_id
- # primary user
- cls.primary_tenant_id = cls.manager.networks_client.tenant_id
- cls.floating_ips_client = cls.manager.floating_ips_client
- cls.servers_client = cls.manager.servers_client
-
- @classmethod
- def resource_cleanup(cls):
- cls.remove_this_test_resources()
- super(TestXnetMultiSubnetsOps, cls).resource_cleanup()
-
- @classmethod
- def remove_this_test_resources(cls):
- dmgr.delete_all_servers(cls.manager.servers_client)
- subnets_client = cls.admin_manager.subnets_client
- subnet_1 = cls.xnet_subnets[0]
- subnet_2 = cls.xnet_subnets[1]
- if subnet_2:
- subnets_client.delete_subnet(subnet_2['id'])
- cls.xnet_subnets[1] = None
- if subnet_1:
- subnets_client.update_subnet(
- subnet_1['id'],
- allocation_pools=subnet_1['allocation_pools'])
- cls.xnet_subnets[0] = None
-
- @classmethod
- def create_no_gateway_subnet(cls, network_id, cidr, allocation_pool,
- ip_version=4, dns_nameservers=None,
- name=None, client_mgr=None, **kwargs):
- """Subnets, except the 1st one, no-gateway should be applied."""
-
- client_mgr = client_mgr or cls.admin_manager
- subnets_client = client_mgr.subnets_client
- post_body = {'network_id': network_id,
- 'cidr': cidr,
- 'allocation_pools': [allocation_pool],
- 'ip_version': ip_version,
- 'gateway_ip': None,
- 'enable_dhcp': False}
- if name:
- post_body['name'] = name
- if dns_nameservers:
- post_body['dns_nameservers'] = dns_nameservers
- body = subnets_client.create_subnet(**post_body)
- subnet_2 = subnets_client.show_subnet(body['subnet']['id'])
- # no addCleanup, it is to be done at tearDown
- return subnet_2['subnet']
-
- def setUp(self):
- """Create the 2nd subnet attached to public network.
-
- Idealy this is at class method. However we need to validate that
- the public network and its subnets are correctly configured.
-
- External network/subnet configured here, so assert* can be called.
- """
- super(TestXnetMultiSubnetsOps, self).setUp()
- # only admin user can manage external network/subnets
- networks_client = self.admin_manager.networks_client
- subnets_client = self.admin_manager.subnets_client
- self.sub2_dict = CONF.scenario.xnet_multiple_subnets_dict
- # limited to only one subnet available when test started.
- subnet_id_list = networks_client.show_network(
- self.public_network_id)["network"]["subnets"]
- self.assertEqual(1, len(subnet_id_list))
- subnet_1 = subnets_client.show_subnet(
- subnet_id_list[0])["subnet"]
- self.assertEqual(1, len(subnet_1["allocation_pools"]))
- pool_start = subnet_1["allocation_pools"][0]["start"]
- iprange = pool_start.split(".")
- iprange[3] = str(int(iprange[3]) + 3)
- pool_end = ".".join(iprange)
- sub1_allocation = {'start': pool_start, 'end': pool_end}
- self.xnet_subnets[0] = subnet_1
- # update the 1st subnet so it only has 3 ip addresses
- subnet1 = subnets_client.update_subnet(
- subnet_1['id'],
- allocation_pools=[sub1_allocation])['subnet']
- alloc_pool1 = subnet1['allocation_pools']
- self.assertEqual(1, len(alloc_pool1))
- alloc_pool1 = alloc_pool1[0]
- self.assertEqual(pool_start, alloc_pool1['start'])
- self.assertEqual(pool_end, alloc_pool1['end'])
- # create the 2nd subnet under external network
- alloc_pool2 = {'start': self.sub2_dict['start'],
- 'end': self.sub2_dict['end']}
- dns_nameservers = subnet_1['dns_nameservers']
- subnet_2 = self.create_no_gateway_subnet(
- subnet_1['network_id'], cidr=self.sub2_dict['cidr'],
- allocation_pool=alloc_pool2, dns_nameservers=dns_nameservers,
- name='public-xnet-subnet2')
- self.xnet_subnets[1] = subnet_2
- self.my_network = None
- self.user_sg = self._create_security_group(
- security_groups_client=self.manager.security_groups_client,
- namestart='xnet-subnets')
-
- def tearDown(self):
- super(TestXnetMultiSubnetsOps, self).tearDown()
-
- def create_user_servers(self, num_servers=5):
- network = self.my_network['network']
- user_sg = [{'name': self.user_sg['id']}]
- self.my_network['servers'] = []
- server_id_list = []
- for num in range(0, num_servers):
- vm_name = 'xnet-subnet-%d' % (num + 1)
- sv = self.create_server_on_network(
- network,
- security_groups=user_sg,
- name=vm_name, wait_on_boot=False)
- self.my_network['servers'].append(sv)
- server_id_list.append(sv['id'])
- self.wait_for_servers_become_active(server_id_list,
- self.servers_client)
-
- def wait_for_servers_become_active(self, server_id_list,
- servers_client):
- for server_id in server_id_list:
- waiters.wait_for_server_status(
- servers_client, server_id, 'ACTIVE')
-
- def create_floatingips_and_assign_to_servers(self):
- self.my_network['floatingips'] = []
- self.fixed_ip_addresses = []
- for sv in self.my_network['servers']:
- floatingip, sshc = self.create_floatingip_for_server(sv)
- self.my_network['floatingips'].append(floatingip)
- self.fixed_ip_addresses.append(floatingip['fixed_ip_address'])
- # check inside this tenant network, all VMs are reachable.
- self.validate_all_servers_private_address_are_reachable(
- sshc, self.fixed_ip_addresses)
-
- def create_floatingip_for_server(self, server):
- # project/tenant create the server, not the ADMIN
- username, password = self.get_image_userpass()
- # Only admin can create resource with tenant_id attributes, so
- # always providing the admin_manager as client to create_floatingip
- # as scenario/manager.py always insert tenant_id attribe
- # while creating the serve..
- floatingip = super(TestXnetMultiSubnetsOps,
- self).create_floatingip_for_server(
- server,
- external_network_id=self.public_network_id,
- client_mgr=self.admin_manager)
- msg = ("Associate floatingip[%s] to server[%s]"
- % (floatingip, server['name']))
- self._check_floatingip_connectivity(
- floatingip, server, should_connect=True, msg=msg)
- serv_fip = floatingip['floating_ip_address']
- dmgr.rm_sshkey(serv_fip)
- ssh_client = dmgr.get_remote_client_by_password(
- serv_fip, username, password)
- return (floatingip, ssh_client)
-
- def delete_floatingips_and_servers(self):
- for net_floatingip in self.my_network['floatingips']:
- test_utils.call_and_ignore_notfound_exc(
- self.floating_ips_client.delete_floatingip,
- net_floatingip['id'])
- fip_list = self.floating_ips_client.list_floatingips()['floatingips']
- if len(fip_list) > 0:
- time.sleep(dmgr.WAITTIME_AFTER_DISASSOC_FLOATINGIP)
- self.my_network['floatingips'] = []
- dmgr.delete_all_servers(self.servers_client)
-
- def validate_all_servers_private_address_are_reachable(self,
- ssh_client,
- ip_addresses):
- for ip_addr in ip_addresses:
- msg = "VM private address[%s] is not reachable." % ip_addr
- reachable = dmgr.is_reachable(ssh_client, ip_addr)
- self.assertTrue(reachable, msg)
-
- def _test_xnet_multiple_subnets_basic_ops(self, router_type='exclusive',
- namestart='xnet-subnets',
- distributed=None):
- network, subnet, router = self.setup_project_network(
- self.public_network_id,
- client_mgr=self.admin_manager,
- tenant_id=self.primary_tenant_id,
- namestart=namestart,
- router_type=router_type, distributed=distributed)
- self.my_network = {'router': router,
- 'subnet': subnet,
- 'network': network,
- 'servers': [],
- 'floatingips': []}
- self.create_user_servers()
- self.create_floatingips_and_assign_to_servers()
- self.delete_floatingips_and_servers()
-
-
-class TestXnetMultiSubnetsOpsOnSharedRouter(TestXnetMultiSubnetsOps):
-
- @decorators.idempotent_id('e25d030f-7fdf-4500-bd55-4ed6f62c0a5c')
- def test_xnet_multiple_subnets_basic_ops_on_shared_router(self):
- return self._test_xnet_multiple_subnets_basic_ops(
- 'shared', 'xnet-shared', False)
-
-
-class TestXnetMultiSubnetsOpsOnExclusiveRouter(TestXnetMultiSubnetsOps):
-
- @decorators.idempotent_id('5b09351a-0560-4555-99f0-a1f80d54d435')
- def test_xnet_multiple_subnets_basic_ops_on_exclusive_router(self):
- return self._test_xnet_multiple_subnets_basic_ops(
- 'exclusive', 'xnet-exclusive', False)
-
-
-class TestXnetMultiSubnetsOpsOnDistributedRouter(TestXnetMultiSubnetsOps):
-
- @decorators.idempotent_id('9652d36b-8816-4212-a6e1-3a8b2580deee')
- def test_xnet_multiple_subnets_basic_ops_on_distributed_router(self):
- return self._test_xnet_multiple_subnets_basic_ops(
- '', 'xnet-distributed', True)
diff --git a/vmware_nsx_tempest/tests/nsxv3/README.rst b/vmware_nsx_tempest/tests/nsxv3/README.rst
deleted file mode 100644
index 9b2af508df..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/README.rst
+++ /dev/null
@@ -1,5 +0,0 @@
-Placeholder for NSXv3 plugin specific automated tests
-directory:
- nsxv3
- api/
- scenario/
diff --git a/vmware_nsx_tempest/tests/nsxv3/__init__.py b/vmware_nsx_tempest/tests/nsxv3/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/__init__.py b/vmware_nsx_tempest/tests/nsxv3/api/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_l2_gateway.py b/vmware_nsx_tempest/tests/nsxv3/api/test_l2_gateway.py
deleted file mode 100644
index 74e2ea03bb..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_l2_gateway.py
+++ /dev/null
@@ -1,804 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Copyright 2015 OpenStack Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import netaddr
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions as lib_exc
-from tempest import test
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.lib import feature_manager
-
-LOG = constants.log.getLogger(__name__)
-
-CONF = config.CONF
-NON_EXIST_UUID = "12341234-0000-1111-2222-000000000000"
-
-
-class L2GatewayBase(feature_manager.FeatureManager):
- @classmethod
- def skip_checks(cls):
- """
- Skip running test if we do not meet criteria to run the tests.
- """
- super(L2GatewayBase, cls).skip_checks()
- if not test.is_extension_enabled("l2-gateway", "network"):
- raise cls.skipException("l2-gateway extension not enabled.")
-
- @classmethod
- def resource_setup(cls):
- """
- Setting up the resources for the test.
- """
- super(L2GatewayBase, cls).resource_setup()
- cls.VLAN_1 = CONF.l2gw.vlan_1
- cls.VLAN_2 = CONF.l2gw.vlan_2
- # Create subnet on the network just created.
- cls.SUBNET_1_NETWORK_CIDR = CONF.l2gw.subnet_1_cidr
- cls.SUBNET_1_MASK = cls.SUBNET_1_NETWORK_CIDR.split("/")[1]
-
- def deploy_l2gateway_topology(self):
- network_l2gateway = self.create_topology_network("network_l2gateway")
- # cidr must be presented & in IPNetwork structure.
- self.CIDR = netaddr.IPNetwork(self.SUBNET_1_NETWORK_CIDR)
- self.create_topology_subnet(
- "subnet1_l2gateway", network_l2gateway, cidr=self.CIDR,
- mask_bits=int(self.SUBNET_1_MASK))
-
-
-class L2GatewayTest(L2GatewayBase):
- """
- Test l2 gateway operations.
- """
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("e5e3a089-602c-496e-8c17-4ef613266924")
- def test_l2_gateway_create_without_vlan(self):
- """
- Create l2gw based on UUID and bridge cluster name. It creates l2gw.
- To create l2gw we need bridge cluster name (interface name) and
- bridge cluster UUID (device name) from NSX manager.
- """
- LOG.info("Testing l2_gateway_create api")
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- rsp, requested_devices = self.create_l2gw(l2gw_name, l2gw_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- self.assertEqual(requested_devices[0]["device_name"],
- rsp[constants.L2GW]["devices"][0]["device_name"],
- "Device name is not the same as expected")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("9968a529-e785-472f-8705-9b394a912e43")
- def test_l2_gateway_with_single_vlan(self):
- """
- Create l2gw based on UUID and bridge cluster name. It creates l2gw.
- To create l2gw we need bridge cluster name (interface name) and
- bridge cluster UUID (device name) from NSX manager and vlan id.
- """
- LOG.info("Testing l2_gateway_create api with segmentation ID")
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [self.VLAN_1]}
- l2gw_param = [device_1]
- rsp, requested_devices = self.create_l2gw(l2gw_name, l2gw_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- self.assertEqual(requested_devices[0]["device_name"],
- rsp[constants.L2GW]["devices"][0]["device_name"],
- "Device name is not the same as expected")
- self.assertEqual(requested_devices[0]["interfaces"][0][
- "name"],
- rsp[constants.L2GW]["devices"][0]["interfaces"][0][
- "name"],
- "Interface name is not the same as expected")
- requested_vlans = \
- requested_devices[0]["interfaces"][0]["segmentation_id"]
- response_vlans = rsp[constants.L2GW]["devices"][0]["interfaces"][0][
- "segmentation_id"]
- for id in requested_vlans:
- self.assertIn(id, response_vlans)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("3861aab0-4f76-4472-ad0e-a255e6e42193")
- def test_l2_gateway_with_multiple_vlans(self):
- """
- Create l2gw based on UUID and bridge cluster name. It creates l2gw.
- To create l2gw we need bridge cluster name (interface name) and
- bridge cluster UUID (device name) from NSX manager and vlan id.
- """
- LOG.info("Testing l2_gateway_create api with segmentation ID")
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [self.VLAN_1, self.VLAN_2]}
- l2gw_param = [device_1]
- rsp, requested_devices = self.create_l2gw(l2gw_name, l2gw_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- self.assertEqual(requested_devices[0]["device_name"],
- rsp[constants.L2GW]["devices"][0]["device_name"],
- "Device name is not the same as expected")
- self.assertEqual(requested_devices[0]["interfaces"][0][
- "name"],
- rsp[constants.L2GW]["devices"][0]["interfaces"][0][
- "name"],
- "Interface name is not the same as expected")
- requested_vlans = \
- requested_devices[0]["interfaces"][0]["segmentation_id"]
- response_vlans = rsp[constants.L2GW]["devices"][0]["interfaces"][0][
- "segmentation_id"]
- for id in requested_vlans:
- self.assertIn(id, response_vlans)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("670cbcb5-134e-467d-ba41-0d7cdbcf3903")
- def test_l2_gateway_delete(self):
- """
- Delete l2gw will create l2gw and delete recently created l2gw. To
- delete l2gw we need l2gw id.
- """
- LOG.info("Testing l2_gateway_delete api")
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- # Create l2gw to delete it.
- rsp, requested_devices = self.create_l2gw(l2gw_name, l2gw_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code":
- constants.EXPECTED_HTTP_RESPONSE_201})
- l2gw_id = rsp[constants.L2GW]["id"]
- # Delete l2gw.
- rsp = self.delete_l2gw(l2gw_id)
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_204,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_204})
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("fa76f6e6-8aa7-46d8-9af4-2206d0773dc3")
- def test_l2_gateway_update_l2gw_name(self):
- """
- Update l2gw will update info in already created l2gw. To
- update l2gw we need l2gw id and payload to update.
- """
- LOG.info("Testing l2_gateway_update api")
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- # Create l2gw to update l2gw name.
- rsp, requested_devices = self.create_l2gw(l2gw_name, l2gw_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code":
- constants.EXPECTED_HTTP_RESPONSE_201})
- devices = {"devices": [{"device_name": device_name,
- "interfaces": [{"name": interface_name}]}]
- }
- l2gw_id = rsp[constants.L2GW]["id"]
- l2gw_new_name = "updated_name"
- # Update l2gw name.
- update_rsp = self.update_l2gw(l2gw_id, l2gw_new_name, devices)
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_200,
- update_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code":
- constants.EXPECTED_HTTP_RESPONSE_200})
- rsp_l2gw = update_rsp[constants.L2GW]
- LOG.info("response : %(rsp_l2gw)s", {"rsp_l2gw": rsp_l2gw})
- # Assert if name is not updated.
- self.assertEqual(l2gw_new_name, rsp_l2gw["name"],
- "l2gw name=%(rsp_name)s is not the same as "
- "requested=%(name)s" % {"rsp_name": rsp_l2gw["name"],
- "name": l2gw_new_name})
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("c4977df8-8e3a-4b7e-a8d2-5aa757117658")
- def test_l2_gateway_update_interface(self):
- """
- Update l2gw will update info in already created l2gw. To
- update l2gw we need l2gw id and payload to update.
- """
- LOG.info("Testing l2_gateway_update api")
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- # Create l2gw to update l2gw name.
- rsp, requested_devices = self.create_l2gw(l2gw_name, l2gw_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code":
- constants.EXPECTED_HTTP_RESPONSE_201})
- devices = {"devices": [
- {"device_name": device_name,
-
- "interfaces": [{"name": "new_name",
- "segmentation_id": [self.VLAN_1]}],
- "deleted_interfaces": [{"name": interface_name}]}
- ]}
- l2gw_id = rsp[constants.L2GW]["id"]
- update_rsp = self.update_l2gw(l2gw_id, l2gw_name, devices)
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_200,
- update_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code":
- constants.EXPECTED_HTTP_RESPONSE_200})
- rsp_l2gw = update_rsp[constants.L2GW]
- LOG.info("response : %(rsp_l2gw)s", {"rsp_l2gw": rsp_l2gw})
- if "segmentation_id" in devices["devices"][0]["interfaces"][0]:
- self.assertEqual(devices["devices"][0]["interfaces"][0][
- "segmentation_id"][0],
- rsp_l2gw["devices"][0]["interfaces"][0][
- "segmentation_id"][0],
- "L2GW segmentation id update failed!!!")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("5a3cef97-c91c-4e03-92c8-d180f9269f27")
- def test_l2_gateway_show(self):
- """
- show l2gw based on UUID. To see l2gw info we need l2gw id.
- """
- LOG.info("Testing l2_gateway_show api")
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [self.VLAN_1, self.VLAN_2]}
- l2gw_param = [device_1]
- rsp, requested_devices = self.create_l2gw(l2gw_name, l2gw_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- l2gw_id = rsp[constants.L2GW]["id"]
- l2gw_id = str(l2gw_id)
- show_rsp = self.l2gw_client.show_l2_gateway(l2gw_id)
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_200,
- show_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code":
- constants.EXPECTED_HTTP_RESPONSE_200})
- show_rsp = show_rsp[constants.L2GW]["devices"]
- rsp = rsp[constants.L2GW]["devices"]
- self.assertEqual(rsp[0]["device_name"],
- show_rsp[0]["device_name"],
- "Device name is not the same as expected")
- self.assertEqual(
- rsp[0]["interfaces"][0]["name"],
- show_rsp[0]["interfaces"][0]["name"],
- "Interface name is not the same as expected")
- requested_vlans = \
- rsp[0]["interfaces"][0]["segmentation_id"]
- response_vlans = show_rsp[0]["interfaces"][0]["segmentation_id"]
- for id in requested_vlans:
- self.assertIn(id, response_vlans)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("d4a7d3af-e637-45c5-a967-d179153a6e58")
- def test_l2_gateway_list(self):
- """
- list created l2gw.
- """
- LOG.info("Testing l2_gateway_list api")
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [self.VLAN_1]}
- l2gw_param = [device_1]
- l2gw_rsp, requested_devices = self.create_l2gw(l2gw_name, l2gw_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gw_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- list_rsp = self.l2gw_client.list_l2_gateways()
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_200,
- list_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code":
- constants.EXPECTED_HTTP_RESPONSE_200})
- for l2gw in list_rsp[constants.L2GWS]:
- if l2gw["id"] == l2gw_rsp[constants.L2GW]["id"]:
- list_rsp = l2gw
- l2gw_rsp = l2gw_rsp[constants.L2GW]
- break
- self.assertEqual(l2gw_rsp, list_rsp, "L2GW create response and L2GW "
- "list response does not match.")
-
-
-class L2GatewayConnectionTest(L2GatewayBase):
- """
- Test l2 gateway connection operations.
- """
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("81edfb9e-4722-4565-939c-6593b8405ff4")
- def test_l2_gateway_connection_create(self):
- """
- Create l2 gateway connection using one vlan. Vlan parameter is
- passed into L2GW create.
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [self.VLAN_1]}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"]}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- self.assertEqual(l2gwc_param["l2_gateway_id"],
- l2gwc_rsp[constants.L2GWC]["l2_gateway_id"],
- "l2gw id is not same as expected in "
- "create l2gw connection response")
- self.assertEqual(l2gwc_param["network_id"],
- l2gwc_rsp[constants.L2GWC]["network_id"],
- "network id is not same as expected in "
- "create l2gw connection response")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("7db4f6c9-18c5-4a99-93c1-68bc2ecb48a7")
- def test_l2_gateway_connection_create_with_multiple_vlans(self):
- """
- Create l2 gateway connection using multiple vlans. Vlan parameter is
- passed into L2GW create.
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [self.VLAN_1, self.VLAN_2]}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"]}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- self.assertEqual(l2gwc_param["l2_gateway_id"],
- l2gwc_rsp[constants.L2GWC]["l2_gateway_id"],
- "l2gw id is not same as expected in "
- "create l2gw connection response")
- self.assertEqual(l2gwc_param["network_id"],
- l2gwc_rsp[constants.L2GWC]["network_id"],
- "network id is not same as expected in "
- "create l2gw connection response")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("de70d6a2-d454-4a09-b06b-8f39be67b635")
- def test_l2_gateway_connection_with_seg_id_create(self):
- """
- Create l2 gateway connection using one vlan. Vlan parameter is
- passed into L2GW connection create.
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"],
- "segmentation_id": self.VLAN_1}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- self.assertEqual(l2gwc_param["l2_gateway_id"],
- l2gwc_rsp[constants.L2GWC]["l2_gateway_id"],
- "l2gw id is not same as expected in "
- "create l2gw connection response")
- self.assertEqual(l2gwc_param["network_id"],
- l2gwc_rsp[constants.L2GWC]["network_id"],
- "network id is not same as expected in "
- "create l2gw connection response")
- self.assertEqual(l2gwc_param["segmentation_id"],
- l2gwc_rsp[constants.L2GWC]["segmentation_id"],
- "segmentation id is not same as expected in "
- "create l2gw connection response")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("819d9b50-9159-48d0-be2a-493ec686534c")
- def test_l2_gateway_connection_show(self):
- """
- Create l2 gateway connection using one vlan and tes l2 gateway
- connection show api
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"],
- "segmentation_id": self.VLAN_1}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- l2gwc_id = l2gwc_rsp[constants.L2GWC]["id"]
- show_rsp = self.l2gwc_client.show_l2_gateway_connection(l2gwc_id)
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_200,
- show_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_200})
- self.assertEqual(l2gwc_param["l2_gateway_id"],
- show_rsp[constants.L2GWC]["l2_gateway_id"],
- "l2gw id is not same as expected in "
- "show l2gw connection response")
- self.assertEqual(l2gwc_param["network_id"],
- show_rsp[constants.L2GWC]["network_id"],
- "network id is not same as expected in "
- "show l2gw connection response")
- show_rsp_seg_id = str(show_rsp[constants.L2GWC][
- "segmentation_id"])
- self.assertEqual(l2gwc_param["segmentation_id"],
- show_rsp_seg_id,
- "segmentation id is not same as expected in "
- "show l2gw connection response")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("4188f8e7-cd65-427e-92b8-2a9e0492ab21")
- def test_l2_gateway_connection_list(self):
- """
- Create l2 gateway connection using one vlan and test l2 gateway
- connection list api.
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- # Create 2 l2 gateways.
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- # Create 2 l2 gateway connections.
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"],
- "segmentation_id": self.VLAN_1}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- list_rsp = self.l2gwc_client.list_l2_gateway_connections()
- LOG.info("l2gw connection list response: %s", list_rsp)
- # Assert in case of failure.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_200,
- list_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_200})
- self.assertEqual(l2gwc_rsp["l2_gateway_connection"]["id"],
- list_rsp["l2_gateway_connections"][0]["id"],
- "l2gw connection list does not show proper id")
- self.assertEqual(l2gwc_rsp["l2_gateway_connection"]["l2_gateway_id"],
- list_rsp["l2_gateway_connections"][0][
- "l2_gateway_id"],
- "l2gw connection list does not show proper "
- "l2_gateway_id")
- self.assertEqual(l2gwc_rsp["l2_gateway_connection"]["network_id"],
- list_rsp["l2_gateway_connections"][0]["network_id"],
- "l2gw connection list does not show proper "
- "network_id")
- self.assertEqual(l2gwc_rsp["l2_gateway_connection"]["tenant_id"],
- list_rsp["l2_gateway_connections"][0]["tenant_id"],
- "l2gw connection list does not show proper tenant_id")
- self.assertEqual(l2gwc_rsp["l2_gateway_connection"]["segmentation_id"],
- str(list_rsp["l2_gateway_connections"][0][
- "segmentation_id"]),
- "l2gw connection list does not show proper "
- "segmentation_id")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("4d71111f-3d2b-4557-97c7-2e149a6f41fb")
- def test_l2_gateway_connection_recreate(self):
- """
- Recreate l2 gateway connection.
- - Create l2GW.
- - Create l2gw connection.
- - delete l2gw connection.
- - Recreate l2gw connection
- - verify with l2gw connection list API.
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- self.deploy_l2gateway_topology()
- # List all the L2GW connection.
- list_rsp = self.l2gwc_client.list_l2_gateway_connections()
- LOG.info("l2gw connection list response: %s", list_rsp)
- # Assert in case of failure.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_200,
- list_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_200})
- list_rsp = list_rsp["l2_gateway_connections"]
- l2gwc_ids = [item.get("id") for item in list_rsp if "id"
- in item]
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"],
- "segmentation_id": self.VLAN_1}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- l2gwc_id = l2gwc_rsp[constants.L2GWC]["id"]
- # Delete l2gw.
- rsp = self.delete_l2gw_connection(l2gwc_id)
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_204,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_204})
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- # List all the L2GW connection.
- list_rsp = self.l2gwc_client.list_l2_gateway_connections()
- LOG.info("l2gw connection list response: %s", list_rsp)
- # Assert in case of failure.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_200,
- list_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_200})
- list_rsp = list_rsp["l2_gateway_connections"]
- l2gwc_ids = l2gwc_ids + [item.get("id") for item in list_rsp if
- "id" in item]
- self.assertNotIn(l2gwc_id, l2gwc_ids, "l2gwc list api shows hanging "
- "l2gwc id")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("671cacb5-134e-467d-ba41-0d7cdbcf3903")
- def test_l2_gateway_connection_delete(self):
- """
- Delete l2gw will create l2gw and delete recently created l2gw. To
- delete l2gw we need l2gw id.
- """
- LOG.info("Testing l2_gateway_connection_delete api")
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"],
- "segmentation_id": self.VLAN_1}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- l2gwc_id = l2gwc_rsp[constants.L2GWC]["id"]
- # Delete l2gw.
- rsp = self.delete_l2gw_connection(l2gwc_id)
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_204,
- rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_204})
-
-
-class L2GatewayConnectionNegative(L2GatewayBase):
- """
- Negative L2GW tests.
- """
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("e86bd8e9-b32b-425d-86fa-cd866138d028")
- def test_active_l2_gateway_delete(self):
- """
- Delete l2 gateway with active mapping.
- """
- LOG.info("Testing test_l2_gateway_create api")
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"],
- "segmentation_id": self.VLAN_1}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- l2gw_id = l2gw_rsp[constants.L2GW]["id"]
- # Delete l2gw must raise Conflict exception.
- self.assertRaises(lib_exc.Conflict, self.delete_l2gw, l2gw_id)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("488faaae-180a-4c48-8b7a-44c3a243369f")
- def test_recreate_l2_gateway_connection(self):
- """
- Recreate l2 gateway connection using same parameters.
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [self.VLAN_1]}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"]}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- self.assertRaises(lib_exc.Conflict, self.create_l2gw_connection,
- l2gwc_param)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("14606e74-4f65-402e-ae50-a0adcd877a83")
- def test_create_l2gwc_with_nonexist_l2gw(self):
- """
- Create l2 gateway connection using non exist l2gw uuid.
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- self.deploy_l2gateway_topology()
- non_exist_l2gw_uuid = NON_EXIST_UUID
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": non_exist_l2gw_uuid,
- "network_id":
- self.topology_networks["network_l2gateway"]["id"],
- "segmentation_id": self.VLAN_1}
- # Delete l2gw must raise Conflict exception.
- self.assertRaises(lib_exc.NotFound, self.create_l2gw_connection,
- l2gwc_param)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("e6cb8973-fcbc-443e-a3cb-c6a82ae58b63")
- def test_create_l2gwc_with_nonexist_network(self):
- """
- Create l2 gateway connection using non exist l2gw uuid.
- """
- LOG.info("Testing test_l2_gateway_connection_create api")
- non_exist_network_uuid = NON_EXIST_UUID
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id": non_exist_network_uuid,
- "segmentation_id": self.VLAN_1}
- # Delete l2gw must raise Conflict exception.
- self.assertRaises(lib_exc.NotFound, self.create_l2gw_connection,
- l2gwc_param)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("27c7c64f-511f-421e-8b62-dfed143fc00b")
- def test_create_l2gw_with_invalid_seg_id(self):
- """
- Create l2 gateway connection using invalid seg id.
- """
- LOG.info("Testing l2_gateway_create api with segmentation ID")
- invalid_seg_id = 20000
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [invalid_seg_id]}
- l2gw_param = [device_1]
- self.assertRaises(lib_exc.BadRequest, self.create_l2gw, l2gw_name,
- l2gw_param)
-
- @decorators.skip_because(bug="1640033")
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("000cc597-bcea-4539-af07-bd70357e8d82")
- def test_create_l2gw_with_non_int_seg_id(self):
- """
- Create l2 gateway connection using invalid seg id.
- """
- LOG.info("Testing l2_gateway_create api with segmentation ID")
- invalid_seg_id = 2.45
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [invalid_seg_id]}
- l2gw_param = [device_1]
- self.assertRaises(lib_exc.BadRequest, self.create_l2gw, l2gw_name,
- l2gw_param)
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_native_dhcp.py b/vmware_nsx_tempest/tests/nsxv3/api/test_native_dhcp.py
deleted file mode 100644
index 41e6ba3539..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_native_dhcp.py
+++ /dev/null
@@ -1,162 +0,0 @@
-# Copyright 2016 VMware Inc.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-
-
-class NSXv3NativeDHCPTest(base.BaseNetworkTest):
- """NSXv3 Native DHCP test
-
- - Create DHCP enabled subnet
- - Create two overlapping DHCP enabled subnets
- - Create DHCP enabled subnet with allocation pool
- - Create DHCP enabled subnet with DNS nameservers
- - Create DHCP enabled subnet host route
- - Create DHCP enabled subnet with gateway IP
- - Default in plugin configuration
- """
-
- @classmethod
- def skip_checks(cls):
- super(NSXv3NativeDHCPTest, cls).skip_checks()
- if not (CONF.nsxv3.nsx_manager and CONF.nsxv3.nsx_user and
- CONF.nsxv3.nsx_password):
- raise cls.skipException("Either NSX manager, user, or password "
- "is missing")
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3NativeDHCPTest, cls).resource_setup()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
- cls._subnet_data = {'gateway': '192.168.100.1',
- 'cidr': '192.168.100.0/24',
- 'ip_version': '4',
- 'allocation_pools': [{'start': '192.168.100.100',
- 'end': '192.168.100.200'}],
- 'dns_nameservers': ['8.8.4.4', '8.8.8.8'],
- 'host_routes': [{'destination': '192.168.100.0/32',
- 'nexthop': '192.168.100.1'}],
- 'new_host_routes': [{'destination':
- '192.168.100.0/32',
- 'nexthop':
- '192.168.200.2'}],
- 'new_dns_nameservers': ['7.8.8.8', '7.8.4.4']}
-
- def _test_create_subnet_with_kwargs(self, **kwargs):
- name = data_utils.rand_name("network-")
- network = self.create_network(network_name=name)
- net_id = network['id']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.networks_client.delete_network, net_id)
- subnet = self.subnets_client.create_subnet(
- network_id=net_id, ip_version=self._subnet_data['ip_version'],
- cidr=self._subnet_data['cidr'], **kwargs)
- self.assertEqual('ACTIVE', network['status'])
- nsx_dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- dhcp_server = nsx_dhcp_server['ipv4_dhcp_server']
- if 'gateway' in kwargs:
- self.assertEqual(dhcp_server['gateway_ip'],
- self._subnet_data['gateway'])
- # allocation_pools doesn't translate into backend
- # we just need to check subnet data
- if 'allocation_pools' in kwargs:
- self.assertEqual(subnet['subnet']['allocation_pools'],
- self._subnet_data['allocation_pools'])
- if 'dns_nameservers' in kwargs:
- self.assertEqual(subnet['subnet']['dns_nameservers'],
- self._subnet_data['dns_nameservers'])
- if 'host_routes' in kwargs:
- host_routes = dhcp_server['options']['option121']['static_routes']
- route = {'next_hop':
- self._subnet_data['host_routes'][0]['nexthop'],
- 'network':
- self._subnet_data['host_routes'][0]['destination']}
- self.assertIn(route, host_routes)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('698f5503-a17a-43c2-b83b-353d3e28588b')
- def test_create_dhcp_enabled_subnet(self):
- name = data_utils.rand_name("network-")
- network = self.create_network(network_name=name)
- net_id = network['id']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.networks_client.delete_network, net_id)
- self.create_subnet(network)
- self.assertEqual('ACTIVE', network['status'])
- nsx_network = self.nsx.get_logical_switch(network['name'],
- network['id'])
- self.assertIsNotNone(nsx_network)
- dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- self.assertIsNotNone(dhcp_server)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('cc970d9b-786a-49c3-8bfb-2f8bc5580ead')
- def test_overlapping_dhcp_enabled_subnet(self):
- """Create two overlapping subnets"""
- for i in range(2):
- name = data_utils.rand_name("network-")
- network = self.create_network(network_name=name)
- net_id = network['id']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.networks_client.delete_network, net_id)
- subnet = self.subnets_client.create_subnet(
- network_id=net_id,
- cidr=self._subnet_data['cidr'],
- ip_version=self._subnet_data['ip_version'])
- self.assertEqual(self._subnet_data['cidr'],
- subnet['subnet']['cidr'])
- nsx_dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- dhcp_server = nsx_dhcp_server['ipv4_dhcp_server']
- self.assertIsNotNone(dhcp_server)
- self.assertEqual(dhcp_server['dhcp_server_ip'], "192.168.100.2/24")
- self.assertEqual(dhcp_server['gateway_ip'],
- self._subnet_data['gateway'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('acee6ccb-92bb-48d8-ae6b-b10783b3791a')
- def test_create_subnet_with_allocation_pool(self):
- self._test_create_subnet_with_kwargs(
- allocation_pools=self._subnet_data['allocation_pools'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('1b7d38c1-0674-43a7-8df1-0b9da531ad77')
- def test_create_subnet_with_dns_nameservers(self):
- self._test_create_subnet_with_kwargs(
- dns_nameservers=self._subnet_data['dns_nameservers'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('3159111b-e332-4a41-a713-164a0ccfc2ad')
- def test_create_subnet_with_host_routes(self):
- self._test_create_subnet_with_kwargs(
- host_routes=self._subnet_data['host_routes'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('addb0f46-3fa7-421b-aae7-820e798c096e')
- def test_create_subnet_with_gateway_ip(self):
- self._test_create_subnet_with_kwargs(
- gateway_ip=self._subnet_data['gateway'])
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_native_dhcp_negative.py b/vmware_nsx_tempest/tests/nsxv3/api/test_native_dhcp_negative.py
deleted file mode 100644
index ac912002f8..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_native_dhcp_negative.py
+++ /dev/null
@@ -1,106 +0,0 @@
-# Copyright 2016 VMware Inc.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-
-
-class NSXv3NativeDHCPNegative(base.BaseNetworkTest):
- """NSXv3 Native DHCP negative test
-
- - Create network without subnet
- - Create network with DHCP disabled subnet
- - Create DHCP enabled subnet and update to disable DHCP
- """
-
- @classmethod
- def skip_checks(cls):
- super(NSXv3NativeDHCPNegative, cls).skip_checks()
- if not (CONF.nsxv3.nsx_manager and CONF.nsxv3.nsx_user and
- CONF.nsxv3.nsx_password):
- raise cls.skipException("Either NSX manager, user, or password "
- "is missing")
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3NativeDHCPNegative, cls).resource_setup()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- @decorators.attr(type='nsxv3')
- @decorators.attr(type=['negative'])
- @decorators.idempotent_id('d1fb24b9-6ee8-4fb3-b6fe-169fed3cfa7e')
- def test_create_network_without_subnet(self):
- name = data_utils.rand_name('network-')
- network = self.create_network(network_name=name)
- net_id = network['id']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.networks_client.delete_network, net_id)
- self.assertTrue('ACTIVE', network['status'])
- nsx_switch = self.nsx.get_logical_switch(network['name'],
- network['id'])
- dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- self.assertIsNotNone(nsx_switch)
- self.assertIsNone(dhcp_server)
-
- @decorators.attr(type='nsxv3')
- @decorators.attr(type=['negative'])
- @decorators.idempotent_id('caab60b9-b78c-4127-983f-cfb515b555fe')
- def test_create_dhcp_disabled_subnet(self):
- name = data_utils.rand_name('network-')
- network = self.create_network(network_name=name)
- net_id = network['id']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.networks_client.delete_network, net_id)
- self.create_subnet(network, enable_dhcp=False)
- self.assertTrue('ACTIVE', network['status'])
- nsx_switch = self.nsx.get_logical_switch(network['name'],
- network['id'])
- dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- self.assertIsNotNone(nsx_switch)
- self.assertIsNone(dhcp_server)
-
- @decorators.attr(type='nsxv3')
- @decorators.attr(type=['negative'])
- @decorators.idempotent_id('bcfd9e1c-456f-43cc-a22a-baceb2188b53')
- def test_update_dhcp_disabled_subnet(self):
- name = data_utils.rand_name('network-')
- network = self.create_network(network_name=name)
- net_id = network['id']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.networks_client.delete_network, net_id)
- subnet = self.create_subnet(network)
- self.assertTrue('ACTIVE', network['status'])
- nsx_switch = self.nsx.get_logical_switch(network['name'],
- network['id'])
- dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- self.assertIsNotNone(nsx_switch)
- self.assertIsNotNone(dhcp_server)
- # Update subnet to disable DHCP
- self.subnets_client.update_subnet(subnet['id'], enable_dhcp=False)
- dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- self.assertIsNone(dhcp_server)
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_floating_ip.py b/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_floating_ip.py
deleted file mode 100644
index 7a2c0b0530..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_floating_ip.py
+++ /dev/null
@@ -1,159 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class NSXv3FloatingIPTest(base.BaseNetworkTest):
-
- @classmethod
- def skip_checks(cls):
- super(NSXv3FloatingIPTest, cls).skip_checks()
- if not test.is_extension_enabled('router', 'network'):
- msg = "router extension not enabled."
- raise cls.skipException(msg)
- if not CONF.network.public_network_id:
- msg = "Public network id not found."
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3FloatingIPTest, cls).resource_setup()
- cls.ext_net_id = CONF.network.public_network_id
- # Create the topology to test floating IP
- cls.network = cls.create_network()
- cls.subnet = cls.create_subnet(cls.network)
- cls.router = cls.create_router(data_utils.rand_name('router-'),
- external_network_id=cls.ext_net_id)
- cls.create_router_interface(cls.router['id'], cls.subnet['id'])
- for i in range(2):
- cls.create_port(cls.network)
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('593e4e51-9ea2-445b-b789-eff2b0b7a503')
- def test_create_floating_ip(self):
- # Create a floating ip
- create_body = self.floating_ips_client.create_floatingip(
- floating_network_id=self.ext_net_id,
- port_id=self.ports[0]['id'])
- fip = create_body['floatingip']
- port_ip = self.ports[0]['fixed_ips'][0]['ip_address']
- LOG.debug("Port IP address: %s", port_ip)
- self.addCleanup(self.floating_ips_client.delete_floatingip,
- fip['id'])
- nsx_router = self.nsx.get_logical_router(self.router['name'],
- self.router['id'])
- LOG.debug("NSX router on backend: %s", nsx_router)
- nat_rules = self.nsx.get_logical_router_nat_rules(nsx_router)
- LOG.debug("NAT rules on NSX router %(router)s: %(rules)s",
- {'router': nsx_router, 'rules': nat_rules})
- dnat_rules = [(rule['translated_network'],
- rule['match_destination_network']) for rule in nat_rules
- if 'match_destination_network' in rule]
- snat_rules = [(rule['translated_network'],
- rule['match_source_network']) for rule in nat_rules
- if 'match_source_network' in rule]
- LOG.debug("snat_rules: %(snat)s; dnat_rules: %(dnat)s",
- {'snat': snat_rules, 'dnat': dnat_rules})
- self.assertIsNotNone(fip['id'])
- self.assertEqual(fip['fixed_ip_address'], port_ip)
- self.assertIn((fip['floating_ip_address'], port_ip), snat_rules)
- self.assertIn((port_ip, fip['floating_ip_address']), dnat_rules)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('48d8cda8-dfc3-4d84-8f91-4bad6cc7d452')
- def test_update_floating_ip(self):
- # Create a floating ip
- create_body = self.floating_ips_client.create_floatingip(
- floating_network_id=self.ext_net_id,
- port_id=self.ports[0]['id'])
- fip = create_body['floatingip']
- port1_ip = self.ports[0]['fixed_ips'][0]['ip_address']
- port2_ip = self.ports[1]['fixed_ips'][0]['ip_address']
- LOG.debug("Port1 IP address: %(port1)s, port2 IP address %(port2)s",
- {'port1': port1_ip, 'port2': port2_ip})
- self.addCleanup(self.floating_ips_client.delete_floatingip,
- fip['id'])
- nsx_router = self.nsx.get_logical_router(self.router['name'],
- self.router['id'])
- self.assertEqual(fip['fixed_ip_address'], port1_ip)
- self.assertEqual(fip['router_id'], self.router['id'])
- # Update the floating ip
- update_body = self.floating_ips_client.update_floatingip(
- fip['id'], port_id=self.ports[1]['id'])
- updated_fip = update_body['floatingip']
- nat_rules = self.nsx.get_logical_router_nat_rules(nsx_router)
- LOG.debug("NAT rules on NSX router %(router)s: %(rules)s",
- {'router': nsx_router, 'rules': nat_rules})
- dnat_rules = [(rule['translated_network'],
- rule['match_destination_network']) for rule in nat_rules
- if 'match_destination_network' in rule]
- snat_rules = [(rule['translated_network'],
- rule['match_source_network']) for rule in nat_rules
- if 'match_source_network' in rule]
- LOG.debug("snat_rules: %(snat)s; dnat_rules: %(dnat)s",
- {'snat': snat_rules, 'dnat': dnat_rules})
- self.assertEqual(updated_fip['fixed_ip_address'], port2_ip)
- self.assertEqual(updated_fip['floating_ip_address'],
- fip['floating_ip_address'])
- self.assertIn((updated_fip['floating_ip_address'], port2_ip),
- snat_rules)
- self.assertIn((port2_ip, updated_fip['floating_ip_address']),
- dnat_rules)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('6e5a87fe-b40e-4c62-94b8-07431493cc3d')
- def test_delete_floating_ip(self):
- # Create a floating ip
- create_body = self.floating_ips_client.create_floatingip(
- floating_network_id=self.ext_net_id,
- port_id=self.ports[0]['id'])
- fip = create_body['floatingip']
- port_ip = self.ports[0]['fixed_ips'][0]['ip_address']
- LOG.debug("Port IP address: %s", port_ip)
- nsx_router = self.nsx.get_logical_router(self.router['name'],
- self.router['id'])
- LOG.debug("NSX router on backend: %s", nsx_router)
- self.assertIsNotNone(fip['id'])
- # Delete the floating ip and backend nat rules
- self.floating_ips_client.delete_floatingip(fip['id'])
- nat_rules = self.nsx.get_logical_router_nat_rules(nsx_router)
- LOG.debug("NAT rules on NSX router %(router)s: %(rules)s",
- {'router': nsx_router, 'rules': nat_rules})
- dnat_rules = [(rule['translated_network'],
- rule['match_destination_network']) for rule in nat_rules
- if 'match_destination_network' in rule]
- snat_rules = [(rule['translated_network'],
- rule['match_source_network']) for rule in nat_rules
- if 'match_source_network' in rule]
- LOG.debug("snat_rules: %(snat)s; dnat_rules: %(dnat)s",
- {'snat': snat_rules, 'dnat': dnat_rules})
- self.assertNotIn((fip['floating_ip_address'], port_ip), snat_rules)
- self.assertNotIn((port_ip, fip['floating_ip_address']), dnat_rules)
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_mac_learning.py b/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_mac_learning.py
deleted file mode 100644
index 95233dc24a..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_mac_learning.py
+++ /dev/null
@@ -1,335 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.api.network import base
-from tempest.common import custom_matchers
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions as ex
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-
-
-class NSXv3MacLearningTest(base.BaseNetworkTest):
- """Test MAC Learning operations in the Neutron API.
-
- Create port with options required for enabling MAC Learning.
- List ports including created port with MAC Learning enabled.
- Show port details with options required for enabling MAC Learning.
- Update port with options required for enabling MAC Learning.
- Delete port.
-
- CRUD operation tests
- Workflow 1
- Workflow 2
- Workflow 3
-
- After the neutron API call, we also need to make sure the
- corresponding resource has been handled in the NSX backend.
-
- """
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3MacLearningTest, cls).resource_setup()
- cls.network = cls.create_network()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- def _get_nsx_mac_learning_enabled(self, port):
- mac_learn_set_bool = False
- # Get nsxv3 port(expects 'name' set)
- nsx_port = self.nsx.get_logical_port(port['name'])
- # Get list of logical port's switch profiles
- port_swtch_profs = nsx_port['switching_profile_ids']
- # Convert switch profiles list to dict, key:UUID
- port_sw_prof_dict = self._conv_switch_prof_to_dict(port_swtch_profs)
- # Get MAC learning switch profile ID
- mac_sw_prof_id = port_sw_prof_dict[constants.MAC_SW_PROFILE]
- # Get MAC learning switch profile json
- mac_sw_profile_json = self.nsx.get_switching_profile(mac_sw_prof_id)
- # Get mac-learning state for port
- if ('mac_learning' in mac_sw_profile_json):
- nsxport_mac_learning = mac_sw_profile_json[
- 'mac_learning']['enabled']
- if nsxport_mac_learning:
- mac_learn_set_bool = True
- return mac_learn_set_bool
-
- def _create_mac_learn_enabled_port(self, network):
- # Create Port with required port security/sec groups config
- test_port_name = data_utils.rand_name('port-')
- port = self.create_port(network, name=test_port_name,
- mac_learning_enabled=True,
- port_security_enabled=False,
- security_groups=[])
- return port
-
- def _update_port_enable_mac_learning(self, port):
- updated_port = self.update_port(port,
- mac_learning_enabled=True,
- port_security_enabled=False,
- security_groups=[])
- return updated_port
-
- def _update_port_disable_mac_learning(self, port, sec_groups=None):
- if sec_groups is None:
- sec_groups = []
- updated_sec_grp = port['security_groups'] + sec_groups
- updated_port = self.update_port(port,
- mac_learning_enabled=False,
- port_security_enabled=True,
- security_groups=updated_sec_grp)
- return updated_port
-
- def _delete_port(self, port):
- port_id = port['id']
- self.ports_client.delete_port(port_id)
- body = self.ports_client.list_ports()
- ports_list = body['ports']
- if len(ports_list) > 0:
- self.assertFalse(port_id in [n['id'] for n in ports_list],
- "Deleted port still present in ports list")
-
- def _conv_switch_prof_to_dict(self, switch_profiles):
- switch_prof_dict = {}
- for i in range(len(switch_profiles)):
- switch_prof_dict.update(
- {switch_profiles[i]['key']: switch_profiles[i]['value']})
- return switch_prof_dict
-
- def _check_mac_learning(self, port, mac_learn_state=True):
- # Enabling MAC Learning requires port security=False and no sec grps
- nsxport_mac_learning = self._get_nsx_mac_learning_enabled(port)
- if mac_learn_state:
- self.assertEmpty(port['security_groups'],
- "Sec grp for mac learn port is not empty")
- self.assertFalse(port['port_security_enabled'],
- "Port security is enabled")
- self.assertTrue(port['mac_learning_enabled'],
- "Mac Learning is not enabled")
- self.assertEqual(nsxport_mac_learning,
- port['mac_learning_enabled'],
- "OS and NSX mac learn states don't match")
- else:
- self.assertTrue(port['port_security_enabled'],
- "Port security is disabled")
- if 'mac_learning_enabled' in port.keys():
- self.assertFalse(port['mac_learning_enabled'],
- "Mac Learning is enabled")
- self.assertEqual(nsxport_mac_learning,
- port['mac_learning_enabled'],
- "OS and NSX mac learn states don't match")
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('d4c533d4-194e-4d72-931d-a120cd3dd3b2')
- def test_create_mac_learning_port(self):
- """
- Test creation of MAC Learning enabled port
- """
- port = self._create_mac_learn_enabled_port(self.network)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, port)
- self._check_mac_learning(port, mac_learn_state=True)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('d5067c7e-127b-4676-8b33-c421dcc8d6ae')
- def test_list_mac_learning_port(self):
- """
- Create port with MAC learning enabled. Create vanilla port.
- Verify that the created ports are included in list_ports().
- """
- mac_lrn_port = self._create_mac_learn_enabled_port(self.network)
- vanilla_name = data_utils.rand_name('vanilla_port-')
- vanilla_port = self.create_port(self.network, name=vanilla_name)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, mac_lrn_port)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, vanilla_port)
- self._check_mac_learning(mac_lrn_port, mac_learn_state=True)
- self._check_mac_learning(vanilla_port, mac_learn_state=False)
- body = self.ports_client.list_ports()
- nill_nsx = self.nsx.get_logical_port(vanilla_port['name'])
- ml_port_nsx = self.nsx.get_logical_port(mac_lrn_port['name'])
- test_ports_in_body = []
- # Verify the each port exists in the list of all ports
- for tport in body['ports']:
- if(nill_nsx['display_name'] == tport['name']):
- test_ports_in_body.append(nill_nsx['display_name'])
- if(ml_port_nsx['display_name'] == tport['name']):
- test_ports_in_body.append(ml_port_nsx['display_name'])
- self.assertEqual(len(test_ports_in_body), 2,
- 'List ports does not match num of created ports')
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('d2eaadb2-52e3-42c1-8225-7380cd70a82c')
- def test_show_mac_learning_port(self):
- """
- Create port with MAC learning enabled with OS. Test port show api
- on the MAC enabled port.
- """
- port = self._create_mac_learn_enabled_port(self.network)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, port)
- nsx_port = self.nsx.get_logical_port(port['name'])
- nsxport_mac_learning = self._get_nsx_mac_learning_enabled(port)
- body = self.ports_client.show_port(port['id'])
- show_port_result = body['port']
- # Check the port ID exists and the MAC learning state and name match
- self.assertIn('id', show_port_result, "Port doesn't have id set")
- self.assertEqual(nsxport_mac_learning,
- show_port_result['mac_learning_enabled'],
- "OS and NSX Mac learning states do not match")
- self.assertEqual(nsx_port['display_name'], show_port_result['name'],
- "OS and NSX port names do not match")
- # from upstream tempest test_show_port()
- self.assertThat(port,
- custom_matchers.MatchesDictExceptForKeys
- (show_port_result, excluded_keys=['extra_dhcp_opts',
- 'created_at',
- 'updated_at']))
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('4d5844bb-88d4-4cdc-b545-6cd9160ae351')
- def test_update_mac_learning_port(self):
- """
- Create a MAC learning-enabled port on network. Update the port's
- name. Check name and MAC learning configuration.
- """
- test_port = self._create_mac_learn_enabled_port(self.network)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, test_port)
- update_port_name = data_utils.rand_name('updated_port-')
- updated_os_port = self.update_port(test_port,
- name=update_port_name)
- updated_nsx_port = self.nsx.get_logical_port(updated_os_port['name'])
- # Assert if NSXT and OS names do not match
- self.assertEqual(updated_nsx_port['display_name'],
- updated_os_port['name'],
- "Updated names do not match")
- # Check MAC Learn state between NSXT and OS match.
- nsxport_mac_learning_state = self._get_nsx_mac_learning_enabled(
- updated_os_port)
- self.assertEqual(nsxport_mac_learning_state,
- updated_os_port['mac_learning_enabled'],
- "MAC learning states do not match for %s"
- % updated_nsx_port['display_name'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('e2295017-b3c4-4cdd-b8e2-daa51aaf7590')
- def test_delete_mac_learning_port(self):
- """
- Create MAC learning-enabled port on network. Verify port on
- NSX and OS. Delete port.
- """
- test_port = self._create_mac_learn_enabled_port(self.network)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, test_port)
- nsx_port = self.nsx.get_logical_port(test_port['name'])
- # Check created port name matches name on NSXT and NSXT id exists
- self.assertIsNotNone(nsx_port['id'],
- "Port %s is None" % test_port['name'])
- self.assertEqual(nsx_port['display_name'], test_port['name'],
- "OS port and NSX port name do not match")
- self._delete_port(test_port)
- self.assertIsNone(self.nsx.get_logical_port(test_port['name']),
- "Port %s is not None" % test_port['name'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('5105d8b5-5136-4789-9991-7e419d980169')
- def test_create_enable_mac_learning_port_delete(self):
- """
- CRUD Workflow 1
-
- Create vanilla network port
- Update port with options required and enable MAC Learning
- Delete port
- """
- test_port_name = data_utils.rand_name('port-')
- test_port = self.create_port(self.network, name=test_port_name)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, test_port)
- self._check_mac_learning(test_port, mac_learn_state=False)
- updated_os_port = self._update_port_enable_mac_learning(test_port)
- self._check_mac_learning(updated_os_port, mac_learn_state=True)
- self._delete_port(updated_os_port)
- self.assertIsNone(self.nsx.get_logical_port(updated_os_port['name']),
- "Port %s is not None" % updated_os_port['name'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('b7ecc93d-6c9b-4958-9a08-bc85d2946c03')
- def test_create_toggle_mac_learning_port_delete(self):
- """
- CRUD Workflow 2
-
- Create port with MAC Learning enabled
- Update port, disabling MAC Learning
- Update port, re-enabling MAC Learning
- Delete port
- """
- test_port = self._create_mac_learn_enabled_port(self.network)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, test_port)
- self._check_mac_learning(test_port, mac_learn_state=True)
- ml_off_port = self._update_port_disable_mac_learning(test_port)
- self._check_mac_learning(ml_off_port, mac_learn_state=False)
- ml_on_port = self._update_port_enable_mac_learning(ml_off_port)
- self._check_mac_learning(ml_on_port, mac_learn_state=True)
- self._delete_port(ml_on_port)
- self.assertIsNone(self.nsx.get_logical_port(ml_on_port['name']),
- "Port %s is not None" % ml_on_port['name'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('262e844f-a033-4fcd-b5d0-4641d9efeccd')
- def test_create_update_delete_mac_learning_port(self):
- """
- CRUD Workflow 3
-
- Create port with MAC Learning enabled
- Update port(non-MAC Learning settings)
- Delete port
- """
- test_port = self._create_mac_learn_enabled_port(self.network)
- new_port_name = data_utils.rand_name('updated_port-')
- updated_port = self.update_port(test_port,
- name=new_port_name)
- updated_nsx_port = self.nsx.get_logical_port(updated_port['name'])
- self.assertEqual(updated_nsx_port['display_name'],
- updated_port['name'],
- "Updated port names do not match OS and NSX")
- self._delete_port(updated_port)
- self.assertIsNone(self.nsx.get_logical_port(updated_port['name']),
- "Logical port %s is not None" % updated_port['name'])
-
- @decorators.attr(type='nsxv3')
- @decorators.attr(type='negative')
- @decorators.idempotent_id('e3465ea8-50fc-4070-88de-f4bd5df8ab86')
- def test_create_mac_learning_port_enable_port_security_negative(self):
- """
- Negative test
-
- Create port with MAC Learning enabled
- Update port - enable port security(should fail)
- """
- test_port = self._create_mac_learn_enabled_port(self.network)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self._delete_port, test_port)
- port_opts = {}
- port_opts['port_security_enabled'] = True
- self.assertRaises(ex.BadRequest, self.update_port, test_port,
- **port_opts)
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_networks.py b/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_networks.py
deleted file mode 100644
index 468b0837ce..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_networks.py
+++ /dev/null
@@ -1,62 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-
-
-class NSXv3NetworksTest(base.BaseNetworkTest):
- """Tests the following operations in the Neutron API:
- - Create network
- - Update network
- - Delete network
- After the neutron API call, we also need to make sure the corresponding
- resource has been created/updated/deleted from NSX backend.
- """
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3NetworksTest, cls).resource_setup()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('63085723-23ae-4109-ac86-69f895097957')
- def test_create_update_delete_nsx_network(self):
- # Create a network
- name = data_utils.rand_name('network-')
- network = self.create_network(network_name=name)
- net_id = network['id']
- nsx_network = self.nsx.get_logical_switch(network['name'],
- network['id'])
- self.assertEqual('ACTIVE', network['status'])
- self.assertIsNotNone(nsx_network)
- # Verify network update
- new_name = "New_network"
- body = self.networks_client.update_network(net_id, name=new_name)
- updated_net = body['network']
- nsx_network = self.nsx.get_logical_switch(updated_net['name'],
- updated_net['id'])
- self.assertEqual(updated_net['name'], new_name)
- self.assertIsNotNone(nsx_network)
- # Verify delete network
- self.networks_client.delete_network(updated_net['id'])
- nsx_network = self.nsx.get_logical_switch(updated_net['name'],
- updated_net['id'])
- self.assertIsNone(nsx_network)
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_port_security.py b/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_port_security.py
deleted file mode 100644
index 0428607198..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_port_security.py
+++ /dev/null
@@ -1,276 +0,0 @@
-# Copyright 2017 VMware Inc
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import time
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions
-
-from tempest import test
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-
-
-class NSXv3PortSecurity(base.BaseAdminNetworkTest):
- """Test Port security of Port
-
- 1. Create/Update port with port security enable and disable.
- 2. Create/Update port security and check at beckend NSGroup.
- 3. Check non admin tenant shouldn't update port security of admin port.
- 4. Check non-admin tenant can't delete port security of admin port.
- """
-
- @classmethod
- def skip_checks(cls):
- super(NSXv3PortSecurity, cls).skip_checks()
- if not test.is_extension_enabled('port-security-enabled', 'network'):
- msg = "Extension port-security-enabled is not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def setup_clients(cls):
- super(NSXv3PortSecurity, cls).setup_clients()
- cls.cmgr_pri = cls.get_client_manager('primary')
- cls.cmgr_alt = cls.get_client_manager('alt')
- cls.cmgr_adm = cls.get_client_manager('admin')
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3PortSecurity, cls).resource_setup()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
- cls.network = cls.create_network()
-
- def get_tag_port_id(self, nsxgroup_data, org_port_id):
- """
- Method to get port of neutron corresponding to backend port-id
- """
- for ports in self.nsx.get_logical_ports():
- for port_id in nsxgroup_data['results']:
- if ports['display_name'] == port_id['target_display_name']:
- for tag in ports['tags']:
- if tag['scope'] == "os-neutron-port-id" and \
- tag['tag'] == org_port_id:
- corresponding_port_id = ports['display_name']
- return corresponding_port_id
-
- def check_port_not_exists_in_os_group(self, nsxgroup_data,
- corresponding_port_id):
- """
- Method to check neutron port not exists in neutron OSGroup
- """
- if nsxgroup_data['results'] != []:
- for port_id in nsxgroup_data['results']:
- if corresponding_port_id != port_id['target_display_name']:
- continue
- else:
- return False
- return True
- else:
- return False
-
- def check_port_exists_in_os_group(self, nsxgroup_data,
- corresponding_port_id):
- """
- Method to check neutron port exists in neutron OSGroup
- """
- for port_id in nsxgroup_data['results']:
- if corresponding_port_id == port_id['target_display_name']:
- return True
-
- def _create_network_topo(self, client):
- """
- Method to create network topology which includes network, subnet
- and port
- """
- net_client = client.networks_client
- body = {'name': 'port-security-network'}
- network = net_client.create_network(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- net_client.delete_network,
- network['network']['id'])
- body = {"network_id": network['network']['id'],
- "allocation_pools": [{"start": "2.0.0.2",
- "end": "2.0.0.254"}],
- "ip_version": 4, "cidr": "2.0.0.0/24"}
- subnet_client = client.subnets_client
- subnet = subnet_client.create_subnet(**body)
- body = {"network_id": network['network']['id'],
- "admin_state_up": "true",
- "port_security_enabled": "false", "security_groups": []}
- port_client = client.ports_client
- port = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port['port']['id'])
- network_topo = dict(network=network, subnet=subnet, port=port)
- return network_topo
-
- def _create_security_group_and_return_id(self, client):
- """
- Method to create security group and return id
- """
- security_client = client.security_groups_client
- create_body = security_client.create_security_group(name='sec-group')
- secgroup = create_body['security_group']
- # Sleep for 5 sec
- time.sleep(constants.NSX_BACKEND_VERY_SMALL_TIME_INTERVAL)
- secgroup_id = secgroup['id']
- return secgroup_id
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('50203701-1cda-4f31-806d-7a51514b9664')
- def test_create_port_with_security_enabled_check_in_neutron_database(self):
- secgroup_id = self._create_security_group_and_return_id(self.cmgr_adm)
- network_topo = self._create_network_topo(self.cmgr_adm)
- port_client = self.cmgr_adm.ports_client
- port_id = network_topo['port']['port']['id']
- port_detail = port_client.show_port(port_id)
- self.assertEqual(False, port_detail['port']["port_security_enabled"])
- body = {"port_security_enabled": "true",
- "security_groups": [secgroup_id]}
- port_client.update_port(port_id, **body)
- # Sleep for 10 sec
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- port_detail = port_client.show_port(port_id)
- self.assertEqual(True, port_detail['port']["port_security_enabled"])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('4b765fa2-345f-4d2c-928f-ad4b347936fd')
- def test_create_port_with_security_enabled_check_at_beckend(self):
- net_client = self.cmgr_adm.networks_client
- body = {'name': 'port-security-network'}
- network = net_client.create_network(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- net_client.delete_network,
- network['network']['id'])
- body = {"network_id": network['network']['id'],
- "allocation_pools": [{"start": "2.0.0.2",
- "end": "2.0.0.254"}],
- "ip_version": 4, "cidr": "2.0.0.0/24"}
- subnet_client = self.cmgr_adm.subnets_client
- subnet_client.create_subnet(**body)
- body = {"network_id": network['network']['id'],
- "admin_state_up": "true",
- "port_security_enabled": "false", "security_groups": []}
- port_client = self.cmgr_adm.ports_client
- port_id = port_client.create_port(**body)
- # Sleep for 10 sec
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- port_detail = port_client.show_port(port_id['port']['id'])
- self.assertEqual(False, port_detail['port']["port_security_enabled"])
- org_port_id = port_id['port']['id']
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- # Sleep for 10 sec
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- corresponding_port_id = self.get_tag_port_id(nsxgroup_data,
- org_port_id)
- status = self.check_port_exists_in_os_group(nsxgroup_data,
- corresponding_port_id)
- self.assertEqual(True, status)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('bcafeb10-fbf1-4c97-9e4f-50e56d32bdcf')
- def test_non_admin_cannot_update_admin_port_with_security(self):
- network_topo = self._create_network_topo(self.cmgr_adm)
- tenant_port_client = self.cmgr_alt.ports_client
- kwargs = {"port_security_enabled": "true"}
- self.assertRaises(exceptions.NotFound,
- tenant_port_client.update_port,
- network_topo['port']['port']['id'],
- **kwargs)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('cf4b8d28-13c4-4339-993f-66070708e914')
- def test_non_admin_cannot_delete_tenant_port_with_port_security(self):
- network_topo = self._create_network_topo(self.cmgr_pri)
- tenant_port_client = self.cmgr_alt.ports_client
- self.assertRaises(exceptions.NotFound,
- tenant_port_client.delete_port,
- network_topo['port']['port']['id'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('ee6213ac-dfcd-401b-bbc6-03afd26f203a')
- def test_tenant_port_security_at_beckend_after_enable_disable(self):
- secgroup_id = self._create_security_group_and_return_id(self.cmgr_alt)
- network_topo = self._create_network_topo(self.cmgr_alt)
- port_client = self.cmgr_alt.ports_client
- kwargs = {"port_security_enabled": "false", "security_groups": []}
- org_port_id = network_topo['port']['port']['id']
- port_client.update_port(org_port_id,
- **kwargs)
- # Sleep for 10 sec
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- corresponding_port_id = self.get_tag_port_id(nsxgroup_data,
- org_port_id)
- # Sleep for 10 sec
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- status = self.check_port_exists_in_os_group(nsxgroup_data,
- corresponding_port_id)
- self.assertEqual(True, status)
- kwargs = {"port_security_enabled": "true",
- "security_groups": [secgroup_id]}
- port_client.update_port(org_port_id,
- **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- status = self.check_port_not_exists_in_os_group(nsxgroup_data,
- corresponding_port_id)
- self.assertEqual(False, status)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('c6f4c2f2-3fc9-4983-a05a-bb3a3dc35ad8')
- def test_admin_port_security_at_beckend_after_enable_disable(self):
- secgroup_id = self._create_security_group_and_return_id(self.cmgr_adm)
- network_topo = self._create_network_topo(self.cmgr_adm)
- port_client = self.cmgr_adm.ports_client
- kwargs = {"port_security_enabled": "false",
- "security_groups": []}
- org_port_id = network_topo['port']['port']['id']
- port_client.update_port(org_port_id,
- **kwargs)
- # Sleep for 10 sec
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- corresponding_port_id = self.get_tag_port_id(nsxgroup_data,
- org_port_id)
- # Sleep for 10 sec
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- status = self.check_port_exists_in_os_group(nsxgroup_data,
- corresponding_port_id)
- self.assertEqual(True, status)
- kwargs = {"port_security_enabled": "true",
- "security_groups": [secgroup_id]}
- port_client.update_port(org_port_id, **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- status = self.check_port_not_exists_in_os_group(nsxgroup_data,
- corresponding_port_id)
- self.assertEqual(False, status)
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_routers.py b/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_routers.py
deleted file mode 100644
index 4f9b7c49ac..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_routers.py
+++ /dev/null
@@ -1,95 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-
-
-class NSXv3RoutersTest(base.BaseAdminNetworkTest):
- """Test L3 Router and realization on NSX backend
-
- When test L3 Router feature, we need to test both REST API
- call from neutron and realization state on backend. Two tests
- have been added in this class:
- - Test create and update router
- - Test delete router
-
- """
-
- @classmethod
- def skip_checks(cls):
- super(NSXv3RoutersTest, cls).skip_checks()
- if not test.is_extension_enabled('router', 'network'):
- msg = "router extension not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3RoutersTest, cls).resource_setup()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('0e9938bc-d2a3-4a9a-a4f9-7a93ee8bb344')
- def test_create_update_nsx_router(self):
- # Create a router
- router_name = data_utils.rand_name('router-')
- router = self.create_router(router_name, admin_state_up=True)
- self.addCleanup(self._delete_router, router['id'])
- nsx_router = self.nsx.get_logical_router(router['name'],
- router['id'])
- self.assertEqual(router['name'], router_name)
- self.assertEqual(router['admin_state_up'], True)
- self.assertIsNotNone(nsx_router)
- # Update the name of router and verify if it is updated on both
- # neutron and nsx backend
- updated_name = 'updated ' + router_name
- update_body = self.routers_client.update_router(router['id'],
- name=updated_name)
- updated_router = update_body['router']
- nsx_router = self.nsx.get_logical_router(updated_router['name'],
- updated_router['id'])
- self.assertEqual(updated_router['name'], updated_name)
- self.assertIsNotNone(nsx_router)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('6f49b69c-0800-4c83-b1f8-595ae5bfeea7')
- def test_delete_nsx_router(self):
- # Create a router
- router_name = data_utils.rand_name('router-')
- router = self.create_router(router_name, admin_state_up=True)
- nsx_router = self.nsx.get_logical_router(router['name'],
- router['id'])
- self.assertEqual(router['name'], router_name)
- self.assertIsNotNone(nsx_router)
- # Delete the router and verify it is deleted on nsx backend
- self.routers_client.delete_router(router['id'])
- nsx_router = self.nsx.get_logical_router(router['name'],
- router['id'])
- self.assertIsNone(nsx_router)
-
- def _delete_router(self, router_id):
- # Delete the router in case the test exits with any exception
- list_body = self.routers_client.list_routers()
- for router in list_body.get('router', []):
- if router['id'] == router_id:
- self.routers_client.delete_router(router_id)
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_security_groups.py b/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_security_groups.py
deleted file mode 100644
index 9fcf04f3c6..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_nsx_security_groups.py
+++ /dev/null
@@ -1,237 +0,0 @@
-# Copyright 2013 OpenStack Foundation
-# Copyright 2016 VMware Inc.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import time
-
-from oslo_log import log as logging
-import six
-from tempest.api.network import base_security_groups as base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import nsxv3_client
-
-LOG = logging.getLogger(__name__)
-
-CONF = config.CONF
-
-
-class NSXv3SecGroupTest(base.BaseSecGroupTest):
- _project_network_cidr = CONF.network.project_network_cidr
-
- @classmethod
- def skip_checks(cls):
- super(NSXv3SecGroupTest, cls).skip_checks()
- if not test.is_extension_enabled('security-group', 'network'):
- msg = "security-group extension not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3SecGroupTest, cls).resource_setup()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- def _create_verify_security_group_rule(self, sg_id, direction,
- ethertype, protocol,
- port_range_min,
- port_range_max,
- remote_group_id=None,
- remote_ip_prefix=None):
- # Create Security Group rule with the input params and validate
- # that SG rule is created with the same parameters.
- sec_group_rules_client = self.security_group_rules_client
- rule_create_body = sec_group_rules_client.create_security_group_rule(
- security_group_id=sg_id,
- direction=direction,
- ethertype=ethertype,
- protocol=protocol,
- port_range_min=port_range_min,
- port_range_max=port_range_max,
- remote_group_id=remote_group_id,
- remote_ip_prefix=remote_ip_prefix
- )
-
- sec_group_rule = rule_create_body['security_group_rule']
- self.addCleanup(self._delete_security_group_rule,
- sec_group_rule['id'])
-
- expected = {'direction': direction, 'protocol': protocol,
- 'ethertype': ethertype, 'port_range_min': port_range_min,
- 'port_range_max': port_range_max,
- 'remote_group_id': remote_group_id,
- 'remote_ip_prefix': remote_ip_prefix}
- for key, value in six.iteritems(expected):
- self.assertEqual(value, sec_group_rule[key],
- "Field %s of the created security group "
- "rule does not match with %s." %
- (key, value))
-
- def _wait_till_firewall_gets_realize(self, secgroup, dfw_error_msg=""):
- nsx_firewall_time_counter = 0
- nsx_dfw_section = None
- # wait till timeout or till dfw section
- while nsx_firewall_time_counter < \
- constants.NSX_FIREWALL_REALIZED_TIMEOUT and \
- not nsx_dfw_section:
- nsx_firewall_time_counter += 1
- nsx_nsgroup = self.nsx.get_ns_group(secgroup['name'],
- secgroup['id'])
- nsx_dfw_section = self.nsx.get_firewall_section(secgroup['name'],
- secgroup['id'])
- time.sleep(constants.ONE_SEC)
- self.assertIsNotNone(nsx_nsgroup)
- self.assertIsNotNone(nsx_dfw_section, dfw_error_msg)
- return nsx_nsgroup, nsx_dfw_section
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('904ca2c1-a14d-448b-b723-a7366e613bf1')
- def test_create_update_nsx_security_group(self):
- # Create a security group
- group_create_body, name = self._create_security_group()
- secgroup = group_create_body['security_group']
- dfw_error_msg = "Firewall section not found for %s!" % secgroup['name']
- self._wait_till_firewall_gets_realize(secgroup, dfw_error_msg)
- # List security groups and verify if created group is there in response
- list_body = self.security_groups_client.list_security_groups()
- secgroup_list = list()
- for sg in list_body['security_groups']:
- secgroup_list.append(sg['id'])
- self.assertIn(secgroup['id'], secgroup_list)
- # Update the security group
- new_name = data_utils.rand_name('security-')
- new_description = data_utils.rand_name('security-description')
- update_body = self.security_groups_client.update_security_group(
- secgroup['id'], name=new_name, description=new_description)
- # Verify if security group is updated
- updated_secgroup = update_body['security_group']
- self.assertEqual(updated_secgroup['name'], new_name)
- self.assertEqual(updated_secgroup['description'], new_description)
- dfw_error_msg = "Firewall section is not updated for %s!" % \
- updated_secgroup['name']
- self._wait_till_firewall_gets_realize(updated_secgroup, dfw_error_msg)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('e637cc59-c5e6-49b5-a539-e517e780656e')
- def test_delete_nsx_security_group(self):
- # Create a security group
- name = data_utils.rand_name('secgroup-')
- create_body = self.security_groups_client.create_security_group(
- name=name)
- secgroup = create_body['security_group']
- dfw_error_msg = "Firewall section not found for %s!" % secgroup['name']
- self._wait_till_firewall_gets_realize(secgroup, dfw_error_msg)
- self.assertEqual(secgroup['name'], name)
- # Delete the security group
- self._delete_security_group(secgroup['id'])
- nsx_nsgroup = self.nsx.get_ns_group(secgroup['name'],
- secgroup['id'])
- nsx_dfw_section = self.nsx.get_firewall_section(name, secgroup['id'])
- self.assertIsNone(nsx_nsgroup)
- self.assertIsNone(nsx_dfw_section)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('91c298c0-fbbd-4597-b4c6-1a7ecfb8a2de')
- def test_create_nsx_security_group_rule(self):
- # Create a security group
- create_body, _ = self._create_security_group()
- secgroup = create_body['security_group']
- dfw_error_msg = "Firewall section not found for %s!" % secgroup['name']
- nsx_nsgroup, nsx_dfw_section = self._wait_till_firewall_gets_realize(
- secgroup, dfw_error_msg)
- # Create rules for each protocol
- protocols = ['tcp', 'udp', 'icmp']
- client = self.security_group_rules_client
- for protocol in protocols:
- rule_create_body = client.create_security_group_rule(
- security_group_id=secgroup['id'],
- protocol=protocol,
- direction='ingress',
- ethertype=self.ethertype
- )
- secgroup_rule = rule_create_body['security_group_rule']
-
- # Show details of the created security rule
- show_rule_body = client.show_security_group_rule(
- secgroup_rule['id'])
- create_dict = rule_create_body['security_group_rule']
- for key, value in six.iteritems(create_dict):
- self.assertEqual(value,
- show_rule_body['security_group_rule'][key],
- "%s does not match." % key)
-
- # List rules and verify created rule is in response
- rule_list_body = (
- self.security_group_rules_client.list_security_group_rules())
- rule_list = [rule['id']
- for rule in rule_list_body['security_group_rules']]
- self.assertIn(rule_create_body['security_group_rule']['id'],
- rule_list)
- nsx_dfw_rule = self.nsx.get_firewall_section_rule(
- nsx_dfw_section,
- secgroup_rule['id'])
- self.assertIsNotNone(nsx_dfw_rule)
- expected_rule = {
- 'display_name': secgroup_rule['id'],
- 'action': 'ALLOW',
- 'direction': 'IN',
- 'destinations': [
- {
- 'target_display_name': nsx_nsgroup['display_name'],
- 'is_valid': True,
- 'target_type': 'NSGroup',
- 'target_id': nsx_nsgroup['id']
- }
- ]
- }
- for key, value in six.iteritems(expected_rule):
- self.assertEqual(value, nsx_dfw_rule[key],
- "%s does not match." % key)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('b6c424e5-3553-4b7d-bd95-8b1f0a860fb4')
- def test_delete_nsx_security_group_rule(self):
- # Create a security group
- create_body, _ = self._create_security_group()
- secgroup = create_body['security_group']
- dfw_error_msg = "Firewall section not found for %s!" % secgroup['name']
- nsx_nsgroup, nsx_dfw_section = self._wait_till_firewall_gets_realize(
- secgroup, dfw_error_msg)
- # Create a security group rule
- client = self.security_group_rules_client
- rule_create_body = client.create_security_group_rule(
- security_group_id=secgroup['id'],
- protocol='tcp',
- direction='ingress',
- port_range_min=22,
- port_range_max=23,
- ethertype=self.ethertype
- )
- secgroup_rule = rule_create_body['security_group_rule']
- nsx_dfw_rule = self.nsx.get_firewall_section_rule(
- nsx_dfw_section,
- secgroup_rule['id'])
- self.assertIsNotNone(nsx_dfw_rule)
- # Delete the security group rule
- client.delete_security_group_rule(secgroup_rule['id'])
- nsx_dfw_rule = self.nsx.get_firewall_section_rule(
- nsx_dfw_section,
- secgroup_rule['id'])
- self.assertIsNone(nsx_dfw_rule)
diff --git a/vmware_nsx_tempest/tests/nsxv3/api/test_provider_sec_group.py b/vmware_nsx_tempest/tests/nsxv3/api/test_provider_sec_group.py
deleted file mode 100644
index 6df6c50bd3..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/api/test_provider_sec_group.py
+++ /dev/null
@@ -1,458 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import time
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions
-
-from tempest import test
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-PROVIDER_SECURITY_GRP = 'provider-sec-group'
-LOG = constants.log.getLogger(__name__)
-
-
-class ProviderSecurityGroupTest(base.BaseAdminNetworkTest):
- """Test Provider Security Group
-
- 1. Only Admin can create provider security group.
- 2. Tenants can not create provider security-group.
- 3. Check Provider sec group at beckend in firewall section
- 4. Check the priority of provider sec groups at beckend
- 5. Check non-admin tenant can't create provider security group
- 6. Check multiple rules under provider sec group
- """
-
- @classmethod
- def skip_checks(cls):
- super(ProviderSecurityGroupTest, cls).skip_checks()
- if not test.is_extension_enabled('provider-security-group', 'network'):
- msg = "Extension provider-security-group is not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def setup_clients(cls):
- super(ProviderSecurityGroupTest, cls).setup_clients()
- cls.cmgr_pri = cls.get_client_manager('primary')
- cls.cmgr_alt = cls.get_client_manager('alt')
- cls.cmgr_adm = cls.get_client_manager('admin')
-
- @classmethod
- def resource_setup(cls):
- super(ProviderSecurityGroupTest, cls).resource_setup()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
- cls.network = cls.create_network()
-
- def delete_security_group(self, sg_client, sg_id):
- sg_client.delete_security_group(sg_id)
-
- def create_security_provider_group(self, cmgr=None,
- project_id=None, provider=False):
- cmgr = cmgr or self.cmgr_adm
- sg_client = cmgr.security_groups_client
- sg_dict = dict(name=data_utils.rand_name(PROVIDER_SECURITY_GRP))
- if project_id:
- sg_dict['tenant_id'] = project_id
- if provider:
- sg_dict['provider'] = True
- sg = sg_client.create_security_group(**sg_dict)
- sg = sg.get('security_group', sg)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_security_group,
- sg_client, sg.get('id'))
- return sg
-
- def update_security_provider_group(self, security_group_id,
- new_policy_id, cmgr=None):
- cmgr = cmgr or self.cmgr_adm
- sg_client = cmgr.security_groups_client
- sg = sg_client.update_security_group(security_group_id,
- policy=new_policy_id)
- return sg.get('security_group', sg)
-
- def create_security_group_rule(self, security_group_id,
- cmgr=None, project_id=None,
- protocol=None):
- cmgr = cmgr or self.cmgr_adm
- sgr_client = cmgr.security_group_rules_client
- sgr_dict = dict(security_group_id=security_group_id,
- direction='ingress', protocol=protocol)
- if project_id:
- sgr_dict['tenant_id'] = project_id
- sgr = sgr_client.create_security_group_rule(**sgr_dict)
- return sgr.get('security_group_rule', sgr)
-
- def show_security_provider_group(self, security_group_id, cmgr=None):
- cmgr = cmgr or self.cmgr_adm
- sg_client = cmgr.security_groups_client
- sg = sg_client.show_security_group(security_group_id)
- return sg.get('security_group', sg)
-
- def _wait_till_firewall_gets_realize(self, secgroup, dfw_error_msg=""):
- nsx_firewall_time_counter = 0
- nsx_dfw_section = None
- # wait till timeout or till dfw section
- while nsx_firewall_time_counter < \
- constants.NSX_FIREWALL_REALIZED_TIMEOUT and \
- not nsx_dfw_section:
- nsx_firewall_time_counter += 1
- nsx_nsgroup = self.nsx.get_ns_group(secgroup['name'],
- secgroup['id'])
- nsx_dfw_section = self.nsx.get_firewall_section(secgroup['name'],
- secgroup['id'])
- time.sleep(constants.ONE_SEC)
- self.assertIsNotNone(nsx_nsgroup)
- self.assertIsNotNone(nsx_dfw_section, dfw_error_msg)
- return nsx_nsgroup, nsx_dfw_section
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('4fc39f02-4fb1-4e5c-bf64-b98dd7f514f7')
- def test_provider_security_group_at_beckend(self):
- sg = self.create_security_provider_group(self.cmgr_adm, provider=True)
- sg_id = sg.get('id')
- sg_name = sg.get('name')
- sg_rule = self.create_security_group_rule(sg_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- sg_rule.get('id')
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self.assertNotEmpty(self.nsx.get_firewall_section(sg_name, sg_id))
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('2c8d013d-4c0b-4d2b-b77c-779351a789ce')
- def test_provider_security_group_crud(self):
- sg_desc = "crud provider-security-group"
- sg_client = self.cmgr_adm.security_groups_client
- sg = self.create_security_provider_group(self.cmgr_adm, provider=True)
- sg_id = sg.get('id')
- show_sec_group = sg_client.show_security_group(sg_id)
- self.assertEqual(True, show_sec_group['security_group']['provider'],
- "Provider security group created")
- sg_show = sg_client.update_security_group(sg_id, description=sg_desc)
- self.assertEqual(sg_desc, sg_show['security_group'].get('description'))
- self.delete_security_group(sg_client, sg_id)
- sg_list = sg_client.list_security_groups(id=sg_id)
- sg_list = sg_list.get('security_groups', sg_list)
- self.assertEqual(len(sg_list), 0)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('2bc5452f-5673-4dbe-afb3-fb40bf0916a5')
- def test_admin_can_create_provider_security_group_for_tenant(self):
- project_id = self.cmgr_alt.networks_client.tenant_id
- sg = self.create_security_provider_group(self.cmgr_adm,
- project_id=project_id,
- provider=True)
- self.assertEqual(True, sg.get('provider'))
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('6ff79516-1e94-4463-9b8c-a524aa806040')
- def test_tenant_provider_sec_group_with_no_rules(self):
- sg = self.create_security_provider_group(self.cmgr_adm,
- provider=True)
- self.assertEmpty(sg.get('security_group_rules'))
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('a92c8e1e-ce2c-40be-8449-d326690e078e')
- def test_admin_can_create_security_group_rule(self):
- sg_client = self.cmgr_adm.security_groups_client
- sg = self.create_security_provider_group(self.cmgr_adm,
- provider=True)
- sg_id = sg.get('id')
- self.create_security_group_rule(sg_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- show_sec_group = sg_client.show_security_group(sg_id)
- self.assertEqual('ingress',
- show_sec_group['security_group']
- ['security_group_rules']
- [0]['direction'])
- self.assertEqual('icmp',
- show_sec_group['security_group']
- ['security_group_rules']
- [0]['protocol'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('8e43bd57-e478-490c-8064-4211f2c3eb6c')
- def test_provider_security_group_rule_at_beckend(self):
- sg = self.create_security_provider_group(self.cmgr_adm, provider=True)
- sg_id = sg.get('id')
- sg_name = sg.get('name')
- sg_rule = self.create_security_group_rule(sg_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- sg_rule.get('id')
- dfw_error_msg = "Firewall section not found for %s!" % sg_name
- self._wait_till_firewall_gets_realize(sg, dfw_error_msg)
- firewall_section = self.nsx.get_firewall_section(sg_name, sg_id)
- output = self.nsx.get_firewall_section_rules(firewall_section)
- self.assertEqual('DROP', output[0]['action'])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('cf754eba-304f-441c-8402-0dba706fcf62')
- def test_provider_security_group_at_port_level(self):
- sg = self.create_security_provider_group(self.cmgr_adm,
- provider=True)
- sg_id = sg.get('id')
- net_client = self.cmgr_adm.networks_client
- body = {'name': 'provider-network'}
- network = net_client.create_network(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- net_client.delete_network,
- network['network']['id'])
- body = {"network_id": network['network']['id'],
- "allocation_pools": [{"start": "2.0.0.2",
- "end": "2.0.0.254"}],
- "ip_version": 4, "cidr": "2.0.0.0/24"}
- subnet_client = self.cmgr_adm.subnets_client
- subnet_client.create_subnet(**body)
- body = {"network_id": network['network']['id'],
- "admin_state_up": 'true'}
- port_client = self.cmgr_adm.ports_client
- port_id = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- ss = port_client.show_port(port_id['port']['id'])
- self.assertEqual([sg_id], ss['port']['provider_security_groups'])
- kwargs = {"provider_security_groups": []}
- port_client.update_port(port_id['port']['id'], **kwargs)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('2c44a134-f013-46b7-a2ec-14c7c38a4d8c')
- def test_multiple_provider_security_group_only_on_newton(self):
- sg = self.create_security_provider_group(self.cmgr_adm, provider=True)
- sg_id = sg.get('id')
- self.create_security_group_rule(sg_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- self.assertRaises(exceptions.BadRequest,
- self.create_security_provider_group,
- self.cmgr_adm, provider=True)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('f45fc910-db83-4e0c-8ab6-178783626ad3')
- def test_multiple_provider_security_group_on_ocata_plus(self):
- # Ocata plus allows more than 1 provider security group
- sg1 = self.create_security_provider_group(self.cmgr_adm, provider=True)
- sg1_id = sg1.get('id')
- # create icmp rule
- self.create_security_group_rule(sg1_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- sg2 = self.create_security_provider_group(self.cmgr_adm, provider=True)
- sg3 = self.create_security_provider_group(self.cmgr_adm, provider=True)
- self.assertNotEqual(sg1.get('id'), sg2.get('id'))
- self.assertNotEqual(sg2.get('id'), sg3.get('id'))
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('275abe9f-4f01-46e5-bde0-0b6840290d3b')
- def test_provider_sec_group_with_multiple_rules(self):
- project_id = self.cmgr_adm.networks_client.tenant_id
- sg = self.create_security_provider_group(self.cmgr_adm,
- project_id=project_id)
- sg_rule1 = self.create_security_group_rule(sg.get('id'),
- cmgr=self.cmgr_adm,
- project_id=project_id,
- protocol='icmp')
- sg_rule1_id = sg_rule1.get('id')
- sg_rule2 = self.create_security_group_rule(sg.get('id'),
- cmgr=self.cmgr_adm,
- project_id=project_id,
- protocol='tcp')
- sg_rule2_id = sg_rule2.get('id')
- self.assertNotEqual(sg_rule1_id, sg_rule2_id)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('5d25370e-da6a-44a7-8565-7b1c2fc39fdc')
- def test_clear_provider_sec_group_from_port(self):
- project_id = self.cmgr_adm.networks_client.tenant_id
- self.create_security_provider_group(self.cmgr_adm,
- project_id=project_id,
- provider=True)
- net_client = self.cmgr_adm.networks_client
- body = {'name': 'provider-network'}
- network = net_client.create_network(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- net_client.delete_network,
- network['network']['id'])
- body = {"network_id": network['network']['id'],
- "allocation_pools": [{"start": "2.0.0.2",
- "end": "2.0.0.254"}],
- "ip_version": 4, "cidr": "2.0.0.0/24"}
- subnet_client = self.cmgr_adm.subnets_client
- subnet_client.create_subnet(**body)
- body = {"network_id": network['network']['id'],
- "provider_security_groups": []}
- port_client = self.cmgr_adm.ports_client
- port_id = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- ss = port_client.show_port(port_id['port']['id'])
- self.assertEmpty(ss['port']['provider_security_groups'])
- kwargs = {"provider_security_groups": []}
- port_client.update_port(port_id['port']['id'], **kwargs)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('dfc6bb8e-ba7b-4ce5-b6ee-0d0830d7e152')
- def test_check_security_group_precedence_at_beckend(self):
- project_id = self.cmgr_adm.networks_client.tenant_id
- provider_sg = \
- self.create_security_provider_group(self.cmgr_adm,
- project_id=project_id,
- provider=True)
- provider_sg_name = provider_sg.get('name')
- self.create_security_provider_group(self.cmgr_adm,
- project_id=project_id,
- provider=False)
- # Wait till provider sec gets realize in NSX.
- nsx_firewall_time_counter = 0
- provider_sec = False
- while nsx_firewall_time_counter < \
- constants.NSX_FIREWALL_REALIZED_TIMEOUT and not provider_sec:
- nsx_firewall_time_counter += 1
- firewall_sections = self.nsx.get_firewall_sections()
- for section in firewall_sections:
- if provider_sg_name in section['display_name']:
- provider_sec = True
- break
- time.sleep(constants.ONE_SEC)
- for section in firewall_sections:
- # when execute tempest in parallel fashion,
- # we create provider security group for other tests,
- # NSX will return all provider security group from DFW.
- if PROVIDER_SECURITY_GRP in section['display_name'] and \
- provider_sg_name not in section['display_name']:
- pass
- else:
- # check the sec name
- break
- msg = "Provider group does not have highest priority " \
- "over default security group"
- self.assertIn(provider_sg_name, section['display_name'], msg)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('37d8fbfc-eb3f-40c8-a146-70f5df937a2e')
- def test_tenant_cannot_delete_admin_provider_security_group(self):
- project_id = self.cmgr_adm.networks_client.tenant_id
- sg = self.create_security_provider_group(self.cmgr_adm,
- project_id=project_id,
- provider=True)
- sg_id = sg.get('id')
- sg_client = self.cmgr_alt.security_groups_client
- try:
- self.delete_security_group(sg_client, sg_id)
- except Exception:
- LOG.info("Non Admin tenant can't see admin "
- "provider security group")
- pass
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('1bbebba3-780c-4e95-a95a-e52f577a6c1d')
- def test_tenant_cannot_create_provider_sec_group(self):
- project_id = self.cmgr_alt.networks_client.tenant_id
- self.assertRaises(exceptions.Forbidden,
- self.create_security_provider_group,
- self.cmgr_alt, project_id=project_id,
- provider=True)
- LOG.info("Non-Admin Tenant cannot create provider sec group")
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('0d021bb2-9e21-422c-a509-6ac27803b2a2')
- def test_update_port_with_psg(self):
- net_client = self.cmgr_adm.networks_client
- body = {'name': 'provider-network'}
- network = net_client.create_network(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- net_client.delete_network,
- network['network']['id'])
- body = {"network_id": network['network']['id'],
- "allocation_pools": [{"start": "2.0.0.2",
- "end": "2.0.0.254"}],
- "ip_version": 4, "cidr": "2.0.0.0/24"}
- subnet_client = self.cmgr_adm.subnets_client
- subnet_client.create_subnet(**body)
- body = {"network_id": network['network']['id'],
- "provider_security_groups": []}
- port_client = self.cmgr_adm.ports_client
- port_id = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- ss = port_client.show_port(port_id['port']['id'])
- self.assertEmpty(ss['port']['provider_security_groups'],
- "Provider security group is not set on port")
- project_id = self.cmgr_adm.networks_client.tenant_id
- sg = self.create_security_provider_group(self.cmgr_adm,
- project_id=project_id,
- provider=True)
- sg_id = sg.get('id')
- body = {"provider_security_groups": ["%s" % sg_id]}
- port_client.update_port(port_id['port']['id'], **body)
- ss = port_client.show_port(port_id['port']['id'])
- self.assertEqual([sg_id], ss['port']['provider_security_groups'],
- "PSG assigned to port is accurate")
- kwargs = {"provider_security_groups": []}
- port_client.update_port(port_id['port']['id'], **kwargs)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('2922a7fb-75fb-4d9f-9fdb-4b017c191aba')
- def test_update_port_with_psg_using_different_tenant(self):
- net_client = self.cmgr_alt.networks_client
- body = {'name': 'provider-network'}
- network = net_client.create_network(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- net_client.delete_network,
- network['network']['id'])
- body = {"network_id": network['network']['id'],
- "allocation_pools": [{"start": "2.0.0.2",
- "end": "2.0.0.254"}],
- "ip_version": 4, "cidr": "2.0.0.0/24"}
- subnet_client = self.cmgr_alt.subnets_client
- subnet_client.create_subnet(**body)
- body = {"network_id": network['network']['id'],
- "provider_security_groups": []}
- port_client = self.cmgr_alt.ports_client
- port_id = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- ss = port_client.show_port(port_id['port']['id'])
- self.assertEmpty(ss['port']['provider_security_groups'],
- "Provider security group is not set on port")
- project_id = self.cmgr_adm.networks_client.tenant_id
- sg = self.create_security_provider_group(self.cmgr_adm,
- project_id=project_id,
- provider=True)
- sg_id = sg.get('id')
- body = {"provider_security_groups": ["%s" % sg_id]}
- self.assertRaises(exceptions.NotFound,
- port_client.update_port,
- port_id['port']['id'], **body)
- kwargs = {"provider_security_groups": []}
- port_client.update_port(port_id['port']['id'], **kwargs)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('cef8d816-e5fa-45a5-a5a5-f1f2ed8fb49f')
- def test_tenant_cannot_create_provider_sec_group_for_other_tenant(self):
- tenant_cmgr = self.cmgr_alt
- project_id = tenant_cmgr.networks_client.tenant_id
- self.assertRaises(exceptions.BadRequest,
- self.create_security_provider_group, self.cmgr_pri,
- project_id=project_id,
- provider=True)
diff --git a/vmware_nsx_tempest/tests/nsxv3/scale/__init__.py b/vmware_nsx_tempest/tests/nsxv3/scale/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/nsxv3/scale/test_dhcp_uni_scale.py b/vmware_nsx_tempest/tests/nsxv3/scale/test_dhcp_uni_scale.py
deleted file mode 100644
index 09559a0894..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scale/test_dhcp_uni_scale.py
+++ /dev/null
@@ -1,160 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-
-from tempest.api.network import base
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.services import nsxv3_client
-
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-
-
-class NSXv3DHCPUniScaleTest(base.BaseNetworkTest):
- """Test NSXv3 native DHCP unidimensional scale:
-
- - Create 100 DHCP enabled networks/subnets
- - Create 500 DHCP enabled networks/subnets
- - Create 1000 DHCP enabled networks/subnets
- - Create 2000 DHCP enabled networks/subnets
- - Create 4000 DHCP enabled networks/subnets
- - Create 100 ports on a DHCP enabled network/subnet
- - Create 256 ports on a DHCP enabled network/subnet
- - Create 512 ports on a DHCP enabled network/subnet
-
- One logical DHCP server will be created on NSXv3 backend if a DHCP enabled
- subnet is created. Also, a DHCP static binding will be created on the
- logical DHCP server if one port with device_ower=compute:None is created
- on the subnet. Test is to first create Neutron network resource using
- Neutron API and then check the backend resource using NSXv3 API
-
- Note:
- The following networking quotas need to be changed on neutron conf.
- They can be set as above scale limit or -1 which means unlimited.
- - quota_network = -1
- - quota_subnet = -1
- - quota_port = -1
-
- Also, in tempest conf, the following requirements should be met.
- - project_network_cidr should be at least /21, e.g. 10.20.0.0/16
- - project_network_mask_bits should be at least 22
- """
-
- @classmethod
- def skip_checks(cls):
- super(NSXv3DHCPUniScaleTest, cls).skip_checks()
- if not (CONF.nsxv3.nsx_manager and CONF.nsxv3.nsx_user and
- CONF.nsxv3.nsx_password):
- raise cls.skipException("Either NSX manager, user, or password "
- "is missing")
- if CONF.network.project_network_mask_bits > 22:
- raise cls.skipException("Project network CIDR doesn't have "
- "enough ports")
-
- @classmethod
- def resource_setup(cls):
- super(NSXv3DHCPUniScaleTest, cls).resource_setup()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- def _create_scale_logical_dhcp_server(self, scale):
- # Create networks based on scale number
- for i in range(scale):
- name = data_utils.rand_name('uniscale-%s' % i)
- network = self.create_network(network_name=name)
- self.create_subnet(network)
- # Check if the following numbers are correct
- # - Correct number of neutron networks
- # - Correct number of logical switches on nsx backend
- # - COrrect number of logical dhcp servers on nsx backend
- networks = self.networks_client.list_networks()
- scale_nets = [net for net in networks['networks']
- if net['name'].startswith('uniscale-')]
- error_msg = "Neutron networks created doesn't match the scale number"
- self.assertEqual(len(scale_nets), scale, error_msg)
- nsx_switches = self.nsx.get_logical_switches()
- scale_switches = [ls for ls in nsx_switches
- if ls['display_name'].startswith('uniscale-')]
- error_msg = ("Logical switches on backend doesn't match the "
- "number of networks on OpenStack")
- self.assertEqual(len(scale_switches), scale, error_msg)
- dhcp_servers = self.nsx.get_logical_dhcp_servers()
- scale_dhcp_servers = [ds for ds in dhcp_servers
- if ds['display_name'].startswith('uniscale-')]
- error_msg = ("Logical DHCP servers on backend doesn't match the "
- "number of networks on OpenStack")
- self.assertEqual(len(scale_dhcp_servers), scale, error_msg)
-
- def _create_scale_dhcp_bindings(self, scale):
- # Create a network with dhcp enabled subnet
- name = data_utils.rand_name('binding-')
- network = self.create_network(network_name=name)
- self.create_subnet(network)
- dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- self.assertIsNotNone(dhcp_server)
- for i in range(scale):
- port = self.create_port(network, device_owner='compute:None')
- self.addCleanup(self.ports_client.delete_port, port['id'])
- dhcp_server = self.nsx.get_logical_dhcp_server(network['name'],
- network['id'])
- dhcp_bindings = self.nsx.get_dhcp_server_static_bindings(
- dhcp_server['id'])
- self.assertEqual(len(dhcp_bindings), scale)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('c5fa8d5d-3973-4d77-a0d4-f28b2ae92a2c')
- def test_create_100_logical_dhcp_server(self):
- self._create_scale_logical_dhcp_server(100)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('c2b264a2-daab-451f-ad3b-f0713a390f47')
- def test_create_500_logical_dhcp_server(self):
- self._create_scale_logical_dhcp_server(500)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('5ba22b0f-4593-4509-8998-a3002ce63406')
- def test_create_1k_logical_dhcp_server(self):
- self._create_scale_logical_dhcp_server(1000)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('ddf3d789-838a-428a-b4fe-8fe214f0e956')
- def test_create_2k_logical_dhcp_server(self):
- self._create_scale_logical_dhcp_server(2000)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('ed5441be-a700-45fa-bec1-b1d100acbb73')
- def test_create_4k_logical_dhcp_server(self):
- self._create_scale_logical_dhcp_server(4000)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('4a5484e3-f9b8-4562-8a4c-d8974a703767')
- def test_create_100_dhcp_bindings(self):
- self._create_scale_dhcp_bindings(100)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('cbb8af8c-db3a-4ad2-8954-c41670956c52')
- def test_create_256_dhcp_bindings(self):
- self._create_scale_dhcp_bindings(256)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('ffa5db0b-5922-494d-bcd3-9d5b0b10b684')
- def test_create_512_dhcp_bindings(self):
- self._create_scale_dhcp_bindings(512)
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/__init__.py b/vmware_nsx_tempest/tests/nsxv3/scenario/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_allowed_address_pair.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_allowed_address_pair.py
deleted file mode 100644
index 572c85ca72..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_allowed_address_pair.py
+++ /dev/null
@@ -1,520 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import collections
-import time
-
-from oslo_log import log as logging
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.services import nsxv3_client
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-Floating_IP_tuple = collections.namedtuple('Floating_IP_tuple',
- ['floating_ip', 'server'])
-
-
-class TestAllowedAddressPair(manager.NetworkScenarioTest):
- """Test Allowed Address Pair Scenario
-
- Test the following Allowed Address Pair scenarios
- - Create 2 vms and update with allowed address pair ip, mac and check
- vm's pingable via allowed address pair ip's
- - Create 2 vms and update with allowed address pair muliple ips and
- check vm's pingable via allowed address pair multiple ip's
- - Create vm and normal port + fip assigned, now update compute vm port
- with allowed address pair ip which is of port created .Now check vm
- connectivity using fip assigned to port.
- """
-
- @classmethod
- def setup_credentials(cls):
- cls.set_network_resources()
- super(TestAllowedAddressPair, cls).setup_credentials()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- def setUp(self):
- super(TestAllowedAddressPair, self).setUp()
- self.cmgr_pri = self.get_client_manager('primary')
- self.cmgr_alt = self.get_client_manager('alt')
- self.cmgr_adm = self.get_client_manager('admin')
- self.keypairs = {}
- self.servers = []
- self.config_drive = CONF.compute_feature_enabled.config_drive
-
- def _delete_router(self, router):
- body = self.ports_client.list_ports(device_id=router['id'])
- interfaces = body['ports']
- for i in interfaces:
- test_utils.call_and_ignore_notfound_exc(
- self.routers_client.remove_router_interface, router['id'],
- subnet_id=i['fixed_ips'][0]['subnet_id'])
- self.routers_client.delete_router(router['id'])
-
- def _create_router(self, router_name=None, admin_state_up=True,
- external_network_id=None, enable_snat=None,
- **kwargs):
- ext_gw_info = {}
- if external_network_id:
- ext_gw_info['network_id'] = external_network_id
- if enable_snat is not None:
- ext_gw_info['enable_snat'] = enable_snat
- body = self.routers_client.create_router(
- name=router_name, external_gateway_info=ext_gw_info,
- admin_state_up=admin_state_up, **kwargs)
- router = body.get('router', body)
- self.addCleanup(self._delete_router, router)
- return router
-
- def _create_subnet(self, network, cidr, subnets_client=None, **kwargs):
- client = subnets_client or self.subnets_client
- body = client.create_subnet(
- name=data_utils.rand_name('subnet-default1'),
- network_id=network['id'], tenant_id=network['tenant_id'],
- cidr=cidr, ip_version=4, **kwargs)
- subnet = body.get('subnet', body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_subnet, subnet['id'])
- return subnet
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def get_port_id(self, network_id, subnet_id, instance):
- _, instance_addr = instance["addresses"].items()[0]
- instance_fixed_ip = instance_addr[0]["addr"]
- for port in self._list_ports(device_id=instance['id']):
- port_fixed_ip = port["fixed_ips"][0]["ip_address"]
- if port["network_id"] == network_id and port["fixed_ips"][0][
- "subnet_id"] == subnet_id and instance["id"] == port[
- "device_id"] and port_fixed_ip == instance_fixed_ip:
- port_id = port["id"]
- self.assertIsNotNone(port_id, "Failed to find Instance's port id!!!")
- return port_id
-
- def _create_server(self, name, network, image_id=None):
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- security_groups = [{'name': self.security_group['name']}]
- network = {'uuid': network['id']}
- server = self.create_server(name=name, networks=[network],
- key_name=keypair['name'],
- config_drive=self.config_drive,
- security_groups=security_groups,
- image_id=image_id,
- wait_until='ACTIVE')
- self.servers.append(server)
- return server
-
- def _create_port(self, **body):
- port_client = self.ports_client
- port_id = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- return port_id
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _get_server_ip(self, server):
- addresses = server['addresses'][self.network['name']]
- for address in addresses:
- if address['version'] == CONF.validation.ip_version_for_ssh:
- return address['addr']
-
- def create_network_topo(self):
- self.security_group = self._create_security_group()
- self.network = self._create_network()
- self.subnet = self._create_subnet(self.network,
- cidr='14.168.1.0/24')
- self.router = self._create_router(
- router_name=data_utils.rand_name('router-default1'),
- external_network_id=CONF.network.public_network_id)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet['id'])
- networks = dict(security_group=self.security_group,
- network=self.network,
- subnet=self.subnet, router=self.router)
- return networks
-
- def _check_server_connectivity(self, floating_ip,
- remote_ip, private_key,
- should_connect=True):
- ssh_source = self.get_remote_client(floating_ip,
- private_key=private_key)
- msg = "ip address %s is reachable" % remote_ip
- try:
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, remote_ip, should_connect),
- msg)
- except Exception:
- LOG.exception("Unable to access {dest} via ssh to "
- "floating-ip {src}".format(dest=remote_ip,
- src=floating_ip))
- raise
-
- def _assign_ip_address(self, ssh_source, interface_name, ip_address):
- ssh_source.exec_command("sudo ifconfig %s %s/24 up" % (interface_name,
- ip_address))
-
- def _assign_mac_address(self, ssh_source, interface_name, mac_address):
- ssh_source.exec_command("sudo ifconfig %s down" % interface_name)
- ssh_source.exec_command("sudo ip link set %s address %s" % (
- interface_name, mac_address))
- ssh_source.exec_command("sudo ifconfig %s up" % interface_name)
-
- def _test_connectivity_between_allowed_adddress_pair_ports(self,
- network_topo):
- server_name_default = data_utils.rand_name('server-default')
- network = network_topo['network']
- server_default = self._create_server(server_name_default, network)
- server_name_default1 = \
- data_utils.rand_name('server-default1-sec-group')
- server_default1 = self._create_server(server_name_default1, network)
- floating_ip_default = self.create_floating_ip(server_default)
- floating_ip_default1 = self.create_floating_ip(server_default1)
- ip_address_default_vm = floating_ip_default['floating_ip_address']
- ip_address_default1_vm = floating_ip_default1['floating_ip_address']
- private_key_default_vm = self._get_server_key(server_default)
- private_key_default1_vm = self._get_server_key(server_default1)
- port_client = self.ports_client
- # Allowed Address pair
- ip_address_vm1 = '87.0.0.3'
- ip_address_vm2 = '87.0.0.4'
- port_id = self.get_port_id(network['id'],
- network_topo['subnet']['id'],
- server_default)
- # Update allowed address pair attribute of port
- allowed_address_pairs = [{'ip_address': ip_address_vm1}]
- port_client.update_port(
- port_id, allowed_address_pairs=allowed_address_pairs)
- port1_id = self.get_port_id(network['id'],
- network_topo['subnet']['id'],
- server_default1)
- # Update allowed address pair attribute of port
- allowed_address_pairs = [{'ip_address': ip_address_vm2}]
- port_client.update_port(
- port1_id, allowed_address_pairs=allowed_address_pairs)
- ssh_source = self.get_remote_client(
- ip_address_default_vm,
- private_key=private_key_default_vm)
- ssh_source1 = self.get_remote_client(
- ip_address_default1_vm,
- private_key=private_key_default1_vm)
- # Assign Allowed pair ip to vm's
- self._assign_ip_address(ssh_source, 'eth0:1', ip_address_vm1)
- self._assign_ip_address(ssh_source1, 'eth0:1', ip_address_vm2)
- self.assertTrue(self._check_remote_connectivity
- (ssh_source1, ip_address_vm1, 'True'),
- 'Destination is reachable')
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, ip_address_vm2, 'True'),
- 'Destination is reachable')
-
- def _test_allowed_adddress_pair_ports_attach_as_interface_on_vms(
- self, network_topo):
- server_name_default = data_utils.rand_name('server-default')
- network = network_topo['network']
- server_default = self._create_server(server_name_default, network)
- server_name_default1 = \
- data_utils.rand_name('server-default1-sec-group')
- server_default1 = self._create_server(server_name_default1, network)
- floating_ip_default = self.create_floating_ip(server_default)
- floating_ip_default1 = self.create_floating_ip(server_default1)
- ip_address_default_vm = floating_ip_default['floating_ip_address']
- ip_address_default1_vm = floating_ip_default1['floating_ip_address']
- private_key_default_vm = self._get_server_key(server_default)
- private_key_default1_vm = self._get_server_key(server_default1)
- port_client = self.ports_client
- # Allowed Address pair
- ip_address_vm1 = '77.0.0.3'
- ip_address_vm2 = '77.0.0.4'
- body = {"network_id": network['id'],
- "admin_state_up": 'true'}
- port_id = self._create_port(**body)
- # Update allowed address pair attribute of port
- allowed_address_pairs = [{'ip_address': ip_address_vm1}]
- port_client.update_port(port_id['port']['id'],
- security_groups=[self.security_group['id']])
- body = port_client.update_port(
- port_id['port']['id'], allowed_address_pairs=allowed_address_pairs)
- # Update allowed address pair attribute of port
- body = {"network_id": network['id'],
- "admin_state_up": 'true'}
- port1_id = self._create_port(**body)
- allowed_address_pairs = [{'ip_address': ip_address_vm2}]
- port_client.update_port(port1_id['port']['id'],
- security_groups=[self.security_group['id']])
- body = port_client.update_port(
- port1_id['port']['id'],
- allowed_address_pairs=allowed_address_pairs)
- kwargs = {'port_id': port_id['port']['id']}
- # Attach interface to vm
- self.interface_client.create_interface(server_default['id'], **kwargs)
- time.sleep(10)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.interface_client.delete_interface,
- server_default['id'], port_id['port']['id'])
- kwargs = {'port_id': port1_id['port']['id']}
- # Attach interface to vm
- self.interface_client.create_interface(server_default1['id'], **kwargs)
- time.sleep(10)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.interface_client.delete_interface,
- server_default1['id'], port1_id['port']['id'])
- # Allowed Address pair
- ssh_source = self.get_remote_client(ip_address_default_vm,
- private_key=private_key_default_vm)
- ssh_source1 = self.get_remote_client(
- ip_address_default1_vm,
- private_key=private_key_default1_vm)
- # Assign Allowed pair ip to vm's
- self._assign_ip_address(ssh_source, 'eth1', ip_address_vm1)
- self._assign_ip_address(ssh_source1, 'eth1', ip_address_vm2)
- self.assertTrue(self._check_remote_connectivity
- (ssh_source1, ip_address_vm1, 'True'),
- 'Destination is reachable')
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, ip_address_vm2, 'True'),
- 'Destination is reachable')
-
- def _test_allowed_adddress_with_ip_mac_attach_as_interface_on_vms(
- self, network_topo):
- server_name_default = data_utils.rand_name('server-default')
- network = network_topo['network']
- server_default = self._create_server(server_name_default, network)
- server_name_default1 = \
- data_utils.rand_name('server-default1-sec-group')
- server_default1 = self._create_server(server_name_default1, network)
- floating_ip_default = self.create_floating_ip(server_default)
- floating_ip_default1 = self.create_floating_ip(server_default1)
- ip_address_default_vm = floating_ip_default['floating_ip_address']
- ip_address_default1_vm = floating_ip_default1['floating_ip_address']
- private_key_default_vm = self._get_server_key(server_default)
- private_key_default1_vm = self._get_server_key(server_default1)
- port_client = self.ports_client
- # Allowed Address pair
- ip_address_vm1 = '77.0.0.3'
- vm1_mac_address = 'aa:11:0a:e4:f1:aa'
- ip_address_vm2 = '77.0.0.4'
- vm2_mac_address = 'aa:11:0a:e4:f1:bb'
- body = {"network_id": network['id'],
- "admin_state_up": 'true'}
- port_id = self._create_port(**body)
- # Update allowed address pair attribute of port
- allowed_address_pairs = [{'ip_address': ip_address_vm1,
- 'mac_address': vm1_mac_address}]
- port_client.update_port(port_id['port']['id'],
- security_groups=[self.security_group['id']])
- body = port_client.update_port(
- port_id['port']['id'], allowed_address_pairs=allowed_address_pairs)
- # Update allowed address pair attribute of port
- body = {"network_id": network['id'],
- "admin_state_up": 'true'}
- port1_id = self._create_port(**body)
- allowed_address_pairs = [{'ip_address': ip_address_vm2,
- 'mac_address': vm2_mac_address}]
- port_client.update_port(port1_id['port']['id'],
- security_groups=[self.security_group['id']])
- body = port_client.update_port(
- port1_id['port']['id'],
- allowed_address_pairs=allowed_address_pairs)
- kwargs = {'port_id': port_id['port']['id']}
- # Attach interface to vm
- self.interface_client.create_interface(server_default['id'], **kwargs)
- time.sleep(10)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.interface_client.delete_interface,
- server_default['id'], port_id['port']['id'])
- kwargs = {'port_id': port1_id['port']['id']}
- # Attach interface to vm
- self.interface_client.create_interface(server_default1['id'], **kwargs)
- time.sleep(10)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.interface_client.delete_interface,
- server_default1['id'], port1_id['port']['id'])
- ssh_source = self.get_remote_client(ip_address_default_vm,
- private_key=private_key_default_vm)
- ssh_source1 = self.get_remote_client(
- ip_address_default1_vm,
- private_key=private_key_default1_vm)
- # Attach allowed pair ip's to vm's
- self._assign_ip_address(ssh_source, 'eth1', ip_address_vm1)
- self._assign_ip_address(ssh_source1, 'eth1', ip_address_vm2)
- self._assign_mac_address(ssh_source, 'eth1', vm1_mac_address)
- self._assign_mac_address(ssh_source1, 'eth1', vm2_mac_address)
- self.assertTrue(self._check_remote_connectivity
- (ssh_source1, ip_address_vm1, 'True'),
- 'Destination is reachable')
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, ip_address_vm2, 'True'),
- 'Destination is reachable')
-
- def _test_allowed_address_pair_on_vms_with_multiple_ips(
- self, network_topo):
- server_name_default = data_utils.rand_name('server-default')
- network = network_topo['network']
- server_default = self._create_server(server_name_default, network)
- server_name_default1 = \
- data_utils.rand_name('server-default1-sec-group')
- server_default1 = self._create_server(server_name_default1, network)
- floating_ip_default = self.create_floating_ip(server_default)
- floating_ip_default1 = self.create_floating_ip(server_default1)
- ip_address_default_vm = floating_ip_default['floating_ip_address']
- ip_address_default1_vm = floating_ip_default1['floating_ip_address']
- private_key_default_vm = self._get_server_key(server_default)
- private_key_default1_vm = self._get_server_key(server_default1)
- port_client = self.ports_client
- # Allowed Address pair
- ip_address_vm1_1 = '77.0.0.3'
- ip_address_vm1_2 = '78.0.0.3'
- ip_address_vm2_1 = '77.0.0.4'
- ip_address_vm2_2 = '78.0.0.4'
- port_id = self.get_port_id(network['id'],
- network_topo['subnet']['id'],
- server_default)
- # Update allowed address pair attribute of port
- allowed_address_pairs = [{'ip_address': ip_address_vm1_1},
- {'ip_address': ip_address_vm1_2}]
- port_client.update_port(
- port_id, allowed_address_pairs=allowed_address_pairs)
- port1_id = self.get_port_id(network['id'],
- network_topo['subnet']['id'],
- server_default1)
- # Update allowed address pair attribute of port
- allowed_address_pairs = [{'ip_address': ip_address_vm2_1},
- {'ip_address': ip_address_vm2_2}]
- port_client.update_port(
- port1_id, allowed_address_pairs=allowed_address_pairs)
- ssh_source = self.get_remote_client(ip_address_default_vm,
- private_key=private_key_default_vm)
- ssh_source1 = self.get_remote_client(
- ip_address_default1_vm,
- private_key=private_key_default1_vm)
- # Attach allowed pair ip's to vm's
- self._assign_ip_address(ssh_source, 'eth0:1', ip_address_vm1_1)
- self._assign_ip_address(ssh_source, 'eth0:2', ip_address_vm1_2)
- self._assign_ip_address(ssh_source1, 'eth0:1', ip_address_vm2_1)
- self._assign_ip_address(ssh_source1, 'eth0:2', ip_address_vm2_2)
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, ip_address_vm2_1, 'True'),
- 'Destination is reachable')
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, ip_address_vm2_2, 'True'),
- 'Destination is reachable')
- self.assertTrue(self._check_remote_connectivity
- (ssh_source1, ip_address_vm1_1, 'True'),
- 'Destination is reachable')
- self.assertTrue(self._check_remote_connectivity
- (ssh_source1, ip_address_vm1_2, 'True'),
- 'Destination is reachable')
-
- def _test_vm_accessible_using_allowed_adddress_pair_port_fip(
- self, network_topo):
- server_name_default = data_utils.rand_name('server-default')
- network = network_topo['network']
- server_default = self._create_server(server_name_default, network)
- project_id = network['tenant_id']
- floating_ip_default = self.create_floating_ip(server_default)
- ip_address_default_vm = floating_ip_default['floating_ip_address']
- private_key_default_vm = self._get_server_key(server_default)
- port_client = self.ports_client
- body = {"network_id": network['id'],
- "admin_state_up": 'true'}
- port_id = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- external_network_id = CONF.network.public_network_id
- client = self.floating_ips_client
- result = client.create_floatingip(
- floating_network_id=external_network_id,
- port_id=port_id['port']['id'],
- tenant_id=project_id
- )
- ip_address_vm1 = result['floatingip']['fixed_ip_address']
- # Allowed Address pair
- port_id = self.get_port_id(network['id'],
- network_topo['subnet']['id'],
- server_default)
- # Update allowed address pair attribute of port
- allowed_address_pairs = [{'ip_address': ip_address_vm1}]
- port_client.update_port(port_id,
- security_groups=[self.security_group['id']])
- body = port_client.update_port(
- port_id, allowed_address_pairs=allowed_address_pairs)
- ssh_source = self.get_remote_client(ip_address_default_vm,
- private_key=private_key_default_vm)
- # Attach allowed pair ip's to vm's
- self._assign_ip_address(ssh_source, 'eth0:1', ip_address_vm1)
- self.compute_floating_ips_client.disassociate_floating_ip_from_server(
- ip_address_default_vm, server_default['id'])
- # Check connectivity to vm from external world using fip assigned to
- # port which is added as Allowed address pair to vm compute port
- ssh_source = self.get_remote_client(result['floatingip']
- ['floating_ip_address'],
- private_key=private_key_default_vm)
- cmd_out = ssh_source.exec_command("sudo ifconfig eth0:1")
- self.assertIn(ip_address_vm1, cmd_out)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('c0f0f446-65f5-40fa-8b05-b5798e8dd676')
- def test_allowed_adddress_pair_on_vms_with_single_ip(self):
- self.network_topo = self.create_network_topo()
- self._test_connectivity_between_allowed_adddress_pair_ports(
- self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('92bba9d2-c7d1-42f8-a8a2-63b1c842112d')
- def test_allowed_adddress_pair_ports_attach_as_interface_on_vms(self):
- self.network_topo = self.create_network_topo()
- self._test_allowed_adddress_pair_ports_attach_as_interface_on_vms(
- self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('ceb8a0db-8b5a-46de-a328-bf6093ea2102')
- def test_allowed_adddress_with_ip_mac_attach_as_interface_on_vms(self):
- self.network_topo = self.create_network_topo()
- self._test_allowed_adddress_with_ip_mac_attach_as_interface_on_vms(
- self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('735b9afb-2cb8-4e37-9603-2b918906a4df')
- def test_allowed_address_pair_on_vms_with_multiple_ips(self):
- self.network_topo = self.create_network_topo()
- self._test_allowed_address_pair_on_vms_with_multiple_ips(
- self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('4a0fb0e0-c801-4aed-94fe-6c57ff41c6f6')
- def test_vm_accessible_using_allowed_adddress_pair_port_fip(self):
- self.network_topo = self.create_network_topo()
- self._test_vm_accessible_using_allowed_adddress_pair_port_fip(
- self.network_topo)
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_client_cert_mgmt_ops.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_client_cert_mgmt_ops.py
deleted file mode 100644
index 12ffdbcbc8..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_client_cert_mgmt_ops.py
+++ /dev/null
@@ -1,354 +0,0 @@
-# Copyright 2017 VMware, Inc.
-# All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest import test
-
-from tempest.lib import decorators
-
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-
-from vmware_nsx_tempest.services import nsxv3_client
-from vmware_nsx_tempest.services.qos import base_qos
-from vmware_nsx_tempest.tests.scenario import manager
-
-authorizationField = ''
-CONF = config.CONF
-LOG = logging.getLogger(__name__)
-
-
-class TestCertificateMgmt(manager.NetworkScenarioTest):
-
- error_message = ("Principal 'admin' from group 'superusers' attempts\
- to delete or modify an object it doesn't own")
-
- @classmethod
- def skip_checks(cls):
- super(TestCertificateMgmt, cls).skip_checks()
- if not (CONF.network.project_networks_reachable
- or CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be true, or\
- public_network_id must be defined.')
- raise cls.skipException(msg)
- if not test.is_extension_enabled('qos', 'network'):
- msg = "q-qos extension not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- cls.set_network_resources()
- super(TestCertificateMgmt, cls).setup_credentials()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user, CONF.nsxv3.nsx_password)
-
- @classmethod
- def resource_setup(cls):
- """setup resources."""
- super(TestCertificateMgmt, cls).resource_setup()
- cls.admin_mgr = cls.get_client_manager('admin')
- cls.adm_qos_client = base_qos.BaseQosClient(cls.admin_mgr)
- cls.policies_created = []
-
- def _create_subnet(self, network, cidr, subnets_client=None, **kwargs):
- client = subnets_client or self.subnets_client
- body = client.create_subnet(
- name=data_utils.rand_name('subnet-default1'),
- network_id=network['id'], tenant_id=network['tenant_id'],
- cidr=cidr, ip_version=4, **kwargs)
- subnet = body.get('subnet', body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_subnet, subnet['id'])
- return subnet
-
- def _create_router(self, router_name=None, admin_state_up=True,
- external_network_id=None, enable_snat=None,
- **kwargs):
- ext_gw_info = {}
- if external_network_id:
- ext_gw_info['network_id'] = external_network_id
- if enable_snat is not None:
- ext_gw_info['enable_snat'] = enable_snat
- body = self.routers_client.create_router(
- name=router_name, external_gateway_info=ext_gw_info,
- admin_state_up=admin_state_up, **kwargs)
- router = body.get('router', body)
- self.addCleanup(self._delete_router, router)
- return router
-
- def _delete_router(self, router):
- body = self.ports_client.list_ports(device_id=router['id'])
- interfaces = body['ports']
- for i in interfaces:
- test_utils.call_and_ignore_notfound_exc(
- self.routers_client.remove_router_interface, router['id'],
- subnet_id=i['fixed_ips'][0]['subnet_id'])
- self.routers_client.delete_router(router['id'])
-
- @classmethod
- def create_qos_policy(cls, name='test-policy',
- description='test policy desc',
- shared=False,
- qos_client=None, **kwargs):
- """create qos policy."""
- qos_client = qos_client if qos_client else cls.adm_qos_client
- policy = qos_client.create_policy(
- name=name, description=description,
- shared=shared, **kwargs)
- cls.policies_created.append(policy)
- return policy
-
- def parse_response(self, response):
- """
- Parse response from NSX backend to check if NSX
- is unable to delete or modify openstack entities
- """
- msg = 'Error: NSX admin is able to modify/delete'
- self.assertIn(self.error_message,
- response.json()['error_message'], msg)
- LOG.info('NSX admin is unable to modify/delete the openstack object')
-
- def ca_topo(self):
- """
- Create a topology consisting of network attached to a router
- and a logical port attached to the network
- """
- self.network = self._create_network(namestart="net-ca")
- self.subnet = self._create_subnet(self.network,
- cidr=CONF.network.project_network_cidr)
- self.port = self._create_port(network_id=self.network['id'],
- namestart='ca')
- msg = 'Logical Port %s not found' % self.port['name']
- self.assertIsNotNone(self.nsx.get_logical_port(
- self.port['name']), msg)
- data = self.nsx.get_logical_port(self.port['name'])
- return data
-
-
-class TestCertificateMgmtOps(TestCertificateMgmt):
- openstack_tag = 'com.vmware.nsx.openstack'
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('6cb32a2b-048a-47a3-b0ed-f6337b81377f')
- def test_certificate_backend(self):
- """
- verify if NSX backend shows self-signed certificate
- """
- msg = 'Error: Openstack client certificate not registered with backend'
- self.assertIsNotNone(self.nsx.get_openstack_client_certificate(), msg)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('25bb1af7-6190-42d5-a590-4df9fb5592f0')
- def test_prevention_modification_openstack_network(self):
- """
- Create a network
- Verify if NSX shows network is created by openstack
- Verify if NSX admin is unable to modify this network
- """
- self.network = self._create_network()
- self.subnet = self._create_subnet(self.network,
- cidr=CONF.network.project_network_cidr)
- #check backend if the network was created
- msg = 'network %s not found' % self.network['name']
- self.assertIsNotNone(self.nsx.get_logical_switch(
- self.network['name'], self.network['id']), msg)
- data = self.nsx.get_logical_switch(self.network['name'],
- self.network['id'])
- """
- Check if backend shows openstack
- as the create user for the object
- """
- self.assertEqual(data['_create_user'], self.openstack_tag,
- 'Incorrect tag for the create user')
- #try to update network name as NSX admin
- data.update({"display_name": "nsx_modified_switch"})
- response = self.nsx.ca_put_request(component='logical-switches',
- comp_id=data['id'], body=data)
- self.parse_response(response)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('3e9a4d5b-5a14-44a5-bf9f-8999148b9329')
- def test_prevention_modification_openstack_router(self):
- """
- Create a router
- Verify if backend shows router is created by openstack
- Verify if NSX admin can not modify this router
- Verify if NSX admin can not delete this router
- """
- self.network = self._create_network()
- self.subnet = self._create_subnet(self.network,
- cidr=CONF.network.project_network_cidr)
- #create router and add an interface
- self.router = self._create_router(
- router_name=data_utils.rand_name('router-cert-mgmt'),
- external_network_id=CONF.network.public_network_id)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet['id'])
- #check backend if the router was created
- msg = 'router %s not found' % self.router['name']
- self.assertIsNotNone(self.nsx.get_logical_router(
- self.router['name'], self.router['id']), msg)
- data = self.nsx.get_logical_router(self.router['name'],
- self.router['id'])
- """
- Check if backend shows openstack
- as the create user for the object
- """
- self.assertEqual(data['_create_user'], self.openstack_tag,
- 'Incorrect tag for the create user')
- #Obtain any router port corresponding to the logical router
- rtr_ports = self.nsx.get_logical_router_ports(data)
- #try to update router name as NSX admin
- data.update({"display_name": "nsx_modified_router"})
- response = self.nsx.ca_put_request(component='logical-routers',
- comp_id=data['id'], body=data)
- self.parse_response(response)
- #try to delete logical router port as NSX admin
- if len(rtr_ports) != 0:
- response = self.nsx.ca_delete_request(
- component='logical-router-ports',
- comp_id=rtr_ports[0]['id'])
- self.parse_response(response)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('141af4cb-52f0-4764-b817-5b0529dbbc73')
- def test_prevention_modification_qos_policy(self):
- """
- Create a qos policy
- Verify if backend shows switching profile is created by openstack
- Verify if NSX admin can not modify the profile
- Verify if NSX admin can not delete the profile
- """
- policy = self.create_qos_policy(name='test-qos-policy-cert-mgmt',
- description='dscp_rule and bw_rule',
- shared=False)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.adm_qos_client.delete_policy, policy['id'])
- #obtain all switching profiles at the backend
- qos_policies = self.nsx.get_switching_profiles()
- nsx_policy = self.nsx.get_nsx_resource_by_name(qos_policies,
- policy['name'])
- #check backend if the qos policy was created
- msg = 'Qos policy %s not found' % policy['name']
- self.assertIsNotNone(self.nsx.get_switching_profile(
- nsx_policy['id']), msg)
- data = self.nsx.get_switching_profile(nsx_policy['id'])
- """
- Check if backend shows openstack
- as the create user for the object
- """
- self.assertEqual(data['_create_user'], self.openstack_tag,
- 'Incorrect tag for the create user')
- #try to update qos policy as NSX admin
- data.update({"display_name": "nsx_modified_qos-policy"})
- response = self.nsx.ca_put_request(component='switching-profiles',
- comp_id=data['id'], body=data)
- self.parse_response(response)
- #try to delete qos policy as NSX admin
- response = self.nsx.ca_delete_request(component='switching-profiles',
- comp_id=data['id'])
- self.parse_response(response)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('2b232060-dc42-4b2d-8185-64bd12e46e55')
- def test_prevention_modification_security_group(self):
- """
- Create a security group
- Verify if backend shows firewall is created by openstack
- Verify if NSX admin can not modify the firewall
- Verify if NSX admin can not delete the firewall
- """
- self.security_group = self._create_security_group()
- #check backend if the firewall section was created
- msg = 'Security group %s not found' % self.security_group['name']
- self.assertIsNotNone(self.nsx.get_firewall_section(
- self.security_group['name'], self.security_group['id']), msg)
- data = self.nsx.get_firewall_section(self.security_group['name'],
- self.security_group['id'])
- """
- Check if backend shows openstack
- as the create user for the object
- """
- self.assertEqual(data['_create_user'], self.openstack_tag,
- 'Incorrect tag for the create user')
- #obtain firewall rules related to the security group
- fw_rules = self.nsx.get_firewall_section_rules(data)
- #try to update security group as NSX admin
- data.update({"display_name": "nsx_modified_security_group"})
- response = self.nsx.ca_put_request(component='firewall/sections',
- comp_id=data['id'], body=data)
- self.parse_response(response)
- #try to delete logical firewall rule as NSX admin
- if len(fw_rules) != 0:
- component = 'firewall/sections/' + data['id'] + '/rules/'
- response = self.nsx.ca_delete_request(component=component,
- comp_id=fw_rules[0]['id'])
- self.parse_response(response)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('b10d5ede-d1c7-47a0-9d55-b9aabc8f0af1')
- def test_prevention_modification_port(self):
- """
- Create a port
- Verify if backend shows logical port is created by openstack
- Verify if NSX admin can not modify the port
- Verify if NSX admin can not delete the port
- Check if backend shows openstack
- as the create user for the object
- """
- data = self.ca_topo()
- self.assertEqual(data['_create_user'], self.openstack_tag,
- 'Incorrect tag for the create user')
- #try to update logical port as NSX admin
- data.update({"display_name": "nsx_modified_logical_port"})
- response = self.nsx.ca_put_request(component='logical-ports',
- comp_id=data['id'], body=data)
- self.parse_response(response)
- #try to delete logical port as NSX admin
- response = self.nsx.ca_delete_request(component='logical-ports',
- comp_id=data['id'])
- self.parse_response(response)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('280cdcc6-5bd0-472c-a8a9-954dd612a0a6')
- def test_port_modification_super_admin(self):
- """
- Verify if super admin can override openstack entity
- and delete openstack logical port
- """
- data = self.ca_topo()
- self.assertEqual(data['_create_user'], self.openstack_tag,
- 'Incorrect tag for the create user')
- #try to delete logical port as NSX admin
- endpoint = ("/%s/%s" % ('logical-ports',
- data['id']))
- response = self.nsx.delete_super_admin(endpoint=endpoint)
- self.assertEqual(response.status_code, 200,
- "Superadmin unable to delete the logical port")
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('a874d78b-eb7a-4df6-a01b-dc0a22422dc2')
- def test_cert_removed_post_unstack(self):
- """
- verify if backend unregisters the self-signed certificate
- post unstack
- """
- msg = ('Error: Openstack certificate is still registered with backend')
- self.assertIsNone(self.nsx.get_openstack_client_certificate(), msg)
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_l2_gateway.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_l2_gateway.py
deleted file mode 100644
index 9aa45fb6e0..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_l2_gateway.py
+++ /dev/null
@@ -1,205 +0,0 @@
-# Copyright 2015 OpenStack Foundation
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import netaddr
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.lib import feature_manager
-
-CONF = config.CONF
-
-LOG = constants.log.getLogger(__name__)
-
-
-class L2GatewayScenarioTest(feature_manager.FeatureManager):
- """
- Test l2 gateway connection operations.
- """
-
- @classmethod
- def skip_checks(cls):
- """
- Skip running test if we do not meet criteria to run the tests.
- """
- super(L2GatewayScenarioTest, cls).skip_checks()
- if not test.is_extension_enabled("l2-gateway", "network"):
- raise cls.skipException("l2-gateway extension not enabled.")
-
- @classmethod
- def resource_setup(cls):
- """
- Setting up the resources for the test.
- """
- super(L2GatewayScenarioTest, cls).resource_setup()
- # Create subnet on the network just created.
- cls.SUBNET_1_NETWORK_CIDR = CONF.l2gw.subnet_1_cidr
- # VLAN id used in setups
- cls.VLAN_1 = CONF.l2gw.vlan_1
- cls.VLAN_2 = CONF.l2gw.vlan_2
- # IPs of predeployed vms.
- cls.VM_ON_VDS_TZ1_VLAN16_IP = CONF.l2gw.vm_on_vds_tz1_vlan16_ip
- cls.VM1_ON_SWITCH_VLAN16 = CONF.l2gw.vm_on_switch_vlan16
- cls.VM1_ON_VDS_TZ2_VLAN16_IP = CONF.l2gw.vm_on_vds_tz2_vlan16_ip
- cls.VM1_ON_VDS_TZ2_VLAN17_IP = CONF.l2gw.vm_on_vds_tz2_vlan17_ip
- cls.SUBNET_1_MASK = cls.SUBNET_1_NETWORK_CIDR.split("/")[1]
- cls.CIDR = netaddr.IPNetwork(cls.SUBNET_1_NETWORK_CIDR)
-
- @classmethod
- def resource_cleanup(cls):
- """
- Clean all the resources used during the test.
- """
- super(L2GatewayScenarioTest, cls).resource_cleanup()
-
- def deploy_l2gateway_topology(self):
- router_l2gateway = self.create_topology_router("router_l2gateway")
- # L2gateway network with router
- network_l2gateway = self.create_topology_network("network_l2gateway")
- # cidr must be presented & in IPNetwork structure.
- self.CIDR = netaddr.IPNetwork(self.SUBNET_1_NETWORK_CIDR)
- self.create_topology_subnet(
- "subnet1_l2gateway", network_l2gateway, cidr=self.CIDR,
- router_id=router_l2gateway["id"],
- mask_bits=int(self.SUBNET_1_MASK))
- secgroup = self.create_topology_security_group()
- secgroups = [{'name': secgroup['name']}]
- self.create_topology_instance(
- "server1_l2gateway", [network_l2gateway],
- security_groups=secgroups)
- self.create_topology_instance(
- "server2_l2gateway", [network_l2gateway],
- security_groups=secgroups)
-
- def deploy_topology_and_create_l2gateway(self, vlan_id):
- self.deploy_l2gateway_topology()
- cluster_info = self.nsx_bridge_cluster_info()
- device_name, interface_name = cluster_info[0][0], cluster_info[0][1]
- l2gw_name = data_utils.rand_name(constants.L2GW)
- device_1 = {"dname": device_name, "iname": interface_name,
- "vlans": [vlan_id]}
- l2gw_param = [device_1]
- l2gw_rsp, _ = self.create_l2gw(l2gw_name, l2gw_param)
- l2gwc_param = {"l2_gateway_id": l2gw_rsp[constants.L2GW]["id"],
- "network_id":
- self.topology_networks["network_l2gateway"]["id"]}
- l2gwc_rsp = self.create_l2gw_connection(l2gwc_param)
- # Assert if create fails.
- self.assertEqual(constants.EXPECTED_HTTP_RESPONSE_201,
- l2gwc_rsp.response["status"],
- "Response code is not %(code)s" % {
- "code": constants.EXPECTED_HTTP_RESPONSE_201})
- self.assertEqual(l2gwc_param["l2_gateway_id"],
- l2gwc_rsp[constants.L2GWC]["l2_gateway_id"],
- "l2gw id is not same as expected in "
- "create l2gw connection response")
- self.assertEqual(l2gwc_param["network_id"],
- l2gwc_rsp[constants.L2GWC]["network_id"],
- "network id is not same as expected in "
- "create l2gw connection response")
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("b62a7452-f2c1-4f2b-9403-f121f5201516")
- def test_l2_gateway_ping_servers_on_overlays(self):
- """
- Create l2 gateway connection using one vlan. Vlan parameter is
- passed into L2GW create.
- """
- LOG.info("Testing test_l2_gateway_ping_servers_on_overlays")
- self.deploy_topology_and_create_l2gateway(self.VLAN_1)
- server1_floatingip = self.topology_servers["server1_l2gateway"][
- "floating_ip"]
- server1 = self.topology_servers["server1_l2gateway"]
- address_list = [server1_floatingip["fixed_ip_address"]]
- address_list.append(self.topology_servers["server2_l2gateway"][
- "floating_ip"]["fixed_ip_address"])
- self.check_server_internal_ips_using_floating_ip(
- server1_floatingip, server1, address_list)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("74e67d5f-0319-45e8-9731-d2c245c05beb")
- def test_l2_gateway_ping_servers_overlay_to_vds_with_same_tz(self):
- """
- Create l2 gateway connection using one vlan. Vlan parameter is
- passed into L2GW create. ping from server on OS ls to NSX ls
- """
- LOG.info("Testing test_l2_gateway_ping_servers_overlay_to_nsx_ls")
- self.deploy_topology_and_create_l2gateway(self.VLAN_1)
- server1_floatingip = self.topology_servers["server1_l2gateway"][
- "floating_ip"]
- server1 = self.topology_servers["server1_l2gateway"]
- address_list = [server1_floatingip["fixed_ip_address"]]
- address_list.append(self.VM_ON_VDS_TZ1_VLAN16_IP)
- self.check_server_internal_ips_using_floating_ip(
- server1_floatingip, server1, address_list)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("4e66584f-f61b-465d-952c-795a285d7c55")
- def test_l2_gateway_ping_servers_overlay_to_vds_with_diff_tz(self):
- """
- Create l2 gateway connection using one vlan. Vlan parameter is
- passed into L2GW create. ping from server on OS ls to NSX ls
- """
- LOG.info("Testing test_l2_gateway_ping_servers_overlay_to_nsx_ls")
- self.deploy_topology_and_create_l2gateway(self.VLAN_1)
- server1_floatingip = self.topology_servers["server1_l2gateway"][
- "floating_ip"]
- server1 = self.topology_servers["server1_l2gateway"]
- address_list = [server1_floatingip["fixed_ip_address"]]
- address_list.append(self.VM1_ON_VDS_TZ2_VLAN16_IP)
- self.check_server_internal_ips_using_floating_ip(
- server1_floatingip, server1, address_list)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("aef2a142-0b49-48a9-8881-f47897c09745")
- def test_l2_gateway_ping_servers_overlay_to_physical_vlan(self):
- """
- Create l2 gateway connection using one vlan. Vlan parameter is
- passed into L2GW create. ping from server on OS ls to NSX ls
- """
- LOG.info("Testing test_l2_gateway_ping_servers_overlay_to_nsx_ls")
- self.deploy_topology_and_create_l2gateway(self.VLAN_1)
- server1_floatingip = self.topology_servers["server1_l2gateway"][
- "floating_ip"]
- server1 = self.topology_servers["server1_l2gateway"]
- address_list = [server1_floatingip["fixed_ip_address"]]
- address_list.append(self.VM1_ON_SWITCH_VLAN16)
- self.check_server_internal_ips_using_floating_ip(
- server1_floatingip, server1, address_list)
-
- @decorators.attr(type="nsxv3")
- @decorators.idempotent_id("00036e1d-69e0-4faf-a62f-602600bc5631")
- def test_l2_gateway_reconfig_ping_servers_overlay_to_vds_with_diff_tz(
- self):
- """
- Create l2 gateway connection using one vlan. Vlan parameter is
- passed into L2GW create. ping from server on OS ls to NSX ls
- """
- LOG.info(
- "Testing test_l2_gateway_reconfig_ping_servers_overlay_to_vds_"
- "with_diff_tz")
- self.deploy_topology_and_create_l2gateway(self.VLAN_2)
- server1_floatingip = self.topology_servers["server1_l2gateway"][
- "floating_ip"]
- server1 = self.topology_servers["server1_l2gateway"]
- address_list = [server1_floatingip["fixed_ip_address"]]
- address_list.append(self.VM1_ON_VDS_TZ2_VLAN17_IP)
- self.check_server_internal_ips_using_floating_ip(
- server1_floatingip, server1, address_list)
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_mdproxy.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_mdproxy.py
deleted file mode 100644
index deb6b0be2b..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_mdproxy.py
+++ /dev/null
@@ -1,340 +0,0 @@
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest import exceptions
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import nsxv3_client
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class TestMDProxy(manager.NetworkScenarioTest):
- """Test MDProxy.
-
- Adding test cases to test MDProxy in different scenarios such as
- testing it over multiple created networks, verify MDProxy realization
- with nsxv3 backend, test MDProxy with isolated network and so on.
- """
-
- def setUp(self):
- super(TestMDProxy, self).setUp()
- self.image_ref = CONF.compute.image_ref
- self.flavor_ref = CONF.compute.flavor_ref
- self.run_ssh = CONF.validation.run_validation
- self.ssh_user = CONF.validation.image_ssh_user
- self.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- @classmethod
- def skip_checks(cls):
- """Class level skip checks.
-
- Class level check. Skip all teh MDproxy tests, if native_dhcp_metadata
- is not True under nsxv3 section of the config
- """
- if not CONF.nsxv3.native_dhcp_metadata:
- msg = " native_dhcp_metadata is not enabled under nsxv3 config" \
- ", skipping all the MDProxy tests!!!"
- raise cls.skipException(msg)
-
- def verify_ssh(self, keypair, instance, port_id=None):
- created_floating_ip = self.create_floating_ip(instance,
- port_id=port_id)
- self.fip = str(created_floating_ip["floating_ip_address"])
- self.assertIsNotNone(self.fip)
- # Check ssh
- self.ssh_client = self.get_remote_client(
- ip_address=self.fip, username=self.ssh_user,
- private_key=keypair["private_key"])
-
- def _delete_router(self, router):
- body = self.ports_client.list_ports(device_id=router["id"])
- interfaces = body["ports"]
- for interface in interfaces:
- test_utils.call_and_ignore_notfound_exc(
- self.routers_client.remove_router_interface, router["id"],
- subnet_id=interface["fixed_ips"][0]["subnet_id"])
- self.routers_client.delete_router(router["id"])
-
- def _create_router(self, router_name=None, admin_state_up=True,
- external_network_id=None, enable_snat=None, **kwargs):
- ext_gw_info = {}
- if external_network_id:
- ext_gw_info["network_id"] = external_network_id
- if enable_snat is not None:
- ext_gw_info["enable_snat"] = enable_snat
- body = self.routers_client.create_router(
- name=router_name, external_gateway_info=ext_gw_info,
- admin_state_up=admin_state_up, **kwargs)
- router = body["router"]
- self.addCleanup(self._delete_router, router)
- return router
-
- def _create_net_subnet_router_interface(self, router=None):
- network = self._create_network(namestart="network-mdproxy")
- subnet = self._create_subnet(network)
- if router:
- self.routers_client.add_router_interface(
- router["id"], subnet_id=subnet["id"])
- self.addCleanup(self.routers_client.remove_router_interface,
- router["id"], subnet_id=subnet["id"])
- return network["id"], subnet["id"]
-
- def _create_server_on_networks(self, networks):
- security_group = self._create_security_group()
- name = data_utils.rand_name("server-mdproxy")
- keypair = self.create_keypair()
- security_groups = [{"name": security_group["name"]}]
- instance = self.create_server(
- image_id=self.image_ref,
- flavor=self.flavor_ref,
- config_drive=CONF.compute_feature_enabled.config_drive, name=name,
- networks=networks, key_name=keypair["name"],
- security_groups=security_groups, wait_until="ACTIVE")
- self.addCleanup(self.servers_client.delete_server, instance["id"])
- return instance, keypair
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def _get_port_id(self, network_id, subnet_id, instance):
- instance_addrs = instance["addresses"].items()
- instance_fixed_ips = []
- for addr in instance_addrs:
- instance_fixed_ips.append(addr[1][0]["addr"])
- for port in self._list_ports(device_id=instance['id']):
- port_fixed_ip = port["fixed_ips"][0]["ip_address"]
- if port["network_id"] == network_id and port["fixed_ips"][0][
- "subnet_id"] == subnet_id and "compute:" in port[
- "device_owner"] and port_fixed_ip in instance_fixed_ips:
- port_id = port["id"]
- self.assertIsNotNone(port_id, "Failed to find Instance's port id!!!")
- return port_id
-
- def _verify_md(self, md_url, expected_value="", check_exist_only=False,
- sub_result=None):
- def exec_cmd_and_verify_output():
- cmd = "curl " + md_url
- exec_cmd_retried = 0
- import time
- while exec_cmd_retried < \
- constants.MAX_NO_OF_TIMES_EXECUTION_OVER_SSH:
- result = self.ssh_client.exec_command(cmd)
- self.assertIsNotNone(result)
- if not result == "":
- break
- exec_cmd_retried += 1
- time.sleep(constants.INTERVAL_BETWEEN_EXEC_RETRY_ON_SSH)
- LOG.info("Tried %s times!!!", exec_cmd_retried)
- if check_exist_only:
- return "Verification is successful!"
- msg = ("Failed while verifying metadata on server. Result "
- "of command %r is NOT %r." % (cmd, expected_value))
- if sub_result:
- msg2 = ("Failed to verify incorrect passowrd on metadata"
- "server. Result %r is NOT in %r." % (
- sub_result, result))
- self.assertIn(sub_result, result, msg2)
- return "Verification is successful!"
- self.assertEqual(expected_value, result, msg)
- return "Verification is successful!"
-
- if not test_utils.call_until_true(exec_cmd_and_verify_output,
- CONF.compute.build_timeout,
- CONF.compute.build_interval):
- raise exceptions.TimeoutException("Timed out while waiting to "
- "verify metadata on server. "
- "%s is empty." % md_url)
-
- def verify_metadata_in_detail(self, instance):
- # Check floating IPv4 in Metadata.
- md_url_pubic_ipv4 = constants.MD_BASE_URL + \
- "latest/meta-data/public-ipv4"
- self._verify_md(md_url=md_url_pubic_ipv4, expected_value=self.fip)
- # Check hostname in Metadata.
- md_url_hostname = constants.MD_BASE_URL + "latest/meta-data/hostname"
- self._verify_md(md_url=md_url_hostname,
- expected_value=instance["name"] + ".novalocal")
- # Check local IPv4 in Metadata.
- md_url_local_ipv4 = constants.MD_BASE_URL + \
- "latest/meta-data/local-ipv4"
- self._verify_md(md_url=md_url_local_ipv4, check_exist_only=True)
- # Check hostname in Metadata of 2009-04-04 folder.
- md_url_hostname = constants.MD_BASE_URL + \
- "2009-04-04/meta-data/hostname"
- self._verify_md(md_url=md_url_hostname,
- expected_value=instance["name"] + ".novalocal")
- # Check hostname in Metadata of 1.0 folder.
- md_url_hostname = constants.MD_BASE_URL + "1.0/meta-data/hostname"
- self._verify_md(md_url=md_url_hostname,
- expected_value=instance["name"] + ".novalocal")
-
- def verify_md_proxy_logical_ports_on_backend(self):
- md_counter = 0
- logical_ports = self.nsx.get_os_logical_ports()
- for port_index in range(len(logical_ports)):
- if logical_ports[port_index]["attachment"][
- "attachment_type"] == "METADATA_PROXY":
- md_counter += 1
- msg = "Admin state of MDProxy logical port is DOWN!!!"
- msg2 = "LS name does not start with mdproxy!!!"
- msg3 = "MDproxy logical port does not have any auto tag!!!"
- self.assertEqual(
- "UP", logical_ports[port_index]["admin_state"], msg)
- self.assertIn("mdproxy-",
- logical_ports[port_index]["display_name"], msg2)
- self.assertNotEqual(0, len(logical_ports[port_index]["tags"]),
- msg3)
- self.assertNotEqual(0, md_counter, "No logical port found for MD "
- "proxy!!!")
-
- @decorators.idempotent_id("e9a93161-d852-414d-aa55-36d465ea45df")
- @test.services("compute", "network")
- def test_mdproxy_ping(self):
- router = self._create_router(
- router_name=data_utils.rand_name("router-MDProxy"),
- external_network_id=CONF.network.public_network_id)
- (network_id, subnet_id) = self._create_net_subnet_router_interface(
- router)
- networks_ids = {"uuid": network_id}
- instance, keypair = self._create_server_on_networks([networks_ids])
- port_id = self._get_port_id(network_id, subnet_id, instance)
- self.verify_ssh(keypair=keypair, instance=instance, port_id=port_id)
- md_url_pubic_ipv4 = constants.MD_BASE_URL + \
- "latest/meta-data/public-ipv4"
- self._verify_md(md_url=md_url_pubic_ipv4, expected_value=self.fip)
-
- @decorators.idempotent_id("743f34a6-58b8-4288-a07f-7bee21c55051")
- @test.services("compute", "network")
- def test_mdproxy_verify_backend(self):
- router = self._create_router(
- router_name=data_utils.rand_name("router-MDProxy"),
- external_network_id=CONF.network.public_network_id)
- (network_id, subnet_id) = self._create_net_subnet_router_interface(
- router)
- networks_ids = {"uuid": network_id}
- instance, keypair = self._create_server_on_networks([networks_ids])
- port_id = self._get_port_id(network_id, subnet_id, instance)
- self.verify_ssh(keypair=keypair, instance=instance, port_id=port_id)
- self.verify_metadata_in_detail(instance=instance)
- self.verify_md_proxy_logical_ports_on_backend()
-
- @decorators.idempotent_id("fce2acc8-b850-40fe-bf02-958dd3cd4343")
- @test.services("compute", "network")
- def test_mdproxy_with_server_on_two_ls(self):
- router = self._create_router(
- router_name=data_utils.rand_name("router-MDProxy"),
- external_network_id=CONF.network.public_network_id)
- (network_id1, subnet_id1) = self._create_net_subnet_router_interface(
- router)
- (network_id2, subnet_id2) = self._create_net_subnet_router_interface(
- router)
- net1 = {"uuid": network_id1}
- net2 = {"uuid": network_id2}
- instance, keypair = self._create_server_on_networks([net1, net2])
- port_id = self._get_port_id(network_id1, subnet_id1, instance)
- self.verify_ssh(keypair=keypair, instance=instance, port_id=port_id)
- self.verify_metadata_in_detail(instance=instance)
-
- @decorators.idempotent_id("67332752-1295-42cb-a8c3-99210fb6b00b")
- @test.services("compute", "network")
- def test_mdproxy_isolated_network(self):
- (network_id, _) = self._create_net_subnet_router_interface()
- networks_ids = {"uuid": network_id}
- self._create_server_on_networks([networks_ids])
- self.verify_md_proxy_logical_ports_on_backend()
-
- @decorators.idempotent_id("cc8d2ab8-0bea-4e32-bf80-c9c46a7612b7")
- @decorators.attr(type=["negative"])
- @test.services("compute", "network")
- def test_mdproxy_delete_when_ls_bounded(self):
- (network_id, _) = self._create_net_subnet_router_interface()
- networks_ids = {"uuid": network_id}
- self._create_server_on_networks([networks_ids])
- md_proxy_uuid = self.nsx.get_md_proxies()[0]["id"]
- result = self.nsx.delete_md_proxy(md_proxy_uuid)
- self.assertEqual(str(result["error_code"]),
- constants.MD_ERROR_CODE_WHEN_LS_BOUNDED)
-
- @decorators.idempotent_id("501fc3ea-696b-4e9e-b383-293ab94e2545")
- @test.services("compute", "network")
- def test_mdproxy_with_multiple_ports_on_network(self):
- router = self._create_router(
- router_name=data_utils.rand_name("router-MDProxy"),
- external_network_id=CONF.network.public_network_id)
- (network_id, subnet_id) = self._create_net_subnet_router_interface(
- router)
- networks_ids = {"uuid": network_id}
- instance, keypair = self._create_server_on_networks([networks_ids])
- instance2, keypair2 = self._create_server_on_networks([networks_ids])
- port_id = self._get_port_id(network_id, subnet_id, instance)
- # Verify 1st instance.
- self.verify_ssh(keypair=keypair, instance=instance, port_id=port_id)
- self.verify_metadata_in_detail(instance=instance)
- # Verify 2nd instance.
- port_id2 = self._get_port_id(network_id, subnet_id, instance2)
- self.verify_ssh(keypair=keypair2, instance=instance2, port_id=port_id2)
- self.verify_metadata_in_detail(instance=instance2)
-
- @decorators.idempotent_id("eae21afc-50ea-42e5-9c49-2ee38cee9f06")
- @test.services("compute", "network")
- def test_mdproxy_with_multiple_metadata_ports(self):
- router = self._create_router(
- router_name=data_utils.rand_name("router-MDProxy"),
- external_network_id=CONF.network.public_network_id)
- (network_id1, subnet_id1) = self._create_net_subnet_router_interface(
- router)
- (network_id2, subnet_id2) = self._create_net_subnet_router_interface(
- router)
- net1 = {"uuid": network_id1}
- net2 = {"uuid": network_id2}
- instance, keypair = self._create_server_on_networks([net1])
- instance2, keypair2 = self._create_server_on_networks([net2])
- port_id1 = self._get_port_id(network_id1, subnet_id1, instance)
- port_id2 = self._get_port_id(network_id2, subnet_id2, instance2)
- self.verify_ssh(keypair=keypair, instance=instance, port_id=port_id1)
- self.verify_metadata_in_detail(instance=instance)
- self.verify_ssh(keypair=keypair2, instance=instance2, port_id=port_id2)
- self.verify_metadata_in_detail(instance=instance2)
-
- @decorators.idempotent_id("29d44d7c-6ea1-4b30-a6c3-a2695c2486fe")
- @decorators.attr(type=["negative"])
- @test.services("compute", "network")
- def test_mdproxy_with_incorrect_password(self):
- router = self._create_router(
- router_name=data_utils.rand_name("router-MDProxy"),
- external_network_id=CONF.network.public_network_id)
- (network_id, subnet_id) = self._create_net_subnet_router_interface(
- router)
- networks_ids = {"uuid": network_id}
- instance, keypair = self._create_server_on_networks([networks_ids])
- port_id = self._get_port_id(network_id, subnet_id, instance)
- self.verify_ssh(keypair=keypair, instance=instance, port_id=port_id)
- md_url = constants.MD_BASE_URL + "latest/meta-data/public-ipv4"
- self._verify_md(md_url, sub_result="403 Forbidden")
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_multi_hv_network_ops.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_multi_hv_network_ops.py
deleted file mode 100644
index 21ca1c089c..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_multi_hv_network_ops.py
+++ /dev/null
@@ -1,173 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-import collections
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-Floating_IP_tuple = collections.namedtuple('Floating_IP_tuple',
- ['floating_ip', 'server'])
-
-
-class TestMultiHVNetworkOps(manager.NetworkScenarioTest):
-
- """Test suite for multi-hypervisor network operations
-
- Assume the NSX backend already configured both ESX and KVM hypervisors.
- Also, in tempest conf there should be two image configured, one for
- ESX hypervisor and the other one is for KVM hypervisor.
-
- These test cases test the following steps
- - Create a class level network topology which contains router, network
- and external network. Router sets gateway on external network and add
- interface of the network.
- - Create floating ip and loginable security group.
- - Boot two VMs on this network. One uses ESX image and the other one uses
- KVM image type.
- - Test external and internal connectivity of the VMs.
-
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestMultiHVNetworkOps, cls).skip_checks()
- if not (CONF.network.project_networks_reachable
- or CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
- for ext in ['router', 'security-group']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- cls.set_network_resources()
- super(TestMultiHVNetworkOps, cls).setup_credentials()
-
- def setUp(self):
- super(TestMultiHVNetworkOps, self).setUp()
- self.keypairs = {}
- self.servers = []
- self.esx_image = CONF.compute.image_ref
- self.kvm_image = CONF.compute.image_ref_alt
- self.config_drive = CONF.compute_feature_enabled.config_drive
-
- def _setup_l2_topo(self, **kwargs):
- self.security_group = self._create_security_group()
- self.network, self.subnet, self.router = self.create_networks(**kwargs)
- esx_server_name = data_utils.rand_name('server-esx')
- kvm_server_name = data_utils.rand_name('server-kvm')
- # Create a VM on ESX hypervisor
- esx_server = self._create_server(esx_server_name, self.network,
- image_id=self.esx_image)
- # Create a VM on KVM hypervisor
- self._create_server(kvm_server_name, self.network,
- image_id=self.kvm_image)
- floating_ip = self.create_floating_ip(esx_server)
- self.floating_ip_tuple = Floating_IP_tuple(floating_ip, esx_server)
-
- def _create_server(self, name, network, image_id=None):
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- security_groups = [{'name': self.security_group['name']}]
- network = {'uuid': network['id']}
- server = self.create_server(name=name, networks=[network],
- key_name=keypair['name'],
- config_drive=self.config_drive,
- security_groups=security_groups,
- image_id=image_id,
- wait_until='ACTIVE')
- self.servers.append(server)
- return server
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def _check_network_internal_connectivity(self, network,
- should_connect=True):
- floating_ip, server = self.floating_ip_tuple
- # test internal connectivity to the network ports on the network
- network_ips = (p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=server['tenant_id'],
- network_id=network['id'])
- if p['device_owner'].startswith('network'))
- self._check_server_connectivity(floating_ip,
- network_ips,
- should_connect)
-
- def _check_network_vm_connectivity(self, network,
- should_connect=True):
- floating_ip, server = self.floating_ip_tuple
- # test internal connectivity to the other VM on the same network
- compute_ips = (p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=server['tenant_id'],
- network_id=network['id'])
- if p['device_owner'].startswith('compute'))
- self._check_server_connectivity(floating_ip,
- compute_ips,
- should_connect)
-
- def _check_server_connectivity(self, floating_ip, address_list,
- should_connect=True):
- ip_address = floating_ip['floating_ip_address']
- private_key = self._get_server_key(self.floating_ip_tuple.server)
- ssh_source = self.get_remote_client(ip_address,
- private_key=private_key)
- for remote_ip in address_list:
- if should_connect:
- msg = ("Timed out waiting for %s to become "
- "reachable") % remote_ip
- else:
- msg = "ip address %s is reachable" % remote_ip
- try:
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, remote_ip, should_connect),
- msg)
- except Exception:
- LOG.exception("Unable to access %{dest}s via ssh to "
- "floating-ip %{src}s",
- {'dest': remote_ip, 'src': floating_ip})
- raise
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('42373fef-cb05-47c9-bb67-32b7a3b48168')
- def test_multi_hv_network_l2_ops(self):
- """Test connectivity between ESX VM and KVM VM on same network
-
- Boot VM on the same network with both ESX and KVM images and test
- L2 network connectivity if they are on the same L2 network.
-
- """
- self._setup_l2_topo()
- self._check_network_internal_connectivity(network=self.network)
- self._check_network_vm_connectivity(network=self.network)
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_multiple_networks_ops.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_multiple_networks_ops.py
deleted file mode 100644
index b19cfe85d3..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_multiple_networks_ops.py
+++ /dev/null
@@ -1,214 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import collections
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-Floating_IP_tuple = collections.namedtuple('Floating_IP_tuple',
- ['floating_ip', 'server'])
-
-
-class TestMultiNetworksOps(manager.NetworkScenarioTest):
-
- """Test multiple networks scenario
-
- This scenario test is to test a topology consisting of multiple networks.
- The networks are connected through a router. Boot multiple VMs on each
- network and test traffic between the VMs.
-
- Test steps:
- - Create a class level network topology which contains router, networks
- and external network. Router sets gateway on external network and add
- interface of the networks.
- - Create floating ip and loginable security group.
- - Boot two VMs on each network. Assign floating ips to VMs.
- - Test external and internal connectivity of the VMs.
-
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestMultiNetworksOps, cls).skip_checks()
- if not (CONF.network.project_networks_reachable or
- CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
- for ext in ['router', 'security-group']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- cls.set_network_resources()
- super(TestMultiNetworksOps, cls).setup_credentials()
-
- def setUp(self):
- super(TestMultiNetworksOps, self).setUp()
- self.keypairs = {}
- self.servers = []
- self.config_drive = CONF.compute_feature_enabled.config_drive
-
- def _setup_networks_and_servers(self, **kwargs):
- boot_with_port = kwargs.pop('boot_with_port', False)
- self.security_group = self._create_security_group()
- self.network = self._create_network()
- self.subnet = self._create_subnet(self.network)
- self.router = self._create_router(
- router_name=data_utils.rand_name('router-smoke'),
- external_network_id=CONF.network.public_network_id)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet['id'])
- self.network2 = self._create_network()
- self.subnet2 = self._create_subnet(self.network2)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet2['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet2['id'])
-
- self.ports = []
- self.port_id = None
- if boot_with_port:
- # create a port on the network and boot with that
- self.port_id = self._create_port(self.network['id'])['id']
- self.ports.append({'port': self.port_id})
-
- name = data_utils.rand_name('server-smoke')
- # Create two servers on network 1 and one server on network 2
- net1_server1 = self._create_server(name, self.network, self.port_id)
- self._create_server(name, self.network)
- self._create_server(name, self.network2)
-
- floating_ip = self.create_floating_ip(net1_server1)
- self.floating_ip_tuple = Floating_IP_tuple(floating_ip, net1_server1)
-
- def _delete_router(self, router):
- body = self.ports_client.list_ports(device_id=router['id'])
- interfaces = body['ports']
- for i in interfaces:
- test_utils.call_and_ignore_notfound_exc(
- self.routers_client.remove_router_interface, router['id'],
- subnet_id=i['fixed_ips'][0]['subnet_id'])
- self.routers_client.delete_router(router['id'])
-
- def _create_router(self, router_name=None, admin_state_up=True,
- external_network_id=None, enable_snat=None,
- **kwargs):
- ext_gw_info = {}
- if external_network_id:
- ext_gw_info['network_id'] = external_network_id
- if enable_snat is not None:
- ext_gw_info['enable_snat'] = enable_snat
- body = self.routers_client.create_router(
- name=router_name, external_gateway_info=ext_gw_info,
- admin_state_up=admin_state_up, **kwargs)
- router = body['router']
- self.addCleanup(self._delete_router, router)
- return router
-
- def _create_server(self, name, network, port_id=None, image_id=None):
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- security_groups = [{'name': self.security_group['name']}]
- network = {'uuid': network['id']}
- if port_id is not None:
- network['port'] = port_id
- server = self.create_server(name=name, networks=[network],
- key_name=keypair['name'],
- config_drive=self.config_drive,
- security_groups=security_groups,
- image_id=image_id,
- wait_until='ACTIVE')
- self.servers.append(server)
- return server
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def _check_network_connectivity(self, network, should_connect=True):
- floating_ip, server = self.floating_ip_tuple
- # test connectivity on the network
- network_ips = (p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=server['tenant_id'],
- network_id=network['id'])
- if (p['device_owner'].startswith('network') or
- p['device_owner'].startswith('compute')))
- self._check_server_connectivity(floating_ip,
- network_ips,
- should_connect)
-
- def _check_same_network_connectivity(self):
- self._check_network_connectivity(self.network)
-
- def _check_cross_network_connectivity(self, should_connect=True):
- # Check east-west connectivity between different networks
- self._check_network_connectivity(self.network2)
-
- def _check_server_connectivity(self, floating_ip, address_list,
- should_connect=True):
- ip_address = floating_ip['floating_ip_address']
- private_key = self._get_server_key(self.floating_ip_tuple.server)
- ssh_source = self.get_remote_client(ip_address,
- private_key=private_key)
- for remote_ip in address_list:
- if should_connect:
- msg = ("Timed out waiting for %s to become "
- "reachable") % remote_ip
- else:
- msg = "ip address %s is reachable" % remote_ip
- try:
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, remote_ip, should_connect),
- msg)
- except Exception:
- LOG.exception("Unable to access %{dest}s via ssh to "
- "floating-ip %{src}s",
- {'dest': remote_ip, 'src': floating_ip})
- raise
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('d35d1301-bfa4-49ea-acdf-f67ba97b1937')
- def test_multi_networks_ops(self):
- """Test connectivity between VMs on same and cross network
-
- Boot VMs on the same network and different networks and test
- L2 network connectivity on same network and cross networks.
-
- """
- self._setup_networks_and_servers()
- self._check_same_network_connectivity()
- self._check_cross_network_connectivity()
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_nsx_port_security.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_nsx_port_security.py
deleted file mode 100644
index 35db2ff15e..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_nsx_port_security.py
+++ /dev/null
@@ -1,511 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import time
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-
-from vmware_nsx_tempest.common import constants
-from vmware_nsx_tempest.services import nsxv3_client
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class TestNSXv3PortSecurityScenario(manager.NetworkScenarioTest):
-
- """Test Port Security Scenario
-
- Test the following Port security scenarios
- - Create server with enable/disable port security and check at
- backend under NSGroup
- - Create servers on same network and check connectivity between
- then after enable/disable port security
- - Create server and update port with port security check xonnectivity
- and at backend under NSGroup
- - Create servers under different network connected via router and
- check connectivity after enable/disable port security
- - Check vm with port security disbaled can not ping which is having
- port security enabled
- - Check vm with port security enabled can ping any either dest vm
- has port security enabled or disabled.
- """
-
- @classmethod
- def setup_credentials(cls):
- cls.set_network_resources()
- super(TestNSXv3PortSecurityScenario, cls).setup_credentials()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- def setUp(self):
- super(TestNSXv3PortSecurityScenario, self).setUp()
- self.cmgr_pri = self.get_client_manager('primary')
- self.cmgr_alt = self.get_client_manager('alt')
- self.cmgr_adm = self.get_client_manager('admin')
- self.keypairs = {}
- self.servers = []
- self.config_drive = CONF.compute_feature_enabled.config_drive
-
- def _delete_router(self, router):
- body = self.ports_client.list_ports(device_id=router['id'])
- interfaces = body['ports']
- for i in interfaces:
- test_utils.call_and_ignore_notfound_exc(
- self.routers_client.remove_router_interface, router['id'],
- subnet_id=i['fixed_ips'][0]['subnet_id'])
- self.routers_client.delete_router(router['id'])
-
- def create_security_group(self, sg_client, sg_name=None, desc=None,
- tenant_id=None):
- name = sg_name or data_utils.rand_name('security-group')
- desc = desc or "OS security-group %s" % name
- sg_dict = dict(name=name, description=desc)
- if tenant_id:
- sg_dict['tenant_id'] = tenant_id
- sg = sg_client.create_security_group(**sg_dict)
- sg = sg.get('security_group', sg)
- return sg
-
- def _create_router(self, router_name=None, admin_state_up=True,
- external_network_id=None, enable_snat=None,
- **kwargs):
- ext_gw_info = {}
- if external_network_id:
- ext_gw_info['network_id'] = external_network_id
- if enable_snat is not None:
- ext_gw_info['enable_snat'] = enable_snat
- body = self.routers_client.create_router(
- name=router_name, external_gateway_info=ext_gw_info,
- admin_state_up=admin_state_up, **kwargs)
- router = body.get('router', body)
- self.addCleanup(self._delete_router, router)
- return router
-
- def _create_subnet(self, network, cidr, subnets_client=None, **kwargs):
- client = subnets_client or self.subnets_client
- body = client.create_subnet(
- name=data_utils.rand_name('subnet-port-sec'),
- network_id=network['id'], tenant_id=network['tenant_id'],
- cidr=cidr, ip_version=4, **kwargs)
- subnet = body.get('subnet', body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_subnet, subnet['id'])
- return subnet
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def get_port_id(self, network_id, subnet_id, instance):
- _, instance_addr = instance["addresses"].items()[0]
- instance_fixed_ip = instance_addr[0]["addr"]
- for port in self._list_ports():
- port_fixed_ip = port["fixed_ips"][0]["ip_address"]
- if port["network_id"] == network_id and port["fixed_ips"][0][
- "subnet_id"] == subnet_id and instance["id"] == port[
- "device_id"] and port_fixed_ip == instance_fixed_ip:
- port_id = port["id"]
- self.assertIsNotNone(port_id, "Failed to find Instance's port id!!!")
- return port_id
-
- def _create_server(self, name, network, port_id=None, image_id=None):
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- security_groups = [{'name': self.security_group['name']}]
- network = {'uuid': network['id']}
- if port_id is not None:
- network['port'] = port_id
- server = self.create_server(name=name, networks=[network],
- key_name=keypair['name'],
- config_drive=self.config_drive,
- security_groups=security_groups,
- image_id=image_id,
- wait_until='ACTIVE')
- self.servers.append(server)
- return server
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _get_server_ip(self, server):
- addresses = server['addresses'][self.network['name']]
- for address in addresses:
- if address['version'] == CONF.validation.ip_version_for_ssh:
- return address['addr']
-
- def setup_sec_group(self, tenant_id):
- self.security_group = \
- self.create_security_group(self.cmgr_adm.security_groups_client,
- tenant_id=tenant_id)
- rulesets = [
- dict(
- direction='ingress',
- protocol='tcp',
- port_range_min=22,
- port_range_max=22,
- remote_ip_prefix=CONF.network.public_network_cidr
- ),
- dict(
- direction='ingress',
- protocol='icmp',
- remote_ip_prefix=CONF.network.public_network_cidr
- ),
- dict(
- direction='ingress',
- protocol='icmp',
- remote_group_id=self.security_group['id']
- )
- ]
- for ruleset in rulesets:
- self._create_security_group_rule(secgroup=self.security_group,
- tenant_id=tenant_id, **ruleset)
-
- def create_network_topo(self):
- self.network = self._create_network()
- tenant_id = self.network['tenant_id']
- self.setup_sec_group(tenant_id)
- self.subnet = self._create_subnet(self.network,
- cidr='10.168.1.0/24')
- self.router = self._create_router(
- router_name=data_utils.rand_name('router-port-sec'),
- external_network_id=CONF.network.public_network_id)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet['id'])
- networks = dict(security_group=self.security_group,
- network=self.network,
- subnet=self.subnet, router=self.router)
- return networks
-
- def create_multi_network_topo(self):
- self.network = self._create_network(namestart="net-port-sec")
- tenant_id = self.network['tenant_id']
- self.setup_sec_group(tenant_id)
- self.subnet = self._create_subnet(self.network,
- cidr='10.168.1.0/24')
- self.router = self._create_router(
- router_name=data_utils.rand_name('router-port-sec'),
- external_network_id=CONF.network.public_network_id)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet['id'])
- self.network_2 = self._create_network()
- self.subnet_2 = self._create_subnet(self.network_2,
- cidr='10.168.2.0/24')
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet_2['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet_2['id'])
- networks_topo = dict(security_group=self.security_group,
- network=self.network,
- subnet=self.subnet, router=self.router,
- network2=self.network_2, subnet2=self.subnet_2)
- return networks_topo
-
- def _check_server_connectivity(self, floating_ip,
- remote_ip, private_key,
- should_connect=True):
- ssh_source = self.get_remote_client(floating_ip,
- private_key=private_key)
- msg = "ip address %s is reachable" % remote_ip
- try:
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, remote_ip, should_connect),
- msg)
- except Exception:
- LOG.exception("Unable to access {dest} via ssh to "
- "floating-ip {src}".format(dest=remote_ip,
- src=floating_ip))
- raise
-
- def _test_create_server_with_port_security_and_check_backend(self,
- network_topo):
- status = []
- server_name_1 = data_utils.rand_name('server-default-sec-group')
- network = network_topo['network']
- body = {"network_id": network_topo['network']['id'],
- "admin_state_up": "true",
- "port_security_enabled": "false", "security_groups": []}
- port_client = self.ports_client
- port_id = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- self._create_server(server_name_1,
- network,
- port_id['port']['id'])
- kwargs = {"port_security_enabled": "false", "security_groups": []}
- port_client.update_port(port_id['port']['id'], **kwargs)
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- instance = "instance-port_%s" % port_id['port']['id'][0:4]
- for nsxgroup in nsxgroup_data['results']:
- if instance in nsxgroup['target_display_name']:
- break
- status.append('True')
- kwargs = {"port_security_enabled": "true"}
- port_client.update_port(port_id['port']['id'], **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- for nsxgroup in nsxgroup_data['results']:
- if instance in nsxgroup['target_display_name']:
- status.append('True')
- return status
- else:
- continue
- status.append('False')
- return status
-
- def _test_create_servers_with_port_security_and_check_traffic(
- self, network_topo):
- server_name_1 = data_utils.rand_name('server-default-sec-group')
- network = network_topo['network']
- body = {"network_id": network_topo['network']['id'],
- "admin_state_up": "true",
- "port_security_enabled": "false", "security_groups": []}
- port_client = self.ports_client
- port_id = port_client.create_port(**body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- port_client.delete_port,
- port_id['port']['id'])
- server_default_1 = self._create_server(server_name_1,
- network)
- server_default_2 = self._create_server(server_name_1,
- network,
- port_id['port']['id'])
- floating_ip_server_1 = self.create_floating_ip(server_default_1)
- floating_ip_server_2 = self.create_floating_ip(server_default_2)
- private_ip_address_server_2 = floating_ip_server_2['fixed_ip_address']
- public_ip_address_server_1 = \
- floating_ip_server_1['floating_ip_address']
- private_key_server_1 = \
- self._get_server_key(server_default_1)
- self._check_server_connectivity(public_ip_address_server_1,
- private_ip_address_server_2,
- private_key_server_1)
- port_id_server_1 = self.get_port_id(network_topo['network']['id'],
- network_topo['subnet']['id'],
- server_default_1)
- port_id_server_2 = port_id['port']['id']
- sec_grp_port = port_client.show_port(port_id_server_1)
- sec_group = sec_grp_port['port']['security_groups'][0]
- body = {"port_security_enabled": "true",
- "security_groups": [sec_group]}
- port_client.update_port(port_id_server_2, **body)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self._check_server_connectivity(public_ip_address_server_1,
- private_ip_address_server_2,
- private_key_server_1)
- body = {"port_security_enabled": "false", "security_groups": []}
- private_ip_address_server_1 = floating_ip_server_1['fixed_ip_address']
- public_ip_address_server_2 = \
- floating_ip_server_2['floating_ip_address']
- private_key_server_2 = \
- self._get_server_key(server_default_2)
- port_client.update_port(port_id_server_2, **body)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self._check_server_connectivity(public_ip_address_server_2,
- private_ip_address_server_1,
- private_key_server_2,
- should_connect=False)
- body = {"port_security_enabled": "true",
- "security_groups": [sec_group]}
- port_client.update_port(port_id_server_2, **body)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self._check_server_connectivity(public_ip_address_server_2,
- private_ip_address_server_1,
- private_key_server_2)
-
- def _test_server_at_beckend_with_port_security(self, network_topo):
- status = []
- server_name_1 = \
- data_utils.rand_name('server-port-sec-1')
- network = network_topo['network']
- server_1 = self._create_server(server_name_1, network)
- port_id = self.get_port_id(network['id'],
- network_topo['subnet']['id'], server_1)
- kwargs = {"port_security_enabled": "false", "security_groups": []}
- port_client = self.cmgr_adm.ports_client
- sec_grp_port = port_client.show_port(port_id)
- sec_group = sec_grp_port['port']['security_groups'][0]
- port_client.update_port(port_id, **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- instance = "instance-port_%s" % port_id[0:4]
- for nsxgroup in nsxgroup_data['results']:
- if instance in nsxgroup['target_display_name']:
- break
- status.append('True')
- kwargs = {"port_security_enabled": "true",
- "security_groups": [sec_group]}
- port_client.update_port(port_id, **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- nsgroup_id = self.nsx.get_neutron_ns_group_id()
- nsxgroup_data = self.nsx.get_ns_group_port_members(nsgroup_id)
- time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
- for nsxgroup in nsxgroup_data['results']:
- if instance in nsxgroup['target_display_name']:
- status.append('True')
- return status
- else:
- continue
- status.append('False')
- return status
-
- def _test_connectivity_bw_port_sec_enable_port_sec_disable_server(
- self, network_topo):
- server_name_1 = \
- data_utils.rand_name('server-port-sec-1')
- network = network_topo['network']
- server_1 = self._create_server(server_name_1, network)
- server_name_2 = data_utils.rand_name('server-port-sec-2')
- server_2 = self._create_server(server_name_2, network)
- floating_ip_server_1 = self.create_floating_ip(server_1)
- floating_ip_server_2 = self.create_floating_ip(server_2)
- private_ip_address_server_1 = floating_ip_server_1['fixed_ip_address']
- public_ip_address_server_2 = \
- floating_ip_server_2['floating_ip_address']
- private_key_server_2 = self._get_server_key(server_2)
- port_client = self.cmgr_adm.ports_client
- self._check_server_connectivity(public_ip_address_server_2,
- private_ip_address_server_1,
- private_key_server_2)
- port_id1 = self.get_port_id(network['id'],
- network_topo['subnet']['id'], server_2)
- kwargs = {"port_security_enabled": "false", "security_groups": []}
- port_client = self.cmgr_adm.ports_client
- sec_grp_port = port_client.show_port(port_id1)
- sec_group = sec_grp_port['port']['security_groups'][0]
- port_client.update_port(port_id1, **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self._check_server_connectivity(public_ip_address_server_2,
- private_ip_address_server_1,
- private_key_server_2,
- should_connect=False)
- kwargs = {"port_security_enabled": "true",
- "security_groups": [sec_group]}
- port_client.update_port(port_id1, **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self._check_server_connectivity(public_ip_address_server_2,
- private_ip_address_server_1,
- private_key_server_2)
-
- def _test_connectivity_between_servers_with_router(self, network_topo):
- server_name_default_1 =\
- data_utils.rand_name('server-port-sec-1')
- server_name_default_2 =\
- data_utils.rand_name('server-port-sec-1')
- network = network_topo['network']
- if 'network2' in network_topo:
- network2 = network_topo['network2']
- else:
- network2 = network
- if 'subnet2' in network_topo:
- subnet2 = network_topo['subnet2']
- else:
- subnet2 = network_topo['subnet']
- server_1 = self._create_server(server_name_default_1, network)
- server_2 = self._create_server(server_name_default_2,
- network2)
- floating_ip_1 = self.create_floating_ip(server_1)
- floating_ip_2 = self.create_floating_ip(server_2)
- public_address_server_2 = floating_ip_2['floating_ip_address']
- private_address_server_1 = floating_ip_1['fixed_ip_address']
- private_key_server_2 = self._get_server_key(server_2)
- self._check_server_connectivity(public_address_server_2,
- private_address_server_1,
- private_key_server_2)
- port_client = self.cmgr_adm.ports_client
- kwargs = {"port_security_enabled": "false",
- "security_groups": []}
- port_id = self.get_port_id(network2['id'],
- subnet2['id'], server_2)
- sec_grp_port = port_client.show_port(port_id)
- sec_group = sec_grp_port['port']['security_groups'][0]
- port_client.update_port(port_id, **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self._check_server_connectivity(public_address_server_2,
- private_address_server_1,
- private_key_server_2,
- should_connect=False)
- kwargs = {"port_security_enabled": "true",
- "security_groups": [sec_group]}
- port_client.update_port(port_id, **kwargs)
- time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
- self._check_server_connectivity(public_address_server_2,
- private_address_server_1,
- private_key_server_2)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('f1c1d9b8-2fbd-4e7c-9ba7-a1d85d8d77d3')
- def test_create_server_with_port_security_and_check_backend(self):
- self.network_topo = self.create_network_topo()
- status = self._test_create_server_with_port_security_and_check_backend(
- self.network_topo)
- self.assertEqual('True', status[0])
- self.assertEqual('False', status[1])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('6853b492-8acd-4e2b-b3a0-75112cef7066')
- def test_create_servers_with_port_security_and_check_traffic(self):
- self.network_topo = self.create_network_topo()
- self._test_create_servers_with_port_security_and_check_traffic(
- self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('f5be118c-d9cd-4401-b559-de9ee6d0fdad')
- def test_server_at_beckend_with_port_security(self):
- self.network_topo = self.create_network_topo()
- status = \
- self._test_server_at_beckend_with_port_security(self.network_topo)
- self.assertEqual('True', status[0])
- self.assertEqual('False', status[1])
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('a64da313-e5d7-4f57-98b6-9906c35332e7')
- def test_connectivity_bw_port_sec_enable_port_sec_disable_server(self):
- self.network_topo = self.create_network_topo()
- self._test_connectivity_bw_port_sec_enable_port_sec_disable_server(
- self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('520e7847-8103-41d0-90c8-6ba52306921d')
- def test_connectivity_between_servers_with_router_on_same_network(self):
- self.network_topo = self.create_multi_network_topo()
- self._test_connectivity_between_servers_with_router(self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('f621bbd9-c889-4c78-9ca1-7217e0df4e95')
- def test_connectivity_between_servers_with_router_on_diff_networks(self):
- self.network_topo = self.create_network_topo()
- self._test_connectivity_between_servers_with_router(self.network_topo)
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_provider_security_group.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_provider_security_group.py
deleted file mode 100644
index c77d5a65e6..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_provider_security_group.py
+++ /dev/null
@@ -1,439 +0,0 @@
-# Copyright 2016 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import collections
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.services import nsxv3_client
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-Floating_IP_tuple = collections.namedtuple('Floating_IP_tuple',
- ['floating_ip', 'server'])
-
-
-class TestProviderSecurityGroup(manager.NetworkScenarioTest):
-
- """Test Provider security Group Scenario
-
- Test the following Provider security Group scenarios
- - Create default and PSG based servers and check connectivity
- - Create mulitple default and PSG based servers and check
- connectivity
- - Create mulitple default and PSG based servers and check
- connectivity on differect cidr
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestProviderSecurityGroup, cls).skip_checks()
- if not test.is_extension_enabled('provider-security-group', 'network'):
- msg = "Extension provider-security-group is not enabled."
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- cls.set_network_resources()
- super(TestProviderSecurityGroup, cls).setup_credentials()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- def setUp(self):
- super(TestProviderSecurityGroup, self).setUp()
- self.cmgr_pri = self.get_client_manager('primary')
- self.cmgr_alt = self.get_client_manager('alt')
- self.cmgr_adm = self.get_client_manager('admin')
- self.keypairs = {}
- self.servers = []
- self.config_drive = CONF.compute_feature_enabled.config_drive
-
- def create_security_provider_group(self, cmgr=None,
- project_id=None, provider=False):
- sg_client_admin = self.cmgr_adm.security_groups_client
- sg_dict = dict(name=data_utils.rand_name('provider-sec-group'))
- if project_id:
- sg_dict['tenant_id'] = project_id
- if provider:
- sg_dict['provider'] = True
- sg = sg_client_admin.create_security_group(**sg_dict)
- sg = sg.get('security_group', sg)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.delete_security_group,
- sg_client_admin, sg.get('id'))
- return sg
-
- def delete_security_group(self, sg_client, sg_id):
- sg_client.delete_security_group(sg_id)
-
- def _delete_router(self, router):
- body = self.ports_client.list_ports(device_id=router['id'])
- interfaces = body['ports']
- for i in interfaces:
- test_utils.call_and_ignore_notfound_exc(
- self.routers_client.remove_router_interface, router['id'],
- subnet_id=i['fixed_ips'][0]['subnet_id'])
- self.routers_client.delete_router(router['id'])
-
- def _create_router(self, router_name=None, admin_state_up=True,
- external_network_id=None, enable_snat=None,
- **kwargs):
- ext_gw_info = {}
- if external_network_id:
- ext_gw_info['network_id'] = external_network_id
- if enable_snat is not None:
- ext_gw_info['enable_snat'] = enable_snat
- body = self.routers_client.create_router(
- name=router_name, external_gateway_info=ext_gw_info,
- admin_state_up=admin_state_up, **kwargs)
- router = body.get('router', body)
- self.addCleanup(self._delete_router, router)
- return router
-
- def _create_subnet(self, network, cidr, subnets_client=None, **kwargs):
- client = subnets_client or self.subnets_client
- body = client.create_subnet(
- name=data_utils.rand_name('subnet-psg'),
- network_id=network['id'], tenant_id=network['tenant_id'],
- cidr=cidr, ip_version=4, **kwargs)
- subnet = body.get('subnet', body)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_subnet, subnet['id'])
- return subnet
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def get_port_id(self, network_id, subnet_id, instance):
- _, instance_addr = instance["addresses"].items()[0]
- instance_fixed_ip = instance_addr[0]["addr"]
- for port in self._list_ports():
- port_fixed_ip = port["fixed_ips"][0]["ip_address"]
- if port["network_id"] == network_id and port["fixed_ips"][0][
- "subnet_id"] == subnet_id and instance["id"] == port[
- "device_id"] and port_fixed_ip == instance_fixed_ip:
- port_id = port["id"]
- self.assertIsNotNone(port_id, "Failed to find Instance's port id!!!")
- return port_id
-
- def _create_server(self, name, network, image_id=None):
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- security_groups = [{'name': self.security_group['name']}]
- network = {'uuid': network['id']}
- server = self.create_server(name=name, networks=[network],
- key_name=keypair['name'],
- config_drive=self.config_drive,
- security_groups=security_groups,
- image_id=image_id,
- wait_until='ACTIVE')
- self.servers.append(server)
- return server
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _get_server_ip(self, server):
- addresses = server['addresses'][self.network['name']]
- for address in addresses:
- if address['version'] == CONF.validation.ip_version_for_ssh:
- return address['addr']
-
- def create_security_group_rule(self, security_group_id,
- cmgr=None, project_id=None,
- protocol=None):
- cmgr = cmgr or self.cmgr_adm
- sgr_client = cmgr.security_group_rules_client
- sgr_dict = dict(security_group_id=security_group_id,
- direction='ingress', protocol=protocol)
- if project_id:
- sgr_dict['tenant_id'] = project_id
- sgr = sgr_client.create_security_group_rule(**sgr_dict)
- return sgr.get('security_group_rule', sgr)
-
- def create_network_topo(self):
- self.security_group = self._create_security_group()
- self.network = self._create_network()
- self.subnet = self._create_subnet(self.network,
- cidr='10.168.1.0/24')
- self.router = self._create_router(
- router_name=data_utils.rand_name('router-psg'),
- external_network_id=CONF.network.public_network_id)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet['id'])
- networks = dict(security_group=self.security_group,
- network=self.network,
- subnet=self.subnet, router=self.router)
- return networks
-
- def create_multi_network_topo(self):
- self.security_group = self._create_security_group()
- self.network = self._create_network(namestart="net-psg")
- self.subnet = self._create_subnet(self.network,
- cidr='10.168.1.0/24')
- self.router = self._create_router(
- router_name=data_utils.rand_name('router-psg'),
- external_network_id=CONF.network.public_network_id)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet['id'])
- self.network_2 = self._create_network()
- self.subnet_2 = self._create_subnet(self.network_2,
- cidr='10.168.2.0/24')
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet_2['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet_2['id'])
- networks_topo = dict(security_group=self.security_group,
- network=self.network,
- subnet=self.subnet, router=self.router,
- network2=self.network_2, subnet2=self.subnet_2)
- return networks_topo
-
- def _check_server_connectivity(self, floating_ip,
- remote_ip, private_key,
- should_connect=True):
- ssh_source = self.get_remote_client(floating_ip,
- private_key=private_key)
- msg = "ip address %s is reachable" % remote_ip
- try:
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, remote_ip, should_connect),
- msg)
- except Exception:
- LOG.exception("Unable to access {dest} via ssh to "
- "floating-ip {src}".format(dest=remote_ip,
- src=floating_ip))
- raise
-
- def _create_vms_without_psg(self, network_topo):
- server_name_default = data_utils.rand_name('server-default-sec-group')
- network = network_topo['network']
- server_default = self._create_server(server_name_default, network)
- server_name_psg = data_utils.rand_name('server-psg-sec-group')
- server_psg = self._create_server(server_name_psg, network)
- servers = dict(server_default=server_default, server_psg=server_psg)
- return servers
-
- def _test_connectivity_between_vms_after_port_update(self, network_topo,
- servers):
- floating_ip_default = self.create_floating_ip(
- servers['server_default'])
- floating_ip_psg = self.create_floating_ip(servers['server_psg'])
- private_ip_address_psg_vm = floating_ip_psg['fixed_ip_address']
- public_ip_address_psg_vm = \
- floating_ip_psg['floating_ip_address']
- private_ip_address_default_vm = floating_ip_default['fixed_ip_address']
- public_ip_address_default_vm = \
- floating_ip_default['floating_ip_address']
- private_key_default_vm = \
- self._get_server_key(servers['server_default'])
- private_key_psg_vm = \
- self._get_server_key(servers['server_psg'])
- self._check_server_connectivity(public_ip_address_default_vm,
- private_ip_address_psg_vm,
- private_key_default_vm)
- self._check_server_connectivity(public_ip_address_psg_vm,
- private_ip_address_default_vm,
- private_key_psg_vm)
- project_id = network_topo['network']['tenant_id']
- sg = self.create_security_provider_group(provider=True,
- project_id=project_id)
- sg_id = sg.get('id')
- self.create_security_group_rule(sg_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- p_client = self.ports_client
- kwargs = {"provider_security_groups": ["%s" % sg_id]}
- port_id_psg = self.get_port_id(network_topo['network']['id'],
- network_topo['subnet']['id'],
- servers['server_psg'])
- port_id_default = self.get_port_id(network_topo['network']['id'],
- network_topo['subnet']['id'],
- servers['server_default'])
- p_client.update_port(port_id_psg, **kwargs)
- p_client.update_port(port_id_default, **kwargs)
- self._check_server_connectivity(public_ip_address_default_vm,
- private_ip_address_psg_vm,
- private_key_default_vm,
- should_connect=False)
- self._check_server_connectivity(public_ip_address_psg_vm,
- private_ip_address_default_vm,
- private_key_psg_vm,
- should_connect=False)
- kwargs = {"provider_security_groups": []}
- p_client.update_port(port_id_psg, **kwargs)
- p_client.update_port(port_id_default, **kwargs)
-
- def _test_connectivity_between_default_psg_server(self, network_topo):
- server_name_default = \
- data_utils.rand_name('server-default-sec-group')
- network = network_topo['network']
- server_default = self._create_server(server_name_default, network)
- project_id = network['tenant_id']
- sg = self.create_security_provider_group(provider=True,
- project_id=project_id)
- sg_id = sg.get('id')
- server_name_psg = data_utils.rand_name('server-psg-sec-group')
- server_psg = self._create_server(server_name_psg, network)
- floating_ip_default = self.create_floating_ip(server_default)
- floating_ip_psg = self.create_floating_ip(server_psg)
- private_ip_address_psg_vm = floating_ip_psg['fixed_ip_address']
- ip_address_default_vm = floating_ip_default['floating_ip_address']
- private_key_default_vm = self._get_server_key(server_default)
- self._check_server_connectivity(ip_address_default_vm,
- private_ip_address_psg_vm,
- private_key_default_vm)
- self.create_security_group_rule(sg_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- self._check_server_connectivity(ip_address_default_vm,
- private_ip_address_psg_vm,
- private_key_default_vm,
- should_connect=False)
-
- def _test_ping_when_psg_enabled_disbaled_on_port(self, network_topo):
- server_name_default = data_utils.rand_name('server-default-sec-group')
- network = network_topo['network']
- server_default = self._create_server(server_name_default, network)
- project_id = network['tenant_id']
- sg = self.create_security_provider_group(provider=True,
- project_id=project_id)
- sg_id = sg.get('id')
- server_name_psg = data_utils.rand_name('server-psg-sec-group')
- server_psg = self._create_server(server_name_psg, network)
- floating_ip_default = self.create_floating_ip(server_default)
- floating_ip_psg = self.create_floating_ip(server_psg)
- private_ip_address_psg_vm = floating_ip_psg['fixed_ip_address']
- ip_address_default_vm = floating_ip_default['floating_ip_address']
- private_key_default_vm = self._get_server_key(server_default)
- self._check_server_connectivity(ip_address_default_vm,
- private_ip_address_psg_vm,
- private_key_default_vm)
- self.create_security_group_rule(sg_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- self._check_server_connectivity(ip_address_default_vm,
- private_ip_address_psg_vm,
- private_key_default_vm,
- should_connect=False)
- p_client = self.ports_client
- kwargs = {"provider_security_groups": []}
- port_id = self.get_port_id(network['id'],
- network_topo['subnet']['id'], server_psg)
- p_client.update_port(port_id, **kwargs)
- self._check_server_connectivity(ip_address_default_vm,
- private_ip_address_psg_vm,
- private_key_default_vm)
-
- def _test_build_up_topology_and_check_connectivity(self, network_topo):
- server_name_default_1 =\
- data_utils.rand_name('server-default-sec-group-1')
- server_name_default_2 =\
- data_utils.rand_name('server-default-sec-group-2')
- network = network_topo['network']
- if 'network2' in network_topo:
- network2 = network_topo['network2']
- else:
- network2 = network
- server_default_1 = self._create_server(server_name_default_1, network)
- server_default_2 = self._create_server(server_name_default_2,
- network2)
- project_id = network['tenant_id']
- sg = self.create_security_provider_group(provider=True,
- project_id=project_id)
- sg_id = sg.get('id')
- server_name_psg_1 = data_utils.rand_name('server-psg-sec-group1')
- server_psg_1 = self._create_server(server_name_psg_1, network)
- server_name_psg_2 = data_utils.rand_name('server-psg-sec-group2')
- server_psg_2 = self._create_server(server_name_psg_2, network2)
- floating_ip_default_1 = self.create_floating_ip(server_default_1)
- floating_ip_psg_1 = self.create_floating_ip(server_psg_1)
- ip_address_default_vm_1 = floating_ip_default_1['floating_ip_address']
- private_ip_address_psg_vm_1 = floating_ip_psg_1['fixed_ip_address']
- private_key_default_vm_1 = self._get_server_key(server_default_1)
- floating_ip_default_2 = self.create_floating_ip(server_default_2)
- floating_ip_psg_2 = self.create_floating_ip(server_psg_2)
- private_ip_address_psg_vm_2 =\
- floating_ip_psg_2['fixed_ip_address']
- private_ip_address_default_vm_2 =\
- floating_ip_default_2['fixed_ip_address']
- self._check_server_connectivity(ip_address_default_vm_1,
- private_ip_address_psg_vm_1,
- private_key_default_vm_1)
- self._check_server_connectivity(ip_address_default_vm_1,
- private_ip_address_psg_vm_2,
- private_key_default_vm_1)
- self._check_server_connectivity(ip_address_default_vm_1,
- private_ip_address_default_vm_2,
- private_key_default_vm_1)
- self.create_security_group_rule(sg_id, cmgr=self.cmgr_adm,
- protocol='icmp')
- self._check_server_connectivity(ip_address_default_vm_1,
- private_ip_address_psg_vm_1,
- private_key_default_vm_1,
- should_connect=False)
- self._check_server_connectivity(ip_address_default_vm_1,
- private_ip_address_psg_vm_2,
- private_key_default_vm_1,
- should_connect=False)
- self._check_server_connectivity(ip_address_default_vm_1,
- private_ip_address_default_vm_2,
- private_key_default_vm_1)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('9d4192e9-b1b7-48c9-af04-67a82637c715')
- def test_connectivity_between_default_psg_server(self):
- self.network_topo = self.create_network_topo()
- self._test_connectivity_between_default_psg_server(self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('a14b5c25-39ce-4641-bd51-f28c25e69440')
- def test_vm_connectivity_port_update_with_psg(self):
- self.network_topo = self.create_network_topo()
- self.servers = self._create_vms_without_psg(self.network_topo)
- self._test_connectivity_between_vms_after_port_update(
- self.network_topo, self.servers)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('4a8eac6a-68ff-4392-bab9-70ea08132acb')
- def test_connectivity_between_default_psg_servers(self):
- self.network_topo = self.create_network_topo()
- self._test_build_up_topology_and_check_connectivity(self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('8bae2101-4f74-4d61-a7a5-42420611cf86')
- def test_connectivity_between_default_psg_server_with_multi_networks(self):
- self.network_topo = self.create_multi_network_topo()
- self._test_build_up_topology_and_check_connectivity(self.network_topo)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('998789ce-8db7-4295-bce0-390fbbf0e489')
- def test_ping_when_psg_enabled_disbaled_on_port(self):
- self.network_topo = self.create_multi_network_topo()
- self._test_ping_when_psg_enabled_disbaled_on_port(self.network_topo)
diff --git a/vmware_nsx_tempest/tests/nsxv3/scenario/test_router_nonat_ops.py b/vmware_nsx_tempest/tests/nsxv3/scenario/test_router_nonat_ops.py
deleted file mode 100644
index 8820637b32..0000000000
--- a/vmware_nsx_tempest/tests/nsxv3/scenario/test_router_nonat_ops.py
+++ /dev/null
@@ -1,374 +0,0 @@
-# Copyright 2017 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import collections
-
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import decorators
-from tempest.lib import exceptions
-from tempest import test
-
-from vmware_nsx_tempest.services import nsxv3_client
-from vmware_nsx_tempest.tests.scenario import manager
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-Floating_IP_tuple = collections.namedtuple('Floating_IP_tuple',
- ['floating_ip', 'server'])
-
-
-class TestRouterNoNATOps(manager.NetworkScenarioTest):
-
- """Test l3 router NoNAT scenario
-
- Test the following two NoNAT scenarios
- - Create a NoNAT topology and check end to end traffic.
- - Create a NATed topology and check end to end traffic.
- Update the router to NoNAT and check end to end traffic.
-
- Note: For NoNAT use case, Enable CONF.network.project_networks_reachable
- and add the static route on external VM in order for NSX connected
- network to be reachable from external.
- route add -net 192.168.1.0 netmask 255.255.255.0 gw 172.20.1.60 eth1
- """
-
- @classmethod
- def skip_checks(cls):
- super(TestRouterNoNATOps, cls).skip_checks()
- if not (CONF.network.project_networks_reachable or
- CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
- for ext in ['router', 'security-group']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- cls.set_network_resources()
- super(TestRouterNoNATOps, cls).setup_credentials()
- cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- def setUp(self):
- super(TestRouterNoNATOps, self).setUp()
- self.keypairs = {}
- self.servers = []
- self.config_drive = CONF.compute_feature_enabled.config_drive
- self.cmgr_adm = self.get_client_manager('admin')
-
- def _setup_network_topo(self, enable_snat=None):
- self.security_group = self._create_security_group()
- self.network = self._create_network()
- self.subnet = self._create_subnet(self.network)
- self.router = self._create_router(
- router_name=data_utils.rand_name('router-smoke'),
- external_network_id=CONF.network.public_network_id,
- enable_snat=enable_snat,
- routers_client=self.cmgr_adm.routers_client)
- self.routers_client.add_router_interface(
- self.router['id'], subnet_id=self.subnet['id'])
- self.addCleanup(self.routers_client.remove_router_interface,
- self.router['id'], subnet_id=self.subnet['id'])
- server_name = data_utils.rand_name('server-smoke')
- self.server = self._create_server(server_name, self.network)
- if enable_snat:
- floating_ip = self.create_floating_ip(self.server)
- self.floating_ip_tuple = Floating_IP_tuple(floating_ip,
- self.server)
-
- def _cleanup_router(self, router):
- self._delete_router(router)
-
- def _delete_router(self, router):
- body = self.ports_client.list_ports(device_id=router['id'])
- interfaces = body['ports']
- for i in interfaces:
- test_utils.call_and_ignore_notfound_exc(
- self.routers_client.remove_router_interface, router['id'],
- subnet_id=i['fixed_ips'][0]['subnet_id'])
- self.routers_client.delete_router(router['id'])
-
- def _update_router(self, router_id, router_client, ext_gw_info):
- router_client.update_router(
- router_id=router_id, external_gateway_info=ext_gw_info)
-
- def _create_router(self, router_name=None, admin_state_up=True,
- external_network_id=None, enable_snat=None,
- routers_client=None,
- **kwargs):
- ext_gw_info = {}
- if external_network_id:
- ext_gw_info['network_id'] = external_network_id
- if enable_snat is not None:
- ext_gw_info['enable_snat'] = enable_snat
- if not routers_client:
- routers_client = self.routers_client
- body = self.routers_client.create_router(
- name=router_name,
- admin_state_up=admin_state_up, **kwargs)
- router = body['router']
- # Only admin can configure SNAT parameteters
- self._update_router(router['id'], routers_client, ext_gw_info)
- self.addCleanup(self._cleanup_router, router)
- return router
-
- def _create_subnet(self, network, subnets_client=None, **kwargs):
- client = subnets_client or self.subnets_client
- body = client.create_subnet(
- name=data_utils.rand_name('subnet-smoke'),
- network_id=network['id'], tenant_id=network['tenant_id'],
- cidr='192.168.1.0/24', ip_version=4, **kwargs)
- subnet = body['subnet']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_subnet, subnet['id'])
- return subnet
-
- def _create_server(self, name, network, image_id=None):
- keypair = self.create_keypair()
- self.keypairs[keypair['name']] = keypair
- security_groups = [{'name': self.security_group['name']}]
- network = {'uuid': network['id']}
- server = self.create_server(name=name, networks=[network],
- key_name=keypair['name'],
- config_drive=self.config_drive,
- security_groups=security_groups,
- image_id=image_id,
- wait_until='ACTIVE')
- self.servers.append(server)
- return server
-
- def _get_server_key(self, server):
- return self.keypairs[server['key_name']]['private_key']
-
- def _get_server_ip(self, server):
- addresses = server['addresses'][self.network['name']]
- for address in addresses:
- if address['version'] == CONF.validation.ip_version_for_ssh:
- return address['addr']
-
- def _list_ports(self, *args, **kwargs):
- """List ports using admin creds """
- ports_list = self.admin_manager.ports_client.list_ports(
- *args, **kwargs)
- return ports_list['ports']
-
- def _check_network_internal_connectivity(self, network,
- should_connect=True):
- floating_ip, server = self.floating_ip_tuple
- # test internal connectivity to the network ports on the network
- network_ips = [p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=server['tenant_id'],
- network_id=network['id'])
- if p['device_owner'].startswith('network')]
- self._check_server_connectivity(floating_ip,
- network_ips,
- should_connect)
-
- def _check_network_vm_connectivity(self, network,
- should_connect=True):
- floating_ip, server = self.floating_ip_tuple
- # test internal connectivity to the other VM on the same network
- compute_ips = [p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=server['tenant_id'],
- network_id=network['id'])
- if p['device_owner'].startswith('compute')]
- self._check_server_connectivity(floating_ip,
- compute_ips,
- should_connect)
-
- def _check_nonat_network_connectivity(self, should_connect=True):
- # test internal connectivity to the network ports on the network
- network_ips = [p['fixed_ips'][0]['ip_address'] for p in
- self._list_ports(tenant_id=self.server['tenant_id'],
- network_id=self.network['id'])
- if p['device_owner'].startswith('network')]
- network_ips.append(self._get_server_ip(self.server))
- self._check_fixed_ip_connectivity_from_ext_vm(
- network_ips, should_connect=should_connect)
-
- def _check_fixed_ip_connectivity_from_ext_vm(self, fixed_ips,
- should_connect=True):
- if not CONF.network.project_networks_reachable and should_connect:
- return
- for ip in fixed_ips:
- self.ping_ip_address(ip, should_succeed=should_connect)
-
- def _check_server_connectivity(self, floating_ip, address_list,
- should_connect=True):
- ip_address = floating_ip['floating_ip_address']
- private_key = self._get_server_key(self.server)
- ssh_source = self.get_remote_client(ip_address,
- private_key=private_key)
- for remote_ip in address_list:
- if should_connect:
- msg = ("Timed out waiting for %s to become "
- "reachable") % remote_ip
- else:
- msg = "ip address %s is reachable" % remote_ip
- try:
- self.assertTrue(self._check_remote_connectivity
- (ssh_source, remote_ip, should_connect),
- msg)
- except Exception:
- LOG.exception("Unable to access %{dest}s via ssh to "
- "floating-ip %{src}s",
- {'dest': remote_ip, 'src': floating_ip})
- raise
-
- def _test_router_nat_when_floating_ips_active_on_network(self):
- """Expect raise condition when floating ips are active on
- on network and tenant try to disable NAT
- """
- snat = True
- self._setup_network_topo(enable_snat=snat)
- nsx_router = self.nsx.get_logical_router(
- self.router['name'], self.router['id'])
- self.assertNotEqual(nsx_router, None)
- self.assertEqual(nsx_router['router_type'], 'TIER1')
- self._check_network_internal_connectivity(network=self.network)
- self._check_network_vm_connectivity(network=self.network)
- self._check_nonat_network_connectivity(should_connect=False)
- # Update router to disable snat and disassociate floating ip
- external_gateway_info = {
- 'network_id': CONF.network.public_network_id,
- 'enable_snat': (not snat)}
- self.assertRaises(exceptions.BadRequest, self._update_router,
- self.router['id'],
- self.cmgr_adm.routers_client,
- external_gateway_info)
-
- def _test_router_nat_update_when_snat(self):
- """Test update router from NATed to NoNAT scenario"""
- snat = True
- self._setup_network_topo(enable_snat=snat)
- nsx_router = self.nsx.get_logical_router(
- self.router['name'], self.router['id'])
- self.assertNotEqual(nsx_router, None)
- self.assertEqual(nsx_router['router_type'], 'TIER1')
- # Check nat rules created correctly
- nat_rules = self.nsx.get_logical_router_nat_rules(nsx_router)
- # Check router advertisement is correctly set
- router_adv = self.nsx.get_logical_router_advertisement(nsx_router)
- adv_msg = "Tier1 router's advertise_nsx_connected_routes is not True"
- nat_msg = "Tier1 router's advertise_nat_routes is not False"
- self.assertTrue(len(nat_rules) == 3)
- self.assertTrue(router_adv['advertise_nat_routes'], nat_msg)
- self.assertFalse(router_adv['advertise_nsx_connected_routes'], adv_msg)
- self._check_network_internal_connectivity(network=self.network)
- self._check_network_vm_connectivity(network=self.network)
- self._check_nonat_network_connectivity(should_connect=False)
- # To configure SNAT=False, needs to release all the floating ips
- floating_ip, server = self.floating_ip_tuple
- self._disassociate_floating_ip(floating_ip)
- # Update router to disable snat and disassociate floating ip
- external_gateway_info = {
- 'network_id': CONF.network.public_network_id,
- 'enable_snat': (not snat)}
- self._update_router(self.router['id'], self.cmgr_adm.routers_client,
- external_gateway_info)
- nsx_router = self.nsx.get_logical_router(
- self.router['name'], self.router['id'])
- self.assertNotEqual(nsx_router, None)
- self.assertEqual(nsx_router['router_type'], 'TIER1')
- # Check nat rules created correctly
- nat_rules = self.nsx.get_logical_router_nat_rules(nsx_router)
- # Check router advertisement is correctly set
- router_adv = self.nsx.get_logical_router_advertisement(nsx_router)
- self.assertTrue(len(nat_rules) == 0)
- self.assertFalse(router_adv['advertise_nat_routes'], nat_msg)
- self.assertTrue(router_adv['advertise_nsx_connected_routes'], adv_msg)
- self._check_nonat_network_connectivity()
-
- def _test_router_nat_update_when_no_snat(self):
- """Test update router from NATed to NoNAT scenario"""
- snat = False
- self._setup_network_topo(enable_snat=snat)
- nsx_router = self.nsx.get_logical_router(
- self.router['name'], self.router['id'])
- self.assertNotEqual(nsx_router, None)
- self.assertEqual(nsx_router['router_type'], 'TIER1')
- # Check nat rules created correctly
- nat_rules = self.nsx.get_logical_router_nat_rules(nsx_router)
- # Check router advertisement is correctly set
- router_adv = self.nsx.get_logical_router_advertisement(nsx_router)
- adv_msg = "Tier1 router's advertise_nsx_connected_routes is not True"
- nat_msg = "Tier1 router's advertise_nat_routes is not False"
- self.assertTrue(len(nat_rules) == 0)
- self.assertFalse(router_adv['advertise_nat_routes'], nat_msg)
- self.assertTrue(router_adv['advertise_nsx_connected_routes'], adv_msg)
- self._check_nonat_network_connectivity()
- # Update router to Enable snat and associate floating ip
- external_gateway_info = {
- 'network_id': CONF.network.public_network_id,
- 'enable_snat': (not snat)}
- self._update_router(self.router['id'], self.cmgr_adm.routers_client,
- external_gateway_info)
- floating_ip = self.create_floating_ip(self.server)
- self.floating_ip_tuple = Floating_IP_tuple(floating_ip, self.server)
- nsx_router = self.nsx.get_logical_router(
- self.router['name'], self.router['id'])
- self.assertNotEqual(nsx_router, None)
- self.assertEqual(nsx_router['router_type'], 'TIER1')
- # Check nat rules created correctly
- nat_rules = self.nsx.get_logical_router_nat_rules(nsx_router)
- # Check router advertisement is correctly set
- router_adv = self.nsx.get_logical_router_advertisement(nsx_router)
- self.assertTrue(len(nat_rules) == 3)
- self.assertTrue(router_adv['advertise_nat_routes'], nat_msg)
- self.assertFalse(router_adv['advertise_nsx_connected_routes'], adv_msg)
- self._check_network_internal_connectivity(network=self.network)
- self._check_network_vm_connectivity(network=self.network)
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('5e5bfdd4-0962-47d3-a89b-7ce64322b53e')
- def test_router_nat_to_nonat_ops(self):
- """Test update router from NATed to NoNAT scenario"""
- self._test_router_nat_update_when_snat()
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('b951f7fb-f2b2-40eb-8bbd-b54bd76ffbe8')
- def test_disable_nat_when_floating_ips_active_on_network(self):
- """Expect raise condition when floating ips are active on
- on network and tenant try to disable NAT
- """
- self._test_router_nat_when_floating_ips_active_on_network()
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('a0274738-d3e7-49db-bf10-a5563610940d')
- def test_router_nonat_to_nat_ops(self):
- """Test update router from NoNAT to NATed scenario"""
- self._test_router_nat_update_when_no_snat()
-
- @decorators.attr(type='nsxv3')
- @decorators.idempotent_id('971e8e8b-3cf2-47a9-ac24-5b19f586731c')
- def test_only_admin_can_configure_snat(self):
- """Only admin can configure the SNAT"""
- self.security_group = self._create_security_group()
- self.network = self._create_network()
- self.subnet = self._create_subnet(self.network)
- self.assertRaises(exceptions.Forbidden, self._create_router,
- router_name=data_utils.rand_name('router-smoke'),
- external_network_id=CONF.network.public_network_id,
- enable_snat=False)
diff --git a/vmware_nsx_tempest/tests/scenario/__init__.py b/vmware_nsx_tempest/tests/scenario/__init__.py
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/vmware_nsx_tempest/tests/scenario/manager.py b/vmware_nsx_tempest/tests/scenario/manager.py
deleted file mode 100644
index 95e04a0d7c..0000000000
--- a/vmware_nsx_tempest/tests/scenario/manager.py
+++ /dev/null
@@ -1,1242 +0,0 @@
-# Copyright 2012 OpenStack Foundation
-# Copyright 2013 IBM Corp.
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import subprocess
-
-import netaddr
-from oslo_log import log
-from oslo_serialization import jsonutils
-from oslo_utils import netutils
-
-from tempest.common import compute
-from tempest.common import image as common_image
-from tempest.common.utils.linux import remote_client
-from tempest.common.utils import net_utils
-from tempest.common import waiters
-from tempest import config
-from tempest import exceptions
-from tempest.lib.common.utils import data_utils
-from tempest.lib.common.utils import test_utils
-from tempest.lib import exceptions as lib_exc
-import tempest.test
-
-CONF = config.CONF
-
-LOG = log.getLogger(__name__)
-
-
-class ScenarioTest(tempest.test.BaseTestCase):
- """Base class for scenario tests. Uses tempest own clients. """
-
- credentials = ['primary']
-
- @classmethod
- def setup_clients(cls):
- super(ScenarioTest, cls).setup_clients()
- # Clients (in alphabetical order)
- cls.flavors_client = cls.manager.flavors_client
- cls.compute_floating_ips_client = (
- cls.manager.compute_floating_ips_client)
- if CONF.service_available.glance:
- # Check if glance v1 is available to determine which client to use.
- if CONF.image_feature_enabled.api_v1:
- cls.image_client = cls.manager.image_client
- elif CONF.image_feature_enabled.api_v2:
- cls.image_client = cls.manager.image_client_v2
- else:
- raise lib_exc.InvalidConfiguration(
- 'Either api_v1 or api_v2 must be True in '
- '[image-feature-enabled].')
- # Compute image client
- cls.compute_images_client = cls.manager.compute_images_client
- cls.keypairs_client = cls.manager.keypairs_client
- # Nova security groups client
- cls.compute_security_groups_client = (
- cls.manager.compute_security_groups_client)
- cls.compute_security_group_rules_client = (
- cls.manager.compute_security_group_rules_client)
- cls.servers_client = cls.manager.servers_client
- cls.interface_client = cls.manager.interfaces_client
- # Neutron network client
- cls.networks_client = cls.manager.networks_client
- cls.ports_client = cls.manager.ports_client
- cls.routers_client = cls.manager.routers_client
- cls.subnets_client = cls.manager.subnets_client
- cls.floating_ips_client = cls.manager.floating_ips_client
- cls.security_groups_client = cls.manager.security_groups_client
- cls.security_group_rules_client = (
- cls.manager.security_group_rules_client)
-
- if CONF.volume_feature_enabled.api_v2:
- cls.volumes_client = cls.manager.volumes_v2_client
- cls.snapshots_client = cls.manager.snapshots_v2_client
- else:
- cls.volumes_client = cls.manager.volumes_client
- cls.snapshots_client = cls.manager.snapshots_client
-
- # ## Test functions library
- #
- # The create_[resource] functions only return body and discard the
- # resp part which is not used in scenario tests
-
- def _create_port(self, network_id, client=None, namestart='port-quotatest',
- **kwargs):
- if not client:
- client = self.ports_client
- name = data_utils.rand_name(namestart)
- result = client.create_port(
- name=name,
- network_id=network_id,
- **kwargs)
- self.assertIsNotNone(result, 'Unable to allocate port')
- port = result['port']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_port, port['id'])
- return port
-
- def create_keypair(self, client=None):
- if not client:
- client = self.keypairs_client
- name = data_utils.rand_name(self.__class__.__name__)
- # We don't need to create a keypair by pubkey in scenario
- body = client.create_keypair(name=name)
- self.addCleanup(client.delete_keypair, name)
- return body['keypair']
-
- def create_server(self, name=None, image_id=None, flavor=None,
- validatable=False, wait_until='ACTIVE',
- clients=None, **kwargs):
- """Wrapper utility that returns a test server.
-
- This wrapper utility calls the common create test server and
- returns a test server. The purpose of this wrapper is to minimize
- the impact on the code of the tests already using this
- function.
- """
-
- # NOTE(jlanoux): As a first step, ssh checks in the scenario
- # tests need to be run regardless of the run_validation and
- # validatable parameters and thus until the ssh validation job
- # becomes voting in CI. The test resources management and IP
- # association are taken care of in the scenario tests.
- # Therefore, the validatable parameter is set to false in all
- # those tests. In this way create_server just return a standard
- # server and the scenario tests always perform ssh checks.
-
- # Needed for the cross_tenant_traffic test:
- if clients is None:
- clients = self.manager
-
- if name is None:
- name = data_utils.rand_name(self.__class__.__name__ + "-server")
-
- vnic_type = CONF.network.port_vnic_type
-
- # If vnic_type is configured create port for
- # every network
- if vnic_type:
- ports = []
-
- create_port_body = {'binding:vnic_type': vnic_type,
- 'namestart': 'port-smoke'}
- if kwargs:
- # Convert security group names to security group ids
- # to pass to create_port
- if 'security_groups' in kwargs:
- security_groups = \
- clients.security_groups_client.list_security_groups(
- ).get('security_groups')
- sec_dict = dict([(s['name'], s['id'])
- for s in security_groups])
-
- sec_groups_names = [s['name'] for s in kwargs.pop(
- 'security_groups')]
- security_groups_ids = [sec_dict[s]
- for s in sec_groups_names]
-
- if security_groups_ids:
- create_port_body[
- 'security_groups'] = security_groups_ids
- networks = kwargs.pop('networks', [])
- else:
- networks = []
-
- # If there are no networks passed to us we look up
- # for the project's private networks and create a port.
- # The same behaviour as we would expect when passing
- # the call to the clients with no networks
- if not networks:
- networks = clients.networks_client.list_networks(
- **{'router:external': False, 'fields': 'id'})['networks']
-
- # It's net['uuid'] if networks come from kwargs
- # and net['id'] if they come from
- # clients.networks_client.list_networks
- for net in networks:
- net_id = net.get('uuid', net.get('id'))
- if 'port' not in net:
- port = self._create_port(network_id=net_id,
- client=clients.ports_client,
- **create_port_body)
- ports.append({'port': port['id']})
- else:
- ports.append({'port': net['port']})
- if ports:
- kwargs['networks'] = ports
- self.ports = ports
-
- tenant_network = self.get_tenant_network()
-
- body, servers = compute.create_test_server(
- clients,
- tenant_network=tenant_network,
- wait_until=wait_until,
- name=name, flavor=flavor,
- image_id=image_id, **kwargs)
-
- self.addCleanup(waiters.wait_for_server_termination,
- clients.servers_client, body['id'])
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- clients.servers_client.delete_server, body['id'])
- server = clients.servers_client.show_server(body['id'])['server']
- return server
-
- def create_volume(self, size=None, name=None, snapshot_id=None,
- imageRef=None, volume_type=None):
- if size is None:
- size = CONF.volume.volume_size
- if imageRef:
- image = self.compute_images_client.show_image(imageRef)['image']
- min_disk = image.get('minDisk')
- size = max(size, min_disk)
- if name is None:
- name = data_utils.rand_name(self.__class__.__name__ + "-volume")
- kwargs = {'display_name': name,
- 'snapshot_id': snapshot_id,
- 'imageRef': imageRef,
- 'volume_type': volume_type,
- 'size': size}
- volume = self.volumes_client.create_volume(**kwargs)['volume']
-
- self.addCleanup(self.volumes_client.wait_for_resource_deletion,
- volume['id'])
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.volumes_client.delete_volume, volume['id'])
-
- # NOTE(e0ne): Cinder API v2 uses name instead of display_name
- if 'display_name' in volume:
- self.assertEqual(name, volume['display_name'])
- else:
- self.assertEqual(name, volume['name'])
- waiters.wait_for_volume_resource_status(self.volumes_client,
- volume['id'], 'available')
- # The volume retrieved on creation has a non-up-to-date status.
- # Retrieval after it becomes active ensures correct details.
- volume = self.volumes_client.show_volume(volume['id'])['volume']
- return volume
-
- def create_volume_type(self, client=None, name=None, backend_name=None):
- if not client:
- client = self.admin_volume_types_client
- if not name:
- class_name = self.__class__.__name__
- name = data_utils.rand_name(class_name + '-volume-type')
- randomized_name = data_utils.rand_name('scenario-type-' + name)
-
- LOG.debug("Creating a volume type: %s on backend %s",
- randomized_name, backend_name)
- extra_specs = {}
- if backend_name:
- extra_specs = {"volume_backend_name": backend_name}
-
- body = client.create_volume_type(name=randomized_name,
- extra_specs=extra_specs)
- volume_type = body['volume_type']
- self.assertIn('id', volume_type)
- self.addCleanup(client.delete_volume_type, volume_type['id'])
- return volume_type
-
- def _create_loginable_secgroup_rule(self, secgroup_id=None):
- _client = self.compute_security_groups_client
- _client_rules = self.compute_security_group_rules_client
- if secgroup_id is None:
- sgs = _client.list_security_groups()['security_groups']
- for sg in sgs:
- if sg['name'] == 'default':
- secgroup_id = sg['id']
-
- # These rules are intended to permit inbound ssh and icmp
- # traffic from all sources, so no group_id is provided.
- # Setting a group_id would only permit traffic from ports
- # belonging to the same security group.
- rulesets = [
- {
- # ssh
- 'ip_protocol': 'tcp',
- 'from_port': 22,
- 'to_port': 22,
- 'cidr': '0.0.0.0/0',
- },
- {
- # ping
- 'ip_protocol': 'icmp',
- 'from_port': -1,
- 'to_port': -1,
- 'cidr': '0.0.0.0/0',
- }
- ]
- rules = list()
- for ruleset in rulesets:
- sg_rule = _client_rules.create_security_group_rule(
- parent_group_id=secgroup_id, **ruleset)['security_group_rule']
- rules.append(sg_rule)
- return rules
-
- def _create_security_group(self):
- # Create security group
- sg_name = data_utils.rand_name(self.__class__.__name__)
- sg_desc = sg_name + " description"
- secgroup = self.compute_security_groups_client.create_security_group(
- name=sg_name, description=sg_desc)['security_group']
- self.assertEqual(secgroup['name'], sg_name)
- self.assertEqual(secgroup['description'], sg_desc)
- self.addCleanup(
- test_utils.call_and_ignore_notfound_exc,
- self.compute_security_groups_client.delete_security_group,
- secgroup['id'])
-
- # Add rules to the security group
- self._create_loginable_secgroup_rule(secgroup['id'])
-
- return secgroup
-
- def get_remote_client(self, ip_address, username=None, private_key=None):
- """Get a SSH client to a remote server
-
- @param ip_address the server floating or fixed IP address to use
- for ssh validation
- @param username name of the Linux account on the remote server
- @param private_key the SSH private key to use
- @return a RemoteClient object
- """
-
- if username is None:
- username = CONF.validation.image_ssh_user
- # Set this with 'keypair' or others to log in with keypair or
- # username/password.
- if CONF.validation.auth_method == 'keypair':
- password = None
- if private_key is None:
- private_key = self.keypair['private_key']
- else:
- password = CONF.validation.image_ssh_password
- private_key = None
- linux_client = remote_client.RemoteClient(ip_address, username,
- pkey=private_key,
- password=password)
- try:
- linux_client.validate_authentication()
- except Exception as e:
- message = ('Initializing SSH connection to %(ip)s failed. '
- 'Error: %(error)s' % {'ip': ip_address,
- 'error': e})
- caller = test_utils.find_test_caller()
- if caller:
- message = '(%s) %s' % (caller, message)
- LOG.exception(message)
- self._log_console_output()
- raise
-
- return linux_client
-
- def _image_create(self, name, fmt, path,
- disk_format=None, properties=None):
- if properties is None:
- properties = {}
- name = data_utils.rand_name('%s-' % name)
- params = {
- 'name': name,
- 'container_format': fmt,
- 'disk_format': disk_format or fmt,
- }
- if CONF.image_feature_enabled.api_v1:
- params['is_public'] = 'False'
- params['properties'] = properties
- params = {'headers': common_image.image_meta_to_headers(**params)}
- else:
- params['visibility'] = 'private'
- # Additional properties are flattened out in the v2 API.
- params.update(properties)
- body = self.image_client.create_image(**params)
- image = body['image'] if 'image' in body else body
- self.addCleanup(self.image_client.delete_image, image['id'])
- self.assertEqual("queued", image['status'])
- with open(path, 'rb') as image_file:
- if CONF.image_feature_enabled.api_v1:
- self.image_client.update_image(image['id'], data=image_file)
- else:
- self.image_client.store_image_file(image['id'], image_file)
- return image['id']
-
- def glance_image_create(self):
- img_path = CONF.scenario.img_dir + "/" + CONF.scenario.img_file
- aki_img_path = CONF.scenario.img_dir + "/" + CONF.scenario.aki_img_file
- ari_img_path = CONF.scenario.img_dir + "/" + CONF.scenario.ari_img_file
- ami_img_path = CONF.scenario.img_dir + "/" + CONF.scenario.ami_img_file
- img_container_format = CONF.scenario.img_container_format
- img_disk_format = CONF.scenario.img_disk_format
- img_properties = CONF.scenario.img_properties
- LOG.debug("paths: img: %s, container_format: %s, disk_format: %s, "
- "properties: %s, ami: %s, ari: %s, aki: %s",
- img_path, img_container_format, img_disk_format,
- img_properties, ami_img_path, ari_img_path, aki_img_path)
- try:
- image = self._image_create('scenario-img',
- img_container_format,
- img_path,
- disk_format=img_disk_format,
- properties=img_properties)
- except IOError:
- LOG.debug("A qcow2 image was not found. Try to get a uec image.")
- kernel = self._image_create('scenario-aki', 'aki', aki_img_path)
- ramdisk = self._image_create('scenario-ari', 'ari', ari_img_path)
- properties = {'kernel_id': kernel, 'ramdisk_id': ramdisk}
- image = self._image_create('scenario-ami', 'ami',
- path=ami_img_path,
- properties=properties)
- LOG.debug("image:%s", image)
-
- return image
-
- def _log_console_output(self, servers=None):
- if not CONF.compute_feature_enabled.console_output:
- LOG.debug('Console output not supported, cannot log')
- return
- if not servers:
- servers = self.servers_client.list_servers()
- servers = servers['servers']
- for server in servers:
- try:
- console_output = self.servers_client.get_console_output(
- server['id'])['output']
- LOG.debug('Console output for %s\nbody=\n%s',
- server['id'], console_output)
- except lib_exc.NotFound:
- LOG.debug("Server %s disappeared(deleted) while looking "
- "for the console log", server['id'])
-
- def _log_net_info(self, exc):
- # network debug is called as part of ssh init
- if not isinstance(exc, lib_exc.SSHTimeout):
- LOG.debug('Network information on a devstack host')
-
- def create_server_snapshot(self, server, name=None):
- # Glance client
- _image_client = self.image_client
- # Compute client
- _images_client = self.compute_images_client
- if name is None:
- name = data_utils.rand_name(self.__class__.__name__ + 'snapshot')
- LOG.debug("Creating a snapshot image for server: %s", server['name'])
- image = _images_client.create_image(server['id'], name=name)
- image_id = image.response['location'].split('images/')[1]
- waiters.wait_for_image_status(_image_client, image_id, 'active')
-
- self.addCleanup(_image_client.wait_for_resource_deletion,
- image_id)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- _image_client.delete_image, image_id)
-
- if CONF.image_feature_enabled.api_v1:
- # In glance v1 the additional properties are stored in the headers.
- resp = _image_client.check_image(image_id)
- snapshot_image = common_image.get_image_meta_from_headers(resp)
- image_props = snapshot_image.get('properties', {})
- else:
- # In glance v2 the additional properties are flattened.
- snapshot_image = _image_client.show_image(image_id)
- image_props = snapshot_image
-
- bdm = image_props.get('block_device_mapping')
- if bdm:
- bdm = jsonutils.loads(bdm)
- if bdm and 'snapshot_id' in bdm[0]:
- snapshot_id = bdm[0]['snapshot_id']
- self.addCleanup(
- self.snapshots_client.wait_for_resource_deletion,
- snapshot_id)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.snapshots_client.delete_snapshot,
- snapshot_id)
- waiters.wait_for_volume_resource_status(self.snapshots_client,
- snapshot_id,
- 'available')
- image_name = snapshot_image['name']
- self.assertEqual(name, image_name)
- LOG.debug("Created snapshot image %s for server %s",
- image_name, server['name'])
- return snapshot_image
-
- def nova_volume_attach(self, server, volume_to_attach):
- volume = self.servers_client.attach_volume(
- server['id'], volumeId=volume_to_attach['id'], device='/dev/%s'
- % CONF.compute.volume_device_name)['volumeAttachment']
- self.assertEqual(volume_to_attach['id'], volume['id'])
- waiters.wait_for_volume_resource_status(self.volumes_client,
- volume['id'], 'in-use')
-
- # Return the updated volume after the attachment
- return self.volumes_client.show_volume(volume['id'])['volume']
-
- def nova_volume_detach(self, server, volume):
- self.servers_client.detach_volume(server['id'], volume['id'])
- waiters.wait_for_volume_resource_status(self.volumes_client,
- volume['id'], 'available')
-
- volume = self.volumes_client.show_volume(volume['id'])['volume']
- self.assertEqual('available', volume['status'])
-
- def rebuild_server(self, server_id, image=None,
- preserve_ephemeral=False, wait=True,
- rebuild_kwargs=None):
- if image is None:
- image = CONF.compute.image_ref
-
- rebuild_kwargs = rebuild_kwargs or {}
-
- LOG.debug("Rebuilding server (id: %s, image: %s, preserve eph: %s)",
- server_id, image, preserve_ephemeral)
- self.servers_client.rebuild_server(
- server_id=server_id, image_ref=image,
- preserve_ephemeral=preserve_ephemeral,
- **rebuild_kwargs)
- if wait:
- waiters.wait_for_server_status(self.servers_client,
- server_id, 'ACTIVE')
-
- def ping_ip_address(self, ip_address, should_succeed=True,
- ping_timeout=None, mtu=None):
- timeout = ping_timeout or CONF.validation.ping_timeout
- cmd = ['ping', '-c1', '-w1']
-
- if mtu:
- cmd += [
- # don't fragment
- '-M', 'do',
- # ping receives just the size of ICMP payload
- '-s', str(net_utils.get_ping_payload_size(mtu, 4))
- ]
- cmd.append(ip_address)
-
- def ping():
- proc = subprocess.Popen(cmd,
- stdout=subprocess.PIPE,
- stderr=subprocess.PIPE)
- proc.communicate()
-
- return (proc.returncode == 0) == should_succeed
-
- caller = test_utils.find_test_caller()
- LOG.debug('%(caller)s begins to ping %(ip)s in %(timeout)s sec and the'
- ' expected result is %(should_succeed)s', {
- 'caller': caller, 'ip': ip_address, 'timeout': timeout,
- 'should_succeed':
- 'reachable' if should_succeed else 'unreachable'
- })
- result = test_utils.call_until_true(ping, timeout, 1)
- LOG.debug('%(caller)s finishes ping %(ip)s in %(timeout)s sec and the '
- 'ping result is %(result)s', {
- 'caller': caller, 'ip': ip_address, 'timeout': timeout,
- 'result': 'expected' if result else 'unexpected'
- })
- return result
-
- def check_vm_connectivity(self, ip_address,
- username=None,
- private_key=None,
- should_connect=True,
- mtu=None):
- """Check server connectivity
-
- :param ip_address: server to test against
- :param username: server's ssh username
- :param private_key: server's ssh private key to be used
- :param should_connect: True/False indicates positive/negative test
- positive - attempt ping and ssh
- negative - attempt ping and fail if succeed
- :param mtu: network MTU to use for connectivity validation
-
- :raises: AssertError if the result of the connectivity check does
- not match the value of the should_connect param
- """
- if should_connect:
- msg = "Timed out waiting for %s to become reachable" % ip_address
- else:
- msg = "ip address %s is reachable" % ip_address
- self.assertTrue(self.ping_ip_address(ip_address,
- should_succeed=should_connect,
- mtu=mtu),
- msg=msg)
- if should_connect:
- # no need to check ssh for negative connectivity
- self.get_remote_client(ip_address, username, private_key)
-
- def check_public_network_connectivity(self, ip_address, username,
- private_key, should_connect=True,
- msg=None, servers=None, mtu=None):
- # The target login is assumed to have been configured for
- # key-based authentication by cloud-init.
- LOG.debug('checking network connections to IP %s with user: %s',
- ip_address, username)
- try:
- self.check_vm_connectivity(ip_address,
- username,
- private_key,
- should_connect=should_connect,
- mtu=mtu)
- except Exception:
- ex_msg = 'Public network connectivity check failed'
- if msg:
- ex_msg += ": " + msg
- LOG.exception(ex_msg)
- self._log_console_output(servers)
- raise
-
- def create_floating_ip(self, thing, pool_name=None):
- """Create a floating IP and associates to a server on Nova"""
-
- if not pool_name:
- pool_name = CONF.network.floating_network_name
- floating_ip = (self.compute_floating_ips_client.
- create_floating_ip(pool=pool_name)['floating_ip'])
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- self.compute_floating_ips_client.delete_floating_ip,
- floating_ip['id'])
- self.compute_floating_ips_client.associate_floating_ip_to_server(
- floating_ip['ip'], thing['id'])
- return floating_ip
-
- def create_timestamp(self, ip_address, dev_name=None, mount_path='/mnt',
- private_key=None):
- ssh_client = self.get_remote_client(ip_address,
- private_key=private_key)
- if dev_name is not None:
- ssh_client.make_fs(dev_name)
- ssh_client.mount(dev_name, mount_path)
- cmd_timestamp = 'sudo sh -c "date > %s/timestamp; sync"' % mount_path
- ssh_client.exec_command(cmd_timestamp)
- timestamp = ssh_client.exec_command('sudo cat %s/timestamp'
- % mount_path)
- if dev_name is not None:
- ssh_client.umount(mount_path)
- return timestamp
-
- def get_timestamp(self, ip_address, dev_name=None, mount_path='/mnt',
- private_key=None):
- ssh_client = self.get_remote_client(ip_address,
- private_key=private_key)
- if dev_name is not None:
- ssh_client.mount(dev_name, mount_path)
- timestamp = ssh_client.exec_command('sudo cat %s/timestamp'
- % mount_path)
- if dev_name is not None:
- ssh_client.umount(mount_path)
- return timestamp
-
- def get_server_ip(self, server):
- """Get the server fixed or floating IP.
-
- Based on the configuration we're in, return a correct ip
- address for validating that a guest is up.
- """
- if CONF.validation.connect_method == 'floating':
- # The tests calling this method don't have a floating IP
- # and can't make use of the validation resources. So the
- # method is creating the floating IP there.
- return self.create_floating_ip(server)['ip']
- elif CONF.validation.connect_method == 'fixed':
- # Determine the network name to look for based on config or creds
- # provider network resources.
- if CONF.validation.network_for_ssh:
- addresses = server['addresses'][
- CONF.validation.network_for_ssh]
- else:
- creds_provider = self._get_credentials_provider()
- net_creds = creds_provider.get_primary_creds()
- network = getattr(net_creds, 'network', None)
- addresses = (server['addresses'][network['name']]
- if network else [])
- for address in addresses:
- if (address['version'] == CONF.validation.ip_version_for_ssh
- and address['OS-EXT-IPS:type'] == 'fixed'):
- return address['addr']
- raise exceptions.ServerUnreachable(server_id=server['id'])
- else:
- raise lib_exc.InvalidConfiguration()
-
-
-class NetworkScenarioTest(ScenarioTest):
- """Base class for network scenario tests.
-
- This class provide helpers for network scenario tests, using the neutron
- API. Helpers from ancestor which use the nova network API are overridden
- with the neutron API.
-
- This Class also enforces using Neutron instead of novanetwork.
- Subclassed tests will be skipped if Neutron is not enabled
-
- """
-
- credentials = ['primary', 'admin']
-
- @classmethod
- def skip_checks(cls):
- super(NetworkScenarioTest, cls).skip_checks()
- if not CONF.service_available.neutron:
- raise cls.skipException('Neutron not available')
-
- def _create_network(self, networks_client=None,
- tenant_id=None,
- namestart='network-smoke-',
- port_security_enabled=True):
- if not networks_client:
- networks_client = self.networks_client
- if not tenant_id:
- tenant_id = networks_client.tenant_id
- name = data_utils.rand_name(namestart)
- network_kwargs = dict(name=name, tenant_id=tenant_id)
- # Neutron disables port security by default so we have to check the
- # config before trying to create the network with port_security_enabled
- if CONF.network_feature_enabled.port_security:
- network_kwargs['port_security_enabled'] = port_security_enabled
- result = networks_client.create_network(**network_kwargs)
- network = result['network']
-
- self.assertEqual(network['name'], name)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- networks_client.delete_network,
- network['id'])
- return network
-
- def _create_subnet(self, network, subnets_client=None,
- routers_client=None, namestart='subnet-smoke',
- **kwargs):
- """Create a subnet for the given network
-
- within the cidr block configured for tenant networks.
- """
- if not subnets_client:
- subnets_client = self.subnets_client
- if not routers_client:
- routers_client = self.routers_client
-
- def cidr_in_use(cidr, tenant_id):
- """Check cidr existence
-
- :returns: True if subnet with cidr already exist in tenant
- False else
- """
- cidr_in_use = self.admin_manager.subnets_client.list_subnets(
- tenant_id=tenant_id, cidr=cidr)['subnets']
- return len(cidr_in_use) != 0
-
- ip_version = kwargs.pop('ip_version', 4)
-
- if ip_version == 6:
- tenant_cidr = netaddr.IPNetwork(
- CONF.network.project_network_v6_cidr)
- num_bits = CONF.network.project_network_v6_mask_bits
- else:
- tenant_cidr = netaddr.IPNetwork(CONF.network.project_network_cidr)
- num_bits = CONF.network.project_network_mask_bits
-
- result = None
- str_cidr = None
- # Repeatedly attempt subnet creation with sequential cidr
- # blocks until an unallocated block is found.
- for subnet_cidr in tenant_cidr.subnet(num_bits):
- str_cidr = str(subnet_cidr)
- if cidr_in_use(str_cidr, tenant_id=network['tenant_id']):
- continue
-
- subnet = dict(
- name=data_utils.rand_name(namestart),
- network_id=network['id'],
- tenant_id=network['tenant_id'],
- cidr=str_cidr,
- ip_version=ip_version,
- **kwargs
- )
- try:
- result = subnets_client.create_subnet(**subnet)
- break
- except lib_exc.Conflict as e:
- is_overlapping_cidr = 'overlaps with another subnet' in str(e)
- if not is_overlapping_cidr:
- raise
- self.assertIsNotNone(result, 'Unable to allocate tenant network')
-
- subnet = result['subnet']
- self.assertEqual(subnet['cidr'], str_cidr)
-
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- subnets_client.delete_subnet, subnet['id'])
-
- return subnet
-
- def _get_server_port_id_and_ip4(self, server, ip_addr=None):
- ports = self.admin_manager.ports_client.list_ports(
- device_id=server['id'], fixed_ip=ip_addr)['ports']
- # A port can have more than one IP address in some cases.
- # If the network is dual-stack (IPv4 + IPv6), this port is associated
- # with 2 subnets
- p_status = ['ACTIVE']
- # NOTE(vsaienko) With Ironic, instances live on separate hardware
- # servers. Neutron does not bind ports for Ironic instances, as a
- # result the port remains in the DOWN state.
- # TODO(vsaienko) remove once bug: #1599836 is resolved.
- if getattr(CONF.service_available, 'ironic', False):
- p_status.append('DOWN')
- port_map = [(p["id"], fxip["ip_address"])
- for p in ports
- for fxip in p["fixed_ips"]
- if netutils.is_valid_ipv4(fxip["ip_address"])
- and p['status'] in p_status]
- inactive = [p for p in ports if p['status'] != 'ACTIVE']
- if inactive:
- LOG.warning("Instance has ports that are not ACTIVE: %s", inactive)
-
- self.assertNotEqual(0, len(port_map),
- "No IPv4 addresses found in: %s" % ports)
- self.assertEqual(len(port_map), 1,
- "Found multiple IPv4 addresses: %s. "
- "Unable to determine which port to target."
- % port_map)
- return port_map[0]
-
- def _get_network_by_name(self, network_name):
- net = self.admin_manager.networks_client.list_networks(
- name=network_name)['networks']
- self.assertNotEqual(len(net), 0,
- "Unable to get network by name: %s" % network_name)
- return net[0]
-
- def create_floating_ip(self, thing, external_network_id=None,
- port_id=None, client=None):
- """Create a floating IP and associates to a resource/port on Neutron"""
- if not external_network_id:
- external_network_id = CONF.network.public_network_id
- if not client:
- client = self.floating_ips_client
- if not port_id:
- port_id, ip4 = self._get_server_port_id_and_ip4(thing)
- else:
- ip4 = None
- result = client.create_floatingip(
- floating_network_id=external_network_id,
- port_id=port_id,
- tenant_id=thing['tenant_id'],
- fixed_ip_address=ip4
- )
- floating_ip = result['floatingip']
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_floatingip,
- floating_ip['id'])
- return floating_ip
-
- def _associate_floating_ip(self, floating_ip, server):
- port_id, _ = self._get_server_port_id_and_ip4(server)
- kwargs = dict(port_id=port_id)
- floating_ip = self.floating_ips_client.update_floatingip(
- floating_ip['id'], **kwargs)['floatingip']
- self.assertEqual(port_id, floating_ip['port_id'])
- return floating_ip
-
- def _disassociate_floating_ip(self, floating_ip):
- """:param floating_ip: floating_ips_client.create_floatingip"""
- kwargs = dict(port_id=None)
- floating_ip = self.floating_ips_client.update_floatingip(
- floating_ip['id'], **kwargs)['floatingip']
- self.assertIsNone(floating_ip['port_id'])
- return floating_ip
-
- def check_floating_ip_status(self, floating_ip, status):
- """Verifies floatingip reaches the given status
-
- :param dict floating_ip: floating IP dict to check status
- :param status: target status
- :raises: AssertionError if status doesn't match
- """
- floatingip_id = floating_ip['id']
-
- def refresh():
- result = (self.floating_ips_client.
- show_floatingip(floatingip_id)['floatingip'])
- return status == result['status']
-
- test_utils.call_until_true(refresh,
- CONF.network.build_timeout,
- CONF.network.build_interval)
- floating_ip = self.floating_ips_client.show_floatingip(
- floatingip_id)['floatingip']
- self.assertEqual(status, floating_ip['status'],
- message="FloatingIP: {fp} is at status: {cst}. "
- "failed to reach status: {st}"
- .format(fp=floating_ip, cst=floating_ip['status'],
- st=status))
- LOG.info("FloatingIP: {fp} is at status: {st}"
- .format(fp=floating_ip, st=status))
-
- def _check_tenant_network_connectivity(self, server,
- username,
- private_key,
- should_connect=True,
- servers_for_debug=None):
- if not CONF.network.project_networks_reachable:
- msg = 'Tenant networks not configured to be reachable.'
- LOG.info(msg)
- return
- # The target login is assumed to have been configured for
- # key-based authentication by cloud-init.
- try:
- for ip_addresses in server['addresses'].values():
- for ip_address in ip_addresses:
- self.check_vm_connectivity(ip_address['addr'],
- username,
- private_key,
- should_connect=should_connect)
- except Exception as e:
- LOG.exception('Tenant network connectivity check failed')
- self._log_console_output(servers_for_debug)
- self._log_net_info(e)
- raise
-
- def _check_remote_connectivity(self, source, dest, should_succeed=True,
- nic=None):
- """assert ping server via source ssh connection
-
- Note: This is an internal method. Use check_remote_connectivity
- instead.
-
- :param source: RemoteClient: an ssh connection from which to ping
- :param dest: and IP to ping against
- :param should_succeed: boolean should ping succeed or not
- :param nic: specific network interface to ping from
- """
- def ping_remote():
- try:
- source.ping_host(dest, nic=nic)
- except lib_exc.SSHExecCommandFailed:
- LOG.warning('Failed to ping IP: %s via a ssh connection '
- 'from: %s.', dest, source.ssh_client.host)
- return not should_succeed
- return should_succeed
-
- return test_utils.call_until_true(ping_remote,
- CONF.validation.ping_timeout,
- 1)
-
- def check_remote_connectivity(self, source, dest, should_succeed=True,
- nic=None):
- """assert ping server via source ssh connection
-
- :param source: RemoteClient: an ssh connection from which to ping
- :param dest: and IP to ping against
- :param should_succeed: boolean should ping succeed or not
- :param nic: specific network interface to ping from
- """
- result = self._check_remote_connectivity(source, dest, should_succeed,
- nic)
- source_host = source.ssh_client.host
- if should_succeed:
- msg = "Timed out waiting for %s to become reachable from %s" \
- % (dest, source_host)
- else:
- msg = "%s is reachable from %s" % (dest, source_host)
- self.assertTrue(result, msg)
-
- def _create_security_group(self, security_group_rules_client=None,
- tenant_id=None,
- namestart='secgroup-smoke',
- security_groups_client=None):
- if security_group_rules_client is None:
- security_group_rules_client = self.security_group_rules_client
- if security_groups_client is None:
- security_groups_client = self.security_groups_client
- if tenant_id is None:
- tenant_id = security_groups_client.tenant_id
- secgroup = self._create_empty_security_group(
- namestart=namestart, client=security_groups_client,
- tenant_id=tenant_id)
-
- # Add rules to the security group
- rules = self._create_loginable_secgroup_rule(
- security_group_rules_client=security_group_rules_client,
- secgroup=secgroup,
- security_groups_client=security_groups_client)
- for rule in rules:
- self.assertEqual(tenant_id, rule['tenant_id'])
- self.assertEqual(secgroup['id'], rule['security_group_id'])
- return secgroup
-
- def _create_empty_security_group(self, client=None, tenant_id=None,
- namestart='secgroup-smoke'):
- """Create a security group without rules.
-
- Default rules will be created:
- - IPv4 egress to any
- - IPv6 egress to any
-
- :param tenant_id: secgroup will be created in this tenant
- :returns: the created security group
- """
- if client is None:
- client = self.security_groups_client
- if not tenant_id:
- tenant_id = client.tenant_id
- sg_name = data_utils.rand_name(namestart)
- sg_desc = sg_name + " description"
- sg_dict = dict(name=sg_name,
- description=sg_desc)
- sg_dict['tenant_id'] = tenant_id
- result = client.create_security_group(**sg_dict)
-
- secgroup = result['security_group']
- self.assertEqual(secgroup['name'], sg_name)
- self.assertEqual(tenant_id, secgroup['tenant_id'])
- self.assertEqual(secgroup['description'], sg_desc)
-
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_security_group, secgroup['id'])
- return secgroup
-
- def _default_security_group(self, client=None, tenant_id=None):
- """Get default secgroup for given tenant_id.
-
- :returns: default secgroup for given tenant
- """
- if client is None:
- client = self.security_groups_client
- if not tenant_id:
- tenant_id = client.tenant_id
- sgs = [
- sg for sg in list(client.list_security_groups().values())[0]
- if sg['tenant_id'] == tenant_id and sg['name'] == 'default'
- ]
- msg = "No default security group for tenant %s." % (tenant_id)
- self.assertGreater(len(sgs), 0, msg)
- return sgs[0]
-
- def _create_security_group_rule(self, secgroup=None,
- sec_group_rules_client=None,
- tenant_id=None,
- security_groups_client=None, **kwargs):
- """Create a rule from a dictionary of rule parameters.
-
- Create a rule in a secgroup. if secgroup not defined will search for
- default secgroup in tenant_id.
-
- :param secgroup: the security group.
- :param tenant_id: if secgroup not passed -- the tenant in which to
- search for default secgroup
- :param kwargs: a dictionary containing rule parameters:
- for example, to allow incoming ssh:
- rule = {
- direction: 'ingress'
- protocol:'tcp',
- port_range_min: 22,
- port_range_max: 22
- }
- """
- if sec_group_rules_client is None:
- sec_group_rules_client = self.security_group_rules_client
- if security_groups_client is None:
- security_groups_client = self.security_groups_client
- if not tenant_id:
- tenant_id = security_groups_client.tenant_id
- if secgroup is None:
- secgroup = self._default_security_group(
- client=security_groups_client, tenant_id=tenant_id)
-
- ruleset = dict(security_group_id=secgroup['id'],
- tenant_id=secgroup['tenant_id'])
- ruleset.update(kwargs)
-
- sg_rule = sec_group_rules_client.create_security_group_rule(**ruleset)
- sg_rule = sg_rule['security_group_rule']
-
- self.assertEqual(secgroup['tenant_id'], sg_rule['tenant_id'])
- self.assertEqual(secgroup['id'], sg_rule['security_group_id'])
-
- return sg_rule
-
- def _create_loginable_secgroup_rule(self, security_group_rules_client=None,
- secgroup=None,
- security_groups_client=None):
- """Create loginable security group rule
-
- This function will create:
- 1. egress and ingress tcp port 22 allow rule in order to allow ssh
- access for ipv4.
- 2. egress and ingress ipv6 icmp allow rule, in order to allow icmpv6.
- 3. egress and ingress ipv4 icmp allow rule, in order to allow icmpv4.
- """
-
- if security_group_rules_client is None:
- security_group_rules_client = self.security_group_rules_client
- if security_groups_client is None:
- security_groups_client = self.security_groups_client
- rules = []
- rulesets = [
- dict(
- # ssh
- protocol='tcp',
- port_range_min=22,
- port_range_max=22,
- ),
- dict(
- # ping
- protocol='icmp',
- ),
- dict(
- # ipv6-icmp for ping6
- protocol='icmp',
- ethertype='IPv6',
- )
- ]
- sec_group_rules_client = security_group_rules_client
- for ruleset in rulesets:
- for r_direction in ['ingress', 'egress']:
- ruleset['direction'] = r_direction
- try:
- sg_rule = self._create_security_group_rule(
- sec_group_rules_client=sec_group_rules_client,
- secgroup=secgroup,
- security_groups_client=security_groups_client,
- **ruleset)
- except lib_exc.Conflict as ex:
- # if rule already exist - skip rule and continue
- msg = 'Security group rule already exists'
- if msg not in ex._error_string:
- raise ex
- else:
- self.assertEqual(r_direction, sg_rule['direction'])
- rules.append(sg_rule)
-
- return rules
-
- def _get_router(self, client=None, tenant_id=None):
- """Retrieve a router for the given tenant id.
-
- If a public router has been configured, it will be returned.
-
- If a public router has not been configured, but a public
- network has, a tenant router will be created and returned that
- routes traffic to the public network.
- """
- if not client:
- client = self.routers_client
- if not tenant_id:
- tenant_id = client.tenant_id
- router_id = CONF.network.public_router_id
- network_id = CONF.network.public_network_id
- if router_id:
- body = client.show_router(router_id)
- return body['router']
- elif network_id:
- router = self._create_router(client, tenant_id)
- kwargs = {'external_gateway_info': dict(network_id=network_id)}
- router = client.update_router(router['id'], **kwargs)['router']
- return router
- else:
- raise Exception("Neither of 'public_router_id' or "
- "'public_network_id' has been defined.")
-
- def _create_router(self, client=None, tenant_id=None,
- namestart='router-smoke'):
- if not client:
- client = self.routers_client
- if not tenant_id:
- tenant_id = client.tenant_id
- name = data_utils.rand_name(namestart)
- result = client.create_router(name=name,
- admin_state_up=True,
- tenant_id=tenant_id)
- router = result['router']
- self.assertEqual(router['name'], name)
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- client.delete_router,
- router['id'])
- return router
-
- def _update_router_admin_state(self, router, admin_state_up):
- kwargs = dict(admin_state_up=admin_state_up)
- router = self.routers_client.update_router(
- router['id'], **kwargs)['router']
- self.assertEqual(admin_state_up, router['admin_state_up'])
-
- def create_networks(self, networks_client=None,
- routers_client=None, subnets_client=None,
- tenant_id=None, dns_nameservers=None,
- port_security_enabled=True):
- """Create a network with a subnet connected to a router.
-
- The baremetal driver is a special case since all nodes are
- on the same shared network.
-
- :param tenant_id: id of tenant to create resources in.
- :param dns_nameservers: list of dns servers to send to subnet.
- :returns: network, subnet, router
- """
- if CONF.network.shared_physical_network:
- # NOTE(Shrews): This exception is for environments where tenant
- # credential isolation is available, but network separation is
- # not (the current baremetal case). Likely can be removed when
- # test account mgmt is reworked:
- # https://blueprints.launchpad.net/tempest/+spec/test-accounts
- if not CONF.compute.fixed_network_name:
- m = 'fixed_network_name must be specified in config'
- raise lib_exc.InvalidConfiguration(m)
- network = self._get_network_by_name(
- CONF.compute.fixed_network_name)
- router = None
- subnet = None
- else:
- network = self._create_network(
- networks_client=networks_client,
- tenant_id=tenant_id,
- port_security_enabled=port_security_enabled)
- router = self._get_router(client=routers_client,
- tenant_id=tenant_id)
- subnet_kwargs = dict(network=network,
- subnets_client=subnets_client,
- routers_client=routers_client)
- # use explicit check because empty list is a valid option
- if dns_nameservers is not None:
- subnet_kwargs['dns_nameservers'] = dns_nameservers
- subnet = self._create_subnet(**subnet_kwargs)
- if not routers_client:
- routers_client = self.routers_client
- router_id = router['id']
- routers_client.add_router_interface(router_id,
- subnet_id=subnet['id'])
-
- # save a cleanup job to remove this association between
- # router and subnet
- self.addCleanup(test_utils.call_and_ignore_notfound_exc,
- routers_client.remove_router_interface, router_id,
- subnet_id=subnet['id'])
- return network, subnet, router
diff --git a/vmware_nsx_tempest/tests/scenario/test_micro_segmentation_ops.py b/vmware_nsx_tempest/tests/scenario/test_micro_segmentation_ops.py
deleted file mode 100644
index b418234d12..0000000000
--- a/vmware_nsx_tempest/tests/scenario/test_micro_segmentation_ops.py
+++ /dev/null
@@ -1,157 +0,0 @@
-# Copyright 2017 VMware Inc
-# All Rights Reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-from oslo_log import log as logging
-
-from tempest import config
-from tempest.lib import decorators
-from tempest import test
-
-from vmware_nsx_tempest.lib import feature_manager
-from vmware_nsx_tempest.services import nsx_client
-
-CONF = config.CONF
-
-LOG = logging.getLogger(__name__)
-
-
-class TestMicroSegmentationOps(feature_manager.FeatureManager):
-
- @classmethod
- def skip_checks(cls):
- super(TestMicroSegmentationOps, cls).skip_checks()
- if not (CONF.network.project_networks_reachable or
- CONF.network.public_network_id):
- msg = ('Either project_networks_reachable must be "true", or '
- 'public_network_id must be defined.')
- raise cls.skipException(msg)
- for ext in ['router', 'security-group']:
- if not test.is_extension_enabled(ext, 'network'):
- msg = "%s extension not enabled." % ext
- raise cls.skipException(msg)
- if not CONF.network.public_network_cidr:
- msg = "public_network_cidr must be defined in network section."
- raise cls.skipException(msg)
-
- @classmethod
- def setup_credentials(cls):
- cls.set_network_resources()
- super(TestMicroSegmentationOps, cls).setup_credentials()
-
- @classmethod
- def setup_clients(cls):
- """
- Create various client connections. Such as NSX.
- """
- super(TestMicroSegmentationOps, cls).setup_clients()
- cls.nsx_client = nsx_client.NSXClient(
- CONF.network.backend,
- CONF.nsxv3.nsx_manager,
- CONF.nsxv3.nsx_user,
- CONF.nsxv3.nsx_password)
-
- def define_security_groups(self):
- self.web_sg = self.create_topology_empty_security_group(
- namestart="web_sg_")
- self.app_sg = self.create_topology_empty_security_group(
- namestart="app_sg_")
- # Common rules to allow the following traffic
- # 1. Egress ICMP IPv4 any any
- # 2. Egress ICMP IPv6 any any
- # 3. Ingress ICMP IPv4 from public network
- # 4. Ingress TCP 22 (SSH) from public network
- common_ruleset = [dict(direction='egress', protocol='icmp'),
- dict(direction='egress', protocol='icmp',
- ethertype='IPv6'),
- dict(direction='ingress', protocol='tcp',
- port_range_min=22, port_range_max=22,
- remote_ip_prefix=CONF.network
- .public_network_cidr),
- dict(direction='ingress', protocol='icmp',
- remote_ip_prefix=CONF.network
- .public_network_cidr)]
- # Rules that are specific to web tier network
- # 1. Ingress ICMP IPv4 from web_sg
- # 2. Ingress TCP 80 (HTTP) any any
- # 3. Ingress TCP 443 (HTTPS) any any
- web_rules = [dict(direction='ingress', protocol='icmp',
- remote_group_id=self.web_sg['id']),
- dict(direction='ingress', protocol='tcp',
- port_range_min=80, port_range_max=80, ),
- dict(direction='ingress', protocol='tcp',
- port_range_min=443, port_range_max=443, )]
- web_rules = common_ruleset + web_rules
- # Rules that are specific to app tier network
- # 1. Ingress ICMP IPv4 from app_sg
- # 2. Ingress TCP 22 (SSH) from web_sg
- app_rules = [dict(direction='ingress', protocol='icmp',
- remote_group_id=self.app_sg['id']),
- dict(direction='ingress', protocol='tcp',
- port_range_min=22, port_range_max=22,
- remote_group_id=self.web_sg['id'])]
- app_rules = common_ruleset + app_rules
- for rule in web_rules:
- self.add_security_group_rule(self.web_sg, rule)
- for rule in app_rules:
- self.add_security_group_rule(self.app_sg, rule)
-
- def deploy_micro_segmentation_topology(self):
- router_microseg = self.create_topology_router("router_microseg")
- # Web network
- network_web = self.create_topology_network("network_web")
- self.create_topology_subnet("subnet_web", network_web,
- router_id=router_microseg["id"])
- self.create_topology_instance(
- "server_web_1", [network_web],
- security_groups=[{'name': self.web_sg['name']}])
- self.create_topology_instance(
- "server_web_2", [network_web],
- security_groups=[{'name': self.web_sg['name']}])
- # App network
- network_app = self.create_topology_network("network_app")
- self.create_topology_subnet("subnet_app", network_app,
- router_id=router_microseg["id"])
- self.create_topology_instance(
- "server_app_1", [network_app],
- security_groups=[{'name': self.app_sg['name']}])
- self.create_topology_instance(
- "server_app_2", [network_app],
- security_groups=[{'name': self.app_sg['name']}])
-
- def check_server_project_connectivity(self, server_details):
- self.using_floating_ip_check_server_and_project_network_connectivity(
- server_details)
-
- @decorators.attr(type=["nsxv3", "nsxv"])
- @decorators.idempotent_id('91e1ee1f-10d9-4b19-8350-804aea7e57b4')
- def test_micro_segmentation_ops(self):
- """Test micro-segmentation use case
-
- Create two-tier application web and app networks, define security
- group rules based on the requirements, apply them to the VMs created
- on the network, and verify the connectivity based on the rule.
-
- """
- self.define_security_groups()
- self.deploy_micro_segmentation_topology()
- for server, details in self.servers_details.items():
- self.check_server_project_connectivity(details)
- self.check_cross_network_connectivity(
- self.topology_networks["network_web"],
- self.servers_details["server_app_1"].floating_ip,
- self.servers_details["server_app_1"].server)
- self.check_cross_network_connectivity(
- self.topology_networks["network_app"],
- self.servers_details["server_web_1"].floating_ip,
- self.servers_details["server_web_1"].server)
diff --git a/vmware_nsx_tempest/tests/templates/nsxt_neutron_smoke.yaml b/vmware_nsx_tempest/tests/templates/nsxt_neutron_smoke.yaml
deleted file mode 100644
index 6d247f78f8..0000000000
--- a/vmware_nsx_tempest/tests/templates/nsxt_neutron_smoke.yaml
+++ /dev/null
@@ -1,203 +0,0 @@
-heat_template_version: 2013-05-23
-
-description: >
- Topology 1:
- - 4 servers (Cirros))
- - 2 Logical Switches
- - 1 Logical Router (Shared)
- - 2 Security Group allowing HTTP
-
-parameters:
-
- public_net:
- label: Public Network ID for external connectivity
- type: string
- description: >
- ID or name of public network
- # Need to update this network UUID for each vPod.
- default: public
- cirros_image:
- default: cirros-0.3.3-x86_64-ESX
- description: "cirros image"
- type: string
-
-
-resources:
-
-# Topology1
-
- heat_NAT_web_net:
- type: OS::Neutron::Net
- properties:
- name: heat_NAT_web
-
- heat_NAT_web_subnet:
- type: OS::Neutron::Subnet
- properties:
- network_id: { get_resource: heat_NAT_web_net }
- cidr: 10.21.1.0/24
- dns_nameservers: [ "10.166.17.90" ]
-
- heat_NAT_db_net:
- type: OS::Neutron::Net
- properties:
- name: heat_NAT_db
-
- heat_NAT_db_subnet:
- type: OS::Neutron::Subnet
- properties:
- network_id: { get_resource: heat_NAT_db_net }
- cidr: 10.21.2.0/24
- dns_nameservers: [ "10.166.17.90" ]
-
- my_key:
- type: OS::Nova::KeyPair
- properties:
- save_private_key: true
- name: my_key
-
- router:
- type: OS::Neutron::Router
- properties:
- admin_state_up: true
- name: heat_NAT_router
-
- router_gw:
- type: OS::Neutron::RouterGateway
- properties:
- network_id: { get_param: public_net}
- router_id: { get_resource: router }
-
- router_interface1:
- type: OS::Neutron::RouterInterface
- properties:
- router_id: { get_resource: router }
- subnet_id: { get_resource: heat_NAT_web_subnet }
-
- router_interface2:
- type: OS::Neutron::RouterInterface
- properties:
- router_id: { get_resource: router }
- subnet_id: { get_resource: heat_NAT_db_subnet }
-
-
- heat_NAT_web_secgroup:
- type: OS::Neutron::SecurityGroup
- properties:
- name: heat_NAT_web_secgroup
- rules:
- - protocol: tcp
- remote_ip_prefix: 0.0.0.0/0
- port_range_min: 443
- port_range_max: 443
- - protocol: tcp
- remote_ip_prefix: 0.0.0.0/0
- port_range_min: 22
- port_range_max: 22
- - protocol: icmp
- remote_ip_prefix: 0.0.0.0/0
-
- heat_NAT_db_secgroup:
- type: OS::Neutron::SecurityGroup
- properties:
- name: heat_NAT_db_secgroup
- rules:
- - protocol: tcp
- remote_mode: remote_group_id
- remote_group_id: { get_resource: heat_NAT_web_secgroup }
- port_range_min: 3307
- port_range_max: 3307
- - protocol: icmp
- remote_ip_prefix: 0.0.0.0/0
-
- server1_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_resource: heat_NAT_web_net }
- security_groups:
- - { get_resource: heat_NAT_web_secgroup }
-
- server1_instance:
- type: OS::Nova::Server
- properties:
- image: { get_param: cirros_image}
- flavor: m1.tiny
- key_name: { get_resource: my_key }
- networks:
- - port: { get_resource: server1_port }
-
- server1_floating_ip:
- type: OS::Neutron::FloatingIP
- properties:
- floating_network_id: { get_param: public_net }
- port_id: { get_resource: server1_port }
-
-
- server2_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_resource: heat_NAT_db_net }
- security_groups:
- - { get_resource: heat_NAT_db_secgroup }
-
- server2_instance:
- type: OS::Nova::Server
- properties:
- image: { get_param: cirros_image}
- flavor: m1.tiny
- key_name: { get_resource: my_key }
- networks:
- - port: { get_resource: server2_port }
-
- server3_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_resource: heat_NAT_db_net }
- security_groups:
- - { get_resource: heat_NAT_db_secgroup }
-
-
- server3_instance:
- type: OS::Nova::Server
- properties:
- image: { get_param: cirros_image}
- flavor: m1.tiny
- key_name: { get_resource: my_key }
- networks:
- - port: { get_resource: server3_port }
-
- server4_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_resource: heat_NAT_web_net }
- security_groups:
- - { get_resource: heat_NAT_web_secgroup }
-
- server4_instance:
- type: OS::Nova::Server
- properties:
- image: { get_param: cirros_image}
- flavor: m1.tiny
- key_name: { get_resource: my_key }
- networks:
- - port: { get_resource: server4_port }
-
-outputs:
- topo1_server1_floatingip:
- description: Floating IP address of Topology1_Server1_floatingip
- value: { get_attr: [ server1_floating_ip, floating_ip_address ] }
- topo1_server1_private_ip:
- description: Private IP address of the deployed compute instance
- value: { get_attr: [server1_instance, networks, heat_NAT_web, 0] }
- topo1_server2_private_ip:
- description: Private IP address of the deployed compute instance
- value: { get_attr: [server2_instance, networks, heat_NAT_db, 0] }
- topo1_server3_private_ip:
- description: Private IP address of the deployed compute instance
- value: { get_attr: [server3_instance, networks, heat_NAT_db, 0] }
- topo1_server4_private_ip:
- description: Private IP address of the deployed compute instance
- value: { get_attr: [server4_instance, networks, heat_NAT_web, 0] }
- private_key:
- description: Private key
- value: { get_attr: [ my_key, private_key ] }
diff --git a/vmware_nsx_tempest/tests/templates/nsxv_neutron_smoke.yaml b/vmware_nsx_tempest/tests/templates/nsxv_neutron_smoke.yaml
deleted file mode 100644
index edfde6a9ea..0000000000
--- a/vmware_nsx_tempest/tests/templates/nsxv_neutron_smoke.yaml
+++ /dev/null
@@ -1,453 +0,0 @@
-heat_template_version: 2013-05-23
-
-description: >
- Topology 1:
- - 4 servers (Cirros))
- - 2 Logical Switches
- - 1 Logical Router (Shared)
- - 2 Security Group allowing HTTP
- Topology 2:
- - 2 servers (Cirros))
- - 2 Logical Switch
- - 1 Logical Router (Exclusive)
- - 1 Security Group allowing HTTP
-
-parameters:
-
- public_net:
- label: Public Network ID for external connectivity
- type: string
- description: >
- ID or name of public network
- # Need to update this network UUID for each vPod.
- default: ext-net
- dmz_network:
- default: ext-net
- description: "External network"
- type: string
- ubuntu_image:
- default: cirros
- description: "Ubuntu image"
- type: string
-
-
-resources:
-
-# Topology1
-
- heat_NAT_web_net:
- type: OS::Neutron::Net
- properties:
- name: heat_NAT_web
-
- heat_NAT_web_subnet:
- type: OS::Neutron::Subnet
- properties:
- network_id: { get_resource: heat_NAT_web_net }
- cidr: 10.21.1.0/24
- dns_nameservers: [ "10.166.17.90" ]
-
- heat_NAT_db_net:
- type: OS::Neutron::Net
- properties:
- name: heat_NAT_db
-
- heat_NAT_db_subnet:
- type: OS::Neutron::Subnet
- properties:
- network_id: { get_resource: heat_NAT_db_net }
- cidr: 10.21.2.0/24
- dns_nameservers: [ "10.166.17.90" ]
-
- my_key:
- type: OS::Nova::KeyPair
- properties:
- save_private_key: true
- name: my_key
-
- router:
- type: OS::Neutron::Router
- properties:
- admin_state_up: true
- name: heat_NAT_router
-
- router_gw:
- type: OS::Neutron::RouterGateway
- properties:
- network_id: { get_param: public_net}
- router_id: { get_resource: router }
-
- router_interface1:
- type: OS::Neutron::RouterInterface
- properties:
- router_id: { get_resource: router }
- subnet_id: { get_resource: heat_NAT_web_subnet }
-
- router_interface2:
- type: OS::Neutron::RouterInterface
- properties:
- router_id: { get_resource: router }
- subnet_id: { get_resource: heat_NAT_db_subnet }
-
-
- heat_NAT_web_secgroup:
- type: OS::Neutron::SecurityGroup
- properties:
- name: heat_NAT_web_secgroup
- rules:
- - protocol: tcp
- remote_ip_prefix: 0.0.0.0/0
- port_range_min: 443
- port_range_max: 443
- - protocol: tcp
- remote_ip_prefix: 0.0.0.0/0
- port_range_min: 22
- port_range_max: 22
- - protocol: icmp
- remote_ip_prefix: 0.0.0.0/0
-
- heat_NAT_db_secgroup:
- type: OS::Neutron::SecurityGroup
- properties:
- name: heat_NAT_db_secgroup
- rules:
- - protocol: tcp
- remote_mode: remote_group_id
- remote_group_id: { get_resource: heat_NAT_web_secgroup }
- port_range_min: 3307
- port_range_max: 3307
- - protocol: icmp
- remote_ip_prefix: 0.0.0.0/0
-
- server1_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_resource: heat_NAT_web_net }
- security_groups:
- - { get_resource: heat_NAT_web_secgroup }
-
- server1_instance:
- type: OS::Nova::Server
- properties:
- image: cirros
- flavor: m1.tiny
- key_name: { get_resource: my_key }
- networks:
- - port: { get_resource: server1_port }
-
- server1_floating_ip:
- type: OS::Neutron::FloatingIP
- properties:
- floating_network_id: { get_param: public_net }
- port_id: { get_resource: server1_port }
-
-
- server2_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_resource: heat_NAT_db_net }
- security_groups:
- - { get_resource: heat_NAT_db_secgroup }
-
- server2_instance:
- type: OS::Nova::Server
- properties:
- image: cirros
- flavor: m1.tiny
- key_name: { get_resource: my_key }
- networks:
- - port: { get_resource: server2_port }
-
- server3_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_resource: heat_NAT_db_net }
- security_groups:
- - { get_resource: heat_NAT_db_secgroup }
-
-
- server3_instance:
- type: OS::Nova::Server
- properties:
- image: cirros
- flavor: m1.tiny
- key_name: { get_resource: my_key }
- networks:
- - port: { get_resource: server3_port }
-
- server4_port:
- type: OS::Neutron::Port
- properties:
- network_id: { get_resource: heat_NAT_web_net }
- security_groups:
- - { get_resource: heat_NAT_web_secgroup }
-
- server4_instance:
- type: OS::Nova::Server
- properties:
- image: cirros
- flavor: m1.tiny
- key_name: { get_resource: my_key }
- networks:
- - port: { get_resource: server4_port }
-
-# Topology2
-
- dmz_router:
- properties:
- admin_state_up: true
- external_gateway_info:
- network:
- get_param: dmz_network
- name:
- Fn::Join:
- - '_'
- - [get_param: "OS::stack_name", "DmzGateway"]
- value_specs:
- router_type: exclusive
- type: "OS::Neutron::Router"
- floatingip_jump:
- properties:
- floating_network:
- get_param: dmz_network
- type: "OS::Neutron::FloatingIP"
- floatingip_jump_association:
- depends_on:
- - floatingip_jump
- - server_jump1
- - router_interface_subnet_mgmt_dmz
- properties:
- floating_ip:
- get_resource: floatingip_jump
- server_id:
- get_resource: server_jump1
- type: "OS::Nova::FloatingIPAssociation"
- network_mgmt:
- properties:
- admin_state_up: true
- name:
- Fn::Join:
- - '_'
- - [get_param: "OS::stack_name", "mgmt"]
- shared: false
- type: "OS::Neutron::Net"
- network_mgmt2:
- properties:
- admin_state_up: true
- name:
- Fn::Join:
- - '_'
- - [get_param: "OS::stack_name", "mgmt2"]
- shared: false
- type: "OS::Neutron::Net"
- port_dmz_jump:
- depends_on:
- - security_group
- - subnet_mgmt
- properties:
- fixed_ips:
- - ip_address: "50.0.0.10"
- security_groups:
- - get_resource: security_group
- network_id:
- get_resource: network_mgmt
- type: "OS::Neutron::Port"
- port_dmz_jump2:
- depends_on:
- - security_group
- - subnet_mgmt
- properties:
- fixed_ips:
- - ip_address: "60.0.0.10"
- security_groups:
- - get_resource: security_group
- network_id:
- get_resource: network_mgmt2
- type: "OS::Neutron::Port"
- port_mgmt_dmz_router:
- depends_on:
- - security_group
- - subnet_mgmt
- properties:
- fixed_ips:
- - ip_address: "50.0.0.254"
- network_id:
- get_resource: network_mgmt
- security_groups:
- - get_resource: security_group
- type: "OS::Neutron::Port"
- router_interface_subnet_mgmt_dmz:
- depends_on:
- - dmz_router
- - port_mgmt_dmz_router
- properties:
- port_id:
- get_resource: port_mgmt_dmz_router
- router_id:
- get_resource: dmz_router
- type: "OS::Neutron::RouterInterface"
- port_mgmt_dmz_router2:
- depends_on:
- - security_group
- - subnet_mgmt2
- properties:
- fixed_ips:
- - ip_address: "60.0.0.254"
- network_id:
- get_resource: network_mgmt2
- security_groups:
- - get_resource: security_group
- type: "OS::Neutron::Port"
- router_interface_subnet_mgmt_dmz2:
- depends_on:
- - dmz_router
- - port_mgmt_dmz_router2
- properties:
- port_id:
- get_resource: port_mgmt_dmz_router2
- router_id:
- get_resource: dmz_router
- type: "OS::Neutron::RouterInterface"
- security_group:
- properties:
- description: "Allows all"
- name:
- Fn::Join:
- - '_'
- - [get_param: "OS::stack_name", "Permissive"]
- rules:
- -
- direction: ingress
- ethertype: IPv4
- port_range_max: 65535
- port_range_min: 1
- protocol: tcp
- remote_ip_prefix: 0.0.0.0/0
- -
- direction: ingress
- ethertype: IPv4
- port_range_max: 65535
- port_range_min: 1
- protocol: udp
- remote_ip_prefix: 0.0.0.0/0
- -
- direction: ingress
- ethertype: IPv4
- protocol: icmp
- remote_ip_prefix: 0.0.0.0/0
- -
- direction: egress
- ethertype: IPv4
- port_range_max: 65535
- port_range_min: 1
- protocol: tcp
- remote_ip_prefix: 0.0.0.0/0
- -
- direction: egress
- ethertype: IPv4
- port_range_max: 65535
- port_range_min: 1
- protocol: udp
- remote_ip_prefix: 0.0.0.0/0
- -
- direction: egress
- ethertype: IPv4
- protocol: icmp
- remote_ip_prefix: 0.0.0.0/0
- type: "OS::Neutron::SecurityGroup"
- server_jump1:
- depends_on:
- - port_dmz_jump
- properties:
- diskConfig: MANUAL
- flavor: m1.tiny
- image:
- get_param: ubuntu_image
- key_name: { get_resource: my_key }
- name:
- Fn::Join:
- - '_'
- - [get_param: "OS::stack_name", "JumpServer1"]
- networks:
- - port:
- get_resource: port_dmz_jump
- networks:
- - port:
- get_resource: port_dmz_jump
- type: "OS::Nova::Server"
- subnet_mgmt:
- depends_on:
- - network_mgmt
- properties:
- allocation_pools:
- -
- end: "50.0.0.250"
- start: "50.0.0.2"
- cidr: 50.0.0.0/24
- dns_nameservers:
- - "172.17.100.11"
- enable_dhcp: true
- ip_version: 4
- name:
- Fn::Join:
- - '_'
- - [get_param: "OS::stack_name", "DMZSubnet"]
- network_id:
- get_resource: network_mgmt
- type: "OS::Neutron::Subnet"
- subnet_mgmt2:
- depends_on:
- - network_mgmt2
- properties:
- allocation_pools:
- -
- end: "60.0.0.250"
- start: "60.0.0.2"
- cidr: 60.0.0.0/24
- dns_nameservers:
- - "172.17.100.11"
- enable_dhcp: true
- ip_version: 4
- name:
- Fn::Join:
- - '_'
- - [get_param: "OS::stack_name", "DMZSubnet2"]
- network_id:
- get_resource: network_mgmt2
- type: "OS::Neutron::Subnet"
- server_jump2:
- properties:
- diskConfig: MANUAL
- flavor: m1.tiny
- image:
- get_param: ubuntu_image
- key_name: { get_resource: my_key }
- name:
- Fn::Join:
- - '_'
- - [get_param: "OS::stack_name", "JumpServer2"]
- networks:
- - port:
- get_resource: port_dmz_jump2
- depends_on: [ port_dmz_jump2 ]
- type: OS::Nova::Server
-
-outputs:
- topo1_server1_floatingip:
- description: Floating IP address of Topology1_Server1_floatingip
- value: { get_attr: [ server1_floating_ip, floating_ip_address ] }
- topo1_server1_private_ip:
- description: Private IP address of the deployed compute instance
- value: { get_attr: [server1_instance, networks, heat_NAT_web, 0] }
- topo1_server2_private_ip:
- description: Private IP address of the deployed compute instance
- value: { get_attr: [server2_instance, networks, heat_NAT_db, 0] }
- topo1_server3_private_ip:
- description: Private IP address of the deployed compute instance
- value: { get_attr: [server3_instance, networks, heat_NAT_db, 0] }
- topo1_server4_private_ip:
- description: Private IP address of the deployed compute instance
- value: { get_attr: [server4_instance, networks, heat_NAT_web, 0] }
- private_key:
- description: Private key
- value: { get_attr: [ my_key, private_key ] }
diff --git a/vmware_nsx_tempest/tests/test_vmware_nsx_tempest.py b/vmware_nsx_tempest/tests/test_vmware_nsx_tempest.py
deleted file mode 100644
index 6e09f6f215..0000000000
--- a/vmware_nsx_tempest/tests/test_vmware_nsx_tempest.py
+++ /dev/null
@@ -1,30 +0,0 @@
-# -*- coding: utf-8 -*-
-
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-"""
-test_vmware_nsx_tempest
-----------------------------------
-
-Tests for `vmware_nsx_tempest` module.
-"""
-
-from tempest.lib import decorators
-from vmware_nsx_tempest.tests import base
-
-
-class TestVmware_nsx_tempest(base.TestCase):
-
- @decorators.idempotent_id('3c4c36a1-684b-4e89-8e71-a328f19324a0')
- def test_something(self):
- pass