Beispiel #1
0
def delete_stacks():
    logger.info("Removing stack: sfc")
    utils.run_cmd('openstack stack delete sfc --y')
    logger.info("Removing stack: sfc_test1")
    utils.run_cmd('openstack stack delete sfc_test1 --y')
    logger.info("Removing stack: sfc_test2")
    utils.run_cmd('openstack stack delete sfc_test2 --y')
Beispiel #2
0
def main():
    deploymentHandler = DeploymentFactory.get_handler(
        COMMON_CONFIG.installer_type,
        COMMON_CONFIG.installer_ip,
        COMMON_CONFIG.installer_user,
        installer_pwd=COMMON_CONFIG.installer_password)

    cluster = COMMON_CONFIG.installer_cluster
    openstack_nodes = (deploymentHandler.get_nodes({'cluster': cluster})
                       if cluster is not None
                       else deploymentHandler.get_nodes())

    controller_nodes = [node for node in openstack_nodes
                        if node.is_controller()]
    compute_nodes = [node for node in openstack_nodes
                     if node.is_compute()]

    odl_ip, odl_port = test_utils.get_odl_ip_port(openstack_nodes)

    for compute in compute_nodes:
        logger.info("This is a compute: %s" % compute.info)

    results = Results(COMMON_CONFIG.line_length)
    results.add_to_summary(0, "=")
    results.add_to_summary(2, "STATUS", "SUBTEST")
    results.add_to_summary(0, "=")

    installer_type = os.environ.get("INSTALLER_TYPE")
    if installer_type != "fuel":
        logger.error(
            '\033[91mCurrently supported only Fuel Installer type\033[0m')
        sys.exit(1)

    installer_ip = os.environ.get("INSTALLER_IP")
    if not installer_ip:
        logger.error(
            '\033[91minstaller ip is not set\033[0m')
        logger.error(
            '\033[91mexport INSTALLER_IP=<ip>\033[0m')
        sys.exit(1)

    test_utils.setup_compute_node(TESTCASE_CONFIG.subnet_cidr, compute_nodes)
    test_utils.configure_iptables(controller_nodes)

    test_utils.download_image(COMMON_CONFIG.url,
                              COMMON_CONFIG.image_path)
    _, custom_flv_id = os_utils.get_or_create_flavor(
        COMMON_CONFIG.flavor,
        COMMON_CONFIG.ram_size_in_mb,
        COMMON_CONFIG.disk_size_in_gb,
        COMMON_CONFIG.vcpu_count, public=True)
    if not custom_flv_id:
        logger.error("Failed to create custom flavor")
        sys.exit(1)

    glance_client = os_utils.get_glance_client()
    neutron_client = os_utils.get_neutron_client()
    nova_client = os_utils.get_nova_client()
    tacker_client = os_tacker.get_tacker_client()

    controller_clients = test_utils.get_ssh_clients(controller_nodes)
    compute_clients = test_utils.get_ssh_clients(compute_nodes)

    ovs_logger = ovs_log.OVSLogger(
        os.path.join(COMMON_CONFIG.sfc_test_dir, 'ovs-logs'),
        COMMON_CONFIG.functest_results_dir)

    image_id = os_utils.create_glance_image(glance_client,
                                            COMMON_CONFIG.image_name,
                                            COMMON_CONFIG.image_path,
                                            COMMON_CONFIG.image_format,
                                            public='public')

    network_id = test_utils.setup_neutron(neutron_client,
                                          TESTCASE_CONFIG.net_name,
                                          TESTCASE_CONFIG.subnet_name,
                                          TESTCASE_CONFIG.router_name,
                                          TESTCASE_CONFIG.subnet_cidr)

    sg_id = test_utils.create_security_groups(neutron_client,
                                              TESTCASE_CONFIG.secgroup_name,
                                              TESTCASE_CONFIG.secgroup_descr)

    vnf_names = ['testVNF1', 'testVNF2']

    topo_seed = topo_shuffler.get_seed()  # change to None for nova av zone
    testTopology = topo_shuffler.topology(vnf_names, seed=topo_seed)

    logger.info('This test is run with the topology {0}'
                .format(testTopology['id']))
    logger.info('Topology description: {0}'
                .format(testTopology['description']))

    client_instance = test_utils.create_instance(
        nova_client, CLIENT, COMMON_CONFIG.flavor, image_id,
        network_id, sg_id, av_zone=testTopology['client'])

    server_instance = test_utils.create_instance(
        nova_client, SERVER, COMMON_CONFIG.flavor, image_id,
        network_id, sg_id, av_zone=testTopology['server'])

    server_ip = server_instance.networks.get(TESTCASE_CONFIG.net_name)[0]

    tosca_red = os.path.join(COMMON_CONFIG.sfc_test_dir,
                             COMMON_CONFIG.vnfd_dir,
                             TESTCASE_CONFIG.test_vnfd_red)
    os_tacker.create_vnfd(tacker_client, tosca_file=tosca_red)

    tosca_blue = os.path.join(COMMON_CONFIG.sfc_test_dir,
                              COMMON_CONFIG.vnfd_dir,
                              TESTCASE_CONFIG.test_vnfd_blue)
    os_tacker.create_vnfd(tacker_client, tosca_file=tosca_blue)

    default_param_file = os.path.join(
        COMMON_CONFIG.sfc_test_dir,
        COMMON_CONFIG.vnfd_dir,
        COMMON_CONFIG.vnfd_default_params_file)

    test_utils.create_vnf_in_av_zone(
        tacker_client, vnf_names[0], 'test-vnfd1',
        default_param_file, testTopology[vnf_names[0]])
    test_utils.create_vnf_in_av_zone(
        tacker_client, vnf_names[1], 'test-vnfd2',
        default_param_file, testTopology[vnf_names[1]])

    vnf1_id = os_tacker.wait_for_vnf(tacker_client, vnf_name=vnf_names[0])
    vnf2_id = os_tacker.wait_for_vnf(tacker_client, vnf_name=vnf_names[1])
    if vnf1_id is None or vnf2_id is None:
        logger.error('ERROR while booting vnfs')
        sys.exit(1)

    vnf1_instance_id = test_utils.get_nova_id(tacker_client, 'vdu1', vnf1_id)
    os_utils.add_secgroup_to_instance(nova_client, vnf1_instance_id, sg_id)

    vnf2_instance_id = test_utils.get_nova_id(tacker_client, 'vdu1', vnf2_id)
    os_utils.add_secgroup_to_instance(nova_client, vnf2_instance_id, sg_id)

    os_tacker.create_sfc(tacker_client, 'red', chain_vnf_names=['testVNF1'])
    os_tacker.create_sfc(tacker_client, 'blue', chain_vnf_names=['testVNF2'])

    os_tacker.create_sfc_classifier(
        tacker_client, 'red_http', sfc_name='red',
        match={
            'source_port': 0,
            'dest_port': 80,
            'protocol': 6
        })

    os_tacker.create_sfc_classifier(
        tacker_client, 'red_ssh', sfc_name='red',
        match={
            'source_port': 0,
            'dest_port': 22,
            'protocol': 6
        })

    logger.info(test_utils.run_cmd('tacker sfc-list')[1])
    logger.info(test_utils.run_cmd('tacker sfc-classifier-list')[1])

    # Start measuring the time it takes to implement the classification rules
    t1 = threading.Thread(target=test_utils.wait_for_classification_rules,
                          args=(ovs_logger, compute_nodes, odl_ip, odl_port,
                                testTopology,))

    try:
        t1.start()
    except Exception as e:
        logger.error("Unable to start the thread that counts time %s" % e)

    logger.info("Assigning floating IPs to instances")
    server_floating_ip = test_utils.assign_floating_ip(
        nova_client, neutron_client, server_instance.id)
    client_floating_ip = test_utils.assign_floating_ip(
        nova_client, neutron_client, client_instance.id)
    sf1_floating_ip = test_utils.assign_floating_ip(
        nova_client, neutron_client, vnf1_instance_id)
    sf2_floating_ip = test_utils.assign_floating_ip(
        nova_client, neutron_client, vnf2_instance_id)

    for ip in (server_floating_ip,
               client_floating_ip,
               sf1_floating_ip,
               sf2_floating_ip):
        logger.info("Checking connectivity towards floating IP [%s]" % ip)
        if not test_utils.ping(ip, retries=50, retry_timeout=1):
            logger.error("Cannot ping floating IP [%s]" % ip)
            sys.exit(1)
        logger.info("Successful ping to floating IP [%s]" % ip)

    if not test_utils.check_ssh([sf1_floating_ip, sf2_floating_ip]):
        logger.error("Cannot establish SSH connection to the SFs")
        sys.exit(1)

    logger.info("Starting HTTP server on %s" % server_floating_ip)
    if not test_utils.start_http_server(server_floating_ip):
        logger.error('\033[91mFailed to start HTTP server on %s\033[0m'
                     % server_floating_ip)
        sys.exit(1)

    logger.info("Starting SSH firewall on %s" % sf1_floating_ip)
    test_utils.start_vxlan_tool(sf1_floating_ip, block="22")
    logger.info("Starting HTTP firewall on %s" % sf2_floating_ip)
    test_utils.start_vxlan_tool(sf2_floating_ip, block="80")

    logger.info("Wait for ODL to update the classification rules in OVS")
    t1.join()

    logger.info("Test SSH")
    if test_utils.is_ssh_blocked(client_floating_ip, server_ip):
        results.add_to_summary(2, "PASS", "SSH Blocked")
    else:
        error = ('\033[91mTEST 1 [FAILED] ==> SSH NOT BLOCKED\033[0m')
        logger.error(error)
        test_utils.capture_ovs_logs(
            ovs_logger, controller_clients, compute_clients, error)
        results.add_to_summary(2, "FAIL", "SSH Blocked")

    logger.info("Test HTTP")
    if not test_utils.is_http_blocked(client_floating_ip, server_ip):
        results.add_to_summary(2, "PASS", "HTTP works")
    else:
        error = ('\033[91mTEST 2 [FAILED] ==> HTTP BLOCKED\033[0m')
        logger.error(error)
        test_utils.capture_ovs_logs(
            ovs_logger, controller_clients, compute_clients, error)
        results.add_to_summary(2, "FAIL", "HTTP works")

    logger.info("Changing the classification")
    test_utils.delete_classifier_and_acl(
        tacker_client, 'red_http', odl_ip, odl_port)

    test_utils.delete_classifier_and_acl(
        tacker_client, 'red_ssh', odl_ip, odl_port)

    os_tacker.create_sfc_classifier(
        tacker_client, 'blue_http', sfc_name='blue',
        match={
            'source_port': 0,
            'dest_port': 80,
            'protocol': 6
        })

    os_tacker.create_sfc_classifier(
        tacker_client, 'blue_ssh', sfc_name='blue',
        match={
            'source_port': 0,
            'dest_port': 22,
            'protocol': 6
        })

    logger.info(test_utils.run_cmd('tacker sfc-classifier-list')[1])

    # Start measuring the time it takes to implement the classification rules
    t2 = threading.Thread(target=test_utils.wait_for_classification_rules,
                          args=(ovs_logger, compute_nodes, odl_ip, odl_port,
                                testTopology,))
    try:
        t2.start()
    except Exception as e:
        logger.error("Unable to start the thread that counts time %s" % e)

    logger.info("Wait for ODL to update the classification rules in OVS")
    t2.join()

    logger.info("Test HTTP")
    if test_utils.is_http_blocked(client_floating_ip, server_ip):
        results.add_to_summary(2, "PASS", "HTTP Blocked")
    else:
        error = ('\033[91mTEST 3 [FAILED] ==> HTTP WORKS\033[0m')
        logger.error(error)
        test_utils.capture_ovs_logs(
            ovs_logger, controller_clients, compute_clients, error)
        results.add_to_summary(2, "FAIL", "HTTP Blocked")

    logger.info("Test SSH")
    if not test_utils.is_ssh_blocked(client_floating_ip, server_ip):
        results.add_to_summary(2, "PASS", "SSH works")
    else:
        error = ('\033[91mTEST 4 [FAILED] ==> SSH BLOCKED\033[0m')
        logger.error(error)
        test_utils.capture_ovs_logs(
            ovs_logger, controller_clients, compute_clients, error)
        results.add_to_summary(2, "FAIL", "SSH works")

    return results.compile_summary()
def main():
    deploymentHandler = DeploymentFactory.get_handler(
        INSTALLER["type"],
        INSTALLER["ip"],
        INSTALLER["user"],
        installer_pwd=INSTALLER["password"])

    cluster = INSTALLER["cluster"]
    openstack_nodes = (deploymentHandler.get_nodes({'cluster': cluster})
                       if cluster is not None
                       else deploymentHandler.get_nodes())

    compute_nodes = [node for node in openstack_nodes
                     if node.is_compute()]

    odl_ip, odl_port = test_utils.get_odl_ip_port(openstack_nodes)

    neutron_client = os_utils.get_neutron_client()
    nova_client = os_utils.get_nova_client()
    tacker_client = os_tacker.get_tacker_client()

    ovs_logger = ovs_log.OVSLogger(
        os.path.join(DEMO_DIR, 'ovs-logs'), RESULTS_DIR)

    sg_id = os_utils.get_security_group_id(neutron_client, SECGROUP_NAME)

    vnfs = ['testVNF1', 'testVNF2']

    topo_seed = 0
    testTopology = topo_shuffler.topology(vnfs, seed=topo_seed)

    logger.info('This test is run with the topology {0}'
                .format(testTopology['id']))
    logger.info('Topology description: {0}'
                .format(testTopology['description']))

    tosca_red = os.path.join(DEMO_DIR, VNFD_DIR, TEST_VNFD)
    os_tacker.create_vnfd(tacker_client, tosca_file=tosca_red)

    default_param_file = os.path.join(
        DEMO_DIR, VNFD_DIR, VNFD_DEFAULT_PARAMS_FILE)

    test_utils.create_vnf_in_av_zone(
        tacker_client, vnfs[0], 'test-vnfd1',
        default_param_file, testTopology[vnfs[0]])

    vnf_id = os_tacker.wait_for_vnf(tacker_client, vnf_name='testVNF1')
    if vnf_id is None:
        logger.error('ERROR while booting vnf')
        sys.exit(1)

    vnf_instance_id = test_utils.get_nova_id(tacker_client, 'vdu1', vnf_id)

    instances = os_utils.get_instances(nova_client)
    for instance in instances:
        if ('client' not in instance.name) and ('server' not in instance.name):
            os_utils.add_secgroup_to_instance(nova_client, instance.id, sg_id)

    os_tacker.create_sfc(tacker_client, 'red', chain_vnf_names=['testVNF1'], symmetrical=True)

    os_tacker.create_sfc_classifier(
        tacker_client, 'red_http', sfc_name='red',
        match={
            'source_port': 0,
            'dest_port': 80,
            'protocol': 6
        })

    os_tacker.create_sfc_classifier(
        tacker_client, 'red_http_reverse', sfc_name='red',
        match={
            'source_port': 80,
            'dest_port': 0,
            'protocol': 6
        })

    logger.info(test_utils.run_cmd('tacker sfc-list')[1])
    logger.info(test_utils.run_cmd('tacker sfc-classifier-list')[1])

    sf_floating_ip = test_utils.assign_floating_ip(
        nova_client, neutron_client, vnf_instance_id)

    for ip in [sf_floating_ip]:
        logger.info("Checking connectivity towards floating IP [%s]" % ip)
        if not test_utils.ping(ip, retries=50, retry_timeout=1):
            logger.error("Cannot ping floating IP [%s]" % ip)
            sys.exit(1)
        logger.info("Successful ping to floating IP [%s]" % ip)

    if not test_utils.check_ssh([sf_floating_ip]):
        logger.error("Cannot establish SSH connection to the SFs")
        sys.exit(1)

    logger.info("Firewall started, blocking traffic port 80")
    test_utils.vxlan_firewall(sf_floating_ip, port=80)
    cmd = "python vxlan_tool.py --metadata -i eth0 -d forward -v off -b 80"

    cmd = "sh -c 'cd /root;nohup " + cmd + " > /dev/null 2>&1 &'"
    test_utils.run_cmd_remote(sf_floating_ip, cmd)
    time.sleep(7)

    logger.info("Wait for ODL to update the classification rules in OVS")
    time.sleep(10)

    rsps = test_utils.get_odl_resource_list(
        odl_ip, odl_port, 'rendered-service-path', datastore='operational')
    reverse_path_id = next(
        rsp['path-id']
        for rsp in rsps['rendered-service-paths']['rendered-service-path']
        if rsp['name'].endswith('Reverse'))
    hex_path_id = hex(int(reverse_path_id))
    reverse_path_action = "load:{0}->NXM_NX_NSH_C3[]".format(hex_path_id)


    for compute_node in compute_nodes:
        compute_ssh = compute_node.ssh_client
        match_rsp = re.compile(
            r'.+tp_dst=80.+load:(0x[0-9a-f]+)->NXM_NX_NSP\[0\.\.23\].+')
        # First line is OFPST_FLOW reply (OF1.3) (xid=0x2):
        # This is not a flow so ignore
        flows = (ovs_logger.ofctl_dump_flows(compute_ssh, 'br-int', '11')
                 .strip().split('\n')[1:])
        matching_flows = [match_rsp.match(f) for f in flows]
        if all(m is None for m in matching_flows):
            break
        uplink_flow = [f.group(0) for f in matching_flows if f is not None][0]
        actions = uplink_flow.split("actions=")[1]
        actions_c3 = "{0},{1}".format(reverse_path_action, actions)
        cmd = "ovs-ofctl -OOpenflow13 mod-flows br-int \"table=11,tcp,reg0=0x1,tp_dst=80,actions={0}\"".format(actions_c3)
        #compute_node.run_cmd(cmd)
        logger.info("Running: {0}".format(cmd))
        match_port = re.compile(
            r'.+table=158.+output:([0-9]+)')
        flows = (ovs_logger.ofctl_dump_flows(compute_ssh, 'br-int', '158').strip().split('\n')[1:])
        matching_flows = [match_port.match(f) for f in flows]
        sf_port = [f.group(1) for f in matching_flows if f is not None][0]
        cmd = "ovs-ofctl -O Openflow13 add-flow br-int \"table=11,nsi=254,nsp={0} actions=load:0x1->NXM_NX_REG0[],move:NXM_NX_NSH_C2[]->NXM_NX_TUN_ID[0..31],resubmit({1},1)\"".format(reverse_path_id, sf_port)
        #compute_node.run_cmd(cmd)
        logger.info("Running: {0}".format(cmd))
        cmd = "ovs-ofctl -O Openflow13 add-flow br-int \"table=1, priority=40000,nsi=254,nsp={0},reg0=0x1,in_port={1} actions=pop_nsh,goto_table:21\"".format(reverse_path_id, sf_port)
        logger.info("Running: {0}".format(cmd))

    logger.info("HTTP traffic from client to server should be blocked")
    logger.info("When trying to send HTTP traffic to server it should respond with TCP RESET")
Beispiel #4
0
def main():
    deploymentHandler = DeploymentFactory.get_handler(
        COMMON_CONFIG.installer_type,
        COMMON_CONFIG.installer_ip,
        COMMON_CONFIG.installer_user,
        installer_pwd=COMMON_CONFIG.installer_password)

    cluster = COMMON_CONFIG.installer_cluster
    all_nodes = (deploymentHandler.get_nodes({'cluster': cluster})
                 if cluster is not None
                 else deploymentHandler.get_nodes())

    controller_nodes = [node for node in all_nodes if node.is_controller()]
    compute_nodes = [node for node in all_nodes if node.is_compute()]

    odl_ip, odl_port = test_utils.get_odl_ip_port(all_nodes)

    results = Results(COMMON_CONFIG.line_length)
    results.add_to_summary(0, "=")
    results.add_to_summary(2, "STATUS", "SUBTEST")
    results.add_to_summary(0, "=")

    test_utils.setup_compute_node(TESTCASE_CONFIG.subnet_cidr, compute_nodes)
    test_utils.configure_iptables(controller_nodes)
    test_utils.download_image(COMMON_CONFIG.url, COMMON_CONFIG.image_path)

    neutron_client = os_utils.get_neutron_client()
    nova_client = os_utils.get_nova_client()
    tacker_client = os_tacker.get_tacker_client()

    _, custom_flavor_id = os_utils.get_or_create_flavor(
        COMMON_CONFIG.flavor,
        COMMON_CONFIG.ram_size_in_mb,
        COMMON_CONFIG.disk_size_in_gb,
        COMMON_CONFIG.vcpu_count,
        public=True)
    if custom_flavor_id is None:
        logger.error("Failed to create custom flavor")
        sys.exit(1)

    controller_clients = test_utils.get_ssh_clients(controller_nodes)
    compute_clients = test_utils.get_ssh_clients(compute_nodes)

    ovs_logger = ovs_log.OVSLogger(
        os.path.join(COMMON_CONFIG.sfc_test_dir, 'ovs-logs'),
        COMMON_CONFIG.functest_results_dir)

    image_id = os_utils.create_glance_image(
        os_utils.get_glance_client(),
        COMMON_CONFIG.image_name,
        COMMON_CONFIG.image_path,
        COMMON_CONFIG.image_format,
        public='public')

    network_id = test_utils.setup_neutron(
        neutron_client,
        TESTCASE_CONFIG.net_name,
        TESTCASE_CONFIG.subnet_name,
        TESTCASE_CONFIG.router_name,
        TESTCASE_CONFIG.subnet_cidr)

    sg_id = test_utils.create_security_groups(
        neutron_client,
        TESTCASE_CONFIG.secgroup_name,
        TESTCASE_CONFIG.secgroup_descr)

    vnf_name = 'testVNF1'
    # Using seed=0 uses the baseline topology: everything in the same host
    testTopology = topo_shuffler.topology([vnf_name], seed=0)
    logger.info('This test is run with the topology {0}'
                .format(testTopology['id']))
    logger.info('Topology description: {0}'
                .format(testTopology['description']))

    client_instance = test_utils.create_instance(
        nova_client,
        CLIENT,
        COMMON_CONFIG.flavor,
        image_id,
        network_id,
        sg_id,
        av_zone=testTopology[CLIENT])

    server_instance = test_utils.create_instance(
        nova_client,
        SERVER,
        COMMON_CONFIG.flavor,
        image_id,
        network_id,
        sg_id,
        av_zone=testTopology[SERVER])

    server_ip = server_instance.networks.get(TESTCASE_CONFIG.net_name)[0]

    tosca_file = os.path.join(
        COMMON_CONFIG.sfc_test_dir,
        COMMON_CONFIG.vnfd_dir,
        TESTCASE_CONFIG.test_vnfd)

    default_param_file = os.path.join(
        COMMON_CONFIG.sfc_test_dir,
        COMMON_CONFIG.vnfd_dir,
        COMMON_CONFIG.vnfd_default_params_file)

    os_tacker.create_vnfd(tacker_client, tosca_file=tosca_file)
    test_utils.create_vnf_in_av_zone(
        tacker_client,
        vnf_name,
        'test-vnfd1',
        default_param_file,
        testTopology[vnf_name])

    vnf_id = os_tacker.wait_for_vnf(tacker_client, vnf_name=vnf_name)
    if vnf_id is None:
        logger.error('ERROR while booting VNF')
        sys.exit(1)

    vnf_instance_id = test_utils.get_nova_id(tacker_client, 'vdu1', vnf_id)
    os_utils.add_secgroup_to_instance(nova_client, vnf_instance_id, sg_id)

    os_tacker.create_sfc(
        tacker_client,
        sfc_name='red',
        chain_vnf_names=[vnf_name],
        symmetrical=True)

    os_tacker.create_sfc_classifier(
        tacker_client, 'red_http', sfc_name='red',
        match={
            'source_port': 0,
            'dest_port': 80,
            'protocol': 6
        })

    # FIXME: JIRA SFC-86
    # Tacker does not allow to specify the direction of the chain to be used,
    # only references the SFP (which for symmetric chains results in two RSPs)
    os_tacker.create_sfc_classifier(
        tacker_client, 'red_http_reverse', sfc_name='red',
        match={
            'source_port': 80,
            'dest_port': 0,
            'protocol': 6
        })

    logger.info(test_utils.run_cmd('tacker sfc-list'))
    logger.info(test_utils.run_cmd('tacker sfc-classifier-list'))

    # Start measuring the time it takes to implement the classification rules
    t1 = threading.Thread(target=test_utils.wait_for_classification_rules,
                          args=(ovs_logger, compute_nodes, odl_ip, odl_port,
                                testTopology,))

    try:
        t1.start()
    except Exception as e:
        logger.error("Unable to start the thread that counts time %s" % e)

    logger.info("Assigning floating IPs to instances")
    server_floating_ip = test_utils.assign_floating_ip(
        nova_client, neutron_client, server_instance.id)
    client_floating_ip = test_utils.assign_floating_ip(
        nova_client, neutron_client, client_instance.id)
    sf_floating_ip = test_utils.assign_floating_ip(
        nova_client, neutron_client, vnf_instance_id)

    for ip in (server_floating_ip, client_floating_ip, sf_floating_ip):
        logger.info("Checking connectivity towards floating IP [%s]" % ip)
        if not test_utils.ping(ip, retries=50, retry_timeout=1):
            logger.error("Cannot ping floating IP [%s]" % ip)
            sys.exit(1)
        logger.info("Successful ping to floating IP [%s]" % ip)

    if not test_utils.check_ssh([sf_floating_ip]):
        logger.error("Cannot establish SSH connection to the SFs")
        sys.exit(1)

    logger.info("Starting HTTP server on %s" % server_floating_ip)
    if not test_utils.start_http_server(server_floating_ip):
        logger.error('\033[91mFailed to start the HTTP server\033[0m')
        sys.exit(1)

    blocked_port = TESTCASE_CONFIG.blocked_source_port
    logger.info("Firewall started, blocking traffic port %d" % blocked_port)
    test_utils.start_vxlan_tool(sf_floating_ip, block=blocked_port)

    logger.info("Wait for ODL to update the classification rules in OVS")
    t1.join()

    allowed_port = TESTCASE_CONFIG.allowed_source_port
    logger.info("Test if HTTP from port %s works" % allowed_port)
    if not test_utils.is_http_blocked(
            client_floating_ip, server_ip, allowed_port):
        results.add_to_summary(2, "PASS", "HTTP works")
    else:
        error = ('\033[91mTEST 1 [FAILED] ==> HTTP BLOCKED\033[0m')
        logger.error(error)
        test_utils.capture_ovs_logs(
            ovs_logger, controller_clients, compute_clients, error)
        results.add_to_summary(2, "FAIL", "HTTP works")

    logger.info("Test if HTTP from port %s is blocked" % blocked_port)
    if test_utils.is_http_blocked(
            client_floating_ip, server_ip, blocked_port):
        results.add_to_summary(2, "PASS", "HTTP Blocked")
    else:
        error = ('\033[91mTEST 2 [FAILED] ==> HTTP WORKS\033[0m')
        logger.error(error)
        test_utils.capture_ovs_logs(
            ovs_logger, controller_clients, compute_clients, error)
        results.add_to_summary(2, "FAIL", "HTTP Blocked")

    return results.compile_summary()
Beispiel #5
0
def main():
    deploymentHandler = DeploymentFactory.get_handler(
        INSTALLER["type"],
        INSTALLER["ip"],
        INSTALLER["user"],
        installer_pwd=INSTALLER["password"])

    cluster = INSTALLER["cluster"]
    openstack_nodes = (deploymentHandler.get_nodes({'cluster': cluster}) if
                       cluster is not None else deploymentHandler.get_nodes())

    compute_nodes = [node for node in openstack_nodes if node.is_compute()]

    odl_ip, odl_port = test_utils.get_odl_ip_port(openstack_nodes)

    neutron_client = os_utils.get_neutron_client()
    nova_client = os_utils.get_nova_client()
    tacker_client = os_tacker.get_tacker_client()

    compute_clients = test_utils.get_ssh_clients(compute_nodes)

    ovs_logger = ovs_log.OVSLogger(os.path.join(DEMO_DIR, 'ovs-logs'),
                                   RESULTS_DIR)

    sg_id = os_utils.get_security_group_id(neutron_client, SECGROUP_NAME)

    vnfs = ['testVNF1', 'testVNF2']

    topo_seed = 0
    testTopology = topo_shuffler.topology(vnfs, seed=topo_seed)

    logger.info('This test is run with the topology {0}'.format(
        testTopology['id']))
    logger.info('Topology description: {0}'.format(
        testTopology['description']))

    tosca_red = os.path.join(DEMO_DIR, VNFD_DIR, TEST_VNFD_RED)
    os_tacker.create_vnfd(tacker_client, tosca_file=tosca_red)

    tosca_blue = os.path.join(DEMO_DIR, VNFD_DIR, TEST_VNFD_BLUE)
    os_tacker.create_vnfd(tacker_client, tosca_file=tosca_blue)

    default_param_file = os.path.join(DEMO_DIR, VNFD_DIR,
                                      VNFD_DEFAULT_PARAMS_FILE)

    test_utils.create_vnf_in_av_zone(tacker_client, vnfs[0], 'test-vnfd1',
                                     default_param_file, testTopology[vnfs[0]])
    test_utils.create_vnf_in_av_zone(tacker_client, vnfs[1], 'test-vnfd2',
                                     default_param_file, testTopology[vnfs[1]])

    vnf1_id = os_tacker.wait_for_vnf(tacker_client, vnf_name='testVNF1')
    vnf2_id = os_tacker.wait_for_vnf(tacker_client, vnf_name='testVNF2')
    if vnf1_id is None or vnf2_id is None:
        logger.error('ERROR while booting vnfs')
        sys.exit(1)

    instances = os_utils.get_instances(nova_client)
    for instance in instances:
        if ('client' not in instance.name) and ('server' not in instance.name):
            os_utils.add_secgroup_to_instance(nova_client, instance.id, sg_id)

    os_tacker.create_sfc(tacker_client, 'red', chain_vnf_names=['testVNF1'])
    os_tacker.create_sfc(tacker_client, 'blue', chain_vnf_names=['testVNF2'])

    os_tacker.create_sfc_classifier(tacker_client,
                                    'red_http',
                                    sfc_name='red',
                                    match={
                                        'source_port': 0,
                                        'dest_port': 80,
                                        'protocol': 6
                                    })

    os_tacker.create_sfc_classifier(tacker_client,
                                    'red_ssh',
                                    sfc_name='red',
                                    match={
                                        'source_port': 0,
                                        'dest_port': 22,
                                        'protocol': 6
                                    })

    logger.info(test_utils.run_cmd('tacker sfc-list')[1])
    logger.info(test_utils.run_cmd('tacker sfc-classifier-list')[1])

    num_chains = 2

    # Start measuring the time it takes to implement the classification rules
    t1 = threading.Thread(target=test_utils.wait_for_classification_rules,
                          args=(
                              ovs_logger,
                              compute_nodes,
                              odl_ip,
                              odl_port,
                              testTopology,
                          ))

    try:
        t1.start()
    except Exception, e:
        logger.error("Unable to start the thread that counts time %s" % e)