def test_delete_l3outside_with_vrf(self):
self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name))
l3out = a_res.L3Outside(tenant_name='t1', name='o1',
display_name='OUT')
ext_net = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1')
ext_net2 = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1_1',
display_name='INET1_1')
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_subnet(self.ctx, l3out, '200.10.20.1/28')
self.ns.create_external_network(self.ctx, ext_net)
self.ns.create_external_network(self.ctx, ext_net2)
self.ns.update_external_cidrs(self. ctx, ext_net,
['20.20.20.0/24', '50.50.0.0/16'])
# Connect vrf1 to ext_net with external-subnet
vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1',
display_name='VRF1')
self.mgr.create(self.ctx, vrf1)
if self.fix_l3out_vrf:
self.mgr.update(self.ctx, l3out, vrf_name=vrf1.name)
ext_net.provided_contract_names = ['p1_vrf1', 'p2_vrf1']
ext_net.consumed_contract_names = ['c1_vrf1', 'c2_vrf1']
self.ns.connect_vrf(self.ctx, ext_net, vrf1)
self._check_delete_l3outside_with_vrf('stage1')
self.ns.delete_l3outside(self.ctx, l3out)
self._check_delete_l3outside_with_vrf('stage2')
def test_bd_l3out_vrf_in_tenant(self):
self.mgr.create(self.ctx, a_res.Tenant(name='dept1'))
vrf = a_res.VRF(tenant_name='dept1', name='default')
bd1_dept1 = a_res.BridgeDomain(tenant_name='dept1', name='bd1',
limit_ip_learn_to_subnets=True,
vrf_name='default')
bd2_dept1 = a_res.BridgeDomain(tenant_name='dept1', name='bd2',
limit_ip_learn_to_subnets=True,
vrf_name='foo')
for o in [vrf, bd1_dept1, bd2_dept1]:
self.mgr.create(self.ctx, o)
l3out = a_res.L3Outside(tenant_name='dept1', name='o1')
ext_net = a_res.ExternalNetwork(
tenant_name='dept1', l3out_name='o1', name='inet1')
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
self.mgr.update(self.ctx, l3out, vrf_name='default')
self._verify(present=[bd1_dept1, bd2_dept1])
self.ns.connect_vrf(self.ctx, ext_net, vrf)
bd1_dept1.l3out_names = ['o1']
self._verify(present=[bd1_dept1, bd2_dept1])
self.ns.disconnect_vrf(self.ctx, ext_net, vrf)
bd1_dept1.l3out_names = []
self._verify(present=[bd1_dept1, bd2_dept1])
def test_external_subnet_update(self):
l3out = a_res.L3Outside(tenant_name='t1', name='o1',
display_name='OUT')
ext_net = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1')
self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name))
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
self.ns.update_external_cidrs(self.ctx, ext_net,
['20.20.20.0/24', '50.50.0.0/16'])
# Connect vrf1 to ext_net
vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1',
display_name='VRF1')
self.mgr.create(self.ctx, vrf1)
if self.fix_l3out_vrf:
self.mgr.update(self.ctx, l3out, vrf_name=vrf1.name)
ext_net.provided_contract_names = ['p1_vrf1', 'p2_vrf1']
ext_net.consumed_contract_names = ['c1_vrf1', 'c2_vrf1']
self.ns.connect_vrf(self.ctx, ext_net, vrf1)
self._check_external_subnet_update("stage1")
# Add & remove external-subnet
self.ns.update_external_cidrs(self.ctx, ext_net,
['100.200.0.0/28', '50.50.0.0/16'])
self._check_external_subnet_update("stage2")
# Remove all external-subnets
self.ns.update_external_cidrs(self.ctx, ext_net, [])
self._check_external_subnet_update("stage3")
def test_external_network_pre(self):
self.mgr.create(self.ctx, a_res.Tenant(name='t1'))
l3out = a_res.L3Outside(tenant_name='t1', name='o1',
display_name='OUT',
monitored=True)
self.mgr.create(self.ctx, l3out)
self.ns.create_l3outside(self.ctx, l3out)
ext_net = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1',
monitored=True,
provided_contract_names=['foo'],
consumed_contract_names=['bar'])
self.mgr.create(self.ctx, ext_net)
self.ns.create_external_network(self.ctx, ext_net)
ext_net.provided_contract_names.append('EXT-o1')
ext_net.consumed_contract_names.append('EXT-o1')
self._verify(present=[ext_net])
self.ns.delete_external_network(self.ctx, ext_net)
ext_net.provided_contract_names = ['foo']
ext_net.consumed_contract_names = ['bar']
self._verify(present=[ext_net])
def test_vrf_contract_update(self):
l3out = a_res.L3Outside(tenant_name='t1', name='o1',
display_name='OUT')
ext_net = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1')
self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name))
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1',
display_name='VRF1')
self.mgr.create(self.ctx, vrf1)
if self.fix_l3out_vrf:
self.mgr.update(self.ctx, l3out, vrf_name=vrf1.name)
ext_net.provided_contract_names = ['p1_vrf1', 'p2_vrf1']
ext_net.consumed_contract_names = ['c1_vrf1', 'c2_vrf1']
self.ns.connect_vrf(self.ctx, ext_net, vrf1)
self._check_vrf_contract_update('stage1')
# update contracts
ext_net.provided_contract_names = ['arp', 'p2_vrf1']
ext_net.consumed_contract_names = ['arp', 'c2_vrf1']
self.ns.connect_vrf(self.ctx, ext_net, vrf1)
self._check_vrf_contract_update('stage2')
# unset contracts
ext_net.provided_contract_names = []
ext_net.consumed_contract_names = []
self.ns.connect_vrf(self.ctx, ext_net, vrf1)
self._check_vrf_contract_update('stage3')
def _create_shadow(self, ctx, ext_net, vrf, with_nat_epg=True):
"""Clone ExternalNetwork as a shadow."""
ext_net_db = self.mgr.get(ctx, ext_net)
if not ext_net_db:
return
l3out = self.mgr.get(ctx, self._ext_net_to_l3out(ext_net_db))
clone_l3out = self._make_l3out_clone(ctx, l3out, vrf)
clone_ext_net = resource.ExternalNetwork(
tenant_name=clone_l3out.tenant_name,
l3out_name=clone_l3out.name,
display_name=ext_net_db.display_name,
**{
k: getattr(ext_net, k)
for k in
['name', 'provided_contract_names', 'consumed_contract_names']
})
if with_nat_epg:
_, nat_epg = self._get_nat_ap_epg(ctx, l3out)
clone_ext_net.nat_epg_dn = nat_epg.dn
with ctx.store.begin(subtransactions=True):
self.mgr.create(ctx, clone_l3out, overwrite=True)
self.mgr.create(ctx, clone_ext_net, overwrite=True)
cidrs = self.mgr.find(ctx,
resource.ExternalSubnet,
tenant_name=ext_net_db.tenant_name,
l3out_name=ext_net_db.l3out_name,
external_network_name=ext_net_db.name)
cidrs = [c.cidr for c in cidrs]
self._manage_external_subnets(ctx, clone_ext_net, cidrs)
# Set this item as a clone
if not self.db.get(ctx, clone_l3out):
self.db.set(ctx, l3out, clone_l3out)
return clone_ext_net
def _get_vrf_1_ext_net_1_objects(self, connected=True):
return {
'l3out': a_res.L3Outside(
tenant_name='t1', name='o1',
display_name='OUT',
vrf_name='vrf1'),
'ext_net': a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1',
name='inet1', display_name='INET1',
provided_contract_names=(
['EXT-o1', 'p1_vrf1', 'p2_vrf1']
if connected else ['EXT-o1']),
consumed_contract_names=(
['EXT-o1', 'c1_vrf1', 'c2_vrf1']
if connected else ['EXT-o1'])),
'nat_bd': a_res.BridgeDomain(
tenant_name='t1', name='EXT-o1',
display_name='EXT-OUT',
vrf_name='EXT-o1',
limit_ip_learn_to_subnets=True,
l3out_names=['o1']),
'ext_sub_1': a_res.ExternalSubnet(
tenant_name='t1', l3out_name='o1',
external_network_name='inet1', cidr='20.20.20.0/24'),
'ext_sub_2': a_res.ExternalSubnet(
tenant_name='t1', l3out_name='o1',
external_network_name='inet1', cidr='50.50.0.0/16')}
def test_connect_vrfs(self):
l3out = a_res.L3Outside(tenant_name='t1', name='o1',
display_name='OUT')
ext_net = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1')
self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name))
self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf2_tenant_name))
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
self.ns.update_external_cidrs(self.ctx, ext_net,
['20.20.20.0/24', '50.50.0.0/16'])
# connect vrf_1
vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1',
display_name='VRF1')
if self.vrf1_tenant_name != self.bd1_tenant_name:
self.mgr.create(self.ctx, a_res.Tenant(name='dept1'))
if self.fix_l3out_vrf:
self.mgr.update(self.ctx, l3out, vrf_name=vrf1.name)
bd1 = a_res.BridgeDomain(tenant_name=self.bd1_tenant_name, name='bd1',
limit_ip_learn_to_subnets=True,
vrf_name='vrf1')
self.mgr.create(self.ctx, vrf1)
self.mgr.create(self.ctx, bd1)
ext_net.provided_contract_names = ['p1_vrf1', 'p2_vrf1']
ext_net.consumed_contract_names = ['c1_vrf1', 'c2_vrf1']
self.ns.connect_vrf(self.ctx, ext_net, vrf1)
connected_vrfs = self.ns.read_vrfs(self.ctx, ext_net)
self.assertEqual(vrf1, connected_vrfs[0])
self._check_connect_vrfs('stage1')
# connect vrf_1 again - should be no-op
self.ns.connect_vrf(self.ctx, ext_net, vrf1)
self._check_connect_vrfs('stage1')
# connect vrf_2
vrf2 = a_res.VRF(tenant_name=self.vrf2_tenant_name, name='vrf2',
display_name='VRF2')
bd2 = a_res.BridgeDomain(tenant_name=self.vrf2_tenant_name, name='bd2',
limit_ip_learn_to_subnets=True,
vrf_name='vrf2')
self.mgr.create(self.ctx, vrf2)
self.mgr.create(self.ctx, bd2)
ext_net.provided_contract_names = ['p1_vrf2', 'p2_vrf2']
ext_net.consumed_contract_names = ['c1_vrf2', 'c2_vrf2']
if self.fix_l3out_vrf:
self.mgr.update(self.ctx, l3out, vrf_name=vrf2.name)
self.ns.connect_vrf(self.ctx, ext_net, vrf2)
self._check_connect_vrfs('stage2')
# disconnect vrf_1
self.ns.disconnect_vrf(self.ctx, ext_net, vrf1)
self._check_connect_vrfs('stage3')
# disconnect vrf_2
self.ns.disconnect_vrf(self.ctx, ext_net, vrf2)
self._check_connect_vrfs('stage4')
def test_connect_vrf_multiple(self):
l3out1 = a_res.L3Outside(tenant_name='t1', name='o1',
display_name='OUT')
ext_net1 = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1')
self.mgr.create(self.ctx, a_res.Tenant(name=self.vrf1_tenant_name))
self.ns.create_l3outside(self.ctx, l3out1)
self.ns.create_external_network(self.ctx, ext_net1)
self.ns.update_external_cidrs(self. ctx, ext_net1,
['20.20.20.0/24', '50.50.0.0/16'])
l3out2 = a_res.L3Outside(tenant_name='t2', name='o2',
display_name='OUT2')
ext_net2 = a_res.ExternalNetwork(
tenant_name='t2', l3out_name='o2', name='inet2',
display_name='INET2')
self.ns.create_l3outside(self.ctx, l3out2)
self.ns.create_external_network(self.ctx, ext_net2)
self.ns.update_external_cidrs(self. ctx, ext_net2,
['0.0.0.0/0'])
vrf1 = a_res.VRF(tenant_name=self.vrf1_tenant_name, name='vrf1',
display_name='VRF1')
bd1 = a_res.BridgeDomain(tenant_name=self.vrf1_tenant_name, name='bd1',
limit_ip_learn_to_subnets=True,
vrf_name='vrf1')
self.mgr.create(self.ctx, vrf1)
self.mgr.create(self.ctx, bd1)
if self.fix_l3out_vrf:
self.mgr.update(self.ctx, l3out1, vrf_name=vrf1.name)
self.mgr.update(self.ctx, l3out2, vrf_name=vrf1.name)
ext_net1.provided_contract_names = ['p1_vrf1', 'p2_vrf1']
ext_net1.consumed_contract_names = ['c1_vrf1', 'c2_vrf1']
ext_net2.provided_contract_names = ['p3_vrf1', 'p4_vrf1']
ext_net2.consumed_contract_names = ['c3_vrf1', 'c4_vrf1']
self.ns.connect_vrf(self.ctx, ext_net1, vrf1)
self.ns.connect_vrf(self.ctx, ext_net2, vrf1)
self._check_connect_vrf_multiple('stage1')
self.ns.disconnect_vrf(self.ctx, ext_net1, vrf1)
self._check_connect_vrf_multiple('stage2')
self.ns.disconnect_vrf(self.ctx, ext_net2, vrf1)
self._check_connect_vrf_multiple('stage3')
def test_get_resources_for_delete(self):
objs = [
{'fvBD': {'attributes': {
'dn': 'uni/tn-t1/BD-test'}}},
{'vzRsSubjFiltAtt': {'attributes': {
'dn': 'uni/tn-t1/brc-c/subj-s/rssubjFiltAtt-f'}}},
{'vzRsFiltAtt': {'attributes': {
'dn': 'uni/tn-t1/brc-c/subj-s/intmnl/rsfiltAtt-g'}}},
{'vzRsFiltAtt': {'attributes': {
'dn': 'uni/tn-t1/brc-c/subj-s/outtmnl/rsfiltAtt-h'}}}]
keys = [('fvTenant|t1', 'fvBD|test'),
('fvTenant|t1', 'vzBrCP|c', 'vzSubj|s',
'vzRsSubjFiltAtt|f'),
('fvTenant|t1', 'vzBrCP|c', 'vzSubj|s',
'vzInTerm|intmnl', 'vzRsFiltAtt|g'),
('fvTenant|t1', 'vzBrCP|c', 'vzSubj|s',
'vzOutTerm|outtmnl', 'vzRsFiltAtt|h')]
result = self.universe.get_resources_for_delete(keys)
self.assertEqual(utils.deep_sort(objs), utils.deep_sort(result))
# Create a pending monitored object
tn1 = resource.Tenant(name='tn1', monitored=True)
monitored_bd = resource.BridgeDomain(
tenant_name='tn1', name='monitoredBD', monitored=True)
self.universe.manager.create(self.ctx, tn1)
self.universe.manager.set_resource_sync_pending(self.ctx, tn1)
self.universe.manager.create(self.ctx, monitored_bd)
self.universe.manager.set_resource_sync_pending(self.ctx, monitored_bd)
self.universe.multiverse = []
result = self.universe.get_resources_for_delete(
[('fvTenant|tn1', 'fvBD|monitoredBD')])
self.assertEqual(1, len(result))
result = result[0]
self.assertEqual('tagInst', result.keys()[0])
self.assertEqual('uni/tn-tn1/BD-monitoredBD/tag-openstack_aid',
list(result.values())[0]['attributes']['dn'])
# Delete an RS-node of a monitored object
self.universe.manager.create(self.ctx, resource.L3Outside(
tenant_name='tn1', name='out', monitored=True))
ext_net = self.universe.manager.create(
self.ctx,
resource.ExternalNetwork(tenant_name='tn1', l3out_name='out',
name='inet',
provided_contract_names=['p1'],
monitored=True))
self.universe.manager.set_resource_sync_synced(self.ctx, ext_net)
result = self.universe.get_resources_for_delete(
[('fvTenant|tn1', 'l3extOut|out', 'l3extInstP|inet',
'fvRsProv|p1')])
self.assertEqual(1, len(result))
result = result[0]
self.assertEqual('fvRsProv', result.keys()[0])
self.assertEqual('uni/tn-tn1/out-out/instP-inet/rsprov-p1',
list(result.values())[0]['attributes']['dn'])
def _get_vrf_1_ext_net_2_objects(self):
return [
a_res.L3Outside(tenant_name='dept1', name='o2-vrf1',
display_name='OUT2-VRF1', vrf_name='vrf1'),
a_res.ExternalNetwork(
tenant_name='dept1', l3out_name='o2-vrf1',
name='inet2', display_name='INET2',
provided_contract_names=['p3_vrf1', 'p4_vrf1'],
consumed_contract_names=['c3_vrf1', 'c4_vrf1'],
nat_epg_dn=('uni/tn-t2/ap-myapp/epg-EXT-o2'
if self.with_nat_epg else '')),
a_res.ExternalSubnet(
tenant_name='dept1', l3out_name='o2-vrf1',
external_network_name='inet2', cidr='0.0.0.0/0')]
def _delete_shadow(self, ctx, ext_net, vrf):
l3out = self.mgr.get(ctx, self._ext_net_to_l3out(ext_net))
clone_l3out = resource.L3Outside(tenant_name=vrf.tenant_name,
name=self._generate_l3out_name(
l3out, vrf)[0])
clone_ext_net = resource.ExternalNetwork(
tenant_name=clone_l3out.tenant_name,
l3out_name=clone_l3out.name,
name=ext_net.name)
with ctx.store.begin(subtransactions=True):
self._delete_ext_net(ctx, clone_ext_net)
self._delete_unused_l3out(ctx, clone_l3out)
def _check_delete_l3outside_with_vrf(self, stage):
objs = [a_res.L3Outside(tenant_name='t1', name='o1',
display_name='OUT', vrf_name='EXT-o1'),
a_res.Subnet(tenant_name='t1', bd_name='EXT-o1',
gw_ip_mask='200.10.20.1/28'),
a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1',
provided_contract_names=['EXT-o1'],
consumed_contract_names=['EXT-o1']),
a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1_1',
display_name='INET1_1',
provided_contract_names=['EXT-o1'],
consumed_contract_names=['EXT-o1'])]
objs += self._get_vrf_1_ext_net_1_objects()
objs += self._get_l3out_objects()
if stage == 'stage1':
self._verify(present=objs)
elif stage == 'stage2':
self._verify(absent=objs)
else:
self.assertFalse(True, 'Unknown test stage %s' % stage)
def _check_delete_ext_net_with_vrf(self, stage):
objs = [a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1',
provided_contract_names=['EXT-o1'],
consumed_contract_names=['EXT-o1'])]
objs += self._get_vrf_1_ext_net_1_objects()
objs += self._get_vrf_2_ext_net_1_objects()
if stage == 'stage1':
self._verify(present=objs)
elif stage == 'stage2':
self._verify(absent=objs)
else:
self.assertFalse(True, 'Unknown test stage %s' % stage)
def update_external_cidrs(self, ctx, external_network, external_cidrs):
"""Update external CIDRs in main and cloned ExternalNetworks."""
l3out = self.mgr.get(ctx, self._ext_net_to_l3out(external_network))
ext_net_db = self.mgr.get(ctx, external_network)
if l3out and ext_net_db:
clone_l3outs = self._find_l3out_clones(ctx, l3out)
with ctx.store.begin(subtransactions=True):
for clone in clone_l3outs:
clone_ext_net = resource.ExternalNetwork(
tenant_name=clone.tenant_name,
l3out_name=clone.name,
name=external_network.name)
self._manage_external_subnets(ctx, clone_ext_net,
external_cidrs)
self._manage_external_subnets(ctx, ext_net_db, external_cidrs)
def test_connect_vrf_change_disallowed(self):
vrf = a_res.VRF(tenant_name='t1', name='vrf', display_name='VRF')
l3out = a_res.L3Outside(tenant_name='t1', name='o1')
ext_net = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1')
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
self.assertRaises(nat_strategy.L3OutsideVrfChangeDisallowed,
self.ns.connect_vrf, self.ctx, ext_net, vrf)
vrf = a_res.VRF(tenant_name='common', name='EXT-o1',
display_name='VRF2')
self.assertRaises(nat_strategy.L3OutsideVrfChangeDisallowed,
self.ns.connect_vrf, self.ctx, ext_net, vrf)
def _get_vrf_2_ext_net_1_objects(self):
return [
a_res.L3Outside(tenant_name='dept2', name='o1-vrf2',
display_name='OUT-VRF2', vrf_name='vrf2'),
a_res.ExternalNetwork(
tenant_name='dept2', l3out_name='o1-vrf2',
name='inet1', display_name='INET1',
provided_contract_names=['p1_vrf2', 'p2_vrf2'],
consumed_contract_names=['c1_vrf2', 'c2_vrf2'],
nat_epg_dn=('uni/tn-t1/ap-myapp/epg-EXT-o1'
if self.with_nat_epg else '')),
a_res.ExternalSubnet(
tenant_name='dept2', l3out_name='o1-vrf2',
external_network_name='inet1', cidr='20.20.20.0/24'),
a_res.ExternalSubnet(
tenant_name='dept2', l3out_name='o1-vrf2',
external_network_name='inet1', cidr='50.50.0.0/16')]
def delete_external_network(self, ctx, external_network):
"""Delete external-network from main and cloned L3Outs.
"""
with ctx.store.begin(subtransactions=True):
# Delete specified external-network from all cloned L3Outs.
# Delete external-network from main L3Out.
l3out = self.mgr.get(ctx, self._ext_net_to_l3out(external_network))
ext_net_db = self.mgr.get(ctx, external_network)
if l3out and ext_net_db:
clone_l3outs = self._find_l3out_clones(ctx, l3out)
for clone in clone_l3outs:
clone_ext_net = resource.ExternalNetwork(
tenant_name=clone.tenant_name,
l3out_name=clone.name,
name=ext_net_db.name)
self._delete_ext_net(ctx, clone_ext_net)
self._delete_unused_l3out(ctx, clone)
self._delete_ext_net(ctx, ext_net_db)
def test_connect_vrf_wrong_tenant(self):
vrf = a_res.VRF(tenant_name='dept1', name='vrf', display_name='VRF')
l3out = a_res.L3Outside(tenant_name='t1', name='o1')
ext_net = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1')
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
self.assertRaises(nat_strategy.VrfNotVisibleFromExternalNetwork,
self.ns.connect_vrf, self.ctx, ext_net, vrf)
l3out.tenant_name = 'common'
ext_net.tenant_name = 'common'
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
self.assertRaises(nat_strategy.VrfNotVisibleFromExternalNetwork,
self.ns.connect_vrf, self.ctx, ext_net, vrf)
def _check_connect_vrfs(self, stage):
en = a_res.ExternalNetwork(
tenant_name='t1', l3out_name='o1', name='inet1',
display_name='INET1',
provided_contract_names=['EXT-o1'],
consumed_contract_names=['EXT-o1'])
l3out_objs = self._get_l3out_objects()
v1_e1 = self._get_vrf_1_ext_net_1_objects()
v2_e1 = self._get_vrf_2_ext_net_1_objects()
if stage == 'stage1':
self._verify(present=l3out_objs + [en] + v1_e1)
elif stage == 'stage2':
self._verify(present=l3out_objs + [en] + v1_e1 + v2_e1)
elif stage == 'stage3':
self._verify(present=l3out_objs + [en] + v2_e1, absent=v1_e1)
elif stage == 'stage4':
self._verify(present=l3out_objs + [en], absent=v1_e1 + v2_e1)
else:
self.assertFalse(True, 'Unknown test stage %s' % stage)
def _delete_flowc_network_group_mapping(self,
plugin_context,
net,
flowc,
tenant,
cidr,
prefix=''):
flc_aid = self._get_external_group_aim_name(plugin_context, flowc,
prefix)
flc_aname = aim_utils.sanitize_display_name(flowc['name'])
aim_ctx = aim_context.AimContext(plugin_context.session)
l3out = self.aim_mech._get_svi_net_l3out(net)
cidr = netaddr.IPNetwork(cidr)
epg = None
if l3out:
if cidr.prefixlen != 0:
ext_net = aim_resource.ExternalNetwork(
tenant_name=l3out.tenant_name,
l3out_name=l3out.name,
name=flc_aid,
display_name=flc_aname)
self.aim.delete(aim_ctx, ext_net, cascade=True)
else:
ext_net = self.aim_mech._get_svi_default_external_epg(net)
epg = self.aim.get(aim_ctx, ext_net)
else:
epg = self.aim.get(
aim_ctx,
self.aim_mech._get_epg_by_network_id(plugin_context.session,
net['id']))
if epg:
contract = self._get_flc_contract(plugin_context.session, flowc,
tenant)
try:
if prefix == FLOWC_SRC:
epg.consumed_contract_names.remove(contract.name)
else:
epg.provided_contract_names.remove(contract.name)
self.aim.create(aim_ctx, epg, overwrite=True)
except ValueError:
pass
def _map_flowc_network_group(self, plugin_context, net, cidr, flowc,
prefix):
flc_aid = self._get_external_group_aim_name(plugin_context, flowc,
prefix)
flc_aname = aim_utils.sanitize_display_name(flowc['name'])
aim_ctx = aim_context.AimContext(plugin_context.session)
cidr = netaddr.IPNetwork(cidr)
l3out = self.aim_mech._get_svi_net_l3out(net)
if l3out:
if cidr.prefixlen == 0:
# Use default External Network
ext_net = self.aim_mech._get_svi_default_external_epg(net)
ext_net_db = self.aim.get(aim_ctx, ext_net)
if not ext_net_db:
raise exceptions.DefaultExternalNetworkNotFound(
id=net['id'])
else:
# Create ExternalNetwork and ExternalSubnet on the proper
# L3Out. Return the External network
ext_net = aim_resource.ExternalNetwork(
tenant_name=l3out.tenant_name,
l3out_name=l3out.name,
name=flc_aid,
display_name=flc_aname)
ext_sub = aim_resource.ExternalSubnet(
tenant_name=ext_net.tenant_name,
l3out_name=ext_net.l3out_name,
external_network_name=ext_net.name,
cidr=str(cidr))
ext_net_db = self.aim.get(aim_ctx, ext_net)
if not ext_net_db:
ext_net_db = self.aim.create(aim_ctx, ext_net)
ext_sub_db = self.aim.get(aim_ctx, ext_sub)
if not ext_sub_db:
self.aim.create(aim_ctx, ext_sub)
return ext_net_db
else:
return self.aim_mech._get_epg_by_network_id(
plugin_context.session, net['id'])
def _check_vrf_contract_update(self, stage):
e1 = a_res.ExternalNetwork(
tenant_name='dept1', l3out_name='o1-vrf1',
name='inet1', display_name='INET1',
provided_contract_names=['p1_vrf1', 'p2_vrf1'],
consumed_contract_names=['c1_vrf1', 'c2_vrf1'],
nat_epg_dn=('uni/tn-t1/ap-myapp/epg-EXT-o1'
if self.with_nat_epg else ''))
e2 = copy.deepcopy(e1)
e2.provided_contract_names = ['arp', 'p2_vrf1']
e2.consumed_contract_names = ['arp', 'c2_vrf1']
e3 = copy.deepcopy(e1)
e3.provided_contract_names = []
e3.consumed_contract_names = []
if stage == 'stage1':
self._verify(present=[e1])
elif stage == 'stage2':
self._verify(present=[e2])
elif stage == 'stage3':
self._verify(present=[e3])
else:
self.assertFalse(True, 'Unknown test stage %s' % stage)
def _get_vrf_1_ext_net_2_objects(self, connected=True):
return {
'l3out': a_res.L3Outside(
tenant_name='t2', name='o2',
display_name='OUT2',
vrf_name='vrf1'),
'ext_net': a_res.ExternalNetwork(
tenant_name='t2', l3out_name='o2',
name='inet2', display_name='INET2',
provided_contract_names=(
['EXT-o2', 'p3_vrf1', 'p4_vrf1']
if connected else ['EXT-o2']),
consumed_contract_names=(
['EXT-o2', 'c3_vrf1', 'c4_vrf1']
if connected else ['EXT-o2'])),
'nat_bd': a_res.BridgeDomain(
tenant_name='t2', name='EXT-o2',
display_name='EXT-OUT2',
vrf_name='EXT-o2',
limit_ip_learn_to_subnets=True,
l3out_names=['o2']),
'ext_sub_1': a_res.ExternalSubnet(
tenant_name='t2', l3out_name='o2',
external_network_name='inet2', cidr='0.0.0.0/0')}
def _get_network_l3out_ext_net(self, mapping):
return aim_resource.ExternalNetwork(
tenant_name=mapping.l3out_tenant_name,
l3out_name=mapping.l3out_name, name=mapping.l3out_ext_net_name)
def test_bd_l3out_vrf_in_common(self):
self.mgr.create(self.ctx, a_res.Tenant(name='common'))
self.mgr.create(self.ctx, a_res.Tenant(name='dept1'))
self.mgr.create(self.ctx, a_res.Tenant(name='dept2'))
self.mgr.create(self.ctx, a_res.Tenant(name='dept3'))
vrf = a_res.VRF(tenant_name='common', name='default')
bd1_dept1 = a_res.BridgeDomain(tenant_name='dept1', name='bd1',
limit_ip_learn_to_subnets=True,
vrf_name='default')
bd2_dept1 = a_res.BridgeDomain(tenant_name='dept1', name='bd2',
limit_ip_learn_to_subnets=True,
vrf_name='default')
bd1_dept2 = a_res.BridgeDomain(tenant_name='dept2', name='bd1',
limit_ip_learn_to_subnets=True,
vrf_name='default')
vrf_dept2 = a_res.VRF(tenant_name='dept2', name='default')
bd1_dept3 = a_res.BridgeDomain(tenant_name='dept3', name='bd1',
limit_ip_learn_to_subnets=True,
vrf_name='default')
bd2_dept3 = a_res.BridgeDomain(tenant_name='dept3', name='bd2',
limit_ip_learn_to_subnets=True,
vrf_name='foo')
for o in [vrf, bd1_dept1, bd2_dept1, bd1_dept2, vrf_dept2,
bd1_dept3, bd2_dept3]:
self.mgr.create(self.ctx, o)
# test with 'common' l3out
l3out = a_res.L3Outside(tenant_name='common', name='o1')
ext_net = a_res.ExternalNetwork(
tenant_name='common', l3out_name='o1', name='inet1')
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
self.mgr.update(self.ctx, l3out, vrf_name='default')
self._verify(present=[bd1_dept1, bd2_dept1, bd1_dept2, bd1_dept3,
bd2_dept3])
self.ns.connect_vrf(self.ctx, ext_net, vrf)
bd1_dept1.l3out_names = ['o1']
bd2_dept1.l3out_names = ['o1']
bd1_dept3.l3out_names = ['o1']
self._verify(present=[bd1_dept1, bd2_dept1, bd1_dept2, bd1_dept3,
bd2_dept3])
self.ns.disconnect_vrf(self.ctx, ext_net, vrf)
bd1_dept1.l3out_names = []
bd2_dept1.l3out_names = []
bd1_dept3.l3out_names = []
self._verify(present=[bd1_dept1, bd2_dept1, bd1_dept2, bd1_dept3,
bd2_dept3])
# test with l3out in specific tenant
l3out.tenant_name = 'dept1'
ext_net.tenant_name = 'dept1'
self.ns.create_l3outside(self.ctx, l3out)
self.ns.create_external_network(self.ctx, ext_net)
self.mgr.update(self.ctx, l3out, vrf_name='default')
self.ns.connect_vrf(self.ctx, ext_net, vrf)
bd1_dept1.l3out_names = ['o1']
bd2_dept1.l3out_names = ['o1']
self._verify(present=[bd1_dept1, bd2_dept1, bd1_dept2, bd1_dept3,
bd2_dept3])
self.ns.disconnect_vrf(self.ctx, ext_net, vrf)
bd1_dept1.l3out_names = []
bd2_dept1.l3out_names = []
self._verify(present=[bd1_dept1, bd2_dept1, bd1_dept2, bd1_dept3,
bd2_dept3])
