def test_04_publicip_per_project(self): """Test Public IP limit per project """ # Validate the following # 1. set max no of IPs per project to 2. # 2. Create an account in this domain # 3. Create 1 VM in this domain # 4. Acquire 1 IP in the domain. IP should be successfully acquired # 5. Try to acquire 3rd IP in this domain. It should give the user an # appropriate error and an alert should be generated. self.debug("Updating public IP resource limits for project: %s" % self.project.id) # Set usage_vm=1 for Account 1 update_resource_limit(self.apiclient, 1, max=2, projectid=self.project.id) # Public Ip self.debug("Deploying VM for Project: %s" % self.project.id) virtual_machine_1 = VirtualMachine.create( self.apiclient, self.services["server"], templateid=self.template.id, serviceofferingid=self.service_offering.id, projectid=self.project.id, ) self.cleanup.append(virtual_machine_1) # Verify VM state self.assertEqual(virtual_machine_1.state, "Running", "Check VM state is Running or not") networks = Network.list(self.apiclient, projectid=self.project.id, listall=True) self.assertEqual(isinstance(networks, list), True, "Check list networks response returns a valid response") self.assertNotEqual(len(networks), 0, "Check list networks response returns a valid network") network = networks[0] self.debug("Associating public IP for project: %s" % self.project.id) public_ip_1 = PublicIPAddress.create( self.apiclient, zoneid=virtual_machine_1.zoneid, services=self.services["server"], networkid=network.id, projectid=self.project.id, ) self.cleanup.append(public_ip_1) # Verify Public IP state self.assertEqual( public_ip_1.ipaddress.state in ["Allocated", "Allocating"], True, "Check Public IP state is allocated or not", ) # Exception should be raised for second Public IP with self.assertRaises(Exception): PublicIPAddress.create( self.apiclient, zoneid=virtual_machine_1.zoneid, services=self.services["server"], networkid=network.id, projectid=self.project.id, ) return
def validate_PublicIPAddress(self, public_ip, network, static_nat=False, vm=None): """Validates the Public IP Address""" self.debug("Validating the assignment and state of public IP address " "- %s" % public_ip.ipaddress.ipaddress) public_ips = PublicIPAddress.list(self.api_client, id=public_ip.ipaddress.id, networkid=network.id, isstaticnat=static_nat, listall=True ) self.assertEqual(isinstance(public_ips, list), True, "List public IP for network should return a " "valid list" ) self.assertEqual(public_ips[0].ipaddress, public_ip.ipaddress.ipaddress, "List public IP for network should list the assigned " "public IP address" ) self.assertEqual(public_ips[0].state, "Allocated", "Assigned public IP is not in the allocated state" ) if static_nat and vm: self.assertEqual(public_ips[0].virtualmachineid, vm.id, "Static NAT rule is not enabled for the VM on " "the assigned public IP" ) self.debug("Successfully validated the assignment and state of public " "IP address - %s" % public_ip.ipaddress.ipaddress)
def isIpInDesiredState(apiclient, ipaddressid, state): """ Check if the given IP is in the correct state (given) and return True/False accordingly""" retriesCount = 10 ipInDesiredState = False exceptionOccured = False exceptionMessage = "" try: while retriesCount >= 0: portableips = PublicIPAddress.list(apiclient, id=ipaddressid) assert validateList( portableips)[0] == PASS, "IPs list validation failed" if str(portableips[0].state).lower() == state: ipInDesiredState = True break retriesCount -= 1 time.sleep(60) except Exception as e: exceptionOccured = True exceptionMessage = e return [exceptionOccured, ipInDesiredState, e] if not ipInDesiredState: exceptionMessage = "Ip should be in %s state, it is in %s" %\ (state, portableips[0].state) return [False, ipInDesiredState, exceptionMessage]
def acquire_Public_Ip(self): """Acquires the public IP""" try: self.debug("Acquiring public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"] ) self.debug("Acquired public IP: %s" % public_ip.ipaddress.ipaddress) self.debug("Configuring NAT rule for the acquired public ip") NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id ) return public_ip except Exception as e: self.fail("Failed to acquire new public IP: %s" % e)
def createNetworkRulesForVM(apiclient, virtualmachine, ruletype, account, networkruledata): """Acquire IP, create Firewall and NAT/StaticNAT rule (associating it with given vm) for that IP""" try: public_ip = PublicIPAddress.create( apiclient,accountid=account.name, zoneid=virtualmachine.zoneid,domainid=account.domainid, networkid=virtualmachine.nic[0].networkid) FireWallRule.create( apiclient,ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[networkruledata["fwrule"]["cidr"]], startport=networkruledata["fwrule"]["startport"], endport=networkruledata["fwrule"]["endport"] ) if ruletype == NAT_RULE: # Create NAT rule NATRule.create(apiclient, virtualmachine, networkruledata["natrule"],ipaddressid=public_ip.ipaddress.id, networkid=virtualmachine.nic[0].networkid) elif ruletype == STATIC_NAT_RULE: # Enable Static NAT for VM StaticNATRule.enable(apiclient,public_ip.ipaddress.id, virtualmachine.id, networkid=virtualmachine.nic[0].networkid) except Exception as e: [FAIL, e] return [PASS, public_ip]
def setUp(self): try: self.apiclient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() self.account = Account.create( self.apiclient, self.services["account"], domainid=self.domain.id ) self.cleanup = [ self.account, ] self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.public_ip = PublicIPAddress.create( self.apiclient, accountid=self.virtual_machine.account, zoneid=self.virtual_machine.zoneid, domainid=self.virtual_machine.domainid, services=self.services["virtual_machine"] ) return except CloudstackAPIException as e: self.tearDown() raise e
def acquire_Public_Ip(self): """Acquires the public IP""" try: self.debug("Acquiring public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"] ) self.debug("Acquired public IP: %s" % public_ip.ipaddress.ipaddress) FireWallRule.create( self.apiclient, ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]], startport=self.services["fwrule"]["startport"], endport=self.services["fwrule"]["endport"] ) return public_ip except Exception as e: self.fail("Failed to acquire new public IP: %s" % e)
def setUp(self): self.apiclient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() self.account = Account.create(self.apiclient, self.services["account"], domainid=self.domain.id) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, ) self.virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, ) self.public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"], ) NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id ) self.cleanup = [self.account] return
def create_vm(self, pfrule=False, egress_policy=True, RR=False): self.create_network_offering(egress_policy, RR) # Creating network using the network offering created self.debug("Creating network with network offering: %s" % self.network_offering.id) self.network = Network.create( self.apiclient, self.services["network"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, ) self.debug("Created network with ID: %s" % self.network.id) self.debug("Deploying instance in the account: %s" % self.account.name) project = None self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.domain.id, serviceofferingid=self.service_offering.id, mode=self.zone.networktype if pfrule else "basic", networkids=[str(self.network.id)], projectid=project.id if project else None, ) self.debug("Deployed instance %s in account: %s" % (self.virtual_machine.id, self.account.name)) # Checking if VM is running or not, in case it is deployed in error state, test case fails self.vm_list = list_virtual_machines(self.apiclient, id=self.virtual_machine.id) self.assertEqual(validateList(self.vm_list)[0], PASS, "vm list validation failed, vm list is %s" % self.vm_list) self.assertEqual( str(self.vm_list[0].state).lower(), "running", "VM state should be running, it is %s" % self.vm_list[0].state, ) self.public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=self.network.id, ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=["0.0.0.0/0"], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"], ) self.debug("Creating NAT rule for VM ID: %s" % self.virtual_machine.id) # Create NAT rule NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], self.public_ip.ipaddress.id) return
def acquire_publicip(self, network): self.logger.debug('Associating public IP for network: %s' % network.name) public_ip = PublicIPAddress.create( self.api_client, accountid='admin', zoneid=self.zone.id, domainid=self.domain.id, networkids=[str(network.id)] ) self.logger.debug('Associated %s with network %s' % (public_ip.ipaddress.ipaddress, network.id)) self.test_cleanup.append(public_ip) return public_ip
def acquire_PublicIPAddress(self, network, vpc=None): self.debug("Associating public IP for network with ID - %s" % network.id) public_ip = PublicIPAddress.create(self.api_client, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id if vpc is None else None, vpcid=vpc.id if vpc else self.vpc.id if hasattr(self, "vpc") else None ) self.debug("Associated public IP address - %s with network with ID - %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def deploy_isolatednetwork_publicipaddress(self, ipaddress_data, virtualmachines_data, network): self.logger.debug('>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Creating...') publicipaddress = PublicIPAddress.create( api_client=self.api_client, data=ipaddress_data, network=network ) self.logger.debug('>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Created! TODO: MISSING FIELDS!') self.deploy_firewallrules(ipaddress_data, publicipaddress) self.deploy_portforwards(ipaddress_data['portforwards'], virtualmachines_data, None, publicipaddress)
def test_public_ip_admin_account(self): """Test for Associate/Disassociate public IP address for admin account""" # Validate the following: # 1. listPubliIpAddresses API returns the list of acquired addresses # 2. the returned list should contain our acquired IP address ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid ) list_pub_ip_addr_resp = list_publicIP( self.apiclient, id=ip_address.ipaddress.id ) self.assertEqual( isinstance(list_pub_ip_addr_resp, list), True, "Check list response returns a valid list" ) # listPublicIpAddresses should return newly created public IP self.assertNotEqual( len(list_pub_ip_addr_resp), 0, "Check if new IP Address is associated" ) self.assertEqual( list_pub_ip_addr_resp[0].id, ip_address.ipaddress.id, "Check Correct IP Address is returned in the List Cacls" ) ip_address.delete(self.apiclient) time.sleep(30) # Validate the following: # 1.listPublicIpAddresses should no more return the released address list_pub_ip_addr_resp = list_publicIP( self.apiclient, id=ip_address.ipaddress.id ) if list_pub_ip_addr_resp is None: return if (list_pub_ip_addr_resp) and ( isinstance( list_pub_ip_addr_resp, list)) and ( len(list_pub_ip_addr_resp) > 0): self.fail("list public ip response is not empty") return
def get_free_ipaddress(self, vlanId): ipaddresses = PublicIPAddress.list( self.apiclient, vlanid=vlanId, state='Free' ) self.assertEqual( isinstance(ipaddresses, list), True, "List ipaddresses should return a valid response for Free ipaddresses" ) random.shuffle(ipaddresses) return ipaddresses[0].ipaddress
def acquire_Public_IP(self, network): self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=None, #network.id, vpcid=self.vpc.id) self.cleanup.append(public_ip) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def acquire_publicip(self, network): self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpc.id ) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id )) return public_ip
def acquire_publicip(self, vpc, network): self.logger.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id) self.assertIsNotNone(public_ip, "Failed to acquire public IP") self.logger.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def acquire_Public_IP(self, network, vpc=None): self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create( self.api_client, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id if vpc is None else None, vpcid=vpc.id if vpc else self.vpc.id if hasattr(self, "vpc") else None) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def acquire_publicip(self, vpc, network): self.logger.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id, ) self.assertIsNotNone(public_ip, "Failed to acquire public IP") self.logger.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def acquire_publicip(self, network, vpc_id): self.logger.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc_id) self.logger.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) self.ips.append(public_ip) return public_ip
def deploy_isolatednetwork_publicipaddress(self, ipaddress_data, virtualmachines_data, network): self.logger.debug( '>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Creating...') publicipaddress = PublicIPAddress.create(api_client=self.api_client, data=ipaddress_data, network=network) self.logger.debug( '>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Created! TODO: MISSING FIELDS!' ) self.deploy_firewallrules(ipaddress_data, publicipaddress) self.deploy_portforwards(ipaddress_data['portforwards'], virtualmachines_data, None, publicipaddress)
def setUpClass(cls): cls.testClient = super(TestNATRules, cls).getClsTestClient() cls.api_client = cls.testClient.getApiClient() cls.services = Services().services # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client) cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests()) cls.services['mode'] = cls.zone.networktype template = get_template( cls.api_client, cls.zone.id, cls.services["ostype"] ) #Create an account, network, VM and IP addresses cls.account = Account.create( cls.api_client, cls.services["account"], admin=True, domainid=cls.domain.id ) cls.services["virtual_machine"]["zoneid"] = cls.zone.id cls.service_offering = ServiceOffering.create( cls.api_client, cls.services["service_offering"] ) cls.virtual_machine = VirtualMachine.create( cls.api_client, cls.services["virtual_machine"], templateid=template.id, accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id ) cls.public_ip = PublicIPAddress.create( cls.api_client, accountid=cls.account.name, zoneid=cls.zone.id, domainid=cls.account.domainid, services=cls.services["virtual_machine"] ) cls._cleanup = [ cls.virtual_machine, cls.account, cls.service_offering ]
def test_public_ip_user_account(self): """Test for Associate/Disassociate public IP address for user account""" # Validate the following: # 1. listPubliIpAddresses API returns the list of acquired addresses # 2. the returned list should contain our acquired IP address ip_address = PublicIPAddress.create( self.apiclient, self.user.name, self.zone.id, self.user.domainid ) # listPublicIpAddresses should return newly created public IP list_pub_ip_addr_resp = list_publicIP( self.apiclient, id=ip_address.ipaddress.id ) self.assertEqual( isinstance(list_pub_ip_addr_resp, list), True, "Check list response returns a valid list" ) self.assertNotEqual( len(list_pub_ip_addr_resp), 0, "Check if new IP Address is associated" ) self.assertEqual( list_pub_ip_addr_resp[0].id, ip_address.ipaddress.id, "Check Correct IP Address is returned in the List Call" ) ip_address.delete(self.apiclient) list_pub_ip_addr_resp = list_publicIP( self.apiclient, id=ip_address.ipaddress.id ) self.assertEqual( list_pub_ip_addr_resp, None, "Check if disassociated IP Address is no longer available" ) return
def deploy_publicipaddress(self, publicipaddress_data, virtualmachines_data, vpc): self.logger.debug('>>> PUBLIC IP ADDRESS => Creating...') publicipaddress = PublicIPAddress.create( api_client=self.api_client, data=publicipaddress_data, vpc=vpc ) ipaddress = publicipaddress.ipaddress self.logger.debug('>>> PUBLIC IP ADDRESS => ID: %s => IP: %s => State: %s => Source NAT: %s ' '=> Static NAT: %s => ACL: %s => VLAN: %s => Physical Network: %s => Network: %s ' '=> VPC: %s => Domain: %s', ipaddress.id, ipaddress.ipaddress, ipaddress.state, ipaddress.issourcenat, ipaddress.isstaticnat, ipaddress.aclid, ipaddress.vlanid, ipaddress.physicalnetworkid, ipaddress.networkid, ipaddress.vpcid, ipaddress.domainid) self.deploy_portforwards(publicipaddress_data['portforwards'], virtualmachines_data, vpc, publicipaddress)
def deploy_publicipaddress(self, publicipaddress_data, virtualmachines_data, vpc): self.logger.debug('>>> PUBLIC IP ADDRESS => Creating...') publicipaddress = PublicIPAddress.create(api_client=self.api_client, data=publicipaddress_data, vpc=vpc) ipaddress = publicipaddress.ipaddress self.logger.debug( '>>> PUBLIC IP ADDRESS => ID: %s => IP: %s => State: %s => Source NAT: %s ' '=> Static NAT: %s => ACL: %s => VLAN: %s => Physical Network: %s => Network: %s ' '=> VPC: %s => Domain: %s', ipaddress.id, ipaddress.ipaddress, ipaddress.state, ipaddress.issourcenat, ipaddress.isstaticnat, ipaddress.aclid, ipaddress.vlanid, ipaddress.physicalnetworkid, ipaddress.networkid, ipaddress.vpcid, ipaddress.domainid) self.deploy_portforwards(publicipaddress_data['portforwards'], virtualmachines_data, vpc, publicipaddress)
def acquire_PublicIPAddress(self, network, vpc=None, account=None): if not account: account = self.account self.debug( "Associating public IP for network with ID - %s in the account - %s" % (network.id, account.name)) public_ip = PublicIPAddress.create( self.api_client, accountid=account.name, domainid=account.domainid, zoneid=self.zone.id, networkid=network.id if vpc is None else None, vpcid=vpc.id if vpc else self.vpc.id if hasattr(self, "vpc") else None) self.debug( "Associated public IP address - %s with network with ID - %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def setUp(self): self.apiclient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() self.account = Account.create( self.apiclient, self.services["account"], domainid=self.domain.id ) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"] ) FireWallRule.create( self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]], startport=self.services["fwrule"]["startport"], endport=self.services["fwrule"]["endport"] ) self.cleanup = [self.account, ] return
def setUp(self): self.apiclient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() self.account = Account.create( self.apiclient, self.services["account"], domainid=self.domain.id ) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"] ) NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id ) self.cleanup = [self.account, ] return
def validate_network_rules(self): """ Validate network rules """ vms = VirtualMachine.list( self.api_client, account=self.account.name, domainid=self.account.domainid, listall=True ) public_ips = PublicIPAddress.list( self.api_client, account=self.account.name, domainid=self.account.domainid, listall=True ) for vm, public_ip in zip(vms, public_ips): try: ssh_1 = vm.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) self.debug("SSH into VM is successfully") self.debug( "Verifying if we can ping to outside world from VM?") # Ping to outsite world res = ssh_1.execute("ping -c 1 www.google.com") # res = 64 bytes from maa03s17-in-f20.1e100.net (74.125.236.212): # icmp_req=1 ttl=57 time=25.9 ms # --- www.l.google.com ping statistics --- # 1 packets transmitted, 1 received, 0% packet loss, time 0ms # rtt min/avg/max/mdev = 25.970/25.970/25.970/0.000 ms except Exception as e: self.fail("Failed to SSH into VM - %s, %s" % (public_ip.ipaddress.ipaddress, e)) result = str(res) self.assertEqual( result.count("1 received"), 1, "Ping to outside world from VM should be successful" )
def acquire_Public_Ip(self): """Acquires the public IP""" try: self.debug("Acquiring public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"]) self.debug("Acquired public IP: %s" % public_ip.ipaddress.ipaddress) FireWallRule.create(self.apiclient, ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]], startport=self.services["fwrule"]["startport"], endport=self.services["fwrule"]["endport"]) return public_ip except Exception as e: self.fail("Failed to acquire new public IP: %s" % e)
def acquire_Public_Ip(self): """Acquires the public IP""" try: self.debug("Acquiring public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"]) self.debug("Acquired public IP: %s" % public_ip.ipaddress.ipaddress) self.debug("Configuring NAT rule for the acquired public ip") NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id) return public_ip except Exception as e: self.fail("Failed to acquire new public IP: %s" % e)
def validate_PublicIPAddress(self, public_ip, network, static_nat=False, vm=None): """Validates the Public IP Address""" self.debug("Check if the public IP is successfully assigned to the network ?") public_ips = PublicIPAddress.list(self.api_client, id=public_ip.ipaddress.id, networkid=network.id, isstaticnat=static_nat, listall=True ) self.assertEqual(isinstance(public_ips, list), True, "List public IP for network should return a valid list" ) self.assertEqual(public_ips[0].ipaddress, public_ip.ipaddress.ipaddress, "List public IP for network should list the assigned public IP address" ) self.assertEqual(public_ips[0].state, "Allocated", "Assigned public IP is not in the allocated state" ) if static_nat and vm: self.assertEqual(public_ips[0].virtualmachineid, vm.id, "Static NAT Rule not enabled for the VM using the assigned public IP" ) self.debug("Assigned Public IP address - %s is successfully validated" % public_ip.ipaddress.ipaddress)
def validate_Public_IP(self, public_ip, network, static_nat=False, vm=None): """Validates the Public IP""" self.debug("Check if the Public IP is successfully assigned to the network ?") public_ips = PublicIPAddress.list(self.api_client, id=public_ip.ipaddress.id, networkid=network.id, isstaticnat=static_nat, listall=True ) self.assertEqual(isinstance(public_ips, list), True, "List public Ip for network should return a valid list" ) self.assertEqual(public_ips[0].ipaddress, public_ip.ipaddress.ipaddress, "List public Ip for network should list the assigned public Ip address" ) self.assertEqual(public_ips[0].state, "Allocated", "Assigned public Ip is not in the allocated state" ) if static_nat and vm: self.assertEqual(public_ips[0].virtualmachineid, vm.id, "Static NAT Rule not enabled for the VM using the assigned public Ip" ) self.debug("Assigned Public IP is successfully validated - %s" % public_ip.ipaddress.ipaddress)
def createNetworkRulesForVM(apiclient, virtualmachine, ruletype, account, networkruledata): """Acquire IP, create Firewall and NAT/StaticNAT rule (associating it with given vm) for that IP""" try: public_ip = PublicIPAddress.create( apiclient, accountid=account.name, zoneid=virtualmachine.zoneid, domainid=account.domainid, networkid=virtualmachine.nic[0].networkid) FireWallRule.create(apiclient, ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[networkruledata["fwrule"]["cidr"]], startport=networkruledata["fwrule"]["startport"], endport=networkruledata["fwrule"]["endport"]) if ruletype == NAT_RULE: # Create NAT rule NATRule.create(apiclient, virtualmachine, networkruledata["natrule"], ipaddressid=public_ip.ipaddress.id, networkid=virtualmachine.nic[0].networkid) elif ruletype == STATIC_NAT_RULE: # Enable Static NAT for VM StaticNATRule.enable(apiclient, public_ip.ipaddress.id, virtualmachine.id, networkid=virtualmachine.nic[0].networkid) except Exception as e: [FAIL, e] return [PASS, public_ip]
def _test_vpc_site2site_vpn(self, vpc_offering, num_VPCs=3): # Number of VPNs (to test) is number_of_VPCs - 1 # By default test setting up 2 VPNs from VPC0, requiring total of 3 VPCs maxnumVM = num_VPCs - 1 # Create VPC i vpc_list = [] for i in range(num_VPCs): # Generate VPC (mostly subnet) info vpcservice_n = copy.deepcopy(self.services["vpcN"]) for key in vpcservice_n.keys(): vpcservice_n[key] = vpcservice_n[key].format(N=` i `) vpc_n = VPC.create(apiclient=self.apiclient, services=vpcservice_n, networkDomain="vpc%d.vpn" % i, vpcofferingid=vpc_offering.id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id) self.assertIsNotNone(vpc_n, "VPC%d creation failed" % i) vpc_list.append(vpc_n) self.cleanup.append(vpc_n) self.logger.debug("VPC%d %s created" % (i, vpc_list[i].id)) default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0] # Create network in VPC i ntwk_list = [] for i in range(num_VPCs): # Generate network (mostly subnet) info ntwk_info_n = copy.deepcopy(self.services["network_N"]) for key in ntwk_info_n.keys(): ntwk_info_n[key] = ntwk_info_n[key].format(N=` i `) ntwk_n = Network.create( apiclient=self.apiclient, services=ntwk_info_n, accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offerings[0].id, zoneid=self.zone.id, vpcid=vpc_list[i].id, aclid=default_acl.id) self.assertIsNotNone(ntwk_n, "Network%d failed to create" % i) self.cleanup.append(ntwk_n) ntwk_list.append(ntwk_n) self.logger.debug("Network%d %s created in VPC %s" % (i, ntwk_list[i].id, vpc_list[i].id)) # Deploy a vm in network i vm_list = [] vm_n = None for i in range(num_VPCs): vm_n = VirtualMachine.create( self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=[ntwk_list[i].id], hypervisor=self.hypervisor, mode='advanced' if (i == 0) or (i == maxnumVM) else 'default') self.assertIsNotNone(vm_n, "VM%d failed to deploy" % i) self.cleanup.append(vm_n) vm_list.append(vm_n) self.logger.debug("VM%d %s deployed in VPC %s" % (i, vm_list[i].id, vpc_list[i].id)) self.assertEquals(vm_n.state, 'Running', "VM%d is not running" % i) # 4) Enable Site-to-Site VPN for VPC vpn_response_list = [] for i in range(num_VPCs): vpn_response = Vpn.createVpnGateway(self.apiclient, vpc_list[i].id) self.assertIsNotNone(vpn_response, "Failed to enable VPN Gateway %d" % i) vpn_response_list.append(vpn_response) self.logger.debug("VPN gateway for VPC%d %s enabled" % (i, vpc_list[i].id)) # 5) Add VPN Customer gateway info vpn_cust_gw_list = [] services = self.services["vpncustomergateway"] for i in range(num_VPCs): src_nat_list = PublicIPAddress.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc_list[i].id) ip = src_nat_list[0] customer_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC" + ` i `, ip.ipaddress, vpc_list[i].cidr, self.account.name, self.domain.id) self.cleanup.insert( 0, customer_response ) # this has to be cleaned up after the VPCs have been destroyed (due to client connectionsonections) vpn_cust_gw_list.append(customer_response) self.logger.debug( "VPN customer gateway added for VPC%d %s enabled" % (i, vpc_list[i].id)) # Before the next step ensure the last VPC is up and running # Routers in the right state? self.assertEqual( self.routers_in_right_state(vpcid=vpc_list[maxnumVM].id), True, "Check whether the routers are in the right state.") # 6) Connect VPCi with VPC0 for i in range(num_VPCs)[1:]: Vpn.createVpnConnection(self.apiclient, vpn_cust_gw_list[0].id, vpn_response_list[i]['id'], True) self.logger.debug("VPN passive connection created for VPC%d %s" % (i, vpc_list[i].id)) vpnconn2_response = Vpn.createVpnConnection( self.apiclient, vpn_cust_gw_list[i].id, vpn_response_list[0]['id']) self.logger.debug("VPN connection created for VPC%d %s" % (0, vpc_list[0].id)) self.assertEqual(vpnconn2_response['state'], "Connected", "Failed to connect between VPCs 0 and %d!" % i) self.logger.debug("VPN connected between VPC0 and VPC%d" % i) # First the last VM # setup ssh connection to vm maxnumVM self.logger.debug( "Setup SSH connection to last VM created (%d) to ensure availability for ping tests" % maxnumVM) ssh_max_client = vm_list[maxnumVM].get_ssh_client(retries=20) self.assertIsNotNone( ssh_max_client, "Failed to setup SSH to last VM created (%d)" % maxnumVM) self.logger.debug( "Setup SSH connection to first VM created (0) to ensure availability for ping tests" ) ssh_client = vm_list[0].get_ssh_client(retries=10) self.assertIsNotNone(ssh_client, "Failed to setup SSH to VM0") if ssh_client: # run ping test for i in range(num_VPCs)[1:]: packet_loss = ssh_client.execute( "/bin/ping -c 3 -t 10 " + vm_list[i].nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0] self.assertEquals( int(packet_loss), 0, "Ping towards vm" + ` i ` + "did not succeed") self.logger.debug("Ping from vm0 to vm%d did succeed" % i) else: self.fail("Failed to setup ssh connection to %s" % vm_list[0].public_ip) return
def test_network_rules_acquired_public_ip(self, value): """Test for Router rules for network rules on acquired public IP""" # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail self.ipaddress = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=self.defaultNetworkId ) self.cleanup.append(self.ipaddress) self.createNetworkRules(rule=value, ipaddressobj=self.ipaddress, networkid=self.defaultNetworkId) router = Router.list(self.apiclient, networkid=self.virtual_machine.nic[0].networkid, listall=True)[0] response = self.getCommandResultFromRouter(router, "ip addr") self.debug(response) stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress self.assertTrue(stringToMatch in str(response), "IP address is\ not removed from VR even after disabling statin NAT") try: self.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, self.ipaddress.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client( self.ipaddress.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) # Validate the following: # 1. listIpForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail self.removeNetworkRules(rule=value, ipaddressobj=self.ipaddress) response = self.getCommandResultFromRouter(router, "ip addr") self.debug(response) stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress self.assertFalse(stringToMatch in str(response), "IP address is\ not removed from VR even after disabling statin NAT") # Check if the Public SSH port is inaccessible with self.assertRaises(Exception): self.debug( "SSHing into VM with IP address %s after NAT rule deletion" % self.virtual_machine.ipaddress) SshClient( self.ipaddress.ipaddress.ipaddress, self.virtual_machine.ssh_port, self.virtual_machine.username, self.virtual_machine.password, retries=2, delay=0 ) return
def test_01_vpc_remote_access_vpn(self): """Test Remote Access VPN in VPC""" # 1) Create VPC vpc_offering = VpcOffering.list(self.apiclient, isdefault=True) self.assertTrue(vpc_offering is not None and len(vpc_offering) > 0, "No VPC offerings found") vpc = VPC.create(apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.vpn", vpcofferingid=vpc_offering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id) self.assertIsNotNone(vpc, "VPC creation failed") self.logger.debug("VPC %s created" % (vpc.id)) self.cleanup.append(vpc) # 2) Create network in VPC ntwk = Network.create(apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.domain.id, networkofferingid=self.network_offerings[0].id, zoneid=self.zone.id, vpcid=vpc.id) self.assertIsNotNone(ntwk, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk.id, vpc.id)) self.cleanup.append(ntwk) # 3) Deploy a vm vm = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.domain.id, serviceofferingid=self.compute_offering.id, networkids=ntwk.id, hypervisor=self.hypervisor) self.assertIsNotNone(vm, "VM failed to deploy") self.assertEquals(vm.state, 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id)) self.logger.debug("Deployed virtual machine: OK") self.cleanup.append(vm) # 4) Enable VPN for VPC src_nat_list = PublicIPAddress.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc.id) ip = src_nat_list[0] self.logger.debug("Acquired public ip address: OK") vpn = Vpn.create(self.apiclient, publicipid=ip.id, account=self.account.name, domainid=self.account.domainid, iprange=self.services["vpn"]["iprange"], fordisplay=self.services["vpn"]["fordisplay"]) self.assertIsNotNone(vpn, "Failed to create Remote Access VPN") self.logger.debug("Created Remote Access VPN: OK") vpn_user = None # 5) Add VPN user for VPC vpn_user = VpnUser.create(self.apiclient, account=self.account.name, domainid=self.account.domainid, username=self.services["vpn"]["vpn_user"], password=self.services["vpn"]["vpn_pass"]) self.assertIsNotNone(vpn_user, "Failed to create Remote Access VPN User") self.logger.debug("Created VPN User: OK") # TODO: Add an actual remote vpn connection test from a remote vpc # 9) Disable VPN for VPC vpn.delete(self.apiclient) self.logger.debug("Deleted the Remote Access VPN: OK")
def test_01_positive_tests_vm_operations_advanced_zone(self, value): """ Positive tests for VMLC test path - Advanced Zone # 1. List created service offering in setUpClass by name # 2. List registered template with name # 3. Create VM in account # 4. Enable networking for reaching to VM thorugh SSH # 5. Check VM accessibility through SSH # 6. Stop vm and verify vm is not accessible # 7. Start vm and verify vm is not accessible # 8. Reboot vm and verify vm is not accessible # 9. Destroy and recover VM # 10. Change service offering of VM to a different service offering # 11. Verify that the cpuspeed, cpunumber and memory of VM matches to # as specified in new service offering # 12. Start VM and verify VM accessibility # 13. Find suitable host for VM to migrate and migrate the VM # 14. Verify VM accessibility on new host """ # List created service offering in setUpClass by name listServiceOfferings = ServiceOffering.list( self.apiclient, name=self.service_offering_1.name, listall=True ) self.assertEqual(validateList(listServiceOfferings)[0], PASS, "List validation failed for service offerings list") self.assertEqual(listServiceOfferings[0].name, self.service_offering_1.name, "Names of created service offering\ and listed service offering not matching") # List registered template with name listTemplates = Template.list( self.userapiclient, templatefilter="self", name=self.template.name, listall=True, zone=self.zone.id) self.assertEqual(validateList(listTemplates)[0], PASS, "List validation failed for templates list") self.assertEqual(listTemplates[0].name, self.template.name, "Names of created template and listed template\ not matching") network = CreateNetwork(self, value) # Create VM in account self.virtual_machine = VirtualMachine.create( self.userapiclient, self.testdata["small"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering_1.id, networkids=[network.id, ], zoneid=self.zone.id ) self.cleanup.append(self.virtual_machine) publicip = PublicIPAddress.create( self.userapiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpcid ) if value == VPC_NETWORK: lb_rule = LoadBalancerRule.create( self.apiclient, self.testdata["vpclbrule"], ipaddressid=publicip.ipaddress.id, accountid=self.account.name, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpcid ) lb_rule.assign(self.apiclient, [self.virtual_machine]) # Opening up the ports in VPC NetworkACL.create( self.apiclient, networkid=network.id, services=self.testdata["natrule"], traffictype='Ingress' ) elif value == ISOLATED_NETWORK: FireWallRule.create( self.userapiclient, ipaddressid=publicip.ipaddress.id, protocol='TCP', cidrlist=[self.testdata["fwrule"]["cidr"]], startport=self.testdata["fwrule"]["startport"], endport=self.testdata["fwrule"]["endport"] ) NATRule.create( self.userapiclient, self.virtual_machine, self.testdata["natrule"], ipaddressid=publicip.ipaddress.id, networkid=network.id ) # Check VM accessibility try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Stop VM and verify VM is not accessible self.virtual_machine.stop(self.userapiclient) with self.assertRaises(Exception): SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password, retries=0) # Start VM and verify that it is accessible self.virtual_machine.start(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Reboot VM and verify that it is accessible self.virtual_machine.reboot(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Destroy and recover VM self.virtual_machine.delete(self.apiclient, expunge=False) self.virtual_machine.recover(self.apiclient) # Change service offering of VM and verify that it is changed self.virtual_machine.change_service_offering( self.userapiclient, serviceOfferingId=self.service_offering_2.id ) VerifyChangeInServiceOffering(self, self.virtual_machine, self.service_offering_2) # Start VM and verify that it is accessible self.virtual_machine.start(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) return
def test_02_port_fwd_on_non_src_nat(self): """Test for port forwarding on non source NAT""" # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid, self.services["virtual_machine"] ) self.cleanup.append(ip_address) # Check if VM is in Running state before creating NAT rule vm_response = VirtualMachine.list( self.apiclient, id=self.virtual_machine.id ) self.assertEqual( isinstance(vm_response, list), True, "Check list VM returns a valid list" ) self.assertNotEqual( len(vm_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( vm_response[0].state, 'Running', "VM state should be Running before creating a NAT rule." ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=ip_address.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"] ) # Create NAT rule nat_rule = NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ip_address.ipaddress.id ) # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail list_nat_rule_response = list_nat_rules( self.apiclient, id=nat_rule.id ) self.assertEqual( isinstance(list_nat_rule_response, list), True, "Check list response returns a valid list" ) self.assertNotEqual( len(list_nat_rule_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( list_nat_rule_response[0].id, nat_rule.id, "Check Correct Port forwarding Rule is returned" ) try: logger.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, ip_address.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client(ip_address.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) nat_rule.delete(self.apiclient) try: list_nat_rule_response = list_nat_rules( self.apiclient, id=nat_rule.id ) except CloudstackAPIException: logger.debug("Nat Rule is deleted") # Check if the Public SSH port is inaccessible with self.assertRaises(Exception): logger.debug( "SSHing into VM with IP address %s after NAT rule deletion" % self.virtual_machine.ipaddress) SshClient( ip_address.ipaddress.ipaddress, self.virtual_machine.ssh_port, self.virtual_machine.username, self.virtual_machine.password, retries=2, delay=0 ) return
def setUp(self): self.apiclient = self.testClient.getApiClient() self.services = self.testClient.getParsedTestDataConfig() # Get Zone, Domain and templates self.domain = get_domain(self.apiclient) self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests()) template = get_template( self.apiclient, self.zone.id, self.services["ostype"] ) self.services["virtual_machine"]["zoneid"] = self.zone.id # Create an account, network, VM, Port forwarding rule, LB rules self.account = Account.create( self.apiclient, self.services["account"], admin=True, domainid=self.domain.id ) self.service_offering = ServiceOffering.create( self.apiclient, self.services["service_offerings"] ) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid ) ip_addrs = list_publicIP( self.apiclient, account=self.account.name, domainid=self.account.domainid, issourcenat=False ) try: self.ip_addr = ip_addrs[0] except Exception as e: raise Exception( "Failed: During acquiring source NAT for account: %s, :%s" % (self.account.name, e)) self.nat_rule = NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], self.ip_addr.id ) self.lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], self.ip_addr.id, accountid=self.account.name ) self.cleanup = [ self.virtual_machine, self.account ] return
def setUp(self): self.apiclient = self.testClient.getApiClient() self.services = self.testClient.getParsedTestDataConfig() # Get Zone, Domain and templates self.domain = get_domain(self.apiclient) self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests()) template = get_template( self.apiclient, self.zone.id, self.services["ostype"] ) if template == FAILED: self.fail( "get_template() failed to return template with description %s" % self.services["ostype"]) self.services["virtual_machine"]["zoneid"] = self.zone.id # Create an account, network, VM and IP addresses self.account = Account.create( self.apiclient, self.services["account"], admin=True, domainid=self.domain.id ) self.service_offering = ServiceOffering.create( self.apiclient, self.services["service_offerings"] ) self.vm_1 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) # Wait for VM to come up time.sleep(120) src_nat_ip_addrs = list_publicIP( self.apiclient, account=self.account.name, domainid=self.account.domainid ) try: src_nat_ip_addr = src_nat_ip_addrs[0] except Exception as e: raise Exception( "Warning: Exception during fetching source NAT: %s" % e) self.public_ip = PublicIPAddress.create( self.apiclient, self.vm_1.account, self.vm_1.zoneid, self.vm_1.domainid, self.services["virtual_machine"] ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol=self.services["lbrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["lbrule"]["publicport"], endport=self.services["lbrule"]["publicport"] ) lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], src_nat_ip_addr.id, self.account.name ) lb_rule.assign(self.apiclient, [self.vm_1]) self.nat_rule = NATRule.create( self.apiclient, self.vm_1, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id ) self.cleanup = [self.nat_rule, lb_rule, self.vm_1, self.service_offering, self.account, ] return
def test_01_acquire_public_ips_in_isolated_network_with_single_vr(self): """ Acquire IPs in multiple subnets in isolated networks with single VR # Steps # 1. Create network offering with single VR, and enable it # 2. create isolated network with the network offering # 3. create a vm in the network. # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP # 4. get a free public ip, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP and new ip # 5. remove the port forwarding rule, and release the new ip # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic IP, eth2 -> source nat IP # 6. create new public ip range 1 # 7. get a free ip 4 in new ip range 2, assign to network, and enable static nat to vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1 # 8. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, # 9. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, new ip 3 # 10. release new ip 2 # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 3 # 11. release new ip 1 # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3 # 12. create new public ip range 2 # 13. get a free ip 4 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4 # 14. get a free ip 5 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5 # 15. get a free ip 6 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5/6 # 16. release new ip 5 # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/6 # 17. release new ip 4 # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 6 # 18. release new ip 3 # verify the available nics in VR should be "eth0,eth1,eth2,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6 # 19. restart network # verify the available nics in VR should be "eth0,eth1,eth2,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6 # 20. reboot router # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 # 21. restart network with cleanup # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 # 22. restart network with cleanup, makeredundant=true # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 """ # Create new domain1 self.domain1 = Domain.create(self.apiclient, services=self.services["acl"]["domain1"], parentdomainid=self.domain.id) # Create account1 self.account1 = Account.create(self.apiclient, self.services["acl"]["accountD1"], domainid=self.domain1.id) self.cleanup.append(self.account1) self.cleanup.append(self.domain1) # 1. Create network offering with single VR, and enable it self.network_offering = NetworkOffering.create( self.apiclient, self.services["isolated_network_offering"], ) self.network_offering.update(self.apiclient, state='Enabled') self.cleanup.append(self.network_offering) # 2. create isolated network with the network offering self.services["network"]["zoneid"] = self.zone.id self.services["network"]["networkoffering"] = self.network_offering.id self.network1 = Network.create(self.apiclient, self.services["network"], self.account1.name, self.account1.domainid) # 3. create a vm in the network. try: self.virtual_machine1 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account1.name, domainid=self.account1.domainid, serviceofferingid=self.service_offering.id, templateid=self.template.id, zoneid=self.zone.id, networkids=self.network1.id) except Exception as e: self.fail("Exception while deploying virtual machine: %s" % e) # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_router_publicnic_state(router, host, "eth2") # 4. get a free public ip, assign to network, and create port forwarding rules (ssh) to the vm ipaddress = PublicIPAddress.create( self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress.ipaddress.id, openfirewall=True) # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP/new ip routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress.ipaddress.ipaddress, "eth2", True) self.verify_router_publicnic_state(router, host, "eth2") # 5. release the new ip ipaddress.delete(self.apiclient) # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress.ipaddress.ipaddress, "eth2", False) self.verify_router_publicnic_state(router, host, "eth2") # 6. create new public ip range 1 self.services["publiciprange"]["zoneid"] = self.zone.id self.services["publiciprange"]["forvirtualnetwork"] = "true" random_subnet_number = random.randrange(10, 50) self.services["publiciprange"]["vlan"] = get_free_vlan( self.apiclient, self.zone.id)[1] self.services["publiciprange"]["gateway"] = "172.16." + str( random_subnet_number) + ".1" self.services["publiciprange"]["startip"] = "172.16." + str( random_subnet_number) + ".2" self.services["publiciprange"]["endip"] = "172.16." + str( random_subnet_number) + ".10" self.services["publiciprange"]["netmask"] = "255.255.255.0" self.public_ip_range1 = PublicIpRange.create( self.apiclient, self.services["publiciprange"]) self.cleanup.append(self.public_ip_range1) # 7. get a free ip 4 in new ip range 2, assign to network, and enable static nat to vm ip_address_1 = self.get_free_ipaddress(self.public_ip_range1.vlan.id) ipaddress_1 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_1) StaticNATRule.enable(self.apiclient, virtualmachineid=self.virtual_machine1.id, ipaddressid=ipaddress_1.ipaddress.id, networkid=self.network1.id) # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1 routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 8. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, ip_address_2 = self.get_free_ipaddress(self.public_ip_range1.vlan.id) ipaddress_2 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_2) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress_2.ipaddress.id, openfirewall=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_2.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 9. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, new ip 3 ip_address_3 = self.get_free_ipaddress(self.public_ip_range1.vlan.id) ipaddress_3 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_3) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress_3.ipaddress.id, openfirewall=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_2.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 10. release new ip 2 # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 3 ipaddress_2.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_2.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 11. release new ip 1 # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3 ipaddress_1.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_2.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 12. create new public ip range 2 self.services["publiciprange"]["zoneid"] = self.zone.id self.services["publiciprange"]["forvirtualnetwork"] = "true" self.services["publiciprange"]["vlan"] = get_free_vlan( self.apiclient, self.zone.id)[1] self.services["publiciprange"]["gateway"] = "172.16." + str( random_subnet_number + 1) + ".1" self.services["publiciprange"]["startip"] = "172.16." + str( random_subnet_number + 1) + ".2" self.services["publiciprange"]["endip"] = "172.16." + str( random_subnet_number + 1) + ".10" self.services["publiciprange"]["netmask"] = "255.255.255.0" self.public_ip_range2 = PublicIpRange.create( self.apiclient, self.services["publiciprange"]) self.cleanup.append(self.public_ip_range2) # 13. get a free ip 4 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4 ip_address_4 = self.get_free_ipaddress(self.public_ip_range2.vlan.id) ipaddress_4 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_4) StaticNATRule.enable(self.apiclient, virtualmachineid=self.virtual_machine1.id, ipaddressid=ipaddress_4.ipaddress.id, networkid=self.network1.id) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 14. get a free ip 5 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5 ip_address_5 = self.get_free_ipaddress(self.public_ip_range2.vlan.id) ipaddress_5 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_5) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress_5.ipaddress.id, openfirewall=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", True) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 15. get a free ip 6 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5/6 ip_address_6 = self.get_free_ipaddress(self.public_ip_range2.vlan.id) ipaddress_6 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_6) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress_6.ipaddress.id, openfirewall=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", True) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", True) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 16. release new ip 5 # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/6 ipaddress_5.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", True) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 17. release new ip 4 # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 6 ipaddress_4.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 18. release new ip 3 # verify the available nics in VR should be "eth0,eth1,eth2,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6 ipaddress_3.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth4") # 19. restart network # verify the available nics in VR should be "eth0,eth1,eth2,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6 self.network1.restart(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth4") # 20. reboot router # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 if len(routers) > 0: router = routers[0] cmd = rebootRouter.rebootRouterCmd() cmd.id = router.id self.apiclient.rebootRouter(cmd) router = self.get_router(router.id) host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 21. restart network with cleanup # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 self.network1.restart(self.apiclient, cleanup=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth3", True) # 22. restart network with cleanup, makeredundant=true # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 self.network1.restart(self.apiclient, cleanup=True, makeredundant=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3")
def test_01_host_maintenance_mode(self): """Test host maintenance mode """ # Validate the following # 1. Create Vms. Acquire IP. Create port forwarding & load balancing # rules for Vms. # 2. Host 1: put to maintenance mode. All Vms should failover to Host # 2 in cluster. Vms should be in running state. All port forwarding # rules and load balancing Rules should work. # 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host # 2 should succeed. # 4. Host 1: cancel maintenance mode. # 5. Host 2 : put to maintenance mode. All Vms should failover to # Host 1 in cluster. # 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on # host 1 should succeed. hosts = Host.list(self.apiclient, zoneid=self.zone.id, resourcestate='Enabled', type='Routing') self.assertEqual(isinstance(hosts, list), True, "List hosts should return valid host response") if len(hosts) < 2: self.skipTest("There must be at least 2 hosts present in cluster") self.debug("Checking HA with hosts: %s, %s" % (hosts[0].name, hosts[1].name)) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.assertEqual(vm.state, "Running", "Deployed VM should be in RUnning state") networks = Network.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(networks, list), True, "List networks should return valid list for the account") network = networks[0] self.debug("Associating public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) self.debug("Creating PF rule for IP address: %s" % public_ip.ipaddress.ipaddress) NATRule.create(self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id) self.debug("Creating LB rule on IP with NAT: %s" % public_ip.ipaddress.ipaddress) # Create Load Balancer rule on IP already having NAT rule lb_rule = LoadBalancerRule.create(self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name) self.debug("Created LB rule with ID: %s" % lb_rule.id) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) first_host = vm.hostid self.debug("Enabling maintenance mode for host %s" % vm.hostid) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = first_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) timeout = self.services["timeout"] # Poll and check state of VM while it migrates from one host to another while True: vms = VirtualMachine.list(self.apiclient, id=virtual_machine.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("VM 1 state: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other\ failed while enabling maintenance") second_host = vm.hostid self.assertEqual( vm.state, "Running", "VM should be in Running state after enabling host maintenance") # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance on other host virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine_2.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 2 state: %s" % vm.state) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") self.debug("Canceling host maintenance for ID: %s" % first_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = first_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % first_host) self.debug("Enabling maintenance mode for host %s" % second_host) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = second_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Maintenance mode enabled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other failed\ while enabling maintenance") # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[1] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other\ failed while enabling maintenance") for vm in vms: self.debug( "VM states after enabling maintenance mode on host: %s - %s" % (first_host, vm.state)) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") # Spawn an instance on other host virtual_machine_3 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine_3.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 3 state: %s" % vm.state) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) self.debug("Canceling host maintenance for ID: %s" % second_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = second_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) return
def test_01_firewall_rules_port_fw(self): """"Checking firewall rules deletion after static NAT disable""" # Validate the following: #1. Enable static NAT for a VM #2. Open up some ports. At this point there will be new rows in the # firewall_rules table. #3. Disable static NAT for the VM. #4. Check fire wall rules are deleted from firewall_rules table. public_ip = self.public_ip.ipaddress # Enable Static NAT for VM StaticNATRule.enable(self.apiclient, public_ip.id, self.virtual_machine.id) self.debug("Enabled static NAT for public IP ID: %s" % public_ip.id) #Create Static NAT rule, in fact it's firewall rule nat_rule = StaticNATRule.create(self.apiclient, self.services["firewall_rule"], public_ip.id) self.debug("Created Static NAT rule for public IP ID: %s" % public_ip.id) self.debug("Checking IP address") ip_response = PublicIPAddress.list(self.apiclient, id=public_ip.id) self.assertEqual(isinstance(ip_response, list), True, "Check ip response returns a valid list") self.assertNotEqual(len(ip_response), 0, "Check static NAT Rule is created") self.assertTrue(ip_response[0].isstaticnat, "IP is not static nat enabled") self.assertEqual(ip_response[0].virtualmachineid, self.virtual_machine.id, "IP is not binding with the VM") self.debug("Checking Firewall rule") firewall_response = FireWallRule.list(self.apiclient, ipaddressid=public_ip.id, listall=True) self.assertEqual(isinstance(firewall_response, list), True, "Check firewall response returns a valid list") self.assertNotEqual(len(firewall_response), 0, "Check firewall rule is created") self.assertEqual(firewall_response[0].state, "Active", "Firewall rule is not active") self.assertEqual(firewall_response[0].ipaddressid, public_ip.id, "Firewall rule is not static nat related") self.assertEqual(firewall_response[0].startport, str(self.services["firewall_rule"]["startport"]), "Firewall rule is not with specific port") self.debug("Removed the firewall rule") nat_rule.delete(self.apiclient) self.debug("Checking IP address, it should still existed") ip_response = PublicIPAddress.list(self.apiclient, id=public_ip.id) self.assertEqual(isinstance(ip_response, list), True, "Check ip response returns a valid list") self.assertNotEqual(len(ip_response), 0, "Check static NAT Rule is created") self.assertTrue(ip_response[0].isstaticnat, "IP is not static nat enabled") self.assertEqual(ip_response[0].virtualmachineid, self.virtual_machine.id, "IP is not binding with the VM") self.debug("Checking Firewall rule, it should be removed") firewall_response = FireWallRule.list(self.apiclient, ipaddressid=public_ip.id, listall=True) self.assertEqual(isinstance(firewall_response, list), True, "Check firewall response returns a valid list") if len(firewall_response) != 0: self.assertEqual( firewall_response[0].state, "Deleting", "Firewall rule should be deleted or in deleting state") return
def test_04_publicip_per_project(self): """Test Public IP limit per project """ # Validate the following # 1. set max no of IPs per project to 2. # 2. Create an account in this domain # 3. Create 1 VM in this domain # 4. Acquire 1 IP in the domain. IP should be successfully acquired # 5. Try to acquire 3rd IP in this domain. It should give the user an # appropriate error and an alert should be generated. self.debug( "Updating public IP resource limits for project: %s" % self.project.id) # Set usage_vm=1 for Account 1 update_resource_limit( self.apiclient, 1, # Public Ip max=2, projectid=self.project.id ) self.debug("Deploying VM for Project: %s" % self.project.id) virtual_machine_1 = VirtualMachine.create( self.apiclient, self.services["server"], templateid=self.template.id, serviceofferingid=self.service_offering.id, projectid=self.project.id ) self.cleanup.append(virtual_machine_1) # Verify VM state self.assertEqual( virtual_machine_1.state, 'Running', "Check VM state is Running or not" ) networks = Network.list( self.apiclient, projectid=self.project.id, listall=True ) self.assertEqual( isinstance(networks, list), True, "Check list networks response returns a valid response" ) self.assertNotEqual( len(networks), 0, "Check list networks response returns a valid network" ) network = networks[0] self.debug("Associating public IP for project: %s" % self.project.id) public_ip_1 = PublicIPAddress.create( self.apiclient, zoneid=virtual_machine_1.zoneid, services=self.services["server"], networkid=network.id, projectid=self.project.id ) self.cleanup.append(public_ip_1) # Verify Public IP state self.assertEqual( public_ip_1.ipaddress.state in [ 'Allocated', 'Allocating' ], True, "Check Public IP state is allocated or not" ) # Exception should be raised for second Public IP with self.assertRaises(Exception): PublicIPAddress.create( self.apiclient, zoneid=virtual_machine_1.zoneid, services=self.services["server"], networkid=network.id, projectid=self.project.id ) return
def setUp(self): self.apiclient = self.testClient.getApiClient() self.services = self.testClient.getParsedTestDataConfig() # Get Zone, Domain and templates self.domain = get_domain(self.apiclient) self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests()) self.hypervisor = self.testClient.getHypervisorInfo() template = get_test_template( self.apiclient, self.zone.id, self.hypervisor ) self.services["virtual_machine"]["zoneid"] = self.zone.id # Create an account, network, VM, Port forwarding rule, LB rules self.account = Account.create( self.apiclient, self.services["account"], admin=True, domainid=self.domain.id ) self.service_offering = ServiceOffering.create( self.apiclient, self.services["service_offerings"]["tiny"] ) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid ) ip_addrs = list_publicIP( self.apiclient, account=self.account.name, domainid=self.account.domainid, issourcenat=False ) try: self.ip_addr = ip_addrs[0] except Exception as e: raise Exception( "Failed: During acquiring source NAT for account: %s, :%s" % (self.account.name, e)) self.nat_rule = NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], self.ip_addr.id ) self.lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], self.ip_addr.id, accountid=self.account.name ) self.cleanup = [ self.virtual_machine, self.account ] return
def setUpClass(cls): testClient = super(TestPublicIP, cls).getClsTestClient() cls.apiclient = testClient.getApiClient() cls.services = testClient.getParsedTestDataConfig() # Get Zone, Domain and templates cls.domain = get_domain(cls.apiclient) cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests()) cls.services['mode'] = cls.zone.networktype # Create Accounts & networks cls.account = Account.create( cls.apiclient, cls.services["account"], admin=True, domainid=cls.domain.id ) cls.user = Account.create( cls.apiclient, cls.services["account"], domainid=cls.domain.id ) cls.services["network"]["zoneid"] = cls.zone.id cls.network_offering = NetworkOffering.create( cls.apiclient, cls.services["network_offering"], ) # Enable Network offering cls.network_offering.update(cls.apiclient, state='Enabled') cls.services["network"]["networkoffering"] = cls.network_offering.id cls.account_network = Network.create( cls.apiclient, cls.services["network"], cls.account.name, cls.account.domainid ) cls.user_network = Network.create( cls.apiclient, cls.services["network"], cls.user.name, cls.user.domainid ) # Create Source NAT IP addresses PublicIPAddress.create( cls.apiclient, cls.account.name, cls.zone.id, cls.account.domainid ) PublicIPAddress.create( cls.apiclient, cls.user.name, cls.zone.id, cls.user.domainid ) cls._cleanup = [ cls.account_network, cls.user_network, cls.account, cls.user, cls.network_offering ] return
def setUp(self): self.apiclient = self.testClient.getApiClient() self.services = self.testClient.getParsedTestDataConfig() # Get Zone, Domain and templates self.domain = get_domain(self.apiclient) self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests()) self.hypervisor = self.testClient.getHypervisorInfo() template = get_test_template( self.apiclient, self.zone.id, self.hypervisor ) if template == FAILED: self.fail("get_test_template() failed to return template") self.services["virtual_machine"]["zoneid"] = self.zone.id # Create an account, network, VM and IP addresses self.account = Account.create( self.apiclient, self.services["account"], admin=True, domainid=self.domain.id ) self.service_offering = ServiceOffering.create( self.apiclient, self.services["service_offerings"]["tiny"] ) self.vm_1 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) # Wait for VM to come up time.sleep(120) src_nat_ip_addrs = list_publicIP( self.apiclient, account=self.account.name, domainid=self.account.domainid ) try: src_nat_ip_addr = src_nat_ip_addrs[0] except Exception as e: raise Exception( "Warning: Exception during fetching source NAT: %s" % e) self.public_ip = PublicIPAddress.create( self.apiclient, self.vm_1.account, self.vm_1.zoneid, self.vm_1.domainid, self.services["virtual_machine"] ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol=self.services["lbrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["lbrule"]["publicport"], endport=self.services["lbrule"]["publicport"] ) lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], src_nat_ip_addr.id, self.account.name ) lb_rule.assign(self.apiclient, [self.vm_1]) self.nat_rule = NATRule.create( self.apiclient, self.vm_1, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id ) self.cleanup = [self.nat_rule, lb_rule, self.vm_1, self.service_offering, self.account, ] return
def test_01_create_lb_rule_src_nat(self): """Test to create Load balancing rule with source NAT""" # Validate the Following: # 1. listLoadBalancerRules should return the added rule # 2. attempt to ssh twice on the load balanced IP # 3. verify using the UNAME of the VM # that round robin is indeed happening as expected src_nat_ip_addrs = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid ) self.assertEqual( isinstance(src_nat_ip_addrs, list), True, "Check list response returns a valid list" ) src_nat_ip_addr = src_nat_ip_addrs[0] # Check if VM is in Running state before creating LB rule vm_response = VirtualMachine.list( self.apiclient, account=self.account.name, domainid=self.account.domainid ) self.assertEqual( isinstance(vm_response, list), True, "Check list VM returns a valid list" ) self.assertNotEqual( len(vm_response), 0, "Check Port Forwarding Rule is created" ) for vm in vm_response: self.assertEqual( vm.state, 'Running', "VM state should be Running before creating a NAT rule." ) # Create Load Balancer rule and assign VMs to rule lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], src_nat_ip_addr.id, accountid=self.account.name, vpcid=self.vpc1.id, networkid=self.network1.id ) self.cleanup.append(lb_rule) lb_rule.assign(self.apiclient, [self.vm_1, self.vm_2]) lb_rules = list_lb_rules( self.apiclient, id=lb_rule.id ) self.assertEqual( isinstance(lb_rules, list), True, "Check list response returns a valid list" ) # verify listLoadBalancerRules lists the added load balancing rule self.assertNotEqual( len(lb_rules), 0, "Check Load Balancer Rule in its List" ) self.assertEqual( lb_rules[0].id, lb_rule.id, "Check List Load Balancer Rules returns valid Rule" ) # listLoadBalancerRuleInstances should list all # instances associated with that LB rule lb_instance_rules = list_lb_instances( self.apiclient, id=lb_rule.id ) self.assertEqual( isinstance(lb_instance_rules, list), True, "Check list response returns a valid list" ) self.assertNotEqual( len(lb_instance_rules), 0, "Check Load Balancer instances Rule in its List" ) self.logger.debug("lb_instance_rules Ids: %s, %s" % ( lb_instance_rules[0].id, lb_instance_rules[1].id )) self.logger.debug("VM ids: %s, %s" % (self.vm_1.id, self.vm_2.id)) self.assertIn( lb_instance_rules[0].id, [self.vm_1.id, self.vm_2.id], "Check List Load Balancer instances Rules returns valid VM ID" ) self.assertIn( lb_instance_rules[1].id, [self.vm_1.id, self.vm_2.id], "Check List Load Balancer instances Rules returns valid VM ID" ) unameResults = [] self.try_ssh(src_nat_ip_addr.ipaddress, unameResults) self.try_ssh(src_nat_ip_addr.ipaddress, unameResults) self.try_ssh(src_nat_ip_addr.ipaddress, unameResults) self.try_ssh(src_nat_ip_addr.ipaddress, unameResults) self.try_ssh(src_nat_ip_addr.ipaddress, unameResults) self.logger.debug("UNAME: %s" % str(unameResults)) self.assertIn( "Linux", unameResults, "Check if ssh succeeded for server1" ) self.assertIn( "Linux", unameResults, "Check if ssh succeeded for server2" ) # SSH should pass till there is a last VM associated with LB rule lb_rule.remove(self.apiclient, [self.vm_2]) # making unameResultss list empty unameResults[:] = [] try: self.logger.debug("SSHing into IP address: %s after removing VM (ID: %s)" % ( src_nat_ip_addr.ipaddress, self.vm_2.id )) self.try_ssh(src_nat_ip_addr.ipaddress, unameResults) self.assertIn( "Linux", unameResults, "Check if ssh succeeded for server1" ) except Exception as e: self.fail("%s: SSH failed for VM with IP Address: %s" % (e, src_nat_ip_addr.ipaddress)) lb_rule.remove(self.apiclient, [self.vm_1]) with self.assertRaises(Exception): self.logger.debug("Removed all VMs, trying to SSH") self.try_ssh(src_nat_ip_addr.ipaddress, unameResults) return
def test_02_port_fwd_on_non_src_nat(self): """Test for port forwarding on non source NAT""" # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid, self.services["virtual_machine"] ) self.cleanup.append(ip_address) # Check if VM is in Running state before creating NAT rule vm_response = VirtualMachine.list( self.apiclient, id=self.virtual_machine.id ) self.assertEqual( isinstance(vm_response, list), True, "Check list VM returns a valid list" ) self.assertNotEqual( len(vm_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( vm_response[0].state, 'Running', "VM state should be Running before creating a NAT rule." ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=ip_address.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"] ) # Create NAT rule nat_rule = NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ip_address.ipaddress.id ) # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail list_nat_rule_response = list_nat_rules( self.apiclient, id=nat_rule.id ) self.assertEqual( isinstance(list_nat_rule_response, list), True, "Check list response returns a valid list" ) self.assertNotEqual( len(list_nat_rule_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( list_nat_rule_response[0].id, nat_rule.id, "Check Correct Port forwarding Rule is returned" ) try: self.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, ip_address.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client(ip_address.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) nat_rule.delete(self.apiclient) try: list_nat_rule_response = list_nat_rules( self.apiclient, id=nat_rule.id ) except CloudstackAPIException: self.debug("Nat Rule is deleted") # Check if the Public SSH port is inaccessible with self.assertRaises(Exception): self.debug( "SSHing into VM with IP address %s after NAT rule deletion" % self.virtual_machine.ipaddress) SshClient( ip_address.ipaddress.ipaddress, self.virtual_machine.ssh_port, self.virtual_machine.username, self.virtual_machine.password, retries=2, delay=0 ) return
def setUpClass(cls): cls.logger = MarvinLog(MarvinLog.LOGGER_TEST).get_logger() testClient = super(TestLoadBalance, cls).getClsTestClient() cls.apiclient = testClient.getApiClient() cls.services = testClient.getParsedTestDataConfig() # Get Zone, Domain and templates cls.domain = get_domain(cls.apiclient) cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests()) cls.template = get_template( cls.apiclient, cls.zone.id ) if cls.template == FAILED: assert False, "get_template() failed to return template with description %s" % cls.services["ostype"] cls.services["virtual_machine"]["zoneid"] = cls.zone.id # Create an account, network, VM and IP addresses cls.account = Account.create( cls.apiclient, cls.services["account"], admin=True, domainid=cls.domain.id ) cls.service_offering = get_default_virtual_machine_offering(cls.apiclient) cls.network_offering = get_default_network_offering(cls.apiclient) cls.logger.debug("Network Offering '%s' selected", cls.network_offering.name) cls.vpc_offering = get_default_vpc_offering(cls.apiclient) cls.logger.debug("VPC Offering '%s' selected", cls.vpc_offering.name) cls.vpc1 = VPC.create(cls.apiclient, cls.services['vpcs']['vpc1'], vpcofferingid=cls.vpc_offering.id, zoneid=cls.zone.id, domainid=cls.domain.id, account=cls.account.name) cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc1.name, cls.vpc1.cidr) cls.default_allow_acl = get_network_acl(cls.apiclient, 'default_allow') cls.logger.debug("ACL '%s' selected", cls.default_allow_acl.name) cls.network1 = Network.create(cls.apiclient, cls.services['networks']['network1'], networkofferingid=cls.network_offering.id, aclid=cls.default_allow_acl.id, vpcid=cls.vpc1.id, zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s", cls.network1.name, cls.network1.cidr, cls.network1.gateway) cls.vm_1 = VirtualMachine.create( cls.apiclient, cls.services["virtual_machine"], templateid=cls.template.id, accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[cls.network1.id] ) cls.vm_2 = VirtualMachine.create( cls.apiclient, cls.services["virtual_machine"], templateid=cls.template.id, accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[cls.network1.id] ) cls.vm_3 = VirtualMachine.create( cls.apiclient, cls.services["virtual_machine"], templateid=cls.template.id, accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[cls.network1.id] ) cls.non_src_nat_ip = PublicIPAddress.create(cls.apiclient, zoneid=cls.zone.id, domainid=cls.account.domainid, accountid=cls.account.name, vpcid=cls.vpc1.id, networkid=cls.network1.id) cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s", cls.non_src_nat_ip.ipaddress.ipaddress, cls.vpc1.name, cls.network1.name) command = replaceNetworkACLList.replaceNetworkACLListCmd() command.aclid = cls.default_allow_acl.id command.publicipid = cls.non_src_nat_ip.ipaddress.id cls.apiclient.replaceNetworkACLList(command) cls._cleanup = [ cls.account ]
def test_01_create_delete_portforwarding_fornonvpc(self): """ @summary: Test to list, create and delete Port Forwarding for IP Address associated to Non VPC network @Steps: Step1: Creating a Network for the user Step2: Associating an IP Addresses for Network Step3: Launching Virtual Machine in network created in step 2 Step4: Listing Port Forwarding Rules for the IP Address associated in Step2 Step5: Verifying that no Port Forwarding Rules are listed Step6: Creating a Port Forwarding Rule for IP Address associated in Step2 Step7: Listing Port Forwarding Rules for the IP Address associated in Step2 Step8: Verifying 1 Port Forwarding Rule is listed Step9: Deleting the Port Forwarding Rule created in Step6 Step10: Listing Port Forwarding Rules for the IP Address associated in Step2 Step11: Verifying that no Port Forwarding Rules are listed """ # Listing all the Networks's for a user list_networks_before = Network.list( self.userapiclient, listall=self.services["listall"], type="Isolated" ) # Verifying No Networks are listed self.assertIsNone( list_networks_before, "Networks listed for newly created User" ) # Listing Network Offerings network_offerings_list = NetworkOffering.list( self.apiClient, forvpc="false", guestiptype="Isolated", state="Enabled", supportedservices="SourceNat,PortForwarding", zoneid=self.zone.id ) status = validateList(network_offerings_list) self.assertEquals( PASS, status[0], "Isolated Network Offerings with sourceNat,\ PortForwarding enabled are not found" ) # Creating a network network = Network.create( self.userapiclient, self.services["network"], accountid=self.account.name, domainid=self.domain.id, networkofferingid=network_offerings_list[0].id, zoneid=self.zone.id ) self.assertIsNotNone( network, "Network creation failed" ) # Listing all the IP Addresses for a user list_ipaddresses_before = PublicIPAddress.list( self.userapiclient, listall=self.services["listall"] ) # Verifying no IP Addresses are listed self.assertIsNone( list_ipaddresses_before, "IP Addresses listed for newly created User" ) # Associating an IP Addresses to Network created associated_ipaddress = PublicIPAddress.create( self.userapiclient, services=self.services["network"], networkid=network.id ) self.assertIsNotNone( associated_ipaddress, "Failed to Associate IP Address" ) # Listing all the IP Addresses for a user list_ipaddresses_after = PublicIPAddress.list( self.userapiclient, listall=self.services["listall"] ) status = validateList(list_ipaddresses_after) self.assertEquals( PASS, status[0], "IP Addresses Association Failed" ) # Verifying the length of the list is 1 self.assertEqual( 1, len(list_ipaddresses_after), "Number of IP Addresses associated are not matching expected" ) # Launching a Virtual Machine with above created Network vm_created = VirtualMachine.create( self.userapiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, networkids=network.id, serviceofferingid=self.service_offering.id, ) self.assertIsNotNone( vm_created, "Failed to launch a VM under network created" ) self.cleanup.append(network) # Listing Virtual Machines in running state in above created network list_vms_running = VirtualMachine.list( self.userapiclient, listall=self.services["listall"], state="Running", networkid=network.id ) status = validateList(list_vms_running) self.assertEquals( PASS, status[0], "VM Created is not in Running state" ) # Verifying the length of the list is 1 self.assertEqual( 1, len(list_ipaddresses_after), "VM Created is not in Running state" ) self.assertEquals( vm_created.id, list_vms_running[0].id, "VM Created is not in Running state" ) # Listing Virtual Machines in stopped state in above created network list_vms_stopped = VirtualMachine.list( self.userapiclient, listall=self.services["listall"], state="Stopped", networkid=network.id ) # Verifying no VMs are in stopped state self.assertIsNone( list_vms_stopped, "VM Created is in stopped state" ) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_before = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) # Verifying no port forwarding rules are listed self.assertIsNone( list_prtfwdrule_before, "Port Forwarding Rules listed for newly associated IP Address" ) # Creating a Port Forwarding rule portfwd_rule = NATRule.create( self.userapiclient, virtual_machine=vm_created, services=self.services["natrule"], ipaddressid=associated_ipaddress.ipaddress.id, ) self.assertIsNotNone( portfwd_rule, "Failed to create Port Forwarding Rule" ) # Verifying details of Sticky Policy created # Creating expected and actual values dictionaries expected_dict = { "ipaddressid": associated_ipaddress.ipaddress.id, "privateport": str(self.services["natrule"]["privateport"]), "publicport": str(self.services["natrule"]["publicport"]), "protocol": str(self.services["natrule"]["protocol"]).lower(), } actual_dict = { "ipaddressid": portfwd_rule.ipaddressid, "privateport": str(portfwd_rule.privateport), "publicport": str(portfwd_rule.publicport), "protocol": portfwd_rule.protocol, } portfwd_status = self.__verify_values( expected_dict, actual_dict ) self.assertEqual( True, portfwd_status, "Created Port Forward Rule details are not as expected" ) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_after = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) status = validateList(list_prtfwdrule_after) self.assertEquals( PASS, status[0], "Failed to create Port Forwarding Rule" ) # Verifying the length of the list is 1 self.assertEqual( 1, len(list_prtfwdrule_after), "Failed to create Port Forwarding Rule" ) # Deleting Port Forwarding Rule portfwd_rule.delete(self.userapiclient) # Creating a Port Forwarding rule with port range portfwd_rule = NATRule.create( self.userapiclient, virtual_machine=vm_created, services=self.services["natrulerange"], ipaddressid=associated_ipaddress.ipaddress.id, ) self.assertIsNotNone( portfwd_rule, "Failed to create Port Forwarding Rule" ) #update the private port for port forwarding rule updatefwd_rule = portfwd_rule.update(self.userapiclient, portfwd_rule.id, virtual_machine=vm_created, services=self.services["updatenatrulerange"], ) # Verifying details of Sticky Policy created # Creating expected and actual values dictionaries expected_dict = { "privateport": str(self.services["updatenatrulerange"]["privateport"]), "privateendport": str(self.services["updatenatrulerange"]["privateendport"]), } actual_dict = { "privateport": str(updatefwd_rule.privateport), "privateendport": str(updatefwd_rule.privateendport), } portfwd_status = self.__verify_values( expected_dict, actual_dict ) self.assertEqual( True, portfwd_status, "Updated Port Forward Rule details are not as expected" ) # Deleting Port Forwarding Rule portfwd_rule.delete(self.userapiclient) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_after = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) # Verifying no port forwarding rules are listed self.assertIsNone( list_prtfwdrule_after, "Port Forwarding Rules listed after deletion" ) # Destroying the VM Launched vm_created.delete(self.apiClient) self.cleanup.append(self.account) return
def test_add_multiple_admins_in_project(self): """ 1. Create a User Account 2. Add user account with 'Admin' project account role and associate it with a Project role; The role defines what APIs are allowed/disallowed for the user: here, 'listPublicIpAddresses' is denied for the user account 3. Execute the 'listPublicIpAddresses' API and verify/confirm that the user/account can execute the API as it is a project admin """ self.useraccount = Account.create(self.apiclient, self.testdata["account"], roleid=4) self.cleanup.append(self.useraccount) self.useraccount1 = Account.create(self.apiclient, self.testdata["useracc"], roleid=4) self.cleanup.append(self.useraccount1) self.project.addAccount(self.apiclient, account=self.useraccount.name, projectroleid=self.projectrole.id, roletype='Admin') self.project.addAccount(self.apiclient, account=self.useraccount1.name, projectroleid=self.projectrole.id) project_accounts = Project.listAccounts(self.apiclient, projectid=self.project.id, role='Admin') self.assertEqual(len(project_accounts), 2, "account not added with admin Role") self.userapiclientAdminRole = self.testClient.getUserApiClient( UserName=self.useraccount.name, DomainName=self.useraccount.domain, type=0) self.userapiclientRegularRole = self.testClient.getUserApiClient( UserName=self.useraccount1.name, DomainName=self.useraccount1.domain, type=0) try: PublicIPAddress.list(self.userapiclientAdminRole, projectid=self.project.id) self.debug( "User added to the project could execute the listPublicIpAddresses API despite the project " "role as it is the Admin") pass except CloudstackAPIException: self.fail( "User is an Admin, should be able to execute the command despite Project role" ) try: self.project.suspend(self.userapiclientAdminRole, ) self.debug( "The user can perform Project administrative operations as it is added as " "an Admin to the project") pass except CloudstackAPIException: self.fail( "User should be allowed to execute project administrative operations" "as it is the Project Admin") try: self.project.suspend(self.userapiclientRegularRole, ) except Exception as e: pass
def test_network_rules_acquired_public_ip(self, value): """Test for Router rules for network rules on acquired public IP""" # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail self.ipaddress = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=self.defaultNetworkId ) self.createNetworkRules(rule=value, ipaddressobj=self.ipaddress, networkid=self.defaultNetworkId) router = Router.list(self.apiclient, networkid=self.virtual_machine.nic[0].networkid, listall=True)[0] response = self.getCommandResultFromRouter(router, "ip addr") logger.debug(response) stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress self.assertTrue(stringToMatch in str(response), "IP address is\ not added to the VR!") try: logger.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, self.ipaddress.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client( self.ipaddress.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) # Validate the following: # 1. listIpForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail self.removeNetworkRules(rule=value) response = self.getCommandResultFromRouter(router, "ip addr") logger.debug(response) stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress self.assertFalse(stringToMatch in str(response), "IP address is\ not removed from VR even after disabling stat in NAT") # Check if the Public SSH port is inaccessible with self.assertRaises(Exception): logger.debug( "SSHing into VM with IP address %s after NAT rule deletion" % self.virtual_machine.ipaddress) SshClient( self.ipaddress.ipaddress.ipaddress, self.virtual_machine.ssh_port, self.virtual_machine.username, self.virtual_machine.password, retries=2, delay=0 ) return
def test_02_host_maintenance_mode_with_activities(self): """Test host maintenance mode with activities """ # Validate the following # 1. Create Vms. Acquire IP. Create port forwarding & load balancing # rules for Vms. # 2. While activities are ongoing: Create snapshots, recurring # snapshots, create templates, download volumes, Host 1: put to # maintenance mode. All Vms should failover to Host 2 in cluster # Vms should be in running state. All port forwarding rules and # load balancing Rules should work. # 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host # 2 should succeed. All ongoing activities in step 3 should succeed # 4. Host 1: cancel maintenance mode. # 5. While activities are ongoing: Create snapshots, recurring # snapshots, create templates, download volumes, Host 2: put to # maintenance mode. All Vms should failover to Host 1 in cluster. # 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on # host 1 should succeed. All ongoing activities in step 6 should # succeed. hosts = Host.list(self.apiclient, zoneid=self.zone.id, resourcestate='Enabled', type='Routing') self.assertEqual(isinstance(hosts, list), True, "List hosts should return valid host response") if len(hosts) < 2: self.skipTest("There must be at least 2 hosts present in cluster") self.debug("Checking HA with hosts: %s, %s" % (hosts[0].name, hosts[1].name)) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.assertEqual(vm.state, "Running", "Deployed VM should be in RUnning state") networks = Network.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(networks, list), True, "List networks should return valid list for the account") network = networks[0] self.debug("Associating public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) self.debug("Creating PF rule for IP address: %s" % public_ip.ipaddress.ipaddress) NATRule.create(self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id) self.debug("Creating LB rule on IP with NAT: %s" % public_ip.ipaddress.ipaddress) # Create Load Balancer rule on IP already having NAT rule lb_rule = LoadBalancerRule.create(self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name) self.debug("Created LB rule with ID: %s" % lb_rule.id) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) # Get the Root disk of VM volumes = list_volumes(self.apiclient, virtualmachineid=virtual_machine.id, type='ROOT', listall=True) volume = volumes[0] self.debug("Root volume of VM(%s): %s" % (virtual_machine.name, volume.name)) # Create a snapshot from the ROOTDISK self.debug("Creating snapshot on ROOT volume: %s" % volume.name) snapshot = Snapshot.create(self.apiclient, volumes[0].id) self.debug("Snapshot created: ID - %s" % snapshot.id) snapshots = list_snapshots(self.apiclient, id=snapshot.id, listall=True) self.assertEqual(isinstance(snapshots, list), True, "Check list response returns a valid list") self.assertNotEqual(snapshots, None, "Check if result exists in list snapshots call") self.assertEqual(snapshots[0].id, snapshot.id, "Check snapshot id in list resources call") # Generate template from the snapshot self.debug("Generating template from snapshot: %s" % snapshot.name) template = Template.create_from_snapshot(self.apiclient, snapshot, self.services["templates"]) self.debug("Created template from snapshot: %s" % template.id) templates = list_templates( self.apiclient, templatefilter=self.services["templates"]["templatefilter"], id=template.id) self.assertEqual( isinstance(templates, list), True, "List template call should return the newly created template") self.assertEqual( templates[0].isready, True, "The newly created template should be in ready state") first_host = vm.hostid self.debug("Enabling maintenance mode for host %s" % vm.hostid) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = first_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) timeout = self.services["timeout"] # Poll and check state of VM while it migrates from one host to another while True: vms = VirtualMachine.list(self.apiclient, id=virtual_machine.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("VM 1 state: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other failed\ while enabling maintenance") second_host = vm.hostid self.assertEqual( vm.state, "Running", "VM should be in Running state after enabling host maintenance") # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance on other host virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine_2.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 2 state: %s" % vm.state) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") self.debug("Canceling host maintenance for ID: %s" % first_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = first_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % first_host) # Get the Root disk of VM volumes = list_volumes(self.apiclient, virtualmachineid=virtual_machine_2.id, type='ROOT', listall=True) volume = volumes[0] self.debug("Root volume of VM(%s): %s" % (virtual_machine_2.name, volume.name)) # Create a snapshot from the ROOTDISK self.debug("Creating snapshot on ROOT volume: %s" % volume.name) snapshot = Snapshot.create(self.apiclient, volumes[0].id) self.debug("Snapshot created: ID - %s" % snapshot.id) snapshots = list_snapshots(self.apiclient, id=snapshot.id, listall=True) self.assertEqual(isinstance(snapshots, list), True, "Check list response returns a valid list") self.assertNotEqual(snapshots, None, "Check if result exists in list snapshots call") self.assertEqual(snapshots[0].id, snapshot.id, "Check snapshot id in list resources call") # Generate template from the snapshot self.debug("Generating template from snapshot: %s" % snapshot.name) template = Template.create_from_snapshot(self.apiclient, snapshot, self.services["templates"]) self.debug("Created template from snapshot: %s" % template.id) templates = list_templates( self.apiclient, templatefilter=self.services["templates"]["templatefilter"], id=template.id) self.assertEqual( isinstance(templates, list), True, "List template call should return the newly created template") self.assertEqual( templates[0].isready, True, "The newly created template should be in ready state") self.debug("Enabling maintenance mode for host %s" % second_host) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = second_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Maintenance mode enabled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other failed\ while enabling maintenance") # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[1] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other failed\ while enabling maintenance") for vm in vms: self.debug( "VM states after enabling maintenance mode on host: %s - %s" % (first_host, vm.state)) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") # Spawn an instance on other host virtual_machine_3 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine_3.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 3 state: %s" % vm.state) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") self.debug("Canceling host maintenance for ID: %s" % second_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = second_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) return
def create_vm(self, pfrule=False, egress_policy=True, RR=False): self.create_network_offering(egress_policy, RR) # Creating network using the network offering created self.debug("Creating network with network offering: %s" % self.network_offering.id) self.network = Network.create( self.apiclient, self.services["network"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id) self.cleanup_networks.append(self.network) self.debug("Created network with ID: %s" % self.network.id) self.debug("Deploying instance in the account: %s" % self.account.name) project = None try: self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.domain.id, serviceofferingid=self.service_offering.id, mode=self.zone.networktype if pfrule else 'basic', networkids=[str(self.network.id)], projectid=project.id if project else None) self.cleanup_vms.append(self.virtual_machine) except Exception as e: self.fail("Virtual machine deployment failed with exception: %s" % e) self.debug("Deployed instance %s in account: %s" % (self.virtual_machine.id, self.account.name)) # Checking if VM is running or not, in case it is deployed in error state, test case fails self.vm_list = list_virtual_machines(self.apiclient, id=self.virtual_machine.id) self.assertEqual( validateList(self.vm_list)[0], PASS, "vm list validation failed, vm list is %s" % self.vm_list) self.assertEqual( str(self.vm_list[0].state).lower(), 'running', "VM state should be running, it is %s" % self.vm_list[0].state) self.public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=self.network.id) # Open up firewall port for SSH FireWallRule.create(self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"]) self.debug("Creating NAT rule for VM ID: %s" % self.virtual_machine.id) #Create NAT rule NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], self.public_ip.ipaddress.id) return