def _setup_address_scope(self, internal_address_scope1, internal_address_scope2, gw_address_scope=None):
router_info = self.generate_dvr_router_info(enable_snat=True)
address_scope1 = {str(l3_constants.IP_VERSION_4): internal_address_scope1}
address_scope2 = {str(l3_constants.IP_VERSION_4): internal_address_scope2}
if gw_address_scope:
router_info["gw_port"]["address_scopes"] = {str(l3_constants.IP_VERSION_4): gw_address_scope}
router_info[l3_constants.INTERFACE_KEY][0]["address_scopes"] = address_scope1
router_info[l3_constants.INTERFACE_KEY][1]["address_scopes"] = address_scope2
# Renew the address scope
router_info[l3_constants.SNAT_ROUTER_INTF_KEY] = []
self._add_snat_port_info_to_router(router_info, router_info[l3_constants.INTERFACE_KEY])
router = self.manage_router(self.agent, router_info)
router_ip_cidr1 = self._port_first_ip_cidr(router.internal_ports[0])
router_ip1 = router_ip_cidr1.partition("/")[0]
router_ip_cidr2 = self._port_first_ip_cidr(router.internal_ports[1])
router_ip2 = router_ip_cidr2.partition("/")[0]
br_int = framework.get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
test_machine1 = self.useFixture(
machine_fixtures.FakeMachine(br_int, net_helpers.increment_ip_cidr(router_ip_cidr1, 10), router_ip1)
)
test_machine2 = self.useFixture(
machine_fixtures.FakeMachine(br_int, net_helpers.increment_ip_cidr(router_ip_cidr2, 10), router_ip2)
)
return test_machine1, test_machine2, router
def _setup_address_scope(self, internal_address_scope1,
internal_address_scope2, gw_address_scope=None):
router_info = self.generate_router_info(enable_ha=False,
num_internal_ports=2)
address_scope1 = {l3_constants.IP_VERSION_4: internal_address_scope1}
address_scope2 = {l3_constants.IP_VERSION_4: internal_address_scope2}
if gw_address_scope:
router_info['gw_port']['address_scopes'] = {
l3_constants.IP_VERSION_4: gw_address_scope}
router_info[l3_constants.INTERFACE_KEY][0]['address_scopes'] = (
address_scope1)
router_info[l3_constants.INTERFACE_KEY][1]['address_scopes'] = (
address_scope2)
router = self.manage_router(self.agent, router_info)
router_ip_cidr1 = self._port_first_ip_cidr(router.internal_ports[0])
router_ip1 = router_ip_cidr1.partition('/')[0]
router_ip_cidr2 = self._port_first_ip_cidr(router.internal_ports[1])
router_ip2 = router_ip_cidr2.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
test_machine1 = self.useFixture(
machine_fixtures.FakeMachine(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr1),
router_ip1))
test_machine2 = self.useFixture(
machine_fixtures.FakeMachine(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr2),
router_ip2))
return test_machine1, test_machine2, router
def test_new_fip_sends_garp(self):
next_ip_cidr = net_helpers.increment_ip_cidr(self.machines.ip_cidr, 2)
expected_ip = str(netaddr.IPNetwork(next_ip_cidr).ip)
# Create incomplete ARP entry
self.peer.assert_no_ping(expected_ip)
has_entry = has_expected_arp_entry(
self.peer.port.name,
self.peer.namespace,
expected_ip,
self.router.port.link.address)
self.assertFalse(has_entry)
self.router.port.addr.add(next_ip_cidr)
has_arp_entry_predicate = functools.partial(
has_expected_arp_entry,
self.peer.port.name,
self.peer.namespace,
expected_ip,
self.router.port.link.address,
)
exc = RuntimeError(
"No ARP entry in %s namespace containing IP address %s and MAC "
"address %s" % (
self.peer.namespace,
expected_ip,
self.router.port.link.address))
utils.wait_until_true(
has_arp_entry_predicate,
exception=exc)
def test_fip_connection_from_same_subnet(self):
'''Test connection to floatingip which is associated with
fixed_ip on the same subnet of the source fixed_ip.
In other words it confirms that return packets surely
go through the router.
'''
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process(self.agent)
protocol_port = net_helpers.get_free_namespace_port(
l3_constants.PROTO_NAME_TCP, dst_machine.namespace)
# client sends to fip
netcat = net_helpers.NetcatTester(
src_machine.namespace,
dst_machine.namespace,
dst_fip,
protocol_port,
protocol=net_helpers.NetcatTester.TCP)
self.addCleanup(netcat.stop_processes)
self.assertTrue(netcat.test_connectivity())
def test_access_to_metadata_proxy(self):
"""Test access to the l3-agent metadata proxy.
The test creates:
* A l3-agent metadata service:
* A router (which creates a metadata proxy in the router namespace),
* A fake metadata server
* A "client" namespace (simulating a vm) with a port on router
internal subnet.
The test queries from the "client" namespace the metadata proxy on
http://169.254.169.254 and asserts that the metadata proxy added
the X-Forwarded-For and X-Neutron-Router-Id headers to the request
and forwarded the http request to the fake metadata server and the
response to the "client" namespace.
"""
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
self._create_metadata_fake_server(webob.exc.HTTPOk.code)
# Create and configure client namespace
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
br_int = framework.get_ovs_bridge(
self.agent.conf.OVS.integration_bridge)
machine = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip_cidr.partition('/')[0]))
# Query metadata proxy
firstline = self._query_metadata_proxy(machine)
# Check status code
self.assertIn(str(webob.exc.HTTPOk.code), firstline.split())
def _setup_fip_with_fixed_ip_from_same_subnet(self, enable_snat):
"""Setup 2 FakeMachines from same subnet, one with floatingip
associated.
"""
router_info = self.generate_router_info(enable_ha=False,
enable_snat=enable_snat)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[lib_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process()
return src_machine, dst_machine, dst_fip
def _setup_fip_with_fixed_ip_from_same_subnet(self, enable_snat):
"""Setup 2 FakeMachines from same subnet, one with floatingip
associated.
"""
router_info = self.generate_router_info(enable_ha=False,
enable_snat=enable_snat)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[lib_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process()
return src_machine, dst_machine, dst_fip
def test_ping_floatingip_reply_with_floatingip(self):
router_info = self.generate_dvr_router_info()
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router,
dst_fip,
fixed_address=dst_machine.ip,
host=self.agent.conf.host)
router.process(self.agent)
# Verify that the ping replys with fip
ns_ip_wrapper = ip_lib.IPWrapper(src_machine.namespace)
result = ns_ip_wrapper.netns.execute(
['ping', '-c', 1, '-W', 5, dst_fip])
self._assert_ping_reply_from_expected_address(result, dst_fip)
def test_new_fip_sends_garp(self):
next_ip_cidr = net_helpers.increment_ip_cidr(self.machines.ip_cidr, 2)
expected_ip = str(netaddr.IPNetwork(next_ip_cidr).ip)
# Create incomplete ARP entry
self.peer.assert_no_ping(expected_ip)
has_entry = has_expected_arp_entry(
self.peer.port.name,
self.peer.namespace,
expected_ip,
self.router.port.link.address)
self.assertFalse(has_entry)
self.router.port.addr.add(next_ip_cidr)
has_arp_entry_predicate = functools.partial(
has_expected_arp_entry,
self.peer.port.name,
self.peer.namespace,
expected_ip,
self.router.port.link.address,
)
exc = RuntimeError(
"No ARP entry in %s namespace containing IP address %s and MAC "
"address %s" % (
self.peer.namespace,
expected_ip,
self.router.port.link.address))
utils.wait_until_true(
has_arp_entry_predicate,
exception=exc)
def test_fip_connection_from_same_subnet(self):
'''Test connection to floatingip which is associated with
fixed_ip on the same subnet of the source fixed_ip.
In other words it confirms that return packets surely
go through the router.
'''
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process(self.agent)
protocol_port = net_helpers.get_free_namespace_port(
l3_constants.PROTO_NAME_TCP, dst_machine.namespace)
# client sends to fip
netcat = net_helpers.NetcatTester(
src_machine.namespace, dst_machine.namespace,
dst_fip, protocol_port,
protocol=net_helpers.NetcatTester.TCP)
self.addCleanup(netcat.stop_processes)
self.assertTrue(netcat.test_connectivity())
def test_access_to_metadata_proxy(self):
"""Test access to the l3-agent metadata proxy.
The test creates:
* A l3-agent metadata service:
* A router (which creates a metadata proxy in the router namespace),
* A fake metadata server
* A "client" namespace (simulating a vm) with a port on router
internal subnet.
The test queries from the "client" namespace the metadata proxy on
http://169.254.169.254 and asserts that the metadata proxy added
the X-Forwarded-For and X-Neutron-Router-Id headers to the request
and forwarded the http request to the fake metadata server and the
response to the "client" namespace.
"""
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
self._create_metadata_fake_server(webob.exc.HTTPOk.code)
# Create and configure client namespace
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
br_int = framework.get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
machine = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr), router_ip_cidr.partition("/")[0]
)
)
# Query metadata proxy
firstline = self._query_metadata_proxy(machine)
# Check status code
self.assertIn(str(webob.exc.HTTPOk.code), firstline.split())
def _setUp(self):
super(OVSTrunkConnectionTester, self)._setUp()
self.bridge = self.useFixture(net_helpers.OVSBridgeFixture()).bridge
self.br_trunk = self.useFixture(net_helpers.OVSTrunkBridgeFixture(self._br_trunk_name)).bridge
self._peer = self.useFixture(machine_fixtures.FakeMachine(self.bridge, self.ip_cidr))
ip_cidr = net_helpers.increment_ip_cidr(self.ip_cidr, 1)
self._vm = self.useFixture(machine_fixtures.FakeMachine(self.br_trunk, ip_cidr))
def _setUp(self):
self.machines = []
for index in range(self.amount):
ip_cidr = net_helpers.increment_ip_cidr(self.ip_cidr, index)
self.machines.append(
self.useFixture(
FakeMachine(self.bridge, ip_cidr, self.gateway_ip)))
def _setUp(self):
self.machines = []
for index in range(self.amount):
ip_cidr = net_helpers.increment_ip_cidr(self.ip_cidr, index)
self.machines.append(
self.useFixture(
FakeMachine(self.bridge, ip_cidr, self.gateway_ip)))
def setUp(self):
super(PeerMachines, self).setUp()
self.machines = []
for index in range(self.AMOUNT):
ip_cidr = net_helpers.increment_ip_cidr(self.ip_cidr, index)
self.machines.append(
self.useFixture(
FakeMachine(self.bridge, ip_cidr, self.gateway_ip)))
def setUp(self):
super(PeerMachines, self).setUp()
self.machines = []
for index in range(self.AMOUNT):
ip_cidr = net_helpers.increment_ip_cidr(self.ip_cidr, index)
self.machines.append(
self.useFixture(
FakeMachine(self.bridge, ip_cidr, self.gateway_ip)))
def test_fip_connection_from_same_subnet(self):
'''Test connection to floatingip which is associated with
fixed_ip on the same subnet of the source fixed_ip.
In other words it confirms that return packets surely
go through the router.
'''
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
src_ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr)
dst_ip_cidr = net_helpers.increment_ip_cidr(src_ip_cidr)
dst_ip = dst_ip_cidr.partition('/')[0]
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_ip)
router.process(self.agent)
br_int = get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
# FIXME(cbrandily): temporary, will be replaced by fake machines
src_ns = self._create_namespace(prefix='test-src-')
src_port = self.useFixture(
net_helpers.OVSPortFixture(br_int, src_ns.namespace)).port
src_port.addr.add(src_ip_cidr)
net_helpers.set_namespace_gateway(src_port, router_ip)
dst_ns = self._create_namespace(prefix='test-dst-')
dst_port = self.useFixture(
net_helpers.OVSPortFixture(br_int, dst_ns.namespace)).port
dst_port.addr.add(dst_ip_cidr)
net_helpers.set_namespace_gateway(dst_port, router_ip)
protocol_port = helpers.get_free_namespace_port(dst_ns)
# client sends to fip
netcat = helpers.NetcatTester(src_ns,
dst_ns,
dst_ip,
protocol_port,
client_address=dst_fip,
run_as_root=True,
udp=False)
self.addCleanup(netcat.stop_processes)
self.assertTrue(netcat.test_connectivity())
def _setup_address_scope(self,
internal_address_scope1,
internal_address_scope2,
gw_address_scope=None):
router_info = self.generate_dvr_router_info(enable_snat=True)
address_scope1 = {
str(l3_constants.IP_VERSION_4): internal_address_scope1
}
address_scope2 = {
str(l3_constants.IP_VERSION_4): internal_address_scope2
}
if gw_address_scope:
router_info['gw_port']['address_scopes'] = {
str(l3_constants.IP_VERSION_4): gw_address_scope
}
router_info[l3_constants.INTERFACE_KEY][0]['address_scopes'] = (
address_scope1)
router_info[l3_constants.INTERFACE_KEY][1]['address_scopes'] = (
address_scope2)
# Renew the address scope
router_info[n_const.SNAT_ROUTER_INTF_KEY] = []
self._add_snat_port_info_to_router(
router_info, router_info[l3_constants.INTERFACE_KEY])
router = self.manage_router(self.agent, router_info)
router_ip_cidr1 = self._port_first_ip_cidr(router.internal_ports[0])
router_ip1 = router_ip_cidr1.partition('/')[0]
router_ip_cidr2 = self._port_first_ip_cidr(router.internal_ports[1])
router_ip2 = router_ip_cidr2.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
test_machine1 = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr1, 10),
router_ip1))
test_machine2 = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr2, 10),
router_ip2))
return test_machine1, test_machine2, router
def test_fip_connection_from_same_subnet(self):
'''Test connection to floatingip which is associated with
fixed_ip on the same subnet of the source fixed_ip.
In other words it confirms that return packets surely
go through the router.
'''
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
src_ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr)
dst_ip_cidr = net_helpers.increment_ip_cidr(src_ip_cidr)
dst_ip = dst_ip_cidr.partition('/')[0]
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_ip)
router.process(self.agent)
br_int = get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
# FIXME(cbrandily): temporary, will be replaced by fake machines
src_ns = self._create_namespace(prefix='test-src-')
src_port = self.useFixture(
net_helpers.OVSPortFixture(br_int, src_ns.namespace)).port
src_port.addr.add(src_ip_cidr)
net_helpers.set_namespace_gateway(src_port, router_ip)
dst_ns = self._create_namespace(prefix='test-dst-')
dst_port = self.useFixture(
net_helpers.OVSPortFixture(br_int, dst_ns.namespace)).port
dst_port.addr.add(dst_ip_cidr)
net_helpers.set_namespace_gateway(dst_port, router_ip)
protocol_port = helpers.get_free_namespace_port(dst_ns)
# client sends to fip
netcat = helpers.NetcatTester(src_ns, dst_ns, dst_ip,
protocol_port,
client_address=dst_fip,
run_as_root=True,
udp=False)
self.addCleanup(netcat.stop_processes)
self.assertTrue(netcat.test_connectivity())
def _setUp(self):
super(OVSTrunkConnectionTester, self)._setUp()
self.bridge = self.useFixture(net_helpers.OVSBridgeFixture()).bridge
self.br_trunk = self.useFixture(
net_helpers.OVSTrunkBridgeFixture(self._br_trunk_name)).bridge
self._peer = self.useFixture(
machine_fixtures.FakeMachine(self.bridge, self.ip_cidr))
ip_cidr = net_helpers.increment_ip_cidr(self.ip_cidr, 1)
self._vm = self.useFixture(
machine_fixtures.FakeMachine(self.br_trunk, ip_cidr))
def _setup_address_scope(self,
internal_address_scope1,
internal_address_scope2,
gw_address_scope=None):
router_info = self.generate_router_info(enable_ha=False,
num_internal_ports=2)
address_scope1 = {
str(l3_constants.IP_VERSION_4): internal_address_scope1
}
address_scope2 = {
str(l3_constants.IP_VERSION_4): internal_address_scope2
}
if gw_address_scope:
router_info['gw_port']['address_scopes'] = {
str(l3_constants.IP_VERSION_4): gw_address_scope
}
router_info[l3_constants.INTERFACE_KEY][0]['address_scopes'] = (
address_scope1)
router_info[l3_constants.INTERFACE_KEY][1]['address_scopes'] = (
address_scope2)
router = self.manage_router(self.agent, router_info)
router_ip_cidr1 = self._port_first_ip_cidr(router.internal_ports[0])
router_ip1 = router_ip_cidr1.partition('/')[0]
router_ip_cidr2 = self._port_first_ip_cidr(router.internal_ports[1])
router_ip2 = router_ip_cidr2.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
test_machine1 = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr1),
router_ip1))
test_machine2 = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr2),
router_ip2))
return test_machine1, test_machine2, router
def test_read_queue_send_garp(self):
self._run_monitor()
dev_dummy = 'dev_dummy'
ip_wrapper = ip_lib.IPWrapper(namespace=self.router.namespace)
ip_wrapper.add_dummy(dev_dummy)
ip_device = ip_lib.IPDevice(dev_dummy, namespace=self.router.namespace)
ip_device.link.set_up()
msg = 'Sent GARP to %(ip_address)s from %(device_name)s'
for idx in range(2, 20):
next_cidr = net_helpers.increment_ip_cidr(self.cidr, idx)
ip_device.addr.add(next_cidr)
msg_args = {'ip_address': str(netaddr.IPNetwork(next_cidr).ip),
'device_name': dev_dummy}
self._search_in_file(self.log_file, msg % msg_args)
ip_device.addr.delete(next_cidr)
def test_access_to_metadata_proxy(self):
"""Test access to the l3-agent metadata proxy.
The test creates:
* A l3-agent metadata service:
* A router (which creates a metadata proxy in the router namespace),
* A fake metadata server
* A "client" namespace (simulating a vm) with a port on router
internal subnet.
The test queries from the "client" namespace the metadata proxy on
http://169.254.169.254 and asserts that the metadata proxy added
the X-Forwarded-For and X-Neutron-Router-Id headers to the request
and forwarded the http request to the fake metadata server and the
response to the "client" namespace.
"""
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
self._create_metadata_fake_server(webob.exc.HTTPOk.code)
# Create and configure client namespace
client_ns = self._create_namespace()
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr)
br_int = get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
# FIXME(cbrandily): temporary, will be replaced by a fake machine
port = self.useFixture(
net_helpers.OVSPortFixture(br_int, client_ns.namespace)).port
port.addr.add(ip_cidr)
net_helpers.set_namespace_gateway(port,
router_ip_cidr.partition('/')[0])
# Query metadata proxy
url = 'http://%(host)s:%(port)s' % {
'host': dhcp.METADATA_DEFAULT_IP,
'port': dhcp.METADATA_PORT
}
cmd = 'curl', '--max-time', METADATA_REQUEST_TIMEOUT, '-D-', url
try:
raw_headers = client_ns.netns.execute(cmd)
except RuntimeError:
self.fail('metadata proxy unreachable on %s before timeout' % url)
# Check status code
firstline = raw_headers.splitlines()[0]
self.assertIn(str(webob.exc.HTTPOk.code), firstline.split())
def create_ports_for(self, site):
"""Creates namespaces and ports for simulated VM.
There will be a unique namespace for each port, which is representing
a VM for the test.
"""
bridge = get_ovs_bridge(self.vpn_agent.conf.ovs_integration_bridge)
site.vm = []
for internal_port in site.router.internal_ports:
router_ip_cidr = self._port_first_ip_cidr(internal_port)
port_ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr, 1)
client_ns = self.useFixture(net_helpers.NamespaceFixture()).ip_wrapper
namespace = client_ns.namespace
port = self.useFixture(net_helpers.OVSPortFixture(bridge, namespace)).port
port.addr.add(port_ip_cidr)
port.route.add_gateway(router_ip_cidr.partition("/")[0])
site.vm.append(Vm(namespace, port_ip_cidr.partition("/")[0]))
def test_access_to_metadata_proxy(self):
"""Test access to the l3-agent metadata proxy.
The test creates:
* A l3-agent metadata service:
* A router (which creates a metadata proxy in the router namespace),
* A fake metadata server
* A "client" namespace (simulating a vm) with a port on router
internal subnet.
The test queries from the "client" namespace the metadata proxy on
http://169.254.169.254 and asserts that the metadata proxy added
the X-Forwarded-For and X-Neutron-Router-Id headers to the request
and forwarded the http request to the fake metadata server and the
response to the "client" namespace.
"""
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
self._create_metadata_fake_server(webob.exc.HTTPOk.code)
# Create and configure client namespace
client_ns = self._create_namespace()
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr)
br_int = get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
# FIXME(cbrandily): temporary, will be replaced by a fake machine
port = self.useFixture(
net_helpers.OVSPortFixture(br_int, client_ns.namespace)).port
port.addr.add(ip_cidr)
net_helpers.set_namespace_gateway(port,
router_ip_cidr.partition('/')[0])
# Query metadata proxy
url = 'http://%(host)s:%(port)s' % {'host': dhcp.METADATA_DEFAULT_IP,
'port': dhcp.METADATA_PORT}
cmd = 'curl', '--max-time', METADATA_REQUEST_TIMEOUT, '-D-', url
try:
raw_headers = client_ns.netns.execute(cmd)
except RuntimeError:
self.fail('metadata proxy unreachable on %s before timeout' % url)
# Check status code
firstline = raw_headers.splitlines()[0]
self.assertIn(str(webob.exc.HTTPOk.code), firstline.split())
def add_vlan_interface_and_peer(self, vlan, ip_cidr):
"""Create a sub_port and a peer
We create a sub_port that uses vlan as segmentation ID. In the vm
namespace we create a vlan subinterface on the same vlan.
A peer on the same network is created. When pinging from the peer
to the sub_port packets will be tagged using the internal vlan ID
of the network. The sub_port will remove that vlan tag and push the
vlan specified in the segmentation ID. The packets will finally reach
the vlan subinterface in the vm namespace.
"""
network = netaddr.IPNetwork(ip_cidr)
net_helpers.create_vlan_interface(self._vm.namespace, self._vm.port.name, self.vm_mac_address, network, vlan)
self._ip_vlan = str(network.ip)
ip_cidr = net_helpers.increment_ip_cidr(ip_cidr, 1)
self._peer2 = self.useFixture(machine_fixtures.FakeMachine(self.bridge, ip_cidr))
def port_setup(self, router, bridge=None, offset=1, namespace=None):
"""Creates namespace and a port inside it on a client site."""
if not namespace:
client_ns = self.useFixture(
net_helpers.NamespaceFixture()).ip_wrapper
namespace = client_ns.namespace
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
port_ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr, offset)
if not bridge:
bridge = get_ovs_bridge(self.vpn_agent.conf.ovs_integration_bridge)
port = self.useFixture(
net_helpers.OVSPortFixture(bridge, namespace)).port
port.addr.add(port_ip_cidr)
port.route.add_gateway(router_ip_cidr.partition('/')[0])
return namespace, port_ip_cidr.partition('/')[0]
def port_setup(self, router, bridge=None, offset=1, namespace=None):
"""Creates namespace and a port inside it on a client site."""
if not namespace:
client_ns = self.useFixture(
net_helpers.NamespaceFixture()).ip_wrapper
namespace = client_ns.namespace
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
port_ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr, offset)
if not bridge:
bridge = get_ovs_bridge(self.vpn_agent.conf.ovs_integration_bridge)
port = self.useFixture(
net_helpers.OVSPortFixture(bridge, namespace)).port
port.addr.add(port_ip_cidr)
port.route.add_gateway(router_ip_cidr.partition('/')[0])
return namespace, port_ip_cidr.partition('/')[0]
def create_ports_for(self, site):
"""Creates namespaces and ports for simulated VM.
There will be a unique namespace for each port, which is representing
a VM for the test.
"""
bridge = get_ovs_bridge(self.vpn_agent.conf.ovs_integration_bridge)
site.vm = []
for internal_port in site.router.internal_ports:
router_ip_cidr = self._port_first_ip_cidr(internal_port)
port_ip_cidr = net_helpers.increment_ip_cidr(router_ip_cidr, 1)
client_ns = self.useFixture(
net_helpers.NamespaceFixture()).ip_wrapper
namespace = client_ns.namespace
port = self.useFixture(
net_helpers.OVSPortFixture(bridge, namespace)).port
port.addr.add(port_ip_cidr)
port.route.add_gateway(router_ip_cidr.partition('/')[0])
site.vm.append(Vm(namespace, port_ip_cidr.partition('/')[0]))
def test_new_fip_sends_garp(self):
ns_ip_wrapper = ip_lib.IPWrapper(self.router.namespace)
new_interface = ns_ip_wrapper.add_dummy('new_interface')
new_interface_cidr = '169.254.152.1/24'
new_interface.link.set_up()
new_interface.addr.add(new_interface_cidr)
self._generate_cmd_opts(monitor_interface='new_interface',
cidr=new_interface_cidr)
self._run_monitor()
next_ip_cidr = net_helpers.increment_ip_cidr(self.machines.ip_cidr, 2)
expected_ip = str(netaddr.IPNetwork(next_ip_cidr).ip)
# Create incomplete ARP entry
self.peer.assert_no_ping(expected_ip)
# Wait for ping expiration
eventlet.sleep(1)
has_entry = has_expected_arp_entry(
self.peer.port.name,
self.peer.namespace,
expected_ip,
self.router.port.link.address)
self.assertFalse(has_entry)
self.router.port.addr.add(next_ip_cidr)
has_arp_entry_predicate = functools.partial(
has_expected_arp_entry,
self.peer.port.name,
self.peer.namespace,
expected_ip,
self.router.port.link.address,
)
exc = RuntimeError(
"No ARP entry in %s namespace containing IP address %s and MAC "
"address %s" % (
self.peer.namespace,
expected_ip,
self.router.port.link.address))
utils.wait_until_true(has_arp_entry_predicate, timeout=15,
exception=exc)
msg = ('Sent GARP to %(cidr)s from %(device)s' %
{'cidr': expected_ip, 'device': self.router.port.name})
self._search_in_file(self.log_file, msg)
def add_vlan_interface_and_peer(self, vlan, ip_cidr):
"""Create a sub_port and a peer
We create a sub_port that uses vlan as segmentation ID. In the vm
namespace we create a vlan subinterface on the same vlan.
A peer on the same network is created. When pinging from the peer
to the sub_port packets will be tagged using the internal vlan ID
of the network. The sub_port will remove that vlan tag and push the
vlan specified in the segmentation ID. The packets will finally reach
the vlan subinterface in the vm namespace.
"""
network = netaddr.IPNetwork(ip_cidr)
net_helpers.create_vlan_interface(self._vm.namespace,
self._vm.port.name,
self.vm_mac_address, network, vlan)
self._ip_vlan = str(network.ip)
ip_cidr = net_helpers.increment_ip_cidr(ip_cidr, 1)
self._peer2 = self.useFixture(
machine_fixtures.FakeMachine(self.bridge, ip_cidr))
def test_ping_floatingip_reply_with_floatingip(self):
router_info = self.generate_dvr_router_info()
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition("/")[0]
br_int = framework.get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(br_int, net_helpers.increment_ip_cidr(router_ip_cidr), router_ip)
).machines
dst_fip = "19.4.4.10"
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip, host=self.agent.conf.host)
router.process(self.agent)
# Verify that the ping replys with fip
ns_ip_wrapper = ip_lib.IPWrapper(src_machine.namespace)
result = ns_ip_wrapper.netns.execute(["ping", "-c", 1, "-W", 5, dst_fip])
self._assert_ping_reply_from_expected_address(result, dst_fip)
def add_vlan_interface_and_peer(self, vlan, ip_cidr):
"""Create a sub_port and a peer
We create a sub_port that uses vlan as segmentation ID. In the vm
namespace we create a vlan subinterface on the same vlan.
A peer on the same network is created. When pinging from the peer
to the sub_port packets will be tagged using the internal vlan ID
of the network. The sub_port will remove that vlan tag and push the
vlan specified in the segmentation ID. The packets will finally reach
the vlan subinterface in the vm namespace.
"""
ip_wrap = ip_lib.IPWrapper(self._vm.namespace)
dev_name = self._vm.port.name + ".%d" % vlan
ip_wrap.add_vlan(dev_name, self._vm.port.name, vlan)
dev = ip_wrap.device(dev_name)
dev.addr.add(ip_cidr)
dev.link.set_up()
self._ip_vlan = ip_cidr.partition('/')[0]
ip_cidr = net_helpers.increment_ip_cidr(ip_cidr, 1)
self._peer2 = self.useFixture(
machine_fixtures.FakeMachine(self.bridge, ip_cidr))
def add_vlan_interface_and_peer(self, vlan, ip_cidr):
"""Create a sub_port and a peer
We create a sub_port that uses vlan as segmentation ID. In the vm
namespace we create a vlan subinterface on the same vlan.
A peer on the same network is created. When pinging from the peer
to the sub_port packets will be tagged using the internal vlan ID
of the network. The sub_port will remove that vlan tag and push the
vlan specified in the segmentation ID. The packets will finally reach
the vlan subinterface in the vm namespace.
"""
ip_wrap = ip_lib.IPWrapper(self._vm.namespace)
dev_name = self._vm.port.name + ".%d" % vlan
ip_wrap.add_vlan(dev_name, self._vm.port.name, vlan)
dev = ip_wrap.device(dev_name)
dev.addr.add(ip_cidr)
dev.link.set_up()
self._ip_vlan = ip_cidr.partition('/')[0]
ip_cidr = net_helpers.increment_ip_cidr(ip_cidr, 1)
self._peer2 = self.useFixture(machine_fixtures.FakeMachine(
self.bridge, ip_cidr))
