def test_project_add_delete(self):
''' Validate that a new project can be added and deleted
1. Create new tenant using keystone and verify it and default SG
2. Delete tenant and verify
Pass criteria: Step 1 and 2 should pass
'''
result = True
project_name = get_random_name('project128')
user_fixture = self.useFixture(
UserFixture(connections=self.admin_connections,
username=self.inputs.admin_username,
password=self.inputs.admin_password))
project_fixture_obj = self.useFixture(
ProjectFixture(username=self.inputs.admin_username,
password=self.inputs.admin_password,
project_name=project_name,
connections=self.admin_connections,
domain_name=self.domain_name))
user_fixture.add_user_to_tenant(project_name,
self.inputs.admin_username, 'admin')
assert project_fixture_obj.verify_on_setup()
# Check if the default SG is present in it
domain_name = self.domain_name or self.connections.domain_name
try:
secgroup = self.vnc_lib.security_group_read(
fq_name=[domain_name, project_name, 'default'])
self.logger.info('Default SG is present in the new project')
except NoIdError:
assert False, "Default SG is not created in project %s" % (
project_name)
return result
def createUser(self):
if not ((self.topo.username == 'admin' or self.topo.username is None) and
(self.topo.project == 'admin')):
self.user_fixture = self.useFixture(
UserFixture(connections=self.connections,
username=self.topo.username,
password=self.topo.password))
return self
def test_basic_snat_behavior_with_fip_and_diff_projects(self):
project_name = get_random_name('project1')
user_fixture = self.useFixture(
UserFixture(connections=self.connections,
username='******',
password='******'))
project_fixture_obj = self.useFixture(
ProjectFixture(username=self.inputs.stack_user,
password=self.inputs.stack_password,
project_name=project_name,
connections=self.connections))
user_fixture.add_user_to_tenant(project_name, 'test_usr', 'admin')
assert project_fixture_obj.verify_on_setup()
project_name1 = get_random_name('project2')
user_fixture1 = self.useFixture(
UserFixture(connections=self.connections,
username='******',
password='******'))
project_fixture_obj1 = self.useFixture(
ProjectFixture(username=self.inputs.stack_user,
password=self.inputs.stack_password,
project_name=project_name1,
connections=self.connections))
user_fixture1.add_user_to_tenant(project_name1, 'test_usr1', 'admin')
assert project_fixture_obj1.verify_on_setup()
proj_connection = project_fixture_obj.get_project_connections(
'test_usr', 'testusr123')
proj_connection1 = project_fixture_obj1.get_project_connections(
'test_usr1', 'testusr1231')
vm1_name = get_random_name('vm1_vn1_private')
vn1_name = get_random_name('vn1_private')
vn1_subnets = [get_random_cidr()]
vm2_name = get_random_name('vm2_vn2_private')
vn2_name = get_random_name('vn2_private')
vn2_subnets = [get_random_cidr()]
vm3_name = get_random_name('public_vm')
self.allow_default_sg_to_allow_all_on_project(
self.admin_inputs.project_name)
self.allow_default_sg_to_allow_all_on_project(project_name1)
self.allow_default_sg_to_allow_all_on_project(project_name)
vn1_fixture = self.useFixture(
VNFixture(project_name=project_name1,
connections=proj_connection1,
vn_name=vn1_name,
inputs=proj_connection1.inputs,
subnets=vn1_subnets))
assert vn1_fixture.verify_on_setup()
vm1_fixture = self.useFixture(
VMFixture(project_name=project_name1,
connections=proj_connection1,
vn_obj=vn1_fixture.obj,
vm_name=vm1_name))
vm1_fixture.wait_till_vm_is_up()
vn2_fixture = self.useFixture(
VNFixture(project_name=project_name,
connections=proj_connection,
vn_name=vn2_name,
inputs=proj_connection.inputs,
subnets=vn2_subnets))
assert vn2_fixture.verify_on_setup()
vm2_fixture = self.useFixture(
VMFixture(project_name=project_name,
connections=proj_connection,
vn_obj=vn2_fixture.obj,
vm_name=vm2_name))
vm2_fixture.wait_till_vm_is_up()
vm3_fixture = self.useFixture(
VMFixture(project_name=self.admin_inputs.project_name,
connections=self.admin_connections,
vn_obj=self.public_vn_obj.public_vn_fixture.obj,
vm_name=vm3_name))
vm3_fixture.wait_till_vm_is_up()
router_name = get_random_name('router1')
router_dict = self.create_router(router_name,
connections=proj_connection1)
router_rsp = self.quantum_h.router_gateway_set(
router_dict['id'], self.public_vn_obj.public_vn_fixture.vn_id)
self.add_vn_to_router(router_dict['id'], vn1_fixture)
assert self.verify_snat(vm1_fixture)
router_name = get_random_name('router2')
router_dict = self.create_router(router_name,
connections=proj_connection)
router_rsp = self.quantum_h.router_gateway_set(
router_dict['id'], self.public_vn_obj.public_vn_fixture.vn_id)
self.add_vn_to_router(router_dict['id'], vn2_fixture)
assert self.verify_snat(vm2_fixture)
assert self.verify_snat_with_fip(self.public_vn_obj,
vm3_fixture,
vm1_fixture,
connections=self.admin_connections,
inputs=self.admin_inputs)
assert self.verify_snat_with_fip(self.public_vn_obj,
vm3_fixture,
vm1_fixture,
connections=self.admin_connections,
inputs=self.admin_inputs)
def test_vdns_with_diff_projs(self):
''' Test vdns with different projects
1. Create VDNS server object
2. Create two projects
3. Launch one IPAM using the VDNS server and launch one VN in each IPAM with policy to allow traffic betwwen VN's
4. Launch one VM in each VN, frame the expected DNS data for VM, one for 'A' record and another 'PTR' record and verify
5. Ping with VM name should pass
6. Ping between two VM's which are in different subnets by using name
Pass criteria: Step 4,5 and 6 should pass
Maintainer: [email protected] '''
project_list = ['project1', 'project2']
ipam_list = {'project1': 'ipam1', 'project2': 'ipam2'}
policy_list = {'project1': 'policy1', 'project2': 'policy2'}
vn_list = {'project1': 'vn1', 'project2': 'vn2'}
vn_nets = {'project1': ['10.10.10.0/24'],
'project2': ['20.20.20.0/24']}
vn_nets_woutsub = {'project1': '10.10.10.0', 'project2': '20.20.20.0'}
vm_list = {'project1': 'vm1', 'project2': 'vm2'}
proj_user = {'project1': 'user1', 'project2': 'user2'}
proj_pass = {'project1': 'user123', 'project2': 'user134'}
dns_server_name = 'vdns1'
domain_name = 'juniper.net'
ttl = 100
# VDNS creation
dns_data = VirtualDnsType(
domain_name=domain_name, dynamic_records_from_client=True,
default_ttl_seconds=ttl, record_order='random')
vdns_fixt1 = self.useFixture(VdnsFixture(
self.inputs, self.connections, vdns_name=dns_server_name, dns_data=dns_data))
result, msg = vdns_fixt1.verify_on_setup()
self.assertTrue(result, msg)
dns_server = IpamDnsAddressType(
virtual_dns_server_name=vdns_fixt1.vdns_fq_name)
ipam_mgmt_obj = IpamType(
ipam_dns_method='virtual-dns-server', ipam_dns_server=dns_server)
ipam_fixt = {}
vn_fixt = {}
vm_fix = {}
pol_fixt = {}
rules = {
'project1': [{'direction': '<>', 'protocol': 'any', 'dest_network': 'default-domain:project2:vn2', 'source_network': 'any', 'dst_ports': 'any', 'simple_action': 'pass', 'src_ports': 'any'}],
'project2': [{'direction': '<>', 'protocol': 'any', 'dest_network': 'default-domain:project1:vn1', 'source_network': 'any', 'dst_ports': 'any', 'simple_action': 'pass', 'src_ports': 'any'}]}
admin_ip = self.inputs
admin_con = self.connections
for proj in project_list:
# Project creation
user_fixture= self.useFixture(
UserFixture(
connections=self.connections, username=proj_user[proj], password=proj_pass[proj]))
project_fixture = self.useFixture(
ProjectFixture(
project_name=proj, username=self.inputs.admin_username,
password=self.inputs.admin_password, connections=admin_con))
user_fixture.add_user_to_tenant(proj, proj_user[proj] , 'admin')
project_fixture.set_user_creds(proj_user[proj], proj_pass[proj])
project_inputs = ContrailTestInit(
self.input_file, stack_user=project_fixture.project_username,
stack_password=project_fixture.project_user_password,
stack_tenant=proj, logger=self.logger)
project_connections = ContrailConnections(project_inputs, logger= self.logger)
self.logger.info(
'Default SG to be edited for allow all on project: %s' % proj)
project_fixture.set_sec_group_for_allow_all(proj, 'default')
# policy creation
pol_fixt[proj] = self.useFixture(PolicyFixture(policy_name=policy_list[
proj], inputs=project_inputs, connections=project_connections, rules_list=rules[proj]))
# Ipam creation
ipam_fixt[proj] = self.useFixture(
IPAMFixture(ipam_list[proj], vdns_obj=vdns_fixt1.obj, \
connections=project_connections, ipamtype=ipam_mgmt_obj))
# VN Creation
vn_fixt[proj] = self.useFixture(
VNFixture(project_name=proj, connections=project_connections,
vn_name=vn_list[proj], inputs=project_inputs, subnets=vn_nets[proj], ipam_fq_name=ipam_fixt[proj].getObj().get_fq_name(), policy_objs=[pol_fixt[proj].policy_obj]))
# VM creation
vm_fix[proj] = self.useFixture(
VMFixture(
project_name=proj, connections=project_connections, vn_obj=vn_fixt[
proj].obj,
vm_name=vm_list[proj]))
vm_fix[proj].verify_vm_launched()
vm_fix[proj].verify_on_setup()
vm_fix[proj].wait_till_vm_is_up()
msg = "Ping by using name %s is failed. Dns server should resolve VM name to IP" % (
vm_list[proj])
self.assertTrue(
vm_fix[proj].ping_with_certainty(ip=vm_list[proj]), msg)
vm_ip = vm_fix[proj].get_vm_ip_from_vm(
vn_fq_name=vm_fix[proj].vn_fq_name)
vm_rev_ip = vm_ip.split('.')
vm_rev_ip = '.'.join(
(vm_rev_ip[3], vm_rev_ip[2], vm_rev_ip[1], vm_rev_ip[0]))
vm_rev_ip = vm_rev_ip + '.in-addr.arpa'
rev_zone = vn_nets_woutsub[proj].split('.')
rev_zone = '.'.join((rev_zone[0], rev_zone[1], rev_zone[2]))
rev_zone = rev_zone + '.in-addr.arpa'
# Frame the Expected DNS data for VM, one for 'A' record and
# another 'PTR' record.
agent_inspect_h = self.agent_inspect[vm_fix[proj].vm_node_ip]
assigned_dns_ips = agent_inspect_h.get_vna_dns_server()
rec_name = vm_list[proj] + "." + domain_name
vm_dns_exp_data = [{'rec_data': vm_ip, 'rec_type': 'A', 'rec_class': 'IN', 'rec_ttl': str(
ttl), 'rec_name': rec_name, 'installed': 'yes', 'zone': domain_name}, {'rec_data': rec_name, 'rec_type': 'PTR', 'rec_class': 'IN', 'rec_ttl': str(ttl), 'rec_name': vm_rev_ip, 'installed': 'yes', 'zone': rev_zone}]
self.verify_vm_dns_data(vm_dns_exp_data, assigned_dns_ips[0])
vm_dns_exp_data = []
# ping between two vms which are in different subnets by using name.
self.assertTrue(vm_fix['project1'].ping_with_certainty(
ip=vm_list['project2']), "Ping with VM name failed for VDNS across the projects")
return True
def test_vdns_with_diff_zone(self):
''' Test vdns in different zones with multi projects '''
var_obj = self.InitForZoneTests()
vdns_fixt1 = {}
ipam_mgmt_obj = {}
for project in var_obj.project_list:
dns_server_name = var_obj.proj_vdns[project]
self.logger.info(
'Creating vdns server:%s in project:%s',
dns_server_name,
project)
domain_name = '%s.net' % (project)
ttl = 100
# VDNS creation
dns_data = VirtualDnsType(
domain_name=domain_name, dynamic_records_from_client=True,
default_ttl_seconds=ttl, record_order='random')
vdns_fixt1[project] = self.useFixture(
VdnsFixture(
self.inputs,
self.connections,
vdns_name=dns_server_name,
dns_data=dns_data))
result, msg = vdns_fixt1[project].verify_on_setup()
self.assertTrue(result, msg)
dns_server = IpamDnsAddressType(
virtual_dns_server_name=vdns_fixt1[project].vdns_fq_name)
ipam_mgmt_obj[project] = IpamType(
ipam_dns_method='virtual-dns-server',
ipam_dns_server=dns_server)
ipam_fixt = {}
vn_fixt = {}
vm_fix = {}
pol_fixt = {}
for proj in var_obj.project_list:
# User creation
user_fixture = self.useFixture(
UserFixture(
connections=self.admin_connections,
username=var_obj.proj_user[proj],
password=var_obj.proj_pass[proj]))
# Project creation
project_fixture = self.useFixture(
ProjectFixture(
project_name=proj,
username=var_obj.proj_user[proj],
password=var_obj.proj_pass[proj],
connections=self.admin_connections))
user_fixture.add_user_to_tenant(proj, var_obj.proj_user[proj], 'admin')
project_fixture.set_user_creds(var_obj.proj_user[proj], var_obj.proj_pass[proj])
project_inputs = ContrailTestInit(
self.ini_file,
stack_user=project_fixture.project_username,
stack_password=project_fixture.project_user_password,
stack_tenant=proj,
logger=self.logger)
project_connections = ContrailConnections(project_inputs,
logger=self.logger)
self.logger.info(
'Default SG to be edited for allow all on project: %s' % proj)
project_fixture.set_sec_group_for_allow_all(proj, 'default')
# Ipam creation
ipam_fixt[proj] = self.useFixture(IPAMFixture(var_obj.ipam_list[proj], vdns_obj= vdns_fixt1[proj].obj,
project_obj=project_fixture, ipamtype=ipam_mgmt_obj[proj]))
# VN Creation
vn_fixt[proj] = self.useFixture(
VNFixture(
project_name=proj,
connections=project_connections,
vn_name=var_obj.vn_list[proj],
inputs=project_inputs,
subnets=var_obj.vn_nets[proj],
ipam_fq_name=ipam_fixt[proj].getObj().get_fq_name()))
vn_quantum_obj = self.orch.get_vn_obj_if_present(vn_name=var_obj.vn_list[proj], project_id=project_fixture.uuid)
# VM creation
vm_fix[proj] = self.useFixture(
VMFixture(
project_name=proj,
connections=project_connections,
vn_obj=vn_quantum_obj,
vm_name=var_obj.vm_list[proj]))
vm_fix[proj].verify_vm_launched()
vm_fix[proj].verify_on_setup()
vm_fix[proj].wait_till_vm_is_up()
msg = "Ping by using name %s is failed. Dns server \
should resolve VM name to IP" % (var_obj.vm_list[proj])
self.assertTrue(
vm_fix[proj].ping_with_certainty(ip=var_obj.vm_list[proj]), msg)
vm_ip = vm_fix[proj].get_vm_ip_from_vm(
vn_fq_name=vm_fix[proj].vn_fq_name)
vm_rev_ip = vm_ip.split('.')
vm_rev_ip = '.'.join(
(vm_rev_ip[3], vm_rev_ip[2], vm_rev_ip[1], vm_rev_ip[0]))
vm_rev_ip = vm_rev_ip + '.in-addr.arpa'
rev_zone = var_obj.vn_nets[proj][0].split('/')[0].split('.')
rev_zone = '.'.join((rev_zone[0], rev_zone[1], rev_zone[2]))
rev_zone = rev_zone + '.in-addr.arpa'
# Frame the Expected DNS data for VM, one for 'A' record and
# another 'PTR' record.
domain_name = '%s.net' % (proj)
rec_name = var_obj.vm_list[proj] + "." + domain_name
agent_inspect_h = self.agent_inspect[vm_fix[proj].vm_node_ip]
assigned_dns_ips = agent_inspect_h.get_vna_discovered_dns_server()
vm_dns_exp_data = [{'rec_data': vm_ip,
'rec_type': 'A',
'rec_class': 'IN',
'rec_ttl': str(ttl),
'rec_name': rec_name,
'installed': 'yes',
'zone': domain_name},
{'rec_data': rec_name,
'rec_type': 'PTR',
'rec_class': 'IN',
'rec_ttl': str(ttl),
'rec_name': vm_rev_ip,
'installed': 'yes',
'zone': rev_zone}]
self.verify_vm_dns_data(vm_dns_exp_data, assigned_dns_ips[0])
vm_dns_exp_data = []
self.logger.info(
'Restart supervisor-config & supervisor-control and test ping')
for bgp_ip in self.inputs.bgp_ips:
self.inputs.restart_service('supervisor-control', [bgp_ip],
container='controller')
for cfgm_ip in self.inputs.cfgm_ips:
self.inputs.restart_service('supervisor-config', [cfgm_ip],
container='controller')
status_checker = ContrailStatusChecker(self.inputs)
self.logger.debug("Waiting for all the services to be UP")
assert status_checker.wait_till_contrail_cluster_stable()[0],\
"All services could not come UP after restart"
for proj in var_obj.project_list:
msg = "Ping by using name %s is failed. Dns server \
should resolve VM name to IP" % (var_obj.vm_list[proj])
self.assertTrue(
vm_fix[proj].ping_with_certainty(ip=var_obj.vm_list[proj]), msg)
return True
def test_quota_update_of_specific_tenant(self):
'''Quota update of one tenant should not affect
quota for other tenant
'''
result = True
quota_dict = {
'subnet': 3,
'router': 5,
'network': 3,
'floatingip': 4,
'port': 5,
'security_group': 4,
'security_group_rule': 6
}
project_name = get_random_name('project1')
user_fixture = self.useFixture(
UserFixture(connections=self.connections,
username='******',
password='******'))
project_fixture_obj = self.useFixture(
ProjectFixture(username=self.inputs.stack_user,
password=self.inputs.stack_password,
project_name=project_name,
vnc_lib_h=self.vnc_lib,
connections=self.connections))
user_fixture.add_user_to_tenant(project_name, 'test_usr', 'Member')
assert project_fixture_obj.verify_on_setup()
project_name1 = get_random_name('project2')
user_fixture1 = self.useFixture(
UserFixture(connections=self.connections,
username='******',
password='******'))
project_fixture_obj1 = self.useFixture(
ProjectFixture(username='******',
password='******',
project_name=project_name1,
vnc_lib_h=self.vnc_lib,
connections=self.connections))
user_fixture1.add_user_to_tenant(project_name1, 'test_usr1', 'Member')
assert project_fixture_obj1.verify_on_setup()
quota_show_dict1 = self.admin_connections.quantum_h.show_quota(
project_fixture_obj.uuid)
self.logger.info(
"Update quota for tenant %s to: \n %s by admin tenant " %
(project_fixture_obj1.inputs.project_name, quota_dict))
quota_rsp = self.admin_connections.quantum_h.update_quota(
project_fixture_obj1.uuid, quota_dict)
quota_show_dict = self.admin_connections.quantum_h.show_quota(
project_fixture_obj1.uuid)
for neutron_obj in quota_rsp['quota']:
if quota_rsp['quota'][neutron_obj] != quota_show_dict['quota'][
neutron_obj]:
self.logger.error(
"Quota update unsuccessful for %s for %s tenant " %
(neutron_obj, project_name1))
result = False
assert result, 'Quota update by admin tenant failed'
quota_show_dict2 = self.admin_connections.quantum_h.show_quota(
project_fixture_obj.uuid)
self.logger.info(
"Quota for tenant %s is updated to : \n %s " %
(project_fixture_obj1.inputs.project_name, quota_show_dict))
for neutron_obj in quota_show_dict2['quota']:
if quota_show_dict2['quota'][neutron_obj] != quota_show_dict1[
'quota'][neutron_obj]:
self.logger.error(
"Quota updated for %s for %s tenant not expected " %
(neutron_obj, project_name))
result = False
assert result, 'Quota update for %s by admin updated quota for %s also not expected' % (
project_name1, project_name)
self.logger.info(
"Quota for tenant %s is still set to : \n %s as expected" %
(project_fixture_obj.inputs.project_name, quota_show_dict1))