def __create_security_group(self):
"""
Configure OpenStack security groups.
Configures and deploys an OpenStack security group object
:return: the creator object
"""
sg_rules = list()
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name=self.sg_name,
direction=Direction.ingress,
protocol=Protocol.icmp))
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name=self.sg_name,
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=22,
port_range_max=22))
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name=self.sg_name,
direction=Direction.egress,
protocol=Protocol.tcp,
port_range_min=22,
port_range_max=22))
log = "Security group with name: '%s'" % self.sg_name
self.logger.info(log)
return deploy_utils.create_security_group(
self.os_creds,
SecurityGroupConfig(name=self.sg_name,
description=self.sg_desc,
rule_settings=sg_rules))
def create_security_group(self, sec_grp_name):
logger.info("Creating the security groups...")
rule_ping = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.icmp)
rule_ssh = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=22,
port_range_max=22)
rule_http = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=80,
port_range_max=80)
rules = [rule_ping, rule_ssh, rule_http]
secgroup_settings = SecurityGroupConfig(name=sec_grp_name,
rule_settings=rules)
sec_group_creator = OpenStackSecurityGroup(self.os_creds,
secgroup_settings)
sec_group = sec_group_creator.create()
self.creators.append(sec_group_creator)
return sec_group
def test_remove_rule_by_setting(self):
"""
Tests the creation of an OpenStack Security Group with two simple
custom rules then removes one by the rule setting object
"""
# Create Security Group
sec_grp_rule_settings = list()
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.ingress,
description='test_rule_1'))
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv6,
description='test_rule_2'))
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv4,
port_range_min=10,
port_range_max=20,
description='test_rule_3'))
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
rule_settings=sec_grp_rule_settings)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
self.sec_grp_creator.remove_rule(rule_setting=sec_grp_rule_settings[0])
rules_after_del = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(rules) - 1, len(rules_after_del))
def test_create_group_with_one_simple_rule(self):
"""
Tests the creation of an OpenStack Security Group with one simple
custom rule.
"""
# Create Security Group
sec_grp_rule_settings = list()
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.ingress,
description='test_rule_1'))
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
rule_settings=sec_grp_rule_settings)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
def create_security_group_config(neutron, security_group):
"""
Returns a SecurityGroupConfig object
:param neutron: the neutron client
:param security_group: a SNAPS-OO SecurityGroup domain object
:return:
"""
rules = neutron_utils.get_rules_by_security_group(neutron, security_group)
rule_settings = list()
for rule in rules:
rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=security_group.name,
description=rule.description,
direction=rule.direction,
ethertype=rule.ethertype,
port_range_min=rule.port_range_min,
port_range_max=rule.port_range_max,
protocol=rule.protocol,
remote_group_id=rule.remote_group_id,
remote_ip_prefix=rule.remote_ip_prefix))
return SecurityGroupConfig(name=security_group.name,
description=security_group.description,
rule_settings=rule_settings)
def test_config_name_and_direction(self):
settings = SecurityGroupRuleConfig(**{
'sec_grp_name': 'foo',
'direction': 'ingress'
})
self.assertEqual('foo', settings.sec_grp_name)
self.assertEqual(Direction.ingress, settings.direction)
def test_proto_null(self):
settings = SecurityGroupRuleConfig(**{
'sec_grp_name': 'foo',
'direction': 'ingress',
'protocol': 'null'
})
self.assertEqual('foo', settings.sec_grp_name)
self.assertEqual(Direction.ingress, settings.direction)
self.assertEqual(Protocol.null, settings.protocol)
def prepare_security_groups(self):
"""Create Open Baton security group if it doesn't exist yet"""
self.logger.info(
"Creating security group for Open Baton if not yet existing...")
sg_rules = list()
sg_rules.append(
SecurityGroupRuleConfig(
sec_grp_name="orchestra-sec-group-allowall",
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=1,
port_range_max=65535))
sg_rules.append(
SecurityGroupRuleConfig(
sec_grp_name="orchestra-sec-group-allowall",
direction=Direction.egress,
protocol=Protocol.tcp,
port_range_min=1,
port_range_max=65535))
sg_rules.append(
SecurityGroupRuleConfig(
sec_grp_name="orchestra-sec-group-allowall",
direction=Direction.ingress,
protocol=Protocol.udp,
port_range_min=1,
port_range_max=65535))
sg_rules.append(
SecurityGroupRuleConfig(
sec_grp_name="orchestra-sec-group-allowall",
direction=Direction.egress,
protocol=Protocol.udp,
port_range_min=1,
port_range_max=65535))
security_group = OpenStackSecurityGroup(
self.snaps_creds,
SecurityGroupConfig(name="orchestra-sec-group-allowall",
rule_settings=sg_rules))
security_group_info = security_group.create()
self.created_resources.append(security_group)
self.mano['details']['sec_group'] = security_group_info.name
self.logger.info(
"Security group orchestra-sec-group-allowall prepared")
def test_all(self):
rule_settings = list()
rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name='bar',
direction=Direction.egress,
description='test_rule_1'))
rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name='bar',
direction=Direction.ingress,
description='test_rule_2'))
settings = SecurityGroupConfig(name='bar',
description='fubar',
project_name='foo',
rule_settings=rule_settings)
self.assertEqual('bar', settings.name)
self.assertEqual('fubar', settings.description)
self.assertEqual('foo', settings.project_name)
self.assertEqual(rule_settings[0], settings.rule_settings[0])
self.assertEqual(rule_settings[1], settings.rule_settings[1])
def _add_custom_rule(self, sec_grp_name):
""" To add custom rule for SCTP Traffic """
sec_grp_rules = list()
sec_grp_rules.append(
SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.sctp))
security_group = OpenStackSecurityGroup(
self.snaps_creds,
SecurityGroupConfig(name=sec_grp_name,
rule_settings=sec_grp_rules))
security_group.create()
self.created_object.append(security_group)
def test_all(self):
settings = SecurityGroupRuleConfig(sec_grp_name='foo',
description='fubar',
direction=Direction.egress,
remote_group_id='rgi',
protocol=Protocol.icmp,
ethertype=Ethertype.IPv6,
port_range_min=1,
port_range_max=2,
remote_ip_prefix='prfx')
self.assertEqual('foo', settings.sec_grp_name)
self.assertEqual('fubar', settings.description)
self.assertEqual(Direction.egress, settings.direction)
self.assertEqual('rgi', settings.remote_group_id)
self.assertEqual(Protocol.icmp, settings.protocol)
self.assertEqual(Ethertype.IPv6, settings.ethertype)
self.assertEqual(1, settings.port_range_min)
self.assertEqual(2, settings.port_range_max)
self.assertEqual('prfx', settings.remote_ip_prefix)
def __generate_rule_setting(self, rule):
"""
Creates a SecurityGroupRuleConfig object for a given rule
:param rule: the rule from which to create the
SecurityGroupRuleConfig object
:return: the newly instantiated SecurityGroupRuleConfig object
"""
sec_grp = neutron_utils.get_security_group_by_id(
self._neutron, rule.security_group_id)
setting = SecurityGroupRuleConfig(
description=rule.description,
direction=rule.direction,
ethertype=rule.ethertype,
port_range_min=rule.port_range_min,
port_range_max=rule.port_range_max,
protocol=rule.protocol,
remote_group_id=rule.remote_group_id,
remote_ip_prefix=rule.remote_ip_prefix,
sec_grp_name=sec_grp.name)
return setting
def test_config_all(self):
settings = SecurityGroupRuleConfig(
**{
'sec_grp_name': 'foo',
'description': 'fubar',
'direction': 'egress',
'remote_group_id': 'rgi',
'protocol': 'tcp',
'ethertype': 'IPv6',
'port_range_min': 1,
'port_range_max': 2,
'remote_ip_prefix': 'prfx'
})
self.assertEqual('foo', settings.sec_grp_name)
self.assertEqual('fubar', settings.description)
self.assertEqual(Direction.egress, settings.direction)
self.assertEqual('rgi', settings.remote_group_id)
self.assertEqual(Protocol.tcp, settings.protocol)
self.assertEqual(Ethertype.IPv6, settings.ethertype)
self.assertEqual(1, settings.port_range_min)
self.assertEqual(2, settings.port_range_max)
self.assertEqual('prfx', settings.remote_ip_prefix)
def test_vnf(self):
"""Run IXIA Stress test on clearwater ims instance."""
start_time = time.time()
cfy_client = self.orchestrator['object']
outputs = cfy_client.deployments.outputs.get(
self.vnf['descriptor'].get('name'))['outputs']
dns_ip = outputs['dns_ip']
ellis_ip = outputs['ellis_ip']
self.__logger.info("Creating full IXIA network ...")
subnet_settings = SubnetConfig(name='ixia_management_subnet',
cidr='10.10.10.0/24',
dns_nameservers=[env.get('NAMESERVER')])
network_settings = NetworkConfig(name='ixia_management_network',
subnet_settings=[subnet_settings])
network_creator = OpenStackNetwork(self.snaps_creds, network_settings)
network_creator.create()
self.created_object.append(network_creator)
ext_net_name = snaps_utils.get_ext_net_name(self.snaps_creds)
router_creator = OpenStackRouter(
self.snaps_creds,
RouterConfig(name='ixia_management_router',
external_gateway=ext_net_name,
internal_subnets=[subnet_settings.name]))
router_creator.create()
self.created_object.append(router_creator)
# security group creation
self.__logger.info("Creating security groups for IXIA VMs")
sg_rules = list()
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name="ixia_management",
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=1,
port_range_max=65535))
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name="ixia_management",
direction=Direction.ingress,
protocol=Protocol.udp,
port_range_min=1,
port_range_max=65535))
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name="ixia_management",
direction=Direction.ingress,
protocol=Protocol.icmp))
ixia_managment_sg_settings = SecurityGroupConfig(
name="ixia_management", rule_settings=sg_rules)
securit_group_creator = OpenStackSecurityGroup(
self.snaps_creds, ixia_managment_sg_settings)
securit_group_creator.create()
self.created_object.append(securit_group_creator)
sg_rules = list()
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name="ixia_ssh_http",
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=1,
port_range_max=65535))
ixia_ssh_http_sg_settings = SecurityGroupConfig(name="ixia_ssh_http",
rule_settings=sg_rules)
securit_group_creator = OpenStackSecurityGroup(
self.snaps_creds, ixia_ssh_http_sg_settings)
securit_group_creator.create()
self.created_object.append(securit_group_creator)
chassis_flavor_settings = FlavorConfig(name="ixia_vChassis",
ram=4096,
disk=40,
vcpus=2)
flavor_creator = OpenStackFlavor(self.snaps_creds,
chassis_flavor_settings)
flavor_creator.create()
self.created_object.append(flavor_creator)
card_flavor_settings = FlavorConfig(name="ixia_vCard",
ram=4096,
disk=4,
vcpus=2)
flavor_creator = OpenStackFlavor(self.snaps_creds,
card_flavor_settings)
flavor_creator.create()
self.created_object.append(flavor_creator)
load_flavor_settings = FlavorConfig(name="ixia_vLoad",
ram=8192,
disk=100,
vcpus=4)
flavor_creator = OpenStackFlavor(self.snaps_creds,
load_flavor_settings)
flavor_creator.create()
self.created_object.append(flavor_creator)
chassis_image_settings = ImageConfig(
name=self.test['requirements']['chassis']['image'],
image_user='******',
exists=True)
card_image_settings = ImageConfig(
name=self.test['requirements']['card']['image'],
image_user='******',
exists=True)
load_image_settings = ImageConfig(
name=self.test['requirements']['load']['image'],
image_user='******',
exists=True)
chassis_port_settings = PortConfig(name='ixia_chassis_port',
network_name=network_settings.name)
card1_port1_settings = PortConfig(name='ixia_card1_port1',
network_name=network_settings.name)
card2_port1_settings = PortConfig(name='ixia_card2_port1',
network_name=network_settings.name)
card1_port2_settings = PortConfig(name='ixia_card1_port2',
network_name="cloudify_ims_network")
card2_port2_settings = PortConfig(name='ixia_card2_port2',
network_name="cloudify_ims_network")
load_port_settings = PortConfig(name='ixia_load_port',
network_name=network_settings.name)
chassis_settings = VmInstanceConfig(
name='ixia_vChassis',
flavor=chassis_flavor_settings.name,
port_settings=[chassis_port_settings],
security_group_names=[
ixia_ssh_http_sg_settings.name, ixia_managment_sg_settings.name
],
floating_ip_settings=[
FloatingIpConfig(
name='ixia_vChassis_fip',
port_name=chassis_port_settings.name,
router_name=router_creator.router_settings.name)
])
vm_creator = OpenStackVmInstance(self.snaps_creds, chassis_settings,
chassis_image_settings)
self.__logger.info("Creating Ixia vChassis VM")
vm_creator.create()
fip_chassis = vm_creator.get_floating_ip().ip
self.created_object.append(vm_creator)
card1_settings = VmInstanceConfig(
name='ixia_vCard1',
flavor=card_flavor_settings.name,
port_settings=[card1_port1_settings, card1_port2_settings],
security_group_names=[ixia_managment_sg_settings.name])
vm_creator = OpenStackVmInstance(self.snaps_creds, card1_settings,
card_image_settings)
self.__logger.info("Creating Ixia vCard1 VM")
vm_creator.create()
vcard_ips = list()
vcard_ips_p2 = list()
vcard_ips.append(vm_creator.get_port_ip('ixia_card1_port1'))
vcard_ips_p2.append(vm_creator.get_port_ip('ixia_card1_port2'))
self.created_object.append(vm_creator)
card2_settings = VmInstanceConfig(
name='ixia_vCard2',
flavor=card_flavor_settings.name,
port_settings=[card2_port1_settings, card2_port2_settings],
security_group_names=[ixia_managment_sg_settings.name])
vm_creator = OpenStackVmInstance(self.snaps_creds, card2_settings,
card_image_settings)
self.__logger.info("Creating Ixia vCard2 VM")
vm_creator.create()
vcard_ips.append(vm_creator.get_port_ip('ixia_card2_port1'))
vcard_ips_p2.append(vm_creator.get_port_ip('ixia_card2_port2'))
self.created_object.append(vm_creator)
load_settings = VmInstanceConfig(
name='ixia_vLoad',
flavor=load_flavor_settings.name,
port_settings=[load_port_settings],
security_group_names=[
ixia_ssh_http_sg_settings.name, ixia_managment_sg_settings.name
],
floating_ip_settings=[
FloatingIpConfig(
name='ixia_vLoad_fip',
port_name=load_port_settings.name,
router_name=router_creator.router_settings.name)
])
vm_creator = OpenStackVmInstance(self.snaps_creds, load_settings,
load_image_settings)
self.__logger.info("Creating Ixia vLoad VM")
vm_creator.create()
fip_load = vm_creator.get_floating_ip().ip
self.created_object.append(vm_creator)
self.__logger.info("Chassis IP is: %s", fip_chassis)
login_url = "https://" + str(fip_chassis) + "/api/v1/auth/session"
cards_url = "https://" + str(fip_chassis) + "/api/v2/ixos/cards/"
payload = json.dumps({
"username": "******",
"password": "******",
"rememberMe": "false"
})
api_key = json.loads(
(IxChassisUtils.ChassisRestAPI.postWithPayload(login_url,
payload)))["apiKey"]
self.__logger.info("Adding 2 card back inside the ixia chassis...")
for ip in vcard_ips:
payload = {"ipAddress": str(ip)}
response = json.loads(
IxChassisUtils.ChassisRestAPI.postOperation(
cards_url, api_key, payload))
count = 0
while (int(
IxChassisUtils.ChassisRestAPI.getWithHeaders(
response['url'], api_key)['progress']) != 100):
self.__logger.debug("Operation did not finish yet. \
Waiting for 1 more second..")
time.sleep(1)
if count > 60:
raise Exception("Adding card take more than 60 seconds")
count += 1
ssh = paramiko.SSHClient()
ssh.set_missing_host_key_policy(paramiko.MissingHostKeyPolicy())
ssh.connect(fip_chassis, username="******", password="******")
cmd = "set license-check disable"
run_blocking_ssh_command(ssh, cmd)
cmd = "restart-service ixServer"
run_blocking_ssh_command(ssh, cmd)
self.config_ellis(ellis_ip)
# Get IPs of P-CSCF
resolver = dns.resolver.Resolver()
resolver.nameservers = [dns_ip]
result = resolver.query("bono.clearwater.local")
iplistims = ''
i = 0
for rdata in result:
i = i + 1
print rdata.address
iplistims += str(rdata.address)
if i != len(result):
iplistims += ';'
kResourcesUrl = 'http://%s:%s/api/v0/resources' % (fip_load, 8080)
kRxfPath = r"REG_CALL_OPNFV_v13.rxf"
test_filname = self.test['inputs']['test_filname']
kGatewaySharedFolder = '/mnt/ixload-share/'
kRxfRelativeUploadPath = 'uploads/%s' % os.path.split(kRxfPath)[1]
kRxfAbsoluteUploadPath = os.path.join(kGatewaySharedFolder,
kRxfRelativeUploadPath)
kChassisList = [str(fip_chassis)]
dataFileNameList = [
test_filname, 'Registration_only_LPS.tst', 'SIPCall.tst'
]
kPortListPerCommunityCommunity = {
"VoIP1@VM1": [(1, 1, 1)],
"VoIP2@VM2": [(1, 2, 1)]
}
kStatsToDisplayDict = self.test['inputs']['stats']
connection = IxRestUtils.getConnection(fip_load, 8080)
self.__logger.info("Creating a new session...")
sessionUrl = IxLoadUtils.createSession(connection,
self.test['version'])
license_server = self.test['inputs']['licenseServer']
IxLoadUtils.configureLicenseServer(connection, sessionUrl,
license_server)
files_dir = os.path.join(self.case_dir, 'ixia/files')
target_file = open(os.path.join(files_dir, test_filname), 'w')
j2_env = Environment(loader=FileSystemLoader(files_dir),
trim_blocks=True)
self.test['inputs'].update(
dict(ipchassis=fip_chassis,
ipcard1=vcard_ips_p2[0],
ipcard2=vcard_ips_p2[1],
iplistims=iplistims))
target_file.write(
j2_env.get_template(test_filname + '.template').render(
self.test['inputs']))
target_file.close()
self.__logger.info('Uploading files %s...' % kRxfPath)
for dataFile in dataFileNameList:
localFilePath = os.path.join(files_dir, dataFile)
remoteFilePath = os.path.join(kGatewaySharedFolder,
'uploads/%s' % dataFile)
IxLoadUtils.uploadFile(connection, kResourcesUrl, localFilePath,
remoteFilePath)
self.__logger.info('Upload file finished.')
self.__logger.info("Loading repository %s..." % kRxfAbsoluteUploadPath)
IxLoadUtils.loadRepository(connection, sessionUrl,
kRxfAbsoluteUploadPath)
self.__logger.info("Clearing chassis list...")
IxLoadUtils.clearChassisList(connection, sessionUrl)
self.__logger.info("Adding chassis %s..." % (kChassisList))
IxLoadUtils.addChassisList(connection, sessionUrl, kChassisList)
self.__logger.info("Assigning new ports...")
IxLoadUtils.assignPorts(connection, sessionUrl,
kPortListPerCommunityCommunity)
self.__logger.info("Starting the test...")
IxLoadUtils.runTest(connection, sessionUrl)
self.__logger.info("Polling values for stats %s..." %
(kStatsToDisplayDict))
result = IxLoadUtils.pollStats(connection, sessionUrl,
kStatsToDisplayDict)
self.__logger.info("Test finished.")
self.__logger.info("Checking test status...")
testRunError = IxLoadUtils.getTestRunError(connection, sessionUrl)
self.__logger.info(result)
duration = time.time() - start_time
self.details['test_vnf'].update(status='PASS',
result=result,
duration=duration)
if testRunError:
self.__logger.info("The test exited with following error: %s" %
(testRunError))
self.details['test_vnf'].update(status='FAIL', duration=duration)
return False
else:
self.__logger.info("The test completed successfully.")
self.details['test_vnf'].update(status='PASS', duration=duration)
self.result += 1 / 3 * 100
return True
def setUp(self):
"""
Instantiates the CreateImage object that is responsible for downloading
and creating an OS image file within OpenStack
"""
super(self.__class__, self).__start__()
self.nova = nova_utils.nova_client(self.os_creds, self.os_session)
guid = self.__class__.__name__ + '-' + str(uuid.uuid4())
self.keypair_priv_filepath = 'tmp/' + guid
self.keypair_pub_filepath = self.keypair_priv_filepath + '.pub'
self.keypair_name = guid + '-kp'
self.vm_inst_name = guid + '-inst'
self.test_file_local_path = 'tmp/' + guid + '-hello.txt'
self.port_1_name = guid + '-port-1'
self.port_2_name = guid + '-port-2'
self.floating_ip_name = guid + 'fip1'
# Setup members to cleanup just in case they don't get created
self.inst_creator = None
self.keypair_creator = None
self.sec_grp_creator = None
self.flavor_creator = None
self.router_creator = None
self.network_creator = None
self.image_creator = None
try:
# Create Image
os_image_settings = openstack_tests.ubuntu_image_settings(
name=guid + '-' + '-image', image_metadata=self.image_metadata)
self.image_creator = create_image.OpenStackImage(
self.os_creds, os_image_settings)
self.image_creator.create()
# First network is public
self.pub_net_config = openstack_tests.get_pub_net_config(
project_name=self.os_creds.project_name,
net_name=guid + '-pub-net',
mtu=1442,
subnet_name=guid + '-pub-subnet',
router_name=guid + '-pub-router',
external_net=self.ext_net_name)
self.network_creator = create_network.OpenStackNetwork(
self.os_creds, self.pub_net_config.network_settings)
self.network_creator.create()
# Create routers
self.router_creator = create_router.OpenStackRouter(
self.os_creds, self.pub_net_config.router_settings)
self.router_creator.create()
# Create Flavor
flavor_config = openstack_tests.get_flavor_config(
name=guid + '-flavor-name',
ram=2048,
disk=10,
vcpus=2,
metadata=self.flavor_metadata)
self.flavor_creator = create_flavor.OpenStackFlavor(
self.admin_os_creds, flavor_config)
self.flavor_creator.create()
# Create Key/Pair
self.keypair_creator = create_keypairs.OpenStackKeypair(
self.os_creds,
KeypairConfig(name=self.keypair_name,
public_filepath=self.keypair_pub_filepath,
private_filepath=self.keypair_priv_filepath))
self.keypair_creator.create()
# Create Security Group
sec_grp_name = guid + '-sec-grp'
rule1 = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.icmp)
rule2 = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=22,
port_range_max=22)
self.sec_grp_creator = OpenStackSecurityGroup(
self.os_creds,
SecurityGroupConfig(name=sec_grp_name,
rule_settings=[rule1, rule2]))
self.sec_grp_creator.create()
# Create instance
ports_settings = list()
ports_settings.append(
PortConfig(
name=self.port_1_name,
network_name=self.pub_net_config.network_settings.name))
instance_settings = VmInstanceConfig(
name=self.vm_inst_name,
flavor=self.flavor_creator.flavor_settings.name,
port_settings=ports_settings,
floating_ip_settings=[
FloatingIpConfig(
name=self.floating_ip_name,
port_name=self.port_1_name,
router_name=self.pub_net_config.router_settings.name)
])
self.inst_creator = create_instance.OpenStackVmInstance(
self.os_creds,
instance_settings,
self.image_creator.image_settings,
keypair_settings=self.keypair_creator.keypair_settings)
except:
self.tearDown()
raise
def deploy_orchestrator(self):
"""
Deploy Cloudify Manager.
network, security group, fip, VM creation
"""
# network creation
start_time = time.time()
self.__logger.info("Creating keypair ...")
kp_file = os.path.join(self.data_dir, "cloudify_ims.pem")
keypair_settings = KeypairConfig(name='cloudify_ims_kp',
private_filepath=kp_file)
keypair_creator = OpenStackKeypair(self.snaps_creds, keypair_settings)
keypair_creator.create()
self.created_object.append(keypair_creator)
self.__logger.info("Creating full network ...")
subnet_settings = SubnetConfig(name='cloudify_ims_subnet',
cidr='10.67.79.0/24')
network_settings = NetworkConfig(name='cloudify_ims_network',
subnet_settings=[subnet_settings])
network_creator = OpenStackNetwork(self.snaps_creds, network_settings)
network_creator.create()
self.created_object.append(network_creator)
ext_net_name = snaps_utils.get_ext_net_name(self.snaps_creds)
router_creator = OpenStackRouter(
self.snaps_creds,
RouterConfig(name='cloudify_ims_router',
external_gateway=ext_net_name,
internal_subnets=[subnet_settings.name]))
router_creator.create()
self.created_object.append(router_creator)
# security group creation
self.__logger.info("Creating security group for cloudify manager vm")
sg_rules = list()
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name="sg-cloudify-manager",
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=1,
port_range_max=65535))
sg_rules.append(
SecurityGroupRuleConfig(sec_grp_name="sg-cloudify-manager",
direction=Direction.ingress,
protocol=Protocol.udp,
port_range_min=1,
port_range_max=65535))
securit_group_creator = OpenStackSecurityGroup(
self.snaps_creds,
SecurityGroupConfig(name="sg-cloudify-manager",
rule_settings=sg_rules))
securit_group_creator.create()
self.created_object.append(securit_group_creator)
# orchestrator VM flavor
self.__logger.info("Get or create flavor for cloudify manager vm ...")
flavor_settings = FlavorConfig(
name=self.orchestrator['requirements']['flavor']['name'],
ram=self.orchestrator['requirements']['flavor']['ram_min'],
disk=50,
vcpus=2)
flavor_creator = OpenStackFlavor(self.snaps_creds, flavor_settings)
flavor_creator.create()
self.created_object.append(flavor_creator)
image_settings = ImageConfig(
name=self.orchestrator['requirements']['os_image'],
image_user='******',
exists=True)
port_settings = PortConfig(name='cloudify_manager_port',
network_name=network_settings.name)
manager_settings = VmInstanceConfig(
name='cloudify_manager',
flavor=flavor_settings.name,
port_settings=[port_settings],
security_group_names=[securit_group_creator.sec_grp_settings.name],
floating_ip_settings=[
FloatingIpConfig(
name='cloudify_manager_fip',
port_name=port_settings.name,
router_name=router_creator.router_settings.name)
])
manager_creator = OpenStackVmInstance(self.snaps_creds,
manager_settings, image_settings,
keypair_settings)
self.__logger.info("Creating cloudify manager VM")
manager_creator.create()
self.created_object.append(manager_creator)
public_auth_url = keystone_utils.get_endpoint(self.snaps_creds,
'identity')
self.__logger.info("Set creds for cloudify manager")
cfy_creds = dict(keystone_username=self.snaps_creds.username,
keystone_password=self.snaps_creds.password,
keystone_tenant_name=self.snaps_creds.project_name,
keystone_url=public_auth_url)
cfy_client = CloudifyClient(host=manager_creator.get_floating_ip().ip,
username='******',
password='******',
tenant='default_tenant')
self.orchestrator['object'] = cfy_client
self.__logger.info("Attemps running status of the Manager")
cfy_status = None
retry = 10
while str(cfy_status) != 'running' and retry:
try:
cfy_status = cfy_client.manager.get_status()['status']
self.__logger.debug("The current manager status is %s",
cfy_status)
except Exception: # pylint: disable=broad-except
self.__logger.warning("Cloudify Manager isn't " +
"up and running. Retrying ...")
retry = retry - 1
time.sleep(30)
if str(cfy_status) == 'running':
self.__logger.info("Cloudify Manager is up and running")
else:
raise Exception("Cloudify Manager isn't up and running")
self.__logger.info("Put OpenStack creds in manager")
secrets_list = cfy_client.secrets.list()
for k, val in cfy_creds.iteritems():
if not any(d.get('key', None) == k for d in secrets_list):
cfy_client.secrets.create(k, val)
else:
cfy_client.secrets.update(k, val)
duration = time.time() - start_time
self.__logger.info("Put private keypair in manager")
if manager_creator.vm_ssh_active(block=True):
ssh = manager_creator.ssh_client()
scp = SCPClient(ssh.get_transport(), socket_timeout=15.0)
scp.put(kp_file, '~/')
cmd = "sudo cp ~/cloudify_ims.pem /etc/cloudify/"
run_blocking_ssh_command(ssh, cmd)
cmd = "sudo chmod 444 /etc/cloudify/cloudify_ims.pem"
run_blocking_ssh_command(ssh, cmd)
cmd = "sudo yum install -y gcc python-devel"
run_blocking_ssh_command(
ssh, cmd, "Unable to install packages \
on manager")
self.details['orchestrator'].update(status='PASS', duration=duration)
self.vnf['inputs'].update(
dict(external_network_name=ext_net_name,
network_name=network_settings.name))
self.result = 1 / 3 * 100
return True
def deploy_orchestrator(self):
# pylint: disable=too-many-locals,too-many-statements
"""
Deploy Cloudify Manager.
network, security group, fip, VM creation
"""
start_time = time.time()
# orchestrator VM flavor
self.__logger.info("Get or create flavor for cloudify manager vm ...")
flavor_settings = FlavorConfig(
name="{}-{}".format(
self.orchestrator['requirements']['flavor']['name'],
self.uuid),
ram=self.orchestrator['requirements']['flavor']['ram_min'],
disk=50,
vcpus=2)
flavor_creator = OpenStackFlavor(self.snaps_creds, flavor_settings)
flavor_creator.create()
self.created_object.append(flavor_creator)
self.__logger.info("Creating a second user to bypass issues ...")
user_creator = OpenStackUser(
self.snaps_creds,
UserConfig(
name='cloudify_network_bug-{}'.format(self.uuid),
password=str(uuid.uuid4()),
project_name=self.tenant_name,
domain_name=self.snaps_creds.user_domain_name,
roles={'_member_': self.tenant_name}))
user_creator.create()
self.created_object.append(user_creator)
snaps_creds = user_creator.get_os_creds(self.snaps_creds.project_name)
self.__logger.debug("snaps creds: %s", snaps_creds)
self.__logger.info("Creating keypair ...")
kp_file = os.path.join(self.data_dir, "cloudify_ims.pem")
keypair_settings = KeypairConfig(
name='cloudify_ims_kp-{}'.format(self.uuid),
private_filepath=kp_file)
keypair_creator = OpenStackKeypair(snaps_creds, keypair_settings)
keypair_creator.create()
self.created_object.append(keypair_creator)
# needs some images
self.__logger.info("Upload some OS images if it doesn't exist")
for image_name, image_file in self.images.iteritems():
self.__logger.info("image: %s, file: %s", image_name, image_file)
if image_file and image_name:
image_creator = OpenStackImage(
snaps_creds,
ImageConfig(
name=image_name, image_user='******',
img_format='qcow2', image_file=image_file))
image_creator.create()
self.created_object.append(image_creator)
# network creation
self.__logger.info("Creating full network ...")
subnet_settings = SubnetConfig(
name='cloudify_ims_subnet-{}'.format(self.uuid),
cidr='10.67.79.0/24',
dns_nameservers=[env.get('NAMESERVER')])
network_settings = NetworkConfig(
name='cloudify_ims_network-{}'.format(self.uuid),
subnet_settings=[subnet_settings])
network_creator = OpenStackNetwork(snaps_creds, network_settings)
network_creator.create()
self.created_object.append(network_creator)
ext_net_name = snaps_utils.get_ext_net_name(snaps_creds)
router_creator = OpenStackRouter(
snaps_creds,
RouterConfig(
name='cloudify_ims_router-{}'.format(self.uuid),
external_gateway=ext_net_name,
internal_subnets=[subnet_settings.name]))
router_creator.create()
self.created_object.append(router_creator)
# security group creation
self.__logger.info("Creating security group for cloudify manager vm")
sg_rules = list()
sg_rules.append(
SecurityGroupRuleConfig(
sec_grp_name="sg-cloudify-manager-{}".format(self.uuid),
direction=Direction.ingress, protocol=Protocol.tcp,
port_range_min=1, port_range_max=65535))
sg_rules.append(
SecurityGroupRuleConfig(
sec_grp_name="sg-cloudify-manager-{}".format(self.uuid),
direction=Direction.ingress, protocol=Protocol.udp,
port_range_min=1, port_range_max=65535))
security_group_creator = OpenStackSecurityGroup(
snaps_creds,
SecurityGroupConfig(
name="sg-cloudify-manager-{}".format(self.uuid),
rule_settings=sg_rules))
security_group_creator.create()
self.created_object.append(security_group_creator)
image_settings = ImageConfig(
name=self.orchestrator['requirements']['os_image'],
image_user='******',
exists=True)
port_settings = PortConfig(
name='cloudify_manager_port-{}'.format(self.uuid),
network_name=network_settings.name)
manager_settings = VmInstanceConfig(
name='cloudify_manager-{}'.format(self.uuid),
flavor=flavor_settings.name,
port_settings=[port_settings],
security_group_names=[
security_group_creator.sec_grp_settings.name],
floating_ip_settings=[FloatingIpConfig(
name='cloudify_manager_fip-{}'.format(self.uuid),
port_name=port_settings.name,
router_name=router_creator.router_settings.name)])
manager_creator = OpenStackVmInstance(
snaps_creds, manager_settings, image_settings,
keypair_settings)
self.__logger.info("Creating cloudify manager VM")
manager_creator.create()
self.created_object.append(manager_creator)
public_auth_url = keystone_utils.get_endpoint(snaps_creds, 'identity')
cfy_creds = dict(
keystone_username=snaps_creds.username,
keystone_password=snaps_creds.password,
keystone_tenant_name=snaps_creds.project_name,
keystone_url=public_auth_url,
region=snaps_creds.region_name,
user_domain_name=snaps_creds.user_domain_name,
project_domain_name=snaps_creds.project_domain_name)
self.__logger.info("Set creds for cloudify manager %s", cfy_creds)
cfy_client = CloudifyClient(
host=manager_creator.get_floating_ip().ip,
username='******', password='******', tenant='default_tenant')
self.orchestrator['object'] = cfy_client
self.__logger.info("Attemps running status of the Manager")
for loop in range(10):
try:
self.__logger.debug(
"status %s", cfy_client.manager.get_status())
cfy_status = cfy_client.manager.get_status()['status']
self.__logger.info(
"The current manager status is %s", cfy_status)
if str(cfy_status) != 'running':
raise Exception("Cloudify Manager isn't up and running")
self.__logger.info("Put OpenStack creds in manager")
secrets_list = cfy_client.secrets.list()
for k, val in cfy_creds.iteritems():
if not any(d.get('key', None) == k for d in secrets_list):
cfy_client.secrets.create(k, val)
else:
cfy_client.secrets.update(k, val)
break
except Exception: # pylint: disable=broad-except
self.logger.info(
"try %s: Cloudify Manager isn't up and running", loop + 1)
time.sleep(30)
else:
self.logger.error("Cloudify Manager isn't up and running")
return False
duration = time.time() - start_time
if manager_creator.vm_ssh_active(block=True):
self.__logger.info("Put private keypair in manager")
ssh = manager_creator.ssh_client()
scp = SCPClient(ssh.get_transport(), socket_timeout=15.0)
scp.put(kp_file, '~/')
cmd = "sudo cp ~/cloudify_ims.pem /etc/cloudify/"
self.run_blocking_ssh_command(ssh, cmd)
cmd = "sudo chmod 444 /etc/cloudify/cloudify_ims.pem"
self.run_blocking_ssh_command(ssh, cmd)
# cmd2 is badly unpinned by Cloudify
cmd = "sudo yum install -y gcc python-devel python-cmd2"
self.run_blocking_ssh_command(
ssh, cmd, "Unable to install packages on manager")
self.run_blocking_ssh_command(ssh, 'cfy status')
else:
self.__logger.error("Cannot connect to manager")
return False
self.details['orchestrator'].update(status='PASS', duration=duration)
self.vnf['inputs'].update(dict(
external_network_name=ext_net_name,
network_name=network_settings.name,
key_pair_name=keypair_settings.name
))
self.result = 1/3 * 100
return True
def test_invalid_rule(self):
rule_setting = SecurityGroupRuleConfig(sec_grp_name='bar',
direction=Direction.ingress,
description='test_rule_1')
with self.assertRaises(SecurityGroupConfigError):
SecurityGroupConfig(name='foo', rule_settings=[rule_setting])
def test_no_params(self):
with self.assertRaises(SecurityGroupRuleConfigError):
SecurityGroupRuleConfig()
def test_empty_config(self):
with self.assertRaises(SecurityGroupRuleConfigError):
SecurityGroupRuleConfig(**dict())
def test_name_and_direction(self):
settings = SecurityGroupRuleConfig(sec_grp_name='foo',
direction=Direction.ingress)
self.assertEqual('foo', settings.sec_grp_name)
self.assertEqual(Direction.ingress, settings.direction)
def test_config_with_name_only(self):
with self.assertRaises(SecurityGroupRuleConfigError):
SecurityGroupRuleConfig(**{'sec_grp_name': 'foo'})
def test_name_only(self):
with self.assertRaises(SecurityGroupRuleConfigError):
SecurityGroupRuleConfig(sec_grp_name='foo')