def test():
'''
PF test needs at least 3 VR existence. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_vm_ops', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid, vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
vip.check()
#stop vm
pf_vm.stop()
test_pf.check()
pf_vm.start()
pf_vm.check()
vip.check()
pf_vm.reboot()
pf_vm.check()
vip.check()
test_pf.delete()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Test Port Forwarding with VM Operations Successfully")
def test():
'''
PF test needs at least 3 VR existence. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_tcp_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
vip.check()
test_pf.delete()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('test_pf_after_destroy_vm', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
vip.check()
pf_vm.stop()
pf_vm.check()
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.check()
test_pf.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass(
"Port Forwarding Rule checking pass when stopping VM and destroying VM."
)
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('2 pfs with same vip', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule2_ports, vip_uuid=vip_uuid, vm_nic_uuid=vm_nic_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(pf_vm)
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule3_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid, vm_nic_uuid=vm_nic_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create(pf_vm)
vip.attach_pf(test_pf2)
pf_vm.check()
vip.check()
test_pf1.delete()
test_pf2.delete()
import time
time.sleep(1)
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_vm1.check()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
test_util.test_dsc("attach, detach and delete pf for many times")
for i in range(1, 451):
test_util.test_logger('round %s' % (i))
starttime = datetime.datetime.now()
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
pf_creation_opt1.set_vip_ports(i, i)
pf_creation_opt1.set_private_ports(i, i)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
if i < 151:
test_pf1.attach(vm_nic_uuid1, pf_vm1)
pf_dict[i] = test_pf1.get_port_forwarding().uuid
elif i < 301:
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf1.detach()
pf_dict[i] = test_pf1.get_port_forwarding().uuid
else :
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf1.detach()
test_pf1.delete()
endtime = datetime.datetime.now()
optime = (endtime - starttime).seconds
test_util.test_dsc("round %s, pf operation time: %s" % (i, optime))
test_util.test_logger("the pf operation time is %s seconds" % optime)
if optime > 240:
test_util.test_fail("the pf operation time is %s seconds, more than 240 seconds" % optime)
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
for j in pf_dict:
net_ops.delete_port_forwarding(pf_dict[j])
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('test_pf_after_destroy_vm', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid, vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
vip.check()
pf_vm.stop()
pf_vm.check()
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.check()
test_pf.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Port Forwarding Rule checking pass when stopping VM and destroying VM.")
def test():
vip_bandwidth = 1*1024
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
pf_vm2 = test_stub.create_vlan_sg_vm()
test_obj_dict.add_vm(pf_vm2)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_vm1.check()
pf_vm2.check()
vm1_inv=pf_vm1.get_vm()
vm2_inv=pf_vm2.get_vm()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
vip_ip = vip.get_vip().ip
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_vm1.check()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
vip_qos = net_ops.set_vip_qos(vip_uuid=vip_uuid, inboundBandwidth=vip_bandwidth*8*1024, outboundBandwidth=vip_bandwidth*8*1024)
test_stub.make_ssh_no_password(vm1_inv)
test_stub.make_ssh_no_password(vm2_inv)
test_stub.install_iperf(vm1_inv)
test_stub.install_iperf(vm2_inv)
iptables_cmd = "iptables -F"
exec_cmd_in_vm(pf_vm1, iptables_cmd, "Failed to clean iptables.")
test_stub.test_iperf_bandwidth(vm1_inv,vm2_inv,vip_ip,20502,20502,vip_bandwidth)
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
pf_vm2.destroy()
test_obj_dict.rm_vm(pf_vm2)
test_util.test_pass("Test Port Forwarding Vip Qos Successfully.")
def check_vrouter_prometheus_conf():
test_util.test_dsc("Check vrouters' prometheus config.")
vrs = test_lib.lib_get_all_vrs()
for vr in vrs:
vr_ip = test_lib.lib_find_vr_pub_ip(vr)
vr_hostname = vr_ip.replace('.', '-')
conditions = res_ops.gen_query_conditions('vmNics.ip', '=', vr_ip)
vr_uuid = res_ops.query_resource(res_ops.VIRTUALROUTER_VM, conditions)[0].uuid
cmd = "jq -r '.[].targets[]' /usr/local/zstacktest/prometheus/discovery/vrouter/%s-%s.json" % (vr_uuid,vr_hostname)
cmd_out = test_lib.lib_execute_ssh_cmd(mn_ip, 'root', 'password', cmd, 180)
expect_result = vr_ip + ':' + str(7272)
if cmd_out.strip() != expect_result.strip():
test_util.test_fail('targets in vrouter/%s-%s.json is not right.') % (vr_uuid,vr_hostname)
cmd = "jq -r '.[].labels[]' /usr/local/zstacktest/prometheus/discovery/vrouter/%s-%s.json" % (vr_uuid,vr_hostname)
cmd_out = test_lib.lib_execute_ssh_cmd(mn_ip, 'root', 'password', cmd, 180)
if cmd_out.strip() != vr_uuid.strip():
test_util.test_fail('labels in vrouter/%s-%s.json is not right.') % (vr_uuid,vr_hostname)
def test():
test_util.test_dsc(
'Create vrouter vm and check if the second public nic attached to vrouter'
)
vm1 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm1)
vm1_ip = vm1.get_vm().vmNics[0].ip
vr1 = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vr1_uuid = vr1.uuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr1_private_ip = test_lib.lib_find_vr_private_ip(vr1)
l3network1_uuid = vm1.get_vm().vmNics[0].l3NetworkUuid
cond = res_ops.gen_query_conditions('uuid', '=', l3network1_uuid)
l3network1_cidr = res_ops.query_resource(res_ops.L3_NETWORK,
cond)[0].ipRanges[0].networkCidr
cond = res_ops.gen_query_conditions('name', '=', 'l3_user_defined_vlan1')
second_public_l3network_uuid = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].uuid
net_ops.attach_l3(second_public_l3network_uuid, vr1_uuid)
#Attach second public network to vrouter
cond = res_ops.gen_query_conditions('uuid', '=', vr1_uuid)
vr1_vm = res_ops.query_resource(res_ops.APPLIANCE_VM, cond)
vr1_nics = res_ops.query_resource(res_ops.APPLIANCE_VM, cond)[0].vmNics
second_public_l3network_attached = False
for vm_nic in vr1_nics:
if vm_nic.l3NetworkUuid == second_public_l3network_uuid:
second_public_l3network_attached = True
if not second_public_l3network_attached:
net_ops.attach_l3(second_public_l3network_uuid, vr1_uuid)
#Get vr1 nic_uuid on second public network
vr1_nics = res_ops.query_resource(res_ops.APPLIANCE_VM, cond)[0].vmNics
vr1_second_pub_nic_uuid = ''
for vm_nic in vr1_nics:
if vm_nic.l3NetworkUuid == second_public_l3network_uuid:
vr1_second_pub_nic_uuid = vm_nic.uuid
vm1.destroy()
net_ops.destroy_vrouter(vr1_uuid)
test_util.test_pass('The Second Public Nic Is Attached To Vrouter')
if vr1_second_pub_nic_uuid != '':
net_ops.detach_l3(vr1_second_pub_nic_uuid)
vm1.destroy()
net_ops.destroy_vrouter(vr1_uuid)
test_util.test_fail('The Second Public Nic Does Not Attached To Vrouter')
def test():
zstack_pri_name = os.environ['l3VlanDNATNetworkName']
zstack_image = os.environ['imageName_net']
zstack_vr_name = os.environ['virtualRouterOfferingName_s']
cond = res_ops.gen_query_conditions('name', '=', zstack_vr_name)
zstack_vr_instance = res_ops.query_resource(res_ops.INSTANCE_OFFERING, cond)[0]
cond = res_ops.gen_query_conditions('name', '=', zstack_pri_name)
zstack_pri = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0]
zstack_pri_uuid = zstack_pri.uuid
zstack_tag = "guestL3Network::" + zstack_pri_uuid
tag_ops.create_system_tag("InstanceOfferingVO", zstack_vr_instance.uuid, zstack_tag)
vcenter_pri_name = os.environ['l3vCenterNoVlanNetworkName']
vcenter_image = os.environ['image_dhcp_name']
vcenter_vr_name = os.environ['vCenterVirtualRouterOfferingName']
cond = res_ops.gen_query_conditions('name', '=', vcenter_vr_name)
vcenter_vr_instance = res_ops.query_resource(res_ops.INSTANCE_OFFERING, cond)[0]
cond = res_ops.gen_query_conditions('name', '=', vcenter_pri_name)
vcenter_pri = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0]
vcenter_pri_uuid = vcenter_pri.uuid
vcenter_tag = "guestL3Network::" + vcenter_pri_uuid
tag_ops.create_system_tag("InstanceOfferingVO", vcenter_vr_instance.uuid, vcenter_tag)
test_util.test_dsc('Create test vm')
vm1 = test_stub.create_vm(vm_name='test_ipsec_1', image_name = zstack_image, l3_name=zstack_pri_name)
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_vm_in_vcenter(vm_name='test_ipsec_2', image_name = vcenter_image, l3_name=vcenter_pri_name)
test_obj_dict.add_vm(vm2)
time.sleep(50)
test_util.test_dsc('Create 2 vip with 2 snat ip')
pri_l3_uuid1 = vm1.vm.vmNics[0].l3NetworkUuid
vr1 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid1)[0]
l3_uuid1 = test_lib.lib_find_vr_pub_nic(vr1).l3NetworkUuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vip1 = zstack_vip_header.ZstackTestVip()
vip1.get_snat_ip_as_vip(vr1_pub_ip)
vip1.isVcenter = True
test_obj_dict.add_vip(vip1)
pri_l3_uuid2 = vm2.vm.vmNics[0].l3NetworkUuid
vr2 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid2)[0]
l3_uuid2 = test_lib.lib_find_vr_pub_nic(vr2).l3NetworkUuid
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
vip2 = zstack_vip_header.ZstackTestVip()
vip2.get_snat_ip_as_vip(vr2_pub_ip)
vip2.isVcenter = True
test_obj_dict.add_vip(vip2)
test_util.test_dsc('Create ipsec with 2 vip')
zstack_pri_cidr = zstack_pri.ipRanges[0].networkCidr
vcenter_pri_cidr = vcenter_pri.ipRanges[0].networkCidr
ipsec1 = ipsec_ops.create_ipsec_connection('zstack_vcenter', pri_l3_uuid1, vip2.get_vip().ip, '123456', vip1.get_vip().uuid, [vcenter_pri_cidr])
ipsec2 = ipsec_ops.create_ipsec_connection('vcenter_zstack', pri_l3_uuid2, vip1.get_vip().ip, '123456', vip2.get_vip().uuid, [zstack_pri_cidr])
#conditions = res_ops.gen_query_conditions('name', '=', 'test_ipsec_1')
#vm1 = res_ops.query_resource(res_ops.VM_INSTANCE, conditions)[0]
#conditions = res_ops.gen_query_conditions('name', '=', 'test_ipsec_2')
#vm2 = res_ops.query_resource(res_ops.VM_INSTANCE, conditions)[0]
if not test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip):
test_util.test_fail('vm1 in zstack could not connect to vm2 in vcenter with IPsec')
if not test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip):
test_util.test_fail('vm2 in vcenter could not connect to vm1 in zstack with IPsec')
ipsec_ops.delete_ipsec_connection(ipsec1.uuid)
ipsec_ops.delete_ipsec_connection(ipsec2.uuid)
test_lib.lib_error_cleanup(test_obj_dict)
test_util.test_pass('Create Ipsec Success')
def test():
'''
PF test needs at least 3 VR existence. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('multi_rule_vip', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, \
protocol=inventory.TCP, \
vip_target_rule=Port.rule1_ports, \
private_target_rule=Port.rule1_ports, \
vip_uuid=vip_uuid, \
vm_nic_uuid=vm_nic_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt)
test_pf1.create(pf_vm)
vip.attach_pf(test_pf1)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, \
protocol=inventory.UDP, \
vip_target_rule=Port.rule1_ports, \
private_target_rule=Port.rule1_ports, \
vip_uuid=vip_uuid, \
vm_nic_uuid=vm_nic_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt)
test_pf2.create(pf_vm)
vip.attach_pf(test_pf2)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, \
protocol=inventory.UDP, \
vip_target_rule=Port.rule2_ports, \
private_target_rule=Port.rule2_ports, \
vip_uuid=vip_uuid, \
vm_nic_uuid=vm_nic_uuid)
test_pf3 = zstack_pf_header.ZstackTestPortForwarding()
test_pf3.set_creation_option(pf_creation_opt)
test_pf3.create(pf_vm)
vip.attach_pf(test_pf3)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, \
protocol=inventory.TCP, \
vip_target_rule=Port.rule2_ports, \
private_target_rule=Port.rule2_ports, \
vip_uuid=vip_uuid, \
vm_nic_uuid=vm_nic_uuid)
test_pf4 = zstack_pf_header.ZstackTestPortForwarding()
test_pf4.set_creation_option(pf_creation_opt)
test_pf4.create(pf_vm)
vip.attach_pf(test_pf4)
vip.check()
pf_vm.check()
test_pf1.delete()
test_pf2.delete()
test_pf3.delete()
test_pf4.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
"""
PF test needs at least 3 VR existence. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
"""
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
# enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = conf_ops.change_global_config("eip", "snatInboundTraffic", "true")
pf_snatInboundTraffic_default_value = conf_ops.change_global_config("portForwarding", "snatInboundTraffic", "true")
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get("l3VlanNetworkName1")
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get("l3NoVlanNetworkName1")
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip("multi_rule_vip", l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid,
)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt)
test_pf1.create(pf_vm)
vip.attach_pf(test_pf1)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.UDP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid,
)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt)
test_pf2.create(pf_vm)
vip.attach_pf(test_pf2)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.UDP,
vip_target_rule=Port.rule2_ports,
private_target_rule=Port.rule2_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid,
)
test_pf3 = zstack_pf_header.ZstackTestPortForwarding()
test_pf3.set_creation_option(pf_creation_opt)
test_pf3.create(pf_vm)
vip.attach_pf(test_pf3)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule2_ports,
private_target_rule=Port.rule2_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid,
)
test_pf4 = zstack_pf_header.ZstackTestPortForwarding()
test_pf4.set_creation_option(pf_creation_opt)
test_pf4.create(pf_vm)
vip.attach_pf(test_pf4)
vip.check()
pf_vm.check()
test_pf1.delete()
test_pf2.delete()
test_pf3.delete()
test_pf4.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
conf_ops.change_global_config("eip", "snatInboundTraffic", eip_snatInboundTraffic_default_value)
conf_ops.change_global_config("portForwarding", "snatInboundTraffic", pf_snatInboundTraffic_default_value)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
#we do not need temp_vm1, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
eip1 = test_stub.create_eip('2l3 eip test1', vip_uuid=vip1.get_vip().uuid)
vip1.attach_eip(eip1)
vip1.check()
eip1.attach(vm_nic1_uuid, vm)
vip1.check()
eip2 = test_stub.create_eip('2l3 eip test2', vip_uuid=vip2.get_vip().uuid)
vip2.attach_eip(eip2)
vip2.check()
eip2.attach(vm_nic2_uuid, vm)
vip2.check()
vm.stop()
vm.start()
vm.check()
vip1.check()
vip2.check()
eip1.detach()
eip2.detach()
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
vm.destroy()
test_obj_dict.rm_vm(vm)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass('Create 1 VM with 2 l3_network with 2 VIP PF testing successfully.')
def check(self):
super(pf_checker, self).check()
test_result = True
try:
test_vip = test_lib.lib_get_vip_by_uuid(self.test_obj.get_vip().uuid)
except:
test_util.test_logger('Check Result: [vip:] %s is not exist' % self.test_obj.get_vip().uuid)
self.test_obj.update()
return self.judge(False)
if not self.test_obj.get_pf_list():
test_util.test_logger('Check Result: [vip:] %s is not attached to any pf.' % self.test_obj.get_vip().uuid)
self.test_obj.update()
return self.judge(False)
vip = self.test_obj.get_vip()
vipIp = vip.ip
all_ports = port_header.all_ports
pf_running_list = self.test_obj.get_pf_list_for_running_vm()
pf_tcp_list, pf_udp_list = self.separate_tcp_udp_list(pf_running_list)
pf_tcp_dict = self.gen_tcp_dict_by_allowed_cidr(pf_tcp_list)
pf_stopped_list = self.test_obj.get_pf_list_for_stopped_vm()
pf_detached_list = self.test_obj.get_detached_pf_list()
vip_l3 = self.test_obj.get_vip().l3NetworkUuid
if not pf_running_list:
# all ports should be denied, since no living vm.
for pf in pf_stopped_list:
test_result = self.check_denied_pf(pf)
if test_result != self.exp_result:
return self.judge(test_result)
for pf in pf_detached_list:
test_result = self.check_denied_pf(pf)
if test_result != self.exp_result:
return self.judge(test_result)
else:
#open TCP ports for living vms
for pf in pf_tcp_list:
target_vm = pf.get_target_vm().vm
vm_l3 = test_lib.lib_get_nic_by_uuid(pf.get_port_forwarding().vmNicUuid).l3NetworkUuid
test_lib.lib_open_vm_listen_ports(target_vm, all_ports, vm_l3)
#calc allowed ports, per allowed_cidr
for allowed_vr_ip, pf_dict_list in pf_tcp_dict.iteritems():
allowed_ports = []
denied_ports = all_ports
#find all pf rules on running vm. These rules are supposed to be connectable, unless they are blocked by target vm's sg.
allowed_ports, denied_ports = \
self.count_pf_allowed_denied_ports(
pf_dict_list,
allowed_ports,
denied_ports)
#although the target_vm might be different, but the denied_vr_vm should be same.
target_vm_nic_uuid = pf_dict_list[0].get_port_forwarding().vmNicUuid
allowed_vr_vm, denied_vr_vm = \
self.get_allowed_denied_vr_vm(allowed_vr_ip, target_vm_nic_uuid)
denied_vr_ip = test_lib.lib_find_vr_pub_ip(denied_vr_vm)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm, allowed_vr_ip, vipIp, allowed_ports, denied_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger("Catch failure when checking [vip:] %s Port Forwarding TCP [rules] for allowed Cidr: %s from [vm:] %s . " % \
(vip.uuid, allowed_vr_ip, allowed_vr_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
if test_result != self.exp_result:
return self.judge(test_result)
test_util.test_logger("Checking pass for [vip:] %s Port Forwardings TCP rules for allowed Cidr: %s from [vm:] %s " % \
(vip.uuid, allowed_vr_ip, allowed_vr_vm.uuid))
#check denied vr access.
allowed_ports = []
denied_ports = all_ports
#the denied vr might be in other pf rule.
if denied_vr_ip in pf_tcp_dict.keys():
allowed_ports, denied_ports = \
self.count_pf_allowed_denied_ports(
pf_tcp_dict[denied_vr_ip],
allowed_ports,
denied_ports)
try:
test_lib.lib_check_ports_in_a_command(denied_vr_vm, denied_vr_ip, vipIp, allowed_ports, denied_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger("Catch failure when checking [vip:] %s Port Forwarding TCPs for not allowed Cidr from [vm:] %s" % (vip.uuid, allowed_vr_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
test_util.test_logger("Checking pass for Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s . All ports should be blocked. " % (vip.uuid, allowed_vr_vm.uuid))
if test_result != self.exp_result:
return self.judge(test_result)
#check pf_udp rule existance.
for pf in pf_udp_list:
test_result = test_lib.lib_check_vm_pf_rule_exist_in_iptables(pf.get_port_forwarding())
test_util.test_logger('Check result: [Port Forwarding] %s finishes UDP rule existance testing' % pf.get_port_forwarding().uuid)
return self.judge(test_result)
test_util.test_logger('Check result: [Port Forwarding] finishes [vip:] %s TCP testing.' % vip.uuid)
return self.judge(test_result)
def test():
vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('vm_ops', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
eip = test_stub.create_eip('eip vm ops test', vip_uuid, vm_nic_uuid, vm)
vip.attach_eip(eip)
vm.check()
vip.check()
#stop vm
vm.stop()
vip.check()
vm.start()
vm.check()
vip.check()
vm.reboot()
vm.check()
vip.check()
eip.delete()
vm.destroy()
test_obj_dict.rm_vm(vm)
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Test EIP with VM ops Successfully")
def test():
global vm1, vm2, vip
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName']
image_name = os.environ['image_dhcp_name']
# create vm1 vm2
vm1 = test_stub.create_vm_in_vcenter(vm_name='test_vm1', image_name = image_name, l3_name=l3_vr_network)
vm2 = test_stub.create_vm_in_vcenter(vm_name='test_vm2', image_name = image_name, l3_name=l3_vr_network)
test_obj_dict.add_vm(vm1)
test_obj_dict.add_vm(vm2)
vm1.check()
vm2.check()
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName1']
vr1 = test_stub.create_vm_in_vcenter(vm_name='vm1', image_name = image_name, l3_name=l3_vr_network)
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName2']
vr2 = test_stub.create_vm_in_vcenter(vm_name='vm2', image_name = image_name, l3_name=l3_vr_network)
test_obj_dict.add_vm(vr1)
test_obj_dict.add_vm(vr2)
vr1_nic = vr1.get_vm().vmNics[0]
pri_l3_uuid = vr1_nic.l3NetworkUuid
vr1 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_nic = vr2.get_vm().vmNics[0]
pri_l3_uuid = vr2_nic.l3NetworkUuid
vr2 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
vm1_nic = vm1.get_vm().vmNics[0]
vm1_nic_uuid = vm1_nic.uuid
vm2_nic = vm2.get_vm().vmNics[0]
vm2_nic_uuid = vm2_nic.uuid
pri_l3_uuid = vm1_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
vip = zstack_vip_header.ZstackTestVip()
vip.get_snat_ip_as_vip(vr_pub_ip)
vip.isVcenter = True
vip_uuid = vip.get_vip().uuid
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr2_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
vm1.check()
vip.check()
# pf_1_attach_vm1 pf_2_attach_vm2
test_pf1.attach(vm1_nic_uuid, vm1)
test_pf2.attach(vm2_nic_uuid, vm2)
vip.check()
vm1.stop()
vip.check()
# pf_1_detach pf_1_attach_vm2
test_pf1.detach()
vip.check()
test_pf1.attach(vm2_nic_uuid, vm2)
vip.check()
vm1.start()
time.sleep(30)
vip.check()
vm1.stop()
test_pf1.detach()
test_pf2.detach()
vip.check()
# pf_1_attach_vm1 pf_2_attach_vm1
test_pf1.attach(vm1_nic_uuid, vm1)
test_pf2.attach(vm1_nic_uuid, vm1)
vm1.start()
time.sleep(50)
vip.check()
# pf_1_delete pf_2_delete
test_pf1.delete()
test_pf2.delete()
# clean_up
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def test():
'''
PF test needs at least 3 VR existence. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('multi_rule_pf1', l3_uuid)
test_obj_dict.add_vip(vip1)
vip_uuid1 = vip1.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid1, vm_nic_uuid=vm_nic_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt)
test_pf1.create(pf_vm)
vip1.attach_pf(test_pf1)
vip1.check()
vip2 = test_stub.create_vip('multi_rule_pf2', l3_uuid)
test_obj_dict.add_vip(vip2)
vip_uuid2 = vip2.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule2_ports, private_target_rule=Port.rule2_ports, vip_uuid=vip_uuid2, vm_nic_uuid=vm_nic_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt)
test_pf2.create(pf_vm)
vip2.attach_pf(test_pf2)
vip2.check()
vip3 = test_stub.create_vip('multi_rule_pf3', l3_uuid)
test_obj_dict.add_vip(vip3)
vip_uuid3 = vip3.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.UDP, vip_target_rule=Port.rule2_ports, private_target_rule=Port.rule2_ports, vip_uuid=vip_uuid3, vm_nic_uuid=vm_nic_uuid)
test_pf3 = zstack_pf_header.ZstackTestPortForwarding()
test_pf3.set_creation_option(pf_creation_opt)
test_pf3.create(pf_vm)
vip3.attach_pf(test_pf3)
vip3.check()
vip4 = test_stub.create_vip('multi_rule_pf4', l3_uuid)
test_obj_dict.add_vip(vip4)
vip_uuid4 = vip4.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.UDP, vip_target_rule=Port.rule3_ports, private_target_rule=Port.rule3_ports, vip_uuid=vip_uuid4, vm_nic_uuid=vm_nic_uuid)
test_pf4 = zstack_pf_header.ZstackTestPortForwarding()
test_pf4.set_creation_option(pf_creation_opt)
test_pf4.create(pf_vm)
vip4.attach_pf(test_pf4)
vip4.check()
pf_vm.check()
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
test_pf1.delete()
test_pf2.delete()
test_pf3.delete()
test_pf4.delete()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
vip3.delete()
test_obj_dict.rm_vip(vip3)
vip4.delete()
test_obj_dict.rm_vip(vip4)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('2 pfs with same vip', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule2_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(pf_vm)
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule3_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create(pf_vm)
vip.attach_pf(test_pf2)
pf_vm.check()
vip.check()
test_pf1.delete()
test_pf2.delete()
import time
time.sleep(1)
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
pf_vm2 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm2)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm1.check()
pf_vm2.check()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
vm_nic2 = pf_vm2.vm.vmNics[0]
vm_nic_uuid2 = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
vip = test_stub.get_snat_ip_as_vip(vr_pub_ip)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr2_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
pf_vm1.check()
vip.check()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf2.attach(vm_nic_uuid2, pf_vm2)
vip.check()
pf_vm1.stop()
vip.check()
test_pf1.detach()
test_pf1.attach(vm_nic_uuid2, pf_vm2)
pf_vm1.start()
pf_vm1.check()
vip.check()
pf_vm1.stop()
test_pf1.detach()
test_pf2.detach()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf2.attach(vm_nic_uuid1, pf_vm1)
pf_vm1.start()
pf_vm1.check()
vip.check()
#vip.delete()
test_pf1.delete()
test_pf2.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
pf_vm2.destroy()
test_obj_dict.rm_vm(pf_vm2)
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def test():
global vm1, vm2, vip
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName']
image_name = os.environ['image_dhcp_name']
test_util.test_dsc('Create test vm with lb.')
vm1 = test_stub.create_vm_in_vcenter(vm_name='test_vip_lb_1', image_name = image_name, l3_name=l3_vr_network)
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_vm_in_vcenter(vm_name='test_vip_lb_2', image_name = image_name, l3_name=l3_vr_network)
test_obj_dict.add_vm(vm2)
time.sleep(50)
vm_nic1 = vm1.get_vm().vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic1_ip = vm_nic1.ip
vm_nic2 = vm2.get_vm().vmNics[0]
vm_nic2_uuid = vm_nic2.uuid
vm_nic2_ip = vm_nic2.ip
test_stub.set_httpd_in_vm(vm1.get_vm(), vm_nic1_ip)
test_stub.set_httpd_in_vm(vm2.get_vm(), vm_nic2_ip)
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
vip = zstack_vip_header.ZstackTestVip()
vip.get_snat_ip_as_vip(vr_pub_ip)
vip.isVcenter = True
test_obj_dict.add_vip(vip)
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb2 = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip.get_vip().uuid)
lb2.create('create lb2 test', vip.get_vip().uuid)
lb.isVcenter = True
lb2.isVcenter = True
test_obj_dict.add_load_balancer(lb)
test_obj_dict.add_load_balancer(lb2)
vip.attach_lb(lb)
vip.attach_lb(lb2)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 222, lbi_port = 22)
lb2_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 2222, lbi_port = 80)
lbl = lb.create_listener(lb_creation_option)
lbl2 = lb2.create_listener(lb2_creation_option)
lbl.add_nics([vm_nic1_uuid, vm_nic2_uuid])
lbl2.add_nics([vm_nic1_uuid, vm_nic2_uuid])
vm1.check()
vm2.check()
lb.check()
lb2.check()
vip.check()
lb.delete()
lb2.delete()
test_obj_dict.rm_vip(vip)
test_obj_dict.rm_load_balancer(lb)
test_obj_dict.rm_load_balancer(lb2)
lb.check()
lb2.check()
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass('Create Load Balancer Test Success')
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
#we do not need temp_vm1, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
# if vr.applianceVmType == "vrouter":
# test_util.test_skip("vrouter VR does not support single VM multiple EIP")
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
eip1 = test_stub.create_eip('2l3 eip test1', vip_uuid=vip1.get_vip().uuid)
vip1.attach_eip(eip1)
vip1.check()
eip1.attach(vm_nic1_uuid, vm)
cmd = 'ip route | grep %s | grep eth0' % (os.environ.get('vlanIpRangeGateway1'))
if vr1.applianceVmType == "vrouter":
if not test_lib.lib_execute_command_in_vm(vm.get_vm(), cmd):
default_eth = 1
non_default_eth = 0
else:
default_eth = 0
non_default_eth = 1
update_default_gw(vm.get_vm(), os.environ.get('vlanIpRangeGateway2'), non_default_eth)
vip1.check()
eip2 = test_stub.create_eip('2l3 eip test2', vip_uuid=vip2.get_vip().uuid)
vip2.attach_eip(eip2)
vip2.check()
eip2.attach(vm_nic2_uuid, vm)
if vr1.applianceVmType == "vrouter":
update_default_gw(vm.get_vm(), os.environ.get('vlanIpRangeGateway1'), default_eth)
vip2.check()
vm.stop()
vm.start()
vm.check()
if vr1.applianceVmType == "vrouter":
update_default_gw(vm.get_vm(), os.environ.get('vlanIpRangeGateway2'), non_default_eth)
vip1.check()
if vr1.applianceVmType == "vrouter":
update_default_gw(vm.get_vm(), os.environ.get('vlanIpRangeGateway1'), default_eth)
vip2.check()
eip1.detach()
eip2.detach()
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
vm.destroy()
test_obj_dict.rm_vm(vm)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass('Create 1 VM with 2 l3_network with 2 VIP PF testing successfully.')
def test():
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
test_util.test_dsc('vr auto reconnection check test')
l3_1_name = os.environ.get('l3VlanNetworkName1')
l3_1 = test_lib.lib_get_l3_by_name(l3_1_name)
if not l3_1:
test_util.test_skip('No network for vr auto reconnect test')
#create VRs.
vrs = test_lib.lib_find_vr_by_l3_uuid(l3_1.uuid)
if not vrs:
image_name = os.environ.get('imageName_net')
vm = test_stub.create_vr_vm('vm_for_vr', image_name, l3_1_name)
vm.destroy()
vr1 = test_lib.lib_find_vr_by_l3_uuid(l3_1.uuid)[0]
else:
vr1 = vrs[0]
resource_type = res_ops.VIRTUALROUTER_VM
if flavor['virtualrouter']:
if vr1.applianceVmType != "VirtualRouter":
test_util.test_skip('No network for vr auto reconnect test')
if flavor['vrouter']:
if vr1.applianceVmType != "vrouter":
test_util.test_skip('No network for vr auto reconnect test')
test_lib.lib_install_testagent_to_vr_with_vr_vm(vr1)
test_util.test_logger("kill vr agent on vr %s" % (vr1.uuid))
if flavor['virtualrouter']:
if flavor['kill']:
cmd = "pkill -9 -f 'from virtualrouter import virtualrouterdaemon'"
else:
cmd = "service zstack-virtualrouter stop"
elif flavor['vrouter']:
if flavor['kill']:
cmd = "pkill -9 -f '/opt/vyatta/sbin/zvr -i'"
# else:
# cmd = "service zstack-imagestorebackupstorage stop"
vr_ip = test_lib.lib_find_vr_pub_ip(vr1)
if test_lib.lib_execute_sh_cmd_by_agent(vr_ip, cmd) == False:
test_util.test_fail("CMD:%s execute failed on %s" % (cmd, vr_ip))
test_util.test_logger(
"vr %s is expected to disconnect and start reconnect automatically" %
(vr1.uuid))
conditions = res_ops.gen_query_conditions('uuid', '=', vr1.uuid)
count = 0
while count < 24:
vr = res_ops.query_resource(resource_type, conditions)[0]
if vr.status == "Connecting":
break
time.sleep(5)
count += 1
if vr.status != "Connecting":
test_util.test_fail(
"vr %s is not disconnect and start reconnect automatically in 120 seconds"
% (vr1.uuid))
test_util.test_logger(
"vr %s is expected to reconnect success automatically" % (vr1.uuid))
count = 0
while count < 24:
vr = res_ops.query_resource(resource_type, conditions)[0]
if vr.status == "Connected":
break
time.sleep(5)
count += 1
if vr.status != "Connected":
test_util.test_fail(
"vr %s not reconnect success automatically in 120 seconds" %
(vr.uuid))
test_util.test_pass("Auto reconnect backup storage pass")
def test():
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_vm1.check()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
test_util.test_dsc("attach, detach and delete pf for many times")
for i in range(1, 451):
test_util.test_logger('round %s' % (i))
starttime = datetime.datetime.now()
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule5_ports,
private_target_rule=Port.rule5_ports,
vip_uuid=vip_uuid)
pf_creation_opt1.set_vip_ports(i, i)
pf_creation_opt1.set_private_ports(i, i)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
if i < 151:
test_pf1.attach(vm_nic_uuid1, pf_vm1)
pf_dict[i] = test_pf1.get_port_forwarding().uuid
elif i < 301:
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf1.detach()
pf_dict[i] = test_pf1.get_port_forwarding().uuid
else:
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf1.detach()
test_pf1.delete()
endtime = datetime.datetime.now()
optime = (endtime - starttime).seconds
test_util.test_dsc("round %s, pf operation time: %s" % (i, optime))
if optime > 30:
test_util.test_fail(
"the pf operation time is %s seconds, more than 30 seconds" %
optime)
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
for j in pf_dict:
net_ops.delete_port_forwarding(pf_dict[j])
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def test():
vip_bandwidth = 1 * 1024
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
pf_vm2 = test_stub.create_vlan_sg_vm()
test_obj_dict.add_vm(pf_vm2)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_vm1.check()
pf_vm2.check()
vm1_inv = pf_vm1.get_vm()
vm2_inv = pf_vm2.get_vm()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
vip_ip = vip.get_vip().ip
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_vm1.check()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
vip_qos = net_ops.set_vip_qos(vip_uuid=vip_uuid,
inboundBandwidth=vip_bandwidth * 8 * 1024,
outboundBandwidth=vip_bandwidth * 8 * 1024)
test_stub.make_ssh_no_password(vm1_inv)
test_stub.make_ssh_no_password(vm2_inv)
test_stub.install_iperf(vm1_inv)
test_stub.install_iperf(vm2_inv)
iptables_cmd = "iptables -F"
exec_cmd_in_vm(pf_vm1, iptables_cmd, "Failed to clean iptables.")
test_stub.test_iperf_bandwidth(vm1_inv, vm2_inv, vip_ip, 20502, 20502,
vip_bandwidth)
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
pf_vm2.destroy()
test_obj_dict.rm_vm(pf_vm2)
test_util.test_pass("Test Port Forwarding Vip Qos Successfully.")
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(vm)
#disable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'false')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'false')
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
vm.check()
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('eip_sg_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
eip = test_stub.create_eip('eip sg test', vip_uuid, vm_nic_uuid, vm)
vip.attach_eip(eip)
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg_vm = zstack_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
vm_nics = (vm_nic_uuid, vm)
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, vr1_pub_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.INGRESS, vr2_pub_ip)
sg1.add_rule([rule1])
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc("EIP connection is allowed from VR1, but denied from VR2.")
sg_vm.attach(sg1, [vm_nics])
vip.check()
test_util.test_dsc("Remove rule1 from security group 1.")
test_util.test_dsc("EIP is still allowed from all VR")
sg1.delete_rule([rule1])
vip.check()
test_util.test_dsc("Add rule2")
test_util.test_dsc("EIP is not allowed by VR2, VR1 is allowed. ")
sg1.add_rule([rule2])
vip.check()
test_util.test_dsc("Delete SG")
sg_vm.delete_sg(sg1)
test_util.test_dsc("PF rule is allowed")
vip.check()
vm.destroy()
test_obj_dict.rm_vm(vm)
vip.check()
eip.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass("Test EIP and SG coexistance Successfully")
def test():
global vm1, vm2, vip
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName']
image_name = os.environ['image_dhcp_name']
# create vm1 vm2
vm1 = test_stub.create_vm_in_vcenter(vm_name='test_vm1',
image_name=image_name,
l3_name=l3_vr_network)
vm2 = test_stub.create_vm_in_vcenter(vm_name='test_vm2',
image_name=image_name,
l3_name=l3_vr_network)
test_obj_dict.add_vm(vm1)
test_obj_dict.add_vm(vm2)
vm1.check()
vm2.check()
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName1']
vr1 = test_stub.create_vm_in_vcenter(vm_name='vm1',
image_name=image_name,
l3_name=l3_vr_network)
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName2']
vr2 = test_stub.create_vm_in_vcenter(vm_name='vm2',
image_name=image_name,
l3_name=l3_vr_network)
test_obj_dict.add_vm(vr1)
test_obj_dict.add_vm(vr2)
vr1_nic = vr1.get_vm().vmNics[0]
pri_l3_uuid = vr1_nic.l3NetworkUuid
vr1 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_nic = vr2.get_vm().vmNics[0]
pri_l3_uuid = vr2_nic.l3NetworkUuid
vr2 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
vm1_nic = vm1.get_vm().vmNics[0]
vm1_nic_uuid = vm1_nic.uuid
vm2_nic = vm2.get_vm().vmNics[0]
vm2_nic_uuid = vm2_nic.uuid
pri_l3_uuid = vm1_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
vip = zstack_vip_header.ZstackTestVip()
vip.get_snat_ip_as_vip(vr_pub_ip)
vip.isVcenter = True
vip_uuid = vip.get_vip().uuid
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(
vr2_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule5_ports,
private_target_rule=Port.rule5_ports,
vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
vm1.check()
vip.check()
# pf_1_attach_vm1 pf_2_attach_vm2
test_pf1.attach(vm1_nic_uuid, vm1)
test_pf2.attach(vm2_nic_uuid, vm2)
vip.check()
vm1.stop()
vip.check()
# pf_1_detach pf_1_attach_vm2
test_pf1.detach()
vip.check()
test_pf1.attach(vm2_nic_uuid, vm2)
vip.check()
vm1.start()
time.sleep(30)
vip.check()
vm1.stop()
test_pf1.detach()
test_pf2.detach()
vip.check()
# pf_1_attach_vm1 pf_2_attach_vm1
test_pf1.attach(vm1_nic_uuid, vm1)
test_pf2.attach(vm1_nic_uuid, vm1)
vm1.start()
time.sleep(50)
vip.check()
# pf_1_delete pf_2_delete
test_pf1.delete()
test_pf2.delete()
# clean_up
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def test():
vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('vm_ops', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
eip = test_stub.create_eip('eip vm ops test', vip_uuid, vm_nic_uuid, vm)
vip.attach_eip(eip)
vm.check()
vip.check()
#stop vm
vm.stop()
vip.check()
vm.start()
vm.check()
vip.check()
vm.reboot()
vm.check()
vip.check()
eip.delete()
vm.destroy()
test_obj_dict.rm_vm(vm)
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Test EIP with VM ops Successfully")
def test():
global route_table1_uuid
global route_table2_uuid
test_util.test_dsc('Check vm connection with vrouter route')
vm1 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm1)
vm1_ip = vm1.get_vm().vmNics[0].ip
vr1 = test_lib.lib_find_flat_dhcp_vr_by_vm(vm1.vm)[0]
vr1_uuid = vr1.uuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr1_private_ip = test_lib.lib_find_vr_private_ip(vr1)
l3network1_uuid = vm1.get_vm().vmNics[0].l3NetworkUuid
cond = res_ops.gen_query_conditions('uuid', '=', l3network1_uuid)
l3network1_cidr = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
vm2 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName3'))
test_obj_dict.add_vm(vm2)
vm2_ip = vm2.get_vm().vmNics[0].ip
vr2 = test_lib.lib_find_flat_dhcp_vr_by_vm(vm2.vm)[0]
vr2_uuid = vr2.uuid
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
vr2_private_ip = test_lib.lib_find_vr_private_ip(vr2)
l3network2_uuid = vm2.get_vm().vmNics[0].l3NetworkUuid
cond = res_ops.gen_query_conditions('uuid', '=', l3network2_uuid)
l3network2_cidr = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
vm1.check()
vm2.check()
#Attach the network service to l3 network
cond = res_ops.gen_query_conditions('type', '=', 'vrouter')
service_uuid = res_ops.query_resource(res_ops.NETWORK_SERVICE_PROVIDER, cond)[0].uuid
network_services_json = "{'%s':['VRouterRoute']}"% service_uuid
net_ops.detach_network_service_from_l3network(l3network1_uuid, service_uuid)
net_ops.attach_network_service_to_l3network(l3network1_uuid, service_uuid)
net_ops.detach_network_service_from_l3network(l3network2_uuid, service_uuid)
net_ops.attach_network_service_to_l3network(l3network2_uuid, service_uuid)
#Create route table and route entry for each vrouter
route_table1 = net_ops.create_vrouter_route_table('route_table1')
route_table1_uuid = route_table1.uuid
route_entry1 = net_ops.add_vrouter_route_entry(route_table1_uuid, l3network2_cidr, vr2_pub_ip)
route_table2 = net_ops.create_vrouter_route_table('route_table2')
route_table2_uuid = route_table2.uuid
route_entry2 = net_ops.add_vrouter_route_entry(route_table2_uuid, l3network1_cidr, vr1_pub_ip)
#Attach the route table to vrouter and check the network
#net_ops.detach_vrouter_route_table_from_vrouter(route_table1_uuid, vr1_uuid)
net_ops.attach_vrouter_route_table_to_vrouter(route_table1_uuid, vr1_uuid)
#net_ops.detach_vrouter_route_table_from_vrouter(route_table2_uuid, vr2_uuid)
net_ops.attach_vrouter_route_table_to_vrouter(route_table2_uuid, vr2_uuid)
#Add vroute private ip to vm route
cmd = 'ip r del default; ip r add default via %s' %vr1_private_ip
rsp = test_lib.lib_execute_ssh_cmd(vm1_ip, 'root', 'password', cmd, 180)
cmd = 'ip r del default; ip r add default via %s' %vr2_private_ip
rsp = test_lib.lib_execute_ssh_cmd(vm2_ip, 'root', 'password', cmd, 180)
if not test_lib.lib_check_ping(vm1.vm, vm2_ip, no_exception=True):
test_util.test_fail('Exception: [vm:] %s ping [vr:] %s fail. But it should ping successfully.' % (vm1.vm.uuid, vm2_ip))
if not test_lib.lib_check_ping(vm1.vm, vm1_ip, no_exception=True):
test_util.test_fail('Exception: [vm:] %s ping [vr:] %s fail. But it should ping successfully.' % (vm2.vm.uuid, vm1_ip))
#Dettach the route table to vrouter and check the network
net_ops.detach_vrouter_route_table_from_vrouter(route_table1_uuid, vr1_uuid)
net_ops.detach_vrouter_route_table_from_vrouter(route_table2_uuid, vr2_uuid)
if test_lib.lib_check_ping(vm1.vm, vm2_ip, no_exception=True):
test_util.test_fail('Exception: [vm:] %s ping [vr:] %s successfully. But it should ping fail because the route table is detached.' % (vm1.vm.uuid, vm2_ip))
if test_lib.lib_check_ping(vm1.vm, vm2_ip, no_exception=True):
test_util.test_fail('Exception: [vm:] %s ping [vr:] %s successfully. But it should ping fail because the route table is detached.' % (vm2.vm.uuid, vm1_ip))
#Delete route entry and table, and distory vm
net_ops.delete_vrouter_route_entry(route_entry1.uuid, route_table1_uuid)
net_ops.delete_vrouter_route_entry(route_entry2.uuid, route_table2_uuid)
net_ops.delete_vrouter_route_table(route_table1_uuid)
net_ops.delete_vrouter_route_table(route_table2_uuid)
vm1.destroy()
vm2.destroy()
test_util.test_pass('Check VRouter route Success')
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr2_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
pf_vm.check()
test_pf1.attach(vm_nic.uuid, pf_vm)
test_pf2.attach(vm_nic.uuid, pf_vm)
vip.check()
test_pf1.detach()
test_pf1.delete()
test_pf2.delete()
vip.check()
eip = test_stub.create_eip('create pf/eip test', vip_uuid=vip.get_vip().uuid, vnic_uuid=vm_nic_uuid, vm_obj=pf_vm)
vip.attach_eip(eip)
vip.check()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
test_util.test_pass("Test Port Forwarding and EIP with same VIP Successfully")
def test():
"""
Since VR ip address is assigned by zstack, so we need to use VR to test
PF rules' connectibility.
PF test needs at least 3 VR existence. The PF VM's VR is for set PF
rule. The PF rule will add VIP for PF_VM. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. So the 2nd VR
VM should not be able to access PF_VM.
In this test, will also add SG rules to check the coexistence between
PF and SG. SG rule will be added onto PF_VM's internal IP.
"""
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
# enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = conf_ops.change_global_config("eip", "snatInboundTraffic", "false")
pf_snatInboundTraffic_default_value = conf_ops.change_global_config("portForwarding", "snatInboundTraffic", "false")
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
pf_vm2 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm2)
l3_name = os.environ.get("l3VlanNetworkName1")
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get("l3NoVlanNetworkName1")
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm1.check()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vm_nic2 = pf_vm2.vm.vmNics[0]
vm_nic_uuid2 = vm_nic2.uuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip("pf_sg_test", l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid1,
)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(pf_vm1)
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(
vr2_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule2_ports,
private_target_rule=Port.rule2_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid2,
)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create(pf_vm2)
vip.attach_pf(test_pf2)
pf_vm1.check()
pf_vm2.check()
vip.check()
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg_vm = zstack_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
vm_nics = (vm_nic_uuid1, pf_vm1)
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, vr1_pub_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.INGRESS, vr2_pub_ip)
sg1.add_rule([rule1])
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc(
"PF1 rule is allowed, since VR1's IP is granted by SG Rule1. PF2 rule is allowed, since VM2's ip is not controlld by SG."
)
sg_vm.attach(sg1, [vm_nics])
vip.check()
test_util.test_dsc("Remove rule1 from security group 1.")
test_util.test_dsc("PF rules are still allowed")
sg1.delete_rule([rule1])
vip.check()
test_util.test_dsc("Add rule2")
test_util.test_dsc(
"PF1 rule is not allowed, since SG rule2 only allowed the ingress from VR2, but VR2 can't pass PF rule. PF2 rule is still allowed, since its vmnic is not controlled by SG."
)
sg1.add_rule([rule2])
vip.check()
test_util.test_dsc("Delete SG")
sg_vm.delete_sg(sg1)
test_util.test_dsc("All PFs rule are allowed")
vip.check()
test_pf1.delete()
test_pf2.delete()
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
pf_vm2.destroy()
test_obj_dict.rm_vm(pf_vm2)
vip.delete()
test_obj_dict.rm_vip(vip)
conf_ops.change_global_config("eip", "snatInboundTraffic", eip_snatInboundTraffic_default_value)
conf_ops.change_global_config("portForwarding", "snatInboundTraffic", pf_snatInboundTraffic_default_value)
test_util.test_pass("Test 2 Port Forwarding Rules with same VIP assigned to different vmnic Successfully.")
def test():
global mevoco1_ip
global mevoco2_ip
global ipsec1
global ipsec2
global ipsec3
global ipsec4
mevoco1_ip = os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP']
mevoco2_ip = os.environ['secondZStackMnIp']
test_util.test_dsc('Create test vm in mevoco1')
vm1 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict1.add_vm(vm1)
vm1.check()
pri_l3_uuid1 = vm1.vm.vmNics[0].l3NetworkUuid
vr1 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid1)[0]
l3_uuid1 = test_lib.lib_find_vr_pub_nic(vr1).l3NetworkUuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vip1 = test_stub.get_snat_ip_as_vip(vr1_pub_ip)
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid1)
first_zstack_cidrs = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
test_util.test_dsc('Create test vm in mevoco2')
vm2 = test_stub.create_vlan_vm(os.environ.get('l3VlanDNATNetworkName'))
test_obj_dict2.add_vm(vm2)
vm2.check()
pri_l3_uuid2 = vm2.vm.vmNics[0].l3NetworkUuid
vr2 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid2)[0]
l3_uuid2 = test_lib.lib_find_vr_pub_nic(vr2).l3NetworkUuid
vip2 = test_stub.create_vip('ipsec2_vip', l3_uuid2)
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid2)
second_zstack_cidrs = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
test_util.test_dsc('Create test vm in mevoco2')
vm3 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName4'))
test_obj_dict2.add_vm(vm3)
vm3.check()
pri_l3_uuid3 = vm3.vm.vmNics[0].l3NetworkUuid
vr3 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid2)[0]
l3_uuid3 = test_lib.lib_find_vr_pub_nic(vr3).l3NetworkUuid
vip3 = test_stub.create_vip('ipsec3_vip', l3_uuid3)
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid3)
third_zstack_cidrs = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
test_util.test_dsc('Create ipsec in mevoco1')
ipsec1 = ipsec_ops.create_ipsec_connection('ipsec1', pri_l3_uuid1, vip2.get_vip().ip, '123456', vip1.get_vip().uuid, [second_zstack_cidrs])
ipsec3 = ipsec_ops.create_ipsec_connection('ipsec3', pri_l3_uuid1, vip3.get_vip().ip, '123456', vip1.get_vip().uuid, [third_zstack_cidrs])
vip1_uuid = vip1.get_vip().uuid
vip1_db = test_lib.lib_get_vip_by_uuid(vip1_uuid)
assert "IPsec" in vip1_db.useFor
assert vip1_db.useFor.count("IPsec") == 1
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
test_util.test_dsc('Create ipsec in mevoco2')
ipsec2 = ipsec_ops.create_ipsec_connection('ipsec2', pri_l3_uuid2, vip1.get_vip().ip, '123456', vip2.get_vip().uuid, [first_zstack_cidrs])
ipsec4 = ipsec_ops.create_ipsec_connection('ipsec4', pri_l3_uuid3, vip1.get_vip().ip, '123456', vip3.get_vip().uuid, [first_zstack_cidrs])
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
if not test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip):
test_util.test_fail('vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' % (mevoco1_ip, mevoco2_ip))
if not test_lib.lib_check_ping(vm1.vm, vm3.vm.vmNics[0].ip):
test_util.test_fail('vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' % (mevoco1_ip, mevoco2_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
if not test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip):
test_util.test_fail('vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' % (mevoco2_ip, mevoco1_ip))
if not test_lib.lib_check_ping(vm3.vm, vm1.vm.vmNics[0].ip):
test_util.test_fail('vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' % (mevoco2_ip, mevoco1_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
ipsec_ops.delete_ipsec_connection(ipsec1.uuid)
ipsec_ops.delete_ipsec_connection(ipsec3.uuid)
if test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail('vm in mevoco1[MN:%s] could still connect to vm in mevoco2[MN:%s] after Ipsec is deleted' % (mevoco1_ip, mevoco2_ip))
if test_lib.lib_check_ping(vm1.vm, vm3.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail('vm in mevoco1[MN:%s] could still connect to vm in mevoco2[MN:%s] after Ipsec is deleted' % (mevoco1_ip, mevoco2_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
if test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail('vm in mevoco2[MN:%s] could still connect to vm in mevoco1[MN:%s] after Ipsec is deleted' % (mevoco2_ip, mevoco1_ip))
if test_lib.lib_check_ping(vm3.vm, vm1.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail('vm in mevoco2[MN:%s] could still connect to vm in mevoco1[MN:%s] after Ipsec is deleted' % (mevoco2_ip, mevoco1_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
test_lib.lib_error_cleanup(test_obj_dict1)
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
ipsec_ops.delete_ipsec_connection(ipsec2.uuid)
ipsec_ops.delete_ipsec_connection(ipsec4.uuid)
test_lib.lib_error_cleanup(test_obj_dict2)
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
test_util.test_pass('Create Ipsec Success')
def test():
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
pf_vm2 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm2)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm1.check()
pf_vm2.check()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
vm_nic2 = pf_vm2.vm.vmNics[0]
vm_nic_uuid2 = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr2_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
pf_vm1.check()
vip.check()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf2.attach(vm_nic_uuid2, pf_vm2)
vip.check()
pf_vm1.stop()
vip.check()
test_pf1.detach()
test_pf1.attach(vm_nic_uuid2, pf_vm2)
pf_vm1.start()
pf_vm1.check()
vip.check()
pf_vm1.stop()
test_pf1.detach()
test_pf2.detach()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf2.attach(vm_nic_uuid1, pf_vm1)
pf_vm1.start()
pf_vm1.check()
vip.check()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
pf_vm2.destroy()
test_obj_dict.rm_vm(pf_vm2)
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def check(self):
'''
check will assume target vm only have 1 port forwarding VR.
So all vms PF rules are assigned to 1 VM nic.
'''
super(zstack_vcenter_pf_tcp_checker, self).check()
test_result = True
target_vm = self.test_obj.get_target_vm().vm
pf_rule = self.test_obj.get_port_forwarding()
vm_nic = test_lib.lib_get_nic_by_uuid(pf_rule.vmNicUuid)
all_ports = port_header.all_ports
#only open ports when VM is running.
if self.test_obj.get_target_vm().state == vm_header.RUNNING:
test_lib.lib_open_vm_listen_ports(target_vm, all_ports, vm_nic.l3NetworkUuid)
#consolidate rules for TCP/UDP/ICMP with different AllowedCidr
rule_port = port_header.get_port_rule(pf_rule.vipPortStart, pf_rule.vipPortEnd)
#check SG ingress limitation. Since SG rule will not consider vip as
#allowedCidr, if there is ingress limitation, the ingress PF connection
#will be blocked.
sg_tcp_ingress_flag = _sg_rule_exist(vm_nic, inventory.TCP, pf_rule)
allowedCidr = pf_rule.allowedCidr
allowed_vr_ip = allowedCidr.split('/')[0]
allowed_vr_vm = test_lib.lib_get_vm_by_ip(allowed_vr_ip)
vr_nic = test_lib.lib_get_nic_by_ip(allowed_vr_ip)
l3_uuid = vr_nic.l3NetworkUuid
allowed_vr_uuid_list = [allowed_vr_vm.uuid]
#target_vm's VRs should be excluded, otherwise the ip package will be routed to this VR directly.
pf_vm_vrs = test_lib.lib_find_vr_by_vm(target_vm)
for pf_vr in pf_vm_vrs:
allowed_vr_uuid_list.append(pf_vr.uuid)
denied_vr_vm = _find_denied_vr(target_vm.clusterUuid, l3_uuid, allowed_vr_uuid_list)
denied_vr_ip = test_lib.lib_find_vr_pub_ip(denied_vr_vm)
vip_uuid = pf_rule.vipUuid
cond = res_ops.gen_query_conditions('uuid', '=', vip_uuid)
vipIp = res_ops.query_resource(res_ops.VIP, cond)[0].ip
if sg_tcp_ingress_flag:
test_util.test_logger('SG TCP Ingress rule existence. PF TCP ingress rule will be blocked for [vm:] %s' % target_vm.uuid)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm, allowed_vr_ip, vipIp, [], all_ports, target_vm)
except:
test_util.test_logger("Catch failure when checking Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s, when SG rule exists. " % (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
allowed_ports = port_header.get_ports(rule_port)
denied_ports = list_ops.list_minus(all_ports, allowed_ports)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm, allowed_vr_ip, vipIp, allowed_ports, denied_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger("Catch failure when checking Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s " % (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
test_util.test_logger("Checking pass for Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s " % (pf_rule.uuid, target_vm.uuid))
try:
test_lib.lib_check_ports_in_a_command(denied_vr_vm, denied_vr_ip, vipIp, [], all_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger("Catch failure when checking Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s" % (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
test_util.test_logger("Checking pass for Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s . All ports should be blocked. " % (pf_rule.uuid, target_vm.uuid))
test_util.test_logger('Check result: [Port Forwarding] finishes TCP testing for [vm:] %s [nic:] %s' % (target_vm.uuid, vm_nic.uuid))
return self.judge(test_result)
def test():
global mevoco1_ip
global mevoco2_ip
global ipsec1
global ipsec2
mevoco1_ip = os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP']
mevoco2_ip = os.environ['secondZStackMnIp']
test_util.test_dsc('Create test vm in mevoco1')
vm1 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict1.add_vm(vm1)
vm1.check()
vm_nic1 = vm1.get_vm().vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm3 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict1.add_vm(vm3)
vm3.check()
vm_nic3 = vm3.get_vm().vmNics[0]
vm_nic3_uuid = vm_nic3.uuid
pri_l3_uuid1 = vm1.vm.vmNics[0].l3NetworkUuid
vr1 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid1)[0]
l3_uuid1 = test_lib.lib_find_vr_pub_nic(vr1).l3NetworkUuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vip1 = test_stub.get_snat_ip_as_vip(vr1_pub_ip)
vip_uuid = vip1.get_vip().uuid
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid1)
first_zstack_cidrs = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
test_util.test_dsc('Create test vm in mevoco2')
vm2 = test_stub.create_vlan_vm(os.environ.get('l3VlanDNATNetworkName'))
test_obj_dict2.add_vm(vm2)
vm2.check()
pri_l3_uuid2 = vm2.vm.vmNics[0].l3NetworkUuid
vr2 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid2)[0]
l3_uuid2 = test_lib.lib_find_vr_pub_nic(vr2).l3NetworkUuid
vip2 = test_stub.create_vip('ipsec2_vip', l3_uuid2)
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid2)
second_zstack_cidrs = res_ops.query_resource(res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
test_util.test_dsc('Create PF in mevoco1')
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr = test_stub.create_vr_vm(test_obj_dict1, l3_name)
l3_name = os.environ.get('l3VlanNetworkName4')
vr = test_stub.create_vr_vm(test_obj_dict1, l3_name)
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip1.attach_pf(test_pf1)
vip1.check()
test_pf1.attach(vm_nic1_uuid, vm1)
vip1.check()
test_util.test_dsc('Create LB in mevoco1')
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip1.get_vip().uuid)
test_obj_dict1.add_load_balancer(lb)
vip1.attach_lb(lb)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 222, lbi_port = 22)
lbl = lb.create_listener(lb_creation_option)
lbl.add_nics([vm_nic1_uuid, vm_nic3_uuid])
lb.check()
vip1.check()
test_util.test_dsc('Create ipsec in mevoco1')
ipsec1 = ipsec_ops.create_ipsec_connection('ipsec1', pri_l3_uuid1, vip2.get_vip().ip, '123456', vip1.get_vip().uuid, [second_zstack_cidrs])
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "IPsec" in vip1_db.useFor
assert vip1_db.useFor.count("IPsec") == 1
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
test_util.test_dsc('Create ipsec in mevoco2')
ipsec2 = ipsec_ops.create_ipsec_connection('ipsec2', pri_l3_uuid2, vip1.get_vip().ip, '123456', vip2.get_vip().uuid, [first_zstack_cidrs])
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
if not test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip):
test_util.test_fail('vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' % (mevoco1_ip, mevoco2_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
if not test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip):
test_util.test_fail('vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' % (mevoco2_ip, mevoco1_ip))
# delete ipsec
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
ipsec_ops.delete_ipsec_connection(ipsec1.uuid)
if test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail('vm in mevoco1[MN:%s] could still connect to vm in mevoco2[MN:%s] after Ipsec is deleted' % (mevoco1_ip, mevoco2_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
if test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail('vm in mevoco2[MN:%s] could still connect to vm in mevoco1[MN:%s] after Ipsec is deleted' % (mevoco2_ip, mevoco1_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "IPsec" not in vip1_db.useFor
# delete PF
test_pf1.delete()
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "PortForwarding" not in vip1_db.useFor
# delete LB
lb.delete()
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "LoadBalancer" not in vip1_db.useFor
test_lib.lib_error_cleanup(test_obj_dict1)
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
ipsec_ops.delete_ipsec_connection(ipsec2.uuid)
vip2.delete()
test_lib.lib_error_cleanup(test_obj_dict2)
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
test_util.test_pass('Create multiple service with 1 snat IP Success')
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip1_uuid, vm_nic_uuid=vm_nic1_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(vm)
vip1.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip2_uuid, vm_nic_uuid=vm_nic2_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create(vm)
vip2.attach_pf(test_pf2)
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
vm.destroy()
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass('Create 1 VM with 2 l3_network with 2 VIP PF testing successfully.')
def test():
'''
Since VR ip address is assigned by zstack, so we need to use VR to test
PF rules' connectibility.
PF test needs at least 3 VR existence. The PF VM's VR is for set PF
rule. The PF rule will add VIP for PF_VM. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. So the 2nd VR
VM should not be able to access PF_VM.
In this test, will also add SG rules to check the coexistence between
PF and SG. SG rule will be added onto PF_VM's internal IP.
'''
pf_vm = test_stub.create_vr_vm('migrate_pf_sg_vm1', 'imageName_net', 'l3VlanNetwork2')
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vr_vm('migrate_temp_vm1', 'imageName_net', 'l3VlanNetworkName1')
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3VlanNetwork3')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_vr_vm('migrate_temp_vm2', 'imageName_net', 'l3VlanNetwork3')
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip_option = test_util.VipOption()
vip_option.set_l3_uuid(l3_uuid)
vip_uuid = net_ops.create_vip(vip_option).uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid, vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
pf_vm.check()
#Ignore this check, since it has been checked many times in other PF cases.
#test_pf.check()
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg_vm = zstack_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
vm_nics = (vm_nic_uuid, pf_vm)
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, vr1_pub_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.INGRESS, vr2_pub_ip)
sg1.add_rule([rule1])
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc("PF rule is allowed, since VR1's IP is granted by SG Rule1.")
sg_vm.attach(sg1, [vm_nics])
test_pf.check()
test_stub.migrate_vm_to_random_host(pf_vm)
test_util.test_dsc("Remove rule1 from security group 1.")
test_util.test_dsc("PF rule is still allowed")
sg1.delete_rule([rule1])
test_pf.check()
test_util.test_dsc("Add rule2")
test_util.test_dsc("PF rule is not allowed, since rule2 only allowed the ingress from VR2, but VR2 can't pass PF rule. ")
sg1.add_rule([rule2])
test_pf.check()
test_util.test_dsc("Delete SG")
sg_vm.delete_sg(sg1)
test_util.test_dsc("PF rule is allowed")
test_pf.check()
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
test_pf.delete()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
net_ops.delete_vip(vip_uuid)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
test_util.test_dsc("create vpc vrouter and attach vpc l3 to vpc")
for vpc_name in vpc_name_list:
vr_list.append(test_stub.create_vpc_vrouter(vpc_name))
for vr, l3_list in izip(vr_list, vpc_l3_list):
test_stub.attach_l3_to_vpc_vr(vr, l3_list)
test_util.test_dsc("create two vm, vm1 in l3 {}, vm2 in l3 {}".format(flavor['vm1l3'], flavor['vm2l3']))
vm1 = test_stub.create_vm_with_random_offering(vm_name='vpc_vm_{}'.format(flavor['vm1l3']), l3_name=flavor['vm1l3'])
test_obj_dict.add_vm(vm1)
vm1.check()
vm2 = test_stub.create_vm_with_random_offering(vm_name='vpc_vm_{}'.format(flavor['vm2l3']), l3_name=flavor['vm2l3'])
test_obj_dict.add_vm(vm2)
vm2.check()
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr_list[0].inv)
test_util.test_dsc("Create vip")
vip = test_stub.create_vip('vip1', vr_pub_nic.l3NetworkUuid)
test_obj_dict.add_vip(vip)
test_util.test_dsc("create testing vr vm")
temp_vm = test_stub.create_vm_with_random_offering(vm_name='test', l3_name='l3NoVlanNetworkName2')
test_obj_dict.add_vm(vm2)
vr_pub_ip = test_lib.lib_find_vr_pub_ip(test_lib.lib_find_vr_by_vm(temp_vm.get_vm())[0])
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip.get_vip().uuid)
test.pf1 = zstack_pf_header.ZstackTestPortForwarding()
test.pf1.set_creation_option(pf_creation_opt1)
test.pf1.create()
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule3_ports, private_target_rule=Port.rule3_ports, vip_uuid=vip.get_vip().uuid)
test.pf2 = zstack_pf_header.ZstackTestPortForwarding()
test.pf2.set_creation_option(pf_creation_opt2)
test.pf2.create()
for pf in (test.pf1, test.pf2):
vip.attach_pf(pf)
vip.check()
for vm, pf in izip((vm1, vm2), (test.pf1, test.pf2)):
pf.attach(vm.get_vm().vmNics[0].uuid, vm)
vm.check()
vip.check()
for vm in (vm1,vm2):
vm.stop()
vm.start()
vm.check()
for vm, pf in izip((vm1, vm2), (test.pf1, test.pf2)):
pf.detach()
vm.check()
vip.check()
for pf in (test.pf1, test.pf2):
pf.delete()
test_lib.lib_error_cleanup(test_obj_dict)
test_stub.remove_all_vpc_vrouter()
def test():
test_util.test_dsc('Create vrouter vm and check multi nics')
vm1 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm1)
vm1_ip = vm1.get_vm().vmNics[0].ip
vm1_nic_uuid = vm1.get_vm().vmNics[0].uuid
vr1 = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vr1_uuid = vr1.uuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr1_private_ip = test_lib.lib_find_vr_private_ip(vr1)
l3network1_uuid = vm1.get_vm().vmNics[0].l3NetworkUuid
cond = res_ops.gen_query_conditions('uuid', '=', l3network1_uuid)
l3network1_cidr = res_ops.query_resource(res_ops.L3_NETWORK,
cond)[0].ipRanges[0].networkCidr
cond = res_ops.gen_query_conditions('uuid', '=', vr1_uuid)
vr_offering_mn_network_uuid = res_ops.query_resource(
res_ops.APPLIANCE_VM, cond)[0].managementNetworkUuid
vr1_pub_uuid = res_ops.query_resource(res_ops.APPLIANCE_VM,
cond)[0].managementNetworkUuid
vr_offering_image_uuid = res_ops.query_resource(res_ops.APPLIANCE_VM,
cond)[0].imageUuid
vr_offering_zone_uuid = res_ops.query_resource(res_ops.APPLIANCE_VM,
cond)[0].zoneUuid
vr1_nics = res_ops.query_resource(res_ops.APPLIANCE_VM, cond)[0].vmNics
cond = res_ops.gen_query_conditions('name', '=',
os.environ.get('l3PublicNetworkName'))
public_l3network_uuid = res_ops.query_resource(res_ops.L3_NETWORK,
cond)[0].uuid
cond = res_ops.gen_query_conditions('name', '=',
os.environ.get('l3NoVlanNetworkName1'))
second_public_l3network_uuid = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].uuid
second_public_l3network_cidr = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
#Attach second public network to vrouter
second_public_l3network_attached = False
for vm_nic in vr1_nics:
if vm_nic.l3NetworkUuid == second_public_l3network_uuid:
second_public_l3network_attached = True
if not second_public_l3network_attached:
net_ops.attach_l3(second_public_l3network_uuid, vr1_uuid)
#Get vr1 nic_uuid on second public network
cond = res_ops.gen_query_conditions('uuid', '=', vr1_uuid)
vr1_nics = res_ops.query_resource(res_ops.APPLIANCE_VM, cond)[0].vmNics
vr1_second_pub_nic_uuid = ''
for vm_nic in vr1_nics:
if vm_nic.l3NetworkUuid == second_public_l3network_uuid:
vr1_second_pub_nic_uuid = vm_nic.uuid
#Create new vrouter offering
vr_offering_name = "virtual_router_offering1"
vr_offering_cpu_num = 2
vr_offering_mem_size = 536870912 #512MB
vr_offering = net_ops.create_virtual_router_offering(
vr_offering_name, vr_offering_cpu_num, vr_offering_mem_size,
vr_offering_image_uuid, vr_offering_zone_uuid,
vr_offering_mn_network_uuid, second_public_l3network_uuid)
vr_offering_uuid = vr_offering.uuid
cond = res_ops.gen_query_conditions('name', '=',
os.environ.get('l3VlanNetworkName4'))
user_defined_l3network_uuid = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].uuid
#Attach Virtual Router Offering
tag = tag_ops.create_system_tag(
'InstanceOfferingVO', vr_offering_uuid,
'guestL3Network::%s' % user_defined_l3network_uuid)
#Create vms for each public network eip attach
vm2 = test_stub.create_vlan_vm(os.environ.get('l3VlanDNATNetworkName'))
vm2_ip = vm2.get_vm().vmNics[0].ip
vm2_nic_uuid = vm2.get_vm().vmNics[0].uuid
l3network2_uuid = vm2.get_vm().vmNics[0].l3NetworkUuid
vm3 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName4'))
vm3_ip = vm3.get_vm().vmNics[0].ip
vm3_nic_uuid = vm3.get_vm().vmNics[0].uuid
l3network3_uuid = vm3.get_vm().vmNics[0].l3NetworkUuid
#Create eip for each vms, vm1 has 2 eip on each public network
vip11 = test_stub.create_vip('vm1_vip1', public_l3network_uuid)
vip11_uuid = vip11.get_vip().uuid
eip11 = test_stub.create_eip('vm1_eip1', vip11_uuid, vm_obj=vm1)
vip11.attach_eip(eip11)
eip11_pub_ip = eip11.get_eip().vipIp
vip11.check()
eip11.attach(vm1_nic_uuid, vm1)
vip12 = test_stub.create_vip('vm1_vip2', second_public_l3network_uuid)
vip12_uuid = vip12.get_vip().uuid
eip12 = test_stub.create_eip('vm1_eip2', vip12_uuid, vm_obj=vm1)
vip12.attach_eip(eip12)
eip12_pub_ip = eip12.get_eip().vipIp
vip12.check()
eip12.attach(vm1_nic_uuid, vm1)
vip2 = test_stub.create_vip('vm2_vip', public_l3network_uuid)
vip2_uuid = vip2.get_vip().uuid
eip2 = test_stub.create_eip('vm2_eip', vip2_uuid, vm_obj=vm2)
vip2.attach_eip(eip2)
eip2_pub_ip = eip2.get_eip().vipIp
vip2.check()
eip2.attach(vm2_nic_uuid, vm2)
vip3 = test_stub.create_vip('vm3_vip', second_public_l3network_uuid)
vip3_uuid = vip3.get_vip().uuid
eip3 = test_stub.create_eip('vm3_eip', vip3_uuid, vm_obj=vm3)
vip3.attach_eip(eip3)
eip3_pub_ip = eip3.get_eip().vipIp
vip3.check()
eip3.attach(vm3_nic_uuid, vm3)
#Check if the network is able to ping with eip
user_name = "root"
user_password = "******"
rsp_ping = os.system("sshpass -p '%s' ssh %s@%s 'ping -c 4 %s'" %
(user_password, user_name, vm1_ip, eip2_pub_ip))
if rsp_ping != 0:
if vr1_second_pub_nic_uuid != '':
net_ops.detach_l3(vr1_second_pub_nic_uuid)
test_util.test_fail(
'Exception: [vm ip:] %s ping [Eip:] %s fail. But it should ping successfully.'
% (vm1_ip, eip2_pub_ip))
rsp_ping = os.system("sshpass -p '%s' ssh %s@%s 'ping -c 4 %s'" %
(user_password, user_name, vm1_ip, eip3_pub_ip))
if rsp_ping != 0:
if vr1_second_pub_nic_uuid != '':
net_ops.detach_l3(vr1_second_pub_nic_uuid)
test_util.test_fail(
'Exception: [vm ip:] %s ping [Eip:] %s fail. But it should ping successfully.'
% (vm1_ip, eip3_pub_ip))
rsp_ping = os.system("sshpass -p '%s' ssh %s@%s 'ping -c 4 %s'" %
(user_password, user_name, vm2_ip, eip11_pub_ip))
if rsp_ping != 0:
if vr1_second_pub_nic_uuid != '':
net_ops.detach_l3(vr1_second_pub_nic_uuid)
test_util.test_fail(
'Exception: [vm ip:] %s ping [Eip:] %s fail. But it should ping successfully.'
% (vm2_ip, eip11_pub_ip))
rsp_ping = os.system("sshpass -p '%s' ssh %s@%s 'ping -c 4 %s'" %
(user_password, user_name, vm3_ip, eip12_pub_ip))
if rsp_ping != 0:
if vr1_second_pub_nic_uuid != '':
net_ops.detach_l3(vr1_second_pub_nic_uuid)
test_util.test_fail(
'Exception: [vm ip:] %s ping [Eip:] %s fail. But it should ping successfully.'
% (vm3_ip, eip12_pub_ip))
#Delete vips and vr offering
vip11.delete()
vip12.delete()
vip2.delete()
vip3.delete()
vm_ops.delete_instance_offering(vr_offering_uuid)
#Dettach the route table to vrouter and second public nework
if vr1_second_pub_nic_uuid != '':
net_ops.detach_l3(vr1_second_pub_nic_uuid)
vm1.destroy()
vm2.destroy()
vm3.destroy()
net_ops.destroy_vrouter(vr1_uuid)
test_util.test_pass('Check Multi Nics Success')
def test():
'''
Since VR ip address is assigned by zstack, so we need to use VR to test
PF rules' connectibility.
PF test needs at least 3 VR existence. The PF VM's VR is for set PF
rule. The PF rule will add VIP for PF_VM. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. So the 2nd VR
VM should not be able to access PF_VM.
In this test, will also add SG rules to check the coexistence between
PF and SG. SG rule will be added onto PF_VM's internal IP.
'''
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'false')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'false')
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_sg_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
#Ignore this check, since it has been checked many times in other PF cases.
#test_pf.check()
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg_vm = zstack_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
vm_nics = (vm_nic_uuid, pf_vm)
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP,
inventory.INGRESS, vr1_pub_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.INGRESS, vr2_pub_ip)
sg1.add_rule([rule1])
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc(
"PF rule is allowed, since VR1's IP is granted by SG Rule1.")
sg_vm.attach(sg1, [vm_nics])
vip.check()
test_util.test_dsc("Remove rule1 from security group 1.")
test_util.test_dsc("PF rule is still allowed")
sg1.delete_rule([rule1])
vip.check()
test_util.test_dsc("Add rule2")
test_util.test_dsc(
"PF rule is not allowed, since rule2 only allowed the ingress from VR2, but VR2 can't pass PF rule. "
)
sg1.add_rule([rule2])
vip.check()
test_util.test_dsc("Delete SG")
sg_vm.delete_sg(sg1)
test_util.test_dsc("PF rule is allowed")
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.check()
test_pf.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def check(self):
super(pf_checker, self).check()
test_result = True
try:
test_vip = test_lib.lib_get_vip_by_uuid(self.test_obj.get_vip().uuid)
except:
test_util.test_logger('Check Result: [vip:] %s is not exist' % self.test_obj.get_vip().uuid)
self.test_obj.update()
return self.judge(False)
if not self.test_obj.get_pf_list():
test_util.test_logger('Check Result: [vip:] %s is not attached to any pf.' % self.test_obj.get_vip().uuid)
self.test_obj.update()
return self.judge(False)
vip = self.test_obj.get_vip()
vipIp = vip.ip
all_ports = port_header.all_ports
pf_running_list = self.test_obj.get_pf_list_for_running_vm()
pf_tcp_list, pf_udp_list = self.separate_tcp_udp_list(pf_running_list)
pf_tcp_dict = self.gen_tcp_dict_by_allowed_cidr(pf_tcp_list)
pf_stopped_list = self.test_obj.get_pf_list_for_stopped_vm()
pf_detached_list = self.test_obj.get_detached_pf_list()
vip_l3 = self.test_obj.get_vip().l3NetworkUuid
if not pf_running_list:
# all ports should be denied, since no living vm.
for pf in pf_stopped_list:
test_result = self.check_denied_pf(pf)
if test_result != self.exp_result:
return self.judge(test_result)
for pf in pf_detached_list:
test_result = self.check_denied_pf(pf)
if test_result != self.exp_result:
return self.judge(test_result)
else:
#open TCP ports for living vms
for pf in pf_tcp_list:
target_vm = pf.get_target_vm().vm
vm_l3 = test_lib.lib_get_nic_by_uuid(pf.get_port_forwarding().vmNicUuid).l3NetworkUuid
test_lib.lib_open_vm_listen_ports(target_vm, all_ports, vm_l3)
#calc allowed ports, per allowed_cidr
for allowed_vr_ip, pf_dict_list in pf_tcp_dict.iteritems():
allowed_ports = []
denied_ports = all_ports
#find all pf rules on running vm. These rules are supposed to be connectable, unless they are blocked by target vm's sg.
allowed_ports, denied_ports = \
self.count_pf_allowed_denied_ports(
pf_dict_list,
allowed_ports,
denied_ports)
#although the target_vm might be different, but the denied_vr_vm should be same.
target_vm_nic_uuid = pf_dict_list[0].get_port_forwarding().vmNicUuid
allowed_vr_vm, denied_vr_vm = \
self.get_allowed_denied_vr_vm(allowed_vr_ip, target_vm_nic_uuid)
denied_vr_ip = test_lib.lib_find_vr_pub_ip(denied_vr_vm)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm, allowed_vr_ip, vipIp, allowed_ports, denied_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger("Catch failure when checking [vip:] %s Port Forwarding TCP [rules] for allowed Cidr: %s from [vm:] %s . " % \
(vip.uuid, allowed_vr_ip, allowed_vr_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
if test_result != self.exp_result:
return self.judge(test_result)
test_util.test_logger("Checking pass for [vip:] %s Port Forwardings TCP rules for allowed Cidr: %s from [vm:] %s " % \
(vip.uuid, allowed_vr_ip, allowed_vr_vm.uuid))
#check denied vr access.
allowed_ports = []
denied_ports = all_ports
#the denied vr might be in other pf rule.
if denied_vr_ip in pf_tcp_dict.keys():
allowed_ports, denied_ports = \
self.count_pf_allowed_denied_ports(
pf_tcp_dict[denied_vr_ip],
allowed_ports,
denied_ports)
try:
test_lib.lib_check_ports_in_a_command(denied_vr_vm, denied_vr_ip, vipIp, allowed_ports, denied_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger("Catch failure when checking [vip:] %s Port Forwarding TCPs for not allowed Cidr from [vm:] %s" % (vip.uuid, allowed_vr_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
test_util.test_logger("Checking pass for Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s . All ports should be blocked. " % (vip.uuid, allowed_vr_vm.uuid))
if test_result != self.exp_result:
return self.judge(test_result)
#check pf_udp rule existance.
for pf in pf_udp_list:
test_result = test_lib.lib_check_vm_pf_rule_exist_in_iptables(pf.get_port_forwarding())
test_util.test_logger('Check result: [Port Forwarding] %s finishes UDP rule existance testing' % pf.get_port_forwarding().uuid)
return self.judge(test_result)
test_util.test_logger('Check result: [Port Forwarding] finishes [vip:] %s TCP testing.' % vip.uuid)
return self.judge(test_result)
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
#we do not need temp_vm1, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
# if vr.applianceVmType == "vrouter":
# test_util.test_skip("vrouter VR does not support single VM multiple EIP")
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
eip1 = test_stub.create_eip('2l3 eip test1', vip_uuid=vip1.get_vip().uuid)
vip1.attach_eip(eip1)
vip1.check()
eip1.attach(vm_nic1_uuid, vm)
cmd = 'ip route | grep %s | grep eth0' % (
os.environ.get('vlanIpRangeGateway1'))
if vr1.applianceVmType == "vrouter":
if not test_lib.lib_execute_command_in_vm(vm.get_vm(), cmd):
default_eth = 1
non_default_eth = 0
else:
default_eth = 0
non_default_eth = 1
update_default_gw(vm.get_vm(), os.environ.get('vlanIpRangeGateway2'),
non_default_eth)
vip1.check()
eip2 = test_stub.create_eip('2l3 eip test2', vip_uuid=vip2.get_vip().uuid)
vip2.attach_eip(eip2)
vip2.check()
eip2.attach(vm_nic2_uuid, vm)
if vr1.applianceVmType == "vrouter":
update_default_gw(vm.get_vm(), os.environ.get('vlanIpRangeGateway1'),
default_eth)
vip2.check()
vm.stop()
vm.start()
vm.check()
if vr1.applianceVmType == "vrouter":
update_default_gw(vm.get_vm(), os.environ.get('vlanIpRangeGateway2'),
non_default_eth)
vip1.check()
if vr1.applianceVmType == "vrouter":
update_default_gw(vm.get_vm(), os.environ.get('vlanIpRangeGateway1'),
default_eth)
vip2.check()
eip1.detach()
eip2.detach()
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
vm.destroy()
test_obj_dict.rm_vm(vm)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass(
'Create 1 VM with 2 l3_network with 2 VIP PF testing successfully.')
def check(self):
'''
check will assume target vm only have 1 port forwarding VR.
So all vms PF rules are assigned to 1 VM nic.
'''
super(zstack_kvm_pf_tcp_checker, self).check()
test_result = True
target_vm = self.test_obj.get_target_vm().vm
pf_rule = self.test_obj.get_port_forwarding()
vm_nic = test_lib.lib_get_nic_by_uuid(pf_rule.vmNicUuid)
all_ports = port_header.all_ports
#only open ports when VM is running.
if self.test_obj.get_target_vm().state == vm_header.RUNNING:
test_lib.lib_open_vm_listen_ports(target_vm, all_ports,
vm_nic.l3NetworkUuid)
#consolidate rules for TCP/UDP/ICMP with different AllowedCidr
rule_port = port_header.get_port_rule(pf_rule.vipPortStart,
pf_rule.vipPortEnd)
#check SG ingress limitation. Since SG rule will not consider vip as
#allowedCidr, if there is ingress limitation, the ingress PF connection
#will be blocked.
sg_tcp_ingress_flag = _sg_rule_exist(vm_nic, inventory.TCP, pf_rule)
allowedCidr = pf_rule.allowedCidr
allowed_vr_ip = allowedCidr.split('/')[0]
allowed_vr_vm = test_lib.lib_get_vm_by_ip(allowed_vr_ip)
vr_nic = test_lib.lib_get_nic_by_ip(allowed_vr_ip)
l3_uuid = vr_nic.l3NetworkUuid
allowed_vr_uuid_list = [allowed_vr_vm.uuid]
#target_vm's VRs should be excluded, otherwise the ip package will be routed to this VR directly.
pf_vm_vrs = test_lib.lib_find_vr_by_vm(target_vm)
for pf_vr in pf_vm_vrs:
allowed_vr_uuid_list.append(pf_vr.uuid)
denied_vr_vm = _find_denied_vr(target_vm.clusterUuid, l3_uuid,
allowed_vr_uuid_list)
denied_vr_ip = test_lib.lib_find_vr_pub_ip(denied_vr_vm)
vip_uuid = pf_rule.vipUuid
cond = res_ops.gen_query_conditions('uuid', '=', vip_uuid)
vipIp = res_ops.query_resource(res_ops.VIP, cond)[0].ip
if sg_tcp_ingress_flag:
test_util.test_logger(
'SG TCP Ingress rule existence. PF TCP ingress rule will be blocked for [vm:] %s'
% target_vm.uuid)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm,
allowed_vr_ip, vipIp, [],
all_ports, target_vm)
except:
test_util.test_logger(
"Catch failure when checking Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s, when SG rule exists. "
% (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
allowed_ports = port_header.get_ports(rule_port)
denied_ports = list_ops.list_minus(all_ports, allowed_ports)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm,
allowed_vr_ip, vipIp,
allowed_ports,
denied_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger(
"Catch failure when checking Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s "
% (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
test_util.test_logger(
"Checking pass for Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s "
% (pf_rule.uuid, target_vm.uuid))
try:
test_lib.lib_check_ports_in_a_command(denied_vr_vm,
denied_vr_ip, vipIp, [],
all_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger(
"Catch failure when checking Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s"
% (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
test_util.test_logger(
"Checking pass for Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s . All ports should be blocked. "
% (pf_rule.uuid, target_vm.uuid))
test_util.test_logger(
'Check result: [Port Forwarding] finishes TCP testing for [vm:] %s [nic:] %s'
% (target_vm.uuid, vm_nic.uuid))
return self.judge(test_result)
def test():
'''
Since VR ip address is assigned by zstack, so we need to use VR to test
PF rules' connectibility.
PF test needs at least 3 VR existence. The PF VM's VR is for set PF
rule. The PF rule will add VIP for PF_VM. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. So the 2nd VR
VM should not be able to access PF_VM.
In this test, will also add SG rules to check the coexistence between
PF and SG. SG rule will be added onto PF_VM's internal IP.
'''
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'false')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'false')
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_sg_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid, vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
#Ignore this check, since it has been checked many times in other PF cases.
#test_pf.check()
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg_vm = zstack_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
vm_nics = (vm_nic_uuid, pf_vm)
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, vr1_pub_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.INGRESS, vr2_pub_ip)
sg1.add_rule([rule1])
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc("PF rule is allowed, since VR1's IP is granted by SG Rule1.")
sg_vm.attach(sg1, [vm_nics])
vip.check()
test_util.test_dsc("Remove rule1 from security group 1.")
test_util.test_dsc("PF rule is still allowed")
sg1.delete_rule([rule1])
vip.check()
test_util.test_dsc("Add rule2")
test_util.test_dsc("PF rule is not allowed, since rule2 only allowed the ingress from VR2, but VR2 can't pass PF rule. ")
sg1.add_rule([rule2])
vip.check()
test_util.test_dsc("Delete SG")
sg_vm.delete_sg(sg1)
test_util.test_dsc("PF rule is allowed")
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.check()
test_pf.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
try:
conf_ops.change_global_config('virtualRouter', 'ssh.passwordAuth', 'true')
except:
test_util.test_logger('No global config ssh.passwordAuth')
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
pf_vm2 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm2)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm1.check()
pf_vm2.check()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
vm_nic2 = pf_vm2.vm.vmNics[0]
vm_nic_uuid2 = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr2_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
pf_vm1.check()
vip.check()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf2.attach(vm_nic_uuid2, pf_vm2)
vip.check()
pf_vm1.stop()
vip.check()
test_pf1.detach()
test_pf1.attach(vm_nic_uuid2, pf_vm2)
pf_vm1.start()
pf_vm1.check()
vip.check()
pf_vm1.stop()
test_pf1.detach()
test_pf2.detach()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf2.attach(vm_nic_uuid1, pf_vm1)
pf_vm1.start()
pf_vm1.check()
vip.check()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
pf_vm2.destroy()
test_obj_dict.rm_vm(pf_vm2)
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def test():
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
test_util.test_dsc('vr auto reconnection check test')
l3_1_name = os.environ.get('l3VlanNetworkName1')
l3_1 = test_lib.lib_get_l3_by_name(l3_1_name)
if not l3_1:
test_util.test_skip('No network for vr auto reconnect test')
#create VRs.
vrs = test_lib.lib_find_vr_by_l3_uuid(l3_1.uuid)
if not vrs:
image_name = os.environ.get('imageName_net')
vm = test_stub.create_vr_vm('vm_for_vr', image_name, l3_1_name)
vm.destroy()
vr1 = test_lib.lib_find_vr_by_l3_uuid(l3_1.uuid)[0]
else:
vr1 = vrs[0]
resource_type = res_ops.VIRTUALROUTER_VM
if flavor['virtualrouter']:
if vr1.applianceVmType != "VirtualRouter":
test_util.test_skip('No network for vr auto reconnect test')
if flavor['vrouter']:
if vr1.applianceVmType != "vrouter":
test_util.test_skip('No network for vr auto reconnect test')
test_lib.lib_install_testagent_to_vr_with_vr_vm(vr1)
test_util.test_logger("kill vr agent on vr %s" % (vr1.uuid))
if flavor['virtualrouter']:
if flavor['kill']:
cmd = "pkill -9 -f 'from virtualrouter import virtualrouterdaemon'"
else:
cmd = "service zstack-virtualrouter stop"
elif flavor['vrouter']:
if flavor['kill']:
cmd = "pkill -9 -f '/opt/vyatta/sbin/zvr -i'"
# else:
# cmd = "service zstack-imagestorebackupstorage stop"
vr_ip = test_lib.lib_find_vr_pub_ip(vr1)
if test_lib.lib_execute_sh_cmd_by_agent(vr_ip, cmd) == False:
test_util.test_fail("CMD:%s execute failed on %s" %(cmd, vr_ip))
test_util.test_logger("vr %s is expected to disconnect and start reconnect automatically" % (vr1.uuid))
conditions = res_ops.gen_query_conditions('uuid', '=', vr1.uuid)
count = 0
while count < 24:
vr = res_ops.query_resource(resource_type, conditions)[0]
if vr.status == "Connecting":
break
time.sleep(5)
count += 1
if vr.status != "Connecting":
test_util.test_fail("vr %s is not disconnect and start reconnect automatically in 120 seconds" % (vr1.uuid))
test_util.test_logger("vr %s is expected to reconnect success automatically" % (vr1.uuid))
count = 0
while count < 24:
vr = res_ops.query_resource(resource_type, conditions)[0]
if vr.status == "Connected":
break
time.sleep(5)
count += 1
if vr.status != "Connected":
test_util.test_fail("vr %s not reconnect success automatically in 120 seconds" % (vr.uuid))
test_util.test_pass("Auto reconnect backup storage pass")
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
if vr1.applianceVmType == "vrouter":
test_util.test_skip(
"vrouter VR does not support single VM multiple VIP")
#we do not need temp_vm1, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
if vr.applianceVmType == "vrouter":
test_util.test_skip(
"vrouter VR does not support single VM multiple VIP")
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
eip1 = test_stub.create_eip('2l3 eip test1', vip_uuid=vip1.get_vip().uuid)
vip1.attach_eip(eip1)
vip1.check()
eip1.attach(vm_nic1_uuid, vm)
vip1.check()
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule3_ports,
private_target_rule=Port.rule3_ports,
vip_uuid=vip2_uuid,
vm_nic_uuid=vm_nic2_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(vm)
vip2.attach_pf(test_pf1)
vip2.check()
vm.stop()
vm.start()
vm.check()
vip1.check()
vip2.check()
vm.destroy()
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass(
'Create 1 VM with 2 l3_network with 1 eip and 1 PF testing successfully.'
)
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip1_uuid,
vm_nic_uuid=vm_nic1_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(vm)
vip1.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule5_ports,
private_target_rule=Port.rule5_ports,
vip_uuid=vip2_uuid,
vm_nic_uuid=vm_nic2_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create(vm)
vip2.attach_pf(test_pf2)
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
vm.destroy()
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass(
'Create 1 VM with 2 l3_network with 2 VIP PF testing successfully.')
def test():
global mevoco1_ip
global mevoco2_ip
global ipsec1
global ipsec2
mevoco1_ip = os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP']
mevoco2_ip = os.environ['secondZStackMnIp']
test_util.test_dsc('Create test vm in mevoco1')
vm1 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict1.add_vm(vm1)
vm1.check()
vm_nic1 = vm1.get_vm().vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm3 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict1.add_vm(vm3)
vm3.check()
vm_nic3 = vm3.get_vm().vmNics[0]
vm_nic3_uuid = vm_nic3.uuid
pri_l3_uuid1 = vm1.vm.vmNics[0].l3NetworkUuid
vr1 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid1)[0]
l3_uuid1 = test_lib.lib_find_vr_pub_nic(vr1).l3NetworkUuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vip1 = test_stub.create_vip('vip for multi-services', l3_uuid1)
vip_uuid = vip1.get_vip().uuid
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid1)
first_zstack_cidrs = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
test_util.test_dsc('Create test vm in mevoco2')
vm2 = test_stub.create_vlan_vm(os.environ.get('l3VlanDNATNetworkName'))
test_obj_dict2.add_vm(vm2)
vm2.check()
pri_l3_uuid2 = vm2.vm.vmNics[0].l3NetworkUuid
vr2 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid2)[0]
l3_uuid2 = test_lib.lib_find_vr_pub_nic(vr2).l3NetworkUuid
vip2 = test_stub.create_vip('ipsec2_vip', l3_uuid2)
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid2)
second_zstack_cidrs = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
test_util.test_dsc('Create PF in mevoco1')
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr = test_stub.create_vr_vm(test_obj_dict1, l3_name)
l3_name = os.environ.get('l3VlanNetworkName4')
vr = test_stub.create_vr_vm(test_obj_dict1, l3_name)
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip1.attach_pf(test_pf1)
vip1.check()
test_pf1.attach(vm_nic1_uuid, vm1)
vip1.check()
test_util.test_dsc('Create LB in mevoco1')
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip1.get_vip().uuid)
test_obj_dict1.add_load_balancer(lb)
vip1.attach_lb(lb)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port=222,
lbi_port=22)
lbl = lb.create_listener(lb_creation_option)
lbl.add_nics([vm_nic1_uuid, vm_nic3_uuid])
lb.check()
vip1.check()
test_util.test_dsc('Create ipsec in mevoco1')
ipsec1 = ipsec_ops.create_ipsec_connection('ipsec1', pri_l3_uuid1,
vip2.get_vip().ip, '123456',
vip1.get_vip().uuid,
[second_zstack_cidrs])
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "IPsec" in vip1_db.useFor
assert vip1_db.useFor.count("IPsec") == 1
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
test_util.test_dsc('Create ipsec in mevoco2')
ipsec2 = ipsec_ops.create_ipsec_connection('ipsec2', pri_l3_uuid2,
vip1.get_vip().ip, '123456',
vip2.get_vip().uuid,
[first_zstack_cidrs])
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
if not test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip):
test_util.test_fail(
'vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' %
(mevoco1_ip, mevoco2_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
if not test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip):
test_util.test_fail(
'vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' %
(mevoco2_ip, mevoco1_ip))
# delete ipsec
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
ipsec_ops.delete_ipsec_connection(ipsec1.uuid)
if test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail(
'vm in mevoco1[MN:%s] could still connect to vm in mevoco2[MN:%s] after Ipsec is deleted'
% (mevoco1_ip, mevoco2_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
if test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail(
'vm in mevoco2[MN:%s] could still connect to vm in mevoco1[MN:%s] after Ipsec is deleted'
% (mevoco2_ip, mevoco1_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "IPsec" not in vip1_db.useFor
# delete PF
test_pf1.delete()
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "PortForwarding" not in vip1_db.useFor
# delete LB
lb.delete()
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert vip1_db.useFor is None
test_lib.lib_error_cleanup(test_obj_dict1)
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
ipsec_ops.delete_ipsec_connection(ipsec2.uuid)
vip2.delete()
test_lib.lib_error_cleanup(test_obj_dict2)
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
vip1.delete()
test_util.test_pass('Create multiple service with 1 snat IP Success')
def test():
# global test_obj_dict
iam2_ops.clean_iam2_enviroment()
global project_uuid,virtual_id_uuid,project_admin_uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid
#create Security Group
sg = test_sg_header.ZstackTestSecurityGroup()
sg_creation_option = test_util.SecurityGroupOption()
sg_creation_option.set_name('test_sg')
sg_creation_option.session_uuid = project_admin_session_uuid
sg.set_creation_option(sg_creation_option)
sg.create()
test_obj_dict.add_sg(sg.get_security_group().uuid)
#create EIP
vm = test_stub.create_vm(session_uuid=project_admin_session_uuid)
test_obj_dict.add_vm(vm)
pri_l3_name = os.environ.get('l3VlanNetworkName3')
pri_l3_uuid = test_lib.lib_get_l3_by_name(pri_l3_name).uuid
pub_l3_name = os.environ.get('l3PublicNetworkName')
pub_l3_uuid = test_lib.lib_get_l3_by_name(pub_l3_name).uuid
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
vip_for_eip = test_stub.create_vip('create_eip_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_eip)
eip = test_stub.create_eip(vip_uuid=vip_for_eip.get_vip().uuid ,eip_name='create eip test', vnic_uuid=vm_nic_uuid, vm_obj=vm,session_uuid=project_admin_session_uuid)
vip_for_eip.attach_eip(eip)
# create LB
vip_for_lb = test_stub.create_vip('create_lb_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_lb)
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip_for_lb.get_vip().uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_load_balancer(lb)
vip_for_lb.attach_lb(lb)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 222, lbi_port = 22)
lb_creation_option.set_session_uuid(project_admin_session_uuid)
lbl = lb.create_listener(lb_creation_option)
# test PF
vip_for_pf = test_stub.create_vip('create_pf_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_pf)
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
pf_creation_opt = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_for_pf.get_vip().uuid)
pf_creation_opt.set_session_uuid(project_admin_session_uuid)
pf = test_pf_header.ZstackTestPortForwarding()
pf.set_creation_option(pf_creation_opt)
pf.create()
vip_for_pf.attach_pf(pf)
# delete project
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_stub.check_resource_not_exist(eip.get_eip().uuid,res_ops.EIP)
test_stub.check_resource_not_exist(sg.get_security_group().uuid,res_ops.SECURITY_GROUP)
test_stub.check_resource_not_exist(lb.get_load_balancer().uuid,res_ops.LOAD_BALANCER)
test_stub.check_resource_not_exist(lbl.get_load_balancer_listener().uuid,res_ops.LOAD_BALANCER_LISTENER)
test_stub.check_resource_not_exist(pf.get_port_forwarding().uuid,res_ops.PORT_FORWARDING)
test_lib.lib_robot_cleanup(test_obj_dict)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass("Test for iam2 delete project cascade net services success.")
def test():
test_util.test_dsc('Create test vm with lb.')
vm1 = test_stub.create_lb_vm()
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_lb_vm()
test_obj_dict.add_vm(vm2)
#l3_name = os.environ.get('l3VlanNetworkName1')
#vr1 = test_stub.get_vr_by_private_l3_name(l3_name)
#l3_name = os.environ.get('l3NoVlanNetworkName1')
#vr2 = test_stub.get_vr_by_private_l3_name(l3_name)
vm_nic1 = vm1.get_vm().vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic1_ip = vm_nic1.ip
vm_nic2 = vm2.get_vm().vmNics[0]
vm_nic2_uuid = vm_nic2.uuid
vm_nic2_ip = vm_nic2.ip
vm1.check()
vm2.check()
#test_lib.lib_wait_target_up(vm_nic1_ip, "root", 120)
#test_lib.lib_wait_target_up(vm_nic2_ip, "root", 120)
test_stub.set_httpd_in_vm(vm_nic1_ip, "root", "password")
test_stub.set_httpd_in_vm(vm_nic2_ip, "root", "password")
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
vip = test_stub.get_snat_ip_as_vip(vr_pub_ip)
test_obj_dict.add_vip(vip)
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb2 = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip.get_vip().uuid)
lb2.create('create lb2 test', vip.get_vip().uuid)
test_obj_dict.add_load_balancer(lb)
test_obj_dict.add_load_balancer(lb2)
vip.attach_lb(lb)
vip.attach_lb(lb2)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 222, lbi_port = 22)
lb2_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 2222, lbi_port = 80)
lbl = lb.create_listener(lb_creation_option)
lbl2 = lb2.create_listener(lb2_creation_option)
lbl.add_nics([vm_nic1_uuid, vm_nic2_uuid])
lbl2.add_nics([vm_nic1_uuid, vm_nic2_uuid])
vm1.check()
vm2.check()
lb.check()
lb2.check()
vip.check()
lb.delete()
lb2.delete()
test_obj_dict.rm_vip(vip)
test_obj_dict.rm_load_balancer(lb)
test_obj_dict.rm_load_balancer(lb2)
lb.check()
lb2.check()
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass('Create Load Balancer Test Success')
def test():
global vm1, vm2, vip
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName']
image_name = os.environ['image_dhcp_name']
test_util.test_dsc('Create test vm with lb.')
vm1 = test_stub.create_vm_in_vcenter(vm_name='test_vip_lb_1',
image_name=image_name,
l3_name=l3_vr_network)
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_vm_in_vcenter(vm_name='test_vip_lb_2',
image_name=image_name,
l3_name=l3_vr_network)
test_obj_dict.add_vm(vm2)
time.sleep(50)
vm_nic1 = vm1.get_vm().vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic1_ip = vm_nic1.ip
vm_nic2 = vm2.get_vm().vmNics[0]
vm_nic2_uuid = vm_nic2.uuid
vm_nic2_ip = vm_nic2.ip
test_stub.set_httpd_in_vm(vm1.get_vm(), vm_nic1_ip)
test_stub.set_httpd_in_vm(vm2.get_vm(), vm_nic2_ip)
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
vip = zstack_vip_header.ZstackTestVip()
vip.get_snat_ip_as_vip(vr_pub_ip)
vip.isVcenter = True
test_obj_dict.add_vip(vip)
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb2 = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip.get_vip().uuid)
lb2.create('create lb2 test', vip.get_vip().uuid)
lb.isVcenter = True
lb2.isVcenter = True
test_obj_dict.add_load_balancer(lb)
test_obj_dict.add_load_balancer(lb2)
vip.attach_lb(lb)
vip.attach_lb(lb2)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port=222,
lbi_port=22)
lb2_creation_option = test_lib.lib_create_lb_listener_option(lbl_port=2222,
lbi_port=80)
lbl = lb.create_listener(lb_creation_option)
lbl2 = lb2.create_listener(lb2_creation_option)
lbl.add_nics([vm_nic1_uuid, vm_nic2_uuid])
lbl2.add_nics([vm_nic1_uuid, vm_nic2_uuid])
vm1.check()
vm2.check()
lb.check()
lb2.check()
vip.check()
lb.delete()
lb2.delete()
test_obj_dict.rm_vip(vip)
test_obj_dict.rm_load_balancer(lb)
test_obj_dict.rm_load_balancer(lb2)
lb.check()
lb2.check()
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass('Create Load Balancer Test Success')
