def test_provider_router_project_network(self):
# provider router owned by admin_manager
self.p_router = self._create_router(
client_mgr=self.admin_manager,
namestart="deploy-provider-router",
distributed=self.tenant_router_attrs.get('distributed'),
router_type=self.tenant_router_attrs.get('router_type'))
self._router_set_gateway(self.p_router['id'],
self.public_network_id,
client=self.admin_manager.routers_client)
self.yellow = self.create_project_network_env('yellow',
self.manager,
cidr_offset=1)
self.blue = self.create_project_network_env('blue',
self.alt_manager,
cidr_offset=2)
username, password = self.get_image_userpass()
yellow = dmgr.make_node_info(self.yellow['fip'], username, password)
blue = dmgr.make_node_info(self.blue['fip'], username, password)
is_reachable = dmgr.check_host_is_reachable(yellow, blue['dest'],
[dmgr.IPTYPE_FLOATING])
self.assertTrue(
is_reachable,
"VM-yello=%s CANNOT-REACH VM-blue=%s" % (str(yellow), str(blue)))
is_reachable = dmgr.check_host_is_reachable(blue, yellow['dest'],
[dmgr.IPTYPE_FLOATING])
self.assertTrue(
is_reachable,
"VM-blue=%s CANNOT-REACH VM-yellow=%s" % (str(blue), str(yellow)))
self.remove_project_network()
def test_provider_router_tenant_network(self):
# provider router owned by admin_client
self.p_router = self._create_router(
client_mgr=self.admin_manager, namestart="deploy-provider-router",
distributed=self.tenant_router_attrs.get('distributed'),
router_type=self.tenant_router_attrs.get('router_type'))
self.p_router.set_gateway(self.public_network_id)
self.yellow = self.create_tenant_network_env(
self.p_router, 'yellow', self.manager, 0)
self.blue = self.create_tenant_network_env(
self.p_router, 'blue', self.alt_manager, 2)
username, password = self.get_image_userpass()
yellow = dmgr.make_node_info(self.yellow['fip'], username, password)
blue = dmgr.make_node_info(self.blue['fip'], username, password)
is_reachable = dmgr.check_host_is_reachable(
yellow, blue['dest'], [dmgr.IPTYPE_FLOATING])
self.assertTrue(
is_reachable,
"VM-yello=%s CANNOT-REACH VM-blue=%s" % (str(yellow), str(blue)))
is_reachable = dmgr.check_host_is_reachable(
blue, yellow['dest'], [dmgr.IPTYPE_FLOATING])
self.assertTrue(
is_reachable,
"VM-blue=%s CANNOT-REACH VM-yellow=%s" % (str(blue), str(yellow)))
self.remove_tenant_network()
def create_tenant_network_env(self, client_mgr, t_id,
check_outside_world=True,
cidr_offset=0):
username, password = self.get_image_userpass()
t_security_group = self._create_security_group(
client=client_mgr.network_client,
security_groups_client=client_mgr.security_groups_client,
namestart="deploy-multi-tenant")
t_network, t_subnet, t_router = self.setup_tenant_network(
self.public_network_id, client_mgr,
namestart=("deploy-%s-tenant" % t_id),
cidr_offset=cidr_offset)
self.check_networks(t_network, t_subnet, t_router)
name1 = t_network['name'] + "-A"
name2 = t_network['name'] + "-B"
security_groups = [{'name': t_security_group['name']}]
servers_client = client_mgr.servers_client
t_serv1 = self.create_server_on_network(
t_network, security_groups,
image=self.get_server_image(),
flavor=self.get_server_flavor(),
name=name1,
servers_client=servers_client, wait_on_boot=False)
t_serv2 = self.create_server_on_network(
t_network, security_groups,
image=self.get_server_image(),
flavor=self.get_server_flavor(),
servers_client=servers_client, name=name2)
t_fip1 = self.create_floatingip_for_server(
t_serv1, client_mgr=client_mgr)
t_fip2 = self.create_floatingip_for_server(
t_serv2, client_mgr=client_mgr)
node1 = dmgr.make_node_info(t_fip1, username, password,
check_outside_world)
node2 = dmgr.make_node_info(t_fip2, username, password,
check_outside_world)
T = dict(security_group=t_security_group,
network=t_network, subnet=t_subnet,
router=t_router, client_mgr=client_mgr,
serv1=t_serv1, fip1=t_fip1, node1=node1,
serv2=t_serv2, fip2=t_fip2, node2=node2)
is_reachable = dmgr.check_host_is_reachable(
node1, node2['dest'], [dmgr.IPTYPE_FIXED])
self.assertTrue(
is_reachable,
("VM-A-%s=%s CANNOT-REACH VM-B-%s=%s" %
(t_id, str(node1), t_id, str(node2))))
is_reachable = dmgr.check_host_is_reachable(
node2, node1['dest'], [dmgr.IPTYPE_FIXED])
self.assertTrue(
True,
("VM-B-%s=%s CANNOT-REACH VM-A-%s=%s" %
(t_id, str(node2), t_id, str(node1))))
return T
def test_multi_tenants_network(self):
LOG.debug(Z_DEPLOY_TOPO, "multi tenant network")
self.green = self.create_project_network_env(self.manager, 'green',
True)
# in multiple tenant environment, ip overlay could happen
# for the 2nd tenent give it a different ip-range to
# make sure private-ip at tenat-1 is not the same being
# assigned to tenant-2
self.red = self.create_project_network_env(self.alt_manager,
'red',
False,
cidr_offset=3)
# t1 can reach t2's public interface
is_rechable = dmgr.check_host_is_reachable(self.green['node1'],
self.red['node2']['dest'],
[dmgr.IPTYPE_FLOATING])
self.assertTrue(is_rechable,
("t1:VM-A=%s CANNOT-REACH t2:VM-A=[floating-ip %s]" %
(str(self.green['node1']), str(self.red['node2']))))
# Do the reachable first, then check other VM's fixed-ip
# is not reachable - again tenants should not have overlay IPs.
not_reachable = dmgr.check_host_not_reachable(
self.green['node1'], self.red['node2']['dest'],
[dmgr.IPTYPE_FIXED], 10, 20, 2)
self.assertFalse(not_reachable,
("t1:VM-A=%s SHOULD-NOT-REACH t2:VM-B=[fixed-ip %s]" %
(str(self.green['node1']), str(self.red['node2']))))
self.remove_project_network()
LOG.debug(Z_DEPLOY_COMPLETED, "multi tenant network")
def test_multi_tenants_network(self):
LOG.debug(Z_DEPLOY_TOPO, "multi tenant network")
self.green = self.create_tenant_network_env(
self.manager, 'green', True)
# in multiple tenant environment, ip overlay could happen
# for the 2nd tenent give it a different ip-range to
# make sure private-ip at tenat-1 is not the same being
# assigned to tenant-2
self.red = self.create_tenant_network_env(
self.alt_manager, 'red', False, cidr_offset=3)
# t1 can reach t2's public interface
is_rechable = dmgr.check_host_is_reachable(
self.green['node1'], self.red['node2']['dest'],
[dmgr.IPTYPE_FLOATING])
self.assertTrue(
is_rechable,
("t1:VM-A=%s CANNOT-REACH t2:VM-A=[floating-ip %s]" %
(str(self.green['node1']), str(self.red['node2']))))
# Do the reachable first, then check other VM's fixed-ip
# is not reachable - again tenants should not have overlay IPs.
not_reachable = dmgr.check_host_not_reachable(
self.green['node1'], self.red['node2']['dest'],
[dmgr.IPTYPE_FIXED], 10, 20, 2)
self.assertFalse(
not_reachable,
("t1:VM-A=%s SHOULD-NOT-REACH t2:VM-B=[fixed-ip %s]" %
(str(self.green['node1']), str(self.red['node2']))))
self.remove_tenant_network()
LOG.debug(Z_DEPLOY_COMPLETED, "multi tenant network")
def test_tenant_connectivity(self):
LOG.debug(Z_DEPLOY_TOPO, "tenant connectivity")
client_mgr = self.manager
username, password = self.get_image_userpass()
# create security_group with loginable rules
self.security_group = self._create_security_group(
security_groups_client=client_mgr.security_groups_client,
security_group_rules_client=client_mgr.security_group_rules_client,
namestart='deploy-connect')
self.network, self.subnet, self.router = self.setup_project_network(
self.public_network_id, namestart='deploy-connect')
self.check_networks(self.network, self.subnet, self.router)
security_groups = [{'name': self.security_group['name']}]
self.serv1 = self.create_server_on_network(
self.network,
security_groups,
image=self.get_server_image(),
flavor=self.get_server_flavor(),
name=self.network['name'])
self.fip1 = self.create_floatingip_for_server(self.serv1,
client_mgr=client_mgr)
msg = "Associate floatingip[%s] sever#1" % self.fip1
self._check_floatingip_connectivity(self.fip1,
self.serv1,
should_connect=True,
msg=msg)
# VM is reachable from public; check VM can reach outside world
node1 = dmgr.make_node_info(self.fip1, username, password, True)
is_reachable = dmgr.check_host_is_reachable(node1, node1['dest'],
['outside'])
self.assertTrue(
is_reachable,
"VM=%s CAN-NOT-REACH-OUTSIDE-WORLD" % (node1['ipaddr']))
LOG.debug('tenant[%s] CAN-REACH-OUTSIDE-WORLD', node1['ipaddr'])
self.disassociate_floatingip(self.fip1)
time.sleep(dmgr.WAITTIME_AFTER_DISASSOC_FLOATINGIP)
msg = "after disassociate floatingip[%s] from server#1" % self.fip1
self._check_floatingip_connectivity(self.fip1,
self.serv1,
should_connect=False,
msg=msg)
self.serv2 = self.create_server_on_network(
self.network,
security_groups,
image=self.get_server_image(),
flavor=self.get_server_flavor(),
name=self.network['name'])
self.associate_floatingip(self.fip1, self.serv2)
server_pingable = self._waitfor_associated_floatingip(self.fip1)
self.assertTrue(
server_pingable,
msg="Expect server#2 to be reachable after floatingip assigned.")
self.disassociate_floatingip(self.fip1)
LOG.debug(Z_DEPLOY_DELETE_SERVER, "tenant connectivity")
self.servers_client.delete_server(self.serv1['id'])
self.servers_client.delete_server(self.serv2['id'])
self.router.unset_gateway()
self.router.delete()
LOG.debug(Z_DEPLOY_COMPLETED, "tenant connectivity")
def test_tenant_connectivity(self):
LOG.debug(Z_DEPLOY_TOPO, "tenant connectivity")
client_mgr = self.manager
username, password = self.get_image_userpass()
# create security_group with loginable rules
self.security_group = self._create_security_group(
security_groups_client=client_mgr.security_groups_client,
security_group_rules_client=client_mgr.security_group_rules_client,
namestart='deploy-connect')
self.network, self.subnet, self.router = self.setup_project_network(
self.public_network_id, namestart='deploy-connect')
self.check_networks(self.network, self.subnet, self.router)
security_groups = [{'name': self.security_group['name']}]
self.serv1 = self.create_server_on_network(
self.network, security_groups,
image=self.get_server_image(),
flavor=self.get_server_flavor(),
name=self.network['name'])
self.fip1 = self.create_floatingip_for_server(
self.serv1, client_mgr=client_mgr)
msg = "Associate floatingip[%s] sever#1" % self.fip1
self._check_floatingip_connectivity(
self.fip1, self.serv1, should_connect=True, msg=msg)
# VM is reachable from public; check VM can reach outside world
node1 = dmgr.make_node_info(self.fip1, username, password, True)
is_reachable = dmgr.check_host_is_reachable(
node1, node1['dest'], ['outside'])
self.assertTrue(
is_reachable,
"VM=%s CAN-NOT-REACH-OUTSIDE-WORLD" % (node1['ipaddr']))
LOG.debug('tenant[%s] CAN-REACH-OUTSIDE-WORLD',
node1['ipaddr'])
self.disassociate_floatingip(self.fip1)
time.sleep(dmgr.WAITTIME_AFTER_DISASSOC_FLOATINGIP)
msg = "after disassociate floatingip[%s] from server#1" % self.fip1
self._check_floatingip_connectivity(
self.fip1, self.serv1, should_connect=False, msg=msg)
self.serv2 = self.create_server_on_network(
self.network, security_groups,
image=self.get_server_image(),
flavor=self.get_server_flavor(),
name=self.network['name'])
self.associate_floatingip(self.fip1, self.serv2)
server_pingable = self._waitfor_associated_floatingip(self.fip1)
self.assertTrue(
server_pingable,
msg="Expect server#2 to be reachable after floatingip assigned.")
self.disassociate_floatingip(self.fip1)
LOG.debug(Z_DEPLOY_DELETE_SERVER, "tenant connectivity")
self.servers_client.delete_server(self.serv1['id'])
self.servers_client.delete_server(self.serv2['id'])
self.router.unset_gateway()
self.router.delete()
LOG.debug(Z_DEPLOY_COMPLETED, "tenant connectivity")
def create_project_network_env(self,
client_mgr,
t_id,
check_outside_world=True,
cidr_offset=1):
username, password = self.get_image_userpass()
t_security_group = self._create_security_group(
security_groups_client=client_mgr.security_groups_client,
security_group_rules_client=client_mgr.security_group_rules_client,
namestart="deploy-multi-tenant")
t_network, t_subnet, t_router = self.setup_project_network(
self.public_network_id,
client_mgr,
namestart=("deploy-%s-tenant" % t_id),
cidr_offset=cidr_offset)
self.check_networks(t_network, t_subnet, t_router)
name1 = t_network['name'] + "-A"
name2 = t_network['name'] + "-B"
security_groups = [{'name': t_security_group['name']}]
servers_client = client_mgr.servers_client
t_serv1 = self.create_server_on_network(
t_network,
security_groups,
image=self.get_server_image(),
flavor=self.get_server_flavor(),
name=name1,
servers_client=servers_client,
wait_on_boot=False)
t_serv2 = self.create_server_on_network(
t_network,
security_groups,
image=self.get_server_image(),
flavor=self.get_server_flavor(),
servers_client=servers_client,
name=name2)
t_fip1 = self.create_floatingip_for_server(t_serv1,
client_mgr=client_mgr)
t_fip2 = self.create_floatingip_for_server(t_serv2,
client_mgr=client_mgr)
node1 = dmgr.make_node_info(t_fip1, username, password,
check_outside_world)
node2 = dmgr.make_node_info(t_fip2, username, password,
check_outside_world)
T = dict(security_group=t_security_group,
network=t_network,
subnet=t_subnet,
router=t_router,
client_mgr=client_mgr,
serv1=t_serv1,
fip1=t_fip1,
node1=node1,
serv2=t_serv2,
fip2=t_fip2,
node2=node2)
is_reachable = dmgr.check_host_is_reachable(node1, node2['dest'],
[dmgr.IPTYPE_FIXED])
self.assertTrue(is_reachable, ("VM-A-%s=%s CANNOT-REACH VM-B-%s=%s" %
(t_id, str(node1), t_id, str(node2))))
is_reachable = dmgr.check_host_is_reachable(node2, node1['dest'],
[dmgr.IPTYPE_FIXED])
self.assertTrue(True, ("VM-B-%s=%s CANNOT-REACH VM-A-%s=%s" %
(t_id, str(node2), t_id, str(node1))))
return T
