def _setup_fip_with_fixed_ip_from_same_subnet(self, enable_snat):
"""Setup 2 FakeMachines from same subnet, one with floatingip
associated.
"""
router_info = self.generate_router_info(enable_ha=False,
enable_snat=enable_snat)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[lib_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process()
return src_machine, dst_machine, dst_fip
def test_fip_connection_from_same_subnet(self):
'''Test connection to floatingip which is associated with
fixed_ip on the same subnet of the source fixed_ip.
In other words it confirms that return packets surely
go through the router.
'''
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process(self.agent)
protocol_port = net_helpers.get_free_namespace_port(
l3_constants.PROTO_NAME_TCP, dst_machine.namespace)
# client sends to fip
netcat = net_helpers.NetcatTester(
src_machine.namespace,
dst_machine.namespace,
dst_fip,
protocol_port,
protocol=net_helpers.NetcatTester.TCP)
self.addCleanup(netcat.stop_processes)
self.assertTrue(netcat.test_connectivity())
def setUp(self):
cfg.CONF.register_opts(sg_cfg.security_group_opts, 'SECURITYGROUP')
super(IptablesFirewallTestCase, self).setUp()
bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge
self.client, self.server = self.useFixture(
machine_fixtures.PeerMachines(bridge)).machines
self.firewall = iptables_firewall.IptablesFirewallDriver(
namespace=bridge.namespace)
self._set_src_mac(self.MAC_REAL)
client_br_port_name = net_helpers.VethFixture.get_peer_name(
self.client.port.name)
self.src_port_desc = {
'admin_state_up': True,
'device': client_br_port_name,
'device_owner': DEVICE_OWNER_COMPUTE,
'fixed_ips': [self.client.ip],
'mac_address': self.MAC_REAL,
'port_security_enabled': True,
'security_groups': [self.FAKE_SECURITY_GROUP_ID],
'status': 'ACTIVE'
}
def setUp(self):
super(TestMonitorDaemon, self).setUp()
self.conf_dir = self.get_default_temp_dir().path
self.pid_file = os.path.join(self.conf_dir, 'pid_file')
self.log_file = os.path.join(self.conf_dir, 'log_file')
self.state_file = os.path.join(self.conf_dir,
'keepalived-state-change')
self.cidr = '169.254.151.1/24'
bridge = self.useFixture(net_helpers.OVSBridgeFixture()).bridge
self.machines = self.useFixture(mf.PeerMachines(bridge))
self.router, self.peer = self.machines.machines[:2]
self.router_id = uuidutils.generate_uuid()
self._generate_cmd_opts()
self.ext_process = external_process.ProcessManager(
conf=None, uuid=self.router_id, namespace=self.router.namespace,
service='test_ip_mon', pids_path=self.conf_dir,
default_cmd_callback=self._callback, run_as_root=True,
pid_file=self.pid_file)
server = linux_utils.UnixDomainWSGIServer(
'neutron-keepalived-state-change', num_threads=1)
server.start(ha.KeepalivedStateChangeHandler(mock.Mock()),
self.state_file, workers=0,
backlog=ha.KEEPALIVED_STATE_CHANGE_SERVER_BACKLOG)
self.addCleanup(server.stop)
def test_ping_floatingip_reply_with_floatingip(self):
router_info = self.generate_dvr_router_info()
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router,
dst_fip,
fixed_address=dst_machine.ip,
host=self.agent.conf.host)
router.process(self.agent)
# Verify that the ping replys with fip
ns_ip_wrapper = ip_lib.IPWrapper(src_machine.namespace)
result = ns_ip_wrapper.netns.execute(
['ping', '-c', 1, '-W', 5, dst_fip])
self._assert_ping_reply_from_expected_address(result, dst_fip)
def _setUp(self):
super(LinuxBridgeConnectionTester, self)._setUp()
self.bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge
machines = self.useFixture(
machine_fixtures.PeerMachines(self.bridge, self.ip_cidr)).machines
self._peer = machines[0]
self._vm = machines[1]
def _setUp(self):
super(OVSConnectionTester, self)._setUp()
self.bridge = self.useFixture(net_helpers.OVSBridgeFixture()).bridge
self._peer, self._vm = self.useFixture(
machine_fixtures.PeerMachines(self.bridge, self.ip_cidr)).machines
self._set_port_attrs(self._peer.port)
self._set_port_attrs(self._vm.port)
def setUp(self):
super(LinuxBridgeARPSpoofTestCase, self).setUp()
lbfixture = self.useFixture(net_helpers.LinuxBridgeFixture())
self.addCleanup(setattr, arp_protect, 'NAMESPACE', None)
arp_protect.NAMESPACE = lbfixture.namespace
bridge = lbfixture.bridge
self.source, self.destination, self.observer = self.useFixture(
machine_fixtures.PeerMachines(bridge, amount=3)).machines
def setUp(self):
super(IptablesManagerTestCase, self).setUp()
bridge = self.useFixture(net_helpers.VethBridgeFixture()).bridge
self.client, self.server = self.useFixture(
machine_fixtures.PeerMachines(bridge)).machines
self.client_fw, self.server_fw = self.create_firewalls()
# The port is used in isolated namespace that precludes possibility of
# port conflicts
self.port = helpers.get_free_namespace_port(self.server.namespace)
def _setUp(self):
super(OVSConnectionTester, self)._setUp()
br_name = self.useFixture(
net_helpers.OVSBridgeFixture()).bridge.br_name
self.bridge = br_int.OVSIntegrationBridge(br_name)
self.bridge.setup_default_table()
machines = self.useFixture(
machine_fixtures.PeerMachines(self.bridge, self.ip_cidr)).machines
self._peer = machines[0]
self._vm = machines[1]
self._set_port_attrs(self._peer.port)
self._set_port_attrs(self._vm.port)
def _setUp(self):
super(LinuxBridgeConnectionTester, self)._setUp()
bridge_args = {}
if self.bridge_name:
bridge_args = {'prefix': self.bridge_name,
'prefix_is_full_name': True}
self.bridge = self.useFixture(
net_helpers.LinuxBridgeFixture(**bridge_args)).bridge
machines = self.useFixture(
machine_fixtures.PeerMachines(
self.bridge, self.ip_cidr)).machines
self._peer = machines[0]
self._vm = machines[1]
def setUp(self):
super(IpsetBase, self).setUp()
bridge = self.useFixture(net_helpers.VethBridgeFixture()).bridge
self.source, self.destination = self.useFixture(
machine_fixtures.PeerMachines(bridge)).machines
self.ipset = self._create_ipset_manager_and_set(
ip_lib.IPWrapper(self.destination.namespace), IPSET_SET)
self.dst_iptables = iptables_manager.IptablesManager(
namespace=self.destination.namespace)
self._add_iptables_ipset_rules(self.dst_iptables)
def _setUp(self):
super(OVSConnectionTester, self)._setUp()
br_name = self.useFixture(
net_helpers.OVSBridgeFixture()).bridge.br_name
self.bridge = self.br_int_cls(br_name)
self.bridge.set_secure_mode()
self.bridge.setup_controllers(cfg.CONF)
self.bridge.setup_default_table()
machines = self.useFixture(
machine_fixtures.PeerMachines(
self.bridge, self.ip_cidr)).machines
self._peer = machines[0]
self._vm = machines[1]
self._set_port_attrs(self._peer.port)
self._set_port_attrs(self._vm.port)
def setUp(self):
super(TestMonitorDaemon, self).setUp()
bridge = self.useFixture(net_helpers.OVSBridgeFixture()).bridge
self.machines = self.useFixture(mf.PeerMachines(bridge))
self.router, self.peer = self.machines.machines[:2]
conf_dir = self.get_default_temp_dir().path
monitor = keepalived_state_change.MonitorDaemon(
self.get_temp_file_path('monitor.pid'), uuidutils.generate_uuid(),
1, 2, self.router.namespace, conf_dir, 'foo-iface',
self.machines.ip_cidr)
eventlet.spawn_n(monitor.run, run_as_root=True)
monitor_started = functools.partial(
lambda mon: mon.monitor is not None, monitor)
utils.wait_until_true(monitor_started)
self.addCleanup(monitor.monitor.stop)
def setUp(self):
super(IpsetBase, self).setUp()
bridge = self.useFixture(net_helpers.VethBridgeFixture()).bridge
self.source, self.destination = self.useFixture(
machine_fixtures.PeerMachines(bridge)).machines
self.ipset_name = utils.get_rand_name(MAX_IPSET_NAME_LENGTH, 'set-')
self.icmp_accept_rule = (
'-p icmp -m set --match-set %s src -j ACCEPT' % self.ipset_name)
self.ipset = self._create_ipset_manager_and_set(
ip_lib.IPWrapper(self.destination.namespace), self.ipset_name)
self.addCleanup(self.ipset._destroy, self.ipset_name)
self.dst_iptables = iptables_manager.IptablesManager(
namespace=self.destination.namespace)
self._add_iptables_ipset_rules()
self.addCleanup(self._remove_iptables_ipset_rules)
def setUp(self):
super(EbtablesLowLevelTestCase, self).setUp()
bridge = self.useFixture(net_helpers.VethBridgeFixture()).bridge
self.source, self.destination = self.useFixture(
machine_fixtures.PeerMachines(bridge)).machines
# Extract MAC and IP address of one of my interfaces
self.mac = self.source.port.link.address
self.addr = self.source.ip
# Pick one of the namespaces and setup a bridge for the local ethernet
# interface there, because ebtables only works on bridged interfaces.
dev_mybridge = bridge_lib.BridgeDevice.addbr('mybridge',
self.source.namespace)
dev_mybridge.addif(self.source.port.name)
# Take the IP addrss off one of the interfaces and apply it to the
# bridge interface instead.
self.source.port.addr.delete(self.source.ip_cidr)
dev_mybridge.link.set_up()
dev_mybridge.addr.add(self.source.ip_cidr)
def _setUp(self):
super(LinuxBridgeConnectionTester, self)._setUp()
self._bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge
self._peer, self._vm = self.useFixture(
machine_fixtures.PeerMachines(self._bridge)).machines