def test_update_rt_rd_after_router_association(self):
with self.bgpvpn(tenant_id=self.tenant_id,
route_distinguishers=['878:878'],
route_targets=['878:878']) as bgpvpn,\
self.router() as router,\
self.router_assocation(router['id'],
bgpvpn['id']) as rtr_assoc:
router = self.routers_client.show_router(router['id'])['router']
self.assertThat(router['rd'],
Equals(bgpvpn['route_distinguishers'][0]))
self.assertThat(router['rt'], Equals(bgpvpn['route_targets'][0]))
rtr_assoc_list = self.rtr_assoc_client.list_router_assocations(
bgpvpn['id'])
self.assertThat(rtr_assoc_list[0]['router_id'],
Equals(router['id']))
self.os_data.insert_resource('os-router-ra-3',
os_data=router,
parent=self.def_net_partition)
tag_name = 'verify_l3domain_rt_rd'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__),
self)
self.bgpvpn_client_admin.update_bgpvpn(
bgpvpn['id'],
route_distinguishers=['879:879'],
route_targets=['879:879'])
router = self.routers_client.show_router(router['id'])['router']
self.os_data.update_resource('os-router-ra-3', os_data=router)
tag_name = 'verify_l3domain_rt_rd'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__),
self)
def test_vm_with_port_parameters_1_0_0_1_l3domain(self):
'''IP Anti Spoofing scenario test for vip parameters having
full cidr(/32 IP), same mac, same ip, different subnet in
comparsion with the corresponding port parameters'''
ip_address = '30.30.30.100'
allowed_address_pairs = [{'ip_address': ip_address}]
network, router, subnet, port = self._create_network_port_l3resources(
ntw_security='True',
port_security='True',
router_name='scn-router12-1',
subnet_name='scn-subnet12-1',
port_name='scn-port12-1',
netpart=self.def_net_partition,
allowed_address_pairs=allowed_address_pairs)
self.assertEqual(port['allowed_address_pairs'][0]['ip_address'],
allowed_address_pairs[0]['ip_address'])
ntw = {'uuid': network['id'], 'port': port['id']}
# Get the first available VRS hostname to spawn VM
ovs = self.TB.vrs_1.cmd('hostname')
kwargs = {'availability_zone': 'nova:'+ovs[0][0]}
vm = self.create_server(name='scn-port12-vm-1', networks=[ntw],
wait_until='ACTIVE', **kwargs)
self.os_data.insert_resource(vm['name'], 'scn-port12-1', os_data=vm)
self.assertEqual(port['fixed_ips'][0]['ip_address'],
vm['addresses'][network['name']][0]['addr'])
self.assertEqual(port['mac_address'],
vm['addresses'][network['name']][0]['OS-EXT-IPS-MAC:mac_addr'])
self.assertEqual(vm['status'], 'ACTIVE')
time.sleep(30)
tag_name = 'verify_vm_vip_and_anit_spoof_l3domain'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__), self)
def test_vm_in_sec_disabled_port_l3domain(self):
''' L3domain testcase to spawn VM in port with
port-security-enabled set to False at port level only'''
network, router, subnet, port = self._create_network_port_l3resources(
ntw_security='True',
port_security='False',
router_name='scn-router11-1',
subnet_name='scn-subnet11-1',
port_name='scn-port11-1')
self.assertEqual(network['port_security_enabled'], True)
self.assertEqual(port['port_security_enabled'], False)
ntw = {'uuid': network['id'], 'port': port['id']}
# Get the first available VRS hostname to spawn VM
ovs = self.TB.vrs_1.cmd('hostname')
kwargs = {'availability_zone': 'nova:'+ovs[0][0]}
vm = self.create_server(name='scn-port11-vm-1', networks=[ntw],
wait_until='ACTIVE', **kwargs)
self.os_data.insert_resource(vm['name'], 'scn-port11-1', os_data=vm)
self.assertEqual(port['fixed_ips'][0]['ip_address'],
vm['addresses'][network['name']][0]['addr'])
self.assertEqual(port['mac_address'],
vm['addresses'][network['name']][0]['OS-EXT-IPS-MAC:mac_addr'])
self.assertEqual(vm['status'], 'ACTIVE')
tag_name = 'verify_vm_in_sec_disabled_port_l3domain'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__), self)
def test_server_basic_ops(self):
self.add_keypair()
self.security_group = self._create_security_group()
self.boot_instance()
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag('verify_vm', self.__class__.__name__))
self.servers_client.delete_server(self.instance['id'])
def test_vpnservice_create_delete(self):
""" Create delete vpnservice with environment and also
verifies the dummy router and subnet created by plugin """
vpnservices = self.vpnservice_client.list_vpnservice()
pre_ids = [vpnservice['id'] for vpnservice in vpnservices]
routers = self.routers_client.list_routers()
subnets = self.subnets_client.list_subnets()
router_id = routers['routers'][0]['id']
self.os_data_struct.insert_resource(
'router1', os_data=routers['routers'][0],
parent=self.def_net_partition
)
subnet_id = subnets['subnets'][0]['id']
self.os_data_struct.insert_resource(
'subnet1', os_data=subnets['subnets'][0],
parent='router1'
)
kwargs = {'name': 'vpnservice'}
# Creating the vpn service
with self.vpnservice(router_id, subnet_id,
**kwargs) as created_vpnservice:
vpnservices = self.vpnservice_client.list_vpnservice()
self.os_data_struct.insert_resource(
'vpnservice', os_data=created_vpnservice,
parent='router1'
)
# Finding the dummy router and subnet
# created by plugin and adding to the os_data_struct
dummy_router = self._find_dummy_router(router_id)
dummy_subnet = self._find_dummy_subnet(subnet_id)
self.os_data_struct.insert_resource(
'dummyrouter', os_data=dummy_router,
parent='vpnservice'
)
self.os_data_struct.insert_resource(
'dummysubnet', os_data=dummy_subnet,
parent='dummyrouter'
)
post_ids = [vpnservice['id'] for vpnservice in vpnservices]
self.assertThat(pre_ids, Not(Contains(created_vpnservice['id'])))
self.assertThat(post_ids, Contains(created_vpnservice['id']))
# VSD verification
tag_name = 'verify_vpn_dummy_router'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__), self)
# Deleting all resources from the os_data_struct
self.os_data_struct.delete_resource('vpnservice')
self.os_data_struct.delete_resource('subnet1')
self.os_data_struct.delete_resource('router1')
def test_create_delete_ipsecsiteconnection(self):
""" Tests create/show/list/delete of two ipsecsiteconnection
in two different vpnservices """
pubnetid = CONF.network.public_network_id
pubnet = self.os_handle.networks_client.show_network(pubnetid)
self.os_data_struct.insert_resource(
'testtags', parent='CMS'
)
# Creating Site1
name1 = 'vpn1'
cidr1 = '10.20.0.0/24'
subnet1, router1 = (
self._create_verify_vpn_environment(
name1, cidr1, pubnet
)
)
# Storing Site1 info in os_data_struct
self.os_data_struct.insert_resource(
'routertag1', user_data={'name': router1['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'subnettag1', user_data={'name': subnet1['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'publicsubnettag', user_data={'name': pubnet['network']['name']},
parent = 'testtags'
)
# Creating VPN1
vpnservice1, dummy_router1, dummy_subnet1 = (
self._create_verify_vpnservice(
name1, router1, subnet1
)
)
# Storing VPN1 info in os_data_struct
self.os_data_struct.insert_resource(
'vpnservicetag1', user_data={'name': vpnservice1['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'dummyroutertag1', user_data={'name': dummy_router1['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'dummysubnettag1', user_data={'name': dummy_subnet1['name']},
parent = 'testtags'
)
# Creating Site2
name2 = 'vpn2'
cidr2 = '10.30.0.0/24'
subnet2, router2 = (
self._create_verify_vpn_environment(
name2, cidr2, pubnet
)
)
# Storing Site2 info in os_data_struct
self.os_data_struct.insert_resource(
'routertag2', user_data={'name': router2['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'subnettag2', user_data={'name': subnet2['name']},
parent = 'testtags'
)
# Creating VPN2
vpnservice2, dummy_router2, dummy_subnet2 = (
self._create_verify_vpnservice(
name2, router2, subnet2
)
)
# Storing VPN2 info in os_data_struct
self.os_data_struct.insert_resource(
'vpnservicetag2', user_data={'name': vpnservice2['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'dummyroutertag2', user_data={'name': dummy_router2['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
)
tag_name = 'verify_vpn_dummy_router'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__), self)
# Creating IKE Policy
ikepolicy = self._create_verify_ikepolicy('ikepolicy')
ikepolicy_id = ikepolicy['id']
ikepolicy_name = ikepolicy['name']
# Creating IPSecPolicy
ipsecpolicy = self._create_verify_ipsecpolicy('ipsecpolicy')
ipsecpolicy_id = ipsecpolicy['id']
ipsecpolicy_name = ipsecpolicy['name']
# Creating IPSecSiteConnection1
vpn_ip1 = vpnservice1['external_v4_ip']
ipsecsiteconnection1 = (
self._create_verify_ipsecsiteconnection(
vpnservice1['id'], ikepolicy_id,
ipsecpolicy_id, vpn_ip1, vpn_ip1,
cidr1, 'secret', name1, vpnservice1['name']
)
)
# Storing ipsecsiteconnection in os_data_struct
self.os_data_struct.insert_resource(
'ipsecsiteconnection1',
user_data={'name': ipsecsiteconnection1['name']},
parent = 'testtags'
)
# Creating IPSecSiteConnection2
vpn_ip2 = vpnservice2['external_v4_ip']
ipsecsiteconnection2 = (
self._create_verify_ipsecsiteconnection(
vpnservice2['id'], ikepolicy_id,
ipsecpolicy_id, vpn_ip2, vpn_ip2,
cidr2, 'secret', name2, vpnservice2['name']
)
)
# Storing ipsecsiteconnection in os_data_struct
self.os_data_struct.insert_resource(
'ipsecsiteconnection2',
user_data={'name': ipsecsiteconnection2['name']},
parent = 'testtags'
)
tag_name = 'verify_ipsec_vminterface'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__), self)
# Delete IPSecSiteconnections
self._delete_verify_ipsecsiteconnection(
ipsecsiteconnection1['id'], ipsecsiteconnection1['name']
)
self._delete_verify_ipsecsiteconnection(
ipsecsiteconnection2['id'], ipsecsiteconnection2['name']
)
# Delete VPNService
self._delete_verify_vpnservice(
vpnservice1['id'], vpnservice1['name']
)
self._delete_verify_vpnservice(
vpnservice2['id'], vpnservice2['name']
)
# Delete IKEpolicy and IPSecPolicy
self._delete_verify_ipsecpolicy(
ipsecpolicy_id, ipsecpolicy_name
)
self._delete_verify_ikepolicy(
ikepolicy_id, ikepolicy_name
)
# Delete Routers and Subnets
self._delete_verify_vpn_environment(
router1, subnet1
)
self._delete_verify_vpn_environment(
router2, subnet2
)
# Delete all the testtags
self.os_data_struct.delete_resource('testtags')
def test_create_duplicate_vpnservice(self):
""" Tests creation of duplicate vpnservice """
name = 'vpn'
pubnetid = CONF.network.public_network_id
pubnet = self.os_handle.networks_client.show_network(pubnetid)
self.os_data_struct.insert_resource(
'testtags', parent='CMS'
)
# Creating Site for VPN Service
subnet, router = (
self._create_verify_vpn_environment(
name, '10.20.0.0/24', pubnet
)
)
# Storing router/subnet tagname to os_data_struct
self.os_data_struct.insert_resource(
'routertag', user_data={'name': router['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'subnettag', user_data={'name': subnet['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'publicsubnettag', user_data={'name': pubnet['network']['name']},
parent = 'testtags'
)
# Create First Verify VPNService
vpnservice, dummy_router, dummy_subnet = (
self._create_verify_vpnservice(
name, router, subnet
)
)
# Storing vpnservice tagname to os_data_struct
self.os_data_struct.insert_resource(
'vpnservicetag', user_data={'name': vpnservice['name']},
parent = 'testtags'
)
# Storing dummy router/subnet tagname to os_data_struct
self.os_data_struct.insert_resource(
'dummyroutertag', user_data={'name': dummy_router['name']},
parent = 'testtags'
)
self.os_data_struct.insert_resource(
'dummysubnettag', user_data={'name': dummy_subnet['name']},
parent = 'testtags'
)
# Create Duplicate VPNService
vpnservice2 = (
self.os_handle.vpnaas_client.create_vpnservice(
router['id'], subnet['id'], name, False,
)
)
tag_name = 'verify_vpn_dummy_router'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__), self)
# Delete Verify VPNService
self._delete_verify_vpnservice(
vpnservice['id'], vpnservice['name']
)
# Delete environment
self._delete_verify_vpn_environment(
router, subnet
)
self.os_data_struct.delete_resource('testtags')
def test_ipsecsiteconnection_create_delete(self):
""" Create delete of ipsecsiteconnection with ikepolicy, ipsecpolicy
and vpnservice; also verifies the dummy router and subnet
and the vm interface created by plugin """
ipsecsiteconnections = (
self.ipsecsiteconnection_client.list_ipsecsiteconnection()
)
pre_ids = (
[ipsecsiteconnection['id']
for ipsecsiteconnection in ipsecsiteconnections]
)
routers = self.routers_client.list_routers()
subnets = self.subnets_client.list_subnets()
router_id = routers['routers'][0]['id']
self.os_data_struct.insert_resource(
'router1', os_data=routers['routers'][0],
parent=self.def_net_partition
)
subnet_id = subnets['subnets'][0]['id']
self.os_data_struct.insert_resource(
'subnet1', os_data=subnets['subnets'][0],
parent='router1'
)
kwargs = {'name': 'vpn'}
with self.vpnservice(router_id, subnet_id, **kwargs) \
as created_vpnservice, \
self.ikepolicy('ikepolicy') as created_ikepolicy, \
self.ipsecpolicy('ipsecpolicy') as created_ipsecpolicy:
vpnservices = self.vpnservice_client.list_vpnservice()
self.os_data_struct.insert_resource(
'vpnservice', os_data=created_vpnservice,
parent='router1'
)
# Finding the dummy router and subnet
# created by plugin and adding to the os_data_struct
dummy_router = self._find_dummy_router(router_id)
dummy_subnet = self._find_dummy_subnet(subnet_id)
self.os_data_struct.insert_resource(
'dummyrouter', os_data=dummy_router,
parent='vpnservice'
)
self.os_data_struct.insert_resource(
'dummysubnet', os_data=dummy_subnet,
parent='dummyrouter'
)
post_ids = [vpnservice['id'] for vpnservice in vpnservices]
self.assertThat(pre_ids, Not(Contains(created_vpnservice['id'])))
self.assertThat(post_ids, Contains(created_vpnservice['id']))
# VSD verification
tag_name = 'verify_vpn_dummy_router'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__), self)
ipnkwargs = {'name': 'ipsecconn'}
with self.ipsecsiteconnection(
created_vpnservice['id'], created_ikepolicy['id'],
created_ipsecpolicy['id'], '172.20.0.2',
'172.20.0.2', '2.0.0.0/24', 'secret',
**ipnkwargs) as created_ipsecsiteconnection:
ipsecsiteconnections = (
self.ipsecsiteconnection_client.list_ipsecsiteconnection()
)
self.os_data_struct.insert_resource(
'ipsecsiteconnection', os_data=created_ipsecsiteconnection,
parent='vpnservice'
)
post_ids = (
[ipsecsiteconnection['id']
for ipsecsiteconnection in ipsecsiteconnections]
)
self.assertThat(pre_ids, Not(
Contains(created_ipsecsiteconnection['id'])))
self.assertThat(post_ids, Contains(
created_ipsecsiteconnection['id']))
# VSD Verification
tag_name = 'verify_ipsec_vminterface'
nuage_ext.nuage_extension.nuage_components(
nuage_ext._generate_tag(tag_name, self.__class__.__name__), self)
self.os_data_struct.delete_resource('ipsecsiteconnection')
self.os_data_struct.delete_resource('vpnservice')
self.os_data_struct.delete_resource('subnet1')
self.os_data_struct.delete_resource('router1')