def test_single_vn_multiple_pi(self):
vmi_red = VirtualMachineInterface(
name='test-virtual-machine-interface-red',
parent_obj=self.project)
vmi_red.set_virtual_machine(self.virtual_machine)
vmi_red.set_virtual_network(self.virtual_network_red)
vmi_red.set_virtual_machine_interface_bindings(
KeyValuePairs(
key_value_pair=[KeyValuePair(key='vnic_type', value='direct'),
KeyValuePair(
key='host_id',
value=self.node_red_hostname)]))
vmi_red_uuid = self.api.virtual_machine_interface_create(vmi_red)
vmi_green = VirtualMachineInterface(
name='test-virtual-machine-interface-green',
parent_obj=self.project)
vmi_green.set_virtual_machine(self.virtual_machine)
vmi_green.set_virtual_network(self.virtual_network_red)
vmi_green.set_virtual_machine_interface_bindings(
KeyValuePairs(
key_value_pair=[KeyValuePair(key='vnic_type', value='direct'),
KeyValuePair(
key='host_id',
value=self.node_green_hostname)]))
vmi_green_uuid = self.api.virtual_machine_interface_create(vmi_green)
self.check_vpg_exists(
self.vlan_id_red,
self.physical_interface_red.get_uuid()
)
self.check_vpg_exists(
self.vlan_id_red,
self.physical_interface_green.get_uuid()
)
self.api.virtual_machine_interface_delete(id=vmi_red_uuid)
self.api.virtual_machine_interface_delete(id=vmi_green_uuid)
def test_port_security_and_allowed_address_pairs(self):
project = Project('%s-project' % self.id())
self.api.project_create(project)
vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project)
self.api.virtual_network_create(vn)
addr_pair = AllowedAddressPairs(allowed_address_pair=[
AllowedAddressPair(ip=SubnetType('1.1.1.0', 24),
mac='02:ce:1b:d7:a6:e7')
])
msg = (r"^Allowed address pairs are not allowed when port security is "
"disabled$")
vmi = VirtualMachineInterface(
'vmi-%s' % self.id(),
parent_obj=project,
port_security_enabled=False,
virtual_machine_interface_allowed_address_pairs=addr_pair)
vmi.set_virtual_network(vn)
with self.assertRaisesRegexp(BadRequest, msg):
self.api.virtual_machine_interface_create(vmi)
vmi = VirtualMachineInterface('vmi-%s' % self.id(),
parent_obj=project,
port_security_enabled=False)
vmi.set_virtual_network(vn)
self.api.virtual_machine_interface_create(vmi)
# updating a port with allowed address pair should throw an exception
# when port security enabled is set to false
vmi.virtual_machine_interface_allowed_address_pairs = addr_pair
with self.assertRaisesRegexp(BadRequest, msg):
self.api.virtual_machine_interface_update(vmi)
def test_disable_port_security_with_empty_allowed_address_pair_list(self):
project = Project('%s-project' % self.id())
self.api.project_create(project)
vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project)
self.api.virtual_network_create(vn)
addr_pair = AllowedAddressPairs()
vmi1 = VirtualMachineInterface(
'vmi1-%s' % self.id(),
parent_obj=project,
port_security_enabled=False,
virtual_machine_interface_allowed_address_pairs=addr_pair)
vmi1.set_virtual_network(vn)
self.api.virtual_machine_interface_create(vmi1)
addr_pair = AllowedAddressPairs(allowed_address_pair=[
AllowedAddressPair(ip=SubnetType('1.1.1.0', 24),
mac='02:ce:1b:d7:a6:e7')
])
vmi2 = VirtualMachineInterface(
'vmi2-%s' % self.id(),
parent_obj=project,
port_security_enabled=True,
virtual_machine_interface_allowed_address_pairs=addr_pair)
vmi2.set_virtual_network(vn)
self.api.virtual_machine_interface_create(vmi2)
addr_pair = AllowedAddressPairs()
vmi2.set_virtual_machine_interface_allowed_address_pairs(addr_pair)
self.api.virtual_machine_interface_update(vmi2)
vmi2.set_port_security_enabled(False)
self.api.virtual_machine_interface_update(vmi2)
def test_bgpaas_shared(self):
vn1_name = self.id() + 'vn1'
vn1_obj = self.create_virtual_network(vn1_name,
['10.0.0.0/24', '1000::/16'])
project_name = ['default-domain', 'default-project']
project_obj = self._vnc_lib.project_read(fq_name=project_name)
port_name1 = self.id() + 'p1'
port_obj1 = VirtualMachineInterface(port_name1, parent_obj=project_obj)
port_obj1.add_virtual_network(vn1_obj)
self._vnc_lib.virtual_machine_interface_create(port_obj1)
port_name2 = self.id() + 'p2'
port_obj2 = VirtualMachineInterface(port_name2, parent_obj=project_obj)
port_obj2.add_virtual_network(vn1_obj)
self._vnc_lib.virtual_machine_interface_create(port_obj2)
# Create a shared BGPaaS server. It means BGP Router object
# does not get created for VMI on the network.
bgpaas_name = self.id() + 'bgp1'
bgpaas = BgpAsAService(bgpaas_name, parent_obj=project_obj,
autonomous_system=64512, bgpaas_shared=True,
bgpaas_ip_address = '1.1.1.1')
bgpaas.add_virtual_machine_interface(port_obj1)
self._vnc_lib.bgp_as_a_service_create(bgpaas)
self.wait_to_get_object(config_db.BgpAsAServiceST,
bgpaas.get_fq_name_str())
router1_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + bgpaas_name
router2_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + 'bgpaas-server'
# Check for two BGP routers - one with the BGPaaS name and not with Port name
self.wait_to_get_object(config_db.BgpRouterST, router1_name)
self.wait_to_get_object(config_db.BgpRouterST, router2_name)
# check whether shared IP address is assigned to the BGP rotuer
self.check_bgp_router_ip(router1_name, '1.1.1.1')
# Add a new VMI to the BGPaaS. This should not create a new BGP router
bgpaas = self._vnc_lib.bgp_as_a_service_read(fq_name_str=bgpaas.get_fq_name_str())
bgpaas.add_virtual_machine_interface(port_obj2)
self._vnc_lib.bgp_as_a_service_update(bgpaas)
# Check for the absence of BGP router along with the new VMI.
router3_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + port_name2
try:
bgp_router = self._vnc_lib.bgp_router_read(fq_name_str=router3_name)
except NoIdError:
print 'Second BGP Router not created for second port - PASS'
else:
assert(True)
bgpaas.del_virtual_machine_interface(port_obj1)
bgpaas.del_virtual_machine_interface(port_obj2)
self._vnc_lib.bgp_as_a_service_update(bgpaas)
self._vnc_lib.bgp_as_a_service_delete(id=bgpaas.uuid)
self._vnc_lib.virtual_machine_interface_delete(id=port_obj1.uuid)
self._vnc_lib.virtual_machine_interface_delete(id=port_obj2.uuid)
self._vnc_lib.virtual_network_delete(fq_name=vn1_obj.get_fq_name())
self.check_ri_is_deleted(vn1_obj.fq_name+[vn1_obj.name])
def test_cannot_update_sub_interface_vlan_tag(self):
project = Project('%s-project' % self.id())
self.api.project_create(project)
vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=project)
self.api.virtual_network_create(vn)
parent_vmi = VirtualMachineInterface('%s-parent-vmi' % self.id(),
parent_obj=project)
parent_vmi.set_virtual_network(vn)
self.api.virtual_machine_interface_create(parent_vmi)
vmi = VirtualMachineInterface('%s-vmi' % self.id(), parent_obj=project)
vmi.set_virtual_network(vn)
vmi.set_virtual_machine_interface(parent_vmi)
self.api.virtual_machine_interface_create(vmi)
vmi42 = VirtualMachineInterface('%s-vmi42' % self.id(),
parent_obj=project)
vmi42.set_virtual_machine_interface_properties(
VMIPT(sub_interface_vlan_tag=42))
vmi42.set_virtual_network(vn)
vmi42.set_virtual_machine_interface(parent_vmi)
self.api.virtual_machine_interface_create(vmi42)
# if we don't touch VMI props, we can update the VMI with or without
# VLAN ID
vmi.set_display_name('new vmi name')
self.api.virtual_machine_interface_update(vmi)
vmi42.set_display_name('new vmi42 name')
self.api.virtual_machine_interface_update(vmi42)
# if we change VMI props without specifying anything, we can update the
# VMI if VLAN ID is not set or 0
vmi.set_virtual_machine_interface_properties(None)
self.api.virtual_machine_interface_update(vmi)
vmi.set_virtual_machine_interface_properties(
VMIPT(sub_interface_vlan_tag=None))
self.api.virtual_machine_interface_update(vmi)
# if we change VMI props without specifying anything, we cannot update
# the VMI if VLAN ID is not 0
vmi42.set_virtual_machine_interface_properties(None)
self.assertRaises(BadRequest,
self.api.virtual_machine_interface_update, vmi42)
vmi42.set_virtual_machine_interface_properties(
VMIPT(sub_interface_vlan_tag=None))
self.assertRaises(BadRequest,
self.api.virtual_machine_interface_update, vmi42)
# if we update VMI VLAN ID to the same VLAN ID, no error raised
vmi.set_virtual_machine_interface_properties(
VMIPT(sub_interface_vlan_tag=0))
self.api.virtual_machine_interface_update(vmi)
vmi42.set_virtual_machine_interface_properties(
VMIPT(sub_interface_vlan_tag=42))
self.api.virtual_machine_interface_update(vmi42)
def _validate_untagged_vmis(self, fabric_obj, proj_obj, pi_obj):
fabric_name = fabric_obj.get_fq_name()
pi_fq_name = pi_obj.get_fq_name()
vn1 = VirtualNetwork('vn1-%s' % (self.id()), parent_obj=proj_obj)
self.api.virtual_network_create(vn1)
vn2 = VirtualNetwork('vn2-%s' % (self.id()), parent_obj=proj_obj)
self.api.virtual_network_create(vn2)
# Create VPG
vpg_name = "vpg-1"
vpg = VirtualPortGroup(vpg_name, parent_obj=fabric_obj)
vpg_uuid = self.api.virtual_port_group_create(vpg)
vpg_obj = self._vnc_lib.virtual_port_group_read(id=vpg_uuid)
vpg_name = vpg_obj.get_fq_name()
# If tor_port_vlan_id is set, then it signifies a untagged VMI
# Create first untagged VMI and attach it to Virtual Port Group
vmi_obj = VirtualMachineInterface(self.id() + "1",
parent_obj=proj_obj)
vmi_obj.set_virtual_network(vn1)
# Create KV_Pairs for this VMI
kv_pairs = self._create_kv_pairs(pi_fq_name,
fabric_name,
vpg_name,
tor_port_vlan_id='4094')
vmi_obj.set_virtual_machine_interface_bindings(kv_pairs)
vmi_uuid_1 = self.api.virtual_machine_interface_create(vmi_obj)
vpg_obj.add_virtual_machine_interface(vmi_obj)
self.api.virtual_port_group_update(vpg_obj)
# Now, try to create the second untagged VMI.
# This should fail as there can be only one untagged VMI in a VPG
vmi_obj_2 = VirtualMachineInterface(self.id() + "2",
parent_obj=proj_obj)
vmi_obj_2.set_virtual_network(vn2)
# Create KV_Pairs for this VMI
kv_pairs = self._create_kv_pairs(pi_fq_name,
fabric_name,
vpg_name,
tor_port_vlan_id='4092')
vmi_obj_2.set_virtual_machine_interface_bindings(kv_pairs)
with ExpectedException(BadRequest):
self.api.virtual_machine_interface_create(vmi_obj_2)
self.api.virtual_machine_interface_delete(id=vmi_uuid_1)
self.api.virtual_port_group_delete(id=vpg_obj.uuid)
def test_update_in_use_provider_vn(self):
project = Project('%s-project' % self.id())
project_uuid = self.api.project_create(project)
project = self.api.project_read(id=project_uuid)
vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=project)
vn.set_is_provider_network(True)
vn.set_provider_properties(
ProviderDetails(
params_dict={"segmentation_id": 100,
"physical_network": "physnet1"}))
vn_uuid = self.api.virtual_network_create(vn)
vmi = VirtualMachineInterface('%s-vmi' % self.id(), parent_obj=project)
vmi.set_virtual_network(vn)
self.api.virtual_machine_interface_create(vmi)
vn = self.api.virtual_network_read(id=vn_uuid)
vn.set_provider_properties(
ProviderDetails(
params_dict={"segmentation_id": 200,
"physical_network": "physnet2"}))
with ExpectedException(RefsExistError):
self.api.virtual_network_update(vn)
updated_provider_properties = (self
.api.virtual_network_read(id=vn.uuid)
.get_provider_properties())
segmentation_id = updated_provider_properties.get_segmentation_id()
physical_network = updated_provider_properties.get_physical_network()
self.assertEqual((100, "physnet1"),
(segmentation_id, physical_network))
def _create_virtual_interface(self, project, vip_id, subnet_id,
ip_address):
network_id = utils.get_subnet_network_id(self._api, subnet_id)
try:
vnet = self._api.virtual_network_read(id=network_id)
except NoIdError:
raise n_exc.NetworkNotFound(net_id=network_id)
vmi = VirtualMachineInterface(vip_id, project)
vmi.set_virtual_network(vnet)
sg_obj = SecurityGroup("default", project)
vmi.add_security_group(sg_obj)
self._api.virtual_machine_interface_create(vmi)
fq_name = list(project.get_fq_name())
fq_name.append(vip_id)
iip_obj = InstanceIp(fq_name=fq_name)
iip_obj.set_virtual_network(vnet)
iip_obj.set_virtual_machine_interface(vmi)
if ip_address and ip_address != attributes.ATTR_NOT_SPECIFIED:
iip_obj.set_instance_ip_address(ip_address)
self._api.instance_ip_create(fq_name)
return vmi
def _create_virtual_interface(self, project, lb_id, subnet_id, network_id,
ip_address):
iip_obj = InstanceIp(name=lb_id)
if subnet_id and subnet_id != ATTR_NOT_SPECIFIED:
network_id = utils.get_subnet_network_id(self._api, subnet_id)
vnet = utils.get_vnet_obj(self._api, network_id)
iip_obj.set_subnet_uuid(subnet_id)
elif network_id and network_id != ATTR_NOT_SPECIFIED:
vnet = utils.get_vnet_obj(self._api, network_id)
else:
msg = 'vip-network-id or vip-subnet-id should be specified'
raise BadRequest(resource='loadbalancer', msg=msg)
vmi = VirtualMachineInterface(lb_id, project)
vmi.set_virtual_network(vnet)
vmi.set_virtual_machine_interface_device_owner(
DEVICE_OWNER_LOADBALANCER)
sg_obj = SecurityGroup("default", project)
vmi.add_security_group(sg_obj)
self._api.virtual_machine_interface_create(vmi)
iip_obj.set_virtual_network(vnet)
iip_obj.set_virtual_machine_interface(vmi)
if ip_address and ip_address != ATTR_NOT_SPECIFIED:
iip_obj.set_instance_ip_address(ip_address)
self._api.instance_ip_create(iip_obj)
iip = self._api.instance_ip_read(id=iip_obj.uuid)
vip_address = iip.get_instance_ip_address()
vip_subnet_id = iip.get_subnet_uuid()
return vmi, vip_address, vip_subnet_id
def test_virtual_port_group_delete(self):
proj_obj = Project('%s-project' % (self.id()))
self.api.project_create(proj_obj)
vn = VirtualNetwork('vn-%s' % (self.id()), parent_obj=proj_obj)
self.api.virtual_network_create(vn)
vpg_name = "vpg-" + self.id()
vpg_obj = VirtualPortGroup(vpg_name)
self.api.virtual_port_group_create(vpg_obj)
vmi_id_list = []
for i in range(self.VMI_NUM):
vmi_obj = VirtualMachineInterface(self.id() + str(i),
parent_obj=proj_obj)
vmi_obj.set_virtual_network(vn)
vmi_id_list.append(
self.api.virtual_machine_interface_create(vmi_obj))
vpg_obj.add_virtual_machine_interface(vmi_obj)
self.api.virtual_port_group_update(vpg_obj)
self.api.ref_relax_for_delete(vpg_obj.uuid, vmi_id_list[i])
# Make sure when VPG doesn't get deleted, since associated VMIs
# still refers it.
with ExpectedException(BadRequest):
self.api.virtual_port_group_delete(id=vpg_obj.uuid)
# Cleanup
for i in range(self.VMI_NUM):
self.api.virtual_machine_interface_delete(id=vmi_id_list[i])
self.api.virtual_port_group_delete(id=vpg_obj.uuid)
def test_dedicated_tag_and_refs_deleted(self):
vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project)
self._vnc_lib.virtual_network_create(vn)
vmi_ids = []
for i in range(3):
vmi = VirtualMachineInterface('%s-vmi%d' % (self.id(), i),
parent_obj=self.project)
vmi.add_virtual_network(vn)
vmi_ids.append(self._vnc_lib.virtual_machine_interface_create(vmi))
neutron_fg = self.create_resource(
'firewall_group',
self.project_id,
extra_res_fields={
'ports': vmi_ids,
},
)
tag_fq_name = self._get_tag_fq_name(neutron_fg, self.project)
try:
self._vnc_lib.tag_read(tag_fq_name)
except NoIdError:
msg = ("Dedicated Tag %s for firewall group %s was not created" %
(':'.join(tag_fq_name), neutron_fg['id']))
self.fail(msg)
self.delete_resource('firewall_group', self.project_id,
neutron_fg['id'])
self.assertRaises(NoIdError, self._vnc_lib.tag_read, tag_fq_name)
def _create_vmi(self, pod_task_id, vm_obj, vn_obj):
proj_fq_name = vnc_mesos_config.cluster_project_fq_name('default')
proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name)
vmi_prop = None
obj_uuid = str(uuid.uuid1())
vmi_obj = VirtualMachineInterface(
name=vm_obj.name,
parent_obj=proj_obj,
virtual_machine_interface_properties=vmi_prop,
display_name=vm_obj.name)
vmi_obj.uuid = obj_uuid
vmi_obj.set_virtual_network(vn_obj)
vmi_obj.set_virtual_machine(vm_obj)
vmi_obj.add_annotations(KeyValuePair(key='index', value='0/1'))
vmi_obj.port_security_enabled = True
VirtualMachineInterfaceMM.add_annotations(self, vmi_obj, pod_task_id)
try:
vmi_uuid = self._vnc_lib.virtual_machine_interface_create(vmi_obj)
except RefsExistError:
vmi_uuid = self._vnc_lib.virtual_machine_interface_update(vmi_obj)
VirtualMachineInterfaceMM.locate(vmi_uuid)
return vmi_uuid
def test_firewall_group_port_association(self):
vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project)
self._vnc_lib.virtual_network_create(vn)
vmi_ids = []
for i in range(3):
vmi = VirtualMachineInterface('%s-vmi%d' % (self.id(), i),
parent_obj=self.project)
vmi.add_virtual_network(vn)
vmi_ids.append(self._vnc_lib.virtual_machine_interface_create(vmi))
neutron_fg = self.create_resource(
'firewall_group',
self.project_id,
extra_res_fields={
'ports': vmi_ids[:-1],
},
)
self.assertEquals(set(neutron_fg['ports']), set(vmi_ids[:-1]))
neutron_fg = self.update_resource(
'firewall_group',
neutron_fg['id'],
self.project_id,
extra_res_fields={
'ports': vmi_ids[1:],
},
)
self.assertEquals(set(neutron_fg['ports']), set(vmi_ids[1:]))
def test_tagged_vmi_to_vpg_ref_create_during_vmi_update(self):
# Create vmi without bindings
vmi_obj = VirtualMachineInterface('vmi' + self.id(),
parent_obj=self.proj_obj)
vmi_obj.set_virtual_network(self.vn)
vmi_uuid = self.api.virtual_machine_interface_create(vmi_obj)
# Validate
db_vmi_obj = self.api.virtual_machine_interface_read(id=vmi_uuid)
vpg_refs = db_vmi_obj.get_virtual_port_group_refs()
self.assertIsNone(vpg_refs)
# update VMI with bindings
bindings = self.create_vmi_bindings(self.pi_fq_name, self.fabric_name,
self.vpg_name)
vmi_obj.set_virtual_machine_interface_bindings(bindings)
vmi_obj.set_virtual_machine_interface_properties(
VMIPT(sub_interface_vlan_tag='4094'))
self.api.virtual_machine_interface_update(vmi_obj)
# Validate
db_vmi_obj = self.api.virtual_machine_interface_read(id=vmi_uuid)
vpg_refs = db_vmi_obj.get_virtual_port_group_refs()
self.assertEqual(len(vpg_refs), 1)
self.assertIsNone(vpg_refs[0]['attr'].native_vlan_tag)
self.assertEqual(vpg_refs[0]['attr'].vlan_tag, 4094)
# Cleanup
self.api.virtual_machine_interface_delete(id=vmi_uuid)
def test_context_undo_fail_db_update(self):
project = Project(name='p-{}'.format(self.id()))
self.api.project_create(project)
vn_og = VirtualNetwork(name='og-vn-{}'.format(self.id()),
parent_obj=project)
self.api.virtual_network_create(vn_og)
vmi_obj = VirtualMachineInterface('vmi-{}'.format(self.id()),
parent_obj=project)
vmi_obj.set_virtual_network(vn_og)
self.api.virtual_machine_interface_create(vmi_obj)
vmi_obj = self.api.virtual_machine_interface_read(id=vmi_obj.uuid)
# change virtual network for VMI
vn_next = VirtualNetwork(name='next-vn-{}'.format(self.id()),
parent_obj=project)
vn_next.uuid = self.api.virtual_network_create(vn_next)
vmi_obj.set_virtual_network(vn_next)
def stub(*args, **kwargs):
return False, (500, "Fake error")
with ExpectedException(HttpError):
with test_common.flexmocks([(self._api_server._db_conn,
'dbe_update', stub)]):
self.api.virtual_machine_interface_update(vmi_obj)
vmi_obj = self.api.virtual_machine_interface_read(id=vmi_obj.uuid)
vn_ref_fq_names = [n['to'] for n in vmi_obj.get_virtual_network_refs()]
self.assertEqual(len(vn_ref_fq_names), 1)
self.assertEqual(vn_ref_fq_names[0], vn_og.get_fq_name())
def test_context_undo_vpg_fail_db_update(self):
proj_obj, fabric_obj, pr_obj, pi_obj, vn_obj = \
self._create_vpg_prerequisites()
mock_zk = self._api_server._db_conn._zk_db
zk_alloc_count_before = mock_zk._vpg_id_allocator.get_alloc_count()
# Create vmi obj
vmi_name = '%s-1' % self.id()
vmi_obj = VirtualMachineInterface(vmi_name, parent_obj=proj_obj)
vmi_obj.set_virtual_network(vn_obj)
self.api.virtual_machine_interface_create(vmi_obj)
vmi_obj = self.api.virtual_machine_interface_read(id=vmi_obj.uuid)
# Create KV_Pairs for this VMI
pi_fq_name = pi_obj.get_fq_name()
fabric_name = fabric_obj.get_fq_name()
kv_pairs = self._create_kv_pairs(fabric_name, pi_fq_name)
vmi_obj.set_virtual_machine_interface_bindings(kv_pairs)
def stub(*args, **kwargs):
return False, (500, "Fake error")
with ExpectedException(HttpError):
with test_common.flexmocks([(self._api_server._db_conn,
'dbe_update', stub)]):
self.api.virtual_machine_interface_update(vmi_obj)
zk_alloc_count_after = mock_zk._vpg_id_allocator.get_alloc_count()
self.assertEqual(zk_alloc_count_before, zk_alloc_count_after)
def test_update_vmi_vn(self):
vmi = VirtualMachineInterface(
name='test-virtual-machine-interface',
parent_obj=self.project)
vmi.set_virtual_machine(self.virtual_machine)
vmi.set_virtual_network(self.virtual_network_red)
vmi.set_virtual_machine_interface_bindings(
KeyValuePairs(
key_value_pair=[KeyValuePair(key='vnic_type', value='direct'),
KeyValuePair(
key='host_id',
value=self.node_red_hostname)]))
vmi_uuid = self.api.virtual_machine_interface_create(vmi)
self.check_vpg_exists(
self.vlan_id_red,
self.physical_interface_red.get_uuid()
)
# update vn
vmi = self.api.virtual_machine_interface_read(id=vmi_uuid)
vmi.set_virtual_network(self.virtual_network_green)
self.api.virtual_machine_interface_update(vmi)
self.check_vpg_not_exist(
self.vlan_id_red,
self.physical_interface_red.get_uuid()
)
self.check_vpg_exists(
self.vlan_id_green,
self.physical_interface_red.get_uuid()
)
self.api.virtual_machine_interface_delete(id=vmi_uuid)
def test_context_undo_fail_db_delete(self):
project = Project(name='p-{}'.format(self.id()))
self.api.project_create(project)
vn = VirtualNetwork(name='vn-{}'.format(self.id()), parent_obj=project)
self.api.virtual_network_create(vn)
vmi_obj = VirtualMachineInterface('vmi-{}'.format(self.id()),
parent_obj=project)
vmi_obj.set_virtual_network(vn)
self.api.virtual_machine_interface_create(vmi_obj)
vmi_obj = self.api.virtual_machine_interface_read(id=vmi_obj.uuid)
mock_zk = self._api_server._db_conn._zk_db
zk_alloc_count_before = mock_zk._vpg_id_allocator.get_alloc_count()
def stub(*args, **kwargs):
return False, (500, "Fake error")
with ExpectedException(HttpError):
with test_common.flexmocks([(self._api_server._db_conn,
'dbe_delete', stub)]):
self.api.virtual_machine_interface_delete(
fq_name=vmi_obj.fq_name)
zk_alloc_count_after = mock_zk._vpg_id_allocator.get_alloc_count()
self.assertEqual(zk_alloc_count_before, zk_alloc_count_after)
def _create_virtual_interface(self, project, lb_id, subnet_id,
ip_address):
network_id = utils.get_subnet_network_id(self._api, subnet_id)
try:
vnet = self._api.virtual_network_read(id=network_id)
except NoIdError:
raise n_exc.NetworkNotFound(net_id=network_id)
vmi = VirtualMachineInterface(lb_id, project)
vmi.set_virtual_network(vnet)
vmi.set_virtual_machine_interface_device_owner(n_constants.DEVICE_OWNER_LOADBALANCER)
sg_obj = SecurityGroup("default", project)
vmi.add_security_group(sg_obj)
self._api.virtual_machine_interface_create(vmi)
iip_obj = InstanceIp(name=lb_id)
iip_obj.set_virtual_network(vnet)
iip_obj.set_virtual_machine_interface(vmi)
if ip_address and ip_address != attributes.ATTR_NOT_SPECIFIED:
iip_obj.set_instance_ip_address(ip_address)
self._api.instance_ip_create(iip_obj)
iip = self._api.instance_ip_read(id=iip_obj.uuid)
vip_address = iip.get_instance_ip_address()
return vmi, vip_address
def create_lr(self, lrname, vns, prs, vmis):
lr_fq_name = ['default-domain', 'default-project', lrname]
lr = LogicalRouter(fq_name=lr_fq_name,
parent_type='project',
logical_router_type='vxlan-routing')
for pr in prs:
probj = self._vnc_lib.physical_router_read(id=pr.get_uuid())
lr.add_physical_router(probj)
for vn in vns:
vminame = 'vmi-lr-to-vn' + vn.get_display_name()
fq_name1 = ['default-domain', 'default-project', vminame]
vmi = VirtualMachineInterface(fq_name=fq_name1,
parent_type='project')
vmi.set_virtual_network(vn)
self._vnc_lib.virtual_machine_interface_create(vmi)
vmis[vminame] = vmi
lr.add_virtual_machine_interface(vmi)
lr.set_logical_router_type('vxlan-routing')
lr_uuid = self._vnc_lib.logical_router_create(lr)
# make sure internal is created
try:
self.check_lr_internal_vn_state(lr)
except Exception:
pass
return lr, self._vnc_lib.logical_router_read(id=lr_uuid)
def test_valid_sub_interface_vlan_tag_id(self):
project = Project('%s-project' % self.id())
self.api.project_create(project)
vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=project)
self.api.virtual_network_create(vn)
test_suite = [
(None, None),
(VMIPT(None), None),
(VMIPT(sub_interface_vlan_tag=None), None),
(VMIPT(sub_interface_vlan_tag=-42), BadRequest),
(VMIPT(sub_interface_vlan_tag=4095), BadRequest),
(VMIPT(sub_interface_vlan_tag='fo'), BadRequest),
(VMIPT(sub_interface_vlan_tag='42'), None),
(VMIPT(sub_interface_vlan_tag=42), None),
]
for (vmipt, result) in test_suite:
vmi = VirtualMachineInterface('%s-vmi' % self.id(),
parent_obj=project)
vmi.set_virtual_network(vn)
vmi.set_virtual_machine_interface_properties(vmipt)
if result and issubclass(result, Exception):
self.assertRaises(result,
self.api.virtual_machine_interface_create,
vmi)
else:
self.api.virtual_machine_interface_create(vmi)
self.api.virtual_machine_interface_delete(id=vmi.uuid)
def test_asn(self):
# create vn1
vn1_name = self.id() + 'vn1'
vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24')
ident_name = self.get_obj_imid(vn1_obj)
gevent.sleep(2)
ifmap_ident = self.assertThat(FakeIfmapClient._graph,
Contains(ident_name))
self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:64512:8000001')
# create router1
r1_name = self.id() + 'router1'
router1 = self.create_bgp_router(r1_name, 'contrail')
self.check_bgp_asn(router1.get_fq_name(), 64512)
# create virtual machine interface
vmi_name = self.id() + 'vmi1'
vmi = VirtualMachineInterface(
vmi_name,
parent_type='project',
fq_name=['default-domain', 'default-project', vmi_name])
vmi.add_virtual_network(vn1_obj)
self._vnc_lib.virtual_machine_interface_create(vmi)
# create logical router
lr_name = self.id() + 'lr1'
lr = LogicalRouter(lr_name)
lr.add_virtual_machine_interface(vmi)
self._vnc_lib.logical_router_create(lr)
self.check_lr_asn(lr.get_fq_name(), 'target:64512:8000002')
#update global system config but dont change asn value for equality path
gs = self._vnc_lib.global_system_config_read(
fq_name=['default-global-system-config'])
gs.set_autonomous_system(64512)
self._vnc_lib.global_system_config_update(gs)
# check route targets
self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:64512:8000001')
self.check_bgp_asn(router1.get_fq_name(), 64512)
self.check_lr_asn(lr.get_fq_name(), 'target:64512:8000002')
#update ASN value
gs = self._vnc_lib.global_system_config_read(
fq_name=[u'default-global-system-config'])
gs.set_autonomous_system(50000)
self._vnc_lib.global_system_config_update(gs)
# check new route targets
self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:50000:8000001')
self.check_bgp_asn(router1.get_fq_name(), 50000)
self.check_lr_asn(lr.get_fq_name(), 'target:50000:8000002')
self._vnc_lib.logical_router_delete(id=lr.uuid)
self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid)
self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid)
self.check_ri_is_deleted(fq_name=vn1_obj.fq_name + [vn1_obj.name])
self._vnc_lib.bgp_router_delete(id=router1.uuid)
def test_create_pool(self):
tenant_id = _uuid()
pool_id = _uuid()
vip_id = _uuid()
subnet_id = _uuid()
api = self.api_server
project = Project(name='test')
project.uuid = tenant_id
template = ServiceTemplate('lb-test', project)
template.uuid = _uuid()
pool_attrs = LoadbalancerPoolType()
pool_attrs.subnet_id = subnet_id
pool = LoadbalancerPool(
pool_id, project, loadbalancer_pool_properties=pool_attrs)
pool.uuid = pool_id
vip_attrs = VirtualIpType()
vip_attrs.subnet_id = subnet_id
vip_attrs.address = '127.0.0.1'
vip = VirtualIp(vip_id, project, virtual_ip_properties=vip_attrs)
vip.uuid = vip_id
vip.set_loadbalancer_pool(pool)
vnet = VirtualNetwork('test', project)
vnet.uuid = _uuid()
vmi = VirtualMachineInterface(vip_id, project)
vmi.uuid = _uuid()
vmi.set_virtual_network(vnet)
iip = InstanceIp(vip_id, instance_ip_address='127.0.0.1')
iip.uuid = _uuid()
iip.set_virtual_machine_interface(vmi)
iip_refs = [
{'to': iip.get_fq_name(), 'uuid': iip.uuid}
]
vmi.get_instance_ip_back_refs = mock.Mock()
vmi.get_instance_ip_back_refs.return_value = iip_refs
vip.set_virtual_machine_interface(vmi)
api.virtual_service_template_read = template
api.loadbalancer_pool_read.return_value = pool
api.virtual_ip_read.return_value = vip
api.kv_retrieve.return_value = '%s %s' % (vnet.uuid, subnet_id)
api.virtual_machine_interface_read.return_value = vmi
api.instance_ip_read.return_value = iip
api.service_instance_read.side_effect = NoIdError('404')
context = {}
pool_data = {
'id': pool_id,
'vip_id': vip_id
}
self.driver.create_pool(context, pool_data)
api.service_instance_create.assert_called_with(mock.ANY)
def test_asn(self):
# create vn1
vn1_name = self.id() + 'vn1'
vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24')
self.assertTill(self.vnc_db_has_ident, obj=vn1_obj)
ri_target = self.check_ri_target(self.get_ri_name(vn1_obj))
# create router1
r1_name = self.id() + 'router1'
router1 = self.create_bgp_router(r1_name, 'contrail')
self.check_bgp_asn(router1.get_fq_name(), 64512)
# create virtual machine interface
vmi_name = self.id() + 'vmi1'
vmi = VirtualMachineInterface(
vmi_name,
parent_type='project',
fq_name=['default-domain', 'default-project', vmi_name])
vmi.add_virtual_network(vn1_obj)
self._vnc_lib.virtual_machine_interface_create(vmi)
# create logical router
lr_name = self.id() + 'lr1'
lr = LogicalRouter(lr_name)
lr.add_virtual_machine_interface(vmi)
self._vnc_lib.logical_router_create(lr)
lr_target = self.check_lr_target(lr.get_fq_name())
#update global system config but dont change asn value for equality path
gs = self._vnc_lib.global_system_config_read(
fq_name=['default-global-system-config'])
gs.set_autonomous_system(64512)
self._vnc_lib.global_system_config_update(gs)
# check route targets
self.check_ri_target(self.get_ri_name(vn1_obj), ri_target)
self.check_bgp_asn(router1.get_fq_name(), 64512)
self.check_lr_target(lr.get_fq_name(), lr_target)
#update ASN value
gs = self._vnc_lib.global_system_config_read(
fq_name=[u'default-global-system-config'])
gs.set_autonomous_system(50000)
self._vnc_lib.global_system_config_update(gs)
# check new route targets
self.check_ri_target(self.get_ri_name(vn1_obj),
ri_target.replace('64512', '50000'))
self.check_bgp_asn(router1.get_fq_name(), 50000)
self.check_lr_target(lr.get_fq_name(),
lr_target.replace('64512', '50000'))
self._vnc_lib.logical_router_delete(id=lr.uuid)
self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid)
self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid)
self.check_ri_is_deleted(fq_name=vn1_obj.fq_name + [vn1_obj.name])
self._vnc_lib.bgp_router_delete(id=router1.uuid)
def test_firewall_group_status(self):
neutron_fg = self.create_resource(
'firewall_group',
self.project_id,
extra_res_fields={
'admin_state_up': False,
},
)
self.assertEquals(neutron_fg['status'], constants.DOWN)
neutron_fg = self.update_resource(
'firewall_group',
neutron_fg['id'],
self.project_id,
extra_res_fields={
'admin_state_up': True,
},
)
self.assertEquals(neutron_fg['status'], constants.INACTIVE)
vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project)
self._vnc_lib.virtual_network_create(vn)
vmi = VirtualMachineInterface('%s-vmi' % self.id(),
parent_obj=self.project)
vmi.add_virtual_network(vn)
self._vnc_lib.virtual_machine_interface_create(vmi)
neutron_fg = self.update_resource(
'firewall_group',
neutron_fg['id'],
self.project_id,
extra_res_fields={
'ports': [vmi.uuid],
},
)
self.assertEquals(neutron_fg['status'], constants.INACTIVE)
fp = FirewallPolicy('%s-fp' % self.id(), parent_obj=self.project)
self._vnc_lib.firewall_policy_create(fp)
neutron_fg = self.update_resource(
'firewall_group',
neutron_fg['id'],
self.project_id,
extra_res_fields={
'egress_firewall_policy_id': fp.uuid,
},
)
self.assertEquals(neutron_fg['status'], constants.ACTIVE)
neutron_fg = self.update_resource(
'firewall_group',
neutron_fg['id'],
self.project_id,
extra_res_fields={
'ports': [],
},
)
self.assertEquals(neutron_fg['status'], constants.INACTIVE)
def _create_vmi(self, name, vn_obj, sg_group_obj=None):
fq_name = ['default-domain', 'default-project', name]
vmi = VirtualMachineInterface(fq_name=fq_name, parent_type='project')
vmi.set_display_name(name)
vmi.name = name
vmi.set_virtual_network(vn_obj)
if sg_group_obj:
vmi.set_security_group(sg_group_obj)
uuid = self._vnc_lib.virtual_machine_interface_create(vmi)
vmi_obj_rd = self._vnc_lib.virtual_machine_interface_read(id=uuid)
return vmi, vmi_obj_rd
def test_subnet_type_validation(self):
test_suite = [
(SubnetType('0', 0), ('0.0.0.0', 0)),
(SubnetType('1.1.1.1'), BadRequest),
(SubnetType('1.1.1.1', 24), ('1.1.1.0', 24)),
(SubnetType('1.1.1.1', '24'), ('1.1.1.0', 24)),
(SubnetType('1.1.1.1', 32), ('1.1.1.1', 32)),
(SubnetType('1.1.1.e', 32), BadRequest),
(SubnetType('1.1.1.1', '32e'), BadRequest),
(SubnetType('1.1.1.0,2.2.2.0', 24), BadRequest),
(SubnetType(''), BadRequest),
(SubnetType('', 30), BadRequest),
(SubnetType('::', 0), ('::', 0)),
(SubnetType('::'), BadRequest),
(SubnetType('dead::beef', 128), ('dead::beef', 128)),
(SubnetType('dead::beef', '128'), ('dead::beef', 128)),
(SubnetType('dead::beef', 96), ('dead::', 96)),
(SubnetType('dead::beez', 96), BadRequest),
(SubnetType('dead::beef', '96e'), BadRequest),
(SubnetType('dead::,beef::', 64), BadRequest),
]
project = Project('%s-project' % self.id())
self.api.project_create(project)
vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project)
self.api.virtual_network_create(vn)
vmi = VirtualMachineInterface('vmi-%s' % self.id(), parent_obj=project)
vmi.set_virtual_network(vn)
self.api.virtual_machine_interface_create(vmi)
for subnet, expected_result in test_suite:
aaps = AllowedAddressPairs(
allowed_address_pair=[AllowedAddressPair(ip=subnet)])
vmi.set_virtual_machine_interface_allowed_address_pairs(aaps)
if (type(expected_result) == type and
issubclass(expected_result, Exception)):
self.assertRaises(
expected_result,
self.api.virtual_machine_interface_update,
vmi)
else:
self.api.virtual_machine_interface_update(vmi)
vmi = self.api.virtual_machine_interface_read(id=vmi.uuid)
returned_apps = vmi.\
get_virtual_machine_interface_allowed_address_pairs().\
get_allowed_address_pair()
self.assertEqual(len(returned_apps), 1)
returned_subnet = returned_apps[0].get_ip()
self.assertEqual(returned_subnet.ip_prefix,
expected_result[0])
self.assertEqual(returned_subnet.ip_prefix_len,
expected_result[1])
def create_virtual_machine(self, name, vn, ipaddress):
vm_instance = VirtualMachine(name)
self._vnc_lib.virtual_machine_create(vm_instance)
fq_name = [name, '0']
vmi = VirtualMachineInterface(parent_type='virtual-machine', fq_name=fq_name)
vmi.set_virtual_network(vn)
self._vnc_lib.virtual_machine_interface_create(vmi)
ip = InstanceIp(vm_instance.name + '.0')
ip.set_virtual_machine_interface(vmi)
ip.set_virtual_network(vn)
ip.set_instance_ip_address(ipaddress)
self._vnc_lib.instance_ip_create(ip)
return vm_instance
def _create_vmi(self,
pod_name,
pod_namespace,
pod_id,
vm_obj,
vn_obj,
parent_vmi,
idx,
network=None):
proj_fq_name = vnc_kube_config.cluster_project_fq_name(pod_namespace)
proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name)
if network and 'namespace' in network:
network.pop('namespace')
vmi_prop = None
if self._is_pod_nested() and parent_vmi:
# Pod is nested.
# Allocate a vlan-id for this pod from the vlan space managed
# in the VMI of the underlay VM.
parent_vmi = VirtualMachineInterfaceKM.get(parent_vmi.uuid)
vlan_id = parent_vmi.alloc_vlan()
vmi_prop = VirtualMachineInterfacePropertiesType(
sub_interface_vlan_tag=vlan_id)
obj_uuid = str(uuid.uuid1())
name = VncCommon.make_name(pod_name, obj_uuid)
vmi_obj = VirtualMachineInterface(
name=name,
parent_obj=proj_obj,
virtual_machine_interface_properties=vmi_prop,
display_name=name)
vmi_obj.uuid = obj_uuid
vmi_obj.set_virtual_network(vn_obj)
vmi_obj.set_virtual_machine(vm_obj)
self._associate_security_groups(vmi_obj, proj_obj, pod_namespace)
vmi_obj.port_security_enabled = True
VirtualMachineInterfaceKM.add_annotations(self,
vmi_obj,
pod_namespace,
pod_name,
index=idx,
**network)
try:
vmi_uuid = self._vnc_lib.virtual_machine_interface_create(vmi_obj)
except RefsExistError:
vmi_uuid = self._vnc_lib.virtual_machine_interface_update(vmi_obj)
VirtualMachineInterfaceKM.locate(vmi_uuid)
return vmi_uuid
def _construct_new_vnc_vmi(self):
vmi = VirtualMachineInterface(name=self.uuid,
display_name=self.display_name,
parent_obj=self.parent,
id_perms=ID_PERMS)
vmi.set_uuid(self.uuid)
vmi.add_virtual_machine(self.vm_model.vnc_vm)
if self.vn_model:
vmi.set_virtual_network(self.vn_model.vnc_vn)
vmi.set_virtual_machine_interface_mac_addresses(
MacAddressesType([self.vcenter_port.mac_address]))
vmi.set_port_security_enabled(True)
vmi.set_security_group(self.security_group)
return vmi
