def test():
'''
Test Description:
Will check if test VM's mac/ip assignment will be removed in VR's DNS config, after VM is shutdown. And if VM's mac/ip will be added back after it restart.
Resource required:
Need support 2 VMs.
'''
global test_obj_dict
test_util.test_dsc('Create test vm and check. VR only has DNS and DHCP services')
vm = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm)
vm.check()
vm.stop()
if linux.wait_callback_success(check_dhcp_remove, vm.vm, 5, 0.2):
test_util.test_logger('[vm:] %s mac/ip was removed in VR /etc/hosts.dhcp' % vm.vm.uuid)
else:
test_util.test_logger('check dhcp remove failure, will try to print VR DHCP tables')
test_lib.lib_print_vr_dhcp_tables(test_lib.lib_find_vr_by_vm(vm.vm)[0])
test_util.test_fail('[vm:] %s mac was not removed in VR /etc/hosts.dhcp, after vm was stopped.' % vm.vm.uuid)
if linux.wait_callback_success(check_dhcp_release, vm.vm, 5, 0.2):
test_util.test_logger('[vm:] %s mac/ip was removed in VR /etc/hosts.leases' % vm.vm.uuid)
else:
test_util.test_logger('check dhcp lease failure, will try to print VR DHCP tables')
test_lib.lib_print_vr_dhcp_tables(test_lib.lib_find_vr_by_vm(vm.vm)[0])
test_util.test_fail('[vm:] %s mac was not removed in VR /etc/hosts.leases, after vm was stopped.' % vm.vm.uuid)
vm.start()
vm.check()
vm.destroy()
vm.check()
test_util.test_pass('Successfully check VM DHCP release when VM stopped')
def test():
test_util.test_dsc("create vr vm and vpc vrouter")
vm = test_stub.create_vr_vm('vr_vm','imageName_s','l3NoVlanNetworkName2')
test_obj_dict.add_vm(vm)
if not test_lib.lib_find_vr_by_vm(vm.vm) or not test_lib.lib_find_vr_by_vm(vm.vm)[0]:
test_lib.lib_error_cleanup(test_obj_dict)
test_util.test_skip("skip the test for no vr found in the env.")
vpc_vr = test_stub.create_vpc_vrouter()
check_host_prometheus_conf()
check_vrouter_prometheus_conf()
check_prometheus_data()
hosts = test_lib.lib_get_all_hosts_from_plan()
for host in hosts:
host_ops.reconnect_host(host_uuid)
check_host_prometheus_conf()
check_vrouter_prometheus_conf()
check_prometheus_data()
test_lib.lib_execute_ssh_cmd(mn_ip,"root","password","zstack-ctl restart_node",timeout=300)
check_host_prometheus_conf()
check_vrouter_prometheus_conf()
check_prometheus_data()
test_lib.lib_error_cleanup(test_obj_dict)
test_util.test_pass('Test prometheus Success')
def test():
test_util.test_dsc('Create test vm with EIP and check.')
vm = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('create_eip_test', l3_uuid)
test_obj_dict.add_vip(vip)
eip = test_stub.create_eip('create eip test', vip_uuid=vip.get_vip().uuid, vnic_uuid=vm_nic_uuid, vm_obj=vm)
vip.attach_eip(eip)
vm.check()
vip.check()
vm.destroy()
test_obj_dict.rm_vm(vm)
vip.check()
eip.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass('Create EIP for VM Success')
def test():
global test_obj_dict
test_util.test_dsc("Create 1 VMs with vlan VR L3 network for SG testing.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm1.check()
nic_uuid = vm1.vm.vmNics[0].uuid
vm_nics = (nic_uuid, vm1)
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vm1_ip = test_lib.lib_get_vm_nic_by_l3(vr_vm, l3_uuid).ip
target_ip_prefix = '10.10.10.'
test_util.test_dsc("Create security groups.")
for i in range(sg_num):
target_ip = '%s%s' % (target_ip_prefix, str(1+i))
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, target_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.INGRESS, target_ip)
rule3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP, inventory.INGRESS, target_ip)
rule4 = test_lib.lib_gen_sg_rule(Port.rule4_ports, inventory.TCP, inventory.INGRESS, target_ip)
rule5 = test_lib.lib_gen_sg_rule(Port.rule5_ports, inventory.TCP, inventory.INGRESS, target_ip)
sg = test_stub.create_sg()
test_obj_dict.add_sg(sg.security_group.uuid)
sg.add_rule([rule1, rule2, rule3, rule4, rule5])
sg_vm.attach(sg, [vm_nics])
time.sleep(3)
#need regularlly clean up log files in virtual router when doing stress test
test_lib.lib_check_cleanup_vr_logs_by_vm(vm1.vm)
#clean up all vm and sg
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass('Create/Destroy VM with VR successfully')
def test():
global default_l3_mtu
test_util.test_dsc(
'Create test vm and check. VR has DNS SNAT EIP PF and DHCP services')
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
default_l3_mtu = net_ops.get_l3_mtu(l3_net_uuid)
vm = test_stub.create_vlan_vm(l3_name)
test_obj_dict.add_vm(vm)
vrs = test_lib.lib_find_vr_by_vm(vm.vm)
for vr in vrs:
if vr.applianceVmType != "vrouter":
test_util.test_skip("Skip l3 mtu test for non vrouter")
vm.check()
if not test_lib.lib_execute_command_in_vm(
vm.get_vm(), 'tracepath -n yyk.net | tail -1 | grep "pmtu %s"' %
(default_l3_mtu)):
test_util.test_fail("fail to check mtu in [vm:] %s" %
(vm.get_vm().uuid))
net_ops.set_l3_mtu(l3_net_uuid, 1200)
vm.reboot()
vm.check()
if not test_lib.lib_execute_command_in_vm(
vm.get_vm(), 'tracepath -n yyk.net | tail -1 | grep "pmtu 1200"'):
test_util.test_fail("fail to check mtu in [vm:] %s" %
(vm.get_vm().uuid))
vm.destroy()
test_util.test_pass(
'Create VirtualRouter VM DNS DHCP SANT EIP PF Test Success')
def test():
test_util.test_dsc('Test vr default name format')
vm = test_stub.create_basic_vm()
test_obj_dict.add_vm(vm)
vm.check()
vr_inv = test_lib.lib_find_vr_by_vm(vm.vm)[0]
actual_name = vr_inv.name #VirtualRouter.l3.l3VlanNetwork3
guest_l3network_uuid = vr_inv.vmNics[0].l3NetworkUuid
guest_l3network_name = test_lib.lib_get_l3_by_uuid(
guest_l3network_uuid).name
guest_l3network_uuid_head_6_num = guest_l3network_uuid[0:6]
expected_name = vr_l3_name_prefix + "." + guest_l3network_name + "." + guest_l3network_uuid_head_6_num
if expected_name != actual_name:
#test_util.test_logger("Test vr default name is not the same as expected, actual name:%s, expected name: %s" %(actual_name, expected_name))
test_util.test_fail(
"Test vr default name is not the same as expected, actual name:%s, expected name: %s"
% (actual_name, expected_name))
vm.destroy()
test_util.test_pass('Test vr default name format success.')
def test():
global test_obj_dict
test_util.test_dsc('Create test vm and check')
vm = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm)
vm.check()
test_util.test_dsc('Create volume and check')
volume = test_stub.create_volume()
vr_vm = test_lib.lib_find_vr_by_vm(vm.vm)[0]
test_vr_vm = zstack_test_vm.ZstackTestVm()
test_vr_vm.vm = vr_vm
test_vr_vm.state = vm_header.RUNNING
volume.attach(vm)
volume.check()
volume.detach()
volume.check()
test_util.test_dsc('Attach volume to VR vm and check')
volume.attach(test_vr_vm)
volume.check()
volume.detach()
volume.check()
volume.delete()
volume.check()
vm.destroy()
test_util.test_pass('Create Data Volume for Vlan VirtualRouter Test Success')
def create_vr_vm(test_obj_dict, l3_uuid, session_uuid=None):
'''
'''
vrs = test_lib.lib_find_vr_by_l3_uuid(l3_uuid)
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
instance_offering_uuid = test_lib.lib_get_instance_offering_by_name(
os.environ.get('instanceOfferingName_s')).uuid
cond = res_ops.gen_query_conditions('mediaType', '!=', 'ISO')
cond = res_ops.gen_query_conditions('platform', '=', 'Linux', cond)
cond = res_ops.gen_query_conditions('system', '=', 'false', cond)
image_uuid = res_ops.query_resource(res_ops.IMAGE,
cond,
session_uuid=session_uuid)[0].uuid
vm_creation_option = test_util.VmOption()
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
vm_creation_option.set_image_uuid(image_uuid)
vm_creation_option.set_l3_uuids([l3_uuid])
temp_vm = create_vm(vm_creation_option, session_uuid=session_uuid)
test_obj_dict.add_vm(temp_vm)
vr = test_lib.lib_find_vr_by_vm(temp_vm.vm)[0]
temp_vm.destroy(session_uuid)
test_obj_dict.rm_vm(temp_vm)
else:
vr = vrs[0]
if not test_lib.lib_is_vm_running(vr):
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_skip('vr: %s is not running. Will skip test.' %
vr.uuid)
return vr
def check(self):
super(zstack_kvm_vm_network_checker, self).check()
vm = self.test_obj.vm
host = test_lib.lib_get_vm_host(vm)
test_lib.lib_install_testagent_to_host(host)
test_lib.lib_set_vm_host_l2_ip(vm)
vr_vms = test_lib.lib_find_vr_by_vm(vm)
if not vr_vms:
test_util.test_warn('No Virtual Router was found for VM: %s. Skip testing.' % vm.uuid)
return self.judge(self.exp_result)
for vr_vm in vr_vms:
nic = test_lib.lib_get_vm_nic_by_vr(vm, vr_vm)
if not 'DHCP' in test_lib.lib_get_l3_service_type(nic.l3NetworkUuid):
test_util.test_logger("Skip [VR:] %s, since it doesn't provide DHCP service" % vr_vm.uuid)
continue
guest_ip = nic.ip
command = 'ping -c 5 -W 5 %s >/tmp/ping_result 2>&1; ret=$?; cat /tmp/ping_result; exit $ret' % guest_ip
if not test_lib.lib_execute_sh_cmd_by_agent_with_retry(host.managementIp, command, self.exp_result):
test_util.test_logger('Checker result: FAIL to ping [target:] %s [ip:] %s from [host:] %s' % (vm.uuid, guest_ip, host.uuid))
if self.exp_result == True:
test_util.test_logger("network connection result is not expected pass, will print VR's network configuration:")
test_lib.lib_print_vr_network_conf(vr_vm)
return self.judge(False)
else:
test_util.test_logger('Checker result: SUCCESSFULLY ping [target:] %s [ip:] %s from [host:] %s' % (vm.uuid, guest_ip, host.uuid))
test_util.test_logger("Checker result: ping target [vm:] %s from [host:] %s SUCCESS" % (vm.uuid, host.uuid))
return self.judge(True)
def check(self):
super(zstack_kvm_vm_snat_checker, self).check()
vm = self.test_obj.vm
test_lib.lib_install_testagent_to_vr(vm)
host = test_lib.lib_get_vm_host(vm)
vm_cmd_result = None
vr_vms = test_lib.lib_find_vr_by_vm(vm)
test_lib.lib_set_vm_host_l2_ip(vm)
for vr_vm in vr_vms:
test_util.test_logger("Begin to check [vm:] %s SNAT" % vm.uuid)
nic = test_lib.lib_get_vm_nic_by_vr(vm, vr_vm)
if not 'SNAT' in test_lib.lib_get_l3_service_type(nic.l3NetworkUuid):
test_util.test_logger("Skip [VR:] %s, since it doesn't provide SNAT service" % vr_vm.uuid)
continue
ping_target = test_lib.test_config.pingTestTarget.text_
#Check if there is a SG rule to block ICMP checking
if test_lib.lib_is_sg_rule_exist(nic.uuid, None, None, inventory.EGRESS):
if not test_lib.lib_is_sg_rule_exist(nic.uuid, inventory.ICMP, ping_target, inventory.EGRESS):
test_util.test_warn('Skip SNAT checker: because there is ICMP Egress Rule was assigned to [nic:] %s and the allowed target ip is not %s' % (nic.uuid, ping_target))
return self.judge(self.exp_result)
guest_ip = nic.ip
vm_command = 'ping -c 5 -W 5 %s >/tmp/ping_result 2>&1; ret=$?; cat /tmp/ping_result; exit $ret' % ping_target
vm_cmd_result = test_lib.lib_ssh_vm_cmd_by_agent_with_retry(host.managementIp, nic.ip, test_lib.lib_get_vm_username(vm), test_lib.lib_get_vm_password(vm), vm_command, self.exp_result)
if not vm_cmd_result:
test_util.test_logger('Checker result: FAIL to ping [target:] %s from [vm:] %s .' % (ping_target, vm.uuid))
if self.exp_result == True:
test_util.test_logger("network connection result is not expected pass, will print VR's network configuration:")
test_lib.lib_print_vr_network_conf(vr_vm)
return self.judge(False)
else:
test_util.test_logger('Checker result: SUCCEED to ping [target:] %s from [vm:] %s .' % (ping_target, vm.uuid))
return self.judge(True)
def check(self):
super(zstack_kvm_vm_snat_checker, self).check()
vm = self.test_obj.vm
test_lib.lib_install_testagent_to_vr(vm)
host = test_lib.lib_get_vm_host(vm)
vm_cmd_result = None
vr_vms = test_lib.lib_find_vr_by_vm(vm)
test_lib.lib_set_vm_host_l2_ip(vm)
for vr_vm in vr_vms:
test_util.test_logger("Begin to check [vm:] %s SNAT" % vm.uuid)
nic = test_lib.lib_get_vm_nic_by_vr(vm, vr_vm)
if not 'SNAT' in test_lib.lib_get_l3_service_type(nic.l3NetworkUuid):
test_util.test_logger("Skip [VR:] %s, since it doesn't provide SNAT service" % vr_vm.uuid)
continue
ping_target = test_lib.test_config.pingTestTarget.text_
#Check if there is a SG rule to block ICMP checking
if test_lib.lib_is_sg_rule_exist(nic.uuid, None, None, inventory.EGRESS):
if not test_lib.lib_is_sg_rule_exist(nic.uuid, inventory.ICMP, ping_target, inventory.EGRESS):
test_util.test_warn('Skip SNAT checker: because there is ICMP Egress Rule was assigned to [nic:] %s and the allowed target ip is not %s' % (nic.uuid, ping_target))
return self.judge(self.exp_result)
guest_ip = nic.ip
vm_command = 'ping -c 5 -W 5 %s >/tmp/ping_result 2>&1; ret=$?; cat /tmp/ping_result; exit $ret' % ping_target
vm_cmd_result = test_lib.lib_ssh_vm_cmd_by_agent_with_retry(host.managementIp, nic.ip, test_lib.lib_get_vm_username(vm), test_lib.lib_get_vm_password(vm), vm_command, self.exp_result)
if not vm_cmd_result:
test_util.test_logger('Checker result: FAIL to ping [target:] %s from [vm:] %s .' % (ping_target, vm.uuid))
if self.exp_result == True:
test_util.test_logger("network connection result is not expected pass, will print VR's network configuration:")
test_lib.lib_print_vr_network_conf(vr_vm)
return self.judge(False)
else:
test_util.test_logger('Checker result: SUCCEED to ping [target:] %s from [vm:] %s .' % (ping_target, vm.uuid))
return self.judge(True)
def test():
global default_l3_mtu
test_util.test_dsc('Create test vm and check. VR has DNS SNAT EIP PF and DHCP services')
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
default_l3_mtu = net_ops.get_l3_mtu(l3_net_uuid)
vm = test_stub.create_vlan_vm(l3_name)
test_obj_dict.add_vm(vm)
vrs = test_lib.lib_find_vr_by_vm(vm.vm)
for vr in vrs:
if vr.applianceVmType != "vrouter":
test_util.test_skip("Skip l3 mtu test for non vrouter")
vm.check()
if not test_lib.lib_execute_command_in_vm(vm.get_vm(), 'tracepath -n yyk.net | tail -1 | grep "pmtu %s"' % (default_l3_mtu)):
test_util.test_fail("fail to check mtu in [vm:] %s" % (vm.get_vm().uuid))
net_ops.set_l3_mtu(l3_net_uuid, 1200)
vm.reboot()
vm.check()
if not test_lib.lib_execute_command_in_vm(vm.get_vm(), 'tracepath -n yyk.net | tail -1 | grep "pmtu 1200"'):
test_util.test_fail("fail to check mtu in [vm:] %s" % (vm.get_vm().uuid))
vm.destroy()
test_util.test_pass('Create VirtualRouter VM DNS DHCP SANT EIP PF Test Success')
def test():
global test_obj_dict
test_util.test_dsc('Create test vm and check')
vm = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm)
vm.check()
test_util.test_dsc('Create volume and check')
volume = test_stub.create_volume()
vr_vm = test_lib.lib_find_vr_by_vm(vm.vm)[0]
test_vr_vm = zstack_test_vm.ZstackTestVm()
test_vr_vm.vm = vr_vm
test_vr_vm.state = vm_header.RUNNING
volume.attach(vm)
volume.check()
volume.detach()
volume.check()
test_util.test_dsc('Attach volume to VR vm and check')
volume.attach(test_vr_vm)
volume.check()
volume.detach()
volume.check()
volume.delete()
volume.check()
vm.destroy()
test_util.test_pass(
'Create Data Volume for Vlan VirtualRouter Test Success')
def create_checker(self, test_obj):
kvm_vm_checker_chain = checker_header.CheckerChain()
checker_dict = {}
if test_obj.state == vm_header.RUNNING:
checker_dict[vm_checker.zstack_kvm_vm_set_host_vlan_ip] = True
checker_dict[db_checker.zstack_vm_db_checker] = True
checker_dict[vm_checker.zstack_kvm_vm_running_checker] = True
#if behind of VR
vrs = test_lib.lib_find_vr_by_vm(test_obj.vm)
if vrs:
svr_types = test_lib.lib_get_l3s_service_type(test_obj.vm)
#The first DHCP checker will wait for VM start up.
if 'DHCP' in svr_types:
checker_dict[vm_checker.zstack_kvm_vm_dhcp_checker] = True
checker_dict[vm_checker.zstack_kvm_vm_network_checker] = True
#if guest can't get IP address from DHCP, auto case can
# not test DNS feature.
if 'DNS' in svr_types:
checker_dict[vm_checker.zstack_kvm_vm_dns_checker] \
= True
else:
checker_dict[vm_checker.zstack_kvm_vm_dns_checker] \
= False
else:
checker_dict[vm_checker.zstack_kvm_vm_dhcp_checker] = False
checker_dict[vm_checker.zstack_kvm_vm_network_checker] \
= False
if 'SNAT' in svr_types:
checker_dict[vm_checker.zstack_kvm_vm_snat_checker] = True
else:
checker_dict[vm_checker.zstack_kvm_vm_snat_checker] = False
#if 'PortForwarding' in svr_types:
# checker_dict[vm_checker.zstack_kvm_vm_dnat_checker] = True
#else:
# checker_dict[vm_checker.zstack_kvm_vm_dnat_checker] = False
else:
sp_types = test_lib.lib_get_vm_l3_service_provider_types(test_obj.vm)
if 'Flat' in sp_types:
checker_dict[vm_checker.zstack_kvm_vm_ssh_no_vr_checker] = True
if test_obj.get_creation_option().get_default_l3_uuid():
checker_dict[vm_checker.zstack_kvm_vm_default_l3_checker] = True
elif test_obj.state == vm_header.STOPPED:
checker_dict[db_checker.zstack_vm_db_checker] = True
#stopped_checker is deprecated, since the stopped vm will be removed
#from host.
#checker_dict[vm_checker.zstack_kvm_vm_stopped_checker] = True
elif test_obj.state == vm_header.DESTROYED:
#VM destroy will cause vm structure be removed from DB, when VmExpungeInterval is set to 1, so doesn't need to check destroyed state sync in db in most case.
checker_dict[db_checker.zstack_vm_db_checker] = True
checker_dict[vm_checker.zstack_kvm_vm_destroyed_checker] = True
elif test_obj.state == vm_header.EXPUNGED:
checker_dict[db_checker.zstack_vm_db_checker] = True
kvm_vm_checker_chain.add_checker_dict(checker_dict, test_obj)
return kvm_vm_checker_chain
def test():
ps_env = test_stub.PSEnvChecker()
ps1, ps2 = ps_env.get_two_ps()
vm_list = []
for root_vol_ps in [ps1, ps2]:
for data_vol_ps in [ps1, ps2]:
vm = test_stub.create_multi_vms(name_prefix='test_vm', count=1,
ps_uuid=root_vol_ps.uuid, data_volume_number=VOLUME_NUMBER,
ps_uuid_for_data_vol=data_vol_ps.uuid)[0]
test_obj_dict.add_vm(vm)
vm_list.append(vm)
vm1, vm2, vm3, vm4 = vm_list
ps_ops.change_primary_storage_state(state='maintain', primary_storage_uuid=ps2.uuid)
maintenance_ps_list.append(ps2)
time.sleep(60)
vr_vm_list = test_lib.lib_find_vr_by_vm(vm1.get_vm())
vr_vm = None
if vr_vm_list:
vr_vm = vr_vm_list[0]
if vr_vm.allVolumes[0].primaryStorageUuid == ps2.uuid:
assert vr_vm.state == inventory.STOPPED
else:
assert vr_vm.state == inventory.RUNNING
vm1.check()
else:
vm1.check()
for vm in vm_list:
vm.update()
assert vm1.get_vm().state == inventory.RUNNING
assert vm2.get_vm().state == inventory.STOPPED
assert vm3.get_vm().state == inventory.STOPPED
assert vm4.get_vm().state == inventory.STOPPED
for vm in [vm2, vm3, vm4]:
with test_stub.expected_failure("start vm in maintenance ps", Exception):
vm.start()
test_util.test_dsc('enable ps2')
ps_ops.change_primary_storage_state(state='enable', primary_storage_uuid=ps2.uuid)
maintenance_ps_list.remove(ps2)
if vr_vm and vr_vm.state == inventory.STOPPED:
vm_ops.start_vm(vr_vm.uuid)
time.sleep(10)
for vm in [vm2, vm3, vm4]:
vm.start()
for vm in [vm2, vm3, vm4]:
vm.update()
vm.check()
test_util.test_pass('Multi PrimaryStorage Test Pass')
def test():
'''
Test image requirements:
1. have nc to check the network port
2. have "nc" to open any port
3. it doesn't include a default firewall
VR image is a good candiate to be the guest image.
'''
test_util.test_dsc("Create 3 VMs with vlan VR L3 network and using VR image.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm2)
vm1.check()
vm2.check()
test_util.test_dsc("Create security groups.")
sg1 = test_stub.create_sg()
sg_vm = test_sg_vm_header.ZstackTestSgVm()
test_obj_dict.set_sg_vm(sg_vm)
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vm2_ip = test_lib.lib_get_vm_nic_by_l3(vm2.vm, l3_uuid).ip
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, vm2_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.INGRESS, vm2_ip)
rule3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP, inventory.INGRESS, vm2_ip)
sg1.add_rule([rule1])
sg1.add_rule([rule2])
sg1.add_rule([rule3])
sg_vm.check()
nic_uuid1 = vm1.vm.vmNics[0].uuid
nic_uuid2 = vm2.vm.vmNics[0].uuid
# nic_uuid3 = vm2.vm.vmNics[0].uuid
vm1_nics = (nic_uuid1, vm1)
vm2_nics = (nic_uuid2, vm2)
# vm3_nics = (nic_uuid3, vm3)
#test_stub.lib_add_sg_rules(sg1.uuid, [rule0, rule1])
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc("Allowed ingress ports: %s" % test_stub.rule1_ports)
#sg_vm.attach(sg1, [vm1_nics, vm2_nics, vm3_nics])
sg_vm.attach(sg1, [vm1_nics, vm2_nics])
sg_vm.check()
sg_vm.delete_sg(sg1)
sg_vm.check()
vm1.destroy()
test_obj_dict.rm_vm(vm1)
vm2.destroy()
test_obj_dict.rm_vm(vm2)
test_util.test_pass('Delete Security Group with 2 attached NICs Success')
def test():
'''
Test image requirements:
1. have nc to check the network port
2. have "nc" to open any port
3. it doesn't include a default firewall
VR image is a good candiate to be the guest image.
'''
global test_obj_dict
test_util.test_dsc("Create 2 VMs with vlan VR L3 network and using VR image.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm2)
vm1.check()
vm2.check()
test_util.test_dsc("Create security groups.")
sg1 = test_stub.create_sg()
sg_vm = test_sg_vm_header.ZstackTestSgVm()
nic_uuid = vm1.vm.vmNics[0].uuid
vm_nics = (nic_uuid, vm1)
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vm2_ip = test_lib.lib_get_vm_nic_by_l3(vm2.vm, l3_uuid).ip
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.EGRESS, vm2_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.EGRESS, vm2_ip)
rule3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP, inventory.EGRESS, vm2_ip)
sg1.add_rule([rule1, rule2, rule3])
sg_vm.add_stub_vm(l3_uuid, vm2)
#add sg1
test_util.test_dsc("Add VM1 nic to security group 1.")
sg_vm.attach(sg1, [vm_nics])
sg_vm.check()
#shutdown vm1
test_util.test_dsc("Shutdown VM1")
vm1.stop()
#remove vm1 nic from sg1
test_util.test_dsc("Remove nic from security group 1 to stopped vm1.")
sg_vm.detach(sg1, nic_uuid)
test_util.test_dsc("Start VM1")
vm1.start()
vm1.check()
sg_vm.check()
vm1.destroy()
vm2.destroy()
sg_vm.delete_sg(sg1)
test_util.test_pass('Detach stopped VM NIC from Security Group Test Success')
def test():
test_util.test_dsc('Create test vm with EIP and check.')
vm = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm)
vm2 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm2)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
vm_nic = vm.vm.vmNics[0]
vm2_nic = vm2.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
if vr.applianceVmType == "VirtualRouter":
test_util.test_skip("This test only for vrouter network")
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('create_eip_test', l3_uuid)
test_obj_dict.add_vip(vip)
eip = test_stub.create_eip('create eip test', vip_uuid=vip.get_vip().uuid, vnic_uuid=vm_nic_uuid, vm_obj=vm)
vip.attach_eip(eip)
vm.check()
vm2.check()
test_stub.make_ssh_no_password(vm2.get_vm())
vm_ip = vm_nic.ip
vm2_ip = vm2_nic.ip
ssh_cmd = 'ssh -oStrictHostKeyChecking=no -oCheckHostIP=no -oUserKnownHostsFile=/dev/null'
cmd = 'ping -c 8 %s' % (eip.get_eip().vipIp)
shell.call("%s %s %s" % (ssh_cmd, vm2_ip, cmd))
cmd = '''"echo quit | timeout 4 telnet %s 22|grep 'Escape character'"''' % (eip.get_eip().vipIp)
shell.call("%s %s %s" % (ssh_cmd, vm2_ip, cmd))
vm.destroy()
test_obj_dict.rm_vm(vm)
vip.check()
eip.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass('Create EIP for VM Success')
def test():
global test_obj_dict
test_util.test_dsc("Create 1 VMs with vlan VR L3 network for SG testing.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm1.check()
nic_uuid = vm1.vm.vmNics[0].uuid
vm_nics = (nic_uuid, vm1)
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vm1_ip = test_lib.lib_get_vm_nic_by_l3(vr_vm, l3_uuid).ip
target_ip_prefix = '10.10.10.'
rule_list = []
for j in range(rule_num):
target_ip = '%s%s' % (target_ip_prefix, str(1 + j))
rule = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP,
inventory.INGRESS, target_ip)
rule_list.append(rule)
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg1.add_rule(rule_list)
sg_vm.attach(sg1, [vm_nics])
rule_list = []
for j in range(rule_num):
target_ip = '%s%s' % (target_ip_prefix, str(1 + j))
rule = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP,
inventory.EGRESS, target_ip)
rule_list.append(rule)
sg2 = test_stub.create_sg()
test_obj_dict.add_sg(sg2.security_group.uuid)
sg2.add_rule(rule_list)
sg_vm.attach(sg2, [vm_nics])
sg1_rules = test_lib.lib_get_sg_rule(sg1.security_group.uuid)
if len(sg1_rules) != 200:
test_util.test_fail(
"Did not find 200 SG rules for SG1: %s. We only catch %s rules" %
(sg1.security_group.uuid, len(sg1_rules)))
sg2_rules = test_lib.lib_get_sg_rule(sg2.security_group.uuid)
if len(sg2_rules) != 200:
test_util.test_fail(
"Did not find 200 SG rules for SG2: %s. We only catch %s rules" %
(sg2.security_group.uuid, len(sg2_rules)))
time.sleep(3)
#need regularlly clean up log files in virtual router when doing stress test
test_lib.lib_check_cleanup_vr_logs_by_vm(vm1.vm)
#clean up all vm and sg
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass('Create/Destroy VM with VR successfully')
def vm_check(self, test_result):
vm = self.test_obj.vm
test_util.test_logger("Begin to check VM DHCP in VM: %s" % vm.uuid)
nic = test_lib.lib_get_nic_by_uuid(self.test_obj.get_creation_option().get_vm_nic_uuid())
test_lib.lib_find_vr_by_vm(vm)
guest_ip = nic.ip
host = test_lib.lib_get_vm_host(vm)
vm_command = '/sbin/ifconfig'
vm_cmd_result = test_lib.lib_ssh_vm_cmd_by_agent_with_retry(host.managementIp, self.test_obj.vip.ip, test_lib.lib_get_vm_username(vm), test_lib.lib_get_vm_password(vm), vm_command)
if not vm_cmd_result:
test_util.test_logger('Checker result: FAIL to execute test ssh command in test [vm:] %s throught [host:] %s.' % (vm.uuid, host.name))
return self.judge(False)
if guest_ip in vm_cmd_result:
test_util.test_logger('Checker result: guest [ip:] %s is SET in guest [vm:] %s.' % (guest_ip, vm.uuid))
else:
test_util.test_logger('Checker result: guest [ip:] %s is NOT found in guest [vm:] %s. \n It might be because the ifconfig is not reflect the ip address yet. \n The current ifconfig result is: %s' % (guest_ip, vm.uuid, vm_cmd_result))
return self.judge(False)
return self.judge(True)
def get_vr_by_private_l3_name(l3_name):
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
if not vrs:
#create temp_vm for getting vlan1's vr
temp_vm = create_vlan_vm(l3_name)
vr = test_lib.lib_find_vr_by_vm(temp_vm.vm)[0]
temp_vm.destroy()
else:
vr = vrs[0]
return vr
def create_checker(self, test_obj):
kvm_vm_checker_chain = checker_header.CheckerChain()
checker_dict = {}
if test_obj.state == vm_header.RUNNING:
checker_dict[vm_checker.zstack_kvm_vm_set_host_vlan_ip] = True
checker_dict[db_checker.zstack_vm_db_checker] = True
checker_dict[vm_checker.zstack_kvm_vm_running_checker] = True
#if behind of VR
vrs = test_lib.lib_find_vr_by_vm(test_obj.vm)
if vrs:
svr_types = test_lib.lib_get_l3s_service_type(test_obj.vm)
#The first DHCP checker will wait for VM start up.
if 'DHCP' in svr_types:
checker_dict[vm_checker.zstack_kvm_vm_dhcp_checker] = True
checker_dict[vm_checker.zstack_kvm_vm_network_checker] \
= True
#if guest can't get IP address from DHCP, auto case can
# not test DNS feature.
if 'DNS' in svr_types:
checker_dict[vm_checker.zstack_kvm_vm_dns_checker] \
= True
else:
checker_dict[vm_checker.zstack_kvm_vm_dns_checker] \
= False
else:
checker_dict[vm_checker.zstack_kvm_vm_dhcp_checker] = False
checker_dict[vm_checker.zstack_kvm_vm_network_checker] \
= False
if 'SNAT' in svr_types:
checker_dict[vm_checker.zstack_kvm_vm_snat_checker] = True
else:
checker_dict[vm_checker.zstack_kvm_vm_snat_checker] = False
#if 'PortForwarding' in svr_types:
# checker_dict[vm_checker.zstack_kvm_vm_dnat_checker] = True
#else:
# checker_dict[vm_checker.zstack_kvm_vm_dnat_checker] = False
if test_obj.get_creation_option().get_default_l3_uuid():
checker_dict[vm_checker.zstack_kvm_vm_default_l3_checker] = True
elif test_obj.state == vm_header.STOPPED:
checker_dict[db_checker.zstack_vm_db_checker] = True
#stopped_checker is deprecated, since the stopped vm will be removed
#from host.
#checker_dict[vm_checker.zstack_kvm_vm_stopped_checker] = True
elif test_obj.state == vm_header.DESTROYED:
#VM destroy will cause vm structure be removed from DB, when VmExpungeInterval is set to 1, so doesn't need to check destroyed state sync in db in most case.
checker_dict[db_checker.zstack_vm_db_checker] = False
checker_dict[vm_checker.zstack_kvm_vm_destroyed_checker] = True
kvm_vm_checker_chain.add_checker_dict(checker_dict, test_obj)
return kvm_vm_checker_chain
def get_vr_by_private_l3_name(l3_name):
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
if not vrs:
#create temp_vm for getting vlan1's vr
temp_vm = create_vlan_vm(l3_name)
vr = test_lib.lib_find_vr_by_vm(temp_vm.vm)[0]
temp_vm.destroy()
else:
vr = vrs[0]
return vr
def test():
test_util.test_dsc('Create test vm and check the time spend on each stage')
test_util.test_skip('Time cases need further polish, skip test right now')
vm_name = 'vm_'+key_gen(7)
begin_time = int(time.time()*1000)
vm = test_stub.create_named_vm(vm_name)
test_obj_dict.add_vm(vm)
ps = test_lib.lib_get_primary_storage_by_uuid(vm.get_vm().allVolumes[0].primaryStorageUuid)
if ps.type != inventory.LOCAL_STORAGE_TYPE:
test_util.test_skip('Skip test on non-localstorage')
vr = test_lib.lib_find_vr_by_vm(vm.vm)[0]
if vr.applianceVmType != "vrouter":
test_util.test_skip("This test only for vyos network")
vm.check()
[select_bs_time, allocate_host_time, allocate_ps_time, local_storage_allocate_capacity_time,\
allocate_volume_time, allocate_nic_time, instantiate_res_pre_time, create_on_hypervisor_time,\
instantiate_res_post_time] = test_stub.get_stage_time(vm_name, begin_time)
test_util.test_dsc("select_bs_time is "+str(select_bs_time))
test_util.test_dsc("allocate_host_time is "+str(allocate_host_time))
test_util.test_dsc("allocate_ps_time is "+str(allocate_ps_time))
test_util.test_dsc("local_storage_allocate_capacity_time is "+str(local_storage_allocate_capacity_time))
test_util.test_dsc("allocate_volume_time is "+str(allocate_volume_time))
test_util.test_dsc("allocate_nic_time is "+str(allocate_nic_time))
test_util.test_dsc("instantiate_res_pre_time is "+str(instantiate_res_pre_time))
test_util.test_dsc("create_on_hypervisor_time is "+str(create_on_hypervisor_time))
test_util.test_dsc("instantiate_res_post_time is "+str(instantiate_res_post_time))
if select_bs_time > 10:
test_util.test_fail('select_bs_time is bigger than 10 milliseconds')
if allocate_host_time > 190:
test_util.test_fail('allocate_host_time is bigger than 190 milliseconds')
if allocate_ps_time > 70:
test_util.test_fail('allocate_ps_time is bigger than 70 milliseconds')
if local_storage_allocate_capacity_time > 70:
test_util.test_fail('local_storage_allocate_capacity_time is bigger than 70 milliseconds')
if allocate_volume_time > 90:
test_util.test_fail('allocate_volume_time is bigger than 90 milliseconds')
if allocate_nic_time > 70:
test_util.test_fail('allocate_nic_time is bigger than 70 milliseconds')
if instantiate_res_pre_time > 1300:
test_util.test_fail('instantiate_res_pre_time is bigger than 1300 milliseconds')
if create_on_hypervisor_time > 8000:
test_util.test_fail('create_on_hypervisor_time is bigger than 2500 milliseconds')
if instantiate_res_post_time > 30:
test_util.test_fail('instantiate_res_post_time is bigger than 30 milliseconds')
vm.destroy()
test_util.test_pass('Create VM and Check time for Each Stage Test Success')
def test():
global test_obj_dict
test_util.test_dsc("Create 1 VMs with vlan VR L3 network for SG testing.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm1.check()
nic_uuid = vm1.vm.vmNics[0].uuid
vm_nics = (nic_uuid, vm1)
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vm1_ip = test_lib.lib_get_vm_nic_by_l3(vr_vm, l3_uuid).ip
target_ip_prefix = '10.10.10.'
rule_list = []
for j in range(rule_num):
target_ip = '%s%s' % (target_ip_prefix, str(1+j))
rule = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, target_ip)
rule_list.append(rule)
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg1.add_rule(rule_list)
sg_vm.attach(sg1, [vm_nics])
rule_list = []
for j in range(rule_num):
target_ip = '%s%s' % (target_ip_prefix, str(1+j))
rule = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.EGRESS, target_ip)
rule_list.append(rule)
sg2 = test_stub.create_sg()
test_obj_dict.add_sg(sg2.security_group.uuid)
sg2.add_rule(rule_list)
sg_vm.attach(sg2, [vm_nics])
sg1_rules = test_lib.lib_get_sg_rule(sg1.security_group.uuid)
if len(sg1_rules) != 200:
test_util.test_fail("Did not find 200 SG rules for SG1: %s. We only catch %s rules" % (sg1.security_group.uuid, len(sg1_rules)))
sg2_rules = test_lib.lib_get_sg_rule(sg2.security_group.uuid)
if len(sg2_rules) != 200:
test_util.test_fail("Did not find 200 SG rules for SG2: %s. We only catch %s rules" % (sg2.security_group.uuid, len(sg2_rules)))
time.sleep(3)
#need regularlly clean up log files in virtual router when doing stress test
test_lib.lib_check_cleanup_vr_logs_by_vm(vm1.vm)
#clean up all vm and sg
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass('Create/Destroy VM with VR successfully')
def test():
test_util.test_dsc('Create test vm with EIP and check.')
vm = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('create_eip_test', l3_uuid)
test_obj_dict.add_vip(vip)
eip = test_stub.create_eip('create eip test',
vip_uuid=vip.get_vip().uuid,
vnic_uuid=vm_nic_uuid,
vm_obj=vm)
vip.attach_eip(eip)
vm.check()
test_stub.make_ssh_no_password(vm.get_vm())
vm_ip = vm_nic.ip
ssh_cmd = 'ssh -oStrictHostKeyChecking=no -oCheckHostIP=no -oUserKnownHostsFile=/dev/null'
cmd = 'ping -c 8 %s' % (eip.get_eip().vipIp)
shell.call("%s %s %s" % (ssh_cmd, vm_ip, cmd))
vm.destroy()
test_obj_dict.rm_vm(vm)
vip.check()
eip.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass('Create EIP for VM Success')
def test():
test_util.test_dsc('Create test vm1 and check')
vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm1)
test_util.test_dsc('Create test vm2 and check')
vm2 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm2)
vm1.check()
vm2.check()
vrs = test_lib.lib_find_vr_by_vm(vm1.vm)
if len(vrs) != 1:
test_util.test_logger(
'more than 1 VR are found for vm1: %s. Will test the 1st one: %s.'
% (vm1.vm.uuid, vr.uuid))
vr = vrs[0]
vr_mgmt_ip = test_lib.lib_find_vr_mgmt_ip(vr)
if not test_lib.lib_check_testagent_status(vr_mgmt_ip):
test_util.test_fail(
'vr: %s is not reachable, since can not reach its test agent. Give up test and test failure. '
% vr.uuid)
test_lib.lib_install_testagent_to_vr_with_vr_vm(vr)
#Need to put the vr restart into thread. Since vr reboot API is a sync API.
thread = threading.Thread(target=vm_ops.reboot_vm, args=(vr.uuid, ))
thread.start()
#check vr vr service port
if not test_lib.lib_wait_target_down(vr_mgmt_ip, '7272', 120):
test_util.test_fail(
'vr: %s is not shutdown in 120 seconds. Fail to reboot it. ' %
vr.uuid)
if not test_lib.lib_wait_target_up(vr_mgmt_ip, '7272', 120):
test_util.test_fail(
'vr: %s is not startup in 120 seconds. Fail to reboot it. ' %
vr.uuid)
#avoid of possible apt conflicting between install testagent and appliancevm
#time.sleep(60)
vm1.check()
vm2.check()
test_util.test_dsc('Ping from vm1 to vm2.')
test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip)
vm1.destroy()
vm2.destroy()
test_util.test_pass(
'Create vlan VirtualRouter VM (and reboot VR after VM created) Test with snat ping between two VMs Success'
)
def test():
pub_l3_vm, flat_l3_vm, vr_l3_vm = test_stub.generate_pub_test_vm(tbj=test_obj_dict)
with test_lib.expected_failure('create vm use system network', Exception):
test_stub.create_vm_with_random_offering(vm_name='test_vm',
image_name='imageName_net',
l3_name='l3ManagementNetworkName')
vr = test_lib.lib_find_vr_by_vm(vr_l3_vm.get_vm())[0]
for nic in vr.vmNics:
test_util.test_logger(nic.ip)
if not test_lib.lib_check_directly_ping(nic.ip):
test_util.test_fail('IP:{} expected to be able to ping vip while it fail'.format(nic.ip))
def test():
test_util.test_dsc(
'Create vrouter vm and check if the second public nic attached to vrouter'
)
vm1 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm1)
vm1_ip = vm1.get_vm().vmNics[0].ip
vr1 = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vr1_uuid = vr1.uuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr1_private_ip = test_lib.lib_find_vr_private_ip(vr1)
l3network1_uuid = vm1.get_vm().vmNics[0].l3NetworkUuid
cond = res_ops.gen_query_conditions('uuid', '=', l3network1_uuid)
l3network1_cidr = res_ops.query_resource(res_ops.L3_NETWORK,
cond)[0].ipRanges[0].networkCidr
cond = res_ops.gen_query_conditions('name', '=', 'l3_user_defined_vlan1')
second_public_l3network_uuid = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].uuid
net_ops.attach_l3(second_public_l3network_uuid, vr1_uuid)
#Attach second public network to vrouter
cond = res_ops.gen_query_conditions('uuid', '=', vr1_uuid)
vr1_vm = res_ops.query_resource(res_ops.APPLIANCE_VM, cond)
vr1_nics = res_ops.query_resource(res_ops.APPLIANCE_VM, cond)[0].vmNics
second_public_l3network_attached = False
for vm_nic in vr1_nics:
if vm_nic.l3NetworkUuid == second_public_l3network_uuid:
second_public_l3network_attached = True
if not second_public_l3network_attached:
net_ops.attach_l3(second_public_l3network_uuid, vr1_uuid)
#Get vr1 nic_uuid on second public network
vr1_nics = res_ops.query_resource(res_ops.APPLIANCE_VM, cond)[0].vmNics
vr1_second_pub_nic_uuid = ''
for vm_nic in vr1_nics:
if vm_nic.l3NetworkUuid == second_public_l3network_uuid:
vr1_second_pub_nic_uuid = vm_nic.uuid
vm1.destroy()
net_ops.destroy_vrouter(vr1_uuid)
test_util.test_pass('The Second Public Nic Is Attached To Vrouter')
if vr1_second_pub_nic_uuid != '':
net_ops.detach_l3(vr1_second_pub_nic_uuid)
vm1.destroy()
net_ops.destroy_vrouter(vr1_uuid)
test_util.test_fail('The Second Public Nic Does Not Attached To Vrouter')
def test():
pub_l3_vm, flat_l3_vm, vr_l3_vm = test_stub.generate_pub_test_vm(
tbj=test_obj_dict)
with test_lib.expected_failure('create vm use system network', Exception):
test_stub.create_vm_with_random_offering(
vm_name='test_vm',
image_name='imageName_net',
l3_name='l3ManagementNetworkName')
vr = test_lib.lib_find_vr_by_vm(vr_l3_vm.get_vm())[0]
for nic in vr.vmNics:
test_util.test_logger(nic.ip)
if not test_lib.lib_check_directly_ping(nic.ip):
test_util.test_fail(
'IP:{} expected to be able to ping vip while it fail'.format(
nic.ip))
def test():
global vm, vm2
test_stub.skip_if_scenario_is_multiple_networks(mul_nets_sce_list=["scenario-config-ceph-sep-man.xml", "scenario-config-ceph-sep-pub.xml"])
test_stub.skip_if_vr_not_vyos("vr")
test_lib.clean_up_all_vr()
vm = test_stub.create_basic_vm()
vm.check()
vr_vm = test_lib.lib_find_vr_by_vm(vm.vm)[0]
vm.destroy()
t = threading.Thread(target=async_exec_reboot_vr, args=(vr_vm.uuid,))
t.start()
vm2 = test_stub.create_basic_vm(wait_vr_running=False)
vm2.check()
vm2.destroy()
test_util.test_pass('Create VM when vyos is rebooting Test Success')
def test():
test_util.test_dsc('Create test vm1 and check')
if test_lib.lib_get_ha_enable() != 'true':
test_util.test_skip("vm ha not enabled. Skip test")
vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm1)
vm1.check()
vrs = test_lib.lib_find_vr_by_vm(vm1.vm)
for vr in vrs:
if vr.applianceVmType != "vrouter":
continue
if ha_ops.get_vm_instance_ha_level(vr.uuid) != "NeverStop":
test_util.test_fail('vr: %s is not set to HA mode NeverStop.' % vr.uuid)
vm1.destroy()
test_util.test_pass('Check VR HA mode Success')
def test():
test_util.test_dsc('Create test vm1 and check')
if test_lib.lib_get_ha_enable() != 'true':
test_util.test_skip("vm ha not enabled. Skip test")
vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm1)
vm1.check()
vrs = test_lib.lib_find_vr_by_vm(vm1.vm)
for vr in vrs:
if vr.applianceVmType != "vrouter":
continue
if ha_ops.get_vm_instance_ha_level(vr.uuid) != "NeverStop":
test_util.test_fail('vr: %s is not set to HA mode NeverStop.' %
vr.uuid)
vm1.destroy()
test_util.test_pass('Check VR HA mode Success')
def create_vr_vm(test_obj_dict, l3_name):
'''
'''
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
temp_vm = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm = create_vlan_vm()
test_obj_dict.add_vm(temp_vm)
vr = test_lib.lib_find_vr_by_vm(temp_vm.vm)[0]
temp_vm.destroy()
test_obj_dict.rm_vm(temp_vm)
else:
vr = vrs[0]
if not test_lib.lib_is_vm_running(vr):
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_skip('vr: %s is not running. Will skip test.' % vr.uuid)
return vr
def test():
global test_obj_dict
test_util.test_dsc("Create 1 VMs with vlan VR L3 network for SG testing.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm1.check()
test_util.test_dsc("Create security groups.")
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg_vm = test_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
nic_uuid = vm1.vm.vmNics[0].uuid
vm_nics = (nic_uuid, vm1)
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vm1_ip = test_lib.lib_get_vm_nic_by_l3(vr_vm, l3_uuid).ip
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP,
inventory.INGRESS, vm1_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.INGRESS, vm1_ip)
rule3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP,
inventory.INGRESS, vm1_ip)
rule4 = test_lib.lib_gen_sg_rule(Port.rule4_ports, inventory.TCP,
inventory.INGRESS, vm1_ip)
rule5 = test_lib.lib_gen_sg_rule(Port.rule5_ports, inventory.TCP,
inventory.INGRESS, vm1_ip)
sg1.add_rule([rule1, rule2, rule3, rule4, rule5])
sg_vm.attach(sg1, [vm_nics])
time.sleep(3)
#need regularlly clean up log files in virtual router when doing stress test
test_lib.lib_check_cleanup_vr_logs_by_vm(vm1.vm)
#clean up all vm and sg
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass('Create/Destroy VM with VR successfully')
def test():
global vm, vm2
test_stub.skip_if_scenario_is_multiple_networks(mul_nets_sce_list=[
"scenario-config-ceph-sep-man.xml", "scenario-config-ceph-sep-pub.xml"
])
test_stub.skip_if_vr_not_vyos("vr")
test_lib.clean_up_all_vr()
vm = test_stub.create_basic_vm()
vm.check()
vr_vm = test_lib.lib_find_vr_by_vm(vm.vm)[0]
vm.destroy()
t = threading.Thread(target=async_exec_reboot_vr, args=(vr_vm.uuid, ))
t.start()
vm2 = test_stub.create_basic_vm(wait_vr_running=False)
vm2.check()
vm2.destroy()
test_util.test_pass('Create VM when vyos is rebooting Test Success')
def test():
test_util.test_dsc('Create test vm1 and check')
vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm1)
test_util.test_dsc('Create test vm2 and check')
vm2 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(vm2)
vm1.check()
vm2.check()
vrs = test_lib.lib_find_vr_by_vm(vm1.vm)
if len(vrs) != 1:
test_util.test_logger('more than 1 VR are found for vm1: %s. Will test the 1st one: %s.' % (vm1.vm.uuid, vr.uuid))
vr = vrs[0]
vr_mgmt_ip = test_lib.lib_find_vr_mgmt_ip(vr)
if not test_lib.lib_check_testagent_status(vr_mgmt_ip):
test_util.test_fail('vr: %s is not reachable, since can not reach its test agent. Give up test and test failure. ' % vr.uuid)
test_lib.lib_install_testagent_to_vr_with_vr_vm(vr)
#Need to put the vr restart into thread. Since vr reboot API is a sync API.
thread = threading.Thread(target=vm_ops.reboot_vm, args=(vr.uuid,))
thread.start()
#check vr vr service port
if not test_lib.lib_wait_target_down(vr_mgmt_ip, '7272', 60):
test_util.test_fail('vr: %s is not shutdown in 60 seconds. Fail to reboot it. ' % vr.uuid)
if not test_lib.lib_wait_target_up(vr_mgmt_ip, '7272', 120):
test_util.test_fail('vr: %s is not startup in 120 seconds. Fail to reboot it. ' % vr.uuid)
#avoid of possible apt conflicting between install testagent and appliancevm
#time.sleep(60)
vm1.check()
vm2.check()
test_util.test_dsc('Ping from vm1 to vm2.')
test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip)
vm1.destroy()
vm2.destroy()
test_util.test_pass('Create vlan VirtualRouter VM (and reboot VR after VM created) Test with snat ping between two VMs Success')
def test():
test_util.test_dsc('Test vr default name format')
vm = test_stub.create_basic_vm()
test_obj_dict.add_vm(vm)
vm.check()
vr_inv = test_lib.lib_find_vr_by_vm(vm.vm)[0]
actual_name = vr_inv.name #VirtualRouter.l3.l3VlanNetwork3
guest_l3network_uuid = vr_inv.vmNics[0].l3NetworkUuid
guest_l3network_name = test_lib.lib_get_l3_by_uuid(guest_l3network_uuid).name
guest_l3network_uuid_head_6_num = guest_l3network_uuid[0:6]
expected_name = vr_l3_name_prefix + "." + guest_l3network_name + "." + guest_l3network_uuid_head_6_num
if expected_name != actual_name:
#test_util.test_logger("Test vr default name is not the same as expected, actual name:%s, expected name: %s" %(actual_name, expected_name))
test_util.test_fail("Test vr default name is not the same as expected, actual name:%s, expected name: %s" %(actual_name, expected_name))
vm.destroy()
test_util.test_pass('Test vr default name format success.')
def test():
'''
EIP test needs at least 3 VR existence. Besides of EIP_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
test_util.test_dsc('Create test vm with EIP and check.')
vm = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm)
vm.check()
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('create_eip_test', l3_uuid)
test_obj_dict.add_vip(vip)
eip = test_stub.create_eip('create eip test', vip_uuid=vip.get_vip().uuid)
vip.attach_eip(eip)
vip.check()
eip.attach(vm_nic_uuid, vm)
vip.check()
eip.detach()
vip.check()
vm.destroy()
test_obj_dict.rm_vm(vm)
eip.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass('Attach/Detach EIP Success')
def test():
'''
Test image requirements:
1. have nc to check the network port
2. have "nc" to open any port
3. it doesn't include a default firewall
VR image is a good candiate to be the guest image.
'''
global test_obj_dict
test_util.test_dsc(
"Create 2 VMs with vlan VR L3 network and using VR image.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm2)
vm1.check()
vm2.check()
test_util.test_dsc("Create security groups.")
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg2 = test_stub.create_sg()
test_obj_dict.add_sg(sg2.security_group.uuid)
sg3 = test_stub.create_sg()
test_obj_dict.add_sg(sg3.security_group.uuid)
sg_vm = test_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
nic_uuid = vm1.vm.vmNics[0].uuid
vm_nics = (nic_uuid, vm1)
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
vm_internalId = test_lib.lib_get_vm_internal_id(vm1.vm)
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vm2_ip = test_lib.lib_get_vm_nic_by_l3(vm2.vm, l3_uuid).ip
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.UDP,
inventory.INGRESS, vm2_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.UDP,
inventory.INGRESS, vm2_ip)
rule3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.UDP,
inventory.EGRESS, vm2_ip)
rule4 = test_lib.lib_gen_sg_rule(Port.rule4_ports, inventory.UDP,
inventory.EGRESS, vm2_ip)
rule5 = test_lib.lib_gen_sg_rule(Port.rule5_ports, inventory.UDP,
inventory.EGRESS, vm2_ip)
sg1.add_rule([rule1])
sg2.add_rule([rule1, rule2, rule3])
sg3.add_rule([rule3, rule4, rule5])
sg_vm.add_stub_vm(l3_uuid, vm2)
sg_vm.check()
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc("Allowed ports: %s" % test_stub.rule1_ports)
sg_vm.attach(sg1, [vm_nics])
sg_vm.check()
#
test_util.test_dsc("Remove nic from security group 1.")
test_util.test_dsc("Allowed ports: %s" % test_stub.target_ports)
sg_vm.detach(sg1, nic_uuid)
sg_vm.check()
test_util.test_dsc("Add rule1, rule2, rule3 to security group 1.")
sg1.add_rule([rule1, rule2, rule3])
sg_vm.check()
test_util.test_dsc("Add nic to security group 1 again.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule2_ports + test_stub.rule3_ports
test_util.test_dsc("Allowed ports: %s" % tmp_allowed_ports)
sg_vm.attach(sg1, [vm_nics])
sg_vm.check()
#can't directly remove rule1, as it will block vr ssh connection.
test_util.test_dsc("Remove rule2/3 from security group 1.")
test_util.test_dsc("Allowed ports: %s" % test_stub.rule1_ports)
sg1.delete_rule([rule2, rule3])
sg_vm.check()
#add sg2
test_util.test_dsc("Add nic to security group 2.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule2_ports + test_stub.rule3_ports
test_util.test_dsc("Allowed ports: %s" % tmp_allowed_ports)
sg_vm.attach(sg2, [vm_nics])
sg_vm.check()
#add sg3
test_util.test_dsc("Add nic to security group 3.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule2_ports + test_stub.rule3_ports + test_stub.rule4_ports + test_stub.rule5_ports
test_util.test_dsc("Allowed ports (rule1+rule2+rul3+rule4+rule5): %s" %
tmp_allowed_ports)
sg_vm.attach(sg3, [vm_nics])
sg_vm.check()
#detach nic from sg2
test_util.test_dsc("Remove security group 2 for nic.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule3_ports + test_stub.rule4_ports + test_stub.rule5_ports
test_util.test_dsc("Allowed ports (rule1+rule3+rule4+rule5): %s" %
tmp_allowed_ports)
sg_vm.detach(sg2, nic_uuid)
sg_vm.check()
#delete sg3
test_util.test_dsc("Delete security group 3.")
test_util.test_dsc("Allowed ports (rule1): %s" % test_stub.rule1_ports)
sg_vm.delete_sg(sg3)
sg_vm.check()
test_obj_dict.rm_sg(sg3.security_group.uuid)
#Cleanup
sg_vm.delete_sg(sg2)
test_obj_dict.rm_sg(sg2.security_group.uuid)
sg_vm.delete_sg(sg1)
test_obj_dict.rm_sg(sg1.security_group.uuid)
sg_vm.check()
vm1.destroy()
test_obj_dict.rm_vm(vm1)
vm2.destroy()
test_obj_dict.rm_vm(vm2)
test_util.test_pass(
'Security Group UDP Vlan VirtualRouter VMs Test Success')
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
if vr1.applianceVmType == "vrouter":
test_util.test_skip(
"vrouter VR does not support single VM multiple VIP")
#we do not need temp_vm1, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
if vr.applianceVmType == "vrouter":
test_util.test_skip(
"vrouter VR does not support single VM multiple VIP")
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
eip1 = test_stub.create_eip('2l3 eip test1', vip_uuid=vip1.get_vip().uuid)
vip1.attach_eip(eip1)
vip1.check()
eip1.attach(vm_nic1_uuid, vm)
vip1.check()
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule3_ports,
private_target_rule=Port.rule3_ports,
vip_uuid=vip2_uuid,
vm_nic_uuid=vm_nic2_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(vm)
vip2.attach_pf(test_pf1)
vip2.check()
vm.stop()
vm.start()
vm.check()
vip1.check()
vip2.check()
vm.destroy()
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass(
'Create 1 VM with 2 l3_network with 1 eip and 1 PF testing successfully.'
)
def test():
'''
EIP test needs at least 3 VR existence. Besides of EIP_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
test_util.test_dsc('Detach EIP from running & Stopped VM and check.')
vm = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm)
vm.check()
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('create_eip_test', l3_uuid)
test_obj_dict.add_vip(vip)
eip = test_stub.create_eip('create eip test', vip_uuid=vip.get_vip().uuid, vnic_uuid=vm_nic_uuid, vm_obj=vm)
vip.attach_eip(eip)
vip.check()
vm_destroy_pid = os.fork()
if vm_destroy_pid == 0:
vm.destroy()
sys.exit(0)
eip.delete()
vip.delete()
test_obj_dict.rm_vm(vm)
test_obj_dict.rm_vip(vip)
test_util.test_pass('Detach EIP From Stopped VM Success')
def test():
'''
Test image requirements:
1. have nc to check the network port
2. have "nc" to open any port
3. it doesn't include a default firewall
VR image is a good candiate to be the guest image.
'''
test_util.test_dsc(
"Create 3 VMs with vlan VR L3 network and using VR image.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm2)
vm3 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm3)
vm4 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm4)
vm5 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm5)
vm1.check()
vm2.check()
vm3.check()
vm4.check()
vm5.check()
test_util.test_dsc("Create security groups.")
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg2 = test_stub.create_sg()
test_obj_dict.add_sg(sg2.security_group.uuid)
sg3 = test_stub.create_sg()
test_obj_dict.add_sg(sg3.security_group.uuid)
sg4 = test_stub.create_sg()
test_obj_dict.add_sg(sg4.security_group.uuid)
sg5 = test_stub.create_sg()
test_obj_dict.add_sg(sg5.security_group.uuid)
sg_vm = test_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vr_internal_ip = test_lib.lib_find_vr_private_ip(vr_vm)
vm1_ip = vm1.vm.vmNics[0].ip
vm2_ip = vm2.vm.vmNics[0].ip
vm3_ip = vm3.vm.vmNics[0].ip
vm4_ip = vm4.vm.vmNics[0].ip
vm5_ip = vm5.vm.vmNics[0].ip
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
nic_uuid1 = vm1.vm.vmNics[0].uuid
nic_uuid2 = vm2.vm.vmNics[0].uuid
nic_uuid3 = vm3.vm.vmNics[0].uuid
nic_uuid4 = vm4.vm.vmNics[0].uuid
nic_uuid5 = vm5.vm.vmNics[0].uuid
vm1_nics = (nic_uuid1, vm1)
vm2_nics = (nic_uuid2, vm2)
vm3_nics = (nic_uuid3, vm3)
vm4_nics = (nic_uuid4, vm4)
vm5_nics = (nic_uuid5, vm5)
vm_group1_nics = [vm1_nics, vm2_nics]
vm_group2_nics = [vm3_nics, vm4_nics]
#vms_nics = vm_group1_nics + vm_group1_nics + [vm5_nics]
vms_nics = vm_group1_nics + vm_group2_nics
test_util.test_dsc("Open some ports in 5 VMs for testing.")
for vm in vm1, vm2, vm3, vm4, vm5:
test_lib.lib_open_vm_listen_ports(vm.vm, test_stub.target_ports)
rule_ai1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP,
inventory.INGRESS, vr_internal_ip)
rule_ae1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP,
inventory.EGRESS, vm5_ip)
rule_v3i_2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.INGRESS, vm3_ip)
rule_v3e_2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.EGRESS, vm3_ip)
rule_v3e_3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP,
inventory.EGRESS, vm3_ip)
rule_v3i_3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP,
inventory.INGRESS, vm3_ip)
rule_v4i_2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.INGRESS, vm4_ip)
rule_v4e_2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.EGRESS, vm4_ip)
rule_v1i_2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.INGRESS, vm1_ip)
rule_v1e_2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.EGRESS, vm1_ip)
rule_v2i_2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.INGRESS, vm2_ip)
rule_v2e_2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.EGRESS, vm2_ip)
rule_v1i_3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP,
inventory.INGRESS, vm1_ip)
rule_v1e_3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP,
inventory.EGRESS, vm1_ip)
sg1.add_rule([rule_ai1, rule_ae1])
sg2.add_rule([rule_v3i_2, rule_v4i_2, rule_v3e_2, rule_v4e_2])
sg3.add_rule([rule_v1i_2, rule_v2i_2, rule_v1e_2, rule_v2e_2])
sg4.add_rule([rule_v1i_3, rule_v1e_3])
sg5.add_rule([rule_v3e_3, rule_v3i_3])
sg_vm.add_stub_vm(l3_uuid, vm5)
sg_vm.check()
##add all vm1 vm2 vm3 vm4 vm5 to sg1.
test_util.test_dsc("Add all VMs to security group 1.")
test_util.test_dsc("Allowed ingress and egress [ports:] %s" %
test_stub.rule1_ports)
sg_vm.attach(sg1, vms_nics)
#add vm1 vm2 to SG2.
test_util.test_dsc("Add VM1 and VM2 to SG2.")
test_util.test_dsc("Allowed ingress [ports:] %s from VM3 and VM4" %
test_stub.rule2_ports)
test_util.test_dsc("Allowed egress [ports:] %s to VM3 and VM4" %
test_stub.rule2_ports)
test_util.test_dsc(
"Since VM1/VM2 are in same SG group, VM1/VM2 can connect rule2 ports :%s each other."
% test_stub.rule2_ports)
sg_vm.attach(sg2, vm_group1_nics)
sg_vm.check()
test_util.test_dsc(
"Since VM3/VM4 didn't open rule2 ports for VM1/VM2, VM1/VM2 can't connect to VM3/VM4 rule2 ports :%s."
% test_stub.rule2_ports)
test_lib.lib_check_vm_ports(
vm3.vm, vm1.vm, test_stub.rule1_ports,
(test_stub.rule2_ports + test_stub.rule3_ports +
test_stub.rule4_ports + test_stub.rule5_ports +
test_stub.denied_ports))
test_lib.lib_check_vm_ports(
vm3.vm, vm2.vm, test_stub.rule1_ports,
(test_stub.rule2_ports + test_stub.rule3_ports +
test_stub.rule4_ports + test_stub.rule5_ports +
test_stub.denied_ports))
test_lib.lib_check_vm_ports(
vm4.vm, vm1.vm, test_stub.rule1_ports,
(test_stub.rule2_ports + test_stub.rule3_ports +
test_stub.rule4_ports + test_stub.rule5_ports +
test_stub.denied_ports))
test_lib.lib_check_vm_ports(
vm4.vm, vm2.vm, test_stub.rule1_ports,
(test_stub.rule2_ports + test_stub.rule3_ports +
test_stub.rule4_ports + test_stub.rule5_ports +
test_stub.denied_ports))
test_lib.lib_check_vm_group_ports(
vm1.vm, [vm3.vm, vm4.vm], test_stub.rule1_ports,
(test_stub.rule2_ports + test_stub.rule3_ports +
test_stub.rule4_ports + test_stub.rule5_ports +
test_stub.denied_ports))
test_util.test_dsc("Add rule2 ports to VM3 and VM4.")
test_util.test_dsc("Allowed ingress [ports:] %s from VM1/VM2 to VM3/VM4" %
(test_stub.rule1_ports + test_stub.rule2_ports))
test_util.test_dsc("Allowed egress [ports:] %s to VM1 and VM2" %
test_stub.rule2_ports)
sg_vm.attach(sg3, vm_group2_nics)
test_lib.lib_check_vm_group_ports(
vm4.vm, [vm1.vm, vm2.vm],
(test_stub.rule1_ports + test_stub.rule2_ports),
(test_stub.rule3_ports + test_stub.rule4_ports +
test_stub.rule5_ports + test_stub.denied_ports))
test_lib.lib_check_vm_group_ports(
vm2.vm, [vm3.vm, vm4.vm],
(test_stub.rule1_ports + test_stub.rule2_ports),
(test_stub.rule3_ports + test_stub.rule4_ports +
test_stub.rule5_ports + test_stub.denied_ports))
sg_vm.check()
test_util.test_dsc("Add VM3 and VM4 to SG4.")
test_util.test_dsc("Allowed ingress/egress [ports:] %s for VM1" %
test_stub.rule3_ports)
test_util.test_dsc(
"But due to VM1 didn't open related ports, connection will be denied for [ports:] %s from VM1 to VM3 "
% test_stub.rule3_ports)
test_util.test_dsc(
"The enabled connections for VM1/VM3 are still [ports:] %s " %
(test_stub.rule1_ports + test_stub.rule2_ports))
sg_vm.attach(sg4, vm_group2_nics)
test_lib.lib_check_vm_ports(
vm1.vm, vm3.vm, (test_stub.rule1_ports + test_stub.rule2_ports),
(test_stub.rule3_ports + test_stub.rule4_ports +
test_stub.rule5_ports + test_stub.denied_ports))
test_util.test_dsc(
"As VM3/VM4 are in same SG group, rule1+rule2+rule3 [ports:] %s are opened between VM4 and VM3 "
% (test_stub.rule1_ports + test_stub.rule2_ports +
test_stub.rule3_ports))
sg_vm.check()
test_util.test_dsc("Add VM1 and VM2 to SG5.")
test_util.test_dsc("Allowed ingress/egress [ports:] %s for VM3" %
test_stub.rule3_ports)
test_util.test_dsc(
"Connection between VM1 and VM3, between VM1 and VM2, between VM3 and VM4 are enabled for [ports:] %s"
% (test_stub.rule1_ports + test_stub.rule2_ports +
test_stub.rule3_ports))
sg_vm.attach(sg5, vm_group1_nics)
test_lib.lib_check_vm_ports(
vm1.vm, vm3.vm, (test_stub.rule1_ports + test_stub.rule2_ports +
test_stub.rule3_ports),
(test_stub.rule4_ports + test_stub.rule5_ports +
test_stub.denied_ports))
test_lib.lib_check_vm_ports(
vm3.vm, vm1.vm, (test_stub.rule1_ports + test_stub.rule2_ports +
test_stub.rule3_ports),
(test_stub.rule4_ports + test_stub.rule5_ports +
test_stub.denied_ports))
test_lib.lib_check_vm_ports(
vm4.vm, vm3.vm, (test_stub.rule1_ports + test_stub.rule2_ports +
test_stub.rule3_ports),
(test_stub.rule4_ports + test_stub.rule5_ports +
test_stub.denied_ports))
test_util.test_dsc("Connection from VM2 to VM3 are enabled for [ports:]" %
(test_stub.rule1_ports + test_stub.rule2_ports +
test_stub.rule3_ports))
test_lib.lib_check_vm_ports(
vm2.vm, vm3.vm, (test_stub.rule1_ports + test_stub.rule2_ports),
(test_stub.rule3_ports + test_stub.rule4_ports +
test_stub.rule5_ports + test_stub.denied_ports))
test_lib.lib_check_vm_ports(
vm4.vm, vm2.vm, (test_stub.rule1_ports + test_stub.rule2_ports),
(test_stub.rule3_ports + test_stub.rule4_ports +
test_stub.rule5_ports + test_stub.denied_ports))
#test_util.test_dsc("VM5 was not granted with rule2 and rule3 ports, so only rule1 [ports:] %s are allowned to connect to other VMs." % test_stub.rule1_ports)
#test_lib.lib_check_vm_ports(vm5.vm, vm3.vm, test_stub.rule1_ports, (test_stub.rule2_ports + test_stub.rule3_ports + test_stub.rule4_ports + test_stub.rule5_ports + test_stub.denied_ports))
#clean up.
for sg in sg1, sg2, sg3, sg4, sg5:
sg_vm.delete_sg(sg)
test_obj_dict.rm_sg(sg.security_group.uuid)
for vm in vm1, vm2, vm3, vm4, vm5:
vm.destroy()
test_obj_dict.rm_vm(vm)
test_util.test_pass(
'Security Group Vlan VirtualRouter VM complex testing with 2 Groups 5 VMs Test Success'
)
def test():
import uuid
account_name1 = uuid.uuid1().get_hex()
account_pass1 = uuid.uuid1().get_hex()
test_account1 = test_account.ZstackTestAccount()
test_account1.create(account_name1, account_pass1)
test_obj_dict.add_account(test_account1)
test_account_uuid1 = test_account1.get_account().uuid
test_account_session1 = acc_ops.login_by_account(account_name1, account_pass1)
account_name2 = uuid.uuid1().get_hex()
account_pass2 = uuid.uuid1().get_hex()
test_account2 = test_account.ZstackTestAccount()
test_account2.create(account_name2, account_pass2)
test_obj_dict.add_account(test_account2)
test_account_uuid2 = test_account2.get_account().uuid
test_account_session2 = acc_ops.login_by_account(account_name2, account_pass2)
test_stub.share_admin_resource([test_account_uuid1, test_account_uuid2])
vm1 = test_stub.create_user_vlan_vm(session_uuid = test_account_session1)
test_obj_dict.add_vm(vm1)
vm1.check()
vm1.stop(session_uuid = test_account_session1)
vm1.check()
vm2 = test_stub.create_user_vlan_vm(session_uuid = test_account_session2)
test_obj_dict.add_vm(vm2)
vm2.check()
vm1.start(session_uuid = test_account_session1)
vm1.check()
test_account1.delete()
test_obj_dict.rm_account(test_account1)
vm1.set_state(test_vm_header.DESTROYED)
vm1.check()
vr_vm = test_lib.lib_find_vr_by_vm(vm2.get_vm())
if not vr_vm:
test_util.test_fail('VR is deleted, after account1 is deleted')
vm2.check()
vm2.stop(test_account_session2)
vm2.start(test_account_session2)
vm2.check()
vm2.destroy(test_account_session2)
test_obj_dict.rm_vm(vm2)
account_name3 = uuid.uuid1().get_hex()
account_pass3 = uuid.uuid1().get_hex()
test_account3 = test_account.ZstackTestAccount()
test_account3.create(account_name3, account_pass3)
test_obj_dict.add_account(test_account3)
test_account_uuid3 = test_account3.get_account().uuid
test_account_session3 = acc_ops.login_by_account(account_name3, account_pass3)
test_stub.share_admin_resource([test_account_uuid3])
vm3 = test_stub.create_user_vlan_vm(session_uuid = test_account_session3)
test_obj_dict.add_vm(vm3)
vm3.check()
vm3.destroy()
test_obj_dict.rm_vm(vm3)
test_account3.delete()
test_obj_dict.rm_account(test_account3)
test_account2.delete()
test_obj_dict.rm_account(test_account2)
test_util.test_pass('Multiple normal account with VM operations test Success')
def check(self):
'''
check will assume target vm only have 1 port forwarding VR.
So all vms PF rules are assigned to 1 VM nic.
'''
super(zstack_kvm_pf_tcp_checker, self).check()
test_result = True
target_vm = self.test_obj.get_target_vm().vm
pf_rule = self.test_obj.get_port_forwarding()
vm_nic = test_lib.lib_get_nic_by_uuid(pf_rule.vmNicUuid)
all_ports = port_header.all_ports
#only open ports when VM is running.
if self.test_obj.get_target_vm().state == vm_header.RUNNING:
test_lib.lib_open_vm_listen_ports(target_vm, all_ports,
vm_nic.l3NetworkUuid)
#consolidate rules for TCP/UDP/ICMP with different AllowedCidr
rule_port = port_header.get_port_rule(pf_rule.vipPortStart,
pf_rule.vipPortEnd)
#check SG ingress limitation. Since SG rule will not consider vip as
#allowedCidr, if there is ingress limitation, the ingress PF connection
#will be blocked.
sg_tcp_ingress_flag = _sg_rule_exist(vm_nic, inventory.TCP, pf_rule)
allowedCidr = pf_rule.allowedCidr
allowed_vr_ip = allowedCidr.split('/')[0]
allowed_vr_vm = test_lib.lib_get_vm_by_ip(allowed_vr_ip)
vr_nic = test_lib.lib_get_nic_by_ip(allowed_vr_ip)
l3_uuid = vr_nic.l3NetworkUuid
allowed_vr_uuid_list = [allowed_vr_vm.uuid]
#target_vm's VRs should be excluded, otherwise the ip package will be routed to this VR directly.
pf_vm_vrs = test_lib.lib_find_vr_by_vm(target_vm)
for pf_vr in pf_vm_vrs:
allowed_vr_uuid_list.append(pf_vr.uuid)
denied_vr_vm = _find_denied_vr(target_vm.clusterUuid, l3_uuid,
allowed_vr_uuid_list)
denied_vr_ip = test_lib.lib_find_vr_pub_ip(denied_vr_vm)
vip_uuid = pf_rule.vipUuid
cond = res_ops.gen_query_conditions('uuid', '=', vip_uuid)
vipIp = res_ops.query_resource(res_ops.VIP, cond)[0].ip
if sg_tcp_ingress_flag:
test_util.test_logger(
'SG TCP Ingress rule existence. PF TCP ingress rule will be blocked for [vm:] %s'
% target_vm.uuid)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm,
allowed_vr_ip, vipIp, [],
all_ports, target_vm)
except:
test_util.test_logger(
"Catch failure when checking Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s, when SG rule exists. "
% (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
allowed_ports = port_header.get_ports(rule_port)
denied_ports = list_ops.list_minus(all_ports, allowed_ports)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm,
allowed_vr_ip, vipIp,
allowed_ports,
denied_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger(
"Catch failure when checking Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s "
% (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
test_util.test_logger(
"Checking pass for Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s "
% (pf_rule.uuid, target_vm.uuid))
try:
test_lib.lib_check_ports_in_a_command(denied_vr_vm,
denied_vr_ip, vipIp, [],
all_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger(
"Catch failure when checking Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s"
% (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
test_util.test_logger(
"Checking pass for Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s . All ports should be blocked. "
% (pf_rule.uuid, target_vm.uuid))
test_util.test_logger(
'Check result: [Port Forwarding] finishes TCP testing for [vm:] %s [nic:] %s'
% (target_vm.uuid, vm_nic.uuid))
return self.judge(test_result)
def check(self):
'''
check will assume target vm only have 1 port forwarding VR.
So all vms PF rules are assigned to 1 VM nic.
'''
super(zstack_vcenter_pf_tcp_checker, self).check()
test_result = True
target_vm = self.test_obj.get_target_vm().vm
pf_rule = self.test_obj.get_port_forwarding()
vm_nic = test_lib.lib_get_nic_by_uuid(pf_rule.vmNicUuid)
all_ports = port_header.all_ports
#only open ports when VM is running.
if self.test_obj.get_target_vm().state == vm_header.RUNNING:
test_lib.lib_open_vm_listen_ports(target_vm, all_ports, vm_nic.l3NetworkUuid)
#consolidate rules for TCP/UDP/ICMP with different AllowedCidr
rule_port = port_header.get_port_rule(pf_rule.vipPortStart, pf_rule.vipPortEnd)
#check SG ingress limitation. Since SG rule will not consider vip as
#allowedCidr, if there is ingress limitation, the ingress PF connection
#will be blocked.
sg_tcp_ingress_flag = _sg_rule_exist(vm_nic, inventory.TCP, pf_rule)
allowedCidr = pf_rule.allowedCidr
allowed_vr_ip = allowedCidr.split('/')[0]
allowed_vr_vm = test_lib.lib_get_vm_by_ip(allowed_vr_ip)
vr_nic = test_lib.lib_get_nic_by_ip(allowed_vr_ip)
l3_uuid = vr_nic.l3NetworkUuid
allowed_vr_uuid_list = [allowed_vr_vm.uuid]
#target_vm's VRs should be excluded, otherwise the ip package will be routed to this VR directly.
pf_vm_vrs = test_lib.lib_find_vr_by_vm(target_vm)
for pf_vr in pf_vm_vrs:
allowed_vr_uuid_list.append(pf_vr.uuid)
denied_vr_vm = _find_denied_vr(target_vm.clusterUuid, l3_uuid, allowed_vr_uuid_list)
denied_vr_ip = test_lib.lib_find_vr_pub_ip(denied_vr_vm)
vip_uuid = pf_rule.vipUuid
cond = res_ops.gen_query_conditions('uuid', '=', vip_uuid)
vipIp = res_ops.query_resource(res_ops.VIP, cond)[0].ip
if sg_tcp_ingress_flag:
test_util.test_logger('SG TCP Ingress rule existence. PF TCP ingress rule will be blocked for [vm:] %s' % target_vm.uuid)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm, allowed_vr_ip, vipIp, [], all_ports, target_vm)
except:
test_util.test_logger("Catch failure when checking Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s, when SG rule exists. " % (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
allowed_ports = port_header.get_ports(rule_port)
denied_ports = list_ops.list_minus(all_ports, allowed_ports)
try:
test_lib.lib_check_ports_in_a_command(allowed_vr_vm, allowed_vr_ip, vipIp, allowed_ports, denied_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger("Catch failure when checking Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s " % (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
test_util.test_logger("Checking pass for Port Forwarding TCP [rule:] %s for allowed Cidr from [vm:] %s " % (pf_rule.uuid, target_vm.uuid))
try:
test_lib.lib_check_ports_in_a_command(denied_vr_vm, denied_vr_ip, vipIp, [], all_ports, target_vm)
except:
traceback.print_exc(file=sys.stdout)
test_util.test_logger("Catch failure when checking Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s" % (pf_rule.uuid, target_vm.uuid))
test_result = False
if test_result != self.exp_result:
return self.judge(test_result)
else:
test_util.test_logger("Checking pass for Port Forwarding TCP [rule:] %s for not allowed Cidr from [vm:] %s . All ports should be blocked. " % (pf_rule.uuid, target_vm.uuid))
test_util.test_logger('Check result: [Port Forwarding] finishes TCP testing for [vm:] %s [nic:] %s' % (target_vm.uuid, vm_nic.uuid))
return self.judge(test_result)
def test():
test_util.test_dsc('Create test vm with EIP and check.')
vm = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('create_eip_test', l3_uuid)
test_obj_dict.add_vip(vip)
eip = test_stub.create_eip('create eip test', vip_uuid=vip.get_vip().uuid, vnic_uuid=vm_nic_uuid, vm_obj=vm)
vip.attach_eip(eip)
vm_ip = vm_nic.ip
user_name = 'root'
user_password = '******'
vm.check()
vip.check()
cmd = "ping -c 4 172.20.0.1"
rsp_ping = os.system("sshpass -p '%s' ssh %s@%s '%s'"%(user_password, user_name, vm_ip, cmd))
#Try to download webpage from Jenkins server
cmd = "curl http://192.168.200.100"
rsp_curl = os.system("sshpass -p '%s' ssh %s@%s '%s'"%(user_password, user_name, vm_ip, cmd))
if rsp_ping != 0:
test_util.test_fail('Attach EIP but cannot ping from VM')
if rsp_ping == 0 and rsp_curl != 0:
test_util.test_fail('Attach EIP and can ping from the VM, but cannot download anything in VM')
vm.destroy()
test_obj_dict.rm_vm(vm)
vip.check()
eip.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass('Attached EIP and download webpage in VM Success')
def test():
test_util.test_dsc('Test Change VM Image Function')
primary_storage_list = res_ops.query_resource(res_ops.PRIMARY_STORAGE)
for ps in primary_storage_list:
if ps.type == "SharedBlock":
test_util.test_skip('SharedBlock primary storage does not support overProvision')
global vm
#set overProvisioning.primaryStorage's value as 10
con_ops.change_global_config('mevoco','overProvisioning.primaryStorage',10)
test_lib.lib_create_disk_offering(diskSize=1099511627776,name="1T")
l3_uuid = test_lib.lib_get_l3_by_name("l3VlanNetwork1").uuid
image_uuid = test_lib.lib_get_image_by_name("ttylinux").uuid
disk_offering_uuids = [test_lib.lib_get_disk_offering_by_name("smallDiskOffering").uuid,test_lib.lib_get_disk_offering_by_name("root-disk").uuid,test_lib.lib_get_disk_offering_by_name("1T").uuid]
#choose the ps which availableCapacity >= 105G
cond = res_ops.gen_query_conditions('availableCapacity', '>=', '112742891520')
ps_uuid = res_ops.query_resource(res_ops.PRIMARY_STORAGE, cond)[0].uuid
system_tag = "primaryStorageUuidForDataVolume::%s" % ps_uuid
vm = test_stub.create_vm(l3_uuid_list = [l3_uuid],image_uuid = image_uuid,vm_name="test-vm",disk_offering_uuids = disk_offering_uuids,system_tags=[system_tag])
test_obj_dict.add_vm(vm)
vm.check()
vm_uuid = vm.get_vm().uuid
last_data_volumes_uuids = []
last_data_volumes = test_lib.lib_get_data_volumes(vm.get_vm())
for data_volume in last_data_volumes:
last_data_volumes_uuids.append(data_volume.uuid)
last_l3network_uuid = test_lib.lib_get_l3s_uuid_by_vm(vm.get_vm())
last_primarystorage_uuid = test_lib.lib_get_root_volume(vm.get_vm()).primaryStorageUuid
vm_ops.stop_vm(vm_uuid)
vr = test_lib.lib_find_vr_by_vm(vm.get_vm())[0]
vr_mgmt_ip = test_lib.lib_find_vr_mgmt_ip(vr)
#stop vm's vr
vm_ops.stop_vm(vr.uuid)
#change vm image
image_uuid = test_lib.lib_get_image_by_name("windows").uuid
vm_ops.change_vm_image(vm_uuid,image_uuid)
#check whether vr's status is running
if vr.applianceVmType == 'vrouter':
if not test_lib.lib_wait_target_up(vr_mgmt_ip,'7272',240):
test_util.test_fail('vm:%s is not startup in 240 seconds.Fail to reboot it.' % vr.uuid)
time.sleep(20)
else:
vm_ops.start_vm(vr.uuid)
vm_ops.reconnect_vr(vr.uuid)
vm_ops.start_vm(vm_uuid)
vm.update()
#check whether the windows vm is running successfully
vm_ip = vm.get_vm().vmNics[0].ip
if not test_lib.lib_wait_target_up(vm_ip,'23',1200):
test_util.test_fail('vm:%s is not startup in 1200 seconds.Fail to reboot it.' % vm_uuid)
#check whether data volumes attached to the vm has changed
data_volumes_after_uuids = []
data_volumes_after = test_lib.lib_get_data_volumes(vm.get_vm())
for data_volume in data_volumes_after:
data_volumes_after_uuids.append(data_volume.uuid)
if set(last_data_volumes_uuids) != set(data_volumes_after_uuids):
test_util.test_fail('Change Vm Image Failed.Data volumes changed.')
#check whether the network config has changed
l3network_uuid_after = test_lib.lib_get_l3s_uuid_by_vm(vm.get_vm())
if l3network_uuid_after != last_l3network_uuid:
test_util.test_fail('Change VM Image Failed.The Network config has changed.')
#check whether primarystorage has changed
primarystorage_uuid_after = test_lib.lib_get_root_volume(vm.get_vm()).primaryStorageUuid
if primarystorage_uuid_after != last_primarystorage_uuid:
test_util.test_fail('Change VM Image Failed.Primarystorage has changed.')
#check whether the linux vm is running successfully
vm_ops.stop_vm(vm_uuid)
#stop vm's vr
vm_ops.stop_vm(vr.uuid)
image_uuid = test_lib.lib_get_image_by_name("image_for_sg_test").uuid
vm_ops.change_vm_image(vm_uuid,image_uuid)
#check whether vr's status is running
if vr.applianceVmType == 'vrouter':
if not test_lib.lib_wait_target_up(vr_mgmt_ip,'7272',240):
test_util.test_fail('vm:%s is not startup in 240 seconds.Fail to reboot it.' % vr.uuid)
time.sleep(20)
else:
vm_ops.start_vm(vr.uuid)
vm_ops.reconnect_vr(vr.uuid)
vm_ops.start_vm(vm_uuid)
if not test_lib.lib_wait_target_up(vm_ip,'22',180):
test_util.test_fail('vm:%s is not startup in 180 seconds.Fail to reboot it.' % vm_uuid)
#check whether data volumes attached to the vm has changed
data_volumes_after_uuids_linux = []
data_volumes_after_linux = test_lib.lib_get_data_volumes(vm.get_vm())
for data_volume in data_volumes_after_linux:
data_volumes_after_uuids_linux.append(data_volume.uuid)
if set(data_volumes_after_uuids) != set(data_volumes_after_uuids_linux):
test_util.test_fail('Change Vm Image Failed.Data volumes changed.')
#check whether the network config has changed
l3network_uuid_after_linux = test_lib.lib_get_l3s_uuid_by_vm(vm.get_vm())
if l3network_uuid_after != l3network_uuid_after_linux:
test_util.test_fail('Change VM Image Failed.The Network config has changed.')
#check whether primarystorage has changed
primarystorage_uuid_after_linux = test_lib.lib_get_root_volume(vm.get_vm()).primaryStorageUuid
if primarystorage_uuid_after_linux != primarystorage_uuid_after:
test_util.test_fail('Change VM Image Failed.Primarystorage has changed.')
test_lib.lib_destroy_vm_and_data_volumes(vm.get_vm())
test_util.test_pass('Change Vm Image Test Success')
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr2_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
pf_vm.check()
test_pf1.attach(vm_nic.uuid, pf_vm)
test_pf2.attach(vm_nic.uuid, pf_vm)
vip.check()
test_pf1.detach()
test_pf1.delete()
test_pf2.delete()
vip.check()
eip = test_stub.create_eip('create pf/eip test', vip_uuid=vip.get_vip().uuid, vnic_uuid=vm_nic_uuid, vm_obj=pf_vm)
vip.attach_eip(eip)
vip.check()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
test_util.test_pass("Test Port Forwarding and EIP with same VIP Successfully")
def check(self):
super(zstack_kvm_vm_dhcp_checker, self).check()
vm = self.test_obj.vm
test_lib.lib_install_testagent_to_vr(vm)
host = test_lib.lib_get_vm_host(vm)
test_lib.lib_install_testagent_to_host(host)
test_lib.lib_set_vm_host_l2_ip(vm)
vm_cmd_result = None
vr_vms = test_lib.lib_find_vr_by_vm(vm)
print('find %d vr vms.' % len(vr_vms))
for vr_vm in vr_vms:
test_util.test_logger(
"Begin to check [vm:] %s DHCP binding setting in [VR:] %s" %
(vm.uuid, vr_vm.uuid))
nic = test_lib.lib_get_vm_nic_by_vr(vm, vr_vm)
if not 'DHCP' in \
test_lib.lib_get_l3_service_type(nic.l3NetworkUuid):
test_util.test_logger(
"Skip [VR:] %s, since it doesn't provide DHCP service" %
vr_vm.uuid)
continue
guest_ip = nic.ip
guest_mac = nic.mac
vr_ip = test_lib.lib_find_vr_mgmt_ip(vr_vm)
if vr_vm.hasattr(
'applianceVmType') and vr_vm.applianceVmType == 'vrouter':
command = '/bin/cli-shell-api showCfg'
else:
command = 'cat /etc/hosts.dhcp'
vr_cmd_result = test_lib.lib_execute_sh_cmd_by_agent_with_retry(
vr_ip, command, self.exp_result)
if not vr_cmd_result:
test_util.test_logger(
'Checker result: FAIL to execute shell commaond in [vm:] %s'
% vr_vm.uuid)
return self.judge(False)
if vr_cmd_result == True:
test_util.test_logger(
'Checker result: FAIL to get ssh result in [vm:] %s' %
vr_vm.uuid)
return self.judge(False)
if not guest_mac in vr_cmd_result or not guest_ip in vr_cmd_result:
test_util.test_logger(
'Checker result: [vm:] %s [mac:] %s is not found in [vr:] %s. VR ip/mac result is %s.'
% (vm.uuid, guest_mac, vr_vm.uuid, vr_cmd_result))
return self.judge(False)
else:
test_util.test_logger(
'Checker result: [vm:] %s [mac:] %s is found in VR %s .' %
(vm.uuid, guest_mac, vr_vm.uuid))
test_util.test_logger("Begin to check VM DHCP in VM: %s" % vm.uuid)
if not vm_cmd_result:
vm_command = '/sbin/ip a'
vm_cmd_result = test_lib.lib_ssh_vm_cmd_by_agent_with_retry(
host.managementIp, nic.ip,
test_lib.lib_get_vm_username(vm),
test_lib.lib_get_vm_password(vm), vm_command,
self.exp_result)
if not vm_cmd_result:
test_util.test_logger(
'Checker result: FAIL to execute test ssh command in test [vm:] %s throught [host:] %s.'
% (vm.uuid, host.name))
return self.judge(False)
if isinstance(vm_cmd_result, str) and guest_ip in vm_cmd_result:
test_util.test_logger(
'Checker result: guest [ip:] %s is SET in guest [vm:] %s.'
% (guest_ip, vm.uuid))
else:
test_util.test_logger(
'Checker result: guest [ip:] %s is NOT found in guest [vm:] %s. \n Will Try again. It might be because the ifconfig is not reflect the ip address yet. \n The current ifconfig result is: %s'
% (guest_ip, vm.uuid, vm_cmd_result))
vm_cmd_result = test_lib.lib_ssh_vm_cmd_by_agent_with_retry(
host.managementIp, nic.ip,
test_lib.lib_get_vm_username(vm),
test_lib.lib_get_vm_password(vm), vm_command,
self.exp_result)
if not vm_cmd_result:
test_util.test_logger(
'Checker result: FAIL to execute test ssh command in test [vm:] %s throught [host:] %s.'
% (vm.uuid, host.name))
return self.judge(False)
if isinstance(vm_cmd_result,
str) and guest_ip in vm_cmd_result:
test_util.test_logger(
'Checker result: guest [ip:] %s is SET in guest [vm:] %s.'
% (guest_ip, vm.uuid))
else:
if not guest_ip in vm_cmd_result:
test_util.test_logger(
'Checker result: guest [ip:] %s is NOT found in guest [vm:] %s. The current ifconfig result is: %s'
% (guest_ip, vm.uuid, vm_cmd_result))
else:
test_util.test_logger(
'vm_cmd_result: %s is not string type. It is: %s .'
% (vm_cmd_result, type(vm_cmd_result)))
return self.judge(False)
return self.judge(True)
def test():
global host_config
curr_deploy_conf = exp_ops.export_zstack_deployment_config(
test_lib.deploy_config)
vm_creation_option = test_util.VmOption()
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
#pick up host1
host1_name = os.environ.get('hostName')
host1 = res_ops.get_resource(res_ops.HOST, name=host1_name)[0]
host3_name = os.environ.get('hostName3')
host3 = res_ops.get_resource(res_ops.HOST, name=host3_name)[0]
cond = res_ops.gen_query_conditions('clusterUuid', '=', host1.clusterUuid)
cluster_hosts = res_ops.query_resource(res_ops.HOST, cond)
if not len(cluster_hosts) > 1:
test_util.test_skip(
'Skip test, since [cluster:] %s did not include more than 1 host' %
host1.clusterUuid)
for host in cluster_hosts:
if host.uuid != host1.uuid:
host2 = host
conditions = res_ops.gen_query_conditions('type', '=', 'UserVm')
instance_offering_uuid = res_ops.query_resource(res_ops.INSTANCE_OFFERING,
conditions)[0].uuid
vm_creation_option.set_image_uuid(image_uuid)
vm_creation_option.set_instance_offering_uuid(instance_offering_uuid)
vm_creation_option.set_name('multizones_basic_vm')
vm_creation_option.set_host_uuid(host1.uuid)
l3_name = os.environ.get('l3VlanNetworkName1')
l3 = res_ops.get_resource(res_ops.L3_NETWORK, name=l3_name)[0]
vm_creation_option.set_l3_uuids([l3.uuid])
vm1 = test_lib.lib_create_vm(vm_creation_option)
test_obj_dict.add_vm(vm1)
vr_vm_inv = test_lib.lib_find_vr_by_vm(vm1.get_vm())[0]
vr_host_uuid = vr_vm_inv.hostUuid
#migrate vr to host3.
if vr_host_uuid != host3.uuid:
vm_ops.migrate_vm(vr_vm_inv.uuid, host3.uuid)
host_config.set_cluster_uuid(host3.clusterUuid)
host_config.set_username(os.environ.get('hostUsername'))
host_config.set_password(os.environ.get('hostPassword'))
host_config.set_name(host3_name)
host_config.set_management_ip(host3.managementIp)
target_host_uuid = host3.uuid
test_util.test_dsc(
"Delete VR VM's host. VR should be migrated to Cluster1")
host_ops.delete_host(target_host_uuid)
vm1.check()
#using the same L3 to create VM2 to check if VR is working well.
vm_creation_option.set_host_uuid(None)
vm2 = test_lib.lib_create_vm(vm_creation_option)
test_obj_dict.add_vm(vm2)
vm2.check()
host_ops.add_kvm_host(host_config)
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass('Test VR migration when deleting Host is Success')
def test():
'''
Test image requirements:
1. have nc to check the network port
2. have "nc" to open any port
3. it doesn't include a default firewall
VR image is a good candiate to be the guest image.
'''
test_util.test_dsc("Create 3 VMs with vlan VR L3 network and using VR image.")
vm1 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm1)
vm2 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm2)
vm3 = test_stub.create_sg_vm()
test_obj_dict.add_vm(vm3)
vm1.check()
vm2.check()
vm3.check()
test_util.test_dsc("Create security groups.")
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg2 = test_stub.create_sg()
test_obj_dict.add_sg(sg2.security_group.uuid)
sg3 = test_stub.create_sg()
test_obj_dict.add_sg(sg3.security_group.uuid)
sg_vm = test_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
l3_uuid = vm1.vm.vmNics[0].l3NetworkUuid
vr_vm = test_lib.lib_find_vr_by_vm(vm1.vm)[0]
vm3_ip = test_lib.lib_get_vm_nic_by_l3(vm3.vm, l3_uuid).ip
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.EGRESS, vm3_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.EGRESS, vm3_ip)
rule3 = test_lib.lib_gen_sg_rule(Port.rule3_ports, inventory.TCP, inventory.EGRESS, vm3_ip)
rule4 = test_lib.lib_gen_sg_rule(Port.rule4_ports, inventory.TCP, inventory.EGRESS, vm3_ip)
rule5 = test_lib.lib_gen_sg_rule(Port.rule5_ports, inventory.TCP, inventory.EGRESS, vm3_ip)
sg1.add_rule([rule1])
sg2.add_rule([rule1, rule2, rule3])
sg3.add_rule([rule3, rule4, rule5])
sg_vm.add_stub_vm(l3_uuid, vm3)
sg_vm.check()
nic_uuid1 = vm1.vm.vmNics[0].uuid
nic_uuid2 = vm2.vm.vmNics[0].uuid
vm1_nics = (nic_uuid1, vm1)
vm2_nics = (nic_uuid2, vm2)
#vm_nics = [nic_uuid1, nic_uuid2]
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc("Allowed egress ports: %s" % test_stub.rule1_ports)
sg_vm.attach(sg1, [vm1_nics, vm2_nics])
sg_vm.check()
test_util.test_dsc("Remove nic from security group 1.")
test_util.test_dsc("Allowed egress ports: %s" % test_stub.target_ports)
sg_vm.detach(sg1, nic_uuid1)
sg_vm.detach(sg1, nic_uuid2)
sg_vm.check()
test_util.test_dsc("Remove rule1 from security group 1.")
sg1.delete_rule([rule1])
test_util.test_dsc("Add nic to security group 1 again.")
test_util.test_dsc("Allowed egress ports: %s" % test_stub.target_ports)
sg_vm.attach(sg1, [vm1_nics, vm2_nics])
sg_vm.check()
test_util.test_dsc("Add rule1, rule2, rule3 to security group 1.")
test_util.test_dsc("Allowed egress ports: %s" % test_stub.target_ports)
sg1.add_rule([rule1, rule2, rule3])
sg_vm.check()
#can't directly remove rule1, as it will block vr ssh connection.
test_util.test_dsc("Remove rule2/3 from security group 1.")
test_util.test_dsc("Allowed egress ports: %s" % test_stub.rule1_ports)
sg1.delete_rule([rule2, rule3])
sg_vm.check()
test_util.test_dsc("Add rule2, rule3 back to security group 1.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule2_ports + test_stub.rule3_ports
test_util.test_dsc("Allowed egress ports: %s" % tmp_allowed_ports)
sg1.add_rule([rule2, rule3])
sg_vm.check()
test_util.test_dsc("Remove rule2/3 from security group 1.")
test_util.test_dsc("Allowed egress ports: %s" % test_stub.rule1_ports)
sg1.delete_rule([rule2, rule3])
sg_vm.check()
#add sg2 to vm1
test_util.test_dsc("Add vm 1 nic to security group 2.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule2_ports + test_stub.rule3_ports
test_util.test_dsc("Allowed egress ports for vm1 to vm3: %s" % tmp_allowed_ports)
sg_vm.attach(sg2, [vm1_nics])
sg_vm.check()
#add sg2 to vm2
test_util.test_dsc("Add vm 2 nic to security group 2.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule2_ports + test_stub.rule3_ports
test_util.test_dsc("Allowed egress ports for vm1 and vm2: %s" % tmp_allowed_ports)
sg_vm.attach(sg2, [vm2_nics])
sg_vm.check()
#add sg3
test_util.test_dsc("Add nic to security group 3.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule2_ports + test_stub.rule3_ports + test_stub.rule4_ports + test_stub.rule5_ports
test_util.test_dsc("Allowed egress ports: %s" % tmp_allowed_ports)
sg_vm.attach(sg3, [vm1_nics, vm2_nics])
sg_vm.check()
#remove sg2
test_util.test_dsc("Remove security group 2 for nic.")
tmp_allowed_ports = test_stub.rule1_ports + test_stub.rule3_ports + test_stub.rule4_ports + test_stub.rule5_ports
test_util.test_dsc("Allowed egress ports: %s" % tmp_allowed_ports)
sg_vm.detach(sg2, nic_uuid1)
sg_vm.detach(sg2, nic_uuid2)
sg_vm.check()
#delete sg3
test_util.test_dsc("Delete security group 3.")
test_util.test_dsc("Allowed ports: %s" % test_stub.rule1_ports)
sg3.delete()
test_obj_dict.rm_sg(sg3.security_group.uuid)
sg_vm.check()
sg_vm.delete_sg(sg2)
test_obj_dict.rm_sg(sg2.security_group.uuid)
sg_vm.delete_sg(sg1)
test_obj_dict.rm_sg(sg1.security_group.uuid)
sg_vm.check()
vm1.destroy()
test_obj_dict.rm_vm(vm1)
vm2.destroy()
test_obj_dict.rm_vm(vm2)
vm3.destroy()
test_obj_dict.rm_vm(vm3)
test_util.test_pass('Security Group Vlan VirtualRouter 2 VMs Group Egress Test Success')
def test():
ps_env = test_stub.PSEnvChecker()
ps1, ps2 = ps_env.get_two_ps()
vm_list = []
for root_vol_ps in [ps1, ps2]:
for data_vol_ps in [ps1, ps2]:
if root_vol_ps.type == "SharedBlock":
bs_type = "ImageStoreBackupStorage"
elif root_vol_ps.type == inventory.CEPH_PRIMARY_STORAGE_TYPE:
bs_type = "Ceph"
else:
bs_type = None
vm = test_stub.create_multi_vms(name_prefix='test_vm', count=1,
ps_uuid=root_vol_ps.uuid, data_volume_number=VOLUME_NUMBER,
ps_uuid_for_data_vol=data_vol_ps.uuid, timeout=1200000, bs_type=bs_type)[0]
test_obj_dict.add_vm(vm)
vm_list.append(vm)
vm1, vm2, vm3, vm4 = vm_list
ps_ops.change_primary_storage_state(state='maintain', primary_storage_uuid=ps2.uuid)
maintenance_ps_list.append(ps2)
time.sleep(60)
vr_vm_list = test_lib.lib_find_vr_by_vm(vm1.get_vm())
vr_vm = None
if vr_vm_list:
vr_vm = vr_vm_list[0]
if vr_vm.allVolumes[0].primaryStorageUuid == ps2.uuid:
assert vr_vm.state == inventory.STOPPED or vr_vm.state == inventory.STOPPING
else:
assert vr_vm.state == inventory.RUNNING
vm1.check()
else:
vm1.check()
for vm in vm_list:
vm.update()
assert vm1.get_vm().state == inventory.RUNNING
assert vm2.get_vm().state == inventory.STOPPED
assert vm3.get_vm().state == inventory.STOPPED
assert vm4.get_vm().state == inventory.STOPPED
for vm in [vm2, vm3, vm4]:
with test_stub.expected_failure("start vm in maintenance ps", Exception):
vm.start()
test_util.test_dsc('enable ps2')
ps_ops.change_primary_storage_state(state='enable', primary_storage_uuid=ps2.uuid)
maintenance_ps_list.remove(ps2)
if vr_vm and vr_vm.state == inventory.STOPPED:
vm_ops.start_vm(vr_vm.uuid)
time.sleep(10)
for vm in [vm2, vm3, vm4]:
vm.start()
for vm in [vm2, vm3, vm4]:
vm.update()
vm.check()
test_util.test_pass('Multi PrimaryStorage Test Pass')
