def validate_vpc_offering(self, vpc_offering): """Validates the VPC offering""" self.debug("Check if the VPC offering is created successfully?") vpc_offs = VpcOffering.list( self.apiclient, id=vpc_offering.id ) self.assertEqual( isinstance(vpc_offs, list), True, "List VPC offerings should return a valid list" ) self.assertEqual( vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with listVPCOff data" ) self.assertEqual( vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with listVPCOff data" ) self.assertEqual( vpc_offs[0].distributedvpcrouter,True, "VPC offering is not set up for Distributed routing" ) self.debug( "VPC offering is created successfully - %s" % vpc_offering.name) return
def test_vpcnetwork_nuage(self): """Test network VPC for Nuage""" # 1) Create VPC with Nuage VPC offering vpcOffering = VpcOffering.list(self.apiclient, name="Nuage VSP VPC offering") self.assert_(vpcOffering is not None and len(vpcOffering) > 0, "Nuage VPC offering not found") vpc = VPC.create(apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.networkacl", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid) self.assert_(vpc is not None, "VPC creation failed") # 2) Create ACL aclgroup = NetworkACLList.create(apiclient=self.apiclient, services={}, name="acl", description="acl", vpcid=vpc.id) self.assertIsNotNone(aclgroup, "Failed to create NetworkACL list") self.debug("Created a network ACL list %s" % aclgroup.name) # 3) Create ACL Item aclitem = NetworkACL.create(apiclient=self.apiclient, services={}, protocol="TCP", number="10", action="Deny", aclid=aclgroup.id, cidrlist=["0.0.0.0/0"]) self.assertIsNotNone(aclitem, "Network failed to aclItem") self.debug("Added a network ACL %s to ACL list %s" % (aclitem.id, aclgroup.name)) # 4) Create network with ACL nwNuage = Network.create(self.apiclient, self.services["vpcnetwork"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, vpcid=vpc.id, aclid=aclgroup.id, gateway='10.1.0.1') self.debug("Network %s created in VPC %s" % (nwNuage.id, vpc.id)) # 5) Deploy a vm vm = VirtualMachine.create(self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=[str(nwNuage.id)]) self.assert_(vm is not None, "VM failed to deploy") self.assert_(vm.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id))
def create_vpc(self, name, cidr): print name, cidr try: vpcOffering = VpcOffering.list(self.apiclient, isdefault=True) self.assert_(vpcOffering is not None and len(vpcOffering) > 0, "No VPC offerings found") self.services["vpc"] = {} self.services["vpc"]["name"] = name self.services["vpc"]["displaytext"] = name self.services["vpc"]["cidr"] = cidr vpc = VPC.create(apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.internallb", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id) self.assertIsNotNone(vpc, "VPC creation failed") self.logger.debug("Created VPC %s" % vpc.id) return vpc except Exception as e: self.fail("Failed to create VPC: %s due to %s" % (name, e))
def validate_vpc_offering(self, vpc_offering): """Validates the VPC offering""" self.debug("Check if the VPC offering is created successfully?") vpc_offs = VpcOffering.list( self.apiclient, id=vpc_offering.id ) self.assertEqual( isinstance(vpc_offs, list), True, "List VPC offerings should return a valid list" ) self.assertEqual( vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with listVPCOff data" ) self.assertEqual( vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with listVPCOff data" ) self.assertEqual( vpc_offs[0].supportsregionLevelvpc,True, "VPC offering is not set up for region level VPC" ) self.debug( "VPC offering is created successfully - %s" % vpc_offering.name) return
def create_vpc(self, name, cidr): print name, cidr try: vpcOffering = VpcOffering.list(self.apiclient, isdefault=True) self.assert_(vpcOffering is not None and len( vpcOffering) > 0, "No VPC offerings found") self.services["vpc"] = {} self.services["vpc"]["name"] = name self.services["vpc"]["displaytext"] = name self.services["vpc"]["cidr"] = cidr vpc = VPC.create( apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.internallb", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id ) self.assertIsNotNone(vpc, "VPC creation failed") self.logger.debug("Created VPC %s" % vpc.id) return vpc except Exception as e: self.fail("Failed to create VPC: %s due to %s" % (name, e))
def test_vpcnetwork_nuage(self): """Test network VPC for Nuage""" # 1) Create VPC with Nuage VPC offering vpcOffering = VpcOffering.list(self.apiclient,name="Nuage VSP VPC offering") self.assert_(vpcOffering is not None and len(vpcOffering)>0, "Nuage VPC offering not found") vpc = VPC.create( apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.networkacl", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid ) self.assert_(vpc is not None, "VPC creation failed") # 2) Create ACL aclgroup = NetworkACLList.create(apiclient=self.apiclient, services={}, name="acl", description="acl", vpcid=vpc.id) self.assertIsNotNone(aclgroup, "Failed to create NetworkACL list") self.debug("Created a network ACL list %s" % aclgroup.name) # 3) Create ACL Item aclitem = NetworkACL.create(apiclient=self.apiclient, services={}, protocol="TCP", number="10", action="Deny", aclid=aclgroup.id, cidrlist=["0.0.0.0/0"]) self.assertIsNotNone(aclitem, "Network failed to aclItem") self.debug("Added a network ACL %s to ACL list %s" % (aclitem.id, aclgroup.name)) # 4) Create network with ACL nwNuage = Network.create( self.apiclient, self.services["vpcnetwork"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, vpcid=vpc.id, aclid=aclgroup.id, gateway='10.1.0.1' ) self.debug("Network %s created in VPC %s" %(nwNuage.id, vpc.id)) # 5) Deploy a vm vm = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=[str(nwNuage.id)] ) self.assert_(vm is not None, "VM failed to deploy") self.assert_(vm.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" %(vm.id, vpc.id))
def _validate_vpc_offering(self, vpc_offering): self.logger.debug("Check if the VPC offering is created successfully?") vpc_offs = VpcOffering.list(self.apiclient, id=vpc_offering.id) offering_list = validateList(vpc_offs) self.assertEqual(offering_list[0], PASS, "List VPC offerings should return a valid list") self.assertEqual( vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with listVPCOff data") self.logger.debug("VPC offering is created successfully - %s" % vpc_offering.name) return
def validate_vpc_offering(self, vpc_offering, state=None): """Validates the VPC offering""" self.debug("Check if the VPC offering is created successfully ?") vpc_offs = VpcOffering.list(self.api_client, id=vpc_offering.id) self.assertEqual(isinstance(vpc_offs, list), True, "List VPC offering should return a valid list") self.assertEqual( vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with the returned list data" ) if state: self.assertEqual(vpc_offs[0].state, state, "VPC offering state should be '%s'" % state) self.debug("VPC offering creation successfully validated - %s" % vpc_offering.name)
def validate_VpcOffering(self, vpc_offering, state=None): """Validates the VPC offering""" self.debug("Check if the VPC offering is created successfully ?") vpc_offs = VpcOffering.list(self.api_client, id=vpc_offering.id ) self.assertEqual(isinstance(vpc_offs, list), True, "List VPC offering should return a valid list" ) self.assertEqual(vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with the returned list data" ) if state: self.assertEqual(vpc_offs[0].state, state, "VPC offering state should be in state - %s" % state ) self.debug("VPC offering creation successfully validated for %s" % vpc_offering.name)
def test_03_create_ipv6_vpc_offering(self): """Test to create network offering # Validate the following: # 1. createVpcOffering should return valid info for new offering # 2. The Cloud Database contains the valid information """ Configurations.update(self.apiclient, ipv6_offering_config_name, "true") ipv6_service = self.services["vpc_offering"] ipv6_service["internetprotocol"] = "dualstack" vpc_offering = VpcOffering.create( self.apiclient, ipv6_service ) self.cleanup.append(vpc_offering) self.debug("Created VPC offering with ID: %s" % vpc_offering.id) list_vpc_off_response = VpcOffering.list(self.apiclient, id=vpc_offering.id) self.assertEqual( isinstance(list_vpc_off_response, list), True, "Check list response returns a valid list" ) self.assertNotEqual( len(list_vpc_off_response), 0, "Check VPC offering is created" ) vpc_off_response = list_vpc_off_response[0] self.assertEqual( vpc_off_response.id, vpc_offering.id, "Check server id in listVpcOfferings" ) self.assertEqual( vpc_off_response.internetprotocol.lower(), ipv6_service["internetprotocol"].lower(), "Check internetprotocol in listVpcOfferings" ) return
def validate_VpcOffering(self, vpc_offering, state=None): """Validates the VPC offering""" self.debug("Validating the creation and state of VPC offering - %s" % vpc_offering.name) vpc_offs = VpcOffering.list(self.api_client, id=vpc_offering.id ) self.assertEqual(isinstance(vpc_offs, list), True, "List VPC offering should return a valid list" ) self.assertEqual(vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with the " "returned list data" ) if state: self.assertEqual(vpc_offs[0].state, state, "VPC offering state should be '%s'" % state ) self.debug("Successfully validated the creation and state of VPC " "offering - %s" % vpc_offering.name)
def _validate_vpc_offering(self, vpc_offering): self.logger.debug("Check if the VPC offering is created successfully?") vpc_offs = VpcOffering.list( self.apiclient, id=vpc_offering.id ) offering_list = validateList(vpc_offs) self.assertEqual(offering_list[0], PASS, "List VPC offerings should return a valid list" ) self.assertEqual( vpc_offering.name, vpc_offs[0].name, "Name of the VPC offering should match with listVPCOff data" ) self.logger.debug( "VPC offering is created successfully - %s" % vpc_offering.name) return
def test_01_vpc_remote_access_vpn(self): """Test Remote Access VPN in VPC""" self.logger.debug("Starting test: test_01_vpc_remote_access_vpn") # 0) Get the default network offering for VPC self.logger.debug("Retrieving default VPC offering") networkOffering = NetworkOffering.list( self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks") self.assert_(networkOffering is not None and len( networkOffering) > 0, "No VPC based network offering") # 1) Create VPC vpcOffering = VpcOffering.list(self.apiclient, name="Default VPC offering") self.assert_(vpcOffering is not None and len( vpcOffering) > 0, "No VPC offerings found") vpc = None try: vpc = VPC.create( apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.vpn", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id ) except Exception as e: self.fail(e) finally: self.assert_(vpc is not None, "VPC creation failed") self.logger.debug("VPC %s created" % (vpc.id)) try: # 2) Create network in VPC ntwk = Network.create( apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.domain.id, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc.id ) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk, "Network failed to create") self.logger.debug( "Network %s created in VPC %s" % (ntwk.id, vpc.id)) try: # 3) Deploy a vm vm = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.domain.id, serviceofferingid=self.compute_offering.id, networkids=ntwk.id, hypervisor=self.hypervisor ) self.assert_(vm is not None, "VM failed to deploy") self.assert_(vm.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id)) except Exception as e: self.fail(e) finally: self.logger.debug("Deployed virtual machine: OK") try: # 4) Enable VPN for VPC src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc.id ) ip = src_nat_list[0] except Exception as e: self.fail(e) finally: self.logger.debug("Acquired public ip address: OK") try: vpn = Vpn.create(self.apiclient, publicipid=ip.id, account=self.account.name, domainid=self.account.domainid, iprange=self.services["vpn"]["iprange"], fordisplay=self.services["vpn"]["fordisplay"] ) except Exception as e: self.fail(e) finally: self.assertIsNotNone(vpn, "Failed to create Remote Access VPN") self.logger.debug("Created Remote Access VPN: OK") vpnUser = None # 5) Add VPN user for VPC try: vpnUser = VpnUser.create(self.apiclient, account=self.account.name, domainid=self.account.domainid, username=self.services["vpn"]["vpn_user"], password=self.services["vpn"]["vpn_pass"] ) except Exception as e: self.fail(e) finally: self.assertIsNotNone( vpnUser, "Failed to create Remote Access VPN User") self.logger.debug("Created VPN User: OK") # TODO: Add an actual remote vpn connection test from a remote vpc try: # 9) Disable VPN for VPC vpn.delete(self.apiclient) except Exception as e: self.fail(e) finally: self.logger.debug("Deleted the Remote Access VPN: OK")
def test_01_vpc_remote_access_vpn(self): """Test Remote Access VPN in VPC""" # 1) Create VPC vpc_offering = VpcOffering.list(self.apiclient, isdefault=True) self.assertTrue(vpc_offering is not None and len(vpc_offering) > 0, "No VPC offerings found") vpc = VPC.create(apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.vpn", vpcofferingid=vpc_offering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id) self.assertIsNotNone(vpc, "VPC creation failed") self.logger.debug("VPC %s created" % (vpc.id)) self.cleanup.append(vpc) # 2) Create network in VPC ntwk = Network.create(apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.domain.id, networkofferingid=self.network_offerings[0].id, zoneid=self.zone.id, vpcid=vpc.id) self.assertIsNotNone(ntwk, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk.id, vpc.id)) self.cleanup.append(ntwk) # 3) Deploy a vm vm = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.domain.id, serviceofferingid=self.compute_offering.id, networkids=ntwk.id, hypervisor=self.hypervisor) self.assertIsNotNone(vm, "VM failed to deploy") self.assertEquals(vm.state, 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id)) self.logger.debug("Deployed virtual machine: OK") self.cleanup.append(vm) # 4) Enable VPN for VPC src_nat_list = PublicIPAddress.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc.id) ip = src_nat_list[0] self.logger.debug("Acquired public ip address: OK") vpn = Vpn.create(self.apiclient, publicipid=ip.id, account=self.account.name, domainid=self.account.domainid, iprange=self.services["vpn"]["iprange"], fordisplay=self.services["vpn"]["fordisplay"]) self.assertIsNotNone(vpn, "Failed to create Remote Access VPN") self.logger.debug("Created Remote Access VPN: OK") vpn_user = None # 5) Add VPN user for VPC vpn_user = VpnUser.create(self.apiclient, account=self.account.name, domainid=self.account.domainid, username=self.services["vpn"]["vpn_user"], password=self.services["vpn"]["vpn_pass"]) self.assertIsNotNone(vpn_user, "Failed to create Remote Access VPN User") self.logger.debug("Created VPN User: OK") # TODO: Add an actual remote vpn connection test from a remote vpc # 9) Disable VPN for VPC vpn.delete(self.apiclient) self.logger.debug("Deleted the Remote Access VPN: OK")
def test_02_acquire_public_ip_in_vpc(self): # Validate the following # 1. create a VPC with default offering. # 2. assign a specified IP from subnet which is dedicated to domain1, it should succeed # 3. assign a specified IP from subnet which is dedicated to domain1/account1, it should succeed # 4. assign a specified IP from subnet which is dedicated to domain2, it should fail # 5. assign a specified IP from subnet which is dedicated to domain2/account2, it should fail # 6. update account setting use.system.public.ips to false, assign a specified IP from subnet which is public, it should fail # 7. update account setting use.system.public.ips to true, assign a specified IP from subnet which is public, it should succeed vpcOffering = VpcOffering.list(self.apiclient, name="Default VPC offering") vpc = VPC.create( apiclient=self.apiclient, services=self.services["vpc"], vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account1.name, domainid=self.account1.domainid ) # Associate IP in range dedicated to domain1 ip_address_1 = self.get_free_ipaddress(self.public_ip_range1.vlan.id) ipaddress = PublicIPAddress.create( self.apiclient, zoneid=self.zone.id, vpcid=vpc.id, ipaddress=ip_address_1 ) self.assertIsNotNone( ipaddress, "Failed to Associate IP Address" ) self.cleanup.append(ipaddress) self.assertEqual(ipaddress.ipaddress.ipaddress, ip_address_1, "Associated IP is not same as specified") # Associate IP in range dedicated to domain1/account1 ip_address_2 = self.get_free_ipaddress(self.public_ip_range2.vlan.id) ipaddress = PublicIPAddress.create( self.apiclient, zoneid=self.zone.id, vpcid=vpc.id, ipaddress=ip_address_2 ) self.assertIsNotNone( ipaddress, "Failed to Associate IP Address" ) self.cleanup.append(ipaddress) self.assertEqual(ipaddress.ipaddress.ipaddress, ip_address_2, "Associated IP is not same as specified") # Associate IP in range dedicated to domain2 ip_address_3 = self.get_free_ipaddress(self.public_ip_range3.vlan.id) with self.assertRaises(Exception): ipaddress = PublicIPAddress.create( self.apiclient, zoneid=self.zone.id, vpcid=vpc.id, ipaddress=ip_address_3 ) # Associate IP in range dedicated to domain2/account2 ip_address_4 = self.get_free_ipaddress(self.public_ip_range4.vlan.id) with self.assertRaises(Exception): ipaddress = PublicIPAddress.create( self.apiclient, zoneid=self.zone.id, vpcid=vpc.id, ipaddress=ip_address_4 ) # Associate IP in public IP pool Configurations.update( self.apiclient, name="use.system.public.ips", value="false", accountid=self.account1.id ) ip_address_5 = self.get_free_ipaddress(self.public_ip_range5.vlan.id) with self.assertRaises(Exception): ipaddress = PublicIPAddress.create( self.apiclient, zoneid=self.zone.id, vpcid=vpc.id, ipaddress=ip_address_5 ) Configurations.update( self.apiclient, name="use.system.public.ips", value="true", accountid=self.account1.id ) ipaddress = PublicIPAddress.create( self.apiclient, zoneid=self.zone.id, vpcid=vpc.id, ipaddress=ip_address_5 ) self.assertIsNotNone( ipaddress, "Failed to Associate IP Address" ) self.cleanup.append(ipaddress) self.assertEqual(ipaddress.ipaddress.ipaddress, ip_address_5, "Associated IP is not same as specified") self.cleanup.append(vpc) return
def test_vpc_remote_access_vpn(self): """Test Remote Access VPN in VPC""" # 0) Get the default network offering for VPC self.logger.debug("Retrieving default VPC offering") networkOffering = NetworkOffering.list( self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks") self.assert_(networkOffering is not None and len(networkOffering) > 0, "No VPC based network offering") # 1) Create VPC vpcOffering = VpcOffering.list(self.apiclient, isdefault=True) self.assert_(vpcOffering is not None and len(vpcOffering) > 0, "No VPC offerings found") try: vpc = VPC.create(apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.vpn", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id) except Exception as e: self.fail(e) finally: self.assert_(vpc is not None, "VPC creation failed") self.logger.debug("VPC %s created" % (vpc.id)) try: # 2) Create network in VPC ntwk = Network.create(apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.domain.id, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc.id) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk.id, vpc.id)) try: # 3) Deploy a vm vm = VirtualMachine.create( self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.domain.id, serviceofferingid=self.compute_offering.id, networkids=ntwk.id, hypervisor=self.services["virtual_machine"]["hypervisor"]) self.assert_(vm is not None, "VM failed to deploy") self.assert_(vm.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id)) except Exception as e: self.fail(e) finally: self.logger.debug("Deployed virtual machine: OK") try: # 4) Enable VPN for VPC src_nat_list = PublicIPAddress.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc.id) ip = src_nat_list[0] except Exception as e: self.fail(e) finally: self.logger.debug("Acquired public ip address: OK") try: vpn = Vpn.create(self.apiclient, publicipid=ip.id, account=self.account.name, domainid=self.account.domainid, iprange=self.services["vpn"]["iprange"], fordisplay=self.services["vpn"]["fordisplay"]) except Exception as e: self.fail(e) finally: self.assertIsNotNone(vpn, "Failed to create Remote Access VPN") self.logger.debug("Created Remote Access VPN: OK") vpnUser = None # 5) Add VPN user for VPC try: vpnUser = VpnUser.create(self.apiclient, account=self.account.name, domainid=self.account.domainid, username=self.services["vpn"]["vpn_user"], password=self.services["vpn"]["vpn_pass"]) except Exception as e: self.fail(e) finally: self.assertIsNotNone(vpnUser, "Failed to create Remote Access VPN User") self.logger.debug("Created VPN User: OK") #TODO: Add an actual remote vpn connection test from a remote vpc try: # 9) Disable VPN for VPC vpn.delete(self.apiclient) except Exceptio as e: self.fail(e) finally: self.logger.debug("Deleted the Remote Access VPN: OK")
def test_vpc_site2site_vpn(self): """Test VPN in VPC""" # 0) Get the default network offering for VPC networkOffering = NetworkOffering.list( self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks") self.assert_(networkOffering is not None and len(networkOffering) > 0, "No VPC based network offering") # 1) Create VPC offering vpcOffering = VpcOffering.list(self.apiclient, isdefault=True) self.assert_(vpcOffering is not None and len(vpcOffering) > 0, "No VPC offerings found") # Create VPC 1 try: vpc1 = VPC.create(apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc1.vpn", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id) except Exception as e: self.fail(e) finally: self.assert_(vpc1 is not None, "VPC1 creation failed") self.logger.debug("VPC1 %s created" % (vpc1.id)) # Create VPC 2 try: vpc2 = VPC.create(apiclient=self.apiclient, services=self.services["vpc2"], networkDomain="vpc2.vpn", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid) except Exception as e: self.fail(e) finally: self.assert_(vpc2 is not None, "VPC2 creation failed") self.logger.debug("VPC2 %s created" % (vpc2.id)) default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0] # Create network in VPC 1 try: ntwk1 = Network.create(apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc1.id, aclid=default_acl.id) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk1, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id)) # Create network in VPC 2 try: ntwk2 = Network.create(apiclient=self.apiclient, services=self.services["network_2"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc2.id, aclid=default_acl.id) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk2, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id)) # Deploy a vm in network 2 try: vm1 = VirtualMachine.create( self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=ntwk1.id, hypervisor=self.services["virtual_machine"]["hypervisor"]) except Exception as e: self.fail(e) finally: self.assert_(vm1 is not None, "VM failed to deploy") self.assert_(vm1.state == 'Running', "VM is not running") self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id)) # Deploy a vm in network 2 try: vm2 = VirtualMachine.create( self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=ntwk2.id, hypervisor=self.services["virtual_machine"]["hypervisor"]) except Exception as e: self.fail(e) finally: self.assert_(vm2 is not None, "VM failed to deploy") self.assert_(vm2.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id)) # 4) Enable Site-to-Site VPN for VPC vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id) self.assert_(vpn1_response is not None, "Failed to enable VPN Gateway 1") self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id) vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id) self.assert_(vpn2_response is not None, "Failed to enable VPN Gateway 2") self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id) # 5) Add VPN Customer gateway info src_nat_list = PublicIPAddress.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc1.id) ip1 = src_nat_list[0] src_nat_list = PublicIPAddress.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc2.id) ip2 = src_nat_list[0] services = self.services["vpncustomergateway"] customer1_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) self.logger.debug(vars(customer1_response)) customer2_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) self.logger.debug(vars(customer2_response)) # 6) Connect two VPCs vpnconn1_response = Vpn.createVpnConnection(self.apiclient, customer1_response.id, vpn2_response['id'], True) self.debug("VPN passive connection created for VPC %s" % vpc2.id) vpnconn2_response = Vpn.createVpnConnection(self.apiclient, customer2_response.id, vpn1_response['id']) self.debug("VPN connection created for VPC %s" % vpc1.id) self.assertEqual(vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!") # acquire an extra ip address to use to ssh into vm2 try: vm2.public_ip = PublicIPAddress.create( apiclient=self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, services=self.services, networkid=ntwk2.id, vpcid=vpc2.id) except Exception as e: self.fail(e) finally: self.assert_(vm2.public_ip is not None, "Failed to aqcuire public ip for vm2") # Create port forward to be able to ssh into vm2 try: natrule = self.create_natrule(vpc2, vm2, 22, 22, vm2.public_ip, ntwk2) except Exception as e: self.fail(e) finally: self.assert_(natrule is not None, "Failed to create portforward for vm2") time.sleep(10) # setup ssh connection to vm2 ssh_client = self.get_ssh_client(vm2, self.services, 10) if ssh_client: # run ping test packet_loss = ssh_client.execute( "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0] self.assert_(int(packet_loss) == 0, "Ping did not succeed") else: self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
def test_vpc_site2site_vpn(self): """Test VPN in VPC""" # 0) Get the default network offering for VPC networkOffering = NetworkOffering.list( self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks") self.assert_(networkOffering is not None and len( networkOffering) > 0, "No VPC based network offering") # 1) Create VPC offering vpcOffering = VpcOffering.list(self.apiclient, isdefault=True) self.assert_(vpcOffering is not None and len( vpcOffering) > 0, "No VPC offerings found") # Create VPC 1 try: vpc1 = VPC.create( apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc1.vpn", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id ) except Exception as e: self.fail(e) finally: self.assert_(vpc1 is not None, "VPC1 creation failed") self.logger.debug("VPC1 %s created" % (vpc1.id)) # Create VPC 2 try: vpc2 = VPC.create( apiclient=self.apiclient, services=self.services["vpc2"], networkDomain="vpc2.vpn", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid ) except Exception as e: self.fail(e) finally: self.assert_(vpc2 is not None, "VPC2 creation failed") self.logger.debug("VPC2 %s created" % (vpc2.id)) default_acl = NetworkACLList.list( self.apiclient, name="default_allow")[0] # Create network in VPC 1 try: ntwk1 = Network.create( apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc1.id, aclid=default_acl.id ) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk1, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id)) # Create network in VPC 2 try: ntwk2 = Network.create( apiclient=self.apiclient, services=self.services["network_2"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc2.id, aclid=default_acl.id ) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk2, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id)) # Deploy a vm in network 2 try: vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=ntwk1.id, hypervisor=self.services[ "virtual_machine"]["hypervisor"] ) except Exception as e: self.fail(e) finally: self.assert_(vm1 is not None, "VM failed to deploy") self.assert_(vm1.state == 'Running', "VM is not running") self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id)) # Deploy a vm in network 2 try: vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=ntwk2.id, hypervisor=self.services[ "virtual_machine"]["hypervisor"] ) except Exception as e: self.fail(e) finally: self.assert_(vm2 is not None, "VM failed to deploy") self.assert_(vm2.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id)) # 4) Enable Site-to-Site VPN for VPC vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id) self.assert_( vpn1_response is not None, "Failed to enable VPN Gateway 1") self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id) vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id) self.assert_( vpn2_response is not None, "Failed to enable VPN Gateway 2") self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id) # 5) Add VPN Customer gateway info src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc1.id ) ip1 = src_nat_list[0] src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc2.id ) ip2 = src_nat_list[0] services = self.services["vpncustomergateway"] customer1_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) self.logger.debug(vars(customer1_response)) customer2_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) self.logger.debug(vars(customer2_response)) # 6) Connect two VPCs vpnconn1_response = Vpn.createVpnConnection( self.apiclient, customer1_response.id, vpn2_response['id'], True) self.debug("VPN passive connection created for VPC %s" % vpc2.id) vpnconn2_response = Vpn.createVpnConnection( self.apiclient, customer2_response.id, vpn1_response['id']) self.debug("VPN connection created for VPC %s" % vpc1.id) self.assertEqual( vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!") # acquire an extra ip address to use to ssh into vm2 try: vm2.public_ip = PublicIPAddress.create( apiclient=self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, services=self.services, networkid=ntwk2.id, vpcid=vpc2.id) except Exception as e: self.fail(e) finally: self.assert_( vm2.public_ip is not None, "Failed to aqcuire public ip for vm2") # Create port forward to be able to ssh into vm2 try: natrule = self.create_natrule( vpc2, vm2, 22, 22, vm2.public_ip, ntwk2) except Exception as e: self.fail(e) finally: self.assert_( natrule is not None, "Failed to create portforward for vm2") time.sleep(20) # setup ssh connection to vm2 ssh_client = self.get_ssh_client(vm2, self.services, 10) if ssh_client: # run ping test packet_loss = ssh_client.execute( "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0] self.assert_(int(packet_loss) == 0, "Ping did not succeed") else: self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)