def test_ping_floatingip_reply_with_floatingip(self):
router_info = self.generate_dvr_router_info()
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router,
dst_fip,
fixed_address=dst_machine.ip,
host=self.agent.conf.host)
router.process(self.agent)
# Verify that the ping replys with fip
ns_ip_wrapper = ip_lib.IPWrapper(src_machine.namespace)
result = ns_ip_wrapper.netns.execute(
['ping', '-c', 1, '-W', 5, dst_fip])
self._assert_ping_reply_from_expected_address(result, dst_fip)
def _setup_address_scope(self, internal_address_scope1, internal_address_scope2, gw_address_scope=None):
router_info = self.generate_dvr_router_info(enable_snat=True)
address_scope1 = {str(l3_constants.IP_VERSION_4): internal_address_scope1}
address_scope2 = {str(l3_constants.IP_VERSION_4): internal_address_scope2}
if gw_address_scope:
router_info["gw_port"]["address_scopes"] = {str(l3_constants.IP_VERSION_4): gw_address_scope}
router_info[l3_constants.INTERFACE_KEY][0]["address_scopes"] = address_scope1
router_info[l3_constants.INTERFACE_KEY][1]["address_scopes"] = address_scope2
# Renew the address scope
router_info[l3_constants.SNAT_ROUTER_INTF_KEY] = []
self._add_snat_port_info_to_router(router_info, router_info[l3_constants.INTERFACE_KEY])
router = self.manage_router(self.agent, router_info)
router_ip_cidr1 = self._port_first_ip_cidr(router.internal_ports[0])
router_ip1 = router_ip_cidr1.partition("/")[0]
router_ip_cidr2 = self._port_first_ip_cidr(router.internal_ports[1])
router_ip2 = router_ip_cidr2.partition("/")[0]
br_int = framework.get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
test_machine1 = self.useFixture(
machine_fixtures.FakeMachine(br_int, net_helpers.increment_ip_cidr(router_ip_cidr1, 10), router_ip1)
)
test_machine2 = self.useFixture(
machine_fixtures.FakeMachine(br_int, net_helpers.increment_ip_cidr(router_ip_cidr2, 10), router_ip2)
)
return test_machine1, test_machine2, router
def test_fip_connection_from_same_subnet(self):
'''Test connection to floatingip which is associated with
fixed_ip on the same subnet of the source fixed_ip.
In other words it confirms that return packets surely
go through the router.
'''
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process(self.agent)
protocol_port = net_helpers.get_free_namespace_port(
l3_constants.PROTO_NAME_TCP, dst_machine.namespace)
# client sends to fip
netcat = net_helpers.NetcatTester(
src_machine.namespace, dst_machine.namespace,
dst_fip, protocol_port,
protocol=net_helpers.NetcatTester.TCP)
self.addCleanup(netcat.stop_processes)
self.assertTrue(netcat.test_connectivity())
def test_access_to_metadata_proxy(self):
"""Test access to the l3-agent metadata proxy.
The test creates:
* A l3-agent metadata service:
* A router (which creates a metadata proxy in the router namespace),
* A fake metadata server
* A "client" namespace (simulating a vm) with a port on router
internal subnet.
The test queries from the "client" namespace the metadata proxy on
http://169.254.169.254 and asserts that the metadata proxy added
the X-Forwarded-For and X-Neutron-Router-Id headers to the request
and forwarded the http request to the fake metadata server and the
response to the "client" namespace.
"""
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
self._create_metadata_fake_server(webob.exc.HTTPOk.code)
# Create and configure client namespace
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
br_int = framework.get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
machine = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr), router_ip_cidr.partition("/")[0]
)
)
# Query metadata proxy
firstline = self._query_metadata_proxy(machine)
# Check status code
self.assertIn(str(webob.exc.HTTPOk.code), firstline.split())
def test_fip_connection_for_address_scope(self):
self.agent.conf.agent_mode = 'dvr_snat'
(machine_same_scope, machine_diff_scope,
router) = self._setup_address_scope('scope1', 'scope2', 'scope1')
router.router[l3_constants.FLOATINGIP_KEY] = []
fip_same_scope = '19.4.4.10'
self._add_fip(router, fip_same_scope,
fixed_address=machine_same_scope.ip,
host=self.agent.conf.host,
fixed_ip_address_scope='scope1')
fip_diff_scope = '19.4.4.11'
self._add_fip(router, fip_diff_scope,
fixed_address=machine_diff_scope.ip,
host=self.agent.conf.host,
fixed_ip_address_scope='scope2')
router.process(self.agent)
br_ex = framework.get_ovs_bridge(
self.agent.conf.external_network_bridge)
src_machine = self.useFixture(
machine_fixtures.FakeMachine(br_ex, '19.4.4.12/24'))
# Floating ip should work no matter of address scope
net_helpers.assert_ping(src_machine.namespace, fip_same_scope, 5)
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope, 5)
def test_fip_connection_from_same_subnet(self):
'''Test connection to floatingip which is associated with
fixed_ip on the same subnet of the source fixed_ip.
In other words it confirms that return packets surely
go through the router.
'''
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process(self.agent)
protocol_port = net_helpers.get_free_namespace_port(
l3_constants.PROTO_NAME_TCP, dst_machine.namespace)
# client sends to fip
netcat = net_helpers.NetcatTester(
src_machine.namespace,
dst_machine.namespace,
dst_fip,
protocol_port,
protocol=net_helpers.NetcatTester.TCP)
self.addCleanup(netcat.stop_processes)
self.assertTrue(netcat.test_connectivity())
def test_fip_connection_for_address_scope(self):
self.agent.conf.agent_mode = 'dvr_snat'
(machine_same_scope, machine_diff_scope,
router) = self._setup_address_scope('scope1', 'scope2', 'scope1')
router.router[l3_constants.FLOATINGIP_KEY] = []
fip_same_scope = '19.4.4.10'
self._add_fip(router,
fip_same_scope,
fixed_address=machine_same_scope.ip,
host=self.agent.conf.host,
fixed_ip_address_scope='scope1')
fip_diff_scope = '19.4.4.11'
self._add_fip(router,
fip_diff_scope,
fixed_address=machine_diff_scope.ip,
host=self.agent.conf.host,
fixed_ip_address_scope='scope2')
router.process(self.agent)
br_ex = framework.get_ovs_bridge(
self.agent.conf.external_network_bridge)
src_machine = self.useFixture(
machine_fixtures.FakeMachine(br_ex, '19.4.4.12/24'))
# Floating ip should work no matter of address scope
net_helpers.assert_ping(src_machine.namespace, fip_same_scope, 5)
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope, 5)
def _setup_fip_with_fixed_ip_from_same_subnet(self, enable_snat):
"""Setup 2 FakeMachines from same subnet, one with floatingip
associated.
"""
router_info = self.generate_router_info(enable_ha=False,
enable_snat=enable_snat)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[lib_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process()
return src_machine, dst_machine, dst_fip
def test_access_to_metadata_proxy(self):
"""Test access to the l3-agent metadata proxy.
The test creates:
* A l3-agent metadata service:
* A router (which creates a metadata proxy in the router namespace),
* A fake metadata server
* A "client" namespace (simulating a vm) with a port on router
internal subnet.
The test queries from the "client" namespace the metadata proxy on
http://169.254.169.254 and asserts that the metadata proxy added
the X-Forwarded-For and X-Neutron-Router-Id headers to the request
and forwarded the http request to the fake metadata server and the
response to the "client" namespace.
"""
router_info = self.generate_router_info(enable_ha=False)
router = self.manage_router(self.agent, router_info)
self._create_metadata_fake_server(webob.exc.HTTPOk.code)
# Create and configure client namespace
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
br_int = framework.get_ovs_bridge(
self.agent.conf.OVS.integration_bridge)
machine = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip_cidr.partition('/')[0]))
# Query metadata proxy
firstline = self._query_metadata_proxy(machine)
# Check status code
self.assertIn(str(webob.exc.HTTPOk.code), firstline.split())
def _setup_address_scope(self, internal_address_scope1,
internal_address_scope2, gw_address_scope=None):
router_info = self.generate_router_info(enable_ha=False,
num_internal_ports=2)
address_scope1 = {l3_constants.IP_VERSION_4: internal_address_scope1}
address_scope2 = {l3_constants.IP_VERSION_4: internal_address_scope2}
if gw_address_scope:
router_info['gw_port']['address_scopes'] = {
l3_constants.IP_VERSION_4: gw_address_scope}
router_info[l3_constants.INTERFACE_KEY][0]['address_scopes'] = (
address_scope1)
router_info[l3_constants.INTERFACE_KEY][1]['address_scopes'] = (
address_scope2)
router = self.manage_router(self.agent, router_info)
router_ip_cidr1 = self._port_first_ip_cidr(router.internal_ports[0])
router_ip1 = router_ip_cidr1.partition('/')[0]
router_ip_cidr2 = self._port_first_ip_cidr(router.internal_ports[1])
router_ip2 = router_ip_cidr2.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
test_machine1 = self.useFixture(
machine_fixtures.FakeMachine(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr1),
router_ip1))
test_machine2 = self.useFixture(
machine_fixtures.FakeMachine(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr2),
router_ip2))
return test_machine1, test_machine2, router
def _setup_fip_with_fixed_ip_from_same_subnet(self, enable_snat):
"""Setup 2 FakeMachines from same subnet, one with floatingip
associated.
"""
router_info = self.generate_router_info(enable_ha=False,
enable_snat=enable_snat)
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(
br_int,
net_helpers.increment_ip_cidr(router_ip_cidr),
router_ip)).machines
dst_fip = '19.4.4.10'
router.router[lib_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip)
router.process()
return src_machine, dst_machine, dst_fip
def test_fip_connection_for_address_scope(self):
(machine_same_scope, machine_diff_scope, router) = self._setup_address_scope("scope1", "scope2", "scope1")
router.router[l3_constants.FLOATINGIP_KEY] = []
fip_same_scope = "19.4.4.10"
self._add_fip(router, fip_same_scope, fixed_address=machine_same_scope.ip, fixed_ip_address_scope="scope1")
fip_diff_scope = "19.4.4.11"
self._add_fip(router, fip_diff_scope, fixed_address=machine_diff_scope.ip, fixed_ip_address_scope="scope2")
router.process(self.agent)
br_ex = framework.get_ovs_bridge(self.agent.conf.external_network_bridge)
src_machine = self.useFixture(machine_fixtures.FakeMachine(br_ex, "19.4.4.12/24"))
# Floating ip should work no matter of address scope
net_helpers.assert_ping(src_machine.namespace, fip_same_scope, 5)
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope, 5)
def test_direct_route_for_address_scope(self):
(machine_same_scope, machine_diff_scope, router) = self._setup_address_scope("scope1", "scope2", "scope1")
gw_port = router.get_ex_gw_port()
gw_ip = self._port_first_ip_cidr(gw_port).partition("/")[0]
br_ex = framework.get_ovs_bridge(self.agent.conf.external_network_bridge)
src_machine = self.useFixture(machine_fixtures.FakeMachine(br_ex, "19.4.4.12/24", gw_ip))
# For the internal networks that are in the same address scope as
# external network, they can directly route to external network
net_helpers.assert_ping(src_machine.namespace, machine_same_scope.ip, 5)
# For the internal networks that are not in the same address scope as
# external networks. SNAT will be used. Direct route will not work
# here.
src_machine.assert_no_ping(machine_diff_scope.ip)
def test_direct_route_for_address_scope(self):
(machine_same_scope, machine_diff_scope,
router) = self._setup_address_scope('scope1', 'scope2', 'scope1')
gw_port = router.get_ex_gw_port()
gw_ip = self._port_first_ip_cidr(gw_port).partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.OVS.integration_bridge)
src_machine = self.useFixture(
machine_fixtures.FakeMachine(br_int, '19.4.4.12/24', gw_ip))
# For the internal networks that are in the same address scope as
# external network, they can directly route to external network
net_helpers.assert_ping(src_machine.namespace, machine_same_scope.ip)
# For the internal networks that are not in the same address scope as
# external networks. SNAT will be used. Direct route will not work
# here.
src_machine.assert_no_ping(machine_diff_scope.ip)
def _setup_address_scope(self,
internal_address_scope1,
internal_address_scope2,
gw_address_scope=None):
router_info = self.generate_dvr_router_info(enable_snat=True)
address_scope1 = {
str(l3_constants.IP_VERSION_4): internal_address_scope1
}
address_scope2 = {
str(l3_constants.IP_VERSION_4): internal_address_scope2
}
if gw_address_scope:
router_info['gw_port']['address_scopes'] = {
str(l3_constants.IP_VERSION_4): gw_address_scope
}
router_info[l3_constants.INTERFACE_KEY][0]['address_scopes'] = (
address_scope1)
router_info[l3_constants.INTERFACE_KEY][1]['address_scopes'] = (
address_scope2)
# Renew the address scope
router_info[n_const.SNAT_ROUTER_INTF_KEY] = []
self._add_snat_port_info_to_router(
router_info, router_info[l3_constants.INTERFACE_KEY])
router = self.manage_router(self.agent, router_info)
router_ip_cidr1 = self._port_first_ip_cidr(router.internal_ports[0])
router_ip1 = router_ip_cidr1.partition('/')[0]
router_ip_cidr2 = self._port_first_ip_cidr(router.internal_ports[1])
router_ip2 = router_ip_cidr2.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
test_machine1 = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr1, 10),
router_ip1))
test_machine2 = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr2, 10),
router_ip2))
return test_machine1, test_machine2, router
def test_ping_floatingip_reply_with_floatingip(self):
router_info = self.generate_dvr_router_info()
router = self.manage_router(self.agent, router_info)
router_ip_cidr = self._port_first_ip_cidr(router.internal_ports[0])
router_ip = router_ip_cidr.partition("/")[0]
br_int = framework.get_ovs_bridge(self.agent.conf.ovs_integration_bridge)
src_machine, dst_machine = self.useFixture(
machine_fixtures.PeerMachines(br_int, net_helpers.increment_ip_cidr(router_ip_cidr), router_ip)
).machines
dst_fip = "19.4.4.10"
router.router[l3_constants.FLOATINGIP_KEY] = []
self._add_fip(router, dst_fip, fixed_address=dst_machine.ip, host=self.agent.conf.host)
router.process(self.agent)
# Verify that the ping replys with fip
ns_ip_wrapper = ip_lib.IPWrapper(src_machine.namespace)
result = ns_ip_wrapper.netns.execute(["ping", "-c", 1, "-W", 5, dst_fip])
self._assert_ping_reply_from_expected_address(result, dst_fip)
def _setup_address_scope(self,
internal_address_scope1,
internal_address_scope2,
gw_address_scope=None):
router_info = self.generate_router_info(enable_ha=False,
num_internal_ports=2)
address_scope1 = {
str(l3_constants.IP_VERSION_4): internal_address_scope1
}
address_scope2 = {
str(l3_constants.IP_VERSION_4): internal_address_scope2
}
if gw_address_scope:
router_info['gw_port']['address_scopes'] = {
str(l3_constants.IP_VERSION_4): gw_address_scope
}
router_info[l3_constants.INTERFACE_KEY][0]['address_scopes'] = (
address_scope1)
router_info[l3_constants.INTERFACE_KEY][1]['address_scopes'] = (
address_scope2)
router = self.manage_router(self.agent, router_info)
router_ip_cidr1 = self._port_first_ip_cidr(router.internal_ports[0])
router_ip1 = router_ip_cidr1.partition('/')[0]
router_ip_cidr2 = self._port_first_ip_cidr(router.internal_ports[1])
router_ip2 = router_ip_cidr2.partition('/')[0]
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
test_machine1 = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr1),
router_ip1))
test_machine2 = self.useFixture(
machine_fixtures.FakeMachine(
br_int, net_helpers.increment_ip_cidr(router_ip_cidr2),
router_ip2))
return test_machine1, test_machine2, router
def test_fip_connection_for_address_scope(self):
(machine_same_scope, machine_diff_scope,
router) = self._setup_address_scope('scope1', 'scope2', 'scope1')
router.router[lib_constants.FLOATINGIP_KEY] = []
fip_same_scope = '19.4.4.10'
self._add_fip(router, fip_same_scope,
fixed_address=machine_same_scope.ip,
fixed_ip_address_scope='scope1')
fip_diff_scope = '19.4.4.11'
self._add_fip(router, fip_diff_scope,
fixed_address=machine_diff_scope.ip,
fixed_ip_address_scope='scope2')
router.process()
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine = self.useFixture(
machine_fixtures.FakeMachine(br_int, '19.4.4.12/24'))
# Floating ip should work no matter of address scope
net_helpers.assert_ping(src_machine.namespace, fip_same_scope)
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope)
def test_fip_connection_for_address_scope(self):
(machine_same_scope, machine_diff_scope,
router) = self._setup_address_scope('scope1', 'scope2', 'scope1')
router.router[lib_constants.FLOATINGIP_KEY] = []
fip_same_scope = '19.4.4.10'
self._add_fip(router, fip_same_scope,
fixed_address=machine_same_scope.ip,
fixed_ip_address_scope='scope1')
fip_diff_scope = '19.4.4.11'
self._add_fip(router, fip_diff_scope,
fixed_address=machine_diff_scope.ip,
fixed_ip_address_scope='scope2')
router.process()
br_int = framework.get_ovs_bridge(
self.agent.conf.ovs_integration_bridge)
src_machine = self.useFixture(
machine_fixtures.FakeMachine(br_int, '19.4.4.12/24'))
# Floating ip should work no matter of address scope
net_helpers.assert_ping(src_machine.namespace, fip_same_scope)
net_helpers.assert_ping(src_machine.namespace, fip_diff_scope)
def _make_bridge(self):
bridge = framework.get_ovs_bridge(utils.get_rand_name())
bridge.create()
self.addCleanup(bridge.destroy)
return bridge
def _make_bridge(self):
bridge = framework.get_ovs_bridge(utils.get_rand_name())
bridge.create()
self.addCleanup(bridge.destroy)
return bridge
