def test_hbs_mgmnt_vn_ref_muliple_add(self): hbs = HostBasedService('hbs-%s' % self.id(), parent_obj=self.project) self.api.host_based_service_create(hbs) vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=self.project) self.api.virtual_network_create(vn1) vn2 = VirtualNetwork('vn2-%s' % self.id(), parent_obj=self.project) self.api.virtual_network_create(vn2) for vn_type in ['management']: self.api.ref_update( hbs.resource_type, hbs.uuid, vn1.resource_type, vn1.uuid, None, 'ADD', ServiceVirtualNetworkType(vn_type), ) self.assertRaises( BadRequest, self.api.ref_update, hbs.resource_type, hbs.uuid, vn2.resource_type, vn2.uuid, None, 'ADD', ServiceVirtualNetworkType(vn_type), )
def test_hbs_unique_vn_ref_per_type(self): hbs = HostBasedService('hbs-%s' % self.id(), parent_obj=self.project) self.api.host_based_service_create(hbs) vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=self.project) self.api.virtual_network_create(vn1) vn2 = VirtualNetwork('vn2-%s' % self.id(), parent_obj=self.project) self.api.virtual_network_create(vn2) for vn_type in ['management', 'left', 'right', 'other']: self.api.ref_update( hbs.resource_type, hbs.uuid, vn1.resource_type, vn1.uuid, None, 'ADD', ServiceVirtualNetworkType(vn_type), ) self.assertRaises( BadRequest, self.api.ref_update, hbs.resource_type, hbs.uuid, vn1.resource_type, vn2.uuid, None, 'ADD', ServiceVirtualNetworkType(vn_type), ) hbs = self.api.host_based_service_read(id=hbs.uuid) hbs.set_virtual_network_list([]) self.api.host_based_service_update(hbs)
def _create_network(self, vn_name, vn_type, proj_obj, ipam_obj, ipam_update, provider=None): # Check if the VN already exists. # If yes, update existing VN object with k8s config. vn_exists = False vn = VirtualNetwork(name=vn_name, parent_obj=proj_obj, address_allocation_mode='flat-subnet-only') try: vn_obj = self.vnc_lib.virtual_network_read( fq_name=vn.get_fq_name()) vn_exists = True except NoIdError: # VN does not exist. Create one. vn_obj = vn # Attach IPAM to virtual network. # # For flat-subnets, the subnets are specified on the IPAM and # not on the virtual-network to IPAM link. So pass an empty # list of VnSubnetsType. if ipam_update or \ not self._is_ipam_exists(vn_obj, ipam_obj.get_fq_name()): vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([])) vn_obj.set_virtual_network_properties( VirtualNetworkType(forwarding_mode='l3')) fabric_snat = False if vn_type == 'pod-network': fabric_snat = True if not vn_exists: if self.args.ip_fabric_forwarding: if provider: # enable ip_fabric_forwarding vn_obj.add_virtual_network(provider) elif fabric_snat and self.args.ip_fabric_snat: # enable fabric_snat vn_obj.set_fabric_snat(True) else: # disable fabric_snat vn_obj.set_fabric_snat(False) # Create VN. self.vnc_lib.virtual_network_create(vn_obj) else: self.vnc_lib.virtual_network_update(vn_obj) vn_obj = self.vnc_lib.virtual_network_read( fq_name=vn_obj.get_fq_name()) VirtualNetworkKM.locate(vn_obj.uuid) return vn_obj
def _create_virtual_network(self, vn_name, proj_obj, ipam_obj, ipam_update, provider=None, subnets=None, type='flat-subnet-only', ip_fabric_snat=None): vn_exists = False vn = VirtualNetwork( name=vn_name, parent_obj=proj_obj, address_allocation_mode=type) try: vn_obj = self._vnc_lib.virtual_network_read( fq_name=vn.get_fq_name()) vn_exists = True except NoIdError: # VN does not exist. Create one. vn_obj = vn if vn_exists: return vn_obj # Attach IPAM to virtual network. # # For flat-subnets, the subnets are specified on the IPAM and # not on the virtual-network to IPAM link. So pass an empty # list of VnSubnetsType. # For user-defined-subnets, use the provided subnets if ipam_update or \ not self._is_ipam_exists(vn_obj, ipam_obj.get_fq_name()): if subnets and type == 'user-defined-subnet-only': vn_obj.add_network_ipam(ipam_obj, subnets) else: vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([])) vn_obj.set_virtual_network_properties( VirtualNetworkType(forwarding_mode='l2_l3')) if not vn_exists: if provider: # enable ip_fabric_forwarding vn_obj.add_virtual_network(provider) elif ip_fabric_snat: # enable fabric_snat vn_obj.set_fabric_snat(True) else: # disable fabric_snat vn_obj.set_fabric_snat(False) # Create VN. self._vnc_lib.virtual_network_create(vn_obj) else: # TODO: Handle Network update pass vn_obj = self._vnc_lib.virtual_network_read( fq_name=vn_obj.get_fq_name()) VirtualNetworkKM.locate(vn_obj.uuid) return vn_obj
def test_vm_port_not_added_to_lr(self): project = self._vnc_lib.project_read( ['default-domain', 'default-project']) ipam = self._vnc_lib.network_ipam_read( ['default-domain', 'default-project', 'default-network-ipam']) # Create subnets ipam_sn_v4_vn = IpamSubnetType(subnet=SubnetType('11.1.1.0', 24)) # Create VN my-vn vn = VirtualNetwork('%s-vn' % self.id(), project) vn.add_network_ipam(ipam, VnSubnetsType([ipam_sn_v4_vn])) self._vnc_lib.virtual_network_create(vn) net_obj = self._vnc_lib.virtual_network_read(id=vn.uuid) # Create v4 Ip object ip_obj = InstanceIp(name=str(uuid.uuid4()), instance_ip_family='v4') ip_obj.uuid = ip_obj.name # Create VM vm_inst_obj = VirtualMachine(str(uuid.uuid4())) vm_inst_obj.uuid = vm_inst_obj.name self._vnc_lib.virtual_machine_create(vm_inst_obj) id_perms = IdPermsType(enable=True) vm_port_obj = VirtualMachineInterface(str(uuid.uuid4()), vm_inst_obj, id_perms=id_perms) vm_port_obj.uuid = vm_port_obj.name vm_port_obj.set_virtual_network(vn) ip_obj.set_virtual_machine_interface(vm_port_obj) ip_obj.set_virtual_network(net_obj) self._vnc_lib.virtual_machine_interface_create(vm_port_obj) self._vnc_lib.instance_ip_create(ip_obj) # Create Logical Router lr = LogicalRouter('router-test-v4-%s' % self.id(), project) self._vnc_lib.logical_router_create(lr) # Add Router Interface lr.add_virtual_machine_interface(vm_port_obj) with ExpectedException(RefsExistError): self._vnc_lib.logical_router_update(lr) lr.del_virtual_machine_interface(vm_port_obj) # Create Port port_obj = self.create_port(project, net_obj) lr.add_virtual_machine_interface(port_obj) self._vnc_lib.logical_router_update(lr) with ExpectedException(BadRequest): port_obj.add_virtual_machine(vm_inst_obj) self._vnc_lib.virtual_machine_interface_update(port_obj) self._vnc_lib.logical_router_delete(id=lr.uuid)
def test_delete_lr_missing_vn_refs(self): # Get Project Ref project = self._vnc_lib.project_read( fq_name=['default-domain', 'default-project']) lr = LogicalRouter('router-test-missing_vn_refs-%s' % (self.id()), project) lr.set_logical_router_type('vxlan-routing') lr_uuid = self._vnc_lib.logical_router_create(lr) lr = self._vnc_lib.logical_router_read(id=lr_uuid) logger.debug('Created Logical Router ') # Create a VN Object vn = VirtualNetwork('%s-vn' % self.id(), project) self._vnc_lib.virtual_network_create(vn) # Create a Virtual Machine Interface that does not have VN Ref id_perms = IdPermsType(enable=True) vmi_no_vn_ref = VirtualMachineInterface(str(uuid.uuid4()), parent_obj=project, id_perms=id_perms) vmi_no_vn_ref.set_virtual_network(vn) vmi_uuid = self._vnc_lib.virtual_machine_interface_create( vmi_no_vn_ref) # Do not associate VN Ref to VMI and create lr.add_virtual_machine_interface(vmi_no_vn_ref) self._vnc_lib.logical_router_update(lr) vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_uuid) vn_refs = vmi_obj.get_virtual_network_refs() vn_uuid = vn_refs[0]['uuid'] self._vnc_lib.ref_update('virtual_machine_interface', vmi_uuid, 'virtual_network', vn_uuid, None, 'DELETE') vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_uuid) vn_refs = vmi_obj.get_virtual_network_refs() self.assertIsNone(vn_refs) # Create a VN Object vn2 = VirtualNetwork('%s-vn2' % self.id(), project) self._vnc_lib.virtual_network_create(vn2) # Create a Virtual Machine Interface that does not have VN Ref vmi_no_vn_ref_2 = VirtualMachineInterface(str(uuid.uuid4()), parent_obj=project, id_perms=id_perms) vmi_no_vn_ref_2.set_virtual_network(vn2) self._vnc_lib.virtual_machine_interface_create(vmi_no_vn_ref_2) # Do not associate VN Ref to VMI and create lr.add_virtual_machine_interface(vmi_no_vn_ref_2) self._vnc_lib.logical_router_update(lr) # Deleting directly from api-server as api server # will not allow deletion self._vnc_lib.logical_router_delete(id=lr.uuid)
def _create_cluster_network(self): proj_fq_name = vnc_kube_config.cluster_default_project_fq_name() proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name) vn_obj = VirtualNetwork( name='cluster-network', parent_obj=proj_obj, address_allocation_mode='user-defined-subnet-only') ipam_fq_name = ['default-domain', 'default-project', 'default-network-ipam'] ipam_obj = self._vnc_lib.network_ipam_read(fq_name=ipam_fq_name) subnet_data = self._create_subnet_data('10.32.0.0/24') vn_obj.add_network_ipam(ipam_obj, subnet_data) return self._vnc_lib.virtual_network_create(vn_obj)
def test_same_network_not_attached_to_lr(self): project = self._vnc_lib.project_read( ['default-domain', 'default-project']) ipam = self._vnc_lib.network_ipam_read( ['default-domain', 'default-project', 'default-network-ipam']) # Create subnets ipam_sn_v4_vn = IpamSubnetType(subnet=SubnetType('11.1.1.0', 24)) # Create VN my-vn vn = VirtualNetwork('%s-vn' % self.id(), project) vn.add_network_ipam(ipam, VnSubnetsType([ipam_sn_v4_vn])) self._vnc_lib.virtual_network_create(vn) net_obj = self._vnc_lib.virtual_network_read(id=vn.uuid) # Create v4 Ip object ip_obj = InstanceIp(name=str(uuid.uuid4()), instance_ip_family='v4') ip_obj.uuid = ip_obj.name # Create Port port_obj = self.create_port(project, net_obj) # Create Logical Router lr = LogicalRouter('router-test-v4-%s' % self.id(), project) lr.set_logical_router_type('snat-routing') self._vnc_lib.logical_router_create(lr) # Add Router Interface lr.add_virtual_machine_interface(port_obj) self._vnc_lib.logical_router_update(lr) # set router_external net_obj.set_router_external(True) self._vnc_lib.virtual_network_update(net_obj) with ExpectedException(BadRequest): lr.add_virtual_network(net_obj) self._vnc_lib.logical_router_update(lr) lr.del_virtual_network(net_obj) lr.del_virtual_machine_interface(port_obj) self._vnc_lib.logical_router_update(lr) lr.add_virtual_network(net_obj) self._vnc_lib.logical_router_update(lr) # Create Port port_obj = self.create_port(project, net_obj) with ExpectedException(BadRequest): lr.add_virtual_machine_interface(port_obj) self._vnc_lib.logical_router_update(lr) self._vnc_lib.logical_router_delete(id=lr.uuid)
def _create_virtual_network(self, project='default', network='cluster-network'): proj_fq_name = ['default-domain', project] proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name) vn_obj = VirtualNetwork( name=network, parent_obj=proj_obj, address_allocation_mode='user-defined-subnet-only') ipam_fq_name = ['default-domain', 'default-project', 'default-network-ipam'] ipam_obj = self._vnc_lib.network_ipam_read(fq_name=ipam_fq_name) subnet_data = self._create_subnet_data('10.0.0.0/24') vn_obj.add_network_ipam(ipam_obj, subnet_data) return self._vnc_lib.virtual_network_create(vn_obj)
def _create_virtual_network(self, project='default', network='cluster-network'): proj_fq_name = ['default-domain', project] proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name) vn_obj = VirtualNetwork( name=network, parent_obj=proj_obj, address_allocation_mode='user-defined-subnet-only') ipam_fq_name = ['default-domain', 'default-project', 'default-network-ipam'] ipam_obj = self._vnc_lib.network_ipam_read(fq_name=ipam_fq_name) subnet_data = self._create_subnet_data(self.external_cidr) vn_obj.add_network_ipam(ipam_obj, subnet_data) return self._vnc_lib.virtual_network_create(vn_obj)
def _create_virtual_network(self, project='default', network='cluster-default-service-network'): if project == 'default': project = kube_config.VncKubernetesConfig.cluster_project_name('default') proj_fq_name = ['default-domain', project] proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name) vn_obj = VirtualNetwork( name=network, parent_obj=proj_obj, address_allocation_mode='user-defined-subnet-only') ipam_fq_name = ['default-domain', 'default-project', 'default-network-ipam'] ipam_obj = self._vnc_lib.network_ipam_read(fq_name=ipam_fq_name) subnet_data = self._create_subnet_data(self.external_cidr) vn_obj.add_network_ipam(ipam_obj, subnet_data) return self._vnc_lib.virtual_network_create(vn_obj)
def gen_virtual_network(project, route_target_list, virtual_network_properties): vnet = VirtualNetwork( name=conf.get('default_net_name'), parent_obj=project, route_target_list=route_target_list, router_external=True, virtual_network_properties=virtual_network_properties) return vnet
def test_hbs_create_with_mgmt_vn_ref(self): project2 = Project('project2-%s' % self.id()) project2.set_quota(QuotaType(host_based_service=1)) self.api.project_create(project2) vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=project2) self.api.virtual_network_create(vn1) hbs1 = HostBasedService('hbs1-%s' % self.id(), parent_obj=project2) hbs1.add_virtual_network(vn1, ServiceVirtualNetworkType('management')) self.api.host_based_service_create(hbs1)
def test_hbs_create_with_annotations(self): project2 = Project('project2-%s' % self.id()) project2.set_quota(QuotaType(host_based_service=1)) self.api.project_create(project2) vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=project2) self.api.virtual_network_create(vn1) hbs1 = HostBasedService('hbs1-%s' % self.id(), parent_obj=project2) hbs1.add_annotations(KeyValuePair( key='image', value='hub.juniper.net/security/csrx:19.2R1.8')) hbs1.add_annotations(KeyValuePair(key='imagePullSecrets', value='psd')) self.api.host_based_service_create(hbs1)
def test_hbs_create_with_vn_ref(self): project2 = Project('project2-%s' % self.id()) self.api.project_create(project2) vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=project2) self.api.virtual_network_create(vn1) hbs1 = HostBasedService('hbs1-%s' % self.id(), parent_obj=project2) hbs1.add_virtual_network(vn1, ServiceVirtualNetworkType('left')) self.assertRaises( BadRequest, self.api.host_based_service_create, hbs1 )
def _create_ipv6_ll_ipam_and_vn(self, vnc_api, network_name): nw_fq_name = ['default-domain', 'default-project', network_name] ipam_fq_name = ['default-domain', 'default-project', '_internal_ipam_ipv6_link_local'] subnets = VnSubnetsType([(IpamSubnetType(subnet=SubnetType('fe80::', 64), default_gateway='fe80::1', addr_from_start=True, subnet_uuid=str(uuid.uuid1()) ) )] ) ipam = NetworkIpam( name='_internal_ipam_ipv6_link_local', fq_name=ipam_fq_name, parent_type='project', ipam_subnet_method='user-defined-subnet') try: self._vnc_api.network_ipam_create(ipam) except RefsExistError as ex: error_msg = 'network IPAM \'ipv6_link_local\' already \ exists or other conflict: {}' \ .format(str(ex)) self._logger.error(error_msg) self._vnc_api.network_ipam_update(ipam) network = VirtualNetwork( name=network_name, fq_name=nw_fq_name, parent_type='project', address_allocation_mode="user-defined-subnet-only") try: network.add_network_ipam(ipam, subnets) vnc_api.virtual_network_create(network) except Exception as ex: self._logger.error("virtual network '%s' already exists or " "other conflict: %s" % (network_name, str(ex))) vnc_api.virtual_network_update(network)
def basic_issu_policy_pre(self): vn1_name = self.id() + 'vn1' vn2_name = self.id() + 'vn2' vn1_obj = VirtualNetwork(vn1_name) vn2_obj = VirtualNetwork(vn2_name) np = self.create_network_policy(vn1_obj, vn2_obj) seq = SequenceType(1, 1) vnp = VirtualNetworkPolicyType(seq) vn1_obj.set_network_policy(np, vnp) vn2_obj.set_network_policy(np, vnp) self._vnc_lib.virtual_network_create(vn1_obj) self._vnc_lib.virtual_network_create(vn2_obj) self.assertTill(self.vnc_db_has_ident, obj=vn1_obj) self.assertTill(self.vnc_db_has_ident, obj=vn2_obj) self.check_ri_ref_present(self.get_ri_name(vn1_obj), self.get_ri_name(vn2_obj)) self.check_ri_ref_present(self.get_ri_name(vn2_obj), self.get_ri_name(vn1_obj))
def test_hbs_default_vn_ref_add_with_annotations(self): hbs = HostBasedService('hbs-%s' % self.id(), parent_obj=self.project) self.api.host_based_service_create(hbs) vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=self.project) self.api.virtual_network_create(vn1) hbs.add_annotations(KeyValuePair(key='imagePullSecrets', value='psd')) for vn_type in ['left', 'right']: self.assertRaises( BadRequest, self.api.ref_update, hbs.resource_type, hbs.uuid, vn1.resource_type, vn1.uuid, None, 'ADD', ServiceVirtualNetworkType(vn_type), )
def test_lr_v4_subnets(self): # Create Domain domain = Domain('my-lr-domain') self._vnc_lib.domain_create(domain) # Create Project project = Project('my-lr-proj', domain) self._vnc_lib.project_create(project) # Create NetworkIpam ipam = NetworkIpam('default-network-ipam', project, IpamType("dhcp")) self._vnc_lib.network_ipam_create(ipam) ipam = self._vnc_lib.network_ipam_read( ['my-lr-domain', 'my-lr-proj', 'default-network-ipam']) # Create subnets ipam_sn_v4_vn1 = IpamSubnetType(subnet=SubnetType('11.1.1.0', 24)) ipam_sn_v6_vn1 = IpamSubnetType(subnet=SubnetType('fd11::', 120)) ipam_sn_v4_vn2 = IpamSubnetType(subnet=SubnetType('11.1.2.0', 24)) ipam_sn_v6_vn2 = IpamSubnetType(subnet=SubnetType('fd12::', 120)) # Create VN my-vn-1 vn1 = VirtualNetwork('my-vn-1', project) vn1.add_network_ipam(ipam, VnSubnetsType([ipam_sn_v4_vn1, ipam_sn_v6_vn1])) self._vnc_lib.virtual_network_create(vn1) net_obj1 = self._vnc_lib.virtual_network_read(id=vn1.uuid) # Create VN my-vn-2 vn2 = VirtualNetwork('my-vn-2', project) vn2.add_network_ipam(ipam, VnSubnetsType([ipam_sn_v4_vn2, ipam_sn_v6_vn2])) self._vnc_lib.virtual_network_create(vn2) net_obj2 = self._vnc_lib.virtual_network_read(id=vn2.uuid) # Create Logical Router lr = LogicalRouter('router-test-v4-%s' % self.id(), project) lr_uuid = self._vnc_lib.logical_router_create(lr) # Create a Virtual Machine Interface belonging to my-vn-1 id_perms = IdPermsType(enable=True) port_obj1 = VirtualMachineInterface(str(uuid.uuid4()), parent_obj=project, id_perms=id_perms) port_obj1.uuid = port_obj1.name port_obj1.set_virtual_network(vn1) port_obj1.set_virtual_machine_interface_device_owner( 'DEVICE_OWNER_ROUTER_INTF') # Assign gateway ip ipam_refs = net_obj1.get_network_ipam_refs() for ipam_ref in ipam_refs: subnets = ipam_ref['attr'].get_ipam_subnets() for subnet in subnets: cidr = '%s/%s' % (subnet.subnet.get_ip_prefix(), subnet.subnet.get_ip_prefix_len()) if IPNetwork(cidr).version == 4: gateway_ip = subnet.get_default_gateway() self._vnc_lib.virtual_machine_interface_create(port_obj1) # Create v4 Ip object ip_obj1 = InstanceIp(name=str(uuid.uuid4()), instance_ip_address=gateway_ip, instance_ip_family='v4') ip_obj1.uuid = ip_obj1.name ip_obj1.set_virtual_machine_interface(port_obj1) ip_obj1.set_virtual_network(net_obj1) ip_id1 = self._vnc_lib.instance_ip_create(ip_obj1) # Add Router Interface (test being subnet) lr.add_virtual_machine_interface(port_obj1) self._vnc_lib.logical_router_update(lr) # Create a Virtual Machine Interface belonging to my-vn-2 port_obj2 = VirtualMachineInterface(str(uuid.uuid4()), parent_obj=project, id_perms=id_perms) port_obj2.uuid = port_obj2.name port_obj2.set_virtual_network(vn2) port_obj2.set_virtual_machine_interface_device_owner( 'DEVICE_OWNER_ROUTER_INTF') # Assign gateway ip ipam_refs = net_obj2.get_network_ipam_refs() for ipam_ref in ipam_refs: subnets = ipam_ref['attr'].get_ipam_subnets() for subnet in subnets: cidr = '%s/%s' % (subnet.subnet.get_ip_prefix(), subnet.subnet.get_ip_prefix_len()) if IPNetwork(cidr).version == 4: gateway_ip = subnet.get_default_gateway() self._vnc_lib.virtual_machine_interface_create(port_obj2) # Create v4 Ip object ip_obj2 = InstanceIp(name=str(uuid.uuid4()), instance_ip_address=gateway_ip, instance_ip_family='v4') ip_obj2.uuid = ip_obj2.name ip_obj2.set_virtual_machine_interface(port_obj2) ip_obj2.set_virtual_network(net_obj2) ip_id2 = self._vnc_lib.instance_ip_create(ip_obj2) # Add Router Interface (test being subnet) lr.add_virtual_machine_interface(port_obj2) self._vnc_lib.logical_router_update(lr) # TODO: Schema transformer not integrated in the tests, # hence route-target refs not set yet # Verify Route Target Creation rt_refs = lr.get_route_target_refs() for rt_ref in rt_refs or []: rt_obj = self._vnc_lib.route_target_read(id=rt_ref['uuid']) ri_refs = rt_obj.get_routing_instance_back_refs() for ri_ref in ri_refs: ri_obj = self.vnc_lib.routing_instance_read(id=ri_ref['uuid']) ri_name = ri_obj.get_display_name() if ri_name != 'my-vn-1' and ri_name != 'my-vn-2': pass # cleanup self._vnc_lib.instance_ip_delete(id=ip_id1) self._vnc_lib.instance_ip_delete(id=ip_id2) self._vnc_lib.logical_router_delete(id=lr_uuid) self._vnc_lib.virtual_machine_interface_delete(id=port_obj1.uuid) self._vnc_lib.virtual_machine_interface_delete(id=port_obj2.uuid) self._vnc_lib.virtual_network_delete(id=vn1.uuid) self._vnc_lib.virtual_network_delete(id=vn2.uuid) self._vnc_lib.network_ipam_delete(id=ipam.uuid) self._vnc_lib.project_delete(id=project.uuid) self._vnc_lib.domain_delete(id=domain.uuid)
def test_vxlan_routing_for_internal_vn(self): project = self._vnc_lib.project_read( fq_name=['default-domain', 'default-project']) project.set_vxlan_routing(True) self._vnc_lib.project_update(project) # Create Logical Router lr = LogicalRouter('router-test-v4-%s' % self.id(), project) lr_uuid = self._vnc_lib.logical_router_create(lr) lr = self._vnc_lib.logical_router_read(id=lr_uuid) # Check to see whether internal VN for VxLAN Routing is created. int_vn_name = get_lr_internal_vn_name(lr_uuid) int_vn_fqname = ['default-domain', 'default-project', int_vn_name] try: self._vnc_lib.virtual_network_read(fq_name=int_vn_fqname) except NoIdError as e: # Invisible objects do not come up in read # calls but throws up a exception saying the # object is invisible but cannot be read, confirming # the presence of the object. Hack! if "This object is not visible" not in str(e): assert (False) # Check to see if we are not able to attach Ext Gateway when # VxLAN Routing is enabled. ext_vn = VirtualNetwork(name=self.id() + '_ext_lr') ext_vn_uuid = self._vnc_lib.virtual_network_create(ext_vn) ext_vn = self._vnc_lib.virtual_network_read(id=ext_vn_uuid) lr.add_virtual_network(ext_vn) try: self._vnc_lib.logical_router_update(lr) self.fail("API allow to add an external gateway to the logical " "router while the VxLAN routing is enabled") except BadRequest: pass # Check to see if we are not able to disable VxLAN routing in the # project when there is one LR in the project. project.set_vxlan_routing(False) try: self._vnc_lib.project_update(project) self.fail("API allows to disable VxLAN routhing while there is a " "logical router in the project") except BadRequest: pass # Check to see if deleting the VN deletes the internal VN # that was created. self._vnc_lib.logical_router_delete(id=lr_uuid) try: self._vnc_lib.virtual_network_read(fq_name=int_vn_fqname) self.fail("Logical router internal virtual network was not " "removed") except NoIdError: pass # Check to see if we are able to disable VxLAN Routing # after LR is deleted in the project. project.set_vxlan_routing(False) self._vnc_lib.project_update(project)
def setUp(self): def _carve_out_subnets(subnets, cidr): carved_subnets = [] for subnet in subnets: slash_x_subnets = IPNetwork(subnet.get('cidr')).subnet(cidr) for slash_x_sn in slash_x_subnets: carved_subnets.append({'cidr': str(slash_x_sn)}) return carved_subnets # end _carve_out_subnets def _get_network_ipam(ipam_name, subnets, subnetting): def _new_subnet(cidr): split_cidr = cidr.split('/') return SubnetType( ip_prefix=split_cidr[0], ip_prefix_len=split_cidr[1]) # end _new_subnet ipam = NetworkIpam( name=ipam_name, ipam_subnets=IpamSubnets([ IpamSubnetType( subnet=_new_subnet(sn.get('cidr')), default_gateway=sn.get('gateway'), subnet_uuid=str(uuid.uuid1()) ) for sn in subnets if int( sn.get('cidr').split('/')[-1]) < 31 ]), ipam_subnet_method='flat-subnet', ipam_subnetting=subnetting ) return ipam # end _add_network_ipam super(TestPnfPortTuple, self).setUp() logger.debug("setUp called") # Create Global objects default_gsc_name = 'default-global-system-config' gsc_obj = self.api.global_system_config_read( GlobalSystemConfig().fq_name) proj_obj = self.api.project_read(Project().fq_name) # Create PNF and spine Physical Router pnf_obj = PhysicalRouter('pnf-' + self.id(), gsc_obj) pnf_obj.set_physical_router_role('pnf') self.pnf_uuid = self.api.physical_router_create(pnf_obj) # Create spine Physical Router spine_obj = PhysicalRouter('spine-' + self.id(), gsc_obj) self.spine_uuid = self.api.physical_router_create(spine_obj) # Create left/right LR left_lr_name = 'left_lr-' + self.id() left_lr_obj = LogicalRouter(name=left_lr_name, parent_obj=proj_obj) left_lr_obj.add_physical_router(spine_obj) self.left_lr_uuid = self.api.logical_router_create(left_lr_obj) right_lr_name = 'right_lr-' + self.id() right_lr_obj = LogicalRouter(name=right_lr_name, parent_obj=proj_obj) right_lr_obj.add_physical_router(spine_obj) self.right_lr_uuid = self.api.logical_router_create(right_lr_obj) # create left, right PNF PI left_pnf_pi_obj = PhysicalInterface( 'ge-0/0/1-' + self.id(), parent_obj=pnf_obj) right_pnf_pi_obj = PhysicalInterface( 'ge-0/0/2-' + self.id(), parent_obj=pnf_obj) lo_pnf_pi_obj = PhysicalInterface('lo0', parent_obj=pnf_obj) self.left_pnf_pi_uuid = self.api.physical_interface_create( left_pnf_pi_obj) self.right_pnf_pi_uuid = self.api.physical_interface_create( right_pnf_pi_obj) self.lo_pnf_pi_uuid = self.api.physical_interface_create(lo_pnf_pi_obj) # create left, right spine PI left_spine_pi_obj = PhysicalInterface( 'xe-0/0/1-' + self.id(), parent_obj=spine_obj) right_spine_pi_obj = PhysicalInterface( 'xe-0/0/2-' + self.id(), parent_obj=spine_obj) self.left_spine_pi_uuid = self.api.physical_interface_create( left_spine_pi_obj) self.right_spine_pi_uuid = self.api.physical_interface_create( right_spine_pi_obj) # Create Service Appliance Set sas_obj = ServiceApplianceSet('sas-' + self.id(), gsc_obj) sas_obj.set_service_appliance_set_virtualization_type( 'physical-device') self.sas_uuid = self.api.service_appliance_set_create(sas_obj) # Create Service template st_obj = ServiceTemplate(name='st-' + self.id()) st_obj.set_service_appliance_set(sas_obj) svc_properties = ServiceTemplateType() svc_properties.set_service_virtualization_type('physical-device') if_type = ServiceTemplateInterfaceType() if_type.set_service_interface_type('left') svc_properties.add_interface_type(if_type) if_type = ServiceTemplateInterfaceType() if_type.set_service_interface_type('right') svc_properties.add_interface_type(if_type) st_obj.set_service_template_properties(svc_properties) self.st_uuid = self.api.service_template_create(st_obj) # Create Service Instance object si_fqn = ['default-domain', 'default-project', 'si-' + self.id()] si_obj = ServiceInstance(fq_name=si_fqn) si_obj.fq_name = si_fqn si_obj.add_service_template(st_obj) kvp_array = [] kvp = KeyValuePair("left-svc-vlan", "100") kvp_array.append(kvp) kvp = KeyValuePair("right-svc-vlan", "101") kvp_array.append(kvp) kvp = KeyValuePair("left-svc-asns", "66000,66001") kvp_array.append(kvp) kvp = KeyValuePair("right-svc-asns", "66000,66002") kvp_array.append(kvp) kvps = KeyValuePairs() kvps.set_key_value_pair(kvp_array) si_obj.set_annotations(kvps) props = ServiceInstanceType() props.set_service_virtualization_type('physical-device') props.set_ha_mode("active-standby") si_obj.set_service_instance_properties(props) self.si_uuid = self.api.service_instance_create(si_obj) # Create service appliance sa_obj = ServiceAppliance('sa-' + self.id(), parent_obj=sas_obj) kvp_array = [] kvp = KeyValuePair( "left-attachment-point", default_gsc_name + ':' + 'spine-' + self.id() + ':' + 'xe-0/0/1-' + self.id()) kvp_array.append(kvp) kvp = KeyValuePair( "right-attachment-point", default_gsc_name + ':' + 'spine-' + self.id() + ':' + 'xe-0/0/2-' + self.id()) kvp_array.append(kvp) kvps = KeyValuePairs() kvps.set_key_value_pair(kvp_array) sa_obj.set_service_appliance_properties(kvps) sa_obj.set_service_appliance_virtualization_type('physical-device') attr = ServiceApplianceInterfaceType(interface_type='left') sa_obj.add_physical_interface(left_pnf_pi_obj, attr) attr = ServiceApplianceInterfaceType(interface_type='right') sa_obj.add_physical_interface(right_pnf_pi_obj, attr) self.sa_uuid = self.api.service_appliance_create(sa_obj) # Create fabric and add it to spine and PNF fab_obj = Fabric('fab-' + self.id()) self.fab_uuid = self.api.fabric_create(fab_obj) pnf_obj.add_fabric(fab_obj) self.api.physical_router_update(pnf_obj) spine_obj.add_fabric(fab_obj) self.api.physical_router_update(spine_obj) fab_obj = self.api.fabric_read(id=self.fab_uuid) # Create PNF service chain IPAM/network pnf_cidr = [{'cidr': "10.1.1.0/28"}] peer_subnets = _carve_out_subnets(pnf_cidr, 29) pnf_vn_obj = VirtualNetwork( name='fab-' + self.id() + '-pnf-servicechain-network', virtual_network_properties=VirtualNetworkType( forwarding_mode='l3'), address_allocation_mode='flat-subnet-only') self.pnf_vn_uuid = self.api.virtual_network_create(pnf_vn_obj) pnf_ipam_obj = _get_network_ipam( 'fab-' + self.id() + '-pnf-servicechain-network-ipam', peer_subnets, True) self.pnf_ipam_uuid = self.api.network_ipam_create(pnf_ipam_obj) pnf_vn_obj.add_network_ipam(pnf_ipam_obj, VnSubnetsType([])) self.api.virtual_network_update(pnf_vn_obj) fab_obj = self.api.fabric_read(id=self.fab_uuid) fab_obj.add_virtual_network( pnf_vn_obj, FabricNetworkTag( network_type='pnf-servicechain')) self.api.fabric_update(fab_obj) # Create loopback IPAM/network lo_cidr = [{'cidr': "100.100.100.0/28"}] peer_subnets = _carve_out_subnets(lo_cidr, 28) lo_vn_obj = VirtualNetwork( name='fab-' + self.id() + '-loopback-network', virtual_network_properties=VirtualNetworkType( forwarding_mode='l3'), address_allocation_mode='flat-subnet-only') self.lo_vn_uuid = self.api.virtual_network_create(lo_vn_obj) lo_ipam_obj = _get_network_ipam( 'fab-' + self.id() + '-loopback-network-ipam', peer_subnets, False) self.lo_ipam_uuid = self.api.network_ipam_create(lo_ipam_obj) lo_vn_obj.add_network_ipam(lo_ipam_obj, VnSubnetsType([])) self.api.virtual_network_update(lo_vn_obj) fab_obj = self.api.fabric_read(id=self.fab_uuid) fab_obj.add_virtual_network( lo_vn_obj, FabricNetworkTag( network_type='loopback')) self.api.fabric_update(fab_obj)
def test_physical_interface_esi(self): pr_name = self.id() + '_physical_router' pr = PhysicalRouter(pr_name) pr_uuid = self._vnc_lib.physical_router_create(pr) pr_obj = self._vnc_lib.physical_router_read(id=pr_uuid) esi_id = '00:11:22:33:44:55:66:77:88:99' pi1_name = self.id() + '_physical_interface1' pi1 = PhysicalInterface(name=pi1_name, parent_obj=pr_obj, ethernet_segment_identifier=esi_id) pi1_uuid = self._vnc_lib.physical_interface_create(pi1) pi1_obj = self._vnc_lib.physical_interface_read(id=pi1_uuid) li1_name = pi1_name + '_li1' li1 = LogicalInterface(name=li1_name, parent_obj=pi1_obj, logical_interface_vlan_tag=2) vn_name = self.id() + '_test_vn' vn = VirtualNetwork(vn_name) vn_uuid = self._vnc_lib.virtual_network_create(vn) vn_obj = self._vnc_lib.virtual_network_read(id=vn_uuid) vmi_name = self.id() + '_common_vmi' vmi_obj = self._create_vmi(vmi_name, vn_obj) li1.add_virtual_machine_interface(vmi_obj) li1_uuid = self._vnc_lib.logical_interface_create(li1) self._vnc_lib.logical_interface_read(id=li1_uuid) pi2_name = self.id() + '_physical_interface2' pi2 = PhysicalInterface(name=pi2_name, parent_obj=pr_obj, ethernet_segment_identifier=esi_id) pi2_uuid = self._vnc_lib.physical_interface_create(pi2) pi2_obj = self._vnc_lib.physical_interface_read(id=pi2_uuid) li2_name = pi2_name + '_li2' li2 = LogicalInterface(name=li2_name, parent_obj=pi2_obj, logical_interface_vlan_tag=2) second_vmi_name = self.id() + '_2nd_vmi' second_vmi_obj = self._create_vmi(second_vmi_name, vn_obj, 'AA:AA:AA:AA:AA:AA') li2.add_virtual_machine_interface(second_vmi_obj) self.assertRaises(PermissionDenied, self._vnc_lib.logical_interface_create, li2) li2 = LogicalInterface(name=li2_name, parent_obj=pi2_obj, logical_interface_vlan_tag=2) li2_uuid = self._vnc_lib.logical_interface_create(li2) li2_obj = self._vnc_lib.logical_interface_read(id=li2_uuid) li2_obj.add_virtual_machine_interface(second_vmi_obj) self.assertRaises(PermissionDenied, self._vnc_lib.logical_interface_update, li2_obj) pi3_name = self.id() + '_physical_interface3' pi3 = PhysicalInterface( name=pi3_name, parent_obj=pr_obj, ethernet_segment_identifier='00:00:00:00:00:00:00:00:00:AA') pi3_uuid = self._vnc_lib.physical_interface_create(pi3) pi3_obj = self._vnc_lib.physical_interface_read(id=pi3_uuid) li3_name = pi3_name + '_li3' li3 = LogicalInterface(name=li3_name, parent_obj=pi3_obj, logical_interface_vlan_tag=2) li3.add_virtual_machine_interface(vmi_obj) self._vnc_lib.logical_interface_create(li3) pi3_obj.set_ethernet_segment_identifier(esi_id) self._vnc_lib.physical_interface_update(pi3_obj)
def _create_isolated_ns_virtual_network(self, ns_name, vn_name, vn_type, proj_obj, ipam_obj=None, provider=None, enforce_policy=False): """ Create/Update a virtual network for this namespace. """ vn_exists = False vn = VirtualNetwork(name=vn_name, parent_obj=proj_obj, virtual_network_properties=VirtualNetworkType( forwarding_mode='l3'), address_allocation_mode='flat-subnet-only') try: vn_obj = self._vnc_lib.virtual_network_read( fq_name=vn.get_fq_name()) vn_exists = True except NoIdError: # VN does not exist. Create one. vn_obj = vn fabric_snat = False if vn_type == 'pod-network': if self._is_ip_fabric_snat_enabled(ns_name): fabric_snat = True if not vn_exists: # Add annotatins on this isolated virtual-network. VirtualNetworkKM.add_annotations(self, vn, namespace=ns_name, name=ns_name, isolated='True') # Instance-Ip for pods on this VN, should be allocated from # cluster pod ipam. Attach the cluster pod-ipam object # to this virtual network. vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([])) if provider: # enable ip_fabric_forwarding vn_obj.add_virtual_network(provider) elif fabric_snat: # enable fabric_snat vn_obj.set_fabric_snat(True) else: # disable fabric_snat vn_obj.set_fabric_snat(False) vn_uuid = self._vnc_lib.virtual_network_create(vn_obj) # Cache the virtual network. VirtualNetworkKM.locate(vn_uuid) else: ip_fabric_enabled = False if provider: vn_refs = vn_obj.get_virtual_network_refs() ip_fabric_fq_name = provider.fq_name for vn in vn_refs or []: vn_fq_name = vn['to'] if vn_fq_name == ip_fabric_fq_name: ip_fabric_enabled = True break if not ip_fabric_enabled and fabric_snat: # enable fabric_snat vn_obj.set_fabric_snat(True) else: # disable fabric_snat vn_obj.set_fabric_snat(False) # Update VN. self._vnc_lib.virtual_network_update(vn_obj) vn_uuid = vn_obj.get_uuid() vn_obj = self._vnc_lib.virtual_network_read(id=vn_uuid) # If required, enforce security policy at virtual network level. if enforce_policy: self._vnc_lib.set_tags( vn_obj, self._labels.get_labels_dict( VncSecurityPolicy.cluster_aps_uuid)) return vn_obj