def test_disable_port_security_with_empty_allowed_address_pair_list(self): project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project) self._vnc_lib.virtual_network_create(vn) addr_pair = AllowedAddressPairs() vmi1 = VirtualMachineInterface( 'vmi1-%s' % self.id(), parent_obj=project, port_security_enabled=False, virtual_machine_interface_allowed_address_pairs=addr_pair) vmi1.set_virtual_network(vn) self._vnc_lib.virtual_machine_interface_create(vmi1) addr_pair = AllowedAddressPairs( allowed_address_pair=[ AllowedAddressPair(ip=SubnetType('1.1.1.0', 24), mac='02:ce:1b:d7:a6:e7')]) vmi2 = VirtualMachineInterface( 'vmi2-%s' % self.id(), parent_obj=project, port_security_enabled=True, virtual_machine_interface_allowed_address_pairs=addr_pair) vmi2.set_virtual_network(vn) self._vnc_lib.virtual_machine_interface_create(vmi2) addr_pair = AllowedAddressPairs() vmi2.set_virtual_machine_interface_allowed_address_pairs(addr_pair) self._vnc_lib.virtual_machine_interface_update(vmi2) vmi2.set_port_security_enabled(False) self._vnc_lib.virtual_machine_interface_update(vmi2)
def test_dedicated_tag_and_refs_deleted(self): vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project) self._vnc_lib.virtual_network_create(vn) vmi_ids = [] for i in range(3): vmi = VirtualMachineInterface('%s-vmi%d' % (self.id(), i), parent_obj=self.project) vmi.add_virtual_network(vn) vmi_ids.append(self._vnc_lib.virtual_machine_interface_create(vmi)) neutron_fg = self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'ports': vmi_ids, }, ) tag_fq_name = self._get_tag_fq_name(neutron_fg, self.project) try: self._vnc_lib.tag_read(tag_fq_name) except NoIdError: msg = ("Dedicated Tag %s for firewall group %s was not created" % (':'.join(tag_fq_name), neutron_fg['id'])) self.fail(msg) self.delete_resource('firewall_group', self.project_id, neutron_fg['id']) self.assertRaises(NoIdError, self._vnc_lib.tag_read, tag_fq_name)
def test_update_in_use_provider_vn(self): project = Project('%s-project' % self.id()) project_uuid = self.api.project_create(project) project = self.api.project_read(id=project_uuid) vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=project) vn.set_is_provider_network(True) vn.set_provider_properties( ProviderDetails( params_dict={"segmentation_id": 100, "physical_network": "physnet1"})) vn_uuid = self.api.virtual_network_create(vn) vmi = VirtualMachineInterface('%s-vmi' % self.id(), parent_obj=project) vmi.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi) vn = self.api.virtual_network_read(id=vn_uuid) vn.set_provider_properties( ProviderDetails( params_dict={"segmentation_id": 200, "physical_network": "physnet2"})) with ExpectedException(RefsExistError): self.api.virtual_network_update(vn) updated_provider_properties = (self .api.virtual_network_read(id=vn.uuid) .get_provider_properties()) segmentation_id = updated_provider_properties.get_segmentation_id() physical_network = updated_provider_properties.get_physical_network() self.assertEqual((100, "physnet1"), (segmentation_id, physical_network))
def test_firewall_group_port_association(self): vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project) self._vnc_lib.virtual_network_create(vn) vmi_ids = [] for i in range(3): vmi = VirtualMachineInterface('%s-vmi%d' % (self.id(), i), parent_obj=self.project) vmi.add_virtual_network(vn) vmi_ids.append(self._vnc_lib.virtual_machine_interface_create(vmi)) neutron_fg = self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'ports': vmi_ids[:-1], }, ) self.assertEquals(set(neutron_fg['ports']), set(vmi_ids[:-1])) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'ports': vmi_ids[1:], }, ) self.assertEquals(set(neutron_fg['ports']), set(vmi_ids[1:]))
def test_virtual_port_group_delete(self): proj_obj = Project('%s-project' % (self.id())) self.api.project_create(proj_obj) vn = VirtualNetwork('vn-%s' % (self.id()), parent_obj=proj_obj) self.api.virtual_network_create(vn) vpg_name = "vpg-" + self.id() vpg_obj = VirtualPortGroup(vpg_name) self.api.virtual_port_group_create(vpg_obj) vmi_id_list = [] for i in range(self.VMI_NUM): vmi_obj = VirtualMachineInterface(self.id() + str(i), parent_obj=proj_obj) vmi_obj.set_virtual_network(vn) vmi_id_list.append( self.api.virtual_machine_interface_create(vmi_obj)) vpg_obj.add_virtual_machine_interface(vmi_obj) self.api.virtual_port_group_update(vpg_obj) self.api.ref_relax_for_delete(vpg_obj.uuid, vmi_id_list[i]) # Make sure when VPG doesn't get deleted, since associated VMIs # still refers it. with ExpectedException(BadRequest): self.api.virtual_port_group_delete(id=vpg_obj.uuid) # Cleanup for i in range(self.VMI_NUM): self.api.virtual_machine_interface_delete(id=vmi_id_list[i]) self.api.virtual_port_group_delete(id=vpg_obj.uuid)
def test_context_undo_fail_db_delete(self): project = Project(name='p-{}'.format(self.id())) self.api.project_create(project) vn = VirtualNetwork(name='vn-{}'.format(self.id()), parent_obj=project) self.api.virtual_network_create(vn) vmi_obj = VirtualMachineInterface('vmi-{}'.format(self.id()), parent_obj=project) vmi_obj.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi_obj) vmi_obj = self.api.virtual_machine_interface_read(id=vmi_obj.uuid) mock_zk = self._api_server._db_conn._zk_db zk_alloc_count_before = mock_zk._vpg_id_allocator.get_alloc_count() def stub(*args, **kwargs): return False, (500, "Fake error") with ExpectedException(HttpError): with test_common.flexmocks([(self._api_server._db_conn, 'dbe_delete', stub)]): self.api.virtual_machine_interface_delete( fq_name=vmi_obj.fq_name) zk_alloc_count_after = mock_zk._vpg_id_allocator.get_alloc_count() self.assertEqual(zk_alloc_count_before, zk_alloc_count_after)
def test_update_vmi_vn(self): vmi = VirtualMachineInterface( name='test-virtual-machine-interface', parent_obj=self.project) vmi.set_virtual_machine(self.virtual_machine) vmi.set_virtual_network(self.virtual_network_red) vmi.set_virtual_machine_interface_bindings( KeyValuePairs( key_value_pair=[KeyValuePair(key='vnic_type', value='direct'), KeyValuePair( key='host_id', value=self.node_red_hostname)])) vmi_uuid = self.api.virtual_machine_interface_create(vmi) self.check_vpg_exists( self.vlan_id_red, self.physical_interface_red.get_uuid() ) # update vn vmi = self.api.virtual_machine_interface_read(id=vmi_uuid) vmi.set_virtual_network(self.virtual_network_green) self.api.virtual_machine_interface_update(vmi) self.check_vpg_not_exist( self.vlan_id_red, self.physical_interface_red.get_uuid() ) self.check_vpg_exists( self.vlan_id_green, self.physical_interface_red.get_uuid() ) self.api.virtual_machine_interface_delete(id=vmi_uuid)
def create_lr(self, lrname, vns, prs, vmis): lr_fq_name = ['default-domain', 'default-project', lrname] lr = LogicalRouter(fq_name=lr_fq_name, parent_type='project', logical_router_type='vxlan-routing') for pr in prs: probj = self._vnc_lib.physical_router_read(id=pr.get_uuid()) lr.add_physical_router(probj) for vn in vns: vminame = 'vmi-lr-to-vn' + vn.get_display_name() fq_name1 = ['default-domain', 'default-project', vminame] vmi = VirtualMachineInterface(fq_name=fq_name1, parent_type='project') vmi.set_virtual_network(vn) self._vnc_lib.virtual_machine_interface_create(vmi) vmis[vminame] = vmi lr.add_virtual_machine_interface(vmi) lr.set_logical_router_type('vxlan-routing') lr_uuid = self._vnc_lib.logical_router_create(lr) # make sure internal is created try: self.check_lr_internal_vn_state(lr) except Exception: pass return lr, self._vnc_lib.logical_router_read(id=lr_uuid)
def test_dedicated_tag_and_refs_deleted(self): vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project) self._vnc_lib.virtual_network_create(vn) vmi_ids = [] for i in range(3): vmi = VirtualMachineInterface( '%s-vmi%d' % (self.id(), i), parent_obj=self.project) vmi.add_virtual_network(vn) vmi_ids.append(self._vnc_lib.virtual_machine_interface_create(vmi)) neutron_fg = self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'ports': vmi_ids, }, ) tag_fq_name = self._get_tag_fq_name(neutron_fg, self.project) try: self._vnc_lib.tag_read(tag_fq_name) except NoIdError: msg = ("Dedicated Tag %s for firewall group %s was not created" % (':'.join(tag_fq_name), neutron_fg['id'])) self.fail(msg) self.delete_resource('firewall_group', self.project_id, neutron_fg['id']) self.assertRaises(NoIdError, self._vnc_lib.tag_read, tag_fq_name)
def test_firewall_group_port_association(self): vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project) self._vnc_lib.virtual_network_create(vn) vmi_ids = [] for i in range(3): vmi = VirtualMachineInterface( '%s-vmi%d' % (self.id(), i), parent_obj=self.project) vmi.add_virtual_network(vn) vmi_ids.append(self._vnc_lib.virtual_machine_interface_create(vmi)) neutron_fg = self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'ports': vmi_ids[:-1], }, ) self.assertEquals(set(neutron_fg['ports']), set(vmi_ids[:-1])) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'ports': vmi_ids[1:], }, ) self.assertEquals(set(neutron_fg['ports']), set(vmi_ids[1:]))
def test_valid_sub_interface_vlan_tag_id(self): project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=project) self.api.virtual_network_create(vn) test_suite = [ (None, None), (VMIPT(None), None), (VMIPT(sub_interface_vlan_tag=None), None), (VMIPT(sub_interface_vlan_tag=-42), BadRequest), (VMIPT(sub_interface_vlan_tag=4095), BadRequest), (VMIPT(sub_interface_vlan_tag='fo'), BadRequest), (VMIPT(sub_interface_vlan_tag='42'), None), (VMIPT(sub_interface_vlan_tag=42), None), ] for (vmipt, result) in test_suite: vmi = VirtualMachineInterface('%s-vmi' % self.id(), parent_obj=project) vmi.set_virtual_network(vn) vmi.set_virtual_machine_interface_properties(vmipt) if result and issubclass(result, Exception): self.assertRaises(result, self.api.virtual_machine_interface_create, vmi) else: self.api.virtual_machine_interface_create(vmi) self.api.virtual_machine_interface_delete(id=vmi.uuid)
def _create_virtual_interface(self, project, vip_id, subnet_id, ip_address): network_id = utils.get_subnet_network_id(self._api, subnet_id) try: vnet = self._api.virtual_network_read(id=network_id) except NoIdError: raise n_exc.NetworkNotFound(net_id=network_id) vmi = VirtualMachineInterface(vip_id, project) vmi.set_virtual_network(vnet) sg_obj = SecurityGroup("default", project) vmi.add_security_group(sg_obj) self._api.virtual_machine_interface_create(vmi) iip_obj = InstanceIp(name=vip_id) iip_obj.set_virtual_network(vnet) iip_obj.set_virtual_machine_interface(vmi) if ip_address and ip_address != attributes.ATTR_NOT_SPECIFIED: iip_obj.set_instance_ip_address(ip_address) self._api.instance_ip_create(iip_obj) iip = self._api.instance_ip_read(id=iip_obj.uuid) vip_address = iip.get_instance_ip_address() return vmi, vip_address
def _create_vmi(self, pod_task_id, vm_obj, vn_obj): proj_fq_name = vnc_mesos_config.cluster_project_fq_name('default') proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name) vmi_prop = None obj_uuid = str(uuid.uuid1()) vmi_obj = VirtualMachineInterface( name=vm_obj.name, parent_obj=proj_obj, virtual_machine_interface_properties=vmi_prop, display_name=vm_obj.name) vmi_obj.uuid = obj_uuid vmi_obj.set_virtual_network(vn_obj) vmi_obj.set_virtual_machine(vm_obj) vmi_obj.add_annotations(KeyValuePair(key='index', value='0/1')) vmi_obj.port_security_enabled = True VirtualMachineInterfaceMM.add_annotations(self, vmi_obj, pod_task_id) try: vmi_uuid = self._vnc_lib.virtual_machine_interface_create(vmi_obj) except RefsExistError: vmi_uuid = self._vnc_lib.virtual_machine_interface_update(vmi_obj) VirtualMachineInterfaceMM.locate(vmi_uuid) return vmi_uuid
def test_asn(self): # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24') ident_name = self.get_obj_imid(vn1_obj) gevent.sleep(2) ifmap_ident = self.assertThat(FakeIfmapClient._graph, Contains(ident_name)) self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:64512:8000001') # create router1 r1_name = self.id() + 'router1' router1 = self.create_bgp_router(r1_name, 'contrail') self.check_bgp_asn(router1.get_fq_name(), 64512) # create virtual machine interface vmi_name = self.id() + 'vmi1' vmi = VirtualMachineInterface( vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(vmi) # create logical router lr_name = self.id() + 'lr1' lr = LogicalRouter(lr_name) lr.add_virtual_machine_interface(vmi) self._vnc_lib.logical_router_create(lr) self.check_lr_asn(lr.get_fq_name(), 'target:64512:8000002') #update global system config but dont change asn value for equality path gs = self._vnc_lib.global_system_config_read( fq_name=['default-global-system-config']) gs.set_autonomous_system(64512) self._vnc_lib.global_system_config_update(gs) # check route targets self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:64512:8000001') self.check_bgp_asn(router1.get_fq_name(), 64512) self.check_lr_asn(lr.get_fq_name(), 'target:64512:8000002') #update ASN value gs = self._vnc_lib.global_system_config_read( fq_name=[u'default-global-system-config']) gs.set_autonomous_system(50000) self._vnc_lib.global_system_config_update(gs) # check new route targets self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:50000:8000001') self.check_bgp_asn(router1.get_fq_name(), 50000) self.check_lr_asn(lr.get_fq_name(), 'target:50000:8000002') self._vnc_lib.logical_router_delete(id=lr.uuid) self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid) self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid) self.check_ri_is_deleted(fq_name=vn1_obj.fq_name + [vn1_obj.name]) self._vnc_lib.bgp_router_delete(id=router1.uuid)
def test_create_pool(self): tenant_id = _uuid() pool_id = _uuid() vip_id = _uuid() subnet_id = _uuid() api = self.api_server project = Project(name='test') project.uuid = tenant_id template = ServiceTemplate('lb-test', project) template.uuid = _uuid() pool_attrs = LoadbalancerPoolType() pool_attrs.subnet_id = subnet_id pool = LoadbalancerPool( pool_id, project, loadbalancer_pool_properties=pool_attrs) pool.uuid = pool_id vip_attrs = VirtualIpType() vip_attrs.subnet_id = subnet_id vip_attrs.address = '127.0.0.1' vip = VirtualIp(vip_id, project, virtual_ip_properties=vip_attrs) vip.uuid = vip_id vip.set_loadbalancer_pool(pool) vnet = VirtualNetwork('test', project) vnet.uuid = _uuid() vmi = VirtualMachineInterface(vip_id, project) vmi.uuid = _uuid() vmi.set_virtual_network(vnet) iip = InstanceIp(vip_id, instance_ip_address='127.0.0.1') iip.uuid = _uuid() iip.set_virtual_machine_interface(vmi) iip_refs = [ {'to': iip.get_fq_name(), 'uuid': iip.uuid} ] vmi.get_instance_ip_back_refs = mock.Mock() vmi.get_instance_ip_back_refs.return_value = iip_refs vip.set_virtual_machine_interface(vmi) api.virtual_service_template_read = template api.loadbalancer_pool_read.return_value = pool api.virtual_ip_read.return_value = vip api.kv_retrieve.return_value = '%s %s' % (vnet.uuid, subnet_id) api.virtual_machine_interface_read.return_value = vmi api.instance_ip_read.return_value = iip api.service_instance_read.side_effect = NoIdError('404') context = {} pool_data = { 'id': pool_id, 'vip_id': vip_id } self.driver.create_pool(context, pool_data) api.service_instance_create.assert_called_with(mock.ANY)
def test_asn(self): # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24') self.assertTill(self.vnc_db_has_ident, obj=vn1_obj) ri_target = self.check_ri_target(self.get_ri_name(vn1_obj)) # create router1 r1_name = self.id() + 'router1' router1 = self.create_bgp_router(r1_name, 'contrail') self.check_bgp_asn(router1.get_fq_name(), 64512) # create virtual machine interface vmi_name = self.id() + 'vmi1' vmi = VirtualMachineInterface( vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(vmi) # create logical router lr_name = self.id() + 'lr1' lr = LogicalRouter(lr_name) lr.add_virtual_machine_interface(vmi) self._vnc_lib.logical_router_create(lr) lr_target = self.check_lr_target(lr.get_fq_name()) #update global system config but dont change asn value for equality path gs = self._vnc_lib.global_system_config_read( fq_name=['default-global-system-config']) gs.set_autonomous_system(64512) self._vnc_lib.global_system_config_update(gs) # check route targets self.check_ri_target(self.get_ri_name(vn1_obj), ri_target) self.check_bgp_asn(router1.get_fq_name(), 64512) self.check_lr_target(lr.get_fq_name(), lr_target) #update ASN value gs = self._vnc_lib.global_system_config_read( fq_name=[u'default-global-system-config']) gs.set_autonomous_system(50000) self._vnc_lib.global_system_config_update(gs) # check new route targets self.check_ri_target(self.get_ri_name(vn1_obj), ri_target.replace('64512', '50000')) self.check_bgp_asn(router1.get_fq_name(), 50000) self.check_lr_target(lr.get_fq_name(), lr_target.replace('64512', '50000')) self._vnc_lib.logical_router_delete(id=lr.uuid) self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid) self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid) self.check_ri_is_deleted(fq_name=vn1_obj.fq_name + [vn1_obj.name]) self._vnc_lib.bgp_router_delete(id=router1.uuid)
def test_asn(self): # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24') ident_name = self.get_obj_imid(vn1_obj) gevent.sleep(2) ifmap_ident = self.assertThat(FakeIfmapClient._graph, Contains(ident_name)) self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:64512:8000001') # create router1 r1_name = self.id() + 'router1' router1 = self.create_bgp_router(r1_name, 'contrail') self.check_bgp_asn(router1.get_fq_name(), 64512) # create virtual machine interface vmi_name = self.id() + 'vmi1' vmi = VirtualMachineInterface(vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(vmi) # create logical router lr_name = self.id() + 'lr1' lr = LogicalRouter(lr_name) lr.add_virtual_machine_interface(vmi) self._vnc_lib.logical_router_create(lr) self.check_lr_asn(lr.get_fq_name(), 'target:64512:8000002') #update global system config but dont change asn value for equality path gs = self._vnc_lib.global_system_config_read( fq_name=['default-global-system-config']) gs.set_autonomous_system(64512) self._vnc_lib.global_system_config_update(gs) # check route targets self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:64512:8000001') self.check_bgp_asn(router1.get_fq_name(), 64512) self.check_lr_asn(lr.get_fq_name(), 'target:64512:8000002') #update ASN value gs = self._vnc_lib.global_system_config_read( fq_name=[u'default-global-system-config']) gs.set_autonomous_system(50000) self._vnc_lib.global_system_config_update(gs) # check new route targets self.check_ri_asn(self.get_ri_name(vn1_obj), 'target:50000:8000001') self.check_bgp_asn(router1.get_fq_name(), 50000) self.check_lr_asn(lr.get_fq_name(), 'target:50000:8000002') self._vnc_lib.logical_router_delete(id=lr.uuid) self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid) self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid) self.check_ri_is_deleted(fq_name=vn1_obj.fq_name+[vn1_obj.name]) self._vnc_lib.bgp_router_delete(id=router1.uuid)
def test_firewall_group_status(self): neutron_fg = self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'admin_state_up': False, }, ) self.assertEquals(neutron_fg['status'], constants.DOWN) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'admin_state_up': True, }, ) self.assertEquals(neutron_fg['status'], constants.INACTIVE) vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project) self._vnc_lib.virtual_network_create(vn) vmi = VirtualMachineInterface( '%s-vmi' % self.id(), parent_obj=self.project) vmi.add_virtual_network(vn) self._vnc_lib.virtual_machine_interface_create(vmi) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'ports': [vmi.uuid], }, ) self.assertEquals(neutron_fg['status'], constants.INACTIVE) fp = FirewallPolicy('%s-fp' % self.id(), parent_obj=self.project) self._vnc_lib.firewall_policy_create(fp) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'egress_firewall_policy_id': fp.uuid, }, ) self.assertEquals(neutron_fg['status'], constants.ACTIVE) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'ports': [], }, ) self.assertEquals(neutron_fg['status'], constants.INACTIVE)
def test_firewall_group_status(self): neutron_fg = self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'admin_state_up': False, }, ) self.assertEquals(neutron_fg['status'], constants.DOWN) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'admin_state_up': True, }, ) self.assertEquals(neutron_fg['status'], constants.INACTIVE) vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project) self._vnc_lib.virtual_network_create(vn) vmi = VirtualMachineInterface('%s-vmi' % self.id(), parent_obj=self.project) vmi.add_virtual_network(vn) self._vnc_lib.virtual_machine_interface_create(vmi) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'ports': [vmi.uuid], }, ) self.assertEquals(neutron_fg['status'], constants.INACTIVE) fp = FirewallPolicy('%s-fp' % self.id(), parent_obj=self.project) self._vnc_lib.firewall_policy_create(fp) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'egress_firewall_policy_id': fp.uuid, }, ) self.assertEquals(neutron_fg['status'], constants.ACTIVE) neutron_fg = self.update_resource( 'firewall_group', neutron_fg['id'], self.project_id, extra_res_fields={ 'ports': [], }, ) self.assertEquals(neutron_fg['status'], constants.INACTIVE)
def test_asn(self): # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24') self.assertTill(self.vnc_db_has_ident, obj=vn1_obj) ri_target = self.check_ri_target(self.get_ri_name(vn1_obj)) # create router1 r1_name = self.id() + 'router1' router1 = self.create_bgp_router(r1_name, 'contrail') self.check_bgp_asn(router1.get_fq_name(), 64512) # create virtual machine interface vmi_name = self.id() + 'vmi1' vmi = VirtualMachineInterface(vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(vmi) # create logical router lr_name = self.id() + 'lr1' lr = LogicalRouter(lr_name) lr.add_virtual_machine_interface(vmi) self._vnc_lib.logical_router_create(lr) lr_target = self.check_lr_target(lr.get_fq_name()) #update global system config but dont change asn value for equality path gs = self._vnc_lib.global_system_config_read( fq_name=['default-global-system-config']) gs.set_autonomous_system(64512) self._vnc_lib.global_system_config_update(gs) # check route targets self.check_ri_target(self.get_ri_name(vn1_obj), ri_target) self.check_bgp_asn(router1.get_fq_name(), 64512) self.check_lr_target(lr.get_fq_name(), lr_target) #update ASN value gs = self._vnc_lib.global_system_config_read( fq_name=[u'default-global-system-config']) gs.set_autonomous_system(50000) self._vnc_lib.global_system_config_update(gs) # check new route targets self.check_ri_target(self.get_ri_name(vn1_obj), ri_target.replace('64512', '50000')) self.check_bgp_asn(router1.get_fq_name(), 50000) self.check_lr_target(lr.get_fq_name(), lr_target.replace('64512', '50000')) self._vnc_lib.logical_router_delete(id=lr.uuid) self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid) self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid) self.check_ri_is_deleted(fq_name=vn1_obj.fq_name+[vn1_obj.name]) self._vnc_lib.bgp_router_delete(id=router1.uuid)
def test_port_security_and_allowed_address_pairs(self): project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project) self.api.virtual_network_create(vn) addr_pair = AllowedAddressPairs(allowed_address_pair=[ AllowedAddressPair(ip=SubnetType('1.1.1.0', 24), mac='02:ce:1b:d7:a6:e7') ]) msg = (r"^Allowed address pairs are not allowed when port security is " "disabled$") vmi = VirtualMachineInterface( 'vmi-%s' % self.id(), parent_obj=project, port_security_enabled=False, virtual_machine_interface_allowed_address_pairs=addr_pair) vmi.set_virtual_network(vn) with self.assertRaisesRegexp(BadRequest, msg): self.api.virtual_machine_interface_create(vmi) vmi = VirtualMachineInterface('vmi-%s' % self.id(), parent_obj=project, port_security_enabled=False) vmi.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi) # updating a port with allowed address pair should throw an exception # when port security enabled is set to false vmi.virtual_machine_interface_allowed_address_pairs = addr_pair with self.assertRaisesRegexp(BadRequest, msg): self.api.virtual_machine_interface_update(vmi)
def test_subnet_type_validation(self): test_suite = [ (SubnetType('0', 0), ('0.0.0.0', 0)), (SubnetType('1.1.1.1'), BadRequest), (SubnetType('1.1.1.1', 24), ('1.1.1.0', 24)), (SubnetType('1.1.1.1', '24'), ('1.1.1.0', 24)), (SubnetType('1.1.1.1', 32), ('1.1.1.1', 32)), (SubnetType('1.1.1.e', 32), BadRequest), (SubnetType('1.1.1.1', '32e'), BadRequest), (SubnetType('1.1.1.0,2.2.2.0', 24), BadRequest), (SubnetType(''), BadRequest), (SubnetType('', 30), BadRequest), (SubnetType('::', 0), ('::', 0)), (SubnetType('::'), BadRequest), (SubnetType('dead::beef', 128), ('dead::beef', 128)), (SubnetType('dead::beef', '128'), ('dead::beef', 128)), (SubnetType('dead::beef', 96), ('dead::', 96)), (SubnetType('dead::beez', 96), BadRequest), (SubnetType('dead::beef', '96e'), BadRequest), (SubnetType('dead::,beef::', 64), BadRequest), ] project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project) self.api.virtual_network_create(vn) vmi = VirtualMachineInterface('vmi-%s' % self.id(), parent_obj=project) vmi.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi) for subnet, expected_result in test_suite: aaps = AllowedAddressPairs( allowed_address_pair=[AllowedAddressPair(ip=subnet)]) vmi.set_virtual_machine_interface_allowed_address_pairs(aaps) if (type(expected_result) == type and issubclass(expected_result, Exception)): self.assertRaises( expected_result, self.api.virtual_machine_interface_update, vmi) else: self.api.virtual_machine_interface_update(vmi) vmi = self.api.virtual_machine_interface_read(id=vmi.uuid) returned_apps = vmi.\ get_virtual_machine_interface_allowed_address_pairs().\ get_allowed_address_pair() self.assertEqual(len(returned_apps), 1) returned_subnet = returned_apps[0].get_ip() self.assertEqual(returned_subnet.ip_prefix, expected_result[0]) self.assertEqual(returned_subnet.ip_prefix_len, expected_result[1])
def create_virtual_machine(self, name, vn, ipaddress): vm_instance = VirtualMachine(name) self._vnc_lib.virtual_machine_create(vm_instance) fq_name = [name, '0'] vmi = VirtualMachineInterface(parent_type='virtual-machine', fq_name=fq_name) vmi.set_virtual_network(vn) self._vnc_lib.virtual_machine_interface_create(vmi) ip = InstanceIp(vm_instance.name + '.0') ip.set_virtual_machine_interface(vmi) ip.set_virtual_network(vn) ip.set_instance_ip_address(ipaddress) self._vnc_lib.instance_ip_create(ip) return vm_instance
def test_bgpaas_shared(self): vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, ['10.0.0.0/24', '1000::/16']) project_name = ['default-domain', 'default-project'] project_obj = self._vnc_lib.project_read(fq_name=project_name) port_name1 = self.id() + 'p1' port_obj1 = VirtualMachineInterface(port_name1, parent_obj=project_obj) port_obj1.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(port_obj1) port_name2 = self.id() + 'p2' port_obj2 = VirtualMachineInterface(port_name2, parent_obj=project_obj) port_obj2.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(port_obj2) # Create a shared BGPaaS server. It means BGP Router object # does not get created for VMI on the network. bgpaas_name = self.id() + 'bgp1' bgpaas = BgpAsAService(bgpaas_name, parent_obj=project_obj, autonomous_system=64512, bgpaas_shared=True, bgpaas_ip_address = '1.1.1.1') bgpaas.add_virtual_machine_interface(port_obj1) self._vnc_lib.bgp_as_a_service_create(bgpaas) self.wait_to_get_object(config_db.BgpAsAServiceST, bgpaas.get_fq_name_str()) router1_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + bgpaas_name router2_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + 'bgpaas-server' # Check for two BGP routers - one with the BGPaaS name and not with Port name self.wait_to_get_object(config_db.BgpRouterST, router1_name) self.wait_to_get_object(config_db.BgpRouterST, router2_name) # check whether shared IP address is assigned to the BGP rotuer self.check_bgp_router_ip(router1_name, '1.1.1.1') # Add a new VMI to the BGPaaS. This should not create a new BGP router bgpaas = self._vnc_lib.bgp_as_a_service_read(fq_name_str=bgpaas.get_fq_name_str()) bgpaas.add_virtual_machine_interface(port_obj2) self._vnc_lib.bgp_as_a_service_update(bgpaas) # Check for the absence of BGP router along with the new VMI. router3_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + port_name2 try: bgp_router = self._vnc_lib.bgp_router_read(fq_name_str=router3_name) except NoIdError: print 'Second BGP Router not created for second port - PASS' else: assert(True) bgpaas.del_virtual_machine_interface(port_obj1) bgpaas.del_virtual_machine_interface(port_obj2) self._vnc_lib.bgp_as_a_service_update(bgpaas) self._vnc_lib.bgp_as_a_service_delete(id=bgpaas.uuid) self._vnc_lib.virtual_machine_interface_delete(id=port_obj1.uuid) self._vnc_lib.virtual_machine_interface_delete(id=port_obj2.uuid) self._vnc_lib.virtual_network_delete(fq_name=vn1_obj.get_fq_name()) self.check_ri_is_deleted(vn1_obj.fq_name+[vn1_obj.name])
def test_tagged_vmi_to_vpg_ref_create_during_vmi_update(self): # Create vmi without bindings vmi_obj = VirtualMachineInterface('vmi' + self.id(), parent_obj=self.proj_obj) vmi_obj.set_virtual_network(self.vn) vmi_uuid = self.api.virtual_machine_interface_create(vmi_obj) # Validate db_vmi_obj = self.api.virtual_machine_interface_read(id=vmi_uuid) vpg_refs = db_vmi_obj.get_virtual_port_group_refs() self.assertIsNone(vpg_refs) # update VMI with bindings bindings = self.create_vmi_bindings(self.pi_fq_name, self.fabric_name, self.vpg_name) vmi_obj.set_virtual_machine_interface_bindings(bindings) vmi_obj.set_virtual_machine_interface_properties( VMIPT(sub_interface_vlan_tag='4094')) self.api.virtual_machine_interface_update(vmi_obj) # Validate db_vmi_obj = self.api.virtual_machine_interface_read(id=vmi_uuid) vpg_refs = db_vmi_obj.get_virtual_port_group_refs() self.assertEqual(len(vpg_refs), 1) self.assertIsNone(vpg_refs[0]['attr'].native_vlan_tag) self.assertEqual(vpg_refs[0]['attr'].vlan_tag, 4094) # Cleanup self.api.virtual_machine_interface_delete(id=vmi_uuid)
def _create_virtual_interface(self, project, lb_id, subnet_id, network_id, ip_address): iip_obj = InstanceIp(name=lb_id) if subnet_id and subnet_id != ATTR_NOT_SPECIFIED: network_id = utils.get_subnet_network_id(self._api, subnet_id) vnet = utils.get_vnet_obj(self._api, network_id) iip_obj.set_subnet_uuid(subnet_id) elif network_id and network_id != ATTR_NOT_SPECIFIED: vnet = utils.get_vnet_obj(self._api, network_id) else: msg = 'vip-network-id or vip-subnet-id should be specified' raise BadRequest(resource='loadbalancer', msg=msg) vmi = VirtualMachineInterface(lb_id, project) vmi.set_virtual_network(vnet) vmi.set_virtual_machine_interface_device_owner( DEVICE_OWNER_LOADBALANCER) sg_obj = SecurityGroup("default", project) vmi.add_security_group(sg_obj) self._api.virtual_machine_interface_create(vmi) iip_obj.set_virtual_network(vnet) iip_obj.set_virtual_machine_interface(vmi) if ip_address and ip_address != ATTR_NOT_SPECIFIED: iip_obj.set_instance_ip_address(ip_address) self._api.instance_ip_create(iip_obj) iip = self._api.instance_ip_read(id=iip_obj.uuid) vip_address = iip.get_instance_ip_address() vip_subnet_id = iip.get_subnet_uuid() return vmi, vip_address, vip_subnet_id
def _create_virtual_interface(self, project, lb_id, subnet_id, ip_address): network_id = utils.get_subnet_network_id(self._api, subnet_id) try: vnet = self._api.virtual_network_read(id=network_id) except NoIdError: raise n_exc.NetworkNotFound(net_id=network_id) vmi = VirtualMachineInterface(lb_id, project) vmi.set_virtual_network(vnet) vmi.set_virtual_machine_interface_device_owner(n_constants.DEVICE_OWNER_LOADBALANCER) sg_obj = SecurityGroup("default", project) vmi.add_security_group(sg_obj) self._api.virtual_machine_interface_create(vmi) iip_obj = InstanceIp(name=lb_id) iip_obj.set_virtual_network(vnet) iip_obj.set_virtual_machine_interface(vmi) if ip_address and ip_address != attributes.ATTR_NOT_SPECIFIED: iip_obj.set_instance_ip_address(ip_address) self._api.instance_ip_create(iip_obj) iip = self._api.instance_ip_read(id=iip_obj.uuid) vip_address = iip.get_instance_ip_address() return vmi, vip_address
def _create_vmi(self, name, vn_obj, sg_group_obj=None): fq_name = ['default-domain', 'default-project', name] vmi = VirtualMachineInterface(fq_name=fq_name, parent_type='project') vmi.set_display_name(name) vmi.name = name vmi.set_virtual_network(vn_obj) if sg_group_obj: vmi.set_security_group(sg_group_obj) uuid = self._vnc_lib.virtual_machine_interface_create(vmi) vmi_obj_rd = self._vnc_lib.virtual_machine_interface_read(id=uuid) return vmi, vmi_obj_rd
def test_logical_router(self): # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24') # create virtual machine interface vmi_name = self.id() + 'vmi1' vmi = VirtualMachineInterface( vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(vmi) # create logical router lr_name = self.id() + 'lr1' lr = LogicalRouter(lr_name) rtgt_list = RouteTargetList(route_target=['target:1:1']) lr.set_configured_route_target_list(rtgt_list) lr.add_virtual_machine_interface(vmi) self._vnc_lib.logical_router_create(lr) ri_name = self.get_ri_name(vn1_obj) self.check_route_target_in_routing_instance( ri_name, rtgt_list.get_route_target()) rtgt_list.add_route_target('target:1:2') lr.set_configured_route_target_list(rtgt_list) self._vnc_lib.logical_router_update(lr) self.check_route_target_in_routing_instance( ri_name, rtgt_list.get_route_target()) rtgt_list.delete_route_target('target:1:1') lr.set_configured_route_target_list(rtgt_list) self._vnc_lib.logical_router_update(lr) self.check_route_target_in_routing_instance( ri_name, rtgt_list.get_route_target()) lr.del_virtual_machine_interface(vmi) self._vnc_lib.logical_router_update(lr) self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid) self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid) self.check_vn_is_deleted(uuid=vn1_obj.uuid) self._vnc_lib.logical_router_delete(id=lr.uuid) self.check_lr_is_deleted(uuid=lr.uuid) self.check_rt_is_deleted(name='target:64512:8000002')
def _create_virtual_interface(self, project, vip_id, subnet_id, ip_address): network_id = utils.get_subnet_network_id(self._api, subnet_id) try: vnet = self._api.virtual_network_read(id=network_id) except NoIdError: raise n_exc.NetworkNotFound(net_id=network_id) vmi = VirtualMachineInterface(vip_id, project) vmi.set_virtual_network(vnet) try: vmi.set_virtual_machine_interface_device_owner(n_constants.DEVICE_OWNER_LOADBALANCER) except AttributeError: # DEVICE_OWNER_LOADBALANCER is only supported from JUNO onwards pass sg_obj = SecurityGroup("default", project) vmi.add_security_group(sg_obj) self._api.virtual_machine_interface_create(vmi) iip_obj = InstanceIp(name=vip_id) iip_obj.set_virtual_network(vnet) iip_obj.set_virtual_machine_interface(vmi) if ip_address and ip_address != attributes.ATTR_NOT_SPECIFIED: iip_obj.set_instance_ip_address(ip_address) self._api.instance_ip_create(iip_obj) iip = self._api.instance_ip_read(id=iip_obj.uuid) vip_address = iip.get_instance_ip_address() return vmi, vip_address
def test_port_security_and_allowed_address_pairs(self): project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('vn-%s' % self.id(), parent_obj=project) self._vnc_lib.virtual_network_create(vn) addr_pair = AllowedAddressPairs( allowed_address_pair=[ AllowedAddressPair(ip=SubnetType('1.1.1.0', 24), mac='02:ce:1b:d7:a6:e7')]) msg = (r"^Allowed address pairs are not allowed when port security is " "disabled$") vmi = VirtualMachineInterface( 'vmi-%s' % self.id(), parent_obj=project, port_security_enabled=False, virtual_machine_interface_allowed_address_pairs=addr_pair) vmi.set_virtual_network(vn) with self.assertRaisesRegexp(BadRequest, msg): self._vnc_lib.virtual_machine_interface_create(vmi) vmi = VirtualMachineInterface('vmi-%s' % self.id(), parent_obj=project, port_security_enabled=False) vmi.set_virtual_network(vn) self._vnc_lib.virtual_machine_interface_create(vmi) # updating a port with allowed address pair should throw an exception # when port security enabled is set to false vmi.virtual_machine_interface_allowed_address_pairs = addr_pair with self.assertRaisesRegexp(BadRequest, msg): self._vnc_lib.virtual_machine_interface_update(vmi)
def test_context_undo_fail_db_update(self): project = Project(name='p-{}'.format(self.id())) self.api.project_create(project) vn_og = VirtualNetwork(name='og-vn-{}'.format(self.id()), parent_obj=project) self.api.virtual_network_create(vn_og) vmi_obj = VirtualMachineInterface('vmi-{}'.format(self.id()), parent_obj=project) vmi_obj.set_virtual_network(vn_og) self.api.virtual_machine_interface_create(vmi_obj) vmi_obj = self.api.virtual_machine_interface_read(id=vmi_obj.uuid) # change virtual network for VMI vn_next = VirtualNetwork(name='next-vn-{}'.format(self.id()), parent_obj=project) vn_next.uuid = self.api.virtual_network_create(vn_next) vmi_obj.set_virtual_network(vn_next) def stub(*args, **kwargs): return False, (500, "Fake error") with ExpectedException(HttpError): with test_common.flexmocks([(self._api_server._db_conn, 'dbe_update', stub)]): self.api.virtual_machine_interface_update(vmi_obj) vmi_obj = self.api.virtual_machine_interface_read(id=vmi_obj.uuid) vn_ref_fq_names = [n['to'] for n in vmi_obj.get_virtual_network_refs()] self.assertEqual(len(vn_ref_fq_names), 1) self.assertEqual(vn_ref_fq_names[0], vn_og.get_fq_name())
def test_rbac_on_back_ref(self): admin_iip_count = 10 iip_uuids = set() user_api = self._get_api_client( 'user-%s' % self.id(), 'password', 'project-%s' % self.id(), 'member') user_project = self.admin_api.project_read(id=user_api.project_id) user_vn = VirtualNetwork( 'user-vn-%s' % self.id(), parent_obj=user_project) user_ni = NetworkIpam('ni-%s' % self.id(), parent_obj=user_project) user_api.network_ipam_create(user_ni) user_vn.add_network_ipam( user_ni, VnSubnetsType( [IpamSubnetType(SubnetType('1.1.1.0', 28))])) user_api.virtual_network_create(user_vn) user_vmi_view = VirtualMachineInterface( 'user-vmi-%s' % self.id(), parent_obj=user_project) user_vmi_view.add_virtual_network(user_vn) user_api.virtual_machine_interface_create(user_vmi_view) user_iip = InstanceIp('user-iip-%s' % self.id()) user_iip.add_virtual_network(user_vn) user_iip.add_virtual_machine_interface(user_vmi_view) user_api.instance_ip_create(user_iip) iip_uuids.add(user_iip.uuid) for i in range(admin_iip_count): admin_iip = InstanceIp('admin-iip-%d-%s' % (i, self.id())) admin_iip.add_virtual_network(user_vn) admin_iip.add_virtual_machine_interface(user_vmi_view) self.admin_api.instance_ip_create(admin_iip) iip_uuids.add(admin_iip.uuid) user_iips = user_vmi_view.get_instance_ip_back_refs() self.assertEqual(len(user_iips), 1) self.assertEqual(user_iips[0]['uuid'], user_iip.uuid) admin_vmi_view = self.admin_api.virtual_machine_interface_read( id=user_vmi_view.uuid) admin_iips = admin_vmi_view.get_instance_ip_back_refs() self.assertEqual(len(admin_iips), admin_iip_count + 1) self.assertEqual({iip['uuid'] for iip in admin_iips}, iip_uuids)
def create_virtual_machine(self, name, vn, ipaddress): vm = VirtualMachine(name) self._vnc_lib.virtual_machine_create(vm) VirtualMachineKM.locate(vm.uuid) vmi = VirtualMachineInterface( parent_type='virtual-machine', fq_name=[name, '0']) vmi.set_virtual_machine(vm) vmi.set_virtual_network(vn) self._vnc_lib.virtual_machine_interface_create(vmi) VirtualMachineInterfaceKM.locate(vmi.uuid) ip = InstanceIp(vm.name + '.0') ip.set_virtual_machine_interface(vmi) ip.set_virtual_network(vn) ip.set_instance_ip_address(ipaddress) self._vnc_lib.instance_ip_create(ip) InstanceIpKM.locate(ip.uuid) return vm, vmi, ip
def _create_vmi(self, pod_name, pod_namespace, pod_id, vm_obj, vn_obj, parent_vmi, idx, network=None): proj_fq_name = vnc_kube_config.cluster_project_fq_name(pod_namespace) proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name) if network and 'namespace' in network: network.pop('namespace') vmi_prop = None if self._is_pod_nested() and parent_vmi: # Pod is nested. # Allocate a vlan-id for this pod from the vlan space managed # in the VMI of the underlay VM. parent_vmi = VirtualMachineInterfaceKM.get(parent_vmi.uuid) vlan_id = parent_vmi.alloc_vlan() vmi_prop = VirtualMachineInterfacePropertiesType( sub_interface_vlan_tag=vlan_id) obj_uuid = str(uuid.uuid1()) name = VncCommon.make_name(pod_name, obj_uuid) vmi_obj = VirtualMachineInterface( name=name, parent_obj=proj_obj, virtual_machine_interface_properties=vmi_prop, display_name=name) vmi_obj.uuid = obj_uuid vmi_obj.set_virtual_network(vn_obj) vmi_obj.set_virtual_machine(vm_obj) self._associate_security_groups(vmi_obj, proj_obj, pod_namespace) vmi_obj.port_security_enabled = True VirtualMachineInterfaceKM.add_annotations(self, vmi_obj, pod_namespace, pod_name, index=idx, **network) try: vmi_uuid = self._vnc_lib.virtual_machine_interface_create(vmi_obj) except RefsExistError: vmi_uuid = self._vnc_lib.virtual_machine_interface_update(vmi_obj) VirtualMachineInterfaceKM.locate(vmi_uuid) return vmi_uuid
def _create_virtual_interface(self, project, vip_id, subnet_id, ip_address): network_id = utils.get_subnet_network_id(self._api, subnet_id) try: vnet = self._api.virtual_network_read(id=network_id) except NoIdError: raise n_exc.NetworkNotFound(net_id=network_id) vmi = VirtualMachineInterface(vip_id, project) vmi.set_virtual_network(vnet) sg_obj = SecurityGroup("default", project) vmi.add_security_group(sg_obj) self._api.virtual_machine_interface_create(vmi) fq_name = list(project.get_fq_name()) fq_name.append(vip_id) iip_obj = InstanceIp(fq_name=fq_name) iip_obj.set_virtual_network(vnet) iip_obj.set_virtual_machine_interface(vmi) if ip_address and ip_address != attributes.ATTR_NOT_SPECIFIED: iip_obj.set_instance_ip_address(ip_address) self._api.instance_ip_create(fq_name) return vmi
def test_context_undo_vpg_fail_db_update(self): proj_obj, fabric_obj, pr_obj, pi_obj, vn_obj = \ self._create_vpg_prerequisites() mock_zk = self._api_server._db_conn._zk_db zk_alloc_count_before = mock_zk._vpg_id_allocator.get_alloc_count() # Create vmi obj vmi_name = '%s-1' % self.id() vmi_obj = VirtualMachineInterface(vmi_name, parent_obj=proj_obj) vmi_obj.set_virtual_network(vn_obj) self.api.virtual_machine_interface_create(vmi_obj) vmi_obj = self.api.virtual_machine_interface_read(id=vmi_obj.uuid) # Create KV_Pairs for this VMI pi_fq_name = pi_obj.get_fq_name() fabric_name = fabric_obj.get_fq_name() kv_pairs = self._create_kv_pairs(fabric_name, pi_fq_name) vmi_obj.set_virtual_machine_interface_bindings(kv_pairs) def stub(*args, **kwargs): return False, (500, "Fake error") with ExpectedException(HttpError): with test_common.flexmocks([(self._api_server._db_conn, 'dbe_update', stub)]): self.api.virtual_machine_interface_update(vmi_obj) zk_alloc_count_after = mock_zk._vpg_id_allocator.get_alloc_count() self.assertEqual(zk_alloc_count_before, zk_alloc_count_after)
def test_logical_router(self): # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24') # create virtual machine interface vmi_name = self.id() + 'vmi1' vmi = VirtualMachineInterface(vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(vmi) # create logical router lr_name = self.id() + 'lr1' lr = LogicalRouter(lr_name) rtgt_list = RouteTargetList(route_target=['target:1:1']) lr.set_configured_route_target_list(rtgt_list) lr.add_virtual_machine_interface(vmi) self._vnc_lib.logical_router_create(lr) ri_name = self.get_ri_name(vn1_obj) self.check_route_target_in_routing_instance(ri_name,rtgt_list.get_route_target()) rtgt_list.add_route_target('target:1:2') lr.set_configured_route_target_list(rtgt_list) self._vnc_lib.logical_router_update(lr) self.check_route_target_in_routing_instance(ri_name, rtgt_list.get_route_target()) rtgt_list.delete_route_target('target:1:1') lr.set_configured_route_target_list(rtgt_list) self._vnc_lib.logical_router_update(lr) self.check_route_target_in_routing_instance(ri_name, rtgt_list.get_route_target()) lr.del_virtual_machine_interface(vmi) self._vnc_lib.logical_router_update(lr) self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid) self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid) self.check_vn_is_deleted(uuid=vn1_obj.uuid) self._vnc_lib.logical_router_delete(id=lr.uuid) self.check_lr_is_deleted(uuid=lr.uuid) self.check_rt_is_deleted(name='target:64512:8000002')
def test_update_in_use_vn_to_provider_vn_without_segmentation(self): project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=project) self.api.virtual_network_create(vn) vmi = VirtualMachineInterface('%s-vmi' % self.id(), parent_obj=project) vmi.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi) vn = self.api.virtual_network_read(id=vn.uuid) vn.set_provider_properties( ProviderDetails(params_dict={"physical_network": "physnet1"})) with ExpectedException(RefsExistError): self.api.virtual_network_update(vn) updated_provider_properties = (self.api.virtual_network_read( id=vn.uuid).get_provider_properties()) self.assertEqual(None, updated_provider_properties)
def test_vmi_to_vpg_ref_create_during_dbe_resync(self): # Create vmi with bindings vmi_obj = VirtualMachineInterface('vmi' + self.id(), parent_obj=self.proj_obj) vmi_obj.set_virtual_network(self.vn) bindings = self.create_vmi_bindings(self.pi_fq_name, self.fabric_name, self.vpg_name, tor_port_vlan_id='4094') vmi_obj.set_virtual_machine_interface_bindings(bindings) vmi_uuid = self.api.virtual_machine_interface_create(vmi_obj) # Validate vmi_obj = self.api.virtual_machine_interface_read(id=vmi_uuid) vpg_refs = vmi_obj.get_virtual_port_group_refs() self.assertEqual(len(vpg_refs), 1) self.assertEqual(vpg_refs[0]['attr'].native_vlan_tag, '4094') self.assertIsNone(vpg_refs[0]['attr'].vlan_tag) # Remove VMI to VPG ref, to mock upgrade case self.api.ref_update("virtual-machine-interface", vmi_uuid, "virtual-port-group", self.vpg_uuid, None, "DELETE", None) # Validate, make sure rhe vmi--->vpg ref is removed vmi_obj = self.api.virtual_machine_interface_read(id=vmi_uuid) vpg_refs = vmi_obj.get_virtual_port_group_refs() self.assertIsNone(vpg_refs) self._api_server._db_conn._db_resync_done.clear() # Simulate api-server restart by DB reinit self._api_server._db_init_entries() self._api_server._db_conn.wait_for_resync_done() # Validate, Make sure vmi--->vpg ref is created vmi_obj = self.api.virtual_machine_interface_read(id=vmi_uuid) vpg_refs = vmi_obj.get_virtual_port_group_refs() self.assertEqual(len(vpg_refs), 1) self.assertEqual(vpg_refs[0]['attr'].native_vlan_tag, '4094') self.assertIsNone(vpg_refs[0]['attr'].vlan_tag) # Cleanup self.api.virtual_machine_interface_delete(id=vmi_uuid)
def add_vhost0_vmi(self): vrouter_exists = True try: vrouter_obj = self._vnc_lib.virtual_router_read( fq_name=self.vrouter_fq_name) except NoIdError: vrouter_exists = False if not vrouter_exists: print("No vrouter object found cannot add vhost0 vmi !") return try: vhost0_vmi_fq_name = self.vrouter_fq_name vhost0_vmi_fq_name.append('vhost0') vhost0_vmi = self._vnc_lib.virtual_machine_interface_read( fq_name=vhost0_vmi_fq_name) vhost0_vmi_exists = True except NoIdError: vhost0_vmi_exists = False vhost0_vmi = VirtualMachineInterface(name="vhost0", parent_obj=vrouter_obj) ip_fab_vn = self._vnc_lib.virtual_network_read( fq_name=[u'default-domain', u'default-project', u'ip-fabric']) vhost0_vmi.set_virtual_network(ip_fab_vn) # Enable/Disable policy on the vhost0 vmi if self._args.enable_vhost_vmi_policy: vhost0_vmi.set_virtual_machine_interface_disable_policy(False) else: vhost0_vmi.set_virtual_machine_interface_disable_policy(True) if vhost0_vmi_exists: self._vnc_lib.virtual_machine_interface_update(vhost0_vmi) else: try: self._vnc_lib.virtual_machine_interface_create(vhost0_vmi) except RefsExistError: print("vhost0 vmi already created!")
def create_virtual_machine(self, name, vn, ipaddress): vm = VirtualMachine(name) self._vnc_lib.virtual_machine_create(vm) VirtualMachineKM.locate(vm.uuid) vmi = VirtualMachineInterface( parent_type='virtual-machine', fq_name=[name, '0']) vmi.set_virtual_machine(vm) vmi.set_virtual_network(vn) if DBBaseKM.is_nested(): vmi.set_virtual_machine_interface_bindings( KeyValuePairs([KeyValuePair('host_id', 'WHATEVER')])) self._vnc_lib.virtual_machine_interface_create(vmi) VirtualMachineInterfaceKM.locate(vmi.uuid) ip = InstanceIp(vm.name + '.0') ip.set_virtual_machine_interface(vmi) ip.set_virtual_network(vn) ip.set_instance_ip_address(ipaddress) self._vnc_lib.instance_ip_create(ip) InstanceIpKM.locate(ip.uuid) return vm, vmi, ip
def _create_vmi(self, pod_name, pod_namespace, pod_id, vm_obj, vn_obj, parent_vmi, idx, nw_name=''): proj_fq_name = vnc_kube_config.cluster_project_fq_name(pod_namespace) proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name) vmi_prop = None if self._is_pod_nested() and parent_vmi: # Pod is nested. # Allocate a vlan-id for this pod from the vlan space managed # in the VMI of the underlay VM. parent_vmi = VirtualMachineInterfaceKM.get(parent_vmi.uuid) vlan_id = parent_vmi.alloc_vlan() vmi_prop = VirtualMachineInterfacePropertiesType( sub_interface_vlan_tag=vlan_id) obj_uuid = str(uuid.uuid1()) name = VncCommon.make_name(pod_name, obj_uuid) vmi_obj = VirtualMachineInterface( name=name, parent_obj=proj_obj, virtual_machine_interface_properties=vmi_prop, display_name=name) vmi_obj.uuid = obj_uuid vmi_obj.set_virtual_network(vn_obj) vmi_obj.set_virtual_machine(vm_obj) self._associate_security_groups(vmi_obj, proj_obj, pod_namespace) vmi_obj.port_security_enabled = True VirtualMachineInterfaceKM.add_annotations(self, vmi_obj, pod_namespace, pod_name, index=idx, network=nw_name) try: vmi_uuid = self._vnc_lib.virtual_machine_interface_create(vmi_obj) except RefsExistError: vmi_uuid = self._vnc_lib.virtual_machine_interface_update(vmi_obj) VirtualMachineInterfaceKM.locate(vmi_uuid) return vmi_uuid
def test_list_firewall_group(self): vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project) self._vnc_lib.virtual_network_create(vn) neutron_fgs = [] fp_ids = [] vmi_ids = [] for i in range(2): fp = FirewallPolicy('%s-fp%d' % (self.id(), i), parent_obj=self.project) fp_ids.append(self._vnc_lib.firewall_policy_create(fp)) vmi = VirtualMachineInterface( '%s-vmi%d' % (self.id(), i), parent_obj=self.project) vmi.add_virtual_network(vn) vmi_ids.append(self._vnc_lib.virtual_machine_interface_create(vmi)) neutron_fgs.append( self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'name': '%s-fg%d' % (self.id(), i), 'ingress_firewall_policy_id': fp.uuid, 'ports': [vmi.uuid], }, ), ) list_result = self.list_resource( 'firewall_group', self.project_id, req_filters={ 'ingress_firewall_policy_id': fp_ids, }, ) self.assertEquals(len(list_result), len(neutron_fgs)) self.assertEquals({r['id'] for r in list_result}, {r['id'] for r in neutron_fgs}) list_result = self.list_resource( 'firewall_group', self.project_id, req_filters={ 'egress_firewall_policy_id': fp_ids, }, ) self.assertEquals(len(list_result), len(neutron_fgs)) self.assertEquals({r['id'] for r in list_result}, {r['id'] for r in neutron_fgs}) list_result = self.list_resource( 'firewall_group', self.project_id, req_filters={ 'ports': vmi_ids, }, ) self.assertEquals(len(list_result), len(neutron_fgs)) self.assertEquals({r['id'] for r in list_result}, {r['id'] for r in neutron_fgs}) list_result = self.list_resource( 'firewall_group', self.project_id, req_filters={ 'ingress_firewall_policy_id': [fp_ids[0]], }, ) self.assertEquals(len(list_result), 1) self.assertEquals(list_result[0], neutron_fgs[0]) list_result = self.list_resource( 'firewall_group', self.project_id, req_filters={ 'egress_firewall_policy_id': [fp_ids[1]], }, ) self.assertEquals(len(list_result), 1) self.assertEquals(list_result[0], neutron_fgs[1]) list_result = self.list_resource( 'firewall_group', self.project_id, req_filters={ 'ports': [vmi_ids[0]], }, ) self.assertEquals(len(list_result), 1) self.assertEquals(list_result[0], neutron_fgs[0])
def test_multiple_firewall_group_port_association(self): vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=self.project) self._vnc_lib.virtual_network_create(vn) vmi = VirtualMachineInterface('%s-vmi' % self.id(), parent_obj=self.project) vmi.add_virtual_network(vn) vmi_id = self._vnc_lib.virtual_machine_interface_create(vmi) neutron_fg1 = self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'name': '%s-fg1' % self.id(), 'ports': [vmi_id], }, ) neutron_fg2 = self.create_resource( 'firewall_group', self.project_id, extra_res_fields={ 'name': '%s-fg2' % self.id(), }, ) tag1_fq_name = self._get_tag_fq_name(neutron_fg1, self.project) tag2_fq_name = self._get_tag_fq_name(neutron_fg2, self.project) self.assertEquals(set(neutron_fg1['ports']), set([vmi_id])) vmi = self._vnc_lib.virtual_machine_interface_read(id=vmi_id) tag_refs = [r['to'] for r in vmi.get_tag_refs() or []] self.assertEquals(len(tag_refs), 1) self.assertEquals(tag1_fq_name, tag_refs[0]) neutron_fg2 = self.update_resource( 'firewall_group', neutron_fg2['id'], self.project_id, extra_res_fields={ 'ports': [vmi_id], }, ) neutron_fg1 = self.read_resource('firewall_group', neutron_fg1['id']) self.assertEquals(set(neutron_fg1['ports']), set([vmi_id])) self.assertEquals(set(neutron_fg2['ports']), set([vmi_id])) vmi = self._vnc_lib.virtual_machine_interface_read(id=vmi_id) tag_refs = [r['to'] for r in vmi.get_tag_refs() or []] self.assertEquals(len(tag_refs), 2) self.assertIn(tag1_fq_name, tag_refs) self.assertIn(tag2_fq_name, tag_refs) neutron_fg1 = self.update_resource( 'firewall_group', neutron_fg1['id'], self.project_id, extra_res_fields={ 'ports': [], }, ) neutron_fg2 = self.read_resource('firewall_group', neutron_fg2['id']) self.assertFalse(neutron_fg1['ports']) self.assertEquals(set(neutron_fg2['ports']), set([vmi_id])) vmi = self._vnc_lib.virtual_machine_interface_read(id=vmi_id) tag_refs = [r['to'] for r in vmi.get_tag_refs() or []] self.assertEquals(len(tag_refs), 1) self.assertEquals(tag2_fq_name, tag_refs[0])
def test_cannot_update_sub_interface_vlan_tag(self): project = Project('%s-project' % self.id()) self.api.project_create(project) vn = VirtualNetwork('%s-vn' % self.id(), parent_obj=project) self.api.virtual_network_create(vn) vmi = VirtualMachineInterface('%s-vmi' % self.id(), parent_obj=project) vmi.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi) vmi42 = VirtualMachineInterface('%s-vmi42' % self.id(), parent_obj=project) vmi42.set_virtual_machine_interface_properties( VMIPT(sub_interface_vlan_tag=42)) vmi42.set_virtual_network(vn) self.api.virtual_machine_interface_create(vmi42) # if we don't touch VMI props, we can update the VMI with or without # VLAN ID vmi.set_display_name('new vmi name') self.api.virtual_machine_interface_update(vmi) vmi42.set_display_name('new vmi42 name') self.api.virtual_machine_interface_update(vmi42) # if we change VMI props without specifying anything, we can update the # VMI if VLAN ID is not set or 0 vmi.set_virtual_machine_interface_properties(None) self.api.virtual_machine_interface_update(vmi) vmi.set_virtual_machine_interface_properties( VMIPT(sub_interface_vlan_tag=None)) self.api.virtual_machine_interface_update(vmi) # if we change VMI props without specifying anything, we cannot update # the VMI if VLAN ID is not 0 vmi42.set_virtual_machine_interface_properties(None) self.assertRaises(BadRequest, self.api.virtual_machine_interface_update, vmi42) vmi42.set_virtual_machine_interface_properties( VMIPT(sub_interface_vlan_tag=None)) self.assertRaises(BadRequest, self.api.virtual_machine_interface_update, vmi42) # if we update VMI VLAN ID to the same VLAN ID, no error raised vmi.set_virtual_machine_interface_properties( VMIPT(sub_interface_vlan_tag=0)) self.api.virtual_machine_interface_update(vmi) vmi42.set_virtual_machine_interface_properties( VMIPT(sub_interface_vlan_tag=42)) self.api.virtual_machine_interface_update(vmi42)
def test_public_snat_routes(self): #create private vn vn_private_name = self.id() + 'vn1' vn_private = self.create_virtual_network(vn_private_name, "1.0.0.0/24") # create virtual machine interface vmi_name = self.id() + 'vmi1' vmi = VirtualMachineInterface(vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn_private) self._vnc_lib.virtual_machine_interface_create(vmi) #create public vn vn_public_name = 'vn-public' vn_public = VirtualNetwork(vn_public_name) vn_public.set_router_external(True) ipam_obj = NetworkIpam('ipam') self._vnc_lib.network_ipam_create(ipam_obj) vn_public.add_network_ipam(ipam_obj, VnSubnetsType( [IpamSubnetType(SubnetType("192.168.7.0", 24))])) self._vnc_lib.virtual_network_create(vn_public) #create logical router, set route targets, #add private network and extend lr to public network lr_name = self.id() + 'lr1' lr = LogicalRouter(lr_name) rtgt_list = RouteTargetList(route_target=['target:1:1']) lr.set_configured_route_target_list(rtgt_list) lr.add_virtual_machine_interface(vmi) lr.add_virtual_network(vn_public) self._vnc_lib.logical_router_create(lr) @retries(5) def _match_route_table(rtgt_list, ri_name): lri = self._vnc_lib.routing_instance_read( fq_name_str=ri_name) sr = lri.get_static_route_entries() if sr is None: raise Exception("sr is None") route = sr.route[0] self.assertEqual(route.prefix, "0.0.0.0/0") self.assertEqual(route.next_hop, "100.64.0.4") for rtgt in rtgt_list: self.assertIn(rtgt, route.route_target) @retries(5) def _wait_to_get_si(): si_list = self._vnc_lib.service_instances_list() si = si_list.get("service-instances")[0] si = self._vnc_lib.service_instance_read(id=si.get("uuid")) return si @retries(5) def _wait_to_delete_si(): si_list = self._vnc_lib.service_instances_list() try: si = si_list.get("service-instances")[0] si = self._vnc_lib.service_instance_read(id=si.get("uuid")) raise except: pass @retries(5) def _wait_to_delete_ip(vn_fq_name): vn = self._vnc_lib.virtual_network_read(fq_name=vn_fq_name) ip_refs = vn.get_instance_ip_back_refs() if ip_refs: raise return # end si = _wait_to_get_si() si_props = si.get_service_instance_properties().get_interface_list()[1] ri_name = si_props.virtual_network + ":" + si_props.virtual_network.split(':')[-1] lr_rtgt = self._vnc_lib.logical_router_read(id=lr.uuid).route_target_refs[0]['to'][0] _match_route_table(['target:1:1', lr_rtgt], ri_name) rtgt_list = RouteTargetList(route_target=['target:2:2']) lr.set_configured_route_target_list(rtgt_list) self._vnc_lib.logical_router_update(lr) _match_route_table(['target:2:2', lr_rtgt], ri_name) lr.del_virtual_network(vn_public) self._vnc_lib.logical_router_update(lr) _wait_to_delete_si() #cleanup self._vnc_lib.logical_router_delete(fq_name=lr.get_fq_name()) self._vnc_lib.virtual_machine_interface_delete(fq_name=vmi.get_fq_name()) _wait_to_delete_ip(vn_private.get_fq_name()) self._vnc_lib.virtual_network_delete(fq_name=vn_private.get_fq_name()) _wait_to_delete_ip(vn_public.get_fq_name()) self._vnc_lib.virtual_network_delete(fq_name=vn_public.get_fq_name())
def test_vxlan_routing(self): proj_obj = self._vnc_lib.project_read( fq_name=['default-domain', 'default-project']) # create vn1 vn1_name = self.id() + '_vn1' vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24') # create virtual machine interface vmi_name = self.id() + '_vmi1' vmi = VirtualMachineInterface(vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(vmi) # Enable vxlan_routing in the project # and verify RT not attached to LR proj_obj.set_vxlan_routing(True) self._vnc_lib.project_update(proj_obj) ri_name = self.get_ri_name(vn1_obj) ri_obj = self._vnc_lib.routing_instance_read(fq_name=ri_name) vn_rt_refs = set([ref['to'][0] for ref in ri_obj.get_route_target_refs() or []]) # create logical router with RT lr_name = self.id() + '_lr1' lr = LogicalRouter(lr_name) rtgt_list = RouteTargetList(route_target=['target:1:1']) lr.set_configured_route_target_list(rtgt_list) lr.add_virtual_machine_interface(vmi) self._vnc_lib.logical_router_create(lr) lr = self._vnc_lib.logical_router_read(fq_name=lr.get_fq_name()) lr_target = self.check_lr_target(lr.get_fq_name()) ri_obj = self._vnc_lib.routing_instance_read(fq_name=ri_name) vn_rt_refs_with_lr = set([ref['to'][0] for ref in ri_obj.get_route_target_refs() or []]) # ensure no RT from LR is attached to VN self.assertTrue(vn_rt_refs_with_lr == vn_rt_refs, msg='RT attached to VN is different after LR creation') # configure a new route target after # LR is created rtgt_list.add_route_target('target:1:2') lr.set_configured_route_target_list(rtgt_list) self._vnc_lib.logical_router_update(lr) lr = self._vnc_lib.logical_router_read(fq_name=lr.get_fq_name()) lr_target = self.check_lr_target(lr.get_fq_name()) ri_obj = self._vnc_lib.routing_instance_read(fq_name=ri_name) vn_rt_refs_with_lr = set([ref['to'][0] for ref in ri_obj.get_route_target_refs() or []]) # ensure no RT from LR is attached to VN self.assertTrue(vn_rt_refs_with_lr == vn_rt_refs, msg='RT attached to VN is different after LR creation') # check no service instance generated self.check_no_si_in_lr(lr.get_fq_name()) # cleanup lr.del_virtual_machine_interface(vmi) self._vnc_lib.logical_router_update(lr) self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid) self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid) self.check_vn_is_deleted(uuid=vn1_obj.uuid) self._vnc_lib.logical_router_delete(id=lr.uuid) self.check_lr_is_deleted(uuid=lr.uuid)
def test_logical_router_delete(self): # configure vxlan routing proj_obj = self._vnc_lib.project_read( fq_name=['default-domain', 'default-project']) proj_obj.set_vxlan_routing(True) self._vnc_lib.project_update(proj_obj) # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, '10.0.0.0/24') # create virtual machine interface vmi_name = self.id() + 'vmi1' vmi = VirtualMachineInterface(vmi_name, parent_type='project', fq_name=['default-domain', 'default-project', vmi_name]) vmi.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(vmi) # create logical router lr_name = self.id() + 'lr1' lr = LogicalRouter(lr_name) rtgt_list = RouteTargetList(route_target=['target:1:1']) lr.set_configured_route_target_list(rtgt_list) lr.add_virtual_machine_interface(vmi) self._vnc_lib.logical_router_create(lr) lr = self._vnc_lib.logical_router_read(id=lr.uuid) lr_target = self.check_lr_target(lr.get_fq_name()) intvns = self.get_lr_internal_vn(lr.get_fq_name()) # Deletion lr.del_virtual_machine_interface(vmi) self._vnc_lib.logical_router_update(lr) self._vnc_lib.virtual_machine_interface_delete(id=vmi.uuid) self._vnc_lib.virtual_network_delete(id=vn1_obj.uuid) self.check_vn_is_deleted(uuid=vn1_obj.uuid) # internalVN should be restored when LR delete fails try: # override libs org_dbe_delete = self._server_info['api_server']._db_conn.dbe_delete def tmp_dbe_delete(obj_type, id, read_result): if obj_type == 'logical_router': return False, (400, 'Fake LR delete failure') else: return org_dbe_delete(obj_type, id, read_result) self._server_info['api_server']._db_conn.dbe_delete = tmp_dbe_delete try: self._vnc_lib.logical_router_delete(id=lr.uuid) except BadRequest as err: lr = self._vnc_lib.logical_router_read(id=lr.uuid) self.get_lr_internal_vn(lr.get_fq_name()) else: raise Exception('UT: Fake LR delete didnt create BadRequest exception') finally: self._server_info['api_server']._db_conn.dbe_delete = org_dbe_delete # internalVN should be removed when LR is deleted successfully self._vnc_lib.logical_router_delete(id=lr.uuid) self.check_lr_is_deleted(uuid=lr.uuid) self.assertRaises(NoIdError, self._vnc_lib.virtual_network_read, intvns[0]['uuid']) self.check_rt_is_deleted(name=lr_target)
def test_bgpaas(self): # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, ['10.0.0.0/24', '1000::/16']) project_name = ['default-domain', 'default-project'] project_obj = self._vnc_lib.project_read(fq_name=project_name) port_name = self.id() + 'p1' port_obj = VirtualMachineInterface(port_name, parent_obj=project_obj) port_obj.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(port_obj) v6_obj = InstanceIp(name=port_name+'-v6') v6_obj.set_virtual_machine_interface(port_obj) v6_obj.set_virtual_network(vn1_obj) v6_obj.set_instance_ip_family('v6') self._vnc_lib.instance_ip_create(v6_obj) v4_obj = InstanceIp(name=port_name+'-v4') v4_obj.set_virtual_machine_interface(port_obj) v4_obj.set_virtual_network(vn1_obj) v4_obj.set_instance_ip_family('v4') self._vnc_lib.instance_ip_create(v4_obj) bgpaas_name = self.id() + 'bgp1' bgpaas = BgpAsAService(bgpaas_name, parent_obj=project_obj, autonomous_system=64512) bgpaas.add_virtual_machine_interface(port_obj) self._vnc_lib.bgp_as_a_service_create(bgpaas) router1_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + port_name self.wait_to_get_object(config_db.BgpAsAServiceST, bgpaas.get_fq_name_str()) self.wait_to_get_object(config_db.BgpRouterST, router1_name) server_fq_name = ':'.join(self.get_ri_name(vn1_obj)) + ':bgpaas-server' self.wait_to_get_object(config_db.BgpRouterST, server_fq_name) server_router_obj = self._vnc_lib.bgp_router_read(fq_name_str=server_fq_name) router1_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + port_name mx_bgp_router = self.create_bgp_router("mx-bgp-router", "contrail") mx_bgp_router_name = mx_bgp_router.get_fq_name_str() self.wait_to_get_object(config_db.BgpRouterST, mx_bgp_router_name) mx_bgp_router = self._vnc_lib.bgp_router_read(fq_name_str=mx_bgp_router_name) self.check_bgp_no_peering(server_router_obj, mx_bgp_router) for i in range(5): router1_obj = self._vnc_lib.bgp_router_read(fq_name_str=router1_name) params = router1_obj.get_bgp_router_parameters() if not params: gevent.sleep(1) continue self.assertEqual(router1_obj.get_bgp_router_parameters().address, '10.0.0.252') self.assertEqual(router1_obj.get_bgp_router_parameters().identifier, '10.0.0.252') self.assertNotEqual(params, None) # verify ref from vmi to bgp-router is created port_obj_updated = self._vnc_lib.virtual_machine_interface_read(id=port_obj.uuid) self.assertEqual(port_obj_updated.bgp_router_refs[0]['to'], router1_obj.fq_name) # remove bgp-router ref from vmi self._vnc_lib.ref_update(obj_uuid=port_obj_updated.uuid, obj_type='virtual_machine_interface', ref_uuid=router1_obj.uuid, ref_fq_name=router1_obj.fq_name, ref_type='bgp-router', operation='DELETE') port_obj_updated = self._vnc_lib.virtual_machine_interface_read(id=port_obj.uuid) self.assertIsNone(port_obj_updated.get_bgp_router_refs()) # check bgp-router ref in vmi is restored during reinit config_db.VirtualMachineST._dict = {} config_db.BgpRouterST._dict = {} config_db.BgpAsAServiceST._dict = {} to_bgp.transformer.reinit() gevent.sleep(1) port_obj_updated = self._vnc_lib.virtual_machine_interface_read(id=port_obj.uuid) refs = port_obj_updated.get_bgp_router_refs() self.assertNotEqual(refs, None) self.assertEqual(refs[0]['to'], router1_obj.fq_name) # remove VMI from bgpaas and ensure bgpaas = self._vnc_lib.bgp_as_a_service_read(fq_name=bgpaas.fq_name) port_obj_updated = self._vnc_lib.virtual_machine_interface_read(id=port_obj.uuid) bgpaas.del_virtual_machine_interface(port_obj_updated) self._vnc_lib.bgp_as_a_service_update(bgpaas) gevent.sleep(1) bgpaas = self._vnc_lib.bgp_as_a_service_read(fq_name=bgpaas.fq_name) port_obj_updated = self._vnc_lib.virtual_machine_interface_read(id=port_obj.uuid) # ensure vmi is not attached to bpgaas self.assertEqual(bgpaas.get_virtual_machine_interface_refs(), None) # vmi loses vmi->bgp-router ref self.assertEqual(port_obj_updated.get_bgp_router_refs(), None) # ensure VMI has no bgpaas ref self.assertEqual(port_obj_updated.get_bgp_as_a_service_back_refs(), None) # add VMI back to bgpaas bgpaas = self._vnc_lib.bgp_as_a_service_read(fq_name=bgpaas.fq_name) port_obj_updated = self._vnc_lib.virtual_machine_interface_read(id=port_obj.uuid) bgpaas.add_virtual_machine_interface(port_obj_updated) self._vnc_lib.bgp_as_a_service_update(bgpaas) bgpaas = self._vnc_lib.bgp_as_a_service_read(fq_name=bgpaas.fq_name) port_obj_updated = self._vnc_lib.virtual_machine_interface_read(id=port_obj.uuid) # ensure vmi is attached to bgpaas self.assertNotEqual(bgpaas.get_virtual_machine_interface_refs(), None) # VMI has bgpaas ref self.assertNotEqual(port_obj_updated.get_bgp_as_a_service_back_refs(), None) # vmi got vmi->bgp-router ref for i in range(10): port_obj_updated = self._vnc_lib.virtual_machine_interface_read(id=port_obj.uuid) if not port_obj_updated.get_bgp_router_refs(): gevent.sleep(1) print 'retrying...' self.assertNotEqual(port_obj_updated.get_bgp_router_refs(), None, msg="vmi did not get ref to bgp-router") self.check_bgp_peering(server_router_obj, router1_obj, 1) self.check_v4_bgp_gateway(router1_name, '10.0.0.254') self.check_v6_bgp_gateway(router1_name, '1000:ffff:ffff:ffff:ffff:ffff:ffff:fffe') # Set suppress_route_advertisement; and expect the gateways # to be reset to None in bgpaas-client router bgpaas.set_bgpaas_suppress_route_advertisement(True) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_v4_bgp_gateway(router1_name, None) self.check_v6_bgp_gateway(router1_name, None) # Unset suppress_route_advertisement; and expect the gateways # to be set to gateway addresses in bgpaas-client router bgpaas.set_bgpaas_suppress_route_advertisement(False) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_v4_bgp_gateway(router1_name, '10.0.0.254') self.check_v6_bgp_gateway(router1_name, '1000:ffff:ffff:ffff:ffff:ffff:ffff:fffe') # Set bgpaas_ipv4_mapped_ipv6_nexthop and expect the # ipv4-mapped ipv6 address is set as gateway bgpaas.set_bgpaas_ipv4_mapped_ipv6_nexthop(True) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_v6_bgp_gateway(router1_name, '::ffff:10.0.0.254') # unset bgpaas_ipv4_mapped_ipv6_nexthop and expect the # subnets ipv6 gateway address is set as gateway bgpaas.set_bgpaas_ipv4_mapped_ipv6_nexthop(False) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_v6_bgp_gateway(router1_name, '1000:ffff:ffff:ffff:ffff:ffff:ffff:fffe') self._vnc_lib.instance_ip_delete(id=v4_obj.uuid) v4_obj = InstanceIp(name=port_name+'-v4') v4_obj.set_virtual_machine_interface(port_obj) v4_obj.set_virtual_network(vn1_obj) v4_obj.set_instance_ip_family('v4') v4_obj.set_instance_ip_address('10.0.0.60') self._vnc_lib.instance_ip_create(v4_obj) self.check_bgp_router_ip(router1_name, '10.0.0.60') self.check_bgp_router_identifier(router1_name, '10.0.0.60') bgpaas.set_bgpaas_ip_address('10.0.0.70') self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_bgp_router_ip(router1_name, '10.0.0.70') v4_obj.del_virtual_machine_interface(port_obj) v4_obj.del_virtual_network(vn1_obj) self._vnc_lib.instance_ip_delete(id=v4_obj.uuid) self.check_bgp_router_ip(router1_name, '10.0.0.70') self.check_bgp_router_identifier(router1_name, '10.0.0.70') port2_name = self.id() + 'p2' port2_obj = VirtualMachineInterface(port2_name, parent_obj=project_obj) port2_obj.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(port2_obj) bgpaas.add_virtual_machine_interface(port2_obj) self._vnc_lib.bgp_as_a_service_update(bgpaas) router2_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + port2_name self.wait_to_get_object(config_db.BgpRouterST, router2_name) router2_obj = self._vnc_lib.bgp_router_read(fq_name_str=router2_name) self.check_bgp_peering(server_router_obj, router2_obj, 2) self.check_bgp_peering(server_router_obj, router1_obj, 2) bgpaas.del_virtual_machine_interface(port_obj) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.wait_to_delete_object(config_db.BgpRouterST, router1_name) self._vnc_lib.bgp_as_a_service_delete(id=bgpaas.uuid) self.wait_to_delete_object(config_db.BgpRouterST, router2_name) self._vnc_lib.instance_ip_delete(id=v6_obj.uuid) self._vnc_lib.virtual_machine_interface_delete(id=port_obj.uuid) self._vnc_lib.virtual_machine_interface_delete(id=port2_obj.uuid) self._vnc_lib.virtual_network_delete(fq_name=vn1_obj.get_fq_name()) self.check_ri_is_deleted(vn1_obj.fq_name+[vn1_obj.name]) self._vnc_lib.bgp_router_delete(id=mx_bgp_router.uuid)
def test_bgpaas(self): # create vn1 vn1_name = self.id() + 'vn1' vn1_obj = self.create_virtual_network(vn1_name, ['10.0.0.0/24', '1000::/16']) project_name = ['default-domain', 'default-project'] project_obj = self._vnc_lib.project_read(fq_name=project_name) port_name = self.id() + 'p1' port_obj = VirtualMachineInterface(port_name, parent_obj=project_obj) port_obj.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(port_obj) v6_obj = InstanceIp(name=port_name+'-v6') v6_obj.set_virtual_machine_interface(port_obj) v6_obj.set_virtual_network(vn1_obj) v6_obj.set_instance_ip_family('v6') self._vnc_lib.instance_ip_create(v6_obj) v4_obj = InstanceIp(name=port_name+'-v4') v4_obj.set_virtual_machine_interface(port_obj) v4_obj.set_virtual_network(vn1_obj) v4_obj.set_instance_ip_family('v4') self._vnc_lib.instance_ip_create(v4_obj) bgpaas_name = self.id() + 'bgp1' bgpaas = BgpAsAService(bgpaas_name, parent_obj=project_obj, autonomous_system=64512) bgpaas.add_virtual_machine_interface(port_obj) self._vnc_lib.bgp_as_a_service_create(bgpaas) router1_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + port_name self.wait_to_get_object(config_db.BgpAsAServiceST, bgpaas.get_fq_name_str()) self.wait_to_get_object(config_db.BgpRouterST, router1_name) server_fq_name = ':'.join(self.get_ri_name(vn1_obj)) + ':bgpaas-server' self.wait_to_get_object(config_db.BgpRouterST, server_fq_name) server_router_obj = self._vnc_lib.bgp_router_read(fq_name_str=server_fq_name) mx_bgp_router = self.create_bgp_router("mx-bgp-router", "contrail") mx_bgp_router_name = mx_bgp_router.get_fq_name_str() self.wait_to_get_object(config_db.BgpRouterST, mx_bgp_router_name) mx_bgp_router = self._vnc_lib.bgp_router_read(fq_name_str=mx_bgp_router_name) self.check_bgp_no_peering(server_router_obj, mx_bgp_router) router1_obj = self._vnc_lib.bgp_router_read(fq_name_str=router1_name) self.assertEqual(router1_obj.get_bgp_router_parameters().address, '10.0.0.252') self.assertEqual(router1_obj.get_bgp_router_parameters().identifier, '10.0.0.252') self.check_bgp_peering(server_router_obj, router1_obj, 1) self.check_v4_bgp_gateway(router1_name, '10.0.0.254') self.check_v6_bgp_gateway(router1_name, '1000:ffff:ffff:ffff:ffff:ffff:ffff:fffe') # Set suppress_route_advertisement; and expect the gateways # to be reset to None in bgpaas-client router bgpaas.set_bgpaas_suppress_route_advertisement(True) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_v4_bgp_gateway(router1_name, None) self.check_v6_bgp_gateway(router1_name, None) # Unset suppress_route_advertisement; and expect the gateways # to be set to gateway addresses in bgpaas-client router bgpaas.set_bgpaas_suppress_route_advertisement(False) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_v4_bgp_gateway(router1_name, '10.0.0.254') self.check_v6_bgp_gateway(router1_name, '1000:ffff:ffff:ffff:ffff:ffff:ffff:fffe') # Set bgpaas_ipv4_mapped_ipv6_nexthop and expect the # ipv4-mapped ipv6 address is set as gateway bgpaas.set_bgpaas_ipv4_mapped_ipv6_nexthop(True) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_v6_bgp_gateway(router1_name, '::ffff:10.0.0.254') # unset bgpaas_ipv4_mapped_ipv6_nexthop and expect the # subnets ipv6 gateway address is set as gateway bgpaas.set_bgpaas_ipv4_mapped_ipv6_nexthop(False) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_v6_bgp_gateway(router1_name, '1000:ffff:ffff:ffff:ffff:ffff:ffff:fffe') v4_obj.set_instance_ip_address('10.0.0.60') self._vnc_lib.instance_ip_update(v4_obj) self.check_bgp_router_ip(router1_name, '10.0.0.60') self.check_bgp_router_identifier(router1_name, '10.0.0.60') bgpaas.set_bgpaas_ip_address('10.0.0.70') self._vnc_lib.bgp_as_a_service_update(bgpaas) self.check_bgp_router_ip(router1_name, '10.0.0.70') v4_obj.del_virtual_machine_interface(port_obj) v4_obj.del_virtual_network(vn1_obj) self._vnc_lib.instance_ip_delete(id=v4_obj.uuid) self.check_bgp_router_ip(router1_name, '10.0.0.70') self.check_bgp_router_identifier(router1_name, '10.0.0.70') port2_name = self.id() + 'p2' port2_obj = VirtualMachineInterface(port2_name, parent_obj=project_obj) port2_obj.add_virtual_network(vn1_obj) self._vnc_lib.virtual_machine_interface_create(port2_obj) bgpaas.add_virtual_machine_interface(port2_obj) self._vnc_lib.bgp_as_a_service_update(bgpaas) router2_name = vn1_obj.get_fq_name_str() + ':' + vn1_name + ':' + port2_name self.wait_to_get_object(config_db.BgpRouterST, router2_name) router2_obj = self._vnc_lib.bgp_router_read(fq_name_str=router2_name) self.check_bgp_peering(server_router_obj, router2_obj, 2) self.check_bgp_peering(server_router_obj, router1_obj, 2) bgpaas.del_virtual_machine_interface(port_obj) self._vnc_lib.bgp_as_a_service_update(bgpaas) self.wait_to_delete_object(config_db.BgpRouterST, router1_name) self._vnc_lib.bgp_as_a_service_delete(id=bgpaas.uuid) self.wait_to_delete_object(config_db.BgpRouterST, router2_name) self._vnc_lib.instance_ip_delete(id=v6_obj.uuid) self._vnc_lib.virtual_machine_interface_delete(id=port_obj.uuid) self._vnc_lib.virtual_machine_interface_delete(id=port2_obj.uuid) self._vnc_lib.virtual_network_delete(fq_name=vn1_obj.get_fq_name()) self.check_ri_is_deleted(vn1_obj.fq_name+[vn1_obj.name]) self._vnc_lib.bgp_router_delete(id=mx_bgp_router.uuid)