def get_test_stub_vm_by_ip(test_obj, target_ip): for l3_uuid in test_obj.get_all_l3(): stub_vm = test_obj.get_stub_vm(l3_uuid) if stub_vm: if test_lib.lib_get_vm_ip_by_l3(stub_vm.vm, l3_uuid) == target_ip: return l3_uuid, stub_vm.vm return None, None
def check(self): super(zstack_kvm_sg_icmp_ingress_checker, self).check() test_result = True nic = test_lib.lib_get_nic_by_uuid(self.nic_uuid) l3_uuid = nic.l3NetworkUuid test_util.test_dsc('Check ICMP ingress rules') if not 'DHCP' in test_lib.lib_get_l3_service_type(l3_uuid): test_util.test_logger("Skip SG test for [l3:] %s. Since it doesn't provide DHCP service, there isn't stable IP address for testint." % l3_uuid) return self.judge(self.exp_result) stub_vm = self.test_obj.get_stub_vm(l3_uuid) if not stub_vm: #test_util.test_warn('Did not find test stub vm for [target address:] %s. Skip testing some TCP rules' % target_addr) test_util.test_warn('Did not find test stub vm for [l3:] %s. Skip testing some TCP rules' % l3_uuid) return self.judge(self.exp_result) stub_vm = stub_vm.vm stub_vm_ip = test_lib.lib_get_vm_nic_by_l3(stub_vm, l3_uuid).ip target_addr = '%s/32' % stub_vm_ip test_vm = test_lib.lib_get_vm_by_nic(nic.uuid) if test_vm.state == inventory.RUNNING: rules = self.test_obj.get_nic_icmp_ingress_rule_by_addr(self.nic_uuid, target_addr) target_ip = test_lib.lib_get_vm_ip_by_l3(test_vm, l3_uuid) if rules: if test_lib.lib_check_ping(stub_vm, target_ip, no_exception=True): test_util.test_logger('Check result: [Security Group] pass ICMP ingress rule checking to ping [vm:] %s from [vm:] %s' % (test_vm.uuid, stub_vm.uuid)) else: test_util.test_logger('Check result: [Security Group] meets failure to ping [vm:] %s from [vm:] %s when checking ICMP ingress rule. ' % (test_vm.uuid, stub_vm.uuid)) test_result = False else: if not test_lib.lib_check_ping(stub_vm, target_ip, no_exception=True): test_util.test_logger('Check result: [Security Group] pass ICMP ingress rule checking to ping [vm:] %s from [vm:] %s. Expected failure.' % (test_vm.uuid, stub_vm.uuid)) else: test_util.test_logger('Check result: [Security Group] meet failure when checking ICMP ingress rule to ping [vm:] %s from [vm:] %s. Unexpected ping successfully.' % (test_vm.uuid, stub_vm.uuid)) else: test_util.test_warn('Test [vm:] %s is not running. Skip SG ICMP ingress checker for this vm.' % test_vm.uuid) test_util.test_logger('Check result: [Security Group] pass ICMP ingress testing for [vm:] %s [nic:] %s' % (test_vm.uuid, self.nic_uuid)) print_iptables(test_vm) return self.judge(test_result)
def check(self): super(zstack_vcenter_sg_icmp_ingress_checker, self).check() test_result = True nic = test_lib.lib_get_nic_by_uuid(self.nic_uuid) l3_uuid = nic.l3NetworkUuid test_util.test_dsc('Check ICMP ingress rules') if not 'DHCP' in test_lib.lib_get_l3_service_type(l3_uuid): test_util.test_logger("Skip SG test for [l3:] %s. Since it doesn't provide DHCP service, there isn't stable IP address for testint." % l3_uuid) return self.judge(self.exp_result) stub_vm = self.test_obj.get_stub_vm(l3_uuid) if not stub_vm: test_util.test_warn('Did not find test stub vm for [target address:] %s. Skip testing some TCP rules' % target_addr) return self.judge(self.exp_result) stub_vm = stub_vm.vm stub_vm_ip = test_lib.lib_get_vm_nic_by_l3(stub_vm, l3_uuid).ip target_addr = '%s/32' % stub_vm_ip test_vm = test_lib.lib_get_vm_by_nic(nic.uuid) if test_vm.state == inventory.RUNNING: rules = self.test_obj.get_nic_icmp_ingress_rule_by_addr(self.nic_uuid, target_addr) target_ip = test_lib.lib_get_vm_ip_by_l3(test_vm, l3_uuid) if rules: if test_lib.lib_check_ping(stub_vm, target_ip, no_exception=True): test_util.test_logger('Check result: [Security Group] pass ICMP ingress rule checking to ping [vm:] %s from [vm:] %s' % (test_vm.uuid, stub_vm.uuid)) else: test_util.test_logger('Check result: [Security Group] meets failure to ping [vm:] %s from [vm:] %s when checking ICMP ingress rule. ' % (test_vm.uuid, stub_vm.uuid)) test_result = False else: if not test_lib.lib_check_ping(stub_vm, target_ip, no_exception=True): test_util.test_logger('Check result: [Security Group] pass ICMP ingress rule checking to ping [vm:] %s from [vm:] %s. Expected failure.' % (test_vm.uuid, stub_vm.uuid)) else: test_util.test_logger('Check result: [Security Group] meet failure when checking ICMP ingress rule to ping [vm:] %s from [vm:] %s. Unexpected ping successfully.' % (test_vm.uuid, stub_vm.uuid)) else: test_util.test_warn('Test [vm:] %s is not running. Skip SG ICMP ingress checker for this vm.' % test_vm.uuid) test_util.test_logger('Check result: [Security Group] pass ICMP ingress testing for [vm:] %s [nic:] %s' % (test_vm.uuid, self.nic_uuid)) print_iptables(test_vm) return self.judge(test_result)