def test_create_update_subnet_without_dhcp(self): ovs = utils.OvsFlowsParser() flows_before_change = ovs.dump() network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create() subnet = {'network_id': network_id, 'cidr': '10.20.0.0/24', 'gateway_ip': '10.20.0.1', 'ip_version': 4, 'name': 'subnet-test', 'enable_dhcp': False} subnet = self.neutron.create_subnet({'subnet': subnet}) subnet_id = subnet['subnet']['id'] time.sleep(utils.DEFAULT_CMD_TIMEOUT) flows_after_change = ovs.dump() # change dhcp updated_subnet = {'enable_dhcp': True} self.neutron.update_subnet(subnet_id, {'subnet': updated_subnet}) dhcp_ip = utils.wait_until_is_and_return( lambda: self.get_dhcp_ip(network_id, subnet_id), exception=Exception('DHCP IP was not generated') ) self.assertFalse(self.check_dhcp_rule(flows_before_change, dhcp_ip)) self.assertFalse(self.check_dhcp_rule(flows_after_change, dhcp_ip)) utils.wait_until_is_and_return( lambda: self.check_dhcp_rule(ovs.dump(), dhcp_ip), exception=Exception('DHCP ip was not found in OpenFlow rules') ) network.close() time.sleep(utils.DEFAULT_CMD_TIMEOUT) flows_after_cleanup = ovs.dump() self.assertFalse(self.check_dhcp_rule(flows_after_cleanup, dhcp_ip))
def test_vm_multicast(self): network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create(network={'name': 'private'}) subnet = { 'network_id': network_id, 'cidr': '10.200.0.0/24', 'gateway_ip': '10.200.0.1', 'ip_version': 4, 'name': 'private', 'enable_dhcp': True } subnet = self.neutron.create_subnet({'subnet': subnet}) ovs = utils.OvsFlowsParser() vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create(network=network) ip = vm.get_first_ipv4() self.assertIsNotNone(ip) self.assertIsNotNone(vm.server.addresses['private']) mac = vm.server.addresses['private'][0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) metadataid = utils.wait_until_is_and_return( lambda: self._get_metadata_id(ovs.dump(self.integration_bridge), ip, mac), exception=Exception('Metadata id was not found in OpenFlow rules')) port = utils.wait_until_is_and_return( lambda: self._get_vm_port(ip, mac), exception=Exception('No port assigned to VM')) tunnel_key = port.get_tunnel_key() tunnel_key_hex = hex(tunnel_key) r = self._check_multicast_rule(ovs.dump(self.integration_bridge), metadataid, tunnel_key_hex) self.assertIsNotNone(r) vm.close() network.close()
def test_vm_multicast(self): network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create(network={'name': 'private'}) subnet = {'network_id': network_id, 'cidr': '10.200.0.0/24', 'gateway_ip': '10.200.0.1', 'ip_version': 4, 'name': 'private', 'enable_dhcp': True} subnet = self.neutron.create_subnet({'subnet': subnet}) ovs = utils.OvsFlowsParser() vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create(network=network) ip = vm.get_first_ipv4() self.assertIsNotNone(ip) self.assertIsNotNone(vm.server.addresses['private']) mac = vm.server.addresses['private'][0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) metadataid = utils.wait_until_is_and_return( lambda: self._get_metadata_id(ovs.dump(), ip, mac), exception=Exception('Metadata id was not found in OpenFlow rules') ) port = utils.wait_until_is_and_return( lambda: self._get_vm_port(ip, mac), exception=Exception('No port assigned to VM') ) tunnel_key = port.get_tunnel_key() tunnel_key_hex = hex(tunnel_key) r = self._check_multicast_rule(ovs.dump(), metadataid, tunnel_key_hex) self.assertIsNotNone(r) vm.server.stop() vm.close() network.close()
def test_flat_network_flows(self): if not self._check_providers_net_app_enable(): return physical_network = self._parse_flat_network() if not physical_network: self.assertIsNotNone(None) return # Create network network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_params = { "name": "flat_1", "provider:network_type": "flat", "provider:physical_network": physical_network } network_id = network.create(network=network_params) # Create subnet subnet_params = { 'network_id': network_id, 'cidr': '100.64.1.0/24', 'gateway_ip': '10.64.1.1', 'ip_version': 4, 'name': 'private', 'enable_dhcp': True } subnet = self.neutron.create_subnet({'subnet': subnet_params}) self.assertIsNotNone(subnet) # Create VM ovs = utils.OvsFlowsParser() vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create(network=network) ip = vm.get_first_ipv4() self.assertIsNotNone(ip) mac = vm.get_first_mac() self.assertIsNotNone(mac) metadataid = utils.wait_until_is_and_return( lambda: self._get_metadata_id(ovs.dump(self.integration_bridge), ip, mac), exception=Exception('Metadata id was not found in OpenFlow rules')) port = utils.wait_until_is_and_return( lambda: utils.get_vm_port(self.nb_api, ip, mac), exception=Exception('No port assigned to VM')) port_key = port.unique_key port_key_hex = hex(port_key) r = self._check_flat_flows(ovs.dump(self.integration_bridge), metadataid, port_key_hex, mac) for key, value in r.items(): self.assertIsNotNone(value, key) vm.server.stop() vm.close() network.close() return None
def test_vlan_network_flows(self): if self._check_l2_ml2_app_enable() is False: return physical_network, vlan_min = self._parse_network_vlan_ranges() if physical_network is None or vlan_min is None: self.assertIsNotNone(None) return # Create network network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_params = { "name": "vlan_1", "provider:network_type": "vlan", "provider:physical_network": physical_network, "provider:segmentation_id": vlan_min } network_id = network.create(network=network_params) # Create subnet subnet_params = { 'network_id': network_id, 'cidr': '100.64.0.0/24', 'gateway_ip': '10.64.0.1', 'ip_version': 4, 'name': 'private', 'enable_dhcp': True } subnet = self.neutron.create_subnet({'subnet': subnet_params}) self.assertIsNotNone(subnet) # Create VM ovs = utils.OvsFlowsParser() vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create(network=network) ip = vm.get_first_ipv4() self.assertIsNotNone(ip) mac = vm.get_first_mac() self.assertIsNotNone(mac) metadataid = utils.wait_until_is_and_return( lambda: self._get_metadata_id(ovs.dump(self.integration_bridge), ip, mac), exception=Exception('Metadata id was not found in OpenFlow rules')) port = utils.wait_until_is_and_return( lambda: self._get_vm_port(ip, mac), exception=Exception('No port assigned to VM')) port_key = port.get_tunnel_key() port_key_hex = hex(port_key) r = self._check_vlan_flows(ovs.dump(self.integration_bridge), metadataid, vlan_min, port_key_hex, mac) self.assertIsNotNone(r) vm.server.stop() vm.close() network.close()
def test_tunnel_network_flows(self): if self._check_tunneling_app_enable() is False: return network = objects.NetworkTestObj(self.neutron, self.nb_api) self.addCleanup(network.close) network_id = network.create() network_params = network.get_network() segmentation_id = network_params['network']['provider:segmentation_id'] subnet = {'network_id': network_id, 'cidr': '10.200.0.0/24', 'gateway_ip': '10.200.0.1', 'ip_version': 4, 'name': 'private', 'enable_dhcp': True} subnet = self.neutron.create_subnet({'subnet': subnet}) self.assertIsNotNone(subnet) ovs = utils.OvsFlowsParser() vm = objects.VMTestObj(self, self.neutron) self.addCleanup(vm.close) vm.create(network=network) ip = vm.get_first_ipv4() self.assertIsNotNone(ip) self.assertIsNotNone(vm.server.addresses['mynetwork']) mac = vm.server.addresses['mynetwork'][0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) metadataid = utils.wait_until_is_and_return( lambda: self._get_metadata_id(ovs.dump(self.integration_bridge), ip, mac), exception=Exception('Metadata id was not found in OpenFlow rules') ) port = utils.wait_until_is_and_return( lambda: utils.find_logical_port(self.nb_api, ip, mac), exception=Exception('No port assigned to VM') ) tunnel_key = port.unique_key tunnel_key_hex = hex(tunnel_key) n_type = network.get_network()['network']['provider:network_type'] port_num = self.vswitch_api.get_vtp_ofport(n_type) r = self._check_tunnel_flows(ovs.dump(self.integration_bridge), metadataid, hex(segmentation_id), tunnel_key_hex, mac, port_num) for key, value in r.items(): self.assertIsNotNone(value, key) vm.close() network.close()
def test_create_router_interface(self): ovs = utils.OvsFlowsParser() flows_before_change = ovs.dump() router = self.store(objects.RouterTestObj(self.neutron, self.nb_api)) network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create() subnet = {'network_id': network_id, 'cidr': '10.30.0.0/24', 'gateway_ip': '10.30.0.1', 'ip_version': 4, 'name': 'subnet-test', 'enable_dhcp': True} subnet = self.neutron.create_subnet({'subnet': subnet}) subnet_id = subnet['subnet']['id'] router_id = router.create() self.assertTrue(router.exists()) subnet_msg = {'subnet_id': subnet_id} time.sleep(utils.DEFAULT_CMD_TIMEOUT) self.neutron.add_interface_router(router_id, body=subnet_msg) dhcp_ip = utils.wait_until_is_and_return( lambda: self.get_dhcp_ip(network_id, subnet_id), exception=Exception('DHCP IP was not generated') ) flows_after_change = ovs.dump() self.assertFalse(self.check_dhcp_rule(flows_before_change, dhcp_ip)) self.assertTrue(self.check_dhcp_rule(flows_after_change, dhcp_ip)) self.neutron.remove_interface_router(router_id, body=subnet_msg) router.close() network.close() time.sleep(utils.DEFAULT_CMD_TIMEOUT) flows_after_cleanup = ovs.dump() self.assertFalse(self.check_dhcp_rule(flows_after_cleanup, dhcp_ip))
def test_dhcp_port_created(self): network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create() self.assertTrue(network.exists()) subnet = {'network_id': network_id, 'cidr': '10.1.0.0/24', 'gateway_ip': '10.1.0.1', 'ip_version': 4, 'name': 'subnet-test', 'enable_dhcp': True} self.neutron.create_subnet({'subnet': subnet}) ports = utils.wait_until_is_and_return( lambda: self.nb_api.get_all_logical_ports(), exception=Exception('No ports assigned in subnet') ) dhcp_ports_found = 0 for port in ports: if port.get_lswitch_id() == network_id: if port.get_device_owner() == 'network:dhcp': dhcp_ports_found += 1 network.close() self.assertEqual(dhcp_ports_found, 1) ports = self.nb_api.get_all_logical_ports() dhcp_ports_found = 0 for port in ports: if port.get_lswitch_id() == network_id: if port.get_device_owner() == 'network:dhcp': dhcp_ports_found += 1 self.assertEqual(dhcp_ports_found, 0)
def test_create_update_subnet_with_dhcp(self): ovs = utils.OvsFlowsParser() flows_before_change = ovs.dump(self.integration_bridge) network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create() subnet = { 'network_id': network_id, 'cidr': '10.10.254.0/24', 'gateway_ip': '10.10.254.1', 'ip_version': 4, 'name': 'subnet-test', 'enable_dhcp': True } subnet = self.neutron.create_subnet({'subnet': subnet}) subnet_id = subnet['subnet']['id'] dhcp_ip = utils.wait_until_is_and_return( lambda: self.get_dhcp_ip(network_id, subnet_id), exception=Exception('DHCP IP was not generated')) self.assertFalse(utils.check_dhcp_ip_rule(flows_before_change, dhcp_ip)) utils.wait_until_true( lambda: utils.check_dhcp_ip_rule(ovs.dump(self.integration_bridge), dhcp_ip), exception=Exception('DHCP ip was not found in OpenFlow rules'), timeout=5) # change dhcp updated_subnet = {'enable_dhcp': False} self.neutron.update_subnet(subnet_id, {'subnet': updated_subnet}) time.sleep(const.DEFAULT_RESOURCE_READY_TIMEOUT) flows_after_update = ovs.dump(self.integration_bridge) self.assertFalse(utils.check_dhcp_ip_rule(flows_after_update, dhcp_ip)) network.close()
def test_create_router_interface(self): ovs = utils.OvsFlowsParser() flows_before_change = ovs.dump(self.integration_bridge) router = self.store(objects.RouterTestObj(self.neutron, self.nb_api)) network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create() subnet = { 'network_id': network_id, 'cidr': '10.30.0.0/24', 'gateway_ip': '10.30.0.1', 'ip_version': 4, 'name': 'subnet-test', 'enable_dhcp': True } subnet = self.neutron.create_subnet({'subnet': subnet}) subnet_id = subnet['subnet']['id'] router_id = router.create() self.assertTrue(router.exists()) subnet_msg = {'subnet_id': subnet_id} time.sleep(const.DEFAULT_RESOURCE_READY_TIMEOUT) self.neutron.add_interface_router(router_id, body=subnet_msg) dhcp_ip = utils.wait_until_is_and_return( lambda: self.get_dhcp_ip(network_id, subnet_id), exception=Exception('DHCP IP was not generated')) flows_after_change = ovs.dump(self.integration_bridge) self.assertFalse(self.check_dhcp_rule(flows_before_change, dhcp_ip)) self.assertTrue(self.check_dhcp_rule(flows_after_change, dhcp_ip)) self.neutron.remove_interface_router(router_id, body=subnet_msg) router.close() network.close() utils.wait_until_none( lambda: self.check_dhcp_rule(ovs.dump(self.integration_bridge), dhcp_ip), exception=Exception('DHCP IP was not removed from OpenFlow rules'), timeout=30)
def test_anti_spoof_flows(self): network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create(network={'name': 'test_network1'}) self.assertTrue(network.exists()) subnet_info = {'network_id': network_id, 'cidr': '192.168.130.0/24', 'gateway_ip': '192.168.130.1', 'ip_version': 4, 'name': 'test_subnet1', 'enable_dhcp': True} subnet = self.store(objects.SubnetTestObj(self.neutron, self.nb_api, network_id=network_id)) subnet.create(subnet_info) self.assertTrue(subnet.exists()) vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create(network=network) addresses = vm.server.addresses['test_network1'] self.assertIsNotNone(addresses) ip = addresses[0]['addr'] self.assertIsNotNone(ip) mac = addresses[0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) port = utils.wait_until_is_and_return( lambda: self._get_vm_port(ip, mac), exception=Exception('No port assigned to VM') ) ovsdb = utils.OvsDBParser() of_port = ovsdb.get_ofport(port.get_id()) self.assertIsNotNone(of_port) # Check if the associating flows were installed. expected_flow_list = self._get_anti_spoof_expected_flows( ip, mac, of_port ) self._check_all_flows_existed(expected_flow_list) vm.server.stop() vm.close() time.sleep(utils.DEFAULT_CMD_TIMEOUT) # Check if the associating flows were removed. expected_flow_list = self._get_anti_spoof_expected_flows( ip, mac, of_port ) self._check_not_flow_existed(expected_flow_list)
def test_port_based_flows(self): if not self._check_if_app_enabled(): return network = objects.NetworkTestObj(self.neutron, self.nb_api) self.addCleanup(network.close) network_id = network.create() subnet = { 'network_id': network_id, 'cidr': '10.200.0.0/24', 'gateway_ip': '10.200.0.1', 'ip_version': 4, 'name': 'private', 'enable_dhcp': True } external_host_ip = cfg.CONF.df.external_host_ip self.assertIsNotNone(external_host_ip) split_ip = external_host_ip.split('.') ip2mac = '{:02x}:{:02x}:{:02x}:{:02x}'.format(*map(int, split_ip)) external_host_mac = const.CHASSIS_MAC_PREFIX + ip2mac subnet = self.neutron.create_subnet({'subnet': subnet}) self.assertIsNotNone(subnet) # Create VM ovs = utils.OvsFlowsParser() vm = objects.VMTestObj(self, self.neutron) self.addCleanup(vm.close) vm.create(network=network) ip = vm.get_first_ipv4() self.assertIsNotNone(ip) mac = vm.get_first_mac() self.assertIsNotNone(mac) port = utils.wait_until_is_and_return( lambda: utils.find_logical_port(self.nb_api, ip, mac), exception=Exception('No port assigned to VM')) port_key = port.unique_key network_key = network.nb_api.get( l2.LogicalSwitch(id=network_id)).unique_key r = self._check_port_based_flows(ovs.dump(self.integration_bridge), hex(port_key), hex(network_key), external_host_mac, mac) for key, value in r.items(): self.assertIsNotNone(value, key) vm.close() network.close()
def test_vm_multicast(self): ovs = utils.OvsFlowsParser() vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create() ip = vm.get_first_ipv4() self.assertIsNotNone(ip) self.assertIsNotNone(vm.server.addresses['private']) mac = vm.server.addresses['private'][0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) metadataid = utils.wait_until_is_and_return( lambda: self._get_metadata_id(ovs.dump(), ip, mac), exception=Exception('Metadata id was not found in OpenFlow rules') ) port = utils.wait_until_is_and_return( lambda: self._get_vm_port(ip, mac), exception=Exception('No port assigned to VM') ) tunnel_key = port.get_tunnel_key() tunnel_key_hex = hex(tunnel_key) r = self._check_multicast_rule(ovs.dump(), metadataid, tunnel_key_hex) self.assertIsNotNone(r) vm.server.stop() vm.close()
def _test_anti_spoof_flows(self, subnet_info): network = objects.NetworkTestObj(self.neutron, self.nb_api) self.addCleanup(network.close) network_id = network.create() self.assertTrue(network.exists()) subnet_info['network_id'] = network_id subnet = objects.SubnetTestObj(self.neutron, self.nb_api, network_id=network_id) self.addCleanup(subnet.close) subnet.create(subnet_info) self.assertTrue(subnet.exists()) vm = objects.VMTestObj(self, self.neutron) self.addCleanup(vm.close) vm.create(network=network) addresses = vm.server.addresses['mynetwork'] self.assertIsNotNone(addresses) ip = addresses[0]['addr'] self.assertIsNotNone(ip) mac = addresses[0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) port = utils.wait_until_is_and_return( lambda: utils.find_logical_port(self.nb_api, ip, mac), exception=Exception('No port assigned to VM')) of_port = self.vswitch_api.get_port_ofport_by_id(port.id) self.assertIsNotNone(of_port) unique_key = port.unique_key # Check if the associating flows were installed. expected_flow_list = self._get_anti_spoof_expected_flows( ip, mac, unique_key) self._check_all_flows_existed(expected_flow_list) vm.close() time.sleep(test_const.DEFAULT_RESOURCE_READY_TIMEOUT) # Check if the associating flows were removed. expected_flow_list = self._get_anti_spoof_expected_flows( ip, mac, unique_key) self._check_not_flow_existed(expected_flow_list)
def test_create_update_subnet_without_dhcp(self): ovs = utils.OvsFlowsParser() flows_before_change = ovs.dump(self.integration_bridge) network, network_id, network_key = self._create_network() subnet = {'network_id': network_id, 'cidr': '10.20.0.0/24', 'gateway_ip': '10.20.0.1', 'ip_version': 4, 'name': 'subnet-test', 'enable_dhcp': False} subnet = self.neutron.create_subnet({'subnet': subnet}) subnet_id = subnet['subnet']['id'] time.sleep(const.DEFAULT_CMD_TIMEOUT) flows_after_change = ovs.dump(self.integration_bridge) # change dhcp updated_subnet = {'enable_dhcp': True} self.neutron.update_subnet(subnet_id, {'subnet': updated_subnet}) dhcp_ip = utils.wait_until_is_and_return( lambda: self.get_dhcp_ip(network_id, subnet_id), exception=Exception('DHCP IP was not generated') ) self.assertIsNotNone(dhcp_ip) self.assertFalse(utils.check_dhcp_network_rule( flows_before_change, network_key)) self.assertFalse(utils.check_dhcp_network_rule( flows_after_change, network_key)) utils.wait_until_true( lambda: utils.check_dhcp_network_rule( ovs.dump(self.integration_bridge), network_key), exception=Exception('DHCP ip was not found in OpenFlow rules'), timeout=5 ) network.close() utils.wait_until_none( lambda: utils.check_dhcp_network_rule( ovs.dump(self.integration_bridge), network_key), exception=Exception('DHCP IP was not removed from OpenFlow rules'), timeout=30 )
def test_associating_flows(self): network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create(network={'name': 'test_network1'}) self.assertTrue(network.exists()) subnet_info = {'network_id': network_id, 'cidr': '192.168.123.0/24', 'gateway_ip': '192.168.123.1', 'ip_version': 4, 'name': 'test_subnet1', 'enable_dhcp': True} subnet = self.store(objects.SubnetTestObj(self.neutron, self.nb_api, network_id=network_id)) subnet.create(subnet_info) self.assertTrue(subnet.exists()) security_group = self.store(objects.SecGroupTestObj( self.neutron, self.nb_api)) security_group_id = security_group.create() self.assertTrue(security_group.exists()) vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create(network=network, security_groups=[security_group_id]) addresses = vm.server.addresses['test_network1'] self.assertIsNotNone(addresses) ip = addresses[0]['addr'] self.assertIsNotNone(ip) mac = addresses[0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) port = utils.wait_until_is_and_return( lambda: self._get_vm_port(ip, mac), exception=Exception('No port assigned to VM') ) tunnel_key = port.get_tunnel_key() tunnel_key_hex = hex(tunnel_key) of_port = self._get_of_port(port.get_id()) self.assertIsNotNone(of_port) ovs = utils.OvsFlowsParser() flows_after_change = ovs.dump() # Check if the associating flows were installed. ingress_associating_flow, egress_associating_flow = \ self._find_associating_flows(flows_after_change, of_port, tunnel_key_hex) LOG.info(_LI("flows after associating a port and a security group" " are: %s"), ovs.get_ovs_flows()) self.assertIsNotNone(ingress_associating_flow) self.assertIsNotNone(egress_associating_flow) vm.server.stop() vm.close() time.sleep(utils.DEFAULT_CMD_TIMEOUT) flows_after_update = ovs.dump() # Check if the associating flows were removed. ingress_associating_flow, egress_associating_flow = \ self._find_associating_flows(flows_after_update, of_port, tunnel_key_hex) self.assertIsNone(ingress_associating_flow) self.assertIsNone(egress_associating_flow)
def test_associating_flows(self): network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create(network={'name': 'test_network1'}) self.assertTrue(network.exists()) subnet_info = { 'network_id': network_id, 'cidr': '192.168.123.0/24', 'gateway_ip': '192.168.123.1', 'ip_version': 4, 'name': 'test_subnet1', 'enable_dhcp': True } subnet = self.store( objects.SubnetTestObj(self.neutron, self.nb_api, network_id=network_id)) subnet.create(subnet_info) self.assertTrue(subnet.exists()) security_group = self.store( objects.SecGroupTestObj(self.neutron, self.nb_api)) security_group_id = security_group.create() self.assertTrue(security_group.exists()) vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create(network=network, security_groups=[security_group_id]) addresses = vm.server.addresses['test_network1'] self.assertIsNotNone(addresses) ip = addresses[0]['addr'] self.assertIsNotNone(ip) mac = addresses[0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) port = utils.wait_until_is_and_return( lambda: self._get_vm_port(ip, mac), exception=Exception('No port assigned to VM')) tunnel_key = port.get_tunnel_key() tunnel_key_hex = hex(tunnel_key) of_port = self._get_of_port(port.get_id()) self.assertIsNotNone(of_port) ovs = utils.OvsFlowsParser() flows_after_change = ovs.dump() # Check if the associating flows were installed. ingress_associating_flow, egress_associating_flow = \ self._find_associating_flows(flows_after_change, of_port, tunnel_key_hex) LOG.info( _LI("flows after associating a port and a security group" " are: %s"), ovs.get_ovs_flows()) self.assertIsNotNone(ingress_associating_flow) self.assertIsNotNone(egress_associating_flow) vm.server.stop() vm.close() time.sleep(utils.DEFAULT_CMD_TIMEOUT) flows_after_update = ovs.dump() # Check if the associating flows were removed. ingress_associating_flow, egress_associating_flow = \ self._find_associating_flows(flows_after_update, of_port, tunnel_key_hex) self.assertIsNone(ingress_associating_flow) self.assertIsNone(egress_associating_flow)
def _test_associating_flows(self, subnet_info): network = self.store(objects.NetworkTestObj(self.neutron, self.nb_api)) network_id = network.create() self.assertTrue(network.exists()) subnet_info['network_id'] = network_id subnet = self.store( objects.SubnetTestObj(self.neutron, self.nb_api, network_id=network_id)) subnet.create(subnet_info) self.assertTrue(subnet.exists()) security_group = self.store( objects.SecGroupTestObj(self.neutron, self.nb_api)) security_group_id = security_group.create() self.assertTrue(security_group.exists()) vm = self.store(objects.VMTestObj(self, self.neutron)) vm.create(network=network, security_groups=[security_group_id]) addresses = vm.server.addresses['mynetwork'] self.assertIsNotNone(addresses) ip = addresses[0]['addr'] self.assertIsNotNone(ip) mac = addresses[0]['OS-EXT-IPS-MAC:mac_addr'] self.assertIsNotNone(mac) port = utils.wait_until_is_and_return( lambda: utils.get_vm_port(self.nb_api, ip, mac), exception=Exception('No port assigned to VM')) tunnel_key = port.unique_key tunnel_key_hex = hex(tunnel_key) of_port = self.vswitch_api.get_port_ofport_by_id(port.id) self.assertIsNotNone(of_port) ovs = utils.OvsFlowsParser() flows_after_change = ovs.dump(self.integration_bridge) # Check if the associating flows were installed. ingress_associating_flow, egress_associating_flow = \ self._find_associating_flows(flows_after_change, tunnel_key_hex) LOG.info( "flows after associating a port and a security group" " are: %s", ovs.get_ovs_flows(self.integration_bridge)) self.assertIsNotNone(ingress_associating_flow) self.assertIsNotNone(egress_associating_flow) vm.close() time.sleep(test_const.DEFAULT_RESOURCE_READY_TIMEOUT) flows_after_update = ovs.dump(self.integration_bridge) # Check if the associating flows were removed. ingress_associating_flow, egress_associating_flow = \ self._find_associating_flows(flows_after_update, tunnel_key_hex) self.assertIsNone(ingress_associating_flow) self.assertIsNone(egress_associating_flow)