def validate_vpc_offering(self, vpc_offering):
"""Validates the VPC offering"""
self.debug("Check if the VPC offering is created successfully?")
vpc_offs = VpcOffering.list(
self.apiclient,
id=vpc_offering.id
)
self.assertEqual(
isinstance(vpc_offs, list),
True,
"List VPC offerings should return a valid list"
)
self.assertEqual(
vpc_offering.name,
vpc_offs[0].name,
"Name of the VPC offering should match with listVPCOff data"
)
self.assertEqual(
vpc_offering.name,
vpc_offs[0].name,
"Name of the VPC offering should match with listVPCOff data"
)
self.assertEqual(
vpc_offs[0].distributedvpcrouter,True,
"VPC offering is not set up for Distributed routing"
)
self.debug(
"VPC offering is created successfully - %s" %
vpc_offering.name)
return
def test_vpcnetwork_nuage(self):
"""Test network VPC for Nuage"""
# 1) Create VPC with Nuage VPC offering
vpcOffering = VpcOffering.list(self.apiclient,
name="Nuage VSP VPC offering")
self.assert_(vpcOffering is not None and len(vpcOffering) > 0,
"Nuage VPC offering not found")
vpc = VPC.create(apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.networkacl",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid)
self.assert_(vpc is not None, "VPC creation failed")
# 2) Create ACL
aclgroup = NetworkACLList.create(apiclient=self.apiclient,
services={},
name="acl",
description="acl",
vpcid=vpc.id)
self.assertIsNotNone(aclgroup, "Failed to create NetworkACL list")
self.debug("Created a network ACL list %s" % aclgroup.name)
# 3) Create ACL Item
aclitem = NetworkACL.create(apiclient=self.apiclient,
services={},
protocol="TCP",
number="10",
action="Deny",
aclid=aclgroup.id,
cidrlist=["0.0.0.0/0"])
self.assertIsNotNone(aclitem, "Network failed to aclItem")
self.debug("Added a network ACL %s to ACL list %s" %
(aclitem.id, aclgroup.name))
# 4) Create network with ACL
nwNuage = Network.create(self.apiclient,
self.services["vpcnetwork"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=self.network_offering.id,
zoneid=self.zone.id,
vpcid=vpc.id,
aclid=aclgroup.id,
gateway='10.1.0.1')
self.debug("Network %s created in VPC %s" % (nwNuage.id, vpc.id))
# 5) Deploy a vm
vm = VirtualMachine.create(self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=[str(nwNuage.id)])
self.assert_(vm is not None, "VM failed to deploy")
self.assert_(vm.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id))
def create_vpc(self, name, cidr):
print name, cidr
try:
vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
self.assert_(vpcOffering is not None and len(vpcOffering) > 0,
"No VPC offerings found")
self.services["vpc"] = {}
self.services["vpc"]["name"] = name
self.services["vpc"]["displaytext"] = name
self.services["vpc"]["cidr"] = cidr
vpc = VPC.create(apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.internallb",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id)
self.assertIsNotNone(vpc, "VPC creation failed")
self.logger.debug("Created VPC %s" % vpc.id)
return vpc
except Exception as e:
self.fail("Failed to create VPC: %s due to %s" % (name, e))
def validate_vpc_offering(self, vpc_offering):
"""Validates the VPC offering"""
self.debug("Check if the VPC offering is created successfully?")
vpc_offs = VpcOffering.list(
self.apiclient,
id=vpc_offering.id
)
self.assertEqual(
isinstance(vpc_offs, list),
True,
"List VPC offerings should return a valid list"
)
self.assertEqual(
vpc_offering.name,
vpc_offs[0].name,
"Name of the VPC offering should match with listVPCOff data"
)
self.assertEqual(
vpc_offering.name,
vpc_offs[0].name,
"Name of the VPC offering should match with listVPCOff data"
)
self.assertEqual(
vpc_offs[0].supportsregionLevelvpc,True,
"VPC offering is not set up for region level VPC"
)
self.debug(
"VPC offering is created successfully - %s" %
vpc_offering.name)
return
def create_vpc(self, name, cidr):
print name, cidr
try:
vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
self.assert_(vpcOffering is not None and len(
vpcOffering) > 0, "No VPC offerings found")
self.services["vpc"] = {}
self.services["vpc"]["name"] = name
self.services["vpc"]["displaytext"] = name
self.services["vpc"]["cidr"] = cidr
vpc = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.internallb",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
)
self.assertIsNotNone(vpc, "VPC creation failed")
self.logger.debug("Created VPC %s" % vpc.id)
return vpc
except Exception as e:
self.fail("Failed to create VPC: %s due to %s" % (name, e))
def test_vpcnetwork_nuage(self):
"""Test network VPC for Nuage"""
# 1) Create VPC with Nuage VPC offering
vpcOffering = VpcOffering.list(self.apiclient,name="Nuage VSP VPC offering")
self.assert_(vpcOffering is not None and len(vpcOffering)>0, "Nuage VPC offering not found")
vpc = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.networkacl",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid
)
self.assert_(vpc is not None, "VPC creation failed")
# 2) Create ACL
aclgroup = NetworkACLList.create(apiclient=self.apiclient, services={}, name="acl", description="acl", vpcid=vpc.id)
self.assertIsNotNone(aclgroup, "Failed to create NetworkACL list")
self.debug("Created a network ACL list %s" % aclgroup.name)
# 3) Create ACL Item
aclitem = NetworkACL.create(apiclient=self.apiclient, services={},
protocol="TCP", number="10", action="Deny", aclid=aclgroup.id, cidrlist=["0.0.0.0/0"])
self.assertIsNotNone(aclitem, "Network failed to aclItem")
self.debug("Added a network ACL %s to ACL list %s" % (aclitem.id, aclgroup.name))
# 4) Create network with ACL
nwNuage = Network.create(
self.apiclient,
self.services["vpcnetwork"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=self.network_offering.id,
zoneid=self.zone.id,
vpcid=vpc.id,
aclid=aclgroup.id,
gateway='10.1.0.1'
)
self.debug("Network %s created in VPC %s" %(nwNuage.id, vpc.id))
# 5) Deploy a vm
vm = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=[str(nwNuage.id)]
)
self.assert_(vm is not None, "VM failed to deploy")
self.assert_(vm.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" %(vm.id, vpc.id))
def _validate_vpc_offering(self, vpc_offering):
self.logger.debug("Check if the VPC offering is created successfully?")
vpc_offs = VpcOffering.list(self.apiclient, id=vpc_offering.id)
offering_list = validateList(vpc_offs)
self.assertEqual(offering_list[0], PASS,
"List VPC offerings should return a valid list")
self.assertEqual(
vpc_offering.name, vpc_offs[0].name,
"Name of the VPC offering should match with listVPCOff data")
self.logger.debug("VPC offering is created successfully - %s" %
vpc_offering.name)
return
def validate_vpc_offering(self, vpc_offering, state=None):
"""Validates the VPC offering"""
self.debug("Check if the VPC offering is created successfully ?")
vpc_offs = VpcOffering.list(self.api_client, id=vpc_offering.id)
self.assertEqual(isinstance(vpc_offs, list), True,
"List VPC offering should return a valid list")
self.assertEqual(
vpc_offering.name, vpc_offs[0].name,
"Name of the VPC offering should match with the returned list data"
)
if state:
self.assertEqual(vpc_offs[0].state, state,
"VPC offering state should be '%s'" % state)
self.debug("VPC offering creation successfully validated - %s" %
vpc_offering.name)
def validate_VpcOffering(self, vpc_offering, state=None):
"""Validates the VPC offering"""
self.debug("Check if the VPC offering is created successfully ?")
vpc_offs = VpcOffering.list(self.api_client,
id=vpc_offering.id
)
self.assertEqual(isinstance(vpc_offs, list), True,
"List VPC offering should return a valid list"
)
self.assertEqual(vpc_offering.name, vpc_offs[0].name,
"Name of the VPC offering should match with the returned list data"
)
if state:
self.assertEqual(vpc_offs[0].state, state,
"VPC offering state should be in state - %s" % state
)
self.debug("VPC offering creation successfully validated for %s" % vpc_offering.name)
def test_03_create_ipv6_vpc_offering(self):
"""Test to create network offering
# Validate the following:
# 1. createVpcOffering should return valid info for new offering
# 2. The Cloud Database contains the valid information
"""
Configurations.update(self.apiclient,
ipv6_offering_config_name,
"true")
ipv6_service = self.services["vpc_offering"]
ipv6_service["internetprotocol"] = "dualstack"
vpc_offering = VpcOffering.create(
self.apiclient,
ipv6_service
)
self.cleanup.append(vpc_offering)
self.debug("Created VPC offering with ID: %s" % vpc_offering.id)
list_vpc_off_response = VpcOffering.list(self.apiclient,
id=vpc_offering.id)
self.assertEqual(
isinstance(list_vpc_off_response, list),
True,
"Check list response returns a valid list"
)
self.assertNotEqual(
len(list_vpc_off_response),
0,
"Check VPC offering is created"
)
vpc_off_response = list_vpc_off_response[0]
self.assertEqual(
vpc_off_response.id,
vpc_offering.id,
"Check server id in listVpcOfferings"
)
self.assertEqual(
vpc_off_response.internetprotocol.lower(),
ipv6_service["internetprotocol"].lower(),
"Check internetprotocol in listVpcOfferings"
)
return
def validate_VpcOffering(self, vpc_offering, state=None):
"""Validates the VPC offering"""
self.debug("Validating the creation and state of VPC offering - %s" %
vpc_offering.name)
vpc_offs = VpcOffering.list(self.api_client,
id=vpc_offering.id
)
self.assertEqual(isinstance(vpc_offs, list), True,
"List VPC offering should return a valid list"
)
self.assertEqual(vpc_offering.name, vpc_offs[0].name,
"Name of the VPC offering should match with the "
"returned list data"
)
if state:
self.assertEqual(vpc_offs[0].state, state,
"VPC offering state should be '%s'" % state
)
self.debug("Successfully validated the creation and state of VPC "
"offering - %s" % vpc_offering.name)
def _validate_vpc_offering(self, vpc_offering):
self.logger.debug("Check if the VPC offering is created successfully?")
vpc_offs = VpcOffering.list(
self.apiclient,
id=vpc_offering.id
)
offering_list = validateList(vpc_offs)
self.assertEqual(offering_list[0],
PASS,
"List VPC offerings should return a valid list"
)
self.assertEqual(
vpc_offering.name,
vpc_offs[0].name,
"Name of the VPC offering should match with listVPCOff data"
)
self.logger.debug(
"VPC offering is created successfully - %s" %
vpc_offering.name)
return
def test_01_vpc_remote_access_vpn(self):
"""Test Remote Access VPN in VPC"""
self.logger.debug("Starting test: test_01_vpc_remote_access_vpn")
# 0) Get the default network offering for VPC
self.logger.debug("Retrieving default VPC offering")
networkOffering = NetworkOffering.list(
self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(
networkOffering) > 0, "No VPC based network offering")
# 1) Create VPC
vpcOffering = VpcOffering.list(self.apiclient, name="Default VPC offering")
self.assert_(vpcOffering is not None and len(
vpcOffering) > 0, "No VPC offerings found")
vpc = None
try:
vpc = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc is not None, "VPC creation failed")
self.logger.debug("VPC %s created" % (vpc.id))
try:
# 2) Create network in VPC
ntwk = Network.create(
apiclient=self.apiclient,
services=self.services["network_1"],
accountid=self.account.name,
domainid=self.domain.id,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc.id
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk, "Network failed to create")
self.logger.debug(
"Network %s created in VPC %s" % (ntwk.id, vpc.id))
try:
# 3) Deploy a vm
vm = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.domain.id,
serviceofferingid=self.compute_offering.id,
networkids=ntwk.id,
hypervisor=self.hypervisor
)
self.assert_(vm is not None, "VM failed to deploy")
self.assert_(vm.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id))
except Exception as e:
self.fail(e)
finally:
self.logger.debug("Deployed virtual machine: OK")
try:
# 4) Enable VPN for VPC
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc.id
)
ip = src_nat_list[0]
except Exception as e:
self.fail(e)
finally:
self.logger.debug("Acquired public ip address: OK")
try:
vpn = Vpn.create(self.apiclient,
publicipid=ip.id,
account=self.account.name,
domainid=self.account.domainid,
iprange=self.services["vpn"]["iprange"],
fordisplay=self.services["vpn"]["fordisplay"]
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(vpn, "Failed to create Remote Access VPN")
self.logger.debug("Created Remote Access VPN: OK")
vpnUser = None
# 5) Add VPN user for VPC
try:
vpnUser = VpnUser.create(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
username=self.services["vpn"]["vpn_user"],
password=self.services["vpn"]["vpn_pass"]
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(
vpnUser, "Failed to create Remote Access VPN User")
self.logger.debug("Created VPN User: OK")
# TODO: Add an actual remote vpn connection test from a remote vpc
try:
# 9) Disable VPN for VPC
vpn.delete(self.apiclient)
except Exception as e:
self.fail(e)
finally:
self.logger.debug("Deleted the Remote Access VPN: OK")
def test_01_vpc_remote_access_vpn(self):
"""Test Remote Access VPN in VPC"""
# 1) Create VPC
vpc_offering = VpcOffering.list(self.apiclient, isdefault=True)
self.assertTrue(vpc_offering is not None and len(vpc_offering) > 0,
"No VPC offerings found")
vpc = VPC.create(apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.vpn",
vpcofferingid=vpc_offering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id)
self.assertIsNotNone(vpc, "VPC creation failed")
self.logger.debug("VPC %s created" % (vpc.id))
self.cleanup.append(vpc)
# 2) Create network in VPC
ntwk = Network.create(apiclient=self.apiclient,
services=self.services["network_1"],
accountid=self.account.name,
domainid=self.domain.id,
networkofferingid=self.network_offerings[0].id,
zoneid=self.zone.id,
vpcid=vpc.id)
self.assertIsNotNone(ntwk, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" % (ntwk.id, vpc.id))
self.cleanup.append(ntwk)
# 3) Deploy a vm
vm = VirtualMachine.create(self.apiclient,
services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.domain.id,
serviceofferingid=self.compute_offering.id,
networkids=ntwk.id,
hypervisor=self.hypervisor)
self.assertIsNotNone(vm, "VM failed to deploy")
self.assertEquals(vm.state, 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id))
self.logger.debug("Deployed virtual machine: OK")
self.cleanup.append(vm)
# 4) Enable VPN for VPC
src_nat_list = PublicIPAddress.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc.id)
ip = src_nat_list[0]
self.logger.debug("Acquired public ip address: OK")
vpn = Vpn.create(self.apiclient,
publicipid=ip.id,
account=self.account.name,
domainid=self.account.domainid,
iprange=self.services["vpn"]["iprange"],
fordisplay=self.services["vpn"]["fordisplay"])
self.assertIsNotNone(vpn, "Failed to create Remote Access VPN")
self.logger.debug("Created Remote Access VPN: OK")
vpn_user = None
# 5) Add VPN user for VPC
vpn_user = VpnUser.create(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
username=self.services["vpn"]["vpn_user"],
password=self.services["vpn"]["vpn_pass"])
self.assertIsNotNone(vpn_user,
"Failed to create Remote Access VPN User")
self.logger.debug("Created VPN User: OK")
# TODO: Add an actual remote vpn connection test from a remote vpc
# 9) Disable VPN for VPC
vpn.delete(self.apiclient)
self.logger.debug("Deleted the Remote Access VPN: OK")
def test_02_acquire_public_ip_in_vpc(self):
# Validate the following
# 1. create a VPC with default offering.
# 2. assign a specified IP from subnet which is dedicated to domain1, it should succeed
# 3. assign a specified IP from subnet which is dedicated to domain1/account1, it should succeed
# 4. assign a specified IP from subnet which is dedicated to domain2, it should fail
# 5. assign a specified IP from subnet which is dedicated to domain2/account2, it should fail
# 6. update account setting use.system.public.ips to false, assign a specified IP from subnet which is public, it should fail
# 7. update account setting use.system.public.ips to true, assign a specified IP from subnet which is public, it should succeed
vpcOffering = VpcOffering.list(self.apiclient, name="Default VPC offering")
vpc = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account1.name,
domainid=self.account1.domainid
)
# Associate IP in range dedicated to domain1
ip_address_1 = self.get_free_ipaddress(self.public_ip_range1.vlan.id)
ipaddress = PublicIPAddress.create(
self.apiclient,
zoneid=self.zone.id,
vpcid=vpc.id,
ipaddress=ip_address_1
)
self.assertIsNotNone(
ipaddress,
"Failed to Associate IP Address"
)
self.cleanup.append(ipaddress)
self.assertEqual(ipaddress.ipaddress.ipaddress, ip_address_1, "Associated IP is not same as specified")
# Associate IP in range dedicated to domain1/account1
ip_address_2 = self.get_free_ipaddress(self.public_ip_range2.vlan.id)
ipaddress = PublicIPAddress.create(
self.apiclient,
zoneid=self.zone.id,
vpcid=vpc.id,
ipaddress=ip_address_2
)
self.assertIsNotNone(
ipaddress,
"Failed to Associate IP Address"
)
self.cleanup.append(ipaddress)
self.assertEqual(ipaddress.ipaddress.ipaddress, ip_address_2, "Associated IP is not same as specified")
# Associate IP in range dedicated to domain2
ip_address_3 = self.get_free_ipaddress(self.public_ip_range3.vlan.id)
with self.assertRaises(Exception):
ipaddress = PublicIPAddress.create(
self.apiclient,
zoneid=self.zone.id,
vpcid=vpc.id,
ipaddress=ip_address_3
)
# Associate IP in range dedicated to domain2/account2
ip_address_4 = self.get_free_ipaddress(self.public_ip_range4.vlan.id)
with self.assertRaises(Exception):
ipaddress = PublicIPAddress.create(
self.apiclient,
zoneid=self.zone.id,
vpcid=vpc.id,
ipaddress=ip_address_4
)
# Associate IP in public IP pool
Configurations.update(
self.apiclient,
name="use.system.public.ips",
value="false",
accountid=self.account1.id
)
ip_address_5 = self.get_free_ipaddress(self.public_ip_range5.vlan.id)
with self.assertRaises(Exception):
ipaddress = PublicIPAddress.create(
self.apiclient,
zoneid=self.zone.id,
vpcid=vpc.id,
ipaddress=ip_address_5
)
Configurations.update(
self.apiclient,
name="use.system.public.ips",
value="true",
accountid=self.account1.id
)
ipaddress = PublicIPAddress.create(
self.apiclient,
zoneid=self.zone.id,
vpcid=vpc.id,
ipaddress=ip_address_5
)
self.assertIsNotNone(
ipaddress,
"Failed to Associate IP Address"
)
self.cleanup.append(ipaddress)
self.assertEqual(ipaddress.ipaddress.ipaddress, ip_address_5, "Associated IP is not same as specified")
self.cleanup.append(vpc)
return
def test_vpc_remote_access_vpn(self):
"""Test Remote Access VPN in VPC"""
# 0) Get the default network offering for VPC
self.logger.debug("Retrieving default VPC offering")
networkOffering = NetworkOffering.list(
self.apiclient,
name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(networkOffering) > 0,
"No VPC based network offering")
# 1) Create VPC
vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
self.assert_(vpcOffering is not None and len(vpcOffering) > 0,
"No VPC offerings found")
try:
vpc = VPC.create(apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc is not None, "VPC creation failed")
self.logger.debug("VPC %s created" % (vpc.id))
try:
# 2) Create network in VPC
ntwk = Network.create(apiclient=self.apiclient,
services=self.services["network_1"],
accountid=self.account.name,
domainid=self.domain.id,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc.id)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" %
(ntwk.id, vpc.id))
try:
# 3) Deploy a vm
vm = VirtualMachine.create(
self.apiclient,
services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.domain.id,
serviceofferingid=self.compute_offering.id,
networkids=ntwk.id,
hypervisor=self.services["virtual_machine"]["hypervisor"])
self.assert_(vm is not None, "VM failed to deploy")
self.assert_(vm.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id))
except Exception as e:
self.fail(e)
finally:
self.logger.debug("Deployed virtual machine: OK")
try:
# 4) Enable VPN for VPC
src_nat_list = PublicIPAddress.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc.id)
ip = src_nat_list[0]
except Exception as e:
self.fail(e)
finally:
self.logger.debug("Acquired public ip address: OK")
try:
vpn = Vpn.create(self.apiclient,
publicipid=ip.id,
account=self.account.name,
domainid=self.account.domainid,
iprange=self.services["vpn"]["iprange"],
fordisplay=self.services["vpn"]["fordisplay"])
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(vpn, "Failed to create Remote Access VPN")
self.logger.debug("Created Remote Access VPN: OK")
vpnUser = None
# 5) Add VPN user for VPC
try:
vpnUser = VpnUser.create(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
username=self.services["vpn"]["vpn_user"],
password=self.services["vpn"]["vpn_pass"])
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(vpnUser,
"Failed to create Remote Access VPN User")
self.logger.debug("Created VPN User: OK")
#TODO: Add an actual remote vpn connection test from a remote vpc
try:
# 9) Disable VPN for VPC
vpn.delete(self.apiclient)
except Exceptio as e:
self.fail(e)
finally:
self.logger.debug("Deleted the Remote Access VPN: OK")
def test_vpc_site2site_vpn(self):
"""Test VPN in VPC"""
# 0) Get the default network offering for VPC
networkOffering = NetworkOffering.list(
self.apiclient,
name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(networkOffering) > 0,
"No VPC based network offering")
# 1) Create VPC offering
vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
self.assert_(vpcOffering is not None and len(vpcOffering) > 0,
"No VPC offerings found")
# Create VPC 1
try:
vpc1 = VPC.create(apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc1.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc1 is not None, "VPC1 creation failed")
self.logger.debug("VPC1 %s created" % (vpc1.id))
# Create VPC 2
try:
vpc2 = VPC.create(apiclient=self.apiclient,
services=self.services["vpc2"],
networkDomain="vpc2.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc2 is not None, "VPC2 creation failed")
self.logger.debug("VPC2 %s created" % (vpc2.id))
default_acl = NetworkACLList.list(self.apiclient,
name="default_allow")[0]
# Create network in VPC 1
try:
ntwk1 = Network.create(apiclient=self.apiclient,
services=self.services["network_1"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc1.id,
aclid=default_acl.id)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk1, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))
# Create network in VPC 2
try:
ntwk2 = Network.create(apiclient=self.apiclient,
services=self.services["network_2"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc2.id,
aclid=default_acl.id)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk2, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))
# Deploy a vm in network 2
try:
vm1 = VirtualMachine.create(
self.apiclient,
services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk1.id,
hypervisor=self.services["virtual_machine"]["hypervisor"])
except Exception as e:
self.fail(e)
finally:
self.assert_(vm1 is not None, "VM failed to deploy")
self.assert_(vm1.state == 'Running', "VM is not running")
self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))
# Deploy a vm in network 2
try:
vm2 = VirtualMachine.create(
self.apiclient,
services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk2.id,
hypervisor=self.services["virtual_machine"]["hypervisor"])
except Exception as e:
self.fail(e)
finally:
self.assert_(vm2 is not None, "VM failed to deploy")
self.assert_(vm2.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id))
# 4) Enable Site-to-Site VPN for VPC
vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
self.assert_(vpn1_response is not None,
"Failed to enable VPN Gateway 1")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)
vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
self.assert_(vpn2_response is not None,
"Failed to enable VPN Gateway 2")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)
# 5) Add VPN Customer gateway info
src_nat_list = PublicIPAddress.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc1.id)
ip1 = src_nat_list[0]
src_nat_list = PublicIPAddress.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc2.id)
ip2 = src_nat_list[0]
services = self.services["vpncustomergateway"]
customer1_response = VpnCustomerGateway.create(
self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr,
self.account.name, self.domain.id)
self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id)
self.logger.debug(vars(customer1_response))
customer2_response = VpnCustomerGateway.create(
self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr,
self.account.name, self.domain.id)
self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id)
self.logger.debug(vars(customer2_response))
# 6) Connect two VPCs
vpnconn1_response = Vpn.createVpnConnection(self.apiclient,
customer1_response.id,
vpn2_response['id'], True)
self.debug("VPN passive connection created for VPC %s" % vpc2.id)
vpnconn2_response = Vpn.createVpnConnection(self.apiclient,
customer2_response.id,
vpn1_response['id'])
self.debug("VPN connection created for VPC %s" % vpc1.id)
self.assertEqual(vpnconn2_response['state'], "Connected",
"Failed to connect between VPCs!")
# acquire an extra ip address to use to ssh into vm2
try:
vm2.public_ip = PublicIPAddress.create(
apiclient=self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
services=self.services,
networkid=ntwk2.id,
vpcid=vpc2.id)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm2.public_ip is not None,
"Failed to aqcuire public ip for vm2")
# Create port forward to be able to ssh into vm2
try:
natrule = self.create_natrule(vpc2, vm2, 22, 22, vm2.public_ip,
ntwk2)
except Exception as e:
self.fail(e)
finally:
self.assert_(natrule is not None,
"Failed to create portforward for vm2")
time.sleep(10)
# setup ssh connection to vm2
ssh_client = self.get_ssh_client(vm2, self.services, 10)
if ssh_client:
# run ping test
packet_loss = ssh_client.execute(
"/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress +
" |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
self.assert_(int(packet_loss) == 0, "Ping did not succeed")
else:
self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
def test_vpc_site2site_vpn(self):
"""Test VPN in VPC"""
# 0) Get the default network offering for VPC
networkOffering = NetworkOffering.list(
self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(
networkOffering) > 0, "No VPC based network offering")
# 1) Create VPC offering
vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
self.assert_(vpcOffering is not None and len(
vpcOffering) > 0, "No VPC offerings found")
# Create VPC 1
try:
vpc1 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc1.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc1 is not None, "VPC1 creation failed")
self.logger.debug("VPC1 %s created" % (vpc1.id))
# Create VPC 2
try:
vpc2 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc2"],
networkDomain="vpc2.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc2 is not None, "VPC2 creation failed")
self.logger.debug("VPC2 %s created" % (vpc2.id))
default_acl = NetworkACLList.list(
self.apiclient, name="default_allow")[0]
# Create network in VPC 1
try:
ntwk1 = Network.create(
apiclient=self.apiclient,
services=self.services["network_1"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc1.id,
aclid=default_acl.id
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk1, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))
# Create network in VPC 2
try:
ntwk2 = Network.create(
apiclient=self.apiclient,
services=self.services["network_2"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc2.id,
aclid=default_acl.id
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk2, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))
# Deploy a vm in network 2
try:
vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk1.id,
hypervisor=self.services[
"virtual_machine"]["hypervisor"]
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm1 is not None, "VM failed to deploy")
self.assert_(vm1.state == 'Running', "VM is not running")
self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))
# Deploy a vm in network 2
try:
vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk2.id,
hypervisor=self.services[
"virtual_machine"]["hypervisor"]
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm2 is not None, "VM failed to deploy")
self.assert_(vm2.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id))
# 4) Enable Site-to-Site VPN for VPC
vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
self.assert_(
vpn1_response is not None, "Failed to enable VPN Gateway 1")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)
vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
self.assert_(
vpn2_response is not None, "Failed to enable VPN Gateway 2")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)
# 5) Add VPN Customer gateway info
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc1.id
)
ip1 = src_nat_list[0]
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc2.id
)
ip2 = src_nat_list[0]
services = self.services["vpncustomergateway"]
customer1_response = VpnCustomerGateway.create(
self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id)
self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id)
self.logger.debug(vars(customer1_response))
customer2_response = VpnCustomerGateway.create(
self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id)
self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id)
self.logger.debug(vars(customer2_response))
# 6) Connect two VPCs
vpnconn1_response = Vpn.createVpnConnection(
self.apiclient, customer1_response.id, vpn2_response['id'], True)
self.debug("VPN passive connection created for VPC %s" % vpc2.id)
vpnconn2_response = Vpn.createVpnConnection(
self.apiclient, customer2_response.id, vpn1_response['id'])
self.debug("VPN connection created for VPC %s" % vpc1.id)
self.assertEqual(
vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")
# acquire an extra ip address to use to ssh into vm2
try:
vm2.public_ip = PublicIPAddress.create(
apiclient=self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
services=self.services,
networkid=ntwk2.id,
vpcid=vpc2.id)
except Exception as e:
self.fail(e)
finally:
self.assert_(
vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")
# Create port forward to be able to ssh into vm2
try:
natrule = self.create_natrule(
vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
except Exception as e:
self.fail(e)
finally:
self.assert_(
natrule is not None, "Failed to create portforward for vm2")
time.sleep(20)
# setup ssh connection to vm2
ssh_client = self.get_ssh_client(vm2, self.services, 10)
if ssh_client:
# run ping test
packet_loss = ssh_client.execute(
"/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
self.assert_(int(packet_loss) == 0, "Ping did not succeed")
else:
self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
