class AnsibleProvisioningTests(OSIntegrationTestCase):
"""
Test for the CreateInstance class with two NIC/Ports, eth0 with floating IP
and eth1 w/o
"""
def setUp(self):
"""
Instantiates the CreateImage object that is responsible for downloading
and creating an OS image file within OpenStack
"""
super(self.__class__, self).__start__()
self.nova = nova_utils.nova_client(self.os_creds, self.os_session)
guid = self.__class__.__name__ + '-' + str(uuid.uuid4())
self.keypair_priv_filepath = 'tmp/' + guid
self.keypair_pub_filepath = self.keypair_priv_filepath + '.pub'
self.keypair_name = guid + '-kp'
self.vm_inst_name = guid + '-inst'
self.test_file_local_path = 'tmp/' + guid + '-hello.txt'
self.port_1_name = guid + '-port-1'
self.port_2_name = guid + '-port-2'
self.floating_ip_name = guid + 'fip1'
# Setup members to cleanup just in case they don't get created
self.inst_creator = None
self.keypair_creator = None
self.sec_grp_creator = None
self.flavor_creator = None
self.router_creator = None
self.network_creator = None
self.image_creator = None
try:
# Create Image
os_image_settings = openstack_tests.ubuntu_image_settings(
name=guid + '-' + '-image', image_metadata=self.image_metadata)
self.image_creator = create_image.OpenStackImage(
self.os_creds, os_image_settings)
self.image_creator.create()
# First network is public
self.pub_net_config = openstack_tests.get_pub_net_config(
project_name=self.os_creds.project_name,
net_name=guid + '-pub-net',
mtu=1442,
subnet_name=guid + '-pub-subnet',
router_name=guid + '-pub-router',
external_net=self.ext_net_name)
self.network_creator = create_network.OpenStackNetwork(
self.os_creds, self.pub_net_config.network_settings)
self.network_creator.create()
# Create routers
self.router_creator = create_router.OpenStackRouter(
self.os_creds, self.pub_net_config.router_settings)
self.router_creator.create()
# Create Flavor
flavor_config = openstack_tests.get_flavor_config(
name=guid + '-flavor-name',
ram=2048,
disk=10,
vcpus=2,
metadata=self.flavor_metadata)
self.flavor_creator = create_flavor.OpenStackFlavor(
self.admin_os_creds, flavor_config)
self.flavor_creator.create()
# Create Key/Pair
self.keypair_creator = create_keypairs.OpenStackKeypair(
self.os_creds,
KeypairConfig(name=self.keypair_name,
public_filepath=self.keypair_pub_filepath,
private_filepath=self.keypair_priv_filepath))
self.keypair_creator.create()
# Create Security Group
sec_grp_name = guid + '-sec-grp'
rule1 = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.icmp)
rule2 = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=22,
port_range_max=22)
self.sec_grp_creator = OpenStackSecurityGroup(
self.os_creds,
SecurityGroupConfig(name=sec_grp_name,
rule_settings=[rule1, rule2]))
self.sec_grp_creator.create()
# Create instance
ports_settings = list()
ports_settings.append(
PortConfig(
name=self.port_1_name,
network_name=self.pub_net_config.network_settings.name))
instance_settings = VmInstanceConfig(
name=self.vm_inst_name,
flavor=self.flavor_creator.flavor_settings.name,
port_settings=ports_settings,
floating_ip_settings=[
FloatingIpConfig(
name=self.floating_ip_name,
port_name=self.port_1_name,
router_name=self.pub_net_config.router_settings.name)
])
self.inst_creator = create_instance.OpenStackVmInstance(
self.os_creds,
instance_settings,
self.image_creator.image_settings,
keypair_settings=self.keypair_creator.keypair_settings)
except:
self.tearDown()
raise
def tearDown(self):
"""
Cleans the created objects
"""
if self.inst_creator:
try:
self.inst_creator.clean()
except:
pass
if self.sec_grp_creator:
try:
self.sec_grp_creator.clean()
except:
pass
if self.keypair_creator:
try:
self.keypair_creator.clean()
except:
pass
if self.flavor_creator:
try:
self.flavor_creator.clean()
except:
pass
if os.path.isfile(self.keypair_pub_filepath):
try:
os.remove(self.keypair_pub_filepath)
except:
pass
if os.path.isfile(self.keypair_priv_filepath):
try:
os.remove(self.keypair_priv_filepath)
except:
pass
if self.router_creator:
try:
self.router_creator.clean()
except:
pass
if self.network_creator:
try:
self.network_creator.clean()
except:
pass
if self.image_creator and not self.image_creator.image_settings.exists:
try:
self.image_creator.clean()
except:
pass
if os.path.isfile(self.test_file_local_path):
os.remove(self.test_file_local_path)
super(self.__class__, self).__clean__()
def test_apply_simple_playbook(self):
"""
Tests application of an Ansible playbook that simply copies over a file
1. Have a ~/.ansible.cfg (or alternate means) to
set host_key_checking = False
2. Set the following environment variable in your executing shell:
ANSIBLE_HOST_KEY_CHECKING=False
Should this not be performed, the creation of the host ssh key will
cause your ansible calls to fail.
"""
self.inst_creator.create(block=True)
priv_ip = self.inst_creator.get_port_ip(self.port_1_name)
self.assertTrue(check_dhcp_lease(self.inst_creator, priv_ip))
# Apply Security Group
self.inst_creator.add_security_group(
self.sec_grp_creator.get_security_group())
# Block until VM's ssh port has been opened
self.assertTrue(self.inst_creator.vm_ssh_active(block=True))
# Block until cloud-init has completed
self.assertTrue(self.inst_creator.cloud_init_complete(block=True))
ssh_client = self.inst_creator.ssh_client()
self.assertIsNotNone(ssh_client)
try:
out = ssh_client.exec_command('pwd')[1].channel.in_buffer.read(
1024)
self.assertIsNotNone(out)
self.assertGreater(len(out), 1)
finally:
ssh_client.close()
# Need to use the first floating IP as subsequent ones are currently
# broken with Apex CO
ip = self.inst_creator.get_floating_ip().ip
user = self.inst_creator.get_image_user()
priv_key = self.inst_creator.keypair_settings.private_filepath
relative_pb_path = pkg_resources.resource_filename(
'snaps.provisioning.tests.playbooks', 'simple_playbook.yml')
self.inst_creator.apply_ansible_playbook(relative_pb_path)
ssh = ansible_utils.ssh_client(
ip,
user,
private_key_filepath=priv_key,
proxy_settings=self.os_creds.proxy_settings)
self.assertIsNotNone(ssh)
scp = None
try:
scp = SCPClient(ssh.get_transport())
scp.get('~/hello.txt', self.test_file_local_path)
finally:
if scp:
scp.close()
ssh.close()
self.assertTrue(os.path.isfile(self.test_file_local_path))
test_file = None
try:
with open(self.test_file_local_path) as test_file:
file_contents = test_file.readline()
self.assertEqual('Hello World!', file_contents)
finally:
if test_file:
test_file.close()
def test_apply_template_playbook(self):
"""
Tests application of an Ansible playbook that applies a template to a
file:
1. Have a ~/.ansible.cfg (or alternate means) to set
host_key_checking = False
2. Set the following environment variable in your executing shell:
ANSIBLE_HOST_KEY_CHECKING=False
Should this not be performed, the creation of the host ssh key will
cause your ansible calls to fail.
"""
self.inst_creator.create(block=True)
priv_ip = self.inst_creator.get_port_ip(self.port_1_name)
self.assertTrue(check_dhcp_lease(self.inst_creator, priv_ip))
# Apply Security Group
self.inst_creator.add_security_group(
self.sec_grp_creator.get_security_group())
# Block until VM's ssh port has been opened
self.assertTrue(self.inst_creator.vm_ssh_active(block=True))
# Block until cloud-init has completed
self.assertTrue(self.inst_creator.cloud_init_complete(block=True))
# Apply Security Group
self.inst_creator.add_security_group(
self.sec_grp_creator.get_security_group())
# Need to use the first floating IP as subsequent ones are currently
# broken with Apex CO
ip = self.inst_creator.get_floating_ip().ip
user = self.inst_creator.get_image_user()
priv_key = self.inst_creator.keypair_settings.private_filepath
relative_pb_path = pkg_resources.resource_filename(
'snaps.provisioning.tests.playbooks', 'template_playbook.yml')
self.inst_creator.apply_ansible_playbook(relative_pb_path,
variables={'name': 'Foo'})
ssh = ansible_utils.ssh_client(
ip,
user,
private_key_filepath=priv_key,
proxy_settings=self.os_creds.proxy_settings)
self.assertIsNotNone(ssh)
scp = None
try:
scp = SCPClient(ssh.get_transport())
scp.get('/tmp/hello.txt', self.test_file_local_path)
finally:
if scp:
scp.close()
ssh.close()
self.assertTrue(os.path.isfile(self.test_file_local_path))
test_file = None
try:
with open(self.test_file_local_path) as test_file:
file_contents = test_file.readline()
self.assertEqual('Hello Foo!', file_contents)
finally:
if test_file:
test_file.close()
class CreateRouterSecurityGroupTests(OSIntegrationTestCase):
"""
Class for testing routers with ports containing security groups
"""
def setUp(self):
"""
Initializes objects used for router testing
"""
super(self.__class__, self).__start__()
self.guid = self.__class__.__name__ + '-' + str(uuid.uuid4())
self.router_creator = None
self.network_creator = None
self.sec_grp_creator = OpenStackSecurityGroup(
self.os_creds, SecurityGroupConfig(name=self.guid + '-sec_grp'))
self.sec_grp_creator.create()
self.neutron = neutron_utils.neutron_client(self.os_creds,
self.os_session)
def tearDown(self):
"""
Cleans the remote OpenStack objects used for router testing
"""
if self.router_creator:
self.router_creator.clean()
if self.network_creator:
self.network_creator.clean()
if self.sec_grp_creator:
self.sec_grp_creator.clean()
super(self.__class__, self).__clean__()
def test_create_router_secure_port(self):
"""
Test creation of a router with a port that has a security group.
"""
network_settings = NetworkConfig(
name=self.guid + '-pub-net1',
subnet_settings=[
create_network.SubnetConfig(cidr=cidr1,
name=self.guid + '-pub-subnet1')
])
self.network_creator = OpenStackNetwork(self.os_creds,
network_settings)
self.network_creator.create()
port_settings = [
create_network.PortConfig(
name=self.guid + '-port1',
ip_addrs=[{
'subnet_name': network_settings.subnet_settings[0].name,
'ip': static_gateway_ip1
}],
network_name=network_settings.name,
security_groups=[self.sec_grp_creator.sec_grp_settings.name])
]
router_settings = RouterConfig(name=self.guid + '-pub-router',
external_gateway=self.ext_net_name,
port_settings=port_settings)
self.router_creator = create_router.OpenStackRouter(
self.os_creds, router_settings)
self.router_creator.create()
class CreateSecurityGroupTests(OSIntegrationTestCase):
"""
Test for the CreateSecurityGroup class defined in create_security_group.py
"""
def setUp(self):
"""
Instantiates the CreateSecurityGroup object that is responsible for
downloading and creating an OS image file within OpenStack
"""
super(self.__class__, self).__start__()
guid = self.__class__.__name__ + '-' + str(uuid.uuid4())
self.sec_grp_name = guid + 'name'
self.neutron = neutron_utils.neutron_client(self.os_creds,
self.os_session)
# Initialize for cleanup
self.sec_grp_creator = None
def tearDown(self):
"""
Cleans the image and downloaded image file
"""
if self.sec_grp_creator:
self.sec_grp_creator.clean()
super(self.__class__, self).__clean__()
def test_create_group_without_rules(self):
"""
Tests the creation of an OpenStack Security Group without custom rules.
"""
# Create Security Group
sec_grp_settings = SecurityGroupConfig(name=self.sec_grp_name,
description='hello group')
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
self.assertIsNotNone(sec_grp)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group()))
def test_create_group_admin_user_to_new_project(self):
"""
Tests the creation of an OpenStack Security Group without custom rules.
"""
# Create Security Group
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
project_name=self.os_creds.project_name)
self.sec_grp_creator = OpenStackSecurityGroup(self.admin_os_creds,
sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
self.assertIsNotNone(sec_grp)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
self.assertEqual(self.sec_grp_creator.get_security_group().id,
sec_grp.id)
proj_creator = OpenStackSecurityGroup(
self.os_creds, SecurityGroupConfig(name=self.sec_grp_name))
proj_creator.create()
self.assertEqual(self.sec_grp_creator.get_security_group().id,
proj_creator.get_security_group().id)
def test_create_group_new_user_to_admin_project(self):
"""
Tests the creation of an OpenStack Security Group without custom rules.
"""
# Create Security Group
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
project_name=self.os_creds.project_name)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.admin_os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
self.assertIsNotNone(sec_grp)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
def test_create_delete_group(self):
"""
Tests the creation of an OpenStack Security Group without custom rules.
"""
# Create Security Group
sec_grp_settings = SecurityGroupConfig(name=self.sec_grp_name,
description='hello group')
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
created_sec_grp = self.sec_grp_creator.create()
self.assertIsNotNone(created_sec_grp)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group()))
neutron_utils.delete_security_group(self.neutron, created_sec_grp)
self.assertIsNone(
neutron_utils.get_security_group(
self.neutron,
self.keystone,
sec_grp_settings=self.sec_grp_creator.sec_grp_settings))
self.sec_grp_creator.clean()
def test_create_group_with_one_simple_rule(self):
"""
Tests the creation of an OpenStack Security Group with one simple
custom rule.
"""
# Create Security Group
sec_grp_rule_settings = list()
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.ingress,
description='test_rule_1'))
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
rule_settings=sec_grp_rule_settings)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
def test_create_group_with_one_complex_rule(self):
"""
Tests the creation of an OpenStack Security Group with one simple
custom rule.
"""
# Create Security Group
sec_grp_rule_settings = list()
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv4,
port_range_min=10,
port_range_max=20,
description='test_rule_1'))
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
rule_settings=sec_grp_rule_settings)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
def test_create_group_with_several_rules(self):
"""
Tests the creation of an OpenStack Security Group with one simple
custom rule.
"""
# Create Security Group
sec_grp_rule_settings = list()
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.ingress,
description='test_rule_1'))
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv6,
description='test_rule_2'))
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv4,
port_range_min=10,
port_range_max=20,
description='test_rule_3'))
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
rule_settings=sec_grp_rule_settings)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
def test_add_rule(self):
"""
Tests the creation of an OpenStack Security Group with one simple
custom rule then adds one after creation.
"""
# Create Security Group
sec_grp_rule_settings = list()
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.ingress,
description='test_rule_1'))
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
rule_settings=sec_grp_rule_settings)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.sec_grp_creator.add_rule(
SecurityGroupRuleConfig(
sec_grp_name=self.sec_grp_creator.sec_grp_settings.name,
direction=Direction.egress,
protocol=Protocol.icmp,
description='test_rule_2'))
rules2 = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(rules) + 1, len(rules2))
def test_remove_rule_by_id(self):
"""
Tests the creation of an OpenStack Security Group with two simple
custom rules then removes one by the rule ID.
"""
# Create Security Group
sec_grp_rule_settings = list()
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.ingress,
description='test_rule_1'))
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv6,
description='test_rule_2'))
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv4,
port_range_min=10,
port_range_max=20,
description='test_rule_3'))
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
rule_settings=sec_grp_rule_settings)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
self.sec_grp_creator.remove_rule(rule_id=rules[0].id)
rules_after_del = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(rules) - 1, len(rules_after_del))
def test_remove_rule_by_setting(self):
"""
Tests the creation of an OpenStack Security Group with two simple
custom rules then removes one by the rule setting object
"""
# Create Security Group
sec_grp_rule_settings = list()
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.ingress,
description='test_rule_1'))
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv6,
description='test_rule_2'))
sec_grp_rule_settings.append(
SecurityGroupRuleConfig(sec_grp_name=self.sec_grp_name,
direction=Direction.egress,
protocol=Protocol.udp,
ethertype=Ethertype.IPv4,
port_range_min=10,
port_range_max=20,
description='test_rule_3'))
sec_grp_settings = SecurityGroupConfig(
name=self.sec_grp_name,
description='hello group',
rule_settings=sec_grp_rule_settings)
self.sec_grp_creator = create_security_group.OpenStackSecurityGroup(
self.os_creds, sec_grp_settings)
self.sec_grp_creator.create()
sec_grp = neutron_utils.get_security_group(
self.neutron, self.keystone, sec_grp_settings=sec_grp_settings)
validation_utils.objects_equivalent(
self.sec_grp_creator.get_security_group(), sec_grp)
rules = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(self.sec_grp_creator.get_rules()), len(rules))
validation_utils.objects_equivalent(self.sec_grp_creator.get_rules(),
rules)
self.assertTrue(
validate_sec_grp(self.neutron, self.keystone,
self.sec_grp_creator.sec_grp_settings,
self.sec_grp_creator.get_security_group(), rules))
self.sec_grp_creator.remove_rule(rule_setting=sec_grp_rule_settings[0])
rules_after_del = neutron_utils.get_rules_by_security_group(
self.neutron, self.sec_grp_creator.get_security_group())
self.assertEqual(len(rules) - 1, len(rules_after_del))
class CreateMultipleSecurityGroupTests(OSIntegrationTestCase):
"""
Test for the CreateSecurityGroup class and how it interacts with security
groups within other projects with the same name
"""
def setUp(self):
"""
Instantiates the CreateSecurityGroup object that is responsible for
downloading and creating an OS image file within OpenStack
"""
super(self.__class__, self).__start__()
guid = self.__class__.__name__ + '-' + str(uuid.uuid4())
self.sec_grp_name = guid + 'name'
self.neutron = neutron_utils.neutron_client(self.os_creds,
self.os_session)
# Initialize for cleanup
self.admin_sec_grp_config = SecurityGroupConfig(
name=self.sec_grp_name, description='hello group')
self.sec_grp_creator_admin = OpenStackSecurityGroup(
self.admin_os_creds, self.admin_sec_grp_config)
self.sec_grp_creator_admin.create()
self.sec_grp_creator_proj = None
def tearDown(self):
"""
Cleans the image and downloaded image file
"""
if self.sec_grp_creator_admin:
self.sec_grp_creator_admin.clean()
if self.sec_grp_creator_proj:
self.sec_grp_creator_proj.clean()
super(self.__class__, self).__clean__()
def test_sec_grp_same_name_diff_proj(self):
"""
Tests the creation of an OpenStack Security Group with the same name
within a different project/tenant.
"""
# Create Security Group
sec_grp_config = SecurityGroupConfig(name=self.sec_grp_name,
description='hello group')
self.sec_grp_creator_proj = OpenStackSecurityGroup(
self.os_creds, sec_grp_config)
self.sec_grp_creator_proj.create()
self.assertNotEqual(self.sec_grp_creator_admin.get_security_group().id,
self.sec_grp_creator_proj.get_security_group().id)
admin_sec_grp_creator = OpenStackSecurityGroup(
self.admin_os_creds, self.admin_sec_grp_config)
admin_sec_grp_creator.create()
self.assertEqual(self.sec_grp_creator_admin.get_security_group().id,
admin_sec_grp_creator.get_security_group().id)
proj_sec_grp_creator = OpenStackSecurityGroup(self.os_creds,
sec_grp_config)
proj_sec_grp_creator.create()
self.assertEqual(self.sec_grp_creator_proj.get_security_group().id,
proj_sec_grp_creator.get_security_group().id)
class SettingsUtilsVmInstTests(OSComponentTestCase):
"""
Tests the ability to reverse engineer VmInstanceConfig objects from
existing VMs/servers deployed to OpenStack
"""
def setUp(self):
"""
Instantiates the CreateImage object that is responsible for downloading
and creating an OS image file within OpenStack
"""
self.nova = nova_utils.nova_client(self.os_creds, self.os_session)
self.keystone = keystone_utils.keystone_client(self.os_creds,
self.os_session)
self.glance = glance_utils.glance_client(self.os_creds,
self.os_session)
self.neutron = neutron_utils.neutron_client(self.os_creds,
self.os_session)
guid = self.__class__.__name__ + '-' + str(uuid.uuid4())
self.keypair_priv_filepath = 'tmp/' + guid
self.keypair_pub_filepath = self.keypair_priv_filepath + '.pub'
self.keypair_name = guid + '-kp'
self.vm_inst_name = guid + '-inst'
self.test_file_local_path = 'tmp/' + guid + '-hello.txt'
self.port_1_name = guid + '-port-1'
self.port_2_name = guid + '-port-2'
self.floating_ip_name = guid + 'fip1'
# Setup members to cleanup just in case they don't get created
self.inst_creator = None
self.keypair_creator = None
self.sec_grp_creator = None
self.flavor_creator = None
self.router_creator = None
self.network_creator = None
self.image_creator = None
try:
# Create Image
os_image_settings = openstack_tests.cirros_image_settings(
name=guid + '-' + '-image', image_metadata=self.image_metadata)
self.image_creator = create_image.OpenStackImage(
self.os_creds, os_image_settings)
self.image_creator.create()
# First network is public
self.pub_net_config = openstack_tests.get_pub_net_config(
project_name=self.os_creds.project_name,
net_name=guid + '-pub-net',
subnet_name=guid + '-pub-subnet',
router_name=guid + '-pub-router',
external_net=self.ext_net_name)
self.network_creator = create_network.OpenStackNetwork(
self.os_creds, self.pub_net_config.network_settings)
self.network_creator.create()
# Create routers
self.router_creator = create_router.OpenStackRouter(
self.os_creds, self.pub_net_config.router_settings)
self.router_creator.create()
# Create Flavor
self.flavor_creator = create_flavor.OpenStackFlavor(
self.os_creds,
FlavorConfig(name=guid + '-flavor-name',
ram=256,
disk=1,
vcpus=1))
self.flavor_creator.create()
# Create Key/Pair
self.keypair_creator = create_keypairs.OpenStackKeypair(
self.os_creds,
KeypairConfig(name=self.keypair_name,
public_filepath=self.keypair_pub_filepath,
private_filepath=self.keypair_priv_filepath))
self.keypair_creator.create()
# Create Security Group
sec_grp_name = guid + '-sec-grp'
rule1 = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.icmp)
rule2 = SecurityGroupRuleConfig(sec_grp_name=sec_grp_name,
direction=Direction.ingress,
protocol=Protocol.tcp,
port_range_min=22,
port_range_max=22)
self.sec_grp_creator = OpenStackSecurityGroup(
self.os_creds,
SecurityGroupConfig(name=sec_grp_name,
rule_settings=[rule1, rule2]))
self.sec_grp_creator.create()
# Create instance
ports_settings = list()
ports_settings.append(
PortConfig(
name=self.port_1_name,
network_name=self.pub_net_config.network_settings.name))
instance_settings = VmInstanceConfig(
name=self.vm_inst_name,
flavor=self.flavor_creator.flavor_settings.name,
port_settings=ports_settings,
floating_ip_settings=[
FloatingIpConfig(
name=self.floating_ip_name,
port_name=self.port_1_name,
router_name=self.pub_net_config.router_settings.name)
])
self.inst_creator = create_instance.OpenStackVmInstance(
self.os_creds,
instance_settings,
self.image_creator.image_settings,
keypair_settings=self.keypair_creator.keypair_settings)
except:
self.tearDown()
raise
def tearDown(self):
"""
Cleans the created objects
"""
if self.inst_creator:
try:
self.inst_creator.clean()
except:
pass
if self.sec_grp_creator:
try:
self.sec_grp_creator.clean()
except:
pass
if self.keypair_creator:
try:
self.keypair_creator.clean()
except:
pass
if self.flavor_creator:
try:
self.flavor_creator.clean()
except:
pass
if os.path.isfile(self.keypair_pub_filepath):
try:
os.remove(self.keypair_pub_filepath)
except:
pass
if os.path.isfile(self.keypair_priv_filepath):
try:
os.remove(self.keypair_priv_filepath)
except:
pass
if self.router_creator:
try:
self.router_creator.clean()
except:
pass
if self.network_creator:
try:
self.network_creator.clean()
except:
pass
if self.image_creator and not self.image_creator.image_settings.exists:
try:
self.image_creator.clean()
except:
pass
if os.path.isfile(self.test_file_local_path):
os.remove(self.test_file_local_path)
super(self.__class__, self).__clean__()
def test_derive_vm_inst_config(self):
"""
Validates the utility function settings_utils#create_vm_inst_config
returns an acceptable VmInstanceConfig object
"""
self.inst_creator.create(block=True)
server = nova_utils.get_server(
self.nova,
self.neutron,
self.keystone,
vm_inst_settings=self.inst_creator.instance_settings)
derived_vm_settings = settings_utils.create_vm_inst_config(
self.nova, self.keystone, self.neutron, server,
self.os_creds.project_name)
self.assertIsNotNone(derived_vm_settings)
self.assertIsNotNone(derived_vm_settings.port_settings)
self.assertIsNotNone(derived_vm_settings.floating_ip_settings)
def test_derive_image_settings(self):
"""
Validates the utility function settings_utils#create_image_settings
returns an acceptable ImageConfig object
"""
self.inst_creator.create(block=True)
server = nova_utils.get_server(
self.nova,
self.neutron,
self.keystone,
vm_inst_settings=self.inst_creator.instance_settings)
derived_image_settings = settings_utils.determine_image_config(
self.glance, server, [self.image_creator.image_settings])
self.assertIsNotNone(derived_image_settings)
self.assertEqual(self.image_creator.image_settings.name,
derived_image_settings.name)