def test_04_publicip_per_project(self):
"""Test Public IP limit per project
"""
# Validate the following
# 1. set max no of IPs per project to 2.
# 2. Create an account in this domain
# 3. Create 1 VM in this domain
# 4. Acquire 1 IP in the domain. IP should be successfully acquired
# 5. Try to acquire 3rd IP in this domain. It should give the user an
# appropriate error and an alert should be generated.
self.debug("Updating public IP resource limits for project: %s" % self.project.id)
# Set usage_vm=1 for Account 1
update_resource_limit(self.apiclient, 1, max=2, projectid=self.project.id) # Public Ip
self.debug("Deploying VM for Project: %s" % self.project.id)
virtual_machine_1 = VirtualMachine.create(
self.apiclient,
self.services["server"],
templateid=self.template.id,
serviceofferingid=self.service_offering.id,
projectid=self.project.id,
)
self.cleanup.append(virtual_machine_1)
# Verify VM state
self.assertEqual(virtual_machine_1.state, "Running", "Check VM state is Running or not")
networks = Network.list(self.apiclient, projectid=self.project.id, listall=True)
self.assertEqual(isinstance(networks, list), True, "Check list networks response returns a valid response")
self.assertNotEqual(len(networks), 0, "Check list networks response returns a valid network")
network = networks[0]
self.debug("Associating public IP for project: %s" % self.project.id)
public_ip_1 = PublicIPAddress.create(
self.apiclient,
zoneid=virtual_machine_1.zoneid,
services=self.services["server"],
networkid=network.id,
projectid=self.project.id,
)
self.cleanup.append(public_ip_1)
# Verify Public IP state
self.assertEqual(
public_ip_1.ipaddress.state in ["Allocated", "Allocating"],
True,
"Check Public IP state is allocated or not",
)
# Exception should be raised for second Public IP
with self.assertRaises(Exception):
PublicIPAddress.create(
self.apiclient,
zoneid=virtual_machine_1.zoneid,
services=self.services["server"],
networkid=network.id,
projectid=self.project.id,
)
return
def acquire_Public_Ip(self):
"""Acquires the public IP"""
try:
self.debug("Acquiring public IP for account: %s" %
self.account.name)
public_ip = PublicIPAddress.create(
self.apiclient,
self.virtual_machine.account,
self.virtual_machine.zoneid,
self.virtual_machine.domainid,
self.services["virtual_machine"]
)
self.debug("Acquired public IP: %s" %
public_ip.ipaddress.ipaddress)
FireWallRule.create(
self.apiclient,
ipaddressid=public_ip.ipaddress.id,
protocol='TCP',
cidrlist=[self.services["fwrule"]["cidr"]],
startport=self.services["fwrule"]["startport"],
endport=self.services["fwrule"]["endport"]
)
return public_ip
except Exception as e:
self.fail("Failed to acquire new public IP: %s" % e)
def createNetworkRulesForVM(apiclient, virtualmachine, ruletype,
account, networkruledata):
"""Acquire IP, create Firewall and NAT/StaticNAT rule
(associating it with given vm) for that IP"""
try:
public_ip = PublicIPAddress.create(
apiclient,accountid=account.name,
zoneid=virtualmachine.zoneid,domainid=account.domainid,
networkid=virtualmachine.nic[0].networkid)
FireWallRule.create(
apiclient,ipaddressid=public_ip.ipaddress.id,
protocol='TCP', cidrlist=[networkruledata["fwrule"]["cidr"]],
startport=networkruledata["fwrule"]["startport"],
endport=networkruledata["fwrule"]["endport"]
)
if ruletype == NAT_RULE:
# Create NAT rule
NATRule.create(apiclient, virtualmachine,
networkruledata["natrule"],ipaddressid=public_ip.ipaddress.id,
networkid=virtualmachine.nic[0].networkid)
elif ruletype == STATIC_NAT_RULE:
# Enable Static NAT for VM
StaticNATRule.enable(apiclient,public_ip.ipaddress.id,
virtualmachine.id, networkid=virtualmachine.nic[0].networkid)
except Exception as e:
[FAIL, e]
return [PASS, public_ip]
def create_vm(self, pfrule=False, egress_policy=True, RR=False):
self.create_network_offering(egress_policy, RR)
# Creating network using the network offering created
self.debug("Creating network with network offering: %s" % self.network_offering.id)
self.network = Network.create(
self.apiclient,
self.services["network"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=self.network_offering.id,
zoneid=self.zone.id,
)
self.debug("Created network with ID: %s" % self.network.id)
self.debug("Deploying instance in the account: %s" % self.account.name)
project = None
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.domain.id,
serviceofferingid=self.service_offering.id,
mode=self.zone.networktype if pfrule else "basic",
networkids=[str(self.network.id)],
projectid=project.id if project else None,
)
self.debug("Deployed instance %s in account: %s" % (self.virtual_machine.id, self.account.name))
# Checking if VM is running or not, in case it is deployed in error state, test case fails
self.vm_list = list_virtual_machines(self.apiclient, id=self.virtual_machine.id)
self.assertEqual(validateList(self.vm_list)[0], PASS, "vm list validation failed, vm list is %s" % self.vm_list)
self.assertEqual(
str(self.vm_list[0].state).lower(),
"running",
"VM state should be running, it is %s" % self.vm_list[0].state,
)
self.public_ip = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=self.network.id,
)
# Open up firewall port for SSH
FireWallRule.create(
self.apiclient,
ipaddressid=self.public_ip.ipaddress.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=["0.0.0.0/0"],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"],
)
self.debug("Creating NAT rule for VM ID: %s" % self.virtual_machine.id)
# Create NAT rule
NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], self.public_ip.ipaddress.id)
return
def acquire_Public_Ip(self):
"""Acquires the public IP"""
try:
self.debug("Acquiring public IP for account: %s" %
self.account.name)
public_ip = PublicIPAddress.create(
self.apiclient,
self.virtual_machine.account,
self.virtual_machine.zoneid,
self.virtual_machine.domainid,
self.services["virtual_machine"]
)
self.debug("Acquired public IP: %s" %
public_ip.ipaddress.ipaddress)
self.debug("Configuring NAT rule for the acquired public ip")
NATRule.create(
self.apiclient,
self.virtual_machine,
self.services["natrule"],
ipaddressid=public_ip.ipaddress.id
)
return public_ip
except Exception as e:
self.fail("Failed to acquire new public IP: %s" % e)
def setUp(self):
self.apiclient = self.testClient.getApiClient()
self.dbclient = self.testClient.getDbConnection()
self.account = Account.create(self.apiclient, self.services["account"], domainid=self.domain.id)
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
)
self.virtual_machine_2 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
)
self.public_ip = PublicIPAddress.create(
self.apiclient,
self.virtual_machine.account,
self.virtual_machine.zoneid,
self.virtual_machine.domainid,
self.services["virtual_machine"],
)
NATRule.create(
self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id
)
self.cleanup = [self.account]
return
def setUp(self):
try:
self.apiclient = self.testClient.getApiClient()
self.dbclient = self.testClient.getDbConnection()
self.account = Account.create(
self.apiclient,
self.services["account"],
domainid=self.domain.id
)
self.cleanup = [
self.account,
]
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
self.public_ip = PublicIPAddress.create(
self.apiclient,
accountid=self.virtual_machine.account,
zoneid=self.virtual_machine.zoneid,
domainid=self.virtual_machine.domainid,
services=self.services["virtual_machine"]
)
return
except CloudstackAPIException as e:
self.tearDown()
raise e
def acquire_publicip(self, network):
self.debug("Associating public IP for network: %s" % network.name)
public_ip = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=self.vpc.id)
self.debug("Associated %s with network %s" %
(public_ip.ipaddress.ipaddress, network.id))
return public_ip
def setUp(self):
self.logger = MarvinLog(MarvinLog.LOGGER_TEST).get_logger()
self.apiclient = self.testClient.getApiClient()
self.services = self.testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
self.domain = get_domain(self.apiclient)
self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
template = get_template(self.apiclient, self.zone.id)
self.services["virtual_machine"]["zoneid"] = self.zone.id
# Create an account, network, VM, Port forwarding rule, LB rules
self.account = Account.create(self.apiclient,
self.services["account"],
admin=True,
domainid=self.domain.id)
self.service_offering = get_default_virtual_machine_offering(
self.apiclient)
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id)
self.ip_address = PublicIPAddress.create(self.apiclient,
self.account.name,
self.zone.id,
self.account.domainid)
ip_addrs = list_public_ip(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
issourcenat=False)
try:
self.ip_addr = ip_addrs[0]
except Exception as e:
raise Exception(
"Failed: During acquiring source NAT for account: %s, :%s" %
(self.account.name, e))
self.nat_rule = NATRule.create(self.apiclient, self.virtual_machine,
self.services["natrule"],
self.ip_addr.id)
self.lb_rule = LoadBalancerRule.create(self.apiclient,
self.services["lbrule"],
self.ip_addr.id,
accountid=self.account.name)
self.cleanup = [self.virtual_machine, self.account]
return
def deploy_isolatednetwork_publicipaddress(self, ipaddress_data, virtualmachines_data, network):
self.logger.debug('>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Creating...')
publicipaddress = PublicIPAddress.create(
api_client=self.api_client,
data=ipaddress_data,
network=network
)
self.logger.debug('>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Created! TODO: MISSING FIELDS!')
self.deploy_firewallrules(ipaddress_data, publicipaddress)
self.deploy_portforwards(ipaddress_data['portforwards'], virtualmachines_data, None, publicipaddress)
def test_04_publicip_per_project(self):
"""Test Public IP limit per project
"""
# Validate the following
# 1. set max no of IPs per project to 2.
# 2. Create an account in this domain
# 3. Create 1 VM in this domain
# 4. Acquire 1 IP in the domain. IP should be successfully acquired
# 5. Try to acquire 3rd IP in this domain. It should give the user an
# appropriate error and an alert should be generated.
self.debug("Updating public IP resource limits for project: %s" %
self.project.id)
# Set usage_vm=1 for Account 1
update_resource_limit(
self.apiclient,
1, # Public Ip
max=2,
projectid=self.project.id)
self.debug("Deploying VM for Project: %s" % self.project.id)
virtual_machine_1 = VirtualMachine.create(
self.apiclient,
self.services["server"],
templateid=self.template.id,
serviceofferingid=self.service_offering.id,
projectid=self.project.id)
self.cleanup.append(virtual_machine_1)
# Verify VM state
self.assertEqual(virtual_machine_1.state, 'Running',
"Check VM state is Running or not")
networks = Network.list(self.apiclient,
projectid=self.project.id,
listall=True)
self.assertEqual(
isinstance(networks, list), True,
"Check list networks response returns a valid response")
self.assertNotEqual(
len(networks), 0,
"Check list networks response returns a valid network")
network = networks[0]
self.debug("Associating public IP for project: %s" % self.project.id)
public_ip_1 = PublicIPAddress.create(self.apiclient,
zoneid=virtual_machine_1.zoneid,
services=self.services["server"],
networkid=network.id,
projectid=self.project.id)
self.cleanup.append(public_ip_1)
# Verify Public IP state
self.assertEqual(
public_ip_1.ipaddress.state in ['Allocated', 'Allocating'], True,
"Check Public IP state is allocated or not")
return
def acquire_PublicIPAddress(self, network, vpc=None):
self.debug("Associating public IP for network with ID - %s" % network.id)
public_ip = PublicIPAddress.create(self.api_client,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id if vpc is None else None,
vpcid=vpc.id if vpc else self.vpc.id if hasattr(self, "vpc") else None
)
self.debug("Associated public IP address - %s with network with ID - %s" %
(public_ip.ipaddress.ipaddress, network.id))
return public_ip
def acquire_publicip(self, network):
self.logger.debug('Associating public IP for network: %s' % network.name)
public_ip = PublicIPAddress.create(
self.api_client,
accountid='admin',
zoneid=self.zone.id,
domainid=self.domain.id,
networkids=[str(network.id)]
)
self.logger.debug('Associated %s with network %s' % (public_ip.ipaddress.ipaddress, network.id))
self.test_cleanup.append(public_ip)
return public_ip
def acquire_publicip(self, network):
self.logger.debug("Associating public IP for network: %s" %
network.name)
public_ip = PublicIPAddress.create(self.api_client,
accountid=self.admin_account,
zoneid=self.zone.id,
domainid=self.admin_domain.id,
networkid=network.id)
self.logger.debug("Associated %s with network %s" %
(public_ip.ipaddress.ipaddress, network.id))
self.test_cleanup.append(public_ip)
return public_ip
def test_public_ip_admin_account(self):
"""Test for Associate/Disassociate public IP address for admin account"""
# Validate the following:
# 1. listPubliIpAddresses API returns the list of acquired addresses
# 2. the returned list should contain our acquired IP address
ip_address = PublicIPAddress.create(
self.apiclient,
self.account.name,
self.zone.id,
self.account.domainid
)
list_pub_ip_addr_resp = list_publicIP(
self.apiclient,
id=ip_address.ipaddress.id
)
self.assertEqual(
isinstance(list_pub_ip_addr_resp, list),
True,
"Check list response returns a valid list"
)
# listPublicIpAddresses should return newly created public IP
self.assertNotEqual(
len(list_pub_ip_addr_resp),
0,
"Check if new IP Address is associated"
)
self.assertEqual(
list_pub_ip_addr_resp[0].id,
ip_address.ipaddress.id,
"Check Correct IP Address is returned in the List Cacls"
)
ip_address.delete(self.apiclient)
time.sleep(30)
# Validate the following:
# 1.listPublicIpAddresses should no more return the released address
list_pub_ip_addr_resp = list_publicIP(
self.apiclient,
id=ip_address.ipaddress.id
)
if list_pub_ip_addr_resp is None:
return
if (list_pub_ip_addr_resp) and (
isinstance(
list_pub_ip_addr_resp,
list)) and (
len(list_pub_ip_addr_resp) > 0):
self.fail("list public ip response is not empty")
return
def test_public_ip_admin_account(self):
"""Test for Associate/Disassociate public IP address for admin account"""
# Validate the following:
# 1. listPubliIpAddresses API returns the list of acquired addresses
# 2. the returned list should contain our acquired IP address
ip_address = PublicIPAddress.create(
self.apiclient,
self.account.name,
self.zone.id,
self.account.domainid
)
list_pub_ip_addr_resp = list_publicIP(
self.apiclient,
id=ip_address.ipaddress.id
)
self.assertEqual(
isinstance(list_pub_ip_addr_resp, list),
True,
"Check list response returns a valid list"
)
# listPublicIpAddresses should return newly created public IP
self.assertNotEqual(
len(list_pub_ip_addr_resp),
0,
"Check if new IP Address is associated"
)
self.assertEqual(
list_pub_ip_addr_resp[0].id,
ip_address.ipaddress.id,
"Check Correct IP Address is returned in the List Cacls"
)
ip_address.delete(self.apiclient)
time.sleep(30)
# Validate the following:
# 1.listPublicIpAddresses should no more return the released address
list_pub_ip_addr_resp = list_publicIP(
self.apiclient,
id=ip_address.ipaddress.id
)
if list_pub_ip_addr_resp is None:
return
if (list_pub_ip_addr_resp) and (
isinstance(
list_pub_ip_addr_resp,
list)) and (
len(list_pub_ip_addr_resp) > 0):
self.fail("list public ip response is not empty")
return
def acquire_publicip(self, network):
self.debug("Associating public IP for network: %s" % network.name)
public_ip = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=self.vpc.id
)
self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress,
network.id
))
return public_ip
def acquire_publicip(self, vpc, network):
self.logger.debug("Associating public IP for network: %s" % network.name)
public_ip = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=vpc.id,
)
self.assertIsNotNone(public_ip, "Failed to acquire public IP")
self.logger.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id))
return public_ip
def acquire_publicip(self, vpc, network):
self.logger.debug("Associating public IP for network: %s" %
network.name)
public_ip = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=vpc.id)
self.assertIsNotNone(public_ip, "Failed to acquire public IP")
self.logger.debug("Associated %s with network %s" %
(public_ip.ipaddress.ipaddress, network.id))
return public_ip
def deploy_isolatednetwork_publicipaddress(self, ipaddress_data,
virtualmachines_data, network):
self.logger.debug(
'>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Creating...')
publicipaddress = PublicIPAddress.create(api_client=self.api_client,
data=ipaddress_data,
network=network)
self.logger.debug(
'>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Created! TODO: MISSING FIELDS!'
)
self.deploy_firewallrules(ipaddress_data, publicipaddress)
self.deploy_portforwards(ipaddress_data['portforwards'],
virtualmachines_data, None, publicipaddress)
def setUpClass(cls):
cls.testClient = super(TestNATRules, cls).getClsTestClient()
cls.api_client = cls.testClient.getApiClient()
cls.services = Services().services
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
cls.services['mode'] = cls.zone.networktype
template = get_template(
cls.api_client,
cls.zone.id,
cls.services["ostype"]
)
#Create an account, network, VM and IP addresses
cls.account = Account.create(
cls.api_client,
cls.services["account"],
admin=True,
domainid=cls.domain.id
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.service_offering = ServiceOffering.create(
cls.api_client,
cls.services["service_offering"]
)
cls.virtual_machine = VirtualMachine.create(
cls.api_client,
cls.services["virtual_machine"],
templateid=template.id,
accountid=cls.account.name,
domainid=cls.account.domainid,
serviceofferingid=cls.service_offering.id
)
cls.public_ip = PublicIPAddress.create(
cls.api_client,
accountid=cls.account.name,
zoneid=cls.zone.id,
domainid=cls.account.domainid,
services=cls.services["virtual_machine"]
)
cls._cleanup = [
cls.virtual_machine,
cls.account,
cls.service_offering
]
def test_public_ip_user_account(self):
"""Test for Associate/Disassociate public IP address for user account"""
# Validate the following:
# 1. listPubliIpAddresses API returns the list of acquired addresses
# 2. the returned list should contain our acquired IP address
ip_address = PublicIPAddress.create(
self.apiclient,
self.user.name,
self.zone.id,
self.user.domainid
)
# listPublicIpAddresses should return newly created public IP
list_pub_ip_addr_resp = list_publicIP(
self.apiclient,
id=ip_address.ipaddress.id
)
self.assertEqual(
isinstance(list_pub_ip_addr_resp, list),
True,
"Check list response returns a valid list"
)
self.assertNotEqual(
len(list_pub_ip_addr_resp),
0,
"Check if new IP Address is associated"
)
self.assertEqual(
list_pub_ip_addr_resp[0].id,
ip_address.ipaddress.id,
"Check Correct IP Address is returned in the List Call"
)
ip_address.delete(self.apiclient)
list_pub_ip_addr_resp = list_publicIP(
self.apiclient,
id=ip_address.ipaddress.id
)
self.assertEqual(
list_pub_ip_addr_resp,
None,
"Check if disassociated IP Address is no longer available"
)
return
def setUpClass(cls):
cls.testClient = super(TestNATRules, cls).getClsTestClient()
cls.api_client = cls.testClient.getApiClient()
cls.services = Services().services
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
cls.services['mode'] = cls.zone.networktype
template = get_template(
cls.api_client,
cls.zone.id,
cls.services["ostype"]
)
#Create an account, network, VM and IP addresses
cls.account = Account.create(
cls.api_client,
cls.services["account"],
admin=True,
domainid=cls.domain.id
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.service_offering = ServiceOffering.create(
cls.api_client,
cls.services["service_offering"]
)
cls.virtual_machine = VirtualMachine.create(
cls.api_client,
cls.services["virtual_machine"],
templateid=template.id,
accountid=cls.account.name,
domainid=cls.account.domainid,
serviceofferingid=cls.service_offering.id
)
cls.public_ip = PublicIPAddress.create(
cls.api_client,
accountid=cls.account.name,
zoneid=cls.zone.id,
domainid=cls.account.domainid,
services=cls.services["virtual_machine"]
)
cls._cleanup = [
cls.virtual_machine,
cls.account,
cls.service_offering
]
def test_public_ip_user_account(self):
"""Test for Associate/Disassociate public IP address for user account"""
# Validate the following:
# 1. listPubliIpAddresses API returns the list of acquired addresses
# 2. the returned list should contain our acquired IP address
ip_address = PublicIPAddress.create(
self.apiclient,
self.user.name,
self.zone.id,
self.user.domainid
)
# listPublicIpAddresses should return newly created public IP
list_pub_ip_addr_resp = list_publicIP(
self.apiclient,
id=ip_address.ipaddress.id
)
self.assertEqual(
isinstance(list_pub_ip_addr_resp, list),
True,
"Check list response returns a valid list"
)
self.assertNotEqual(
len(list_pub_ip_addr_resp),
0,
"Check if new IP Address is associated"
)
self.assertEqual(
list_pub_ip_addr_resp[0].id,
ip_address.ipaddress.id,
"Check Correct IP Address is returned in the List Call"
)
ip_address.delete(self.apiclient)
list_pub_ip_addr_resp = list_publicIP(
self.apiclient,
id=ip_address.ipaddress.id
)
self.assertEqual(
list_pub_ip_addr_resp,
None,
"Check if disassociated IP Address is no longer available"
)
return
def deploy_publicipaddress(self, publicipaddress_data, virtualmachines_data, vpc):
self.logger.debug('>>> PUBLIC IP ADDRESS => Creating...')
publicipaddress = PublicIPAddress.create(
api_client=self.api_client,
data=publicipaddress_data,
vpc=vpc
)
ipaddress = publicipaddress.ipaddress
self.logger.debug('>>> PUBLIC IP ADDRESS => ID: %s => IP: %s => State: %s => Source NAT: %s '
'=> Static NAT: %s => ACL: %s => VLAN: %s => Physical Network: %s => Network: %s '
'=> VPC: %s => Domain: %s', ipaddress.id, ipaddress.ipaddress, ipaddress.state,
ipaddress.issourcenat, ipaddress.isstaticnat, ipaddress.aclid, ipaddress.vlanid,
ipaddress.physicalnetworkid, ipaddress.networkid, ipaddress.vpcid, ipaddress.domainid)
self.deploy_portforwards(publicipaddress_data['portforwards'], virtualmachines_data, vpc, publicipaddress)
def deploy_publicipaddress(self, publicipaddress_data,
virtualmachines_data, vpc):
self.logger.debug('>>> PUBLIC IP ADDRESS => Creating...')
publicipaddress = PublicIPAddress.create(api_client=self.api_client,
data=publicipaddress_data,
vpc=vpc)
ipaddress = publicipaddress.ipaddress
self.logger.debug(
'>>> PUBLIC IP ADDRESS => ID: %s => IP: %s => State: %s => Source NAT: %s '
'=> Static NAT: %s => ACL: %s => VLAN: %s => Physical Network: %s => Network: %s '
'=> VPC: %s => Domain: %s', ipaddress.id, ipaddress.ipaddress,
ipaddress.state, ipaddress.issourcenat, ipaddress.isstaticnat,
ipaddress.aclid, ipaddress.vlanid, ipaddress.physicalnetworkid,
ipaddress.networkid, ipaddress.vpcid, ipaddress.domainid)
self.deploy_portforwards(publicipaddress_data['portforwards'],
virtualmachines_data, vpc, publicipaddress)
def setUp(self):
self.apiclient = self.testClient.getApiClient()
self.dbclient = self.testClient.getDbConnection()
self.account = Account.create(
self.apiclient,
self.services["account"],
domainid=self.domain.id
)
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
self.virtual_machine_2 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
self.public_ip = PublicIPAddress.create(
self.apiclient,
self.virtual_machine.account,
self.virtual_machine.zoneid,
self.virtual_machine.domainid,
self.services["virtual_machine"]
)
FireWallRule.create(
self.apiclient,
ipaddressid=self.public_ip.ipaddress.id,
protocol='TCP',
cidrlist=[self.services["fwrule"]["cidr"]],
startport=self.services["fwrule"]["startport"],
endport=self.services["fwrule"]["endport"]
)
self.cleanup = [self.account, ]
return
def setUp(self):
self.apiclient = self.testClient.getApiClient()
self.dbclient = self.testClient.getDbConnection()
self.account = Account.create(
self.apiclient,
self.services["account"],
domainid=self.domain.id
)
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
self.virtual_machine_2 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
self.public_ip = PublicIPAddress.create(
self.apiclient,
self.virtual_machine.account,
self.virtual_machine.zoneid,
self.virtual_machine.domainid,
self.services["virtual_machine"]
)
NATRule.create(
self.apiclient,
self.virtual_machine,
self.services["natrule"],
ipaddressid=self.public_ip.ipaddress.id
)
self.cleanup = [self.account, ]
return
def acquire_Public_Ip(self):
"""Acquires the public IP"""
try:
self.debug("Acquiring public IP for account: %s" %
self.account.name)
public_ip = PublicIPAddress.create(
self.apiclient, self.virtual_machine.account,
self.virtual_machine.zoneid, self.virtual_machine.domainid,
self.services["virtual_machine"])
self.debug("Acquired public IP: %s" %
public_ip.ipaddress.ipaddress)
FireWallRule.create(self.apiclient,
ipaddressid=public_ip.ipaddress.id,
protocol='TCP',
cidrlist=[self.services["fwrule"]["cidr"]],
startport=self.services["fwrule"]["startport"],
endport=self.services["fwrule"]["endport"])
return public_ip
except Exception as e:
self.fail("Failed to acquire new public IP: %s" % e)
def acquire_Public_Ip(self):
"""Acquires the public IP"""
try:
self.debug("Acquiring public IP for account: %s" %
self.account.name)
public_ip = PublicIPAddress.create(
self.apiclient, self.virtual_machine.account,
self.virtual_machine.zoneid, self.virtual_machine.domainid,
self.services["virtual_machine"])
self.debug("Acquired public IP: %s" %
public_ip.ipaddress.ipaddress)
self.debug("Configuring NAT rule for the acquired public ip")
NATRule.create(self.apiclient,
self.virtual_machine,
self.services["natrule"],
ipaddressid=public_ip.ipaddress.id)
return public_ip
except Exception as e:
self.fail("Failed to acquire new public IP: %s" % e)
def createNetworkRulesForVM(apiclient, virtualmachine, ruletype, account,
networkruledata):
"""Acquire IP, create Firewall and NAT/StaticNAT rule
(associating it with given vm) for that IP"""
try:
public_ip = PublicIPAddress.create(
apiclient,
accountid=account.name,
zoneid=virtualmachine.zoneid,
domainid=account.domainid,
networkid=virtualmachine.nic[0].networkid)
FireWallRule.create(apiclient,
ipaddressid=public_ip.ipaddress.id,
protocol='TCP',
cidrlist=[networkruledata["fwrule"]["cidr"]],
startport=networkruledata["fwrule"]["startport"],
endport=networkruledata["fwrule"]["endport"])
if ruletype == NAT_RULE:
# Create NAT rule
NATRule.create(apiclient,
virtualmachine,
networkruledata["natrule"],
ipaddressid=public_ip.ipaddress.id,
networkid=virtualmachine.nic[0].networkid)
elif ruletype == STATIC_NAT_RULE:
# Enable Static NAT for VM
StaticNATRule.enable(apiclient,
public_ip.ipaddress.id,
virtualmachine.id,
networkid=virtualmachine.nic[0].networkid)
except Exception as e:
[FAIL, e]
return [PASS, public_ip]
def test_01_create_delete_portforwarding_fornonvpc(self):
"""
@summary: Test to list, create and delete Port Forwarding for
IP Address associated to Non VPC network
@Steps:
Step1: Creating a Network for the user
Step2: Associating an IP Addresses for Network
Step3: Launching Virtual Machine in network created in step 2
Step4: Listing Port Forwarding Rules for the IP Address associated
in Step2
Step5: Verifying that no Port Forwarding Rules are listed
Step6: Creating a Port Forwarding Rule for IP Address associated in
Step2
Step7: Listing Port Forwarding Rules for the IP Address associated in
Step2
Step8: Verifying 1 Port Forwarding Rule is listed
Step9: Deleting the Port Forwarding Rule created in Step6
Step10: Listing Port Forwarding Rules for the IP Address associated in
Step2
Step11: Verifying that no Port Forwarding Rules are listed
"""
# Listing all the Networks's for a user
list_networks_before = Network.list(
self.userapiclient,
listall=self.services["listall"],
type="Isolated"
)
# Verifying No Networks are listed
self.assertIsNone(
list_networks_before,
"Networks listed for newly created User"
)
# Listing Network Offerings
network_offerings_list = NetworkOffering.list(
self.apiClient,
forvpc="false",
guestiptype="Isolated",
state="Enabled",
supportedservices="SourceNat,PortForwarding",
zoneid=self.zone.id
)
status = validateList(network_offerings_list)
self.assertEqual(
PASS,
status[0],
"Isolated Network Offerings with sourceNat,\
PortForwarding enabled are not found"
)
# Creating a network
network = Network.create(
self.userapiclient,
self.services["network"],
accountid=self.account.name,
domainid=self.domain.id,
networkofferingid=network_offerings_list[0].id,
zoneid=self.zone.id
)
self.assertIsNotNone(
network,
"Network creation failed"
)
# Listing all the IP Addresses for a user
list_ipaddresses_before = PublicIPAddress.list(
self.userapiclient,
listall=self.services["listall"]
)
# Verifying no IP Addresses are listed
self.assertIsNone(
list_ipaddresses_before,
"IP Addresses listed for newly created User"
)
service_offering = ServiceOffering.create(
self.apiClient,
self.services["service_offerings"]["tiny"],
)
self.services["virtual_machine"]["zoneid"] = self.zone.id
vm = VirtualMachine.create(
self.userapiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
networkids=network.id,
serviceofferingid=service_offering.id
)
VirtualMachine.delete(vm, self.apiClient, expunge=True)
# Associating an IP Addresses to Network created
associated_ipaddress = PublicIPAddress.create(
self.userapiclient,
services=self.services["network"],
networkid=network.id
)
self.assertIsNotNone(
associated_ipaddress,
"Failed to Associate IP Address"
)
# Listing all the IP Addresses for a user
list_ipaddresses_after = PublicIPAddress.list(
self.userapiclient,
listall=self.services["listall"]
)
status = validateList(list_ipaddresses_after)
self.assertEqual(
PASS,
status[0],
"IP Addresses Association Failed"
)
# Verifying the length of the list is 2
self.assertEqual(
2,
len(list_ipaddresses_after),
"Number of IP Addresses associated are not matching expected"
)
# Launching a Virtual Machine with above created Network
vm_created = VirtualMachine.create(
self.userapiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
networkids=network.id,
serviceofferingid=self.service_offering.id,
)
self.assertIsNotNone(
vm_created,
"Failed to launch a VM under network created"
)
self.cleanup.append(network)
# Listing Virtual Machines in running state in above created network
list_vms_running = VirtualMachine.list(
self.userapiclient,
listall=self.services["listall"],
state="Running",
networkid=network.id
)
status = validateList(list_vms_running)
self.assertEqual(
PASS,
status[0],
"VM Created is not in Running state"
)
# Verifying the length of the list is 2
self.assertEqual(
2,
len(list_ipaddresses_after),
"VM Created is not in Running state"
)
self.assertEqual(
vm_created.id,
list_vms_running[0].id,
"VM Created is not in Running state"
)
# Listing Virtual Machines in stopped state in above created network
list_vms_stopped = VirtualMachine.list(
self.userapiclient,
listall=self.services["listall"],
state="Stopped",
networkid=network.id
)
# Verifying no VMs are in stopped state
self.assertIsNone(
list_vms_stopped,
"VM Created is in stopped state"
)
# Listing Port Forwarding Rules for the IP Address associated
list_prtfwdrule_before = NATRule.list(
self.userapiclient,
listall=self.services["listall"],
ipaddressid=associated_ipaddress.ipaddress.id
)
# Verifying no port forwarding rules are listed
self.assertIsNone(
list_prtfwdrule_before,
"Port Forwarding Rules listed for newly associated IP Address"
)
# Creating a Port Forwarding rule
portfwd_rule = NATRule.create(
self.userapiclient,
virtual_machine=vm_created,
services=self.services["natrule"],
ipaddressid=associated_ipaddress.ipaddress.id,
)
self.assertIsNotNone(
portfwd_rule,
"Failed to create Port Forwarding Rule"
)
# Verifying details of Sticky Policy created
# Creating expected and actual values dictionaries
expected_dict = {
"ipaddressid": associated_ipaddress.ipaddress.id,
"privateport": str(self.services["natrule"]["privateport"]),
"publicport": str(self.services["natrule"]["publicport"]),
"protocol": str(self.services["natrule"]["protocol"]).lower(),
}
actual_dict = {
"ipaddressid": portfwd_rule.ipaddressid,
"privateport": str(portfwd_rule.privateport),
"publicport": str(portfwd_rule.publicport),
"protocol": portfwd_rule.protocol,
}
portfwd_status = self.__verify_values(
expected_dict,
actual_dict
)
self.assertEqual(
True,
portfwd_status,
"Created Port Forward Rule details are not as expected"
)
# Listing Port Forwarding Rules for the IP Address associated
list_prtfwdrule_after = NATRule.list(
self.userapiclient,
listall=self.services["listall"],
ipaddressid=associated_ipaddress.ipaddress.id
)
status = validateList(list_prtfwdrule_after)
self.assertEqual(
PASS,
status[0],
"Failed to create Port Forwarding Rule"
)
# Verifying the length of the list is 1
self.assertEqual(
1,
len(list_prtfwdrule_after),
"Failed to create Port Forwarding Rule"
)
# Deleting Port Forwarding Rule
portfwd_rule.delete(self.userapiclient)
# Creating a Port Forwarding rule with port range
portfwd_rule = NATRule.create(
self.userapiclient,
virtual_machine=vm_created,
services=self.services["natrulerange"],
ipaddressid=associated_ipaddress.ipaddress.id,
)
self.assertIsNotNone(
portfwd_rule,
"Failed to create Port Forwarding Rule"
)
# update the private port for port forwarding rule
updatefwd_rule = portfwd_rule.update(self.userapiclient,
portfwd_rule.id,
virtual_machine=vm_created,
services=self.services["updatenatrulerange"],
)
# Verifying details of Sticky Policy created
# Creating expected and actual values dictionaries
expected_dict = {
"privateport": str(self.services["updatenatrulerange"]["privateport"]),
"privateendport": str(self.services["updatenatrulerange"]["privateendport"]),
}
actual_dict = {
"privateport": str(updatefwd_rule.privateport),
"privateendport": str(updatefwd_rule.privateendport),
}
portfwd_status = self.__verify_values(
expected_dict,
actual_dict
)
self.assertEqual(
True,
portfwd_status,
"Updated Port Forward Rule details are not as expected"
)
# Deleting Port Forwarding Rule
portfwd_rule.delete(self.userapiclient)
# Listing Port Forwarding Rules for the IP Address associated
list_prtfwdrule_after = NATRule.list(
self.userapiclient,
listall=self.services["listall"],
ipaddressid=associated_ipaddress.ipaddress.id
)
# Verifying no port forwarding rules are listed
self.assertIsNone(
list_prtfwdrule_after,
"Port Forwarding Rules listed after deletion"
)
# Destroying the VM Launched
vm_created.delete(self.apiClient)
self.cleanup.append(self.account)
return
def test_01_host_maintenance_mode(self):
"""Test host maintenance mode
"""
# Validate the following
# 1. Create Vms. Acquire IP. Create port forwarding & load balancing
# rules for Vms.
# 2. Host 1: put to maintenance mode. All Vms should failover to Host
# 2 in cluster. Vms should be in running state. All port forwarding
# rules and load balancing Rules should work.
# 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host
# 2 should succeed.
# 4. Host 1: cancel maintenance mode.
# 5. Host 2 : put to maintenance mode. All Vms should failover to
# Host 1 in cluster.
# 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on
# host 1 should succeed.
hosts = Host.list(self.apiclient,
zoneid=self.zone.id,
resourcestate='Enabled',
type='Routing')
self.assertEqual(isinstance(hosts, list), True,
"List hosts should return valid host response")
if len(hosts) < 2:
self.skipTest("There must be at least 2 hosts present in cluster")
self.debug("Checking HA with hosts: %s, %s" %
(hosts[0].name, hosts[1].name))
self.debug("Deploying VM in account: %s" % self.account.name)
# Spawn an instance in that network
virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id)
vms = VirtualMachine.list(self.apiclient,
id=virtual_machine.id,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.assertEqual(vm.state, "Running",
"Deployed VM should be in RUnning state")
networks = Network.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True)
self.assertEqual(
isinstance(networks, list), True,
"List networks should return valid list for the account")
network = networks[0]
self.debug("Associating public IP for account: %s" % self.account.name)
public_ip = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id)
self.debug("Associated %s with network %s" %
(public_ip.ipaddress.ipaddress, network.id))
self.debug("Creating PF rule for IP address: %s" %
public_ip.ipaddress.ipaddress)
NATRule.create(self.apiclient,
virtual_machine,
self.services["natrule"],
ipaddressid=public_ip.ipaddress.id)
self.debug("Creating LB rule on IP with NAT: %s" %
public_ip.ipaddress.ipaddress)
# Create Load Balancer rule on IP already having NAT rule
lb_rule = LoadBalancerRule.create(self.apiclient,
self.services["lbrule"],
ipaddressid=public_ip.ipaddress.id,
accountid=self.account.name)
self.debug("Created LB rule with ID: %s" % lb_rule.id)
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e))
first_host = vm.hostid
self.debug("Enabling maintenance mode for host %s" % vm.hostid)
cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd()
cmd.id = first_host
self.apiclient.prepareHostForMaintenance(cmd)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
timeout = self.services["timeout"]
# Poll and check state of VM while it migrates from one host to another
while True:
vms = VirtualMachine.list(self.apiclient,
id=virtual_machine.id,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug("VM 1 state: %s" % vm.state)
if vm.state in [
"Stopping", "Stopped", "Running", "Starting", "Migrating"
]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail("VM migration from one-host-to-other\
failed while enabling maintenance")
second_host = vm.hostid
self.assertEqual(
vm.state, "Running",
"VM should be in Running state after enabling host maintenance")
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e))
self.debug("Deploying VM in account: %s" % self.account.name)
# Spawn an instance on other host
virtual_machine_2 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id)
vms = VirtualMachine.list(self.apiclient,
id=virtual_machine_2.id,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.debug("VM 2 state: %s" % vm.state)
self.assertEqual(vm.state, "Running",
"Deployed VM should be in Running state")
self.debug("Canceling host maintenance for ID: %s" % first_host)
cmd = cancelHostMaintenance.cancelHostMaintenanceCmd()
cmd.id = first_host
self.apiclient.cancelHostMaintenance(cmd)
self.debug("Maintenance mode canceled for host: %s" % first_host)
self.debug("Enabling maintenance mode for host %s" % second_host)
cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd()
cmd.id = second_host
self.apiclient.prepareHostForMaintenance(cmd)
self.debug("Maintenance mode enabled for host: %s" % second_host)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
# Poll and check the status of VMs
timeout = self.services["timeout"]
while True:
vms = VirtualMachine.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug(
"VM state after enabling maintenance on first host: %s" %
vm.state)
if vm.state in [
"Stopping", "Stopped", "Running", "Starting", "Migrating"
]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail("VM migration from one-host-to-other failed\
while enabling maintenance")
# Poll and check the status of VMs
timeout = self.services["timeout"]
while True:
vms = VirtualMachine.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[1]
self.debug(
"VM state after enabling maintenance on first host: %s" %
vm.state)
if vm.state in [
"Stopping", "Stopped", "Running", "Starting", "Migrating"
]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail("VM migration from one-host-to-other\
failed while enabling maintenance")
for vm in vms:
self.debug(
"VM states after enabling maintenance mode on host: %s - %s" %
(first_host, vm.state))
self.assertEqual(vm.state, "Running",
"Deployed VM should be in Running state")
# Spawn an instance on other host
virtual_machine_3 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id)
vms = VirtualMachine.list(self.apiclient,
id=virtual_machine_3.id,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.debug("VM 3 state: %s" % vm.state)
self.assertEqual(vm.state, "Running",
"Deployed VM should be in Running state")
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e))
self.debug("Canceling host maintenance for ID: %s" % second_host)
cmd = cancelHostMaintenance.cancelHostMaintenanceCmd()
cmd.id = second_host
self.apiclient.cancelHostMaintenance(cmd)
self.debug("Maintenance mode canceled for host: %s" % second_host)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
return
def setUpClass(cls):
testClient = super(TestPublicIP, cls).getClsTestClient()
cls.apiclient = testClient.getApiClient()
cls.services = testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.services['mode'] = cls.zone.networktype
# Create Accounts & networks
cls.account = Account.create(
cls.apiclient,
cls.services["account"],
admin=True,
domainid=cls.domain.id
)
cls.user = Account.create(
cls.apiclient,
cls.services["account"],
domainid=cls.domain.id
)
cls.services["network"]["zoneid"] = cls.zone.id
cls.network_offering = NetworkOffering.create(
cls.apiclient,
cls.services["network_offering"],
)
# Enable Network offering
cls.network_offering.update(cls.apiclient, state='Enabled')
cls.services["network"]["networkoffering"] = cls.network_offering.id
cls.account_network = Network.create(
cls.apiclient,
cls.services["network"],
cls.account.name,
cls.account.domainid
)
cls.user_network = Network.create(
cls.apiclient,
cls.services["network"],
cls.user.name,
cls.user.domainid
)
# Create Source NAT IP addresses
PublicIPAddress.create(
cls.apiclient,
cls.account.name,
cls.zone.id,
cls.account.domainid
)
PublicIPAddress.create(
cls.apiclient,
cls.user.name,
cls.zone.id,
cls.user.domainid
)
cls._cleanup = [
cls.account_network,
cls.user_network,
cls.account,
cls.user,
cls.network_offering
]
return
def test_02_port_fwd_on_non_src_nat(self):
"""Test for port forwarding on non source NAT"""
# Validate the following:
# 1. listPortForwardingRules should not return the deleted rule anymore
# 2. attempt to do ssh should now fail
ip_address = PublicIPAddress.create(
self.apiclient,
self.account.name,
self.zone.id,
self.account.domainid,
self.services["virtual_machine"]
)
self.cleanup.append(ip_address)
# Check if VM is in Running state before creating NAT rule
vm_response = VirtualMachine.list(
self.apiclient,
id=self.virtual_machine.id
)
self.assertEqual(
isinstance(vm_response, list),
True,
"Check list VM returns a valid list"
)
self.assertNotEqual(
len(vm_response),
0,
"Check Port Forwarding Rule is created"
)
self.assertEqual(
vm_response[0].state,
'Running',
"VM state should be Running before creating a NAT rule."
)
# Open up firewall port for SSH
FireWallRule.create(
self.apiclient,
ipaddressid=ip_address.ipaddress.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"]
)
# Create NAT rule
nat_rule = NATRule.create(
self.apiclient,
self.virtual_machine,
self.services["natrule"],
ip_address.ipaddress.id
)
# Validate the following:
# 1. listPortForwardingRules should not return the deleted rule anymore
# 2. attempt to do ssh should now fail
list_nat_rule_response = list_nat_rules(
self.apiclient,
id=nat_rule.id
)
self.assertEqual(
isinstance(list_nat_rule_response, list),
True,
"Check list response returns a valid list"
)
self.assertNotEqual(
len(list_nat_rule_response),
0,
"Check Port Forwarding Rule is created"
)
self.assertEqual(
list_nat_rule_response[0].id,
nat_rule.id,
"Check Correct Port forwarding Rule is returned"
)
try:
self.debug("SSHing into VM with IP address %s with NAT IP %s" %
(
self.virtual_machine.ipaddress,
ip_address.ipaddress.ipaddress
))
self.virtual_machine.get_ssh_client(ip_address.ipaddress.ipaddress)
except Exception as e:
self.fail(
"SSH Access failed for %s: %s" %
(self.virtual_machine.ipaddress, e)
)
nat_rule.delete(self.apiclient)
try:
list_nat_rule_response = list_nat_rules(
self.apiclient,
id=nat_rule.id
)
except CloudstackAPIException:
self.debug("Nat Rule is deleted")
# Check if the Public SSH port is inaccessible
with self.assertRaises(Exception):
self.debug(
"SSHing into VM with IP address %s after NAT rule deletion" %
self.virtual_machine.ipaddress)
SshClient(
ip_address.ipaddress.ipaddress,
self.virtual_machine.ssh_port,
self.virtual_machine.username,
self.virtual_machine.password,
retries=2,
delay=0
)
return
def test_static_nat_on_ip_from_non_src_nat_ip_range(self):
"""Test for static nat on a IP which is in pubic IP range different
from public IP range that has source NAT IP associated with network
"""
# Validate the following:
# 1. Create a new public IP range and dedicate to a account
# 2. Acquire a IP from new public range
# 3. Enable static NAT on acquired IP from new range
# 4. Create a firewall rule to open up the port
# 5. Test SSH works to the VM
self.services["extrapubliciprange"]["zoneid"] = self.services["zoneid"]
self.public_ip_range = PublicIpRange.create(
self.apiclient,
self.services["extrapubliciprange"]
)
self.cleanup.append(self.public_ip_range)
logger.debug("Dedicating Public IP range to the account");
dedicate_public_ip_range_response = PublicIpRange.dedicate(
self.apiclient,
self.public_ip_range.vlan.id,
account=self.account.name,
domainid=self.account.domainid
)
ip_address = PublicIPAddress.create(
self.apiclient,
self.account.name,
self.zone.id,
self.account.domainid,
self.services["virtual_machine"]
)
self.cleanup.append(ip_address)
# Check if VM is in Running state before creating NAT and firewall rules
vm_response = VirtualMachine.list(
self.apiclient,
id=self.virtual_machine.id
)
self.assertEqual(
isinstance(vm_response, list),
True,
"Check list VM returns a valid list"
)
self.assertNotEqual(
len(vm_response),
0,
"Check Port Forwarding Rule is created"
)
self.assertEqual(
vm_response[0].state,
'Running',
"VM state should be Running before creating a NAT rule."
)
# Open up firewall port for SSH
fwr = FireWallRule.create(
self.apiclient,
ipaddressid=ip_address.ipaddress.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"]
)
self.cleanup.append(fwr)
# Create Static NAT rule
StaticNATRule.enable(
self.apiclient,
ip_address.ipaddress.id,
self.virtual_machine.id,
self.defaultNetworkId
)
try:
logger.debug("SSHing into VM with IP address %s with NAT IP %s" %
(
self.virtual_machine.ipaddress,
ip_address.ipaddress.ipaddress
))
self.virtual_machine.get_ssh_client(ip_address.ipaddress.ipaddress)
except Exception as e:
self.fail(
"SSH Access failed for %s: %s" %
(self.virtual_machine.ipaddress, e)
)
StaticNATRule.disable(
self.apiclient,
ip_address.ipaddress.id,
self.virtual_machine.id
)
def test_01_create_delete_portforwarding_fornonvpc(self):
"""
@summary: Test to list, create and delete Port Forwarding for
IP Address associated to Non VPC network
@Steps:
Step1: Creating a Network for the user
Step2: Associating an IP Addresses for Network
Step3: Launching Virtual Machine in network created in step 2
Step4: Listing Port Forwarding Rules for the IP Address associated
in Step2
Step5: Verifying that no Port Forwarding Rules are listed
Step6: Creating a Port Forwarding Rule for IP Address associated in
Step2
Step7: Listing Port Forwarding Rules for the IP Address associated in
Step2
Step8: Verifying 1 Port Forwarding Rule is listed
Step9: Deleting the Port Forwarding Rule created in Step6
Step10: Listing Port Forwarding Rules for the IP Address associated in
Step2
Step11: Verifying that no Port Forwarding Rules are listed
"""
# Listing all the Networks's for a user
list_networks_before = Network.list(
self.userapiclient,
listall=self.services["listall"],
type="Isolated"
)
# Verifying No Networks are listed
self.assertIsNone(
list_networks_before,
"Networks listed for newly created User"
)
# Listing Network Offerings
network_offerings_list = NetworkOffering.list(
self.apiClient,
forvpc="false",
guestiptype="Isolated",
state="Enabled",
supportedservices="SourceNat,PortForwarding",
zoneid=self.zone.id
)
status = validateList(network_offerings_list)
self.assertEquals(
PASS,
status[0],
"Isolated Network Offerings with sourceNat,\
PortForwarding enabled are not found"
)
# Creating a network
network = Network.create(
self.userapiclient,
self.services["network"],
accountid=self.account.name,
domainid=self.domain.id,
networkofferingid=network_offerings_list[0].id,
zoneid=self.zone.id
)
self.assertIsNotNone(
network,
"Network creation failed"
)
# Listing all the IP Addresses for a user
list_ipaddresses_before = PublicIPAddress.list(
self.userapiclient,
listall=self.services["listall"]
)
# Verifying no IP Addresses are listed
self.assertIsNone(
list_ipaddresses_before,
"IP Addresses listed for newly created User"
)
# Associating an IP Addresses to Network created
associated_ipaddress = PublicIPAddress.create(
self.userapiclient,
services=self.services["network"],
networkid=network.id
)
self.assertIsNotNone(
associated_ipaddress,
"Failed to Associate IP Address"
)
# Listing all the IP Addresses for a user
list_ipaddresses_after = PublicIPAddress.list(
self.userapiclient,
listall=self.services["listall"]
)
status = validateList(list_ipaddresses_after)
self.assertEquals(
PASS,
status[0],
"IP Addresses Association Failed"
)
# Verifying the length of the list is 1
self.assertEqual(
1,
len(list_ipaddresses_after),
"Number of IP Addresses associated are not matching expected"
)
# Launching a Virtual Machine with above created Network
vm_created = VirtualMachine.create(
self.userapiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
networkids=network.id,
serviceofferingid=self.service_offering.id,
)
self.assertIsNotNone(
vm_created,
"Failed to launch a VM under network created"
)
self.cleanup.append(network)
# Listing Virtual Machines in running state in above created network
list_vms_running = VirtualMachine.list(
self.userapiclient,
listall=self.services["listall"],
state="Running",
networkid=network.id
)
status = validateList(list_vms_running)
self.assertEquals(
PASS,
status[0],
"VM Created is not in Running state"
)
# Verifying the length of the list is 1
self.assertEqual(
1,
len(list_ipaddresses_after),
"VM Created is not in Running state"
)
self.assertEquals(
vm_created.id,
list_vms_running[0].id,
"VM Created is not in Running state"
)
# Listing Virtual Machines in stopped state in above created network
list_vms_stopped = VirtualMachine.list(
self.userapiclient,
listall=self.services["listall"],
state="Stopped",
networkid=network.id
)
# Verifying no VMs are in stopped state
self.assertIsNone(
list_vms_stopped,
"VM Created is in stopped state"
)
# Listing Port Forwarding Rules for the IP Address associated
list_prtfwdrule_before = NATRule.list(
self.userapiclient,
listall=self.services["listall"],
ipaddressid=associated_ipaddress.ipaddress.id
)
# Verifying no port forwarding rules are listed
self.assertIsNone(
list_prtfwdrule_before,
"Port Forwarding Rules listed for newly associated IP Address"
)
# Creating a Port Forwarding rule
portfwd_rule = NATRule.create(
self.userapiclient,
virtual_machine=vm_created,
services=self.services["natrule"],
ipaddressid=associated_ipaddress.ipaddress.id,
)
self.assertIsNotNone(
portfwd_rule,
"Failed to create Port Forwarding Rule"
)
# Verifying details of Sticky Policy created
# Creating expected and actual values dictionaries
expected_dict = {
"ipaddressid": associated_ipaddress.ipaddress.id,
"privateport": str(self.services["natrule"]["privateport"]),
"publicport": str(self.services["natrule"]["publicport"]),
"protocol": str(self.services["natrule"]["protocol"]).lower(),
}
actual_dict = {
"ipaddressid": portfwd_rule.ipaddressid,
"privateport": str(portfwd_rule.privateport),
"publicport": str(portfwd_rule.publicport),
"protocol": portfwd_rule.protocol,
}
portfwd_status = self.__verify_values(
expected_dict,
actual_dict
)
self.assertEqual(
True,
portfwd_status,
"Created Port Forward Rule details are not as expected"
)
# Listing Port Forwarding Rules for the IP Address associated
list_prtfwdrule_after = NATRule.list(
self.userapiclient,
listall=self.services["listall"],
ipaddressid=associated_ipaddress.ipaddress.id
)
status = validateList(list_prtfwdrule_after)
self.assertEquals(
PASS,
status[0],
"Failed to create Port Forwarding Rule"
)
# Verifying the length of the list is 1
self.assertEqual(
1,
len(list_prtfwdrule_after),
"Failed to create Port Forwarding Rule"
)
# Deleting Port Forwarding Rule
portfwd_rule.delete(self.userapiclient)
# Creating a Port Forwarding rule with port range
portfwd_rule = NATRule.create(
self.userapiclient,
virtual_machine=vm_created,
services=self.services["natrulerange"],
ipaddressid=associated_ipaddress.ipaddress.id,
)
self.assertIsNotNone(
portfwd_rule,
"Failed to create Port Forwarding Rule"
)
#update the private port for port forwarding rule
updatefwd_rule = portfwd_rule.update(self.userapiclient,
portfwd_rule.id,
virtual_machine=vm_created,
services=self.services["updatenatrulerange"],
)
# Verifying details of Sticky Policy created
# Creating expected and actual values dictionaries
expected_dict = {
"privateport": str(self.services["updatenatrulerange"]["privateport"]),
"privateendport": str(self.services["updatenatrulerange"]["privateendport"]),
}
actual_dict = {
"privateport": str(updatefwd_rule.privateport),
"privateendport": str(updatefwd_rule.privateendport),
}
portfwd_status = self.__verify_values(
expected_dict,
actual_dict
)
self.assertEqual(
True,
portfwd_status,
"Updated Port Forward Rule details are not as expected"
)
# Deleting Port Forwarding Rule
portfwd_rule.delete(self.userapiclient)
# Listing Port Forwarding Rules for the IP Address associated
list_prtfwdrule_after = NATRule.list(
self.userapiclient,
listall=self.services["listall"],
ipaddressid=associated_ipaddress.ipaddress.id
)
# Verifying no port forwarding rules are listed
self.assertIsNone(
list_prtfwdrule_after,
"Port Forwarding Rules listed after deletion"
)
# Destroying the VM Launched
vm_created.delete(self.apiClient)
self.cleanup.append(self.account)
return
def test_network_rules_acquired_public_ip(self, value):
"""Test for Router rules for network rules on acquired public IP"""
# Validate the following:
# 1. listPortForwardingRules should not return the deleted rule anymore
# 2. attempt to do ssh should now fail
self.ipaddress = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=self.defaultNetworkId
)
self.createNetworkRules(rule=value,
ipaddressobj=self.ipaddress,
networkid=self.defaultNetworkId)
router = Router.list(self.apiclient,
networkid=self.virtual_machine.nic[0].networkid,
listall=True)[0]
response = self.getCommandResultFromRouter(router, "ip addr")
logger.debug(response)
stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress
self.assertTrue(stringToMatch in str(response), "IP address is\
not added to the VR!")
try:
logger.debug("SSHing into VM with IP address %s with NAT IP %s" %
(
self.virtual_machine.ipaddress,
self.ipaddress.ipaddress.ipaddress
))
self.virtual_machine.get_ssh_client(
self.ipaddress.ipaddress.ipaddress)
except Exception as e:
self.fail(
"SSH Access failed for %s: %s" %
(self.virtual_machine.ipaddress, e)
)
# Validate the following:
# 1. listIpForwardingRules should not return the deleted rule anymore
# 2. attempt to do ssh should now fail
self.removeNetworkRules(rule=value)
response = self.getCommandResultFromRouter(router, "ip addr")
logger.debug(response)
stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress
self.assertFalse(stringToMatch in str(response), "IP address is\
not removed from VR even after disabling stat in NAT")
# Check if the Public SSH port is inaccessible
with self.assertRaises(Exception):
logger.debug(
"SSHing into VM with IP address %s after NAT rule deletion" %
self.virtual_machine.ipaddress)
SshClient(
self.ipaddress.ipaddress.ipaddress,
self.virtual_machine.ssh_port,
self.virtual_machine.username,
self.virtual_machine.password,
retries=2,
delay=0
)
return
def setup_infra(cls, redundant=False):
if len(cls.class_cleanup) > 0:
cleanup_resources(cls.api_client, cls.class_cleanup, cls.logger)
cls.class_cleanup = []
cls.zone = get_zone(cls.api_client, cls.test_client.getZoneForTests())
cls.logger.debug("Zone '%s' selected" % cls.zone.name)
cls.domain = get_domain(cls.api_client)
cls.logger.debug("Domain '%s' selected" % cls.domain.name)
cls.template = get_template(cls.api_client, cls.zone.id)
cls.logger.debug("Template '%s' selected" % cls.template.name)
cls.account = Account.create(cls.api_client,
cls.attributes['account'],
admin=True,
domainid=cls.domain.id)
cls.class_cleanup += [cls.account]
cls.logger.debug("Account '%s' created", cls.account.name)
cls.vpc_offering = get_default_redundant_vpc_offering(
cls.api_client) if redundant else get_default_vpc_offering(
cls.api_client)
cls.logger.debug("VPC Offering '%s' selected", cls.vpc_offering.name)
cls.network_offering = get_default_network_offering(cls.api_client)
cls.logger.debug("Network Offering '%s' selected",
cls.network_offering.name)
cls.virtual_machine_offering = get_default_virtual_machine_offering(
cls.api_client)
cls.logger.debug("Virtual Machine Offering '%s' selected",
cls.virtual_machine_offering.name)
cls.default_allow_acl = get_network_acl(cls.api_client,
'default_allow')
cls.logger.debug("ACL '%s' selected", cls.default_allow_acl.name)
cls.default_deny_acl = get_network_acl(cls.api_client, 'default_deny')
cls.logger.debug("ACL '%s' selected", cls.default_deny_acl.name)
cls.vpc1 = VPC.create(cls.api_client,
cls.attributes['vpcs']['vpc1'],
vpcofferingid=cls.vpc_offering.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
account=cls.account.name)
cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc1.name,
cls.vpc1.cidr)
cls.network1 = Network.create(
cls.api_client,
cls.attributes['networks']['network1'],
networkofferingid=cls.network_offering.id,
aclid=cls.default_allow_acl.id,
vpcid=cls.vpc1.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
accountid=cls.account.name)
cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s",
cls.network1.name, cls.network1.cidr,
cls.network1.gateway)
cls.vm1 = VirtualMachine.create(
cls.api_client,
cls.attributes['vms']['vm1'],
templateid=cls.template.id,
serviceofferingid=cls.virtual_machine_offering.id,
networkids=[cls.network1.id],
zoneid=cls.zone.id,
domainid=cls.domain.id,
accountid=cls.account.name)
cls.logger.debug("VM '%s' created, Network: %s, IP %s", cls.vm1.name,
cls.network1.name, cls.vm1.nic[0].ipaddress)
cls.public_ip1 = PublicIPAddress.create(cls.api_client,
zoneid=cls.zone.id,
domainid=cls.account.domainid,
accountid=cls.account.name,
vpcid=cls.vpc1.id,
networkid=cls.network1.id)
cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s",
cls.public_ip1.ipaddress.ipaddress, cls.vpc1.name,
cls.network1.name)
cls.nat_rule1 = NATRule.create(cls.api_client,
cls.vm1,
cls.attributes['nat_rule'],
vpcid=cls.vpc1.id,
networkid=cls.network1.id,
ipaddressid=cls.public_ip1.ipaddress.id)
cls.logger.debug("Port Forwarding Rule '%s (%s) %s => %s' created",
cls.nat_rule1.ipaddress, cls.nat_rule1.protocol,
cls.nat_rule1.publicport, cls.nat_rule1.privateport)
def test_01_redundant_vpc_site2site_vpn(self):
"""Test Site 2 Site VPN Across redundant VPCs"""
self.logger.debug("Starting test: test_02_redundant_vpc_site2site_vpn")
# 0) Get the default network offering for VPC
networkOffering = NetworkOffering.list(
self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(
networkOffering) > 0, "No VPC based network offering")
# Create and enable redundant VPC offering
redundant_vpc_offering = self._create_vpc_offering(
'redundant_vpc_offering')
self.assert_(redundant_vpc_offering is not None,
"Failed to create redundant VPC Offering")
redundant_vpc_offering.update(self.apiclient, state='Enabled')
# Create VPC 1
vpc1 = None
try:
vpc1 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc1.vpn",
vpcofferingid=redundant_vpc_offering.id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc1 is not None, "VPC1 creation failed")
self.logger.debug("VPC1 %s created" % vpc1.id)
# Create VPC 2
vpc2 = None
try:
vpc2 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc2"],
networkDomain="vpc2.vpn",
vpcofferingid=redundant_vpc_offering.id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc2 is not None, "VPC2 creation failed")
self.logger.debug("VPC2 %s created" % vpc2.id)
default_acl = NetworkACLList.list(
self.apiclient, name="default_allow")[0]
# Create network in VPC 1
ntwk1 = None
try:
ntwk1 = Network.create(
apiclient=self.apiclient,
services=self.services["network_1"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc1.id,
aclid=default_acl.id
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk1, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))
# Create network in VPC 2
ntwk2 = None
try:
ntwk2 = Network.create(
apiclient=self.apiclient,
services=self.services["network_2"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc2.id,
aclid=default_acl.id
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk2, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))
# Deploy a vm in network 2
vm1 = None
try:
vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.compute_offering.id,
networkids=ntwk1.id,
hypervisor=self.hypervisor
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm1 is not None, "VM failed to deploy")
self.assert_(vm1.state == 'Running', "VM is not running")
self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))
# Deploy a vm in network 2
vm2 = None
try:
vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.compute_offering.id,
networkids=ntwk2.id,
hypervisor=self.hypervisor
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm2 is not None, "VM failed to deploy")
self.assert_(vm2.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id))
# 4) Enable Site-to-Site VPN for VPC
vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
self.assert_(
vpn1_response is not None, "Failed to enable VPN Gateway 1")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)
vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
self.assert_(
vpn2_response is not None, "Failed to enable VPN Gateway 2")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)
# 5) Add VPN Customer gateway info
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc1.id
)
ip1 = src_nat_list[0]
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc2.id
)
ip2 = src_nat_list[0]
services = self.services["vpncustomergateway"]
customer1_response = VpnCustomerGateway.create(
self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id)
self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id)
self.logger.debug(vars(customer1_response))
customer2_response = VpnCustomerGateway.create(
self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id)
self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id)
self.logger.debug(vars(customer2_response))
# 6) Connect two VPCs
vpnconn1_response = Vpn.createVpnConnection(
self.apiclient, customer1_response.id, vpn2_response['id'], True)
self.debug("VPN passive connection created for VPC %s" % vpc2.id)
vpnconn2_response = Vpn.createVpnConnection(
self.apiclient, customer2_response.id, vpn1_response['id'])
self.debug("VPN connection created for VPC %s" % vpc1.id)
self.assertEqual(
vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")
# acquire an extra ip address to use to ssh into vm2
try:
vm2.public_ip = PublicIPAddress.create(
apiclient=self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
services=self.services,
networkid=ntwk2.id,
vpcid=vpc2.id)
except Exception as e:
self.fail(e)
finally:
self.assert_(
vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")
# Create port forward to be able to ssh into vm2
natrule = None
try:
natrule = self._create_natrule(
vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
except Exception as e:
self.fail(e)
finally:
self.assert_(
natrule is not None, "Failed to create portforward for vm2")
time.sleep(20)
# setup ssh connection to vm2
ssh_client = self._get_ssh_client(vm2, self.services, 10)
if ssh_client:
# run ping test
packet_loss = ssh_client.execute(
"/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
self.assert_(int(packet_loss) == 0, "Ping did not succeed")
else:
self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
def test_01_host_maintenance_mode(self):
"""Test host maintenance mode
"""
# Validate the following
# 1. Create Vms. Acquire IP. Create port forwarding & load balancing
# rules for Vms.
# 2. Host 1: put to maintenance mode. All Vms should failover to Host
# 2 in cluster. Vms should be in running state. All port forwarding
# rules and load balancing Rules should work.
# 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host
# 2 should succeed.
# 4. Host 1: cancel maintenance mode.
# 5. Host 2 : put to maintenance mode. All Vms should failover to
# Host 1 in cluster.
# 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on
# host 1 should succeed.
hosts = Host.list(
self.apiclient,
zoneid=self.zone.id,
resourcestate='Enabled',
type='Routing'
)
self.assertEqual(
isinstance(hosts, list),
True,
"List hosts should return valid host response"
)
if len(hosts) < 2:
self.skipTest("There must be at least 2 hosts present in cluster")
self.debug("Checking HA with hosts: %s, %s" % (
hosts[0].name,
hosts[1].name
))
self.debug("Deploying VM in account: %s" % self.account.name)
# Spawn an instance in that network
virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
vms = VirtualMachine.list(
self.apiclient,
id=virtual_machine.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.assertEqual(
vm.state,
"Running",
"Deployed VM should be in RUnning state"
)
networks = Network.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True
)
self.assertEqual(
isinstance(networks, list),
True,
"List networks should return valid list for the account"
)
network = networks[0]
self.debug("Associating public IP for account: %s" %
self.account.name)
public_ip = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id
)
self.debug("Associated %s with network %s" % (
public_ip.ipaddress.ipaddress,
network.id
))
self.debug("Creating PF rule for IP address: %s" %
public_ip.ipaddress.ipaddress)
NATRule.create(
self.apiclient,
virtual_machine,
self.services["natrule"],
ipaddressid=public_ip.ipaddress.id
)
self.debug("Creating LB rule on IP with NAT: %s" %
public_ip.ipaddress.ipaddress)
# Create Load Balancer rule on IP already having NAT rule
lb_rule = LoadBalancerRule.create(
self.apiclient,
self.services["lbrule"],
ipaddressid=public_ip.ipaddress.id,
accountid=self.account.name
)
self.debug("Created LB rule with ID: %s" % lb_rule.id)
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e)
)
first_host = vm.hostid
self.debug("Enabling maintenance mode for host %s" % vm.hostid)
cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd()
cmd.id = first_host
self.apiclient.prepareHostForMaintenance(cmd)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
timeout = self.services["timeout"]
# Poll and check state of VM while it migrates from one host to another
while True:
vms = VirtualMachine.list(
self.apiclient,
id=virtual_machine.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug("VM 1 state: %s" % vm.state)
if vm.state in ["Stopping",
"Stopped",
"Running",
"Starting",
"Migrating"]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail(
"VM migration from one-host-to-other\
failed while enabling maintenance"
)
second_host = vm.hostid
self.assertEqual(
vm.state,
"Running",
"VM should be in Running state after enabling host maintenance"
)
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e)
)
self.debug("Deploying VM in account: %s" % self.account.name)
# Spawn an instance on other host
virtual_machine_2 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
vms = VirtualMachine.list(
self.apiclient,
id=virtual_machine_2.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.debug("VM 2 state: %s" % vm.state)
self.assertEqual(
vm.state,
"Running",
"Deployed VM should be in Running state"
)
self.debug("Canceling host maintenance for ID: %s" % first_host)
cmd = cancelHostMaintenance.cancelHostMaintenanceCmd()
cmd.id = first_host
self.apiclient.cancelHostMaintenance(cmd)
self.debug("Maintenance mode canceled for host: %s" % first_host)
self.debug("Enabling maintenance mode for host %s" % second_host)
cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd()
cmd.id = second_host
self.apiclient.prepareHostForMaintenance(cmd)
self.debug("Maintenance mode enabled for host: %s" % second_host)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
# Poll and check the status of VMs
timeout = self.services["timeout"]
while True:
vms = VirtualMachine.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug(
"VM state after enabling maintenance on first host: %s" %
vm.state)
if vm.state in [
"Stopping",
"Stopped",
"Running",
"Starting",
"Migrating"
]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail(
"VM migration from one-host-to-other failed\
while enabling maintenance"
)
# Poll and check the status of VMs
timeout = self.services["timeout"]
while True:
vms = VirtualMachine.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[1]
self.debug(
"VM state after enabling maintenance on first host: %s" %
vm.state)
if vm.state in [
"Stopping",
"Stopped",
"Running",
"Starting",
"Migrating"
]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail(
"VM migration from one-host-to-other\
failed while enabling maintenance"
)
for vm in vms:
self.debug(
"VM states after enabling maintenance mode on host: %s - %s" %
(first_host, vm.state))
self.assertEqual(
vm.state,
"Running",
"Deployed VM should be in Running state"
)
# Spawn an instance on other host
virtual_machine_3 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
vms = VirtualMachine.list(
self.apiclient,
id=virtual_machine_3.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.debug("VM 3 state: %s" % vm.state)
self.assertEqual(
vm.state,
"Running",
"Deployed VM should be in Running state"
)
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e)
)
self.debug("Canceling host maintenance for ID: %s" % second_host)
cmd = cancelHostMaintenance.cancelHostMaintenanceCmd()
cmd.id = second_host
self.apiclient.cancelHostMaintenance(cmd)
self.debug("Maintenance mode canceled for host: %s" % second_host)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
return
def create_vm(self, pfrule=False, egress_policy=True, RR=False):
self.create_network_offering(egress_policy, RR)
# Creating network using the network offering created
self.debug("Creating network with network offering: %s" %
self.network_offering.id)
self.network = Network.create(
self.apiclient,
self.services["network"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=self.network_offering.id,
zoneid=self.zone.id)
self.cleanup_networks.append(self.network)
self.debug("Created network with ID: %s" % self.network.id)
self.debug("Deploying instance in the account: %s" % self.account.name)
project = None
try:
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.domain.id,
serviceofferingid=self.service_offering.id,
mode=self.zone.networktype if pfrule else 'basic',
networkids=[str(self.network.id)],
projectid=project.id if project else None)
self.cleanup_vms.append(self.virtual_machine)
except Exception as e:
self.fail("Virtual machine deployment failed with exception: %s" %
e)
self.debug("Deployed instance %s in account: %s" %
(self.virtual_machine.id, self.account.name))
# Checking if VM is running or not, in case it is deployed in error state, test case fails
self.vm_list = list_virtual_machines(self.apiclient,
id=self.virtual_machine.id)
self.assertEqual(
validateList(self.vm_list)[0], PASS,
"vm list validation failed, vm list is %s" % self.vm_list)
self.assertEqual(
str(self.vm_list[0].state).lower(), 'running',
"VM state should be running, it is %s" % self.vm_list[0].state)
self.public_ip = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=self.network.id)
# Open up firewall port for SSH
FireWallRule.create(self.apiclient,
ipaddressid=self.public_ip.ipaddress.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"])
self.debug("Creating NAT rule for VM ID: %s" % self.virtual_machine.id)
#Create NAT rule
NATRule.create(self.apiclient, self.virtual_machine,
self.services["natrule"], self.public_ip.ipaddress.id)
return
def test_02_host_maintenance_mode_with_activities(self):
"""Test host maintenance mode with activities
"""
# Validate the following
# 1. Create Vms. Acquire IP. Create port forwarding & load balancing
# rules for Vms.
# 2. While activities are ongoing: Create snapshots, recurring
# snapshots, create templates, download volumes, Host 1: put to
# maintenance mode. All Vms should failover to Host 2 in cluster
# Vms should be in running state. All port forwarding rules and
# load balancing Rules should work.
# 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host
# 2 should succeed. All ongoing activities in step 3 should succeed
# 4. Host 1: cancel maintenance mode.
# 5. While activities are ongoing: Create snapshots, recurring
# snapshots, create templates, download volumes, Host 2: put to
# maintenance mode. All Vms should failover to Host 1 in cluster.
# 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on
# host 1 should succeed. All ongoing activities in step 6 should
# succeed.
hosts = Host.list(
self.apiclient,
zoneid=self.zone.id,
resourcestate='Enabled',
type='Routing'
)
self.assertEqual(
isinstance(hosts, list),
True,
"List hosts should return valid host response"
)
if len(hosts) < 2:
self.skipTest("There must be at least 2 hosts present in cluster")
self.debug("Checking HA with hosts: %s, %s" % (
hosts[0].name,
hosts[1].name
))
self.debug("Deploying VM in account: %s" % self.account.name)
# Spawn an instance in that network
virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
vms = VirtualMachine.list(
self.apiclient,
id=virtual_machine.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.assertEqual(
vm.state,
"Running",
"Deployed VM should be in RUnning state"
)
networks = Network.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True
)
self.assertEqual(
isinstance(networks, list),
True,
"List networks should return valid list for the account"
)
network = networks[0]
self.debug("Associating public IP for account: %s" %
self.account.name)
public_ip = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id
)
self.debug("Associated %s with network %s" % (
public_ip.ipaddress.ipaddress,
network.id
))
self.debug("Creating PF rule for IP address: %s" %
public_ip.ipaddress.ipaddress)
NATRule.create(
self.apiclient,
virtual_machine,
self.services["natrule"],
ipaddressid=public_ip.ipaddress.id
)
self.debug("Creating LB rule on IP with NAT: %s" %
public_ip.ipaddress.ipaddress)
# Create Load Balancer rule on IP already having NAT rule
lb_rule = LoadBalancerRule.create(
self.apiclient,
self.services["lbrule"],
ipaddressid=public_ip.ipaddress.id,
accountid=self.account.name
)
self.debug("Created LB rule with ID: %s" % lb_rule.id)
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e)
)
# Get the Root disk of VM
volumes = list_volumes(
self.apiclient,
virtualmachineid=virtual_machine.id,
type='ROOT',
listall=True
)
volume = volumes[0]
self.debug(
"Root volume of VM(%s): %s" % (
virtual_machine.name,
volume.name
))
# Create a snapshot from the ROOTDISK
self.debug("Creating snapshot on ROOT volume: %s" % volume.name)
snapshot = Snapshot.create(self.apiclient, volumes[0].id)
self.debug("Snapshot created: ID - %s" % snapshot.id)
snapshots = list_snapshots(
self.apiclient,
id=snapshot.id,
listall=True
)
self.assertEqual(
isinstance(snapshots, list),
True,
"Check list response returns a valid list"
)
self.assertNotEqual(
snapshots,
None,
"Check if result exists in list snapshots call"
)
self.assertEqual(
snapshots[0].id,
snapshot.id,
"Check snapshot id in list resources call"
)
# Generate template from the snapshot
self.debug("Generating template from snapshot: %s" % snapshot.name)
template = Template.create_from_snapshot(
self.apiclient,
snapshot,
self.services["templates"]
)
self.debug("Created template from snapshot: %s" % template.id)
templates = list_templates(
self.apiclient,
templatefilter=self.services["templates"]["templatefilter"],
id=template.id
)
self.assertEqual(
isinstance(templates, list),
True,
"List template call should return the newly created template"
)
self.assertEqual(
templates[0].isready,
True,
"The newly created template should be in ready state"
)
first_host = vm.hostid
self.debug("Enabling maintenance mode for host %s" % vm.hostid)
cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd()
cmd.id = first_host
self.apiclient.prepareHostForMaintenance(cmd)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
timeout = self.services["timeout"]
# Poll and check state of VM while it migrates from one host to another
while True:
vms = VirtualMachine.list(
self.apiclient,
id=virtual_machine.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug("VM 1 state: %s" % vm.state)
if vm.state in ["Stopping",
"Stopped",
"Running",
"Starting",
"Migrating"]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail(
"VM migration from one-host-to-other failed\
while enabling maintenance"
)
second_host = vm.hostid
self.assertEqual(
vm.state,
"Running",
"VM should be in Running state after enabling host maintenance"
)
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e)
)
self.debug("Deploying VM in account: %s" % self.account.name)
# Spawn an instance on other host
virtual_machine_2 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
vms = VirtualMachine.list(
self.apiclient,
id=virtual_machine_2.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.debug("VM 2 state: %s" % vm.state)
self.assertEqual(
vm.state,
"Running",
"Deployed VM should be in Running state"
)
self.debug("Canceling host maintenance for ID: %s" % first_host)
cmd = cancelHostMaintenance.cancelHostMaintenanceCmd()
cmd.id = first_host
self.apiclient.cancelHostMaintenance(cmd)
self.debug("Maintenance mode canceled for host: %s" % first_host)
# Get the Root disk of VM
volumes = list_volumes(
self.apiclient,
virtualmachineid=virtual_machine_2.id,
type='ROOT',
listall=True
)
volume = volumes[0]
self.debug(
"Root volume of VM(%s): %s" % (
virtual_machine_2.name,
volume.name
))
# Create a snapshot from the ROOTDISK
self.debug("Creating snapshot on ROOT volume: %s" % volume.name)
snapshot = Snapshot.create(self.apiclient, volumes[0].id)
self.debug("Snapshot created: ID - %s" % snapshot.id)
snapshots = list_snapshots(
self.apiclient,
id=snapshot.id,
listall=True
)
self.assertEqual(
isinstance(snapshots, list),
True,
"Check list response returns a valid list"
)
self.assertNotEqual(
snapshots,
None,
"Check if result exists in list snapshots call"
)
self.assertEqual(
snapshots[0].id,
snapshot.id,
"Check snapshot id in list resources call"
)
# Generate template from the snapshot
self.debug("Generating template from snapshot: %s" % snapshot.name)
template = Template.create_from_snapshot(
self.apiclient,
snapshot,
self.services["templates"]
)
self.debug("Created template from snapshot: %s" % template.id)
templates = list_templates(
self.apiclient,
templatefilter=self.services["templates"]["templatefilter"],
id=template.id
)
self.assertEqual(
isinstance(templates, list),
True,
"List template call should return the newly created template"
)
self.assertEqual(
templates[0].isready,
True,
"The newly created template should be in ready state"
)
self.debug("Enabling maintenance mode for host %s" % second_host)
cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd()
cmd.id = second_host
self.apiclient.prepareHostForMaintenance(cmd)
self.debug("Maintenance mode enabled for host: %s" % second_host)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
# Poll and check the status of VMs
timeout = self.services["timeout"]
while True:
vms = VirtualMachine.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug(
"VM state after enabling maintenance on first host: %s" %
vm.state)
if vm.state in ["Stopping",
"Stopped",
"Running",
"Starting",
"Migrating"]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail(
"VM migration from one-host-to-other failed\
while enabling maintenance"
)
# Poll and check the status of VMs
timeout = self.services["timeout"]
while True:
vms = VirtualMachine.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[1]
self.debug(
"VM state after enabling maintenance on first host: %s" %
vm.state)
if vm.state in ["Stopping",
"Stopped",
"Running",
"Starting",
"Migrating"]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail(
"VM migration from one-host-to-other failed\
while enabling maintenance"
)
for vm in vms:
self.debug(
"VM states after enabling maintenance mode on host: %s - %s" %
(first_host, vm.state))
self.assertEqual(
vm.state,
"Running",
"Deployed VM should be in Running state"
)
# Spawn an instance on other host
virtual_machine_3 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
vms = VirtualMachine.list(
self.apiclient,
id=virtual_machine_3.id,
listall=True
)
self.assertEqual(
isinstance(vms, list),
True,
"List VMs should return valid response for deployed VM"
)
self.assertNotEqual(
len(vms),
0,
"List VMs should return valid response for deployed VM"
)
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.debug("VM 3 state: %s" % vm.state)
self.assertEqual(
vm.state,
"Running",
"Deployed VM should be in Running state"
)
self.debug("Canceling host maintenance for ID: %s" % second_host)
cmd = cancelHostMaintenance.cancelHostMaintenanceCmd()
cmd.id = second_host
self.apiclient.cancelHostMaintenance(cmd)
self.debug("Maintenance mode canceled for host: %s" % second_host)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
return
def test_01_acquire_public_ips_in_isolated_network_with_single_vr(self):
""" Acquire IPs in multiple subnets in isolated networks with single VR
# Steps
# 1. Create network offering with single VR, and enable it
# 2. create isolated network with the network offering
# 3. create a vm in the network.
# verify the available nics in VR should be "eth0,eth1,eth2"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP
# 4. get a free public ip, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP and new ip
# 5. remove the port forwarding rule, and release the new ip
# verify the available nics in VR should be "eth0,eth1,eth2"
# verify the IPs in VR. eth0 -> guest nic IP, eth2 -> source nat IP
# 6. create new public ip range 1
# 7. get a free ip 4 in new ip range 2, assign to network, and enable static nat to vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1
# 8. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2,
# 9. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, new ip 3
# 10. release new ip 2
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 3
# 11. release new ip 1
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3
# 12. create new public ip range 2
# 13. get a free ip 4 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4
# 14. get a free ip 5 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5
# 15. get a free ip 6 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5/6
# 16. release new ip 5
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/6
# 17. release new ip 4
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 6
# 18. release new ip 3
# verify the available nics in VR should be "eth0,eth1,eth2,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6
# 19. restart network
# verify the available nics in VR should be "eth0,eth1,eth2,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6
# 20. reboot router
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6
# 21. restart network with cleanup
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6
# 22. restart network with cleanup, makeredundant=true
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6
"""
# Create new domain1
self.domain1 = Domain.create(self.apiclient,
services=self.services["acl"]["domain1"],
parentdomainid=self.domain.id)
# Create account1
self.account1 = Account.create(self.apiclient,
self.services["acl"]["accountD1"],
domainid=self.domain1.id)
self.cleanup.append(self.account1)
self.cleanup.append(self.domain1)
# 1. Create network offering with single VR, and enable it
self.network_offering = NetworkOffering.create(
self.apiclient,
self.services["isolated_network_offering"],
)
self.network_offering.update(self.apiclient, state='Enabled')
self.cleanup.append(self.network_offering)
# 2. create isolated network with the network offering
self.services["network"]["zoneid"] = self.zone.id
self.services["network"]["networkoffering"] = self.network_offering.id
self.network1 = Network.create(self.apiclient,
self.services["network"],
self.account1.name,
self.account1.domainid)
# 3. create a vm in the network.
try:
self.virtual_machine1 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account1.name,
domainid=self.account1.domainid,
serviceofferingid=self.service_offering.id,
templateid=self.template.id,
zoneid=self.zone.id,
networkids=self.network1.id)
except Exception as e:
self.fail("Exception while deploying virtual machine: %s" % e)
# verify the available nics in VR should be "eth0,eth1,eth2"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_router_publicnic_state(router, host, "eth2")
# 4. get a free public ip, assign to network, and create port forwarding rules (ssh) to the vm
ipaddress = PublicIPAddress.create(
self.apiclient,
zoneid=self.zone.id,
networkid=self.network1.id,
)
nat_rule = NATRule.create(self.apiclient,
self.virtual_machine1,
self.services["natrule"],
ipaddressid=ipaddress.ipaddress.id,
openfirewall=True)
# verify the available nics in VR should be "eth0,eth1,eth2"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP/new ip
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress.ipaddress.ipaddress,
"eth2", True)
self.verify_router_publicnic_state(router, host, "eth2")
# 5. release the new ip
ipaddress.delete(self.apiclient)
# verify the available nics in VR should be "eth0,eth1,eth2"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress.ipaddress.ipaddress,
"eth2", False)
self.verify_router_publicnic_state(router, host, "eth2")
# 6. create new public ip range 1
self.services["publiciprange"]["zoneid"] = self.zone.id
self.services["publiciprange"]["forvirtualnetwork"] = "true"
random_subnet_number = random.randrange(10, 50)
self.services["publiciprange"]["vlan"] = get_free_vlan(
self.apiclient, self.zone.id)[1]
self.services["publiciprange"]["gateway"] = "172.16." + str(
random_subnet_number) + ".1"
self.services["publiciprange"]["startip"] = "172.16." + str(
random_subnet_number) + ".2"
self.services["publiciprange"]["endip"] = "172.16." + str(
random_subnet_number) + ".10"
self.services["publiciprange"]["netmask"] = "255.255.255.0"
self.public_ip_range1 = PublicIpRange.create(
self.apiclient, self.services["publiciprange"])
self.cleanup.append(self.public_ip_range1)
# 7. get a free ip 4 in new ip range 2, assign to network, and enable static nat to vm
ip_address_1 = self.get_free_ipaddress(self.public_ip_range1.vlan.id)
ipaddress_1 = PublicIPAddress.create(self.apiclient,
zoneid=self.zone.id,
networkid=self.network1.id,
ipaddress=ip_address_1)
StaticNATRule.enable(self.apiclient,
virtualmachineid=self.virtual_machine1.id,
ipaddressid=ipaddress_1.ipaddress.id,
networkid=self.network1.id)
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth3,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_1.ipaddress.ipaddress,
"eth3", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3")
# 8. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2,
ip_address_2 = self.get_free_ipaddress(self.public_ip_range1.vlan.id)
ipaddress_2 = PublicIPAddress.create(self.apiclient,
zoneid=self.zone.id,
networkid=self.network1.id,
ipaddress=ip_address_2)
nat_rule = NATRule.create(self.apiclient,
self.virtual_machine1,
self.services["natrule"],
ipaddressid=ipaddress_2.ipaddress.id,
openfirewall=True)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth3,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_1.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_2.ipaddress.ipaddress,
"eth3", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3")
# 9. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, new ip 3
ip_address_3 = self.get_free_ipaddress(self.public_ip_range1.vlan.id)
ipaddress_3 = PublicIPAddress.create(self.apiclient,
zoneid=self.zone.id,
networkid=self.network1.id,
ipaddress=ip_address_3)
nat_rule = NATRule.create(self.apiclient,
self.virtual_machine1,
self.services["natrule"],
ipaddressid=ipaddress_3.ipaddress.id,
openfirewall=True)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth3,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_1.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_2.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_3.ipaddress.ipaddress,
"eth3", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3")
# 10. release new ip 2
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 3
ipaddress_2.delete(self.apiclient)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth3,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_1.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_2.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_3.ipaddress.ipaddress,
"eth3", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3")
# 11. release new ip 1
# verify the available nics in VR should be "eth0,eth1,eth2,eth3"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3
ipaddress_1.delete(self.apiclient)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth3,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_1.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_2.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_3.ipaddress.ipaddress,
"eth3", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3")
# 12. create new public ip range 2
self.services["publiciprange"]["zoneid"] = self.zone.id
self.services["publiciprange"]["forvirtualnetwork"] = "true"
self.services["publiciprange"]["vlan"] = get_free_vlan(
self.apiclient, self.zone.id)[1]
self.services["publiciprange"]["gateway"] = "172.16." + str(
random_subnet_number + 1) + ".1"
self.services["publiciprange"]["startip"] = "172.16." + str(
random_subnet_number + 1) + ".2"
self.services["publiciprange"]["endip"] = "172.16." + str(
random_subnet_number + 1) + ".10"
self.services["publiciprange"]["netmask"] = "255.255.255.0"
self.public_ip_range2 = PublicIpRange.create(
self.apiclient, self.services["publiciprange"])
self.cleanup.append(self.public_ip_range2)
# 13. get a free ip 4 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4
ip_address_4 = self.get_free_ipaddress(self.public_ip_range2.vlan.id)
ipaddress_4 = PublicIPAddress.create(self.apiclient,
zoneid=self.zone.id,
networkid=self.network1.id,
ipaddress=ip_address_4)
StaticNATRule.enable(self.apiclient,
virtualmachineid=self.virtual_machine1.id,
ipaddressid=ipaddress_4.ipaddress.id,
networkid=self.network1.id)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(
router, host, "eth0,eth1,eth2,eth3,eth4,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_3.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth4", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4")
# 14. get a free ip 5 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5
ip_address_5 = self.get_free_ipaddress(self.public_ip_range2.vlan.id)
ipaddress_5 = PublicIPAddress.create(self.apiclient,
zoneid=self.zone.id,
networkid=self.network1.id,
ipaddress=ip_address_5)
nat_rule = NATRule.create(self.apiclient,
self.virtual_machine1,
self.services["natrule"],
ipaddressid=ipaddress_5.ipaddress.id,
openfirewall=True)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(
router, host, "eth0,eth1,eth2,eth3,eth4,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_3.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth4", True)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth4", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4")
# 15. get a free ip 6 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5/6
ip_address_6 = self.get_free_ipaddress(self.public_ip_range2.vlan.id)
ipaddress_6 = PublicIPAddress.create(self.apiclient,
zoneid=self.zone.id,
networkid=self.network1.id,
ipaddress=ip_address_6)
nat_rule = NATRule.create(self.apiclient,
self.virtual_machine1,
self.services["natrule"],
ipaddressid=ipaddress_6.ipaddress.id,
openfirewall=True)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(
router, host, "eth0,eth1,eth2,eth3,eth4,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_3.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth4", True)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth4", True)
self.verify_ip_address_in_router(router, host,
ipaddress_6.ipaddress.ipaddress,
"eth4", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4")
# 16. release new ip 5
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/6
ipaddress_5.delete(self.apiclient)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(
router, host, "eth0,eth1,eth2,eth3,eth4,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_3.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth4", True)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth4", False)
self.verify_ip_address_in_router(router, host,
ipaddress_6.ipaddress.ipaddress,
"eth4", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4")
# 17. release new ip 4
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 6
ipaddress_4.delete(self.apiclient)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(
router, host, "eth0,eth1,eth2,eth3,eth4,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_3.ipaddress.ipaddress,
"eth3", True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth4", False)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth4", False)
self.verify_ip_address_in_router(router, host,
ipaddress_6.ipaddress.ipaddress,
"eth4", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4")
# 18. release new ip 3
# verify the available nics in VR should be "eth0,eth1,eth2,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6
ipaddress_3.delete(self.apiclient)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth4,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth4", False)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth4", False)
self.verify_ip_address_in_router(router, host,
ipaddress_6.ipaddress.ipaddress,
"eth4", True)
self.verify_router_publicnic_state(router, host, "eth2|eth4")
# 19. restart network
# verify the available nics in VR should be "eth0,eth1,eth2,eth4,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6
self.network1.restart(self.apiclient)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth4,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth4", False)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth4", False)
self.verify_ip_address_in_router(router, host,
ipaddress_6.ipaddress.ipaddress,
"eth4", True)
self.verify_router_publicnic_state(router, host, "eth2|eth4")
# 20. reboot router
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6
if len(routers) > 0:
router = routers[0]
cmd = rebootRouter.rebootRouterCmd()
cmd.id = router.id
self.apiclient.rebootRouter(cmd)
router = self.get_router(router.id)
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth3,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_6.ipaddress.ipaddress,
"eth3", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3")
# 21. restart network with cleanup
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6
self.network1.restart(self.apiclient, cleanup=True)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth3,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_6.ipaddress.ipaddress,
"eth3", True)
# 22. restart network with cleanup, makeredundant=true
# verify the available nics in VR should be "eth0,eth1,eth2,eth3,"
# verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6
self.network1.restart(self.apiclient, cleanup=True, makeredundant=True)
routers = self.get_routers(self.network1.id)
for router in routers:
host = self.get_router_host(router)
self.verify_network_interfaces_in_router(router, host,
"eth0,eth1,eth2,eth3,")
guestIp, controlIp, sourcenatIp = self.get_router_ips(router)
self.verify_ip_address_in_router(router, host, guestIp, "eth0",
True)
self.verify_ip_address_in_router(router, host, controlIp, "eth1",
True)
self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2",
True)
self.verify_ip_address_in_router(router, host,
ipaddress_4.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_5.ipaddress.ipaddress,
"eth3", False)
self.verify_ip_address_in_router(router, host,
ipaddress_6.ipaddress.ipaddress,
"eth3", True)
self.verify_router_publicnic_state(router, host, "eth2|eth3")
def setUpClass(cls):
cls.logger = MarvinLog(MarvinLog.LOGGER_TEST).get_logger()
testClient = super(TestLoadBalance, cls).getClsTestClient()
cls.apiclient = testClient.getApiClient()
cls.services = testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.template = get_template(
cls.apiclient,
cls.zone.id
)
if cls.template == FAILED:
assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
# Create an account, network, VM and IP addresses
cls.account = Account.create(
cls.apiclient,
cls.services["account"],
admin=True,
domainid=cls.domain.id
)
cls.service_offering = get_default_virtual_machine_offering(cls.apiclient)
cls.network_offering = get_default_network_offering(cls.apiclient)
cls.logger.debug("Network Offering '%s' selected", cls.network_offering.name)
cls.vpc_offering = get_default_vpc_offering(cls.apiclient)
cls.logger.debug("VPC Offering '%s' selected", cls.vpc_offering.name)
cls.vpc1 = VPC.create(cls.apiclient,
cls.services['vpcs']['vpc1'],
vpcofferingid=cls.vpc_offering.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
account=cls.account.name)
cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc1.name, cls.vpc1.cidr)
cls.default_allow_acl = get_network_acl(cls.apiclient, 'default_allow')
cls.logger.debug("ACL '%s' selected", cls.default_allow_acl.name)
cls.network1 = Network.create(cls.apiclient,
cls.services['networks']['network1'],
networkofferingid=cls.network_offering.id,
aclid=cls.default_allow_acl.id,
vpcid=cls.vpc1.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
accountid=cls.account.name)
cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s", cls.network1.name, cls.network1.cidr, cls.network1.gateway)
cls.vm_1 = VirtualMachine.create(
cls.apiclient,
cls.services["virtual_machine"],
templateid=cls.template.id,
accountid=cls.account.name,
domainid=cls.account.domainid,
serviceofferingid=cls.service_offering.id,
networkids=[cls.network1.id]
)
cls.vm_2 = VirtualMachine.create(
cls.apiclient,
cls.services["virtual_machine"],
templateid=cls.template.id,
accountid=cls.account.name,
domainid=cls.account.domainid,
serviceofferingid=cls.service_offering.id,
networkids=[cls.network1.id]
)
cls.vm_3 = VirtualMachine.create(
cls.apiclient,
cls.services["virtual_machine"],
templateid=cls.template.id,
accountid=cls.account.name,
domainid=cls.account.domainid,
serviceofferingid=cls.service_offering.id,
networkids=[cls.network1.id]
)
cls.non_src_nat_ip = PublicIPAddress.create(cls.apiclient,
zoneid=cls.zone.id,
domainid=cls.account.domainid,
accountid=cls.account.name,
vpcid=cls.vpc1.id,
networkid=cls.network1.id)
cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s", cls.non_src_nat_ip.ipaddress.ipaddress, cls.vpc1.name, cls.network1.name)
command = replaceNetworkACLList.replaceNetworkACLListCmd()
command.aclid = cls.default_allow_acl.id
command.publicipid = cls.non_src_nat_ip.ipaddress.id
cls.apiclient.replaceNetworkACLList(command)
cls._cleanup = [
cls.account
]
def test_03_deploy_vms_in_vpc_with_regionlevelvpc(self):
"""Test deploy virtual machines in VPC networks"""
# 1. Create VPC Offering by specifying all supported Services
# (Vpn,dhcpdns,UserData, SourceNat,Static NAT and PF,LB,NetworkAcl)
# 2. Create a VPC using the above VPC offering
# 3. Create a network as part of this VPC.
# 4. Deploy few Vms.
# 5. Create a LB rule for this VM.
# 6. Create a PF rule for this VM.
# 7. Create a Static Nat rule for this VM.
# 8. Create Ingress rules on the network to open the above created
# LB PF and Static Nat rule
# 9. Create Egress Network ACL for this network to access google.com.
# 10. Enable VPN services
if not self.isOvsPluginEnabled:
self.skipTest("OVS plugin should be enabled to run this test case")
self.debug("Creating a VPC offering..")
vpc_off = VpcOffering.create(
self.apiclient,
self.services["vpc_offering"]
)
vpc_off.update(self.apiclient, state='Enabled')
self.debug("creating a VPC network in the account: %s" %
self.account.name)
vpc = VPC.create(
self.apiclient,
self.services["vpc"],
vpcofferingid=vpc_off.id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid,
networkDomain=self.account.domainid
)
self.validate_vpc_network(vpc)
self.network_offering = NetworkOffering.create(
self.apiclient,
self.services["network_offering"],
conservemode=False
)
# Enable Network offering
self.network_offering.update(self.apiclient, state='Enabled')
gateway = vpc.cidr.split('/')[0]
# Split the cidr to retrieve gateway
# for eg. cidr = 10.0.0.1/24
# Gateway = 10.0.0.1
# Creating network using the network offering created
self.debug("Creating network with network offering: %s" %
self.network_offering.id)
network = Network.create(
self.apiclient,
self.services["network"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=self.network_offering.id,
zoneid=self.zone.id,
gateway=gateway,
vpcid=vpc.id
)
self.debug("Created network with ID: %s" % network.id)
# Spawn an instance in that network
virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=[str(network.id)]
)
self.debug("Deployed VM in network: %s" % network.id)
self.debug("Associating public IP for network: %s" % network.name)
public_ip = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=vpc.id
)
self.debug("Associated %s with network %s" % (
public_ip.ipaddress.ipaddress,
network.id
))
self.debug("Creating LB rule for IP address: %s" %
public_ip.ipaddress.ipaddress)
LoadBalancerRule.create(
self.apiclient,
self.services["lbrule"],
ipaddressid=public_ip.ipaddress.id,
accountid=self.account.name,
networkid=network.id,
vpcid=vpc.id,
domainid=self.account.domainid
)
self.debug("Associating public IP for network: %s" % vpc.name)
public_ip_2 = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=vpc.id
)
self.debug("Associated %s with network %s" % (
public_ip_2.ipaddress.ipaddress,
network.id
))
NATRule.create(
self.apiclient,
virtual_machine,
self.services["natrule"],
ipaddressid=public_ip_2.ipaddress.id,
openfirewall=False,
networkid=network.id,
vpcid=vpc.id
)
self.debug("Adding NetwrokACl rules to make PF and LB accessible")
NetworkACL.create(
self.apiclient,
networkid=network.id,
services=self.services["natrule"],
traffictype='Ingress'
)
NetworkACL.create(
self.apiclient,
networkid=network.id,
services=self.services["lbrule"],
traffictype='Ingress'
)
self.debug("Checking if we can SSH into VM?")
try:
virtual_machine.get_ssh_client(
ipaddress=public_ip_2.ipaddress.ipaddress,
)
self.debug("SSH into VM is successfully")
except Exception as e:
self.fail("Failed to SSH into VM - %s, %s" %
(public_ip_2.ipaddress.ipaddress, e))
self.debug("Associating public IP for network: %s" % network.name)
public_ip_3 = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=vpc.id
)
self.debug("Associated %s with network %s" % (
public_ip_3.ipaddress.ipaddress,
network.id
))
self.debug("Enabling static NAT for IP: %s" %
public_ip_3.ipaddress.ipaddress)
try:
StaticNATRule.enable(
self.apiclient,
ipaddressid=public_ip_3.ipaddress.id,
virtualmachineid=virtual_machine.id,
networkid=network.id
)
self.debug("Static NAT enabled for IP: %s" %
public_ip_3.ipaddress.ipaddress)
except Exception as e:
self.fail("Failed to enable static NAT on IP: %s - %s" % (
public_ip_3.ipaddress.ipaddress, e))
public_ips = PublicIPAddress.list(
self.apiclient,
networkid=network.id,
listall=True,
isstaticnat=True,
account=self.account.name,
domainid=self.account.domainid
)
self.assertEqual(
isinstance(public_ips, list),
True,
"List public Ip for network should list the Ip addr"
)
self.assertEqual(
public_ips[0].ipaddress,
public_ip_3.ipaddress.ipaddress,
"List public Ip for network should list the Ip addr"
)
# TODO: Remote Access VPN is not yet supported in VPC
return
def test_01_positive_tests_vm_operations_advanced_zone(self, value):
""" Positive tests for VMLC test path - Advanced Zone
# 1. List created service offering in setUpClass by name
# 2. List registered template with name
# 3. Create VM in account
# 4. Enable networking for reaching to VM thorugh SSH
# 5. Check VM accessibility through SSH
# 6. Stop vm and verify vm is not accessible
# 7. Start vm and verify vm is not accessible
# 8. Reboot vm and verify vm is not accessible
# 9. Destroy and recover VM
# 10. Change service offering of VM to a different service offering
# 11. Verify that the cpuspeed, cpunumber and memory of VM matches to
# as specified in new service offering
# 12. Start VM and verify VM accessibility
# 13. Find suitable host for VM to migrate and migrate the VM
# 14. Verify VM accessibility on new host
"""
# List created service offering in setUpClass by name
listServiceOfferings = ServiceOffering.list(
self.apiclient,
name=self.service_offering_1.name,
listall=True
)
self.assertEqual(validateList(listServiceOfferings)[0], PASS,
"List validation failed for service offerings list")
self.assertEqual(listServiceOfferings[0].name,
self.service_offering_1.name,
"Names of created service offering\
and listed service offering not matching")
# List registered template with name
listTemplates = Template.list(
self.userapiclient,
templatefilter="self",
name=self.template.name,
listall=True,
zone=self.zone.id)
self.assertEqual(validateList(listTemplates)[0], PASS,
"List validation failed for templates list")
self.assertEqual(listTemplates[0].name, self.template.name,
"Names of created template and listed template\
not matching")
network = CreateNetwork(self, value)
# Create VM in account
self.virtual_machine = VirtualMachine.create(
self.userapiclient,
self.testdata["small"],
templateid=self.template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering_1.id,
networkids=[network.id, ],
zoneid=self.zone.id
)
self.cleanup.append(self.virtual_machine)
publicip = PublicIPAddress.create(
self.userapiclient, accountid=self.account.name,
zoneid=self.zone.id, domainid=self.account.domainid,
networkid=network.id, vpcid=self.vpcid
)
if value == VPC_NETWORK:
lb_rule = LoadBalancerRule.create(
self.apiclient,
self.testdata["vpclbrule"],
ipaddressid=publicip.ipaddress.id,
accountid=self.account.name,
domainid=self.account.domainid,
networkid=network.id,
vpcid=self.vpcid
)
lb_rule.assign(self.apiclient, [self.virtual_machine])
# Opening up the ports in VPC
NetworkACL.create(
self.apiclient,
networkid=network.id,
services=self.testdata["natrule"],
traffictype='Ingress'
)
elif value == ISOLATED_NETWORK:
FireWallRule.create(
self.userapiclient,
ipaddressid=publicip.ipaddress.id,
protocol='TCP',
cidrlist=[self.testdata["fwrule"]["cidr"]],
startport=self.testdata["fwrule"]["startport"],
endport=self.testdata["fwrule"]["endport"]
)
NATRule.create(
self.userapiclient,
self.virtual_machine,
self.testdata["natrule"],
ipaddressid=publicip.ipaddress.id,
networkid=network.id
)
# Check VM accessibility
try:
SshClient(host=publicip.ipaddress.ipaddress,
port=22,
user=self.virtual_machine.username,
passwd=self.virtual_machine.password)
except Exception as e:
self.fail("Exception while SSHing to VM: %s" % e)
# Stop VM and verify VM is not accessible
self.virtual_machine.stop(self.userapiclient)
with self.assertRaises(Exception):
SshClient(host=publicip.ipaddress.ipaddress,
port=22,
user=self.virtual_machine.username,
passwd=self.virtual_machine.password,
retries=0)
# Start VM and verify that it is accessible
self.virtual_machine.start(self.userapiclient)
try:
SshClient(host=publicip.ipaddress.ipaddress,
port=22,
user=self.virtual_machine.username,
passwd=self.virtual_machine.password)
except Exception as e:
self.fail("Exception while SSHing to VM: %s" % e)
# Reboot VM and verify that it is accessible
self.virtual_machine.reboot(self.userapiclient)
try:
SshClient(host=publicip.ipaddress.ipaddress,
port=22,
user=self.virtual_machine.username,
passwd=self.virtual_machine.password)
except Exception as e:
self.fail("Exception while SSHing to VM: %s" % e)
# Destroy and recover VM
self.virtual_machine.delete(self.apiclient, expunge=False)
self.virtual_machine.recover(self.apiclient)
# Change service offering of VM and verify that it is changed
self.virtual_machine.change_service_offering(
self.userapiclient,
serviceOfferingId=self.service_offering_2.id
)
VerifyChangeInServiceOffering(self,
self.virtual_machine,
self.service_offering_2)
# Start VM and verify that it is accessible
self.virtual_machine.start(self.userapiclient)
try:
SshClient(host=publicip.ipaddress.ipaddress,
port=22,
user=self.virtual_machine.username,
passwd=self.virtual_machine.password)
except Exception as e:
self.fail("Exception while SSHing to VM: %s" % e)
return
def setup_infra(cls, redundant=False):
if len(cls.class_cleanup) > 0:
cleanup_resources(cls.api_client, cls.class_cleanup, cls.logger)
cls.class_cleanup = []
cls.zone = get_zone(cls.api_client, cls.test_client.getZoneForTests())
cls.logger.debug("Zone '%s' selected" % cls.zone.name)
cls.domain = get_domain(cls.api_client)
cls.logger.debug("Domain '%s' selected" % cls.domain.name)
cls.template = get_template(
cls.api_client,
cls.zone.id)
cls.logger.debug("Template '%s' selected" % cls.template.name)
cls.account = Account.create(
cls.api_client,
cls.attributes['account'],
admin=True,
domainid=cls.domain.id)
cls.class_cleanup += [cls.account]
cls.logger.debug("Account '%s' created", cls.account.name)
cls.vpc_offering = get_default_redundant_vpc_offering(cls.api_client) if redundant else get_default_vpc_offering(cls.api_client)
cls.logger.debug("VPC Offering '%s' selected", cls.vpc_offering.name)
cls.network_offering = get_default_network_offering(cls.api_client)
cls.logger.debug("Network Offering '%s' selected", cls.network_offering.name)
cls.virtual_machine_offering = get_default_virtual_machine_offering(cls.api_client)
cls.logger.debug("Virtual Machine Offering '%s' selected", cls.virtual_machine_offering.name)
cls.private_network_offering = get_default_private_network_offering(cls.api_client)
cls.logger.debug("Private Network Offering '%s' selected", cls.private_network_offering.name)
cls.default_allow_acl = get_network_acl(cls.api_client, 'default_allow')
cls.logger.debug("ACL '%s' selected", cls.default_allow_acl.name)
cls.vpc1 = VPC.create(cls.api_client,
cls.attributes['vpcs']['vpc1'],
vpcofferingid=cls.vpc_offering.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
account=cls.account.name)
cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc1.name, cls.vpc1.cidr)
cls.network1 = Network.create(cls.api_client,
cls.attributes['networks']['network1'],
networkofferingid=cls.network_offering.id,
aclid=cls.default_allow_acl.id,
vpcid=cls.vpc1.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
accountid=cls.account.name)
cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s", cls.network1.name, cls.network1.cidr, cls.network1.gateway)
cls.vm1 = VirtualMachine.create(cls.api_client,
cls.attributes['vms']['vm1'],
templateid=cls.template.id,
serviceofferingid=cls.virtual_machine_offering.id,
networkids=[cls.network1.id],
zoneid=cls.zone.id,
domainid=cls.domain.id,
accountid=cls.account.name)
cls.logger.debug("VM '%s' created, Network: %s, IP %s", cls.vm1.name, cls.network1.name, cls.vm1.nic[0].ipaddress)
cls.public_ip1 = PublicIPAddress.create(cls.api_client,
zoneid=cls.zone.id,
domainid=cls.account.domainid,
accountid=cls.account.name,
vpcid=cls.vpc1.id,
networkid=cls.network1.id)
cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s", cls.public_ip1.ipaddress.ipaddress, cls.vpc1.name, cls.network1.name)
cls.nat_rule1 = NATRule.create(cls.api_client,
cls.vm1,
cls.attributes['nat_rule'],
vpcid=cls.vpc1.id,
networkid=cls.network1.id,
ipaddressid=cls.public_ip1.ipaddress.id)
cls.logger.debug("Port Forwarding Rule '%s (%s) %s => %s' created",
cls.nat_rule1.ipaddress,
cls.nat_rule1.protocol,
cls.nat_rule1.publicport,
cls.nat_rule1.privateport)
cls.vpc2 = VPC.create(cls.api_client,
cls.attributes['vpcs']['vpc2'],
vpcofferingid=cls.vpc_offering.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
account=cls.account.name)
cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc2.name, cls.vpc2.cidr)
cls.network2 = Network.create(cls.api_client,
cls.attributes['networks']['network3'],
networkofferingid=cls.network_offering.id,
aclid=cls.default_allow_acl.id,
vpcid=cls.vpc2.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
accountid=cls.account.name)
cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s", cls.network2.name, cls.network2.cidr, cls.network2.gateway)
cls.vm2 = VirtualMachine.create(cls.api_client,
cls.attributes['vms']['vm2'],
templateid=cls.template.id,
serviceofferingid=cls.virtual_machine_offering.id,
networkids=[cls.network2.id],
zoneid=cls.zone.id,
domainid=cls.domain.id,
accountid=cls.account.name)
cls.logger.debug("VM '%s' created, Network: %s, IP: %s", cls.vm2.name, cls.network2.name, cls.vm2.nic[0].ipaddress)
cls.public_ip2 = PublicIPAddress.create(cls.api_client,
zoneid=cls.zone.id,
domainid=cls.account.domainid,
accountid=cls.account.name,
vpcid=cls.vpc2.id,
networkid=cls.network2.id)
cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s", cls.public_ip2.ipaddress.ipaddress, cls.vpc2.name, cls.network2.name)
cls.nat_rule2 = NATRule.create(cls.api_client,
cls.vm2,
cls.attributes['nat_rule'],
vpcid=cls.vpc2.id,
networkid=cls.network2.id,
ipaddressid=cls.public_ip2.ipaddress.id)
cls.logger.debug("Port Forwarding Rule '%s (%s) %s => %s' created",
cls.nat_rule2.ipaddress,
cls.nat_rule2.protocol,
cls.nat_rule2.publicport,
cls.nat_rule2.privateport)
cls.private_gateways_network = Network.create(cls.api_client,
cls.attributes['networks']['private_gateways_network'],
networkofferingid=cls.private_network_offering.id,
aclid=cls.default_allow_acl.id,
zoneid=cls.zone.id,
domainid=cls.domain.id,
accountid=cls.account.name)
cls.logger.debug("Network '%s' created, CIDR: %s", cls.private_gateways_network.name, cls.private_gateways_network.cidr)
cls.private_gateway1 = PrivateGateway.create(cls.api_client,
ipaddress=cls.attributes['private_gateways']['private_gateway1'],
networkid=cls.private_gateways_network.id,
aclid=cls.default_allow_acl.id,
vpcid=cls.vpc1.id)
cls.logger.debug("Private Gateway '%s' created, Network: %s, VPC: %s", cls.private_gateway1.ipaddress, cls.private_gateways_network.name, cls.vpc1.name)
cls.static_route1 = StaticRoute.create(cls.api_client,
cls.attributes['static_routes']['static_route1'],
vpcid=cls.vpc1.id)
cls.logger.debug("Static Route '%s => %s' created, VPC: %s", cls.static_route1.cidr, cls.static_route1.nexthop, cls.vpc1.name)
cls.private_gateway2 = PrivateGateway.create(cls.api_client,
ipaddress=cls.attributes['private_gateways']['private_gateway2'],
networkid=cls.private_gateways_network.id,
aclid=cls.default_allow_acl.id,
vpcid=cls.vpc2.id)
cls.logger.debug("Private Gateway '%s' created, Network: %s, VPC: %s", cls.private_gateway2.ipaddress, cls.private_gateways_network.name, cls.vpc2.name)
cls.static_route2 = StaticRoute.create(cls.api_client,
cls.attributes['static_routes']['static_route2'],
vpcid=cls.vpc2.id)
cls.logger.debug("Static Route '%s => %s' created, VPC: %s", cls.static_route2.cidr, cls.static_route2.nexthop, cls.vpc2.name)
def test_network_rules_acquired_public_ip(self, value):
"""Test for Router rules for network rules on acquired public IP"""
# Validate the following:
# 1. listPortForwardingRules should not return the deleted rule anymore
# 2. attempt to do ssh should now fail
self.ipaddress = PublicIPAddress.create(
self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=self.defaultNetworkId
)
self.cleanup.append(self.ipaddress)
self.createNetworkRules(rule=value,
ipaddressobj=self.ipaddress,
networkid=self.defaultNetworkId)
router = Router.list(self.apiclient,
networkid=self.virtual_machine.nic[0].networkid,
listall=True)[0]
response = self.getCommandResultFromRouter(router, "ip addr")
self.debug(response)
stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress
self.assertTrue(stringToMatch in str(response), "IP address is\
not removed from VR even after disabling statin NAT")
try:
self.debug("SSHing into VM with IP address %s with NAT IP %s" %
(
self.virtual_machine.ipaddress,
self.ipaddress.ipaddress.ipaddress
))
self.virtual_machine.get_ssh_client(
self.ipaddress.ipaddress.ipaddress)
except Exception as e:
self.fail(
"SSH Access failed for %s: %s" %
(self.virtual_machine.ipaddress, e)
)
# Validate the following:
# 1. listIpForwardingRules should not return the deleted rule anymore
# 2. attempt to do ssh should now fail
self.removeNetworkRules(rule=value, ipaddressobj=self.ipaddress)
response = self.getCommandResultFromRouter(router, "ip addr")
self.debug(response)
stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress
self.assertFalse(stringToMatch in str(response), "IP address is\
not removed from VR even after disabling statin NAT")
# Check if the Public SSH port is inaccessible
with self.assertRaises(Exception):
self.debug(
"SSHing into VM with IP address %s after NAT rule deletion" %
self.virtual_machine.ipaddress)
SshClient(
self.ipaddress.ipaddress.ipaddress,
self.virtual_machine.ssh_port,
self.virtual_machine.username,
self.virtual_machine.password,
retries=2,
delay=0
)
return
def test_02_port_fwd_on_non_src_nat(self):
"""Test for port forwarding on non source NAT"""
# Validate the following:
# 1. listPortForwardingRules should not return the deleted rule anymore
# 2. attempt to do ssh should now fail
ip_address = PublicIPAddress.create(
self.apiclient,
self.account.name,
self.zone.id,
self.account.domainid,
self.services["virtual_machine"]
)
self.cleanup.append(ip_address)
# Check if VM is in Running state before creating NAT rule
vm_response = VirtualMachine.list(
self.apiclient,
id=self.virtual_machine.id
)
self.assertEqual(
isinstance(vm_response, list),
True,
"Check list VM returns a valid list"
)
self.assertNotEqual(
len(vm_response),
0,
"Check Port Forwarding Rule is created"
)
self.assertEqual(
vm_response[0].state,
'Running',
"VM state should be Running before creating a NAT rule."
)
# Open up firewall port for SSH
FireWallRule.create(
self.apiclient,
ipaddressid=ip_address.ipaddress.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"]
)
# Create NAT rule
nat_rule = NATRule.create(
self.apiclient,
self.virtual_machine,
self.services["natrule"],
ip_address.ipaddress.id
)
# Validate the following:
# 1. listPortForwardingRules should not return the deleted rule anymore
# 2. attempt to do ssh should now fail
list_nat_rule_response = list_nat_rules(
self.apiclient,
id=nat_rule.id
)
self.assertEqual(
isinstance(list_nat_rule_response, list),
True,
"Check list response returns a valid list"
)
self.assertNotEqual(
len(list_nat_rule_response),
0,
"Check Port Forwarding Rule is created"
)
self.assertEqual(
list_nat_rule_response[0].id,
nat_rule.id,
"Check Correct Port forwarding Rule is returned"
)
try:
logger.debug("SSHing into VM with IP address %s with NAT IP %s" %
(
self.virtual_machine.ipaddress,
ip_address.ipaddress.ipaddress
))
self.virtual_machine.get_ssh_client(ip_address.ipaddress.ipaddress)
except Exception as e:
self.fail(
"SSH Access failed for %s: %s" %
(self.virtual_machine.ipaddress, e)
)
nat_rule.delete(self.apiclient)
try:
list_nat_rule_response = list_nat_rules(
self.apiclient,
id=nat_rule.id
)
except CloudstackAPIException:
logger.debug("Nat Rule is deleted")
# Check if the Public SSH port is inaccessible
with self.assertRaises(Exception):
logger.debug(
"SSHing into VM with IP address %s after NAT rule deletion" %
self.virtual_machine.ipaddress)
SshClient(
ip_address.ipaddress.ipaddress,
self.virtual_machine.ssh_port,
self.virtual_machine.username,
self.virtual_machine.password,
retries=2,
delay=0
)
return
def test_05_list_publicip_user_domain(self):
"""
A domain admin should be able to display public ip address
in their domain and also all child domains
Step 1: Display all public ip address in that domain and sub domain
Step 2: Ensure that the count is 20
Step 3: Display only the allocated Ip address
Step 4: Ensure that the count is 2
Step 5: Try to display public ip of vpc from different domain
Step 6: Ensure that we get exception when trying to do so
:return:
"""
user = self.account2.user[0]
user_api_client = self.testClient.getUserApiClient(user.username, self.domain2.name)
self.services["vpc"]["cidr"] = "10.1.1.1/16"
vpc_1 = VPC.create(
user_api_client,
self.services["vpc"],
vpcofferingid=self.vpc_off.id,
zoneid=self.zone.id,
account=self.account2.name,
domainid=self.account2.domainid
)
self.validate_vpc_network(vpc_1)
ipAddresses = PublicIPAddress.list(
user_api_client,
allocatedonly=False,
listall=True,
forvirtualnetwork=True)
self.assertGreaterEqual(
len(ipAddresses),
10,
"Unable to display all public ip in VPC"
)
# List ip address using vpcid
ipAddresses = PublicIPAddress.list(
self.apiclient,
vpcid=vpc_1.id,
allocatedonly=False,
account=self.account2.name,
domainid=self.domain2.id,
forvirtualnetwork=True)
self.assertGreaterEqual(
len(ipAddresses),
10,
"Unable to display all public ip in VPC"
)
# Acquire public ip address from VPC
ip_address_1 = self.get_free_ipaddress(self.public_ip_range3.vlan.id)
PublicIPAddress.create(
user_api_client,
zoneid=self.zone.id,
vpcid=vpc_1.id,
ipaddress=ip_address_1
)
ipAddresses = PublicIPAddress.list(
user_api_client,
allocatedonly=True,
listall=True,
forvirtualnetwork=True)
self.assertGreaterEqual(
len(ipAddresses),
2,
"Unable to display allocated public ip in VPC"
)
try:
# Step 5
user = self.account1.user[0]
user_api_client = self.testClient.getUserApiClient(user.username, self.domain1.name)
PublicIPAddress.list(
user_api_client,
allocatedonly=False,
listall=True,
vpcid=vpc_1.id,
forvirtualnetwork=True)
# Step 6
self.fail("Domain should not access public ip of sibling domain")
except Exception as e:
self.info("Got exception as expected since domain2 cant access network of domain1")
self.vpc_off.update(self.apiclient, state='Disabled')
self.cleanup.append(vpc_1)
self.cleanup.append(self.vpc_off)
def setUp(self):
self.apiclient = self.testClient.getApiClient()
self.services = self.testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
self.domain = get_domain(self.apiclient)
self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
self.hypervisor = self.testClient.getHypervisorInfo()
template = get_test_template(
self.apiclient,
self.zone.id,
self.hypervisor
)
if template == FAILED:
self.fail("get_test_template() failed to return template")
self.services["virtual_machine"]["zoneid"] = self.zone.id
# Create an account, network, VM and IP addresses
self.account = Account.create(
self.apiclient,
self.services["account"],
admin=True,
domainid=self.domain.id
)
self.service_offering = ServiceOffering.create(
self.apiclient,
self.services["service_offerings"]["tiny"]
)
self.vm_1 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
# Wait for VM to come up
time.sleep(120)
src_nat_ip_addrs = list_publicIP(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid
)
try:
src_nat_ip_addr = src_nat_ip_addrs[0]
except Exception as e:
raise Exception(
"Warning: Exception during fetching source NAT: %s" %
e)
self.public_ip = PublicIPAddress.create(
self.apiclient,
self.vm_1.account,
self.vm_1.zoneid,
self.vm_1.domainid,
self.services["virtual_machine"]
)
# Open up firewall port for SSH
FireWallRule.create(
self.apiclient,
ipaddressid=self.public_ip.ipaddress.id,
protocol=self.services["lbrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["lbrule"]["publicport"],
endport=self.services["lbrule"]["publicport"]
)
lb_rule = LoadBalancerRule.create(
self.apiclient,
self.services["lbrule"],
src_nat_ip_addr.id,
self.account.name
)
lb_rule.assign(self.apiclient, [self.vm_1])
self.nat_rule = NATRule.create(
self.apiclient,
self.vm_1,
self.services["natrule"],
ipaddressid=self.public_ip.ipaddress.id
)
self.cleanup = [self.nat_rule,
lb_rule,
self.vm_1,
self.service_offering,
self.account,
]
return
def setUp(self):
self.apiclient = self.testClient.getApiClient()
self.services = self.testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
self.domain = get_domain(self.apiclient)
self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
template = get_template(
self.apiclient,
self.zone.id,
self.services["ostype"]
)
if template == FAILED:
self.fail(
"get_template() failed to return template with description %s" %
self.services["ostype"])
self.services["virtual_machine"]["zoneid"] = self.zone.id
# Create an account, network, VM and IP addresses
self.account = Account.create(
self.apiclient,
self.services["account"],
admin=True,
domainid=self.domain.id
)
self.service_offering = ServiceOffering.create(
self.apiclient,
self.services["service_offerings"]
)
self.vm_1 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
# Wait for VM to come up
time.sleep(120)
src_nat_ip_addrs = list_publicIP(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid
)
try:
src_nat_ip_addr = src_nat_ip_addrs[0]
except Exception as e:
raise Exception(
"Warning: Exception during fetching source NAT: %s" %
e)
self.public_ip = PublicIPAddress.create(
self.apiclient,
self.vm_1.account,
self.vm_1.zoneid,
self.vm_1.domainid,
self.services["virtual_machine"]
)
# Open up firewall port for SSH
FireWallRule.create(
self.apiclient,
ipaddressid=self.public_ip.ipaddress.id,
protocol=self.services["lbrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["lbrule"]["publicport"],
endport=self.services["lbrule"]["publicport"]
)
lb_rule = LoadBalancerRule.create(
self.apiclient,
self.services["lbrule"],
src_nat_ip_addr.id,
self.account.name
)
lb_rule.assign(self.apiclient, [self.vm_1])
self.nat_rule = NATRule.create(
self.apiclient,
self.vm_1,
self.services["natrule"],
ipaddressid=self.public_ip.ipaddress.id
)
self.cleanup = [self.nat_rule,
lb_rule,
self.vm_1,
self.service_offering,
self.account,
]
return
def setUpClass(cls):
testClient = super(TestPublicIP, cls).getClsTestClient()
cls.apiclient = testClient.getApiClient()
cls.services = testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.services['mode'] = cls.zone.networktype
# Create Accounts & networks
cls.account = Account.create(
cls.apiclient,
cls.services["account"],
admin=True,
domainid=cls.domain.id
)
cls.user = Account.create(
cls.apiclient,
cls.services["account"],
domainid=cls.domain.id
)
cls.services["network"]["zoneid"] = cls.zone.id
cls.network_offering = NetworkOffering.create(
cls.apiclient,
cls.services["network_offering"],
)
# Enable Network offering
cls.network_offering.update(cls.apiclient, state='Enabled')
cls.services["network"]["networkoffering"] = cls.network_offering.id
cls.account_network = Network.create(
cls.apiclient,
cls.services["network"],
cls.account.name,
cls.account.domainid
)
cls.user_network = Network.create(
cls.apiclient,
cls.services["network"],
cls.user.name,
cls.user.domainid
)
# Create Source NAT IP addresses
PublicIPAddress.create(
cls.apiclient,
cls.account.name,
cls.zone.id,
cls.account.domainid
)
PublicIPAddress.create(
cls.apiclient,
cls.user.name,
cls.zone.id,
cls.user.domainid
)
cls._cleanup = [
cls.account_network,
cls.user_network,
cls.account,
cls.user,
cls.network_offering
]
return
def setUp(self):
self.apiclient = self.testClient.getApiClient()
self.services = self.testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
self.domain = get_domain(self.apiclient)
self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
template = get_template(
self.apiclient,
self.zone.id,
self.services["ostype"]
)
self.services["virtual_machine"]["zoneid"] = self.zone.id
# Create an account, network, VM, Port forwarding rule, LB rules
self.account = Account.create(
self.apiclient,
self.services["account"],
admin=True,
domainid=self.domain.id
)
self.service_offering = ServiceOffering.create(
self.apiclient,
self.services["service_offerings"]
)
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
templateid=template.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id
)
self.ip_address = PublicIPAddress.create(
self.apiclient,
self.account.name,
self.zone.id,
self.account.domainid
)
ip_addrs = list_publicIP(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
issourcenat=False
)
try:
self.ip_addr = ip_addrs[0]
except Exception as e:
raise Exception(
"Failed: During acquiring source NAT for account: %s, :%s" %
(self.account.name, e))
self.nat_rule = NATRule.create(
self.apiclient,
self.virtual_machine,
self.services["natrule"],
self.ip_addr.id
)
self.lb_rule = LoadBalancerRule.create(
self.apiclient,
self.services["lbrule"],
self.ip_addr.id,
accountid=self.account.name
)
self.cleanup = [
self.virtual_machine,
self.account
]
return
def test_03_deploy_vms_in_vpc_with_regionlevelvpc(self):
"""Test deploy virtual machines in VPC networks"""
# 1. Create VPC Offering by specifying all supported Services
# (Vpn,dhcpdns,UserData, SourceNat,Static NAT and PF,LB,NetworkAcl)
# 2. Create a VPC using the above VPC offering
# 3. Create a network as part of this VPC.
# 4. Deploy few Vms.
# 5. Create a LB rule for this VM.
# 6. Create a PF rule for this VM.
# 7. Create a Static Nat rule for this VM.
# 8. Create Ingress rules on the network to open the above created
# LB PF and Static Nat rule
# 9. Create Egress Network ACL for this network to access google.com.
# 10. Enable VPN services
if not self.isOvsPluginEnabled:
self.skipTest("OVS plugin should be enabled to run this test case")
self.debug("Creating a VPC offering..")
vpc_off = VpcOffering.create(self.apiclient,
self.services["vpc_offering"])
vpc_off.update(self.apiclient, state='Enabled')
self.debug("creating a VPC network in the account: %s" %
self.account.name)
vpc = VPC.create(self.apiclient,
self.services["vpc"],
vpcofferingid=vpc_off.id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid,
networkDomain=self.account.domainid)
self.validate_vpc_network(vpc)
self.network_offering = NetworkOffering.create(
self.apiclient,
self.services["network_offering"],
conservemode=False)
# Enable Network offering
self.network_offering.update(self.apiclient, state='Enabled')
gateway = vpc.cidr.split('/')[0]
# Split the cidr to retrieve gateway
# for eg. cidr = 10.0.0.1/24
# Gateway = 10.0.0.1
# Creating network using the network offering created
self.debug("Creating network with network offering: %s" %
self.network_offering.id)
network = Network.create(self.apiclient,
self.services["network"],
accountid=self.account.name,
domainid=self.account.domainid,
networkofferingid=self.network_offering.id,
zoneid=self.zone.id,
gateway=gateway,
vpcid=vpc.id)
self.debug("Created network with ID: %s" % network.id)
# Spawn an instance in that network
virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=[str(network.id)])
self.debug("Deployed VM in network: %s" % network.id)
self.debug("Associating public IP for network: %s" % network.name)
public_ip = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=vpc.id)
self.debug("Associated %s with network %s" %
(public_ip.ipaddress.ipaddress, network.id))
self.debug("Creating LB rule for IP address: %s" %
public_ip.ipaddress.ipaddress)
LoadBalancerRule.create(self.apiclient,
self.services["lbrule"],
ipaddressid=public_ip.ipaddress.id,
accountid=self.account.name,
networkid=network.id,
vpcid=vpc.id,
domainid=self.account.domainid)
self.debug("Associating public IP for network: %s" % vpc.name)
public_ip_2 = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=vpc.id)
self.debug("Associated %s with network %s" %
(public_ip_2.ipaddress.ipaddress, network.id))
NATRule.create(self.apiclient,
virtual_machine,
self.services["natrule"],
ipaddressid=public_ip_2.ipaddress.id,
openfirewall=False,
networkid=network.id,
vpcid=vpc.id)
self.debug("Adding NetwrokACl rules to make PF and LB accessible")
NetworkACL.create(self.apiclient,
networkid=network.id,
services=self.services["natrule"],
traffictype='Ingress')
NetworkACL.create(self.apiclient,
networkid=network.id,
services=self.services["lbrule"],
traffictype='Ingress')
self.debug("Checking if we can SSH into VM?")
try:
virtual_machine.get_ssh_client(
ipaddress=public_ip_2.ipaddress.ipaddress, )
self.debug("SSH into VM is successfully")
except Exception as e:
self.fail("Failed to SSH into VM - %s, %s" %
(public_ip_2.ipaddress.ipaddress, e))
self.debug("Associating public IP for network: %s" % network.name)
public_ip_3 = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id,
vpcid=vpc.id)
self.debug("Associated %s with network %s" %
(public_ip_3.ipaddress.ipaddress, network.id))
self.debug("Enabling static NAT for IP: %s" %
public_ip_3.ipaddress.ipaddress)
try:
StaticNATRule.enable(self.apiclient,
ipaddressid=public_ip_3.ipaddress.id,
virtualmachineid=virtual_machine.id,
networkid=network.id)
self.debug("Static NAT enabled for IP: %s" %
public_ip_3.ipaddress.ipaddress)
except Exception as e:
self.fail("Failed to enable static NAT on IP: %s - %s" %
(public_ip_3.ipaddress.ipaddress, e))
public_ips = PublicIPAddress.list(self.apiclient,
networkid=network.id,
listall=True,
isstaticnat=True,
account=self.account.name,
domainid=self.account.domainid)
self.assertEqual(isinstance(public_ips, list), True,
"List public Ip for network should list the Ip addr")
self.assertEqual(public_ips[0].ipaddress,
public_ip_3.ipaddress.ipaddress,
"List public Ip for network should list the Ip addr")
# TODO: Remote Access VPN is not yet supported in VPC
return
def test_02_host_maintenance_mode_with_activities(self):
"""Test host maintenance mode with activities
"""
# Validate the following
# 1. Create Vms. Acquire IP. Create port forwarding & load balancing
# rules for Vms.
# 2. While activities are ongoing: Create snapshots, recurring
# snapshots, create templates, download volumes, Host 1: put to
# maintenance mode. All Vms should failover to Host 2 in cluster
# Vms should be in running state. All port forwarding rules and
# load balancing Rules should work.
# 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host
# 2 should succeed. All ongoing activities in step 3 should succeed
# 4. Host 1: cancel maintenance mode.
# 5. While activities are ongoing: Create snapshots, recurring
# snapshots, create templates, download volumes, Host 2: put to
# maintenance mode. All Vms should failover to Host 1 in cluster.
# 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on
# host 1 should succeed. All ongoing activities in step 6 should
# succeed.
hosts = Host.list(self.apiclient,
zoneid=self.zone.id,
resourcestate='Enabled',
type='Routing')
self.assertEqual(isinstance(hosts, list), True,
"List hosts should return valid host response")
if len(hosts) < 2:
self.skipTest("There must be at least 2 hosts present in cluster")
self.debug("Checking HA with hosts: %s, %s" %
(hosts[0].name, hosts[1].name))
self.debug("Deploying VM in account: %s" % self.account.name)
# Spawn an instance in that network
virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id)
vms = VirtualMachine.list(self.apiclient,
id=virtual_machine.id,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.assertEqual(vm.state, "Running",
"Deployed VM should be in RUnning state")
networks = Network.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True)
self.assertEqual(
isinstance(networks, list), True,
"List networks should return valid list for the account")
network = networks[0]
self.debug("Associating public IP for account: %s" % self.account.name)
public_ip = PublicIPAddress.create(self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
networkid=network.id)
self.debug("Associated %s with network %s" %
(public_ip.ipaddress.ipaddress, network.id))
self.debug("Creating PF rule for IP address: %s" %
public_ip.ipaddress.ipaddress)
NATRule.create(self.apiclient,
virtual_machine,
self.services["natrule"],
ipaddressid=public_ip.ipaddress.id)
self.debug("Creating LB rule on IP with NAT: %s" %
public_ip.ipaddress.ipaddress)
# Create Load Balancer rule on IP already having NAT rule
lb_rule = LoadBalancerRule.create(self.apiclient,
self.services["lbrule"],
ipaddressid=public_ip.ipaddress.id,
accountid=self.account.name)
self.debug("Created LB rule with ID: %s" % lb_rule.id)
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e))
# Get the Root disk of VM
volumes = list_volumes(self.apiclient,
virtualmachineid=virtual_machine.id,
type='ROOT',
listall=True)
volume = volumes[0]
self.debug("Root volume of VM(%s): %s" %
(virtual_machine.name, volume.name))
# Create a snapshot from the ROOTDISK
self.debug("Creating snapshot on ROOT volume: %s" % volume.name)
snapshot = Snapshot.create(self.apiclient, volumes[0].id)
self.debug("Snapshot created: ID - %s" % snapshot.id)
snapshots = list_snapshots(self.apiclient,
id=snapshot.id,
listall=True)
self.assertEqual(isinstance(snapshots, list), True,
"Check list response returns a valid list")
self.assertNotEqual(snapshots, None,
"Check if result exists in list snapshots call")
self.assertEqual(snapshots[0].id, snapshot.id,
"Check snapshot id in list resources call")
# Generate template from the snapshot
self.debug("Generating template from snapshot: %s" % snapshot.name)
template = Template.create_from_snapshot(self.apiclient, snapshot,
self.services["templates"])
self.debug("Created template from snapshot: %s" % template.id)
templates = list_templates(
self.apiclient,
templatefilter=self.services["templates"]["templatefilter"],
id=template.id)
self.assertEqual(
isinstance(templates, list), True,
"List template call should return the newly created template")
self.assertEqual(
templates[0].isready, True,
"The newly created template should be in ready state")
first_host = vm.hostid
self.debug("Enabling maintenance mode for host %s" % vm.hostid)
cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd()
cmd.id = first_host
self.apiclient.prepareHostForMaintenance(cmd)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
timeout = self.services["timeout"]
# Poll and check state of VM while it migrates from one host to another
while True:
vms = VirtualMachine.list(self.apiclient,
id=virtual_machine.id,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug("VM 1 state: %s" % vm.state)
if vm.state in [
"Stopping", "Stopped", "Running", "Starting", "Migrating"
]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail("VM migration from one-host-to-other failed\
while enabling maintenance")
second_host = vm.hostid
self.assertEqual(
vm.state, "Running",
"VM should be in Running state after enabling host maintenance")
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % virtual_machine.id)
virtual_machine.get_ssh_client(
ipaddress=public_ip.ipaddress.ipaddress)
except Exception as e:
self.fail("SSH Access failed for %s: %s" %
(virtual_machine.ipaddress, e))
self.debug("Deploying VM in account: %s" % self.account.name)
# Spawn an instance on other host
virtual_machine_2 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id)
vms = VirtualMachine.list(self.apiclient,
id=virtual_machine_2.id,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.debug("VM 2 state: %s" % vm.state)
self.assertEqual(vm.state, "Running",
"Deployed VM should be in Running state")
self.debug("Canceling host maintenance for ID: %s" % first_host)
cmd = cancelHostMaintenance.cancelHostMaintenanceCmd()
cmd.id = first_host
self.apiclient.cancelHostMaintenance(cmd)
self.debug("Maintenance mode canceled for host: %s" % first_host)
# Get the Root disk of VM
volumes = list_volumes(self.apiclient,
virtualmachineid=virtual_machine_2.id,
type='ROOT',
listall=True)
volume = volumes[0]
self.debug("Root volume of VM(%s): %s" %
(virtual_machine_2.name, volume.name))
# Create a snapshot from the ROOTDISK
self.debug("Creating snapshot on ROOT volume: %s" % volume.name)
snapshot = Snapshot.create(self.apiclient, volumes[0].id)
self.debug("Snapshot created: ID - %s" % snapshot.id)
snapshots = list_snapshots(self.apiclient,
id=snapshot.id,
listall=True)
self.assertEqual(isinstance(snapshots, list), True,
"Check list response returns a valid list")
self.assertNotEqual(snapshots, None,
"Check if result exists in list snapshots call")
self.assertEqual(snapshots[0].id, snapshot.id,
"Check snapshot id in list resources call")
# Generate template from the snapshot
self.debug("Generating template from snapshot: %s" % snapshot.name)
template = Template.create_from_snapshot(self.apiclient, snapshot,
self.services["templates"])
self.debug("Created template from snapshot: %s" % template.id)
templates = list_templates(
self.apiclient,
templatefilter=self.services["templates"]["templatefilter"],
id=template.id)
self.assertEqual(
isinstance(templates, list), True,
"List template call should return the newly created template")
self.assertEqual(
templates[0].isready, True,
"The newly created template should be in ready state")
self.debug("Enabling maintenance mode for host %s" % second_host)
cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd()
cmd.id = second_host
self.apiclient.prepareHostForMaintenance(cmd)
self.debug("Maintenance mode enabled for host: %s" % second_host)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
# Poll and check the status of VMs
timeout = self.services["timeout"]
while True:
vms = VirtualMachine.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug(
"VM state after enabling maintenance on first host: %s" %
vm.state)
if vm.state in [
"Stopping", "Stopped", "Running", "Starting", "Migrating"
]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail("VM migration from one-host-to-other failed\
while enabling maintenance")
# Poll and check the status of VMs
timeout = self.services["timeout"]
while True:
vms = VirtualMachine.list(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[1]
self.debug(
"VM state after enabling maintenance on first host: %s" %
vm.state)
if vm.state in [
"Stopping", "Stopped", "Running", "Starting", "Migrating"
]:
if vm.state == "Running":
break
else:
time.sleep(self.services["sleep"])
timeout = timeout - 1
else:
self.fail("VM migration from one-host-to-other failed\
while enabling maintenance")
for vm in vms:
self.debug(
"VM states after enabling maintenance mode on host: %s - %s" %
(first_host, vm.state))
self.assertEqual(vm.state, "Running",
"Deployed VM should be in Running state")
# Spawn an instance on other host
virtual_machine_3 = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id)
vms = VirtualMachine.list(self.apiclient,
id=virtual_machine_3.id,
listall=True)
self.assertEqual(
isinstance(vms, list), True,
"List VMs should return valid response for deployed VM")
self.assertNotEqual(
len(vms), 0,
"List VMs should return valid response for deployed VM")
vm = vms[0]
self.debug("Deployed VM on host: %s" % vm.hostid)
self.debug("VM 3 state: %s" % vm.state)
self.assertEqual(vm.state, "Running",
"Deployed VM should be in Running state")
self.debug("Canceling host maintenance for ID: %s" % second_host)
cmd = cancelHostMaintenance.cancelHostMaintenanceCmd()
cmd.id = second_host
self.apiclient.cancelHostMaintenance(cmd)
self.debug("Maintenance mode canceled for host: %s" % second_host)
self.debug("Waiting for SSVMs to come up")
wait_for_ssvms(
self.apiclient,
zoneid=self.zone.id,
podid=self.pod.id,
)
return
def test_iptable_rules(self):
"""Test iptable rules in case we have IP associated with a network which is in
different pubic IP range from that of public IP range that has source NAT IP.
When IP is associated we should see a rule '-i eth3 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT' in FORWARD table.
When IP is dis-associated we should see a rule in the FORWARD table is deleted.
"""
# Validate the following:
# 1. Create a new public IP range and dedicate to a account
# 2. Acquire a IP from new public range
# 3. Create a firewall rule to open up the port, so that IP is associated with network
# 5. Login to VR and verify routing tables, there should be Table_eth3
# 6. Delete firewall rule, since its last IP, routing table Table_eth3 should be deleted
self.services["extrapubliciprange"]["zoneid"] = self.services["zoneid"]
self.public_ip_range = PublicIpRange.create(
self.apiclient,
self.services["extrapubliciprange"]
)
self.cleanup.append(self.public_ip_range)
logger.debug("Dedicating Public IP range to the account");
dedicate_public_ip_range_response = PublicIpRange.dedicate(
self.apiclient,
self.public_ip_range.vlan.id,
account=self.account.name,
domainid=self.account.domainid
)
ip_address = PublicIPAddress.create(
self.apiclient,
self.account.name,
self.zone.id,
self.account.domainid,
self.services["virtual_machine"]
)
self.cleanup.append(ip_address)
# Check if VM is in Running state before creating NAT and firewall rules
vm_response = VirtualMachine.list(
self.apiclient,
id=self.virtual_machine.id
)
self.assertEqual(
isinstance(vm_response, list),
True,
"Check list VM returns a valid list"
)
self.assertNotEqual(
len(vm_response),
0,
"Check Port Forwarding Rule is created"
)
self.assertEqual(
vm_response[0].state,
'Running',
"VM state should be Running before creating a NAT rule."
)
# Open up firewall port for SSH
firewall_rule = FireWallRule.create(
self.apiclient,
ipaddressid=ip_address.ipaddress.id,
protocol=self.services["natrule"]["protocol"],
cidrlist=['0.0.0.0/0'],
startport=self.services["natrule"]["publicport"],
endport=self.services["natrule"]["publicport"]
)
self.cleanup.append(firewall_rule)
# Get the router details associated with account
routers = list_routers(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
)
router = routers[0]
if (self.hypervisor.lower() == 'vmware'
or self.hypervisor.lower() == 'hyperv'):
result = get_process_status(
self.apiclient.connection.mgtSvr,
22,
self.apiclient.connection.user,
self.apiclient.connection.passwd,
router.linklocalip,
'iptables -t filter -L FORWARD -v',
hypervisor=self.hypervisor
)
else:
hosts = list_hosts(
self.apiclient,
id=router.hostid,
)
self.assertEqual(
isinstance(hosts, list),
True,
"Check for list hosts response return valid data"
)
host = hosts[0]
host.user = self.hostConfig['username']
host.passwd = self.hostConfig['password']
try:
result = get_process_status(
host.ipaddress,
22,
host.user,
host.passwd,
router.linklocalip,
'iptables -t filter -L FORWARD -v'
)
except KeyError:
self.skipTest(
"Provide a marvin config file with host\
credentials to run %s" %
self._testMethodName)
logger.debug("iptables -t filter -L FORWARD -v: %s" % result)
res = str(result)
self.assertEqual(
res.count("eth3 eth0 anywhere anywhere state RELATED,ESTABLISHED"),
1,
"Check to ensure there is a iptable rule to accept the RELATED,ESTABLISHED traffic"
)
firewall_rule.delete(self.apiclient)
self.cleanup.remove(firewall_rule)
