Exemplo n.º 1
0
def testBasicPolicy(testbed, numContainer, numIter):
	for iter in range(numIter):
		tenant = objmodel.tenant('default')
		network = tenant.newNetwork('private')

		# Create policy
		policy = tenant.newPolicy('first')

		# create default deny Rule
		policy.addRule('1', direction="in", protocol="tcp", action="deny")

		# Create allow port 8000 Rule
		policy.addRule('2', direction="in", priority=100, protocol="tcp", port=8000, action="accept")

		# Add the policy to epg
		groups = []
		for cntIdx in range(numContainer):
			nodeIdx = cntIdx % testbed.numNodes()
			epgName = "srv" + str(cntIdx)
			group = network.newGroup(epgName, policies=["first"])
			groups.append(group)

		# start containers
		containers = testbed.runContainers(numContainer, withService=True)

		# start netcast listeners
		testbed.startListeners(containers, [8000, 8001])

		# Check connection to all containers
		if testbed.checkConnections(containers, 8000, True) != True:
			testbedApi.exit("Connection failed")
		if testbed.checkConnections(containers, 8001, False) != False:
			testbedApi.exit("Connection succeded while expecting it to fail")

		# stop netcast listeners
		testbed.stopListeners(containers)

		# remove containers
		testbed.removeContainers(containers)

		# Remove policy from epg
		for group in groups:
			group.removePolicy("first")

		# delete epg
		for cntIdx in range(numContainer):
			nodeIdx = cntIdx % testbed.numNodes()
			epgName = "srv" + str(cntIdx)
			network.deleteGroup(epgName)

		# Remove the policy and rules
		policy.deleteRule('1')
		policy.deleteRule('2')
		tenant.deletePolicy('first')

		testbedApi.info("testBasicPolicy Iteration " + str(iter) + " passed")

	testbedApi.info("testBasicPolicy Test passed")
Exemplo n.º 2
0
def testConnections(testbed, numContainer):
    # start containers
    containers = testbed.runContainers(numContainer)

    # start netcast listeners
    testbed.startListeners(containers, [8000, 7999])

    # Check connection to all containers
    if testbed.checkConnections(containers, 8000, True) != True:
        testbedApi.exit("Connection failed")
    if testbed.checkConnections(containers, 7999, False) != False:
        testbedApi.exit("Connection succeded while expecting it to fail")

    # stop netcast listeners
    testbed.stopListeners(containers)

    # remove containers
    testbed.removeContainers(containers)
Exemplo n.º 3
0
def testConnections(testbed, numContainer):
	# start containers
	containers = testbed.runContainers(numContainer)


	# start netcast listeners
	testbed.startListeners(containers, [8000, 7999])

	# Check connection to all containers
	if testbed.checkConnections(containers, 8000, True) != True:
		testbedApi.exit("Connection failed")
	if testbed.checkConnections(containers, 7999, False) != False:
		testbedApi.exit("Connection succeded while expecting it to fail")

	# stop netcast listeners
	testbed.stopListeners(containers)

	# remove containers
	testbed.removeContainers(containers)
Exemplo n.º 4
0
def testPolicyAddDeleteRule(testbed, numContainer, numIter):
	tenant = objmodel.tenant('default')
	# Create policy
	policy = tenant.newPolicy('first')

	# create default deny Rule
	policy.addRule('1', direction="both", protocol="tcp", action="deny")

	# Create allow port 8000 Rule
	policy.addRule('2', direction="in", priority=100, protocol="tcp", port=8000, action="accept")

	# Add the policy to epg
	groups = []
	for cntIdx in range(numContainer):
		nodeIdx = cntIdx % testbed.numNodes()
		epgName = "srv" + str(cntIdx) + ".private"
		group = tenant.newGroup(epgName, policies=["first"])
		groups.append(group)

	# start containers
	containers = testbed.runContainers(numContainer)

	# start netcast listeners
	testbed.startListeners(containers, [8000, 8001])

	# Check connection to all containers
	if testbed.checkConnections(containers, 8000, True) != True:
		testbedApi.exit("Connection failed")
	if testbed.checkConnections(containers, 8001, False) != False:
		testbedApi.exit("Connection succeded while expecting it to fail")

	for iter in range(numIter):

		# Add a rule for port 8001
		policy.addRule('3', direction="in", priority=100, protocol="tcp", port=8001, action="accept")

		# now check connection passes
		if testbed.checkConnections(containers, 8000, True) != True:
			testbedApi.exit("Connection failed")
		if testbed.checkConnections(containers, 8001, True) != True:
			testbedApi.exit("Connection failed to port 8001")

		# Now delete the Rule
		policy.deleteRule('3')

		# Now verify connection fails
		if testbed.checkConnections(containers, 8000, True) != True:
			testbedApi.exit("Connection failed")
		if testbed.checkConnections(containers, 8001, False) != False:
			testbedApi.exit("Connection succeded while expecting it to fail")

		testbedApi.info("testPolicyAddDeleteRule Iteration " + str(iter) + " Passed")

	# stop netcast listeners
	testbed.stopListeners(containers)

	# remove containers
	testbed.removeContainers(containers)

	# Remove policy from epg
	for group in groups:
		group.removePolicy("first")

	# Remove the policy and rules
	policy.deleteRule('1')
	policy.deleteRule('2')
	tenant.deletePolicy('first')



	testbedApi.info("testPolicyAddDeleteRule Test passed")
Exemplo n.º 5
0
def testPolicyFromEpg(testbed, numContainer, numIter):
	for iter in range(numIter):
		tenant = objmodel.tenant('default')
		network = tenant.newNetwork('private')
		# Create common epg
		network.newGroup('common')

		# Add the policy to epg
		groups = []
		for cntIdx in range(numContainer):
			nodeIdx = cntIdx % testbed.numNodes()
			srvName = "srv" + str(cntIdx)

			# Create policy for each service
			policy = tenant.newPolicy(srvName)

			# create default deny Rule
			policy.addRule('1', direction="in", protocol="tcp", action="deny")

			# Create allow port 8000 Rule
			policy.addRule('2', direction="in", priority=100, protocol="tcp", port=8000, action="accept")
			# Create allow from 'common' epg rule
			policy.addRule('3', direction="in", priority=100, endpointGroup="common", network='private', protocol="tcp", port=8001, action="accept")
			group = network.newGroup(srvName, policies=[srvName])
			groups.append(group)

		# start containers
		containers = testbed.runContainers(numContainer, withService=True)

		# Start containers in common Epg
		cmnContainers = testbed.runContainersInService(numContainer, serviceName='common')

		# start netcast listeners
		testbed.startListeners(containers, [8000, 8001])

		# Check connection to all containers
		if testbed.checkConnections(containers, 8000, True) != True:
			testbedApi.exit("Connection failed")
		if testbed.checkConnections(containers, 8001, False) != False:
			testbedApi.exit("Connection succeded while expecting it to fail")
		if testbed.checkConnectionPair(cmnContainers, containers, 8001, True) != True:
			testbedApi.exit("Connection failed")

		# stop netcast listeners
		testbed.stopListeners(containers)

		# remove containers
		testbed.removeContainers(containers)
		testbed.removeContainers(cmnContainers)

		# delete epg
		for cntIdx in range(numContainer):
			nodeIdx = cntIdx % testbed.numNodes()
			srvName = "srv" + str(cntIdx)
			network.deleteGroup(srvName)
			tenant.deletePolicy(srvName)


		testbedApi.info("testPolicyFromEpg Iteration " + str(iter) + " passed")

	testbedApi.info("testPolicyFromEpg Test passed")
Exemplo n.º 6
0
def testBasicPolicy(testbed, numContainer, numIter):
    for iter in range(numIter):
        tenant = objmodel.tenant('default')
        network = tenant.newNetwork('private')

        # Create policy
        policy = tenant.newPolicy('first')

        # create default deny Rule
        policy.addRule('1', direction="in", protocol="tcp", action="deny")

        # Create allow port 8000 Rule
        policy.addRule('2',
                       direction="in",
                       priority=100,
                       protocol="tcp",
                       port=8000,
                       action="accept")

        # Add the policy to epg
        groups = []
        for cntIdx in range(numContainer):
            nodeIdx = cntIdx % testbed.numNodes()
            epgName = "srv" + str(cntIdx)
            group = network.newGroup(epgName, policies=["first"])
            groups.append(group)

        # start containers
        containers = testbed.runContainers(numContainer, withService=True)

        # start netcast listeners
        testbed.startListeners(containers, [8000, 8001])

        # Check connection to all containers
        if testbed.checkConnections(containers, 8000, True) != True:
            testbedApi.exit("Connection failed")
        if testbed.checkConnections(containers, 8001, False) != False:
            testbedApi.exit("Connection succeded while expecting it to fail")

        # stop netcast listeners
        testbed.stopListeners(containers)

        # remove containers
        testbed.removeContainers(containers)

        # Remove policy from epg
        for group in groups:
            group.removePolicy("first")

        # delete epg
        for cntIdx in range(numContainer):
            nodeIdx = cntIdx % testbed.numNodes()
            epgName = "srv" + str(cntIdx)
            network.deleteGroup(epgName)

        # Remove the policy and rules
        policy.deleteRule('1')
        policy.deleteRule('2')
        tenant.deletePolicy('first')

        testbedApi.info("testBasicPolicy Iteration " + str(iter) + " passed")

    testbedApi.info("testBasicPolicy Test passed")
Exemplo n.º 7
0
def testPolicyFromEpg(testbed, numContainer, numIter):
    for iter in range(numIter):
        tenant = objmodel.tenant('default')
        network = tenant.newNetwork('private')
        # Create common epg
        network.newGroup('common')

        # Add the policy to epg
        groups = []
        for cntIdx in range(numContainer):
            nodeIdx = cntIdx % testbed.numNodes()
            srvName = "srv" + str(cntIdx)

            # Create policy for each service
            policy = tenant.newPolicy(srvName)

            # create default deny Rule
            policy.addRule('1', direction="in", protocol="tcp", action="deny")

            # Create allow port 8000 Rule
            policy.addRule('2',
                           direction="in",
                           priority=100,
                           protocol="tcp",
                           port=8000,
                           action="accept")
            # Create allow from 'common' epg rule
            policy.addRule('3',
                           direction="in",
                           priority=100,
                           endpointGroup="common",
                           network='private',
                           protocol="tcp",
                           port=8001,
                           action="accept")
            group = network.newGroup(srvName, policies=[srvName])
            groups.append(group)

        # start containers
        containers = testbed.runContainers(numContainer, withService=True)

        # Start containers in common Epg
        cmnContainers = testbed.runContainersInService(numContainer,
                                                       serviceName='common')

        # start netcast listeners
        testbed.startListeners(containers, [8000, 8001])

        # Check connection to all containers
        if testbed.checkConnections(containers, 8000, True) != True:
            testbedApi.exit("Connection failed")
        if testbed.checkConnections(containers, 8001, False) != False:
            testbedApi.exit("Connection succeded while expecting it to fail")
        if testbed.checkConnectionPair(cmnContainers, containers, 8001,
                                       True) != True:
            testbedApi.exit("Connection failed")

        # stop netcast listeners
        testbed.stopListeners(containers)

        # remove containers
        testbed.removeContainers(containers)
        testbed.removeContainers(cmnContainers)

        # delete epg
        for cntIdx in range(numContainer):
            nodeIdx = cntIdx % testbed.numNodes()
            srvName = "srv" + str(cntIdx)
            network.deleteGroup(srvName)
            tenant.deletePolicy(srvName)

        testbedApi.info("testPolicyFromEpg Iteration " + str(iter) + " passed")

    testbedApi.info("testPolicyFromEpg Test passed")