def create(self):
common_utils.execute(['mkdir', '-p', self._directory],
run_as_root=True)
user_id = os.geteuid()
common_utils.execute(['chown', user_id, self._directory],
run_as_root=True)
def _connect_tap_device_to_vswitch(self, vswitch_name, tap_name):
"""Connect the tap device to the given vswitch, and add it to the
ovsdb.
:param vswitch_name: The name of the vswitch to connect the device
:type vswitch_name: String
:param tap_name: The name of the device to connect
:type tap_name: String
"""
full_args = ['ovs-vsctl', 'add-port', vswitch_name, tap_name]
utils.execute(full_args, run_as_root=True, process_input=None)
full_args = ['ovs-vsctl', 'set', 'interface', tap_name,
'external_ids:iface-id={}'.format(self.lport.get_id())]
utils.execute(full_args, run_as_root=True, process_input=None)
def get_devices(self, exclude_loopback=False):
retval = []
if self.namespace:
# we call out manually because in order to avoid screen scraping
# iproute2 we use find to see what is in the sysfs directory, as
# suggested by Stephen Hemminger (iproute2 dev).
output = utils.execute(
[
"ip",
"netns",
"exec",
self.namespace,
"find",
SYS_NET_PATH,
"-maxdepth",
"1",
"-type",
"l",
"-printf",
"%f ",
],
run_as_root=True,
log_fail_as_error=self.log_fail_as_error,
).split()
else:
output = (i for i in os.listdir(SYS_NET_PATH) if os.path.islink(os.path.join(SYS_NET_PATH, i)))
for name in output:
if exclude_loopback and name == LOOPBACK_DEVNAME:
continue
retval.append(IPDevice(name, namespace=self.namespace))
return retval
def _get_port_number(self, interface_name):
ovs_ofctl_args = ['ovs-ofctl', 'dump-ports', 'br-int', interface_name]
awk_args = ['awk', '/^\\s*port\\s+[0-9]+:/ { print $2 }']
ofctl_output = utils.execute(
ovs_ofctl_args,
run_as_root=True,
process_input=None,
)
awk_output = utils.execute(
awk_args,
run_as_root=False,
process_input=ofctl_output,
)
match = re.search('^(\d+):', awk_output)
port_num_str = match.group(1)
return int(port_num_str)
def get_devices(self, exclude_loopback=False, exclude_gre_devices=False):
retval = []
if self.namespace:
# we call out manually because in order to avoid screen scraping
# iproute2 we use find to see what is in the sysfs directory, as
# suggested by Stephen Hemminger (iproute2 dev).
output = utils.execute(['ip', 'netns', 'exec', self.namespace,
'find', SYS_NET_PATH, '-maxdepth', '1',
'-type', 'l', '-printf', '%f '],
run_as_root=True,
log_fail_as_error=self.log_fail_as_error
).split()
else:
output = (
i for i in os.listdir(SYS_NET_PATH)
if os.path.islink(os.path.join(SYS_NET_PATH, i))
)
for name in output:
if (exclude_loopback and name == LOOPBACK_DEVNAME or
exclude_gre_devices and name in GRE_TUNNEL_DEVICE_NAMES):
continue
retval.append(IPDevice(name, namespace=self.namespace))
return retval
def _execute(cls, options, command, args, run_as_root=False,
namespace=None, log_fail_as_error=True):
opt_list = ['-%s' % o for o in options]
ip_cmd = add_namespace_to_cmd(['ip'], namespace)
cmd = ip_cmd + opt_list + [command] + list(args)
return utils.execute(cmd, run_as_root=run_as_root,
log_fail_as_error=log_fail_as_error)
def get_xapi_iface_id(self, xs_vif_uuid):
args = ["xe", "vif-param-get", "param-name=other-config", "param-key=nicira-iface-id", "uuid=%s" % xs_vif_uuid]
try:
return utils.execute(args, run_as_root=True).strip()
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.error(_LE("Unable to execute %(cmd)s. " "Exception: %(exception)s"), {"cmd": args, "exception": e})
def get_devices(self, exclude_loopback=True, exclude_gre_devices=True):
retval = []
if self.namespace:
# we call out manually because in order to avoid screen scraping
# iproute2 we use find to see what is in the sysfs directory, as
# suggested by Stephen Hemminger (iproute2 dev).
try:
cmd = ['ip', 'netns', 'exec', self.namespace,
'find', SYS_NET_PATH, '-maxdepth', '1',
'-type', 'l', '-printf', '%f ']
output = utils.execute(
cmd,
run_as_root=True,
log_fail_as_error=self.log_fail_as_error).split()
except RuntimeError:
# We could be racing with a cron job deleting namespaces.
# Just return a empty list if the namespace is deleted.
with excutils.save_and_reraise_exception() as ctx:
if not self.netns.exists(self.namespace):
ctx.reraise = False
return []
else:
output = (
i for i in os.listdir(SYS_NET_PATH)
if os.path.islink(os.path.join(SYS_NET_PATH, i))
)
for name in output:
if (exclude_loopback and name == LOOPBACK_DEVNAME or
exclude_gre_devices and name in GRE_TUNNEL_DEVICE_NAMES):
continue
retval.append(IPDevice(name, namespace=self.namespace))
return retval
def _ovsdb_list_intefaces(self, specify_interface=None):
full_args = ["ovs-vsctl", "list", 'interface']
if specify_interface:
full_args.append(specify_interface)
interfaces_info = utils.execute(full_args, run_as_root=True,
process_input=None)
return interfaces_info
def run_ofctl(self, cmd, args, process_input=None):
full_args = ["ovs-ofctl", cmd, self.br_name] + args
try:
return utils.execute(full_args, run_as_root=True,
process_input=process_input)
except Exception as e:
LOG.error(_LE("Unable to execute %(cmd)s. Exception: "
"%(exception)s"),
{'cmd': full_args, 'exception': e})
def run_ofctl(self, cmd, args, process_input=None):
# We need to dump-groups according to group Id,
# which is a feature of OpenFlow1.5
full_args = ["ovs-ofctl", "-O openflow13", cmd, self.br_name] + args
try:
return utils.execute(full_args, run_as_root=True, process_input=process_input)
except Exception as e:
LOG.exception(e)
LOG.error(_LE("Unable to execute %(args)s."), {"args": full_args})
def execute(self, cmds, addl_env=None, check_exit_code=True, extra_ok_codes=None, run_as_root=False):
ns_params = []
kwargs = {"run_as_root": run_as_root}
if self._parent.namespace:
kwargs["run_as_root"] = True
ns_params = ["ip", "netns", "exec", self._parent.namespace]
env_params = []
if addl_env:
env_params = ["env"] + ["%s=%s" % pair for pair in addl_env.items()]
cmd = ns_params + env_params + list(cmds)
return utils.execute(cmd, check_exit_code=check_exit_code, extra_ok_codes=extra_ok_codes, **kwargs)
def run_vsctl(self, args):
full_args = ["ovs-vsctl"] + self.opts + args
try:
# We log our own errors, so never have utils.execute do it
return utils.execute(full_args, run_as_root=True,
log_fail_as_error=False).rstrip()
except Exception:
with excutils.save_and_reraise_exception() as ctxt:
if self.log_errors:
LOG.exception(_LE("Unable to execute %(cmd)s."),
{'cmd': full_args})
if not self.check_error:
ctxt.reraise = False
def _simulate(self, port_number, packet):
packet_str = packet_raw_data_to_hex(packet)
extra_args = []
while True:
extra_args.append('in_port:{}'.format(port_number))
args = [
'ovs-appctl',
'ofproto/trace',
self.integration_bridge,
','.join(extra_args),
packet_str,
]
appctl_output = utils.execute(
args,
run_as_root=True,
process_input=None,
)
print(appctl_output)
dp_actions = re.findall(
r'^\s*Datapath actions:\s*(.*)$',
appctl_output,
re.MULTILINE,
)[0]
# Reset extra args
extra_args = []
recirc = False
for action in re.findall(r'\w*(?:\(.*?\))?', dp_actions):
# If recirc(ID) action added, we need to trace again with
# provided ID.
if action.startswith('recirc'):
extra_args.append('recirc_id={0}'.format(
re.findall(r'recirc\((.*)\)', action)[0], ))
recirc = True
# If we're traversing through conntrack, add flags and zone.
elif action.startswith('ct'):
params = re.findall(r'ct\((.*)\)', action)[0].split(',')
for p in params:
if p.startswith('zone='):
extra_args.append('ct_zone={0}'.format(p[5:]))
extra_args.append('ct_state=new|trk')
if not recirc:
break
def run_ofctl(self, cmd, args, process_input=None):
#modify code for networking-ofagent by MelonLi
if self.br_name != 'br-int':
full_args = ["ovs-ofctl", cmd, self.br_name] + args
else:
full_args = ["ovs-ofctl", cmd, self.br_name] + args + ["-O OpenFlow13"]
try:
return utils.execute(full_args, run_as_root=True,
process_input=process_input)
except Exception as e:
LOG.error(_LE("Unable to execute %(cmd)s. Exception: "
"%(exception)s"),
{'cmd': full_args, 'exception': e})
def run_vsctl(self, args):
full_args = ["ovs-vsctl"] + self.opts + args
try:
# We log our own errors, so never have utils.execute do it
return utils.execute(full_args, run_as_root=True,
log_fail_as_error=False).rstrip()
except Exception as e:
with excutils.save_and_reraise_exception() as ctxt:
if self.log_errors:
LOG.error(_LE("Unable to execute %(cmd)s. "
"Exception: %(exception)s"),
{'cmd': full_args, 'exception': e})
if not self.check_error:
ctxt.reraise = False
def test_reconnect_of_controller(self):
cmd = ["ovs-vsctl", "get-controller", cfg.CONF.df.integration_bridge]
controller = utils.execute(cmd, run_as_root=True).strip()
cmd[1] = "del-controller"
utils.execute(cmd, run_as_root=True)
dst_ip = self.port2.port.get_logical_port().ip
port_policies = self._create_port_policies(connected=False)
initial_packet = self._create_packet(
dst_ip, ryu.lib.packet.ipv4.inet.IPPROTO_ICMP)
policy = self.store(
app_testing_objects.Policy(
initial_actions=[
app_testing_objects.SendAction(
self.subnet1.subnet_id,
self.port1.port_id,
initial_packet,
),
],
port_policies=port_policies,
unknown_port_action=app_testing_objects.IgnoreAction()))
policy.start(self.topology)
# Since there is no OpenFlow in vswitch, we are expecting timeout
# exception here.
self.assertRaises(app_testing_objects.TimeoutException, policy.wait,
const.DEFAULT_RESOURCE_READY_TIMEOUT)
policy.stop()
if len(policy.exceptions) > 0:
raise policy.exceptions[0]
cmd[1] = "set-controller"
cmd.append(controller)
utils.execute(cmd, run_as_root=True)
time.sleep(apps.CONTROLLER_RECONNECT_TIMEOUT)
self._test_icmp_address(dst_ip)
def create(self, network=None):
if network is None:
network = {
'name': 'public',
'router:external': True,
'provider:network_type': 'flat',
'provider:physical_network': 'public',
}
net_id = super(ExternalNetworkTestObj, self).create(network)
subnet = SubnetTestObj(self.neutron, self.nb_api, net_id)
subnet.create({'cidr': self.GW_CIDR,
'ip_version': n_const.IP_VERSION_4,
'enable_dhcp': False,
'network_id': net_id})
# Hardcode the external bridge name here, as it is the
# only possibility after devstack script running-
br_ex_addr = agent_utils.execute("ip addr show dev br-ex".split(" "))
if self.GW_IP not in br_ex_addr:
agent_utils.execute(("ip addr add " + self.GW_IP +
" dev br-ex").split(" "),
run_as_root=True)
agent_utils.execute("ip link set br-ex up".split(" "),
run_as_root=True)
return net_id
def execute(self, cmds, addl_env=None, check_exit_code=True,
extra_ok_codes=None, run_as_root=False):
ns_params = []
kwargs = {'run_as_root': run_as_root}
if self._parent.namespace:
kwargs['run_as_root'] = True
ns_params = ['ip', 'netns', 'exec', self._parent.namespace]
env_params = []
if addl_env:
env_params = (['env'] +
['%s=%s' % pair for pair in addl_env.items()])
cmd = ns_params + env_params + list(cmds)
return utils.execute(cmd, check_exit_code=check_exit_code,
extra_ok_codes=extra_ok_codes, **kwargs)
def execute(self, cmds, addl_env=None, check_exit_code=True,
extra_ok_codes=None, run_as_root=False):
ns_params = []
kwargs = {'run_as_root': run_as_root}
if self._parent.namespace:
kwargs['run_as_root'] = True
ns_params = ['ip', 'netns', 'exec', self._parent.namespace]
env_params = []
if addl_env:
env_params = (['env'] +
['%s=%s' % pair for pair in addl_env.items()])
cmd = ns_params + env_params + list(cmds)
return utils.execute(cmd, check_exit_code=check_exit_code,
extra_ok_codes=extra_ok_codes, **kwargs)
def delete_conntrack_entries_by_filter(ethertype='IPv4',
protocol=None,
nw_src=None,
nw_dst=None,
zone=None):
cmd = ['conntrack', '-D']
if protocol:
cmd.extend(['-p', str(protocol)])
cmd.extend(['-f', ethertype.lower()])
if nw_src:
cmd.extend(['-s', str(nw_src)])
if nw_dst:
cmd.extend(['-d', str(nw_dst)])
if zone:
cmd.extend(['-w', str(zone)])
try:
utils.execute(cmd,
run_as_root=True,
check_exit_code=True,
extra_ok_codes=[1])
LOG.debug("Successfully executed conntrack command %s", cmd)
except RuntimeError:
LOG.exception("Failed execute conntrack command %s", cmd)
def _run_trace(self, brname, spec):
required_keys = [OVS_TRACE_FINAL_FLOW, OVS_TRACE_DATAPATH_ACTIONS]
t = utils.execute(["ovs-appctl", "ofproto/trace", brname, spec], run_as_root=True)
trace = {}
trace_lines = t.splitlines()
for line in trace_lines:
(l, sep, r) = line.partition(":")
if not sep:
continue
elif l in required_keys:
trace[l] = r
for k in required_keys:
if k not in trace:
self.fail("%s not found in trace %s" % (k, trace_lines))
return trace
def get_xapi_iface_id(self, xs_vif_uuid):
args = [
"xe", "vif-param-get", "param-name=other-config",
"param-key=nicira-iface-id",
"uuid=%s" % xs_vif_uuid
]
try:
return utils.execute(args, run_as_root=True).strip()
except Exception as e:
with excutils.save_and_reraise_exception():
LOG.error(
_LE("Unable to execute %(cmd)s. "
"Exception: %(exception)s"), {
'cmd': args,
'exception': e
})
def _run_trace(self, brname, spec):
required_keys = [OVS_TRACE_FINAL_FLOW, OVS_TRACE_DATAPATH_ACTIONS]
t = utils.execute(["ovs-appctl", "ofproto/trace", brname, spec],
run_as_root=True)
trace = {}
trace_lines = t.splitlines()
for line in trace_lines:
(l, sep, r) = line.partition(':')
if not sep:
continue
elif l in required_keys:
trace[l] = r
for k in required_keys:
if k not in trace:
self.fail("%s not found in trace %s" % (k, trace_lines))
return trace
def create_tap_dev(dev, mac_address=None):
"""Create a tap with name dev and MAC address mac_address on the
operating system.
:param dev: The name of the tap device to create
:type dev: String
:param mac_address: The MAC address of the device, format xx:xx:xx:xx:xx:xx
:type mac_address: String
"""
try:
# First, try with 'ip'
utils.execute(['ip', 'tuntap', 'add', dev, 'mode', 'tap'],
run_as_root=True, check_exit_code=[0, 2, 254])
except Exception as e:
print e
# Second option: tunctl
utils.execute(['tunctl', '-b', '-t', dev], run_as_root=True)
if mac_address:
utils.execute(['ip', 'link', 'set', dev, 'address', mac_address],
run_as_root=True, check_exit_code=[0, 2, 254])
utils.execute(['ip', 'link', 'set', dev, 'up'], run_as_root=True,
check_exit_code=[0, 2, 254])
def create_tap_dev(dev, mac_address=None):
"""Create a tap with name dev and MAC address mac_address on the
operating system.
:param dev: The name of the tap device to create
:type dev: String
:param mac_address: The MAC address of the device, format xx:xx:xx:xx:xx:xx
:type mac_address: String
"""
try:
# First, try with 'ip'
utils.execute(['ip', 'tuntap', 'add', dev, 'mode', 'tap'],
run_as_root=True, check_exit_code=[0, 2, 254])
except Exception as e:
print e
# Second option: tunctl
utils.execute(['tunctl', '-b', '-t', dev], run_as_root=True)
if mac_address:
utils.execute(['ip', 'link', 'set', dev, 'address', mac_address],
run_as_root=True, check_exit_code=[0, 2, 254])
utils.execute(['ip', 'link', 'set', dev, 'up'], run_as_root=True,
check_exit_code=[0, 2, 254])
def run_ofctl(self, cmd, args, process_input=None):
full_args = ["ovs-ofctl", cmd, self.br_name] + args
# TODO(kevinbenton): This error handling is really brittle and only
# detects one specific type of failure. The callers of this need to
# be refactored to expect errors so we can re-raise and they can
# take appropriate action based on the type of error.
for i in range(1, 11):
try:
return utils.execute(full_args, run_as_root=True,
process_input=process_input)
except Exception as e:
if "failed to connect to socket" in str(e):
LOG.debug("Failed to connect to OVS. Retrying "
"in 1 second. Attempt: %s/10", i)
time.sleep(1)
continue
LOG.error(_LE("Unable to execute %(cmd)s. Exception: "
"%(exception)s"),
{'cmd': full_args, 'exception': e})
break
def run_ofctl(self, cmd, args, process_input=None):
full_args = ["ovs-ofctl", cmd, self.br_name] + args
# TODO(kevinbenton): This error handling is really brittle and only
# detects one specific type of failure. The callers of this need to
# be refactored to expect errors so we can re-raise and they can
# take appropriate action based on the type of error.
for i in range(1, 11):
try:
return utils.execute(full_args, run_as_root=True,
process_input=process_input)
except Exception as e:
if "failed to connect to socket" in str(e):
LOG.debug("Failed to connect to OVS. Retrying "
"in 1 second. Attempt: %s/10", i)
time.sleep(1)
continue
LOG.error(_LE("Unable to execute %(cmd)s. Exception: "
"%(exception)s"),
{'cmd': full_args, 'exception': e})
break
def _set_srv6_rules(self, vrf, vrf_ip, ports):
# Encap rules
for port in ports:
# TODO(hichihara): Configure multiple fixed_ips
target_ip = port["ip"] + "/32"
target_node_id = port["segment_node_id"]
if target_node_id is None:
continue
# Ensure connection between VMs have same network(vrf)
target_vrf = port["vrf"]
if target_vrf != vrf:
continue
if target_node_id != self.node_id:
# Create target_sid
target_sid = ("%(node_id)s:%(vrf_ip)s" % {
"node_id": target_node_id,
"vrf_ip": vrf_ip
})
cmd = [
"ip", "route", "replace", target_ip, "encap", "seg6",
"mode", "encap", "segs", target_sid, "dev", vrf, "vrf", vrf
]
utils.execute(cmd, run_as_root=True, check_exit_code=False)
# Default route to network nodes
if self.gw_id:
target_sid = ("%(node_id)s:%(vrf_ip)s" % {
"node_id": self.gw_id,
"vrf_ip": vrf_ip
})
cmd = [
"ip", "route", "replace", "0.0.0.0/0", "encap", "seg6", "mode",
"encap", "segs", target_sid, "dev", vrf, "vrf", vrf
]
utils.execute(cmd, run_as_root=True, check_exit_code=False)
# Decap rules
# TODO(hichihara): Refactor to use ip_lib instead of command execute
decap_sid = ("%(node_id)s:%(vrf_ip)s" % {
"node_id": self.node_id,
"vrf_ip": vrf_ip
})
cmd = [
"ip", "-6", "route", "replace", "local", decap_sid, "encap",
"seg6local", "action", "End.DX4", "nh4", vrf_ip, "dev", vrf
]
utils.execute(cmd, run_as_root=True, check_exit_code=False)
def get_devices(self,
exclude_loopback=True,
exclude_gre_devices=True,
exclude_sit=False):
retval = []
if self.namespace:
# we call out manually because in order to avoid screen scraping
# iproute2 we use find to see what is in the sysfs directory, as
# suggested by Stephen Hemminger (iproute2 dev).
try:
cmd = [
'ip', 'netns', 'exec', self.namespace, 'find',
SYS_NET_PATH, '-maxdepth', '1', '-type', 'l', '-printf',
'%f '
]
output = utils.execute(
cmd,
run_as_root=True,
log_fail_as_error=self.log_fail_as_error).split()
except RuntimeError:
# We could be racing with a cron job deleting namespaces.
# Just return a empty list if the namespace is deleted.
with excutils.save_and_reraise_exception() as ctx:
if not self.netns.exists(self.namespace):
ctx.reraise = False
return []
else:
output = (i for i in os.listdir(SYS_NET_PATH)
if os.path.islink(os.path.join(SYS_NET_PATH, i)))
for name in output:
if (exclude_loopback and name == LOOPBACK_DEVNAME or
exclude_gre_devices and name in GRE_TUNNEL_DEVICE_NAMES):
continue
if exclude_sit and name.startswith(SIT_DEVNAME_PREFIX):
continue
retval.append(IPDevice(name, namespace=self.namespace))
return retval
def get_devices(self, exclude_loopback=False):
retval = []
if self.namespace:
# we call out manually because in order to avoid screen scraping
# iproute2 we use find to see what is in the sysfs directory, as
# suggested by Stephen Hemminger (iproute2 dev).
output = utils.execute(
[
'ip', 'netns', 'exec', self.namespace, 'find',
SYS_NET_PATH, '-maxdepth', '1', '-type', 'l', '-printf',
'%f '
],
run_as_root=True,
log_fail_as_error=self.log_fail_as_error).split()
else:
output = (i for i in os.listdir(SYS_NET_PATH)
if os.path.islink(os.path.join(SYS_NET_PATH, i)))
for name in output:
if exclude_loopback and name == LOOPBACK_DEVNAME:
continue
retval.append(IPDevice(name, namespace=self.namespace))
return retval
def _callback():
flows = utils.execute(
['ovs-appctl', 'bridge/dump-flows', 'br-int'],
run_as_root=True)
return bool(re.search(mac, flows))
def _disconnect_tap_device_to_vswitch(self, vswitch_name, tap_name):
full_args = ['ovs-vsctl', 'del-port', vswitch_name, tap_name]
utils.execute(full_args, run_as_root=True, process_input=None)
def _get_ovs_local_ports(self):
#full_args = ["ovs-dpctl", "show"]
full_args = ["ovs-ofctl", "show", 'br-int', '-O Openflow13']
ports = utils.execute(full_args, run_as_root=True, process_input=None)
return ports
def get_ovs_flows(self):
full_args = ["ovs-ofctl", "dump-flows", 'br-int', '-O Openflow13']
flows = utils.execute(full_args, run_as_root=True, process_input=None)
return flows
def get_ovs_flows(self, integration_bridge):
full_args = ["ovs-ofctl", "dump-flows", integration_bridge,
"-O Openflow13"]
flows = agent_utils.execute(full_args, run_as_root=True,
process_input=None)
return flows
def print_command(full_args, run_as_root=False):
print ('{}'.format(agent_utils.execute(
full_args,
run_as_root=run_as_root,
process_input=None,
)))
def destroy(self):
common_utils.execute(['rm', '-r', '-f', self._directory],
run_as_root=True)
def environment_setup():
bridge = cfg.CONF.df.integration_bridge
interface = cfg.CONF.df_metadata.metadata_interface
port = cfg.CONF.df_metadata.port
if ip_lib.device_exists(interface):
LOG.info("Device %s already exists", interface)
# Destroy the environment when the device exists.
# We can re-initialize the environment correctly.
environment_destroy()
cmd = [
"ovs-vsctl", "add-port", bridge, interface, "--", "set", "Interface",
interface, "type=internal"
]
utils.execute(cmd, run_as_root=True)
ip = cfg.CONF.df_metadata.ip
cmd = ["ip", "addr", "add", "dev", interface, "{}/0".format(ip)]
utils.execute(cmd, run_as_root=True)
cmd = ["ip", "link", "set", "dev", interface, "up"]
utils.execute(cmd, run_as_root=True)
cmd = [
"ip", "route", "add", "0.0.0.0/0", "dev", interface, "table",
METADATA_ROUTE_TABLE_ID
]
utils.execute(cmd, run_as_root=True)
cmd = ["ip", "rule", "add", "from", ip, "table", METADATA_ROUTE_TABLE_ID]
utils.execute(cmd, run_as_root=True)
cmd = [
"iptables", '-I', 'INPUT', '-i', interface, '-p', 'tcp', '--dport',
str(port), '-j', 'ACCEPT'
]
utils.execute(cmd, run_as_root=True)
def _print_command(self, full_args, run_as_root=False):
LOG.info(_LI('{}').format(utils.execute(
full_args,
run_as_root=run_as_root,
process_input=None,
)))
def _get_ovs_flows(self):
full_args = ["ovs-ofctl", "dump-flows", 'br-int', '-O Openflow13']
flows = utils.execute(full_args, run_as_root=True,
process_input=None)
return flows
def _tee(self, path, inputs):
cmd = ['tee', path % self.name]
return utils.execute(cmd, process_input=str(inputs), run_as_root=True,
log_fail_as_error=self.log_fail_as_error)
def _callback():
ports = utils.execute(['ovs-vsctl', 'list-ports', 'br-int'],
run_as_root=True)
return bool(re.search(tap, ports))
def print_command(full_args, run_as_root=False):
print '{}'.format(utils.execute(
full_args,
run_as_root=run_as_root,
process_input=None,
))
def destroy(self):
common_utils.execute(['rm', '-r', '-f', self._directory],
run_as_root=True)
def _get_ovs_local_ports(self):
#full_args = ["ovs-dpctl", "show"]
full_args = ["ovs-ofctl", "show", 'br-int', '-O Openflow13']
ports = utils.execute(full_args, run_as_root=True,
process_input=None)
return ports
def setUp(self):
super(TestNeighborAdvertiser, self).setUp()
self.topology = None
self.policy = None
try:
# Disable Duplicate Address Detection requests from the interface
self.dad_conf = utils.execute(
['sysctl', '-n', 'net.ipv6.conf.default.accept_dad'])
utils.execute(
['sysctl', '-w', 'net.ipv6.conf.default.accept_dad=0'],
run_as_root=True)
# Disable Router Solicitation requests from the interface
self.router_solicit_conf = utils.execute(
['sysctl', '-n', 'net.ipv6.conf.default.router_solicitations'])
utils.execute([
'sysctl', '-w', 'net.ipv6.conf.default.router_solicitations=0'
],
run_as_root=True)
self.topology = app_testing_objects.Topology(
self.neutron, self.nb_api)
subnet1 = self.topology.create_subnet(cidr='1111:1111:1111::/64')
port1 = subnet1.create_port()
port2 = subnet1.create_port()
time.sleep(const.DEFAULT_RESOURCE_READY_TIMEOUT)
# Create Neighbor Solicitation packet
ns_packet = self._create_ns_request(
src_port=port1.port.get_logical_port(),
dst_port=port2.port.get_logical_port(),
)
send_ns_request = app_testing_objects.SendAction(
subnet1.subnet_id,
port1.port_id,
ns_packet,
)
ignore_action = app_testing_objects.IgnoreAction()
log_action = app_testing_objects.LogAction()
key1 = (subnet1.subnet_id, port1.port_id)
adv_filter = app_testing_objects.RyuNeighborAdvertisementFilter()
port_policies = {
key1:
app_testing_objects.PortPolicy(
rules=[
app_testing_objects.PortPolicyRule(
# Detect advertisements
adv_filter,
actions=[
log_action,
app_testing_objects.StopSimulationAction()
]),
app_testing_objects.PortPolicyRule(
# Filter local VM's Multicast requests
app_testing_objects.RyuIpv6MulticastFilter(),
actions=[ignore_action])
],
default_action=app_testing_objects.RaiseAction(
"Unexpected packet")),
}
self.policy = app_testing_objects.Policy(
initial_actions=[send_ns_request],
port_policies=port_policies,
unknown_port_action=ignore_action)
except Exception:
if self.topology:
self.topology.close()
raise
self.store(self.topology)
self.store(self.policy)
def iproute_arg_supported(command, arg):
command += ['help']
stdout, stderr = utils.execute(command, check_exit_code=False,
return_stderr=True, log_fail_as_error=False)
return any(arg in line for line in stderr.split('\n'))
def enable_connection_uri(conn_uri):
manager_uri = _connection_to_manager_uri(conn_uri)
utils.execute(['ovs-vsctl', 'set-manager', manager_uri], run_as_root=True)
def execute(self, cmds, run_as_root=True):
ns_params = ['ip', 'netns', 'exec', self.namespace]
cmd = ns_params + list(cmds)
kwargs = {'run_as_root': run_as_root}
return utils.execute(cmd, **kwargs)
def iproute_arg_supported(command, arg):
command += ['help']
stdout, stderr = utils.execute(command, check_exit_code=False,
return_stderr=True, log_fail_as_error=False)
return any(arg in line for line in stderr.split('\n'))
def get_ovs_flows(self, integration_bridge):
full_args = ["ovs-ofctl", "dump-flows", integration_bridge,
"-O Openflow13"]
flows = utils.execute(full_args, run_as_root=True,
process_input=None)
return flows
def _disconnect_tap_device_to_vswitch(self, vswitch_name, tap_name):
full_args = ['ovs-vsctl', 'del-port', vswitch_name, tap_name]
utils.execute(full_args, run_as_root=True, process_input=None)
def iproute_arg_supported(command, arg):
command += ["help"]
stdout, stderr = utils.execute(command, check_exit_code=False, return_stderr=True)
return any(arg in line for line in stderr.split("\n"))
