def setUp(self): cfg.CONF.register_opts(sg_cfg.security_group_opts, 'SECURITYGROUP') super(IptablesFirewallTestCase, self).setUp() bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge self.client, self.server = self.useFixture( machine_fixtures.PeerMachines(bridge)).machines self.firewall = iptables_firewall.IptablesFirewallDriver( namespace=bridge.namespace) self._set_src_mac(self.MAC_REAL) client_br_port_name = net_helpers.VethFixture.get_peer_name( self.client.port.name) self.src_port_desc = { 'admin_state_up': True, 'device': client_br_port_name, 'device_owner': DEVICE_OWNER_COMPUTE, 'fixed_ips': [self.client.ip], 'mac_address': self.MAC_REAL, 'port_security_enabled': True, 'security_groups': [self.FAKE_SECURITY_GROUP_ID], 'status': 'ACTIVE' }
def create_bridge_port_fixture(self): bridge = self.useFixture( net_helpers.LinuxBridgeFixture(namespace=None)).bridge port_fixture = self.useFixture( net_helpers.LinuxBridgePortFixture( bridge, port_id=uuidutils.generate_uuid())) return bridge, port_fixture
def _test_linuxbridge_cleanup(self, bridge_exists, callback): br_fixture = self.useFixture( tools.SafeCleanupFixture( net_helpers.LinuxBridgeFixture( prefix=lb_agent.BRIDGE_NAME_PREFIX))).fixture config = callback(br_fixture) # NOTE(slaweq): use of oslo.privsep inside neutron-linuxbridge-cleanup # script requires rootwrap helper to be configured in this script's # config config.update({ 'AGENT': { 'root_helper': tests_base.get_rootwrap_cmd(), 'root_helper_daemon': tests_base.get_rootwrap_daemon_cmd() } }) config.update({'VXLAN': {'enable_vxlan': 'False'}}) temp_dir = self.useFixture(fixtures.TempDir()).path conf = self.useFixture( config_fixtures.ConfigFileFixture(base_filename='neutron.conf', config=config, temp_dir=temp_dir)) cmd = 'neutron-linuxbridge-cleanup', '--config-file', conf.filename ip_wrapper = ip_lib.IPWrapper(br_fixture.namespace) ip_wrapper.netns.execute(cmd) self.assertEqual( bridge_exists, ip_lib.device_exists(br_fixture.bridge.name, br_fixture.namespace))
def test_plug_with_namespace_sets_mtu_higher_than_bridge(self): device_mtu = 1450 # Create a new OVS bridge ovs_bridge = self.useFixture(net_helpers.OVSBridgeFixture()).bridge self.assertFalse(ovs_bridge.get_port_name_list()) # Add a new linuxbridge port with reduced MTU to OVS bridge lb_bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge lb_bridge_port = self.useFixture( net_helpers.LinuxBridgePortFixture(lb_bridge)) lb_bridge_port.port.link.set_mtu(device_mtu - 1) ovs_bridge.add_port(lb_bridge_port.port.name) # Now plug a device with intended MTU that is higher than for the port # above and validate that its MTU is not reduced to the least MTU on # the bridge device_name = utils.get_rand_name() mac_address = utils.get_random_mac('fa:16:3e:00:00:00'.split(':')) namespace = self.useFixture(net_helpers.NamespaceFixture()).name self.interface.plug(network_id=uuidutils.generate_uuid(), port_id=uuidutils.generate_uuid(), device_name=device_name, mac_address=mac_address, bridge=ovs_bridge.br_name, namespace=namespace, mtu=device_mtu) self.assertIn(device_name, ovs_bridge.get_port_name_list()) self.assertTrue(ip_lib.device_exists(device_name, namespace)) self.assertEqual( device_mtu, ip_lib.IPDevice(device_name, namespace=namespace).link.mtu)
def _setUp(self): super(LinuxBridgeConnectionTester, self)._setUp() self.bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge machines = self.useFixture( machine_fixtures.PeerMachines(self.bridge, self.ip_cidr)).machines self._peer = machines[0] self._vm = machines[1]
def setUp(self): super(LinuxBridgeARPSpoofTestCase, self).setUp() lbfixture = self.useFixture(net_helpers.LinuxBridgeFixture()) self.addCleanup(setattr, arp_protect, 'NAMESPACE', None) arp_protect.NAMESPACE = lbfixture.namespace bridge = lbfixture.bridge self.source, self.destination, self.observer = self.useFixture( machine_fixtures.PeerMachines(bridge, amount=3)).machines
def _setUp(self): super(LinuxBridgeConnectionTester, self)._setUp() bridge_args = {} if self.bridge_name: bridge_args = {'prefix': self.bridge_name, 'prefix_is_full_name': True} self.bridge = self.useFixture( net_helpers.LinuxBridgeFixture(**bridge_args)).bridge machines = self.useFixture( machine_fixtures.PeerMachines( self.bridge, self.ip_cidr)).machines self._peer = machines[0] self._vm = machines[1]
def get_bridge(self, network_id): if "ovs" in self.agents.keys(): return self.ovs_agent.br_int elif "linuxbridge" in self.agents.keys(): bridge = self.network_bridges.get(network_id, None) if not bridge: br_prefix = lb_agent.LinuxBridgeManager.get_bridge_name( network_id) bridge = self.useFixture( net_helpers.LinuxBridgeFixture( prefix=br_prefix, namespace=self.host_namespace, prefix_is_full_name=True)).bridge self.network_bridges[network_id] = bridge return bridge
def test_plug_with_namespace_sets_mtu_higher_than_bridge(self): # First, add a new linuxbridge port with reduced MTU to OVS bridge lb_bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge lb_bridge_port = self.useFixture( net_helpers.LinuxBridgePortFixture(lb_bridge)) lb_bridge_port.port.link.set_mtu(1400) self.bridge.add_port(lb_bridge_port.port.name) device_name = utils.get_rand_name() namespace = self.useFixture(net_helpers.NamespaceFixture()).name # Now plug a device with intended MTU that is higher than for the port # above and validate that its MTU is not reduced to the least MTU on # the bridge self._test_mtu_set_after_action(device_name, self.bridge_name, namespace)
def _test_linuxbridge_cleanup(self, bridge_exists, callback): br_fixture = self.useFixture( tools.SafeCleanupFixture( net_helpers.LinuxBridgeFixture( prefix=lb_agent.BRIDGE_NAME_PREFIX))).fixture config = callback(br_fixture) temp_dir = self.useFixture(fixtures.TempDir()).path conf = self.useFixture( config_fixtures.ConfigFileFixture(base_filename='neutron.conf', config=config, temp_dir=temp_dir)) cmd = 'neutron-linuxbridge-cleanup', '--config-file', conf.filename ip_wrapper = ip_lib.IPWrapper(br_fixture.namespace) ip_wrapper.netns.execute(cmd) self.assertEqual( bridge_exists, ip_lib.device_exists(br_fixture.bridge.name, br_fixture.namespace))
def setUp(self): cfg.CONF.register_opts(sg_cfg.security_group_opts, 'SECURITYGROUP') super(IptablesFirewallTestCase, self).setUp() bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge # FIXME(cbrandily): temporary, will be replaced by fake machines self.src_ip_wrapper = self.useFixture( net_helpers.NamespaceFixture()).ip_wrapper src_port_fixture = self.useFixture( net_helpers.LinuxBridgePortFixture(bridge, self.src_ip_wrapper.namespace)) self.src_port = src_port_fixture.port self._set_ip_up(self.src_port, '%s/24' % self.SRC_ADDRESS) self.dst_ip_wrapper = self.useFixture( net_helpers.NamespaceFixture()).ip_wrapper self.dst_port = self.useFixture( net_helpers.LinuxBridgePortFixture( bridge, self.dst_ip_wrapper.namespace)).port self._set_ip_up(self.dst_port, '%s/24' % self.DST_ADDRESS) self.firewall = iptables_firewall.IptablesFirewallDriver( namespace=bridge.namespace) self._set_src_mac(self.MAC_REAL) self.src_port_desc = { 'admin_state_up': True, 'device': src_port_fixture.br_port.name, 'device_owner': 'compute:None', 'fixed_ips': [self.SRC_ADDRESS], 'mac_address': self.MAC_REAL, 'port_security_enabled': True, 'security_groups': [self.FAKE_SECURITY_GROUP_ID], 'status': 'ACTIVE' }
def create_bridge_port_fixture(self): bridge = self.useFixture( net_helpers.LinuxBridgeFixture(namespace=None)).bridge port_fixture = self.useFixture( net_helpers.LinuxBridgePortFixture(bridge)) return bridge, port_fixture
def setUp(self): super(BridgeInterfaceDriverTestCase, self).setUp() conf = cfg.ConfigOpts() conf.register_opts(interface.OPTS) self.interface = interface.BridgeInterfaceDriver(conf) self.bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge
def _setUp(self): super(LinuxBridgeConnectionTester, self)._setUp() self._bridge = self.useFixture(net_helpers.LinuxBridgeFixture()).bridge self._peer, self._vm = self.useFixture( machine_fixtures.PeerMachines(self._bridge)).machines