def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
vr_pub_ip = vr_pub_nic.ip
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('delete_vip_before_attach_PF_to_VM', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
vip.check()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
test_util.test_pass("Test Delete VIP before attach Port Forwarding to any VM Successfully")
def create_pf(self, pf_creation_option, target_vm):
'''
combine pf.create() + vip.attach_pf()
'''
pf = zstack_pf_header.ZstackTestPortForwarding()
pf.set_creation_option(pf_creation_option)
pf.create(target_vm)
self.attach_pf(pf)
return pf
def test():
'''
PF test needs at least 3 VR existence. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_tcp_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
vip.check()
test_pf.delete()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('test_pf_after_destroy_vm', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
vip.check()
pf_vm.stop()
pf_vm.check()
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.check()
test_pf.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass(
"Port Forwarding Rule checking pass when stopping VM and destroying VM."
)
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
#we do not need temp_vm1 and temp_vm2, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr2_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
pf_vm.check()
test_pf1.attach(vm_nic.uuid, pf_vm)
test_pf2.attach(vm_nic.uuid, pf_vm)
vip.check()
test_pf1.detach()
test_pf1.delete()
test_pf2.delete()
vip.check()
eip = test_stub.create_eip('create pf/eip test', vip_uuid=vip.get_vip().uuid, vnic_uuid=vm_nic_uuid, vm_obj=pf_vm)
vip.attach_eip(eip)
vip.check()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
test_util.test_pass("Test Port Forwarding and EIP with same VIP Successfully")
def test():
'''
Since VR ip address is assigned by zstack, so we need to use VR to test
PF rules' connectibility.
PF test needs at least 3 VR existence. The PF VM's VR is for set PF
rule. The PF rule will add VIP for PF_VM. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. So the 2nd VR
VM should not be able to access PF_VM.
In this test, will also add SG rules to check the coexistence between
PF and SG. SG rule will be added onto PF_VM's internal IP.
'''
pf_vm = test_stub.create_vr_vm('migrate_pf_sg_vm1', 'imageName_net', 'l3VlanNetwork2')
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vr_vm('migrate_temp_vm1', 'imageName_net', 'l3VlanNetworkName1')
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3VlanNetwork3')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_vr_vm('migrate_temp_vm2', 'imageName_net', 'l3VlanNetwork3')
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip_option = test_util.VipOption()
vip_option.set_l3_uuid(l3_uuid)
vip_uuid = net_ops.create_vip(vip_option).uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid, vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
pf_vm.check()
#Ignore this check, since it has been checked many times in other PF cases.
#test_pf.check()
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg_vm = zstack_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
vm_nics = (vm_nic_uuid, pf_vm)
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP, inventory.INGRESS, vr1_pub_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP, inventory.INGRESS, vr2_pub_ip)
sg1.add_rule([rule1])
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc("PF rule is allowed, since VR1's IP is granted by SG Rule1.")
sg_vm.attach(sg1, [vm_nics])
test_pf.check()
test_stub.migrate_vm_to_random_host(pf_vm)
test_util.test_dsc("Remove rule1 from security group 1.")
test_util.test_dsc("PF rule is still allowed")
sg1.delete_rule([rule1])
test_pf.check()
test_util.test_dsc("Add rule2")
test_util.test_dsc("PF rule is not allowed, since rule2 only allowed the ingress from VR2, but VR2 can't pass PF rule. ")
sg1.add_rule([rule2])
test_pf.check()
test_util.test_dsc("Delete SG")
sg_vm.delete_sg(sg1)
test_util.test_dsc("PF rule is allowed")
test_pf.check()
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
test_pf.delete()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
net_ops.delete_vip(vip_uuid)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
pf_vm2 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm2)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm1.check()
pf_vm2.check()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
vm_nic2 = pf_vm2.vm.vmNics[0]
vm_nic_uuid2 = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr2_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule5_ports, private_target_rule=Port.rule5_ports, vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
pf_vm1.check()
vip.check()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf2.attach(vm_nic_uuid2, pf_vm2)
vip.check()
pf_vm1.stop()
vip.check()
test_pf1.detach()
test_pf1.attach(vm_nic_uuid2, pf_vm2)
pf_vm1.start()
pf_vm1.check()
vip.check()
pf_vm1.stop()
test_pf1.detach()
test_pf2.detach()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf2.attach(vm_nic_uuid1, pf_vm1)
pf_vm1.start()
pf_vm1.check()
vip.check()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
pf_vm2.destroy()
test_obj_dict.rm_vm(pf_vm2)
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def test():
'''
PF test needs at least 3 VR existence. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('multi_rule_vip', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, \
protocol=inventory.TCP, \
vip_target_rule=Port.rule1_ports, \
private_target_rule=Port.rule1_ports, \
vip_uuid=vip_uuid, \
vm_nic_uuid=vm_nic_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt)
test_pf1.create(pf_vm)
vip.attach_pf(test_pf1)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, \
protocol=inventory.UDP, \
vip_target_rule=Port.rule1_ports, \
private_target_rule=Port.rule1_ports, \
vip_uuid=vip_uuid, \
vm_nic_uuid=vm_nic_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt)
test_pf2.create(pf_vm)
vip.attach_pf(test_pf2)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, \
protocol=inventory.UDP, \
vip_target_rule=Port.rule2_ports, \
private_target_rule=Port.rule2_ports, \
vip_uuid=vip_uuid, \
vm_nic_uuid=vm_nic_uuid)
test_pf3 = zstack_pf_header.ZstackTestPortForwarding()
test_pf3.set_creation_option(pf_creation_opt)
test_pf3.create(pf_vm)
vip.attach_pf(test_pf3)
vip.check()
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, \
protocol=inventory.TCP, \
vip_target_rule=Port.rule2_ports, \
private_target_rule=Port.rule2_ports, \
vip_uuid=vip_uuid, \
vm_nic_uuid=vm_nic_uuid)
test_pf4 = zstack_pf_header.ZstackTestPortForwarding()
test_pf4.set_creation_option(pf_creation_opt)
test_pf4.create(pf_vm)
vip.attach_pf(test_pf4)
vip.check()
pf_vm.check()
test_pf1.delete()
test_pf2.delete()
test_pf3.delete()
test_pf4.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
global mevoco1_ip
global mevoco2_ip
global ipsec1
global ipsec2
mevoco1_ip = os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP']
mevoco2_ip = os.environ['secondZStackMnIp']
test_util.test_dsc('Create test vm in mevoco1')
vm1 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict1.add_vm(vm1)
vm1.check()
vm_nic1 = vm1.get_vm().vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm3 = test_stub.create_vlan_vm(os.environ.get('l3VlanNetworkName1'))
test_obj_dict1.add_vm(vm3)
vm3.check()
vm_nic3 = vm3.get_vm().vmNics[0]
vm_nic3_uuid = vm_nic3.uuid
pri_l3_uuid1 = vm1.vm.vmNics[0].l3NetworkUuid
vr1 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid1)[0]
l3_uuid1 = test_lib.lib_find_vr_pub_nic(vr1).l3NetworkUuid
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vip1 = test_stub.create_vip('vip for multi-services', l3_uuid1)
vip_uuid = vip1.get_vip().uuid
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid1)
first_zstack_cidrs = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
test_util.test_dsc('Create test vm in mevoco2')
vm2 = test_stub.create_vlan_vm(os.environ.get('l3VlanDNATNetworkName'))
test_obj_dict2.add_vm(vm2)
vm2.check()
pri_l3_uuid2 = vm2.vm.vmNics[0].l3NetworkUuid
vr2 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid2)[0]
l3_uuid2 = test_lib.lib_find_vr_pub_nic(vr2).l3NetworkUuid
vip2 = test_stub.create_vip('ipsec2_vip', l3_uuid2)
cond = res_ops.gen_query_conditions('uuid', '=', pri_l3_uuid2)
second_zstack_cidrs = res_ops.query_resource(
res_ops.L3_NETWORK, cond)[0].ipRanges[0].networkCidr
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
test_util.test_dsc('Create PF in mevoco1')
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr = test_stub.create_vr_vm(test_obj_dict1, l3_name)
l3_name = os.environ.get('l3VlanNetworkName4')
vr = test_stub.create_vr_vm(test_obj_dict1, l3_name)
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip1.attach_pf(test_pf1)
vip1.check()
test_pf1.attach(vm_nic1_uuid, vm1)
vip1.check()
test_util.test_dsc('Create LB in mevoco1')
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip1.get_vip().uuid)
test_obj_dict1.add_load_balancer(lb)
vip1.attach_lb(lb)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port=222,
lbi_port=22)
lbl = lb.create_listener(lb_creation_option)
lbl.add_nics([vm_nic1_uuid, vm_nic3_uuid])
lb.check()
vip1.check()
test_util.test_dsc('Create ipsec in mevoco1')
ipsec1 = ipsec_ops.create_ipsec_connection('ipsec1', pri_l3_uuid1,
vip2.get_vip().ip, '123456',
vip1.get_vip().uuid,
[second_zstack_cidrs])
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "IPsec" in vip1_db.useFor
assert vip1_db.useFor.count("IPsec") == 1
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
test_util.test_dsc('Create ipsec in mevoco2')
ipsec2 = ipsec_ops.create_ipsec_connection('ipsec2', pri_l3_uuid2,
vip1.get_vip().ip, '123456',
vip2.get_vip().uuid,
[first_zstack_cidrs])
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
if not test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip):
test_util.test_fail(
'vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' %
(mevoco1_ip, mevoco2_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
if not test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip):
test_util.test_fail(
'vm in mevoco1[MN:%s] could not connect to vm in mevoco2[MN:%s]' %
(mevoco2_ip, mevoco1_ip))
# delete ipsec
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
ipsec_ops.delete_ipsec_connection(ipsec1.uuid)
if test_lib.lib_check_ping(vm1.vm, vm2.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail(
'vm in mevoco1[MN:%s] could still connect to vm in mevoco2[MN:%s] after Ipsec is deleted'
% (mevoco1_ip, mevoco2_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
if test_lib.lib_check_ping(vm2.vm, vm1.vm.vmNics[0].ip, no_exception=True):
test_util.test_fail(
'vm in mevoco2[MN:%s] could still connect to vm in mevoco1[MN:%s] after Ipsec is deleted'
% (mevoco2_ip, mevoco1_ip))
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "IPsec" not in vip1_db.useFor
# delete PF
test_pf1.delete()
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert "PortForwarding" not in vip1_db.useFor
# delete LB
lb.delete()
vip1_db = test_lib.lib_get_vip_by_uuid(vip_uuid)
assert vip1_db.useFor is None
test_lib.lib_error_cleanup(test_obj_dict1)
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco2_ip
ipsec_ops.delete_ipsec_connection(ipsec2.uuid)
vip2.delete()
test_lib.lib_error_cleanup(test_obj_dict2)
os.environ['ZSTACK_BUILT_IN_HTTP_SERVER_IP'] = mevoco1_ip
vip1.delete()
test_util.test_pass('Create multiple service with 1 snat IP Success')
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip1_uuid,
vm_nic_uuid=vm_nic1_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(vm)
vip1.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule5_ports,
private_target_rule=Port.rule5_ports,
vip_uuid=vip2_uuid,
vm_nic_uuid=vm_nic2_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create(vm)
vip2.attach_pf(test_pf2)
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
vm.destroy()
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass(
'Create 1 VM with 2 l3_network with 2 VIP PF testing successfully.')
def test():
'''
Since VR ip address is assigned by zstack, so we need to use VR to test
PF rules' connectibility.
PF test needs at least 3 VR existence. The PF VM's VR is for set PF
rule. The PF rule will add VIP for PF_VM. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. So the 2nd VR
VM should not be able to access PF_VM.
In this test, will also add SG rules to check the coexistence between
PF and SG. SG rule will be added onto PF_VM's internal IP.
'''
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'false')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'false')
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_sg_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule1_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf = zstack_pf_header.ZstackTestPortForwarding()
test_pf.set_creation_option(pf_creation_opt)
test_pf.create(pf_vm)
vip.attach_pf(test_pf)
pf_vm.check()
#Ignore this check, since it has been checked many times in other PF cases.
#test_pf.check()
sg1 = test_stub.create_sg()
test_obj_dict.add_sg(sg1.security_group.uuid)
sg_vm = zstack_sg_vm_header.ZstackTestSgVm()
sg_vm.check()
vm_nics = (vm_nic_uuid, pf_vm)
rule1 = test_lib.lib_gen_sg_rule(Port.rule1_ports, inventory.TCP,
inventory.INGRESS, vr1_pub_ip)
rule2 = test_lib.lib_gen_sg_rule(Port.rule2_ports, inventory.TCP,
inventory.INGRESS, vr2_pub_ip)
sg1.add_rule([rule1])
test_util.test_dsc("Add nic to security group 1.")
test_util.test_dsc(
"PF rule is allowed, since VR1's IP is granted by SG Rule1.")
sg_vm.attach(sg1, [vm_nics])
vip.check()
test_util.test_dsc("Remove rule1 from security group 1.")
test_util.test_dsc("PF rule is still allowed")
sg1.delete_rule([rule1])
vip.check()
test_util.test_dsc("Add rule2")
test_util.test_dsc(
"PF rule is not allowed, since rule2 only allowed the ingress from VR2, but VR2 can't pass PF rule. "
)
sg1.add_rule([rule2])
vip.check()
test_util.test_dsc("Delete SG")
sg_vm.delete_sg(sg1)
test_util.test_dsc("PF rule is allowed")
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.check()
test_pf.delete()
vip.delete()
test_obj_dict.rm_vip(vip)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
test_util.test_dsc("create vpc vrouter and attach vpc l3 to vpc")
for vpc_name in vpc_name_list:
vr_list.append(test_stub.create_vpc_vrouter(vpc_name))
for vr, l3_list in izip(vr_list, vpc_l3_list):
test_stub.attach_l3_to_vpc_vr(vr, l3_list)
test_util.test_dsc("create two vm, vm1 in l3 {}, vm2 in l3 {}".format(flavor['vm1l3'], flavor['vm2l3']))
vm1 = test_stub.create_vm_with_random_offering(vm_name='vpc_vm_{}'.format(flavor['vm1l3']), l3_name=flavor['vm1l3'])
test_obj_dict.add_vm(vm1)
vm1.check()
vm2 = test_stub.create_vm_with_random_offering(vm_name='vpc_vm_{}'.format(flavor['vm2l3']), l3_name=flavor['vm2l3'])
test_obj_dict.add_vm(vm2)
vm2.check()
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr_list[0].inv)
test_util.test_dsc("Create vip")
vip = test_stub.create_vip('vip1', vr_pub_nic.l3NetworkUuid)
test_obj_dict.add_vip(vip)
test_util.test_dsc("create testing vr vm")
temp_vm = test_stub.create_vm_with_random_offering(vm_name='test', l3_name='l3NoVlanNetworkName2')
test_obj_dict.add_vm(vm2)
vr_pub_ip = test_lib.lib_find_vr_pub_ip(test_lib.lib_find_vr_by_vm(temp_vm.get_vm())[0])
pf_creation_opt1 = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip.get_vip().uuid)
test.pf1 = zstack_pf_header.ZstackTestPortForwarding()
test.pf1.set_creation_option(pf_creation_opt1)
test.pf1.create()
pf_creation_opt2 = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule3_ports, private_target_rule=Port.rule3_ports, vip_uuid=vip.get_vip().uuid)
test.pf2 = zstack_pf_header.ZstackTestPortForwarding()
test.pf2.set_creation_option(pf_creation_opt2)
test.pf2.create()
for pf in (test.pf1, test.pf2):
vip.attach_pf(pf)
vip.check()
for vm, pf in izip((vm1, vm2), (test.pf1, test.pf2)):
pf.attach(vm.get_vm().vmNics[0].uuid, vm)
vm.check()
vip.check()
for vm in (vm1,vm2):
vm.stop()
vm.start()
vm.check()
for vm, pf in izip((vm1, vm2), (test.pf1, test.pf2)):
pf.detach()
vm.check()
vip.check()
for pf in (test.pf1, test.pf2):
pf.delete()
test_lib.lib_error_cleanup(test_obj_dict)
test_stub.remove_all_vpc_vrouter()
def test():
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_vm1.check()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
test_util.test_dsc("attach, detach and delete pf for many times")
for i in range(1, 451):
test_util.test_logger('round %s' % (i))
starttime = datetime.datetime.now()
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule5_ports,
private_target_rule=Port.rule5_ports,
vip_uuid=vip_uuid)
pf_creation_opt1.set_vip_ports(i, i)
pf_creation_opt1.set_private_ports(i, i)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
if i < 151:
test_pf1.attach(vm_nic_uuid1, pf_vm1)
pf_dict[i] = test_pf1.get_port_forwarding().uuid
elif i < 301:
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf1.detach()
pf_dict[i] = test_pf1.get_port_forwarding().uuid
else:
test_pf1.attach(vm_nic_uuid1, pf_vm1)
test_pf1.detach()
test_pf1.delete()
endtime = datetime.datetime.now()
optime = (endtime - starttime).seconds
test_util.test_dsc("round %s, pf operation time: %s" % (i, optime))
if optime > 30:
test_util.test_fail(
"the pf operation time is %s seconds, more than 30 seconds" %
optime)
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
for j in pf_dict:
net_ops.delete_port_forwarding(pf_dict[j])
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
def test():
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('2 pfs with same vip', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule1_ports,
private_target_rule=Port.rule2_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(pf_vm)
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule3_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip_uuid,
vm_nic_uuid=vm_nic_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create(pf_vm)
vip.attach_pf(test_pf2)
pf_vm.check()
vip.check()
test_pf1.delete()
test_pf2.delete()
import time
time.sleep(1)
vip.check()
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
vip.delete()
test_obj_dict.rm_vip(vip)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
'''
PF test needs at least 3 VR existence. Besides of PF_VM's VR, there
are needed another 2 VR VMs. 1st VR public IP address will be set as
allowedCidr. The 1st VR VM should be able to access PF_VM. The 2nd VR
VM should not be able to access PF_VM.
'''
pf_vm = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr1_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm1 for getting vlan1's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr2_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr2_l3_uuid)
temp_vm2 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm2 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm2)
vr2 = test_lib.lib_find_vr_by_vm(temp_vm2.vm)[0]
else:
vr2 = vrs[0]
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
pf_vm.check()
vm_nic = pf_vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
pri_l3_uuid = vm_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('multi_rule_pf1', l3_uuid)
test_obj_dict.add_vip(vip1)
vip_uuid1 = vip1.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports, vip_uuid=vip_uuid1, vm_nic_uuid=vm_nic_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt)
test_pf1.create(pf_vm)
vip1.attach_pf(test_pf1)
vip1.check()
vip2 = test_stub.create_vip('multi_rule_pf2', l3_uuid)
test_obj_dict.add_vip(vip2)
vip_uuid2 = vip2.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule2_ports, private_target_rule=Port.rule2_ports, vip_uuid=vip_uuid2, vm_nic_uuid=vm_nic_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt)
test_pf2.create(pf_vm)
vip2.attach_pf(test_pf2)
vip2.check()
vip3 = test_stub.create_vip('multi_rule_pf3', l3_uuid)
test_obj_dict.add_vip(vip3)
vip_uuid3 = vip3.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.UDP, vip_target_rule=Port.rule2_ports, private_target_rule=Port.rule2_ports, vip_uuid=vip_uuid3, vm_nic_uuid=vm_nic_uuid)
test_pf3 = zstack_pf_header.ZstackTestPortForwarding()
test_pf3.set_creation_option(pf_creation_opt)
test_pf3.create(pf_vm)
vip3.attach_pf(test_pf3)
vip3.check()
vip4 = test_stub.create_vip('multi_rule_pf4', l3_uuid)
test_obj_dict.add_vip(vip4)
vip_uuid4 = vip4.get_vip().uuid
pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.UDP, vip_target_rule=Port.rule3_ports, private_target_rule=Port.rule3_ports, vip_uuid=vip_uuid4, vm_nic_uuid=vm_nic_uuid)
test_pf4 = zstack_pf_header.ZstackTestPortForwarding()
test_pf4.set_creation_option(pf_creation_opt)
test_pf4.create(pf_vm)
vip4.attach_pf(test_pf4)
vip4.check()
pf_vm.check()
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
if temp_vm2:
temp_vm2.destroy()
test_obj_dict.rm_vm(temp_vm2)
test_pf1.delete()
test_pf2.delete()
test_pf3.delete()
test_pf4.delete()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
vip3.delete()
test_obj_dict.rm_vip(vip3)
vip4.delete()
test_obj_dict.rm_vip(vip4)
pf_vm.destroy()
test_obj_dict.rm_vm(pf_vm)
test_util.test_pass("Test Port Forwarding TCP Rule Successfully")
def test():
flavor = case_flavor[os.environ.get('CASE_FLAVOR')]
test_util.test_dsc("create vpc vrouter and attach vpc l3 to vpc")
for vpc_name in vpc_name_list:
vr_list.append(test_stub.create_vpc_vrouter(vpc_name))
for vr, l3_list in izip(vr_list, vpc_l3_list):
test_stub.attach_l3_to_vpc_vr(vr, l3_list)
test_util.test_dsc("create two vm, vm1 in l3 {}, vm2 in l3 {}".format(
flavor['vm1l3'], flavor['vm2l3']))
vm1 = test_stub.create_vm_with_random_offering(vm_name='vpc_vm_{}'.format(
flavor['vm1l3']),
l3_name=flavor['vm1l3'])
test_obj_dict.add_vm(vm1)
vm1.check()
vm2 = test_stub.create_vm_with_random_offering(vm_name='vpc_vm_{}'.format(
flavor['vm2l3']),
l3_name=flavor['vm2l3'])
test_obj_dict.add_vm(vm2)
vm2.check()
vr_pub_nic = None
test_util.test_dsc("create testing vpc vm")
tmp_vr = test_stub.create_vpc_vrouter('test_vpc')
for nic in tmp_vr.inv.vmNics:
if nic.metaData == "3":
vr_pub_nic = nic
break
test_util.test_dsc("Create vip")
vip = test_stub.create_vip('vip1', vr_pub_nic.l3NetworkUuid)
test_obj_dict.add_vip(vip)
pf_creation_opt = PfRule.generate_pf_rule_option(
vr_pub_nic.ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip.get_vip().uuid)
test.pf = zstack_pf_header.ZstackTestPortForwarding()
test.pf.set_creation_option(pf_creation_opt)
test.pf.create()
vip.attach_pf(test.pf)
vip.check()
if flavor['one_vpc']:
for vm in (vm1, vm2):
test.pf.attach(vm.get_vm().vmNics[0].uuid, vm)
vm.check()
vip.check()
test.pf.detach()
vm.check()
vip.check()
else:
test.pf.attach(vm1.get_vm().vmNics[0].uuid, vm1)
vm1.check()
vip.check()
test.pf.detach()
vm1.check()
vip.check()
test.pf.delete()
pf_creation_opt = PfRule.generate_pf_rule_option(
vr_pub_nic.ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip.get_vip().uuid)
test.pf = zstack_pf_header.ZstackTestPortForwarding()
test.pf.set_creation_option(pf_creation_opt)
test.pf.create()
vip.attach_pf(test.pf)
vip.check()
test.pf.attach(vm2.get_vm().vmNics[0].uuid, vm2)
vm2.check()
vip.check()
test.pf.detach()
vm2.check()
vip.check()
test.pf.delete()
test_lib.lib_error_cleanup(test_obj_dict)
test_stub.remove_all_vpc_vrouter()
def test():
global eip_snatInboundTraffic_default_value
global pf_snatInboundTraffic_default_value
#enable snatInboundTraffic and save global config value
eip_snatInboundTraffic_default_value = \
conf_ops.change_global_config('eip', 'snatInboundTraffic', 'true')
pf_snatInboundTraffic_default_value = \
conf_ops.change_global_config('portForwarding', \
'snatInboundTraffic', 'true')
image_name = os.environ.get('imageName_net')
image_uuid = test_lib.lib_get_image_by_name(image_name).uuid
l3_name = os.environ.get('l3VlanNetworkName1')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list = [l3_net_uuid]
l3_name = os.environ.get('l3VlanDNATNetworkName')
l3_net_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
l3_net_list.append(l3_net_uuid)
vm = test_stub.create_vm(l3_net_list, image_uuid, '2_l3_pf_vm')
test_obj_dict.add_vm(vm)
l3_name = os.environ.get('l3NoVlanNetworkName1')
vr_l3_uuid = test_lib.lib_get_l3_by_name(l3_name).uuid
vrs = test_lib.lib_find_vr_by_l3_uuid(vr_l3_uuid)
temp_vm1 = None
if not vrs:
#create temp_vm2 for getting novlan's vr for test pf_vm portforwarding
temp_vm1 = test_stub.create_user_vlan_vm()
test_obj_dict.add_vm(temp_vm1)
vr1 = test_lib.lib_find_vr_by_vm(temp_vm1.vm)[0]
else:
vr1 = vrs[0]
if vr1.applianceVmType == "vrouter":
test_util.test_skip(
"vrouter VR does not support single VM multiple VIP")
#we do not need temp_vm1, since we just use their VRs.
if temp_vm1:
temp_vm1.destroy()
test_obj_dict.rm_vm(temp_vm1)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vm.check()
vm_nic1 = vm.vm.vmNics[0]
vm_nic1_uuid = vm_nic1.uuid
vm_nic2 = vm.vm.vmNics[1]
vm_nic2_uuid = vm_nic2.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
if vr.applianceVmType == "vrouter":
test_util.test_skip(
"vrouter VR does not support single VM multiple VIP")
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip1 = test_stub.create_vip('vip1_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip1)
vip1_uuid = vip1.get_vip().uuid
vip2 = test_stub.create_vip('vip2_2l3s_vm_test', l3_uuid)
test_obj_dict.add_vip(vip2)
vip2_uuid = vip2.get_vip().uuid
eip1 = test_stub.create_eip('2l3 eip test1', vip_uuid=vip1.get_vip().uuid)
vip1.attach_eip(eip1)
vip1.check()
eip1.attach(vm_nic1_uuid, vm)
vip1.check()
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule3_ports,
private_target_rule=Port.rule3_ports,
vip_uuid=vip2_uuid,
vm_nic_uuid=vm_nic2_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create(vm)
vip2.attach_pf(test_pf1)
vip2.check()
vm.stop()
vm.start()
vm.check()
vip1.check()
vip2.check()
vm.destroy()
vip1.check()
vip2.check()
vip1.delete()
test_obj_dict.rm_vip(vip1)
vip2.delete()
test_obj_dict.rm_vip(vip2)
conf_ops.change_global_config('eip', 'snatInboundTraffic', \
eip_snatInboundTraffic_default_value )
conf_ops.change_global_config('portForwarding', 'snatInboundTraffic', \
pf_snatInboundTraffic_default_value)
test_util.test_pass(
'Create 1 VM with 2 l3_network with 1 eip and 1 PF testing successfully.'
)
def test():
# global test_obj_dict
iam2_ops.clean_iam2_enviroment()
global project_uuid,virtual_id_uuid,project_admin_uuid
zone_uuid = res_ops.get_resource(res_ops.ZONE)[0].uuid
# 1 create project
project_name = 'test_project'
password = \
'b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86'
project = iam2_ops.create_iam2_project(project_name)
project_uuid = project.uuid
linked_account_uuid = project.linkedAccountUuid
attributes = [{"name": "__ProjectRelatedZone__", "value": zone_uuid}]
iam2_ops.add_attributes_to_iam2_project(project_uuid, attributes)
test_stub.share_admin_resource_include_vxlan_pool([linked_account_uuid])
# 2 create projectAdmin into project
project_admin_name = 'projectadmin'
project_admin_uuid = iam2_ops.create_iam2_virtual_id(project_admin_name, password).uuid
iam2_ops.add_iam2_virtual_ids_to_project([project_admin_uuid], project_uuid)
attributes = [{"name": "__ProjectAdmin__", "value": project_uuid}]
iam2_ops.add_attributes_to_iam2_virtual_id(project_admin_uuid, attributes)
project_admin_session_uuid = iam2_ops.login_iam2_virtual_id(project_admin_name,password)
project_admin_session_uuid = iam2_ops.login_iam2_project(project_name,project_admin_session_uuid).uuid
#create Security Group
sg = test_sg_header.ZstackTestSecurityGroup()
sg_creation_option = test_util.SecurityGroupOption()
sg_creation_option.set_name('test_sg')
sg_creation_option.session_uuid = project_admin_session_uuid
sg.set_creation_option(sg_creation_option)
sg.create()
test_obj_dict.add_sg(sg.get_security_group().uuid)
#create EIP
vm = test_stub.create_vm(session_uuid=project_admin_session_uuid)
test_obj_dict.add_vm(vm)
pri_l3_name = os.environ.get('l3VlanNetworkName3')
pri_l3_uuid = test_lib.lib_get_l3_by_name(pri_l3_name).uuid
pub_l3_name = os.environ.get('l3PublicNetworkName')
pub_l3_uuid = test_lib.lib_get_l3_by_name(pub_l3_name).uuid
vm_nic = vm.vm.vmNics[0]
vm_nic_uuid = vm_nic.uuid
vip_for_eip = test_stub.create_vip('create_eip_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_eip)
eip = test_stub.create_eip(vip_uuid=vip_for_eip.get_vip().uuid ,eip_name='create eip test', vnic_uuid=vm_nic_uuid, vm_obj=vm,session_uuid=project_admin_session_uuid)
vip_for_eip.attach_eip(eip)
# create LB
vip_for_lb = test_stub.create_vip('create_lb_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_lb)
lb = zstack_lb_header.ZstackTestLoadBalancer()
lb.create('create lb test', vip_for_lb.get_vip().uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_load_balancer(lb)
vip_for_lb.attach_lb(lb)
lb_creation_option = test_lib.lib_create_lb_listener_option(lbl_port = 222, lbi_port = 22)
lb_creation_option.set_session_uuid(project_admin_session_uuid)
lbl = lb.create_listener(lb_creation_option)
# test PF
vip_for_pf = test_stub.create_vip('create_pf_test', pub_l3_uuid,session_uuid=project_admin_session_uuid)
test_obj_dict.add_vip(vip_for_pf)
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
pf_creation_opt = PfRule.generate_pf_rule_option(vr_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule4_ports, private_target_rule=Port.rule4_ports, vip_uuid=vip_for_pf.get_vip().uuid)
pf_creation_opt.set_session_uuid(project_admin_session_uuid)
pf = test_pf_header.ZstackTestPortForwarding()
pf.set_creation_option(pf_creation_opt)
pf.create()
vip_for_pf.attach_pf(pf)
# delete project
iam2_ops.delete_iam2_project(project_uuid)
iam2_ops.expunge_iam2_project(project_uuid)
test_stub.check_resource_not_exist(eip.get_eip().uuid,res_ops.EIP)
test_stub.check_resource_not_exist(sg.get_security_group().uuid,res_ops.SECURITY_GROUP)
test_stub.check_resource_not_exist(lb.get_load_balancer().uuid,res_ops.LOAD_BALANCER)
test_stub.check_resource_not_exist(lbl.get_load_balancer_listener().uuid,res_ops.LOAD_BALANCER_LISTENER)
test_stub.check_resource_not_exist(pf.get_port_forwarding().uuid,res_ops.PORT_FORWARDING)
test_lib.lib_robot_cleanup(test_obj_dict)
iam2_ops.clean_iam2_enviroment()
test_util.test_pass("Test for iam2 delete project cascade net services success.")
def test():
vip_bandwidth = 1 * 1024
pf_vm1 = test_stub.create_dnat_vm()
test_obj_dict.add_vm(pf_vm1)
pf_vm2 = test_stub.create_vlan_sg_vm()
test_obj_dict.add_vm(pf_vm2)
l3_name = os.environ.get('l3VlanNetworkName1')
vr1 = test_stub.create_vr_vm(test_obj_dict, l3_name)
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
pf_vm1.check()
pf_vm2.check()
vm1_inv = pf_vm1.get_vm()
vm2_inv = pf_vm2.get_vm()
vm_nic1 = pf_vm1.vm.vmNics[0]
vm_nic_uuid1 = vm_nic1.uuid
pri_l3_uuid = vm_nic1.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_nic = test_lib.lib_find_vr_pub_nic(vr)
l3_uuid = vr_pub_nic.l3NetworkUuid
vip = test_stub.create_vip('pf_attach_test', l3_uuid)
test_obj_dict.add_vip(vip)
vip_uuid = vip.get_vip().uuid
vip_ip = vip.get_vip().ip
#pf_creation_opt = PfRule.generate_pf_rule_option(vr1_pub_ip, protocol=inventory.TCP, vip_target_rule=Port.rule1_ports, private_target_rule=Port.rule1_ports)
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_vm1.check()
test_pf1.attach(vm_nic_uuid1, pf_vm1)
vip_qos = net_ops.set_vip_qos(vip_uuid=vip_uuid,
inboundBandwidth=vip_bandwidth * 8 * 1024,
outboundBandwidth=vip_bandwidth * 8 * 1024)
test_stub.make_ssh_no_password(vm1_inv)
test_stub.make_ssh_no_password(vm2_inv)
test_stub.install_iperf(vm1_inv)
test_stub.install_iperf(vm2_inv)
iptables_cmd = "iptables -F"
exec_cmd_in_vm(pf_vm1, iptables_cmd, "Failed to clean iptables.")
test_stub.test_iperf_bandwidth(vm1_inv, vm2_inv, vip_ip, 20502, 20502,
vip_bandwidth)
vip.delete()
test_obj_dict.rm_vip(vip)
pf_vm1.destroy()
test_obj_dict.rm_vm(pf_vm1)
pf_vm2.destroy()
test_obj_dict.rm_vm(pf_vm2)
test_util.test_pass("Test Port Forwarding Vip Qos Successfully.")
def test():
global vm1, vm2, vip
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName']
image_name = os.environ['image_dhcp_name']
# create vm1 vm2
vm1 = test_stub.create_vm_in_vcenter(vm_name='test_vm1',
image_name=image_name,
l3_name=l3_vr_network)
vm2 = test_stub.create_vm_in_vcenter(vm_name='test_vm2',
image_name=image_name,
l3_name=l3_vr_network)
test_obj_dict.add_vm(vm1)
test_obj_dict.add_vm(vm2)
vm1.check()
vm2.check()
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName1']
vr1 = test_stub.create_vm_in_vcenter(vm_name='vm1',
image_name=image_name,
l3_name=l3_vr_network)
l3_vr_network = os.environ['l3vCenterNoVlanNetworkName2']
vr2 = test_stub.create_vm_in_vcenter(vm_name='vm2',
image_name=image_name,
l3_name=l3_vr_network)
test_obj_dict.add_vm(vr1)
test_obj_dict.add_vm(vr2)
vr1_nic = vr1.get_vm().vmNics[0]
pri_l3_uuid = vr1_nic.l3NetworkUuid
vr1 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr1_pub_ip = test_lib.lib_find_vr_pub_ip(vr1)
vr2_nic = vr2.get_vm().vmNics[0]
pri_l3_uuid = vr2_nic.l3NetworkUuid
vr2 = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr2_pub_ip = test_lib.lib_find_vr_pub_ip(vr2)
vm1_nic = vm1.get_vm().vmNics[0]
vm1_nic_uuid = vm1_nic.uuid
vm2_nic = vm2.get_vm().vmNics[0]
vm2_nic_uuid = vm2_nic.uuid
pri_l3_uuid = vm1_nic.l3NetworkUuid
vr = test_lib.lib_find_vr_by_l3_uuid(pri_l3_uuid)[0]
vr_pub_ip = test_lib.lib_find_vr_pub_ip(vr)
vip = zstack_vip_header.ZstackTestVip()
vip.get_snat_ip_as_vip(vr_pub_ip)
vip.isVcenter = True
vip_uuid = vip.get_vip().uuid
pf_creation_opt1 = PfRule.generate_pf_rule_option(
vr1_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule4_ports,
private_target_rule=Port.rule4_ports,
vip_uuid=vip_uuid)
test_pf1 = zstack_pf_header.ZstackTestPortForwarding()
test_pf1.set_creation_option(pf_creation_opt1)
test_pf1.create()
vip.attach_pf(test_pf1)
pf_creation_opt2 = PfRule.generate_pf_rule_option(
vr2_pub_ip,
protocol=inventory.TCP,
vip_target_rule=Port.rule5_ports,
private_target_rule=Port.rule5_ports,
vip_uuid=vip_uuid)
test_pf2 = zstack_pf_header.ZstackTestPortForwarding()
test_pf2.set_creation_option(pf_creation_opt2)
test_pf2.create()
vip.attach_pf(test_pf2)
vm1.check()
vip.check()
# pf_1_attach_vm1 pf_2_attach_vm2
test_pf1.attach(vm1_nic_uuid, vm1)
test_pf2.attach(vm2_nic_uuid, vm2)
vip.check()
vm1.stop()
vip.check()
# pf_1_detach pf_1_attach_vm2
test_pf1.detach()
vip.check()
test_pf1.attach(vm2_nic_uuid, vm2)
vip.check()
vm1.start()
time.sleep(30)
vip.check()
vm1.stop()
test_pf1.detach()
test_pf2.detach()
vip.check()
# pf_1_attach_vm1 pf_2_attach_vm1
test_pf1.attach(vm1_nic_uuid, vm1)
test_pf2.attach(vm1_nic_uuid, vm1)
vm1.start()
time.sleep(50)
vip.check()
# pf_1_delete pf_2_delete
test_pf1.delete()
test_pf2.delete()
# clean_up
test_lib.lib_robot_cleanup(test_obj_dict)
test_util.test_pass("Test Port Forwarding Attach/Detach Successfully")
