class StaticRouteTableBase(BaseNeutronTest):
@classmethod
def setUpClass(cls):
super(StaticRouteTableBase, cls).setUpClass()
cls.quantum_h = cls.connections.quantum_h
cls.nova_h = cls.connections.nova_h
cls.vnc_lib = cls.connections.vnc_lib
cls.agent_inspect = cls.connections.agent_inspect
cls.cn_inspect = cls.connections.cn_inspect
cls.analytics_obj = cls.connections.analytics_obj
#cls.vnc = ContrailVncApi(cls.vnc_lib, cls.logger)
# end setUpClass
@classmethod
def tearDownClass(cls):
super(StaticRouteTableBase, cls).tearDownClass()
# end tearDownClass
def setUp(self):
super(StaticRouteTableBase, self).setUp()
self.static_table_handle = ContrailVncApi(self.vnc_lib, self.logger)
def tearDown(self):
super(StaticRouteTableBase, self).tearDown()
# create 3 vms, left, right middle. middle should sit in both vns
def config_basic(self, vm2=False):
self.vn1_fixture = self.create_vn(disable_dns=True)
self.vn2_fixture = self.create_vn(disable_dns=True)
self.vn1_name = self.vn1_fixture.vn_name
self.vn2_name = self.vn2_fixture.vn_name
self.left_vm_fixture = self.create_vm(self.vn1_fixture)
self.right_vm_fixture = self.create_vm(self.vn2_fixture)
self.left_vm_fixture.wait_till_vm_is_up()
self.right_vm_fixture.wait_till_vm_is_up()
vm1_name = 'middle_vm1'
self.vm1_fixture = self.useFixture(
VMFixture(project_name=self.inputs.project_name,
connections=self.connections,
vn_objs=[self.vn1_fixture.obj, self.vn2_fixture.obj],
vm_name=vm1_name,
node_name=None,
image_name='ubuntu',
flavor='m1.tiny'))
self.vm1_fixture.wait_till_vm_is_up()
cmd = 'echo 1 > /proc/sys/net/ipv4/ip_forward'
self.vm1_fixture.run_cmd_on_vm(cmds=[cmd], as_sudo=True)
vm2_name = 'middle_vm2'
if vm2:
self.vm2_fixture = self.useFixture(
VMFixture(project_name=self.inputs.project_name,
connections=self.connections,
vn_objs=[self.vn1_fixture.obj, self.vn2_fixture.obj],
vm_name=vm2_name,
node_name=None,
image_name='ubuntu',
flavor='m1.tiny'))
self.vm2_fixture.wait_till_vm_is_up()
cmd = 'echo 1 > /proc/sys/net/ipv4/ip_forward'
self.vm2_fixture.run_cmd_on_vm(cmds=[cmd], as_sudo=True)
# create int route table and bind it to the middle vm's vmi's
def add_interface_route_table(self,
src_vn_fix,
dst_vn_fix,
port1_fix=None,
multiple_tables=1,
si=False):
self.intf_table_to_right_objs = []
self.intf_table_to_left_objs = []
self.right_prefixes = []
self.left_prefixes = []
for i in range(0, multiple_tables):
prefix = self.get_prefix(dst_vn_fix, i)
self.right_prefixes.append(prefix)
intf_table_to_right_obj = self.static_table_handle.create_route_table(
prefixes=[prefix],
name=get_random_name("int_table_right"),
parent_obj=self.project.project_obj,
)
if not si:
self.static_table_handle.bind_vmi_to_interface_route_table(
str(port1_fix.get_vmi_ids()[src_vn_fix.vn_fq_name]),
intf_table_to_right_obj)
self.intf_table_to_right_objs.append(intf_table_to_right_obj)
prefix = self.get_prefix(src_vn_fix, i)
self.left_prefixes.append(prefix)
intf_table_to_left_obj = self.static_table_handle.create_route_table(
prefixes=[prefix],
name=get_random_name("int_table_left"),
parent_obj=self.project.project_obj,
)
if not si:
self.static_table_handle.bind_vmi_to_interface_route_table(
str(port1_fix.get_vmi_ids()[dst_vn_fix.vn_fq_name]),
intf_table_to_left_obj)
self.intf_table_to_left_objs.append(intf_table_to_left_obj)
# delete the created int route table
def delete_int_route_table(self,
src_vn=None,
dst_vn=None,
port_fix=None,
si=False):
src_vn_fix = src_vn or self.vn1_fixture
dst_vn_fix = dst_vn or self.vn2_fixture
port_fix = port_fix or self.vm1_fixture
if not si:
self.unbind_interface_table(src_vn_fix, dst_vn_fix, port_fix)
for intf_table in self.intf_table_to_right_objs + self.intf_table_to_left_objs:
self.static_table_handle.delete_interface_route_table(
intf_table.uuid)
# attach the net route table to vn provided
def add_network_table_to_vn(self, vn1_fix, vn2_fix, multiple_tables=1):
self.nw_handle_to_left_objs = []
self.nw_handle_to_right_objs = []
self.right_prefixes = []
self.left_prefixes = []
for i in range(0, multiple_tables):
if str(self.vm1_fixture.vm_ips[0])[:-1] == str(
self.right_vm_fixture.vm_ip)[:-1]:
ip = self.get_prefix(vn1_fix, i)
prefix = self.get_network_prefix_from_ip_mask(ip)
nw_handle_to_left = self.static_table_handle.create_route_table(
prefixes=[prefix],
name=get_random_name("network_table_left_to_right"),
next_hop=self.vm1_fixture.vm_ips[0],
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn2_fix.uuid, nw_route_table_obj=nw_handle_to_left)
self.left_prefixes.append(prefix)
else:
ip = self.get_prefix(vn2_fix, i)
prefix = self.get_network_prefix_from_ip_mask(ip)
nw_handle_to_right = self.static_table_handle.create_route_table(
prefixes=[prefix],
name=get_random_name("network_table_left_to_right"),
next_hop=self.vm1_fixture.vm_ips[0],
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn1_fix.uuid,
nw_route_table_obj=nw_handle_to_right)
self.right_prefixes.append(prefix)
if str(self.vm1_fixture.vm_ips[1])[:-1] == str(
self.right_vm_fixture.vm_ip)[:-1]:
ip = self.get_prefix(vn1_fix, i)
prefix = self.get_network_prefix_from_ip_mask(ip)
nw_handle_to_left = self.static_table_handle.create_route_table(
prefixes=[prefix],
name=get_random_name("network_table_right_to_left"),
next_hop=self.vm1_fixture.vm_ips[1],
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn2_fix.uuid, nw_route_table_obj=nw_handle_to_left)
self.left_prefixes.append(prefix)
else:
ip = self.get_prefix(vn2_fix, i)
prefix = self.get_network_prefix_from_ip_mask(ip)
nw_handle_to_right = self.static_table_handle.create_route_table(
prefixes=[prefix],
name=get_random_name("network_table_right_to_left"),
next_hop=self.vm1_fixture.vm_ips[1],
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn1_fix.uuid,
nw_route_table_obj=nw_handle_to_right)
self.right_prefixes.append(prefix)
self.nw_handle_to_left_objs.append(nw_handle_to_left)
self.nw_handle_to_right_objs.append(nw_handle_to_right)
# delete net route table
def del_nw_route_table(self):
self.unbind_network_table(self.vn1_fixture, self.vn2_fixture)
for nw_handle_to_right in self.nw_handle_to_right_objs:
self.static_table_handle.delete_network_route_table(
nw_handle_to_right.uuid)
for nw_handle_to_left in self.nw_handle_to_left_objs:
self.static_table_handle.delete_network_route_table(
nw_handle_to_left.uuid)
# unbind the int route table from the port provided
def unbind_interface_table(self, src_vn_fix, dst_vn_fix, port1_fix):
for intf_table_to_right_obj in self.intf_table_to_right_objs:
self.static_table_handle.unbind_vmi_from_interface_route_table(
str(port1_fix.get_vmi_ids()[src_vn_fix.vn_fq_name]),
intf_table_to_right_obj)
for intf_table_to_left_obj in self.intf_table_to_left_objs:
self.static_table_handle.unbind_vmi_from_interface_route_table(
str(port1_fix.get_vmi_ids()[dst_vn_fix.vn_fq_name]),
intf_table_to_left_obj)
# bind a int route table to the port provided
def bind_interface_table(self, src_vn_fix, dst_vn_fix, port1_fix):
for intf_table_to_right_obj in self.intf_table_to_right_objs:
self.static_table_handle.bind_vmi_to_interface_route_table(
str(port1_fix.get_vmi_ids()[src_vn_fix.vn_fq_name]),
intf_table_to_right_obj)
for intf_table_to_left_obj in self.intf_table_to_left_objs:
self.static_table_handle.bind_vmi_to_interface_route_table(
str(port1_fix.get_vmi_ids()[dst_vn_fix.vn_fq_name]),
intf_table_to_left_obj)
# unbind the net route table from the vn provided
def unbind_network_table(self, src_vn_fix, dst_vn_fix):
for nw_handle_to_right in self.nw_handle_to_right_objs:
self.static_table_handle.unbind_vn_from_network_route_table(
src_vn_fix.uuid, nw_handle_to_right)
for nw_handle_to_left in self.nw_handle_to_left_objs:
self.static_table_handle.unbind_vn_from_network_route_table(
dst_vn_fix.uuid, nw_handle_to_left)
# bind the net route table to the vn provided
def bind_network_table(self, src_vn_fix, dst_vn_fix):
for nw_handle_to_right in self.nw_handle_to_right_objs:
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=src_vn_fix.uuid, nw_route_table_obj=nw_handle_to_right)
for nw_handle_to_left in self.nw_handle_to_left_objs:
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=dst_vn_fix.uuid, nw_route_table_obj=nw_handle_to_left)
# create a neutron router in addition to the static tables
def neutron_router_test(self):
router_dict = self.create_router('neutron_router')
self.add_vn_to_router(router_dict['id'], self.vn1_fixture)
self.add_vn_to_router(router_dict['id'], self.vn2_fixture)
router_ports = self.quantum_h.get_router_interfaces(router_dict['id'])
router_port_ips = [
item['fixed_ips'][0]['ip_address'] for item in router_ports
]
assert self.left_vm_fixture.ping_with_certainty(
self.right_vm_fixture.vm_ip)
self.delete_vn_from_router(router_dict['id'], self.vn1_fixture)
assert self.left_vm_fixture.ping_with_certainty(
self.right_vm_fixture.vm_ip)
self.add_vn_to_router(router_dict['id'],
self.vn1_fixture,
cleanup=False)
assert self.left_vm_fixture.ping_with_certainty(
self.right_vm_fixture.vm_ip)
# check the number of nexthops for the right route in left table
def check_route_in_agent(self,
expected_next_hops,
prefix=None,
vn_fix=None,
vm_fix=None):
vn_fix = vn_fix or self.vn1_fixture
vm_fix = vm_fix or self.left_vm_fixture
(domain, project, vn) = vn_fix.vn_fq_name.split(':')
inspect_h = self.agent_inspect[vm_fix.vm_node_ip]
agent_vrf_objs = inspect_h.get_vna_vrf_objs(domain, project, vn)
agent_vrf_obj = vm_fix.get_matching_vrf(agent_vrf_objs['vrf_list'],
vn_fix.vrf_name)
vn_vrf_id = agent_vrf_obj['ucindex']
if not prefix:
prefix = self.right_prefixes[0]
cidr_prefix = prefix.split('/')
next_hops = inspect_h.get_vna_active_route(
vrf_id=vn_vrf_id, ip=cidr_prefix[0],
prefix=cidr_prefix[1])['path_list'][0]['nh']
if not next_hops:
result = False
assert result, 'Route not found in the Agent'
else:
self.logger.info('Route found in the Agent')
number_of_nh = re.findall('nh_index', str(next_hops))
if (len(number_of_nh) != expected_next_hops):
result = False
assert result, 'Agent does not reflect the static route addition'
else:
self.logger.info('Agent reflects the static route addition')
def get_prefix(self, vn_fixture, i):
return vn_fixture.get_cidrs()[0].split('/')[0] + '/' + str(
int(vn_fixture.get_cidrs()[0].split('/')[-1]) - i)
def get_network_prefix_from_ip_mask(self, ip):
return str(IPNetwork(ip).cidr)
def attach_interface_route_table_to_si(self,
intf_table,
si,
interface='left'):
intf_table.set_service_instance(
si, ServiceInterfaceTag(interface_type='left'))
self.vnc_lib.interface_route_table_update(intf_table)
def detach_interface_route_table_from_si(self, intf_table, si):
intf_table.del_service_instance(si)
self.vnc_lib.interface_route_table_update(intf_table)
class TestRP(RPBase, BaseBGPaaS, BaseHC, VerifySvcFirewall):
@classmethod
def setUpClass(cls):
super(TestRP, cls).setUpClass()
@classmethod
def tearDownClass(cls):
super(TestRP, cls).tearDownClass()
def is_test_applicable(self):
return (True, None)
def setUp(self):
super(TestRP, self).setUp()
result = self.is_test_applicable()
@test.attr(type=['sanity'])
@preposttest_wrapper
def test_rp_interface(self):
'''
1. Create a routing policy with interface match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '55555'), 'Search term not found in introspect'
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@test.attr(type=['sanity'])
@preposttest_wrapper
def test_rp_interface_static(self):
'''
1. Create a routing policy with interface-static match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict,random_cidr = self.create_interface_static_routes()
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_value = '55555', search_ip = random_cidr), 'Search term not found in introspect'
assert ret_dict['test_vm'].ping_with_certainty(ret_dict['test2_vm'].vm_ip)
@preposttest_wrapper
def test_rp_service_interface(self):
'''
1. Create a routing policy with service-interface match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = '55555')
assert left_vm_fixture.ping_with_certainty(right_vm_fixture.vm_ip)
@preposttest_wrapper
def test_rp_service_chain(self):
'''
1. Create a routing policy with service-chain match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = '55555')
assert left_vm_fixture.ping_with_certainty(right_vm_fixture.vm_ip)
@preposttest_wrapper
def test_rp_bgpaas(self):
'''
1. Create a routing policy with bgpaas match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.create_bgpaas_routes()
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
#will have to wait for bgp hold timer
sleep(90)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_ip = str(ret_dict['vn_fixture'].get_subnets()[0]['cidr']), search_value = '55555')
@test.attr(type=['sanity'])
@preposttest_wrapper
def test_rp_interface_ext_community(self):
'''
1. Create a routing policy with interface match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'target:64512:44444'), 'Search term not found in introspect'
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'target:64512:33333'), 'Search term not found in introspect'
@preposttest_wrapper
def test_rp_interface_static_ext_community(self):
'''
1. Create a routing policy with interface-static match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict,random_cidr = self.create_interface_static_routes()
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_value = 'target:64512:44444',search_ip = random_cidr), 'Search term not found in introspect'
assert ret_dict['test_vm'].ping_with_certainty(ret_dict['test2_vm'].vm_ip)
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_value = 'target:64512:33333',search_ip = random_cidr), 'Search term not found in introspect'
@preposttest_wrapper
def test_rp_service_interface_ext_community(self):
'''
1. Create a routing policy with service-interface match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = 'target:64512:44444')
assert left_vm_fixture.ping_with_certainty(right_vm_fixture.vm_ip)
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = 'target:64512:33333')
@preposttest_wrapper
def test_rp_service_chain_ext_community(self):
'''
1. Create a routing policy with service-chain match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = 'target:64512:44444')
assert left_vm_fixture.ping_with_certainty(right_vm_fixture.vm_ip)
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = 'target:64512:33333'), 'Search term not found in introspect'
@preposttest_wrapper
def test_rp_bgpaas_ext_community(self):
'''
1. Create a routing policy with bgpaas match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.create_bgpaas_routes()
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_ip = str(ret_dict['vn_fixture'].get_subnets()[0]['cidr']), search_value = 'target:64512:44444')
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'set_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_ip = str(ret_dict['vn_fixture'].get_subnets()[0]['cidr']), search_value = 'target:64512:44444'), 'Search term not found in introspect'
@preposttest_wrapper
def test_rp_interface_matrix(self):
'''
1. Create a routing policy with interface match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '666')
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@preposttest_wrapper
def test_rp_interface_static_matrix(self):
'''
1. Create a routing policy with interface-static match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
self.static_table_handle = ContrailVncApi(self.vnc_lib, self.logger)
random_cidr = get_random_cidr()
self.intf_table_to_right_obj = self.static_table_handle.create_route_table(
prefixes=[random_cidr],
name=get_random_name('int_table_right'),
parent_obj=self.project.project_obj,
)
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + vn_fixture.vn_name
self.static_table_handle.bind_vmi_to_interface_route_table(
str(test_vm.get_vmi_ids()[id_entry]),
self.intf_table_to_right_obj)
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '666')
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@preposttest_wrapper
def test_rp_service_interface_matrix(self):
'''
1. Create a routing policy with service-interface match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = '444')
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = '555')
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = '666')
@preposttest_wrapper
def test_rp_bgpaas_matrix(self):
'''
1. Create a routing policy with bgpaas match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
vn_name = get_random_name('bgpaas_vn')
vn_subnets = [get_random_cidr()]
vn_fixture = self.create_vn(vn_name, vn_subnets)
test_vm = self.create_vm(vn_fixture, 'test_vm',
image_name='ubuntu-traffic')
assert test_vm.wait_till_vm_is_up()
bgpaas_vm1 = self.create_vm(vn_fixture, 'bgpaas_vm1',image_name='vsrx')
assert bgpaas_vm1.wait_till_vm_is_up()
bgpaas_fixture = self.create_bgpaas(bgpaas_shared=True, autonomous_system=64500, bgpaas_ip_address=bgpaas_vm1.vm_ip)
bgpaas_vm1.wait_for_ssh_on_vm()
port1 = {}
port1['id'] = bgpaas_vm1.vmi_ids[bgpaas_vm1.vn_fq_name]
address_families = []
address_families = ['inet', 'inet6']
autonomous_system = 64500
gw_ip = vn_fixture.get_subnets()[0]['gateway_ip']
dns_ip = vn_fixture.get_subnets()[0]['dns_server_address']
neighbors = []
neighbors = [gw_ip, dns_ip]
self.logger.info('We will configure BGP on the two vSRX')
self.config_bgp_on_vsrx(src_vm=test_vm, dst_vm=bgpaas_vm1, bgp_ip=bgpaas_vm1.vm_ip, lo_ip=bgpaas_vm1.vm_ip,
address_families=address_families, autonomous_system=autonomous_system, neighbors=neighbors, bfd_enabled=False)
bgpaas_vm1.wait_for_ssh_on_vm()
self.attach_vmi_to_bgpaas(port1['id'], bgpaas_fixture)
self.addCleanup(self.detach_vmi_from_bgpaas,port1['id'], bgpaas_fixture)
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = str(vn_fixture.get_subnets()[0]['cidr']), search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = str(vn_fixture.get_subnets()[0]['cidr']), search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = str(vn_fixture.get_subnets()[0]['cidr']), search_value = '666')
@preposttest_wrapper
def test_rp_service_chain_matrix(self):
'''
1. Create a routing policy with service-chain match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = '444')
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = '555')
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = '666')
@preposttest_wrapper
def test_rp_xmpp_matrix(self):
'''
1. Create a routing policy with interface match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '55555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'add_ext_community', 'sub_to':'target:64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'target:64512:55555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'set_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'target:64512:44444'), 'Search term not found in introspect'
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '666')
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@preposttest_wrapper
def test_rp_network_static_matrix(self):
'''
1. Create a routing policy with interface match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
self.static_table_handle = ContrailVncApi(self.vnc_lib, self.logger)
random_cidr = get_random_cidr()
self.nw_handle_to_right = self.static_table_handle.create_route_table(
prefixes=[random_cidr],
name="network_table_left_to_right",
next_hop=test_vm.vm_ip,
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn_fixture.uuid,
nw_route_table_obj=self.nw_handle_to_right)
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '55555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = 'target:64512:44444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = 'target:64512:33333'), 'Search term not found in introspect'
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '666')
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@preposttest_wrapper
def test_rp_ext_community_list_match_all_reject(self):
'''
1. Create a routing policy with ext_community_list ,interface match and then reject.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'from_term_community':'ext_community_list', 'sub_from_community':['encapsulation:gre','encapsulation:udp'], 'action': 'reject', 'to_term': None}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'RoutingPolicyReject'), 'Search term not found in introspect'
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'from_term_community':'ext_community_list', 'sub_from_community':['encapsulation:gre','encapsulation:udp'], 'action': 'reject', 'to_term': None, 'match_all': True}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'RoutingPolicyReject'), 'Search term not found in introspect'
#give wrong communinty value and check match_all
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'from_term_community':'ext_community_list', 'sub_from_community':['encapsulation:gre','encapsulation:uuup'], 'action': 'reject', 'to_term': None, 'match_all': True}
rp = self.configure_term_routing_policy(config_dicts)
assert not self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'RoutingPolicyReject'), 'Search term found in introspect'
def create_interface_static_routes(self):
ret_dict = self.config_basic()
self.static_table_handle = ContrailVncApi(self.vnc_lib, self.logger)
random_cidr = get_random_cidr()
self.intf_table_to_right_obj = self.static_table_handle.create_route_table(
prefixes=[random_cidr],
name=get_random_name('int_table_right'),
parent_obj=self.project.project_obj,
)
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + ret_dict['vn_fixture'].vn_name
self.static_table_handle.bind_vmi_to_interface_route_table(
str(ret_dict['test_vm'].get_vmi_ids()[id_entry]),
self.intf_table_to_right_obj)
return ret_dict,random_cidr
def create_bgpaas_routes(self):
ret_dict = {}
vn_name = get_random_name('bgpaas_vn')
vn_subnets = [get_random_cidr()]
ret_dict['vn_fixture'] = self.create_vn(vn_name, vn_subnets)
ret_dict['test_vm'] = self.create_vm(ret_dict['vn_fixture'], 'test_vm',
image_name='ubuntu-traffic')
assert ret_dict['test_vm'].wait_till_vm_is_up()
bgpaas_vm1 = self.create_vm(ret_dict['vn_fixture'], 'bgpaas_vm1',image_name='vsrx')
assert bgpaas_vm1.wait_till_vm_is_up()
bgpaas_fixture = self.create_bgpaas(bgpaas_shared=True, autonomous_system=64500, bgpaas_ip_address=bgpaas_vm1.vm_ip)
bgpaas_vm1.wait_for_ssh_on_vm()
port1 = {}
port1['id'] = bgpaas_vm1.vmi_ids[bgpaas_vm1.vn_fq_name]
address_families = []
address_families = ['inet', 'inet6']
autonomous_system = 64500
gw_ip = ret_dict['vn_fixture'].get_subnets()[0]['gateway_ip']
dns_ip = ret_dict['vn_fixture'].get_subnets()[0]['dns_server_address']
neighbors = []
neighbors = [gw_ip, dns_ip]
self.logger.info('We will configure BGP on the two vSRX')
self.config_bgp_on_vsrx(src_vm=ret_dict['test_vm'], dst_vm=bgpaas_vm1, bgp_ip=bgpaas_vm1.vm_ip, lo_ip=bgpaas_vm1.vm_ip,
address_families=address_families, autonomous_system=autonomous_system, neighbors=neighbors, bfd_enabled=False)
bgpaas_vm1.wait_for_ssh_on_vm()
self.attach_vmi_to_bgpaas(port1['id'], bgpaas_fixture)
self.addCleanup(self.detach_vmi_from_bgpaas,port1['id'], bgpaas_fixture)
return ret_dict
class StaticRouteTableBase(BaseNeutronTest):
@classmethod
def setUpClass(cls):
super(StaticRouteTableBase, cls).setUpClass()
cls.quantum_h = cls.connections.quantum_h
cls.nova_h = cls.connections.nova_h
cls.vnc_lib = cls.connections.vnc_lib
cls.agent_inspect = cls.connections.agent_inspect
cls.cn_inspect = cls.connections.cn_inspect
cls.analytics_obj = cls.connections.analytics_obj
#cls.vnc = ContrailVncApi(cls.vnc_lib, cls.logger)
# end setUpClass
@classmethod
def tearDownClass(cls):
super(StaticRouteTableBase, cls).tearDownClass()
# end tearDownClass
def setUp(self):
super(StaticRouteTableBase, self).setUp()
self.static_table_handle = ContrailVncApi(self.vnc_lib, self.logger)
def tearDown(self):
super(StaticRouteTableBase, self).tearDown()
# create 3 vms, left, right middle. middle should sit in both vns
def config_basic(self):
self.vn1_fixture = self.create_vn(disable_dns=True)
self.vn2_fixture = self.create_vn(disable_dns=True)
self.vn1_name = self.vn1_fixture.vn_name
self.vn2_name = self.vn2_fixture.vn_name
self.left_vm_fixture = self.create_vm(self.vn1_fixture)
self.right_vm_fixture = self.create_vm(self.vn2_fixture)
self.left_vm_fixture.wait_till_vm_is_up()
self.right_vm_fixture.wait_till_vm_is_up()
vm1_name = 'middle_vm1'
self.vm1_fixture = self.useFixture(VMFixture(
project_name=self.inputs.project_name, connections=self.connections,
vn_objs=[self.vn1_fixture.obj,
self.vn2_fixture.obj], vm_name=vm1_name, node_name=None,
image_name='ubuntu', flavor='m1.tiny'))
self.vm1_fixture.wait_till_vm_is_up()
cmd = 'echo 1 > /proc/sys/net/ipv4/ip_forward'
self.vm1_fixture.run_cmd_on_vm(cmds=[cmd], as_sudo=True)
# create int route table and bind it to the middle vm's vmi's
def add_interface_route_table(self, src_vn_fix, dst_vn_fix, port1_fix):
self.intf_table_to_right_obj = self.static_table_handle.create_route_table(
prefixes=[str(dst_vn_fix.get_cidrs()[0])],
name="int_table_right",
parent_obj=self.project.project_obj,
)
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + self.vn1_name
self.static_table_handle.bind_vmi_to_interface_route_table(
str(port1_fix.get_vmi_ids()[id_entry]),
self.intf_table_to_right_obj)
self.intf_table_to_left_obj = self.static_table_handle.create_route_table(
prefixes=[str(src_vn_fix.get_cidrs()[0])],
name="int_table_left",
parent_obj=self.project.project_obj,
)
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + self.vn2_name
self.static_table_handle.bind_vmi_to_interface_route_table(
str(port1_fix.get_vmi_ids()[id_entry]),
self.intf_table_to_left_obj)
# delete the created int route table
def delete_int_route_table(self):
self.unbind_interface_table(self.vn1_fixture, self.vn2_fixture, self.vm1_fixture)
self.static_table_handle.delete_interface_route_table(
self.intf_table_to_right_obj.uuid)
self.static_table_handle.delete_interface_route_table(
self.intf_table_to_left_obj.uuid)
# attach the net route table to vn provided
def add_network_table_to_vn(self, vn1_fix, vn2_fix):
if str(self.vm1_fixture.vm_ips[0])[:-1] == str(self.right_vm_fixture.vm_ip)[:-1]:
self.nw_handle_to_left = self.static_table_handle.create_route_table(
prefixes=[str(self.vn1_fixture.get_cidrs()[0])],
name="network_table_left_to_right",
next_hop=self.vm1_fixture.vm_ips[0],
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn2_fix.uuid,
nw_route_table_obj=self.nw_handle_to_left)
else:
self.nw_handle_to_right = self.static_table_handle.create_route_table(
prefixes=[str(self.vn2_fixture.get_cidrs()[0])],
name="network_table_left_to_right",
next_hop=self.vm1_fixture.vm_ips[
0],
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn1_fix.uuid,
nw_route_table_obj=self.nw_handle_to_right)
if str(self.vm1_fixture.vm_ips[1])[:-1] == str(self.right_vm_fixture.vm_ip)[:-1]:
self.nw_handle_to_left = self.static_table_handle.create_route_table(
prefixes=[str(self.vn1_fixture.get_cidrs()[0])],
name="network_table_right_to_left",
next_hop=self.vm1_fixture.vm_ips[
1],
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn2_fix.uuid,
nw_route_table_obj=self.nw_handle_to_left)
else:
self.nw_handle_to_right = self.static_table_handle.create_route_table(
prefixes=[str(self.vn2_fixture.get_cidrs()[0])],
name="network_table_right_to_left",
next_hop=self.vm1_fixture.vm_ips[
1],
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn1_fix.uuid,
nw_route_table_obj=self.nw_handle_to_right)
# delete net route table
def del_nw_route_table(self):
self.unbind_network_table(self.vn1_fixture, self.vn2_fixture)
self.static_table_handle.delete_network_route_table(
self.nw_handle_to_right.uuid)
self.static_table_handle.delete_network_route_table(
self.nw_handle_to_left.uuid)
# unbind the int route table from the port provided
def unbind_interface_table(self, src_vn_fix, dst_vn_fix, port1_fix):
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + self.vn1_name
self.static_table_handle.unbind_vmi_from_interface_route_table(
str(port1_fix.get_vmi_ids()[id_entry]),
self.intf_table_to_right_obj)
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + self.vn2_name
self.static_table_handle.unbind_vmi_from_interface_route_table(
str(port1_fix.get_vmi_ids()[id_entry]),
self.intf_table_to_left_obj)
# bind a int route table to the port provided
def bind_interface_table(self, src_vn_fix, dst_vn_fix, port1_fix):
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + self.vn1_name
self.static_table_handle.bind_vmi_to_interface_route_table(
str(port1_fix.get_vmi_ids()[id_entry]),
self.intf_table_to_right_obj)
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + self.vn2_name
self.static_table_handle.bind_vmi_to_interface_route_table(
str(port1_fix.get_vmi_ids()[id_entry]),
self.intf_table_to_left_obj)
# unbind the net route table from the vn provided
def unbind_network_table(self, src_vn_fix, dst_vn_fix):
self.static_table_handle.unbind_vn_from_network_route_table(
src_vn_fix.uuid,
self.nw_handle_to_right)
self.static_table_handle.unbind_vn_from_network_route_table(
dst_vn_fix.uuid,
self.nw_handle_to_left)
# bind the net route table to the vn provided
def bind_network_table(self, src_vn_fix, dst_vn_fix):
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=src_vn_fix.uuid,
nw_route_table_obj=self.nw_handle_to_right)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=dst_vn_fix.uuid,
nw_route_table_obj=self.nw_handle_to_left)
# create a neutron router in addition to the static tables
def neutron_router_test(self):
router_dict = self.create_router('neutron_router')
self.add_vn_to_router(router_dict['id'], self.vn1_fixture)
self.add_vn_to_router(router_dict['id'], self.vn2_fixture)
router_ports = self.quantum_h.get_router_interfaces(
router_dict['id'])
router_port_ips = [item['fixed_ips'][0]['ip_address']
for item in router_ports]
assert self.left_vm_fixture.ping_with_certainty(
self.right_vm_fixture.vm_ip)
self.delete_vn_from_router(router_dict['id'], self.vn1_fixture)
assert self.left_vm_fixture.ping_with_certainty(
self.right_vm_fixture.vm_ip)
self.add_vn_to_router(
router_dict['id'],
self.vn1_fixture,
cleanup=False)
assert self.left_vm_fixture.ping_with_certainty(
self.right_vm_fixture.vm_ip)
# check the number of nexthops for the right route in left table
def check_route_in_agent(self, expected_next_hops):
(domain, project, vn) = self.vn1_fixture.vn_fq_name.split(':')
inspect_h = self.agent_inspect[self.left_vm_fixture.vm_node_ip]
agent_vrf_objs = inspect_h.get_vna_vrf_objs(domain, project, vn)
agent_vrf_obj = self.left_vm_fixture.get_matching_vrf(
agent_vrf_objs['vrf_list'], self.vn1_fixture.vrf_name)
vn_vrf_id = agent_vrf_obj['ucindex']
cidr_prefix = str(self.vn2_fixture.get_cidrs()[0]).split('/')
next_hops = inspect_h.get_vna_active_route(
vrf_id=vn_vrf_id, ip=cidr_prefix[0], prefix=cidr_prefix[1])['path_list'][0]['nh']
if not next_hops:
result = False
assert result, 'Route not found in the Agent'
else:
self.logger.info('Route found in the Agent')
number_of_nh = re.findall('nh_index', str(next_hops))
if (len(number_of_nh) != expected_next_hops):
result = False
assert result, 'Agent does not reflect the static route addition'
else:
self.logger.info('Agent reflects the static route addition')
class TestRP(RPBase, BaseBGPaaS, BaseHC, VerifySvcFirewall):
@classmethod
def setUpClass(cls):
super(TestRP, cls).setUpClass()
@classmethod
def tearDownClass(cls):
super(TestRP, cls).tearDownClass()
def is_test_applicable(self):
return (True, None)
def setUp(self):
super(TestRP, self).setUp()
result = self.is_test_applicable()
@test.attr(type=['sanity'])
@preposttest_wrapper
def test_rp_interface(self):
'''
1. Create a routing policy with interface match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '55555'), 'Search term not found in introspect'
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@test.attr(type=['sanity'])
@preposttest_wrapper
def test_rp_interface_static(self):
'''
1. Create a routing policy with interface-static match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict,random_cidr = self.create_interface_static_routes()
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_value = '55555', search_ip = random_cidr), 'Search term not found in introspect'
assert ret_dict['test_vm'].ping_with_certainty(ret_dict['test2_vm'].vm_ip)
@preposttest_wrapper
def test_rp_service_interface(self):
'''
1. Create a routing policy with service-interface match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = '55555')
assert left_vm_fixture.ping_with_certainty(right_vm_fixture.vm_ip)
@preposttest_wrapper
def test_rp_service_chain(self):
'''
1. Create a routing policy with service-chain match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = '55555')
assert left_vm_fixture.ping_with_certainty(right_vm_fixture.vm_ip)
@test.attr(type=['sanity'])
@skip_because(mx_gw = False)
@preposttest_wrapper
def test_rp_secondary_routes(self):
'''
Maintainer: [email protected]
Description: CEM-6735 - Enhanced import policy extended to MP-BGP route type
To verify: routing-policy to change routing-parameters for secondary routes ( routes from External Devices )
1. Create VN and add MXs route-target to VN , to import route from MX into VN.
2. Retrieve the local-preference advertised by MX.
3. Create routing-policy to change local-preference and attach to VN
4. Verify updated routing-policy is applied to secondary routes from MX and local-preference value is set to new value mentioned through routing-policy.
'''
vm1_name = get_random_name('vm_private')
vn1_name = get_random_name('vn_private')
vn1_subnets = [get_random_cidr()]
self.allow_default_sg_to_allow_all_on_project(self.inputs.project_name)
vn1_fixture = self.create_vn(vn1_name, vn1_subnets)
mx_rt = self.inputs.mx_rt
if self.inputs.config['test_configuration'].get('router_asn',False):
router_asn = self.inputs.config['test_configuration'].get('router_asn')
else:
router_asn = self.inputs.bgp_asn
vn1_fixture.add_route_target(routing_instance_name=vn1_fixture.ri_name,
router_asn=router_asn, route_target_number=mx_rt)
vn1_fixture.verify_on_setup()
vm1_fixture = self.create_vm(vn1_fixture, vm1_name,
image_name='ubuntu')
vm1_fixture.wait_till_vm_is_up()
initial_local_pref = -1
new_local_pref = -1
for cn in self.inputs.bgp_control_ips:
cn_entries = self.cn_inspect[cn].get_cn_route_table_entry(prefix="0.0.0.0/0",table="inet.0",ri_name=vn1_fixture.ri_name)
if cn_entries:
initial_local_pref = int(cn_entries[0]['local_preference'])
if initial_local_pref == -1:
assert False,"Default route 0.0.0.0/0 is not advertised by MX.Check the MX routing-instance configurations."
config_dicts = {'vn_fixture':vn1_fixture, 'from_term':'protocol','sub_from':'bgp','to_term':'local-preference','sub_to':initial_local_pref + 10}
rp = self.configure_term_routing_policy(config_dicts)
time.sleep(10)
for cn in self.inputs.bgp_control_ips:
cn_entries = self.cn_inspect[cn].get_cn_route_table_entry(prefix="0.0.0.0/0",table="inet.0",ri_name=vn1_fixture.ri_name)
if cn_entries:
new_local_pref = int(cn_entries[0]['local_preference'])
self.logger.info("Old local-preference: %d , New local-preference: %d"%(initial_local_pref,new_local_pref))
if new_local_pref != initial_local_pref + 10:
assert False,"Error: Routing-Policy not applied on Secondary routes from MX and Local Preference is not updated"
self.logger.info("PASS: routing-policy is applied correctly for secondary-routes from MX")
@skip_because(mx_gw = False)
@preposttest_wrapper
def test_rp_secondary_routes_si(self):
'''
Maintainer: [email protected]
Description: CEM-6735 - Enhanced import policy extended to MP-BGP route type. Policy should not be applied on MP-BGP external routes in SC scenario.
To verify:
Apply rp to update local_preference and attach to SI.Verify only primary routes are updated with local_preference value in RP and secondary SC routes
are not affected.
1. Create in-network SC and attach MX's RT to left-vn , to import route from MX to VN.
2. Create Routing Policy to modify local_preference and attach to SI.
3. Verify SC secondary routes ( routes from MX ) are not updated with local_preference from RP.
4. Verify SC Primary routes ( right-vm route on left-service instance vrf ) is updated with local_preference from RP.
'''
self.allow_default_sg_to_allow_all_on_project(self.inputs.project_name)
mx_rt = self.inputs.mx_rt
router_asn = self.inputs.bgp_asn
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
left_svn_fixture = ret_dict['si_left_vn_fixture']
left_vn_fixture.add_route_target(routing_instance_name=left_vn_fixture.ri_name,
router_asn=router_asn, route_target_number=mx_rt)
right_vm_ip = ret_dict['right_vm_fixture'].vm_ip
left_vm_fixture.ping_with_certainty(
right_vm_fixture.vm_ip, count='3')
initial_local_pref_bgp_route = -1
new_local_pref_bgp_route = -1
initial_local_pref_sc_route = -1
new_local_pref_sc_route = -1
for cn in self.inputs.bgp_control_ips:
cn_entries = self.cn_inspect[cn].get_cn_route_table_entry(prefix="0.0.0.0/0",table="inet.0",ri_name=left_svn_fixture.ri_name)
if cn_entries:
initial_local_pref_bgp_route = int(cn_entries[0]['local_preference'])
cn_entries = self.cn_inspect[cn].get_cn_route_table_entry(prefix=right_vm_ip+"/32",table="inet.0",ri_name=left_svn_fixture.ri_name)
if cn_entries:
initial_local_pref_sc_route = int(cn_entries[0]['local_preference'])
if initial_local_pref_bgp_route == -1:
assert False,"Default route 0.0.0.0/0 is not advertised by MX.Check the MX routing-instance configurations."
local_pref_config = initial_local_pref_bgp_route + 10
config_dicts = {'vn_fixture':left_vn_fixture,'si_rp_interface_type': ['left_vn','right_vn'],'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'local-preference','sub_to': local_pref_config}
rp = self.configure_term_routing_policy(config_dicts)
time.sleep(10)
for cn in self.inputs.bgp_control_ips:
cn_entries = self.cn_inspect[cn].get_cn_route_table_entry(prefix="0.0.0.0/0",table="inet.0",ri_name=left_svn_fixture.ri_name)
if cn_entries:
new_local_pref_bgp_route = int(cn_entries[0]['local_preference'])
cn_entries = self.cn_inspect[cn].get_cn_route_table_entry(prefix=right_vm_ip+"/32",table="inet.0",ri_name=left_svn_fixture.ri_name)
if cn_entries:
new_local_pref_sc_route = int(cn_entries[0]['local_preference'])
self.logger.info("BGP Route: Old local-preference: %d , New local-preference: %d"%(initial_local_pref_bgp_route,new_local_pref_bgp_route))
self.logger.info("Primary Route: Old local-preference: %d , New local-preference: %d"%(initial_local_pref_sc_route,new_local_pref_sc_route))
if new_local_pref_bgp_route != initial_local_pref_bgp_route :
assert False,"Error: Routing-Policy applied on SI-Secondary routes from MX and Local Preference is updated.Expected not to apply rp on Secondary routes in SC."
if new_local_pref_sc_route != local_pref_config:
assert False,"Error: Routing-Policy NOT applied on SC-Primary routes."
self.logger.info("PASS: routing-policy is NOT applied ,as expected , for SC secondary-routes from MX.")
self.logger.info("PASS: routing-policy is applied ,as expected , for SC Primary-routes.")
@preposttest_wrapper
def test_rp_bgpaas(self):
'''
1. Create a routing policy with bgpaas match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.create_bgpaas_routes()
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
#will have to wait for bgp hold timer
sleep(90)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_ip = str(ret_dict['vn_fixture'].get_subnets()[0]['cidr']), search_value = '55555')
@test.attr(type=['sanity'])
@preposttest_wrapper
def test_rp_interface_ext_community(self):
'''
1. Create a routing policy with interface match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'target:64512:44444'), 'Search term not found in introspect'
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'target:64512:33333'), 'Search term not found in introspect'
@preposttest_wrapper
def test_rp_interface_static_ext_community(self):
'''
1. Create a routing policy with interface-static match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict,random_cidr = self.create_interface_static_routes()
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_value = 'target:64512:44444',search_ip = random_cidr), 'Search term not found in introspect'
assert ret_dict['test_vm'].ping_with_certainty(ret_dict['test2_vm'].vm_ip)
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_value = 'target:64512:33333',search_ip = random_cidr), 'Search term not found in introspect'
@preposttest_wrapper
def test_rp_service_interface_ext_community(self):
'''
1. Create a routing policy with service-interface match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = 'target:64512:44444')
assert left_vm_fixture.ping_with_certainty(right_vm_fixture.vm_ip)
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = 'target:64512:33333')
@preposttest_wrapper
def test_rp_service_chain_ext_community(self):
'''
1. Create a routing policy with service-chain match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = 'target:64512:44444')
assert left_vm_fixture.ping_with_certainty(right_vm_fixture.vm_ip)
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = 'target:64512:33333'), 'Search term not found in introspect'
@preposttest_wrapper
def test_rp_bgpaas_ext_community(self):
'''
1. Create a routing policy with bgpaas match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.create_bgpaas_routes()
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_ip = str(ret_dict['vn_fixture'].get_subnets()[0]['cidr']), search_value = 'target:64512:44444')
config_dicts = {'vn_fixture':ret_dict['vn_fixture'], 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'set_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(ret_dict['vn_fixture'], ret_dict['test_vm'], search_ip = str(ret_dict['vn_fixture'].get_subnets()[0]['cidr']), search_value = 'target:64512:44444'), 'Search term not found in introspect'
@preposttest_wrapper
def test_rp_interface_matrix(self):
'''
1. Create a routing policy with interface match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '666')
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@preposttest_wrapper
def test_rp_interface_static_matrix(self):
'''
1. Create a routing policy with interface-static match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
self.static_table_handle = ContrailVncApi(self.vnc_lib, self.logger)
random_cidr = get_random_cidr()
self.intf_table_to_right_obj = self.static_table_handle.create_route_table(
prefixes=[random_cidr],
name=get_random_name('int_table_right'),
parent_obj=self.project.project_obj,
)
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + vn_fixture.vn_name
self.static_table_handle.bind_vmi_to_interface_route_table(
str(test_vm.get_vmi_ids()[id_entry]),
self.intf_table_to_right_obj)
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface-static', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '666')
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@preposttest_wrapper
def test_rp_service_interface_matrix(self):
'''
1. Create a routing policy with service-interface match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = '444')
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = '555')
config_dicts = {'vn_fixture':left_vn_fixture, 'from_term':'protocol', 'sub_from':'service-interface', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(self.vnc_lib.routing_instance_read(id = str(self.vnc_lib.virtual_network_read(id = left_vn_fixture.uuid).get_routing_instances()[1]['uuid'])).get_service_chain_information().service_chain_address), search_value = '666')
@preposttest_wrapper
def test_rp_bgpaas_matrix(self):
'''
1. Create a routing policy with bgpaas match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
vn_name = get_random_name('bgpaas_vn')
vn_subnets = [get_random_cidr()]
vn_fixture = self.create_vn(vn_name, vn_subnets)
test_vm = self.create_vm(vn_fixture, 'test_vm',
image_name='ubuntu-traffic')
assert test_vm.wait_till_vm_is_up()
bgpaas_vm1 = self.create_vm(vn_fixture, 'bgpaas_vm1',image_name='vsrx')
assert bgpaas_vm1.wait_till_vm_is_up()
bgpaas_fixture = self.create_bgpaas(bgpaas_shared=True, autonomous_system=64500, bgpaas_ip_address=bgpaas_vm1.vm_ip)
bgpaas_vm1.wait_for_ssh_on_vm()
port1 = {}
port1['id'] = bgpaas_vm1.vmi_ids[bgpaas_vm1.vn_fq_name]
address_families = []
address_families = ['inet', 'inet6']
autonomous_system = 64500
gw_ip = vn_fixture.get_subnets()[0]['gateway_ip']
dns_ip = vn_fixture.get_subnets()[0]['dns_server_address']
neighbors = []
neighbors = [gw_ip, dns_ip]
self.logger.info('We will configure BGP on the two vSRX')
self.config_bgp_on_vsrx(src_vm=test_vm, dst_vm=bgpaas_vm1, bgp_ip=bgpaas_vm1.vm_ip, lo_ip=bgpaas_vm1.vm_ip,
address_families=address_families, autonomous_system=autonomous_system, neighbors=neighbors, bfd_enabled=False)
bgpaas_vm1.wait_for_ssh_on_vm()
self.attach_vmi_to_bgpaas(port1['id'], bgpaas_fixture)
self.addCleanup(self.detach_vmi_from_bgpaas,port1['id'], bgpaas_fixture)
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = str(vn_fixture.get_subnets()[0]['cidr']), search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = str(vn_fixture.get_subnets()[0]['cidr']), search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'bgpaas', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
sleep(90)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = str(vn_fixture.get_subnets()[0]['cidr']), search_value = '666')
@preposttest_wrapper
def test_rp_service_chain_matrix(self):
'''
1. Create a routing policy with service-chain match.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.verify_svc_chain(service_mode='in-network',
create_svms=True, max_inst=1)
si_fixture = ret_dict['si_fixture']
left_vm_fixture = ret_dict['left_vm_fixture']
right_vm_fixture = ret_dict['right_vm_fixture']
left_vn_fixture = ret_dict['left_vn_fixture']
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = '444')
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = '555')
config_dicts = {'vn_fixture':left_vn_fixture, 'si_fixture':si_fixture, 'si_fixture':si_fixture, 'from_term':'protocol', 'sub_from':'service-chain', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(left_vn_fixture, left_vm_fixture, search_ip = str(right_vm_fixture.vm_ip), search_value = '666')
@preposttest_wrapper
def test_rp_xmpp_matrix(self):
'''
1. Create a routing policy with interface match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '55555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'add_ext_community', 'sub_to':'target:64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'target:64512:55555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'set_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'target:64512:44444'), 'Search term not found in introspect'
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'xmpp', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = '666')
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@preposttest_wrapper
def test_rp_network_static_matrix(self):
'''
1. Create a routing policy with interface match and different "to" conditions:med, as-path, local-pref, community.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
self.static_table_handle = ContrailVncApi(self.vnc_lib, self.logger)
random_cidr = get_random_cidr()
self.nw_handle_to_right = self.static_table_handle.create_route_table(
prefixes=[random_cidr],
name="network_table_left_to_right",
next_hop=test_vm.vm_ip,
parent_obj=self.project.project_obj,
next_hop_type='ip-address',
route_table_type='network',
)
self.static_table_handle.bind_network_route_table_to_vn(
vn_uuid=vn_fixture.uuid,
nw_route_table_obj=self.nw_handle_to_right)
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'community', 'sub_to':'64512:55555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '55555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'add_ext_community', 'sub_to':'target:64512:44444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = 'target:64512:44444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'set_ext_community', 'sub_to':'target:64512:33333'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = 'target:64512:33333'), 'Search term not found in introspect'
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'med', 'sub_to':'444'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '444')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'local-preference', 'sub_to':'555'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '555')
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'static', 'to_term':'as-path', 'sub_to':'666'}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_ip = random_cidr, search_value = '666')
assert test_vm.ping_with_certainty(test2_vm.vm_ip)
@preposttest_wrapper
def test_rp_ext_community_list_match_all_reject(self):
'''
1. Create a routing policy with ext_community_list ,interface match and then reject.
2. Launch VMs.
3. Attach policy to VN and confirm if policy takes hold.
'''
ret_dict = self.config_basic()
vn_fixture = ret_dict['vn_fixture']
test_vm = ret_dict['test_vm']
test2_vm = ret_dict['test2_vm']
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'from_term_community':'ext_community_list', 'sub_from_community':['encapsulation:gre','encapsulation:udp'], 'action': 'reject', 'to_term': None}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'RoutingPolicyReject'), 'Search term not found in introspect'
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'from_term_community':'ext_community_list', 'sub_from_community':['encapsulation:gre','encapsulation:udp'], 'action': 'reject', 'to_term': None, 'match_all': True}
rp = self.configure_term_routing_policy(config_dicts)
assert self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'RoutingPolicyReject'), 'Search term not found in introspect'
#give wrong communinty value and check match_all
config_dicts = {'vn_fixture':vn_fixture, 'from_term':'protocol', 'sub_from':'interface', 'from_term_community':'ext_community_list', 'sub_from_community':['encapsulation:gre','encapsulation:uuup'], 'action': 'reject', 'to_term': None, 'match_all': True}
rp = self.configure_term_routing_policy(config_dicts)
assert not self.verify_policy_in_control(vn_fixture, test_vm, search_value = 'RoutingPolicyReject'), 'Search term found in introspect'
def create_interface_static_routes(self):
ret_dict = self.config_basic()
self.static_table_handle = ContrailVncApi(self.vnc_lib, self.logger)
random_cidr = get_random_cidr()
self.intf_table_to_right_obj = self.static_table_handle.create_route_table(
prefixes=[random_cidr],
name=get_random_name('int_table_right'),
parent_obj=self.project.project_obj,
)
id_entry = self.inputs.project_fq_name[0] + ':' + \
self.inputs.project_fq_name[1] + ':' + ret_dict['vn_fixture'].vn_name
self.static_table_handle.bind_vmi_to_interface_route_table(
str(ret_dict['test_vm'].get_vmi_ids()[id_entry]),
self.intf_table_to_right_obj)
return ret_dict,random_cidr
def create_bgpaas_routes(self):
ret_dict = {}
vn_name = get_random_name('bgpaas_vn')
vn_subnets = [get_random_cidr()]
ret_dict['vn_fixture'] = self.create_vn(vn_name, vn_subnets)
ret_dict['test_vm'] = self.create_vm(ret_dict['vn_fixture'], 'test_vm',
image_name='ubuntu-traffic')
assert ret_dict['test_vm'].wait_till_vm_is_up()
bgpaas_vm1 = self.create_vm(ret_dict['vn_fixture'], 'bgpaas_vm1',image_name='vsrx')
assert bgpaas_vm1.wait_till_vm_is_up()
bgpaas_fixture = self.create_bgpaas(bgpaas_shared=True, autonomous_system=64500, bgpaas_ip_address=bgpaas_vm1.vm_ip)
bgpaas_vm1.wait_for_ssh_on_vm()
port1 = {}
port1['id'] = bgpaas_vm1.vmi_ids[bgpaas_vm1.vn_fq_name]
address_families = []
address_families = ['inet', 'inet6']
autonomous_system = 64500
gw_ip = ret_dict['vn_fixture'].get_subnets()[0]['gateway_ip']
dns_ip = ret_dict['vn_fixture'].get_subnets()[0]['dns_server_address']
neighbors = []
neighbors = [gw_ip, dns_ip]
self.logger.info('We will configure BGP on the two vSRX')
self.config_bgp_on_vsrx(src_vm=ret_dict['test_vm'], dst_vm=bgpaas_vm1, bgp_ip=bgpaas_vm1.vm_ip, lo_ip=bgpaas_vm1.vm_ip,
address_families=address_families, autonomous_system=autonomous_system, neighbors=neighbors, bfd_enabled=False)
bgpaas_vm1.wait_for_ssh_on_vm()
self.attach_vmi_to_bgpaas(port1['id'], bgpaas_fixture)
self.addCleanup(self.detach_vmi_from_bgpaas,port1['id'], bgpaas_fixture)
return ret_dict