def define_custom_acl(self, acl_config, acl_entry_config): acl = NetworkACLList.create(self.api_client, self.attributes['acls'][acl_config], vpcid=self.vpc1.id) NetworkACL.create(self.api_client, self.attributes['acls'][acl_config]['entries'][acl_entry_config], networkid=self.network1.id, aclid=acl.id) self.define_acl(acl)
def deploy_network_acl_list(self, acl_list_name, acl_config, network=None, vpc=None): if network: networkid=network.id if network.vpcid: vpcid=network.vpcid acl_list = NetworkACLList.create(self.api_client, name=acl_list_name, services=[], vpcid=vpcid, vpc=vpc) NetworkACL.create(self.api_client, acl_config, networkid=networkid, aclid=acl_list.id) return acl_list
def create_NetworkAclRule(self, rule, traffic_type="Ingress", network=None, acl_list=None): self.debug("Adding NetworkACL rule - %s" % rule) if acl_list: return NetworkACL.create(self.api_client, networkid=network.id if network else None, services=rule, traffictype=traffic_type, aclid=acl_list.id ) else: return NetworkACL.create(self.api_client, networkid=network.id if network else None, services=rule, traffictype=traffic_type )
def test_vpcnetwork_nuage(self): """Test network VPC for Nuage""" # 1) Create VPC with Nuage VPC offering vpcOffering = VpcOffering.list(self.apiclient, name="Nuage VSP VPC offering") self.assert_(vpcOffering is not None and len(vpcOffering) > 0, "Nuage VPC offering not found") vpc = VPC.create(apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.networkacl", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid) self.assert_(vpc is not None, "VPC creation failed") # 2) Create ACL aclgroup = NetworkACLList.create(apiclient=self.apiclient, services={}, name="acl", description="acl", vpcid=vpc.id) self.assertIsNotNone(aclgroup, "Failed to create NetworkACL list") self.debug("Created a network ACL list %s" % aclgroup.name) # 3) Create ACL Item aclitem = NetworkACL.create(apiclient=self.apiclient, services={}, protocol="TCP", number="10", action="Deny", aclid=aclgroup.id, cidrlist=["0.0.0.0/0"]) self.assertIsNotNone(aclitem, "Network failed to aclItem") self.debug("Added a network ACL %s to ACL list %s" % (aclitem.id, aclgroup.name)) # 4) Create network with ACL nwNuage = Network.create(self.apiclient, self.services["vpcnetwork"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, vpcid=vpc.id, aclid=aclgroup.id, gateway='10.1.0.1') self.debug("Network %s created in VPC %s" % (nwNuage.id, vpc.id)) # 5) Deploy a vm vm = VirtualMachine.create(self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=[str(nwNuage.id)]) self.assert_(vm is not None, "VM failed to deploy") self.assert_(vm.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id))
def create_LB_Rule(self, public_ip, network, vmarray, services=None): self.debug("Creating LB rule for IP address: %s" % public_ip.ipaddress.ipaddress) objservices = None if services: objservices = services else: objservices = self.services["lbrule"] lb_rule = LoadBalancerRule.create(self.apiclient, objservices, ipaddressid=public_ip.ipaddress.id, accountid=self.account.name, networkid=network.id, vpcid=self.vpc.id, domainid=self.account.domainid) self.debug("Adding virtual machines %s and %s to LB rule" % (vmarray[0], vmarray[1])) lb_rule.assign(self.apiclient, vmarray) self.debug("Adding NetworkACl rules to make NAT rule accessible") nwacl_nat = NetworkACL.create(self.apiclient, objservices, networkid=network.id, traffictype='Ingress') self.cleanup.append(nwacl_nat) self.debug('nwacl_nat=%s' % nwacl_nat.__dict__) return lb_rule
def create_LB_Rule(self, public_ip, network, vmarray, services=None): self.debug("Creating LB rule for IP address: %s" % public_ip.ipaddress.ipaddress) objservices = None if services: objservices = services else: objservices = self.services["lbrule"] lb_rule = LoadBalancerRule.create( self.apiclient, objservices, ipaddressid=public_ip.ipaddress.id, accountid=self.account.name, networkid=network.id, vpcid=self.vpc.id, domainid=self.account.domainid ) self.debug("Adding virtual machines %s and %s to LB rule" % (vmarray[0], vmarray[1])) lb_rule.assign(self.apiclient, vmarray) self.debug("Adding NetworkACl rules to make NAT rule accessible") nwacl_nat = NetworkACL.create(self.apiclient, objservices, networkid=network.id, traffictype='Ingress' ) self.debug('nwacl_nat=%s' % nwacl_nat.__dict__) return lb_rule
def create_natrule_for_services(self, vm, public_ip, network, services=None): self.debug( f"Creating NAT rule in network for vm {vm.name} with public IP {public_ip.ipaddress.ipaddress}" ) if not services: services = self.services["natrule"] nat_rule = NATRule.create(self.apiclient, vm, services, ipaddressid=public_ip.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=self.vpc.id) self.cleanup.append(nat_rule) self.debug("Adding NetworkACL rules to make NAT rule accessible") nwacl_nat = NetworkACL.create(self.apiclient, networkid=network.id, services=services, traffictype='Ingress') self.cleanup.append(nwacl_nat) self.debug(f'nwacl_nat={nwacl_nat.__dict__}') return nat_rule
def define_custom_acl(self): acl1 = NetworkACLList.create(self.api_client, self.attributes['acls']['acl1'], vpcid=self.vpc1.id) NetworkACL.create(self.api_client, self.attributes['acls']['acl1']['entries']['entry1'], networkid=self.network1.id, aclid=acl1.id) try: command = replaceNetworkACLList.replaceNetworkACLListCmd() command.aclid = acl1.id command.gatewayid = self.private_gateway1.id response = self.api_client.replaceNetworkACLList(command) except Exception as e: raise Exception("Exception: %s" % e) self.assertTrue(response.success) self.logger.debug("Private Gateway '%s' ACL replaced", self.private_gateway1.ipaddress) acl2 = NetworkACLList.create(self.api_client, self.attributes['acls']['acl2'], vpcid=self.vpc2.id) NetworkACL.create(self.api_client, self.attributes['acls']['acl2']['entries']['entry2'], networkid=self.network2.id, aclid=acl2.id) try: command2 = replaceNetworkACLList.replaceNetworkACLListCmd() command2.aclid = acl2.id command2.gatewayid = self.private_gateway2.id response2 = self.api_client.replaceNetworkACLList(command2) except Exception as e: raise Exception("Exception: %s" % e) self.assertTrue(response2.success) self.logger.debug("Private Gateway '%s' ACL replaced", self.private_gateway2.ipaddress)
def create_ingress_rule(self, network, services=None): if not services: services = self.services["ssh_rule"] self.debug("Adding NetworkACL rules to make NAT rule accessible") nwacl_nat = NetworkACL.create(self.apiclient, services, networkid=network.id, traffictype='Ingress') return nwacl_nat
def create_egress_Internet_Rule(self, network): self.debug("Adding Egress rules to network %s and %s to allow access to internet" % (network.name,self.services["http_rule"])) nwacl_internet_1 = NetworkACL.create( self.apiclient, networkid=network.id, services=self.services["http_rule"], traffictype='Egress' ) return nwacl_internet_1
def create_ingress_rule(self, network, services=None): if not services: services = self.services["ssh_rule"] self.debug("Adding NetworkACL rules to make NAT rule accessible") nwacl_nat = NetworkACL.create(self.apiclient, services, networkid=network.id, traffictype='Ingress' ) return nwacl_nat
def open_egress_to_world(self, network): self.debug("Adding Egress rules to network %s and %s to allow access to internet" % (network.name,self.services["http_rule"])) nwacl_internet_1 = NetworkACL.create( self.apiclient, networkid=network.id, services=self.services["http_rule"], traffictype='Ingress' ) return nwacl_internet_1
def test_vpcnetwork_nuage(self): """Test network VPC for Nuage""" # 1) Create VPC with Nuage VPC offering vpcOffering = VpcOffering.list(self.apiclient,name="Nuage VSP VPC offering") self.assert_(vpcOffering is not None and len(vpcOffering)>0, "Nuage VPC offering not found") vpc = VPC.create( apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc.networkacl", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid ) self.assert_(vpc is not None, "VPC creation failed") # 2) Create ACL aclgroup = NetworkACLList.create(apiclient=self.apiclient, services={}, name="acl", description="acl", vpcid=vpc.id) self.assertIsNotNone(aclgroup, "Failed to create NetworkACL list") self.debug("Created a network ACL list %s" % aclgroup.name) # 3) Create ACL Item aclitem = NetworkACL.create(apiclient=self.apiclient, services={}, protocol="TCP", number="10", action="Deny", aclid=aclgroup.id, cidrlist=["0.0.0.0/0"]) self.assertIsNotNone(aclitem, "Network failed to aclItem") self.debug("Added a network ACL %s to ACL list %s" % (aclitem.id, aclgroup.name)) # 4) Create network with ACL nwNuage = Network.create( self.apiclient, self.services["vpcnetwork"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, vpcid=vpc.id, aclid=aclgroup.id, gateway='10.1.0.1' ) self.debug("Network %s created in VPC %s" %(nwNuage.id, vpc.id)) # 5) Deploy a vm vm = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=[str(nwNuage.id)] ) self.assert_(vm is not None, "VM failed to deploy") self.assert_(vm.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" %(vm.id, vpc.id))
def deploy_rule(self, rule_data, acl): self.logger.debug('>>> ACL RULE => Creating...') rule = NetworkACL.create(api_client=self.api_client, data=rule_data, acl=acl) self.logger.debug( '>>> ACL RULE => ID: %s => Number: %s => Action: %s => Traffic Type: %s ' '=> CIDR List: %s => Protocol: %s => Start Port: %s => End Port: %s => ACL: %s', rule.id, rule.number, rule.action, rule.traffictype, rule.cidrlist, rule.protocol.upper(), rule.startport, rule.endport, rule.aclid)
def deploy_rule(self, rule_data, acl): self.logger.debug('>>> ACL RULE => Creating...') rule = NetworkACL.create( api_client=self.api_client, data=rule_data, acl=acl ) self.logger.debug('>>> ACL RULE => ID: %s => Number: %s => Action: %s => Traffic Type: %s ' '=> CIDR List: %s => Protocol: %s => Start Port: %s => End Port: %s => ACL: %s', rule.id, rule.number, rule.action, rule.traffictype, rule.cidrlist, rule.protocol.upper(), rule.startport, rule.endport, rule.aclid)
def deploy_network_acl_list(self, acl_list_name, acl_config, network=None, vpc=None): if network: networkid = network.id if network.vpcid: vpcid = network.vpcid acl_list = NetworkACLList.create(self.api_client, name=acl_list_name, services=[], vpcid=vpcid, vpc=vpc) NetworkACL.create(self.api_client, acl_config, networkid=networkid, aclid=acl_list.id) return acl_list
def create_NatRule_For_VM(self, vm, public_ip, network): self.debug("Creatinng NAT rule in network for vm with public IP") nat_rule = NATRule.create(self.apiclient, vm, self.services["natrule"], ipaddressid=public_ip.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=self.vpc.id) self.debug("Adding NetwrokACl rules to make NAT rule accessible") nwacl_nat = NetworkACL.create(self.apiclient, networkid=network.id, services=self.services["natrule"], traffictype='Ingress') self.debug('nwacl_nat=%s' % nwacl_nat.__dict__) return nat_rule
def create_NatRule_For_VM(self, vm, public_ip, network): self.debug("Creatinng NAT rule in network for vm with public IP") nat_rule = NATRule.create(self.apiclient, vm, self.services["natrule"], ipaddressid=public_ip.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=self.vpc.id ) self.debug("Adding NetwrokACl rules to make NAT rule accessible") nwacl_nat = NetworkACL.create(self.apiclient, networkid=network.id, services=self.services["natrule"], traffictype='Ingress' ) self.debug('nwacl_nat=%s' % nwacl_nat.__dict__) return nat_rule
def create_natrule(self, vm, public_ip, network, services=None): self.logger.debug("Creating NAT rule in network for vm with public IP") if not services: services = self.services["natrule_ssh"] nat_rule = NATRule.create(self.apiclient, vm, services, ipaddressid=public_ip.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=self.vpc.id) self.logger.debug( "Adding NetworkACL rules to make NAT rule accessible") nwacl_nat = NetworkACL.create(self.apiclient, networkid=network.id, services=services, traffictype='Ingress') self.logger.debug('nwacl_nat=%s' % nwacl_nat.__dict__) return nat_rule
def create_natrule(self, vm, public_ip, network, vpc_id): self.logger.debug("Creating NAT rule in network for vm with public IP") nat_rule_services = self.services["natrule"] nat_rule = NATRule.create( self.apiclient, vm, nat_rule_services, ipaddressid=public_ip.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=vpc_id, ) self.logger.debug("Adding NetworkACL rules to make NAT rule accessible") nwacl_nat = NetworkACL.create( self.apiclient, networkid=network.id, services=nat_rule_services, traffictype="Ingress" ) self.logger.debug("nwacl_nat=%s" % nwacl_nat.__dict__) return nat_rule
def setUpClass(cls): cloudstackTestClient = super( TestMultipleVPNAccessonVPC, cls ).getClsTestClient() cls.debug("Obtain the Admin's API Client") cls.api_client = cloudstackTestClient.getApiClient() cls.debug("Get the dictionary information that will be used during CCP tests, from test_data.py present on the Client") cls.services = cloudstackTestClient.getParsedTestDataConfig() if cls.services is None: cls.debug("Services Object is None") raise Exception("Services Object is None") cls.debug("Procure the CloudStack Setup configuration Information") with open(cls.services["config_path"], 'rb') as fp: cls.pullconfig = json.load(fp) cls.debug("Update 'remote.access.vpn.client.iprange','remote.access.vpn.user.limit','max.account.primary.storage','max.account.public.ips','max.account.user.vms','max.account.volumes','max.account.cpus', Global Configuration Parameters") update_vpn_client_iprange = Configurations.update( cls.api_client, name="remote.access.vpn.client.iprange", value="10.1.2.1-10.1.2.120") cls.debug("'remote.access.vpn.client.iprange' Global Configuration Parameter Updated Successfully") update_vpn_user_limit = Configurations.update( cls.api_client, name="remote.access.vpn.user.limit", value=str(int(cls.services["vpnclient_count"]*2)) ) cls.debug("'remote.access.vpn.user.limit' Global Configuration Parameter Updated Successfully") update_max_account_primary_stg_limit = Configurations.update( cls.api_client, name="max.account.primary.storage", value=str(int(cls.services["vpnclient_count"]*20 + 100)) ) cls.debug("'max.account.primary.storage' Global Configuration Parameter Updated Successfully") update_max_account_public_ips_limit = Configurations.update( cls.api_client, name="max.account.public.ips", value=str(int(cls.services["vpnclient_count"]*2 + 10)) ) cls.debug("'max.account.public.ips' Global Configuration Parameter Updated Successfully") update_max_account_user_vms_limit = Configurations.update( cls.api_client, name="max.account.user.vms", value=str(int(cls.services["vpnclient_count"]*2)) ) cls.debug("'max.account.user.vms' Global Configuration Parameter Updated Successfully") update_max_account_volumes_limit = Configurations.update( cls.api_client, name="max.account.volumes", value=str(int(cls.services["vpnclient_count"]*2)) ) cls.debug("'max.account.volumes' Global Configuration Parameter Updated Successfully") update_max_account_cpus_limit = Configurations.update( cls.api_client, name="max.account.cpus", value=str(int(cls.services["vpnclient_count"]*2)) ) cls.debug("'max.account.cpus' Global Configuration Parameter Updated Successfully") cls.debug("Restart the Management Server") TestMultipleVPNAccessonVPC.restart_mgmt_server(cls.services["config_path"]) cls.debug("Completed restarting the Management Server") cls.debug("Wait for 120 seconds...") time.sleep(120) cls.debug("End of 120 seconds wait time....") # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client) cls.zone = get_zone( cls.api_client, zone_name = cls.services["zone_vpn"]["name"]) cls.debug("Use an Existing 'Tiny Instance' Service Offering on the Setup") list_service_offerings = [] list_service_offerings = list_service_offering( cls.api_client, keyword="Tiny Instance", ) cls._cleanup = [] if list_service_offerings is not None: cls.debug("Found an Existing 'Tiny Instance' Service Offering on the Setup") cls.service_offering = list_service_offerings[0] else: cls.debug("Create a service offering which will be used for VM deployments in this test") cls.service_offering = ServiceOffering.create( cls.api_client, cls.services["service_offering"] ) cls.debug("Add the created service offering to the _cleanup queue") cls._cleanup.append(cls.service_offering) try: cls.debug("Create or Use Existing Account to own the VPN Clients, which is used to test Remote VPN Access to VPC") cls.api_client_vpn_client_reg_user = cloudstackTestClient.getUserApiClient( UserName="******", DomainName="ROOT" ) list_vpn_client_regular_user = User.list( cls.api_client, username="******" ) cls.debug("Procure the Account Name and DomainID Information of the Regular Account") cls.vpn_client_reg_acct_name = list_vpn_client_regular_user[0].account cls.vpn_client_reg_domain_id = list_vpn_client_regular_user[0].domainid list_vpn_client_regular_user_acct = Account.list( cls.api_client, name = cls.vpn_client_reg_acct_name, listall = True ) cls._cleanup.append(Account(list_vpn_client_regular_user_acct[0].__dict__)) # Register a Template that already has VPN client installed on it. The template registered here # has extra scripts to facilitate automated operations to execute Test Cases. # Template has pre-configured configuration files required for the VPN Client operations. # The following files are present on the registered template. The location of the files are locations # on a VM deployed from this template # 1. "/tmp/ipsec.conf" # 2. "/tmp/ipsec.secrets" # 3. "/tmp/options.xl2tpd.client" # 4. "/tmp/xl2tpd.conf" # 5 "/tmp/vpnclient_services.sh" # 6. "/tmp/firstconn_expectscript.exp" # 7. "/tmp/secondconn_expectscript.exp" cls.debug("Use an Existing VPN Client Template on the Setup") list_vpn_client_templates = list_templates( cls.api_client_vpn_client_reg_user, keyword="VPNClient", templatefilter="featured", zoneid = cls.zone.id ) if list_vpn_client_templates is not None: cls.debug("Found an Existing VPN Client Template on the Setup") cls.template = list_vpn_client_templates[0] else: cls.debug("Register a Template that already has VPN client installed on it") cls.template = Template.register( cls.api_client, cls.services["vpn_template"], zoneid=cls.zone.id, hypervisor='XenServer' ) cls._cleanup.append(cls.template) cls.debug("Sleep for {0} seconds specified in the dictionary before checking for Template's Availability".format(cls.services["sleep"])) time.sleep(cls.services["sleep"]) cls.debug("Procure Timeout Value from the dictionary") timeout = cls.services["timeout"] while True: list_template_response = list_templates( cls.api_client_vpn_client_reg_user, templatefilter='featured', id=cls.template.id, ) if isinstance(list_template_response, list): break elif timeout == 0: raise Exception("List template failed!") time.sleep(5) timeout = timeout - 1 cls.debug("Verify template response to check whether template is present") if list_template_response is None: raise Exception("Check whether the VPN Client Template is available") template_response = list_template_response[0] if template_response.isready == False: raise Exception("Template state is not ready, it is %r" % template_response.isready) # Queue that holds all the VPN Client VMs Information cls.vpnclientvms = [] cls.debug("Deploy {0} VPN Clients in the account".format(int(cls.services["vpnclient_count"]))) for vm in xrange(0,int(cls.services["vpnclient_count"])): cls.debug("Deploy a new VM {0} in first account. This VM which will be configured as VPN Client".format(int(vm))) new_vpnclient_vm = VirtualMachine.create( cls.api_client_vpn_client_reg_user, cls.services["virtual_machine"], zoneid=cls.zone.id, serviceofferingid=cls.service_offering.id, templateid=cls.template.id, ) cls.debug("Add new VM {0} to the vpnclientvms Queue".format(int(vm))) cls.vpnclientvms.append(new_vpnclient_vm) cls.debug("Allow SSH Access to the new VPN Client VM {0}".format(int(vm))) new_vpnclient_vm.access_ssh_over_nat( cls.api_client_vpn_client_reg_user, cls.services, new_vpnclient_vm, allow_egress=True ) cls.debug("VM for VPNClient Access Got Created with Public IP Address %s" % new_vpnclient_vm.public_ip) cls.debug("Create or Use existing Account in which we deploy VPCs and test remote access to them from the First Account's VMs present on isolated Network") cls.api_client_vpn_server_reg_user = cloudstackTestClient.getUserApiClient( UserName="******", DomainName="ROOT" ) list_vpn_server_regular_user = User.list( cls.api_client, username="******" ) cls.debug("Procure the Account Name and DomainID Information of the Regular Account") cls.vpn_server_reg_acct_name = list_vpn_server_regular_user[0].account cls.vpn_server_reg_domain_id = list_vpn_server_regular_user[0].domainid list_vpn_server_regular_user_acct = Account.list( cls.api_client, name = cls.vpn_server_reg_acct_name, listall = True ) cls._cleanup.append(Account(list_vpn_server_regular_user_acct[0].__dict__)) cls.debug("Use an Existing 'VPC off-' Service Offering on the Setup") list_available_vpc_offerings = list_vpc_offerings( cls.api_client, keyword="VPC off-", ) if list_available_vpc_offerings is not None: cls.debug("Found an Existing 'VPC off-' Service Offering on the Setup") cls.vpc_offering = VpcOffering(list_available_vpc_offerings[0].__dict__) else: cls.debug("Creating a VPC offering..") cls.vpc_offering = VpcOffering.create( cls.api_client, cls.services["vpc_offering"] ) # Add the created VPC Offering to __cleanup queue cls._cleanup.append(cls.vpc_offering) # Enable to created VPC Offering inorder to deploy VPCs with it cls.debug("Enabling the VPC offering created") cls.vpc_offering.update(cls.api_client, state='Enabled') cls.debug("Enabled the VPC Offering") # Create a VPC for the second account cls.debug("Creating a VPC in the account: %s" % cls.vpn_server_reg_acct_name) cls.firstvpc = VPC.create( cls.api_client_vpn_server_reg_user, cls.services["vpc_remote_vpn"], vpcofferingid=cls.vpc_offering.id, zoneid=cls.zone.id ) cls.debug("Use an Existing 'NET_OFF-RemoteAccessVPNTest-' Network Offering on the Setup") list_available_network_offerings = list_network_offerings( cls.api_client, keyword="NET_OFF-RemoteAccessVPNTest-", ) if list_available_network_offerings is not None: cls.debug("Found an Existing 'NET_OFF-RemoteAccessVPNTest-' Network Offering on the Setup") cls.network_off = NetworkOffering(list_available_network_offerings[0].__dict__) else: cls.debug('Create NetworkOffering for Networks in VPC') cls.services["vpc_network_offering"]["name"] = "NET_OFF-RemoteAccessVPNTest-"+ random_gen() cls.network_off = NetworkOffering.create( cls.api_client, cls.services["vpc_network_offering"], conservemode=False ) # Add the created Network Offering to __cleanup queue cls._cleanup.append(cls.network_off) # Enable Network offering cls.network_off.update(cls.api_client, state='Enabled') cls.debug('Created and Enabled NetworkOffering') cls.services["network"]["name"] = "NETWORK-" + random_gen() # Create First Network Tier in the First VPC created for second account using the network offering created above. cls.debug('Adding Network=%s' % cls.services["network"]) cls.firstnetworktier = Network.create( cls.api_client_vpn_server_reg_user, cls.services["network"], networkofferingid=cls.network_off.id, zoneid=cls.zone.id, gateway=cls.services["firstnetwork_tier"]["gateway"], netmask=cls.services["firstnetwork_tier"]["netmask"], vpcid=cls.firstvpc.id ) cls.debug("Created network with ID: %s" % cls.firstnetworktier.id) # Create Ingress and Egress NetworkACL rules for First Network Tier in the First VPC created for second account. cls.debug("Adding NetworkACL rules to make Network accessible for all Protocols and all CIDRs ") NetworkACL.create( cls.api_client_vpn_server_reg_user, cls.services["all_rule"], networkid=cls.firstnetworktier.id, traffictype='Ingress' ) NetworkACL.create( cls.api_client_vpn_server_reg_user, cls.services["all_rule"], networkid=cls.firstnetworktier.id, traffictype='Egress' ) listFirstVPC = VPC.list( cls.api_client_vpn_server_reg_user, id=cls.firstvpc.id ) cls.debug("Information about the VPC: {0}".format(str(listFirstVPC))) cls.debug("Obtain the source nat IP Address of the first VPC.") cls.listFirstVPCPublicIpAddress = list_publicIP( cls.api_client_vpn_server_reg_user, issourcenat="true", vpcid=listFirstVPC[0].id, listall="true" ) cls.debug("Information about the VPC's Source NAT IP Address: {0}".format(str(cls.listFirstVPCPublicIpAddress))) cls.debug("Enable Remote Access VPN on the source nat Public IP Address of the first VPC") cls.FirstVPNonFirstVPC = Vpn.create( cls.api_client_vpn_server_reg_user, cls.listFirstVPCPublicIpAddress[0].id ) cls.debug("Successfully Created First VPN on VPC with preshared key:"+ cls.FirstVPNonFirstVPC.presharedkey) cls.listfirstNetworkTier = list_networks( cls.api_client_vpn_server_reg_user, id=cls.firstnetworktier.id, listall=True ) cls.debug("Create a VM using the default template on the First Network Tier in the First VPC of the Second Account") cls.vm1 = VirtualMachine.create( cls.api_client_vpn_server_reg_user, cls.services["virtual_machine"], zoneid=cls.zone.id, serviceofferingid=cls.service_offering.id, templateid=cls.template.id, networkids=[str(cls.firstnetworktier.id)] ) cls.debug("First VM deployed in the first Network Tier") except Exception as e: cleanup_resources(cls.api_client, cls._cleanup) printex = traceback.format_exc() cls.debug("Exception Occurred : {0}".format(printex)) raise Exception("Warning: Exception during Setting Up the Test Suite Configuration : %s" % e) return
def test_01_positive_tests_vm_operations_advanced_zone(self, value): """ Positive tests for VMLC test path - Advanced Zone # 1. List created service offering in setUpClass by name # 2. List registered template with name # 3. Create VM in account # 4. Enable networking for reaching to VM thorugh SSH # 5. Check VM accessibility through SSH # 6. Stop vm and verify vm is not accessible # 7. Start vm and verify vm is not accessible # 8. Reboot vm and verify vm is not accessible # 9. Destroy and recover VM # 10. Change service offering of VM to a different service offering # 11. Verify that the cpuspeed, cpunumber and memory of VM matches to # as specified in new service offering # 12. Start VM and verify VM accessibility # 13. Find suitable host for VM to migrate and migrate the VM # 14. Verify VM accessibility on new host """ # List created service offering in setUpClass by name listServiceOfferings = ServiceOffering.list( self.apiclient, name=self.service_offering_1.name, listall=True ) self.assertEqual(validateList(listServiceOfferings)[0], PASS, "List validation failed for service offerings list") self.assertEqual(listServiceOfferings[0].name, self.service_offering_1.name, "Names of created service offering\ and listed service offering not matching") # List registered template with name listTemplates = Template.list( self.userapiclient, templatefilter="self", name=self.template.name, listall=True, zone=self.zone.id) self.assertEqual(validateList(listTemplates)[0], PASS, "List validation failed for templates list") self.assertEqual(listTemplates[0].name, self.template.name, "Names of created template and listed template\ not matching") network = CreateNetwork(self, value) # Create VM in account self.virtual_machine = VirtualMachine.create( self.userapiclient, self.testdata["small"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering_1.id, networkids=[network.id, ], zoneid=self.zone.id ) self.cleanup.append(self.virtual_machine) publicip = PublicIPAddress.create( self.userapiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpcid ) if value == VPC_NETWORK: lb_rule = LoadBalancerRule.create( self.apiclient, self.testdata["vpclbrule"], ipaddressid=publicip.ipaddress.id, accountid=self.account.name, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpcid ) lb_rule.assign(self.apiclient, [self.virtual_machine]) # Opening up the ports in VPC NetworkACL.create( self.apiclient, networkid=network.id, services=self.testdata["natrule"], traffictype='Ingress' ) elif value == ISOLATED_NETWORK: FireWallRule.create( self.userapiclient, ipaddressid=publicip.ipaddress.id, protocol='TCP', cidrlist=[self.testdata["fwrule"]["cidr"]], startport=self.testdata["fwrule"]["startport"], endport=self.testdata["fwrule"]["endport"] ) NATRule.create( self.userapiclient, self.virtual_machine, self.testdata["natrule"], ipaddressid=publicip.ipaddress.id, networkid=network.id ) # Check VM accessibility try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Stop VM and verify VM is not accessible self.virtual_machine.stop(self.userapiclient) with self.assertRaises(Exception): SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password, retries=0) # Start VM and verify that it is accessible self.virtual_machine.start(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Reboot VM and verify that it is accessible self.virtual_machine.reboot(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Destroy and recover VM self.virtual_machine.delete(self.apiclient, expunge=False) self.virtual_machine.recover(self.apiclient) # Change service offering of VM and verify that it is changed self.virtual_machine.change_service_offering( self.userapiclient, serviceOfferingId=self.service_offering_2.id ) VerifyChangeInServiceOffering(self, self.virtual_machine, self.service_offering_2) # Start VM and verify that it is accessible self.virtual_machine.start(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) return
def setUpClass(cls): cls._cleanup = [] cls.testClient = super(TestVPCRouterOneNetwork, cls).getClsTestClient() cls.api_client = cls.testClient.getApiClient() cls.hypervisor = cls.testClient.getHypervisorInfo() cls.vpcSupported = True cls._cleanup = [] cls.services = Services().services # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client) cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests()) cls.template = get_template(cls.api_client, cls.zone.id, cls.services["ostype"]) cls.services["virtual_machine"]["zoneid"] = cls.zone.id cls.services["virtual_machine"]["template"] = cls.template.id cls.service_offering = ServiceOffering.create( cls.api_client, cls.services["service_offering"]) cls._cleanup.append(cls.service_offering) cls.vpc_off = VpcOffering.create(cls.api_client, cls.services["vpc_offering"]) cls.vpc_off.update(cls.api_client, state='Enabled') cls._cleanup.append(cls.vpc_off) cls.account = Account.create(cls.api_client, cls.services["account"], admin=True, domainid=cls.domain.id) cls._cleanup.insert(0, cls.account) cls.services["vpc"]["cidr"] = '10.1.1.1/16' cls.vpc = VPC.create(cls.api_client, cls.services["vpc"], vpcofferingid=cls.vpc_off.id, zoneid=cls.zone.id, account=cls.account.name, domainid=cls.account.domainid) private_gateway = PrivateGateway.create(cls.api_client, gateway='10.1.3.1', ipaddress='10.1.3.100', netmask='255.255.255.0', vlan=678, vpcid=cls.vpc.id) cls.gateways = PrivateGateway.list(cls.api_client, id=private_gateway.id, listall=True) static_route = StaticRoute.create(cls.api_client, cidr='11.1.1.1/24', gatewayid=private_gateway.id) cls.static_routes = StaticRoute.list(cls.api_client, id=static_route.id, listall=True) cls.nw_off = NetworkOffering.create(cls.api_client, cls.services["network_offering"], conservemode=False) # Enable Network offering cls.nw_off.update(cls.api_client, state='Enabled') cls._cleanup.append(cls.nw_off) # Creating network using the network offering created cls.network_1 = Network.create(cls.api_client, cls.services["network"], accountid=cls.account.name, domainid=cls.account.domainid, networkofferingid=cls.nw_off.id, zoneid=cls.zone.id, gateway='10.1.1.1', vpcid=cls.vpc.id) # Spawn an instance in that network vm_1 = VirtualMachine.create(cls.api_client, cls.services["virtual_machine"], accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[str(cls.network_1.id)]) vm_2 = VirtualMachine.create(cls.api_client, cls.services["virtual_machine"], accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[str(cls.network_1.id)]) # Spawn an instance in that network vm_3 = VirtualMachine.create(cls.api_client, cls.services["virtual_machine"], accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[str(cls.network_1.id)]) VirtualMachine.list(cls.api_client, account=cls.account.name, domainid=cls.account.domainid, listall=True) public_ip_1 = PublicIPAddress.create(cls.api_client, accountid=cls.account.name, zoneid=cls.zone.id, domainid=cls.account.domainid, networkid=cls.network_1.id, vpcid=cls.vpc.id) NATRule.create(cls.api_client, vm_1, cls.services["natrule"], ipaddressid=public_ip_1.ipaddress.id, openfirewall=False, networkid=cls.network_1.id, vpcid=cls.vpc.id) NetworkACL.create(cls.api_client, networkid=cls.network_1.id, services=cls.services["natrule"], traffictype='Ingress') public_ip_2 = PublicIPAddress.create(cls.api_client, accountid=cls.account.name, zoneid=cls.zone.id, domainid=cls.account.domainid, networkid=cls.network_1.id, vpcid=cls.vpc.id) try: StaticNATRule.enable(cls.api_client, ipaddressid=public_ip_2.ipaddress.id, virtualmachineid=vm_2.id, networkid=cls.network_1.id) except Exception as e: cls.fail("Failed to enable static NAT on IP: %s - %s" % (public_ip_2.ipaddress.ipaddress, e)) PublicIPAddress.list(cls.api_client, networkid=cls.network_1.id, listall=True, isstaticnat=True, account=cls.account.name, domainid=cls.account.domainid) public_ip_3 = PublicIPAddress.create(cls.api_client, accountid=cls.account.name, zoneid=cls.zone.id, domainid=cls.account.domainid, networkid=cls.network_1.id, vpcid=cls.vpc.id) lb_rule = LoadBalancerRule.create(cls.api_client, cls.services["lbrule"], ipaddressid=public_ip_3.ipaddress.id, accountid=cls.account.name, networkid=cls.network_1.id, vpcid=cls.vpc.id, domainid=cls.account.domainid) lb_rule.assign(cls.api_client, [vm_3]) NetworkACL.create(cls.api_client, networkid=cls.network_1.id, services=cls.services["lbrule"], traffictype='Ingress') NetworkACL.create(cls.api_client, networkid=cls.network_1.id, services=cls.services["http_rule"], traffictype='Egress')
def test_03_deploy_vms_in_vpc_with_regionlevelvpc(self): """Test deploy virtual machines in VPC networks""" # 1. Create VPC Offering by specifying all supported Services # (Vpn,dhcpdns,UserData, SourceNat,Static NAT and PF,LB,NetworkAcl) # 2. Create a VPC using the above VPC offering # 3. Create a network as part of this VPC. # 4. Deploy few Vms. # 5. Create a LB rule for this VM. # 6. Create a PF rule for this VM. # 7. Create a Static Nat rule for this VM. # 8. Create Ingress rules on the network to open the above created # LB PF and Static Nat rule # 9. Create Egress Network ACL for this network to access google.com. # 10. Enable VPN services if not self.isOvsPluginEnabled: self.skipTest("OVS plugin should be enabled to run this test case") self.debug("Creating a VPC offering..") vpc_off = VpcOffering.create( self.apiclient, self.services["vpc_offering"] ) vpc_off.update(self.apiclient, state='Enabled') self.debug("creating a VPC network in the account: %s" % self.account.name) vpc = VPC.create( self.apiclient, self.services["vpc"], vpcofferingid=vpc_off.id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid, networkDomain=self.account.domainid ) self.validate_vpc_network(vpc) self.network_offering = NetworkOffering.create( self.apiclient, self.services["network_offering"], conservemode=False ) # Enable Network offering self.network_offering.update(self.apiclient, state='Enabled') gateway = vpc.cidr.split('/')[0] # Split the cidr to retrieve gateway # for eg. cidr = 10.0.0.1/24 # Gateway = 10.0.0.1 # Creating network using the network offering created self.debug("Creating network with network offering: %s" % self.network_offering.id) network = Network.create( self.apiclient, self.services["network"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, gateway=gateway, vpcid=vpc.id ) self.debug("Created network with ID: %s" % network.id) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=[str(network.id)] ) self.debug("Deployed VM in network: %s" % network.id) self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id ) self.debug("Associated %s with network %s" % ( public_ip.ipaddress.ipaddress, network.id )) self.debug("Creating LB rule for IP address: %s" % public_ip.ipaddress.ipaddress) LoadBalancerRule.create( self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name, networkid=network.id, vpcid=vpc.id, domainid=self.account.domainid ) self.debug("Associating public IP for network: %s" % vpc.name) public_ip_2 = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id ) self.debug("Associated %s with network %s" % ( public_ip_2.ipaddress.ipaddress, network.id )) NATRule.create( self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip_2.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=vpc.id ) self.debug("Adding NetwrokACl rules to make PF and LB accessible") NetworkACL.create( self.apiclient, networkid=network.id, services=self.services["natrule"], traffictype='Ingress' ) NetworkACL.create( self.apiclient, networkid=network.id, services=self.services["lbrule"], traffictype='Ingress' ) self.debug("Checking if we can SSH into VM?") try: virtual_machine.get_ssh_client( ipaddress=public_ip_2.ipaddress.ipaddress, ) self.debug("SSH into VM is successfully") except Exception as e: self.fail("Failed to SSH into VM - %s, %s" % (public_ip_2.ipaddress.ipaddress, e)) self.debug("Associating public IP for network: %s" % network.name) public_ip_3 = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id ) self.debug("Associated %s with network %s" % ( public_ip_3.ipaddress.ipaddress, network.id )) self.debug("Enabling static NAT for IP: %s" % public_ip_3.ipaddress.ipaddress) try: StaticNATRule.enable( self.apiclient, ipaddressid=public_ip_3.ipaddress.id, virtualmachineid=virtual_machine.id, networkid=network.id ) self.debug("Static NAT enabled for IP: %s" % public_ip_3.ipaddress.ipaddress) except Exception as e: self.fail("Failed to enable static NAT on IP: %s - %s" % ( public_ip_3.ipaddress.ipaddress, e)) public_ips = PublicIPAddress.list( self.apiclient, networkid=network.id, listall=True, isstaticnat=True, account=self.account.name, domainid=self.account.domainid ) self.assertEqual( isinstance(public_ips, list), True, "List public Ip for network should list the Ip addr" ) self.assertEqual( public_ips[0].ipaddress, public_ip_3.ipaddress.ipaddress, "List public Ip for network should list the Ip addr" ) # TODO: Remote Access VPN is not yet supported in VPC return
def setUpClass(cls): cls._cleanup = [] cls.testClient = super(TestVPCRouterOneNetwork, cls).getClsTestClient() cls.api_client = cls.testClient.getApiClient() cls.hypervisor = cls.testClient.getHypervisorInfo() cls.vpcSupported = True cls._cleanup = [] cls.services = Services().services # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client) cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests()) cls.template = get_template( cls.api_client, cls.zone.id, cls.services["ostype"] ) cls.services["virtual_machine"]["zoneid"] = cls.zone.id cls.services["virtual_machine"]["template"] = cls.template.id cls.service_offering = ServiceOffering.create( cls.api_client, cls.services["service_offering"] ) cls._cleanup.append(cls.service_offering) cls.vpc_off = VpcOffering.create( cls.api_client, cls.services["vpc_offering"] ) cls.vpc_off.update(cls.api_client, state='Enabled') cls._cleanup.append(cls.vpc_off) cls.account = Account.create( cls.api_client, cls.services["account"], admin=True, domainid=cls.domain.id ) cls._cleanup.insert(0, cls.account) cls.services["vpc"]["cidr"] = '10.1.1.1/16' cls.vpc = VPC.create( cls.api_client, cls.services["vpc"], vpcofferingid=cls.vpc_off.id, zoneid=cls.zone.id, account=cls.account.name, domainid=cls.account.domainid ) private_gateway = PrivateGateway.create( cls.api_client, gateway='10.1.3.1', ipaddress='10.1.3.100', netmask='255.255.255.0', vlan=678, vpcid=cls.vpc.id ) cls.gateways = PrivateGateway.list( cls.api_client, id=private_gateway.id, listall=True ) static_route = StaticRoute.create( cls.api_client, cidr='11.1.1.1/24', gatewayid=private_gateway.id ) cls.static_routes = StaticRoute.list( cls.api_client, id=static_route.id, listall=True ) cls.nw_off = NetworkOffering.create( cls.api_client, cls.services["network_offering"], conservemode=False ) # Enable Network offering cls.nw_off.update(cls.api_client, state='Enabled') cls._cleanup.append(cls.nw_off) # Creating network using the network offering created cls.network_1 = Network.create( cls.api_client, cls.services["network"], accountid=cls.account.name, domainid=cls.account.domainid, networkofferingid=cls.nw_off.id, zoneid=cls.zone.id, gateway='10.1.1.1', vpcid=cls.vpc.id ) # Spawn an instance in that network vm_1 = VirtualMachine.create( cls.api_client, cls.services["virtual_machine"], accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[str(cls.network_1.id)] ) vm_2 = VirtualMachine.create( cls.api_client, cls.services["virtual_machine"], accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[str(cls.network_1.id)] ) # Spawn an instance in that network vm_3 = VirtualMachine.create( cls.api_client, cls.services["virtual_machine"], accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[str(cls.network_1.id)] ) VirtualMachine.list( cls.api_client, account=cls.account.name, domainid=cls.account.domainid, listall=True ) public_ip_1 = PublicIPAddress.create( cls.api_client, accountid=cls.account.name, zoneid=cls.zone.id, domainid=cls.account.domainid, networkid=cls.network_1.id, vpcid=cls.vpc.id ) NATRule.create( cls.api_client, vm_1, cls.services["natrule"], ipaddressid=public_ip_1.ipaddress.id, openfirewall=False, networkid=cls.network_1.id, vpcid=cls.vpc.id ) NetworkACL.create( cls.api_client, networkid=cls.network_1.id, services=cls.services["natrule"], traffictype='Ingress' ) public_ip_2 = PublicIPAddress.create( cls.api_client, accountid=cls.account.name, zoneid=cls.zone.id, domainid=cls.account.domainid, networkid=cls.network_1.id, vpcid=cls.vpc.id ) try: StaticNATRule.enable( cls.api_client, ipaddressid=public_ip_2.ipaddress.id, virtualmachineid=vm_2.id, networkid=cls.network_1.id ) except Exception as e: cls.fail("Failed to enable static NAT on IP: %s - %s" % ( public_ip_2.ipaddress.ipaddress, e)) PublicIPAddress.list( cls.api_client, networkid=cls.network_1.id, listall=True, isstaticnat=True, account=cls.account.name, domainid=cls.account.domainid ) public_ip_3 = PublicIPAddress.create( cls.api_client, accountid=cls.account.name, zoneid=cls.zone.id, domainid=cls.account.domainid, networkid=cls.network_1.id, vpcid=cls.vpc.id ) lb_rule = LoadBalancerRule.create( cls.api_client, cls.services["lbrule"], ipaddressid=public_ip_3.ipaddress.id, accountid=cls.account.name, networkid=cls.network_1.id, vpcid=cls.vpc.id, domainid=cls.account.domainid ) lb_rule.assign(cls.api_client, [vm_3]) NetworkACL.create( cls.api_client, networkid=cls.network_1.id, services=cls.services["lbrule"], traffictype='Ingress' ) NetworkACL.create( cls.api_client, networkid=cls.network_1.id, services=cls.services["http_rule"], traffictype='Egress' )
def test_01_positive_tests_vm_operations_advanced_zone(self, value): """ Positive tests for VMLC test path - Advanced Zone # 1. List created service offering in setUpClass by name # 2. List registered template with name # 3. Create VM in account # 4. Enable networking for reaching to VM thorugh SSH # 5. Check VM accessibility through SSH # 6. Stop vm and verify vm is not accessible # 7. Start vm and verify vm is not accessible # 8. Reboot vm and verify vm is not accessible # 9. Destroy and recover VM # 10. Change service offering of VM to a different service offering # 11. Verify that the cpuspeed, cpunumber and memory of VM matches to # as specified in new service offering # 12. Start VM and verify VM accessibility # 13. Find suitable host for VM to migrate and migrate the VM # 14. Verify VM accessibility on new host """ # List created service offering in setUpClass by name listServiceOfferings = ServiceOffering.list( self.apiclient, name=self.service_offering_1.name, listall=True) self.assertEqual( validateList(listServiceOfferings)[0], PASS, "List validation failed for service offerings list") self.assertEqual( listServiceOfferings[0].name, self.service_offering_1.name, "Names of created service offering\ and listed service offering not matching") # List registered template with name listTemplates = Template.list(self.userapiclient, templatefilter="self", name=self.template.name, listall=True, zone=self.zone.id) self.assertEqual( validateList(listTemplates)[0], PASS, "List validation failed for templates list") self.assertEqual( listTemplates[0].name, self.template.name, "Names of created template and listed template\ not matching") network = CreateNetwork(self, value) # Create VM in account self.virtual_machine = VirtualMachine.create( self.userapiclient, self.testdata["small"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering_1.id, networkids=[ network.id, ], zoneid=self.zone.id) self.cleanup.append(self.virtual_machine) publicip = PublicIPAddress.create(self.userapiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpcid) if value == VPC_NETWORK: lb_rule = LoadBalancerRule.create( self.apiclient, self.testdata["vpclbrule"], ipaddressid=publicip.ipaddress.id, accountid=self.account.name, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpcid) lb_rule.assign(self.apiclient, [self.virtual_machine]) # Opening up the ports in VPC NetworkACL.create(self.apiclient, networkid=network.id, services=self.testdata["natrule"], traffictype='Ingress') elif value == ISOLATED_NETWORK: FireWallRule.create(self.userapiclient, ipaddressid=publicip.ipaddress.id, protocol='TCP', cidrlist=[self.testdata["fwrule"]["cidr"]], startport=self.testdata["fwrule"]["startport"], endport=self.testdata["fwrule"]["endport"]) NATRule.create(self.userapiclient, self.virtual_machine, self.testdata["natrule"], ipaddressid=publicip.ipaddress.id, networkid=network.id) # Check VM accessibility try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Stop VM and verify VM is not accessible self.virtual_machine.stop(self.userapiclient) with self.assertRaises(Exception): SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password, retries=0) # Start VM and verify that it is accessible self.virtual_machine.start(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Reboot VM and verify that it is accessible self.virtual_machine.reboot(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Destroy and recover VM self.virtual_machine.delete(self.apiclient, expunge=False) self.virtual_machine.recover(self.apiclient) # Change service offering of VM and verify that it is changed self.virtual_machine.change_service_offering( self.userapiclient, serviceOfferingId=self.service_offering_2.id) VerifyChangeInServiceOffering(self, self.virtual_machine, self.service_offering_2) # Start VM and verify that it is accessible self.virtual_machine.start(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) return
def test_03_deploy_vms_in_vpc_with_regionlevelvpc(self): """Test deploy virtual machines in VPC networks""" # 1. Create VPC Offering by specifying all supported Services # (Vpn,dhcpdns,UserData, SourceNat,Static NAT and PF,LB,NetworkAcl) # 2. Create a VPC using the above VPC offering # 3. Create a network as part of this VPC. # 4. Deploy few Vms. # 5. Create a LB rule for this VM. # 6. Create a PF rule for this VM. # 7. Create a Static Nat rule for this VM. # 8. Create Ingress rules on the network to open the above created # LB PF and Static Nat rule # 9. Create Egress Network ACL for this network to access google.com. # 10. Enable VPN services if not self.isOvsPluginEnabled: self.skipTest("OVS plugin should be enabled to run this test case") self.debug("Creating a VPC offering..") vpc_off = VpcOffering.create(self.apiclient, self.services["vpc_offering"]) vpc_off.update(self.apiclient, state='Enabled') self.debug("creating a VPC network in the account: %s" % self.account.name) vpc = VPC.create(self.apiclient, self.services["vpc"], vpcofferingid=vpc_off.id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid, networkDomain=self.account.domainid) self.validate_vpc_network(vpc) self.network_offering = NetworkOffering.create( self.apiclient, self.services["network_offering"], conservemode=False) # Enable Network offering self.network_offering.update(self.apiclient, state='Enabled') gateway = vpc.cidr.split('/')[0] # Split the cidr to retrieve gateway # for eg. cidr = 10.0.0.1/24 # Gateway = 10.0.0.1 # Creating network using the network offering created self.debug("Creating network with network offering: %s" % self.network_offering.id) network = Network.create(self.apiclient, self.services["network"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, gateway=gateway, vpcid=vpc.id) self.debug("Created network with ID: %s" % network.id) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=[str(network.id)]) self.debug("Deployed VM in network: %s" % network.id) self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) self.debug("Creating LB rule for IP address: %s" % public_ip.ipaddress.ipaddress) LoadBalancerRule.create(self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name, networkid=network.id, vpcid=vpc.id, domainid=self.account.domainid) self.debug("Associating public IP for network: %s" % vpc.name) public_ip_2 = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id) self.debug("Associated %s with network %s" % (public_ip_2.ipaddress.ipaddress, network.id)) NATRule.create(self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip_2.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=vpc.id) self.debug("Adding NetwrokACl rules to make PF and LB accessible") NetworkACL.create(self.apiclient, networkid=network.id, services=self.services["natrule"], traffictype='Ingress') NetworkACL.create(self.apiclient, networkid=network.id, services=self.services["lbrule"], traffictype='Ingress') self.debug("Checking if we can SSH into VM?") try: virtual_machine.get_ssh_client( ipaddress=public_ip_2.ipaddress.ipaddress, ) self.debug("SSH into VM is successfully") except Exception as e: self.fail("Failed to SSH into VM - %s, %s" % (public_ip_2.ipaddress.ipaddress, e)) self.debug("Associating public IP for network: %s" % network.name) public_ip_3 = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id) self.debug("Associated %s with network %s" % (public_ip_3.ipaddress.ipaddress, network.id)) self.debug("Enabling static NAT for IP: %s" % public_ip_3.ipaddress.ipaddress) try: StaticNATRule.enable(self.apiclient, ipaddressid=public_ip_3.ipaddress.id, virtualmachineid=virtual_machine.id, networkid=network.id) self.debug("Static NAT enabled for IP: %s" % public_ip_3.ipaddress.ipaddress) except Exception as e: self.fail("Failed to enable static NAT on IP: %s - %s" % (public_ip_3.ipaddress.ipaddress, e)) public_ips = PublicIPAddress.list(self.apiclient, networkid=network.id, listall=True, isstaticnat=True, account=self.account.name, domainid=self.account.domainid) self.assertEqual(isinstance(public_ips, list), True, "List public Ip for network should list the Ip addr") self.assertEqual(public_ips[0].ipaddress, public_ip_3.ipaddress.ipaddress, "List public Ip for network should list the Ip addr") # TODO: Remote Access VPN is not yet supported in VPC return