示例#1
0
 def create_network_acl_list(self, name, description, vpc):
     self.debug("Adding NetworkACL list in VPC: %s" % vpc.id)
     return NetworkACLList.create(self.api_client,
                                  services={},
                                  name=name,
                                  description=description,
                                  vpcid=vpc.id)
示例#2
0
    def test_vpcnetwork_nuage(self):
        """Test network VPC for Nuage"""

        # 1) Create VPC with Nuage VPC offering
        vpcOffering = VpcOffering.list(self.apiclient,
                                       name="Nuage VSP VPC offering")
        self.assert_(vpcOffering is not None and len(vpcOffering) > 0,
                     "Nuage VPC offering not found")
        vpc = VPC.create(apiclient=self.apiclient,
                         services=self.services["vpc"],
                         networkDomain="vpc.networkacl",
                         vpcofferingid=vpcOffering[0].id,
                         zoneid=self.zone.id,
                         account=self.account.name,
                         domainid=self.account.domainid)
        self.assert_(vpc is not None, "VPC creation failed")

        # 2) Create ACL
        aclgroup = NetworkACLList.create(apiclient=self.apiclient,
                                         services={},
                                         name="acl",
                                         description="acl",
                                         vpcid=vpc.id)
        self.assertIsNotNone(aclgroup, "Failed to create NetworkACL list")
        self.debug("Created a network ACL list %s" % aclgroup.name)

        # 3) Create ACL Item
        aclitem = NetworkACL.create(apiclient=self.apiclient,
                                    services={},
                                    protocol="TCP",
                                    number="10",
                                    action="Deny",
                                    aclid=aclgroup.id,
                                    cidrlist=["0.0.0.0/0"])
        self.assertIsNotNone(aclitem, "Network failed to aclItem")
        self.debug("Added a network ACL %s to ACL list %s" %
                   (aclitem.id, aclgroup.name))

        # 4) Create network with ACL
        nwNuage = Network.create(self.apiclient,
                                 self.services["vpcnetwork"],
                                 accountid=self.account.name,
                                 domainid=self.account.domainid,
                                 networkofferingid=self.network_offering.id,
                                 zoneid=self.zone.id,
                                 vpcid=vpc.id,
                                 aclid=aclgroup.id,
                                 gateway='10.1.0.1')
        self.debug("Network %s created in VPC %s" % (nwNuage.id, vpc.id))

        # 5) Deploy a vm
        vm = VirtualMachine.create(self.apiclient,
                                   self.services["virtual_machine"],
                                   accountid=self.account.name,
                                   domainid=self.account.domainid,
                                   serviceofferingid=self.service_offering.id,
                                   networkids=[str(nwNuage.id)])
        self.assert_(vm is not None, "VM failed to deploy")
        self.assert_(vm.state == 'Running', "VM is not running")
        self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id))
示例#3
0
    def create_network_tier(self, name, vpcid, gateway, network_offering):
        self.services["network"]["name"] = name
        self.services["network"]["displaytext"] = name

        default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0]

        try:
            network = Network.create(
                apiclient=self.apiclient,
                services=self.services["network"],
                accountid=self.account.name,
                domainid=self.domain.id,
                networkofferingid=network_offering.id,
                zoneid=self.zone.id,
                vpcid=vpcid,
                gateway=gateway,
                netmask=self.services["network"]["netmask"],
                aclid=default_acl.id
            )

            self.assertIsNotNone(network, "Network failed to create")
            self.logger.debug(
                "Created network %s in VPC %s" % (network.id, vpcid))

            self.cleanup.insert(0, network)
            return network

        except Exception as e:
            raise Exception("Create network failed: %s" % e)
示例#4
0
    def create_network_tier(self, name, vpcid, gateway, network_offering):
        self.services["network"]["name"] = name
        self.services["network"]["displaytext"] = name

        default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0]

        try:
            network = Network.create(
                apiclient=self.apiclient,
                services=self.services["network"],
                accountid=self.account.name,
                domainid=self.domain.id,
                networkofferingid=network_offering.id,
                zoneid=self.zone.id,
                vpcid=vpcid,
                gateway=gateway,
                netmask=self.services["network"]["netmask"],
                aclid=default_acl.id
            )

            self.assertIsNotNone(network, "Network failed to create")
            self.logger.debug(
                "Created network %s in VPC %s" % (network.id, vpcid))

            self.cleanup.insert(0, network)
            return network

        except Exception as e:
            raise Exception("Create network failed: %s" % e)
示例#5
0
 def create_NetworkAclList(self, name, description, vpc):
     self.debug("Adding NetworkACL list in VPC with ID - %s" % vpc.id)
     return NetworkACLList.create(self.api_client,
                                  services={},
                                  name=name,
                                  description=description,
                                  vpcid=vpc.id
                                  )
示例#6
0
    def define_custom_acl(self):

        acl1 = NetworkACLList.create(self.api_client,
                                     self.attributes['acls']['acl1'],
                                     vpcid=self.vpc1.id)

        NetworkACL.create(self.api_client,
                          self.attributes['acls']['acl1']['entries']['entry1'],
                          networkid=self.network1.id,
                          aclid=acl1.id)

        try:
            command = replaceNetworkACLList.replaceNetworkACLListCmd()
            command.aclid = acl1.id
            command.gatewayid = self.private_gateway1.id
            response = self.api_client.replaceNetworkACLList(command)

        except Exception as e:
            raise Exception("Exception: %s" % e)

        self.assertTrue(response.success)
        self.logger.debug("Private Gateway '%s' ACL replaced",
                          self.private_gateway1.ipaddress)

        acl2 = NetworkACLList.create(self.api_client,
                                     self.attributes['acls']['acl2'],
                                     vpcid=self.vpc2.id)

        NetworkACL.create(self.api_client,
                          self.attributes['acls']['acl2']['entries']['entry2'],
                          networkid=self.network2.id,
                          aclid=acl2.id)

        try:
            command2 = replaceNetworkACLList.replaceNetworkACLListCmd()
            command2.aclid = acl2.id
            command2.gatewayid = self.private_gateway2.id
            response2 = self.api_client.replaceNetworkACLList(command2)

        except Exception as e:
            raise Exception("Exception: %s" % e)

        self.assertTrue(response2.success)
        self.logger.debug("Private Gateway '%s' ACL replaced",
                          self.private_gateway2.ipaddress)
    def define_custom_acl(self):

        acl1 = NetworkACLList.create(self.api_client,
            self.attributes['acls']['acl1'],
            vpcid=self.vpc1.id)

        NetworkACL.create(self.api_client,
            self.attributes['acls']['acl1']['entries']['entry1'],
            networkid=self.network1.id,
            aclid=acl1.id)

        try:
            command = replaceNetworkACLList.replaceNetworkACLListCmd()
            command.aclid = acl1.id
            command.gatewayid = self.private_gateway1.id
            response = self.api_client.replaceNetworkACLList(command)

        except Exception as e:
            raise Exception("Exception: %s" % e)

        self.assertTrue(response.success)
        self.logger.debug("Private Gateway '%s' ACL replaced", self.private_gateway1.ipaddress)

        acl2 = NetworkACLList.create(self.api_client,
            self.attributes['acls']['acl2'],
            vpcid=self.vpc2.id)

        NetworkACL.create(self.api_client,
            self.attributes['acls']['acl2']['entries']['entry2'],
            networkid=self.network2.id,
            aclid=acl2.id)

        try:
            command2 = replaceNetworkACLList.replaceNetworkACLListCmd()
            command2.aclid = acl2.id
            command2.gatewayid = self.private_gateway2.id
            response2 = self.api_client.replaceNetworkACLList(command2)

        except Exception as e:
            raise Exception("Exception: %s" % e)

        self.assertTrue(response2.success)
        self.logger.debug("Private Gateway '%s' ACL replaced", self.private_gateway2.ipaddress)
示例#8
0
    def deploy_acl(self, acl_data, vpc):
        self.logger.debug('>>>  ACL  =>  Creating "%s"...', acl_data['name'])
        acl = NetworkACLList.create(api_client=self.api_client,
                                    data=acl_data,
                                    vpc=vpc)

        self.logger.debug('>>>  ACL  =>  ID: %s  =>  Name: %s  =>  VPC: %s',
                          acl.id, acl.name, acl.vpcid)

        self.deploy_rules(acl_data['rules'], acl)
    def deploy_acl(self, acl_data, vpc):
        self.logger.debug('>>>  ACL  =>  Creating "%s"...', acl_data['name'])
        acl = NetworkACLList.create(
            api_client=self.api_client,
            data=acl_data,
            vpc=vpc
        )

        self.logger.debug('>>>  ACL  =>  ID: %s  =>  Name: %s  =>  VPC: %s', acl.id, acl.name, acl.vpcid)

        self.deploy_rules(acl_data['rules'], acl)
    def test_vpcnetwork_nuage(self):
        """Test network VPC for Nuage"""

        # 1) Create VPC with Nuage VPC offering
        vpcOffering = VpcOffering.list(self.apiclient,name="Nuage VSP VPC offering")
        self.assert_(vpcOffering is not None and len(vpcOffering)>0, "Nuage VPC offering not found")
        vpc = VPC.create(
                apiclient=self.apiclient,
                services=self.services["vpc"],
                networkDomain="vpc.networkacl",
                vpcofferingid=vpcOffering[0].id,
                zoneid=self.zone.id,
                account=self.account.name,
                domainid=self.account.domainid
        )
        self.assert_(vpc is not None, "VPC creation failed")

        # 2) Create ACL
        aclgroup = NetworkACLList.create(apiclient=self.apiclient, services={}, name="acl", description="acl", vpcid=vpc.id)
        self.assertIsNotNone(aclgroup, "Failed to create NetworkACL list")
        self.debug("Created a network ACL list %s" % aclgroup.name)

        # 3) Create ACL Item
        aclitem = NetworkACL.create(apiclient=self.apiclient, services={},
            protocol="TCP", number="10", action="Deny", aclid=aclgroup.id, cidrlist=["0.0.0.0/0"])
        self.assertIsNotNone(aclitem, "Network failed to aclItem")
        self.debug("Added a network ACL %s to ACL list %s" % (aclitem.id, aclgroup.name))

        # 4) Create network with ACL
        nwNuage = Network.create(
            self.apiclient,
            self.services["vpcnetwork"],
            accountid=self.account.name,
            domainid=self.account.domainid,
            networkofferingid=self.network_offering.id,
            zoneid=self.zone.id,
            vpcid=vpc.id,
            aclid=aclgroup.id,
            gateway='10.1.0.1'
        )
        self.debug("Network %s created in VPC %s" %(nwNuage.id, vpc.id))

        # 5) Deploy a vm
        vm = VirtualMachine.create(
            self.apiclient,
            self.services["virtual_machine"],
            accountid=self.account.name,
            domainid=self.account.domainid,
            serviceofferingid=self.service_offering.id,
            networkids=[str(nwNuage.id)]
        )
        self.assert_(vm is not None, "VM failed to deploy")
        self.assert_(vm.state == 'Running', "VM is not running")
        self.debug("VM %s deployed in VPC %s" %(vm.id, vpc.id))
    def define_custom_acl(self, acl_config, acl_entry_config):

        acl = NetworkACLList.create(self.api_client,
            self.attributes['acls'][acl_config],
            vpcid=self.vpc1.id)

        NetworkACL.create(self.api_client,
            self.attributes['acls'][acl_config]['entries'][acl_entry_config],
            networkid=self.network1.id,
            aclid=acl.id)

        self.define_acl(acl)
示例#12
0
    def define_custom_acl(self, acl_config, acl_entry_config):

        acl = NetworkACLList.create(self.api_client,
            self.attributes['acls'][acl_config],
            vpcid=self.vpc1.id)

        NetworkACL.create(self.api_client,
            self.attributes['acls'][acl_config]['entries'][acl_entry_config],
            networkid=self.network1.id,
            aclid=acl.id)

        self.define_acl(acl)
    def deploy_network_acl_list(self, acl_list_name, acl_config, network=None, vpc=None):

        if network:
            networkid=network.id
            if network.vpcid:
                vpcid=network.vpcid

        acl_list = NetworkACLList.create(self.api_client, name=acl_list_name, services=[], vpcid=vpcid, vpc=vpc)

        NetworkACL.create(self.api_client,
                          acl_config,
                          networkid=networkid,
                          aclid=acl_list.id)

        return acl_list
示例#14
0
    def deploy_network_acl_list(self,
                                acl_list_name,
                                acl_config,
                                network=None,
                                vpc=None):

        if network:
            networkid = network.id
            if network.vpcid:
                vpcid = network.vpcid

        acl_list = NetworkACLList.create(self.api_client,
                                         name=acl_list_name,
                                         services=[],
                                         vpcid=vpcid,
                                         vpc=vpc)

        NetworkACL.create(self.api_client,
                          acl_config,
                          networkid=networkid,
                          aclid=acl_list.id)

        return acl_list
示例#15
0
    def test_vpc_site2site_vpn(self):
        """Test VPN in VPC"""

        # 0) Get the default network offering for VPC
        networkOffering = NetworkOffering.list(
            self.apiclient,
            name="DefaultIsolatedNetworkOfferingForVpcNetworks")
        self.assert_(networkOffering is not None and len(networkOffering) > 0,
                     "No VPC based network offering")

        # 1) Create VPC offering
        vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
        self.assert_(vpcOffering is not None and len(vpcOffering) > 0,
                     "No VPC offerings found")

        # Create VPC 1
        try:
            vpc1 = VPC.create(apiclient=self.apiclient,
                              services=self.services["vpc"],
                              networkDomain="vpc1.vpn",
                              vpcofferingid=vpcOffering[0].id,
                              zoneid=self.zone.id,
                              account=self.account.name,
                              domainid=self.domain.id)
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vpc1 is not None, "VPC1 creation failed")

        self.logger.debug("VPC1 %s created" % (vpc1.id))

        # Create VPC 2
        try:
            vpc2 = VPC.create(apiclient=self.apiclient,
                              services=self.services["vpc2"],
                              networkDomain="vpc2.vpn",
                              vpcofferingid=vpcOffering[0].id,
                              zoneid=self.zone.id,
                              account=self.account.name,
                              domainid=self.account.domainid)
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vpc2 is not None, "VPC2 creation failed")

        self.logger.debug("VPC2 %s created" % (vpc2.id))

        default_acl = NetworkACLList.list(self.apiclient,
                                          name="default_allow")[0]

        # Create network in VPC 1
        try:
            ntwk1 = Network.create(apiclient=self.apiclient,
                                   services=self.services["network_1"],
                                   accountid=self.account.name,
                                   domainid=self.account.domainid,
                                   networkofferingid=networkOffering[0].id,
                                   zoneid=self.zone.id,
                                   vpcid=vpc1.id,
                                   aclid=default_acl.id)
        except Exception as e:
            self.fail(e)
        finally:
            self.assertIsNotNone(ntwk1, "Network failed to create")

        self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))

        # Create network in VPC 2
        try:
            ntwk2 = Network.create(apiclient=self.apiclient,
                                   services=self.services["network_2"],
                                   accountid=self.account.name,
                                   domainid=self.account.domainid,
                                   networkofferingid=networkOffering[0].id,
                                   zoneid=self.zone.id,
                                   vpcid=vpc2.id,
                                   aclid=default_acl.id)
        except Exception as e:
            self.fail(e)
        finally:
            self.assertIsNotNone(ntwk2, "Network failed to create")

        self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))

        # Deploy a vm in network 2
        try:
            vm1 = VirtualMachine.create(
                self.apiclient,
                services=self.services["virtual_machine"],
                templateid=self.template.id,
                zoneid=self.zone.id,
                accountid=self.account.name,
                domainid=self.account.domainid,
                serviceofferingid=self.service_offering.id,
                networkids=ntwk1.id,
                hypervisor=self.services["virtual_machine"]["hypervisor"])
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vm1 is not None, "VM failed to deploy")
            self.assert_(vm1.state == 'Running', "VM is not running")

        self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))

        # Deploy a vm in network 2
        try:
            vm2 = VirtualMachine.create(
                self.apiclient,
                services=self.services["virtual_machine"],
                templateid=self.template.id,
                zoneid=self.zone.id,
                accountid=self.account.name,
                domainid=self.account.domainid,
                serviceofferingid=self.service_offering.id,
                networkids=ntwk2.id,
                hypervisor=self.services["virtual_machine"]["hypervisor"])
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vm2 is not None, "VM failed to deploy")
            self.assert_(vm2.state == 'Running', "VM is not running")

        self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id))

        # 4) Enable Site-to-Site VPN for VPC
        vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
        self.assert_(vpn1_response is not None,
                     "Failed to enable VPN Gateway 1")
        self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)

        vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
        self.assert_(vpn2_response is not None,
                     "Failed to enable VPN Gateway 2")
        self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)

        # 5) Add VPN Customer gateway info
        src_nat_list = PublicIPAddress.list(self.apiclient,
                                            account=self.account.name,
                                            domainid=self.account.domainid,
                                            listall=True,
                                            issourcenat=True,
                                            vpcid=vpc1.id)
        ip1 = src_nat_list[0]
        src_nat_list = PublicIPAddress.list(self.apiclient,
                                            account=self.account.name,
                                            domainid=self.account.domainid,
                                            listall=True,
                                            issourcenat=True,
                                            vpcid=vpc2.id)
        ip2 = src_nat_list[0]

        services = self.services["vpncustomergateway"]
        customer1_response = VpnCustomerGateway.create(
            self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr,
            self.account.name, self.domain.id)
        self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id)
        self.logger.debug(vars(customer1_response))

        customer2_response = VpnCustomerGateway.create(
            self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr,
            self.account.name, self.domain.id)
        self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id)
        self.logger.debug(vars(customer2_response))

        # 6) Connect two VPCs
        vpnconn1_response = Vpn.createVpnConnection(self.apiclient,
                                                    customer1_response.id,
                                                    vpn2_response['id'], True)
        self.debug("VPN passive connection created for VPC %s" % vpc2.id)

        vpnconn2_response = Vpn.createVpnConnection(self.apiclient,
                                                    customer2_response.id,
                                                    vpn1_response['id'])
        self.debug("VPN connection created for VPC %s" % vpc1.id)

        self.assertEqual(vpnconn2_response['state'], "Connected",
                         "Failed to connect between VPCs!")

        # acquire an extra ip address to use to ssh into vm2
        try:
            vm2.public_ip = PublicIPAddress.create(
                apiclient=self.apiclient,
                accountid=self.account.name,
                zoneid=self.zone.id,
                domainid=self.account.domainid,
                services=self.services,
                networkid=ntwk2.id,
                vpcid=vpc2.id)
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vm2.public_ip is not None,
                         "Failed to aqcuire public ip for vm2")

        # Create port forward to be able to ssh into vm2
        try:
            natrule = self.create_natrule(vpc2, vm2, 22, 22, vm2.public_ip,
                                          ntwk2)
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(natrule is not None,
                         "Failed to create portforward for vm2")
            time.sleep(10)

        # setup ssh connection to vm2
        ssh_client = self.get_ssh_client(vm2, self.services, 10)

        if ssh_client:
            # run ping test
            packet_loss = ssh_client.execute(
                "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress +
                " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
            self.assert_(int(packet_loss) == 0, "Ping did not succeed")
        else:
            self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
示例#16
0
    def test_01_redundant_vpc_site2site_vpn(self):
        """Test Site 2 Site VPN Across redundant VPCs"""
        self.logger.debug("Starting test: test_02_redundant_vpc_site2site_vpn")

        # 0) Get the default network offering for VPC
        networkOffering = NetworkOffering.list(
            self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
        self.assert_(networkOffering is not None and len(
            networkOffering) > 0, "No VPC based network offering")

        # Create and enable redundant VPC offering
        redundant_vpc_offering = self._create_vpc_offering(
            'redundant_vpc_offering')
        self.assert_(redundant_vpc_offering is not None,
                     "Failed to create redundant VPC Offering")

        redundant_vpc_offering.update(self.apiclient, state='Enabled')

        # Create VPC 1
        vpc1 = None
        try:
            vpc1 = VPC.create(
                apiclient=self.apiclient,
                services=self.services["vpc"],
                networkDomain="vpc1.vpn",
                vpcofferingid=redundant_vpc_offering.id,
                zoneid=self.zone.id,
                account=self.account.name,
                domainid=self.domain.id
            )
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vpc1 is not None, "VPC1 creation failed")

        self.logger.debug("VPC1 %s created" % vpc1.id)

        # Create VPC 2
        vpc2 = None
        try:
            vpc2 = VPC.create(
                apiclient=self.apiclient,
                services=self.services["vpc2"],
                networkDomain="vpc2.vpn",
                vpcofferingid=redundant_vpc_offering.id,
                zoneid=self.zone.id,
                account=self.account.name,
                domainid=self.account.domainid
            )
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vpc2 is not None, "VPC2 creation failed")

        self.logger.debug("VPC2 %s created" % vpc2.id)

        default_acl = NetworkACLList.list(
            self.apiclient, name="default_allow")[0]

        # Create network in VPC 1
        ntwk1 = None
        try:
            ntwk1 = Network.create(
                apiclient=self.apiclient,
                services=self.services["network_1"],
                accountid=self.account.name,
                domainid=self.account.domainid,
                networkofferingid=networkOffering[0].id,
                zoneid=self.zone.id,
                vpcid=vpc1.id,
                aclid=default_acl.id
            )
        except Exception as e:
            self.fail(e)
        finally:
            self.assertIsNotNone(ntwk1, "Network failed to create")

        self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))

        # Create network in VPC 2
        ntwk2 = None
        try:
            ntwk2 = Network.create(
                apiclient=self.apiclient,
                services=self.services["network_2"],
                accountid=self.account.name,
                domainid=self.account.domainid,
                networkofferingid=networkOffering[0].id,
                zoneid=self.zone.id,
                vpcid=vpc2.id,
                aclid=default_acl.id
            )
        except Exception as e:
            self.fail(e)
        finally:
            self.assertIsNotNone(ntwk2, "Network failed to create")

        self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))

        # Deploy a vm in network 2
        vm1 = None
        try:
            vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
                                        templateid=self.template.id,
                                        zoneid=self.zone.id,
                                        accountid=self.account.name,
                                        domainid=self.account.domainid,
                                        serviceofferingid=self.compute_offering.id,
                                        networkids=ntwk1.id,
                                        hypervisor=self.hypervisor
                                        )
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vm1 is not None, "VM failed to deploy")
            self.assert_(vm1.state == 'Running', "VM is not running")

        self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))

        # Deploy a vm in network 2
        vm2 = None
        try:
            vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
                                        templateid=self.template.id,
                                        zoneid=self.zone.id,
                                        accountid=self.account.name,
                                        domainid=self.account.domainid,
                                        serviceofferingid=self.compute_offering.id,
                                        networkids=ntwk2.id,
                                        hypervisor=self.hypervisor
                                        )
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(vm2 is not None, "VM failed to deploy")
            self.assert_(vm2.state == 'Running', "VM is not running")

        self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id))

        # 4) Enable Site-to-Site VPN for VPC
        vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
        self.assert_(
            vpn1_response is not None, "Failed to enable VPN Gateway 1")
        self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)

        vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
        self.assert_(
            vpn2_response is not None, "Failed to enable VPN Gateway 2")
        self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)

        # 5) Add VPN Customer gateway info
        src_nat_list = PublicIPAddress.list(
            self.apiclient,
            account=self.account.name,
            domainid=self.account.domainid,
            listall=True,
            issourcenat=True,
            vpcid=vpc1.id
        )
        ip1 = src_nat_list[0]
        src_nat_list = PublicIPAddress.list(
            self.apiclient,
            account=self.account.name,
            domainid=self.account.domainid,
            listall=True,
            issourcenat=True,
            vpcid=vpc2.id
        )
        ip2 = src_nat_list[0]

        services = self.services["vpncustomergateway"]
        customer1_response = VpnCustomerGateway.create(
            self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id)
        self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id)
        self.logger.debug(vars(customer1_response))

        customer2_response = VpnCustomerGateway.create(
            self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id)
        self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id)
        self.logger.debug(vars(customer2_response))

        # 6) Connect two VPCs
        vpnconn1_response = Vpn.createVpnConnection(
            self.apiclient, customer1_response.id, vpn2_response['id'], True)
        self.debug("VPN passive connection created for VPC %s" % vpc2.id)

        vpnconn2_response = Vpn.createVpnConnection(
            self.apiclient, customer2_response.id, vpn1_response['id'])
        self.debug("VPN connection created for VPC %s" % vpc1.id)

        self.assertEqual(
            vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")

        # acquire an extra ip address to use to ssh into vm2
        try:
            vm2.public_ip = PublicIPAddress.create(
                apiclient=self.apiclient,
                accountid=self.account.name,
                zoneid=self.zone.id,
                domainid=self.account.domainid,
                services=self.services,
                networkid=ntwk2.id,
                vpcid=vpc2.id)
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(
                vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")

        # Create port forward to be able to ssh into vm2
        natrule = None
        try:
            natrule = self._create_natrule(
                vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
        except Exception as e:
            self.fail(e)
        finally:
            self.assert_(
                natrule is not None, "Failed to create portforward for vm2")
            time.sleep(20)

        # setup ssh connection to vm2
        ssh_client = self._get_ssh_client(vm2, self.services, 10)

        if ssh_client:
            # run ping test
            packet_loss = ssh_client.execute(
                "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
            self.assert_(int(packet_loss) == 0, "Ping did not succeed")
        else:
            self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
示例#17
0
    def _test_vpc_site2site_vpn(self, vpc_offering, num_VPCs=3):
        # Number of VPNs (to test) is number_of_VPCs - 1
        # By default test setting up 2 VPNs from VPC0, requiring total of 3 VPCs

        maxnumVM = num_VPCs - 1
        # Create VPC i
        vpc_list = []
        for i in range(num_VPCs):
            # Generate VPC (mostly subnet) info
            vpcservice_n = copy.deepcopy(self.services["vpcN"])
            for key in vpcservice_n.keys():
                vpcservice_n[key] = vpcservice_n[key].format(N=` i `)

            vpc_n = VPC.create(apiclient=self.apiclient,
                               services=vpcservice_n,
                               networkDomain="vpc%d.vpn" % i,
                               vpcofferingid=vpc_offering.id,
                               zoneid=self.zone.id,
                               account=self.account.name,
                               domainid=self.domain.id)
            self.assertIsNotNone(vpc_n, "VPC%d creation failed" % i)
            vpc_list.append(vpc_n)
            self.cleanup.append(vpc_n)
            self.logger.debug("VPC%d %s created" % (i, vpc_list[i].id))

        default_acl = NetworkACLList.list(self.apiclient,
                                          name="default_allow")[0]

        # Create network in VPC i
        ntwk_list = []
        for i in range(num_VPCs):
            # Generate network (mostly subnet) info
            ntwk_info_n = copy.deepcopy(self.services["network_N"])
            for key in ntwk_info_n.keys():
                ntwk_info_n[key] = ntwk_info_n[key].format(N=` i `)

            ntwk_n = Network.create(
                apiclient=self.apiclient,
                services=ntwk_info_n,
                accountid=self.account.name,
                domainid=self.account.domainid,
                networkofferingid=self.network_offerings[0].id,
                zoneid=self.zone.id,
                vpcid=vpc_list[i].id,
                aclid=default_acl.id)
            self.assertIsNotNone(ntwk_n, "Network%d failed to create" % i)
            self.cleanup.append(ntwk_n)
            ntwk_list.append(ntwk_n)
            self.logger.debug("Network%d %s created in VPC %s" %
                              (i, ntwk_list[i].id, vpc_list[i].id))

        # Deploy a vm in network i
        vm_list = []
        vm_n = None

        for i in range(num_VPCs):
            vm_n = VirtualMachine.create(
                self.apiclient,
                services=self.services["virtual_machine"],
                templateid=self.template.id,
                zoneid=self.zone.id,
                accountid=self.account.name,
                domainid=self.account.domainid,
                serviceofferingid=self.compute_offering.id,
                networkids=[ntwk_list[i].id],
                hypervisor=self.hypervisor,
                mode='advanced' if (i == 0) or (i == maxnumVM) else 'default')
            self.assertIsNotNone(vm_n, "VM%d failed to deploy" % i)
            self.cleanup.append(vm_n)
            vm_list.append(vm_n)
            self.logger.debug("VM%d %s deployed in VPC %s" %
                              (i, vm_list[i].id, vpc_list[i].id))
            self.assertEquals(vm_n.state, 'Running', "VM%d is not running" % i)

        # 4) Enable Site-to-Site VPN for VPC
        vpn_response_list = []
        for i in range(num_VPCs):
            vpn_response = Vpn.createVpnGateway(self.apiclient, vpc_list[i].id)
            self.assertIsNotNone(vpn_response,
                                 "Failed to enable VPN Gateway %d" % i)
            vpn_response_list.append(vpn_response)
            self.logger.debug("VPN gateway for VPC%d %s enabled" %
                              (i, vpc_list[i].id))

        # 5) Add VPN Customer gateway info
        vpn_cust_gw_list = []
        services = self.services["vpncustomergateway"]
        for i in range(num_VPCs):
            src_nat_list = PublicIPAddress.list(self.apiclient,
                                                account=self.account.name,
                                                domainid=self.account.domainid,
                                                listall=True,
                                                issourcenat=True,
                                                vpcid=vpc_list[i].id)
            ip = src_nat_list[0]

            customer_response = VpnCustomerGateway.create(
                self.apiclient, services, "Peer VPC" + ` i `, ip.ipaddress,
                vpc_list[i].cidr, self.account.name, self.domain.id)
            self.cleanup.insert(
                0, customer_response
            )  # this has to be cleaned up after the VPCs have been destroyed (due to client connectionsonections)
            vpn_cust_gw_list.append(customer_response)
            self.logger.debug(
                "VPN customer gateway added for VPC%d %s enabled" %
                (i, vpc_list[i].id))

        # Before the next step ensure the last VPC is up and running
        # Routers in the right state?
        self.assertEqual(
            self.routers_in_right_state(vpcid=vpc_list[maxnumVM].id), True,
            "Check whether the routers are in the right state.")

        # 6) Connect VPCi with VPC0
        for i in range(num_VPCs)[1:]:
            Vpn.createVpnConnection(self.apiclient, vpn_cust_gw_list[0].id,
                                    vpn_response_list[i]['id'], True)
            self.logger.debug("VPN passive connection created for VPC%d %s" %
                              (i, vpc_list[i].id))

            vpnconn2_response = Vpn.createVpnConnection(
                self.apiclient, vpn_cust_gw_list[i].id,
                vpn_response_list[0]['id'])
            self.logger.debug("VPN connection created for VPC%d %s" %
                              (0, vpc_list[0].id))

            self.assertEqual(vpnconn2_response['state'], "Connected",
                             "Failed to connect between VPCs 0 and %d!" % i)
            self.logger.debug("VPN connected between VPC0 and VPC%d" % i)

        # First the last VM
        # setup ssh connection to vm maxnumVM
        self.logger.debug(
            "Setup SSH connection to last VM created (%d) to ensure availability for ping tests"
            % maxnumVM)
        ssh_max_client = vm_list[maxnumVM].get_ssh_client(retries=20)
        self.assertIsNotNone(
            ssh_max_client,
            "Failed to setup SSH to last VM created (%d)" % maxnumVM)

        self.logger.debug(
            "Setup SSH connection to first VM created (0) to ensure availability for ping tests"
        )
        ssh_client = vm_list[0].get_ssh_client(retries=10)
        self.assertIsNotNone(ssh_client, "Failed to setup SSH to VM0")

        if ssh_client:
            # run ping test
            for i in range(num_VPCs)[1:]:
                packet_loss = ssh_client.execute(
                    "/bin/ping -c 3 -t 10 " + vm_list[i].nic[0].ipaddress +
                    " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
                self.assertEquals(
                    int(packet_loss), 0,
                    "Ping towards vm" + ` i ` + "did not succeed")
                self.logger.debug("Ping from vm0 to vm%d did succeed" % i)
        else:
            self.fail("Failed to setup ssh connection to %s" %
                      vm_list[0].public_ip)

        return
示例#18
0
    def _test_vpc_site2site_vpn(self, vpc_offering, num_VPCs=3):
        # Number of VPNs (to test) is number_of_VPCs - 1
        # By default test setting up 2 VPNs from VPC0, requiring total of 3 VPCs

        maxnumVM = num_VPCs - 1
        # Create VPC i
        vpc_list = []
        for i in range(num_VPCs):
            # Generate VPC (mostly subnet) info
            vpcservice_n = copy.deepcopy(self.services["vpcN"])
            for key in vpcservice_n.keys():
                vpcservice_n[key] = vpcservice_n[key].format(N=`i`)

            vpc_n = VPC.create(
                api_client=self.apiclient,
                services=vpcservice_n,
                networkDomain="vpc%d.vpn" % i,
                vpcofferingid=vpc_offering.id,
                zoneid=self.zone.id,
                account=self.account.name,
                domainid=self.domain.id
            )
            self.assertIsNotNone(vpc_n, "VPC%d creation failed" % i)
            vpc_list.append(vpc_n)
            self.cleanup.append(vpc_n)
            self.logger.debug("VPC%d %s created" % (i, vpc_list[i].id))

        default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0]

        # Create network in VPC i
        ntwk_list = []
        for i in range(num_VPCs):
            # Generate network (mostly subnet) info
            ntwk_info_n = copy.deepcopy(self.services["network_N"])
            for key in ntwk_info_n.keys():
                ntwk_info_n[key] = ntwk_info_n[key].format(N=`i`)

            ntwk_n = Network.create(
                api_client=self.apiclient,
                services=ntwk_info_n,
                accountid=self.account.name,
                domainid=self.account.domainid,
                networkofferingid=self.network_offering.id,
                zoneid=self.zone.id,
                vpcid=vpc_list[i].id,
                aclid=default_acl.id
            )
            self.assertIsNotNone(ntwk_n, "Network%d failed to create" % i)
            self.cleanup.append(ntwk_n)
            ntwk_list.append(ntwk_n)
            self.logger.debug("Network%d %s created in VPC %s" % (i, ntwk_list[i].id, vpc_list[i].id))

        # Deploy a vm in network i
        vm_list = []
        vm_n = None

        for i in range(num_VPCs):
            vm_n = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
                                         templateid=self.template.id,
                                         zoneid=self.zone.id,
                                         accountid=self.account.name,
                                         domainid=self.account.domainid,
                                         serviceofferingid=self.virtual_machine_offering.id,
                                         networkids=[ntwk_list[i].id],
                                         hypervisor=self.hypervisor,
                                         mode='advanced' if (i == 0) or (i == maxnumVM) else 'default'
                                         )
            self.assertIsNotNone(vm_n, "VM%d failed to deploy" % i)
            self.cleanup.append(vm_n)
            vm_list.append(vm_n)
            self.logger.debug("VM%d %s deployed in VPC %s" % (i, vm_list[i].id, vpc_list[i].id))
            self.assertEquals(vm_n.state, 'Running', "VM%d is not running" % i)

        # 4) Enable Site-to-Site VPN for VPC
        vpn_response_list = []
        for i in range(num_VPCs):
            vpn_response = Vpn.createVpnGateway(self.apiclient, vpc_list[i].id)
            self.assertIsNotNone(vpn_response, "Failed to enable VPN Gateway %d" % i)
            vpn_response_list.append(vpn_response)
            self.logger.debug("VPN gateway for VPC%d %s enabled" % (i, vpc_list[i].id))

        # 5) Add VPN Customer gateway info
        vpn_cust_gw_list = []
        services = self.services["vpncustomergateway"]
        for i in range(num_VPCs):
            src_nat_list = PublicIPAddress.list(
                self.apiclient,
                account=self.account.name,
                domainid=self.account.domainid,
                listall=True,
                issourcenat=True,
                vpcid=vpc_list[i].id
            )
            ip = src_nat_list[0]

            customer_response = VpnCustomerGateway.create(self.apiclient, services, "Peer VPC" + `i`, ip.ipaddress, vpc_list[i].cidr, self.account.name, self.domain.id)
            self.cleanup.insert(0, customer_response)  # this has to be cleaned up after the VPCs have been destroyed (due to client connectionsonections)
            vpn_cust_gw_list.append(customer_response)
            self.logger.debug("VPN customer gateway added for VPC%d %s enabled" % (i, vpc_list[i].id))

        # Before the next step ensure the last VPC is up and running
        # Routers in the right state?
        self.assertEqual(self.routers_in_right_state(vpcid=vpc_list[maxnumVM].id), True, "Check whether the routers are in the right state.")

        # 6) Connect VPCi with VPC0
        for i in range(num_VPCs)[1:]:
            passiveVpn = Vpn.createVpnConnection(self.apiclient, vpn_cust_gw_list[0].id, vpn_response_list[i]['id'], True)
            self.logger.debug("VPN passive connection created for VPC%d %s" % (i, vpc_list[i].id))

            vpnconn2_response = Vpn.createVpnConnection(self.apiclient, vpn_cust_gw_list[i].id, vpn_response_list[0]['id'])
            self.logger.debug("VPN connection created for VPC%d %s" % (0, vpc_list[0].id))

            self.assertEqual(vpnconn2_response['state'], "Connected", "Failed to connect between VPCs 0 and %d!" % i)
            self.logger.debug("VPN connected between VPC0 and VPC%d" % i)

            time.sleep(15)
            self.logger.debug("Resetting VPN connection with id %s" % (passiveVpn['id']))
            Vpn.resetVpnConnection(self.apiclient, passiveVpn['id'])

            # Ping to put tunnel up
            ssh_client = vm_list[0].get_ssh_client(retries=10)
            self.assertIsNotNone(ssh_client, "Failed to setup SSH to VM0")
            if ssh_client:
                # run ping test
                for i in range(num_VPCs)[1:]:
                    packet_loss = ssh_client.execute("/bin/ping -c 3 -t 10 " + vm_list[i].nic[0].ipaddress)[0]
                    self.logger.debug("Ping from vm0 to vm%d to make sure tunnel is up." % i)
            else:
                self.fail("Failed to setup ssh connection to %s" % vm_list[0].public_ip)

            self.logger.debug("Waiting for the VPN with id %s to connect" % (passiveVpn['id']))
            max_retries = 30
            retries = 0
            while retries < max_retries:
                vpnconn2_response = Vpn.listVpnConnection(self.apiclient, listall=True, id=passiveVpn['id'])
                if len(vpnconn2_response) > 0 and vpnconn2_response[0].state.lower() == 'connected':
                    break
                retries += 1
                time.sleep(2)
            self.assertLess(retries, max_retries, "Failed to reconnect VPN with id %s" % (passiveVpn['id']))

        # First the last VM
        # setup ssh connection to vm maxnumVM
        self.logger.debug("Setup SSH connection to last VM created (%d) to ensure availability for ping tests" % maxnumVM)
        ssh_max_client = vm_list[maxnumVM].get_ssh_client(retries=20)
        self.assertIsNotNone(ssh_max_client, "Failed to setup SSH to last VM created (%d)" % maxnumVM)

        self.logger.debug("Setup SSH connection to first VM created (0) to ensure availability for ping tests")
        ssh_client = vm_list[0].get_ssh_client(retries=10)
        self.assertIsNotNone(ssh_client, "Failed to setup SSH to VM0")

        if ssh_client:
            # run ping test
            for i in range(num_VPCs)[1:]:
                packet_loss = ssh_client.execute(
                    "/bin/ping -c 3 -t 10 " + vm_list[i].nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
                self.assertEquals(int(packet_loss), 0, " Ping towards vm" + `i` + " did not succeed")
                self.logger.debug("SUCCESS! Ping from vm0 to vm%d succeeded." % i)
        else:
            self.fail("Failed to setup ssh connection to %s" % vm_list[0].public_ip)

        return
示例#19
0
 def get_network_acl_list(self, name=None, id=None):
     return NetworkACLList(
         get_network_acl(api_client=self.api_client, name=name,
                         id=id).__dict__)