def test_04_publicip_per_project(self): """Test Public IP limit per project """ # Validate the following # 1. set max no of IPs per project to 2. # 2. Create an account in this domain # 3. Create 1 VM in this domain # 4. Acquire 1 IP in the domain. IP should be successfully acquired # 5. Try to acquire 3rd IP in this domain. It should give the user an # appropriate error and an alert should be generated. self.debug("Updating public IP resource limits for project: %s" % self.project.id) # Set usage_vm=1 for Account 1 update_resource_limit(self.apiclient, 1, max=2, projectid=self.project.id) # Public Ip self.debug("Deploying VM for Project: %s" % self.project.id) virtual_machine_1 = VirtualMachine.create( self.apiclient, self.services["server"], templateid=self.template.id, serviceofferingid=self.service_offering.id, projectid=self.project.id, ) self.cleanup.append(virtual_machine_1) # Verify VM state self.assertEqual(virtual_machine_1.state, "Running", "Check VM state is Running or not") networks = Network.list(self.apiclient, projectid=self.project.id, listall=True) self.assertEqual(isinstance(networks, list), True, "Check list networks response returns a valid response") self.assertNotEqual(len(networks), 0, "Check list networks response returns a valid network") network = networks[0] self.debug("Associating public IP for project: %s" % self.project.id) public_ip_1 = PublicIPAddress.create( self.apiclient, zoneid=virtual_machine_1.zoneid, services=self.services["server"], networkid=network.id, projectid=self.project.id, ) self.cleanup.append(public_ip_1) # Verify Public IP state self.assertEqual( public_ip_1.ipaddress.state in ["Allocated", "Allocating"], True, "Check Public IP state is allocated or not", ) # Exception should be raised for second Public IP with self.assertRaises(Exception): PublicIPAddress.create( self.apiclient, zoneid=virtual_machine_1.zoneid, services=self.services["server"], networkid=network.id, projectid=self.project.id, ) return
def acquire_Public_Ip(self): """Acquires the public IP""" try: self.debug("Acquiring public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"] ) self.debug("Acquired public IP: %s" % public_ip.ipaddress.ipaddress) FireWallRule.create( self.apiclient, ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]], startport=self.services["fwrule"]["startport"], endport=self.services["fwrule"]["endport"] ) return public_ip except Exception as e: self.fail("Failed to acquire new public IP: %s" % e)
def createNetworkRulesForVM(apiclient, virtualmachine, ruletype, account, networkruledata): """Acquire IP, create Firewall and NAT/StaticNAT rule (associating it with given vm) for that IP""" try: public_ip = PublicIPAddress.create( apiclient,accountid=account.name, zoneid=virtualmachine.zoneid,domainid=account.domainid, networkid=virtualmachine.nic[0].networkid) FireWallRule.create( apiclient,ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[networkruledata["fwrule"]["cidr"]], startport=networkruledata["fwrule"]["startport"], endport=networkruledata["fwrule"]["endport"] ) if ruletype == NAT_RULE: # Create NAT rule NATRule.create(apiclient, virtualmachine, networkruledata["natrule"],ipaddressid=public_ip.ipaddress.id, networkid=virtualmachine.nic[0].networkid) elif ruletype == STATIC_NAT_RULE: # Enable Static NAT for VM StaticNATRule.enable(apiclient,public_ip.ipaddress.id, virtualmachine.id, networkid=virtualmachine.nic[0].networkid) except Exception as e: [FAIL, e] return [PASS, public_ip]
def create_vm(self, pfrule=False, egress_policy=True, RR=False): self.create_network_offering(egress_policy, RR) # Creating network using the network offering created self.debug("Creating network with network offering: %s" % self.network_offering.id) self.network = Network.create( self.apiclient, self.services["network"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, ) self.debug("Created network with ID: %s" % self.network.id) self.debug("Deploying instance in the account: %s" % self.account.name) project = None self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.domain.id, serviceofferingid=self.service_offering.id, mode=self.zone.networktype if pfrule else "basic", networkids=[str(self.network.id)], projectid=project.id if project else None, ) self.debug("Deployed instance %s in account: %s" % (self.virtual_machine.id, self.account.name)) # Checking if VM is running or not, in case it is deployed in error state, test case fails self.vm_list = list_virtual_machines(self.apiclient, id=self.virtual_machine.id) self.assertEqual(validateList(self.vm_list)[0], PASS, "vm list validation failed, vm list is %s" % self.vm_list) self.assertEqual( str(self.vm_list[0].state).lower(), "running", "VM state should be running, it is %s" % self.vm_list[0].state, ) self.public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=self.network.id, ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=["0.0.0.0/0"], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"], ) self.debug("Creating NAT rule for VM ID: %s" % self.virtual_machine.id) # Create NAT rule NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], self.public_ip.ipaddress.id) return
def acquire_Public_Ip(self): """Acquires the public IP""" try: self.debug("Acquiring public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"] ) self.debug("Acquired public IP: %s" % public_ip.ipaddress.ipaddress) self.debug("Configuring NAT rule for the acquired public ip") NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id ) return public_ip except Exception as e: self.fail("Failed to acquire new public IP: %s" % e)
def setUp(self): self.apiclient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() self.account = Account.create(self.apiclient, self.services["account"], domainid=self.domain.id) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, ) self.virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, ) self.public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"], ) NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id ) self.cleanup = [self.account] return
def setUp(self): try: self.apiclient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() self.account = Account.create( self.apiclient, self.services["account"], domainid=self.domain.id ) self.cleanup = [ self.account, ] self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.public_ip = PublicIPAddress.create( self.apiclient, accountid=self.virtual_machine.account, zoneid=self.virtual_machine.zoneid, domainid=self.virtual_machine.domainid, services=self.services["virtual_machine"] ) return except CloudstackAPIException as e: self.tearDown() raise e
def acquire_publicip(self, network): self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpc.id) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def setUp(self): self.logger = MarvinLog(MarvinLog.LOGGER_TEST).get_logger() self.apiclient = self.testClient.getApiClient() self.services = self.testClient.getParsedTestDataConfig() # Get Zone, Domain and templates self.domain = get_domain(self.apiclient) self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests()) template = get_template(self.apiclient, self.zone.id) self.services["virtual_machine"]["zoneid"] = self.zone.id # Create an account, network, VM, Port forwarding rule, LB rules self.account = Account.create(self.apiclient, self.services["account"], admin=True, domainid=self.domain.id) self.service_offering = get_default_virtual_machine_offering( self.apiclient) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) self.ip_address = PublicIPAddress.create(self.apiclient, self.account.name, self.zone.id, self.account.domainid) ip_addrs = list_public_ip(self.apiclient, account=self.account.name, domainid=self.account.domainid, issourcenat=False) try: self.ip_addr = ip_addrs[0] except Exception as e: raise Exception( "Failed: During acquiring source NAT for account: %s, :%s" % (self.account.name, e)) self.nat_rule = NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], self.ip_addr.id) self.lb_rule = LoadBalancerRule.create(self.apiclient, self.services["lbrule"], self.ip_addr.id, accountid=self.account.name) self.cleanup = [self.virtual_machine, self.account] return
def deploy_isolatednetwork_publicipaddress(self, ipaddress_data, virtualmachines_data, network): self.logger.debug('>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Creating...') publicipaddress = PublicIPAddress.create( api_client=self.api_client, data=ipaddress_data, network=network ) self.logger.debug('>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Created! TODO: MISSING FIELDS!') self.deploy_firewallrules(ipaddress_data, publicipaddress) self.deploy_portforwards(ipaddress_data['portforwards'], virtualmachines_data, None, publicipaddress)
def test_04_publicip_per_project(self): """Test Public IP limit per project """ # Validate the following # 1. set max no of IPs per project to 2. # 2. Create an account in this domain # 3. Create 1 VM in this domain # 4. Acquire 1 IP in the domain. IP should be successfully acquired # 5. Try to acquire 3rd IP in this domain. It should give the user an # appropriate error and an alert should be generated. self.debug("Updating public IP resource limits for project: %s" % self.project.id) # Set usage_vm=1 for Account 1 update_resource_limit( self.apiclient, 1, # Public Ip max=2, projectid=self.project.id) self.debug("Deploying VM for Project: %s" % self.project.id) virtual_machine_1 = VirtualMachine.create( self.apiclient, self.services["server"], templateid=self.template.id, serviceofferingid=self.service_offering.id, projectid=self.project.id) self.cleanup.append(virtual_machine_1) # Verify VM state self.assertEqual(virtual_machine_1.state, 'Running', "Check VM state is Running or not") networks = Network.list(self.apiclient, projectid=self.project.id, listall=True) self.assertEqual( isinstance(networks, list), True, "Check list networks response returns a valid response") self.assertNotEqual( len(networks), 0, "Check list networks response returns a valid network") network = networks[0] self.debug("Associating public IP for project: %s" % self.project.id) public_ip_1 = PublicIPAddress.create(self.apiclient, zoneid=virtual_machine_1.zoneid, services=self.services["server"], networkid=network.id, projectid=self.project.id) self.cleanup.append(public_ip_1) # Verify Public IP state self.assertEqual( public_ip_1.ipaddress.state in ['Allocated', 'Allocating'], True, "Check Public IP state is allocated or not") return
def acquire_PublicIPAddress(self, network, vpc=None): self.debug("Associating public IP for network with ID - %s" % network.id) public_ip = PublicIPAddress.create(self.api_client, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id if vpc is None else None, vpcid=vpc.id if vpc else self.vpc.id if hasattr(self, "vpc") else None ) self.debug("Associated public IP address - %s with network with ID - %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def acquire_publicip(self, network): self.logger.debug('Associating public IP for network: %s' % network.name) public_ip = PublicIPAddress.create( self.api_client, accountid='admin', zoneid=self.zone.id, domainid=self.domain.id, networkids=[str(network.id)] ) self.logger.debug('Associated %s with network %s' % (public_ip.ipaddress.ipaddress, network.id)) self.test_cleanup.append(public_ip) return public_ip
def acquire_publicip(self, network): self.logger.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.api_client, accountid=self.admin_account, zoneid=self.zone.id, domainid=self.admin_domain.id, networkid=network.id) self.logger.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) self.test_cleanup.append(public_ip) return public_ip
def test_public_ip_admin_account(self): """Test for Associate/Disassociate public IP address for admin account""" # Validate the following: # 1. listPubliIpAddresses API returns the list of acquired addresses # 2. the returned list should contain our acquired IP address ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid ) list_pub_ip_addr_resp = list_publicIP( self.apiclient, id=ip_address.ipaddress.id ) self.assertEqual( isinstance(list_pub_ip_addr_resp, list), True, "Check list response returns a valid list" ) # listPublicIpAddresses should return newly created public IP self.assertNotEqual( len(list_pub_ip_addr_resp), 0, "Check if new IP Address is associated" ) self.assertEqual( list_pub_ip_addr_resp[0].id, ip_address.ipaddress.id, "Check Correct IP Address is returned in the List Cacls" ) ip_address.delete(self.apiclient) time.sleep(30) # Validate the following: # 1.listPublicIpAddresses should no more return the released address list_pub_ip_addr_resp = list_publicIP( self.apiclient, id=ip_address.ipaddress.id ) if list_pub_ip_addr_resp is None: return if (list_pub_ip_addr_resp) and ( isinstance( list_pub_ip_addr_resp, list)) and ( len(list_pub_ip_addr_resp) > 0): self.fail("list public ip response is not empty") return
def acquire_publicip(self, network): self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpc.id ) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id )) return public_ip
def acquire_publicip(self, vpc, network): self.logger.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id, ) self.assertIsNotNone(public_ip, "Failed to acquire public IP") self.logger.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def acquire_publicip(self, vpc, network): self.logger.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id) self.assertIsNotNone(public_ip, "Failed to acquire public IP") self.logger.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) return public_ip
def deploy_isolatednetwork_publicipaddress(self, ipaddress_data, virtualmachines_data, network): self.logger.debug( '>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Creating...') publicipaddress = PublicIPAddress.create(api_client=self.api_client, data=ipaddress_data, network=network) self.logger.debug( '>>> ISOLATED NETWORK PUBLIC IP ADDRESS => Created! TODO: MISSING FIELDS!' ) self.deploy_firewallrules(ipaddress_data, publicipaddress) self.deploy_portforwards(ipaddress_data['portforwards'], virtualmachines_data, None, publicipaddress)
def setUpClass(cls): cls.testClient = super(TestNATRules, cls).getClsTestClient() cls.api_client = cls.testClient.getApiClient() cls.services = Services().services # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client) cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests()) cls.services['mode'] = cls.zone.networktype template = get_template( cls.api_client, cls.zone.id, cls.services["ostype"] ) #Create an account, network, VM and IP addresses cls.account = Account.create( cls.api_client, cls.services["account"], admin=True, domainid=cls.domain.id ) cls.services["virtual_machine"]["zoneid"] = cls.zone.id cls.service_offering = ServiceOffering.create( cls.api_client, cls.services["service_offering"] ) cls.virtual_machine = VirtualMachine.create( cls.api_client, cls.services["virtual_machine"], templateid=template.id, accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id ) cls.public_ip = PublicIPAddress.create( cls.api_client, accountid=cls.account.name, zoneid=cls.zone.id, domainid=cls.account.domainid, services=cls.services["virtual_machine"] ) cls._cleanup = [ cls.virtual_machine, cls.account, cls.service_offering ]
def test_public_ip_user_account(self): """Test for Associate/Disassociate public IP address for user account""" # Validate the following: # 1. listPubliIpAddresses API returns the list of acquired addresses # 2. the returned list should contain our acquired IP address ip_address = PublicIPAddress.create( self.apiclient, self.user.name, self.zone.id, self.user.domainid ) # listPublicIpAddresses should return newly created public IP list_pub_ip_addr_resp = list_publicIP( self.apiclient, id=ip_address.ipaddress.id ) self.assertEqual( isinstance(list_pub_ip_addr_resp, list), True, "Check list response returns a valid list" ) self.assertNotEqual( len(list_pub_ip_addr_resp), 0, "Check if new IP Address is associated" ) self.assertEqual( list_pub_ip_addr_resp[0].id, ip_address.ipaddress.id, "Check Correct IP Address is returned in the List Call" ) ip_address.delete(self.apiclient) list_pub_ip_addr_resp = list_publicIP( self.apiclient, id=ip_address.ipaddress.id ) self.assertEqual( list_pub_ip_addr_resp, None, "Check if disassociated IP Address is no longer available" ) return
def deploy_publicipaddress(self, publicipaddress_data, virtualmachines_data, vpc): self.logger.debug('>>> PUBLIC IP ADDRESS => Creating...') publicipaddress = PublicIPAddress.create( api_client=self.api_client, data=publicipaddress_data, vpc=vpc ) ipaddress = publicipaddress.ipaddress self.logger.debug('>>> PUBLIC IP ADDRESS => ID: %s => IP: %s => State: %s => Source NAT: %s ' '=> Static NAT: %s => ACL: %s => VLAN: %s => Physical Network: %s => Network: %s ' '=> VPC: %s => Domain: %s', ipaddress.id, ipaddress.ipaddress, ipaddress.state, ipaddress.issourcenat, ipaddress.isstaticnat, ipaddress.aclid, ipaddress.vlanid, ipaddress.physicalnetworkid, ipaddress.networkid, ipaddress.vpcid, ipaddress.domainid) self.deploy_portforwards(publicipaddress_data['portforwards'], virtualmachines_data, vpc, publicipaddress)
def deploy_publicipaddress(self, publicipaddress_data, virtualmachines_data, vpc): self.logger.debug('>>> PUBLIC IP ADDRESS => Creating...') publicipaddress = PublicIPAddress.create(api_client=self.api_client, data=publicipaddress_data, vpc=vpc) ipaddress = publicipaddress.ipaddress self.logger.debug( '>>> PUBLIC IP ADDRESS => ID: %s => IP: %s => State: %s => Source NAT: %s ' '=> Static NAT: %s => ACL: %s => VLAN: %s => Physical Network: %s => Network: %s ' '=> VPC: %s => Domain: %s', ipaddress.id, ipaddress.ipaddress, ipaddress.state, ipaddress.issourcenat, ipaddress.isstaticnat, ipaddress.aclid, ipaddress.vlanid, ipaddress.physicalnetworkid, ipaddress.networkid, ipaddress.vpcid, ipaddress.domainid) self.deploy_portforwards(publicipaddress_data['portforwards'], virtualmachines_data, vpc, publicipaddress)
def setUp(self): self.apiclient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() self.account = Account.create( self.apiclient, self.services["account"], domainid=self.domain.id ) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"] ) FireWallRule.create( self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]], startport=self.services["fwrule"]["startport"], endport=self.services["fwrule"]["endport"] ) self.cleanup = [self.account, ] return
def setUp(self): self.apiclient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() self.account = Account.create( self.apiclient, self.services["account"], domainid=self.domain.id ) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"] ) NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id ) self.cleanup = [self.account, ] return
def acquire_Public_Ip(self): """Acquires the public IP""" try: self.debug("Acquiring public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"]) self.debug("Acquired public IP: %s" % public_ip.ipaddress.ipaddress) FireWallRule.create(self.apiclient, ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[self.services["fwrule"]["cidr"]], startport=self.services["fwrule"]["startport"], endport=self.services["fwrule"]["endport"]) return public_ip except Exception as e: self.fail("Failed to acquire new public IP: %s" % e)
def acquire_Public_Ip(self): """Acquires the public IP""" try: self.debug("Acquiring public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, self.virtual_machine.account, self.virtual_machine.zoneid, self.virtual_machine.domainid, self.services["virtual_machine"]) self.debug("Acquired public IP: %s" % public_ip.ipaddress.ipaddress) self.debug("Configuring NAT rule for the acquired public ip") NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id) return public_ip except Exception as e: self.fail("Failed to acquire new public IP: %s" % e)
def createNetworkRulesForVM(apiclient, virtualmachine, ruletype, account, networkruledata): """Acquire IP, create Firewall and NAT/StaticNAT rule (associating it with given vm) for that IP""" try: public_ip = PublicIPAddress.create( apiclient, accountid=account.name, zoneid=virtualmachine.zoneid, domainid=account.domainid, networkid=virtualmachine.nic[0].networkid) FireWallRule.create(apiclient, ipaddressid=public_ip.ipaddress.id, protocol='TCP', cidrlist=[networkruledata["fwrule"]["cidr"]], startport=networkruledata["fwrule"]["startport"], endport=networkruledata["fwrule"]["endport"]) if ruletype == NAT_RULE: # Create NAT rule NATRule.create(apiclient, virtualmachine, networkruledata["natrule"], ipaddressid=public_ip.ipaddress.id, networkid=virtualmachine.nic[0].networkid) elif ruletype == STATIC_NAT_RULE: # Enable Static NAT for VM StaticNATRule.enable(apiclient, public_ip.ipaddress.id, virtualmachine.id, networkid=virtualmachine.nic[0].networkid) except Exception as e: [FAIL, e] return [PASS, public_ip]
def test_01_create_delete_portforwarding_fornonvpc(self): """ @summary: Test to list, create and delete Port Forwarding for IP Address associated to Non VPC network @Steps: Step1: Creating a Network for the user Step2: Associating an IP Addresses for Network Step3: Launching Virtual Machine in network created in step 2 Step4: Listing Port Forwarding Rules for the IP Address associated in Step2 Step5: Verifying that no Port Forwarding Rules are listed Step6: Creating a Port Forwarding Rule for IP Address associated in Step2 Step7: Listing Port Forwarding Rules for the IP Address associated in Step2 Step8: Verifying 1 Port Forwarding Rule is listed Step9: Deleting the Port Forwarding Rule created in Step6 Step10: Listing Port Forwarding Rules for the IP Address associated in Step2 Step11: Verifying that no Port Forwarding Rules are listed """ # Listing all the Networks's for a user list_networks_before = Network.list( self.userapiclient, listall=self.services["listall"], type="Isolated" ) # Verifying No Networks are listed self.assertIsNone( list_networks_before, "Networks listed for newly created User" ) # Listing Network Offerings network_offerings_list = NetworkOffering.list( self.apiClient, forvpc="false", guestiptype="Isolated", state="Enabled", supportedservices="SourceNat,PortForwarding", zoneid=self.zone.id ) status = validateList(network_offerings_list) self.assertEqual( PASS, status[0], "Isolated Network Offerings with sourceNat,\ PortForwarding enabled are not found" ) # Creating a network network = Network.create( self.userapiclient, self.services["network"], accountid=self.account.name, domainid=self.domain.id, networkofferingid=network_offerings_list[0].id, zoneid=self.zone.id ) self.assertIsNotNone( network, "Network creation failed" ) # Listing all the IP Addresses for a user list_ipaddresses_before = PublicIPAddress.list( self.userapiclient, listall=self.services["listall"] ) # Verifying no IP Addresses are listed self.assertIsNone( list_ipaddresses_before, "IP Addresses listed for newly created User" ) service_offering = ServiceOffering.create( self.apiClient, self.services["service_offerings"]["tiny"], ) self.services["virtual_machine"]["zoneid"] = self.zone.id vm = VirtualMachine.create( self.userapiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, networkids=network.id, serviceofferingid=service_offering.id ) VirtualMachine.delete(vm, self.apiClient, expunge=True) # Associating an IP Addresses to Network created associated_ipaddress = PublicIPAddress.create( self.userapiclient, services=self.services["network"], networkid=network.id ) self.assertIsNotNone( associated_ipaddress, "Failed to Associate IP Address" ) # Listing all the IP Addresses for a user list_ipaddresses_after = PublicIPAddress.list( self.userapiclient, listall=self.services["listall"] ) status = validateList(list_ipaddresses_after) self.assertEqual( PASS, status[0], "IP Addresses Association Failed" ) # Verifying the length of the list is 2 self.assertEqual( 2, len(list_ipaddresses_after), "Number of IP Addresses associated are not matching expected" ) # Launching a Virtual Machine with above created Network vm_created = VirtualMachine.create( self.userapiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, networkids=network.id, serviceofferingid=self.service_offering.id, ) self.assertIsNotNone( vm_created, "Failed to launch a VM under network created" ) self.cleanup.append(network) # Listing Virtual Machines in running state in above created network list_vms_running = VirtualMachine.list( self.userapiclient, listall=self.services["listall"], state="Running", networkid=network.id ) status = validateList(list_vms_running) self.assertEqual( PASS, status[0], "VM Created is not in Running state" ) # Verifying the length of the list is 2 self.assertEqual( 2, len(list_ipaddresses_after), "VM Created is not in Running state" ) self.assertEqual( vm_created.id, list_vms_running[0].id, "VM Created is not in Running state" ) # Listing Virtual Machines in stopped state in above created network list_vms_stopped = VirtualMachine.list( self.userapiclient, listall=self.services["listall"], state="Stopped", networkid=network.id ) # Verifying no VMs are in stopped state self.assertIsNone( list_vms_stopped, "VM Created is in stopped state" ) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_before = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) # Verifying no port forwarding rules are listed self.assertIsNone( list_prtfwdrule_before, "Port Forwarding Rules listed for newly associated IP Address" ) # Creating a Port Forwarding rule portfwd_rule = NATRule.create( self.userapiclient, virtual_machine=vm_created, services=self.services["natrule"], ipaddressid=associated_ipaddress.ipaddress.id, ) self.assertIsNotNone( portfwd_rule, "Failed to create Port Forwarding Rule" ) # Verifying details of Sticky Policy created # Creating expected and actual values dictionaries expected_dict = { "ipaddressid": associated_ipaddress.ipaddress.id, "privateport": str(self.services["natrule"]["privateport"]), "publicport": str(self.services["natrule"]["publicport"]), "protocol": str(self.services["natrule"]["protocol"]).lower(), } actual_dict = { "ipaddressid": portfwd_rule.ipaddressid, "privateport": str(portfwd_rule.privateport), "publicport": str(portfwd_rule.publicport), "protocol": portfwd_rule.protocol, } portfwd_status = self.__verify_values( expected_dict, actual_dict ) self.assertEqual( True, portfwd_status, "Created Port Forward Rule details are not as expected" ) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_after = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) status = validateList(list_prtfwdrule_after) self.assertEqual( PASS, status[0], "Failed to create Port Forwarding Rule" ) # Verifying the length of the list is 1 self.assertEqual( 1, len(list_prtfwdrule_after), "Failed to create Port Forwarding Rule" ) # Deleting Port Forwarding Rule portfwd_rule.delete(self.userapiclient) # Creating a Port Forwarding rule with port range portfwd_rule = NATRule.create( self.userapiclient, virtual_machine=vm_created, services=self.services["natrulerange"], ipaddressid=associated_ipaddress.ipaddress.id, ) self.assertIsNotNone( portfwd_rule, "Failed to create Port Forwarding Rule" ) # update the private port for port forwarding rule updatefwd_rule = portfwd_rule.update(self.userapiclient, portfwd_rule.id, virtual_machine=vm_created, services=self.services["updatenatrulerange"], ) # Verifying details of Sticky Policy created # Creating expected and actual values dictionaries expected_dict = { "privateport": str(self.services["updatenatrulerange"]["privateport"]), "privateendport": str(self.services["updatenatrulerange"]["privateendport"]), } actual_dict = { "privateport": str(updatefwd_rule.privateport), "privateendport": str(updatefwd_rule.privateendport), } portfwd_status = self.__verify_values( expected_dict, actual_dict ) self.assertEqual( True, portfwd_status, "Updated Port Forward Rule details are not as expected" ) # Deleting Port Forwarding Rule portfwd_rule.delete(self.userapiclient) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_after = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) # Verifying no port forwarding rules are listed self.assertIsNone( list_prtfwdrule_after, "Port Forwarding Rules listed after deletion" ) # Destroying the VM Launched vm_created.delete(self.apiClient) self.cleanup.append(self.account) return
def test_01_host_maintenance_mode(self): """Test host maintenance mode """ # Validate the following # 1. Create Vms. Acquire IP. Create port forwarding & load balancing # rules for Vms. # 2. Host 1: put to maintenance mode. All Vms should failover to Host # 2 in cluster. Vms should be in running state. All port forwarding # rules and load balancing Rules should work. # 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host # 2 should succeed. # 4. Host 1: cancel maintenance mode. # 5. Host 2 : put to maintenance mode. All Vms should failover to # Host 1 in cluster. # 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on # host 1 should succeed. hosts = Host.list(self.apiclient, zoneid=self.zone.id, resourcestate='Enabled', type='Routing') self.assertEqual(isinstance(hosts, list), True, "List hosts should return valid host response") if len(hosts) < 2: self.skipTest("There must be at least 2 hosts present in cluster") self.debug("Checking HA with hosts: %s, %s" % (hosts[0].name, hosts[1].name)) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.assertEqual(vm.state, "Running", "Deployed VM should be in RUnning state") networks = Network.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(networks, list), True, "List networks should return valid list for the account") network = networks[0] self.debug("Associating public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) self.debug("Creating PF rule for IP address: %s" % public_ip.ipaddress.ipaddress) NATRule.create(self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id) self.debug("Creating LB rule on IP with NAT: %s" % public_ip.ipaddress.ipaddress) # Create Load Balancer rule on IP already having NAT rule lb_rule = LoadBalancerRule.create(self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name) self.debug("Created LB rule with ID: %s" % lb_rule.id) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) first_host = vm.hostid self.debug("Enabling maintenance mode for host %s" % vm.hostid) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = first_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) timeout = self.services["timeout"] # Poll and check state of VM while it migrates from one host to another while True: vms = VirtualMachine.list(self.apiclient, id=virtual_machine.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("VM 1 state: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other\ failed while enabling maintenance") second_host = vm.hostid self.assertEqual( vm.state, "Running", "VM should be in Running state after enabling host maintenance") # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance on other host virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine_2.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 2 state: %s" % vm.state) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") self.debug("Canceling host maintenance for ID: %s" % first_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = first_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % first_host) self.debug("Enabling maintenance mode for host %s" % second_host) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = second_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Maintenance mode enabled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other failed\ while enabling maintenance") # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[1] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other\ failed while enabling maintenance") for vm in vms: self.debug( "VM states after enabling maintenance mode on host: %s - %s" % (first_host, vm.state)) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") # Spawn an instance on other host virtual_machine_3 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine_3.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 3 state: %s" % vm.state) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) self.debug("Canceling host maintenance for ID: %s" % second_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = second_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) return
def setUpClass(cls): testClient = super(TestPublicIP, cls).getClsTestClient() cls.apiclient = testClient.getApiClient() cls.services = testClient.getParsedTestDataConfig() # Get Zone, Domain and templates cls.domain = get_domain(cls.apiclient) cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests()) cls.services['mode'] = cls.zone.networktype # Create Accounts & networks cls.account = Account.create( cls.apiclient, cls.services["account"], admin=True, domainid=cls.domain.id ) cls.user = Account.create( cls.apiclient, cls.services["account"], domainid=cls.domain.id ) cls.services["network"]["zoneid"] = cls.zone.id cls.network_offering = NetworkOffering.create( cls.apiclient, cls.services["network_offering"], ) # Enable Network offering cls.network_offering.update(cls.apiclient, state='Enabled') cls.services["network"]["networkoffering"] = cls.network_offering.id cls.account_network = Network.create( cls.apiclient, cls.services["network"], cls.account.name, cls.account.domainid ) cls.user_network = Network.create( cls.apiclient, cls.services["network"], cls.user.name, cls.user.domainid ) # Create Source NAT IP addresses PublicIPAddress.create( cls.apiclient, cls.account.name, cls.zone.id, cls.account.domainid ) PublicIPAddress.create( cls.apiclient, cls.user.name, cls.zone.id, cls.user.domainid ) cls._cleanup = [ cls.account_network, cls.user_network, cls.account, cls.user, cls.network_offering ] return
def test_02_port_fwd_on_non_src_nat(self): """Test for port forwarding on non source NAT""" # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid, self.services["virtual_machine"] ) self.cleanup.append(ip_address) # Check if VM is in Running state before creating NAT rule vm_response = VirtualMachine.list( self.apiclient, id=self.virtual_machine.id ) self.assertEqual( isinstance(vm_response, list), True, "Check list VM returns a valid list" ) self.assertNotEqual( len(vm_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( vm_response[0].state, 'Running', "VM state should be Running before creating a NAT rule." ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=ip_address.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"] ) # Create NAT rule nat_rule = NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ip_address.ipaddress.id ) # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail list_nat_rule_response = list_nat_rules( self.apiclient, id=nat_rule.id ) self.assertEqual( isinstance(list_nat_rule_response, list), True, "Check list response returns a valid list" ) self.assertNotEqual( len(list_nat_rule_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( list_nat_rule_response[0].id, nat_rule.id, "Check Correct Port forwarding Rule is returned" ) try: self.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, ip_address.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client(ip_address.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) nat_rule.delete(self.apiclient) try: list_nat_rule_response = list_nat_rules( self.apiclient, id=nat_rule.id ) except CloudstackAPIException: self.debug("Nat Rule is deleted") # Check if the Public SSH port is inaccessible with self.assertRaises(Exception): self.debug( "SSHing into VM with IP address %s after NAT rule deletion" % self.virtual_machine.ipaddress) SshClient( ip_address.ipaddress.ipaddress, self.virtual_machine.ssh_port, self.virtual_machine.username, self.virtual_machine.password, retries=2, delay=0 ) return
def test_static_nat_on_ip_from_non_src_nat_ip_range(self): """Test for static nat on a IP which is in pubic IP range different from public IP range that has source NAT IP associated with network """ # Validate the following: # 1. Create a new public IP range and dedicate to a account # 2. Acquire a IP from new public range # 3. Enable static NAT on acquired IP from new range # 4. Create a firewall rule to open up the port # 5. Test SSH works to the VM self.services["extrapubliciprange"]["zoneid"] = self.services["zoneid"] self.public_ip_range = PublicIpRange.create( self.apiclient, self.services["extrapubliciprange"] ) self.cleanup.append(self.public_ip_range) logger.debug("Dedicating Public IP range to the account"); dedicate_public_ip_range_response = PublicIpRange.dedicate( self.apiclient, self.public_ip_range.vlan.id, account=self.account.name, domainid=self.account.domainid ) ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid, self.services["virtual_machine"] ) self.cleanup.append(ip_address) # Check if VM is in Running state before creating NAT and firewall rules vm_response = VirtualMachine.list( self.apiclient, id=self.virtual_machine.id ) self.assertEqual( isinstance(vm_response, list), True, "Check list VM returns a valid list" ) self.assertNotEqual( len(vm_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( vm_response[0].state, 'Running', "VM state should be Running before creating a NAT rule." ) # Open up firewall port for SSH fwr = FireWallRule.create( self.apiclient, ipaddressid=ip_address.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"] ) self.cleanup.append(fwr) # Create Static NAT rule StaticNATRule.enable( self.apiclient, ip_address.ipaddress.id, self.virtual_machine.id, self.defaultNetworkId ) try: logger.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, ip_address.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client(ip_address.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) StaticNATRule.disable( self.apiclient, ip_address.ipaddress.id, self.virtual_machine.id )
def test_01_create_delete_portforwarding_fornonvpc(self): """ @summary: Test to list, create and delete Port Forwarding for IP Address associated to Non VPC network @Steps: Step1: Creating a Network for the user Step2: Associating an IP Addresses for Network Step3: Launching Virtual Machine in network created in step 2 Step4: Listing Port Forwarding Rules for the IP Address associated in Step2 Step5: Verifying that no Port Forwarding Rules are listed Step6: Creating a Port Forwarding Rule for IP Address associated in Step2 Step7: Listing Port Forwarding Rules for the IP Address associated in Step2 Step8: Verifying 1 Port Forwarding Rule is listed Step9: Deleting the Port Forwarding Rule created in Step6 Step10: Listing Port Forwarding Rules for the IP Address associated in Step2 Step11: Verifying that no Port Forwarding Rules are listed """ # Listing all the Networks's for a user list_networks_before = Network.list( self.userapiclient, listall=self.services["listall"], type="Isolated" ) # Verifying No Networks are listed self.assertIsNone( list_networks_before, "Networks listed for newly created User" ) # Listing Network Offerings network_offerings_list = NetworkOffering.list( self.apiClient, forvpc="false", guestiptype="Isolated", state="Enabled", supportedservices="SourceNat,PortForwarding", zoneid=self.zone.id ) status = validateList(network_offerings_list) self.assertEquals( PASS, status[0], "Isolated Network Offerings with sourceNat,\ PortForwarding enabled are not found" ) # Creating a network network = Network.create( self.userapiclient, self.services["network"], accountid=self.account.name, domainid=self.domain.id, networkofferingid=network_offerings_list[0].id, zoneid=self.zone.id ) self.assertIsNotNone( network, "Network creation failed" ) # Listing all the IP Addresses for a user list_ipaddresses_before = PublicIPAddress.list( self.userapiclient, listall=self.services["listall"] ) # Verifying no IP Addresses are listed self.assertIsNone( list_ipaddresses_before, "IP Addresses listed for newly created User" ) # Associating an IP Addresses to Network created associated_ipaddress = PublicIPAddress.create( self.userapiclient, services=self.services["network"], networkid=network.id ) self.assertIsNotNone( associated_ipaddress, "Failed to Associate IP Address" ) # Listing all the IP Addresses for a user list_ipaddresses_after = PublicIPAddress.list( self.userapiclient, listall=self.services["listall"] ) status = validateList(list_ipaddresses_after) self.assertEquals( PASS, status[0], "IP Addresses Association Failed" ) # Verifying the length of the list is 1 self.assertEqual( 1, len(list_ipaddresses_after), "Number of IP Addresses associated are not matching expected" ) # Launching a Virtual Machine with above created Network vm_created = VirtualMachine.create( self.userapiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, networkids=network.id, serviceofferingid=self.service_offering.id, ) self.assertIsNotNone( vm_created, "Failed to launch a VM under network created" ) self.cleanup.append(network) # Listing Virtual Machines in running state in above created network list_vms_running = VirtualMachine.list( self.userapiclient, listall=self.services["listall"], state="Running", networkid=network.id ) status = validateList(list_vms_running) self.assertEquals( PASS, status[0], "VM Created is not in Running state" ) # Verifying the length of the list is 1 self.assertEqual( 1, len(list_ipaddresses_after), "VM Created is not in Running state" ) self.assertEquals( vm_created.id, list_vms_running[0].id, "VM Created is not in Running state" ) # Listing Virtual Machines in stopped state in above created network list_vms_stopped = VirtualMachine.list( self.userapiclient, listall=self.services["listall"], state="Stopped", networkid=network.id ) # Verifying no VMs are in stopped state self.assertIsNone( list_vms_stopped, "VM Created is in stopped state" ) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_before = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) # Verifying no port forwarding rules are listed self.assertIsNone( list_prtfwdrule_before, "Port Forwarding Rules listed for newly associated IP Address" ) # Creating a Port Forwarding rule portfwd_rule = NATRule.create( self.userapiclient, virtual_machine=vm_created, services=self.services["natrule"], ipaddressid=associated_ipaddress.ipaddress.id, ) self.assertIsNotNone( portfwd_rule, "Failed to create Port Forwarding Rule" ) # Verifying details of Sticky Policy created # Creating expected and actual values dictionaries expected_dict = { "ipaddressid": associated_ipaddress.ipaddress.id, "privateport": str(self.services["natrule"]["privateport"]), "publicport": str(self.services["natrule"]["publicport"]), "protocol": str(self.services["natrule"]["protocol"]).lower(), } actual_dict = { "ipaddressid": portfwd_rule.ipaddressid, "privateport": str(portfwd_rule.privateport), "publicport": str(portfwd_rule.publicport), "protocol": portfwd_rule.protocol, } portfwd_status = self.__verify_values( expected_dict, actual_dict ) self.assertEqual( True, portfwd_status, "Created Port Forward Rule details are not as expected" ) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_after = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) status = validateList(list_prtfwdrule_after) self.assertEquals( PASS, status[0], "Failed to create Port Forwarding Rule" ) # Verifying the length of the list is 1 self.assertEqual( 1, len(list_prtfwdrule_after), "Failed to create Port Forwarding Rule" ) # Deleting Port Forwarding Rule portfwd_rule.delete(self.userapiclient) # Creating a Port Forwarding rule with port range portfwd_rule = NATRule.create( self.userapiclient, virtual_machine=vm_created, services=self.services["natrulerange"], ipaddressid=associated_ipaddress.ipaddress.id, ) self.assertIsNotNone( portfwd_rule, "Failed to create Port Forwarding Rule" ) #update the private port for port forwarding rule updatefwd_rule = portfwd_rule.update(self.userapiclient, portfwd_rule.id, virtual_machine=vm_created, services=self.services["updatenatrulerange"], ) # Verifying details of Sticky Policy created # Creating expected and actual values dictionaries expected_dict = { "privateport": str(self.services["updatenatrulerange"]["privateport"]), "privateendport": str(self.services["updatenatrulerange"]["privateendport"]), } actual_dict = { "privateport": str(updatefwd_rule.privateport), "privateendport": str(updatefwd_rule.privateendport), } portfwd_status = self.__verify_values( expected_dict, actual_dict ) self.assertEqual( True, portfwd_status, "Updated Port Forward Rule details are not as expected" ) # Deleting Port Forwarding Rule portfwd_rule.delete(self.userapiclient) # Listing Port Forwarding Rules for the IP Address associated list_prtfwdrule_after = NATRule.list( self.userapiclient, listall=self.services["listall"], ipaddressid=associated_ipaddress.ipaddress.id ) # Verifying no port forwarding rules are listed self.assertIsNone( list_prtfwdrule_after, "Port Forwarding Rules listed after deletion" ) # Destroying the VM Launched vm_created.delete(self.apiClient) self.cleanup.append(self.account) return
def test_network_rules_acquired_public_ip(self, value): """Test for Router rules for network rules on acquired public IP""" # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail self.ipaddress = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=self.defaultNetworkId ) self.createNetworkRules(rule=value, ipaddressobj=self.ipaddress, networkid=self.defaultNetworkId) router = Router.list(self.apiclient, networkid=self.virtual_machine.nic[0].networkid, listall=True)[0] response = self.getCommandResultFromRouter(router, "ip addr") logger.debug(response) stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress self.assertTrue(stringToMatch in str(response), "IP address is\ not added to the VR!") try: logger.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, self.ipaddress.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client( self.ipaddress.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) # Validate the following: # 1. listIpForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail self.removeNetworkRules(rule=value) response = self.getCommandResultFromRouter(router, "ip addr") logger.debug(response) stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress self.assertFalse(stringToMatch in str(response), "IP address is\ not removed from VR even after disabling stat in NAT") # Check if the Public SSH port is inaccessible with self.assertRaises(Exception): logger.debug( "SSHing into VM with IP address %s after NAT rule deletion" % self.virtual_machine.ipaddress) SshClient( self.ipaddress.ipaddress.ipaddress, self.virtual_machine.ssh_port, self.virtual_machine.username, self.virtual_machine.password, retries=2, delay=0 ) return
def setup_infra(cls, redundant=False): if len(cls.class_cleanup) > 0: cleanup_resources(cls.api_client, cls.class_cleanup, cls.logger) cls.class_cleanup = [] cls.zone = get_zone(cls.api_client, cls.test_client.getZoneForTests()) cls.logger.debug("Zone '%s' selected" % cls.zone.name) cls.domain = get_domain(cls.api_client) cls.logger.debug("Domain '%s' selected" % cls.domain.name) cls.template = get_template(cls.api_client, cls.zone.id) cls.logger.debug("Template '%s' selected" % cls.template.name) cls.account = Account.create(cls.api_client, cls.attributes['account'], admin=True, domainid=cls.domain.id) cls.class_cleanup += [cls.account] cls.logger.debug("Account '%s' created", cls.account.name) cls.vpc_offering = get_default_redundant_vpc_offering( cls.api_client) if redundant else get_default_vpc_offering( cls.api_client) cls.logger.debug("VPC Offering '%s' selected", cls.vpc_offering.name) cls.network_offering = get_default_network_offering(cls.api_client) cls.logger.debug("Network Offering '%s' selected", cls.network_offering.name) cls.virtual_machine_offering = get_default_virtual_machine_offering( cls.api_client) cls.logger.debug("Virtual Machine Offering '%s' selected", cls.virtual_machine_offering.name) cls.default_allow_acl = get_network_acl(cls.api_client, 'default_allow') cls.logger.debug("ACL '%s' selected", cls.default_allow_acl.name) cls.default_deny_acl = get_network_acl(cls.api_client, 'default_deny') cls.logger.debug("ACL '%s' selected", cls.default_deny_acl.name) cls.vpc1 = VPC.create(cls.api_client, cls.attributes['vpcs']['vpc1'], vpcofferingid=cls.vpc_offering.id, zoneid=cls.zone.id, domainid=cls.domain.id, account=cls.account.name) cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc1.name, cls.vpc1.cidr) cls.network1 = Network.create( cls.api_client, cls.attributes['networks']['network1'], networkofferingid=cls.network_offering.id, aclid=cls.default_allow_acl.id, vpcid=cls.vpc1.id, zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s", cls.network1.name, cls.network1.cidr, cls.network1.gateway) cls.vm1 = VirtualMachine.create( cls.api_client, cls.attributes['vms']['vm1'], templateid=cls.template.id, serviceofferingid=cls.virtual_machine_offering.id, networkids=[cls.network1.id], zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("VM '%s' created, Network: %s, IP %s", cls.vm1.name, cls.network1.name, cls.vm1.nic[0].ipaddress) cls.public_ip1 = PublicIPAddress.create(cls.api_client, zoneid=cls.zone.id, domainid=cls.account.domainid, accountid=cls.account.name, vpcid=cls.vpc1.id, networkid=cls.network1.id) cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s", cls.public_ip1.ipaddress.ipaddress, cls.vpc1.name, cls.network1.name) cls.nat_rule1 = NATRule.create(cls.api_client, cls.vm1, cls.attributes['nat_rule'], vpcid=cls.vpc1.id, networkid=cls.network1.id, ipaddressid=cls.public_ip1.ipaddress.id) cls.logger.debug("Port Forwarding Rule '%s (%s) %s => %s' created", cls.nat_rule1.ipaddress, cls.nat_rule1.protocol, cls.nat_rule1.publicport, cls.nat_rule1.privateport)
def test_01_redundant_vpc_site2site_vpn(self): """Test Site 2 Site VPN Across redundant VPCs""" self.logger.debug("Starting test: test_02_redundant_vpc_site2site_vpn") # 0) Get the default network offering for VPC networkOffering = NetworkOffering.list( self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks") self.assert_(networkOffering is not None and len( networkOffering) > 0, "No VPC based network offering") # Create and enable redundant VPC offering redundant_vpc_offering = self._create_vpc_offering( 'redundant_vpc_offering') self.assert_(redundant_vpc_offering is not None, "Failed to create redundant VPC Offering") redundant_vpc_offering.update(self.apiclient, state='Enabled') # Create VPC 1 vpc1 = None try: vpc1 = VPC.create( apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc1.vpn", vpcofferingid=redundant_vpc_offering.id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id ) except Exception as e: self.fail(e) finally: self.assert_(vpc1 is not None, "VPC1 creation failed") self.logger.debug("VPC1 %s created" % vpc1.id) # Create VPC 2 vpc2 = None try: vpc2 = VPC.create( apiclient=self.apiclient, services=self.services["vpc2"], networkDomain="vpc2.vpn", vpcofferingid=redundant_vpc_offering.id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid ) except Exception as e: self.fail(e) finally: self.assert_(vpc2 is not None, "VPC2 creation failed") self.logger.debug("VPC2 %s created" % vpc2.id) default_acl = NetworkACLList.list( self.apiclient, name="default_allow")[0] # Create network in VPC 1 ntwk1 = None try: ntwk1 = Network.create( apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc1.id, aclid=default_acl.id ) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk1, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id)) # Create network in VPC 2 ntwk2 = None try: ntwk2 = Network.create( apiclient=self.apiclient, services=self.services["network_2"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc2.id, aclid=default_acl.id ) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk2, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id)) # Deploy a vm in network 2 vm1 = None try: vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=ntwk1.id, hypervisor=self.hypervisor ) except Exception as e: self.fail(e) finally: self.assert_(vm1 is not None, "VM failed to deploy") self.assert_(vm1.state == 'Running', "VM is not running") self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id)) # Deploy a vm in network 2 vm2 = None try: vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=ntwk2.id, hypervisor=self.hypervisor ) except Exception as e: self.fail(e) finally: self.assert_(vm2 is not None, "VM failed to deploy") self.assert_(vm2.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id)) # 4) Enable Site-to-Site VPN for VPC vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id) self.assert_( vpn1_response is not None, "Failed to enable VPN Gateway 1") self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id) vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id) self.assert_( vpn2_response is not None, "Failed to enable VPN Gateway 2") self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id) # 5) Add VPN Customer gateway info src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc1.id ) ip1 = src_nat_list[0] src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc2.id ) ip2 = src_nat_list[0] services = self.services["vpncustomergateway"] customer1_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) self.logger.debug(vars(customer1_response)) customer2_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) self.logger.debug(vars(customer2_response)) # 6) Connect two VPCs vpnconn1_response = Vpn.createVpnConnection( self.apiclient, customer1_response.id, vpn2_response['id'], True) self.debug("VPN passive connection created for VPC %s" % vpc2.id) vpnconn2_response = Vpn.createVpnConnection( self.apiclient, customer2_response.id, vpn1_response['id']) self.debug("VPN connection created for VPC %s" % vpc1.id) self.assertEqual( vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!") # acquire an extra ip address to use to ssh into vm2 try: vm2.public_ip = PublicIPAddress.create( apiclient=self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, services=self.services, networkid=ntwk2.id, vpcid=vpc2.id) except Exception as e: self.fail(e) finally: self.assert_( vm2.public_ip is not None, "Failed to aqcuire public ip for vm2") # Create port forward to be able to ssh into vm2 natrule = None try: natrule = self._create_natrule( vpc2, vm2, 22, 22, vm2.public_ip, ntwk2) except Exception as e: self.fail(e) finally: self.assert_( natrule is not None, "Failed to create portforward for vm2") time.sleep(20) # setup ssh connection to vm2 ssh_client = self._get_ssh_client(vm2, self.services, 10) if ssh_client: # run ping test packet_loss = ssh_client.execute( "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0] self.assert_(int(packet_loss) == 0, "Ping did not succeed") else: self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
def test_01_host_maintenance_mode(self): """Test host maintenance mode """ # Validate the following # 1. Create Vms. Acquire IP. Create port forwarding & load balancing # rules for Vms. # 2. Host 1: put to maintenance mode. All Vms should failover to Host # 2 in cluster. Vms should be in running state. All port forwarding # rules and load balancing Rules should work. # 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host # 2 should succeed. # 4. Host 1: cancel maintenance mode. # 5. Host 2 : put to maintenance mode. All Vms should failover to # Host 1 in cluster. # 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on # host 1 should succeed. hosts = Host.list( self.apiclient, zoneid=self.zone.id, resourcestate='Enabled', type='Routing' ) self.assertEqual( isinstance(hosts, list), True, "List hosts should return valid host response" ) if len(hosts) < 2: self.skipTest("There must be at least 2 hosts present in cluster") self.debug("Checking HA with hosts: %s, %s" % ( hosts[0].name, hosts[1].name )) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) vms = VirtualMachine.list( self.apiclient, id=virtual_machine.id, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.assertEqual( vm.state, "Running", "Deployed VM should be in RUnning state" ) networks = Network.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True ) self.assertEqual( isinstance(networks, list), True, "List networks should return valid list for the account" ) network = networks[0] self.debug("Associating public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id ) self.debug("Associated %s with network %s" % ( public_ip.ipaddress.ipaddress, network.id )) self.debug("Creating PF rule for IP address: %s" % public_ip.ipaddress.ipaddress) NATRule.create( self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id ) self.debug("Creating LB rule on IP with NAT: %s" % public_ip.ipaddress.ipaddress) # Create Load Balancer rule on IP already having NAT rule lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name ) self.debug("Created LB rule with ID: %s" % lb_rule.id) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e) ) first_host = vm.hostid self.debug("Enabling maintenance mode for host %s" % vm.hostid) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = first_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) timeout = self.services["timeout"] # Poll and check state of VM while it migrates from one host to another while True: vms = VirtualMachine.list( self.apiclient, id=virtual_machine.id, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug("VM 1 state: %s" % vm.state) if vm.state in ["Stopping", "Stopped", "Running", "Starting", "Migrating"]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail( "VM migration from one-host-to-other\ failed while enabling maintenance" ) second_host = vm.hostid self.assertEqual( vm.state, "Running", "VM should be in Running state after enabling host maintenance" ) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e) ) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance on other host virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) vms = VirtualMachine.list( self.apiclient, id=virtual_machine_2.id, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 2 state: %s" % vm.state) self.assertEqual( vm.state, "Running", "Deployed VM should be in Running state" ) self.debug("Canceling host maintenance for ID: %s" % first_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = first_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % first_host) self.debug("Enabling maintenance mode for host %s" % second_host) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = second_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Maintenance mode enabled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail( "VM migration from one-host-to-other failed\ while enabling maintenance" ) # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[1] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail( "VM migration from one-host-to-other\ failed while enabling maintenance" ) for vm in vms: self.debug( "VM states after enabling maintenance mode on host: %s - %s" % (first_host, vm.state)) self.assertEqual( vm.state, "Running", "Deployed VM should be in Running state" ) # Spawn an instance on other host virtual_machine_3 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) vms = VirtualMachine.list( self.apiclient, id=virtual_machine_3.id, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 3 state: %s" % vm.state) self.assertEqual( vm.state, "Running", "Deployed VM should be in Running state" ) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e) ) self.debug("Canceling host maintenance for ID: %s" % second_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = second_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) return
def create_vm(self, pfrule=False, egress_policy=True, RR=False): self.create_network_offering(egress_policy, RR) # Creating network using the network offering created self.debug("Creating network with network offering: %s" % self.network_offering.id) self.network = Network.create( self.apiclient, self.services["network"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id) self.cleanup_networks.append(self.network) self.debug("Created network with ID: %s" % self.network.id) self.debug("Deploying instance in the account: %s" % self.account.name) project = None try: self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.domain.id, serviceofferingid=self.service_offering.id, mode=self.zone.networktype if pfrule else 'basic', networkids=[str(self.network.id)], projectid=project.id if project else None) self.cleanup_vms.append(self.virtual_machine) except Exception as e: self.fail("Virtual machine deployment failed with exception: %s" % e) self.debug("Deployed instance %s in account: %s" % (self.virtual_machine.id, self.account.name)) # Checking if VM is running or not, in case it is deployed in error state, test case fails self.vm_list = list_virtual_machines(self.apiclient, id=self.virtual_machine.id) self.assertEqual( validateList(self.vm_list)[0], PASS, "vm list validation failed, vm list is %s" % self.vm_list) self.assertEqual( str(self.vm_list[0].state).lower(), 'running', "VM state should be running, it is %s" % self.vm_list[0].state) self.public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=self.network.id) # Open up firewall port for SSH FireWallRule.create(self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"]) self.debug("Creating NAT rule for VM ID: %s" % self.virtual_machine.id) #Create NAT rule NATRule.create(self.apiclient, self.virtual_machine, self.services["natrule"], self.public_ip.ipaddress.id) return
def test_02_host_maintenance_mode_with_activities(self): """Test host maintenance mode with activities """ # Validate the following # 1. Create Vms. Acquire IP. Create port forwarding & load balancing # rules for Vms. # 2. While activities are ongoing: Create snapshots, recurring # snapshots, create templates, download volumes, Host 1: put to # maintenance mode. All Vms should failover to Host 2 in cluster # Vms should be in running state. All port forwarding rules and # load balancing Rules should work. # 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host # 2 should succeed. All ongoing activities in step 3 should succeed # 4. Host 1: cancel maintenance mode. # 5. While activities are ongoing: Create snapshots, recurring # snapshots, create templates, download volumes, Host 2: put to # maintenance mode. All Vms should failover to Host 1 in cluster. # 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on # host 1 should succeed. All ongoing activities in step 6 should # succeed. hosts = Host.list( self.apiclient, zoneid=self.zone.id, resourcestate='Enabled', type='Routing' ) self.assertEqual( isinstance(hosts, list), True, "List hosts should return valid host response" ) if len(hosts) < 2: self.skipTest("There must be at least 2 hosts present in cluster") self.debug("Checking HA with hosts: %s, %s" % ( hosts[0].name, hosts[1].name )) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) vms = VirtualMachine.list( self.apiclient, id=virtual_machine.id, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.assertEqual( vm.state, "Running", "Deployed VM should be in RUnning state" ) networks = Network.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True ) self.assertEqual( isinstance(networks, list), True, "List networks should return valid list for the account" ) network = networks[0] self.debug("Associating public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id ) self.debug("Associated %s with network %s" % ( public_ip.ipaddress.ipaddress, network.id )) self.debug("Creating PF rule for IP address: %s" % public_ip.ipaddress.ipaddress) NATRule.create( self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id ) self.debug("Creating LB rule on IP with NAT: %s" % public_ip.ipaddress.ipaddress) # Create Load Balancer rule on IP already having NAT rule lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name ) self.debug("Created LB rule with ID: %s" % lb_rule.id) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e) ) # Get the Root disk of VM volumes = list_volumes( self.apiclient, virtualmachineid=virtual_machine.id, type='ROOT', listall=True ) volume = volumes[0] self.debug( "Root volume of VM(%s): %s" % ( virtual_machine.name, volume.name )) # Create a snapshot from the ROOTDISK self.debug("Creating snapshot on ROOT volume: %s" % volume.name) snapshot = Snapshot.create(self.apiclient, volumes[0].id) self.debug("Snapshot created: ID - %s" % snapshot.id) snapshots = list_snapshots( self.apiclient, id=snapshot.id, listall=True ) self.assertEqual( isinstance(snapshots, list), True, "Check list response returns a valid list" ) self.assertNotEqual( snapshots, None, "Check if result exists in list snapshots call" ) self.assertEqual( snapshots[0].id, snapshot.id, "Check snapshot id in list resources call" ) # Generate template from the snapshot self.debug("Generating template from snapshot: %s" % snapshot.name) template = Template.create_from_snapshot( self.apiclient, snapshot, self.services["templates"] ) self.debug("Created template from snapshot: %s" % template.id) templates = list_templates( self.apiclient, templatefilter=self.services["templates"]["templatefilter"], id=template.id ) self.assertEqual( isinstance(templates, list), True, "List template call should return the newly created template" ) self.assertEqual( templates[0].isready, True, "The newly created template should be in ready state" ) first_host = vm.hostid self.debug("Enabling maintenance mode for host %s" % vm.hostid) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = first_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) timeout = self.services["timeout"] # Poll and check state of VM while it migrates from one host to another while True: vms = VirtualMachine.list( self.apiclient, id=virtual_machine.id, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug("VM 1 state: %s" % vm.state) if vm.state in ["Stopping", "Stopped", "Running", "Starting", "Migrating"]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail( "VM migration from one-host-to-other failed\ while enabling maintenance" ) second_host = vm.hostid self.assertEqual( vm.state, "Running", "VM should be in Running state after enabling host maintenance" ) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e) ) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance on other host virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) vms = VirtualMachine.list( self.apiclient, id=virtual_machine_2.id, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 2 state: %s" % vm.state) self.assertEqual( vm.state, "Running", "Deployed VM should be in Running state" ) self.debug("Canceling host maintenance for ID: %s" % first_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = first_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % first_host) # Get the Root disk of VM volumes = list_volumes( self.apiclient, virtualmachineid=virtual_machine_2.id, type='ROOT', listall=True ) volume = volumes[0] self.debug( "Root volume of VM(%s): %s" % ( virtual_machine_2.name, volume.name )) # Create a snapshot from the ROOTDISK self.debug("Creating snapshot on ROOT volume: %s" % volume.name) snapshot = Snapshot.create(self.apiclient, volumes[0].id) self.debug("Snapshot created: ID - %s" % snapshot.id) snapshots = list_snapshots( self.apiclient, id=snapshot.id, listall=True ) self.assertEqual( isinstance(snapshots, list), True, "Check list response returns a valid list" ) self.assertNotEqual( snapshots, None, "Check if result exists in list snapshots call" ) self.assertEqual( snapshots[0].id, snapshot.id, "Check snapshot id in list resources call" ) # Generate template from the snapshot self.debug("Generating template from snapshot: %s" % snapshot.name) template = Template.create_from_snapshot( self.apiclient, snapshot, self.services["templates"] ) self.debug("Created template from snapshot: %s" % template.id) templates = list_templates( self.apiclient, templatefilter=self.services["templates"]["templatefilter"], id=template.id ) self.assertEqual( isinstance(templates, list), True, "List template call should return the newly created template" ) self.assertEqual( templates[0].isready, True, "The newly created template should be in ready state" ) self.debug("Enabling maintenance mode for host %s" % second_host) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = second_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Maintenance mode enabled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in ["Stopping", "Stopped", "Running", "Starting", "Migrating"]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail( "VM migration from one-host-to-other failed\ while enabling maintenance" ) # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[1] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in ["Stopping", "Stopped", "Running", "Starting", "Migrating"]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail( "VM migration from one-host-to-other failed\ while enabling maintenance" ) for vm in vms: self.debug( "VM states after enabling maintenance mode on host: %s - %s" % (first_host, vm.state)) self.assertEqual( vm.state, "Running", "Deployed VM should be in Running state" ) # Spawn an instance on other host virtual_machine_3 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) vms = VirtualMachine.list( self.apiclient, id=virtual_machine_3.id, listall=True ) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM" ) self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM" ) vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 3 state: %s" % vm.state) self.assertEqual( vm.state, "Running", "Deployed VM should be in Running state" ) self.debug("Canceling host maintenance for ID: %s" % second_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = second_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) return
def test_01_acquire_public_ips_in_isolated_network_with_single_vr(self): """ Acquire IPs in multiple subnets in isolated networks with single VR # Steps # 1. Create network offering with single VR, and enable it # 2. create isolated network with the network offering # 3. create a vm in the network. # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP # 4. get a free public ip, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP and new ip # 5. remove the port forwarding rule, and release the new ip # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic IP, eth2 -> source nat IP # 6. create new public ip range 1 # 7. get a free ip 4 in new ip range 2, assign to network, and enable static nat to vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1 # 8. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, # 9. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, new ip 3 # 10. release new ip 2 # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 3 # 11. release new ip 1 # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3 # 12. create new public ip range 2 # 13. get a free ip 4 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4 # 14. get a free ip 5 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5 # 15. get a free ip 6 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5/6 # 16. release new ip 5 # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/6 # 17. release new ip 4 # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 6 # 18. release new ip 3 # verify the available nics in VR should be "eth0,eth1,eth2,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6 # 19. restart network # verify the available nics in VR should be "eth0,eth1,eth2,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6 # 20. reboot router # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 # 21. restart network with cleanup # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 # 22. restart network with cleanup, makeredundant=true # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 """ # Create new domain1 self.domain1 = Domain.create(self.apiclient, services=self.services["acl"]["domain1"], parentdomainid=self.domain.id) # Create account1 self.account1 = Account.create(self.apiclient, self.services["acl"]["accountD1"], domainid=self.domain1.id) self.cleanup.append(self.account1) self.cleanup.append(self.domain1) # 1. Create network offering with single VR, and enable it self.network_offering = NetworkOffering.create( self.apiclient, self.services["isolated_network_offering"], ) self.network_offering.update(self.apiclient, state='Enabled') self.cleanup.append(self.network_offering) # 2. create isolated network with the network offering self.services["network"]["zoneid"] = self.zone.id self.services["network"]["networkoffering"] = self.network_offering.id self.network1 = Network.create(self.apiclient, self.services["network"], self.account1.name, self.account1.domainid) # 3. create a vm in the network. try: self.virtual_machine1 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account1.name, domainid=self.account1.domainid, serviceofferingid=self.service_offering.id, templateid=self.template.id, zoneid=self.zone.id, networkids=self.network1.id) except Exception as e: self.fail("Exception while deploying virtual machine: %s" % e) # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_router_publicnic_state(router, host, "eth2") # 4. get a free public ip, assign to network, and create port forwarding rules (ssh) to the vm ipaddress = PublicIPAddress.create( self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress.ipaddress.id, openfirewall=True) # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP/new ip routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress.ipaddress.ipaddress, "eth2", True) self.verify_router_publicnic_state(router, host, "eth2") # 5. release the new ip ipaddress.delete(self.apiclient) # verify the available nics in VR should be "eth0,eth1,eth2" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress.ipaddress.ipaddress, "eth2", False) self.verify_router_publicnic_state(router, host, "eth2") # 6. create new public ip range 1 self.services["publiciprange"]["zoneid"] = self.zone.id self.services["publiciprange"]["forvirtualnetwork"] = "true" random_subnet_number = random.randrange(10, 50) self.services["publiciprange"]["vlan"] = get_free_vlan( self.apiclient, self.zone.id)[1] self.services["publiciprange"]["gateway"] = "172.16." + str( random_subnet_number) + ".1" self.services["publiciprange"]["startip"] = "172.16." + str( random_subnet_number) + ".2" self.services["publiciprange"]["endip"] = "172.16." + str( random_subnet_number) + ".10" self.services["publiciprange"]["netmask"] = "255.255.255.0" self.public_ip_range1 = PublicIpRange.create( self.apiclient, self.services["publiciprange"]) self.cleanup.append(self.public_ip_range1) # 7. get a free ip 4 in new ip range 2, assign to network, and enable static nat to vm ip_address_1 = self.get_free_ipaddress(self.public_ip_range1.vlan.id) ipaddress_1 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_1) StaticNATRule.enable(self.apiclient, virtualmachineid=self.virtual_machine1.id, ipaddressid=ipaddress_1.ipaddress.id, networkid=self.network1.id) # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1 routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 8. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, ip_address_2 = self.get_free_ipaddress(self.public_ip_range1.vlan.id) ipaddress_2 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_2) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress_2.ipaddress.id, openfirewall=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_2.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 9. get a free ip in new ip range, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 2, new ip 3 ip_address_3 = self.get_free_ipaddress(self.public_ip_range1.vlan.id) ipaddress_3 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_3) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress_3.ipaddress.id, openfirewall=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_2.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 10. release new ip 2 # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 1, new ip 3 ipaddress_2.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_2.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 11. release new ip 1 # verify the available nics in VR should be "eth0,eth1,eth2,eth3" # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3 ipaddress_1.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_1.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_2.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 12. create new public ip range 2 self.services["publiciprange"]["zoneid"] = self.zone.id self.services["publiciprange"]["forvirtualnetwork"] = "true" self.services["publiciprange"]["vlan"] = get_free_vlan( self.apiclient, self.zone.id)[1] self.services["publiciprange"]["gateway"] = "172.16." + str( random_subnet_number + 1) + ".1" self.services["publiciprange"]["startip"] = "172.16." + str( random_subnet_number + 1) + ".2" self.services["publiciprange"]["endip"] = "172.16." + str( random_subnet_number + 1) + ".10" self.services["publiciprange"]["netmask"] = "255.255.255.0" self.public_ip_range2 = PublicIpRange.create( self.apiclient, self.services["publiciprange"]) self.cleanup.append(self.public_ip_range2) # 13. get a free ip 4 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4 ip_address_4 = self.get_free_ipaddress(self.public_ip_range2.vlan.id) ipaddress_4 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_4) StaticNATRule.enable(self.apiclient, virtualmachineid=self.virtual_machine1.id, ipaddressid=ipaddress_4.ipaddress.id, networkid=self.network1.id) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 14. get a free ip 5 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5 ip_address_5 = self.get_free_ipaddress(self.public_ip_range2.vlan.id) ipaddress_5 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_5) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress_5.ipaddress.id, openfirewall=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", True) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 15. get a free ip 6 in new ip range 2, assign to network, and create port forwarding rules (ssh) to the vm # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/5/6 ip_address_6 = self.get_free_ipaddress(self.public_ip_range2.vlan.id) ipaddress_6 = PublicIPAddress.create(self.apiclient, zoneid=self.zone.id, networkid=self.network1.id, ipaddress=ip_address_6) nat_rule = NATRule.create(self.apiclient, self.virtual_machine1, self.services["natrule"], ipaddressid=ipaddress_6.ipaddress.id, openfirewall=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", True) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", True) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 16. release new ip 5 # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 4/6 ipaddress_5.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", True) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 17. release new ip 4 # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 3, eth4 -> new ip 6 ipaddress_4.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router( router, host, "eth0,eth1,eth2,eth3,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_3.ipaddress.ipaddress, "eth3", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth3|eth4") # 18. release new ip 3 # verify the available nics in VR should be "eth0,eth1,eth2,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6 ipaddress_3.delete(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth4") # 19. restart network # verify the available nics in VR should be "eth0,eth1,eth2,eth4," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth4 -> new ip 6 self.network1.restart(self.apiclient) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth4,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth4", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth4", True) self.verify_router_publicnic_state(router, host, "eth2|eth4") # 20. reboot router # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 if len(routers) > 0: router = routers[0] cmd = rebootRouter.rebootRouterCmd() cmd.id = router.id self.apiclient.rebootRouter(cmd) router = self.get_router(router.id) host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3") # 21. restart network with cleanup # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 self.network1.restart(self.apiclient, cleanup=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth3", True) # 22. restart network with cleanup, makeredundant=true # verify the available nics in VR should be "eth0,eth1,eth2,eth3," # verify the IPs in VR. eth0 -> guest nic, eth2 -> source nat IP, eth3 -> new ip 6 self.network1.restart(self.apiclient, cleanup=True, makeredundant=True) routers = self.get_routers(self.network1.id) for router in routers: host = self.get_router_host(router) self.verify_network_interfaces_in_router(router, host, "eth0,eth1,eth2,eth3,") guestIp, controlIp, sourcenatIp = self.get_router_ips(router) self.verify_ip_address_in_router(router, host, guestIp, "eth0", True) self.verify_ip_address_in_router(router, host, controlIp, "eth1", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth2", True) self.verify_ip_address_in_router(router, host, ipaddress_4.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_5.ipaddress.ipaddress, "eth3", False) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth3", True) self.verify_router_publicnic_state(router, host, "eth2|eth3")
def setUpClass(cls): cls.logger = MarvinLog(MarvinLog.LOGGER_TEST).get_logger() testClient = super(TestLoadBalance, cls).getClsTestClient() cls.apiclient = testClient.getApiClient() cls.services = testClient.getParsedTestDataConfig() # Get Zone, Domain and templates cls.domain = get_domain(cls.apiclient) cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests()) cls.template = get_template( cls.apiclient, cls.zone.id ) if cls.template == FAILED: assert False, "get_template() failed to return template with description %s" % cls.services["ostype"] cls.services["virtual_machine"]["zoneid"] = cls.zone.id # Create an account, network, VM and IP addresses cls.account = Account.create( cls.apiclient, cls.services["account"], admin=True, domainid=cls.domain.id ) cls.service_offering = get_default_virtual_machine_offering(cls.apiclient) cls.network_offering = get_default_network_offering(cls.apiclient) cls.logger.debug("Network Offering '%s' selected", cls.network_offering.name) cls.vpc_offering = get_default_vpc_offering(cls.apiclient) cls.logger.debug("VPC Offering '%s' selected", cls.vpc_offering.name) cls.vpc1 = VPC.create(cls.apiclient, cls.services['vpcs']['vpc1'], vpcofferingid=cls.vpc_offering.id, zoneid=cls.zone.id, domainid=cls.domain.id, account=cls.account.name) cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc1.name, cls.vpc1.cidr) cls.default_allow_acl = get_network_acl(cls.apiclient, 'default_allow') cls.logger.debug("ACL '%s' selected", cls.default_allow_acl.name) cls.network1 = Network.create(cls.apiclient, cls.services['networks']['network1'], networkofferingid=cls.network_offering.id, aclid=cls.default_allow_acl.id, vpcid=cls.vpc1.id, zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s", cls.network1.name, cls.network1.cidr, cls.network1.gateway) cls.vm_1 = VirtualMachine.create( cls.apiclient, cls.services["virtual_machine"], templateid=cls.template.id, accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[cls.network1.id] ) cls.vm_2 = VirtualMachine.create( cls.apiclient, cls.services["virtual_machine"], templateid=cls.template.id, accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[cls.network1.id] ) cls.vm_3 = VirtualMachine.create( cls.apiclient, cls.services["virtual_machine"], templateid=cls.template.id, accountid=cls.account.name, domainid=cls.account.domainid, serviceofferingid=cls.service_offering.id, networkids=[cls.network1.id] ) cls.non_src_nat_ip = PublicIPAddress.create(cls.apiclient, zoneid=cls.zone.id, domainid=cls.account.domainid, accountid=cls.account.name, vpcid=cls.vpc1.id, networkid=cls.network1.id) cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s", cls.non_src_nat_ip.ipaddress.ipaddress, cls.vpc1.name, cls.network1.name) command = replaceNetworkACLList.replaceNetworkACLListCmd() command.aclid = cls.default_allow_acl.id command.publicipid = cls.non_src_nat_ip.ipaddress.id cls.apiclient.replaceNetworkACLList(command) cls._cleanup = [ cls.account ]
def test_03_deploy_vms_in_vpc_with_regionlevelvpc(self): """Test deploy virtual machines in VPC networks""" # 1. Create VPC Offering by specifying all supported Services # (Vpn,dhcpdns,UserData, SourceNat,Static NAT and PF,LB,NetworkAcl) # 2. Create a VPC using the above VPC offering # 3. Create a network as part of this VPC. # 4. Deploy few Vms. # 5. Create a LB rule for this VM. # 6. Create a PF rule for this VM. # 7. Create a Static Nat rule for this VM. # 8. Create Ingress rules on the network to open the above created # LB PF and Static Nat rule # 9. Create Egress Network ACL for this network to access google.com. # 10. Enable VPN services if not self.isOvsPluginEnabled: self.skipTest("OVS plugin should be enabled to run this test case") self.debug("Creating a VPC offering..") vpc_off = VpcOffering.create( self.apiclient, self.services["vpc_offering"] ) vpc_off.update(self.apiclient, state='Enabled') self.debug("creating a VPC network in the account: %s" % self.account.name) vpc = VPC.create( self.apiclient, self.services["vpc"], vpcofferingid=vpc_off.id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid, networkDomain=self.account.domainid ) self.validate_vpc_network(vpc) self.network_offering = NetworkOffering.create( self.apiclient, self.services["network_offering"], conservemode=False ) # Enable Network offering self.network_offering.update(self.apiclient, state='Enabled') gateway = vpc.cidr.split('/')[0] # Split the cidr to retrieve gateway # for eg. cidr = 10.0.0.1/24 # Gateway = 10.0.0.1 # Creating network using the network offering created self.debug("Creating network with network offering: %s" % self.network_offering.id) network = Network.create( self.apiclient, self.services["network"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, gateway=gateway, vpcid=vpc.id ) self.debug("Created network with ID: %s" % network.id) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=[str(network.id)] ) self.debug("Deployed VM in network: %s" % network.id) self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id ) self.debug("Associated %s with network %s" % ( public_ip.ipaddress.ipaddress, network.id )) self.debug("Creating LB rule for IP address: %s" % public_ip.ipaddress.ipaddress) LoadBalancerRule.create( self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name, networkid=network.id, vpcid=vpc.id, domainid=self.account.domainid ) self.debug("Associating public IP for network: %s" % vpc.name) public_ip_2 = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id ) self.debug("Associated %s with network %s" % ( public_ip_2.ipaddress.ipaddress, network.id )) NATRule.create( self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip_2.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=vpc.id ) self.debug("Adding NetwrokACl rules to make PF and LB accessible") NetworkACL.create( self.apiclient, networkid=network.id, services=self.services["natrule"], traffictype='Ingress' ) NetworkACL.create( self.apiclient, networkid=network.id, services=self.services["lbrule"], traffictype='Ingress' ) self.debug("Checking if we can SSH into VM?") try: virtual_machine.get_ssh_client( ipaddress=public_ip_2.ipaddress.ipaddress, ) self.debug("SSH into VM is successfully") except Exception as e: self.fail("Failed to SSH into VM - %s, %s" % (public_ip_2.ipaddress.ipaddress, e)) self.debug("Associating public IP for network: %s" % network.name) public_ip_3 = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id ) self.debug("Associated %s with network %s" % ( public_ip_3.ipaddress.ipaddress, network.id )) self.debug("Enabling static NAT for IP: %s" % public_ip_3.ipaddress.ipaddress) try: StaticNATRule.enable( self.apiclient, ipaddressid=public_ip_3.ipaddress.id, virtualmachineid=virtual_machine.id, networkid=network.id ) self.debug("Static NAT enabled for IP: %s" % public_ip_3.ipaddress.ipaddress) except Exception as e: self.fail("Failed to enable static NAT on IP: %s - %s" % ( public_ip_3.ipaddress.ipaddress, e)) public_ips = PublicIPAddress.list( self.apiclient, networkid=network.id, listall=True, isstaticnat=True, account=self.account.name, domainid=self.account.domainid ) self.assertEqual( isinstance(public_ips, list), True, "List public Ip for network should list the Ip addr" ) self.assertEqual( public_ips[0].ipaddress, public_ip_3.ipaddress.ipaddress, "List public Ip for network should list the Ip addr" ) # TODO: Remote Access VPN is not yet supported in VPC return
def test_01_positive_tests_vm_operations_advanced_zone(self, value): """ Positive tests for VMLC test path - Advanced Zone # 1. List created service offering in setUpClass by name # 2. List registered template with name # 3. Create VM in account # 4. Enable networking for reaching to VM thorugh SSH # 5. Check VM accessibility through SSH # 6. Stop vm and verify vm is not accessible # 7. Start vm and verify vm is not accessible # 8. Reboot vm and verify vm is not accessible # 9. Destroy and recover VM # 10. Change service offering of VM to a different service offering # 11. Verify that the cpuspeed, cpunumber and memory of VM matches to # as specified in new service offering # 12. Start VM and verify VM accessibility # 13. Find suitable host for VM to migrate and migrate the VM # 14. Verify VM accessibility on new host """ # List created service offering in setUpClass by name listServiceOfferings = ServiceOffering.list( self.apiclient, name=self.service_offering_1.name, listall=True ) self.assertEqual(validateList(listServiceOfferings)[0], PASS, "List validation failed for service offerings list") self.assertEqual(listServiceOfferings[0].name, self.service_offering_1.name, "Names of created service offering\ and listed service offering not matching") # List registered template with name listTemplates = Template.list( self.userapiclient, templatefilter="self", name=self.template.name, listall=True, zone=self.zone.id) self.assertEqual(validateList(listTemplates)[0], PASS, "List validation failed for templates list") self.assertEqual(listTemplates[0].name, self.template.name, "Names of created template and listed template\ not matching") network = CreateNetwork(self, value) # Create VM in account self.virtual_machine = VirtualMachine.create( self.userapiclient, self.testdata["small"], templateid=self.template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering_1.id, networkids=[network.id, ], zoneid=self.zone.id ) self.cleanup.append(self.virtual_machine) publicip = PublicIPAddress.create( self.userapiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpcid ) if value == VPC_NETWORK: lb_rule = LoadBalancerRule.create( self.apiclient, self.testdata["vpclbrule"], ipaddressid=publicip.ipaddress.id, accountid=self.account.name, domainid=self.account.domainid, networkid=network.id, vpcid=self.vpcid ) lb_rule.assign(self.apiclient, [self.virtual_machine]) # Opening up the ports in VPC NetworkACL.create( self.apiclient, networkid=network.id, services=self.testdata["natrule"], traffictype='Ingress' ) elif value == ISOLATED_NETWORK: FireWallRule.create( self.userapiclient, ipaddressid=publicip.ipaddress.id, protocol='TCP', cidrlist=[self.testdata["fwrule"]["cidr"]], startport=self.testdata["fwrule"]["startport"], endport=self.testdata["fwrule"]["endport"] ) NATRule.create( self.userapiclient, self.virtual_machine, self.testdata["natrule"], ipaddressid=publicip.ipaddress.id, networkid=network.id ) # Check VM accessibility try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Stop VM and verify VM is not accessible self.virtual_machine.stop(self.userapiclient) with self.assertRaises(Exception): SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password, retries=0) # Start VM and verify that it is accessible self.virtual_machine.start(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Reboot VM and verify that it is accessible self.virtual_machine.reboot(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) # Destroy and recover VM self.virtual_machine.delete(self.apiclient, expunge=False) self.virtual_machine.recover(self.apiclient) # Change service offering of VM and verify that it is changed self.virtual_machine.change_service_offering( self.userapiclient, serviceOfferingId=self.service_offering_2.id ) VerifyChangeInServiceOffering(self, self.virtual_machine, self.service_offering_2) # Start VM and verify that it is accessible self.virtual_machine.start(self.userapiclient) try: SshClient(host=publicip.ipaddress.ipaddress, port=22, user=self.virtual_machine.username, passwd=self.virtual_machine.password) except Exception as e: self.fail("Exception while SSHing to VM: %s" % e) return
def setup_infra(cls, redundant=False): if len(cls.class_cleanup) > 0: cleanup_resources(cls.api_client, cls.class_cleanup, cls.logger) cls.class_cleanup = [] cls.zone = get_zone(cls.api_client, cls.test_client.getZoneForTests()) cls.logger.debug("Zone '%s' selected" % cls.zone.name) cls.domain = get_domain(cls.api_client) cls.logger.debug("Domain '%s' selected" % cls.domain.name) cls.template = get_template( cls.api_client, cls.zone.id) cls.logger.debug("Template '%s' selected" % cls.template.name) cls.account = Account.create( cls.api_client, cls.attributes['account'], admin=True, domainid=cls.domain.id) cls.class_cleanup += [cls.account] cls.logger.debug("Account '%s' created", cls.account.name) cls.vpc_offering = get_default_redundant_vpc_offering(cls.api_client) if redundant else get_default_vpc_offering(cls.api_client) cls.logger.debug("VPC Offering '%s' selected", cls.vpc_offering.name) cls.network_offering = get_default_network_offering(cls.api_client) cls.logger.debug("Network Offering '%s' selected", cls.network_offering.name) cls.virtual_machine_offering = get_default_virtual_machine_offering(cls.api_client) cls.logger.debug("Virtual Machine Offering '%s' selected", cls.virtual_machine_offering.name) cls.private_network_offering = get_default_private_network_offering(cls.api_client) cls.logger.debug("Private Network Offering '%s' selected", cls.private_network_offering.name) cls.default_allow_acl = get_network_acl(cls.api_client, 'default_allow') cls.logger.debug("ACL '%s' selected", cls.default_allow_acl.name) cls.vpc1 = VPC.create(cls.api_client, cls.attributes['vpcs']['vpc1'], vpcofferingid=cls.vpc_offering.id, zoneid=cls.zone.id, domainid=cls.domain.id, account=cls.account.name) cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc1.name, cls.vpc1.cidr) cls.network1 = Network.create(cls.api_client, cls.attributes['networks']['network1'], networkofferingid=cls.network_offering.id, aclid=cls.default_allow_acl.id, vpcid=cls.vpc1.id, zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s", cls.network1.name, cls.network1.cidr, cls.network1.gateway) cls.vm1 = VirtualMachine.create(cls.api_client, cls.attributes['vms']['vm1'], templateid=cls.template.id, serviceofferingid=cls.virtual_machine_offering.id, networkids=[cls.network1.id], zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("VM '%s' created, Network: %s, IP %s", cls.vm1.name, cls.network1.name, cls.vm1.nic[0].ipaddress) cls.public_ip1 = PublicIPAddress.create(cls.api_client, zoneid=cls.zone.id, domainid=cls.account.domainid, accountid=cls.account.name, vpcid=cls.vpc1.id, networkid=cls.network1.id) cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s", cls.public_ip1.ipaddress.ipaddress, cls.vpc1.name, cls.network1.name) cls.nat_rule1 = NATRule.create(cls.api_client, cls.vm1, cls.attributes['nat_rule'], vpcid=cls.vpc1.id, networkid=cls.network1.id, ipaddressid=cls.public_ip1.ipaddress.id) cls.logger.debug("Port Forwarding Rule '%s (%s) %s => %s' created", cls.nat_rule1.ipaddress, cls.nat_rule1.protocol, cls.nat_rule1.publicport, cls.nat_rule1.privateport) cls.vpc2 = VPC.create(cls.api_client, cls.attributes['vpcs']['vpc2'], vpcofferingid=cls.vpc_offering.id, zoneid=cls.zone.id, domainid=cls.domain.id, account=cls.account.name) cls.logger.debug("VPC '%s' created, CIDR: %s", cls.vpc2.name, cls.vpc2.cidr) cls.network2 = Network.create(cls.api_client, cls.attributes['networks']['network3'], networkofferingid=cls.network_offering.id, aclid=cls.default_allow_acl.id, vpcid=cls.vpc2.id, zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("Network '%s' created, CIDR: %s, Gateway: %s", cls.network2.name, cls.network2.cidr, cls.network2.gateway) cls.vm2 = VirtualMachine.create(cls.api_client, cls.attributes['vms']['vm2'], templateid=cls.template.id, serviceofferingid=cls.virtual_machine_offering.id, networkids=[cls.network2.id], zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("VM '%s' created, Network: %s, IP: %s", cls.vm2.name, cls.network2.name, cls.vm2.nic[0].ipaddress) cls.public_ip2 = PublicIPAddress.create(cls.api_client, zoneid=cls.zone.id, domainid=cls.account.domainid, accountid=cls.account.name, vpcid=cls.vpc2.id, networkid=cls.network2.id) cls.logger.debug("Public IP '%s' acquired, VPC: %s, Network: %s", cls.public_ip2.ipaddress.ipaddress, cls.vpc2.name, cls.network2.name) cls.nat_rule2 = NATRule.create(cls.api_client, cls.vm2, cls.attributes['nat_rule'], vpcid=cls.vpc2.id, networkid=cls.network2.id, ipaddressid=cls.public_ip2.ipaddress.id) cls.logger.debug("Port Forwarding Rule '%s (%s) %s => %s' created", cls.nat_rule2.ipaddress, cls.nat_rule2.protocol, cls.nat_rule2.publicport, cls.nat_rule2.privateport) cls.private_gateways_network = Network.create(cls.api_client, cls.attributes['networks']['private_gateways_network'], networkofferingid=cls.private_network_offering.id, aclid=cls.default_allow_acl.id, zoneid=cls.zone.id, domainid=cls.domain.id, accountid=cls.account.name) cls.logger.debug("Network '%s' created, CIDR: %s", cls.private_gateways_network.name, cls.private_gateways_network.cidr) cls.private_gateway1 = PrivateGateway.create(cls.api_client, ipaddress=cls.attributes['private_gateways']['private_gateway1'], networkid=cls.private_gateways_network.id, aclid=cls.default_allow_acl.id, vpcid=cls.vpc1.id) cls.logger.debug("Private Gateway '%s' created, Network: %s, VPC: %s", cls.private_gateway1.ipaddress, cls.private_gateways_network.name, cls.vpc1.name) cls.static_route1 = StaticRoute.create(cls.api_client, cls.attributes['static_routes']['static_route1'], vpcid=cls.vpc1.id) cls.logger.debug("Static Route '%s => %s' created, VPC: %s", cls.static_route1.cidr, cls.static_route1.nexthop, cls.vpc1.name) cls.private_gateway2 = PrivateGateway.create(cls.api_client, ipaddress=cls.attributes['private_gateways']['private_gateway2'], networkid=cls.private_gateways_network.id, aclid=cls.default_allow_acl.id, vpcid=cls.vpc2.id) cls.logger.debug("Private Gateway '%s' created, Network: %s, VPC: %s", cls.private_gateway2.ipaddress, cls.private_gateways_network.name, cls.vpc2.name) cls.static_route2 = StaticRoute.create(cls.api_client, cls.attributes['static_routes']['static_route2'], vpcid=cls.vpc2.id) cls.logger.debug("Static Route '%s => %s' created, VPC: %s", cls.static_route2.cidr, cls.static_route2.nexthop, cls.vpc2.name)
def test_network_rules_acquired_public_ip(self, value): """Test for Router rules for network rules on acquired public IP""" # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail self.ipaddress = PublicIPAddress.create( self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=self.defaultNetworkId ) self.cleanup.append(self.ipaddress) self.createNetworkRules(rule=value, ipaddressobj=self.ipaddress, networkid=self.defaultNetworkId) router = Router.list(self.apiclient, networkid=self.virtual_machine.nic[0].networkid, listall=True)[0] response = self.getCommandResultFromRouter(router, "ip addr") self.debug(response) stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress self.assertTrue(stringToMatch in str(response), "IP address is\ not removed from VR even after disabling statin NAT") try: self.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, self.ipaddress.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client( self.ipaddress.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) # Validate the following: # 1. listIpForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail self.removeNetworkRules(rule=value, ipaddressobj=self.ipaddress) response = self.getCommandResultFromRouter(router, "ip addr") self.debug(response) stringToMatch = "inet %s" % self.ipaddress.ipaddress.ipaddress self.assertFalse(stringToMatch in str(response), "IP address is\ not removed from VR even after disabling statin NAT") # Check if the Public SSH port is inaccessible with self.assertRaises(Exception): self.debug( "SSHing into VM with IP address %s after NAT rule deletion" % self.virtual_machine.ipaddress) SshClient( self.ipaddress.ipaddress.ipaddress, self.virtual_machine.ssh_port, self.virtual_machine.username, self.virtual_machine.password, retries=2, delay=0 ) return
def test_02_port_fwd_on_non_src_nat(self): """Test for port forwarding on non source NAT""" # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid, self.services["virtual_machine"] ) self.cleanup.append(ip_address) # Check if VM is in Running state before creating NAT rule vm_response = VirtualMachine.list( self.apiclient, id=self.virtual_machine.id ) self.assertEqual( isinstance(vm_response, list), True, "Check list VM returns a valid list" ) self.assertNotEqual( len(vm_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( vm_response[0].state, 'Running', "VM state should be Running before creating a NAT rule." ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=ip_address.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"] ) # Create NAT rule nat_rule = NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], ip_address.ipaddress.id ) # Validate the following: # 1. listPortForwardingRules should not return the deleted rule anymore # 2. attempt to do ssh should now fail list_nat_rule_response = list_nat_rules( self.apiclient, id=nat_rule.id ) self.assertEqual( isinstance(list_nat_rule_response, list), True, "Check list response returns a valid list" ) self.assertNotEqual( len(list_nat_rule_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( list_nat_rule_response[0].id, nat_rule.id, "Check Correct Port forwarding Rule is returned" ) try: logger.debug("SSHing into VM with IP address %s with NAT IP %s" % ( self.virtual_machine.ipaddress, ip_address.ipaddress.ipaddress )) self.virtual_machine.get_ssh_client(ip_address.ipaddress.ipaddress) except Exception as e: self.fail( "SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e) ) nat_rule.delete(self.apiclient) try: list_nat_rule_response = list_nat_rules( self.apiclient, id=nat_rule.id ) except CloudstackAPIException: logger.debug("Nat Rule is deleted") # Check if the Public SSH port is inaccessible with self.assertRaises(Exception): logger.debug( "SSHing into VM with IP address %s after NAT rule deletion" % self.virtual_machine.ipaddress) SshClient( ip_address.ipaddress.ipaddress, self.virtual_machine.ssh_port, self.virtual_machine.username, self.virtual_machine.password, retries=2, delay=0 ) return
def test_05_list_publicip_user_domain(self): """ A domain admin should be able to display public ip address in their domain and also all child domains Step 1: Display all public ip address in that domain and sub domain Step 2: Ensure that the count is 20 Step 3: Display only the allocated Ip address Step 4: Ensure that the count is 2 Step 5: Try to display public ip of vpc from different domain Step 6: Ensure that we get exception when trying to do so :return: """ user = self.account2.user[0] user_api_client = self.testClient.getUserApiClient(user.username, self.domain2.name) self.services["vpc"]["cidr"] = "10.1.1.1/16" vpc_1 = VPC.create( user_api_client, self.services["vpc"], vpcofferingid=self.vpc_off.id, zoneid=self.zone.id, account=self.account2.name, domainid=self.account2.domainid ) self.validate_vpc_network(vpc_1) ipAddresses = PublicIPAddress.list( user_api_client, allocatedonly=False, listall=True, forvirtualnetwork=True) self.assertGreaterEqual( len(ipAddresses), 10, "Unable to display all public ip in VPC" ) # List ip address using vpcid ipAddresses = PublicIPAddress.list( self.apiclient, vpcid=vpc_1.id, allocatedonly=False, account=self.account2.name, domainid=self.domain2.id, forvirtualnetwork=True) self.assertGreaterEqual( len(ipAddresses), 10, "Unable to display all public ip in VPC" ) # Acquire public ip address from VPC ip_address_1 = self.get_free_ipaddress(self.public_ip_range3.vlan.id) PublicIPAddress.create( user_api_client, zoneid=self.zone.id, vpcid=vpc_1.id, ipaddress=ip_address_1 ) ipAddresses = PublicIPAddress.list( user_api_client, allocatedonly=True, listall=True, forvirtualnetwork=True) self.assertGreaterEqual( len(ipAddresses), 2, "Unable to display allocated public ip in VPC" ) try: # Step 5 user = self.account1.user[0] user_api_client = self.testClient.getUserApiClient(user.username, self.domain1.name) PublicIPAddress.list( user_api_client, allocatedonly=False, listall=True, vpcid=vpc_1.id, forvirtualnetwork=True) # Step 6 self.fail("Domain should not access public ip of sibling domain") except Exception as e: self.info("Got exception as expected since domain2 cant access network of domain1") self.vpc_off.update(self.apiclient, state='Disabled') self.cleanup.append(vpc_1) self.cleanup.append(self.vpc_off)
def setUp(self): self.apiclient = self.testClient.getApiClient() self.services = self.testClient.getParsedTestDataConfig() # Get Zone, Domain and templates self.domain = get_domain(self.apiclient) self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests()) self.hypervisor = self.testClient.getHypervisorInfo() template = get_test_template( self.apiclient, self.zone.id, self.hypervisor ) if template == FAILED: self.fail("get_test_template() failed to return template") self.services["virtual_machine"]["zoneid"] = self.zone.id # Create an account, network, VM and IP addresses self.account = Account.create( self.apiclient, self.services["account"], admin=True, domainid=self.domain.id ) self.service_offering = ServiceOffering.create( self.apiclient, self.services["service_offerings"]["tiny"] ) self.vm_1 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) # Wait for VM to come up time.sleep(120) src_nat_ip_addrs = list_publicIP( self.apiclient, account=self.account.name, domainid=self.account.domainid ) try: src_nat_ip_addr = src_nat_ip_addrs[0] except Exception as e: raise Exception( "Warning: Exception during fetching source NAT: %s" % e) self.public_ip = PublicIPAddress.create( self.apiclient, self.vm_1.account, self.vm_1.zoneid, self.vm_1.domainid, self.services["virtual_machine"] ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol=self.services["lbrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["lbrule"]["publicport"], endport=self.services["lbrule"]["publicport"] ) lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], src_nat_ip_addr.id, self.account.name ) lb_rule.assign(self.apiclient, [self.vm_1]) self.nat_rule = NATRule.create( self.apiclient, self.vm_1, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id ) self.cleanup = [self.nat_rule, lb_rule, self.vm_1, self.service_offering, self.account, ] return
def setUp(self): self.apiclient = self.testClient.getApiClient() self.services = self.testClient.getParsedTestDataConfig() # Get Zone, Domain and templates self.domain = get_domain(self.apiclient) self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests()) template = get_template( self.apiclient, self.zone.id, self.services["ostype"] ) if template == FAILED: self.fail( "get_template() failed to return template with description %s" % self.services["ostype"]) self.services["virtual_machine"]["zoneid"] = self.zone.id # Create an account, network, VM and IP addresses self.account = Account.create( self.apiclient, self.services["account"], admin=True, domainid=self.domain.id ) self.service_offering = ServiceOffering.create( self.apiclient, self.services["service_offerings"] ) self.vm_1 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) # Wait for VM to come up time.sleep(120) src_nat_ip_addrs = list_publicIP( self.apiclient, account=self.account.name, domainid=self.account.domainid ) try: src_nat_ip_addr = src_nat_ip_addrs[0] except Exception as e: raise Exception( "Warning: Exception during fetching source NAT: %s" % e) self.public_ip = PublicIPAddress.create( self.apiclient, self.vm_1.account, self.vm_1.zoneid, self.vm_1.domainid, self.services["virtual_machine"] ) # Open up firewall port for SSH FireWallRule.create( self.apiclient, ipaddressid=self.public_ip.ipaddress.id, protocol=self.services["lbrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["lbrule"]["publicport"], endport=self.services["lbrule"]["publicport"] ) lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], src_nat_ip_addr.id, self.account.name ) lb_rule.assign(self.apiclient, [self.vm_1]) self.nat_rule = NATRule.create( self.apiclient, self.vm_1, self.services["natrule"], ipaddressid=self.public_ip.ipaddress.id ) self.cleanup = [self.nat_rule, lb_rule, self.vm_1, self.service_offering, self.account, ] return
def setUp(self): self.apiclient = self.testClient.getApiClient() self.services = self.testClient.getParsedTestDataConfig() # Get Zone, Domain and templates self.domain = get_domain(self.apiclient) self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests()) template = get_template( self.apiclient, self.zone.id, self.services["ostype"] ) self.services["virtual_machine"]["zoneid"] = self.zone.id # Create an account, network, VM, Port forwarding rule, LB rules self.account = Account.create( self.apiclient, self.services["account"], admin=True, domainid=self.domain.id ) self.service_offering = ServiceOffering.create( self.apiclient, self.services["service_offerings"] ) self.virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], templateid=template.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id ) self.ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid ) ip_addrs = list_publicIP( self.apiclient, account=self.account.name, domainid=self.account.domainid, issourcenat=False ) try: self.ip_addr = ip_addrs[0] except Exception as e: raise Exception( "Failed: During acquiring source NAT for account: %s, :%s" % (self.account.name, e)) self.nat_rule = NATRule.create( self.apiclient, self.virtual_machine, self.services["natrule"], self.ip_addr.id ) self.lb_rule = LoadBalancerRule.create( self.apiclient, self.services["lbrule"], self.ip_addr.id, accountid=self.account.name ) self.cleanup = [ self.virtual_machine, self.account ] return
def test_03_deploy_vms_in_vpc_with_regionlevelvpc(self): """Test deploy virtual machines in VPC networks""" # 1. Create VPC Offering by specifying all supported Services # (Vpn,dhcpdns,UserData, SourceNat,Static NAT and PF,LB,NetworkAcl) # 2. Create a VPC using the above VPC offering # 3. Create a network as part of this VPC. # 4. Deploy few Vms. # 5. Create a LB rule for this VM. # 6. Create a PF rule for this VM. # 7. Create a Static Nat rule for this VM. # 8. Create Ingress rules on the network to open the above created # LB PF and Static Nat rule # 9. Create Egress Network ACL for this network to access google.com. # 10. Enable VPN services if not self.isOvsPluginEnabled: self.skipTest("OVS plugin should be enabled to run this test case") self.debug("Creating a VPC offering..") vpc_off = VpcOffering.create(self.apiclient, self.services["vpc_offering"]) vpc_off.update(self.apiclient, state='Enabled') self.debug("creating a VPC network in the account: %s" % self.account.name) vpc = VPC.create(self.apiclient, self.services["vpc"], vpcofferingid=vpc_off.id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid, networkDomain=self.account.domainid) self.validate_vpc_network(vpc) self.network_offering = NetworkOffering.create( self.apiclient, self.services["network_offering"], conservemode=False) # Enable Network offering self.network_offering.update(self.apiclient, state='Enabled') gateway = vpc.cidr.split('/')[0] # Split the cidr to retrieve gateway # for eg. cidr = 10.0.0.1/24 # Gateway = 10.0.0.1 # Creating network using the network offering created self.debug("Creating network with network offering: %s" % self.network_offering.id) network = Network.create(self.apiclient, self.services["network"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, gateway=gateway, vpcid=vpc.id) self.debug("Created network with ID: %s" % network.id) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=[str(network.id)]) self.debug("Deployed VM in network: %s" % network.id) self.debug("Associating public IP for network: %s" % network.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) self.debug("Creating LB rule for IP address: %s" % public_ip.ipaddress.ipaddress) LoadBalancerRule.create(self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name, networkid=network.id, vpcid=vpc.id, domainid=self.account.domainid) self.debug("Associating public IP for network: %s" % vpc.name) public_ip_2 = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id) self.debug("Associated %s with network %s" % (public_ip_2.ipaddress.ipaddress, network.id)) NATRule.create(self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip_2.ipaddress.id, openfirewall=False, networkid=network.id, vpcid=vpc.id) self.debug("Adding NetwrokACl rules to make PF and LB accessible") NetworkACL.create(self.apiclient, networkid=network.id, services=self.services["natrule"], traffictype='Ingress') NetworkACL.create(self.apiclient, networkid=network.id, services=self.services["lbrule"], traffictype='Ingress') self.debug("Checking if we can SSH into VM?") try: virtual_machine.get_ssh_client( ipaddress=public_ip_2.ipaddress.ipaddress, ) self.debug("SSH into VM is successfully") except Exception as e: self.fail("Failed to SSH into VM - %s, %s" % (public_ip_2.ipaddress.ipaddress, e)) self.debug("Associating public IP for network: %s" % network.name) public_ip_3 = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id, vpcid=vpc.id) self.debug("Associated %s with network %s" % (public_ip_3.ipaddress.ipaddress, network.id)) self.debug("Enabling static NAT for IP: %s" % public_ip_3.ipaddress.ipaddress) try: StaticNATRule.enable(self.apiclient, ipaddressid=public_ip_3.ipaddress.id, virtualmachineid=virtual_machine.id, networkid=network.id) self.debug("Static NAT enabled for IP: %s" % public_ip_3.ipaddress.ipaddress) except Exception as e: self.fail("Failed to enable static NAT on IP: %s - %s" % (public_ip_3.ipaddress.ipaddress, e)) public_ips = PublicIPAddress.list(self.apiclient, networkid=network.id, listall=True, isstaticnat=True, account=self.account.name, domainid=self.account.domainid) self.assertEqual(isinstance(public_ips, list), True, "List public Ip for network should list the Ip addr") self.assertEqual(public_ips[0].ipaddress, public_ip_3.ipaddress.ipaddress, "List public Ip for network should list the Ip addr") # TODO: Remote Access VPN is not yet supported in VPC return
def test_02_host_maintenance_mode_with_activities(self): """Test host maintenance mode with activities """ # Validate the following # 1. Create Vms. Acquire IP. Create port forwarding & load balancing # rules for Vms. # 2. While activities are ongoing: Create snapshots, recurring # snapshots, create templates, download volumes, Host 1: put to # maintenance mode. All Vms should failover to Host 2 in cluster # Vms should be in running state. All port forwarding rules and # load balancing Rules should work. # 3. After failover to Host 2 succeeds, deploy Vms. Deploy Vms on host # 2 should succeed. All ongoing activities in step 3 should succeed # 4. Host 1: cancel maintenance mode. # 5. While activities are ongoing: Create snapshots, recurring # snapshots, create templates, download volumes, Host 2: put to # maintenance mode. All Vms should failover to Host 1 in cluster. # 6. After failover to Host 1 succeeds, deploy VMs. Deploy Vms on # host 1 should succeed. All ongoing activities in step 6 should # succeed. hosts = Host.list(self.apiclient, zoneid=self.zone.id, resourcestate='Enabled', type='Routing') self.assertEqual(isinstance(hosts, list), True, "List hosts should return valid host response") if len(hosts) < 2: self.skipTest("There must be at least 2 hosts present in cluster") self.debug("Checking HA with hosts: %s, %s" % (hosts[0].name, hosts[1].name)) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance in that network virtual_machine = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.assertEqual(vm.state, "Running", "Deployed VM should be in RUnning state") networks = Network.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(networks, list), True, "List networks should return valid list for the account") network = networks[0] self.debug("Associating public IP for account: %s" % self.account.name) public_ip = PublicIPAddress.create(self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, networkid=network.id) self.debug("Associated %s with network %s" % (public_ip.ipaddress.ipaddress, network.id)) self.debug("Creating PF rule for IP address: %s" % public_ip.ipaddress.ipaddress) NATRule.create(self.apiclient, virtual_machine, self.services["natrule"], ipaddressid=public_ip.ipaddress.id) self.debug("Creating LB rule on IP with NAT: %s" % public_ip.ipaddress.ipaddress) # Create Load Balancer rule on IP already having NAT rule lb_rule = LoadBalancerRule.create(self.apiclient, self.services["lbrule"], ipaddressid=public_ip.ipaddress.id, accountid=self.account.name) self.debug("Created LB rule with ID: %s" % lb_rule.id) # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) # Get the Root disk of VM volumes = list_volumes(self.apiclient, virtualmachineid=virtual_machine.id, type='ROOT', listall=True) volume = volumes[0] self.debug("Root volume of VM(%s): %s" % (virtual_machine.name, volume.name)) # Create a snapshot from the ROOTDISK self.debug("Creating snapshot on ROOT volume: %s" % volume.name) snapshot = Snapshot.create(self.apiclient, volumes[0].id) self.debug("Snapshot created: ID - %s" % snapshot.id) snapshots = list_snapshots(self.apiclient, id=snapshot.id, listall=True) self.assertEqual(isinstance(snapshots, list), True, "Check list response returns a valid list") self.assertNotEqual(snapshots, None, "Check if result exists in list snapshots call") self.assertEqual(snapshots[0].id, snapshot.id, "Check snapshot id in list resources call") # Generate template from the snapshot self.debug("Generating template from snapshot: %s" % snapshot.name) template = Template.create_from_snapshot(self.apiclient, snapshot, self.services["templates"]) self.debug("Created template from snapshot: %s" % template.id) templates = list_templates( self.apiclient, templatefilter=self.services["templates"]["templatefilter"], id=template.id) self.assertEqual( isinstance(templates, list), True, "List template call should return the newly created template") self.assertEqual( templates[0].isready, True, "The newly created template should be in ready state") first_host = vm.hostid self.debug("Enabling maintenance mode for host %s" % vm.hostid) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = first_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) timeout = self.services["timeout"] # Poll and check state of VM while it migrates from one host to another while True: vms = VirtualMachine.list(self.apiclient, id=virtual_machine.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("VM 1 state: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other failed\ while enabling maintenance") second_host = vm.hostid self.assertEqual( vm.state, "Running", "VM should be in Running state after enabling host maintenance") # Should be able to SSH VM try: self.debug("SSH into VM: %s" % virtual_machine.id) virtual_machine.get_ssh_client( ipaddress=public_ip.ipaddress.ipaddress) except Exception as e: self.fail("SSH Access failed for %s: %s" % (virtual_machine.ipaddress, e)) self.debug("Deploying VM in account: %s" % self.account.name) # Spawn an instance on other host virtual_machine_2 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine_2.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 2 state: %s" % vm.state) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") self.debug("Canceling host maintenance for ID: %s" % first_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = first_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % first_host) # Get the Root disk of VM volumes = list_volumes(self.apiclient, virtualmachineid=virtual_machine_2.id, type='ROOT', listall=True) volume = volumes[0] self.debug("Root volume of VM(%s): %s" % (virtual_machine_2.name, volume.name)) # Create a snapshot from the ROOTDISK self.debug("Creating snapshot on ROOT volume: %s" % volume.name) snapshot = Snapshot.create(self.apiclient, volumes[0].id) self.debug("Snapshot created: ID - %s" % snapshot.id) snapshots = list_snapshots(self.apiclient, id=snapshot.id, listall=True) self.assertEqual(isinstance(snapshots, list), True, "Check list response returns a valid list") self.assertNotEqual(snapshots, None, "Check if result exists in list snapshots call") self.assertEqual(snapshots[0].id, snapshot.id, "Check snapshot id in list resources call") # Generate template from the snapshot self.debug("Generating template from snapshot: %s" % snapshot.name) template = Template.create_from_snapshot(self.apiclient, snapshot, self.services["templates"]) self.debug("Created template from snapshot: %s" % template.id) templates = list_templates( self.apiclient, templatefilter=self.services["templates"]["templatefilter"], id=template.id) self.assertEqual( isinstance(templates, list), True, "List template call should return the newly created template") self.assertEqual( templates[0].isready, True, "The newly created template should be in ready state") self.debug("Enabling maintenance mode for host %s" % second_host) cmd = prepareHostForMaintenance.prepareHostForMaintenanceCmd() cmd.id = second_host self.apiclient.prepareHostForMaintenance(cmd) self.debug("Maintenance mode enabled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other failed\ while enabling maintenance") # Poll and check the status of VMs timeout = self.services["timeout"] while True: vms = VirtualMachine.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[1] self.debug( "VM state after enabling maintenance on first host: %s" % vm.state) if vm.state in [ "Stopping", "Stopped", "Running", "Starting", "Migrating" ]: if vm.state == "Running": break else: time.sleep(self.services["sleep"]) timeout = timeout - 1 else: self.fail("VM migration from one-host-to-other failed\ while enabling maintenance") for vm in vms: self.debug( "VM states after enabling maintenance mode on host: %s - %s" % (first_host, vm.state)) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") # Spawn an instance on other host virtual_machine_3 = VirtualMachine.create( self.apiclient, self.services["virtual_machine"], accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id) vms = VirtualMachine.list(self.apiclient, id=virtual_machine_3.id, listall=True) self.assertEqual( isinstance(vms, list), True, "List VMs should return valid response for deployed VM") self.assertNotEqual( len(vms), 0, "List VMs should return valid response for deployed VM") vm = vms[0] self.debug("Deployed VM on host: %s" % vm.hostid) self.debug("VM 3 state: %s" % vm.state) self.assertEqual(vm.state, "Running", "Deployed VM should be in Running state") self.debug("Canceling host maintenance for ID: %s" % second_host) cmd = cancelHostMaintenance.cancelHostMaintenanceCmd() cmd.id = second_host self.apiclient.cancelHostMaintenance(cmd) self.debug("Maintenance mode canceled for host: %s" % second_host) self.debug("Waiting for SSVMs to come up") wait_for_ssvms( self.apiclient, zoneid=self.zone.id, podid=self.pod.id, ) return
def test_iptable_rules(self): """Test iptable rules in case we have IP associated with a network which is in different pubic IP range from that of public IP range that has source NAT IP. When IP is associated we should see a rule '-i eth3 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT' in FORWARD table. When IP is dis-associated we should see a rule in the FORWARD table is deleted. """ # Validate the following: # 1. Create a new public IP range and dedicate to a account # 2. Acquire a IP from new public range # 3. Create a firewall rule to open up the port, so that IP is associated with network # 5. Login to VR and verify routing tables, there should be Table_eth3 # 6. Delete firewall rule, since its last IP, routing table Table_eth3 should be deleted self.services["extrapubliciprange"]["zoneid"] = self.services["zoneid"] self.public_ip_range = PublicIpRange.create( self.apiclient, self.services["extrapubliciprange"] ) self.cleanup.append(self.public_ip_range) logger.debug("Dedicating Public IP range to the account"); dedicate_public_ip_range_response = PublicIpRange.dedicate( self.apiclient, self.public_ip_range.vlan.id, account=self.account.name, domainid=self.account.domainid ) ip_address = PublicIPAddress.create( self.apiclient, self.account.name, self.zone.id, self.account.domainid, self.services["virtual_machine"] ) self.cleanup.append(ip_address) # Check if VM is in Running state before creating NAT and firewall rules vm_response = VirtualMachine.list( self.apiclient, id=self.virtual_machine.id ) self.assertEqual( isinstance(vm_response, list), True, "Check list VM returns a valid list" ) self.assertNotEqual( len(vm_response), 0, "Check Port Forwarding Rule is created" ) self.assertEqual( vm_response[0].state, 'Running', "VM state should be Running before creating a NAT rule." ) # Open up firewall port for SSH firewall_rule = FireWallRule.create( self.apiclient, ipaddressid=ip_address.ipaddress.id, protocol=self.services["natrule"]["protocol"], cidrlist=['0.0.0.0/0'], startport=self.services["natrule"]["publicport"], endport=self.services["natrule"]["publicport"] ) self.cleanup.append(firewall_rule) # Get the router details associated with account routers = list_routers( self.apiclient, account=self.account.name, domainid=self.account.domainid, ) router = routers[0] if (self.hypervisor.lower() == 'vmware' or self.hypervisor.lower() == 'hyperv'): result = get_process_status( self.apiclient.connection.mgtSvr, 22, self.apiclient.connection.user, self.apiclient.connection.passwd, router.linklocalip, 'iptables -t filter -L FORWARD -v', hypervisor=self.hypervisor ) else: hosts = list_hosts( self.apiclient, id=router.hostid, ) self.assertEqual( isinstance(hosts, list), True, "Check for list hosts response return valid data" ) host = hosts[0] host.user = self.hostConfig['username'] host.passwd = self.hostConfig['password'] try: result = get_process_status( host.ipaddress, 22, host.user, host.passwd, router.linklocalip, 'iptables -t filter -L FORWARD -v' ) except KeyError: self.skipTest( "Provide a marvin config file with host\ credentials to run %s" % self._testMethodName) logger.debug("iptables -t filter -L FORWARD -v: %s" % result) res = str(result) self.assertEqual( res.count("eth3 eth0 anywhere anywhere state RELATED,ESTABLISHED"), 1, "Check to ensure there is a iptable rule to accept the RELATED,ESTABLISHED traffic" ) firewall_rule.delete(self.apiclient) self.cleanup.remove(firewall_rule)