def deploy_vpcs_remotevpngateways(self, vpcs_data, account): for vpc_data in vpcs_data: for vpnconnection_data in vpc_data['data']['vpnconnections']: vpc = get_vpc( api_client=self.api_client, name=self.dynamic_names['vpcs'][vpc_data['data']['name']]) vpc_vpngateway = get_vpngateway(api_client=self.api_client, vpc=vpc) remotevpc = get_vpc( api_client=self.api_client, name=self.dynamic_names['vpcs'][vpnconnection_data]) remotevpc_vpngateway = get_vpngateway( api_client=self.api_client, vpc=remotevpc) self.logger.debug( '>>> VPN CUSTOMER GATEWAY => Creating to VPC "%s"...', vpnconnection_data) vpncustomergateway = VpnCustomerGateway.create( api_client=self.api_client, name="remotegateway_to_" + remotevpc.name, gateway=remotevpc_vpngateway.publicip, cidrlist=remotevpc.cidr, presharedkey='notasecret', ikepolicy='aes128-sha256;modp2048', esppolicy='aes128-sha256;modp2048', account=account.name, domainid=account.domainid) self.logger.debug( '>>> VPN CUSTOMER GATEWAY => ID: %s => Name: %s => CIDR List: %s ' '=> Gateway: %s => Domain: %s', vpncustomergateway.id, vpncustomergateway.name, vpncustomergateway.cidrlist, vpncustomergateway.gateway, vpncustomergateway.domainid) self.logger.debug( '>>> VPN CONNECTION => Creating from VPC "%s" to VPC "%s"...', vpc_data['data']['name'], vpnconnection_data) vpnconnection = Vpn.createVpnConnection( api_client=self.api_client, s2svpngatewayid=vpc_vpngateway.id, s2scustomergatewayid=vpncustomergateway.id) self.logger.debug( '>>> VPN CONNECTION => ID: %s => VPN Local Gateway: %s ' '=> VPN Customer Gateway: %s => State: %s', vpnconnection['id'], vpnconnection['s2svpngatewayid'], vpnconnection['s2scustomergatewayid'], vpnconnection['state'])
def deploy_vpcs_remotevpngateways(self, vpcs_data, account): for vpc_data in vpcs_data: for vpnconnection_data in vpc_data['data']['vpnconnections']: vpc = get_vpc(api_client=self.api_client, name=self.dynamic_names['vpcs'][vpc_data['data']['name']]) vpc_vpngateway = get_vpngateway(api_client=self.api_client, vpc=vpc) remotevpc = get_vpc(api_client=self.api_client, name=self.dynamic_names['vpcs'][vpnconnection_data]) remotevpc_vpngateway = get_vpngateway(api_client=self.api_client, vpc=remotevpc) self.logger.debug('>>> VPN CUSTOMER GATEWAY => Creating to VPC "%s"...', vpnconnection_data) vpncustomergateway = VpnCustomerGateway.create( api_client=self.api_client, name="remotegateway_to_" + remotevpc.name, gateway=remotevpc_vpngateway.publicip, cidrlist=remotevpc.cidr, presharedkey='notasecret', ikepolicy='aes128-sha256;modp2048', esppolicy='aes128-sha256;modp2048', account=account.name, domainid=account.domainid ) self.logger.debug('>>> VPN CUSTOMER GATEWAY => ID: %s => Name: %s => CIDR List: %s ' '=> Gateway: %s => Domain: %s', vpncustomergateway.id, vpncustomergateway.name, vpncustomergateway.cidrlist, vpncustomergateway.gateway, vpncustomergateway.domainid) self.logger.debug('>>> VPN CONNECTION => Creating from VPC "%s" to VPC "%s"...', vpc_data['data']['name'], vpnconnection_data) vpnconnection = Vpn.createVpnConnection( api_client=self.api_client, s2svpngatewayid=vpc_vpngateway.id, s2scustomergatewayid=vpncustomergateway.id ) self.logger.debug('>>> VPN CONNECTION => ID: %s => VPN Local Gateway: %s ' '=> VPN Customer Gateway: %s => State: %s', vpnconnection['id'], vpnconnection['s2svpngatewayid'], vpnconnection['s2scustomergatewayid'], vpnconnection['state'])
def test_01_redundant_vpc_site2site_vpn(self): """Test Site 2 Site VPN Across redundant VPCs""" self.logger.debug("Starting test: test_02_redundant_vpc_site2site_vpn") # 0) Get the default network offering for VPC networkOffering = NetworkOffering.list( self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks") self.assert_(networkOffering is not None and len( networkOffering) > 0, "No VPC based network offering") # Create and enable redundant VPC offering redundant_vpc_offering = self._create_vpc_offering( 'redundant_vpc_offering') self.assert_(redundant_vpc_offering is not None, "Failed to create redundant VPC Offering") redundant_vpc_offering.update(self.apiclient, state='Enabled') # Create VPC 1 vpc1 = None try: vpc1 = VPC.create( apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc1.vpn", vpcofferingid=redundant_vpc_offering.id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id ) except Exception as e: self.fail(e) finally: self.assert_(vpc1 is not None, "VPC1 creation failed") self.logger.debug("VPC1 %s created" % vpc1.id) # Create VPC 2 vpc2 = None try: vpc2 = VPC.create( apiclient=self.apiclient, services=self.services["vpc2"], networkDomain="vpc2.vpn", vpcofferingid=redundant_vpc_offering.id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid ) except Exception as e: self.fail(e) finally: self.assert_(vpc2 is not None, "VPC2 creation failed") self.logger.debug("VPC2 %s created" % vpc2.id) default_acl = NetworkACLList.list( self.apiclient, name="default_allow")[0] # Create network in VPC 1 ntwk1 = None try: ntwk1 = Network.create( apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc1.id, aclid=default_acl.id ) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk1, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id)) # Create network in VPC 2 ntwk2 = None try: ntwk2 = Network.create( apiclient=self.apiclient, services=self.services["network_2"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc2.id, aclid=default_acl.id ) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk2, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id)) # Deploy a vm in network 2 vm1 = None try: vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=ntwk1.id, hypervisor=self.hypervisor ) except Exception as e: self.fail(e) finally: self.assert_(vm1 is not None, "VM failed to deploy") self.assert_(vm1.state == 'Running', "VM is not running") self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id)) # Deploy a vm in network 2 vm2 = None try: vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=ntwk2.id, hypervisor=self.hypervisor ) except Exception as e: self.fail(e) finally: self.assert_(vm2 is not None, "VM failed to deploy") self.assert_(vm2.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id)) # 4) Enable Site-to-Site VPN for VPC vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id) self.assert_( vpn1_response is not None, "Failed to enable VPN Gateway 1") self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id) vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id) self.assert_( vpn2_response is not None, "Failed to enable VPN Gateway 2") self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id) # 5) Add VPN Customer gateway info src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc1.id ) ip1 = src_nat_list[0] src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc2.id ) ip2 = src_nat_list[0] services = self.services["vpncustomergateway"] customer1_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) self.logger.debug(vars(customer1_response)) customer2_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) self.logger.debug(vars(customer2_response)) # 6) Connect two VPCs vpnconn1_response = Vpn.createVpnConnection( self.apiclient, customer1_response.id, vpn2_response['id'], True) self.debug("VPN passive connection created for VPC %s" % vpc2.id) vpnconn2_response = Vpn.createVpnConnection( self.apiclient, customer2_response.id, vpn1_response['id']) self.debug("VPN connection created for VPC %s" % vpc1.id) self.assertEqual( vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!") # acquire an extra ip address to use to ssh into vm2 try: vm2.public_ip = PublicIPAddress.create( apiclient=self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, services=self.services, networkid=ntwk2.id, vpcid=vpc2.id) except Exception as e: self.fail(e) finally: self.assert_( vm2.public_ip is not None, "Failed to aqcuire public ip for vm2") # Create port forward to be able to ssh into vm2 natrule = None try: natrule = self._create_natrule( vpc2, vm2, 22, 22, vm2.public_ip, ntwk2) except Exception as e: self.fail(e) finally: self.assert_( natrule is not None, "Failed to create portforward for vm2") time.sleep(20) # setup ssh connection to vm2 ssh_client = self._get_ssh_client(vm2, self.services, 10) if ssh_client: # run ping test packet_loss = ssh_client.execute( "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0] self.assert_(int(packet_loss) == 0, "Ping did not succeed") else: self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
def test_02_update_vpncustomergateways(self): """ @Desc: Test to update VPN Customer Gateways pagination @steps: Step1: Listing all the VPN Customer Gateways for a user Step2: Verifying that no VPN Customer Gateways are listed Step3: Creating a VPN Customer Gateways Step4: Listing all the VPN Customer Gateways again for a user Step5: Verifying that list size is 1 Step6: Updating the VPN Customer Gateways created in step3 Step7: Listing the VPN customer gateway by id Step8: Verifying that list size is 1 Step9: Verifying the details of the listed VPN customer gateway are same as updated in step6 """ # Listing all the VPN Customer Gateways for a User list_vpncustomergateways_before = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"]) # Verifying that no VPN Customer Gateways are listed self.assertIsNone( list_vpncustomergateways_before, "VPN Customer Gateways listed for newly created User") # Creating A VPN Customer Gateways vpncustomergateway_created = VpnCustomerGateway.create( self.userapiclient, self.services["vpncustomergateway"], name="VPNCustGateway", gateway="10.102.153.90", cidrlist="10.0.0.0/24", account=self.account.name, domainid=self.domain.id) self.assertIsNotNone(vpncustomergateway_created, "VPN Customer Gateway creation failed") self.cleanup.append(vpncustomergateway_created) # Listing all the VPN Customer Gateways for a User list_vpncustomergateways_after = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"]) status = validateList(list_vpncustomergateways_after) self.assertEqual(PASS, status[0], "VPN Customer Gateway creation failed") # Verifying that list size is 1 self.assertEqual(1, len(list_vpncustomergateways_after), "Failed to create VPN Customer Gateways") # Updating the VPN Customer gateway vpncustomergateway_updated = VpnCustomerGateway.update( vpncustomergateway_created, self.userapiclient, self.services["vpncustomergateway"], name="NewVPNCustGateway", gateway="10.102.153.90", cidrlist="10.0.0.0/24", ) self.assertIsNotNone(vpncustomergateway_updated, "Updation of VPN Customer Gateway failed") # Listing the VPN Customer Gateways by Id list_vpncustomergateway = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"], id=vpncustomergateway_created.id) status = validateList(list_vpncustomergateway) self.assertEqual(PASS, status[0], "Failed to list VPN Customer Gateways by Id") # Verifying the list size to be equal to 1 self.assertEqual( 1, len(list_vpncustomergateway), "Size of VPN Customer Gateways by id is not matching") # Verifying the details of the listed VPN Customer Gateway are same as updated #Creating expected and actual values dictionaries expected_dict = { "name": vpncustomergateway_updated.name, "id": vpncustomergateway_updated.id, "account": vpncustomergateway_updated.account, "domainid": vpncustomergateway_updated.domainid, "gateway": vpncustomergateway_updated.gateway, "cidrlist": vpncustomergateway_updated.cidrlist, "seckey": vpncustomergateway_updated.ipsecpsk, "ikepolicy": vpncustomergateway_updated.ikepolicy, "ikelifetime": vpncustomergateway_updated.ikelifetime, "esppolicy": vpncustomergateway_updated.esppolicy, "esplifetime": vpncustomergateway_updated.esplifetime, } actual_dict = { "name": list_vpncustomergateway[0].name, "id": list_vpncustomergateway[0].id, "account": list_vpncustomergateway[0].account, "domainid": list_vpncustomergateway[0].domainid, "gateway": list_vpncustomergateway[0].gateway, "cidrlist": list_vpncustomergateway[0].cidrlist, "seckey": list_vpncustomergateway[0].ipsecpsk, "ikepolicy": list_vpncustomergateway[0].ikepolicy, "ikelifetime": list_vpncustomergateway[0].ikelifetime, "esppolicy": list_vpncustomergateway[0].esppolicy, "esplifetime": list_vpncustomergateway[0].esplifetime, } vpncustomergateway_status = self.__verify_values( expected_dict, actual_dict) self.assertEqual( True, vpncustomergateway_status, "Listed VPN Customer Gateway details are not as Updated") return
def test_01_list_vpncustomergateways_pagination(self): """ @Desc: Test to List VPN Customer Gateways pagination @steps: Step1: Listing all the VPN Customer Gateways for a user Step2: Verifying that no VPN Customer Gateways are listed Step3: Creating (page size + 1) number of VPN Customer Gateways Step4: Listing all the VPN Customer Gateways again for a user Step5: Verifying that list size is (page size + 1) Step6: Listing all the VPN Customer Gateways in page1 Step7: Verifying that list size is (page size) Step8: Listing all the VPN Customer Gateways in page2 Step9: Verifying that list size is 1 Step10: Deleting the VPN Customer Gateways present in page 2 Step11: Listing all the VPN Customer Gateways in page2 Step12: Verifying that no VPN Customer Gateways are listed """ # Listing all the VPN Customer Gateways for a User list_vpncustomergateways_before = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"]) # Verifying that no VPN Customer Gateways are listed self.assertIsNone( list_vpncustomergateways_before, "VPN Customer Gateways listed for newly created User") # Creating pagesize + 1 number of VPN Customer Gateways for i in range(0, (self.services["pagesize"] + 1)): vpncustomergateway_created = VpnCustomerGateway.create( self.userapiclient, self.services["vpncustomergateway"], name="VPNCustGateway" + str(i + 1), gateway="10.102.153." + str(i + 1), cidrlist="10.0.0.0/24", account=self.account.name, domainid=self.domain.id) self.assertIsNotNone(vpncustomergateway_created, "VPN Customer Gateway creation failed") if (i < self.services["pagesize"] + 1): self.cleanup.append(vpncustomergateway_created) # Listing all the VPN Customer Gateways for a User list_vpncustomergateways_after = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"]) status = validateList(list_vpncustomergateways_after) self.assertEqual(PASS, status[0], "VPN Customer Gateway creation failed") # Verifying that list size is pagesize + 1 self.assertEqual( self.services["pagesize"] + 1, len(list_vpncustomergateways_after), "Failed to create pagesize + 1 number of VPN Customer Gateways") # Listing all the VPN Customer Gateways in page 1 list_vpncustomergateways_page1 = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"], page=1, pagesize=self.services["pagesize"]) status = validateList(list_vpncustomergateways_page1) self.assertEqual(PASS, status[0], "Failed to list VPN Customer Gateways in page 1") # Verifying the list size to be equal to pagesize self.assertEqual( self.services["pagesize"], len(list_vpncustomergateways_page1), "Size of VPN Customer Gateways in page 1 is not matching") # Listing all the VPN Customer Gateways in page 2 list_vpncustomergateways_page2 = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"], page=2, pagesize=self.services["pagesize"]) status = validateList(list_vpncustomergateways_page2) self.assertEqual(PASS, status[0], "Failed to list VPN Customer Gateways in page 2") # Verifying the list size to be equal to 1 self.assertEqual( 1, len(list_vpncustomergateways_page2), "Size of VPN Customer Gateways in page 2 is not matching") # Deleting the VPM Customer Gateway present in page 2 VpnCustomerGateway.delete(vpncustomergateway_created, self.userapiclient) self.cleanup.remove(vpncustomergateway_created) # Listing all the VPN Customer Gateways in page 2 again list_vpncustomergateways_page2 = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"], page=2, pagesize=self.services["pagesize"]) # Verifying that there are no VPN Customer Gateways listed self.assertIsNone(list_vpncustomergateways_page2, "VPN Customer Gateways not deleted from page 2") return
def test_02_update_vpncustomergateways(self): """ @Desc: Test to update VPN Customer Gateways pagination @steps: Step1: Listing all the VPN Customer Gateways for a user Step2: Verifying that no VPN Customer Gateways are listed Step3: Creating a VPN Customer Gateways Step4: Listing all the VPN Customer Gateways again for a user Step5: Verifying that list size is 1 Step6: Updating the VPN Customer Gateways created in step3 Step7: Listing the VPN customer gateway by id Step8: Verifying that list size is 1 Step9: Verifying the details of the listed VPN customer gateway are same as updated in step6 """ # Listing all the VPN Customer Gateways for a User list_vpncustomergateways_before = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"] ) # Verifying that no VPN Customer Gateways are listed self.assertIsNone( list_vpncustomergateways_before, "VPN Customer Gateways listed for newly created User" ) # Creating A VPN Customer Gateways vpncustomergateway_created = VpnCustomerGateway.create( self.userapiclient, self.services["vpncustomergateway"], name="VPNCustGateway", gateway="10.102.153.90", cidrlist="10.0.0.0/24", account=self.account.name, domainid=self.domain.id ) self.assertIsNotNone( vpncustomergateway_created, "VPN Customer Gateway creation failed" ) self.cleanup.append(vpncustomergateway_created) # Listing all the VPN Customer Gateways for a User list_vpncustomergateways_after = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"] ) status = validateList(list_vpncustomergateways_after) self.assertEquals( PASS, status[0], "VPN Customer Gateway creation failed" ) # Verifying that list size is 1 self.assertEquals( 1, len(list_vpncustomergateways_after), "Failed to create VPN Customer Gateways" ) # Updating the VPN Customer gateway vpncustomergateway_updated = VpnCustomerGateway.update( vpncustomergateway_created, self.userapiclient, self.services["vpncustomergateway"], name="NewVPNCustGateway", gateway="10.102.153.90", cidrlist="10.0.0.0/24", ) self.assertIsNotNone( vpncustomergateway_updated, "Updation of VPN Customer Gateway failed" ) # Listing the VPN Customer Gateways by Id list_vpncustomergateway = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"], id=vpncustomergateway_created.id ) status = validateList(list_vpncustomergateway) self.assertEquals( PASS, status[0], "Failed to list VPN Customer Gateways by Id" ) # Verifying the list size to be equal to 1 self.assertEquals( 1, len(list_vpncustomergateway), "Size of VPN Customer Gateways by id is not matching" ) # Verifying the details of the listed VPN Customer Gateway are same as updated #Creating expected and actual values dictionaries expected_dict = { "name":vpncustomergateway_updated.name, "id":vpncustomergateway_updated.id, "account":vpncustomergateway_updated.account, "domainid":vpncustomergateway_updated.domainid, "gateway":vpncustomergateway_updated.gateway, "cidrlist":vpncustomergateway_updated.cidrlist, "seckey":vpncustomergateway_updated.ipsecpsk, "ikepolicy":vpncustomergateway_updated.ikepolicy, "ikelifetime":vpncustomergateway_updated.ikelifetime, "esppolicy":vpncustomergateway_updated.esppolicy, "esplifetime":vpncustomergateway_updated.esplifetime, } actual_dict = { "name":list_vpncustomergateway[0].name, "id":list_vpncustomergateway[0].id, "account":list_vpncustomergateway[0].account, "domainid":list_vpncustomergateway[0].domainid, "gateway":list_vpncustomergateway[0].gateway, "cidrlist":list_vpncustomergateway[0].cidrlist, "seckey":list_vpncustomergateway[0].ipsecpsk, "ikepolicy":list_vpncustomergateway[0].ikepolicy, "ikelifetime":list_vpncustomergateway[0].ikelifetime, "esppolicy":list_vpncustomergateway[0].esppolicy, "esplifetime":list_vpncustomergateway[0].esplifetime, } vpncustomergateway_status = self.__verify_values( expected_dict, actual_dict ) self.assertEqual( True, vpncustomergateway_status, "Listed VPN Customer Gateway details are not as Updated" ) return
def test_01_list_vpncustomergateways_pagination(self): """ @Desc: Test to List VPN Customer Gateways pagination @steps: Step1: Listing all the VPN Customer Gateways for a user Step2: Verifying that no VPN Customer Gateways are listed Step3: Creating (page size + 1) number of VPN Customer Gateways Step4: Listing all the VPN Customer Gateways again for a user Step5: Verifying that list size is (page size + 1) Step6: Listing all the VPN Customer Gateways in page1 Step7: Verifying that list size is (page size) Step8: Listing all the VPN Customer Gateways in page2 Step9: Verifying that list size is 1 Step10: Deleting the VPN Customer Gateways present in page 2 Step11: Listing all the VPN Customer Gateways in page2 Step12: Verifying that no VPN Customer Gateways are listed """ # Listing all the VPN Customer Gateways for a User list_vpncustomergateways_before = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"] ) # Verifying that no VPN Customer Gateways are listed self.assertIsNone( list_vpncustomergateways_before, "VPN Customer Gateways listed for newly created User" ) # Creating pagesize + 1 number of VPN Customer Gateways for i in range(0, (self.services["pagesize"] + 1)): vpncustomergateway_created = VpnCustomerGateway.create( self.userapiclient, self.services["vpncustomergateway"], name="VPNCustGateway"+str(i+1), gateway="10.102.153." + str(i+1), cidrlist="10.0.0.0/24", account=self.account.name, domainid=self.domain.id ) self.assertIsNotNone( vpncustomergateway_created, "VPN Customer Gateway creation failed" ) if (i < self.services["pagesize"] + 1): self.cleanup.append(vpncustomergateway_created) # Listing all the VPN Customer Gateways for a User list_vpncustomergateways_after = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"] ) status = validateList(list_vpncustomergateways_after) self.assertEquals( PASS, status[0], "VPN Customer Gateway creation failed" ) # Verifying that list size is pagesize + 1 self.assertEquals( self.services["pagesize"] + 1, len(list_vpncustomergateways_after), "Failed to create pagesize + 1 number of VPN Customer Gateways" ) # Listing all the VPN Customer Gateways in page 1 list_vpncustomergateways_page1 = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"], page=1, pagesize=self.services["pagesize"] ) status = validateList(list_vpncustomergateways_page1) self.assertEquals( PASS, status[0], "Failed to list VPN Customer Gateways in page 1" ) # Verifying the list size to be equal to pagesize self.assertEquals( self.services["pagesize"], len(list_vpncustomergateways_page1), "Size of VPN Customer Gateways in page 1 is not matching" ) # Listing all the VPN Customer Gateways in page 2 list_vpncustomergateways_page2 = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"], page=2, pagesize=self.services["pagesize"] ) status = validateList(list_vpncustomergateways_page2) self.assertEquals( PASS, status[0], "Failed to list VPN Customer Gateways in page 2" ) # Verifying the list size to be equal to 1 self.assertEquals( 1, len(list_vpncustomergateways_page2), "Size of VPN Customer Gateways in page 2 is not matching" ) # Deleting the VPM Customer Gateway present in page 2 VpnCustomerGateway.delete( vpncustomergateway_created, self.userapiclient ) # Listing all the VPN Customer Gateways in page 2 again list_vpncustomergateways_page2 = VpnCustomerGateway.list( self.userapiclient, listall=self.services["listall"], page=2, pagesize=self.services["pagesize"] ) # Verifying that there are no VPN Customer Gateways listed self.assertIsNone( list_vpncustomergateways_page2, "VPN Customer Gateways not deleted from page 2" ) return
def test_vpc_site2site_vpn(self): """Test VPN in VPC""" # 0) Get the default network offering for VPC networkOffering = NetworkOffering.list( self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks") self.assert_(networkOffering is not None and len(networkOffering) > 0, "No VPC based network offering") # 1) Create VPC offering vpcOffering = VpcOffering.list(self.apiclient, isdefault=True) self.assert_(vpcOffering is not None and len(vpcOffering) > 0, "No VPC offerings found") # Create VPC 1 try: vpc1 = VPC.create(apiclient=self.apiclient, services=self.services["vpc"], networkDomain="vpc1.vpn", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id) except Exception as e: self.fail(e) finally: self.assert_(vpc1 is not None, "VPC1 creation failed") self.logger.debug("VPC1 %s created" % (vpc1.id)) # Create VPC 2 try: vpc2 = VPC.create(apiclient=self.apiclient, services=self.services["vpc2"], networkDomain="vpc2.vpn", vpcofferingid=vpcOffering[0].id, zoneid=self.zone.id, account=self.account.name, domainid=self.account.domainid) except Exception as e: self.fail(e) finally: self.assert_(vpc2 is not None, "VPC2 creation failed") self.logger.debug("VPC2 %s created" % (vpc2.id)) default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0] # Create network in VPC 1 try: ntwk1 = Network.create(apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc1.id, aclid=default_acl.id) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk1, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id)) # Create network in VPC 2 try: ntwk2 = Network.create(apiclient=self.apiclient, services=self.services["network_2"], accountid=self.account.name, domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc2.id, aclid=default_acl.id) except Exception as e: self.fail(e) finally: self.assertIsNotNone(ntwk2, "Network failed to create") self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id)) # Deploy a vm in network 2 try: vm1 = VirtualMachine.create( self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=ntwk1.id, hypervisor=self.services["virtual_machine"]["hypervisor"]) except Exception as e: self.fail(e) finally: self.assert_(vm1 is not None, "VM failed to deploy") self.assert_(vm1.state == 'Running', "VM is not running") self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id)) # Deploy a vm in network 2 try: vm2 = VirtualMachine.create( self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.service_offering.id, networkids=ntwk2.id, hypervisor=self.services["virtual_machine"]["hypervisor"]) except Exception as e: self.fail(e) finally: self.assert_(vm2 is not None, "VM failed to deploy") self.assert_(vm2.state == 'Running', "VM is not running") self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id)) # 4) Enable Site-to-Site VPN for VPC vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id) self.assert_(vpn1_response is not None, "Failed to enable VPN Gateway 1") self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id) vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id) self.assert_(vpn2_response is not None, "Failed to enable VPN Gateway 2") self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id) # 5) Add VPN Customer gateway info src_nat_list = PublicIPAddress.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc1.id) ip1 = src_nat_list[0] src_nat_list = PublicIPAddress.list(self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc2.id) ip2 = src_nat_list[0] services = self.services["vpncustomergateway"] customer1_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) self.logger.debug(vars(customer1_response)) customer2_response = VpnCustomerGateway.create( self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id) self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) self.logger.debug(vars(customer2_response)) # 6) Connect two VPCs vpnconn1_response = Vpn.createVpnConnection(self.apiclient, customer1_response.id, vpn2_response['id'], True) self.debug("VPN passive connection created for VPC %s" % vpc2.id) vpnconn2_response = Vpn.createVpnConnection(self.apiclient, customer2_response.id, vpn1_response['id']) self.debug("VPN connection created for VPC %s" % vpc1.id) self.assertEqual(vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!") # acquire an extra ip address to use to ssh into vm2 try: vm2.public_ip = PublicIPAddress.create( apiclient=self.apiclient, accountid=self.account.name, zoneid=self.zone.id, domainid=self.account.domainid, services=self.services, networkid=ntwk2.id, vpcid=vpc2.id) except Exception as e: self.fail(e) finally: self.assert_(vm2.public_ip is not None, "Failed to aqcuire public ip for vm2") # Create port forward to be able to ssh into vm2 try: natrule = self.create_natrule(vpc2, vm2, 22, 22, vm2.public_ip, ntwk2) except Exception as e: self.fail(e) finally: self.assert_(natrule is not None, "Failed to create portforward for vm2") time.sleep(10) # setup ssh connection to vm2 ssh_client = self.get_ssh_client(vm2, self.services, 10) if ssh_client: # run ping test packet_loss = ssh_client.execute( "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0] self.assert_(int(packet_loss) == 0, "Ping did not succeed") else: self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
def _test_vpc_site2site_vpn(self, vpc_offering, num_VPCs=3): # Number of VPNs (to test) is number_of_VPCs - 1 # By default test setting up 2 VPNs from VPC0, requiring total of 3 VPCs maxnumVM = num_VPCs - 1 # Create VPC i vpc_list = [] for i in range(num_VPCs): # Generate VPC (mostly subnet) info vpcservice_n = copy.deepcopy(self.services["vpcN"]) for key in vpcservice_n.keys(): vpcservice_n[key] = vpcservice_n[key].format(N=`i`) vpc_n = VPC.create( api_client=self.apiclient, services=vpcservice_n, networkDomain="vpc%d.vpn" % i, vpcofferingid=vpc_offering.id, zoneid=self.zone.id, account=self.account.name, domainid=self.domain.id ) self.assertIsNotNone(vpc_n, "VPC%d creation failed" % i) vpc_list.append(vpc_n) self.cleanup.append(vpc_n) self.logger.debug("VPC%d %s created" % (i, vpc_list[i].id)) default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0] # Create network in VPC i ntwk_list = [] for i in range(num_VPCs): # Generate network (mostly subnet) info ntwk_info_n = copy.deepcopy(self.services["network_N"]) for key in ntwk_info_n.keys(): ntwk_info_n[key] = ntwk_info_n[key].format(N=`i`) ntwk_n = Network.create( api_client=self.apiclient, services=ntwk_info_n, accountid=self.account.name, domainid=self.account.domainid, networkofferingid=self.network_offering.id, zoneid=self.zone.id, vpcid=vpc_list[i].id, aclid=default_acl.id ) self.assertIsNotNone(ntwk_n, "Network%d failed to create" % i) self.cleanup.append(ntwk_n) ntwk_list.append(ntwk_n) self.logger.debug("Network%d %s created in VPC %s" % (i, ntwk_list[i].id, vpc_list[i].id)) # Deploy a vm in network i vm_list = [] vm_n = None for i in range(num_VPCs): vm_n = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, domainid=self.account.domainid, serviceofferingid=self.virtual_machine_offering.id, networkids=[ntwk_list[i].id], hypervisor=self.hypervisor, mode='advanced' if (i == 0) or (i == maxnumVM) else 'default' ) self.assertIsNotNone(vm_n, "VM%d failed to deploy" % i) self.cleanup.append(vm_n) vm_list.append(vm_n) self.logger.debug("VM%d %s deployed in VPC %s" % (i, vm_list[i].id, vpc_list[i].id)) self.assertEquals(vm_n.state, 'Running', "VM%d is not running" % i) # 4) Enable Site-to-Site VPN for VPC vpn_response_list = [] for i in range(num_VPCs): vpn_response = Vpn.createVpnGateway(self.apiclient, vpc_list[i].id) self.assertIsNotNone(vpn_response, "Failed to enable VPN Gateway %d" % i) vpn_response_list.append(vpn_response) self.logger.debug("VPN gateway for VPC%d %s enabled" % (i, vpc_list[i].id)) # 5) Add VPN Customer gateway info vpn_cust_gw_list = [] services = self.services["vpncustomergateway"] for i in range(num_VPCs): src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc_list[i].id ) ip = src_nat_list[0] customer_response = VpnCustomerGateway.create(self.apiclient, services, "Peer VPC" + `i`, ip.ipaddress, vpc_list[i].cidr, self.account.name, self.domain.id) self.cleanup.insert(0, customer_response) # this has to be cleaned up after the VPCs have been destroyed (due to client connectionsonections) vpn_cust_gw_list.append(customer_response) self.logger.debug("VPN customer gateway added for VPC%d %s enabled" % (i, vpc_list[i].id)) # Before the next step ensure the last VPC is up and running # Routers in the right state? self.assertEqual(self.routers_in_right_state(vpcid=vpc_list[maxnumVM].id), True, "Check whether the routers are in the right state.") # 6) Connect VPCi with VPC0 for i in range(num_VPCs)[1:]: passiveVpn = Vpn.createVpnConnection(self.apiclient, vpn_cust_gw_list[0].id, vpn_response_list[i]['id'], True) self.logger.debug("VPN passive connection created for VPC%d %s" % (i, vpc_list[i].id)) vpnconn2_response = Vpn.createVpnConnection(self.apiclient, vpn_cust_gw_list[i].id, vpn_response_list[0]['id']) self.logger.debug("VPN connection created for VPC%d %s" % (0, vpc_list[0].id)) self.assertEqual(vpnconn2_response['state'], "Connected", "Failed to connect between VPCs 0 and %d!" % i) self.logger.debug("VPN connected between VPC0 and VPC%d" % i) time.sleep(15) self.logger.debug("Resetting VPN connection with id %s" % (passiveVpn['id'])) Vpn.resetVpnConnection(self.apiclient, passiveVpn['id']) # Ping to put tunnel up ssh_client = vm_list[0].get_ssh_client(retries=10) self.assertIsNotNone(ssh_client, "Failed to setup SSH to VM0") if ssh_client: # run ping test for i in range(num_VPCs)[1:]: packet_loss = ssh_client.execute("/bin/ping -c 3 -t 10 " + vm_list[i].nic[0].ipaddress)[0] self.logger.debug("Ping from vm0 to vm%d to make sure tunnel is up." % i) else: self.fail("Failed to setup ssh connection to %s" % vm_list[0].public_ip) self.logger.debug("Waiting for the VPN with id %s to connect" % (passiveVpn['id'])) max_retries = 30 retries = 0 while retries < max_retries: vpnconn2_response = Vpn.listVpnConnection(self.apiclient, listall=True, id=passiveVpn['id']) if len(vpnconn2_response) > 0 and vpnconn2_response[0].state.lower() == 'connected': break retries += 1 time.sleep(2) self.assertLess(retries, max_retries, "Failed to reconnect VPN with id %s" % (passiveVpn['id'])) # First the last VM # setup ssh connection to vm maxnumVM self.logger.debug("Setup SSH connection to last VM created (%d) to ensure availability for ping tests" % maxnumVM) ssh_max_client = vm_list[maxnumVM].get_ssh_client(retries=20) self.assertIsNotNone(ssh_max_client, "Failed to setup SSH to last VM created (%d)" % maxnumVM) self.logger.debug("Setup SSH connection to first VM created (0) to ensure availability for ping tests") ssh_client = vm_list[0].get_ssh_client(retries=10) self.assertIsNotNone(ssh_client, "Failed to setup SSH to VM0") if ssh_client: # run ping test for i in range(num_VPCs)[1:]: packet_loss = ssh_client.execute( "/bin/ping -c 3 -t 10 " + vm_list[i].nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0] self.assertEquals(int(packet_loss), 0, " Ping towards vm" + `i` + " did not succeed") self.logger.debug("SUCCESS! Ping from vm0 to vm%d succeeded." % i) else: self.fail("Failed to setup ssh connection to %s" % vm_list[0].public_ip) return