def rbac_variables(): rbac.host_username = ensure_service_params(vars.D1, "radius", "hosts", 0, "username") rbac.host_password = ensure_service_params(vars.D1, "radius", "hosts", 0, "password") rbac.global_auth_type = ensure_service_params(vars.D1, "radius", "globals", 0, "auth_type") rbac.host_ip = ensure_service_params(vars.D1, "radius", "hosts", 0, "ip") rbac.feature = "RADIUS"
def get_dut_ip(dut): chef_server.mgmt_intf = util_obj.ensure_service_params(dut, chef_server.name, "mgmt_intf") ip_addr = basic_obj.get_ifconfig_inet(dut, chef_server.mgmt_intf) if not ip_addr: st.log("IP Address not found on eth0") st.report_env_fail("test_case_not_executeds") return ip_addr[0]
def snmp_config(config='add'): global ssh_conn_obj if config == 'add': ip = ensure_service_params(vars.D1, "snmptrap", "ip") username = ensure_service_params(vars.D1, "snmptrap", "username") password = ensure_service_params(vars.D1, "snmptrap", "password") snmp_obj.set_snmp_config(vars.D1, snmp_rocommunity=ssh_data.ro_community, snmp_location=ssh_data.location) # Connect to the linux machine and check ssh_conn_obj = connect_to_device(ip, username, password) if not ssh_conn_obj: return False else: snmp_obj.restore_snmp_config(vars.D1) return True
def tacacs_module_hooks(request): # add things at the start of this module global vars vars = st.ensure_min_topology("D1") tacacs_params = st.get_service_info(vars.D1, "tacacs") st.log("Getting IP address of the device") data.clear() data.hosts = ensure_service_params(vars.D1, "tacacs", "hosts") data.tacacs_ser_ip_1 = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "ip") data.tcp_port = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "tcp_port") data.passkey = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "passkey") data.priority = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "priority") data.timeout = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "timeout") data.auth_type = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "auth_type") data.tacacs_ser_ip_2 = ensure_service_params(vars.D1, "tacacs", "hosts", 1, "ip") data.priority_server2 = ensure_service_params(vars.D1, "tacacs", "hosts", 1, "priority") data.time_out = '10' data.username = '******' data.password = '******' data.protocol = 'ssh' data.ssh_port = '22' data.login_type = "tacacs+" data.failthrough_mode = 'enable' data.local_username = '******' data.local_password = '******' data.local_password2 = 'broadcom' data.username1 = 'test' data.password1 = 'test' data.rw_user = {'username': data.username, 'password': data.password, 'mode': 'rw'} data.ro_username = ensure_service_params(vars.D1, "radius", "ro_user", "username") ensure_device_ipaddress() st.log("Configuring authentication login parameter as tacacs+ and local") tacacs_obj.set_aaa_authentication_properties(vars.D1, 'login', 'tacacs+ local') tacacs_obj.set_tacacs_server(vars.D1, 'add', data.tacacs_ser_ip_1, data.tcp_port, data.timeout, data.passkey, data.auth_type, data.priority) yield config_default_tacacs_properties(vars.D1) st.log("Deleting all TACACS+ servers from the device") for i in range(0, 8): tacacs_obj.set_tacacs_server(vars.D1, 'delete', tacacs_params.hosts[i].ip) st.log("Making AAA parameters to default") tacacs_obj.set_aaa_authentication_properties(vars.D1, 'login', 'default') tacacs_obj.set_aaa_authentication_properties(vars.D1, 'failthrough', 'default') clear_vlan_configuration([vars.D1])
def snmp_trap_pre_config(): global capture_file, ssh_conn_obj ip = ensure_service_params(vars.D1, "snmptrap", "ip") username = ensure_service_params(vars.D1, "snmptrap", "username") password = ensure_service_params(vars.D1, "snmptrap", "password") path = ensure_service_params(vars.D1, "snmptrap", "path") # Connect to the linux machine and check ssh_conn_obj = connect_to_device(ip, username, password) if not ssh_conn_obj: st.report_tc_fail("ssh_connection_failed", ip) # enable traps on DUT snmp_obj.config_snmp_trap(vars.D1, version=2, ip_addr=ip, community=data.ro_community) # start capture on the linux machine capture_file = path
def test_ft_tacacs_maximum_servers(): """ Author: Karthik Kumar Goud Battula([email protected]) This testcase covers the below scenarios Scenario-1: Verify that more than one TACACS server can be configured on the NAS, upto the maximum number of servers that are allowed. Scenario-2: Verify that TACACS+ servers with IPv4 and IPv6 address can be added at the same time. Scenario-3: Verify that Maximum number of TACACS IPv4 servers can be configured on DUT. Scenario-4: Verify that Maximum number of TACACS IPv6 servers can be configured on DUT. Scenario-5: Verify the Save and Reload Functionality for TACACS IPv6 feature. """ tacacs_params = st.get_service_info(vars.D1, "tacacs") for i in range(2, 8): ip_addr = ensure_service_params(vars.D1, "tacacs", "hosts", i, "ip") priority = ensure_service_params(vars.D1, "tacacs", "hosts", i, "priority") tacacs_obj.set_tacacs_server(vars.D1, 'add', ip_addr, data.tcp_port, data.timeout, data.passkey, data.auth_type, priority) if not tacacs_obj.verify_tacacs_details(vars.D1, tacacs_params.hosts): st.report_fail("Tacacs_server_configs_are_not_successful", tacacs_params.hosts) st.report_pass("test_case_passed")
def chef_pre_config(dut): st.log("CHEF pre-config Start") ip_addr = basic_obj.get_ifconfig_inet(dut, 'eth0') if not ip_addr: st.log("IP Address not found on eth0") st.report_env_fail("test_case_not_executeds") basic_obj.deploy_package(dut, mode='update') basic_obj.deploy_package(dut, packane_name='sshpass', mode='install') ip = util_obj.ensure_service_params(dut, "chef", "ip") username = util_obj.ensure_service_params(dut, "chef", "username") password = util_obj.ensure_service_params(dut, "chef", "password") st.log("Chef Server IP : {}".format(ip)) url = "https://{}:443".format(ip) st.log("Chef server url used : {}".format(url)) if not chef_obj.chef_package_install(dut, url, ip_addr[0], 'admin', 'broadcom', 'YourPaSsWoRd'): st.report_env_fail("test_case_not_executeds") st.log("Done Installing the dependents packages if not installed.") if not chef_obj.sync_with_server_time(dut, ip, username, password): st.report_env_fail("test_case_not_executeds")
def clear_syslog_from_remote_server(dut): """ Clear the logs from the syslog server Author: Chaitanya Lohith Bollapragada ([email protected]) :param dut: :return: """ syslog_ip = utils.ensure_service_params(dut, "syslog", "ip") syslog_port = utils.ensure_service_params(dut, "syslog", "port") syslog_username = utils.ensure_service_params(dut, "syslog", "username") syslog_password = utils.ensure_service_params(dut, "syslog", "password") syslog_path = utils.ensure_service_params(dut, "syslog", "path") command = "sudo truncate -s 0 {}".format(syslog_path) syslog_con_obj = conf_obj.connect_to_device(syslog_ip, syslog_username, syslog_password, port=syslog_port) conf_obj.execute_command(syslog_con_obj, command) return True
def ensure_ntp_config(dut,iplist=[]): if not iplist: iplist = ensure_service_params(dut, "ntp", "default") if not iplist: st.log("NTP server IPs missing") return False commands = [] for ip in iplist: if not verify_ntp_server_exists(dut, ip, remote=ip): commands.append("config ntp add {}".format(ip)) st.config(dut, commands) return True
def get_syslog_from_remote_server(dut, severity=None, filter_list=None, lines=None): """ Get the logs from the syslog server Author: Chaitanya Lohith Bollapragada ([email protected]) :param dut: :param severity: :param filter_list: :param lines: :return: """ syslog_ip = utils.ensure_service_params(dut, "syslog", "ip") syslog_port = utils.ensure_service_params(dut, "syslog", "port") syslog_username = utils.ensure_service_params(dut, "syslog", "username") syslog_password = utils.ensure_service_params(dut, "syslog", "password") syslog_path = utils.ensure_service_params(dut, "syslog", "path") if filter_list is None: filter_list = [] filter_list = list(filter_list) if isinstance(filter_list, list) else [filter_list] command = "cat {}".format(syslog_path) if severity: command += " | grep '{}'".format(severity) for each_filter in filter_list: command += " | grep '{}'".format(each_filter) if lines: command += "| tail -n {} ".format(lines) syslog_con_obj = conf_obj.connect_to_device(syslog_ip, syslog_username, syslog_password, port=syslog_port) syslog_file_contents = conf_obj.execute_command(syslog_con_obj, command) return syslog_file_contents
def security_variables(): security_data.clear() if st.is_feature_supported("radius", vars.D1): security_data.radius_hosts = ensure_service_params( vars.D1, "radius", "hosts") security_data.radius_host_ip = ensure_service_params( vars.D1, "radius", "hosts", 0, "ip") security_data.radius_host_passkey = ensure_service_params( vars.D1, "radius", "hosts", 0, "passkey") security_data.radius_host_priority = ensure_service_params( vars.D1, "radius", "hosts", 0, "priority") security_data.tacacs_host_ip = ensure_service_params( vars.D1, "tacacs", "hosts", 0, "ip") security_data.tacacs_tcp_port = ensure_service_params( vars.D1, "tacacs", "hosts", 0, "tcp_port") security_data.tacacs_passkey = ensure_service_params( vars.D1, "tacacs", "hosts", 0, "passkey") security_data.tacacs_timeout = ensure_service_params( vars.D1, "tacacs", "hosts", 0, "timeout") security_data.tacacs_priority = ensure_service_params( vars.D1, "tacacs", "hosts", 0, "priority") security_data.tacacs_auth_type = ensure_service_params( vars.D1, "tacacs", "hosts", 0, "auth_type") security_data.delay = 5
def chef_module_hooks(request): global vars vars = st.ensure_min_topology("D1") if st.get_ui_type() in ['klish']: st.report_unsupported( 'test_execution_skipped', 'Skipping Chef test case for ui_type={}'.format(st.get_ui_type())) global free_ports global node_name global exclude_list global free_ports_samespeed free_ports = st.get_free_ports(vars.D1) if not free_ports: st.log("No free ports available") st.report_env_fail("test_case_not_executeds") vlan_members = [free_ports[0], free_ports[1], free_ports[2]] st.log("VLAN Members: {}".format(",".join(vlan_members))) free_ports_samespeed = get_free_ports_speed_list(vars.D1, vlan_members) st.log("Free ports same speed: {}".format(",".join(free_ports_samespeed))) exclude_list = vlan_members + [ free_ports_samespeed[0], free_ports_samespeed[1], free_ports_samespeed[2] ] node_name = 'testsonic{}'.format(random.randrange(1, 5000)) chef_params.client_path = util_obj.ensure_service_params( vars.D1, "chef", "client_path") chef_obj.delete_client_pem_files( vars.D1, "{}/{}".format(chef_params.client_path, "client.pem")) chef_obj.delete_client_pem_files( vars.D1, "{}/{}".format(chef_params.client_path, "validation.pem")) chef_pre_config_in_parallel() yield vlan_obj.clear_vlan_configuration(vars.D1) portchannel_obj.clear_portchannel_configuration(vars.D1) mac_obj.clear_mac(vars.D1) basic_obj.service_operations(vars.D1, "chef-client", "stop") chef_obj.delete_client_pem_files( vars.D1, "{}/{}".format(chef_params.client_path, "client.pem")) chef_obj.delete_chef_node(ssh_conn_obj, node_name) if ssh_conn_obj: con_obj.ssh_disconnect(ssh_conn_obj)
def ensure_ntp_config(dut,iplist=[], cli_type=''): cli_type = st.get_ui_type(dut, cli_type=cli_type) if not iplist: iplist = ensure_service_params(dut, "ntp", "default") if not iplist: st.log("NTP server IPs missing") return False commands = [] for ip in iplist: if not verify_ntp_server_exists(dut, ip, remote=ip): if cli_type == "click": commands.append("config ntp add {}".format(ip)) elif cli_type == "klish": commands.append("ntp server {}".format(ip)) elif cli_type in ['rest-patch', 'rest-put']: data = { "openconfig-system:servers": { "server": [ { "address": str(ip), "config": { "address": str(ip) } } ] } } rest_urls = st.get_datastore(dut, "rest_urls") url1 = rest_urls['config_ntp_server'].format(ip) if not config_rest(dut, http_method=cli_type, rest_url=url1, json_data=data): st.error("Failed to configure ntp {} server".format(ip)) return False else: st.log("UNSUPPORTED CLI TYPE -- {}".format(cli_type)) return False st.config(dut, commands, type=cli_type) return True
def test_ft_ssh_add_user_verify(): """ Author : Prudvi Mangadu ([email protected]) """ user_ssh = 0 acl_sshv4 = 0 acl_sshv6 = 0 acl_snmp = 0 if not snmp_config(config='add'): acl_snmp = +1 ipaddress = st.get_mgmt_ip(vars.D1) if not ipaddress: st.report_env_fail("ip_verification_fail") snmp_cmd = "snmpget -Oqv -v 2c -c {} {} {}".format(ssh_data.ro_community, ipaddress, ssh_data.oid_sysName) out = config_nondefault_user() if not out: user_ssh = +1 st.log("connecting to device with username={},password={}".format( ssh_data.usr_default, ssh_data.pwd_final)) if not st.exec_ssh(vars.D1, ssh_data.usr_default, ssh_data.pwd_final, ssh_data.commands_to_verify): st.error('Cannot SSH into Device with default credentials') user_ssh = +1 st.log('connecting to device with username={},password={}'.format( ssh_data.usr_non_default, ssh_data.pwd_non_default)) if not st.exec_ssh(vars.D1, ssh_data.usr_non_default, ssh_data.pwd_non_default, ssh_data.commands_to_verify): st.error('Cannot SSH into Device with non-default credentials') user_ssh = +1 output = verify_ssh_connection(vars.D2, ssh_data.ipv4_address_D1D2P2, ssh_data.usr_default, ssh_data.pwd_final) if not output: user_ssh = +1 IPAddr = ensure_service_params(vars.D1, "snmptrap", "ip") + "/32" change_acl_rules(acl_data.acl_json_config_control_plane, "SNMP_SSH|RULE_1", "SRC_IP", IPAddr) change_acl_rules(acl_data.acl_json_config_control_plane, "SNMP_SSH|RULE_2", "SRC_IP", IPAddr) change_acl_rules(acl_data.acl_json_config_control_plane, "SNMP_SSH|RULE_3", "SRC_IP", ssh_data.ipv4_network) change_acl_rules(acl_data.acl_json_config_control_plane, "V6_SSH_ONLY|RULE_1", "SRC_IPV6", ssh_data.ipv6_network_D1) acl_config = acl_data.acl_json_config_control_plane st.log("ACL_DATA: {}".format(acl_config)) acl_obj.apply_acl_config(vars.D1, acl_config) acl_obj.show_acl_table(vars.D1) acl_obj.show_acl_rule(vars.D1) if not poll_wait(acl_obj.verify_acl_table_rule, 5, vars.D1, "SNMP_SSH", "RULE_1"): st.error("Failed to create ACL rule '{}' ".format("SNMP_SSH")) acl_snmp = +1 if not poll_wait(acl_obj.verify_acl_table_rule, 5, vars.D1, "SNMP_SSH", "RULE_2"): st.error("Failed to create ACL rule '{}' ".format("SNMP_SSH")) acl_sshv4 = +1 if not poll_wait(acl_obj.verify_acl_table_rule, 5, vars.D1, "V6_SSH_ONLY", "RULE_1"): st.error("Failed to create ACL rule '{}' ".format("V6_SSH_ONLY")) acl_sshv6 = +1 hostname = get_hostname(vars.D1) st.log("HOSTNAME: {}".format(hostname)) snmp_out = execute_command(ssh_conn_obj, snmp_cmd) if hostname not in snmp_out: st.error("SNMP walk operation is failed") acl_snmp = +1 st.log("connecting to device with default username={},password={}".format( ssh_data.usr_default, ssh_data.pwd_final)) output = verify_ssh_connection(vars.D2, ssh_data.ipv4_address_D1D2P2, ssh_data.usr_default, ssh_data.pwd_final) if output: acl_sshv4 = +1 output = verify_ssh_connection(vars.D2, ssh_data.ipv6_address_D1D2P2, ssh_data.usr_default, ssh_data.pwd_final) if output: acl_sshv6 = +1 output = verify_ssh_connection(vars.D2, ssh_data.ipv4_address_D1D2P1, ssh_data.usr_default, ssh_data.pwd_final) if not output: acl_sshv4 = +1 output = verify_ssh_connection(vars.D2, ssh_data.ipv6_address_D1D2P1, ssh_data.usr_default, ssh_data.pwd_final) if not output: acl_sshv6 = +1 st.log( "connecting to device with non default username={},password={}".format( ssh_data.usr_non_default, ssh_data.pwd_non_default)) output = verify_ssh_connection(vars.D2, ssh_data.ipv4_address_D1D2P1, ssh_data.usr_non_default, ssh_data.pwd_non_default) if not output: acl_sshv4 = +1 output = verify_ssh_connection(vars.D2, ssh_data.ipv6_address_D1D2P1, ssh_data.usr_non_default, ssh_data.pwd_non_default) if not output: acl_sshv6 = +1 config_save(vars.D1) st.log('rebooting the device.') st.reboot(vars.D1, 'fast') acl_obj.show_acl_table(vars.D1) acl_obj.show_acl_rule(vars.D1) if not poll_wait(acl_obj.verify_acl_table_rule, 5, vars.D1, "SNMP_SSH", "RULE_2"): st.log("Failed to create ACL rule '{}' ".format("SSH_SSH")) acl_sshv4 = +1 if not poll_wait(acl_obj.verify_acl_table_rule, 5, vars.D1, "V6_SSH_ONLY", "RULE_1"): st.log("Failed to create ACL rule '{}' ".format("V6_SSH_ONLY")) acl_sshv4 = +1 if not poll_wait(acl_obj.verify_acl_table_rule, 5, vars.D1, "SNMP_SSH", "RULE_1"): st.error("Failed to create ACL rule '{}' ".format("SNMP_SSH")) acl_snmp = +1 ipaddress = st.get_mgmt_ip(vars.D1) if not ipaddress or not ip_obj.ping(vars.D1, IPAddr.strip('/32')): st.error( "Ping to SNMP server or getting ip address to the dut is failed after reload" ) acl_obj.acl_delete(vars.D1) config_nondefault_user(config='remove') st.report_fail("ip_verification_fail") snmp_cmd = "snmpget -Oqv -v 2c -c {} {} {}".format(ssh_data.ro_community, ipaddress, ssh_data.oid_sysName) hostname = get_hostname(vars.D1) snmp_out = execute_command(ssh_conn_obj, snmp_cmd) if hostname not in snmp_out: st.error("SNMP walk operation is failed after reload") acl_snmp = +1 st.log('Verifying SNMP ACL with invalid source address') change_acl_rules(acl_data.acl_json_config_control_plane, "SNMP_SSH|RULE_1", "SRC_IP", "2.2.2.0/24") acl_config = acl_data.acl_json_config_control_plane acl_obj.acl_delete(vars.D1) acl_obj.apply_acl_config(vars.D1, acl_config) st.wait(3, "Waiting to apply acl rules") snmp_out = execute_command(ssh_conn_obj, snmp_cmd) if "Timeout" not in snmp_out: acl_snmp = +1 st.log("connecting to device with default username={},password={}".format( ssh_data.usr_default, ssh_data.pwd_final)) output = verify_ssh_connection(vars.D2, ssh_data.ipv4_address_D1D2P2, ssh_data.usr_default, ssh_data.pwd_final) if output: acl_sshv4 = +1 output = verify_ssh_connection(vars.D2, ssh_data.ipv6_address_D1D2P2, ssh_data.usr_default, ssh_data.pwd_final) if output: acl_sshv6 = +1 output = verify_ssh_connection(vars.D2, ssh_data.ipv4_address_D1D2P1, ssh_data.usr_default, ssh_data.pwd_final) if not output: acl_sshv4 = +1 output = verify_ssh_connection(vars.D2, ssh_data.ipv6_address_D1D2P1, ssh_data.usr_default, ssh_data.pwd_final) if not output: acl_sshv6 = +1 if acl_sshv4: st.report_tc_fail("test_ft_controlplane_acl_service_sshv4", "ssh_failed", "with control plane ACL service SSHv4 after reboot") else: st.report_tc_pass("test_ft_controlplane_acl_service_sshv4", "ssh_failed", "with control plane ACL service SSHv4 after reboot") if acl_sshv6: st.report_tc_fail("test_ft_controlplane_acl_service_sshv6", "ssh_failed", "with control plane ACL service SSHv6 after reboot") else: st.report_tc_pass("test_ft_controlplane_acl_service_sshv6", "ssh_failed", "with control plane ACL service SSHv6 after reboot") if acl_snmp: st.report_tc_fail("test_ft_controlplane_acl_service_snmp", "snmp_output_failed", "with control plane ACL service SNMP after reboot") else: st.report_tc_pass("test_ft_controlplane_acl_service_snmp", "snmp_output_failed", "with control plane ACL service SNMP after reboot") acl_obj.acl_delete(vars.D1) if acl_sshv4 or acl_sshv6 or acl_snmp: st.generate_tech_support(vars.D1, "controlplane_acl_services_after_reboot") st.log('Verifying SSH connection after removing control plane ACLs') st.log("connecting to device with username={},password={}".format( ssh_data.usr_default, ssh_data.pwd_final)) if not st.exec_ssh(vars.D1, ssh_data.usr_default, ssh_data.pwd_final, ssh_data.commands_to_verify): st.error( 'Cannot SSH into Device with default credentials after reboot') user_ssh = +1 st.log('connecting to device with username={},password={}'.format( ssh_data.usr_non_default, ssh_data.pwd_non_default)) if not st.exec_ssh(vars.D1, ssh_data.usr_non_default, ssh_data.pwd_non_default, ssh_data.commands_to_verify): st.error( 'Cannot SSH into Device with non-default credentials after reboot') user_ssh = +1 config_nondefault_user(config='remove') if (user_ssh or acl_snmp or acl_sshv4 or acl_sshv6): st.report_fail("test_case_failed") st.report_pass("test_case_passed")
def global_vars(): global data data = SpyTestDict() data.servers = utils_obj.ensure_service_params(vars.D1, "ntp", "host") data.verify_no_server = 'None' data.ntp_service = 'ntp'
def pre_config_ztp(): global vars global ssh_conn_obj_oob_v6 global ssh_conn_obj global ssh_conn_obj_oob_v4 global ssh_conn_obj_inb_v4 global ssh_conn_obj_inb_v6 vars = st.get_testbed_vars() # DHCPV6 out of band params ztp_params.dhcp6.ip = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "outofband", "ip") ztp_params.dhcp6.username = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "outofband", "username") ztp_params.dhcp6.password = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "outofband", "password") ztp_params.dhcp6.oob_port = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "outofband", "interface") ztp_params.dhcp6.oob_static_ip = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "outofband", "static_ip") # DHCPV4 out of band params ztp_params.dhcp.ip = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "outofband", "ip") ztp_params.dhcp.username = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "outofband", "username") ztp_params.dhcp.password = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "outofband", "password") ztp_params.oob_port = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "outofband", "interface") ztp_params.static_ip = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "outofband", "static_ip") #DHCPV6 in band params ztp_params.dhcp6.inband_ip = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "inband", "ip") ztp_params.dhcp6.inband_username = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "inband", "username") ztp_params.dhcp6.inband_password = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "inband", "password") ztp_params.dhcp6.inband_static_ip = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "inband", "static_ip") ztp_params.dhcp6.inband_port = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "inband", "interface") # DHCPV4 in band params ztp_params.dhcp.inband_ip = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "inband", "ip") ztp_params.dhcp.inband_username = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "inband", "username") ztp_params.dhcp.inband_password = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "inband", "password") ztp_params.dhcp.inband_static_ip = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "inband", "static_ip") ztp_params.inband_port = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcp", "inband", "interface") ztp_params.dhcp6.oob_config_file = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "outofband", "config_file") ztp_params.dhcp6.inband_config_file = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "inband", "config_file") ztp_params.config_path = utils_obj.ensure_service_params( vars.D1, "ztp", "config_path") ztp_params.dhcp6.oob_home_path = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "outofband", "home_path") ztp_params.dhcp6.inband_home_path = utils_obj.ensure_service_params( vars.D1, "ztp", "dhcpv6", "inband", "home_path") ztp_params.port = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "port") ztp_params.dut_path = utils_obj.ensure_service_params( vars.D1, "ztp", "dut_path") ztp_params.ztp_cfg_file_name = utils_obj.ensure_service_params( vars.D1, "ztp", "ztp_cfg_file_name") ztp_params.provision_script_path = utils_obj.ensure_service_params( vars.D1, "ztp", "provision_script_path") st.log("Clearing V4/V6 lease database from DUT ...") basic_obj.delete_directory_contents(vars.D1, config_params.lease_db_path) st.log("####### Connecting to DHCPV6 server -- OUT OF BAND ...###########") ssh_conn_obj_oob_v6 = con_obj.connect_to_device(ztp_params.dhcp6.ip, ztp_params.dhcp6.username, ztp_params.dhcp6.password) if not ssh_conn_obj_oob_v6: st.error( "SSH connection object not found for DHCPV6 server OUT OF BAND.") if network_flag != "inband": reset_module_config() st.report_env_fail("ssh_connection_failed", ztp_params.dhcp6.ip) st.log( "############Connecting to DHCPV4 server -- OUT OF BAND ...#############" ) ssh_conn_obj_oob_v4 = con_obj.connect_to_device(ztp_params.dhcp.ip, ztp_params.dhcp.username, ztp_params.dhcp.password) if not ssh_conn_obj_oob_v4: st.error( "SSH connection object not found for DHCPV4 server OUT OF BAND.") # st.report_env_fail("ssh_connection_failed", ztp_params.dhcp6.ip) st.log( "###########Connecting to DHCPV4 server -- IN BAND ...##############") ssh_conn_obj_inb_v4 = con_obj.connect_to_device( ztp_params.dhcp.inband_ip, ztp_params.dhcp.inband_username, ztp_params.dhcp.inband_password) if not ssh_conn_obj_inb_v4: st.error( "SSH connection object not found for DHCPV4 server OUT OF BAND.") # st.report_env_fail("ssh_connection_failed", ztp_params.dhcp6.ip) ssh_conn_obj_inb_v6 = con_obj.connect_to_device( ztp_params.dhcp6.inband_ip, ztp_params.dhcp6.inband_username, ztp_params.dhcp6.inband_password) if not ssh_conn_obj_inb_v6: st.error( "SSH connection object not found for DHCPV4 server OUT OF BAND.") if network_flag == "inband": reset_module_config() st.report_env_fail("ssh_connection_failed", ztp_params.dhcp6.inband_ip) st.log( "###########Stopping V4/V6 services to avoid the DHCP option conflict .. ###########" ) v4_connection_objs = [ssh_conn_obj_oob_v4, ssh_conn_obj_inb_v4] for connection_obj in v4_connection_objs: if connection_obj: basic_obj.service_operations(connection_obj, config_params.dhcp_service_name, "stop", "server") if ztp_obj.verify_dhcpd_service_status(connection_obj, config_params.dhcpd_pid): st.log("{} service is running which is not expected".format( config_params.dhcp_service_name)) reset_module_config() st.report_fail("service_running_not_expected", config_params.dhcp_service_name) st.log("Restarting V6 services on required server .. ") if network_flag != "inband": ssh_conn_obj = ssh_conn_obj_oob_v6 st.log("Using OUT OF BAND V6 ssh object ... ") if ssh_conn_obj_inb_v6: basic_obj.service_operations(ssh_conn_obj_inb_v6, config_params.dhcp6_service_name, "stop", "server") if ztp_obj.verify_dhcpd_service_status(ssh_conn_obj_inb_v6, config_params.dhcpd6_pid): st.log("{} service is running which is not expected".format( config_params.dhcp6_service_name)) reset_module_config() st.report_fail("service_running_not_expected", config_params.dhcp6_service_name) else: st.log("SSH object for INB V6 server is not found ...") else: st.log("Using INBAND V6 ssh object ... ") ssh_conn_obj = ssh_conn_obj_inb_v6 if ssh_conn_obj_oob_v6: basic_obj.service_operations(ssh_conn_obj_oob_v6, config_params.dhcp6_service_name, "stop", "server") if ztp_obj.verify_dhcpd_service_status(ssh_conn_obj_oob_v6, config_params.dhcpd6_pid): st.log("{} service is running which is not expected".format( config_params.dhcp6_service_name)) reset_module_config() st.report_fail("service_running_not_expected", config_params.dhcp6_service_name) else: st.log("SSH object for OOB V6 server is not found ...") basic_obj.service_operations(ssh_conn_obj, config_params.dhcp6_service_name, "restart", "server") if not ztp_obj.verify_dhcpd_service_status(ssh_conn_obj, config_params.dhcpd6_pid): st.log("{} service is not running ".format( config_params.dhcp6_service_name)) reset_module_config() st.report_fail("service_running_not_expected", config_params.dhcp6_service_name) global dhcp6_port global dhcp6_static_ip global dhcp6_home_path global dhcp6_config_file if network_flag != "inband": dhcp6_port = ztp_params.dhcp6.oob_port dhcp6_static_ip = ztp_params.dhcp6.oob_static_ip dhcp6_home_path = ztp_params.dhcp6.oob_home_path dhcp6_config_file = ztp_params.dhcp6.oob_config_file ztp_params.home_path = ztp_params.dhcp6.oob_home_path else: dhcp6_port = ztp_params.dhcp6.inband_port dhcp6_static_ip = ztp_params.dhcp6.inband_static_ip dhcp6_home_path = ztp_params.dhcp6.inband_home_path dhcp6_config_file = ztp_params.dhcp6.inband_config_file ztp_params.home_path = ztp_params.dhcp6.inband_home_path basic_obj.ifconfig_operation(vars.D1, ztp_params.dhcp6.oob_port, "down") basic_obj.poll_for_system_status(vars.D1) ztp_cfg = { "admin-mode": True, "restart-ztp-interval": 30, "feat-console-logging": feat_logging_console } ztp_obj.config_ztp_backdoor_options(vars.D1, ztp_cfg)
def chef_pre_config_in_parallel(thread=True): [out, exceptions] = utils.exec_foreach(thread, vars.dut_list, chef_pre_config) st.log(exceptions) if False in out: st.report_env_fail("test_case_not_executeds") st.log("Fetching Chef config params from sonic services file") chef_params.ip = util_obj.ensure_service_params(vars.D1, "chef", "ip") chef_params.username = util_obj.ensure_service_params( vars.D1, "chef", "username") chef_params.password = util_obj.ensure_service_params( vars.D1, "chef", "password") chef_params.path = util_obj.ensure_service_params(vars.D1, "chef", "path") chef_params.roles = util_obj.ensure_service_params(vars.D1, "chef", "roles") chef_params.cookbook_path = util_obj.ensure_service_params( vars.D1, "chef", "cookbook_path") chef_params.client_path = util_obj.ensure_service_params( vars.D1, "chef", "client_path") chef_params.validation_file = util_obj.ensure_service_params( vars.D1, "chef", "validation_file") chef_params.client_rb = util_obj.ensure_service_params( vars.D1, "chef", "client_rb") chef_params.client_log = util_obj.ensure_service_params( vars.D1, "chef", "client_log") chef_params.default_rb = util_obj.ensure_service_params( vars.D1, "chef", "default_rb") chef_params.mgmt_intf = util_obj.ensure_service_params( vars.D1, "chef", "mgmt_intf") st.log("Logging in to chef server with the params from config file.") global ssh_conn_obj ssh_conn_obj = con_obj.connect_to_device(chef_params.ip, chef_params.username, chef_params.password) if not ssh_conn_obj: st.error("SSH connetion object not found.") st.report_env_fail("ssh_connection_failed", chef_params.ip) ip_addr = basic_obj.get_ifconfig_inet(vars.D1, chef_params.mgmt_intf) ssh_obj = con_obj.connect_to_device(ip_addr[0], 'admin', 'YourPaSsWoRd') if ssh_obj: chef_obj.bootstrap_chef_node(ssh_conn_obj, ip_addr[0], 'admin', 'YourPaSsWoRd', node_name) else: chef_obj.bootstrap_chef_node(ssh_conn_obj, ip_addr[0], 'admin', 'broadcom', node_name) st.log("CHEF pre-config Done")
def global_vars(): global data data = SpyTestDict() data.syslog_server = utils_obj.ensure_service_params( vars.D1, "syslog", "ip")
def security_variables(): security_data.clear() security_data.hosts = ensure_service_params(vars.D1, "radius", "hosts") security_data.radius_host_ip = ensure_service_params(vars.D1, "radius", "hosts", 0, "ip") security_data.radius_host_passkey = ensure_service_params(vars.D1, "radius", "hosts", 0, "passkey") security_data.radius_host_priority = ensure_service_params(vars.D1, "radius", "hosts", 0, "priority") security_data.global_diff_passkey = ensure_service_params(vars.D1, "radius", "globals", 1, "passkey") security_data.global_auth_type = ensure_service_params(vars.D1, "radius", "globals", 0, "auth_type") security_data.global_timeout = ensure_service_params(vars.D1, "radius", "globals", 0, "timeout") security_data.global_retransmit = ensure_service_params(vars.D1, "radius", "globals", 0, "retransmit") security_data.tacacs_host_ip = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "ip") security_data.tacacs_tcp_port = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "tcp_port") security_data.tacacs_passkey = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "passkey") security_data.tacacs_timeout = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "timeout") security_data.tacacs_priority = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "priority") security_data.tacacs_auth_type = ensure_service_params(vars.D1, "tacacs", "hosts", 0, "auth_type")
def pre_config_ztp(): global vars global ssh_conn_obj global outofband_conn_obj global ssh_conn_obj_oob_v6 global ssh_conn_obj_inb_v6 vars = st.get_testbed_vars() # DHCPV4 out of band params ztp_params.dhcp.ip = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "outofband", "ip") ztp_params.dhcp.username = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "outofband", "username") ztp_params.dhcp.password = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "outofband", "password") ztp_params.oob_port = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "outofband", "interface") # DHCPV4 in band params ztp_params.dhcp.inband_ip = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "ip") ztp_params.dhcp.inband_username = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "username") ztp_params.dhcp.inband_password = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "password") ztp_params.dhcp.inband_config_file = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "config_file") ztp_params.dhcp.inband_static_ip = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "static_ip") ztp_params.inband_port = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "interface") ztp_params.config_path = utils_obj.ensure_service_params(vars.D1, "ztp", "config_path") ztp_params.firmware_path = utils_obj.ensure_service_params(vars.D1, "ztp", "firmware_path") ztp_params.home_path = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "home_path") ztp_params.port = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "port") ztp_params.build_file_name = utils_obj.ensure_service_params(vars.D1, "ztp", "build_file_name") ztp_params.uninstall_image = utils_obj.ensure_service_params(vars.D1, "ztp", "uninstall_image") ztp_params.dut_path = utils_obj.ensure_service_params(vars.D1, "ztp", "dut_path") ztp_params.ztp_cfg_file_name = utils_obj.ensure_service_params(vars.D1, "ztp", "ztp_cfg_file_name") ztp_params.provision_script_path = utils_obj.ensure_service_params(vars.D1, "ztp", "provision_script_path") ztp_params.docker_path = utils_obj.ensure_service_params(vars.D1, "ztp", "docker_path") ztp_params.docker_image = utils_obj.ensure_service_params(vars.D1, "ztp", "docker_image") ztp_params.docker_component_name = utils_obj.ensure_service_params(vars.D1, "ztp", "docker_component_name") ztp_params.inband_port = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "interface") ztp_params.minigraph_file = utils_obj.ensure_service_params(vars.D1, "ztp", "minigraph_file") ztp_params.xml_path = utils_obj.ensure_service_params(vars.D1, "ztp", "xml_path") # DHCPV6 out of band params ztp_params.dhcp6.ip = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "outofband", "ip") ztp_params.dhcp6.username = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "outofband", "username") ztp_params.dhcp6.password = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "outofband", "password") ztp_params.dhcp6.oob_port = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "outofband", "interface") ztp_params.dhcp6.oob_static_ip = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "outofband", "static_ip") # DHCPV6 IN band params ztp_params.dhcp6.inband_ip = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "inband", "ip") ztp_params.dhcp6.inband_username = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "inband", "username") ztp_params.dhcp6.inband_password = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "inband", "password") ztp_params.dhcp6.inband_static_ip = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "inband", "static_ip") ztp_params.dhcp6.inband_port = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "inband", "interface") ztp_params.dhcp.inband_v4_subnet = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "subnet") ztp_params.dhcp.oob_v4_subnet= utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "outofband", "subnet") ztp_params.dhcp6.inband_v6_subnet = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "inband", "subnet") ztp_params.dhcp6.oob_v6_subnet = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcpv6", "outofband", "subnet") ztp_params.dhcp.client_ip_inband = utils_obj.ensure_service_params(vars.D1, "ztp", "dhcp", "inband", "client_ip") ztp_params.breakout = utils_obj.ensure_service_params(vars.D1, "ztp", "breakout") ztp_params.cli_type = st.get_ui_type(vars.D1) st.log("Clearing V4/V6 lease database from DUT ...") basic_obj.delete_directory_contents(vars.D1, config_params.lease_db_path) st.log("################# Logging in to DHCPV4 server ---- IN BAND ...#################") ssh_conn_obj = con_obj.connect_to_device(ztp_params.dhcp.inband_ip, ztp_params.dhcp.inband_username, ztp_params.dhcp.inband_password) if not ssh_conn_obj: st.error("SSH connetion object not found for DHCPV4 server IN BAND.") reset_module_config() st.report_env_fail("ssh_connection_failed", ztp_params.dhcp.inband_ip) st.log("########Restarting DHCPV4 service##########") basic_obj.service_operations(ssh_conn_obj, config_params.dhcp_service_name, "restart", "server") st.log("########Verifying DHCPV4 service status##########") if not ztp_obj.verify_dhcpd_service_status(ssh_conn_obj, config_params.dhcpd_pid): st.log("{} service is not running ".format(config_params.dhcp_service_name)) reset_module_config() st.report_fail("service_running_not_expected", config_params.dhcp_service_name) st.log("################# Logging in to DHCPV4 server ---- OUT OF BAND ... #################") outofband_conn_obj = con_obj.connect_to_device(ztp_params.dhcp.ip, ztp_params.dhcp.username, ztp_params.dhcp.password) if not outofband_conn_obj: st.error("OUT OF BAND SSH connetion object not found.") else: basic_obj.service_operations(outofband_conn_obj, config_params.dhcp_service_name, "stop", "server") if ztp_obj.verify_dhcpd_service_status(outofband_conn_obj, config_params.dhcpd_pid): st.log("{} service is running which is not expected".format(config_params.dhcp_service_name)) reset_module_config() st.report_fail("service_running_not_expected", config_params.dhcp_service_name) # st.report_env_fail("ssh_connection_failed", ztp_params.dhcp.ip) st.log("################# Logging in to DHCPV6 server -- OUT OF BAND ... #################") ssh_conn_obj_oob_v6 = con_obj.connect_to_device(ztp_params.dhcp6.ip, ztp_params.dhcp6.username, ztp_params.dhcp6.password) if not ssh_conn_obj_oob_v6: st.error("SSH connection object not found for DHCPV6 server OUT OF BAND.") st.log("################# Logging in to DHCPV6 server ---- IN BAND ... ##################") ssh_conn_obj_inb_v6 = con_obj.connect_to_device(ztp_params.dhcp6.inband_ip, ztp_params.dhcp6.inband_username, ztp_params.dhcp6.inband_password) if not ssh_conn_obj_inb_v6: st.error("SSH connection object not found for DHCPV6 server IN BAND.") st.log("Stopping V4/V6 services to avoid the DHCP option conflict .. ") v6_connection_objs = [ssh_conn_obj_inb_v6, ssh_conn_obj_oob_v6] for connection_obj in v6_connection_objs: if connection_obj: basic_obj.service_operations(connection_obj, config_params.dhcp6_service_name, "stop", "server") if ztp_obj.verify_dhcpd_service_status(connection_obj, config_params.dhcpd6_pid): st.log("{} service is running which is not expected".format(config_params.dhcp6_service_name)) reset_module_config() st.report_fail("service_running_not_expected", config_params.dhcp6_service_name) basic_obj.poll_for_system_status(vars.D1) st.log("Shutting down the out of band interface ...") basic_obj.ifconfig_operation(vars.D1, ztp_params.oob_port, "down") ztp_cfg = {"admin-mode": True, "restart-ztp-interval": 30, "feat-console-logging": feat_logging_console} ztp_obj.config_ztp_backdoor_options(vars.D1, ztp_cfg)