def test_hbs_mgmnt_vn_ref_muliple_add(self):
hbs = HostBasedService('hbs-%s' % self.id(), parent_obj=self.project)
self.api.host_based_service_create(hbs)
vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=self.project)
self.api.virtual_network_create(vn1)
vn2 = VirtualNetwork('vn2-%s' % self.id(), parent_obj=self.project)
self.api.virtual_network_create(vn2)
for vn_type in ['management']:
self.api.ref_update(
hbs.resource_type,
hbs.uuid,
vn1.resource_type,
vn1.uuid,
None,
'ADD',
ServiceVirtualNetworkType(vn_type),
)
self.assertRaises(
BadRequest,
self.api.ref_update,
hbs.resource_type,
hbs.uuid,
vn2.resource_type,
vn2.uuid,
None,
'ADD',
ServiceVirtualNetworkType(vn_type),
)
def test_hbs_unique_vn_ref_per_type(self):
hbs = HostBasedService('hbs-%s' % self.id(), parent_obj=self.project)
self.api.host_based_service_create(hbs)
vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=self.project)
self.api.virtual_network_create(vn1)
vn2 = VirtualNetwork('vn2-%s' % self.id(), parent_obj=self.project)
self.api.virtual_network_create(vn2)
for vn_type in ['management', 'left', 'right', 'other']:
self.api.ref_update(
hbs.resource_type,
hbs.uuid,
vn1.resource_type,
vn1.uuid,
None,
'ADD',
ServiceVirtualNetworkType(vn_type),
)
self.assertRaises(
BadRequest,
self.api.ref_update,
hbs.resource_type,
hbs.uuid,
vn1.resource_type,
vn2.uuid,
None,
'ADD',
ServiceVirtualNetworkType(vn_type),
)
hbs = self.api.host_based_service_read(id=hbs.uuid)
hbs.set_virtual_network_list([])
self.api.host_based_service_update(hbs)
def _create_network(self,
vn_name,
vn_type,
proj_obj,
ipam_obj,
ipam_update,
provider=None):
# Check if the VN already exists.
# If yes, update existing VN object with k8s config.
vn_exists = False
vn = VirtualNetwork(name=vn_name,
parent_obj=proj_obj,
address_allocation_mode='flat-subnet-only')
try:
vn_obj = self.vnc_lib.virtual_network_read(
fq_name=vn.get_fq_name())
vn_exists = True
except NoIdError:
# VN does not exist. Create one.
vn_obj = vn
# Attach IPAM to virtual network.
#
# For flat-subnets, the subnets are specified on the IPAM and
# not on the virtual-network to IPAM link. So pass an empty
# list of VnSubnetsType.
if ipam_update or \
not self._is_ipam_exists(vn_obj, ipam_obj.get_fq_name()):
vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([]))
vn_obj.set_virtual_network_properties(
VirtualNetworkType(forwarding_mode='l3'))
fabric_snat = False
if vn_type == 'pod-network':
fabric_snat = True
if not vn_exists:
if self.args.ip_fabric_forwarding:
if provider:
# enable ip_fabric_forwarding
vn_obj.add_virtual_network(provider)
elif fabric_snat and self.args.ip_fabric_snat:
# enable fabric_snat
vn_obj.set_fabric_snat(True)
else:
# disable fabric_snat
vn_obj.set_fabric_snat(False)
# Create VN.
self.vnc_lib.virtual_network_create(vn_obj)
else:
self.vnc_lib.virtual_network_update(vn_obj)
vn_obj = self.vnc_lib.virtual_network_read(
fq_name=vn_obj.get_fq_name())
VirtualNetworkKM.locate(vn_obj.uuid)
return vn_obj
def _create_virtual_network(self, vn_name, proj_obj, ipam_obj,
ipam_update, provider=None, subnets=None,
type='flat-subnet-only', ip_fabric_snat=None):
vn_exists = False
vn = VirtualNetwork(
name=vn_name, parent_obj=proj_obj,
address_allocation_mode=type)
try:
vn_obj = self._vnc_lib.virtual_network_read(
fq_name=vn.get_fq_name())
vn_exists = True
except NoIdError:
# VN does not exist. Create one.
vn_obj = vn
if vn_exists:
return vn_obj
# Attach IPAM to virtual network.
#
# For flat-subnets, the subnets are specified on the IPAM and
# not on the virtual-network to IPAM link. So pass an empty
# list of VnSubnetsType.
# For user-defined-subnets, use the provided subnets
if ipam_update or \
not self._is_ipam_exists(vn_obj, ipam_obj.get_fq_name()):
if subnets and type == 'user-defined-subnet-only':
vn_obj.add_network_ipam(ipam_obj, subnets)
else:
vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([]))
vn_obj.set_virtual_network_properties(
VirtualNetworkType(forwarding_mode='l2_l3'))
if not vn_exists:
if provider:
# enable ip_fabric_forwarding
vn_obj.add_virtual_network(provider)
elif ip_fabric_snat:
# enable fabric_snat
vn_obj.set_fabric_snat(True)
else:
# disable fabric_snat
vn_obj.set_fabric_snat(False)
# Create VN.
self._vnc_lib.virtual_network_create(vn_obj)
else:
# TODO: Handle Network update
pass
vn_obj = self._vnc_lib.virtual_network_read(
fq_name=vn_obj.get_fq_name())
VirtualNetworkKM.locate(vn_obj.uuid)
return vn_obj
def test_vm_port_not_added_to_lr(self):
project = self._vnc_lib.project_read(
['default-domain', 'default-project'])
ipam = self._vnc_lib.network_ipam_read(
['default-domain', 'default-project', 'default-network-ipam'])
# Create subnets
ipam_sn_v4_vn = IpamSubnetType(subnet=SubnetType('11.1.1.0', 24))
# Create VN my-vn
vn = VirtualNetwork('%s-vn' % self.id(), project)
vn.add_network_ipam(ipam, VnSubnetsType([ipam_sn_v4_vn]))
self._vnc_lib.virtual_network_create(vn)
net_obj = self._vnc_lib.virtual_network_read(id=vn.uuid)
# Create v4 Ip object
ip_obj = InstanceIp(name=str(uuid.uuid4()), instance_ip_family='v4')
ip_obj.uuid = ip_obj.name
# Create VM
vm_inst_obj = VirtualMachine(str(uuid.uuid4()))
vm_inst_obj.uuid = vm_inst_obj.name
self._vnc_lib.virtual_machine_create(vm_inst_obj)
id_perms = IdPermsType(enable=True)
vm_port_obj = VirtualMachineInterface(str(uuid.uuid4()),
vm_inst_obj,
id_perms=id_perms)
vm_port_obj.uuid = vm_port_obj.name
vm_port_obj.set_virtual_network(vn)
ip_obj.set_virtual_machine_interface(vm_port_obj)
ip_obj.set_virtual_network(net_obj)
self._vnc_lib.virtual_machine_interface_create(vm_port_obj)
self._vnc_lib.instance_ip_create(ip_obj)
# Create Logical Router
lr = LogicalRouter('router-test-v4-%s' % self.id(), project)
self._vnc_lib.logical_router_create(lr)
# Add Router Interface
lr.add_virtual_machine_interface(vm_port_obj)
with ExpectedException(RefsExistError):
self._vnc_lib.logical_router_update(lr)
lr.del_virtual_machine_interface(vm_port_obj)
# Create Port
port_obj = self.create_port(project, net_obj)
lr.add_virtual_machine_interface(port_obj)
self._vnc_lib.logical_router_update(lr)
with ExpectedException(BadRequest):
port_obj.add_virtual_machine(vm_inst_obj)
self._vnc_lib.virtual_machine_interface_update(port_obj)
self._vnc_lib.logical_router_delete(id=lr.uuid)
def test_delete_lr_missing_vn_refs(self):
# Get Project Ref
project = self._vnc_lib.project_read(
fq_name=['default-domain', 'default-project'])
lr = LogicalRouter('router-test-missing_vn_refs-%s' % (self.id()),
project)
lr.set_logical_router_type('vxlan-routing')
lr_uuid = self._vnc_lib.logical_router_create(lr)
lr = self._vnc_lib.logical_router_read(id=lr_uuid)
logger.debug('Created Logical Router ')
# Create a VN Object
vn = VirtualNetwork('%s-vn' % self.id(), project)
self._vnc_lib.virtual_network_create(vn)
# Create a Virtual Machine Interface that does not have VN Ref
id_perms = IdPermsType(enable=True)
vmi_no_vn_ref = VirtualMachineInterface(str(uuid.uuid4()),
parent_obj=project,
id_perms=id_perms)
vmi_no_vn_ref.set_virtual_network(vn)
vmi_uuid = self._vnc_lib.virtual_machine_interface_create(
vmi_no_vn_ref)
# Do not associate VN Ref to VMI and create
lr.add_virtual_machine_interface(vmi_no_vn_ref)
self._vnc_lib.logical_router_update(lr)
vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_uuid)
vn_refs = vmi_obj.get_virtual_network_refs()
vn_uuid = vn_refs[0]['uuid']
self._vnc_lib.ref_update('virtual_machine_interface', vmi_uuid,
'virtual_network', vn_uuid, None, 'DELETE')
vmi_obj = self._vnc_lib.virtual_machine_interface_read(id=vmi_uuid)
vn_refs = vmi_obj.get_virtual_network_refs()
self.assertIsNone(vn_refs)
# Create a VN Object
vn2 = VirtualNetwork('%s-vn2' % self.id(), project)
self._vnc_lib.virtual_network_create(vn2)
# Create a Virtual Machine Interface that does not have VN Ref
vmi_no_vn_ref_2 = VirtualMachineInterface(str(uuid.uuid4()),
parent_obj=project,
id_perms=id_perms)
vmi_no_vn_ref_2.set_virtual_network(vn2)
self._vnc_lib.virtual_machine_interface_create(vmi_no_vn_ref_2)
# Do not associate VN Ref to VMI and create
lr.add_virtual_machine_interface(vmi_no_vn_ref_2)
self._vnc_lib.logical_router_update(lr)
# Deleting directly from api-server as api server
# will not allow deletion
self._vnc_lib.logical_router_delete(id=lr.uuid)
def _create_cluster_network(self):
proj_fq_name = vnc_kube_config.cluster_default_project_fq_name()
proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name)
vn_obj = VirtualNetwork(
name='cluster-network',
parent_obj=proj_obj,
address_allocation_mode='user-defined-subnet-only')
ipam_fq_name = ['default-domain', 'default-project',
'default-network-ipam']
ipam_obj = self._vnc_lib.network_ipam_read(fq_name=ipam_fq_name)
subnet_data = self._create_subnet_data('10.32.0.0/24')
vn_obj.add_network_ipam(ipam_obj, subnet_data)
return self._vnc_lib.virtual_network_create(vn_obj)
def test_same_network_not_attached_to_lr(self):
project = self._vnc_lib.project_read(
['default-domain', 'default-project'])
ipam = self._vnc_lib.network_ipam_read(
['default-domain', 'default-project', 'default-network-ipam'])
# Create subnets
ipam_sn_v4_vn = IpamSubnetType(subnet=SubnetType('11.1.1.0', 24))
# Create VN my-vn
vn = VirtualNetwork('%s-vn' % self.id(), project)
vn.add_network_ipam(ipam, VnSubnetsType([ipam_sn_v4_vn]))
self._vnc_lib.virtual_network_create(vn)
net_obj = self._vnc_lib.virtual_network_read(id=vn.uuid)
# Create v4 Ip object
ip_obj = InstanceIp(name=str(uuid.uuid4()), instance_ip_family='v4')
ip_obj.uuid = ip_obj.name
# Create Port
port_obj = self.create_port(project, net_obj)
# Create Logical Router
lr = LogicalRouter('router-test-v4-%s' % self.id(), project)
lr.set_logical_router_type('snat-routing')
self._vnc_lib.logical_router_create(lr)
# Add Router Interface
lr.add_virtual_machine_interface(port_obj)
self._vnc_lib.logical_router_update(lr)
# set router_external
net_obj.set_router_external(True)
self._vnc_lib.virtual_network_update(net_obj)
with ExpectedException(BadRequest):
lr.add_virtual_network(net_obj)
self._vnc_lib.logical_router_update(lr)
lr.del_virtual_network(net_obj)
lr.del_virtual_machine_interface(port_obj)
self._vnc_lib.logical_router_update(lr)
lr.add_virtual_network(net_obj)
self._vnc_lib.logical_router_update(lr)
# Create Port
port_obj = self.create_port(project, net_obj)
with ExpectedException(BadRequest):
lr.add_virtual_machine_interface(port_obj)
self._vnc_lib.logical_router_update(lr)
self._vnc_lib.logical_router_delete(id=lr.uuid)
def _create_virtual_network(self, project='default',
network='cluster-network'):
proj_fq_name = ['default-domain', project]
proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name)
vn_obj = VirtualNetwork(
name=network,
parent_obj=proj_obj,
address_allocation_mode='user-defined-subnet-only')
ipam_fq_name = ['default-domain', 'default-project',
'default-network-ipam']
ipam_obj = self._vnc_lib.network_ipam_read(fq_name=ipam_fq_name)
subnet_data = self._create_subnet_data('10.0.0.0/24')
vn_obj.add_network_ipam(ipam_obj, subnet_data)
return self._vnc_lib.virtual_network_create(vn_obj)
def _create_virtual_network(self, project='default',
network='cluster-network'):
proj_fq_name = ['default-domain', project]
proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name)
vn_obj = VirtualNetwork(
name=network,
parent_obj=proj_obj,
address_allocation_mode='user-defined-subnet-only')
ipam_fq_name = ['default-domain', 'default-project',
'default-network-ipam']
ipam_obj = self._vnc_lib.network_ipam_read(fq_name=ipam_fq_name)
subnet_data = self._create_subnet_data(self.external_cidr)
vn_obj.add_network_ipam(ipam_obj, subnet_data)
return self._vnc_lib.virtual_network_create(vn_obj)
def _create_virtual_network(self, project='default',
network='cluster-default-service-network'):
if project == 'default':
project = kube_config.VncKubernetesConfig.cluster_project_name('default')
proj_fq_name = ['default-domain', project]
proj_obj = self._vnc_lib.project_read(fq_name=proj_fq_name)
vn_obj = VirtualNetwork(
name=network,
parent_obj=proj_obj,
address_allocation_mode='user-defined-subnet-only')
ipam_fq_name = ['default-domain', 'default-project',
'default-network-ipam']
ipam_obj = self._vnc_lib.network_ipam_read(fq_name=ipam_fq_name)
subnet_data = self._create_subnet_data(self.external_cidr)
vn_obj.add_network_ipam(ipam_obj, subnet_data)
return self._vnc_lib.virtual_network_create(vn_obj)
def gen_virtual_network(project, route_target_list,
virtual_network_properties):
vnet = VirtualNetwork(
name=conf.get('default_net_name'),
parent_obj=project,
route_target_list=route_target_list,
router_external=True,
virtual_network_properties=virtual_network_properties)
return vnet
def test_hbs_create_with_mgmt_vn_ref(self):
project2 = Project('project2-%s' % self.id())
project2.set_quota(QuotaType(host_based_service=1))
self.api.project_create(project2)
vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=project2)
self.api.virtual_network_create(vn1)
hbs1 = HostBasedService('hbs1-%s' % self.id(), parent_obj=project2)
hbs1.add_virtual_network(vn1, ServiceVirtualNetworkType('management'))
self.api.host_based_service_create(hbs1)
def test_hbs_create_with_annotations(self):
project2 = Project('project2-%s' % self.id())
project2.set_quota(QuotaType(host_based_service=1))
self.api.project_create(project2)
vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=project2)
self.api.virtual_network_create(vn1)
hbs1 = HostBasedService('hbs1-%s' % self.id(), parent_obj=project2)
hbs1.add_annotations(KeyValuePair(
key='image', value='hub.juniper.net/security/csrx:19.2R1.8'))
hbs1.add_annotations(KeyValuePair(key='imagePullSecrets', value='psd'))
self.api.host_based_service_create(hbs1)
def test_hbs_create_with_vn_ref(self):
project2 = Project('project2-%s' % self.id())
self.api.project_create(project2)
vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=project2)
self.api.virtual_network_create(vn1)
hbs1 = HostBasedService('hbs1-%s' % self.id(), parent_obj=project2)
hbs1.add_virtual_network(vn1, ServiceVirtualNetworkType('left'))
self.assertRaises(
BadRequest,
self.api.host_based_service_create,
hbs1
)
def _create_ipv6_ll_ipam_and_vn(self, vnc_api, network_name):
nw_fq_name = ['default-domain', 'default-project', network_name]
ipam_fq_name = ['default-domain', 'default-project',
'_internal_ipam_ipv6_link_local']
subnets = VnSubnetsType([(IpamSubnetType(subnet=SubnetType('fe80::',
64),
default_gateway='fe80::1',
addr_from_start=True,
subnet_uuid=str(uuid.uuid1())
)
)]
)
ipam = NetworkIpam(
name='_internal_ipam_ipv6_link_local',
fq_name=ipam_fq_name,
parent_type='project',
ipam_subnet_method='user-defined-subnet')
try:
self._vnc_api.network_ipam_create(ipam)
except RefsExistError as ex:
error_msg = 'network IPAM \'ipv6_link_local\' already \
exists or other conflict: {}' \
.format(str(ex))
self._logger.error(error_msg)
self._vnc_api.network_ipam_update(ipam)
network = VirtualNetwork(
name=network_name,
fq_name=nw_fq_name,
parent_type='project',
address_allocation_mode="user-defined-subnet-only")
try:
network.add_network_ipam(ipam, subnets)
vnc_api.virtual_network_create(network)
except Exception as ex:
self._logger.error("virtual network '%s' already exists or "
"other conflict: %s" % (network_name, str(ex)))
vnc_api.virtual_network_update(network)
def basic_issu_policy_pre(self):
vn1_name = self.id() + 'vn1'
vn2_name = self.id() + 'vn2'
vn1_obj = VirtualNetwork(vn1_name)
vn2_obj = VirtualNetwork(vn2_name)
np = self.create_network_policy(vn1_obj, vn2_obj)
seq = SequenceType(1, 1)
vnp = VirtualNetworkPolicyType(seq)
vn1_obj.set_network_policy(np, vnp)
vn2_obj.set_network_policy(np, vnp)
self._vnc_lib.virtual_network_create(vn1_obj)
self._vnc_lib.virtual_network_create(vn2_obj)
self.assertTill(self.vnc_db_has_ident, obj=vn1_obj)
self.assertTill(self.vnc_db_has_ident, obj=vn2_obj)
self.check_ri_ref_present(self.get_ri_name(vn1_obj),
self.get_ri_name(vn2_obj))
self.check_ri_ref_present(self.get_ri_name(vn2_obj),
self.get_ri_name(vn1_obj))
def test_hbs_default_vn_ref_add_with_annotations(self):
hbs = HostBasedService('hbs-%s' % self.id(), parent_obj=self.project)
self.api.host_based_service_create(hbs)
vn1 = VirtualNetwork('vn1-%s' % self.id(), parent_obj=self.project)
self.api.virtual_network_create(vn1)
hbs.add_annotations(KeyValuePair(key='imagePullSecrets', value='psd'))
for vn_type in ['left', 'right']:
self.assertRaises(
BadRequest,
self.api.ref_update,
hbs.resource_type,
hbs.uuid,
vn1.resource_type,
vn1.uuid,
None,
'ADD',
ServiceVirtualNetworkType(vn_type),
)
def test_lr_v4_subnets(self):
# Create Domain
domain = Domain('my-lr-domain')
self._vnc_lib.domain_create(domain)
# Create Project
project = Project('my-lr-proj', domain)
self._vnc_lib.project_create(project)
# Create NetworkIpam
ipam = NetworkIpam('default-network-ipam', project, IpamType("dhcp"))
self._vnc_lib.network_ipam_create(ipam)
ipam = self._vnc_lib.network_ipam_read(
['my-lr-domain', 'my-lr-proj', 'default-network-ipam'])
# Create subnets
ipam_sn_v4_vn1 = IpamSubnetType(subnet=SubnetType('11.1.1.0', 24))
ipam_sn_v6_vn1 = IpamSubnetType(subnet=SubnetType('fd11::', 120))
ipam_sn_v4_vn2 = IpamSubnetType(subnet=SubnetType('11.1.2.0', 24))
ipam_sn_v6_vn2 = IpamSubnetType(subnet=SubnetType('fd12::', 120))
# Create VN my-vn-1
vn1 = VirtualNetwork('my-vn-1', project)
vn1.add_network_ipam(ipam,
VnSubnetsType([ipam_sn_v4_vn1, ipam_sn_v6_vn1]))
self._vnc_lib.virtual_network_create(vn1)
net_obj1 = self._vnc_lib.virtual_network_read(id=vn1.uuid)
# Create VN my-vn-2
vn2 = VirtualNetwork('my-vn-2', project)
vn2.add_network_ipam(ipam,
VnSubnetsType([ipam_sn_v4_vn2, ipam_sn_v6_vn2]))
self._vnc_lib.virtual_network_create(vn2)
net_obj2 = self._vnc_lib.virtual_network_read(id=vn2.uuid)
# Create Logical Router
lr = LogicalRouter('router-test-v4-%s' % self.id(), project)
lr_uuid = self._vnc_lib.logical_router_create(lr)
# Create a Virtual Machine Interface belonging to my-vn-1
id_perms = IdPermsType(enable=True)
port_obj1 = VirtualMachineInterface(str(uuid.uuid4()),
parent_obj=project,
id_perms=id_perms)
port_obj1.uuid = port_obj1.name
port_obj1.set_virtual_network(vn1)
port_obj1.set_virtual_machine_interface_device_owner(
'DEVICE_OWNER_ROUTER_INTF')
# Assign gateway ip
ipam_refs = net_obj1.get_network_ipam_refs()
for ipam_ref in ipam_refs:
subnets = ipam_ref['attr'].get_ipam_subnets()
for subnet in subnets:
cidr = '%s/%s' % (subnet.subnet.get_ip_prefix(),
subnet.subnet.get_ip_prefix_len())
if IPNetwork(cidr).version == 4:
gateway_ip = subnet.get_default_gateway()
self._vnc_lib.virtual_machine_interface_create(port_obj1)
# Create v4 Ip object
ip_obj1 = InstanceIp(name=str(uuid.uuid4()),
instance_ip_address=gateway_ip,
instance_ip_family='v4')
ip_obj1.uuid = ip_obj1.name
ip_obj1.set_virtual_machine_interface(port_obj1)
ip_obj1.set_virtual_network(net_obj1)
ip_id1 = self._vnc_lib.instance_ip_create(ip_obj1)
# Add Router Interface (test being subnet)
lr.add_virtual_machine_interface(port_obj1)
self._vnc_lib.logical_router_update(lr)
# Create a Virtual Machine Interface belonging to my-vn-2
port_obj2 = VirtualMachineInterface(str(uuid.uuid4()),
parent_obj=project,
id_perms=id_perms)
port_obj2.uuid = port_obj2.name
port_obj2.set_virtual_network(vn2)
port_obj2.set_virtual_machine_interface_device_owner(
'DEVICE_OWNER_ROUTER_INTF')
# Assign gateway ip
ipam_refs = net_obj2.get_network_ipam_refs()
for ipam_ref in ipam_refs:
subnets = ipam_ref['attr'].get_ipam_subnets()
for subnet in subnets:
cidr = '%s/%s' % (subnet.subnet.get_ip_prefix(),
subnet.subnet.get_ip_prefix_len())
if IPNetwork(cidr).version == 4:
gateway_ip = subnet.get_default_gateway()
self._vnc_lib.virtual_machine_interface_create(port_obj2)
# Create v4 Ip object
ip_obj2 = InstanceIp(name=str(uuid.uuid4()),
instance_ip_address=gateway_ip,
instance_ip_family='v4')
ip_obj2.uuid = ip_obj2.name
ip_obj2.set_virtual_machine_interface(port_obj2)
ip_obj2.set_virtual_network(net_obj2)
ip_id2 = self._vnc_lib.instance_ip_create(ip_obj2)
# Add Router Interface (test being subnet)
lr.add_virtual_machine_interface(port_obj2)
self._vnc_lib.logical_router_update(lr)
# TODO: Schema transformer not integrated in the tests,
# hence route-target refs not set yet
# Verify Route Target Creation
rt_refs = lr.get_route_target_refs()
for rt_ref in rt_refs or []:
rt_obj = self._vnc_lib.route_target_read(id=rt_ref['uuid'])
ri_refs = rt_obj.get_routing_instance_back_refs()
for ri_ref in ri_refs:
ri_obj = self.vnc_lib.routing_instance_read(id=ri_ref['uuid'])
ri_name = ri_obj.get_display_name()
if ri_name != 'my-vn-1' and ri_name != 'my-vn-2':
pass
# cleanup
self._vnc_lib.instance_ip_delete(id=ip_id1)
self._vnc_lib.instance_ip_delete(id=ip_id2)
self._vnc_lib.logical_router_delete(id=lr_uuid)
self._vnc_lib.virtual_machine_interface_delete(id=port_obj1.uuid)
self._vnc_lib.virtual_machine_interface_delete(id=port_obj2.uuid)
self._vnc_lib.virtual_network_delete(id=vn1.uuid)
self._vnc_lib.virtual_network_delete(id=vn2.uuid)
self._vnc_lib.network_ipam_delete(id=ipam.uuid)
self._vnc_lib.project_delete(id=project.uuid)
self._vnc_lib.domain_delete(id=domain.uuid)
def test_vxlan_routing_for_internal_vn(self):
project = self._vnc_lib.project_read(
fq_name=['default-domain', 'default-project'])
project.set_vxlan_routing(True)
self._vnc_lib.project_update(project)
# Create Logical Router
lr = LogicalRouter('router-test-v4-%s' % self.id(), project)
lr_uuid = self._vnc_lib.logical_router_create(lr)
lr = self._vnc_lib.logical_router_read(id=lr_uuid)
# Check to see whether internal VN for VxLAN Routing is created.
int_vn_name = get_lr_internal_vn_name(lr_uuid)
int_vn_fqname = ['default-domain', 'default-project', int_vn_name]
try:
self._vnc_lib.virtual_network_read(fq_name=int_vn_fqname)
except NoIdError as e:
# Invisible objects do not come up in read
# calls but throws up a exception saying the
# object is invisible but cannot be read, confirming
# the presence of the object. Hack!
if "This object is not visible" not in str(e):
assert (False)
# Check to see if we are not able to attach Ext Gateway when
# VxLAN Routing is enabled.
ext_vn = VirtualNetwork(name=self.id() + '_ext_lr')
ext_vn_uuid = self._vnc_lib.virtual_network_create(ext_vn)
ext_vn = self._vnc_lib.virtual_network_read(id=ext_vn_uuid)
lr.add_virtual_network(ext_vn)
try:
self._vnc_lib.logical_router_update(lr)
self.fail("API allow to add an external gateway to the logical "
"router while the VxLAN routing is enabled")
except BadRequest:
pass
# Check to see if we are not able to disable VxLAN routing in the
# project when there is one LR in the project.
project.set_vxlan_routing(False)
try:
self._vnc_lib.project_update(project)
self.fail("API allows to disable VxLAN routhing while there is a "
"logical router in the project")
except BadRequest:
pass
# Check to see if deleting the VN deletes the internal VN
# that was created.
self._vnc_lib.logical_router_delete(id=lr_uuid)
try:
self._vnc_lib.virtual_network_read(fq_name=int_vn_fqname)
self.fail("Logical router internal virtual network was not "
"removed")
except NoIdError:
pass
# Check to see if we are able to disable VxLAN Routing
# after LR is deleted in the project.
project.set_vxlan_routing(False)
self._vnc_lib.project_update(project)
def setUp(self):
def _carve_out_subnets(subnets, cidr):
carved_subnets = []
for subnet in subnets:
slash_x_subnets = IPNetwork(subnet.get('cidr')).subnet(cidr)
for slash_x_sn in slash_x_subnets:
carved_subnets.append({'cidr': str(slash_x_sn)})
return carved_subnets
# end _carve_out_subnets
def _get_network_ipam(ipam_name, subnets, subnetting):
def _new_subnet(cidr):
split_cidr = cidr.split('/')
return SubnetType(
ip_prefix=split_cidr[0],
ip_prefix_len=split_cidr[1])
# end _new_subnet
ipam = NetworkIpam(
name=ipam_name,
ipam_subnets=IpamSubnets([
IpamSubnetType(
subnet=_new_subnet(sn.get('cidr')),
default_gateway=sn.get('gateway'),
subnet_uuid=str(uuid.uuid1())
) for sn in subnets if int(
sn.get('cidr').split('/')[-1]) < 31
]),
ipam_subnet_method='flat-subnet',
ipam_subnetting=subnetting
)
return ipam
# end _add_network_ipam
super(TestPnfPortTuple, self).setUp()
logger.debug("setUp called")
# Create Global objects
default_gsc_name = 'default-global-system-config'
gsc_obj = self.api.global_system_config_read(
GlobalSystemConfig().fq_name)
proj_obj = self.api.project_read(Project().fq_name)
# Create PNF and spine Physical Router
pnf_obj = PhysicalRouter('pnf-' + self.id(), gsc_obj)
pnf_obj.set_physical_router_role('pnf')
self.pnf_uuid = self.api.physical_router_create(pnf_obj)
# Create spine Physical Router
spine_obj = PhysicalRouter('spine-' + self.id(), gsc_obj)
self.spine_uuid = self.api.physical_router_create(spine_obj)
# Create left/right LR
left_lr_name = 'left_lr-' + self.id()
left_lr_obj = LogicalRouter(name=left_lr_name, parent_obj=proj_obj)
left_lr_obj.add_physical_router(spine_obj)
self.left_lr_uuid = self.api.logical_router_create(left_lr_obj)
right_lr_name = 'right_lr-' + self.id()
right_lr_obj = LogicalRouter(name=right_lr_name, parent_obj=proj_obj)
right_lr_obj.add_physical_router(spine_obj)
self.right_lr_uuid = self.api.logical_router_create(right_lr_obj)
# create left, right PNF PI
left_pnf_pi_obj = PhysicalInterface(
'ge-0/0/1-' + self.id(), parent_obj=pnf_obj)
right_pnf_pi_obj = PhysicalInterface(
'ge-0/0/2-' + self.id(), parent_obj=pnf_obj)
lo_pnf_pi_obj = PhysicalInterface('lo0', parent_obj=pnf_obj)
self.left_pnf_pi_uuid = self.api.physical_interface_create(
left_pnf_pi_obj)
self.right_pnf_pi_uuid = self.api.physical_interface_create(
right_pnf_pi_obj)
self.lo_pnf_pi_uuid = self.api.physical_interface_create(lo_pnf_pi_obj)
# create left, right spine PI
left_spine_pi_obj = PhysicalInterface(
'xe-0/0/1-' + self.id(), parent_obj=spine_obj)
right_spine_pi_obj = PhysicalInterface(
'xe-0/0/2-' + self.id(), parent_obj=spine_obj)
self.left_spine_pi_uuid = self.api.physical_interface_create(
left_spine_pi_obj)
self.right_spine_pi_uuid = self.api.physical_interface_create(
right_spine_pi_obj)
# Create Service Appliance Set
sas_obj = ServiceApplianceSet('sas-' + self.id(), gsc_obj)
sas_obj.set_service_appliance_set_virtualization_type(
'physical-device')
self.sas_uuid = self.api.service_appliance_set_create(sas_obj)
# Create Service template
st_obj = ServiceTemplate(name='st-' + self.id())
st_obj.set_service_appliance_set(sas_obj)
svc_properties = ServiceTemplateType()
svc_properties.set_service_virtualization_type('physical-device')
if_type = ServiceTemplateInterfaceType()
if_type.set_service_interface_type('left')
svc_properties.add_interface_type(if_type)
if_type = ServiceTemplateInterfaceType()
if_type.set_service_interface_type('right')
svc_properties.add_interface_type(if_type)
st_obj.set_service_template_properties(svc_properties)
self.st_uuid = self.api.service_template_create(st_obj)
# Create Service Instance object
si_fqn = ['default-domain', 'default-project', 'si-' + self.id()]
si_obj = ServiceInstance(fq_name=si_fqn)
si_obj.fq_name = si_fqn
si_obj.add_service_template(st_obj)
kvp_array = []
kvp = KeyValuePair("left-svc-vlan", "100")
kvp_array.append(kvp)
kvp = KeyValuePair("right-svc-vlan", "101")
kvp_array.append(kvp)
kvp = KeyValuePair("left-svc-asns", "66000,66001")
kvp_array.append(kvp)
kvp = KeyValuePair("right-svc-asns", "66000,66002")
kvp_array.append(kvp)
kvps = KeyValuePairs()
kvps.set_key_value_pair(kvp_array)
si_obj.set_annotations(kvps)
props = ServiceInstanceType()
props.set_service_virtualization_type('physical-device')
props.set_ha_mode("active-standby")
si_obj.set_service_instance_properties(props)
self.si_uuid = self.api.service_instance_create(si_obj)
# Create service appliance
sa_obj = ServiceAppliance('sa-' + self.id(), parent_obj=sas_obj)
kvp_array = []
kvp = KeyValuePair(
"left-attachment-point",
default_gsc_name +
':' +
'spine-' +
self.id() +
':' +
'xe-0/0/1-' +
self.id())
kvp_array.append(kvp)
kvp = KeyValuePair(
"right-attachment-point",
default_gsc_name +
':' +
'spine-' +
self.id() +
':' +
'xe-0/0/2-' +
self.id())
kvp_array.append(kvp)
kvps = KeyValuePairs()
kvps.set_key_value_pair(kvp_array)
sa_obj.set_service_appliance_properties(kvps)
sa_obj.set_service_appliance_virtualization_type('physical-device')
attr = ServiceApplianceInterfaceType(interface_type='left')
sa_obj.add_physical_interface(left_pnf_pi_obj, attr)
attr = ServiceApplianceInterfaceType(interface_type='right')
sa_obj.add_physical_interface(right_pnf_pi_obj, attr)
self.sa_uuid = self.api.service_appliance_create(sa_obj)
# Create fabric and add it to spine and PNF
fab_obj = Fabric('fab-' + self.id())
self.fab_uuid = self.api.fabric_create(fab_obj)
pnf_obj.add_fabric(fab_obj)
self.api.physical_router_update(pnf_obj)
spine_obj.add_fabric(fab_obj)
self.api.physical_router_update(spine_obj)
fab_obj = self.api.fabric_read(id=self.fab_uuid)
# Create PNF service chain IPAM/network
pnf_cidr = [{'cidr': "10.1.1.0/28"}]
peer_subnets = _carve_out_subnets(pnf_cidr, 29)
pnf_vn_obj = VirtualNetwork(
name='fab-' + self.id() + '-pnf-servicechain-network',
virtual_network_properties=VirtualNetworkType(
forwarding_mode='l3'),
address_allocation_mode='flat-subnet-only')
self.pnf_vn_uuid = self.api.virtual_network_create(pnf_vn_obj)
pnf_ipam_obj = _get_network_ipam(
'fab-' +
self.id() +
'-pnf-servicechain-network-ipam',
peer_subnets,
True)
self.pnf_ipam_uuid = self.api.network_ipam_create(pnf_ipam_obj)
pnf_vn_obj.add_network_ipam(pnf_ipam_obj, VnSubnetsType([]))
self.api.virtual_network_update(pnf_vn_obj)
fab_obj = self.api.fabric_read(id=self.fab_uuid)
fab_obj.add_virtual_network(
pnf_vn_obj, FabricNetworkTag(
network_type='pnf-servicechain'))
self.api.fabric_update(fab_obj)
# Create loopback IPAM/network
lo_cidr = [{'cidr': "100.100.100.0/28"}]
peer_subnets = _carve_out_subnets(lo_cidr, 28)
lo_vn_obj = VirtualNetwork(
name='fab-' + self.id() + '-loopback-network',
virtual_network_properties=VirtualNetworkType(
forwarding_mode='l3'),
address_allocation_mode='flat-subnet-only')
self.lo_vn_uuid = self.api.virtual_network_create(lo_vn_obj)
lo_ipam_obj = _get_network_ipam(
'fab-' +
self.id() +
'-loopback-network-ipam',
peer_subnets,
False)
self.lo_ipam_uuid = self.api.network_ipam_create(lo_ipam_obj)
lo_vn_obj.add_network_ipam(lo_ipam_obj, VnSubnetsType([]))
self.api.virtual_network_update(lo_vn_obj)
fab_obj = self.api.fabric_read(id=self.fab_uuid)
fab_obj.add_virtual_network(
lo_vn_obj, FabricNetworkTag(
network_type='loopback'))
self.api.fabric_update(fab_obj)
def test_physical_interface_esi(self):
pr_name = self.id() + '_physical_router'
pr = PhysicalRouter(pr_name)
pr_uuid = self._vnc_lib.physical_router_create(pr)
pr_obj = self._vnc_lib.physical_router_read(id=pr_uuid)
esi_id = '00:11:22:33:44:55:66:77:88:99'
pi1_name = self.id() + '_physical_interface1'
pi1 = PhysicalInterface(name=pi1_name,
parent_obj=pr_obj,
ethernet_segment_identifier=esi_id)
pi1_uuid = self._vnc_lib.physical_interface_create(pi1)
pi1_obj = self._vnc_lib.physical_interface_read(id=pi1_uuid)
li1_name = pi1_name + '_li1'
li1 = LogicalInterface(name=li1_name,
parent_obj=pi1_obj,
logical_interface_vlan_tag=2)
vn_name = self.id() + '_test_vn'
vn = VirtualNetwork(vn_name)
vn_uuid = self._vnc_lib.virtual_network_create(vn)
vn_obj = self._vnc_lib.virtual_network_read(id=vn_uuid)
vmi_name = self.id() + '_common_vmi'
vmi_obj = self._create_vmi(vmi_name, vn_obj)
li1.add_virtual_machine_interface(vmi_obj)
li1_uuid = self._vnc_lib.logical_interface_create(li1)
self._vnc_lib.logical_interface_read(id=li1_uuid)
pi2_name = self.id() + '_physical_interface2'
pi2 = PhysicalInterface(name=pi2_name,
parent_obj=pr_obj,
ethernet_segment_identifier=esi_id)
pi2_uuid = self._vnc_lib.physical_interface_create(pi2)
pi2_obj = self._vnc_lib.physical_interface_read(id=pi2_uuid)
li2_name = pi2_name + '_li2'
li2 = LogicalInterface(name=li2_name,
parent_obj=pi2_obj,
logical_interface_vlan_tag=2)
second_vmi_name = self.id() + '_2nd_vmi'
second_vmi_obj = self._create_vmi(second_vmi_name, vn_obj,
'AA:AA:AA:AA:AA:AA')
li2.add_virtual_machine_interface(second_vmi_obj)
self.assertRaises(PermissionDenied,
self._vnc_lib.logical_interface_create, li2)
li2 = LogicalInterface(name=li2_name,
parent_obj=pi2_obj,
logical_interface_vlan_tag=2)
li2_uuid = self._vnc_lib.logical_interface_create(li2)
li2_obj = self._vnc_lib.logical_interface_read(id=li2_uuid)
li2_obj.add_virtual_machine_interface(second_vmi_obj)
self.assertRaises(PermissionDenied,
self._vnc_lib.logical_interface_update, li2_obj)
pi3_name = self.id() + '_physical_interface3'
pi3 = PhysicalInterface(
name=pi3_name,
parent_obj=pr_obj,
ethernet_segment_identifier='00:00:00:00:00:00:00:00:00:AA')
pi3_uuid = self._vnc_lib.physical_interface_create(pi3)
pi3_obj = self._vnc_lib.physical_interface_read(id=pi3_uuid)
li3_name = pi3_name + '_li3'
li3 = LogicalInterface(name=li3_name,
parent_obj=pi3_obj,
logical_interface_vlan_tag=2)
li3.add_virtual_machine_interface(vmi_obj)
self._vnc_lib.logical_interface_create(li3)
pi3_obj.set_ethernet_segment_identifier(esi_id)
self._vnc_lib.physical_interface_update(pi3_obj)
def _create_isolated_ns_virtual_network(self,
ns_name,
vn_name,
vn_type,
proj_obj,
ipam_obj=None,
provider=None,
enforce_policy=False):
"""
Create/Update a virtual network for this namespace.
"""
vn_exists = False
vn = VirtualNetwork(name=vn_name,
parent_obj=proj_obj,
virtual_network_properties=VirtualNetworkType(
forwarding_mode='l3'),
address_allocation_mode='flat-subnet-only')
try:
vn_obj = self._vnc_lib.virtual_network_read(
fq_name=vn.get_fq_name())
vn_exists = True
except NoIdError:
# VN does not exist. Create one.
vn_obj = vn
fabric_snat = False
if vn_type == 'pod-network':
if self._is_ip_fabric_snat_enabled(ns_name):
fabric_snat = True
if not vn_exists:
# Add annotatins on this isolated virtual-network.
VirtualNetworkKM.add_annotations(self,
vn,
namespace=ns_name,
name=ns_name,
isolated='True')
# Instance-Ip for pods on this VN, should be allocated from
# cluster pod ipam. Attach the cluster pod-ipam object
# to this virtual network.
vn_obj.add_network_ipam(ipam_obj, VnSubnetsType([]))
if provider:
# enable ip_fabric_forwarding
vn_obj.add_virtual_network(provider)
elif fabric_snat:
# enable fabric_snat
vn_obj.set_fabric_snat(True)
else:
# disable fabric_snat
vn_obj.set_fabric_snat(False)
vn_uuid = self._vnc_lib.virtual_network_create(vn_obj)
# Cache the virtual network.
VirtualNetworkKM.locate(vn_uuid)
else:
ip_fabric_enabled = False
if provider:
vn_refs = vn_obj.get_virtual_network_refs()
ip_fabric_fq_name = provider.fq_name
for vn in vn_refs or []:
vn_fq_name = vn['to']
if vn_fq_name == ip_fabric_fq_name:
ip_fabric_enabled = True
break
if not ip_fabric_enabled and fabric_snat:
# enable fabric_snat
vn_obj.set_fabric_snat(True)
else:
# disable fabric_snat
vn_obj.set_fabric_snat(False)
# Update VN.
self._vnc_lib.virtual_network_update(vn_obj)
vn_uuid = vn_obj.get_uuid()
vn_obj = self._vnc_lib.virtual_network_read(id=vn_uuid)
# If required, enforce security policy at virtual network level.
if enforce_policy:
self._vnc_lib.set_tags(
vn_obj,
self._labels.get_labels_dict(
VncSecurityPolicy.cluster_aps_uuid))
return vn_obj
