From 2c45e0d8ed98a6df4b37032caef2d74fcb929cfb Mon Sep 17 00:00:00 2001 From: Puneet Arora Date: Wed, 15 Nov 2017 19:16:15 +0530 Subject: [PATCH] [tempest]: Adding of L7 rule testcases. In Pike, only 1 L7 rule is supported with L7 policy Added update operations on L7 rules. Change-Id: Iaea172aa207c8c22881f71ac7fd3a1e671043e79 --- vmware_nsx_tempest/common/constants.py | 6 +- .../nsxv/scenario/manager_topo_deployment.py | 33 +++-- .../scenario/test_lbaas_l7_switching_ops.py | 139 +++++++++++------- .../scenario/test_lbaas_round_robin_ops.py | 2 + 4 files changed, 107 insertions(+), 73 deletions(-) diff --git a/vmware_nsx_tempest/common/constants.py b/vmware_nsx_tempest/common/constants.py index 9ba74e3..c73d547 100644 --- a/vmware_nsx_tempest/common/constants.py +++ b/vmware_nsx_tempest/common/constants.py @@ -61,9 +61,7 @@ NSX_FIREWALL_REALIZED_DELAY = 2 APPLIANCE_NAME_STARTS_WITH = "vmw_" # Time interval -TIME = { - "SEC": {"SIXTY": 60} - } +TIME = {"SEC": {"SIXTY": 60}} VLAN_TYPE = 'vlan' VXLAN_TYPE = 'geneve' @@ -74,3 +72,5 @@ NO_OF_VMS_4 = 4 HTTP_PORT = 80 HTTPS_PORT = 443 SLEEP_BETWEEN_VIRTUAL_SEREVRS_OPEARTIONS = 120 +REDIRECT_TO_POOL = "REDIRECT_TO_POOL" +REJECT = "REJECT" diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/manager_topo_deployment.py b/vmware_nsx_tempest/tests/nsxv/scenario/manager_topo_deployment.py index c5855f1..f7470df 100644 --- a/vmware_nsx_tempest/tests/nsxv/scenario/manager_topo_deployment.py +++ b/vmware_nsx_tempest/tests/nsxv/scenario/manager_topo_deployment.py @@ -317,10 +317,10 @@ class TopoDeployScenarioManager(manager.NetworkScenarioTest): return net_subnet def setup_project_network(self, external_network_id, - client_mgr=None, - namestart=None, client=None, - tenant_id=None, cidr_offset=0, - **kwargs): + client_mgr=None, + namestart=None, client=None, + tenant_id=None, cidr_offset=0, + **kwargs): """NOTE: Refer to create_networks@scenario/manager.py which might refer @@ -334,14 +334,21 @@ class TopoDeployScenarioManager(manager.NetworkScenarioTest): # _create_router() edits distributed and router_type # Child classes use class var tenant_router_attrs to define # tenant's router type, however, caller can overwrite it with kwargs. - distributed = kwargs.get('distributed', - self.tenant_router_attrs.get('distributed')) - router_type = kwargs.get('router_type', - self.tenant_router_attrs.get('router_type')) - net_router = self._create_router( - client_mgr=client_mgr, tenant_id=tenant_id, - namestart=name, - distributed=distributed, router_type=router_type) + if CONF.network.backend == "nsxv3": + net_router = self._create_router(client_mgr=client_mgr, + tenant_id=tenant_id, + namestart=name) + else: + distributed = \ + kwargs.get('distributed', + self.tenant_router_attrs.get('distributed')) + router_type = \ + kwargs.get('router_type', + self.tenant_router_attrs.get('router_type')) + net_router = self._create_router( + client_mgr=client_mgr, tenant_id=tenant_id, + namestart=name, + distributed=distributed, router_type=router_type) self._router_set_gateway(net_router['id'], external_network_id, client=client_mgr.routers_client) net_network, net_subnet = self.create_network_subnet( @@ -429,7 +436,7 @@ class TopoDeployScenarioManager(manager.NetworkScenarioTest): if fip: elapse_time = time.time() - start_time xmsg = ("%s Take %d seconds to assign floatingip to server[%s]" - % ("OS-STATS:", int(elapse_time), sv.get('name'))) + % ("OS-STATS:", int(elapse_time), sv.get('name'))) LOG.debug(xmsg) return fip time.sleep(interval) diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_l7_switching_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_l7_switching_ops.py index 8a0d65e..47150ba 100644 --- a/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_l7_switching_ops.py +++ b/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_l7_switching_ops.py @@ -14,6 +14,7 @@ import time from tempest.lib import decorators from tempest import test +from vmware_nsx_tempest.common import constants from vmware_nsx_tempest.services.lbaas import l7policies_client from vmware_nsx_tempest.services.lbaas import l7rules_client from vmware_nsx_tempest.tests.nsxv.scenario import ( @@ -47,6 +48,7 @@ class TestL7SwitchingOps(lbaas_ops.LBaasRoundRobinBaseTest): self.switching_startswith_value1 = "/api" self.switching_startswith_value2 = "/api2" self.reject_startswith = "/api/v1" + self.reject_startswith2 = "/api/v2" self.pool7 = None self.l7policy1 = None self.l7rule1 = None @@ -85,7 +87,7 @@ class TestL7SwitchingOps(lbaas_ops.LBaasRoundRobinBaseTest): self.wait_for_servers_become_active(self.l7_server_list) self.start_web_servers(self.l7_server_list) - def build_l7_switching(self): + def build_l7_switching(self, policy_type): subnet_id = self.subnet.get('id') lb_id = self.loadbalancer['id'] l7_name = self.loadbalancer['name'] + "-7" @@ -107,27 +109,32 @@ class TestL7SwitchingOps(lbaas_ops.LBaasRoundRobinBaseTest): protocol_port=self.protocol_port) self.wait_for_load_balancer_status(lb_id) self.member7_list.append(member) - l7policy_kwargs = dict(action="REDIRECT_TO_POOL", - redirect_pool_id=pool_id, - listener_id=redirect_to_listener_id, - name='policy1') - l7policy1 = self.l7policies_client.create_l7policy(**l7policy_kwargs) - self.l7policy1 = l7policy1.get(u'l7policy', l7policy1) - policy_id = self.l7policy1.get('id') - self.l7rule1 = self.l7rules_client.create_l7rule( - policy_id, **self.l7rule_kwargs)['rule'] - l7policy_kwargs = dict(action="REJECT", position=1, - redirect_pool_id=pool_id, - listener_id=redirect_to_listener_id, - name='policy-reject') - l7policy1 = self.l7policies_client.create_l7policy(**l7policy_kwargs) - self.l7policy_reject = l7policy1.get(u'l7policy', l7policy1) - self.reject_policy_id = self.l7policy_reject.get('id') - l7rule_kwargs = dict(type='PATH', - compare_type='STARTS_WITH', - value=self.reject_startswith) - self.l7rule_reject = self.l7rules_client.create_l7rule( - self.reject_policy_id, **l7rule_kwargs)['rule'] + if policy_type == constants.REDIRECT_TO_POOL: + l7policy_kwargs = dict(action=constants.REDIRECT_TO_POOL, + redirect_pool_id=pool_id, + listener_id=redirect_to_listener_id, + name='policy1') + l7policy1 = \ + self.l7policies_client.create_l7policy(**l7policy_kwargs) + self.l7policy1 = l7policy1.get(u'l7policy', l7policy1) + self.policy_id = self.l7policy1.get('id') + self.l7rule1 = self.l7rules_client.create_l7rule( + self.policy_id, **self.l7rule_kwargs)['rule'] + elif policy_type == constants.REJECT: + l7policy_kwargs = dict(action=constants.REJECT, position=1, + redirect_pool_id=pool_id, + listener_id=redirect_to_listener_id, + name='policy-reject') + l7policy_reject = \ + self.l7policies_client.create_l7policy(**l7policy_kwargs) + self.l7policy_reject = \ + l7policy_reject.get(u'l7policy', l7policy_reject) + self.reject_policy_id = self.l7policy_reject.get('id') + self.l7rule_kwargs_reject = dict(type='PATH', + compare_type='STARTS_WITH', + value=self.reject_startswith) + self.l7rule_reject = self.l7rules_client.create_l7rule( + self.reject_policy_id, **self.l7rule_kwargs_reject)['rule'] def check_l7_switching(self, start_path, expected_server_list, send_count=6): @@ -136,49 +143,67 @@ class TestL7SwitchingOps(lbaas_ops.LBaasRoundRobinBaseTest): self.assertIn(sv_name, expected_server_list) self.assertTrue(cnt > 0) - def validate_l7_switching(self): + def validate_l7_switching(self, policy_type): + time.sleep(constants.SLEEP_BETWEEN_VIRTUAL_SEREVRS_OPEARTIONS) l7_sv_name_list = [s['name'] for s in self.l7_server_list] rr_sv_name_list = [s['name'] for s in self.rr_server_list] reject_name_list = ["403"] + if policy_type == constants.REDIRECT_TO_POOL: + # URL prefix api switching to pool7 + self.check_l7_switching('api', l7_sv_name_list, 6) + # URL prefix ap/i switching to pool1 + self.check_l7_switching('ap/i', rr_sv_name_list, 6) + # URL prefix api2 switching to pool7 + self.check_l7_switching('api2', l7_sv_name_list, 6) + rule_id = self.l7rule1.get('id') + self.l7rule_kwargs['value'] = self.switching_startswith_value2 + self.l7rule2 = self.l7rules_client.update_l7rule( + self.policy_id, rule_id, **self.l7rule_kwargs)['rule'] + time.sleep(2.0) + # URL prefix api switching to pool + self.check_l7_switching('api', rr_sv_name_list, 6) + # URL prefix api switching to pool + self.check_l7_switching('api/2', rr_sv_name_list, 6) + # URL prefix api2 switching to pool7 + self.check_l7_switching('api2', l7_sv_name_list, 6) + # URL prefix api2 switching to pool + self.check_l7_switching('xapi2', rr_sv_name_list, 6) + elif policy_type == constants.REJECT: + # URL /api/v1 should be rejected, status=403 + self.check_l7_switching('api/v1', reject_name_list, 6) + # change rule starts_with's value to /api2 + # and /api & /api/2 will be swithed to default pool + policy_id = self.reject_policy_id + rule_id = self.l7rule_reject.get('id') + self.l7rule_kwargs_reject = dict(type='PATH', + compare_type='STARTS_WITH', + value=self.reject_startswith2) + self.l7rule2 = self.l7rules_client.update_l7rule( + policy_id, rule_id, **self.l7rule_kwargs_reject)['rule'] + time.sleep(2.0) + # URL /api/v1 should be rejected, status=403 + self.check_l7_switching('api/v2', reject_name_list, 6) - # URL prefix api switching to pool7 - self.check_l7_switching('api', l7_sv_name_list, 6) - # URL prefix ap/i switching to pool1 - self.check_l7_switching('ap/i', rr_sv_name_list, 6) - # URL prefix api2 switching to pool7 - self.check_l7_switching('api2', l7_sv_name_list, 6) - - # URL /api/v1 should be rejected, status=403 - self.check_l7_switching('api/v1', reject_name_list, 6) - - # change rule starts_with's value to /api2 - # and /api & /api/2 will be swithed to default pool - policy_id = self.l7policy1.get('id') - rule_id = self.l7rule1.get('id') - self.l7rule_kwargs['value'] = self.switching_startswith_value2 - self.l7rule2 = self.l7rules_client.update_l7rule( - policy_id, rule_id, **self.l7rule_kwargs)['rule'] - time.sleep(2.0) - # URL prefix api switching to pool - self.check_l7_switching('api', rr_sv_name_list, 6) - # URL prefix api switching to pool - self.check_l7_switching('api/2', rr_sv_name_list, 6) - # URL prefix api2 switching to pool7 - self.check_l7_switching('api2', l7_sv_name_list, 6) - # URL prefix api2 switching to pool - self.check_l7_switching('xapi2', rr_sv_name_list, 6) - - # URL /api/v1 should be rejected, status=403 - self.check_l7_switching('api/v1', reject_name_list, 6) - - @decorators.idempotent_id('f11e19e4-16b5-41c7-878d-59b9e943e3ce') + @decorators.idempotent_id('a51e23e4-16b5-41c7-878d-59b9e943e3ba') @test.services('compute', 'network') - def test_lbaas_l7_switching_ops(self): + def test_lbaas_l7_switching_ops_REDIRECT_TO_POOL(self): self.create_lbaas_networks() self.start_web_servers() self.create_project_lbaas() self.check_project_lbaas() # do l7 provision and testing self.create_and_start_l7_web_servers() - self.build_l7_switching() - self.validate_l7_switching() + self.build_l7_switching(constants.REDIRECT_TO_POOL) + self.validate_l7_switching(constants.REDIRECT_TO_POOL) + + @decorators.idempotent_id('f11e19e4-16b5-41c7-878d-59b9e943e3ce') + @test.services('compute', 'network') + def test_lbaas_l7_switching_ops_REJECT(self): + self.create_lbaas_networks() + self.start_web_servers() + self.create_project_lbaas() + self.check_project_lbaas() + # do l7 provision and testing + self.create_and_start_l7_web_servers() + self.build_l7_switching(constants.REJECT) + self.validate_l7_switching(constants.REJECT) diff --git a/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_round_robin_ops.py b/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_round_robin_ops.py index 9df72e2..60128bc 100644 --- a/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_round_robin_ops.py +++ b/vmware_nsx_tempest/tests/nsxv/scenario/test_lbaas_round_robin_ops.py @@ -91,6 +91,7 @@ class LBaasRoundRobinBaseTest(dmgr.TopoDeployScenarioManager): self.loadbalancer = None self.vip_fip = None self.web_service_start_delay = 2.5 + self.time_in_adding_members = 120 def tearDown(self): if self.vip_fip: @@ -355,6 +356,7 @@ class LBaasRoundRobinBaseTest(dmgr.TopoDeployScenarioManager): return self.http_cnt def check_project_lbaas(self): + time.sleep(self.time_in_adding_members) self.do_http_request(send_counts=self.poke_counters) # should response from 2 servers self.assertEqual(2, len(self.http_cnt))