changes for FWaaS scenarios in test_new_cases
The changes were not merged and the resource deletion is handled here Change-Id: Ifed477a05dbaab35ffb9efb21e0a374349ffeb0d
This commit is contained in:
Bharath bhushan patel
parent
ff80557648
commit
df4a772e0d
@ -240,7 +240,7 @@ class VSMClient(object):
|
||||
Return firewall rules if found ,else return None.
|
||||
"""
|
||||
self.__set_api_version('4.0')
|
||||
self.__set_endpoint('/edges/%s/firewall/config ' % edge_Id)
|
||||
self.__set_endpoint('/edges/%s/firewall/config' % edge_Id)
|
||||
response = self.get()
|
||||
rules = response.json()['firewallRules']['firewallRules']
|
||||
if len(rules) == 0:
|
||||
|
||||
@ -205,15 +205,17 @@ class PortTypeTest(base.BaseAdminNetworkTest):
|
||||
def test_create_direct_port_w_flat_net_wout_port_settings_negative(self):
|
||||
"""
|
||||
Create a flat network. Create a direct openstack port without required
|
||||
port settings.
|
||||
port settings.Enable security features while creating port.
|
||||
"""
|
||||
test_flat_net = self._create_flat_network()
|
||||
test_port_name = data_utils.rand_name('test-port-')
|
||||
orig_post = {'name': test_port_name, 'binding:vnic_type': 'direct'}
|
||||
LOG.debug("create DIRECT port: %s", str(orig_post))
|
||||
self.assertRaises(ex.BadRequest,
|
||||
self.create_port, network_id=test_flat_net['id'],
|
||||
**orig_post)
|
||||
test_port = self.create_port(network_id=test_flat_net['id'],
|
||||
**orig_post)
|
||||
self.addCleanup(test_utils.call_and_ignore_notfound_exc,
|
||||
self.delete_port, test_port['port']['id'])
|
||||
self.assertTrue(test_port)
|
||||
|
||||
@decorators.attr(type='nsxv')
|
||||
@decorators.attr(type='negative')
|
||||
|
||||
@ -163,6 +163,7 @@ class RouterSizeBaseTest(base.BaseAdminNetworkTest):
|
||||
router = self.create_exclusive_router(router_size)
|
||||
for new_router_size in new_router_size_list:
|
||||
self.change_router_size(router, new_router_size)
|
||||
self.delete_router(router)
|
||||
|
||||
|
||||
class CompactRouterTest(RouterSizeBaseTest):
|
||||
|
||||
@ -759,9 +759,8 @@ class FWaaSTestJSON(base.BaseNetworkTest):
|
||||
# Create router required for an ACTIVE firewall
|
||||
firewall_topo = self._create_firewall_basic_topo('exclusive')
|
||||
# Try to create firewall with the same router
|
||||
self.assertRaisesRegexp(
|
||||
self.assertRaises(
|
||||
lib_exc.Conflict,
|
||||
"already associated with other Firewall",
|
||||
self.fwaasv1_client.create_firewall,
|
||||
name=data_utils.rand_name("firewall"),
|
||||
firewall_policy_id=self.fw_policy['firewall_policy']['id'],
|
||||
@ -773,9 +772,8 @@ class FWaaSTestJSON(base.BaseNetworkTest):
|
||||
# Create router required for an ACTIVE firewall
|
||||
firewall_topo = self._create_firewall_basic_topo('distributed')
|
||||
# Try to create firewall with the same router
|
||||
self.assertRaisesRegexp(
|
||||
self.assertRaises(
|
||||
lib_exc.Conflict,
|
||||
"already associated with other Firewall",
|
||||
self.fwaasv1_client.create_firewall,
|
||||
name=data_utils.rand_name("firewall"),
|
||||
firewall_policy_id=self.fw_policy['firewall_policy']['id'],
|
||||
|
||||
@ -18,11 +18,14 @@ import time
|
||||
|
||||
from tempest import config
|
||||
from tempest.lib.common.utils import data_utils
|
||||
from tempest.lib.common.utils import test_utils
|
||||
|
||||
from tempest.lib import decorators
|
||||
from tempest.lib import exceptions
|
||||
|
||||
from vmware_nsx_tempest_plugin.common import constants
|
||||
from vmware_nsx_tempest_plugin.lib import feature_manager
|
||||
from vmware_nsx_tempest_plugin.services import fwaas_client as FWAASC
|
||||
from vmware_nsx_tempest_plugin.services import nsxv3_client
|
||||
from vmware_nsx_tempest_plugin.services import nsxv_client
|
||||
|
||||
@ -45,6 +48,7 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
cls.subnets_client = cls.cmgr_adm.subnets_client
|
||||
cls.sec_rule_client = cls.cmgr_adm.security_group_rules_client
|
||||
cls.sec_client = cls.cmgr_adm.security_groups_client
|
||||
cls.fwaasv1_client = FWAASC.get_client(cls.cmgr_adm)
|
||||
|
||||
@classmethod
|
||||
def resource_setup(cls):
|
||||
@ -163,7 +167,7 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
return topology_dict
|
||||
|
||||
def verify_ping_to_fip_from_ext_vm(self, server_details):
|
||||
self.test_fip_check_server_and_project_network_connectivity(
|
||||
self.using_floating_ip_check_server_and_project_network_connectivity(
|
||||
server_details)
|
||||
|
||||
def verify_ping_own_fip(self, server):
|
||||
@ -497,24 +501,28 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
kwargs = {"router_type": "shared",
|
||||
"admin_state_up": "True"}
|
||||
router = self.create_topology_router("fire-1", **kwargs)
|
||||
firewall = self.create_fw_v1_rule(action="allow",
|
||||
protocol="icmp")
|
||||
fw_rule_id1 = firewall['id']
|
||||
firewall = self.fwaasv1_client.create_firewall_rule(action="allow",
|
||||
protocol="icmp")
|
||||
fw_rule_id1 = firewall['firewall_rule']['id']
|
||||
self.addCleanup(self._delete_rule_if_exists, fw_rule_id1)
|
||||
# Create firewall policy
|
||||
body = self.create_fw_v1_policy()
|
||||
fw_policy_id = body['id']
|
||||
body = self.fwaasv1_client.create_firewall_policy()
|
||||
fw_policy_id = body['firewall_policy']['id']
|
||||
self.addCleanup(self._delete_policy_if_exists, fw_policy_id)
|
||||
# Insert rule to firewall policy
|
||||
self.insert_fw_v1_rule_in_policy(
|
||||
fw_policy_id, fw_rule_id1, '', '')
|
||||
# Create firewall should fail with shared router
|
||||
firewall_1 = self.create_fw_v1(
|
||||
firewall_1 = self.fwaasv1_client.create_firewall(
|
||||
firewall_policy_id=fw_policy_id,
|
||||
router_ids=[router['id']])
|
||||
time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
|
||||
firewall_info = self.show_fw_v1(firewall_1['id'])
|
||||
self.addCleanup(self._delete_firewall_if_exists,
|
||||
firewall_1['firewall']['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_1['firewall']['id'])
|
||||
self.assertIn("ERROR", firewall_info['firewall']['status'])
|
||||
kwargs = {"router_ids": []}
|
||||
self.update_fw_v1(firewall_1['id'], **kwargs)
|
||||
self.update_fw_v1(firewall_1['firewall']['id'], **kwargs)
|
||||
time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
|
||||
|
||||
@decorators.attr(type='nsxv')
|
||||
@ -523,13 +531,14 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
"""
|
||||
Firewall creation with md router should get fail
|
||||
"""
|
||||
firewall = self.create_fw_v1_rule(action="allow",
|
||||
protocol="icmp")
|
||||
fw_rule_id1 = firewall['id']
|
||||
firewall = self.fwaasv1_client.create_firewall_rule(action="allow",
|
||||
protocol="icmp")
|
||||
fw_rule_id1 = firewall['firewall_rule']['id']
|
||||
self.addCleanup(self._delete_rule_if_exists, fw_rule_id1)
|
||||
# Create firewall policy
|
||||
body = self.create_fw_v1_policy()
|
||||
fw_policy_id = body['id']
|
||||
body = self.fwaasv1_client.create_firewall_policy()
|
||||
fw_policy_id = body['firewall_policy']['id']
|
||||
self.addCleanup(self._delete_policy_if_exists, fw_policy_id)
|
||||
# Insert rule to firewall policy
|
||||
self.insert_fw_v1_rule_in_policy(
|
||||
fw_policy_id, fw_rule_id1, '', '')
|
||||
@ -538,14 +547,16 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
router_id = [
|
||||
router for router in routers_list['routers']
|
||||
if "metadata_proxy_router" in router.get('name')][0]['id']
|
||||
firewall_1 = self.create_fw_v1(
|
||||
firewall_1 = self.fwaasv1_client.create_firewall(
|
||||
firewall_policy_id=fw_policy_id,
|
||||
router_ids=[router_id])
|
||||
time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
|
||||
firewall_info = self.show_fw_v1(firewall_1['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_1['firewall']['id'])
|
||||
self.addCleanup(self._delete_firewall_if_exists,
|
||||
firewall_1['firewall']['id'])
|
||||
self.assertIn("ERROR", firewall_info['firewall']['status'])
|
||||
kwargs = {"router_ids": []}
|
||||
self.fwaasv1_client.update_fw_v1(firewall_1['id'], **kwargs)
|
||||
self.update_fw_v1(firewall_1['firewall']['id'], **kwargs)
|
||||
time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
|
||||
|
||||
@decorators.attr(type='nsxv')
|
||||
@ -554,34 +565,45 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
"""
|
||||
Firewall update should work on exclusive router
|
||||
"""
|
||||
kwargs = {"router_type": "exclusive",
|
||||
kwargs = {'name': 'fire-1',
|
||||
'external_gateway_info':
|
||||
{"network_id": CONF.network.public_network_id},
|
||||
"router_type": "exclusive",
|
||||
"admin_state_up": "True"}
|
||||
router = self.create_topology_router("fire-1", **kwargs)
|
||||
firewall = self.create_fw_v1_rule(action="allow",
|
||||
protocol="icmp")
|
||||
fw_rule_id1 = firewall['id']
|
||||
router = self.cmgr_adm.routers_client.create_router(**kwargs)
|
||||
router = router['router'] if 'router' in router else router
|
||||
self.addCleanup(test_utils.call_and_ignore_notfound_exc,
|
||||
self.routers_client.delete_router, router['id'])
|
||||
firewall = self.fwaasv1_client.create_firewall_rule(action="allow",
|
||||
protocol="icmp")
|
||||
fw_rule_id1 = firewall['firewall_rule']['id']
|
||||
self.addCleanup(self._delete_rule_if_exists,
|
||||
fw_rule_id1)
|
||||
# Create firewall policy
|
||||
body = self.create_fw_v1_policy()
|
||||
fw_policy_id = body['id']
|
||||
body = self.fwaasv1_client.create_firewall_policy()
|
||||
fw_policy_id = body['firewall_policy']['id']
|
||||
self.addCleanup(self._delete_policy_if_exists,
|
||||
fw_policy_id)
|
||||
# Insert rule to firewall policy
|
||||
self.insert_fw_v1_rule_in_policy(
|
||||
fw_policy_id, fw_rule_id1, '', '')
|
||||
# Create firewall should fail with shared router
|
||||
firewall_1 = self.create_fw_v1(
|
||||
firewall_1 = self.fwaasv1_client.create_firewall(
|
||||
firewall_policy_id=fw_policy_id,
|
||||
router_ids=[router['id']])
|
||||
time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
|
||||
firewall_info = self.show_fw_v1(firewall_1['id'])
|
||||
self.addCleanup(self._delete_firewall_if_exists,
|
||||
firewall_1['firewall']['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_1['firewall']['id'])
|
||||
self.assertIn("ACTIVE", firewall_info['firewall']['status'])
|
||||
kwargs = {"router_ids": []}
|
||||
self.update_fw_v1(firewall_1['id'], **kwargs)
|
||||
self.update_fw_v1(firewall_1['firewall']['id'], **kwargs)
|
||||
time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
|
||||
firewall_info = self.show_fw_v1(firewall_1['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_1['firewall']['id'])
|
||||
self.assertIn("INACTIVE", firewall_info['firewall']['status'])
|
||||
kwargs = {"router_ids": [router['id']]}
|
||||
self.update_fw_v1(firewall_1['id'], **kwargs)
|
||||
self._wait_fw_v1_until_ready(firewall_1['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_1['id'])
|
||||
self.update_fw_v1(firewall_1['firewall']['id'], **kwargs)
|
||||
self._wait_fw_v1_until_ready(firewall_1['firewall']['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_1['firewall']['id'])
|
||||
self.assertIn("ACTIVE", firewall_info['firewall']['status'])
|
||||
|
||||
@decorators.idempotent_id('2226016a-91cc-8905-b217-12344caa24a1')
|
||||
@ -670,25 +692,29 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
"""
|
||||
kwargs = {"router_type": "exclusive",
|
||||
"admin_state_up": "True"}
|
||||
name = "rtr-exc"
|
||||
name = data_utils.rand_name(name='tempest-router')
|
||||
router_state = self.create_topology_router(name, set_gateway=True,
|
||||
**kwargs)
|
||||
router_id = router_state['id']
|
||||
firewall = self.create_fw_v1_rule(action="allow",
|
||||
protocol="icmp")
|
||||
fw_rule_id1 = firewall['id']
|
||||
firewall = self.fwaasv1_client.create_firewall_rule(action="allow",
|
||||
protocol="icmp")
|
||||
fw_rule_id1 = firewall['firewall_rule']['id']
|
||||
self.addCleanup(self._delete_rule_if_exists, fw_rule_id1)
|
||||
# Create firewall policy
|
||||
body = self.create_fw_v1_policy()
|
||||
fw_policy_id = body['id']
|
||||
body = self.fwaasv1_client.create_firewall_policy()
|
||||
fw_policy_id = body['firewall_policy']['id']
|
||||
self.addCleanup(self._delete_policy_if_exists, fw_policy_id)
|
||||
# Insert rule to firewall policy
|
||||
self.insert_fw_v1_rule_in_policy(
|
||||
fw_policy_id, fw_rule_id1, '', '')
|
||||
# Create firewall should fail with shared router
|
||||
firewall_1 = self.create_fw_v1(
|
||||
firewall_1 = self.fwaasv1_client.create_firewall(
|
||||
firewall_policy_id=fw_policy_id,
|
||||
router_ids=[router_id])
|
||||
time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
|
||||
firewall_info = self.show_fw_v1(firewall_1['id'])
|
||||
self.addCleanup(self._delete_firewall_if_exists,
|
||||
firewall_1['firewall']['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_1['firewall']['id'])
|
||||
self.assertIn("ACTIVE", firewall_info['firewall']['status'])
|
||||
kwargs = {"router_type": "shared"}
|
||||
# Update router from distributed to shared should be restricted
|
||||
@ -717,7 +743,7 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
subnet_name = network['name'] + 'sub'
|
||||
self.create_topology_subnet(subnet_name, network,
|
||||
routers_client=self.routers_client,
|
||||
subnets_client=self.subnet_client,
|
||||
subnets_client=self.subnets_client,
|
||||
router_id=router['id'])
|
||||
kwargs = dict(tenant_id=network['tenant_id'],
|
||||
security_group_rules_client=self.sec_rule_client,
|
||||
@ -736,7 +762,7 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
remote_ip = vm2.values()[1].values()[0][0]['addr']
|
||||
# Verify connectivity between vms
|
||||
self.check_remote_connectivity(ssh_source, remote_ip,
|
||||
should_connect=True)
|
||||
should_succeed=True)
|
||||
|
||||
@decorators.attr(type='nsxv')
|
||||
@decorators.idempotent_id('2226016a-93cc-5099-b217-12344caa24a1')
|
||||
@ -762,7 +788,7 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
subnet_name = network['name'] + 'sub'
|
||||
self.create_topology_subnet(subnet_name, network,
|
||||
routers_client=self.routers_client,
|
||||
subnets_client=self.subnet_client,
|
||||
subnets_client=self.subnets_client,
|
||||
router_id=router['id'])
|
||||
kwargs = dict(tenant_id=network['tenant_id'],
|
||||
security_group_rules_client=self.sec_rule_client,
|
||||
@ -781,7 +807,7 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
remote_ip = vm2.values()[1].values()[0][0]['addr']
|
||||
# Verify Connectivity between vms
|
||||
self.check_remote_connectivity(ssh_source, remote_ip,
|
||||
should_connect=True)
|
||||
should_succeed=True)
|
||||
|
||||
@decorators.attr(type='nsxv')
|
||||
@decorators.idempotent_id('2226016a-93cc-5099-b217-12344caa24a1')
|
||||
@ -802,30 +828,39 @@ class TestNewCase(feature_manager.FeatureManager):
|
||||
router_id1 = topology_dict['router_state']['id']
|
||||
router_id2 = topology_dict['router_state2']['id']
|
||||
# Create Firewall1 and add it to the router1's interface
|
||||
body = self.create_fw_v1_policy()
|
||||
fw_policy_id = body['id']
|
||||
firewall_1 = self.create_fw_v1(
|
||||
body = self.fwaasv1_client.create_firewall_policy()
|
||||
fw_policy_id = body['firewall_policy']['id']
|
||||
self.addCleanup(self._delete_policy_if_exists,
|
||||
fw_policy_id)
|
||||
firewall_1 = self.fwaasv1_client.create_firewall(
|
||||
firewall_policy_id=fw_policy_id,
|
||||
router_ids=[router_id1])
|
||||
time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
|
||||
firewall_info = self.show_fw_v1(firewall_1['id'])
|
||||
firewall_id = firewall_1['firewall']['id']
|
||||
self.addCleanup(self._delete_firewall_if_exists,
|
||||
firewall_id)
|
||||
firewall_info = self.show_fw_v1(firewall_1['firewall']['id'])
|
||||
self.assertIn("ACTIVE", firewall_info['firewall']['status'])
|
||||
# Create Firewall2 and add it to the router2's interface
|
||||
body2 = self.create_fw_v1_policy()
|
||||
fw_policy_id2 = body2['id']
|
||||
firewall_2 = self.create_fw_v1(
|
||||
body2 = self.fwaasv1_client.create_firewall_policy()
|
||||
fw_policy_id2 = body2['firewall_policy']['id']
|
||||
self.addCleanup(self._delete_policy_if_exists,
|
||||
fw_policy_id2)
|
||||
firewall_2 = self.fwaasv1_client.create_firewall(
|
||||
firewall_policy_id=fw_policy_id2,
|
||||
router_ids=[router_id2])
|
||||
time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL)
|
||||
firewall_info = self.show_fw_v1(firewall_2['id'])
|
||||
self.addCleanup(self._delete_firewall_if_exists,
|
||||
firewall_2['firewall']['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_2['firewall']['id'])
|
||||
self.assertIn("ACTIVE", firewall_info['firewall']['status'])
|
||||
# Delete router1 from firewall1
|
||||
kwargs = {"router_ids": []}
|
||||
self.update_fw_v1(firewall_1['id'], **kwargs)
|
||||
self.update_fw_v1(firewall_1['firewall']['id'], **kwargs)
|
||||
time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
|
||||
# Add firewall2 to router1
|
||||
kwargs = {"router_ids": [router_id1]}
|
||||
self.update_fw_v1(firewall_2['id'], **kwargs)
|
||||
self.update_fw_v1(firewall_2['firewall']['id'], **kwargs)
|
||||
time.sleep(constants.NSX_BACKEND_TIME_INTERVAL)
|
||||
firewall_info = self.show_fw_v1(firewall_2['id'])
|
||||
firewall_info = self.show_fw_v1(firewall_2['firewall']['id'])
|
||||
self.assertIn("ACTIVE", firewall_info['firewall']['status'])
|
||||
|
||||
@ -34,7 +34,8 @@ class ProviderNetworkUnidimensionalScaleTest(feature_manager.FeatureManager):
|
||||
"""Test Uni Dimesional Case for
|
||||
Provider vlan networks
|
||||
Provider vxlan networks
|
||||
Boot vms from scale networks and check does vm booted properly
|
||||
Boot vms from scale networks and check does vm booted propery
|
||||
check connectivity between vms
|
||||
"""
|
||||
@classmethod
|
||||
def setup_clients(cls):
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user