From df4a772e0d921056d101a8baeb1a8cd17b8f7f15 Mon Sep 17 00:00:00 2001 From: Bharath bhushan patel Date: Fri, 2 Nov 2018 14:26:35 +0000 Subject: [PATCH] changes for FWaaS scenarios in test_new_cases The changes were not merged and the resource deletion is handled here Change-Id: Ifed477a05dbaab35ffb9efb21e0a374349ffeb0d --- .../services/nsxv_client.py | 2 +- .../tests/nsxv/api/test_port_types.py | 10 +- .../tests/nsxv/api/test_router_sizes.py | 1 + .../tests/nsxv/api/test_v1_fwaas.py | 6 +- .../tests/scenario/test_new_case_coverage.py | 145 +++++++++++------- ..._provider_networks_uni_dimensionlascale.py | 3 +- 6 files changed, 102 insertions(+), 65 deletions(-) diff --git a/vmware_nsx_tempest_plugin/services/nsxv_client.py b/vmware_nsx_tempest_plugin/services/nsxv_client.py index ca8bc78..0639a4c 100644 --- a/vmware_nsx_tempest_plugin/services/nsxv_client.py +++ b/vmware_nsx_tempest_plugin/services/nsxv_client.py @@ -240,7 +240,7 @@ class VSMClient(object): Return firewall rules if found ,else return None. """ self.__set_api_version('4.0') - self.__set_endpoint('/edges/%s/firewall/config ' % edge_Id) + self.__set_endpoint('/edges/%s/firewall/config' % edge_Id) response = self.get() rules = response.json()['firewallRules']['firewallRules'] if len(rules) == 0: diff --git a/vmware_nsx_tempest_plugin/tests/nsxv/api/test_port_types.py b/vmware_nsx_tempest_plugin/tests/nsxv/api/test_port_types.py index 88d12d5..8c7a934 100644 --- a/vmware_nsx_tempest_plugin/tests/nsxv/api/test_port_types.py +++ b/vmware_nsx_tempest_plugin/tests/nsxv/api/test_port_types.py @@ -205,15 +205,17 @@ class PortTypeTest(base.BaseAdminNetworkTest): def test_create_direct_port_w_flat_net_wout_port_settings_negative(self): """ Create a flat network. Create a direct openstack port without required - port settings. + port settings.Enable security features while creating port. """ test_flat_net = self._create_flat_network() test_port_name = data_utils.rand_name('test-port-') orig_post = {'name': test_port_name, 'binding:vnic_type': 'direct'} LOG.debug("create DIRECT port: %s", str(orig_post)) - self.assertRaises(ex.BadRequest, - self.create_port, network_id=test_flat_net['id'], - **orig_post) + test_port = self.create_port(network_id=test_flat_net['id'], + **orig_post) + self.addCleanup(test_utils.call_and_ignore_notfound_exc, + self.delete_port, test_port['port']['id']) + self.assertTrue(test_port) @decorators.attr(type='nsxv') @decorators.attr(type='negative') diff --git a/vmware_nsx_tempest_plugin/tests/nsxv/api/test_router_sizes.py b/vmware_nsx_tempest_plugin/tests/nsxv/api/test_router_sizes.py index e481ed7..93ce0d5 100644 --- a/vmware_nsx_tempest_plugin/tests/nsxv/api/test_router_sizes.py +++ b/vmware_nsx_tempest_plugin/tests/nsxv/api/test_router_sizes.py @@ -163,6 +163,7 @@ class RouterSizeBaseTest(base.BaseAdminNetworkTest): router = self.create_exclusive_router(router_size) for new_router_size in new_router_size_list: self.change_router_size(router, new_router_size) + self.delete_router(router) class CompactRouterTest(RouterSizeBaseTest): diff --git a/vmware_nsx_tempest_plugin/tests/nsxv/api/test_v1_fwaas.py b/vmware_nsx_tempest_plugin/tests/nsxv/api/test_v1_fwaas.py index 5024364..c2a137a 100644 --- a/vmware_nsx_tempest_plugin/tests/nsxv/api/test_v1_fwaas.py +++ b/vmware_nsx_tempest_plugin/tests/nsxv/api/test_v1_fwaas.py @@ -759,9 +759,8 @@ class FWaaSTestJSON(base.BaseNetworkTest): # Create router required for an ACTIVE firewall firewall_topo = self._create_firewall_basic_topo('exclusive') # Try to create firewall with the same router - self.assertRaisesRegexp( + self.assertRaises( lib_exc.Conflict, - "already associated with other Firewall", self.fwaasv1_client.create_firewall, name=data_utils.rand_name("firewall"), firewall_policy_id=self.fw_policy['firewall_policy']['id'], @@ -773,9 +772,8 @@ class FWaaSTestJSON(base.BaseNetworkTest): # Create router required for an ACTIVE firewall firewall_topo = self._create_firewall_basic_topo('distributed') # Try to create firewall with the same router - self.assertRaisesRegexp( + self.assertRaises( lib_exc.Conflict, - "already associated with other Firewall", self.fwaasv1_client.create_firewall, name=data_utils.rand_name("firewall"), firewall_policy_id=self.fw_policy['firewall_policy']['id'], diff --git a/vmware_nsx_tempest_plugin/tests/scenario/test_new_case_coverage.py b/vmware_nsx_tempest_plugin/tests/scenario/test_new_case_coverage.py index e49973f..2b1e48b 100644 --- a/vmware_nsx_tempest_plugin/tests/scenario/test_new_case_coverage.py +++ b/vmware_nsx_tempest_plugin/tests/scenario/test_new_case_coverage.py @@ -18,11 +18,14 @@ import time from tempest import config from tempest.lib.common.utils import data_utils +from tempest.lib.common.utils import test_utils + from tempest.lib import decorators from tempest.lib import exceptions from vmware_nsx_tempest_plugin.common import constants from vmware_nsx_tempest_plugin.lib import feature_manager +from vmware_nsx_tempest_plugin.services import fwaas_client as FWAASC from vmware_nsx_tempest_plugin.services import nsxv3_client from vmware_nsx_tempest_plugin.services import nsxv_client @@ -45,6 +48,7 @@ class TestNewCase(feature_manager.FeatureManager): cls.subnets_client = cls.cmgr_adm.subnets_client cls.sec_rule_client = cls.cmgr_adm.security_group_rules_client cls.sec_client = cls.cmgr_adm.security_groups_client + cls.fwaasv1_client = FWAASC.get_client(cls.cmgr_adm) @classmethod def resource_setup(cls): @@ -163,7 +167,7 @@ class TestNewCase(feature_manager.FeatureManager): return topology_dict def verify_ping_to_fip_from_ext_vm(self, server_details): - self.test_fip_check_server_and_project_network_connectivity( + self.using_floating_ip_check_server_and_project_network_connectivity( server_details) def verify_ping_own_fip(self, server): @@ -497,24 +501,28 @@ class TestNewCase(feature_manager.FeatureManager): kwargs = {"router_type": "shared", "admin_state_up": "True"} router = self.create_topology_router("fire-1", **kwargs) - firewall = self.create_fw_v1_rule(action="allow", - protocol="icmp") - fw_rule_id1 = firewall['id'] + firewall = self.fwaasv1_client.create_firewall_rule(action="allow", + protocol="icmp") + fw_rule_id1 = firewall['firewall_rule']['id'] + self.addCleanup(self._delete_rule_if_exists, fw_rule_id1) # Create firewall policy - body = self.create_fw_v1_policy() - fw_policy_id = body['id'] + body = self.fwaasv1_client.create_firewall_policy() + fw_policy_id = body['firewall_policy']['id'] + self.addCleanup(self._delete_policy_if_exists, fw_policy_id) # Insert rule to firewall policy self.insert_fw_v1_rule_in_policy( fw_policy_id, fw_rule_id1, '', '') # Create firewall should fail with shared router - firewall_1 = self.create_fw_v1( + firewall_1 = self.fwaasv1_client.create_firewall( firewall_policy_id=fw_policy_id, router_ids=[router['id']]) time.sleep(constants.NSX_BACKEND_TIME_INTERVAL) - firewall_info = self.show_fw_v1(firewall_1['id']) + self.addCleanup(self._delete_firewall_if_exists, + firewall_1['firewall']['id']) + firewall_info = self.show_fw_v1(firewall_1['firewall']['id']) self.assertIn("ERROR", firewall_info['firewall']['status']) kwargs = {"router_ids": []} - self.update_fw_v1(firewall_1['id'], **kwargs) + self.update_fw_v1(firewall_1['firewall']['id'], **kwargs) time.sleep(constants.NSX_BACKEND_TIME_INTERVAL) @decorators.attr(type='nsxv') @@ -523,13 +531,14 @@ class TestNewCase(feature_manager.FeatureManager): """ Firewall creation with md router should get fail """ - firewall = self.create_fw_v1_rule(action="allow", - protocol="icmp") - fw_rule_id1 = firewall['id'] + firewall = self.fwaasv1_client.create_firewall_rule(action="allow", + protocol="icmp") + fw_rule_id1 = firewall['firewall_rule']['id'] self.addCleanup(self._delete_rule_if_exists, fw_rule_id1) # Create firewall policy - body = self.create_fw_v1_policy() - fw_policy_id = body['id'] + body = self.fwaasv1_client.create_firewall_policy() + fw_policy_id = body['firewall_policy']['id'] + self.addCleanup(self._delete_policy_if_exists, fw_policy_id) # Insert rule to firewall policy self.insert_fw_v1_rule_in_policy( fw_policy_id, fw_rule_id1, '', '') @@ -538,14 +547,16 @@ class TestNewCase(feature_manager.FeatureManager): router_id = [ router for router in routers_list['routers'] if "metadata_proxy_router" in router.get('name')][0]['id'] - firewall_1 = self.create_fw_v1( + firewall_1 = self.fwaasv1_client.create_firewall( firewall_policy_id=fw_policy_id, router_ids=[router_id]) time.sleep(constants.NSX_BACKEND_TIME_INTERVAL) - firewall_info = self.show_fw_v1(firewall_1['id']) + firewall_info = self.show_fw_v1(firewall_1['firewall']['id']) + self.addCleanup(self._delete_firewall_if_exists, + firewall_1['firewall']['id']) self.assertIn("ERROR", firewall_info['firewall']['status']) kwargs = {"router_ids": []} - self.fwaasv1_client.update_fw_v1(firewall_1['id'], **kwargs) + self.update_fw_v1(firewall_1['firewall']['id'], **kwargs) time.sleep(constants.NSX_BACKEND_TIME_INTERVAL) @decorators.attr(type='nsxv') @@ -554,34 +565,45 @@ class TestNewCase(feature_manager.FeatureManager): """ Firewall update should work on exclusive router """ - kwargs = {"router_type": "exclusive", + kwargs = {'name': 'fire-1', + 'external_gateway_info': + {"network_id": CONF.network.public_network_id}, + "router_type": "exclusive", "admin_state_up": "True"} - router = self.create_topology_router("fire-1", **kwargs) - firewall = self.create_fw_v1_rule(action="allow", - protocol="icmp") - fw_rule_id1 = firewall['id'] + router = self.cmgr_adm.routers_client.create_router(**kwargs) + router = router['router'] if 'router' in router else router + self.addCleanup(test_utils.call_and_ignore_notfound_exc, + self.routers_client.delete_router, router['id']) + firewall = self.fwaasv1_client.create_firewall_rule(action="allow", + protocol="icmp") + fw_rule_id1 = firewall['firewall_rule']['id'] + self.addCleanup(self._delete_rule_if_exists, + fw_rule_id1) # Create firewall policy - body = self.create_fw_v1_policy() - fw_policy_id = body['id'] + body = self.fwaasv1_client.create_firewall_policy() + fw_policy_id = body['firewall_policy']['id'] + self.addCleanup(self._delete_policy_if_exists, + fw_policy_id) # Insert rule to firewall policy self.insert_fw_v1_rule_in_policy( fw_policy_id, fw_rule_id1, '', '') - # Create firewall should fail with shared router - firewall_1 = self.create_fw_v1( + firewall_1 = self.fwaasv1_client.create_firewall( firewall_policy_id=fw_policy_id, router_ids=[router['id']]) time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL) - firewall_info = self.show_fw_v1(firewall_1['id']) + self.addCleanup(self._delete_firewall_if_exists, + firewall_1['firewall']['id']) + firewall_info = self.show_fw_v1(firewall_1['firewall']['id']) self.assertIn("ACTIVE", firewall_info['firewall']['status']) kwargs = {"router_ids": []} - self.update_fw_v1(firewall_1['id'], **kwargs) + self.update_fw_v1(firewall_1['firewall']['id'], **kwargs) time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL) - firewall_info = self.show_fw_v1(firewall_1['id']) + firewall_info = self.show_fw_v1(firewall_1['firewall']['id']) self.assertIn("INACTIVE", firewall_info['firewall']['status']) kwargs = {"router_ids": [router['id']]} - self.update_fw_v1(firewall_1['id'], **kwargs) - self._wait_fw_v1_until_ready(firewall_1['id']) - firewall_info = self.show_fw_v1(firewall_1['id']) + self.update_fw_v1(firewall_1['firewall']['id'], **kwargs) + self._wait_fw_v1_until_ready(firewall_1['firewall']['id']) + firewall_info = self.show_fw_v1(firewall_1['firewall']['id']) self.assertIn("ACTIVE", firewall_info['firewall']['status']) @decorators.idempotent_id('2226016a-91cc-8905-b217-12344caa24a1') @@ -670,25 +692,29 @@ class TestNewCase(feature_manager.FeatureManager): """ kwargs = {"router_type": "exclusive", "admin_state_up": "True"} - name = "rtr-exc" + name = data_utils.rand_name(name='tempest-router') router_state = self.create_topology_router(name, set_gateway=True, **kwargs) router_id = router_state['id'] - firewall = self.create_fw_v1_rule(action="allow", - protocol="icmp") - fw_rule_id1 = firewall['id'] + firewall = self.fwaasv1_client.create_firewall_rule(action="allow", + protocol="icmp") + fw_rule_id1 = firewall['firewall_rule']['id'] + self.addCleanup(self._delete_rule_if_exists, fw_rule_id1) # Create firewall policy - body = self.create_fw_v1_policy() - fw_policy_id = body['id'] + body = self.fwaasv1_client.create_firewall_policy() + fw_policy_id = body['firewall_policy']['id'] + self.addCleanup(self._delete_policy_if_exists, fw_policy_id) # Insert rule to firewall policy self.insert_fw_v1_rule_in_policy( fw_policy_id, fw_rule_id1, '', '') # Create firewall should fail with shared router - firewall_1 = self.create_fw_v1( + firewall_1 = self.fwaasv1_client.create_firewall( firewall_policy_id=fw_policy_id, router_ids=[router_id]) time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL) - firewall_info = self.show_fw_v1(firewall_1['id']) + self.addCleanup(self._delete_firewall_if_exists, + firewall_1['firewall']['id']) + firewall_info = self.show_fw_v1(firewall_1['firewall']['id']) self.assertIn("ACTIVE", firewall_info['firewall']['status']) kwargs = {"router_type": "shared"} # Update router from distributed to shared should be restricted @@ -717,7 +743,7 @@ class TestNewCase(feature_manager.FeatureManager): subnet_name = network['name'] + 'sub' self.create_topology_subnet(subnet_name, network, routers_client=self.routers_client, - subnets_client=self.subnet_client, + subnets_client=self.subnets_client, router_id=router['id']) kwargs = dict(tenant_id=network['tenant_id'], security_group_rules_client=self.sec_rule_client, @@ -736,7 +762,7 @@ class TestNewCase(feature_manager.FeatureManager): remote_ip = vm2.values()[1].values()[0][0]['addr'] # Verify connectivity between vms self.check_remote_connectivity(ssh_source, remote_ip, - should_connect=True) + should_succeed=True) @decorators.attr(type='nsxv') @decorators.idempotent_id('2226016a-93cc-5099-b217-12344caa24a1') @@ -762,7 +788,7 @@ class TestNewCase(feature_manager.FeatureManager): subnet_name = network['name'] + 'sub' self.create_topology_subnet(subnet_name, network, routers_client=self.routers_client, - subnets_client=self.subnet_client, + subnets_client=self.subnets_client, router_id=router['id']) kwargs = dict(tenant_id=network['tenant_id'], security_group_rules_client=self.sec_rule_client, @@ -781,7 +807,7 @@ class TestNewCase(feature_manager.FeatureManager): remote_ip = vm2.values()[1].values()[0][0]['addr'] # Verify Connectivity between vms self.check_remote_connectivity(ssh_source, remote_ip, - should_connect=True) + should_succeed=True) @decorators.attr(type='nsxv') @decorators.idempotent_id('2226016a-93cc-5099-b217-12344caa24a1') @@ -802,30 +828,39 @@ class TestNewCase(feature_manager.FeatureManager): router_id1 = topology_dict['router_state']['id'] router_id2 = topology_dict['router_state2']['id'] # Create Firewall1 and add it to the router1's interface - body = self.create_fw_v1_policy() - fw_policy_id = body['id'] - firewall_1 = self.create_fw_v1( + body = self.fwaasv1_client.create_firewall_policy() + fw_policy_id = body['firewall_policy']['id'] + self.addCleanup(self._delete_policy_if_exists, + fw_policy_id) + firewall_1 = self.fwaasv1_client.create_firewall( firewall_policy_id=fw_policy_id, router_ids=[router_id1]) time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL) - firewall_info = self.show_fw_v1(firewall_1['id']) + firewall_id = firewall_1['firewall']['id'] + self.addCleanup(self._delete_firewall_if_exists, + firewall_id) + firewall_info = self.show_fw_v1(firewall_1['firewall']['id']) self.assertIn("ACTIVE", firewall_info['firewall']['status']) # Create Firewall2 and add it to the router2's interface - body2 = self.create_fw_v1_policy() - fw_policy_id2 = body2['id'] - firewall_2 = self.create_fw_v1( + body2 = self.fwaasv1_client.create_firewall_policy() + fw_policy_id2 = body2['firewall_policy']['id'] + self.addCleanup(self._delete_policy_if_exists, + fw_policy_id2) + firewall_2 = self.fwaasv1_client.create_firewall( firewall_policy_id=fw_policy_id2, router_ids=[router_id2]) time.sleep(constants.NSX_BACKEND_SMALL_TIME_INTERVAL) - firewall_info = self.show_fw_v1(firewall_2['id']) + self.addCleanup(self._delete_firewall_if_exists, + firewall_2['firewall']['id']) + firewall_info = self.show_fw_v1(firewall_2['firewall']['id']) self.assertIn("ACTIVE", firewall_info['firewall']['status']) # Delete router1 from firewall1 kwargs = {"router_ids": []} - self.update_fw_v1(firewall_1['id'], **kwargs) + self.update_fw_v1(firewall_1['firewall']['id'], **kwargs) time.sleep(constants.NSX_BACKEND_TIME_INTERVAL) # Add firewall2 to router1 kwargs = {"router_ids": [router_id1]} - self.update_fw_v1(firewall_2['id'], **kwargs) + self.update_fw_v1(firewall_2['firewall']['id'], **kwargs) time.sleep(constants.NSX_BACKEND_TIME_INTERVAL) - firewall_info = self.show_fw_v1(firewall_2['id']) + firewall_info = self.show_fw_v1(firewall_2['firewall']['id']) self.assertIn("ACTIVE", firewall_info['firewall']['status']) diff --git a/vmware_nsx_tempest_plugin/tests/uni-scale/test_provider_networks_uni_dimensionlascale.py b/vmware_nsx_tempest_plugin/tests/uni-scale/test_provider_networks_uni_dimensionlascale.py index a0d411d..41328d4 100644 --- a/vmware_nsx_tempest_plugin/tests/uni-scale/test_provider_networks_uni_dimensionlascale.py +++ b/vmware_nsx_tempest_plugin/tests/uni-scale/test_provider_networks_uni_dimensionlascale.py @@ -34,7 +34,8 @@ class ProviderNetworkUnidimensionalScaleTest(feature_manager.FeatureManager): """Test Uni Dimesional Case for Provider vlan networks Provider vxlan networks - Boot vms from scale networks and check does vm booted properly + Boot vms from scale networks and check does vm booted propery + check connectivity between vms """ @classmethod def setup_clients(cls):