etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1028 from michaelandersen/fix/vpc_vpn 

smoke/test_vpc_vpn: Add template wait & refactor- Added a wait for template download as the test was failing in some environments
- Removed debug timer in setup and teardown
- Increased time.sleep before ssh connection from 10 to 20 seconds
- PEP8
- Changed required_hardware tag to true

* pr/1028:
  smoke/test_vpc_vpn: Add template wait & refactor

Signed-off-by: Remi Bergsma <github@remi.nl>
This commit is contained in:
Remi Bergsma 2015-11-04 11:27:58 +01:00
parent 0ba871b127 c883853892
commit 6f2e6a7fac
1 changed files with 189 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

352
test/integration/smoke/test_vpc_vpn.py
View File

@ -58,6 +58,7 @@ from nose.plugins.attrib import attr
import logging
import time
class Services:
"""Test VPC VPN Services.
@ -179,16 +180,16 @@ class Services:
"gateway": "10.2.1.1"
},
"vpn": {
"vpn_user":"root",
"vpn_pass":"Md1s#dc",
"vpn_pass_fail":"abc!123", # too short
"iprange":"10.2.2.1-10.2.2.10",
"vpn_user": "root",
"vpn_pass": "Md1s#dc",
"vpn_pass_fail": "abc!123", # too short
"iprange": "10.2.2.1-10.2.2.10",
"fordisplay": "true"
},
"vpncustomergateway": {
"esppolicy":"3des-md5;modp1536",
"ikepolicy":"3des-md5;modp1536",
"ipsecpsk":"ipsecpsk"
"esppolicy": "3des-md5;modp1536",
"ikepolicy": "3des-md5;modp1536",
"ipsecpsk": "ipsecpsk"
},
"natrule": {
"protocol": "TCP",
@ -211,24 +212,28 @@ class Services:
"publicport": 22,
"protocol": 'TCP',
},
"template_kvm": {
"name": "tiny-kvm",
"displaytext": "macchinina kvm",
"format": "qcow2",
"hypervisor": "kvm",
"ostype": "Other PV (64-bit)",
"url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
"requireshvm": "True",
},
"template_xen": {
"name": "tiny-xen",
"displaytext": "macchinina xen",
"format": "vhd",
"hypervisor": "xen",
"ostype": "Other (64-bit)",
"url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
"requireshvm": "True",
},
"template": {
"kvm": {
"name": "tiny-kvm",
"displaytext": "macchinina kvm",
"format": "qcow2",
"hypervisor": "kvm",
"ostype": "Other PV (64-bit)",
"url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
"requireshvm": "True",
},
"xen": {
"name": "tiny-xen",
"displaytext": "macchinina xen",
"format": "vhd",
"hypervisor": "xen",
"ostype": "Other (64-bit)",
"url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
"requireshvm": "True",
},
}
}
@ -241,7 +246,6 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
cls.stream_handler = logging.StreamHandler()
cls.logger.setLevel(logging.DEBUG)
cls.logger.addHandler(cls.stream_handler)
cls.startTime = time.time()
testClient = super(TestVpcRemoteAccessVpn, cls).getClsTestClient()
cls.apiclient = testClient.getApiClient()
@ -253,50 +257,55 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
cls.apiclient,
cls.services["compute_offering"]
)
cls.account = Account.create(cls.apiclient, services=cls.services["account"])
cls.account = Account.create(
cls.apiclient, services=cls.services["account"])
if cls.services["default_hypervisor"] == "kvm":
cls.template = Template.register(cls.apiclient, cls.services["template_kvm"], cls.zone.id, hypervisor=cls.services[
"template_kvm"]["hypervisor"], account=cls.account.name, domainid=cls.domain.id)
else:
cls.template = Template.register(cls.apiclient, cls.services["template_xen"], cls.zone.id, hypervisor=cls.services[
"template_xen"]["hypervisor"], account=cls.account.name, domainid=cls.domain.id)
cls.hypervisor = cls.services["default_hypervisor"]
cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
cls.hypervisor]["name"], cls.services["template"][cls.hypervisor]["url"]))
cls.template = Template.register(cls.apiclient, cls.services["template"][
cls.hypervisor], cls.zone.id, hypervisor=cls.hypervisor, account=cls.account.name, domainid=cls.domain.id)
cls.template.download(cls.apiclient)
if cls.template == FAILED:
assert False, "get_template() failed to return template with description %s" % cls.services["compute_offering"]
assert False, "get_template() failed to return template with description %s" % cls.services[
"compute_offering"]
cls.services["virtual_machine"]["hypervisor"] = cls.services["default_hypervisor"]
cls.services["virtual_machine"][
"hypervisor"] = cls.services["default_hypervisor"]
cls.cleanup = [cls.account]
@attr(tags=["advanced"], required_hardware="false")
@attr(tags=["advanced"], required_hardware="true")
def test_vpc_remote_access_vpn(self):
"""Test Remote Access VPN in VPC"""
# 0) Get the default network offering for VPC
self.logger.debug("Retrieving default VPC offering")
networkOffering = NetworkOffering.list(self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(networkOffering) > 0, "No VPC based network offering")
networkOffering = NetworkOffering.list(
self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(
networkOffering) > 0, "No VPC based network offering")
# 1) Create VPC
vpcOffering = VpcOffering.list(self.apiclient,isdefault=True)
self.assert_(vpcOffering is not None and len(vpcOffering)>0, "No VPC offerings found")
vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
self.assert_(vpcOffering is not None and len(
vpcOffering) > 0, "No VPC offerings found")
try:
vpc = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc is not None, "VPC creation failed")
self.logger.debug("VPC %s created" %(vpc.id))
self.logger.debug("VPC %s created" % (vpc.id))
try:
# 2) Create network in VPC
@ -313,22 +322,24 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
self.fail(e)
finally:
self.assertIsNotNone(ntwk, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" %(ntwk.id, vpc.id))
self.logger.debug(
"Network %s created in VPC %s" % (ntwk.id, vpc.id))
try:
# 3) Deploy a vm
vm = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid= self.domain.id,
serviceofferingid=self.compute_offering.id,
networkids=ntwk.id,
hypervisor=self.services["virtual_machine"]["hypervisor"]
)
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.domain.id,
serviceofferingid=self.compute_offering.id,
networkids=ntwk.id,
hypervisor=self.services[
"virtual_machine"]["hypervisor"]
)
self.assert_(vm is not None, "VM failed to deploy")
self.assert_(vm.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" %(vm.id, vpc.id))
self.debug("VM %s deployed in VPC %s" % (vm.id, vpc.id))
except Exception as e:
self.fail(e)
finally:
@ -337,13 +348,13 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
try:
# 4) Enable VPN for VPC
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc.id
)
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc.id
)
ip = src_nat_list[0]
except Exception as e:
self.fail(e)
@ -376,25 +387,23 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(vpnUser, "Failed to create Remote Access VPN User")
self.assertIsNotNone(
vpnUser, "Failed to create Remote Access VPN User")
self.logger.debug("Created VPN User: OK")
#TODO: Add an actual remote vpn connection test from a remote vpc
# TODO: Add an actual remote vpn connection test from a remote vpc
try:
# 9) Disable VPN for VPC
vpn.delete(self.apiclient)
except Exceptio as e:
except Exception as e:
self.fail(e)
finally:
self.logger.debug("Deleted the Remote Access VPN: OK")
@classmethod
def tearDownClass(cls):
total_time = time.time() - cls.startTime
cls.logger.debug("%.3f" % (total_time))
try:
cls.logger.debug("Cleaning up resources")
cleanup_resources(cls.apiclient, cls.cleanup)
@ -422,21 +431,23 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
cls.services["compute_offering"]
)
cls.account = Account.create(cls.apiclient, services=cls.services["account"])
if cls.services["default_hypervisor"] == "kvm":
cls.template = Template.register(cls.apiclient, cls.services["template_kvm"], cls.zone.id, hypervisor=cls.services[
"template_kvm"]["hypervisor"], account=cls.account.name, domainid=cls.domain.id)
else:
cls.template = Template.register(cls.apiclient, cls.services["template_xen"], cls.zone.id, hypervisor=cls.services[
"template_xen"]["hypervisor"], account=cls.account.name, domainid=cls.domain.id)
cls.account = Account.create(
cls.apiclient, services=cls.services["account"])
cls.hypervisor = cls.services["default_hypervisor"]
cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
cls.hypervisor]["name"], cls.services["template"][cls.hypervisor]["url"]))
cls.template = Template.register(cls.apiclient, cls.services["template"][
cls.hypervisor], cls.zone.id, hypervisor=cls.hypervisor, account=cls.account.name, domainid=cls.domain.id)
cls.template.download(cls.apiclient)
if cls.template == FAILED:
assert False, "get_template() failed to return template with description %s" % cls.services["compute_offering"]
assert False, "get_template() failed to return template with description %s" % cls.services[
"compute_offering"]
cls.services["virtual_machine"]["hypervisor"] = cls.services["default_hypervisor"]
cls.services["virtual_machine"][
"hypervisor"] = cls.services["default_hypervisor"]
cls.cleanup = [cls.account]
def get_ssh_client(self, virtual_machine, services, retries):
""" Setup ssh client connection and return connection
vm requires attributes public_ip, public_port, username, password """
@ -483,56 +494,59 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
vm.public_port = int(public_port)
return nat_rule
@attr(tags=["advanced"], required_hardware="false")
@attr(tags=["advanced"], required_hardware="true")
def test_vpc_site2site_vpn(self):
"""Test VPN in VPC"""
# 0) Get the default network offering for VPC
networkOffering = NetworkOffering.list(self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(networkOffering) > 0, "No VPC based network offering")
networkOffering = NetworkOffering.list(
self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(
networkOffering) > 0, "No VPC based network offering")
# 1) Create VPC offering
vpcOffering = VpcOffering.list(self.apiclient,isdefault=True)
self.assert_(vpcOffering is not None and len(vpcOffering)>0, "No VPC offerings found")
vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
self.assert_(vpcOffering is not None and len(
vpcOffering) > 0, "No VPC offerings found")
# Create VPC 1
try:
vpc1 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc1.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc1.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc1 is not None, "VPC1 creation failed")
self.logger.debug("VPC1 %s created" %(vpc1.id))
self.logger.debug("VPC1 %s created" % (vpc1.id))
# Create VPC 2
try:
vpc2 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc2"],
networkDomain="vpc2.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid
apiclient=self.apiclient,
services=self.services["vpc2"],
networkDomain="vpc2.vpn",
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc2 is not None, "VPC2 creation failed")
self.logger.debug("VPC2 %s created" %(vpc2.id))
self.logger.debug("VPC2 %s created" % (vpc2.id))
default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0]
default_acl = NetworkACLList.list(
self.apiclient, name="default_allow")[0]
# Create network in VPC 1
try:
@ -551,7 +565,7 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
finally:
self.assertIsNotNone(ntwk1, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" %(ntwk1.id, vpc1.id))
self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))
# Create network in VPC 2
try:
@ -570,127 +584,139 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
finally:
self.assertIsNotNone(ntwk2, "Network failed to create")
self.logger.debug("Network %s created in VPC %s" %(ntwk2.id, vpc2.id))
self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))
# Deploy a vm in network 2
try:
vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid= self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk1.id,
hypervisor=self.services["virtual_machine"]["hypervisor"]
)
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk1.id,
hypervisor=self.services[
"virtual_machine"]["hypervisor"]
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm1 is not None, "VM failed to deploy")
self.assert_(vm1.state == 'Running', "VM is not running")
self.logger.debug("VM %s deployed in VPC %s" %(vm1.id, vpc1.id))
self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))
# Deploy a vm in network 2
try:
vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid= self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk2.id,
hypervisor=self.services["virtual_machine"]["hypervisor"]
)
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk2.id,
hypervisor=self.services[
"virtual_machine"]["hypervisor"]
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm2 is not None, "VM failed to deploy")
self.assert_(vm2.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" %(vm2.id, vpc2.id))
self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id))
# 4) Enable Site-to-Site VPN for VPC
vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
self.assert_(vpn1_response is not None, "Failed to enable VPN Gateway 1")
self.assert_(
vpn1_response is not None, "Failed to enable VPN Gateway 1")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)
vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
self.assert_(vpn2_response is not None, "Failed to enable VPN Gateway 2")
self.assert_(
vpn2_response is not None, "Failed to enable VPN Gateway 2")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)
# 5) Add VPN Customer gateway info
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc1.id
)
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc1.id
)
ip1 = src_nat_list[0]
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc2.id
)
self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
listall=True,
issourcenat=True,
vpcid=vpc2.id
)
ip2 = src_nat_list[0]
services = self.services["vpncustomergateway"]
customer1_response = VpnCustomerGateway.create(self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id )
self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id )
customer1_response = VpnCustomerGateway.create(
self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id)
self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id)
self.logger.debug(vars(customer1_response))
customer2_response = VpnCustomerGateway.create(self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id )
self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id )
customer2_response = VpnCustomerGateway.create(
self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id)
self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id)
self.logger.debug(vars(customer2_response))
# 6) Connect two VPCs
vpnconn1_response = Vpn.createVpnConnection(self.apiclient, customer1_response.id, vpn2_response['id'], True)
vpnconn1_response = Vpn.createVpnConnection(
self.apiclient, customer1_response.id, vpn2_response['id'], True)
self.debug("VPN passive connection created for VPC %s" % vpc2.id)
vpnconn2_response = Vpn.createVpnConnection(self.apiclient, customer2_response.id, vpn1_response['id'])
vpnconn2_response = Vpn.createVpnConnection(
self.apiclient, customer2_response.id, vpn1_response['id'])
self.debug("VPN connection created for VPC %s" % vpc1.id)
self.assertEqual(vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")
self.assertEqual(
vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")
# acquire an extra ip address to use to ssh into vm2
try:
vm2.public_ip = PublicIPAddress.create(
apiclient=self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
services=self.services,
networkid=ntwk2.id,
vpcid=vpc2.id)
apiclient=self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
services=self.services,
networkid=ntwk2.id,
vpcid=vpc2.id)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")
self.assert_(
vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")
# Create port forward to be able to ssh into vm2
try:
natrule = self.create_natrule(vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
natrule = self.create_natrule(
vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
except Exception as e:
self.fail(e)
finally:
self.assert_(natrule is not None, "Failed to create portforward for vm2")
time.sleep(10)
self.assert_(
natrule is not None, "Failed to create portforward for vm2")
time.sleep(20)
# setup ssh connection to vm2
ssh_client = self.get_ssh_client(vm2, self.services, 10)
if ssh_client:
# run ping test
packet_loss = ssh_client.execute("/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
packet_loss = ssh_client.execute(
"/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
self.assert_(int(packet_loss) == 0, "Ping did not succeed")
else:
self.fail("Failed to setup ssh connection to %s" %vm2.public_ip)
self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
@classmethod
def tearDownClass(cls):