Add local ip scenario tests
With Local IP static_nat set to True (for work with ovs firewall) - back ICMP traffic from VM with Local IP assigned will have source IP substituted with local IP. To overcome this new parameter was added to check_remote_connectivity - check_responce_ip Depends-On: https://review.opendev.org/c/openstack/neutron/+/818228 Depends-On: https://review.opendev.org/c/openstack/neutron/+/824363 Change-Id: I85b4c07a623443e3fd856b9218024773125f20eb
This commit is contained in:
parent
3f2bbb5702
commit
1b1c9d3cc6
@ -367,7 +367,8 @@ class BaseTempestTestCase(base_api.BaseNetworkTest):
|
||||
should_succeed=True,
|
||||
nic=None, mtu=None, fragmentation=True,
|
||||
timeout=None, pattern=None,
|
||||
forbid_packet_loss=False):
|
||||
forbid_packet_loss=False,
|
||||
check_response_ip=True):
|
||||
"""check ping server via source ssh connection
|
||||
|
||||
:param source: RemoteClient: an ssh connection from which to ping
|
||||
@ -380,6 +381,7 @@ class BaseTempestTestCase(base_api.BaseNetworkTest):
|
||||
:param timeout: Timeout for all ping packet(s) to succeed
|
||||
:param pattern: hex digits included in ICMP messages
|
||||
:param forbid_packet_loss: forbid or allow some lost packets
|
||||
:param check_response_ip: check response ip
|
||||
:returns: boolean -- should_succeed == ping
|
||||
:returns: ping is false if ping failed
|
||||
"""
|
||||
@ -422,7 +424,8 @@ class BaseTempestTestCase(base_api.BaseNetworkTest):
|
||||
LOG.debug('Packet loss detected')
|
||||
return not should_succeed
|
||||
|
||||
if validators.validate_ip_address(dest) is None:
|
||||
if (check_response_ip and
|
||||
validators.validate_ip_address(dest) is None):
|
||||
# Assert that the return traffic was from the correct
|
||||
# source address.
|
||||
from_source = 'from %s' % dest
|
||||
@ -436,13 +439,15 @@ class BaseTempestTestCase(base_api.BaseNetworkTest):
|
||||
nic=None, mtu=None, fragmentation=True,
|
||||
servers=None, timeout=None,
|
||||
ping_count=CONF.validation.ping_count,
|
||||
pattern=None, forbid_packet_loss=False):
|
||||
pattern=None, forbid_packet_loss=False,
|
||||
check_response_ip=True):
|
||||
try:
|
||||
self.assertTrue(self._check_remote_connectivity(
|
||||
source, dest, ping_count, should_succeed, nic, mtu,
|
||||
fragmentation,
|
||||
timeout=timeout, pattern=pattern,
|
||||
forbid_packet_loss=forbid_packet_loss))
|
||||
forbid_packet_loss=forbid_packet_loss,
|
||||
check_response_ip=check_response_ip))
|
||||
except (lib_exc.SSHTimeout, ssh_exc.AuthenticationException) as ssh_e:
|
||||
LOG.debug(ssh_e)
|
||||
self._log_console_output(servers)
|
||||
|
103
neutron_tempest_plugin/scenario/test_local_ip.py
Normal file
103
neutron_tempest_plugin/scenario/test_local_ip.py
Normal file
@ -0,0 +1,103 @@
|
||||
# Copyright 2021 Huawei, Inc. All rights reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
from oslo_log import log as logging
|
||||
from tempest.common import utils
|
||||
from tempest.common import waiters
|
||||
from tempest.lib.common.utils import data_utils
|
||||
from tempest.lib import decorators
|
||||
|
||||
from neutron_tempest_plugin.common import ssh
|
||||
from neutron_tempest_plugin import config
|
||||
from neutron_tempest_plugin.scenario import base
|
||||
from neutron_tempest_plugin.scenario import constants as const
|
||||
|
||||
LOG = logging.getLogger(__name__)
|
||||
CONF = config.CONF
|
||||
|
||||
|
||||
class LocalIPTest(base.BaseTempestTestCase):
|
||||
credentials = ['primary', 'admin']
|
||||
|
||||
@classmethod
|
||||
@utils.requires_ext(extension="local_ip", service="network")
|
||||
def resource_setup(cls):
|
||||
super(LocalIPTest, cls).resource_setup()
|
||||
cls.network = cls.create_network()
|
||||
cls.subnet = cls.create_subnet(cls.network)
|
||||
cls.keypair = cls.create_keypair()
|
||||
|
||||
# Create security group with admin privileges
|
||||
cls.secgroup = cls.create_security_group(
|
||||
name=data_utils.rand_name('secgroup'))
|
||||
|
||||
# Execute funcs to achieve ssh and ICMP capabilities
|
||||
cls.create_loginable_secgroup_rule(secgroup_id=cls.secgroup['id'])
|
||||
cls.create_pingable_secgroup_rule(secgroup_id=cls.secgroup['id'])
|
||||
|
||||
# Create router
|
||||
cls.router = cls.create_router(
|
||||
router_name=data_utils.rand_name("router-test"),
|
||||
admin_state_up=True,
|
||||
external_network_id=CONF.network.public_network_id)
|
||||
cls.create_router_interface(cls.router['id'], cls.subnet['id'])
|
||||
|
||||
def _create_server(self, name=None):
|
||||
port = self.create_port(
|
||||
self.network, security_groups=[self.secgroup['id']])
|
||||
server = self.create_server(
|
||||
flavor_ref=CONF.compute.flavor_ref,
|
||||
image_ref=CONF.compute.image_ref,
|
||||
key_name=self.keypair['name'], name=name,
|
||||
networks=[{'port': port['id']}])['server']
|
||||
waiters.wait_for_server_status(self.os_primary.servers_client,
|
||||
server['id'],
|
||||
const.SERVER_STATUS_ACTIVE)
|
||||
|
||||
return {'port': port, 'server': server}
|
||||
|
||||
@decorators.idempotent_id('3aa4b288-011a-4aa2-9024-19ad2ce40bfd')
|
||||
def test_local_ip_connectivity(self):
|
||||
server1 = self._create_server(name='local_ip_vm1')
|
||||
server2 = self._create_server(name='local_ip_vm2')
|
||||
|
||||
fip = self.create_and_associate_floatingip(server1['port']['id'])
|
||||
ssh_client = ssh.Client(
|
||||
fip['floating_ip_address'],
|
||||
CONF.validation.image_ssh_user,
|
||||
pkey=self.keypair['private_key'])
|
||||
|
||||
servers = [server1['server'], server2['server']]
|
||||
|
||||
# first check basic connectivity
|
||||
self.check_remote_connectivity(
|
||||
ssh_client,
|
||||
server2['port']['fixed_ips'][0]['ip_address'],
|
||||
servers=servers)
|
||||
|
||||
local_ip = self.create_local_ip(network_id=self.network['id'])
|
||||
self.create_local_ip_association(local_ip['id'],
|
||||
fixed_port_id=server2['port']['id'])
|
||||
# check connectivity with local ip address
|
||||
self.check_remote_connectivity(
|
||||
ssh_client, local_ip['local_ip_address'],
|
||||
servers=servers, check_response_ip=False)
|
||||
|
||||
# check basic connectivity after local ip association
|
||||
self.check_remote_connectivity(
|
||||
ssh_client,
|
||||
server2['port']['fixed_ips'][0]['ip_address'],
|
||||
servers=servers,
|
||||
check_response_ip=False)
|
@ -139,18 +139,21 @@
|
||||
ovsdb-server: false
|
||||
q-ovn-metadata-agent: false
|
||||
# Neutron services
|
||||
neutron-local-ip-static: true
|
||||
q-agt: true
|
||||
q-dhcp: true
|
||||
q-l3: true
|
||||
q-meta: true
|
||||
q-metering: true
|
||||
network_api_extensions: *api_extensions
|
||||
network_api_extensions_openvswitch:
|
||||
- local_ip
|
||||
network_available_features: *available_features
|
||||
devstack_localrc:
|
||||
Q_AGENT: openvswitch
|
||||
Q_ML2_TENANT_NETWORK_TYPE: vxlan
|
||||
Q_ML2_PLUGIN_MECHANISM_DRIVERS: openvswitch
|
||||
NETWORK_API_EXTENSIONS: "{{ network_api_extensions | join(',') }}"
|
||||
NETWORK_API_EXTENSIONS: "{{ (network_api_extensions + network_api_extensions_openvswitch) | join(',') }}"
|
||||
devstack_local_conf:
|
||||
post-config:
|
||||
$NEUTRON_CONF:
|
||||
@ -205,12 +208,15 @@
|
||||
ovsdb-server: false
|
||||
q-ovn-metadata-agent: false
|
||||
# Neutron services
|
||||
neutron-local-ip: true
|
||||
q-agt: true
|
||||
q-dhcp: true
|
||||
q-l3: true
|
||||
q-meta: true
|
||||
q-metering: true
|
||||
network_api_extensions: *api_extensions
|
||||
network_api_extensions_openvswitch:
|
||||
- local_ip
|
||||
network_available_features: *available_features
|
||||
# TODO(slaweq): remove trunks subport_connectivity test from blacklist
|
||||
# when bug https://bugs.launchpad.net/neutron/+bug/1838760 will be fixed
|
||||
@ -223,7 +229,7 @@
|
||||
Q_AGENT: openvswitch
|
||||
Q_ML2_TENANT_NETWORK_TYPE: vxlan
|
||||
Q_ML2_PLUGIN_MECHANISM_DRIVERS: openvswitch
|
||||
NETWORK_API_EXTENSIONS: "{{ network_api_extensions | join(',') }}"
|
||||
NETWORK_API_EXTENSIONS: "{{ (network_api_extensions + network_api_extensions_openvswitch) | join(',') }}"
|
||||
devstack_local_conf:
|
||||
post-config:
|
||||
$NEUTRON_CONF:
|
||||
|
Loading…
Reference in New Issue
Block a user