[Fullstack] Wait for SG to be applied by L2 agent
In fullstack test_securitygroup there were used simple
net_helpers.assert_ping() and assert_not_ping() functions
which tries to ping IP address 3 times with some short timeout
and test fails if result of ping will not be as expected.
Unfortunately sometimes in fullstack tests it might be not enough
if test is creating new SG or SG rule or apply SG to port and
just after that checks connection because L2 agent don't have
enough time to apply all rules on "host".
This patch changes it to use block_until_ping() and
block_until_no_ping() methods from FakeMachine fixture.
It will also check if ping is possible/not possible but
will try to check it for 1 minute before fails.
Similar change is also done for methods which checks TCP
connectivity using netcat helper class. It now uses
common_utils.wait_until_true() helper function instead of
fail immediatelly.
Change-Id: I9e523d803e3c49d5d090ae5b9d36d43ce7311535
Closes-Bug: #1774006
Closes-Bug: #1767829
(cherry picked from commit 11b41d73b4
)
This commit is contained in:
parent
1afa908c7f
commit
67de855c0d
|
@ -61,15 +61,22 @@ class BaseSecurityGroupsSameNetworkTest(base.BaseFullStackTestCase):
|
|||
|
||||
def assert_connection(self, *args, **kwargs):
|
||||
netcat = net_helpers.NetcatTester(*args, **kwargs)
|
||||
|
||||
def test_connectivity():
|
||||
try:
|
||||
return netcat.test_connectivity()
|
||||
except RuntimeError:
|
||||
return False
|
||||
|
||||
try:
|
||||
self.assertTrue(netcat.test_connectivity())
|
||||
common_utils.wait_until_true(test_connectivity)
|
||||
finally:
|
||||
netcat.stop_processes()
|
||||
|
||||
def assert_no_connection(self, *args, **kwargs):
|
||||
netcat = net_helpers.NetcatTester(*args, **kwargs)
|
||||
try:
|
||||
self.assertRaises(RuntimeError, netcat.test_connectivity)
|
||||
common_utils.wait_until_true(netcat.test_no_connectivity)
|
||||
finally:
|
||||
netcat.stop_processes()
|
||||
|
||||
|
@ -161,9 +168,9 @@ class TestSecurityGroupsSameNetwork(BaseSecurityGroupsSameNetworkTest):
|
|||
self.assert_connection(
|
||||
vms[2].namespace, vms[0].namespace, vms[0].ip, 3333,
|
||||
net_helpers.NetcatTester.TCP)
|
||||
net_helpers.assert_ping(vms[0].namespace, vms[1].ip)
|
||||
net_helpers.assert_ping(vms[0].namespace, vms[2].ip)
|
||||
net_helpers.assert_ping(vms[1].namespace, vms[2].ip)
|
||||
vms[0].block_until_ping(vms[1].ip)
|
||||
vms[0].block_until_ping(vms[2].ip)
|
||||
vms[1].block_until_ping(vms[2].ip)
|
||||
|
||||
# Apply security groups to the ports
|
||||
for port, sg in zip(ports, index_to_sg):
|
||||
|
@ -183,9 +190,9 @@ class TestSecurityGroupsSameNetwork(BaseSecurityGroupsSameNetworkTest):
|
|||
net_helpers.NetcatTester.TCP)
|
||||
|
||||
# 3. check if traffic not explicitly allowed (eg. ICMP) is blocked
|
||||
net_helpers.assert_no_ping(vms[0].namespace, vms[1].ip)
|
||||
net_helpers.assert_no_ping(vms[0].namespace, vms[2].ip)
|
||||
net_helpers.assert_no_ping(vms[1].namespace, vms[2].ip)
|
||||
vms[0].block_until_no_ping(vms[1].ip)
|
||||
vms[0].block_until_no_ping(vms[2].ip)
|
||||
vms[1].block_until_no_ping(vms[2].ip)
|
||||
|
||||
# 4. check if a security group update takes effect
|
||||
self.assert_no_connection(
|
||||
|
|
Loading…
Reference in New Issue