Browse Source

Fix for dvs_attached_ports test

Closes-Bug: #1594343
Change-Id: I960da1bc9c46629e6529d37436183b2aa6ab7a55
ekhomyakova 2 years ago
parent
commit
2eb83d06bd

+ 8
- 8
docs/test_plan/source/test_suite_system.rst View File

@@ -986,22 +986,22 @@ Steps
986 986
 
987 987
     1. Set up for system tests.
988 988
     2. Create net_1: net01__subnet, 192.168.1.0/24, and attach it to the default router.
989
-    3. Create security SG1 group with rules:
989
+    3. Create security group SG1 with rules:
990 990
        Ingress rule with ip protocol 'icmp', port range any, SG group 'SG1'
991 991
        Egress rule with ip protocol 'icmp', port range any, SG group 'SG1'
992 992
        Ingress rule with ssh protocol 'tcp', port range 22, SG group 'SG1'
993 993
        Egress rule with ssh  protocol 'tcp', port range 22, SG group 'SG1'
994
-    4. Launch few instances with SG1 in net1.
995
-    5. Launch few instances with Default SG in net1.
994
+    4. Launch 2 instances with SG1 in net_1.
995
+    5. Launch 2 instances with Default SG in net_1.
996 996
     6. Verify that icmp/ssh is enabled between instances from SG1.
997
-    7. Verify that  that icmp/ssh isn't allowed to instances of SG1 from instances of Default SG.
998
-    8. Detached ports of all instances from net_1.
999
-    9. Attached ports of all instances to default internal net. For instances of Vcenter to activate new interface on cirros edit the  restart network: "sudo /etc/init.d/S40network restart"
997
+    7. Verify that icmp/ssh isn't allowed to instances of SG1 from instances of Default SG.
998
+    8. Detach ports of all instances from net_1.
999
+    9. Attach ports of all instances to default internal net. To activate new interface on cirros restart network: "sudo /etc/init.d/S40network restart"
1000 1000
     10. Check that all instances are in Default SG.
1001 1001
     11. Verify that icmp/ssh is enabled between instances.
1002
-    12. Change of some instances Default SG to SG1.
1002
+    12. Change for some instances Default SG to SG1.
1003 1003
     13. Verify that icmp/ssh is enabled between instances from SG1.
1004
-    14. Verify that  that icmp/ssh isn't allowed to instances of SG1 from instances of Default SG.
1004
+    14. Verify that icmp/ssh isn't allowed to instances of SG1 from instances of Default SG.
1005 1005
 
1006 1006
 
1007 1007
 Expected result

+ 118
- 107
plugin_test/tests/test_plugin_vmware_dvs_system.py View File

@@ -1992,8 +1992,8 @@ class TestDVSSystem(TestBasic):
1992 1992
         Scenario:
1993 1993
             1. Revert snapshot to dvs_vcenter_systest_setup.
1994 1994
             2. Create net_1: net01__subnet, 192.168.1.0/24, and attach
1995
-               it to the router01.
1996
-            3. Create security SG1 group with rules:
1995
+               it to the default router.
1996
+            3. Create security group SG1 with rules:
1997 1997
                 Ingress rule with ip protocol 'icmp ', port range any,
1998 1998
                 SG group 'SG1'
1999 1999
                 Egress rule with ip protocol 'icmp ', port range any,
@@ -2002,27 +2002,29 @@ class TestDVSSystem(TestBasic):
2002 2002
                 SG group 'SG1'
2003 2003
                 Egress rule with ssh protocol 'tcp ', port range 22,
2004 2004
                 SG group 'SG1'
2005
-            4. Launch few instances with SG1 in net1.
2006
-            5. Launch few instances with Default SG in net1.
2005
+            4. Launch 2 instances with SG1 in net_1.
2006
+            5. Launch 2 instances with Default SG in net_1.
2007 2007
             6. Verify that icmp/ssh is enabled between instances from SG1.
2008
-            7. Verify that that icmp/ssh isn't allowed to instances of SG1
2008
+            7. Verify that icmp/ssh isn't allowed to instances of SG1
2009 2009
                from instances of Default SG.
2010
-            8. Detached ports of all instances from net_1.
2011
-            9. Attached ports of all instances to default internal net.
2010
+            8. Detach ports of all instances from net_1.
2011
+            9. Attach ports of all instances to default internal net.
2012 2012
                To activate new interface on cirros
2013 2013
                restart network: "sudo /etc/init.d/S40network restart"
2014 2014
             10. Check that all instances are in Default SG.
2015 2015
             11. Verify that icmp/ssh is enabled between instances.
2016
-            12. Change of some instances Default SG to SG1.
2016
+            12. Change for some instances Default SG to SG1.
2017 2017
             13. Verify that icmp/ssh is enabled between instances from SG1.
2018
-            14. Verify that that icmp/ssh isn't allowed to instances of SG1
2018
+            14. Verify that icmp/ssh isn't allowed to instances of SG1
2019 2019
                 from instances of Default SG.
2020 2020
 
2021 2021
         Duration 15 min
2022 2022
 
2023 2023
         """
2024
+        # Set up environment for the test
2024 2025
         self.show_step(1)
2025
-        self.env.revert_snapshot("dvs_vcenter_systest_setup")
2026
+
2027
+        self.env.revert_snapshot('dvs_vcenter_systest_setup')
2026 2028
         cluster_id = self.fuel_web.get_last_created_cluster()
2027 2029
 
2028 2030
         os_ip = self.fuel_web.get_public_vip(cluster_id)
@@ -2033,147 +2035,156 @@ class TestDVSSystem(TestBasic):
2033 2035
 
2034 2036
         tenant = os_conn.get_tenant(SERVTEST_TENANT)
2035 2037
 
2036
-        network = os_conn.create_network(
2037
-            network_name=self.net_data[0].keys()[0],
2038
-            tenant_id=tenant.id)['network']
2038
+        # Create net_1 and attach it to the default router
2039
+        self.show_step(2)
2039 2040
 
2040
-        subnet = os_conn.create_subnet(
2041
-            subnet_name=network['name'],
2042
-            network_id=network['id'],
2041
+        net1 = os_conn.create_network(network_name=self.net_data[0].keys()[0],
2042
+                                      tenant_id=tenant.id)['network']
2043
+        subnet1 = os_conn.create_subnet(
2044
+            subnet_name=net1['name'],
2045
+            network_id=net1['id'],
2043 2046
             cidr=self.net_data[0][self.net_data[0].keys()[0]],
2044 2047
             ip_version=4)
2045 2048
 
2046
-        # Check that network is created.
2047
-        assert_true(
2048
-            os_conn.get_network(network['name'])['id'] == network['id']
2049
-        )
2050
-        # Create Router_01, set gateway and add interface
2051
-        # to external network.
2052
-        router_1 = os_conn.create_router(
2053
-            'router_1',
2054
-            tenant=tenant)
2049
+        # Check that network is created
2050
+        assert_true(os_conn.get_network(net1['name'])['id'] == net1['id'])
2055 2051
 
2056
-        # Add net_1 to router_1
2057
-        os_conn.add_router_interface(
2058
-            router_id=router_1["id"],
2059
-            subnet_id=subnet["id"])
2052
+        # Add net_1 to default router
2053
+        default_router = os_conn.neutron.list_routers()['routers'][0]
2054
+        os_conn.add_router_interface(router_id=default_router['id'],
2055
+                                     subnet_id=subnet1['id'])
2060 2056
 
2061
-        self.show_step(4)
2062
-        sg1 = os_conn.nova.security_groups.create(
2063
-            'SG1', "descr")
2064
-        sg_rules = [
2065
-            sg_rule for sg_rule
2066
-            in os_conn.neutron.list_security_group_rules()[
2067
-                'security_group_rules']
2068
-            if sg_rule['security_group_id'] == sg1.id]
2069
-        for rule in sg_rules:
2057
+        # Create security group SG1
2058
+        self.show_step(3)
2059
+
2060
+        sg1 = os_conn.nova.security_groups.create('SG1', 'descr')
2061
+        _sg_rules = os_conn.neutron.list_security_group_rules()
2062
+        sg1_rules = [sg_rule for sg_rule in _sg_rules['security_group_rules']
2063
+                    if sg_rule['security_group_id'] == sg1.id]
2064
+        for rule in sg1_rules:
2070 2065
             os_conn.neutron.delete_security_group_rule(rule['id'])
2071 2066
         for rule in [self.icmp, self.tcp]:
2072 2067
             rule["security_group_rule"]["security_group_id"] = sg1.id
2073 2068
             rule["security_group_rule"]["remote_group_id"] = sg1.id
2069
+
2074 2070
             rule["security_group_rule"]["direction"] = "ingress"
2075 2071
             os_conn.neutron.create_security_group_rule(rule)
2072
+
2076 2073
             rule["security_group_rule"]["direction"] = "egress"
2077 2074
             os_conn.neutron.create_security_group_rule(rule)
2078 2075
 
2079 2076
         default_net = os_conn.nova.networks.find(label=self.inter_net_name)
2080 2077
 
2081
-        # add rules for ssh and ping
2078
+        # Permit all TCP and ICMP in security group default
2082 2079
         os_conn.goodbye_security()
2083
-        default_sg = [
2084
-            sg
2085
-            for sg in os_conn.neutron.list_security_groups()['security_groups']
2086
-            if sg['tenant_id'] == os_conn.get_tenant(SERVTEST_TENANT).id
2087
-            if sg['name'] == 'default'][0]
2088 2080
 
2089
-        self.show_step(5)
2081
+        _groups = os_conn.neutron.list_security_groups()['security_groups']
2082
+        default_sg = [sg for sg in _groups
2083
+                      if sg['tenant_id'] == tenant.id and
2084
+                      sg['name'] == 'default'][0]
2085
+
2086
+        # Launch instances with SG1 in net_1
2087
+        self.show_step(4)
2088
+
2090 2089
         instances_1 = openstack.create_instances(
2091
-            os_conn=os_conn, nics=[{'net-id': network['id']}],
2090
+            os_conn=os_conn,
2091
+            nics=[{'net-id': net1['id']}],
2092 2092
             security_groups=[sg1.name])
2093 2093
 
2094
-        access_point_1, access_point_ip_1 = openstack.create_access_point(
2095
-            os_conn=os_conn, nics=[{'net-id': network['id']}],
2096
-            security_groups=[sg1.name, default_sg['name']])
2094
+        _, access_point_ip_1 = openstack.create_access_point(
2095
+            os_conn=os_conn,
2096
+            nics=[{'net-id': net1['id']}],
2097
+            security_groups=[default_sg['name'], sg1.name])
2098
+
2099
+        # Launch instances with Default SG in net_1
2100
+        self.show_step(5)
2097 2101
 
2098
-        self.show_step(6)
2099 2102
         instances_2 = openstack.create_instances(
2100
-            os_conn=os_conn, nics=[{'net-id': default_net.id}],
2103
+            os_conn=os_conn,
2104
+            nics=[{'net-id': net1['id']}],
2101 2105
             security_groups=[default_sg['name']])
2102 2106
 
2103
-        access_point_2, access_point_ip_2 = openstack.create_access_point(
2104
-            os_conn=os_conn, nics=[{'net-id': default_net.id}],
2105
-            security_groups=[default_sg['name'], sg1.name])
2106 2107
         openstack.verify_instance_state(os_conn)
2107 2108
 
2108
-        ips_1 = []
2109
-        for instance in instances_1:
2110
-            ips_1.append(os_conn.get_nova_instance_ip(
2111
-                instance, net_name=network['name']))
2112
-        ips_2 = []
2113
-        for instance in instances_2:
2114
-            ips_2.append(os_conn.get_nova_instance_ip(
2115
-                instance, net_name=self.inter_net_name))
2109
+        # Verify that icmp/ssh is enabled in SG1
2110
+        self.show_step(6)
2116 2111
 
2117
-        ip_pair = dict.fromkeys(ips_1)
2118
-        for key in ip_pair:
2119
-            ip_pair[key] = [value for value in ips_1 if key != value]
2120
-        openstack.check_connection_through_host(
2121
-            access_point_ip_1, ip_pair,
2122
-            timeout=60)
2112
+        ips_1 = [os_conn.get_nova_instance_ip(i, net_name=net1['name'])
2113
+                 for i in instances_1]
2114
+
2115
+        openstack.ping_each_other(ips=ips_1,
2116
+                                  timeout=60 * 5,
2117
+                                  access_point_ip=access_point_ip_1)
2123 2118
 
2119
+        # Verify that icmp/ssh isn't allowed between SG1 and Default SG
2124 2120
         self.show_step(7)
2125
-        for key in ip_pair:
2126
-            ip_pair[key] = ips_2
2127
-        openstack.check_connection_through_host(
2128
-            access_point_ip_1, ip_pair,
2129
-            result_of_command=1)
2130 2121
 
2122
+        ips_2 = [os_conn.get_nova_instance_ip(i, net_name=net1['name'])
2123
+                 for i in instances_2]
2124
+        ip_pairs = {ip: ips_2 for ip in ips_1}
2125
+        openstack.check_connection_through_host(remote=access_point_ip_1,
2126
+                                                timeout=60,
2127
+                                                ip_pair=ip_pairs,
2128
+                                                result_of_command=1)
2129
+
2130
+        # Detach ports of all instances from net_1
2131 2131
         self.show_step(8)
2132
+        # Attach ports of all instances to default internal net
2132 2133
         self.show_step(9)
2133
-        for instance in instances_1:
2134
-            ip = os_conn.get_nova_instance_ip(
2135
-                instance, net_name=network['name'])
2136
-            port = [
2137
-                p
2138
-                for p in os_conn.neutron.list_ports()['ports']
2139
-                if p['fixed_ips'][0]['ip_address'] == ip].pop()
2140
-            instance.interface_detach(
2141
-                port["id"])
2142
-            instance.interface_attach(
2143
-                None, default_net.id, None)
2144
-            instance.reboot()  # instead of restart network
2145 2134
 
2135
+        for instance in instances_1:
2136
+            ip = os_conn.get_nova_instance_ip(instance, net_name=net1['name'])
2137
+            port = [p for p in os_conn.neutron.list_ports()['ports']
2138
+                    if p['fixed_ips'][0]['ip_address'] == ip].pop()
2139
+            instance.interface_detach(port['id'])
2140
+            instance.interface_attach(None, default_net.id, None)
2141
+            instance.reboot()  # instead of network restart
2142
+
2143
+        # Check that all instances are in Default SG
2146 2144
         self.show_step(10)
2147
-        ips = []
2148
-        instances = [instance for instance in os_conn.nova.servers.list()
2149
-                     if instance.id in [inst.id for inst in instances_1]]
2150
-        for instance in instances:
2145
+
2146
+        ips_1 = []
2147
+        instances_1 = [instance for instance in os_conn.nova.servers.list()
2148
+                       if instance.id in [inst.id for inst in instances_1]]
2149
+        for instance in instances_1:
2151 2150
             assert_true(instance.security_groups.pop()['name'] == 'default')
2152
-            ips.append(os_conn.get_nova_instance_ip(
2153
-                instance, net_name=self.inter_net_name))
2151
+            ips_1.append(os_conn.get_nova_instance_ip(
2152
+                srv=instance, net_name=self.inter_net_name))
2154 2153
 
2154
+        # Verify that icmp/ssh is enabled between instances (in Default SG)
2155 2155
         self.show_step(11)
2156
-        ip_pair = dict.fromkeys(ips_2)
2157
-        for key in ip_pair:
2158
-            ip_pair[key] = ips
2159
-        openstack.check_connection_through_host(
2160
-            access_point_ip_2, ip_pair,
2161
-            timeout=60 * 5)
2156
+
2157
+        _, access_point_ip_2 = openstack.create_access_point(
2158
+            os_conn=os_conn,
2159
+            nics=[{'net-id': default_net.id}],
2160
+            security_groups=[default_sg['name']])
2161
+
2162
+        openstack.ping_each_other(ips=ips_1 + ips_2,
2163
+                                  timeout=60,
2164
+                                  access_point_ip=access_point_ip_2)
2165
+
2166
+        # Change for some instances Default SG to SG1
2162 2167
         self.show_step(12)
2163
-        self.show_step(13)
2164
-        for instance in instances:
2168
+
2169
+        for instance in instances_1:
2165 2170
             instance.remove_security_group('default')
2166 2171
             instance.add_security_group(sg1.name)
2167
-        for key in ip_pair:
2168
-            ip_pair[key] = [value for value in ips if key != value]
2169
-        openstack.check_connection_through_host(
2170
-            access_point_ip_2, ip_pair,
2171
-            timeout=60 * 2)
2172 2172
 
2173
+        # Verify that icmp/ssh is enabled in SG1
2174
+        self.show_step(13)
2175
+
2176
+        openstack.ping_each_other(ips=ips_1,
2177
+                                  timeout=60,
2178
+                                  access_point_ip=access_point_ip_1)
2179
+
2180
+        # Verify that icmp/ssh isn't allowed between SG1 and Default SG
2173 2181
         self.show_step(14)
2174
-        openstack.check_connection_through_host(
2175
-            access_point_ip_2, ip_pair,
2176
-            result_of_command=1)
2182
+
2183
+        ip_pairs = {ip: ips_2 for ip in ips_1}
2184
+        openstack.check_connection_through_host(remote=access_point_ip_1,
2185
+                                                timeout=60,
2186
+                                                ip_pair=ip_pairs,
2187
+                                                result_of_command=1)
2177 2188
 
2178 2189
     @test(depends_on=[dvs_vcenter_systest_setup],
2179 2190
           groups=["dvs_port_security_group"])

Loading…
Cancel
Save