x
/
vmware-nsx-tempest-plugin
Code Issues Proposed changes

CiBot fixes for policy plugin 

Router, Security, Mac Learning suite

Change-Id: Ia828bf0804f834c8bec7d037fe2ca73bead07a3d
This commit is contained in:
Shubham Naik 2021-08-16 15:08:16 +00:00
parent 600b4b3322
commit 47a82b37ff
4 changed files with 168 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
vmware_nsx_tempest_plugin/services/nsxp_client.py
View File

@ -442,6 +442,13 @@ class NSXPClient(object):
endpoint = "qos-profiles"
return self.get_logical_resources(endpoint)
def get_mac_discovery_profiles(self):
"""
Get all user defined mac-discovery-profiles
"""
endpoint = "mac-discovery-profiles"
return self.get_logical_resources(endpoint)
def get_qos_profile(self, os_name, os_uuid):
"""
Get the qos-profile based on the name and uuid provided.
@ -458,6 +465,17 @@ class NSXPClient(object):
qos_profile = self.get_qos_profiles()
return self.get_nsx_resource_by_name(qos_profile, nsx_name)
def get_mac_discovery_profile(self, os_name):
"""
Get the mac-discovery-profile based on the name and uuid provided.
The name of the mac-discovery-profile should follow
<os_network_name>_<first 5 os uuid>...<last 5 os uuid>
Return mac-discovery-profile if found, otherwise return None
"""
mac_discovery__profile = self.get_mac_discovery_profiles()
return self.get_nsx_resource_by_name(mac_discovery__profile, os_name)
def get_logical_ports(self, nsx_network):
"""
Retrieve all logical ports of segments on NSX backend
@ -493,6 +511,21 @@ class NSXPClient(object):
response = self.get(endpoint)
return response.json()['results']
def get_port_mac_profile_binding_map(self, segment_id, port_id):
"""
Get the mac discovery profile associated with the port.
Return mac discovery profile id if found, otherwise return None
"""
if not segment_id or not port_id:
LOG.error("segment id and port id need to be present in order "
"to query backend port MAC Discovery Profiles!")
return None
endpoint = "segments/%s/ports/%s/port-discovery-profile-binding-maps"\
% (segment_id, port_id)
response = self.get(endpoint)
return response.json()['results']
def get_neutron_ns_group_id(self):
"""
Retrieve NSGroup Id

118
vmware_nsx_tempest_plugin/tests/nsxv3/api/test_nsx_mac_learning.py
View File

@ -20,6 +20,7 @@ from tempest.lib import decorators
from tempest.lib import exceptions as ex
from vmware_nsx_tempest_plugin.common import constants
from vmware_nsx_tempest_plugin.services import nsxp_client
from vmware_nsx_tempest_plugin.services import nsxv3_client
CONF = config.CONF
@ -51,26 +52,54 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
CONF.nsxv3.nsx_user,
CONF.nsxv3.nsx_password)
cls.nsxp = nsxp_client.NSXPClient(CONF.nsxv3.nsx_manager,
CONF.nsxv3.nsx_user,
CONF.nsxv3.nsx_password)
def _get_nsx_mac_learning_enabled(self, port):
mac_learn_set_bool = False
if CONF.network.backend == 'nsxp':
# Get nsxp segment details
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
# Get nsxp ports details
nsx_port = self.nsxp.get_logical_port(port['name'], nsx_network)
# Get nsxp mac profile ID details
nsx_mac_profile_id = self.nsxp.get_port_mac_profile_binding_map(
nsx_network['id'],
nsx_port['id'])[0]['mac_discovery_profile_path'].split('/')[-1]
# Get nsxp mac discovery profile details
nsx_mac_profile = self.nsxp.get_mac_discovery_profile(
nsx_mac_profile_id)
# Get mac-learning state for port
nsxport_mac_learning_p = nsx_mac_profile['mac_learning_enabled']
self.assertIsNotNone(nsx_mac_profile['realization_id'])
# Get nsxv3 port(expects 'name' set)
nsx_port = self.nsx.get_logical_port(port['name'])
# Get list of logical port's switch profiles
port_swtch_profs = nsx_port['switching_profile_ids']
# Convert switch profiles list to dict, key:UUID
port_sw_prof_dict = self._conv_switch_prof_to_dict(port_swtch_profs)
port_sw_prof_dict = self._conv_switch_prof_to_dict(
port_swtch_profs)
# Get MAC learning switch profile ID
mac_sw_prof_id = port_sw_prof_dict[constants.MAC_SW_PROFILE]
# Get MAC learning switch profile json
mac_sw_profile_json = self.nsx.get_switching_profile(mac_sw_prof_id)
mac_sw_profile_json = self.nsx.get_switching_profile(
mac_sw_prof_id)
mac_learn_set_bool = False
# Get mac-learning state for port
if ('mac_learning' in mac_sw_profile_json):
nsxport_mac_learning = mac_sw_profile_json[
nsxport_mac_learning_v3 = mac_sw_profile_json[
'mac_learning']['enabled']
if nsxport_mac_learning:
mac_learn_set_bool = True
return mac_learn_set_bool
if nsxport_mac_learning_v3:
mac_learn_set_bool_v3 = True
if CONF.network.backend == 'nsxp':
if nsxport_mac_learning_p:
mac_learn_set_bool_p = True
if mac_learn_set_bool_p and mac_learn_set_bool_v3:
mac_learn_set_bool = True
return mac_learn_set_bool
return mac_learn_set_bool_v3
def _create_mac_learn_enabled_port(self, network):
# Create Port with required port security/sec groups config
@ -169,6 +198,14 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
self._check_mac_learning(mac_lrn_port, mac_learn_state=True)
self._check_mac_learning(vanilla_port, mac_learn_state=False)
body = self.ports_client.list_ports()
if CONF.network.backend == 'nsxp':
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
nill_nsx = self.nsxp.get_logical_port(vanilla_port['name'],
nsx_network)
ml_port_nsx = self.nsxp.get_logical_port(mac_lrn_port['name'],
nsx_network)
self.assertIsNotNone(ml_port_nsx['realization_id'])
nill_nsx = self.nsx.get_logical_port(vanilla_port['name'])
ml_port_nsx = self.nsx.get_logical_port(mac_lrn_port['name'])
test_ports_in_body = []
@ -189,10 +226,14 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
on the MAC enabled port.
"""
port = self._create_mac_learn_enabled_port(self.network)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
self.addCleanup(test_utils.call_and_ignore_notfound_exc,
self._delete_port, port)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
nsx_port = self.nsxp.get_logical_port(port['name'], nsx_network)
self.assertIsNotNone(nsx_port['realization_id'])
nsx_port = self.nsx.get_logical_port(port['name'])
nsxport_mac_learning = self._get_nsx_mac_learning_enabled(port)
body = self.ports_client.show_port(port['id'])
@ -228,7 +269,13 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
name=update_port_name)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
updated_nsx_port = self.nsx.get_logical_port(updated_os_port['name'])
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
updated_nsx_port = self.nsxp.get_logical_port(
updated_os_port['name'], nsx_network)
self.assertIsNotNone(updated_nsx_port['realization_id'])
updated_nsx_port = self.nsx.get_logical_port(
updated_os_port['name'])
# Assert if NSXT and OS names do not match
self.assertEqual(updated_nsx_port['display_name'],
updated_os_port['name'],
@ -249,10 +296,15 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
NSX and OS. Delete port.
"""
test_port = self._create_mac_learn_enabled_port(self.network)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
self.addCleanup(test_utils.call_and_ignore_notfound_exc,
self._delete_port, test_port)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
nsx_port = self.nsxp.get_logical_port(test_port['name'],
nsx_network)
self.assertIsNotNone(nsx_port['realization_id'])
nsx_port = self.nsx.get_logical_port(test_port['name'])
# Check created port name matches name on NSXT and NSXT id exists
self.assertIsNotNone(nsx_port['id'],
@ -262,8 +314,13 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
self._delete_port(test_port)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
self.assertIsNone(self.nsx.get_logical_port(test_port['name']),
"Port %s is not None" % test_port['name'])
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
self.assertIsNone(self.nsxp.get_logical_port(
test_port['name'], nsx_network),
"Port %s is not None" % test_port['name'])
self.assertIsNone(self.nsx.get_logical_port(
test_port['name']), "Port %s is not None" % test_port['name'])
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('5105d8b5-5136-4789-9991-7e419d980169')
@ -289,8 +346,14 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
self._delete_port(updated_os_port)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
self.assertIsNone(self.nsx.get_logical_port(updated_os_port['name']),
"Port %s is not None" % updated_os_port['name'])
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
self.assertIsNone(self.nsxp.get_logical_port(
updated_os_port['name'], nsx_network),
"Port %s is not None" % updated_os_port['name'])
self.assertIsNone(self.nsx.get_logical_port(
updated_os_port['name']),
"Port %s is not None" % updated_os_port['name'])
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('b7ecc93d-6c9b-4958-9a08-bc85d2946c03')
@ -320,8 +383,14 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
self._delete_port(ml_on_port)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
self.assertIsNone(self.nsx.get_logical_port(ml_on_port['name']),
"Port %s is not None" % ml_on_port['name'])
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
self.assertIsNone(self.nsxp.get_logical_port(
ml_on_port['name'], nsx_network),
"Port %s is not None" % ml_on_port['name'])
self.assertIsNone(self.nsx.get_logical_port(
ml_on_port['name']),
"Port %s is not None" % ml_on_port['name'])
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('262e844f-a033-4fcd-b5d0-4641d9efeccd')
@ -339,6 +408,11 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
name=new_port_name)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
updated_nsx_port = self.nsxp.get_logical_port(
updated_port['name'], nsx_network)
self.assertIsNotNone(updated_nsx_port['realization_id'])
updated_nsx_port = self.nsx.get_logical_port(updated_port['name'])
self.assertEqual(updated_nsx_port['display_name'],
updated_port['name'],
@ -346,8 +420,14 @@ class NSXv3MacLearningTest(base.BaseNetworkTest):
self._delete_port(updated_port)
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
self.assertIsNone(self.nsx.get_logical_port(updated_port['name']),
"Logical port %s is not None" % updated_port['name'])
nsx_network = self.nsxp.get_logical_switch(self.network['name'],
self.network['id'])
self.assertIsNone(self.nsxp.get_logical_port(
updated_port['name'], nsx_network),
"Port %s is not None" % updated_port['name'])
self.assertIsNone(self.nsx.get_logical_port(
updated_port['name']),
"Port %s is not None" % updated_port['name'])
@decorators.attr(type='nsxv3')
@decorators.attr(type='negative')

28
vmware_nsx_tempest_plugin/tests/nsxv3/api/test_nsx_routers.py
View File

@ -66,6 +66,7 @@ class NSXv3RoutersTest(base.BaseAdminNetworkTest):
nsx_router = self.nsxp.get_logical_router(router['name'],
router['id'])
self.assertIsNotNone(nsx_router)
self.assertIsNotNone(nsx_router['realization_id'])
nsx_router = self.nsx.get_logical_router(router['name'],
router['id'])
self.assertEqual(router['name'], router_name)
@ -82,6 +83,7 @@ class NSXv3RoutersTest(base.BaseAdminNetworkTest):
nsx_router = self.nsxp.get_logical_router(updated_router['name'],
updated_router['id'])
self.assertIsNotNone(nsx_router)
self.assertIsNotNone(nsx_router['realization_id'])
nsx_router = self.nsx.get_logical_router(updated_router['name'],
updated_router['id'])
self.assertEqual(updated_router['name'], updated_name)
@ -98,6 +100,7 @@ class NSXv3RoutersTest(base.BaseAdminNetworkTest):
nsx_router = self.nsxp.get_logical_router(router['name'],
router['id'])
self.assertIsNotNone(nsx_router)
self.assertIsNotNone(nsx_router['realization_id'])
nsx_router = self.nsx.get_logical_router(router['name'],
router['id'])
self.assertEqual(router['name'], router_name)
@ -134,14 +137,13 @@ class NSXv3RoutersTest(base.BaseAdminNetworkTest):
nsx_router = self.nsxp.get_logical_router(body['name'], body['id'])
self.assertEqual(body['name'], router_name)
self.assertIsNotNone(nsx_router)
self.assertIsNotNone(nsx_router['realization_id'])
self.assertEqual(nsx_router.get('enable_standby_relocation'), True)
nsx_router = self.nsx.get_logical_router(body['name'], body['id'])
self.assertEqual(body['name'], router_name)
self.assertIsNotNone(nsx_router)
self.assertEqual(
nsx_router.get('allocation_profile').get(
'enable_standby_relocation'), True)
self.assertEqual(nsx_router.get('allocation_profile').get(
'enable_standby_relocation'), True)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('6f49b69c-0830-4c83-b1f8-5953e6bfeea5')
@ -157,14 +159,14 @@ class NSXv3RoutersTest(base.BaseAdminNetworkTest):
nsx_router = self.nsxp.get_logical_router(body['name'], body['id'])
self.assertEqual(body['name'], router_name)
self.assertIsNotNone(nsx_router)
self.assertIsNotNone(nsx_router['realization_id'])
self.assertEqual(nsx_router.get(
'enable_standby_relocation'), False)
nsx_router = self.nsx.get_logical_router(body['name'], body['id'])
self.assertEqual(body['name'], router_name)
self.assertIsNotNone(nsx_router)
self.assertEqual(
nsx_router.get('allocation_profile').get(
'enable_standby_relocation'), False)
self.assertEqual(nsx_router.get('allocation_profile').get(
'enable_standby_relocation'), False)
public_network_info = {"external_gateway_info":
dict(network_id=CONF.network.public_network_id)}
@ -175,13 +177,13 @@ class NSXv3RoutersTest(base.BaseAdminNetworkTest):
nsx_router = self.nsxp.get_logical_router(body['name'], body['id'])
self.assertEqual(body['name'], router_name)
self.assertIsNotNone(nsx_router)
self.assertIsNotNone(nsx_router['realization_id'])
self.assertEqual(nsx_router.get('enable_standby_relocation'), True)
nsx_router = self.nsx.get_logical_router(body['name'], body['id'])
self.assertEqual(body['name'], router_name)
self.assertIsNotNone(nsx_router)
self.assertEqual(
nsx_router.get('allocation_profile').get(
'enable_standby_relocation'), True)
self.assertEqual(nsx_router.get('allocation_profile').get(
'enable_standby_relocation'), True)
public_network_info = {"external_gateway_info": {}}
self.routers_client.update_router(body['id'], **public_network_info)
@ -191,11 +193,11 @@ class NSXv3RoutersTest(base.BaseAdminNetworkTest):
nsx_router = self.nsxp.get_logical_router(body['name'], body['id'])
self.assertEqual(body['name'], router_name)
self.assertIsNotNone(nsx_router)
self.assertIsNotNone(nsx_router['realization_id'])
self.assertEqual(nsx_router.get(
'enable_standby_relocation'), False)
nsx_router = self.nsx.get_logical_router(body['name'], body['id'])
self.assertEqual(body['name'], router_name)
self.assertIsNotNone(nsx_router)
self.assertEqual(
nsx_router.get('allocation_profile').get(
'enable_standby_relocation'), False)
self.assertEqual(nsx_router.get('allocation_profile').get(
'enable_standby_relocation'), False)

38
vmware_nsx_tempest_plugin/tests/nsxv3/api/test_nsx_security_groups.py
View File

@ -103,10 +103,12 @@ class NSXv3SecGroupTest(base.BaseSecGroupTest):
secgroup['name'], secgroup['id'],
os_tenant_id=tenant_id)
self.assertIsNotNone(nsx_nsgroup_policy)
self.assertIsNotNone(nsx_nsgroup_policy['realization_id'])
nsx_dfw_section_policy = self.nsxp.get_firewall_section(
secgroup['name'], secgroup['id'],
os_tenant_id=tenant_id)
self.assertIsNotNone(nsx_dfw_section_policy, dfw_error_msg)
self.assertIsNotNone(nsx_dfw_section_policy['realization_id'])
nsx_nsgroup = self.nsx.get_ns_group(
secgroup['name'], secgroup['id'], nsxp=True,
os_tenant_id=tenant_id)
@ -159,9 +161,9 @@ class NSXv3SecGroupTest(base.BaseSecGroupTest):
nsx_dfw_section_policy,
secgroup_rule['id'], 'default')
self.assertIsNotNone(nsx_dfw_rule)
self.assertIsNotNone(nsx_dfw_rule['realization_id'])
nsx_dfw_rule = self.nsx.get_firewall_section_rule(
nsx_dfw_section,
secgroup_rule['id'])
nsx_dfw_section, secgroup_rule['id'])
self.assertIsNotNone(nsx_dfw_rule)
# Delete the security group rule
client.delete_security_group_rule(secgroup_rule['id'])
@ -172,8 +174,7 @@ class NSXv3SecGroupTest(base.BaseSecGroupTest):
secgroup_rule['id'], 'default')
self.assertIsNone(nsx_dfw_rule)
nsx_dfw_rule = self.nsx.get_firewall_section_rule(
nsx_dfw_section,
secgroup_rule['id'])
nsx_dfw_section, secgroup_rule['id'])
self.assertIsNone(nsx_dfw_rule)
@decorators.attr(type='nsxv3')
@ -241,15 +242,19 @@ class NSXv3SecGroupTest(base.BaseSecGroupTest):
secgroup['name'], secgroup['id'],
os_tenant_id='default')
self.assertIsNone(nsx_nsgroup_policy)
self.assertIsNotNone(nsx_nsgroup_policy['realization_id'])
nsx_dfw_section_policy = self.nsxp.get_firewall_section(
secgroup['name'], secgroup['id'],
os_tenant_id='default')
self.assertIsNone(nsx_dfw_section_policy, dfw_error_msg)
nsx_nsgroup = self.nsx.get_ns_group(
self.assertIsNotNone(nsx_dfw_section_policy['realization_id'])
nsx_nsgroup = self.nsxp.get_ns_group(
secgroup['name'], secgroup['id'], nsxp=True,
os_tenant_id='default')
nsx_dfw_section = self.nsx.get_firewall_section(
self.assertIsNotNone(nsx_nsgroup['realization_id'])
nsx_dfw_section = self.nsxp.get_firewall_section(
secgroup['name'], secgroup['id'], nsxp=True)
self.assertIsNotNone(nsx_dfw_section['realization_id'])
else:
nsx_nsgroup = self.nsx.get_ns_group(secgroup['name'],
secgroup['id'])
@ -309,9 +314,9 @@ class NSXv3SecGroupTest(base.BaseSecGroupTest):
nsx_dfw_section_policy,
secgroup_rule['id'], 'default')
self.assertIsNotNone(nsx_dfw_rule)
self.assertIsNotNone(nsx_dfw_rule['realization_id'])
nsx_dfw_rule = self.nsx.get_firewall_section_rule(
nsx_dfw_section,
secgroup_rule['id'])
nsx_dfw_section, secgroup_rule['id'])
self.assertIsNotNone(nsx_dfw_rule)
expected_rule = {
'display_name': secgroup_rule['id'],
@ -361,12 +366,11 @@ class NSXv3SecGroupTest(base.BaseSecGroupTest):
if CONF.network.backend == 'nsxp':
time.sleep(constants.NSXP_BACKEND_SMALL_TIME_INTERVAL)
nsx_dfw_rule = self.nsxp.get_firewall_section_rule(
nsx_dfw_section_policy,
secgroup_rule['id'], 'default')
nsx_dfw_section_policy, secgroup_rule['id'], 'default')
self.assertIsNotNone(nsx_dfw_rule)
self.assertIsNotNone(nsx_dfw_rule['realization_id'])
nsx_dfw_rule = self.nsx.get_firewall_section_rule(
nsx_dfw_section,
secgroup_rule['id'])
nsx_dfw_section, secgroup_rule['id'])
self.assertIsNotNone(nsx_dfw_rule)
# Delete the security group rule
client.delete_security_group_rule(secgroup_rule['id'])
@ -377,8 +381,7 @@ class NSXv3SecGroupTest(base.BaseSecGroupTest):
secgroup_rule['id'], 'default')
self.assertIsNone(nsx_dfw_rule)
nsx_dfw_rule = self.nsx.get_firewall_section_rule(
nsx_dfw_section,
secgroup_rule['id'])
nsx_dfw_section, secgroup_rule['id'])
self.assertIsNone(nsx_dfw_rule)
@decorators.idempotent_id('c7d434f6-3553-5c8e-bd95-8b1f0a860fb4')
@ -418,8 +421,9 @@ class NSXv3SecGroupTest(base.BaseSecGroupTest):
nsx_dfw_section_policy,
secgroup_rule['id'], 'default')
self.assertIsNotNone(nsx_dfw_rule)
self.assertIsNotNone(nsx_dfw_rule['realization_id'])
nsx_dfw_rule = self.nsx.get_firewall_section_rule(
nsx_dfw_section,
secgroup_rule['id'])
nsx_dfw_section, secgroup_rule['id'])
self.assertIsNotNone(nsx_dfw_rule)
self.assertEqual(nsx_dfw_rule['rule_tag'], secgroup_rule['project_id'])
self.assertEqual(nsx_dfw_rule['rule_tag'],
secgroup_rule['project_id'])