x
/
vmware-nsx-tempest-plugin
Code Issues Proposed changes
vmware-nsx-tempest-plugin/vmware_nsx_tempest_plugin/tests/uni-scale/test_provider_sec_gw_uni_di...

148 lines
6.6 KiB
Python
Raw Blame History

# Copyright 2018 VMware Inc
# All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import re
from tempest import config
from tempest.lib import decorators
from vmware_nsx_tempest_plugin.lib import feature_manager
from vmware_nsx_tempest_plugin.services import nsxv3_client
from vmware_nsx_tempest_plugin.services import nsxv_client
from oslo_log import log as logging
CONF = config.CONF
LOG = logging.getLogger(__name__)
class ProviderSecGrpUnidimensionalScaleTest(feature_manager.FeatureManager):
"""Test Uni Dimesional Case for
Logical-security-groups
Logical-security-group-rules
"""
@classmethod
def setup_clients(cls):
super(ProviderSecGrpUnidimensionalScaleTest, cls).setup_clients()
cls.cmgr_adm = cls.get_client_manager('admin')
cls.cmgr_alt = cls.get_client_manager('alt')
cls.cmgr_adm = cls.get_client_manager('admin')
@classmethod
def resource_setup(cls):
super(ProviderSecGrpUnidimensionalScaleTest, cls).resource_setup()
if CONF.network.backend == "nsxv3":
cls.nsx = nsxv3_client.NSXV3Client(CONF.nsxv3.nsx_manager,
CONF.nsxv3.nsx_user,
CONF.nsxv3.nsx_password)
elif CONF.network.backend == "nsxv":
manager_ip = re.search(r"(\d{1,3}\.){3}\d{1,3}",
CONF.nsxv.manager_uri).group(0)
cls.vsm = nsxv_client.VSMClient(
manager_ip, CONF.nsxv.user, CONF.nsxv.password)
def _create_topology_tier1_with_vms(self, no_of_entites, no_of_ports):
name = 'pro-sec-router'
router = self.create_topology_router(router_name=name)
for i in range(no_of_entites):
name = 'uniscale-%s-net' % i
network = self.create_topology_network(network_name=name)
sub_name = 'uniscale-%s-sub' % i
self.create_topology_subnet(
sub_name,
network,
router_id=router['id'])
self.create_topology_instance(
"server_pro_%s" % i, [network])
for j in range(no_of_ports):
kwargs = {"port_security_enabled": "true",
"security_groups": []}
self.create_topology_port(
network, ports_client=self.cmgr_adm.ports_client, **kwargs)
def _create_scale_logical_security_groups(self, scale):
i = 100
for num in range(scale):
sg = self.create_topology_security_provider_group(self.cmgr_adm,
provider=True)
sw_rules = [dict(direction='ingress', protocol='icmp',
port_range_min=i + 1,
port_range_max=i + 1, )]
for rule in sw_rules:
self.add_security_group_rule(sg, rule)
provider_sec = self.security_group_rules_client.list_security_groups(
)
error_msg = "Neutron provider sec group doesn't created"
self.assertIsNotNone(len(provider_sec), error_msg)
nsx_firewall = self.nsx.get_firewall_sections()
sec_group = [dfw for dfw in nsx_firewall
if sg['name'] in dfw['display_name']][0]
self.assertIsNotNone(len(sec_group))
nsx_firewall = self.nsx.get_firewall_section_rules(sec_group)
scale_firewall_rule = [dfw for dfw in nsx_firewall
if dfw['id'] is not None]
self.assertIsNotNone(len(scale_firewall_rule))
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('a12264a2-daab-451f-ad3b-f0713a390123')
def test_create_10_provider_groups_100_ports_1_switch(self):
self._create_scale_logical_security_groups(10)
self._create_topology_tier1_with_vms(1, 100)
# Check vms connectivity from outside world when provider-sec group enabled
self.ping_between_vms_different_router_uniscale(icmp_succeed=False)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('b1222b0f-4593-4509-8998-a3002ce63231')
def test_create_10_provider_groups_1000_ports_1_switch(self):
self._create_scale_logical_security_groups(10)
self._create_topology_tier1_with_vms(1, 1000)
# Check vms connectivity from outside world when provider-sec group enabled
self.ping_between_vms_different_router_uniscale(icmp_succeed=False)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('b1222b0f-4593-4509-8998-a3002ce63981')
def test_create_100_provider_groups_100_ports_1_switch(self):
self._create_scale_logical_security_groups(100)
self._create_topology_tier1_with_vms(1, 100)
# Check vms connectivity from outside world when provider-sec group enabled
self.ping_between_vms_different_router_uniscale(icmp_succeed=False)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('b1222b0f-4593-4509-8998-a3002ce63009')
def test_create_100_provider_groups_1000_ports_1_switch(self):
self._create_scale_logical_security_groups(100)
self._create_topology_tier1_with_vms(1, 1000)
# Check vms connectivity from outside world when provider-sec group enabled
self.ping_between_vms_different_router_uniscale(icmp_succeed=False)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('b1222b0f-4593-4509-8998-a3002ce63341')
def test_create_10_provider_groups_100_ports_switch_10(self):
self._create_scale_logical_security_groups(10)
self._create_topology_tier1_with_vms(10, 100)
# Check vms connectivity from outside world when provider-sec group enabled
self.ping_between_vms_different_router_uniscale(icmp_succeed=False)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('b1222b0f-4593-4509-8998-a3002c345406')
def test_create_1000_provider_groups_100_ports_10_switch(self):
self._create_scale_logical_security_groups(1000)
self._create_topology_tier1_with_vms(10, 100)
# Check vms connectivity from outside world when provider-sec group enabled
self.ping_between_vms_different_router_uniscale(icmp_succeed=False)
View Git Blame Copy Permalink