Merge "validate if the router has external gateway interface set"
This commit is contained in:
Jenkins
Gerrit Code Review
commit
bc4aee36f1
@ -542,7 +542,9 @@ class VPNPluginDb(VPNPluginBase, base_db.CommonDbMixin):
|
|||||||
def _check_router(self, context, router_id):
|
def _check_router(self, context, router_id):
|
||||||
l3_plugin = manager.NeutronManager.get_service_plugins().get(
|
l3_plugin = manager.NeutronManager.get_service_plugins().get(
|
||||||
constants.L3_ROUTER_NAT)
|
constants.L3_ROUTER_NAT)
|
||||||
l3_plugin.get_router(context, router_id)
|
router = l3_plugin.get_router(context, router_id)
|
||||||
|
if not router.get(l3_db.EXTERNAL_GW_INFO):
|
||||||
|
raise vpnaas.RouterIsNotExternal(router_id=router_id)
|
||||||
|
|
||||||
def _check_subnet_id(self, context, router_id, subnet_id):
|
def _check_subnet_id(self, context, router_id, subnet_id):
|
||||||
core_plugin = manager.NeutronManager.get_plugin()
|
core_plugin = manager.NeutronManager.get_plugin()
|
||||||
|
|||||||
@ -85,6 +85,10 @@ class SubnetIsNotConnectedToRouter(qexception.BadRequest):
|
|||||||
"connected to Router %(router_id)s")
|
"connected to Router %(router_id)s")
|
||||||
|
|
||||||
|
|
||||||
|
class RouterIsNotExternal(qexception.BadRequest):
|
||||||
|
message = _("Router %(router_id)s has no external network gateway set")
|
||||||
|
|
||||||
|
|
||||||
vpn_supported_initiators = ['bi-directional', 'response-only']
|
vpn_supported_initiators = ['bi-directional', 'response-only']
|
||||||
vpn_supported_encryption_algorithms = ['3des', 'aes-128',
|
vpn_supported_encryption_algorithms = ['3des', 'aes-128',
|
||||||
'aes-192', 'aes-256']
|
'aes-192', 'aes-256']
|
||||||
|
|||||||
@ -243,18 +243,32 @@ class VPNPluginDbTestCase(test_l3_plugin.L3NatTestCaseMixin,
|
|||||||
router=None,
|
router=None,
|
||||||
admin_state_up=True,
|
admin_state_up=True,
|
||||||
no_delete=False,
|
no_delete=False,
|
||||||
plug_subnet=True, **kwargs):
|
plug_subnet=True,
|
||||||
|
external_subnet_cidr='192.168.100.0/24',
|
||||||
|
external_router=True,
|
||||||
|
**kwargs):
|
||||||
if not fmt:
|
if not fmt:
|
||||||
fmt = self.fmt
|
fmt = self.fmt
|
||||||
with test_db_plugin.optional_ctx(subnet, self.subnet) as tmp_subnet:
|
with contextlib.nested(
|
||||||
with test_db_plugin.optional_ctx(router,
|
test_db_plugin.optional_ctx(subnet, self.subnet),
|
||||||
self.router) as tmp_router:
|
test_db_plugin.optional_ctx(router, self.router),
|
||||||
if plug_subnet:
|
self.subnet(cidr=external_subnet_cidr)) as (tmp_subnet,
|
||||||
self._router_interface_action(
|
tmp_router,
|
||||||
'add',
|
public_sub):
|
||||||
tmp_router['router']['id'],
|
if external_router:
|
||||||
tmp_subnet['subnet']['id'], None)
|
self._set_net_external(
|
||||||
|
public_sub['subnet']['network_id'])
|
||||||
|
self._add_external_gateway_to_router(
|
||||||
|
tmp_router['router']['id'],
|
||||||
|
public_sub['subnet']['network_id'])
|
||||||
|
tmp_router['router']['external_gateway_info'] = {
|
||||||
|
'network_id': public_sub['subnet']['network_id']}
|
||||||
|
if plug_subnet:
|
||||||
|
self._router_interface_action(
|
||||||
|
'add',
|
||||||
|
tmp_router['router']['id'],
|
||||||
|
tmp_subnet['subnet']['id'], None)
|
||||||
|
try:
|
||||||
res = self._create_vpnservice(fmt,
|
res = self._create_vpnservice(fmt,
|
||||||
name,
|
name,
|
||||||
admin_state_up,
|
admin_state_up,
|
||||||
@ -263,20 +277,27 @@ class VPNPluginDbTestCase(test_l3_plugin.L3NatTestCaseMixin,
|
|||||||
subnet_id=(tmp_subnet['subnet']
|
subnet_id=(tmp_subnet['subnet']
|
||||||
['id']),
|
['id']),
|
||||||
**kwargs)
|
**kwargs)
|
||||||
|
vpnservice = self.deserialize(fmt or self.fmt, res)
|
||||||
if res.status_int >= 400:
|
if res.status_int >= 400:
|
||||||
raise webob.exc.HTTPClientError(code=res.status_int)
|
raise webob.exc.HTTPClientError(
|
||||||
try:
|
code=res.status_int, detail=vpnservice)
|
||||||
vpnservice = self.deserialize(fmt or self.fmt, res)
|
yield vpnservice
|
||||||
yield vpnservice
|
finally:
|
||||||
finally:
|
if not no_delete and vpnservice.get('vpnservice'):
|
||||||
if not no_delete:
|
self._delete('vpnservices',
|
||||||
self._delete('vpnservices',
|
vpnservice['vpnservice']['id'])
|
||||||
vpnservice['vpnservice']['id'])
|
if plug_subnet:
|
||||||
if plug_subnet:
|
self._router_interface_action(
|
||||||
self._router_interface_action(
|
'remove',
|
||||||
'remove',
|
tmp_router['router']['id'],
|
||||||
tmp_router['router']['id'],
|
tmp_subnet['subnet']['id'], None)
|
||||||
tmp_subnet['subnet']['id'], None)
|
if external_router:
|
||||||
|
external_gateway = tmp_router['router'].get(
|
||||||
|
'external_gateway_info')
|
||||||
|
if external_gateway:
|
||||||
|
network_id = external_gateway['network_id']
|
||||||
|
self._remove_external_gateway_from_router(
|
||||||
|
tmp_router['router']['id'], network_id)
|
||||||
|
|
||||||
def _create_ipsec_site_connection(self, fmt, name='test',
|
def _create_ipsec_site_connection(self, fmt, name='test',
|
||||||
peer_address='192.168.1.10',
|
peer_address='192.168.1.10',
|
||||||
@ -813,7 +834,7 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
expected)
|
expected)
|
||||||
|
|
||||||
def test_create_vpnservice_with_invalid_router(self):
|
def test_create_vpnservice_with_invalid_router(self):
|
||||||
"""Test case to create a vpnservice with invalid router"""
|
"""Test case to create a vpnservice with other tenant's router"""
|
||||||
with self.network(
|
with self.network(
|
||||||
set_context=True,
|
set_context=True,
|
||||||
tenant_id='tenant_a') as network:
|
tenant_id='tenant_a') as network:
|
||||||
@ -829,6 +850,24 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
expected_res_status=webob.exc.HTTPNotFound.code,
|
expected_res_status=webob.exc.HTTPNotFound.code,
|
||||||
set_context=True, tenant_id='tenant_b')
|
set_context=True, tenant_id='tenant_b')
|
||||||
|
|
||||||
|
def test_create_vpnservice_with_router_no_external_gateway(self):
|
||||||
|
"""Test case to create a vpnservice with inner router"""
|
||||||
|
error_code = 0
|
||||||
|
with self.subnet(cidr='10.2.0.0/24') as subnet:
|
||||||
|
with self.router() as router:
|
||||||
|
router_id = router['router']['id']
|
||||||
|
try:
|
||||||
|
with self.vpnservice(subnet=subnet,
|
||||||
|
router=router,
|
||||||
|
external_router=False):
|
||||||
|
pass
|
||||||
|
except webob.exc.HTTPClientError as e:
|
||||||
|
error_code, error_detail = (
|
||||||
|
e.status_code, e.detail['NeutronError']['message'])
|
||||||
|
self.assertEqual(400, error_code)
|
||||||
|
msg = str(vpnaas.RouterIsNotExternal(router_id=router_id))
|
||||||
|
self.assertEqual(msg, error_detail)
|
||||||
|
|
||||||
def test_create_vpnservice_with_nonconnected_subnet(self):
|
def test_create_vpnservice_with_nonconnected_subnet(self):
|
||||||
"""Test case to create a vpnservice with nonconnected subnet."""
|
"""Test case to create a vpnservice with nonconnected subnet."""
|
||||||
with self.network() as network:
|
with self.network() as network:
|
||||||
@ -959,15 +998,20 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
with contextlib.nested(
|
with contextlib.nested(
|
||||||
self.vpnservice(name='vpnservice1',
|
self.vpnservice(name='vpnservice1',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router),
|
router=router,
|
||||||
|
external_subnet_cidr='192.168.10.0/24',),
|
||||||
self.vpnservice(name='vpnservice2',
|
self.vpnservice(name='vpnservice2',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router,
|
router=router,
|
||||||
plug_subnet=False),
|
plug_subnet=False,
|
||||||
|
external_router=False,
|
||||||
|
external_subnet_cidr='192.168.11.0/24',),
|
||||||
self.vpnservice(name='vpnservice3',
|
self.vpnservice(name='vpnservice3',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router,
|
router=router,
|
||||||
plug_subnet=False)
|
plug_subnet=False,
|
||||||
|
external_router=False,
|
||||||
|
external_subnet_cidr='192.168.13.0/24',)
|
||||||
) as(vpnservice1, vpnservice2, vpnservice3):
|
) as(vpnservice1, vpnservice2, vpnservice3):
|
||||||
self._test_list_with_sort('vpnservice', (vpnservice3,
|
self._test_list_with_sort('vpnservice', (vpnservice3,
|
||||||
vpnservice2,
|
vpnservice2,
|
||||||
@ -981,15 +1025,20 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
with contextlib.nested(
|
with contextlib.nested(
|
||||||
self.vpnservice(name='vpnservice1',
|
self.vpnservice(name='vpnservice1',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router),
|
router=router,
|
||||||
|
external_subnet_cidr='192.168.10.0/24'),
|
||||||
self.vpnservice(name='vpnservice2',
|
self.vpnservice(name='vpnservice2',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router,
|
router=router,
|
||||||
plug_subnet=False),
|
plug_subnet=False,
|
||||||
|
external_subnet_cidr='192.168.20.0/24',
|
||||||
|
external_router=False),
|
||||||
self.vpnservice(name='vpnservice3',
|
self.vpnservice(name='vpnservice3',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router,
|
router=router,
|
||||||
plug_subnet=False)
|
plug_subnet=False,
|
||||||
|
external_subnet_cidr='192.168.30.0/24',
|
||||||
|
external_router=False)
|
||||||
) as(vpnservice1, vpnservice2, vpnservice3):
|
) as(vpnservice1, vpnservice2, vpnservice3):
|
||||||
self._test_list_with_pagination('vpnservice',
|
self._test_list_with_pagination('vpnservice',
|
||||||
(vpnservice1,
|
(vpnservice1,
|
||||||
@ -1004,15 +1053,20 @@ class TestVpnaas(VPNPluginDbTestCase):
|
|||||||
with contextlib.nested(
|
with contextlib.nested(
|
||||||
self.vpnservice(name='vpnservice1',
|
self.vpnservice(name='vpnservice1',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router),
|
router=router,
|
||||||
|
external_subnet_cidr='192.168.10.0/24'),
|
||||||
self.vpnservice(name='vpnservice2',
|
self.vpnservice(name='vpnservice2',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router,
|
router=router,
|
||||||
plug_subnet=False),
|
plug_subnet=False,
|
||||||
|
external_subnet_cidr='192.168.11.0/24',
|
||||||
|
external_router=False),
|
||||||
self.vpnservice(name='vpnservice3',
|
self.vpnservice(name='vpnservice3',
|
||||||
subnet=subnet,
|
subnet=subnet,
|
||||||
router=router,
|
router=router,
|
||||||
plug_subnet=False)
|
plug_subnet=False,
|
||||||
|
external_subnet_cidr='192.168.12.0/24',
|
||||||
|
external_router=False)
|
||||||
) as(vpnservice1, vpnservice2, vpnservice3):
|
) as(vpnservice1, vpnservice2, vpnservice3):
|
||||||
self._test_list_with_pagination_reverse('vpnservice',
|
self._test_list_with_pagination_reverse('vpnservice',
|
||||||
(vpnservice1,
|
(vpnservice1,
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user