Octavia testcases for allowed_cidr and L7policy creation and listing

Change-Id: I426e684ac80e53e79733d6453d05ca63d217abc8
This commit is contained in:
pbharathbhu 2020-03-19 14:17:03 +00:00
parent dc923060ef
commit 9cda2fadef
3 changed files with 416 additions and 7 deletions

View File

@ -157,6 +157,18 @@ class FeatureManager(traffic_manager.IperfManager,
net_client.region, net_client.region,
net_client.endpoint_type, net_client.endpoint_type,
**_params) **_params)
cls.octavia_admin_l7policies_client = openstack_network_clients.\
OctaviaL7PolicyClient(net_client.auth_provider,
net_client.service,
net_client.region,
net_client.endpoint_type,
**_params)
cls.octavia_admin_l7rules_client = openstack_network_clients.\
OctaviaL7RulesClient(net_client.auth_provider,
net_client.service,
net_client.region,
net_client.endpoint_type,
**_params)
net_client.service = 'dns' net_client.service = 'dns'
cls.zones_v2_client = openstack_network_clients.ZonesV2Client( cls.zones_v2_client = openstack_network_clients.ZonesV2Client(
net_client.auth_provider, net_client.auth_provider,
@ -1546,7 +1558,13 @@ class FeatureManager(traffic_manager.IperfManager,
vip_port_id=None, persistence=False, vip_port_id=None, persistence=False,
persistence_type=None, persistence_type=None,
session_persistence=None, session_persistence=None,
persistence_cookie_name=None): persistence_cookie_name=None,
allowed_cidrs=None, l7policy=False, action=None,
redirect_url=None, l7rule=False,
compare_type=None,
type=None, value=None, barbican=False,
barbican_container=None, invert=None
):
count = 0 count = 0
lb_name = None lb_name = None
if persistence: if persistence:
@ -1567,12 +1585,31 @@ class FeatureManager(traffic_manager.IperfManager,
)['loadbalancer'] )['loadbalancer']
lb_id = self.loadbalancer['id'] lb_id = self.loadbalancer['id']
self.octavia_admin_client.wait_for_load_balancer_status(lb_id) self.octavia_admin_client.wait_for_load_balancer_status(lb_id)
if barbican:
tls_id = barbican_container["container_ref"]
else:
tls_id = None
self.listener = self.octavia_admin_listener_client.\ self.listener = self.octavia_admin_listener_client.\
create_octavia_listener(loadbalancer_id=lb_id, create_octavia_listener(loadbalancer_id=lb_id,
protocol=protocol_type, protocol=protocol_type,
protocol_port=protocol_port, protocol_port=protocol_port,
name=lb_name)['listener'] name=lb_name,
allowed_cidrs=allowed_cidrs,
default_tls_container_ref=tls_id
)['listener']
self.octavia_admin_client.wait_for_load_balancer_status(lb_id) self.octavia_admin_client.wait_for_load_balancer_status(lb_id)
if l7policy and action != 'REDIRECT_TO_POOL':
l7p = self.octavia_admin_l7policies_client.\
create_octavia_l7policies(listener_id=self.listener['id'],
name='l7p', action=action,
redirect_url=redirect_url)
self.octavia_admin_client.wait_for_load_balancer_status(lb_id)
if l7rule:
l7p_id = l7p['l7policy']['id']
self.octavia_admin_l7rules_client.create_octavia_l7rules(
l7policy_id=l7p_id, compare_type=compare_type, value=value,
type=type, invert=invert)
self.octavia_admin_client.wait_for_load_balancer_status(lb_id)
if default_pool: if default_pool:
self.pool = self.octavia_admin_pools_client.\ self.pool = self.octavia_admin_pools_client.\
create_octavia_pool(loadbalancer_id=lb_id, create_octavia_pool(loadbalancer_id=lb_id,
@ -1586,6 +1623,8 @@ class FeatureManager(traffic_manager.IperfManager,
listener_id=self.listener['id']) listener_id=self.listener['id'])
self.octavia_admin_client.wait_for_load_balancer_status(lb_id) self.octavia_admin_client.wait_for_load_balancer_status(lb_id)
else: else:
if barbican:
protocol_type = pool_protocol
self.pool = self.octavia_admin_pools_client.\ self.pool = self.octavia_admin_pools_client.\
create_octavia_pool(listener_id=self.listener['id'], create_octavia_pool(listener_id=self.listener['id'],
lb_algorithm=lb_algorithm, lb_algorithm=lb_algorithm,
@ -1596,8 +1635,9 @@ class FeatureManager(traffic_manager.IperfManager,
pool_id = self.pool['pool']['id'] pool_id = self.pool['pool']['id']
if hm_type: if hm_type:
self.healthmonitor = self.octavia_hm_client.\ self.healthmonitor = self.octavia_hm_client.\
create_octavia_hm(pool_id=pool_id, type=hm_type, delay=2, create_octavia_hm(pool_id=pool_id, type=hm_type, delay=delay,
timeout=2, max_retries=2, name=lb_name) timeout=timeout, max_retries=max_retries,
name=lb_name)
self.octavia_admin_client.wait_for_load_balancer_status(lb_id) self.octavia_admin_client.wait_for_load_balancer_status(lb_id)
self.members = [] self.members = []
for server_name in self.topology_servers.keys(): for server_name in self.topology_servers.keys():
@ -1682,7 +1722,7 @@ class FeatureManager(traffic_manager.IperfManager,
timeout=None, default_pool=False, timeout=None, default_pool=False,
vip_port_id=None, scale=None, vip_port_id=None, scale=None,
listener_count=None, pool_count=None, listener_count=None, pool_count=None,
lb_pool=False): lb_pool=False, allowed_cidrs=None):
count = 0 count = 0
lb_name = None lb_name = None
lb_name = data_utils.rand_name(self.namestart) lb_name = data_utils.rand_name(self.namestart)
@ -1706,7 +1746,9 @@ class FeatureManager(traffic_manager.IperfManager,
create_octavia_listener(loadbalancer_id=lb_id, create_octavia_listener(loadbalancer_id=lb_id,
protocol=protocol_type, protocol=protocol_type,
protocol_port=protocol_port, protocol_port=protocol_port,
name=lb_name)['listener'] name=lb_name,
allowed_cidrs=allowed_cidrs
)['listener']
self.octavia_admin_client.wait_for_load_balancer_status(lb_id) self.octavia_admin_client.wait_for_load_balancer_status(lb_id)
l_id = self.listener['id'] l_id = self.listener['id']
for x in range(pool_count): for x in range(pool_count):

View File

@ -731,7 +731,7 @@ class OctaviaListenersClient(base.BaseNetworkClient):
resource_base_path = '/%s' % path resource_base_path = '/%s' % path
resource_object_path = '/%s/%%s' % path resource_object_path = '/%s/%%s' % path
def create_octavia_listener(self, **kwargs): def create_octavia_listener(self, allowed_cidrs, **kwargs):
uri = self.resource_base_path uri = self.resource_base_path
post_data = {self.resource: kwargs} post_data = {self.resource: kwargs}
return self.create_resource(uri, post_data) return self.create_resource(uri, post_data)
@ -816,3 +816,43 @@ class OctaviaMembersClient(base.BaseNetworkClient):
def delete_octavia_member(self, pool_id, member_id): def delete_octavia_member(self, pool_id, member_id):
uri = self.resource_object_path % (pool_id, member_id) uri = self.resource_object_path % (pool_id, member_id)
return self.delete_resource(uri) return self.delete_resource(uri)
class OctaviaL7PolicyClient(base.BaseNetworkClient):
"""
The Client is responsible for
Creating members for the pool
Deleting members from the pool
"""
resource = 'l7policy'
resource_plural = 'l7policies'
path = 'lbaas/l7policies'
resource_base_path = '/lbaas/l7policies'
resource_object_path = '/lbaas/l7policies/%s'
def create_octavia_l7policies(self, **kwargs):
uri = self.resource_base_path
post_data = {self.resource: kwargs}
return self.create_resource(uri, post_data)
def list_octavia_l7policies(self, listener_id, **filters):
uri = self.resource_base_path
return self.list_resources(uri, **filters)
def delete_octavia_l7policy(self, l7policy_id):
uri = self.resource_object_path % l7policy_id
return self.delete_resource(uri)
class OctaviaL7RulesClient(base.BaseNetworkClient):
"""
The Client is responsible for create, list, delete,
update rules for l7 policies for a listener.
"""
resource = 'rule'
resource_base_path = '/lbaas/l7policies/%s/rules'
def create_octavia_l7rules(self, l7policy_id, **kwargs):
uri = self.resource_base_path % l7policy_id
post_data = {self.resource: kwargs}
return self.create_resource(uri, post_data)

View File

@ -266,3 +266,330 @@ class OctaviaRoundRobin(feature_manager.FeatureManager):
persistence_type="SOURCE_IP") persistence_type="SOURCE_IP")
self.check_lbaas_project_weight_values(constants.NO_OF_VMS_2, self.check_lbaas_project_weight_values(constants.NO_OF_VMS_2,
hash_persistence=True) hash_persistence=True)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('c5ac8546-6768-4b7a-8704-3844b11b1a34')
def test_create_verify_lb_rr_with_allowed_cidr_on_listener(self):
"""
The Loadbalancer listener is created with allowed_cidrs specified
"""
diction = self.deploy_octavia_topology()
cidr_list = ['192.92.0.0/24', '192.94.0.0/16']
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP", protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
allowed_cidrs=cidr_list)
self.check_project_lbaas()
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c8546-6768-4b7a-8704-3844b11b1a34')
def test_create_verify_lb_rr_with_allowed_cidr_0_0_0_0_on_listener(self):
"""
The Loadbalancer listener is created with allowed_cidrs specified
"""
diction = self.deploy_octavia_topology()
cidr_list = ['0.0.0.0/0']
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP", protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
allowed_cidrs=cidr_list)
self.check_project_lbaas()
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c5468-6768-4b7a-8704-3844b11b1a34')
def test_create_REJECT_l7policies_listeneres(self):
"""
The Loadbalancer listener is created with allowed_cidrs specified
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
l7policy=True, action='REJECT')
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c4368-6768-4b7a-8704-3844b11b1a34')
def test_create_REDIRECT_TO_URL_l7policies_listeneres(self):
"""
The Loadbalancer listener is created with redirect_url l7policy
with no url specified.
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
l7policy=True,
action='REDIRECT_TO_URL')
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c4368-6768-4b7a-8704-3844b11b1b34')
def test_create_REDIRECT_TO_URL_url_l7policies_listeneres(self):
"""
The Loadbalancer listener is created with redirect_url l7policy
with url specified.
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
l7policy=True,
action='REDIRECT_TO_URL',
redirect_url='http://www.vmware.com')
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c4368-6768-4a7b-8704-3844b11b1b34')
def test_create_REDIRECT_TO_POOL_l7policies_listeneres(self):
"""
The Loadbalancer listener is created with redirect_pool l7policy
with url specified.
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
lb = self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id)
listener = lb['listener_id']
self.octavia_admin_l7policies_client.create_octavia_l7policies(
listener_id=listener, action='REDIRECT_TO_POOL',
redirect_pool_id=lb['pool_id'])
self.octavia_admin_client.wait_for_load_balancer_status(lb['lb_id'])
l7p = self.octavia_admin_l7policies_client.list_octavia_l7policies(
lb['listener_id'])
for i in l7p['l7policies']:
if lb['listener_id'] == i['listener_id']:
l7p_id = i['id']
self.octavia_admin_l7policies_client.delete_octavia_l7policy(
l7p_id)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c5468-6768-4a7a-8704-3844b11b1a34')
def test_create_REJECT_l7policies_with_rules_REGEX_compare_type(self):
"""
This testcase creates a l7policy to reject particular regex i.e
regex rule is added to the l7policy.
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
l7policy=True, action='REJECT',
compare_type='REGEX', type='PATH',
value='.*', l7rule=True)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c5468-6768-4a7a-8704-3844b11b1a34')
def test_create_REJECT_l7policies_with_rules_CONTAINS_compare_type(self):
"""
This testcase creates a l7policy to reject particular regex i.e
regex rule is added to the l7policy.
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
l7policy=True, action='REJECT',
compare_type='CONTAINS', type='PATH',
value='.*', l7rule=True)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c5468-6768-4a7a-8704-3844b11b1a34')
def test_create_REJECT_l7policies_with_rules_ENDS_WITH_compare_type(self):
"""
This testcase creates a l7policy to reject particular regex i.e
regex rule is added to the l7policy.
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
l7policy=True, action='REJECT',
compare_type='ENDS_WITH', type='PATH',
value='*', l7rule=True)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c5468-6768-4a7a-8704-3844b11b1a34')
def test_create_REJECT_l7policies_with_rules_STARTS_WITH_cmpr_type(self):
"""
This testcase creates a l7policy to reject particular regex i.e
regex rule is added to the l7policy.
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
l7policy=True, action='REJECT',
compare_type='STARTS_WITH', type='PATH',
value='', l7rule=True)
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('ca5c5468-6768-4a7a-8704-3844b11b1a34')
def test_create_REJECT_l7policies_with_invert_enabled(self):
"""
This testcase creates a l7policy to reject particular regex i.e
regex rule is added to the l7policy.
"""
diction = self.deploy_octavia_topology()
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
subnet_id = diction['subnet']['subnet']['id']
self.create_project_octavia(protocol_type="HTTP",
protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
l7policy=True, action='REJECT',
invert=True)
self.check_project_lbaas()
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('74f022d6-a6ef-4458-96a7-541deadacf99')
def test_octavia_http_http_traffic_with_barbican_secrets(self):
"""
Create octavia loadbalancer with http traffic with barbican enabled.
"""
diction = self.deploy_octavia_topology()
subnet_id = diction['subnet']['subnet']['id']
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
barbican_secrets = self.create_barbican_secret_conatainer(
constants.CERT_FILE, constants.KEY_FILE)
barbican_container = barbican_secrets['secret_container']
self.create_project_octavia(protocol_type="TERMINATED_HTTPS",
protocol_port="443",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
barbican_container=barbican_container,
barbican=True, pool_protocol='HTTP')
self.check_project_lbaas()
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('74f022d6-a6ef-4458-96a7-541deadacf99')
def test_octavia_https_http_traffic_with_barbican_secrets(self):
"""
Create octavia loadbalancer with http traffic with barbican enabled.
"""
diction = self.deploy_octavia_topology()
subnet_id = diction['subnet']['subnet']['id']
if not CONF.nsxv3.ens:
self.start_web_servers(constants.HTTP_PORT)
barbican_secrets = self.create_barbican_secret_conatainer(
constants.CERT_FILE, constants.KEY_FILE)
barbican_container = barbican_secrets['secret_container']
self.create_project_octavia(protocol_type="TERMINATED_HTTPS",
protocol_port="443",
lb_algorithm="ROUND_ROBIN",
vip_subnet_id=subnet_id,
barbican_container=barbican_container,
barbican=True, pool_protocol='HTTPS')
self.check_project_lbaas()
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('c5ac8546-6867-4b7a-8704-3844b11b1a34')
def test_create_verify_octavia_lb_with_vip_net_id_LC_hm_ping(self):
"""
This testcase creates an octavia Loadbalancer with vip-net-ip
option, and verifies the traffic on the loadbalancer vip
"""
diction = self.deploy_octavia_topology()
self.start_web_servers(constants.HTTP_PORT)
net_id = diction['network']['id']
self.create_project_octavia(protocol_type="HTTP", protocol_port="80",
lb_algorithm="LEAST_CONNECTIONS",
vip_net_id=net_id, hm_type='PING',
timeout=self.hm_timeout,
max_retries=self.hm_max_retries,
delay=self.hm_delay)
self.check_project_lbaas()
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('c5ac8546-6867-4b7a-8704-3844b11b1a34')
def test_create_verify_octavia_lb_with_vip_net_id_LC_hm_ping_https(self):
"""
This testcase creates an octavia Loadbalancer with vip-net-ip
option, and verifies the traffic on the loadbalancer vip
"""
diction = self.deploy_octavia_topology()
self.start_web_servers(constants.HTTP_PORT)
net_id = diction['network']['id']
self.create_project_octavia(protocol_type="HTTPS", protocol_port="443",
lb_algorithm="LEAST_CONNECTIONS",
vip_net_id=net_id, hm_type='PING',
timeout=self.hm_timeout,
max_retries=self.hm_max_retries,
delay=self.hm_delay)
self.check_project_lbaas()
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('c5ac8546-6867-4b7a-8704-3844b11b1a34')
def test_create_verify_octavia_lb_with_vip_net_id_RR_hm_ping(self):
"""
This testcase creates an octavia Loadbalancer with vip-net-ip
option, and verifies the traffic on the loadbalancer vip
"""
diction = self.deploy_octavia_topology()
self.start_web_servers(constants.HTTP_PORT)
net_id = diction['network']['id']
self.create_project_octavia(protocol_type="HTTP", protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_net_id=net_id, hm_type='PING',
timeout=self.hm_timeout,
max_retries=self.hm_max_retries,
delay=self.hm_delay)
self.check_project_lbaas()
@decorators.attr(type='nsxv3')
@decorators.idempotent_id('c5ac8546-6867-4b7a-8704-3844b11b1a34')
def test_create_verify_octavia_lb_with_vip_net_id_SOURCE_IP_hm_ping(self):
"""
This testcase creates an octavia Loadbalancer with vip-net-ip
option, and verifies the traffic on the loadbalancer vip
"""
diction = self.deploy_octavia_topology()
self.start_web_servers(constants.HTTP_PORT)
net_id = diction['network']['id']
self.create_project_octavia(protocol_type="HTTP", protocol_port="80",
lb_algorithm="ROUND_ROBIN",
vip_net_id=net_id, hm_type='PING',
timeout=self.hm_timeout,
max_retries=self.hm_max_retries,
delay=self.hm_delay)
self.check_project_lbaas()