summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/development/overview/index.rst208
1 files changed, 208 insertions, 0 deletions
diff --git a/docs/development/overview/index.rst b/docs/development/overview/index.rst
index c7c9e7f..279d4a1 100644
--- a/docs/development/overview/index.rst
+++ b/docs/development/overview/index.rst
@@ -21,3 +21,211 @@ definition of the related semantics. The BGPVPN framework supports a backend
driver model with currently available drivers for Bagpipe, OpenContrail, Nuage
and OpenDaylight. The OPNFV scenario makes use of the OpenDaylight driver and backend
implementation through the ODL NetVirt project.
+
+====================
+SDNVPN Testing Suite
+====================
+
+An overview of the SDNVPN Test is depicted here. More details for each test case are provided:
+https://wiki.opnfv.org/display/sdnvpn/SDNVPN+Testing
+
+ BGPVPN Tempest test cases
+ Create BGPVPN passes
+ Create BGPVPN as non-admin fails
+ Delete BGPVPN as non-admin fails
+ Show BGPVPN as non-owner fails
+ List BGPVPNs as non-owner fails
+ Show network associated BGPVPNs as non-owner fails
+ List network associated BGPVPNs as non-owner fails
+ Associate/Deassociate a network to a BGPVPN resource passes
+ Update route targets on a BGPVPN passes
+ Update route targets on a BGPVPN as non-admin fails
+ Reject the creation of BGPVPN with invalid route targets passes
+ Reject the update of BGPVPN with invalid route targets passes
+ Reject the association on an invalid network to a BGPVPN passes
+ Reject the diassociation on an invalid network to a BGPVPN passes
+ Associate/Deassociate a router to a BGPVPN resource passes
+ Attach the subnet of an associated network to an associated router of the same BGVPN passes
+
+
+
+ Functest scenario specific tests:
+
+ Test Case 1 - VPN provides connectivity between subnets, using network association
+ Name: VPN connecting Neutron networks and subnets
+ Description: VPNs provide connectivity across Neutron networks and subnets if configured accordingly.
+
+ Test setup procedure:
+ Set up VM1 and VM2 on Node1 and VM3 on Node2, all having ports in the same Neutron Network N1
+ Moreover all ports have 10.10.10/24 addresses (this subnet is denoted SN1 in the following)
+ Set up VM4 on Node1 and VM5 on Node2, both having ports in Neutron Network N2
+ Moreover all ports have 10.10.11/24 addresses (this subnet is denoted SN2 in the following)
+
+ Test execution:
+ Create VPN1 with eRT<>iRT (so that connected subnets should not reach each other)
+ Associate SN1 to VPN1
+ Ping from VM1 to VM2 should work
+ Ping from VM1 to VM3 should work
+ Ping from VM1 to VM4 should not work
+ Associate SN2 to VPN1
+ Ping from VM4 to VM5 should work
+ Ping from VM1 to VM4 should not work (disabled until isolation fixed upstream)
+ Ping from VM1 to VM5 should not work (disabled until isolation fixed upstream)
+ Change VPN 1 so that iRT=eRT
+ Ping from VM1 to VM4 should work
+ Ping from VM1 to VM5 should work
+
+ Test Case 2 - tenant separation
+ Name: Using VPNs for tenant separation
+ Description: Using VPNs to isolate tenants so that overlapping IP address ranges can be used
+
+ Test setup procedure:
+ Set up VM1 and VM2 on Node1 and VM3 on Node2, all having ports in the same Neutron Network N1.
+ VM1 and VM2 have IP addresses in a subnet SN1 with range 10.10.10/24
+ VM1: 10.10.10.11, running an HTTP server which returns "I am VM1" for any HTTP request
+ (or something else than an HTTP server)
+ VM2: 10.10.10.12, running an HTTP server which returns "I am VM2" for any HTTP request
+ VM3 has an IP address in a subnet SN2 with range 10.10.11/24
+ VM3: 10.10.11.13, running an HTTP server which returns "I am VM3" for any HTTP request
+ Set up VM4 on Node1 and VM5 on Node2, both having ports in Neutron Network N2
+ VM4 has an address in a subnet SN1b with range 10.10.10/24
+ VM4: 10.10.10.12 (the same as VM2), running an HTTP server which returns "I am VM4" for any HTTP request
+ VM5 has an address in a subnet SN2b with range 10.10.11/24
+ VM5: 10.10.11.13 (the same as VM3), running an HTTP server which returns "I am VM5" for any HTTP request
+
+ Test execution:
+ Create VPN 1 with iRT=eRT=RT1 and associate N1 to it
+ HTTP from VM1 to VM2 and VM3 should work
+ It returns "I am VM2" and "I am VM3" respectively
+ HTTP from VM1 to VM4 and VM5 should not work
+ It never returns "I am VM4" or "I am VM5"
+ Create VPN2 with iRT=eRT=RT2 and associate N2 to it
+ HTTP from VM4 to VM5 should work
+ It returns "I am VM5"
+ HTTP from VM4 to VM1 and VM3 should not work
+ It never returns "I am VM1" or "I am VM3"
+
+
+ Test Case 3 - Data Center Gateway integration
+ Name: Data Center Gateway integration
+ Description: Investigate the peering functionality of BGP protocol,
+ using a Zrpcd/Quagga router and OpenDaylight Controller
+
+ Test setup procedure:
+ Search in the pool of nodes and find one Compute node and one Controller nodes, that have OpenDaylight controller running
+ Start an instance using ubuntu-16.04-server-cloudimg-amd64-disk1.img image and in it run the Quagga setup script
+ Start bgp router in the Controller node, using odl:configure-bgp
+
+ Test execution:
+ Set up a Quagga instance in a nova compute node
+ Start a BGP router with OpenDaylight in a controller node
+ Add the Quagga running in the instance as a neighbor
+ Check that bgpd is running
+ Verify that the OpenDaylight and gateway Quagga peer each other
+ Start an instance in a second nova compute node and connect it with a new network, (Network 3-3).
+ Create a bgpvpn (include parameters route-distinguisher and route-targets) and associate it with the network created
+ Define the same route-distinguisher and route-targets on the simulated quagga side
+ Check that the routes from the Network 3-3 are advertised towards simulated Quagga VM
+
+ Test Case 4 - VPN provides connectivity between subnets using router association
+ Functest: variant of Test Case 1.
+ Set up a Router R1 with one connected network/subnet N1/S1.
+ Set up a second network N2.
+ Create VPN1 and associate Router R1 and Network N2 to it.
+ Hosts from N2 should be able to reach hosts in N1.
+
+ Name: VPN connecting Neutron networks and subnets using router association
+ Description: VPNs provide connectivity across Neutron networks and subnets if configured accordingly.
+
+ Test setup procedure:
+ Set up VM1 and VM2 on Node1 and VM3 on Node2,
+ All VMs have ports in the same Neutron Network N1 and 10.10.10/24 addresses
+ (this subnet is denoted SN1 in the following).
+ N1/SN1 are connected to router R1.
+ Set up VM4 on Node1 and VM5 on Node2,
+ Both VMs have ports in Neutron Network N2 and having 10.10.11/24 addresses
+ (this subnet is denoted SN2 in the following)
+
+ Test execution:
+ Create VPN1 with eRT<>iRT (so that connected subnets should not reach each other)
+ Associate R1 to VPN1
+ Ping from VM1 to VM2 should work
+ Ping from VM1 to VM3 should work
+ Ping from VM1 to VM4 should not work
+ Associate SN2 to VPN1
+ Ping from VM4 to VM5 should work
+ Ping from VM1 to VM4 should not work
+ Ping from VM1 to VM5 should not work
+ Change VPN1 so that iRT=eRT
+ Ping from VM1 to VM4 should work
+ Ping from VM1 to VM5 should work
+
+ Test Case 7 - Network associate a subnet with a router attached to a VPN and
+ verify floating IP functionality (disabled, because of ODL Bug 6962)
+
+ A test for https://bugs.opendaylight.org/show_bug.cgi?id=6962
+
+ Setup procedure:
+ Create VM1 in a subnet with a router attached.
+ Create VM2 in a different subnet with another router attached.
+ Network associate them to a VPN with iRT=eRT
+ Ping from VM1 to VM2 should work
+ Assign a floating IP to VM1
+ Pinging the floating IP should work
+
+ Test Case 8 - Router associate a subnet with a router attached to a VPN and
+ verify floating IP functionality
+
+ Setup procedure:
+ Create VM1 in a subnet with a router which is connected with the gateway
+ Create VM2 in a different subnet without a router attached.
+ Assoc the two networks in a VPN iRT=eRT
+ One with router assoc, other with net assoc
+ Try to ping from one VM to the other
+ Assign a floating IP to the VM in the router assoc network
+ Ping it
+
+ Test Case 9 - Check fail mode in OVS br-int interfaces
+ This testcase checks if the fail mode is always “secure”.
+ To accomplish it, a check is performed on all OVS br-int interfaces, for all OpenStack nodes.
+ The testcase is considered as successful if all OVS br-int interfaces have fail_mode=secure
+
+
+ Test Case 10 - Check the communication between a group of VMs
+ This testcase investigates if communication between a group of VMs is interrupted upon deletion
+ and creation of VMs inside this group.
+
+ Test case flow:
+ Create 3 VMs: VM_1 on compute 1, VM_2 on compute 1, VM_3 on compute 2.
+ All VMs ping each other.
+ VM_2 is deleted.
+ Traffic is still flying between VM_ 1 and VM_3.
+ A new VM, VM_ 4 is added to compute 1.
+ Traffic is not interrupted and VM_4 can be reached as well.
+
+
+ Testcase 11: test Opendaylight resync and group_add_mod feature mechanisms
+ This is testcase to test Opendaylight resync and group_add_mod feature functionalities
+
+ Sub-testcase 11-1:
+ Create and start 2 VMs, connected to a common Network.
+ New groups should appear in OVS dump
+ OVS disconnects and the VMs and the networks are cleaned.
+ The new groups are still in the OVS dump,
+ cause OVS is not connected anymore, so it is not notified that the groups are deleted
+ OVS re-connects.
+ The new groups should be deleted, as Opendaylight has to resync the groups totally and
+ should remove the groups since VMS are deleted.
+
+ Sub-testcase 11-2:
+ Create and start 2 VMs, connected to a common Network.
+ New groups should appear in OVS dump
+ OVS disconnects.
+ The new groups are still in the OVS dump, cause OVS is not connected anymore,
+ so it is not notified that the groups are deleted
+ OVS re-connects.
+ The new groups should be still there, as the topology remains. Opendaylight Carbon's
+ group_add_mod mechanism should handle the already existing group.
+ OVS re-connects.
+ The new groups should be still there, as the topology remains.
+ Opendaylight Carbon’ group_add_mod mechanism should handle the already existing group.