aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorManuel Buil <mbuil@suse.com>2018-04-09 08:14:09 +0000
committerGerrit Code Review <gerrit@opnfv.org>2018-04-09 08:14:09 +0000
commit435685b3384b3bd7741324368b6912dfd4b84ef5 (patch)
tree5b2d21ac54d9a470cde4ce329c9098b936b91200
parent8e7a0e837da1f278c46e398ad53e7e77ed90e81a (diff)
parent4fe8991147ee3aefa5d43d1831a1d307bcffe4fa (diff)
Merge "Update symmetric chain test case" into stable/fraser
-rw-r--r--sfc/lib/config.py2
-rw-r--r--sfc/lib/openstack_utils.py125
-rw-r--r--sfc/lib/test_utils.py9
-rw-r--r--sfc/tests/functest/config.yaml4
-rw-r--r--sfc/tests/functest/sfc_symmetric_chain.py201
-rw-r--r--sfc/tests/functest/vnfd-templates/test-symmetric-vnfd.yaml21
-rw-r--r--sfc/tests/functest/vnffgd-templates/test-symmetric-vnffgd.yaml46
-rw-r--r--sfc/tests/functest/vnffgd-templates/test-symmetric-vnffgd.yaml-queens46
8 files changed, 360 insertions, 94 deletions
diff --git a/sfc/lib/config.py b/sfc/lib/config.py
index 5ee3077a..8cc1efb4 100644
--- a/sfc/lib/config.py
+++ b/sfc/lib/config.py
@@ -30,7 +30,7 @@ class CommonConfig(object):
"""
def __init__(self):
- self.line_length = 30
+ self.line_length = 35
self.functest_repo_path = os.path.dirname(functest.__file__)
self.functest_logging_api = os.path.join(self.functest_repo_path,
"ci", "logging.ini")
diff --git a/sfc/lib/openstack_utils.py b/sfc/lib/openstack_utils.py
index 4a1c634d..b7254bf1 100644
--- a/sfc/lib/openstack_utils.py
+++ b/sfc/lib/openstack_utils.py
@@ -157,18 +157,30 @@ class OpenStackSFC:
'''
Return the compute where the client sits
'''
+ return self.get_vm_compute('client')
+
+ def get_compute_server(self):
+ '''
+ Return the compute where the server sits
+ '''
+ return self.get_vm_compute('server')
+
+ def get_vm_compute(self, vm_name):
+ '''
+ Return the compute where the vm sits
+ '''
for creator in self.creators:
# We want to filter the vm creators
if hasattr(creator, 'get_vm_inst'):
- # We want to fetch only the client
- if creator.get_vm_inst().name == 'client':
+ # We want to fetch by vm_name
+ if creator.get_vm_inst().name == vm_name:
return creator.get_vm_inst().compute_host
- raise Exception("There is no client VM!!")
+ raise Exception("There is no VM with name '{}'!!".format(vm_name))
def assign_floating_ip(self, router, vm, vm_creator):
'''
- Assign a floating ips to all the VMs
+ Assign floating ips to all the VMs
'''
name = vm.name + "-float"
port_name = vm.ports[0].name
@@ -180,9 +192,11 @@ class OpenStackSFC:
return ip.ip
# We need this function because tacker VMs cannot be created through SNAPs
- def assign_floating_ip_vnfs(self, router):
+ def assign_floating_ip_vnfs(self, router, ips=None):
'''
- Assign a floating ips to all the SFs
+ Assign floating ips to all the SFs. Optionally specify the
+ subnet IPs that a floating IP should be assigned to, assuming that the
+ SF is connected to a single subnet globally and per port.
'''
stacks = self.heat.stacks.list()
fips = []
@@ -198,8 +212,25 @@ class OpenStackSFC:
servers[0],
self.image_settings,
project_name)
- port_name = servers[0].ports[0].name
+
name = servers[0].name + "-float"
+ if ips is None:
+ port_name = servers[0].ports[0].name
+ else:
+ port_name = None
+ for port in servers[0].ports:
+ if port.ips[0]['ip_address'] in ips:
+ port_name = port.name
+ break
+
+ if port_name is None:
+ err_msg = "The VNF {} does not have any suitable port {} " \
+ "for floating IP assignment".format(
+ name,
+ 'with ip any of ' + str(ips) if ips else '')
+ logger.error(err_msg)
+ raise Exception(err_msg)
+
float_ip = FloatingIpConfig(name=name,
port_name=port_name,
router_name=router.name)
@@ -298,7 +329,7 @@ def list_vnfds(tacker_client, verbose=False):
if not verbose:
vnfds = [vnfd['id'] for vnfd in vnfds['vnfds']]
return vnfds
- except Exception, e:
+ except Exception as e:
logger.error("Error [list_vnfds(tacker_client)]: %s" % e)
return None
@@ -313,7 +344,7 @@ def create_vnfd(tacker_client, tosca_file=None, vnfd_name=None):
return tacker_client.create_vnfd(
body={"vnfd": {"attributes": {"vnfd": vnfd_body},
"name": vnfd_name}})
- except Exception, e:
+ except Exception as e:
logger.error("Error [create_vnfd(tacker_client, '%s')]: %s"
% (tosca_file, e))
return None
@@ -327,7 +358,7 @@ def delete_vnfd(tacker_client, vnfd_id=None, vnfd_name=None):
raise Exception('You need to provide VNFD id or VNFD name')
vnfd = get_vnfd_id(tacker_client, vnfd_name)
return tacker_client.delete_vnfd(vnfd)
- except Exception, e:
+ except Exception as e:
logger.error("Error [delete_vnfd(tacker_client, '%s', '%s')]: %s"
% (vnfd_id, vnfd_name, e))
return None
@@ -339,7 +370,7 @@ def list_vnfs(tacker_client, verbose=False):
if not verbose:
vnfs = [vnf['id'] for vnf in vnfs['vnfs']]
return vnfs
- except Exception, e:
+ except Exception as e:
logger.error("Error [list_vnfs(tacker_client)]: %s" % e)
return None
@@ -374,7 +405,7 @@ def create_vnf(tacker_client, vnf_name, vnfd_id=None,
vnf_body['vnf']['vim_id'] = get_vim_id(tacker_client, vim_name)
return tacker_client.create_vnf(body=vnf_body)
- except Exception, e:
+ except Exception as e:
logger.error("error [create_vnf(tacker_client,"
" '%s', '%s', '%s')]: %s"
% (vnf_name, vnfd_id, vnfd_name, e))
@@ -394,12 +425,28 @@ def get_vnf(tacker_client, vnf_id=None, vnf_name=None):
else:
raise Exception('Could not retrieve ID from name [%s]' % vnf_name)
- except Exception, e:
+ except Exception as e:
logger.error("Could not retrieve VNF [vnf_id=%s, vnf_name=%s] - %s"
% (vnf_id, vnf_name, e))
return None
+def get_vnf_ip(tacker_client, vnf_id=None, vnf_name=None):
+ """
+ Get the management ip of the first VNF component as obtained from the
+ tacker REST API:
+
+ {
+ "vnf": {
+ ...
+ "mgmt_url": "{\"VDU1\": \"192.168.120.3\"}",
+ ...
+ }
+ """
+ vnf = get_vnf(tacker_client, vnf_id, vnf_name)
+ return json.loads(vnf['mgmt_url']).values()[0]
+
+
def wait_for_vnf(tacker_client, vnf_id=None, vnf_name=None, timeout=100):
try:
vnf = get_vnf(tacker_client, vnf_id, vnf_name)
@@ -419,7 +466,7 @@ def wait_for_vnf(tacker_client, vnf_id=None, vnf_name=None, timeout=100):
raise Exception('Timeout when booting vnf %s' % vnf['id'])
return vnf['id']
- except Exception, e:
+ except Exception as e:
logger.error("error [wait_for_vnf(tacker_client, '%s', '%s')]: %s"
% (vnf_id, vnf_name, e))
return None
@@ -433,7 +480,7 @@ def delete_vnf(tacker_client, vnf_id=None, vnf_name=None):
raise Exception('You need to provide a VNF id or name')
vnf = get_vnf_id(tacker_client, vnf_name)
return tacker_client.delete_vnf(vnf)
- except Exception, e:
+ except Exception as e:
logger.error("Error [delete_vnf(tacker_client, '%s', '%s')]: %s"
% (vnf_id, vnf_name, e))
return None
@@ -447,7 +494,7 @@ def create_vim(tacker_client, vim_file=None):
vim_body = json.load(vim_fd)
logger.info('VIM template:\n{0}'.format(vim_body))
return tacker_client.create_vim(body=vim_body)
- except Exception, e:
+ except Exception as e:
logger.error("Error [create_vim(tacker_client, '%s')]: %s"
% (vim_file, e))
return None
@@ -463,14 +510,14 @@ def create_vnffgd(tacker_client, tosca_file=None, vnffgd_name=None):
return tacker_client.create_vnffgd(
body={'vnffgd': {'name': vnffgd_name,
'template': {'vnffgd': vnffgd_body}}})
- except Exception, e:
+ except Exception as e:
logger.error("Error [create_vnffgd(tacker_client, '%s')]: %s"
% (tosca_file, e))
return None
def create_vnffg(tacker_client, vnffg_name=None, vnffgd_id=None,
- vnffgd_name=None, param_file=None):
+ vnffgd_name=None, param_file=None, symmetrical=False):
'''
Creates the vnffg which will provide the RSP and the classifier
'''
@@ -478,7 +525,8 @@ def create_vnffg(tacker_client, vnffg_name=None, vnffgd_id=None,
vnffg_body = {
'vnffg': {
'attributes': {},
- 'name': vnffg_name
+ 'name': vnffg_name,
+ 'symmetrical': symmetrical
}
}
if param_file is not None:
@@ -495,7 +543,7 @@ def create_vnffg(tacker_client, vnffg_name=None, vnffgd_id=None,
vnffg_body['vnffg']['vnffgd_id'] = get_vnffgd_id(tacker_client,
vnffgd_name)
return tacker_client.create_vnffg(body=vnffg_body)
- except Exception, e:
+ except Exception as e:
logger.error("error [create_vnffg(tacker_client,"
" '%s', '%s', '%s')]: %s"
% (vnffg_name, vnffgd_id, vnffgd_name, e))
@@ -508,7 +556,7 @@ def list_vnffgds(tacker_client, verbose=False):
if not verbose:
vnffgds = [vnffgd['id'] for vnffgd in vnffgds['vnffgds']]
return vnffgds
- except Exception, e:
+ except Exception as e:
logger.error("Error [list_vnffgds(tacker_client)]: %s" % e)
return None
@@ -519,7 +567,7 @@ def list_vnffgs(tacker_client, verbose=False):
if not verbose:
vnffgs = [vnffg['id'] for vnffg in vnffgs['vnffgs']]
return vnffgs
- except Exception, e:
+ except Exception as e:
logger.error("Error [list_vnffgs(tacker_client)]: %s" % e)
return None
@@ -532,7 +580,7 @@ def delete_vnffg(tacker_client, vnffg_id=None, vnffg_name=None):
raise Exception('You need to provide a VNFFG id or name')
vnffg = get_vnffg_id(tacker_client, vnffg_name)
return tacker_client.delete_vnffg(vnffg)
- except Exception, e:
+ except Exception as e:
logger.error("Error [delete_vnffg(tacker_client, '%s', '%s')]: %s"
% (vnffg_id, vnffg_name, e))
return None
@@ -546,7 +594,7 @@ def delete_vnffgd(tacker_client, vnffgd_id=None, vnffgd_name=None):
raise Exception('You need to provide VNFFGD id or VNFFGD name')
vnffgd = get_vnffgd_id(tacker_client, vnffgd_name)
return tacker_client.delete_vnffgd(vnffgd)
- except Exception, e:
+ except Exception as e:
logger.error("Error [delete_vnffgd(tacker_client, '%s', '%s')]: %s"
% (vnffgd_id, vnffgd_name, e))
return None
@@ -558,7 +606,7 @@ def list_vims(tacker_client, verbose=False):
if not verbose:
vims = [vim['id'] for vim in vims['vims']]
return vims
- except Exception, e:
+ except Exception as e:
logger.error("Error [list_vims(tacker_client)]: %s" % e)
return None
@@ -571,7 +619,7 @@ def delete_vim(tacker_client, vim_id=None, vim_name=None):
raise Exception('You need to provide VIM id or VIM name')
vim = get_vim_id(tacker_client, vim_name)
return tacker_client.delete_vim(vim)
- except Exception, e:
+ except Exception as e:
logger.error("Error [delete_vim(tacker_client, '%s', '%s')]: %s"
% (vim_id, vim_name, e))
return None
@@ -626,19 +674,28 @@ def create_vnf_in_av_zone(
def create_vnffg_with_param_file(tacker_client, vnffgd_name, vnffg_name,
- default_param_file, neutron_port):
+ default_param_file, client_port,
+ server_port=None, server_ip=None):
param_file = default_param_file
-
- if neutron_port is not None:
+ data = {}
+ if client_port:
+ data['net_src_port_id'] = client_port
+ if server_port:
+ data['net_dst_port_id'] = server_port
+ if server_ip:
+ data['ip_dst_prefix'] = server_ip
+
+ if client_port is not None or server_port is not None:
param_file = os.path.join(
'/tmp',
- 'param_{0}.json'.format(neutron_port))
- data = {
- 'net_src_port_id': neutron_port
- }
+ 'param_{0}.json'.format(vnffg_name))
with open(param_file, 'w+') as f:
json.dump(data, f)
+
+ symmetrical = True if client_port and server_port else False
+
create_vnffg(tacker_client,
vnffgd_name=vnffgd_name,
vnffg_name=vnffg_name,
- param_file=param_file)
+ param_file=param_file,
+ symmetrical=symmetrical)
diff --git a/sfc/lib/test_utils.py b/sfc/lib/test_utils.py
index c495aa11..18c55dc1 100644
--- a/sfc/lib/test_utils.py
+++ b/sfc/lib/test_utils.py
@@ -124,17 +124,20 @@ def start_http_server(ip, iterations_check=10):
return False
-def start_vxlan_tool(remote_ip, interface="eth0", block=None):
+def start_vxlan_tool(remote_ip, interface="eth0", output=None, block=None):
"""
Starts vxlan_tool on a remote host.
vxlan_tool.py converts a regular Service Function into a NSH-aware SF
when the "--do forward" option is used, it decrements the NSI appropiately.
- 'block' parameters allows to specify a port where packets will be dropped.
+ 'output' allows to specify an interface through which to forward if
+ different than the input interface.
+ 'block' parameter allows to specify a port where packets will be dropped.
"""
command = "nohup python /root/vxlan_tool.py"
- options = "{do} {interface} {block_option}".format(
+ options = "{do} {interface} {output_option} {block_option}".format(
do="--do forward",
interface="--interface {}".format(interface),
+ output_option="--output {}".format(output) if output else "",
block_option="--block {}".format(block) if block is not None else "")
output_redirection = "> /dev/null 2>&1"
diff --git a/sfc/tests/functest/config.yaml b/sfc/tests/functest/config.yaml
index 3cd1883a..cad3cf72 100644
--- a/sfc/tests/functest/config.yaml
+++ b/sfc/tests/functest/config.yaml
@@ -67,8 +67,8 @@ testcases:
secgroup_name: "example-sg"
secgroup_descr: "Example Security group"
test_vnfd: "test-symmetric-vnfd.yaml"
- allowed_source_port: 22222
- blocked_source_port: 33333
+ test_vnffgd: "test-symmetric-vnffgd.yaml"
+ source_port: 22222
sfc_chain_deletion:
enabled: false
diff --git a/sfc/tests/functest/sfc_symmetric_chain.py b/sfc/tests/functest/sfc_symmetric_chain.py
index e3b1d57e..43599d62 100644
--- a/sfc/tests/functest/sfc_symmetric_chain.py
+++ b/sfc/tests/functest/sfc_symmetric_chain.py
@@ -20,7 +20,7 @@ import opnfv.utils.ovs_logger as ovs_log
from opnfv.deployment.factory import Factory as DeploymentFactory
import sfc.lib.config as sfc_config
-import sfc.lib.utils as test_utils
+import sfc.lib.test_utils as test_utils
from sfc.lib.results import Results
import sfc.lib.topology_shuffler as topo_shuffler
@@ -60,7 +60,7 @@ def main():
tacker_client = os_sfc_utils.get_tacker_client()
- _, custom_flavor = openstack_sfc.get_or_create_flavor(
+ custom_flavor = openstack_sfc.create_flavor(
COMMON_CONFIG.flavor,
COMMON_CONFIG.ram_size_in_mb,
COMMON_CONFIG.disk_size_in_gb,
@@ -91,8 +91,9 @@ def main():
sg = openstack_sfc.create_security_group(TESTCASE_CONFIG.secgroup_name)
vnf_name = 'testVNF1'
- # Using seed=0 uses the baseline topology: everything in the same host
- testTopology = topo_shuffler.topology([vnf_name], openstack_sfc, seed=0)
+ topo_seed = topo_shuffler.get_seed()
+ testTopology = topo_shuffler.topology([vnf_name], openstack_sfc,
+ seed=topo_seed)
logger.info('This test is run with the topology {0}'
.format(testTopology['id']))
logger.info('Topology description: {0}'
@@ -100,15 +101,17 @@ def main():
client_instance, client_creator = openstack_sfc.create_instance(
CLIENT, COMMON_CONFIG.flavor, image_creator, network, sg,
- av_zone=testTopology['client'])
+ av_zone=testTopology[CLIENT])
server_instance, server_creator = openstack_sfc.create_instance(
SERVER, COMMON_CONFIG.flavor, image_creator, network, sg,
- av_zone=testTopology['server'])
+ av_zone=testTopology[SERVER])
server_ip = server_instance.ports[0].ips[0]['ip_address']
logger.info("Server instance received private ip [{}]".format(server_ip))
+ os_sfc_utils.register_vim(tacker_client, vim_file=COMMON_CONFIG.vim_file)
+
tosca_file = os.path.join(
COMMON_CONFIG.sfc_test_dir,
COMMON_CONFIG.vnfd_dir,
@@ -119,11 +122,15 @@ def main():
COMMON_CONFIG.vnfd_dir,
COMMON_CONFIG.vnfd_default_params_file)
- os_sfc_utils.create_vnfd(tacker_client, tosca_file=tosca_file)
- test_utils.create_vnf_in_av_zone(
+ os_sfc_utils.create_vnfd(
+ tacker_client,
+ tosca_file=tosca_file,
+ vnfd_name='test-vnfd1')
+ os_sfc_utils.create_vnf_in_av_zone(
tacker_client,
vnf_name,
'test-vnfd1',
+ 'test-vim',
default_param_file,
testTopology[vnf_name])
@@ -132,37 +139,40 @@ def main():
logger.error('ERROR while booting VNF')
sys.exit(1)
- os_sfc_utils.create_sfc(
+ tosca_file = os.path.join(
+ COMMON_CONFIG.sfc_test_dir,
+ COMMON_CONFIG.vnffgd_dir,
+ TESTCASE_CONFIG.test_vnffgd)
+ os_sfc_utils.create_vnffgd(
+ tacker_client,
+ tosca_file=tosca_file,
+ vnffgd_name='test-vnffgd')
+
+ client_port = openstack_sfc.get_client_port(
+ client_instance,
+ client_creator)
+ server_port = openstack_sfc.get_client_port(
+ server_instance,
+ server_creator)
+
+ server_ip_prefix = server_ip + '/32'
+
+ os_sfc_utils.create_vnffg_with_param_file(
tacker_client,
- sfc_name='red',
- chain_vnf_names=[vnf_name],
- symmetrical=True)
-
- os_sfc_utils.create_sfc_classifier(
- tacker_client, 'red_http', sfc_name='red',
- match={
- 'source_port': 0,
- 'dest_port': 80,
- 'protocol': 6
- })
-
- # FIXME: JIRA SFC-86
- # Tacker does not allow to specify the direction of the chain to be used,
- # only references the SFP (which for symmetric chains results in two RSPs)
- os_sfc_utils.create_sfc_classifier(
- tacker_client, 'red_http_reverse', sfc_name='red',
- match={
- 'source_port': 80,
- 'dest_port': 0,
- 'protocol': 6
- })
-
- logger.info(test_utils.run_cmd('tacker sfc-list'))
- logger.info(test_utils.run_cmd('tacker sfc-classifier-list'))
+ 'test-vnffgd',
+ 'test-vnffg',
+ default_param_file,
+ client_port.id,
+ server_port.id,
+ server_ip_prefix)
# Start measuring the time it takes to implement the classification rules
- t1 = threading.Thread(target=odl_utils.wait_for_classification_rules,
- args=(ovs_logger, compute_nodes, odl_ip, odl_port,))
+ t1 = threading.Thread(
+ target=wait_for_classification_rules,
+ args=(ovs_logger, compute_nodes,
+ openstack_sfc.get_compute_server(), server_port,
+ openstack_sfc.get_compute_client(), client_port,
+ odl_ip, odl_port,))
try:
t1.start()
@@ -176,15 +186,19 @@ def main():
server_floating_ip = openstack_sfc.assign_floating_ip(router,
server_instance,
server_creator)
- fips_sfs = openstack_sfc.assign_floating_ip_vnfs(router)
+
+ vnf_ip = os_sfc_utils.get_vnf_ip(tacker_client, vnf_id=vnf_id)
+ fips_sfs = openstack_sfc.assign_floating_ip_vnfs(router, [vnf_ip])
sf_floating_ip = fips_sfs[0]
- fips = [client_floating_ip, server_floating_ip, fips_sfs[0]]
+ fips = [client_floating_ip, server_floating_ip, sf_floating_ip]
for ip in fips:
logger.info("Checking connectivity towards floating IP [%s]" % ip)
if not test_utils.ping(ip, retries=50, retry_timeout=3):
logger.error("Cannot ping floating IP [%s]" % ip)
+ os_sfc_utils.get_tacker_items()
+ odl_utils.get_odl_items(odl_ip, odl_port)
sys.exit(1)
logger.info("Successful ping to floating IP [%s]" % ip)
@@ -197,39 +211,124 @@ def main():
logger.error('\033[91mFailed to start the HTTP server\033[0m')
sys.exit(1)
- blocked_port = TESTCASE_CONFIG.blocked_source_port
- logger.info("Firewall started, blocking traffic port %d" % blocked_port)
- test_utils.start_vxlan_tool(sf_floating_ip, block=blocked_port)
+ logger.info("Starting vxlan_tool on %s" % sf_floating_ip)
+ test_utils.start_vxlan_tool(sf_floating_ip, interface='eth0',
+ output='eth1')
+ test_utils.start_vxlan_tool(sf_floating_ip, interface='eth1',
+ output='eth0')
logger.info("Wait for ODL to update the classification rules in OVS")
t1.join()
- allowed_port = TESTCASE_CONFIG.allowed_source_port
- logger.info("Test if HTTP from port %s works" % allowed_port)
- if not test_utils.is_http_blocked(
- client_floating_ip, server_ip, allowed_port):
+ logger.info("Test HTTP")
+ if not test_utils.is_http_blocked(client_floating_ip,
+ server_ip,
+ TESTCASE_CONFIG.source_port):
results.add_to_summary(2, "PASS", "HTTP works")
else:
error = ('\033[91mTEST 1 [FAILED] ==> HTTP BLOCKED\033[0m')
logger.error(error)
test_utils.capture_ovs_logs(
ovs_logger, controller_clients, compute_clients, error)
+ results.add_to_summary(2, "FAIL", "HTTP blocked")
+
+ logger.info("Changing the vxlan_tool to block HTTP request traffic")
+
+ # Make SF1 block http request traffic
+ test_utils.stop_vxlan_tool(sf_floating_ip)
+ logger.info("Starting HTTP firewall on %s" % sf_floating_ip)
+ test_utils.start_vxlan_tool(sf_floating_ip, interface='eth0',
+ output='eth1', block="80")
+ test_utils.start_vxlan_tool(sf_floating_ip, interface='eth1',
+ output='eth0')
+
+ logger.info("Test HTTP again blocking request on SF1")
+ if test_utils.is_http_blocked(client_floating_ip,
+ server_ip,
+ TESTCASE_CONFIG.source_port):
+ results.add_to_summary(2, "PASS", "HTTP uplink blocked")
+ else:
+ error = ('\033[91mTEST 2 [FAILED] ==> HTTP WORKS\033[0m')
+ logger.error(error)
+ test_utils.capture_ovs_logs(
+ ovs_logger, controller_clients, compute_clients, error)
results.add_to_summary(2, "FAIL", "HTTP works")
- logger.info("Test if HTTP from port %s is blocked" % blocked_port)
- if test_utils.is_http_blocked(
- client_floating_ip, server_ip, blocked_port):
- results.add_to_summary(2, "PASS", "HTTP Blocked")
+ logger.info("Changing the vxlan_tool to block HTTP response traffic")
+
+ # Make SF1 block response http traffic
+ test_utils.stop_vxlan_tool(sf_floating_ip)
+ logger.info("Starting HTTP firewall on %s" % sf_floating_ip)
+ test_utils.start_vxlan_tool(sf_floating_ip, interface='eth0',
+ output='eth1')
+ test_utils.start_vxlan_tool(sf_floating_ip, interface='eth1',
+ output='eth0',
+ block=TESTCASE_CONFIG.source_port)
+
+ logger.info("Test HTTP again blocking response on SF1")
+ if test_utils.is_http_blocked(client_floating_ip,
+ server_ip,
+ TESTCASE_CONFIG.source_port):
+ results.add_to_summary(2, "PASS", "HTTP downlink blocked")
else:
- error = ('\033[91mTEST 2 [FAILED] ==> HTTP WORKS\033[0m')
+ error = ('\033[91mTEST 3 [FAILED] ==> HTTP WORKS\033[0m')
logger.error(error)
test_utils.capture_ovs_logs(
ovs_logger, controller_clients, compute_clients, error)
- results.add_to_summary(2, "FAIL", "HTTP Blocked")
+ results.add_to_summary(2, "FAIL", "HTTP works")
+
+ logger.info("Changing the vxlan_tool to allow HTTP traffic")
+
+ # Make SF1 allow http traffic
+ test_utils.stop_vxlan_tool(sf_floating_ip)
+ logger.info("Starting HTTP firewall on %s" % sf_floating_ip)
+ test_utils.start_vxlan_tool(sf_floating_ip, interface='eth0',
+ output='eth1')
+ test_utils.start_vxlan_tool(sf_floating_ip, interface='eth1',
+ output='eth0')
+
+ logger.info("Test HTTP")
+ if not test_utils.is_http_blocked(client_floating_ip, server_ip):
+ results.add_to_summary(2, "PASS", "HTTP restored")
+ else:
+ error = ('\033[91mTEST 4 [FAILED] ==> HTTP BLOCKED\033[0m')
+ logger.error(error)
+ test_utils.capture_ovs_logs(
+ ovs_logger, controller_clients, compute_clients, error)
+ results.add_to_summary(2, "FAIL", "HTTP blocked")
return results.compile_summary(), openstack_sfc.creators
+def wait_for_classification_rules(ovs_logger, compute_nodes,
+ server_compute, server_port,
+ client_compute, client_port,
+ odl_ip, odl_port):
+ if client_compute == server_compute:
+ odl_utils.wait_for_classification_rules(
+ ovs_logger,
+ compute_nodes,
+ odl_ip,
+ odl_port,
+ client_compute,
+ [server_port, client_port])
+ else:
+ odl_utils.wait_for_classification_rules(
+ ovs_logger,
+ compute_nodes,
+ odl_ip,
+ odl_port,
+ server_compute,
+ server_port)
+ odl_utils.wait_for_classification_rules(
+ ovs_logger,
+ compute_nodes,
+ odl_ip,
+ odl_port,
+ client_compute,
+ client_port)
+
+
if __name__ == '__main__':
logging.config.fileConfig(COMMON_CONFIG.functest_logging_api)
main()
diff --git a/sfc/tests/functest/vnfd-templates/test-symmetric-vnfd.yaml b/sfc/tests/functest/vnfd-templates/test-symmetric-vnfd.yaml
index 1f4c11f6..bf175ef7 100644
--- a/sfc/tests/functest/vnfd-templates/test-symmetric-vnfd.yaml
+++ b/sfc/tests/functest/vnfd-templates/test-symmetric-vnfd.yaml
@@ -15,12 +15,15 @@ topology_template:
nfv_compute:
properties:
num_cpus: 1
- mem_size: 2 GB
- disk_size: 10 GB
+ mem_size: 500 MB
+ disk_size: 1 GB
properties:
- image: sfc_nsh_euphrates
+ image: sfc_nsh_fraser
availability_zone: {get_input: zone}
mgmt_driver: noop
+ config: |
+ param0: key1
+ param1: key2
service_type: firewall
monitoring_policy:
name: ping
@@ -46,6 +49,18 @@ topology_template:
- virtualBinding:
node: VDU1
+ CP2:
+ type: tosca.nodes.nfv.CP.Tacker
+ properties:
+ management: false
+ order: 1
+ anti_spoofing_protection: false
+ requirements:
+ - virtualLink:
+ node: VL1
+ - virtualBinding:
+ node: VDU1
+
VL1:
type: tosca.nodes.nfv.VL
properties:
diff --git a/sfc/tests/functest/vnffgd-templates/test-symmetric-vnffgd.yaml b/sfc/tests/functest/vnffgd-templates/test-symmetric-vnffgd.yaml
new file mode 100644
index 00000000..6b14df1b
--- /dev/null
+++ b/sfc/tests/functest/vnffgd-templates/test-symmetric-vnffgd.yaml
@@ -0,0 +1,46 @@
+---
+tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0
+description: test-case-symmetric
+
+topology_template:
+ description: topology-template-test1
+ inputs:
+ net_src_port_id:
+ type: string
+ net_dst_port_id:
+ type: string
+ ip_dst_prefix:
+ type: string
+
+ node_templates:
+ Forwarding_path1:
+ type: tosca.nodes.nfv.FP.Tacker
+ description: creates path
+ properties:
+ id: 1
+ policy:
+ type: ACL
+ criteria:
+ - network_src_port_id: {get_input: net_src_port_id}
+ - network_dst_port_id: {get_input: net_dst_port_id}
+ - ip_dst_prefix: {get_input: ip_dst_prefix}
+ - destination_port_range: 80-80
+ - ip_proto: 6
+ path:
+ - forwarder: test-vnfd1
+ capability: CP1
+ - forwarder: test-vnfd1
+ capability: CP2
+
+ groups:
+ VNFFG1:
+ type: tosca.groups.nfv.VNFFG
+ description: creates chain
+ properties:
+ vendor: tacker
+ version: 1.0
+ number_of_endpoints: 2
+ dependent_virtual_link: [VL1, VL1]
+ connection_point: [CP1, CP2]
+ constituent_vnfs: [test-vnfd1, test-vnfd1]
+ members: [Forwarding_path1]
diff --git a/sfc/tests/functest/vnffgd-templates/test-symmetric-vnffgd.yaml-queens b/sfc/tests/functest/vnffgd-templates/test-symmetric-vnffgd.yaml-queens
new file mode 100644
index 00000000..c40c447c
--- /dev/null
+++ b/sfc/tests/functest/vnffgd-templates/test-symmetric-vnffgd.yaml-queens
@@ -0,0 +1,46 @@
+---
+tosca_definitions_version: tosca_simple_profile_for_nfv_1_0_0
+description: test-case-symmetric
+
+topology_template:
+ description: topology-template-test1
+ inputs:
+ net_src_port_id:
+ type: string
+ net_dst_port_id:
+ type: string
+ ip_dst_prefix:
+ type: string
+
+ node_templates:
+ Forwarding_path1:
+ type: tosca.nodes.nfv.FP.Tacker
+ description: creates path
+ properties:
+ id: 1
+ policy:
+ type: ACL
+ criteria:
+ - network_src_port_id: {get_input: net_src_port_id}
+ network_dst_port_id: {get_input: net_dst_port_id}
+ ip_dst_prefix: {get_input: ip_dst_prefix}
+ destination_port_range: 80-80
+ ip_proto: 6
+ path:
+ - forwarder: test-vnfd1
+ capability: CP1
+ - forwarder: test-vnfd1
+ capability: CP2
+
+ groups:
+ VNFFG1:
+ type: tosca.groups.nfv.VNFFG
+ description: creates chain
+ properties:
+ vendor: tacker
+ version: 1.0
+ number_of_endpoints: 2
+ dependent_virtual_link: [VL1, VL1]
+ connection_point: [CP1, CP2]
+ constituent_vnfs: [test-vnfd1, test-vnfd1]
+ members: [Forwarding_path1]