summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--scenarios/os-odl-sfc/role/os-odl-sfc/README39
-rw-r--r--sfc/tests/functest/README.sfc-test-211
-rw-r--r--sfc/tests/functest/README.sfc-test-324
-rw-r--r--sfc/tests/functest/README.tests48
-rw-r--r--sfc/tests/functest/config.yaml16
-rw-r--r--sfc/tests/functest/sfc_tacker_test2.bash29
-rw-r--r--sfc/tests/functest/vnfd-templates/test-one-chain-vnfd1.yaml (renamed from sfc/tests/functest/vnfd-templates/test-vnfd1.yaml)0
-rw-r--r--sfc/tests/functest/vnfd-templates/test-one-chain-vnfd2.yaml (renamed from sfc/tests/functest/vnfd-templates/test-vnfd2.yaml)0
-rw-r--r--sfc/tests/functest/vnfd-templates/test-symmetric-vnfd.yaml (renamed from sfc/tests/functest/vnfd-templates/test3-vnfd1.yaml)0
-rw-r--r--sfc/tests/functest/vnfd-templates/test-two-chains-vnfd1.yaml (renamed from sfc/tests/functest/vnfd-templates/test2-vnfd1.yaml)0
-rw-r--r--sfc/tests/functest/vnfd-templates/test-two-chains-vnfd2.yaml (renamed from sfc/tests/functest/vnfd-templates/test2-vnfd2.yaml)0
-rw-r--r--sfc/tests/functest/vnffgd-templates/test-one-chain-vnffgd.yaml (renamed from sfc/tests/functest/vnffgd-templates/test-vnffgd.yaml)0
-rw-r--r--sfc/tests/functest/vnffgd-templates/test-two-chains-vnffgd1.yaml (renamed from sfc/tests/functest/vnffgd-templates/test2-vnffgd1.yaml)0
-rw-r--r--sfc/tests/functest/vnffgd-templates/test-two-chains-vnffgd2.yaml (renamed from sfc/tests/functest/vnffgd-templates/test2-vnffgd2.yaml)0
14 files changed, 79 insertions, 88 deletions
diff --git a/scenarios/os-odl-sfc/role/os-odl-sfc/README b/scenarios/os-odl-sfc/role/os-odl-sfc/README
index 6d3147ba..3cb8cb29 100644
--- a/scenarios/os-odl-sfc/role/os-odl-sfc/README
+++ b/scenarios/os-odl-sfc/role/os-odl-sfc/README
@@ -2,11 +2,27 @@ This is the role which deploys the os-odl-sfc scenarios in xci.
This role currently works with:
-- OpenStack stable/ocata
+- OpenStack stable/pike
- ODL Nitrogen RC1
- OVS+NSH patch
+- OpenSUSE 42.3 or Ubuntu 16.04
-# SCENARIOS #
+# PREPARATIONS #
+
+1 - If you don’t have a key already, generate an SSH key in $HOME/.ssh
+ssh-keygen -t rsa
+
+2 - Clone OPNFV releng-xci repository
+git clone https://gerrit.opnfv.org/gerrit/releng-xci.git
+
+3 - Change into directory where the sandbox script is located:
+cd releng-xci/xci
+
+4 - Use a version of releng-xci which we know works
+
+git checkout cf2cd4e4b87a5e392bc4ba49749a349925ba2f86
+
+Then, depending on the scenario which will be run:
## os-odl-sfc-noha ##
@@ -16,10 +32,9 @@ your releng-xci code is:
export XCI_FLAVOR=noha
export OPNFV_SCENARIO=os-odl-sfc
-export OPENSTACK_OSA_VERSION=stable/ocata
+export OPENSTACK_OSA_VERSION=stable/pike
export VM_MEMORY_SIZE=16384
-export OPNFV_RELENG_DEV_PATH=/xxxxx/releng-xci
-
+export OPENSTACK_BIFROST_VERSION=bd7e99bf7a00e4c9ad7d03d752d7251e3caf8509
## os-odl-sfc-ha ##
@@ -28,10 +43,9 @@ running xci-deploy.sh:
export XCI_FLAVOR=ha
export OPNFV_SCENARIO=os-odl-sfc
-export OPENSTACK_OSA_VERSION=stable/ocata
+export OPENSTACK_OSA_VERSION=stable/pike
export VM_MEMORY_SIZE=20480
-export OPNFV_RELENG_DEV_PATH=/xxxxx/releng-xci
-
+export OPENSTACK_BIFROST_VERSION=bd7e99bf7a00e4c9ad7d03d752d7251e3caf8509
# LIMITATIONS #
@@ -40,16 +54,9 @@ export OPNFV_RELENG_DEV_PATH=/xxxxx/releng-xci
there are several patches pending to be upstreamed. This is the branch we
are using:
-https://github.com/mardim91/openstack-ansible-os_neutron/tree/ocata-backport-automated-twentyfourth-august
+https://github.com/manuelbuil/openstack-ansible-os_neutron/tree/testing-ovs-nsh2
We will stop doing this as soon as the patches are merged upstream
2 - It is using a private branch for tacker code because a bug does not
allow SSL. We will stop doing this as soon as the bug is fixed
-
-
-# IN PROGRESS/FUTURE #
-
-1 - Supporting stable/Pike
-
-2 - Support openSUSE
diff --git a/sfc/tests/functest/README.sfc-test-2 b/sfc/tests/functest/README.sfc-test-2
deleted file mode 100644
index 5a9f2ebe..00000000
--- a/sfc/tests/functest/README.sfc-test-2
+++ /dev/null
@@ -1,11 +0,0 @@
-### ODL-SFC TEST2 DESCRIPTION ###
-
-This is a simple description of the test case
-
-We create one client and one server using nova. Then, 2 SFs are created using
-tacker. The SFs are deployed in two different compute nodes. A chain is created
-where both SFs are included.
-
-vxlan_tool is started in both SFs and HTTP traffic is sent from the client to
-the server. If it works, the vxlan_tool is modified to block HTTP traffic.
-It is tried again and it should fail because packets are dropped
diff --git a/sfc/tests/functest/README.sfc-test-3 b/sfc/tests/functest/README.sfc-test-3
deleted file mode 100644
index 1583f24e..00000000
--- a/sfc/tests/functest/README.sfc-test-3
+++ /dev/null
@@ -1,24 +0,0 @@
-### ODL-SFC TEST3 DESCRIPTION ###
-
-*** This test is not working yet - see JIRA SFC-86 ***
-
-One client and one server are created using nova. The server will be running
-a web server on port 80.
-
-Then one Service Function (SF) is created using Tacker. This service function
-will be running a firewall that blocks the traffic in a specific port (e.g.
-33333). A symmetric service chain routing the traffic throught this SF will be
-created as well.
-
-1st check: The client is able to reach the server using a source port different
-from the one that the firewall blocks (e.g 22222), and the response gets back
-to the client.
-
-2nd check: The client is able to reach the server using the source port that
-the firewall blocks, but responses back from the server are blocked, as the
-symmetric service chain makes them go through the firewall that blocks on the
-destination port initially used as source port by the client (e.g. 33333).
-
-If the client is able to receive the response, it would be a symptom of the
-symmetric chain not working, as traffic would be flowing from server to client
-directly without traversing the SF.
diff --git a/sfc/tests/functest/README.tests b/sfc/tests/functest/README.tests
new file mode 100644
index 00000000..d4e3df3e
--- /dev/null
+++ b/sfc/tests/functest/README.tests
@@ -0,0 +1,48 @@
+## These are the current available test cases ##
+
+## TEST ONE CHAIN - sfc_one_chain_two_service_functions ##
+
+We create one client and one server using nova. Then, 2 SFs are created using
+tacker. A chain is created where both SFs are included.
+
+vxlan_tool is started in both SFs and HTTP traffic is sent from the client to
+the server. If it works, the vxlan_tool is modified to block HTTP traffic.
+It is tried again and it should fail because packets are dropped. Then, that
+SF stops blocking and the other SF starts blocking HTTP and the connection is
+tried again.
+
+
+## TEST TWO CHAINS - sfc_two_chains_SSH_and_HTTP ##
+
+We create one client and one server using nova. Then, 2 SFs are created using
+tacker. Two chains are created, having one SF each.
+
+vxlan_tool is started in both SFs, one SF blocks SSH traffic and the other SF
+block HTTP traffic. First, the client traffic is classified to chain1, where
+HTTP should work but SSH sould not. This is tested and after that the
+classification is changed to classified to chain2, where HTTP should not work
+but SSH should work. This is tested again.
+
+
+## TEST SYMMETRIC - sfc_symmetric_chain ##
+
+One client and one server are created using nova. The server will be running
+a web server on port 80.
+
+Then one Service Function (SF) is created using Tacker. This service function
+will be running a firewall that blocks the traffic in a specific port (e.g.
+33333). A symmetric service chain routing the traffic throught this SF will be
+created as well.
+
+1st check: The client is able to reach the server using a source port different
+from the one that the firewall blocks (e.g 22222), and the response gets back
+to the client.
+
+2nd check: The client is able to reach the server using the source port that
+the firewall blocks, but responses back from the server are blocked, as the
+symmetric service chain makes them go through the firewall that blocks on the
+destination port initially used as source port by the client (e.g. 33333).
+
+If the client is able to receive the response, it would be a symptom of the
+symmetric chain not working, as traffic would be flowing from server to client
+directly without traversing the SF.
diff --git a/sfc/tests/functest/config.yaml b/sfc/tests/functest/config.yaml
index 4a4a806e..294ba7c7 100644
--- a/sfc/tests/functest/config.yaml
+++ b/sfc/tests/functest/config.yaml
@@ -35,9 +35,9 @@ testcases:
subnet_cidr: "11.0.0.0/24"
secgroup_name: "example-sg"
secgroup_descr: "Example Security group"
- test_vnfd_red: "test-vnfd1.yaml"
- test_vnfd_blue: "test-vnfd2.yaml"
- test_vnffgd_red: "test-vnffgd.yaml"
+ test_vnfd_red: "test-one-chain-vnfd1.yaml"
+ test_vnfd_blue: "test-one-chain-vnfd2.yaml"
+ test_vnffgd_red: "test-one-chain-vnffgd.yaml"
sfc_two_chains_SSH_and_HTTP:
enabled: false
@@ -49,10 +49,10 @@ testcases:
subnet_cidr: "11.0.0.0/24"
secgroup_name: "example-sg"
secgroup_descr: "Example Security group"
- test_vnfd_red: "test2-vnfd1.yaml"
- test_vnfd_blue: "test2-vnfd2.yaml"
- test_vnffgd_red: "test2-vnffgd1.yaml"
- test_vnffgd_blue: "test2-vnffgd2.yaml"
+ test_vnfd_red: "test-two-chains-vnfd1.yaml"
+ test_vnfd_blue: "test-two-chains-vnfd2.yaml"
+ test_vnffgd_red: "test-two-chains-vnffgd1.yaml"
+ test_vnffgd_blue: "test-two-chains-vnffgd2.yaml"
sfc_symmetric_chain:
enabled: false
@@ -64,6 +64,6 @@ testcases:
subnet_cidr: "11.0.0.0/24"
secgroup_name: "example-sg"
secgroup_descr: "Example Security group"
- test_vnfd: "test3-vnfd1.yaml"
+ test_vnfd: "test-symmetric-vnfd.yaml"
allowed_source_port: 22222
blocked_source_port: 33333
diff --git a/sfc/tests/functest/sfc_tacker_test2.bash b/sfc/tests/functest/sfc_tacker_test2.bash
deleted file mode 100644
index 156b19cb..00000000
--- a/sfc/tests/functest/sfc_tacker_test2.bash
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash
-BASEDIR=`dirname $0`
-
-#import VNF descriptor
-tacker vnfd-create --vnfd-file ${BASEDIR}/vnfd-templates/test2-vnfd1.yaml
-tacker vnfd-create --vnfd-file ${BASEDIR}/vnfd-templates/test2-vnfd2.yaml
-
-#create instances of the imported VNF
-tacker vnf-create --name testVNF1 --vnfd-name test-vnfd1
-tacker vnf-create --name testVNF2 --vnfd-name test-vnfd2
-
-key=true
-while $key;do
- sleep 3
- active=`tacker vnf-list | grep -E 'PENDING|ERROR'`
- echo -e "checking if SFs are up: $active"
- if [ -z "$active" ]; then
- key=false
- fi
-done
-
-#create service chain
-tacker sfc-create --name red --chain testVNF1,testVNF2
-
-#create classifier
-tacker sfc-classifier-create --name red_http --chain red --match source_port=0,dest_port=80,protocol=6
-
-tacker sfc-list
-tacker sfc-classifier-list
diff --git a/sfc/tests/functest/vnfd-templates/test-vnfd1.yaml b/sfc/tests/functest/vnfd-templates/test-one-chain-vnfd1.yaml
index 4042222c..4042222c 100644
--- a/sfc/tests/functest/vnfd-templates/test-vnfd1.yaml
+++ b/sfc/tests/functest/vnfd-templates/test-one-chain-vnfd1.yaml
diff --git a/sfc/tests/functest/vnfd-templates/test-vnfd2.yaml b/sfc/tests/functest/vnfd-templates/test-one-chain-vnfd2.yaml
index 42308c6c..42308c6c 100644
--- a/sfc/tests/functest/vnfd-templates/test-vnfd2.yaml
+++ b/sfc/tests/functest/vnfd-templates/test-one-chain-vnfd2.yaml
diff --git a/sfc/tests/functest/vnfd-templates/test3-vnfd1.yaml b/sfc/tests/functest/vnfd-templates/test-symmetric-vnfd.yaml
index 1f4c11f6..1f4c11f6 100644
--- a/sfc/tests/functest/vnfd-templates/test3-vnfd1.yaml
+++ b/sfc/tests/functest/vnfd-templates/test-symmetric-vnfd.yaml
diff --git a/sfc/tests/functest/vnfd-templates/test2-vnfd1.yaml b/sfc/tests/functest/vnfd-templates/test-two-chains-vnfd1.yaml
index 4042222c..4042222c 100644
--- a/sfc/tests/functest/vnfd-templates/test2-vnfd1.yaml
+++ b/sfc/tests/functest/vnfd-templates/test-two-chains-vnfd1.yaml
diff --git a/sfc/tests/functest/vnfd-templates/test2-vnfd2.yaml b/sfc/tests/functest/vnfd-templates/test-two-chains-vnfd2.yaml
index ac4f223d..ac4f223d 100644
--- a/sfc/tests/functest/vnfd-templates/test2-vnfd2.yaml
+++ b/sfc/tests/functest/vnfd-templates/test-two-chains-vnfd2.yaml
diff --git a/sfc/tests/functest/vnffgd-templates/test-vnffgd.yaml b/sfc/tests/functest/vnffgd-templates/test-one-chain-vnffgd.yaml
index 27c7d545..27c7d545 100644
--- a/sfc/tests/functest/vnffgd-templates/test-vnffgd.yaml
+++ b/sfc/tests/functest/vnffgd-templates/test-one-chain-vnffgd.yaml
diff --git a/sfc/tests/functest/vnffgd-templates/test2-vnffgd1.yaml b/sfc/tests/functest/vnffgd-templates/test-two-chains-vnffgd1.yaml
index f0615e4e..f0615e4e 100644
--- a/sfc/tests/functest/vnffgd-templates/test2-vnffgd1.yaml
+++ b/sfc/tests/functest/vnffgd-templates/test-two-chains-vnffgd1.yaml
diff --git a/sfc/tests/functest/vnffgd-templates/test2-vnffgd2.yaml b/sfc/tests/functest/vnffgd-templates/test-two-chains-vnffgd2.yaml
index ec18c9d6..ec18c9d6 100644
--- a/sfc/tests/functest/vnffgd-templates/test2-vnffgd2.yaml
+++ b/sfc/tests/functest/vnffgd-templates/test-two-chains-vnffgd2.yaml