Add a tempest scenario for floating-ip
Examine E-W traffic with or without floating-ip.
Change-Id: Ibc480d8b8f09c978f874e1e74bd52e3d615a57f6
diff --git a/neutron/tests/tempest/scenario/base.py b/neutron/tests/tempest/scenario/base.py
index 6cf73c9..62feebd 100644
--- a/neutron/tests/tempest/scenario/base.py
+++ b/neutron/tests/tempest/scenario/base.py
@@ -13,11 +13,13 @@
# License for the specific language governing permissions and limitations
# under the License.
+import netaddr
from oslo_log import log
from tempest.common import waiters
from tempest.lib.common import ssh
from tempest.lib.common.utils import data_utils
+from tempest.lib.common.utils import test_utils
from tempest.lib import exceptions as lib_exc
from neutron.tests.tempest.api import base as base_api
@@ -129,6 +131,18 @@
cls.create_secgroup_rules(rule_list, secgroup_id=secgroup_id)
@classmethod
+ def create_pingable_secgroup_rule(cls, secgroup_id=None):
+ """This rule is intended to permit inbound ping
+ """
+
+ rule_list = [{'protocol': 'icmp',
+ 'direction': 'ingress',
+ 'port_range_min': 8, # type
+ 'port_range_max': 0, # code
+ 'remote_ip_prefix': '0.0.0.0/0'}]
+ cls.create_secgroup_rules(rule_list, secgroup_id=secgroup_id)
+
+ @classmethod
def create_router_by_client(cls, is_admin=False, **kwargs):
kwargs.update({'router_name': data_utils.rand_name('router'),
'admin_state_up': True,
@@ -212,3 +226,47 @@
except lib_exc.NotFound:
LOG.debug("Server %s disappeared(deleted) while looking "
"for the console log", server['id'])
+
+ def _check_remote_connectivity(self, source, dest, should_succeed=True,
+ nic=None):
+ """check ping server via source ssh connection
+
+ :param source: RemoteClient: an ssh connection from which to ping
+ :param dest: and IP to ping against
+ :param should_succeed: boolean should ping succeed or not
+ :param nic: specific network interface to ping from
+ :returns: boolean -- should_succeed == ping
+ :returns: ping is false if ping failed
+ """
+ def ping_host(source, host, count=CONF.validation.ping_count,
+ size=CONF.validation.ping_size, nic=None):
+ addr = netaddr.IPAddress(host)
+ cmd = 'ping6' if addr.version == 6 else 'ping'
+ if nic:
+ cmd = 'sudo {cmd} -I {nic}'.format(cmd=cmd, nic=nic)
+ cmd += ' -c{0} -w{0} -s{1} {2}'.format(count, size, host)
+ return source.exec_command(cmd)
+
+ def ping_remote():
+ try:
+ result = ping_host(source, dest, nic=nic)
+
+ except lib_exc.SSHExecCommandFailed:
+ LOG.warning('Failed to ping IP: %s via a ssh connection '
+ 'from: %s.', dest, source.host)
+ return not should_succeed
+ LOG.debug('ping result: %s', result)
+ # Assert that the return traffic was from the correct
+ # source address.
+ from_source = 'from %s' % dest
+ self.assertIn(from_source, result)
+ return should_succeed
+
+ return test_utils.call_until_true(ping_remote,
+ CONF.validation.ping_timeout,
+ 1)
+
+ def check_remote_connectivity(self, source, dest, should_succeed=True,
+ nic=None):
+ self.assertTrue(self._check_remote_connectivity(
+ source, dest, should_succeed, nic))
diff --git a/neutron/tests/tempest/scenario/test_floatingip.py b/neutron/tests/tempest/scenario/test_floatingip.py
new file mode 100644
index 0000000..4c2ebb1
--- /dev/null
+++ b/neutron/tests/tempest/scenario/test_floatingip.py
@@ -0,0 +1,139 @@
+# Copyright (c) 2017 Midokura SARL
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import netaddr
+from tempest.common import waiters
+from tempest.lib.common import ssh
+from tempest.lib.common.utils import data_utils
+from tempest import test
+import testscenarios
+
+from neutron.tests.tempest import config
+from neutron.tests.tempest.scenario import base
+from neutron.tests.tempest.scenario import constants
+
+
+CONF = config.CONF
+
+
+load_tests = testscenarios.load_tests_apply_scenarios
+
+
+class FloatingIpTestCasesMixin(object):
+ credentials = ['primary', 'admin']
+
+ @classmethod
+ @test.requires_ext(extension="router", service="network")
+ def resource_setup(cls):
+ super(FloatingIpTestCasesMixin, cls).resource_setup()
+ cls.network = cls.create_network()
+ cls.subnet = cls.create_subnet(cls.network)
+ cls.router = cls.create_router_by_client()
+ cls.create_router_interface(cls.router['id'], cls.subnet['id'])
+ cls.keypair = cls.create_keypair()
+
+ cls.secgroup = cls.manager.network_client.create_security_group(
+ name=data_utils.rand_name('secgroup-'))['security_group']
+ cls.security_groups.append(cls.secgroup)
+ cls.create_loginable_secgroup_rule(secgroup_id=cls.secgroup['id'])
+ cls.create_pingable_secgroup_rule(secgroup_id=cls.secgroup['id'])
+
+ cls._src_server = cls._create_server()
+ if cls.same_network:
+ cls._dest_network = cls.network
+ else:
+ cls._dest_network = cls._create_dest_network()
+ cls._dest_server_with_fip = cls._create_server(
+ network=cls._dest_network)
+ cls._dest_server_without_fip = cls._create_server(
+ create_floating_ip=False, network=cls._dest_network)
+
+ @classmethod
+ def _create_dest_network(cls):
+ network = cls.create_network()
+ subnet = cls.create_subnet(network,
+ cidr=netaddr.IPNetwork('10.10.0.0/24'))
+ cls.create_router_interface(cls.router['id'], subnet['id'])
+ return network
+
+ @classmethod
+ def _create_server(cls, create_floating_ip=True, network=None):
+ if network is None:
+ network = cls.network
+ port = cls.create_port(network, security_groups=[cls.secgroup['id']])
+ if create_floating_ip:
+ fip = cls.create_and_associate_floatingip(port['id'])
+ else:
+ fip = None
+ server = cls.create_server(
+ flavor_ref=CONF.compute.flavor_ref,
+ image_ref=CONF.compute.image_ref,
+ key_name=cls.keypair['name'],
+ networks=[{'port': port['id']}])['server']
+ waiters.wait_for_server_status(cls.manager.servers_client,
+ server['id'],
+ constants.SERVER_STATUS_ACTIVE)
+ return {'port': port, 'fip': fip, 'server': server}
+
+ def _test_east_west(self):
+ # Source VM
+ server1 = self._src_server
+ server1_ip = server1['fip']['floating_ip_address']
+ ssh_client = ssh.Client(server1_ip,
+ CONF.validation.image_ssh_user,
+ pkey=self.keypair['private_key'])
+
+ # Destination VM
+ if self.dest_has_fip:
+ dest_server = self._dest_server_with_fip
+ else:
+ dest_server = self._dest_server_without_fip
+
+ # Check connectivity
+ self.check_remote_connectivity(ssh_client,
+ dest_server['port']['fixed_ips'][0]['ip_address'])
+ if self.dest_has_fip:
+ self.check_remote_connectivity(ssh_client,
+ dest_server['fip']['floating_ip_address'])
+
+
+class FloatingIpSameNetwork(FloatingIpTestCasesMixin,
+ base.BaseTempestTestCase):
+ # REVISIT(yamamoto): 'SRC without FIP' case is possible?
+ scenarios = [
+ ('DEST with FIP', dict(dest_has_fip=True)),
+ ('DEST without FIP', dict(dest_has_fip=False)),
+ ]
+
+ same_network = True
+
+ @test.idempotent_id('05c4e3b3-7319-4052-90ad-e8916436c23b')
+ def test_east_west(self):
+ self._test_east_west()
+
+
+class FloatingIpSeparateNetwork(FloatingIpTestCasesMixin,
+ base.BaseTempestTestCase):
+ # REVISIT(yamamoto): 'SRC without FIP' case is possible?
+ scenarios = [
+ ('DEST with FIP', dict(dest_has_fip=True)),
+ ('DEST without FIP', dict(dest_has_fip=False)),
+ ]
+
+ same_network = False
+
+ @test.idempotent_id('f18f0090-3289-4783-b956-a0f8ac511e8b')
+ def test_east_west(self):
+ self._test_east_west()