From be8a13003fdc1340bf1886d6fb3d7e54619d8ef7 Mon Sep 17 00:00:00 2001 From: Bob Melander Date: 2016年11月14日 01:14:48 +0100 Subject: [PATCH] Adds Tempest scenario test for networking-bgpvpn This patch adds a scenario test that creates an l3 VPN and assigns two neutron networks/subnets to it. Two nova VMs are spun up on each network. To verify that the VPN is functional, i.e., forwards traffic between the two subnets, one of the VM pings the other one. Change-Id: Ic38aab48fa364ad53ef061566fe5ebc1a46fec33 Closes-Bug: #1637489 --- devstack/devstack-gate-bagpipe-rc | 6 +- devstack/plugin.sh | 7 +- devstack/settings | 5 + networking_bgpvpn_tempest/README.rst | 22 +++ .../tests/scenario/test_bgpvpn_basic.py | 178 ++++++++++++++++++ tox.ini | 18 ++ 6 files changed, 233 insertions(+), 3 deletions(-) create mode 100644 networking_bgpvpn_tempest/tests/scenario/test_bgpvpn_basic.py diff --git a/devstack/devstack-gate-bagpipe-rc b/devstack/devstack-gate-bagpipe-rc index 4548d34d..382aec88 100644 --- a/devstack/devstack-gate-bagpipe-rc +++ b/devstack/devstack-gate-bagpipe-rc @@ -1,6 +1,6 @@ # This file is hooked from https://github.com/openstack-infra/project-config/blob/master/jenkins/jobs/networking-bgpvpn.yaml -export OVERRIDE_ENABLED_SERVICES=q-svc,q-agt,q-dhcp,q-l3,key,mysql,rabbit,b-bgp +export OVERRIDE_ENABLED_SERVICES=n-api,n-crt,n-cpu,n-cond,n-sch,q-svc,q-agt,g-api,g-reg,q-dhcp,q-l3,q-meta,key,mysql,rabbit,b-bgp if [[ $DEVSTACK_GATE_TEMPEST -eq 1 ]] ; then export DEVSTACK_GATE_TEMPEST_ALL_PLUGINS=1 @@ -11,6 +11,8 @@ fi export DEVSTACK_LOCAL_CONFIG+=$'\n'"NETWORKING_BGPVPN_DRIVER=BGPVPN:BaGPipe:networking_bgpvpn.neutron.services.service_drivers.bagpipe.bagpipe.BaGPipeBGPVPNDriver:default" export DEVSTACK_LOCAL_CONFIG+=$'\n'"enable_plugin networking-bagpipe https://git.openstack.org/openstack/networking-bagpipe" export DEVSTACK_LOCAL_CONFIG+=$'\n'"BAGPIPE_DATAPLANE_DRIVER_IPVPN=mpls_ovs_dataplane.MPLSOVSDataplaneDriver" +# until we do multinode, there is no BGP peer to connect to +export DEVSTACK_LOCAL_CONFIG+=$'\n'"BAGPIPE_BGP_PEERS=" # https://bugs.launchpad.net/devstack/+bug/1567052 # so we need VERBOSE=False until bagpipe-bgp uses rootwrap and is not run with sudo (same for bagpipe-fakerr) @@ -21,5 +23,5 @@ export DEVSTACK_LOCAL_CONFIG+=$'\n'"VERBOSE=False" export DEVSTACK_LOCAL_CONFIG+=$'\n'"enable_plugin neutron git://git.openstack.org/openstack/neutron" # attempt at unbreaking runs on osic-cloud1 -export DEVSTACK_LOCAL_CONFIG+=$'\n'"SUBNETPOOL_PREFIX_V4=11.0.0.0/16" +export DEVSTACK_LOCAL_CONFIG+=$'\n'"SUBNETPOOL_PREFIX_V4=10.100.0.0/16" diff --git a/devstack/plugin.sh b/devstack/plugin.sh index 121e9580..1f687b87 100755 --- a/devstack/plugin.sh +++ b/devstack/plugin.sh @@ -4,6 +4,8 @@ _XTRACE_NETWORKING_BGPVPN=$(set +o | grep xtrace) set -o xtrace +source $NEUTRON_DIR/devstack/lib/l2_agent + if [[ "1ドル" == "source" ]]; then # no-op : @@ -32,9 +34,12 @@ elif [[ "1ドル" == "stack" && "2ドル" == "post-config" ]]; then fi if is_service_enabled q-agt && is_service_enabled b-bgp && [[ "$Q_AGENT" == "openvswitch" ]]; then echo_summary "Configuring OVS agent for bagpipe" - source $NEUTRON_DIR/devstack/lib/l2_agent + plugin_agent_add_l2_agent_extension bagpipe_bgpvpn configure_l2_agent + # l2pop and arp_responder are required for bagpipe driver + iniset /$Q_PLUGIN_CONF_FILE agent l2_population True + iniset /$Q_PLUGIN_CONF_FILE agent arp_responder True fi if is_service_enabled h-eng;then echo_summary "Enabling bgpvpn in $HEAT_CONF" diff --git a/devstack/settings b/devstack/settings index e2473f48..36ddc4c9 100755 --- a/devstack/settings +++ b/devstack/settings @@ -4,3 +4,8 @@ BGPVPN_DASHBOARD_ENABLE="$NETWORKING_BGPVPN_DIR/bgpvpn_dashboard/enabled/*" BGPVPN_PLUGIN_CLASS="networking_bgpvpn.neutron.services.plugin.BGPVPNPlugin" NETWORKING_BGPVPN_DRIVER=${NETWORKING_BGPVPN_DRIVER:-BGPVPN:Dummy:networking_bgpvpn.neutron.services.service_drivers.driver_api.BGPVPNDriver:default} + +if is_service_enabled q-svc; then + # l2pop is currently required for bagpipe driver + Q_ML2_PLUGIN_MECHANISM_DRIVERS="openvswitch,l2population" +fi \ No newline at end of file diff --git a/networking_bgpvpn_tempest/README.rst b/networking_bgpvpn_tempest/README.rst index 57397d36..a953d8da 100644 --- a/networking_bgpvpn_tempest/README.rst +++ b/networking_bgpvpn_tempest/README.rst @@ -4,3 +4,25 @@ Tempest Integration of networking_bgpvpn This directory contains Tempest tests to cover the networking_bgpvpn project. +If you are running the tests locally you should set the env variables: +# TEMPEST_CONFIG_DIR=/opt/stack/tempest/etc +# OS_TEST_PATH=/opt/stack/networking_bgpvpn_tempest/tests + +If the tests take too long to execute so that a test timeout failure happens, +that timeout value may need to be increased. This is done by setting the +environment variable OS_TEST_TIMEOUT to a sufficiently large value. + +Examples - three ways to run Tempest scenario tests: +==================================================== + +Using tempest client: +--------------------- +TEMPEST_CONFIG_DIR=/opt/stack/tempest/etc OS_TEST_PATH=./networking_bgpvpn_tempest/tests/ tempest run --regex scenario + +Using ostestr: +-------------- +TEMPEST_CONFIG_DIR=/opt/stack/tempest/etc OS_TEST_PATH=./networking_bgpvpn_tempest/tests/ ostestr --regex scenario + +Using tox: +---------- +TEMPEST_CONFIG_DIR=/opt/stack/tempest/etc tox -e scenario diff --git a/networking_bgpvpn_tempest/tests/scenario/test_bgpvpn_basic.py b/networking_bgpvpn_tempest/tests/scenario/test_bgpvpn_basic.py new file mode 100644 index 00000000..e86f3426 --- /dev/null +++ b/networking_bgpvpn_tempest/tests/scenario/test_bgpvpn_basic.py @@ -0,0 +1,178 @@ +# Copyright 2016 Cisco Systems, Inc. +# All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from oslo_log import log as logging +from tempest.common import compute +from tempest.common.utils import data_utils +from tempest.common import waiters +from tempest import config +from tempest.lib.common.utils import test_utils +from tempest.scenario import manager +from tempest import test + +from networking_bgpvpn_tempest.tests import base + +CONF = config.CONF +LOG = logging.getLogger(__name__) + + +class TestBGPVPNBasic(base.BaseBgpvpnTest, manager.NetworkScenarioTest): + def setUp(self): + super(TestBGPVPNBasic, self).setUp() + self.servers_keypairs = {} + self.servers = [] + self.server_fixed_ips = {} + self.ports = [] + self._create_security_group_for_test() + + @test.services('compute', 'network') + def test_bgpvpn_basic(self): + """This test check basic BGPVPN. + + 1. Create networks A and B with their respective subnets + 1. Start up server 1 in network A + 2. Start up server 2 in network B + 3. Associate network A and network B to a given L3 BGPVPN + 4. Check that server 1 can ping server 2 + """ + self._create_networks_and_subnets() + self._create_servers() + self._create_l3_bgpvpn() + self.router = self._create_fip_router( + subnet_id=self.subnets[0]['id']) + self.fip = self.create_floating_ip( + self.servers[0], + external_network_id=CONF.network.public_network_id, + port_id=self.ports[0]['id']) + src_ip = self.fip['floating_ip_address'] + dst_ip = self.server_fixed_ips[self.servers[1]['id']] + self._check_l3_bgpvpn(src_ip, dst_ip) + + def _create_security_group_for_test(self): + self.security_group = self._create_security_group( + tenant_id=self.bgpvpn_client.tenant_id) + + def _create_networks_and_subnets(self): + name = ['A', 'B'] + ip_cidrs = ['10.100.1.0/24', '10.100.2.0/24'] + create_kwargs = {'ip_version': 4} + for i in [0, 1]: + network = self._create_network(namestart='network-' + name[i]) + self.networks.append(network) + create_kwargs['cidr'] = ip_cidrs[i] + self.subnets.append(self._create_subnet_with_cidr( + network, namestart='subnet-' + name[i], **create_kwargs)) + + def _create_subnet_with_cidr(self, network, subnets_client=None, + namestart='subnet-smoke', **kwargs): + if not subnets_client: + subnets_client = self.subnets_client + tenant_cidr = kwargs.get('cidr') + subnet = dict( + name=data_utils.rand_name(namestart), + network_id=network['id'], + tenant_id=network['tenant_id'], + **kwargs) + result = subnets_client.create_subnet(**subnet) + self.assertIsNotNone(result, 'Unable to allocate tenant network') + subnet = result['subnet'] + self.assertEqual(subnet['cidr'], tenant_cidr) + self.addCleanup(test_utils.call_and_ignore_notfound_exc, + subnets_client.delete_subnet, subnet['id']) + return subnet + + def _create_fip_router(self, client=None, public_network_id=None, + subnet_id=None): + router = self._create_router(client, namestart='router-') + router_id = router['id'] + if public_network_id is None: + public_network_id = CONF.network.public_network_id + if client is None: + client = self.routers_client + kwargs = {'external_gateway_info': {'network_id': public_network_id}} + router = client.update_router(router_id, **kwargs)['router'] + if subnet_id is not None: + client.add_router_interface(router_id, subnet_id=subnet_id) + self.addCleanup(test_utils.call_and_ignore_notfound_exc, + client.remove_router_interface, router_id, + subnet_id=subnet_id) + return router + + def _create_server(self, name, keypair, network, ip_address, + security_group_ids, clients): + create_port_body = {'fixed_ips': [{'ip_address': ip_address}], + 'namestart': 'port-smoke', + 'security_groups': security_group_ids} + port = self._create_port(network_id=network['id'], + client=clients.ports_client, + **create_port_body) + self.ports.append(port) + create_server_kwargs = { + 'key_name': keypair['name'], + 'networks': [{'uuid': network['id'], 'port': port['id']}] + } + body, servers = compute.create_test_server( + clients, wait_until='ACTIVE', name=name, **create_server_kwargs) + self.addCleanup(waiters.wait_for_server_termination, + clients.servers_client, body['id']) + self.addCleanup(test_utils.call_and_ignore_notfound_exc, + clients.servers_client.delete_server, body['id']) + server = clients.servers_client.show_server(body['id'])['server'] + LOG.debug('Created server: %s with status: %s', server['id'], + server['status']) + return server + + def _create_servers(self): + name = ['server-1', 'server-2'] + keypair = self.create_keypair() + security_group_ids = [self.security_group['id']] + port_ips = ['10.100.1.10', '10.100.2.20'] + for i in [0, 1]: + network = self.networks[i] + server = self._create_server( + name[i], keypair, network, port_ips[i], security_group_ids, + self.manager) + self.servers.append(server) + self.servers_keypairs[server['id']] = keypair + self.server_fixed_ips[server['id']] = ( + server['addresses'][network['name']][0]['addr']) + self.assertTrue(self.servers_keypairs) + + def _create_l3_bgpvpn(self): + self.bgpvpn = self.create_bgpvpn( + self.bgpvpn_admin_client, tenant_id=self.bgpvpn_client.tenant_id, + name='l3bgpvpn', route_targets=['64512:1']) + for network in self.networks: + LOG.debug('Associating network %s to BGPVPN %s', network['id'], + self.bgpvpn['id']) + self.bgpvpn_client.create_network_association(self.bgpvpn['id'], + network['id']) + LOG.debug('BGPVPN network associations completed') + + def _check_l3_bgpvpn(self, server_1_ip, server_2_ip): + private_key = self.servers_keypairs[self.servers[0]['id']][ + 'private_key'] + ssh_client = self.get_remote_client(server_1_ip, + private_key=private_key) + try: + msg = "Timed out waiting for %s to become reachable" % server_2_ip + self.assertTrue( + self._check_remote_connectivity(ssh_client, server_2_ip, True), + msg) + except Exception: + LOG.exception("Unable to ping VM with IP address {dest} from VM " + "with IP address {src}".format(dest=server_2_ip, + src=server_1_ip)) + raise diff --git a/tox.ini b/tox.ini index 33608b7d..41382522 100644 --- a/tox.ini +++ b/tox.ini @@ -53,6 +53,24 @@ deps = commands = {toxinidir}/tools/ostestr_compat_shim.sh {posargs} +# If you are running the tests locally you should set the env variable +# TEMPEST_CONFIG_DIR=/opt/stack/tempest/etc +[testenv:api] +sitepackages = True +passenv = TEMPEST_CONFIG_DIR +setenv = + OS_TEST_PATH={toxinidir}/networking_bgpvpn_tempest/tests/api + OS_TESTR_CONCURRENCY=1 + +# If you are running the tests locally you should set the env variable +# TEMPEST_CONFIG_DIR=/opt/stack/tempest/etc +[testenv:scenario] +sitepackages = True +passenv = TEMPEST_CONFIG_DIR +setenv = + OS_TEST_PATH={toxinidir}/networking_bgpvpn_tempest/tests/scenario + OS_TESTR_CONCURRENCY=1 + [testenv:py27] setenv = OS_FAIL_ON_MISSING_DEPS=1

AltStyle によって変換されたページ (->オリジナル) /