apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improve marvin test site2site VPN

Browse Source 
Add optional fields: iprange and fordisplay to Marvin base.py class method Vpn.create
    Add optional field: passive to Marvin base.py class method Vpn.createVpnConnection
This commit is contained in:
Michael Andersen 2015-10-20 11:01:23 +02:00
parent 6fe5ae0d60
commit e2d13131e7
2 changed files with 573 additions and 191 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

574
test/integration/smoke/test_vpc_vpn.py
View File

@ -16,54 +16,273 @@
# under the License.
""" Tests for VPN in VPC
"""
#Import Local Modules
from marvin.codes import FAILED
from marvin.cloudstackTestCase import *
from marvin.cloudstackAPI import *
from marvin.lib.utils import *
from marvin.lib.base import *
from marvin.lib.common import *
# Import Local Modules
from marvin.codes import PASS, FAILED
from marvin.cloudstackTestCase import cloudstackTestCase
from marvin.lib.utils import (cleanup_resources,
get_process_status)
from marvin.lib.base import (Domain,
Account,
Configurations,
VPC,
VpcOffering,
ServiceOffering,
NetworkOffering,
Network,
PublicIPAddress,
NATRule,
NetworkACL,
NetworkACLList,
LoadBalancerRule,
ApplicationLoadBalancer,
VirtualMachine,
Template,
FireWallRule,
StaticNATRule,
Vpn,
VpnCustomerGateway,
VpnUser
)
from marvin.sshClient import SshClient
from marvin.lib.common import (get_zone,
get_domain,
get_template,
list_network_offerings)
from nose.plugins.attrib import attr
import logging
import time
class Services:
"""Test VPC VPN Services.
"""
def __init__(self):
self.services = {
"account": {
"email": "test@test.com",
"firstname": "Test",
"lastname": "User",
"username": "test",
# Random characters are appended for unique
# username
"password": "password",
},
"host1": None,
"host2": None,
"default_hypervisor": "kvm",
"compute_offering": {
"name": "Tiny Instance",
"displaytext": "Tiny Instance",
"cpunumber": 1,
"cpuspeed": 100,
"memory": 128,
},
"network_offering": {
"name": 'VPC Network offering',
"displaytext": 'VPC Network',
"guestiptype": 'Isolated',
"supportedservices": 'Vpn,Dhcp,Dns,SourceNat,Lb,PortForwarding,UserData,StaticNat,NetworkACL',
"traffictype": 'GUEST',
"availability": 'Optional',
"useVpc": 'on',
"serviceProviderList": {
"Vpn": 'VpcVirtualRouter',
"Dhcp": 'VpcVirtualRouter',
"Dns": 'VpcVirtualRouter',
"SourceNat": 'VpcVirtualRouter',
"Lb": 'VpcVirtualRouter',
"PortForwarding": 'VpcVirtualRouter',
"UserData": 'VpcVirtualRouter',
"StaticNat": 'VpcVirtualRouter',
"NetworkACL": 'VpcVirtualRouter'
},
},
"network_offering_internal_lb": {
"name": 'VPC Network Internal Lb offering',
"displaytext": 'VPC Network internal lb',
"guestiptype": 'Isolated',
"supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,UserData,StaticNat,NetworkACL,Lb',
"traffictype": 'GUEST',
"availability": 'Optional',
"useVpc": 'on',
"serviceCapabilityList": {
"Lb": {
"SupportedLbIsolation": 'dedicated',
"lbSchemes": 'internal'
}
},
"serviceProviderList": {
"Dhcp": 'VpcVirtualRouter',
"Dns": 'VpcVirtualRouter',
"SourceNat": 'VpcVirtualRouter',
"PortForwarding": 'VpcVirtualRouter',
"UserData": 'VpcVirtualRouter',
"StaticNat": 'VpcVirtualRouter',
"NetworkACL": 'VpcVirtualRouter',
"Lb": 'InternalLbVm'
},
"egress_policy": "true",
},
"vpc_offering": {
"name": 'Redundant VPC off',
"displaytext": 'Redundant VPC off',
"supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
"serviceProviderList": {
"Vpn": 'VpcVirtualRouter',
"Dhcp": 'VpcVirtualRouter',
"Dns": 'VpcVirtualRouter',
"SourceNat": 'VpcVirtualRouter',
"PortForwarding": 'VpcVirtualRouter',
"Lb": 'VpcVirtualRouter',
"UserData": 'VpcVirtualRouter',
"StaticNat": 'VpcVirtualRouter',
"NetworkACL": 'VpcVirtualRouter'
},
"serviceCapabilityList": {
"SourceNat": {
"RedundantRouter": 'true'
}
},
},
"vpc": {
"name": "TestVPC",
"displaytext": "TestVPC",
"cidr": '10.1.0.0/16'
},
"vpc1": {
"name": "TestVPC",
"displaytext": "VPC1",
"cidr": '10.1.0.0/16'
},
"vpc2": {
"name": "TestVPC",
"displaytext": "VPC2",
"cidr": '10.2.0.0/16'
},
"network_1": {
"name": "Test Network",
"displaytext": "Test Network",
"netmask": '255.255.255.0',
"gateway": "10.1.1.1"
},
"network_2": {
"name": "Test Network",
"displaytext": "Test Network",
"netmask": '255.255.255.0',
"gateway": "10.2.1.1"
},
"vpn": {
"vpn_user":"root",
"vpn_pass":"Md1s#dc",
"vpn_pass_fail":"abc!123", # too short
"iprange":"10.2.2.1-10.2.2.10",
"fordisplay": "true"
},
"vpncustomergateway": {
"esppolicy":"3des-md5;modp1536",
"ikepolicy":"3des-md5;modp1536",
"ipsecpsk":"ipsecpsk"
},
"natrule": {
"protocol": "TCP",
"cidrlist": '0.0.0.0/0',
},
"http_rule": {
"privateport": 80,
"publicport": 80,
"startport": 80,
"endport": 80,
"cidrlist": '0.0.0.0/0',
"protocol": "TCP"
},
"virtual_machine": {
"displayname": "Test VM",
"username": "root",
"password": "password",
"ssh_port": 22,
"privateport": 22,
"publicport": 22,
"protocol": 'TCP',
},
"template_kvm": {
"name": "tiny-kvm",
"displaytext": "macchinina kvm",
"format": "qcow2",
"hypervisor": "kvm",
"ostype": "Other PV (64-bit)",
"url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
"requireshvm": "True",
},
"template_xen": {
"name": "tiny-xen",
"displaytext": "macchinina xen",
"format": "vhd",
"hypervisor": "xen",
"ostype": "Other (64-bit)",
"url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
"requireshvm": "True",
},
}
class TestVpcRemoteAccessVpn(cloudstackTestCase):
@classmethod
def setUpClass(cls):
cls.logger = logging.getLogger('TestVPCRemoteAccessVPN')
cls.stream_handler = logging.StreamHandler()
cls.logger.setLevel(logging.DEBUG)
cls.logger.addHandler(cls.stream_handler)
cls.startTime = time.time()
testClient = super(TestVpcRemoteAccessVpn, cls).getClsTestClient()
cls.apiclient = testClient.getApiClient()
cls.services = testClient.getParsedTestDataConfig()
cls.services = Services().services
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.domain = get_domain(cls.apiclient)
cls.service_offering = ServiceOffering.create(
cls.compute_offering = ServiceOffering.create(
cls.apiclient,
cls.services["service_offerings"]["tiny"]
cls.services["compute_offering"]
)
cls.account = Account.create(cls.apiclient, services=cls.services["account"])
cls.template = get_template(
cls.apiclient,
cls.zone.id,
cls.services["ostype"]
)
if cls.template == FAILED:
assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
if cls.services["default_hypervisor"] == "kvm":
cls.template = Template.register(cls.apiclient, cls.services["template_kvm"], cls.zone.id, hypervisor=cls.services[
"template_kvm"]["hypervisor"], account=cls.account.name, domainid=cls.domain.id)
else:
cls.template = Template.register(cls.apiclient, cls.services["template_xen"], cls.zone.id, hypervisor=cls.services[
"template_xen"]["hypervisor"], account=cls.account.name, domainid=cls.domain.id)
if cls.template == FAILED:
assert False, "get_template() failed to return template with description %s" % cls.services["compute_offering"]
cls.services["virtual_machine"]["hypervisor"] = cls.services["default_hypervisor"]
cls.cleanup = [cls.account]
@attr(tags=["advanced"], required_hardware="false")
def test_vpc_remote_access_vpn(self):
"""Test VPN in VPC"""
"""Test Remote Access VPN in VPC"""
# 0) Get the default network offering for VPC
self.logger.debug("Retrieving default VPC offering")
networkOffering = NetworkOffering.list(self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(networkOffering) > 0, "No VPC based network offering")
# 1) Create VPC
vpcOffering = VpcOffering.list(self.apiclient,isdefault=True)
self.assert_(vpcOffering is not None and len(vpcOffering)>0, "No VPC offerings found")
try:
vpc = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
@ -73,37 +292,50 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
account=self.account.name,
domainid=self.domain.id
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc is not None, "VPC creation failed")
self.debug("VPC %s created" %(vpc.id))
self.logger.debug("VPC %s created" %(vpc.id))
try:
# 2) Create network in VPC
ntwk = Network.create(
apiclient=self.apiclient,
services=self.services["ntwk"],
services=self.services["network_1"],
accountid=self.account.name,
domainid=self.domain.id,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc.id
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk, "Network failed to create")
self.debug("Network %s created in VPC %s" %(ntwk.id, vpc.id))
self.logger.debug("Network %s created in VPC %s" %(ntwk.id, vpc.id))
try:
# 3) Deploy a vm
vm = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid= self.domain.id,
serviceofferingid=self.service_offering.id,
networkids=ntwk.id
serviceofferingid=self.compute_offering.id,
networkids=ntwk.id,
hypervisor=self.services["virtual_machine"]["hypervisor"]
)
self.assert_(vm is not None, "VM failed to deploy")
self.assert_(vm.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" %(vm.id, vpc.id))
except Exception as e:
self.fail(e)
finally:
self.logger.debug("Deployed virtual machine: OK")
try:
# 4) Enable VPN for VPC
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
@ -113,53 +345,145 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
vpcid=vpc.id
)
ip = src_nat_list[0]
except Exception as e:
self.fail(e)
finally:
self.logger.debug("Acquired public ip address: OK")
try:
vpn = Vpn.create(self.apiclient,
publicipid=ip.id,
account=self.account.name,
domainid=self.account.domainid)
domainid=self.account.domainid,
iprange=self.services["vpn"]["iprange"],
fordisplay=self.services["vpn"]["fordisplay"]
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(vpn, "Failed to create Remote Access VPN")
self.logger.debug("Created Remote Access VPN: OK")
vpnUser = None
# 5) Add VPN user for VPC
try:
vpnUser = VpnUser.create(self.apiclient,
account=self.account.name,
domainid=self.account.domainid,
username=self.services["vpn_user"]["username"],
password=self.services["vpn_user"]["password"])
username=self.services["vpn"]["vpn_user"],
password=self.services["vpn"]["vpn_pass"]
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(vpnUser, "Failed to create Remote Access VPN User")
self.logger.debug("Created VPN User: OK")
# 6) Disable VPN for VPC
#TODO: Add an actual remote vpn connection test from a remote vpc
try:
# 9) Disable VPN for VPC
vpn.delete(self.apiclient)
except Exceptio as e:
self.fail(e)
finally:
self.logger.debug("Deleted the Remote Access VPN: OK")
@classmethod
def tearDownClass(cls):
total_time = time.time() - cls.startTime
cls.logger.debug("%.3f" % (total_time))
try:
cls.logger.debug("Cleaning up resources")
cleanup_resources(cls.apiclient, cls.cleanup)
except Exception, e:
raise Exception("Cleanup failed with %s" % e)
class TestVpcSite2SiteVpn(cloudstackTestCase):
@classmethod
def setUpClass(cls):
cls.logger = logging.getLogger('TestVPCSite2SiteVPN')
cls.stream_handler = logging.StreamHandler()
cls.logger.setLevel(logging.DEBUG)
cls.logger.addHandler(cls.stream_handler)
testClient = super(TestVpcSite2SiteVpn, cls).getClsTestClient()
cls.apiclient = testClient.getApiClient()
cls.services = testClient.getParsedTestDataConfig()
cls.services = Services().services
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.domain = get_domain(cls.apiclient)
cls.service_offering = ServiceOffering.create(
cls.apiclient,
cls.services["service_offerings"]["tiny"]
cls.services["compute_offering"]
)
cls.account = Account.create(cls.apiclient, services=cls.services["account"])
cls.template = get_template(
cls.apiclient,
cls.zone.id,
cls.services["ostype"]
)
if cls.template == FAILED:
assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
cls.account = Account.create(cls.apiclient, services=cls.services["account"])
if cls.services["default_hypervisor"] == "kvm":
cls.template = Template.register(cls.apiclient, cls.services["template_kvm"], cls.zone.id, hypervisor=cls.services[
"template_kvm"]["hypervisor"], account=cls.account.name, domainid=cls.domain.id)
else:
cls.template = Template.register(cls.apiclient, cls.services["template_xen"], cls.zone.id, hypervisor=cls.services[
"template_xen"]["hypervisor"], account=cls.account.name, domainid=cls.domain.id)
if cls.template == FAILED:
assert False, "get_template() failed to return template with description %s" % cls.services["compute_offering"]
cls.services["virtual_machine"]["hypervisor"] = cls.services["default_hypervisor"]
cls.cleanup = [cls.account]
def get_ssh_client(self, virtual_machine, services, retries):
""" Setup ssh client connection and return connection
vm requires attributes public_ip, public_port, username, password """
try:
ssh_client = SshClient(
virtual_machine.public_ip,
services["virtual_machine"]["ssh_port"],
services["virtual_machine"]["username"],
services["virtual_machine"]["password"],
retries)
except Exception as e:
self.fail("Unable to create ssh connection: " % e)
self.assertIsNotNone(
ssh_client, "Failed to setup ssh connection to vm=%s on public_ip=%s" % (virtual_machine.name, virtual_machine.public_ip))
return ssh_client
def create_natrule(self, vpc, vm, public_port, private_port, public_ip, network, services=None):
self.logger.debug("Creating NAT rule in network for vm with public IP")
if not services:
self.services["natrule"]["privateport"] = private_port
self.services["natrule"]["publicport"] = public_port
self.services["natrule"]["startport"] = public_port
self.services["natrule"]["endport"] = public_port
services = self.services["natrule"]
nat_rule = NATRule.create(
apiclient=self.apiclient,
services=services,
ipaddressid=public_ip.ipaddress.id,
virtual_machine=vm,
networkid=network.id
)
self.assertIsNotNone(
nat_rule, "Failed to create NAT Rule for %s" % public_ip.ipaddress.ipaddress)
self.logger.debug(
"Adding NetworkACL rules to make NAT rule accessible")
vm.ssh_ip = nat_rule.ipaddress
vm.public_ip = nat_rule.ipaddress
vm.public_port = int(public_port)
return nat_rule
@attr(tags=["advanced"], required_hardware="false")
def test_vpc_site2site_vpn(self):
"""Test VPN in VPC"""
@ -168,10 +492,12 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
networkOffering = NetworkOffering.list(self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(networkOffering) > 0, "No VPC based network offering")
# 1) Create VPC
# 1) Create VPC offering
vpcOffering = VpcOffering.list(self.apiclient,isdefault=True)
self.assert_(vpcOffering is not None and len(vpcOffering)>0, "No VPC offerings found")
# Create VPC 1
try:
vpc1 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
@ -181,9 +507,15 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
account=self.account.name,
domainid=self.domain.id
)
self.assert_(vpc1 is not None, "VPC creation failed")
self.debug("VPC1 %s created" %(vpc1.id))
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc1 is not None, "VPC1 creation failed")
self.logger.debug("VPC1 %s created" %(vpc1.id))
# Create VPC 2
try:
vpc2 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc2"],
@ -191,76 +523,103 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
vpcofferingid=vpcOffering[0].id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
domainid=self.account.domainid
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vpc2 is not None, "VPC2 creation failed")
self.debug("VPC2 %s created" %(vpc1.id))
# 2) Create network in VPC
self.logger.debug("VPC2 %s created" %(vpc2.id))
default_acl = NetworkACLList.list(self.apiclient, name="default_allow")[0]
# Create network in VPC 1
try:
ntwk1 = Network.create(
apiclient=self.apiclient,
services=self.services["ntwk"],
services=self.services["network_1"],
accountid=self.account.name,
domainid=self.domain.id,
domainid=self.account.domainid,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc1.id
vpcid=vpc1.id,
aclid=default_acl.id
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk1, "Network failed to create")
self.debug("Network %s created in VPC %s" %(ntwk1.id, vpc1.id))
self.logger.debug("Network %s created in VPC %s" %(ntwk1.id, vpc1.id))
# Create network in VPC 2
try:
ntwk2 = Network.create(
apiclient=self.apiclient,
services=self.services["ntwk2"],
services=self.services["network_2"],
accountid=self.account.name,
domainid=self.domain.id,
domainid=self.account.domainid,
networkofferingid=networkOffering[0].id,
zoneid=self.zone.id,
vpcid=vpc2.id
vpcid=vpc2.id,
aclid=default_acl.id
)
except Exception as e:
self.fail(e)
finally:
self.assertIsNotNone(ntwk2, "Network failed to create")
self.debug("Network %s created in VPC %s" %(ntwk2.id, vpc2.id))
# 3) Deploy a vm
self.logger.debug("Network %s created in VPC %s" %(ntwk2.id, vpc2.id))
# Deploy a vm in network 2
try:
vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid= self.domain.id,
domainid= self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk1.id
networkids=ntwk1.id,
hypervisor=self.services["virtual_machine"]["hypervisor"]
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm1 is not None, "VM failed to deploy")
self.assert_(vm1.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" %(vm1.id, vpc1.id))
self.logger.debug("VM %s deployed in VPC %s" %(vm1.id, vpc1.id))
# Deploy a vm in network 2
try:
vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
templateid=self.template.id,
zoneid=self.zone.id,
accountid=self.account.name,
domainid= self.domain.id,
domainid= self.account.domainid,
serviceofferingid=self.service_offering.id,
networkids=ntwk2.id
networkids=ntwk2.id,
hypervisor=self.services["virtual_machine"]["hypervisor"]
)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm2 is not None, "VM failed to deploy")
self.assert_(vm2.state == 'Running', "VM is not running")
self.debug("VM %s deployed in VPC %s" %(vm2.id, vpc2.id))
# 4) Enable Site-to-Site VPN for VPC
cmd=createVpnGateway.createVpnGatewayCmd()
cmd.vpcid=vpc1.id
vpn1_response = self.apiclient.createVpnGateway(cmd)
vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
self.assert_(vpn1_response is not None, "Failed to enable VPN Gateway 1")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)
self.debug("VPN gateway for VPC %s enabled" % (vpc1.id))
cmd=createVpnGateway.createVpnGatewayCmd()
cmd.vpcid=vpc2.id
vpn2_response = self.apiclient.createVpnGateway(cmd)
self.debug("VPN gateway for VPC %s enabled" %(vpc2.id))
vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
self.assert_(vpn2_response is not None, "Failed to enable VPN Gateway 2")
self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)
# 5) Add VPN Customer gateway info
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
@ -270,7 +629,6 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
vpcid=vpc1.id
)
ip1 = src_nat_list[0]
src_nat_list = PublicIPAddress.list(
self.apiclient,
account=self.account.name,
@ -281,40 +639,58 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
)
ip2 = src_nat_list[0]
cmd=createVpnCustomerGateway.createVpnCustomerGatewayCmd()
cmd.esppolicy="3des-md5;modp1536"
cmd.ikepolicy="3des-md5;modp1536"
cmd.domainid=self.account.domainid
cmd.account=self.account.name
cmd.ipsecpsk="ipsecpsk"
services = self.services["vpncustomergateway"]
customer1_response = VpnCustomerGateway.create(self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id )
self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id )
self.logger.debug(vars(customer1_response))
cmd.name="Peer VPC1"
cmd.gateway=ip1.ipaddress
cmd.cidrlist=vpc1.cidr
customer1_response = self.apiclient.createVpnCustomerGateway(cmd)
self.debug("VPN customer gateway added for VPC %s enabled" %(vpc1.id))
cmd.name="Peer VPC2"
cmd.gateway=ip2.ipaddress
cmd.cidrlist=vpc2.cidr
customer2_response = self.apiclient.createVpnCustomerGateway(cmd)
self.debug("VPN customer gateway added for VPC %s enabled" %(vpc2.id))
customer2_response = VpnCustomerGateway.create(self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id )
self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id )
self.logger.debug(vars(customer2_response))
# 6) Connect two VPCs
cmd = createVpnConnection.createVpnConnectionCmd()
cmd.s2svpngatewayid = vpn2_response.id
cmd.s2scustomergatewayid = customer1_response.id
cmd.passive="true"
vpnconn1_response = self.apiclient.createVpnConnection(cmd)
self.debug("VPN passive connection created for VPC %s" %(vpc2.id))
vpnconn1_response = Vpn.createVpnConnection(self.apiclient, customer1_response.id, vpn2_response['id'], True)
self.debug("VPN passive connection created for VPC %s" % vpc2.id)
cmd = createVpnConnection.createVpnConnectionCmd()
cmd.s2svpngatewayid = vpn1_response.id
cmd.s2scustomergatewayid = customer2_response.id
vpnconn2_response = self.apiclient.createVpnConnection(cmd)
self.debug("VPN connection created for VPC %s" %(vpc1.id))
vpnconn2_response = Vpn.createVpnConnection(self.apiclient, customer2_response.id, vpn1_response['id'])
self.debug("VPN connection created for VPC %s" % vpc1.id)
self.assertEqual(vpnconn2_response.state, "Connected", "Failed to connect between VPCs!")
self.assertEqual(vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")
# acquire an extra ip address to use to ssh into vm2
try:
vm2.public_ip = PublicIPAddress.create(
apiclient=self.apiclient,
accountid=self.account.name,
zoneid=self.zone.id,
domainid=self.account.domainid,
services=self.services,
networkid=ntwk2.id,
vpcid=vpc2.id)
except Exception as e:
self.fail(e)
finally:
self.assert_(vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")
# Create port forward to be able to ssh into vm2
try:
natrule = self.create_natrule(vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
except Exception as e:
self.fail(e)
finally:
self.assert_(natrule is not None, "Failed to create portforward for vm2")
time.sleep(10)
# setup ssh connection to vm2
ssh_client = self.get_ssh_client(vm2, self.services, 10)
if ssh_client:
# run ping test
packet_loss = ssh_client.execute("/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
self.assert_(int(packet_loss) == 0, "Ping did not succeed")
else:
self.fail("Failed to setup ssh connection to %s" %vm2.public_ip)
@classmethod
def tearDownClass(cls):

10
tools/marvin/marvin/lib/base.py
View File

@ -2936,7 +2936,7 @@ class Vpn:
@classmethod
def create(cls, apiclient, publicipid, account=None, domainid=None,
projectid=None, networkid=None, vpcid=None, openfirewall=None):
projectid=None, networkid=None, vpcid=None, openfirewall=None, iprange=None, fordisplay=False):
"""Create VPN for Public IP address"""
cmd = createRemoteAccessVpn.createRemoteAccessVpnCmd()
cmd.publicipid = publicipid
@ -2950,8 +2950,12 @@ class Vpn:
cmd.networkid = networkid
if vpcid:
cmd.vpcid = vpcid
if iprange:
cmd.iprange = iprange
if openfirewall:
cmd.openfirewall = openfirewall
cmd.fordisplay = fordisplay
return Vpn(apiclient.createRemoteAccessVpn(cmd).__dict__)
@classmethod
@ -2962,11 +2966,13 @@ class Vpn:
return (apiclient.createVpnGateway(cmd).__dict__)
@classmethod
def createVpnConnection(cls, apiclient, s2scustomergatewayid, s2svpngatewayid):
def createVpnConnection(cls, apiclient, s2scustomergatewayid, s2svpngatewayid, passive=False):
"""Create VPN Connection """
cmd = createVpnConnection.createVpnConnectionCmd()
cmd.s2scustomergatewayid = s2scustomergatewayid
cmd.s2svpngatewayid = s2svpngatewayid
if passive:
cmd.passive = passive
return (apiclient.createVpnGateway(cmd).__dict__)
@classmethod