Skip to content

Commit

Permalink
Adding more cases for SLO
Browse files Browse the repository at this point in the history 
Partial-bug: #1741461

Change-Id: I6d3a6fd72e46453e5c3a58104005054b5352593e
  • Loading branch information
@alokkumar223
alokkumar223 committed Jun 8, 2018
1 parent 5aaafd7 commit 7cc84f4
Show file tree
Hide file tree
Showing 13 changed files with 1,024 additions and 128 deletions.
2 changes: 1 addition & 1 deletion common/firewall/base.py
View file
Expand Up @@ -301,7 +301,7 @@ def unset_tag(self, fixture, tag, **kwargs):
def create_fw_policy(self, scope, rules=None, **kwargs):
connections = kwargs.pop('connections', None) or self.connections
return self.useFixture(FirewallPolicyFixture(scope=scope,
rules=rules, connections=connections))
rules=rules, connections=connections, **kwargs))

def add_fw_rule(self, fwp_fixture, rule_uuid, seq_no):
return fwp_fixture.add_firewall_rules([{'uuid': rule_uuid,
Expand Down
88 changes: 0 additions & 88 deletions common/flow_tests/base.py
View file
Expand Up @@ -74,91 +74,3 @@ def setup_flow_export_rate(self, value):
self.addCleanup(vnc_lib_fixture.set_flow_export_rate, current_rate)
# end setup_flow_export_rate

def enable_logging_on_compute(self, node_ip, log_type,
restart_on_cleanup=True):
''' Enable local logging on compute node
log_type: can be agent/syslog
'''
container_name = 'agent'
conf_file = '/etc/contrail/contrail-vrouter-agent.conf'
service_name = 'contrail-vrouter-agent'
#Take backup of original conf file to revert back later
conf_file_backup = '/tmp/'+ get_random_name(conf_file.split('/')[-1])
cmd = 'cp %s %s' % (conf_file, conf_file_backup)
status = self.inputs.run_cmd_on_server(node_ip, cmd,
container=container_name)

self.addCleanup(
self.restore_default_config_file, conf_file,
conf_file_backup, service_name, node_ip, container_name,
restart_on_cleanup)

oper = 'set'
section = 'DEFAULT'
self.update_contrail_conf(service_name, oper, section,
'log_flow', 1, node_ip, container_name)
self.update_contrail_conf(service_name, oper, section,
'log_local', 1, node_ip, container_name)
self.update_contrail_conf(service_name, oper, section,
'log_level', 'SYS_INFO', node_ip, container_name)

if log_type == 'syslog':
self.update_contrail_conf(service_name, oper, section,
'use_syslog', 1, node_ip, container_name)

self.inputs.restart_service(service_name, [node_ip],
container=container_name, verify_service=True)
#end enable_logging_on_compute

def restore_default_config_file(self, conf_file, conf_file_backup,
service_name, node_ip, container=None, restart_on_cleanup=True):
'''Restore config file from conf_file_backup
conf_file: full path of config file location
conf_file_backup: full path of backup config file from where it will be restored
service_name: service name
'''
cmd = "mv %s %s" % (conf_file_backup, conf_file)
output = self.inputs.run_cmd_on_server(
node_ip,
cmd,
container=container)

if restart_on_cleanup:
self.inputs.restart_service(service_name, [node_ip],
container=container, verify_service=True)

@retry(delay=1, tries=10)
def search_session_in_log(self, log_file, node_ip, session_log,
object_name='SessionEndpointObject'):
'''Search session in log file on node node_ip'''

container_name = 'agent'
username = self.inputs.host_data[node_ip]['username']
password = self.inputs.host_data[node_ip]['password']
cmd = 'grep -a %s %s | grep -aP "%s"' % (object_name, log_file,
session_log)
output = self.inputs.run_cmd_on_server(
node_ip, cmd, username, password, container=container_name)

if not output:
return False, None
else:
self.logger.debug("\nSession Expected: %s, \nSession found: %s",
session_log, output)
return True, output

def search_session_in_agent_log(self, node_ip, session_log):
'''Search session in agent log file'''

log_file = '/var/log/contrail/contrail-vrouter-agent.log*'
object_name = 'SessionEndpointObject'
return self.search_session_in_log(log_file, node_ip, session_log,
object_name=object_name)

def search_session_in_syslog(self, node_ip, session_log):
'''Search session in syslog'''

log_file = '/var/log/syslog*'
object_name = 'SessionData'
return self.search_session_in_log(log_file, node_ip, session_log,
object_name=object_name)
560 changes: 546 additions & 14 deletions common/sessionlogging/base.py
View file

Large diffs are not rendered by default.

67 changes: 64 additions & 3 deletions common/slo/base.py
View file
Expand Up @@ -12,13 +12,16 @@ def setUpClass(cls):
def tearDownClass(cls):
super(SloBase, cls).tearDownClass()

def create_slo(self, parent_obj, rate=None, sg_obj=None, vn_policy_obj=None
):
def create_slo(self, parent_obj=None, rate=None, sg_obj=None,
vn_policy_obj=None, rules_list=None):
'''
parent_obj: global-vrouter-config or tenant
rules_list: list of dict of rule uuid and slo rate, {'uuid':<uuid>,
'rate':<rate>}
'''
sg_refs = None
vn_policy_refs = None
slo_rule_list_obj = None
if sg_obj:
ref_data = SecurityLoggingObjectRuleListType()
sg_refs = [{'obj':sg_obj, 'ref_data':ref_data}]
Expand All @@ -27,18 +30,76 @@ def create_slo(self, parent_obj, rate=None, sg_obj=None, vn_policy_obj=None
ref_data = SecurityLoggingObjectRuleListType()
vn_policy_refs = [{'obj':vn_policy_obj, 'ref_data':ref_data}]

if rules_list:
slo_rule_entry_list = []
for rule in rules_list:
slo_rule_entry = SecurityLoggingObjectRuleEntryType(
rule_uuid=rule['uuid'], rate=rule['rate'])
slo_rule_entry_list.append(slo_rule_entry)
slo_rule_list_obj = SecurityLoggingObjectRuleListType(
rule=slo_rule_entry_list)

slo_fixture = self.useFixture(
SLOFixture(
parent_obj=parent_obj, connections=self.connections,
sg_refs=sg_refs, vn_policy_refs=vn_policy_refs, rate=rate))
sg_refs=sg_refs, vn_policy_refs=vn_policy_refs, rate=rate,
rules=slo_rule_list_obj))

slo_fixture.verify_on_setup()
return slo_fixture

def update_slo(self, slo_obj, new_rules_list):
'''
rules_list: list of dict of rule uuid and slo rate, {'uuid':<uuid>,
'rate':<rate>}
'''
slo_rule_list_obj = None

if new_rules_list:
slo_rule_entry_list = []
for rule in new_rules_list:
slo_rule_entry = SecurityLoggingObjectRuleEntryType(
rule_uuid=rule['uuid'], rate=rule['rate'])
slo_rule_entry_list.append(slo_rule_entry)
slo_rule_list_obj = SecurityLoggingObjectRuleListType(
rule=slo_rule_entry_list)

slo_obj.security_logging_object_rules = slo_rule_list_obj
self.vnc_h.security_logging_object_update(slo_obj)

def add_slo_to_vn(self, slo_fixture, vn_fixture, cleanup=True):
'''Add the SLO to VN'''
slo_ref_list_old = vn_fixture.get_slo_list()
vn_fixture.add_slo(slo_fixture.obj)

if cleanup:
self.addCleanup(vn_fixture.set_slo_list, slo_ref_list_old)

def add_slo_to_vmi(self, slo_fixture, vmi_id, cleanup=True):
'''Add the SLO to VMI'''
vmi_obj = self.vnc_h.virtual_machine_interface_read(id=vmi_id)
slo_ref_list_old = vmi_obj.get_security_logging_object_refs()
vmi_obj.add_security_logging_object(slo_fixture.obj)

self.vnc_h.virtual_machine_interface_update(vmi_obj)
if cleanup:
self.addCleanup(self.set_slo_list_to_vmi, slo_ref_list_old, vmi_id)

def set_slo_list_to_vmi(self, slo_obj_list, vmi_id):
'''Set SLO list to VMI'''
vmi_obj = self.vnc_h.virtual_machine_interface_read(id=vmi_id)
vmi_obj.set_security_logging_object_list(slo_obj_list)

self.vnc_h.virtual_machine_interface_update(vmi_obj)

def set_global_slo_flag(self, enable=True, cleanup=True):
'''
Enable/disable SLO in default global vrouter config
'''
vnc_lib_fixture = self.connections.vnc_lib_fixture
current_value = vnc_lib_fixture.get_global_slo_flag()
if current_value == enable:
return True
vnc_lib_fixture.set_global_slo_flag(enable)
if cleanup:
self.addCleanup(vnc_lib_fixture.set_global_slo_flag, current_value)
7 changes: 7 additions & 0 deletions common/vrouter/base.py
View file
Expand Up @@ -177,6 +177,13 @@ def delete_all_flows_on_vms_compute(self, vm_fixtures):
for vm in vm_fixtures:
self.compute_fixtures_dict[vm.vm_node_ip].delete_all_flows()

def restart_agent_on_vms_compute(self, vm_fixtures):
'''
Restart agent on the compute node of the VMs
'''
for vm in vm_fixtures:
self.compute_fixtures_dict[vm.vm_node_ip].restart_agent()

def send_hping3_traffic(self, sender_vm_fix, dest_ip, srcport, destport,
count=1, interval='u100', stop=True, wait=False,
**kwargs):
Expand Down
5 changes: 5 additions & 0 deletions fixtures/contrailapi.py
View file
Expand Up @@ -1206,12 +1206,17 @@ def create_firewall_policy(self, fq_name, parent_type=None, rules=None, **kwargs
:param parent_type : one of 'project' or 'policy-management'
:param rules : Ordered list of dict of firewall rules and seq no
[{'uuid': rule_uuid, 'seq_no': <int>}]
:param slo: {'slo_obj': slo obj, 'rate_obj':rate obj}
'''
obj = FirewallPolicy(fq_name[-1], fq_name=fq_name, parent_type=parent_type)
for rule in rules or []:
seq = FirewallSequence(str(rule['seq_no']))
rule_obj = self.read_firewall_rule(id=rule['uuid'])
obj.add_firewall_rule(rule_obj, seq)

slo = kwargs.get('slo') or None
if slo is not None:
obj.add_security_logging_object(slo['slo_obj'], slo['rate_obj'])
self._log.debug('creating firewall policy %s'%fq_name)
return self._vnc.firewall_policy_create(obj)

Expand Down
3 changes: 2 additions & 1 deletion fixtures/firewall_policy.py
View file
Expand Up @@ -16,6 +16,7 @@ def __init__(self, *args, **kwargs):
self.uuid = kwargs.get('uuid')
self.scope = kwargs.get('scope') or 'local'
self.rules = kwargs.get('rules') or list()
self.slo = kwargs.get('slo') or None
self.created = False
self.verify_is_run = False

Expand Down Expand Up @@ -63,7 +64,7 @@ def create(self):
self.uuid = self.vnc_h.create_firewall_policy(
parent_type=self.parent_type,
fq_name=self.fq_name,
rules=self.rules)
rules=self.rules, slo=self.slo)
self.created = True
self.logger.info('Created Firewall Policy %s(%s)'%(self.name,
self.uuid))
Expand Down
15 changes: 11 additions & 4 deletions fixtures/slo_fixture.py
View file
Expand Up @@ -7,19 +7,22 @@ class SLOFixture(vnc_api_test.VncLibFixture):
Security Logging Object Fixture
'''

def __init__(self, parent_obj, **kwargs):
def __init__(self, parent_obj=None, **kwargs):
'''
Optional param:
parent_obj: parent tenant obj or global-vrouter-config
sg_refs: list of dict of SG objects and ref_data of SecurityLoggingObjectRuleListType object
[{'obj':<SG obj>, 'ref_data':<ref data obj>}]
vn_policy_refs: same as sg_refs but for VN policy
rules: SecurityLoggingObjectRuleListType obj
'''
super(SLOFixture, self).__init__(self, **kwargs)
self.parent_obj = parent_obj
self.name = None
self.uuid = None
self.obj = None
self.rate = None
self.rules = None
self.sg_refs = None
self.vn_policy_refs = None
self.parse_slo_kwargs(**kwargs)
Expand All @@ -28,7 +31,7 @@ def __init__(self, parent_obj, **kwargs):
if self.parent_obj is None:
fq_name = [ 'default-global-system-config',
'default-global-vrouter-config']
self.parent_obj = self.vnc_lib.global_vrouter_config_read(fq_name=fq_name)
self.parent_obj = self.vnc_api_h.global_vrouter_config_read(fq_name=fq_name)

def parse_slo_kwargs(self, **kwargs):
self.sg_refs = kwargs.get('sg_refs',
Expand All @@ -41,6 +44,8 @@ def parse_slo_kwargs(self, **kwargs):
self.name)
self.uuid = kwargs.get('uuid',
self.uuid)
self.rules = kwargs.get('rules',
self.rules)

def _populate_attr(self):
if self.obj:
Expand Down Expand Up @@ -115,11 +120,13 @@ def create_slo(self):
if self.rate is not None:
self.obj = SecurityLoggingObject(name=self.name,
parent_obj=self.parent_obj,
security_logging_object_rate=self.rate)
security_logging_object_rate=self.rate,
security_logging_object_rules=self.rules)
else:
#Default SLO rate
self.obj = SecurityLoggingObject(name=self.name,
parent_obj=self.parent_obj)
parent_obj=self.parent_obj,
security_logging_object_rules=self.rules)

if self.sg_refs:
for sg_ref in self.sg_refs:
Expand Down
23 changes: 22 additions & 1 deletion fixtures/vnc_api_test.py
View file
Expand Up @@ -360,7 +360,7 @@ def set_flow_export_rate(self, value):
fq_name = [ 'default-global-system-config',
'default-global-vrouter-config']
gv_obj = self.vnc_api_h.global_vrouter_config_read(fq_name=fq_name)
gv_obj.set_flow_export_rate(int(value) if value else None)
gv_obj.set_flow_export_rate(int(value) if (value is not None) else None)
self.vnc_api_h.global_vrouter_config_update(gv_obj)
self.logger.info('Setting flow export rate: %s' % (value))
return True
Expand Down Expand Up @@ -418,5 +418,26 @@ def set_global_igmp_config(self, igmp_enable=True):
self.vnc_api_h.global_system_config_update(gsc_obj)
# end set_global_igmp_enable

def set_global_slo_flag(self, enable=True):
'''
Enable/disable SLO in default global vrouter config
'''
fq_name = [ 'default-global-system-config',
'default-global-vrouter-config']
gv_obj = self.vnc_api_h.global_vrouter_config_read(fq_name=fq_name)
gv_obj.set_enable_security_logging(enable)
self.vnc_api_h.global_vrouter_config_update(gv_obj)
self.logger.info('Setting global SLO flag to : %s' % (
'True' if enable else 'False'))
return True

def get_global_slo_flag(self):
'''
Get SLO flag from default global vrouter config
'''
fq_name = [ 'default-global-system-config',
'default-global-vrouter-config']
gv_obj = self.vnc_api_h.global_vrouter_config_read(fq_name=fq_name)
value = gv_obj.get_enable_security_logging()
return value
# end VncLibFixture
2 changes: 1 addition & 1 deletion serial_scripts/vm_regression/test_vm_serial.py
View file
Expand Up @@ -627,8 +627,8 @@ def test_control_node_switchover(self):
vn1_fixture = self.create_vn(vn1_name, vn1_subnets)
assert vn1_fixture.verify_on_setup()
vm1_fixture = self.create_vm(vn1_fixture, vn1_vm1_name)
assert vm1_fixture.wait_till_vm_is_up()
vm2_fixture = self.create_vm(vn1_fixture, vn1_vm2_name)
assert vm1_fixture.wait_till_vm_is_up()
assert vm2_fixture.wait_till_vm_is_up()
assert vm1_fixture.ping_to_ip(vm2_fixture.vm_ip)
assert vm2_fixture.ping_to_ip(vm1_fixture.vm_ip)
Expand Down

0 comments on commit 7cc84f4

Please sign in to comment.