From c0133240e1c4a42ea00445b12deb7af1d1578c1f Mon Sep 17 00:00:00 2001 From: Will Stevens Date: Thu, 20 Jul 2017 15:34:07 -0400 Subject: [PATCH 1/6] fixing s2s vpn connection negotiation --- .../debian/config/opt/cloud/bin/configure.py | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py index 9efc07c71880..66d2768d2c6f 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py +++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py @@ -566,7 +566,7 @@ def configure_ipsec(self, obj): file.addeq(" lifetime=%s" % self.convert_sec_to_h(obj['esp_lifetime'])) file.addeq(" pfs=%s" % pfs) file.addeq(" keyingtries=2") - file.addeq(" auto=start") + file.addeq(" auto=route") if 'encap' not in obj: obj['encap']=False file.addeq(" forceencaps=%s" % CsHelper.bool_to_yn(obj['encap'])) @@ -582,10 +582,21 @@ def configure_ipsec(self, obj): logging.info("Configured vpn %s %s", leftpeer, rightpeer) CsHelper.execute("ipsec rereadsecrets") - # This will load the new config and start the connection when needed since auto=start in the config + # This will load the new config CsHelper.execute("ipsec reload") os.chmod(vpnsecretsfile, 0400) + # Check that the ipsec config is ready + for i in range(2): + result = CsHelper.execute('ipsec status vpn-%s | grep "%s"' % (rightpeer, peerlist.split(",", 1)[0])) + if result != "": + break + time.sleep(1) + + # With 'auto=route', connections are established with an attempt to communicate over the S2S VPN + # Attempt to ping the other side to initialize the connection of the S2S VPN configuration + CsHelper.execute("timeout 0.5 ping -c 1 %s" % (peerlist.split("/", 1)[0])) + def convert_sec_to_h(self, val): hrs = int(val) / 3600 return "%sh" % hrs From 66d970587c5c9328db80054e90514b74fdab194b Mon Sep 17 00:00:00 2001 From: Will Stevens Date: Mon, 24 Jul 2017 09:44:35 -0400 Subject: [PATCH 2/6] fixed the vpn status check logic --- systemvm/patches/debian/config/opt/cloud/bin/configure.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py index 66d2768d2c6f..5b4b062dba22 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py +++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py @@ -589,7 +589,7 @@ def configure_ipsec(self, obj): # Check that the ipsec config is ready for i in range(2): result = CsHelper.execute('ipsec status vpn-%s | grep "%s"' % (rightpeer, peerlist.split(",", 1)[0])) - if result != "": + if len(result) > 0: break time.sleep(1) From ffce5471d61be18322b6ecf9f47e8ab8aa89cb79 Mon Sep 17 00:00:00 2001 From: Will Stevens Date: Mon, 24 Jul 2017 16:06:27 -0400 Subject: [PATCH 3/6] added additional testing of s2s vpn to do a more complete set of tests --- test/integration/smoke/test_vpc_vpn.py | 441 ++++++++++++++++++++++++- 1 file changed, 440 insertions(+), 1 deletion(-) diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py index ddf769300504..2a353687c62a 100644 --- a/test/integration/smoke/test_vpc_vpn.py +++ b/test/integration/smoke/test_vpc_vpn.py @@ -43,7 +43,8 @@ StaticNATRule, Vpn, VpnCustomerGateway, - VpnUser + VpnUser, + Project ) from marvin.sshClient import SshClient @@ -57,6 +58,7 @@ from nose.plugins.attrib import attr import logging +import subprocess import time @@ -256,6 +258,10 @@ def __init__(self): "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova", "requireshvm": "True", } + }, + "project": { + "name": "Project", + "displaytext": "Test project" } } @@ -1177,3 +1183,436 @@ def tearDownClass(cls): cleanup_resources(cls.apiclient, cls.cleanup) except Exception, e: raise Exception("Cleanup failed with %s" % e) + + +class TestVPCSite2SiteVPNMultipleOptions(cloudstackTestCase): + + @classmethod + def setUpClass(cls): + cls.logger = logging.getLogger('TestVPCSite2SiteVPNMultipleOptions') + cls.stream_handler = logging.StreamHandler() + cls.logger.setLevel(logging.DEBUG) + cls.logger.addHandler(cls.stream_handler) + + testClient = super(TestVPCSite2SiteVPNMultipleOptions, cls).getClsTestClient() + cls.apiclient = testClient.getApiClient() + cls.services = Services().services + + cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests()) + cls.domain = get_domain(cls.apiclient) + + cls.compute_offering = ServiceOffering.create( + cls.apiclient, + cls.services["compute_offering"] + ) + + cls.account = Account.create( + cls.apiclient, services=cls.services["account"]) + cls.project = Project.create( + cls.apiclient, + cls.services["project"], + account=cls.account.name, + domainid=cls.domain.id + ) + + cls.hypervisor = testClient.getHypervisorInfo() + + cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][ + cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"])) + cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower( + )], cls.zone.id, hypervisor=cls.hypervisor.lower(), projectid=cls.project.id) + cls.template.zoneid=cls.zone.id + cls.template.download(cls.apiclient) + + if cls.template == FAILED: + assert False, "get_template() failed to return template" + + cls.logger.debug("Successfully created account: %s, id: \ + %s" % (cls.account.name, + cls.account.id)) + + cls.cleanup = [cls.project, cls.account, cls.compute_offering] + return + + def _get_ssh_client(self, virtual_machine, services, retries): + """ Setup ssh client connection and return connection + vm requires attributes public_ip, public_port, username, password """ + + try: + ssh_client = SshClient( + virtual_machine.public_ip, + services["virtual_machine"]["ssh_port"], + services["virtual_machine"]["username"], + services["virtual_machine"]["password"], + retries) + + except Exception as e: + self.fail("Unable to create ssh connection: " % e) + + self.assertIsNotNone( + ssh_client, "Failed to setup ssh connection to vm=%s on public_ip=%s" % (virtual_machine.name, virtual_machine.public_ip)) + + return ssh_client + + def _create_natrule(self, vpc, vm, public_port, private_port, public_ip, network, services=None): + self.logger.debug("Creating NAT rule in network for vm with public IP") + if not services: + self.services["natrule"]["privateport"] = private_port + self.services["natrule"]["publicport"] = public_port + self.services["natrule"]["startport"] = public_port + self.services["natrule"]["endport"] = public_port + services = self.services["natrule"] + + nat_rule = NATRule.create( + apiclient=self.apiclient, + services=services, + ipaddressid=public_ip.ipaddress.id, + virtual_machine=vm, + networkid=network.id, + projectid=self.project.id + ) + self.assertIsNotNone( + nat_rule, "Failed to create NAT Rule for %s" % public_ip.ipaddress.ipaddress) + self.logger.debug( + "Adding NetworkACL rules to make NAT rule accessible") + + vm.ssh_ip = nat_rule.ipaddress + vm.public_ip = nat_rule.ipaddress + vm.public_port = int(public_port) + return nat_rule + + def _validate_vpc_offering(self, vpc_offering): + + self.logger.debug("Check if the VPC offering is created successfully?") + vpc_offs = VpcOffering.list( + self.apiclient, + id=vpc_offering.id + ) + offering_list = validateList(vpc_offs) + self.assertEqual(offering_list[0], + PASS, + "List VPC offerings should return a valid list" + ) + self.assertEqual( + vpc_offering.name, + vpc_offs[0].name, + "Name of the VPC offering should match with listVPCOff data" + ) + self.logger.debug( + "VPC offering is created successfully - %s" % + vpc_offering.name) + return + + def _create_vpc_offering(self, offering_name): + + vpc_off = None + if offering_name is not None: + + self.logger.debug("Creating VPC offering: %s", offering_name) + vpc_off = VpcOffering.create( + self.apiclient, + self.services[offering_name] + ) + + self._validate_vpc_offering(vpc_off) + self.cleanup.append(vpc_off) + + return vpc_off + + @attr(tags=["advanced"], required_hardware="true") + def test_01_vpc_site2site_vpn_multiple_options(self): + """Test Site 2 Site VPN Across VPCs""" + self.logger.debug("Starting test: test_01_vpc_site2site_vpn_multiple_options") + # 0) Get the default network offering for VPC + networkOffering = NetworkOffering.list( + self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks") + self.assert_(networkOffering is not None and len( + networkOffering) > 0, "No VPC based network offering") + + # Create and Enable VPC offering + vpc_offering = self._create_vpc_offering('vpc_offering') + self.assert_(vpc_offering is not None, "Failed to create VPC Offering") + vpc_offering.update(self.apiclient, state='Enabled') + + vpc1 = None + # Create VPC 1 + try: + vpc1 = VPC.create( + apiclient=self.apiclient, + services=self.services["vpc"], + networkDomain="vpc1.vpn", + vpcofferingid=vpc_offering.id, + zoneid=self.zone.id, + projectid=self.project.id + ) + except Exception as e: + self.fail(e) + finally: + self.assert_(vpc1 is not None, "VPC1 creation failed") + + self.logger.debug("VPC1 %s created" % vpc1.id) + + vpc2 = None + # Create VPC 2 + try: + vpc2 = VPC.create( + apiclient=self.apiclient, + services=self.services["vpc2"], + networkDomain="vpc2.vpn", + vpcofferingid=vpc_offering.id, + zoneid=self.zone.id, + projectid=self.project.id + ) + except Exception as e: + self.fail(e) + finally: + self.assert_(vpc2 is not None, "VPC2 creation failed") + + self.logger.debug("VPC2 %s created" % vpc2.id) + + default_acl = NetworkACLList.list( + self.apiclient, name="default_allow")[0] + + ntwk1 = None + # Create network in VPC 1 + try: + ntwk1 = Network.create( + apiclient=self.apiclient, + services=self.services["network_1"], + projectid=self.project.id, + networkofferingid=networkOffering[0].id, + zoneid=self.zone.id, + vpcid=vpc1.id, + aclid=default_acl.id + ) + except Exception as e: + self.fail(e) + finally: + self.assertIsNotNone(ntwk1, "Network failed to create") + + self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id)) + + ntwk2 = None + # Create network in VPC 2 + try: + ntwk2 = Network.create( + apiclient=self.apiclient, + services=self.services["network_2"], + projectid=self.project.id, + networkofferingid=networkOffering[0].id, + zoneid=self.zone.id, + vpcid=vpc2.id, + aclid=default_acl.id + ) + except Exception as e: + self.fail(e) + finally: + self.assertIsNotNone(ntwk2, "Network failed to create") + + self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id)) + + vm1 = None + # Deploy a vm in network 2 + try: + vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], + templateid=self.template.id, + zoneid=self.zone.id, + projectid=self.project.id, + serviceofferingid=self.compute_offering.id, + networkids=[ntwk1.id], + vpcid=vpc1.id, + hypervisor=self.hypervisor + ) + except Exception as e: + self.fail(e) + finally: + self.assert_(vm1 is not None, "VM failed to deploy") + self.assert_(vm1.state == 'Running', "VM is not running") + + self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id)) + + vm2 = None + # Deploy a vm in network 2 + try: + vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], + templateid=self.template.id, + zoneid=self.zone.id, + projectid=self.project.id, + serviceofferingid=self.compute_offering.id, + networkids=[ntwk2.id], + vpcid=vpc2.id, + hypervisor=self.hypervisor + ) + except Exception as e: + self.fail(e) + finally: + self.assert_(vm2 is not None, "VM failed to deploy") + self.assert_(vm2.state == 'Running', "VM is not running") + + self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id)) + + # default config + config = { + 'ike_enc' :'aes128', + 'ike_hash' :'sha1', + 'ike_dh' :'modp1536', + 'esp_enc' :'aes128', + 'esp_hash' :'sha1', + 'esp_pfs' :'modp1536', + 'psk' :'secreatKey', + 'ike_life' :86400, + 'esp_life' :3600, + 'dpd' :True, + 'force_encap' :False, + 'passive_1' :False, + 'passive_2' :False + } + test_confs = [ + {}, # default + {'force_encap': True}, + {'ike_life': ''}, + {'esp_life': ''}, + {'ike_life': '', 'esp_life': ''}, + {'passive_1': True, 'passive_2': True}, + {'passive_1': False, 'passive_2': True}, + {'passive_1': True, 'passive_2': False}, + {'passive_1': False, 'passive_2': False, 'dpd': False}, + {'passive_1': True, 'passive_2': True, 'dpd': False}, + {'passive_1': True, 'passive_2': False, 'dpd': False}, + {'passive_1': False, 'passive_2': True, 'dpd': False}, + {'passive_1': True, 'passive_2': False, 'esp_pfs': ''}, + {'ike_dh': 'modp3072', 'ike_hash': 'sha256', 'esp_pfs': 'modp2048', 'esp_hash':'sha384'}, + {'ike_dh': 'modp4096', 'ike_hash': 'sha384', 'esp_pfs': 'modp6144', 'esp_hash':'sha512'}, + {'ike_dh': 'modp8192', 'ike_hash': 'sha512', 'esp_pfs': 'modp8192', 'esp_hash':'sha384'} + ] + + # 4) Enable Site-to-Site VPN for VPC + vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id) + self.assert_( + vpn1_response is not None, "Failed to enable VPN Gateway 1") + self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id) + + vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id) + self.assert_( + vpn2_response is not None, "Failed to enable VPN Gateway 2") + self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id) + + # 5) Add VPN Customer gateway info + src_nat_list = PublicIPAddress.list( + self.apiclient, + projectid=self.project.id, + listall=True, + issourcenat=True, + vpcid=vpc1.id + ) + ip1 = src_nat_list[0] + src_nat_list = PublicIPAddress.list( + self.apiclient, + projectid=self.project.id, + listall=True, + issourcenat=True, + vpcid=vpc2.id + ) + ip2 = src_nat_list[0] + + # acquire an extra ip address to use to ssh into vm2 + try: + services = self.services.copy() + del services["account"] + vm2.public_ip = PublicIPAddress.create( + apiclient=self.apiclient, + zoneid=self.zone.id, + projectid=self.project.id, + services=services, + networkid=ntwk2.id, + vpcid=vpc2.id) + except Exception as e: + self.fail(e) + finally: + self.assert_( + vm2.public_ip is not None, "Failed to aqcuire public ip for vm2") + + natrule = None + # Create port forward to be able to ssh into vm2 + try: + natrule = self._create_natrule( + vpc2, vm2, 22, 22, vm2.public_ip, ntwk2) + except Exception as e: + self.fail(e) + finally: + self.assert_( + natrule is not None, "Failed to create portforward for vm2") + time.sleep(20) + + # setup ssh connection to vm2 + ssh_client = self._get_ssh_client(vm2, self.services, 10) + if not ssh_client: + self.fail("Failed to setup ssh connection to %s" % vm2.public_ip) + + for test_c in test_confs: + c = config.copy() + c.update(test_c) + services = self._get_vpn_config(c) + self.logger.debug(services) + customer1_response = VpnCustomerGateway.create( + self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, projectid=self.project.id) + self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) + self.logger.debug(vars(customer1_response)) + + customer2_response = VpnCustomerGateway.create( + self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, projectid=self.project.id) + self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) + self.logger.debug(vars(customer2_response)) + + # 6) Connect two VPCs + vpnconn1_response = Vpn.createVpnConnection( + self.apiclient, customer1_response.id, vpn2_response['id'], c['passive_1']) + self.logger.debug("VPN connection created for VPC %s" % vpc2.id) + time.sleep(5) + vpnconn2_response = Vpn.createVpnConnection( + self.apiclient, customer2_response.id, vpn1_response['id'], c['passive_2']) + self.logger.debug("VPN connection created for VPC %s" % vpc1.id) + + # Wait for config + time.sleep(15) + # Run ping test + packet_loss = ssh_client.execute( + "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0] + self.logger.debug("Packet loss %s" % packet_loss) + self.assert_(int(packet_loss) == 0, "Ping did not succeed") + + # Cleanup + Vpn.deleteVpnConnection(self.apiclient, vpnconn1_response['id']) + Vpn.deleteVpnConnection(self.apiclient, vpnconn2_response['id']) + cleanup_resources(self.apiclient, [customer1_response, customer2_response]) + # Wait 130s for complete cleanup + time.sleep(130) + + def _get_vpn_config(self, c): + ike_policy = '%s-%s;%s' % (c['ike_enc'], c['ike_hash'], c['ike_dh']) if c['ike_dh'] else '%s-%s' % (c['ike_enc'], c['ike_hash']) + esp_policy = '%s-%s;%s' % (c['esp_enc'], c['esp_hash'], c['esp_pfs']) if c['esp_pfs'] else '%s-%s' % (c['esp_enc'], c['esp_hash']) + + out = { + 'ipsecpsk': c['psk'], + 'ikepolicy':ike_policy, + 'esppolicy':esp_policy, + 'dpd':c['dpd'], + 'forceencap':c['force_encap'] + } + + if c['ike_life']: + out['ikelifetime'] = c['ike_life'] + if c['esp_life']: + out['esplifetime'] = c['esp_life'] + + return out + + @classmethod + def tearDownClass(cls): + try: + try: + cls.template.delete(cls.apiclient) + except Exception: pass + cleanup_resources(cls.apiclient, cls.cleanup) + except Exception, e: + raise Exception("Cleanup failed with %s" % e) From 5ab7f33451ee87bfdf1f588e351775c59518e779 Mon Sep 17 00:00:00 2001 From: Will Stevens Date: Wed, 26 Jul 2017 16:51:11 -0400 Subject: [PATCH 4/6] changed the tests to run with an account and domain instead of a project --- test/integration/smoke/test_vpc_vpn.py | 64 +++++++++++++++----------- 1 file changed, 36 insertions(+), 28 deletions(-) diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py index 2a353687c62a..87402194a4d4 100644 --- a/test/integration/smoke/test_vpc_vpn.py +++ b/test/integration/smoke/test_vpc_vpn.py @@ -43,8 +43,7 @@ StaticNATRule, Vpn, VpnCustomerGateway, - VpnUser, - Project + VpnUser ) from marvin.sshClient import SshClient @@ -258,10 +257,6 @@ def __init__(self): "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova", "requireshvm": "True", } - }, - "project": { - "name": "Project", - "displaytext": "Test project" } } @@ -1208,20 +1203,13 @@ def setUpClass(cls): cls.account = Account.create( cls.apiclient, services=cls.services["account"]) - cls.project = Project.create( - cls.apiclient, - cls.services["project"], - account=cls.account.name, - domainid=cls.domain.id - ) cls.hypervisor = testClient.getHypervisorInfo() cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][ cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"])) cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower( - )], cls.zone.id, hypervisor=cls.hypervisor.lower(), projectid=cls.project.id) - cls.template.zoneid=cls.zone.id + )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id) cls.template.download(cls.apiclient) if cls.template == FAILED: @@ -1231,7 +1219,7 @@ def setUpClass(cls): %s" % (cls.account.name, cls.account.id)) - cls.cleanup = [cls.project, cls.account, cls.compute_offering] + cls.cleanup = [cls.account, cls.compute_offering] return def _get_ssh_client(self, virtual_machine, services, retries): @@ -1268,8 +1256,7 @@ def _create_natrule(self, vpc, vm, public_port, private_port, public_ip, network services=services, ipaddressid=public_ip.ipaddress.id, virtual_machine=vm, - networkid=network.id, - projectid=self.project.id + networkid=network.id ) self.assertIsNotNone( nat_rule, "Failed to create NAT Rule for %s" % public_ip.ipaddress.ipaddress) @@ -1343,7 +1330,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): networkDomain="vpc1.vpn", vpcofferingid=vpc_offering.id, zoneid=self.zone.id, - projectid=self.project.id + account=self.account.name, + domainid=self.domain.id ) except Exception as e: self.fail(e) @@ -1361,7 +1349,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): networkDomain="vpc2.vpn", vpcofferingid=vpc_offering.id, zoneid=self.zone.id, - projectid=self.project.id + account=self.account.name, + domainid=self.domain.id ) except Exception as e: self.fail(e) @@ -1379,7 +1368,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): ntwk1 = Network.create( apiclient=self.apiclient, services=self.services["network_1"], - projectid=self.project.id, + accountid=self.account.name, + domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc1.id, @@ -1398,7 +1388,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): ntwk2 = Network.create( apiclient=self.apiclient, services=self.services["network_2"], - projectid=self.project.id, + accountid=self.account.name, + domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc2.id, @@ -1417,7 +1408,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, - projectid=self.project.id, + accountid=self.account.name, + domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=[ntwk1.id], vpcid=vpc1.id, @@ -1437,7 +1429,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"], templateid=self.template.id, zoneid=self.zone.id, - projectid=self.project.id, + accountid=self.account.name, + domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=[ntwk2.id], vpcid=vpc2.id, @@ -1500,7 +1493,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): # 5) Add VPN Customer gateway info src_nat_list = PublicIPAddress.list( self.apiclient, - projectid=self.project.id, + account=self.account.name, + domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc1.id @@ -1508,7 +1502,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): ip1 = src_nat_list[0] src_nat_list = PublicIPAddress.list( self.apiclient, - projectid=self.project.id, + account=self.account.name, + domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc2.id @@ -1522,7 +1517,8 @@ def test_01_vpc_site2site_vpn_multiple_options(self): vm2.public_ip = PublicIPAddress.create( apiclient=self.apiclient, zoneid=self.zone.id, - projectid=self.project.id, + account=self.account.name, + domainid=self.account.domainid, services=services, networkid=ntwk2.id, vpcid=vpc2.id) @@ -1555,12 +1551,24 @@ def test_01_vpc_site2site_vpn_multiple_options(self): services = self._get_vpn_config(c) self.logger.debug(services) customer1_response = VpnCustomerGateway.create( - self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, projectid=self.project.id) + self.apiclient, + services, + "Peer VPC1", + ip1.ipaddress, + vpc1.cidr, + account=self.account.name, + domainid=self.account.domainid) self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) self.logger.debug(vars(customer1_response)) customer2_response = VpnCustomerGateway.create( - self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, projectid=self.project.id) + self.apiclient, + services, + "Peer VPC2", + ip2.ipaddress, + vpc2.cidr, + account=self.account.name, + domainid=self.account.domainid) self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) self.logger.debug(vars(customer2_response)) From 85d1b8dd5ff4731949e6a98a56504cb7dbf0caba Mon Sep 17 00:00:00 2001 From: Will Stevens Date: Thu, 27 Jul 2017 09:34:29 -0400 Subject: [PATCH 5/6] changed domain id format and removed the vpcid from the create vm call --- test/integration/smoke/test_vpc_vpn.py | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py index 87402194a4d4..28f7cb93175a 100644 --- a/test/integration/smoke/test_vpc_vpn.py +++ b/test/integration/smoke/test_vpc_vpn.py @@ -1369,7 +1369,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, - domainid=self.account.domainid, + domainid=self.account.domain.id, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc1.id, @@ -1389,7 +1389,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): apiclient=self.apiclient, services=self.services["network_2"], accountid=self.account.name, - domainid=self.account.domainid, + domainid=self.account.domain.id, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc2.id, @@ -1409,10 +1409,9 @@ def test_01_vpc_site2site_vpn_multiple_options(self): templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, - domainid=self.account.domainid, + domainid=self.account.domain.id, serviceofferingid=self.compute_offering.id, - networkids=[ntwk1.id], - vpcid=vpc1.id, + networkids=ntwk1.id, hypervisor=self.hypervisor ) except Exception as e: @@ -1430,10 +1429,9 @@ def test_01_vpc_site2site_vpn_multiple_options(self): templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, - domainid=self.account.domainid, + domainid=self.account.domain.id, serviceofferingid=self.compute_offering.id, - networkids=[ntwk2.id], - vpcid=vpc2.id, + networkids=ntwk2.id, hypervisor=self.hypervisor ) except Exception as e: @@ -1494,7 +1492,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, - domainid=self.account.domainid, + domainid=self.account.domain.id, listall=True, issourcenat=True, vpcid=vpc1.id @@ -1503,7 +1501,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, - domainid=self.account.domainid, + domainid=self.account.domain.id, listall=True, issourcenat=True, vpcid=vpc2.id @@ -1518,7 +1516,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): apiclient=self.apiclient, zoneid=self.zone.id, account=self.account.name, - domainid=self.account.domainid, + domainid=self.account.domain.id, services=services, networkid=ntwk2.id, vpcid=vpc2.id) @@ -1557,7 +1555,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): ip1.ipaddress, vpc1.cidr, account=self.account.name, - domainid=self.account.domainid) + domainid=self.account.domain.id) self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) self.logger.debug(vars(customer1_response)) @@ -1568,7 +1566,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): ip2.ipaddress, vpc2.cidr, account=self.account.name, - domainid=self.account.domainid) + domainid=self.account.domain.id) self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) self.logger.debug(vars(customer2_response)) From 30792fbdcd30fdc48ab25183f3dc3a87c99a2fd4 Mon Sep 17 00:00:00 2001 From: Will Stevens Date: Mon, 31 Jul 2017 14:21:26 -0400 Subject: [PATCH 6/6] fixed a type that got introduced --- test/integration/smoke/test_vpc_vpn.py | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py index 28f7cb93175a..9ed1d0109ac4 100644 --- a/test/integration/smoke/test_vpc_vpn.py +++ b/test/integration/smoke/test_vpc_vpn.py @@ -1369,7 +1369,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): apiclient=self.apiclient, services=self.services["network_1"], accountid=self.account.name, - domainid=self.account.domain.id, + domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc1.id, @@ -1389,7 +1389,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): apiclient=self.apiclient, services=self.services["network_2"], accountid=self.account.name, - domainid=self.account.domain.id, + domainid=self.account.domainid, networkofferingid=networkOffering[0].id, zoneid=self.zone.id, vpcid=vpc2.id, @@ -1409,7 +1409,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, - domainid=self.account.domain.id, + domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=ntwk1.id, hypervisor=self.hypervisor @@ -1429,7 +1429,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): templateid=self.template.id, zoneid=self.zone.id, accountid=self.account.name, - domainid=self.account.domain.id, + domainid=self.account.domainid, serviceofferingid=self.compute_offering.id, networkids=ntwk2.id, hypervisor=self.hypervisor @@ -1492,7 +1492,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, - domainid=self.account.domain.id, + domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc1.id @@ -1501,7 +1501,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): src_nat_list = PublicIPAddress.list( self.apiclient, account=self.account.name, - domainid=self.account.domain.id, + domainid=self.account.domainid, listall=True, issourcenat=True, vpcid=vpc2.id @@ -1516,7 +1516,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): apiclient=self.apiclient, zoneid=self.zone.id, account=self.account.name, - domainid=self.account.domain.id, + domainid=self.account.domainid, services=services, networkid=ntwk2.id, vpcid=vpc2.id) @@ -1555,7 +1555,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): ip1.ipaddress, vpc1.cidr, account=self.account.name, - domainid=self.account.domain.id) + domainid=self.account.domainid) self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id) self.logger.debug(vars(customer1_response)) @@ -1566,7 +1566,7 @@ def test_01_vpc_site2site_vpn_multiple_options(self): ip2.ipaddress, vpc2.cidr, account=self.account.name, - domainid=self.account.domain.id) + domainid=self.account.domainid) self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id) self.logger.debug(vars(customer2_response))