From 233683de57527f477bf7e8d042a5f3d1f08c7744 Mon Sep 17 00:00:00 2001 From: selias Date: Fri, 7 Oct 2016 13:43:45 +0200 Subject: CSIT-427: Honeycomb ietf-ACL tests - L2 - add keywords for accessing Honeycomb's ietf-acl node - add variable file with ietf-acl test data - add ietf-acl traffic test suite - modify bridge domain teardown keyword to unassign interfaces from the bridge domain before delete Change-Id: I6df1771f2fb9b42f30b5af8f54a384c6714f5949 Signed-off-by: selias --- resources/libraries/python/honeycomb/HcAPIKwACL.py | 152 +++++++++++++++++++++ .../python/honeycomb/HcAPIKwBridgeDomain.py | 4 +- .../python/honeycomb/HcAPIKwInterfaces.py | 50 ++++++- resources/libraries/python/topology.py | 2 +- 4 files changed, 202 insertions(+), 6 deletions(-) (limited to 'resources/libraries/python') diff --git a/resources/libraries/python/honeycomb/HcAPIKwACL.py b/resources/libraries/python/honeycomb/HcAPIKwACL.py index c11e325194..1042adc872 100644 --- a/resources/libraries/python/honeycomb/HcAPIKwACL.py +++ b/resources/libraries/python/honeycomb/HcAPIKwACL.py @@ -14,6 +14,7 @@ """This module implements keywords to manipulate ACL data structures using Honeycomb REST API.""" +from resources.libraries.python.topology import Topology from resources.libraries.python.HTTPRequest import HTTPCodes from resources.libraries.python.honeycomb.HoneycombSetup import HoneycombError from resources.libraries.python.honeycomb.HoneycombUtil \ @@ -262,3 +263,154 @@ class ACLKeywords(object): return resp["classify-session"][0] except (KeyError, TypeError): return {} + + @staticmethod + def create_ietf_classify_chain(node, list_name, layer, data): + """Create classify chain using the ietf-acl node. + + :param node: Honeycomb node. + :param list_name: Name for the classify list. + :param layer: Network layer to classify on. + :param data: Dictionary of settings to send to Honeycomb. + :type node: dict + :type list_name: str + :type layer: string + :type data: dict + + :return: Content of response. + :rtype: bytearray + :raises HoneycombError: If the operation fails. + """ + if layer.lower() == "l2": + suffix = "eth" + elif layer.lower() in ("l3_ip4", "l3_ip6", "l4"): + raise NotImplementedError + else: + raise ValueError("Unexpected value of layer argument {0}." + "Valid options are: L2, L3_IP4, L3_IP6, L4." + .format(layer)) + + path = "/acl/ietf-access-control-list:{0}-acl/{1}".format( + suffix, list_name) + + status_code, resp = HcUtil.put_honeycomb_data( + node, "config_ietf_classify_chain", data, path) + + if status_code != HTTPCodes.OK: + raise HoneycombError( + "Could not create classify chain." + "Status code: {0}.".format(status_code)) + + return resp + + @staticmethod + def set_ietf_interface_acl(node, interface, layer, direction, list_name, + default_action): + """Assign an interface to an ietf-acl classify chain. + + :param node: Honeycomb node. + :param interface: Name of an interface on the node. + :param layer: Network layer to classify packets on. + Valid options are: L2, L3, L4. Mixed ACL not supported yet. + :param direction: Classify incoming or outgiong packets. + Valid options are: ingress, egress + :param list_name: Name of an ietf-acl classify chain. + :param default_action: Default classifier action: permit or deny. + :type node: dict + :type interface: str or int + :type layer: str + :type direction: str + :type list_name: str + :type default_action: str + + :return: Content of response. + :rtype: bytearray + :raises HoneycombError: If the operation fails. + """ + + interface = Topology.convert_interface_reference( + node, interface, "name") + + interface = interface.replace("/", "%2F") + + if direction not in ("ingress", "egress"): + raise ValueError("Unknown traffic direction {0}. " + "Valid options are: ingress, egress." + .format(direction)) + + path = "/interface/{0}/ietf-acl/{1}/access-lists".format( + interface, direction) + + data = { + "access-lists": { + "acl": [{ + "type": None, + "name": list_name + }], + "default-action": default_action, + "mode": None + } + } + + acl_type = "ietf-access-control-list:{suffix}-acl" + + if layer.lower() == "l2": + data["access-lists"]["mode"] = "l2" + data["access-lists"]["acl"][0]["type"] = \ + acl_type.format(suffix="eth") + + elif layer.lower() in ("l3_ip4", "l3_ip6", "L4"): + raise NotImplementedError + else: + raise ValueError("Unknown network layer {0}. " + "Valid options are: " + "L2, L3_IP4, L3_IP6, L4.".format(layer)) + + status_code, resp = HcUtil.put_honeycomb_data( + node, "config_vpp_interfaces", data, path) + + if status_code != HTTPCodes.OK: + raise HoneycombError( + "Could not configure ACL on interface. " + "Status code: {0}.".format(status_code)) + + return resp + + @staticmethod + def delete_ietf_interface_acls(node, interface): + """Remove all ietf-acl assignments from an interface. + + :param node: Honeycomb node. + :param interface: Name of an interface on the node. + :type node: dict + :type interface: str or int""" + + interface = Topology.convert_interface_reference( + node, interface, "name") + + interface = interface.replace("/", "%2F") + + path = "/interface/{0}/ietf-acl/".format(interface) + status_code, _ = HcUtil.delete_honeycomb_data( + node, "config_vpp_interfaces", path) + + if status_code != HTTPCodes.OK: + raise HoneycombError( + "Could not remove ACL assignment from interface. " + "Status code: {0}.".format(status_code)) + + @staticmethod + def delete_ietf_classify_chains(node): + """Remove all classify chains from the ietf-acl node. + + :param node: Honeycomb node. + :type node: dict + """ + + status_code, _ = HcUtil.delete_honeycomb_data( + node, "config_ietf_classify_chain") + + if status_code != HTTPCodes.OK: + raise HoneycombError( + "Could not remove ietf-acl chain. " + "Status code: {0}.".format(status_code)) diff --git a/resources/libraries/python/honeycomb/HcAPIKwBridgeDomain.py b/resources/libraries/python/honeycomb/HcAPIKwBridgeDomain.py index e3fd6fb4fc..f156f096e3 100644 --- a/resources/libraries/python/honeycomb/HcAPIKwBridgeDomain.py +++ b/resources/libraries/python/honeycomb/HcAPIKwBridgeDomain.py @@ -254,7 +254,7 @@ class BridgeDomainKeywords(object): bridge_domain) @staticmethod - def remove_all_bds(node): + def remove_all_bridge_domains(node): """Remove all bridge domains. :param node: Honeycomb node. @@ -266,8 +266,10 @@ class BridgeDomainKeywords(object): """ data = {"bridge-domains": {"bridge-domain": []}} + status_code, resp = HcUtil.\ put_honeycomb_data(node, "config_bridge_domain", data) + if status_code != HTTPCodes.OK: raise HoneycombError("Not possible to remove all bridge domains. " "Status code: {0}.".format(status_code)) diff --git a/resources/libraries/python/honeycomb/HcAPIKwInterfaces.py b/resources/libraries/python/honeycomb/HcAPIKwInterfaces.py index fdb9b90eb3..83267b5e55 100644 --- a/resources/libraries/python/honeycomb/HcAPIKwInterfaces.py +++ b/resources/libraries/python/honeycomb/HcAPIKwInterfaces.py @@ -16,7 +16,7 @@ The keywords make possible to put and get configuration data and to get operational data. """ - +from resources.libraries.python.topology import Topology from resources.libraries.python.HTTPRequest import HTTPCodes from resources.libraries.python.honeycomb.HoneycombSetup import HoneycombError from resources.libraries.python.honeycomb.HoneycombUtil \ @@ -222,7 +222,7 @@ class InterfaceKeywords(object): depending on the parameter "state". :param node: Honeycomb node. - :param interface: The name of interface. + :param interface: Interface name, key, link name or sw_if_index. :param state: The requested state, only "up" and "down" are valid values. :type node: dict @@ -237,6 +237,9 @@ class InterfaceKeywords(object): intf_state = {"up": "true", "down": "false"} + interface = Topology.convert_interface_reference( + node, interface, "name") + intf = interface.replace("/", "%2F") path = "/interface/{0}".format(intf) @@ -292,7 +295,7 @@ class InterfaceKeywords(object): """Add a new bridge domain to an interface and set its parameters. :param node: Honeycomb node. - :param interface: The name of interface. + :param interface: Interface name, key, link name or sw_if_index. :param bd_name: Bridge domain name. :param split_horizon_group: Split-horizon group name. :param bvi: The bridged virtual interface. @@ -306,6 +309,9 @@ class InterfaceKeywords(object): :raises HoneycombError: If the interface is not present on the node. """ + interface = Topology.convert_interface_reference( + node, interface, "name") + v3po_l2 = {"bridge-domain": str(bd_name)} if split_horizon_group: v3po_l2["split-horizon-group"] = str(split_horizon_group) @@ -317,6 +323,33 @@ class InterfaceKeywords(object): return InterfaceKeywords._set_interface_properties( node, interface, path, v3po_l2) + @staticmethod + def remove_bridge_domain_from_interface(node, interface): + """Remove bridge domain assignment from interface. + + :param node: Honeycomb node. + :param interface: Interface name, key, link name or sw_if_index. + :type node: dict + :type interface: str or int + + :raises HoneycombError: If the operation fails. + """ + + interface = Topology.convert_interface_reference( + node, interface, "name") + + intf = interface.replace("/", "%2F") + + path = "/interface/{0}/v3po:l2".format(intf) + + status_code, _ = HcUtil.delete_honeycomb_data( + node, "config_vpp_interfaces", path) + + if status_code != HTTPCodes.OK: + raise HoneycombError( + "Could not remove bridge domain assignment from interface " + "'{0}'. Status code: {1}.".format(interface, status_code)) + @staticmethod def get_bd_oper_data_from_interface(node, interface): """Returns operational data about bridge domain settings in the @@ -367,7 +400,7 @@ class InterfaceKeywords(object): @staticmethod def configure_interface_ipv4(node, interface, param, value): - """Configure IPv4 parameters of interface + """Configure IPv4 parameters of interface. :param node: Honeycomb node. :param interface: The name of interface. @@ -383,6 +416,9 @@ class InterfaceKeywords(object): :raises HoneycombError: If the parameter is not valid. """ + interface = Topology.convert_interface_reference( + node, interface, "name") + if param not in InterfaceKeywords.IPV4_PARAMS: raise HoneycombError("The parameter {0} is invalid.".format(param)) @@ -410,6 +446,9 @@ class InterfaceKeywords(object): :raises HoneycombError: If the provided netmask or prefix is not valid. """ + interface = Topology.convert_interface_reference( + node, interface, "name") + path = ("interfaces", ("interface", "name", interface), "ietf-ip:ipv4") if isinstance(network, basestring): address = {"address": [{"ip": ip_addr, "netmask": network}, ]} @@ -438,6 +477,9 @@ class InterfaceKeywords(object): :raises HoneycombError: If the provided netmask or prefix is not valid. """ + interface = Topology.convert_interface_reference( + node, interface, "name") + path = ("interfaces", ("interface", "name", interface), "ietf-ip:ipv4", "address") if isinstance(network, basestring): diff --git a/resources/libraries/python/topology.py b/resources/libraries/python/topology.py index 0b40967ef2..5884ddf743 100644 --- a/resources/libraries/python/topology.py +++ b/resources/libraries/python/topology.py @@ -372,7 +372,7 @@ class Topology(object): :return: Interface key. :rtype: str - :raises TypeError: If provided with invalid arguments. + :raises TypeError: If provided with invalid interface argument. :raises RuntimeError: If the interface does not exist in topology. """ -- cgit 1.2.3-korg