2 Documentation Test Suite for Neutron Security Group
3 Suite Setup BuiltIn.Run Keywords SetupUtils.Setup_Utils_For_Setup_And_Teardown
4 ... AND DevstackUtils.Devstack Suite Setup
5 Suite Teardown Close All Connections
6 Test Setup SetupUtils.Setup_Test_With_Logging_And_Without_Fast_Failing
7 Test Teardown Get Test Teardown Debugs
9 Library OperatingSystem
10 Library RequestsLibrary
12 Resource ../../../libraries/DevstackUtils.robot
13 Resource ../../../libraries/SetupUtils.robot
14 Resource ../../../variables/Variables.robot
18 ${DESCRIPTION} --description "new security group 1"
19 ${VERIFY_DESCRIPTION} new security group 1
20 ${VERIFY_NAME} SSH_UPDATED
21 ${NAME_UPDATE} --name SSH_UPDATED
22 ${SECURITY_FALSE} --port-security-enabled false
23 ${SECURITY_TRUE} --port-security-enabled true
24 ${SEC_GROUP} /restconf/config/neutron:neutron/security-groups/
25 ${SEC_RULE} /restconf/config/neutron:neutron/security-rules/
26 ${ADD_ARG_SSH} --direction ingress --ethertype IPv4 --port_range_max 22 --port_range_min 22 --protocol tcp
27 @{NETWORK} net1 net2 net3 net4 net5 net6 net7
29 @{SUBNET} sub1 sub2 sub3 sub4 sub5 sub6 sub7
31 @{IP_SUBNET} 20.2.1.0/24 20.2.2.0/24 20.2.3.0/24 20.2.4.0/24 20.2.5.0/24 20.2.6.0/24
32 @{PORT} port01 port02 port03 port04 port05 port06 port07
33 ... port08 port09 port10
34 ${SECURITY_GROUPS} --security-group
35 @{SGP_SSH} SSH1 SSH2 SSH3 SSH4 SSH5 SSH6 SSH7
37 ${ADD_ARG_SSH5} --direction ingress --ethertype IPv4 --port_range_max 20 --port_range_min 25 --protocol tcp
38 @{ADD_PARAMS} ingression IPv4 20 25 tcp
39 ${ADD_ARG_SSH6} --direction ingress --ethertype IPv4 --port_range_max 25 --port_range_min -1 --protocol tcp
40 ${ADD_ARG_SSH7} --direction ingress --ethertype IPv4 --port_range_max -1 --port_range_min 20 --protocol tcp
41 ${PORT_RANGE_ERROR} For TCP/UDP protocols, port_range_min must be <= port_range_max
42 ${INVALID_PORT_RANGE_MIN} Invalid value for port
45 TC01_Update Security Group description and Name
46 [Documentation] This test case validates the security group creation with optional parameter description, Update Security Group description and name
48 Create Security Group and Validate ${SGP_SSH[0]}
49 Create Security Rule and Validate ${SGP_SSH[0]} direction=${ADD_PARAMS[0]} ethertype=${ADD_PARAMS[1]} port_range_max=${ADD_PARAMS[3]} port_range_min=${ADD_PARAMS[2]} protocol=${ADD_PARAMS[4]}
50 Get Flows ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
51 Neutron Setup Creation ${NETWORK[0]} ${SUBNET[0]} ${IP_SUBNET[0]} ${PORT[0]} ${PORT[1]} ${SECURITY_GROUPS}
53 Security group verification on Neutron port ${PORT[0]} ${SGP_ID}
54 Security group verification on Neutron port ${PORT[1]} ${SGP_ID}
55 Update Security Group Description and Verification ${SGP_ID} ${DESCRIPTION} ${VERIFY_DESCRIPTION}
56 Update Security Group Name and Verification ${SGP_ID} ${NAME_UPDATE} ${VERIFY_NAME}
58 TC02_Create Security Rule with port_range_min > port_range_max
59 [Documentation] This test case validates the security group and rule creation with optional parameters Create Security Rule with port_range_min greater than port_range_max
61 Create Security Group and Validate ${SGP_SSH[1]}
62 Get Flows ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
63 Neutron Rule Creation With Invalid Parameters ${SGP_SSH[1]} ${ADD_ARG_SSH5} ${PORT_RANGE_ERROR}
65 TC03_Create Security Rule with port_range_min = -1
66 [Documentation] This test case validates the security group and rule creation with optional parameters, Create Security Rule with port_range_min = -1
68 Create Security Group and Validate ${SGP_SSH[2]}
69 Get Flows ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
70 Neutron Rule Creation With Invalid Parameters ${SGP_SSH[2]} ${ADD_ARG_SSH6} ${INVALID_PORT_RANGE_MIN}
72 TC04_Create Security Rule with port_range_max = -1
73 [Documentation] This test case validates the security group and rule creation with optional parameters, Create Security Rule with port_range_max = -1
75 Create Security Group and Validate ${SGP_SSH[3]}
76 Get Flows ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
77 Neutron Rule Creation With Invalid Parameters ${SGP_SSH[3]} ${ADD_ARG_SSH7} ${INVALID_PORT_RANGE_MIN}
81 [Arguments] ${OS_COMPUTE_1_IP} ${OS_COMPUTE_2_IP}
82 [Documentation] Get the Flows from DPN1 and DPN2
83 ${resp}= Run Command On Remote System And Log ${OS_COMPUTE_1_IP} sudo ovs-ofctl dump-flows br-int -O OpenFlow13
84 ${resp}= Run Command On Remote System And Log ${OS_COMPUTE_1_IP} sudo ovs-ofctl dump-groups br-int -OOpenflow13
85 ${resp}= Run Command On Remote System And Log ${OS_COMPUTE_2_IP} sudo ovs-ofctl dump-flows br-int -O OpenFlow13
86 ${resp}= Run Command On Remote System And Log ${OS_COMPUTE_2_IP} sudo ovs-ofctl dump-groups br-int -OOpenflow13
88 Create Security Group and Validate
89 [Arguments] ${SGP_SSH}
90 [Documentation] Create Security Group and Validate
91 ${OUTPUT} ${SGP_ID} Neutron Security Group Create ${SGP_SSH}
92 Set Global Variable ${SGP_ID}
93 Log "Verifying the security group"
94 ${resp} RequestsLibrary.Get Request session ${SEC_GROUP}
96 Should Be Equal As Strings ${resp.status_code} ${RESP_CODE}
97 Should Contain ${resp.content} ${SGP_SSH}
99 Create Security Rule and Validate
100 [Arguments] ${SGP_SSH} &{Kwargs}
101 [Documentation] Create Security Rule and Validate
102 ${OUTPUT} ${RULE_ID} Neutron Security Group Rule Create ${SGP_SSH}
103 Set Global Variable ${RULE_ID}
104 ${resp} RequestsLibrary.Get Request session ${SEC_RULE}
106 Should Be Equal As Strings ${resp.status_code} ${RESP_CODE}
107 Should Contain ${resp.content} ${RULE_ID}
109 Neutron Setup Creation
110 [Arguments] ${NETWORK} ${SUBNET} ${IP_SUBNET} ${PORT1} ${PORT2} ${SECURITY_GROUPS}
112 [Documentation] Neutron Setup Creation
113 ${net_id} Create Network ${NETWORK}
114 Set Global Variable ${net_id}
115 ${subnet_id} Create SubNet ${NETWORK} ${SUBNET} ${IP_SUBNET}
116 Set Global Variable ${subnet_id}
117 ${ADD_ARGMS}= Set Variable ${SECURITY_GROUPS} ${SGP_ID}
118 ${port_id} Create Neutron Port With Additional Params ${NETWORK} ${PORT1} ${ADD_ARGMS}
119 ${port_id} Create Neutron Port With Additional Params ${NETWORK} ${PORT2} ${ADD_ARGMS}
121 Security group verification on Neutron port
122 [Arguments] ${PORT} ${SGP_ID}
123 [Documentation] Security group verification on Neutron port
124 ${PORT_SHOW} Neutron Port Show ${PORT}
125 Should Contain ${PORT_SHOW} ${SGP_ID}
127 Update Security Group Description and Verification
128 [Arguments] ${SGP_ID} ${DESCRIPTION} ${VERIFY_DESCRIPTION}
129 [Documentation] Update Security Group Description and Verification
130 ${output} Neutron Security Group Update ${SGP_ID} ${DESCRIPTION}
131 ${output} Neutron Security Group Show ${SGP_ID}
132 Should Contain ${output} ${VERIFY_DESCRIPTION}
134 Update Security Group Name and Verification
135 [Arguments] ${SGP_ID} ${NAME_UPDATE} ${VERIFY_NAME}
136 [Documentation] Update Security Group Name and Verification
137 ${output} Neutron Security Group Update ${SGP_ID} ${NAME_UPDATE}
138 ${output} Neutron Security Group Show ${SGP_ID}
139 Should Contain ${output} ${VERIFY_NAME}
140 ${resp} RequestsLibrary.Get Request session ${SEC_GROUP}
142 Should Be Equal As Strings ${resp.status_code} ${RESP_CODE}
143 Should Contain ${resp.content} ${VERIFY_NAME}
145 Neutron Rule Creation With Invalid Parameters
146 [Arguments] ${SecurityGroupName} ${additional_args} ${EXPECTED_ERROR}
147 [Documentation] Neutron Rule Creation With Null Protocol
148 ${rc} ${output}= Run And Return Rc And Output neutron security-group-rule-create ${SecurityGroupName} ${additional_args}
150 Should Contain ${output} ${EXPECTED_ERROR}