登录 注册
开源 企业版 高校版 私有云 模力方舟 模力方舟 AI 队友
扫描微信二维码支付
取消
支付完成
Ai
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
5 Star 6 Fork 4

zstackio/zstack-vyos

代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
克隆/下载
eip_test.go 9.49 KB
一键复制 编辑 原始数据 按行查看 历史
shixin.ruan 提交于 2024-07-08 14:31 +08:00 . [root]: use openeuler image for vpc
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294
package plugin



import (

	"fmt"



	"zstack-vyos/server"

	"zstack-vyos/utils"



	. "github.com/onsi/ginkgo"

	gomega "github.com/onsi/gomega"

	log "github.com/sirupsen/logrus"

)



var _ = Describe("eip_test", func() {

	It("eip test preparing", func() {

		utils.InitLog(utils.GetVyosUtLogDir()+"eip_test.log", false)

		utils.CleanTestEnvForUT()

		SetKeepalivedStatusForUt(KeepAlivedStatus_Master)

		configureAllNicsForUT()

	})



	It("test create eip", func() {

		ipInPubL3, _ := utils.GetFreePubL3Ip()

		eip1 := eipInfo{VipIp: ipInPubL3, PublicMac: utils.PubNicForUT.Mac,

			GuestIp: "192.168.1.200", PrivateMac: utils.PrivateNicsForUT[0].Mac,

			SnatInboundTraffic: false}

		cmd1 := setEipCmd{Eip: eip1}

		log.Debugf("TestCreateEip createEip eip1: %+v", eip1)

		createEip(&cmd1)

		checkEipConfig(eip1)

		checkEipGroupAddress(eip1, true)



		// eip1, and eip2 share same guestIp

		ipInPubL3_2, _ := utils.GetFreePubL3Ip()

		eip2 := eipInfo{VipIp: ipInPubL3_2, PublicMac: utils.PubNicForUT.Mac,

			GuestIp: "192.168.1.200", PrivateMac: utils.PrivateNicsForUT[0].Mac,

			SnatInboundTraffic: false}

		cmd2 := setEipCmd{Eip: eip2}

		log.Debugf("TestCreateEip createEip eip2: %+v", eip2)

		createEip(&cmd2)

		checkEipConfig(eip2)

		checkEipGroupAddress(eip2, true)



		log.Debugf("TestCreateEip createEip again eip1: %+v", eip1)

		createEip(&cmd1)

		checkEipConfig(eip1)

		checkEipGroupAddress(eip1, true)

		log.Debugf("TestCreateEip createEip again eip2: %+v", eip2)

		createEip(&cmd2)

		checkEipConfig(eip2)

		checkEipGroupAddress(eip2, true)



		scmd := &syncEipCmd{Eips: []eipInfo{eip1, eip2}}

		log.Debugf("TestCreateEip syncEip eip1: %+v", scmd)

		syncEip(scmd)

		checkEipConfig(eip1)

		checkEipGroupAddress(eip1, true)

		checkEipConfig(eip2)

		checkEipGroupAddress(eip2, true)



		log.Debugf("TestCreateEip syncEip eip1: %+v", scmd)

		syncEip(scmd)

		checkEipConfig(eip1)

		checkEipGroupAddress(eip1, true)

		checkEipConfig(eip2)

		checkEipGroupAddress(eip2, true)



		rcmd1 := &removeEipCmd{Eip: eip1}

		log.Debugf("TestCreateEip removeEip eip1: %+v", eip1)

		removeEip(rcmd1)

		checkEipDelete(eip1)

		checkEipConfig(eip2)

		checkEipGroupAddress(eip1, true) // because eip1, eip2 share same guestIp, so guest should still in config



		log.Debugf("TestCreateEip removeEip eip1: %+v", eip1)

		removeEip(rcmd1)

		checkEipDelete(eip1)

		checkEipConfig(eip2)

		checkEipGroupAddress(eip1, true) // because eip1, eip2 share same guestIp, so guest should still in config



		log.Debugf("TestCreateEip removeEip eip2: %+v", eip2)

		rcmd2 := &removeEipCmd{Eip: eip2}

		removeEip(rcmd2)

		checkEipDelete(eip2)

		checkEipGroupAddress(eip2, false)



		log.Debugf("TestCreateEip removeEip eip2: %+v", eip2)

		removeEip(rcmd2)

		checkEipDelete(eip2)

		checkEipGroupAddress(eip2, false)



		utils.ReleasePubL3Ip(ipInPubL3)

		utils.ReleasePubL3Ip(ipInPubL3_2)

	})



	It("destroying env", func() {

		utils.CleanTestEnvForUT()

	})

})



func checkEipConfig(eip eipInfo) {

	tree := server.NewParserFromShowConfiguration().Tree



	des := makeEipDescription(eip)

	pubNic, _ := utils.GetNicNameByMac(eip.PublicMac)

	privNic, _ := utils.GetNicNameByMac(eip.PrivateMac)



	/* check eip snat rule */

	rules := tree.Getf("nat source rule")

	gomega.Expect(rules).NotTo(gomega.BeNil(), "eip check failed, because get nat source rule failed")



	ruleId := ""

	for _, rule := range rules.Children() {

		for _, r := range rule.Children() {

			if r.Name() == "description" && len(r.Values()) == 1 && r.Values()[0] == des {

				ruleId = rule.Name()

				break

			}

		}



		if ruleId == "" {

			continue

		}



		cmd := fmt.Sprintf("nat source rule %s outbound-interface %s", ruleId, pubNic)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), fmt.Sprintf("eip snat rule [%s] check failed", cmd))



		cmd = fmt.Sprintf("nat source rule %s source address %s", ruleId, eip.GuestIp)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), fmt.Sprintf("eip snat rule [%s] check failed", cmd))



		cmd = fmt.Sprintf("nat source rule %s translation address %s", ruleId, eip.VipIp)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), fmt.Sprintf("eip snat rule [%s] check failed", cmd))

	}



	gomega.Expect(ruleId).NotTo(gomega.BeNil(), fmt.Sprintf("eip [%+v] snat rule check failed", eip))



	/* check eip dnat rule */

	rules = tree.Getf("nat destination rule")

	gomega.Expect(rules).NotTo(gomega.BeNil(), "eip check failed, because get nat destination rule failed")



	ruleId = ""

	for _, rule := range rules.Children() {

		for _, r := range rule.Children() {

			if r.Name() == "description" && len(r.Values()) == 1 && r.Values()[0] == des {

				ruleId = rule.Name()

				break

			}

		}



		if ruleId == "" {

			continue

		}



		cmd := fmt.Sprintf("nat destination rule %s inbound-interface any", ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), fmt.Sprintf("eip dnat rule [%s] check failed", cmd))



		cmd = fmt.Sprintf("nat destination rule %s destination address %s", ruleId, eip.VipIp)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip dnat rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("nat destination rule %s translation address %s", ruleId, eip.GuestIp)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip dnat rule [%s] check failed", cmd)

	}



	gomega.Expect(ruleId).NotTo(gomega.Equal(""), "eip [%+v] dnat rule check failed", eip)



	/* check eip public firewall */

	eipPubMacFirewallDes := "zstack-pub-eip-firewall-rule"

	rules = tree.Getf("firewall name %s.in rule", pubNic)

	gomega.Expect(ruleId).NotTo(gomega.Equal(""), "eip [%+v] dnat rule check failed", eip)



	ruleId = ""

	for _, rule := range rules.Children() {

		for _, r := range rule.Children() {

			if r.Name() == "description" && len(r.Values()) == 1 && r.Values()[0] == eipPubMacFirewallDes {

				ruleId = rule.Name()

				break

			}

		}



		if ruleId == "" {

			continue

		}



		cmd := fmt.Sprintf("firewall name %s.in rule %s action accept", pubNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("firewall name %s.in rule %s destination group address-group eip-group", pubNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("firewall name %s.in rule %s state established enable", pubNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("firewall name %s.in rule %s state new enable", pubNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("firewall name %s.in rule %s state related enable", pubNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)

	}



	gomega.Expect(ruleId).NotTo(gomega.Equal(""), "eip [%+v] public firewall rule check failed", eip)



	/* check eip private firewall */

	eipPriMacFirewallDes := "zstack-pri-eip-firewall-rule"

	rules = tree.Getf("firewall name %s.in rule", privNic)

	gomega.Expect(rules).NotTo(gomega.BeNil(), "eip check failed, get: [firewall name %s.in rule] failed", privNic)



	ruleId = ""

	for _, rule := range rules.Children() {

		for _, r := range rule.Children() {

			if r.Name() == "description" && len(r.Values()) == 1 && r.Values()[0] == eipPriMacFirewallDes {

				ruleId = rule.Name()

				break

			}

		}



		if ruleId == "" {

			continue

		}



		cmd := fmt.Sprintf("firewall name %s.in rule %s action accept", privNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("firewall name %s.in rule %s source group address-group eip-group", privNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("firewall name %s.in rule %s state established enable", privNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("firewall name %s.in rule %s state new enable", privNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)



		cmd = fmt.Sprintf("firewall name %s.in rule %s state related enable", privNic, ruleId)

		rule = tree.Get(cmd)

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip rule [%s] check failed", cmd)

	}



	gomega.Expect(ruleId).NotTo(gomega.Equal(""), "eip [%+v] private firewall rule check failed", eip)

}



func checkEipDelete(eip eipInfo) {

	tree := server.NewParserFromShowConfiguration().Tree



	des := makeEipDescription(eip)



	/* check eip snat rule */

	r := tree.FindSnatRuleDescription(des)

	gomega.Expect(r).To(gomega.BeNil(), "eip [%+v] snat delete failed", eip)



	/* check eip dnat rule */

	gomega.Expect(r).To(gomega.BeNil(), "eip [%+v] dnat delete failed", eip)



	/* check eip public firewall will not be deleted, only firewall address group

	    rule 4002 {

	     action accept

	     description zstack-pri-eip-firewall-rule

	     source {

	         group {

	             address-group eip-group

	         }

	     }

	     state {

	         established enable

	         new enable

	         related enable

	     }

	   }

	*/

}



func checkEipGroupAddress(eip eipInfo, exist bool) {

	tree := server.NewParserFromShowConfiguration().Tree

	cmd := fmt.Sprintf("firewall group address-group eip-group address %s", eip.GuestIp)

	rule := tree.Get(cmd)

	if exist {

		gomega.Expect(rule).NotTo(gomega.BeNil(), "eip group address [%s] added failed", cmd)

	} else {

		gomega.Expect(rule).To(gomega.BeNil(), "eip group address [%s] delete failed", cmd)

	}

}
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/zstackio/zstack-vyos.git
git@gitee.com:zstackio/zstack-vyos.git
zstackio
zstack-vyos
zstack-vyos
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部