github.com/opentelekomcloud/gophertelekomcloud@v0.9.3/acceptance/openstack/networking/v2/sgs/sg_test.go (about) 1 package sgs 2 3 import ( 4 "log" 5 "testing" 6 7 golangsdk "github.com/opentelekomcloud/gophertelekomcloud" 8 "github.com/opentelekomcloud/gophertelekomcloud/acceptance/clients" 9 "github.com/opentelekomcloud/gophertelekomcloud/openstack/common/pointerto" 10 "github.com/opentelekomcloud/gophertelekomcloud/openstack/compute/v2/extensions/secgroups" 11 "github.com/opentelekomcloud/gophertelekomcloud/openstack/networking/v2/extensions/security/rules" 12 th "github.com/opentelekomcloud/gophertelekomcloud/testhelper" 13 ) 14 15 func TestICMPSecurityGroupRules(t *testing.T) { 16 clientNetworking, err := clients.NewNetworkV2Client() 17 if err != nil { 18 t.Fatalf("Unable to create a networking client: %v", err) 19 } 20 clientCompute, err := clients.NewComputeV2Client() 21 if err != nil { 22 t.Fatalf("Unable to create a networking client: %v", err) 23 } 24 25 createSGOpts := secgroups.CreateOpts{ 26 Name: "sg-test-01", 27 Description: "desc", 28 } 29 t.Logf("Attempting to create sg: %s", createSGOpts.Name) 30 31 sg, err := secgroups.Create(clientCompute, createSGOpts).Extract() 32 th.AssertNoErr(t, err) 33 34 optsEchoReply := rules.CreateOpts{ 35 Description: "ICMP echo reply", 36 SecGroupID: sg.ID, 37 PortRangeMin: pointerto.Int(0), 38 PortRangeMax: pointerto.Int(0), 39 Direction: "ingress", 40 EtherType: "IPv4", 41 Protocol: "ICMP", 42 } 43 log.Print("[DEBUG] Create OpenTelekomCloud Neutron ICMP echo reply Security Group Rule") 44 echoReply, err := rules.Create(clientNetworking, optsEchoReply).Extract() 45 th.AssertNoErr(t, err) 46 47 getEchoReply, err := rules.Get(clientNetworking, echoReply.ID).Extract() 48 th.AssertNoErr(t, err) 49 th.AssertEquals(t, *getEchoReply.PortRangeMin, 0) 50 th.AssertEquals(t, *getEchoReply.PortRangeMax, 0) 51 52 optsAll := rules.CreateOpts{ 53 Description: "ICMP all", 54 SecGroupID: sg.ID, 55 PortRangeMin: nil, 56 PortRangeMax: nil, 57 Direction: "ingress", 58 EtherType: "IPv4", 59 Protocol: "ICMP", 60 } 61 log.Print("[DEBUG] Create OpenTelekomCloud Neutron ICMP All Security Group Rule") 62 all, err := rules.Create(clientNetworking, optsAll).Extract() 63 th.AssertNoErr(t, err) 64 65 getAll, err := rules.Get(clientNetworking, all.ID).Extract() 66 th.AssertNoErr(t, err) 67 th.AssertEquals(t, getAll.PortRangeMin, (*int)(nil)) 68 th.AssertEquals(t, getAll.PortRangeMax, (*int)(nil)) 69 70 optsEcho := rules.CreateOpts{ 71 Description: "ICMP echo", 72 SecGroupID: sg.ID, 73 PortRangeMin: pointerto.Int(8), 74 PortRangeMax: pointerto.Int(0), 75 Direction: "ingress", 76 EtherType: "IPv4", 77 Protocol: "ICMP", 78 } 79 log.Print("[DEBUG] Create OpenTelekomCloud Neutron ICMP Echo Security Group Rule") 80 echo, err := rules.Create(clientNetworking, optsEcho).Extract() 81 th.AssertNoErr(t, err) 82 83 getEcho, err := rules.Get(clientNetworking, echo.ID).Extract() 84 th.AssertNoErr(t, err) 85 th.AssertEquals(t, *getEcho.PortRangeMin, 8) 86 th.AssertEquals(t, *getEcho.PortRangeMax, 0) 87 88 optsFragment := rules.CreateOpts{ 89 Description: "ICMP Fragment need DF set", 90 SecGroupID: sg.ID, 91 PortRangeMin: pointerto.Int(3), 92 PortRangeMax: pointerto.Int(4), 93 Direction: "ingress", 94 EtherType: "IPv4", 95 Protocol: "ICMP", 96 } 97 log.Print("[DEBUG] Create OpenTelekomCloud Neutron ICMP Fragment need DF set Security Group Rule") 98 fragment, err := rules.Create(clientNetworking, optsFragment).Extract() 99 th.AssertNoErr(t, err) 100 101 getFragment, err := rules.Get(clientNetworking, fragment.ID).Extract() 102 th.AssertNoErr(t, err) 103 th.AssertEquals(t, *getFragment.PortRangeMin, 3) 104 th.AssertEquals(t, *getFragment.PortRangeMax, 4) 105 106 t.Cleanup(func() { 107 secgroups.Delete(clientCompute, sg.ID) 108 }) 109 } 110 111 func TestICMPSecurityGroupRulesV6(t *testing.T) { 112 clientNetworking, err := clients.NewNetworkV2Client() 113 if err != nil { 114 t.Fatalf("Unable to create a networking client: %v", err) 115 } 116 clientCompute, err := clients.NewComputeV2Client() 117 if err != nil { 118 t.Fatalf("Unable to create a networking client: %v", err) 119 } 120 121 createSGOpts := secgroups.CreateOpts{ 122 Name: "sg-test-v6", 123 Description: "desc", 124 } 125 t.Logf("Attempting to create sg: %s", createSGOpts.Name) 126 127 sg, err := secgroups.Create(clientCompute, createSGOpts).Extract() 128 th.AssertNoErr(t, err) 129 130 optsEchoReplyIpv6 := rules.CreateOpts{ 131 Description: "ICMPV6 echo reply", 132 SecGroupID: sg.ID, 133 PortRangeMin: pointerto.Int(0), 134 PortRangeMax: pointerto.Int(0), 135 Direction: "ingress", 136 EtherType: "IPv6", 137 Protocol: "ICMP", 138 } 139 log.Print("[DEBUG] Create OpenTelekomCloud Neutron ICMPV6 echo reply Security Group Rule") 140 ipv6, err := rules.Create(clientNetworking, optsEchoReplyIpv6).Extract() 141 th.AssertNoErr(t, err) 142 143 getV6EchoReply, err := rules.Get(clientNetworking, ipv6.ID).Extract() 144 th.AssertNoErr(t, err) 145 th.AssertEquals(t, *getV6EchoReply.PortRangeMin, 0) 146 th.AssertEquals(t, *getV6EchoReply.PortRangeMax, 0) 147 148 t.Cleanup(func() { 149 secgroups.Delete(clientCompute, sg.ID) 150 }) 151 } 152 153 func TestThrottlingSgs(t *testing.T) { 154 t.Skip("please run only manually, long test") 155 clientNetworking, err := clients.NewNetworkV2Client() 156 if err != nil { 157 t.Fatalf("Unable to create a networking client: %v", err) 158 } 159 clientCompute, err := clients.NewComputeV2Client() 160 if err != nil { 161 t.Fatalf("Unable to create a networking client: %v", err) 162 } 163 164 createSGOpts := secgroups.CreateOpts{ 165 Name: "sg-test-01", 166 Description: "desc", 167 } 168 t.Logf("Attempting to create sg: %s", createSGOpts.Name) 169 170 sg, err := secgroups.Create(clientCompute, createSGOpts).Extract() 171 th.AssertNoErr(t, err) 172 173 size := 20 174 q := make(chan []string, size) 175 for i := 0; i < size; i++ { 176 go CreateMultipleSgsRules(clientNetworking, sg.ID, 70, i, q) // nolint 177 } 178 for i := 0; i < size; i++ { 179 sgs := <-q 180 t.Log(sgs) 181 } 182 183 rulesOpts := rules.ListOpts{ 184 SecGroupID: sg.ID, 185 } 186 allPages, err := rules.List(clientNetworking, rulesOpts).AllPages() 187 th.AssertNoErr(t, err) 188 189 rls, err := rules.ExtractRules(allPages) 190 th.AssertNoErr(t, err) 191 if len(rls) == 0 { 192 t.Fatalf("empty rules list") 193 } 194 195 t.Cleanup(func() { 196 secgroups.Delete(clientCompute, sg.ID) 197 }) 198 } 199 200 func CreateMultipleSgsRules(clientV2 *golangsdk.ServiceClient, sgID string, count int, startIndex int, output chan<- []string) error { 201 i := 0 202 createdSgs := make([]string, count) 203 for i < count { 204 portRangeMin := startIndex*1000 + i 205 portRangeMax := startIndex*5000 + i 206 opts := rules.CreateOpts{ 207 Description: "description", 208 SecGroupID: sgID, 209 PortRangeMin: &portRangeMin, 210 PortRangeMax: &portRangeMax, 211 Direction: "ingress", 212 EtherType: "IPv4", 213 Protocol: "TCP", 214 } 215 log.Printf("[DEBUG] Create OpenTelekomCloud Neutron security group: %#v", opts) 216 securityGroupRule, err := rules.Create(clientV2, opts).Extract() 217 if err != nil { 218 output <- createdSgs 219 return err 220 } 221 createdSgs[i] = securityGroupRule.ID 222 i += 1 223 } 224 output <- createdSgs 225 return nil 226 }