github.com/vmware/go-vcloud-director/v2@v2.24.0/govcd/edgegateway_test.go (about) 1 //go:build gateway || functional || ALL 2 3 /* 4 * Copyright 2019 VMware, Inc. All rights reserved. Licensed under the Apache v2 License. 5 */ 6 7 package govcd 8 9 import ( 10 "regexp" 11 "strings" 12 13 "github.com/vmware/go-vcloud-director/v2/types/v56" 14 . "gopkg.in/check.v1" 15 ) 16 17 func (vcd *TestVCD) Test_RefreshEdgeGateway(check *C) { 18 if vcd.config.VCD.EdgeGateway == "" { 19 check.Skip("Skipping test because no edge gateway given") 20 } 21 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 22 check.Assert(err, IsNil) 23 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 24 copyEdge := edge 25 err = edge.Refresh() 26 check.Assert(err, IsNil) 27 check.Assert(copyEdge.EdgeGateway.Name, Equals, edge.EdgeGateway.Name) 28 check.Assert(copyEdge.EdgeGateway.HREF, Equals, edge.EdgeGateway.HREF) 29 } 30 31 // TODO: Add a check for the final state of the mapping 32 func (vcd *TestVCD) Test_NATMapping(check *C) { 33 if vcd.config.VCD.ExternalIp == "" || vcd.config.VCD.InternalIp == "" { 34 check.Skip("Skipping test because no valid ip given") 35 } 36 if vcd.config.VCD.EdgeGateway == "" { 37 check.Skip("Skipping test because no edge gateway given") 38 } 39 if vcd.config.VCD.Network.Net1 == "" { 40 check.Skip("Skipping test because no network was given") 41 } 42 43 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 44 check.Assert(err, IsNil) 45 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 46 47 orgVdcNetwork, err := vcd.vdc.GetOrgVdcNetworkByName(vcd.config.VCD.Network.Net1, false) 48 check.Assert(err, IsNil) 49 check.Assert(orgVdcNetwork.OrgVDCNetwork.Name, Equals, vcd.config.VCD.Network.Net1) 50 51 task, err := edge.AddNATRule(orgVdcNetwork.OrgVDCNetwork, "DNAT", vcd.config.VCD.ExternalIp, vcd.config.VCD.InternalIp) 52 check.Assert(err, IsNil) 53 err = task.WaitTaskCompletion() 54 check.Assert(err, IsNil) 55 56 err = edge.Refresh() 57 check.Assert(err, IsNil) 58 found := false 59 var rule *types.NatRule 60 for _, r := range edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule { 61 if r.RuleType == "DNAT" && r.GatewayNatRule.Interface.Name == orgVdcNetwork.OrgVDCNetwork.Name { 62 found = true 63 rule = r 64 } 65 } 66 67 check.Assert(found, Equals, true) 68 check.Assert(rule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.InternalIp) 69 check.Assert(rule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.ExternalIp) 70 71 //task, err = edge.Remove1to1Mapping(vcd.config.VCD.InternalIp, vcd.config.VCD.ExternalIp) 72 // Cause Remove1to1Mapping isn't working correctly we will use new function 73 err = edge.RemoveNATRule(rule.ID) 74 check.Assert(err, IsNil) 75 err = task.WaitTaskCompletion() 76 check.Assert(err, IsNil) 77 } 78 79 // TODO: Add a check for the final state of the mapping 80 func (vcd *TestVCD) Test_NATPortMapping(check *C) { 81 if vcd.config.VCD.ExternalIp == "" || vcd.config.VCD.InternalIp == "" { 82 check.Skip("Skipping test because no valid ip given") 83 } 84 if vcd.config.VCD.EdgeGateway == "" { 85 check.Skip("Skipping test because no edge gateway given") 86 } 87 if vcd.config.VCD.Network.Net1 == "" { 88 check.Skip("Skipping test because no network was given") 89 } 90 91 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 92 check.Assert(err, IsNil) 93 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 94 95 orgVdcNetwork, err := vcd.vdc.GetOrgVdcNetworkByName(vcd.config.VCD.Network.Net1, false) 96 check.Assert(err, IsNil) 97 check.Assert(orgVdcNetwork.OrgVDCNetwork.Name, Equals, vcd.config.VCD.Network.Net1) 98 99 task, err := edge.AddNATPortMappingWithUplink(orgVdcNetwork.OrgVDCNetwork, "DNAT", vcd.config.VCD.ExternalIp, "1177", vcd.config.VCD.InternalIp, "77", "TCP", "") 100 check.Assert(err, IsNil) 101 err = task.WaitTaskCompletion() 102 check.Assert(err, IsNil) 103 104 err = edge.Refresh() 105 check.Assert(err, IsNil) 106 found := false 107 var rule *types.NatRule 108 for _, r := range edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule { 109 if r.RuleType == "DNAT" && r.GatewayNatRule.Interface.Name == orgVdcNetwork.OrgVDCNetwork.Name { 110 found = true 111 rule = r 112 } 113 } 114 115 check.Assert(found, Equals, true) 116 check.Assert(rule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.InternalIp) 117 check.Assert(rule.GatewayNatRule.TranslatedPort, Equals, "77") 118 check.Assert(rule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.ExternalIp) 119 check.Assert(rule.GatewayNatRule.OriginalPort, Equals, "1177") 120 check.Assert(rule.GatewayNatRule.Protocol, Equals, "tcp") 121 check.Assert(rule.GatewayNatRule.IcmpSubType, Equals, "") 122 123 //task, err = edge.Remove1to1Mapping(vcd.config.VCD.InternalIp, vcd.config.VCD.ExternalIp) 124 // Cause Remove1to1Mapping isn't working correctly we will use new function 125 err = edge.RemoveNATRule(rule.ID) 126 127 check.Assert(err, IsNil) 128 err = task.WaitTaskCompletion() 129 check.Assert(err, IsNil) 130 } 131 132 // TODO: Add a check for the final state of the mapping 133 func (vcd *TestVCD) Test_1to1Mappings(check *C) { 134 if vcd.config.VCD.ExternalIp == "" || vcd.config.VCD.InternalIp == "" { 135 check.Skip("Skipping test because no valid ip given") 136 } 137 if vcd.config.VCD.EdgeGateway == "" { 138 check.Skip("Skipping test because no edgegatway given") 139 } 140 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 141 check.Assert(err, IsNil) 142 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 143 task, err := edge.Create1to1Mapping(vcd.config.VCD.InternalIp, vcd.config.VCD.ExternalIp, "description") 144 check.Assert(err, IsNil) 145 err = task.WaitTaskCompletion() 146 check.Assert(err, IsNil) 147 task, err = edge.Remove1to1Mapping(vcd.config.VCD.InternalIp, vcd.config.VCD.ExternalIp) 148 check.Assert(err, IsNil) 149 err = task.WaitTaskCompletion() 150 check.Assert(err, IsNil) 151 } 152 153 func (vcd *TestVCD) Test_AddIpsecVPN(check *C) { 154 if vcd.config.VCD.ExternalIp == "" { 155 check.Skip("Skipping test because no valid ip given") 156 } 157 if vcd.config.VCD.EdgeGateway == "" { 158 check.Skip("Skipping test because no edgegatway given") 159 } 160 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 161 check.Assert(err, IsNil) 162 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 163 164 // Check that the minimal input is included 165 check.Assert(vcd.config.VCD.InternalIp, Not(Equals), "") 166 check.Assert(vcd.config.VCD.InternalNetmask, Not(Equals), "") 167 check.Assert(vcd.config.VCD.ExternalIp, Not(Equals), "") 168 check.Assert(vcd.config.VCD.ExternalNetmask, Not(Equals), "") 169 170 tunnel := &types.GatewayIpsecVpnTunnel{ 171 Name: "TestVPN_API", 172 Description: "Testing VPN Creation", 173 EncryptionProtocol: "AES", 174 SharedSecret: "MadeUpWords", // MANDATORY 175 LocalIPAddress: vcd.config.VCD.ExternalIp, // MANDATORY 176 LocalID: vcd.config.VCD.ExternalIp, // MANDATORY 177 PeerIPAddress: vcd.config.VCD.InternalIp, // MANDATORY 178 PeerID: vcd.config.VCD.InternalIp, // MANDATORY 179 IsEnabled: true, 180 LocalSubnet: []*types.IpsecVpnSubnet{ 181 &types.IpsecVpnSubnet{ 182 Name: vcd.config.VCD.ExternalIp, 183 Gateway: vcd.config.VCD.ExternalIp, // MANDATORY 184 Netmask: vcd.config.VCD.ExternalNetmask, // MANDATORY 185 }, 186 }, 187 PeerSubnet: []*types.IpsecVpnSubnet{ 188 &types.IpsecVpnSubnet{ 189 Name: vcd.config.VCD.InternalIp, 190 Gateway: vcd.config.VCD.InternalIp, // MANDATORY 191 Netmask: vcd.config.VCD.InternalNetmask, // MANDATORY 192 }, 193 }, 194 } 195 tunnels := make([]*types.GatewayIpsecVpnTunnel, 1) 196 tunnels[0] = tunnel 197 ipsecVPNConfig := &types.EdgeGatewayServiceConfiguration{ 198 GatewayIpsecVpnService: &types.GatewayIpsecVpnService{ 199 IsEnabled: true, 200 Tunnel: tunnels, 201 }, 202 } 203 204 // Configures VPN service 205 task, err := edge.AddIpsecVPN(ipsecVPNConfig) 206 check.Assert(err, IsNil) 207 err = task.WaitTaskCompletion() 208 check.Assert(err, IsNil) 209 210 // To check the effects of service configuration, we need to reload the edge gateway entity 211 err = edge.Refresh() 212 check.Assert(err, IsNil) 213 214 // We expect an enabled service, and non-null tunnel and endpoint 215 newConf := edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration 216 newConfState := newConf.GatewayIpsecVpnService.IsEnabled 217 newConfTunnel := newConf.GatewayIpsecVpnService.Tunnel 218 219 // TODO: assumption about not nil endpoints doesn't hold for all vCD versions and configurations 220 // Needs research 221 //newConfEndpoint := newConf.GatewayIpsecVpnService.Endpoint 222 check.Assert(newConfState, Equals, true) 223 check.Assert(newConfTunnel, NotNil) 224 // check.Assert(newConfEndpoint, NotNil) 225 226 // Removes VPN service 227 task, err = edge.RemoveIpsecVPN() 228 check.Assert(err, IsNil) 229 err = task.WaitTaskCompletion() 230 check.Assert(err, IsNil) 231 232 // To check the effects of service configuration, we need to reload the edge gateway entity 233 err = edge.Refresh() 234 check.Assert(err, IsNil) 235 236 // We expect a disabled service, and null tunnel and endpoint 237 afterDeletionConf := edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration 238 newConfState = afterDeletionConf.GatewayIpsecVpnService.IsEnabled 239 newConfTunnel = afterDeletionConf.GatewayIpsecVpnService.Tunnel 240 newConfEndpoint := afterDeletionConf.GatewayIpsecVpnService.Endpoint 241 check.Assert(newConfState, Equals, false) 242 check.Assert(newConfTunnel, IsNil) 243 check.Assert(newConfEndpoint, IsNil) 244 } 245 246 func (vcd *TestVCD) TestEdgeGateway_GetNetworks(check *C) { 247 if vcd.config.VCD.EdgeGateway == "" { 248 check.Skip("Skipping test because no edge gatway given") 249 } 250 if vcd.config.VCD.ExternalNetwork == "" { 251 check.Skip("Skipping test because no external network given") 252 } 253 if vcd.config.VCD.Network.Net1 == "" { 254 check.Skip("Skipping test because no network given") 255 } 256 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 257 check.Assert(err, IsNil) 258 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 259 network, err := vcd.vdc.GetOrgVdcNetworkByName(vcd.config.VCD.Network.Net1, false) 260 check.Assert(err, IsNil) 261 isRouted := false 262 // If the network is not linked to the edge gateway, we won't check for its name in the network list 263 if network.OrgVDCNetwork.EdgeGateway != nil { 264 isRouted = true 265 } 266 267 var networkList []SimpleNetworkIdentifier 268 networkList, err = edge.GetNetworks() 269 check.Assert(err, IsNil) 270 foundExternalNetwork := false 271 foundNetwork := false 272 for _, net := range networkList { 273 if net.Name == vcd.config.VCD.ExternalNetwork && net.InterfaceType == "uplink" { 274 foundExternalNetwork = true 275 } 276 if net.Name == vcd.config.VCD.Network.Net1 && net.InterfaceType == "internal" { 277 foundNetwork = true 278 } 279 } 280 check.Assert(foundExternalNetwork, Equals, true) 281 if isRouted { 282 check.Assert(foundNetwork, Equals, true) 283 } 284 285 } 286 287 func (vcd *TestVCD) Test_AddSNATRule(check *C) { 288 vcd.skipIfNotSysAdmin(check) 289 if vcd.config.VCD.ExternalIp == "" || vcd.config.VCD.InternalIp == "" { 290 check.Skip("Skipping test because no valid ip given") 291 } 292 if vcd.config.VCD.ExternalNetwork == "" { 293 check.Skip("Skipping test because no external network given") 294 } 295 if vcd.config.VCD.EdgeGateway == "" { 296 check.Skip("Skipping test because no edge gateway given") 297 } 298 if vcd.config.VCD.Network.Net1 == "" { 299 check.Skip("Skipping test because no network was given") 300 } 301 302 description1 := "my Description 1" 303 description2 := "my Description 2" 304 305 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 306 check.Assert(err, IsNil) 307 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 308 309 orgVdcNetwork, err := vcd.vdc.GetOrgVdcNetworkByName(vcd.config.VCD.Network.Net1, false) 310 check.Assert(err, IsNil) 311 check.Assert(orgVdcNetwork.OrgVDCNetwork.Name, Equals, vcd.config.VCD.Network.Net1) 312 313 externalNetwork, err := vcd.client.GetExternalNetworkByName(vcd.config.VCD.ExternalNetwork) 314 check.Assert(err, IsNil) 315 check.Assert(externalNetwork, NotNil) 316 check.Assert(externalNetwork.ExternalNetwork.Name, Equals, vcd.config.VCD.ExternalNetwork) 317 318 beforeChangeNatRulesNumber := len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule) 319 320 natRule, err := edge.AddSNATRule(orgVdcNetwork.OrgVDCNetwork.HREF, vcd.config.VCD.ExternalIp, vcd.config.VCD.InternalIp, description1) 321 check.Assert(err, IsNil) 322 323 check.Assert(natRule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.InternalIp) 324 check.Assert(natRule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.ExternalIp) 325 check.Assert(natRule.Description, Equals, description1) 326 check.Assert(natRule.RuleType, Equals, "SNAT") 327 check.Assert(strings.Split(natRule.GatewayNatRule.Interface.HREF, "network/")[1], Equals, strings.Split(orgVdcNetwork.OrgVDCNetwork.HREF, "network/")[1]) 328 329 err = edge.RemoveNATRule(natRule.ID) 330 check.Assert(err, IsNil) 331 332 // verify delete 333 err = edge.Refresh() 334 check.Assert(err, IsNil) 335 336 check.Assert(len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule), Equals, beforeChangeNatRulesNumber) 337 338 // check with external network 339 natRule, err = edge.AddSNATRule(externalNetwork.ExternalNetwork.HREF, vcd.config.VCD.InternalIp, vcd.config.VCD.ExternalIp, description2) 340 check.Assert(err, IsNil) 341 342 check.Assert(natRule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.ExternalIp) 343 check.Assert(natRule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.InternalIp) 344 check.Assert(natRule.Description, Equals, description2) 345 check.Assert(natRule.RuleType, Equals, "SNAT") 346 check.Assert(strings.Split(natRule.GatewayNatRule.Interface.HREF, "network/")[1], Equals, strings.Split(externalNetwork.ExternalNetwork.HREF, "externalnet/")[1]) 347 348 err = edge.RemoveNATRule(natRule.ID) 349 check.Assert(err, IsNil) 350 351 // verify delete 352 err = edge.Refresh() 353 check.Assert(err, IsNil) 354 355 check.Assert(len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule), Equals, beforeChangeNatRulesNumber) 356 357 } 358 359 func (vcd *TestVCD) Test_AddDNATRule(check *C) { 360 vcd.skipIfNotSysAdmin(check) 361 if vcd.config.VCD.ExternalIp == "" || vcd.config.VCD.InternalIp == "" { 362 check.Skip("Skipping test because no valid ip given") 363 } 364 if vcd.config.VCD.ExternalNetwork == "" { 365 check.Skip("Skipping test because no external network given") 366 } 367 if vcd.config.VCD.EdgeGateway == "" { 368 check.Skip("Skipping test because no edge gateway given") 369 } 370 if vcd.config.VCD.Network.Net1 == "" { 371 check.Skip("Skipping test because no network was given") 372 } 373 374 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 375 check.Assert(err, IsNil) 376 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 377 378 orgVdcNetwork, err := vcd.vdc.GetOrgVdcNetworkByName(vcd.config.VCD.Network.Net1, false) 379 check.Assert(err, IsNil) 380 check.Assert(orgVdcNetwork.OrgVDCNetwork.Name, Equals, vcd.config.VCD.Network.Net1) 381 382 externalNetwork, err := vcd.client.GetExternalNetworkByName(vcd.config.VCD.ExternalNetwork) 383 check.Assert(err, IsNil) 384 check.Assert(externalNetwork, NotNil) 385 check.Assert(externalNetwork.ExternalNetwork.Name, Equals, vcd.config.VCD.ExternalNetwork) 386 387 beforeChangeNatRulesNumber := len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule) 388 389 description1 := "my Dnat Description 1" 390 description2 := "my Dnatt Description 2" 391 392 natRule, err := edge.AddDNATRule(NatRule{NetworkHref: orgVdcNetwork.OrgVDCNetwork.HREF, ExternalIP: vcd.config.VCD.ExternalIp, 393 ExternalPort: "1177", InternalIP: vcd.config.VCD.InternalIp, InternalPort: "77", Protocol: "TCP", Description: description1}) 394 check.Assert(err, IsNil) 395 396 check.Assert(natRule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.InternalIp) 397 check.Assert(natRule.GatewayNatRule.TranslatedPort, Equals, "77") 398 check.Assert(natRule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.ExternalIp) 399 check.Assert(natRule.GatewayNatRule.OriginalPort, Equals, "1177") 400 check.Assert(natRule.GatewayNatRule.Protocol, Equals, "tcp") 401 check.Assert(natRule.GatewayNatRule.IcmpSubType, Equals, "") 402 check.Assert(natRule.Description, Equals, description1) 403 check.Assert(natRule.RuleType, Equals, "DNAT") 404 check.Assert(strings.Split(natRule.GatewayNatRule.Interface.HREF, "network/")[1], Equals, strings.Split(orgVdcNetwork.OrgVDCNetwork.HREF, "network/")[1]) 405 406 err = edge.RemoveNATRule(natRule.ID) 407 check.Assert(err, IsNil) 408 409 // verify delete 410 err = edge.Refresh() 411 check.Assert(err, IsNil) 412 413 check.Assert(len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule), Equals, beforeChangeNatRulesNumber) 414 415 // check with external network 416 natRule, err = edge.AddDNATRule(NatRule{NetworkHref: externalNetwork.ExternalNetwork.HREF, ExternalIP: vcd.config.VCD.ExternalIp, 417 ExternalPort: "1188", InternalIP: vcd.config.VCD.InternalIp, InternalPort: "88", Protocol: "TCP", Description: description2}) 418 check.Assert(err, IsNil) 419 420 check.Assert(natRule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.InternalIp) 421 check.Assert(natRule.GatewayNatRule.TranslatedPort, Equals, "88") 422 check.Assert(natRule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.ExternalIp) 423 check.Assert(natRule.GatewayNatRule.OriginalPort, Equals, "1188") 424 check.Assert(natRule.GatewayNatRule.Protocol, Equals, "tcp") 425 check.Assert(natRule.GatewayNatRule.IcmpSubType, Equals, "") 426 check.Assert(natRule.Description, Equals, description2) 427 check.Assert(natRule.RuleType, Equals, "DNAT") 428 check.Assert(strings.Split(natRule.GatewayNatRule.Interface.HREF, "network/")[1], Equals, strings.Split(externalNetwork.ExternalNetwork.HREF, "externalnet/")[1]) 429 430 err = edge.RemoveNATRule(natRule.ID) 431 check.Assert(err, IsNil) 432 433 // verify delete 434 err = edge.Refresh() 435 check.Assert(err, IsNil) 436 437 check.Assert(len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule), Equals, beforeChangeNatRulesNumber) 438 } 439 440 func (vcd *TestVCD) Test_UpdateNATRule(check *C) { 441 vcd.skipIfNotSysAdmin(check) 442 if vcd.config.VCD.ExternalIp == "" || vcd.config.VCD.InternalIp == "" { 443 check.Skip("Skipping test because no valid ip given") 444 } 445 if vcd.config.VCD.ExternalNetwork == "" { 446 check.Skip("Skipping test because no external network given") 447 } 448 if vcd.config.VCD.EdgeGateway == "" { 449 check.Skip("Skipping test because no edge gateway given") 450 } 451 if vcd.config.VCD.Network.Net1 == "" { 452 check.Skip("Skipping test because no network was given") 453 } 454 455 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 456 check.Assert(err, IsNil) 457 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 458 459 orgVdcNetwork, err := vcd.vdc.GetOrgVdcNetworkByName(vcd.config.VCD.Network.Net1, false) 460 check.Assert(err, IsNil) 461 check.Assert(orgVdcNetwork.OrgVDCNetwork.Name, Equals, vcd.config.VCD.Network.Net1) 462 463 externalNetwork, err := vcd.client.GetExternalNetworkByName(vcd.config.VCD.ExternalNetwork) 464 check.Assert(err, IsNil) 465 check.Assert(externalNetwork, NotNil) 466 check.Assert(externalNetwork.ExternalNetwork.Name, Equals, vcd.config.VCD.ExternalNetwork) 467 468 beforeChangeNatRulesNumber := len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule) 469 470 description1 := "my Dnat Description 1" 471 description2 := "my Dnatt Description 2" 472 473 natRule, err := edge.AddDNATRule(NatRule{NetworkHref: orgVdcNetwork.OrgVDCNetwork.HREF, ExternalIP: vcd.config.VCD.ExternalIp, 474 ExternalPort: "1177", InternalIP: vcd.config.VCD.InternalIp, InternalPort: "77", Protocol: "TCP", Description: description1}) 475 check.Assert(err, IsNil) 476 477 check.Assert(natRule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.InternalIp) 478 check.Assert(natRule.GatewayNatRule.TranslatedPort, Equals, "77") 479 check.Assert(natRule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.ExternalIp) 480 check.Assert(natRule.GatewayNatRule.OriginalPort, Equals, "1177") 481 check.Assert(natRule.GatewayNatRule.Protocol, Equals, "tcp") 482 check.Assert(natRule.GatewayNatRule.IcmpSubType, Equals, "") 483 check.Assert(natRule.Description, Equals, description1) 484 check.Assert(natRule.RuleType, Equals, "DNAT") 485 check.Assert(strings.Split(natRule.GatewayNatRule.Interface.HREF, "network/")[1], Equals, strings.Split(orgVdcNetwork.OrgVDCNetwork.HREF, "network/")[1]) 486 487 err = edge.RemoveNATRule(natRule.ID) 488 check.Assert(err, IsNil) 489 490 // verify delete 491 err = edge.Refresh() 492 check.Assert(err, IsNil) 493 494 check.Assert(len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule), Equals, beforeChangeNatRulesNumber) 495 496 // check with external network 497 natRule, err = edge.AddDNATRule(NatRule{NetworkHref: externalNetwork.ExternalNetwork.HREF, ExternalIP: vcd.config.VCD.ExternalIp, 498 ExternalPort: "1188", InternalIP: vcd.config.VCD.InternalIp, InternalPort: "88", Protocol: "TCP", Description: description2}) 499 check.Assert(err, IsNil) 500 501 check.Assert(natRule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.InternalIp) 502 check.Assert(natRule.GatewayNatRule.TranslatedPort, Equals, "88") 503 check.Assert(natRule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.ExternalIp) 504 check.Assert(natRule.GatewayNatRule.OriginalPort, Equals, "1188") 505 check.Assert(natRule.GatewayNatRule.Protocol, Equals, "tcp") 506 check.Assert(natRule.GatewayNatRule.IcmpSubType, Equals, "") 507 check.Assert(natRule.Description, Equals, description2) 508 check.Assert(natRule.RuleType, Equals, "DNAT") 509 check.Assert(strings.Split(natRule.GatewayNatRule.Interface.HREF, "network/")[1], Equals, strings.Split(externalNetwork.ExternalNetwork.HREF, "externalnet/")[1]) 510 511 err = edge.RemoveNATRule(natRule.ID) 512 check.Assert(err, IsNil) 513 514 // update test 515 natRule, err = edge.AddDNATRule(NatRule{NetworkHref: orgVdcNetwork.OrgVDCNetwork.HREF, ExternalIP: vcd.config.VCD.ExternalIp, 516 ExternalPort: "1177", InternalIP: vcd.config.VCD.InternalIp, InternalPort: "77", Protocol: "TCP", Description: description1}) 517 check.Assert(err, IsNil) 518 519 natRule.GatewayNatRule.OriginalPort = "1166" 520 natRule.GatewayNatRule.TranslatedPort = "66" 521 natRule.GatewayNatRule.Protocol = "udp" 522 natRule.Description = description2 523 natRule.GatewayNatRule.Interface.HREF = externalNetwork.ExternalNetwork.HREF 524 525 updateNatRule, err := edge.UpdateNatRule(natRule) 526 527 check.Assert(err, IsNil) 528 check.Assert(updateNatRule.GatewayNatRule.TranslatedIP, Equals, vcd.config.VCD.InternalIp) 529 check.Assert(updateNatRule.GatewayNatRule.TranslatedPort, Equals, "66") 530 check.Assert(updateNatRule.GatewayNatRule.OriginalIP, Equals, vcd.config.VCD.ExternalIp) 531 check.Assert(updateNatRule.GatewayNatRule.OriginalPort, Equals, "1166") 532 check.Assert(updateNatRule.GatewayNatRule.Protocol, Equals, "udp") 533 check.Assert(updateNatRule.GatewayNatRule.IcmpSubType, Equals, "") 534 check.Assert(updateNatRule.Description, Equals, description2) 535 check.Assert(updateNatRule.RuleType, Equals, "DNAT") 536 check.Assert(strings.Split(updateNatRule.GatewayNatRule.Interface.HREF, "network/")[1], Equals, strings.Split(externalNetwork.ExternalNetwork.HREF, "externalnet/")[1]) 537 538 err = edge.RemoveNATRule(updateNatRule.ID) 539 check.Assert(err, IsNil) 540 541 // verify delete 542 err = edge.Refresh() 543 check.Assert(err, IsNil) 544 545 check.Assert(len(edge.EdgeGateway.Configuration.EdgeGatewayServiceConfiguration.NatService.NatRule), Equals, beforeChangeNatRulesNumber) 546 } 547 548 // TestEdgeGateway_UpdateLBGeneralParams main point is to test that no load balancer configuration 549 // xml tags are lost during changes of load balancer main settings (enable, logging) 550 // The test does following steps: 551 // 1. Cache raw XML body and marshaled struct in variables before running the test 552 // 2. Toggle the settings of load balancer in various ways and ensure no err is returned 553 // 3. Set the settings back as they originally were and again get raw XML body and marshaled struct 554 // 4. Compare the XML text and structs before configuration and after configuration - they should be 555 // identical except <version></version> tag which is versioning the configuration 556 func (vcd *TestVCD) TestEdgeGateway_UpdateLBGeneralParams(check *C) { 557 vcd.skipIfNotSysAdmin(check) 558 if vcd.config.VCD.EdgeGateway == "" { 559 check.Skip("Skipping test because no edge gateway given") 560 } 561 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 562 check.Assert(err, IsNil) 563 564 if !edge.HasAdvancedNetworking() { 565 check.Skip("Skipping test because the edge gateway does not have advanced networking enabled") 566 } 567 568 // Cache current load balancer settings for change validation in the end 569 beforeLb, beforeLbXml := testCacheLoadBalancer(*edge, check) 570 571 _, err = edge.UpdateLBGeneralParams(true, true, true, "critical") 572 check.Assert(err, IsNil) 573 574 _, err = edge.UpdateLBGeneralParams(false, false, false, "emergency") 575 check.Assert(err, IsNil) 576 577 // Try to set invalid loglevel to get validation error 578 _, err = edge.UpdateLBGeneralParams(false, false, false, "invalid_loglevel") 579 check.Assert(err, ErrorMatches, ".*Valid log levels are.*") 580 581 // Restore to initial settings and validate that it 582 _, err = edge.UpdateLBGeneralParams(beforeLb.Enabled, beforeLb.AccelerationEnabled, 583 beforeLb.Logging.Enable, beforeLb.Logging.LogLevel) 584 check.Assert(err, IsNil) 585 586 // Validate load balancer configuration against initially cached version 587 testCheckLoadBalancerConfig(beforeLb, beforeLbXml, *edge, check) 588 } 589 590 // TestEdgeGateway_UpdateFwGeneralParams main point is to test that no firewall configuration 591 // xml tags are lost during changes of firewall main settings (enable, logging) 592 // The test does following steps: 593 // 1. Cache raw XML body and marshaled struct in variables before running the test 594 // 2. Toggle the settings of firewall in various ways and ensure no err is returned 595 // 3. Set the settings back as they originally were and again get raw XML body and marshaled struct 596 // 4. Compare the XML text and structs before configuration and after configuration - they should be 597 // identical except <version></version> tag which is versioning the configuration 598 func (vcd *TestVCD) TestEdgeGateway_UpdateFwGeneralParams(check *C) { 599 if vcd.config.VCD.EdgeGateway == "" { 600 check.Skip("Skipping test because no edge gateway given") 601 } 602 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 603 check.Assert(err, IsNil) 604 605 if !edge.HasAdvancedNetworking() { 606 check.Skip("Skipping test because the edge gateway does not have advanced networking enabled") 607 } 608 609 // Cache current firewall settings for change validation in the end 610 beforeFw, beforeFwXml := testCacheFirewall(*edge, check) 611 612 _, err = edge.UpdateFirewallConfig(false, false, "deny") 613 check.Assert(err, IsNil) 614 615 _, err = edge.UpdateFirewallConfig(true, true, "accept") 616 check.Assert(err, IsNil) 617 618 // Try to set invalid loglevel to get validation error 619 _, err = edge.UpdateFirewallConfig(false, false, "invalid_action") 620 check.Assert(err, ErrorMatches, ".*default action must be either 'accept' or 'deny'.*") 621 622 // Restore to initial settings and validate that it 623 _, err = edge.UpdateFirewallConfig(beforeFw.Enabled, beforeFw.DefaultPolicy.LoggingEnabled, beforeFw.DefaultPolicy.Action) 624 check.Assert(err, IsNil) 625 626 // Validate configuration against initially cached version 627 testCheckFirewallConfig(beforeFw, beforeFwXml, *edge, check) 628 } 629 630 func (vcd *TestVCD) TestEdgeGateway_GetVdcNetworks(check *C) { 631 vcd.skipIfNotSysAdmin(check) 632 if vcd.config.VCD.EdgeGateway == "" { 633 check.Skip("Skipping test because no edge gateway given") 634 } 635 edge, err := vcd.vdc.FindEdgeGateway(vcd.config.VCD.EdgeGateway) 636 check.Assert(err, IsNil) 637 638 if !edge.HasAdvancedNetworking() { 639 check.Skip("Skipping test because the edge gateway does not have advanced networking enabled") 640 } 641 642 vnics, err := edge.getVdcNetworks() 643 check.Assert(err, IsNil) 644 645 foundExtNet := false 646 foundOrgNet := false 647 648 check.Assert(len(vnics.EdgeInterface) > 1, Equals, true) 649 // Look for both - external and Org networks in returned edge gateway vNics 650 for _, vnic := range vnics.EdgeInterface { 651 // Look for external network attached to Edge gateway 652 if vnic.Name == vcd.config.VCD.ExternalNetwork && vnic.PortgroupName == vcd.config.VCD.ExternalNetwork { 653 check.Assert(vnic.AddressGroups.AddressGroup.PrimaryAddress, Equals, vcd.config.VCD.ExternalIp) 654 check.Assert(vnic.Type, Equals, "uplink") 655 foundExtNet = true 656 } 657 658 // Look for org network 1 attached 659 if vnic.PortgroupName == vcd.config.VCD.Network.Net1 { 660 check.Assert(vnic.Type, Equals, "internal") 661 foundOrgNet = true 662 } 663 } 664 check.Assert(foundExtNet, Equals, true) 665 check.Assert(foundOrgNet, Equals, true) 666 } 667 668 // testCacheFirewall is meant to store firewall settings before any operations so that all 669 // configuration can be checked after manipulation 670 func testCacheFirewall(edge EdgeGateway, check *C) (*types.FirewallConfigWithXml, string) { 671 beforeFw, err := edge.GetFirewallConfig() 672 check.Assert(err, IsNil) 673 beforeFwbXml := testGetEdgeEndpointXML(types.EdgeFirewallPath, edge, check) 674 return beforeFw, beforeFwbXml 675 } 676 677 // testCheckFirewallConfig validates if both raw XML string and firewall struct remain 678 // identical after settings manipulation. 679 func testCheckFirewallConfig(beforeFw *types.FirewallConfigWithXml, beforeFwXml string, edge EdgeGateway, check *C) { 680 afterFw, err := edge.GetFirewallConfig() 681 check.Assert(err, IsNil) 682 683 afterFwXml := testGetEdgeEndpointXML(types.EdgeFirewallPath, edge, check) 684 685 // remove `<version></version>` tag from both XML represntation and struct for deep comparison 686 // because this version changes with each update and will never be the same after a few 687 // operations 688 reVersion := regexp.MustCompile(`<version>\w*<\/version>`) 689 beforeFwXml = reVersion.ReplaceAllLiteralString(beforeFwXml, "") 690 afterFwXml = reVersion.ReplaceAllLiteralString(afterFwXml, "") 691 692 beforeFw.Version = "" 693 afterFw.Version = "" 694 695 // Because the test enables and disables firewall configuration, main firewall rule has its ID 696 // and ruleTag changed during the test and we must ignore this change while comparing. This is 697 // always the first rule kept at the top so we are replacing `id` and `ruletag` fields in 698 // "before" and "after" values. 699 beforeFw.FirewallRules.Text = replaceFirstMatch(beforeFw.FirewallRules.Text, `<id>\d*</id>`, "<id>99999</id>") 700 beforeFw.FirewallRules.Text = replaceFirstMatch(beforeFw.FirewallRules.Text, `<ruleTag>\d*</ruleTag>`, "<ruleTag>99999</ruleTag>") 701 afterFw.FirewallRules.Text = replaceFirstMatch(afterFw.FirewallRules.Text, `<id>\d*</id>`, "<id>99999</id>") 702 afterFw.FirewallRules.Text = replaceFirstMatch(afterFw.FirewallRules.Text, `<ruleTag>\d*</ruleTag>`, "<ruleTag>99999</ruleTag>") 703 704 beforeFwXml = replaceFirstMatch(beforeFwXml, `<id>\d*</id>`, "<id>99999</id>") 705 beforeFwXml = replaceFirstMatch(beforeFwXml, `<ruleTag>\d*</ruleTag>`, "<ruleTag>99999</ruleTag>") 706 afterFwXml = replaceFirstMatch(afterFwXml, `<id>\d*</id>`, "<id>99999</id>") 707 afterFwXml = replaceFirstMatch(afterFwXml, `<ruleTag>\d*</ruleTag>`, "<ruleTag>99999</ruleTag>") 708 709 check.Assert(beforeFw, DeepEquals, afterFw) 710 check.Assert(beforeFwXml, DeepEquals, afterFwXml) 711 } 712 713 // replaceFirstMatch replaces first `regex` matched in `text` with `replacement` and returns it 714 // It will panic if regex is invalid. 715 func replaceFirstMatch(text, regex, replacement string) string { 716 re := regexp.MustCompile(regex) 717 // Replace leftmost found string 718 found := re.FindString(text) 719 if found != "" { 720 return strings.Replace(text, found, replacement, 1) 721 } 722 return "" 723 } 724 725 // TestListEdgeGateway tests that at least one edge gateway is found, 726 // and the list contains the element defined in the configuration file 727 func (vcd *TestVCD) TestListEdgeGateway(check *C) { 728 if vcd.config.VCD.EdgeGateway == "" { 729 check.Skip("Skipping test because no edge gateway given") 730 } 731 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 732 check.Assert(err, IsNil) 733 check.Assert(edge, NotNil) 734 edgeGatewayList, err := vcd.vdc.QueryEdgeGatewayList() 735 check.Assert(err, IsNil) 736 check.Assert(edgeGatewayList, NotNil) 737 check.Assert(len(edgeGatewayList) > 0, Equals, true) 738 foundName := false 739 foundHref := false 740 for _, ref := range edgeGatewayList { 741 if ref.Name == edge.EdgeGateway.Name { 742 foundName = true 743 if ref.HREF == edge.EdgeGateway.HREF { 744 foundHref = true 745 } 746 } 747 } 748 check.Assert(foundName, Equals, true) 749 check.Assert(foundHref, Equals, true) 750 } 751 752 func (vcd *TestVCD) Test_UpdateEdgeGateway(check *C) { 753 vcd.skipIfNotSysAdmin(check) 754 if vcd.config.VCD.EdgeGateway == "" { 755 check.Skip("Skipping test because no edge gateway given") 756 } 757 edge, err := vcd.vdc.GetEdgeGatewayByName(vcd.config.VCD.EdgeGateway, false) 758 check.Assert(err, IsNil) 759 check.Assert(edge.EdgeGateway.Name, Equals, vcd.config.VCD.EdgeGateway) 760 var saveEGW = types.EdgeGateway{ 761 Name: edge.EdgeGateway.Name, 762 ID: edge.EdgeGateway.ID, 763 Status: edge.EdgeGateway.Status, 764 HREF: edge.EdgeGateway.HREF, 765 Description: edge.EdgeGateway.Description, 766 Configuration: &types.GatewayConfiguration{ 767 AdvancedNetworkingEnabled: edge.EdgeGateway.Configuration.AdvancedNetworkingEnabled, 768 }, 769 } 770 771 newName := "UpdatedEGWName" 772 newDescription := "Updated description" 773 774 edge.EdgeGateway.Name = newName 775 edge.EdgeGateway.Description = newDescription 776 777 err = edge.Update() 778 check.Assert(err, IsNil) 779 780 // The edge gateway should be updated in place 781 check.Assert(edge.EdgeGateway.HREF, Equals, saveEGW.HREF) 782 check.Assert(edge.EdgeGateway.Name, Equals, newName) 783 check.Assert(edge.EdgeGateway.Description, Equals, newDescription) 784 785 // Check that a new copy of the edge gateway contains the expected data 786 edge, err = vcd.vdc.GetEdgeGatewayById(saveEGW.ID, true) 787 check.Assert(err, IsNil) 788 789 check.Assert(edge.EdgeGateway.HREF, Equals, saveEGW.HREF) 790 check.Assert(edge.EdgeGateway.Name, Equals, newName) 791 check.Assert(edge.EdgeGateway.Description, Equals, newDescription) 792 793 edge.EdgeGateway.Name = saveEGW.Name 794 edge.EdgeGateway.Description = saveEGW.Description 795 796 err = edge.Update() 797 check.Assert(err, IsNil) 798 799 // checking the in-place values 800 check.Assert(saveEGW.Name, Equals, edge.EdgeGateway.Name) 801 check.Assert(saveEGW.Description, Equals, edge.EdgeGateway.Description) 802 check.Assert(saveEGW.HREF, Equals, edge.EdgeGateway.HREF) 803 804 // Checking values in a fresh copy of the edge gateway 805 edge, err = vcd.vdc.GetEdgeGatewayById(saveEGW.ID, true) 806 check.Assert(err, IsNil) 807 808 check.Assert(saveEGW.Name, Equals, edge.EdgeGateway.Name) 809 check.Assert(saveEGW.Description, Equals, edge.EdgeGateway.Description) 810 check.Assert(saveEGW.HREF, Equals, edge.EdgeGateway.HREF) 811 }