github.com/vmware/go-vcloud-director/v2@v2.24.0/govcd/vapp_network_test.go (about) 1 //go:build vapp || functional || ALL 2 3 /* 4 * Copyright 2020 VMware, Inc. All rights reserved. Licensed under the Apache v2 License. 5 */ 6 7 package govcd 8 9 import ( 10 "fmt" 11 . "gopkg.in/check.v1" 12 13 "github.com/vmware/go-vcloud-director/v2/types/v56" 14 ) 15 16 func (vcd *TestVCD) Test_UpdateNetworkFirewallRules(check *C) { 17 vapp, networkName, vappNetworkConfig, err := vcd.prepareVappWithVappNetwork(check, "Test_UpdateNetworkFirewallRulesVapp", vcd.config.VCD.Network.Net1) 18 check.Assert(err, IsNil) 19 20 networkFound := types.VAppNetworkConfiguration{} 21 for _, networkConfig := range vappNetworkConfig.NetworkConfig { 22 if networkConfig.NetworkName == networkName { 23 networkFound = networkConfig 24 } 25 } 26 check.Assert(networkFound, Not(Equals), types.VAppNetworkConfiguration{}) 27 28 uuid, err := GetUuidFromHref(networkFound.Link.HREF, false) 29 check.Assert(err, IsNil) 30 31 result, err := vapp.UpdateNetworkFirewallRules(uuid, []*types.FirewallRule{&types.FirewallRule{Description: "myFirstRule1", IsEnabled: true, Policy: "allow", 32 DestinationPortRange: "Any", DestinationIP: "Any", SourcePortRange: "Any", SourceIP: "Any", Protocols: &types.FirewallRuleProtocols{TCP: true}}, 33 &types.FirewallRule{Description: "myFirstRule2", IsEnabled: false, Policy: "drop", DestinationPortRange: "Any", 34 DestinationIP: "Any", SourcePortRange: "Any", SourceIP: "Any", Protocols: &types.FirewallRuleProtocols{Any: true}}}, true, "drop", true) 35 check.Assert(err, IsNil) 36 check.Assert(result, NotNil) 37 check.Assert(len(result.Configuration.Features.FirewallService.FirewallRule), Equals, 2) 38 39 // verify 40 check.Assert(result.Configuration.Features.FirewallService.IsEnabled, Equals, true) 41 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].Description, Equals, "myFirstRule1") 42 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].IsEnabled, Equals, true) 43 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].Policy, Equals, "allow") 44 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].DestinationPortRange, Equals, "Any") 45 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].DestinationIP, Equals, "Any") 46 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].SourcePortRange, Equals, "Any") 47 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].SourceIP, Equals, "Any") 48 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].Protocols.TCP, Equals, true) 49 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[0].Protocols.TCP, Equals, true) 50 51 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[1].Description, Equals, "myFirstRule2") 52 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[1].IsEnabled, Equals, false) 53 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[1].Policy, Equals, "drop") 54 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[1].DestinationPortRange, Equals, "Any") 55 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[1].DestinationIP, Equals, "Any") 56 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[1].SourcePortRange, Equals, "Any") 57 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[1].SourceIP, Equals, "Any") 58 check.Assert(result.Configuration.Features.FirewallService.FirewallRule[1].Protocols.Any, Equals, true) 59 60 check.Assert(result.Configuration.Features.FirewallService.DefaultAction, Equals, "drop") 61 check.Assert(result.Configuration.Features.FirewallService.LogDefaultAction, Equals, true) 62 63 err = vapp.RemoveAllNetworkFirewallRules(uuid) 64 check.Assert(err, IsNil) 65 66 vappNetwork, err := vapp.GetVappNetworkById(uuid, true) 67 check.Assert(err, IsNil) 68 check.Assert(len(vappNetwork.Configuration.Features.FirewallService.FirewallRule), Equals, 0) 69 70 //cleanup 71 task, err := vapp.RemoveAllNetworks() 72 check.Assert(err, IsNil) 73 err = task.WaitTaskCompletion() 74 check.Assert(err, IsNil) 75 task, err = vapp.Delete() 76 check.Assert(err, IsNil) 77 err = task.WaitTaskCompletion() 78 check.Assert(err, IsNil) 79 check.Assert(task.Task.Status, Equals, "success") 80 } 81 82 func (vcd *TestVCD) prepareVappWithVappNetwork(check *C, vappName, orgVdcNetworkName string) (*VApp, string, *types.NetworkConfigSection, error) { 83 fmt.Printf("Running: %s\n", check.TestName()) 84 85 vapp, err := deployVappForTest(vcd, vappName) 86 check.Assert(err, IsNil) 87 check.Assert(vapp, NotNil) 88 89 vappNetworkName := vappName + "_network" 90 description := "Created in test" 91 var guestVlanAllowed = true 92 var retainIpMacEnabled = true 93 94 orgVdcNetwork, err := vcd.vdc.GetOrgVdcNetworkByName(orgVdcNetworkName, false) 95 check.Assert(err, IsNil) 96 check.Assert(orgVdcNetwork, NotNil) 97 98 vappNetworkSettings := &VappNetworkSettings{ 99 Name: vappNetworkName, 100 Gateway: "192.168.0.1", 101 NetMask: "255.255.255.0", 102 DNS1: "8.8.8.8", 103 DNS2: "1.1.1.1", 104 DNSSuffix: "biz.biz", 105 StaticIPRanges: []*types.IPRange{{StartAddress: "192.168.0.10", EndAddress: "192.168.0.20"}}, 106 DhcpSettings: &DhcpSettings{IsEnabled: true, MaxLeaseTime: 3500, DefaultLeaseTime: 2400, IPRange: &types.IPRange{StartAddress: "192.168.0.30", EndAddress: "192.168.0.40"}}, 107 GuestVLANAllowed: &guestVlanAllowed, 108 Description: description, 109 RetainIpMacEnabled: &retainIpMacEnabled, 110 } 111 112 vappNetworkConfig, err := vapp.CreateVappNetwork(vappNetworkSettings, orgVdcNetwork.OrgVDCNetwork) 113 check.Assert(err, IsNil) 114 check.Assert(vappNetworkConfig, NotNil) 115 return vapp, vappNetworkName, vappNetworkConfig, err 116 } 117 118 func (vcd *TestVCD) Test_GetVappNetworkByNameOrId(check *C) { 119 vapp, networkName, vappNetworkConfig, err := vcd.prepareVappWithVappNetwork(check, "Test_GetVappNetworkByNameOrId", vcd.config.VCD.Network.Net1) 120 check.Assert(err, IsNil) 121 122 networkFound := types.VAppNetworkConfiguration{} 123 for _, networkConfig := range vappNetworkConfig.NetworkConfig { 124 if networkConfig.NetworkName == networkName { 125 networkFound = networkConfig 126 } 127 } 128 check.Assert(networkFound, Not(Equals), types.VAppNetworkConfiguration{}) 129 130 uuid, err := GetUuidFromHref(networkFound.Link.HREF, false) 131 check.Assert(err, IsNil) 132 133 vappNetwork, err := vapp.GetVappNetworkById(uuid, true) 134 check.Assert(err, IsNil) 135 check.Assert(vappNetwork, NotNil) 136 137 vappNetwork, err = vapp.GetVappNetworkByName(networkName, false) 138 check.Assert(err, IsNil) 139 check.Assert(vappNetwork, NotNil) 140 141 //cleanup 142 task, err := vapp.Delete() 143 check.Assert(err, IsNil) 144 err = task.WaitTaskCompletion() 145 check.Assert(err, IsNil) 146 check.Assert(task.Task.Status, Equals, "success") 147 } 148 149 func (vcd *TestVCD) Test_UpdateNetworkNatRules(check *C) { 150 vapp, networkName, vappNetworkConfig, err := vcd.prepareVappWithVappNetwork(check, "Test_UpdateNetworkNatRules", vcd.config.VCD.Network.Net1) 151 check.Assert(err, IsNil) 152 153 networkFound := types.VAppNetworkConfiguration{} 154 for _, networkConfig := range vappNetworkConfig.NetworkConfig { 155 if networkConfig.NetworkName == networkName { 156 networkFound = networkConfig 157 } 158 } 159 check.Assert(networkFound, Not(Equals), types.VAppNetworkConfiguration{}) 160 161 desiredNetConfig := types.NetworkConnectionSection{} 162 desiredNetConfig.PrimaryNetworkConnectionIndex = 0 163 desiredNetConfig.NetworkConnection = append(desiredNetConfig.NetworkConnection, 164 &types.NetworkConnection{ 165 IsConnected: true, 166 IPAddressAllocationMode: types.IPAllocationModePool, 167 Network: "Test_UpdateNetworkNatRules_network", 168 NetworkConnectionIndex: 0, 169 }) 170 171 // Get org and vdc 172 org, err := vcd.client.GetAdminOrgByName(vcd.config.VCD.Org) 173 check.Assert(err, IsNil) 174 vdc, err := org.GetVDCByName(vcd.config.VCD.Vdc, false) 175 check.Assert(err, IsNil) 176 check.Assert(vdc, NotNil) 177 178 // Find catalog and catalog item 179 catalog, err := org.GetCatalogByName(vcd.config.VCD.Catalog.Name, false) 180 check.Assert(err, IsNil) 181 check.Assert(catalog, NotNil) 182 catalogItem, err := catalog.GetCatalogItemByName(vcd.config.VCD.Catalog.CatalogItem, false) 183 check.Assert(err, IsNil) 184 vappTemplate, err := catalogItem.GetVAppTemplate() 185 check.Assert(err, IsNil) 186 187 vm, err := spawnVM("FirstNode", 512, *vdc, *vapp, desiredNetConfig, vappTemplate, check, "", false) 188 check.Assert(err, IsNil) 189 190 vm2, err := spawnVM("SecondNode", 512, *vdc, *vapp, desiredNetConfig, vappTemplate, check, "", false) 191 check.Assert(err, IsNil) 192 193 uuid, err := GetUuidFromHref(networkFound.Link.HREF, false) 194 check.Assert(err, IsNil) 195 196 result, err := vapp.UpdateNetworkNatRules(uuid, []*types.NatRule{&types.NatRule{VMRule: &types.NatVMRule{ 197 ExternalPort: -1, InternalPort: 22, VMNicID: 0, 198 VAppScopedVMID: vm.VM.VAppScopedLocalID, Protocol: "TCP"}}, 199 &types.NatRule{VMRule: &types.NatVMRule{ 200 ExternalPort: 80, InternalPort: 22, VMNicID: 0, 201 VAppScopedVMID: vm2.VM.VAppScopedLocalID, Protocol: "UDP"}}}, 202 true, "portForwarding", "allowTraffic") 203 check.Assert(err, IsNil) 204 check.Assert(result, NotNil) 205 check.Assert(len(result.Configuration.Features.NatService.NatRule), Equals, 2) 206 207 // verify 208 check.Assert(result.Configuration.Features.NatService.IsEnabled, Equals, true) 209 check.Assert(result.Configuration.Features.NatService.Policy, Equals, "allowTraffic") 210 check.Assert(result.Configuration.Features.NatService.NatType, Equals, "portForwarding") 211 212 check.Assert(result.Configuration.Features.NatService.NatRule[0].VMRule.InternalPort, Equals, 22) 213 check.Assert(result.Configuration.Features.NatService.NatRule[0].VMRule.ExternalPort, Equals, -1) 214 check.Assert(result.Configuration.Features.NatService.NatRule[0].VMRule.VAppScopedVMID, Equals, vm.VM.VAppScopedLocalID) 215 check.Assert(result.Configuration.Features.NatService.NatRule[0].VMRule.VMNicID, Equals, 0) 216 217 check.Assert(result.Configuration.Features.NatService.NatRule[1].VMRule.InternalPort, Equals, 22) 218 check.Assert(result.Configuration.Features.NatService.NatRule[1].VMRule.ExternalPort, Equals, 80) 219 check.Assert(result.Configuration.Features.NatService.NatRule[1].VMRule.VAppScopedVMID, Equals, vm2.VM.VAppScopedLocalID) 220 check.Assert(result.Configuration.Features.NatService.NatRule[1].VMRule.VMNicID, Equals, 0) 221 222 result, err = vapp.UpdateNetworkNatRules(uuid, []*types.NatRule{&types.NatRule{OneToOneVMRule: &types.NatOneToOneVMRule{ 223 MappingMode: "automatic", VMNicID: 0, 224 VAppScopedVMID: vm.VM.VAppScopedLocalID}}, 225 &types.NatRule{OneToOneVMRule: &types.NatOneToOneVMRule{ 226 MappingMode: "manual", VMNicID: 0, 227 VAppScopedVMID: vm2.VM.VAppScopedLocalID, 228 ExternalIPAddress: addrOf("192.168.100.1")}}}, 229 false, "ipTranslation", "allowTrafficIn") 230 check.Assert(err, IsNil) 231 check.Assert(result, NotNil) 232 check.Assert(len(result.Configuration.Features.NatService.NatRule), Equals, 2) 233 234 // verify 235 check.Assert(result.Configuration.Features.NatService.IsEnabled, Equals, false) 236 check.Assert(result.Configuration.Features.NatService.Policy, Equals, "allowTrafficIn") 237 check.Assert(result.Configuration.Features.NatService.NatType, Equals, "ipTranslation") 238 239 check.Assert(result.Configuration.Features.NatService.NatRule[0].OneToOneVMRule.MappingMode, Equals, "automatic") 240 check.Assert(result.Configuration.Features.NatService.NatRule[0].OneToOneVMRule.VAppScopedVMID, Equals, vm.VM.VAppScopedLocalID) 241 check.Assert(result.Configuration.Features.NatService.NatRule[0].OneToOneVMRule.VMNicID, Equals, 0) 242 243 check.Assert(result.Configuration.Features.NatService.NatRule[1].OneToOneVMRule.MappingMode, Equals, "manual") 244 check.Assert(result.Configuration.Features.NatService.NatRule[1].OneToOneVMRule.VAppScopedVMID, Equals, vm2.VM.VAppScopedLocalID) 245 check.Assert(result.Configuration.Features.NatService.NatRule[1].OneToOneVMRule.VMNicID, Equals, 0) 246 check.Assert(result.Configuration.Features.NatService.NatRule[1].OneToOneVMRule.ExternalIPAddress, NotNil) 247 check.Assert(*result.Configuration.Features.NatService.NatRule[1].OneToOneVMRule.ExternalIPAddress, Equals, "192.168.100.1") 248 249 err = vapp.RemoveAllNetworkNatRules(uuid) 250 check.Assert(err, IsNil) 251 252 vappNetwork, err := vapp.GetVappNetworkById(uuid, true) 253 check.Assert(err, IsNil) 254 check.Assert(len(vappNetwork.Configuration.Features.NatService.NatRule), Equals, 0) 255 256 //cleanup 257 task, err := vapp.RemoveAllNetworks() 258 check.Assert(err, IsNil) 259 err = task.WaitTaskCompletion() 260 check.Assert(err, IsNil) 261 task, err = vapp.Delete() 262 check.Assert(err, IsNil) 263 err = task.WaitTaskCompletion() 264 check.Assert(err, IsNil) 265 check.Assert(task.Task.Status, Equals, "success") 266 } 267 268 func createRoutedNetwork(vcd *TestVCD, check *C, networkName string) { 269 edgeGWName := vcd.config.VCD.EdgeGateway 270 if edgeGWName == "" { 271 check.Skip("Edge Gateway not provided") 272 } 273 edgeGateway, err := vcd.vdc.GetEdgeGatewayByName(edgeGWName, false) 274 if err != nil { 275 check.Skip(fmt.Sprintf("Edge Gateway %s not found", edgeGWName)) 276 } 277 278 networkDescription := "Created by govcd tests" 279 var networkConfig = types.OrgVDCNetwork{ 280 Name: networkName, 281 Description: networkDescription, 282 Configuration: &types.NetworkConfiguration{ 283 FenceMode: types.FenceModeNAT, 284 IPScopes: &types.IPScopes{ 285 IPScope: []*types.IPScope{&types.IPScope{ 286 IsInherited: false, 287 Gateway: "192.168.100.1", 288 Netmask: "255.255.255.0", 289 IPRanges: &types.IPRanges{ 290 IPRange: []*types.IPRange{ 291 &types.IPRange{ 292 StartAddress: "192.168.100.2", 293 EndAddress: "192.168.100.50", 294 }, 295 }, 296 }, 297 }, 298 }, 299 }, 300 BackwardCompatibilityMode: true, 301 }, 302 EdgeGateway: &types.Reference{ 303 HREF: edgeGateway.EdgeGateway.HREF, 304 ID: edgeGateway.EdgeGateway.ID, 305 Name: edgeGateway.EdgeGateway.Name, 306 Type: edgeGateway.EdgeGateway.Type, 307 }, 308 IsShared: false, 309 } 310 err = vcd.vdc.CreateOrgVDCNetworkWait(&networkConfig) 311 check.Assert(err, IsNil) 312 AddToCleanupList(networkName, "network", vcd.org.Org.Name+"|"+vcd.vdc.Vdc.Name, networkName) 313 } 314 315 func (vcd *TestVCD) Test_UpdateNetworkStaticRoutes(check *C) { 316 testName := check.TestName() 317 createRoutedNetwork(vcd, check, testName) 318 vapp, vappNetworkName, vappNetworkConfig, err := vcd.prepareVappWithVappNetwork(check, testName, testName) 319 check.Assert(err, IsNil) 320 321 networkFound := types.VAppNetworkConfiguration{} 322 for _, networkConfig := range vappNetworkConfig.NetworkConfig { 323 if networkConfig.NetworkName == vappNetworkName { 324 networkFound = networkConfig 325 } 326 } 327 check.Assert(networkFound, Not(Equals), types.VAppNetworkConfiguration{}) 328 329 desiredNetConfig := types.NetworkConnectionSection{} 330 desiredNetConfig.PrimaryNetworkConnectionIndex = 0 331 desiredNetConfig.NetworkConnection = append(desiredNetConfig.NetworkConnection, 332 &types.NetworkConnection{ 333 IsConnected: true, 334 IPAddressAllocationMode: types.IPAllocationModePool, 335 Network: vappNetworkName, 336 NetworkConnectionIndex: 0, 337 }) 338 339 uuid, err := GetUuidFromHref(networkFound.Link.HREF, false) 340 check.Assert(err, IsNil) 341 342 result, err := vapp.UpdateNetworkStaticRouting(uuid, []*types.StaticRoute{&types.StaticRoute{Name: "test1", 343 Network: "192.168.2.0/24", NextHopIP: "192.168.100.15"}, &types.StaticRoute{Name: "test2", 344 Network: "192.168.3.0/24", NextHopIP: "192.168.100.16"}}, true) 345 check.Assert(err, IsNil) 346 check.Assert(result, NotNil) 347 check.Assert(len(result.Configuration.Features.StaticRoutingService.StaticRoute), Equals, 2) 348 349 // verify 350 check.Assert(result.Configuration.Features.StaticRoutingService.IsEnabled, Equals, true) 351 352 check.Assert(result.Configuration.Features.StaticRoutingService.StaticRoute[0].Name, Equals, "test1") 353 check.Assert(result.Configuration.Features.StaticRoutingService.StaticRoute[0].Network, Equals, "192.168.2.0/24") 354 check.Assert(result.Configuration.Features.StaticRoutingService.StaticRoute[0].NextHopIP, Equals, "192.168.100.15") 355 356 check.Assert(result.Configuration.Features.StaticRoutingService.StaticRoute[1].Name, Equals, "test2") 357 check.Assert(result.Configuration.Features.StaticRoutingService.StaticRoute[1].Network, Equals, "192.168.3.0/24") 358 check.Assert(result.Configuration.Features.StaticRoutingService.StaticRoute[1].NextHopIP, Equals, "192.168.100.16") 359 360 err = vapp.RemoveAllNetworkStaticRoutes(uuid) 361 check.Assert(err, IsNil) 362 363 vappNetwork, err := vapp.GetVappNetworkById(uuid, true) 364 check.Assert(err, IsNil) 365 check.Assert(len(vappNetwork.Configuration.Features.StaticRoutingService.StaticRoute), Equals, 0) 366 367 //cleanup 368 task, err := vapp.RemoveAllNetworks() 369 check.Assert(err, IsNil) 370 err = task.WaitTaskCompletion() 371 check.Assert(err, IsNil) 372 task, err = vapp.Delete() 373 check.Assert(err, IsNil) 374 err = task.WaitTaskCompletion() 375 check.Assert(err, IsNil) 376 check.Assert(task.Task.Status, Equals, "success") 377 network, err := vcd.vdc.GetOrgVdcNetworkByName(testName, true) 378 check.Assert(err, IsNil) 379 task, err = network.Delete() 380 check.Assert(err, IsNil) 381 err = task.WaitTaskCompletion() 382 check.Assert(err, IsNil) 383 }