Beispiel #1
0
func TestAddressSetSync(t *testing.T) {
	t.Parallel()

	client := ovsdb.NewFakeOvsdbClient()
	client.CreateLogicalSwitch(lSwitch)

	redLabel := db.Label{
		Label:        "red",
		ContainerIPs: []string{"8.8.8.8"},
		IP:           "8.8.8.8",
	}
	blueLabel := db.Label{
		Label:        "blue",
		ContainerIPs: []string{"10.10.10.10", "11.11.11.11"},
		IP:           "9.9.9.9",
	}
	redAddressSet := ovsdb.AddressSet{
		Name:      "red",
		Addresses: []string{"8.8.8.8"},
	}
	blueAddressSet := ovsdb.AddressSet{
		Name:      "blue",
		Addresses: []string{"9.9.9.9", "10.10.10.10", "11.11.11.11"},
	}
	checkAddressSet(t, client,
		[]db.Label{redLabel},
		[]ovsdb.AddressSet{redAddressSet},
	)
	checkAddressSet(t, client,
		[]db.Label{redLabel, blueLabel},
		[]ovsdb.AddressSet{redAddressSet, blueAddressSet},
	)
	checkAddressSet(t, client,
		[]db.Label{blueLabel},
		[]ovsdb.AddressSet{blueAddressSet},
	)

	// Test hyphen conversion.
	dashLabel := db.Label{
		Label: "spark-ms",
		IP:    "9.9.9.9",
	}
	dashAddressSet := ovsdb.AddressSet{
		Name:      "SPARK_MS",
		Addresses: []string{"9.9.9.9"},
	}
	checkAddressSet(t, client,
		[]db.Label{dashLabel},
		[]ovsdb.AddressSet{dashAddressSet},
	)
}
Beispiel #2
0
func TestRunMaster(t *testing.T) {
	client := ovsdb.NewFakeOvsdbClient()
	client.CreateLogicalSwitch(lSwitch)
	conn := db.New()
	ovsdb.Open = func() (ovsdb.Client, error) {
		return client, nil
	}

	expPorts := []ovsdb.LPort{}
	conn.Transact(func(view db.Database) error {
		etcd := view.InsertEtcd()
		etcd.Leader = true
		view.Commit(etcd)

		minion := view.InsertMinion()
		minion.SupervisorInit = true
		minion.Self = true
		view.Commit(minion)

		for i := 0; i < 3; i++ {
			si := strconv.Itoa(i)
			l := view.InsertLabel()
			l.IP = fmt.Sprintf("0.0.0.%s", si)
			l.MultiHost = true
			view.Commit(l)
			expPorts = append(expPorts, ovsdb.LPort{
				Bridge:    lSwitch,
				Name:      l.IP,
				Addresses: []string{labelMac, l.IP},
			})
		}

		for i := 3; i < 5; i++ {
			si := strconv.Itoa(i)
			c := view.InsertContainer()
			c.IP = fmt.Sprintf("0.0.0.%s", si)
			c.Mac = fmt.Sprintf("00:00:00:00:00:0%s", si)
			view.Commit(c)
			expPorts = append(expPorts, ovsdb.LPort{
				Bridge:    lSwitch,
				Name:      c.IP,
				Addresses: []string{c.Mac, c.IP},
			})
		}

		return nil
	})

	for i := 1; i < 6; i++ {
		si := strconv.Itoa(i)
		mac := fmt.Sprintf("00:00:00:00:00:0%s", si)
		if i < 3 {
			mac = labelMac
		}
		ip := fmt.Sprintf("0.0.0.%s", si)
		client.CreateLogicalPort(lSwitch, ip, mac, ip)
	}

	runMaster(conn)

	lports, err := client.ListLogicalPorts(lSwitch)
	if err != nil {
		t.Fatal("failed to fetch logical ports from mock client")
	}

	if len(lports) != len(expPorts) {
		t.Fatalf("wrong number of logical ports. Got %d, expected %d.",
			len(lports), len(expPorts))
	}

	sort.Sort(lportslice(lports))
	sort.Sort(lportslice(expPorts))
	for i, port := range expPorts {
		lport := lports[i]
		if lport.Bridge != port.Bridge || lport.Name != port.Name {
			t.Fatalf("Incorrect port %v, expected %v.", lport, port)
		}
	}
}
Beispiel #3
0
func TestACLSync(t *testing.T) {
	t.Parallel()

	client := ovsdb.NewFakeOvsdbClient()
	client.CreateLogicalSwitch(lSwitch)

	dropACLs := directedACLs(ovsdb.ACL{
		Core: ovsdb.ACLCore{
			Priority: 0,
			Match:    "ip",
			Action:   "drop",
		},
	})

	redBlueConnection := db.Connection{
		From:    "red",
		To:      "blue",
		MinPort: 80,
		MaxPort: 80,
	}
	redBlueACLs := directedACLs(ovsdb.ACL{
		Core: ovsdb.ACLCore{
			Priority: 1,
			Match: "(((ip4.src == $red && ip4.dst == $blue) && " +
				"(icmp || 80 <= udp.dst <= 80 || " +
				"80 <= tcp.dst <= 80)) || ((ip4.src == $blue && " +
				"ip4.dst == $red) && (icmp || 80 <= udp.src <= 80 || " +
				"80 <= tcp.src <= 80)))",
			Action: "allow",
		},
	})

	redYellowConnection := db.Connection{
		From:    "red",
		To:      "yellow",
		MinPort: 80,
		MaxPort: 81,
	}
	redYellowACLs := directedACLs(ovsdb.ACL{
		Core: ovsdb.ACLCore{
			Priority: 1,
			Match: "(((ip4.src == $red && ip4.dst == $yellow) && " +
				"(icmp || 80 <= udp.dst <= 81 || " +
				"80 <= tcp.dst <= 81)) || ((ip4.src == $yellow && " +
				"ip4.dst == $red) && (icmp || 80 <= udp.src <= 81 || " +
				"80 <= tcp.src <= 81)))",
			Action: "allow",
		},
	})

	checkACLs(t, client,
		[]db.Connection{redBlueConnection},
		append(dropACLs, redBlueACLs...),
	)
	checkACLs(t, client,
		[]db.Connection{redBlueConnection, redYellowConnection},
		append(dropACLs, append(redBlueACLs, redYellowACLs...)...),
	)
	checkACLs(t, client,
		[]db.Connection{redYellowConnection},
		append(dropACLs, redYellowACLs...),
	)

	// Test hyphen conversion.
	dashConnection := db.Connection{
		From:    "spark-ms",
		To:      "spark-wk",
		MinPort: 80,
		MaxPort: 80,
	}
	dashACLs := directedACLs(ovsdb.ACL{
		Core: ovsdb.ACLCore{
			Priority: 1,
			Match: "(((ip4.src == $SPARK_MS && ip4.dst == $SPARK_WK) && " +
				"(icmp || 80 <= udp.dst <= 80 || " +
				"80 <= tcp.dst <= 80)) || ((ip4.src == $SPARK_WK && " +
				"ip4.dst == $SPARK_MS) && " +
				"(icmp || 80 <= udp.src <= 80 || 80 <= tcp.src <= 80)))",
			Action: "allow",
		},
	})
	checkACLs(t, client,
		[]db.Connection{dashConnection},
		append(dropACLs, dashACLs...),
	)
}