Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 1c10cf2c8202e5d928b6f2f12265700f53edd7e8 / . / apps / kubevirt-networking / app / src / test / java / org / onosproject / kubevirtnetworking / impl / KubevirtSecurityGroupManagerTest.java
blob: b7d8d640765f4f0fa6ad05bfe24d2ba95dfdf284 [file] [log] [blame]
Jian Li1c10cf22021-03-05 01:32:04 +0900[diff] [blame^]1/*
2 * Copyright 2021-present Open Networking Foundation
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package org.onosproject.kubevirtnetworking.impl;
17
18import com.google.common.collect.Lists;
19import com.google.common.util.concurrent.MoreExecutors;
20import org.junit.After;
21import org.junit.Before;
22import org.junit.Test;
23import org.onlab.junit.TestUtils;
24import org.onlab.packet.IpPrefix;
25import org.onosproject.core.ApplicationId;
26import org.onosproject.core.CoreServiceAdapter;
27import org.onosproject.core.DefaultApplicationId;
28import org.onosproject.event.Event;
29import org.onosproject.kubevirtnetworking.api.DefaultKubevirtSecurityGroup;
30import org.onosproject.kubevirtnetworking.api.DefaultKubevirtSecurityGroupRule;
31import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroup;
32import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupEvent;
33import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupListener;
34import org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupRule;
35import org.onosproject.store.service.TestStorageService;
36
37import java.util.List;
38
39import static org.junit.Assert.assertEquals;
40import static org.junit.Assert.assertNotNull;
41import static org.junit.Assert.assertNull;
42import static org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupEvent.Type.KUBEVIRT_SECURITY_GROUP_CREATED;
43import static org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupEvent.Type.KUBEVIRT_SECURITY_GROUP_REMOVED;
44import static org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupEvent.Type.KUBEVIRT_SECURITY_GROUP_RULE_CREATED;
45import static org.onosproject.kubevirtnetworking.api.KubevirtSecurityGroupEvent.Type.KUBEVIRT_SECURITY_GROUP_RULE_REMOVED;
46
47/**
48 * Unit tests for kubevirt security group manager.
49 */
50public class KubevirtSecurityGroupManagerTest {
51
52 private static final ApplicationId TEST_APP_ID = new DefaultApplicationId(1, "test");
53
54 private static final String SECURITY_GROUP_ID_1 = "sg-id-1";
55 private static final String SECURITY_GROUP_ID_2 = "sg-id-2";
56 private static final String UNKNOWN_ID = "sg-id-x";
57
58
59 private static final String SECURITY_GROUP_NAME_1 = "sg-name-1";
60 private static final String SECURITY_GROUP_NAME_2 = "sg-name-2";
61
62 private static final String SECURITY_GROUP_DESCRIPTION_1 = "description-1";
63 private static final String SECURITY_GROUP_DESCRIPTION_2 = "description-2";
64
65 private static final String SECURITY_GROUP_RULE_ID_1_1 = "sgr-id-1-1";
66 private static final String SECURITY_GROUP_RULE_ID_1_2 = "sgr-id-1-2";
67
68 private static final String SECURITY_GROUP_ETH_TYPE = "IP";
69 private static final String SECURITY_GROUP_DIRECTION = "EGRESS";
70 private static final String SECURITY_GROUP_PROTOCOL_1 = "TCP";
71 private static final String SECURITY_GROUP_PROTOCOL_2 = "UDP";
72
73 private static final int SECURITY_GROUP_PORT_RANGE_MIN_1 = 1;
74 private static final int SECURITY_GROUP_PORT_RANGE_MIN_2 = 101;
75 private static final int SECURITY_GROUP_PORT_RANGE_MAX_1 = 100;
76 private static final int SECURITY_GROUP_PORT_RANGE_MAX_2 = 200;
77
78 private static final IpPrefix SECURITY_GROUP_REMOTE_IP_PREFIX_1 = IpPrefix.valueOf("1.1.1.0/24");
79 private static final IpPrefix SECURITY_GROUP_REMOTE_IP_PREFIX_2 = IpPrefix.valueOf("2.2.2.0/24");
80
81 private KubevirtSecurityGroup sg1;
82 private KubevirtSecurityGroup sg2;
83
84 private KubevirtSecurityGroupRule sgRule11;
85 private KubevirtSecurityGroupRule sgRule12;
86
87 private KubevirtSecurityGroupManager target;
88 private DistributedKubevirtSecurityGroupStore store;
89
90 private final TestKubevirtSecurityGroupListener testListener =
91 new TestKubevirtSecurityGroupListener();
92
93 /**
94 * Initial setup for this unit test.
95 */
96 @Before
97 public void setUp() throws Exception {
98 store = new DistributedKubevirtSecurityGroupStore();
99 TestUtils.setField(store, "coreService", new TestCoreService());
100 TestUtils.setField(store, "storageService", new TestStorageService());
101 TestUtils.setField(store, "eventExecutor", MoreExecutors.newDirectExecutorService());
102 store.activate();
103
104 target = new KubevirtSecurityGroupManager();
105 TestUtils.setField(target, "coreService", new TestCoreService());
106 target.sgStore = store;
107 target.addListener(testListener);
108 target.activate();
109
110 sgRule11 = DefaultKubevirtSecurityGroupRule.builder()
111 .id(SECURITY_GROUP_RULE_ID_1_1)
112 .securityGroupId(SECURITY_GROUP_ID_1)
113 .remoteGroupId(SECURITY_GROUP_ID_1)
114 .direction(SECURITY_GROUP_DIRECTION)
115 .etherType(SECURITY_GROUP_ETH_TYPE)
116 .portRangeMax(SECURITY_GROUP_PORT_RANGE_MAX_1)
117 .portRangeMin(SECURITY_GROUP_PORT_RANGE_MIN_1)
118 .protocol(SECURITY_GROUP_PROTOCOL_1)
119 .remoteIpPrefix(SECURITY_GROUP_REMOTE_IP_PREFIX_1)
120 .build();
121
122 sgRule12 = DefaultKubevirtSecurityGroupRule.builder()
123 .id(SECURITY_GROUP_RULE_ID_1_2)
124 .securityGroupId(SECURITY_GROUP_ID_1)
125 .remoteGroupId(SECURITY_GROUP_ID_2)
126 .direction(SECURITY_GROUP_DIRECTION)
127 .etherType(SECURITY_GROUP_ETH_TYPE)
128 .portRangeMax(SECURITY_GROUP_PORT_RANGE_MAX_2)
129 .portRangeMin(SECURITY_GROUP_PORT_RANGE_MIN_2)
130 .protocol(SECURITY_GROUP_PROTOCOL_2)
131 .remoteIpPrefix(SECURITY_GROUP_REMOTE_IP_PREFIX_2)
132 .build();
133
134 sg1 = DefaultKubevirtSecurityGroup.builder()
135 .id(SECURITY_GROUP_ID_1)
136 .name(SECURITY_GROUP_NAME_1)
137 .description(SECURITY_GROUP_DESCRIPTION_1)
138 .build();
139
140 sg2 = DefaultKubevirtSecurityGroup.builder()
141 .id(SECURITY_GROUP_ID_2)
142 .name(SECURITY_GROUP_NAME_2)
143 .description(SECURITY_GROUP_DESCRIPTION_2)
144 .build();
145 }
146
147 /**
148 * Tears down all of this unit test.
149 */
150 @After
151 public void tearDown() {
152 target.removeListener(testListener);
153 store.deactivate();
154 target.deactivate();
155 store = null;
156 target = null;
157 }
158
159 /**
160 * Tests if getting all security groups returns the correct set of groups.
161 */
162 @Test
163 public void testGetSecurityGroups() {
164 createBasicSecurityGroups();
165 assertEquals("Number of security group did not match",
166 2, target.securityGroups().size());
167 }
168
169 /**
170 * Tests if getting a security group with group ID returns the correct group.
171 */
172 @Test
173 public void testGetSecurityGroupById() {
174 createBasicSecurityGroups();
175 assertNotNull("Security group did not match", target.securityGroup(SECURITY_GROUP_ID_1));
176 assertNotNull("Security group did not match", target.securityGroup(SECURITY_GROUP_ID_2));
177 assertNull("Security group did not match", target.securityGroup(UNKNOWN_ID));
178 }
179
180 /**
181 * Tests creating and removing a security group, and checks if it triggers proper events.
182 */
183 @Test
184 public void testCreateAndRemoveSecurityGroup() {
185 target.createSecurityGroup(sg1);
186 assertEquals("Number of security group did not match",
187 1, target.securityGroups().size());
188 assertNotNull("Security group did not match",
189 target.securityGroup(SECURITY_GROUP_ID_1));
190
191 target.removeSecurityGroup(SECURITY_GROUP_ID_1);
192 assertEquals("Number of security group did not match",
193 0, target.securityGroups().size());
194 assertNull("Security group did not match",
195 target.securityGroup(SECURITY_GROUP_ID_1));
196
197 validateEvents(KUBEVIRT_SECURITY_GROUP_CREATED, KUBEVIRT_SECURITY_GROUP_REMOVED);
198 }
199
200 /**
201 * Tests creating and removing a security group rule, and checks if it triggers proper events.
202 */
203 @Test
204 public void testCreateAndRemoveSecurityGroupRule() {
205 target.createSecurityGroup(sg1);
206 assertEquals("Number of security group rule did not match",
207 0, target.securityGroup(sg1.id()).rules().size());
208
209 target.createSecurityGroupRule(sgRule11);
210 assertEquals("Number of security group rule did not match",
211 1, target.securityGroup(sg1.id()).rules().size());
212
213 target.createSecurityGroupRule(sgRule12);
214 assertEquals("Number of security group rule did not match",
215 2, target.securityGroup(sg1.id()).rules().size());
216
217 target.removeSecurityGroupRule(sgRule11.id());
218 assertEquals("Number of security group rule did not match",
219 1, target.securityGroup(sg1.id()).rules().size());
220
221 target.removeSecurityGroupRule(sgRule12.id());
222 assertEquals("Number of security group rule did not match",
223 0, target.securityGroup(sg1.id()).rules().size());
224
225 validateEvents(KUBEVIRT_SECURITY_GROUP_CREATED,
226 KUBEVIRT_SECURITY_GROUP_RULE_CREATED,
227 KUBEVIRT_SECURITY_GROUP_RULE_CREATED,
228 KUBEVIRT_SECURITY_GROUP_RULE_REMOVED,
229 KUBEVIRT_SECURITY_GROUP_RULE_REMOVED);
230 }
231
232 /**
233 * Tests if creating a null security group fails with an exception.
234 */
235 @Test(expected = NullPointerException.class)
236 public void testCreateNullSecurityGroup() {
237 target.createSecurityGroup(null);
238 }
239
240 /**
241 * Tests if creating a duplicated security group fails with an exception.
242 */
243 @Test(expected = IllegalArgumentException.class)
244 public void testCreateDuplicateSecurityGroup() {
245 target.createSecurityGroup(sg1);
246 target.createSecurityGroup(sg1);
247 }
248
249 /**
250 * Tests if removing security group with null ID fails with an exception.
251 */
252 @Test(expected = IllegalArgumentException.class)
253 public void testRemoveSecurityGroupWithNull() {
254 target.removeSecurityGroup(null);
255 }
256
257 /**
258 * Tests if updating an unregistered security group fails with an exception.
259 */
260 @Test(expected = IllegalArgumentException.class)
261 public void testUpdateUnregisteredSecurityGroup() {
262 target.updateSecurityGroup(sg1);
263 }
264
265 private void createBasicSecurityGroups() {
266 target.createSecurityGroup(sg1);
267 target.createSecurityGroup(sg2);
268 }
269
270 private static class TestCoreService extends CoreServiceAdapter {
271
272 @Override
273 public ApplicationId registerApplication(String name) {
274 return TEST_APP_ID;
275 }
276 }
277
278 private static class TestKubevirtSecurityGroupListener
279 implements KubevirtSecurityGroupListener {
280
281 private List<KubevirtSecurityGroupEvent> events = Lists.newArrayList();
282
283 @Override
284 public void event(KubevirtSecurityGroupEvent event) {
285 events.add(event);
286 }
287 }
288
289 private void validateEvents(Enum... types) {
290 int i = 0;
291 assertEquals("Number of events did not match", types.length,
292 testListener.events.size());
293 for (Event event : testListener.events) {
294 assertEquals("Incorrect event received", types[i], event.type());
295 i++;
296 }
297 testListener.events.clear();
298 }
299}