[lxc-devel] [lxc-ci/master] OVN: External IP tests

tomponline on Github lxc-bot at linuxcontainers.org
Tue Oct 20 15:41:30 UTC 2020 

A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 303 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20201020/c57ee334/attachment.bin>
-------------- next part --------------
From e1759fd36b251872804e9b55e9cbeb9c8b00d57c Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Tue, 20 Oct 2020 11:29:28 +0100
Subject: [PATCH 1/4] bin/test-lxd-ovn: Adds debugging throughout script

So we can see which commands are being run.

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 bin/test-lxd-ovn | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/bin/test-lxd-ovn b/bin/test-lxd-ovn
index b6b6810..5ec282f 100755
--- a/bin/test-lxd-ovn
+++ b/bin/test-lxd-ovn
@@ -1,5 +1,5 @@
 #!/bin/sh
-set -eu
+set -eux
 
 cleanup() {
     echo ""
@@ -35,7 +35,6 @@ lxd waitready --timeout=300
 apt install ovn-host ovn-central --yes
 
 # Configure OVN
-set -x
 ovs-vsctl set open_vswitch . \
   external_ids:ovn-remote=unix:/var/run/ovn/ovnsb_db.sock \
   external_ids:ovn-encap-type=geneve \
@@ -56,7 +55,6 @@ lxc network create lxdbr0 \
 lxc network create ovn-virtual-network --type=ovn
 
 # Test
-set +x
 lxc network list
 lxc project switch default
 

From 8637bc622210597da24e9b4881a27f0ed84aa160 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Tue, 20 Oct 2020 16:19:38 +0100
Subject: [PATCH 2/4] bin/test-lxd-ovn: Improves section titles

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 bin/test-lxd-ovn | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/bin/test-lxd-ovn b/bin/test-lxd-ovn
index 5ec282f..0ee328f 100755
--- a/bin/test-lxd-ovn
+++ b/bin/test-lxd-ovn
@@ -98,7 +98,7 @@ echo "==> OVN to OVN"
 lxc exec u2 -- ping -c1 -4 "${U3_IPV4}"
 lxc exec u2 -- ping -c1 -6 "${U3_IPV6}"
 
-echo "==> OVN to lxdbr0"
+echo "==> OVN to lxdbr0 instance"
 lxc exec u3 -- ping -c1 -4 "${U1_IPV4}"
 lxc exec u3 -- ping -c1 -6 "${U1_IPV6}"
 
@@ -106,7 +106,7 @@ echo "==> DNS resolution on OVN"
 lxc exec u3 -- ping -c1 -4 u2.lxd
 lxc exec u3 -- ping -c1 -6 u2.lxd
 
-echo "==> OVN to lxdbr0"
+echo "==> OVN to lxdbr0 gateway"
 lxc exec u2 -- ping -c1 10.10.10.1
 lxc exec u2 -- ping -c1 fd42:4242:4242:1010::1
 
@@ -174,7 +174,7 @@ echo "==> OVN to OVN in project testovn"
 lxc exec u2 -- ping -c1 -4 "${U3_IPV4}"
 lxc exec u2 -- ping -c1 -6 "${U3_IPV6}"
 
-echo "==> OVN to lxdbr0 in project testovn"
+echo "==> OVN to lxdbr0 instance in project testovn"
 lxc exec u3 -- ping -c1 -4 "${U1_IPV4}"
 lxc exec u3 -- ping -c1 -6 "${U1_IPV6}"
 
@@ -182,7 +182,7 @@ echo "==> DNS resolution on OVN in project testovn"
 lxc exec u3 -- ping -c1 -4 u2.lxd
 lxc exec u3 -- ping -c1 -6 u2.lxd
 
-echo "==> OVN to lxdbr0 in project testovn"
+echo "==> OVN to lxdbr0 gateway in project testovn"
 lxc exec u2 -- ping -c1 10.10.10.1
 lxc exec u2 -- ping -c1 fd42:4242:4242:1010::1
 

From 3a83bc3e415657e66d41880b844b34c97fc0010a Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Tue, 20 Oct 2020 16:35:15 +0100
Subject: [PATCH 3/4] bin/test-lxd-ovn: Adds test for using external subnet as
 OVN network address

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 bin/test-lxd-ovn | 39 ++++++++++++++++++++++++++++++++++++++-
 1 file changed, 38 insertions(+), 1 deletion(-)

diff --git a/bin/test-lxd-ovn b/bin/test-lxd-ovn
index 0ee328f..179fc57 100755
--- a/bin/test-lxd-ovn
+++ b/bin/test-lxd-ovn
@@ -116,6 +116,7 @@ lxc exec u2 -- ping -c1 -6 linuxcontainers.org
 
 echo "===> Testing project restrictions"
 lxc project create testovn -c features.networks=true -c restricted=true
+lxc profile device add default root disk path=/ pool=default --project testovn
 
 # Test we cannot create network in restricted project with no defined uplinks.
 ! lxc network create ovn-virtual-network --project testovn
@@ -131,9 +132,45 @@ lxc project set testovn restricted.networks.uplinks=lxdbr0,lxdbr1
 ! lxc network create ovn-virtual-network --project testovn
 lxc network create ovn-virtual-network network=lxdbr0 --project testovn
 lxc network delete ovn-virtual-network --project testovn
-lxc project delete testovn
 lxc network delete lxdbr1 --project default
 
+# Test physical uplink with external IPs
+ip link add dummy0 type dummy
+lxc network create dummy --type=physical --project default \
+    parent=dummy0 \
+    ipv4.gateway=192.0.2.1/24 \
+    ipv6.gateway=2001:db8:1:1::1/64 \
+    ipv4.ovn.ranges=192.0.2.10-192.0.2.19 \
+    ipv4.routes=198.51.100.0/24 \
+    ipv6.routes=2001:db8:1:2::/64 \
+    dns.nameservers=192.0.2.53
+
+# Test using external subnets using physical uplink.
+lxc project set testovn restricted.networks.uplinks=dummy
+lxc network create ovn-virtual-network --type=ovn --project testovn network=dummy \
+    ipv4.address=198.51.100.1/24 \
+    ipv6.address=2001:db8:1:2::1/64 \
+    ipv4.nat=false \
+    ipv6.nat=false
+
+lxc init images:ubuntu/20.04 u1 --project testovn
+lxc config device add u1 eth0 nic network=ovn-virtual-network name=eth0 --project testovn
+lxc start u1 --project testovn
+
+# Test external IPs allocated and published using dnat.
+sleep 5
+U1_EXT_IPV4="$(lxc list u1 --project testovn -c4 --format=csv | cut -d' ' -f1)"
+U1_EXT_IPV6="$(lxc list u1 --project testovn -c6 --format=csv | cut -d' ' -f1)"
+ovn-nbctl --bare --format=csv --column=external_ip,logical_ip,type find nat | grep "${U1_EXT_IPV4},${U1_EXT_IPV4},dnat_and_snat"
+ovn-nbctl --bare --format=csv --column=external_ip,logical_ip,type find nat | grep "${U1_EXT_IPV6},${U1_EXT_IPV6},dnat_and_snat"
+
+lxc delete -f u1 --project testovn
+lxc network delete ovn-virtual-network --project testovn
+lxc image delete "${FINGERPRINT}" --project testovn
+lxc project delete testovn
+lxc network delete dummy --project default
+ip link delete dummy0
+
 echo "===> Testing projects"
 lxc project create testovn -c features.networks=true -c limits.networks=1
 lxc project switch testovn

From 0e7ba2b5364993593331b70fb499f2de531f2be2 Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott at canonical.com>
Date: Tue, 20 Oct 2020 16:35:21 +0100
Subject: [PATCH 4/4] bin/test-lxd-ovn: Shorten line length

Signed-off-by: Thomas Parrott <thomas.parrott at canonical.com>
---
 bin/test-lxd-ovn | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/bin/test-lxd-ovn b/bin/test-lxd-ovn
index 179fc57..72772b8 100755
--- a/bin/test-lxd-ovn
+++ b/bin/test-lxd-ovn
@@ -177,7 +177,10 @@ lxc project switch testovn
 lxc profile device add default root disk path=/ pool=default
 
 # Create network inside project with same name and subnet as network in default project.
-lxc network create ovn-virtual-network network=lxdbr0 --type=ovn ipv4.address="$(lxc network get ovn-virtual-network ipv4.address --project default)" ipv4.nat=true ipv6.address="$(lxc network get ovn-virtual-network ipv6.address --project default)" ipv6.nat=true
+lxc network create ovn-virtual-network network=lxdbr0 --type=ovn \
+    ipv4.address="$(lxc network get ovn-virtual-network ipv4.address --project default)" \
+    ipv4.nat=true ipv6.address="$(lxc network get ovn-virtual-network ipv6.address --project default)" \
+    ipv6.nat=true
 
 # Test we cannot exceed specified project limits for networks.
 ! lxc network create ovn-virtual-network-toomany network=lxdbr0 --type=ovn

More information about the lxc-devel mailing list