Blame - tempest/api/compute/admin/test_quotas_negative.py - tempest

blob: 04dbc2d56ca099282e32519f616dc4b64dcc9d5d [file] [log] [blame]

Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	1	# Copyright 2014 NEC Corporation. All rights reserved.
				2	#
				3	# Licensed under the Apache License, Version 2.0 (the "License"); you may
				4	# not use this file except in compliance with the License. You may obtain
				5	# a copy of the License at
				6	#
				7	# http://www.apache.org/licenses/LICENSE-2.0
				8	#
				9	# Unless required by applicable law or agreed to in writing, software
				10	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				11	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
				12	# License for the specific language governing permissions and limitations
				13	# under the License.
				14
				15	from tempest.api.compute import base
Andrea Frittoli	cd36841	2017-08-14 21:37:56 +0100	[diff] [blame]	16	from tempest.common import utils
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	17	from tempest import config
Ken'ichi Ohmichi	757833a	2017-03-10 10:30:30 -0800	[diff] [blame]	18	from tempest.lib.common.utils import data_utils
Andrea Frittoli (andreaf)	db9672e	2016-02-23 14:07:24 -0500	[diff] [blame]	19	from tempest.lib import decorators
				20	from tempest.lib import exceptions as lib_exc
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	21
				22	CONF = config.CONF
				23
				24
zhufl	95d7525	2018-03-28 09:55:04 +0800	[diff] [blame]	25	class QuotasAdminNegativeTestBase(base.BaseV2ComputeAdminTest):
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	26	force_tenant_isolation = True
				27
				28	@classmethod
Rohan Kanade	60b7309	2015-02-04 17:58:19 +0530	[diff] [blame]	29	def setup_clients(cls):
zhufl	95d7525	2018-03-28 09:55:04 +0800	[diff] [blame]	30	super(QuotasAdminNegativeTestBase, cls).setup_clients()
Jordan Pittier	8160d31	2017-04-18 11:52:23 +0200	[diff] [blame]	31	cls.client = cls.os_primary.quotas_client
				32	cls.adm_client = cls.os_admin.quotas_client
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	33	cls.sg_client = cls.security_groups_client
Ken'ichi Ohmichi	685cd17	2015-07-13 01:29:57 +0000	[diff] [blame]	34	cls.sgr_client = cls.security_group_rules_client
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	35
Rohan Kanade	60b7309	2015-02-04 17:58:19 +0530	[diff] [blame]	36	@classmethod
				37	def resource_setup(cls):
zhufl	95d7525	2018-03-28 09:55:04 +0800	[diff] [blame]	38	super(QuotasAdminNegativeTestBase, cls).resource_setup()
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	39	# NOTE(afazekas): these test cases should always create and use a new
				40	# tenant most of them should be skipped if we can't do that
Andrea Frittoli	9612e81	2014-03-13 10:57:26 +0000	[diff] [blame]	41	cls.demo_tenant_id = cls.client.tenant_id
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	42
zhufl	aa5e41a	2016-11-16 16:21:26 +0800	[diff] [blame]	43	def _update_quota(self, quota_item, quota_value):
				44	quota_set = (self.adm_client.show_quota_set(self.demo_tenant_id)
				45	['quota_set'])
				46	default_quota_value = quota_set[quota_item]
				47
				48	self.adm_client.update_quota_set(self.demo_tenant_id,
				49	force=True,
				50	**{quota_item: quota_value})
				51	self.addCleanup(self.adm_client.update_quota_set, self.demo_tenant_id,
				52	**{quota_item: default_quota_value})
				53
zhufl	95d7525	2018-03-28 09:55:04 +0800	[diff] [blame]	54
				55	class QuotasAdminNegativeTest(QuotasAdminNegativeTestBase):
zhufl	a0e87dc	2020-05-13 15:52:15 +0800	[diff] [blame]	56	"""Negative tests of nova quotas"""
zhufl	95d7525	2018-03-28 09:55:04 +0800	[diff] [blame]	57
Jordan Pittier	3b46d27	2017-04-12 16:17:28 +0200	[diff] [blame]	58	@decorators.attr(type=['negative'])
Ken'ichi Ohmichi	ebbfd1c	2017-01-27 16:37:00 -0800	[diff] [blame]	59	@decorators.idempotent_id('733abfe8-166e-47bb-8363-23dbd7ff3476')
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	60	def test_update_quota_normal_user(self):
zhufl	a0e87dc	2020-05-13 15:52:15 +0800	[diff] [blame]	61	"""Test updating nova quota by normal user should fail"""
Masayuki Igawa	6b1cd29	2015-02-16 11:11:55 +0900	[diff] [blame]	62	self.assertRaises(lib_exc.Forbidden,
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	63	self.client.update_quota_set,
				64	self.demo_tenant_id,
				65	ram=0)
				66
Yaroslav Lobankov	4f4834e	2015-09-14 17:50:38 +0300	[diff] [blame]	67	# TODO(afazekas): Add dedicated tenant to the skipped quota tests.
				68	# It can be moved into the setUpClass as well.
Jordan Pittier	3b46d27	2017-04-12 16:17:28 +0200	[diff] [blame]	69	@decorators.attr(type=['negative'])
Ken'ichi Ohmichi	ebbfd1c	2017-01-27 16:37:00 -0800	[diff] [blame]	70	@decorators.idempotent_id('91058876-9947-4807-9f22-f6eb17140d9b')
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	71	def test_create_server_when_cpu_quota_is_full(self):
zhufl	a0e87dc	2020-05-13 15:52:15 +0800	[diff] [blame]	72	"""Disallow server creation when tenant's vcpu quota is full"""
zhufl	aa5e41a	2016-11-16 16:21:26 +0800	[diff] [blame]	73	self._update_quota('cores', 0)
Masayuki Igawa	6b1cd29	2015-02-16 11:11:55 +0900	[diff] [blame]	74	self.assertRaises((lib_exc.Forbidden, lib_exc.OverLimit),
ZHU ZHU	3576254	2014-09-01 01:58:49 -0500	[diff] [blame]	75	self.create_test_server)
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	76
Jordan Pittier	3b46d27	2017-04-12 16:17:28 +0200	[diff] [blame]	77	@decorators.attr(type=['negative'])
Ken'ichi Ohmichi	ebbfd1c	2017-01-27 16:37:00 -0800	[diff] [blame]	78	@decorators.idempotent_id('6fdd7012-584d-4327-a61c-49122e0d5864')
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	79	def test_create_server_when_memory_quota_is_full(self):
zhufl	a0e87dc	2020-05-13 15:52:15 +0800	[diff] [blame]	80	"""Disallow server creation when tenant's memory quota is full"""
zhufl	aa5e41a	2016-11-16 16:21:26 +0800	[diff] [blame]	81	self._update_quota('ram', 0)
Masayuki Igawa	6b1cd29	2015-02-16 11:11:55 +0900	[diff] [blame]	82	self.assertRaises((lib_exc.Forbidden, lib_exc.OverLimit),
ZHU ZHU	3576254	2014-09-01 01:58:49 -0500	[diff] [blame]	83	self.create_test_server)
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	84
Jordan Pittier	3b46d27	2017-04-12 16:17:28 +0200	[diff] [blame]	85	@decorators.attr(type=['negative'])
Ken'ichi Ohmichi	ebbfd1c	2017-01-27 16:37:00 -0800	[diff] [blame]	86	@decorators.idempotent_id('7c6be468-0274-449a-81c3-ac1c32ee0161')
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	87	def test_create_server_when_instances_quota_is_full(self):
zhufl	a0e87dc	2020-05-13 15:52:15 +0800	[diff] [blame]	88	"""Once instances quota limit is reached, disallow server creation"""
zhufl	aa5e41a	2016-11-16 16:21:26 +0800	[diff] [blame]	89	self._update_quota('instances', 0)
Masayuki Igawa	6b1cd29	2015-02-16 11:11:55 +0900	[diff] [blame]	90	self.assertRaises((lib_exc.Forbidden, lib_exc.OverLimit),
ZHU ZHU	3576254	2014-09-01 01:58:49 -0500	[diff] [blame]	91	self.create_test_server)
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	92
zhufl	95d7525	2018-03-28 09:55:04 +0800	[diff] [blame]	93
				94	class QuotasSecurityGroupAdminNegativeTest(QuotasAdminNegativeTestBase):
zhufl	a0e87dc	2020-05-13 15:52:15 +0800	[diff] [blame]	95	"""Negative tests of nova security group quota"""
				96
zhufl	95d7525	2018-03-28 09:55:04 +0800	[diff] [blame]	97	max_microversion = '2.35'
				98
Matthew Treinish	c49fcbe	2015-02-05 23:37:34 -0500	[diff] [blame]	99	@decorators.skip_because(bug="1186354",
				100	condition=CONF.service_available.neutron)
Jordan Pittier	3b46d27	2017-04-12 16:17:28 +0200	[diff] [blame]	101	@decorators.attr(type=['negative'])
Ken'ichi Ohmichi	ebbfd1c	2017-01-27 16:37:00 -0800	[diff] [blame]	102	@decorators.idempotent_id('7c6c8f3b-2bf6-4918-b240-57b136a66aa0')
Andrea Frittoli	cd36841	2017-08-14 21:37:56 +0100	[diff] [blame]	103	@utils.services('network')
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	104	def test_security_groups_exceed_limit(self):
zhufl	a0e87dc	2020-05-13 15:52:15 +0800	[diff] [blame]	105	"""Negative test: Creation Security Groups over limit should FAIL"""
Joseph Lanoux	ffe09dd	2015-03-18 16:45:33 +0000	[diff] [blame]	106	# Set the quota to number of used security groups
ghanshyam	8a59949	2015-08-24 15:55:59 +0900	[diff] [blame]	107	sg_quota = self.limits_client.show_limits()['limits']['absolute'][
Joseph Lanoux	ffe09dd	2015-03-18 16:45:33 +0000	[diff] [blame]	108	'totalSecurityGroupsUsed']
zhufl	aa5e41a	2016-11-16 16:21:26 +0800	[diff] [blame]	109	self._update_quota('security_groups', sg_quota)
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	110
				111	# Check we cannot create anymore
Chris Yeoh	60d5ce9	2014-06-27 13:59:23 +0930	[diff] [blame]	112	# A 403 Forbidden or 413 Overlimit (old behaviour) exception
				113	# will be raised when out of quota
Masayuki Igawa	6b1cd29	2015-02-16 11:11:55 +0900	[diff] [blame]	114	self.assertRaises((lib_exc.Forbidden, lib_exc.OverLimit),
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	115	self.sg_client.create_security_group,
Ken'ichi Ohmichi	34563cc	2015-07-21 00:53:17 +0000	[diff] [blame]	116	name="sg-overlimit", description="sg-desc")
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	117
Matthew Treinish	c49fcbe	2015-02-05 23:37:34 -0500	[diff] [blame]	118	@decorators.skip_because(bug="1186354",
				119	condition=CONF.service_available.neutron)
Jordan Pittier	3b46d27	2017-04-12 16:17:28 +0200	[diff] [blame]	120	@decorators.attr(type=['negative'])
Ken'ichi Ohmichi	ebbfd1c	2017-01-27 16:37:00 -0800	[diff] [blame]	121	@decorators.idempotent_id('6e9f436d-f1ed-4f8e-a493-7275dfaa4b4d')
Andrea Frittoli	cd36841	2017-08-14 21:37:56 +0100	[diff] [blame]	122	@utils.services('network')
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	123	def test_security_groups_rules_exceed_limit(self):
zhufl	a0e87dc	2020-05-13 15:52:15 +0800	[diff] [blame]	124	"""Negative test: Creation of Security Group Rules should FAIL"""
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	125	# when we reach limit maxSecurityGroupRules
zhufl	aa5e41a	2016-11-16 16:21:26 +0800	[diff] [blame]	126	self._update_quota('security_group_rules', 0)
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	127
Ken'ichi Ohmichi	4937f56	2015-03-23 00:15:01 +0000	[diff] [blame]	128	s_name = data_utils.rand_name('securitygroup')
				129	s_description = data_utils.rand_name('description')
ghanshyam	b610b77	2015-08-24 17:29:38 +0900	[diff] [blame]	130	securitygroup = self.sg_client.create_security_group(
				131	name=s_name, description=s_description)['security_group']
Haiwei Xu	c367d91	2014-01-14 19:51:10 +0900	[diff] [blame]	132	self.addCleanup(self.sg_client.delete_security_group,
				133	securitygroup['id'])
				134
				135	secgroup_id = securitygroup['id']
				136	ip_protocol = 'tcp'
				137
				138	# Check we cannot create SG rule anymore
Chris Yeoh	60d5ce9	2014-06-27 13:59:23 +0930	[diff] [blame]	139	# A 403 Forbidden or 413 Overlimit (old behaviour) exception
				140	# will be raised when out of quota
Masayuki Igawa	6b1cd29	2015-02-16 11:11:55 +0900	[diff] [blame]	141	self.assertRaises((lib_exc.OverLimit, lib_exc.Forbidden),
Ken'ichi Ohmichi	685cd17	2015-07-13 01:29:57 +0000	[diff] [blame]	142	self.sgr_client.create_security_group_rule,
Ken'ichi Ohmichi	eb7eeec	2015-07-21 01:00:06 +0000	[diff] [blame]	143	parent_group_id=secgroup_id, ip_protocol=ip_protocol,
				144	from_port=1025, to_port=1025)