def test_update_with_template(self):
template = {
"service-group": {
"template-server": "sg1",
"template-port": "sg1",
"template-policy": "sg1"
}
}
exp_template = {
"template-server": "sg1",
"template-port": "sg1",
"template-policy": "sg1"
}
for k, v in self.a.config.get_devices().items():
v['templates'] = template
pers1 = None
pers2 = None
old_pool = fake_objs.FakePool('TCP', 'LEAST_CONNECTIONS', pers1, True)
pool = fake_objs.FakePool('TCP', 'ROUND_ROBIN', pers2, True)
self.a.pool.update(None, pool, old_pool)
self.a.last_client.slb.service_group.update.assert_called_with(
pool.id,
axapi_args={"service_group": {}},
lb_method=mock.ANY,
config_defaults=mock.ANY,
protocol=mock.ANY,
service_group_templates=exp_template)
def test_update(self):
pers1 = None
pers2 = None
old_pool = fake_objs.FakePool('TCP', 'LEAST_CONNECTIONS', pers1, True)
pool = fake_objs.FakePool('TCP', 'ROUND_ROBIN', pers2, True)
self.a.pool.update(None, pool, old_pool)
self.print_mocks()
self.a.last_client.slb.service_group.update.assert_called_with(
pool.id,
axapi_args={"service_group": {}},
lb_method=mock.ANY,
config_defaults=mock.ANY,
protocol=mock.ANY)
def test_delete(self):
members = [[], [fake_objs.FakeMember()]]
hms = [None, fake_objs.FakeHM('PING')]
persistences = [None, 'SOURCE_IP', 'HTTP_COOKIE']
listeners = [False, True]
for m in members:
for hm in hms:
for pers in persistences:
for lst in listeners:
self.a.reset_mocks()
pool = fake_objs.FakePool('TCP',
'ROUND_ROBIN',
pers,
lst,
members=m,
hm=hm)
self.a.pool.neutron.member_count.return_value = 1
self.a.pool.delete(None, pool)
self.print_mocks()
(self.a.last_client.slb.service_group.delete.
assert_called_with(pool.id))
if pers == 'SOURCE_IP':
(self.a.last_client.slb.template.
src_ip_persistence.delete.assert_called_with(
pool.id))
elif pers == 'HTTP_COOKIE':
(self.a.last_client.slb.template.
cookie_persistence.delete.assert_called_with(
pool.id))
def _test_create_autosnat(self, api_ver=None, autosnat=None):
saw_exception = False
"""
Due to how the config is pulled in, we can't override the config
version here and just expect it to work.
"""
for k, v in self.a.config.get_devices().items():
v['api_version'] = api_ver
v['autosnat'] = autosnat
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool,
loadbalancer=lb)
try:
self.a.listener.create(None, m)
except Exception as e:
saw_exception = True
raise e
if not saw_exception:
s = str(self.a.last_client.mock_calls)
self.assertIn('vport.create', s)
self.assertIn('autosnat=%s' % autosnat, s)
def test_create(self):
methods = {
'ROUND_ROBIN':
self.a.last_client.slb.service_group.ROUND_ROBIN,
'LEAST_CONNECTIONS':
self.a.last_client.slb.service_group.LEAST_CONNECTION,
'SOURCE_IP':
self.a.last_client.slb.service_group.WEIGHTED_LEAST_CONNECTION,
}
protocols = {
'TCP': self.a.last_client.slb.service_group.TCP,
'UDP': self.a.last_client.slb.service_group.UDP,
}
persistences = [None, 'SOURCE_IP', 'HTTP_COOKIE', 'APP_COOKIE']
listeners = [False, True]
for p in protocols.keys():
for m in methods.keys():
for pers in persistences:
for listener in listeners:
self.a.reset_mocks()
saw_exception = False
pool = fake_objs.FakePool(p, m, pers, listener)
try:
self.a.pool.create(None, pool)
except a10_ex.UnsupportedFeature as e:
if pers == 'APP_COOKIE':
saw_exception = True
else:
raise e
self.print_mocks()
# (self.a.last_client.slb.service_group.create.
# assert_called_with(
# pool.id,
# axapi_args={"service_group": {}},
# lb_method=methods(m),
# protocol=protocols(p)))
if not saw_exception:
n = str(self.a.last_client.mock_calls).index(
'slb.service_group.create')
self.assertTrue(n >= 0)
if pers == 'SOURCE_IP':
(self.a.last_client.slb.template.
src_ip_persistence.create.assert_called_with(
pool.id))
elif pers == 'HTTP_COOKIE':
(self.a.last_client.slb.template.
cookie_persistence.create.assert_called_with(
pool.id))
elif pers == 'APP_COOKIE':
(self.a.last_client.slb.template.
cookie_persistence.create.assert_called_with(
pool.id))
def test_create_vport_expressions_none(self):
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
handler = self.a.listener
handler.create(None, m)
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
def test_create(self):
admin_states = [True, False]
persistences = [None, 'SOURCE_IP', 'HTTP_COOKIE', 'APP_COOKIE']
protocols = ['TCP', 'UDP', 'HTTP', 'HTTPS']
lb = fake_objs.FakeLoadBalancer()
for a in admin_states:
for pers in persistences:
for p in protocols:
self.a.reset_mocks()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', pers)
m = fake_objs.FakeListener(p,
2222,
pool=pool,
loadbalancer=lb)
pool.listener = m
saw_exception = False
try:
self.a.listener.create(None, m)
except a10_ex.UnsupportedFeature as e:
if pers == 'APP_COOKIE':
saw_exception = True
else:
raise e
self.print_mocks()
if not saw_exception:
s = str(self.a.last_client.mock_calls)
self.assertTrue('vport.create' in s)
self.assertTrue('fake-lb-id-001' in s)
self.assertTrue('fake-listen-id-001' in s)
self.assertTrue('port=2222' in s)
test_prot = p
if p in ('HTTPS', constants.PROTOCOL_TERMINATED_HTTPS):
test_prot = 'TCP'
self.assertTrue(test_prot in s)
if pers == 'SOURCE_IP':
self.assertTrue('s_pers_name=None' not in s)
pass
elif pers == 'HTTP_COOKIE':
self.assertTrue('s_pers=HTTP_COOKIE')
self.assertTrue('c_pers_name=None' not in s)
pass
elif pers == 'APP_COOKIE':
self.assertTrue('s_pers=APP_COOKIE')
self.assertTrue('c_pers_name=None' not in s)
pass
else:
self.assertTrue('c_pers_name=None' in s)
self.assertTrue('s_pers_name=None' in s)
def test_delete_no_db_delete_use_database_false(self):
pool = fake_objs.FakePool('TCP', 'ROUND_ROBIN', None)
lb = fake_objs.FakeLoadBalancer()
m = fake_objs.FakeListener('TCP', 2222, pool=pool, loadbalancer=lb)
binding = fake_objs.FakeCertificateBinding(listener_id=m.id)
pool.listener = m
bindings = [binding]
get_bindings_mock = mock.Mock(return_value=bindings)
self.a.listener.cert_db.get_bindings_for_listener = get_bindings_mock
self.a.listener.delete(None, m)
expected = self.a.listener.cert_db.delete_a10_certificate_binding.call_count
self.assertEqual(expected, 0)
def test_create_vport_expressions_noname(self):
get_expr_mock = mock.MagicMock()
get_expr_mock.return_value = {}
self.a.config.get_vport_expressions = get_expr_mock
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
m.name = None
handler = self.a.listener
handler.create(None, m)
def test_barbican_client_not_null(self, certmgr):
"""This tests that the barbican_client dependency is always there."""
handler = self.a.listener
pool = fake_objs.FakePool(constants.PROTOCOL_TERMINATED_HTTPS,
constants.LB_METHOD_ROUND_ROBIN, None)
lb = fake_objs.FakeLoadBalancer()
m = fake_objs.FakeListener(constants.PROTOCOL_TERMINATED_HTTPS,
2222,
pool=pool,
loadbalancer=lb)
pool.listener = m
handler.create(None, m)
self.assertTrue(handler.barbican_client is not None)
def _test_create_expressions(self, os_name, pattern, expressions=None):
self.a.config.get_service_group_expressions = self._get_expressions_mock
expressions = expressions or self.a.config.get_service_group_expressions(
)
expected = expressions.get(pattern, {}).get("json", None) or ""
p = 'TCP'
m = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m.name = os_name
handler = self.a.pool
handler.create(None, m)
s = str(self.a.last_client.mock_calls)
self.assertIn("service_group.create", s)
self.assertIn(str(expected), s)
def test_delete(self):
pool = fake_objs.FakePool('HTTP', 'ROUND_ROBIN', None)
lb = fake_objs.FakeLoadBalancer()
m = fake_objs.FakeListener('HTTP', 2222, pool=pool, loadbalancer=lb)
pool.listener = m
self.a.listener.delete(None, m)
self.print_mocks()
s = str(self.a.last_client.mock_calls)
self.assertTrue('vport.delete' in s)
self.assertTrue('fake-lb-id-001' in s)
self.assertTrue('fake-listen-id-001' in s)
self.assertTrue('port=2222' in s)
self.assertTrue('HTTP' in s)
def test_create_vport_expressions_overrides_protocol(self):
# Duplicated because this is a slightly different test.
pattern = "params"
self.a.config.get_vport_expressions = self._get_expressions_mock
p = 'UDP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
m.name = pattern
handler = self.a.listener
handler.create(None, m)
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
self.assertIn("protocol='tcp'", s)
def _test_create_expressions(self, os_name, pattern, expressions=None):
self.a.config.get_vport_expressions = self._get_expressions_mock
expressions = expressions or self.a.config.get_vport_expressions()
expected = expressions.get(pattern, {}).get("json", {})
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
m.name = os_name
handler = self.a.listener
handler.create(None, m)
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
self.assertIn(str(expected), s)
def test_create_vport_defaults_global(self):
expected = self.a.config.get_vport_defaults()
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
handler = self.a.listener
handler.create(None, m)
self.print_mocks()
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
self.assertIn(str(expected), s)
def test_create_empty_name_noexception(self):
self.a.config.get_service_group_expressions = self._get_expressions_mock
expressions = self.a.config.get_service_group_expressions()
expected = expressions["beginning"]
p = 'TCP'
m = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m.name = None
handler = self.a.pool
handler.create(None, m)
s = str(self.a.last_client.mock_calls)
self.assertIn("service_group.create", s)
self.assertNotIn(str(expected), s)
def _test_create_ha_conn_mirror(self, api_ver="3.0", ha_conn_mirror=False):
for k, v in self.a.config.devices.items():
v['ha-conn-mirror'] = ha_conn_mirror
v['api_version'] = api_ver
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
self.a.listener.create(None, m)
self.print_mocks()
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
self.assertIn("ha_conn_mirror=%s" % ha_conn_mirror, s)
def test_create_vport_expressions_nomatch(self):
self.a.config.get_vport_expressions = self._get_expressions_mock
expressions = self.a.config.get_vport_expressions()
expected = expressions[self.EXPR_BEGIN].get("json", {})
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
m.name = "insecurelistener"
handler = self.a.listener
handler.create(None, m)
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
self.assertNotIn(str(expected), s)
def _test_create_conn_limit(self, api_ver="3.0", conn_limit=None):
for k, v in self.a.config.devices.items():
v['conn-limit'] = conn_limit
v['api_version'] = api_ver
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
self.a.listener.create(None, m)
self.print_mocks()
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
self.assertIn("conn_limit=%s" % conn_limit, s)
def _test_create_ipinip(self, api_ver="3.0", ip_in_ip=False):
for k, v in self.a.config.devices.items():
v['ipinip'] = ip_in_ip
v['api_version'] = api_ver
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
self.a.listener.create(None, m)
self.print_mocks()
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
self.assertIn("ipinip=%s" % ip_in_ip, s)
def test_create_protocol_terminated_https(self):
pool = fake_objs.FakePool(constants.PROTOCOL_TERMINATED_HTTPS,
constants.LB_METHOD_ROUND_ROBIN, None)
lb = fake_objs.FakeLoadBalancer()
m = fake_objs.FakeListener(constants.PROTOCOL_TERMINATED_HTTPS,
2222,
pool=pool,
loadbalancer=lb)
m.default_tls_container_id = "CONTAINERID"
pool.listener = m
certmgr = FakeCertManager()
self.a.barbican_client = certmgr
self.a.listener.create(None, m)
s = str(self.a.last_client.mock_calls)
self.assertTrue('HTTPS' in s)
def _tls_container_shared(self):
certmgr = FakeCertManager()
certmgr.certificate = "CERTDATA"
certmgr.private_key = "PRIVATEKEY"
certmgr.private_key_passphrase = "SECRETPASSWORD"
self.a.barbican_client = certmgr
handler = self.a.listener
pool = fake_objs.FakePool(constants.PROTOCOL_TERMINATED_HTTPS,
constants.LB_METHOD_ROUND_ROBIN, None)
lb = fake_objs.FakeLoadBalancer()
m = fake_objs.FakeListener(constants.PROTOCOL_TERMINATED_HTTPS,
2222,
pool=pool,
loadbalancer=lb)
return (certmgr, m, pool, handler)
def test_create_with_no_rules_action_REDIRECT_TO_POOL(self):
pool = fake_objs.FakePool('HTTP', 'ROUND_ROBIN', 'SOURCE_IP')
m = fake_objs.FakeL7Policy(None, "REDIRECT_TO_POOL", pool, None, 12)
p = PolicyUtil()
resp = p.createPolicy(m)
expect_resp = """ when HTTP_REQUEST {
if { ( true ) } {
pool fake-pool-id-001
}
} """
resp = resp.replace('\n', '').replace(' ', '')
expect_resp = expect_resp.replace('\n', '').replace(' ', '')
self.assertEqual(resp, expect_resp)
def test_create_with_with_rule_action_REDIRECT_TO_POOL(self):
pool = fake_objs.FakePool('HTTP', 'ROUND_ROBIN', 'SOURCE_IP')
m = fake_objs.FakeL7Policy(None, "REDIRECT_TO_POOL", pool, None, 12)
r = fake_objs.FakeL7Rule(m.id, 'FILE_TYPE', 'STARTS_WITH', 'testkey',
'testvalue')
m.rules = []
m.rules.append(r)
p = PolicyUtil()
resp = p.createPolicy(m)
expect_resp = """ when HTTP_REQUEST {
if { ([HTTP::uri] ends_with "testvalue") } {
pool fake-pool-id-001
}
}
"""
resp = resp.replace('\n', '').replace(' ', '')
expect_resp = expect_resp.replace('\n', '').replace(' ', '')
self.assertEqual(resp, expect_resp)
def _test_create_source_nat_pool(self, source_nat_pool):
if source_nat_pool:
for k, v in self.a.config.devices.items():
v['source-nat-pool'] = source_nat_pool
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
self.a.listener.create(None, m)
self.print_mocks()
s = str(self.a.last_client.mock_calls)
self.assertIn("vport.create", s)
if source_nat_pool:
expected = "source_nat_pool='{0}'".format(source_nat_pool)
self.assertIn(expected, s)
else:
self.assertIn("source_nat_pool=None", s)
def test_delete(self):
pool = fake_objs.FakePool(constants.PROTOCOL_TERMINATED_HTTPS,
constants.LB_METHOD_ROUND_ROBIN, None)
lb = fake_objs.FakeLoadBalancer()
m = fake_objs.FakeListener(constants.PROTOCOL_TERMINATED_HTTPS,
2222,
pool=pool,
loadbalancer=lb)
pool.listener = m
self.a.listener.delete(None, m)
self.print_mocks()
s = str(self.a.last_client.mock_calls)
LOG.debug("DELETE RESULT %s" % s)
self.assertTrue('vport.delete' in s)
self.assertTrue('fake-lb-id-001' in s)
self.assertTrue('fake-listen-id-001' in s)
self.assertTrue('port=2222' in s)
self.assertTrue('HTTPS' in s)
def _test_create_with_templates(self,
api_ver="3.0",
virtual_port_templates=None,
update=False):
for k, v in self.a.config.devices.items():
v['api_version'] = api_ver
v['templates'] = virtual_port_templates
p = 'TCP'
lb = fake_objs.FakeLoadBalancer()
pool = fake_objs.FakePool(p, 'ROUND_ROBIN', None)
m = fake_objs.FakeListener(p, 2222, pool=pool, loadbalancer=lb)
if update:
self.a.listener.create(None, m)
else:
self.a.listener.update(None, m, m)
s = str(self.a.last_client.mock_calls)
self.assertIn("test-template-virtual-port", s)
self.assertIn("test-template-tcp", s)
self.assertIn("test-template-policy", s)
self.assertIn("test-template-scaleout", s)
def test_update(self):
pool = fake_objs.FakePool(constants.PROTOCOL_TERMINATED_HTTPS,
constants.LB_METHOD_ROUND_ROBIN, None)
lb = fake_objs.FakeLoadBalancer()
m = fake_objs.FakeListener(constants.PROTOCOL_TERMINATED_HTTPS,
2222,
pool=pool,
loadbalancer=lb)
certmgr = FakeCertManager()
self.a.barbican_client = certmgr
# self.a.listener.set_certmgr(certmgr)
pool.listener = m
self.a.listener.update(None, m, m)
self.print_mocks()
s = str(self.a.last_client.mock_calls)
self.assertTrue('vport.update' in s)
self.assertTrue('fake-lb-id-001' in s)
self.assertTrue('fake-listen-id-001' in s)
self.assertTrue('port=2222' in s)
self.assertTrue('HTTPS' in s)
def _test_stats(self):
pool = fake_objs.FakePool('TCP', 'ROUND_ROBIN', None, False)
actual = self.a.pool.stats(None, pool)
return pool, actual
