def test_node_start_create_default_ip_pools(
self, m_docker_client, m_client, m_install_kube,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip, m_get_host_ips,
m_check_system, m_os_makedirs, m_os_path_exists):
"""
Test that the client creates default ipv4 and ipv6 pools when the
client returns an empty ip_pool on etcd setup
"""
# Set up mock objects
m_client.get_ip_pools.return_value = []
# Set up arguments
node_image = 'node_image'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = True
# Call method under test
node.node_start(node_image, log_dir, ip, ip6, as_num, detach,
kubernetes)
# Assert
m_client.add_ip_pool.assert_has_calls(
[call(4, node.DEFAULT_IPV4_POOL),
call(6, node.DEFAULT_IPV6_POOL)])
def test_node_start_no_node_no_libnetwork(self, m_docker_client, m_client,
m_install_kube, m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_check_system, m_os_makedirs, m_os_path_exists,
m_find_or_pull_node_image, m_CALICO_DEFAULT_IMAGE):
"""
Test default node image is used in node_start when no image is
specified and the libnetwork param is not used.
"""
# Set up mock objects
m_client.get_ip_pools.return_value = []
# Set up arguments
node_image = False
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = False
libnetwork = False
# Call method under test
node.node_start(node_image, log_dir, ip, ip6, as_num, detach,
kubernetes, libnetwork)
# Assert
m_client.add_ip_pool.assert_has_calls([
call(4, node.DEFAULT_IPV4_POOL),
call(6, node.DEFAULT_IPV6_POOL)
])
self.assertFalse(m_install_kube.called)
m_find_or_pull_node_image.assert_called_once_with(m_CALICO_DEFAULT_IMAGE)
def test_node_start_create_default_ip_pools(
self, m_docker_client, m_client, m_install_kube,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_check_system, m_os_makedirs, m_os_path_exists):
"""
Test that the client creates default ipv4 and ipv6 pools when the
client returns an empty ip_pool on etcd setup
"""
# Set up mock objects
m_client.get_ip_pools.return_value = []
# Set up arguments
node_image = 'node_image'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = True
# Call method under test
node.node_start(
node_image, log_dir, ip, ip6, as_num, detach, kubernetes
)
# Assert
m_client.add_ip_pool.assert_has_calls([
call(4, node.DEFAULT_IPV4_POOL),
call(6, node.DEFAULT_IPV6_POOL)
])
def test_node_start_no_detected_ips(self, m_docker_client, m_client,
m_install_kube,
m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips,
m_check_system, m_os_makedirs,
m_os_path_exists, m_sys_exit):
"""
Test that system exits when no ip is provided and host ips cannot be
obtained
"""
# Set up mock objects
m_get_host_ips.return_value = []
# Set up arguments
node_image = 'node_image'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = True
# Call method under test
node.node_start(node_image, log_dir, ip, ip6, as_num, detach,
kubernetes)
# Assert
m_sys_exit.assert_called_once_with(1)
def test_node_start_no_detected_ips(
self, m_docker_client, m_client, m_install_plugin,
m_error_if_bgp_ip_conflict, m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips, m_setup_ip, m_check_system,
m_os_makedirs, m_os_path_exists, m_sys_exit):
"""
Test that system exits when no ip is provided and host ips cannot be
obtained
"""
# Set up mock objects
m_get_host_ips.return_value = []
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kube_plugin_version = 'v0.2.1'
rkt = False
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork)
# Assert
m_sys_exit.assert_called_once_with(1)
def test_node_start_create_default_ip_pools(
self, m_docker_client, m_client, m_install_plugin,
m_error_if_bgp_ip_conflict, m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips, m_setup_ip, m_check_system,
m_os_makedirs, m_os_path_exists):
"""
Test that the client creates default ipv4 and ipv6 pools when the
client returns an empty ip_pool on etcd setup
"""
# Set up mock objects
m_client.get_ip_pools.return_value = []
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kube_plugin_version = 'v0.2.1'
rkt = False
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork)
# Assert
m_client.add_ip_pool.assert_has_calls(
[call(4, node.DEFAULT_IPV4_POOL),
call(6, node.DEFAULT_IPV6_POOL)])
def test_node_start_no_detected_ips(
self, m_docker_client, m_client, m_install_plugin,
m_error_if_bgp_ip_conflict, m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips, m_setup_ip, m_check_system,
m_os_makedirs, m_os_path_exists, m_sys_exit):
"""
Test that system exits when no ip is provided and host ips cannot be
obtained
"""
# Set up mock objects
m_get_host_ips.return_value = []
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kube_plugin_version = 'v0.2.1'
rkt = False
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork)
# Assert
m_sys_exit.assert_called_once_with(1)
def test_node_start_no_detected_ips(
self, m_docker_client, m_client, m_install_kube,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_check_system, m_os_makedirs, m_os_path_exists,
m_sys_exit):
"""
Test that system exits when no ip is provided and host ips cannot be
obtained
"""
# Set up mock objects
m_get_host_ips.return_value = []
# Set up arguments
node_image = 'node_image'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = True
# Call method under test
node.node_start(
node_image, log_dir, ip, ip6, as_num, detach, kubernetes
)
# Assert
m_sys_exit.assert_called_once_with(1)
def test_node_start_use_libnetwork(self, m_docker_client, m_client,
m_install_plugin, m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_check_system, m_os_makedirs, m_os_path_exists,
m_find_or_pull_node_image, m_LIBNETWORK_IMAGE):
"""
Test that the libnetwork image is used when libnetwork flag is True.
"""
# Set up mock objects
m_client.get_ip_pools.return_value = []
# Set up arguments
node_image = False
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = False
rkt = False
libnetwork = True
# Call method under test
node.node_start(node_image, log_dir, ip, ip6, as_num, detach,
kubernetes, rkt, libnetwork)
# Assert
m_client.add_ip_pool.assert_has_calls([
call(4, node.DEFAULT_IPV4_POOL),
call(6, node.DEFAULT_IPV6_POOL)
])
self.assertFalse(m_install_plugin.called)
m_find_or_pull_node_image.assert_called_once_with(m_LIBNETWORK_IMAGE)
def test_node_start_no_node_no_libnetwork(
self, m_docker_client, m_client, m_install_kube,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip, m_get_host_ips,
m_check_system, m_os_makedirs, m_os_path_exists,
m_find_or_pull_node_image, m_CALICO_DEFAULT_IMAGE):
"""
Test default node image is used in node_start when no image is
specified and the libnetwork param is not used.
"""
# Set up mock objects
m_client.get_ip_pools.return_value = []
# Set up arguments
node_image = False
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = False
libnetwork = False
# Call method under test
node.node_start(node_image, log_dir, ip, ip6, as_num, detach,
kubernetes, libnetwork)
# Assert
m_client.add_ip_pool.assert_has_calls(
[call(4, node.DEFAULT_IPV4_POOL),
call(6, node.DEFAULT_IPV6_POOL)])
self.assertFalse(m_install_kube.called)
m_find_or_pull_node_image.assert_called_once_with(
m_CALICO_DEFAULT_IMAGE)
def test_node_start_create_default_ip_pools(
self, m_docker_client, m_client, m_install_plugin,
m_error_if_bgp_ip_conflict, m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips, m_setup_ip, m_check_system,
m_os_makedirs, m_os_path_exists):
"""
Test that the client creates default ipv4 and ipv6 pools when the
client returns an empty ip_pool on etcd setup
"""
# Set up mock objects
m_client.get_ip_pools.return_value = []
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kube_plugin_version = 'v0.2.1'
rkt = False
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork)
# Assert
m_client.add_ip_pool.assert_has_calls([
call(4, node.DEFAULT_IPV4_POOL),
call(6, node.DEFAULT_IPV6_POOL)
])
def test_node_start_invalid_etcd_authority(
self, m_docker_client, m_client, m_install_kube,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip, m_get_host_ips,
m_check_system, m_os_getenv, m_os_makedirs, m_os_path_exists,
m_sys_exit):
"""
Test that node_start exits when given a bad etcd authority ip:port
"""
# Set up mock objects
m_os_getenv.return_value = '1.1.1.1:80:100'
# Set up arguments
node_image = 'node_image'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = True
# Call method under test
node.node_start(node_image, log_dir, ip, ip6, as_num, detach,
kubernetes)
m_sys_exit.assert_called_once_with(1)
def test_node_dockerless_start(
self,
m_enforce_root,
m_container,
m_attach_and_stream,
m_find_or_pull_node_image,
m_call,
m_docker,
m_docker_client,
m_client,
m_conntrack,
m_setup_ip,
m_check_system,
m_os_makedirs,
m_os_path_exists,
m_ipv6_enabled,
):
"""
Test that the node_start function performs all necessary configurations
without making Docker calls when runtime=none.
"""
# Set up mock objects
m_enforce_root.return_value = False
m_container.return_value = False
m_os_path_exists.return_value = False
m_docker_client.create_host_config.return_value = "host_config"
container = {"Id": 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = "node_image"
runtime = "none"
log_dir = "./log_dir"
ip = "2.2.2.2"
ip6 = "aa:bb::zz"
as_num = ""
detach = True
libnetwork = False
no_pull = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach, libnetwork, no_pull)
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(
quit_if_error=False, libnetwork=libnetwork, check_docker=False, check_modules=True
)
m_setup_ip.assert_called_once_with()
self.assertFalse(m_docker_client.remove_container.called)
self.assertFalse(m_docker_client.create_host_config.called)
self.assertFalse(m_find_or_pull_node_image.called)
self.assertFalse(m_docker_client.create_container.called)
self.assertFalse(m_docker_client.start.called)
self.assertFalse(m_attach_and_stream.called)
def test_node_dockerless_start(self, m_enforce_root, m_container, m_attach_and_stream,
m_find_or_pull_node_image, m_call, m_docker,
m_docker_client, m_client,
m_conntrack,
m_setup_ip, m_check_system, m_os_makedirs,
m_os_path_exists, m_ipv6_enabled):
"""
Test that the node_start function performs all necessary configurations
without making Docker calls when runtime=none.
"""
# Set up mock objects
m_enforce_root.return_value = False
m_container.return_value = False
m_os_path_exists.return_value = False
m_docker_client.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'none'
log_dir = './log_dir'
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = True
libnetwork = False
no_pull = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork, no_pull)
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork,
check_docker=False,
check_modules=True
)
m_setup_ip.assert_called_once_with()
self.assertFalse(m_docker_client.remove_container.called)
self.assertFalse(m_docker_client.create_host_config.called)
self.assertFalse(m_find_or_pull_node_image.called)
self.assertFalse(m_docker_client.create_container.called)
self.assertFalse(m_docker_client.start.called)
self.assertFalse(m_attach_and_stream.called)
def test_node_dockerless_start(self, m_enforce_root, m_container, m_attach_and_stream,
m_find_or_pull_node_image, m_call, m_docker,
m_docker_client, m_client,
m_conntrack,
m_setup_ip, m_check_system, m_os_makedirs,
m_os_path_exists, m_ipv6_enabled):
"""
Test that the node_start function performs all necessary configurations
without making Docker calls when runtime=none.
"""
# Set up mock objects
m_enforce_root.return_value = False
m_container.return_value = False
m_os_path_exists.return_value = False
m_docker_client.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'none'
log_dir = './log_dir'
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = True
libnetwork_enabled = False
no_pull = False
backend = "bird"
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork_enabled, no_pull, backend)
# Assert
m_os_makedirs.assert_has_calls([call(log_dir), call("/var/run/calico")])
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork_enabled,
check_docker=False,
check_modules=True
)
m_setup_ip.assert_called_once_with()
self.assertFalse(m_docker_client.remove_container.called)
self.assertFalse(m_docker_client.create_host_config.called)
self.assertFalse(m_find_or_pull_node_image.called)
self.assertFalse(m_docker_client.create_container.called)
self.assertFalse(m_docker_client.start.called)
self.assertFalse(m_attach_and_stream.called)
def test_node_start_secure(
self, m_attach_and_stream, m_find_or_pull_node_image, m_docker,
m_docker_client, m_client, m_install_plugin,
m_error_if_bgp_ip_conflict, m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips, m_setup_ip, m_check_system,
m_os_getenv, m_os_makedirs, m_os_path_exists):
"""
Test that the node_start function passes in correct values when
secure etcd environment variables are present.
"""
# Set up mock objects
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
container1 = {'Id': 111}
container2 = {'Id': 222}
m_docker_client.create_container.side_effect = iter(
[container1, container2])
m_docker.utils.create_host_config.return_value = 'host_config'
m_os_path_exists.return_value = True
m_check_system.return_value = [True, True, True]
etcd_ca_path = "/path/to/ca.crt"
etcd_cert_path = "/path/to/cert.crt"
etcd_key_path = "/path/to/key.pem"
env = {
"CALICO_NETWORKING": CALICO_NETWORKING_DEFAULT,
ETCD_AUTHORITY_ENV: ETCD_AUTHORITY_DEFAULT,
ETCD_SCHEME_ENV: "https",
ETCD_CA_CERT_FILE_ENV: etcd_ca_path,
ETCD_CERT_FILE_ENV: etcd_cert_path,
ETCD_KEY_FILE_ENV: etcd_key_path
}
def m_getenv(env_var, *args, **kwargs):
return env[env_var]
m_os_getenv.side_effect = m_getenv
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
docker_plugin = "/run/docker/plugins"
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kube_plugin_version = 'v0.6.0'
rkt = True
libnetwork_image = 'libnetwork_image'
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork_image)
# Set up variables used in assertion statements
environment_node = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % CALICO_NETWORKING_DEFAULT,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
"FELIX_ETCDADDR=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"FELIX_ETCDSCHEME=https",
"FELIX_ETCDCAFILE=%s" % ETCD_CA_CERT_NODE_FILE,
"FELIX_ETCDKEYFILE=%s" % ETCD_KEY_NODE_FILE,
"FELIX_ETCDCERTFILE=%s" % ETCD_CERT_NODE_FILE
]
environment_libnetwork = [
"HOSTNAME=%s" % node.hostname,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
binds_node = {
log_dir: {
"bind": "/var/log/calico",
"ro": False
},
etcd_ca_path: {
"bind": ETCD_CA_CERT_NODE_FILE,
"ro": True
},
etcd_cert_path: {
"bind": ETCD_CERT_NODE_FILE,
"ro": True
},
etcd_key_path: {
"bind": ETCD_KEY_NODE_FILE,
"ro": True
}
}
binds_libnetwork = {
etcd_ca_path: {
"bind": ETCD_CA_CERT_NODE_FILE,
"ro": True
},
etcd_cert_path: {
"bind": ETCD_CERT_NODE_FILE,
"ro": True
},
etcd_key_path: {
"bind": ETCD_KEY_NODE_FILE,
"ro": True
},
docker_plugin: {
'bind': docker_plugin,
'ro': False
}
}
volumes_node = [
'/var/log/calico', ETCD_CA_CERT_NODE_FILE, ETCD_KEY_NODE_FILE,
ETCD_CERT_NODE_FILE
]
volumes_libnetwork = [
docker_plugin, ETCD_CA_CERT_NODE_FILE, ETCD_KEY_NODE_FILE,
ETCD_CERT_NODE_FILE
]
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork_image,
check_docker=True)
m_setup_ip.assert_called_once_with()
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_error_if_bgp_ip_conflict.assert_called_once_with(ip_2, ip6)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(node.hostname, ip_2, ip6,
as_num)
url = node.KUBERNETES_BINARY_URL % kube_plugin_version
m_install_plugin.assert_has_calls([
call(node.KUBERNETES_PLUGIN_DIR, url),
call(node.RKT_PLUGIN_DIR, node.RKT_BINARY_URL)
])
m_docker_client.remove_container.assert_has_calls([
call('calico-node', force=True),
call('calico-libnetwork', force=True)
])
m_docker.utils.create_host_config.assert_has_calls([
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_node),
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_libnetwork)
])
m_find_or_pull_node_image.assert_has_calls(
[call('node_image'), call('libnetwork_image')])
m_docker_client.create_container.assert_has_calls([
call(node_image,
name='calico-node',
detach=True,
environment=environment_node,
host_config='host_config',
volumes=volumes_node),
call(libnetwork_image,
name='calico-libnetwork',
detach=True,
environment=environment_libnetwork,
host_config='host_config',
volumes=volumes_libnetwork)
])
m_docker_client.start.assert_has_calls(
[call(container1), call(container2)])
m_attach_and_stream.assert_called_once_with(container1)
def test_node_dockerless_start(self, m_attach_and_stream,
m_find_or_pull_node_image, m_docker,
m_docker_client, m_client,
m_error_if_bgp_ip_conflict,
m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips,
m_setup_ip, m_check_system, m_os_makedirs,
m_os_path_exists):
"""
Test that the node_start function performs all necessary configurations
without making Docker calls when runtime=none.
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
m_docker.utils.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'none'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = True
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork)
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork,
check_docker=False)
m_setup_ip.assert_called_once_with()
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*",
"virbr.*", "lxcbr.*",
"veth.*", "cali.*",
"tunl.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_error_if_bgp_ip_conflict.assert_called_once_with(ip_2, ip6)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(
node.hostname, ip_2, ip6, as_num
)
self.assertFalse(m_docker_client.remove_container.called)
self.assertFalse(m_docker.utils.create_host_config.called)
self.assertFalse(m_find_or_pull_node_image.called)
self.assertFalse(m_docker_client.create_container.called)
self.assertFalse(m_docker_client.start.called)
self.assertFalse(m_attach_and_stream.called)
def test_node_start_secure(self, m_root, m_container, m_attach_and_stream,
m_find_or_pull_node_image, m_docker, m_call,
m_docker_client, m_client, m_conntrack,
m_setup_ip, m_check_system, m_os_getenv,
m_os_makedirs, m_os_path_exists,
m_ipv6_enabled):
"""
Test that the node_start function passes in correct values when
secure etcd environment variables are present.
"""
# Set up mock objects
m_root.return_value = False
m_container.return_value = False
ip_2 = '2.2.2.2'
container1 = {'Id': 111}
container2 = {'Id': 222}
m_docker_client.create_container.side_effect = iter(
[container1, container2])
m_docker_client.create_host_config.return_value = 'host_config'
m_os_path_exists.return_value = True
m_check_system.return_value = [True, True, True]
etcd_ca_path = "/path/to/ca.crt"
etcd_cert_path = "/path/to/cert.crt"
etcd_key_path = "/path/to/key.pem"
etcd_endpoints = "https://1.2.3.4:2379"
env = {
"NO_DEFAULT_POOLS": "",
"CALICO_NETWORKING": CALICO_NETWORKING_DEFAULT,
ETCD_AUTHORITY_ENV: ETCD_AUTHORITY_DEFAULT,
ETCD_ENDPOINTS_ENV: etcd_endpoints,
ETCD_SCHEME_ENV: "https",
ETCD_CA_CERT_FILE_ENV: etcd_ca_path,
ETCD_CERT_FILE_ENV: etcd_cert_path,
ETCD_KEY_FILE_ENV: etcd_key_path
}
def m_getenv(env_var, *args, **kwargs):
return env[env_var]
m_os_getenv.side_effect = m_getenv
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
docker_plugin = "/run/docker/plugins"
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
libnetwork_image = 'libnetwork_image'
no_pull = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork_image, no_pull)
# Set up variables used in assertion statements
environment_node = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % CALICO_NETWORKING_DEFAULT,
"AS=",
"NO_DEFAULT_POOLS=",
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_ENDPOINTS=%s" % etcd_endpoints, # https://host:port
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
environment_libnetwork = [
"HOSTNAME=%s" % node.hostname,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_ENDPOINTS=%s" % etcd_endpoints, # https://host:port
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
binds_node = {
log_dir: {
"bind": "/var/log/calico",
"ro": False
},
"/var/run/calico": {
"bind": "/var/run/calico",
"ro": False
},
"/lib/modules": {
"bind": "/lib/modules",
"ro": False
},
etcd_ca_path: {
"bind": ETCD_CA_CERT_NODE_FILE,
"ro": True
},
etcd_cert_path: {
"bind": ETCD_CERT_NODE_FILE,
"ro": True
},
etcd_key_path: {
"bind": ETCD_KEY_NODE_FILE,
"ro": True
}
}
binds_libnetwork = {
etcd_ca_path: {
"bind": ETCD_CA_CERT_NODE_FILE,
"ro": True
},
etcd_cert_path: {
"bind": ETCD_CERT_NODE_FILE,
"ro": True
},
etcd_key_path: {
"bind": ETCD_KEY_NODE_FILE,
"ro": True
},
docker_plugin: {
'bind': docker_plugin,
'ro': False
}
}
volumes_node = [
'/var/log/calico', "/var/run/calico", "/lib/modules",
ETCD_CA_CERT_NODE_FILE, ETCD_KEY_NODE_FILE, ETCD_CERT_NODE_FILE
]
volumes_libnetwork = [
docker_plugin, ETCD_CA_CERT_NODE_FILE, ETCD_KEY_NODE_FILE,
ETCD_CERT_NODE_FILE
]
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork_image,
check_docker=True,
check_modules=True)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_has_calls([
call('calico-node', force=True),
call('calico-libnetwork', force=True)
])
m_docker_client.create_host_config.assert_has_calls([
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_node),
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_libnetwork)
])
m_find_or_pull_node_image.assert_has_calls(
[call('node_image'), call('libnetwork_image')])
m_docker_client.create_container.assert_has_calls([
call(node_image,
name='calico-node',
detach=True,
environment=environment_node,
host_config='host_config',
volumes=volumes_node),
call(libnetwork_image,
name='calico-libnetwork',
detach=True,
environment=environment_libnetwork,
host_config='host_config',
volumes=volumes_libnetwork)
])
m_docker_client.start.assert_has_calls(
[call(container1), call(container2)])
m_attach_and_stream.assert_called_once_with(container1, False)
def test_node_start(self, m_attach_and_stream, m_find_or_pull_node_image,
m_docker, m_docker_client, m_client, m_install_plugin,
m_error_if_bgp_ip_conflict,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_setup_ip, m_check_system,
m_os_makedirs, m_os_path_exists):
"""
Test that the node_Start function does not make Docker calls
function returns
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
m_docker.utils.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kube_plugin_version = 'v0.2.1'
rkt = True
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % ETCD_SCHEME_DEFAULT,
"FELIX_ETCDADDR=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"FELIX_ETCDSCHEME=%s" % ETCD_SCHEME_DEFAULT
]
binds = {log_dir: {"bind": "/var/log/calico", "ro": False}}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork,
check_docker=True)
m_setup_ip.assert_called_once_with()
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_error_if_bgp_ip_conflict.assert_called_once_with(ip_2, ip6)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(node.hostname, ip_2, ip6,
as_num)
url = node.KUBERNETES_BINARY_URL % kube_plugin_version
m_install_plugin.assert_has_calls([
call(node.KUBERNETES_PLUGIN_DIR, url),
call(node.RKT_PLUGIN_DIR, node.RKT_BINARY_URL)
])
m_docker_client.remove_container.assert_called_once_with('calico-node',
force=True)
m_docker.utils.create_host_config.assert_called_once_with(
privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds)
m_find_or_pull_node_image.assert_called_once_with('node_image')
m_docker_client.create_container.assert_called_once_with(
node_image,
name='calico-node',
detach=True,
environment=environment,
host_config='host_config',
volumes=['/var/log/calico'])
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container)
def test_node_start_secure_no_ca(self, m_root, m_container, m_attach_and_stream,
m_find_or_pull_node_image, m_docker, m_call,
m_docker_client, m_client,
m_conntrack, m_setup_ip, m_check_system,
m_os_getenv, m_os_makedirs,
m_ipv6_enabled):
"""
Test that the node_start function passes in correct values when
secure etcd environment variables are present.
"""
# Set up mock objects
m_root.return_value = False
m_container.return_value = False
ip_2 = '2.2.2.2'
container1 = {'Id': 111}
container2 = {'Id': 222}
m_docker_client.create_container.side_effect = iter([container1,
container2])
m_docker_client.create_host_config.return_value = 'host_config'
m_check_system.return_value = [True, True, True]
etcd_cert_path = "/path/to/cert.crt"
etcd_key_path = "/path/to/key.pem"
etcd_endpoints = "https://1.2.3.4:2379"
env = {"NO_DEFAULT_POOLS": "",
ETCD_AUTHORITY_ENV: ETCD_AUTHORITY_DEFAULT,
ETCD_ENDPOINTS_ENV: etcd_endpoints,
ETCD_SCHEME_ENV: "https",
ETCD_CERT_FILE_ENV: etcd_cert_path,
ETCD_KEY_FILE_ENV: etcd_key_path,
"CALICO_LIBNETWORK_ENABLED": "true"}
def m_getenv(env_var, *args, **kwargs):
return env.get(env_var)
m_os_getenv.side_effect = m_getenv
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
docker_plugin = "/run/docker/plugins"
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
libnetwork_enabled = True
no_pull = False
backend = "bird"
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork_enabled, no_pull, backend)
# This is to convert libnetwork_enabled (bool) into a string to pass it as an ENV var value
if libnetwork_enabled:
libnetwork_flag_str = "true"
else:
libnetwork_flag_str = "false"
# Set up variables used in assertion statements
environment_node = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING_BACKEND=%s" % backend,
"AS=",
"NO_DEFAULT_POOLS=",
"CALICO_LIBNETWORK_ENABLED=%s" % libnetwork_flag_str,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_ENDPOINTS=%s" % etcd_endpoints, # https://host:port
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
binds_node = {
log_dir: {"bind": "/var/log/calico", "ro": False},
"/var/run/calico": {"bind": "/var/run/calico", "ro": False},
"/lib/modules": {"bind": "/lib/modules", "ro": False},
etcd_cert_path: {"bind": ETCD_CERT_NODE_FILE, "ro": True},
etcd_key_path: {"bind": ETCD_KEY_NODE_FILE, "ro": True}
}
# Additional rw bind (/run/docker/plugins) necessory when libnetwork is enabled
if libnetwork_enabled:
binds_node[docker_plugin] = {'bind': docker_plugin, 'ro': False}
volumes_node = ['/var/log/calico', "/var/run/calico", "/lib/modules",
ETCD_KEY_NODE_FILE, ETCD_CERT_NODE_FILE]
# Add /run/docker/plugins to the list of volumes to be mounted when libnetwork is enabled
if libnetwork_enabled:
volumes_node.append(docker_plugin)
# Assert
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork_enabled,
check_docker=True,
check_modules=True)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_has_calls([
call('calico-node', force=True)
])
m_docker_client.create_host_config.assert_has_calls([
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_node)
])
m_find_or_pull_node_image.assert_has_calls([call('node_image')])
m_docker_client.create_container.assert_has_calls([
call(node_image,
name='calico-node',
detach=True,
environment=environment_node,
host_config='host_config',
volumes=volumes_node)
])
m_docker_client.start.assert_has_calls([call(container1)])
m_attach_and_stream.assert_called_once_with(container1, False)
def test_node_start(self, m_root, m_attach_and_stream,
m_find_or_pull_node_image, m_docker, m_docker_client,
m_client, m_conntrack, m_setup_ip, m_check_system,
m_container, m_call, m_os_makedirs, m_os_path_exists,
m_ipv6_enabled):
"""
Test that the node_Start function does not make Docker calls
function returns
"""
# Set up mock objects
m_container.return_value = False
m_root.return_value = False
m_os_path_exists.return_value = False
ip_2 = '2.2.2.2'
m_docker_client.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
ipv4_pools = [
IPPool(IPNetwork("10.0.0.0/16")),
IPPool(IPNetwork("10.1.0.0/16"), ipip=True)
]
ipip_pools = [IPPool(IPNetwork("10.1.0.0/16"), ipip=True)]
m_client.get_ip_pools.return_value = ipv4_pools
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
libnetwork = False
# Don't pull the node image
no_pull = True
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork, no_pull)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
"AS=",
"NO_DEFAULT_POOLS=",
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % ETCD_SCHEME_DEFAULT,
]
binds = {
log_dir: {
"bind": "/var/log/calico",
"ro": False
},
"/var/run/calico": {
"bind": "/var/run/calico",
"ro": False
},
"/lib/modules": {
"bind": "/lib/modules",
"ro": False
}
}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork,
check_docker=True,
check_modules=True)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_called_once_with('calico-node',
force=True)
m_docker_client.create_host_config.assert_called_once_with(
privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds)
self.assertFalse(m_find_or_pull_node_image.called)
m_docker_client.create_container.assert_called_once_with(
node_image,
name='calico-node',
detach=True,
environment=environment,
host_config='host_config',
volumes=['/var/log/calico', "/var/run/calico", "/lib/modules"])
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container, False)
def test_node_start_secure_no_ca(
self, m_root, m_container, m_attach_and_stream,
m_find_or_pull_node_image, m_docker, m_call, m_docker_client,
m_client, m_conntrack, m_setup_ip, m_check_system, m_os_getenv,
m_os_makedirs, m_ipv6_enabled):
"""
Test that the node_start function passes in correct values when
secure etcd environment variables are present.
"""
# Set up mock objects
m_root.return_value = False
m_container.return_value = False
ip_2 = '2.2.2.2'
container1 = {'Id': 111}
container2 = {'Id': 222}
m_docker_client.create_container.side_effect = iter(
[container1, container2])
m_docker_client.create_host_config.return_value = 'host_config'
m_check_system.return_value = [True, True, True]
etcd_cert_path = "/path/to/cert.crt"
etcd_key_path = "/path/to/key.pem"
etcd_endpoints = "https://1.2.3.4:2379"
env = {
"NO_DEFAULT_POOLS": "",
ETCD_AUTHORITY_ENV: ETCD_AUTHORITY_DEFAULT,
ETCD_ENDPOINTS_ENV: etcd_endpoints,
ETCD_SCHEME_ENV: "https",
ETCD_CERT_FILE_ENV: etcd_cert_path,
ETCD_KEY_FILE_ENV: etcd_key_path,
"CALICO_LIBNETWORK_ENABLED": "true"
}
def m_getenv(env_var, *args, **kwargs):
return env.get(env_var)
m_os_getenv.side_effect = m_getenv
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
docker_plugin = "/run/docker/plugins"
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
libnetwork_enabled = True
no_pull = False
backend = "bird"
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork_enabled, no_pull, backend)
# This is to convert libnetwork_enabled (bool) into a string to pass it as an ENV var value
if libnetwork_enabled:
libnetwork_flag_str = "true"
else:
libnetwork_flag_str = "false"
# Set up variables used in assertion statements
environment_node = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING_BACKEND=%s" % backend,
"AS=",
"NO_DEFAULT_POOLS=",
"CALICO_LIBNETWORK_ENABLED=%s" % libnetwork_flag_str,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_ENDPOINTS=%s" % etcd_endpoints, # https://host:port
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
binds_node = {
log_dir: {
"bind": "/var/log/calico",
"ro": False
},
"/var/run/calico": {
"bind": "/var/run/calico",
"ro": False
},
"/lib/modules": {
"bind": "/lib/modules",
"ro": False
},
"/run/docker/plugins": {
'bind': "/run/docker/plugins",
"ro": False
},
etcd_cert_path: {
"bind": ETCD_CERT_NODE_FILE,
"ro": True
},
etcd_key_path: {
"bind": ETCD_KEY_NODE_FILE,
"ro": True
}
}
# Additional rw bind (/run/docker/plugins) necessory when libnetwork is enabled
if libnetwork_enabled:
binds_node[docker_plugin] = {'bind': docker_plugin, 'ro': False}
volumes_node = [
'/var/log/calico', "/var/run/calico", "/lib/modules",
ETCD_KEY_NODE_FILE, ETCD_CERT_NODE_FILE
]
# Add /run/docker/plugins to the list of volumes to be mounted when libnetwork is enabled
if libnetwork_enabled:
volumes_node.append(docker_plugin)
# Assert
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork_enabled,
check_docker=True,
check_modules=True)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_has_calls(
[call('calico-node', force=True)])
m_docker_client.create_host_config.assert_has_calls([
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_node)
])
m_find_or_pull_node_image.assert_has_calls([call('node_image')])
m_docker_client.create_container.assert_has_calls([
call(node_image,
name='calico-node',
detach=True,
environment=environment_node,
host_config='host_config',
volumes=volumes_node)
])
m_docker_client.start.assert_has_calls([call(container1)])
m_attach_and_stream.assert_called_once_with(container1, False)
def test_node_start_secure(self, m_attach_and_stream,
m_find_or_pull_node_image, m_docker,
m_docker_client, m_client, m_install_plugin,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_setup_ip, m_check_system,
m_os_getenv, m_os_makedirs, m_os_path_exists):
"""
Test that the node_start function passes in correct values when
secure etcd environment variables are present.
"""
# Set up mock objects
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
container1 = {'Id': 111}
container2 = {'Id': 222}
m_docker_client.create_container.side_effect = iter([container1,
container2])
m_docker.utils.create_host_config.return_value = 'host_config'
m_os_path_exists.return_value = True
m_check_system.return_value = [True, True, True]
etcd_ca_path = "/path/to/ca.crt"
etcd_cert_path = "/path/to/cert.crt"
etcd_key_path = "/path/to/key.pem"
env = {"CALICO_NETWORKING": CALICO_NETWORKING_DEFAULT,
ETCD_AUTHORITY_ENV: ETCD_AUTHORITY_DEFAULT,
ETCD_SCHEME_ENV: "https",
ETCD_CA_CERT_FILE_ENV: etcd_ca_path,
ETCD_CERT_FILE_ENV: etcd_cert_path,
ETCD_KEY_FILE_ENV: etcd_key_path}
def m_getenv(env_var, *args, **kwargs):
return env[env_var]
m_os_getenv.side_effect = m_getenv
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
docker_plugin = "/run/docker/plugins"
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kube_plugin_version = 'v0.6.0'
rkt = True
libnetwork_image = 'libnetwork_image'
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork_image)
# Set up variables used in assertion statements
environment_node = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % CALICO_NETWORKING_DEFAULT,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
"FELIX_ETCDADDR=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"FELIX_ETCDSCHEME=https",
"FELIX_ETCDCAFILE=%s" % ETCD_CA_CERT_NODE_FILE,
"FELIX_ETCDKEYFILE=%s" % ETCD_KEY_NODE_FILE,
"FELIX_ETCDCERTFILE=%s" % ETCD_CERT_NODE_FILE
]
environment_libnetwork = [
"HOSTNAME=%s" % node.hostname,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
binds_node = {
log_dir: {"bind": "/var/log/calico", "ro": False},
etcd_ca_path: {"bind": ETCD_CA_CERT_NODE_FILE, "ro": True},
etcd_cert_path: {"bind": ETCD_CERT_NODE_FILE, "ro": True},
etcd_key_path: {"bind": ETCD_KEY_NODE_FILE, "ro": True}
}
binds_libnetwork = {
etcd_ca_path: {"bind": ETCD_CA_CERT_NODE_FILE, "ro": True},
etcd_cert_path: {"bind": ETCD_CERT_NODE_FILE, "ro": True},
etcd_key_path: {"bind": ETCD_KEY_NODE_FILE, "ro": True},
docker_plugin: {'bind': docker_plugin, 'ro': False}
}
volumes_node = ['/var/log/calico', ETCD_CA_CERT_NODE_FILE,
ETCD_KEY_NODE_FILE, ETCD_CERT_NODE_FILE]
volumes_libnetwork= [docker_plugin, ETCD_CA_CERT_NODE_FILE,
ETCD_KEY_NODE_FILE, ETCD_CERT_NODE_FILE]
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork_image,
check_docker=True)
m_setup_ip.assert_called_once_with()
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(node.hostname, ip_2, ip6,
as_num)
url = node.KUBERNETES_BINARY_URL % kube_plugin_version
m_install_plugin.assert_has_calls([
call(node.KUBERNETES_PLUGIN_DIR, url),
call(node.RKT_PLUGIN_DIR, node.RKT_BINARY_URL)
])
m_docker_client.remove_container.assert_has_calls([
call('calico-node', force=True),
call('calico-libnetwork', force=True)
])
m_docker.utils.create_host_config.assert_has_calls([
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_node),
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_libnetwork)
])
m_find_or_pull_node_image.assert_has_calls([call('node_image'),
call('libnetwork_image')])
m_docker_client.create_container.assert_has_calls([
call(node_image,
name='calico-node',
detach=True,
environment=environment_node,
host_config='host_config',
volumes=volumes_node),
call(libnetwork_image,
name='calico-libnetwork',
detach=True,
environment=environment_libnetwork,
host_config='host_config',
volumes=volumes_libnetwork)
])
m_docker_client.start.assert_has_calls([call(container1),
call(container2)])
m_attach_and_stream.assert_called_once_with(container1)
def test_node_start_secure(
self,
m_root,
m_container,
m_attach_and_stream,
m_find_or_pull_node_image,
m_docker,
m_call,
m_docker_client,
m_client,
m_conntrack,
m_setup_ip,
m_check_system,
m_os_getenv,
m_os_makedirs,
m_os_path_exists,
m_ipv6_enabled,
):
"""
Test that the node_start function passes in correct values when
secure etcd environment variables are present.
"""
# Set up mock objects
m_root.return_value = False
m_container.return_value = False
ip_2 = "2.2.2.2"
container1 = {"Id": 111}
container2 = {"Id": 222}
m_docker_client.create_container.side_effect = iter([container1, container2])
m_docker_client.create_host_config.return_value = "host_config"
m_os_path_exists.return_value = True
m_check_system.return_value = [True, True, True]
etcd_ca_path = "/path/to/ca.crt"
etcd_cert_path = "/path/to/cert.crt"
etcd_key_path = "/path/to/key.pem"
etcd_endpoints = "https://1.2.3.4:2379"
env = {
"NO_DEFAULT_POOLS": "",
"CALICO_NETWORKING": CALICO_NETWORKING_DEFAULT,
ETCD_AUTHORITY_ENV: ETCD_AUTHORITY_DEFAULT,
ETCD_ENDPOINTS_ENV: etcd_endpoints,
ETCD_SCHEME_ENV: "https",
ETCD_CA_CERT_FILE_ENV: etcd_ca_path,
ETCD_CERT_FILE_ENV: etcd_cert_path,
ETCD_KEY_FILE_ENV: etcd_key_path,
}
def m_getenv(env_var, *args, **kwargs):
return env[env_var]
m_os_getenv.side_effect = m_getenv
# Set up arguments
node_image = "node_image"
runtime = "docker"
log_dir = "./log_dir"
docker_plugin = "/run/docker/plugins"
ip = "2.2.2.2"
ip6 = "aa:bb::zz"
as_num = ""
detach = False
libnetwork_image = "libnetwork_image"
no_pull = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach, libnetwork_image, no_pull)
# Set up variables used in assertion statements
environment_node = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % CALICO_NETWORKING_DEFAULT,
"AS=",
"NO_DEFAULT_POOLS=",
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_ENDPOINTS=%s" % etcd_endpoints, # https://host:port
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
environment_libnetwork = [
"HOSTNAME=%s" % node.hostname,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_ENDPOINTS=%s" % etcd_endpoints, # https://host:port
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
binds_node = {
log_dir: {"bind": "/var/log/calico", "ro": False},
"/var/run/calico": {"bind": "/var/run/calico", "ro": False},
"/lib/modules": {"bind": "/lib/modules", "ro": False},
etcd_ca_path: {"bind": ETCD_CA_CERT_NODE_FILE, "ro": True},
etcd_cert_path: {"bind": ETCD_CERT_NODE_FILE, "ro": True},
etcd_key_path: {"bind": ETCD_KEY_NODE_FILE, "ro": True},
}
binds_libnetwork = {
etcd_ca_path: {"bind": ETCD_CA_CERT_NODE_FILE, "ro": True},
etcd_cert_path: {"bind": ETCD_CERT_NODE_FILE, "ro": True},
etcd_key_path: {"bind": ETCD_KEY_NODE_FILE, "ro": True},
docker_plugin: {"bind": docker_plugin, "ro": False},
}
volumes_node = [
"/var/log/calico",
"/var/run/calico",
"/lib/modules",
ETCD_CA_CERT_NODE_FILE,
ETCD_KEY_NODE_FILE,
ETCD_CERT_NODE_FILE,
]
volumes_libnetwork = [docker_plugin, ETCD_CA_CERT_NODE_FILE, ETCD_KEY_NODE_FILE, ETCD_CERT_NODE_FILE]
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(
quit_if_error=False, libnetwork=libnetwork_image, check_docker=True, check_modules=True
)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_has_calls(
[call("calico-node", force=True), call("calico-libnetwork", force=True)]
)
m_docker_client.create_host_config.assert_has_calls(
[
call(privileged=True, restart_policy={"Name": "always"}, network_mode="host", binds=binds_node),
call(privileged=True, restart_policy={"Name": "always"}, network_mode="host", binds=binds_libnetwork),
]
)
m_find_or_pull_node_image.assert_has_calls([call("node_image"), call("libnetwork_image")])
m_docker_client.create_container.assert_has_calls(
[
call(
node_image,
name="calico-node",
detach=True,
environment=environment_node,
host_config="host_config",
volumes=volumes_node,
),
call(
libnetwork_image,
name="calico-libnetwork",
detach=True,
environment=environment_libnetwork,
host_config="host_config",
volumes=volumes_libnetwork,
),
]
)
m_docker_client.start.assert_has_calls([call(container1), call(container2)])
m_attach_and_stream.assert_called_once_with(container1, False)
def test_node_start(self, m_attach_and_stream,
m_find_or_pull_node_image, m_docker,
m_docker_client, m_client, m_install_plugin,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_check_system,
m_os_makedirs, m_os_path_exists):
"""
Test that the node_start function behaves as expected by mocking
function returns
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
m_docker.utils.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
# Set up arguments
node_image = 'node_image'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = True
rkt = True
libnetwork = False
# Call method under test
node.node_start(node_image, log_dir, ip, ip6, as_num, detach,
kubernetes, rkt, libnetwork)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"FELIX_ETCDADDR=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
]
binds = {
log_dir:
{
"bind": "/var/log/calico",
"ro": False
}
}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(fix=False, quit_if_error=False)
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(
node.hostname, ip_2, ip6, as_num
)
m_install_plugin.assert_has_calls([call(node.KUBERNETES_PLUGIN_DIR, node.KUBERNETES_BINARY_URL),
call(node.RKT_PLUGIN_DIR, node.RKT_BINARY_URL)])
m_docker_client.remove_container.assert_called_once_with(
'calico-node', force=True
)
m_docker.utils.create_host_config.assert_called_once_with(
privileged=True,
restart_policy={"Name": "Always"},
network_mode="host",
binds=binds
)
m_find_or_pull_node_image.assert_called_once_with('node_image')
m_docker_client.create_container.assert_called_once_with(
node_image,
name='calico-node',
detach=True,
environment=environment,
host_config='host_config',
volumes=['/var/log/calico']
)
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container)
def test_node_start(
self,
m_root,
m_attach_and_stream,
m_find_or_pull_node_image,
m_docker,
m_docker_client,
m_client,
m_conntrack,
m_setup_ip,
m_check_system,
m_container,
m_call,
m_os_makedirs,
m_os_path_exists,
m_ipv6_enabled,
):
"""
Test that the node_Start function does not make Docker calls
function returns
"""
# Set up mock objects
m_container.return_value = False
m_root.return_value = False
m_os_path_exists.return_value = False
ip_2 = "2.2.2.2"
m_docker_client.create_host_config.return_value = "host_config"
container = {"Id": 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
ipv4_pools = [IPPool(IPNetwork("10.0.0.0/16")), IPPool(IPNetwork("10.1.0.0/16"), ipip=True)]
ipip_pools = [IPPool(IPNetwork("10.1.0.0/16"), ipip=True)]
m_client.get_ip_pools.return_value = ipv4_pools
# Set up arguments
node_image = "node_image"
runtime = "docker"
log_dir = "./log_dir"
ip = "2.2.2.2"
ip6 = "aa:bb::zz"
as_num = ""
detach = False
libnetwork = False
# Don't pull the node image
no_pull = True
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach, libnetwork, no_pull)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
"AS=",
"NO_DEFAULT_POOLS=",
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % ETCD_SCHEME_DEFAULT,
]
binds = {
log_dir: {"bind": "/var/log/calico", "ro": False},
"/var/run/calico": {"bind": "/var/run/calico", "ro": False},
"/lib/modules": {"bind": "/lib/modules", "ro": False},
}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(
quit_if_error=False, libnetwork=libnetwork, check_docker=True, check_modules=True
)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_called_once_with("calico-node", force=True)
m_docker_client.create_host_config.assert_called_once_with(
privileged=True, restart_policy={"Name": "always"}, network_mode="host", binds=binds
)
self.assertFalse(m_find_or_pull_node_image.called)
m_docker_client.create_container.assert_called_once_with(
node_image,
name="calico-node",
detach=True,
environment=environment,
host_config="host_config",
volumes=["/var/log/calico", "/var/run/calico", "/lib/modules"],
)
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container, False)
def test_node_start(self, m_attach_and_stream, m_find_or_pull_node_image,
m_docker, m_docker_client, m_client, m_install_kube,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_check_system, m_os_getenv,
m_os_makedirs, m_os_path_exists):
"""
Test that the node_start function behaves as expected by mocking
function returns
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
m_os_getenv.side_effect = iter(['1.1.1.1:80', ""])
m_docker.utils.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
# Set up arguments
node_image = 'node_image'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = True
libnetwork = False
# Call method under test
node.node_start(node_image, log_dir, ip, ip6, as_num, detach,
kubernetes, libnetwork)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"ETCD_AUTHORITY=1.1.1.1:80", # etcd host:port
"FELIX_ETCDADDR=1.1.1.1:80", # etcd host:port
"POLICY_ONLY_CALICO=",
]
binds = {
"/proc": {
"bind": "/proc_host",
"ro": False
},
log_dir: {
"bind": "/var/log/calico",
"ro": False
},
"/run/docker/plugins": {
"bind": "/usr/share/docker/plugins",
"ro": False
}
}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(fix=False, quit_if_error=False)
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_install_kube.assert_called_once_with(node.KUBERNETES_PLUGIN_DIR)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(node.hostname, ip_2, ip6,
as_num)
m_docker_client.remove_container.assert_called_once_with('calico-node',
force=True)
getenv_calls = [
call(ETCD_AUTHORITY_ENV, ETCD_AUTHORITY_DEFAULT),
call(node.POLICY_ONLY_ENV, "")
]
m_os_getenv.assert_has_calls(getenv_calls)
m_docker.utils.create_host_config.assert_called_once_with(
privileged=True,
restart_policy={"Name": "Always"},
network_mode="host",
binds=binds)
m_find_or_pull_node_image.assert_called_once_with('node_image')
m_docker_client.create_container.assert_called_once_with(
node_image,
name='calico-node',
detach=True,
environment=environment,
host_config='host_config',
volumes=[
'/proc_host', '/var/log/calico', '/usr/share/docker/plugins'
])
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container)
def test_node_start(self, m_attach_and_stream,
m_find_or_pull_node_image, m_docker,
m_docker_client, m_client,
m_error_if_bgp_ip_conflict, m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips, m_setup_ip,
m_check_system, m_ensure_host_tunnel_addr,
m_remove_host_tunnel_addr, m_os_makedirs,
m_os_path_exists):
"""
Test that the node_Start function does not make Docker calls
function returns
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
m_docker.utils.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
ipv4_pools = [IPPool(IPNetwork("10.0.0.0/16")),
IPPool(IPNetwork("10.1.0.0/16"), ipip=True)]
ipip_pools = [IPPool(IPNetwork("10.1.0.0/16"), ipip=True)]
m_client.get_ip_pools.return_value = ipv4_pools
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % ETCD_SCHEME_DEFAULT,
"FELIX_ETCDADDR=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"FELIX_ETCDSCHEME=%s" % ETCD_SCHEME_DEFAULT
]
binds = {
log_dir:
{
"bind": "/var/log/calico",
"ro": False
}
}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork,
check_docker=True)
m_setup_ip.assert_called_once_with()
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*",
"virbr.*", "lxcbr.*",
"veth.*", "cali.*",
"tunl.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_error_if_bgp_ip_conflict.assert_called_once_with(ip_2, ip6)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(
node.hostname, ip_2, ip6, as_num
)
m_ensure_host_tunnel_addr.assert_called_once_with(ipv4_pools,
ipip_pools)
assert_false(m_remove_host_tunnel_addr.called)
m_docker_client.remove_container.assert_called_once_with(
'calico-node', force=True
)
m_docker.utils.create_host_config.assert_called_once_with(
privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds
)
m_find_or_pull_node_image.assert_called_once_with('node_image')
m_docker_client.create_container.assert_called_once_with(
node_image,
name='calico-node',
detach=True,
environment=environment,
host_config='host_config',
volumes=['/var/log/calico']
)
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container)
def test_node_start_secure(self, m_root, m_container, m_attach_and_stream,
m_find_or_pull_node_image, m_docker, m_call,
m_docker_client, m_client,
m_conntrack, m_setup_ip, m_check_system,
m_os_getenv, m_os_makedirs, m_os_path_exists,
m_ipv6_enabled):
"""
Test that the node_start function passes in correct values when
secure etcd environment variables are present.
"""
# Set up mock objects
m_root.return_value = False
m_container.return_value = False
ip_2 = '2.2.2.2'
container1 = {'Id': 111}
container2 = {'Id': 222}
m_docker_client.create_container.side_effect = iter([container1,
container2])
m_docker.utils.create_host_config.return_value = 'host_config'
m_os_path_exists.return_value = True
m_check_system.return_value = [True, True, True]
etcd_ca_path = "/path/to/ca.crt"
etcd_cert_path = "/path/to/cert.crt"
etcd_key_path = "/path/to/key.pem"
env = {"CALICO_NETWORKING": CALICO_NETWORKING_DEFAULT,
ETCD_AUTHORITY_ENV: ETCD_AUTHORITY_DEFAULT,
ETCD_SCHEME_ENV: "https",
ETCD_CA_CERT_FILE_ENV: etcd_ca_path,
ETCD_CERT_FILE_ENV: etcd_cert_path,
ETCD_KEY_FILE_ENV: etcd_key_path}
def m_getenv(env_var, *args, **kwargs):
return env[env_var]
m_os_getenv.side_effect = m_getenv
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
docker_plugin = "/run/docker/plugins"
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
libnetwork_image = 'libnetwork_image'
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork_image)
# Set up variables used in assertion statements
environment_node = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING=%s" % CALICO_NETWORKING_DEFAULT,
"AS=",
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
environment_libnetwork = [
"HOSTNAME=%s" % node.hostname,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % "https",
"ETCD_CA_CERT_FILE=%s" % ETCD_CA_CERT_NODE_FILE,
"ETCD_KEY_FILE=%s" % ETCD_KEY_NODE_FILE,
"ETCD_CERT_FILE=%s" % ETCD_CERT_NODE_FILE,
]
binds_node = {
log_dir: {"bind": "/var/log/calico", "ro": False},
"/var/run/calico": {"bind": "/var/run/calico", "ro": False},
etcd_ca_path: {"bind": ETCD_CA_CERT_NODE_FILE, "ro": True},
etcd_cert_path: {"bind": ETCD_CERT_NODE_FILE, "ro": True},
etcd_key_path: {"bind": ETCD_KEY_NODE_FILE, "ro": True}
}
binds_libnetwork = {
etcd_ca_path: {"bind": ETCD_CA_CERT_NODE_FILE, "ro": True},
etcd_cert_path: {"bind": ETCD_CERT_NODE_FILE, "ro": True},
etcd_key_path: {"bind": ETCD_KEY_NODE_FILE, "ro": True},
docker_plugin: {'bind': docker_plugin, 'ro': False}
}
volumes_node = ['/var/log/calico', "/var/run/calico", ETCD_CA_CERT_NODE_FILE,
ETCD_KEY_NODE_FILE, ETCD_CERT_NODE_FILE]
volumes_libnetwork= [docker_plugin, ETCD_CA_CERT_NODE_FILE,
ETCD_KEY_NODE_FILE, ETCD_CERT_NODE_FILE]
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork_image,
check_docker=True,
check_modules=True)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_has_calls([
call('calico-node', force=True),
call('calico-libnetwork', force=True)
])
m_docker.utils.create_host_config.assert_has_calls([
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_node),
call(privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds_libnetwork)
])
m_find_or_pull_node_image.assert_has_calls([call('node_image'),
call('libnetwork_image')])
m_docker_client.create_container.assert_has_calls([
call(node_image,
name='calico-node',
detach=True,
environment=environment_node,
host_config='host_config',
volumes=volumes_node),
call(libnetwork_image,
name='calico-libnetwork',
detach=True,
environment=environment_libnetwork,
host_config='host_config',
volumes=volumes_libnetwork)
])
m_docker_client.start.assert_has_calls([call(container1),
call(container2)])
m_attach_and_stream.assert_called_once_with(container1, False)
def test_node_start(
self,
m_attach_and_stream,
m_find_or_pull_node_image,
m_docker,
m_docker_client,
m_client,
m_install_plugin,
m_warn_if_hostname_conflict,
m_warn_if_unknown_ip,
m_get_host_ips,
m_setup_ip,
m_check_system,
m_os_makedirs,
m_os_path_exists,
):
"""
Test that the node_Start function does not make Docker calls
function returns
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = "1.1.1.1"
ip_2 = "2.2.2.2"
m_get_host_ips.return_value = [ip_1, ip_2]
m_docker.utils.create_host_config.return_value = "host_config"
container = {"Id": 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = "node_image"
runtime = "docker"
log_dir = "./log_dir"
ip = ""
ip6 = "aa:bb::zz"
as_num = ""
detach = False
kube_plugin_version = "v0.2.1"
rkt = True
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach, kube_plugin_version, rkt, libnetwork)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"FELIX_ETCDADDR=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
]
binds = {log_dir: {"bind": "/var/log/calico", "ro": False}}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False, libnetwork=libnetwork, check_docker=True)
m_setup_ip.assert_called_once_with()
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(node.hostname, ip_2, ip6, as_num)
url = node.KUBERNETES_BINARY_URL % kube_plugin_version
m_install_plugin.assert_has_calls(
[call(node.KUBERNETES_PLUGIN_DIR, url), call(node.RKT_PLUGIN_DIR, node.RKT_BINARY_URL)]
)
m_docker_client.remove_container.assert_called_once_with("calico-node", force=True)
m_docker.utils.create_host_config.assert_called_once_with(
privileged=True, restart_policy={"Name": "always"}, network_mode="host", binds=binds
)
m_find_or_pull_node_image.assert_called_once_with("node_image")
m_docker_client.create_container.assert_called_once_with(
node_image,
name="calico-node",
detach=True,
environment=environment,
host_config="host_config",
volumes=["/var/log/calico"],
)
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container)
def test_node_start(self, m_attach_and_stream,
m_find_or_pull_node_image, m_docker,
m_docker_client, m_client, m_install_kube,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_check_system, m_os_getenv,
m_os_makedirs, m_os_path_exists):
"""
Test that the node_start function behaves as expected by mocking
function returns
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
m_os_getenv.side_effect = iter(['1.1.1.1:80', ""])
m_docker.utils.create_host_config.return_value = 'host_config'
container = {'Id':666}
m_docker_client.create_container.return_value = container
# Set up arguments
node_image = 'node_image'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
kubernetes = True
# Call method under test
node.node_start(
node_image, log_dir, ip, ip6, as_num, detach, kubernetes
)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"ETCD_AUTHORITY=1.1.1.1:80", # etcd host:port
"FELIX_ETCDADDR=1.1.1.1:80", # etcd host:port
"POLICY_ONLY_CALICO=",
]
binds = {
"/proc":
{
"bind": "/proc_host",
"ro": False
},
log_dir:
{
"bind": "/var/log/calico",
"ro": False
},
"/run/docker/plugins":
{
"bind": "/usr/share/docker/plugins",
"ro": False
}
}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(fix=False, quit_if_error=False)
m_get_host_ips.assert_called_once_with(exclude=["docker0"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_install_kube.assert_called_once_with(node.KUBERNETES_PLUGIN_DIR)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(
node.hostname, ip_2, ip6, as_num
)
m_docker_client.remove_container.assert_called_once_with(
'calico-node', force=True
)
getenv_calls = [call(ETCD_AUTHORITY_ENV, ETCD_AUTHORITY_DEFAULT),
call(node.POLICY_ONLY_ENV, "")]
m_os_getenv.assert_has_calls(getenv_calls)
m_docker.utils.create_host_config.assert_called_once_with(
privileged=True,
restart_policy={"Name":"Always"},
network_mode="host",
binds=binds
)
m_find_or_pull_node_image.assert_called_once_with(
'node_image'
)
m_docker_client.create_container.assert_called_once_with(
node_image,
name='calico-node',
detach=True,
environment=environment,
host_config='host_config',
volumes=['/proc_host',
'/var/log/calico',
'/usr/share/docker/plugins']
)
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container)
def test_node_dockerless_start(self, m_attach_and_stream,
m_find_or_pull_node_image, m_docker,
m_docker_client, m_client, m_install_plugin,
m_warn_if_hostname_conflict, m_warn_if_unknown_ip,
m_get_host_ips, m_setup_ip, m_check_system,
m_os_makedirs, m_os_path_exists):
"""
Test that the node_start function performs all necessary configurations
without making Docker calls when runtime=none.
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
m_docker.utils.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'none'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = True
kube_plugin_version = 'v0.2.1'
rkt = True
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"FELIX_ETCDADDR=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
]
binds = {
log_dir:
{
"bind": "/var/log/calico",
"ro": False
}
}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork,
check_docker=False)
m_setup_ip.assert_called_once_with()
m_get_host_ips.assert_called_once_with(exclude=["^docker.*", "^cbr.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(
node.hostname, ip_2, ip6, as_num
)
url = node.KUBERNETES_BINARY_URL % kube_plugin_version
m_install_plugin.assert_has_calls([call(node.KUBERNETES_PLUGIN_DIR, url),
call(node.RKT_PLUGIN_DIR, node.RKT_BINARY_URL)])
self.assertFalse(m_docker_client.remove_container.called)
self.assertFalse(m_docker.utils.create_host_config.called)
self.assertFalse(m_find_or_pull_node_image.called)
self.assertFalse(m_docker_client.create_container.called)
self.assertFalse(m_docker_client.start.called)
self.assertFalse(m_attach_and_stream.called)
def test_node_start(self, m_root, m_attach_and_stream,
m_find_or_pull_node_image, m_docker,
m_docker_client, m_client,
m_conntrack, m_setup_ip,
m_check_system, m_container, m_call,
m_os_makedirs, m_os_path_exists, m_ipv6_enabled):
"""
Test that the node_Start function does not make Docker calls
function returns
"""
# Set up mock objects
m_container.return_value = False
m_root.return_value = False
m_os_path_exists.return_value = False
ip_2 = '2.2.2.2'
m_docker_client.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
ipv4_pools = [IPPool(IPNetwork("10.0.0.0/16")),
IPPool(IPNetwork("10.1.0.0/16"), ipip=True)]
ipip_pools = [IPPool(IPNetwork("10.1.0.0/16"), ipip=True)]
m_client.get_ip_pools.return_value = ipv4_pools
# Set up arguments
node_image = 'node_image'
runtime = 'docker'
log_dir = './log_dir'
ip = '2.2.2.2'
ip6 = 'aa:bb::zz'
as_num = ''
detach = False
libnetwork_enabled = False
# Don't pull the node image
no_pull = True
backend = "bird"
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
libnetwork_enabled, no_pull, backend)
# This is to convert libnetwork_enabled (bool) into a string to pass it as an ENV var value
if libnetwork_enabled:
libnetwork_flag_str = "true"
else:
libnetwork_flag_str = "false"
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"CALICO_NETWORKING_BACKEND=%s" % backend,
"AS=",
"NO_DEFAULT_POOLS=",
"CALICO_LIBNETWORK_ENABLED=%s" % libnetwork_flag_str,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"ETCD_SCHEME=%s" % ETCD_SCHEME_DEFAULT,
]
binds = {
log_dir:
{
"bind": "/var/log/calico",
"ro": False
},
"/var/run/calico":
{
"bind": "/var/run/calico",
"ro": False
},
"/lib/modules":
{
"bind": "/lib/modules",
"ro": False
}
}
# Assert
m_os_makedirs.assert_has_calls([call(log_dir), call("/var/run/calico")])
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork_enabled,
check_docker=True,
check_modules=True)
m_setup_ip.assert_called_once_with()
m_docker_client.remove_container.assert_called_once_with(
'calico-node', force=True
)
m_docker_client.create_host_config.assert_called_once_with(
privileged=True,
restart_policy={"Name": "always"},
network_mode="host",
binds=binds
)
self.assertFalse(m_find_or_pull_node_image.called)
m_docker_client.create_container.assert_called_once_with(
node_image,
name='calico-node',
detach=True,
environment=environment,
host_config='host_config',
volumes=['/var/log/calico', "/var/run/calico", "/lib/modules"]
)
m_docker_client.start.assert_called_once_with(container)
m_attach_and_stream.assert_called_once_with(container, False)
def test_node_dockerless_start(
self, m_attach_and_stream, m_find_or_pull_node_image, m_docker,
m_docker_client, m_client, m_install_plugin,
m_error_if_bgp_ip_conflict, m_warn_if_hostname_conflict,
m_warn_if_unknown_ip, m_get_host_ips, m_setup_ip, m_check_system,
m_os_makedirs, m_os_path_exists):
"""
Test that the node_start function performs all necessary configurations
without making Docker calls when runtime=none.
"""
# Set up mock objects
m_os_path_exists.return_value = False
ip_1 = '1.1.1.1'
ip_2 = '2.2.2.2'
m_get_host_ips.return_value = [ip_1, ip_2]
m_docker.utils.create_host_config.return_value = 'host_config'
container = {'Id': 666}
m_docker_client.create_container.return_value = container
m_check_system.return_value = [True, True, True]
# Set up arguments
node_image = 'node_image'
runtime = 'none'
log_dir = './log_dir'
ip = ''
ip6 = 'aa:bb::zz'
as_num = ''
detach = True
kube_plugin_version = 'v0.2.1'
rkt = True
libnetwork = False
# Call method under test
node.node_start(node_image, runtime, log_dir, ip, ip6, as_num, detach,
kube_plugin_version, rkt, libnetwork)
# Set up variables used in assertion statements
environment = [
"HOSTNAME=%s" % node.hostname,
"IP=%s" % ip_2,
"IP6=%s" % ip6,
"ETCD_AUTHORITY=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"FELIX_ETCDADDR=%s" % ETCD_AUTHORITY_DEFAULT, # etcd host:port
"CALICO_NETWORKING=%s" % node.CALICO_NETWORKING_DEFAULT,
]
binds = {log_dir: {"bind": "/var/log/calico", "ro": False}}
# Assert
m_os_path_exists.assert_called_once_with(log_dir)
m_os_makedirs.assert_called_once_with(log_dir)
m_check_system.assert_called_once_with(quit_if_error=False,
libnetwork=libnetwork,
check_docker=False)
m_setup_ip.assert_called_once_with()
m_get_host_ips.assert_called_once_with(
exclude=["^docker.*", "^cbr.*", "virbr.*", "lxcbr.*"])
m_warn_if_unknown_ip.assert_called_once_with(ip_2, ip6)
m_warn_if_hostname_conflict.assert_called_once_with(ip_2)
m_error_if_bgp_ip_conflict.assert_called_once_with(ip_2, ip6)
m_client.get_ip_pools.assert_has_calls([call(4), call(6)])
m_client.ensure_global_config.assert_called_once_with()
m_client.create_host.assert_called_once_with(node.hostname, ip_2, ip6,
as_num)
url = node.KUBERNETES_BINARY_URL % kube_plugin_version
m_install_plugin.assert_has_calls([
call(node.KUBERNETES_PLUGIN_DIR, url),
call(node.RKT_PLUGIN_DIR, node.RKT_BINARY_URL)
])
self.assertFalse(m_docker_client.remove_container.called)
self.assertFalse(m_docker.utils.create_host_config.called)
self.assertFalse(m_find_or_pull_node_image.called)
self.assertFalse(m_docker_client.create_container.called)
self.assertFalse(m_docker_client.start.called)
self.assertFalse(m_attach_and_stream.called)
