def test_create_load_balancer_full_graph_single( self, mock_get_create_load_balancer_flow, mock_api_get_session, mock_dyn_log_listener, mock_taskflow_load, mock_pool_repo_get, mock_member_repo_get, mock_l7rule_repo_get, mock_l7policy_repo_get, mock_listener_repo_get, mock_lb_repo_get, mock_health_mon_repo_get, mock_amp_repo_get): self.conf.config(group="controller_worker", loadbalancer_topology=constants.TOPOLOGY_SINGLE) listeners = [ data_models.Listener(id='listener1'), data_models.Listener(id='listener2') ] lb = data_models.LoadBalancer(id=LB_ID, listeners=listeners) mock_lb_repo_get.return_value = lb mock_eng = mock.Mock() mock_taskflow_load.return_value = mock_eng store = { constants.LOADBALANCER_ID: LB_ID, 'update_dict': { 'topology': constants.TOPOLOGY_SINGLE } } cw = controller_worker.ControllerWorker() cw.create_load_balancer(LB_ID) # mock_create_single_topology.assert_called_once() # mock_create_active_standby_topology.assert_not_called() mock_get_create_load_balancer_flow.assert_called_with( topology=constants.TOPOLOGY_SINGLE, listeners=lb.listeners) mock_taskflow_load.assert_called_with( mock_get_create_load_balancer_flow.return_value, store=store) mock_eng.run.assert_any_call()
def test_update_vip_when_listener_deleted(self): listeners = [data_models.Listener(protocol_port=80, protocol=constants.PROTOCOL_TCP), data_models.Listener( protocol_port=443, protocol=constants.PROTOCOL_TCP, provisioning_status=constants.PENDING_DELETE), data_models.Listener( protocol_port=50, protocol=constants.PROTOCOL_UDP, provisioning_status=constants.PENDING_DELETE)] vip = data_models.Vip(ip_address='10.0.0.2') lb = data_models.LoadBalancer(id='1', listeners=listeners, vip=vip) list_sec_grps = self.driver.neutron_client.list_security_groups list_sec_grps.return_value = {'security_groups': [{'id': 'secgrp-1'}]} fake_rules = { 'security_group_rules': [ {'id': 'rule-80', 'port_range_max': 80, 'protocol': 'tcp'}, {'id': 'rule-22', 'port_range_max': 443, 'protocol': 'tcp'}, {'id': 'rule-udp-50', 'port_range_max': 50, 'protocol': 'tcp'} ] } list_rules = self.driver.neutron_client.list_security_group_rules list_rules.return_value = fake_rules delete_rule = self.driver.neutron_client.delete_security_group_rule create_rule = self.driver.neutron_client.create_security_group_rule self.driver.update_vip(lb) delete_rule.assert_has_calls( [mock.call('rule-22'), mock.call('rule-udp-50')]) self.assertTrue(create_rule.called)
def test_update_vip_when_listener_deleted(self): listeners = [ data_models.Listener(protocol_port=80), data_models.Listener(protocol_port=443, provisioning_status=constants.PENDING_DELETE) ] lb = data_models.LoadBalancer(id='1', listeners=listeners) list_sec_grps = self.driver.neutron_client.list_security_groups list_sec_grps.return_value = {'security_groups': [{'id': 'secgrp-1'}]} fake_rules = { 'security_group_rules': [{ 'id': 'rule-80', 'port_range_max': 80, 'protocol': 'tcp' }, { 'id': 'rule-22', 'port_range_max': 443, 'protocol': 'tcp' }] } list_rules = self.driver.neutron_client.list_security_group_rules list_rules.return_value = fake_rules delete_rule = self.driver.neutron_client.delete_security_group_rule create_rule = self.driver.neutron_client.create_security_group_rule self.driver.update_vip(lb) delete_rule.assert_called_once_with('rule-22') self.assertTrue(create_rule.called)
def test_update_vip(self): listeners = [data_models.Listener(protocol_port=80), data_models.Listener(protocol_port=443)] lb = data_models.LoadBalancer(id='1', listeners=listeners) list_sec_grps = self.driver.neutron_client.list_security_groups list_sec_grps.return_value = {'security_groups': [{'id': 'secgrp-1'}]} fake_rules = { 'security_group_rules': [ {'id': 'rule-80', 'port_range_max': 80}, {'id': 'rule-22', 'port_range_max': 22} ] } list_rules = self.driver.neutron_client.list_security_group_rules list_rules.return_value = fake_rules delete_rule = self.driver.neutron_client.delete_security_group_rule create_rule = self.driver.neutron_client.create_security_group_rule self.driver.update_vip(lb) delete_rule.assert_called_once_with('rule-22') expected_create_rule = { 'security_group_rule': { 'security_group_id': 'secgrp-1', 'direction': 'ingress', 'protocol': 'TCP', 'port_range_min': 443, 'port_range_max': 443 } } create_rule.assert_called_once_with(expected_create_rule)
def test_listeners_update(self, mock_driver, mock_generate_uuid, mock_log, mock_get_session, mock_listener_repo_get, mock_listener_repo_update, mock_amphora_repo_update): listeners_update_obj = amphora_driver_tasks.ListenersUpdate() listeners = [ data_models.Listener(id='listener1'), data_models.Listener(id='listener2') ] vip = data_models.Vip(ip_address='10.0.0.1') lb = data_models.LoadBalancer(id='lb1', listeners=listeners, vip=vip) listeners_update_obj.execute(lb) mock_driver.update.assert_called_once_with(lb) self.assertEqual(1, mock_driver.update.call_count) # Test the revert amp = listeners_update_obj.revert(lb) expected_db_calls = [ mock.call(_session_mock, id=listeners[0].id, provisioning_status=constants.ERROR), mock.call(_session_mock, id=listeners[1].id, provisioning_status=constants.ERROR) ] repo.ListenerRepository.update.has_calls(expected_db_calls) self.assertEqual(2, repo.ListenerRepository.update.call_count) self.assertIsNone(amp)
def test_update_vip(self): listeners = [data_models.Listener(protocol_port=80, peer_port=1024), data_models.Listener(protocol_port=443, peer_port=1025)] vip = data_models.Vip(ip_address='10.0.0.2') lb = data_models.LoadBalancer(id='1', listeners=listeners, vip=vip) list_sec_grps = self.driver.neutron_client.list_security_groups list_sec_grps.return_value = {'security_groups': [{'id': 'secgrp-1'}]} fake_rules = { 'security_group_rules': [ {'id': 'rule-80', 'port_range_max': 80, 'protocol': 'tcp'}, {'id': 'rule-22', 'port_range_max': 22, 'protocol': 'tcp'} ] } list_rules = self.driver.neutron_client.list_security_group_rules list_rules.return_value = fake_rules delete_rule = self.driver.neutron_client.delete_security_group_rule create_rule = self.driver.neutron_client.create_security_group_rule self.driver.update_vip(lb) delete_rule.assert_called_once_with('rule-22') expected_create_rule_1 = { 'security_group_rule': { 'security_group_id': 'secgrp-1', 'direction': 'ingress', 'protocol': 'TCP', 'port_range_min': 1024, 'port_range_max': 1024, 'ethertype': 'IPv4' } } expected_create_rule_2 = { 'security_group_rule': { 'security_group_id': 'secgrp-1', 'direction': 'ingress', 'protocol': 'TCP', 'port_range_min': 1025, 'port_range_max': 1025, 'ethertype': 'IPv4' } } expected_create_rule_3 = { 'security_group_rule': { 'security_group_id': 'secgrp-1', 'direction': 'ingress', 'protocol': 'TCP', 'port_range_min': 443, 'port_range_max': 443, 'ethertype': 'IPv4' } } create_rule.assert_has_calls([mock.call(expected_create_rule_1), mock.call(expected_create_rule_2), mock.call(expected_create_rule_3)])
def setUp(self): super(TestNoopAmphoraLoadBalancerDriver, self).setUp() self.driver = driver.NoopAmphoraLoadBalancerDriver() self.listener = data_models.Listener() self.listener.id = uuidutils.generate_uuid() self.listener.protocol_port = 80 self.vip = data_models.Vip() self.vip.ip_address = "10.0.0.1" self.amphora = data_models.Amphora() self.amphora.id = self.FAKE_UUID_1 self.load_balancer = data_models.LoadBalancer( id=FAKE_UUID_1, amphorae=[self.amphora], vip=self.vip, listeners=[self.listener]) self.listener.load_balancer = self.load_balancer self.network = network_models.Network(id=self.FAKE_UUID_1) self.port = network_models.Port(id=uuidutils.generate_uuid()) self.amphorae_net_configs = { self.amphora.id: network_models.AmphoraNetworkConfig( amphora=self.amphora, vip_subnet=network_models.Subnet(id=self.FAKE_UUID_1)) } self.pem_file = 'test_pem_file' self.agent_config = 'test agent config' self.timeout_dict = { constants.REQ_CONN_TIMEOUT: 1, constants.REQ_READ_TIMEOUT: 2, constants.CONN_MAX_RETRIES: 3, constants.CONN_RETRY_INTERVAL: 4 }
def test_db_listener_to_provider_listener(self): test_db_list = data_models.Listener(id=1) provider_list = utils.db_listener_to_provider_listener(test_db_list) ref_provider_list = driver_dm.Listener(listener_id=1, insert_headers={}) self.assertEqual(ref_provider_list.to_dict(render_unsets=True), provider_list.to_dict(render_unsets=True))
def get_listener_octavia_model(self, listener_dict): # Must use a copy because from_dict will modify the original dict listener = n_data_models.Listener.from_dict( copy.deepcopy(listener_dict)) ret = o_data_models.Listener() args = self._get_common_args(listener) sni_containers = [] if listener_dict.get('sni_containers'): for sni_dict in listener_dict.get('sni_containers'): sni = o_data_models.SNI() if sni_dict.get('listener'): sni.listener = self.get_listener_octavia_model( sni_dict.get('listener')) sni.listener_id = sni_dict.get('listener_id') sni.position = sni_dict.get('position') sni.tls_container_id = sni_dict.get('tls_container_id') sni_containers.append(sni) if listener_dict.get('loadbalancer'): loadbalancer = self.get_loadbalancer_octavia_model( listener_dict.get('loadbalancer')) if listener.id not in [ _listener.id for _listener in loadbalancer.listeners ]: loadbalancer.listeners.append(ret) args.update({ 'load_balancer': loadbalancer, }) if listener_dict.get('default_pool'): pool = self.get_pool_octavia_model( listener_dict.get('default_pool')) if listener.id not in [ _listener.id for _listener in pool.listeners ]: pool.listeners.append(ret) # REVISIT(jiahao): In Mitaka, we need to handle multiple pools pools = [pool] args.update({ 'default_pool': pool, 'pools': pools, }) args.update({ 'load_balancer_id': listener.loadbalancer_id, 'protocol': listener.protocol, 'protocol_port': listener.protocol_port, 'connection_limit': listener.connection_limit, 'default_pool_id': listener.default_pool_id, 'tls_certificate_id': listener.default_tls_container_id, 'sni_containers': sni_containers, 'provisioning_status': listener.provisioning_status, }) ret = self._update(ret, args) return ret
def setUp(self): super(TestNoopAmphoraLoadBalancerDriver, self).setUp() self.driver = driver.NoopAmphoraLoadBalancerDriver() self.listener = data_models.Listener() self.listener.protocol_port = 80 self.vip = data_models.Vip() self.vip.ip_address = "10.0.0.1" self.amphora = data_models.Amphora() self.amphora.id = self.FAKE_UUID_1 self.load_balancer = data_models.LoadBalancer( id=FAKE_UUID_1, amphorae=[self.amphora], vip=self.vip, listeners=[self.listener]) self.network = network_models.Network(id=self.FAKE_UUID_1) self.port = network_models.Port(id=uuidutils.generate_uuid()) self.amphorae_net_configs = { self.amphora.id: network_models.AmphoraNetworkConfig( amphora=self.amphora, vip_subnet=network_models.Subnet(id=self.FAKE_UUID_1)) }
def test_update_health_no_status_change(self): health = { "id": self.FAKE_UUID_1, "listeners": { "listener-id-1": { "status": constants.OPEN, "pools": { "pool-id-1": { "status": constants.UP, "members": { "member-id-1": constants.UP } } } } } } db_lb = data_models.LoadBalancer(id=self.FAKE_UUID_1, operating_status=constants.ONLINE) db_listener = data_models.Listener(id='listener-id-', operating_status=constants.ONLINE, load_balancer_id=self.FAKE_UUID_1) db_pool = data_models.Pool(id='pool-id-1', operating_status=constants.ONLINE) db_member = data_models.Member(id='member-id-1', operating_status=constants.ONLINE) self.listener_repo.get.return_value = db_listener self.pool_repo.get.return_value = db_pool self.member_repo.get.return_value = db_member self.loadbalancer_repo.get.return_value = db_lb self.hm.update_health(health) self.event_client.cast.assert_not_called() self.loadbalancer_repo.update.assert_not_called() self.listener_repo.update.assert_not_called() self.pool_repo.update.assert_not_called() self.member_repo.update.assert_not_called()
from a10_octavia.controller.worker.tasks import health_monitor_tasks as task from a10_octavia.controller.worker.tasks import utils from a10_octavia.tests.common import a10constants from a10_octavia.tests.unit.base import BaseTaskTestCase VTHUNDER = VThunder() HM = o_data_models.HealthMonitor(id=a10constants.MOCK_HM_ID, type='TCP', delay=7, timeout=3, rise_threshold=8, http_method='GET') ARGS = utils.meta(HM, 'hm', {}) LISTENERS = [ o_data_models.Listener(id=a10constants.MOCK_LISTENER_ID, protocol_port=mock.ANY) ] FLAVOR_ARGS = { 'monitor': { 'retry': 5, 'method': { 'http': { 'http_response_code': '201' } }, } } FLAVOR_WITH_REGEX_ARGS = { 'monitor': {
def _mock_listener(self, protocol, conn_limit): listener = o_data_models.Listener(id=a10constants.MOCK_LISTENER_ID) listener.protocol = protocol listener.connection_limit = conn_limit return listener
def __init__(self): self.project_id = uuidutils.generate_uuid() self.lb_id = uuidutils.generate_uuid() self.ip_address = '192.0.2.30' self.port_id = uuidutils.generate_uuid() self.network_id = uuidutils.generate_uuid() self.subnet_id = uuidutils.generate_uuid() self.qos_policy_id = uuidutils.generate_uuid() self.lb_name = uuidutils.generate_uuid() self.lb_description = uuidutils.generate_uuid() self.flavor_id = uuidutils.generate_uuid() self.flavor_profile_id = uuidutils.generate_uuid() self.listener1_id = uuidutils.generate_uuid() self.listener2_id = uuidutils.generate_uuid() self.default_tls_container_ref = uuidutils.generate_uuid() self.sni_container_ref_1 = uuidutils.generate_uuid() self.sni_container_ref_2 = uuidutils.generate_uuid() self.client_ca_tls_certificate_ref = uuidutils.generate_uuid() self.client_crl_container_ref = uuidutils.generate_uuid() self.pool_sni_container_ref = uuidutils.generate_uuid() self.pool_ca_container_ref = uuidutils.generate_uuid() self.pool_crl_container_ref = uuidutils.generate_uuid() self.pool1_id = uuidutils.generate_uuid() self.pool2_id = uuidutils.generate_uuid() self.hm1_id = uuidutils.generate_uuid() self.hm2_id = uuidutils.generate_uuid() self.member1_id = uuidutils.generate_uuid() self.member2_id = uuidutils.generate_uuid() self.member3_id = uuidutils.generate_uuid() self.member4_id = uuidutils.generate_uuid() self.l7policy1_id = uuidutils.generate_uuid() self.l7policy2_id = uuidutils.generate_uuid() self.l7rule1_id = uuidutils.generate_uuid() self.l7rule2_id = uuidutils.generate_uuid() self.created_at = datetime.datetime.now() self.updated_at = (datetime.datetime.now() + datetime.timedelta(minutes=1)) self._common_test_dict = { lib_consts.PROVISIONING_STATUS: constants.ACTIVE, lib_consts.OPERATING_STATUS: constants.ONLINE, lib_consts.PROJECT_ID: self.project_id, constants.CREATED_AT: self.created_at, constants.UPDATED_AT: self.updated_at, constants.ENABLED: True } # Setup Health Monitors self.test_hm1_dict = { lib_consts.ID: self.hm1_id, lib_consts.TYPE: constants.HEALTH_MONITOR_PING, lib_consts.DELAY: 1, lib_consts.TIMEOUT: 3, lib_consts.FALL_THRESHOLD: 1, lib_consts.RISE_THRESHOLD: 2, lib_consts.HTTP_METHOD: lib_consts.HEALTH_MONITOR_HTTP_METHOD_GET, lib_consts.URL_PATH: '/', lib_consts.EXPECTED_CODES: '200', lib_consts.NAME: 'hm1', lib_consts.POOL_ID: self.pool1_id, lib_consts.HTTP_VERSION: 1.0, lib_consts.DOMAIN_NAME: None, lib_consts.PROJECT_ID: self.project_id } self.test_hm1_dict.update(self._common_test_dict) self.test_hm2_dict = copy.deepcopy(self.test_hm1_dict) self.test_hm2_dict[lib_consts.ID] = self.hm2_id self.test_hm2_dict[lib_consts.NAME] = 'hm2' self.test_hm2_dict.update({ lib_consts.HTTP_VERSION: 1.1, lib_consts.DOMAIN_NAME: 'testdomainname.com' }) self.db_hm1 = data_models.HealthMonitor(**self.test_hm1_dict) self.db_hm2 = data_models.HealthMonitor(**self.test_hm2_dict) self.provider_hm1_dict = { lib_consts.ADMIN_STATE_UP: True, lib_consts.DELAY: 1, lib_consts.EXPECTED_CODES: '200', lib_consts.HEALTHMONITOR_ID: self.hm1_id, lib_consts.HTTP_METHOD: lib_consts.HEALTH_MONITOR_HTTP_METHOD_GET, lib_consts.MAX_RETRIES: 2, lib_consts.MAX_RETRIES_DOWN: 1, lib_consts.NAME: 'hm1', lib_consts.POOL_ID: self.pool1_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.TIMEOUT: 3, lib_consts.TYPE: constants.HEALTH_MONITOR_PING, lib_consts.URL_PATH: '/', lib_consts.HTTP_VERSION: 1.0, lib_consts.DOMAIN_NAME: None } self.provider_hm2_dict = copy.deepcopy(self.provider_hm1_dict) self.provider_hm2_dict[lib_consts.HEALTHMONITOR_ID] = self.hm2_id self.provider_hm2_dict[lib_consts.NAME] = 'hm2' self.provider_hm2_dict.update({ lib_consts.HTTP_VERSION: 1.1, lib_consts.DOMAIN_NAME: 'testdomainname.com' }) self.provider_hm1 = driver_dm.HealthMonitor(**self.provider_hm1_dict) self.provider_hm2 = driver_dm.HealthMonitor(**self.provider_hm2_dict) # Setup Members self.test_member1_dict = { lib_consts.ID: self.member1_id, lib_consts.POOL_ID: self.pool1_id, constants.IP_ADDRESS: '192.0.2.16', lib_consts.PROTOCOL_PORT: 80, lib_consts.WEIGHT: 0, lib_consts.BACKUP: False, lib_consts.SUBNET_ID: self.subnet_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.NAME: 'member1', lib_consts.OPERATING_STATUS: lib_consts.ONLINE, lib_consts.PROVISIONING_STATUS: lib_consts.ACTIVE, constants.ENABLED: True, constants.CREATED_AT: self.created_at, constants.UPDATED_AT: self.updated_at, lib_consts.MONITOR_ADDRESS: '192.0.2.26', lib_consts.MONITOR_PORT: 81 } self.test_member1_dict.update(self._common_test_dict) self.test_member2_dict = copy.deepcopy(self.test_member1_dict) self.test_member2_dict[lib_consts.ID] = self.member2_id self.test_member2_dict[constants.IP_ADDRESS] = '192.0.2.17' self.test_member2_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.27' self.test_member2_dict[lib_consts.NAME] = 'member2' self.test_member3_dict = copy.deepcopy(self.test_member1_dict) self.test_member3_dict[lib_consts.ID] = self.member3_id self.test_member3_dict[constants.IP_ADDRESS] = '192.0.2.18' self.test_member3_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.28' self.test_member3_dict[lib_consts.NAME] = 'member3' self.test_member3_dict[lib_consts.POOL_ID] = self.pool2_id self.test_member4_dict = copy.deepcopy(self.test_member1_dict) self.test_member4_dict[lib_consts.ID] = self.member4_id self.test_member4_dict[constants.IP_ADDRESS] = '192.0.2.19' self.test_member4_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.29' self.test_member4_dict[lib_consts.NAME] = 'member4' self.test_member4_dict[lib_consts.POOL_ID] = self.pool2_id self.test_pool1_members_dict = [ self.test_member1_dict, self.test_member2_dict ] self.test_pool2_members_dict = [ self.test_member3_dict, self.test_member4_dict ] self.db_member1 = data_models.Member(**self.test_member1_dict) self.db_member2 = data_models.Member(**self.test_member2_dict) self.db_member3 = data_models.Member(**self.test_member3_dict) self.db_member4 = data_models.Member(**self.test_member4_dict) self.db_pool1_members = [self.db_member1, self.db_member2] self.db_pool2_members = [self.db_member3, self.db_member4] self.provider_member1_dict = { lib_consts.ADDRESS: '192.0.2.16', lib_consts.ADMIN_STATE_UP: True, lib_consts.MEMBER_ID: self.member1_id, lib_consts.MONITOR_ADDRESS: '192.0.2.26', lib_consts.MONITOR_PORT: 81, lib_consts.NAME: 'member1', lib_consts.POOL_ID: self.pool1_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL_PORT: 80, lib_consts.SUBNET_ID: self.subnet_id, lib_consts.WEIGHT: 0, lib_consts.BACKUP: False } self.provider_member2_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member2_dict[lib_consts.MEMBER_ID] = self.member2_id self.provider_member2_dict[lib_consts.ADDRESS] = '192.0.2.17' self.provider_member2_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.27' self.provider_member2_dict[lib_consts.NAME] = 'member2' self.provider_member3_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member3_dict[lib_consts.MEMBER_ID] = self.member3_id self.provider_member3_dict[lib_consts.ADDRESS] = '192.0.2.18' self.provider_member3_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.28' self.provider_member3_dict[lib_consts.NAME] = 'member3' self.provider_member3_dict[lib_consts.POOL_ID] = self.pool2_id self.provider_member4_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member4_dict[lib_consts.MEMBER_ID] = self.member4_id self.provider_member4_dict[lib_consts.ADDRESS] = '192.0.2.19' self.provider_member4_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.29' self.provider_member4_dict[lib_consts.NAME] = 'member4' self.provider_member4_dict[lib_consts.POOL_ID] = self.pool2_id self.provider_pool1_members_dict = [ self.provider_member1_dict, self.provider_member2_dict ] self.provider_pool2_members_dict = [ self.provider_member3_dict, self.provider_member4_dict ] self.provider_member1 = driver_dm.Member(**self.provider_member1_dict) self.provider_member2 = driver_dm.Member(**self.provider_member2_dict) self.provider_member3 = driver_dm.Member(**self.provider_member3_dict) self.provider_member4 = driver_dm.Member(**self.provider_member4_dict) self.provider_pool1_members = [ self.provider_member1, self.provider_member2 ] self.provider_pool2_members = [ self.provider_member3, self.provider_member4 ] # Setup test pools self.test_pool1_dict = { lib_consts.ID: self.pool1_id, lib_consts.NAME: 'pool1', lib_consts.DESCRIPTION: 'Pool 1', constants.LOAD_BALANCER_ID: self.lb_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP, lib_consts.LB_ALGORITHM: lib_consts.LB_ALGORITHM_ROUND_ROBIN, lib_consts.MEMBERS: self.test_pool1_members_dict, constants.HEALTH_MONITOR: self.test_hm1_dict, lib_consts.SESSION_PERSISTENCE: { lib_consts.TYPE: lib_consts.LB_ALGORITHM_SOURCE_IP }, lib_consts.LISTENERS: [], lib_consts.L7POLICIES: [], constants.TLS_CERTIFICATE_ID: self.pool_sni_container_ref, constants.CA_TLS_CERTIFICATE_ID: self.pool_ca_container_ref, constants.CRL_CONTAINER_ID: self.pool_crl_container_ref, lib_consts.TLS_ENABLED: True, lib_consts.TLS_CIPHERS: None, lib_consts.TLS_VERSIONS: None } self.test_pool1_dict.update(self._common_test_dict) self.test_pool2_dict = copy.deepcopy(self.test_pool1_dict) self.test_pool2_dict[lib_consts.ID] = self.pool2_id self.test_pool2_dict[lib_consts.NAME] = 'pool2' self.test_pool2_dict[lib_consts.DESCRIPTION] = 'Pool 2' self.test_pool2_dict[lib_consts.MEMBERS] = self.test_pool2_members_dict del self.test_pool2_dict[constants.TLS_CERTIFICATE_ID] del self.test_pool2_dict[constants.CA_TLS_CERTIFICATE_ID] del self.test_pool2_dict[constants.CRL_CONTAINER_ID] self.test_pools = [self.test_pool1_dict, self.test_pool2_dict] self.db_pool1 = data_models.Pool(**self.test_pool1_dict) self.db_pool1.health_monitor = self.db_hm1 self.db_pool1.members = self.db_pool1_members self.db_pool2 = data_models.Pool(**self.test_pool2_dict) self.db_pool2.health_monitor = self.db_hm2 self.db_pool2.members = self.db_pool2_members self.test_db_pools = [self.db_pool1, self.db_pool2] pool_cert = data_models.TLSContainer(certificate='pool cert') pool_ca_file_content = 'X509 POOL CA CERT FILE' pool_crl_file_content = 'X509 POOL CRL FILE' self.provider_pool1_dict = { lib_consts.ADMIN_STATE_UP: True, lib_consts.DESCRIPTION: 'Pool 1', lib_consts.HEALTHMONITOR: self.provider_hm1_dict, lib_consts.LB_ALGORITHM: lib_consts.LB_ALGORITHM_ROUND_ROBIN, lib_consts.LOADBALANCER_ID: self.lb_id, lib_consts.MEMBERS: self.provider_pool1_members_dict, lib_consts.NAME: 'pool1', lib_consts.POOL_ID: self.pool1_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP, lib_consts.SESSION_PERSISTENCE: { lib_consts.TYPE: lib_consts.LB_ALGORITHM_SOURCE_IP }, lib_consts.TLS_CONTAINER_REF: self.pool_sni_container_ref, lib_consts.TLS_CONTAINER_DATA: pool_cert.to_dict(), lib_consts.CA_TLS_CONTAINER_REF: self.pool_ca_container_ref, lib_consts.CA_TLS_CONTAINER_DATA: pool_ca_file_content, lib_consts.CRL_CONTAINER_REF: self.pool_crl_container_ref, lib_consts.CRL_CONTAINER_DATA: pool_crl_file_content, lib_consts.TLS_ENABLED: True, lib_consts.TLS_CIPHERS: None, lib_consts.TLS_VERSIONS: None, } self.provider_pool2_dict = copy.deepcopy(self.provider_pool1_dict) self.provider_pool2_dict[lib_consts.POOL_ID] = self.pool2_id self.provider_pool2_dict[lib_consts.NAME] = 'pool2' self.provider_pool2_dict[lib_consts.DESCRIPTION] = 'Pool 2' self.provider_pool2_dict[ lib_consts.MEMBERS] = self.provider_pool2_members_dict self.provider_pool2_dict[ lib_consts.HEALTHMONITOR] = self.provider_hm2_dict self.provider_pool2_dict[lib_consts.TLS_CONTAINER_REF] = None del self.provider_pool2_dict[lib_consts.TLS_CONTAINER_DATA] self.provider_pool2_dict[lib_consts.CA_TLS_CONTAINER_REF] = None del self.provider_pool2_dict[lib_consts.CA_TLS_CONTAINER_DATA] self.provider_pool2_dict[lib_consts.CRL_CONTAINER_REF] = None del self.provider_pool2_dict[lib_consts.CRL_CONTAINER_DATA] self.provider_pool1 = driver_dm.Pool(**self.provider_pool1_dict) self.provider_pool1.members = self.provider_pool1_members self.provider_pool1.healthmonitor = self.provider_hm1 self.provider_pool2 = driver_dm.Pool(**self.provider_pool2_dict) self.provider_pool2.members = self.provider_pool2_members self.provider_pool2.healthmonitor = self.provider_hm2 self.provider_pools = [self.provider_pool1, self.provider_pool2] # Setup L7Rules self.test_l7rule1_dict = { lib_consts.ID: self.l7rule1_id, lib_consts.L7POLICY_ID: self.l7policy1_id, lib_consts.TYPE: lib_consts.L7RULE_TYPE_PATH, lib_consts.COMPARE_TYPE: lib_consts.L7RULE_COMPARE_TYPE_EQUAL_TO, lib_consts.KEY: 'fake_key', lib_consts.VALUE: 'fake_value', lib_consts.PROJECT_ID: self.project_id, constants.L7POLICY: None, lib_consts.INVERT: False } self.test_l7rule1_dict.update(self._common_test_dict) self.test_l7rule2_dict = copy.deepcopy(self.test_l7rule1_dict) self.test_l7rule2_dict[lib_consts.ID] = self.l7rule2_id self.test_l7rules = [self.test_l7rule1_dict, self.test_l7rule2_dict] self.db_l7Rule1 = data_models.L7Rule(**self.test_l7rule1_dict) self.db_l7Rule2 = data_models.L7Rule(**self.test_l7rule2_dict) self.db_l7Rules = [self.db_l7Rule1, self.db_l7Rule2] self.provider_l7rule1_dict = { lib_consts.ADMIN_STATE_UP: True, lib_consts.COMPARE_TYPE: lib_consts.L7RULE_COMPARE_TYPE_EQUAL_TO, lib_consts.INVERT: False, lib_consts.KEY: 'fake_key', lib_consts.L7POLICY_ID: self.l7policy1_id, lib_consts.L7RULE_ID: self.l7rule1_id, lib_consts.TYPE: lib_consts.L7RULE_TYPE_PATH, lib_consts.PROJECT_ID: self.project_id, lib_consts.VALUE: 'fake_value' } self.provider_l7rule2_dict = copy.deepcopy(self.provider_l7rule1_dict) self.provider_l7rule2_dict[lib_consts.L7RULE_ID] = self.l7rule2_id self.provider_l7rules_dicts = [ self.provider_l7rule1_dict, self.provider_l7rule2_dict ] self.provider_l7rule1 = driver_dm.L7Rule(**self.provider_l7rule1_dict) self.provider_l7rule2 = driver_dm.L7Rule(**self.provider_l7rule2_dict) self.provider_rules = [self.provider_l7rule1, self.provider_l7rule2] # Setup L7Policies self.test_l7policy1_dict = { lib_consts.ID: self.l7policy1_id, lib_consts.NAME: 'l7policy_1', lib_consts.DESCRIPTION: 'L7policy 1', lib_consts.LISTENER_ID: self.listener1_id, lib_consts.ACTION: lib_consts.L7POLICY_ACTION_REDIRECT_TO_URL, lib_consts.REDIRECT_POOL_ID: None, lib_consts.REDIRECT_URL: 'http://example.com/index.html', lib_consts.REDIRECT_PREFIX: None, lib_consts.PROJECT_ID: self.project_id, lib_consts.POSITION: 1, constants.LISTENER: None, constants.REDIRECT_POOL: None, lib_consts.L7RULES: self.test_l7rules, lib_consts.REDIRECT_HTTP_CODE: 302 } self.test_l7policy1_dict.update(self._common_test_dict) self.test_l7policy2_dict = copy.deepcopy(self.test_l7policy1_dict) self.test_l7policy2_dict[lib_consts.ID] = self.l7policy2_id self.test_l7policy2_dict[lib_consts.NAME] = 'l7policy_2' self.test_l7policy2_dict[lib_consts.DESCRIPTION] = 'L7policy 2' self.test_l7policies = [ self.test_l7policy1_dict, self.test_l7policy2_dict ] self.db_l7policy1 = data_models.L7Policy(**self.test_l7policy1_dict) self.db_l7policy2 = data_models.L7Policy(**self.test_l7policy2_dict) self.db_l7policy1.l7rules = self.db_l7Rules self.db_l7policy2.l7rules = self.db_l7Rules self.db_l7policies = [self.db_l7policy1, self.db_l7policy2] self.provider_l7policy1_dict = { lib_consts.ACTION: lib_consts.L7POLICY_ACTION_REDIRECT_TO_URL, lib_consts.ADMIN_STATE_UP: True, lib_consts.DESCRIPTION: 'L7policy 1', lib_consts.L7POLICY_ID: self.l7policy1_id, lib_consts.LISTENER_ID: self.listener1_id, lib_consts.NAME: 'l7policy_1', lib_consts.POSITION: 1, lib_consts.PROJECT_ID: self.project_id, lib_consts.REDIRECT_POOL_ID: None, lib_consts.REDIRECT_URL: 'http://example.com/index.html', lib_consts.REDIRECT_PREFIX: None, lib_consts.RULES: self.provider_l7rules_dicts, lib_consts.REDIRECT_HTTP_CODE: 302 } self.provider_l7policy2_dict = copy.deepcopy( self.provider_l7policy1_dict) self.provider_l7policy2_dict[ lib_consts.L7POLICY_ID] = self.l7policy2_id self.provider_l7policy2_dict[lib_consts.NAME] = 'l7policy_2' self.provider_l7policy2_dict[lib_consts.DESCRIPTION] = 'L7policy 2' self.provider_l7policies_dict = [ self.provider_l7policy1_dict, self.provider_l7policy2_dict ] self.provider_l7policy1 = driver_dm.L7Policy( **self.provider_l7policy1_dict) self.provider_l7policy1.rules = self.provider_rules self.provider_l7policy2 = driver_dm.L7Policy( **self.provider_l7policy2_dict) self.provider_l7policy2.rules = self.provider_rules self.provider_l7policies = [ self.provider_l7policy1, self.provider_l7policy2 ] # Setup Listeners self.test_listener1_dict = { lib_consts.ID: self.listener1_id, lib_consts.NAME: 'listener_1', lib_consts.DESCRIPTION: 'Listener 1', lib_consts.DEFAULT_POOL_ID: self.pool1_id, constants.LOAD_BALANCER_ID: self.lb_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP, lib_consts.PROTOCOL_PORT: 90, lib_consts.CONNECTION_LIMIT: 10000, constants.TLS_CERTIFICATE_ID: self.default_tls_container_ref, lib_consts.DEFAULT_POOL: self.test_pool1_dict, constants.SNI_CONTAINERS: [{ constants.TLS_CONTAINER_ID: self.sni_container_ref_1 }, { constants.TLS_CONTAINER_ID: self.sni_container_ref_2 }], constants.PEER_PORT: 55, lib_consts.L7POLICIES: self.test_l7policies, lib_consts.INSERT_HEADERS: {}, lib_consts.TIMEOUT_CLIENT_DATA: 1000, lib_consts.TIMEOUT_MEMBER_CONNECT: 2000, lib_consts.TIMEOUT_MEMBER_DATA: 3000, lib_consts.TIMEOUT_TCP_INSPECT: 4000, constants.CLIENT_CA_TLS_CERTIFICATE_ID: self.client_ca_tls_certificate_ref, lib_consts.CLIENT_AUTHENTICATION: constants.CLIENT_AUTH_NONE, constants.CLIENT_CRL_CONTAINER_ID: self.client_crl_container_ref, lib_consts.ALLOWED_CIDRS: ['192.0.2.0/24', '198.51.100.0/24'], lib_consts.TLS_CIPHERS: constants.CIPHERS_OWASP_SUITE_B, lib_consts.TLS_VERSIONS: constants.TLS_VERSIONS_OWASP_SUITE_B } self.test_listener1_dict.update(self._common_test_dict) self.test_listener2_dict = copy.deepcopy(self.test_listener1_dict) self.test_listener2_dict[lib_consts.ID] = self.listener2_id self.test_listener2_dict[lib_consts.NAME] = 'listener_2' self.test_listener2_dict[lib_consts.DESCRIPTION] = 'Listener 1' self.test_listener2_dict[lib_consts.DEFAULT_POOL_ID] = self.pool2_id self.test_listener2_dict[ lib_consts.DEFAULT_POOL] = self.test_pool2_dict del self.test_listener2_dict[lib_consts.L7POLICIES] del self.test_listener2_dict[constants.SNI_CONTAINERS] del self.test_listener2_dict[constants.CLIENT_CA_TLS_CERTIFICATE_ID] del self.test_listener2_dict[constants.CLIENT_CRL_CONTAINER_ID] self.test_listeners = [ self.test_listener1_dict, self.test_listener2_dict ] self.db_listener1 = data_models.Listener(**self.test_listener1_dict) self.db_listener2 = data_models.Listener(**self.test_listener2_dict) self.db_listener1.default_pool = self.db_pool1 self.db_listener2.default_pool = self.db_pool2 self.db_listener1.l7policies = self.db_l7policies self.db_listener1.sni_containers = [ data_models.SNI(tls_container_id='2'), data_models.SNI(tls_container_id='3') ] self.test_db_listeners = [self.db_listener1, self.db_listener2] cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') ca_cert = 'ca cert' crl_file_content = 'X509 CRL FILE' self.provider_listener1_dict = { lib_consts.ADMIN_STATE_UP: True, lib_consts.ALLOWED_CIDRS: ['192.0.2.0/24', '198.51.100.0/24'], lib_consts.CONNECTION_LIMIT: 10000, lib_consts.DEFAULT_POOL: self.provider_pool1_dict, lib_consts.DEFAULT_POOL_ID: self.pool1_id, lib_consts.DEFAULT_TLS_CONTAINER_DATA: cert1.to_dict(), lib_consts.DEFAULT_TLS_CONTAINER_REF: self.default_tls_container_ref, lib_consts.DESCRIPTION: 'Listener 1', lib_consts.INSERT_HEADERS: {}, lib_consts.L7POLICIES: self.provider_l7policies_dict, lib_consts.LISTENER_ID: self.listener1_id, lib_consts.LOADBALANCER_ID: self.lb_id, lib_consts.NAME: 'listener_1', lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP, lib_consts.PROTOCOL_PORT: 90, lib_consts.SNI_CONTAINER_DATA: [cert2.to_dict(), cert3.to_dict()], lib_consts.SNI_CONTAINER_REFS: [self.sni_container_ref_1, self.sni_container_ref_2], lib_consts.TIMEOUT_CLIENT_DATA: 1000, lib_consts.TIMEOUT_MEMBER_CONNECT: 2000, lib_consts.TIMEOUT_MEMBER_DATA: 3000, lib_consts.TIMEOUT_TCP_INSPECT: 4000, lib_consts.CLIENT_CA_TLS_CONTAINER_REF: self.client_ca_tls_certificate_ref, lib_consts.CLIENT_CA_TLS_CONTAINER_DATA: ca_cert, lib_consts.CLIENT_AUTHENTICATION: constants.CLIENT_AUTH_NONE, lib_consts.CLIENT_CRL_CONTAINER_REF: self.client_crl_container_ref, lib_consts.CLIENT_CRL_CONTAINER_DATA: crl_file_content, lib_consts.TLS_CIPHERS: constants.CIPHERS_OWASP_SUITE_B, lib_consts.TLS_VERSIONS: constants.TLS_VERSIONS_OWASP_SUITE_B } self.provider_listener2_dict = copy.deepcopy( self.provider_listener1_dict) self.provider_listener2_dict[ lib_consts.LISTENER_ID] = self.listener2_id self.provider_listener2_dict[lib_consts.NAME] = 'listener_2' self.provider_listener2_dict[lib_consts.DESCRIPTION] = 'Listener 1' self.provider_listener2_dict[ lib_consts.DEFAULT_POOL_ID] = self.pool2_id self.provider_listener2_dict[ lib_consts.DEFAULT_POOL] = self.provider_pool2_dict del self.provider_listener2_dict[lib_consts.L7POLICIES] self.provider_listener2_dict[ lib_consts.CLIENT_CA_TLS_CONTAINER_REF] = None del self.provider_listener2_dict[ lib_consts.CLIENT_CA_TLS_CONTAINER_DATA] self.provider_listener2_dict[lib_consts.CLIENT_AUTHENTICATION] = ( constants.CLIENT_AUTH_NONE) self.provider_listener2_dict[ lib_consts.CLIENT_CRL_CONTAINER_REF] = None del self.provider_listener2_dict[lib_consts.CLIENT_CRL_CONTAINER_DATA] self.provider_listener1 = driver_dm.Listener( **self.provider_listener1_dict) self.provider_listener2 = driver_dm.Listener( **self.provider_listener2_dict) self.provider_listener1.default_pool = self.provider_pool1 self.provider_listener2.default_pool = self.provider_pool2 self.provider_listener1.l7policies = self.provider_l7policies self.provider_listeners = [ self.provider_listener1, self.provider_listener2 ] self.test_vip_dict = { constants.IP_ADDRESS: self.ip_address, constants.NETWORK_ID: self.network_id, constants.PORT_ID: self.port_id, lib_consts.SUBNET_ID: self.subnet_id, constants.QOS_POLICY_ID: self.qos_policy_id, constants.OCTAVIA_OWNED: None } self.provider_vip_dict = { lib_consts.VIP_ADDRESS: self.ip_address, lib_consts.VIP_NETWORK_ID: self.network_id, lib_consts.VIP_PORT_ID: self.port_id, lib_consts.VIP_SUBNET_ID: self.subnet_id, lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id, constants.OCTAVIA_OWNED: None } self.db_vip = data_models.Vip(ip_address=self.ip_address, network_id=self.network_id, port_id=self.port_id, subnet_id=self.subnet_id, qos_policy_id=self.qos_policy_id) self.test_loadbalancer1_dict = { lib_consts.NAME: self.lb_name, lib_consts.DESCRIPTION: self.lb_description, constants.ENABLED: True, lib_consts.PROVISIONING_STATUS: lib_consts.PENDING_UPDATE, lib_consts.OPERATING_STATUS: lib_consts.OFFLINE, constants.TOPOLOGY: constants.TOPOLOGY_ACTIVE_STANDBY, constants.VRRP_GROUP: None, constants.PROVIDER: constants.AMPHORA, constants.SERVER_GROUP_ID: uuidutils.generate_uuid(), lib_consts.PROJECT_ID: self.project_id, lib_consts.ID: self.lb_id, constants.FLAVOR_ID: self.flavor_id, constants.TAGS: ['test_tag'] } self.provider_loadbalancer_dict = { lib_consts.ADDITIONAL_VIPS: None, lib_consts.ADMIN_STATE_UP: True, lib_consts.DESCRIPTION: self.lb_description, lib_consts.FLAVOR: { "something": "else" }, lib_consts.LISTENERS: None, lib_consts.LOADBALANCER_ID: self.lb_id, lib_consts.NAME: self.lb_name, lib_consts.POOLS: None, lib_consts.PROJECT_ID: self.project_id, lib_consts.VIP_ADDRESS: self.ip_address, lib_consts.VIP_NETWORK_ID: self.network_id, lib_consts.VIP_PORT_ID: self.port_id, lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id, lib_consts.VIP_SUBNET_ID: self.subnet_id } self.provider_loadbalancer_tree_dict = { lib_consts.ADDITIONAL_VIPS: None, lib_consts.ADMIN_STATE_UP: True, lib_consts.AVAILABILITY_ZONE: None, lib_consts.DESCRIPTION: self.lb_description, lib_consts.FLAVOR: { "something": "else" }, lib_consts.LISTENERS: None, lib_consts.LOADBALANCER_ID: self.lb_id, lib_consts.NAME: self.lb_name, lib_consts.POOLS: None, lib_consts.PROJECT_ID: self.project_id, lib_consts.VIP_ADDRESS: self.ip_address, lib_consts.VIP_NETWORK_ID: self.network_id, lib_consts.VIP_PORT_ID: self.port_id, lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id, lib_consts.VIP_SUBNET_ID: self.subnet_id }
from mock import patch from octavia.certificates.common.auth.barbican_acl import BarbicanACLAuth from octavia.common import data_models as o_data_models from octavia.tests.common import constants as t_constants from a10_octavia.common.data_models import Certificate from a10_octavia.common.data_models import VThunder from a10_octavia.controller.worker.tasks import cert_tasks from a10_octavia.tests.common import a10constants as a10_test_constants from a10_octavia.tests.unit.base import BaseTaskTestCase LB = o_data_models.LoadBalancer(id=a10_test_constants.MOCK_LOAD_BALANCER_ID, project_id=t_constants.MOCK_PROJECT_ID) LISTENER = o_data_models.Listener(protocol='TERMINATED_HTTPS', protocol_port=2222, load_balancer=LB, tls_certificate_id='certificate-id-1') VTHUNDER = VThunder() CERT_DATA = Certificate(cert_filename=a10_test_constants.MOCK_CERT_FILENAME, cert_content=a10_test_constants.MOCK_CERT_CONTENT, key_filename=a10_test_constants.MOCK_KEY_FILENAME, key_content=a10_test_constants.MOCK_KEY_CONTENT, template_name=a10_test_constants.MOCK_TEMPLATE_NAME, key_pass=a10_test_constants.MOCK_KEY_PASS) class TestCertHandlerTasks(BaseTaskTestCase): def setUp(self): super(TestCertHandlerTasks, self).setUp() imp.reload(cert_tasks)
device_name="rack_thunder_1", undercloud=True, username="******", password="******", ip_address="10.10.10.10", partition_name="shared") LB = o_data_models.LoadBalancer(id=a10constants.MOCK_LOAD_BALANCER_ID, flavor_id=a10constants.MOCK_FLAVOR_ID) FIXED_IP = n_data_models.FixedIP(ip_address='10.10.10.10') PORT = n_data_models.Port(id=uuidutils.generate_uuid(), fixed_ips=[FIXED_IP]) VRID = data_models.VRID(id=1, vrid=0, owner=a10constants.MOCK_PROJECT_ID, vrid_port_id=uuidutils.generate_uuid(), vrid_floating_ip='10.0.12.32') LISTENER = o_data_models.Listener(id=a10constants.MOCK_LISTENER_ID, load_balancer=LB) POOL = o_data_models.Pool(id=a10constants.MOCK_POOL_ID, load_balancer=LB) HM = o_data_models.HealthMonitor(id=a10constants, pool=POOL) MEMBER_1 = o_data_models.Member(id=uuidutils.generate_uuid(), project_id=a10constants.MOCK_PROJECT_ID, subnet_id=a10constants.MOCK_SUBNET_ID, pool=POOL) MEMBER_2 = o_data_models.Member(id=uuidutils.generate_uuid(), project_id=a10constants.MOCK_PROJECT_ID, subnet_id=a10constants.MOCK_SUBNET_ID_2, pool=POOL) FLAVOR_PROFILE = o_data_models.FlavorProfile( id=a10constants.MOCK_FLAVOR_PROF_ID, flavor_data={}) FLAVOR = o_data_models.Flavor( id=a10constants.MOCK_FLAVOR_ID, flavor_profile_id=a10constants.MOCK_FLAVOR_PROF_ID)
def __init__(self): self.project_id = uuidutils.generate_uuid() self.lb_id = uuidutils.generate_uuid() self.ip_address = '192.0.2.30' self.port_id = uuidutils.generate_uuid() self.network_id = uuidutils.generate_uuid() self.subnet_id = uuidutils.generate_uuid() self.qos_policy_id = uuidutils.generate_uuid() self.listener1_id = uuidutils.generate_uuid() self.listener2_id = uuidutils.generate_uuid() self.default_tls_container_ref = uuidutils.generate_uuid() self.sni_container_ref_1 = uuidutils.generate_uuid() self.sni_container_ref_2 = uuidutils.generate_uuid() self.client_ca_tls_certificate_ref = uuidutils.generate_uuid() self.client_crl_container_ref = uuidutils.generate_uuid() self.pool_sni_container_ref = uuidutils.generate_uuid() self.pool_ca_container_ref = uuidutils.generate_uuid() self.pool_crl_container_ref = uuidutils.generate_uuid() self.pool1_id = uuidutils.generate_uuid() self.pool2_id = uuidutils.generate_uuid() self.hm1_id = uuidutils.generate_uuid() self.hm2_id = uuidutils.generate_uuid() self.member1_id = uuidutils.generate_uuid() self.member2_id = uuidutils.generate_uuid() self.member3_id = uuidutils.generate_uuid() self.member4_id = uuidutils.generate_uuid() self.l7policy1_id = uuidutils.generate_uuid() self.l7policy2_id = uuidutils.generate_uuid() self.l7rule1_id = uuidutils.generate_uuid() self.l7rule2_id = uuidutils.generate_uuid() self._common_test_dict = { 'provisioning_status': constants.ACTIVE, 'operating_status': constants.ONLINE, 'project_id': self.project_id, 'created_at': 'then', 'updated_at': 'now', 'enabled': True } # Setup Health Monitors self.test_hm1_dict = { 'id': self.hm1_id, 'type': constants.HEALTH_MONITOR_PING, 'delay': 1, 'timeout': 3, 'fall_threshold': 1, 'rise_threshold': 2, 'http_method': 'GET', 'url_path': '/', 'expected_codes': '200', 'name': 'hm1', 'pool_id': self.pool1_id, 'http_version': 1.0, 'domain_name': None, 'project_id': self.project_id } self.test_hm1_dict.update(self._common_test_dict) self.test_hm2_dict = copy.deepcopy(self.test_hm1_dict) self.test_hm2_dict['id'] = self.hm2_id self.test_hm2_dict['name'] = 'hm2' self.test_hm2_dict.update({ 'http_version': 1.1, 'domain_name': 'testdomainname.com' }) self.db_hm1 = data_models.HealthMonitor(**self.test_hm1_dict) self.db_hm2 = data_models.HealthMonitor(**self.test_hm2_dict) self.provider_hm1_dict = { 'admin_state_up': True, 'delay': 1, 'expected_codes': '200', 'healthmonitor_id': self.hm1_id, 'http_method': 'GET', 'max_retries': 2, 'max_retries_down': 1, 'name': 'hm1', 'pool_id': self.pool1_id, 'project_id': self.project_id, 'timeout': 3, 'type': constants.HEALTH_MONITOR_PING, 'url_path': '/', 'http_version': 1.0, 'domain_name': None } self.provider_hm2_dict = copy.deepcopy(self.provider_hm1_dict) self.provider_hm2_dict['healthmonitor_id'] = self.hm2_id self.provider_hm2_dict['name'] = 'hm2' self.provider_hm2_dict.update({ 'http_version': 1.1, 'domain_name': 'testdomainname.com' }) self.provider_hm1 = driver_dm.HealthMonitor(**self.provider_hm1_dict) self.provider_hm2 = driver_dm.HealthMonitor(**self.provider_hm2_dict) # Setup Members self.test_member1_dict = { 'id': self.member1_id, 'pool_id': self.pool1_id, 'ip_address': '192.0.2.16', 'protocol_port': 80, 'weight': 0, 'backup': False, 'subnet_id': self.subnet_id, 'pool': None, 'project_id': self.project_id, 'name': 'member1', 'monitor_address': '192.0.2.26', 'monitor_port': 81 } self.test_member1_dict.update(self._common_test_dict) self.test_member2_dict = copy.deepcopy(self.test_member1_dict) self.test_member2_dict['id'] = self.member2_id self.test_member2_dict['ip_address'] = '192.0.2.17' self.test_member2_dict['monitor_address'] = '192.0.2.27' self.test_member2_dict['name'] = 'member2' self.test_member3_dict = copy.deepcopy(self.test_member1_dict) self.test_member3_dict['id'] = self.member3_id self.test_member3_dict['ip_address'] = '192.0.2.18' self.test_member3_dict['monitor_address'] = '192.0.2.28' self.test_member3_dict['name'] = 'member3' self.test_member3_dict['pool_id'] = self.pool2_id self.test_member4_dict = copy.deepcopy(self.test_member1_dict) self.test_member4_dict['id'] = self.member4_id self.test_member4_dict['ip_address'] = '192.0.2.19' self.test_member4_dict['monitor_address'] = '192.0.2.29' self.test_member4_dict['name'] = 'member4' self.test_member4_dict['pool_id'] = self.pool2_id self.test_pool1_members_dict = [ self.test_member1_dict, self.test_member2_dict ] self.test_pool2_members_dict = [ self.test_member3_dict, self.test_member4_dict ] self.db_member1 = data_models.Member(**self.test_member1_dict) self.db_member2 = data_models.Member(**self.test_member2_dict) self.db_member3 = data_models.Member(**self.test_member3_dict) self.db_member4 = data_models.Member(**self.test_member4_dict) self.db_pool1_members = [self.db_member1, self.db_member2] self.db_pool2_members = [self.db_member3, self.db_member4] self.provider_member1_dict = { 'address': '192.0.2.16', 'admin_state_up': True, 'member_id': self.member1_id, 'monitor_address': '192.0.2.26', 'monitor_port': 81, 'name': 'member1', 'pool_id': self.pool1_id, 'project_id': self.project_id, 'protocol_port': 80, 'subnet_id': self.subnet_id, 'weight': 0, 'backup': False } self.provider_member2_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member2_dict['member_id'] = self.member2_id self.provider_member2_dict['address'] = '192.0.2.17' self.provider_member2_dict['monitor_address'] = '192.0.2.27' self.provider_member2_dict['name'] = 'member2' self.provider_member3_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member3_dict['member_id'] = self.member3_id self.provider_member3_dict['address'] = '192.0.2.18' self.provider_member3_dict['monitor_address'] = '192.0.2.28' self.provider_member3_dict['name'] = 'member3' self.provider_member3_dict['pool_id'] = self.pool2_id self.provider_member4_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member4_dict['member_id'] = self.member4_id self.provider_member4_dict['address'] = '192.0.2.19' self.provider_member4_dict['monitor_address'] = '192.0.2.29' self.provider_member4_dict['name'] = 'member4' self.provider_member4_dict['pool_id'] = self.pool2_id self.provider_pool1_members_dict = [ self.provider_member1_dict, self.provider_member2_dict ] self.provider_pool2_members_dict = [ self.provider_member3_dict, self.provider_member4_dict ] self.provider_member1 = driver_dm.Member(**self.provider_member1_dict) self.provider_member2 = driver_dm.Member(**self.provider_member2_dict) self.provider_member3 = driver_dm.Member(**self.provider_member3_dict) self.provider_member4 = driver_dm.Member(**self.provider_member4_dict) self.provider_pool1_members = [ self.provider_member1, self.provider_member2 ] self.provider_pool2_members = [ self.provider_member3, self.provider_member4 ] # Setup test pools self.test_pool1_dict = { 'id': self.pool1_id, 'name': 'pool1', 'description': 'Pool 1', 'load_balancer_id': self.lb_id, 'project_id': self.project_id, 'protocol': 'avian', 'lb_algorithm': 'round_robin', 'members': self.test_pool1_members_dict, 'health_monitor': self.test_hm1_dict, 'session_persistence': { 'type': 'SOURCE' }, 'listeners': [], 'l7policies': [], 'tls_certificate_id': self.pool_sni_container_ref, 'ca_tls_certificate_id': self.pool_ca_container_ref, 'crl_container_id': self.pool_crl_container_ref, 'tls_enabled': True } self.test_pool1_dict.update(self._common_test_dict) self.test_pool2_dict = copy.deepcopy(self.test_pool1_dict) self.test_pool2_dict['id'] = self.pool2_id self.test_pool2_dict['name'] = 'pool2' self.test_pool2_dict['description'] = 'Pool 2' self.test_pool2_dict['members'] = self.test_pool2_members_dict del self.test_pool2_dict['tls_certificate_id'] del self.test_pool2_dict['ca_tls_certificate_id'] del self.test_pool2_dict['crl_container_id'] self.test_pools = [self.test_pool1_dict, self.test_pool2_dict] self.db_pool1 = data_models.Pool(**self.test_pool1_dict) self.db_pool1.health_monitor = self.db_hm1 self.db_pool1.members = self.db_pool1_members self.db_pool2 = data_models.Pool(**self.test_pool2_dict) self.db_pool2.health_monitor = self.db_hm2 self.db_pool2.members = self.db_pool2_members self.test_db_pools = [self.db_pool1, self.db_pool2] pool_cert = data_models.TLSContainer(certificate='pool cert') pool_ca_file_content = 'X509 POOL CA CERT FILE' pool_crl_file_content = 'X509 POOL CRL FILE' self.provider_pool1_dict = { 'admin_state_up': True, 'description': 'Pool 1', 'healthmonitor': self.provider_hm1_dict, 'lb_algorithm': 'round_robin', 'loadbalancer_id': self.lb_id, 'members': self.provider_pool1_members_dict, 'name': 'pool1', 'pool_id': self.pool1_id, 'project_id': self.project_id, 'protocol': 'avian', 'session_persistence': { 'type': 'SOURCE' }, 'tls_container_ref': self.pool_sni_container_ref, 'tls_container_data': pool_cert.to_dict(), 'ca_tls_container_ref': self.pool_ca_container_ref, 'ca_tls_container_data': pool_ca_file_content, 'crl_container_ref': self.pool_crl_container_ref, 'crl_container_data': pool_crl_file_content, 'tls_enabled': True } self.provider_pool2_dict = copy.deepcopy(self.provider_pool1_dict) self.provider_pool2_dict['pool_id'] = self.pool2_id self.provider_pool2_dict['name'] = 'pool2' self.provider_pool2_dict['description'] = 'Pool 2' self.provider_pool2_dict['members'] = self.provider_pool2_members_dict self.provider_pool2_dict['healthmonitor'] = self.provider_hm2_dict self.provider_pool2_dict['tls_container_ref'] = None del self.provider_pool2_dict['tls_container_data'] self.provider_pool2_dict['ca_tls_container_ref'] = None del self.provider_pool2_dict['ca_tls_container_data'] self.provider_pool2_dict['crl_container_ref'] = None del self.provider_pool2_dict['crl_container_data'] self.provider_pool1 = driver_dm.Pool(**self.provider_pool1_dict) self.provider_pool1.members = self.provider_pool1_members self.provider_pool1.healthmonitor = self.provider_hm1 self.provider_pool2 = driver_dm.Pool(**self.provider_pool2_dict) self.provider_pool2.members = self.provider_pool2_members self.provider_pool2.healthmonitor = self.provider_hm2 self.provider_pools = [self.provider_pool1, self.provider_pool2] # Setup L7Rules self.test_l7rule1_dict = { 'id': self.l7rule1_id, 'l7policy_id': self.l7policy1_id, 'type': 'o', 'compare_type': 'fake_type', 'key': 'fake_key', 'value': 'fake_value', 'project_id': self.project_id, 'l7policy': None, 'invert': False } self.test_l7rule1_dict.update(self._common_test_dict) self.test_l7rule2_dict = copy.deepcopy(self.test_l7rule1_dict) self.test_l7rule2_dict['id'] = self.l7rule2_id self.test_l7rules = [self.test_l7rule1_dict, self.test_l7rule2_dict] self.db_l7Rule1 = data_models.L7Rule(**self.test_l7rule1_dict) self.db_l7Rule2 = data_models.L7Rule(**self.test_l7rule2_dict) self.db_l7Rules = [self.db_l7Rule1, self.db_l7Rule2] self.provider_l7rule1_dict = { 'admin_state_up': True, 'compare_type': 'fake_type', 'invert': False, 'key': 'fake_key', 'l7policy_id': self.l7policy1_id, 'l7rule_id': self.l7rule1_id, 'type': 'o', 'project_id': self.project_id, 'value': 'fake_value' } self.provider_l7rule2_dict = copy.deepcopy(self.provider_l7rule1_dict) self.provider_l7rule2_dict['l7rule_id'] = self.l7rule2_id self.provider_l7rules_dicts = [ self.provider_l7rule1_dict, self.provider_l7rule2_dict ] self.provider_l7rule1 = driver_dm.L7Rule(**self.provider_l7rule1_dict) self.provider_l7rule2 = driver_dm.L7Rule(**self.provider_l7rule2_dict) self.provider_rules = [self.provider_l7rule1, self.provider_l7rule2] # Setup L7Policies self.test_l7policy1_dict = { 'id': self.l7policy1_id, 'name': 'l7policy_1', 'description': 'L7policy 1', 'listener_id': self.listener1_id, 'action': 'go', 'redirect_pool_id': self.pool1_id, 'redirect_url': '/index.html', 'redirect_prefix': 'https://example.com/', 'project_id': self.project_id, 'position': 1, 'listener': None, 'redirect_pool': None, 'l7rules': self.test_l7rules, 'redirect_http_code': 302 } self.test_l7policy1_dict.update(self._common_test_dict) self.test_l7policy2_dict = copy.deepcopy(self.test_l7policy1_dict) self.test_l7policy2_dict['id'] = self.l7policy2_id self.test_l7policy2_dict['name'] = 'l7policy_2' self.test_l7policy2_dict['description'] = 'L7policy 2' self.test_l7policies = [ self.test_l7policy1_dict, self.test_l7policy2_dict ] self.db_l7policy1 = data_models.L7Policy(**self.test_l7policy1_dict) self.db_l7policy2 = data_models.L7Policy(**self.test_l7policy2_dict) self.db_l7policy1.l7rules = self.db_l7Rules self.db_l7policy2.l7rules = self.db_l7Rules self.db_l7policies = [self.db_l7policy1, self.db_l7policy2] self.provider_l7policy1_dict = { 'action': 'go', 'admin_state_up': True, 'description': 'L7policy 1', 'l7policy_id': self.l7policy1_id, 'listener_id': self.listener1_id, 'name': 'l7policy_1', 'position': 1, 'project_id': self.project_id, 'redirect_pool_id': self.pool1_id, 'redirect_url': '/index.html', 'redirect_prefix': 'https://example.com/', 'rules': self.provider_l7rules_dicts, 'redirect_http_code': 302 } self.provider_l7policy2_dict = copy.deepcopy( self.provider_l7policy1_dict) self.provider_l7policy2_dict['l7policy_id'] = self.l7policy2_id self.provider_l7policy2_dict['name'] = 'l7policy_2' self.provider_l7policy2_dict['description'] = 'L7policy 2' self.provider_l7policies_dict = [ self.provider_l7policy1_dict, self.provider_l7policy2_dict ] self.provider_l7policy1 = driver_dm.L7Policy( **self.provider_l7policy1_dict) self.provider_l7policy1.rules = self.provider_rules self.provider_l7policy2 = driver_dm.L7Policy( **self.provider_l7policy2_dict) self.provider_l7policy2.rules = self.provider_rules self.provider_l7policies = [ self.provider_l7policy1, self.provider_l7policy2 ] # Setup Listeners self.test_listener1_dict = { 'id': self.listener1_id, 'name': 'listener_1', 'description': 'Listener 1', 'default_pool_id': self.pool1_id, 'load_balancer_id': self.lb_id, 'project_id': self.project_id, 'protocol': 'avian', 'protocol_port': 90, 'connection_limit': 10000, 'tls_certificate_id': self.default_tls_container_ref, 'stats': None, 'default_pool': self.test_pool1_dict, 'load_balancer': None, 'sni_containers': [self.sni_container_ref_1, self.sni_container_ref_2], 'peer_port': 55, 'l7policies': self.test_l7policies, 'insert_headers': {}, 'pools': None, 'timeout_client_data': 1000, 'timeout_member_connect': 2000, 'timeout_member_data': 3000, 'timeout_tcp_inspect': 4000, 'client_ca_tls_certificate_id': self.client_ca_tls_certificate_ref, 'client_authentication': constants.CLIENT_AUTH_NONE, 'client_crl_container_id': self.client_crl_container_ref } self.test_listener1_dict.update(self._common_test_dict) self.test_listener2_dict = copy.deepcopy(self.test_listener1_dict) self.test_listener2_dict['id'] = self.listener2_id self.test_listener2_dict['name'] = 'listener_2' self.test_listener2_dict['description'] = 'Listener 1' self.test_listener2_dict['default_pool_id'] = self.pool2_id self.test_listener2_dict['default_pool'] = self.test_pool2_dict del self.test_listener2_dict['l7policies'] del self.test_listener2_dict['sni_containers'] del self.test_listener2_dict['client_ca_tls_certificate_id'] del self.test_listener2_dict['client_crl_container_id'] self.test_listeners = [ self.test_listener1_dict, self.test_listener2_dict ] self.db_listener1 = data_models.Listener(**self.test_listener1_dict) self.db_listener2 = data_models.Listener(**self.test_listener2_dict) self.db_listener1.default_pool = self.db_pool1 self.db_listener2.default_pool = self.db_pool2 self.db_listener1.l7policies = self.db_l7policies self.db_listener1.sni_containers = [ data_models.SNI(tls_container_id='2'), data_models.SNI(tls_container_id='3') ] self.test_db_listeners = [self.db_listener1, self.db_listener2] cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') ca_cert = 'ca cert' crl_file_content = 'X509 CRL FILE' self.provider_listener1_dict = { 'admin_state_up': True, 'connection_limit': 10000, 'default_pool': self.provider_pool1_dict, 'default_pool_id': self.pool1_id, 'default_tls_container_data': cert1.to_dict(), 'default_tls_container_ref': self.default_tls_container_ref, 'description': 'Listener 1', 'insert_headers': {}, 'l7policies': self.provider_l7policies_dict, 'listener_id': self.listener1_id, 'loadbalancer_id': self.lb_id, 'name': 'listener_1', 'project_id': self.project_id, 'protocol': 'avian', 'protocol_port': 90, 'sni_container_data': [cert2.to_dict(), cert3.to_dict()], 'sni_container_refs': [self.sni_container_ref_1, self.sni_container_ref_2], 'timeout_client_data': 1000, 'timeout_member_connect': 2000, 'timeout_member_data': 3000, 'timeout_tcp_inspect': 4000, 'client_ca_tls_container_ref': self.client_ca_tls_certificate_ref, 'client_ca_tls_container_data': ca_cert, 'client_authentication': constants.CLIENT_AUTH_NONE, 'client_crl_container_ref': self.client_crl_container_ref, 'client_crl_container_data': crl_file_content } self.provider_listener2_dict = copy.deepcopy( self.provider_listener1_dict) self.provider_listener2_dict['listener_id'] = self.listener2_id self.provider_listener2_dict['name'] = 'listener_2' self.provider_listener2_dict['description'] = 'Listener 1' self.provider_listener2_dict['default_pool_id'] = self.pool2_id self.provider_listener2_dict['default_pool'] = self.provider_pool2_dict del self.provider_listener2_dict['l7policies'] self.provider_listener2_dict['client_ca_tls_container_ref'] = None del self.provider_listener2_dict['client_ca_tls_container_data'] self.provider_listener2_dict['client_authentication'] = ( constants.CLIENT_AUTH_NONE) self.provider_listener2_dict['client_crl_container_ref'] = None del self.provider_listener2_dict['client_crl_container_data'] self.provider_listener1 = driver_dm.Listener( **self.provider_listener1_dict) self.provider_listener2 = driver_dm.Listener( **self.provider_listener2_dict) self.provider_listener1.default_pool = self.provider_pool1 self.provider_listener2.default_pool = self.provider_pool2 self.provider_listener1.l7policies = self.provider_l7policies self.provider_listeners = [ self.provider_listener1, self.provider_listener2 ] self.test_vip_dict = { 'ip_address': self.ip_address, 'network_id': self.network_id, 'port_id': self.port_id, 'subnet_id': self.subnet_id, 'qos_policy_id': self.qos_policy_id } self.provider_vip_dict = { 'vip_address': self.ip_address, 'vip_network_id': self.network_id, 'vip_port_id': self.port_id, 'vip_subnet_id': self.subnet_id, 'vip_qos_policy_id': self.qos_policy_id } self.db_vip = data_models.Vip(ip_address=self.ip_address, network_id=self.network_id, port_id=self.port_id, subnet_id=self.subnet_id, qos_policy_id=self.qos_policy_id)
def listener_dict_to_provider_dict(listener_dict, for_delete=False): new_listener_dict = _base_to_provider_dict(listener_dict, include_project_id=True) new_listener_dict['listener_id'] = new_listener_dict.pop('id') if 'load_balancer_id' in new_listener_dict: new_listener_dict['loadbalancer_id'] = new_listener_dict.pop( 'load_balancer_id') # Pull the certs out of the certificate manager to pass to the provider if 'tls_certificate_id' in new_listener_dict: new_listener_dict['default_tls_container_ref'] = new_listener_dict.pop( 'tls_certificate_id') if 'sni_containers' in new_listener_dict: sni_refs = [] sni_containers = new_listener_dict.pop('sni_containers') for sni in sni_containers: if 'tls_container_id' in sni: sni_refs.append(sni['tls_container_id']) else: raise exceptions.ValidationException( detail=_('Invalid SNI container on listener')) new_listener_dict['sni_container_refs'] = sni_refs if 'sni_container_refs' in listener_dict: listener_dict['sni_containers'] = listener_dict.pop( 'sni_container_refs') if 'client_ca_tls_certificate_id' in new_listener_dict: new_listener_dict['client_ca_tls_container_ref'] = ( new_listener_dict.pop('client_ca_tls_certificate_id')) if 'client_crl_container_id' in new_listener_dict: new_listener_dict['client_crl_container_ref'] = ( new_listener_dict.pop('client_crl_container_id')) listener_obj = data_models.Listener(**listener_dict) if (listener_obj.tls_certificate_id or listener_obj.sni_containers or listener_obj.client_ca_tls_certificate_id): SNI_objs = [] for sni in listener_obj.sni_containers: if isinstance(sni, dict): if 'listener' in sni: del sni['listener'] sni_obj = data_models.SNI(**sni) SNI_objs.append(sni_obj) elif isinstance(sni, str): sni_obj = data_models.SNI(tls_container_id=sni) SNI_objs.append(sni_obj) else: raise exceptions.ValidationException( detail=_('Invalid SNI container on listener')) listener_obj.sni_containers = SNI_objs cert_manager = stevedore_driver.DriverManager( namespace='octavia.cert_manager', name=CONF.certificates.cert_manager, invoke_on_load=True, ).driver try: cert_dict = cert_parser.load_certificates_data( cert_manager, listener_obj) except Exception as e: with excutils.save_and_reraise_exception() as ctxt: LOG.warning('Unable to retrieve certificate(s) due to %s.', str(e)) if for_delete: ctxt.reraise = False cert_dict = {} if 'tls_cert' in cert_dict and cert_dict['tls_cert']: new_listener_dict['default_tls_container_data'] = ( cert_dict['tls_cert'].to_dict(recurse=True)) if 'sni_certs' in cert_dict and cert_dict['sni_certs']: sni_data_list = [] for sni in cert_dict['sni_certs']: sni_data_list.append(sni.to_dict(recurse=True)) new_listener_dict['sni_container_data'] = sni_data_list if listener_obj.client_ca_tls_certificate_id: cert = _get_secret_data(cert_manager, listener_obj.project_id, listener_obj.client_ca_tls_certificate_id) new_listener_dict['client_ca_tls_container_data'] = cert if listener_obj.client_crl_container_id: crl_file = _get_secret_data(cert_manager, listener_obj.project_id, listener_obj.client_crl_container_id) new_listener_dict['client_crl_container_data'] = crl_file # Format the allowed_cidrs if ('allowed_cidrs' in new_listener_dict and new_listener_dict['allowed_cidrs'] and 'cidr' in new_listener_dict['allowed_cidrs'][0]): cidrs_dict_list = new_listener_dict.pop('allowed_cidrs') new_listener_dict['allowed_cidrs'] = [ cidr_dict['cidr'] for cidr_dict in cidrs_dict_list ] # Remove the DB back references if 'load_balancer' in new_listener_dict: del new_listener_dict['load_balancer'] if 'peer_port' in new_listener_dict: del new_listener_dict['peer_port'] if 'pools' in new_listener_dict: del new_listener_dict['pools'] if 'stats' in new_listener_dict: del new_listener_dict['stats'] if ('default_pool' in new_listener_dict and new_listener_dict['default_pool']): pool = new_listener_dict.pop('default_pool') new_listener_dict['default_pool'] = pool_dict_to_provider_dict( pool, for_delete=for_delete) provider_l7policies = [] if 'l7policies' in new_listener_dict: l7policies = new_listener_dict.pop('l7policies') or [] for l7policy in l7policies: provider_l7policy = l7policy_dict_to_provider_dict(l7policy) provider_l7policies.append(provider_l7policy) new_listener_dict['l7policies'] = provider_l7policies return new_listener_dict
def test_create_load_balancer_full_graph( self, mock_get_create_load_balancer_graph_flows, mock_get_create_load_balancer_flow, mock_get_post_lb_amp_association_flow, mock_api_get_session, mock_dyn_log_listener, mock_taskflow_load, mock_pool_repo_get, mock_member_repo_get, mock_l7rule_repo_get, mock_l7policy_repo_get, mock_listener_repo_get, mock_lb_repo_get, mock_health_mon_repo_get, mock_amp_repo_get): CONF.set_override(group='controller_worker', name='loadbalancer_topology', override=constants.TOPOLOGY_SINGLE, enforce_type=True) listeners = [data_models.Listener(id='listener1'), data_models.Listener(id='listener2')] lb = data_models.LoadBalancer(id=LB_ID, listeners=listeners) mock_lb_repo_get.return_value = lb mock_eng = mock.Mock() mock_eng_post = mock.Mock() mock_taskflow_load.side_effect = [mock_eng, mock_eng_post] _post_flow = mock.MagicMock() mock_get_create_load_balancer_graph_flows.return_value = ( _flow_mock, _post_flow ) store = {constants.LOADBALANCER_ID: LB_ID, 'update_dict': {'topology': 'SINGLE'}} cw = controller_worker.ControllerWorker() cw.create_load_balancer(LB_ID) calls = [mock.call(_flow_mock, store=store), mock.call(_post_flow, store=store)] mock_taskflow_load.assert_has_calls(calls, any_order=True) mock_eng.run.assert_any_call() mock_eng_post.run.assert_any_call() mock_get_create_load_balancer_graph_flows.assert_called_once_with( 'SINGLE', 'post-amphora-association' ) self.assertFalse(mock_get_create_load_balancer_flow.called) self.assertFalse(mock_get_post_lb_amp_association_flow.called) # Test code path for active standby full lb graph creation CONF.set_override(group='controller_worker', name='loadbalancer_topology', override=constants.TOPOLOGY_ACTIVE_STANDBY) _flow_mock.reset_mock() mock_get_create_load_balancer_graph_flows.reset_mock() mock_taskflow_load.reset_mock() mock_eng = mock.Mock() mock_eng_post = mock.Mock() mock_taskflow_load.side_effect = [mock_eng, mock_eng_post] _post_flow = mock.MagicMock() mock_get_create_load_balancer_graph_flows.return_value = ( _flow_mock, _post_flow ) store = {constants.LOADBALANCER_ID: LB_ID, 'update_dict': {'topology': 'ACTIVE_STANDBY'}} cw = controller_worker.ControllerWorker() cw.create_load_balancer(LB_ID) calls = [mock.call(_flow_mock, store=store), mock.call(_post_flow, store=store)] mock_taskflow_load.assert_has_calls(calls, any_order=True) mock_eng.run.assert_any_call() mock_eng_post.run.assert_any_call() mock_get_create_load_balancer_graph_flows.assert_called_once_with( 'ACTIVE_STANDBY', 'post-amphora-association' ) self.assertFalse(mock_get_create_load_balancer_flow.called) self.assertFalse(mock_get_post_lb_amp_association_flow.called)
def listener_dict_to_provider_dict(listener_dict): new_listener_dict = _base_to_provider_dict(listener_dict, include_project_id=True) new_listener_dict['listener_id'] = new_listener_dict.pop('id') if 'load_balancer_id' in new_listener_dict: new_listener_dict['loadbalancer_id'] = new_listener_dict.pop( 'load_balancer_id') # Pull the certs out of the certificate manager to pass to the provider if 'tls_certificate_id' in new_listener_dict: new_listener_dict['default_tls_container_ref'] = new_listener_dict.pop( 'tls_certificate_id') if 'sni_containers' in new_listener_dict: sni_refs = [] sni_containers = new_listener_dict.pop('sni_containers') for sni in sni_containers: if 'tls_container_id' in sni: sni_refs.append(sni['tls_container_id']) else: raise exceptions.ValidationException( detail=_('Invalid SNI container on listener')) new_listener_dict['sni_container_refs'] = sni_refs if 'sni_container_refs' in listener_dict: listener_dict['sni_containers'] = listener_dict.pop( 'sni_container_refs') if 'client_ca_tls_certificate_id' in new_listener_dict: new_listener_dict['client_ca_tls_container_ref'] = ( new_listener_dict.pop('client_ca_tls_certificate_id')) if 'client_crl_container_id' in new_listener_dict: new_listener_dict['client_crl_container_ref'] = ( new_listener_dict.pop('client_crl_container_id')) listener_obj = data_models.Listener(**listener_dict) if (listener_obj.tls_certificate_id or listener_obj.sni_containers or listener_obj.client_ca_tls_certificate_id): SNI_objs = [] for sni in listener_obj.sni_containers: if isinstance(sni, dict): if 'listener' in sni: del sni['listener'] sni_obj = data_models.SNI(**sni) SNI_objs.append(sni_obj) elif isinstance(sni, six.string_types): sni_obj = data_models.SNI(tls_container_id=sni) SNI_objs.append(sni_obj) else: raise exceptions.ValidationException( detail=_('Invalid SNI container on listener')) listener_obj.sni_containers = SNI_objs cert_manager = stevedore_driver.DriverManager( namespace='octavia.cert_manager', name=CONF.certificates.cert_manager, invoke_on_load=True, ).driver cert_dict = cert_parser.load_certificates_data(cert_manager, listener_obj) if 'tls_cert' in cert_dict and cert_dict['tls_cert']: new_listener_dict['default_tls_container_data'] = ( cert_dict['tls_cert'].to_dict()) if 'sni_certs' in cert_dict and cert_dict['sni_certs']: sni_data_list = [] for sni in cert_dict['sni_certs']: sni_data_list.append(sni.to_dict()) new_listener_dict['sni_container_data'] = sni_data_list if listener_obj.client_ca_tls_certificate_id: cert = _get_secret_data(cert_manager, listener_obj.project_id, listener_obj.client_ca_tls_certificate_id) new_listener_dict['client_ca_tls_container_data'] = cert if listener_obj.client_crl_container_id: crl_file = _get_secret_data(cert_manager, listener_obj.project_id, listener_obj.client_crl_container_id) new_listener_dict['client_crl_container_data'] = crl_file # Remove the DB back references if 'load_balancer' in new_listener_dict: del new_listener_dict['load_balancer'] if 'peer_port' in new_listener_dict: del new_listener_dict['peer_port'] if 'pools' in new_listener_dict: del new_listener_dict['pools'] if 'stats' in new_listener_dict: del new_listener_dict['stats'] if ('default_pool' in new_listener_dict and new_listener_dict['default_pool']): pool = new_listener_dict.pop('default_pool') new_listener_dict['default_pool'] = pool_dict_to_provider_dict(pool) provider_l7policies = [] if 'l7policies' in new_listener_dict: l7policies = new_listener_dict.pop('l7policies') or [] for l7policy in l7policies: provider_l7policy = l7policy_dict_to_provider_dict(l7policy) provider_l7policies.append(provider_l7policy) new_listener_dict['l7policies'] = provider_l7policies return new_listener_dict
from mock import patch from octavia.certificates.common.auth.barbican_acl import BarbicanACLAuth from octavia.common import data_models as o_data_models from octavia.tests.common import constants as t_constants from a10_octavia.common.data_models import Certificate from a10_octavia.common.data_models import VThunder from a10_octavia.controller.worker.tasks import cert_tasks from a10_octavia.tests.common import a10constants as a10_test_constants from a10_octavia.tests.unit.base import BaseTaskTestCase LB = o_data_models.LoadBalancer(id=a10_test_constants.MOCK_LOAD_BALANCER_ID, project_id=t_constants.MOCK_PROJECT_ID) LISTENER = o_data_models.Listener(id=a10_test_constants.MOCK_LISTENER_ID, protocol='TERMINATED_HTTPS', protocol_port=2222, load_balancer=LB, tls_certificate_id='certificate-id-1') VTHUNDER = VThunder() CERT_DATA = Certificate(cert_filename=a10_test_constants.MOCK_CERT_FILENAME, cert_content=a10_test_constants.MOCK_CERT_CONTENT, key_filename=a10_test_constants.MOCK_KEY_FILENAME, key_content=a10_test_constants.MOCK_KEY_CONTENT, template_name=a10_test_constants.MOCK_TEMPLATE_NAME, key_pass=a10_test_constants.MOCK_KEY_PASS) class TestCertHandlerTasks(BaseTaskTestCase): def setUp(self): super(TestCertHandlerTasks, self).setUp()