def setUp(self):
super(TestK8sCNIRegistryPlugin, self).setUp()
self.k8s_mock = self.useFixture(kuryr_fixtures.MockK8sClient()).client
self.default_iface = 'baz'
self.additional_iface = 'eth1'
self.kp = {
'metadata': {
'name': 'foo',
'uid': 'bar',
'namespace': 'default',
'selfLink': 'baz'
},
'spec': {
'podUid': 'bar'
}
}
self.vifs = fake._fake_vifs()
registry = {
'default/foo': {
'kp': self.kp,
'vifs': self.vifs,
'containerid': None,
'vif_unplugged': False,
'del_received': False
}
}
healthy = mock.Mock()
self.plugin = k8s_cni_registry.K8sCNIRegistryPlugin(registry, healthy)
self.params = mock.Mock(args=mock.Mock(K8S_POD_NAME='foo',
K8S_POD_NAMESPACE='default'),
CNI_IFNAME=self.default_iface,
CNI_NETNS=123,
CNI_CONTAINERID='cont_id')
def test_on_present_loadbalancer_service(self):
floating_ip = {
'floating_ip_address': '1.2.3.5',
'id': 'ec29d641-fec4-4f67-928a-124a76b3a888'
}
service_pub_ip_info = {
'ip_id': floating_ip['id'],
'ip_addr': floating_ip['floating_ip_address'],
'alloc_method': 'kk'
}
crd = get_lb_crd()
m_drv_service_pub_ip = mock.Mock()
m_drv_service_pub_ip.acquire_service_pub_ip_info.return_value = (
service_pub_ip_info)
m_drv_service_pub_ip.associate_pub_ip.return_value = True
h = mock.Mock(spec=h_lb.KuryrLoadBalancerHandler)
h._should_ignore.return_value = False
h._sync_lbaas_members.return_value = self._fake_sync_lbaas_members(crd)
h._drv_service_pub_ip = m_drv_service_pub_ip
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get_kubernetes_client = mock.Mock()
kubernetes.get_kubernetes_client()
h_lb.KuryrLoadBalancerHandler.on_present(h, crd)
h._should_ignore.assert_called_once_with(crd)
h._update_lb_status.assert_called()
def setUp(self):
super(TestRetryHandler, self).setUp()
self.now = time.time()
f_time = self.useFixture(fixtures.MockPatch('time.time'))
f_time.mock.return_value = self.now
self.k8s = self.useFixture(k_fix.MockK8sClient()).client
f_k8s = self.useFixture(fixtures.MockPatch(
'kuryr_kubernetes.clients.get_kubernetes_client'))
f_k8s.mock.return_value = self.k8s
def test_get_namespace_not_found(self):
namespace_name = mock.sentinel.namespace_name
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.side_effect = exceptions.K8sResourceNotFound(
mock.sentinel.resource)
resp = utils.get_namespace(namespace_name)
self.assertIsNone(resp)
kubernetes.get.assert_called_once_with('{}/namespaces/{}'.format(
constants.K8S_API_BASE, namespace_name))
def test__get_namespace_subnet_id_get_namespace_exception(self):
cls = subnet_drv.NamespacePodSubnetDriver
m_driver = mock.MagicMock(spec=cls)
namespace = mock.sentinel.namespace
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.side_effect = k_exc.K8sClientException
self.assertRaises(k_exc.ResourceNotReady,
cls._get_namespace_subnet_id, m_driver, namespace)
kubernetes.get.assert_called_once()
def test__has_kuryr_crd_error(self):
crds = [
k_const.K8S_API_CRD_KURYRNETS, k_const.K8S_API_CRD_KURYRNETPOLICIES
]
for crd_url in crds:
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.side_effect = k_exc.K8sClientException
resp = utils.has_kuryr_crd(crd_url)
self.assertEqual(resp, False)
kubernetes.get.assert_called_once()
def test__get_namespace_subnet_id_get_crd_exception(self):
cls = subnet_drv.NamespacePodSubnetDriver
m_driver = mock.MagicMock(spec=cls)
namespace = mock.sentinel.namespace
ns = get_namespace_obj()
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.side_effect = [ns, k_exc.K8sClientException]
self.assertRaises(k_exc.K8sClientException,
cls._get_namespace_subnet_id, m_driver, namespace)
kubernetes.get.assert_called()
def setUp(self):
super(TestDaemonServer, self).setUp()
healthy = mock.Mock()
self.k8s_mock = self.useFixture(kuryr_fixtures.MockK8sClient())
self.plugin = k8s_cni_registry.K8sCNIRegistryPlugin({}, healthy)
self.health_registry = mock.Mock()
self.srv = service.DaemonServer(self.plugin, self.health_registry)
self.srv.application.testing = True
self.test_client = self.srv.application.test_client()
params = {'config_kuryr': {}, 'CNI_ARGS': 'foo=bar',
'CNI_CONTAINERID': 'baz', 'CNI_COMMAND': 'ADD'}
self.params_str = jsonutils.dumps(params)
def test__get_namespace_subnet_id(self):
cls = subnet_drv.NamespacePodSubnetDriver
m_driver = mock.MagicMock(spec=cls)
namespace = mock.sentinel.namespace
subnet_id = mock.sentinel.subnet_id
crd = {'status': {'subnetId': subnet_id}}
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.return_value = crd
subnet_id_resp = cls._get_namespace_subnet_id(m_driver, namespace)
kubernetes.get.assert_called()
self.assertEqual(subnet_id, subnet_id_resp)
def test__get_namespace_subnets(self):
cls = subnet_drv.NamespacePodSubnetDriver
m_driver = mock.MagicMock(spec=cls)
namespace = mock.sentinel.namespace
subnet_id = mock.sentinel.subnet_id
ns = get_namespace_obj()
crd = {'spec': {'subnetId': subnet_id}}
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.side_effect = [ns, crd]
subnet_id_resp = cls._get_namespace_subnet(m_driver, namespace)
kubernetes.get.assert_called()
self.assertEqual(subnet_id, subnet_id_resp)
def test__get_namespace_subnets_missing_annotation(self):
cls = subnet_drv.NamespacePodSubnetDriver
m_driver = mock.MagicMock(spec=cls)
namespace = mock.sentinel.namespace
subnet_id = mock.sentinel.subnet_id
ns = get_namespace_obj()
del ns['metadata']['annotations'][constants.K8S_ANNOTATION_NET_CRD]
crd = {'spec': {'subnetId': subnet_id}}
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.side_effect = [ns, crd]
self.assertRaises(k_exc.ResourceNotReady, cls._get_namespace_subnet,
m_driver, namespace)
kubernetes.get.assert_called_once()
def test_on_finalize_no_network(self, m_get_svc):
crd_selector = mock.sentinel.crd_selector
self._delete_ns_sg_rules.return_value = [crd_selector]
m_get_svc.return_value = []
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kuryrnetwork.KuryrNetworkHandler.on_finalize(self._handler,
self._kuryrnet_crd)
self._delete_network_pools.assert_not_called()
self._delete_namespace_subnet.assert_not_called()
self._delete_ns_sg_rules.assert_called_once()
m_get_svc.assert_called_once()
self._handler._update_services.assert_called_once()
kubernetes.remove_finalizer.assert_called_once()
def setUp(self):
super(TestKuryrNetworkHandler, self).setUp()
self._project_id = mock.sentinel.project_id
self._subnets = mock.sentinel.subnets
self._kuryrnet_crd = {
'metadata': {
'name': 'ns-test-namespace',
},
'spec': {
'nsName': 'test-namespace',
'projectId': 'test-project',
'nsLabels': {},
},
'status': {
}
}
self._handler = mock.MagicMock(
spec=kuryrnetwork.KuryrNetworkHandler)
self._handler._drv_project = mock.Mock(spec=drivers.PodProjectDriver)
# NOTE(ltomasbo): The KuryrNet handler is associated to the usage of
# namespace subnet driver,
self._handler._drv_subnets = mock.Mock(
spec=subnet_drv.NamespacePodSubnetDriver)
self._handler._drv_sg = mock.Mock(spec=drivers.PodSecurityGroupsDriver)
self._handler._drv_vif_pool = mock.MagicMock(
spec=vif_pool.MultiVIFPool)
self._handler.k8s = self.useFixture(k_fix.MockK8sClient()).client
self._get_project = self._handler._drv_project.get_project
self._set_vif_driver = self._handler._drv_vif_pool.set_vif_driver
self._create_network = self._handler._drv_subnets.create_network
self._create_subnet = self._handler._drv_subnets.create_subnet
self._delete_namespace_subnet = (
self._handler._drv_subnets.delete_namespace_subnet)
self._add_subnet_to_router = (
self._handler._drv_subnets.add_subnet_to_router)
self._delete_ns_sg_rules = (
self._handler._drv_sg.delete_namespace_sg_rules)
self._update_ns_sg_rules = (
self._handler._drv_sg.update_namespace_sg_rules)
self._delete_network_pools = (
self._handler._drv_vif_pool.delete_network_pools)
self._get_project.return_value = self._project_id
def test_delete_namespace_subnet_k8s_get_exception(self):
cls = subnet_drv.NamespacePodSubnetDriver
m_driver = mock.MagicMock(spec=cls)
net_crd_name = 'test'
neutron = self.useFixture(k_fix.MockNeutronClient()).client
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.side_effect = k_exc.K8sClientException
self.assertRaises(k_exc.K8sClientException,
cls.delete_namespace_subnet, m_driver, net_crd_name)
kubernetes.get.assert_called_once()
m_driver._del_kuryrnet_crd.assert_not_called()
neutron.remove_interface_router.assert_not_called()
neutron.delete_network.assert_not_called()
def test__has_kuryrnetpolicy_crd(self):
kuryrnetpolicies_crd = {
"apiVersion": "openstack.org/v1",
"items": [],
"kind": "KuryrNetPolicyList",
"metadata": {
"continue": "",
"resourceVersion": "34186",
}
}
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.return_value = kuryrnetpolicies_crd
kuryrnetpolicies_url = k_const.K8S_API_CRD_KURYRNETPOLICIES
resp = utils.has_kuryr_crd(kuryrnetpolicies_url)
self.assertEqual(resp, True)
def test_on_finalize(self, m_get_svc):
net_id = mock.sentinel.net_id
kns_crd = self._kuryrnet_crd.copy()
kns_crd['status'] = {'netId': net_id}
crd_selector = mock.sentinel.crd_selector
self._delete_ns_sg_rules.return_value = [crd_selector]
m_get_svc.return_value = []
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kuryrnetwork.KuryrNetworkHandler.on_finalize(self._handler, kns_crd)
self._delete_network_pools.assert_called_once_with(net_id)
self._delete_namespace_subnet.assert_called_once_with(kns_crd)
self._delete_ns_sg_rules.assert_called_once()
m_get_svc.assert_called_once()
self._handler._update_services.assert_called_once()
kubernetes.remove_finalizer.assert_called_once()
def test__has_kuryrnet_crd(self):
kuryrnet_crd = {
"apiVersion": "openstack.org/v1",
"items": [],
"kind": "KuryrNetList",
"metadata": {
"continue": "",
"resourceVersion": "33018",
"selfLink": "/apis/openstack.org/v1/kuryrnets"
}
}
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.return_value = kuryrnet_crd
kuryrnets_url = k_const.K8S_API_CRD_KURYRNETS
resp = utils.has_kuryr_crd(kuryrnets_url)
self.assertEqual(resp, True)
def test_delete_namespace_subnet(self):
cls = subnet_drv.NamespacePodSubnetDriver
m_driver = mock.MagicMock(spec=cls)
net_crd_name = 'test'
net_id = mock.sentinel.net_id
subnet_id = mock.sentinel.subnet_id
crd = {'spec': {'subnetId': subnet_id, 'netId': net_id}}
neutron = self.useFixture(k_fix.MockNeutronClient()).client
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.return_value = crd
cls.delete_namespace_subnet(m_driver, net_crd_name)
kubernetes.get.assert_called_once()
m_driver._del_kuryrnet_crd.assert_called_once_with(net_crd_name)
neutron.remove_interface_router.assert_called_once()
neutron.delete_network.assert_called_once_with(net_id)
def test_delete_namespace_subnet_neutron_exception(self):
cls = subnet_drv.NamespacePodSubnetDriver
m_driver = mock.MagicMock(spec=cls)
net_crd_name = 'test'
net_id = mock.sentinel.net_id
subnet_id = mock.sentinel.subnet_id
crd = {'spec': {'subnetId': subnet_id, 'netId': net_id}}
neutron = self.useFixture(k_fix.MockNeutronClient()).client
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
kubernetes.get.return_value = crd
neutron.delete_network.side_effect = n_exc.NetworkInUseClient
self.assertRaises(k_exc.ResourceNotReady, cls.delete_namespace_subnet,
m_driver, net_crd_name)
kubernetes.get.assert_called_once()
neutron.remove_interface_router.assert_called_once()
neutron.delete_network.assert_called_once_with(net_id)
m_driver._del_kuryrnet_crd.assert_not_called()
def setUp(self):
super(TestK8sCNIRegistryPlugin, self).setUp()
self.k8s_mock = self.useFixture(kuryr_fixtures.MockK8sClient()).client
self.default_iface = 'baz'
self.additional_iface = 'eth1'
self.kp = {
'apiVersion': 'openstack.org/v1',
'kind': 'KuryrPort',
'metadata': {
'name': 'foo',
'uid': 'bar',
'namespace': 'default'
},
'spec': {
'podUid': 'bar',
'podStatic': False
}
}
self.vifs = fake._fake_vifs()
registry = {
'default/foo': {
'kp': self.kp,
'vifs': self.vifs,
'containerid': None,
'vif_unplugged': False,
'del_received': False
}
}
healthy = mock.Mock()
self.plugin = k8s_cni_registry.K8sCNIRegistryPlugin(registry, healthy)
self.params = mock.Mock(args=utils.CNIArgs(
'K8S_POD_NAME=foo;K8S_POD_NAMESPACE=default;'
'K8S_POD_UID=bar'),
CNI_IFNAME=self.default_iface,
CNI_NETNS=123,
CNI_CONTAINERID='cont_id')
def test_on_finalize_no_sg_enforce(self, m_get_svc):
net_id = mock.sentinel.net_id
kns_crd = self._kuryrnet_crd.copy()
kns_crd['status'] = {'netId': net_id}
crd_selector = mock.sentinel.crd_selector
self._delete_ns_sg_rules.return_value = [crd_selector]
m_get_svc.return_value = []
kubernetes = self.useFixture(k_fix.MockK8sClient()).client
oslo_cfg.CONF.set_override('enforce_sg_rules',
False,
group='octavia_defaults')
self.addCleanup(oslo_cfg.CONF.clear_override,
'enforce_sg_rules',
group='octavia_defaults')
kuryrnetwork.KuryrNetworkHandler.on_finalize(self._handler, kns_crd)
self._delete_network_pools.assert_called_once_with(net_id)
self._delete_namespace_subnet.assert_called_once_with(kns_crd)
self._delete_ns_sg_rules.assert_called_once()
m_get_svc.assert_not_called()
self._handler._update_services.assert_not_called()
kubernetes.remove_finalizer.assert_called_once()
def setUp(self):
super(TestWatcher, self).setUp()
mock_client = self.useFixture(kuryr_fixtures.MockK8sClient())
self.client = mock_client.client
def setUp(self):
super(TestNetworkPolicySecurityGroupsDriver, self).setUp()
self._project_id = mock.sentinel.project_id
self._sg_id = mock.sentinel.sg_id
self._sg_id2 = mock.sentinel._sg_id2
self._namespace = 'default'
self._crd = {
'metadata': {
'name': mock.sentinel.name,
'selfLink': mock.sentinel.selfLink
},
'spec': {
'egressSgRules': [{
'security_group_rule': {
'description': 'Kuryr-Kubernetes NetPolicy SG rule',
'direction': 'egress',
'ethertype': 'IPv4',
'port_range_max': 5978,
'port_range_min': 5978,
'protocol': 'tcp',
'security_group_id': self._sg_id,
'id': mock.sentinel.id
}
}],
'ingressSgRules': [{
'security_group_rule': {
'description': 'Kuryr-Kubernetes NetPolicy SG rule',
'direction': 'ingress',
'ethertype': 'IPv4',
'port_range_max': 6379,
'port_range_min': 6379,
'protocol': 'tcp',
'security_group_id': self._sg_id,
'id': mock.sentinel.id
}
}],
'podSelector': {
'matchExpressions': [{
'key': 'environment',
'operator': 'In',
'values': ['production']
}],
'matchLabels': {
'run': 'demo'
}
},
'securityGroupId':
self._sg_id,
'securityGroupName':
mock.sentinel.sg_name
}
}
self._crd2 = {
'metadata': {
'name': mock.sentinel.name3,
'selfLink': mock.sentinel.selfLink
},
'spec': {
'ingressSgRules': [{
'security_group_rule': {
'description': 'Kuryr-Kubernetes NetPolicy SG rule',
'direction': 'ingress',
'ethertype': 'IPv4',
'port_range_max': 8080,
'port_range_min': 8080,
'protocol': 'tcp',
'security_group_id': self._sg_id2,
'id': mock.sentinel.id
}
}],
'podSelector': {},
'securityGroupId':
self._sg_id2,
'securityGroupName':
mock.sentinel.sg_name
}
}
self._crds = {
"apiVersion": "v1",
"items": [self._crd],
"kind": "List",
"metadata": {
"resourceVersion": "",
"selfLink": mock.sentinel.selfLink
}
}
self._multiple_crds = {
"apiVersion": "v1",
"items": [self._crd, self._crd2],
"kind": "List",
"metadata": {
"resourceVersion": "",
"selfLink": mock.sentinel.selfLink
}
}
self._pod = {
'apiVersion': 'v1',
'kind': 'Pod',
'metadata': {
'name': mock.sentinel.pod_name,
'namespace': self._namespace,
'labels': {
'run': 'demo',
'environment': 'production'
}
},
'spec': {
'containers': [{
'image': 'kuryr/demo',
'imagePullPolicy': 'Always',
'name': mock.sentinel.pod_name
}]
}
}
self._pod2 = {
'apiVersion': 'v1',
'kind': 'Pod',
'metadata': {
'name': mock.sentinel.pod_name,
'namespace': self._namespace,
'labels': {
'run': 'demo',
'environment': 'development'
},
'annotations': {
'openstack.org/kuryr-pod-label':
'{'
'"run": "demo","environment": "development"}'
}
},
'spec': {
'containers': [{
'image': 'kuryr/demo',
'imagePullPolicy': 'Always',
'name': mock.sentinel.pod_name
}]
}
}
self._pod_without_label = {
'apiVersion': 'v1',
'kind': 'Pod',
'metadata': {
'name': mock.sentinel.pod_name,
'namespace': self._namespace
},
'spec': {
'containers': [{
'image': 'kuryr/demo',
'imagePullPolicy': 'Always',
'name': mock.sentinel.pod_name
}]
}
}
self.kubernetes = self.useFixture(k_fix.MockK8sClient()).client
self._driver = (
network_policy_security_groups.NetworkPolicySecurityGroupsDriver())
self._pod_ip = mock.sentinel.pod_ip
self._pod_dev_namespace = {
'apiVersion': 'v1',
'kind': 'Pod',
'metadata': {
'name': mock.sentinel.pod_name,
'namespace': 'dev',
'labels': {
'tier': 'backend'
},
'annotations': {
'openstack.org/kuryr-pod-label': '{"tier": "backend"}'
}
},
'spec': {
'containers': [{
'image': 'kuryr/demo',
'imagePullPolicy': 'Always',
'name': mock.sentinel.pod_name
}]
},
'status': {
'podIP': self._pod_ip
}
}
self._crd_sg_id = mock.sentinel.crd_sg_id
self._sg_rule_body = {
u'security_group_rule': {
u'direction': 'ingress',
u'protocol': u'tcp',
u'description': 'Kuryr-Kubernetes NetPolicy SG rule',
u'ethertype': 'IPv4',
u'port_range_max': 6379,
u'security_group_id': self._crd_sg_id,
u'port_range_min': 6379,
u'remote_ip_prefix': self._pod_ip
}
}
self._new_rule_id = mock.sentinel.id
self._crd_with_rule = {
"apiVersion": "openstack.org/v1",
"kind": "KuryrNetPolicy",
"metadata": {
"name": "np-test-network-policy",
"namespace": "default"
},
"spec": {
"egressSgRules": [],
"ingressSgRules": [{
"security_group_rule": {
"description": "Kuryr-Kubernetes NetPolicy SG rule",
"direction": "ingress",
"ethertype": "IPv4",
"id": self._new_rule_id,
"port_range_max": 6379,
"port_range_min": 6379,
"protocol": "tcp",
"remote_ip_prefix": self._pod_ip,
"security_group_id": self._crd_sg_id
}
}],
"networkpolicy_spec": {
"ingress": [{
"from": [{
"namespaceSelector": {
"matchLabels": {
"name": "dev"
}
},
"podSelector": {
"matchLabels": {
"tier": "backend"
}
}
}],
"ports": [{
"port": 6379,
"protocol": "TCP"
}]
}],
"podSelector": {
"matchLabels": {
"app": "demo"
}
},
"policyTypes": ["Ingress"]
},
"podSelector": {
"matchLabels": {
"app": "demo"
}
},
"securityGroupId":
self._crd_sg_id
}
}
def setUp(self):
super(TestNetworkPolicyDriver, self).setUp()
self._project_id = mock.sentinel.project_id
self._policy_name = 'np-test'
self._policy_uid = mock.sentinel.policy_uid
self._policy_link = mock.sentinel.policy_link
self._sg_id = mock.sentinel.sg_id
self._i_rules = [{'sgRule': {'id': ''}}]
self._e_rules = [{'sgRule': {'id': ''}}]
self._policy = {
'apiVersion': 'networking.k8s.io/v1',
'kind': 'NetworkPolicy',
'metadata': {
'name': self._policy_name,
'resourceVersion': '2259309',
'generation': 1,
'creationTimestamp': '2018-09-18T14:09:51Z',
'namespace': 'default',
'annotations': {},
'uid': self._policy_uid
},
'spec': {
'egress': [{
'ports': [{
'port': 5978,
'protocol': 'TCP'
}],
'to': [{
'namespaceSelector': {
'matchLabels': {
'project': 'myproject'
}
}
}]
}],
'ingress': [{
'ports': [{
'port': 6379,
'protocol': 'TCP'
}],
'from': [{
'namespaceSelector': {
'matchLabels': {
'project': 'myproject'
}
}
}]
}],
'policyTypes': ['Ingress', 'Egress'],
'podSelector': {},
}
}
self.crd = {
'metadata': {
'name': 'foobar',
'namespace': 'default'
},
'spec': {
'egressSgRules': [{
'sgRule': {
'description': 'Kuryr-Kubernetes NetPolicy SG rule',
'direction': 'egress',
'ethertype': 'IPv4',
'port_range_max': 5978,
'port_range_min': 5978,
'protocol': 'tcp',
}
}],
'ingressSgRules': [{
'sgRule': {
'description': 'Kuryr-Kubernetes NetPolicy SG rule',
'direction': 'ingress',
'ethertype': 'IPv4',
'port_range_max': 6379,
'port_range_min': 6379,
'protocol': 'tcp',
}
}],
'podSelector': {},
'policyTypes':
self._policy['spec']['policyTypes']
},
'status': {
'securityGroupId': self._sg_id,
'securityGroupRules': [],
'podSelector': {},
}
}
self.old_crd = {
'metadata': {
'name': 'np-foobar',
'namespace': 'default'
},
'spec': {
'egressSgRules': [{
'security_group_rule': {
'description': 'Kuryr-Kubernetes NetPolicy SG rule',
'direction': 'egress',
'ethertype': 'IPv4',
'port_range_max': 5978,
'port_range_min': 5978,
'protocol': 'tcp',
'security_group_id': self._sg_id,
'id': mock.sentinel.id
}
}],
'ingressSgRules': [{
'security_group_rule': {
'description': 'Kuryr-Kubernetes NetPolicy SG rule',
'direction': 'ingress',
'ethertype': 'IPv4',
'port_range_max': 6379,
'port_range_min': 6379,
'protocol': 'tcp',
'security_group_id': self._sg_id,
'id': mock.sentinel.id
}
}],
'podSelector': {},
'networkpolicy_spec':
self._policy['spec'],
'securityGroupId':
self._sg_id,
'securityGroupName':
mock.sentinel.sg_name
}
}
self.neutron = self.useFixture(k_fix.MockNetworkClient()).client
self.kubernetes = self.useFixture(k_fix.MockK8sClient()).client
self._driver = network_policy.NetworkPolicyDriver()
