def test_purge_dict(self): d1 = {'a': 1, 'b': 2, 'c': 3} res = tools.purge_dict(d1, ()) self.assertEqual({'a': 1, 'b': 2, 'c': 3}, res) res = tools.purge_dict(d1, ('b', 'c')) self.assertEqual({'a': 1}, res) self.assertEqual({'a': 1, 'b': 2, 'c': 3}, d1)
def check_response(response): self.assertIn('vpc', response) vpc = resp['vpc'] self.assertThat(fakes.EC2_VPC_1, matchers.DictMatches(vpc)) self.neutron.create_router.assert_called_with({'router': {}}) self.neutron.update_router.assert_called_once_with( fakes.ID_OS_ROUTER_1, {'router': {'name': fakes.EC2_VPC_1['vpcId']}}) self.db_api.add_item.assert_any_call( mock.ANY, 'vpc', tools.purge_dict(fakes.DB_VPC_1, ('id', 'vpc_id', 'route_table_id')), project_id=None) self.db_api.add_item.assert_any_call( mock.ANY, 'rtb', tools.purge_dict(fakes.DB_ROUTE_TABLE_1, ('id',)), project_id=None) self.db_api.update_item.assert_called_once_with( mock.ANY, fakes.DB_VPC_1) self.neutron.reset_mock() self.db_api.reset_mock() self.db_api.update_item.reset_mock()
def check_response(resp): self.assertThat(fakes.EC2_SUBNET_1, matchers.DictMatches(resp['subnet'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'subnet', tools.purge_dict(subnet_1, ('id', ))) self.neutron.create_network.assert_called_once_with( {'network': { 'name': 'subnet-0' }}) self.neutron.update_network.assert_called_once_with( fakes.ID_OS_NETWORK_1, {'network': { 'name': fakes.ID_EC2_SUBNET_1 }}) self.neutron.create_subnet.assert_called_once_with({ 'subnet': tools.purge_dict(fakes.OS_SUBNET_1, ('id', 'name', 'gateway_ip')) }) self.neutron.update_subnet.assert_called_once_with( fakes.ID_OS_SUBNET_1, { 'subnet': { 'name': fakes.ID_EC2_SUBNET_1, 'gateway_ip': None } }) self.neutron.add_interface_router.assert_called_once_with( fakes.ID_OS_ROUTER_1, {'subnet_id': fakes.ID_OS_SUBNET_1}) self.vpn_gateway_api._start_vpn_in_subnet.assert_called_once_with( mock.ANY, self.neutron, mock.ANY, subnet_1, fakes.DB_VPC_1, fakes.DB_ROUTE_TABLE_1) self.assertIsInstance( self.vpn_gateway_api._start_vpn_in_subnet.call_args[0][2], common.OnCrashCleaner)
def test_dissassociate_address_vpc(self): self.set_mock_db_items(fakes.DB_ADDRESS_2) self.neutron.show_floatingip.return_value = ( {'floatingip': fakes.OS_FLOATING_IP_2}) resp = self.execute('DisassociateAddress', {'AssociationId': fakes.ID_EC2_ASSOCIATION_2}) self.assertEqual(True, resp['return']) self.neutron.update_floatingip.assert_called_once_with( fakes.ID_OS_FLOATING_IP_2, {'floatingip': {'port_id': None}}) self.db_api.update_item.assert_called_once_with( mock.ANY, tools.purge_dict(fakes.DB_ADDRESS_2, ['network_interface_id', 'private_ip_address'])) self.neutron.update_floatingip.reset_mock() self.db_api.update_item.reset_mock() self.configure(disable_ec2_classic=True) resp = self.execute('DisassociateAddress', {'PublicIp': fakes.IP_ADDRESS_2}) self.assertEqual(True, resp['return']) self.neutron.update_floatingip.assert_called_once_with( fakes.ID_OS_FLOATING_IP_2, {'floatingip': {'port_id': None}}) self.db_api.update_item.assert_called_once_with( mock.ANY, tools.purge_dict(fakes.DB_ADDRESS_2, ['network_interface_id', 'private_ip_address']))
def check_response(resp): self.assertThat(fakes.EC2_SUBNET_1, matchers.DictMatches( resp['subnet'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'subnet', tools.purge_dict(subnet_1, ('id',))) self.neutron.create_network.assert_called_once_with( {'network': {}}) self.neutron.update_network.assert_called_once_with( fakes.ID_OS_NETWORK_1, {'network': {'name': fakes.ID_EC2_SUBNET_1}}) self.neutron.create_subnet.assert_called_once_with( {'subnet': tools.purge_dict(fakes.OS_SUBNET_1, ('id', 'name', 'gateway_ip'))}) self.neutron.update_subnet.assert_called_once_with( fakes.ID_OS_SUBNET_1, {'subnet': {'name': fakes.ID_EC2_SUBNET_1, 'gateway_ip': None}}) self.neutron.add_interface_router.assert_called_once_with( fakes.ID_OS_ROUTER_1, {'subnet_id': fakes.ID_OS_SUBNET_1}) self.vpn_gateway_api._start_vpn_in_subnet.assert_called_once_with( mock.ANY, self.neutron, mock.ANY, subnet_1, fakes.DB_VPC_1, fakes.DB_ROUTE_TABLE_1) self.assertIsInstance( self.vpn_gateway_api._start_vpn_in_subnet.call_args[0][2], common.OnCrashCleaner)
def check_response(resp): self.assertThat(fakes.EC2_SUBNET_1, matchers.DictMatches(resp['subnet'])) self.db_api.add_item.assert_called_once_with(mock.ANY, 'subnet', tools.purge_dict( fakes.DB_SUBNET_1, ('id', )), project_id=None) self.neutron.create_network.assert_called_once_with( {'network': {}}) self.neutron.update_network.assert_called_once_with( fakes.ID_OS_NETWORK_1, {'network': { 'name': fakes.ID_EC2_SUBNET_1 }}) self.neutron.create_subnet.assert_called_once_with({ 'subnet': tools.purge_dict(fakes.OS_SUBNET_1, ('id', 'name')) }) self.neutron.update_subnet.assert_called_once_with( fakes.ID_OS_SUBNET_1, {'subnet': { 'name': fakes.ID_EC2_SUBNET_1 }}) self.neutron.add_interface_router.assert_called_once_with( fakes.ID_OS_ROUTER_1, {'subnet_id': fakes.ID_OS_SUBNET_1})
def test_allocate_vpc_address(self): address.address_engine = (address.AddressEngineNeutron()) self.configure(external_network=fakes.NAME_OS_PUBLIC_NETWORK) self.neutron.list_networks.return_value = ({ 'networks': [{ 'id': fakes.ID_OS_PUBLIC_NETWORK }] }) self.neutron.create_floatingip.return_value = ({ 'floatingip': fakes.OS_FLOATING_IP_1 }) self.db_api.add_item.return_value = fakes.DB_ADDRESS_1 resp = self.execute('AllocateAddress', {'Domain': 'vpc'}) self.assertEqual(fakes.IP_ADDRESS_1, resp['publicIp']) self.assertEqual('vpc', resp['domain']) self.assertEqual(fakes.ID_EC2_ADDRESS_1, resp['allocationId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eipalloc', tools.purge_dict(fakes.DB_ADDRESS_1, ('id', 'vpc_id'))) self.neutron.create_floatingip.assert_called_once_with({ 'floatingip': { 'floating_network_id': fakes.ID_OS_PUBLIC_NETWORK } }) self.neutron.list_networks.assert_called_once_with( **{ 'router:external': True, 'name': fakes.NAME_OS_PUBLIC_NETWORK }) self.db_api.reset_mock() self.neutron.create_floatingip.reset_mock() self.neutron.list_networks.reset_mock() self.configure(disable_ec2_classic=True) resp = self.execute('AllocateAddress', {}) self.assertEqual(fakes.IP_ADDRESS_1, resp['publicIp']) self.assertEqual('vpc', resp['domain']) self.assertEqual(fakes.ID_EC2_ADDRESS_1, resp['allocationId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eipalloc', tools.purge_dict(fakes.DB_ADDRESS_1, ('id', 'vpc_id'))) self.neutron.create_floatingip.assert_called_once_with({ 'floatingip': { 'floating_network_id': fakes.ID_OS_PUBLIC_NETWORK } }) self.neutron.list_networks.assert_called_once_with( **{ 'router:external': True, 'name': fakes.NAME_OS_PUBLIC_NETWORK })
def test_create_vpn_connection(self, random_choice, reset_vpn_connections, describe_vpn_connections): self.set_mock_db_items( fakes.DB_VPN_GATEWAY_1, fakes.DB_VPN_GATEWAY_2, fakes.DB_CUSTOMER_GATEWAY_1, fakes.DB_CUSTOMER_GATEWAY_2, fakes.DB_VPC_1) self.neutron.create_ikepolicy.side_effect = ( tools.get_neutron_create('ikepolicy', fakes.ID_OS_IKEPOLICY_1)) self.neutron.create_ipsecpolicy.side_effect = ( tools.get_neutron_create('ipsecpolicy', fakes.ID_OS_IPSECPOLICY_1)) self.db_api.add_item.side_effect = ( tools.get_db_api_add_item(fakes.ID_EC2_VPN_CONNECTION_1)) random_choice.side_effect = iter(fakes.PRE_SHARED_KEY_1) describe_vpn_connections.return_value = { 'vpnConnectionSet': [fakes.EC2_VPN_CONNECTION_1]} resp = self.execute( 'CreateVpnConnection', {'VpnGatewayId': fakes.ID_EC2_VPN_GATEWAY_1, 'CustomerGatewayId': fakes.ID_EC2_CUSTOMER_GATEWAY_1, 'Type': 'ipsec.1', 'Options.StaticRoutesOnly': 'True'}) self.assertThat( resp, matchers.DictMatches( {'vpnConnection': fakes.EC2_VPN_CONNECTION_1})) self.neutron.create_ikepolicy.assert_called_once_with( {'ikepolicy': tools.purge_dict(fakes.OS_IKEPOLICY_1, ('id',))}) self.neutron.create_ipsecpolicy.assert_called_once_with( {'ipsecpolicy': tools.purge_dict(fakes.OS_IPSECPOLICY_1, ('id',))}) random_choice.assert_called_with(vpn_connection_api.SHARED_KEY_CHARS) new_vpn_connection_1 = tools.update_dict( fakes.DB_VPN_CONNECTION_1, {'cidrs': [], 'os_ipsec_site_connections': {}}) self.db_api.add_item.assert_called_once_with( mock.ANY, 'vpn', tools.purge_dict(new_vpn_connection_1, ('id', 'vpc_id', 'os_id'))) self.neutron.update_ikepolicy.assert_called_once_with( fakes.ID_OS_IKEPOLICY_1, {'ikepolicy': {'name': fakes.ID_EC2_VPN_CONNECTION_1}}) self.neutron.update_ipsecpolicy.assert_called_once_with( fakes.ID_OS_IPSECPOLICY_1, {'ipsecpolicy': {'name': fakes.ID_EC2_VPN_CONNECTION_1}}) reset_vpn_connections.assert_called_once_with( mock.ANY, self.neutron, mock.ANY, fakes.DB_VPN_GATEWAY_1, vpn_connections=[new_vpn_connection_1]) self.assertIsInstance(reset_vpn_connections.call_args[0][2], common.OnCrashCleaner) describe_vpn_connections.assert_called_once_with( mock.ANY, vpn_connection_id=[fakes.ID_EC2_VPN_CONNECTION_1])
def test_create_vpn_connection(self, random_choice, reset_vpn_connections, describe_vpn_connections): self.set_mock_db_items( fakes.DB_VPN_GATEWAY_1, fakes.DB_VPN_GATEWAY_2, fakes.DB_CUSTOMER_GATEWAY_1, fakes.DB_CUSTOMER_GATEWAY_2, fakes.DB_VPC_1, ) self.neutron.create_ikepolicy.side_effect = tools.get_neutron_create("ikepolicy", fakes.ID_OS_IKEPOLICY_1) self.neutron.create_ipsecpolicy.side_effect = tools.get_neutron_create("ipsecpolicy", fakes.ID_OS_IPSECPOLICY_1) self.db_api.add_item.side_effect = tools.get_db_api_add_item(fakes.ID_EC2_VPN_CONNECTION_1) random_choice.side_effect = iter(fakes.PRE_SHARED_KEY_1) describe_vpn_connections.return_value = {"vpnConnectionSet": [fakes.EC2_VPN_CONNECTION_1]} resp = self.execute( "CreateVpnConnection", { "VpnGatewayId": fakes.ID_EC2_VPN_GATEWAY_1, "CustomerGatewayId": fakes.ID_EC2_CUSTOMER_GATEWAY_1, "Type": "ipsec.1", "Options.StaticRoutesOnly": "True", }, ) self.assertThat(resp, matchers.DictMatches({"vpnConnection": fakes.EC2_VPN_CONNECTION_1})) self.neutron.create_ikepolicy.assert_called_once_with( {"ikepolicy": tools.purge_dict(fakes.OS_IKEPOLICY_1, ("id",))} ) self.neutron.create_ipsecpolicy.assert_called_once_with( {"ipsecpolicy": tools.purge_dict(fakes.OS_IPSECPOLICY_1, ("id",))} ) random_choice.assert_called_with(vpn_connection_api.SHARED_KEY_CHARS) new_vpn_connection_1 = tools.update_dict( fakes.DB_VPN_CONNECTION_1, {"cidrs": [], "os_ipsec_site_connections": {}} ) self.db_api.add_item.assert_called_once_with( mock.ANY, "vpn", tools.purge_dict(new_vpn_connection_1, ("id", "vpc_id", "os_id")) ) self.neutron.update_ikepolicy.assert_called_once_with( fakes.ID_OS_IKEPOLICY_1, {"ikepolicy": {"name": fakes.ID_EC2_VPN_CONNECTION_1}} ) self.neutron.update_ipsecpolicy.assert_called_once_with( fakes.ID_OS_IPSECPOLICY_1, {"ipsecpolicy": {"name": fakes.ID_EC2_VPN_CONNECTION_1}} ) reset_vpn_connections.assert_called_once_with( mock.ANY, self.neutron, mock.ANY, fakes.DB_VPN_GATEWAY_1, vpn_connections=[new_vpn_connection_1] ) self.assertIsInstance(reset_vpn_connections.call_args[0][2], common.OnCrashCleaner) describe_vpn_connections.assert_called_once_with(mock.ANY, vpn_connection_id=[fakes.ID_EC2_VPN_CONNECTION_1])
def test_create_subnet_vpnservice(self): self.neutron.create_vpnservice.side_effect = tools.get_neutron_create( 'vpnservice', fakes.ID_OS_VPNSERVICE_1) context = base.create_context() cleaner = common.OnCrashCleaner() vpn_gateway_api._create_subnet_vpnservice( context, self.neutron, cleaner, copy.deepcopy(self.DB_SUBNET_1_NO_VPN), fakes.DB_VPC_1) self.neutron.create_vpnservice.assert_called_once_with( {'vpnservice': tools.purge_dict(fakes.OS_VPNSERVICE_1, ('id',))}) self.db_api.update_item.assert_called_once_with( mock.ANY, fakes.DB_SUBNET_1) try: with common.OnCrashCleaner() as cleaner: vpn_gateway_api._create_subnet_vpnservice( context, self.neutron, cleaner, copy.deepcopy(self.DB_SUBNET_1_NO_VPN), fakes.DB_VPC_1) raise Exception('fake-exception') except Exception as ex: if str(ex) != 'fake-exception': raise self.db_api.update_item.assert_called_with( mock.ANY, self.DB_SUBNET_1_NO_VPN) self.neutron.delete_vpnservice.assert_called_once_with( fakes.ID_OS_VPNSERVICE_1)
def test_create_security_group(self): security_group.security_group_engine = ( security_group.SecurityGroupEngineNeutron()) self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1) self.neutron.list_security_groups.return_value = ( {'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]}) self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_2 self.nova.security_groups.create.return_value = ( fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_2)) resp = self.execute( 'CreateSecurityGroup', {'GroupName': 'groupname', 'GroupDescription': 'Group description'}) self.nova.security_groups.create.assert_called_once_with( 'groupname', 'Group description') self.nova.security_groups.reset_mock() resp = self.execute( 'CreateSecurityGroup', {'VpcId': fakes.ID_EC2_VPC_1, 'GroupName': 'groupname', 'GroupDescription': 'Group description'}) self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_2, resp['groupId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'sg', tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id',)), project_id=None) self.nova.security_groups.create.assert_called_once_with( 'groupname', 'Group description')
def _prepare_and_check(vpc=None, ec2_vpc=None, route_table=None): self.neutron.create_router.side_effect = (tools.get_neutron_create( 'router', vpc['os_id'])) self.db_api.add_item.side_effect = (tools.get_db_api_add_item( {'vpc': vpc['id']})) self.db_api.set_mock_items(vpc) create_route_table.return_value = route_table resp = vpc_api._create_vpc(self.context, vpc['cidr_block'], vpc['is_default']) # Check creation of vpc self.neutron.create_router.assert_called_with({'router': {}}) self.neutron.update_router.assert_called_once_with( vpc['os_id'], {'router': { 'name': ec2_vpc['vpcId'] }}) self.db_api.add_item.assert_called_once_with( mock.ANY, 'vpc', tools.purge_dict(vpc, ('id', 'vpc_id', 'route_table_id'))) self.db_api.update_item.assert_called_once_with(mock.ANY, vpc) create_route_table.assert_called_once_with(mock.ANY, vpc) create_default_security_group.assert_called_once_with( mock.ANY, vpc)
def test_delete_network_interface_with_public_ip(self): detached_network_interface_2 = fakes.gen_db_network_interface( fakes.ID_EC2_NETWORK_INTERFACE_2, fakes.ID_OS_PORT_2, fakes.ID_EC2_VPC_1, fakes.ID_EC2_SUBNET_2, fakes.IP_NETWORK_INTERFACE_2) self.set_mock_db_items(detached_network_interface_2, fakes.DB_ADDRESS_1, fakes.DB_ADDRESS_2) resp = self.execute( 'DeleteNetworkInterface', {'NetworkInterfaceId': fakes.ID_EC2_NETWORK_INTERFACE_2}) self.assertEqual(True, resp['return']) self.db_api.get_item_by_id.assert_any_call( mock.ANY, fakes.ID_EC2_NETWORK_INTERFACE_2) self.db_api.delete_item.assert_called_once_with( mock.ANY, fakes.ID_EC2_NETWORK_INTERFACE_2) self.neutron.delete_port.assert_called_once_with( fakes.ID_OS_PORT_2) self.db_api.update_item.assert_called_once_with( mock.ANY, tools.purge_dict(fakes.DB_ADDRESS_2, ['network_interface_id', 'private_ip_address']))
def test_authorize_security_group_ingress_ip_ranges(self): security_group.security_group_engine = ( security_group.SecurityGroupEngineNeutron()) self.set_mock_db_items(fakes.DB_SECURITY_GROUP_1, fakes.DB_SECURITY_GROUP_2) self.neutron.create_security_group_rule.return_value = ( {'security_group_rule': [fakes.OS_SECURITY_GROUP_RULE_1]}) self.execute( 'AuthorizeSecurityGroupIngress', {'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '192.168.1.0/24'}) self.neutron.create_security_group_rule.assert_called_once_with( {'security_group_rule': tools.purge_dict(fakes.OS_SECURITY_GROUP_RULE_1, {'id', 'remote_group_id', 'tenant_id'})}) # NOTE(Alex): Openstack extension, AWS-incompability # IPv6 is not supported by Amazon. self.execute( 'AuthorizeSecurityGroupIngress', {'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '::/0'}) self.neutron.create_security_group_rule.assert_called_with( {'security_group_rule': tools.patch_dict( fakes.OS_SECURITY_GROUP_RULE_1, {'remote_ip_prefix': '::/0'}, {'id', 'remote_group_id', 'tenant_id'})})
def check_response(resp, auto_ips=False): self.assertThat(fakes.EC2_NETWORK_INTERFACE_1, matchers.DictMatches(resp['networkInterface'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eni', tools.purge_dict(fakes.DB_NETWORK_INTERFACE_1, ('id',))) if auto_ips: self.neutron.create_port.assert_called_once_with( {'port': {'network_id': fakes.ID_OS_NETWORK_1, 'fixed_ips': [{'subnet_id': fakes.ID_OS_SUBNET_1}], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1]}}) else: self.neutron.create_port.assert_called_once_with( {'port': {'network_id': fakes.ID_OS_NETWORK_1, 'fixed_ips': [{'ip_address': fakes.IP_NETWORK_INTERFACE_1}], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1]}}) self.neutron.update_port.assert_called_once_with( fakes.ID_OS_PORT_1, {'port': {'name': fakes.ID_EC2_NETWORK_INTERFACE_1}}) self.neutron.reset_mock() self.db_api.reset_mock() self.neutron.list_security_groups.return_value = ( {'security_groups': [ copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]})
def test_allocate_vpc_address(self): address.address_engine = ( address.AddressEngineNeutron()) self.configure(external_network=fakes.NAME_OS_PUBLIC_NETWORK) self.neutron.list_networks.return_value = ( {'networks': [{'id': fakes.ID_OS_PUBLIC_NETWORK}]}) self.neutron.create_floatingip.return_value = ( {'floatingip': fakes.OS_FLOATING_IP_1}) self.db_api.add_item.return_value = fakes.DB_ADDRESS_1 resp = self.execute('AllocateAddress', {'Domain': 'vpc'}) self.assertEqual(fakes.IP_ADDRESS_1, resp['publicIp']) self.assertEqual('vpc', resp['domain']) self.assertEqual(fakes.ID_EC2_ADDRESS_1, resp['allocationId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eipalloc', tools.purge_dict(fakes.DB_ADDRESS_1, ('id', 'vpc_id'))) self.neutron.create_floatingip.assert_called_once_with( {'floatingip': { 'floating_network_id': fakes.ID_OS_PUBLIC_NETWORK}}) self.neutron.list_networks.assert_called_once_with( **{'router:external': True, 'name': fakes.NAME_OS_PUBLIC_NETWORK})
def test_create_security_group(self): security_group.security_group_engine = ( security_group.SecurityGroupEngineNeutron()) self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1) self.neutron.list_security_groups.return_value = ({ 'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)] }) self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_2 self.nova.security_groups.create.return_value = ( fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_2)) resp = self.execute('CreateSecurityGroup', { 'GroupName': 'groupname', 'GroupDescription': 'Group description' }) self.nova.security_groups.create.assert_called_once_with( 'groupname', 'Group description') self.nova.security_groups.reset_mock() resp = self.execute( 'CreateSecurityGroup', { 'VpcId': fakes.ID_EC2_VPC_1, 'GroupName': 'groupname', 'GroupDescription': 'Group description' }) self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_2, resp['groupId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'sg', tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id', )), project_id=None) self.nova.security_groups.create.assert_called_once_with( 'groupname', 'Group description')
def test_create_subnet(self): self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_ROUTE_TABLE_1) self.db_api.add_item.side_effect = (tools.get_db_api_add_item( fakes.ID_EC2_SUBNET_1)) self.neutron.create_network.side_effect = (tools.get_neutron_create( 'network', fakes.ID_OS_NETWORK_1, {'status': 'available'})) self.neutron.create_subnet.side_effect = (tools.get_neutron_create( 'subnet', fakes.ID_OS_SUBNET_1)) subnet_1 = tools.purge_dict(fakes.DB_SUBNET_1, ('os_vpnservice_id', )) def check_response(resp): self.assertThat(fakes.EC2_SUBNET_1, matchers.DictMatches(resp['subnet'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'subnet', tools.purge_dict(subnet_1, ('id', ))) self.neutron.create_network.assert_called_once_with( {'network': {}}) self.neutron.update_network.assert_called_once_with( fakes.ID_OS_NETWORK_1, {'network': { 'name': fakes.ID_EC2_SUBNET_1 }}) self.neutron.create_subnet.assert_called_once_with({ 'subnet': tools.purge_dict(fakes.OS_SUBNET_1, ('id', 'name', 'gateway_ip')) }) self.neutron.update_subnet.assert_called_once_with( fakes.ID_OS_SUBNET_1, { 'subnet': { 'name': fakes.ID_EC2_SUBNET_1, 'gateway_ip': None } }) self.neutron.add_interface_router.assert_called_once_with( fakes.ID_OS_ROUTER_1, {'subnet_id': fakes.ID_OS_SUBNET_1}) self.vpn_gateway_api._start_vpn_in_subnet.assert_called_once_with( mock.ANY, self.neutron, mock.ANY, subnet_1, fakes.DB_VPC_1, fakes.DB_ROUTE_TABLE_1) self.assertIsInstance( self.vpn_gateway_api._start_vpn_in_subnet.call_args[0][2], common.OnCrashCleaner) resp = self.execute('CreateSubnet', { 'VpcId': fakes.ID_EC2_VPC_1, 'CidrBlock': fakes.CIDR_SUBNET_1 }) check_response(resp) self.neutron.reset_mock() self.db_api.reset_mock() self.vpn_gateway_api.reset_mock() resp = self.execute( 'CreateSubnet', { 'VpcId': fakes.ID_EC2_VPC_1, 'CidrBlock': fakes.CIDR_SUBNET_1, 'AvailabilityZone': 'nova' }) check_response(resp)
def test_create_volume_from_snapshot(self): self.cinder.volumes.create.return_value = (fakes.OSVolume( fakes.OS_VOLUME_3)) self.db_api.add_item.side_effect = (tools.get_db_api_add_item( fakes.ID_EC2_VOLUME_3)) self.set_mock_db_items(fakes.DB_SNAPSHOT_1) resp = self.execute( 'CreateVolume', { 'AvailabilityZone': fakes.NAME_AVAILABILITY_ZONE, 'SnapshotId': fakes.ID_EC2_SNAPSHOT_1 }) self.assertThat(fakes.EC2_VOLUME_3, matchers.DictMatches(resp)) self.db_api.add_item.assert_called_once_with(mock.ANY, 'vol', tools.purge_dict( fakes.DB_VOLUME_3, ('id', )), project_id=None) self.cinder.volumes.create.assert_called_once_with( None, snapshot_id=fakes.ID_OS_SNAPSHOT_1, volume_type=None, availability_zone=fakes.NAME_AVAILABILITY_ZONE)
def setUp(self): super(VpnGatewayTestCase, self).setUp() self.DB_VPN_GATEWAY_2_ATTACHED = tools.update_dict( fakes.DB_VPN_GATEWAY_2, {'vpc_id': fakes.ID_EC2_VPC_2}) self.DB_VPN_GATEWAY_1_DETACHED = tools.update_dict( fakes.DB_VPN_GATEWAY_1, {'vpc_id': None}) self.DB_SUBNET_1_NO_VPN = tools.purge_dict( fakes.DB_SUBNET_1, ('os_vpnservice_id',))
def test_authorize_security_group_ingress_ip_ranges(self): self.set_mock_db_items(fakes.DB_SECURITY_GROUP_1, fakes.DB_SECURITY_GROUP_2) self.neutron.create_security_group_rule.return_value = ( {'security_group_rule': [fakes.OS_SECURITY_GROUP_RULE_1]}) self.execute( 'AuthorizeSecurityGroupIngress', {'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '192.168.1.0/24'}) self.neutron.create_security_group_rule.assert_called_once_with( {'security_group_rule': tools.purge_dict(fakes.OS_SECURITY_GROUP_RULE_1, {'id', 'remote_group_id', 'tenant_id'})}) # NOTE(Alex): Openstack extension, AWS-incompability # IPv6 is not supported by Amazon. self.execute( 'AuthorizeSecurityGroupIngress', {'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '::/0'}) self.neutron.create_security_group_rule.assert_called_with( {'security_group_rule': tools.patch_dict( fakes.OS_SECURITY_GROUP_RULE_1, {'remote_ip_prefix': '::/0'}, {'id', 'remote_group_id', 'tenant_id'})}) self.configure(disable_ec2_classic=True) self.add_mock_db_items(fakes.DB_VPC_DEFAULT, fakes.DB_SECURITY_GROUP_4, fakes.DB_SECURITY_GROUP_5, fakes.DB_SECURITY_GROUP_6) self.neutron.list_security_groups.return_value = ( {'security_groups': [fakes.OS_SECURITY_GROUP_4, fakes.OS_SECURITY_GROUP_5]}) self.execute( 'AuthorizeSecurityGroupIngress', {'GroupName': 'groupname2', 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '::/0'}) security_group_rule = { 'direction': 'ingress', 'ethertype': 'IPv4', 'port_range_min': 10, 'port_range_max': 10, 'protocol': 'tcp', 'remote_ip_prefix': '::/0', 'security_group_id': fakes.ID_OS_SECURITY_GROUP_5} self.neutron.create_security_group_rule.assert_called_with( {'security_group_rule': security_group_rule})
def test_replace_route_table_association_invalid_parameters(self): def do_check(params, error_code): self.assert_execution_error(error_code, 'ReplaceRouteTableAssociation', params) self.set_mock_db_items() do_check( { 'AssociationId': fakes.ID_EC2_ROUTE_TABLE_ASSOCIATION_1, 'RouteTableId': fakes.ID_EC2_ROUTE_TABLE_1 }, 'InvalidRouteTableID.NotFound') # NOTE(ft): association with vpc is obsolete self.set_mock_db_items(fakes.DB_ROUTE_TABLE_1) do_check( { 'AssociationId': fakes.ID_EC2_ROUTE_TABLE_ASSOCIATION_1, 'RouteTableId': fakes.ID_EC2_ROUTE_TABLE_1 }, 'InvalidAssociationID.NotFound') # NOTE(ft): association with subnet is obsolete (no subnet) self.set_mock_db_items(fakes.DB_ROUTE_TABLE_3) do_check( { 'AssociationId': fakes.ID_EC2_ROUTE_TABLE_ASSOCIATION_3, 'RouteTableId': fakes.ID_EC2_ROUTE_TABLE_3 }, 'InvalidAssociationID.NotFound') # NOTE(ft): association with subnet is obsolete (subnet is # disassociated) self.set_mock_db_items( fakes.DB_ROUTE_TABLE_3, tools.purge_dict(fakes.DB_SUBNET_2, ['route_table_id'])) do_check( { 'AssociationId': fakes.ID_EC2_ROUTE_TABLE_ASSOCIATION_3, 'RouteTableId': fakes.ID_EC2_ROUTE_TABLE_3 }, 'InvalidAssociationID.NotFound') # NOTE(ft): association belongs to different vpc id_ec2_subnet_vpc_2 = fakes.random_ec2_id('subnet') db_subnet_vpc_2 = { 'id': id_ec2_subnet_vpc_2, 'os_id': fakes.random_os_id(), 'vpc_id': fakes.ID_EC2_VPC_2, 'route_table_id': fakes.random_ec2_id('rtb') } self.set_mock_db_items(fakes.DB_ROUTE_TABLE_2, db_subnet_vpc_2) do_check( { 'AssociationId': ec2utils.change_ec2_id_kind(id_ec2_subnet_vpc_2, 'rtbassoc'), 'RouteTableId': fakes.ID_EC2_ROUTE_TABLE_2 }, 'InvalidParameterValue')
def check(ec2_fake, db_fake): self.db_api.add_item.return_value = db_fake resp = self.execute('CreateDhcpOptions', gen_ec2_param_dhcp_options(ec2_fake)) self.assertThat( ec2_fake, matchers.DictMatches(resp['dhcpOptions'], orderless_lists=True)) self.assert_any_call(self.db_api.add_item, mock.ANY, 'dopt', tools.purge_dict(db_fake, ('id', ))) self.db_api.reset_mock()
def check(ec2_fake, db_fake): self.db_api.add_item.return_value = db_fake resp = self.execute( 'CreateDhcpOptions', gen_ec2_param_dhcp_options(ec2_fake)) self.assertThat(ec2_fake, matchers.DictMatches( resp['dhcpOptions'], orderless_lists=True)) self.assert_any_call(self.db_api.add_item, mock.ANY, 'dopt', tools.purge_dict(db_fake, ('id',))) self.db_api.reset_mock()
def test_create_volume(self): self.cinder.volumes.create.return_value = fakes.OSVolume(fakes.OS_VOLUME_1) self.db_api.add_item.side_effect = tools.get_db_api_add_item(fakes.ID_EC2_VOLUME_1) resp = self.execute("CreateVolume", {"AvailabilityZone": fakes.NAME_AVAILABILITY_ZONE}) self.assertThat(fakes.EC2_VOLUME_1, matchers.DictMatches(resp)) self.db_api.add_item.assert_called_once_with(mock.ANY, "vol", tools.purge_dict(fakes.DB_VOLUME_1, ("id",))) self.cinder.volumes.create.assert_called_once_with( None, snapshot_id=None, volume_type=None, availability_zone=fakes.NAME_AVAILABILITY_ZONE )
def test_import_key_pair(self): self.nova.keypairs.create.return_value = ( fakes.NovaKeyPair(fakes.OS_KEY_PAIR)) resp = self.execute('ImportKeyPair', {'KeyName': fakes.NAME_KEY_PAIR, 'PublicKeyMaterial': base64.b64encode( fakes.PUBLIC_KEY_KEY_PAIR)}) self.assertThat( tools.purge_dict(fakes.EC2_KEY_PAIR, {'keyMaterial'}), matchers.DictMatches(resp)) self.nova.keypairs.create.assert_called_once_with( fakes.NAME_KEY_PAIR, fakes.PUBLIC_KEY_KEY_PAIR)
def check_response(resp): self.assertThat(fakes.EC2_SUBNET_1, matchers.DictMatches( resp['subnet'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'subnet', tools.purge_dict(fakes.DB_SUBNET_1, ('id',)), project_id=None) self.neutron.create_network.assert_called_once_with( {'network': {}}) self.neutron.update_network.assert_called_once_with( fakes.ID_OS_NETWORK_1, {'network': {'name': fakes.ID_EC2_SUBNET_1}}) self.neutron.create_subnet.assert_called_once_with( {'subnet': tools.purge_dict(fakes.OS_SUBNET_1, ('id', 'name'))}) self.neutron.update_subnet.assert_called_once_with( fakes.ID_OS_SUBNET_1, {'subnet': {'name': fakes.ID_EC2_SUBNET_1}}) self.neutron.add_interface_router.assert_called_once_with( fakes.ID_OS_ROUTER_1, {'subnet_id': fakes.ID_OS_SUBNET_1})
def test_import_key_pair(self): self.nova.keypairs.create.return_value = (fakes.NovaKeyPair( fakes.OS_KEY_PAIR)) resp = self.execute( 'ImportKeyPair', { 'KeyName': fakes.NAME_KEY_PAIR, 'PublicKeyMaterial': base64.b64encode( fakes.PUBLIC_KEY_KEY_PAIR) }) self.assertThat(tools.purge_dict(fakes.EC2_KEY_PAIR, {'keyMaterial'}), matchers.DictMatches(resp)) self.nova.keypairs.create.assert_called_once_with( fakes.NAME_KEY_PAIR, fakes.PUBLIC_KEY_KEY_PAIR)
def test_create_subnet(self): self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_ROUTE_TABLE_1) self.db_api.add_item.side_effect = ( tools.get_db_api_add_item(fakes.ID_EC2_SUBNET_1)) self.neutron.create_network.side_effect = ( tools.get_neutron_create('network', fakes.ID_OS_NETWORK_1, {'status': 'available'})) self.neutron.create_subnet.side_effect = ( tools.get_neutron_create('subnet', fakes.ID_OS_SUBNET_1)) subnet_1 = tools.purge_dict(fakes.DB_SUBNET_1, ('os_vpnservice_id',)) def check_response(resp): self.assertThat(fakes.EC2_SUBNET_1, matchers.DictMatches( resp['subnet'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'subnet', tools.purge_dict(subnet_1, ('id',))) self.neutron.create_network.assert_called_once_with( {'network': {}}) self.neutron.update_network.assert_called_once_with( fakes.ID_OS_NETWORK_1, {'network': {'name': fakes.ID_EC2_SUBNET_1}}) self.neutron.create_subnet.assert_called_once_with( {'subnet': tools.purge_dict(fakes.OS_SUBNET_1, ('id', 'name', 'gateway_ip'))}) self.neutron.update_subnet.assert_called_once_with( fakes.ID_OS_SUBNET_1, {'subnet': {'name': fakes.ID_EC2_SUBNET_1, 'gateway_ip': None}}) self.neutron.add_interface_router.assert_called_once_with( fakes.ID_OS_ROUTER_1, {'subnet_id': fakes.ID_OS_SUBNET_1}) self.vpn_gateway_api._start_vpn_in_subnet.assert_called_once_with( mock.ANY, self.neutron, mock.ANY, subnet_1, fakes.DB_VPC_1, fakes.DB_ROUTE_TABLE_1) self.assertIsInstance( self.vpn_gateway_api._start_vpn_in_subnet.call_args[0][2], common.OnCrashCleaner) resp = self.execute('CreateSubnet', {'VpcId': fakes.ID_EC2_VPC_1, 'CidrBlock': fakes.CIDR_SUBNET_1}) check_response(resp) self.neutron.reset_mock() self.db_api.reset_mock() self.vpn_gateway_api.reset_mock() resp = self.execute('CreateSubnet', {'VpcId': fakes.ID_EC2_VPC_1, 'CidrBlock': fakes.CIDR_SUBNET_1, 'AvailabilityZone': 'nova'}) check_response(resp)
def check_response(response): self.assertIn('vpc', response) vpc = resp['vpc'] self.assertThat(fakes.EC2_VPC_1, matchers.DictMatches(vpc)) self.neutron.create_router.assert_called_with({'router': {}}) self.neutron.update_router.assert_called_once_with( fakes.ID_OS_ROUTER_1, {'router': {'name': fakes.EC2_VPC_1['vpcId']}}) self.db_api.add_item.assert_any_call( mock.ANY, 'vpc', tools.purge_dict(fakes.DB_VPC_1, ('id', 'vpc_id', 'route_table_id'))) self.db_api.add_item.assert_any_call( mock.ANY, 'rtb', tools.purge_dict(fakes.DB_ROUTE_TABLE_1, ('id',))) self.db_api.update_item.assert_called_once_with( mock.ANY, fakes.DB_VPC_1) self.neutron.reset_mock() self.db_api.reset_mock() self.db_api.update_item.reset_mock()
def test_describe_key_pairs(self): self.nova.keypairs.list.return_value = [ fakes.NovaKeyPair(fakes.OS_KEY_PAIR) ] resp = self.execute('DescribeKeyPairs', {}) self.assertThat( resp['keySet'], matchers.ListMatches( [tools.purge_dict(fakes.EC2_KEY_PAIR, {'keyMaterial'})])) self.nova.keypairs.list.assert_called_once_with() self.check_filtering('DescribeKeyPairs', 'keySet', [('fingerprint', fakes.FINGERPRINT_KEY_PAIR), ('key-name', fakes.NAME_KEY_PAIR)])
def test_describe_key_pairs(self): self.nova.keypairs.list.return_value = [fakes.NovaKeyPair( fakes.OS_KEY_PAIR)] resp = self.execute('DescribeKeyPairs', {}) self.assertThat(resp['keySet'], matchers.ListMatches([ tools.purge_dict(fakes.EC2_KEY_PAIR, {'keyMaterial'})])) self.nova.keypairs.list.assert_called_once_with() self.check_filtering( 'DescribeKeyPairs', 'keySet', [('fingerprint', fakes.FINGERPRINT_KEY_PAIR), ('key-name', fakes.NAME_KEY_PAIR)])
def test_dissassociate_address_vpc(self): address.address_engine = (address.AddressEngineNeutron()) self.set_mock_db_items(fakes.DB_ADDRESS_2) self.neutron.show_floatingip.return_value = ({ 'floatingip': fakes.OS_FLOATING_IP_2 }) resp = self.execute('DisassociateAddress', {'AssociationId': fakes.ID_EC2_ASSOCIATION_2}) self.assertEqual(True, resp['return']) self.neutron.update_floatingip.assert_called_once_with( fakes.ID_OS_FLOATING_IP_2, {'floatingip': { 'port_id': None }}) self.db_api.update_item.assert_called_once_with( mock.ANY, tools.purge_dict(fakes.DB_ADDRESS_2, ['network_interface_id', 'private_ip_address'])) self.neutron.update_floatingip.reset_mock() self.db_api.update_item.reset_mock() self.configure(disable_ec2_classic=True) resp = self.execute('DisassociateAddress', {'PublicIp': fakes.IP_ADDRESS_2}) self.assertEqual(True, resp['return']) self.neutron.update_floatingip.assert_called_once_with( fakes.ID_OS_FLOATING_IP_2, {'floatingip': { 'port_id': None }}) self.db_api.update_item.assert_called_once_with( mock.ANY, tools.purge_dict(fakes.DB_ADDRESS_2, ['network_interface_id', 'private_ip_address']))
def test_disassociate_route_table(self, routes_updater): self.set_mock_db_items(fakes.DB_ROUTE_TABLE_1, fakes.DB_ROUTE_TABLE_3, fakes.DB_SUBNET_2, fakes.DB_VPC_1) resp = self.execute( 'DisassociateRouteTable', {'AssociationId': fakes.ID_EC2_ROUTE_TABLE_ASSOCIATION_3}) self.assertEqual(True, resp['return']) subnet = tools.purge_dict(fakes.DB_SUBNET_2, ('route_table_id', )) self.db_api.update_item.assert_called_once_with(mock.ANY, subnet) routes_updater.assert_called_once_with( mock.ANY, subnet, fakes.DB_ROUTE_TABLE_1, cleaner=mock.ANY, rollback_route_table_object=fakes.DB_ROUTE_TABLE_3)
def test_create_snapshot_from_volume(self): self.cinder.volume_snapshots.create.return_value = fakes.OSSnapshot(fakes.OS_SNAPSHOT_1) self.db_api.add_item.side_effect = tools.get_db_api_add_item(fakes.ID_EC2_SNAPSHOT_1) self.set_mock_db_items(fakes.DB_VOLUME_2) self.cinder.volumes.get.side_effect = lambda vol_id: ( fakes.OSVolume(fakes.OS_VOLUME_2) if vol_id == fakes.ID_OS_VOLUME_2 else None ) resp = self.execute("CreateSnapshot", {"VolumeId": fakes.ID_EC2_VOLUME_2}) self.assertThat(fakes.EC2_SNAPSHOT_1, matchers.DictMatches(resp)) self.db_api.add_item.assert_called_once_with(mock.ANY, "snap", tools.purge_dict(fakes.DB_SNAPSHOT_1, ("id",))) self.cinder.volume_snapshots.create.assert_called_once_with( fakes.ID_OS_VOLUME_2, force=True, display_description=None )
def test_authorize_security_group_egress_groups(self): self.set_mock_db_items(fakes.DB_SECURITY_GROUP_1, fakes.DB_SECURITY_GROUP_2) self.neutron.create_security_group_rule.return_value = ( {'security_group_rule': [fakes.OS_SECURITY_GROUP_RULE_1]}) self.execute( 'AuthorizeSecurityGroupEgress', {'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.IpProtocol': '100', 'IpPermissions.1.Groups.1.GroupId': fakes.ID_EC2_SECURITY_GROUP_1}) self.neutron.create_security_group_rule.assert_called_once_with( {'security_group_rule': tools.purge_dict(fakes.OS_SECURITY_GROUP_RULE_2, {'id', 'remote_ip_prefix', 'tenant_id', 'port_range_max'})})
def test_disassociate_route_table_invalid_parameter(self): def do_check(params, error_code): self.assert_execution_error(error_code, 'DisassociateRouteTable', params) self.set_mock_db_items() do_check({'AssociationId': fakes.ID_EC2_ROUTE_TABLE_ASSOCIATION_1}, 'InvalidAssociationID.NotFound') self.set_mock_db_items( tools.purge_dict(fakes.DB_SUBNET_1, ['route_table_id'])) do_check({'AssociationId': fakes.ID_EC2_ROUTE_TABLE_ASSOCIATION_2}, 'InvalidAssociationID.NotFound') self.set_mock_db_items(fakes.DB_VPC_1) do_check({'AssociationId': fakes.ID_EC2_ROUTE_TABLE_ASSOCIATION_1}, 'InvalidParameterValue')
def test_create_snapshot_from_volume(self): self.cinder.volume_snapshots.create.return_value = (fakes.OSSnapshot( fakes.OS_SNAPSHOT_1)) self.db_api.add_item.side_effect = (tools.get_db_api_add_item( fakes.ID_EC2_SNAPSHOT_1)) self.set_mock_db_items(fakes.DB_VOLUME_2) self.cinder.volumes.get.side_effect = ( lambda vol_id: (fakes.OSVolume(fakes.OS_VOLUME_2) if vol_id == fakes.ID_OS_VOLUME_2 else None)) resp = self.execute('CreateSnapshot', {'VolumeId': fakes.ID_EC2_VOLUME_2}) self.assertThat(fakes.EC2_SNAPSHOT_1, matchers.DictMatches(resp)) self.db_api.add_item.assert_called_once_with( mock.ANY, 'snap', tools.purge_dict(fakes.DB_SNAPSHOT_1, ('id', ))) self.cinder.volume_snapshots.create.assert_called_once_with( fakes.ID_OS_VOLUME_2, force=True)
def check_response(resp): self.assertThat(created_ec2_network_interface, matchers.DictMatches(resp['networkInterface'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eni', tools.purge_dict(fakes.DB_NETWORK_INTERFACE_2, ('id', 'device_index', 'instance_id', 'delete_on_termination', 'attach_time'))) self.neutron.update_port.assert_called_once_with( fakes.ID_OS_PORT_2, {'port': { 'name': fakes.ID_EC2_NETWORK_INTERFACE_2 }}) self.neutron.reset_mock() self.db_api.reset_mock() self.neutron.list_security_groups.return_value = ({ 'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)] })
def test_repair_default_security_group(self): security_group.security_group_engine = ( security_group.SecurityGroupEngineNeutron()) self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_1 self.nova.security_groups.create.return_value = ( fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_1)) self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1, fakes.DB_SECURITY_GROUP_2) self.neutron.list_security_groups.return_value = ( {'security_groups': [fakes.OS_SECURITY_GROUP_2]}) resp = self.execute('DescribeSecurityGroups', {}) self.db_api.add_item.assert_called_once_with( mock.ANY, 'sg', tools.purge_dict(fakes.DB_SECURITY_GROUP_1, ('id',))) self.nova.security_groups.create.assert_called_once_with( fakes.ID_EC2_VPC_1, 'Default VPC security group')
def test_repair_default_security_group(self): security_group.security_group_engine = ( security_group.SecurityGroupEngineNeutron()) self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_1 self.nova.security_groups.create.return_value = ( fakes.NovaSecurityGroup(fakes.OS_SECURITY_GROUP_1)) self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1, fakes.DB_SECURITY_GROUP_2) self.neutron.list_security_groups.return_value = ({ 'security_groups': [fakes.OS_SECURITY_GROUP_2] }) resp = self.execute('DescribeSecurityGroups', {}) self.db_api.add_item.assert_called_once_with( mock.ANY, 'sg', tools.purge_dict(fakes.DB_SECURITY_GROUP_1, ('id', ))) self.nova.security_groups.create.assert_called_once_with( fakes.ID_EC2_VPC_1, 'Default VPC security group')
def check_response(resp): self.assertThat(created_ec2_network_interface, matchers.DictMatches(resp['networkInterface'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eni', tools.purge_dict(fakes.DB_NETWORK_INTERFACE_2, ('id', 'device_index', 'instance_id', 'delete_on_termination', 'attach_time'))) self.neutron.update_port.assert_called_once_with( fakes.ID_OS_PORT_2, {'port': {'name': fakes.ID_EC2_NETWORK_INTERFACE_2}}) self.neutron.reset_mock() self.db_api.reset_mock() self.neutron.list_security_groups.return_value = ( {'security_groups': [ copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]})
def test_authorize_security_group_egress_groups(self): self.set_mock_db_items(fakes.DB_SECURITY_GROUP_1, fakes.DB_SECURITY_GROUP_2) self.neutron.create_security_group_rule.return_value = ({ 'security_group_rule': [fakes.OS_SECURITY_GROUP_RULE_1] }) self.execute( 'AuthorizeSecurityGroupEgress', { 'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.IpProtocol': '100', 'IpPermissions.1.Groups.1.GroupId': fakes.ID_EC2_SECURITY_GROUP_1 }) self.neutron.create_security_group_rule.assert_called_once_with({ 'security_group_rule': tools.purge_dict( fakes.OS_SECURITY_GROUP_RULE_2, {'id', 'remote_ip_prefix', 'tenant_id', 'port_range_max'}) })
def test_delete_network_interface_with_public_ip(self): detached_network_interface_2 = fakes.gen_db_network_interface( fakes.ID_EC2_NETWORK_INTERFACE_2, fakes.ID_OS_PORT_2, fakes.ID_EC2_VPC_1, fakes.ID_EC2_SUBNET_2, fakes.IP_NETWORK_INTERFACE_2) self.set_mock_db_items(detached_network_interface_2, fakes.DB_ADDRESS_1, fakes.DB_ADDRESS_2) resp = self.execute( 'DeleteNetworkInterface', {'NetworkInterfaceId': fakes.ID_EC2_NETWORK_INTERFACE_2}) self.assertEqual(True, resp['return']) self.db_api.get_item_by_id.assert_any_call( mock.ANY, fakes.ID_EC2_NETWORK_INTERFACE_2) self.db_api.delete_item.assert_called_once_with( mock.ANY, fakes.ID_EC2_NETWORK_INTERFACE_2) self.neutron.delete_port.assert_called_once_with(fakes.ID_OS_PORT_2) self.db_api.update_item.assert_called_once_with( mock.ANY, tools.purge_dict(fakes.DB_ADDRESS_2, ['network_interface_id', 'private_ip_address']))
def test_create_snapshot_from_volume(self): self.cinder.volume_snapshots.create.return_value = ( fakes.OSSnapshot(fakes.OS_SNAPSHOT_1)) self.db_api.add_item.side_effect = ( tools.get_db_api_add_item(fakes.ID_EC2_SNAPSHOT_1)) self.set_mock_db_items(fakes.DB_VOLUME_2) self.cinder.volumes.get.side_effect = ( lambda vol_id: ( fakes.OSVolume(fakes.OS_VOLUME_2) if vol_id == fakes.ID_OS_VOLUME_2 else None)) resp = self.execute( 'CreateSnapshot', {'VolumeId': fakes.ID_EC2_VOLUME_2}) self.assertThat(fakes.EC2_SNAPSHOT_1, matchers.DictMatches(resp)) self.db_api.add_item.assert_called_once_with( mock.ANY, 'snap', tools.purge_dict(fakes.DB_SNAPSHOT_1, ('id',))) self.cinder.volume_snapshots.create.assert_called_once_with( fakes.ID_OS_VOLUME_2, force=True)
def test_detach_network_interface(self): network_interface = tools.update_dict(fakes.DB_NETWORK_INTERFACE_2, {'device_index': 1}) self.set_mock_db_items(network_interface) self.neutron.show_port.return_value = ( {'port': fakes.OS_PORT_2}) self.execute( 'DetachNetworkInterface', {'AttachmentId': ec2utils.change_ec2_id_kind( fakes.ID_EC2_NETWORK_INTERFACE_2, 'eni-attach')}) self.neutron.update_port.assert_called_once_with( fakes.ID_OS_PORT_2, {'port': {'device_id': '', 'device_owner': ''}} ) self.db_api.update_item.assert_called_once_with( mock.ANY, tools.purge_dict(fakes.DB_NETWORK_INTERFACE_2, {'device_index', 'instance_id', 'delete_on_termination', 'attach_time'}))
def check_response(resp, auto_ips=False): self.assertThat(fakes.EC2_NETWORK_INTERFACE_1, matchers.DictMatches(resp['networkInterface'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eni', tools.purge_dict(fakes.DB_NETWORK_INTERFACE_1, ('id', )), project_id=None) if auto_ips: self.neutron.create_port.assert_called_once_with({ 'port': { 'network_id': fakes.ID_OS_NETWORK_1, 'fixed_ips': [{ 'subnet_id': fakes.ID_OS_SUBNET_1 }], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1] } }) else: self.neutron.create_port.assert_called_once_with({ 'port': { 'network_id': fakes.ID_OS_NETWORK_1, 'fixed_ips': [{ 'ip_address': fakes.IP_NETWORK_INTERFACE_1 }], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1] } }) self.neutron.update_port.assert_called_once_with( fakes.ID_OS_PORT_1, {'port': { 'name': fakes.ID_EC2_NETWORK_INTERFACE_1 }}) self.neutron.reset_mock() self.db_api.reset_mock() self.neutron.list_security_groups.return_value = ({ 'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)] })
def test_route_table_create(self): self.set_mock_db_items(fakes.DB_VPC_1) self.db_api.add_item.side_effect = (tools.get_db_api_add_item( fakes.ID_EC2_ROUTE_TABLE_1)) resp = self.execute('CreateRouteTable', {'VpcId': fakes.ID_EC2_VPC_1}) self.assertThat( resp['routeTable'], matchers.DictMatches( tools.purge_dict(fakes.EC2_ROUTE_TABLE_1, ('associationSet', )))) self.db_api.add_item.assert_called_once_with( mock.ANY, 'rtb', { 'vpc_id': fakes.ID_EC2_VPC_1, 'routes': [{ 'destination_cidr_block': fakes.CIDR_VPC_1, 'gateway_id': None }] }, project_id=None) self.db_api.get_item_by_id.assert_called_once_with( mock.ANY, fakes.ID_EC2_VPC_1)
def test_authorize_security_group_ingress_ip_ranges(self): security_group.security_group_engine = ( security_group.SecurityGroupEngineNeutron()) self.set_mock_db_items(fakes.DB_SECURITY_GROUP_1, fakes.DB_SECURITY_GROUP_2) self.neutron.create_security_group_rule.return_value = ({ 'security_group_rule': [fakes.OS_SECURITY_GROUP_RULE_1] }) self.execute( 'AuthorizeSecurityGroupIngress', { 'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '192.168.1.0/24' }) self.neutron.create_security_group_rule.assert_called_once_with({ 'security_group_rule': tools.purge_dict(fakes.OS_SECURITY_GROUP_RULE_1, {'id', 'remote_group_id', 'tenant_id'}) }) # NOTE(Alex): Openstack extension, AWS-incompability # IPv6 is not supported by Amazon. self.execute( 'AuthorizeSecurityGroupIngress', { 'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '::/0' }) self.neutron.create_security_group_rule.assert_called_with({ 'security_group_rule': tools.patch_dict(fakes.OS_SECURITY_GROUP_RULE_1, {'remote_ip_prefix': '::/0'}, {'id', 'remote_group_id', 'tenant_id'}) })
def test_detach_network_interface(self): network_interface = tools.update_dict(fakes.DB_NETWORK_INTERFACE_2, {'device_index': 1}) self.set_mock_db_items(network_interface) self.neutron.show_port.return_value = ({'port': fakes.OS_PORT_2}) self.execute( 'DetachNetworkInterface', { 'AttachmentId': ec2utils.change_ec2_id_kind(fakes.ID_EC2_NETWORK_INTERFACE_2, 'eni-attach') }) self.neutron.update_port.assert_called_once_with( fakes.ID_OS_PORT_2, {'port': { 'device_id': '', 'device_owner': '' }}) self.db_api.update_item.assert_called_once_with( mock.ANY, tools.purge_dict( fakes.DB_NETWORK_INTERFACE_2, { 'device_index', 'instance_id', 'delete_on_termination', 'attach_time' }))
def test_create_security_group(self): self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1) self.neutron.list_security_groups.return_value = ( {'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]}) self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_2 self.neutron.create_security_group.return_value = ( {'security_group': copy.deepcopy(fakes.OS_SECURITY_GROUP_2)}) resp = self.execute( 'CreateSecurityGroup', {'GroupName': 'groupname', 'GroupDescription': 'Group description'}) secgroup_body = ( {'security_group': {'name': 'groupname', 'description': 'Group description'}}) self.neutron.create_security_group.assert_called_once_with( secgroup_body) db_group = tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id',)) db_group['vpc_id'] = None self.db_api.add_item.assert_called_once_with(mock.ANY, 'sg', db_group) self.neutron.create_security_group.reset_mock() self.db_api.add_item.reset_mock() self.neutron.list_security_groups.return_value = ( {'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]}) resp = self.execute( 'CreateSecurityGroup', {'VpcId': fakes.ID_EC2_VPC_1, 'GroupName': 'groupname', 'GroupDescription': 'Group description'}) self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_2, resp['groupId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'sg', tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id',))) self.neutron.create_security_group.assert_called_once_with( secgroup_body) self.neutron.create_security_group.reset_mock() self.db_api.add_item.reset_mock() self.configure(disable_ec2_classic=True) self.add_mock_db_items(fakes.DB_VPC_DEFAULT, fakes.DB_SECURITY_GROUP_DEFAULT) self.neutron.create_security_group.return_value = ( {'security_group': copy.deepcopy(fakes.OS_SECURITY_GROUP_5)}) self.neutron.list_security_groups.return_value = ( {'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1), fakes.OS_SECURITY_GROUP_DEFAULT]}) self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_5 resp = self.execute( 'CreateSecurityGroup', {'GroupName': 'groupname2', 'GroupDescription': 'Group description'}) self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_5, resp['groupId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'sg', tools.purge_dict(fakes.DB_SECURITY_GROUP_5, ('id',))) secgroup_body = ( {'security_group': {'name': 'groupname2', 'description': 'Group description'}}) self.neutron.create_security_group.assert_called_once_with( secgroup_body)
def test_create_network_interface_multiple_ips(self): self.set_mock_db_items(fakes.DB_SUBNET_2, fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1) self.db_api.add_item.return_value = fakes.DB_NETWORK_INTERFACE_2 self.neutron.show_subnet.return_value = {'subnet': fakes.OS_SUBNET_2} self.neutron.create_port.return_value = {'port': fakes.OS_PORT_2} self.neutron.list_security_groups.return_value = ({ 'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)] }) created_ec2_network_interface = tools.patch_dict( fakes.EC2_NETWORK_INTERFACE_2, { 'privateIpAddressesSet': [ tools.purge_dict(s, ['association']) for s in fakes.EC2_NETWORK_INTERFACE_2['privateIpAddressesSet'] ] }, ['association']) def check_response(resp): self.assertThat(created_ec2_network_interface, matchers.DictMatches(resp['networkInterface'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eni', tools.purge_dict(fakes.DB_NETWORK_INTERFACE_2, ('id', 'device_index', 'instance_id', 'delete_on_termination', 'attach_time'))) self.neutron.update_port.assert_called_once_with( fakes.ID_OS_PORT_2, {'port': { 'name': fakes.ID_EC2_NETWORK_INTERFACE_2 }}) self.neutron.reset_mock() self.db_api.reset_mock() self.neutron.list_security_groups.return_value = ({ 'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)] }) resp = self.execute( 'CreateNetworkInterface', { 'SubnetId': fakes.ID_EC2_SUBNET_2, 'SecondaryPrivateIpAddressCount': '3', 'Description': fakes.DESCRIPTION_NETWORK_INTERFACE_2 }) self.neutron.create_port.assert_called_once_with({ 'port': { 'network_id': fakes.ID_OS_NETWORK_2, 'fixed_ips': [{ 'subnet_id': fakes.ID_OS_SUBNET_2 }, { 'subnet_id': fakes.ID_OS_SUBNET_2 }, { 'subnet_id': fakes.ID_OS_SUBNET_2 }], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1] } }) check_response(resp) resp = self.execute( 'CreateNetworkInterface', { 'SubnetId': fakes.ID_EC2_SUBNET_2, 'PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[0], 'PrivateIpAddresses.1.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[1], 'PrivateIpAddresses.1.Primary': False, 'PrivateIpAddresses.2.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[2], 'PrivateIpAddresses.2.Primary': False, 'Description': fakes.DESCRIPTION_NETWORK_INTERFACE_2 }) self.neutron.create_port.assert_called_once_with({ 'port': { 'network_id': fakes.ID_OS_NETWORK_2, 'fixed_ips': [{ 'ip_address': fakes.IPS_NETWORK_INTERFACE_2[0] }, { 'ip_address': fakes.IPS_NETWORK_INTERFACE_2[1] }, { 'ip_address': fakes.IPS_NETWORK_INTERFACE_2[2] }], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1] } }) check_response(resp) resp = self.execute( 'CreateNetworkInterface', { 'SubnetId': fakes.ID_EC2_SUBNET_2, 'PrivateIpAddresses.1.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[0], 'PrivateIpAddresses.1.Primary': True, 'PrivateIpAddresses.2.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[1], 'PrivateIpAddresses.2.Primary': False, 'PrivateIpAddresses.3.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[2], 'PrivateIpAddresses.3.Primary': False, 'Description': fakes.DESCRIPTION_NETWORK_INTERFACE_2 }) self.neutron.create_port.assert_called_once_with({ 'port': { 'network_id': fakes.ID_OS_NETWORK_2, 'fixed_ips': [{ 'ip_address': fakes.IPS_NETWORK_INTERFACE_2[0] }, { 'ip_address': fakes.IPS_NETWORK_INTERFACE_2[1] }, { 'ip_address': fakes.IPS_NETWORK_INTERFACE_2[2] }], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1] } }) check_response(resp) resp = self.execute( 'CreateNetworkInterface', { 'SubnetId': fakes.ID_EC2_SUBNET_2, 'PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[0], 'PrivateIpAddresses.1.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[1], 'PrivateIpAddresses.1.Primary': False, 'SecondaryPrivateIpAddressCount': '1', 'Description': fakes.DESCRIPTION_NETWORK_INTERFACE_2 }) self.neutron.create_port.assert_called_once_with({ 'port': { 'network_id': fakes.ID_OS_NETWORK_2, 'fixed_ips': [{ 'ip_address': fakes.IPS_NETWORK_INTERFACE_2[0] }, { 'ip_address': fakes.IPS_NETWORK_INTERFACE_2[1] }, { 'subnet_id': fakes.ID_OS_SUBNET_2 }], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1] } }) check_response(resp)
def test_create_security_group(self): self.set_mock_db_items(fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1) self.neutron.list_security_groups.return_value = ({ 'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)] }) self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_2 self.neutron.create_security_group.return_value = ({ 'security_group': copy.deepcopy(fakes.OS_SECURITY_GROUP_2) }) resp = self.execute('CreateSecurityGroup', { 'GroupName': 'groupname', 'GroupDescription': 'Group description' }) secgroup_body = ({ 'security_group': { 'name': 'groupname', 'description': 'Group description' } }) self.neutron.create_security_group.assert_called_once_with( secgroup_body) db_group = tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id', )) db_group['vpc_id'] = None self.db_api.add_item.assert_called_once_with(mock.ANY, 'sg', db_group) self.neutron.create_security_group.reset_mock() self.db_api.add_item.reset_mock() self.neutron.list_security_groups.return_value = ({ 'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)] }) resp = self.execute( 'CreateSecurityGroup', { 'VpcId': fakes.ID_EC2_VPC_1, 'GroupName': 'groupname', 'GroupDescription': 'Group description' }) self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_2, resp['groupId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'sg', tools.purge_dict(fakes.DB_SECURITY_GROUP_2, ('id', ))) self.neutron.create_security_group.assert_called_once_with( secgroup_body) self.neutron.create_security_group.reset_mock() self.db_api.add_item.reset_mock() self.configure(disable_ec2_classic=True) self.add_mock_db_items(fakes.DB_VPC_DEFAULT, fakes.DB_SECURITY_GROUP_DEFAULT) self.neutron.create_security_group.return_value = ({ 'security_group': copy.deepcopy(fakes.OS_SECURITY_GROUP_5) }) self.neutron.list_security_groups.return_value = ({ 'security_groups': [ copy.deepcopy(fakes.OS_SECURITY_GROUP_1), fakes.OS_SECURITY_GROUP_DEFAULT ] }) self.db_api.add_item.return_value = fakes.DB_SECURITY_GROUP_5 resp = self.execute('CreateSecurityGroup', { 'GroupName': 'groupname2', 'GroupDescription': 'Group description' }) self.assertEqual(fakes.ID_EC2_SECURITY_GROUP_5, resp['groupId']) self.db_api.add_item.assert_called_once_with( mock.ANY, 'sg', tools.purge_dict(fakes.DB_SECURITY_GROUP_5, ('id', ))) secgroup_body = ({ 'security_group': { 'name': 'groupname2', 'description': 'Group description' } }) self.neutron.create_security_group.assert_called_once_with( secgroup_body)
def test_create_network_interface_multiple_ips(self): self.set_mock_db_items(fakes.DB_SUBNET_2, fakes.DB_VPC_1, fakes.DB_SECURITY_GROUP_1) self.db_api.add_item.return_value = fakes.DB_NETWORK_INTERFACE_2 self.neutron.show_subnet.return_value = {'subnet': fakes.OS_SUBNET_2} self.neutron.create_port.return_value = {'port': fakes.OS_PORT_2} self.neutron.list_security_groups.return_value = ( {'security_groups': [copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]}) created_ec2_network_interface = tools.patch_dict( fakes.EC2_NETWORK_INTERFACE_2, {'privateIpAddressesSet': [ tools.purge_dict(s, ['association']) for s in fakes.EC2_NETWORK_INTERFACE_2[ 'privateIpAddressesSet']]}, ['association']) def check_response(resp): self.assertThat(created_ec2_network_interface, matchers.DictMatches(resp['networkInterface'])) self.db_api.add_item.assert_called_once_with( mock.ANY, 'eni', tools.purge_dict(fakes.DB_NETWORK_INTERFACE_2, ('id', 'device_index', 'instance_id', 'delete_on_termination', 'attach_time'))) self.neutron.update_port.assert_called_once_with( fakes.ID_OS_PORT_2, {'port': {'name': fakes.ID_EC2_NETWORK_INTERFACE_2}}) self.neutron.reset_mock() self.db_api.reset_mock() self.neutron.list_security_groups.return_value = ( {'security_groups': [ copy.deepcopy(fakes.OS_SECURITY_GROUP_1)]}) resp = self.execute( 'CreateNetworkInterface', {'SubnetId': fakes.ID_EC2_SUBNET_2, 'SecondaryPrivateIpAddressCount': '3', 'Description': fakes.DESCRIPTION_NETWORK_INTERFACE_2}) self.neutron.create_port.assert_called_once_with( {'port': {'network_id': fakes.ID_OS_NETWORK_2, 'fixed_ips': [{'subnet_id': fakes.ID_OS_SUBNET_2}, {'subnet_id': fakes.ID_OS_SUBNET_2}, {'subnet_id': fakes.ID_OS_SUBNET_2}], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1]}}) check_response(resp) resp = self.execute( 'CreateNetworkInterface', {'SubnetId': fakes.ID_EC2_SUBNET_2, 'PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[0], 'PrivateIpAddresses.1.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[1], 'PrivateIpAddresses.1.Primary': False, 'PrivateIpAddresses.2.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[2], 'PrivateIpAddresses.2.Primary': False, 'Description': fakes.DESCRIPTION_NETWORK_INTERFACE_2}) self.neutron.create_port.assert_called_once_with( {'port': {'network_id': fakes.ID_OS_NETWORK_2, 'fixed_ips': [ {'ip_address': fakes.IPS_NETWORK_INTERFACE_2[0]}, {'ip_address': fakes.IPS_NETWORK_INTERFACE_2[1]}, {'ip_address': fakes.IPS_NETWORK_INTERFACE_2[2]}], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1]}}) check_response(resp) resp = self.execute( 'CreateNetworkInterface', {'SubnetId': fakes.ID_EC2_SUBNET_2, 'PrivateIpAddresses.1.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[0], 'PrivateIpAddresses.1.Primary': True, 'PrivateIpAddresses.2.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[1], 'PrivateIpAddresses.2.Primary': False, 'PrivateIpAddresses.3.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[2], 'PrivateIpAddresses.3.Primary': False, 'Description': fakes.DESCRIPTION_NETWORK_INTERFACE_2}) self.neutron.create_port.assert_called_once_with( {'port': {'network_id': fakes.ID_OS_NETWORK_2, 'fixed_ips': [ {'ip_address': fakes.IPS_NETWORK_INTERFACE_2[0]}, {'ip_address': fakes.IPS_NETWORK_INTERFACE_2[1]}, {'ip_address': fakes.IPS_NETWORK_INTERFACE_2[2]}], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1]}}) check_response(resp) resp = self.execute( 'CreateNetworkInterface', {'SubnetId': fakes.ID_EC2_SUBNET_2, 'PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[0], 'PrivateIpAddresses.1.PrivateIpAddress': fakes.IPS_NETWORK_INTERFACE_2[1], 'PrivateIpAddresses.1.Primary': False, 'SecondaryPrivateIpAddressCount': '1', 'Description': fakes.DESCRIPTION_NETWORK_INTERFACE_2}) self.neutron.create_port.assert_called_once_with( {'port': {'network_id': fakes.ID_OS_NETWORK_2, 'fixed_ips': [ {'ip_address': fakes.IPS_NETWORK_INTERFACE_2[0]}, {'ip_address': fakes.IPS_NETWORK_INTERFACE_2[1]}, {'subnet_id': fakes.ID_OS_SUBNET_2}], 'security_groups': [fakes.ID_OS_SECURITY_GROUP_1]}}) check_response(resp)
def test_authorize_security_group_ingress_ip_ranges(self): self.set_mock_db_items(fakes.DB_SECURITY_GROUP_1, fakes.DB_SECURITY_GROUP_2) self.neutron.create_security_group_rule.return_value = ({ 'security_group_rule': [fakes.OS_SECURITY_GROUP_RULE_1] }) self.execute( 'AuthorizeSecurityGroupIngress', { 'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '192.168.1.0/24' }) self.neutron.create_security_group_rule.assert_called_once_with({ 'security_group_rule': tools.purge_dict(fakes.OS_SECURITY_GROUP_RULE_1, {'id', 'remote_group_id', 'tenant_id'}) }) # NOTE(Alex): Openstack extension, AWS-incompability # IPv6 is not supported by Amazon. self.execute( 'AuthorizeSecurityGroupIngress', { 'GroupId': fakes.ID_EC2_SECURITY_GROUP_2, 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '::/0' }) self.neutron.create_security_group_rule.assert_called_with({ 'security_group_rule': tools.patch_dict(fakes.OS_SECURITY_GROUP_RULE_1, {'remote_ip_prefix': '::/0'}, {'id', 'remote_group_id', 'tenant_id'}) }) self.configure(disable_ec2_classic=True) self.add_mock_db_items(fakes.DB_VPC_DEFAULT, fakes.DB_SECURITY_GROUP_4, fakes.DB_SECURITY_GROUP_5, fakes.DB_SECURITY_GROUP_6) self.neutron.list_security_groups.return_value = ({ 'security_groups': [fakes.OS_SECURITY_GROUP_4, fakes.OS_SECURITY_GROUP_5] }) self.execute( 'AuthorizeSecurityGroupIngress', { 'GroupName': 'groupname2', 'IpPermissions.1.FromPort': '10', 'IpPermissions.1.ToPort': '10', 'IpPermissions.1.IpProtocol': 'tcp', 'IpPermissions.1.IpRanges.1.CidrIp': '::/0' }) security_group_rule = { 'direction': 'ingress', 'ethertype': 'IPv4', 'port_range_min': 10, 'port_range_max': 10, 'protocol': 'tcp', 'remote_ip_prefix': '::/0', 'security_group_id': fakes.ID_OS_SECURITY_GROUP_5 } self.neutron.create_security_group_rule.assert_called_with( {'security_group_rule': security_group_rule})