def test_ca_install_without_replica_file(self):
"""
TestCase:
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan#Test_case:
_ipa-ca-install_with_replica_file_works_only_on_domain_level_0
"""
master = self.master
replica1 = self.replicas[0]
replica2 = self.replicas[1]
for replica in self.replicas:
tasks.install_replica(master,
replica,
setup_ca=False,
setup_dns=True)
result1 = tasks.install_ca(replica1,
domain_level=DOMAIN_LEVEL_1,
raiseonerr=False)
assert_error(
result1, "If you wish to replicate CA to this host,"
" please re-run 'ipa-ca-install'\nwith a"
" replica file generated on an existing CA"
" master as argument.", 1)
tasks.install_ca(replica1, domain_level=DOMAIN_LEVEL_0)
# Now prepare the replica file, copy it to the client and raise
# domain level on master to test the reverse situation
master.run_command(["ipa", "domainlevel-set", str(DOMAIN_LEVEL_1)])
result2 = tasks.install_ca(replica2,
domain_level=DOMAIN_LEVEL_0,
raiseonerr=False)
assert_error(
result2, 'Too many parameters provided.'
' No replica file is required', 1)
tasks.install_ca(replica2, domain_level=DOMAIN_LEVEL_1)
def test_ca_install_without_replica_file(self):
"""
TestCase:
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan#Test_case:
_ipa-ca-install_with_replica_file_works_only_on_domain_level_0
"""
master = self.master
replica1 = self.replicas[0]
replica2 = self.replicas[1]
for replica in self.replicas:
tasks.install_replica(master, replica, setup_ca=False,
setup_dns=True)
result1 = tasks.install_ca(replica1,
domain_level=DOMAIN_LEVEL_1,
raiseonerr=False)
assert_error(result1, "If you wish to replicate CA to this host,"
" please re-run 'ipa-ca-install'\nwith a"
" replica file generated on an existing CA"
" master as argument.", 1)
tasks.install_ca(replica1, domain_level=DOMAIN_LEVEL_0)
# Now prepare the replica file, copy it to the client and raise
# domain level on master to test the reverse situation
master.run_command(["ipa", "domainlevel-set", str(DOMAIN_LEVEL_1)])
result2 = tasks.install_ca(replica2,
domain_level=DOMAIN_LEVEL_0,
raiseonerr=False)
assert_error(result2, 'Too many parameters provided.'
' No replica file is required', 1)
tasks.install_ca(replica2, domain_level=DOMAIN_LEVEL_1)
def install(cls, mh):
super(TestForcedClientReenrollment, cls).install(mh)
tasks.install_master(cls.master)
tasks.install_replica(cls.master, cls.replicas[0], setup_ca=False)
cls.BACKUP_KEYTAB = os.path.join(
cls.master.config.test_dir,
'krb5.keytab'
)
def install(cls):
super(TestForcedClientReenrollment, cls).install()
tasks.install_master(cls.master)
tasks.install_replica(cls.master, cls.replicas[0], setup_ca=False)
cls.BACKUP_KEYTAB = os.path.join(
cls.master.config.test_dir,
'krb5.keytab'
)
def install(cls, mh):
tasks.install_master(cls.master, setup_dns=True)
args = [
"ipa-dns-install",
"--dnssec-master",
"--forwarder", cls.master.config.dns_forwarder,
"-U",
]
cls.master.run_command(args)
tasks.install_replica(cls.master, cls.replicas[0], setup_dns=True)
def install(cls, mh):
tasks.install_master(cls.master, setup_dns=True)
tasks.install_replica(cls.master, cls.replicas[0], setup_dns=True,
setup_ca=False)
tasks.install_replica(cls.master, cls.replicas[1], setup_dns=True,
setup_ca=False)
for host in (cls.master, cls.replicas[0], cls.replicas[1]):
ldap = host.ldap_connect()
tasks.wait_for_replication(ldap)
# give time to named to retrieve new records
time.sleep(20)
def install(cls, mh):
tasks.install_master(cls.master, setup_dns=True)
tasks.install_replica(cls.master, cls.replicas[0], setup_dns=True,
setup_ca=False)
tasks.install_replica(cls.master, cls.replicas[1], setup_dns=True,
setup_ca=False)
for host in (cls.master, cls.replicas[0], cls.replicas[1]):
ldap = host.ldap_connect()
tasks.wait_for_replication(ldap)
# give time to named to retrieve new records
time.sleep(20)
def test_ignore_topology_disconnect_replica2(self):
"""
tests that removal of replica2 with '--ignore-topology-disconnect'
destroys master for good
"""
check_master_removal(
self.client,
self.replica2.hostname,
ignore_topology_disconnect=True
)
# reinstall the replica
tasks.uninstall_master(self.replica2)
tasks.install_replica(self.master, self.replica2, setup_ca=True)
def install(cls, mh):
tasks.install_master(cls.master, setup_dns=False)
args = [
"ipa-dns-install",
"--dnssec-master",
"--forwarder", cls.master.config.dns_forwarder,
"-U",
]
cls.master.run_command(args)
tasks.install_replica(cls.master, cls.replicas[0], setup_dns=True)
# backup trusted key
tasks.backup_file(cls.master, paths.DNSSEC_TRUSTED_KEY)
tasks.backup_file(cls.replicas[0], paths.DNSSEC_TRUSTED_KEY)
def test_add_remove_segment(self):
"""
Make sure a topology segment can be manually created and deleted
with the influence on the real topology
Testcase http://www.freeipa.org/page/V4/Manage_replication_topology/
Test_plan#Test_case:_Basic_CRUD_test
"""
tasks.kinit_admin(self.master)
# Install the second replica
tasks.install_replica(self.master,
self.replicas[1],
setup_ca=False,
setup_dns=False)
# turn a star into a ring
segment, err = tasks.create_segment(self.master, self.replicas[0],
self.replicas[1])
assert err == "", err
# Make sure the new segment is shown by `ipa topologysegment-find`
result1 = self.master.run_command(
['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME]).stdout_text
assert (segment['name']
in result1), ("%s: segment not found" % segment['name'])
# Remove master <-> replica2 segment and make sure that the changes get
# there through replica1
# Since segment name can be one of master-to-replica2 or
# replica2-to-master, we need to determine the segment name dynamically
deleteme = find_segment(self.master, self.replicas[1])
returncode, error = tasks.destroy_segment(self.master, deleteme)
assert returncode == 0, error
# Wait till replication ends and make sure replica1 does not have
# segment that was deleted on master
replica1_ldap = self.replicas[0].ldap_connect()
tasks.wait_for_replication(replica1_ldap)
result3 = self.replicas[0].run_command(
['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME]).stdout_text
assert (deleteme not in result3), "%s: segment still exists" % deleteme
# Create test data on master and make sure it gets all the way down to
# replica2 through replica1
self.master.run_command([
'ipa', 'user-add', 'someuser', '--first', 'test', '--last', 'user'
])
dest_ldap = self.replicas[1].ldap_connect()
tasks.wait_for_replication(dest_ldap)
result4 = self.replicas[1].run_command(['ipa', 'user-find'])
assert ('someuser' in result4.stdout_text), 'User not found: someuser'
def test_kra_install_without_replica_file(self):
master = self.master
replica1 = self.replicas[0]
replica2 = self.replicas[1]
tasks.install_kra(master, first_instance=True)
tasks.install_replica(master, replica1)
result1 = tasks.install_kra(replica1, domain_level=DOMAIN_LEVEL_1, raiseonerr=False)
assert_error(result1, "A replica file is required", 1)
tasks.install_kra(replica1, domain_level=DOMAIN_LEVEL_0, raiseonerr=True)
# Now prepare the replica file, copy it to the client and raise
# domain level on master to test the reverse situation
tasks.replica_prepare(master, replica2)
master.run_command(["ipa", "domainlevel-set", str(DOMAIN_LEVEL_1)])
tasks.install_replica(master, replica2)
result2 = tasks.install_kra(replica2, domain_level=DOMAIN_LEVEL_0, raiseonerr=False)
assert_error(result2, "No replica file is required", 1)
tasks.install_kra(replica2)
def test_backup_restore(self):
"""
TestCase:
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan#Test_case:
_ipa-restore_after_domainlevel_raise_restores_original_domain_level
"""
command = ["ipa", "topologysegment-find", DOMAIN_SUFFIX_NAME]
tasks.install_replica(self.master, self.replicas[0])
backup_file = tasks.ipa_backup(self.master)
self.master.run_command(["ipa", "domainlevel-set", "1"])
result = self.master.run_command(command)
found1 = result.stdout_text.rfind("1 segment matched")
assert(found1 > 0), result.stdout_text
tasks.ipa_restore(self.master, backup_file)
result2 = self.master.run_command(command, raiseonerr=False)
found2 = result2.stdout_text.rfind("0 segments matched")
assert(found2 > 0), result2.stdout_text
def test_add_remove_segment(self):
"""
Make sure a topology segment can be manually created and deleted
with the influence on the real topology
Testcase http://www.freeipa.org/page/V4/Manage_replication_topology/
Test_plan#Test_case:_Basic_CRUD_test
"""
tasks.kinit_admin(self.master)
# Install the second replica
tasks.install_replica(self.master, self.replicas[1], setup_ca=False,
setup_dns=False)
# turn a star into a ring
segment, err = tasks.create_segment(self.master,
self.replicas[0],
self.replicas[1])
assert err == "", err
# Make sure the new segment is shown by `ipa topologysegment-find`
result1 = self.master.run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME]).stdout_text
assert(segment['name'] in result1), (
"%s: segment not found" % segment['name'])
# Remove master <-> replica2 segment and make sure that the changes get
# there through replica1
# Since segment name can be one of master-to-replica2 or
# replica2-to-master, we need to determine the segment name dynamically
deleteme = find_segment(self.master, self.replicas[1])
returncode, error = tasks.destroy_segment(self.master, deleteme)
assert returncode == 0, error
# Wait till replication ends and make sure replica1 does not have
# segment that was deleted on master
replica1_ldap = self.replicas[0].ldap_connect()
tasks.wait_for_replication(replica1_ldap)
result3 = self.replicas[0].run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME]).stdout_text
assert(deleteme not in result3), "%s: segment still exists" % deleteme
# Create test data on master and make sure it gets all the way down to
# replica2 through replica1
self.master.run_command(['ipa', 'user-add', 'someuser',
'--first', 'test',
'--last', 'user'])
dest_ldap = self.replicas[1].ldap_connect()
tasks.wait_for_replication(dest_ldap)
result4 = self.replicas[1].run_command(['ipa', 'user-find'])
assert('someuser' in result4.stdout_text), 'User not found: someuser'
def test_topology_updated_on_replica_install_remove(self):
"""
Install and remove a replica and make sure topology information is
updated on all other replicas
Testcase: http://www.freeipa.org/page/V4/Manage_replication_topology/
Test_plan#Test_case:
_Replication_topology_should_be_saved_in_the_LDAP_tree
"""
tasks.kinit_admin(self.master)
result1 = self.master.run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME]).stdout_text
first_segment_name = "%s-to-%s" % (self.master.hostname,
self.replicas[0].hostname)
expected_segment = {
'connectivity': 'both',
'leftnode': self.master.hostname,
'name': first_segment_name,
'rightnode': self.replicas[0].hostname}
firstsegment = self.tokenize_topologies(result1)[0]
assert_deepequal(expected_segment, firstsegment)
tasks.install_replica(self.master, self.replicas[1], setup_ca=False,
setup_dns=False)
# We need to make sure topology information is consistent across all
# replicas
result2 = self.master.run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
result3 = self.replicas[0].run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
result4 = self.replicas[1].run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
segments = self.tokenize_topologies(result2.stdout_text)
assert(len(segments) == 2), "Unexpected number of segments found"
assert_deepequal(result2.stdout_text, result3.stdout_text)
assert_deepequal(result3.stdout_text, result4.stdout_text)
# Now let's check that uninstalling the replica will update the topology
# info on the rest of replicas.
tasks.uninstall_master(self.replicas[1])
tasks.clean_replication_agreement(self.master, self.replicas[1])
result5 = self.master.run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
num_entries = self.noentries_re.search(result5.stdout_text).group(1)
assert(num_entries == "1"), "Incorrect number of entries displayed"
def test_backup_restore(self):
"""
TestCase:
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan#Test_case:
_ipa-restore_after_domainlevel_raise_restores_original_domain_level
"""
command = ["ipa", "topologysegment-find", DOMAIN_SUFFIX_NAME]
tasks.install_replica(self.master, self.replicas[0])
backup_file = tasks.ipa_backup(self.master)
self.master.run_command(
["ipa", "domainlevel-set",
str(DOMAIN_LEVEL_1)])
# We need to give the server time to merge 2 one-way segments into one
time.sleep(10)
result = self.master.run_command(command)
found1 = result.stdout_text.rfind("1 segment matched")
assert (found1 > 0), result.stdout_text
tasks.ipa_restore(self.master, backup_file)
result2 = self.master.run_command(command, raiseonerr=False)
found2 = result2.stdout_text.rfind("0 segments matched")
assert (found2 > 0), result2.stdout_text
def test_topology_updated_on_replica_install_remove(self):
"""
Install and remove a replica and make sure topology information is
updated on all other replicas
Testcase: http://www.freeipa.org/page/V4/Manage_replication_topology/
Test_plan#Test_case:
_Replication_topology_should_be_saved_in_the_LDAP_tree
"""
tasks.kinit_admin(self.master)
result1 = self.master.run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
first_segment_name = "%s-to-%s" % (self.master.hostname,
self.replicas[0].hostname)
output1 = result1.stdout_text
firstsegment = self.tokenize_topologies(output1)[0]
assert(firstsegment['name'] == first_segment_name)
assert(self.noentries_re.search(output1).group(1) == "1")
assert(firstsegment['leftnode'] == self.master.hostname)
assert(firstsegment['rightnode'] == self.replicas[0].hostname)
tasks.install_replica(self.master, self.replicas[1], setup_ca=False,
setup_dns=False)
# We need to make sure topology information is consistent across all
# replicas
result2 = self.master.run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
result3 = self.replicas[0].run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
result4 = self.replicas[1].run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
segments = self.tokenize_topologies(result2.stdout_text)
assert(len(segments) == 2)
assert(result2.stdout_text == result3.stdout_text)
assert(result3.stdout_text == result4.stdout_text)
# Now let's check that uninstalling the replica will update the topology
# info on the rest of replicas.
tasks.uninstall_master(self.replicas[1])
tasks.clean_replication_agreement(self.master, self.replicas[1])
result5 = self.master.run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
assert(self.noentries_re.search(result5.stdout_text).group(1) == "1")
def test_topology_updated_on_replica_install_remove(self):
"""
Install and remove a replica and make sure topology information is
updated on all other replicas
Testcase: http://www.freeipa.org/page/V4/Manage_replication_topology/
Test_plan#Test_case:
_Replication_topology_should_be_saved_in_the_LDAP_tree
"""
tasks.kinit_admin(self.master)
result1 = self.master.run_command(
['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME]).stdout_text
segment_name = self.segmentnames_re.findall(result1)[0]
assert (self.master.hostname in segment_name), (
"Segment %s does not contain master hostname" % segment_name)
assert (self.replicas[0].hostname in segment_name), (
"Segment %s does not contain replica hostname" % segment_name)
tasks.install_replica(self.master,
self.replicas[1],
setup_ca=False,
setup_dns=False)
# We need to make sure topology information is consistent across all
# replicas
result2 = self.master.run_command(
['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME])
result3 = self.replicas[0].run_command(
['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME])
result4 = self.replicas[1].run_command(
['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME])
segments = self.tokenize_topologies(result2.stdout_text)
assert (len(segments) == 2), "Unexpected number of segments found"
assert_deepequal(result2.stdout_text, result3.stdout_text)
assert_deepequal(result3.stdout_text, result4.stdout_text)
# Now let's check that uninstalling the replica will update the topology
# info on the rest of replicas.
tasks.uninstall_master(self.replicas[1])
tasks.clean_replication_agreement(self.master, self.replicas[1])
result5 = self.master.run_command(
['ipa', 'topologysegment-find', DOMAIN_SUFFIX_NAME])
num_entries = self.noentries_re.search(result5.stdout_text).group(1)
assert (num_entries == "1"), "Incorrect number of entries displayed"
def test_add_remove_segment(self):
"""
Make sure a topology segment can be manually created and deleted
with the influence on the real topology
Testcase http://www.freeipa.org/page/V4/Manage_replication_topology/
Test_plan#Test_case:_Basic_CRUD_test
"""
tasks.kinit_admin(self.master)
# Install the second replica
tasks.install_replica(self.master, self.replicas[1], setup_ca=False,
setup_dns=False)
# turn a star into a ring
segment, err = tasks.create_segment(self.master,
self.replicas[0],
self.replicas[1])
assert err == "", err
# Make sure the new segment is shown by `ipa topologysegment-find`
result1 = self.master.run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
assert(result1.stdout_text.find(segment['name']) > 0)
# Remove master <-> replica2 segment and make sure that the changes get
# there through replica1
deleteme = "%s-to-%s" % (self.master.hostname,
self.replicas[1].hostname)
returncode, error = tasks.destroy_segment(self.master, deleteme)
assert returncode == 0, error
# make sure replica1 does not have segment that was deleted on master
result3 = self.replicas[0].run_command(['ipa', 'topologysegment-find',
DOMAIN_SUFFIX_NAME])
assert(result3.stdout_text.find(deleteme) < 0)
# Create test data on master and make sure it gets all the way down to
# replica2 through replica1
self.master.run_command(['ipa', 'user-add', 'someuser',
'--first', 'test',
'--last', 'user'])
time.sleep(60) # replication requires some time
users_on_replica2 = self.replicas[1].run_command(['ipa',
'user-find'])
assert(users_on_replica2.find('someuser') > 0)
def test_kra_install_without_replica_file(self):
master = self.master
replica1 = self.replicas[0]
replica2 = self.replicas[1]
tasks.install_kra(master, first_instance=True)
tasks.install_replica(master, replica1)
result1 = tasks.install_kra(replica1,
domain_level=DOMAIN_LEVEL_1,
raiseonerr=False)
assert_error(result1, "A replica file is required", 1)
tasks.install_kra(replica1,
domain_level=DOMAIN_LEVEL_0,
raiseonerr=True)
# Now prepare the replica file, copy it to the client and raise
# domain level on master to test the reverse situation
tasks.replica_prepare(master, replica2)
master.run_command(["ipa", "domainlevel-set", str(DOMAIN_LEVEL_1)])
tasks.install_replica(master, replica2)
result2 = tasks.install_kra(replica2,
domain_level=DOMAIN_LEVEL_0,
raiseonerr=False)
assert_error(result2, "No replica file is required", 1)
tasks.install_kra(replica2)
def test_migrate_dnssec_master(self):
"""Both master and replica have DNS installed"""
backup_filename = "/var/lib/ipa/ipa-kasp.db.backup"
replica_backup_filename = "/tmp/ipa-kasp.db.backup"
# add test zone
args = [
"ipa", "dnszone-add", example_test_zone, "--dnssec", "true",
"--skip-overlap-check",
]
self.master.run_command(args)
# wait until zone is signed
assert wait_until_record_is_signed(
self.master.ip, example_test_zone, self.log, timeout=100
), "Zone %s is not signed (master)" % example_test_zone
# wait until zone is signed
assert wait_until_record_is_signed(
self.replicas[0].ip, example_test_zone, self.log, timeout=200
), "Zone %s is not signed (replica)" % example_test_zone
dnskey_old = resolve_with_dnssec(self.master.ip, example_test_zone,
self.log, rtype="DNSKEY").rrset
# migrate dnssec master to replica
args = [
"ipa-dns-install",
"--disable-dnssec-master",
"--forwarder", self.master.config.dns_forwarder,
"--force",
"-U",
]
self.master.run_command(args)
# move content of "ipa-kasp.db.backup" to replica
kasp_db_backup = self.master.get_file_contents(backup_filename)
self.replicas[0].put_file_contents(replica_backup_filename,
kasp_db_backup)
args = [
"ipa-dns-install",
"--dnssec-master",
"--kasp-db", replica_backup_filename,
"--forwarder", self.master.config.dns_forwarder,
"-U",
]
self.replicas[0].run_command(args)
# wait until zone is signed
assert wait_until_record_is_signed(
self.master.ip, example_test_zone, self.log, timeout=100
), "Zone %s is not signed after migration (master)" % example_test_zone
# wait until zone is signed
assert wait_until_record_is_signed(
self.replicas[0].ip, example_test_zone, self.log, timeout=200
), "Zone %s is not signed after migration (replica)" % example_test_zone
# test if dnskey are the same
dnskey_new = resolve_with_dnssec(self.master.ip, example_test_zone,
self.log, rtype="DNSKEY").rrset
assert dnskey_old == dnskey_new, "DNSKEY should be the same"
# add test zone
args = [
"ipa", "dnszone-add", example2_test_zone, "--dnssec", "true",
"--skip-overlap-check",
]
self.replicas[0].run_command(args)
# wait until zone is signed
assert wait_until_record_is_signed(
self.replicas[0].ip, example2_test_zone, self.log, timeout=100
), ("Zone %s is not signed after migration (replica - dnssec master)"
% example2_test_zone)
# wait until zone is signed
assert wait_until_record_is_signed(
self.master.ip, example2_test_zone, self.log, timeout=200
), ("Zone %s is not signed after migration (master)"
% example2_test_zone)
# add new replica
tasks.install_replica(self.master, self.replicas[1], setup_dns=True)
# test if originial zones are signed on new replica
# wait until zone is signed
assert wait_until_record_is_signed(
self.replicas[1].ip, example_test_zone, self.log, timeout=200
), ("Zone %s is not signed (new replica)"
% example_test_zone)
# wait until zone is signed
assert wait_until_record_is_signed(
self.replicas[1].ip, example2_test_zone, self.log, timeout=200
), ("Zone %s is not signed (new replica)"
% example2_test_zone)
# add new zone to new replica
args = [
"ipa", "dnszone-add", example3_test_zone, "--dnssec", "true",
"--skip-overlap-check",
]
self.replicas[1].run_command(args)
# wait until zone is signed
assert wait_until_record_is_signed(
self.replicas[1].ip, example3_test_zone, self.log, timeout=200
), ("Zone %s is not signed (new replica)"
% example3_test_zone)
assert wait_until_record_is_signed(
self.replicas[0].ip, example3_test_zone, self.log, timeout=200
), ("Zone %s is not signed (replica)"
% example3_test_zone)
# wait until zone is signed
assert wait_until_record_is_signed(
self.master.ip, example3_test_zone, self.log, timeout=200
), ("Zone %s is not signed (master)"
% example3_test_zone)
def test_replica2_with_dns_install(self):
tasks.install_replica(self.master, self.replicas[2], setup_ca=False,
setup_dns=True)
def test_replica1_with_ca_dns_install(self):
tasks.install_replica(self.master, self.replicas[1], setup_ca=True,
setup_dns=True)
def test_replica2_with_ca_kra_install(self):
tasks.install_replica(self.master, self.replicas[2], setup_ca=True,
setup_kra=True)
def test_replica0_ca_less_install(self):
tasks.install_replica(self.master, self.replicas[0], setup_ca=False)
def test_customized_ds_install_replica(self):
tasks.install_replica(
self.master,
self.replicas[0],
setup_ca=False,
extra_args=['--dirsrv-config-file', CONFIG_LDIF_PATH])
def install(cls, mh):
tasks.install_master(cls.master, setup_kra=True)
# do not install KRA on replica, it is part of test
tasks.install_replica(cls.master, cls.replicas[0], setup_kra=False)
def test_replica1_with_ca_dns_install(self):
tasks.install_replica(self.master,
self.replicas[1],
setup_ca=True,
setup_dns=True)
def test_replica0_ca_less_install(self):
tasks.install_replica(self.master, self.replicas[0], setup_ca=False)
def test_replica2_with_ca_kra_install(self):
tasks.install_replica(self.master,
self.replicas[2],
setup_ca=True,
setup_kra=True)
def install(cls, mh):
tasks.install_master(cls.master, setup_dns=True)
tasks.install_replica(cls.master, cls.replicas[0], setup_dns=True)
def test_replica2_with_dns_install(self):
tasks.install_replica(self.master,
self.replicas[2],
setup_ca=False,
setup_dns=True)
def install(cls, mh):
tasks.install_master(cls.master, setup_kra=True)
# do not install KRA on replica, it is part of test
tasks.install_replica(cls.master, cls.replicas[0], setup_kra=False)
