コード例 #1
0
ファイル: test_cert_parser.py プロジェクト: openstack/octavia
    def test_load_certificates(self, mock_oslo):
        listener = sample_configs.sample_listener_tuple(tls=True, sni=True,
                                                        client_ca_cert=True)
        client = mock.MagicMock()
        context = mock.Mock()
        context.project_id = '12345'
        with mock.patch.object(cert_parser,
                               'get_host_names') as cp:
            with mock.patch.object(cert_parser,
                                   '_map_cert_tls_container'):
                cp.return_value = {'cn': 'fakeCN'}
                cert_parser.load_certificates_data(client, listener, context)

                # Ensure upload_cert is called three times
                calls_cert_mngr = [
                    mock.call.get_cert(context, 'cont_id_1', check_only=True),
                    mock.call.get_cert(context, 'cont_id_2', check_only=True),
                    mock.call.get_cert(context, 'cont_id_3', check_only=True)
                ]
                client.assert_has_calls(calls_cert_mngr)

        # Test asking for nothing
        listener = sample_configs.sample_listener_tuple(tls=False, sni=False,
                                                        client_ca_cert=False)
        client = mock.MagicMock()
        with mock.patch.object(cert_parser,
                               '_map_cert_tls_container') as mock_map:
            result = cert_parser.load_certificates_data(client, listener)

            mock_map.assert_not_called()
            ref_empty_dict = {'tls_cert': None, 'sni_certs': []}
            self.assertEqual(ref_empty_dict, result)
            mock_oslo.assert_called()
コード例 #2
0
ファイル: test_ssh_driver.py プロジェクト: crc32a/octavia
    def test_update(self):
        with mock.patch.object(self.driver, "_process_tls_certificates") as process_tls_patch:
            with mock.patch.object(jinja_cfg.JinjaTemplater, "build_config") as build_conf:
                # Build sample Listener and VIP configs
                listener = sample_configs.sample_listener_tuple(tls=True, sni=True)
                vip = sample_configs.sample_vip_tuple()

                process_tls_patch.return_value = {
                    "tls_cert": listener.default_tls_container,
                    "sni_certs": listener.sni_containers,
                }
                build_conf.return_value = "sampleConfig"

                # Execute driver method
                self.driver.update(listener, vip)

                # Verify calls
                process_tls_patch.assert_called_once_with(listener)
                build_conf.assert_called_once_with(listener, listener.default_tls_container)
                self.driver.client.connect.assert_called_once_with(
                    hostname=listener.load_balancer.amphorae[0].lb_network_ip,
                    key_filename=self.driver.amp_config.key_path,
                    username=self.driver.amp_config.username,
                )
                self.driver.client.open_sftp.assert_called_once_with()
                self.driver.client.open_sftp().put.assert_called_once_with(mock.ANY, mock.ANY)
                self.driver.client.exec_command.assert_has_calls(
                    [mock.call(mock.ANY), mock.call(mock.ANY), mock.call(mock.ANY), mock.call(mock.ANY)]
                )
                self.driver.client.close.assert_called_once_with()
コード例 #3
0
 def test_render_template_tls_no_sni(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option tcplog\n"
           "    maxconn 98\n"
           "    redirect scheme https if !{ ssl_fc }\n"
           "    bind 10.0.0.2:443 "
           "ssl crt /var/lib/octavia/certs/"
           "sample_listener_id_1/FakeCN.pem\n"
           "    mode http\n"
           "    default_backend sample_pool_id_1\n\n")
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(
             proto='TERMINATED_HTTPS', tls=True),
         tls_cert=sample_configs.sample_tls_container_tuple(
             certificate='ImAalsdkfjCert',
             private_key='ImAsdlfksdjPrivateKey',
             primary_cn="FakeCN"))
     self.assertEqual(
         sample_configs.sample_base_expected_config(
             frontend=fe, backend=be),
         rendered_obj)
コード例 #4
0
ファイル: test_jinja_cfg.py プロジェクト: johnsom/octavia
 def test_render_template_https(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option tcplog\n"
           "    maxconn 98\n"
           "    bind 10.0.0.2:443\n"
           "    mode tcp\n"
           "    default_backend sample_pool_id_1\n\n")
     be = ("backend sample_pool_id_1\n"
           "    mode tcp\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    option ssl-hello-chk\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_listener_tuple(proto='HTTPS'))
     self.assertEqual(sample_configs.sample_base_expected_config(
         frontend=fe, backend=be), rendered_obj)
コード例 #5
0
ファイル: test_jinja_cfg.py プロジェクト: sebrandon1/octavia
 def test_render_template_http_xff_xfport(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    option forwardfor\n"
           "    http-request set-header X-Forwarded-Port %[dst_port]\n"
           "    fullconn 98\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(
             insert_headers={'X-Forwarded-For': 'true',
                             'X-Forwarded-Port': 'true'}))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #6
0
    def test_render_template_udp_no_other_resources(self):
        exp = ("# Configuration for Loadbalancer sample_loadbalancer_id_1\n"
               "# Configuration for Listener sample_listener_id_1\n\n"
               "net_namespace amphora-haproxy\n\n\n")

        rendered_obj = self.udp_jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(
                proto=constants.PROTOCOL_UDP, monitor=False,
                persistence=False, alloc_default_pool=False))
        self.assertEqual(exp, rendered_obj)
コード例 #7
0
ファイル: test_ssh_driver.py プロジェクト: major/octavia
    def test_process_tls_certificates(self):
        listener = sample_configs.sample_listener_tuple(tls=True, sni=True)

        with mock.patch.object(cert_parser, 'build_pem') as bp:
            with mock.patch.object(cert_parser,
                                   'load_certificates_data') as cd:
                with mock.patch.object(cert_parser,
                                       'get_host_names') as cp:
                    with mock.patch.object(self.driver,
                                           '_exec_on_amphorae') as ea:
                        self.driver.barbican_client = mock.MagicMock()
                        cp.return_value = {'cn': 'fakeCN'}
                        pem = 'imapem'
                        bp.return_value = pem
                        tls_cont = data_models.TLSContainer(
                            primary_cn='fakecn',
                            certificate='fakecert',
                            private_key='fakepk')
                        sni_cont1 = data_models.TLSContainer(
                            primary_cn='fakecn1',
                            certificate='fakecert',
                            private_key='fakepk')
                        sni_cont2 = data_models.TLSContainer(
                            primary_cn='fakecn2',
                            certificate='fakecert',
                            private_key='fakepk')
                        cd.return_value = {'tls_cert': tls_cont,
                                           'sni_certs': [sni_cont1, sni_cont2]}

                        self.driver._process_tls_certificates(listener)

                        # Ensure upload_cert is called three times
                        calls_bbq = [mock.call(self.driver.cert_manager,
                                               listener)]
                        cd.assert_has_calls(calls_bbq)

                        calls_bp = [
                            mock.call(tls_cont),
                            mock.call(sni_cont1),
                            mock.call(sni_cont2)]
                        bp.assert_has_calls(calls_bp)

                        cert_dir = os.path.join(
                            self.driver.amp_config.base_cert_dir, listener.id)
                        cmd = 'chmod 600 {base_path}/*.pem'.format(
                            base_path=cert_dir)
                        listener_cert = '{0}/fakecn.pem'.format(cert_dir)

                        ea.assert_has_calls([
                            mock.call(listener.load_balancer.amphorae,
                                      [cmd], make_dir=cert_dir,
                                      data=[pem, pem, pem],
                                      upload_dir=listener_cert)])
コード例 #8
0
ファイル: test_jinja_cfg.py プロジェクト: johnsom/octavia
 def test_render_template_no_persistence_http(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    option forwardfor\n"
           "    server sample_member_id_1 10.0.0.99:82 weight 13\n"
           "    server sample_member_id_2 10.0.0.98:82 weight 13\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_listener_tuple(proto='HTTP', monitor=False,
                                              persistence=False))
     self.assertEqual(sample_configs.sample_base_expected_config(
         backend=be), rendered_obj)
コード例 #9
0
ファイル: test_ssh_driver.py プロジェクト: crc32a/octavia
 def setUp(self, mock_session):
     super(TestSshDriver, self).setUp()
     mock.MagicMock(keystone.get_session())
     self.driver = ssh_driver.HaproxyManager()
     self.listener = sample_configs.sample_listener_tuple()
     self.vip = sample_configs.sample_vip_tuple()
     self.amphora = models.Amphora()
     self.amphora.id = self.FAKE_UUID_1
     self.driver.cert_manager = mock.Mock(spec=cert_mgr.CertManager)
     self.driver.client = mock.Mock(spec=paramiko.SSHClient)
     self.driver.client.exec_command.return_value = (mock.Mock(), mock.Mock(), mock.Mock())
     self.driver.amp_config = mock.MagicMock()
     self.port = network_models.Port(mac_address="123")
コード例 #10
0
    def setUp(self):
        super(HaproxyAmphoraLoadBalancerDriverTest, self).setUp()
        self.driver = driver.HaproxyAmphoraLoadBalancerDriver()

        self.driver.cert_manager = mock.MagicMock()
        self.driver.client = mock.MagicMock()
        self.driver.jinja = mock.MagicMock()

        # Build sample Listener and VIP configs
        self.sl = sample_configs.sample_listener_tuple(tls=True, sni=True)
        self.amp = self.sl.load_balancer.amphorae[0]
        self.sv = sample_configs.sample_vip_tuple()
        self.lb = self.sl.load_balancer
        self.port = network_models.Port(mac_address='123')
コード例 #11
0
    def test_udp_transform_listener(self):
        in_listener = sample_configs.sample_listener_tuple(
            proto=constants.PROTOCOL_UDP,
            persistence_type=constants.SESSION_PERSISTENCE_SOURCE_IP,
            persistence_timeout=33,
            persistence_granularity='255.0.0.0',
            monitor_proto=constants.HEALTH_MONITOR_UDP_CONNECT,
            connection_limit=98
        )
        ret = self.udp_jinja_cfg._transform_listener(in_listener)
        self.assertEqual(sample_configs.RET_UDP_LISTENER, ret)

        in_listener = sample_configs.sample_listener_tuple(
            proto=constants.PROTOCOL_UDP,
            persistence_type=constants.SESSION_PERSISTENCE_SOURCE_IP,
            persistence_timeout=33,
            persistence_granularity='255.0.0.0',
            monitor_proto=constants.HEALTH_MONITOR_UDP_CONNECT,
            connection_limit=-1)

        ret = self.udp_jinja_cfg._transform_listener(in_listener)
        sample_configs.RET_UDP_LISTENER.pop('connection_limit')
        self.assertEqual(sample_configs.RET_UDP_LISTENER, ret)
コード例 #12
0
 def test_render_template_no_monitor_http(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    server sample_member_id_1 10.0.0.99:82 weight 13 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 weight 13 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(proto='HTTP', monitor=False))
     self.assertEqual(sample_configs.sample_base_expected_config(
         backend=be), rendered_obj)
コード例 #13
0
 def test_render_template_udp_source_ip(self):
     exp = ("# Configuration for Loadbalancer sample_loadbalancer_id_1\n"
            "# Configuration for Listener sample_listener_id_1\n\n"
            "net_namespace amphora-haproxy\n\n"
            "virtual_server 10.0.0.2 80 {\n"
            "    lb_algo rr\n"
            "    lb_kind NAT\n"
            "    protocol UDP\n"
            "    persistence_timeout 33\n"
            "    persistence_granularity 255.255.0.0\n"
            "    delay_loop 30\n"
            "    delay_before_retry 31\n"
            "    retry 3\n\n\n"
            "    # Configuration for Pool sample_pool_id_1\n"
            "    # Configuration for HealthMonitor sample_monitor_id_1\n"
            "    # Configuration for Member sample_member_id_1\n"
            "    real_server 10.0.0.99 82 {\n"
            "        weight 13\n"
            "        uthreshold 98\n"
            "        delay_before_retry 31\n"
            "        retry 3\n"
            "        MISC_CHECK {\n"
            "            misc_path \"/var/lib/octavia/lvs/check/"
            "udp_check.sh 10.0.0.99 82\"\n"
            "            misc_timeout 30\n"
            "        }\n"
            "    }\n\n"
            "    # Configuration for Member sample_member_id_2\n"
            "    real_server 10.0.0.98 82 {\n"
            "        weight 13\n"
            "        uthreshold 98\n"
            "        delay_before_retry 31\n"
            "        retry 3\n"
            "        MISC_CHECK {\n"
            "            misc_path \"/var/lib/octavia/lvs/check/"
            "udp_check.sh 10.0.0.98 82\"\n"
            "            misc_timeout 30\n"
            "        }\n"
            "    }\n\n"
            "}\n\n")
     rendered_obj = self.udp_jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_listener_tuple(
             proto=constants.PROTOCOL_UDP,
             persistence_type=constants.SESSION_PERSISTENCE_SOURCE_IP,
             persistence_timeout=33,
             persistence_granularity='255.255.0.0',
             monitor_proto=constants.HEALTH_MONITOR_UDP_CONNECT,
             connection_limit=98))
     self.assertEqual(exp, rendered_obj)
コード例 #14
0
ファイル: test_jinja_cfg.py プロジェクト: sebrandon1/octavia
 def test_render_template_l7policies(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option httplog\n"
           "    maxconn 98\n"
           "    bind 10.0.0.2:80\n"
           "    mode http\n"
           "        acl sample_l7rule_id_1 path -m beg /api\n"
           "    use_backend sample_pool_id_2 if sample_l7rule_id_1\n"
           "        acl sample_l7rule_id_2 req.hdr(Some-header) -m sub "
           "This\\ string\\\\\\ with\\ stuff\n"
           "        acl sample_l7rule_id_3 req.cook(some-cookie) -m reg "
           "this.*|that\n"
           "    redirect location http://www.example.com if "
           "!sample_l7rule_id_2 sample_l7rule_id_3\n"
           "        acl sample_l7rule_id_4 path_end -m str jpg\n"
           "        acl sample_l7rule_id_5 req.hdr(host) -i -m end "
           ".example.com\n"
           "    http-request deny if sample_l7rule_id_4 "
           "sample_l7rule_id_5\n"
           "    default_backend sample_pool_id_1\n\n")
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn 98\n"
           "    server sample_member_id_1 10.0.0.99:82 weight 13 check "
           "inter 30s fall 3 rise 2 cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 weight 13 check "
           "inter 30s fall 3 rise 2 cookie sample_member_id_2\n"
           "\n"
           "backend sample_pool_id_2\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /healthmon.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn 98\n"
           "    server sample_member_id_3 10.0.0.97:82 weight 13 check "
           "inter 30s fall 3 rise 2 cookie sample_member_id_3\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(l7=True))
     self.assertEqual(sample_configs.sample_base_expected_config(
         frontend=fe, backend=be), rendered_obj)
コード例 #15
0
ファイル: test_ssh_driver.py プロジェクト: major/octavia
    def test_start(self):
        # Build sample Listener and VIP configs
        listener = sample_configs.sample_listener_tuple(
            tls=True, sni=True)
        vip = sample_configs.sample_vip_tuple()

        # Execute driver method
        self.driver.start(listener, vip)
        self.driver.client.connect.assert_called_once_with(
            hostname=listener.load_balancer.amphorae[0].lb_network_ip,
            key_filename=self.driver.amp_config.key_path,
            username=self.driver.amp_config.username)
        self.driver.client.exec_command.assert_called_once_with(
            'sudo haproxy -f {0}/{1}/haproxy.cfg -p {0}/{1}/{1}.pid'.format(
                self.driver.amp_config.base_path, listener.id))
        self.driver.client.close.assert_called_once_with()
コード例 #16
0
ファイル: test_cert_parser.py プロジェクト: kaurikim/octavia
    def test_load_certificates(self):
        listener = sample_configs.sample_listener_tuple(tls=True, sni=True)
        client = mock.MagicMock()
        with mock.patch.object(cert_parser,
                               'get_host_names') as cp:
            with mock.patch.object(cert_parser,
                                   '_map_cert_tls_container'):
                cp.return_value = {'cn': 'fakeCN'}
                cert_parser.load_certificates_data(client, listener)

                # Ensure upload_cert is called three times
                calls_cert_mngr = [
                    mock.call.get_cert('cont_id_1', check_only=True),
                    mock.call.get_cert('cont_id_2', check_only=True),
                    mock.call.get_cert('cont_id_3', check_only=True)
                ]
                client.assert_has_calls(calls_cert_mngr)
コード例 #17
0
ファイル: test_ssh_driver.py プロジェクト: crc32a/octavia
    def test_process_tls_certificates(self):
        listener = sample_configs.sample_listener_tuple(tls=True, sni=True)

        with mock.patch.object(cert_parser, "build_pem") as bp:
            with mock.patch.object(cert_parser, "load_certificates_data") as cd:
                with mock.patch.object(cert_parser, "get_host_names") as cp:
                    with mock.patch.object(self.driver, "_exec_on_amphorae") as ea:
                        self.driver.barbican_client = mock.MagicMock()
                        cp.return_value = {"cn": "fakeCN"}
                        pem = "imapem"
                        bp.return_value = pem
                        tls_cont = data_models.TLSContainer(
                            primary_cn="fakecn", certificate="fakecert", private_key="fakepk"
                        )
                        sni_cont1 = data_models.TLSContainer(
                            primary_cn="fakecn1", certificate="fakecert", private_key="fakepk"
                        )
                        sni_cont2 = data_models.TLSContainer(
                            primary_cn="fakecn2", certificate="fakecert", private_key="fakepk"
                        )
                        cd.return_value = {"tls_cert": tls_cont, "sni_certs": [sni_cont1, sni_cont2]}

                        self.driver._process_tls_certificates(listener)

                        # Ensure upload_cert is called three times
                        calls_bbq = [mock.call(self.driver.cert_manager, listener)]
                        cd.assert_has_calls(calls_bbq)

                        calls_bp = [mock.call(tls_cont), mock.call(sni_cont1), mock.call(sni_cont2)]
                        bp.assert_has_calls(calls_bp)

                        cert_dir = os.path.join(self.driver.amp_config.base_cert_dir, listener.id)
                        cmd = "chmod 600 {base_path}/*.pem".format(base_path=cert_dir)
                        listener_cert = "{0}/fakecn.pem".format(cert_dir)

                        ea.assert_has_calls(
                            [
                                mock.call(
                                    listener.load_balancer.amphorae,
                                    [cmd],
                                    make_dir=cert_dir,
                                    data=[pem, pem, pem],
                                    upload_dir=listener_cert,
                                )
                            ]
                        )
コード例 #18
0
ファイル: test_jinja_cfg.py プロジェクト: johnsom/octavia
 def test_render_template_no_persistence_https(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option tcplog\n"
           "    maxconn 98\n"
           "    bind 10.0.0.2:443\n"
           "    mode tcp\n"
           "    default_backend sample_pool_id_1\n\n")
     be = ("backend sample_pool_id_1\n"
           "    mode tcp\n"
           "    balance roundrobin\n"
           "    server sample_member_id_1 10.0.0.99:82 weight 13\n"
           "    server sample_member_id_2 10.0.0.98:82 weight 13\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_listener_tuple(proto='HTTPS', monitor=False,
                                              persistence=False))
     self.assertEqual(sample_configs.sample_base_expected_config(
         frontend=fe, backend=be), rendered_obj)
コード例 #19
0
ファイル: test_jinja_cfg.py プロジェクト: johnsom/octavia
 def test_render_template_http(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    option forwardfor\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_listener_tuple())
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #20
0
ファイル: test_jinja_cfg.py プロジェクト: johnsom/octavia
 def test_render_template_sourceip_persistence(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    stick-table type ip size 10k\n"
           "    stick on src\n"
           "    timeout check 31\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    option forwardfor\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_listener_tuple(
             persistence_type='SOURCE_IP'))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #21
0
 def test_render_template_appcookie_persistence(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    stick-table type string len 64 size 10k\n"
           "    stick store-response res.cook(JSESSIONID)\n"
           "    stick match req.cook(JSESSIONID)\n"
           "    timeout check 31\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(
             persistence_type='APP_COOKIE',
             persistence_cookie='JSESSIONID'))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #22
0
    def setUp(self):
        super(TestHaproxyAmphoraLoadBalancerDriverTest, self).setUp()

        DEST1 = '198.51.100.0/24'
        DEST2 = '203.0.113.0/24'
        NEXTHOP = '192.0.2.1'

        self.driver = driver.HaproxyAmphoraLoadBalancerDriver()

        self.driver.cert_manager = mock.MagicMock()
        self.driver.cert_parser = mock.MagicMock()
        self.driver.client = mock.MagicMock()
        self.driver.jinja = mock.MagicMock()

        # Build sample Listener and VIP configs
        self.sl = sample_configs.sample_listener_tuple(tls=True, sni=True)
        self.amp = self.sl.load_balancer.amphorae[0]
        self.sv = sample_configs.sample_vip_tuple()
        self.lb = self.sl.load_balancer
        self.fixed_ip = mock.MagicMock()
        self.fixed_ip.ip_address = '198.51.100.5'
        self.fixed_ip.subnet.cidr = '198.51.100.0/24'
        self.network = network_models.Network(mtu=FAKE_MTU)
        self.port = network_models.Port(mac_address=FAKE_MAC_ADDRESS,
                                        fixed_ips=[self.fixed_ip],
                                        network=self.network)

        self.host_routes = [network_models.HostRoute(destination=DEST1,
                                                     nexthop=NEXTHOP),
                            network_models.HostRoute(destination=DEST2,
                                                     nexthop=NEXTHOP)]
        host_routes_data = [{'destination': DEST1, 'nexthop': NEXTHOP},
                            {'destination': DEST2, 'nexthop': NEXTHOP}]
        self.subnet_info = {'subnet_cidr': FAKE_CIDR,
                            'gateway': FAKE_GATEWAY,
                            'mac_address': FAKE_MAC_ADDRESS,
                            'vrrp_ip': self.amp.vrrp_ip,
                            'mtu': FAKE_MTU,
                            'host_routes': host_routes_data}
コード例 #23
0
ファイル: test_ssh_driver.py プロジェクト: kaurikim/octavia
    def test_delete(self):

        # Build sample Listener and VIP configs
        listener = sample_configs.sample_listener_tuple(
            tls=True, sni=True)
        vip = sample_configs.sample_vip_tuple()

        # Execute driver method
        self.driver.delete(listener, vip)

        # Verify call
        self.driver.client.connect.assert_called_once_with(
            hostname=listener.load_balancer.amphorae[0].lb_network_ip,
            key_filename=self.driver.amp_config.key_path,
            username=self.driver.amp_config.username)
        exec_command_calls = [
            mock.call('sudo kill -9 $(cat {0}/sample_listener_id_1'
                      '/sample_listener_id_1.pid)'
                      .format(self.driver.amp_config.base_path)),
            mock.call('sudo rm -rf {0}/sample_listener_id_1'.format(
                      self.driver.amp_config.base_path))]
        self.driver.client.exec_command.assert_has_calls(exec_command_calls)
        self.driver.client.close.assert_called_once_with()
コード例 #24
0
ファイル: test_jinja_cfg.py プロジェクト: problemv/octavia
 def test_render_template_appcookie_persistence(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    stick-table type string len 64 size 10k\n"
           "    stick store-response res.cook(JSESSIONID)\n"
           "    stick match req.cook(JSESSIONID)\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn 98\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(
             persistence_type='APP_COOKIE',
             persistence_cookie='JSESSIONID'))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #25
0
 def test_render_template_pool_proxy_protocol(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    fullconn {maxconn}\n"
           "    option allbackups\n"
           "    timeout connect 5000\n"
           "    timeout server 50000\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1 send-proxy\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_2 send-proxy\n\n").format(
               maxconn=constants.HAPROXY_MAX_MAXCONN)
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(be_proto='PROXY'))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #26
0
ファイル: test_ssh_driver.py プロジェクト: major/octavia
    def test_delete(self):

        # Build sample Listener and VIP configs
        listener = sample_configs.sample_listener_tuple(
            tls=True, sni=True)
        vip = sample_configs.sample_vip_tuple()

        # Execute driver method
        self.driver.delete(listener, vip)

        # Verify call
        self.driver.client.connect.assert_called_once_with(
            hostname=listener.load_balancer.amphorae[0].lb_network_ip,
            key_filename=self.driver.amp_config.key_path,
            username=self.driver.amp_config.username)
        exec_command_calls = [
            mock.call('sudo kill -9 $(cat {0}/sample_listener_id_1'
                      '/sample_listener_id_1.pid)'
                      .format(self.driver.amp_config.base_path)),
            mock.call('sudo rm -rf {0}/sample_listener_id_1'.format(
                      self.driver.amp_config.base_path))]
        self.driver.client.exec_command.assert_has_calls(exec_command_calls)
        self.driver.client.close.assert_called_once_with()
コード例 #27
0
ファイル: test_jinja_cfg.py プロジェクト: problemv/octavia
 def test_render_template_http_xff(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    option forwardfor\n"
           "    fullconn 98\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(
             insert_headers={'X-Forwarded-For': 'true'}))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #28
0
ファイル: test_jinja_cfg.py プロジェクト: syoder89/octavia
 def test_render_template_sourceip_persistence(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    stick-table type ip size 10k\n"
           "    stick on src\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn 98\n"
           "    option allbackups\n"
           "    timeout connect 5000\n"
           "    timeout server 50000\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(persistence_type='SOURCE_IP'))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #29
0
ファイル: test_jinja_cfg.py プロジェクト: problemv/octavia
 def test_render_template_no_monitor_https(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option tcplog\n"
           "    maxconn 98\n"
           "    bind 10.0.0.2:443\n"
           "    mode tcp\n"
           "    default_backend sample_pool_id_1\n\n")
     be = ("backend sample_pool_id_1\n"
           "    mode tcp\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    fullconn 98\n"
           "    server sample_member_id_1 10.0.0.99:82 weight 13 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 weight 13 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(proto='HTTPS', monitor=False))
     self.assertEqual(
         sample_configs.sample_base_expected_config(frontend=fe,
                                                    backend=be),
         rendered_obj)
コード例 #30
0
 def test_render_template_tls(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option tcplog\n"
           "    maxconn 98\n"
           "    option forwardfor\n"
           "    bind 10.0.0.2:443 "
           "ssl crt /var/lib/octavia/certs/"
           "sample_listener_id_1/FakeCN.pem "
           "crt /var/lib/octavia/certs/sample_listener_id_1\n"
           "    mode http\n"
           "    default_backend sample_pool_id_1\n\n")
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    redirect scheme https if !{ ssl_fc }\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    option forwardfor\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 cookie "
           "sample_member_id_2\n\n")
     tls_tupe = sample_configs.sample_tls_container_tuple(
         certificate='imaCert1', private_key='imaPrivateKey1',
         primary_cn='FakeCN')
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_listener_tuple(proto='TERMINATED_HTTPS',
                                              tls=True, sni=True),
         tls_tupe)
     self.assertEqual(
         sample_configs.sample_base_expected_config(
             frontend=fe, backend=be),
         rendered_obj)
コード例 #31
0
 def test_render_template_tls_no_sni(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option httplog\n"
           "    maxconn 98\n"
           "    redirect scheme https if !{ ssl_fc }\n"
           "    bind 10.0.0.2:443 "
           "ssl crt /var/lib/octavia/certs/"
           "sample_listener_id_1/FakeCN.pem\n"
           "    mode http\n"
           "    default_backend sample_pool_id_1\n\n")
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn 98\n"
           "    option allbackups\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(proto='TERMINATED_HTTPS',
                                              tls=True),
         tls_cert=sample_configs.sample_tls_container_tuple(
             certificate='ImAalsdkfjCert',
             private_key='ImAsdlfksdjPrivateKey',
             primary_cn="FakeCN"))
     self.assertEqual(
         sample_configs.sample_base_expected_config(frontend=fe,
                                                    backend=be),
         rendered_obj)
コード例 #32
0
 def test_render_template_ping_monitor_http(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option external-check\n"
           "    external-check command /var/lib/octavia/ping-wrapper.sh\n"
           "    fullconn 98\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "cookie sample_member_id_2\n\n")
     go = "    maxconn 98\n    external-check\n\n"
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(proto='HTTP',
                                              monitor_proto='PING'))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be,
                                                    global_opts=go),
         rendered_obj)
コード例 #33
0
 def test_render_template_member_monitor_addr_port(self):
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn 98\n"
           "    option allbackups\n"
           "    server sample_member_id_1 10.0.0.99:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "addr 192.168.1.1 port 9000 "
           "cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 "
           "weight 13 check inter 30s fall 3 rise 2 "
           "addr 192.168.1.1 port 9000 "
           "cookie sample_member_id_2\n\n")
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(monitor_ip_port=True))
     self.assertEqual(
         sample_configs.sample_base_expected_config(backend=be),
         rendered_obj)
コード例 #34
0
ファイル: test_jinja_cfg.py プロジェクト: stevens2017/octavia
 def test_render_template_null_timeouts(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option httplog\n"
           "    maxconn {maxconn}\n"
           "    bind 10.0.0.2:80\n"
           "    mode http\n"
           "    default_backend sample_pool_id_1\n"
           "    timeout client 50000\n\n").format(
               maxconn=constants.HAPROXY_MAX_MAXCONN)
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    http-reuse safe\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn {maxconn}\n"
           "    option allbackups\n"
           "    timeout connect 5000\n"
           "    timeout server 50000\n"
           "    server sample_member_id_1 10.0.0.99:82 weight 13 "
           "check inter 30s fall 3 rise 2 cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 weight 13 "
           "check inter 30s fall 3 rise 2 cookie "
           "sample_member_id_2\n\n").format(
               maxconn=constants.HAPROXY_MAX_MAXCONN)
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(timeout_member_connect=None,
                                              timeout_client_data=None,
                                              timeout_member_data=None))
     self.assertEqual(
         sample_configs.sample_base_expected_config(frontend=fe,
                                                    backend=be),
         rendered_obj)
コード例 #35
0
ファイル: test_listener.py プロジェクト: kaurikim/octavia
    def test_parse_haproxy_config(self):
        # template_tls
        tls_tupe = sample_configs.sample_tls_container_tuple(
            certificate='imaCert1',
            private_key='imaPrivateKey1',
            primary_cn='FakeCN')
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(proto='TERMINATED_HTTPS',
                                                 tls=True,
                                                 sni=True), tls_tupe)

        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch('%s.open' % BUILTINS, m, create=True):
            res = listener._parse_haproxy_file('123')
            self.assertEqual('TERMINATED_HTTPS', res['mode'])
            self.assertEqual('/var/lib/octavia/sample_listener_id_1.sock',
                             res['stats_socket'])
            self.assertEqual(
                '/var/lib/octavia/certs/sample_listener_id_1/FakeCN.pem',
                res['ssl_crt'])

        # render_template_tls_no_sni
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(proto='TERMINATED_HTTPS',
                                                 tls=True),
            tls_cert=sample_configs.sample_tls_container_tuple(
                certificate='ImAalsdkfjCert',
                private_key='ImAsdlfksdjPrivateKey',
                primary_cn="FakeCN"))

        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch('%s.open' % BUILTINS, m, create=True):
            res = listener._parse_haproxy_file('123')
            self.assertEqual('TERMINATED_HTTPS', res['mode'])
            self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                             res['stats_socket'])
            self.assertEqual(
                BASE_CRT_PATH + '/sample_listener_id_1/FakeCN.pem',
                res['ssl_crt'])

        # render_template_http
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple())
        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch('%s.open' % BUILTINS, m, create=True):
            res = listener._parse_haproxy_file('123')
            self.assertEqual('HTTP', res['mode'])
            self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                             res['stats_socket'])
            self.assertIsNone(res['ssl_crt'])

        # template_https
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(proto='HTTPS'))
        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch('%s.open' % BUILTINS, m, create=True):
            res = listener._parse_haproxy_file('123')
            self.assertEqual('TCP', res['mode'])
            self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                             res['stats_socket'])
            self.assertIsNone(res['ssl_crt'])

        # Bogus format
        m = mock.mock_open(read_data='Bogus')

        with mock.patch('%s.open' % BUILTINS, m, create=True):
            try:
                res = listener._parse_haproxy_file('123')
                self.fail("No Exception?")
            except listener.ParsingError:
                pass
コード例 #36
0
    def setUp(self):
        super(TestHaproxyAmphoraLoadBalancerDriverTest, self).setUp()

        conf = oslo_fixture.Config(cfg.CONF)
        conf.config(group="haproxy_amphora", user_group="everyone")

        DEST1 = '198.51.100.0/24'
        DEST2 = '203.0.113.0/24'
        NEXTHOP = '192.0.2.1'

        self.driver = driver.HaproxyAmphoraLoadBalancerDriver()

        self.driver.cert_manager = mock.MagicMock()
        self.driver.cert_parser = mock.MagicMock()
        self.driver.client = mock.MagicMock()
        self.driver.jinja = mock.MagicMock()
        self.driver.udp_jinja = mock.MagicMock()

        # Build sample Listener and VIP configs
        self.sl = sample_configs.sample_listener_tuple(tls=True, sni=True)
        self.sl_udp = sample_configs.sample_listener_tuple(
            proto=constants.PROTOCOL_UDP,
            persistence_type=constants.SESSION_PERSISTENCE_SOURCE_IP,
            persistence_timeout=33,
            persistence_granularity='255.255.0.0',
            monitor_proto=constants.HEALTH_MONITOR_UDP_CONNECT)
        self.amp = self.sl.load_balancer.amphorae[0]
        self.sv = sample_configs.sample_vip_tuple()
        self.lb = self.sl.load_balancer
        self.fixed_ip = mock.MagicMock()
        self.fixed_ip.ip_address = '198.51.100.5'
        self.fixed_ip.subnet.cidr = '198.51.100.0/24'
        self.network = network_models.Network(mtu=FAKE_MTU)
        self.port = network_models.Port(mac_address=FAKE_MAC_ADDRESS,
                                        fixed_ips=[self.fixed_ip],
                                        network=self.network)

        self.host_routes = [
            network_models.HostRoute(destination=DEST1, nexthop=NEXTHOP),
            network_models.HostRoute(destination=DEST2, nexthop=NEXTHOP)
        ]
        host_routes_data = [{
            'destination': DEST1,
            'nexthop': NEXTHOP
        }, {
            'destination': DEST2,
            'nexthop': NEXTHOP
        }]
        self.subnet_info = {
            'subnet_cidr': FAKE_CIDR,
            'gateway': FAKE_GATEWAY,
            'mac_address': FAKE_MAC_ADDRESS,
            'vrrp_ip': self.amp.vrrp_ip,
            'mtu': FAKE_MTU,
            'host_routes': host_routes_data
        }

        self.timeout_dict = {
            constants.REQ_CONN_TIMEOUT: 1,
            constants.REQ_READ_TIMEOUT: 2,
            constants.CONN_MAX_RETRIES: 3,
            constants.CONN_RETRY_INTERVAL: 4
        }
コード例 #37
0
    def test_parse_haproxy_config(self):
        # template_tls
        tls_tupe = sample_configs.sample_tls_container_tuple(
            certificate='imaCert1', private_key='imaPrivateKey1',
            primary_cn='FakeCN')
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(proto='TERMINATED_HTTPS',
                                                 tls=True, sni=True),
            tls_tupe)

        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch.object(builtins, 'open', m, create=True):
            res = listener._parse_haproxy_file('123')
            self.assertEqual('TERMINATED_HTTPS', res['mode'])
            self.assertEqual('/var/lib/octavia/sample_listener_id_1.sock',
                             res['stats_socket'])
            self.assertEqual(
                '/var/lib/octavia/certs/sample_listener_id_1/FakeCN.pem',
                res['ssl_crt'])

        # render_template_tls_no_sni
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(
                proto='TERMINATED_HTTPS', tls=True),
            tls_cert=sample_configs.sample_tls_container_tuple(
                certificate='ImAalsdkfjCert',
                private_key='ImAsdlfksdjPrivateKey',
                primary_cn="FakeCN"))

        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch.object(builtins, 'open', m, create=True):
            res = listener._parse_haproxy_file('123')
            self.assertEqual('TERMINATED_HTTPS', res['mode'])
            self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                             res['stats_socket'])
            self.assertEqual(
                BASE_CRT_PATH + '/sample_listener_id_1/FakeCN.pem',
                res['ssl_crt'])

        # render_template_http
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple())
        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch.object(builtins, 'open', m, create=True):
            res = listener._parse_haproxy_file('123')
            self.assertEqual('HTTP', res['mode'])
            self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                             res['stats_socket'])
            self.assertIsNone(res['ssl_crt'])

        # template_https
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(proto='HTTPS'))
        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch.object(builtins, 'open', m, create=True):
            res = listener._parse_haproxy_file('123')
            self.assertEqual('TCP', res['mode'])
            self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                             res['stats_socket'])
            self.assertIsNone(res['ssl_crt'])

        # Bogus format
        m = mock.mock_open(read_data='Bogus')

        with mock.patch.object(builtins, 'open', m, create=True):
            try:
                res = listener._parse_haproxy_file('123')
                self.fail("No Exception?")
            except listener.ParsingError:
                pass
コード例 #38
0
ファイル: test_jinja_cfg.py プロジェクト: stevens2017/octavia
 def test_render_template_l7policies(self):
     fe = ("frontend sample_listener_id_1\n"
           "    option httplog\n"
           "    maxconn {maxconn}\n"
           "    bind 10.0.0.2:80\n"
           "    mode http\n"
           "        acl sample_l7rule_id_1 path -m beg /api\n"
           "    use_backend sample_pool_id_2 if sample_l7rule_id_1\n"
           "        acl sample_l7rule_id_2 req.hdr(Some-header) -m sub "
           "This\\ string\\\\\\ with\\ stuff\n"
           "        acl sample_l7rule_id_3 req.cook(some-cookie) -m reg "
           "this.*|that\n"
           "    redirect location http://www.example.com if "
           "!sample_l7rule_id_2 sample_l7rule_id_3\n"
           "        acl sample_l7rule_id_4 path_end -m str jpg\n"
           "        acl sample_l7rule_id_5 req.hdr(host) -i -m end "
           ".example.com\n"
           "    http-request deny if sample_l7rule_id_4 "
           "sample_l7rule_id_5\n"
           "    default_backend sample_pool_id_1\n"
           "    timeout client 50000\n\n").format(
               maxconn=constants.HAPROXY_MAX_MAXCONN)
     be = ("backend sample_pool_id_1\n"
           "    mode http\n"
           "    http-reuse safe\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /index.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn {maxconn}\n"
           "    option allbackups\n"
           "    timeout connect 5000\n"
           "    timeout server 50000\n"
           "    server sample_member_id_1 10.0.0.99:82 weight 13 check "
           "inter 30s fall 3 rise 2 cookie sample_member_id_1\n"
           "    server sample_member_id_2 10.0.0.98:82 weight 13 check "
           "inter 30s fall 3 rise 2 cookie sample_member_id_2\n"
           "\n"
           "backend sample_pool_id_2\n"
           "    mode http\n"
           "    http-reuse safe\n"
           "    balance roundrobin\n"
           "    cookie SRV insert indirect nocache\n"
           "    timeout check 31s\n"
           "    option httpchk GET /healthmon.html\n"
           "    http-check expect rstatus 418\n"
           "    fullconn {maxconn}\n"
           "    option allbackups\n"
           "    timeout connect 5000\n"
           "    timeout server 50000\n"
           "    server sample_member_id_3 10.0.0.97:82 weight 13 check "
           "inter 30s fall 3 rise 2 cookie sample_member_id_3\n\n").format(
               maxconn=constants.HAPROXY_MAX_MAXCONN)
     rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
         sample_configs.sample_amphora_tuple(),
         sample_configs.sample_listener_tuple(l7=True))
     self.assertEqual(
         sample_configs.sample_base_expected_config(frontend=fe,
                                                    backend=be),
         rendered_obj)
コード例 #39
0
 def test_transform_listener_with_l7(self):
     in_listener = sample_configs.sample_listener_tuple(l7=True)
     ret = self.jinja_cfg._transform_listener(in_listener, None, {})
     self.assertEqual(sample_configs.RET_LISTENER_L7, ret)
コード例 #40
0
    def test_parse_haproxy_config(self):
        # template_tls
        tls_tupe = sample_configs.sample_tls_container_tuple(
            id='tls_container_id',
            certificate='imaCert1',
            private_key='imaPrivateKey1',
            primary_cn='FakeCN')
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_amphora_tuple(),
            sample_configs.sample_listener_tuple(proto='TERMINATED_HTTPS',
                                                 tls=True,
                                                 sni=True), tls_tupe)

        path = agent_util.config_path(LISTENER_ID1)
        self.useFixture(test_utils.OpenFixture(path, rendered_obj))

        res = self.test_listener._parse_haproxy_file(LISTENER_ID1)
        self.assertEqual('TERMINATED_HTTPS', res['mode'])
        self.assertEqual('/var/lib/octavia/sample_listener_id_1.sock',
                         res['stats_socket'])
        self.assertEqual(
            '/var/lib/octavia/certs/sample_listener_id_1/tls_container_id.pem',
            res['ssl_crt'])

        # render_template_tls_no_sni
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_amphora_tuple(),
            sample_configs.sample_listener_tuple(proto='TERMINATED_HTTPS',
                                                 tls=True),
            tls_cert=sample_configs.sample_tls_container_tuple(
                id='tls_container_id',
                certificate='ImAalsdkfjCert',
                private_key='ImAsdlfksdjPrivateKey',
                primary_cn="FakeCN"))

        self.useFixture(test_utils.OpenFixture(path, rendered_obj))

        res = self.test_listener._parse_haproxy_file(LISTENER_ID1)
        self.assertEqual('TERMINATED_HTTPS', res['mode'])
        self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                         res['stats_socket'])
        self.assertEqual(
            BASE_CRT_PATH + '/sample_listener_id_1/tls_container_id.pem',
            res['ssl_crt'])

        # render_template_http
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_amphora_tuple(),
            sample_configs.sample_listener_tuple())

        self.useFixture(test_utils.OpenFixture(path, rendered_obj))

        res = self.test_listener._parse_haproxy_file(LISTENER_ID1)
        self.assertEqual('HTTP', res['mode'])
        self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                         res['stats_socket'])
        self.assertIsNone(res['ssl_crt'])

        # template_https
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_amphora_tuple(),
            sample_configs.sample_listener_tuple(proto='HTTPS'))
        self.useFixture(test_utils.OpenFixture(path, rendered_obj))

        res = self.test_listener._parse_haproxy_file(LISTENER_ID1)
        self.assertEqual('TCP', res['mode'])
        self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                         res['stats_socket'])
        self.assertIsNone(res['ssl_crt'])

        # Bogus format
        self.useFixture(test_utils.OpenFixture(path, 'Bogus'))
        try:
            res = self.test_listener._parse_haproxy_file(LISTENER_ID1)
            self.fail("No Exception?")
        except listener.ParsingError:
            pass
コード例 #41
0
 def test_transform_loadbalancer(self):
     in_listener = sample_configs.sample_listener_tuple()
     ret = self.jinja_cfg._transform_loadbalancer(
         in_listener.load_balancer, in_listener, None)
     self.assertEqual(sample_configs.RET_LB, ret)
コード例 #42
0
 def test_transform_loadbalancer_with_l7(self):
     in_amphora = sample_configs.sample_amphora_tuple()
     in_listener = sample_configs.sample_listener_tuple(l7=True)
     ret = self.jinja_cfg._transform_loadbalancer(
         in_amphora, in_listener.load_balancer, in_listener, None)
     self.assertEqual(sample_configs.RET_LB_L7, ret)
コード例 #43
0
 def test_transform_listener(self):
     in_listener = sample_configs.sample_listener_tuple()
     ret = self.jinja_cfg._transform_listener(in_listener, None)
     self.assertEqual(sample_configs.RET_LISTENER, ret)
コード例 #44
0
    def test_parse_haproxy_config(self):
        # template_tls
        tls_tupe = sample_configs.sample_tls_container_tuple(
            certificate='imaCert1', private_key='imaPrivateKey1',
            primary_cn='FakeCN')
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_amphora_tuple(),
            sample_configs.sample_listener_tuple(proto='TERMINATED_HTTPS',
                                                 tls=True, sni=True),
            tls_tupe)

        path = agent_util.config_path(LISTENER_ID1)
        self.useFixture(test_utils.OpenFixture(path, rendered_obj))

        res = listener._parse_haproxy_file(LISTENER_ID1)
        self.assertEqual('TERMINATED_HTTPS', res['mode'])
        self.assertEqual('/var/lib/octavia/sample_listener_id_1.sock',
                         res['stats_socket'])
        self.assertEqual(
            '/var/lib/octavia/certs/sample_listener_id_1/FakeCN.pem',
            res['ssl_crt'])

        # render_template_tls_no_sni
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_amphora_tuple(),
            sample_configs.sample_listener_tuple(
                proto='TERMINATED_HTTPS', tls=True),
            tls_cert=sample_configs.sample_tls_container_tuple(
                certificate='ImAalsdkfjCert',
                private_key='ImAsdlfksdjPrivateKey',
                primary_cn="FakeCN"))

        self.useFixture(test_utils.OpenFixture(path, rendered_obj))

        res = listener._parse_haproxy_file(LISTENER_ID1)
        self.assertEqual('TERMINATED_HTTPS', res['mode'])
        self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                         res['stats_socket'])
        self.assertEqual(
            BASE_CRT_PATH + '/sample_listener_id_1/FakeCN.pem',
            res['ssl_crt'])

        # render_template_http
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_amphora_tuple(),
            sample_configs.sample_listener_tuple())

        self.useFixture(test_utils.OpenFixture(path, rendered_obj))

        res = listener._parse_haproxy_file(LISTENER_ID1)
        self.assertEqual('HTTP', res['mode'])
        self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                         res['stats_socket'])
        self.assertIsNone(res['ssl_crt'])

        # template_https
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_amphora_tuple(),
            sample_configs.sample_listener_tuple(proto='HTTPS'))
        self.useFixture(test_utils.OpenFixture(path, rendered_obj))

        res = listener._parse_haproxy_file(LISTENER_ID1)
        self.assertEqual('TCP', res['mode'])
        self.assertEqual(BASE_AMP_PATH + '/sample_listener_id_1.sock',
                         res['stats_socket'])
        self.assertIsNone(res['ssl_crt'])

        # Bogus format
        self.useFixture(test_utils.OpenFixture(path, 'Bogus'))
        try:
            res = listener._parse_haproxy_file(LISTENER_ID1)
            self.fail("No Exception?")
        except listener.ParsingError:
            pass
コード例 #45
0
ファイル: test_jinja_cfg.py プロジェクト: BoTranVan/octavia
 def test_transform_loadbalancer_with_l7(self):
     in_amphora = sample_configs.sample_amphora_tuple()
     in_listener = sample_configs.sample_listener_tuple(l7=True)
     ret = self.jinja_cfg._transform_loadbalancer(
         in_amphora, in_listener.load_balancer, in_listener, None)
     self.assertEqual(sample_configs.RET_LB_L7, ret)
コード例 #46
0
ファイル: test_listener.py プロジェクト: kaurikim/octavia
    def test_parse_haproxy_config(self):
        # template_tls
        tls_tupe = sample_configs.sample_tls_container_tuple(
            certificate="imaCert1", private_key="imaPrivateKey1", primary_cn="FakeCN"
        )
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(proto="TERMINATED_HTTPS", tls=True, sni=True), tls_tupe
        )

        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch("%s.open" % BUILTINS, m, create=True):
            res = listener._parse_haproxy_file("123")
            self.assertEqual("TERMINATED_HTTPS", res["mode"])
            self.assertEqual("/var/lib/octavia/sample_listener_id_1.sock", res["stats_socket"])
            self.assertEqual("/var/lib/octavia/certs/sample_listener_id_1/FakeCN.pem", res["ssl_crt"])

        # render_template_tls_no_sni
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
            sample_configs.sample_listener_tuple(proto="TERMINATED_HTTPS", tls=True),
            tls_cert=sample_configs.sample_tls_container_tuple(
                certificate="ImAalsdkfjCert", private_key="ImAsdlfksdjPrivateKey", primary_cn="FakeCN"
            ),
        )

        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch("%s.open" % BUILTINS, m, create=True):
            res = listener._parse_haproxy_file("123")
            self.assertEqual("TERMINATED_HTTPS", res["mode"])
            self.assertEqual(BASE_AMP_PATH + "/sample_listener_id_1.sock", res["stats_socket"])
            self.assertEqual(BASE_CRT_PATH + "/sample_listener_id_1/FakeCN.pem", res["ssl_crt"])

        # render_template_http
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(sample_configs.sample_listener_tuple())
        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch("%s.open" % BUILTINS, m, create=True):
            res = listener._parse_haproxy_file("123")
            self.assertEqual("HTTP", res["mode"])
            self.assertEqual(BASE_AMP_PATH + "/sample_listener_id_1.sock", res["stats_socket"])
            self.assertIsNone(res["ssl_crt"])

        # template_https
        rendered_obj = self.jinja_cfg.render_loadbalancer_obj(sample_configs.sample_listener_tuple(proto="HTTPS"))
        m = mock.mock_open(read_data=rendered_obj)

        with mock.patch("%s.open" % BUILTINS, m, create=True):
            res = listener._parse_haproxy_file("123")
            self.assertEqual("TCP", res["mode"])
            self.assertEqual(BASE_AMP_PATH + "/sample_listener_id_1.sock", res["stats_socket"])
            self.assertIsNone(res["ssl_crt"])

        # Bogus format
        m = mock.mock_open(read_data="Bogus")

        with mock.patch("%s.open" % BUILTINS, m, create=True):
            try:
                res = listener._parse_haproxy_file("123")
                self.fail("No Exception?")
            except listener.ParsingError:
                pass