def _create_instances(topo_dict, suffix): """Create requested instances without replication or any other modifications :param topo_dict: a dictionary {ReplicaRole.STANDALONE: num, ReplicaRole.SUPPLIER: num, ReplicaRole.HUB: num, ReplicaRole.CONSUMER: num} :type topo_dict: dict :param suffix: a suffix :type suffix: str :return - TopologyMain object """ instances = {} ms = {} cs = {} hs = {} ins = {} # Create instances for role in topo_dict.keys(): for inst_num in range(1, topo_dict[role]+1): instance_data = generate_ds_params(inst_num, role) if DEBUGGING: instance = DirSrv(verbose=True) else: instance = DirSrv(verbose=False) # TODO: Put 'args_instance' to generate_ds_params. # Also, we need to keep in mind that the function returns # SER_SECURE_PORT and REPLICA_ID that are not used in # the instance creation here. # args_instance[SER_HOST] = instance_data[SER_HOST] args_instance = {} args_instance[SER_PORT] = instance_data[SER_PORT] args_instance[SER_SECURE_PORT] = instance_data[SER_SECURE_PORT] args_instance[SER_SERVERID_PROP] = instance_data[SER_SERVERID_PROP] # It's required to be able to make a suffix-less install for # some cli tests. It's invalid to require replication with # no suffix however .... if suffix is not None: args_instance[SER_CREATION_SUFFIX] = suffix elif role != ReplicaRole.STANDALONE: raise AssertionError("Invalid request to make suffix-less replicated environment") instance.allocate(args_instance) instance_exists = instance.exists() if instance_exists: instance.delete() instance.create() # We set a URL here to force ldap:// only. Once we turn on TLS # we'll flick this to ldaps. instance.use_ldap_uri() instance.open() instance.config.set('nsslapd-accesslog-logbuffering','off') if role == ReplicaRole.STANDALONE: ins[instance.serverid] = instance instances.update(ins) if role == ReplicaRole.SUPPLIER: ms[instance.serverid] = instance instances.update(ms) if role == ReplicaRole.CONSUMER: cs[instance.serverid] = instance instances.update(cs) if role == ReplicaRole.HUB: hs[instance.serverid] = instance instances.update(hs) # We should always enable TLS while in FIPS mode because otherwise NSS database won't be # configured in a FIPS compliant way if is_fips(): instance.enable_tls() if DEBUGGING: instance.config.set('nsslapd-errorlog-level','8192') instance.config.set('nsslapd-accesslog-level','260') instance.config.set('nsslapd-auditlog-logging-enabled','on') instance.config.set('nsslapd-auditfaillog-logging-enabled','on') instance.config.set('nsslapd-plugin-logging', 'on') log.info("Instance with parameters {} was created.".format(args_instance)) if "standalone1" in instances and len(instances) == 1: return TopologyMain(standalones=instances["standalone1"]) else: return TopologyMain(standalones=ins, suppliers=ms, consumers=cs, hubs=hs)