def test_create_load_balancer_full_graph_single(
self, mock_get_create_load_balancer_flow, mock_api_get_session,
mock_dyn_log_listener, mock_taskflow_load, mock_pool_repo_get,
mock_member_repo_get, mock_l7rule_repo_get, mock_l7policy_repo_get,
mock_listener_repo_get, mock_lb_repo_get, mock_health_mon_repo_get,
mock_amp_repo_get):
self.conf.config(group="controller_worker",
loadbalancer_topology=constants.TOPOLOGY_SINGLE)
listeners = [
data_models.Listener(id='listener1'),
data_models.Listener(id='listener2')
]
lb = data_models.LoadBalancer(id=LB_ID, listeners=listeners)
mock_lb_repo_get.return_value = lb
mock_eng = mock.Mock()
mock_taskflow_load.return_value = mock_eng
store = {
constants.LOADBALANCER_ID: LB_ID,
'update_dict': {
'topology': constants.TOPOLOGY_SINGLE
}
}
cw = controller_worker.ControllerWorker()
cw.create_load_balancer(LB_ID)
# mock_create_single_topology.assert_called_once()
# mock_create_active_standby_topology.assert_not_called()
mock_get_create_load_balancer_flow.assert_called_with(
topology=constants.TOPOLOGY_SINGLE, listeners=lb.listeners)
mock_taskflow_load.assert_called_with(
mock_get_create_load_balancer_flow.return_value, store=store)
mock_eng.run.assert_any_call()
def test_update_vip_when_listener_deleted(self):
listeners = [data_models.Listener(protocol_port=80,
protocol=constants.PROTOCOL_TCP),
data_models.Listener(
protocol_port=443,
protocol=constants.PROTOCOL_TCP,
provisioning_status=constants.PENDING_DELETE),
data_models.Listener(
protocol_port=50, protocol=constants.PROTOCOL_UDP,
provisioning_status=constants.PENDING_DELETE)]
vip = data_models.Vip(ip_address='10.0.0.2')
lb = data_models.LoadBalancer(id='1', listeners=listeners, vip=vip)
list_sec_grps = self.driver.neutron_client.list_security_groups
list_sec_grps.return_value = {'security_groups': [{'id': 'secgrp-1'}]}
fake_rules = {
'security_group_rules': [
{'id': 'rule-80', 'port_range_max': 80, 'protocol': 'tcp'},
{'id': 'rule-22', 'port_range_max': 443, 'protocol': 'tcp'},
{'id': 'rule-udp-50', 'port_range_max': 50, 'protocol': 'tcp'}
]
}
list_rules = self.driver.neutron_client.list_security_group_rules
list_rules.return_value = fake_rules
delete_rule = self.driver.neutron_client.delete_security_group_rule
create_rule = self.driver.neutron_client.create_security_group_rule
self.driver.update_vip(lb)
delete_rule.assert_has_calls(
[mock.call('rule-22'), mock.call('rule-udp-50')])
self.assertTrue(create_rule.called)
def test_update_vip_when_listener_deleted(self):
listeners = [
data_models.Listener(protocol_port=80),
data_models.Listener(protocol_port=443,
provisioning_status=constants.PENDING_DELETE)
]
lb = data_models.LoadBalancer(id='1', listeners=listeners)
list_sec_grps = self.driver.neutron_client.list_security_groups
list_sec_grps.return_value = {'security_groups': [{'id': 'secgrp-1'}]}
fake_rules = {
'security_group_rules': [{
'id': 'rule-80',
'port_range_max': 80,
'protocol': 'tcp'
}, {
'id': 'rule-22',
'port_range_max': 443,
'protocol': 'tcp'
}]
}
list_rules = self.driver.neutron_client.list_security_group_rules
list_rules.return_value = fake_rules
delete_rule = self.driver.neutron_client.delete_security_group_rule
create_rule = self.driver.neutron_client.create_security_group_rule
self.driver.update_vip(lb)
delete_rule.assert_called_once_with('rule-22')
self.assertTrue(create_rule.called)
def test_update_vip(self):
listeners = [data_models.Listener(protocol_port=80),
data_models.Listener(protocol_port=443)]
lb = data_models.LoadBalancer(id='1', listeners=listeners)
list_sec_grps = self.driver.neutron_client.list_security_groups
list_sec_grps.return_value = {'security_groups': [{'id': 'secgrp-1'}]}
fake_rules = {
'security_group_rules': [
{'id': 'rule-80', 'port_range_max': 80},
{'id': 'rule-22', 'port_range_max': 22}
]
}
list_rules = self.driver.neutron_client.list_security_group_rules
list_rules.return_value = fake_rules
delete_rule = self.driver.neutron_client.delete_security_group_rule
create_rule = self.driver.neutron_client.create_security_group_rule
self.driver.update_vip(lb)
delete_rule.assert_called_once_with('rule-22')
expected_create_rule = {
'security_group_rule': {
'security_group_id': 'secgrp-1',
'direction': 'ingress',
'protocol': 'TCP',
'port_range_min': 443,
'port_range_max': 443
}
}
create_rule.assert_called_once_with(expected_create_rule)
def test_listeners_update(self, mock_driver, mock_generate_uuid, mock_log,
mock_get_session, mock_listener_repo_get,
mock_listener_repo_update,
mock_amphora_repo_update):
listeners_update_obj = amphora_driver_tasks.ListenersUpdate()
listeners = [
data_models.Listener(id='listener1'),
data_models.Listener(id='listener2')
]
vip = data_models.Vip(ip_address='10.0.0.1')
lb = data_models.LoadBalancer(id='lb1', listeners=listeners, vip=vip)
listeners_update_obj.execute(lb)
mock_driver.update.assert_called_once_with(lb)
self.assertEqual(1, mock_driver.update.call_count)
# Test the revert
amp = listeners_update_obj.revert(lb)
expected_db_calls = [
mock.call(_session_mock,
id=listeners[0].id,
provisioning_status=constants.ERROR),
mock.call(_session_mock,
id=listeners[1].id,
provisioning_status=constants.ERROR)
]
repo.ListenerRepository.update.has_calls(expected_db_calls)
self.assertEqual(2, repo.ListenerRepository.update.call_count)
self.assertIsNone(amp)
def test_update_vip(self):
listeners = [data_models.Listener(protocol_port=80, peer_port=1024),
data_models.Listener(protocol_port=443, peer_port=1025)]
vip = data_models.Vip(ip_address='10.0.0.2')
lb = data_models.LoadBalancer(id='1', listeners=listeners, vip=vip)
list_sec_grps = self.driver.neutron_client.list_security_groups
list_sec_grps.return_value = {'security_groups': [{'id': 'secgrp-1'}]}
fake_rules = {
'security_group_rules': [
{'id': 'rule-80', 'port_range_max': 80, 'protocol': 'tcp'},
{'id': 'rule-22', 'port_range_max': 22, 'protocol': 'tcp'}
]
}
list_rules = self.driver.neutron_client.list_security_group_rules
list_rules.return_value = fake_rules
delete_rule = self.driver.neutron_client.delete_security_group_rule
create_rule = self.driver.neutron_client.create_security_group_rule
self.driver.update_vip(lb)
delete_rule.assert_called_once_with('rule-22')
expected_create_rule_1 = {
'security_group_rule': {
'security_group_id': 'secgrp-1',
'direction': 'ingress',
'protocol': 'TCP',
'port_range_min': 1024,
'port_range_max': 1024,
'ethertype': 'IPv4'
}
}
expected_create_rule_2 = {
'security_group_rule': {
'security_group_id': 'secgrp-1',
'direction': 'ingress',
'protocol': 'TCP',
'port_range_min': 1025,
'port_range_max': 1025,
'ethertype': 'IPv4'
}
}
expected_create_rule_3 = {
'security_group_rule': {
'security_group_id': 'secgrp-1',
'direction': 'ingress',
'protocol': 'TCP',
'port_range_min': 443,
'port_range_max': 443,
'ethertype': 'IPv4'
}
}
create_rule.assert_has_calls([mock.call(expected_create_rule_1),
mock.call(expected_create_rule_2),
mock.call(expected_create_rule_3)])
def setUp(self):
super(TestNoopAmphoraLoadBalancerDriver, self).setUp()
self.driver = driver.NoopAmphoraLoadBalancerDriver()
self.listener = data_models.Listener()
self.listener.id = uuidutils.generate_uuid()
self.listener.protocol_port = 80
self.vip = data_models.Vip()
self.vip.ip_address = "10.0.0.1"
self.amphora = data_models.Amphora()
self.amphora.id = self.FAKE_UUID_1
self.load_balancer = data_models.LoadBalancer(
id=FAKE_UUID_1,
amphorae=[self.amphora],
vip=self.vip,
listeners=[self.listener])
self.listener.load_balancer = self.load_balancer
self.network = network_models.Network(id=self.FAKE_UUID_1)
self.port = network_models.Port(id=uuidutils.generate_uuid())
self.amphorae_net_configs = {
self.amphora.id:
network_models.AmphoraNetworkConfig(
amphora=self.amphora,
vip_subnet=network_models.Subnet(id=self.FAKE_UUID_1))
}
self.pem_file = 'test_pem_file'
self.agent_config = 'test agent config'
self.timeout_dict = {
constants.REQ_CONN_TIMEOUT: 1,
constants.REQ_READ_TIMEOUT: 2,
constants.CONN_MAX_RETRIES: 3,
constants.CONN_RETRY_INTERVAL: 4
}
def test_db_listener_to_provider_listener(self):
test_db_list = data_models.Listener(id=1)
provider_list = utils.db_listener_to_provider_listener(test_db_list)
ref_provider_list = driver_dm.Listener(listener_id=1,
insert_headers={})
self.assertEqual(ref_provider_list.to_dict(render_unsets=True),
provider_list.to_dict(render_unsets=True))
def get_listener_octavia_model(self, listener_dict):
# Must use a copy because from_dict will modify the original dict
listener = n_data_models.Listener.from_dict(
copy.deepcopy(listener_dict))
ret = o_data_models.Listener()
args = self._get_common_args(listener)
sni_containers = []
if listener_dict.get('sni_containers'):
for sni_dict in listener_dict.get('sni_containers'):
sni = o_data_models.SNI()
if sni_dict.get('listener'):
sni.listener = self.get_listener_octavia_model(
sni_dict.get('listener'))
sni.listener_id = sni_dict.get('listener_id')
sni.position = sni_dict.get('position')
sni.tls_container_id = sni_dict.get('tls_container_id')
sni_containers.append(sni)
if listener_dict.get('loadbalancer'):
loadbalancer = self.get_loadbalancer_octavia_model(
listener_dict.get('loadbalancer'))
if listener.id not in [
_listener.id for _listener in loadbalancer.listeners
]:
loadbalancer.listeners.append(ret)
args.update({
'load_balancer': loadbalancer,
})
if listener_dict.get('default_pool'):
pool = self.get_pool_octavia_model(
listener_dict.get('default_pool'))
if listener.id not in [
_listener.id for _listener in pool.listeners
]:
pool.listeners.append(ret)
# REVISIT(jiahao): In Mitaka, we need to handle multiple pools
pools = [pool]
args.update({
'default_pool': pool,
'pools': pools,
})
args.update({
'load_balancer_id': listener.loadbalancer_id,
'protocol': listener.protocol,
'protocol_port': listener.protocol_port,
'connection_limit': listener.connection_limit,
'default_pool_id': listener.default_pool_id,
'tls_certificate_id': listener.default_tls_container_id,
'sni_containers': sni_containers,
'provisioning_status': listener.provisioning_status,
})
ret = self._update(ret, args)
return ret
def setUp(self):
super(TestNoopAmphoraLoadBalancerDriver, self).setUp()
self.driver = driver.NoopAmphoraLoadBalancerDriver()
self.listener = data_models.Listener()
self.listener.protocol_port = 80
self.vip = data_models.Vip()
self.vip.ip_address = "10.0.0.1"
self.amphora = data_models.Amphora()
self.amphora.id = self.FAKE_UUID_1
self.load_balancer = data_models.LoadBalancer(
id=FAKE_UUID_1,
amphorae=[self.amphora],
vip=self.vip,
listeners=[self.listener])
self.network = network_models.Network(id=self.FAKE_UUID_1)
self.port = network_models.Port(id=uuidutils.generate_uuid())
self.amphorae_net_configs = {
self.amphora.id:
network_models.AmphoraNetworkConfig(
amphora=self.amphora,
vip_subnet=network_models.Subnet(id=self.FAKE_UUID_1))
}
def test_update_health_no_status_change(self):
health = {
"id": self.FAKE_UUID_1,
"listeners": {
"listener-id-1": {
"status": constants.OPEN,
"pools": {
"pool-id-1": {
"status": constants.UP,
"members": {
"member-id-1": constants.UP
}
}
}
}
}
}
db_lb = data_models.LoadBalancer(id=self.FAKE_UUID_1,
operating_status=constants.ONLINE)
db_listener = data_models.Listener(id='listener-id-',
operating_status=constants.ONLINE,
load_balancer_id=self.FAKE_UUID_1)
db_pool = data_models.Pool(id='pool-id-1',
operating_status=constants.ONLINE)
db_member = data_models.Member(id='member-id-1',
operating_status=constants.ONLINE)
self.listener_repo.get.return_value = db_listener
self.pool_repo.get.return_value = db_pool
self.member_repo.get.return_value = db_member
self.loadbalancer_repo.get.return_value = db_lb
self.hm.update_health(health)
self.event_client.cast.assert_not_called()
self.loadbalancer_repo.update.assert_not_called()
self.listener_repo.update.assert_not_called()
self.pool_repo.update.assert_not_called()
self.member_repo.update.assert_not_called()
from a10_octavia.controller.worker.tasks import health_monitor_tasks as task
from a10_octavia.controller.worker.tasks import utils
from a10_octavia.tests.common import a10constants
from a10_octavia.tests.unit.base import BaseTaskTestCase
VTHUNDER = VThunder()
HM = o_data_models.HealthMonitor(id=a10constants.MOCK_HM_ID,
type='TCP',
delay=7,
timeout=3,
rise_threshold=8,
http_method='GET')
ARGS = utils.meta(HM, 'hm', {})
LISTENERS = [
o_data_models.Listener(id=a10constants.MOCK_LISTENER_ID,
protocol_port=mock.ANY)
]
FLAVOR_ARGS = {
'monitor': {
'retry': 5,
'method': {
'http': {
'http_response_code': '201'
}
},
}
}
FLAVOR_WITH_REGEX_ARGS = {
'monitor': {
def _mock_listener(self, protocol, conn_limit):
listener = o_data_models.Listener(id=a10constants.MOCK_LISTENER_ID)
listener.protocol = protocol
listener.connection_limit = conn_limit
return listener
def __init__(self):
self.project_id = uuidutils.generate_uuid()
self.lb_id = uuidutils.generate_uuid()
self.ip_address = '192.0.2.30'
self.port_id = uuidutils.generate_uuid()
self.network_id = uuidutils.generate_uuid()
self.subnet_id = uuidutils.generate_uuid()
self.qos_policy_id = uuidutils.generate_uuid()
self.lb_name = uuidutils.generate_uuid()
self.lb_description = uuidutils.generate_uuid()
self.flavor_id = uuidutils.generate_uuid()
self.flavor_profile_id = uuidutils.generate_uuid()
self.listener1_id = uuidutils.generate_uuid()
self.listener2_id = uuidutils.generate_uuid()
self.default_tls_container_ref = uuidutils.generate_uuid()
self.sni_container_ref_1 = uuidutils.generate_uuid()
self.sni_container_ref_2 = uuidutils.generate_uuid()
self.client_ca_tls_certificate_ref = uuidutils.generate_uuid()
self.client_crl_container_ref = uuidutils.generate_uuid()
self.pool_sni_container_ref = uuidutils.generate_uuid()
self.pool_ca_container_ref = uuidutils.generate_uuid()
self.pool_crl_container_ref = uuidutils.generate_uuid()
self.pool1_id = uuidutils.generate_uuid()
self.pool2_id = uuidutils.generate_uuid()
self.hm1_id = uuidutils.generate_uuid()
self.hm2_id = uuidutils.generate_uuid()
self.member1_id = uuidutils.generate_uuid()
self.member2_id = uuidutils.generate_uuid()
self.member3_id = uuidutils.generate_uuid()
self.member4_id = uuidutils.generate_uuid()
self.l7policy1_id = uuidutils.generate_uuid()
self.l7policy2_id = uuidutils.generate_uuid()
self.l7rule1_id = uuidutils.generate_uuid()
self.l7rule2_id = uuidutils.generate_uuid()
self.created_at = datetime.datetime.now()
self.updated_at = (datetime.datetime.now() +
datetime.timedelta(minutes=1))
self._common_test_dict = {
lib_consts.PROVISIONING_STATUS: constants.ACTIVE,
lib_consts.OPERATING_STATUS: constants.ONLINE,
lib_consts.PROJECT_ID: self.project_id,
constants.CREATED_AT: self.created_at,
constants.UPDATED_AT: self.updated_at,
constants.ENABLED: True
}
# Setup Health Monitors
self.test_hm1_dict = {
lib_consts.ID: self.hm1_id,
lib_consts.TYPE: constants.HEALTH_MONITOR_PING,
lib_consts.DELAY: 1,
lib_consts.TIMEOUT: 3,
lib_consts.FALL_THRESHOLD: 1,
lib_consts.RISE_THRESHOLD: 2,
lib_consts.HTTP_METHOD: lib_consts.HEALTH_MONITOR_HTTP_METHOD_GET,
lib_consts.URL_PATH: '/',
lib_consts.EXPECTED_CODES: '200',
lib_consts.NAME: 'hm1',
lib_consts.POOL_ID: self.pool1_id,
lib_consts.HTTP_VERSION: 1.0,
lib_consts.DOMAIN_NAME: None,
lib_consts.PROJECT_ID: self.project_id
}
self.test_hm1_dict.update(self._common_test_dict)
self.test_hm2_dict = copy.deepcopy(self.test_hm1_dict)
self.test_hm2_dict[lib_consts.ID] = self.hm2_id
self.test_hm2_dict[lib_consts.NAME] = 'hm2'
self.test_hm2_dict.update({
lib_consts.HTTP_VERSION: 1.1,
lib_consts.DOMAIN_NAME: 'testdomainname.com'
})
self.db_hm1 = data_models.HealthMonitor(**self.test_hm1_dict)
self.db_hm2 = data_models.HealthMonitor(**self.test_hm2_dict)
self.provider_hm1_dict = {
lib_consts.ADMIN_STATE_UP: True,
lib_consts.DELAY: 1,
lib_consts.EXPECTED_CODES: '200',
lib_consts.HEALTHMONITOR_ID: self.hm1_id,
lib_consts.HTTP_METHOD: lib_consts.HEALTH_MONITOR_HTTP_METHOD_GET,
lib_consts.MAX_RETRIES: 2,
lib_consts.MAX_RETRIES_DOWN: 1,
lib_consts.NAME: 'hm1',
lib_consts.POOL_ID: self.pool1_id,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.TIMEOUT: 3,
lib_consts.TYPE: constants.HEALTH_MONITOR_PING,
lib_consts.URL_PATH: '/',
lib_consts.HTTP_VERSION: 1.0,
lib_consts.DOMAIN_NAME: None
}
self.provider_hm2_dict = copy.deepcopy(self.provider_hm1_dict)
self.provider_hm2_dict[lib_consts.HEALTHMONITOR_ID] = self.hm2_id
self.provider_hm2_dict[lib_consts.NAME] = 'hm2'
self.provider_hm2_dict.update({
lib_consts.HTTP_VERSION:
1.1,
lib_consts.DOMAIN_NAME:
'testdomainname.com'
})
self.provider_hm1 = driver_dm.HealthMonitor(**self.provider_hm1_dict)
self.provider_hm2 = driver_dm.HealthMonitor(**self.provider_hm2_dict)
# Setup Members
self.test_member1_dict = {
lib_consts.ID: self.member1_id,
lib_consts.POOL_ID: self.pool1_id,
constants.IP_ADDRESS: '192.0.2.16',
lib_consts.PROTOCOL_PORT: 80,
lib_consts.WEIGHT: 0,
lib_consts.BACKUP: False,
lib_consts.SUBNET_ID: self.subnet_id,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.NAME: 'member1',
lib_consts.OPERATING_STATUS: lib_consts.ONLINE,
lib_consts.PROVISIONING_STATUS: lib_consts.ACTIVE,
constants.ENABLED: True,
constants.CREATED_AT: self.created_at,
constants.UPDATED_AT: self.updated_at,
lib_consts.MONITOR_ADDRESS: '192.0.2.26',
lib_consts.MONITOR_PORT: 81
}
self.test_member1_dict.update(self._common_test_dict)
self.test_member2_dict = copy.deepcopy(self.test_member1_dict)
self.test_member2_dict[lib_consts.ID] = self.member2_id
self.test_member2_dict[constants.IP_ADDRESS] = '192.0.2.17'
self.test_member2_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.27'
self.test_member2_dict[lib_consts.NAME] = 'member2'
self.test_member3_dict = copy.deepcopy(self.test_member1_dict)
self.test_member3_dict[lib_consts.ID] = self.member3_id
self.test_member3_dict[constants.IP_ADDRESS] = '192.0.2.18'
self.test_member3_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.28'
self.test_member3_dict[lib_consts.NAME] = 'member3'
self.test_member3_dict[lib_consts.POOL_ID] = self.pool2_id
self.test_member4_dict = copy.deepcopy(self.test_member1_dict)
self.test_member4_dict[lib_consts.ID] = self.member4_id
self.test_member4_dict[constants.IP_ADDRESS] = '192.0.2.19'
self.test_member4_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.29'
self.test_member4_dict[lib_consts.NAME] = 'member4'
self.test_member4_dict[lib_consts.POOL_ID] = self.pool2_id
self.test_pool1_members_dict = [
self.test_member1_dict, self.test_member2_dict
]
self.test_pool2_members_dict = [
self.test_member3_dict, self.test_member4_dict
]
self.db_member1 = data_models.Member(**self.test_member1_dict)
self.db_member2 = data_models.Member(**self.test_member2_dict)
self.db_member3 = data_models.Member(**self.test_member3_dict)
self.db_member4 = data_models.Member(**self.test_member4_dict)
self.db_pool1_members = [self.db_member1, self.db_member2]
self.db_pool2_members = [self.db_member3, self.db_member4]
self.provider_member1_dict = {
lib_consts.ADDRESS: '192.0.2.16',
lib_consts.ADMIN_STATE_UP: True,
lib_consts.MEMBER_ID: self.member1_id,
lib_consts.MONITOR_ADDRESS: '192.0.2.26',
lib_consts.MONITOR_PORT: 81,
lib_consts.NAME: 'member1',
lib_consts.POOL_ID: self.pool1_id,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.PROTOCOL_PORT: 80,
lib_consts.SUBNET_ID: self.subnet_id,
lib_consts.WEIGHT: 0,
lib_consts.BACKUP: False
}
self.provider_member2_dict = copy.deepcopy(self.provider_member1_dict)
self.provider_member2_dict[lib_consts.MEMBER_ID] = self.member2_id
self.provider_member2_dict[lib_consts.ADDRESS] = '192.0.2.17'
self.provider_member2_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.27'
self.provider_member2_dict[lib_consts.NAME] = 'member2'
self.provider_member3_dict = copy.deepcopy(self.provider_member1_dict)
self.provider_member3_dict[lib_consts.MEMBER_ID] = self.member3_id
self.provider_member3_dict[lib_consts.ADDRESS] = '192.0.2.18'
self.provider_member3_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.28'
self.provider_member3_dict[lib_consts.NAME] = 'member3'
self.provider_member3_dict[lib_consts.POOL_ID] = self.pool2_id
self.provider_member4_dict = copy.deepcopy(self.provider_member1_dict)
self.provider_member4_dict[lib_consts.MEMBER_ID] = self.member4_id
self.provider_member4_dict[lib_consts.ADDRESS] = '192.0.2.19'
self.provider_member4_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.29'
self.provider_member4_dict[lib_consts.NAME] = 'member4'
self.provider_member4_dict[lib_consts.POOL_ID] = self.pool2_id
self.provider_pool1_members_dict = [
self.provider_member1_dict, self.provider_member2_dict
]
self.provider_pool2_members_dict = [
self.provider_member3_dict, self.provider_member4_dict
]
self.provider_member1 = driver_dm.Member(**self.provider_member1_dict)
self.provider_member2 = driver_dm.Member(**self.provider_member2_dict)
self.provider_member3 = driver_dm.Member(**self.provider_member3_dict)
self.provider_member4 = driver_dm.Member(**self.provider_member4_dict)
self.provider_pool1_members = [
self.provider_member1, self.provider_member2
]
self.provider_pool2_members = [
self.provider_member3, self.provider_member4
]
# Setup test pools
self.test_pool1_dict = {
lib_consts.ID: self.pool1_id,
lib_consts.NAME: 'pool1',
lib_consts.DESCRIPTION: 'Pool 1',
constants.LOAD_BALANCER_ID: self.lb_id,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP,
lib_consts.LB_ALGORITHM: lib_consts.LB_ALGORITHM_ROUND_ROBIN,
lib_consts.MEMBERS: self.test_pool1_members_dict,
constants.HEALTH_MONITOR: self.test_hm1_dict,
lib_consts.SESSION_PERSISTENCE: {
lib_consts.TYPE: lib_consts.LB_ALGORITHM_SOURCE_IP
},
lib_consts.LISTENERS: [],
lib_consts.L7POLICIES: [],
constants.TLS_CERTIFICATE_ID: self.pool_sni_container_ref,
constants.CA_TLS_CERTIFICATE_ID: self.pool_ca_container_ref,
constants.CRL_CONTAINER_ID: self.pool_crl_container_ref,
lib_consts.TLS_ENABLED: True,
lib_consts.TLS_CIPHERS: None,
lib_consts.TLS_VERSIONS: None
}
self.test_pool1_dict.update(self._common_test_dict)
self.test_pool2_dict = copy.deepcopy(self.test_pool1_dict)
self.test_pool2_dict[lib_consts.ID] = self.pool2_id
self.test_pool2_dict[lib_consts.NAME] = 'pool2'
self.test_pool2_dict[lib_consts.DESCRIPTION] = 'Pool 2'
self.test_pool2_dict[lib_consts.MEMBERS] = self.test_pool2_members_dict
del self.test_pool2_dict[constants.TLS_CERTIFICATE_ID]
del self.test_pool2_dict[constants.CA_TLS_CERTIFICATE_ID]
del self.test_pool2_dict[constants.CRL_CONTAINER_ID]
self.test_pools = [self.test_pool1_dict, self.test_pool2_dict]
self.db_pool1 = data_models.Pool(**self.test_pool1_dict)
self.db_pool1.health_monitor = self.db_hm1
self.db_pool1.members = self.db_pool1_members
self.db_pool2 = data_models.Pool(**self.test_pool2_dict)
self.db_pool2.health_monitor = self.db_hm2
self.db_pool2.members = self.db_pool2_members
self.test_db_pools = [self.db_pool1, self.db_pool2]
pool_cert = data_models.TLSContainer(certificate='pool cert')
pool_ca_file_content = 'X509 POOL CA CERT FILE'
pool_crl_file_content = 'X509 POOL CRL FILE'
self.provider_pool1_dict = {
lib_consts.ADMIN_STATE_UP: True,
lib_consts.DESCRIPTION: 'Pool 1',
lib_consts.HEALTHMONITOR: self.provider_hm1_dict,
lib_consts.LB_ALGORITHM: lib_consts.LB_ALGORITHM_ROUND_ROBIN,
lib_consts.LOADBALANCER_ID: self.lb_id,
lib_consts.MEMBERS: self.provider_pool1_members_dict,
lib_consts.NAME: 'pool1',
lib_consts.POOL_ID: self.pool1_id,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP,
lib_consts.SESSION_PERSISTENCE: {
lib_consts.TYPE: lib_consts.LB_ALGORITHM_SOURCE_IP
},
lib_consts.TLS_CONTAINER_REF: self.pool_sni_container_ref,
lib_consts.TLS_CONTAINER_DATA: pool_cert.to_dict(),
lib_consts.CA_TLS_CONTAINER_REF: self.pool_ca_container_ref,
lib_consts.CA_TLS_CONTAINER_DATA: pool_ca_file_content,
lib_consts.CRL_CONTAINER_REF: self.pool_crl_container_ref,
lib_consts.CRL_CONTAINER_DATA: pool_crl_file_content,
lib_consts.TLS_ENABLED: True,
lib_consts.TLS_CIPHERS: None,
lib_consts.TLS_VERSIONS: None,
}
self.provider_pool2_dict = copy.deepcopy(self.provider_pool1_dict)
self.provider_pool2_dict[lib_consts.POOL_ID] = self.pool2_id
self.provider_pool2_dict[lib_consts.NAME] = 'pool2'
self.provider_pool2_dict[lib_consts.DESCRIPTION] = 'Pool 2'
self.provider_pool2_dict[
lib_consts.MEMBERS] = self.provider_pool2_members_dict
self.provider_pool2_dict[
lib_consts.HEALTHMONITOR] = self.provider_hm2_dict
self.provider_pool2_dict[lib_consts.TLS_CONTAINER_REF] = None
del self.provider_pool2_dict[lib_consts.TLS_CONTAINER_DATA]
self.provider_pool2_dict[lib_consts.CA_TLS_CONTAINER_REF] = None
del self.provider_pool2_dict[lib_consts.CA_TLS_CONTAINER_DATA]
self.provider_pool2_dict[lib_consts.CRL_CONTAINER_REF] = None
del self.provider_pool2_dict[lib_consts.CRL_CONTAINER_DATA]
self.provider_pool1 = driver_dm.Pool(**self.provider_pool1_dict)
self.provider_pool1.members = self.provider_pool1_members
self.provider_pool1.healthmonitor = self.provider_hm1
self.provider_pool2 = driver_dm.Pool(**self.provider_pool2_dict)
self.provider_pool2.members = self.provider_pool2_members
self.provider_pool2.healthmonitor = self.provider_hm2
self.provider_pools = [self.provider_pool1, self.provider_pool2]
# Setup L7Rules
self.test_l7rule1_dict = {
lib_consts.ID: self.l7rule1_id,
lib_consts.L7POLICY_ID: self.l7policy1_id,
lib_consts.TYPE: lib_consts.L7RULE_TYPE_PATH,
lib_consts.COMPARE_TYPE: lib_consts.L7RULE_COMPARE_TYPE_EQUAL_TO,
lib_consts.KEY: 'fake_key',
lib_consts.VALUE: 'fake_value',
lib_consts.PROJECT_ID: self.project_id,
constants.L7POLICY: None,
lib_consts.INVERT: False
}
self.test_l7rule1_dict.update(self._common_test_dict)
self.test_l7rule2_dict = copy.deepcopy(self.test_l7rule1_dict)
self.test_l7rule2_dict[lib_consts.ID] = self.l7rule2_id
self.test_l7rules = [self.test_l7rule1_dict, self.test_l7rule2_dict]
self.db_l7Rule1 = data_models.L7Rule(**self.test_l7rule1_dict)
self.db_l7Rule2 = data_models.L7Rule(**self.test_l7rule2_dict)
self.db_l7Rules = [self.db_l7Rule1, self.db_l7Rule2]
self.provider_l7rule1_dict = {
lib_consts.ADMIN_STATE_UP: True,
lib_consts.COMPARE_TYPE: lib_consts.L7RULE_COMPARE_TYPE_EQUAL_TO,
lib_consts.INVERT: False,
lib_consts.KEY: 'fake_key',
lib_consts.L7POLICY_ID: self.l7policy1_id,
lib_consts.L7RULE_ID: self.l7rule1_id,
lib_consts.TYPE: lib_consts.L7RULE_TYPE_PATH,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.VALUE: 'fake_value'
}
self.provider_l7rule2_dict = copy.deepcopy(self.provider_l7rule1_dict)
self.provider_l7rule2_dict[lib_consts.L7RULE_ID] = self.l7rule2_id
self.provider_l7rules_dicts = [
self.provider_l7rule1_dict, self.provider_l7rule2_dict
]
self.provider_l7rule1 = driver_dm.L7Rule(**self.provider_l7rule1_dict)
self.provider_l7rule2 = driver_dm.L7Rule(**self.provider_l7rule2_dict)
self.provider_rules = [self.provider_l7rule1, self.provider_l7rule2]
# Setup L7Policies
self.test_l7policy1_dict = {
lib_consts.ID: self.l7policy1_id,
lib_consts.NAME: 'l7policy_1',
lib_consts.DESCRIPTION: 'L7policy 1',
lib_consts.LISTENER_ID: self.listener1_id,
lib_consts.ACTION: lib_consts.L7POLICY_ACTION_REDIRECT_TO_URL,
lib_consts.REDIRECT_POOL_ID: None,
lib_consts.REDIRECT_URL: 'http://example.com/index.html',
lib_consts.REDIRECT_PREFIX: None,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.POSITION: 1,
constants.LISTENER: None,
constants.REDIRECT_POOL: None,
lib_consts.L7RULES: self.test_l7rules,
lib_consts.REDIRECT_HTTP_CODE: 302
}
self.test_l7policy1_dict.update(self._common_test_dict)
self.test_l7policy2_dict = copy.deepcopy(self.test_l7policy1_dict)
self.test_l7policy2_dict[lib_consts.ID] = self.l7policy2_id
self.test_l7policy2_dict[lib_consts.NAME] = 'l7policy_2'
self.test_l7policy2_dict[lib_consts.DESCRIPTION] = 'L7policy 2'
self.test_l7policies = [
self.test_l7policy1_dict, self.test_l7policy2_dict
]
self.db_l7policy1 = data_models.L7Policy(**self.test_l7policy1_dict)
self.db_l7policy2 = data_models.L7Policy(**self.test_l7policy2_dict)
self.db_l7policy1.l7rules = self.db_l7Rules
self.db_l7policy2.l7rules = self.db_l7Rules
self.db_l7policies = [self.db_l7policy1, self.db_l7policy2]
self.provider_l7policy1_dict = {
lib_consts.ACTION: lib_consts.L7POLICY_ACTION_REDIRECT_TO_URL,
lib_consts.ADMIN_STATE_UP: True,
lib_consts.DESCRIPTION: 'L7policy 1',
lib_consts.L7POLICY_ID: self.l7policy1_id,
lib_consts.LISTENER_ID: self.listener1_id,
lib_consts.NAME: 'l7policy_1',
lib_consts.POSITION: 1,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.REDIRECT_POOL_ID: None,
lib_consts.REDIRECT_URL: 'http://example.com/index.html',
lib_consts.REDIRECT_PREFIX: None,
lib_consts.RULES: self.provider_l7rules_dicts,
lib_consts.REDIRECT_HTTP_CODE: 302
}
self.provider_l7policy2_dict = copy.deepcopy(
self.provider_l7policy1_dict)
self.provider_l7policy2_dict[
lib_consts.L7POLICY_ID] = self.l7policy2_id
self.provider_l7policy2_dict[lib_consts.NAME] = 'l7policy_2'
self.provider_l7policy2_dict[lib_consts.DESCRIPTION] = 'L7policy 2'
self.provider_l7policies_dict = [
self.provider_l7policy1_dict, self.provider_l7policy2_dict
]
self.provider_l7policy1 = driver_dm.L7Policy(
**self.provider_l7policy1_dict)
self.provider_l7policy1.rules = self.provider_rules
self.provider_l7policy2 = driver_dm.L7Policy(
**self.provider_l7policy2_dict)
self.provider_l7policy2.rules = self.provider_rules
self.provider_l7policies = [
self.provider_l7policy1, self.provider_l7policy2
]
# Setup Listeners
self.test_listener1_dict = {
lib_consts.ID:
self.listener1_id,
lib_consts.NAME:
'listener_1',
lib_consts.DESCRIPTION:
'Listener 1',
lib_consts.DEFAULT_POOL_ID:
self.pool1_id,
constants.LOAD_BALANCER_ID:
self.lb_id,
lib_consts.PROJECT_ID:
self.project_id,
lib_consts.PROTOCOL:
lib_consts.PROTOCOL_TCP,
lib_consts.PROTOCOL_PORT:
90,
lib_consts.CONNECTION_LIMIT:
10000,
constants.TLS_CERTIFICATE_ID:
self.default_tls_container_ref,
lib_consts.DEFAULT_POOL:
self.test_pool1_dict,
constants.SNI_CONTAINERS: [{
constants.TLS_CONTAINER_ID:
self.sni_container_ref_1
}, {
constants.TLS_CONTAINER_ID:
self.sni_container_ref_2
}],
constants.PEER_PORT:
55,
lib_consts.L7POLICIES:
self.test_l7policies,
lib_consts.INSERT_HEADERS: {},
lib_consts.TIMEOUT_CLIENT_DATA:
1000,
lib_consts.TIMEOUT_MEMBER_CONNECT:
2000,
lib_consts.TIMEOUT_MEMBER_DATA:
3000,
lib_consts.TIMEOUT_TCP_INSPECT:
4000,
constants.CLIENT_CA_TLS_CERTIFICATE_ID:
self.client_ca_tls_certificate_ref,
lib_consts.CLIENT_AUTHENTICATION:
constants.CLIENT_AUTH_NONE,
constants.CLIENT_CRL_CONTAINER_ID:
self.client_crl_container_ref,
lib_consts.ALLOWED_CIDRS: ['192.0.2.0/24', '198.51.100.0/24'],
lib_consts.TLS_CIPHERS:
constants.CIPHERS_OWASP_SUITE_B,
lib_consts.TLS_VERSIONS:
constants.TLS_VERSIONS_OWASP_SUITE_B
}
self.test_listener1_dict.update(self._common_test_dict)
self.test_listener2_dict = copy.deepcopy(self.test_listener1_dict)
self.test_listener2_dict[lib_consts.ID] = self.listener2_id
self.test_listener2_dict[lib_consts.NAME] = 'listener_2'
self.test_listener2_dict[lib_consts.DESCRIPTION] = 'Listener 1'
self.test_listener2_dict[lib_consts.DEFAULT_POOL_ID] = self.pool2_id
self.test_listener2_dict[
lib_consts.DEFAULT_POOL] = self.test_pool2_dict
del self.test_listener2_dict[lib_consts.L7POLICIES]
del self.test_listener2_dict[constants.SNI_CONTAINERS]
del self.test_listener2_dict[constants.CLIENT_CA_TLS_CERTIFICATE_ID]
del self.test_listener2_dict[constants.CLIENT_CRL_CONTAINER_ID]
self.test_listeners = [
self.test_listener1_dict, self.test_listener2_dict
]
self.db_listener1 = data_models.Listener(**self.test_listener1_dict)
self.db_listener2 = data_models.Listener(**self.test_listener2_dict)
self.db_listener1.default_pool = self.db_pool1
self.db_listener2.default_pool = self.db_pool2
self.db_listener1.l7policies = self.db_l7policies
self.db_listener1.sni_containers = [
data_models.SNI(tls_container_id='2'),
data_models.SNI(tls_container_id='3')
]
self.test_db_listeners = [self.db_listener1, self.db_listener2]
cert1 = data_models.TLSContainer(certificate='cert 1')
cert2 = data_models.TLSContainer(certificate='cert 2')
cert3 = data_models.TLSContainer(certificate='cert 3')
ca_cert = 'ca cert'
crl_file_content = 'X509 CRL FILE'
self.provider_listener1_dict = {
lib_consts.ADMIN_STATE_UP:
True,
lib_consts.ALLOWED_CIDRS: ['192.0.2.0/24', '198.51.100.0/24'],
lib_consts.CONNECTION_LIMIT:
10000,
lib_consts.DEFAULT_POOL:
self.provider_pool1_dict,
lib_consts.DEFAULT_POOL_ID:
self.pool1_id,
lib_consts.DEFAULT_TLS_CONTAINER_DATA:
cert1.to_dict(),
lib_consts.DEFAULT_TLS_CONTAINER_REF:
self.default_tls_container_ref,
lib_consts.DESCRIPTION:
'Listener 1',
lib_consts.INSERT_HEADERS: {},
lib_consts.L7POLICIES:
self.provider_l7policies_dict,
lib_consts.LISTENER_ID:
self.listener1_id,
lib_consts.LOADBALANCER_ID:
self.lb_id,
lib_consts.NAME:
'listener_1',
lib_consts.PROJECT_ID:
self.project_id,
lib_consts.PROTOCOL:
lib_consts.PROTOCOL_TCP,
lib_consts.PROTOCOL_PORT:
90,
lib_consts.SNI_CONTAINER_DATA: [cert2.to_dict(),
cert3.to_dict()],
lib_consts.SNI_CONTAINER_REFS:
[self.sni_container_ref_1, self.sni_container_ref_2],
lib_consts.TIMEOUT_CLIENT_DATA:
1000,
lib_consts.TIMEOUT_MEMBER_CONNECT:
2000,
lib_consts.TIMEOUT_MEMBER_DATA:
3000,
lib_consts.TIMEOUT_TCP_INSPECT:
4000,
lib_consts.CLIENT_CA_TLS_CONTAINER_REF:
self.client_ca_tls_certificate_ref,
lib_consts.CLIENT_CA_TLS_CONTAINER_DATA:
ca_cert,
lib_consts.CLIENT_AUTHENTICATION:
constants.CLIENT_AUTH_NONE,
lib_consts.CLIENT_CRL_CONTAINER_REF:
self.client_crl_container_ref,
lib_consts.CLIENT_CRL_CONTAINER_DATA:
crl_file_content,
lib_consts.TLS_CIPHERS:
constants.CIPHERS_OWASP_SUITE_B,
lib_consts.TLS_VERSIONS:
constants.TLS_VERSIONS_OWASP_SUITE_B
}
self.provider_listener2_dict = copy.deepcopy(
self.provider_listener1_dict)
self.provider_listener2_dict[
lib_consts.LISTENER_ID] = self.listener2_id
self.provider_listener2_dict[lib_consts.NAME] = 'listener_2'
self.provider_listener2_dict[lib_consts.DESCRIPTION] = 'Listener 1'
self.provider_listener2_dict[
lib_consts.DEFAULT_POOL_ID] = self.pool2_id
self.provider_listener2_dict[
lib_consts.DEFAULT_POOL] = self.provider_pool2_dict
del self.provider_listener2_dict[lib_consts.L7POLICIES]
self.provider_listener2_dict[
lib_consts.CLIENT_CA_TLS_CONTAINER_REF] = None
del self.provider_listener2_dict[
lib_consts.CLIENT_CA_TLS_CONTAINER_DATA]
self.provider_listener2_dict[lib_consts.CLIENT_AUTHENTICATION] = (
constants.CLIENT_AUTH_NONE)
self.provider_listener2_dict[
lib_consts.CLIENT_CRL_CONTAINER_REF] = None
del self.provider_listener2_dict[lib_consts.CLIENT_CRL_CONTAINER_DATA]
self.provider_listener1 = driver_dm.Listener(
**self.provider_listener1_dict)
self.provider_listener2 = driver_dm.Listener(
**self.provider_listener2_dict)
self.provider_listener1.default_pool = self.provider_pool1
self.provider_listener2.default_pool = self.provider_pool2
self.provider_listener1.l7policies = self.provider_l7policies
self.provider_listeners = [
self.provider_listener1, self.provider_listener2
]
self.test_vip_dict = {
constants.IP_ADDRESS: self.ip_address,
constants.NETWORK_ID: self.network_id,
constants.PORT_ID: self.port_id,
lib_consts.SUBNET_ID: self.subnet_id,
constants.QOS_POLICY_ID: self.qos_policy_id,
constants.OCTAVIA_OWNED: None
}
self.provider_vip_dict = {
lib_consts.VIP_ADDRESS: self.ip_address,
lib_consts.VIP_NETWORK_ID: self.network_id,
lib_consts.VIP_PORT_ID: self.port_id,
lib_consts.VIP_SUBNET_ID: self.subnet_id,
lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id,
constants.OCTAVIA_OWNED: None
}
self.db_vip = data_models.Vip(ip_address=self.ip_address,
network_id=self.network_id,
port_id=self.port_id,
subnet_id=self.subnet_id,
qos_policy_id=self.qos_policy_id)
self.test_loadbalancer1_dict = {
lib_consts.NAME: self.lb_name,
lib_consts.DESCRIPTION: self.lb_description,
constants.ENABLED: True,
lib_consts.PROVISIONING_STATUS: lib_consts.PENDING_UPDATE,
lib_consts.OPERATING_STATUS: lib_consts.OFFLINE,
constants.TOPOLOGY: constants.TOPOLOGY_ACTIVE_STANDBY,
constants.VRRP_GROUP: None,
constants.PROVIDER: constants.AMPHORA,
constants.SERVER_GROUP_ID: uuidutils.generate_uuid(),
lib_consts.PROJECT_ID: self.project_id,
lib_consts.ID: self.lb_id,
constants.FLAVOR_ID: self.flavor_id,
constants.TAGS: ['test_tag']
}
self.provider_loadbalancer_dict = {
lib_consts.ADDITIONAL_VIPS: None,
lib_consts.ADMIN_STATE_UP: True,
lib_consts.DESCRIPTION: self.lb_description,
lib_consts.FLAVOR: {
"something": "else"
},
lib_consts.LISTENERS: None,
lib_consts.LOADBALANCER_ID: self.lb_id,
lib_consts.NAME: self.lb_name,
lib_consts.POOLS: None,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.VIP_ADDRESS: self.ip_address,
lib_consts.VIP_NETWORK_ID: self.network_id,
lib_consts.VIP_PORT_ID: self.port_id,
lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id,
lib_consts.VIP_SUBNET_ID: self.subnet_id
}
self.provider_loadbalancer_tree_dict = {
lib_consts.ADDITIONAL_VIPS: None,
lib_consts.ADMIN_STATE_UP: True,
lib_consts.AVAILABILITY_ZONE: None,
lib_consts.DESCRIPTION: self.lb_description,
lib_consts.FLAVOR: {
"something": "else"
},
lib_consts.LISTENERS: None,
lib_consts.LOADBALANCER_ID: self.lb_id,
lib_consts.NAME: self.lb_name,
lib_consts.POOLS: None,
lib_consts.PROJECT_ID: self.project_id,
lib_consts.VIP_ADDRESS: self.ip_address,
lib_consts.VIP_NETWORK_ID: self.network_id,
lib_consts.VIP_PORT_ID: self.port_id,
lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id,
lib_consts.VIP_SUBNET_ID: self.subnet_id
}
from mock import patch
from octavia.certificates.common.auth.barbican_acl import BarbicanACLAuth
from octavia.common import data_models as o_data_models
from octavia.tests.common import constants as t_constants
from a10_octavia.common.data_models import Certificate
from a10_octavia.common.data_models import VThunder
from a10_octavia.controller.worker.tasks import cert_tasks
from a10_octavia.tests.common import a10constants as a10_test_constants
from a10_octavia.tests.unit.base import BaseTaskTestCase
LB = o_data_models.LoadBalancer(id=a10_test_constants.MOCK_LOAD_BALANCER_ID,
project_id=t_constants.MOCK_PROJECT_ID)
LISTENER = o_data_models.Listener(protocol='TERMINATED_HTTPS',
protocol_port=2222,
load_balancer=LB,
tls_certificate_id='certificate-id-1')
VTHUNDER = VThunder()
CERT_DATA = Certificate(cert_filename=a10_test_constants.MOCK_CERT_FILENAME,
cert_content=a10_test_constants.MOCK_CERT_CONTENT,
key_filename=a10_test_constants.MOCK_KEY_FILENAME,
key_content=a10_test_constants.MOCK_KEY_CONTENT,
template_name=a10_test_constants.MOCK_TEMPLATE_NAME,
key_pass=a10_test_constants.MOCK_KEY_PASS)
class TestCertHandlerTasks(BaseTaskTestCase):
def setUp(self):
super(TestCertHandlerTasks, self).setUp()
imp.reload(cert_tasks)
device_name="rack_thunder_1",
undercloud=True,
username="******",
password="******",
ip_address="10.10.10.10",
partition_name="shared")
LB = o_data_models.LoadBalancer(id=a10constants.MOCK_LOAD_BALANCER_ID,
flavor_id=a10constants.MOCK_FLAVOR_ID)
FIXED_IP = n_data_models.FixedIP(ip_address='10.10.10.10')
PORT = n_data_models.Port(id=uuidutils.generate_uuid(), fixed_ips=[FIXED_IP])
VRID = data_models.VRID(id=1,
vrid=0,
owner=a10constants.MOCK_PROJECT_ID,
vrid_port_id=uuidutils.generate_uuid(),
vrid_floating_ip='10.0.12.32')
LISTENER = o_data_models.Listener(id=a10constants.MOCK_LISTENER_ID,
load_balancer=LB)
POOL = o_data_models.Pool(id=a10constants.MOCK_POOL_ID, load_balancer=LB)
HM = o_data_models.HealthMonitor(id=a10constants, pool=POOL)
MEMBER_1 = o_data_models.Member(id=uuidutils.generate_uuid(),
project_id=a10constants.MOCK_PROJECT_ID,
subnet_id=a10constants.MOCK_SUBNET_ID,
pool=POOL)
MEMBER_2 = o_data_models.Member(id=uuidutils.generate_uuid(),
project_id=a10constants.MOCK_PROJECT_ID,
subnet_id=a10constants.MOCK_SUBNET_ID_2,
pool=POOL)
FLAVOR_PROFILE = o_data_models.FlavorProfile(
id=a10constants.MOCK_FLAVOR_PROF_ID, flavor_data={})
FLAVOR = o_data_models.Flavor(
id=a10constants.MOCK_FLAVOR_ID,
flavor_profile_id=a10constants.MOCK_FLAVOR_PROF_ID)
def __init__(self):
self.project_id = uuidutils.generate_uuid()
self.lb_id = uuidutils.generate_uuid()
self.ip_address = '192.0.2.30'
self.port_id = uuidutils.generate_uuid()
self.network_id = uuidutils.generate_uuid()
self.subnet_id = uuidutils.generate_uuid()
self.qos_policy_id = uuidutils.generate_uuid()
self.listener1_id = uuidutils.generate_uuid()
self.listener2_id = uuidutils.generate_uuid()
self.default_tls_container_ref = uuidutils.generate_uuid()
self.sni_container_ref_1 = uuidutils.generate_uuid()
self.sni_container_ref_2 = uuidutils.generate_uuid()
self.client_ca_tls_certificate_ref = uuidutils.generate_uuid()
self.client_crl_container_ref = uuidutils.generate_uuid()
self.pool_sni_container_ref = uuidutils.generate_uuid()
self.pool_ca_container_ref = uuidutils.generate_uuid()
self.pool_crl_container_ref = uuidutils.generate_uuid()
self.pool1_id = uuidutils.generate_uuid()
self.pool2_id = uuidutils.generate_uuid()
self.hm1_id = uuidutils.generate_uuid()
self.hm2_id = uuidutils.generate_uuid()
self.member1_id = uuidutils.generate_uuid()
self.member2_id = uuidutils.generate_uuid()
self.member3_id = uuidutils.generate_uuid()
self.member4_id = uuidutils.generate_uuid()
self.l7policy1_id = uuidutils.generate_uuid()
self.l7policy2_id = uuidutils.generate_uuid()
self.l7rule1_id = uuidutils.generate_uuid()
self.l7rule2_id = uuidutils.generate_uuid()
self._common_test_dict = {
'provisioning_status': constants.ACTIVE,
'operating_status': constants.ONLINE,
'project_id': self.project_id,
'created_at': 'then',
'updated_at': 'now',
'enabled': True
}
# Setup Health Monitors
self.test_hm1_dict = {
'id': self.hm1_id,
'type': constants.HEALTH_MONITOR_PING,
'delay': 1,
'timeout': 3,
'fall_threshold': 1,
'rise_threshold': 2,
'http_method': 'GET',
'url_path': '/',
'expected_codes': '200',
'name': 'hm1',
'pool_id': self.pool1_id,
'http_version': 1.0,
'domain_name': None,
'project_id': self.project_id
}
self.test_hm1_dict.update(self._common_test_dict)
self.test_hm2_dict = copy.deepcopy(self.test_hm1_dict)
self.test_hm2_dict['id'] = self.hm2_id
self.test_hm2_dict['name'] = 'hm2'
self.test_hm2_dict.update({
'http_version': 1.1,
'domain_name': 'testdomainname.com'
})
self.db_hm1 = data_models.HealthMonitor(**self.test_hm1_dict)
self.db_hm2 = data_models.HealthMonitor(**self.test_hm2_dict)
self.provider_hm1_dict = {
'admin_state_up': True,
'delay': 1,
'expected_codes': '200',
'healthmonitor_id': self.hm1_id,
'http_method': 'GET',
'max_retries': 2,
'max_retries_down': 1,
'name': 'hm1',
'pool_id': self.pool1_id,
'project_id': self.project_id,
'timeout': 3,
'type': constants.HEALTH_MONITOR_PING,
'url_path': '/',
'http_version': 1.0,
'domain_name': None
}
self.provider_hm2_dict = copy.deepcopy(self.provider_hm1_dict)
self.provider_hm2_dict['healthmonitor_id'] = self.hm2_id
self.provider_hm2_dict['name'] = 'hm2'
self.provider_hm2_dict.update({
'http_version': 1.1,
'domain_name': 'testdomainname.com'
})
self.provider_hm1 = driver_dm.HealthMonitor(**self.provider_hm1_dict)
self.provider_hm2 = driver_dm.HealthMonitor(**self.provider_hm2_dict)
# Setup Members
self.test_member1_dict = {
'id': self.member1_id,
'pool_id': self.pool1_id,
'ip_address': '192.0.2.16',
'protocol_port': 80,
'weight': 0,
'backup': False,
'subnet_id': self.subnet_id,
'pool': None,
'project_id': self.project_id,
'name': 'member1',
'monitor_address': '192.0.2.26',
'monitor_port': 81
}
self.test_member1_dict.update(self._common_test_dict)
self.test_member2_dict = copy.deepcopy(self.test_member1_dict)
self.test_member2_dict['id'] = self.member2_id
self.test_member2_dict['ip_address'] = '192.0.2.17'
self.test_member2_dict['monitor_address'] = '192.0.2.27'
self.test_member2_dict['name'] = 'member2'
self.test_member3_dict = copy.deepcopy(self.test_member1_dict)
self.test_member3_dict['id'] = self.member3_id
self.test_member3_dict['ip_address'] = '192.0.2.18'
self.test_member3_dict['monitor_address'] = '192.0.2.28'
self.test_member3_dict['name'] = 'member3'
self.test_member3_dict['pool_id'] = self.pool2_id
self.test_member4_dict = copy.deepcopy(self.test_member1_dict)
self.test_member4_dict['id'] = self.member4_id
self.test_member4_dict['ip_address'] = '192.0.2.19'
self.test_member4_dict['monitor_address'] = '192.0.2.29'
self.test_member4_dict['name'] = 'member4'
self.test_member4_dict['pool_id'] = self.pool2_id
self.test_pool1_members_dict = [
self.test_member1_dict, self.test_member2_dict
]
self.test_pool2_members_dict = [
self.test_member3_dict, self.test_member4_dict
]
self.db_member1 = data_models.Member(**self.test_member1_dict)
self.db_member2 = data_models.Member(**self.test_member2_dict)
self.db_member3 = data_models.Member(**self.test_member3_dict)
self.db_member4 = data_models.Member(**self.test_member4_dict)
self.db_pool1_members = [self.db_member1, self.db_member2]
self.db_pool2_members = [self.db_member3, self.db_member4]
self.provider_member1_dict = {
'address': '192.0.2.16',
'admin_state_up': True,
'member_id': self.member1_id,
'monitor_address': '192.0.2.26',
'monitor_port': 81,
'name': 'member1',
'pool_id': self.pool1_id,
'project_id': self.project_id,
'protocol_port': 80,
'subnet_id': self.subnet_id,
'weight': 0,
'backup': False
}
self.provider_member2_dict = copy.deepcopy(self.provider_member1_dict)
self.provider_member2_dict['member_id'] = self.member2_id
self.provider_member2_dict['address'] = '192.0.2.17'
self.provider_member2_dict['monitor_address'] = '192.0.2.27'
self.provider_member2_dict['name'] = 'member2'
self.provider_member3_dict = copy.deepcopy(self.provider_member1_dict)
self.provider_member3_dict['member_id'] = self.member3_id
self.provider_member3_dict['address'] = '192.0.2.18'
self.provider_member3_dict['monitor_address'] = '192.0.2.28'
self.provider_member3_dict['name'] = 'member3'
self.provider_member3_dict['pool_id'] = self.pool2_id
self.provider_member4_dict = copy.deepcopy(self.provider_member1_dict)
self.provider_member4_dict['member_id'] = self.member4_id
self.provider_member4_dict['address'] = '192.0.2.19'
self.provider_member4_dict['monitor_address'] = '192.0.2.29'
self.provider_member4_dict['name'] = 'member4'
self.provider_member4_dict['pool_id'] = self.pool2_id
self.provider_pool1_members_dict = [
self.provider_member1_dict, self.provider_member2_dict
]
self.provider_pool2_members_dict = [
self.provider_member3_dict, self.provider_member4_dict
]
self.provider_member1 = driver_dm.Member(**self.provider_member1_dict)
self.provider_member2 = driver_dm.Member(**self.provider_member2_dict)
self.provider_member3 = driver_dm.Member(**self.provider_member3_dict)
self.provider_member4 = driver_dm.Member(**self.provider_member4_dict)
self.provider_pool1_members = [
self.provider_member1, self.provider_member2
]
self.provider_pool2_members = [
self.provider_member3, self.provider_member4
]
# Setup test pools
self.test_pool1_dict = {
'id': self.pool1_id,
'name': 'pool1',
'description': 'Pool 1',
'load_balancer_id': self.lb_id,
'project_id': self.project_id,
'protocol': 'avian',
'lb_algorithm': 'round_robin',
'members': self.test_pool1_members_dict,
'health_monitor': self.test_hm1_dict,
'session_persistence': {
'type': 'SOURCE'
},
'listeners': [],
'l7policies': [],
'tls_certificate_id': self.pool_sni_container_ref,
'ca_tls_certificate_id': self.pool_ca_container_ref,
'crl_container_id': self.pool_crl_container_ref,
'tls_enabled': True
}
self.test_pool1_dict.update(self._common_test_dict)
self.test_pool2_dict = copy.deepcopy(self.test_pool1_dict)
self.test_pool2_dict['id'] = self.pool2_id
self.test_pool2_dict['name'] = 'pool2'
self.test_pool2_dict['description'] = 'Pool 2'
self.test_pool2_dict['members'] = self.test_pool2_members_dict
del self.test_pool2_dict['tls_certificate_id']
del self.test_pool2_dict['ca_tls_certificate_id']
del self.test_pool2_dict['crl_container_id']
self.test_pools = [self.test_pool1_dict, self.test_pool2_dict]
self.db_pool1 = data_models.Pool(**self.test_pool1_dict)
self.db_pool1.health_monitor = self.db_hm1
self.db_pool1.members = self.db_pool1_members
self.db_pool2 = data_models.Pool(**self.test_pool2_dict)
self.db_pool2.health_monitor = self.db_hm2
self.db_pool2.members = self.db_pool2_members
self.test_db_pools = [self.db_pool1, self.db_pool2]
pool_cert = data_models.TLSContainer(certificate='pool cert')
pool_ca_file_content = 'X509 POOL CA CERT FILE'
pool_crl_file_content = 'X509 POOL CRL FILE'
self.provider_pool1_dict = {
'admin_state_up': True,
'description': 'Pool 1',
'healthmonitor': self.provider_hm1_dict,
'lb_algorithm': 'round_robin',
'loadbalancer_id': self.lb_id,
'members': self.provider_pool1_members_dict,
'name': 'pool1',
'pool_id': self.pool1_id,
'project_id': self.project_id,
'protocol': 'avian',
'session_persistence': {
'type': 'SOURCE'
},
'tls_container_ref': self.pool_sni_container_ref,
'tls_container_data': pool_cert.to_dict(),
'ca_tls_container_ref': self.pool_ca_container_ref,
'ca_tls_container_data': pool_ca_file_content,
'crl_container_ref': self.pool_crl_container_ref,
'crl_container_data': pool_crl_file_content,
'tls_enabled': True
}
self.provider_pool2_dict = copy.deepcopy(self.provider_pool1_dict)
self.provider_pool2_dict['pool_id'] = self.pool2_id
self.provider_pool2_dict['name'] = 'pool2'
self.provider_pool2_dict['description'] = 'Pool 2'
self.provider_pool2_dict['members'] = self.provider_pool2_members_dict
self.provider_pool2_dict['healthmonitor'] = self.provider_hm2_dict
self.provider_pool2_dict['tls_container_ref'] = None
del self.provider_pool2_dict['tls_container_data']
self.provider_pool2_dict['ca_tls_container_ref'] = None
del self.provider_pool2_dict['ca_tls_container_data']
self.provider_pool2_dict['crl_container_ref'] = None
del self.provider_pool2_dict['crl_container_data']
self.provider_pool1 = driver_dm.Pool(**self.provider_pool1_dict)
self.provider_pool1.members = self.provider_pool1_members
self.provider_pool1.healthmonitor = self.provider_hm1
self.provider_pool2 = driver_dm.Pool(**self.provider_pool2_dict)
self.provider_pool2.members = self.provider_pool2_members
self.provider_pool2.healthmonitor = self.provider_hm2
self.provider_pools = [self.provider_pool1, self.provider_pool2]
# Setup L7Rules
self.test_l7rule1_dict = {
'id': self.l7rule1_id,
'l7policy_id': self.l7policy1_id,
'type': 'o',
'compare_type': 'fake_type',
'key': 'fake_key',
'value': 'fake_value',
'project_id': self.project_id,
'l7policy': None,
'invert': False
}
self.test_l7rule1_dict.update(self._common_test_dict)
self.test_l7rule2_dict = copy.deepcopy(self.test_l7rule1_dict)
self.test_l7rule2_dict['id'] = self.l7rule2_id
self.test_l7rules = [self.test_l7rule1_dict, self.test_l7rule2_dict]
self.db_l7Rule1 = data_models.L7Rule(**self.test_l7rule1_dict)
self.db_l7Rule2 = data_models.L7Rule(**self.test_l7rule2_dict)
self.db_l7Rules = [self.db_l7Rule1, self.db_l7Rule2]
self.provider_l7rule1_dict = {
'admin_state_up': True,
'compare_type': 'fake_type',
'invert': False,
'key': 'fake_key',
'l7policy_id': self.l7policy1_id,
'l7rule_id': self.l7rule1_id,
'type': 'o',
'project_id': self.project_id,
'value': 'fake_value'
}
self.provider_l7rule2_dict = copy.deepcopy(self.provider_l7rule1_dict)
self.provider_l7rule2_dict['l7rule_id'] = self.l7rule2_id
self.provider_l7rules_dicts = [
self.provider_l7rule1_dict, self.provider_l7rule2_dict
]
self.provider_l7rule1 = driver_dm.L7Rule(**self.provider_l7rule1_dict)
self.provider_l7rule2 = driver_dm.L7Rule(**self.provider_l7rule2_dict)
self.provider_rules = [self.provider_l7rule1, self.provider_l7rule2]
# Setup L7Policies
self.test_l7policy1_dict = {
'id': self.l7policy1_id,
'name': 'l7policy_1',
'description': 'L7policy 1',
'listener_id': self.listener1_id,
'action': 'go',
'redirect_pool_id': self.pool1_id,
'redirect_url': '/index.html',
'redirect_prefix': 'https://example.com/',
'project_id': self.project_id,
'position': 1,
'listener': None,
'redirect_pool': None,
'l7rules': self.test_l7rules,
'redirect_http_code': 302
}
self.test_l7policy1_dict.update(self._common_test_dict)
self.test_l7policy2_dict = copy.deepcopy(self.test_l7policy1_dict)
self.test_l7policy2_dict['id'] = self.l7policy2_id
self.test_l7policy2_dict['name'] = 'l7policy_2'
self.test_l7policy2_dict['description'] = 'L7policy 2'
self.test_l7policies = [
self.test_l7policy1_dict, self.test_l7policy2_dict
]
self.db_l7policy1 = data_models.L7Policy(**self.test_l7policy1_dict)
self.db_l7policy2 = data_models.L7Policy(**self.test_l7policy2_dict)
self.db_l7policy1.l7rules = self.db_l7Rules
self.db_l7policy2.l7rules = self.db_l7Rules
self.db_l7policies = [self.db_l7policy1, self.db_l7policy2]
self.provider_l7policy1_dict = {
'action': 'go',
'admin_state_up': True,
'description': 'L7policy 1',
'l7policy_id': self.l7policy1_id,
'listener_id': self.listener1_id,
'name': 'l7policy_1',
'position': 1,
'project_id': self.project_id,
'redirect_pool_id': self.pool1_id,
'redirect_url': '/index.html',
'redirect_prefix': 'https://example.com/',
'rules': self.provider_l7rules_dicts,
'redirect_http_code': 302
}
self.provider_l7policy2_dict = copy.deepcopy(
self.provider_l7policy1_dict)
self.provider_l7policy2_dict['l7policy_id'] = self.l7policy2_id
self.provider_l7policy2_dict['name'] = 'l7policy_2'
self.provider_l7policy2_dict['description'] = 'L7policy 2'
self.provider_l7policies_dict = [
self.provider_l7policy1_dict, self.provider_l7policy2_dict
]
self.provider_l7policy1 = driver_dm.L7Policy(
**self.provider_l7policy1_dict)
self.provider_l7policy1.rules = self.provider_rules
self.provider_l7policy2 = driver_dm.L7Policy(
**self.provider_l7policy2_dict)
self.provider_l7policy2.rules = self.provider_rules
self.provider_l7policies = [
self.provider_l7policy1, self.provider_l7policy2
]
# Setup Listeners
self.test_listener1_dict = {
'id': self.listener1_id,
'name': 'listener_1',
'description': 'Listener 1',
'default_pool_id': self.pool1_id,
'load_balancer_id': self.lb_id,
'project_id': self.project_id,
'protocol': 'avian',
'protocol_port': 90,
'connection_limit': 10000,
'tls_certificate_id': self.default_tls_container_ref,
'stats': None,
'default_pool': self.test_pool1_dict,
'load_balancer': None,
'sni_containers':
[self.sni_container_ref_1, self.sni_container_ref_2],
'peer_port': 55,
'l7policies': self.test_l7policies,
'insert_headers': {},
'pools': None,
'timeout_client_data': 1000,
'timeout_member_connect': 2000,
'timeout_member_data': 3000,
'timeout_tcp_inspect': 4000,
'client_ca_tls_certificate_id': self.client_ca_tls_certificate_ref,
'client_authentication': constants.CLIENT_AUTH_NONE,
'client_crl_container_id': self.client_crl_container_ref
}
self.test_listener1_dict.update(self._common_test_dict)
self.test_listener2_dict = copy.deepcopy(self.test_listener1_dict)
self.test_listener2_dict['id'] = self.listener2_id
self.test_listener2_dict['name'] = 'listener_2'
self.test_listener2_dict['description'] = 'Listener 1'
self.test_listener2_dict['default_pool_id'] = self.pool2_id
self.test_listener2_dict['default_pool'] = self.test_pool2_dict
del self.test_listener2_dict['l7policies']
del self.test_listener2_dict['sni_containers']
del self.test_listener2_dict['client_ca_tls_certificate_id']
del self.test_listener2_dict['client_crl_container_id']
self.test_listeners = [
self.test_listener1_dict, self.test_listener2_dict
]
self.db_listener1 = data_models.Listener(**self.test_listener1_dict)
self.db_listener2 = data_models.Listener(**self.test_listener2_dict)
self.db_listener1.default_pool = self.db_pool1
self.db_listener2.default_pool = self.db_pool2
self.db_listener1.l7policies = self.db_l7policies
self.db_listener1.sni_containers = [
data_models.SNI(tls_container_id='2'),
data_models.SNI(tls_container_id='3')
]
self.test_db_listeners = [self.db_listener1, self.db_listener2]
cert1 = data_models.TLSContainer(certificate='cert 1')
cert2 = data_models.TLSContainer(certificate='cert 2')
cert3 = data_models.TLSContainer(certificate='cert 3')
ca_cert = 'ca cert'
crl_file_content = 'X509 CRL FILE'
self.provider_listener1_dict = {
'admin_state_up':
True,
'connection_limit':
10000,
'default_pool':
self.provider_pool1_dict,
'default_pool_id':
self.pool1_id,
'default_tls_container_data':
cert1.to_dict(),
'default_tls_container_ref':
self.default_tls_container_ref,
'description':
'Listener 1',
'insert_headers': {},
'l7policies':
self.provider_l7policies_dict,
'listener_id':
self.listener1_id,
'loadbalancer_id':
self.lb_id,
'name':
'listener_1',
'project_id':
self.project_id,
'protocol':
'avian',
'protocol_port':
90,
'sni_container_data': [cert2.to_dict(),
cert3.to_dict()],
'sni_container_refs':
[self.sni_container_ref_1, self.sni_container_ref_2],
'timeout_client_data':
1000,
'timeout_member_connect':
2000,
'timeout_member_data':
3000,
'timeout_tcp_inspect':
4000,
'client_ca_tls_container_ref':
self.client_ca_tls_certificate_ref,
'client_ca_tls_container_data':
ca_cert,
'client_authentication':
constants.CLIENT_AUTH_NONE,
'client_crl_container_ref':
self.client_crl_container_ref,
'client_crl_container_data':
crl_file_content
}
self.provider_listener2_dict = copy.deepcopy(
self.provider_listener1_dict)
self.provider_listener2_dict['listener_id'] = self.listener2_id
self.provider_listener2_dict['name'] = 'listener_2'
self.provider_listener2_dict['description'] = 'Listener 1'
self.provider_listener2_dict['default_pool_id'] = self.pool2_id
self.provider_listener2_dict['default_pool'] = self.provider_pool2_dict
del self.provider_listener2_dict['l7policies']
self.provider_listener2_dict['client_ca_tls_container_ref'] = None
del self.provider_listener2_dict['client_ca_tls_container_data']
self.provider_listener2_dict['client_authentication'] = (
constants.CLIENT_AUTH_NONE)
self.provider_listener2_dict['client_crl_container_ref'] = None
del self.provider_listener2_dict['client_crl_container_data']
self.provider_listener1 = driver_dm.Listener(
**self.provider_listener1_dict)
self.provider_listener2 = driver_dm.Listener(
**self.provider_listener2_dict)
self.provider_listener1.default_pool = self.provider_pool1
self.provider_listener2.default_pool = self.provider_pool2
self.provider_listener1.l7policies = self.provider_l7policies
self.provider_listeners = [
self.provider_listener1, self.provider_listener2
]
self.test_vip_dict = {
'ip_address': self.ip_address,
'network_id': self.network_id,
'port_id': self.port_id,
'subnet_id': self.subnet_id,
'qos_policy_id': self.qos_policy_id
}
self.provider_vip_dict = {
'vip_address': self.ip_address,
'vip_network_id': self.network_id,
'vip_port_id': self.port_id,
'vip_subnet_id': self.subnet_id,
'vip_qos_policy_id': self.qos_policy_id
}
self.db_vip = data_models.Vip(ip_address=self.ip_address,
network_id=self.network_id,
port_id=self.port_id,
subnet_id=self.subnet_id,
qos_policy_id=self.qos_policy_id)
def listener_dict_to_provider_dict(listener_dict, for_delete=False):
new_listener_dict = _base_to_provider_dict(listener_dict,
include_project_id=True)
new_listener_dict['listener_id'] = new_listener_dict.pop('id')
if 'load_balancer_id' in new_listener_dict:
new_listener_dict['loadbalancer_id'] = new_listener_dict.pop(
'load_balancer_id')
# Pull the certs out of the certificate manager to pass to the provider
if 'tls_certificate_id' in new_listener_dict:
new_listener_dict['default_tls_container_ref'] = new_listener_dict.pop(
'tls_certificate_id')
if 'sni_containers' in new_listener_dict:
sni_refs = []
sni_containers = new_listener_dict.pop('sni_containers')
for sni in sni_containers:
if 'tls_container_id' in sni:
sni_refs.append(sni['tls_container_id'])
else:
raise exceptions.ValidationException(
detail=_('Invalid SNI container on listener'))
new_listener_dict['sni_container_refs'] = sni_refs
if 'sni_container_refs' in listener_dict:
listener_dict['sni_containers'] = listener_dict.pop(
'sni_container_refs')
if 'client_ca_tls_certificate_id' in new_listener_dict:
new_listener_dict['client_ca_tls_container_ref'] = (
new_listener_dict.pop('client_ca_tls_certificate_id'))
if 'client_crl_container_id' in new_listener_dict:
new_listener_dict['client_crl_container_ref'] = (
new_listener_dict.pop('client_crl_container_id'))
listener_obj = data_models.Listener(**listener_dict)
if (listener_obj.tls_certificate_id or listener_obj.sni_containers
or listener_obj.client_ca_tls_certificate_id):
SNI_objs = []
for sni in listener_obj.sni_containers:
if isinstance(sni, dict):
if 'listener' in sni:
del sni['listener']
sni_obj = data_models.SNI(**sni)
SNI_objs.append(sni_obj)
elif isinstance(sni, str):
sni_obj = data_models.SNI(tls_container_id=sni)
SNI_objs.append(sni_obj)
else:
raise exceptions.ValidationException(
detail=_('Invalid SNI container on listener'))
listener_obj.sni_containers = SNI_objs
cert_manager = stevedore_driver.DriverManager(
namespace='octavia.cert_manager',
name=CONF.certificates.cert_manager,
invoke_on_load=True,
).driver
try:
cert_dict = cert_parser.load_certificates_data(
cert_manager, listener_obj)
except Exception as e:
with excutils.save_and_reraise_exception() as ctxt:
LOG.warning('Unable to retrieve certificate(s) due to %s.',
str(e))
if for_delete:
ctxt.reraise = False
cert_dict = {}
if 'tls_cert' in cert_dict and cert_dict['tls_cert']:
new_listener_dict['default_tls_container_data'] = (
cert_dict['tls_cert'].to_dict(recurse=True))
if 'sni_certs' in cert_dict and cert_dict['sni_certs']:
sni_data_list = []
for sni in cert_dict['sni_certs']:
sni_data_list.append(sni.to_dict(recurse=True))
new_listener_dict['sni_container_data'] = sni_data_list
if listener_obj.client_ca_tls_certificate_id:
cert = _get_secret_data(cert_manager, listener_obj.project_id,
listener_obj.client_ca_tls_certificate_id)
new_listener_dict['client_ca_tls_container_data'] = cert
if listener_obj.client_crl_container_id:
crl_file = _get_secret_data(cert_manager, listener_obj.project_id,
listener_obj.client_crl_container_id)
new_listener_dict['client_crl_container_data'] = crl_file
# Format the allowed_cidrs
if ('allowed_cidrs' in new_listener_dict
and new_listener_dict['allowed_cidrs']
and 'cidr' in new_listener_dict['allowed_cidrs'][0]):
cidrs_dict_list = new_listener_dict.pop('allowed_cidrs')
new_listener_dict['allowed_cidrs'] = [
cidr_dict['cidr'] for cidr_dict in cidrs_dict_list
]
# Remove the DB back references
if 'load_balancer' in new_listener_dict:
del new_listener_dict['load_balancer']
if 'peer_port' in new_listener_dict:
del new_listener_dict['peer_port']
if 'pools' in new_listener_dict:
del new_listener_dict['pools']
if 'stats' in new_listener_dict:
del new_listener_dict['stats']
if ('default_pool' in new_listener_dict
and new_listener_dict['default_pool']):
pool = new_listener_dict.pop('default_pool')
new_listener_dict['default_pool'] = pool_dict_to_provider_dict(
pool, for_delete=for_delete)
provider_l7policies = []
if 'l7policies' in new_listener_dict:
l7policies = new_listener_dict.pop('l7policies') or []
for l7policy in l7policies:
provider_l7policy = l7policy_dict_to_provider_dict(l7policy)
provider_l7policies.append(provider_l7policy)
new_listener_dict['l7policies'] = provider_l7policies
return new_listener_dict
def test_create_load_balancer_full_graph(
self,
mock_get_create_load_balancer_graph_flows,
mock_get_create_load_balancer_flow,
mock_get_post_lb_amp_association_flow,
mock_api_get_session,
mock_dyn_log_listener,
mock_taskflow_load,
mock_pool_repo_get,
mock_member_repo_get,
mock_l7rule_repo_get,
mock_l7policy_repo_get,
mock_listener_repo_get,
mock_lb_repo_get,
mock_health_mon_repo_get,
mock_amp_repo_get):
CONF.set_override(group='controller_worker',
name='loadbalancer_topology',
override=constants.TOPOLOGY_SINGLE,
enforce_type=True)
listeners = [data_models.Listener(id='listener1'),
data_models.Listener(id='listener2')]
lb = data_models.LoadBalancer(id=LB_ID, listeners=listeners)
mock_lb_repo_get.return_value = lb
mock_eng = mock.Mock()
mock_eng_post = mock.Mock()
mock_taskflow_load.side_effect = [mock_eng, mock_eng_post]
_post_flow = mock.MagicMock()
mock_get_create_load_balancer_graph_flows.return_value = (
_flow_mock, _post_flow
)
store = {constants.LOADBALANCER_ID: LB_ID,
'update_dict': {'topology': 'SINGLE'}}
cw = controller_worker.ControllerWorker()
cw.create_load_balancer(LB_ID)
calls = [mock.call(_flow_mock, store=store),
mock.call(_post_flow, store=store)]
mock_taskflow_load.assert_has_calls(calls, any_order=True)
mock_eng.run.assert_any_call()
mock_eng_post.run.assert_any_call()
mock_get_create_load_balancer_graph_flows.assert_called_once_with(
'SINGLE', 'post-amphora-association'
)
self.assertFalse(mock_get_create_load_balancer_flow.called)
self.assertFalse(mock_get_post_lb_amp_association_flow.called)
# Test code path for active standby full lb graph creation
CONF.set_override(group='controller_worker',
name='loadbalancer_topology',
override=constants.TOPOLOGY_ACTIVE_STANDBY)
_flow_mock.reset_mock()
mock_get_create_load_balancer_graph_flows.reset_mock()
mock_taskflow_load.reset_mock()
mock_eng = mock.Mock()
mock_eng_post = mock.Mock()
mock_taskflow_load.side_effect = [mock_eng, mock_eng_post]
_post_flow = mock.MagicMock()
mock_get_create_load_balancer_graph_flows.return_value = (
_flow_mock, _post_flow
)
store = {constants.LOADBALANCER_ID: LB_ID,
'update_dict': {'topology': 'ACTIVE_STANDBY'}}
cw = controller_worker.ControllerWorker()
cw.create_load_balancer(LB_ID)
calls = [mock.call(_flow_mock, store=store),
mock.call(_post_flow, store=store)]
mock_taskflow_load.assert_has_calls(calls, any_order=True)
mock_eng.run.assert_any_call()
mock_eng_post.run.assert_any_call()
mock_get_create_load_balancer_graph_flows.assert_called_once_with(
'ACTIVE_STANDBY', 'post-amphora-association'
)
self.assertFalse(mock_get_create_load_balancer_flow.called)
self.assertFalse(mock_get_post_lb_amp_association_flow.called)
def listener_dict_to_provider_dict(listener_dict):
new_listener_dict = _base_to_provider_dict(listener_dict,
include_project_id=True)
new_listener_dict['listener_id'] = new_listener_dict.pop('id')
if 'load_balancer_id' in new_listener_dict:
new_listener_dict['loadbalancer_id'] = new_listener_dict.pop(
'load_balancer_id')
# Pull the certs out of the certificate manager to pass to the provider
if 'tls_certificate_id' in new_listener_dict:
new_listener_dict['default_tls_container_ref'] = new_listener_dict.pop(
'tls_certificate_id')
if 'sni_containers' in new_listener_dict:
sni_refs = []
sni_containers = new_listener_dict.pop('sni_containers')
for sni in sni_containers:
if 'tls_container_id' in sni:
sni_refs.append(sni['tls_container_id'])
else:
raise exceptions.ValidationException(
detail=_('Invalid SNI container on listener'))
new_listener_dict['sni_container_refs'] = sni_refs
if 'sni_container_refs' in listener_dict:
listener_dict['sni_containers'] = listener_dict.pop(
'sni_container_refs')
if 'client_ca_tls_certificate_id' in new_listener_dict:
new_listener_dict['client_ca_tls_container_ref'] = (
new_listener_dict.pop('client_ca_tls_certificate_id'))
if 'client_crl_container_id' in new_listener_dict:
new_listener_dict['client_crl_container_ref'] = (
new_listener_dict.pop('client_crl_container_id'))
listener_obj = data_models.Listener(**listener_dict)
if (listener_obj.tls_certificate_id or listener_obj.sni_containers or
listener_obj.client_ca_tls_certificate_id):
SNI_objs = []
for sni in listener_obj.sni_containers:
if isinstance(sni, dict):
if 'listener' in sni:
del sni['listener']
sni_obj = data_models.SNI(**sni)
SNI_objs.append(sni_obj)
elif isinstance(sni, six.string_types):
sni_obj = data_models.SNI(tls_container_id=sni)
SNI_objs.append(sni_obj)
else:
raise exceptions.ValidationException(
detail=_('Invalid SNI container on listener'))
listener_obj.sni_containers = SNI_objs
cert_manager = stevedore_driver.DriverManager(
namespace='octavia.cert_manager',
name=CONF.certificates.cert_manager,
invoke_on_load=True,
).driver
cert_dict = cert_parser.load_certificates_data(cert_manager,
listener_obj)
if 'tls_cert' in cert_dict and cert_dict['tls_cert']:
new_listener_dict['default_tls_container_data'] = (
cert_dict['tls_cert'].to_dict())
if 'sni_certs' in cert_dict and cert_dict['sni_certs']:
sni_data_list = []
for sni in cert_dict['sni_certs']:
sni_data_list.append(sni.to_dict())
new_listener_dict['sni_container_data'] = sni_data_list
if listener_obj.client_ca_tls_certificate_id:
cert = _get_secret_data(cert_manager, listener_obj.project_id,
listener_obj.client_ca_tls_certificate_id)
new_listener_dict['client_ca_tls_container_data'] = cert
if listener_obj.client_crl_container_id:
crl_file = _get_secret_data(cert_manager, listener_obj.project_id,
listener_obj.client_crl_container_id)
new_listener_dict['client_crl_container_data'] = crl_file
# Remove the DB back references
if 'load_balancer' in new_listener_dict:
del new_listener_dict['load_balancer']
if 'peer_port' in new_listener_dict:
del new_listener_dict['peer_port']
if 'pools' in new_listener_dict:
del new_listener_dict['pools']
if 'stats' in new_listener_dict:
del new_listener_dict['stats']
if ('default_pool' in new_listener_dict and
new_listener_dict['default_pool']):
pool = new_listener_dict.pop('default_pool')
new_listener_dict['default_pool'] = pool_dict_to_provider_dict(pool)
provider_l7policies = []
if 'l7policies' in new_listener_dict:
l7policies = new_listener_dict.pop('l7policies') or []
for l7policy in l7policies:
provider_l7policy = l7policy_dict_to_provider_dict(l7policy)
provider_l7policies.append(provider_l7policy)
new_listener_dict['l7policies'] = provider_l7policies
return new_listener_dict
from mock import patch
from octavia.certificates.common.auth.barbican_acl import BarbicanACLAuth
from octavia.common import data_models as o_data_models
from octavia.tests.common import constants as t_constants
from a10_octavia.common.data_models import Certificate
from a10_octavia.common.data_models import VThunder
from a10_octavia.controller.worker.tasks import cert_tasks
from a10_octavia.tests.common import a10constants as a10_test_constants
from a10_octavia.tests.unit.base import BaseTaskTestCase
LB = o_data_models.LoadBalancer(id=a10_test_constants.MOCK_LOAD_BALANCER_ID,
project_id=t_constants.MOCK_PROJECT_ID)
LISTENER = o_data_models.Listener(id=a10_test_constants.MOCK_LISTENER_ID,
protocol='TERMINATED_HTTPS', protocol_port=2222,
load_balancer=LB, tls_certificate_id='certificate-id-1')
VTHUNDER = VThunder()
CERT_DATA = Certificate(cert_filename=a10_test_constants.MOCK_CERT_FILENAME,
cert_content=a10_test_constants.MOCK_CERT_CONTENT,
key_filename=a10_test_constants.MOCK_KEY_FILENAME,
key_content=a10_test_constants.MOCK_KEY_CONTENT,
template_name=a10_test_constants.MOCK_TEMPLATE_NAME,
key_pass=a10_test_constants.MOCK_KEY_PASS)
class TestCertHandlerTasks(BaseTaskTestCase):
def setUp(self):
super(TestCertHandlerTasks, self).setUp()
