def test_listener_dict_to_provider_dict(self, mock_load_cert, mock_secret): mock_secret.side_effect = [ 'ca cert', 'X509 CRL FILE', 'X509 POOL CA CERT FILE', 'X509 POOL CRL FILE' ] cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') listener_certs = {'tls_cert': cert1, 'sni_certs': [cert2, cert3]} pool_cert = data_models.TLSContainer(certificate='pool cert') pool_certs = {'tls_cert': pool_cert, 'sni_certs': []} mock_load_cert.side_effect = [listener_certs, pool_certs] # The reason to do this, as before the logic arrives the test func, # there are two data sources, one is from db_dict, the other is from # the api layer model_dict, actually, they are different and contain # different fields. That's why the test_listener1_dict from sample data # just contain the client_ca_tls_certificate_id for client certificate, # not any other related fields. So we need to delete them. expect_prov = copy.deepcopy(self.sample_data.provider_listener1_dict) expect_pool_prov = copy.deepcopy(self.sample_data.provider_pool1_dict) expect_prov['default_pool'] = expect_pool_prov provider_listener = utils.listener_dict_to_provider_dict( self.sample_data.test_listener1_dict) # TODO(johnsom) Remove this once the listener ACLs patch merges # https://review.opendev.org/#/c/659626/ del expect_prov['allowed_cidrs'] self.assertEqual(expect_prov, provider_listener)
def test_lb_dict_to_provider_dict(self, mock_load_cert, mock_secret, mock_get_session, mock_get_flavor): cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') mock_secret.side_effect = ['X509 POOL CA CERT FILE', 'X509 POOL CRL FILE', 'ca cert', 'X509 CRL FILE', 'ca cert', 'X509 CRL FILE', 'X509 POOL CA CERT FILE', 'X509 CRL FILE'] listener_certs = {'tls_cert': cert1, 'sni_certs': [cert2, cert3]} pool_cert = data_models.TLSContainer(certificate='pool cert') pool_certs = {'tls_cert': pool_cert, 'sni_certs': []} mock_load_cert.side_effect = [pool_certs, listener_certs, listener_certs, listener_certs, listener_certs] mock_get_flavor.return_value = {'shaved_ice': 'cherry'} test_lb_dict = {'name': 'lb1', 'project_id': self.sample_data.project_id, 'vip_subnet_id': self.sample_data.subnet_id, 'vip_port_id': self.sample_data.port_id, 'vip_address': self.sample_data.ip_address, 'vip_network_id': self.sample_data.network_id, 'vip_qos_policy_id': self.sample_data.qos_policy_id, 'id': self.sample_data.lb_id, 'listeners': [], 'pools': [], 'description': '', 'admin_state_up': True, 'provisioning_status': constants.PENDING_CREATE, 'operating_status': constants.OFFLINE, 'flavor_id': 'flavor_id', 'provider': 'noop_driver'} ref_listeners = copy.deepcopy(self.sample_data.provider_listeners) ref_prov_lb_dict = { 'vip_address': self.sample_data.ip_address, 'admin_state_up': True, 'loadbalancer_id': self.sample_data.lb_id, 'vip_subnet_id': self.sample_data.subnet_id, 'listeners': ref_listeners, 'description': '', 'project_id': self.sample_data.project_id, 'vip_port_id': self.sample_data.port_id, 'vip_qos_policy_id': self.sample_data.qos_policy_id, 'vip_network_id': self.sample_data.network_id, 'pools': self.sample_data.provider_pools, 'flavor': {'shaved_ice': 'cherry'}, 'name': 'lb1'} vip = data_models.Vip(ip_address=self.sample_data.ip_address, network_id=self.sample_data.network_id, port_id=self.sample_data.port_id, subnet_id=self.sample_data.subnet_id, qos_policy_id=self.sample_data.qos_policy_id) provider_lb_dict = utils.lb_dict_to_provider_dict( test_lb_dict, vip=vip, db_pools=self.sample_data.test_db_pools, db_listeners=self.sample_data.test_db_listeners) self.assertEqual(ref_prov_lb_dict, provider_lb_dict)
def test_lb_dict_to_provider_dict(self, mock_load_cert): cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') mock_load_cert.return_value = { 'tls_cert': cert1, 'sni_certs': [cert2, cert3] } test_lb_dict = { 'name': 'lb1', 'project_id': self.sample_data.project_id, 'vip_subnet_id': self.sample_data.subnet_id, 'vip_port_id': self.sample_data.port_id, 'vip_address': self.sample_data.ip_address, 'vip_network_id': self.sample_data.network_id, 'vip_qos_policy_id': self.sample_data.qos_policy_id, 'id': self.sample_data.lb_id, 'listeners': [], 'pools': [], 'description': '', 'admin_state_up': True, 'provisioning_status': constants.PENDING_CREATE, 'operating_status': constants.OFFLINE, 'flavor_id': '', 'provider': 'noop_driver' } ref_prov_lb_dict = { 'vip_address': self.sample_data.ip_address, 'admin_state_up': True, 'loadbalancer_id': self.sample_data.lb_id, 'vip_subnet_id': self.sample_data.subnet_id, 'listeners': self.sample_data.provider_listeners, 'description': '', 'project_id': self.sample_data.project_id, 'flavor_id': '', 'vip_port_id': self.sample_data.port_id, 'vip_qos_policy_id': self.sample_data.qos_policy_id, 'vip_network_id': self.sample_data.network_id, 'pools': self.sample_data.provider_pools, 'name': 'lb1' } vip = data_models.Vip(ip_address=self.sample_data.ip_address, network_id=self.sample_data.network_id, port_id=self.sample_data.port_id, subnet_id=self.sample_data.subnet_id, qos_policy_id=self.sample_data.qos_policy_id) provider_lb_dict = utils.lb_dict_to_provider_dict( test_lb_dict, vip=vip, db_pools=self.sample_data.test_db_pools, db_listeners=self.sample_data.test_db_listeners) self.assertEqual(ref_prov_lb_dict, provider_lb_dict)
def test_listener_dict_to_provider_dict(self, mock_load_cert): cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') mock_load_cert.return_value = { 'tls_cert': cert1, 'sni_certs': [cert2, cert3] } provider_listener = utils.listener_dict_to_provider_dict( self.sample_data.test_listener1_dict) self.assertEqual(self.sample_data.provider_listener1_dict, provider_listener)
def test_process_tls_certificates(self): listener = sample_configs.sample_listener_tuple(tls=True, sni=True) with mock.patch.object(cert_parser, 'build_pem') as bp: with mock.patch.object(cert_parser, 'load_certificates_data') as cd: with mock.patch.object(cert_parser, 'get_host_names') as cp: with mock.patch.object(self.driver, '_exec_on_amphorae') as ea: self.driver.barbican_client = mock.MagicMock() cp.return_value = {'cn': 'fakeCN'} pem = 'imapem' bp.return_value = pem tls_cont = data_models.TLSContainer( primary_cn='fakecn', certificate='fakecert', private_key='fakepk') sni_cont1 = data_models.TLSContainer( primary_cn='fakecn1', certificate='fakecert', private_key='fakepk') sni_cont2 = data_models.TLSContainer( primary_cn='fakecn2', certificate='fakecert', private_key='fakepk') cd.return_value = {'tls_cert': tls_cont, 'sni_certs': [sni_cont1, sni_cont2]} self.driver._process_tls_certificates(listener) # Ensure upload_cert is called three times calls_bbq = [mock.call(self.driver.cert_manager, listener)] cd.assert_has_calls(calls_bbq) calls_bp = [ mock.call(tls_cont), mock.call(sni_cont1), mock.call(sni_cont2)] bp.assert_has_calls(calls_bp) cert_dir = os.path.join( self.driver.amp_config.base_cert_dir, listener.id) cmd = 'chmod 600 {base_path}/*.pem'.format( base_path=cert_dir) listener_cert = '{0}/fakecn.pem'.format(cert_dir) ea.assert_has_calls([ mock.call(listener.load_balancer.amphorae, [cmd], make_dir=cert_dir, data=[pem, pem, pem], upload_dir=listener_cert)])
def test_listener_dict_to_provider_dict_SNI(self, mock_load_cert): cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') mock_load_cert.return_value = { 'tls_cert': cert1, 'sni_certs': [cert2, cert3] } # Test with bad SNI content test_listener = copy.deepcopy(self.sample_data.test_listener1_dict) test_listener['sni_containers'] = [[]] self.assertRaises(exceptions.ValidationException, utils.listener_dict_to_provider_dict, test_listener)
def test_db_listeners_to_provider_listeners(self, mock_load_cert, mock_secret): mock_secret.side_effect = ['ca cert', 'X509 CRL FILE', 'ca cert', 'X509 CRL FILE', 'ca cert', 'X509 CRL FILE'] cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') mock_load_cert.return_value = {'tls_cert': cert1, 'sni_certs': [cert2, cert3]} provider_listeners = utils.db_listeners_to_provider_listeners( self.sample_data.test_db_listeners) ref_listeners = copy.deepcopy(self.sample_data.provider_listeners) self.assertEqual(ref_listeners, provider_listeners)
def test_map_cert_tls_container(self, cert_mock): tls = data_models.TLSContainer( id=sample_certs.X509_CERT_SHA1, primary_cn=sample_certs.X509_CERT_CN, certificate=sample_certs.X509_CERT, private_key=sample_certs.X509_CERT_KEY_ENCRYPTED, passphrase=sample_certs.X509_CERT_KEY_PASSPHRASE, intermediates=sample_certs.X509_IMDS_LIST) cert_mock.get_private_key.return_value = tls.private_key cert_mock.get_certificate.return_value = tls.certificate cert_mock.get_intermediates.return_value = tls.intermediates cert_mock.get_private_key_passphrase.return_value = tls.passphrase with mock.patch.object(cert_parser, 'get_host_names') as cp: cp.return_value = {'cn': sample_certs.X509_CERT_CN} self.assertEqual(tls.id, cert_parser._map_cert_tls_container(cert_mock).id) self.assertEqual( tls.primary_cn, cert_parser._map_cert_tls_container(cert_mock).primary_cn) self.assertEqual( tls.certificate, cert_parser._map_cert_tls_container(cert_mock).certificate) self.assertEqual( sample_certs.X509_CERT_KEY, cert_parser._map_cert_tls_container(cert_mock).private_key) self.assertEqual( tls.intermediates, cert_parser._map_cert_tls_container(cert_mock).intermediates)
def _map_cert_tls_container(cert): certificate = cert.get_certificate() private_key = cert.get_private_key() private_key_passphrase = cert.get_private_key_passphrase() intermediates = cert.get_intermediates() if isinstance(certificate, six.string_types): certificate = certificate.encode('utf-8') if isinstance(private_key, six.string_types): private_key = private_key.encode('utf-8') if isinstance(private_key_passphrase, six.string_types): private_key_passphrase = private_key_passphrase.encode('utf-8') if intermediates: intermediates = [ (imd.encode('utf-8') if isinstance(imd, six.string_types) else imd) for imd in intermediates ] else: intermediates = [] return data_models.TLSContainer( # TODO(rm_work): applying nosec here because this is not intended to be # secure, it's just a way to get a consistent ID. Changing this would # break backwards compatibility with existing loadbalancers. id=hashlib.sha1(certificate).hexdigest(), # nosec primary_cn=get_primary_cn(certificate), private_key=prepare_private_key(private_key, private_key_passphrase), certificate=certificate, intermediates=intermediates)
def _map_cert_tls_container(cert): return data_models.TLSContainer(primary_cn=get_primary_cn(cert), private_key=prepare_private_key( cert.get_private_key(), cert.get_private_key_passphrase()), certificate=cert.get_certificate(), intermediates=cert.get_intermediates())
def test_db_pools_to_provider_pools(self, mock_load_cert, mock_secret): pool_cert = data_models.TLSContainer(certificate='pool cert') mock_load_cert.return_value = {'tls_cert': pool_cert, 'sni_certs': None, 'client_ca_cert': None} mock_secret.side_effect = ['X509 POOL CA CERT FILE', 'X509 POOL CRL FILE'] provider_pools = utils.db_pools_to_provider_pools( self.sample_data.test_db_pools) self.assertEqual(self.sample_data.provider_pools, provider_pools)
def _map_cert_tls_container(cert): return data_models.TLSContainer( # TODO(rm_work): applying nosec here because this is not intended to be # secure, it's just a way to get a consistent ID. Changing this would # break backwards compatibility with existing loadbalancers. id=hashlib.sha1(cert.get_certificate()).hexdigest(), # nosec primary_cn=get_primary_cn(cert), private_key=prepare_private_key(cert.get_private_key(), cert.get_private_key_passphrase()), certificate=cert.get_certificate(), intermediates=cert.get_intermediates())
def test_db_listeners_to_provider_listeners(self, mock_load_cert, mock_secret): mock_secret.side_effect = [ 'ca cert', 'X509 CRL FILE', 'ca cert', 'X509 CRL FILE', 'ca cert', 'X509 CRL FILE' ] cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') mock_load_cert.return_value = { 'tls_cert': cert1, 'sni_certs': [cert2, cert3] } provider_listeners = utils.db_listeners_to_provider_listeners( self.sample_data.test_db_listeners) ref_listeners = copy.deepcopy(self.sample_data.provider_listeners) # TODO(johnsom) Remove when versions implemented for listener in ref_listeners: delattr(listener, lib_constants.TLS_VERSIONS) self.assertEqual(ref_listeners, provider_listeners)
def test_pool_dict_to_provider_dict(self, mock_load_cert, mock_secret): pool_cert = data_models.TLSContainer(certificate='pool cert') mock_load_cert.return_value = {'tls_cert': pool_cert, 'sni_certs': None, 'client_ca_cert': None} mock_secret.side_effect = ['X509 POOL CA CERT FILE', 'X509 POOL CRL FILE'] expect_prov = copy.deepcopy(self.sample_data.provider_pool1_dict) expect_prov.pop('crl_container_ref') provider_pool_dict = utils.pool_dict_to_provider_dict( self.sample_data.test_pool1_dict) provider_pool_dict.pop('crl_container_ref') self.assertEqual(expect_prov, provider_pool_dict)
def test_db_listeners_to_provider_listeners(self, mock_load_cert, mock_secret): mock_secret.side_effect = [ 'ca cert', 'X509 CRL FILE', 'ca cert', 'X509 CRL FILE', 'ca cert', 'X509 CRL FILE' ] cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') mock_load_cert.return_value = { 'tls_cert': cert1, 'sni_certs': [cert2, cert3] } provider_listeners = utils.db_listeners_to_provider_listeners( self.sample_data.test_db_listeners) ref_listeners = copy.deepcopy(self.sample_data.provider_listeners) # TODO(johnsom) Remove this once the listener ACLs patch merges # https://review.opendev.org/#/c/659626/ for listener in ref_listeners: try: del listener.allowed_cidrs except AttributeError: pass self.assertEqual(ref_listeners, provider_listeners)
def test_db_pool_to_provider_pool(self, mock_load_cert, mock_secret): pool_cert = data_models.TLSContainer(certificate='pool cert') mock_load_cert.return_value = { 'tls_cert': pool_cert, 'sni_certs': None, 'client_ca_cert': None } mock_secret.side_effect = [ 'X509 POOL CA CERT FILE', 'X509 POOL CRL FILE' ] provider_pool = utils.db_pool_to_provider_pool( self.sample_data.db_pool1) # TODO(johnsom) Remove when versions and ciphers are implemented expect_prov_pool = copy.deepcopy(self.sample_data.provider_pool1) delattr(expect_prov_pool, lib_constants.TLS_VERSIONS) self.assertEqual(expect_prov_pool, provider_pool)
def test_map_cert_tls_container(self, cert_mock): tls = data_models.TLSContainer( primary_cn='fakeCN', certificate='imaCert', private_key='imaPrivateKey', intermediates=['imainter1', 'imainter2']) cert_mock.get_private_key.return_value = tls.private_key cert_mock.get_certificate.return_value = tls.certificate cert_mock.get_intermediates.return_value = tls.intermediates with mock.patch.object(cert_parser, 'get_host_names') as cp: cp.return_value = {'cn': 'fakeCN'} self.assertEqual( tls.primary_cn, cert_parser._map_cert_tls_container(cert_mock).primary_cn) self.assertEqual( tls.certificate, cert_parser._map_cert_tls_container(cert_mock).certificate) self.assertEqual( tls.private_key, cert_parser._map_cert_tls_container(cert_mock).private_key) self.assertEqual( tls.intermediates, cert_parser._map_cert_tls_container(cert_mock).intermediates)
def __init__(self): self.project_id = uuidutils.generate_uuid() self.lb_id = uuidutils.generate_uuid() self.ip_address = '192.0.2.30' self.port_id = uuidutils.generate_uuid() self.network_id = uuidutils.generate_uuid() self.subnet_id = uuidutils.generate_uuid() self.qos_policy_id = uuidutils.generate_uuid() self.listener1_id = uuidutils.generate_uuid() self.listener2_id = uuidutils.generate_uuid() self.default_tls_container_ref = uuidutils.generate_uuid() self.sni_container_ref_1 = uuidutils.generate_uuid() self.sni_container_ref_2 = uuidutils.generate_uuid() self.client_ca_tls_certificate_ref = uuidutils.generate_uuid() self.client_crl_container_ref = uuidutils.generate_uuid() self.pool_sni_container_ref = uuidutils.generate_uuid() self.pool_ca_container_ref = uuidutils.generate_uuid() self.pool_crl_container_ref = uuidutils.generate_uuid() self.pool1_id = uuidutils.generate_uuid() self.pool2_id = uuidutils.generate_uuid() self.hm1_id = uuidutils.generate_uuid() self.hm2_id = uuidutils.generate_uuid() self.member1_id = uuidutils.generate_uuid() self.member2_id = uuidutils.generate_uuid() self.member3_id = uuidutils.generate_uuid() self.member4_id = uuidutils.generate_uuid() self.l7policy1_id = uuidutils.generate_uuid() self.l7policy2_id = uuidutils.generate_uuid() self.l7rule1_id = uuidutils.generate_uuid() self.l7rule2_id = uuidutils.generate_uuid() self._common_test_dict = { 'provisioning_status': constants.ACTIVE, 'operating_status': constants.ONLINE, 'project_id': self.project_id, 'created_at': 'then', 'updated_at': 'now', 'enabled': True } # Setup Health Monitors self.test_hm1_dict = { 'id': self.hm1_id, 'type': constants.HEALTH_MONITOR_PING, 'delay': 1, 'timeout': 3, 'fall_threshold': 1, 'rise_threshold': 2, 'http_method': 'GET', 'url_path': '/', 'expected_codes': '200', 'name': 'hm1', 'pool_id': self.pool1_id, 'http_version': 1.0, 'domain_name': None, 'project_id': self.project_id } self.test_hm1_dict.update(self._common_test_dict) self.test_hm2_dict = copy.deepcopy(self.test_hm1_dict) self.test_hm2_dict['id'] = self.hm2_id self.test_hm2_dict['name'] = 'hm2' self.test_hm2_dict.update({ 'http_version': 1.1, 'domain_name': 'testdomainname.com' }) self.db_hm1 = data_models.HealthMonitor(**self.test_hm1_dict) self.db_hm2 = data_models.HealthMonitor(**self.test_hm2_dict) self.provider_hm1_dict = { 'admin_state_up': True, 'delay': 1, 'expected_codes': '200', 'healthmonitor_id': self.hm1_id, 'http_method': 'GET', 'max_retries': 2, 'max_retries_down': 1, 'name': 'hm1', 'pool_id': self.pool1_id, 'project_id': self.project_id, 'timeout': 3, 'type': constants.HEALTH_MONITOR_PING, 'url_path': '/', 'http_version': 1.0, 'domain_name': None } self.provider_hm2_dict = copy.deepcopy(self.provider_hm1_dict) self.provider_hm2_dict['healthmonitor_id'] = self.hm2_id self.provider_hm2_dict['name'] = 'hm2' self.provider_hm2_dict.update({ 'http_version': 1.1, 'domain_name': 'testdomainname.com' }) self.provider_hm1 = driver_dm.HealthMonitor(**self.provider_hm1_dict) self.provider_hm2 = driver_dm.HealthMonitor(**self.provider_hm2_dict) # Setup Members self.test_member1_dict = { 'id': self.member1_id, 'pool_id': self.pool1_id, 'ip_address': '192.0.2.16', 'protocol_port': 80, 'weight': 0, 'backup': False, 'subnet_id': self.subnet_id, 'pool': None, 'project_id': self.project_id, 'name': 'member1', 'monitor_address': '192.0.2.26', 'monitor_port': 81 } self.test_member1_dict.update(self._common_test_dict) self.test_member2_dict = copy.deepcopy(self.test_member1_dict) self.test_member2_dict['id'] = self.member2_id self.test_member2_dict['ip_address'] = '192.0.2.17' self.test_member2_dict['monitor_address'] = '192.0.2.27' self.test_member2_dict['name'] = 'member2' self.test_member3_dict = copy.deepcopy(self.test_member1_dict) self.test_member3_dict['id'] = self.member3_id self.test_member3_dict['ip_address'] = '192.0.2.18' self.test_member3_dict['monitor_address'] = '192.0.2.28' self.test_member3_dict['name'] = 'member3' self.test_member3_dict['pool_id'] = self.pool2_id self.test_member4_dict = copy.deepcopy(self.test_member1_dict) self.test_member4_dict['id'] = self.member4_id self.test_member4_dict['ip_address'] = '192.0.2.19' self.test_member4_dict['monitor_address'] = '192.0.2.29' self.test_member4_dict['name'] = 'member4' self.test_member4_dict['pool_id'] = self.pool2_id self.test_pool1_members_dict = [ self.test_member1_dict, self.test_member2_dict ] self.test_pool2_members_dict = [ self.test_member3_dict, self.test_member4_dict ] self.db_member1 = data_models.Member(**self.test_member1_dict) self.db_member2 = data_models.Member(**self.test_member2_dict) self.db_member3 = data_models.Member(**self.test_member3_dict) self.db_member4 = data_models.Member(**self.test_member4_dict) self.db_pool1_members = [self.db_member1, self.db_member2] self.db_pool2_members = [self.db_member3, self.db_member4] self.provider_member1_dict = { 'address': '192.0.2.16', 'admin_state_up': True, 'member_id': self.member1_id, 'monitor_address': '192.0.2.26', 'monitor_port': 81, 'name': 'member1', 'pool_id': self.pool1_id, 'project_id': self.project_id, 'protocol_port': 80, 'subnet_id': self.subnet_id, 'weight': 0, 'backup': False } self.provider_member2_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member2_dict['member_id'] = self.member2_id self.provider_member2_dict['address'] = '192.0.2.17' self.provider_member2_dict['monitor_address'] = '192.0.2.27' self.provider_member2_dict['name'] = 'member2' self.provider_member3_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member3_dict['member_id'] = self.member3_id self.provider_member3_dict['address'] = '192.0.2.18' self.provider_member3_dict['monitor_address'] = '192.0.2.28' self.provider_member3_dict['name'] = 'member3' self.provider_member3_dict['pool_id'] = self.pool2_id self.provider_member4_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member4_dict['member_id'] = self.member4_id self.provider_member4_dict['address'] = '192.0.2.19' self.provider_member4_dict['monitor_address'] = '192.0.2.29' self.provider_member4_dict['name'] = 'member4' self.provider_member4_dict['pool_id'] = self.pool2_id self.provider_pool1_members_dict = [ self.provider_member1_dict, self.provider_member2_dict ] self.provider_pool2_members_dict = [ self.provider_member3_dict, self.provider_member4_dict ] self.provider_member1 = driver_dm.Member(**self.provider_member1_dict) self.provider_member2 = driver_dm.Member(**self.provider_member2_dict) self.provider_member3 = driver_dm.Member(**self.provider_member3_dict) self.provider_member4 = driver_dm.Member(**self.provider_member4_dict) self.provider_pool1_members = [ self.provider_member1, self.provider_member2 ] self.provider_pool2_members = [ self.provider_member3, self.provider_member4 ] # Setup test pools self.test_pool1_dict = { 'id': self.pool1_id, 'name': 'pool1', 'description': 'Pool 1', 'load_balancer_id': self.lb_id, 'project_id': self.project_id, 'protocol': 'avian', 'lb_algorithm': 'round_robin', 'members': self.test_pool1_members_dict, 'health_monitor': self.test_hm1_dict, 'session_persistence': { 'type': 'SOURCE' }, 'listeners': [], 'l7policies': [], 'tls_certificate_id': self.pool_sni_container_ref, 'ca_tls_certificate_id': self.pool_ca_container_ref, 'crl_container_id': self.pool_crl_container_ref, 'tls_enabled': True } self.test_pool1_dict.update(self._common_test_dict) self.test_pool2_dict = copy.deepcopy(self.test_pool1_dict) self.test_pool2_dict['id'] = self.pool2_id self.test_pool2_dict['name'] = 'pool2' self.test_pool2_dict['description'] = 'Pool 2' self.test_pool2_dict['members'] = self.test_pool2_members_dict del self.test_pool2_dict['tls_certificate_id'] del self.test_pool2_dict['ca_tls_certificate_id'] del self.test_pool2_dict['crl_container_id'] self.test_pools = [self.test_pool1_dict, self.test_pool2_dict] self.db_pool1 = data_models.Pool(**self.test_pool1_dict) self.db_pool1.health_monitor = self.db_hm1 self.db_pool1.members = self.db_pool1_members self.db_pool2 = data_models.Pool(**self.test_pool2_dict) self.db_pool2.health_monitor = self.db_hm2 self.db_pool2.members = self.db_pool2_members self.test_db_pools = [self.db_pool1, self.db_pool2] pool_cert = data_models.TLSContainer(certificate='pool cert') pool_ca_file_content = 'X509 POOL CA CERT FILE' pool_crl_file_content = 'X509 POOL CRL FILE' self.provider_pool1_dict = { 'admin_state_up': True, 'description': 'Pool 1', 'healthmonitor': self.provider_hm1_dict, 'lb_algorithm': 'round_robin', 'loadbalancer_id': self.lb_id, 'members': self.provider_pool1_members_dict, 'name': 'pool1', 'pool_id': self.pool1_id, 'project_id': self.project_id, 'protocol': 'avian', 'session_persistence': { 'type': 'SOURCE' }, 'tls_container_ref': self.pool_sni_container_ref, 'tls_container_data': pool_cert.to_dict(), 'ca_tls_container_ref': self.pool_ca_container_ref, 'ca_tls_container_data': pool_ca_file_content, 'crl_container_ref': self.pool_crl_container_ref, 'crl_container_data': pool_crl_file_content, 'tls_enabled': True } self.provider_pool2_dict = copy.deepcopy(self.provider_pool1_dict) self.provider_pool2_dict['pool_id'] = self.pool2_id self.provider_pool2_dict['name'] = 'pool2' self.provider_pool2_dict['description'] = 'Pool 2' self.provider_pool2_dict['members'] = self.provider_pool2_members_dict self.provider_pool2_dict['healthmonitor'] = self.provider_hm2_dict self.provider_pool2_dict['tls_container_ref'] = None del self.provider_pool2_dict['tls_container_data'] self.provider_pool2_dict['ca_tls_container_ref'] = None del self.provider_pool2_dict['ca_tls_container_data'] self.provider_pool2_dict['crl_container_ref'] = None del self.provider_pool2_dict['crl_container_data'] self.provider_pool1 = driver_dm.Pool(**self.provider_pool1_dict) self.provider_pool1.members = self.provider_pool1_members self.provider_pool1.healthmonitor = self.provider_hm1 self.provider_pool2 = driver_dm.Pool(**self.provider_pool2_dict) self.provider_pool2.members = self.provider_pool2_members self.provider_pool2.healthmonitor = self.provider_hm2 self.provider_pools = [self.provider_pool1, self.provider_pool2] # Setup L7Rules self.test_l7rule1_dict = { 'id': self.l7rule1_id, 'l7policy_id': self.l7policy1_id, 'type': 'o', 'compare_type': 'fake_type', 'key': 'fake_key', 'value': 'fake_value', 'project_id': self.project_id, 'l7policy': None, 'invert': False } self.test_l7rule1_dict.update(self._common_test_dict) self.test_l7rule2_dict = copy.deepcopy(self.test_l7rule1_dict) self.test_l7rule2_dict['id'] = self.l7rule2_id self.test_l7rules = [self.test_l7rule1_dict, self.test_l7rule2_dict] self.db_l7Rule1 = data_models.L7Rule(**self.test_l7rule1_dict) self.db_l7Rule2 = data_models.L7Rule(**self.test_l7rule2_dict) self.db_l7Rules = [self.db_l7Rule1, self.db_l7Rule2] self.provider_l7rule1_dict = { 'admin_state_up': True, 'compare_type': 'fake_type', 'invert': False, 'key': 'fake_key', 'l7policy_id': self.l7policy1_id, 'l7rule_id': self.l7rule1_id, 'type': 'o', 'project_id': self.project_id, 'value': 'fake_value' } self.provider_l7rule2_dict = copy.deepcopy(self.provider_l7rule1_dict) self.provider_l7rule2_dict['l7rule_id'] = self.l7rule2_id self.provider_l7rules_dicts = [ self.provider_l7rule1_dict, self.provider_l7rule2_dict ] self.provider_l7rule1 = driver_dm.L7Rule(**self.provider_l7rule1_dict) self.provider_l7rule2 = driver_dm.L7Rule(**self.provider_l7rule2_dict) self.provider_rules = [self.provider_l7rule1, self.provider_l7rule2] # Setup L7Policies self.test_l7policy1_dict = { 'id': self.l7policy1_id, 'name': 'l7policy_1', 'description': 'L7policy 1', 'listener_id': self.listener1_id, 'action': 'go', 'redirect_pool_id': self.pool1_id, 'redirect_url': '/index.html', 'redirect_prefix': 'https://example.com/', 'project_id': self.project_id, 'position': 1, 'listener': None, 'redirect_pool': None, 'l7rules': self.test_l7rules, 'redirect_http_code': 302 } self.test_l7policy1_dict.update(self._common_test_dict) self.test_l7policy2_dict = copy.deepcopy(self.test_l7policy1_dict) self.test_l7policy2_dict['id'] = self.l7policy2_id self.test_l7policy2_dict['name'] = 'l7policy_2' self.test_l7policy2_dict['description'] = 'L7policy 2' self.test_l7policies = [ self.test_l7policy1_dict, self.test_l7policy2_dict ] self.db_l7policy1 = data_models.L7Policy(**self.test_l7policy1_dict) self.db_l7policy2 = data_models.L7Policy(**self.test_l7policy2_dict) self.db_l7policy1.l7rules = self.db_l7Rules self.db_l7policy2.l7rules = self.db_l7Rules self.db_l7policies = [self.db_l7policy1, self.db_l7policy2] self.provider_l7policy1_dict = { 'action': 'go', 'admin_state_up': True, 'description': 'L7policy 1', 'l7policy_id': self.l7policy1_id, 'listener_id': self.listener1_id, 'name': 'l7policy_1', 'position': 1, 'project_id': self.project_id, 'redirect_pool_id': self.pool1_id, 'redirect_url': '/index.html', 'redirect_prefix': 'https://example.com/', 'rules': self.provider_l7rules_dicts, 'redirect_http_code': 302 } self.provider_l7policy2_dict = copy.deepcopy( self.provider_l7policy1_dict) self.provider_l7policy2_dict['l7policy_id'] = self.l7policy2_id self.provider_l7policy2_dict['name'] = 'l7policy_2' self.provider_l7policy2_dict['description'] = 'L7policy 2' self.provider_l7policies_dict = [ self.provider_l7policy1_dict, self.provider_l7policy2_dict ] self.provider_l7policy1 = driver_dm.L7Policy( **self.provider_l7policy1_dict) self.provider_l7policy1.rules = self.provider_rules self.provider_l7policy2 = driver_dm.L7Policy( **self.provider_l7policy2_dict) self.provider_l7policy2.rules = self.provider_rules self.provider_l7policies = [ self.provider_l7policy1, self.provider_l7policy2 ] # Setup Listeners self.test_listener1_dict = { 'id': self.listener1_id, 'name': 'listener_1', 'description': 'Listener 1', 'default_pool_id': self.pool1_id, 'load_balancer_id': self.lb_id, 'project_id': self.project_id, 'protocol': 'avian', 'protocol_port': 90, 'connection_limit': 10000, 'tls_certificate_id': self.default_tls_container_ref, 'stats': None, 'default_pool': self.test_pool1_dict, 'load_balancer': None, 'sni_containers': [self.sni_container_ref_1, self.sni_container_ref_2], 'peer_port': 55, 'l7policies': self.test_l7policies, 'insert_headers': {}, 'pools': None, 'timeout_client_data': 1000, 'timeout_member_connect': 2000, 'timeout_member_data': 3000, 'timeout_tcp_inspect': 4000, 'client_ca_tls_certificate_id': self.client_ca_tls_certificate_ref, 'client_authentication': constants.CLIENT_AUTH_NONE, 'client_crl_container_id': self.client_crl_container_ref } self.test_listener1_dict.update(self._common_test_dict) self.test_listener2_dict = copy.deepcopy(self.test_listener1_dict) self.test_listener2_dict['id'] = self.listener2_id self.test_listener2_dict['name'] = 'listener_2' self.test_listener2_dict['description'] = 'Listener 1' self.test_listener2_dict['default_pool_id'] = self.pool2_id self.test_listener2_dict['default_pool'] = self.test_pool2_dict del self.test_listener2_dict['l7policies'] del self.test_listener2_dict['sni_containers'] del self.test_listener2_dict['client_ca_tls_certificate_id'] del self.test_listener2_dict['client_crl_container_id'] self.test_listeners = [ self.test_listener1_dict, self.test_listener2_dict ] self.db_listener1 = data_models.Listener(**self.test_listener1_dict) self.db_listener2 = data_models.Listener(**self.test_listener2_dict) self.db_listener1.default_pool = self.db_pool1 self.db_listener2.default_pool = self.db_pool2 self.db_listener1.l7policies = self.db_l7policies self.db_listener1.sni_containers = [ data_models.SNI(tls_container_id='2'), data_models.SNI(tls_container_id='3') ] self.test_db_listeners = [self.db_listener1, self.db_listener2] cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') ca_cert = 'ca cert' crl_file_content = 'X509 CRL FILE' self.provider_listener1_dict = { 'admin_state_up': True, 'connection_limit': 10000, 'default_pool': self.provider_pool1_dict, 'default_pool_id': self.pool1_id, 'default_tls_container_data': cert1.to_dict(), 'default_tls_container_ref': self.default_tls_container_ref, 'description': 'Listener 1', 'insert_headers': {}, 'l7policies': self.provider_l7policies_dict, 'listener_id': self.listener1_id, 'loadbalancer_id': self.lb_id, 'name': 'listener_1', 'project_id': self.project_id, 'protocol': 'avian', 'protocol_port': 90, 'sni_container_data': [cert2.to_dict(), cert3.to_dict()], 'sni_container_refs': [self.sni_container_ref_1, self.sni_container_ref_2], 'timeout_client_data': 1000, 'timeout_member_connect': 2000, 'timeout_member_data': 3000, 'timeout_tcp_inspect': 4000, 'client_ca_tls_container_ref': self.client_ca_tls_certificate_ref, 'client_ca_tls_container_data': ca_cert, 'client_authentication': constants.CLIENT_AUTH_NONE, 'client_crl_container_ref': self.client_crl_container_ref, 'client_crl_container_data': crl_file_content } self.provider_listener2_dict = copy.deepcopy( self.provider_listener1_dict) self.provider_listener2_dict['listener_id'] = self.listener2_id self.provider_listener2_dict['name'] = 'listener_2' self.provider_listener2_dict['description'] = 'Listener 1' self.provider_listener2_dict['default_pool_id'] = self.pool2_id self.provider_listener2_dict['default_pool'] = self.provider_pool2_dict del self.provider_listener2_dict['l7policies'] self.provider_listener2_dict['client_ca_tls_container_ref'] = None del self.provider_listener2_dict['client_ca_tls_container_data'] self.provider_listener2_dict['client_authentication'] = ( constants.CLIENT_AUTH_NONE) self.provider_listener2_dict['client_crl_container_ref'] = None del self.provider_listener2_dict['client_crl_container_data'] self.provider_listener1 = driver_dm.Listener( **self.provider_listener1_dict) self.provider_listener2 = driver_dm.Listener( **self.provider_listener2_dict) self.provider_listener1.default_pool = self.provider_pool1 self.provider_listener2.default_pool = self.provider_pool2 self.provider_listener1.l7policies = self.provider_l7policies self.provider_listeners = [ self.provider_listener1, self.provider_listener2 ] self.test_vip_dict = { 'ip_address': self.ip_address, 'network_id': self.network_id, 'port_id': self.port_id, 'subnet_id': self.subnet_id, 'qos_policy_id': self.qos_policy_id } self.provider_vip_dict = { 'vip_address': self.ip_address, 'vip_network_id': self.network_id, 'vip_port_id': self.port_id, 'vip_subnet_id': self.subnet_id, 'vip_qos_policy_id': self.qos_policy_id } self.db_vip = data_models.Vip(ip_address=self.ip_address, network_id=self.network_id, port_id=self.port_id, subnet_id=self.subnet_id, qos_policy_id=self.qos_policy_id)
def __init__(self): self.project_id = uuidutils.generate_uuid() self.lb_id = uuidutils.generate_uuid() self.ip_address = '192.0.2.30' self.port_id = uuidutils.generate_uuid() self.network_id = uuidutils.generate_uuid() self.subnet_id = uuidutils.generate_uuid() self.qos_policy_id = uuidutils.generate_uuid() self.lb_name = uuidutils.generate_uuid() self.lb_description = uuidutils.generate_uuid() self.flavor_id = uuidutils.generate_uuid() self.flavor_profile_id = uuidutils.generate_uuid() self.listener1_id = uuidutils.generate_uuid() self.listener2_id = uuidutils.generate_uuid() self.default_tls_container_ref = uuidutils.generate_uuid() self.sni_container_ref_1 = uuidutils.generate_uuid() self.sni_container_ref_2 = uuidutils.generate_uuid() self.client_ca_tls_certificate_ref = uuidutils.generate_uuid() self.client_crl_container_ref = uuidutils.generate_uuid() self.pool_sni_container_ref = uuidutils.generate_uuid() self.pool_ca_container_ref = uuidutils.generate_uuid() self.pool_crl_container_ref = uuidutils.generate_uuid() self.pool1_id = uuidutils.generate_uuid() self.pool2_id = uuidutils.generate_uuid() self.hm1_id = uuidutils.generate_uuid() self.hm2_id = uuidutils.generate_uuid() self.member1_id = uuidutils.generate_uuid() self.member2_id = uuidutils.generate_uuid() self.member3_id = uuidutils.generate_uuid() self.member4_id = uuidutils.generate_uuid() self.l7policy1_id = uuidutils.generate_uuid() self.l7policy2_id = uuidutils.generate_uuid() self.l7rule1_id = uuidutils.generate_uuid() self.l7rule2_id = uuidutils.generate_uuid() self.created_at = datetime.datetime.now() self.updated_at = (datetime.datetime.now() + datetime.timedelta(minutes=1)) self._common_test_dict = { lib_consts.PROVISIONING_STATUS: constants.ACTIVE, lib_consts.OPERATING_STATUS: constants.ONLINE, lib_consts.PROJECT_ID: self.project_id, constants.CREATED_AT: self.created_at, constants.UPDATED_AT: self.updated_at, constants.ENABLED: True } # Setup Health Monitors self.test_hm1_dict = { lib_consts.ID: self.hm1_id, lib_consts.TYPE: constants.HEALTH_MONITOR_PING, lib_consts.DELAY: 1, lib_consts.TIMEOUT: 3, lib_consts.FALL_THRESHOLD: 1, lib_consts.RISE_THRESHOLD: 2, lib_consts.HTTP_METHOD: lib_consts.HEALTH_MONITOR_HTTP_METHOD_GET, lib_consts.URL_PATH: '/', lib_consts.EXPECTED_CODES: '200', lib_consts.NAME: 'hm1', lib_consts.POOL_ID: self.pool1_id, lib_consts.HTTP_VERSION: 1.0, lib_consts.DOMAIN_NAME: None, lib_consts.PROJECT_ID: self.project_id } self.test_hm1_dict.update(self._common_test_dict) self.test_hm2_dict = copy.deepcopy(self.test_hm1_dict) self.test_hm2_dict[lib_consts.ID] = self.hm2_id self.test_hm2_dict[lib_consts.NAME] = 'hm2' self.test_hm2_dict.update({ lib_consts.HTTP_VERSION: 1.1, lib_consts.DOMAIN_NAME: 'testdomainname.com' }) self.db_hm1 = data_models.HealthMonitor(**self.test_hm1_dict) self.db_hm2 = data_models.HealthMonitor(**self.test_hm2_dict) self.provider_hm1_dict = { lib_consts.ADMIN_STATE_UP: True, lib_consts.DELAY: 1, lib_consts.EXPECTED_CODES: '200', lib_consts.HEALTHMONITOR_ID: self.hm1_id, lib_consts.HTTP_METHOD: lib_consts.HEALTH_MONITOR_HTTP_METHOD_GET, lib_consts.MAX_RETRIES: 2, lib_consts.MAX_RETRIES_DOWN: 1, lib_consts.NAME: 'hm1', lib_consts.POOL_ID: self.pool1_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.TIMEOUT: 3, lib_consts.TYPE: constants.HEALTH_MONITOR_PING, lib_consts.URL_PATH: '/', lib_consts.HTTP_VERSION: 1.0, lib_consts.DOMAIN_NAME: None } self.provider_hm2_dict = copy.deepcopy(self.provider_hm1_dict) self.provider_hm2_dict[lib_consts.HEALTHMONITOR_ID] = self.hm2_id self.provider_hm2_dict[lib_consts.NAME] = 'hm2' self.provider_hm2_dict.update({ lib_consts.HTTP_VERSION: 1.1, lib_consts.DOMAIN_NAME: 'testdomainname.com' }) self.provider_hm1 = driver_dm.HealthMonitor(**self.provider_hm1_dict) self.provider_hm2 = driver_dm.HealthMonitor(**self.provider_hm2_dict) # Setup Members self.test_member1_dict = { lib_consts.ID: self.member1_id, lib_consts.POOL_ID: self.pool1_id, constants.IP_ADDRESS: '192.0.2.16', lib_consts.PROTOCOL_PORT: 80, lib_consts.WEIGHT: 0, lib_consts.BACKUP: False, lib_consts.SUBNET_ID: self.subnet_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.NAME: 'member1', lib_consts.OPERATING_STATUS: lib_consts.ONLINE, lib_consts.PROVISIONING_STATUS: lib_consts.ACTIVE, constants.ENABLED: True, constants.CREATED_AT: self.created_at, constants.UPDATED_AT: self.updated_at, lib_consts.MONITOR_ADDRESS: '192.0.2.26', lib_consts.MONITOR_PORT: 81 } self.test_member1_dict.update(self._common_test_dict) self.test_member2_dict = copy.deepcopy(self.test_member1_dict) self.test_member2_dict[lib_consts.ID] = self.member2_id self.test_member2_dict[constants.IP_ADDRESS] = '192.0.2.17' self.test_member2_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.27' self.test_member2_dict[lib_consts.NAME] = 'member2' self.test_member3_dict = copy.deepcopy(self.test_member1_dict) self.test_member3_dict[lib_consts.ID] = self.member3_id self.test_member3_dict[constants.IP_ADDRESS] = '192.0.2.18' self.test_member3_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.28' self.test_member3_dict[lib_consts.NAME] = 'member3' self.test_member3_dict[lib_consts.POOL_ID] = self.pool2_id self.test_member4_dict = copy.deepcopy(self.test_member1_dict) self.test_member4_dict[lib_consts.ID] = self.member4_id self.test_member4_dict[constants.IP_ADDRESS] = '192.0.2.19' self.test_member4_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.29' self.test_member4_dict[lib_consts.NAME] = 'member4' self.test_member4_dict[lib_consts.POOL_ID] = self.pool2_id self.test_pool1_members_dict = [ self.test_member1_dict, self.test_member2_dict ] self.test_pool2_members_dict = [ self.test_member3_dict, self.test_member4_dict ] self.db_member1 = data_models.Member(**self.test_member1_dict) self.db_member2 = data_models.Member(**self.test_member2_dict) self.db_member3 = data_models.Member(**self.test_member3_dict) self.db_member4 = data_models.Member(**self.test_member4_dict) self.db_pool1_members = [self.db_member1, self.db_member2] self.db_pool2_members = [self.db_member3, self.db_member4] self.provider_member1_dict = { lib_consts.ADDRESS: '192.0.2.16', lib_consts.ADMIN_STATE_UP: True, lib_consts.MEMBER_ID: self.member1_id, lib_consts.MONITOR_ADDRESS: '192.0.2.26', lib_consts.MONITOR_PORT: 81, lib_consts.NAME: 'member1', lib_consts.POOL_ID: self.pool1_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL_PORT: 80, lib_consts.SUBNET_ID: self.subnet_id, lib_consts.WEIGHT: 0, lib_consts.BACKUP: False } self.provider_member2_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member2_dict[lib_consts.MEMBER_ID] = self.member2_id self.provider_member2_dict[lib_consts.ADDRESS] = '192.0.2.17' self.provider_member2_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.27' self.provider_member2_dict[lib_consts.NAME] = 'member2' self.provider_member3_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member3_dict[lib_consts.MEMBER_ID] = self.member3_id self.provider_member3_dict[lib_consts.ADDRESS] = '192.0.2.18' self.provider_member3_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.28' self.provider_member3_dict[lib_consts.NAME] = 'member3' self.provider_member3_dict[lib_consts.POOL_ID] = self.pool2_id self.provider_member4_dict = copy.deepcopy(self.provider_member1_dict) self.provider_member4_dict[lib_consts.MEMBER_ID] = self.member4_id self.provider_member4_dict[lib_consts.ADDRESS] = '192.0.2.19' self.provider_member4_dict[lib_consts.MONITOR_ADDRESS] = '192.0.2.29' self.provider_member4_dict[lib_consts.NAME] = 'member4' self.provider_member4_dict[lib_consts.POOL_ID] = self.pool2_id self.provider_pool1_members_dict = [ self.provider_member1_dict, self.provider_member2_dict ] self.provider_pool2_members_dict = [ self.provider_member3_dict, self.provider_member4_dict ] self.provider_member1 = driver_dm.Member(**self.provider_member1_dict) self.provider_member2 = driver_dm.Member(**self.provider_member2_dict) self.provider_member3 = driver_dm.Member(**self.provider_member3_dict) self.provider_member4 = driver_dm.Member(**self.provider_member4_dict) self.provider_pool1_members = [ self.provider_member1, self.provider_member2 ] self.provider_pool2_members = [ self.provider_member3, self.provider_member4 ] # Setup test pools self.test_pool1_dict = { lib_consts.ID: self.pool1_id, lib_consts.NAME: 'pool1', lib_consts.DESCRIPTION: 'Pool 1', constants.LOAD_BALANCER_ID: self.lb_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP, lib_consts.LB_ALGORITHM: lib_consts.LB_ALGORITHM_ROUND_ROBIN, lib_consts.MEMBERS: self.test_pool1_members_dict, constants.HEALTH_MONITOR: self.test_hm1_dict, lib_consts.SESSION_PERSISTENCE: { lib_consts.TYPE: lib_consts.LB_ALGORITHM_SOURCE_IP }, lib_consts.LISTENERS: [], lib_consts.L7POLICIES: [], constants.TLS_CERTIFICATE_ID: self.pool_sni_container_ref, constants.CA_TLS_CERTIFICATE_ID: self.pool_ca_container_ref, constants.CRL_CONTAINER_ID: self.pool_crl_container_ref, lib_consts.TLS_ENABLED: True, lib_consts.TLS_CIPHERS: None, lib_consts.TLS_VERSIONS: None } self.test_pool1_dict.update(self._common_test_dict) self.test_pool2_dict = copy.deepcopy(self.test_pool1_dict) self.test_pool2_dict[lib_consts.ID] = self.pool2_id self.test_pool2_dict[lib_consts.NAME] = 'pool2' self.test_pool2_dict[lib_consts.DESCRIPTION] = 'Pool 2' self.test_pool2_dict[lib_consts.MEMBERS] = self.test_pool2_members_dict del self.test_pool2_dict[constants.TLS_CERTIFICATE_ID] del self.test_pool2_dict[constants.CA_TLS_CERTIFICATE_ID] del self.test_pool2_dict[constants.CRL_CONTAINER_ID] self.test_pools = [self.test_pool1_dict, self.test_pool2_dict] self.db_pool1 = data_models.Pool(**self.test_pool1_dict) self.db_pool1.health_monitor = self.db_hm1 self.db_pool1.members = self.db_pool1_members self.db_pool2 = data_models.Pool(**self.test_pool2_dict) self.db_pool2.health_monitor = self.db_hm2 self.db_pool2.members = self.db_pool2_members self.test_db_pools = [self.db_pool1, self.db_pool2] pool_cert = data_models.TLSContainer(certificate='pool cert') pool_ca_file_content = 'X509 POOL CA CERT FILE' pool_crl_file_content = 'X509 POOL CRL FILE' self.provider_pool1_dict = { lib_consts.ADMIN_STATE_UP: True, lib_consts.DESCRIPTION: 'Pool 1', lib_consts.HEALTHMONITOR: self.provider_hm1_dict, lib_consts.LB_ALGORITHM: lib_consts.LB_ALGORITHM_ROUND_ROBIN, lib_consts.LOADBALANCER_ID: self.lb_id, lib_consts.MEMBERS: self.provider_pool1_members_dict, lib_consts.NAME: 'pool1', lib_consts.POOL_ID: self.pool1_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP, lib_consts.SESSION_PERSISTENCE: { lib_consts.TYPE: lib_consts.LB_ALGORITHM_SOURCE_IP }, lib_consts.TLS_CONTAINER_REF: self.pool_sni_container_ref, lib_consts.TLS_CONTAINER_DATA: pool_cert.to_dict(), lib_consts.CA_TLS_CONTAINER_REF: self.pool_ca_container_ref, lib_consts.CA_TLS_CONTAINER_DATA: pool_ca_file_content, lib_consts.CRL_CONTAINER_REF: self.pool_crl_container_ref, lib_consts.CRL_CONTAINER_DATA: pool_crl_file_content, lib_consts.TLS_ENABLED: True, lib_consts.TLS_CIPHERS: None, lib_consts.TLS_VERSIONS: None, } self.provider_pool2_dict = copy.deepcopy(self.provider_pool1_dict) self.provider_pool2_dict[lib_consts.POOL_ID] = self.pool2_id self.provider_pool2_dict[lib_consts.NAME] = 'pool2' self.provider_pool2_dict[lib_consts.DESCRIPTION] = 'Pool 2' self.provider_pool2_dict[ lib_consts.MEMBERS] = self.provider_pool2_members_dict self.provider_pool2_dict[ lib_consts.HEALTHMONITOR] = self.provider_hm2_dict self.provider_pool2_dict[lib_consts.TLS_CONTAINER_REF] = None del self.provider_pool2_dict[lib_consts.TLS_CONTAINER_DATA] self.provider_pool2_dict[lib_consts.CA_TLS_CONTAINER_REF] = None del self.provider_pool2_dict[lib_consts.CA_TLS_CONTAINER_DATA] self.provider_pool2_dict[lib_consts.CRL_CONTAINER_REF] = None del self.provider_pool2_dict[lib_consts.CRL_CONTAINER_DATA] self.provider_pool1 = driver_dm.Pool(**self.provider_pool1_dict) self.provider_pool1.members = self.provider_pool1_members self.provider_pool1.healthmonitor = self.provider_hm1 self.provider_pool2 = driver_dm.Pool(**self.provider_pool2_dict) self.provider_pool2.members = self.provider_pool2_members self.provider_pool2.healthmonitor = self.provider_hm2 self.provider_pools = [self.provider_pool1, self.provider_pool2] # Setup L7Rules self.test_l7rule1_dict = { lib_consts.ID: self.l7rule1_id, lib_consts.L7POLICY_ID: self.l7policy1_id, lib_consts.TYPE: lib_consts.L7RULE_TYPE_PATH, lib_consts.COMPARE_TYPE: lib_consts.L7RULE_COMPARE_TYPE_EQUAL_TO, lib_consts.KEY: 'fake_key', lib_consts.VALUE: 'fake_value', lib_consts.PROJECT_ID: self.project_id, constants.L7POLICY: None, lib_consts.INVERT: False } self.test_l7rule1_dict.update(self._common_test_dict) self.test_l7rule2_dict = copy.deepcopy(self.test_l7rule1_dict) self.test_l7rule2_dict[lib_consts.ID] = self.l7rule2_id self.test_l7rules = [self.test_l7rule1_dict, self.test_l7rule2_dict] self.db_l7Rule1 = data_models.L7Rule(**self.test_l7rule1_dict) self.db_l7Rule2 = data_models.L7Rule(**self.test_l7rule2_dict) self.db_l7Rules = [self.db_l7Rule1, self.db_l7Rule2] self.provider_l7rule1_dict = { lib_consts.ADMIN_STATE_UP: True, lib_consts.COMPARE_TYPE: lib_consts.L7RULE_COMPARE_TYPE_EQUAL_TO, lib_consts.INVERT: False, lib_consts.KEY: 'fake_key', lib_consts.L7POLICY_ID: self.l7policy1_id, lib_consts.L7RULE_ID: self.l7rule1_id, lib_consts.TYPE: lib_consts.L7RULE_TYPE_PATH, lib_consts.PROJECT_ID: self.project_id, lib_consts.VALUE: 'fake_value' } self.provider_l7rule2_dict = copy.deepcopy(self.provider_l7rule1_dict) self.provider_l7rule2_dict[lib_consts.L7RULE_ID] = self.l7rule2_id self.provider_l7rules_dicts = [ self.provider_l7rule1_dict, self.provider_l7rule2_dict ] self.provider_l7rule1 = driver_dm.L7Rule(**self.provider_l7rule1_dict) self.provider_l7rule2 = driver_dm.L7Rule(**self.provider_l7rule2_dict) self.provider_rules = [self.provider_l7rule1, self.provider_l7rule2] # Setup L7Policies self.test_l7policy1_dict = { lib_consts.ID: self.l7policy1_id, lib_consts.NAME: 'l7policy_1', lib_consts.DESCRIPTION: 'L7policy 1', lib_consts.LISTENER_ID: self.listener1_id, lib_consts.ACTION: lib_consts.L7POLICY_ACTION_REDIRECT_TO_URL, lib_consts.REDIRECT_POOL_ID: None, lib_consts.REDIRECT_URL: 'http://example.com/index.html', lib_consts.REDIRECT_PREFIX: None, lib_consts.PROJECT_ID: self.project_id, lib_consts.POSITION: 1, constants.LISTENER: None, constants.REDIRECT_POOL: None, lib_consts.L7RULES: self.test_l7rules, lib_consts.REDIRECT_HTTP_CODE: 302 } self.test_l7policy1_dict.update(self._common_test_dict) self.test_l7policy2_dict = copy.deepcopy(self.test_l7policy1_dict) self.test_l7policy2_dict[lib_consts.ID] = self.l7policy2_id self.test_l7policy2_dict[lib_consts.NAME] = 'l7policy_2' self.test_l7policy2_dict[lib_consts.DESCRIPTION] = 'L7policy 2' self.test_l7policies = [ self.test_l7policy1_dict, self.test_l7policy2_dict ] self.db_l7policy1 = data_models.L7Policy(**self.test_l7policy1_dict) self.db_l7policy2 = data_models.L7Policy(**self.test_l7policy2_dict) self.db_l7policy1.l7rules = self.db_l7Rules self.db_l7policy2.l7rules = self.db_l7Rules self.db_l7policies = [self.db_l7policy1, self.db_l7policy2] self.provider_l7policy1_dict = { lib_consts.ACTION: lib_consts.L7POLICY_ACTION_REDIRECT_TO_URL, lib_consts.ADMIN_STATE_UP: True, lib_consts.DESCRIPTION: 'L7policy 1', lib_consts.L7POLICY_ID: self.l7policy1_id, lib_consts.LISTENER_ID: self.listener1_id, lib_consts.NAME: 'l7policy_1', lib_consts.POSITION: 1, lib_consts.PROJECT_ID: self.project_id, lib_consts.REDIRECT_POOL_ID: None, lib_consts.REDIRECT_URL: 'http://example.com/index.html', lib_consts.REDIRECT_PREFIX: None, lib_consts.RULES: self.provider_l7rules_dicts, lib_consts.REDIRECT_HTTP_CODE: 302 } self.provider_l7policy2_dict = copy.deepcopy( self.provider_l7policy1_dict) self.provider_l7policy2_dict[ lib_consts.L7POLICY_ID] = self.l7policy2_id self.provider_l7policy2_dict[lib_consts.NAME] = 'l7policy_2' self.provider_l7policy2_dict[lib_consts.DESCRIPTION] = 'L7policy 2' self.provider_l7policies_dict = [ self.provider_l7policy1_dict, self.provider_l7policy2_dict ] self.provider_l7policy1 = driver_dm.L7Policy( **self.provider_l7policy1_dict) self.provider_l7policy1.rules = self.provider_rules self.provider_l7policy2 = driver_dm.L7Policy( **self.provider_l7policy2_dict) self.provider_l7policy2.rules = self.provider_rules self.provider_l7policies = [ self.provider_l7policy1, self.provider_l7policy2 ] # Setup Listeners self.test_listener1_dict = { lib_consts.ID: self.listener1_id, lib_consts.NAME: 'listener_1', lib_consts.DESCRIPTION: 'Listener 1', lib_consts.DEFAULT_POOL_ID: self.pool1_id, constants.LOAD_BALANCER_ID: self.lb_id, lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP, lib_consts.PROTOCOL_PORT: 90, lib_consts.CONNECTION_LIMIT: 10000, constants.TLS_CERTIFICATE_ID: self.default_tls_container_ref, lib_consts.DEFAULT_POOL: self.test_pool1_dict, constants.SNI_CONTAINERS: [{ constants.TLS_CONTAINER_ID: self.sni_container_ref_1 }, { constants.TLS_CONTAINER_ID: self.sni_container_ref_2 }], constants.PEER_PORT: 55, lib_consts.L7POLICIES: self.test_l7policies, lib_consts.INSERT_HEADERS: {}, lib_consts.TIMEOUT_CLIENT_DATA: 1000, lib_consts.TIMEOUT_MEMBER_CONNECT: 2000, lib_consts.TIMEOUT_MEMBER_DATA: 3000, lib_consts.TIMEOUT_TCP_INSPECT: 4000, constants.CLIENT_CA_TLS_CERTIFICATE_ID: self.client_ca_tls_certificate_ref, lib_consts.CLIENT_AUTHENTICATION: constants.CLIENT_AUTH_NONE, constants.CLIENT_CRL_CONTAINER_ID: self.client_crl_container_ref, lib_consts.ALLOWED_CIDRS: ['192.0.2.0/24', '198.51.100.0/24'], lib_consts.TLS_CIPHERS: constants.CIPHERS_OWASP_SUITE_B, lib_consts.TLS_VERSIONS: constants.TLS_VERSIONS_OWASP_SUITE_B } self.test_listener1_dict.update(self._common_test_dict) self.test_listener2_dict = copy.deepcopy(self.test_listener1_dict) self.test_listener2_dict[lib_consts.ID] = self.listener2_id self.test_listener2_dict[lib_consts.NAME] = 'listener_2' self.test_listener2_dict[lib_consts.DESCRIPTION] = 'Listener 1' self.test_listener2_dict[lib_consts.DEFAULT_POOL_ID] = self.pool2_id self.test_listener2_dict[ lib_consts.DEFAULT_POOL] = self.test_pool2_dict del self.test_listener2_dict[lib_consts.L7POLICIES] del self.test_listener2_dict[constants.SNI_CONTAINERS] del self.test_listener2_dict[constants.CLIENT_CA_TLS_CERTIFICATE_ID] del self.test_listener2_dict[constants.CLIENT_CRL_CONTAINER_ID] self.test_listeners = [ self.test_listener1_dict, self.test_listener2_dict ] self.db_listener1 = data_models.Listener(**self.test_listener1_dict) self.db_listener2 = data_models.Listener(**self.test_listener2_dict) self.db_listener1.default_pool = self.db_pool1 self.db_listener2.default_pool = self.db_pool2 self.db_listener1.l7policies = self.db_l7policies self.db_listener1.sni_containers = [ data_models.SNI(tls_container_id='2'), data_models.SNI(tls_container_id='3') ] self.test_db_listeners = [self.db_listener1, self.db_listener2] cert1 = data_models.TLSContainer(certificate='cert 1') cert2 = data_models.TLSContainer(certificate='cert 2') cert3 = data_models.TLSContainer(certificate='cert 3') ca_cert = 'ca cert' crl_file_content = 'X509 CRL FILE' self.provider_listener1_dict = { lib_consts.ADMIN_STATE_UP: True, lib_consts.ALLOWED_CIDRS: ['192.0.2.0/24', '198.51.100.0/24'], lib_consts.CONNECTION_LIMIT: 10000, lib_consts.DEFAULT_POOL: self.provider_pool1_dict, lib_consts.DEFAULT_POOL_ID: self.pool1_id, lib_consts.DEFAULT_TLS_CONTAINER_DATA: cert1.to_dict(), lib_consts.DEFAULT_TLS_CONTAINER_REF: self.default_tls_container_ref, lib_consts.DESCRIPTION: 'Listener 1', lib_consts.INSERT_HEADERS: {}, lib_consts.L7POLICIES: self.provider_l7policies_dict, lib_consts.LISTENER_ID: self.listener1_id, lib_consts.LOADBALANCER_ID: self.lb_id, lib_consts.NAME: 'listener_1', lib_consts.PROJECT_ID: self.project_id, lib_consts.PROTOCOL: lib_consts.PROTOCOL_TCP, lib_consts.PROTOCOL_PORT: 90, lib_consts.SNI_CONTAINER_DATA: [cert2.to_dict(), cert3.to_dict()], lib_consts.SNI_CONTAINER_REFS: [self.sni_container_ref_1, self.sni_container_ref_2], lib_consts.TIMEOUT_CLIENT_DATA: 1000, lib_consts.TIMEOUT_MEMBER_CONNECT: 2000, lib_consts.TIMEOUT_MEMBER_DATA: 3000, lib_consts.TIMEOUT_TCP_INSPECT: 4000, lib_consts.CLIENT_CA_TLS_CONTAINER_REF: self.client_ca_tls_certificate_ref, lib_consts.CLIENT_CA_TLS_CONTAINER_DATA: ca_cert, lib_consts.CLIENT_AUTHENTICATION: constants.CLIENT_AUTH_NONE, lib_consts.CLIENT_CRL_CONTAINER_REF: self.client_crl_container_ref, lib_consts.CLIENT_CRL_CONTAINER_DATA: crl_file_content, lib_consts.TLS_CIPHERS: constants.CIPHERS_OWASP_SUITE_B, lib_consts.TLS_VERSIONS: constants.TLS_VERSIONS_OWASP_SUITE_B } self.provider_listener2_dict = copy.deepcopy( self.provider_listener1_dict) self.provider_listener2_dict[ lib_consts.LISTENER_ID] = self.listener2_id self.provider_listener2_dict[lib_consts.NAME] = 'listener_2' self.provider_listener2_dict[lib_consts.DESCRIPTION] = 'Listener 1' self.provider_listener2_dict[ lib_consts.DEFAULT_POOL_ID] = self.pool2_id self.provider_listener2_dict[ lib_consts.DEFAULT_POOL] = self.provider_pool2_dict del self.provider_listener2_dict[lib_consts.L7POLICIES] self.provider_listener2_dict[ lib_consts.CLIENT_CA_TLS_CONTAINER_REF] = None del self.provider_listener2_dict[ lib_consts.CLIENT_CA_TLS_CONTAINER_DATA] self.provider_listener2_dict[lib_consts.CLIENT_AUTHENTICATION] = ( constants.CLIENT_AUTH_NONE) self.provider_listener2_dict[ lib_consts.CLIENT_CRL_CONTAINER_REF] = None del self.provider_listener2_dict[lib_consts.CLIENT_CRL_CONTAINER_DATA] self.provider_listener1 = driver_dm.Listener( **self.provider_listener1_dict) self.provider_listener2 = driver_dm.Listener( **self.provider_listener2_dict) self.provider_listener1.default_pool = self.provider_pool1 self.provider_listener2.default_pool = self.provider_pool2 self.provider_listener1.l7policies = self.provider_l7policies self.provider_listeners = [ self.provider_listener1, self.provider_listener2 ] self.test_vip_dict = { constants.IP_ADDRESS: self.ip_address, constants.NETWORK_ID: self.network_id, constants.PORT_ID: self.port_id, lib_consts.SUBNET_ID: self.subnet_id, constants.QOS_POLICY_ID: self.qos_policy_id, constants.OCTAVIA_OWNED: None } self.provider_vip_dict = { lib_consts.VIP_ADDRESS: self.ip_address, lib_consts.VIP_NETWORK_ID: self.network_id, lib_consts.VIP_PORT_ID: self.port_id, lib_consts.VIP_SUBNET_ID: self.subnet_id, lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id, constants.OCTAVIA_OWNED: None } self.db_vip = data_models.Vip(ip_address=self.ip_address, network_id=self.network_id, port_id=self.port_id, subnet_id=self.subnet_id, qos_policy_id=self.qos_policy_id) self.test_loadbalancer1_dict = { lib_consts.NAME: self.lb_name, lib_consts.DESCRIPTION: self.lb_description, constants.ENABLED: True, lib_consts.PROVISIONING_STATUS: lib_consts.PENDING_UPDATE, lib_consts.OPERATING_STATUS: lib_consts.OFFLINE, constants.TOPOLOGY: constants.TOPOLOGY_ACTIVE_STANDBY, constants.VRRP_GROUP: None, constants.PROVIDER: constants.AMPHORA, constants.SERVER_GROUP_ID: uuidutils.generate_uuid(), lib_consts.PROJECT_ID: self.project_id, lib_consts.ID: self.lb_id, constants.FLAVOR_ID: self.flavor_id, constants.TAGS: ['test_tag'] } self.provider_loadbalancer_dict = { lib_consts.ADDITIONAL_VIPS: None, lib_consts.ADMIN_STATE_UP: True, lib_consts.DESCRIPTION: self.lb_description, lib_consts.FLAVOR: { "something": "else" }, lib_consts.LISTENERS: None, lib_consts.LOADBALANCER_ID: self.lb_id, lib_consts.NAME: self.lb_name, lib_consts.POOLS: None, lib_consts.PROJECT_ID: self.project_id, lib_consts.VIP_ADDRESS: self.ip_address, lib_consts.VIP_NETWORK_ID: self.network_id, lib_consts.VIP_PORT_ID: self.port_id, lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id, lib_consts.VIP_SUBNET_ID: self.subnet_id } self.provider_loadbalancer_tree_dict = { lib_consts.ADDITIONAL_VIPS: None, lib_consts.ADMIN_STATE_UP: True, lib_consts.AVAILABILITY_ZONE: None, lib_consts.DESCRIPTION: self.lb_description, lib_consts.FLAVOR: { "something": "else" }, lib_consts.LISTENERS: None, lib_consts.LOADBALANCER_ID: self.lb_id, lib_consts.NAME: self.lb_name, lib_consts.POOLS: None, lib_consts.PROJECT_ID: self.project_id, lib_consts.VIP_ADDRESS: self.ip_address, lib_consts.VIP_NETWORK_ID: self.network_id, lib_consts.VIP_PORT_ID: self.port_id, lib_consts.VIP_QOS_POLICY_ID: self.qos_policy_id, lib_consts.VIP_SUBNET_ID: self.subnet_id }