def test_success_net_minimal_ffsplit(self):
config = _read_file("corosync-3nodes.conf")
facade = _get_facade(config)
facade.add_quorum_device("net", {
"host": "127.0.0.1",
"algorithm": "ffsplit"
}, {}, {})
ac(
config.replace(
" provider: corosync_votequorum\n",
outdent("""\
provider: corosync_votequorum
device {
model: net
votes: 1
net {
algorithm: ffsplit
host: 127.0.0.1
}
}
"""),
),
facade.config.export(),
)
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_noop_on_no_heuristics(self):
config = _read_file("corosync-3nodes-qdevice.conf")
facade = _get_facade(config)
facade.remove_quorum_device_heuristics()
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(config, facade.config.export())
def assert_failcount_output(
self,
lib_failures,
expected_output,
resource_id=None,
node=None,
operation=None,
interval=None,
full=False,
):
self.get_failcounts.return_value = lib_failures
argv = []
if resource_id:
argv.append(resource_id)
if node:
argv.append(f"node={node}")
if operation:
argv.append(f"operation={operation}")
if interval:
argv.append(f"interval={interval}")
resource.resource_failcount_show(self.lib, argv,
dict_to_modifiers(dict(full=full)))
self.print_mock.assert_called_once()
ac(
self.print_mock.call_args[0][0],
expected_output,
)
def test_success_remove_nodes_votes(self):
config = _read_file("corosync-3nodes.conf")
config_votes = config.replace("node {", "node {\nquorum_votes: 2")
facade = _get_facade(config_votes)
facade.add_quorum_device("net", {
"host": "127.0.0.1",
"algorithm": "lms"
}, {}, {})
ac(
config.replace(
" provider: corosync_votequorum\n",
outdent("""\
provider: corosync_votequorum
device {
model: net
net {
algorithm: lms
host: 127.0.0.1
}
}
"""),
),
facade.config.export(),
)
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_restore_two_node(self):
config_no_devices = _read_file("corosync.conf")
config = re.sub(
re.compile(r"quorum {[^}]*}", re.MULTILINE | re.DOTALL),
dedent("""\
quorum {
provider: corosync_votequorum
device {
option: value
model: net
net {
host: 127.0.0.1
port: 4433
}
}
}
"""),
config_no_devices,
)
facade = _get_facade(config)
facade.remove_quorum_device()
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
ac(config_no_devices, facade.config.export())
def _assert_update(self, before, after, linknumber, options,
node_addr_map):
facade = lib.ConfigFacade.from_string(before)
facade.update_link(linknumber, node_addr_map, options)
ac(after, facade.config.export())
self.assertTrue(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_success_remove_nodes_votes(self):
config = open(rc("corosync-3nodes.conf")).read()
config_votes = config.replace("node {", "node {\nquorum_votes: 2")
facade = lib.ConfigFacade.from_string(config_votes)
facade.add_quorum_device(
"net",
{"host": "127.0.0.1", "algorithm": "lms"},
{},
{}
)
ac(
config.replace(
" provider: corosync_votequorum\n",
outdent("""\
provider: corosync_votequorum
device {
model: net
net {
algorithm: lms
host: 127.0.0.1
}
}
""")
),
facade.config.export()
)
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_restore_two_node(self):
config_no_devices = open(rc("corosync.conf")).read()
config = re.sub(
re.compile(r"quorum {[^}]*}", re.MULTILINE | re.DOTALL),
dedent("""\
quorum {
provider: corosync_votequorum
device {
option: value
model: net
net {
host: 127.0.0.1
port: 4433
}
}
}
"""),
config_no_devices
)
facade = lib.ConfigFacade.from_string(config)
facade.remove_quorum_device()
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
ac(
config_no_devices,
facade.config.export()
)
def test_success_net_minimal_lms(self):
config = open(rc("corosync-3nodes.conf")).read()
facade = lib.ConfigFacade.from_string(config)
facade.add_quorum_device(
"net",
{"host": "127.0.0.1", "algorithm": "lms"},
{},
{}
)
ac(
config.replace(
" provider: corosync_votequorum\n",
outdent("""\
provider: corosync_votequorum
device {
model: net
net {
algorithm: lms
host: 127.0.0.1
}
}
""")
),
facade.config.export()
)
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_success_net_minimal_ffsplit(self):
config = open(rc("corosync-3nodes.conf")).read()
facade = lib.ConfigFacade.from_string(config)
facade.add_quorum_device(
"net",
{"host": "127.0.0.1", "algorithm": "ffsplit"},
{},
{}
)
ac(
config.replace(
" provider: corosync_votequorum\n",
outdent("""\
provider: corosync_votequorum
device {
model: net
votes: 1
net {
algorithm: ffsplit
host: 127.0.0.1
}
}
""")
),
facade.config.export()
)
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_noop_on_no_heuristics(self):
config = open(rc("corosync-3nodes-qdevice.conf")).read()
facade = lib.ConfigFacade.from_string(config)
facade.remove_quorum_device_heuristics()
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(config, facade.config.export())
def test_remove_conflicting_options(self):
config = _read_file("corosync.conf")
config = config.replace(
" two_node: 1\n", "\n".join([
" two_node: 1", " auto_tie_breaker: 1",
" last_man_standing: 1",
" last_man_standing_window: 987", " allow_downscale: 1",
""
]))
facade = lib.ConfigFacade.from_string(config)
facade.add_quorum_device("net", {
"host": "127.0.0.1",
"algorithm": "ffsplit"
}, {}, {})
ac(
re.sub(
re.compile(r"quorum {[^}]*}\n", re.MULTILINE | re.DOTALL),
dedent("""\
quorum {
provider: corosync_votequorum
device {
model: net
votes: 1
net {
algorithm: ffsplit
host: 127.0.0.1
}
}
}
"""), config), facade.config.export())
self.assertTrue(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_not_existing(self):
config = _read_file("corosync.conf")
facade = lib.ConfigFacade.from_string(config)
assert_raise_library_error(
lambda: facade.update_quorum_device({"host": "127.0.0.1"}, {}, {}),
(severity.ERROR, report_codes.QDEVICE_NOT_DEFINED, {}))
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
ac(config, facade.config.export())
def test_not_existing_add_heuristics(self):
config = _read_file("corosync.conf")
facade = lib.ConfigFacade.from_string(config)
assert_raise_library_error(
lambda: facade.update_quorum_device({}, {}, {"mode": "on"}),
fixture.error(report_codes.QDEVICE_NOT_DEFINED))
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
ac(config, facade.config.export())
def test_disable_two_node(self):
# pylint: disable=no-self-use
config = dedent(
"""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
}
quorum {
provider: corosync_votequorum
two_node: 1
}
"""
)
facade = lib.ConfigFacade.from_string(config)
facade.add_nodes(
[dict(name="node3", addrs=["node3-addr1"]),]
)
expected_config = dedent(
"""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
node {
ring0_addr: node3-addr1
name: node3
nodeid: 3
}
}
quorum {
provider: corosync_votequorum
}
"""
)
ac(expected_config, facade.config.export())
def test_success_net_full(self):
config = _read_file("corosync-3nodes.conf")
facade = lib.ConfigFacade.from_string(config)
facade.add_quorum_device(
"net", {
"host": "127.0.0.1",
"port": "4433",
"algorithm": "ffsplit",
"connect_timeout": "12345",
"force_ip_version": "4",
"tie_breaker": "lowest",
}, {
"timeout": "23456",
"sync_timeout": "34567"
}, {
"mode": "on",
"timeout": "5",
"sync_timeout": "15",
"interval": "30",
"exec_ping": 'ping -q -c 1 "127.0.0.1"',
"exec_ls": "test -f /tmp/test",
})
ac(
config.replace(
" provider: corosync_votequorum\n",
outdent("""\
provider: corosync_votequorum
device {
sync_timeout: 34567
timeout: 23456
model: net
votes: 1
net {
algorithm: ffsplit
connect_timeout: 12345
force_ip_version: 4
host: 127.0.0.1
port: 4433
tie_breaker: lowest
}
heuristics {
exec_ls: test -f /tmp/test
exec_ping: ping -q -c 1 "127.0.0.1"
interval: 30
mode: on
sync_timeout: 15
timeout: 5
}
}
""")), facade.config.export())
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_remove_old_configuration(self):
config = dedent("""\
quorum {
provider: corosync_votequorum
device {
option: value_old1
heuristics {
h_option: hvalue_old1
}
}
}
quorum {
provider: corosync_votequorum
device {
option: value_old2
heuristics {
h_option: hvalue_old2
}
}
}
""")
facade = lib.ConfigFacade.from_string(config)
facade.add_quorum_device(
"net",
{"host": "127.0.0.1", "algorithm": "ffsplit"},
{},
{}
)
ac(
dedent("""\
quorum {
provider: corosync_votequorum
}
quorum {
provider: corosync_votequorum
device {
model: net
votes: 1
net {
algorithm: ffsplit
host: 127.0.0.1
}
}
}
""")
,
facade.config.export()
)
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_success_remove_heuristics(self):
config = self.fixture_add_device_with_heuristics(
_read_file("corosync-3nodes.conf"))
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device({}, {}, {
"mode": "",
"exec_ls": "",
"interval": ""
})
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(self.fixture_add_device(_read_file("corosync-3nodes.conf")),
facade.config.export())
def test_success_all_options(self):
config = self.fixture_add_device_with_heuristics(
_read_file("corosync-3nodes.conf"))
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device({"port": "4444"}, {"timeout": "23456"},
{"interval": "35"})
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
config.replace("port: 4433", "port: 4444").replace(
"timeout: 12345",
"timeout: 23456").replace("interval: 30", "interval: 35"),
facade.config.export())
def test_disable_two_node():
config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
}
quorum {
provider: corosync_votequorum
two_node: 1
}
""")
facade = lib.ConfigFacade.from_string(config)
facade.add_nodes([
dict(name="node3", addrs=["node3-addr1"]),
])
expected_config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
node {
ring0_addr: node3-addr1
name: node3
nodeid: 3
}
}
quorum {
provider: corosync_votequorum
}
""")
ac(expected_config, facade.config.export())
def test_success_generic_options(self):
config = self.fixture_add_device(_read_file("corosync-3nodes.conf"))
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device({}, {
"timeout": "",
"sync_timeout": "23456"
}, {})
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
config.replace(
"timeout: 12345\n model: net",
"model: net\n sync_timeout: 23456",
), facade.config.export())
def test_not_existing_add_heuristics(self):
config = open(rc("corosync.conf")).read()
facade = lib.ConfigFacade.from_string(config)
assert_raise_library_error(
lambda: facade.update_quorum_device(
{},
{},
{"mode": "on"}
),
fixture.error(report_codes.QDEVICE_NOT_DEFINED)
)
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
ac(config, facade.config.export())
def test_enable_two_nodes(self):
# pylint: disable=no-self-use
config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
node {
ring0_addr: node3-addr1
name: node3
nodeid: 3
}
}
quorum {
provider: corosync_votequorum
}
""")
facade = _get_facade(config)
facade.remove_nodes(["node3"])
expected_config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
}
quorum {
provider: corosync_votequorum
two_node: 1
}
""")
ac(expected_config, facade.config.export())
def testDefaults(self):
output, returnVal = pcs(self.temp_cib.name,
"property --defaults".split())
prop_defaults = output
assert returnVal == 0, "Unable to list resources"
assert output.startswith("Cluster Properties:\n batch-limit")
output, returnVal = pcs(self.temp_cib.name, "property --all".split())
assert returnVal == 0, "Unable to list resources"
assert output.startswith("Cluster Properties:\n batch-limit")
ac(output, prop_defaults)
output, returnVal = pcs(self.temp_cib.name,
"property set blahblah=blah".split())
assert returnVal == 1
assert (
# pylint: disable=line-too-long
output ==
"Error: unknown cluster property: 'blahblah', (use --force to override)\n"
), [output]
output, returnVal = pcs(self.temp_cib.name,
"property set blahblah=blah --force".split())
assert returnVal == 0, output
assert output == "", output
output, returnVal = pcs(self.temp_cib.name,
"property set stonith-enabled=false".split())
assert returnVal == 0, output
assert output == "", output
output, returnVal = pcs(self.temp_cib.name, ["property"])
assert returnVal == 0
assert (
output ==
"Cluster Properties:\n blahblah: blah\n stonith-enabled: false\n"
), [output]
output, returnVal = pcs(self.temp_cib.name,
"property --defaults".split())
assert returnVal == 0, "Unable to list resources"
assert output.startswith("Cluster Properties:\n batch-limit")
ac(output, prop_defaults)
output, returnVal = pcs(self.temp_cib.name, "property --all".split())
assert returnVal == 0, "Unable to list resources"
assert "blahblah: blah" in output
assert "stonith-enabled: false" in output
assert output.startswith("Cluster Properties:\n batch-limit")
def test_adding_two_nodes(self):
# pylint: disable=no-self-use
config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
ring1_addr: node1-addr2
nodeid: 1
name: node1
}
}
""")
facade = lib.ConfigFacade.from_string(config)
facade.add_nodes([
dict(
name="node3",
addrs=["node3-addr1", "node3-addr2"],
),
dict(
name="node2",
addrs=["node2-addr1", "node2-addr2"],
),
])
expected_config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
ring1_addr: node1-addr2
nodeid: 1
name: node1
}
node {
ring0_addr: node3-addr1
ring1_addr: node3-addr2
name: node3
nodeid: 2
}
node {
ring0_addr: node2-addr1
ring1_addr: node2-addr2
name: node2
nodeid: 3
}
}
""")
ac(expected_config, facade.config.export())
def test_enable_two_nodes():
config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
node {
ring0_addr: node3-addr1
name: node3
nodeid: 3
}
}
quorum {
provider: corosync_votequorum
}
""")
facade = lib.ConfigFacade.from_string(config)
facade.remove_nodes(["node3"])
expected_config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
}
quorum {
provider: corosync_votequorum
two_node: 1
}
""")
ac(expected_config, facade.config.export())
def test_adding_two_nodes():
config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
ring1_addr: node1-addr2
nodeid: 1
name: node1
}
}
""")
facade = lib.ConfigFacade.from_string(config)
facade.add_nodes([
dict(
name="node3",
addrs=["node3-addr1", "node3-addr2"],
),
dict(
name="node2",
addrs=["node2-addr1", "node2-addr2"],
),
])
expected_config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
ring1_addr: node1-addr2
nodeid: 1
name: node1
}
node {
ring0_addr: node3-addr1
ring1_addr: node3-addr2
name: node3
nodeid: 2
}
node {
ring0_addr: node2-addr1
ring1_addr: node2-addr2
name: node2
nodeid: 3
}
}
""")
ac(expected_config, facade.config.export())
def test_success_model_options_net(self):
config = self.fixture_add_device(_read_file("corosync-3nodes.conf"),
votes="1")
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device(
{
"host": "127.0.0.2",
"port": "",
"algorithm": "ffsplit"
}, {}, {})
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
config.replace("host: 127.0.0.1\n port: 4433",
"host: 127.0.0.2\n algorithm: ffsplit"),
facade.config.export())
def test_success_change_heuristics(self):
config = self.fixture_add_device_with_heuristics(
_read_file("corosync-3nodes.conf"))
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device({}, {}, {
"mode": "sync",
"interval": "",
"timeout": "20"
})
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
config.replace(
"interval: 30\n mode: on",
"mode: sync\n timeout: 20",
), facade.config.export())
def assert_failcount_output(
self,
lib_failures,
expected_output,
resource_id=None,
node=None,
operation=None,
interval=None,
full=False,
):
self.get_failcounts.return_value = lib_failures
ac(
resource.resource_failcount_show(self.lib, resource_id, node,
operation, interval, full),
expected_output,
)
def test_remove_all_devices(self):
config_no_devices = open(rc("corosync-3nodes.conf")).read()
config = re.sub(
re.compile(r"quorum {[^}]*}", re.MULTILINE | re.DOTALL),
dedent("""\
quorum {
provider: corosync_votequorum
device {
option: value
model: net
net {
host: 127.0.0.1
port: 4433
}
}
device {
option: value
}
}
quorum {
device {
option: value
model: disk
net {
host: 127.0.0.1
port: 4433
}
}
}
"""),
config_no_devices
)
facade = lib.ConfigFacade.from_string(config)
facade.remove_quorum_device()
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
ac(
config_no_devices,
facade.config.export()
)
def test_not_existing(self):
config = open(rc("corosync.conf")).read()
facade = lib.ConfigFacade.from_string(config)
assert_raise_library_error(
lambda: facade.update_quorum_device(
{"host": "127.0.0.1"},
{},
{}
),
(
severity.ERROR,
report_codes.QDEVICE_NOT_DEFINED,
{}
)
)
self.assertFalse(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
ac(config, facade.config.export())
def test_success_remove_heuristics(self):
config = self.fixture_add_device_with_heuristics(
open(rc("corosync-3nodes.conf")).read()
)
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device(
{},
{},
{"mode": "", "exec_ls": "", "interval": ""}
)
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
self.fixture_add_device(
open(rc("corosync-3nodes.conf")).read()
),
facade.config.export()
)
def test_remove_conflicting_options(self):
config = open(rc("corosync.conf")).read()
config = config.replace(
" two_node: 1\n",
"\n".join([
" two_node: 1",
" auto_tie_breaker: 1",
" last_man_standing: 1",
" last_man_standing_window: 987",
" allow_downscale: 1",
""
])
)
facade = lib.ConfigFacade.from_string(config)
facade.add_quorum_device(
"net",
{"host": "127.0.0.1", "algorithm": "ffsplit"},
{},
{}
)
ac(
re.sub(
re.compile(r"quorum {[^}]*}\n", re.MULTILINE | re.DOTALL),
dedent("""\
quorum {
provider: corosync_votequorum
device {
model: net
votes: 1
net {
algorithm: ffsplit
host: 127.0.0.1
}
}
}
"""),
config
),
facade.config.export()
)
self.assertTrue(facade.need_stopped_cluster)
self.assertFalse(facade.need_qdevice_reload)
def test_success_change_heuristics(self):
config = self.fixture_add_device_with_heuristics(
open(rc("corosync-3nodes.conf")).read()
)
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device(
{},
{},
{"mode": "sync", "interval": "", "timeout": "20"}
)
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
config.replace(
"interval: 30\n mode: on",
"mode: sync\n timeout: 20",
),
facade.config.export()
)
def test_success_add_heuristics(self):
config = self.fixture_add_device(_read_file("corosync-3nodes.conf"))
facade = _get_facade(config)
facade.update_quorum_device(
{},
{},
{
"mode": "on",
"exec_ls": "test -f /tmp/test",
"interval": "30"
},
)
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
self.fixture_add_device_with_heuristics(
_read_file("corosync-3nodes.conf")),
facade.config.export(),
)
def test_success_generic_options(self):
config = self.fixture_add_device(
open(rc("corosync-3nodes.conf")).read()
)
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device(
{},
{"timeout": "", "sync_timeout": "23456"},
{}
)
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
config.replace(
"timeout: 12345\n model: net",
"model: net\n sync_timeout: 23456",
),
facade.config.export()
)
def testClusterUpgrade(self):
# pylint: disable=no-self-use
with open(temp_cib) as myfile:
data = myfile.read()
assert data.find("pacemaker-1.2") != -1
assert data.find("pacemaker-2.") == -1
o, r = pcs(temp_cib, "cluster cib-upgrade")
ac(o, "Cluster CIB has been upgraded to latest version\n")
assert r == 0
with open(temp_cib) as myfile:
data = myfile.read()
assert data.find("pacemaker-1.2") == -1
assert data.find("pacemaker-2.") == -1
assert data.find("pacemaker-3.") != -1
o, r = pcs(temp_cib, "cluster cib-upgrade")
ac(o, "Cluster CIB has been upgraded to latest version\n")
assert r == 0
def test_success_all_options(self):
config = self.fixture_add_device_with_heuristics(
open(rc("corosync-3nodes.conf")).read()
)
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device(
{"port": "4444"},
{"timeout": "23456"},
{"interval": "35"}
)
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
config
.replace("port: 4433", "port: 4444")
.replace("timeout: 12345", "timeout: 23456")
.replace("interval: 30", "interval: 35")
,
facade.config.export()
)
def test_cluster_upgrade(self):
# pylint: disable=invalid-name
self.temp_cib.seek(0)
data = self.temp_cib.read()
assert data.find("pacemaker-1.2") != -1
assert data.find("pacemaker-2.") == -1
o, r = pcs(self.temp_cib.name, "cluster cib-upgrade".split())
ac(o, "Cluster CIB has been upgraded to latest version\n")
assert r == 0
self.temp_cib.seek(0)
data = self.temp_cib.read()
assert data.find("pacemaker-1.2") == -1
assert data.find("pacemaker-2.") == -1
assert data.find("pacemaker-3.") != -1
o, r = pcs(self.temp_cib.name, "cluster cib-upgrade".split())
ac(o, "Cluster CIB has been upgraded to latest version\n")
assert r == 0
def test_success_model_options_net(self):
config = self.fixture_add_device(
open(rc("corosync-3nodes.conf")).read(),
votes="1"
)
facade = lib.ConfigFacade.from_string(config)
facade.update_quorum_device(
{"host": "127.0.0.2", "port": "", "algorithm": "ffsplit"},
{},
{}
)
self.assertFalse(facade.need_stopped_cluster)
self.assertTrue(facade.need_qdevice_reload)
ac(
config.replace(
"host: 127.0.0.1\n port: 4433",
"host: 127.0.0.2\n algorithm: ffsplit"
),
facade.config.export()
)
def test_cluster_upgrade(self):
# pylint: disable=no-self-use
# pylint: disable=invalid-name
with open(self.temp_cib) as myfile:
data = myfile.read()
assert data.find("pacemaker-1.2") != -1
assert data.find("pacemaker-2.") == -1
o, r = pcs(self.temp_cib, "cluster cib-upgrade")
ac(o, "Cluster CIB has been upgraded to latest version\n")
assert r == 0
with open(self.temp_cib) as myfile:
data = myfile.read()
assert data.find("pacemaker-1.2") == -1
assert data.find("pacemaker-2.") == -1
assert data.find("pacemaker-3.") != -1
o, r = pcs(self.temp_cib, "cluster cib-upgrade")
ac(o, "Cluster CIB has been upgraded to latest version\n")
assert r == 0
def testDefaults(self):
output, returnVal = pcs(temp_cib, "property --defaults")
prop_defaults = output
assert returnVal == 0, 'Unable to list resources'
assert output.startswith('Cluster Properties:\n batch-limit')
output, returnVal = pcs(temp_cib, "property --all")
assert returnVal == 0, 'Unable to list resources'
assert output.startswith('Cluster Properties:\n batch-limit')
ac(output,prop_defaults)
output, returnVal = pcs(temp_cib, "property set blahblah=blah")
assert returnVal == 1
assert output == "Error: unknown cluster property: 'blahblah', (use --force to override)\n",[output]
output, returnVal = pcs(temp_cib, "property set blahblah=blah --force")
assert returnVal == 0,output
assert output == "",output
output, returnVal = pcs(temp_cib, "property set stonith-enabled=false")
assert returnVal == 0,output
assert output == "",output
output, returnVal = pcs(temp_cib, "property")
assert returnVal == 0
assert output == "Cluster Properties:\n blahblah: blah\n stonith-enabled: false\n", [output]
output, returnVal = pcs(temp_cib, "property --defaults")
assert returnVal == 0, 'Unable to list resources'
assert output.startswith('Cluster Properties:\n batch-limit')
ac(output,prop_defaults)
output, returnVal = pcs(temp_cib, "property --all")
assert returnVal == 0, 'Unable to list resources'
assert "blahblah: blah" in output
assert "stonith-enabled: false" in output
assert output.startswith('Cluster Properties:\n batch-limit')
def test_disable_two_nodes():
config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
}
quorum {
provider: corosync_votequorum
two_node: 1
}
""")
facade = lib.ConfigFacade.from_string(config)
facade.remove_nodes(["node2"])
expected_config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
}
quorum {
provider: corosync_votequorum
}
""")
ac(expected_config, facade.config.export())
def testUIDGID(self):
# pylint: disable=too-many-statements
_pcs = partial(
pcs,
None,
mock_settings={"corosync_uidgid_dir": self.uid_gid_dir}
)
o, r = _pcs("cluster uidgid")
ac(o, "No uidgids configured\n")
assert r == 0
o, r = _pcs("cluster uidgid add")
assert r == 1
assert o.startswith("\nUsage:")
o, r = _pcs("cluster uidgid rm")
assert r == 1
assert o.startswith("\nUsage:")
o, r = _pcs("cluster uidgid xx")
assert r == 1
assert o.startswith("\nUsage:")
o, r = _pcs("cluster uidgid add uid=testuid gid=testgid")
assert r == 0
ac(o, "")
o, r = _pcs("cluster uidgid add uid=testuid gid=testgid")
ac(
o,
"Error: uidgid file with uid=testuid and gid=testgid already "
"exists\n"
)
assert r == 1
o, r = _pcs("cluster uidgid delete uid=testuid2 gid=testgid2")
assert r == 1
ac(
o,
"Error: no uidgid files with uid=testuid2 and gid=testgid2 found\n"
)
o, r = _pcs("cluster uidgid remove uid=testuid gid=testgid2")
assert r == 1
ac(
o,
"Error: no uidgid files with uid=testuid and gid=testgid2 found\n"
)
o, r = _pcs("cluster uidgid rm uid=testuid2 gid=testgid")
assert r == 1
ac(
o,
"'pcs cluster uidgid rm' has been deprecated, use 'pcs cluster "
"uidgid delete' or 'pcs cluster uidgid remove' instead\n"
"Error: no uidgid files with uid=testuid2 and gid=testgid found\n"
)
o, r = _pcs("cluster uidgid")
assert r == 0
ac(o, "UID/GID: uid=testuid gid=testgid\n")
o, r = _pcs("cluster uidgid delete uid=testuid gid=testgid")
ac(o, "")
assert r == 0
o, r = _pcs("cluster uidgid add uid=testuid gid=testgid")
assert r == 0
ac(o, "")
o, r = _pcs("cluster uidgid")
assert r == 0
ac(o, "UID/GID: uid=testuid gid=testgid\n")
o, r = _pcs("cluster uidgid remove uid=testuid gid=testgid")
ac(o, "")
assert r == 0
o, r = _pcs("cluster uidgid add uid=testuid gid=testgid")
assert r == 0
ac(o, "")
o, r = _pcs("cluster uidgid")
assert r == 0
ac(o, "UID/GID: uid=testuid gid=testgid\n")
o, r = _pcs("cluster uidgid rm uid=testuid gid=testgid")
ac(
o,
"'pcs cluster uidgid rm' has been deprecated, use 'pcs cluster "
"uidgid delete' or 'pcs cluster uidgid remove' instead\n"
)
assert r == 0
o, r = _pcs("cluster uidgid")
assert r == 0
ac(o, "No uidgids configured\n")
def testRoleCreateDelete(self):
o, r = pcs(temp_cib, "acl role create role0 read")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 read //resources")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 read xpath")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 read id")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 readX xpath //resources")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 read xpathX //resources")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 description=test read")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(
temp_cib,
"acl role create role0 description=test read //resources"
)
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(
temp_cib,
"acl role create role0 description=test read xpath"
)
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 description=test read id")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib,
"acl role create role0 description=test readX xpath //resources"
)
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib,
"acl role create role0 description=test read xpathX //resources"
)
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 desc=test read")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 desc=test read //resources")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 desc=test read xpath")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl role create role0 desc=test read id")
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(
temp_cib,
"acl role create role0 desc=test readX xpath //resources"
)
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(
temp_cib,
"acl role create role0 desc=test read xpathX //resources"
)
self.assertTrue(o.startswith("\nUsage: pcs acl role create..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl")
ac(o, "ACLs are disabled, run 'pcs acl enable' to enable\n\n")
self.assertEqual(0, r)
o, r = pcs(temp_cib, "acl role create role0")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl role create role0")
ac(o, "Error: 'role0' already exists\n")
assert r == 1
o, r = pcs(temp_cib, "acl role create role0d description='empty role'")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl role create role1 read xpath /xpath/")
ac(o, "")
assert r == 0
o, r = pcs(
temp_cib,
"acl role create role2 description='with description' "
"READ XPATH /xpath/"
)
assert r == 0
ac(o, "")
o, r = pcs(
temp_cib,
"acl role create role3 Read XPath /xpath_query/ wRiTe xpATH "
"/xpath_query2/ deny xpath /xpath_query3/"
)
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role0
Role: role0d
Description: empty role
Role: role1
Permission: read xpath /xpath/ (role1-read)
Role: role2
Description: with description
Permission: read xpath /xpath/ (role2-read)
Role: role3
Permission: read xpath /xpath_query/ (role3-read)
Permission: write xpath /xpath_query2/ (role3-write)
Permission: deny xpath /xpath_query3/ (role3-deny)
""")
assert r == 0
o, r = pcs(temp_cib, "acl role delete role2")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role0
Role: role0d
Description: empty role
Role: role1
Permission: read xpath /xpath/ (role1-read)
Role: role3
Permission: read xpath /xpath_query/ (role3-read)
Permission: write xpath /xpath_query2/ (role3-write)
Permission: deny xpath /xpath_query3/ (role3-deny)
""")
assert r == 0
o, r = pcs(temp_cib, "acl role delete role2")
assert r == 1
ac(o, "Error: ACL role 'role2' does not exist\n")
o, r = pcs(temp_cib, "acl role delete role1")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl role remove role3")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl role remove role0")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl role remove role0d")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
ac(o, "ACLs are disabled, run 'pcs acl enable' to enable\n\n")
assert r == 0
def test_set_property_validation_boolean(self):
output, returnVal = pcs(temp_cib, "property set enable-acl=TRUE")
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
enable-acl: TRUE
"""
)
output, returnVal = pcs(temp_cib, "property set enable-acl=no")
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
enable-acl: no
"""
)
output, returnVal = pcs(
temp_cib, "property set enable-acl=TRUE --force"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
enable-acl: TRUE
"""
)
output, returnVal = pcs(
temp_cib, "property set enable-acl=not_valid_value"
)
ac(
output,
"Error: invalid value of property: "
"'enable-acl=not_valid_value', (use --force to override)\n"
)
self.assertEqual(returnVal, 1)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
enable-acl: TRUE
"""
)
output, returnVal = pcs(
temp_cib, "property set enable-acl=not_valid_value --force"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
enable-acl: not_valid_value
"""
)
def test_set_property_validation_enum(self):
output, returnVal = pcs(
temp_cib, "property set no-quorum-policy=freeze"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
no-quorum-policy: freeze
"""
)
output, returnVal = pcs(
temp_cib, "property set no-quorum-policy=freeze --force"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
no-quorum-policy: freeze
"""
)
output, returnVal = pcs(
temp_cib, "property set no-quorum-policy=not_valid_value"
)
ac(
output,
"Error: invalid value of property: "
"'no-quorum-policy=not_valid_value', (use --force to override)\n"
)
self.assertEqual(returnVal, 1)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
no-quorum-policy: freeze
"""
)
output, returnVal = pcs(
temp_cib, "property set no-quorum-policy=not_valid_value --force"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
no-quorum-policy: not_valid_value
"""
)
def testBadProperties(self):
o,r = pcs(temp_cib, "property set xxxx=zzzz")
self.assertEqual(r, 1)
ac(o,"Error: unknown cluster property: 'xxxx', (use --force to override)\n")
o, _ = pcs(temp_cib, "property list")
ac(o, "Cluster Properties:\n")
output, returnVal = pcs(temp_cib, "property set =5678 --force")
ac(output, "Error: empty property name: '=5678'\n")
self.assertEqual(returnVal, 1)
o, _ = pcs(temp_cib, "property list")
ac(o, "Cluster Properties:\n")
output, returnVal = pcs(temp_cib, "property set =5678")
ac(output, "Error: empty property name: '=5678'\n")
self.assertEqual(returnVal, 1)
o, _ = pcs(temp_cib, "property list")
ac(o, "Cluster Properties:\n")
output, returnVal = pcs(temp_cib, "property set bad_format")
ac(output, "Error: invalid property format: 'bad_format'\n")
self.assertEqual(returnVal, 1)
o, _ = pcs(temp_cib, "property list")
ac(o, "Cluster Properties:\n")
output, returnVal = pcs(temp_cib, "property set bad_format --force")
ac(output, "Error: invalid property format: 'bad_format'\n")
self.assertEqual(returnVal, 1)
o, _ = pcs(temp_cib, "property list")
ac(o, "Cluster Properties:\n")
o,r = pcs(temp_cib, "property unset zzzzz")
self.assertEqual(r, 1)
ac(o,"Error: can't remove property: 'zzzzz' that doesn't exist\n")
o, _ = pcs(temp_cib, "property list")
ac(o, "Cluster Properties:\n")
o,r = pcs(temp_cib, "property unset zzzz --force")
self.assertEqual(r, 0)
ac(o,"")
o, _ = pcs(temp_cib, "property list")
ac(o, "Cluster Properties:\n")
def test_set_property_validation_integer(self):
output, returnVal = pcs(
temp_cib, "property set migration-limit=0"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
migration-limit: 0
"""
)
output, returnVal = pcs(
temp_cib, "property set migration-limit=-10"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
migration-limit: -10
"""
)
output, returnVal = pcs(
temp_cib, "property set migration-limit=0 --force"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
migration-limit: 0
"""
)
output, returnVal = pcs(
temp_cib, "property set migration-limit=0.1"
)
ac(
output,
"Error: invalid value of property: "
"'migration-limit=0.1', (use --force to override)\n"
)
self.assertEqual(returnVal, 1)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
migration-limit: 0
"""
)
output, returnVal = pcs(
temp_cib, "property set migration-limit=0.1 --force"
)
ac(output, "")
self.assertEqual(returnVal, 0)
o, _ = pcs(temp_cib, "property list")
ac(o, """Cluster Properties:
migration-limit: 0.1
"""
)
def testUserGroupCreateDelete(self):
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(o, "ACLs are disabled, run 'pcs acl enable' to enable\n\n")
o, r = pcs(temp_cib, "acl user create user1")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl user create user2")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl user create user1")
assert r == 1
ac(o, "Error: 'user1' already exists\n")
o, r = pcs(temp_cib, "acl group create group1")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl group create group2")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl group create group1")
assert r == 1
ac(o, "Error: 'group1' already exists\n")
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles:
User: user2
Roles:
Group: group1
Roles:
Group: group2
Roles:
""")
assert r == 0
o, r = pcs(temp_cib, "acl group delete user1")
assert r == 1
ac(o, "Error: 'user1' is not an ACL group\n")
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles:
User: user2
Roles:
Group: group1
Roles:
Group: group2
Roles:
""")
assert r == 0
o, r = pcs(temp_cib, "acl group delete group2")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles:
User: user2
Roles:
Group: group1
Roles:
""")
assert r == 0
o, r = pcs(temp_cib, "acl group remove group1")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles:
User: user2
Roles:
""")
assert r == 0
o, r = pcs(temp_cib, "acl user delete user1")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user2
Roles:
""")
assert r == 0
o, r = pcs(temp_cib, "acl user remove user2")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(o, "ACLs are disabled, run 'pcs acl enable' to enable\n\n")
def testEnableDisable(self):
o, r = pcs(temp_cib, "acl disable")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(o, "ACLs are disabled, run 'pcs acl enable' to enable\n\n")
o, r = pcs(temp_cib, "acl enable")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(o, "ACLs are enabled\n\n")
o, r = pcs(temp_cib, "acl disable")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(o, "ACLs are disabled, run 'pcs acl enable' to enable\n\n")
def test_skipped_and_out_of_order_links_and_nodes_ids():
config = dedent("""\
nodelist {
node {
ring1_addr: node1-addr1
ring5_addr: node1-addr5
ring2_addr: node1-addr2
nodeid: 1
name: node1
}
node {
ring1_addr: node4-addr1
ring5_addr: node4-addr5
ring2_addr: node4-addr2
nodeid: 4
name: node4
}
node {
ring1_addr: node2-addr1
ring5_addr: node2-addr5
ring2_addr: node2-addr2
nodeid: 2
name: node2
}
}
""")
facade = lib.ConfigFacade.from_string(config)
facade.add_nodes([
dict(
name="node6",
addrs=["node6-addr1", "node6-addr2", "node6-addr5"],
),
dict(
name="node3",
addrs=["node3-addr1", "node3-addr2", "node3-addr5"],
),
dict(
name="node5",
addrs=["node5-addr1", "node5-addr2", "node5-addr5"],
),
])
expected_config = dedent("""\
nodelist {
node {
ring1_addr: node1-addr1
ring5_addr: node1-addr5
ring2_addr: node1-addr2
nodeid: 1
name: node1
}
node {
ring1_addr: node4-addr1
ring5_addr: node4-addr5
ring2_addr: node4-addr2
nodeid: 4
name: node4
}
node {
ring1_addr: node2-addr1
ring5_addr: node2-addr5
ring2_addr: node2-addr2
nodeid: 2
name: node2
}
node {
ring1_addr: node6-addr1
ring2_addr: node6-addr2
ring5_addr: node6-addr5
name: node6
nodeid: 3
}
node {
ring1_addr: node3-addr1
ring2_addr: node3-addr2
ring5_addr: node3-addr5
name: node3
nodeid: 5
}
node {
ring1_addr: node5-addr1
ring2_addr: node5-addr2
ring5_addr: node5-addr5
name: node5
nodeid: 6
}
}
""")
ac(expected_config, facade.config.export())
def testPermissionAddDelete(self):
o, r = pcs(
temp_cib,
"acl role create role1 read xpath /xpath1/ write xpath /xpath2/"
)
ac(o, "")
assert r == 0
o, r = pcs(
temp_cib,
"acl role create role2 read xpath /xpath3/ write xpath /xpath4/"
)
ac(o, "")
assert r == 0
o, r = pcs(
temp_cib,
"acl role create role3 read xpath /xpath5/ write xpath /xpath6/"
)
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl show")
assert r == 0
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: read xpath /xpath3/ (role2-read)
Permission: write xpath /xpath4/ (role2-write)
Role: role3
Permission: read xpath /xpath5/ (role3-read)
Permission: write xpath /xpath6/ (role3-write)
""")
o, r = pcs(temp_cib, "acl permission add role1 deny xpath /myxpath1/")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl permission add role4 deny xpath /myxpath2/")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl show")
assert r == 0
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Permission: deny xpath /myxpath1/ (role1-deny)
Role: role2
Permission: read xpath /xpath3/ (role2-read)
Permission: write xpath /xpath4/ (role2-write)
Role: role3
Permission: read xpath /xpath5/ (role3-read)
Permission: write xpath /xpath6/ (role3-write)
Role: role4
Permission: deny xpath /myxpath2/ (role4-deny)
""")
o, r = pcs(temp_cib, "acl permission delete role4-deny")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl permission delete role4-deny")
ac(o, "Error: ACL permission 'role4-deny' does not exist\n")
assert r == 1
o, r = pcs(temp_cib, "acl permission remove role4-deny")
ac(o, "Error: ACL permission 'role4-deny' does not exist\n")
assert r == 1
o, r = pcs(temp_cib, "acl show")
assert r == 0
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Permission: deny xpath /myxpath1/ (role1-deny)
Role: role2
Permission: read xpath /xpath3/ (role2-read)
Permission: write xpath /xpath4/ (role2-write)
Role: role3
Permission: read xpath /xpath5/ (role3-read)
Permission: write xpath /xpath6/ (role3-write)
Role: role4
""")
o, r = pcs(temp_cib, "acl permission delete role3-read")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl permission delete role3-write")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Permission: deny xpath /myxpath1/ (role1-deny)
Role: role2
Permission: read xpath /xpath3/ (role2-read)
Permission: write xpath /xpath4/ (role2-write)
Role: role3
Role: role4
""")
assert r == 0
o, r = pcs(temp_cib, "acl permission remove role1-read")
ac(o, "")
self.assertEqual(0, r)
o, r = pcs(temp_cib, "acl permission remove role1-write")
ac(o, "")
self.assertEqual(0, r)
o, r = pcs(temp_cib, "acl permission remove role1-deny")
ac(o, "")
self.assertEqual(0, r)
o, r = pcs(temp_cib, "acl permission remove role2-read")
ac(o, "")
self.assertEqual(0, r)
o, r = pcs(temp_cib, "acl permission remove role2-write")
ac(o, "")
self.assertEqual(0, r)
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role1
Role: role2
Role: role3
Role: role4
""")
self.assertEqual(0, r)
o, r = pcs(temp_cib, "acl permission add role1 read")
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl permission add role1 read //resources")
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl permission add role1 read xpath")
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl permission add role1 read id")
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl permission add role1 readX xpath //resources")
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl permission add role1 read xpathX //resources")
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl permission add role1 read id dummy read")
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(
temp_cib,
"acl permission add role1 read id dummy read //resources"
)
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(
temp_cib,
"acl permission add role1 read id dummy read xpath"
)
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl permission add role1 read id dummy read id")
self.assertTrue(o.startswith("\nUsage: pcs acl permission add..."))
self.assertEqual(1, r)
self.assert_pcs_fail(
"acl permission add role1 read id dummy readX xpath //resources",
stdout_start='\nUsage: pcs acl permission add...'
)
self.assert_pcs_fail(
"acl permission add role1 read id dummy read xpathX //resources",
stdout_start='\nUsage: pcs acl permission add...'
)
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role1
Role: role2
Role: role3
Role: role4
""")
self.assertEqual(0, r)
def test_remove():
config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
node {
ring0_addr: node3-addr1
name: node3
nodeid: 3
}
node {
ring0_addr: node5-addr1
name: node5
nodeid: 5
}
}
nodelist {
node {
ring0_addr: node3-addr1
ring1_addr: node3-addr2
name: node3
nodeid: 3
}
node {
ring0_addr: node4-addr1
ring1_addr: node4-addr2
name: node4
nodeid: 4
}
}
quorum {
provider: corosync_votequorum
}
""")
facade = lib.ConfigFacade.from_string(config)
facade.remove_nodes(["node3", "node4", "nodeX"])
expected_config = dedent("""\
nodelist {
node {
ring0_addr: node1-addr1
name: node1
nodeid: 1
}
node {
ring0_addr: node2-addr1
name: node2
nodeid: 2
}
node {
ring0_addr: node5-addr1
name: node5
nodeid: 5
}
}
quorum {
provider: corosync_votequorum
}
""")
ac(expected_config, facade.config.export())
def testBadProperties(self):
o, r = pcs(self.temp_cib.name, "property set xxxx=zzzz".split())
self.assertEqual(r, 1)
ac(
# pylint: disable=line-too-long
o,
"Error: unknown cluster property: 'xxxx', (use --force to override)\n",
)
o, _ = pcs(self.temp_cib.name, "property config".split())
ac(o, "Cluster Properties:\n")
output, returnVal = pcs(self.temp_cib.name,
"property set =5678 --force".split())
ac(output, "Error: empty property name: '=5678'\n")
self.assertEqual(returnVal, 1)
o, _ = pcs(self.temp_cib.name, "property config".split())
ac(o, "Cluster Properties:\n")
output, returnVal = pcs(self.temp_cib.name,
"property set =5678".split())
ac(output, "Error: empty property name: '=5678'\n")
self.assertEqual(returnVal, 1)
o, _ = pcs(self.temp_cib.name, "property config".split())
ac(o, "Cluster Properties:\n")
output, returnVal = pcs(self.temp_cib.name,
"property set bad_format".split())
ac(output, "Error: invalid property format: 'bad_format'\n")
self.assertEqual(returnVal, 1)
o, _ = pcs(self.temp_cib.name, "property config".split())
ac(o, "Cluster Properties:\n")
output, returnVal = pcs(self.temp_cib.name,
"property set bad_format --force".split())
ac(output, "Error: invalid property format: 'bad_format'\n")
self.assertEqual(returnVal, 1)
o, _ = pcs(self.temp_cib.name, "property config".split())
ac(o, "Cluster Properties:\n")
o, r = pcs(self.temp_cib.name, "property unset zzzzz".split())
self.assertEqual(r, 1)
ac(o, "Error: can't remove property: 'zzzzz' that doesn't exist\n")
o, _ = pcs(self.temp_cib.name, "property config".split())
ac(o, "Cluster Properties:\n")
o, r = pcs(self.temp_cib.name, "property unset zzzz --force".split())
self.assertEqual(r, 0)
ac(o, "")
o, _ = pcs(self.temp_cib.name, "property config".split())
ac(o, "Cluster Properties:\n")
def testUserGroupCreateDeleteWithRoles(self):
o, r = pcs(
temp_cib,
"acl role create role1 read xpath /xpath1/ write xpath /xpath2/"
)
assert r == 0
ac(o, "")
o, r = pcs(
temp_cib,
"acl role create role2 deny xpath /xpath3/ deny xpath /xpath4/"
)
assert r == 0
ac(o, "")
o, r = pcs(
temp_cib,
"acl role create role3 read xpath /xpath5/ read xpath /xpath6/"
)
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl user create user1 roleX")
ac(o, "Error: ACL role 'roleX' does not exist\n")
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl user create user1 role1 roleX")
ac(o, "Error: ACL role 'roleX' does not exist\n")
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl group create group1 roleX")
ac(o, "Error: ACL role 'roleX' does not exist\n")
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl group create group1 role1 roleX")
ac(o, "Error: ACL role 'roleX' does not exist\n")
self.assertEqual(1, r)
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
Role: role3
Permission: read xpath /xpath5/ (role3-read)
Permission: read xpath /xpath6/ (role3-read-1)
""")
self.assertEqual(0, r)
o, r = pcs(temp_cib, "acl user create user1 role1 role2")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl group create group1 role1 role3")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(
o,
"""\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles: role1 role2
Group: group1
Roles: role1 role3
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
Role: role3
Permission: read xpath /xpath5/ (role3-read)
Permission: read xpath /xpath6/ (role3-read-1)
"""
)
o, r = pcs(temp_cib, "acl role create group1")
assert r == 1
ac(o, "Error: 'group1' already exists\n")
o, r = pcs(temp_cib, "acl role create role1")
assert r == 1
ac(o, "Error: 'role1' already exists\n")
o, r = pcs(temp_cib, "acl user create user1")
assert r == 1
ac(o, "Error: 'user1' already exists\n")
o, r = pcs(temp_cib, "acl group create group1")
assert r == 1
ac(o, "Error: 'group1' already exists\n")
o, r = pcs(temp_cib, "acl group create role1")
assert r == 1
ac(o, "Error: 'role1' already exists\n")
o, r = pcs(temp_cib, "acl role assign role1 to noexist")
assert r == 1
ac(o, "Error: ACL group/ACL user 'noexist' does not exist\n")
o, r = pcs(temp_cib, "acl role assign noexist to user1")
assert r == 1
ac(o, "Error: ACL role 'noexist' does not exist\n")
o, r = pcs(temp_cib, "acl role assign role3 to user1")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles: role1 role2 role3
Group: group1
Roles: role1 role3
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
Role: role3
Permission: read xpath /xpath5/ (role3-read)
Permission: read xpath /xpath6/ (role3-read-1)
""")
o, r = pcs(temp_cib, "acl role unassign noexist from user1")
assert r == 1
ac(o, "Error: Role 'noexist' is not assigned to 'user1'\n")
o, r = pcs(temp_cib, "acl role unassign role3 from noexist")
assert r == 1
ac(o, "Error: ACL group/ACL user 'noexist' does not exist\n")
o, r = pcs(temp_cib, "acl role unassign role3 from user1")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles: role1 role2
Group: group1
Roles: role1 role3
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
Role: role3
Permission: read xpath /xpath5/ (role3-read)
Permission: read xpath /xpath6/ (role3-read-1)
""")
o, r = pcs(temp_cib, "acl role unassign role2 from user1")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl role unassign role1 from user1")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles:
Group: group1
Roles: role1 role3
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
Role: role3
Permission: read xpath /xpath5/ (role3-read)
Permission: read xpath /xpath6/ (role3-read-1)
""")
assert r == 0
o, r = pcs(temp_cib, "acl role delete role3")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles:
Group: group1
Roles: role1
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
""")
assert r == 0
o, r = pcs(temp_cib, "acl role assign role2 to user1")
assert r == 0
ac(o, "")
o, r = pcs(temp_cib, "acl")
assert r == 0
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles: role2
Group: group1
Roles: role1
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
""")
o, r = pcs(temp_cib, "acl role assign role1 user1")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles: role2 role1
Group: group1
Roles: role1
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
""")
assert r == 0
o, r = pcs(temp_cib, "acl role unassign role2 from user1 --autodelete")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles: role1
Group: group1
Roles: role1
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
""")
assert r == 0
o, r = pcs(temp_cib, "acl role unassign role1 from user1 --autodelete")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
Group: group1
Roles: role1
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
""")
assert r == 0
o, r = pcs(temp_cib, "acl user create user1 role1 role2")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles: role1 role2
Group: group1
Roles: role1
Role: role1
Permission: read xpath /xpath1/ (role1-read)
Permission: write xpath /xpath2/ (role1-write)
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
""")
assert r == 0
o, r = pcs(temp_cib, "acl role delete role1 --autodelete")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles: role2
Role: role2
Permission: deny xpath /xpath3/ (role2-deny)
Permission: deny xpath /xpath4/ (role2-deny-1)
""")
assert r == 0
o, r = pcs(temp_cib, "acl role delete role2")
ac(o, "")
assert r == 0
o, r = pcs(temp_cib, "acl")
ac(o, """\
ACLs are disabled, run 'pcs acl enable' to enable
User: user1
Roles:
""")
assert r == 0