def test_f5remark(self):
self.assertEqual(f5remark("test test test"), "test test test")
self.assertEqual(f5remark("\Programm Files"), "Programm Files")
self.assertEqual(len(f5remark(65 * "A")), 64)
FORBIDDEN_CHARACTERS = "\\\""
for forbidden_char in FORBIDDEN_CHARACTERS:
self.assertEqual(f5label(forbidden_char), "")
def get_member(member, enable_priority_group, with_monitors):
args = dict()
args['servicePort'] = member.protocol_port
args['serverAddresses'] = [member.ip_address]
if member.enabled:
args['adminState'] = 'enable'
else:
args['adminState'] = 'disable'
if member.weight == 0:
args['ratio'] = 1
args['adminState'] = 'disable'
else:
args['ratio'] = normalize_weight(member.weight)
if enable_priority_group:
# set Priority group for normal pool to 2, backup to 1
args['priorityGroup'] = 1 if member.backup else 2
if with_monitors and (member.monitor_address or member.monitor_port):
# Add custom monitors
args['monitors'] = [Pointer(use=m_monitor.get_name(member.id))]
args['remark'] = as3types.f5remark(member.id)
return Member(**args)
def get_certificate(remark, tlscontainer):
"""Get AS3 Certificate object.
:param remark: comment
:param tlscontainer: tls container to create certificate object from
:return: AS3 Certificate
"""
def _decode(pem):
try:
return pem.decode('utf-8').replace('\r', '').replace(' \n', '\n')
except AttributeError:
return pem.replace('\r', '').replace(' \n', '\n')
# TLS certificate is always the first one
certificates = [_decode(tlscontainer.certificate)]
for intermediate in tlscontainer.intermediates:
intermediate = _decode(intermediate)
if intermediate not in certificates:
certificates.append(intermediate)
service_args = {
'remark': as3types.f5remark(remark),
'certificate': '\n'.join(certificates)
}
if tlscontainer.private_key:
service_args['privateKey'] = _decode(tlscontainer.private_key)
if tlscontainer.passphrase:
service_args['passphrase'] = {
'ciphertext': base64.urlsafe_b64encode(tlscontainer.passphrase)
}
return Certificate(**service_args)
def get_certificate(remark, tlscontainer):
"""Get AS3 Certificate object.
:param remark: comment
:param tlscontainer: tls container to create certificate object from
:return: AS3 Certificate
"""
def _decode(pem):
try:
return pem.decode('utf-8')
except AttributeError:
return pem
service_args = {
'remark': as3types.f5remark(remark),
'certificate': _decode(tlscontainer.certificate)
}
if tlscontainer.private_key:
service_args['privateKey'] = _decode(tlscontainer.private_key)
if tlscontainer.passphrase:
service_args['passphrase'] = {
'ciphertext': base64.urlsafe_b64encode(tlscontainer.passphrase)
}
return Certificate(**service_args)
def get_pool(pool, loadbalancer_ips, status):
"""Map Octavia Pool -> AS3 Pool object
:param pool: octavia pool object
:param loadbalancer_ips: already used loadbalancer_ips
:param status: status manager instance
:return: AS3 pool
"""
# Entities is a list of tuples, which each describe AS3 objects
# which may reference each other but do not form a hierarchy.
entities = []
lbaas_lb_method = pool.lb_algorithm.upper()
lbmode = _set_lb_method(lbaas_lb_method, pool.members)
service_args = {
'label': as3types.f5label(pool.name or pool.description),
'remark': as3types.f5remark(pool.description or pool.name),
'loadBalancingMode': lbmode,
'members': [],
}
enable_priority_group = any([member.backup for member in pool.members])
for member in pool.members:
if not utils.pending_delete(member):
if member.ip_address in loadbalancer_ips:
LOG.warning("The member address %s of member %s (pool %s, LB %s) is already in use by another load balancer.",
member.ip_address, member.id, member.pool.id, member.pool.load_balancer.id)
if status:
status.set_error(member)
continue
if member.ip_address == '0.0.0.0':
LOG.warning("The member address 0.0.0.0 of member %s is prohibited.", member.id)
if status:
status.set_error(member)
continue
service_args['members'].append(
m_member.get_member(member, enable_priority_group, pool.health_monitor))
# add custom member monitors
if pool.health_monitor and (member.monitor_address or member.monitor_port):
member_hm = m_monitor.get_monitor(pool.health_monitor,
member.monitor_address or member.ip_address,
member.monitor_port or member.protocol_port)
entities.append((m_monitor.get_name(member.id), member_hm))
if pool.health_monitor and not utils.pending_delete(
pool.health_monitor):
monitor_name = m_monitor.get_name(pool.health_monitor.id)
entities.append((monitor_name, m_monitor.get_monitor(pool.health_monitor)))
service_args['monitors'] = [Pointer(use=monitor_name)]
entities.append((get_name(pool.id), Pool(**service_args)))
return entities
def get_endpoint_policy(l7policies):
wrapper_name = ', '.join(
[l7policy.name for l7policy in l7policies if l7policy.name])
wrapper_desc = ', '.join([
l7policy.description for l7policy in l7policies if l7policy.description
])
args = dict()
args['label'] = as3types.f5label(wrapper_name or wrapper_desc)
args['remark'] = as3types.f5remark(wrapper_desc or wrapper_name)
args['rules'] = [
Endpoint_Policy_Rule(
name=get_name(l7policy.id),
label=as3types.f5label(l7policy.name or l7policy.description),
remark=as3types.f5remark(l7policy.description or l7policy.name),
conditions=[_get_condition(l7rule) for l7rule in l7policy.l7rules],
actions=[_get_action(l7policy)]) for l7policy in l7policies
]
args['strategy'] = 'first-match'
return Endpoint_Policy(**args)
def get_ca_bundle(bundle, remark='', label=''):
"""AS3 Certificate Authority Bundle object.
:param bundle: the CA certificate bundle as PEM encoded bytes
:param remark: comment
:param label: label
:return: AS3 CA_Bundle
"""
service_args = {
'remark': as3types.f5remark(remark),
'label': as3types.f5label(label),
'bundle': bundle.decode('utf-8').replace('\r', '')
}
return CA_Bundle(**service_args)
def get_member(member):
args = dict()
args['servicePort'] = member.protocol_port
args['serverAddresses'] = [member.ip_address]
if member.enabled:
args['adminState'] = 'enable'
else:
args['adminState'] = 'disable'
if member.weight == 0:
args['ratio'] = 1
args['adminState'] = 'disable'
else:
args['ratio'] = normalize_weight(member.weight)
args['remark'] = as3types.f5remark(member.id)
return Member(**args)
def get_pool(pool):
"""Map Octavia Pool -> AS3 Pool object
:param pool: octavia pool object
:return: AS3 pool
"""
# Entities is a list of tuples, which each describe AS3 objects
# which may reference each other but do not form a hierarchy.
entities = []
lbaas_lb_method = pool.lb_algorithm.upper()
lbmode = _set_lb_method(lbaas_lb_method, pool.members)
service_args = {
'label': as3types.f5label(pool.name or pool.id),
'remark': as3types.f5remark(pool.description or pool.id),
'loadBalancingMode': lbmode,
'members': [],
}
for member in pool.members:
# Ignore backup members, will be handled by service
if not utils.pending_delete(member) and not member.backup:
service_args['members'].append(m_member.get_member(member))
#if pool.health_monitor and not utils.pending_delete(
# pool.health_monitor):
# Workaround for Monitor deletion bug in AS3, dereference but remain HM
if pool.health_monitor:
hms = m_monitor.get_monitors(pool.health_monitor, pool.members)
entities.extend(hms)
# Part of the workaround
if not utils.pending_delete(pool.health_monitor):
service_args['monitors'] = [Pointer(use=name) for name, _ in hms]
entities.append((get_name(pool.id), Pool(**service_args)))
return entities