def resource_setup(cls): """Setup resources needed by the tests.""" super(IPv6TrafficOperationsScenarioTest, cls).resource_setup() lb_name = data_utils.rand_name("lb_member_lb1_ipv6_ops") lb_kwargs = {const.PROVIDER: CONF.load_balancer.provider, const.NAME: lb_name} ip_version = 6 cls._setup_lb_network_kwargs(lb_kwargs, ip_version) lb = cls.mem_lb_client.create_loadbalancer(**lb_kwargs) cls.lb_id = lb[const.ID] cls.addClassResourceCleanup( cls.mem_lb_client.cleanup_loadbalancer, cls.lb_id) cls.lb_vip_address = lb[const.VIP_ADDRESS] waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) listener_name = data_utils.rand_name("lb_member_listener1_ipv6_ops") listener_kwargs = { const.NAME: listener_name, const.PROTOCOL: const.HTTP, const.PROTOCOL_PORT: '80', const.LOADBALANCER_ID: cls.lb_id, } listener = cls.mem_listener_client.create_listener(**listener_kwargs) cls.listener_id = listener[const.ID] cls.addClassResourceCleanup( cls.mem_listener_client.cleanup_listener, cls.listener_id, lb_client=cls.mem_lb_client, lb_id=cls.lb_id) waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool_name = data_utils.rand_name("lb_member_pool1_ipv6_ops") pool_kwargs = { const.NAME: pool_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LISTENER_ID: cls.listener_id, } pool = cls.mem_pool_client.create_pool(**pool_kwargs) cls.pool_id = pool[const.ID] cls.addClassResourceCleanup( cls.mem_pool_client.cleanup_pool, cls.pool_id, lb_client=cls.mem_lb_client, lb_id=cls.lb_id) waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout)
def test_amphora_list_and_show(self): """Tests amphora show API. * Show amphora details. * Validate the show reflects the requested values. * Validates that other accounts cannot see the amphora. """ lb_name = data_utils.rand_name("lb_member_lb2_amphora-list") lb = self.mem_lb_client.create_loadbalancer( name=lb_name, provider=CONF.load_balancer.provider, vip_network_id=self.lb_member_vip_net[const.ID]) lb_id = lb[const.ID] self.addCleanup(self.mem_lb_client.cleanup_loadbalancer, lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) # Test that a user, without the load balancer member role, cannot # list amphorae if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.amphora_client.list_amphorae) # Get an actual list of the amphorae amphorae = self.lb_admin_amphora_client.list_amphorae() # There should be AT LEAST 2, there may be more depending on the # configured topology self.assertGreaterEqual(len(amphorae), 2 * self._expected_amp_count(amphorae)) # Test filtering by loadbalancer_id amphorae = self.lb_admin_amphora_client.list_amphorae( query_params='{loadbalancer_id}={lb_id}'.format( loadbalancer_id=const.LOADBALANCER_ID, lb_id=self.lb_id)) self.assertEqual(self._expected_amp_count(amphorae), len(amphorae)) self.assertEqual(self.lb_id, amphorae[0][const.LOADBALANCER_ID]) # Test that a different user, with load balancer member role, cannot # see this amphora if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.amphora_client self.assertRaises(exceptions.Forbidden, member2_client.show_amphora, amphora_id=amphorae[0][const.ID]) show_amphora_response_fields = const.SHOW_AMPHORA_RESPONSE_FIELDS if self.lb_admin_amphora_client.is_version_supported( self.api_version, '2.1'): show_amphora_response_fields.append('created_at') show_amphora_response_fields.append('updated_at') show_amphora_response_fields.append('image_id') for amp in amphorae: # Make sure all of the fields exist on the amp list records for field in show_amphora_response_fields: self.assertIn(field, amp) # Verify a few of the fields are the right type if self.lb_admin_amphora_client.is_version_supported( self.api_version, '2.1'): parser.parse(amp[const.CREATED_AT]) parser.parse(amp[const.UPDATED_AT]) UUID(amp[const.ID]) UUID(amp[const.HA_PORT_ID]) UUID(amp[const.LOADBALANCER_ID]) UUID(amp[const.COMPUTE_ID]) UUID(amp[const.VRRP_PORT_ID]) self.assertEqual(amp[const.STATUS], const.STATUS_ALLOCATED) self.assertIn(amp[const.ROLE], const.AMPHORA_ROLES) # Test that all of the fields from the amp list match those # from a show for the LB we created. amp_obj = self.lb_admin_amphora_client.show_amphora( amphora_id=amp[const.ID]) for field in show_amphora_response_fields: self.assertEqual(amp[field], amp_obj[field])
def test_healthmonitor_show(self): """Tests healthmonitor show API. * Create a clean pool to use for the healthmonitor. * Create a fully populated healthmonitor. * Show healthmonitor details. * Validate the show reflects the requested values. * Validates that other accounts cannot see the healthmonitor. """ pool_name = data_utils.rand_name("lb_member_pool1_hm-show") pool_kwargs = { const.NAME: pool_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: self.lb_id, } pool = self.mem_pool_client.create_pool(**pool_kwargs) self.addCleanup(self.mem_pool_client.cleanup_pool, pool[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm_name = data_utils.rand_name("lb_member_hm1-show") hm_kwargs = { const.POOL_ID: pool[const.ID], const.NAME: hm_name, const.TYPE: const.HEALTH_MONITOR_HTTP, const.DELAY: 2, const.TIMEOUT: 3, const.MAX_RETRIES: 4, const.MAX_RETRIES_DOWN: 5, const.HTTP_METHOD: const.GET, const.URL_PATH: '/', const.EXPECTED_CODES: '200-204', const.ADMIN_STATE_UP: True, } hm = self.mem_healthmonitor_client.create_healthmonitor(**hm_kwargs) self.addCleanup(self.mem_healthmonitor_client.cleanup_healthmonitor, hm[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) parser.parse(hm[const.CREATED_AT]) parser.parse(hm[const.UPDATED_AT]) UUID(hm[const.ID]) # Healthmonitors are always ONLINE self.assertEqual(const.ONLINE, hm[const.OPERATING_STATUS]) equal_items = [ const.NAME, const.TYPE, const.DELAY, const.TIMEOUT, const.MAX_RETRIES, const.MAX_RETRIES_DOWN, const.HTTP_METHOD, const.URL_PATH, const.EXPECTED_CODES, const.ADMIN_STATE_UP ] for item in equal_items: self.assertEqual(hm_kwargs[item], hm[item]) # Test that a user with lb_admin role can see the healthmonitor if CONF.load_balancer.RBAC_test_type == const.ADVANCED: healthmonitor_client = self.os_roles_lb_admin.healthmonitor_client hm_adm = healthmonitor_client.show_healthmonitor(hm[const.ID]) self.assertEqual(hm_name, hm_adm[const.NAME]) # Test that a user with cloud admin role can see the healthmonitor if not CONF.load_balancer.RBAC_test_type == const.NONE: adm = self.os_admin.healthmonitor_client.show_healthmonitor( hm[const.ID]) self.assertEqual(hm_name, adm[const.NAME]) # Test that a different user, with loadbalancer member role, cannot # see this healthmonitor if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.healthmonitor_client self.assertRaises(exceptions.Forbidden, member2_client.show_healthmonitor, hm[const.ID]) # Test that a user, without the loadbalancer member role, cannot # show healthmonitors if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises( exceptions.Forbidden, self.os_primary.healthmonitor_client.show_healthmonitor, hm[const.ID])
def test_l7policy_show(self): """Tests l7policy show API. * Create a fully populated l7policy. * Show l7policy details. * Validate the show reflects the requested values. * Validates that other accounts cannot see the l7policy. """ listener_name = data_utils.rand_name( "lb_member_listener4_l7policy-show") listener_kwargs = { const.NAME: listener_name, const.PROTOCOL: const.HTTP, const.PROTOCOL_PORT: '81', const.LOADBALANCER_ID: self.lb_id, } listener = self.mem_listener_client.create_listener(**listener_kwargs) listener_id = listener[const.ID] self.addCleanup(self.mem_listener_client.cleanup_listener, listener_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) l7policy_name = data_utils.rand_name("lb_member_l7policy1-show") l7policy_description = data_utils.arbitrary_string(size=255) l7policy_kwargs = { const.LISTENER_ID: listener_id, const.NAME: l7policy_name, const.DESCRIPTION: l7policy_description, const.ADMIN_STATE_UP: True, const.POSITION: 1, const.ACTION: const.REJECT, } l7policy = self.mem_l7policy_client.create_l7policy(**l7policy_kwargs) self.addClassResourceCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) l7policy = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if not CONF.load_balancer.test_with_noop: l7policy = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(l7policy_name, l7policy[const.NAME]) self.assertEqual(l7policy_description, l7policy[const.DESCRIPTION]) self.assertTrue(l7policy[const.ADMIN_STATE_UP]) parser.parse(l7policy[const.CREATED_AT]) parser.parse(l7policy[const.UPDATED_AT]) UUID(l7policy[const.ID]) # Operating status for a l7policy will be ONLINE if it is enabled: if l7policy[const.ADMIN_STATE_UP]: self.assertEqual(const.ONLINE, l7policy[const.OPERATING_STATUS]) else: self.assertEqual(const.OFFLINE, l7policy[const.OPERATING_STATUS]) self.assertEqual(listener_id, l7policy[const.LISTENER_ID]) self.assertEqual(1, l7policy[const.POSITION]) self.assertEqual(const.REJECT, l7policy[const.ACTION]) self.assertIsNone(l7policy.pop(const.REDIRECT_URL, None)) self.assertIsNone(l7policy.pop(const.REDIRECT_POOL_ID, None)) # Test that a user with lb_admin role can see the l7policy if CONF.load_balancer.RBAC_test_type == const.ADVANCED: l7policy_client = self.os_roles_lb_admin.l7policy_client l7policy_adm = l7policy_client.show_l7policy(l7policy[const.ID]) self.assertEqual(l7policy_name, l7policy_adm[const.NAME]) # Test that a user with cloud admin role can see the l7policy if not CONF.load_balancer.RBAC_test_type == const.NONE: adm = self.os_admin.l7policy_client.show_l7policy( l7policy[const.ID]) self.assertEqual(l7policy_name, adm[const.NAME]) # Test that a different user, with load balancer member role, cannot # see this l7policy if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.l7policy_client self.assertRaises(exceptions.Forbidden, member2_client.show_l7policy, l7policy[const.ID]) # Test that a user, without the load balancer member role, cannot # show l7policies if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.l7policy_client.show_l7policy, l7policy[const.ID])
def test_healthmonitor_CRUD(self): """Tests healthmonitor create, read, update, delete, and member status * Create a fully populated healthmonitor. * Show healthmonitor details. * Update the healthmonitor. * Delete the healthmonitor. """ # Healthmonitor create hm_name = data_utils.rand_name("lb_member_hm1-CRUD") hm_kwargs = { const.POOL_ID: self.pool_id, const.NAME: hm_name, const.TYPE: const.HEALTH_MONITOR_HTTP, const.DELAY: 2, const.TIMEOUT: 2, const.MAX_RETRIES: 2, const.MAX_RETRIES_DOWN: 2, const.HTTP_METHOD: const.GET, const.URL_PATH: '/', const.EXPECTED_CODES: '200', const.ADMIN_STATE_UP: True, } hm = self.mem_healthmonitor_client.create_healthmonitor(**hm_kwargs) self.addCleanup(self.mem_healthmonitor_client.cleanup_healthmonitor, hm[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) parser.parse(hm[const.CREATED_AT]) parser.parse(hm[const.UPDATED_AT]) UUID(hm[const.ID]) self.assertEqual(const.ONLINE, hm[const.OPERATING_STATUS]) equal_items = [ const.NAME, const.TYPE, const.DELAY, const.TIMEOUT, const.MAX_RETRIES, const.MAX_RETRIES_DOWN, const.HTTP_METHOD, const.URL_PATH, const.EXPECTED_CODES, const.ADMIN_STATE_UP ] for item in equal_items: self.assertEqual(hm_kwargs[item], hm[item]) # Healthmonitor update new_name = data_utils.rand_name("lb_member_hm1-update") hm_update_kwargs = { const.NAME: new_name, const.DELAY: hm_kwargs[const.DELAY] + 1, const.TIMEOUT: hm_kwargs[const.TIMEOUT] + 1, const.MAX_RETRIES: hm_kwargs[const.MAX_RETRIES] + 1, const.MAX_RETRIES_DOWN: hm_kwargs[const.MAX_RETRIES_DOWN] + 1, const.HTTP_METHOD: const.POST, const.URL_PATH: '/test', const.EXPECTED_CODES: '201,202', const.ADMIN_STATE_UP: not hm_kwargs[const.ADMIN_STATE_UP], } hm = self.mem_healthmonitor_client.update_healthmonitor( hm[const.ID], **hm_update_kwargs) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Test changed items equal_items = [ const.NAME, const.DELAY, const.TIMEOUT, const.MAX_RETRIES, const.MAX_RETRIES_DOWN, const.HTTP_METHOD, const.URL_PATH, const.EXPECTED_CODES, const.ADMIN_STATE_UP ] for item in equal_items: self.assertEqual(hm_update_kwargs[item], hm[item]) # Test unchanged items equal_items = [const.TYPE] for item in equal_items: self.assertEqual(hm_kwargs[item], hm[item]) # Healthmonitor delete self.mem_healthmonitor_client.delete_healthmonitor(hm[const.ID]) waiters.wait_for_deleted_status_or_not_found( self.mem_healthmonitor_client.show_healthmonitor, hm[const.ID], const.PROVISIONING_STATUS, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout)
def test_l7policies_and_l7rules(self): """Tests sending traffic through a loadbalancer with l7rules * Create an extra pool. * Put one member on the default pool, and one on the second pool. * Create a policy/rule to redirect to the second pool. * Create a policy/rule to redirect to the identity URI. * Create a policy/rule to reject connections. * Test traffic to ensure it goes to the correct place. """ # Create a second pool pool_name = data_utils.rand_name("lb_member_pool2_l7redirect") pool_kwargs = { const.NAME: pool_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: self.lb_id, } pool = self.mem_pool_client.create_pool(**pool_kwargs) pool_id = pool[const.ID] self.addCleanup(self.mem_pool_client.cleanup_pool, pool_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Set up Member 1 for Webserver 1 on the default pool member1_name = data_utils.rand_name("lb_member_member1-l7redirect") member1_kwargs = { const.POOL_ID: self.pool_id, const.NAME: member1_name, const.ADMIN_STATE_UP: True, const.ADDRESS: self.webserver1_ip, const.PROTOCOL_PORT: 80, } if self.lb_member_1_subnet: member1_kwargs[const.SUBNET_ID] = self.lb_member_1_subnet[const.ID] member1 = self.mem_member_client.create_member(**member1_kwargs) self.addCleanup(self.mem_member_client.cleanup_member, member1[const.ID], pool_id=self.pool_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Set up Member 2 for Webserver 2 on the alternate pool member2_name = data_utils.rand_name("lb_member_member2-l7redirect") member2_kwargs = { const.POOL_ID: pool_id, const.NAME: member2_name, const.ADMIN_STATE_UP: True, const.ADDRESS: self.webserver2_ip, const.PROTOCOL_PORT: 80, } if self.lb_member_2_subnet: member2_kwargs[const.SUBNET_ID] = self.lb_member_2_subnet[const.ID] member2 = self.mem_member_client.create_member(**member2_kwargs) self.addCleanup(self.mem_member_client.cleanup_member, member2[const.ID], pool_id=self.pool_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Create the l7policy to redirect to the alternate pool l7policy1_name = data_utils.rand_name("lb_member_l7policy1-l7redirect") l7policy1_description = data_utils.arbitrary_string(size=255) l7policy1_kwargs = { const.LISTENER_ID: self.listener_id, const.NAME: l7policy1_name, const.DESCRIPTION: l7policy1_description, const.ADMIN_STATE_UP: True, const.POSITION: 1, const.ACTION: const.REDIRECT_TO_POOL, const.REDIRECT_POOL_ID: pool_id, } l7policy1 = self.mem_l7policy_client.create_l7policy( **l7policy1_kwargs) self.addCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy1[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Redirect slow queries to the alternate pool l7rule1_kwargs = { const.L7POLICY_ID: l7policy1[const.ID], const.ADMIN_STATE_UP: True, const.TYPE: const.PATH, const.VALUE: '/slow', const.COMPARE_TYPE: const.STARTS_WITH, const.INVERT: False, } l7rule1 = self.mem_l7rule_client.create_l7rule(**l7rule1_kwargs) self.addCleanup(self.mem_l7rule_client.cleanup_l7rule, l7rule1[const.ID], l7policy_id=l7rule1_kwargs[const.L7POLICY_ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Create the l7policy to redirect to the identity URI l7policy2_name = data_utils.rand_name("lb_member_l7policy2-l7redirect") l7policy2_description = data_utils.arbitrary_string(size=255) l7policy2_kwargs = { const.LISTENER_ID: self.listener_id, const.NAME: l7policy2_name, const.DESCRIPTION: l7policy2_description, const.ADMIN_STATE_UP: True, const.POSITION: 1, const.ACTION: const.REDIRECT_TO_URL, const.REDIRECT_URL: CONF.identity.uri_v3, } l7policy2 = self.mem_l7policy_client.create_l7policy( **l7policy2_kwargs) self.addCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy2[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Redirect queries for 'turtles' to identity l7rule2_kwargs = { const.L7POLICY_ID: l7policy2[const.ID], const.ADMIN_STATE_UP: True, const.TYPE: const.PATH, const.VALUE: '/turtles', const.COMPARE_TYPE: const.EQUAL_TO, const.INVERT: False, } l7rule2 = self.mem_l7rule_client.create_l7rule(**l7rule2_kwargs) self.addCleanup(self.mem_l7rule_client.cleanup_l7rule, l7rule2[const.ID], l7policy_id=l7rule2_kwargs[const.L7POLICY_ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Create the l7policy to reject requests l7policy3_name = data_utils.rand_name("lb_member_l7policy3-l7redirect") l7policy3_description = data_utils.arbitrary_string(size=255) l7policy3_kwargs = { const.LISTENER_ID: self.listener_id, const.NAME: l7policy3_name, const.DESCRIPTION: l7policy3_description, const.ADMIN_STATE_UP: True, const.POSITION: 1, const.ACTION: const.REJECT, } l7policy3 = self.mem_l7policy_client.create_l7policy( **l7policy3_kwargs) self.addCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy3[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Reject requests that include the header data 'reject=true' l7rule3_kwargs = { const.L7POLICY_ID: l7policy3[const.ID], const.ADMIN_STATE_UP: True, const.TYPE: const.HEADER, const.KEY: 'reject', const.VALUE: 'true', const.COMPARE_TYPE: const.EQUAL_TO, const.INVERT: False, } l7rule3 = self.mem_l7rule_client.create_l7rule(**l7rule3_kwargs) self.addCleanup(self.mem_l7rule_client.cleanup_l7rule, l7rule3[const.ID], l7policy_id=l7rule3_kwargs[const.L7POLICY_ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Assert that normal traffic goes to pool1->member1 url_for_member1 = 'http://{}/'.format(self.lb_vip_address) self.assertConsistentResponse((200, self.webserver1_response), url_for_member1) # Assert that slow traffic goes to pool2->member2 url_for_member2 = 'http://{}/slow?delay=1s'.format(self.lb_vip_address) self.assertConsistentResponse((200, self.webserver2_response), url_for_member2) # Assert that /turtles is redirected to identity url_for_identity = 'http://{}/turtles'.format(self.lb_vip_address) self.assertConsistentResponse((302, CONF.identity.uri_v3), url_for_identity, redirect=True) # Assert that traffic with header 'reject=true' is rejected self.assertConsistentResponse((403, None), url_for_member1, headers={'reject': 'true'})
def _test_l7policy_create(self, url=None, pool_id=None): """Tests l7policy create and basic show APIs. * Tests that users without the loadbalancer member role cannot create l7policies. * Create a fully populated l7policy. * Show l7policy details. * Validate the show reflects the requested values. """ l7policy_name = data_utils.rand_name("lb_member_l7policy1-create") l7policy_description = data_utils.arbitrary_string(size=255) l7policy_kwargs = { const.LISTENER_ID: self.listener_id, const.NAME: l7policy_name, const.DESCRIPTION: l7policy_description, const.ADMIN_STATE_UP: True, const.POSITION: 1, } if url: l7policy_kwargs[const.ACTION] = const.REDIRECT_TO_URL l7policy_kwargs[const.REDIRECT_URL] = url elif pool_id: l7policy_kwargs[const.ACTION] = const.REDIRECT_TO_POOL l7policy_kwargs[const.REDIRECT_POOL_ID] = pool_id else: l7policy_kwargs[const.ACTION] = const.REJECT # Test that a user without the load balancer role cannot # create a l7policy if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.l7policy_client.create_l7policy, **l7policy_kwargs) l7policy = self.mem_l7policy_client.create_l7policy(**l7policy_kwargs) self.addClassResourceCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) l7policy = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if not CONF.load_balancer.test_with_noop: l7policy = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(l7policy_name, l7policy[const.NAME]) self.assertEqual(l7policy_description, l7policy[const.DESCRIPTION]) self.assertTrue(l7policy[const.ADMIN_STATE_UP]) parser.parse(l7policy[const.CREATED_AT]) parser.parse(l7policy[const.UPDATED_AT]) UUID(l7policy[const.ID]) # Operating status for a l7policy will be ONLINE if it is enabled: if l7policy[const.ADMIN_STATE_UP]: self.assertEqual(const.ONLINE, l7policy[const.OPERATING_STATUS]) else: self.assertEqual(const.OFFLINE, l7policy[const.OPERATING_STATUS]) self.assertEqual(self.listener_id, l7policy[const.LISTENER_ID]) self.assertEqual(1, l7policy[const.POSITION]) if url: self.assertEqual(const.REDIRECT_TO_URL, l7policy[const.ACTION]) self.assertEqual(url, l7policy[const.REDIRECT_URL]) self.assertIsNone(l7policy.pop(const.REDIRECT_POOL_ID, None)) elif pool_id: self.assertEqual(const.REDIRECT_TO_POOL, l7policy[const.ACTION]) self.assertEqual(pool_id, l7policy[const.REDIRECT_POOL_ID]) self.assertIsNone(l7policy.pop(const.REDIRECT_URL, None)) else: self.assertEqual(const.REJECT, l7policy[const.ACTION]) self.assertIsNone(l7policy.pop(const.REDIRECT_URL, None)) self.assertIsNone(l7policy.pop(const.REDIRECT_POOL_ID, None))
def test_pool_list(self): """Tests pool list API and field filtering. * Create a clean loadbalancer. * Create three pools. * Validates that other accounts cannot list the pools. * List the pools using the default sort order. * List the pools using descending sort order. * List the pools using ascending sort order. * List the pools returning one field at a time. * List the pools returning two fields. * List the pools filtering to one of the three. * List the pools filtered, one field, and sorted. """ lb_name = data_utils.rand_name("lb_member_lb2_pool-list") lb = self.mem_lb_client.create_loadbalancer( name=lb_name, provider=CONF.load_balancer.provider, vip_network_id=self.lb_member_vip_net[const.ID]) lb_id = lb[const.ID] self.addCleanup(self.mem_lb_client.cleanup_loadbalancer, lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) pool1_name = data_utils.rand_name("lb_member_pool2-list") pool1_desc = 'B' pool1_sp_cookie_name = 'my_cookie1' pool1_kwargs = { const.NAME: pool1_name, const.DESCRIPTION: pool1_desc, const.ADMIN_STATE_UP: True, const.PROTOCOL: self.protocol, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: lb_id, } if self.lb_feature_enabled.session_persistence_enabled: pool1_kwargs[const.SESSION_PERSISTENCE] = { const.TYPE: const.SESSION_PERSISTENCE_APP_COOKIE, const.COOKIE_NAME: pool1_sp_cookie_name, } pool1 = self.mem_pool_client.create_pool(**pool1_kwargs) self.addCleanup(self.mem_pool_client.cleanup_pool, pool1[const.ID], lb_client=self.mem_lb_client, lb_id=lb_id) pool1 = waiters.wait_for_status(self.mem_pool_client.show_pool, pool1[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) pool2_name = data_utils.rand_name("lb_member_pool1-list") pool2_desc = 'A' pool2_sp_cookie_name = 'my_cookie2' pool2_kwargs = { const.NAME: pool2_name, const.DESCRIPTION: pool2_desc, const.ADMIN_STATE_UP: True, const.PROTOCOL: self.protocol, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: lb_id, } if self.lb_feature_enabled.session_persistence_enabled: pool2_kwargs[const.SESSION_PERSISTENCE] = { const.TYPE: const.SESSION_PERSISTENCE_APP_COOKIE, const.COOKIE_NAME: pool2_sp_cookie_name, } pool2 = self.mem_pool_client.create_pool(**pool2_kwargs) self.addCleanup(self.mem_pool_client.cleanup_pool, pool2[const.ID], lb_client=self.mem_lb_client, lb_id=lb_id) pool2 = waiters.wait_for_status(self.mem_pool_client.show_pool, pool2[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) pool3_name = data_utils.rand_name("lb_member_pool3-list") pool3_desc = 'C' pool3_kwargs = { const.NAME: pool3_name, const.DESCRIPTION: pool3_desc, const.ADMIN_STATE_UP: False, const.PROTOCOL: self.protocol, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, # No session persistence, just so there's one test for that const.LOADBALANCER_ID: lb_id, } pool3 = self.mem_pool_client.create_pool(**pool3_kwargs) self.addCleanup(self.mem_pool_client.cleanup_pool, pool3[const.ID], lb_client=self.mem_lb_client, lb_id=lb_id) pool3 = waiters.wait_for_status(self.mem_pool_client.show_pool, pool3[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Test that a different user cannot list pools if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.pool_client primary = member2_client.list_pools( query_params='loadbalancer_id={lb_id}'.format(lb_id=lb_id)) self.assertEqual(0, len(primary)) # Test that a user without the lb member role cannot list load # balancers if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.pool_client.list_pools) # Check the default sort order, created_at pools = self.mem_pool_client.list_pools( query_params='loadbalancer_id={lb_id}'.format(lb_id=lb_id)) self.assertEqual(pool1[const.DESCRIPTION], pools[0][const.DESCRIPTION]) self.assertEqual(pool2[const.DESCRIPTION], pools[1][const.DESCRIPTION]) self.assertEqual(pool3[const.DESCRIPTION], pools[2][const.DESCRIPTION]) # Test sort descending by description pools = self.mem_pool_client.list_pools( query_params='loadbalancer_id={lb_id}&{sort}={descr}:{desc}'. format(lb_id=lb_id, sort=const.SORT, descr=const.DESCRIPTION, desc=const.DESC)) self.assertEqual(pool1[const.DESCRIPTION], pools[1][const.DESCRIPTION]) self.assertEqual(pool2[const.DESCRIPTION], pools[2][const.DESCRIPTION]) self.assertEqual(pool3[const.DESCRIPTION], pools[0][const.DESCRIPTION]) # Test sort ascending by description pools = self.mem_pool_client.list_pools( query_params='loadbalancer_id={lb_id}&{sort}={descr}:{asc}'.format( lb_id=lb_id, sort=const.SORT, descr=const.DESCRIPTION, asc=const.ASC)) self.assertEqual(pool1[const.DESCRIPTION], pools[1][const.DESCRIPTION]) self.assertEqual(pool2[const.DESCRIPTION], pools[0][const.DESCRIPTION]) self.assertEqual(pool3[const.DESCRIPTION], pools[2][const.DESCRIPTION]) # Test fields for field in const.SHOW_POOL_RESPONSE_FIELDS: pools = self.mem_pool_client.list_pools( query_params='loadbalancer_id={lb_id}&{fields}={field}'.format( lb_id=lb_id, fields=const.FIELDS, field=field)) self.assertEqual(1, len(pools[0])) self.assertEqual(pool1[field], pools[0][field]) self.assertEqual(pool2[field], pools[1][field]) self.assertEqual(pool3[field], pools[2][field]) # Test multiple fields at the same time pools = self.mem_pool_client.list_pools( query_params='loadbalancer_id={lb_id}&{fields}={admin}&' '{fields}={created}'.format(lb_id=lb_id, fields=const.FIELDS, admin=const.ADMIN_STATE_UP, created=const.CREATED_AT)) self.assertEqual(2, len(pools[0])) self.assertTrue(pools[0][const.ADMIN_STATE_UP]) parser.parse(pools[0][const.CREATED_AT]) self.assertTrue(pools[1][const.ADMIN_STATE_UP]) parser.parse(pools[1][const.CREATED_AT]) self.assertFalse(pools[2][const.ADMIN_STATE_UP]) parser.parse(pools[2][const.CREATED_AT]) # Test filtering pools = self.mem_pool_client.list_pools( query_params='loadbalancer_id={lb_id}&{desc}={lb_desc}'.format( lb_id=lb_id, desc=const.DESCRIPTION, lb_desc=pool2[const.DESCRIPTION])) self.assertEqual(1, len(pools)) self.assertEqual(pool2[const.DESCRIPTION], pools[0][const.DESCRIPTION]) # Test combined params pools = self.mem_pool_client.list_pools( query_params='loadbalancer_id={lb_id}&{admin}={true}&' '{fields}={descr}&{fields}={id}&' '{sort}={descr}:{desc}'.format(lb_id=lb_id, admin=const.ADMIN_STATE_UP, true=const.ADMIN_STATE_UP_TRUE, fields=const.FIELDS, descr=const.DESCRIPTION, id=const.ID, sort=const.SORT, desc=const.DESC)) # Should get two pools self.assertEqual(2, len(pools)) # pools should have two fields self.assertEqual(2, len(pools[0])) # Should be in descending order self.assertEqual(pool2[const.DESCRIPTION], pools[1][const.DESCRIPTION]) self.assertEqual(pool1[const.DESCRIPTION], pools[0][const.DESCRIPTION])
def test_pool_show(self): """Tests pool show API. * Create a fully populated pool. * Show pool details. * Validate the show reflects the requested values. * Validates that other accounts cannot see the pool. """ pool_name = data_utils.rand_name("lb_member_pool1-show") pool_description = data_utils.arbitrary_string(size=255) pool_sp_cookie_name = 'my_cookie' pool_kwargs = { const.NAME: pool_name, const.DESCRIPTION: pool_description, const.ADMIN_STATE_UP: True, const.PROTOCOL: self.protocol, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: self.lb_id, } if self.lb_feature_enabled.session_persistence_enabled: pool_kwargs[const.SESSION_PERSISTENCE] = { const.TYPE: const.SESSION_PERSISTENCE_APP_COOKIE, const.COOKIE_NAME: pool_sp_cookie_name, } pool = self.mem_pool_client.create_pool(**pool_kwargs) self.addClassResourceCleanup(self.mem_pool_client.cleanup_pool, pool[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool = waiters.wait_for_status(self.mem_pool_client.show_pool, pool[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(pool_name, pool[const.NAME]) self.assertEqual(pool_description, pool[const.DESCRIPTION]) self.assertTrue(pool[const.ADMIN_STATE_UP]) parser.parse(pool[const.CREATED_AT]) parser.parse(pool[const.UPDATED_AT]) UUID(pool[const.ID]) # Operating status for pools will always be offline without members self.assertEqual(const.OFFLINE, pool[const.OPERATING_STATUS]) self.assertEqual(self.protocol, pool[const.PROTOCOL]) self.assertEqual(1, len(pool[const.LOADBALANCERS])) self.assertEqual(self.lb_id, pool[const.LOADBALANCERS][0][const.ID]) self.assertEmpty(pool[const.LISTENERS]) self.assertEqual(const.LB_ALGORITHM_ROUND_ROBIN, pool[const.LB_ALGORITHM]) if self.lb_feature_enabled.session_persistence_enabled: self.assertIsNotNone(pool.get(const.SESSION_PERSISTENCE)) self.assertEqual(const.SESSION_PERSISTENCE_APP_COOKIE, pool[const.SESSION_PERSISTENCE][const.TYPE]) self.assertEqual( pool_sp_cookie_name, pool[const.SESSION_PERSISTENCE][const.COOKIE_NAME]) # Test that a user with lb_admin role can see the pool if CONF.load_balancer.RBAC_test_type == const.ADVANCED: pool_client = self.os_roles_lb_admin.pool_client pool_adm = pool_client.show_pool(pool[const.ID]) self.assertEqual(pool_name, pool_adm[const.NAME]) # Test that a user with cloud admin role can see the pool if not CONF.load_balancer.RBAC_test_type == const.NONE: adm = self.os_admin.pool_client.show_pool(pool[const.ID]) self.assertEqual(pool_name, adm[const.NAME]) # Test that a different user, with load balancer member role, cannot # see this pool if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.pool_client self.assertRaises(exceptions.Forbidden, member2_client.show_pool, pool[const.ID]) # Test that a user, without the load balancer member role, cannot # show pools if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.pool_client.show_pool, pool[const.ID])
def test_load_balancer_show_status(self): """Tests load balancer show status tree API. * Create a load balancer. * Validates that other accounts cannot see the status for the * load balancer. * Show load balancer status tree. * Validate the show reflects the expected values. """ lb_name = data_utils.rand_name("lb_member_lb1-status") lb = self.mem_lb_client.create_loadbalancer( name=lb_name, provider=CONF.load_balancer.provider, vip_network_id=self.lb_member_vip_net[const.ID]) self.addClassResourceCleanup( self.mem_lb_client.cleanup_loadbalancer, lb[const.ID]) lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) if not CONF.load_balancer.test_with_noop: lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Test that a user, without the load balancer member role, cannot # use this method if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises( exceptions.Forbidden, self.os_primary.loadbalancer_client.get_loadbalancer_status, lb[const.ID]) # Test that a different user, with load balancer role, cannot see # the load balancer status if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.loadbalancer_client self.assertRaises(exceptions.Forbidden, member2_client.get_loadbalancer_status, lb[const.ID]) status = self.mem_lb_client.get_loadbalancer_status(lb[const.ID]) self.assertEqual(1, len(status)) lb_status = status[const.LOADBALANCER] self.assertEqual(5, len(lb_status)) self.assertEqual(lb[const.ID], lb_status[const.ID]) self.assertEqual([], lb_status[const.LISTENERS]) self.assertEqual(lb_name, lb_status[const.NAME]) # Operating status is a measured status, so no-op will not go online if CONF.load_balancer.test_with_noop: self.assertEqual(const.OFFLINE, lb_status[const.OPERATING_STATUS]) else: self.assertEqual(const.ONLINE, lb_status[const.OPERATING_STATUS]) self.assertEqual(const.ACTIVE, lb_status[const.PROVISIONING_STATUS]) # Attempt to clean up so that one full test run doesn't start 10+ # amps before the cleanup phase fires try: self.mem_lb_client.delete_loadbalancer(lb[const.ID]) waiters.wait_for_deleted_status_or_not_found( self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) except Exception: pass
def test_load_balancer_failover(self): """Tests load balancer failover API. * Create a load balancer. * Validates that other accounts cannot failover the load balancer * Wait for the load balancer to go ACTIVE. * Failover the load balancer. * Wait for the load balancer to go ACTIVE. """ lb_name = data_utils.rand_name("lb_member_lb1-failover") lb = self.mem_lb_client.create_loadbalancer( name=lb_name, provider=CONF.load_balancer.provider, vip_network_id=self.lb_member_vip_net[const.ID]) self.addClassResourceCleanup( self.mem_lb_client.cleanup_loadbalancer, lb[const.ID]) lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) # Test RBAC not authorized for non-admin role if not CONF.load_balancer.RBAC_test_type == const.NONE: self.assertRaises(exceptions.Forbidden, self.mem_lb_client.failover_loadbalancer, lb[const.ID]) # Assert we didn't go into PENDING_* lb = self.mem_lb_client.show_loadbalancer(lb[const.ID]) self.assertEqual(const.ACTIVE, lb[const.PROVISIONING_STATUS]) if CONF.load_balancer.provider in const.AMPHORA_PROVIDERS: before_amphorae = self.lb_admin_amphora_client.list_amphorae( query_params='{loadbalancer_id}={lb_id}'.format( loadbalancer_id=const.LOADBALANCER_ID, lb_id=lb[const.ID])) self.os_roles_lb_admin.loadbalancer_client.failover_loadbalancer( lb[const.ID]) lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) if CONF.load_balancer.provider in const.AMPHORA_PROVIDERS: after_amphorae = self.lb_admin_amphora_client.list_amphorae( query_params='{loadbalancer_id}={lb_id}'.format( loadbalancer_id=const.LOADBALANCER_ID, lb_id=lb[const.ID])) # Make sure all of the amphora on the load balancer have # failed over for amphora in before_amphorae: for new_amp in after_amphorae: self.assertNotEqual(amphora[const.ID], new_amp[const.ID]) # Attempt to clean up so that one full test run doesn't start 10+ # amps before the cleanup phase fires try: self.mem_lb_client.delete_loadbalancer(lb[const.ID]) waiters.wait_for_deleted_status_or_not_found( self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) except Exception: pass
def test_load_balancer_update(self): """Tests load balancer update and show APIs. * Create a fully populated load balancer. * Show load balancer details. * Validate the show reflects the initial values. * Validates that other accounts cannot update the load balancer. * Update the load balancer details. * Show load balancer details. * Validate the show reflects the updated values. """ lb_name = data_utils.rand_name("lb_member_lb1-update") lb_description = data_utils.arbitrary_string(size=255) lb_kwargs = {const.ADMIN_STATE_UP: False, const.DESCRIPTION: lb_description, const.PROVIDER: CONF.load_balancer.provider, # TODO(johnsom) Fix test to use a real flavor # flavor=lb_flavor, # TODO(johnsom) Add QoS # vip_qos_policy_id=lb_qos_policy_id) const.NAME: lb_name} self._setup_lb_network_kwargs(lb_kwargs, 4, use_fixed_ip=True) lb = self.mem_lb_client.create_loadbalancer(**lb_kwargs) self.addClassResourceCleanup( self.mem_lb_client.cleanup_loadbalancer, lb[const.ID]) lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) self.assertFalse(lb[const.ADMIN_STATE_UP]) parser.parse(lb[const.CREATED_AT]) parser.parse(lb[const.UPDATED_AT]) self.assertEqual(lb_description, lb[const.DESCRIPTION]) UUID(lb[const.ID]) self.assertEqual(lb_name, lb[const.NAME]) self.assertEqual(const.OFFLINE, lb[const.OPERATING_STATUS]) self.assertEqual(self.os_roles_lb_member.credentials.project_id, lb[const.PROJECT_ID]) self.assertEqual(CONF.load_balancer.provider, lb[const.PROVIDER]) self.assertEqual(self.lb_member_vip_net[const.ID], lb[const.VIP_NETWORK_ID]) self.assertIsNotNone(lb[const.VIP_PORT_ID]) if lb_kwargs[const.VIP_SUBNET_ID]: self.assertEqual(lb_kwargs[const.VIP_ADDRESS], lb[const.VIP_ADDRESS]) self.assertEqual(lb_kwargs[const.VIP_SUBNET_ID], lb[const.VIP_SUBNET_ID]) new_name = data_utils.rand_name("lb_member_lb1-update") new_description = data_utils.arbitrary_string(size=255, base_text='new') # Test that a user, without the load balancer member role, cannot # use this command if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises( exceptions.Forbidden, self.os_primary.loadbalancer_client.update_loadbalancer, lb[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* lb_check = self.mem_lb_client.show_loadbalancer(lb[const.ID]) self.assertEqual(const.ACTIVE, lb_check[const.PROVISIONING_STATUS]) self.assertFalse(lb_check[const.ADMIN_STATE_UP]) # Test that a user, without the load balancer member role, cannot # update this load balancer if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.loadbalancer_client self.assertRaises(exceptions.Forbidden, member2_client.update_loadbalancer, lb[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* lb_check = self.mem_lb_client.show_loadbalancer(lb[const.ID]) self.assertEqual(const.ACTIVE, lb_check[const.PROVISIONING_STATUS]) self.assertFalse(lb_check[const.ADMIN_STATE_UP]) lb = self.mem_lb_client.update_loadbalancer( lb[const.ID], admin_state_up=True, description=new_description, # TODO(johnsom) Add QoS # vip_qos_policy_id=lb_qos_policy_id) name=new_name) lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) self.assertTrue(lb[const.ADMIN_STATE_UP]) self.assertEqual(new_description, lb[const.DESCRIPTION]) self.assertEqual(new_name, lb[const.NAME]) # TODO(johnsom) Add QoS # Attempt to clean up so that one full test run doesn't start 10+ # amps before the cleanup phase fires try: self.mem_lb_client.delete_loadbalancer(lb[const.ID]) waiters.wait_for_deleted_status_or_not_found( self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) except Exception: pass
def _test_load_balancer_create(self, ip_version): """Tests load balancer create and basic show APIs. * Tests that users without the load balancer member role cannot create load balancers. * Create a fully populated load balancer. * Show load balancer details. * Validate the show reflects the requested values. """ lb_name = data_utils.rand_name("lb_member_lb1-create-" "ipv{}".format(ip_version)) lb_description = data_utils.arbitrary_string(size=255) lb_kwargs = {const.ADMIN_STATE_UP: True, const.DESCRIPTION: lb_description, const.PROVIDER: CONF.load_balancer.provider, # TODO(johnsom) Fix test to use a real flavor # flavor=lb_flavor, # TODO(johnsom) Add QoS # vip_qos_policy_id=lb_qos_policy_id) const.NAME: lb_name} self._setup_lb_network_kwargs(lb_kwargs, ip_version, use_fixed_ip=True) # Test that a user without the load balancer role cannot # create a load balancer if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises( exceptions.Forbidden, self.os_primary.loadbalancer_client.create_loadbalancer, **lb_kwargs) lb = self.mem_lb_client.create_loadbalancer(**lb_kwargs) self.addClassResourceCleanup( self.mem_lb_client.cleanup_loadbalancer, lb[const.ID]) lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) if not CONF.load_balancer.test_with_noop: lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) self.assertTrue(lb[const.ADMIN_STATE_UP]) parser.parse(lb[const.CREATED_AT]) parser.parse(lb[const.UPDATED_AT]) self.assertEqual(lb_description, lb[const.DESCRIPTION]) UUID(lb[const.ID]) self.assertEqual(lb_name, lb[const.NAME]) # Operating status is a measured status, so no-op will not go online if CONF.load_balancer.test_with_noop: self.assertEqual(const.OFFLINE, lb[const.OPERATING_STATUS]) else: self.assertEqual(const.ONLINE, lb[const.OPERATING_STATUS]) if ip_version == 4: self.assertEqual(self.lb_member_vip_net[const.ID], lb[const.VIP_NETWORK_ID]) else: self.assertEqual(self.lb_member_vip_ipv6_net[const.ID], lb[const.VIP_NETWORK_ID]) self.assertEqual(self.os_roles_lb_member.credentials.project_id, lb[const.PROJECT_ID]) self.assertEqual(CONF.load_balancer.provider, lb[const.PROVIDER]) self.assertIsNotNone(lb[const.VIP_PORT_ID]) if lb_kwargs[const.VIP_SUBNET_ID]: if ip_version == 4 or self.lb_member_vip_ipv6_subnet_stateful: self.assertEqual(lb_kwargs[const.VIP_ADDRESS], lb[const.VIP_ADDRESS]) self.assertEqual(lb_kwargs[const.VIP_SUBNET_ID], lb[const.VIP_SUBNET_ID]) # Attempt to clean up so that one full test run doesn't start 10+ # amps before the cleanup phase fires try: self.mem_lb_client.delete_loadbalancer(lb[const.ID]) waiters.wait_for_deleted_status_or_not_found( self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) except Exception: pass
def test_load_balancer_list(self): """Tests load balancer list API and field filtering. * Create three load balancers. * Validates that other accounts cannot list the load balancers. * List the load balancers using the default sort order. * List the load balancers using descending sort order. * List the load balancers using ascending sort order. * List the load balancers returning one field at a time. * List the load balancers returning two fields. * List the load balancers filtering to one of the three. * List the load balancers filtered, one field, and sorted. """ # Get a list of pre-existing LBs to filter from test data pretest_lbs = self.mem_lb_client.list_loadbalancers() # Store their IDs for easy access pretest_lb_ids = [lb['id'] for lb in pretest_lbs] lb_name = data_utils.rand_name("lb_member_lb2-list") lb_description = data_utils.rand_name('B') lb = self.mem_lb_client.create_loadbalancer( admin_state_up=True, description=lb_description, # TODO(johnsom) Fix test to use a real flavor # flavor=lb_flavor, provider=CONF.load_balancer.provider, name=lb_name, # TODO(johnsom) Add QoS # vip_qos_policy_id=lb_qos_policy_id) vip_network_id=self.lb_member_vip_net[const.ID]) self.addCleanup( self.mem_lb_client.cleanup_loadbalancer, lb[const.ID]) lb1 = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) if not CONF.load_balancer.test_with_noop: lb1 = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) lb_name = data_utils.rand_name("lb_member_lb1-list") lb_description = data_utils.rand_name('A') lb = self.mem_lb_client.create_loadbalancer( admin_state_up=True, description=lb_description, provider=CONF.load_balancer.provider, name=lb_name, vip_network_id=self.lb_member_vip_net[const.ID]) self.addCleanup( self.mem_lb_client.cleanup_loadbalancer, lb[const.ID]) lb2 = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) if not CONF.load_balancer.test_with_noop: lb2 = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) lb_name = data_utils.rand_name("lb_member_lb3-list") lb_description = data_utils.rand_name('C') lb = self.mem_lb_client.create_loadbalancer( admin_state_up=False, description=lb_description, provider=CONF.load_balancer.provider, name=lb_name, vip_network_id=self.lb_member_vip_net[const.ID]) self.addCleanup( self.mem_lb_client.cleanup_loadbalancer, lb[const.ID]) lb3 = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) # Test that a different user cannot list load balancers if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.loadbalancer_client primary = member2_client.list_loadbalancers() self.assertEqual(0, len(primary)) # Test that a user without the lb member role cannot list load # balancers if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises( exceptions.Forbidden, self.os_primary.loadbalancer_client.list_loadbalancers) # Check the default sort order, created_at lbs = self.mem_lb_client.list_loadbalancers() lbs = self._filter_lbs_by_id(lbs, pretest_lb_ids) self.assertEqual(lb1[const.DESCRIPTION], lbs[0][const.DESCRIPTION]) self.assertEqual(lb2[const.DESCRIPTION], lbs[1][const.DESCRIPTION]) self.assertEqual(lb3[const.DESCRIPTION], lbs[2][const.DESCRIPTION]) # Test sort descending by description lbs = self.mem_lb_client.list_loadbalancers( query_params='{sort}={descr}:{desc}'.format( sort=const.SORT, descr=const.DESCRIPTION, desc=const.DESC)) lbs = self._filter_lbs_by_id(lbs, pretest_lb_ids) self.assertEqual(lb1[const.DESCRIPTION], lbs[1][const.DESCRIPTION]) self.assertEqual(lb2[const.DESCRIPTION], lbs[2][const.DESCRIPTION]) self.assertEqual(lb3[const.DESCRIPTION], lbs[0][const.DESCRIPTION]) # Test sort ascending by description lbs = self.mem_lb_client.list_loadbalancers( query_params='{sort}={descr}:{asc}'.format(sort=const.SORT, descr=const.DESCRIPTION, asc=const.ASC)) lbs = self._filter_lbs_by_id(lbs, pretest_lb_ids) self.assertEqual(lb1[const.DESCRIPTION], lbs[1][const.DESCRIPTION]) self.assertEqual(lb2[const.DESCRIPTION], lbs[0][const.DESCRIPTION]) self.assertEqual(lb3[const.DESCRIPTION], lbs[2][const.DESCRIPTION]) # Determine indexes of pretest LBs in default sort pretest_lb_indexes = [] lbs = self.mem_lb_client.list_loadbalancers() for i, lb in enumerate(lbs): if lb['id'] in pretest_lb_ids: pretest_lb_indexes.append(i) # Test fields for field in const.SHOW_LOAD_BALANCER_RESPONSE_FIELDS: lbs = self.mem_lb_client.list_loadbalancers( query_params='{fields}={field}'.format(fields=const.FIELDS, field=field)) lbs = self._filter_lbs_by_index(lbs, pretest_lb_indexes) self.assertEqual(1, len(lbs[0])) self.assertEqual(lb1[field], lbs[0][field]) self.assertEqual(lb2[field], lbs[1][field]) self.assertEqual(lb3[field], lbs[2][field]) # Test multiple fields at the same time lbs = self.mem_lb_client.list_loadbalancers( query_params='{fields}={admin}&{fields}={created}'.format( fields=const.FIELDS, admin=const.ADMIN_STATE_UP, created=const.CREATED_AT)) lbs = self._filter_lbs_by_index(lbs, pretest_lb_indexes) self.assertEqual(2, len(lbs[0])) self.assertTrue(lbs[0][const.ADMIN_STATE_UP]) parser.parse(lbs[0][const.CREATED_AT]) self.assertTrue(lbs[1][const.ADMIN_STATE_UP]) parser.parse(lbs[1][const.CREATED_AT]) self.assertFalse(lbs[2][const.ADMIN_STATE_UP]) parser.parse(lbs[2][const.CREATED_AT]) # Test filtering lbs = self.mem_lb_client.list_loadbalancers( query_params='{desc}={lb_desc}'.format( desc=const.DESCRIPTION, lb_desc=lb2[const.DESCRIPTION])) self.assertEqual(1, len(lbs)) self.assertEqual(lb2[const.DESCRIPTION], lbs[0][const.DESCRIPTION]) # Test combined params lbs = self.mem_lb_client.list_loadbalancers( query_params='{admin}={true}&{fields}={descr}&{fields}={id}&' '{sort}={descr}:{desc}'.format( admin=const.ADMIN_STATE_UP, true=const.ADMIN_STATE_UP_TRUE, fields=const.FIELDS, descr=const.DESCRIPTION, id=const.ID, sort=const.SORT, desc=const.DESC)) lbs = self._filter_lbs_by_id(lbs, pretest_lb_ids) # Should get two load balancers self.assertEqual(2, len(lbs)) # Load balancers should have two fields self.assertEqual(2, len(lbs[0])) # Should be in descending order self.assertEqual(lb2[const.DESCRIPTION], lbs[1][const.DESCRIPTION]) self.assertEqual(lb1[const.DESCRIPTION], lbs[0][const.DESCRIPTION])
def test_healthmonitor_traffic(self): """Tests traffic is correctly routed based on healthmonitor status * Create three members: * One should be working, and ONLINE with a healthmonitor (passing) * One should be working, and ERROR with a healthmonitor (failing) * One should be disabled, and OFFLINE with a healthmonitor * Verify members are in their correct respective operating statuses. * Verify that traffic is balanced evenly between the working members. * Create a fully populated healthmonitor. * Verify members are in their correct respective operating statuses. * Verify that traffic is balanced *unevenly*. * Delete the healthmonitor. * Verify members are in their correct respective operating statuses. * Verify that traffic is balanced evenly between the working members. """ member1_name = data_utils.rand_name("lb_member_member1-hm-traffic") member1_kwargs = { const.POOL_ID: self.pool_id, const.NAME: member1_name, const.ADMIN_STATE_UP: True, const.ADDRESS: self.webserver1_ip, const.PROTOCOL_PORT: 80, } if self.lb_member_1_subnet: member1_kwargs[const.SUBNET_ID] = self.lb_member_1_subnet[const.ID] member1 = self.mem_member_client.create_member(**member1_kwargs) member1_id = member1[const.ID] self.addCleanup(self.mem_member_client.cleanup_member, member1_id, pool_id=self.pool_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Set up Member 2 for Webserver 2 member2_name = data_utils.rand_name("lb_member_member2-hm-traffic") member2_kwargs = { const.POOL_ID: self.pool_id, const.NAME: member2_name, const.ADMIN_STATE_UP: True, const.ADDRESS: self.webserver2_ip, const.PROTOCOL_PORT: 80, const.MONITOR_PORT: 9999, # We want this to go offline with a HM } if self.lb_member_2_subnet: member2_kwargs[const.SUBNET_ID] = self.lb_member_2_subnet[const.ID] member2 = self.mem_member_client.create_member(**member2_kwargs) member2_id = member2[const.ID] self.addCleanup(self.mem_member_client.cleanup_member, member2_id, pool_id=self.pool_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Set up Member 3 as a non-existent disabled node member3_name = data_utils.rand_name("lb_member_member3-hm-traffic") member3_kwargs = { const.POOL_ID: self.pool_id, const.NAME: member3_name, const.ADMIN_STATE_UP: False, const.ADDRESS: '192.0.2.1', const.PROTOCOL_PORT: 80, } member3 = self.mem_member_client.create_member(**member3_kwargs) member3_id = member3[const.ID] self.addCleanup(self.mem_member_client.cleanup_member, member3_id, pool_id=self.pool_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Wait for members to adjust to the correct OPERATING_STATUS waiters.wait_for_status(self.mem_member_client.show_member, member1_id, const.OPERATING_STATUS, const.NO_MONITOR, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) waiters.wait_for_status(self.mem_member_client.show_member, member2_id, const.OPERATING_STATUS, const.NO_MONITOR, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) waiters.wait_for_status(self.mem_member_client.show_member, member3_id, const.OPERATING_STATUS, const.OFFLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) # Send some traffic and verify it is balanced self.check_members_balanced(self.lb_vip_address, traffic_member_count=2) # Create the healthmonitor hm_name = data_utils.rand_name("lb_member_hm1-hm-traffic") hm_kwargs = { const.POOL_ID: self.pool_id, const.NAME: hm_name, const.TYPE: const.HEALTH_MONITOR_HTTP, const.DELAY: 2, const.TIMEOUT: 2, const.MAX_RETRIES: 2, const.MAX_RETRIES_DOWN: 2, const.HTTP_METHOD: const.GET, const.URL_PATH: '/', const.EXPECTED_CODES: '200', const.ADMIN_STATE_UP: True, } hm = self.mem_healthmonitor_client.create_healthmonitor(**hm_kwargs) self.addCleanup(self.mem_healthmonitor_client.cleanup_healthmonitor, hm[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Wait for members to adjust to the correct OPERATING_STATUS waiters.wait_for_status(self.mem_member_client.show_member, member1_id, const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) waiters.wait_for_status(self.mem_member_client.show_member, member2_id, const.OPERATING_STATUS, const.ERROR, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) waiters.wait_for_status(self.mem_member_client.show_member, member3_id, const.OPERATING_STATUS, const.OFFLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) # Send some traffic and verify it is *unbalanced*, as expected self.check_members_balanced(self.lb_vip_address, traffic_member_count=1) # Delete the healthmonitor self.mem_healthmonitor_client.delete_healthmonitor(hm[const.ID]) waiters.wait_for_deleted_status_or_not_found( self.mem_healthmonitor_client.show_healthmonitor, hm[const.ID], const.PROVISIONING_STATUS, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Wait for members to adjust to the correct OPERATING_STATUS waiters.wait_for_status(self.mem_member_client.show_member, member1_id, const.OPERATING_STATUS, const.NO_MONITOR, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) waiters.wait_for_status(self.mem_member_client.show_member, member2_id, const.OPERATING_STATUS, const.NO_MONITOR, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) waiters.wait_for_status(self.mem_member_client.show_member, member3_id, const.OPERATING_STATUS, const.OFFLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) # Send some traffic and verify it is balanced again self.check_members_balanced(self.lb_vip_address)
def test_pool_update(self): """Tests pool update and show APIs. * Create a fully populated pool. * Show pool details. * Validate the show reflects the initial values. * Validates that other accounts cannot update the pool. * Update the pool details. * Show pool details. * Validate the show reflects the updated values. """ pool_name = data_utils.rand_name("lb_member_pool1-update") pool_description = data_utils.arbitrary_string(size=255) pool_sp_cookie_name = 'my_cookie' pool_kwargs = { const.NAME: pool_name, const.DESCRIPTION: pool_description, const.ADMIN_STATE_UP: False, const.PROTOCOL: self.protocol, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: self.lb_id, } if self.lb_feature_enabled.session_persistence_enabled: pool_kwargs[const.SESSION_PERSISTENCE] = { const.TYPE: const.SESSION_PERSISTENCE_APP_COOKIE, const.COOKIE_NAME: pool_sp_cookie_name, } pool = self.mem_pool_client.create_pool(**pool_kwargs) self.addClassResourceCleanup(self.mem_pool_client.cleanup_pool, pool[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool = waiters.wait_for_status(self.mem_pool_client.show_pool, pool[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(pool_name, pool[const.NAME]) self.assertEqual(pool_description, pool[const.DESCRIPTION]) self.assertFalse(pool[const.ADMIN_STATE_UP]) parser.parse(pool[const.CREATED_AT]) parser.parse(pool[const.UPDATED_AT]) UUID(pool[const.ID]) # Operating status for pools will always be offline without members self.assertEqual(const.OFFLINE, pool[const.OPERATING_STATUS]) self.assertEqual(self.protocol, pool[const.PROTOCOL]) self.assertEqual(1, len(pool[const.LOADBALANCERS])) self.assertEqual(self.lb_id, pool[const.LOADBALANCERS][0][const.ID]) self.assertEmpty(pool[const.LISTENERS]) self.assertEqual(const.LB_ALGORITHM_ROUND_ROBIN, pool[const.LB_ALGORITHM]) if self.lb_feature_enabled.session_persistence_enabled: self.assertIsNotNone(pool.get(const.SESSION_PERSISTENCE)) self.assertEqual(const.SESSION_PERSISTENCE_APP_COOKIE, pool[const.SESSION_PERSISTENCE][const.TYPE]) self.assertEqual( pool_sp_cookie_name, pool[const.SESSION_PERSISTENCE][const.COOKIE_NAME]) # Test that a user, without the load balancer member role, cannot # use this command if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.pool_client.update_pool, pool[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* pool_check = self.mem_pool_client.show_pool(pool[const.ID]) self.assertEqual(const.ACTIVE, pool_check[const.PROVISIONING_STATUS]) self.assertFalse(pool_check[const.ADMIN_STATE_UP]) # Test that a user, without the load balancer member role, cannot # update this pool if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.pool_client self.assertRaises(exceptions.Forbidden, member2_client.update_pool, pool[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* pool_check = self.mem_pool_client.show_pool(pool[const.ID]) self.assertEqual(const.ACTIVE, pool_check[const.PROVISIONING_STATUS]) self.assertFalse(pool_check[const.ADMIN_STATE_UP]) new_name = data_utils.rand_name("lb_member_pool1-UPDATED") new_description = data_utils.arbitrary_string(size=255, base_text='new') pool_update_kwargs = { const.NAME: new_name, const.DESCRIPTION: new_description, const.ADMIN_STATE_UP: True, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, } if self.lb_feature_enabled.session_persistence_enabled: pool_update_kwargs[const.SESSION_PERSISTENCE] = { const.TYPE: const.SESSION_PERSISTENCE_HTTP_COOKIE, } pool = self.mem_pool_client.update_pool(pool[const.ID], **pool_update_kwargs) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool = waiters.wait_for_status(self.mem_pool_client.show_pool, pool[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(new_name, pool[const.NAME]) self.assertEqual(new_description, pool[const.DESCRIPTION]) self.assertTrue(pool[const.ADMIN_STATE_UP]) self.assertEqual(const.LB_ALGORITHM_ROUND_ROBIN, pool[const.LB_ALGORITHM]) if self.lb_feature_enabled.session_persistence_enabled: self.assertIsNotNone(pool.get(const.SESSION_PERSISTENCE)) self.assertEqual(const.SESSION_PERSISTENCE_HTTP_COOKIE, pool[const.SESSION_PERSISTENCE][const.TYPE]) self.assertIsNone(pool[const.SESSION_PERSISTENCE].get( const.COOKIE_NAME)) # Also test removing a Session Persistence if self.lb_feature_enabled.session_persistence_enabled: pool_update_kwargs = { const.SESSION_PERSISTENCE: None, } pool = self.mem_pool_client.update_pool(pool[const.ID], **pool_update_kwargs) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool = waiters.wait_for_status(self.mem_pool_client.show_pool, pool[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if self.lb_feature_enabled.session_persistence_enabled: self.assertIsNone(pool.get(const.SESSION_PERSISTENCE))
def resource_setup(cls): """Setup resources needed by the tests.""" super(TrafficOperationsScenarioTest, cls).resource_setup() lb_name = data_utils.rand_name("lb_member_lb1_operations") lb_kwargs = { const.PROVIDER: CONF.load_balancer.provider, const.NAME: lb_name } # TODO(rm_work): Make this work with ipv6 and split this test for both ip_version = 4 cls._setup_lb_network_kwargs(lb_kwargs, ip_version) lb = cls.mem_lb_client.create_loadbalancer(**lb_kwargs) cls.lb_id = lb[const.ID] cls.addClassResourceCleanup(cls.mem_lb_client.cleanup_loadbalancer, cls.lb_id) if CONF.validation.connect_method == 'floating': port_id = lb[const.VIP_PORT_ID] result = cls.lb_mem_float_ip_client.create_floatingip( floating_network_id=CONF.network.public_network_id, port_id=port_id) floating_ip = result['floatingip'] LOG.info('lb1_floating_ip: {}'.format(floating_ip)) cls.addClassResourceCleanup( waiters.wait_for_not_found, cls.lb_mem_float_ip_client.delete_floatingip, cls.lb_mem_float_ip_client.show_floatingip, floatingip_id=floating_ip['id']) cls.lb_vip_address = floating_ip['floating_ip_address'] else: cls.lb_vip_address = lb[const.VIP_ADDRESS] waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) listener_name = data_utils.rand_name("lb_member_listener1_operations") listener_kwargs = { const.NAME: listener_name, const.PROTOCOL: const.HTTP, const.PROTOCOL_PORT: '80', const.LOADBALANCER_ID: cls.lb_id, } listener = cls.mem_listener_client.create_listener(**listener_kwargs) cls.listener_id = listener[const.ID] cls.addClassResourceCleanup(cls.mem_listener_client.cleanup_listener, cls.listener_id, lb_client=cls.mem_lb_client, lb_id=cls.lb_id) waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool_name = data_utils.rand_name("lb_member_pool1_operations") pool_kwargs = { const.NAME: pool_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LISTENER_ID: cls.listener_id, } pool = cls.mem_pool_client.create_pool(**pool_kwargs) cls.pool_id = pool[const.ID] cls.addClassResourceCleanup(cls.mem_pool_client.cleanup_pool, cls.pool_id, lb_client=cls.mem_lb_client, lb_id=cls.lb_id) waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout)
def _test_pool_create(self, has_listener): """Tests pool create and basic show APIs. * Tests that users without the loadbalancer member role cannot create pools. * Create a fully populated pool. * Show pool details. * Validate the show reflects the requested values. """ pool_name = data_utils.rand_name("lb_member_pool1-create") pool_description = data_utils.arbitrary_string(size=255) pool_sp_cookie_name = 'my_cookie' pool_kwargs = { const.NAME: pool_name, const.DESCRIPTION: pool_description, const.ADMIN_STATE_UP: True, const.PROTOCOL: self.protocol, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, } if self.lb_feature_enabled.session_persistence_enabled: pool_kwargs[const.SESSION_PERSISTENCE] = { const.TYPE: const.SESSION_PERSISTENCE_APP_COOKIE, const.COOKIE_NAME: pool_sp_cookie_name, } if has_listener: pool_kwargs[const.LISTENER_ID] = self.listener_id else: pool_kwargs[const.LOADBALANCER_ID] = self.lb_id # Test that a user without the load balancer role cannot # create a pool if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.pool_client.create_pool, **pool_kwargs) pool = self.mem_pool_client.create_pool(**pool_kwargs) self.addClassResourceCleanup(self.mem_pool_client.cleanup_pool, pool[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool = waiters.wait_for_status(self.mem_pool_client.show_pool, pool[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if has_listener and not CONF.load_balancer.test_with_noop: pool = waiters.wait_for_status(self.mem_pool_client.show_pool, pool[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(pool_name, pool[const.NAME]) self.assertEqual(pool_description, pool[const.DESCRIPTION]) self.assertTrue(pool[const.ADMIN_STATE_UP]) parser.parse(pool[const.CREATED_AT]) parser.parse(pool[const.UPDATED_AT]) UUID(pool[const.ID]) # Operating status for a pool without members will be: if has_listener and not CONF.load_balancer.test_with_noop: # ONLINE if it is attached to a listener and is a live test self.assertEqual(const.ONLINE, pool[const.OPERATING_STATUS]) else: # OFFLINE if it is just on the LB directly or is in noop mode self.assertEqual(const.OFFLINE, pool[const.OPERATING_STATUS]) self.assertEqual(self.protocol, pool[const.PROTOCOL]) self.assertEqual(1, len(pool[const.LOADBALANCERS])) self.assertEqual(self.lb_id, pool[const.LOADBALANCERS][0][const.ID]) if has_listener: self.assertEqual(1, len(pool[const.LISTENERS])) self.assertEqual(self.listener_id, pool[const.LISTENERS][0][const.ID]) else: self.assertEmpty(pool[const.LISTENERS]) self.assertEqual(const.LB_ALGORITHM_ROUND_ROBIN, pool[const.LB_ALGORITHM]) if self.lb_feature_enabled.session_persistence_enabled: self.assertIsNotNone(pool.get(const.SESSION_PERSISTENCE)) self.assertEqual(const.SESSION_PERSISTENCE_APP_COOKIE, pool[const.SESSION_PERSISTENCE][const.TYPE]) self.assertEqual( pool_sp_cookie_name, pool[const.SESSION_PERSISTENCE][const.COOKIE_NAME])
def _test_load_balancer_CRUD(self, ip_version): """Tests load balancer create, read, update, delete * Create a fully populated load balancer. * Show load balancer details. * Update the load balancer. * Delete the load balancer. """ lb_name = data_utils.rand_name("lb_member_lb1-CRUD") lb_description = data_utils.arbitrary_string(size=255) lb_kwargs = { const.ADMIN_STATE_UP: False, const.DESCRIPTION: lb_description, const.PROVIDER: CONF.load_balancer.provider, const.NAME: lb_name } if self.lb_admin_flavor_profile_client.is_version_supported( self.api_version, '2.6') and self.flavor_id: lb_kwargs[const.FLAVOR_ID] = self.flavor_id self._setup_lb_network_kwargs(lb_kwargs, ip_version) lb = self.mem_lb_client.create_loadbalancer(**lb_kwargs) self.addCleanup(self.mem_lb_client.cleanup_loadbalancer, lb[const.ID]) lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) self.assertFalse(lb[const.ADMIN_STATE_UP]) parser.parse(lb[const.CREATED_AT]) parser.parse(lb[const.UPDATED_AT]) self.assertEqual(lb_description, lb[const.DESCRIPTION]) UUID(lb[const.ID]) self.assertEqual(lb_name, lb[const.NAME]) self.assertEqual(const.OFFLINE, lb[const.OPERATING_STATUS]) self.assertEqual(self.os_roles_lb_member.credentials.project_id, lb[const.PROJECT_ID]) self.assertEqual(CONF.load_balancer.provider, lb[const.PROVIDER]) if ip_version == 4: self.assertEqual(self.lb_member_vip_net[const.ID], lb[const.VIP_NETWORK_ID]) else: self.assertEqual(self.lb_member_vip_ipv6_net[const.ID], lb[const.VIP_NETWORK_ID]) self.assertIsNotNone(lb[const.VIP_PORT_ID]) if lb_kwargs[const.VIP_SUBNET_ID]: self.assertEqual(lb_kwargs[const.VIP_SUBNET_ID], lb[const.VIP_SUBNET_ID]) # Load balancer update new_name = data_utils.rand_name("lb_member_lb1-update") new_description = data_utils.arbitrary_string(size=255, base_text='new') lb = self.mem_lb_client.update_loadbalancer( lb[const.ID], admin_state_up=True, description=new_description, name=new_name) lb = waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) self.assertTrue(lb[const.ADMIN_STATE_UP]) self.assertEqual(new_description, lb[const.DESCRIPTION]) self.assertEqual(new_name, lb[const.NAME]) # Load balancer delete self.mem_lb_client.delete_loadbalancer(lb[const.ID], cascade=True) waiters.wait_for_deleted_status_or_not_found( self.mem_lb_client.show_loadbalancer, lb[const.ID], const.PROVISIONING_STATUS, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout)
def test_listener_create_on_same_port(self): """Tests listener creation on same port number. * Create a first listener. * Create a new listener on an existing port, but with a different protocol. * Create a second listener with the same parameters and ensure that an error is triggered. * Create a third listener with another protocol over TCP, and ensure that it fails. """ # Using listeners on the same port for TCP and UDP was not supported # before Train. Use 2.11 API version as reference to detect previous # releases and skip the test. if not self.mem_listener_client.is_version_supported( self.api_version, '2.11'): raise self.skipException('TCP and UDP listeners on same port fix ' 'is only available on Octavia API ' 'version 2.11 or newer.') listener_name = data_utils.rand_name("lb_member_listener1-create") listener_kwargs = { const.NAME: listener_name, const.ADMIN_STATE_UP: True, const.PROTOCOL: self.protocol, const.PROTOCOL_PORT: 8080, const.LOADBALANCER_ID: self.lb_id, const.CONNECTION_LIMIT: 200 } try: listener = self.mem_listener_client.create_listener( **listener_kwargs) except exceptions.BadRequest as e: faultstring = e.resp_body.get('faultstring', '') if ("Invalid input for field/attribute protocol." in faultstring and "Value should be one of:" in faultstring): raise self.skipException("Skipping unsupported protocol") raise e self.addClassResourceCleanup(self.mem_listener_client.cleanup_listener, listener[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if self.protocol == const.UDP: protocol = const.TCP else: protocol = const.UDP # Create a listener on the same port, but with a different protocol listener2_name = data_utils.rand_name("lb_member_listener2-create") listener2_kwargs = { const.NAME: listener2_name, const.ADMIN_STATE_UP: True, const.PROTOCOL: protocol, const.PROTOCOL_PORT: 8080, const.LOADBALANCER_ID: self.lb_id, const.CONNECTION_LIMIT: 200, } try: listener2 = self.mem_listener_client.create_listener( **listener2_kwargs) except exceptions.BadRequest as e: faultstring = e.resp_body.get('faultstring', '') if ("Invalid input for field/attribute protocol." in faultstring and "Value should be one of:" in faultstring): raise self.skipException("Skipping unsupported protocol") raise e self.addClassResourceCleanup(self.mem_listener_client.cleanup_listener, listener2[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Create a listener on the same port, with an already used protocol listener3_name = data_utils.rand_name("lb_member_listener3-create") listener3_kwargs = { const.NAME: listener3_name, const.ADMIN_STATE_UP: True, const.PROTOCOL: protocol, const.PROTOCOL_PORT: 8080, const.LOADBALANCER_ID: self.lb_id, const.CONNECTION_LIMIT: 200, } self.assertRaises(exceptions.Conflict, self.mem_listener_client.create_listener, **listener3_kwargs) # Create a listener on the same port, with another protocol over TCP, # only if layer-7 protocols are enabled lb_feature_enabled = CONF.loadbalancer_feature_enabled if lb_feature_enabled.l7_protocol_enabled: if self.protocol == const.HTTP: protocol = const.HTTPS else: protocol = const.HTTP listener4_name = data_utils.rand_name("lb_member_listener4-create") listener4_kwargs = { const.NAME: listener4_name, const.ADMIN_STATE_UP: True, const.PROTOCOL: protocol, const.PROTOCOL_PORT: 8080, const.LOADBALANCER_ID: self.lb_id, const.CONNECTION_LIMIT: 200, } self.assertRaises(exceptions.Conflict, self.mem_listener_client.create_listener, **listener4_kwargs)
def test_l7policy_list(self): """Tests l7policy list API and field filtering. * Create a clean listener. * Create three l7policies. * Validates that other accounts cannot list the l7policies. * List the l7policies using the default sort order. * List the l7policies using descending sort order. * List the l7policies using ascending sort order. * List the l7policies returning one field at a time. * List the l7policies returning two fields. * List the l7policies filtering to one of the three. * List the l7policies filtered, one field, and sorted. """ listener_name = data_utils.rand_name( "lb_member_listener2_l7policy-list") listener_kwargs = { const.NAME: listener_name, const.PROTOCOL: const.HTTP, const.PROTOCOL_PORT: '81', const.LOADBALANCER_ID: self.lb_id, } listener = self.mem_listener_client.create_listener(**listener_kwargs) listener_id = listener[const.ID] self.addCleanup(self.mem_listener_client.cleanup_listener, listener_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) l7policy1_name = data_utils.rand_name("lb_member_l7policy2-list") l7policy1_desc = 'B' l7policy1_kwargs = { const.LISTENER_ID: listener_id, const.NAME: l7policy1_name, const.DESCRIPTION: l7policy1_desc, const.ADMIN_STATE_UP: True, const.POSITION: 1, const.ACTION: const.REJECT } l7policy1 = self.mem_l7policy_client.create_l7policy( **l7policy1_kwargs) self.addCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy1[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) l7policy1 = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy1[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) l7policy2_name = data_utils.rand_name("lb_member_l7policy1-list") l7policy2_desc = 'A' l7policy2_kwargs = { const.LISTENER_ID: listener_id, const.NAME: l7policy2_name, const.DESCRIPTION: l7policy2_desc, const.ADMIN_STATE_UP: True, const.POSITION: 1, const.ACTION: const.REDIRECT_TO_POOL, const.REDIRECT_POOL_ID: self.pool_id } l7policy2 = self.mem_l7policy_client.create_l7policy( **l7policy2_kwargs) self.addCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy2[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) l7policy2 = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy2[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) l7policy3_name = data_utils.rand_name("lb_member_l7policy3-list") l7policy3_desc = 'C' l7_redirect_url = 'http://localhost' l7policy3_kwargs = { const.LISTENER_ID: listener_id, const.NAME: l7policy3_name, const.DESCRIPTION: l7policy3_desc, const.ADMIN_STATE_UP: False, const.POSITION: 1, const.ACTION: const.REDIRECT_TO_URL, const.REDIRECT_URL: l7_redirect_url } l7policy3 = self.mem_l7policy_client.create_l7policy( **l7policy3_kwargs) self.addCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy3[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) l7policy3 = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy3[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Test that a different user cannot list l7policies if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.l7policy_client primary = member2_client.list_l7policies( query_params='listener_id={listener_id}'.format( listener_id=listener_id)) self.assertEqual(0, len(primary)) # Test that a user without the lb member role cannot list load # balancers if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.l7policy_client.list_l7policies) # Check the default sort order, created_at l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}'.format( listener_id=listener_id)) self.assertEqual(l7policy1[const.DESCRIPTION], l7policies[0][const.DESCRIPTION]) self.assertEqual(l7policy2[const.DESCRIPTION], l7policies[1][const.DESCRIPTION]) self.assertEqual(l7policy3[const.DESCRIPTION], l7policies[2][const.DESCRIPTION]) # Test sort descending by description l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&{sort}={descr}:{desc}'. format(listener_id=listener_id, sort=const.SORT, descr=const.DESCRIPTION, desc=const.DESC)) self.assertEqual(l7policy1[const.DESCRIPTION], l7policies[1][const.DESCRIPTION]) self.assertEqual(l7policy2[const.DESCRIPTION], l7policies[2][const.DESCRIPTION]) self.assertEqual(l7policy3[const.DESCRIPTION], l7policies[0][const.DESCRIPTION]) # Test sort ascending by description l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&{sort}={descr}:{asc}'. format(listener_id=listener_id, sort=const.SORT, descr=const.DESCRIPTION, asc=const.ASC)) self.assertEqual(l7policy1[const.DESCRIPTION], l7policies[1][const.DESCRIPTION]) self.assertEqual(l7policy2[const.DESCRIPTION], l7policies[0][const.DESCRIPTION]) self.assertEqual(l7policy3[const.DESCRIPTION], l7policies[2][const.DESCRIPTION]) # Use this opportunity to verify the position insertion is working l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&{sort}={position}:{asc}'. format(listener_id=listener_id, sort=const.SORT, position=const.POSITION, asc=const.ASC)) self.assertEqual(1, l7policies[0][const.POSITION]) self.assertEqual(2, l7policies[1][const.POSITION]) self.assertEqual(3, l7policies[2][const.POSITION]) self.assertEqual(l7policy1[const.NAME], l7policies[2][const.NAME]) self.assertEqual(l7policy2[const.NAME], l7policies[1][const.NAME]) self.assertEqual(l7policy3[const.NAME], l7policies[0][const.NAME]) # Test fields for field in const.SHOW_L7POLICY_RESPONSE_FIELDS: # Test position / updated fields separately, because they're odd if field not in (const.POSITION, const.UPDATED_AT): l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&{fields}={field}'. format(listener_id=listener_id, fields=const.FIELDS, field=field)) self.assertEqual(1, len(l7policies[0])) self.assertEqual(l7policy1[field], l7policies[0][field]) self.assertEqual(l7policy2[field], l7policies[1][field]) self.assertEqual(l7policy3[field], l7policies[2][field]) elif field == const.POSITION: l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&{fields}={field}'. format(listener_id=listener_id, fields=const.FIELDS, field=field)) self.assertEqual(1, len(l7policies[0])) # Positions won't match the request due to insertion reordering self.assertEqual(3, l7policies[0][field]) self.assertEqual(2, l7policies[1][field]) self.assertEqual(1, l7policies[2][field]) elif field == const.UPDATED_AT: l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&{fields}={field}'. format(listener_id=listener_id, fields=const.FIELDS, field=field)) # Just test that we get it -- the actual value is unpredictable self.assertEqual(1, len(l7policies[0])) # Test multiple fields at the same time l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&{fields}={admin}&' '{fields}={created}'.format(listener_id=listener_id, fields=const.FIELDS, admin=const.ADMIN_STATE_UP, created=const.CREATED_AT)) self.assertEqual(2, len(l7policies[0])) self.assertTrue(l7policies[0][const.ADMIN_STATE_UP]) parser.parse(l7policies[0][const.CREATED_AT]) self.assertTrue(l7policies[1][const.ADMIN_STATE_UP]) parser.parse(l7policies[1][const.CREATED_AT]) self.assertFalse(l7policies[2][const.ADMIN_STATE_UP]) parser.parse(l7policies[2][const.CREATED_AT]) # Test filtering l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&' '{desc}={l7policy_desc}'.format(listener_id=listener_id, desc=const.DESCRIPTION, l7policy_desc=l7policy2[ const.DESCRIPTION])) self.assertEqual(1, len(l7policies)) self.assertEqual(l7policy2[const.DESCRIPTION], l7policies[0][const.DESCRIPTION]) # Test combined params l7policies = self.mem_l7policy_client.list_l7policies( query_params='listener_id={listener_id}&{admin}={true}&' '{fields}={descr}&{fields}={id}&' '{sort}={descr}:{desc}'.format(listener_id=listener_id, admin=const.ADMIN_STATE_UP, true=const.ADMIN_STATE_UP_TRUE, fields=const.FIELDS, descr=const.DESCRIPTION, id=const.ID, sort=const.SORT, desc=const.DESC)) # Should get two l7policies self.assertEqual(2, len(l7policies)) # l7policies should have two fields self.assertEqual(2, len(l7policies[0])) # Should be in descending order self.assertEqual(l7policy2[const.DESCRIPTION], l7policies[1][const.DESCRIPTION]) self.assertEqual(l7policy1[const.DESCRIPTION], l7policies[0][const.DESCRIPTION])
def test_listener_list(self): """Tests listener list API and field filtering. * Create a clean loadbalancer. * Create three listeners. * Validates that other accounts cannot list the listeners. * List the listeners using the default sort order. * List the listeners using descending sort order. * List the listeners using ascending sort order. * List the listeners returning one field at a time. * List the listeners returning two fields. * List the listeners filtering to one of the three. * List the listeners filtered, one field, and sorted. """ lb_name = data_utils.rand_name("lb_member_lb2_listener-list") lb = self.mem_lb_client.create_loadbalancer( name=lb_name, provider=CONF.load_balancer.provider, vip_network_id=self.lb_member_vip_net[const.ID]) lb_id = lb[const.ID] self.addCleanup(self.mem_lb_client.cleanup_loadbalancer, lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) listener1_name = data_utils.rand_name("lb_member_listener2-list") listener1_desc = 'B' listener1_kwargs = { const.NAME: listener1_name, const.DESCRIPTION: listener1_desc, const.ADMIN_STATE_UP: True, const.PROTOCOL: self.protocol, const.PROTOCOL_PORT: 80, const.LOADBALANCER_ID: lb_id, } listener1 = self.mem_listener_client.create_listener( **listener1_kwargs) self.addCleanup(self.mem_listener_client.cleanup_listener, listener1[const.ID], lb_client=self.mem_lb_client, lb_id=lb_id) listener1 = waiters.wait_for_status( self.mem_listener_client.show_listener, listener1[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) listener2_name = data_utils.rand_name("lb_member_listener1-list") listener2_desc = 'A' listener2_kwargs = { const.NAME: listener2_name, const.DESCRIPTION: listener2_desc, const.ADMIN_STATE_UP: True, const.PROTOCOL: self.protocol, const.PROTOCOL_PORT: 81, const.LOADBALANCER_ID: lb_id, } listener2 = self.mem_listener_client.create_listener( **listener2_kwargs) self.addCleanup(self.mem_listener_client.cleanup_listener, listener2[const.ID], lb_client=self.mem_lb_client, lb_id=lb_id) listener2 = waiters.wait_for_status( self.mem_listener_client.show_listener, listener2[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) listener3_name = data_utils.rand_name("lb_member_listener3-list") listener3_desc = 'C' listener3_kwargs = { const.NAME: listener3_name, const.DESCRIPTION: listener3_desc, const.ADMIN_STATE_UP: False, const.PROTOCOL: self.protocol, const.PROTOCOL_PORT: 82, const.LOADBALANCER_ID: lb_id, } listener3 = self.mem_listener_client.create_listener( **listener3_kwargs) self.addCleanup(self.mem_listener_client.cleanup_listener, listener3[const.ID], lb_client=self.mem_lb_client, lb_id=lb_id) listener3 = waiters.wait_for_status( self.mem_listener_client.show_listener, listener3[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if not CONF.load_balancer.test_with_noop: # Wait for the enabled listeners to come ONLINE listener1 = waiters.wait_for_status( self.mem_listener_client.show_listener, listener1[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) listener2 = waiters.wait_for_status( self.mem_listener_client.show_listener, listener2[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Test that a different user cannot list listeners if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.listener_client primary = member2_client.list_listeners( query_params='loadbalancer_id={lb_id}'.format(lb_id=lb_id)) self.assertEqual(0, len(primary)) # Test that a user without the lb member role cannot list load # balancers if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.listener_client.list_listeners) # Check the default sort order, created_at listeners = self.mem_listener_client.list_listeners( query_params='loadbalancer_id={lb_id}'.format(lb_id=lb_id)) self.assertEqual(listener1[const.DESCRIPTION], listeners[0][const.DESCRIPTION]) self.assertEqual(listener2[const.DESCRIPTION], listeners[1][const.DESCRIPTION]) self.assertEqual(listener3[const.DESCRIPTION], listeners[2][const.DESCRIPTION]) # Test sort descending by description listeners = self.mem_listener_client.list_listeners( query_params='loadbalancer_id={lb_id}&{sort}={descr}:{desc}'. format(lb_id=lb_id, sort=const.SORT, descr=const.DESCRIPTION, desc=const.DESC)) self.assertEqual(listener1[const.DESCRIPTION], listeners[1][const.DESCRIPTION]) self.assertEqual(listener2[const.DESCRIPTION], listeners[2][const.DESCRIPTION]) self.assertEqual(listener3[const.DESCRIPTION], listeners[0][const.DESCRIPTION]) # Test sort ascending by description listeners = self.mem_listener_client.list_listeners( query_params='loadbalancer_id={lb_id}&{sort}={descr}:{asc}'.format( lb_id=lb_id, sort=const.SORT, descr=const.DESCRIPTION, asc=const.ASC)) self.assertEqual(listener1[const.DESCRIPTION], listeners[1][const.DESCRIPTION]) self.assertEqual(listener2[const.DESCRIPTION], listeners[0][const.DESCRIPTION]) self.assertEqual(listener3[const.DESCRIPTION], listeners[2][const.DESCRIPTION]) # Test fields show_listener_response_fields = const.SHOW_LISTENER_RESPONSE_FIELDS if self.mem_listener_client.is_version_supported( self.api_version, '2.1'): show_listener_response_fields.append('timeout_client_data') show_listener_response_fields.append('timeout_member_connect') show_listener_response_fields.append('timeout_member_data') show_listener_response_fields.append('timeout_tcp_inspect') for field in show_listener_response_fields: if field in (const.DEFAULT_POOL_ID, const.L7_POLICIES): continue listeners = self.mem_listener_client.list_listeners( query_params='loadbalancer_id={lb_id}&{fields}={field}'.format( lb_id=lb_id, fields=const.FIELDS, field=field)) self.assertEqual(1, len(listeners[0])) self.assertEqual(listener1[field], listeners[0][field]) self.assertEqual(listener2[field], listeners[1][field]) self.assertEqual(listener3[field], listeners[2][field]) # Test multiple fields at the same time listeners = self.mem_listener_client.list_listeners( query_params='loadbalancer_id={lb_id}&{fields}={admin}&' '{fields}={created}'.format(lb_id=lb_id, fields=const.FIELDS, admin=const.ADMIN_STATE_UP, created=const.CREATED_AT)) self.assertEqual(2, len(listeners[0])) self.assertTrue(listeners[0][const.ADMIN_STATE_UP]) parser.parse(listeners[0][const.CREATED_AT]) self.assertTrue(listeners[1][const.ADMIN_STATE_UP]) parser.parse(listeners[1][const.CREATED_AT]) self.assertFalse(listeners[2][const.ADMIN_STATE_UP]) parser.parse(listeners[2][const.CREATED_AT]) # Test filtering listeners = self.mem_listener_client.list_listeners( query_params='loadbalancer_id={lb_id}&{desc}={lb_desc}'.format( lb_id=lb_id, desc=const.DESCRIPTION, lb_desc=listener2[const.DESCRIPTION])) self.assertEqual(1, len(listeners)) self.assertEqual(listener2[const.DESCRIPTION], listeners[0][const.DESCRIPTION]) # Test combined params listeners = self.mem_listener_client.list_listeners( query_params='loadbalancer_id={lb_id}&{admin}={true}&' '{fields}={descr}&{fields}={id}&' '{sort}={descr}:{desc}'.format(lb_id=lb_id, admin=const.ADMIN_STATE_UP, true=const.ADMIN_STATE_UP_TRUE, fields=const.FIELDS, descr=const.DESCRIPTION, id=const.ID, sort=const.SORT, desc=const.DESC)) # Should get two listeners self.assertEqual(2, len(listeners)) # listeners should have two fields self.assertEqual(2, len(listeners[0])) # Should be in descending order self.assertEqual(listener2[const.DESCRIPTION], listeners[1][const.DESCRIPTION]) self.assertEqual(listener1[const.DESCRIPTION], listeners[0][const.DESCRIPTION])
def test_l7policy_update(self): """Tests l7policy update and show APIs. * Create a clean listener. * Create a fully populated l7policy. * Show l7policy details. * Validate the show reflects the initial values. * Validates that other accounts cannot update the l7policy. * Update the l7policy details. * Show l7policy details. * Validate the show reflects the updated values. """ listener_name = data_utils.rand_name( "lb_member_listener3_l7policy-update") listener_kwargs = { const.NAME: listener_name, const.PROTOCOL: const.HTTP, const.PROTOCOL_PORT: '81', const.LOADBALANCER_ID: self.lb_id, } listener = self.mem_listener_client.create_listener(**listener_kwargs) listener_id = listener[const.ID] self.addCleanup(self.mem_listener_client.cleanup_listener, listener_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) l7policy_name = data_utils.rand_name("lb_member_l7policy1-update") l7policy_description = data_utils.arbitrary_string(size=255) l7_redirect_url = 'http://localhost' l7policy_kwargs = { const.LISTENER_ID: listener_id, const.NAME: l7policy_name, const.DESCRIPTION: l7policy_description, const.ADMIN_STATE_UP: False, const.POSITION: 1, const.ACTION: const.REDIRECT_TO_URL, const.REDIRECT_URL: l7_redirect_url, } l7policy = self.mem_l7policy_client.create_l7policy(**l7policy_kwargs) self.addClassResourceCleanup(self.mem_l7policy_client.cleanup_l7policy, l7policy[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) l7policy = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(l7policy_name, l7policy[const.NAME]) self.assertEqual(l7policy_description, l7policy[const.DESCRIPTION]) self.assertFalse(l7policy[const.ADMIN_STATE_UP]) parser.parse(l7policy[const.CREATED_AT]) parser.parse(l7policy[const.UPDATED_AT]) UUID(l7policy[const.ID]) # Operating status for a l7policy will be ONLINE if it is enabled: if l7policy[const.ADMIN_STATE_UP]: self.assertEqual(const.ONLINE, l7policy[const.OPERATING_STATUS]) else: self.assertEqual(const.OFFLINE, l7policy[const.OPERATING_STATUS]) self.assertEqual(listener_id, l7policy[const.LISTENER_ID]) self.assertEqual(1, l7policy[const.POSITION]) self.assertEqual(const.REDIRECT_TO_URL, l7policy[const.ACTION]) self.assertEqual(l7_redirect_url, l7policy[const.REDIRECT_URL]) self.assertIsNone(l7policy.pop(const.REDIRECT_POOL_ID, None)) # Test that a user, without the load balancer member role, cannot # use this command if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.l7policy_client.update_l7policy, l7policy[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* l7policy_check = self.mem_l7policy_client.show_l7policy( l7policy[const.ID]) self.assertEqual(const.ACTIVE, l7policy_check[const.PROVISIONING_STATUS]) self.assertFalse(l7policy_check[const.ADMIN_STATE_UP]) # Test that a user, without the load balancer member role, cannot # update this l7policy if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.l7policy_client self.assertRaises(exceptions.Forbidden, member2_client.update_l7policy, l7policy[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* l7policy_check = self.mem_l7policy_client.show_l7policy( l7policy[const.ID]) self.assertEqual(const.ACTIVE, l7policy_check[const.PROVISIONING_STATUS]) self.assertFalse(l7policy_check[const.ADMIN_STATE_UP]) new_name = data_utils.rand_name("lb_member_l7policy1-UPDATED") new_description = data_utils.arbitrary_string(size=255, base_text='new') l7policy_update_kwargs = { const.NAME: new_name, const.DESCRIPTION: new_description, const.ADMIN_STATE_UP: True, const.POSITION: 2, const.ACTION: const.REDIRECT_TO_POOL, const.REDIRECT_POOL_ID: self.pool_id, } l7policy = self.mem_l7policy_client.update_l7policy( l7policy[const.ID], **l7policy_update_kwargs) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) l7policy = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if not CONF.load_balancer.test_with_noop: l7policy = waiters.wait_for_status( self.mem_l7policy_client.show_l7policy, l7policy[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(new_name, l7policy[const.NAME]) self.assertEqual(new_description, l7policy[const.DESCRIPTION]) self.assertTrue(l7policy[const.ADMIN_STATE_UP]) parser.parse(l7policy[const.CREATED_AT]) parser.parse(l7policy[const.UPDATED_AT]) UUID(l7policy[const.ID]) # Operating status for a l7policy will be ONLINE if it is enabled: if l7policy[const.ADMIN_STATE_UP]: self.assertEqual(const.ONLINE, l7policy[const.OPERATING_STATUS]) else: self.assertEqual(const.OFFLINE, l7policy[const.OPERATING_STATUS]) self.assertEqual(listener_id, l7policy[const.LISTENER_ID]) self.assertEqual(1, l7policy[const.POSITION]) self.assertEqual(const.REDIRECT_TO_POOL, l7policy[const.ACTION]) self.assertEqual(self.pool_id, l7policy[const.REDIRECT_POOL_ID]) self.assertIsNone(l7policy.pop(const.REDIRECT_URL, None))
def test_listener_create(self): """Tests listener create and basic show APIs. * Tests that users without the loadbalancer member role cannot create listeners. * Create a fully populated listener. * Show listener details. * Validate the show reflects the requested values. """ listener_name = data_utils.rand_name("lb_member_listener1-create") listener_description = data_utils.arbitrary_string(size=255) listener_kwargs = { const.NAME: listener_name, const.DESCRIPTION: listener_description, const.ADMIN_STATE_UP: True, const.PROTOCOL: self.protocol, const.PROTOCOL_PORT: 80, const.LOADBALANCER_ID: self.lb_id, const.CONNECTION_LIMIT: 200, const.INSERT_HEADERS: { const.X_FORWARDED_FOR: "true", const.X_FORWARDED_PORT: "true" }, # Don't test with a default pool -- we'll do that in the scenario, # but this will allow us to test that the field isn't mandatory, # as well as not conflate pool failures with listener test failures # const.DEFAULT_POOL_ID: self.pool_id, # TODO(rm_work): need to add TLS related stuff # const.DEFAULT_TLS_CONTAINER_REF: '', # const.SNI_CONTAINER_REFS: [], } if self.mem_listener_client.is_version_supported( self.api_version, '2.1'): listener_kwargs.update({ const.TIMEOUT_CLIENT_DATA: 1000, const.TIMEOUT_MEMBER_CONNECT: 1000, const.TIMEOUT_MEMBER_DATA: 1000, const.TIMEOUT_TCP_INSPECT: 50, }) # Test that a user without the load balancer role cannot # create a listener if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.listener_client.create_listener, **listener_kwargs) listener = self.mem_listener_client.create_listener(**listener_kwargs) self.addClassResourceCleanup(self.mem_listener_client.cleanup_listener, listener[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) listener = waiters.wait_for_status( self.mem_listener_client.show_listener, listener[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if not CONF.load_balancer.test_with_noop: listener = waiters.wait_for_status( self.mem_listener_client.show_listener, listener[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(listener_name, listener[const.NAME]) self.assertEqual(listener_description, listener[const.DESCRIPTION]) self.assertTrue(listener[const.ADMIN_STATE_UP]) parser.parse(listener[const.CREATED_AT]) parser.parse(listener[const.UPDATED_AT]) UUID(listener[const.ID]) # Operating status is a measured status, so no-op will not go online if CONF.load_balancer.test_with_noop: self.assertEqual(const.OFFLINE, listener[const.OPERATING_STATUS]) else: self.assertEqual(const.ONLINE, listener[const.OPERATING_STATUS]) self.assertEqual(self.protocol, listener[const.PROTOCOL]) self.assertEqual(80, listener[const.PROTOCOL_PORT]) self.assertEqual(200, listener[const.CONNECTION_LIMIT]) insert_headers = listener[const.INSERT_HEADERS] self.assertTrue( strutils.bool_from_string(insert_headers[const.X_FORWARDED_FOR])) self.assertTrue( strutils.bool_from_string(insert_headers[const.X_FORWARDED_PORT])) if self.mem_listener_client.is_version_supported( self.api_version, '2.1'): self.assertEqual(1000, listener[const.TIMEOUT_CLIENT_DATA]) self.assertEqual(1000, listener[const.TIMEOUT_MEMBER_CONNECT]) self.assertEqual(1000, listener[const.TIMEOUT_MEMBER_DATA]) self.assertEqual(50, listener[const.TIMEOUT_TCP_INSPECT])
def test_member_CRUD(self): """Tests member create, read, update, delete * Create a fully populated member. * Show member details. * Update the member. * Delete the member. """ # Member create member_name = data_utils.rand_name("lb_member_member1-CRUD") member_kwargs = { const.NAME: member_name, const.ADMIN_STATE_UP: True, const.POOL_ID: self.pool_id, const.ADDRESS: '192.0.2.1', const.PROTOCOL_PORT: 80, const.WEIGHT: 50, const.MONITOR_ADDRESS: '192.0.2.2', const.MONITOR_PORT: 8080, } if self.mem_member_client.is_version_supported(self.api_version, '2.1'): member_kwargs.update({ const.BACKUP: False, }) if self.lb_member_vip_subnet: member_kwargs[const.SUBNET_ID] = self.lb_member_vip_subnet[ const.ID] member = self.mem_member_client.create_member(**member_kwargs) self.addCleanup(self.mem_member_client.cleanup_member, member[const.ID], pool_id=self.pool_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) member = waiters.wait_for_status(self.mem_member_client.show_member, member[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) parser.parse(member[const.CREATED_AT]) parser.parse(member[const.UPDATED_AT]) UUID(member[const.ID]) # Members may be in a transitional state initially # like DOWN or MAINT, give it some time to stablize on # NO_MONITOR. This is LIVE status. member = waiters.wait_for_status(self.mem_member_client.show_member, member[const.ID], const.OPERATING_STATUS, const.NO_MONITOR, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout, pool_id=self.pool_id) equal_items = [ const.NAME, const.ADMIN_STATE_UP, const.ADDRESS, const.PROTOCOL_PORT, const.WEIGHT, const.MONITOR_ADDRESS, const.MONITOR_PORT ] if self.mem_member_client.is_version_supported(self.api_version, '2.1'): equal_items.append(const.BACKUP) if const.SUBNET_ID in member_kwargs: equal_items.append(const.SUBNET_ID) else: self.assertIsNone(member.get(const.SUBNET_ID)) for item in equal_items: self.assertEqual(member_kwargs[item], member[item]) # Member update new_name = data_utils.rand_name("lb_member_member1-update") member_update_kwargs = { const.POOL_ID: member_kwargs[const.POOL_ID], const.NAME: new_name, const.ADMIN_STATE_UP: not member[const.ADMIN_STATE_UP], const.WEIGHT: member[const.WEIGHT] + 1, const.MONITOR_ADDRESS: '192.0.2.3', const.MONITOR_PORT: member[const.MONITOR_PORT] + 1, } if self.mem_member_client.is_version_supported(self.api_version, '2.1'): member_update_kwargs.update({ const.BACKUP: not member[const.BACKUP], }) member = self.mem_member_client.update_member(member[const.ID], **member_update_kwargs) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) member = waiters.wait_for_status(self.mem_member_client.show_member, member[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout, pool_id=self.pool_id) # Test changed items equal_items = [ const.NAME, const.ADMIN_STATE_UP, const.WEIGHT, const.MONITOR_ADDRESS, const.MONITOR_PORT ] if self.mem_member_client.is_version_supported(self.api_version, '2.1'): equal_items.append(const.BACKUP) for item in equal_items: self.assertEqual(member_update_kwargs[item], member[item]) # Test unchanged items equal_items = [const.ADDRESS, const.PROTOCOL_PORT] if const.SUBNET_ID in member_kwargs: equal_items.append(const.SUBNET_ID) else: self.assertIsNone(member.get(const.SUBNET_ID)) for item in equal_items: self.assertEqual(member_kwargs[item], member[item]) # Member delete waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) self.mem_member_client.delete_member(member[const.ID], pool_id=self.pool_id) waiters.wait_for_deleted_status_or_not_found( self.mem_member_client.show_member, member[const.ID], const.PROVISIONING_STATUS, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout, pool_id=self.pool_id)
def test_listener_update(self): """Tests listener update and show APIs. * Create a fully populated listener. * Show listener details. * Validate the show reflects the initial values. * Validates that other accounts cannot update the listener. * Update the listener details. * Show listener details. * Validate the show reflects the updated values. """ listener_name = data_utils.rand_name("lb_member_listener1-update") listener_description = data_utils.arbitrary_string(size=255) listener_kwargs = { const.NAME: listener_name, const.DESCRIPTION: listener_description, const.ADMIN_STATE_UP: False, const.PROTOCOL: self.protocol, const.PROTOCOL_PORT: 82, const.LOADBALANCER_ID: self.lb_id, const.CONNECTION_LIMIT: 200, const.INSERT_HEADERS: { const.X_FORWARDED_FOR: "true", const.X_FORWARDED_PORT: "true" }, # TODO(rm_work): need to finish the rest of this stuff # const.DEFAULT_POOL_ID: '', # const.DEFAULT_TLS_CONTAINER_REF: '', # const.SNI_CONTAINER_REFS: [], } if self.mem_listener_client.is_version_supported( self.api_version, '2.1'): listener_kwargs.update({ const.TIMEOUT_CLIENT_DATA: 1000, const.TIMEOUT_MEMBER_CONNECT: 1000, const.TIMEOUT_MEMBER_DATA: 1000, const.TIMEOUT_TCP_INSPECT: 50, }) listener = self.mem_listener_client.create_listener(**listener_kwargs) self.addClassResourceCleanup(self.mem_listener_client.cleanup_listener, listener[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) listener = waiters.wait_for_status( self.mem_listener_client.show_listener, listener[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(listener_name, listener[const.NAME]) self.assertEqual(listener_description, listener[const.DESCRIPTION]) self.assertFalse(listener[const.ADMIN_STATE_UP]) parser.parse(listener[const.CREATED_AT]) parser.parse(listener[const.UPDATED_AT]) UUID(listener[const.ID]) # Operating status will be OFFLINE while admin_state_up = False self.assertEqual(const.OFFLINE, listener[const.OPERATING_STATUS]) self.assertEqual(self.protocol, listener[const.PROTOCOL]) self.assertEqual(82, listener[const.PROTOCOL_PORT]) self.assertEqual(200, listener[const.CONNECTION_LIMIT]) insert_headers = listener[const.INSERT_HEADERS] self.assertTrue( strutils.bool_from_string(insert_headers[const.X_FORWARDED_FOR])) self.assertTrue( strutils.bool_from_string(insert_headers[const.X_FORWARDED_PORT])) if self.mem_listener_client.is_version_supported( self.api_version, '2.1'): self.assertEqual(1000, listener[const.TIMEOUT_CLIENT_DATA]) self.assertEqual(1000, listener[const.TIMEOUT_MEMBER_CONNECT]) self.assertEqual(1000, listener[const.TIMEOUT_MEMBER_DATA]) self.assertEqual(50, listener[const.TIMEOUT_TCP_INSPECT]) # Test that a user, without the load balancer member role, cannot # use this command if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises(exceptions.Forbidden, self.os_primary.listener_client.update_listener, listener[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* listener_check = self.mem_listener_client.show_listener( listener[const.ID]) self.assertEqual(const.ACTIVE, listener_check[const.PROVISIONING_STATUS]) self.assertFalse(listener_check[const.ADMIN_STATE_UP]) # Test that a user, without the load balancer member role, cannot # update this listener if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.listener_client self.assertRaises(exceptions.Forbidden, member2_client.update_listener, listener[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* listener_check = self.mem_listener_client.show_listener( listener[const.ID]) self.assertEqual(const.ACTIVE, listener_check[const.PROVISIONING_STATUS]) self.assertFalse(listener_check[const.ADMIN_STATE_UP]) new_name = data_utils.rand_name("lb_member_listener1-UPDATED") new_description = data_utils.arbitrary_string(size=255, base_text='new') listener_update_kwargs = { const.NAME: new_name, const.DESCRIPTION: new_description, const.ADMIN_STATE_UP: True, const.CONNECTION_LIMIT: 400, const.INSERT_HEADERS: { const.X_FORWARDED_FOR: "false", const.X_FORWARDED_PORT: "false" }, # TODO(rm_work): need to finish the rest of this stuff # const.DEFAULT_POOL_ID: '', # const.DEFAULT_TLS_CONTAINER_REF: '', # const.SNI_CONTAINER_REFS: [], } if self.mem_listener_client.is_version_supported( self.api_version, '2.1'): listener_update_kwargs.update({ const.TIMEOUT_CLIENT_DATA: 2000, const.TIMEOUT_MEMBER_CONNECT: 2000, const.TIMEOUT_MEMBER_DATA: 2000, const.TIMEOUT_TCP_INSPECT: 100, }) listener = self.mem_listener_client.update_listener( listener[const.ID], **listener_update_kwargs) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) listener = waiters.wait_for_status( self.mem_listener_client.show_listener, listener[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if not CONF.load_balancer.test_with_noop: listener = waiters.wait_for_status( self.mem_listener_client.show_listener, listener[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) self.assertEqual(new_name, listener[const.NAME]) self.assertEqual(new_description, listener[const.DESCRIPTION]) self.assertTrue(listener[const.ADMIN_STATE_UP]) # Operating status is a measured status, so no-op will not go online if CONF.load_balancer.test_with_noop: self.assertEqual(const.OFFLINE, listener[const.OPERATING_STATUS]) else: self.assertEqual(const.ONLINE, listener[const.OPERATING_STATUS]) self.assertEqual(400, listener[const.CONNECTION_LIMIT]) insert_headers = listener[const.INSERT_HEADERS] self.assertFalse( strutils.bool_from_string(insert_headers[const.X_FORWARDED_FOR])) self.assertFalse( strutils.bool_from_string(insert_headers[const.X_FORWARDED_PORT])) if self.mem_listener_client.is_version_supported( self.api_version, '2.1'): self.assertEqual(2000, listener[const.TIMEOUT_CLIENT_DATA]) self.assertEqual(2000, listener[const.TIMEOUT_MEMBER_CONNECT]) self.assertEqual(2000, listener[const.TIMEOUT_MEMBER_DATA]) self.assertEqual(100, listener[const.TIMEOUT_TCP_INSPECT])
def test_healthmonitor_list(self): """Tests healthmonitor list API and field filtering. * Create three clean pools to use for the healthmonitors. * Create three healthmonitors. * Validates that other accounts cannot list the healthmonitors. * List the healthmonitors using the default sort order. * List the healthmonitors using descending sort order. * List the healthmonitors using ascending sort order. * List the healthmonitors returning one field at a time. * List the healthmonitors returning two fields. * List the healthmonitors filtering to one of the three. * List the healthmonitors filtered, one field, and sorted. """ # Get a list of pre-existing HMs to filter from test data pretest_hms = self.mem_healthmonitor_client.list_healthmonitors() # Store their IDs for easy access pretest_hm_ids = [hm['id'] for hm in pretest_hms] pool1_name = data_utils.rand_name("lb_member_pool1_hm-list") pool1_kwargs = { const.NAME: pool1_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: self.lb_id, } pool1 = self.mem_pool_client.create_pool(**pool1_kwargs) pool1_id = pool1[const.ID] self.addCleanup(self.mem_pool_client.cleanup_pool, pool1_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool2_name = data_utils.rand_name("lb_member_pool2_hm-list") pool2_kwargs = { const.NAME: pool2_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: self.lb_id, } pool2 = self.mem_pool_client.create_pool(**pool2_kwargs) pool2_id = pool2[const.ID] self.addCleanup(self.mem_pool_client.cleanup_pool, pool2_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) pool3_name = data_utils.rand_name("lb_member_pool3_hm-list") pool3_kwargs = { const.NAME: pool3_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: self.lb_id, } pool3 = self.mem_pool_client.create_pool(**pool3_kwargs) pool3_id = pool3[const.ID] self.addCleanup(self.mem_pool_client.cleanup_pool, pool3_id, lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm1_name = data_utils.rand_name("lb_member_hm2-list") hm1_kwargs = { const.POOL_ID: pool1_id, const.NAME: hm1_name, const.TYPE: const.HEALTH_MONITOR_HTTP, const.DELAY: 2, const.TIMEOUT: 3, const.MAX_RETRIES: 4, const.MAX_RETRIES_DOWN: 5, const.HTTP_METHOD: const.GET, const.URL_PATH: '/B', const.EXPECTED_CODES: '200-204', const.ADMIN_STATE_UP: True, } hm1 = self.mem_healthmonitor_client.create_healthmonitor(**hm1_kwargs) self.addCleanup(self.mem_healthmonitor_client.cleanup_healthmonitor, hm1[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) hm1 = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm1[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) hm2_name = data_utils.rand_name("lb_member_hm1-list") hm2_kwargs = { const.POOL_ID: pool2_id, const.NAME: hm2_name, const.TYPE: const.HEALTH_MONITOR_HTTP, const.DELAY: 2, const.TIMEOUT: 3, const.MAX_RETRIES: 4, const.MAX_RETRIES_DOWN: 5, const.HTTP_METHOD: const.GET, const.URL_PATH: '/A', const.EXPECTED_CODES: '200-204', const.ADMIN_STATE_UP: True, } hm2 = self.mem_healthmonitor_client.create_healthmonitor(**hm2_kwargs) self.addCleanup(self.mem_healthmonitor_client.cleanup_healthmonitor, hm2[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) hm2 = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm2[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Time resolution for created_at is only to the second, and we need to # ensure that each object has a distinct creation time. Delaying one # second is both a simple and a reliable way to accomplish this. time.sleep(1) hm3_name = data_utils.rand_name("lb_member_hm3-list") hm3_kwargs = { const.POOL_ID: pool3_id, const.NAME: hm3_name, const.TYPE: const.HEALTH_MONITOR_HTTP, const.DELAY: 2, const.TIMEOUT: 3, const.MAX_RETRIES: 4, const.MAX_RETRIES_DOWN: 5, const.HTTP_METHOD: const.GET, const.URL_PATH: '/C', const.EXPECTED_CODES: '200-204', const.ADMIN_STATE_UP: False, } hm3 = self.mem_healthmonitor_client.create_healthmonitor(**hm3_kwargs) self.addCleanup(self.mem_healthmonitor_client.cleanup_healthmonitor, hm3[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) hm3 = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm3[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Test that a different user cannot list healthmonitors if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.healthmonitor_client primary = member2_client.list_healthmonitors( query_params='pool_id={pool_id}'.format(pool_id=pool1_id)) self.assertEqual(0, len(primary)) # Test that users without the lb member role cannot list healthmonitors if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises( exceptions.Forbidden, self.os_primary.healthmonitor_client.list_healthmonitors) # Check the default sort order, created_at hms = self.mem_healthmonitor_client.list_healthmonitors() hms = self._filter_hms_by_pool_id(hms, (pool1_id, pool2_id, pool3_id)) self.assertEqual(hm1[const.URL_PATH], hms[0][const.URL_PATH]) self.assertEqual(hm2[const.URL_PATH], hms[1][const.URL_PATH]) self.assertEqual(hm3[const.URL_PATH], hms[2][const.URL_PATH]) # Test sort descending by description hms = self.mem_healthmonitor_client.list_healthmonitors( query_params='{sort}={url_path}:{desc}'.format( sort=const.SORT, url_path=const.URL_PATH, desc=const.DESC)) hms = self._filter_hms_by_pool_id(hms, (pool1_id, pool2_id, pool3_id)) self.assertEqual(hm1[const.URL_PATH], hms[1][const.URL_PATH]) self.assertEqual(hm2[const.URL_PATH], hms[2][const.URL_PATH]) self.assertEqual(hm3[const.URL_PATH], hms[0][const.URL_PATH]) # Test sort ascending by description hms = self.mem_healthmonitor_client.list_healthmonitors( query_params='{sort}={url_path}:{asc}'.format( sort=const.SORT, url_path=const.URL_PATH, asc=const.ASC)) hms = self._filter_hms_by_pool_id(hms, (pool1_id, pool2_id, pool3_id)) self.assertEqual(hm1[const.URL_PATH], hms[1][const.URL_PATH]) self.assertEqual(hm2[const.URL_PATH], hms[0][const.URL_PATH]) self.assertEqual(hm3[const.URL_PATH], hms[2][const.URL_PATH]) # Determine indexes of pretest HMs in default sort pretest_hm_indexes = [] hms = self.mem_healthmonitor_client.list_healthmonitors() for i, hm in enumerate(hms): if hm['id'] in pretest_hm_ids: pretest_hm_indexes.append(i) # Test fields for field in const.SHOW_HEALTHMONITOR_RESPONSE_FIELDS: hms = self.mem_healthmonitor_client.list_healthmonitors( query_params='{fields}={field}'.format(fields=const.FIELDS, field=field)) hms = self._filter_hms_by_index(hms, pretest_hm_indexes) self.assertEqual(1, len(hms[0])) self.assertEqual(hm1[field], hms[0][field]) self.assertEqual(hm2[field], hms[1][field]) self.assertEqual(hm3[field], hms[2][field]) # Test multiple fields at the same time hms = self.mem_healthmonitor_client.list_healthmonitors( query_params='{fields}={admin}&' '{fields}={created}&' '{fields}={pools}'.format(fields=const.FIELDS, admin=const.ADMIN_STATE_UP, created=const.CREATED_AT, pools=const.POOLS)) hms = self._filter_hms_by_pool_id(hms, (pool1_id, pool2_id, pool3_id)) self.assertEqual(3, len(hms[0])) self.assertTrue(hms[0][const.ADMIN_STATE_UP]) parser.parse(hms[0][const.CREATED_AT]) self.assertTrue(hms[1][const.ADMIN_STATE_UP]) parser.parse(hms[1][const.CREATED_AT]) self.assertFalse(hms[2][const.ADMIN_STATE_UP]) parser.parse(hms[2][const.CREATED_AT]) # Test filtering hms = self.mem_healthmonitor_client.list_healthmonitors( query_params='{name}={hm_name}'.format(name=const.NAME, hm_name=hm2[const.NAME])) self.assertEqual(1, len(hms)) self.assertEqual(hm2[const.NAME], hms[0][const.NAME]) # Test combined params hms = self.mem_healthmonitor_client.list_healthmonitors( query_params='{admin}={true}&' '{fields}={name}&{fields}={pools}&' '{sort}={name}:{desc}'.format(admin=const.ADMIN_STATE_UP, true=const.ADMIN_STATE_UP_TRUE, fields=const.FIELDS, name=const.NAME, pools=const.POOLS, sort=const.SORT, desc=const.DESC)) hms = self._filter_hms_by_pool_id(hms, (pool1_id, pool2_id, pool3_id)) # Should get two healthmonitors self.assertEqual(2, len(hms)) # healthmonitors should have two fields self.assertEqual(2, len(hms[0])) # Should be in descending order self.assertEqual(hm2[const.NAME], hms[1][const.NAME]) self.assertEqual(hm1[const.NAME], hms[0][const.NAME])
def test_listener_show_stats(self): """Tests listener show statistics API. * Create a listener. * Validates that other accounts cannot see the stats for the * listener. * Show listener statistics. * Validate the show reflects the expected values. """ listener_name = data_utils.rand_name("lb_member_listener1-stats") listener_description = data_utils.arbitrary_string(size=255) listener_kwargs = { const.NAME: listener_name, const.DESCRIPTION: listener_description, const.ADMIN_STATE_UP: True, const.PROTOCOL: const.HTTP, const.PROTOCOL_PORT: 84, const.LOADBALANCER_ID: self.lb_id, const.CONNECTION_LIMIT: 200, } listener = self.mem_listener_client.create_listener(**listener_kwargs) self.addCleanup(self.mem_listener_client.cleanup_listener, listener[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) listener = waiters.wait_for_status( self.mem_listener_client.show_listener, listener[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) if not CONF.load_balancer.test_with_noop: listener = waiters.wait_for_status( self.mem_listener_client.show_listener, listener[const.ID], const.OPERATING_STATUS, const.ONLINE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Test that a user, without the load balancer member role, cannot # use this command if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises( exceptions.Forbidden, self.os_primary.listener_client.get_listener_stats, listener[const.ID]) # Test that a different user, with the load balancer role, cannot see # the listener stats if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.listener_client self.assertRaises(exceptions.Forbidden, member2_client.get_listener_stats, listener[const.ID]) stats = self.mem_listener_client.get_listener_stats(listener[const.ID]) self.assertEqual(5, len(stats)) self.assertEqual(0, stats[const.ACTIVE_CONNECTIONS]) self.assertEqual(0, stats[const.BYTES_IN]) self.assertEqual(0, stats[const.BYTES_OUT]) self.assertEqual(0, stats[const.REQUEST_ERRORS]) self.assertEqual(0, stats[const.TOTAL_CONNECTIONS])
def test_healthmonitor_update(self): """Tests healthmonitor update and show APIs. * Create a clean pool to use for the healthmonitor. * Create a fully populated healthmonitor. * Show healthmonitor details. * Validate the show reflects the initial values. * Validates that other accounts cannot update the healthmonitor. * Update the healthmonitor details. * Show healthmonitor details. * Validate the show reflects the updated values. """ pool_name = data_utils.rand_name("lb_member_pool1_hm-update") pool_kwargs = { const.NAME: pool_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: self.lb_id, } pool = self.mem_pool_client.create_pool(**pool_kwargs) self.addCleanup(self.mem_pool_client.cleanup_pool, pool[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm_name = data_utils.rand_name("lb_member_hm1-update") hm_kwargs = { const.POOL_ID: pool[const.ID], const.NAME: hm_name, const.TYPE: const.HEALTH_MONITOR_HTTP, const.DELAY: 2, const.TIMEOUT: 3, const.MAX_RETRIES: 4, const.MAX_RETRIES_DOWN: 5, const.HTTP_METHOD: const.GET, const.URL_PATH: '/', const.EXPECTED_CODES: '200-204', const.ADMIN_STATE_UP: False, } hm = self.mem_healthmonitor_client.create_healthmonitor(**hm_kwargs) self.addCleanup(self.mem_healthmonitor_client.cleanup_healthmonitor, hm[const.ID], lb_client=self.mem_lb_client, lb_id=self.lb_id) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) parser.parse(hm[const.CREATED_AT]) parser.parse(hm[const.UPDATED_AT]) UUID(hm[const.ID]) # Healthmonitors are ONLINE if admin_state_up = True, else OFFLINE if hm_kwargs[const.ADMIN_STATE_UP]: self.assertEqual(const.ONLINE, hm[const.OPERATING_STATUS]) else: self.assertEqual(const.OFFLINE, hm[const.OPERATING_STATUS]) equal_items = [ const.NAME, const.TYPE, const.DELAY, const.TIMEOUT, const.MAX_RETRIES, const.MAX_RETRIES_DOWN, const.HTTP_METHOD, const.URL_PATH, const.EXPECTED_CODES, const.ADMIN_STATE_UP ] for item in equal_items: self.assertEqual(hm_kwargs[item], hm[item]) # Test that a user, without the loadbalancer member role, cannot # use this command if CONF.load_balancer.RBAC_test_type == const.ADVANCED: self.assertRaises( exceptions.Forbidden, self.os_primary.healthmonitor_client.update_healthmonitor, hm[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* hm_check = self.mem_healthmonitor_client.show_healthmonitor( hm[const.ID]) self.assertEqual(const.ACTIVE, hm_check[const.PROVISIONING_STATUS]) self.assertFalse(hm_check[const.ADMIN_STATE_UP]) # Test that a user, without the loadbalancer member role, cannot # update this healthmonitor if not CONF.load_balancer.RBAC_test_type == const.NONE: member2_client = self.os_roles_lb_member2.healthmonitor_client self.assertRaises(exceptions.Forbidden, member2_client.update_healthmonitor, hm[const.ID], admin_state_up=True) # Assert we didn't go into PENDING_* hm_check = self.mem_healthmonitor_client.show_healthmonitor( hm[const.ID]) self.assertEqual(const.ACTIVE, hm_check[const.PROVISIONING_STATUS]) self.assertFalse(hm_check[const.ADMIN_STATE_UP]) new_name = data_utils.rand_name("lb_member_hm1-UPDATED") hm_update_kwargs = { const.NAME: new_name, const.DELAY: hm_kwargs[const.DELAY] + 1, const.TIMEOUT: hm_kwargs[const.TIMEOUT] + 1, const.MAX_RETRIES: hm_kwargs[const.MAX_RETRIES] + 1, const.MAX_RETRIES_DOWN: hm_kwargs[const.MAX_RETRIES_DOWN] + 1, const.HTTP_METHOD: const.POST, const.URL_PATH: '/test', const.EXPECTED_CODES: '201,202', const.ADMIN_STATE_UP: not hm_kwargs[const.ADMIN_STATE_UP], } hm = self.mem_healthmonitor_client.update_healthmonitor( hm[const.ID], **hm_update_kwargs) waiters.wait_for_status(self.mem_lb_client.show_loadbalancer, self.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) hm = waiters.wait_for_status( self.mem_healthmonitor_client.show_healthmonitor, hm[const.ID], const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Healthmonitors are ONLINE if admin_state_up = True, else OFFLINE if hm_update_kwargs[const.ADMIN_STATE_UP]: self.assertEqual(const.ONLINE, hm[const.OPERATING_STATUS]) else: self.assertEqual(const.OFFLINE, hm[const.OPERATING_STATUS]) # Test changed items equal_items = [ const.NAME, const.DELAY, const.TIMEOUT, const.MAX_RETRIES, const.MAX_RETRIES_DOWN, const.HTTP_METHOD, const.URL_PATH, const.EXPECTED_CODES, const.ADMIN_STATE_UP ] for item in equal_items: self.assertEqual(hm_update_kwargs[item], hm[item]) # Test unchanged items equal_items = [const.TYPE] for item in equal_items: self.assertEqual(hm_kwargs[item], hm[item])
def resource_setup(cls): """Setup resources needed by the tests.""" super(TLSWithBarbicanTest, cls).resource_setup() # Create a CA self-signed cert and key cls.ca_cert, ca_key = cert_utils.generate_ca_cert_and_key() LOG.debug('CA Cert: %s' % cls.ca_cert.public_bytes(serialization.Encoding.PEM)) LOG.debug('CA private Key: %s' % ca_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption())) LOG.debug('CA public Key: %s' % ca_key.public_key().public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo)) # Create a server cert and key cls.server_uuid = uuidutils.generate_uuid() server_cert, server_key = cert_utils.generate_server_cert_and_key( cls.ca_cert, ca_key, cls.server_uuid) LOG.debug('Server Cert: %s' % server_cert.public_bytes(serialization.Encoding.PEM)) LOG.debug('Server private Key: %s' % server_key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.TraditionalOpenSSL, encryption_algorithm=serialization.NoEncryption())) server_public_key = server_key.public_key() LOG.debug('Server public Key: %s' % server_public_key.public_bytes( encoding=serialization.Encoding.PEM, format=serialization.PublicFormat.SubjectPublicKeyInfo)) # Create the pkcs12 bundle pkcs12 = cert_utils.generate_pkcs12_bundle(server_cert, server_key) LOG.debug('Server PKCS12 bundle: %s' % base64.b64encode(pkcs12)) # Load the secret into the barbican service under the # os_roles_lb_member tenant barbican_mgr = barbican_client_mgr.BarbicanClientManager( cls.os_roles_lb_member) cls.secret_ref = barbican_mgr.store_secret(pkcs12) cls.addClassResourceCleanup(barbican_mgr.delete_secret, cls.secret_ref) # Set the barbican ACL if the Octavia API version doesn't do it # automatically. if not cls.mem_lb_client.is_version_supported(cls.api_version, '2.1'): user_list = cls.os_admin.users_v3_client.list_users( name=CONF.load_balancer.octavia_svc_username) msg = 'Only one user named "{0}" should exist, {1} found.'.format( CONF.load_balancer.octavia_svc_username, len(user_list['users'])) assert 1 == len(user_list['users']), msg barbican_mgr.add_acl(cls.secret_ref, user_list['users'][0]['id']) # Setup a load balancer for the tests to use lb_name = data_utils.rand_name("lb_member_lb1-tls") lb_kwargs = { const.PROVIDER: CONF.load_balancer.provider, const.NAME: lb_name } # TODO(johnsom) Update for IPv6 cls._setup_lb_network_kwargs(lb_kwargs, 4) lb = cls.mem_lb_client.create_loadbalancer(**lb_kwargs) cls.lb_id = lb[const.ID] cls.addClassResourceCleanup(cls.mem_lb_client.cleanup_loadbalancer, cls.lb_id) waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.lb_build_interval, CONF.load_balancer.lb_build_timeout) if CONF.validation.connect_method == 'floating': port_id = lb[const.VIP_PORT_ID] result = cls.lb_mem_float_ip_client.create_floatingip( floating_network_id=CONF.network.public_network_id, port_id=port_id) floating_ip = result['floatingip'] LOG.info('lb1_floating_ip: {}'.format(floating_ip)) cls.addClassResourceCleanup( waiters.wait_for_not_found, cls.lb_mem_float_ip_client.delete_floatingip, cls.lb_mem_float_ip_client.show_floatingip, floatingip_id=floating_ip['id']) cls.lb_vip_address = floating_ip['floating_ip_address'] else: cls.lb_vip_address = lb[const.VIP_ADDRESS] pool_name = data_utils.rand_name("lb_member_pool1-tls") pool_kwargs = { const.NAME: pool_name, const.PROTOCOL: const.HTTP, const.LB_ALGORITHM: const.LB_ALGORITHM_ROUND_ROBIN, const.LOADBALANCER_ID: cls.lb_id, } pool = cls.mem_pool_client.create_pool(**pool_kwargs) cls.pool_id = pool[const.ID] cls.addClassResourceCleanup(cls.mem_pool_client.cleanup_pool, cls.pool_id, lb_client=cls.mem_lb_client, lb_id=cls.lb_id) waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.build_interval, CONF.load_balancer.build_timeout) # Set up Member 1 for Webserver 1 member1_name = data_utils.rand_name("lb_member_member1-tls") member1_kwargs = { const.POOL_ID: cls.pool_id, const.NAME: member1_name, const.ADMIN_STATE_UP: True, const.ADDRESS: cls.webserver1_ip, const.PROTOCOL_PORT: 80, } if cls.lb_member_1_subnet: member1_kwargs[const.SUBNET_ID] = cls.lb_member_1_subnet[const.ID] member1 = cls.mem_member_client.create_member(**member1_kwargs) cls.addClassResourceCleanup(cls.mem_member_client.cleanup_member, member1[const.ID], pool_id=cls.pool_id, lb_client=cls.mem_lb_client, lb_id=cls.lb_id) waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout) # Set up Member 2 for Webserver 2 member2_name = data_utils.rand_name("lb_member_member2-tls") member2_kwargs = { const.POOL_ID: cls.pool_id, const.NAME: member2_name, const.ADMIN_STATE_UP: True, const.ADDRESS: cls.webserver2_ip, const.PROTOCOL_PORT: 80, } if cls.lb_member_2_subnet: member2_kwargs[const.SUBNET_ID] = cls.lb_member_2_subnet[const.ID] member2 = cls.mem_member_client.create_member(**member2_kwargs) cls.addClassResourceCleanup(cls.mem_member_client.cleanup_member, member2[const.ID], pool_id=cls.pool_id, lb_client=cls.mem_lb_client, lb_id=cls.lb_id) waiters.wait_for_status(cls.mem_lb_client.show_loadbalancer, cls.lb_id, const.PROVISIONING_STATUS, const.ACTIVE, CONF.load_balancer.check_interval, CONF.load_balancer.check_timeout)