def fin():
print("--------------Cleanup----------------")
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vs_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vsr_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ts_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
def fin():
print("Clean up prerequisites")
delete_namespace(kube_apis.v1, namespace)
if (k8sMinorVersion >= 18):
print("Delete IngressClass resources:")
subprocess.run([
"kubectl", "delete", "-f",
f"{DEPLOYMENTS}/common/ingress-class.yaml"
])
subprocess.run([
"kubectl", "delete", "-f",
f"{TEST_DATA}/ingress-class/resource/custom-ingress-class-res.yaml"
])
cleanup_rbac(kube_apis.rbac_v1, rbac)
def fin():
print("--------------Cleanup----------------")
delete_crd(
kube_apis.api_extensions_v1,
dos_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_protected_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove dos arbitrator:")
delete_dos_arbitrator(kube_apis.v1, kube_apis.apps_v1_api,
dos_arbitrator_name, namespace)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
print("Remove the syslog svc:")
delete_items_from_yaml(kube_apis, src_syslog_yaml, namespace)
def fin():
print("Clean up prerequisites")
delete_namespace(kube_apis.v1, namespace)
cleanup_rbac(kube_apis.rbac_v1_beta1, rbac)
def crd_ingress_controller_with_ap(cli_arguments, kube_apis,
ingress_controller_prerequisites,
ingress_controller_endpoint,
request) -> None:
"""
Create an Ingress Controller with AppProtect CRD enabled.
:param cli_arguments: pytest context
:param kube_apis: client apis
:param ingress_controller_prerequisites
:param ingress_controller_endpoint:
:param request: pytest fixture to parametrize this method
{extra_args: }
'extra_args' list of IC arguments
:return:
"""
namespace = ingress_controller_prerequisites.namespace
name = "nginx-ingress"
try:
print(
"--------------------Create roles and bindings for AppProtect------------------------"
)
rbac = configure_rbac_with_ap(kube_apis.rbac_v1)
print(
"------------------------- Register AP CRD -----------------------------------"
)
ap_pol_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_appolicies.yaml"
)
ap_log_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_aplogconfs.yaml"
)
ap_uds_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_apusersigs.yaml"
)
vs_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_virtualservers.yaml"
)
vsr_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_virtualserverroutes.yaml"
)
pol_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_policies.yaml")
ts_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_transportservers.yaml"
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ap_pol_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_appolicies.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ap_log_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_aplogconfs.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/appprotect.f5.com_apusersigs.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
vs_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_virtualservers.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
vsr_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_virtualserverroutes.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
pol_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_policies.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1_beta1,
ts_crd_name,
f"{DEPLOYMENTS}/common/crds-v1beta1/k8s.nginx.org_transportservers.yaml",
)
print(
"------------------------- Create IC -----------------------------------"
)
name = create_ingress_controller(
kube_apis.v1,
kube_apis.apps_v1_api,
cli_arguments,
namespace,
request.param.get("extra_args", None),
)
ensure_connection_to_public_endpoint(
ingress_controller_endpoint.public_ip,
ingress_controller_endpoint.port,
ingress_controller_endpoint.port_ssl,
)
except Exception as ex:
print(
f"Failed to complete CRD IC fixture: {ex}\nClean up the cluster as much as possible."
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vs_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vsr_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ts_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
def fin():
print("--------------Cleanup----------------")
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ap_uds_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vs_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
vsr_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1_beta1,
ts_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
request.addfinalizer(fin)
def crd_ingress_controller_with_dos(cli_arguments, kube_apis,
ingress_controller_prerequisites,
ingress_controller_endpoint, request,
crds) -> None:
"""
Create an Ingress Controller with DOS CRDs enabled.
:param crds: the common IC crds.
:param cli_arguments: pytest context
:param kube_apis: client apis
:param ingress_controller_prerequisites
:param ingress_controller_endpoint:
:param request: pytest fixture to parametrize this method
{extra_args: }
'extra_args' list of IC arguments
:return:
"""
namespace = ingress_controller_prerequisites.namespace
name = "nginx-ingress"
try:
print(
"--------------------Create roles and bindings for AppProtect------------------------"
)
rbac = configure_rbac_with_dos(kube_apis.rbac_v1)
print(
"------------------------- Register AP CRD -----------------------------------"
)
dos_pol_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_apdospolicy.yaml")
dos_log_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_apdoslogconfs.yaml"
)
dos_protected_crd_name = get_name_from_yaml(
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_dosprotectedresources.yaml"
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
dos_pol_crd_name,
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_apdospolicy.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
dos_log_crd_name,
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_apdoslogconfs.yaml",
)
create_crd_from_yaml(
kube_apis.api_extensions_v1,
dos_protected_crd_name,
f"{DEPLOYMENTS}/common/crds/appprotectdos.f5.com_dosprotectedresources.yaml",
)
print(
"------------------------- Create syslog svc -----------------------"
)
src_syslog_yaml = f"{TEST_DATA}/dos/dos-syslog.yaml"
log_loc = f"/var/log/messages"
create_items_from_yaml(kube_apis, src_syslog_yaml, namespace)
before = time.time()
wait_until_all_pods_are_ready(kube_apis.v1, namespace)
after = time.time()
print(f"All pods came up in {int(after-before)} seconds")
print(f"syslog svc was created")
print(
"------------------------- Create dos arbitrator -----------------------"
)
dos_arbitrator_name = create_dos_arbitrator(
kube_apis.v1,
kube_apis.apps_v1_api,
namespace,
)
print(
"------------------------- Create IC -----------------------------------"
)
name = create_ingress_controller(
kube_apis.v1,
kube_apis.apps_v1_api,
cli_arguments,
namespace,
request.param.get("extra_args", None),
)
ensure_connection_to_public_endpoint(
ingress_controller_endpoint.public_ip,
ingress_controller_endpoint.port,
ingress_controller_endpoint.port_ssl,
)
except Exception as ex:
print(
f"Failed to complete CRD IC fixture: {ex}\nClean up the cluster as much as possible."
)
delete_crd(
kube_apis.api_extensions_v1,
dos_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_protected_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove dos arbitrator:")
delete_dos_arbitrator(kube_apis.v1, kube_apis.apps_v1_api,
dos_arbitrator_name, namespace)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
pytest.fail("IC setup failed")
def fin():
print("--------------Cleanup----------------")
delete_crd(
kube_apis.api_extensions_v1,
dos_pol_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_log_crd_name,
)
delete_crd(
kube_apis.api_extensions_v1,
dos_protected_crd_name,
)
print("Remove ap-rbac")
cleanup_rbac(kube_apis.rbac_v1, rbac)
print("Remove dos arbitrator:")
delete_dos_arbitrator(kube_apis.v1, kube_apis.apps_v1_api,
dos_arbitrator_name, namespace)
print("Remove the IC:")
delete_ingress_controller(kube_apis.apps_v1_api, name,
cli_arguments["deployment-type"], namespace)
print("Remove the syslog svc:")
delete_items_from_yaml(kube_apis, src_syslog_yaml, namespace)
request.addfinalizer(fin)
def fin():
print("Clean up prerequisites")
delete_namespace(kube_apis.v1, namespace)
cleanup_rbac(kube_apis.rbac_v1_beta1, rbac)
