vcloud-edge_gateway 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gitignore +16 -0
- data/Gemfile +9 -0
- data/LICENSE.txt +20 -0
- data/README.md +160 -0
- data/Rakefile +23 -0
- data/bin/vcloud-edge +12 -0
- data/jenkins.sh +11 -0
- data/lib/vcloud/config_loader.rb +27 -0
- data/lib/vcloud/config_validator.rb +207 -0
- data/lib/vcloud/edge_gateway/configuration_differ.rb +17 -0
- data/lib/vcloud/edge_gateway/configuration_generator/firewall_service.rb +63 -0
- data/lib/vcloud/edge_gateway/configuration_generator/id_ranges.rb +10 -0
- data/lib/vcloud/edge_gateway/configuration_generator/load_balancer_service.rb +243 -0
- data/lib/vcloud/edge_gateway/configuration_generator/nat_service.rb +54 -0
- data/lib/vcloud/edge_gateway/edge_gateway_configuration.rb +41 -0
- data/lib/vcloud/edge_gateway/version.rb +6 -0
- data/lib/vcloud/edge_gateway.rb +32 -0
- data/lib/vcloud/edge_gateway_services.rb +26 -0
- data/lib/vcloud/schema/edge_gateway.rb +15 -0
- data/lib/vcloud/schema/firewall_service.rb +39 -0
- data/lib/vcloud/schema/load_balancer_service.rb +129 -0
- data/lib/vcloud/schema/nat_service.rb +35 -0
- data/scripts/generate_fog_conf_file.sh +6 -0
- data/spec/erb_helper.rb +11 -0
- data/spec/integration/edge_gateway/data/firewall_config.yaml.erb +17 -0
- data/spec/integration/edge_gateway/data/firewall_config_updated_rule.yaml.erb +17 -0
- data/spec/integration/edge_gateway/data/firewall_rule_order_test.yaml.erb +24 -0
- data/spec/integration/edge_gateway/data/hairpin_nat_config.yaml.erb +13 -0
- data/spec/integration/edge_gateway/data/incorrect_firewall_config.yaml +14 -0
- data/spec/integration/edge_gateway/data/nat_and_firewall_config.yaml.erb +32 -0
- data/spec/integration/edge_gateway/data/nat_config.yaml.erb +17 -0
- data/spec/integration/edge_gateway/edge_gateway_services_spec.rb +132 -0
- data/spec/integration/edge_gateway/firewall_service_spec.rb +201 -0
- data/spec/integration/edge_gateway/nat_service_spec.rb +208 -0
- data/spec/spec_helper.rb +26 -0
- data/spec/vcloud/config_loader_spec.rb +112 -0
- data/spec/vcloud/config_validator_spec.rb +570 -0
- data/spec/vcloud/data/basic_preamble_test.erb +8 -0
- data/spec/vcloud/data/basic_preamble_test.erb.OUT +8 -0
- data/spec/vcloud/data/working.json +21 -0
- data/spec/vcloud/data/working.yaml +22 -0
- data/spec/vcloud/data/working_with_defaults.yaml +25 -0
- data/spec/vcloud/edge_gateway/configuration_differ_spec.rb +131 -0
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_http-input.yaml +41 -0
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_http-output.yaml +93 -0
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_https-input.yaml +39 -0
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_https-output.yaml +92 -0
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_mixed_complex-input.yaml +65 -0
- data/spec/vcloud/edge_gateway/configuration_generator/data/load_balancer_mixed_complex-output.yaml +94 -0
- data/spec/vcloud/edge_gateway/configuration_generator/firewall_service_spec.rb +378 -0
- data/spec/vcloud/edge_gateway/configuration_generator/load_balancer_service_spec.rb +233 -0
- data/spec/vcloud/edge_gateway/configuration_generator/nat_service_spec.rb +360 -0
- data/spec/vcloud/edge_gateway/edge_gateway_configuration_spec.rb +182 -0
- data/spec/vcloud/edge_gateway/firewall_schema_validation_spec.rb +45 -0
- data/spec/vcloud/edge_gateway/load_balancer_schema_validation_spec.rb +153 -0
- data/spec/vcloud/edge_gateway/nat_schema_validation_spec.rb +93 -0
- data/vcloud-edge_gateway.gemspec +32 -0
- metadata +252 -0
@@ -0,0 +1,378 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module Vcloud
|
4
|
+
module EdgeGateway
|
5
|
+
module ConfigurationGenerator
|
6
|
+
describe FirewallService do
|
7
|
+
|
8
|
+
context "top level firewall configuration defaults" do
|
9
|
+
|
10
|
+
before(:all) do
|
11
|
+
input = { } # minimum firewall configuration
|
12
|
+
@output = FirewallService.new.generate_fog_config input
|
13
|
+
end
|
14
|
+
|
15
|
+
it 'should default to FirewallService enabled' do
|
16
|
+
expect(@output[:IsEnabled]).to eq('true')
|
17
|
+
end
|
18
|
+
|
19
|
+
it 'should set the firewall action to DROP packets by default' do
|
20
|
+
expect(@output[:DefaultAction]).to eq('drop')
|
21
|
+
end
|
22
|
+
|
23
|
+
it 'should set the firewall to not log by default' do
|
24
|
+
expect(@output[:LogDefaultAction]).to eq('false')
|
25
|
+
end
|
26
|
+
|
27
|
+
end
|
28
|
+
|
29
|
+
context "firewall rule defaults" do
|
30
|
+
|
31
|
+
before(:all) do
|
32
|
+
input = { firewall_rules: [{
|
33
|
+
destination_ip: "192.2.0.88",
|
34
|
+
destination_port_range: "5000-5010",
|
35
|
+
source_ip: "Any",
|
36
|
+
}]} # minimum firewall configuration with a rule
|
37
|
+
output = FirewallService.new.generate_fog_config input
|
38
|
+
@rule = output[:FirewallRule].first
|
39
|
+
end
|
40
|
+
|
41
|
+
it 'should default to rule being enabled' do
|
42
|
+
expect(@rule[:IsEnabled]).to eq('true')
|
43
|
+
end
|
44
|
+
|
45
|
+
it 'should default to rule policy being "allow"' do
|
46
|
+
expect(@rule[:Policy]).to eq('allow')
|
47
|
+
end
|
48
|
+
|
49
|
+
it 'should default to rule protocol being TCP-only' do
|
50
|
+
expect(@rule[:Protocols]).to eq({Tcp: 'true'})
|
51
|
+
end
|
52
|
+
|
53
|
+
it 'should default to source port range being "Any"' do
|
54
|
+
expect(@rule[:SourcePortRange]).to eq('Any')
|
55
|
+
end
|
56
|
+
|
57
|
+
it 'should default to MatchOnTranslate to be false' do
|
58
|
+
expect(@rule[:MatchOnTranslate]).to eq('false')
|
59
|
+
end
|
60
|
+
|
61
|
+
it 'should have an empty default description' do
|
62
|
+
expect(@rule[:Description]).to eq('')
|
63
|
+
end
|
64
|
+
|
65
|
+
end
|
66
|
+
|
67
|
+
context "firewall config generation" do
|
68
|
+
|
69
|
+
test_cases = [
|
70
|
+
|
71
|
+
{
|
72
|
+
title: 'disabled firewall with a disabled rule',
|
73
|
+
input: {
|
74
|
+
enabled: 'false',
|
75
|
+
policy: 'allow',
|
76
|
+
log_default_action: 'true',
|
77
|
+
firewall_rules: [
|
78
|
+
{
|
79
|
+
enabled: 'false',
|
80
|
+
id: '999',
|
81
|
+
match_on_translate: 'true',
|
82
|
+
description: "A rule",
|
83
|
+
policy: "allow",
|
84
|
+
protocols: "tcp+udp",
|
85
|
+
destination_port_range: "22",
|
86
|
+
destination_ip: "10.10.20.20",
|
87
|
+
source_port_range: "Any",
|
88
|
+
source_ip: "192.0.2.2",
|
89
|
+
enable_logging: 'true',
|
90
|
+
}
|
91
|
+
]
|
92
|
+
},
|
93
|
+
output: {
|
94
|
+
IsEnabled: 'false',
|
95
|
+
DefaultAction: "allow",
|
96
|
+
LogDefaultAction: 'true',
|
97
|
+
FirewallRule: [
|
98
|
+
{
|
99
|
+
Id: '999',
|
100
|
+
IsEnabled: 'false',
|
101
|
+
Description: "A rule",
|
102
|
+
MatchOnTranslate: 'true',
|
103
|
+
Policy: "allow",
|
104
|
+
Protocols: {Tcp: 'true', Udp: 'true'},
|
105
|
+
Port: '22',
|
106
|
+
SourcePort: '-1',
|
107
|
+
DestinationPortRange: "22",
|
108
|
+
DestinationIp: "10.10.20.20",
|
109
|
+
SourcePortRange: "Any",
|
110
|
+
SourceIp: "192.0.2.2",
|
111
|
+
EnableLogging: 'true',
|
112
|
+
}
|
113
|
+
]
|
114
|
+
}
|
115
|
+
},
|
116
|
+
|
117
|
+
{
|
118
|
+
title: 'id should be auto generated if not provided',
|
119
|
+
input: {
|
120
|
+
firewall_rules: [
|
121
|
+
{
|
122
|
+
description: "rule 1",
|
123
|
+
destination_port_range: "22",
|
124
|
+
destination_ip: "10.10.20.20",
|
125
|
+
source_ip: "192.0.2.2",
|
126
|
+
},
|
127
|
+
{
|
128
|
+
description: "rule 2",
|
129
|
+
destination_port_range: "22",
|
130
|
+
destination_ip: "10.10.20.20",
|
131
|
+
source_ip: "192.0.2.2",
|
132
|
+
}
|
133
|
+
]
|
134
|
+
},
|
135
|
+
output: {
|
136
|
+
IsEnabled: 'true',
|
137
|
+
DefaultAction: "drop",
|
138
|
+
LogDefaultAction: 'false',
|
139
|
+
FirewallRule: [
|
140
|
+
{
|
141
|
+
Id: '1',
|
142
|
+
IsEnabled: 'true',
|
143
|
+
Description: "rule 1",
|
144
|
+
MatchOnTranslate: 'false',
|
145
|
+
Policy: "allow",
|
146
|
+
Protocols: {Tcp: 'true'},
|
147
|
+
Port: '22',
|
148
|
+
SourcePort: '-1',
|
149
|
+
DestinationPortRange: "22",
|
150
|
+
DestinationIp: "10.10.20.20",
|
151
|
+
SourcePortRange: "Any",
|
152
|
+
SourceIp: "192.0.2.2",
|
153
|
+
EnableLogging: 'false',
|
154
|
+
},
|
155
|
+
{
|
156
|
+
Id: '2',
|
157
|
+
IsEnabled: 'true',
|
158
|
+
Description: "rule 2",
|
159
|
+
MatchOnTranslate: 'false',
|
160
|
+
Policy: "allow",
|
161
|
+
Protocols: {Tcp: 'true'},
|
162
|
+
Port: '22',
|
163
|
+
SourcePort: '-1',
|
164
|
+
DestinationPortRange: "22",
|
165
|
+
DestinationIp: "10.10.20.20",
|
166
|
+
SourcePortRange: "Any",
|
167
|
+
SourceIp: "192.0.2.2",
|
168
|
+
EnableLogging: 'false',
|
169
|
+
}
|
170
|
+
]
|
171
|
+
}
|
172
|
+
|
173
|
+
|
174
|
+
} ,
|
175
|
+
{
|
176
|
+
title: 'should send port as -1 if destination/source_port_ranges are ranges',
|
177
|
+
input: {
|
178
|
+
firewall_rules: [
|
179
|
+
{
|
180
|
+
description: "rule 1",
|
181
|
+
destination_port_range: "22-23",
|
182
|
+
source_port_range: "1000-1004",
|
183
|
+
destination_ip: "10.10.20.20",
|
184
|
+
source_ip: "192.0.2.2",
|
185
|
+
}
|
186
|
+
]
|
187
|
+
},
|
188
|
+
output: {
|
189
|
+
IsEnabled: 'true',
|
190
|
+
DefaultAction: "drop",
|
191
|
+
LogDefaultAction: 'false',
|
192
|
+
FirewallRule: [
|
193
|
+
{
|
194
|
+
Id: '1',
|
195
|
+
IsEnabled: 'true',
|
196
|
+
Description: "rule 1",
|
197
|
+
MatchOnTranslate: 'false',
|
198
|
+
Policy: "allow",
|
199
|
+
Protocols: {Tcp: 'true'},
|
200
|
+
DestinationPortRange: "22-23",
|
201
|
+
Port: '-1',
|
202
|
+
SourcePort: '-1',
|
203
|
+
DestinationIp: "10.10.20.20",
|
204
|
+
SourcePortRange: "1000-1004",
|
205
|
+
SourceIp: "192.0.2.2",
|
206
|
+
EnableLogging: 'false',
|
207
|
+
}
|
208
|
+
]
|
209
|
+
}
|
210
|
+
} ,
|
211
|
+
{
|
212
|
+
title: 'should send port same as destination/source_port_range if destination/source_port_range are decimals and not ranges',
|
213
|
+
input: {
|
214
|
+
firewall_rules: [
|
215
|
+
{
|
216
|
+
description: "rule 1",
|
217
|
+
destination_port_range: "22",
|
218
|
+
source_port_range: "1000",
|
219
|
+
destination_ip: "10.10.20.20",
|
220
|
+
source_ip: "192.0.2.2",
|
221
|
+
}
|
222
|
+
]
|
223
|
+
},
|
224
|
+
output: {
|
225
|
+
IsEnabled: 'true',
|
226
|
+
DefaultAction: "drop",
|
227
|
+
LogDefaultAction: 'false',
|
228
|
+
FirewallRule: [
|
229
|
+
{
|
230
|
+
Id: '1',
|
231
|
+
IsEnabled: 'true',
|
232
|
+
Description: "rule 1",
|
233
|
+
MatchOnTranslate: 'false',
|
234
|
+
Policy: "allow",
|
235
|
+
Protocols: {Tcp: 'true'},
|
236
|
+
Port: '22',
|
237
|
+
SourcePort: '1000',
|
238
|
+
DestinationPortRange: "22",
|
239
|
+
DestinationIp: "10.10.20.20",
|
240
|
+
SourcePortRange: "1000",
|
241
|
+
SourceIp: "192.0.2.2",
|
242
|
+
EnableLogging: 'false',
|
243
|
+
}
|
244
|
+
]
|
245
|
+
},
|
246
|
+
title: 'output rule order should be same as the input rule order',
|
247
|
+
input: {
|
248
|
+
firewall_rules: [
|
249
|
+
{
|
250
|
+
description: "rule 1",
|
251
|
+
destination_port_range: "8081",
|
252
|
+
destination_ip: "10.10.20.20",
|
253
|
+
source_ip: "Any",
|
254
|
+
},
|
255
|
+
{
|
256
|
+
description: "rule 2",
|
257
|
+
destination_port_range: "8082",
|
258
|
+
destination_ip: "10.10.20.20",
|
259
|
+
source_ip: "Any",
|
260
|
+
},
|
261
|
+
{
|
262
|
+
description: "rule 3",
|
263
|
+
destination_port_range: "8083",
|
264
|
+
destination_ip: "10.10.20.20",
|
265
|
+
source_ip: "Any",
|
266
|
+
},
|
267
|
+
{
|
268
|
+
description: "rule 4",
|
269
|
+
destination_port_range: "8084",
|
270
|
+
destination_ip: "10.10.20.20",
|
271
|
+
source_ip: "Any",
|
272
|
+
},
|
273
|
+
{
|
274
|
+
description: "rule 5",
|
275
|
+
destination_port_range: "8085",
|
276
|
+
destination_ip: "10.10.20.20",
|
277
|
+
source_ip: "Any",
|
278
|
+
},
|
279
|
+
],
|
280
|
+
},
|
281
|
+
output: {
|
282
|
+
IsEnabled: 'true',
|
283
|
+
DefaultAction: "drop",
|
284
|
+
LogDefaultAction: 'false',
|
285
|
+
FirewallRule: [
|
286
|
+
{
|
287
|
+
Id: '1',
|
288
|
+
IsEnabled: 'true',
|
289
|
+
MatchOnTranslate: 'false',
|
290
|
+
Description: "rule 1",
|
291
|
+
Policy: "allow",
|
292
|
+
Protocols: {Tcp: 'true'},
|
293
|
+
DestinationPortRange: "8081",
|
294
|
+
Port: '8081',
|
295
|
+
DestinationIp: "10.10.20.20",
|
296
|
+
SourcePortRange: "Any",
|
297
|
+
SourcePort: '-1',
|
298
|
+
SourceIp: "Any",
|
299
|
+
EnableLogging: 'false',
|
300
|
+
},
|
301
|
+
{
|
302
|
+
Id: '2',
|
303
|
+
IsEnabled: 'true',
|
304
|
+
MatchOnTranslate: 'false',
|
305
|
+
Description: "rule 2",
|
306
|
+
Policy: "allow",
|
307
|
+
Protocols: {Tcp: 'true'},
|
308
|
+
DestinationPortRange: "8082",
|
309
|
+
Port: '8082',
|
310
|
+
DestinationIp: "10.10.20.20",
|
311
|
+
SourcePortRange: "Any",
|
312
|
+
SourcePort: '-1',
|
313
|
+
SourceIp: "Any",
|
314
|
+
EnableLogging: 'false',
|
315
|
+
},
|
316
|
+
{
|
317
|
+
Id: '3',
|
318
|
+
IsEnabled: 'true',
|
319
|
+
MatchOnTranslate: 'false',
|
320
|
+
Description: "rule 3",
|
321
|
+
Policy: "allow",
|
322
|
+
Protocols: {Tcp: 'true'},
|
323
|
+
DestinationPortRange: "8083",
|
324
|
+
Port: '8083',
|
325
|
+
DestinationIp: "10.10.20.20",
|
326
|
+
SourcePortRange: "Any",
|
327
|
+
SourcePort: '-1',
|
328
|
+
SourceIp: "Any",
|
329
|
+
EnableLogging: 'false',
|
330
|
+
},
|
331
|
+
{
|
332
|
+
Id: '4',
|
333
|
+
IsEnabled: 'true',
|
334
|
+
MatchOnTranslate: 'false',
|
335
|
+
Description: "rule 4",
|
336
|
+
Policy: "allow",
|
337
|
+
Protocols: {Tcp: 'true'},
|
338
|
+
DestinationPortRange: "8084",
|
339
|
+
Port: '8084',
|
340
|
+
DestinationIp: "10.10.20.20",
|
341
|
+
SourcePortRange: "Any",
|
342
|
+
SourcePort: '-1',
|
343
|
+
SourceIp: "Any",
|
344
|
+
EnableLogging: 'false',
|
345
|
+
},
|
346
|
+
{
|
347
|
+
Id: '5',
|
348
|
+
IsEnabled: 'true',
|
349
|
+
MatchOnTranslate: 'false',
|
350
|
+
Description: "rule 5",
|
351
|
+
Policy: "allow",
|
352
|
+
Protocols: {Tcp: 'true'},
|
353
|
+
DestinationPortRange: "8085",
|
354
|
+
Port: '8085',
|
355
|
+
DestinationIp: "10.10.20.20",
|
356
|
+
SourcePortRange: "Any",
|
357
|
+
SourcePort: '-1',
|
358
|
+
SourceIp: "Any",
|
359
|
+
EnableLogging: 'false',
|
360
|
+
}
|
361
|
+
]
|
362
|
+
}
|
363
|
+
}
|
364
|
+
]
|
365
|
+
|
366
|
+
test_cases.each do |test_case|
|
367
|
+
it "#{test_case[:title]}" do
|
368
|
+
generated_config = FirewallService.new.generate_fog_config test_case[:input]
|
369
|
+
expect(generated_config).to eq(test_case[:output])
|
370
|
+
end
|
371
|
+
|
372
|
+
end
|
373
|
+
|
374
|
+
end
|
375
|
+
end
|
376
|
+
end
|
377
|
+
end
|
378
|
+
end
|
@@ -0,0 +1,233 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
module Vcloud
|
4
|
+
module EdgeGateway
|
5
|
+
module ConfigurationGenerator
|
6
|
+
describe LoadBalancerService do
|
7
|
+
|
8
|
+
before(:each) do
|
9
|
+
@edge_gw_name = 'EdgeGateway1'
|
10
|
+
@edge_gw_id = '1111111-7b54-43dd-9eb1-631dd337e5a7'
|
11
|
+
edge_gateway = double(:edge_gateway,
|
12
|
+
:vcloud_gateway_interface_by_id => {
|
13
|
+
Network: {
|
14
|
+
:name => 'ExternalNetwork',
|
15
|
+
:href => 'https://example.com/api/admin/network/12345678-1234-1234-1234-123456789012'
|
16
|
+
}
|
17
|
+
}
|
18
|
+
)
|
19
|
+
expect(Vcloud::Core::EdgeGateway).
|
20
|
+
to receive(:get_by_name).
|
21
|
+
with(@edge_gw_name).
|
22
|
+
and_return(edge_gateway)
|
23
|
+
end
|
24
|
+
|
25
|
+
context "top level LoadBalancer configuration defaults" do
|
26
|
+
|
27
|
+
before(:each) do
|
28
|
+
input = { } # minimum configuration
|
29
|
+
@output = LoadBalancerService.new(@edge_gw_name).generate_fog_config(input)
|
30
|
+
end
|
31
|
+
|
32
|
+
it 'should default to LoadBalancerService enabled' do
|
33
|
+
expect(@output[:IsEnabled]).to eq('true')
|
34
|
+
end
|
35
|
+
|
36
|
+
it 'should match our expected defaults' do
|
37
|
+
expect(@output).to eq({
|
38
|
+
:IsEnabled=>"true", :Pool=>[], :VirtualServer=>[]
|
39
|
+
})
|
40
|
+
end
|
41
|
+
|
42
|
+
end
|
43
|
+
|
44
|
+
context "When configuring a minimal VirtualServer entry" do
|
45
|
+
|
46
|
+
before(:each) do
|
47
|
+
input = { virtual_servers: [{
|
48
|
+
name: "virtual-server-1",
|
49
|
+
ip_address: '192.2.0.1',
|
50
|
+
network: "12345678-1234-1234-1234-123456789aa",
|
51
|
+
pool: "pool-1",
|
52
|
+
}]}
|
53
|
+
output = LoadBalancerService.new(@edge_gw_name).generate_fog_config(input)
|
54
|
+
@rule = output[:VirtualServer].first
|
55
|
+
end
|
56
|
+
|
57
|
+
it 'should default to the entry being enabled' do
|
58
|
+
expect(@rule[:IsEnabled]).to eq('true')
|
59
|
+
end
|
60
|
+
|
61
|
+
it 'should default to description being empty' do
|
62
|
+
expect(@rule[:Description]).to eq('')
|
63
|
+
end
|
64
|
+
|
65
|
+
it 'should match our expected complete entry' do
|
66
|
+
expect(@rule).to eq({
|
67
|
+
:IsEnabled=>"true",
|
68
|
+
:Name=>"virtual-server-1",
|
69
|
+
:Description=>"",
|
70
|
+
:Interface=>{
|
71
|
+
:type=>"application/vnd.vmware.vcloud.orgVdcNetwork+xml",
|
72
|
+
:name=>"ExternalNetwork",
|
73
|
+
:href=>"https://example.com/api/admin/network/12345678-1234-1234-1234-123456789012",
|
74
|
+
},
|
75
|
+
:IpAddress=>"192.2.0.1",
|
76
|
+
:ServiceProfile=>[
|
77
|
+
{
|
78
|
+
:IsEnabled=>"false",
|
79
|
+
:Protocol=>"HTTP",
|
80
|
+
:Port=>"80",
|
81
|
+
:Persistence=>{:Method=>""}
|
82
|
+
},
|
83
|
+
{
|
84
|
+
:IsEnabled=>"false",
|
85
|
+
:Protocol=>"HTTPS",
|
86
|
+
:Port=>"443",
|
87
|
+
:Persistence=>{:Method=>""}
|
88
|
+
},
|
89
|
+
{
|
90
|
+
:IsEnabled=>"false",
|
91
|
+
:Protocol=>"TCP",
|
92
|
+
:Port=>"",
|
93
|
+
:Persistence=>{:Method=>""}
|
94
|
+
}
|
95
|
+
],
|
96
|
+
:Logging=>"false",
|
97
|
+
:Pool=>"pool-1"
|
98
|
+
})
|
99
|
+
end
|
100
|
+
|
101
|
+
end
|
102
|
+
|
103
|
+
context "When configuring a minimal Pool entry" do
|
104
|
+
|
105
|
+
before(:each) do
|
106
|
+
input = { pools: [{
|
107
|
+
name: "pool-1",
|
108
|
+
members: [ { ip_address: '10.10.10.10' } ],
|
109
|
+
}]}
|
110
|
+
output = LoadBalancerService.new(@edge_gw_name).generate_fog_config(input)
|
111
|
+
@rule = output[:Pool].first
|
112
|
+
end
|
113
|
+
|
114
|
+
it 'should default to description being not set' do
|
115
|
+
expect(@rule.key?(:Description)).to be_false
|
116
|
+
end
|
117
|
+
|
118
|
+
it 'should match our expected complete entry' do
|
119
|
+
expect(@rule).to eq({
|
120
|
+
:Name=>"pool-1",
|
121
|
+
:ServicePort=>[
|
122
|
+
{
|
123
|
+
:IsEnabled=>"false",
|
124
|
+
:Protocol=>"HTTP",
|
125
|
+
:Algorithm=>"ROUND_ROBIN",
|
126
|
+
:Port=>"80",
|
127
|
+
:HealthCheckPort=>"",
|
128
|
+
:HealthCheck=>{
|
129
|
+
:Mode=>"HTTP",
|
130
|
+
:Uri=>"",
|
131
|
+
:HealthThreshold=>"2",
|
132
|
+
:UnhealthThreshold=>"3",
|
133
|
+
:Interval=>"5",
|
134
|
+
:Timeout=>"15"
|
135
|
+
}
|
136
|
+
},
|
137
|
+
{
|
138
|
+
:IsEnabled=>"false",
|
139
|
+
:Protocol=>"HTTPS",
|
140
|
+
:Algorithm=>"ROUND_ROBIN",
|
141
|
+
:Port=>"443",
|
142
|
+
:HealthCheckPort=>"",
|
143
|
+
:HealthCheck=>{
|
144
|
+
:Mode=>"SSL",
|
145
|
+
:HealthThreshold=>"2",
|
146
|
+
:UnhealthThreshold=>"3",
|
147
|
+
:Interval=>"5",
|
148
|
+
:Timeout=>"15"
|
149
|
+
}
|
150
|
+
},
|
151
|
+
{
|
152
|
+
:IsEnabled=>"false",
|
153
|
+
:Protocol=>"TCP",
|
154
|
+
:Algorithm=>"ROUND_ROBIN",
|
155
|
+
:Port=>"",
|
156
|
+
:HealthCheckPort=>"",
|
157
|
+
:HealthCheck=>{
|
158
|
+
:Mode=>"TCP",
|
159
|
+
:HealthThreshold=>"2",
|
160
|
+
:UnhealthThreshold=>"3",
|
161
|
+
:Interval=>"5",
|
162
|
+
:Timeout=>"15"
|
163
|
+
}
|
164
|
+
}],
|
165
|
+
:Member=>[
|
166
|
+
{
|
167
|
+
:IpAddress=>"10.10.10.10",
|
168
|
+
:Weight=>"1",
|
169
|
+
:ServicePort=>[
|
170
|
+
{:Protocol=>"HTTP",
|
171
|
+
:Port=>"",
|
172
|
+
:HealthCheckPort=>""},
|
173
|
+
{:Protocol=>"HTTPS",
|
174
|
+
:Port=>"",
|
175
|
+
:HealthCheckPort=>""},
|
176
|
+
{:Protocol=>"TCP",
|
177
|
+
:Port=>"",
|
178
|
+
:HealthCheckPort=>""}
|
179
|
+
]
|
180
|
+
}
|
181
|
+
]
|
182
|
+
})
|
183
|
+
end
|
184
|
+
end
|
185
|
+
|
186
|
+
context "When configuring HTTP load balancer" do
|
187
|
+
|
188
|
+
it 'should expand out input config into Fog expected input' do
|
189
|
+
input = read_data_file('load_balancer_http-input.yaml')
|
190
|
+
expected_output = read_data_file('load_balancer_http-output.yaml')
|
191
|
+
generated_config = LoadBalancerService.new(@edge_gw_name).
|
192
|
+
generate_fog_config input
|
193
|
+
expect(generated_config).to eq(expected_output)
|
194
|
+
end
|
195
|
+
|
196
|
+
end
|
197
|
+
|
198
|
+
context "When configuring HTTPS load balancer" do
|
199
|
+
|
200
|
+
it 'should expand out input config into Fog expected input' do
|
201
|
+
input = read_data_file('load_balancer_https-input.yaml')
|
202
|
+
expected_output = read_data_file('load_balancer_https-output.yaml')
|
203
|
+
generated_config = LoadBalancerService.new(@edge_gw_name).
|
204
|
+
generate_fog_config input
|
205
|
+
expect(generated_config).to eq(expected_output)
|
206
|
+
end
|
207
|
+
|
208
|
+
end
|
209
|
+
|
210
|
+
context "When configuring complex mixed protocol load balancer" do
|
211
|
+
|
212
|
+
it 'should expand out input config into Fog expected input' do
|
213
|
+
input = read_data_file('load_balancer_mixed_complex-input.yaml')
|
214
|
+
expected_output = read_data_file('load_balancer_mixed_complex-output.yaml')
|
215
|
+
generated_config = LoadBalancerService.new(@edge_gw_name).
|
216
|
+
generate_fog_config input
|
217
|
+
expect(generated_config).to eq(expected_output)
|
218
|
+
end
|
219
|
+
|
220
|
+
end
|
221
|
+
|
222
|
+
def read_data_file(name)
|
223
|
+
full_path = File.join(File.dirname(__FILE__), 'data', name)
|
224
|
+
unsymbolized_data = YAML::load(File.open(full_path))
|
225
|
+
json_string = JSON.generate(unsymbolized_data)
|
226
|
+
JSON.parse(json_string, :symbolize_names => true)
|
227
|
+
end
|
228
|
+
|
229
|
+
end
|
230
|
+
|
231
|
+
end
|
232
|
+
end
|
233
|
+
end
|