octavia 14.0.0.0rc1__py3-none-any.whl → 15.0.0.0rc1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- octavia/amphorae/backends/agent/agent_jinja_cfg.py +1 -4
- octavia/amphorae/backends/agent/api_server/amphora_info.py +5 -5
- octavia/amphorae/backends/agent/api_server/keepalived.py +26 -53
- octavia/amphorae/backends/agent/api_server/keepalivedlvs.py +44 -83
- octavia/amphorae/backends/agent/api_server/loadbalancer.py +94 -112
- octavia/amphorae/backends/agent/api_server/lvs_listener_base.py +1 -1
- octavia/amphorae/backends/agent/api_server/osutils.py +11 -8
- octavia/amphorae/backends/agent/api_server/plug.py +12 -13
- octavia/amphorae/backends/agent/api_server/server.py +4 -3
- octavia/amphorae/backends/agent/api_server/templates/keepalived_lvs_check_script.sh.j2 +0 -4
- octavia/amphorae/backends/agent/api_server/util.py +23 -68
- octavia/amphorae/backends/agent/templates/amphora_agent_conf.template +0 -3
- octavia/amphorae/backends/health_daemon/health_daemon.py +6 -7
- octavia/amphorae/backends/health_daemon/health_sender.py +2 -2
- octavia/amphorae/backends/utils/haproxy_query.py +3 -6
- octavia/amphorae/backends/utils/interface.py +11 -50
- octavia/amphorae/backends/utils/interface_file.py +29 -16
- octavia/amphorae/backends/utils/ip_advertisement.py +1 -1
- octavia/amphorae/backends/utils/keepalivedlvs_query.py +7 -8
- octavia/amphorae/backends/utils/network_namespace.py +3 -3
- octavia/amphorae/backends/utils/nftable_utils.py +33 -11
- octavia/amphorae/drivers/driver_base.py +2 -2
- octavia/amphorae/drivers/haproxy/rest_api_driver.py +26 -38
- octavia/amphorae/drivers/health/heartbeat_udp.py +1 -1
- octavia/amphorae/drivers/keepalived/jinja/jinja_cfg.py +1 -2
- octavia/amphorae/drivers/keepalived/jinja/templates/keepalived_base.template +0 -1
- octavia/amphorae/drivers/noop_driver/driver.py +1 -1
- octavia/api/app.py +1 -2
- octavia/api/common/pagination.py +16 -22
- octavia/api/common/types.py +1 -1
- octavia/api/drivers/amphora_driver/v2/driver.py +6 -6
- octavia/api/drivers/driver_agent/driver_listener.py +3 -3
- octavia/api/drivers/driver_agent/driver_updater.py +1 -1
- octavia/api/drivers/noop_driver/driver.py +1 -1
- octavia/api/root_controller.py +2 -2
- octavia/api/v2/controllers/base.py +2 -4
- octavia/api/v2/controllers/health_monitor.py +5 -3
- octavia/api/v2/controllers/listener.py +2 -2
- octavia/api/v2/controllers/load_balancer.py +7 -0
- octavia/api/v2/controllers/member.py +12 -2
- octavia/api/v2/types/amphora.py +1 -1
- octavia/api/v2/types/availability_zone_profile.py +1 -2
- octavia/api/v2/types/availability_zones.py +1 -2
- octavia/api/v2/types/flavor_profile.py +1 -1
- octavia/api/v2/types/flavors.py +1 -1
- octavia/api/v2/types/health_monitor.py +1 -1
- octavia/api/v2/types/l7policy.py +1 -1
- octavia/api/v2/types/l7rule.py +1 -1
- octavia/api/v2/types/listener.py +3 -3
- octavia/api/v2/types/load_balancer.py +3 -3
- octavia/api/v2/types/member.py +2 -2
- octavia/api/v2/types/pool.py +2 -2
- octavia/api/v2/types/quotas.py +2 -2
- octavia/certificates/common/barbican.py +1 -1
- octavia/certificates/common/cert.py +1 -1
- octavia/certificates/generator/cert_gen.py +1 -1
- octavia/certificates/generator/local.py +5 -5
- octavia/certificates/manager/cert_mgr.py +1 -1
- octavia/certificates/manager/local.py +20 -20
- octavia/cmd/agent.py +3 -3
- octavia/cmd/driver_agent.py +2 -3
- octavia/cmd/health_checker.py +4 -4
- octavia/cmd/interface.py +4 -4
- octavia/cmd/prometheus_proxy.py +11 -13
- octavia/common/base_taskflow.py +3 -3
- octavia/common/clients.py +4 -4
- octavia/common/config.py +18 -24
- octavia/common/constants.py +28 -35
- octavia/common/data_models.py +2 -2
- octavia/common/jinja/haproxy/combined_listeners/jinja_cfg.py +5 -5
- octavia/common/jinja/logging/logging_jinja_cfg.py +1 -1
- octavia/common/jinja/lvs/jinja_cfg.py +1 -1
- octavia/common/jinja/user_data_jinja_cfg.py +1 -1
- octavia/common/keystone.py +1 -1
- octavia/common/policy.py +2 -3
- octavia/common/stats.py +1 -1
- octavia/common/tls_utils/cert_parser.py +2 -1
- octavia/common/utils.py +3 -3
- octavia/common/validate.py +9 -13
- octavia/compute/compute_base.py +1 -1
- octavia/compute/drivers/noop_driver/driver.py +1 -1
- octavia/compute/drivers/nova_driver.py +1 -1
- octavia/controller/healthmanager/health_manager.py +1 -1
- octavia/controller/housekeeping/house_keeping.py +2 -2
- octavia/controller/queue/v2/consumer.py +1 -2
- octavia/controller/queue/v2/endpoints.py +1 -1
- octavia/controller/worker/amphora_rate_limit.py +6 -6
- octavia/controller/worker/task_utils.py +1 -1
- octavia/controller/worker/v2/controller_worker.py +3 -3
- octavia/controller/worker/v2/flows/amphora_flows.py +15 -4
- octavia/controller/worker/v2/flows/flow_utils.py +6 -5
- octavia/controller/worker/v2/flows/health_monitor_flows.py +1 -1
- octavia/controller/worker/v2/flows/l7policy_flows.py +1 -1
- octavia/controller/worker/v2/flows/l7rule_flows.py +1 -1
- octavia/controller/worker/v2/flows/listener_flows.py +18 -6
- octavia/controller/worker/v2/flows/load_balancer_flows.py +1 -1
- octavia/controller/worker/v2/flows/member_flows.py +12 -19
- octavia/controller/worker/v2/flows/pool_flows.py +1 -1
- octavia/controller/worker/v2/taskflow_jobboard_driver.py +17 -3
- octavia/controller/worker/v2/tasks/compute_tasks.py +1 -3
- octavia/controller/worker/v2/tasks/network_tasks.py +3 -4
- octavia/db/base_models.py +21 -9
- octavia/db/migration/alembic_migrations/versions/034756a182a2_amphora_add_image_id.py +2 -2
- octavia/db/migration/alembic_migrations/versions/034b2dc2f3e0_modernize_l7policy_fields.py +31 -31
- octavia/db/migration/alembic_migrations/versions/0f242cf02c74_add_provider_column.py +2 -2
- octavia/db/migration/alembic_migrations/versions/10d38216ad34_add_timestamps_to_amphora.py +4 -4
- octavia/db/migration/alembic_migrations/versions/11e4bb2bb8ef_fix_ipv6_vip.py +1 -1
- octavia/db/migration/alembic_migrations/versions/13500e2e978d_update_url_and_name_size.py +6 -6
- octavia/db/migration/alembic_migrations/versions/14892634e228_update_vip.py +5 -5
- octavia/db/migration/alembic_migrations/versions/186509101b9b_add_server_group_id_to_loadbalancer.py +2 -2
- octavia/db/migration/alembic_migrations/versions/1afc932f1ca2_l7rule_support_client_cert.py +3 -3
- octavia/db/migration/alembic_migrations/versions/1e4c1d83044c_keepalived_configuration_datamodel.py +26 -26
- octavia/db/migration/alembic_migrations/versions/2351ea316465_adding_terminate_https_tls_ref_support.py +4 -4
- octavia/db/migration/alembic_migrations/versions/256852d5ff7c_add_lb_network_ip_to_amphora.py +2 -2
- octavia/db/migration/alembic_migrations/versions/27e54d00c3cd_add_monitor_address_and_port_to_member.py +4 -4
- octavia/db/migration/alembic_migrations/versions/298eac0640a7_add_amphora_vrrp_port_id_and_ha_port_id.py +4 -4
- octavia/db/migration/alembic_migrations/versions/29ff921a6eb_shared_pools.py +3 -3
- octavia/db/migration/alembic_migrations/versions/2ad093f6353f_add_listener_client_ca_tls_certificate_.py +2 -2
- octavia/db/migration/alembic_migrations/versions/31f7653ded67_allow_multiple_vips_per_loadbalancer.py +10 -10
- octavia/db/migration/alembic_migrations/versions/32e5c35b26a8_add_l7policy_and_l7rule_quota.py +4 -4
- octavia/db/migration/alembic_migrations/versions/357d17a6d5ac_update_lb_and_amphora_data_model_for_.py +20 -20
- octavia/db/migration/alembic_migrations/versions/35dee79d5865_initial_create.py +185 -185
- octavia/db/migration/alembic_migrations/versions/36b94648fef8_add_timestamp.py +2 -2
- octavia/db/migration/alembic_migrations/versions/392fb85b4419_add_primary_key_to_spares_pool.py +1 -1
- octavia/db/migration/alembic_migrations/versions/3a1e1cdb7b27_rename_amphora_host_id.py +1 -1
- octavia/db/migration/alembic_migrations/versions/3b199c848b96_create_no_monitor_operational_status.py +1 -1
- octavia/db/migration/alembic_migrations/versions/3e5b37a0bdb9_add_vrrp_ip_and_ha_ip_to_amphora.py +4 -4
- octavia/db/migration/alembic_migrations/versions/3f8ff3be828e_create_quotas_table.py +12 -12
- octavia/db/migration/alembic_migrations/versions/43287cd10fef_make_pool_lb_algorithm_larger.py +6 -6
- octavia/db/migration/alembic_migrations/versions/443fe6676637_add_network_id_to_vip.py +2 -2
- octavia/db/migration/alembic_migrations/versions/44a2414dd683_adding_name_column_to_member_and_health_.py +1 -1
- octavia/db/migration/alembic_migrations/versions/458c9ee2a011_l7_policies_and_rules.py +57 -57
- octavia/db/migration/alembic_migrations/versions/46d914b2a5e5_seed_the_spares_pool_table.py +2 -2
- octavia/db/migration/alembic_migrations/versions/48660b6643f0_add_new_states_for_amphora.py +3 -3
- octavia/db/migration/alembic_migrations/versions/4aeb9e23ad43_add_draining_operating_status.py +1 -1
- octavia/db/migration/alembic_migrations/versions/4c094013699a_update_load_balancer_amphora.py +9 -9
- octavia/db/migration/alembic_migrations/versions/4f65b4f91c39_amphora_add_flavor_id.py +2 -2
- octavia/db/migration/alembic_migrations/versions/4faaa983e7a9_update_member_address_column.py +1 -1
- octavia/db/migration/alembic_migrations/versions/4fe8240425b4_update_vip_add_subnet_id.py +2 -2
- octavia/db/migration/alembic_migrations/versions/52377704420e_add_timestamps_to_healthmonitor.py +9 -9
- octavia/db/migration/alembic_migrations/versions/5309960964f8_add_proxy_protocol_for_pool.py +3 -3
- octavia/db/migration/alembic_migrations/versions/543f5d8e4e56_add_a_column_busy_in_table_amphora_health.py +2 -2
- octavia/db/migration/alembic_migrations/versions/55874a4ceed6_add_l7policy_action_redirect_prefix.py +5 -5
- octavia/db/migration/alembic_migrations/versions/5a3ee5472c31_add_cert_expiration__infor_in_amphora_table.py +4 -4
- octavia/db/migration/alembic_migrations/versions/62816c232310_fix_migration_for_mysql_5_7.py +1 -1
- octavia/db/migration/alembic_migrations/versions/6742ca1b27c2_add_l7policy_redirect_http_code.py +2 -2
- octavia/db/migration/alembic_migrations/versions/6ac558d7fc21_add_prometheus_listener_protocol.py +3 -3
- octavia/db/migration/alembic_migrations/versions/6ffc710674ef_spares_pool_table.py +2 -2
- octavia/db/migration/alembic_migrations/versions/7432f1d4ea83_add_http_host_head_inject_for_http_health_check.py +4 -4
- octavia/db/migration/alembic_migrations/versions/74aae261694c_extend_pool_for_backend_ca_and_crl.py +4 -4
- octavia/db/migration/alembic_migrations/versions/76aacf2e176c_extend_support_udp_protocol.py +3 -3
- octavia/db/migration/alembic_migrations/versions/80dba23a159f_tags_support.py +3 -3
- octavia/db/migration/alembic_migrations/versions/82b9402e71fd_update_vip_address_size.py +1 -1
- octavia/db/migration/alembic_migrations/versions/8ac4ed24df3a_add_availability_zone_to_lb.py +4 -4
- octavia/db/migration/alembic_migrations/versions/8b47b2546312_sctp_support.py +2 -2
- octavia/db/migration/alembic_migrations/versions/8c0851bdf6c3_change_tls_container_id_length_in_sni_.py +1 -1
- octavia/db/migration/alembic_migrations/versions/92fe9857279_create_healthmanager_table.py +3 -3
- octavia/db/migration/alembic_migrations/versions/9b5473976d6d_add_provisioning_status_to_objects.py +10 -10
- octavia/db/migration/alembic_migrations/versions/a1f689aecc1d_extend_pool_for_support_backend_reencryption.py +2 -2
- octavia/db/migration/alembic_migrations/versions/a7f187cd221f_add_tls_boolean_type_for_reencryption.py +2 -2
- octavia/db/migration/alembic_migrations/versions/b9c703669314_add_flavor_and_flavor_profile_table.py +18 -18
- octavia/db/migration/alembic_migrations/versions/ba35e0fb88e1_add_backup_field_to_member.py +2 -2
- octavia/db/migration/alembic_migrations/versions/bf171d0d91c3_amphora_add_cached_zone.py +2 -2
- octavia/db/migration/alembic_migrations/versions/c761c8a71579_add_availability_zone_table.py +15 -15
- octavia/db/migration/alembic_migrations/versions/d85ca7258d21_modernize_l7rule.py +13 -13
- octavia/db/migration/alembic_migrations/versions/da371b422669_allowed_cidr_for_listeners.py +7 -7
- octavia/db/migration/alembic_migrations/versions/dcf88e59aae4_add_lb_algorithm_source_ip_port.py +3 -3
- octavia/db/migration/alembic_migrations/versions/e37941b010db_add_lb_flavor_constraint.py +11 -11
- octavia/db/migration/alembic_migrations/versions/e6672bda93bf_add_ping_and_tlshello_monitor_types.py +3 -3
- octavia/db/migration/alembic_migrations/versions/e6ee84f0abf3_add_proxy_v2_pool_protocol.py +3 -3
- octavia/db/migration/alembic_migrations/versions/ebbcc72b4e5e_add_octavia_owned_vip_column_to_vip_.py +2 -2
- octavia/db/migration/alembic_migrations/versions/f21ae3f21adc_add_client_auth_option.py +6 -6
- octavia/db/migration/alembic_migrations/versions/fc5582da7d8a_create_amphora_build_rate_limit_tables.py +11 -11
- octavia/db/migration/alembic_migrations/versions/ffad172e98c1_add_certificate_revoke_list_option.py +2 -2
- octavia/db/models.py +1 -1
- octavia/db/repositories.py +3 -3
- octavia/distributor/drivers/driver_base.py +1 -1
- octavia/distributor/drivers/noop_driver/driver.py +1 -1
- octavia/hacking/checks.py +4 -4
- octavia/image/drivers/noop_driver/driver.py +1 -1
- octavia/image/image_base.py +1 -1
- octavia/network/base.py +1 -1
- octavia/network/drivers/neutron/allowed_address_pairs.py +11 -9
- octavia/network/drivers/neutron/base.py +3 -3
- octavia/network/drivers/noop_driver/driver.py +1 -1
- octavia/policies/amphora.py +6 -12
- octavia/policies/availability_zone.py +5 -10
- octavia/policies/availability_zone_profile.py +5 -15
- octavia/policies/base.py +1 -20
- octavia/policies/flavor.py +5 -10
- octavia/policies/flavor_profile.py +5 -10
- octavia/policies/healthmonitor.py +6 -12
- octavia/policies/l7policy.py +6 -12
- octavia/policies/l7rule.py +5 -10
- octavia/policies/listener.py +7 -14
- octavia/policies/loadbalancer.py +9 -18
- octavia/policies/member.py +5 -10
- octavia/policies/pool.py +6 -12
- octavia/policies/provider.py +1 -2
- octavia/policies/provider_availability_zone.py +1 -3
- octavia/policies/provider_flavor.py +1 -2
- octavia/policies/quota.py +6 -12
- octavia/statistics/stats_base.py +1 -1
- octavia/tests/common/constants.py +1 -1
- octavia/tests/common/data_model_helpers.py +10 -10
- octavia/tests/common/sample_data_models.py +1 -1
- octavia/tests/common/sample_haproxy_prometheus +17 -17
- octavia/tests/common/sample_octavia_prometheus +6 -6
- octavia/tests/common/utils.py +2 -2
- octavia/tests/functional/amphorae/backend/agent/api_server/test_keepalivedlvs.py +36 -62
- octavia/tests/functional/amphorae/backend/agent/api_server/test_server.py +135 -296
- octavia/tests/functional/api/drivers/driver_agent/test_driver_agent.py +10 -11
- octavia/tests/functional/api/v2/base.py +2 -3
- octavia/tests/functional/api/v2/test_amphora.py +6 -6
- octavia/tests/functional/api/v2/test_availability_zone_profiles.py +13 -14
- octavia/tests/functional/api/v2/test_availability_zones.py +19 -19
- octavia/tests/functional/api/v2/test_flavor_profiles.py +19 -20
- octavia/tests/functional/api/v2/test_flavors.py +25 -25
- octavia/tests/functional/api/v2/test_health_monitor.py +35 -18
- octavia/tests/functional/api/v2/test_l7policy.py +11 -11
- octavia/tests/functional/api/v2/test_l7rule.py +19 -20
- octavia/tests/functional/api/v2/test_listener.py +26 -28
- octavia/tests/functional/api/v2/test_load_balancer.py +17 -17
- octavia/tests/functional/api/v2/test_member.py +53 -21
- octavia/tests/functional/api/v2/test_pool.py +11 -11
- octavia/tests/functional/api/v2/test_provider.py +7 -7
- octavia/tests/functional/api/v2/test_quotas.py +9 -9
- octavia/tests/functional/db/test_models.py +1 -1
- octavia/tests/functional/db/test_repositories.py +2 -2
- octavia/tests/unit/amphorae/backends/agent/api_server/test_amphora_info.py +60 -61
- octavia/tests/unit/amphorae/backends/agent/api_server/test_keepalived.py +3 -3
- octavia/tests/unit/amphorae/backends/agent/api_server/test_keepalivedlvs.py +1 -19
- octavia/tests/unit/amphorae/backends/agent/api_server/test_loadbalancer.py +94 -34
- octavia/tests/unit/amphorae/backends/agent/api_server/test_osutils.py +19 -21
- octavia/tests/unit/amphorae/backends/agent/api_server/test_plug.py +9 -11
- octavia/tests/unit/amphorae/backends/agent/api_server/test_util.py +11 -25
- octavia/tests/unit/amphorae/backends/agent/test_agent_jinja_cfg.py +0 -13
- octavia/tests/unit/amphorae/backends/health_daemon/test_health_daemon.py +10 -10
- octavia/tests/unit/amphorae/backends/utils/test_haproxy_query.py +1 -1
- octavia/tests/unit/amphorae/backends/utils/test_interface.py +33 -94
- octavia/tests/unit/amphorae/backends/utils/test_interface_file.py +32 -32
- octavia/tests/unit/amphorae/backends/utils/test_network_namespace.py +4 -6
- octavia/tests/unit/amphorae/backends/utils/test_nftable_utils.py +28 -22
- octavia/tests/unit/amphorae/drivers/haproxy/test_rest_api_driver_1_0.py +77 -118
- octavia/tests/unit/amphorae/drivers/health/test_heartbeat_udp.py +8 -8
- octavia/tests/unit/amphorae/drivers/keepalived/jinja/test_jinja_cfg.py +0 -4
- octavia/tests/unit/api/common/test_pagination.py +84 -14
- octavia/tests/unit/api/v2/types/test_availability_zone_profile.py +1 -1
- octavia/tests/unit/api/v2/types/test_availability_zones.py +1 -1
- octavia/tests/unit/api/v2/types/test_flavor_profile.py +1 -1
- octavia/tests/unit/api/v2/types/test_flavors.py +1 -1
- octavia/tests/unit/api/v2/types/test_health_monitor.py +1 -1
- octavia/tests/unit/api/v2/types/test_listener.py +1 -1
- octavia/tests/unit/api/v2/types/test_load_balancer.py +1 -1
- octavia/tests/unit/api/v2/types/test_pool.py +1 -1
- octavia/tests/unit/base.py +1 -0
- octavia/tests/unit/certificates/generator/local_csr.py +1 -1
- octavia/tests/unit/certificates/generator/test_local.py +5 -5
- octavia/tests/unit/certificates/manager/test_barbican.py +2 -3
- octavia/tests/unit/certificates/manager/test_barbican_legacy.py +1 -1
- octavia/tests/unit/certificates/manager/test_local.py +13 -14
- octavia/tests/unit/cmd/test_health_checker.py +1 -1
- octavia/tests/unit/cmd/test_prometheus_proxy.py +8 -1
- octavia/tests/unit/common/jinja/haproxy/combined_listeners/test_jinja_cfg.py +171 -216
- octavia/tests/unit/common/jinja/logging/test_logging_jinja_cfg.py +1 -1
- octavia/tests/unit/common/sample_configs/sample_configs_combined.py +1 -2
- octavia/tests/unit/common/test_base_taskflow.py +1 -1
- octavia/tests/unit/common/test_decorators.py +2 -2
- octavia/tests/unit/common/test_policy.py +3 -6
- octavia/tests/unit/common/tls_utils/test_cert_parser.py +4 -1
- octavia/tests/unit/controller/worker/v2/flows/test_listener_flows.py +10 -15
- octavia/tests/unit/controller/worker/v2/flows/test_load_balancer_flows.py +4 -6
- octavia/tests/unit/controller/worker/v2/tasks/test_network_tasks.py +6 -2
- octavia/tests/unit/controller/worker/v2/tasks/test_retry_tasks.py +1 -1
- octavia/tests/unit/controller/worker/v2/test_controller_worker.py +56 -1
- octavia/tests/unit/controller/worker/v2/test_taskflow_jobboard_driver.py +348 -0
- octavia/tests/unit/hacking/test_checks.py +3 -3
- octavia/tests/unit/image/drivers/noop_driver/test_driver.py +1 -1
- octavia/tests/unit/image/drivers/test_glance_driver.py +1 -1
- octavia/tests/unit/network/drivers/neutron/test_base.py +1 -1
- octavia/tests/unit/statistics/drivers/test_update_db.py +1 -1
- octavia/tests/unit/statistics/test_stats_base.py +1 -1
- octavia/volume/drivers/noop_driver/driver.py +1 -1
- octavia/volume/volume_base.py +1 -1
- {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.0rc1.dist-info}/AUTHORS +6 -0
- {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.0rc1.dist-info}/METADATA +3 -5
- {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.0rc1.dist-info}/RECORD +302 -305
- octavia-15.0.0.0rc1.dist-info/pbr.json +1 -0
- octavia/amphorae/backends/agent/api_server/templates/keepalived.sysvinit.j2 +0 -87
- octavia/amphorae/backends/agent/api_server/templates/keepalived.upstart.j2 +0 -29
- octavia/amphorae/backends/agent/api_server/templates/sysvinit.conf.j2 +0 -232
- octavia/amphorae/backends/agent/api_server/templates/upstart.conf.j2 +0 -71
- octavia-14.0.0.0rc1.dist-info/pbr.json +0 -1
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/LICENSE +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/README.rst +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/diskimage-create/README.rst +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/diskimage-create/diskimage-create.sh +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/diskimage-create/image-tests.sh +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/diskimage-create/requirements.txt +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/diskimage-create/test-requirements.txt +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/diskimage-create/tox.ini +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/data/share/octavia/diskimage-create/version.txt +0 -0
- {octavia-14.0.0.0rc1.data → octavia-15.0.0.0rc1.data}/scripts/octavia-wsgi +0 -0
- {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.0rc1.dist-info}/LICENSE +0 -0
- {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.0rc1.dist-info}/WHEEL +0 -0
- {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.0rc1.dist-info}/entry_points.txt +0 -0
- {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.0rc1.dist-info}/top_level.txt +0 -0
|
@@ -37,7 +37,7 @@ class TestInterface(base.TestCase):
|
|
|
37
37
|
|
|
38
38
|
ifaces = ('eth0', 'eth7', 'eth8')
|
|
39
39
|
mock_listdir.return_value = [
|
|
40
|
-
"{}.json"
|
|
40
|
+
f"{iface}.json"
|
|
41
41
|
for iface in ifaces
|
|
42
42
|
]
|
|
43
43
|
mock_listdir.return_value.extend(["invalidfile"])
|
|
@@ -48,7 +48,7 @@ class TestInterface(base.TestCase):
|
|
|
48
48
|
|
|
49
49
|
for iface in ifaces:
|
|
50
50
|
f = os.path.join(consts.AMP_NET_DIR_TEMPLATE,
|
|
51
|
-
"{}.json"
|
|
51
|
+
f"{iface}.json")
|
|
52
52
|
self.assertIn(f, config_file_list)
|
|
53
53
|
|
|
54
54
|
# unsupported file
|
|
@@ -274,11 +274,10 @@ class TestInterface(base.TestCase):
|
|
|
274
274
|
mock_check_output.assert_called_once_with(
|
|
275
275
|
["/sbin/dhclient",
|
|
276
276
|
"-lf",
|
|
277
|
-
"/var/lib/dhclient/dhclient-{}.leases"
|
|
278
|
-
iface),
|
|
277
|
+
f"/var/lib/dhclient/dhclient-{iface}.leases",
|
|
279
278
|
"-pf",
|
|
280
|
-
"/run/dhclient-{}.pid"
|
|
281
|
-
iface], stderr
|
|
279
|
+
f"/run/dhclient-{iface}.pid",
|
|
280
|
+
iface], stderr=subprocess.STDOUT)
|
|
282
281
|
|
|
283
282
|
@mock.patch('subprocess.check_output')
|
|
284
283
|
def test__dhclient_down(self, mock_check_output):
|
|
@@ -291,11 +290,10 @@ class TestInterface(base.TestCase):
|
|
|
291
290
|
["/sbin/dhclient",
|
|
292
291
|
"-r",
|
|
293
292
|
"-lf",
|
|
294
|
-
"/var/lib/dhclient/dhclient-{}.leases"
|
|
295
|
-
iface),
|
|
293
|
+
f"/var/lib/dhclient/dhclient-{iface}.leases",
|
|
296
294
|
"-pf",
|
|
297
|
-
"/run/dhclient-{}.pid"
|
|
298
|
-
iface], stderr
|
|
295
|
+
f"/run/dhclient-{iface}.pid",
|
|
296
|
+
iface], stderr=subprocess.STDOUT)
|
|
299
297
|
|
|
300
298
|
@mock.patch('subprocess.check_output')
|
|
301
299
|
def test__ipv6auto_up(self, mock_check_output):
|
|
@@ -306,9 +304,11 @@ class TestInterface(base.TestCase):
|
|
|
306
304
|
|
|
307
305
|
mock_check_output.assert_has_calls([
|
|
308
306
|
mock.call(["/sbin/sysctl", "-w",
|
|
309
|
-
"net.ipv6.conf.iface2.accept_ra=2"],
|
|
307
|
+
"net.ipv6.conf.iface2.accept_ra=2"],
|
|
308
|
+
stderr=subprocess.STDOUT),
|
|
310
309
|
mock.call(["/sbin/sysctl", "-w",
|
|
311
|
-
"net.ipv6.conf.iface2.autoconf=1"],
|
|
310
|
+
"net.ipv6.conf.iface2.autoconf=1"],
|
|
311
|
+
stderr=subprocess.STDOUT)])
|
|
312
312
|
|
|
313
313
|
@mock.patch('subprocess.check_output')
|
|
314
314
|
def test__ipv6auto_down(self, mock_check_output):
|
|
@@ -319,9 +319,11 @@ class TestInterface(base.TestCase):
|
|
|
319
319
|
|
|
320
320
|
mock_check_output.assert_has_calls([
|
|
321
321
|
mock.call(["/sbin/sysctl", "-w",
|
|
322
|
-
"net.ipv6.conf.iface2.accept_ra=0"],
|
|
322
|
+
"net.ipv6.conf.iface2.accept_ra=0"],
|
|
323
|
+
stderr=subprocess.STDOUT),
|
|
323
324
|
mock.call(["/sbin/sysctl", "-w",
|
|
324
|
-
"net.ipv6.conf.iface2.autoconf=0"],
|
|
325
|
+
"net.ipv6.conf.iface2.autoconf=0"],
|
|
326
|
+
stderr=subprocess.STDOUT)])
|
|
325
327
|
|
|
326
328
|
@mock.patch('pyroute2.IPRoute.rule')
|
|
327
329
|
@mock.patch('pyroute2.IPRoute.route')
|
|
@@ -452,7 +454,7 @@ class TestInterface(base.TestCase):
|
|
|
452
454
|
@mock.patch('octavia.amphorae.backends.utils.network_namespace.'
|
|
453
455
|
'NetworkNamespace')
|
|
454
456
|
@mock.patch('octavia.amphorae.backends.utils.nftable_utils.'
|
|
455
|
-
'
|
|
457
|
+
'write_nftable_rules_file')
|
|
456
458
|
@mock.patch('pyroute2.IPRoute.rule')
|
|
457
459
|
@mock.patch('pyroute2.IPRoute.route')
|
|
458
460
|
@mock.patch('pyroute2.IPRoute.addr')
|
|
@@ -578,16 +580,8 @@ class TestInterface(base.TestCase):
|
|
|
578
580
|
family=socket.AF_INET6)])
|
|
579
581
|
|
|
580
582
|
mock_check_output.assert_has_calls([
|
|
581
|
-
mock.call([consts.NFT_CMD,
|
|
582
|
-
|
|
583
|
-
mock.call([consts.NFT_CMD, consts.NFT_ADD, 'chain',
|
|
584
|
-
consts.NFT_FAMILY, consts.NFT_VIP_TABLE,
|
|
585
|
-
consts.NFT_VIP_CHAIN, '{', 'type', 'filter', 'hook',
|
|
586
|
-
'ingress', 'device', 'fake-eth1', 'priority',
|
|
587
|
-
consts.NFT_SRIOV_PRIORITY, ';', 'policy', 'drop', ';',
|
|
588
|
-
'}'], stderr=-2),
|
|
589
|
-
mock.call([consts.NFT_CMD, '-o', '-f', consts.NFT_VIP_RULES_FILE],
|
|
590
|
-
stderr=-2),
|
|
583
|
+
mock.call([consts.NFT_CMD, '-o', '-f', consts.NFT_RULES_FILE],
|
|
584
|
+
stderr=subprocess.STDOUT),
|
|
591
585
|
mock.call(["post-up", "fake-eth1"])
|
|
592
586
|
])
|
|
593
587
|
|
|
@@ -921,17 +915,16 @@ class TestInterface(base.TestCase):
|
|
|
921
915
|
mock_check_output.assert_has_calls([
|
|
922
916
|
mock.call(["/sbin/dhclient",
|
|
923
917
|
"-lf",
|
|
924
|
-
"/var/lib/dhclient/dhclient-{}.leases"
|
|
925
|
-
iface.name),
|
|
918
|
+
f"/var/lib/dhclient/dhclient-{iface.name}.leases",
|
|
926
919
|
"-pf",
|
|
927
|
-
"/run/dhclient-{}.pid"
|
|
928
|
-
iface.name], stderr
|
|
920
|
+
f"/run/dhclient-{iface.name}.pid",
|
|
921
|
+
iface.name], stderr=subprocess.STDOUT),
|
|
929
922
|
mock.call(["/sbin/sysctl", "-w",
|
|
930
|
-
"net.ipv6.conf.{}.accept_ra=2"
|
|
931
|
-
stderr
|
|
923
|
+
f"net.ipv6.conf.{iface.name}.accept_ra=2"],
|
|
924
|
+
stderr=subprocess.STDOUT),
|
|
932
925
|
mock.call(["/sbin/sysctl", "-w",
|
|
933
|
-
"net.ipv6.conf.{}.autoconf=1"
|
|
934
|
-
stderr
|
|
926
|
+
f"net.ipv6.conf.{iface.name}.autoconf=1"],
|
|
927
|
+
stderr=subprocess.STDOUT),
|
|
935
928
|
mock.call(["post-up", iface.name])
|
|
936
929
|
])
|
|
937
930
|
|
|
@@ -1338,17 +1331,16 @@ class TestInterface(base.TestCase):
|
|
|
1338
1331
|
mock.call(["/sbin/dhclient",
|
|
1339
1332
|
"-r",
|
|
1340
1333
|
"-lf",
|
|
1341
|
-
"/var/lib/dhclient/dhclient-{}.leases"
|
|
1342
|
-
iface.name),
|
|
1334
|
+
f"/var/lib/dhclient/dhclient-{iface.name}.leases",
|
|
1343
1335
|
"-pf",
|
|
1344
|
-
"/run/dhclient-{}.pid"
|
|
1345
|
-
iface.name], stderr
|
|
1336
|
+
f"/run/dhclient-{iface.name}.pid",
|
|
1337
|
+
iface.name], stderr=subprocess.STDOUT),
|
|
1346
1338
|
mock.call(["/sbin/sysctl", "-w",
|
|
1347
|
-
"net.ipv6.conf.{}.accept_ra=0"
|
|
1348
|
-
stderr
|
|
1339
|
+
f"net.ipv6.conf.{iface.name}.accept_ra=0"],
|
|
1340
|
+
stderr=subprocess.STDOUT),
|
|
1349
1341
|
mock.call(["/sbin/sysctl", "-w",
|
|
1350
|
-
"net.ipv6.conf.{}.autoconf=0"
|
|
1351
|
-
stderr
|
|
1342
|
+
f"net.ipv6.conf.{iface.name}.autoconf=0"],
|
|
1343
|
+
stderr=subprocess.STDOUT),
|
|
1352
1344
|
mock.call(["post-down", iface.name])
|
|
1353
1345
|
])
|
|
1354
1346
|
|
|
@@ -1444,56 +1436,3 @@ class TestInterface(base.TestCase):
|
|
|
1444
1436
|
|
|
1445
1437
|
addr = controller._normalize_ip_network(None)
|
|
1446
1438
|
self.assertIsNone(addr)
|
|
1447
|
-
|
|
1448
|
-
@mock.patch('octavia.amphorae.backends.utils.nftable_utils.'
|
|
1449
|
-
'load_nftables_file')
|
|
1450
|
-
@mock.patch('octavia.amphorae.backends.utils.nftable_utils.'
|
|
1451
|
-
'write_nftable_vip_rules_file')
|
|
1452
|
-
@mock.patch('subprocess.check_output')
|
|
1453
|
-
def test__setup_nftables_chain(self, mock_check_output, mock_write_rules,
|
|
1454
|
-
mock_load_rules):
|
|
1455
|
-
|
|
1456
|
-
controller = interface.InterfaceController()
|
|
1457
|
-
|
|
1458
|
-
mock_check_output.side_effect = [
|
|
1459
|
-
mock.DEFAULT, mock.DEFAULT,
|
|
1460
|
-
subprocess.CalledProcessError(cmd=consts.NFT_CMD, returncode=-1),
|
|
1461
|
-
mock.DEFAULT,
|
|
1462
|
-
subprocess.CalledProcessError(cmd=consts.NFT_CMD, returncode=-1)]
|
|
1463
|
-
|
|
1464
|
-
interface_mock = mock.MagicMock()
|
|
1465
|
-
interface_mock.name = 'fake2'
|
|
1466
|
-
|
|
1467
|
-
# Test succeessful path
|
|
1468
|
-
controller._setup_nftables_chain(interface_mock)
|
|
1469
|
-
|
|
1470
|
-
mock_write_rules.assert_called_once_with('fake2', [])
|
|
1471
|
-
mock_load_rules.assert_called_once_with()
|
|
1472
|
-
mock_check_output.assert_has_calls([
|
|
1473
|
-
mock.call([consts.NFT_CMD, 'add', 'table', consts.NFT_FAMILY,
|
|
1474
|
-
consts.NFT_VIP_TABLE], stderr=subprocess.STDOUT),
|
|
1475
|
-
mock.call([consts.NFT_CMD, 'add', 'chain', consts.NFT_FAMILY,
|
|
1476
|
-
consts.NFT_VIP_TABLE, consts.NFT_VIP_CHAIN, '{',
|
|
1477
|
-
'type', 'filter', 'hook', 'ingress', 'device',
|
|
1478
|
-
'fake2', 'priority', consts.NFT_SRIOV_PRIORITY, ';',
|
|
1479
|
-
'policy', 'drop', ';', '}'], stderr=subprocess.STDOUT)])
|
|
1480
|
-
|
|
1481
|
-
# Test first nft call fails
|
|
1482
|
-
mock_write_rules.reset_mock()
|
|
1483
|
-
mock_load_rules.reset_mock()
|
|
1484
|
-
mock_check_output.reset_mock()
|
|
1485
|
-
|
|
1486
|
-
self.assertRaises(subprocess.CalledProcessError,
|
|
1487
|
-
controller._setup_nftables_chain, interface_mock)
|
|
1488
|
-
mock_check_output.assert_called_once()
|
|
1489
|
-
mock_write_rules.assert_not_called()
|
|
1490
|
-
|
|
1491
|
-
# Test second nft call fails
|
|
1492
|
-
mock_write_rules.reset_mock()
|
|
1493
|
-
mock_load_rules.reset_mock()
|
|
1494
|
-
mock_check_output.reset_mock()
|
|
1495
|
-
|
|
1496
|
-
self.assertRaises(subprocess.CalledProcessError,
|
|
1497
|
-
controller._setup_nftables_chain, interface_mock)
|
|
1498
|
-
self.assertEqual(2, mock_check_output.call_count)
|
|
1499
|
-
mock_write_rules.assert_not_called()
|
|
@@ -112,13 +112,13 @@ class TestInterfaceFile(base.TestCase):
|
|
|
112
112
|
consts.SCRIPTS: {
|
|
113
113
|
consts.IFACE_UP: [{
|
|
114
114
|
consts.COMMAND: (
|
|
115
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
116
|
-
"{}"
|
|
115
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
116
|
+
f"{netns_interface}")
|
|
117
117
|
}],
|
|
118
118
|
consts.IFACE_DOWN: [{
|
|
119
119
|
consts.COMMAND: (
|
|
120
120
|
"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
121
|
-
"{}"
|
|
121
|
+
f"{netns_interface}")
|
|
122
122
|
}]
|
|
123
123
|
}
|
|
124
124
|
}
|
|
@@ -244,13 +244,13 @@ class TestInterfaceFile(base.TestCase):
|
|
|
244
244
|
consts.SCRIPTS: {
|
|
245
245
|
consts.IFACE_UP: [{
|
|
246
246
|
consts.COMMAND: (
|
|
247
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
248
|
-
"{}"
|
|
247
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
248
|
+
f"{netns_interface}")
|
|
249
249
|
}],
|
|
250
250
|
consts.IFACE_DOWN: [{
|
|
251
251
|
consts.COMMAND: (
|
|
252
252
|
"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
253
|
-
"{}"
|
|
253
|
+
f"{netns_interface}")
|
|
254
254
|
}]
|
|
255
255
|
}
|
|
256
256
|
}
|
|
@@ -323,13 +323,13 @@ class TestInterfaceFile(base.TestCase):
|
|
|
323
323
|
consts.SCRIPTS: {
|
|
324
324
|
consts.IFACE_UP: [{
|
|
325
325
|
consts.COMMAND: (
|
|
326
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
327
|
-
"{}"
|
|
326
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
327
|
+
f"{netns_interface}")
|
|
328
328
|
}],
|
|
329
329
|
consts.IFACE_DOWN: [{
|
|
330
330
|
consts.COMMAND: (
|
|
331
|
-
"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
332
|
-
"{}"
|
|
331
|
+
f"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
332
|
+
f"{netns_interface}")
|
|
333
333
|
}]
|
|
334
334
|
}
|
|
335
335
|
}
|
|
@@ -404,13 +404,13 @@ class TestInterfaceFile(base.TestCase):
|
|
|
404
404
|
consts.SCRIPTS: {
|
|
405
405
|
consts.IFACE_UP: [{
|
|
406
406
|
consts.COMMAND: (
|
|
407
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
408
|
-
"{}"
|
|
407
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
408
|
+
f"{netns_interface}")
|
|
409
409
|
}],
|
|
410
410
|
consts.IFACE_DOWN: [{
|
|
411
411
|
consts.COMMAND: (
|
|
412
|
-
"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
413
|
-
"{}"
|
|
412
|
+
f"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
413
|
+
f"{netns_interface}")
|
|
414
414
|
}]
|
|
415
415
|
}
|
|
416
416
|
}
|
|
@@ -516,13 +516,13 @@ class TestInterfaceFile(base.TestCase):
|
|
|
516
516
|
consts.SCRIPTS: {
|
|
517
517
|
consts.IFACE_UP: [{
|
|
518
518
|
consts.COMMAND: (
|
|
519
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv6 "
|
|
520
|
-
"{}"
|
|
519
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv6 "
|
|
520
|
+
f"{netns_interface}")
|
|
521
521
|
}],
|
|
522
522
|
consts.IFACE_DOWN: [{
|
|
523
523
|
consts.COMMAND: (
|
|
524
|
-
"/usr/local/bin/lvs-masquerade.sh delete ipv6 "
|
|
525
|
-
"{}"
|
|
524
|
+
f"/usr/local/bin/lvs-masquerade.sh delete ipv6 "
|
|
525
|
+
f"{netns_interface}")
|
|
526
526
|
}]
|
|
527
527
|
}
|
|
528
528
|
}
|
|
@@ -603,21 +603,21 @@ class TestInterfaceFile(base.TestCase):
|
|
|
603
603
|
consts.SCRIPTS: {
|
|
604
604
|
consts.IFACE_UP: [{
|
|
605
605
|
consts.COMMAND: (
|
|
606
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
607
|
-
"{}"
|
|
606
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
607
|
+
f"{netns_interface}")
|
|
608
608
|
}, {
|
|
609
609
|
consts.COMMAND: (
|
|
610
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv6 "
|
|
611
|
-
"{}"
|
|
610
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv6 "
|
|
611
|
+
f"{netns_interface}")
|
|
612
612
|
}],
|
|
613
613
|
consts.IFACE_DOWN: [{
|
|
614
614
|
consts.COMMAND: (
|
|
615
|
-
"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
616
|
-
"{}"
|
|
615
|
+
f"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
616
|
+
f"{netns_interface}")
|
|
617
617
|
}, {
|
|
618
618
|
consts.COMMAND: (
|
|
619
|
-
"/usr/local/bin/lvs-masquerade.sh delete ipv6 "
|
|
620
|
-
"{}"
|
|
619
|
+
f"/usr/local/bin/lvs-masquerade.sh delete ipv6 "
|
|
620
|
+
f"{netns_interface}")
|
|
621
621
|
}]
|
|
622
622
|
}
|
|
623
623
|
}
|
|
@@ -654,21 +654,21 @@ class TestInterfaceFile(base.TestCase):
|
|
|
654
654
|
consts.SCRIPTS: {
|
|
655
655
|
consts.IFACE_UP: [{
|
|
656
656
|
consts.COMMAND: (
|
|
657
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
658
|
-
"{}"
|
|
657
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv4 "
|
|
658
|
+
f"{netns_interface}")
|
|
659
659
|
}, {
|
|
660
660
|
consts.COMMAND: (
|
|
661
|
-
"/usr/local/bin/lvs-masquerade.sh add ipv6 "
|
|
662
|
-
"{}"
|
|
661
|
+
f"/usr/local/bin/lvs-masquerade.sh add ipv6 "
|
|
662
|
+
f"{netns_interface}")
|
|
663
663
|
}],
|
|
664
664
|
consts.IFACE_DOWN: [{
|
|
665
665
|
consts.COMMAND: (
|
|
666
666
|
"/usr/local/bin/lvs-masquerade.sh delete ipv4 "
|
|
667
|
-
"{}"
|
|
667
|
+
f"{netns_interface}")
|
|
668
668
|
}, {
|
|
669
669
|
consts.COMMAND: (
|
|
670
670
|
"/usr/local/bin/lvs-masquerade.sh delete ipv6 "
|
|
671
|
-
"{}"
|
|
671
|
+
f"{netns_interface}")
|
|
672
672
|
}]
|
|
673
673
|
}
|
|
674
674
|
}
|
|
@@ -50,9 +50,8 @@ class TestNetworkNamespace(base.TestCase):
|
|
|
50
50
|
mock_cdll_obj = mock.MagicMock()
|
|
51
51
|
mock_cdll.return_value = mock_cdll_obj
|
|
52
52
|
mock_getpid.return_value = FAKE_PID
|
|
53
|
-
expected_current_netns = '/proc/{
|
|
54
|
-
expected_target_netns = '/var/run/netns/{
|
|
55
|
-
netns=FAKE_NETNS)
|
|
53
|
+
expected_current_netns = f'/proc/{FAKE_PID}/ns/net'
|
|
54
|
+
expected_target_netns = f'/var/run/netns/{FAKE_NETNS}'
|
|
56
55
|
|
|
57
56
|
netns = network_namespace.NetworkNamespace(FAKE_NETNS)
|
|
58
57
|
|
|
@@ -72,9 +71,8 @@ class TestNetworkNamespace(base.TestCase):
|
|
|
72
71
|
mock_getpid.return_value = FAKE_PID
|
|
73
72
|
mock_cdll_obj = mock.MagicMock()
|
|
74
73
|
mock_cdll.return_value = mock_cdll_obj
|
|
75
|
-
expected_current_netns = '/proc/{
|
|
76
|
-
expected_target_netns = '/var/run/netns/{
|
|
77
|
-
netns=FAKE_NETNS)
|
|
74
|
+
expected_current_netns = f'/proc/{FAKE_PID}/ns/net'
|
|
75
|
+
expected_target_netns = f'/var/run/netns/{FAKE_NETNS}'
|
|
78
76
|
|
|
79
77
|
netns = network_namespace.NetworkNamespace(FAKE_NETNS)
|
|
80
78
|
|
|
@@ -28,23 +28,22 @@ import octavia.tests.unit.base as base
|
|
|
28
28
|
class TestNFTableUtils(base.TestCase):
|
|
29
29
|
@mock.patch('os.open')
|
|
30
30
|
@mock.patch('os.path.isfile')
|
|
31
|
-
def
|
|
31
|
+
def test_write_nftable_rules_file_exists(self, mock_isfile, mock_open):
|
|
32
32
|
"""Test when a rules file exists and no new rules
|
|
33
33
|
|
|
34
34
|
When an existing rules file is present and we call
|
|
35
|
-
|
|
35
|
+
write_nftable_rules_file with no rules, the method should not
|
|
36
36
|
overwrite the existing rules.
|
|
37
37
|
"""
|
|
38
38
|
mock_isfile.return_value = True
|
|
39
39
|
|
|
40
|
-
nftable_utils.
|
|
40
|
+
nftable_utils.write_nftable_rules_file('fake-eth2', [])
|
|
41
41
|
|
|
42
42
|
mock_open.assert_not_called()
|
|
43
43
|
|
|
44
44
|
@mock.patch('os.open')
|
|
45
45
|
@mock.patch('os.path.isfile')
|
|
46
|
-
def
|
|
47
|
-
mock_open):
|
|
46
|
+
def test_write_nftable_rules_file_rules(self, mock_isfile, mock_open):
|
|
48
47
|
"""Test when a rules file exists and rules are passed in
|
|
49
48
|
|
|
50
49
|
This should create a simple rules file with the base chain and rules.
|
|
@@ -61,32 +60,40 @@ class TestNFTableUtils(base.TestCase):
|
|
|
61
60
|
|
|
62
61
|
mocked_open = mock.mock_open()
|
|
63
62
|
with mock.patch.object(os, 'fdopen', mocked_open):
|
|
64
|
-
nftable_utils.
|
|
63
|
+
nftable_utils.write_nftable_rules_file(
|
|
65
64
|
'fake-eth2', [test_rule_1, test_rule_2])
|
|
66
65
|
|
|
67
66
|
mocked_open.assert_called_once_with('fake-fd', 'w')
|
|
68
67
|
mock_open.assert_called_once_with(
|
|
69
|
-
consts.
|
|
68
|
+
consts.NFT_RULES_FILE,
|
|
70
69
|
(os.O_WRONLY | os.O_CREAT | os.O_TRUNC),
|
|
71
70
|
(stat.S_IRUSR | stat.S_IWUSR))
|
|
72
71
|
|
|
73
72
|
handle = mocked_open()
|
|
74
73
|
handle.write.assert_has_calls([
|
|
75
|
-
mock.call(f'table {consts.NFT_FAMILY} {consts.
|
|
74
|
+
mock.call(f'table {consts.NFT_FAMILY} {consts.NFT_TABLE} '
|
|
76
75
|
'{}\n'),
|
|
77
76
|
mock.call(f'delete table {consts.NFT_FAMILY} '
|
|
78
|
-
f'{consts.
|
|
79
|
-
mock.call(f'table {consts.NFT_FAMILY} {consts.
|
|
77
|
+
f'{consts.NFT_TABLE}\n'),
|
|
78
|
+
mock.call(f'table {consts.NFT_FAMILY} {consts.NFT_TABLE} '
|
|
80
79
|
'{\n'),
|
|
81
|
-
mock.call(f' chain {consts.
|
|
82
|
-
mock.call(' type filter hook
|
|
83
|
-
|
|
80
|
+
mock.call(f' chain {consts.NFT_CHAIN} {{\n'),
|
|
81
|
+
mock.call(' type filter hook input priority filter; '
|
|
82
|
+
'policy drop;\n'),
|
|
83
|
+
mock.call(' ct state vmap { established : accept, related : '
|
|
84
|
+
'accept, invalid : drop }\n'),
|
|
85
|
+
mock.call(' iif lo accept\n'),
|
|
86
|
+
mock.call(' ip saddr 127.0.0.0/8 drop\n'),
|
|
87
|
+
mock.call(' ip6 saddr ::1 drop\n'),
|
|
84
88
|
mock.call(' icmp type destination-unreachable accept\n'),
|
|
85
89
|
mock.call(' icmpv6 type { nd-neighbor-solicit, '
|
|
86
90
|
'nd-router-advert, nd-neighbor-advert, packet-too-big, '
|
|
87
91
|
'destination-unreachable } accept\n'),
|
|
88
92
|
mock.call(' udp sport 67 udp dport 68 accept\n'),
|
|
89
93
|
mock.call(' udp sport 547 udp dport 546 accept\n'),
|
|
94
|
+
mock.call(' iifname eth1 goto amphora_vip_chain\n'),
|
|
95
|
+
mock.call(' }\n'),
|
|
96
|
+
mock.call(' chain amphora_vip_chain {\n'),
|
|
90
97
|
mock.call(' tcp dport 1234 accept\n'),
|
|
91
98
|
mock.call(' ip saddr 192.0.2.0/24 ip protocol 112 accept\n'),
|
|
92
99
|
mock.call(' }\n'),
|
|
@@ -95,8 +102,7 @@ class TestNFTableUtils(base.TestCase):
|
|
|
95
102
|
|
|
96
103
|
@mock.patch('os.open')
|
|
97
104
|
@mock.patch('os.path.isfile')
|
|
98
|
-
def
|
|
99
|
-
mock_open):
|
|
105
|
+
def test_write_nftable_rules_file_missing(self, mock_isfile, mock_open):
|
|
100
106
|
"""Test when a rules file does not exist and no new rules
|
|
101
107
|
|
|
102
108
|
This should create a simple rules file with the base chain.
|
|
@@ -106,21 +112,21 @@ class TestNFTableUtils(base.TestCase):
|
|
|
106
112
|
|
|
107
113
|
mocked_open = mock.mock_open()
|
|
108
114
|
with mock.patch.object(os, 'fdopen', mocked_open):
|
|
109
|
-
nftable_utils.
|
|
115
|
+
nftable_utils.write_nftable_rules_file('fake-eth2', [])
|
|
110
116
|
|
|
111
117
|
mocked_open.assert_called_once_with('fake-fd', 'w')
|
|
112
118
|
mock_open.assert_called_once_with(
|
|
113
|
-
consts.
|
|
119
|
+
consts.NFT_RULES_FILE,
|
|
114
120
|
(os.O_WRONLY | os.O_CREAT | os.O_TRUNC),
|
|
115
121
|
(stat.S_IRUSR | stat.S_IWUSR))
|
|
116
122
|
|
|
117
123
|
handle = mocked_open()
|
|
118
124
|
handle.write.assert_has_calls([
|
|
119
|
-
mock.call(f'table {consts.NFT_FAMILY} {consts.
|
|
125
|
+
mock.call(f'table {consts.NFT_FAMILY} {consts.NFT_TABLE} '
|
|
120
126
|
'{\n'),
|
|
121
|
-
mock.call(f' chain {consts.
|
|
122
|
-
mock.call(' type filter hook
|
|
123
|
-
|
|
127
|
+
mock.call(f' chain {consts.NFT_CHAIN} {{\n'),
|
|
128
|
+
mock.call(' type filter hook input priority filter; '
|
|
129
|
+
'policy drop;\n'),
|
|
124
130
|
mock.call(' icmp type destination-unreachable accept\n'),
|
|
125
131
|
mock.call(' icmpv6 type { nd-neighbor-solicit, '
|
|
126
132
|
'nd-router-advert, nd-neighbor-advert, packet-too-big, '
|
|
@@ -184,7 +190,7 @@ class TestNFTableUtils(base.TestCase):
|
|
|
184
190
|
|
|
185
191
|
mock_netns.assert_called_once_with(consts.AMPHORA_NAMESPACE)
|
|
186
192
|
mock_check_output.assert_called_once_with([
|
|
187
|
-
consts.NFT_CMD, '-o', '-f', consts.
|
|
193
|
+
consts.NFT_CMD, '-o', '-f', consts.NFT_RULES_FILE],
|
|
188
194
|
stderr=subprocess.STDOUT)
|
|
189
195
|
|
|
190
196
|
self.assertRaises(subprocess.CalledProcessError,
|