octavia 14.0.0.0rc1__py3-none-any.whl → 15.0.0__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (307) hide show
  1. octavia/amphorae/backends/agent/agent_jinja_cfg.py +1 -4
  2. octavia/amphorae/backends/agent/api_server/amphora_info.py +5 -5
  3. octavia/amphorae/backends/agent/api_server/keepalived.py +26 -53
  4. octavia/amphorae/backends/agent/api_server/keepalivedlvs.py +44 -83
  5. octavia/amphorae/backends/agent/api_server/loadbalancer.py +94 -112
  6. octavia/amphorae/backends/agent/api_server/lvs_listener_base.py +1 -1
  7. octavia/amphorae/backends/agent/api_server/osutils.py +11 -8
  8. octavia/amphorae/backends/agent/api_server/plug.py +12 -13
  9. octavia/amphorae/backends/agent/api_server/server.py +4 -3
  10. octavia/amphorae/backends/agent/api_server/templates/keepalived_lvs_check_script.sh.j2 +0 -4
  11. octavia/amphorae/backends/agent/api_server/util.py +23 -68
  12. octavia/amphorae/backends/agent/templates/amphora_agent_conf.template +0 -3
  13. octavia/amphorae/backends/health_daemon/health_daemon.py +6 -7
  14. octavia/amphorae/backends/health_daemon/health_sender.py +2 -2
  15. octavia/amphorae/backends/utils/haproxy_query.py +3 -6
  16. octavia/amphorae/backends/utils/interface.py +11 -50
  17. octavia/amphorae/backends/utils/interface_file.py +29 -16
  18. octavia/amphorae/backends/utils/ip_advertisement.py +1 -1
  19. octavia/amphorae/backends/utils/keepalivedlvs_query.py +7 -8
  20. octavia/amphorae/backends/utils/network_namespace.py +3 -3
  21. octavia/amphorae/backends/utils/nftable_utils.py +33 -11
  22. octavia/amphorae/drivers/driver_base.py +2 -2
  23. octavia/amphorae/drivers/haproxy/rest_api_driver.py +26 -38
  24. octavia/amphorae/drivers/health/heartbeat_udp.py +1 -1
  25. octavia/amphorae/drivers/keepalived/jinja/jinja_cfg.py +1 -2
  26. octavia/amphorae/drivers/keepalived/jinja/templates/keepalived_base.template +0 -1
  27. octavia/amphorae/drivers/noop_driver/driver.py +1 -1
  28. octavia/api/app.py +1 -2
  29. octavia/api/common/pagination.py +16 -22
  30. octavia/api/common/types.py +1 -1
  31. octavia/api/drivers/amphora_driver/v2/driver.py +6 -6
  32. octavia/api/drivers/driver_agent/driver_listener.py +3 -3
  33. octavia/api/drivers/driver_agent/driver_updater.py +1 -1
  34. octavia/api/drivers/noop_driver/driver.py +1 -1
  35. octavia/api/root_controller.py +2 -2
  36. octavia/api/v2/controllers/base.py +2 -4
  37. octavia/api/v2/controllers/health_monitor.py +5 -3
  38. octavia/api/v2/controllers/listener.py +2 -2
  39. octavia/api/v2/controllers/load_balancer.py +7 -0
  40. octavia/api/v2/controllers/member.py +12 -2
  41. octavia/api/v2/types/amphora.py +1 -1
  42. octavia/api/v2/types/availability_zone_profile.py +1 -2
  43. octavia/api/v2/types/availability_zones.py +1 -2
  44. octavia/api/v2/types/flavor_profile.py +1 -1
  45. octavia/api/v2/types/flavors.py +1 -1
  46. octavia/api/v2/types/health_monitor.py +1 -1
  47. octavia/api/v2/types/l7policy.py +1 -1
  48. octavia/api/v2/types/l7rule.py +1 -1
  49. octavia/api/v2/types/listener.py +3 -3
  50. octavia/api/v2/types/load_balancer.py +3 -3
  51. octavia/api/v2/types/member.py +2 -2
  52. octavia/api/v2/types/pool.py +2 -2
  53. octavia/api/v2/types/quotas.py +2 -2
  54. octavia/certificates/common/barbican.py +1 -1
  55. octavia/certificates/common/cert.py +1 -1
  56. octavia/certificates/generator/cert_gen.py +1 -1
  57. octavia/certificates/generator/local.py +5 -5
  58. octavia/certificates/manager/cert_mgr.py +1 -1
  59. octavia/certificates/manager/local.py +20 -20
  60. octavia/cmd/agent.py +3 -3
  61. octavia/cmd/driver_agent.py +2 -3
  62. octavia/cmd/health_checker.py +4 -4
  63. octavia/cmd/interface.py +4 -4
  64. octavia/cmd/prometheus_proxy.py +11 -13
  65. octavia/common/base_taskflow.py +3 -3
  66. octavia/common/clients.py +4 -4
  67. octavia/common/config.py +18 -24
  68. octavia/common/constants.py +28 -35
  69. octavia/common/data_models.py +2 -2
  70. octavia/common/jinja/haproxy/combined_listeners/jinja_cfg.py +5 -5
  71. octavia/common/jinja/logging/logging_jinja_cfg.py +1 -1
  72. octavia/common/jinja/lvs/jinja_cfg.py +1 -1
  73. octavia/common/jinja/user_data_jinja_cfg.py +1 -1
  74. octavia/common/keystone.py +1 -1
  75. octavia/common/policy.py +2 -3
  76. octavia/common/stats.py +1 -1
  77. octavia/common/tls_utils/cert_parser.py +2 -1
  78. octavia/common/utils.py +3 -3
  79. octavia/common/validate.py +9 -13
  80. octavia/compute/compute_base.py +1 -1
  81. octavia/compute/drivers/noop_driver/driver.py +1 -1
  82. octavia/compute/drivers/nova_driver.py +1 -1
  83. octavia/controller/healthmanager/health_manager.py +1 -1
  84. octavia/controller/housekeeping/house_keeping.py +2 -2
  85. octavia/controller/queue/v2/consumer.py +1 -2
  86. octavia/controller/queue/v2/endpoints.py +1 -1
  87. octavia/controller/worker/amphora_rate_limit.py +6 -6
  88. octavia/controller/worker/task_utils.py +1 -1
  89. octavia/controller/worker/v2/controller_worker.py +3 -3
  90. octavia/controller/worker/v2/flows/amphora_flows.py +15 -4
  91. octavia/controller/worker/v2/flows/flow_utils.py +6 -5
  92. octavia/controller/worker/v2/flows/health_monitor_flows.py +1 -1
  93. octavia/controller/worker/v2/flows/l7policy_flows.py +1 -1
  94. octavia/controller/worker/v2/flows/l7rule_flows.py +1 -1
  95. octavia/controller/worker/v2/flows/listener_flows.py +18 -6
  96. octavia/controller/worker/v2/flows/load_balancer_flows.py +1 -1
  97. octavia/controller/worker/v2/flows/member_flows.py +12 -19
  98. octavia/controller/worker/v2/flows/pool_flows.py +1 -1
  99. octavia/controller/worker/v2/taskflow_jobboard_driver.py +17 -3
  100. octavia/controller/worker/v2/tasks/compute_tasks.py +1 -3
  101. octavia/controller/worker/v2/tasks/network_tasks.py +3 -4
  102. octavia/db/base_models.py +21 -9
  103. octavia/db/migration/alembic_migrations/versions/034756a182a2_amphora_add_image_id.py +2 -2
  104. octavia/db/migration/alembic_migrations/versions/034b2dc2f3e0_modernize_l7policy_fields.py +31 -31
  105. octavia/db/migration/alembic_migrations/versions/0f242cf02c74_add_provider_column.py +2 -2
  106. octavia/db/migration/alembic_migrations/versions/10d38216ad34_add_timestamps_to_amphora.py +4 -4
  107. octavia/db/migration/alembic_migrations/versions/11e4bb2bb8ef_fix_ipv6_vip.py +1 -1
  108. octavia/db/migration/alembic_migrations/versions/13500e2e978d_update_url_and_name_size.py +6 -6
  109. octavia/db/migration/alembic_migrations/versions/14892634e228_update_vip.py +5 -5
  110. octavia/db/migration/alembic_migrations/versions/186509101b9b_add_server_group_id_to_loadbalancer.py +2 -2
  111. octavia/db/migration/alembic_migrations/versions/1afc932f1ca2_l7rule_support_client_cert.py +3 -3
  112. octavia/db/migration/alembic_migrations/versions/1e4c1d83044c_keepalived_configuration_datamodel.py +26 -26
  113. octavia/db/migration/alembic_migrations/versions/2351ea316465_adding_terminate_https_tls_ref_support.py +4 -4
  114. octavia/db/migration/alembic_migrations/versions/256852d5ff7c_add_lb_network_ip_to_amphora.py +2 -2
  115. octavia/db/migration/alembic_migrations/versions/27e54d00c3cd_add_monitor_address_and_port_to_member.py +4 -4
  116. octavia/db/migration/alembic_migrations/versions/298eac0640a7_add_amphora_vrrp_port_id_and_ha_port_id.py +4 -4
  117. octavia/db/migration/alembic_migrations/versions/29ff921a6eb_shared_pools.py +3 -3
  118. octavia/db/migration/alembic_migrations/versions/2ad093f6353f_add_listener_client_ca_tls_certificate_.py +2 -2
  119. octavia/db/migration/alembic_migrations/versions/31f7653ded67_allow_multiple_vips_per_loadbalancer.py +10 -10
  120. octavia/db/migration/alembic_migrations/versions/32e5c35b26a8_add_l7policy_and_l7rule_quota.py +4 -4
  121. octavia/db/migration/alembic_migrations/versions/357d17a6d5ac_update_lb_and_amphora_data_model_for_.py +20 -20
  122. octavia/db/migration/alembic_migrations/versions/35dee79d5865_initial_create.py +185 -185
  123. octavia/db/migration/alembic_migrations/versions/36b94648fef8_add_timestamp.py +2 -2
  124. octavia/db/migration/alembic_migrations/versions/392fb85b4419_add_primary_key_to_spares_pool.py +1 -1
  125. octavia/db/migration/alembic_migrations/versions/3a1e1cdb7b27_rename_amphora_host_id.py +1 -1
  126. octavia/db/migration/alembic_migrations/versions/3b199c848b96_create_no_monitor_operational_status.py +1 -1
  127. octavia/db/migration/alembic_migrations/versions/3e5b37a0bdb9_add_vrrp_ip_and_ha_ip_to_amphora.py +4 -4
  128. octavia/db/migration/alembic_migrations/versions/3f8ff3be828e_create_quotas_table.py +12 -12
  129. octavia/db/migration/alembic_migrations/versions/43287cd10fef_make_pool_lb_algorithm_larger.py +6 -6
  130. octavia/db/migration/alembic_migrations/versions/443fe6676637_add_network_id_to_vip.py +2 -2
  131. octavia/db/migration/alembic_migrations/versions/44a2414dd683_adding_name_column_to_member_and_health_.py +1 -1
  132. octavia/db/migration/alembic_migrations/versions/458c9ee2a011_l7_policies_and_rules.py +57 -57
  133. octavia/db/migration/alembic_migrations/versions/46d914b2a5e5_seed_the_spares_pool_table.py +2 -2
  134. octavia/db/migration/alembic_migrations/versions/48660b6643f0_add_new_states_for_amphora.py +3 -3
  135. octavia/db/migration/alembic_migrations/versions/4aeb9e23ad43_add_draining_operating_status.py +1 -1
  136. octavia/db/migration/alembic_migrations/versions/4c094013699a_update_load_balancer_amphora.py +9 -9
  137. octavia/db/migration/alembic_migrations/versions/4f65b4f91c39_amphora_add_flavor_id.py +2 -2
  138. octavia/db/migration/alembic_migrations/versions/4faaa983e7a9_update_member_address_column.py +1 -1
  139. octavia/db/migration/alembic_migrations/versions/4fe8240425b4_update_vip_add_subnet_id.py +2 -2
  140. octavia/db/migration/alembic_migrations/versions/52377704420e_add_timestamps_to_healthmonitor.py +9 -9
  141. octavia/db/migration/alembic_migrations/versions/5309960964f8_add_proxy_protocol_for_pool.py +3 -3
  142. octavia/db/migration/alembic_migrations/versions/543f5d8e4e56_add_a_column_busy_in_table_amphora_health.py +2 -2
  143. octavia/db/migration/alembic_migrations/versions/55874a4ceed6_add_l7policy_action_redirect_prefix.py +5 -5
  144. octavia/db/migration/alembic_migrations/versions/5a3ee5472c31_add_cert_expiration__infor_in_amphora_table.py +4 -4
  145. octavia/db/migration/alembic_migrations/versions/62816c232310_fix_migration_for_mysql_5_7.py +1 -1
  146. octavia/db/migration/alembic_migrations/versions/6742ca1b27c2_add_l7policy_redirect_http_code.py +2 -2
  147. octavia/db/migration/alembic_migrations/versions/6ac558d7fc21_add_prometheus_listener_protocol.py +3 -3
  148. octavia/db/migration/alembic_migrations/versions/6ffc710674ef_spares_pool_table.py +2 -2
  149. octavia/db/migration/alembic_migrations/versions/7432f1d4ea83_add_http_host_head_inject_for_http_health_check.py +4 -4
  150. octavia/db/migration/alembic_migrations/versions/74aae261694c_extend_pool_for_backend_ca_and_crl.py +4 -4
  151. octavia/db/migration/alembic_migrations/versions/76aacf2e176c_extend_support_udp_protocol.py +3 -3
  152. octavia/db/migration/alembic_migrations/versions/80dba23a159f_tags_support.py +3 -3
  153. octavia/db/migration/alembic_migrations/versions/82b9402e71fd_update_vip_address_size.py +1 -1
  154. octavia/db/migration/alembic_migrations/versions/8ac4ed24df3a_add_availability_zone_to_lb.py +4 -4
  155. octavia/db/migration/alembic_migrations/versions/8b47b2546312_sctp_support.py +2 -2
  156. octavia/db/migration/alembic_migrations/versions/8c0851bdf6c3_change_tls_container_id_length_in_sni_.py +1 -1
  157. octavia/db/migration/alembic_migrations/versions/92fe9857279_create_healthmanager_table.py +3 -3
  158. octavia/db/migration/alembic_migrations/versions/9b5473976d6d_add_provisioning_status_to_objects.py +10 -10
  159. octavia/db/migration/alembic_migrations/versions/a1f689aecc1d_extend_pool_for_support_backend_reencryption.py +2 -2
  160. octavia/db/migration/alembic_migrations/versions/a7f187cd221f_add_tls_boolean_type_for_reencryption.py +2 -2
  161. octavia/db/migration/alembic_migrations/versions/b9c703669314_add_flavor_and_flavor_profile_table.py +18 -18
  162. octavia/db/migration/alembic_migrations/versions/ba35e0fb88e1_add_backup_field_to_member.py +2 -2
  163. octavia/db/migration/alembic_migrations/versions/bf171d0d91c3_amphora_add_cached_zone.py +2 -2
  164. octavia/db/migration/alembic_migrations/versions/c761c8a71579_add_availability_zone_table.py +15 -15
  165. octavia/db/migration/alembic_migrations/versions/d85ca7258d21_modernize_l7rule.py +13 -13
  166. octavia/db/migration/alembic_migrations/versions/da371b422669_allowed_cidr_for_listeners.py +7 -7
  167. octavia/db/migration/alembic_migrations/versions/dcf88e59aae4_add_lb_algorithm_source_ip_port.py +3 -3
  168. octavia/db/migration/alembic_migrations/versions/e37941b010db_add_lb_flavor_constraint.py +11 -11
  169. octavia/db/migration/alembic_migrations/versions/e6672bda93bf_add_ping_and_tlshello_monitor_types.py +3 -3
  170. octavia/db/migration/alembic_migrations/versions/e6ee84f0abf3_add_proxy_v2_pool_protocol.py +3 -3
  171. octavia/db/migration/alembic_migrations/versions/ebbcc72b4e5e_add_octavia_owned_vip_column_to_vip_.py +2 -2
  172. octavia/db/migration/alembic_migrations/versions/f21ae3f21adc_add_client_auth_option.py +6 -6
  173. octavia/db/migration/alembic_migrations/versions/fc5582da7d8a_create_amphora_build_rate_limit_tables.py +11 -11
  174. octavia/db/migration/alembic_migrations/versions/ffad172e98c1_add_certificate_revoke_list_option.py +2 -2
  175. octavia/db/models.py +1 -1
  176. octavia/db/repositories.py +3 -3
  177. octavia/distributor/drivers/driver_base.py +1 -1
  178. octavia/distributor/drivers/noop_driver/driver.py +1 -1
  179. octavia/hacking/checks.py +4 -4
  180. octavia/image/drivers/noop_driver/driver.py +1 -1
  181. octavia/image/image_base.py +1 -1
  182. octavia/network/base.py +1 -1
  183. octavia/network/drivers/neutron/allowed_address_pairs.py +11 -9
  184. octavia/network/drivers/neutron/base.py +3 -3
  185. octavia/network/drivers/noop_driver/driver.py +1 -1
  186. octavia/policies/amphora.py +6 -12
  187. octavia/policies/availability_zone.py +5 -10
  188. octavia/policies/availability_zone_profile.py +5 -15
  189. octavia/policies/base.py +1 -20
  190. octavia/policies/flavor.py +5 -10
  191. octavia/policies/flavor_profile.py +5 -10
  192. octavia/policies/healthmonitor.py +6 -12
  193. octavia/policies/l7policy.py +6 -12
  194. octavia/policies/l7rule.py +5 -10
  195. octavia/policies/listener.py +7 -14
  196. octavia/policies/loadbalancer.py +9 -18
  197. octavia/policies/member.py +5 -10
  198. octavia/policies/pool.py +6 -12
  199. octavia/policies/provider.py +1 -2
  200. octavia/policies/provider_availability_zone.py +1 -3
  201. octavia/policies/provider_flavor.py +1 -2
  202. octavia/policies/quota.py +6 -12
  203. octavia/statistics/stats_base.py +1 -1
  204. octavia/tests/common/constants.py +1 -1
  205. octavia/tests/common/data_model_helpers.py +10 -10
  206. octavia/tests/common/sample_data_models.py +1 -1
  207. octavia/tests/common/sample_haproxy_prometheus +17 -17
  208. octavia/tests/common/sample_octavia_prometheus +6 -6
  209. octavia/tests/common/utils.py +2 -2
  210. octavia/tests/functional/amphorae/backend/agent/api_server/test_keepalivedlvs.py +36 -62
  211. octavia/tests/functional/amphorae/backend/agent/api_server/test_server.py +135 -296
  212. octavia/tests/functional/api/drivers/driver_agent/test_driver_agent.py +10 -11
  213. octavia/tests/functional/api/v2/base.py +2 -3
  214. octavia/tests/functional/api/v2/test_amphora.py +6 -6
  215. octavia/tests/functional/api/v2/test_availability_zone_profiles.py +13 -14
  216. octavia/tests/functional/api/v2/test_availability_zones.py +19 -19
  217. octavia/tests/functional/api/v2/test_flavor_profiles.py +19 -20
  218. octavia/tests/functional/api/v2/test_flavors.py +25 -25
  219. octavia/tests/functional/api/v2/test_health_monitor.py +35 -18
  220. octavia/tests/functional/api/v2/test_l7policy.py +11 -11
  221. octavia/tests/functional/api/v2/test_l7rule.py +19 -20
  222. octavia/tests/functional/api/v2/test_listener.py +26 -28
  223. octavia/tests/functional/api/v2/test_load_balancer.py +17 -17
  224. octavia/tests/functional/api/v2/test_member.py +53 -21
  225. octavia/tests/functional/api/v2/test_pool.py +11 -11
  226. octavia/tests/functional/api/v2/test_provider.py +7 -7
  227. octavia/tests/functional/api/v2/test_quotas.py +9 -9
  228. octavia/tests/functional/db/test_models.py +1 -1
  229. octavia/tests/functional/db/test_repositories.py +2 -2
  230. octavia/tests/unit/amphorae/backends/agent/api_server/test_amphora_info.py +60 -61
  231. octavia/tests/unit/amphorae/backends/agent/api_server/test_keepalived.py +3 -3
  232. octavia/tests/unit/amphorae/backends/agent/api_server/test_keepalivedlvs.py +1 -19
  233. octavia/tests/unit/amphorae/backends/agent/api_server/test_loadbalancer.py +94 -34
  234. octavia/tests/unit/amphorae/backends/agent/api_server/test_osutils.py +19 -21
  235. octavia/tests/unit/amphorae/backends/agent/api_server/test_plug.py +9 -11
  236. octavia/tests/unit/amphorae/backends/agent/api_server/test_util.py +11 -25
  237. octavia/tests/unit/amphorae/backends/agent/test_agent_jinja_cfg.py +0 -13
  238. octavia/tests/unit/amphorae/backends/health_daemon/test_health_daemon.py +10 -10
  239. octavia/tests/unit/amphorae/backends/utils/test_haproxy_query.py +1 -1
  240. octavia/tests/unit/amphorae/backends/utils/test_interface.py +33 -94
  241. octavia/tests/unit/amphorae/backends/utils/test_interface_file.py +32 -32
  242. octavia/tests/unit/amphorae/backends/utils/test_network_namespace.py +4 -6
  243. octavia/tests/unit/amphorae/backends/utils/test_nftable_utils.py +28 -22
  244. octavia/tests/unit/amphorae/drivers/haproxy/test_rest_api_driver_1_0.py +77 -118
  245. octavia/tests/unit/amphorae/drivers/health/test_heartbeat_udp.py +8 -8
  246. octavia/tests/unit/amphorae/drivers/keepalived/jinja/test_jinja_cfg.py +0 -4
  247. octavia/tests/unit/api/common/test_pagination.py +84 -14
  248. octavia/tests/unit/api/v2/types/test_availability_zone_profile.py +1 -1
  249. octavia/tests/unit/api/v2/types/test_availability_zones.py +1 -1
  250. octavia/tests/unit/api/v2/types/test_flavor_profile.py +1 -1
  251. octavia/tests/unit/api/v2/types/test_flavors.py +1 -1
  252. octavia/tests/unit/api/v2/types/test_health_monitor.py +1 -1
  253. octavia/tests/unit/api/v2/types/test_listener.py +1 -1
  254. octavia/tests/unit/api/v2/types/test_load_balancer.py +1 -1
  255. octavia/tests/unit/api/v2/types/test_pool.py +1 -1
  256. octavia/tests/unit/base.py +1 -0
  257. octavia/tests/unit/certificates/generator/local_csr.py +1 -1
  258. octavia/tests/unit/certificates/generator/test_local.py +5 -5
  259. octavia/tests/unit/certificates/manager/test_barbican.py +2 -3
  260. octavia/tests/unit/certificates/manager/test_barbican_legacy.py +1 -1
  261. octavia/tests/unit/certificates/manager/test_local.py +13 -14
  262. octavia/tests/unit/cmd/test_health_checker.py +1 -1
  263. octavia/tests/unit/cmd/test_prometheus_proxy.py +8 -1
  264. octavia/tests/unit/common/jinja/haproxy/combined_listeners/test_jinja_cfg.py +171 -216
  265. octavia/tests/unit/common/jinja/logging/test_logging_jinja_cfg.py +1 -1
  266. octavia/tests/unit/common/sample_configs/sample_configs_combined.py +1 -2
  267. octavia/tests/unit/common/test_base_taskflow.py +1 -1
  268. octavia/tests/unit/common/test_decorators.py +2 -2
  269. octavia/tests/unit/common/test_policy.py +3 -6
  270. octavia/tests/unit/common/tls_utils/test_cert_parser.py +4 -1
  271. octavia/tests/unit/controller/worker/v2/flows/test_listener_flows.py +10 -15
  272. octavia/tests/unit/controller/worker/v2/flows/test_load_balancer_flows.py +4 -6
  273. octavia/tests/unit/controller/worker/v2/tasks/test_network_tasks.py +6 -2
  274. octavia/tests/unit/controller/worker/v2/tasks/test_retry_tasks.py +1 -1
  275. octavia/tests/unit/controller/worker/v2/test_controller_worker.py +56 -1
  276. octavia/tests/unit/controller/worker/v2/test_taskflow_jobboard_driver.py +348 -0
  277. octavia/tests/unit/hacking/test_checks.py +3 -3
  278. octavia/tests/unit/image/drivers/noop_driver/test_driver.py +1 -1
  279. octavia/tests/unit/image/drivers/test_glance_driver.py +1 -1
  280. octavia/tests/unit/network/drivers/neutron/test_base.py +1 -1
  281. octavia/tests/unit/statistics/drivers/test_update_db.py +1 -1
  282. octavia/tests/unit/statistics/test_stats_base.py +1 -1
  283. octavia/volume/drivers/noop_driver/driver.py +1 -1
  284. octavia/volume/volume_base.py +1 -1
  285. {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.dist-info}/AUTHORS +6 -0
  286. {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.dist-info}/METADATA +3 -5
  287. {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.dist-info}/RECORD +302 -305
  288. octavia-15.0.0.dist-info/pbr.json +1 -0
  289. octavia/amphorae/backends/agent/api_server/templates/keepalived.sysvinit.j2 +0 -87
  290. octavia/amphorae/backends/agent/api_server/templates/keepalived.upstart.j2 +0 -29
  291. octavia/amphorae/backends/agent/api_server/templates/sysvinit.conf.j2 +0 -232
  292. octavia/amphorae/backends/agent/api_server/templates/upstart.conf.j2 +0 -71
  293. octavia-14.0.0.0rc1.dist-info/pbr.json +0 -1
  294. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/LICENSE +0 -0
  295. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/README.rst +0 -0
  296. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/diskimage-create/README.rst +0 -0
  297. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/diskimage-create/diskimage-create.sh +0 -0
  298. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/diskimage-create/image-tests.sh +0 -0
  299. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/diskimage-create/requirements.txt +0 -0
  300. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/diskimage-create/test-requirements.txt +0 -0
  301. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/diskimage-create/tox.ini +0 -0
  302. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/data/share/octavia/diskimage-create/version.txt +0 -0
  303. {octavia-14.0.0.0rc1.data → octavia-15.0.0.data}/scripts/octavia-wsgi +0 -0
  304. {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.dist-info}/LICENSE +0 -0
  305. {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.dist-info}/WHEEL +0 -0
  306. {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.dist-info}/entry_points.txt +0 -0
  307. {octavia-14.0.0.0rc1.dist-info → octavia-15.0.0.dist-info}/top_level.txt +0 -0
octavia/tests/unit/common/jinja/haproxy/combined_listeners/test_jinja_cfg.py CHANGED
@@ -47,23 +47,21 @@ class TestHaproxyCfg(base.TestCase):
47
47
  CONF.haproxy_amphora.base_cert_dir,
48
48
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
49
49
  fe = ("frontend sample_listener_id_1\n"
50
- " maxconn {maxconn}\n"
51
- " redirect scheme https if !{{ ssl_fc }}\n"
50
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
51
+ " redirect scheme https if !{ ssl_fc }\n"
52
52
  " http-response set-header Strict-Transport-Security "
53
53
  "\"max-age=10000000; includeSubDomains; preload;\"\n"
54
54
  " bind 10.0.0.2:443 "
55
- "ssl crt-list {crt_list} "
55
+ f"ssl crt-list {FAKE_CRT_LIST_FILENAME} "
56
56
  "ca-file /var/lib/octavia/certs/sample_loadbalancer_id_1/"
57
57
  "client_ca.pem verify required crl-file /var/lib/octavia/"
58
- "certs/sample_loadbalancer_id_1/SHA_ID.pem ciphers {ciphers} "
59
- "no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
58
+ "certs/sample_loadbalancer_id_1/SHA_ID.pem ciphers "
59
+ f"{constants.CIPHERS_OWASP_SUITE_B} "
60
+ "no-sslv3 no-tlsv10 no-tlsv11 alpn "
61
+ f"{','.join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)}\n"
60
62
  " mode http\n"
61
63
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
62
- " timeout client 50000\n").format(
63
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
64
- crt_list=FAKE_CRT_LIST_FILENAME,
65
- ciphers=constants.CIPHERS_OWASP_SUITE_B,
66
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
64
+ " timeout client 50000\n")
67
65
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
68
66
  " mode http\n"
69
67
  " balance roundrobin\n"
@@ -71,7 +69,7 @@ class TestHaproxyCfg(base.TestCase):
71
69
  " timeout check 31s\n"
72
70
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
73
71
  " http-check expect rstatus 418\n"
74
- " fullconn {maxconn}\n"
72
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
75
73
  " option allbackups\n"
76
74
  " timeout connect 5000\n"
77
75
  " timeout server 50000\n"
@@ -80,8 +78,7 @@ class TestHaproxyCfg(base.TestCase):
80
78
  "cookie sample_member_id_1\n"
81
79
  " server sample_member_id_2 10.0.0.98:82 "
82
80
  "weight 13 check inter 30s fall 3 rise 2 cookie "
83
- "sample_member_id_2\n\n").format(
84
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
81
+ "sample_member_id_2\n\n")
85
82
  tls_tupe = {'cont_id_1':
86
83
  sample_configs_combined.sample_tls_container_tuple(
87
84
  id='tls_container_id',
@@ -106,20 +103,18 @@ class TestHaproxyCfg(base.TestCase):
106
103
  FAKE_CRT_LIST_FILENAME = os.path.join(
107
104
  CONF.haproxy_amphora.base_cert_dir,
108
105
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
106
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
109
107
  fe = ("frontend sample_listener_id_1\n"
110
- " maxconn {maxconn}\n"
111
- " redirect scheme https if !{{ ssl_fc }}\n"
108
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
109
+ " redirect scheme https if !{ ssl_fc }\n"
112
110
  " http-response set-header Strict-Transport-Security "
113
111
  "\"max-age=10000000; includeSubDomains; preload;\"\n"
114
- " bind 10.0.0.2:443 ssl crt-list {crt_list}"
115
- " ciphers {ciphers} no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
112
+ f" bind 10.0.0.2:443 ssl crt-list {FAKE_CRT_LIST_FILENAME}"
113
+ f" ciphers {constants.CIPHERS_OWASP_SUITE_B} no-sslv3 "
114
+ f"no-tlsv10 no-tlsv11 alpn {alpn}\n"
116
115
  " mode http\n"
117
116
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
118
- " timeout client 50000\n").format(
119
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
120
- crt_list=FAKE_CRT_LIST_FILENAME,
121
- ciphers=constants.CIPHERS_OWASP_SUITE_B,
122
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
117
+ " timeout client 50000\n")
123
118
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
124
119
  " mode http\n"
125
120
  " balance roundrobin\n"
@@ -127,7 +122,7 @@ class TestHaproxyCfg(base.TestCase):
127
122
  " timeout check 31s\n"
128
123
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
129
124
  " http-check expect rstatus 418\n"
130
- " fullconn {maxconn}\n"
125
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
131
126
  " option allbackups\n"
132
127
  " timeout connect 5000\n"
133
128
  " timeout server 50000\n"
@@ -136,8 +131,7 @@ class TestHaproxyCfg(base.TestCase):
136
131
  "cookie sample_member_id_1\n"
137
132
  " server sample_member_id_2 10.0.0.98:82 "
138
133
  "weight 13 check inter 30s fall 3 rise 2 "
139
- "cookie sample_member_id_2\n\n").format(
140
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
134
+ "cookie sample_member_id_2\n\n")
141
135
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
142
136
  sample_configs_combined.sample_amphora_tuple(),
143
137
  [sample_configs_combined.sample_listener_tuple(
@@ -159,19 +153,18 @@ class TestHaproxyCfg(base.TestCase):
159
153
  FAKE_CRT_LIST_FILENAME = os.path.join(
160
154
  CONF.haproxy_amphora.base_cert_dir,
161
155
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
156
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
162
157
  fe = ("frontend sample_listener_id_1\n"
163
- " maxconn {maxconn}\n"
164
- " redirect scheme https if !{{ ssl_fc }}\n"
158
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
159
+ " redirect scheme https if !{ ssl_fc }\n"
165
160
  " http-response set-header Strict-Transport-Security "
166
161
  "\"max-age=10000000; includeSubDomains; preload;\"\n"
167
- " bind 10.0.0.2:443 ssl crt-list {crt_list} "
168
- "no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
162
+ " bind 10.0.0.2:443 ssl crt-list "
163
+ f"{FAKE_CRT_LIST_FILENAME} "
164
+ f"no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
169
165
  " mode http\n"
170
166
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
171
- " timeout client 50000\n").format(
172
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
173
- crt_list=FAKE_CRT_LIST_FILENAME,
174
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
167
+ " timeout client 50000\n")
175
168
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
176
169
  " mode http\n"
177
170
  " balance roundrobin\n"
@@ -211,24 +204,22 @@ class TestHaproxyCfg(base.TestCase):
211
204
  FAKE_CRT_LIST_FILENAME = os.path.join(
212
205
  CONF.haproxy_amphora.base_cert_dir,
213
206
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
207
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
214
208
  fe = ("frontend sample_listener_id_1\n"
215
- " maxconn {maxconn}\n"
216
- " redirect scheme https if !{{ ssl_fc }}\n"
209
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
210
+ " redirect scheme https if !{ ssl_fc }\n"
217
211
  " http-response set-header Strict-Transport-Security "
218
212
  "\"max-age=10000000; includeSubDomains; preload;\"\n"
219
213
  " bind 10.0.0.2:443 "
220
- "ssl crt-list {crt_list} "
214
+ f"ssl crt-list {FAKE_CRT_LIST_FILENAME} "
221
215
  "ca-file /var/lib/octavia/certs/sample_loadbalancer_id_1/"
222
216
  "client_ca.pem verify required crl-file /var/lib/octavia/"
223
- "certs/sample_loadbalancer_id_1/SHA_ID.pem ciphers {ciphers} "
224
- "alpn {alpn}\n"
217
+ "certs/sample_loadbalancer_id_1/SHA_ID.pem ciphers "
218
+ f"{constants.CIPHERS_OWASP_SUITE_B} "
219
+ f"alpn {alpn}\n"
225
220
  " mode http\n"
226
221
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
227
- " timeout client 50000\n").format(
228
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
229
- crt_list=FAKE_CRT_LIST_FILENAME,
230
- ciphers=constants.CIPHERS_OWASP_SUITE_B,
231
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
222
+ " timeout client 50000\n")
232
223
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
233
224
  " mode http\n"
234
225
  " balance roundrobin\n"
@@ -271,19 +262,18 @@ class TestHaproxyCfg(base.TestCase):
271
262
  FAKE_CRT_LIST_FILENAME = os.path.join(
272
263
  CONF.haproxy_amphora.base_cert_dir,
273
264
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
265
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
274
266
  fe = ("frontend sample_listener_id_1\n"
275
- " maxconn {maxconn}\n"
276
- " redirect scheme https if !{{ ssl_fc }}\n"
267
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
268
+ " redirect scheme https if !{ ssl_fc }\n"
277
269
  " http-response set-header Strict-Transport-Security "
278
270
  "\"max-age=10000000; includeSubDomains; preload;\"\n"
279
- " bind 10.0.0.2:443 ssl crt-list {crt_list} "
280
- "alpn {alpn}\n"
271
+ " bind 10.0.0.2:443 ssl crt-list "
272
+ f"{FAKE_CRT_LIST_FILENAME} "
273
+ f"alpn {alpn}\n"
281
274
  " mode http\n"
282
275
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
283
- " timeout client 50000\n").format(
284
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
285
- crt_list=FAKE_CRT_LIST_FILENAME,
286
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
276
+ " timeout client 50000\n")
287
277
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
288
278
  " mode http\n"
289
279
  " balance roundrobin\n"
@@ -325,20 +315,19 @@ class TestHaproxyCfg(base.TestCase):
325
315
  CONF.haproxy_amphora.base_cert_dir,
326
316
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
327
317
  alpn_protocols = ['chip', 'dale']
318
+ alpn = ",".join(alpn_protocols)
328
319
  fe = ("frontend sample_listener_id_1\n"
329
- " maxconn {maxconn}\n"
330
- " redirect scheme https if !{{ ssl_fc }}\n"
320
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
321
+ " redirect scheme https if !{ ssl_fc }\n"
331
322
  " http-response set-header Strict-Transport-Security "
332
323
  "\"max-age=10000000; includeSubDomains; preload;\"\n"
333
- " bind 10.0.0.2:443 ssl crt-list {crt_list} "
334
- "ciphers {ciphers} no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
324
+ " bind 10.0.0.2:443 ssl crt-list "
325
+ f"{FAKE_CRT_LIST_FILENAME} "
326
+ f"ciphers {constants.CIPHERS_OWASP_SUITE_B} "
327
+ f"no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
335
328
  " mode http\n"
336
329
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
337
- " timeout client 50000\n").format(
338
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
339
- crt_list=FAKE_CRT_LIST_FILENAME,
340
- ciphers=constants.CIPHERS_OWASP_SUITE_B,
341
- alpn=",".join(alpn_protocols))
330
+ " timeout client 50000\n")
342
331
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
343
332
  " mode http\n"
344
333
  " balance roundrobin\n"
@@ -380,18 +369,17 @@ class TestHaproxyCfg(base.TestCase):
380
369
  CONF.haproxy_amphora.base_cert_dir,
381
370
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
382
371
  fe = ("frontend sample_listener_id_1\n"
383
- " maxconn {maxconn}\n"
384
- " redirect scheme https if !{{ ssl_fc }}\n"
372
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
373
+ " redirect scheme https if !{ ssl_fc }\n"
385
374
  " http-response set-header Strict-Transport-Security "
386
375
  "\"max-age=10000000; includeSubDomains; preload;\"\n"
387
- " bind 10.0.0.2:443 ssl crt-list {crt_list} "
388
- "ciphers {ciphers} no-sslv3 no-tlsv10 no-tlsv11\n"
376
+ " bind 10.0.0.2:443 ssl crt-list "
377
+ f"{FAKE_CRT_LIST_FILENAME} "
378
+ f"ciphers {constants.CIPHERS_OWASP_SUITE_B} no-sslv3 "
379
+ f"no-tlsv10 no-tlsv11\n"
389
380
  " mode http\n"
390
381
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
391
- " timeout client 50000\n").format(
392
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
393
- crt_list=FAKE_CRT_LIST_FILENAME,
394
- ciphers=constants.CIPHERS_OWASP_SUITE_B)
382
+ " timeout client 50000\n")
395
383
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
396
384
  " mode http\n"
397
385
  " balance roundrobin\n"
@@ -433,18 +421,17 @@ class TestHaproxyCfg(base.TestCase):
433
421
  CONF.haproxy_amphora.base_cert_dir,
434
422
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
435
423
  fe = ("frontend sample_listener_id_1\n"
436
- " maxconn {maxconn}\n"
437
- " redirect scheme https if !{{ ssl_fc }}\n"
424
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
425
+ " redirect scheme https if !{ ssl_fc }\n"
438
426
  " http-response set-header Strict-Transport-Security "
439
427
  "\"max-age=10000000;\"\n"
440
- " bind 10.0.0.2:443 ssl crt-list {crt_list} "
441
- "ciphers {ciphers} no-sslv3 no-tlsv10 no-tlsv11\n"
428
+ " bind 10.0.0.2:443 ssl crt-list "
429
+ f"{FAKE_CRT_LIST_FILENAME} "
430
+ f"ciphers {constants.CIPHERS_OWASP_SUITE_B} "
431
+ "no-sslv3 no-tlsv10 no-tlsv11\n"
442
432
  " mode http\n"
443
433
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
444
- " timeout client 50000\n").format(
445
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
446
- crt_list=FAKE_CRT_LIST_FILENAME,
447
- ciphers=constants.CIPHERS_OWASP_SUITE_B)
434
+ " timeout client 50000\n")
448
435
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
449
436
  " mode http\n"
450
437
  " balance roundrobin\n"
@@ -486,22 +473,20 @@ class TestHaproxyCfg(base.TestCase):
486
473
  FAKE_CRT_LIST_FILENAME = os.path.join(
487
474
  CONF.haproxy_amphora.base_cert_dir,
488
475
  'sample_loadbalancer_id_1/sample_listener_id_1.pem')
476
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
489
477
  fe = ("frontend sample_listener_id_1\n"
490
- " maxconn {maxconn}\n"
491
- " redirect scheme https if !{{ ssl_fc }}\n"
478
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
479
+ " redirect scheme https if !{ ssl_fc }\n"
492
480
  " bind 10.0.0.2:443 "
493
- "ssl crt-list {crt_list} "
481
+ f"ssl crt-list {FAKE_CRT_LIST_FILENAME} "
494
482
  "ca-file /var/lib/octavia/certs/sample_loadbalancer_id_1/"
495
483
  "client_ca.pem verify required crl-file /var/lib/octavia/"
496
- "certs/sample_loadbalancer_id_1/SHA_ID.pem ciphers {ciphers} "
497
- "no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
484
+ "certs/sample_loadbalancer_id_1/SHA_ID.pem ciphers "
485
+ f"{constants.CIPHERS_OWASP_SUITE_B} "
486
+ f"no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
498
487
  " mode http\n"
499
488
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
500
- " timeout client 50000\n").format(
501
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
502
- crt_list=FAKE_CRT_LIST_FILENAME,
503
- ciphers=constants.CIPHERS_OWASP_SUITE_B,
504
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
489
+ " timeout client 50000\n")
505
490
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
506
491
  " mode http\n"
507
492
  " balance roundrobin\n"
@@ -881,7 +866,7 @@ class TestHaproxyCfg(base.TestCase):
881
866
  " timeout check 31s\n"
882
867
  " option external-check\n"
883
868
  " external-check command /var/lib/octavia/ping-wrapper.sh\n"
884
- " fullconn {maxconn}\n"
869
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
885
870
  " option allbackups\n"
886
871
  " timeout connect 5000\n"
887
872
  " timeout server 50000\n"
@@ -890,10 +875,9 @@ class TestHaproxyCfg(base.TestCase):
890
875
  "cookie sample_member_id_1\n"
891
876
  " server sample_member_id_2 10.0.0.98:82 "
892
877
  "weight 13 check inter 30s fall 3 rise 2 "
893
- "cookie sample_member_id_2\n\n").format(
894
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
895
- go = " maxconn {maxconn}\n external-check\n\n".format(
896
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
878
+ "cookie sample_member_id_2\n\n")
879
+ go = (f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
880
+ f" external-check\n\n")
897
881
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
898
882
  sample_configs_combined.sample_amphora_tuple(),
899
883
  [sample_configs_combined.sample_listener_tuple(
@@ -910,7 +894,7 @@ class TestHaproxyCfg(base.TestCase):
910
894
  " timeout check 31s\n"
911
895
  " option external-check\n"
912
896
  " external-check command /var/lib/octavia/ping-wrapper.sh\n"
913
- " fullconn {maxconn}\n"
897
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
914
898
  " option allbackups\n"
915
899
  " timeout connect 5000\n"
916
900
  " timeout server 50000\n"
@@ -919,8 +903,7 @@ class TestHaproxyCfg(base.TestCase):
919
903
  "cookie sample_member_id_1\n"
920
904
  " server sample_member_id_2 10.0.0.98:82 "
921
905
  "weight 13 check inter 30s fall 3 rise 2 "
922
- "cookie sample_member_id_2\n\n").format(
923
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
906
+ "cookie sample_member_id_2\n\n")
924
907
  go = (
925
908
  " server-state-file /var/lib/octavia/sample_loadbalancer_id_1/"
926
909
  "servers-state\n"
@@ -938,12 +921,11 @@ class TestHaproxyCfg(base.TestCase):
938
921
 
939
922
  def test_render_template_no_monitor_https(self):
940
923
  fe = ("frontend sample_listener_id_1\n"
941
- " maxconn {maxconn}\n"
924
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
942
925
  " bind 10.0.0.2:443\n"
943
926
  " mode tcp\n"
944
927
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
945
- " timeout client 50000\n").format(
946
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
928
+ " timeout client 50000\n")
947
929
  lg = (" log-format 12345\\ sample_loadbalancer_id_1\\ %f\\ "
948
930
  "%ci\\ %cp\\ %t\\ -\\ -\\ %B\\ %U\\ "
949
931
  "%[ssl_c_verify]\\ %{+Q}[ssl_c_s_dn]\\ %b\\ %s\\ %Tt\\ "
@@ -952,15 +934,14 @@ class TestHaproxyCfg(base.TestCase):
952
934
  " mode tcp\n"
953
935
  " balance roundrobin\n"
954
936
  " cookie SRV insert indirect nocache\n"
955
- " fullconn {maxconn}\n"
937
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
956
938
  " option allbackups\n"
957
939
  " timeout connect 5000\n"
958
940
  " timeout server 50000\n"
959
941
  " server sample_member_id_1 10.0.0.99:82 weight 13 "
960
942
  "cookie sample_member_id_1\n"
961
943
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
962
- "cookie sample_member_id_2\n\n").format(
963
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
944
+ "cookie sample_member_id_2\n\n")
964
945
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
965
946
  sample_configs_combined.sample_amphora_tuple(),
966
947
  [sample_configs_combined.sample_listener_tuple(proto='HTTPS',
@@ -977,7 +958,7 @@ class TestHaproxyCfg(base.TestCase):
977
958
  " option httpchk GET /index.html HTTP/1.1\\r\\nHost:\\ "
978
959
  "testlab.com\n"
979
960
  " http-check expect rstatus 418\n"
980
- " fullconn {maxconn}\n"
961
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
981
962
  " option allbackups\n"
982
963
  " timeout connect 5000\n"
983
964
  " timeout server 50000\n"
@@ -986,8 +967,7 @@ class TestHaproxyCfg(base.TestCase):
986
967
  "cookie sample_member_id_1\n"
987
968
  " server sample_member_id_2 10.0.0.98:82 "
988
969
  "weight 13 check inter 30s fall 3 rise 2 "
989
- "cookie sample_member_id_2\n\n").format(
990
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
970
+ "cookie sample_member_id_2\n\n")
991
971
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
992
972
  sample_configs_combined.sample_amphora_tuple(),
993
973
  [sample_configs_combined.sample_listener_tuple(
@@ -997,12 +977,11 @@ class TestHaproxyCfg(base.TestCase):
997
977
 
998
978
  def test_render_template_no_persistence_https(self):
999
979
  fe = ("frontend sample_listener_id_1\n"
1000
- " maxconn {maxconn}\n"
980
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1001
981
  " bind 10.0.0.2:443\n"
1002
982
  " mode tcp\n"
1003
983
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
1004
- " timeout client 50000\n").format(
1005
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
984
+ " timeout client 50000\n")
1006
985
  lg = (" log-format 12345\\ sample_loadbalancer_id_1\\ %f\\ "
1007
986
  "%ci\\ %cp\\ %t\\ -\\ -\\ %B\\ %U\\ "
1008
987
  "%[ssl_c_verify]\\ %{+Q}[ssl_c_s_dn]\\ %b\\ %s\\ %Tt\\ "
@@ -1010,14 +989,13 @@ class TestHaproxyCfg(base.TestCase):
1010
989
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1011
990
  " mode tcp\n"
1012
991
  " balance roundrobin\n"
1013
- " fullconn {maxconn}\n"
992
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1014
993
  " option allbackups\n"
1015
994
  " timeout connect 5000\n"
1016
995
  " timeout server 50000\n"
1017
996
  " server sample_member_id_1 10.0.0.99:82 weight 13\n"
1018
997
  " server sample_member_id_2 10.0.0.98:82 "
1019
- "weight 13\n\n").format(
1020
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
998
+ "weight 13\n\n")
1021
999
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1022
1000
  sample_configs_combined.sample_amphora_tuple(),
1023
1001
  [sample_configs_combined.sample_listener_tuple(
@@ -1029,14 +1007,13 @@ class TestHaproxyCfg(base.TestCase):
1029
1007
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1030
1008
  " mode http\n"
1031
1009
  " balance roundrobin\n"
1032
- " fullconn {maxconn}\n"
1010
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1033
1011
  " option allbackups\n"
1034
1012
  " timeout connect 5000\n"
1035
1013
  " timeout server 50000\n"
1036
1014
  " server sample_member_id_1 10.0.0.99:82 weight 13\n"
1037
1015
  " server sample_member_id_2 10.0.0.98:82 "
1038
- "weight 13\n\n").format(
1039
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1016
+ "weight 13\n\n")
1040
1017
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1041
1018
  sample_configs_combined.sample_amphora_tuple(),
1042
1019
  [sample_configs_combined.sample_listener_tuple(
@@ -1053,15 +1030,14 @@ class TestHaproxyCfg(base.TestCase):
1053
1030
  " timeout check 31s\n"
1054
1031
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1055
1032
  " http-check expect rstatus 418\n"
1056
- " fullconn {maxconn}\n"
1033
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1057
1034
  " option allbackups\n"
1058
1035
  " timeout connect 5000\n"
1059
1036
  " timeout server 50000\n"
1060
1037
  " server sample_member_id_1 10.0.0.99:82 "
1061
1038
  "weight 13 check inter 30s fall 3 rise 2\n"
1062
1039
  " server sample_member_id_2 10.0.0.98:82 "
1063
- "weight 13 check inter 30s fall 3 rise 2\n\n").format(
1064
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1040
+ "weight 13 check inter 30s fall 3 rise 2\n\n")
1065
1041
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1066
1042
  sample_configs_combined.sample_amphora_tuple(),
1067
1043
  [sample_configs_combined.sample_listener_tuple(
@@ -1080,15 +1056,14 @@ class TestHaproxyCfg(base.TestCase):
1080
1056
  " timeout check 31s\n"
1081
1057
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1082
1058
  " http-check expect rstatus 418\n"
1083
- " fullconn {maxconn}\n"
1059
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1084
1060
  " option allbackups\n"
1085
1061
  " timeout connect 5000\n"
1086
1062
  " timeout server 50000\n"
1087
1063
  " server sample_member_id_1 10.0.0.99:82 "
1088
1064
  "weight 13 check inter 30s fall 3 rise 2\n"
1089
1065
  " server sample_member_id_2 10.0.0.98:82 "
1090
- "weight 13 check inter 30s fall 3 rise 2\n\n").format(
1091
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1066
+ "weight 13 check inter 30s fall 3 rise 2\n\n")
1092
1067
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1093
1068
  sample_configs_combined.sample_amphora_tuple(),
1094
1069
  [sample_configs_combined.sample_listener_tuple(
@@ -1115,21 +1090,19 @@ class TestHaproxyCfg(base.TestCase):
1115
1090
  "%ci\\ %cp\\ %t\\ -\\ -\\ %B\\ %U\\ "
1116
1091
  "%[ssl_c_verify]\\ %{+Q}[ssl_c_s_dn]\\ %b\\ %s\\ %Tt\\ "
1117
1092
  "%tsc\n\n")
1118
- be = ("backend {pool_id}:{listener_id}\n"
1093
+ be = (f"backend {sample_listener.default_pool.id}:"
1094
+ f"{sample_listener.id}\n"
1119
1095
  " mode tcp\n"
1120
1096
  " balance roundrobin\n"
1121
1097
  " cookie SRV insert indirect nocache\n"
1122
- " fullconn {maxconn}\n"
1098
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1123
1099
  " option allbackups\n"
1124
1100
  " timeout connect 5000\n"
1125
1101
  " timeout server 50000\n"
1126
1102
  " server sample_member_id_1 10.0.0.99:82 weight 13 "
1127
1103
  "cookie sample_member_id_1\n"
1128
1104
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
1129
- "cookie sample_member_id_2\n\n").format(
1130
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1131
- pool_id=sample_listener.default_pool.id,
1132
- listener_id=sample_listener.id)
1105
+ "cookie sample_member_id_2\n\n")
1133
1106
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1134
1107
  sample_amphora,
1135
1108
  [sample_listener])
@@ -1203,7 +1176,7 @@ class TestHaproxyCfg(base.TestCase):
1203
1176
  " timeout check 31s\n"
1204
1177
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1205
1178
  " http-check expect rstatus 418\n"
1206
- " fullconn {maxconn}\n"
1179
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1207
1180
  " option allbackups\n"
1208
1181
  " timeout connect 5000\n"
1209
1182
  " timeout server 50000\n"
@@ -1219,13 +1192,12 @@ class TestHaproxyCfg(base.TestCase):
1219
1192
  " timeout check 31s\n"
1220
1193
  " option httpchk GET /healthmon.html HTTP/1.0\\r\\n\n"
1221
1194
  " http-check expect rstatus 418\n"
1222
- " fullconn {maxconn}\n"
1195
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1223
1196
  " option allbackups\n"
1224
1197
  " timeout connect 5000\n"
1225
1198
  " timeout server 50000\n"
1226
1199
  " server sample_member_id_3 10.0.0.97:82 weight 13 check "
1227
- "inter 30s fall 3 rise 2 cookie sample_member_id_3\n\n").format(
1228
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1200
+ "inter 30s fall 3 rise 2 cookie sample_member_id_3\n\n")
1229
1201
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1230
1202
  sample_configs_combined.sample_amphora_tuple(),
1231
1203
  [sample_configs_combined.sample_listener_tuple(l7=True)])
@@ -1241,7 +1213,7 @@ class TestHaproxyCfg(base.TestCase):
1241
1213
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1242
1214
  " http-check expect rstatus 418\n"
1243
1215
  " option forwardfor\n"
1244
- " fullconn {maxconn}\n"
1216
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1245
1217
  " option allbackups\n"
1246
1218
  " timeout connect 5000\n"
1247
1219
  " timeout server 50000\n"
@@ -1250,8 +1222,7 @@ class TestHaproxyCfg(base.TestCase):
1250
1222
  "cookie sample_member_id_1\n"
1251
1223
  " server sample_member_id_2 10.0.0.98:82 "
1252
1224
  "weight 13 check inter 30s fall 3 rise 2 "
1253
- "cookie sample_member_id_2\n\n").format(
1254
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1225
+ "cookie sample_member_id_2\n\n")
1255
1226
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1256
1227
  sample_configs_combined.sample_amphora_tuple(),
1257
1228
  [sample_configs_combined.sample_listener_tuple(
@@ -1270,7 +1241,7 @@ class TestHaproxyCfg(base.TestCase):
1270
1241
  " http-check expect rstatus 418\n"
1271
1242
  " option forwardfor\n"
1272
1243
  " http-request set-header X-Forwarded-Port %[dst_port]\n"
1273
- " fullconn {maxconn}\n"
1244
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1274
1245
  " option allbackups\n"
1275
1246
  " timeout connect 5000\n"
1276
1247
  " timeout server 50000\n"
@@ -1279,8 +1250,7 @@ class TestHaproxyCfg(base.TestCase):
1279
1250
  "cookie sample_member_id_1\n"
1280
1251
  " server sample_member_id_2 10.0.0.98:82 "
1281
1252
  "weight 13 check inter 30s fall 3 rise 2 "
1282
- "cookie sample_member_id_2\n\n").format(
1283
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1253
+ "cookie sample_member_id_2\n\n")
1284
1254
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1285
1255
  sample_configs_combined.sample_amphora_tuple(),
1286
1256
  [sample_configs_combined.sample_listener_tuple(
@@ -1296,7 +1266,7 @@ class TestHaproxyCfg(base.TestCase):
1296
1266
  " balance roundrobin\n"
1297
1267
  " cookie SRV insert indirect nocache\n"
1298
1268
  " timeout check 31s\n"
1299
- " fullconn {maxconn}\n"
1269
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1300
1270
  " option allbackups\n"
1301
1271
  " timeout connect 5000\n"
1302
1272
  " timeout server 50000\n"
@@ -1305,8 +1275,7 @@ class TestHaproxyCfg(base.TestCase):
1305
1275
  "cookie sample_member_id_1 send-proxy\n"
1306
1276
  " server sample_member_id_2 10.0.0.98:82 "
1307
1277
  "weight 13 check inter 30s fall 3 rise 2 "
1308
- "cookie sample_member_id_2 send-proxy\n\n").format(
1309
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1278
+ "cookie sample_member_id_2 send-proxy\n\n")
1310
1279
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1311
1280
  sample_configs_combined.sample_amphora_tuple(),
1312
1281
  [sample_configs_combined.sample_listener_tuple(be_proto='PROXY')])
@@ -1318,6 +1287,10 @@ class TestHaproxyCfg(base.TestCase):
1318
1287
  feature_compatibility = {constants.POOL_ALPN: True}
1319
1288
  cert_file_path = os.path.join(self.jinja_cfg.base_crt_dir,
1320
1289
  'sample_listener_id_1', 'fake path')
1290
+ opts = (f"ssl crt {cert_file_path} verify none sni ssl_fc_sni "
1291
+ f"ciphers {constants.CIPHERS_OWASP_SUITE_B} "
1292
+ f"no-sslv3 no-tlsv10 no-tlsv11")
1293
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
1321
1294
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1322
1295
  " mode http\n"
1323
1296
  " balance roundrobin\n"
@@ -1325,21 +1298,16 @@ class TestHaproxyCfg(base.TestCase):
1325
1298
  " timeout check 31s\n"
1326
1299
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1327
1300
  " http-check expect rstatus 418\n"
1328
- " fullconn {maxconn}\n"
1301
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1329
1302
  " option allbackups\n"
1330
1303
  " timeout connect 5000\n"
1331
1304
  " timeout server 50000\n"
1332
1305
  " server sample_member_id_1 10.0.0.99:82 weight 13 "
1333
- "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1334
- "sample_member_id_1 {opts} alpn {alpn}\n"
1306
+ f"check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1307
+ f"sample_member_id_1 {opts} alpn {alpn}\n"
1335
1308
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
1336
- "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1337
- "sample_member_id_2 {opts} alpn {alpn}\n\n").format(
1338
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1339
- opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path +
1340
- " ciphers " + constants.CIPHERS_OWASP_SUITE_B +
1341
- " no-sslv3 no-tlsv10 no-tlsv11",
1342
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
1309
+ f"check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1310
+ f"sample_member_id_2 {opts} alpn {alpn}\n\n")
1343
1311
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1344
1312
  sample_configs_combined.sample_amphora_tuple(),
1345
1313
  [sample_configs_combined.sample_listener_tuple(
@@ -1358,6 +1326,9 @@ class TestHaproxyCfg(base.TestCase):
1358
1326
  feature_compatibility = {constants.POOL_ALPN: False}
1359
1327
  cert_file_path = os.path.join(self.jinja_cfg.base_crt_dir,
1360
1328
  'sample_listener_id_1', 'fake path')
1329
+ opts = (f"ssl crt {cert_file_path} verify none sni ssl_fc_sni "
1330
+ f"ciphers {constants.CIPHERS_OWASP_SUITE_B} "
1331
+ f"no-sslv3 no-tlsv10 no-tlsv11")
1361
1332
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1362
1333
  " mode http\n"
1363
1334
  " balance roundrobin\n"
@@ -1365,20 +1336,16 @@ class TestHaproxyCfg(base.TestCase):
1365
1336
  " timeout check 31s\n"
1366
1337
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1367
1338
  " http-check expect rstatus 418\n"
1368
- " fullconn {maxconn}\n"
1339
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1369
1340
  " option allbackups\n"
1370
1341
  " timeout connect 5000\n"
1371
1342
  " timeout server 50000\n"
1372
1343
  " server sample_member_id_1 10.0.0.99:82 weight 13 "
1373
1344
  "check inter 30s fall 3 rise 2 cookie sample_member_id_1 "
1374
- "{opts}\n"
1345
+ f"{opts}\n"
1375
1346
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
1376
1347
  "check inter 30s fall 3 rise 2 cookie sample_member_id_2 "
1377
- "{opts}\n\n").format(
1378
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1379
- opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path +
1380
- " ciphers " + constants.CIPHERS_OWASP_SUITE_B +
1381
- " no-sslv3 no-tlsv10 no-tlsv11")
1348
+ f"{opts}\n\n")
1382
1349
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1383
1350
  sample_configs_combined.sample_amphora_tuple(),
1384
1351
  [sample_configs_combined.sample_listener_tuple(
@@ -1397,6 +1364,9 @@ class TestHaproxyCfg(base.TestCase):
1397
1364
  feature_compatibility = {constants.POOL_ALPN: True}
1398
1365
  cert_file_path = os.path.join(self.jinja_cfg.base_crt_dir,
1399
1366
  'sample_listener_id_1', 'fake path')
1367
+ opts = (f"ssl crt {cert_file_path} verify none sni ssl_fc_sni "
1368
+ f"ciphers {constants.CIPHERS_OWASP_SUITE_B}")
1369
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
1400
1370
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1401
1371
  " mode http\n"
1402
1372
  " balance roundrobin\n"
@@ -1404,20 +1374,17 @@ class TestHaproxyCfg(base.TestCase):
1404
1374
  " timeout check 31s\n"
1405
1375
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1406
1376
  " http-check expect rstatus 418\n"
1407
- " fullconn {maxconn}\n"
1377
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1408
1378
  " option allbackups\n"
1409
1379
  " timeout connect 5000\n"
1410
1380
  " timeout server 50000\n"
1411
1381
  " server sample_member_id_1 10.0.0.99:82 weight 13 "
1412
- "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1413
- "sample_member_id_1 {opts} alpn {alpn}\n"
1382
+ f"check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1383
+ f"sample_member_id_1 {opts} alpn {alpn}\n"
1414
1384
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
1415
- "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1416
- "sample_member_id_2 {opts} alpn {alpn}\n\n").format(
1417
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1418
- opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path +
1419
- " ciphers " + constants.CIPHERS_OWASP_SUITE_B,
1420
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
1385
+ f"check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1386
+ f"sample_member_id_2 {opts} alpn {alpn}\n\n"
1387
+ )
1421
1388
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1422
1389
  sample_configs_combined.sample_amphora_tuple(),
1423
1390
  [sample_configs_combined.sample_listener_tuple(
@@ -1437,6 +1404,9 @@ class TestHaproxyCfg(base.TestCase):
1437
1404
  feature_compatibility = {constants.POOL_ALPN: True}
1438
1405
  cert_file_path = os.path.join(self.jinja_cfg.base_crt_dir,
1439
1406
  'sample_listener_id_1', 'fake path')
1407
+ opts = (f"ssl crt {cert_file_path} verify none sni ssl_fc_sni "
1408
+ f"no-sslv3 no-tlsv10 no-tlsv11")
1409
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
1440
1410
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1441
1411
  " mode http\n"
1442
1412
  " balance roundrobin\n"
@@ -1444,20 +1414,16 @@ class TestHaproxyCfg(base.TestCase):
1444
1414
  " timeout check 31s\n"
1445
1415
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1446
1416
  " http-check expect rstatus 418\n"
1447
- " fullconn {maxconn}\n"
1417
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1448
1418
  " option allbackups\n"
1449
1419
  " timeout connect 5000\n"
1450
1420
  " timeout server 50000\n"
1451
1421
  " server sample_member_id_1 10.0.0.99:82 weight 13 "
1452
- "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1453
- "sample_member_id_1 {opts} alpn {alpn}\n"
1422
+ f"check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1423
+ f"sample_member_id_1 {opts} alpn {alpn}\n"
1454
1424
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
1455
- "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1456
- "sample_member_id_2 {opts} alpn {alpn}\n\n").format(
1457
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1458
- opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path +
1459
- " no-sslv3 no-tlsv10 no-tlsv11",
1460
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
1425
+ f"check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1426
+ f"sample_member_id_2 {opts} alpn {alpn}\n\n")
1461
1427
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1462
1428
  sample_configs_combined.sample_amphora_tuple(),
1463
1429
  [sample_configs_combined.sample_listener_tuple(
@@ -1474,6 +1440,7 @@ class TestHaproxyCfg(base.TestCase):
1474
1440
  def test_render_template_pool_cert_no_ciphers_or_versions_or_alpn(self):
1475
1441
  cert_file_path = os.path.join(self.jinja_cfg.base_crt_dir,
1476
1442
  'sample_listener_id_1', 'fake path')
1443
+ opts = f"ssl crt {cert_file_path} verify none sni ssl_fc_sni"
1477
1444
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1478
1445
  " mode http\n"
1479
1446
  " balance roundrobin\n"
@@ -1481,18 +1448,16 @@ class TestHaproxyCfg(base.TestCase):
1481
1448
  " timeout check 31s\n"
1482
1449
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1483
1450
  " http-check expect rstatus 418\n"
1484
- " fullconn {maxconn}\n"
1451
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1485
1452
  " option allbackups\n"
1486
1453
  " timeout connect 5000\n"
1487
1454
  " timeout server 50000\n"
1488
1455
  " server sample_member_id_1 10.0.0.99:82 weight 13 "
1489
1456
  "check inter 30s fall 3 rise 2 cookie sample_member_id_1 "
1490
- "{opts}\n"
1457
+ f"{opts}\n"
1491
1458
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
1492
1459
  "check inter 30s fall 3 rise 2 cookie sample_member_id_2 "
1493
- "{opts}\n\n").format(
1494
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1495
- opts="ssl crt %s verify none sni ssl_fc_sni" % cert_file_path)
1460
+ f"{opts}\n\n")
1496
1461
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1497
1462
  sample_configs_combined.sample_amphora_tuple(),
1498
1463
  [sample_configs_combined.sample_listener_tuple(
@@ -1514,7 +1479,7 @@ class TestHaproxyCfg(base.TestCase):
1514
1479
  " timeout check 31s\n"
1515
1480
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1516
1481
  " http-check expect rstatus 418\n"
1517
- " fullconn {maxconn}\n"
1482
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1518
1483
  " option allbackups\n"
1519
1484
  " timeout connect 5000\n"
1520
1485
  " timeout server 50000\n"
@@ -1522,8 +1487,7 @@ class TestHaproxyCfg(base.TestCase):
1522
1487
  "check inter 30s fall 3 rise 2 cookie sample_member_id_1\n"
1523
1488
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
1524
1489
  "check inter 30s fall 3 rise 2 cookie sample_member_id_2"
1525
- "\n\n").format(
1526
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1490
+ "\n\n")
1527
1491
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1528
1492
  sample_configs_combined.sample_amphora_tuple(),
1529
1493
  [sample_configs_combined.sample_listener_tuple(
@@ -1537,6 +1501,10 @@ class TestHaproxyCfg(base.TestCase):
1537
1501
  pool_client_cert = '/foo/cert.pem'
1538
1502
  pool_ca_cert = '/foo/ca.pem'
1539
1503
  pool_crl = '/foo/crl.pem'
1504
+ opts = (f"ssl crt {pool_client_cert} ca-file {pool_ca_cert} "
1505
+ f"crl-file {pool_crl} verify required sni ssl_fc_sni "
1506
+ f"no-sslv3 no-tlsv10 no-tlsv11")
1507
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
1540
1508
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1541
1509
  " mode http\n"
1542
1510
  " balance roundrobin\n"
@@ -1544,23 +1512,16 @@ class TestHaproxyCfg(base.TestCase):
1544
1512
  " timeout check 31s\n"
1545
1513
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1546
1514
  " http-check expect rstatus 418\n"
1547
- " fullconn {maxconn}\n"
1515
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1548
1516
  " option allbackups\n"
1549
1517
  " timeout connect 5000\n"
1550
1518
  " timeout server 50000\n"
1551
1519
  " server sample_member_id_1 10.0.0.99:82 weight 13 "
1552
- "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1553
- "sample_member_id_1 {opts} alpn {alpn}\n"
1520
+ f"check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1521
+ f"sample_member_id_1 {opts} alpn {alpn}\n"
1554
1522
  " server sample_member_id_2 10.0.0.98:82 weight 13 "
1555
- "check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1556
- "sample_member_id_2 {opts} alpn {alpn}\n\n").format(
1557
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1558
- opts="%s %s %s %s %s %s" % (
1559
- "ssl", "crt", pool_client_cert,
1560
- "ca-file %s" % pool_ca_cert,
1561
- "crl-file %s" % pool_crl,
1562
- "verify required sni ssl_fc_sni no-sslv3 no-tlsv10 no-tlsv11"),
1563
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS))
1523
+ f"check check-alpn {alpn} inter 30s fall 3 rise 2 cookie "
1524
+ f"sample_member_id_2 {opts} alpn {alpn}\n\n")
1564
1525
  rendered_obj = self.jinja_cfg.render_loadbalancer_obj(
1565
1526
  sample_configs_combined.sample_amphora_tuple(),
1566
1527
  [sample_configs_combined.sample_listener_tuple(
@@ -1839,14 +1800,15 @@ class TestHaproxyCfg(base.TestCase):
1839
1800
  "servers-state\n"
1840
1801
  " maxconn {maxconn}\n\n").format(
1841
1802
  maxconn=constants.HAPROXY_DEFAULT_MAXCONN)
1842
- be = ("backend {pool_id}:{listener_id}\n"
1803
+ be = (f"backend {sample_proxy_listener.default_pool.id}:"
1804
+ f"{sample_proxy_listener.id}\n"
1843
1805
  " mode http\n"
1844
1806
  " http-reuse safe\n"
1845
1807
  " balance roundrobin\n"
1846
1808
  " cookie SRV insert indirect nocache\n"
1847
1809
  " load-server-state-from-file global\n"
1848
1810
  " timeout check 31s\n"
1849
- " fullconn {maxconn}\n"
1811
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1850
1812
  " option allbackups\n"
1851
1813
  " timeout connect 5000\n"
1852
1814
  " timeout server 50000\n"
@@ -1855,10 +1817,7 @@ class TestHaproxyCfg(base.TestCase):
1855
1817
  "cookie sample_member_id_1 send-proxy\n"
1856
1818
  " server sample_member_id_2 10.0.0.98:82 "
1857
1819
  "weight 13 check inter 30s fall 3 rise 2 "
1858
- "cookie sample_member_id_2 send-proxy\n\n").format(
1859
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1860
- pool_id=sample_proxy_listener.default_pool.id,
1861
- listener_id=sample_proxy_listener.id)
1820
+ "cookie sample_member_id_2 send-proxy\n\n")
1862
1821
  rendered_obj = j_cfg.build_config(
1863
1822
  sample_amphora,
1864
1823
  [sample_proxy_listener],
@@ -1871,12 +1830,13 @@ class TestHaproxyCfg(base.TestCase):
1871
1830
  rendered_obj)
1872
1831
 
1873
1832
  # Without http-reuse and server-state-file
1874
- be = ("backend {pool_id}:{listener_id}\n"
1833
+ be = (f"backend {sample_proxy_listener.default_pool.id}:"
1834
+ f"{sample_proxy_listener.id}\n"
1875
1835
  " mode http\n"
1876
1836
  " balance roundrobin\n"
1877
1837
  " cookie SRV insert indirect nocache\n"
1878
1838
  " timeout check 31s\n"
1879
- " fullconn {maxconn}\n"
1839
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1880
1840
  " option allbackups\n"
1881
1841
  " timeout connect 5000\n"
1882
1842
  " timeout server 50000\n"
@@ -1885,10 +1845,7 @@ class TestHaproxyCfg(base.TestCase):
1885
1845
  "cookie sample_member_id_1 send-proxy\n"
1886
1846
  " server sample_member_id_2 10.0.0.98:82 "
1887
1847
  "weight 13 check inter 30s fall 3 rise 2 "
1888
- "cookie sample_member_id_2 send-proxy\n\n").format(
1889
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1890
- pool_id=sample_proxy_listener.default_pool.id,
1891
- listener_id=sample_proxy_listener.id)
1848
+ "cookie sample_member_id_2 send-proxy\n\n")
1892
1849
  rendered_obj = j_cfg.build_config(
1893
1850
  sample_amphora,
1894
1851
  [sample_proxy_listener],
@@ -1903,13 +1860,15 @@ class TestHaproxyCfg(base.TestCase):
1903
1860
  j_cfg = jinja_cfg.JinjaTemplater(
1904
1861
  base_amp_path='/var/lib/octavia',
1905
1862
  base_crt_dir='/var/lib/octavia/certs')
1863
+ alpn = ",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)
1906
1864
  fe = ("frontend sample_listener_id_1\n"
1907
- " maxconn {maxconn}\n"
1908
- " redirect scheme https if !{{ ssl_fc }}\n"
1865
+ f" maxconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1866
+ " redirect scheme https if !{ ssl_fc }\n"
1909
1867
  " http-response set-header Strict-Transport-Security "
1910
1868
  "\"max-age=10000000; includeSubDomains; preload;\"\n"
1911
- " bind 10.0.0.2:443 ciphers {ciphers} "
1912
- "no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
1869
+ " bind 10.0.0.2:443 ciphers "
1870
+ f"{constants.CIPHERS_OWASP_SUITE_B} "
1871
+ f"no-sslv3 no-tlsv10 no-tlsv11 alpn {alpn}\n"
1913
1872
  " mode http\n"
1914
1873
  " acl sample_l7rule_id_1 path -m beg /api\n"
1915
1874
  " use_backend sample_pool_id_2:sample_listener_id_1"
@@ -1943,10 +1902,7 @@ class TestHaproxyCfg(base.TestCase):
1943
1902
  "if sample_l7rule_id_7 !sample_l7rule_id_8 !sample_l7rule_id_9 "
1944
1903
  "!sample_l7rule_id_10 sample_l7rule_id_11\n"
1945
1904
  " default_backend sample_pool_id_1:sample_listener_id_1\n"
1946
- " timeout client 50000\n".format(
1947
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN,
1948
- ciphers=constants.CIPHERS_OWASP_SUITE_B,
1949
- alpn=",".join(constants.AMPHORA_SUPPORTED_ALPN_PROTOCOLS)))
1905
+ " timeout client 50000\n")
1950
1906
  be = ("backend sample_pool_id_1:sample_listener_id_1\n"
1951
1907
  " mode http\n"
1952
1908
  " balance roundrobin\n"
@@ -1954,7 +1910,7 @@ class TestHaproxyCfg(base.TestCase):
1954
1910
  " timeout check 31s\n"
1955
1911
  " option httpchk GET /index.html HTTP/1.0\\r\\n\n"
1956
1912
  " http-check expect rstatus 418\n"
1957
- " fullconn {maxconn}\n"
1913
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1958
1914
  " option allbackups\n"
1959
1915
  " timeout connect 5000\n"
1960
1916
  " timeout server 50000\n"
@@ -1969,13 +1925,12 @@ class TestHaproxyCfg(base.TestCase):
1969
1925
  " timeout check 31s\n"
1970
1926
  " option httpchk GET /healthmon.html HTTP/1.0\\r\\n\n"
1971
1927
  " http-check expect rstatus 418\n"
1972
- " fullconn {maxconn}\n"
1928
+ f" fullconn {constants.HAPROXY_DEFAULT_MAXCONN}\n"
1973
1929
  " option allbackups\n"
1974
1930
  " timeout connect 5000\n"
1975
1931
  " timeout server 50000\n"
1976
1932
  " server sample_member_id_3 10.0.0.97:82 weight 13 check "
1977
- "inter 30s fall 3 rise 2 cookie sample_member_id_3\n\n".format(
1978
- maxconn=constants.HAPROXY_DEFAULT_MAXCONN))
1933
+ "inter 30s fall 3 rise 2 cookie sample_member_id_3\n\n")
1979
1934
  sample_listener = sample_configs_combined.sample_listener_tuple(
1980
1935
  proto=constants.PROTOCOL_TERMINATED_HTTPS, l7=True,
1981
1936
  ssl_type_l7=True)