1 # Copyright 2012 New Dream Network, LLC (DreamHost)
3 # Licensed under the Apache License, Version 2.0 (the "License"); you may
4 # not use this file except in compliance with the License. You may obtain
5 # a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12 # License for the specific language governing permissions and limitations
19 from neutron.agent.linux import utils as agent_utils
20 from neutron.agent.metadata import agent
21 from neutron.agent.metadata import config
22 from neutron.agent import metadata_agent
23 from neutron.common import constants as n_const
24 from neutron.common import utils
25 from neutron.tests import base
28 class FakeConf(object):
30 nova_metadata_ip = '9.9.9.9'
31 nova_metadata_port = 8775
32 metadata_proxy_shared_secret = 'secret'
33 nova_metadata_protocol = 'http'
34 nova_metadata_insecure = True
35 nova_client_cert = 'nova_cert'
36 nova_client_priv_key = 'nova_priv_key'
40 class FakeConfCache(FakeConf):
41 cache_url = 'memory://?default_ttl=5'
44 class TestMetadataProxyHandlerBase(base.BaseTestCase):
48 super(TestMetadataProxyHandlerBase, self).setUp()
49 self.log_p = mock.patch.object(agent, 'LOG')
50 self.log = self.log_p.start()
51 self.handler = agent.MetadataProxyHandler(self.fake_conf)
52 self.handler.plugin_rpc = mock.Mock()
53 self.handler.context = mock.Mock()
56 class TestMetadataProxyHandlerRpc(TestMetadataProxyHandlerBase):
57 def test_get_port_filters(self):
58 router_id = 'test_router_id'
60 networks = ('net_id1', 'net_id2')
61 expected = {'device_id': [router_id],
62 'device_owner': n_const.ROUTER_INTERFACE_OWNERS,
63 'network_id': networks,
64 'fixed_ips': {'ip_address': [ip]}}
65 actual = self.handler._get_port_filters(router_id, ip, networks)
66 self.assertEqual(expected, actual)
68 def test_get_router_networks(self):
69 router_id = 'router-id'
70 expected = ('network_id1', 'network_id2')
71 ports = [{'network_id': 'network_id1', 'something': 42},
72 {'network_id': 'network_id2', 'something_else': 32}]
73 self.handler.plugin_rpc.get_ports.return_value = ports
74 networks = self.handler._get_router_networks(router_id)
75 self.assertEqual(expected, networks)
77 def test_get_ports_for_remote_address(self):
79 networks = ('network_id1', 'network_id2')
80 expected = [{'port_id': 'port_id1'},
81 {'port_id': 'port_id2'}]
82 self.handler.plugin_rpc.get_ports.return_value = expected
83 ports = self.handler._get_ports_for_remote_address(ip, networks)
84 self.assertEqual(expected, ports)
87 class TestMetadataProxyHandlerCache(TestMetadataProxyHandlerBase):
88 fake_conf = FakeConfCache
92 with mock.patch.object(self.handler,
93 '_get_instance_and_tenant_id') as get_ids:
94 get_ids.return_value = ('instance_id', 'tenant_id')
95 with mock.patch.object(self.handler, '_proxy_request') as proxy:
96 proxy.return_value = 'value'
98 retval = self.handler(req)
99 self.assertEqual(retval, 'value')
101 def test_call_no_instance_match(self):
103 with mock.patch.object(self.handler,
104 '_get_instance_and_tenant_id') as get_ids:
105 get_ids.return_value = None, None
106 retval = self.handler(req)
107 self.assertIsInstance(retval, webob.exc.HTTPNotFound)
109 def test_call_internal_server_error(self):
111 with mock.patch.object(self.handler,
112 '_get_instance_and_tenant_id') as get_ids:
113 get_ids.side_effect = Exception
114 retval = self.handler(req)
115 self.assertIsInstance(retval, webob.exc.HTTPInternalServerError)
116 self.assertEqual(len(self.log.mock_calls), 2)
118 def test_get_router_networks(self):
119 router_id = 'router-id'
120 expected = ('network_id1', 'network_id2')
121 ports = [{'network_id': 'network_id1', 'something': 42},
122 {'network_id': 'network_id2', 'something_else': 32}]
123 mock_get_ports = self.handler.plugin_rpc.get_ports
124 mock_get_ports.return_value = ports
125 networks = self.handler._get_router_networks(router_id)
126 mock_get_ports.assert_called_once_with(
128 {'device_id': [router_id],
129 'device_owner': n_const.ROUTER_INTERFACE_OWNERS})
130 self.assertEqual(expected, networks)
132 def _test_get_router_networks_twice_helper(self):
133 router_id = 'router-id'
134 ports = [{'network_id': 'network_id1', 'something': 42}]
135 expected_networks = ('network_id1',)
137 'oslo_utils.timeutils.utcnow_ts', return_value=0):
138 mock_get_ports = self.handler.plugin_rpc.get_ports
139 mock_get_ports.return_value = ports
140 networks = self.handler._get_router_networks(router_id)
141 mock_get_ports.assert_called_once_with(
143 {'device_id': [router_id],
144 'device_owner': n_const.ROUTER_INTERFACE_OWNERS})
145 self.assertEqual(expected_networks, networks)
146 networks = self.handler._get_router_networks(router_id)
148 def test_get_router_networks_twice(self):
149 self._test_get_router_networks_twice_helper()
151 1, self.handler.plugin_rpc.get_ports.call_count)
153 def _get_ports_for_remote_address_cache_hit_helper(self):
154 remote_address = 'remote_address'
155 networks = ('net1', 'net2')
156 mock_get_ports = self.handler.plugin_rpc.get_ports
157 mock_get_ports.return_value = [{'network_id': 'net1', 'something': 42}]
158 self.handler._get_ports_for_remote_address(remote_address, networks)
159 mock_get_ports.assert_called_once_with(
161 {'network_id': networks,
162 'fixed_ips': {'ip_address': [remote_address]}}
164 self.assertEqual(1, mock_get_ports.call_count)
165 self.handler._get_ports_for_remote_address(remote_address,
168 def test_get_ports_for_remote_address_cache_hit(self):
169 self._get_ports_for_remote_address_cache_hit_helper()
171 1, self.handler.plugin_rpc.get_ports.call_count)
173 def test_get_ports_network_id(self):
174 network_id = 'network-id'
175 router_id = 'router-id'
176 remote_address = 'remote-address'
178 networks = (network_id,)
179 with mock.patch.object(self.handler,
180 '_get_ports_for_remote_address'
181 ) as mock_get_ip_addr,\
182 mock.patch.object(self.handler,
183 '_get_router_networks'
184 ) as mock_get_router_networks:
185 mock_get_ip_addr.return_value = expected
186 ports = self.handler._get_ports(remote_address, network_id,
188 mock_get_ip_addr.assert_called_once_with(remote_address,
190 self.assertFalse(mock_get_router_networks.called)
191 self.assertEqual(expected, ports)
193 def test_get_ports_router_id(self):
194 router_id = 'router-id'
195 remote_address = 'remote-address'
197 networks = ('network1', 'network2')
198 with mock.patch.object(self.handler,
199 '_get_ports_for_remote_address',
200 return_value=expected
201 ) as mock_get_ip_addr,\
202 mock.patch.object(self.handler,
203 '_get_router_networks',
204 return_value=networks
205 ) as mock_get_router_networks:
206 ports = self.handler._get_ports(remote_address,
208 mock_get_router_networks.called_once_with(router_id)
209 mock_get_ip_addr.assert_called_once_with(remote_address, networks)
210 self.assertEqual(expected, ports)
212 def test_get_ports_no_id(self):
213 self.assertRaises(TypeError, self.handler._get_ports, 'remote_address')
215 def _get_instance_and_tenant_id_helper(self, headers, list_ports_retval,
216 networks=None, router_id=None):
217 remote_address = '192.168.1.1'
218 headers['X-Forwarded-For'] = remote_address
219 req = mock.Mock(headers=headers)
221 def mock_get_ports(*args, **kwargs):
222 return list_ports_retval.pop(0)
224 self.handler.plugin_rpc.get_ports.side_effect = mock_get_ports
225 instance_id, tenant_id = self.handler._get_instance_and_tenant_id(req)
233 {'device_id': [router_id],
234 'device_owner': n_const.ROUTER_INTERFACE_OWNERS}
241 {'network_id': networks,
242 'fixed_ips': {'ip_address': ['192.168.1.1']}}
246 self.handler.plugin_rpc.get_ports.assert_has_calls(expected)
248 return (instance_id, tenant_id)
250 def test_get_instance_id_router_id(self):
253 'X-Neutron-Router-ID': router_id
256 networks = ('net1', 'net2')
258 [{'network_id': 'net1'}, {'network_id': 'net2'}],
259 [{'device_id': 'device_id', 'tenant_id': 'tenant_id',
260 'network_id': 'net1'}]
264 self._get_instance_and_tenant_id_helper(headers, ports,
266 router_id=router_id),
267 ('device_id', 'tenant_id')
270 def test_get_instance_id_router_id_no_match(self):
273 'X-Neutron-Router-ID': router_id
276 networks = ('net1', 'net2')
278 [{'network_id': 'net1'}, {'network_id': 'net2'}],
282 self._get_instance_and_tenant_id_helper(headers, ports,
284 router_id=router_id),
288 def test_get_instance_id_network_id(self):
289 network_id = 'the_id'
291 'X-Neutron-Network-ID': network_id
295 [{'device_id': 'device_id',
296 'tenant_id': 'tenant_id',
297 'network_id': 'the_id'}]
301 self._get_instance_and_tenant_id_helper(headers, ports,
302 networks=('the_id',)),
303 ('device_id', 'tenant_id')
306 def test_get_instance_id_network_id_no_match(self):
307 network_id = 'the_id'
309 'X-Neutron-Network-ID': network_id
315 self._get_instance_and_tenant_id_helper(headers, ports,
316 networks=('the_id',)),
320 def _proxy_request_test_helper(self, response_code=200, method='GET'):
321 hdrs = {'X-Forwarded-For': '8.8.8.8'}
324 req = mock.Mock(path_info='/the_path', query_string='', headers=hdrs,
325 method=method, body=body)
326 resp = mock.MagicMock(status=response_code)
328 with mock.patch.object(self.handler, '_sign_instance_id') as sign:
329 sign.return_value = 'signed'
330 with mock.patch('httplib2.Http') as mock_http:
331 resp.__getitem__.return_value = "text/plain"
332 mock_http.return_value.request.return_value = (resp, 'content')
334 retval = self.handler._proxy_request('the_id', 'tenant_id',
336 mock_http.assert_called_once_with(
337 ca_certs=None, disable_ssl_certificate_validation=True)
338 mock_http.assert_has_calls([
339 mock.call().add_certificate(
340 FakeConf.nova_client_priv_key,
341 FakeConf.nova_client_cert,
342 "%s:%s" % (FakeConf.nova_metadata_ip,
343 FakeConf.nova_metadata_port)
346 'http://9.9.9.9:8775/the_path',
349 'X-Forwarded-For': '8.8.8.8',
350 'X-Instance-ID-Signature': 'signed',
351 'X-Instance-ID': 'the_id',
352 'X-Tenant-ID': 'tenant_id'
360 def test_proxy_request_post(self):
361 response = self._proxy_request_test_helper(method='POST')
362 self.assertEqual(response.content_type, "text/plain")
363 self.assertEqual(response.body, 'content')
365 def test_proxy_request_200(self):
366 response = self._proxy_request_test_helper(200)
367 self.assertEqual(response.content_type, "text/plain")
368 self.assertEqual(response.body, 'content')
370 def test_proxy_request_400(self):
371 self.assertIsInstance(self._proxy_request_test_helper(400),
372 webob.exc.HTTPBadRequest)
374 def test_proxy_request_403(self):
375 self.assertIsInstance(self._proxy_request_test_helper(403),
376 webob.exc.HTTPForbidden)
378 def test_proxy_request_404(self):
379 self.assertIsInstance(self._proxy_request_test_helper(404),
380 webob.exc.HTTPNotFound)
382 def test_proxy_request_409(self):
383 self.assertIsInstance(self._proxy_request_test_helper(409),
384 webob.exc.HTTPConflict)
386 def test_proxy_request_500(self):
387 self.assertIsInstance(self._proxy_request_test_helper(500),
388 webob.exc.HTTPInternalServerError)
390 def test_proxy_request_other_code(self):
391 with testtools.ExpectedException(Exception):
392 self._proxy_request_test_helper(302)
394 def test_sign_instance_id(self):
396 self.handler._sign_instance_id('foo'),
397 '773ba44693c7553d6ee20f61ea5d2757a9a4f4a44d2841ae4e95b52e4cd62db4'
401 class TestMetadataProxyHandlerNoCache(TestMetadataProxyHandlerCache):
404 def test_get_router_networks_twice(self):
405 self._test_get_router_networks_twice_helper()
407 2, self.handler.plugin_rpc.get_ports.call_count)
409 def test_get_ports_for_remote_address_cache_hit(self):
410 self._get_ports_for_remote_address_cache_hit_helper()
412 2, self.handler.plugin_rpc.get_ports.call_count)
415 class TestUnixDomainMetadataProxy(base.BaseTestCase):
417 super(TestUnixDomainMetadataProxy, self).setUp()
418 self.cfg_p = mock.patch.object(agent, 'cfg')
419 self.cfg = self.cfg_p.start()
420 looping_call_p = mock.patch(
421 'oslo_service.loopingcall.FixedIntervalLoopingCall')
422 self.looping_mock = looping_call_p.start()
423 self.cfg.CONF.metadata_proxy_socket = '/the/path'
424 self.cfg.CONF.metadata_workers = 0
425 self.cfg.CONF.metadata_backlog = 128
426 self.cfg.CONF.metadata_proxy_socket_mode = config.USER_MODE
428 @mock.patch.object(utils, 'ensure_dir')
429 def test_init_doesnot_exists(self, ensure_dir):
430 agent.UnixDomainMetadataProxy(mock.Mock())
431 ensure_dir.assert_called_once_with('/the')
433 def test_init_exists(self):
434 with mock.patch('os.path.isdir') as isdir:
435 with mock.patch('os.unlink') as unlink:
436 isdir.return_value = True
437 agent.UnixDomainMetadataProxy(mock.Mock())
438 unlink.assert_called_once_with('/the/path')
440 def test_init_exists_unlink_no_file(self):
441 with mock.patch('os.path.isdir') as isdir:
442 with mock.patch('os.unlink') as unlink:
443 with mock.patch('os.path.exists') as exists:
444 isdir.return_value = True
445 exists.return_value = False
446 unlink.side_effect = OSError
448 agent.UnixDomainMetadataProxy(mock.Mock())
449 unlink.assert_called_once_with('/the/path')
451 def test_init_exists_unlink_fails_file_still_exists(self):
452 with mock.patch('os.path.isdir') as isdir:
453 with mock.patch('os.unlink') as unlink:
454 with mock.patch('os.path.exists') as exists:
455 isdir.return_value = True
456 exists.return_value = True
457 unlink.side_effect = OSError
459 with testtools.ExpectedException(OSError):
460 agent.UnixDomainMetadataProxy(mock.Mock())
461 unlink.assert_called_once_with('/the/path')
463 @mock.patch.object(agent, 'MetadataProxyHandler')
464 @mock.patch.object(agent_utils, 'UnixDomainWSGIServer')
465 @mock.patch.object(utils, 'ensure_dir')
466 def test_run(self, ensure_dir, server, handler):
467 p = agent.UnixDomainMetadataProxy(self.cfg.CONF)
470 ensure_dir.assert_called_once_with('/the')
471 server.assert_has_calls([
472 mock.call('neutron-metadata-agent'),
473 mock.call().start(handler.return_value,
474 '/the/path', workers=0,
475 backlog=128, mode=0o644),
480 with mock.patch.object(agent, 'UnixDomainMetadataProxy') as proxy:
481 with mock.patch.object(metadata_agent, 'config') as config:
482 with mock.patch.object(metadata_agent, 'cfg') as cfg:
483 with mock.patch.object(utils, 'cfg'):
484 metadata_agent.main()
486 self.assertTrue(config.setup_logging.called)
487 proxy.assert_has_calls([
492 def test_init_state_reporting(self):
493 with mock.patch('os.makedirs'):
494 proxy = agent.UnixDomainMetadataProxy(mock.Mock())
495 self.looping_mock.assert_called_once_with(proxy._report_state)
496 self.looping_mock.return_value.start.assert_called_once_with(
499 def test_report_state(self):
500 with mock.patch('neutron.agent.rpc.PluginReportStateAPI') as state_api:
501 with mock.patch('os.makedirs'):
502 proxy = agent.UnixDomainMetadataProxy(mock.Mock())
503 self.assertTrue(proxy.agent_state['start_flag'])
504 proxy._report_state()
505 self.assertNotIn('start_flag', proxy.agent_state)
506 state_api_inst = state_api.return_value
507 state_api_inst.report_state.assert_called_once_with(
508 proxy.context, proxy.agent_state, use_call=True)
Code Review / openstack-build / neutron-build.git / blob