Merge "Add firewall behavior assertions to testinfra testing"

This commit is contained in:
Zuul 2022-03-18 17:12:00 +00:00 committed by Gerrit Code Review
commit 7e76a78e60
2 changed files with 34 additions and 0 deletions

@ -13,6 +13,7 @@
# under the License.
import json
import util
testinfra_hosts = ['zk04.opendev.org']
@ -53,3 +54,23 @@ def test_zookeeper_statsd_running(host):
out = json.loads(cmd.stdout)
assert out[0]["State"]["Status"] == "running"
assert out[0]["RestartCount"] == 0
def test_zk_2181_accessibility(host):
# Ask the host to report its own IP addresses. This will use our test
# local /etc/hosts values and not DNS.
zk = host.addr("zk04.opendev.org")
# Verify it is using our local /etc/hosts values
print(zk.ipv4_addresses)
print(zk.ipv6_addresses)
for addr in zk.ipv4_addresses + zk.ipv6_addresses:
if addr.startswith("::ffff:"):
# This is an ipv4 address mapped to ipv6 and is covered by
# the ipv4_addresses list
continue
if addr.startswith("127.") or addr == "::1":
# We don't want to talk to localhost as we are connecting
# from our test bridge instance.
continue
util.check_unreachable(addr, 2181)
util.check_unreachable(addr, 2281)

@ -121,3 +121,16 @@ def verify_iptables(host):
assert snmp in ip6rules
return rules
def check_unreachable(addr, port, errno=113):
# errno 113 is no route to host
try:
s = socket.create_connection((addr, port), timeout=10)
except OSError as e:
# No route to host
assert e.errno == errno
else:
s.close()
# We should always error.
assert False