From 6824207a0e807891f120ab6a31b713512fb335f6 Mon Sep 17 00:00:00 2001
From: mayurindalkar <mayur.indalkar@veritas.com>
Date: Thu, 8 Jun 2017 15:26:04 +0530
Subject: [PATCH] Implementation of Manila driver for Veritas Access

This driver implements all the minimum required features for manila.

Change-Id: I60de5f9e598e32f853804cd3d7807aaacdde273b
Implement: blueprint veritas-manila-driver
---
 manila/share/drivers/veritas/__init__.py      |   0
 manila/share/drivers/veritas/veritas_isa.py   | 628 ++++++++++++++++++
 .../tests/share/drivers/veritas/__init__.py   |   0
 .../share/drivers/veritas/test_veritas_isa.py | 610 +++++++++++++++++
 ...access-manila-driver-d75558c01ce6d428.yaml |   3 +
 5 files changed, 1241 insertions(+)
 create mode 100644 manila/share/drivers/veritas/__init__.py
 create mode 100644 manila/share/drivers/veritas/veritas_isa.py
 create mode 100644 manila/tests/share/drivers/veritas/__init__.py
 create mode 100644 manila/tests/share/drivers/veritas/test_veritas_isa.py
 create mode 100644 releasenotes/notes/veritas-access-manila-driver-d75558c01ce6d428.yaml

diff --git a/manila/share/drivers/veritas/__init__.py b/manila/share/drivers/veritas/__init__.py
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/manila/share/drivers/veritas/veritas_isa.py b/manila/share/drivers/veritas/veritas_isa.py
new file mode 100644
index 0000000000..69d9223f35
--- /dev/null
+++ b/manila/share/drivers/veritas/veritas_isa.py
@@ -0,0 +1,628 @@
+# Copyright 2017 Veritas Technologies LLC.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+"""
+Veritas Access Driver for manila shares.
+
+Limitation:
+
+1) single tenant
+"""
+
+import hashlib
+import json
+
+from oslo_config import cfg
+from oslo_log import log as logging
+from oslo_utils import units
+from random import shuffle
+import requests
+import requests.auth
+import six
+from six.moves import http_client
+
+from manila.common import constants as const
+from manila import exception
+from manila.share import driver
+
+LOG = logging.getLogger(__name__)
+
+
+va_share_opts = [
+    cfg.StrOpt('va_server_ip',
+               help='Console IP of Veritas Access server.'),
+    cfg.IntOpt('va_port',
+               default=14161,
+               help='Veritas Access server REST port.'),
+    cfg.StrOpt('va_user',
+               help='Veritas Access server REST login name.'),
+    cfg.StrOpt('va_pwd',
+               secret=True,
+               help='Veritas Access server REST password.'),
+    cfg.StrOpt('va_pool',
+               help='Veritas Access storage pool from which'
+                    'shares are served.'),
+    cfg.StrOpt('va_fstype',
+               default='simple',
+               help='Type of VA file system to be created.')
+]
+
+
+CONF = cfg.CONF
+CONF.register_opts(va_share_opts)
+
+
+class NoAuth(requests.auth.AuthBase):
+    """This is a 'authentication' handler.
+
+    It exists for use with custom authentication systems, such as the
+    one for the Access API, it simply passes the Authorization header as-is.
+
+    The default authentication handler for requests will clobber the
+    Authorization header.
+    """
+
+    def __call__(self, r):
+        return r
+
+
+class ACCESSShareDriver(driver.ExecuteMixin, driver.ShareDriver):
+    """ACCESS Share Driver.
+
+    Executes commands relating to Manila Shares.
+    Supports creation of shares on ACCESS.
+
+    API version history:
+
+        1.0 - Initial version.
+    """
+
+    VA_SHARE_PATH_STR = '/vx/'
+
+    def __init__(self, *args, **kwargs):
+        """Do initialization."""
+
+        super(ACCESSShareDriver, self).__init__(False, *args, **kwargs)
+        self.configuration.append_config_values(va_share_opts)
+        self.backend_name = self.configuration.safe_get(
+            'share_backend_name') or "VeritasACCESS"
+        self._va_ip = None
+        self._va_url = None
+        self._pool = None
+        self._fstype = None
+        self._port = None
+        self._user = None
+        self._pwd = None
+        self._cred = None
+        self._connect_resp = None
+        self._verify_ssl_cert = None
+        self._fs_create_str = '/fs/create'
+        self._fs_list_str = '/fs'
+        self._fs_delete_str = '/fs/destroy'
+        self._fs_extend_str = '/fs/grow'
+        self._fs_shrink_str = '/fs/shrink'
+        self._snap_create_str = '/snapshot/create'
+        self._snap_delete_str = '/snapshot/delete'
+        self._snap_list_str = '/snapshot/getSnapShotList'
+        self._nfs_add_str = '/share/create'
+        self._nfs_delete_str = '/share/delete'
+        self._nfs_share_list_str = '/share/all_shares_details_by_path/?path='
+        self._ip_addr_show_str = '/common/get_all_ips'
+        self._pool_free_str = '/storage/pool'
+        self._update_object = '/objecttags'
+        self.session = None
+        self.host = None
+        LOG.debug("ACCESSShareDriver called")
+
+    def do_setup(self, context):
+        """Any initialization the share driver does while starting."""
+        super(ACCESSShareDriver, self).do_setup(context)
+
+        self._va_ip = self.configuration.va_server_ip
+        self._pool = self.configuration.va_pool
+        self._user = self.configuration.va_user
+        self._pwd = self.configuration.va_pwd
+        self._port = self.configuration.va_port
+        self._fstype = self.configuration.va_fstype
+        self.session = self._authenticate_access(self._va_ip, self._user,
+                                                 self._pwd)
+
+    def _get_va_share_name(self, name):
+        length = len(name)
+        index = int(length / 2)
+        name1 = name[:index]
+        name2 = name[index:]
+        crc1 = hashlib.md5(name1.encode('utf-8')).hexdigest()[:8]
+        crc2 = hashlib.md5(name2.encode('utf-8')).hexdigest()[:8]
+        return crc1 + '-' + crc2
+
+    def _get_va_snap_name(self, name):
+        return self._get_va_share_name(name)
+
+    def _get_va_share_path(self, name):
+        return self.VA_SHARE_PATH_STR + name
+
+    def _does_item_exist_at_va_backend(self, item_name, path_given):
+        """Check given share is exists on backend"""
+
+        path = path_given
+        provider = '%s:%s' % (self.host, self._port)
+        data = {}
+        item_list = self._access_api(self.session, provider, path,
+                                     json.dumps(data), 'GET')
+
+        for item in item_list:
+            if item['name'] == item_name:
+                return True
+
+        return False
+
+    def _return_access_lists_difference(self, list_a, list_b):
+        """Returns a list of elements in list_a that are not in list_b"""
+
+        sub_list = [{"access_to": s.get('access_to'),
+                     "access_type": s.get('access_type'),
+                     "access_level": s.get('access_level')}
+                    for s in list_b]
+
+        return [r for r in list_a if (
+            {"access_to": r.get("access_to"),
+             "access_type": r.get("access_type"),
+             "access_level": r.get("access_level")} not in sub_list)]
+
+    def _fetch_existing_rule(self, share_name):
+        """Return list of access rules on given share"""
+
+        share_path = self._get_va_share_path(share_name)
+        path = self._nfs_share_list_str + share_path
+        provider = '%s:%s' % (self.host, self._port)
+        data = {}
+        share_list = self._access_api(self.session, provider, path,
+                                      json.dumps(data), 'GET')
+
+        va_access_list = []
+        for share in share_list:
+            if share['shareType'] == 'NFS':
+                for share_info in share['shares']:
+                    if share_info['name'] == share_path:
+                        access_to = share_info['host_name']
+                        a_level = const.ACCESS_LEVEL_RO
+                        if const.ACCESS_LEVEL_RW in share_info['privilege']:
+                            a_level = const.ACCESS_LEVEL_RW
+                        va_access_list.append({
+                            'access_to': access_to,
+                            'access_level': a_level,
+                            'access_type': 'ip'
+                        })
+
+        return va_access_list
+
+    def create_share(self, ctx, share, share_server=None):
+        """Create an ACCESS file system that will be represented as share."""
+
+        sharename = share['name']
+        sizestr = '%sg' % share['size']
+        LOG.debug("ACCESSShareDriver create_share sharename %s sizestr %r",
+                  sharename, sizestr)
+        va_sharename = self._get_va_share_name(sharename)
+        va_sharepath = self._get_va_share_path(va_sharename)
+        va_fs_type = self._fstype
+        path = self._fs_create_str
+        provider = '%s:%s' % (self.host, self._port)
+        data1 = {
+            "largefs": "no",
+            "blkSize": "blksize=8192",
+            "pdirEnable": "pdir_enable=yes"
+        }
+        data1["layout"] = va_fs_type
+        data1["fs_name"] = va_sharename
+        data1["fs_size"] = sizestr
+        data1["pool_disks"] = self._pool
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data1), 'POST')
+        if not result:
+            message = (('ACCESSShareDriver create share failed %s'), sharename)
+            LOG.error(message)
+            raise exception.ShareBackendException(msg=message)
+
+        data2 = {"type": "FS", "key": "manila"}
+        data2["id"] = va_sharename
+        data2["value"] = 'manila_fs'
+        path = self._update_object
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data2), 'POST')
+
+        vip = self._get_vip()
+        location = vip + ':' + va_sharepath
+        LOG.debug("ACCESSShareDriver create_share location %s", location)
+        return location
+
+    def _get_vip(self):
+        """Get a virtual IP from ACCESS."""
+        ip_list = self._get_access_ips(self.session, self.host)
+        vip = []
+        for ips in ip_list:
+            if ips['isconsoleip'] == 1:
+                continue
+            if ips['type'] == 'Virtual' and ips['status'] == 'ONLINE':
+                vip.append(ips['ip'])
+        shuffle(vip)
+        return six.text_type(vip[0])
+
+    def delete_share(self, context, share, share_server=None):
+        """Delete a share from ACCESS."""
+
+        sharename = share['name']
+        va_sharename = self._get_va_share_name(sharename)
+        LOG.debug("ACCESSShareDriver delete_share %s called",
+                  sharename)
+        if share['snapshot_id']:
+            message = (('ACCESSShareDriver delete share %s'
+                        ' early return'), sharename)
+            LOG.debug(message)
+            return
+
+        ret_val = self._does_item_exist_at_va_backend(va_sharename,
+                                                      self._fs_list_str)
+        if not ret_val:
+            return
+
+        path = self._fs_delete_str
+        provider = '%s:%s' % (self.host, self._port)
+        data = {}
+        data["fs_name"] = va_sharename
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data), 'POST')
+        if not result:
+            message = (('ACCESSShareDriver delete share failed %s'), sharename)
+            LOG.error(message)
+            raise exception.ShareBackendException(msg=message)
+
+        data2 = {"type": "FS", "key": "manila"}
+        data2["id"] = va_sharename
+        path = self._update_object
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data2), 'DELETE')
+
+    def extend_share(self, share, new_size, share_server=None):
+        """Extend existing share to new size."""
+        sharename = share['name']
+        size = '%s%s' % (six.text_type(new_size), 'g')
+        va_sharename = self._get_va_share_name(sharename)
+        path = self._fs_extend_str
+        provider = '%s:%s' % (self.host, self._port)
+        data1 = {"operationOption": "growto", "tier": "primary"}
+        data1["fs_name"] = va_sharename
+        data1["fs_size"] = size
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data1), 'POST')
+        if not result:
+            message = (('ACCESSShareDriver extend share failed %s'), sharename)
+            LOG.error(message)
+            raise exception.ShareBackendException(msg=message)
+
+        LOG.debug('ACCESSShareDriver extended share'
+                  ' successfully %s', sharename)
+
+    def shrink_share(self, share, new_size, share_server=None):
+        """Shrink existing share to new size."""
+        sharename = share['name']
+        va_sharename = self._get_va_share_name(sharename)
+        size = '%s%s' % (six.text_type(new_size), 'g')
+        path = self._fs_extend_str
+        provider = '%s:%s' % (self.host, self._port)
+        data1 = {"operationOption": "shrinkto", "tier": "primary"}
+        data1["fs_name"] = va_sharename
+        data1["fs_size"] = size
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data1), 'POST')
+        if not result:
+            message = (('ACCESSShareDriver shrink share failed %s'), sharename)
+            LOG.error(message)
+            raise exception.ShareBackendException(msg=message)
+
+        LOG.debug('ACCESSShareDriver shrunk share successfully %s', sharename)
+
+    def _allow_access(self, context, share, access, share_server=None):
+        """Give access of a share to an IP."""
+
+        access_type = access['access_type']
+        server = access['access_to']
+        if access_type != 'ip':
+            raise exception.InvalidShareAccess('Only ip access type '
+                                               'supported.')
+        access_level = access['access_level']
+
+        if access_level not in (const.ACCESS_LEVEL_RW, const.ACCESS_LEVEL_RO):
+            raise exception.InvalidShareAccessLevel(level=access_level)
+        export_path = share['export_locations'][0]['path'].split(':', 1)
+        va_sharepath = six.text_type(export_path[1])
+        access_level = '%s,%s' % (six.text_type(access_level),
+                                  'sync,no_root_squash')
+
+        path = self._nfs_add_str
+        provider = '%s:%s' % (self.host, self._port)
+        data = {}
+        va_share_info = ("{\"share\":[{\"fileSystemPath\":\""+va_sharepath +
+                         "\",\"shareType\":\"NFS\",\"shareDetails\":" +
+                         "[{\"client\":\""+server+"\",\"exportOptions\":\"" +
+                         access_level+"\"}]}]}")
+
+        data["shareDetails"] = va_share_info
+
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data), 'POST')
+
+        if not result:
+            message = (('ACCESSShareDriver access failed sharepath %s'
+                        'server %s'),
+                       va_sharepath,
+                       server)
+            LOG.error(message)
+            raise exception.ShareBackendException(msg=message)
+
+        LOG.debug("ACCESSShareDriver allow_access sharepath %s server %s",
+                  va_sharepath, server)
+
+        data2 = {"type": "SHARE", "key": "manila"}
+        data2["id"] = va_sharepath
+        data2["value"] = 'manila_share'
+        path = self._update_object
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data2), 'POST')
+
+    def _deny_access(self, context, share, access, share_server=None):
+        """Deny access to the share."""
+
+        server = access['access_to']
+        access_type = access['access_type']
+        if access_type != 'ip':
+            return
+        export_path = share['export_locations'][0]['path'].split(':', 1)
+        va_sharepath = six.text_type(export_path[1])
+        LOG.debug("ACCESSShareDriver deny_access sharepath %s server %s",
+                  va_sharepath, server)
+
+        path = self._nfs_delete_str
+        provider = '%s:%s' % (self.host, self._port)
+        data = {}
+        va_share_info = ("{\"share\":[{\"fileSystemPath\":\""+va_sharepath +
+                         "\",\"shareType\":\"NFS\",\"shareDetails\":" +
+                         "[{\"client\":\""+server+"\"}]}]}")
+
+        data["shareDetails"] = va_share_info
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data), 'DELETE')
+        if not result:
+            message = (('ACCESSShareDriver deny failed'
+                        ' sharepath %s server %s'),
+                       va_sharepath,
+                       server)
+            LOG.error(message)
+            raise exception.ShareBackendException(msg=message)
+
+        LOG.debug("ACCESSShareDriver deny_access sharepath %s server %s",
+                  va_sharepath, server)
+
+        data2 = {"type": "SHARE", "key": "manila"}
+        data2["id"] = va_sharepath
+        path = self._update_object
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data2), 'DELETE')
+
+    def update_access(self, context, share, access_rules, add_rules,
+                      delete_rules, share_server=None):
+        """Update access to the share."""
+
+        if (add_rules or delete_rules):
+            # deleting rules
+            for rule in delete_rules:
+                self._deny_access(context, share, rule, share_server)
+
+            # adding rules
+            for rule in add_rules:
+                self._allow_access(context, share, rule, share_server)
+        else:
+            if not access_rules:
+                LOG.warning("No access rules provided in update_access.")
+            else:
+                sharename = self._get_va_share_name(share['name'])
+                existing_a_rules = self._fetch_existing_rule(sharename)
+
+                d_rule = self._return_access_lists_difference(existing_a_rules,
+                                                              access_rules)
+                for rule in d_rule:
+                    LOG.debug("Removing rule %s in recovery.",
+                              six.text_type(rule))
+                    self._deny_access(context, share, rule, share_server)
+
+                a_rule = self._return_access_lists_difference(access_rules,
+                                                              existing_a_rules)
+                for rule in a_rule:
+                    LOG.debug("Adding rule %s in recovery.",
+                              six.text_type(rule))
+                    self._allow_access(context, share, rule, share_server)
+
+    def create_snapshot(self, context, snapshot, share_server=None):
+        """create snapshot of a share."""
+        LOG.debug('ACCESSShareDriver create_snapshot called '
+                  'for snapshot ID %s.',
+                  snapshot['snapshot_id'])
+
+        sharename = snapshot['share_name']
+        va_sharename = self._get_va_share_name(sharename)
+        snapname = snapshot['name']
+        va_snapname = self._get_va_snap_name(snapname)
+
+        path = self._snap_create_str
+        provider = '%s:%s' % (self.host, self._port)
+        data = {}
+        data["snapShotname"] = va_snapname
+        data["fileSystem"] = va_sharename
+        data["removable"] = 'yes'
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data), 'PUT')
+        if not result:
+            message = (('ACCESSShareDriver create snapshot failed snapname %s'
+                        ' sharename %s'),
+                       snapname,
+                       va_sharename)
+            LOG.error(message)
+            raise exception.ShareBackendException(msg=message)
+
+        data2 = {"type": "SNAPSHOT", "key": "manila"}
+        data2["id"] = va_snapname
+        data2["value"] = 'manila_snapshot'
+        path = self._update_object
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data2), 'POST')
+
+    def delete_snapshot(self, context, snapshot, share_server=None):
+        """Deletes a snapshot."""
+        sharename = snapshot['share_name']
+        va_sharename = self._get_va_share_name(sharename)
+        snapname = snapshot['name']
+        va_snapname = self._get_va_snap_name(snapname)
+
+        ret_val = self._does_item_exist_at_va_backend(va_snapname,
+                                                      self._snap_list_str)
+        if not ret_val:
+            return
+
+        path = self._snap_delete_str
+        provider = '%s:%s' % (self.host, self._port)
+
+        data = {}
+        data["name"] = va_snapname
+        data["fsName"] = va_sharename
+        data_to_send = {"snapShotDetails": {"snapshot": [data]}}
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data_to_send), 'DELETE')
+        if not result:
+            message = (('ACCESSShareDriver delete snapshot failed snapname %s'
+                        ' sharename %s'),
+                       snapname,
+                       va_sharename)
+            LOG.error(message)
+            raise exception.ShareBackendException(msg=message)
+
+        data2 = {"type": "SNAPSHOT", "key": "manila"}
+        data2["id"] = va_snapname
+        path = self._update_object
+        result = self._access_api(self.session, provider, path,
+                                  json.dumps(data2), 'DELETE')
+
+    def create_share_from_snapshot(self, ctx, share, snapshot,
+                                   share_server=None):
+        """create share from a snapshot."""
+        sharename = snapshot['share_name']
+        va_sharename = self._get_va_share_name(sharename)
+        snapname = snapshot['name']
+        va_snapname = self._get_va_snap_name(snapname)
+        va_sharepath = self._get_va_share_path(va_sharename)
+        LOG.debug(('ACCESSShareDriver create_share_from_snapshot snapname %s'
+                   ' sharename %s'),
+                  va_snapname,
+                  va_sharename)
+        vip = self._get_vip()
+        location = vip + ':' + va_sharepath + ':' + va_snapname
+        LOG.debug("ACCESSShareDriver create_share location %s", location)
+        return location
+
+    def _get_api(self, provider, tail):
+        api_root = 'https://%s/api' % (provider)
+        return api_root + tail
+
+    def _access_api(self, session, provider, path, input_data, method):
+        """Returns False if failure occurs."""
+        kwargs = {'data': input_data}
+        if not isinstance(input_data, dict):
+            kwargs['headers'] = {'Content-Type': 'application/json'}
+        full_url = self._get_api(provider, path)
+        response = session.request(method, full_url, **kwargs)
+        if response.status_code != http_client.OK:
+            LOG.debug('Access API operation Failed.')
+            return False
+        if path == self._update_object:
+            return True
+        result = response.json()
+        return result
+
+    def _get_access_ips(self, session, host):
+
+        path = self._ip_addr_show_str
+        provider = '%s:%s' % (host, self._port)
+        data = {}
+        ip_list = self._access_api(session, provider, path,
+                                   json.dumps(data), 'GET')
+        return ip_list
+
+    def _authenticate_access(self, address, username, password):
+        session = requests.session()
+        session.verify = False
+        session.auth = NoAuth()
+
+        response = session.post('https://%s:%s/api/rest/authenticate'
+                                % (address, self._port),
+                                data={'username': username,
+                                      'password': password})
+        if response.status_code != http_client.OK:
+            LOG.debug(('failed to authenticate to remote cluster at %s as %s'),
+                      address, username)
+            raise exception.NotAuthorized('Authentication failure.')
+        result = response.json()
+        session.headers.update({'Authorization': 'Bearer {}'
+                                .format(result['token'])})
+        session.headers.update({'Content-Type': 'application/json'})
+
+        return session
+
+    def _get_access_pool_details(self):
+        """Get access pool details."""
+        path = self._pool_free_str
+        provider = '%s:%s' % (self.host, self._port)
+        data = {}
+        pool_details = self._access_api(self.session, provider, path,
+                                        json.dumps(data), 'GET')
+
+        for pool in pool_details:
+            if pool['device_group_name'] == six.text_type(self._pool):
+                total_capacity = (int(pool['capacity']) / units.Gi)
+                used_size = (int(pool['used_size']) / units.Gi)
+                return (total_capacity, (total_capacity - used_size))
+
+        message = 'Fetching pool details operation failed.'
+        LOG.error(message)
+        raise exception.ShareBackendException(msg=message)
+
+    def _update_share_stats(self):
+        """Retrieve status info from share volume group."""
+
+        LOG.debug("VRTSISA Updating share status.")
+        self.host = six.text_type(self._va_ip)
+        self.session = self._authenticate_access(self._va_ip,
+                                                 self._user, self._pwd)
+        total_capacity, free_capacity = self._get_access_pool_details()
+        data = {
+            'share_backend_name': self.backend_name,
+            'vendor_name': 'Veritas',
+            'driver_version': '1.0',
+            'storage_protocol': 'NFS',
+            'total_capacity_gb': total_capacity,
+            'free_capacity_gb': free_capacity,
+            'reserved_percentage': 0,
+            'QoS_support': False,
+            'snapshot_support': True,
+            'create_share_from_snapshot_support': True
+        }
+        super(ACCESSShareDriver, self)._update_share_stats(data)
diff --git a/manila/tests/share/drivers/veritas/__init__.py b/manila/tests/share/drivers/veritas/__init__.py
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/manila/tests/share/drivers/veritas/test_veritas_isa.py b/manila/tests/share/drivers/veritas/test_veritas_isa.py
new file mode 100644
index 0000000000..dd589b3dbf
--- /dev/null
+++ b/manila/tests/share/drivers/veritas/test_veritas_isa.py
@@ -0,0 +1,610 @@
+# Copyright 2017 Veritas Technologies LLC.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+"""
+Unit tests for Veritas Manila driver.
+"""
+import hashlib
+import json
+
+import mock
+from oslo_config import cfg
+import requests
+import six
+
+from manila import context
+from manila import exception
+from manila.share import configuration as conf
+from manila.share.drivers.veritas import veritas_isa
+from manila import test
+
+
+CONF = cfg.CONF
+FAKE_BACKEND = 'fake_backend'
+
+
+class MockResponse(object):
+    def __init__(self):
+        self.status_code = 200
+
+    def json(self):
+        data = {'fake_key': 'fake_val'}
+        return json.dumps(data)
+
+
+class ACCESSShareDriverTestCase(test.TestCase):
+    """Tests ACCESSShareDriver."""
+
+    share = {
+        'id': 'fakeid',
+        'name': 'fakename',
+        'size': 1,
+        'share_proto': 'NFS',
+        'export_locations': [{'path': '10.20.30.40:/vx/fake_location'}],
+        'snapshot_id': False
+    }
+
+    share2 = {
+        'id': 'fakeid2',
+        'name': 'fakename2',
+        'size': 4,
+        'share_proto': 'NFS',
+    }
+
+    share3 = {
+        'id': 'fakeid3',
+        'name': 'fakename3',
+        'size': 2,
+        'share_proto': 'NFS',
+        'export_location': '/vx/fake_location',
+        'snapshot_id': True
+    }
+
+    snapshot = {
+        'id': 'fakesnapshotid',
+        'share_name': 'fakename',
+        'share_id': 'fakeid',
+        'name': 'fakesnapshotname',
+        'share_size': 1,
+        'share_proto': 'NFS',
+        'snapshot_id': 'fake_snap_id',
+    }
+
+    access = {
+        'id': 'fakeaccid',
+        'access_type': 'ip',
+        'access_to': '10.0.0.2',
+        'access_level': 'rw',
+        'state': 'active',
+    }
+
+    access2 = {
+        'id': 'fakeaccid2',
+        'access_type': 'user',
+        'access_to': '10.0.0.3',
+        'access_level': 'rw',
+        'state': 'active',
+    }
+
+    access3 = {
+        'id': 'fakeaccid3',
+        'access_type': 'ip',
+        'access_to': '10.0.0.4',
+        'access_level': 'rw+',
+        'state': 'active',
+    }
+
+    access4 = {
+        'id': 'fakeaccid',
+        'access_type': 'ip',
+        'access_to': '10.0.0.2',
+        'access_level': 'ro',
+        'state': 'active',
+    }
+
+    def setUp(self):
+        super(ACCESSShareDriverTestCase, self).setUp()
+        self._create_fake_config()
+        lcfg = self.configuration
+        self._context = context.get_admin_context()
+        self._driver = veritas_isa.ACCESSShareDriver(False, configuration=lcfg)
+        self._driver.do_setup(self._context)
+
+    def _create_fake_config(self):
+        def _safe_get(opt):
+            return getattr(self.configuration, opt)
+
+        self.mock_object(veritas_isa.ACCESSShareDriver, '_authenticate_access')
+        self.configuration = mock.Mock(spec=conf.Configuration)
+        self.configuration.safe_get = mock.Mock(side_effect=_safe_get)
+        self.configuration.va_server_ip = '1.1.1.1'
+        self.configuration.va_pool = 'pool1'
+        self.configuration.va_user = 'user'
+        self.configuration.va_pwd = 'passwd'
+        self.configuration.va_port = 14161
+        self.configuration.va_ssl = 'False'
+        self.configuration.va_fstype = 'simple'
+        self.configuration.network_config_group = 'fake_network_config_group'
+        self.configuration.admin_network_config_group = (
+            'fake_admin_network_config_group')
+        self.configuration.driver_handles_share_servers = False
+        self.configuration.share_backend_name = FAKE_BACKEND
+        self.configuration.replication_domain = 'Disable'
+        self.configuration.filter_function = 'Disable'
+        self.configuration.goodness_function = 'Disable'
+
+    def test_create_share(self):
+        self.mock_object(self._driver, '_get_va_share_name')
+        self.mock_object(self._driver, '_get_va_share_path')
+        self.mock_object(self._driver, '_get_vip')
+        self.mock_object(self._driver, '_access_api')
+        length = len(self.share['name'])
+        index = int(length / 2)
+        name1 = self.share['name'][:index]
+        name2 = self.share['name'][index:]
+        crc1 = hashlib.md5(name1.encode('utf-8')).hexdigest()[:8]
+        crc2 = hashlib.md5(name2.encode('utf-8')).hexdigest()[:8]
+
+        share_name_to_ret = crc1 + '-' + crc2
+        share_path_to_ret = '/vx/' + crc1 + '-' + crc2
+
+        self._driver._get_va_share_name.return_value = share_name_to_ret
+        self._driver._get_va_share_path.return_value = share_path_to_ret
+
+        self._driver._get_vip.return_value = '1.1.1.1'
+        self._driver.create_share(self._context, self.share)
+
+        self.assertEqual(1, self._driver._get_vip.call_count)
+        self.assertEqual(1, self._driver._get_va_share_name.call_count)
+        self.assertEqual(1, self._driver._get_va_share_path.call_count)
+
+    def test_create_share_negative(self):
+        self.mock_object(self._driver, '_access_api')
+
+        self._driver._access_api.return_value = False
+
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver.create_share,
+                          self._context,
+                          self.share)
+
+    def test_create_share_from_snapshot(self):
+        self.mock_object(self._driver, '_get_vip')
+
+        sharename = self._driver._get_va_share_name(
+            self.snapshot['share_name'])
+        snapname = self._driver._get_va_snap_name(self.snapshot['name'])
+        sharepath = self._driver._get_va_share_path(sharename)
+        self._driver._get_vip.return_value = '1.1.1.1'
+        vip = self._driver._get_vip()
+        location = (six.text_type(vip) + ':' +
+                    six.text_type(sharepath) + ':' + six.text_type(snapname))
+
+        ret = self._driver.create_share_from_snapshot(self._context,
+                                                      self.share,
+                                                      self.snapshot)
+        self.assertEqual(location, ret)
+
+    def test_delete_share(self):
+        self.mock_object(self._driver, '_access_api')
+        self.mock_object(self._driver, '_does_item_exist_at_va_backend')
+        self._driver._does_item_exist_at_va_backend.return_value = True
+        self._driver.delete_share(self._context, self.share)
+        self.assertEqual(2, self._driver._access_api.call_count)
+
+    def test_delete_share_negative(self):
+        self.mock_object(self._driver, '_access_api')
+        self.mock_object(self._driver, '_does_item_exist_at_va_backend')
+
+        self._driver._does_item_exist_at_va_backend.return_value = True
+        self._driver._access_api.return_value = False
+
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver.delete_share,
+                          self._context, self.share)
+
+    def test_delete_share_if_share_created_from_snap(self):
+        self.mock_object(self._driver, '_access_api')
+        self.mock_object(self._driver, '_does_item_exist_at_va_backend')
+
+        self._driver.delete_share(self._context, self.share3)
+        self.assertEqual(0,
+                         (self._driver.
+                          _does_item_exist_at_va_backend.call_count))
+        self.assertEqual(0, self._driver._access_api.call_count)
+
+    def test_delete_share_if_not_present_at_backend(self):
+        self.mock_object(self._driver, '_does_item_exist_at_va_backend')
+        self.mock_object(self._driver, '_access_api')
+
+        self._driver._does_item_exist_at_va_backend.return_value = False
+        self._driver.delete_share(self._context, self.share)
+        self.assertEqual(1,
+                         (self._driver.
+                          _does_item_exist_at_va_backend.call_count))
+        self.assertEqual(0, self._driver._access_api.call_count)
+
+    def test_create_snapshot(self):
+        self.mock_object(self._driver, '_access_api')
+        self._driver.create_snapshot(self._context, self.snapshot)
+        self.assertEqual(2, self._driver._access_api.call_count)
+
+    def test_create_snapshot_negative(self):
+        self.mock_object(self._driver, '_access_api')
+
+        self._driver._access_api.return_value = False
+
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver.create_snapshot,
+                          self._context,
+                          self.snapshot)
+
+    def test_delete_snapshot(self):
+        self.mock_object(self._driver, '_access_api')
+        self.mock_object(self._driver, '_does_item_exist_at_va_backend')
+
+        self._driver._does_item_exist_at_va_backend.return_value = True
+        self._driver.delete_snapshot(self._context, self.snapshot)
+        self.assertEqual(2, self._driver._access_api.call_count)
+
+    def test_delete_snapshot_negative(self):
+        self.mock_object(self._driver, '_access_api')
+        self.mock_object(self._driver, '_does_item_exist_at_va_backend')
+
+        self._driver._does_item_exist_at_va_backend.return_value = True
+        self._driver._access_api.return_value = False
+
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver.delete_snapshot,
+                          self._context, self.snapshot)
+
+    def test_delete_snapshot_if_not_present_at_backend(self):
+        self.mock_object(self._driver, '_does_item_exist_at_va_backend')
+        self.mock_object(self._driver, '_access_api')
+
+        self._driver._does_item_exist_at_va_backend.return_value = False
+        self._driver.delete_snapshot(self._context, self.snapshot)
+        self.assertEqual(1,
+                         (self._driver.
+                          _does_item_exist_at_va_backend.call_count))
+        self.assertEqual(0, self._driver._access_api.call_count)
+
+    def test_update_access_for_allow(self):
+        self.mock_object(self._driver, '_access_api')
+        self._driver.update_access(self._context, self.share, [],
+                                   [self.access], [])
+        self.assertEqual(2, self._driver._access_api.call_count)
+
+    def test_update_access_for_allow_negative(self):
+        self.mock_object(self._driver, '_access_api')
+        self._driver._access_api.return_value = False
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver.update_access,
+                          self._context,
+                          self.share, [], [self.access], [])
+
+        self.assertRaises(exception.InvalidShareAccess,
+                          self._driver.update_access,
+                          self._context,
+                          self.share, [], [self.access2], [])
+
+        self.assertRaises(exception.InvalidShareAccessLevel,
+                          self._driver.update_access,
+                          self._context,
+                          self.share, [], [self.access3], [])
+
+    def test_update_access_for_deny(self):
+        self.mock_object(self._driver, '_access_api')
+        self._driver.update_access(self._context, self.share,
+                                   [], [], [self.access])
+        self.assertEqual(2, self._driver._access_api.call_count)
+
+    def test_update_access_for_deny_negative(self):
+        self.mock_object(self._driver, '_access_api')
+        self._driver._access_api.return_value = False
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver.update_access,
+                          self._context,
+                          self.share, [], [], [self.access])
+
+    def test_update_access_for_deny_for_invalid_access_type(self):
+        self.mock_object(self._driver, '_access_api')
+        self._driver.update_access(self._context, self.share,
+                                   [], [], [self.access2])
+        self.assertEqual(0, self._driver._access_api.call_count)
+
+    def test_update_access_for_empty_rule_list(self):
+        self.mock_object(self._driver, '_allow_access')
+        self.mock_object(self._driver, '_deny_access')
+        self._driver.update_access(self._context, self.share,
+                                   [], [], [])
+        self.assertEqual(0, self._driver._allow_access.call_count)
+        self.assertEqual(0, self._driver._deny_access.call_count)
+
+    def test_update_access_for_access_rules(self):
+        self.mock_object(self._driver, '_fetch_existing_rule')
+        self.mock_object(self._driver, '_allow_access')
+        self.mock_object(self._driver, '_deny_access')
+
+        existing_a_rules = [{'access_level': 'rw',
+                             'access_type': 'ip',
+                             'access_to': '10.0.0.2'},
+                            {'access_level': 'rw',
+                             'access_type': 'ip',
+                             'access_to': '10.0.0.3'}]
+
+        self._driver._fetch_existing_rule.return_value = existing_a_rules
+        d_rule = self._driver._return_access_lists_difference(existing_a_rules,
+                                                              [self.access4])
+
+        a_rule = self._driver._return_access_lists_difference([self.access4],
+                                                              existing_a_rules)
+        self._driver.update_access(self._context, self.share,
+                                   [self.access4], [], [])
+
+        self.assertEqual(d_rule, existing_a_rules)
+        self.assertEqual(a_rule, [self.access4])
+        self.assertEqual(1, self._driver._allow_access.call_count)
+        self.assertEqual(2, self._driver._deny_access.call_count)
+
+    def test_extend_share(self):
+        self.mock_object(self._driver, '_access_api')
+        new_size = 3
+        self._driver.extend_share(self.share, new_size)
+        self.assertEqual(1, self._driver._access_api.call_count)
+
+    def test_extend_share_negative(self):
+        self.mock_object(self._driver, '_access_api')
+
+        new_size = 3
+        self._driver._access_api.return_value = False
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver.extend_share,
+                          self.share, new_size)
+
+    def test_shrink_share(self):
+        self.mock_object(self._driver, '_access_api')
+        new_size = 3
+        self._driver.shrink_share(self.share2, new_size)
+        self.assertEqual(1, self._driver._access_api.call_count)
+
+    def test_shrink_share_negative(self):
+        self.mock_object(self._driver, '_access_api')
+
+        new_size = 3
+        self._driver._access_api.return_value = False
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver.shrink_share,
+                          self.share2, new_size)
+
+    def test__get_access_pool_details(self):
+        self.mock_object(self._driver, '_access_api')
+
+        pool_details = []
+        pool_details_dict = {}
+        pool_details_dict['device_group_name'] = 'fake_pool'
+        pool_details_dict['capacity'] = 10737418240
+        pool_details_dict['used_size'] = 9663676416
+        pool_details.append(pool_details_dict)
+
+        pool_details_dict2 = {}
+        pool_details_dict2['device_group_name'] = self.configuration.va_pool
+        pool_details_dict2['capacity'] = 10737418240
+        pool_details_dict2['used_size'] = 9663676416
+        pool_details.append(pool_details_dict2)
+
+        self._driver._access_api.return_value = pool_details
+        total_space, free_space = self._driver._get_access_pool_details()
+        self.assertEqual(10, total_space)
+        self.assertEqual(1, free_space)
+
+    def test__get_access_pool_details_negative(self):
+        self.mock_object(self._driver, '_access_api')
+
+        pool_details = []
+        self._driver._access_api.return_value = pool_details
+        self.assertRaises(exception.ShareBackendException,
+                          self._driver._get_access_pool_details)
+
+    def test__update_share_stats(self):
+        self.mock_object(self._driver, '_authenticate_access')
+        self.mock_object(self._driver, '_get_access_pool_details')
+
+        self._driver._get_access_pool_details.return_value = (10, 9)
+        self._driver._update_share_stats()
+        data = {
+            'share_backend_name': FAKE_BACKEND,
+            'vendor_name': 'Veritas',
+            'driver_version': '1.0',
+            'storage_protocol': 'NFS',
+            'total_capacity_gb': 10,
+            'free_capacity_gb': 9,
+            'reserved_percentage': 0,
+            'QoS_support': False,
+            'create_share_from_snapshot_support': True,
+            'driver_handles_share_servers': False,
+            'filter_function': 'Disable',
+            'goodness_function': 'Disable',
+            'ipv4_support': True,
+            'ipv6_support': False,
+            'mount_snapshot_support': False,
+            'pools': None,
+            'qos': False,
+            'replication_domain': 'Disable',
+            'revert_to_snapshot_support': False,
+            'share_group_stats': {'consistent_snapshot_support': None},
+            'snapshot_support': True
+        }
+
+        self.assertEqual(data, self._driver._stats)
+
+    def test__get_vip(self):
+        self.mock_object(self._driver, '_get_access_ips')
+
+        pool_list = []
+        ip1 = {'isconsoleip': 1, 'type': 'Virtual',
+               'status': 'ONLINE', 'ip': '1.1.1.2'}
+        ip2 = {'isconsoleip': 0, 'type': 'Virtual',
+               'status': 'ONLINE', 'ip': '1.1.1.4'}
+        ip3 = {'isconsoleip': 0, 'type': 'Virtual',
+               'status': 'OFFLINE', 'ip': '1.1.1.5'}
+        ip4 = {'isconsoleip': 0, 'type': 'Physical',
+               'status': 'OFFLINE', 'ip': '1.1.1.6'}
+
+        pool_list = [ip1, ip2, ip3, ip4]
+
+        self._driver._get_access_ips.return_value = pool_list
+        vip = self._driver._get_vip()
+        self.assertEqual('1.1.1.4', vip)
+
+    def test__get_access_ips(self):
+        self.mock_object(self._driver, '_access_api')
+        ip_list = ['1.1.1.2', '1.1.2.3', '1.1.1.4']
+        self._driver._access_api.return_value = ip_list
+        ret_value = self._driver._get_access_ips(self._driver.session,
+                                                 self._driver.host)
+        self.assertEqual(ret_value, ip_list)
+
+    def test__access_api(self):
+        self.mock_object(requests, 'session')
+
+        provider = '%s:%s' % (self._driver.host, self._driver._port)
+        path = '/fake/path'
+        input_data = {}
+        mock_response = MockResponse()
+        session = requests.session
+
+        data = {'fake_key': 'fake_val'}
+        json_data = json.dumps(data)
+
+        session.request.return_value = mock_response
+        ret_value = self._driver._access_api(session, provider, path,
+                                             json.dumps(input_data), 'GET')
+
+        self.assertEqual(json_data, ret_value)
+
+    def test__access_api_ret_for_update_object(self):
+        self.mock_object(requests, 'session')
+
+        provider = '%s:%s' % (self._driver.host, self._driver._port)
+        path = self._driver._update_object
+        input_data = None
+        mock_response = MockResponse()
+        session = requests.session
+
+        session.request.return_value = mock_response
+        ret = self._driver._access_api(session, provider, path,
+                                       input_data, 'GET')
+
+        self.assertTrue(ret)
+
+    def test__access_api_negative(self):
+        session = self._driver.session
+        provider = '%s:%s' % (self._driver.host, self._driver._port)
+        path = '/fake/path'
+        input_data = {}
+        ret_value = self._driver._access_api(session, provider, path,
+                                             json.dumps(input_data), 'GET')
+        self.assertEqual(False, ret_value)
+
+    def test__get_api(self):
+        provider = '%s:%s' % (self._driver.host, self._driver._port)
+        tail = '/fake/path'
+        ret = self._driver._get_api(provider, tail)
+
+        api_root = 'https://%s/api' % (provider)
+        to_be_ret = api_root + tail
+        self.assertEqual(to_be_ret, ret)
+
+    def test__does_item_exist_at_va_backend(self):
+        self.mock_object(self._driver, '_access_api')
+        item_name = 'fake_item'
+        path = '/fake/path'
+        fake_item_list = [{'name': item_name}]
+        self._driver._access_api.return_value = fake_item_list
+        ret_value = self._driver._does_item_exist_at_va_backend(item_name,
+                                                                path)
+        self.assertTrue(ret_value)
+
+    def test__does_item_exist_at_va_backend_negative(self):
+        self.mock_object(self._driver, '_access_api')
+        item_name = 'fake_item'
+        path = '/fake/path'
+        fake_item_list = [{'name': 'item2'}]
+        self._driver._access_api.return_value = fake_item_list
+        ret_value = self._driver._does_item_exist_at_va_backend(item_name,
+                                                                path)
+        self.assertEqual(False, ret_value)
+
+    def test__fetch_existing_rule(self):
+        self.mock_object(self._driver, '_access_api')
+        fake_share = 'fake-share'
+        fake_access_list = []
+        list1 = []
+        list1.append({
+            'status': 'online',
+            'name': '/vx/fake-share',
+            'host_name': '10.0.0.1',
+            'privilege': 'rw'
+        })
+        list1.append({
+            'status': 'online',
+            'name': '/vx/fake-share',
+            'host_name': '10.0.0.2',
+            'privilege': 'rw'
+        })
+        list1.append({
+            'status': 'online',
+            'name': '/vx/fake-share',
+            'host_name': '10.0.0.3',
+            'privilege': 'ro'
+        })
+        list1.append({
+            'status': 'online',
+            'name': '/vx/fake-share2',
+            'host_name': '10.0.0.4',
+            'privilege': 'rw'
+        })
+
+        fake_access_list.append({
+            'shareType': 'NFS',
+            'shares': list1
+        })
+
+        fake_access_list.append({
+            'shareType': 'CIFS',
+            'shares': []
+        })
+
+        ret_access_list = []
+        ret_access_list.append({
+            'access_to': '10.0.0.1',
+            'access_level': 'rw',
+            'access_type': 'ip'
+        })
+
+        ret_access_list.append({
+            'access_to': '10.0.0.2',
+            'access_level': 'rw',
+            'access_type': 'ip'
+        })
+
+        ret_access_list.append({
+            'access_to': '10.0.0.3',
+            'access_level': 'ro',
+            'access_type': 'ip'
+        })
+
+        self._driver._access_api.return_value = fake_access_list
+        ret_value = self._driver._fetch_existing_rule(fake_share)
+        self.assertEqual(ret_access_list, ret_value)
diff --git a/releasenotes/notes/veritas-access-manila-driver-d75558c01ce6d428.yaml b/releasenotes/notes/veritas-access-manila-driver-d75558c01ce6d428.yaml
new file mode 100644
index 0000000000..97a828b3ee
--- /dev/null
+++ b/releasenotes/notes/veritas-access-manila-driver-d75558c01ce6d428.yaml
@@ -0,0 +1,3 @@
+---
+features:
+  - Added Manila driver for Veritas Access.