Merge "Add HTTP/2 tempest scenario tests for listeners"
This commit is contained in:
commit
67249477d8
|
@ -19,6 +19,7 @@ import ssl
|
||||||
import tempfile
|
import tempfile
|
||||||
|
|
||||||
from cryptography.hazmat.primitives import serialization
|
from cryptography.hazmat.primitives import serialization
|
||||||
|
import httpx
|
||||||
from OpenSSL.crypto import X509
|
from OpenSSL.crypto import X509
|
||||||
from OpenSSL import SSL
|
from OpenSSL import SSL
|
||||||
|
|
||||||
|
@ -1164,3 +1165,49 @@ class TLSWithBarbicanTest(test_base.LoadBalancerBaseTestWithCompute):
|
||||||
selected_proto = ssl_sock.selected_alpn_protocol()
|
selected_proto = ssl_sock.selected_alpn_protocol()
|
||||||
|
|
||||||
self.assertEqual(expected_proto, selected_proto)
|
self.assertEqual(expected_proto, selected_proto)
|
||||||
|
|
||||||
|
def _test_http_versions_tls_traffic(self, http_version, alpn_protos):
|
||||||
|
if not self.mem_listener_client.is_version_supported(
|
||||||
|
self.api_version, '2.20'):
|
||||||
|
raise self.skipException('ALPN protocols are only available on '
|
||||||
|
'Octavia API version 2.20 or newer.')
|
||||||
|
listener_name = data_utils.rand_name("lb_member_listener1-tls-alpn")
|
||||||
|
listener_kwargs = {
|
||||||
|
const.NAME: listener_name,
|
||||||
|
const.PROTOCOL: const.TERMINATED_HTTPS,
|
||||||
|
const.PROTOCOL_PORT: '443',
|
||||||
|
const.LOADBALANCER_ID: self.lb_id,
|
||||||
|
const.DEFAULT_POOL_ID: self.pool_id,
|
||||||
|
const.DEFAULT_TLS_CONTAINER_REF: self.server_secret_ref,
|
||||||
|
const.ALPN_PROTOCOLS: alpn_protos,
|
||||||
|
}
|
||||||
|
listener = self.mem_listener_client.create_listener(**listener_kwargs)
|
||||||
|
self.listener_id = listener[const.ID]
|
||||||
|
self.addCleanup(
|
||||||
|
self.mem_listener_client.cleanup_listener,
|
||||||
|
self.listener_id,
|
||||||
|
lb_client=self.mem_lb_client, lb_id=self.lb_id)
|
||||||
|
|
||||||
|
waiters.wait_for_status(self.mem_lb_client.show_loadbalancer,
|
||||||
|
self.lb_id, const.PROVISIONING_STATUS,
|
||||||
|
const.ACTIVE,
|
||||||
|
CONF.load_balancer.build_interval,
|
||||||
|
CONF.load_balancer.build_timeout)
|
||||||
|
|
||||||
|
context = ssl.create_default_context(cadata=self.ca_cert.public_bytes(
|
||||||
|
serialization.Encoding.PEM).decode('utf-8'))
|
||||||
|
context.check_hostname = False
|
||||||
|
|
||||||
|
url = 'https://%s:%s' % (self.lb_vip_address, 443)
|
||||||
|
client = httpx.Client(http2=(http_version == 'HTTP/2'), verify=context)
|
||||||
|
r = client.get(url)
|
||||||
|
self.assertEqual(http_version, r.http_version)
|
||||||
|
|
||||||
|
@decorators.idempotent_id('9965828d-24af-4fa0-91ae-21c6bc47ab4c')
|
||||||
|
def test_http_2_tls_traffic(self):
|
||||||
|
self._test_http_versions_tls_traffic('HTTP/2', ['h2', 'http/1.1'])
|
||||||
|
|
||||||
|
@decorators.idempotent_id('a0dff0f2-d53e-497c-9ded-dca64e82991f')
|
||||||
|
def test_http_1_1_tls_traffic(self):
|
||||||
|
self._test_http_versions_tls_traffic(
|
||||||
|
'HTTP/1.1', ['http/1.1', 'http/1.0'])
|
||||||
|
|
|
@ -17,3 +17,4 @@ tempest>=17.1.0 # Apache-2.0
|
||||||
tenacity>=4.4.0 # Apache-2.0
|
tenacity>=4.4.0 # Apache-2.0
|
||||||
testtools>=2.2.0 # MIT
|
testtools>=2.2.0 # MIT
|
||||||
keystoneauth1>=3.3.0 # Apache-2.0
|
keystoneauth1>=3.3.0 # Apache-2.0
|
||||||
|
httpx[http2]>=0.14.2 # BSD
|
||||||
|
|
Loading…
Reference in New Issue