Add cipher list support for octavia
Added a property "tls_ciphers" to pools.py and listeners.py for a storing a string of tls cipers in OpenSSL cipher string format. Story: 2006627 Task: 37190 Change-Id: Iaf1178cf2131f12f501318fa8dd2548b218132fc
This commit is contained in:
parent
a53edeeaac
commit
04b55dab96
@ -32,6 +32,7 @@ class Listener(resource.Resource, resource.TagMixin):
|
|||||||
'sni_container_refs', 'insert_headers', 'load_balancer_id',
|
'sni_container_refs', 'insert_headers', 'load_balancer_id',
|
||||||
'timeout_client_data', 'timeout_member_connect',
|
'timeout_client_data', 'timeout_member_connect',
|
||||||
'timeout_member_data', 'timeout_tcp_inspect', 'allowed_cidrs',
|
'timeout_member_data', 'timeout_tcp_inspect', 'allowed_cidrs',
|
||||||
|
'tls_ciphers',
|
||||||
is_admin_state_up='admin_state_up',
|
is_admin_state_up='admin_state_up',
|
||||||
**resource.TagMixin._tag_query_parameters
|
**resource.TagMixin._tag_query_parameters
|
||||||
)
|
)
|
||||||
@ -91,6 +92,8 @@ class Listener(resource.Resource, resource.TagMixin):
|
|||||||
#: Time, in milliseconds, to wait for additional TCP packets for content
|
#: Time, in milliseconds, to wait for additional TCP packets for content
|
||||||
#: inspection.
|
#: inspection.
|
||||||
timeout_tcp_inspect = resource.Body('timeout_tcp_inspect', type=int)
|
timeout_tcp_inspect = resource.Body('timeout_tcp_inspect', type=int)
|
||||||
|
#: Stores a cipher string in OpenSSL format.
|
||||||
|
tls_ciphers = resource.Body('tls_ciphers')
|
||||||
|
|
||||||
|
|
||||||
class ListenerStats(resource.Resource):
|
class ListenerStats(resource.Resource):
|
||||||
|
@ -29,6 +29,7 @@ class Pool(resource.Resource, resource.TagMixin):
|
|||||||
'health_monitor_id', 'lb_algorithm', 'listener_id', 'loadbalancer_id',
|
'health_monitor_id', 'lb_algorithm', 'listener_id', 'loadbalancer_id',
|
||||||
'description', 'name', 'project_id', 'protocol',
|
'description', 'name', 'project_id', 'protocol',
|
||||||
'created_at', 'updated_at', 'provisioning_status', 'operating_status',
|
'created_at', 'updated_at', 'provisioning_status', 'operating_status',
|
||||||
|
'tls_ciphers',
|
||||||
is_admin_state_up='admin_state_up',
|
is_admin_state_up='admin_state_up',
|
||||||
**resource.TagMixin._tag_query_parameters
|
**resource.TagMixin._tag_query_parameters
|
||||||
)
|
)
|
||||||
@ -64,6 +65,8 @@ class Pool(resource.Resource, resource.TagMixin):
|
|||||||
protocol = resource.Body('protocol')
|
protocol = resource.Body('protocol')
|
||||||
#: Provisioning status of the pool
|
#: Provisioning status of the pool
|
||||||
provisioning_status = resource.Body('provisioning_status')
|
provisioning_status = resource.Body('provisioning_status')
|
||||||
|
#: Stores a string of cipher strings in OpenSSL format.
|
||||||
|
tls_ciphers = resource.Body('tls_ciphers')
|
||||||
#: A JSON object specifying the session persistence for the pool.
|
#: A JSON object specifying the session persistence for the pool.
|
||||||
session_persistence = resource.Body('session_persistence', type=dict)
|
session_persistence = resource.Body('session_persistence', type=dict)
|
||||||
#: Timestamp when the pool was updated
|
#: Timestamp when the pool was updated
|
||||||
|
@ -41,6 +41,7 @@ EXAMPLE = {
|
|||||||
'timeout_member_connect': 5000,
|
'timeout_member_connect': 5000,
|
||||||
'timeout_member_data': 50000,
|
'timeout_member_data': 50000,
|
||||||
'timeout_tcp_inspect': 0,
|
'timeout_tcp_inspect': 0,
|
||||||
|
'tls_ciphers': 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256'
|
||||||
}
|
}
|
||||||
|
|
||||||
EXAMPLE_STATS = {
|
EXAMPLE_STATS = {
|
||||||
@ -103,6 +104,8 @@ class TestListener(base.TestCase):
|
|||||||
test_listener.timeout_member_data)
|
test_listener.timeout_member_data)
|
||||||
self.assertEqual(EXAMPLE['timeout_tcp_inspect'],
|
self.assertEqual(EXAMPLE['timeout_tcp_inspect'],
|
||||||
test_listener.timeout_tcp_inspect)
|
test_listener.timeout_tcp_inspect)
|
||||||
|
self.assertEqual(EXAMPLE['tls_ciphers'],
|
||||||
|
test_listener.tls_ciphers)
|
||||||
|
|
||||||
self.assertDictEqual(
|
self.assertDictEqual(
|
||||||
{'limit': 'limit',
|
{'limit': 'limit',
|
||||||
@ -133,6 +136,7 @@ class TestListener(base.TestCase):
|
|||||||
'timeout_member_connect': 'timeout_member_connect',
|
'timeout_member_connect': 'timeout_member_connect',
|
||||||
'timeout_member_data': 'timeout_member_data',
|
'timeout_member_data': 'timeout_member_data',
|
||||||
'timeout_tcp_inspect': 'timeout_tcp_inspect',
|
'timeout_tcp_inspect': 'timeout_tcp_inspect',
|
||||||
|
'tls_ciphers': 'tls_ciphers',
|
||||||
},
|
},
|
||||||
test_listener._query_mapping._mapping)
|
test_listener._query_mapping._mapping)
|
||||||
|
|
||||||
|
@ -34,7 +34,8 @@ EXAMPLE = {
|
|||||||
'updated_at': '2017-07-17T12:16:57.233772',
|
'updated_at': '2017-07-17T12:16:57.233772',
|
||||||
'health_monitor': 'healthmonitor',
|
'health_monitor': 'healthmonitor',
|
||||||
'health_monitor_id': uuid.uuid4(),
|
'health_monitor_id': uuid.uuid4(),
|
||||||
'members': [{'id': uuid.uuid4()}]
|
'members': [{'id': uuid.uuid4()}],
|
||||||
|
'tls_ciphers': 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256'
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@ -81,6 +82,8 @@ class TestPool(base.TestCase):
|
|||||||
self.assertEqual(EXAMPLE['health_monitor_id'],
|
self.assertEqual(EXAMPLE['health_monitor_id'],
|
||||||
test_pool.health_monitor_id)
|
test_pool.health_monitor_id)
|
||||||
self.assertEqual(EXAMPLE['members'], test_pool.members)
|
self.assertEqual(EXAMPLE['members'], test_pool.members)
|
||||||
|
self.assertEqual(EXAMPLE['tls_ciphers'],
|
||||||
|
test_pool.tls_ciphers)
|
||||||
|
|
||||||
self.assertDictEqual(
|
self.assertDictEqual(
|
||||||
{'limit': 'limit',
|
{'limit': 'limit',
|
||||||
@ -103,5 +106,6 @@ class TestPool(base.TestCase):
|
|||||||
'listener_id': 'listener_id',
|
'listener_id': 'listener_id',
|
||||||
'loadbalancer_id': 'loadbalancer_id',
|
'loadbalancer_id': 'loadbalancer_id',
|
||||||
'protocol': 'protocol',
|
'protocol': 'protocol',
|
||||||
|
'tls_ciphers': 'tls_ciphers',
|
||||||
},
|
},
|
||||||
test_pool._query_mapping._mapping)
|
test_pool._query_mapping._mapping)
|
||||||
|
@ -0,0 +1,6 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Added the ``tls_ciphers`` properties to listener.py
|
||||||
|
and pool.py for storing stings of tls ciphers in
|
||||||
|
OpenSSL cipher string format.
|
Loading…
Reference in New Issue
Block a user