Add 'tls_container_ref' option into Pool for backend re-encrption
This patch add 'tls_container_ref' option into Pool, support create/update operation. This is a part of backend re-encryption function. The other patches are following. Change-Id: I3e3b8cbfe2546d71ef6bc6ccd9129a7787598989 Story: 2003859 Depends-On: https://review.openstack.org/#/c/614432
This commit is contained in:
parent
4e6fc7c3e8
commit
594a0939a0
|
@ -100,7 +100,8 @@ POOL_ROWS = (
|
||||||
'protocol',
|
'protocol',
|
||||||
'provisioning_status',
|
'provisioning_status',
|
||||||
'session_persistence',
|
'session_persistence',
|
||||||
'updated_at')
|
'updated_at',
|
||||||
|
'tls_container_ref')
|
||||||
|
|
||||||
POOL_COLUMNS = (
|
POOL_COLUMNS = (
|
||||||
'id',
|
'id',
|
||||||
|
|
|
@ -87,6 +87,13 @@ class CreatePool(command.ShowOne):
|
||||||
default=None,
|
default=None,
|
||||||
help="Disable pool."
|
help="Disable pool."
|
||||||
)
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
'--tls-container-ref',
|
||||||
|
metavar='<container-ref>',
|
||||||
|
help="The reference to the key manager service secrets container "
|
||||||
|
"containing the certificate and key for ``tls_enabled``"
|
||||||
|
"pools to re-encrpt the traffic to backend member servers."
|
||||||
|
)
|
||||||
|
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
|
@ -232,6 +239,14 @@ class SetPool(command.Command):
|
||||||
default=None,
|
default=None,
|
||||||
help="Disable pool."
|
help="Disable pool."
|
||||||
)
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
'--tls-container-ref',
|
||||||
|
metavar='<container-ref>',
|
||||||
|
help="The URI to the key manager service secrets container "
|
||||||
|
"containing the certificate and key for TERMINATED_TLS "
|
||||||
|
"pools to re-encrpt the traffic from TERMINATED_TLS "
|
||||||
|
"listener to backend servers."
|
||||||
|
)
|
||||||
|
|
||||||
return parser
|
return parser
|
||||||
|
|
||||||
|
|
|
@ -252,7 +252,9 @@ def get_pool_attrs(client_manager, parsed_args):
|
||||||
),
|
),
|
||||||
'session_persistence': ('session_persistence', _format_kv),
|
'session_persistence': ('session_persistence', _format_kv),
|
||||||
'enable': ('admin_state_up', lambda x: True),
|
'enable': ('admin_state_up', lambda x: True),
|
||||||
'disable': ('admin_state_up', lambda x: False)
|
'disable': ('admin_state_up', lambda x: False),
|
||||||
|
'tls_container_ref': ('tls_container_ref',
|
||||||
|
_format_str_if_need_treat_unset),
|
||||||
}
|
}
|
||||||
|
|
||||||
_attrs = vars(parsed_args)
|
_attrs = vars(parsed_args)
|
||||||
|
|
|
@ -147,6 +147,7 @@ POOL_ATTRS = {
|
||||||
"project_id": uuidutils.generate_uuid(dashed=True),
|
"project_id": uuidutils.generate_uuid(dashed=True),
|
||||||
"protocol": "HTTP",
|
"protocol": "HTTP",
|
||||||
"provisioning_status": "ACTIVE",
|
"provisioning_status": "ACTIVE",
|
||||||
|
"tls_container_ref": uuidutils.generate_uuid()
|
||||||
}
|
}
|
||||||
|
|
||||||
QUOTA_ATTRS = {
|
QUOTA_ATTRS = {
|
||||||
|
|
|
@ -104,13 +104,15 @@ class TestPoolCreate(TestPool):
|
||||||
arglist = ['--loadbalancer', 'mock_lb_id',
|
arglist = ['--loadbalancer', 'mock_lb_id',
|
||||||
'--name', self._po.name,
|
'--name', self._po.name,
|
||||||
'--protocol', 'HTTP',
|
'--protocol', 'HTTP',
|
||||||
'--lb-algorithm', 'ROUND_ROBIN']
|
'--lb-algorithm', 'ROUND_ROBIN',
|
||||||
|
'--tls-container-ref', self._po.tls_container_ref]
|
||||||
|
|
||||||
verifylist = [
|
verifylist = [
|
||||||
('loadbalancer', 'mock_lb_id'),
|
('loadbalancer', 'mock_lb_id'),
|
||||||
('name', self._po.name),
|
('name', self._po.name),
|
||||||
('protocol', 'HTTP'),
|
('protocol', 'HTTP'),
|
||||||
('lb_algorithm', 'ROUND_ROBIN')
|
('lb_algorithm', 'ROUND_ROBIN'),
|
||||||
|
('tls_container_ref', self._po.tls_container_ref)
|
||||||
]
|
]
|
||||||
|
|
||||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
|
@ -147,7 +149,9 @@ class TestPoolSet(TestPool):
|
||||||
self.cmd = pool.SetPool(self.app, None)
|
self.cmd = pool.SetPool(self.app, None)
|
||||||
|
|
||||||
def test_pool_set(self):
|
def test_pool_set(self):
|
||||||
arglist = [self._po.id, '--name', 'new_name']
|
new_tls_id = 'test-tls-container-id'
|
||||||
|
arglist = [self._po.id, '--name', 'new_name', '--tls-container-ref',
|
||||||
|
new_tls_id]
|
||||||
verifylist = [
|
verifylist = [
|
||||||
('pool', self._po.id),
|
('pool', self._po.id),
|
||||||
('name', 'new_name')
|
('name', 'new_name')
|
||||||
|
@ -156,4 +160,5 @@ class TestPoolSet(TestPool):
|
||||||
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
parsed_args = self.check_parser(self.cmd, arglist, verifylist)
|
||||||
self.cmd.take_action(parsed_args)
|
self.cmd.take_action(parsed_args)
|
||||||
self.api_mock.pool_set.assert_called_with(
|
self.api_mock.pool_set.assert_called_with(
|
||||||
self._po.id, json={'pool': {'name': 'new_name'}})
|
self._po.id, json={'pool': {'name': 'new_name',
|
||||||
|
'tls_container_ref': new_tls_id}})
|
||||||
|
|
Loading…
Reference in New Issue