openstack/swift
Code Issues Proposed changes
1b8b08039a
swift/test/unit/proxy/controllers/test_container.py

210 lines
9.1 KiB
Python
Raw Normal View History

Change OpenStack LLC to Foundation Change-Id: I7c3df47c31759dbeb3105f8883e2688ada848d58 Closes-bug: #1214176
2013-09-20 01:00:54 +08:00
# Copyright (c) 2010-2012 OpenStack Foundation
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
test/unit: Replace python print operator with print function (pep H233, py33) 'print' function is compatible with 2.x and 3.x python versions Link : https://www.python.org/dev/peps/pep-3105/ Python 2.6 has a __future__ import that removes print as language syntax, letting you use the functional form instead Change-Id: I94e1bc6bd83ad6b05695c7ebdf7cbfd8f6d9f9af
2015-07-28 21:03:05 +05:30
from __future__ import print_function
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
import mock
import unittest
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
from eventlet import Timeout
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
from swift.common.swob import Request
from swift.proxy import server as proxy_server
from swift.proxy.controllers.base import headers_to_container_info
from test.unit import fake_http_connect, FakeRing, FakeMemcache
Add Storage Policy support to Containers Containers now have a storage policy index associated with them, stored in the container_stat table. This index is only settable at container creation time (PUT request), and cannot be changed without deleting and recreating the container. This is because a container's policy index will apply to all its objects, so changing a container's policy index would require moving large amounts of object data around. If a user wants to change the policy for data in a container, they must create a new container with the desired policy and move the data over. Keep status_changed_at up-to-date with status changes. In particular during container recreation and replication. When a container-server receives a PUT for a deleted database an extra UPDATE is issued against the container_stat table to notate the x-timestamp of the request. During replication if merge_timestamps causes a container's status to change (from DELETED to ACTIVE or vice-versa) the status_changed_at field is set to the current time. Accurate reporting of status_changed_at is useful for container replication forensics and allows resolution of "set on create" attributes like the upcoming storage_policy_index. Expose Backend container info on deleted containers. Include basic container info in backend headers on 404 responses from the container server. Default empty values are used as placeholders if the database does not exist. Specifically the X-Backend-Status-Changed-At, X-Backend-DELETE-Timestamp and the X-Backend-Storage-Policy-Index value will be needed by the reconciler to deal with reconciling out of order object writes in the face of recently deleted containers. * Add "status_changed_at" key to the response from ContainerBroker.get_info. * Add "Status Timestamp" field to swift.cli.info.print_db_info_metadata. * Add "status_changed_at" key to the response from AccountBroker.get_info. DocImpact Implements: blueprint storage-policies Change-Id: Ie6d388f067f5b096b0f96faef151120ba23c8748
2014-05-27 16:57:25 -07:00
from swift.common.storage_policy import StoragePolicy
Generic means for persisting system metadata. Middleware or core features may need to store metadata against accounts or containers. This patch adds a generic mechanism for system metadata to be persisted in backend databases, without polluting the user metadata namespace, by using the reserved header namespace x-<server_type>-sysmeta-*. Modifications are firstly that backend servers persist system metadata headers alongside user metadata and other system state. For accounts and containers, system metadata in PUT and POST requests is treated in a similar way to user metadata. System metadata is not yet supported for object requests. Secondly, changes in the proxy controllers ensure that headers in the system metadata namespace will pass through in requests to backend servers. Thirdly, system metadata returned from backend servers in GET or HEAD responses is added to the cached info dict, which middleware can access. Finally, a gatekeeper middleware module is provided which filters all system metadata headers from requests and responses by removing headers with names starting x-account-sysmeta-, x-container-sysmeta-. The gatekeeper also removes headers starting x-object-sysmeta- in anticipation of future support for system metadata being set for objects. This prevents clients from writing or reading system metadata. The required_filters list in swift/proxy/server.py is modified to include the gatekeeper middleware so that if the gatekeeper has not been configured in the pipeline then it will be automatically inserted close to the start of the pipeline. blueprint cluster-federation Change-Id: I80b8b14243cc59505f8c584920f8f527646b5f45
2013-12-03 22:02:39 +00:00
from swift.common.request_helpers import get_sys_meta_prefix
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
from test.unit import patch_policies, mocked_http_conn, debug_logger
Add Storage Policy support to Containers Containers now have a storage policy index associated with them, stored in the container_stat table. This index is only settable at container creation time (PUT request), and cannot be changed without deleting and recreating the container. This is because a container's policy index will apply to all its objects, so changing a container's policy index would require moving large amounts of object data around. If a user wants to change the policy for data in a container, they must create a new container with the desired policy and move the data over. Keep status_changed_at up-to-date with status changes. In particular during container recreation and replication. When a container-server receives a PUT for a deleted database an extra UPDATE is issued against the container_stat table to notate the x-timestamp of the request. During replication if merge_timestamps causes a container's status to change (from DELETED to ACTIVE or vice-versa) the status_changed_at field is set to the current time. Accurate reporting of status_changed_at is useful for container replication forensics and allows resolution of "set on create" attributes like the upcoming storage_policy_index. Expose Backend container info on deleted containers. Include basic container info in backend headers on 404 responses from the container server. Default empty values are used as placeholders if the database does not exist. Specifically the X-Backend-Status-Changed-At, X-Backend-DELETE-Timestamp and the X-Backend-Storage-Policy-Index value will be needed by the reconciler to deal with reconciling out of order object writes in the face of recently deleted containers. * Add "status_changed_at" key to the response from ContainerBroker.get_info. * Add "Status Timestamp" field to swift.cli.info.print_db_info_metadata. * Add "status_changed_at" key to the response from AccountBroker.get_info. DocImpact Implements: blueprint storage-policies Change-Id: Ie6d388f067f5b096b0f96faef151120ba23c8748
2014-05-27 16:57:25 -07:00
from test.unit.common.ring.test_ring import TestRingBase
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
from test.unit.proxy.test_server import node_error_count
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
Add Storage Policy support to Containers Containers now have a storage policy index associated with them, stored in the container_stat table. This index is only settable at container creation time (PUT request), and cannot be changed without deleting and recreating the container. This is because a container's policy index will apply to all its objects, so changing a container's policy index would require moving large amounts of object data around. If a user wants to change the policy for data in a container, they must create a new container with the desired policy and move the data over. Keep status_changed_at up-to-date with status changes. In particular during container recreation and replication. When a container-server receives a PUT for a deleted database an extra UPDATE is issued against the container_stat table to notate the x-timestamp of the request. During replication if merge_timestamps causes a container's status to change (from DELETED to ACTIVE or vice-versa) the status_changed_at field is set to the current time. Accurate reporting of status_changed_at is useful for container replication forensics and allows resolution of "set on create" attributes like the upcoming storage_policy_index. Expose Backend container info on deleted containers. Include basic container info in backend headers on 404 responses from the container server. Default empty values are used as placeholders if the database does not exist. Specifically the X-Backend-Status-Changed-At, X-Backend-DELETE-Timestamp and the X-Backend-Storage-Policy-Index value will be needed by the reconciler to deal with reconciling out of order object writes in the face of recently deleted containers. * Add "status_changed_at" key to the response from ContainerBroker.get_info. * Add "Status Timestamp" field to swift.cli.info.print_db_info_metadata. * Add "status_changed_at" key to the response from AccountBroker.get_info. DocImpact Implements: blueprint storage-policies Change-Id: Ie6d388f067f5b096b0f96faef151120ba23c8748
2014-05-27 16:57:25 -07:00
@patch_policies([StoragePolicy(0, 'zero', True, object_ring=FakeRing())])
class TestContainerController(TestRingBase):
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
def setUp(self):
Add Storage Policy support to Containers Containers now have a storage policy index associated with them, stored in the container_stat table. This index is only settable at container creation time (PUT request), and cannot be changed without deleting and recreating the container. This is because a container's policy index will apply to all its objects, so changing a container's policy index would require moving large amounts of object data around. If a user wants to change the policy for data in a container, they must create a new container with the desired policy and move the data over. Keep status_changed_at up-to-date with status changes. In particular during container recreation and replication. When a container-server receives a PUT for a deleted database an extra UPDATE is issued against the container_stat table to notate the x-timestamp of the request. During replication if merge_timestamps causes a container's status to change (from DELETED to ACTIVE or vice-versa) the status_changed_at field is set to the current time. Accurate reporting of status_changed_at is useful for container replication forensics and allows resolution of "set on create" attributes like the upcoming storage_policy_index. Expose Backend container info on deleted containers. Include basic container info in backend headers on 404 responses from the container server. Default empty values are used as placeholders if the database does not exist. Specifically the X-Backend-Status-Changed-At, X-Backend-DELETE-Timestamp and the X-Backend-Storage-Policy-Index value will be needed by the reconciler to deal with reconciling out of order object writes in the face of recently deleted containers. * Add "status_changed_at" key to the response from ContainerBroker.get_info. * Add "Status Timestamp" field to swift.cli.info.print_db_info_metadata. * Add "status_changed_at" key to the response from AccountBroker.get_info. DocImpact Implements: blueprint storage-policies Change-Id: Ie6d388f067f5b096b0f96faef151120ba23c8748
2014-05-27 16:57:25 -07:00
TestRingBase.setUp(self)
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
self.logger = debug_logger()
self.container_ring = FakeRing(max_more_nodes=9)
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
self.app = proxy_server.Application(None, FakeMemcache(),
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
logger=self.logger,
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
account_ring=FakeRing(),
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
container_ring=self.container_ring)
self.account_info = {
'status': 200,
'container_count': '10',
'total_object_count': '100',
'bytes': '1000',
'meta': {},
'sysmeta': {},
}
class FakeAccountInfoContainerController(
proxy_server.ContainerController):
def account_info(controller, *args, **kwargs):
patch_path = 'swift.proxy.controllers.base.get_info'
with mock.patch(patch_path) as mock_get_info:
mock_get_info.return_value = dict(self.account_info)
return super(FakeAccountInfoContainerController,
controller).account_info(
*args, **kwargs)
_orig_get_controller = self.app.get_controller
def wrapped_get_controller(*args, **kwargs):
with mock.patch('swift.proxy.server.ContainerController',
new=FakeAccountInfoContainerController):
return _orig_get_controller(*args, **kwargs)
self.app.get_controller = wrapped_get_controller
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
def test_container_info_in_response_env(self):
controller = proxy_server.ContainerController(self.app, 'a', 'c')
with mock.patch('swift.proxy.controllers.base.http_connect',
fake_http_connect(200, 200, body='')):
Stop mutating PATH_INFO in proxy server The proxy server was calling swob.Request.path_info_pop() prior to instantiating a controller so that req.path_info was just /a/c/o (sans /v1). The version got moved over into SCRIPT_NAME. This lead to some unfortunate behavior when trying to re-use a request from middleware. Something like this: # Imagine we're a WSGIContext object here. # # To start, SCRIPT_NAME = '' and PATH_INFO='/v1/a/c/o' resp_iter = self._app_call(env, start_response) # Now SCRIPT_NAME='/v1' and PATH_INFO ='/a/c/o' if something_special in self._response_headers: env['REQUEST_METHOD'] = 'GET' env.pop('HTTP_RANGE', None) # 404 SURPRISE! The proxy calls path_info_pop() again, # and now SCRIPT_NAME='/v1/a' and PATH_INFO='/c/o', so this # gets treated as a container request. Yikes. resp_iter = self._app_call(env, start_response) Now we just leave SCRIPT_NAME and PATH_INFO alone. To make life easy for everyone who does want just /a/c/o, I defined swob.Request.swift_entity_path, which just strips off the /v1. Note that there's still one call to path_info_pop() in tempauth, but that's only for requests going to /auth, so it won't affect Swift API requests. It might be a good idea to remove that one later, but let's do one thing at a time. Change-Id: I87557a11c01f3f3889b610578cda6ba7d3933e7a
2013-12-03 22:18:46 -08:00
req = Request.blank('/v1/a/c', {'PATH_INFO': '/v1/a/c'})
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
resp = controller.HEAD(req)
self.assertEqual(2, resp.status_int // 100)
self.assertTrue("swift.container/a/c" in resp.environ)
self.assertEqual(headers_to_container_info(resp.headers),
resp.environ['swift.container/a/c'])
Implements configurable swift_owner_headers These are headers that will be stripped unless the WSGI environment contains a true value for 'swift_owner'. The exact definition of a swift_owner is up to the auth system in use, but usually indicates administrative responsibilities. DocImpact Change-Id: I972772fbbd235414e00130ca663428e8750cabca
2013-06-27 14:11:25 +00:00
def test_swift_owner(self):
owner_headers = {
'x-container-read': 'value', 'x-container-write': 'value',
'x-container-sync-key': 'value', 'x-container-sync-to': 'value'}
controller = proxy_server.ContainerController(self.app, 'a', 'c')
Stop mutating PATH_INFO in proxy server The proxy server was calling swob.Request.path_info_pop() prior to instantiating a controller so that req.path_info was just /a/c/o (sans /v1). The version got moved over into SCRIPT_NAME. This lead to some unfortunate behavior when trying to re-use a request from middleware. Something like this: # Imagine we're a WSGIContext object here. # # To start, SCRIPT_NAME = '' and PATH_INFO='/v1/a/c/o' resp_iter = self._app_call(env, start_response) # Now SCRIPT_NAME='/v1' and PATH_INFO ='/a/c/o' if something_special in self._response_headers: env['REQUEST_METHOD'] = 'GET' env.pop('HTTP_RANGE', None) # 404 SURPRISE! The proxy calls path_info_pop() again, # and now SCRIPT_NAME='/v1/a' and PATH_INFO='/c/o', so this # gets treated as a container request. Yikes. resp_iter = self._app_call(env, start_response) Now we just leave SCRIPT_NAME and PATH_INFO alone. To make life easy for everyone who does want just /a/c/o, I defined swob.Request.swift_entity_path, which just strips off the /v1. Note that there's still one call to path_info_pop() in tempauth, but that's only for requests going to /auth, so it won't affect Swift API requests. It might be a good idea to remove that one later, but let's do one thing at a time. Change-Id: I87557a11c01f3f3889b610578cda6ba7d3933e7a
2013-12-03 22:18:46 -08:00
req = Request.blank('/v1/a/c')
Implements configurable swift_owner_headers These are headers that will be stripped unless the WSGI environment contains a true value for 'swift_owner'. The exact definition of a swift_owner is up to the auth system in use, but usually indicates administrative responsibilities. DocImpact Change-Id: I972772fbbd235414e00130ca663428e8750cabca
2013-06-27 14:11:25 +00:00
with mock.patch('swift.proxy.controllers.base.http_connect',
fake_http_connect(200, 200, headers=owner_headers)):
resp = controller.HEAD(req)
pep8 fix: assertEquals -> assertEqual assertEquals is deprecated in py3 in the following dir: test/unit/proxy/* Change-Id: Ie2c7e73e1096233a10ee7fbf6f88386fa4d469d6
2015-08-06 10:01:17 -05:00
self.assertEqual(2, resp.status_int // 100)
Implements configurable swift_owner_headers These are headers that will be stripped unless the WSGI environment contains a true value for 'swift_owner'. The exact definition of a swift_owner is up to the auth system in use, but usually indicates administrative responsibilities. DocImpact Change-Id: I972772fbbd235414e00130ca663428e8750cabca
2013-06-27 14:11:25 +00:00
for key in owner_headers:
self.assertTrue(key not in resp.headers)
Stop mutating PATH_INFO in proxy server The proxy server was calling swob.Request.path_info_pop() prior to instantiating a controller so that req.path_info was just /a/c/o (sans /v1). The version got moved over into SCRIPT_NAME. This lead to some unfortunate behavior when trying to re-use a request from middleware. Something like this: # Imagine we're a WSGIContext object here. # # To start, SCRIPT_NAME = '' and PATH_INFO='/v1/a/c/o' resp_iter = self._app_call(env, start_response) # Now SCRIPT_NAME='/v1' and PATH_INFO ='/a/c/o' if something_special in self._response_headers: env['REQUEST_METHOD'] = 'GET' env.pop('HTTP_RANGE', None) # 404 SURPRISE! The proxy calls path_info_pop() again, # and now SCRIPT_NAME='/v1/a' and PATH_INFO='/c/o', so this # gets treated as a container request. Yikes. resp_iter = self._app_call(env, start_response) Now we just leave SCRIPT_NAME and PATH_INFO alone. To make life easy for everyone who does want just /a/c/o, I defined swob.Request.swift_entity_path, which just strips off the /v1. Note that there's still one call to path_info_pop() in tempauth, but that's only for requests going to /auth, so it won't affect Swift API requests. It might be a good idea to remove that one later, but let's do one thing at a time. Change-Id: I87557a11c01f3f3889b610578cda6ba7d3933e7a
2013-12-03 22:18:46 -08:00
req = Request.blank('/v1/a/c', environ={'swift_owner': True})
Implements configurable swift_owner_headers These are headers that will be stripped unless the WSGI environment contains a true value for 'swift_owner'. The exact definition of a swift_owner is up to the auth system in use, but usually indicates administrative responsibilities. DocImpact Change-Id: I972772fbbd235414e00130ca663428e8750cabca
2013-06-27 14:11:25 +00:00
with mock.patch('swift.proxy.controllers.base.http_connect',
fake_http_connect(200, 200, headers=owner_headers)):
resp = controller.HEAD(req)
pep8 fix: assertEquals -> assertEqual assertEquals is deprecated in py3 in the following dir: test/unit/proxy/* Change-Id: Ie2c7e73e1096233a10ee7fbf6f88386fa4d469d6
2015-08-06 10:01:17 -05:00
self.assertEqual(2, resp.status_int // 100)
Implements configurable swift_owner_headers These are headers that will be stripped unless the WSGI environment contains a true value for 'swift_owner'. The exact definition of a swift_owner is up to the auth system in use, but usually indicates administrative responsibilities. DocImpact Change-Id: I972772fbbd235414e00130ca663428e8750cabca
2013-06-27 14:11:25 +00:00
for key in owner_headers:
self.assertTrue(key in resp.headers)
Generic means for persisting system metadata. Middleware or core features may need to store metadata against accounts or containers. This patch adds a generic mechanism for system metadata to be persisted in backend databases, without polluting the user metadata namespace, by using the reserved header namespace x-<server_type>-sysmeta-*. Modifications are firstly that backend servers persist system metadata headers alongside user metadata and other system state. For accounts and containers, system metadata in PUT and POST requests is treated in a similar way to user metadata. System metadata is not yet supported for object requests. Secondly, changes in the proxy controllers ensure that headers in the system metadata namespace will pass through in requests to backend servers. Thirdly, system metadata returned from backend servers in GET or HEAD responses is added to the cached info dict, which middleware can access. Finally, a gatekeeper middleware module is provided which filters all system metadata headers from requests and responses by removing headers with names starting x-account-sysmeta-, x-container-sysmeta-. The gatekeeper also removes headers starting x-object-sysmeta- in anticipation of future support for system metadata being set for objects. This prevents clients from writing or reading system metadata. The required_filters list in swift/proxy/server.py is modified to include the gatekeeper middleware so that if the gatekeeper has not been configured in the pipeline then it will be automatically inserted close to the start of the pipeline. blueprint cluster-federation Change-Id: I80b8b14243cc59505f8c584920f8f527646b5f45
2013-12-03 22:02:39 +00:00
def _make_callback_func(self, context):
def callback(ipaddr, port, device, partition, method, path,
headers=None, query_string=None, ssl=False):
context['method'] = method
context['path'] = path
context['headers'] = headers or {}
return callback
def test_sys_meta_headers_PUT(self):
# check that headers in sys meta namespace make it through
# the container controller
sys_meta_key = '%stest' % get_sys_meta_prefix('container')
sys_meta_key = sys_meta_key.title()
user_meta_key = 'X-Container-Meta-Test'
controller = proxy_server.ContainerController(self.app, 'a', 'c')
context = {}
callback = self._make_callback_func(context)
hdrs_in = {sys_meta_key: 'foo',
user_meta_key: 'bar',
'x-timestamp': '1.0'}
req = Request.blank('/v1/a/c', headers=hdrs_in)
with mock.patch('swift.proxy.controllers.base.http_connect',
fake_http_connect(200, 200, give_connect=callback)):
controller.PUT(req)
self.assertEqual(context['method'], 'PUT')
self.assertTrue(sys_meta_key in context['headers'])
self.assertEqual(context['headers'][sys_meta_key], 'foo')
self.assertTrue(user_meta_key in context['headers'])
self.assertEqual(context['headers'][user_meta_key], 'bar')
self.assertNotEqual(context['headers']['x-timestamp'], '1.0')
def test_sys_meta_headers_POST(self):
# check that headers in sys meta namespace make it through
# the container controller
sys_meta_key = '%stest' % get_sys_meta_prefix('container')
sys_meta_key = sys_meta_key.title()
user_meta_key = 'X-Container-Meta-Test'
controller = proxy_server.ContainerController(self.app, 'a', 'c')
context = {}
callback = self._make_callback_func(context)
hdrs_in = {sys_meta_key: 'foo',
user_meta_key: 'bar',
'x-timestamp': '1.0'}
req = Request.blank('/v1/a/c', headers=hdrs_in)
with mock.patch('swift.proxy.controllers.base.http_connect',
fake_http_connect(200, 200, give_connect=callback)):
controller.POST(req)
self.assertEqual(context['method'], 'POST')
self.assertTrue(sys_meta_key in context['headers'])
self.assertEqual(context['headers'][sys_meta_key], 'foo')
self.assertTrue(user_meta_key in context['headers'])
self.assertEqual(context['headers'][user_meta_key], 'bar')
self.assertNotEqual(context['headers']['x-timestamp'], '1.0')
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
def test_node_errors(self):
self.app.sort_nodes = lambda n: n
for method in ('PUT', 'DELETE', 'POST'):
def test_status_map(statuses, expected):
self.app._error_limiting = {}
req = Request.blank('/v1/a/c', method=method)
with mocked_http_conn(*statuses) as fake_conn:
test/unit: Replace python print operator with print function (pep H233, py33) 'print' function is compatible with 2.x and 3.x python versions Link : https://www.python.org/dev/peps/pep-3105/ Python 2.6 has a __future__ import that removes print as language syntax, letting you use the functional form instead Change-Id: I94e1bc6bd83ad6b05695c7ebdf7cbfd8f6d9f9af
2015-07-28 21:03:05 +05:30
print('a' * 50)
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
resp = req.get_response(self.app)
self.assertEqual(resp.status_int, expected)
for req in fake_conn.requests:
self.assertEqual(req['method'], method)
unit tests: Replace "self.assert_" by "self.assertTrue" The assert_() method is deprecated and can be safely replaced by assertTrue(). This patch makes sure that running the tests does not create undesired warnings. Change-Id: I0602ba39ef93263386644ee68088d5f65fcb4a71
2015-07-21 19:23:00 +05:30
self.assertTrue(req['path'].endswith('/a/c'))
Consistently apply node error limiting rules in proxy All GET or HEAD requests consistently error limit nodes that return 507 and increment errors for nodes responding with any other 5XX. There were two places in the object PUT path where the proxy was error limiting nodes and their behavior was inconsistent. During expect-100 connect we would only error_limit nodes on 507, and during response we would increment errors for all 5XX series responses. This was pretty hard to reason about and the divergence in behavior of questionable value. An audit of base controller highlighted where make_requests would apply error_limit's on 507 but not increment errors on other 5XX responses. Now anywhere we track errors on nodes we use error_limit on 507 and error_occurred on any other 5XX series request. Additionally a Timeout or Exception that is logged through exception_occurred will bump errors - which is consistent with the approach in "Add Error Limiting to slow nodes" [1]. 1. https://review.openstack.org/#/c/112424/ Change-Id: I67e489d18afd6bdfc730bfdba76f85a2e3ca74f0
2014-11-17 20:29:45 -08:00
base_status = [201] * 3
# test happy path
test_status_map(list(base_status), 201)
for i in range(3):
self.assertEqual(node_error_count(
self.app, self.container_ring.devs[i]), 0)
# single node errors and test isolation
for i in range(3):
status_list = list(base_status)
status_list[i] = 503
status_list.append(201)
test_status_map(status_list, 201)
for j in range(3):
expected = 1 if j == i else 0
self.assertEqual(node_error_count(
self.app, self.container_ring.devs[j]), expected)
# timeout
test_status_map((201, Timeout(), 201, 201), 201)
self.assertEqual(node_error_count(
self.app, self.container_ring.devs[1]), 1)
# exception
test_status_map((Exception('kaboom!'), 201, 201, 201), 201)
self.assertEqual(node_error_count(
self.app, self.container_ring.devs[0]), 1)
# insufficient storage
test_status_map((201, 201, 507, 201), 201)
self.assertEqual(node_error_count(
self.app, self.container_ring.devs[2]),
self.app.error_suppression_limit + 1)
get_info - removes duplicate code (Take 3) Consolidate the different ways in which info of account/container is gathered, cached, used, updated, etc. This refactoring increases code reuse and is a basis for later addition of account ACLs. Changing the get_info users is left for future. This staged approach ensures the behaviour is unchanged. Change-Id: I67b58030d3f9e3bc86bcd7ece0f1dc693c4e08c3 Fixes: Bug #1162199
2013-03-30 15:55:29 +03:00
if __name__ == '__main__':
unittest.main()
Copy Permalink