Browse Source

SSL support and requirement

Add SSL support and change zVMCloudConnector requirement version

Change-Id: I856075dd0e3bfd7be963514b9d323214d9111e3a
tags/10.0.0
yalian 2 years ago
parent
commit
b3f64cb586
5 changed files with 179 additions and 6 deletions
  1. +11
    -0
      neutron/plugins/zvm/common/config.py
  2. +18
    -1
      neutron/plugins/zvm/common/utils.py
  3. +148
    -4
      neutron/tests/unit/plugins/zvm/test_zvm_utils.py
  4. +2
    -0
      requirements.txt
  5. +0
    -1
      tox.ini

+ 11
- 0
neutron/plugins/zvm/common/config.py View File

@@ -31,6 +31,17 @@ agent_opts = [
sample_default='http://zvm.example.org:8080/',
help="""
URL to be used to communicate with z/VM Cloud Connector.
"""),
cfg.StrOpt('zvm_ca_file',
default=None,
help="""
CA certificate file to be verified in httpd server.
A string, it must be a path to a CA bundle to use.
"""),
cfg.StrOpt('zvm_token_file',
default=None,
help="""
Token file that contains admin-token to access sdk http server.
"""),
]



+ 18
- 1
neutron/plugins/zvm/common/utils.py View File

@@ -28,7 +28,24 @@ class zVMConnectorRequestHandler(object):

def __init__(self):
_url = urlparse.urlparse(CONF.AGENT.cloud_connector_url)
self._conn = connector.ZVMConnector(_url.hostname, _url.port)
_ca_file = CONF.AGENT.zvm_ca_file
_token_file = CONF.AGENT.zvm_token_file
kwargs = {}
if _url.scheme == 'https':
kwargs['ssl_enabled'] = True
else:
kwargs['ssl_enabled'] = False

if _token_file is not None:
kwargs['token_path'] = False

if ((kwargs['ssl_enabled']) and
(_ca_file is not None)):
kwargs['verify'] = _ca_file
else:
kwargs['verify'] = False

self._conn = connector.ZVMConnector(_url.hostname, _url.port, **kwargs)

def call(self, func_name, *args, **kwargs):
results = self._conn.send_request(func_name, *args, **kwargs)


+ 148
- 4
neutron/tests/unit/plugins/zvm/test_zvm_utils.py View File

@@ -16,6 +16,7 @@
Unit tests for the z/VM utils.
"""
import mock
import os

from oslo_config import cfg

@@ -24,14 +25,17 @@ from neutron.plugins.zvm.common import utils
from neutron.tests import base
from zvmconnector import connector

SDK_URL = 'https://10.10.10.1:8080'
HTTPS_SDK_URL = 'https://10.10.10.1:8080'
HTTP_SDK_URL = 'http://10.10.10.1:8080'
CA_FILE = '/tmp/ca.pem'
TOKEN_FILE = '/tmp/token.dat'


class TestZVMUtils(base.BaseTestCase):
class TestZVMUtils_HTTPS_without_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils, self).setUp()
super(TestZVMUtils_HTTPS_without_verify, self).setUp()
self.addCleanup(cfg.CONF.reset)
cfg.CONF.set_override('cloud_connector_url', SDK_URL,
cfg.CONF.set_override('cloud_connector_url', HTTPS_SDK_URL,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()

@@ -48,3 +52,143 @@ class TestZVMUtils(base.BaseTestCase):
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")


class TestZVMUtils_HTTPS_with_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTPS_with_verify, self).setUp()
if not os.path.exists(CA_FILE):
os.mknod(CA_FILE)
cfg.CONF.set_override('cloud_connector_url', HTTPS_SDK_URL,
group='AGENT')
cfg.CONF.set_override('zvm_ca_file', CA_FILE,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
self.addCleanup(cfg.CONF.reset)
self.addCleanup(os.remove, CA_FILE)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")


class TestZVMUtils_HTTP_without_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTP_without_verify, self).setUp()
self.addCleanup(cfg.CONF.reset)
cfg.CONF.set_override('cloud_connector_url', HTTP_SDK_URL,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")


class TestZVMUtils_HTTP_with_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTP_with_verify, self).setUp()
if not os.path.exists(CA_FILE):
os.mknod(CA_FILE)
cfg.CONF.set_override('cloud_connector_url', HTTP_SDK_URL,
group='AGENT')
cfg.CONF.set_override('zvm_ca_file', CA_FILE,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
self.addCleanup(cfg.CONF.reset)
self.addCleanup(os.remove, CA_FILE)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")


class TestZVMUtils_HTTP_token_with_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTP_token_with_verify, self).setUp()
if not os.path.exists(CA_FILE):
os.mknod(CA_FILE)
if not os.path.exists(TOKEN_FILE):
os.mknod(TOKEN_FILE)
cfg.CONF.set_override('cloud_connector_url', HTTP_SDK_URL,
group='AGENT')
cfg.CONF.set_override('zvm_ca_file', CA_FILE,
group='AGENT')
cfg.CONF.set_override('zvm_token_file', TOKEN_FILE,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
self.addCleanup(cfg.CONF.reset)
self.addCleanup(os.remove, CA_FILE)
self.addCleanup(os.remove, TOKEN_FILE)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")


class TestZVMUtils_HTTPS_token_without_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTPS_token_without_verify, self).setUp()
if not os.path.exists(TOKEN_FILE):
os.mknod(TOKEN_FILE)
cfg.CONF.set_override('cloud_connector_url', HTTPS_SDK_URL,
group='AGENT')
cfg.CONF.set_override('zvm_token_file', TOKEN_FILE,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
self.addCleanup(cfg.CONF.reset)
self.addCleanup(os.remove, TOKEN_FILE)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)

@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")

+ 2
- 0
requirements.txt View File

@@ -6,3 +6,5 @@ oslo.config!=3.18.0,>=3.14.0 # Apache-2.0
oslo.log>=3.11.0 # Apache-2.0
oslo.serialization>=1.10.0 # Apache-2.0
neutron-lib>=1.2.0 # Apache-2.0

zVMCloudConnector>=0.3.5 # Apache 2.0 License

+ 0
- 1
tox.ini View File

@@ -12,7 +12,6 @@ setenv =
deps = -r{toxinidir}/requirements.txt
-r{toxinidir}/test-requirements.txt
-egit+https://github.com/openstack/neutron@master#egg=neutron
-egit+https://github.com/mfcloud/python-zvm-sdk@master#egg=zVMCloudConnector
commands = python setup.py testr --slowest --testr-args='{posargs}'

[testenv:pep8]


Loading…
Cancel
Save