SSL support and requirement

Add SSL support and change zVMCloudConnector requirement version

Change-Id: I856075dd0e3bfd7be963514b9d323214d9111e3a
changes/37/533037/1
yalian 5 years ago
parent 2c5bb128ed
commit b3f64cb586
  1. 11
      neutron/plugins/zvm/common/config.py
  2. 19
      neutron/plugins/zvm/common/utils.py
  3. 152
      neutron/tests/unit/plugins/zvm/test_zvm_utils.py
  4. 2
      requirements.txt
  5. 1
      tox.ini

@ -31,6 +31,17 @@ agent_opts = [
sample_default='http://zvm.example.org:8080/',
help="""
URL to be used to communicate with z/VM Cloud Connector.
"""),
cfg.StrOpt('zvm_ca_file',
default=None,
help="""
CA certificate file to be verified in httpd server.
A string, it must be a path to a CA bundle to use.
"""),
cfg.StrOpt('zvm_token_file',
default=None,
help="""
Token file that contains admin-token to access sdk http server.
"""),
]

@ -28,7 +28,24 @@ class zVMConnectorRequestHandler(object):
def __init__(self):
_url = urlparse.urlparse(CONF.AGENT.cloud_connector_url)
self._conn = connector.ZVMConnector(_url.hostname, _url.port)
_ca_file = CONF.AGENT.zvm_ca_file
_token_file = CONF.AGENT.zvm_token_file
kwargs = {}
if _url.scheme == 'https':
kwargs['ssl_enabled'] = True
else:
kwargs['ssl_enabled'] = False
if _token_file is not None:
kwargs['token_path'] = False
if ((kwargs['ssl_enabled']) and
(_ca_file is not None)):
kwargs['verify'] = _ca_file
else:
kwargs['verify'] = False
self._conn = connector.ZVMConnector(_url.hostname, _url.port, **kwargs)
def call(self, func_name, *args, **kwargs):
results = self._conn.send_request(func_name, *args, **kwargs)

@ -16,6 +16,7 @@
Unit tests for the z/VM utils.
"""
import mock
import os
from oslo_config import cfg
@ -24,14 +25,17 @@ from neutron.plugins.zvm.common import utils
from neutron.tests import base
from zvmconnector import connector
SDK_URL = 'https://10.10.10.1:8080'
HTTPS_SDK_URL = 'https://10.10.10.1:8080'
HTTP_SDK_URL = 'http://10.10.10.1:8080'
CA_FILE = '/tmp/ca.pem'
TOKEN_FILE = '/tmp/token.dat'
class TestZVMUtils(base.BaseTestCase):
class TestZVMUtils_HTTPS_without_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils, self).setUp()
super(TestZVMUtils_HTTPS_without_verify, self).setUp()
self.addCleanup(cfg.CONF.reset)
cfg.CONF.set_override('cloud_connector_url', SDK_URL,
cfg.CONF.set_override('cloud_connector_url', HTTPS_SDK_URL,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
@ -48,3 +52,143 @@ class TestZVMUtils(base.BaseTestCase):
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")
class TestZVMUtils_HTTPS_with_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTPS_with_verify, self).setUp()
if not os.path.exists(CA_FILE):
os.mknod(CA_FILE)
cfg.CONF.set_override('cloud_connector_url', HTTPS_SDK_URL,
group='AGENT')
cfg.CONF.set_override('zvm_ca_file', CA_FILE,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
self.addCleanup(cfg.CONF.reset)
self.addCleanup(os.remove, CA_FILE)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")
class TestZVMUtils_HTTP_without_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTP_without_verify, self).setUp()
self.addCleanup(cfg.CONF.reset)
cfg.CONF.set_override('cloud_connector_url', HTTP_SDK_URL,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")
class TestZVMUtils_HTTP_with_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTP_with_verify, self).setUp()
if not os.path.exists(CA_FILE):
os.mknod(CA_FILE)
cfg.CONF.set_override('cloud_connector_url', HTTP_SDK_URL,
group='AGENT')
cfg.CONF.set_override('zvm_ca_file', CA_FILE,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
self.addCleanup(cfg.CONF.reset)
self.addCleanup(os.remove, CA_FILE)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")
class TestZVMUtils_HTTP_token_with_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTP_token_with_verify, self).setUp()
if not os.path.exists(CA_FILE):
os.mknod(CA_FILE)
if not os.path.exists(TOKEN_FILE):
os.mknod(TOKEN_FILE)
cfg.CONF.set_override('cloud_connector_url', HTTP_SDK_URL,
group='AGENT')
cfg.CONF.set_override('zvm_ca_file', CA_FILE,
group='AGENT')
cfg.CONF.set_override('zvm_token_file', TOKEN_FILE,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
self.addCleanup(cfg.CONF.reset)
self.addCleanup(os.remove, CA_FILE)
self.addCleanup(os.remove, TOKEN_FILE)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")
class TestZVMUtils_HTTPS_token_without_verify(base.BaseTestCase):
def setUp(self):
super(TestZVMUtils_HTTPS_token_without_verify, self).setUp()
if not os.path.exists(TOKEN_FILE):
os.mknod(TOKEN_FILE)
cfg.CONF.set_override('cloud_connector_url', HTTPS_SDK_URL,
group='AGENT')
cfg.CONF.set_override('zvm_token_file', TOKEN_FILE,
group='AGENT')
self._utils = utils.zVMConnectorRequestHandler()
self.addCleanup(cfg.CONF.reset)
self.addCleanup(os.remove, TOKEN_FILE)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call(self, request):
request.return_value = {"overallRC": 0, 'output': "OK"}
info = self._utils.call('API', "parm1", "parm2")
request.assert_called_with('API', "parm1", "parm2")
self.assertEqual("OK", info)
@mock.patch.object(connector.ZVMConnector, 'send_request')
def test_call_exception(self, request):
request.return_value = {"overallRC": 1, 'output': ""}
self.assertRaises(exception.ZVMSDKRequestFailed,
self._utils.call,
"API")

@ -6,3 +6,5 @@ oslo.config!=3.18.0,>=3.14.0 # Apache-2.0
oslo.log>=3.11.0 # Apache-2.0
oslo.serialization>=1.10.0 # Apache-2.0
neutron-lib>=1.2.0 # Apache-2.0
zVMCloudConnector>=0.3.5 # Apache 2.0 License

@ -12,7 +12,6 @@ setenv =
deps = -r{toxinidir}/requirements.txt
-r{toxinidir}/test-requirements.txt
-egit+https://github.com/openstack/neutron@master#egg=neutron
-egit+https://github.com/mfcloud/python-zvm-sdk@master#egg=zVMCloudConnector
commands = python setup.py testr --slowest --testr-args='{posargs}'
[testenv:pep8]

Loading…
Cancel
Save