probe tests: Work when fronted by a TLS terminator

* Add a new config option, proxy_base_url
* Support HTTPS as well as HTTP connections
* Monkey-patch eventlet early so we never import an unpatched version
  from swiftclient

Change-Id: I4945d512966d3666f2738058f15a916c65ad4a6b
This commit is contained in:
Tim Burke 2020-02-03 13:02:58 -08:00
parent ff885d30e4
commit 630c9ef809
7 changed files with 40 additions and 15 deletions

View File

@ -14,6 +14,9 @@
# limitations under the License. # limitations under the License.
import eventlet
eventlet.monkey_patch()
from test import get_config from test import get_config
from swift.common.utils import config_true_value from swift.common.utils import config_true_value
@ -21,3 +24,8 @@ from swift.common.utils import config_true_value
config = get_config('probe_test') config = get_config('probe_test')
CHECK_SERVER_TIMEOUT = int(config.get('check_server_timeout', 30)) CHECK_SERVER_TIMEOUT = int(config.get('check_server_timeout', 30))
VALIDATE_RSYNC = config_true_value(config.get('validate_rsync', False)) VALIDATE_RSYNC = config_true_value(config.get('validate_rsync', False))
PROXY_BASE_URL = config.get('proxy_base_url')
if PROXY_BASE_URL is None:
# TODO: find and load an "appropriate" proxy-server.conf(.d), piece
# something together from bind_ip, bind_port, and cert_file
PROXY_BASE_URL = 'http://127.0.0.1:8080'

View File

@ -31,6 +31,7 @@ from swift.common.http import HTTP_NOT_FOUND
from swiftclient import client, get_auth, ClientException from swiftclient import client, get_auth, ClientException
from test.probe import PROXY_BASE_URL
from test.probe.common import ENABLED_POLICIES from test.probe.common import ENABLED_POLICIES
TIMEOUT = 60 TIMEOUT = 60
@ -340,7 +341,7 @@ def main():
if cmd not in BrainSplitter.__commands__: if cmd not in BrainSplitter.__commands__:
parser.print_help() parser.print_help()
return 'ERROR: unknown command %s' % cmd return 'ERROR: unknown command %s' % cmd
url, token = get_auth('http://127.0.0.1:8080/auth/v1.0', url, token = get_auth(PROXY_BASE_URL + '/auth/v1.0',
'test:tester', 'testing') 'test:tester', 'testing')
if options.server_type == 'object' and not options.policy_name: if options.server_type == 'object' and not options.policy_name:
options.policy_name = POLICIES.default.name options.policy_name = POLICIES.default.name

View File

@ -39,7 +39,7 @@ from swift.common.manager import Manager
from swift.common.storage_policy import POLICIES, EC_POLICY, REPL_POLICY from swift.common.storage_policy import POLICIES, EC_POLICY, REPL_POLICY
from swift.obj.diskfile import get_data_dir from swift.obj.diskfile import get_data_dir
from test.probe import CHECK_SERVER_TIMEOUT, VALIDATE_RSYNC from test.probe import CHECK_SERVER_TIMEOUT, VALIDATE_RSYNC, PROXY_BASE_URL
ENABLED_POLICIES = [p for p in POLICIES if not p.is_deprecated] ENABLED_POLICIES = [p for p in POLICIES if not p.is_deprecated]
@ -80,8 +80,8 @@ def _check_storage(ipport, path):
return resp return resp
def _check_proxy(ipport, user, key): def _check_proxy(user, key):
url, token = get_auth('http://%s:%d/auth/v1.0' % ipport, url, token = get_auth(PROXY_BASE_URL + '/auth/v1.0',
user, key) user, key)
account = url.split('/')[-1] account = url.split('/')[-1]
head_account(url, token) head_account(url, token)
@ -118,7 +118,7 @@ def check_server(ipport, ipport2server):
rv = _retry_timeout(_check_storage, args=(ipport, path)) rv = _retry_timeout(_check_storage, args=(ipport, path))
else: else:
rv = _retry_timeout(_check_proxy, args=( rv = _retry_timeout(_check_proxy, args=(
ipport, 'test:tester', 'testing')) 'test:tester', 'testing'))
return rv return rv
@ -392,7 +392,7 @@ class ProbeTest(unittest.TestCase):
'url': self.url, 'token': self.token, 'account': self.account} 'url': self.url, 'token': self.token, 'account': self.account}
rv = _retry_timeout(_check_proxy, args=( rv = _retry_timeout(_check_proxy, args=(
proxy_ipport, 'test2:tester2', 'testing2')) 'test2:tester2', 'testing2'))
self.account_2 = { self.account_2 = {
k: v for (k, v) in zip(('url', 'token', 'account'), rv)} k: v for (k, v) in zip(('url', 'token', 'account'), rv)}

View File

@ -20,6 +20,7 @@ import unittest
from six.moves import http_client from six.moves import http_client
from six.moves.urllib.parse import urlparse from six.moves.urllib.parse import urlparse
from swiftclient import get_auth from swiftclient import get_auth
from test.probe import PROXY_BASE_URL
from test.probe.common import ReplProbeTest from test.probe.common import ReplProbeTest
@ -28,7 +29,7 @@ class TestAccountGetFakeResponsesMatch(ReplProbeTest):
def setUp(self): def setUp(self):
super(TestAccountGetFakeResponsesMatch, self).setUp() super(TestAccountGetFakeResponsesMatch, self).setUp()
self.url, self.token = get_auth( self.url, self.token = get_auth(
'http://127.0.0.1:8080/auth/v1.0', 'admin:admin', 'admin') PROXY_BASE_URL + '/auth/v1.0', 'admin:admin', 'admin')
def _account_path(self, account): def _account_path(self, account):
_, _, path, _, _, _ = urlparse(self.url) _, _, path, _, _, _ = urlparse(self.url)
@ -46,10 +47,15 @@ class TestAccountGetFakeResponsesMatch(ReplProbeTest):
headers['X-Auth-Token'] = self.token headers['X-Auth-Token'] = self.token
scheme, netloc, path, _, _, _ = urlparse(self.url) scheme, netloc, path, _, _, _ = urlparse(self.url)
host, port = netloc.split(':') host, port = netloc.partition(':')[::2]
if not port:
port = '443' if scheme == 'https' else '80'
port = int(port) port = int(port)
conn = http_client.HTTPConnection(host, port) if scheme == 'https':
conn = http_client.HTTPSConnection(host, port)
else:
conn = http_client.HTTPConnection(host, port)
conn.request(method, self._account_path(account), headers=headers) conn.request(method, self._account_path(account), headers=headers)
resp = conn.getresponse() resp = conn.getresponse()
if resp.status // 100 != 2: if resp.status // 100 != 2:

View File

@ -34,6 +34,7 @@ from swiftclient import client, get_auth, ClientException
from swift.proxy.controllers.base import get_cache_key from swift.proxy.controllers.base import get_cache_key
from swift.proxy.controllers.obj import num_container_updates from swift.proxy.controllers.obj import num_container_updates
from test import annotate_failure from test import annotate_failure
from test.probe import PROXY_BASE_URL
from test.probe.brain import BrainSplitter from test.probe.brain import BrainSplitter
from test.probe.common import ReplProbeTest, get_server_number, \ from test.probe.common import ReplProbeTest, get_server_number, \
wait_for_server_to_hangup wait_for_server_to_hangup
@ -115,7 +116,7 @@ class BaseTestContainerSharding(ReplProbeTest):
client.requests.logging.WARNING) client.requests.logging.WARNING)
super(BaseTestContainerSharding, self).setUp() super(BaseTestContainerSharding, self).setUp()
_, self.admin_token = get_auth( _, self.admin_token = get_auth(
'http://127.0.0.1:8080/auth/v1.0', 'admin:admin', 'admin') PROXY_BASE_URL + '/auth/v1.0', 'admin:admin', 'admin')
self._setup_container_name() self._setup_container_name()
self.init_brain(self.container_name) self.init_brain(self.container_name)
self.sharders = Manager(['container-sharder']) self.sharders = Manager(['container-sharder'])

View File

@ -26,10 +26,12 @@ import time
from uuid import uuid4 from uuid import uuid4
from six.moves import http_client as httplib from six.moves import http_client as httplib
from six.moves.urllib.parse import urlparse
from swift.common.ring import Ring from swift.common.ring import Ring
from swift.common.manager import Manager from swift.common.manager import Manager
from test.probe import PROXY_BASE_URL
from test.probe.common import resetswift, ReplProbeTest, client from test.probe.common import resetswift, ReplProbeTest, client
@ -109,7 +111,9 @@ class TestWSGIServerProcessHandling(ReplProbeTest):
self.assertIn('Invalid path: blah', got_body) self.assertIn('Invalid path: blah', got_body)
def get_conn(self): def get_conn(self):
ip, port = self.get_ip_port() scheme, ip, port = self.get_scheme_ip_port()
if scheme == 'https':
return httplib.HTTPSConnection('%s:%s' % (ip, port))
return httplib.HTTPConnection('%s:%s' % (ip, port)) return httplib.HTTPConnection('%s:%s' % (ip, port))
def _check_reload(self): def _check_reload(self):
@ -228,11 +232,11 @@ class TestObjectServerReloadBase(TestWSGIServerProcessHandling):
SERVER_NAME = 'object' SERVER_NAME = 'object'
PID_TIMEOUT = 35 PID_TIMEOUT = 35
def get_ip_port(self): def get_scheme_ip_port(self):
self.policy.load_ring('/etc/swift') self.policy.load_ring('/etc/swift')
self.ring_node = random.choice( self.ring_node = random.choice(
self.policy.object_ring.get_part_nodes(1)) self.policy.object_ring.get_part_nodes(1))
return self.ring_node['ip'], self.ring_node['port'] return 'http', self.ring_node['ip'], self.ring_node['port']
def start_write_req(self, conn, suffix): def start_write_req(self, conn, suffix):
putrequest(conn, 'PUT', '/%s/123/%s/%s/blah-%s' % ( putrequest(conn, 'PUT', '/%s/123/%s/%s/blah-%s' % (
@ -296,8 +300,12 @@ class TestProxyServerReloadBase(TestWSGIServerProcessHandling):
def swap_configs(self): def swap_configs(self):
shutil.copy(self.new_swift_conf_path, self.swift_conf_path) shutil.copy(self.new_swift_conf_path, self.swift_conf_path)
def get_ip_port(self): def get_scheme_ip_port(self):
return 'localhost', 8080 parsed = urlparse(PROXY_BASE_URL)
host, port = parsed.netloc.partition(':')[::2]
if not port:
port = '443' if parsed.scheme == 'https' else '80'
return parsed.scheme, host, int(port)
def assertMaxHeaderSize(self, resp, exp_max_header_size): def assertMaxHeaderSize(self, resp, exp_max_header_size):
self.assertEqual(resp.status // 100, 2) self.assertEqual(resp.status // 100, 2)

View File

@ -101,6 +101,7 @@ fake_syslog = False
[probe_test] [probe_test]
# check_server_timeout = 30 # check_server_timeout = 30
# validate_rsync = false # validate_rsync = false
# proxy_base_url = http://localhost:8080
[swift-constraints] [swift-constraints]
# The functional test runner will try to use the constraint values provided in # The functional test runner will try to use the constraint values provided in