From 49a7e430ca30768a68a111223068652c781206fe Mon Sep 17 00:00:00 2001
From: Sandy Walsh <sandy.walsh@rackspace.com>
Date: Wed, 16 Feb 2011 13:17:42 -0800
Subject: zone manager tests

---
 nova/tests/test_zones.py | 132 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 132 insertions(+)
 create mode 100644 nova/tests/test_zones.py

(limited to 'nova/tests')

diff --git a/nova/tests/test_zones.py b/nova/tests/test_zones.py
new file mode 100644
index 000000000..b4c8815d5
--- /dev/null
+++ b/nova/tests/test_zones.py
@@ -0,0 +1,132 @@
+# Copyright 2010 United States Government as represented by the
+# Administrator of the National Aeronautics and Space Administration.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+"""
+Tests For ZoneManager
+"""
+
+import datetime
+import mox
+
+from nova import context
+from nova import db
+from nova import flags
+from nova import service
+from nova import test
+from nova import rpc
+from nova import utils
+from nova.auth import manager as auth_manager
+from nova.scheduler import zone_manager
+
+
+class FakeZone:
+    """Represents a fake zone from the db"""
+    def __init__(self, *args, **kwargs):
+        for k, v in kwargs.iteritems():
+            setattr(self, k, v)
+
+
+class ZoneManagerTestCase(test.TestCase):
+    """Test case for zone manager"""
+    def test_ping(self):
+        zm = zone_manager.ZoneManager()
+        self.mox.StubOutWithMock(zm, '_refresh_from_db')
+        self.mox.StubOutWithMock(zm, '_poll_zones')
+        zm._refresh_from_db(mox.IgnoreArg())
+        zm._poll_zones(mox.IgnoreArg())
+
+        self.mox.ReplayAll()
+        zm.ping(None)
+        self.mox.VerifyAll()
+
+    def test_refresh_from_db_new(self):
+        zm = zone_manager.ZoneManager()
+
+        self.mox.StubOutWithMock(db, 'zone_get_all')
+        db.zone_get_all(mox.IgnoreArg()).AndReturn([
+               FakeZone(id=1, api_url='http://foo.com', username='user1',
+                    password='pass1'),
+            ])
+        
+        self.assertEquals(len(zm.zone_states), 0)
+
+        self.mox.ReplayAll()
+        zm._refresh_from_db(None)
+        self.mox.VerifyAll()
+
+        self.assertEquals(len(zm.zone_states), 1)
+        self.assertEquals(zm.zone_states[1].username, 'user1')
+
+    def test_refresh_from_db_replace_existing(self):
+        zm = zone_manager.ZoneManager()
+        zone_state = zone_manager.ZoneState()
+        zone_state.update_credentials(FakeZone(id=1, api_url='http://foo.com',
+                        username='user1', password='pass1'))
+        zm.zone_states[1] = zone_state
+
+        self.mox.StubOutWithMock(db, 'zone_get_all')
+        db.zone_get_all(mox.IgnoreArg()).AndReturn([
+               FakeZone(id=1, api_url='http://foo.com', username='user2',
+                    password='pass2'),
+            ])
+        
+        self.assertEquals(len(zm.zone_states), 1)
+
+        self.mox.ReplayAll()
+        zm._refresh_from_db(None)
+        self.mox.VerifyAll()
+
+        self.assertEquals(len(zm.zone_states), 1)
+        self.assertEquals(zm.zone_states[1].username, 'user2')
+
+    def test_refresh_from_db_missing(self):
+        zm = zone_manager.ZoneManager()
+        zone_state = zone_manager.ZoneState()
+        zone_state.update_credentials(FakeZone(id=1, api_url='http://foo.com',
+                        username='user1', password='pass1'))
+        zm.zone_states[1] = zone_state
+
+        self.mox.StubOutWithMock(db, 'zone_get_all')
+        db.zone_get_all(mox.IgnoreArg()).AndReturn([ ])
+        
+        self.assertEquals(len(zm.zone_states), 1)
+
+        self.mox.ReplayAll()
+        zm._refresh_from_db(None)
+        self.mox.VerifyAll()
+
+        self.assertEquals(len(zm.zone_states), 0)
+
+    def test_refresh_from_db_add_and_delete(self):
+        zm = zone_manager.ZoneManager()
+        zone_state = zone_manager.ZoneState()
+        zone_state.update_credentials(FakeZone(id=1, api_url='http://foo.com',
+                        username='user1', password='pass1'))
+        zm.zone_states[1] = zone_state
+
+        self.mox.StubOutWithMock(db, 'zone_get_all')
+        
+        db.zone_get_all(mox.IgnoreArg()).AndReturn([
+               FakeZone(id=2, api_url='http://foo.com', username='user2',
+                    password='pass2'),
+            ])
+        self.assertEquals(len(zm.zone_states), 1)
+
+        self.mox.ReplayAll()
+        zm._refresh_from_db(None)
+        self.mox.VerifyAll()
+
+        self.assertEquals(len(zm.zone_states), 1)
+        self.assertEquals(zm.zone_states[2].username, 'user2')
-- 
cgit 


From 719dbda7f8b856af334744de4807036e6ee704c1 Mon Sep 17 00:00:00 2001
From: Sandy Walsh <sandy.walsh@rackspace.com>
Date: Wed, 16 Feb 2011 18:30:56 -0800
Subject: polling tests

---
 nova/tests/test_zones.py | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

(limited to 'nova/tests')

diff --git a/nova/tests/test_zones.py b/nova/tests/test_zones.py
index b4c8815d5..2cb070aca 100644
--- a/nova/tests/test_zones.py
+++ b/nova/tests/test_zones.py
@@ -19,6 +19,7 @@ Tests For ZoneManager
 
 import datetime
 import mox
+import novatools
 
 from nova import context
 from nova import db
@@ -30,6 +31,8 @@ from nova import utils
 from nova.auth import manager as auth_manager
 from nova.scheduler import zone_manager
 
+FLAGS = flags.FLAGS
+
 
 class FakeZone:
     """Represents a fake zone from the db"""
@@ -38,6 +41,11 @@ class FakeZone:
             setattr(self, k, v)
 
 
+def exploding_novatools(zone):
+    """Used when we want to simulate a novatools call failing."""
+    raise Exception("kaboom")
+
+
 class ZoneManagerTestCase(test.TestCase):
     """Test case for zone manager"""
     def test_ping(self):
@@ -130,3 +138,36 @@ class ZoneManagerTestCase(test.TestCase):
 
         self.assertEquals(len(zm.zone_states), 1)
         self.assertEquals(zm.zone_states[2].username, 'user2')
+
+    def test_poll_zone(self):
+        self.mox.StubOutWithMock(zone_manager, '_call_novatools')
+        zone_manager._call_novatools(mox.IgnoreArg()).AndReturn(
+                        dict(name='zohan', capabilities='hairdresser'))
+
+        zone_state = zone_manager.ZoneState()
+        zone_state.update_credentials(FakeZone(id=2,
+                       api_url='http://foo.com', username='user2',
+                       password='pass2'))
+        zone_state.attempt = 1
+
+        self.mox.ReplayAll()
+        zone_manager._poll_zone(zone_state)
+        self.mox.VerifyAll()
+        self.assertEquals(zone_state.attempt, 0)
+        self.assertEquals(zone_state.name, 'zohan')
+
+    def test_poll_zone_fails(self):
+        self.stubs.Set(zone_manager, "_call_novatools", exploding_novatools)
+
+        zone_state = zone_manager.ZoneState()
+        zone_state.update_credentials(FakeZone(id=2,
+                       api_url='http://foo.com', username='user2',
+                       password='pass2'))
+        zone_state.attempt = FLAGS.zone_failures_to_offline - 1
+
+        self.mox.ReplayAll()
+        zone_manager._poll_zone(zone_state)
+        self.mox.VerifyAll()
+        self.assertEquals(zone_state.attempt, 3)
+        self.assertFalse(zone_state.is_active)
+        self.assertEquals(zone_state.name, None)
-- 
cgit 


From e77f8751dd59e5d650d047a6711c3d137947dda7 Mon Sep 17 00:00:00 2001
From: Sandy Walsh <sandy.walsh@rackspace.com>
Date: Thu, 17 Feb 2011 16:18:03 -0400
Subject: fixup

---
 nova/tests/test_zones.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_zones.py b/nova/tests/test_zones.py
index 2cb070aca..7036ebe58 100644
--- a/nova/tests/test_zones.py
+++ b/nova/tests/test_zones.py
@@ -67,7 +67,7 @@ class ZoneManagerTestCase(test.TestCase):
                FakeZone(id=1, api_url='http://foo.com', username='user1',
                     password='pass1'),
             ])
-        
+
         self.assertEquals(len(zm.zone_states), 0)
 
         self.mox.ReplayAll()
@@ -89,7 +89,7 @@ class ZoneManagerTestCase(test.TestCase):
                FakeZone(id=1, api_url='http://foo.com', username='user2',
                     password='pass2'),
             ])
-        
+
         self.assertEquals(len(zm.zone_states), 1)
 
         self.mox.ReplayAll()
@@ -107,8 +107,8 @@ class ZoneManagerTestCase(test.TestCase):
         zm.zone_states[1] = zone_state
 
         self.mox.StubOutWithMock(db, 'zone_get_all')
-        db.zone_get_all(mox.IgnoreArg()).AndReturn([ ])
-        
+        db.zone_get_all(mox.IgnoreArg()).AndReturn([])
+
         self.assertEquals(len(zm.zone_states), 1)
 
         self.mox.ReplayAll()
@@ -125,7 +125,7 @@ class ZoneManagerTestCase(test.TestCase):
         zm.zone_states[1] = zone_state
 
         self.mox.StubOutWithMock(db, 'zone_get_all')
-        
+
         db.zone_get_all(mox.IgnoreArg()).AndReturn([
                FakeZone(id=2, api_url='http://foo.com', username='user2',
                     password='pass2'),
-- 
cgit 


From b48201be9a5fa08ce21ef241052071800e5777ca Mon Sep 17 00:00:00 2001
From: Sandy Walsh <sandy.walsh@rackspace.com>
Date: Thu, 17 Feb 2011 12:43:22 -0800
Subject: fixed zone list tests

---
 nova/tests/api/openstack/test_zones.py | 32 +++++++++++++++++++++++++++++---
 1 file changed, 29 insertions(+), 3 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/api/openstack/test_zones.py b/nova/tests/api/openstack/test_zones.py
index 5542a1cf3..6c06fa8b8 100644
--- a/nova/tests/api/openstack/test_zones.py
+++ b/nova/tests/api/openstack/test_zones.py
@@ -52,7 +52,20 @@ def zone_delete(context, zone_id):
     pass
 
 
-def zone_get_all(context):
+def zone_get_all_scheduler(x, y, z):
+    return [
+        dict(id=1, api_url='http://foo.com', username='bob',
+                 password='xxx'),
+        dict(id=2, api_url='http://blah.com', username='alice',
+                 password='qwerty')
+    ]
+
+
+def zone_get_all_scheduler_empty(x, y, z):
+    return [] 
+
+
+def zone_get_all_db(context):
     return [
         dict(id=1, api_url='http://foo.com', username='bob',
                  password='xxx'),
@@ -74,7 +87,6 @@ class ZonesTest(unittest.TestCase):
         FLAGS.allow_admin_api = True
 
         self.stubs.Set(nova.db, 'zone_get', zone_get)
-        self.stubs.Set(nova.db, 'zone_get_all', zone_get_all)
         self.stubs.Set(nova.db, 'zone_update', zone_update)
         self.stubs.Set(nova.db, 'zone_create', zone_create)
         self.stubs.Set(nova.db, 'zone_delete', zone_delete)
@@ -83,7 +95,9 @@ class ZonesTest(unittest.TestCase):
         self.stubs.UnsetAll()
         FLAGS.allow_admin_api = self.allow_admin
 
-    def test_get_zone_list(self):
+    def test_get_zone_list_scheduler(self):
+        self.stubs.Set(zones.Controller, '_call_scheduler',
+                            zone_get_all_scheduler)
         req = webob.Request.blank('/v1.0/zones')
         res = req.get_response(fakes.wsgi_app())
         res_dict = json.loads(res.body)
@@ -91,6 +105,18 @@ class ZonesTest(unittest.TestCase):
         self.assertEqual(res.status_int, 200)
         self.assertEqual(len(res_dict['zones']), 2)
 
+    def test_get_zone_list_db(self):
+        self.stubs.Set(zones.Controller, '_call_scheduler', 
+            zone_get_all_scheduler_empty)
+        self.stubs.Set(nova.db, 'zone_get_all', zone_get_all_db)
+        req = webob.Request.blank('/v1.0/zones')
+        res = req.get_response(fakes.wsgi_app())
+        res_dict = json.loads(res.body)
+
+        self.assertEqual(res.status_int, 200)
+        self.assertEqual(len(res_dict['zones']), 2)
+
+
     def test_get_zone_by_id(self):
         req = webob.Request.blank('/v1.0/zones/1')
         res = req.get_response(fakes.wsgi_app())
-- 
cgit 


From 46269872192b843c80d72206a05c8b759c9f66a8 Mon Sep 17 00:00:00 2001
From: Sandy Walsh <sandy.walsh@rackspace.com>
Date: Thu, 17 Feb 2011 17:32:25 -0400
Subject: merge from dev

---
 nova/tests/api/openstack/test_zones.py | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/api/openstack/test_zones.py b/nova/tests/api/openstack/test_zones.py
index 6c06fa8b8..65cc1c023 100644
--- a/nova/tests/api/openstack/test_zones.py
+++ b/nova/tests/api/openstack/test_zones.py
@@ -62,7 +62,7 @@ def zone_get_all_scheduler(x, y, z):
 
 
 def zone_get_all_scheduler_empty(x, y, z):
-    return [] 
+    return []
 
 
 def zone_get_all_db(context):
@@ -106,7 +106,7 @@ class ZonesTest(unittest.TestCase):
         self.assertEqual(len(res_dict['zones']), 2)
 
     def test_get_zone_list_db(self):
-        self.stubs.Set(zones.Controller, '_call_scheduler', 
+        self.stubs.Set(zones.Controller, '_call_scheduler',
             zone_get_all_scheduler_empty)
         self.stubs.Set(nova.db, 'zone_get_all', zone_get_all_db)
         req = webob.Request.blank('/v1.0/zones')
@@ -116,7 +116,6 @@ class ZonesTest(unittest.TestCase):
         self.assertEqual(res.status_int, 200)
         self.assertEqual(len(res_dict['zones']), 2)
 
-
     def test_get_zone_by_id(self):
         req = webob.Request.blank('/v1.0/zones/1')
         res = req.get_response(fakes.wsgi_app())
-- 
cgit 


From e5d979596ff8c588c7bbe82b7f1cb90de8af041a Mon Sep 17 00:00:00 2001
From: Sandy Walsh <sandy.walsh@rackspace.com>
Date: Thu, 17 Feb 2011 18:49:30 -0400
Subject: missing docstring and fixed copyrights

---
 nova/tests/test_zones.py | 1 -
 1 file changed, 1 deletion(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_zones.py b/nova/tests/test_zones.py
index 7036ebe58..c273230a9 100644
--- a/nova/tests/test_zones.py
+++ b/nova/tests/test_zones.py
@@ -1,5 +1,4 @@
 # Copyright 2010 United States Government as represented by the
-# Administrator of the National Aeronautics and Space Administration.
 # All Rights Reserved.
 #
 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
-- 
cgit 


From c884064e7a9af04b2ebdbbb9ee32318a00716412 Mon Sep 17 00:00:00 2001
From: Sandy Walsh <sandy.walsh@rackspace.com>
Date: Fri, 18 Feb 2011 12:08:35 -0400
Subject: fixups backed on merge comments

---
 nova/tests/api/openstack/test_zones.py | 33 ++++++++++++++++-----------------
 1 file changed, 16 insertions(+), 17 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/api/openstack/test_zones.py b/nova/tests/api/openstack/test_zones.py
index 65cc1c023..4df7c7feb 100644
--- a/nova/tests/api/openstack/test_zones.py
+++ b/nova/tests/api/openstack/test_zones.py
@@ -1,4 +1,4 @@
-# Copyright 2010 OpenStack LLC.
+# Copyright 2011 OpenStack LLC.
 # All Rights Reserved.
 #
 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
@@ -24,6 +24,7 @@ from nova import context
 from nova import flags
 from nova.api.openstack import zones
 from nova.tests.api.openstack import fakes
+from nova.scheduler.api import API
 
 
 FLAGS = flags.FLAGS
@@ -31,7 +32,7 @@ FLAGS.verbose = True
 
 
 def zone_get(context, zone_id):
-    return dict(id=1, api_url='http://foo.com', username='bob',
+    return dict(id=1, api_url='http://example.com', username='bob',
                 password='xxx')
 
 
@@ -42,7 +43,7 @@ def zone_create(context, values):
 
 
 def zone_update(context, zone_id, values):
-    zone = dict(id=zone_id, api_url='http://foo.com', username='bob',
+    zone = dict(id=zone_id, api_url='http://example.com', username='bob',
                 password='xxx')
     zone.update(values)
     return zone
@@ -52,24 +53,24 @@ def zone_delete(context, zone_id):
     pass
 
 
-def zone_get_all_scheduler(x, y, z):
+def zone_get_all_scheduler(*args):
     return [
-        dict(id=1, api_url='http://foo.com', username='bob',
+        dict(id=1, api_url='http://example.com', username='bob',
                  password='xxx'),
-        dict(id=2, api_url='http://blah.com', username='alice',
+        dict(id=2, api_url='http://example.org', username='alice',
                  password='qwerty')
     ]
 
 
-def zone_get_all_scheduler_empty(x, y, z):
+def zone_get_all_scheduler_empty(*args):
     return []
 
 
 def zone_get_all_db(context):
     return [
-        dict(id=1, api_url='http://foo.com', username='bob',
+        dict(id=1, api_url='http://example.com', username='bob',
                  password='xxx'),
-        dict(id=2, api_url='http://blah.com', username='alice',
+        dict(id=2, api_url='http://example.org', username='alice',
                  password='qwerty')
     ]
 
@@ -96,8 +97,7 @@ class ZonesTest(unittest.TestCase):
         FLAGS.allow_admin_api = self.allow_admin
 
     def test_get_zone_list_scheduler(self):
-        self.stubs.Set(zones.Controller, '_call_scheduler',
-                            zone_get_all_scheduler)
+        self.stubs.Set(API, '_call_scheduler', zone_get_all_scheduler)
         req = webob.Request.blank('/v1.0/zones')
         res = req.get_response(fakes.wsgi_app())
         res_dict = json.loads(res.body)
@@ -106,8 +106,7 @@ class ZonesTest(unittest.TestCase):
         self.assertEqual(len(res_dict['zones']), 2)
 
     def test_get_zone_list_db(self):
-        self.stubs.Set(zones.Controller, '_call_scheduler',
-            zone_get_all_scheduler_empty)
+        self.stubs.Set(API, '_call_scheduler', zone_get_all_scheduler_empty)
         self.stubs.Set(nova.db, 'zone_get_all', zone_get_all_db)
         req = webob.Request.blank('/v1.0/zones')
         res = req.get_response(fakes.wsgi_app())
@@ -122,7 +121,7 @@ class ZonesTest(unittest.TestCase):
         res_dict = json.loads(res.body)
 
         self.assertEqual(res_dict['zone']['id'], 1)
-        self.assertEqual(res_dict['zone']['api_url'], 'http://foo.com')
+        self.assertEqual(res_dict['zone']['api_url'], 'http://example.com')
         self.assertFalse('password' in res_dict['zone'])
         self.assertEqual(res.status_int, 200)
 
@@ -133,7 +132,7 @@ class ZonesTest(unittest.TestCase):
         self.assertEqual(res.status_int, 200)
 
     def test_zone_create(self):
-        body = dict(zone=dict(api_url='http://blah.zoo', username='fred',
+        body = dict(zone=dict(api_url='http://example.com', username='fred',
                         password='fubar'))
         req = webob.Request.blank('/v1.0/zones')
         req.method = 'POST'
@@ -144,7 +143,7 @@ class ZonesTest(unittest.TestCase):
 
         self.assertEqual(res.status_int, 200)
         self.assertEqual(res_dict['zone']['id'], 1)
-        self.assertEqual(res_dict['zone']['api_url'], 'http://blah.zoo')
+        self.assertEqual(res_dict['zone']['api_url'], 'http://example.com')
         self.assertFalse('username' in res_dict['zone'])
 
     def test_zone_update(self):
@@ -158,7 +157,7 @@ class ZonesTest(unittest.TestCase):
 
         self.assertEqual(res.status_int, 200)
         self.assertEqual(res_dict['zone']['id'], 1)
-        self.assertEqual(res_dict['zone']['api_url'], 'http://foo.com')
+        self.assertEqual(res_dict['zone']['api_url'], 'http://example.com')
         self.assertFalse('username' in res_dict['zone'])
 
 
-- 
cgit 


From 5812a95736b9a16733b99700e8664dd29ae34def Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Fri, 18 Feb 2011 22:10:06 +0100
Subject: Introduce IptablesManager in linux_net. Port every use of iptables in
 linux_net to it.

---
 nova/tests/test_network.py | 59 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)

(limited to 'nova/tests')

diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index 00f9323f3..b28d64245 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -29,11 +29,70 @@ from nova import log as logging
 from nova import test
 from nova import utils
 from nova.auth import manager
+from nova.network import linux_net
 
 FLAGS = flags.FLAGS
 LOG = logging.getLogger('nova.tests.network')
 
 
+class IptablesManagerTestCase(test.TestCase):
+    sample_filter = """# Completed on Fri Feb 18 15:17:05 2011
+# Generated by iptables-save v1.4.10 on Fri Feb 18 15:17:05 2011
+*filter
+:INPUT ACCEPT [2223527:305688874]
+:FORWARD ACCEPT [0:0]
+:OUTPUT ACCEPT [2172501:140856656]
+-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT 
+-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT 
+-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT 
+-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT 
+-A FORWARD -d 192.168.122.0/24 -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
+-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT 
+-A FORWARD -i virbr0 -o virbr0 -j ACCEPT 
+-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable 
+-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable 
+COMMIT
+# Completed on Fri Feb 18 15:17:05 2011"""
+
+    def setUp(self):
+        super(IptablesManagerTestCase, self).setUp()
+        self.manager = linux_net.IptablesManager()
+
+    def test_rules_are_wrapped(self):
+        current_lines = self.sample_filter.split('\n')
+
+        table = self.manager.ipv4['filter']
+        table.add_rule('FORWARD', '-s 1.2.3.4/5 -j DROP')
+        new_lines = self.manager.modify_rules(current_lines, table)
+        self.assertTrue('-A run_tests.py-FORWARD '
+                        '-s 1.2.3.4/5 -j DROP' in new_lines)
+
+        table.remove_rule('FORWARD', '-s 1.2.3.4/5 -j DROP')
+        new_lines = self.manager.modify_rules(current_lines, table)
+        self.assertTrue('-A run_tests.py-FORWARD '
+                        '-s 1.2.3.4/5 -j DROP' not in new_lines)
+
+    def test_wrapper_rules_in_place(self):
+        current_lines = self.sample_filter.split('\n')
+
+        # TODO(soren): Add stuff for ipv6
+        check_matrix = {4: {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
+                            'nat': ['PREROUTING', 'INPUT',
+                                    'OUTPUT', 'POSTROUTING']} }
+
+        for ip_version in check_matrix:
+            ip = getattr(self.manager, 'ipv%d' % ip_version)
+            for table_name in ip:
+                table = ip[table_name]
+                new_lines = self.manager.modify_rules(current_lines, table)
+                for chain in check_matrix[ip_version][table_name]:
+                    self.assertTrue(':run_tests.py-%s - [0:0]' % \
+                                    (chain,) in new_lines)
+                    self.assertTrue('-A %s -j run_tests.py-%s' % \
+                                    (chain, chain) in new_lines)
+                print '\n'.join(new_lines)
+
+
 class NetworkTestCase(test.TestCase):
     """Test cases for network code"""
     def setUp(self):
-- 
cgit 


From 18e573a14414838f11e772edca3eb5510f852c94 Mon Sep 17 00:00:00 2001
From: Sandy Walsh <sandy.walsh@rackspace.com>
Date: Fri, 18 Feb 2011 17:45:57 -0400
Subject: sandy y u no read hacking guide and import classes?

---
 nova/tests/api/openstack/test_zones.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/api/openstack/test_zones.py b/nova/tests/api/openstack/test_zones.py
index 4df7c7feb..4374cd457 100644
--- a/nova/tests/api/openstack/test_zones.py
+++ b/nova/tests/api/openstack/test_zones.py
@@ -24,7 +24,7 @@ from nova import context
 from nova import flags
 from nova.api.openstack import zones
 from nova.tests.api.openstack import fakes
-from nova.scheduler.api import API
+from nova.scheduler import api
 
 
 FLAGS = flags.FLAGS
@@ -97,7 +97,7 @@ class ZonesTest(unittest.TestCase):
         FLAGS.allow_admin_api = self.allow_admin
 
     def test_get_zone_list_scheduler(self):
-        self.stubs.Set(API, '_call_scheduler', zone_get_all_scheduler)
+        self.stubs.Set(api.API, '_call_scheduler', zone_get_all_scheduler)
         req = webob.Request.blank('/v1.0/zones')
         res = req.get_response(fakes.wsgi_app())
         res_dict = json.loads(res.body)
@@ -106,7 +106,8 @@ class ZonesTest(unittest.TestCase):
         self.assertEqual(len(res_dict['zones']), 2)
 
     def test_get_zone_list_db(self):
-        self.stubs.Set(API, '_call_scheduler', zone_get_all_scheduler_empty)
+        self.stubs.Set(api.API, '_call_scheduler',
+                                zone_get_all_scheduler_empty)
         self.stubs.Set(nova.db, 'zone_get_all', zone_get_all_db)
         req = webob.Request.blank('/v1.0/zones')
         res = req.get_response(fakes.wsgi_app())
-- 
cgit 


From cfd6d4e403dcb2405cd7ff48bad3083a02159d2c Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Sat, 19 Feb 2011 00:14:08 +0100
Subject: Port libvirt_conn.IptablesDriver over to use
 linux_net.IptablesManager

---
 nova/tests/test_virt.py | 55 ++++++++++++++++++++++++++++++++-----------------
 1 file changed, 36 insertions(+), 19 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py
index 6e5a0114b..a88e01818 100644
--- a/nova/tests/test_virt.py
+++ b/nova/tests/test_virt.py
@@ -14,6 +14,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 
+import re
 from xml.etree.ElementTree import fromstring as xml_to_tree
 from xml.dom.minidom import parseString as xml_to_dom
 
@@ -233,16 +234,22 @@ class IptablesFirewallTestCase(test.TestCase):
         self.manager.delete_user(self.user)
         super(IptablesFirewallTestCase, self).tearDown()
 
-    in_rules = [
+    in_nat_rules = [
+      '# Generated by iptables-save v1.4.10 on Sat Feb 19 00:03:19 2011',
+      '*nat',
+      ':PREROUTING ACCEPT [1170:189210]',
+      ':INPUT ACCEPT [844:71028]',
+      ':OUTPUT ACCEPT [5149:405186]',
+      ':POSTROUTING ACCEPT [5063:386098]'
+    ]
+
+    in_filter_rules = [
       '# Generated by iptables-save v1.4.4 on Mon Dec  6 11:54:13 2010',
       '*filter',
       ':INPUT ACCEPT [969615:281627771]',
       ':FORWARD ACCEPT [0:0]',
       ':OUTPUT ACCEPT [915599:63811649]',
       ':nova-block-ipv4 - [0:0]',
-      '-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT ',
-      '-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT ',
-      '-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT ',
       '-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT ',
       '-A FORWARD -d 192.168.122.0/24 -o virbr0 -m state --state RELATED'
       ',ESTABLISHED -j ACCEPT ',
@@ -254,7 +261,7 @@ class IptablesFirewallTestCase(test.TestCase):
       '# Completed on Mon Dec  6 11:54:13 2010',
     ]
 
-    in6_rules = [
+    in6_filter_rules = [
       '# Generated by ip6tables-save v1.4.4 on Tue Jan 18 23:47:56 2011',
       '*filter',
       ':INPUT ACCEPT [349155:75810423]',
@@ -314,23 +321,31 @@ class IptablesFirewallTestCase(test.TestCase):
         instance_ref = db.instance_get(admin_ctxt, instance_ref['id'])
 
 #        self.fw.add_instance(instance_ref)
-        def fake_iptables_execute(cmd, process_input=None):
+        def fake_iptables_execute(cmd, process_input=None, attempts=5):
             if cmd == 'sudo ip6tables-save -t filter':
-                return '\n'.join(self.in6_rules), None
+                return '\n'.join(self.in6_filter_rules), None
             if cmd == 'sudo iptables-save -t filter':
-                return '\n'.join(self.in_rules), None
+                return '\n'.join(self.in_filter_rules), None
+            if cmd == 'sudo iptables-save -t nat':
+                return '\n'.join(self.in_nat_rules), None
             if cmd == 'sudo iptables-restore':
-                self.out_rules = process_input.split('\n')
+                lines = process_input.split('\n')
+                if '*filter' in lines:
+                    self.out_rules = lines
                 return '', ''
             if cmd == 'sudo ip6tables-restore':
-                self.out6_rules = process_input.split('\n')
+                lines = process_input.split('\n')
+                if '*filter' in lines:
+                    self.out6_rules = lines
                 return '', ''
-        self.fw.execute = fake_iptables_execute
+
+        from nova.network import linux_net
+        linux_net.iptables_manager.execute = fake_iptables_execute
 
         self.fw.prepare_instance_filter(instance_ref)
         self.fw.apply_instance_filter(instance_ref)
 
-        in_rules = filter(lambda l: not l.startswith('#'), self.in_rules)
+        in_rules = filter(lambda l: not l.startswith('#'), self.in_filter_rules)
         for rule in in_rules:
             if not 'nova' in rule:
                 self.assertTrue(rule in self.out_rules,
@@ -338,6 +353,7 @@ class IptablesFirewallTestCase(test.TestCase):
 
         instance_chain = None
         for rule in self.out_rules:
+            print rule
             # This is pretty crude, but it'll do for now
             if '-d 10.11.12.13 -j' in rule:
                 instance_chain = rule.split(' ')[-1]
@@ -353,17 +369,18 @@ class IptablesFirewallTestCase(test.TestCase):
         self.assertTrue(security_group_chain,
                         "The security group chain wasn't added")
 
-        self.assertTrue('-A %s -p icmp -s 192.168.11.0/24 -j ACCEPT' % \
-                               security_group_chain in self.out_rules,
+        regex = re.compile('-A .* -p icmp -s 192.168.11.0/24 -j ACCEPT')
+        self.assertTrue(len(filter(regex.match, self.out_rules)) > 0,
                         "ICMP acceptance rule wasn't added")
 
-        self.assertTrue('-A %s -p icmp -s 192.168.11.0/24 -m icmp --icmp-type '
-                        '8 -j ACCEPT' % security_group_chain in self.out_rules,
+        regex = re.compile('-A .* -p icmp -s 192.168.11.0/24 -m icmp '
+                           '--icmp-type 8 -j ACCEPT')
+        self.assertTrue(len(filter(regex.match, self.out_rules)) > 0,
                         "ICMP Echo Request acceptance rule wasn't added")
 
-        self.assertTrue('-A %s -p tcp -s 192.168.10.0/24 -m multiport '
-                        '--dports 80:81 -j ACCEPT' % security_group_chain \
-                            in self.out_rules,
+        regex = re.compile('-A .* -p tcp -s 192.168.10.0/24 -m multiport '
+                           '--dports 80:81 -j ACCEPT')
+        self.assertTrue(len(filter(regex.match, self.out_rules)) > 0,
                         "TCP port 80/81 acceptance rule wasn't added")
 
 
-- 
cgit 


From a57dffb5fdfbfac59b9ddbe7b33d6f03b7b748ba Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Mon, 21 Feb 2011 14:16:42 +0100
Subject: PEP-8 fixes

---
 nova/tests/test_network.py | 21 +++++++++------------
 nova/tests/test_virt.py    |  3 ++-
 2 files changed, 11 insertions(+), 13 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index b28d64245..c9a62a391 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -42,15 +42,14 @@ class IptablesManagerTestCase(test.TestCase):
 :INPUT ACCEPT [2223527:305688874]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [2172501:140856656]
--A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT 
--A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT 
--A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT 
--A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT 
--A FORWARD -d 192.168.122.0/24 -o virbr0 -m state --state RELATED,ESTABLISHED -j ACCEPT 
--A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT 
--A FORWARD -i virbr0 -o virbr0 -j ACCEPT 
--A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable 
--A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable 
+-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
+-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
+-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
+-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
+-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
+-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
+-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
+-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
 COMMIT
 # Completed on Fri Feb 18 15:17:05 2011"""
 
@@ -77,8 +76,7 @@ COMMIT
 
         # TODO(soren): Add stuff for ipv6
         check_matrix = {4: {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
-                            'nat': ['PREROUTING', 'INPUT',
-                                    'OUTPUT', 'POSTROUTING']} }
+                            'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']}}
 
         for ip_version in check_matrix:
             ip = getattr(self.manager, 'ipv%d' % ip_version)
@@ -90,7 +88,6 @@ COMMIT
                                     (chain,) in new_lines)
                     self.assertTrue('-A %s -j run_tests.py-%s' % \
                                     (chain, chain) in new_lines)
-                print '\n'.join(new_lines)
 
 
 class NetworkTestCase(test.TestCase):
diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py
index a88e01818..11201788c 100644
--- a/nova/tests/test_virt.py
+++ b/nova/tests/test_virt.py
@@ -345,7 +345,8 @@ class IptablesFirewallTestCase(test.TestCase):
         self.fw.prepare_instance_filter(instance_ref)
         self.fw.apply_instance_filter(instance_ref)
 
-        in_rules = filter(lambda l: not l.startswith('#'), self.in_filter_rules)
+        in_rules = filter(lambda l: not l.startswith('#'),
+                          self.in_filter_rules)
         for rule in in_rules:
             if not 'nova' in rule:
                 self.assertTrue(rule in self.out_rules,
-- 
cgit 


From 3d2ec0f594e02018a32c8d0d7a8cc46f7ab4c849 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Mon, 21 Feb 2011 14:39:02 +0100
Subject: Wrap ipv6 rules, too

---
 nova/tests/test_network.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index c9a62a391..f1d4fe133 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -76,7 +76,8 @@ COMMIT
 
         # TODO(soren): Add stuff for ipv6
         check_matrix = {4: {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
-                            'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']}}
+                            'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']},
+                        6: {'filter': ['INPUT', 'OUTPUT', 'FORWARD']}}
 
         for ip_version in check_matrix:
             ip = getattr(self.manager, 'ipv%d' % ip_version)
-- 
cgit 


From c53bb1718a9b5900d09637d0ee966dadbf073900 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Tue, 22 Feb 2011 09:00:29 +0100
Subject: Address some review comments.

---
 nova/tests/test_virt.py | 1 -
 1 file changed, 1 deletion(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py
index 11201788c..c2c7c8337 100644
--- a/nova/tests/test_virt.py
+++ b/nova/tests/test_virt.py
@@ -354,7 +354,6 @@ class IptablesFirewallTestCase(test.TestCase):
 
         instance_chain = None
         for rule in self.out_rules:
-            print rule
             # This is pretty crude, but it'll do for now
             if '-d 10.11.12.13 -j' in rule:
                 instance_chain = rule.split(' ')[-1]
-- 
cgit 


From bf37fb0ab5503a077a3d9e4109990d252e27cb15 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Tue, 22 Feb 2011 11:29:58 +0100
Subject: Add a bunch of tests for everything.

Add a 'head' kwarg to add_rule that lets the rule bubble to the top. This is needed for nova-filter-top to end up at the top.
---
 nova/tests/test_network.py | 128 +++++++++++++++++++++++++++++++++++++--------
 1 file changed, 106 insertions(+), 22 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index f1d4fe133..afd38272d 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -36,12 +36,22 @@ LOG = logging.getLogger('nova.tests.network')
 
 
 class IptablesManagerTestCase(test.TestCase):
-    sample_filter = """# Completed on Fri Feb 18 15:17:05 2011
-# Generated by iptables-save v1.4.10 on Fri Feb 18 15:17:05 2011
+    sample_filter = """# Generated by iptables-save on Fri Feb 18 15:17:05 2011
 *filter
 :INPUT ACCEPT [2223527:305688874]
 :FORWARD ACCEPT [0:0]
 :OUTPUT ACCEPT [2172501:140856656]
+:nova-compute-FORWARD - [0:0]
+:nova-compute-INPUT - [0:0]
+:nova-compute-local - [0:0]
+:nova-compute-OUTPUT - [0:0]
+:nova-filter-top - [0:0]
+-A FORWARD -j nova-filter-top
+-A OUTPUT -j nova-filter-top
+-A nova-filter-top -j nova-compute-local
+-A INPUT -j nova-compute-INPUT
+-A OUTPUT -j nova-compute-OUTPUT
+-A FORWARD -j nova-compute-FORWARD
 -A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
 -A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
 -A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
@@ -53,42 +63,116 @@ class IptablesManagerTestCase(test.TestCase):
 COMMIT
 # Completed on Fri Feb 18 15:17:05 2011"""
 
+    sample_nat = """# Generated by iptables-save on Fri Feb 18 15:17:05 2011
+*nat
+:PREROUTING ACCEPT [3936:762355]
+:INPUT ACCEPT [2447:225266]
+:OUTPUT ACCEPT [63491:4191863]
+:POSTROUTING ACCEPT [63112:4108641]
+:nova-compute-OUTPUT - [0:0]
+:nova-compute-floating-ip-snat - [0:0]
+:nova-compute-SNATTING - [0:0]
+:nova-compute-PREROUTING - [0:0]
+:nova-compute-POSTROUTING - [0:0]
+:nova-postrouting-bottom - [0:0]
+-A PREROUTING -j nova-compute-PREROUTING
+-A OUTPUT -j nova-compute-OUTPUT
+-A POSTROUTING -j nova-compute-POSTROUTING
+-A POSTROUTING -j nova-postrouting-bottom
+-A nova-postrouting-bottom -j nova-compute-SNATTING
+-A nova-compute-SNATTING -j nova-compute-floating-ip-snat
+COMMIT
+# Completed on Fri Feb 18 15:17:05 2011
+"""
+
     def setUp(self):
         super(IptablesManagerTestCase, self).setUp()
         self.manager = linux_net.IptablesManager()
 
-    def test_rules_are_wrapped(self):
+        
+    def test_filter_rules_are_wrapped(self):
         current_lines = self.sample_filter.split('\n')
 
         table = self.manager.ipv4['filter']
         table.add_rule('FORWARD', '-s 1.2.3.4/5 -j DROP')
-        new_lines = self.manager.modify_rules(current_lines, table)
+        new_lines = self.manager._modify_rules(current_lines, table)
         self.assertTrue('-A run_tests.py-FORWARD '
                         '-s 1.2.3.4/5 -j DROP' in new_lines)
 
         table.remove_rule('FORWARD', '-s 1.2.3.4/5 -j DROP')
-        new_lines = self.manager.modify_rules(current_lines, table)
+        new_lines = self.manager._modify_rules(current_lines, table)
         self.assertTrue('-A run_tests.py-FORWARD '
                         '-s 1.2.3.4/5 -j DROP' not in new_lines)
 
-    def test_wrapper_rules_in_place(self):
-        current_lines = self.sample_filter.split('\n')
+    def test_nat_rules(self):
+        current_lines = self.sample_nat.split('\n')
+        new_lines = self.manager._modify_rules(current_lines,
+                                               self.manager.ipv4['nat'])
+
+        for line in [':nova-compute-OUTPUT - [0:0]',
+                     ':nova-compute-floating-ip-snat - [0:0]',
+                     ':nova-compute-SNATTING - [0:0]',
+                     ':nova-compute-PREROUTING - [0:0]',
+                     ':nova-compute-POSTROUTING - [0:0]']:
+             self.assertTrue(line in new_lines, "One of nova-compute's chains "
+                                                "went missing.")
+
+        seen_lines = set()
+        for line in new_lines:
+            self.assertTrue(line not in seen_lines,
+                            "Duplicate line: %s" % line)
+            seen_lines.add(line)
 
-        # TODO(soren): Add stuff for ipv6
-        check_matrix = {4: {'filter': ['INPUT', 'OUTPUT', 'FORWARD'],
-                            'nat': ['PREROUTING', 'OUTPUT', 'POSTROUTING']},
-                        6: {'filter': ['INPUT', 'OUTPUT', 'FORWARD']}}
-
-        for ip_version in check_matrix:
-            ip = getattr(self.manager, 'ipv%d' % ip_version)
-            for table_name in ip:
-                table = ip[table_name]
-                new_lines = self.manager.modify_rules(current_lines, table)
-                for chain in check_matrix[ip_version][table_name]:
-                    self.assertTrue(':run_tests.py-%s - [0:0]' % \
-                                    (chain,) in new_lines)
-                    self.assertTrue('-A %s -j run_tests.py-%s' % \
-                                    (chain, chain) in new_lines)
+        last_postrouting_line = ''
+
+        for line in new_lines:
+            if line.startswith('-A POSTROUTING'):
+                last_postrouting_line = line
+
+        self.assertTrue('-j nova-postrouting-bottom' in last_postrouting_line,
+                        "Last POSTROUTING rule does not jump to "
+                        "nova-postouting-bottom: %s" % last_postrouting_line)
+
+        for chain in ['POSTROUTING', 'PREROUTING', 'OUTPUT']:
+            self.assertTrue('-A %s -j run_tests.py-%s' \
+                            % (chain, chain) in new_lines,
+                            "Built-in chain %s not wrapped" % (chain,))
+
+
+    def test_filter_rules(self):
+        current_lines = self.sample_filter.split('\n')
+        new_lines = self.manager._modify_rules(current_lines,
+                                               self.manager.ipv4['filter'])
+
+        for line in [':nova-compute-FORWARD - [0:0]',
+                     ':nova-compute-INPUT - [0:0]',
+                     ':nova-compute-local - [0:0]',
+                     ':nova-compute-OUTPUT - [0:0]']:
+             self.assertTrue(line in new_lines, "One of nova-compute's chains"
+                                                " went missing.")
+
+        seen_lines = set()
+        for line in new_lines:
+            self.assertTrue(line not in seen_lines,
+                            "Duplicate line: %s" % line)
+            seen_lines.add(line)
+
+        for chain in ['FORWARD', 'OUTPUT']:
+            for line in new_lines:
+                if line.startswith('-A %s' % chain):
+                    self.assertTrue('-j nova-filter-top' in line,
+                                    "First %s rule does not "
+                                    "jump to nova-filter-top" % chain)
+                    break
+
+        self.assertTrue('-A nova-filter-top '
+                        '-j run_tests.py-local' in new_lines,
+                        "nova-filter-top does not jump to wrapped local chain")
+
+        for chain in ['INPUT', 'OUTPUT', 'FORWARD']:
+            self.assertTrue('-A %s -j run_tests.py-%s' \
+                            % (chain, chain) in new_lines,
+                            "Built-in chain %s not wrapped" % (chain,))
 
 
 class NetworkTestCase(test.TestCase):
-- 
cgit 


From b5e6601f76d64a96d6c7de5e9acdf5a8cf0fe8e9 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Tue, 22 Feb 2011 12:21:29 +0100
Subject: PEP8 adjustments.

---
 nova/tests/test_network.py | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index afd38272d..2bdf3709e 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -89,7 +89,6 @@ COMMIT
         super(IptablesManagerTestCase, self).setUp()
         self.manager = linux_net.IptablesManager()
 
-        
     def test_filter_rules_are_wrapped(self):
         current_lines = self.sample_filter.split('\n')
 
@@ -114,8 +113,8 @@ COMMIT
                      ':nova-compute-SNATTING - [0:0]',
                      ':nova-compute-PREROUTING - [0:0]',
                      ':nova-compute-POSTROUTING - [0:0]']:
-             self.assertTrue(line in new_lines, "One of nova-compute's chains "
-                                                "went missing.")
+            self.assertTrue(line in new_lines, "One of nova-compute's chains "
+                                               "went missing.")
 
         seen_lines = set()
         for line in new_lines:
@@ -138,7 +137,6 @@ COMMIT
                             % (chain, chain) in new_lines,
                             "Built-in chain %s not wrapped" % (chain,))
 
-
     def test_filter_rules(self):
         current_lines = self.sample_filter.split('\n')
         new_lines = self.manager._modify_rules(current_lines,
@@ -148,8 +146,8 @@ COMMIT
                      ':nova-compute-INPUT - [0:0]',
                      ':nova-compute-local - [0:0]',
                      ':nova-compute-OUTPUT - [0:0]']:
-             self.assertTrue(line in new_lines, "One of nova-compute's chains"
-                                                " went missing.")
+            self.assertTrue(line in new_lines, "One of nova-compute's chains"
+                                               " went missing.")
 
         seen_lines = set()
         for line in new_lines:
-- 
cgit 


From 443f01ef7d977ba6ff86508b908f66733bdd989e Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Tue, 22 Feb 2011 14:32:20 +0100
Subject: Account for the fact that iptables-save outputs rules with a space at
 the end. Reverse the rule deduplication so that the last one takes
 precedence.

---
 nova/tests/test_network.py | 42 ++++++++++++++++++++++--------------------
 1 file changed, 22 insertions(+), 20 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index 2bdf3709e..b1d70e323 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -46,20 +46,20 @@ class IptablesManagerTestCase(test.TestCase):
 :nova-compute-local - [0:0]
 :nova-compute-OUTPUT - [0:0]
 :nova-filter-top - [0:0]
--A FORWARD -j nova-filter-top
--A OUTPUT -j nova-filter-top
--A nova-filter-top -j nova-compute-local
--A INPUT -j nova-compute-INPUT
--A OUTPUT -j nova-compute-OUTPUT
--A FORWARD -j nova-compute-FORWARD
--A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
--A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
--A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
--A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
--A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
--A FORWARD -i virbr0 -o virbr0 -j ACCEPT
--A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
--A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
+-A FORWARD -j nova-filter-top 
+-A OUTPUT -j nova-filter-top 
+-A nova-filter-top -j nova-compute-local 
+-A INPUT -j nova-compute-INPUT 
+-A OUTPUT -j nova-compute-OUTPUT 
+-A FORWARD -j nova-compute-FORWARD 
+-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT 
+-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT 
+-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT 
+-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT 
+-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT 
+-A FORWARD -i virbr0 -o virbr0 -j ACCEPT 
+-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable 
+-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable 
 COMMIT
 # Completed on Fri Feb 18 15:17:05 2011"""
 
@@ -75,12 +75,12 @@ COMMIT
 :nova-compute-PREROUTING - [0:0]
 :nova-compute-POSTROUTING - [0:0]
 :nova-postrouting-bottom - [0:0]
--A PREROUTING -j nova-compute-PREROUTING
--A OUTPUT -j nova-compute-OUTPUT
--A POSTROUTING -j nova-compute-POSTROUTING
--A POSTROUTING -j nova-postrouting-bottom
--A nova-postrouting-bottom -j nova-compute-SNATTING
--A nova-compute-SNATTING -j nova-compute-floating-ip-snat
+-A PREROUTING -j nova-compute-PREROUTING 
+-A OUTPUT -j nova-compute-OUTPUT 
+-A POSTROUTING -j nova-compute-POSTROUTING 
+-A POSTROUTING -j nova-postrouting-bottom 
+-A nova-postrouting-bottom -j nova-compute-SNATTING 
+-A nova-compute-SNATTING -j nova-compute-floating-ip-snat 
 COMMIT
 # Completed on Fri Feb 18 15:17:05 2011
 """
@@ -118,6 +118,7 @@ COMMIT
 
         seen_lines = set()
         for line in new_lines:
+            line = line.strip()
             self.assertTrue(line not in seen_lines,
                             "Duplicate line: %s" % line)
             seen_lines.add(line)
@@ -151,6 +152,7 @@ COMMIT
 
         seen_lines = set()
         for line in new_lines:
+            line = line.strip()
             self.assertTrue(line not in seen_lines,
                             "Duplicate line: %s" % line)
             seen_lines.add(line)
-- 
cgit 


From 7eee81ee6480a36b179ae26be88ebad9415c4b62 Mon Sep 17 00:00:00 2001
From: Soren Hansen <soren@linux2go.dk>
Date: Tue, 22 Feb 2011 14:40:00 +0100
Subject: PEP8 again

---
 nova/tests/test_network.py | 103 +++++++++++++++++++++++----------------------
 1 file changed, 52 insertions(+), 51 deletions(-)

(limited to 'nova/tests')

diff --git a/nova/tests/test_network.py b/nova/tests/test_network.py
index b1d70e323..d3a23abf4 100644
--- a/nova/tests/test_network.py
+++ b/nova/tests/test_network.py
@@ -36,61 +36,62 @@ LOG = logging.getLogger('nova.tests.network')
 
 
 class IptablesManagerTestCase(test.TestCase):
-    sample_filter = """# Generated by iptables-save on Fri Feb 18 15:17:05 2011
-*filter
-:INPUT ACCEPT [2223527:305688874]
-:FORWARD ACCEPT [0:0]
-:OUTPUT ACCEPT [2172501:140856656]
-:nova-compute-FORWARD - [0:0]
-:nova-compute-INPUT - [0:0]
-:nova-compute-local - [0:0]
-:nova-compute-OUTPUT - [0:0]
-:nova-filter-top - [0:0]
--A FORWARD -j nova-filter-top 
--A OUTPUT -j nova-filter-top 
--A nova-filter-top -j nova-compute-local 
--A INPUT -j nova-compute-INPUT 
--A OUTPUT -j nova-compute-OUTPUT 
--A FORWARD -j nova-compute-FORWARD 
--A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT 
--A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT 
--A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT 
--A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT 
--A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT 
--A FORWARD -i virbr0 -o virbr0 -j ACCEPT 
--A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable 
--A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable 
-COMMIT
-# Completed on Fri Feb 18 15:17:05 2011"""
-
-    sample_nat = """# Generated by iptables-save on Fri Feb 18 15:17:05 2011
-*nat
-:PREROUTING ACCEPT [3936:762355]
-:INPUT ACCEPT [2447:225266]
-:OUTPUT ACCEPT [63491:4191863]
-:POSTROUTING ACCEPT [63112:4108641]
-:nova-compute-OUTPUT - [0:0]
-:nova-compute-floating-ip-snat - [0:0]
-:nova-compute-SNATTING - [0:0]
-:nova-compute-PREROUTING - [0:0]
-:nova-compute-POSTROUTING - [0:0]
-:nova-postrouting-bottom - [0:0]
--A PREROUTING -j nova-compute-PREROUTING 
--A OUTPUT -j nova-compute-OUTPUT 
--A POSTROUTING -j nova-compute-POSTROUTING 
--A POSTROUTING -j nova-postrouting-bottom 
--A nova-postrouting-bottom -j nova-compute-SNATTING 
--A nova-compute-SNATTING -j nova-compute-floating-ip-snat 
-COMMIT
-# Completed on Fri Feb 18 15:17:05 2011
-"""
+    sample_filter = ['#Generated by iptables-save on Fri Feb 18 15:17:05 2011',
+                     '*filter',
+                     ':INPUT ACCEPT [2223527:305688874]',
+                     ':FORWARD ACCEPT [0:0]',
+                     ':OUTPUT ACCEPT [2172501:140856656]',
+                     ':nova-compute-FORWARD - [0:0]',
+                     ':nova-compute-INPUT - [0:0]',
+                     ':nova-compute-local - [0:0]',
+                     ':nova-compute-OUTPUT - [0:0]',
+                     ':nova-filter-top - [0:0]',
+                     '-A FORWARD -j nova-filter-top ',
+                     '-A OUTPUT -j nova-filter-top ',
+                     '-A nova-filter-top -j nova-compute-local ',
+                     '-A INPUT -j nova-compute-INPUT ',
+                     '-A OUTPUT -j nova-compute-OUTPUT ',
+                     '-A FORWARD -j nova-compute-FORWARD ',
+                     '-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT ',
+                     '-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT ',
+                     '-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT ',
+                     '-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT ',
+                     '-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT ',
+                     '-A FORWARD -i virbr0 -o virbr0 -j ACCEPT ',
+                     '-A FORWARD -o virbr0 -j REJECT --reject-with '
+                     'icmp-port-unreachable ',
+                     '-A FORWARD -i virbr0 -j REJECT --reject-with '
+                     'icmp-port-unreachable ',
+                     'COMMIT',
+                     '# Completed on Fri Feb 18 15:17:05 2011']
+
+    sample_nat = ['# Generated by iptables-save on Fri Feb 18 15:17:05 2011',
+                  '*nat',
+                  ':PREROUTING ACCEPT [3936:762355]',
+                  ':INPUT ACCEPT [2447:225266]',
+                  ':OUTPUT ACCEPT [63491:4191863]',
+                  ':POSTROUTING ACCEPT [63112:4108641]',
+                  ':nova-compute-OUTPUT - [0:0]',
+                  ':nova-compute-floating-ip-snat - [0:0]',
+                  ':nova-compute-SNATTING - [0:0]',
+                  ':nova-compute-PREROUTING - [0:0]',
+                  ':nova-compute-POSTROUTING - [0:0]',
+                  ':nova-postrouting-bottom - [0:0]',
+                  '-A PREROUTING -j nova-compute-PREROUTING ',
+                  '-A OUTPUT -j nova-compute-OUTPUT ',
+                  '-A POSTROUTING -j nova-compute-POSTROUTING ',
+                  '-A POSTROUTING -j nova-postrouting-bottom ',
+                  '-A nova-postrouting-bottom -j nova-compute-SNATTING ',
+                  '-A nova-compute-SNATTING -j nova-compute-floating-ip-snat ',
+                  'COMMIT',
+                  '# Completed on Fri Feb 18 15:17:05 2011']
 
     def setUp(self):
         super(IptablesManagerTestCase, self).setUp()
         self.manager = linux_net.IptablesManager()
 
     def test_filter_rules_are_wrapped(self):
-        current_lines = self.sample_filter.split('\n')
+        current_lines = self.sample_filter
 
         table = self.manager.ipv4['filter']
         table.add_rule('FORWARD', '-s 1.2.3.4/5 -j DROP')
@@ -104,7 +105,7 @@ COMMIT
                         '-s 1.2.3.4/5 -j DROP' not in new_lines)
 
     def test_nat_rules(self):
-        current_lines = self.sample_nat.split('\n')
+        current_lines = self.sample_nat
         new_lines = self.manager._modify_rules(current_lines,
                                                self.manager.ipv4['nat'])
 
@@ -139,7 +140,7 @@ COMMIT
                             "Built-in chain %s not wrapped" % (chain,))
 
     def test_filter_rules(self):
-        current_lines = self.sample_filter.split('\n')
+        current_lines = self.sample_filter
         new_lines = self.manager._modify_rules(current_lines,
                                                self.manager.ipv4['filter'])
 
-- 
cgit