areguera / rpms / ipa

Forked from rpms/ipa 5 years ago
Clone
86baa9
From 4850c91e063ddc0968a451ba9654c587f29a73d8 Mon Sep 17 00:00:00 2001
86baa9
From: Christian Heimes <cheimes@redhat.com>
86baa9
Date: Tue, 26 Mar 2019 16:43:55 +0100
86baa9
Subject: [PATCH] Test replica installation from hidden replica
86baa9
86baa9
Exercise ipa-replica-install with a hidden replica as source server and
86baa9
creation of replication agreements between a hidden and an enabled
86baa9
replica.
86baa9
86baa9
Reviewed-By: Thomas Woerner <twoerner@redhat.com>
86baa9
Reviewed-By: Francois Cami <fcami@redhat.com>
86baa9
---
86baa9
 ipatests/pytest_ipa/integration/tasks.py      | 22 ++++--
86baa9
 .../test_replica_promotion.py                 | 73 +++++++++++++++----
86baa9
 2 files changed, 74 insertions(+), 21 deletions(-)
86baa9
86baa9
diff --git a/ipatests/pytest_ipa/integration/tasks.py b/ipatests/pytest_ipa/integration/tasks.py
86baa9
index 1f0509189d2e3b3ad7402dd042d61e4ad4f97ed5..46506e4eee09dd1981777c8facef7c1938e07605 100644
86baa9
--- a/ipatests/pytest_ipa/integration/tasks.py
86baa9
+++ b/ipatests/pytest_ipa/integration/tasks.py
86baa9
@@ -691,28 +691,38 @@ def sync_time(host, server):
86baa9
     host.run_command(['ntpdate', server.hostname])
86baa9
 
86baa9
 
86baa9
-def connect_replica(master, replica, domain_level=None):
86baa9
+def connect_replica(master, replica, domain_level=None,
86baa9
+                    database=DOMAIN_SUFFIX_NAME):
86baa9
     if domain_level is None:
86baa9
         domain_level = master.config.domain_level
86baa9
     if domain_level == DOMAIN_LEVEL_0:
86baa9
-        replica.run_command(['ipa-replica-manage', 'connect', master.hostname])
86baa9
+        if database == DOMAIN_SUFFIX_NAME:
86baa9
+            cmd = 'ipa-replica-manage'
86baa9
+        else:
86baa9
+            cmd = 'ipa-csreplica-manage'
86baa9
+        replica.run_command([cmd, 'connect', master.hostname])
86baa9
     else:
86baa9
         kinit_admin(master)
86baa9
-        master.run_command(["ipa", "topologysegment-add", DOMAIN_SUFFIX_NAME,
86baa9
+        master.run_command(["ipa", "topologysegment-add", database,
86baa9
                             "%s-to-%s" % (master.hostname, replica.hostname),
86baa9
                             "--leftnode=%s" % master.hostname,
86baa9
                             "--rightnode=%s" % replica.hostname
86baa9
                             ])
86baa9
 
86baa9
 
86baa9
-def disconnect_replica(master, replica, domain_level=None):
86baa9
+def disconnect_replica(master, replica, domain_level=None,
86baa9
+                       database=DOMAIN_SUFFIX_NAME):
86baa9
     if domain_level is None:
86baa9
         domain_level = master.config.domain_level
86baa9
     if domain_level == DOMAIN_LEVEL_0:
86baa9
-        replica.run_command(['ipa-replica-manage', 'disconnect', master.hostname])
86baa9
+        if database == DOMAIN_SUFFIX_NAME:
86baa9
+            cmd = 'ipa-replica-manage'
86baa9
+        else:
86baa9
+            cmd = 'ipa-csreplica-manage'
86baa9
+        replica.run_command([cmd, 'disconnect', master.hostname])
86baa9
     else:
86baa9
         kinit_admin(master)
86baa9
-        master.run_command(["ipa", "topologysegment-del", DOMAIN_SUFFIX_NAME,
86baa9
+        master.run_command(["ipa", "topologysegment-del", database,
86baa9
                             "%s-to-%s" % (master.hostname, replica.hostname),
86baa9
                             "--continue"
86baa9
                             ])
86baa9
diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py
86baa9
index df71972a2ba3ad503011a558295bd38f587faf44..f9cc3d833072666fed348795c414e3840615ac70 100644
86baa9
--- a/ipatests/test_integration/test_replica_promotion.py
86baa9
+++ b/ipatests/test_integration/test_replica_promotion.py
86baa9
@@ -15,7 +15,8 @@ from ipatests.pytest_ipa.integration.tasks import (
86baa9
     assert_error, replicas_cleanup)
86baa9
 from ipatests.pytest_ipa.integration.env_config import get_global_config
86baa9
 from ipalib.constants import (
86baa9
-    DOMAIN_LEVEL_0, DOMAIN_LEVEL_1, DOMAIN_SUFFIX_NAME, IPA_CA_NICKNAME)
86baa9
+    DOMAIN_LEVEL_0, DOMAIN_LEVEL_1, DOMAIN_SUFFIX_NAME, IPA_CA_NICKNAME,
86baa9
+    CA_SUFFIX_NAME)
86baa9
 from ipaplatform.paths import paths
86baa9
 from ipatests.test_integration.test_backup_and_restore import backup
86baa9
 from ipatests.test_integration.test_dns_locations import (
86baa9
@@ -807,8 +808,8 @@ class TestReplicaInForwardZone(IntegrationTest):
86baa9
 class TestHiddenReplicaPromotion(IntegrationTest):
86baa9
     """Test hidden replica features
86baa9
     """
86baa9
-    topology = 'star'
86baa9
-    num_replicas = 1
86baa9
+    topology = None
86baa9
+    num_replicas = 2
86baa9
 
86baa9
     @classmethod
86baa9
     def install(cls, mh):
86baa9
@@ -850,8 +851,12 @@ class TestHiddenReplicaPromotion(IntegrationTest):
86baa9
                 value = host.hostname if rtype == 'SRV' else host.ip
86baa9
                 assert value not in txt
86baa9
 
86baa9
-    def _check_server_role(self, host, status):
86baa9
-        roles = [u'IPA master', u'CA server', u'KRA server', u'DNS server']
86baa9
+    def _check_server_role(self, host, status, kra=True, dns=True):
86baa9
+        roles = [u'IPA master', u'CA server']
86baa9
+        if kra:
86baa9
+            roles.append(u'KRA server')
86baa9
+        if dns:
86baa9
+            roles.append(u'DNS server')
86baa9
         for role in roles:
86baa9
             result = self.replicas[0].run_command([
86baa9
                 'ipa', 'server-role-find',
86baa9
@@ -936,6 +941,52 @@ class TestHiddenReplicaPromotion(IntegrationTest):
86baa9
         self._check_server_role(self.replicas[0], 'hidden')
86baa9
         self._check_dnsrecords([self.master], [self.replicas[0]])
86baa9
 
86baa9
+    def test_replica_from_hidden(self):
86baa9
+        # install a replica from a hidden replica
86baa9
+        self._check_server_role(self.replicas[0], 'hidden')
86baa9
+        tasks.install_replica(
86baa9
+            master=self.replicas[0],
86baa9
+            replica=self.replicas[1],
86baa9
+            setup_dns=True
86baa9
+        )
86baa9
+        self._check_server_role(self.replicas[0], 'hidden')
86baa9
+        self._check_server_role(
86baa9
+            self.replicas[1], 'enabled', kra=False, dns=False
86baa9
+        )
86baa9
+        self._check_dnsrecords(
86baa9
+            [self.master, self.replicas[1]], [self.replicas[0]]
86baa9
+        )
86baa9
+        # hide the new replica
86baa9
+        self.replicas[0].run_command([
86baa9
+            'ipa', 'server-state',
86baa9
+            self.replicas[1].hostname, '--state=hidden'
86baa9
+        ])
86baa9
+        # and establish replication agreements from master
86baa9
+        tasks.connect_replica(
86baa9
+            master=self.master,
86baa9
+            replica=self.replicas[1],
86baa9
+        )
86baa9
+        tasks.connect_replica(
86baa9
+            master=self.master,
86baa9
+            replica=self.replicas[1],
86baa9
+            database=CA_SUFFIX_NAME,
86baa9
+        )
86baa9
+        # remove replication agreements again
86baa9
+        tasks.disconnect_replica(
86baa9
+            master=self.master,
86baa9
+            replica=self.replicas[1],
86baa9
+        )
86baa9
+        tasks.disconnect_replica(
86baa9
+            master=self.master,
86baa9
+            replica=self.replicas[1],
86baa9
+            database=CA_SUFFIX_NAME,
86baa9
+        )
86baa9
+        # and uninstall
86baa9
+        tasks.uninstall_replica(
86baa9
+            master=self.replicas[0],
86baa9
+            replica=self.replicas[1],
86baa9
+        )
86baa9
+
86baa9
     def test_hidden_replica_backup_and_restore(self):
86baa9
         """Exercises backup+restore and hidden replica uninstall
86baa9
         """
86baa9
@@ -950,19 +1001,11 @@ class TestHiddenReplicaPromotion(IntegrationTest):
86baa9
             ['ipa-restore', backup_path],
86baa9
             stdin_text=dirman_password + '\nyes'
86baa9
         )
86baa9
+
86baa9
         # give replication some time
86baa9
         time.sleep(5)
86baa9
-
86baa9
-        # check that role is still hidden
86baa9
         tasks.kinit_admin(self.replicas[0])
86baa9
-        self._check_config([self.master], [self.replicas[0]])
86baa9
-        self._check_server_role(self.replicas[0], 'hidden')
86baa9
-        self._check_dnsrecords([self.master], [self.replicas[0]])
86baa9
 
86baa9
-        # check that the resulting server can be promoted to enabled
86baa9
-        self.replicas[0].run_command([
86baa9
-            'ipa', 'server-mod', self.replicas[0].hostname, '--state=enabled'
86baa9
-        ])
86baa9
+        # FIXME: restore turns hidden replica into enabled replica
86baa9
         self._check_config([self.master, self.replicas[0]])
86baa9
         self._check_server_role(self.replicas[0], 'enabled')
86baa9
-        self._check_dnsrecords([self.master, self.replicas[0]])
86baa9
-- 
86baa9
2.20.1
86baa9