|
 |
86baa9 |
From 4850c91e063ddc0968a451ba9654c587f29a73d8 Mon Sep 17 00:00:00 2001
|
|
|
86baa9 |
From: Christian Heimes <cheimes@redhat.com>
|
|
|
86baa9 |
Date: Tue, 26 Mar 2019 16:43:55 +0100
|
|
|
86baa9 |
Subject: [PATCH] Test replica installation from hidden replica
|
|
|
86baa9 |
|
|
|
86baa9 |
Exercise ipa-replica-install with a hidden replica as source server and
|
|
|
86baa9 |
creation of replication agreements between a hidden and an enabled
|
|
|
86baa9 |
replica.
|
|
|
86baa9 |
|
|
|
86baa9 |
Reviewed-By: Thomas Woerner <twoerner@redhat.com>
|
|
|
86baa9 |
Reviewed-By: Francois Cami <fcami@redhat.com>
|
|
|
86baa9 |
---
|
|
|
86baa9 |
ipatests/pytest_ipa/integration/tasks.py | 22 ++++--
|
|
|
86baa9 |
.../test_replica_promotion.py | 73 +++++++++++++++----
|
|
|
86baa9 |
2 files changed, 74 insertions(+), 21 deletions(-)
|
|
|
86baa9 |
|
|
|
86baa9 |
diff --git a/ipatests/pytest_ipa/integration/tasks.py b/ipatests/pytest_ipa/integration/tasks.py
|
|
|
86baa9 |
index 1f0509189d2e3b3ad7402dd042d61e4ad4f97ed5..46506e4eee09dd1981777c8facef7c1938e07605 100644
|
|
|
86baa9 |
--- a/ipatests/pytest_ipa/integration/tasks.py
|
|
|
86baa9 |
+++ b/ipatests/pytest_ipa/integration/tasks.py
|
|
|
86baa9 |
@@ -691,28 +691,38 @@ def sync_time(host, server):
|
|
|
86baa9 |
host.run_command(['ntpdate', server.hostname])
|
|
|
86baa9 |
|
|
|
86baa9 |
|
|
|
86baa9 |
-def connect_replica(master, replica, domain_level=None):
|
|
|
86baa9 |
+def connect_replica(master, replica, domain_level=None,
|
|
|
86baa9 |
+ database=DOMAIN_SUFFIX_NAME):
|
|
|
86baa9 |
if domain_level is None:
|
|
|
86baa9 |
domain_level = master.config.domain_level
|
|
|
86baa9 |
if domain_level == DOMAIN_LEVEL_0:
|
|
|
86baa9 |
- replica.run_command(['ipa-replica-manage', 'connect', master.hostname])
|
|
|
86baa9 |
+ if database == DOMAIN_SUFFIX_NAME:
|
|
|
86baa9 |
+ cmd = 'ipa-replica-manage'
|
|
|
86baa9 |
+ else:
|
|
|
86baa9 |
+ cmd = 'ipa-csreplica-manage'
|
|
|
86baa9 |
+ replica.run_command([cmd, 'connect', master.hostname])
|
|
|
86baa9 |
else:
|
|
|
86baa9 |
kinit_admin(master)
|
|
|
86baa9 |
- master.run_command(["ipa", "topologysegment-add", DOMAIN_SUFFIX_NAME,
|
|
|
86baa9 |
+ master.run_command(["ipa", "topologysegment-add", database,
|
|
|
86baa9 |
"%s-to-%s" % (master.hostname, replica.hostname),
|
|
|
86baa9 |
"--leftnode=%s" % master.hostname,
|
|
|
86baa9 |
"--rightnode=%s" % replica.hostname
|
|
|
86baa9 |
])
|
|
|
86baa9 |
|
|
|
86baa9 |
|
|
|
86baa9 |
-def disconnect_replica(master, replica, domain_level=None):
|
|
|
86baa9 |
+def disconnect_replica(master, replica, domain_level=None,
|
|
|
86baa9 |
+ database=DOMAIN_SUFFIX_NAME):
|
|
|
86baa9 |
if domain_level is None:
|
|
|
86baa9 |
domain_level = master.config.domain_level
|
|
|
86baa9 |
if domain_level == DOMAIN_LEVEL_0:
|
|
|
86baa9 |
- replica.run_command(['ipa-replica-manage', 'disconnect', master.hostname])
|
|
|
86baa9 |
+ if database == DOMAIN_SUFFIX_NAME:
|
|
|
86baa9 |
+ cmd = 'ipa-replica-manage'
|
|
|
86baa9 |
+ else:
|
|
|
86baa9 |
+ cmd = 'ipa-csreplica-manage'
|
|
|
86baa9 |
+ replica.run_command([cmd, 'disconnect', master.hostname])
|
|
|
86baa9 |
else:
|
|
|
86baa9 |
kinit_admin(master)
|
|
|
86baa9 |
- master.run_command(["ipa", "topologysegment-del", DOMAIN_SUFFIX_NAME,
|
|
|
86baa9 |
+ master.run_command(["ipa", "topologysegment-del", database,
|
|
|
86baa9 |
"%s-to-%s" % (master.hostname, replica.hostname),
|
|
|
86baa9 |
"--continue"
|
|
|
86baa9 |
])
|
|
|
86baa9 |
diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py
|
|
|
86baa9 |
index df71972a2ba3ad503011a558295bd38f587faf44..f9cc3d833072666fed348795c414e3840615ac70 100644
|
|
|
86baa9 |
--- a/ipatests/test_integration/test_replica_promotion.py
|
|
|
86baa9 |
+++ b/ipatests/test_integration/test_replica_promotion.py
|
|
|
86baa9 |
@@ -15,7 +15,8 @@ from ipatests.pytest_ipa.integration.tasks import (
|
|
|
86baa9 |
assert_error, replicas_cleanup)
|
|
|
86baa9 |
from ipatests.pytest_ipa.integration.env_config import get_global_config
|
|
|
86baa9 |
from ipalib.constants import (
|
|
|
86baa9 |
- DOMAIN_LEVEL_0, DOMAIN_LEVEL_1, DOMAIN_SUFFIX_NAME, IPA_CA_NICKNAME)
|
|
|
86baa9 |
+ DOMAIN_LEVEL_0, DOMAIN_LEVEL_1, DOMAIN_SUFFIX_NAME, IPA_CA_NICKNAME,
|
|
|
86baa9 |
+ CA_SUFFIX_NAME)
|
|
|
86baa9 |
from ipaplatform.paths import paths
|
|
|
86baa9 |
from ipatests.test_integration.test_backup_and_restore import backup
|
|
|
86baa9 |
from ipatests.test_integration.test_dns_locations import (
|
|
|
86baa9 |
@@ -807,8 +808,8 @@ class TestReplicaInForwardZone(IntegrationTest):
|
|
|
86baa9 |
class TestHiddenReplicaPromotion(IntegrationTest):
|
|
|
86baa9 |
"""Test hidden replica features
|
|
|
86baa9 |
"""
|
|
|
86baa9 |
- topology = 'star'
|
|
|
86baa9 |
- num_replicas = 1
|
|
|
86baa9 |
+ topology = None
|
|
|
86baa9 |
+ num_replicas = 2
|
|
|
86baa9 |
|
|
|
86baa9 |
@classmethod
|
|
|
86baa9 |
def install(cls, mh):
|
|
|
86baa9 |
@@ -850,8 +851,12 @@ class TestHiddenReplicaPromotion(IntegrationTest):
|
|
|
86baa9 |
value = host.hostname if rtype == 'SRV' else host.ip
|
|
|
86baa9 |
assert value not in txt
|
|
|
86baa9 |
|
|
|
86baa9 |
- def _check_server_role(self, host, status):
|
|
|
86baa9 |
- roles = [u'IPA master', u'CA server', u'KRA server', u'DNS server']
|
|
|
86baa9 |
+ def _check_server_role(self, host, status, kra=True, dns=True):
|
|
|
86baa9 |
+ roles = [u'IPA master', u'CA server']
|
|
|
86baa9 |
+ if kra:
|
|
|
86baa9 |
+ roles.append(u'KRA server')
|
|
|
86baa9 |
+ if dns:
|
|
|
86baa9 |
+ roles.append(u'DNS server')
|
|
|
86baa9 |
for role in roles:
|
|
|
86baa9 |
result = self.replicas[0].run_command([
|
|
|
86baa9 |
'ipa', 'server-role-find',
|
|
|
86baa9 |
@@ -936,6 +941,52 @@ class TestHiddenReplicaPromotion(IntegrationTest):
|
|
|
86baa9 |
self._check_server_role(self.replicas[0], 'hidden')
|
|
|
86baa9 |
self._check_dnsrecords([self.master], [self.replicas[0]])
|
|
|
86baa9 |
|
|
|
86baa9 |
+ def test_replica_from_hidden(self):
|
|
|
86baa9 |
+ # install a replica from a hidden replica
|
|
|
86baa9 |
+ self._check_server_role(self.replicas[0], 'hidden')
|
|
|
86baa9 |
+ tasks.install_replica(
|
|
|
86baa9 |
+ master=self.replicas[0],
|
|
|
86baa9 |
+ replica=self.replicas[1],
|
|
|
86baa9 |
+ setup_dns=True
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+ self._check_server_role(self.replicas[0], 'hidden')
|
|
|
86baa9 |
+ self._check_server_role(
|
|
|
86baa9 |
+ self.replicas[1], 'enabled', kra=False, dns=False
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+ self._check_dnsrecords(
|
|
|
86baa9 |
+ [self.master, self.replicas[1]], [self.replicas[0]]
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+ # hide the new replica
|
|
|
86baa9 |
+ self.replicas[0].run_command([
|
|
|
86baa9 |
+ 'ipa', 'server-state',
|
|
|
86baa9 |
+ self.replicas[1].hostname, '--state=hidden'
|
|
|
86baa9 |
+ ])
|
|
|
86baa9 |
+ # and establish replication agreements from master
|
|
|
86baa9 |
+ tasks.connect_replica(
|
|
|
86baa9 |
+ master=self.master,
|
|
|
86baa9 |
+ replica=self.replicas[1],
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+ tasks.connect_replica(
|
|
|
86baa9 |
+ master=self.master,
|
|
|
86baa9 |
+ replica=self.replicas[1],
|
|
|
86baa9 |
+ database=CA_SUFFIX_NAME,
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+ # remove replication agreements again
|
|
|
86baa9 |
+ tasks.disconnect_replica(
|
|
|
86baa9 |
+ master=self.master,
|
|
|
86baa9 |
+ replica=self.replicas[1],
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+ tasks.disconnect_replica(
|
|
|
86baa9 |
+ master=self.master,
|
|
|
86baa9 |
+ replica=self.replicas[1],
|
|
|
86baa9 |
+ database=CA_SUFFIX_NAME,
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+ # and uninstall
|
|
|
86baa9 |
+ tasks.uninstall_replica(
|
|
|
86baa9 |
+ master=self.replicas[0],
|
|
|
86baa9 |
+ replica=self.replicas[1],
|
|
|
86baa9 |
+ )
|
|
|
86baa9 |
+
|
|
|
86baa9 |
def test_hidden_replica_backup_and_restore(self):
|
|
|
86baa9 |
"""Exercises backup+restore and hidden replica uninstall
|
|
|
86baa9 |
"""
|
|
|
86baa9 |
@@ -950,19 +1001,11 @@ class TestHiddenReplicaPromotion(IntegrationTest):
|
|
|
86baa9 |
['ipa-restore', backup_path],
|
|
|
86baa9 |
stdin_text=dirman_password + '\nyes'
|
|
|
86baa9 |
)
|
|
|
86baa9 |
+
|
|
|
86baa9 |
# give replication some time
|
|
|
86baa9 |
time.sleep(5)
|
|
|
86baa9 |
-
|
|
|
86baa9 |
- # check that role is still hidden
|
|
|
86baa9 |
tasks.kinit_admin(self.replicas[0])
|
|
|
86baa9 |
- self._check_config([self.master], [self.replicas[0]])
|
|
|
86baa9 |
- self._check_server_role(self.replicas[0], 'hidden')
|
|
|
86baa9 |
- self._check_dnsrecords([self.master], [self.replicas[0]])
|
|
|
86baa9 |
|
|
|
86baa9 |
- # check that the resulting server can be promoted to enabled
|
|
|
86baa9 |
- self.replicas[0].run_command([
|
|
|
86baa9 |
- 'ipa', 'server-mod', self.replicas[0].hostname, '--state=enabled'
|
|
|
86baa9 |
- ])
|
|
|
86baa9 |
+ # FIXME: restore turns hidden replica into enabled replica
|
|
|
86baa9 |
self._check_config([self.master, self.replicas[0]])
|
|
|
86baa9 |
self._check_server_role(self.replicas[0], 'enabled')
|
|
|
86baa9 |
- self._check_dnsrecords([self.master, self.replicas[0]])
|
|
|
86baa9 |
--
|
|
|
86baa9 |
2.20.1
|
|
|
86baa9 |
|