Tree - rpms/ipa - CentOS Git server

rpms / ipa

Files

Commit: b5832852d7d24aa721312ac994a083e974a058dc
Blob Blame History Raw
From 4850c91e063ddc0968a451ba9654c587f29a73d8 Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes@redhat.com>
Date: Tue, 26 Mar 2019 16:43:55 +0100
Subject: [PATCH] Test replica installation from hidden replica

Exercise ipa-replica-install with a hidden replica as source server and
creation of replication agreements between a hidden and an enabled
replica.

Reviewed-By: Thomas Woerner <twoerner@redhat.com>
Reviewed-By: Francois Cami <fcami@redhat.com>
---
 ipatests/pytest_ipa/integration/tasks.py      | 22 ++++--
 .../test_replica_promotion.py                 | 73 +++++++++++++++----
 2 files changed, 74 insertions(+), 21 deletions(-)

diff --git a/ipatests/pytest_ipa/integration/tasks.py b/ipatests/pytest_ipa/integration/tasks.py
index 1f0509189d2e3b3ad7402dd042d61e4ad4f97ed5..46506e4eee09dd1981777c8facef7c1938e07605 100644
--- a/ipatests/pytest_ipa/integration/tasks.py
+++ b/ipatests/pytest_ipa/integration/tasks.py
@@ -691,28 +691,38 @@ def sync_time(host, server):
     host.run_command(['ntpdate', server.hostname])
 
 
-def connect_replica(master, replica, domain_level=None):
+def connect_replica(master, replica, domain_level=None,
+                    database=DOMAIN_SUFFIX_NAME):
     if domain_level is None:
         domain_level = master.config.domain_level
     if domain_level == DOMAIN_LEVEL_0:
-        replica.run_command(['ipa-replica-manage', 'connect', master.hostname])
+        if database == DOMAIN_SUFFIX_NAME:
+            cmd = 'ipa-replica-manage'
+        else:
+            cmd = 'ipa-csreplica-manage'
+        replica.run_command([cmd, 'connect', master.hostname])
     else:
         kinit_admin(master)
-        master.run_command(["ipa", "topologysegment-add", DOMAIN_SUFFIX_NAME,
+        master.run_command(["ipa", "topologysegment-add", database,
                             "%s-to-%s" % (master.hostname, replica.hostname),
                             "--leftnode=%s" % master.hostname,
                             "--rightnode=%s" % replica.hostname
                             ])
 
 
-def disconnect_replica(master, replica, domain_level=None):
+def disconnect_replica(master, replica, domain_level=None,
+                       database=DOMAIN_SUFFIX_NAME):
     if domain_level is None:
         domain_level = master.config.domain_level
     if domain_level == DOMAIN_LEVEL_0:
-        replica.run_command(['ipa-replica-manage', 'disconnect', master.hostname])
+        if database == DOMAIN_SUFFIX_NAME:
+            cmd = 'ipa-replica-manage'
+        else:
+            cmd = 'ipa-csreplica-manage'
+        replica.run_command([cmd, 'disconnect', master.hostname])
     else:
         kinit_admin(master)
-        master.run_command(["ipa", "topologysegment-del", DOMAIN_SUFFIX_NAME,
+        master.run_command(["ipa", "topologysegment-del", database,
                             "%s-to-%s" % (master.hostname, replica.hostname),
                             "--continue"
                             ])
diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py
index df71972a2ba3ad503011a558295bd38f587faf44..f9cc3d833072666fed348795c414e3840615ac70 100644
--- a/ipatests/test_integration/test_replica_promotion.py
+++ b/ipatests/test_integration/test_replica_promotion.py
@@ -15,7 +15,8 @@ from ipatests.pytest_ipa.integration.tasks import (
     assert_error, replicas_cleanup)
 from ipatests.pytest_ipa.integration.env_config import get_global_config
 from ipalib.constants import (
-    DOMAIN_LEVEL_0, DOMAIN_LEVEL_1, DOMAIN_SUFFIX_NAME, IPA_CA_NICKNAME)
+    DOMAIN_LEVEL_0, DOMAIN_LEVEL_1, DOMAIN_SUFFIX_NAME, IPA_CA_NICKNAME,
+    CA_SUFFIX_NAME)
 from ipaplatform.paths import paths
 from ipatests.test_integration.test_backup_and_restore import backup
 from ipatests.test_integration.test_dns_locations import (
@@ -807,8 +808,8 @@ class TestReplicaInForwardZone(IntegrationTest):
 class TestHiddenReplicaPromotion(IntegrationTest):
     """Test hidden replica features
     """
-    topology = 'star'
-    num_replicas = 1
+    topology = None
+    num_replicas = 2
 
     @classmethod
     def install(cls, mh):
@@ -850,8 +851,12 @@ class TestHiddenReplicaPromotion(IntegrationTest):
                 value = host.hostname if rtype == 'SRV' else host.ip
                 assert value not in txt
 
-    def _check_server_role(self, host, status):
-        roles = [u'IPA master', u'CA server', u'KRA server', u'DNS server']
+    def _check_server_role(self, host, status, kra=True, dns=True):
+        roles = [u'IPA master', u'CA server']
+        if kra:
+            roles.append(u'KRA server')
+        if dns:
+            roles.append(u'DNS server')
         for role in roles:
             result = self.replicas[0].run_command([
                 'ipa', 'server-role-find',
@@ -936,6 +941,52 @@ class TestHiddenReplicaPromotion(IntegrationTest):
         self._check_server_role(self.replicas[0], 'hidden')
         self._check_dnsrecords([self.master], [self.replicas[0]])
 
+    def test_replica_from_hidden(self):
+        # install a replica from a hidden replica
+        self._check_server_role(self.replicas[0], 'hidden')
+        tasks.install_replica(
+            master=self.replicas[0],
+            replica=self.replicas[1],
+            setup_dns=True
+        )
+        self._check_server_role(self.replicas[0], 'hidden')
+        self._check_server_role(
+            self.replicas[1], 'enabled', kra=False, dns=False
+        )
+        self._check_dnsrecords(
+            [self.master, self.replicas[1]], [self.replicas[0]]
+        )
+        # hide the new replica
+        self.replicas[0].run_command([
+            'ipa', 'server-state',
+            self.replicas[1].hostname, '--state=hidden'
+        ])
+        # and establish replication agreements from master
+        tasks.connect_replica(
+            master=self.master,
+            replica=self.replicas[1],
+        )
+        tasks.connect_replica(
+            master=self.master,
+            replica=self.replicas[1],
+            database=CA_SUFFIX_NAME,
+        )
+        # remove replication agreements again
+        tasks.disconnect_replica(
+            master=self.master,
+            replica=self.replicas[1],
+        )
+        tasks.disconnect_replica(
+            master=self.master,
+            replica=self.replicas[1],
+            database=CA_SUFFIX_NAME,
+        )
+        # and uninstall
+        tasks.uninstall_replica(
+            master=self.replicas[0],
+            replica=self.replicas[1],
+        )
+
     def test_hidden_replica_backup_and_restore(self):
         """Exercises backup+restore and hidden replica uninstall
         """
@@ -950,19 +1001,11 @@ class TestHiddenReplicaPromotion(IntegrationTest):
             ['ipa-restore', backup_path],
             stdin_text=dirman_password + '\nyes'
         )
+
         # give replication some time
         time.sleep(5)
-
-        # check that role is still hidden
         tasks.kinit_admin(self.replicas[0])
-        self._check_config([self.master], [self.replicas[0]])
-        self._check_server_role(self.replicas[0], 'hidden')
-        self._check_dnsrecords([self.master], [self.replicas[0]])
 
-        # check that the resulting server can be promoted to enabled
-        self.replicas[0].run_command([
-            'ipa', 'server-mod', self.replicas[0].hostname, '--state=enabled'
-        ])
+        # FIXME: restore turns hidden replica into enabled replica
         self._check_config([self.master, self.replicas[0]])
         self._check_server_role(self.replicas[0], 'enabled')
-        self._check_dnsrecords([self.master, self.replicas[0]])
-- 
2.20.1
rpms / ipa

Source Code

Files
