224 lines
9.4 KiB
Python
224 lines
9.4 KiB
Python
#
|
|
# Copyright (C) 2016 FreeIPA Contributors see COPYING for license
|
|
#
|
|
|
|
from ipatests.test_integration.base import IntegrationTest
|
|
from ipatests.test_integration import tasks
|
|
from ipatests.test_integration.test_caless import assert_error
|
|
from ipalib.constants import DOMAIN_LEVEL_0
|
|
from ipalib.constants import DOMAIN_LEVEL_1
|
|
from ipalib.constants import DOMAIN_SUFFIX_NAME
|
|
from ipatests.test_integration.tasks import replicas_cleanup
|
|
|
|
|
|
class ReplicaPromotionBase(IntegrationTest):
|
|
|
|
@classmethod
|
|
def install(cls, mh):
|
|
tasks.install_master(cls.master, domain_level=cls.domain_level)
|
|
|
|
def test_kra_install_master(self):
|
|
result1 = tasks.install_kra(self.master,
|
|
first_instance=True,
|
|
raiseonerr=False)
|
|
assert result1.returncode == 0, result1.stderr_text
|
|
tasks.kinit_admin(self.master)
|
|
result2 = self.master.run_command(["ipa", "vault-find"],
|
|
raiseonerr=False)
|
|
found = result2.stdout_text.find("0 vaults matched")
|
|
assert(found > 0), result2.stdout_text
|
|
|
|
|
|
class TestReplicaPromotionLevel0(ReplicaPromotionBase):
|
|
|
|
topology = 'star'
|
|
num_replicas = 1
|
|
domain_level = DOMAIN_LEVEL_0
|
|
|
|
@replicas_cleanup
|
|
def test_promotion_disabled(self):
|
|
"""
|
|
Testcase:
|
|
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan#Test_case:
|
|
_Make_sure_the_feature_is_unavailable_under_domain_level_0
|
|
"""
|
|
client = self.replicas[0]
|
|
tasks.install_client(self.master, client)
|
|
args = ['ipa-replica-install', '-U',
|
|
'-p', self.master.config.dirman_password,
|
|
'-w', self.master.config.admin_password,
|
|
'--ip-address', client.ip]
|
|
result = client.run_command(args, raiseonerr=False)
|
|
assert_error(result,
|
|
'You must provide a file generated by ipa-replica-prepare'
|
|
' to create a replica when the domain is at level 0', 1)
|
|
|
|
@replicas_cleanup
|
|
def test_backup_restore(self):
|
|
"""
|
|
TestCase:
|
|
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan#Test_case:
|
|
_ipa-restore_after_domainlevel_raise_restores_original_domain_level
|
|
"""
|
|
command = ["ipa", "topologysegment-find", DOMAIN_SUFFIX_NAME]
|
|
tasks.install_replica(self.master, self.replicas[0])
|
|
backup_file = tasks.ipa_backup(self.master)
|
|
self.master.run_command(["ipa", "domainlevel-set", "1"])
|
|
result = self.master.run_command(command)
|
|
found1 = result.stdout_text.rfind("1 segment matched")
|
|
assert(found1 > 0), result.stdout_text
|
|
tasks.ipa_restore(self.master, backup_file)
|
|
result2 = self.master.run_command(command, raiseonerr=False)
|
|
found2 = result2.stdout_text.rfind("0 segments matched")
|
|
assert(found2 > 0), result2.stdout_text
|
|
|
|
|
|
class TestKRAInstall(IntegrationTest):
|
|
"""
|
|
TestCase: http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan
|
|
#Test_case:_ipa-kra-install_with_replica_file_works_only_on_domain_level_0
|
|
"""
|
|
topology = 'star'
|
|
domain_level = DOMAIN_LEVEL_0
|
|
num_replicas = 2
|
|
|
|
@classmethod
|
|
def install(cls, mh):
|
|
tasks.install_master(cls.master, domain_level=cls.domain_level)
|
|
|
|
def test_kra_install_without_replica_file(self):
|
|
master = self.master
|
|
replica1 = self.replicas[0]
|
|
replica2 = self.replicas[1]
|
|
tasks.install_kra(master, first_instance=True)
|
|
tasks.install_replica(master, replica1)
|
|
result1 = tasks.install_kra(replica1,
|
|
domain_level=DOMAIN_LEVEL_1,
|
|
raiseonerr=False)
|
|
assert_error(result1, "A replica file is required", 1)
|
|
tasks.install_kra(replica1,
|
|
domain_level=DOMAIN_LEVEL_0,
|
|
raiseonerr=True)
|
|
# Now prepare the replica file, copy it to the client and raise
|
|
# domain level on master to test the reverse situation
|
|
tasks.replica_prepare(master, replica2)
|
|
master.run_command(["ipa", "domainlevel-set", str(DOMAIN_LEVEL_1)])
|
|
tasks.install_replica(master, replica2)
|
|
result2 = tasks.install_kra(replica2,
|
|
domain_level=DOMAIN_LEVEL_0,
|
|
raiseonerr=False)
|
|
assert_error(result2, "No replica file is required", 1)
|
|
tasks.install_kra(replica2)
|
|
|
|
|
|
class TestCAInstall(IntegrationTest):
|
|
topology = 'star'
|
|
domain_level = DOMAIN_LEVEL_0
|
|
num_replicas = 2
|
|
|
|
@classmethod
|
|
def install(cls, mh):
|
|
tasks.install_master(cls.master, domain_level=cls.domain_level)
|
|
|
|
def test_ca_install_without_replica_file(self):
|
|
"""
|
|
TestCase:
|
|
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan#Test_case:
|
|
_ipa-ca-install_with_replica_file_works_only_on_domain_level_0
|
|
"""
|
|
master = self.master
|
|
replica1 = self.replicas[0]
|
|
replica2 = self.replicas[1]
|
|
for replica in self.replicas:
|
|
tasks.install_replica(master, replica, setup_ca=False,
|
|
setup_dns=True)
|
|
result1 = tasks.install_ca(replica1,
|
|
domain_level=DOMAIN_LEVEL_1,
|
|
raiseonerr=False)
|
|
assert_error(result1, "If you wish to replicate CA to this host,"
|
|
" please re-run 'ipa-ca-install'\nwith a"
|
|
" replica file generated on an existing CA"
|
|
" master as argument.", 1)
|
|
|
|
tasks.install_ca(replica1, domain_level=DOMAIN_LEVEL_0)
|
|
# Now prepare the replica file, copy it to the client and raise
|
|
# domain level on master to test the reverse situation
|
|
master.run_command(["ipa", "domainlevel-set", str(DOMAIN_LEVEL_1)])
|
|
result2 = tasks.install_ca(replica2,
|
|
domain_level=DOMAIN_LEVEL_0,
|
|
raiseonerr=False)
|
|
assert_error(result2, 'Too many parameters provided.'
|
|
' No replica file is required', 1)
|
|
tasks.install_ca(replica2, domain_level=DOMAIN_LEVEL_1)
|
|
|
|
|
|
class TestReplicaPromotionLevel1(ReplicaPromotionBase):
|
|
"""
|
|
TestCase: http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan#
|
|
Test_case:_Make_sure_the_old_workflow_is_disabled_at_domain_level_1
|
|
"""
|
|
|
|
topology = 'star'
|
|
num_replicas = 1
|
|
domain_level = DOMAIN_LEVEL_1
|
|
|
|
@replicas_cleanup
|
|
def test_replica_prepare_disabled(self):
|
|
replica = self.replicas[0]
|
|
args = ['ipa-replica-prepare',
|
|
'-p', self.master.config.dirman_password,
|
|
'--ip-address', replica.ip,
|
|
replica.hostname]
|
|
result = self.master.run_command(args, raiseonerr=False)
|
|
assert_error(result, "Replica creation using 'ipa-replica-prepare'"
|
|
" to generate replica file\n"
|
|
"is supported only in 0-level IPA domain", 1)
|
|
|
|
|
|
class TestReplicaManageCommands(IntegrationTest):
|
|
topology = "star"
|
|
num_replicas = 2
|
|
domain_level = DOMAIN_LEVEL_0
|
|
|
|
def test_replica_manage_commands(self):
|
|
"""
|
|
TestCase: http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan
|
|
#Test_case:_ipa-replica-manage_connect_is_deprecated_in_domain_level_1
|
|
"""
|
|
master = self.master
|
|
replica1 = self.replicas[0]
|
|
replica2 = self.replicas[1]
|
|
|
|
result1 = master.run_command(["ipa-replica-manage",
|
|
"connect",
|
|
replica1.hostname,
|
|
replica2.hostname],
|
|
raiseonerr=False)
|
|
assert result1.returncode == 0, result1.stderr_text
|
|
result2 = master.run_command(["ipa-replica-manage",
|
|
"disconnect",
|
|
replica1.hostname,
|
|
replica2.hostname],
|
|
raiseonerr=False)
|
|
assert result2.returncode == 0, result2.stderr_text
|
|
master.run_command(["ipa", "domainlevel-set", str(DOMAIN_LEVEL_1)])
|
|
result3 = master.run_command(["ipa-replica-manage",
|
|
"connect",
|
|
replica1.hostname,
|
|
replica2.hostname],
|
|
raiseonerr=False)
|
|
assert_error(result3, 'Creation of IPA replication agreement is'
|
|
' deprecated with managed IPA replication'
|
|
' topology. Please use `ipa topologysegment-*`'
|
|
' commands to manage the topology', 1)
|
|
tasks.create_segment(master, replica1, replica2)
|
|
result4 = master.run_command(["ipa-replica-manage",
|
|
"disconnect",
|
|
replica1.hostname,
|
|
replica2.hostname],
|
|
raiseonerr=False)
|
|
assert_error(result4, 'Removal of IPA replication agreement is'
|
|
' deprecated with managed IPA replication'
|
|
' topology. Please use `ipa topologysegment-*`'
|
|
' commands to manage the topology', 1)
|