Beispiel #1
0
func (s *networkSuite) TestNetworkNames(c *gc.C) {
	for i, test := range networkNameTests {
		c.Logf("test %d: %q", i, test.pattern)
		c.Check(names.IsNetwork(test.pattern), gc.Equals, test.valid)
		if test.valid {
			expectTag := fmt.Sprintf("%s-%s", names.NetworkTagKind, test.pattern)
			c.Check(names.NewNetworkTag(test.pattern).String(), gc.Equals, expectTag)
		} else {
			expectErr := fmt.Sprintf("%q is not a valid network name", test.pattern)
			testNetworkTag := func() { names.NewNetworkTag(test.pattern) }
			c.Check(testNetworkTag, gc.PanicMatches, regexp.QuoteMeta(expectErr))
		}
	}
}
Beispiel #2
0
func (s *firewallerSuite) TestGetMachineActiveNetworks(c *gc.C) {
	s.openPorts(c)

	args := addFakeEntities(params.Entities{Entities: []params.Entity{
		{Tag: s.machines[0].Tag().String()},
		{Tag: s.machines[1].Tag().String()},
		{Tag: s.machines[2].Tag().String()},
		{Tag: s.service.Tag().String()},
		{Tag: s.units[0].Tag().String()},
	}})
	networkTag := names.NewNetworkTag(network.DefaultPublic)
	expectResults := []string{networkTag.String()}
	result, err := s.firewaller.GetMachineActiveNetworks(args)
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(result, jc.DeepEquals, params.StringsResults{
		Results: []params.StringsResult{
			{Result: expectResults},
			{Result: nil, Error: nil},
			{Result: expectResults},
			{Error: apiservertesting.ErrUnauthorized},
			{Error: apiservertesting.ErrUnauthorized},
			{Error: apiservertesting.NotFoundError("machine 42")},
			{Error: apiservertesting.ErrUnauthorized},
			{Error: apiservertesting.ErrUnauthorized},
			{Error: apiservertesting.ErrUnauthorized},
			{Error: apiservertesting.ErrUnauthorized},
			{Error: apiservertesting.ErrUnauthorized},
		},
	})
}
Beispiel #3
0
func (task *provisionerTask) prepareNetworkAndInterfaces(networkInfo []network.InterfaceInfo) (
	networks []params.Network, ifaces []params.NetworkInterface, err error) {
	if len(networkInfo) == 0 {
		return nil, nil, nil
	}
	visitedNetworks := set.NewStrings()
	for _, info := range networkInfo {
		if !names.IsValidNetwork(info.NetworkName) {
			return nil, nil, errors.Errorf("invalid network name %q", info.NetworkName)
		}
		networkTag := names.NewNetworkTag(info.NetworkName).String()
		if !visitedNetworks.Contains(networkTag) {
			networks = append(networks, params.Network{
				Tag:        networkTag,
				ProviderId: string(info.ProviderId),
				CIDR:       info.CIDR,
				VLANTag:    info.VLANTag,
			})
			visitedNetworks.Add(networkTag)
		}
		ifaces = append(ifaces, params.NetworkInterface{
			InterfaceName: info.ActualInterfaceName(),
			MACAddress:    info.MACAddress,
			NetworkTag:    networkTag,
			IsVirtual:     info.IsVirtual(),
			Disabled:      info.Disabled,
		})
	}
	return networks, ifaces, nil
}
Beispiel #4
0
func (task *provisionerTask) prepareNetworkAndInterfaces(networkInfo []network.Info) (
	networks []params.Network, ifaces []params.NetworkInterface) {
	if len(networkInfo) == 0 {
		return nil, nil
	}
	visitedNetworks := set.NewStrings()
	for _, info := range networkInfo {
		networkTag := names.NewNetworkTag(info.NetworkName).String()
		if !visitedNetworks.Contains(networkTag) {
			networks = append(networks, params.Network{
				Tag:        networkTag,
				ProviderId: info.ProviderId,
				CIDR:       info.CIDR,
				VLANTag:    info.VLANTag,
			})
			visitedNetworks.Add(networkTag)
		}
		ifaces = append(ifaces, params.NetworkInterface{
			InterfaceName: info.InterfaceName,
			MACAddress:    info.MACAddress,
			NetworkTag:    networkTag,
			IsVirtual:     info.IsVirtual(),
		})
	}
	return networks, ifaces
}
Beispiel #5
0
// GetMachineActiveNetworks returns the tags of the all networks the
// each given machine has open ports on.
func (f *FirewallerAPI) GetMachineActiveNetworks(args params.Entities) (params.StringsResults, error) {
	result := params.StringsResults{
		Results: make([]params.StringsResult, len(args.Entities)),
	}
	canAccess, err := f.accessMachine()
	if err != nil {
		return params.StringsResults{}, err
	}
	for i, entity := range args.Entities {
		machineTag, err := names.ParseMachineTag(entity.Tag)
		if err != nil {
			result.Results[i].Error = common.ServerError(common.ErrPerm)
			continue
		}
		machine, err := f.getMachine(canAccess, machineTag)
		if err != nil {
			result.Results[i].Error = common.ServerError(err)
			continue
		}
		ports, err := machine.AllPorts()
		if err != nil {
			result.Results[i].Error = common.ServerError(err)
			continue
		}
		for _, port := range ports {
			networkTag := names.NewNetworkTag(port.NetworkName()).String()
			result.Results[i].Result = append(result.Results[i].Result, networkTag)
		}
	}
	return result, nil
}
Beispiel #6
0
func (s *commonSuite) TestAuthFuncForTagKind(c *gc.C) {
	// TODO(dimitern): This list of all supported tags and kinds needs
	// to live in juju/names.
	uuid, err := utils.NewUUID()
	c.Assert(err, jc.ErrorIsNil)

	allTags := []names.Tag{
		nil, // invalid tag
		names.NewActionTag(uuid.String()),
		names.NewCharmTag("cs:precise/missing"),
		names.NewModelTag(uuid.String()),
		names.NewFilesystemTag("20/20"),
		names.NewLocalUserTag("user"),
		names.NewMachineTag("42"),
		names.NewNetworkTag("public"),
		names.NewRelationTag("wordpress:mysql mysql:db"),
		names.NewServiceTag("wordpress"),
		names.NewSpaceTag("apps"),
		names.NewStorageTag("foo/42"),
		names.NewUnitTag("wordpress/5"),
		names.NewUserTag("joe"),
		names.NewVolumeTag("80/20"),
	}
	for i, allowedTag := range allTags {
		c.Logf("test #%d: allowedTag: %v", i, allowedTag)

		var allowedKind string
		if allowedTag != nil {
			allowedKind = allowedTag.Kind()
		}
		getAuthFunc := common.AuthFuncForTagKind(allowedKind)

		authFunc, err := getAuthFunc()
		if allowedKind == "" {
			c.Check(err, gc.ErrorMatches, "tag kind cannot be empty")
			c.Check(authFunc, gc.IsNil)
			continue
		} else if !c.Check(err, jc.ErrorIsNil) {
			continue
		}

		for j, givenTag := range allTags {
			c.Logf("test #%d.%d: givenTag: %v", i, j, givenTag)

			var givenKind string
			if givenTag != nil {
				givenKind = givenTag.Kind()
			}
			if allowedKind == givenKind {
				c.Check(authFunc(givenTag), jc.IsTrue)
			} else {
				c.Check(authFunc(givenTag), jc.IsFalse)
			}
		}
	}
}
Beispiel #7
0
// parsePortsKey parses a ports document global key coming from the
// ports watcher (e.g. "42:juju-public") and returns the machine and
// network tags from its components (in the last example "machine-42"
// and "network-juju-public").
func parsePortsKey(change string) (machineTag names.MachineTag, networkTag names.NetworkTag, err error) {
	defer errors.DeferredAnnotatef(&err, "invalid ports change %q", change)

	parts := strings.SplitN(change, ":", 2)
	if len(parts) != 2 {
		return names.MachineTag{}, names.NetworkTag{}, errors.Errorf("unexpected format")
	}
	machineId, networkName := parts[0], parts[1]
	return names.NewMachineTag(machineId), names.NewNetworkTag(networkName), nil
}
Beispiel #8
0
// networkNamesToTags returns the given network names converted to
// tags, or an error.
func networkNamesToTags(networks []string) ([]string, error) {
	var tags []string
	for _, network := range networks {
		if !names.IsValidNetwork(network) {
			return nil, fmt.Errorf("%q is not a valid network name", network)
		}
		tags = append(tags, names.NewNetworkTag(network).String())
	}
	return tags, nil
}
Beispiel #9
0
func (task *provisionerTask) prepareNetworkAndInterfaces(networkInfo []network.InterfaceInfo) (
	networks []params.Network, ifaces []params.NetworkInterface, err error) {
	if len(networkInfo) == 0 {
		return nil, nil, nil
	}
	visitedNetworks := set.NewStrings()
	for _, info := range networkInfo {
		// TODO(dimitern): The following few fields are required, but no longer
		// matter and will be dropped or changed soon as part of making spaces
		// and subnets usable across the board.
		if info.NetworkName == "" {
			info.NetworkName = network.DefaultPrivate
		}
		if info.ProviderId == "" {
			info.ProviderId = network.DefaultPrivate
		}
		if info.CIDR == "" {
			// TODO(dimitern): This is only when NOT using addressable
			// containers, as we don't fetch the subnet details, but since
			// networks in state are going away real soon, it's not important.
			info.CIDR = "0.0.0.0/32"
		}
		if !names.IsValidNetwork(info.NetworkName) {
			return nil, nil, errors.Errorf("invalid network name %q", info.NetworkName)
		}
		networkTag := names.NewNetworkTag(info.NetworkName).String()
		if !visitedNetworks.Contains(networkTag) {
			networks = append(networks, params.Network{
				Tag:        networkTag,
				ProviderId: string(info.ProviderId),
				CIDR:       info.CIDR,
				VLANTag:    info.VLANTag,
			})
			visitedNetworks.Add(networkTag)
		}
		ifaces = append(ifaces, params.NetworkInterface{
			InterfaceName: info.ActualInterfaceName(),
			MACAddress:    info.MACAddress,
			NetworkTag:    networkTag,
			IsVirtual:     info.IsVirtual(),
			Disabled:      info.Disabled,
		})
	}
	return networks, ifaces, nil
}
Beispiel #10
0
func (s *machineSuite) TestOpenedPorts(c *gc.C) {
	networkTag := names.NewNetworkTag(network.DefaultPublic)
	unitTag := s.units[0].Tag().(names.UnitTag)

	// No ports opened at first.
	ports, err := s.apiMachine.OpenedPorts(networkTag)
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(ports, gc.HasLen, 0)

	// Open a port and check again.
	err = s.units[0].OpenPort("tcp", 1234)
	c.Assert(err, jc.ErrorIsNil)
	ports, err = s.apiMachine.OpenedPorts(networkTag)
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(ports, jc.DeepEquals, map[network.PortRange]names.UnitTag{
		network.PortRange{FromPort: 1234, ToPort: 1234, Protocol: "tcp"}: unitTag,
	})
}
Beispiel #11
0
func (s *firewallerSuite) TestGetMachinePorts(c *gc.C) {
	s.openPorts(c)

	networkTag := names.NewNetworkTag(network.DefaultPublic).String()
	args := params.MachinePortsParams{
		Params: []params.MachinePorts{
			{MachineTag: s.machines[0].Tag().String(), NetworkTag: networkTag},
			{MachineTag: s.machines[1].Tag().String(), NetworkTag: networkTag},
			{MachineTag: s.machines[2].Tag().String(), NetworkTag: networkTag},
			{MachineTag: s.machines[0].Tag().String(), NetworkTag: "invalid"},
			{MachineTag: "machine-42", NetworkTag: networkTag},
			{MachineTag: s.machines[0].Tag().String(), NetworkTag: "network-missing"},
		},
	}
	unit0Tag := s.units[0].Tag().String()
	expectPortsMachine0 := []params.MachinePortRange{
		{UnitTag: unit0Tag, PortRange: params.PortRange{
			FromPort: 1234, ToPort: 1400, Protocol: "tcp",
		}},
		{UnitTag: unit0Tag, PortRange: params.PortRange{
			FromPort: 4321, ToPort: 4321, Protocol: "tcp",
		}},
	}
	unit2Tag := s.units[2].Tag().String()
	expectPortsMachine2 := []params.MachinePortRange{
		{UnitTag: unit2Tag, PortRange: params.PortRange{
			FromPort: 1111, ToPort: 2222, Protocol: "udp",
		}},
	}
	result, err := s.firewaller.GetMachinePorts(args)
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(result, jc.DeepEquals, params.MachinePortsResults{
		Results: []params.MachinePortsResult{
			{Ports: expectPortsMachine0},
			{Error: nil, Ports: nil},
			{Ports: expectPortsMachine2},
			{Error: apiservertesting.ErrUnauthorized},
			{Error: apiservertesting.NotFoundError("machine 42")},
			{Error: nil, Ports: nil},
		},
	})

}
Beispiel #12
0
func (s *machineSuite) TestActiveNetworks(c *gc.C) {
	// No ports opened at first, no networks.
	nets, err := s.apiMachine.ActiveNetworks()
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(nets, gc.HasLen, 0)

	// Open a port and check again.
	err = s.units[0].OpenPort("tcp", 1234)
	c.Assert(err, jc.ErrorIsNil)
	nets, err = s.apiMachine.ActiveNetworks()
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(nets, jc.DeepEquals, []names.NetworkTag{
		names.NewNetworkTag(network.DefaultPublic),
	})

	// Remove all ports, no networks.
	ports, err := s.machines[0].OpenedPorts(network.DefaultPublic)
	c.Assert(err, jc.ErrorIsNil)
	err = ports.Remove()
	c.Assert(err, jc.ErrorIsNil)
	nets, err = s.apiMachine.ActiveNetworks()
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(nets, gc.HasLen, 0)
}
Beispiel #13
0
	expectKind: names.ActionTagKind,
	expectType: names.ActionTag{},
	resultId:   "wordpress/0" + names.ActionMarker + "333",
}, {
	tag:       "foo",
	resultErr: `"foo" is not a valid tag`,
}}

var makeTag = map[string]func(string) names.Tag{
	names.MachineTagKind:  func(tag string) names.Tag { return names.NewMachineTag(tag) },
	names.UnitTagKind:     func(tag string) names.Tag { return names.NewUnitTag(tag) },
	names.ServiceTagKind:  func(tag string) names.Tag { return names.NewServiceTag(tag) },
	names.RelationTagKind: func(tag string) names.Tag { return names.NewRelationTag(tag) },
	names.EnvironTagKind:  func(tag string) names.Tag { return names.NewEnvironTag(tag) },
	names.UserTagKind:     func(tag string) names.Tag { return names.NewUserTag(tag) },
	names.NetworkTagKind:  func(tag string) names.Tag { return names.NewNetworkTag(tag) },
	names.ActionTagKind:   func(tag string) names.Tag { return names.NewActionTag(tag) },
}

func (*tagSuite) TestParseTag(c *gc.C) {
	for i, test := range parseTagTests {
		c.Logf("test %d: %q expectKind %q", i, test.tag, test.expectKind)
		tag, err := names.ParseTag(test.tag)
		if test.resultErr != "" {
			c.Assert(err, gc.ErrorMatches, test.resultErr)
			c.Assert(tag, gc.IsNil)

			// If the tag has a valid kind which matches the
			// expected kind, test that using an empty
			// expectKind does not change the error message.
			if tagKind, err := names.TagKind(test.tag); err == nil && tagKind == test.expectKind {
Beispiel #14
0
// NetworkTag returns the network tag of the interface.
func (ni *NetworkInterface) NetworkTag() string {
	return names.NewNetworkTag(ni.doc.NetworkName).String()
}
Beispiel #15
0
// Tag returns the network tag.
func (n *Network) Tag() string {
	return names.NewNetworkTag(n.doc.Name).String()
}
Beispiel #16
0
// Tag returns the network tag.
func (n *Network) Tag() names.Tag {
	return names.NewNetworkTag(n.doc.Name)
}
Beispiel #17
0
// NetworkTag returns the network tag of the interface.
func (ni *NetworkInterface) NetworkTag() names.NetworkTag {
	return names.NewNetworkTag(ni.doc.NetworkName)
}
Beispiel #18
0
			testNetworkTag := func() { names.NewNetworkTag(test.pattern) }
			c.Check(testNetworkTag, gc.PanicMatches, regexp.QuoteMeta(expectErr))
		}
	}
}

var parseNetworkTagTests = []struct {
	tag      string
	expected names.Tag
	err      error
}{{
	tag: "",
	err: names.InvalidTagError("", ""),
}, {
	tag:      "network-dave",
	expected: names.NewNetworkTag("dave"),
}, {
	tag: "dave",
	err: names.InvalidTagError("dave", ""),
}, {
	tag: "network-dave/0",
	err: names.InvalidTagError("network-dave/0", names.NetworkTagKind),
}, {
	tag: "network",
	err: names.InvalidTagError("network", ""),
}, {
	tag: "user-dave",
	err: names.InvalidTagError("user-dave", names.NetworkTagKind),
}}

func (s *networkSuite) TestParseNetworkTag(c *gc.C) {