cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ansible/test/integration/targets/elb_classic_lb/tasks/main.yml
Will Thames 316e7939d6 [cloud] Improve aws testing and use {{ region }} var (#26892) 
* Protect AWS credentials from accidental commits

* Improve documentation for IAM policies

* Update ELB tests to be multi region

Allow AZs to reflect the region in which the tests are run.

This will not work for regions with fewer than three AZs,
but those are relatively rare
2017-11-09 11:56:31 -05:00

425 lines
12 KiB
YAML
Raw Blame History

---
# __Test Info__
# Create a self signed cert and upload it to AWS
# http://www.akadia.com/services/ssh_test_certificate.html
# http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html
# __Test Outline__
#
# __elb_classic_lb__
# create test elb with listeners and certificate
# change AZ's
# change listeners
# remove listeners
# remove elb
# __ec2-common__
# test environment variable EC2_REGION
# test with no parameters
# test with only instance_id
# test invalid region parameter
# test valid region parameter
# test invalid ec2_url parameter
# test valid ec2_url parameter
# test credentials from environment
# test credential parameters
- block:
# ============================================================
# create test elb with listeners, certificate, and health check
- name: Create ELB
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
- protocol: http
load_balancer_port: 8080
instance_port: 8080
health_check:
ping_protocol: http
ping_port: 80
ping_path: "/index.html"
response_timeout: 5
interval: 30
unhealthy_threshold: 2
healthy_threshold: 10
register: info
- assert:
that:
- 'info.changed'
- 'info.elb.status == "created"'
- '"{{ ec2_region }}a" in info.elb.zones'
- '"{{ ec2_region }}b" in info.elb.zones'
- 'info.elb.health_check.healthy_threshold == 10'
- 'info.elb.health_check.interval == 30'
- 'info.elb.health_check.target == "HTTP:80/index.html"'
- 'info.elb.health_check.timeout == 5'
- 'info.elb.health_check.unhealthy_threshold == 2'
- '[80, 80, "HTTP", "HTTP"] in info.elb.listeners'
- '[8080, 8080, "HTTP", "HTTP"] in info.elb.listeners'
# ============================================================
# check ports, would be cool, but we are at the mercy of AWS
# to start things in a timely manner
#- name: check to make sure 80 is listening
# wait_for: host={{ info.elb.dns_name }} port=80 timeout=600
# register: result
#- name: assert can connect to port#
# assert: 'result.state == "started"'
#- name: check to make sure 443 is listening
# wait_for: host={{ info.elb.dns_name }} port=443 timeout=600
# register: result
#- name: assert can connect to port#
# assert: 'result.state == "started"'
# ============================================================
# Change AZ's
- name: Change AZ's
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
purge_zones: yes
health_check:
ping_protocol: http
ping_port: 80
ping_path: "/index.html"
response_timeout: 5
interval: 30
unhealthy_threshold: 2
healthy_threshold: 10
register: info
- assert:
that:
- 'info.elb.status == "ok"'
- 'info.changed'
- 'info.elb.zones[0] == "{{ ec2_region }}c"'
# ============================================================
# Update AZ's
- name: Update AZ's
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
purge_zones: yes
register: info
- assert:
that:
- 'info.changed'
- 'info.elb.status == "ok"'
- '"{{ ec2_region }}a" in info.elb.zones'
- '"{{ ec2_region }}b" in info.elb.zones'
- '"{{ ec2_region }}c" in info.elb.zones'
# ============================================================
# Purge Listeners
- name: Purge Listeners
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 81
purge_listeners: yes
register: info
- assert:
that:
- 'info.elb.status == "ok"'
- 'info.changed'
- '[80, 81, "HTTP", "HTTP"] in info.elb.listeners'
- 'info.elb.listeners|length == 1'
# ============================================================
# add Listeners
- name: Add Listeners
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 8081
instance_port: 8081
purge_listeners: no
register: info
- assert:
that:
- 'info.elb.status == "ok"'
- 'info.changed'
- '[80, 81, "HTTP", "HTTP"] in info.elb.listeners'
- '[8081, 8081, "HTTP", "HTTP"] in info.elb.listeners'
- 'info.elb.listeners|length == 2'
# ============================================================
- name: test with no parameters
elb_classic_lb:
register: result
ignore_errors: true
- name: assert failure when called with no parameters
assert:
that:
- 'result.failed'
- 'result.msg.startswith("missing required arguments: ")'
# ============================================================
- name: test with only name
elb_classic_lb:
name="{{ tag_prefix }}"
register: result
ignore_errors: true
- name: assert failure when called with only name
assert:
that:
- 'result.failed'
- 'result.msg == "missing required arguments: state"'
# ============================================================
- name: test invalid region parameter
elb_classic_lb:
name: "{{ tag_prefix }}"
region: 'asdf querty 1234'
state: present
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
register: result
ignore_errors: true
- name: assert invalid region parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("Region asdf querty 1234 does not seem to be available ")'
# ============================================================
- name: test valid region parameter
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
register: result
ignore_errors: true
- name: assert valid region parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test invalid ec2_url parameter
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
environment:
EC2_URL: bogus.example.com
register: result
ignore_errors: true
- name: assert invalid ec2_url parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test valid ec2_url parameter
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
environment:
EC2_URL: '{{ec2_url}}'
register: result
ignore_errors: true
- name: assert valid ec2_url parameter
assert:
that:
- 'result.failed'
- 'result.msg.startswith("No handler was ready to authenticate.")'
# ============================================================
- name: test credentials from environment
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
environment:
EC2_ACCESS_KEY: bogus_access_key
EC2_SECRET_KEY: bogus_secret_key
register: result
ignore_errors: true
- name: assert credentials from environment
assert:
that:
- 'result.failed'
- '"InvalidClientTokenId" in result.exception'
# ============================================================
- name: test credential parameters
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
state: present
zones:
- "{{ ec2_region }}a"
- "{{ ec2_region }}b"
- "{{ ec2_region }}c"
listeners:
- protocol: http
load_balancer_port: 80
instance_port: 80
register: result
ignore_errors: true
- name: assert credential parameters
assert:
that:
- 'result.failed'
- '"No handler was ready to authenticate. 1 handlers were checked." in result.msg'
always:
# ============================================================
- name: remove the test load balancer completely
elb_classic_lb:
name: "{{ tag_prefix }}"
region: "{{ ec2_region }}"
state: absent
ec2_access_key: "{{ ec2_access_key }}"
ec2_secret_key: "{{ ec2_secret_key }}"
security_token: "{{ security_token }}"
register: result
- name: assert the load balancer was removed
assert:
that:
- 'result.changed'
- 'result.elb.name == "{{tag_prefix}}"'
- 'result.elb.status == "deleted"'
Reference in a new issue View git blame Copy permalink