From 1d27be1628ead90ad08665bb2275672d88bac93e Mon Sep 17 00:00:00 2001 From: Maurice Schreiber Date: Mon, 23 Apr 2018 08:56:42 +0200 Subject: [PATCH] NetApp ONTAP: cifs add AD security service server as preferred DC multiple comma separated entries can be given Change-Id: I9d6c79704d0ceb7a6fdc18035992e707327dd908 Closes-Bug: #1804651 --- .../netapp/dataontap/client/client_cmode.py | 21 ++++++++++++ .../drivers/netapp/dataontap/client/fakes.py | 1 + .../dataontap/client/test_client_cmode.py | 34 +++++++++++++++++++ ...ferred-dc-to-cifs-ad-99072ce663762e83.yaml | 8 +++++ 4 files changed, 64 insertions(+) create mode 100644 releasenotes/notes/bug-1804651-netapp-cdot-add-peferred-dc-to-cifs-ad-99072ce663762e83.yaml diff --git a/manila/share/drivers/netapp/dataontap/client/client_cmode.py b/manila/share/drivers/netapp/dataontap/client/client_cmode.py index 476fdbf0c0..0b910c516a 100644 --- a/manila/share/drivers/netapp/dataontap/client/client_cmode.py +++ b/manila/share/drivers/netapp/dataontap/client/client_cmode.py @@ -1409,6 +1409,7 @@ class NetAppCmodeClient(client_base.NetAppBaseClient): def configure_active_directory(self, security_service, vserver_name): """Configures AD on Vserver.""" self.configure_dns(security_service) + self.set_preferred_dc(security_service) # 'cifs-server' is CIFS Server NetBIOS Name, max length is 15. # Should be unique within each domain (data['domain']). @@ -1511,6 +1512,26 @@ class NetAppCmodeClient(client_base.NetAppBaseClient): msg = _("Failed to configure DNS. %s") raise exception.NetAppException(msg % e.message) + @na_utils.trace + def set_preferred_dc(self, security_service): + # server is optional + if not security_service['server']: + return + + api_args = { + 'preferred-dc': [], + 'domain': security_service['domain'], + } + + for dc_ip in security_service['server'].split(','): + api_args['preferred-dc'].append({'string': dc_ip.strip()}) + + try: + self.send_request('cifs-domain-preferred-dc-add', api_args) + except netapp_api.NaApiError as e: + msg = _("Failed to set preferred DC. %s") + raise exception.NetAppException(msg % e.message) + @na_utils.trace def create_volume(self, aggregate_name, volume_name, size_gb, thin_provisioned=False, snapshot_policy=None, diff --git a/manila/tests/share/drivers/netapp/dataontap/client/fakes.py b/manila/tests/share/drivers/netapp/dataontap/client/fakes.py index 37139fd3bf..dc9661f622 100644 --- a/manila/tests/share/drivers/netapp/dataontap/client/fakes.py +++ b/manila/tests/share/drivers/netapp/dataontap/client/fakes.py @@ -421,6 +421,7 @@ CIFS_SECURITY_SERVICE = { 'ou': 'fake_ou', 'domain': 'fake_domain', 'dns_ip': 'fake_dns_ip', + 'server': '', } LDAP_SECURITY_SERVICE = { diff --git a/manila/tests/share/drivers/netapp/dataontap/client/test_client_cmode.py b/manila/tests/share/drivers/netapp/dataontap/client/test_client_cmode.py index f19d5e9cf5..91815befbb 100644 --- a/manila/tests/share/drivers/netapp/dataontap/client/test_client_cmode.py +++ b/manila/tests/share/drivers/netapp/dataontap/client/test_client_cmode.py @@ -2492,6 +2492,7 @@ class NetAppClientCmodeTestCase(test.TestCase): self.mock_object(self.client, 'send_request') self.mock_object(self.client, 'configure_dns') + self.mock_object(self.client, 'set_preferred_dc') self.client.configure_active_directory(fake.CIFS_SECURITY_SERVICE, fake.VSERVER_NAME) @@ -2511,6 +2512,8 @@ class NetAppClientCmodeTestCase(test.TestCase): self.client.configure_dns.assert_called_with( fake.CIFS_SECURITY_SERVICE) + self.client.set_preferred_dc.assert_called_with( + fake.CIFS_SECURITY_SERVICE) self.client.send_request.assert_has_calls([ mock.call('cifs-server-create', cifs_server_create_args)]) @@ -2703,6 +2706,37 @@ class NetAppClientCmodeTestCase(test.TestCase): self.client.configure_dns, fake.KERBEROS_SECURITY_SERVICE) + @ddt.data('', '10.0.0.1', ['10.0.0.2', '10.0.0.3']) + def test_set_preferred_dc(self, server): + + self.mock_object(self.client, 'send_request') + security_service = copy.deepcopy(fake.CIFS_SECURITY_SERVICE) + security_service['server'] = ', '.join(server) + + self.client.set_preferred_dc(security_service) + + if server is '': + self.client.send_request.assert_not_called() + else: + preferred_dc_add_args = { + 'domain': fake.CIFS_SECURITY_SERVICE['domain'], + 'preferred-dc': [{'string': dc_ip} for dc_ip in server] + } + + self.client.send_request.assert_has_calls([ + mock.call('cifs-domain-preferred-dc-add', + preferred_dc_add_args)]) + + def test_set_preferred_dc_api_error(self): + + self.mock_object(self.client, 'send_request', self._mock_api_error()) + security_service = copy.deepcopy(fake.CIFS_SECURITY_SERVICE) + security_service['server'] = 'fake_server' + + self.assertRaises(exception.NetAppException, + self.client.set_preferred_dc, + security_service) + def test_create_volume(self): self.mock_object(self.client, 'send_request') diff --git a/releasenotes/notes/bug-1804651-netapp-cdot-add-peferred-dc-to-cifs-ad-99072ce663762e83.yaml b/releasenotes/notes/bug-1804651-netapp-cdot-add-peferred-dc-to-cifs-ad-99072ce663762e83.yaml new file mode 100644 index 0000000000..4e2adda812 --- /dev/null +++ b/releasenotes/notes/bug-1804651-netapp-cdot-add-peferred-dc-to-cifs-ad-99072ce663762e83.yaml @@ -0,0 +1,8 @@ +--- +features: + - | + For NetApp CIFS share provisioning users can now specify the optional + "server" API parameter to provide an active directory domain controller IP + address for when creating a security service. Multiple IP addresses can be + given separated by comma. This represents the "Preferred DC" at the vserver + cifs domain.