forked from myugan/firecracker-python
-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathtest_cleanup.py
More file actions
350 lines (292 loc) · 15.3 KB
/
test_cleanup.py
File metadata and controls
350 lines (292 loc) · 15.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
"""Tests for cleanup functionality improvements.
This module tests:
1. Resilient cleanup (partial failures don't stop other cleanup steps)
2. Orphaned resource detection and cleanup
3. Cleaning failed VMs (VMs with network resources but no config.json)
"""
from unittest.mock import patch
from firecracker.exceptions import NetworkError
KERNEL_FILE = "/var/lib/firecracker/vmlinux-6.1.159"
BASE_ROOTFS = "/var/lib/firecracker/devsecops-box.img"
class TestResilientCleanup:
"""Test that cleanup continues even if some steps fail."""
def test_network_cleanup_continues_on_nat_failure(self, network_manager):
"""Test that TAP deletion continues even if NAT rule deletion fails."""
tap_device = "tap_test123"
# Mock delete_nat_rules to raise an error
with patch.object(
network_manager, "delete_nat_rules", side_effect=NetworkError("NAT deletion failed")
):
# Mock delete_tap to succeed
with patch.object(network_manager, "delete_tap") as mock_delete_tap:
# Call cleanup - it should continue despite NAT deletion failure
try:
network_manager.cleanup(tap_device)
except NetworkError:
# Cleanup may raise error but should have attempted TAP deletion
pass
# Verify delete_tap was still called
mock_delete_tap.assert_called_once_with(tap_device)
def test_network_cleanup_continues_on_masquerade_failure(self, network_manager):
"""Test that TAP deletion continues even if masquerade deletion fails."""
tap_device = "tap_test456"
# Mock delete_masquerade to raise an error
with patch.object(
network_manager,
"delete_masquerade",
side_effect=NetworkError("Masquerade deletion failed"),
):
# Mock delete_tap to succeed
with patch.object(network_manager, "delete_tap") as mock_delete_tap:
# Call cleanup - it should continue despite masquerade deletion failure
try:
network_manager.cleanup(tap_device)
except NetworkError:
# Cleanup may raise error but should have attempted TAP deletion
pass
# Verify delete_tap was still called
mock_delete_tap.assert_called_once_with(tap_device)
def test_network_cleanup_continues_on_port_forward_failure(self, network_manager):
"""Test that TAP deletion continues even if port forward deletion fails."""
tap_device = "tap_test789"
# Mock delete_all_port_forward to raise an error
with patch.object(
network_manager,
"delete_all_port_forward",
side_effect=NetworkError("Port forward deletion failed"),
):
# Mock delete_tap to succeed
with patch.object(network_manager, "delete_tap") as mock_delete_tap:
# Call cleanup - it should continue despite port forward deletion failure
try:
network_manager.cleanup(tap_device)
except NetworkError:
# Cleanup may raise error but should have attempted TAP deletion
pass
# Verify delete_tap was still called
mock_delete_tap.assert_called_once_with(tap_device)
def test_network_cleanup_all_failures_logs_errors(self, network_manager):
"""Test that all cleanup failures are logged."""
tap_device = "tap_test_all_fail"
# Mock all cleanup methods to fail
with patch.object(
network_manager, "delete_nat_rules", side_effect=NetworkError("NAT failed")
):
with patch.object(
network_manager,
"delete_masquerade",
side_effect=NetworkError("Masquerade failed"),
):
with patch.object(
network_manager,
"delete_all_port_forward",
side_effect=NetworkError("Port forward failed"),
):
with patch.object(
network_manager, "delete_tap", side_effect=NetworkError("TAP failed")
):
# Call cleanup - all steps should be attempted
# Note: The cleanup method is resilient and may not raise an error
# even if all steps fail, as it logs errors and continues
network_manager.cleanup(tap_device)
def test_vmm_cleanup_continues_on_network_failure(self, vmm_manager):
"""Test that VMM cleanup continues even if network cleanup fails."""
vmm_id = "test_vmm_cleanup"
# Mock network cleanup to fail
with patch.object(
vmm_manager._network, "cleanup", side_effect=NetworkError("Network cleanup failed")
):
# Mock process cleanup to succeed
with patch.object(vmm_manager._process, "stop", return_value=True):
# Mock directory cleanup to succeed
with patch.object(vmm_manager, "delete_vmm_dir"):
# Call cleanup - it should continue despite network cleanup failure
try:
vmm_manager.cleanup(vmm_id)
except NetworkError:
# Cleanup may raise error but should have attempted other steps
pass
# Verify process cleanup was attempted
vmm_manager._process.stop.assert_called_once_with(vmm_id)
class TestOrphanedResourceCleanup:
"""Test orphaned resource detection and cleanup."""
def test_cleanup_orphaned_tap_devices_finds_orphans(self, network_manager):
"""Test that orphaned TAP devices are detected and cleaned."""
running_vm_ids = {"vm1", "vm2"}
# Mock get_links to return TAP devices
mock_links = [
{"ifname": "tap_vm1", "index": 10},
{"ifname": "tap_vm2", "index": 11},
{"ifname": "tap_orphan1", "index": 12}, # This should be cleaned
{"ifname": "tap_orphan2", "index": 13}, # This should be cleaned
{"ifname": "eth0", "index": 1}, # Not a TAP device
]
with patch.object(network_manager._ipr, "get_links", return_value=mock_links):
# Mock cleanup methods
with patch.object(network_manager, "delete_nat_rules"):
with patch.object(network_manager, "delete_all_port_forward"):
with patch.object(network_manager, "delete_tap") as mock_delete_tap:
# Call orphaned cleanup
network_manager.cleanup_orphaned_tap_devices(running_vm_ids)
# Verify orphaned TAP devices were deleted
assert mock_delete_tap.call_count == 2
calls = [
call[0][0] for call in mock_delete_tap.call_args_list
]
assert "tap_orphan1" in calls
assert "tap_orphan2" in calls
assert "tap_vm1" not in calls
assert "tap_vm2" not in calls
def test_cleanup_orphaned_tap_devices_no_orphans(self, network_manager):
"""Test that cleanup does nothing when all TAP devices belong to running VMs."""
running_vm_ids = {"vm1", "vm2"}
# Mock get_links to return only running VM TAP devices
mock_links = [
{"ifname": "tap_vm1", "index": 10},
{"ifname": "tap_vm2", "index": 11},
]
with patch.object(network_manager._ipr, "get_links", return_value=mock_links):
with patch.object(network_manager, "delete_nat_rules"):
with patch.object(network_manager, "delete_all_port_forward"):
with patch.object(network_manager, "delete_tap") as mock_delete_tap:
# Call orphaned cleanup
network_manager.cleanup_orphaned_tap_devices(running_vm_ids)
# Verify no TAP devices were deleted
mock_delete_tap.assert_not_called()
def test_cleanup_orphaned_tap_devices_empty_links(self, network_manager):
"""Test that cleanup handles empty link list gracefully."""
running_vm_ids = set()
# Mock get_links to return empty list
with patch.object(network_manager._ipr, "get_links", return_value=[]):
# Call orphaned cleanup - should not raise error
network_manager.cleanup_orphaned_tap_devices(running_vm_ids)
def test_cleanup_orphaned_resources_lists_running_vms(self, vmm_manager):
"""Test that cleanup_orphaned_resources gets list of running VMs."""
# Mock list_vmm to return running VMs
mock_vmm_list = [
{"id": "vm1", "state": "Running"},
{"id": "vm2", "state": "Running"},
]
with patch.object(vmm_manager, "list_vmm", return_value=mock_vmm_list):
# Mock orphaned TAP cleanup
with patch.object(
vmm_manager._network, "cleanup_orphaned_tap_devices"
) as mock_cleanup:
# Call orphaned resource cleanup
vmm_manager.cleanup_orphaned_resources()
# Verify cleanup was called with correct VM IDs
mock_cleanup.assert_called_once_with({"vm1", "vm2"})
def test_cleanup_orphaned_resources_no_running_vms(self, vmm_manager):
"""Test that cleanup_orphaned_resources handles no running VMs."""
# Mock list_vmm to return empty list
with patch.object(vmm_manager, "list_vmm", return_value=[]):
# Mock orphaned TAP cleanup
with patch.object(
vmm_manager._network, "cleanup_orphaned_tap_devices"
) as mock_cleanup:
# Call orphaned resource cleanup
vmm_manager.cleanup_orphaned_resources()
# Verify cleanup was called with empty set
mock_cleanup.assert_called_once_with(set())
class TestDeleteWithOrphans:
"""Test delete(all=True) behavior with orphaned resources."""
def test_delete_all_cleans_orphaned_resources(self, mock_vm):
"""Test that delete(all=True) cleans orphaned resources."""
# Mock list_vmm to return running VMs
mock_vmm_list = [
{"id": "vm1", "state": "Running"},
{"id": "vm2", "state": "Running"},
]
with patch.object(mock_vm._vmm, "list_vmm", return_value=mock_vmm_list):
# Mock VMM deletion
with patch.object(mock_vm._vmm, "delete_vmm"):
# Mock orphaned resource cleanup
with patch.object(
mock_vm._vmm, "cleanup_orphaned_resources"
) as mock_cleanup:
# Call delete all
result = mock_vm.delete(all=True)
# Verify orphaned cleanup was called
mock_cleanup.assert_called_once()
assert "All VMMs and orphaned resources are deleted" in result
def test_delete_all_no_vms(self, mock_vm):
"""Test delete(all=True) when no VMs exist."""
# Mock list_vmm to return empty list
with patch.object(mock_vm._vmm, "list_vmm", return_value=[]):
# Mock orphaned resource cleanup
with patch.object(mock_vm._vmm, "cleanup_orphaned_resources"):
# Call delete all
result = mock_vm.delete(all=True)
# Should succeed even with no VMs
# When no VMs exist, it returns "No VMMs available to delete"
assert result is not None
def test_delete_single_vm_no_orphan_cleanup(self, mock_vm):
"""Test that deleting single VM doesn't trigger orphan cleanup."""
# Mock list_vmm to return one VM
mock_vmm_list = [{"id": "vm1", "state": "Running"}]
with patch.object(mock_vm._vmm, "list_vmm", return_value=mock_vmm_list):
# Mock VMM deletion
with patch.object(mock_vm._vmm, "delete_vmm"):
# Mock orphaned resource cleanup - should NOT be called
with patch.object(
mock_vm._vmm, "cleanup_orphaned_resources"
) as mock_cleanup:
# Verify orphaned cleanup was NOT called
mock_cleanup.assert_not_called()
def test_delete_all_deletes_all_running_vms(self, mock_vm):
"""Test that delete(all=True) deletes all running VMs."""
# Mock list_vmm to return running VMs
mock_vmm_list = [
{"id": "vm1", "state": "Running"},
{"id": "vm2", "state": "Running"},
{"id": "vm3", "state": "Running"},
]
with patch.object(mock_vm._vmm, "list_vmm", return_value=mock_vmm_list):
# Mock VMM deletion
with patch.object(mock_vm._vmm, "delete_vmm") as mock_delete:
# Mock orphaned resource cleanup
with patch.object(mock_vm._vmm, "cleanup_orphaned_resources"):
# Call delete all
mock_vm.delete(all=True)
# Verify all VMs were deleted
assert mock_delete.call_count == 3
calls = [call[0][0] for call in mock_delete.call_args_list]
assert "vm1" in calls
assert "vm2" in calls
assert "vm3" in calls
class TestCleanupIntegration:
"""Integration tests for cleanup functionality."""
def test_cleanup_orphaned_tap_devices_with_network_rules(self, network_manager):
"""Test that orphaned TAP cleanup removes associated network rules."""
running_vm_ids = set() # No running VMs
# Mock get_links to return orphaned TAP device
mock_links = [{"ifname": "tap_orphan", "index": 12}]
with patch.object(network_manager._ipr, "get_links", return_value=mock_links):
# Mock cleanup methods
with patch.object(
network_manager, "delete_nat_rules"
) as mock_delete_nat:
with patch.object(
network_manager, "delete_all_port_forward"
) as mock_delete_pf:
with patch.object(network_manager, "delete_tap"):
# Call orphaned cleanup
network_manager.cleanup_orphaned_tap_devices(running_vm_ids)
# Verify all cleanup methods were called
mock_delete_nat.assert_called_once_with("tap_orphan")
mock_delete_pf.assert_called_once_with("orphan")
def test_cleanup_handles_exceptions_gracefully(self, network_manager):
"""Test that cleanup handles exceptions without crashing."""
tap_device = "tap_test_exception"
# Mock delete_nat_rules to raise an exception
with patch.object(
network_manager, "delete_nat_rules", side_effect=RuntimeError("Unexpected error")
):
# Mock delete_tap to succeed
with patch.object(network_manager, "delete_tap"):
# Call cleanup - should not crash
try:
network_manager.cleanup(tap_device)
except (NetworkError, RuntimeError):
# Expected - cleanup may raise error but should not crash
pass