def test_03_sync(self):
'''
test if components are synced
prerequisite
a ldap host is configured
a domain is linked to cloudstack
some accounts in that domain are linked to groups in ldap
'''
domainid = self.syncDomain.id
username = self.test_user[1]
# validate the user doesn't exist
response = User.list(self.apiclient,
domainid=domainid,
username=username)
self.assertEqual(response, None, "user should not exist yet")
self.logon_test_user(username)
# now validate the user exists in domain
response = User.list(self.apiclient,
domainid=domainid,
username=username)
for user in response:
user_created = User(user.__dict__)
self.logger.debug("user to clean: %s (id: %s)" %
(user_created.username, user_created.id))
self.cleanup.append(user_created)
# now verify the creation of the user
self.assertEqual(len(response), 1, "user should exist by now")
return
def test_05_relink_account_and_reuse_user(self):
'''
test if an account and thus a user can be removed and re-added
test if components still are synced
prerequisite
a ldap host is configured
a domain is linked to cloudstack
some accounts in that domain are linked to groups in ldap
'''
domainid = self.syncDomain.id
username = self.test_user[1]
# validate the user doesn't exist
response = User.list(self.apiclient,domainid=domainid,username=username)
self.assertEqual(response, None, "user should not exist yet")
self.logon_test_user(username)
# now validate the user exists in domain
response = User.list(self.apiclient,domainid=domainid,username=username)
# for user in response:
# user_created = User(user.__dict__)
# self.debug("user to clean: %s (id: %s)" % (user_created.username, user_created.id))
# # we don't cleanup to test if re-adding fails
# self.cleanup.append(user_created)
# now verify the creation of the user
self.assertEqual(len(response), 1, "user should exist by now")
# delete the account - quick implementation: user[1] happens to be a junior
self.junior_account.delete(self.apiclient)
# add the account with the same ldap group
self.bind_account_to_ldap(
account=self.testdata.testdata[LdapTestData.syncAccounts][0]["name"],
ldapdomain=self.testdata.testdata[LdapTestData.syncAccounts][0]["group"],
accounttype=self.testdata.testdata[LdapTestData.syncAccounts][0]["accounttype"])
# logon the user - should succeed - reported to fail
self.logon_test_user(username)
# now verify the creation of the user
response = User.list(self.apiclient,domainid=domainid,username=username)
for user in response:
user_created = User(user.__dict__)
self.debug("user to clean: %s (id: %s)" % (user_created.username, user_created.id))
# we don't cleanup to test if re-adding fails
# self.cleanup.append(user_created)
self.assertEqual(len(response), 1, "user should exist again")
return
def test_01_getsecretkey(self):
"""Test if we can get the secretkey"""
userkeys = None
userinfo = None
try:
userkeys = User.registerUserKeys(self.apiclient, self.account.user[0].id)
except CloudstackAPIException:
self.logger.debug("Registered user keys")
except Exception as e:
self.logger.debug("Exception %s raised while registering user keys" % e)
try:
userinfo = User.list(self.apiclient, id=self.account.user[0].id)[0]
except CloudstackAPIException:
self.logger.debug("Retrieved user")
except Exception as e:
self.logger.debug("Exception %s raised while retrieving user" % e)
self.assertEqual(
userkeys.apikey,
userinfo.apikey,
"API key is different"
)
self.assertNotEqual(
userkeys.secretkey,
userinfo.secretkey,
"Secret key is visible"
)
return
def generateKeysForUser(api_client, account):
user = User.list(
api_client,
account=account.name,
domainid=account.domainid)[0]
return (User.registerUserKeys(
api_client,
user.id))
def generateKeysForUser(api_client, account):
user = User.list(
api_client,
account=account.name,
domainid=account.domainid)[0]
return (User.registerUserKeys(
api_client,
user.id))
def test_updateDomainAdminDetails(self):
"""Test update domain admin details
"""
# Steps for test scenario
# 2. update the user details (firstname, lastname, user) with
# updateUser API
# 3. listUsers in the account
# 4. delete the account
# Validate the following
# 1. listAccounts should show account created successfully
# 2. updateUser API should return valid response
# 3. user should be updated with new details
self.debug("Creating a domain admin account")
self.account = Account.create(
self.apiclient,
self.services["account"],
admin=True,
domainid=self.domain.id
)
self._cleanup.append(self.account)
# Fetching the user details of account
self.debug(
"Fetching user details for account: %s" %
self.account.name)
users = User.list(
self.apiclient,
account=self.account.name,
domainid=self.account.domainid
)
self.assertEqual(
isinstance(users, list),
True,
"List users should return a valid list for account"
)
user_1 = users[0]
self.debug("Updating the details of user: %s" % user_1.name)
firstname = random_gen()
lastname = random_gen()
self.debug("New firstname: %s, lastname: %s" % (firstname, lastname))
User.update(
self.apiclient,
user_1.id,
firstname=firstname,
lastname=lastname
)
# Fetching the user details of account
self.debug(
"Fetching user details for user: %s" % user_1.name)
users = User.list(
self.apiclient,
id=user_1.id,
listall=True
)
self.assertEqual(
isinstance(users, list),
True,
"List users should return a valid list for account"
)
user_1 = users[0]
self.assertEqual(
user_1.firstname,
firstname,
"User's first name should be updated with new one"
)
self.assertEqual(
user_1.lastname,
lastname,
"User's last name should be updated with new one"
)
return
def setUpClass(cls):
cloudstackTestClient = super(
TestMultipleVPNAccessonVPC,
cls
).getClsTestClient()
cls.debug("Obtain the Admin's API Client")
cls.api_client = cloudstackTestClient.getApiClient()
cls.debug("Get the dictionary information that will be used during CCP tests, from test_data.py present on the Client")
cls.services = cloudstackTestClient.getParsedTestDataConfig()
if cls.services is None:
cls.debug("Services Object is None")
raise Exception("Services Object is None")
cls.debug("Procure the CloudStack Setup configuration Information")
with open(cls.services["config_path"], 'rb') as fp:
cls.pullconfig = json.load(fp)
cls.debug("Update 'remote.access.vpn.client.iprange','remote.access.vpn.user.limit','max.account.primary.storage','max.account.public.ips','max.account.user.vms','max.account.volumes','max.account.cpus', Global Configuration Parameters")
update_vpn_client_iprange = Configurations.update(
cls.api_client,
name="remote.access.vpn.client.iprange",
value="10.1.2.1-10.1.2.120")
cls.debug("'remote.access.vpn.client.iprange' Global Configuration Parameter Updated Successfully")
update_vpn_user_limit = Configurations.update(
cls.api_client,
name="remote.access.vpn.user.limit",
value=str(int(cls.services["vpnclient_count"]*2))
)
cls.debug("'remote.access.vpn.user.limit' Global Configuration Parameter Updated Successfully")
update_max_account_primary_stg_limit = Configurations.update(
cls.api_client,
name="max.account.primary.storage",
value=str(int(cls.services["vpnclient_count"]*20 + 100))
)
cls.debug("'max.account.primary.storage' Global Configuration Parameter Updated Successfully")
update_max_account_public_ips_limit = Configurations.update(
cls.api_client,
name="max.account.public.ips",
value=str(int(cls.services["vpnclient_count"]*2 + 10))
)
cls.debug("'max.account.public.ips' Global Configuration Parameter Updated Successfully")
update_max_account_user_vms_limit = Configurations.update(
cls.api_client,
name="max.account.user.vms",
value=str(int(cls.services["vpnclient_count"]*2))
)
cls.debug("'max.account.user.vms' Global Configuration Parameter Updated Successfully")
update_max_account_volumes_limit = Configurations.update(
cls.api_client,
name="max.account.volumes",
value=str(int(cls.services["vpnclient_count"]*2))
)
cls.debug("'max.account.volumes' Global Configuration Parameter Updated Successfully")
update_max_account_cpus_limit = Configurations.update(
cls.api_client,
name="max.account.cpus",
value=str(int(cls.services["vpnclient_count"]*2))
)
cls.debug("'max.account.cpus' Global Configuration Parameter Updated Successfully")
cls.debug("Restart the Management Server")
TestMultipleVPNAccessonVPC.restart_mgmt_server(cls.services["config_path"])
cls.debug("Completed restarting the Management Server")
cls.debug("Wait for 120 seconds...")
time.sleep(120)
cls.debug("End of 120 seconds wait time....")
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(
cls.api_client,
zone_name = cls.services["zone_vpn"]["name"])
cls.debug("Use an Existing 'Tiny Instance' Service Offering on the Setup")
list_service_offerings = []
list_service_offerings = list_service_offering(
cls.api_client,
keyword="Tiny Instance",
)
cls._cleanup = []
if list_service_offerings is not None:
cls.debug("Found an Existing 'Tiny Instance' Service Offering on the Setup")
cls.service_offering = list_service_offerings[0]
else:
cls.debug("Create a service offering which will be used for VM deployments in this test")
cls.service_offering = ServiceOffering.create(
cls.api_client,
cls.services["service_offering"]
)
cls.debug("Add the created service offering to the _cleanup queue")
cls._cleanup.append(cls.service_offering)
try:
cls.debug("Create or Use Existing Account to own the VPN Clients, which is used to test Remote VPN Access to VPC")
cls.api_client_vpn_client_reg_user = cloudstackTestClient.getUserApiClient(
UserName="******",
DomainName="ROOT"
)
list_vpn_client_regular_user = User.list(
cls.api_client,
username="******"
)
cls.debug("Procure the Account Name and DomainID Information of the Regular Account")
cls.vpn_client_reg_acct_name = list_vpn_client_regular_user[0].account
cls.vpn_client_reg_domain_id = list_vpn_client_regular_user[0].domainid
list_vpn_client_regular_user_acct = Account.list(
cls.api_client,
name = cls.vpn_client_reg_acct_name,
listall = True
)
cls._cleanup.append(Account(list_vpn_client_regular_user_acct[0].__dict__))
# Register a Template that already has VPN client installed on it. The template registered here
# has extra scripts to facilitate automated operations to execute Test Cases.
# Template has pre-configured configuration files required for the VPN Client operations.
# The following files are present on the registered template. The location of the files are locations
# on a VM deployed from this template
# 1. "/tmp/ipsec.conf"
# 2. "/tmp/ipsec.secrets"
# 3. "/tmp/options.xl2tpd.client"
# 4. "/tmp/xl2tpd.conf"
# 5 "/tmp/vpnclient_services.sh"
# 6. "/tmp/firstconn_expectscript.exp"
# 7. "/tmp/secondconn_expectscript.exp"
cls.debug("Use an Existing VPN Client Template on the Setup")
list_vpn_client_templates = list_templates(
cls.api_client_vpn_client_reg_user,
keyword="VPNClient",
templatefilter="featured",
zoneid = cls.zone.id
)
if list_vpn_client_templates is not None:
cls.debug("Found an Existing VPN Client Template on the Setup")
cls.template = list_vpn_client_templates[0]
else:
cls.debug("Register a Template that already has VPN client installed on it")
cls.template = Template.register(
cls.api_client,
cls.services["vpn_template"],
zoneid=cls.zone.id,
hypervisor='XenServer'
)
cls._cleanup.append(cls.template)
cls.debug("Sleep for {0} seconds specified in the dictionary before checking for Template's Availability".format(cls.services["sleep"]))
time.sleep(cls.services["sleep"])
cls.debug("Procure Timeout Value from the dictionary")
timeout = cls.services["timeout"]
while True:
list_template_response = list_templates(
cls.api_client_vpn_client_reg_user,
templatefilter='featured',
id=cls.template.id,
)
if isinstance(list_template_response, list):
break
elif timeout == 0:
raise Exception("List template failed!")
time.sleep(5)
timeout = timeout - 1
cls.debug("Verify template response to check whether template is present")
if list_template_response is None:
raise Exception("Check whether the VPN Client Template is available")
template_response = list_template_response[0]
if template_response.isready == False:
raise Exception("Template state is not ready, it is %r" % template_response.isready)
# Queue that holds all the VPN Client VMs Information
cls.vpnclientvms = []
cls.debug("Deploy {0} VPN Clients in the account".format(int(cls.services["vpnclient_count"])))
for vm in xrange(0,int(cls.services["vpnclient_count"])):
cls.debug("Deploy a new VM {0} in first account. This VM which will be configured as VPN Client".format(int(vm)))
new_vpnclient_vm = VirtualMachine.create(
cls.api_client_vpn_client_reg_user,
cls.services["virtual_machine"],
zoneid=cls.zone.id,
serviceofferingid=cls.service_offering.id,
templateid=cls.template.id,
)
cls.debug("Add new VM {0} to the vpnclientvms Queue".format(int(vm)))
cls.vpnclientvms.append(new_vpnclient_vm)
cls.debug("Allow SSH Access to the new VPN Client VM {0}".format(int(vm)))
new_vpnclient_vm.access_ssh_over_nat(
cls.api_client_vpn_client_reg_user,
cls.services,
new_vpnclient_vm,
allow_egress=True
)
cls.debug("VM for VPNClient Access Got Created with Public IP Address %s" % new_vpnclient_vm.public_ip)
cls.debug("Create or Use existing Account in which we deploy VPCs and test remote access to them from the First Account's VMs present on isolated Network")
cls.api_client_vpn_server_reg_user = cloudstackTestClient.getUserApiClient(
UserName="******",
DomainName="ROOT"
)
list_vpn_server_regular_user = User.list(
cls.api_client,
username="******"
)
cls.debug("Procure the Account Name and DomainID Information of the Regular Account")
cls.vpn_server_reg_acct_name = list_vpn_server_regular_user[0].account
cls.vpn_server_reg_domain_id = list_vpn_server_regular_user[0].domainid
list_vpn_server_regular_user_acct = Account.list(
cls.api_client,
name = cls.vpn_server_reg_acct_name,
listall = True
)
cls._cleanup.append(Account(list_vpn_server_regular_user_acct[0].__dict__))
cls.debug("Use an Existing 'VPC off-' Service Offering on the Setup")
list_available_vpc_offerings = list_vpc_offerings(
cls.api_client,
keyword="VPC off-",
)
if list_available_vpc_offerings is not None:
cls.debug("Found an Existing 'VPC off-' Service Offering on the Setup")
cls.vpc_offering = VpcOffering(list_available_vpc_offerings[0].__dict__)
else:
cls.debug("Creating a VPC offering..")
cls.vpc_offering = VpcOffering.create(
cls.api_client,
cls.services["vpc_offering"]
)
# Add the created VPC Offering to __cleanup queue
cls._cleanup.append(cls.vpc_offering)
# Enable to created VPC Offering inorder to deploy VPCs with it
cls.debug("Enabling the VPC offering created")
cls.vpc_offering.update(cls.api_client, state='Enabled')
cls.debug("Enabled the VPC Offering")
# Create a VPC for the second account
cls.debug("Creating a VPC in the account: %s" % cls.vpn_server_reg_acct_name)
cls.firstvpc = VPC.create(
cls.api_client_vpn_server_reg_user,
cls.services["vpc_remote_vpn"],
vpcofferingid=cls.vpc_offering.id,
zoneid=cls.zone.id
)
cls.debug("Use an Existing 'NET_OFF-RemoteAccessVPNTest-' Network Offering on the Setup")
list_available_network_offerings = list_network_offerings(
cls.api_client,
keyword="NET_OFF-RemoteAccessVPNTest-",
)
if list_available_network_offerings is not None:
cls.debug("Found an Existing 'NET_OFF-RemoteAccessVPNTest-' Network Offering on the Setup")
cls.network_off = NetworkOffering(list_available_network_offerings[0].__dict__)
else:
cls.debug('Create NetworkOffering for Networks in VPC')
cls.services["vpc_network_offering"]["name"] = "NET_OFF-RemoteAccessVPNTest-"+ random_gen()
cls.network_off = NetworkOffering.create(
cls.api_client,
cls.services["vpc_network_offering"],
conservemode=False
)
# Add the created Network Offering to __cleanup queue
cls._cleanup.append(cls.network_off)
# Enable Network offering
cls.network_off.update(cls.api_client, state='Enabled')
cls.debug('Created and Enabled NetworkOffering')
cls.services["network"]["name"] = "NETWORK-" + random_gen()
# Create First Network Tier in the First VPC created for second account using the network offering created above.
cls.debug('Adding Network=%s' % cls.services["network"])
cls.firstnetworktier = Network.create(
cls.api_client_vpn_server_reg_user,
cls.services["network"],
networkofferingid=cls.network_off.id,
zoneid=cls.zone.id,
gateway=cls.services["firstnetwork_tier"]["gateway"],
netmask=cls.services["firstnetwork_tier"]["netmask"],
vpcid=cls.firstvpc.id
)
cls.debug("Created network with ID: %s" % cls.firstnetworktier.id)
# Create Ingress and Egress NetworkACL rules for First Network Tier in the First VPC created for second account.
cls.debug("Adding NetworkACL rules to make Network accessible for all Protocols and all CIDRs ")
NetworkACL.create(
cls.api_client_vpn_server_reg_user,
cls.services["all_rule"],
networkid=cls.firstnetworktier.id,
traffictype='Ingress'
)
NetworkACL.create(
cls.api_client_vpn_server_reg_user,
cls.services["all_rule"],
networkid=cls.firstnetworktier.id,
traffictype='Egress'
)
listFirstVPC = VPC.list(
cls.api_client_vpn_server_reg_user,
id=cls.firstvpc.id
)
cls.debug("Information about the VPC: {0}".format(str(listFirstVPC)))
cls.debug("Obtain the source nat IP Address of the first VPC.")
cls.listFirstVPCPublicIpAddress = list_publicIP(
cls.api_client_vpn_server_reg_user,
issourcenat="true",
vpcid=listFirstVPC[0].id,
listall="true"
)
cls.debug("Information about the VPC's Source NAT IP Address: {0}".format(str(cls.listFirstVPCPublicIpAddress)))
cls.debug("Enable Remote Access VPN on the source nat Public IP Address of the first VPC")
cls.FirstVPNonFirstVPC = Vpn.create(
cls.api_client_vpn_server_reg_user,
cls.listFirstVPCPublicIpAddress[0].id
)
cls.debug("Successfully Created First VPN on VPC with preshared key:"+ cls.FirstVPNonFirstVPC.presharedkey)
cls.listfirstNetworkTier = list_networks(
cls.api_client_vpn_server_reg_user,
id=cls.firstnetworktier.id,
listall=True
)
cls.debug("Create a VM using the default template on the First Network Tier in the First VPC of the Second Account")
cls.vm1 = VirtualMachine.create(
cls.api_client_vpn_server_reg_user,
cls.services["virtual_machine"],
zoneid=cls.zone.id,
serviceofferingid=cls.service_offering.id,
templateid=cls.template.id,
networkids=[str(cls.firstnetworktier.id)]
)
cls.debug("First VM deployed in the first Network Tier")
except Exception as e:
cleanup_resources(cls.api_client, cls._cleanup)
printex = traceback.format_exc()
cls.debug("Exception Occurred : {0}".format(printex))
raise Exception("Warning: Exception during Setting Up the Test Suite Configuration : %s" % e)
return