def download_systemplates_sec_storage(server, services):
"""Download System templates on sec storage"""
try:
# Login to management server
ssh = remoteSSHClient.remoteSSHClient(server["ipaddress"],
server["port"],
server["username"],
server["password"])
except Exception:
raise Exception("SSH access failted for server with IP address: %s" %
server["ipaddess"])
# Mount Secondary Storage on Management Server
cmds = [
"mkdir -p %s" % services["mnt_dir"],
"mount -t nfs %s:/%s %s" %
(services["sec_storage"], services["path"], services["mnt_dir"]),
"%s -m %s -u %s -h %s -F" %
(services["command"], services["mnt_dir"], services["download_url"],
services["hypervisor"])
]
for c in cmds:
result = ssh.execute(c)
res = str(result)
# Unmount the Secondary storage
ssh.execute("umount %s" % (services["mnt_dir"]))
if res.count("Successfully installed system VM template") == 1:
return
else:
raise Exception("Failed to download System Templates on Sec Storage")
return
def download_systemplates_sec_storage(server, services):
"""Download System templates on sec storage"""
try:
# Login to management server
ssh = remoteSSHClient.remoteSSHClient(
server["ipaddress"], server["port"], server["username"], server["password"]
)
except Exception as e:
raise Exception("SSH access failted for server with IP address: %s" % server["ipaddess"])
# Mount Secondary Storage on Management Server
cmds = [
"mkdir -p %s" % services["mnt_dir"],
"mount -t nfs %s:/%s %s" % (services["sec_storage"], services["path"], services["mnt_dir"]),
"%s -m %s -u %s -h %s -F"
% (services["command"], services["mnt_dir"], services["download_url"], services["hypervisor"]),
]
for c in cmds:
result = ssh.execute(c)
res = str(result)
# Unmount the Secondary storage
ssh.execute("umount %s" % (services["mnt_dir"]))
if res.count("Successfully installed system VM template") == 1:
return
else:
raise Exception("Failed to download System Templates on Sec Storage")
return
def get_process_status(hostip, port, username, password, linklocalip, process):
"""Double hop and returns a process status"""
#SSH to the machine
ssh = remoteSSHClient.remoteSSHClient(
hostip,
port,
username,
password
)
ssh_command = "ssh -i ~/.ssh/id_rsa.cloud -ostricthostkeychecking=no "
ssh_command = ssh_command + \
"-oUserKnownHostsFile=/dev/null -p 3922 %s %s" % (
linklocalip,
process)
# Double hop into router
timeout = 5
# Ensure the SSH login is successful
while True:
res = ssh.execute(ssh_command)
if res[0] != "Host key verification failed.":
break
elif timeout == 0:
break
time.sleep(5)
timeout = timeout - 1
return res
def get_process_status(hostip, port, username, password, linklocalip, process):
"""Double hop and returns a process status"""
#SSH to the machine
ssh = remoteSSHClient.remoteSSHClient(hostip, port, username, password)
ssh_command = "ssh -i ~/.ssh/id_rsa.cloud -ostricthostkeychecking=no "
ssh_command = ssh_command + \
"-oUserKnownHostsFile=/dev/null -p 3922 %s %s" % (
linklocalip,
process)
# Double hop into router
timeout = 5
# Ensure the SSH login is successful
while True:
res = ssh.execute(ssh_command)
if res[0] != "Host key verification failed.":
break
elif timeout == 0:
break
time.sleep(5)
timeout = timeout - 1
return res
def test_03_accessInDefaultSecurityGroup(self):
"""Test access in default security group
"""
# Validate the following:
# 1. deploy Virtual machine using admin user
# 2. listVM should show a VM in Running state
# 3. listRouters should show one router running
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.account.name,
domainid=self.account.account.domainid,
serviceofferingid=self.service_offering.id,
)
self.debug("Deployed VM with ID: %s" % self.virtual_machine.id)
self.cleanup.append(self.virtual_machine)
list_vm_response = list_virtual_machines(self.apiclient, id=self.virtual_machine.id)
self.assertEqual(isinstance(list_vm_response, list), True, "Check for list VM response")
self.debug("Verify listVirtualMachines response for virtual machine: %s" % self.virtual_machine.id)
vm_response = list_vm_response[0]
self.assertNotEqual(len(list_vm_response), 0, "Check VM available in List Virtual Machines")
self.assertEqual(vm_response.id, self.virtual_machine.id, "Check virtual machine id in listVirtualMachines")
self.assertEqual(
vm_response.displayname,
self.virtual_machine.displayname,
"Check virtual machine displayname in listVirtualMachines",
)
# Default Security group should not have any ingress rule
sercurity_groups = SecurityGroup.list(
self.apiclient, account=self.account.account.name, domainid=self.account.account.domainid
)
self.assertEqual(isinstance(sercurity_groups, list), True, "Check for list security groups response")
self.debug("List Security groups response: %s" % str(sercurity_groups))
self.assertNotEqual(len(sercurity_groups), 0, "Check List Security groups response")
self.assertEqual(
hasattr(sercurity_groups, "ingressrule"), False, "Check ingress rule attribute for default security group"
)
# SSH Attempt to VM should fail
with self.assertRaises(Exception):
self.debug("SSH into VM: %s" % self.virtual_machine.ssh_ip)
ssh = remoteSSHClient.remoteSSHClient(
self.virtual_machine.ssh_ip,
self.virtual_machine.ssh_port,
self.virtual_machine.username,
self.virtual_machine.password,
)
return
def is_server_ssh_ready(ipaddress, port, username, password, retries=50):
"""Return ssh handle else wait till sshd is running"""
loop_cnt = retries
while True:
try:
ssh = remoteSSHClient.remoteSSHClient(ipaddress, port, username,
password)
except Exception as e:
if loop_cnt == 0:
raise e
loop_cnt = loop_cnt - 1
time.sleep(30)
else:
return ssh
def is_server_ssh_ready(ipaddress, port, username, password, retries=50):
"""Return ssh handle else wait till sshd is running"""
loop_cnt = retries
while True:
try:
ssh = remoteSSHClient.remoteSSHClient(
ipaddress,
port,
username,
password
)
except Exception as e:
if loop_cnt == 0:
raise e
loop_cnt = loop_cnt - 1
time.sleep(30)
else:
return ssh
def test_01_revokeIngressRule(self):
"""Test revoke ingress rule
"""
# Validate the following:
# 1. Create Security group for the account.
# 2. Createsecuritygroup (ssh-incoming) for this account
# 3. authorizeSecurityGroupIngress to allow ssh access to the VM
# 4. deployVirtualMachine into this security group (ssh-incoming)
# 5. Revoke the ingress rule, SSH access should fail
security_group = SecurityGroup.create(
self.apiclient,
self.services["security_group"],
account=self.account.account.name,
domainid=self.account.account.domainid,
)
self.debug("Created security group with ID: %s" % security_group.id)
# Default Security group should not have any ingress rule
sercurity_groups = SecurityGroup.list(
self.apiclient, account=self.account.account.name, domainid=self.account.account.domainid
)
self.assertEqual(isinstance(sercurity_groups, list), True, "Check for list security groups response")
self.assertEqual(len(sercurity_groups), 2, "Check List Security groups response")
# Authorize Security group to SSH to VM
self.debug("Authorizing ingress rule for sec group ID: %s for ssh access" % security_group.id)
ingress_rule = security_group.authorize(
self.apiclient,
self.services["security_group"],
account=self.account.account.name,
domainid=self.account.account.domainid,
)
self.assertEqual(isinstance(ingress_rule, dict), True, "Check ingress rule created properly")
ssh_rule = (ingress_rule["ingressrule"][0]).__dict__
self.virtual_machine = VirtualMachine.create(
self.apiclient,
self.services["virtual_machine"],
accountid=self.account.account.name,
domainid=self.account.account.domainid,
serviceofferingid=self.service_offering.id,
securitygroupids=[security_group.id],
)
self.debug("Deploying VM in account: %s" % self.account.account.name)
# Should be able to SSH VM
try:
self.debug("SSH into VM: %s" % self.virtual_machine.id)
self.virtual_machine.get_ssh_client()
except Exception as e:
self.fail("SSH Access failed for %s: %s" % (self.virtual_machine.ipaddress, e))
self.debug("Revoking ingress rule for sec group ID: %s for ssh access" % security_group.id)
# Revoke Security group to SSH to VM
result = security_group.revoke(self.apiclient, id=ssh_rule["ruleid"])
# SSH Attempt to VM should fail
with self.assertRaises(Exception):
self.debug("SSH into VM: %s" % self.virtual_machine.id)
remoteSSHClient.remoteSSHClient(
self.virtual_machine.ssh_ip,
self.virtual_machine.ssh_port,
self.virtual_machine.username,
self.virtual_machine.password,
)
return