def test_get_session_using_token(self):
"""test creating a session using a token instead of a password"""
osclients = OpenStackClients()
osclients.set_token('faketoken')
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
self.assertTrue(type(session.auth) == keystoneclient.auth.identity.v3.token.Token)
def test_get_session_without_auth_url(self):
"""test_get_session_without_auth_url check that we could not retrieve a session without auth_url"""
osclients = OpenStackClients()
osclients.auth_url = None
# Checking v3
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
# Checking v2
osclients.use_v3 = False
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
def test_get_session_without_username_nor_token(self):
"""test_get_session_without_username check that we could not retrieve a session without username"""
osclients = OpenStackClients()
osclients.set_credential("", self.OS_PASSWORD,
tenant_id=self.OS_TENANT_ID)
# Checking v3
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
# Checking v2
osclients.use_v3 = False
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
def test_get_session_with_different_auth_url(self):
"""test_get_session_without_auth_url check that we could retrieve a session with auth_url formats"""
auth_url_v2_1 = "http://cloud.lab.fi-ware.org:4731/v2.0"
auth_url_v2_2 = "http://cloud.lab.fi-ware.org:4731/v2.0/"
auth_url_v3_1 = "http://cloud.lab.fi-ware.org:4731/v3"
auth_url_v3_2 = "http://cloud.lab.fi-ware.org:4731/v3/"
osclients = OpenStackClients()
# Checking v3
osclients.auth_url = auth_url_v2_1
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v3 = None
osclients.auth_url = auth_url_v2_2
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v3 = None
# Checking v2
osclients.use_v3 = False
osclients.auth_url = auth_url_v3_1
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v2 = None
osclients.auth_url = auth_url_v3_2
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v2 = None
class UserResources(object):
"""Class to list, delete user resources. Also provides a method to stop all
the VM of the tenant.
This class works creating a instance with the credential of the user owner
of the resources. It does not use an admin credential!!!"""
def __init__(self, username, password, tenant_id=None, tenant_name=None,
trust_id=None):
"""
Constructor of the class. Tenant_id or tenant_name or tust_id must be
provided.
There are two ways of using this class:
-passing the user, password, tenant_id or tenant_name of the user whose
resources are being deleted
-passing the user and password of the trustee, and the trust_id
generated to impersonate the trustor.
:param username: the user name whose resources are deleted
or the user name of the trustee
:param password: the password of the user whose resources are deleted
or the password of the trustee
:param tenant_id: the tenant id of the user whose resources must be
deleted.
:param tenant_name: the tenant name of the user whose resources must be
deleted
:param trust_id: the trust_id used to impersonate the user whose
resources must be deleted
:return: nothing
"""
self.logger = logging.getLogger(__name__)
self.clients = OpenStackClients()
if tenant_id:
self.clients.set_credential(username, password,
tenant_id=tenant_id)
elif tenant_name:
self.clients.set_credential(username, password,
tenant_name=tenant_name)
elif trust_id:
self.clients.set_credential(username, password, trust_id=trust_id)
self.trust_id = trust_id
else:
raise(
'Either tenant_id or tenant_name or trust_id must be provided')
region = self.clients.region
self.clients.override_endpoint(
'identity', region, 'admin', settings.KEYSTONE_ENDPOINT)
self.user_id = self.clients.get_session().get_user_id()
session = self.clients.get_session()
self.user_name = username
self.nova = NovaResources(self.clients)
self.cinder = CinderResources(self.clients)
self.glance = GlanceResources(self.clients)
try:
self.neutron = NeutronResources(self.clients)
except Exception:
# The region does not support Neutron
# It would be better to check the endpoint
self.neutron = None
try:
self.blueprints = BluePrintResources(self.clients)
except Exception:
# The region does not support PaaS Manager
# It would be better to check the endpoint
self.blueprints = None
try:
self.swift = SwiftResources(self.clients)
except Exception:
# The region does not support Swift
# It would be better to check the endpoint
self.swift = None
# Images in use is a set used to avoid deleting formerly glance images
# in use by other tenants
self.imagesinuse = set()
# Regions the user has access
self.regions_available = set()
self.regions_available.update(self.clients.get_regions('compute'))
def change_region(self, region):
"""
change the region. All the clients need to be updated, but the
session does not.
:param region: the name of the region
:return: nothing.
"""
self.clients.set_region(region)
self.clients.override_endpoint(
'identity', region, 'admin', settings.KEYSTONE_ENDPOINT)
self.nova.on_region_changed()
self.glance.on_region_changed()
try:
if self.swift:
self.swift.on_region_changed()
else:
self.swift = SwiftResources(self.clients)
except Exception:
# The region does not support swift
self.swift = None
self.cinder.on_region_changed()
try:
if self.blueprints:
self.blueprint.on_region_changed()
else:
self.blueprints = BluePrintResources(self.clients)
except Exception:
# The region has not configured paas manager
self.blueprints = None
try:
if self.neutron:
self.neutron.on_region_changed()
else:
self.neutron = NeutronResources(self.clients)
except Exception:
# The region does not support neutron
self.neutron = None
def delete_tenant_resources_pri_1(self):
"""Delete here all the elements that do not depend of others are
deleted first"""
try:
self.nova.delete_user_keypairs()
except Exception, e:
msg = 'Deletion of keypairs failed. Reason: '
self.logger.error(msg + str(e))
# Snapshots must be deleted before the volumes, because a snapshot
# depends of a volume.
try:
self.cinder.delete_tenant_volume_snapshots()
except Exception, e:
msg = 'Deletion of volume snaphosts failed. Reason: '
self.logger.error(msg + str(e))
class TestOSClientsOverrideEndpoint(TestCase):
"""Class to test the endpoint override feature"""
def setUp(self):
d = defaultdict(list)
d['catalog'].append(service)
self.access = d
self.osclients = OpenStackClients()
self.url = 'http://fake.org:9090'
self.original_url = service['endpoints'][1]['url']
def restore_catalog(self):
"""restore catalog"""
service['endpoints'][1]['url'] = self.original_url
def tearDown(self):
"""restore objects"""
self.restore_catalog()
def override_endpoint(self):
"""method that override the endpoint"""
self.osclients.override_endpoint('object-store', 'Spain2', 'admin', self.url)
def assertOverrideEndpoint(self):
"""check that the override has been done"""
self.assertEquals(self.osclients.get_admin_endpoint('object-store', 'Spain2'), self.url)
def test_override_endpoint_session(self):
"""test that invoking override endpoint does not create a session"""
self.override_endpoint()
self.assertFalse(self.osclients._session_v2)
self.assertFalse(self.osclients._session_v3)
def test_override_endpoint(self):
"""check that a session catalog is overriden"""
mock = MagicMock()
config = {'auth.get_access.return_value': self.access}
mock.configure_mock(**config)
self.osclients._session_v3 = mock
self.override_endpoint()
self.assertOverrideEndpoint()
@patch('utils.osclients.session')
def test_override_endpoint_multiple(self, mock):
"""test that override works with an already created session and then
with a new one without invoking the method again"""
config = {'Session.return_value.auth.get_access.return_value': self.access}
mock.configure_mock(**config)
session = self.osclients.get_session()
self.override_endpoint()
self.assertOverrideEndpoint()
# invalidate and create a new session; ensure than catalog is again
# the original. Setting a new token invalidate the session. The new
# one is created at the invocation of get_admin_endpoint.
self.restore_catalog()
self.osclients.set_token('faketoken')
# check again
self.assertOverrideEndpoint()
class ServersFacade(object):
def __init__(self, target):
"""Create a new Facade for the specified target (a target is shared
between regions using the same credential)"""
self.osclients = OpenStackClients(target['keystone_url'])
self.osclients.set_credential(target['user'], target['password'],
target['tenant'])
if target.get('use_keystone_v3', False):
self.osclients.set_keystone_version(True)
else:
self.osclients.set_keystone_version(False)
self.session = self.osclients.get_session()
self.target = target
# This is a default value
self.images_dir = '/var/lib/glance/images'
self.logger = logger_cli
def _get_glanceclient(self, region):
"""helper method, to get a glanceclient for the region"""
self.osclients.set_region(region)
return self.osclients.get_glanceclient()
def get_regions(self):
"""It returns the list of regions on the specified target.
:return: a list of region names.
"""
return self.osclients.get_regions('image')
def get_imagelist(self, regionobj):
"""return a image list from the glance of the specified region
:param regionobj: The GlanceSyncRegion object of the region to list
:return: a list of GlanceSyncImage objects
"""
client = self._get_glanceclient(regionobj.region)
try:
target = regionobj.target
# We need a Pool to implement a timeout. Unfortunately
# setting client.images.client.timeout does nothing.
if 'list_images_timeout' in target:
timeout = target['list_images_timeout']
else:
timeout = _default_timeout
pool = Pool(1)
result = pool.apply_async(_getrawimagelist, (client,))
images = result.get(timeout=timeout)
image_list = list()
for image in images:
i = GlanceSyncImage(
image['name'], image['id'], regionobj.fullname,
image['owner'], image['is_public'], image['checksum'],
image['size'], image['status'], image['properties'], image)
image_list.append(i)
except TimeoutError:
msg = regionobj.fullname + \
': Timeout while retrieving image list.'
self.logger.error(msg)
raise GlanceFacadeException(msg)
except Exception, e:
cause = str(e)
if not cause:
cause = repr(e)
msg = regionobj.fullname + \
': Error retrieving image list. Cause: ' + cause
self.logger.error(msg)
raise GlanceFacadeException(msg)
return image_list
class ServersFacade(object):
def __init__(self, target):
"""Create a new Facade for the specified target (a target is shared
between regions using the same credential)"""
self.osclients = OpenStackClients(target['keystone_url'])
self.osclients.set_credential(target['user'], target['password'],
target['tenant'])
if target.get('use_keystone_v3', False):
self.osclients.set_keystone_version(True)
else:
self.osclients.set_keystone_version(False)
self.session = self.osclients.get_session()
self.target = target
# This is a default value
self.images_dir = '/var/lib/glance/images'
self.logger = logger_cli
def _get_glanceclient(self, region):
"""helper method, to get a glanceclient for the region"""
self.osclients.set_region(region)
return self.osclients.get_glanceclient()
def get_regions(self):
"""It returns the list of regions on the specified target.
:return: a list of region names.
"""
return self.osclients.get_regions('image')
def get_imagelist(self, regionobj):
"""return a image list from the glance of the specified region
:param regionobj: The GlanceSyncRegion object of the region to list
:return: a list of GlanceSyncImage objects
"""
client = self._get_glanceclient(regionobj.region)
try:
target = regionobj.target
# We need a Pool to implement a timeout. Unfortunately
# setting client.images.client.timeout does nothing.
if 'list_images_timeout' in target:
timeout = target['list_images_timeout']
else:
timeout = _default_timeout
pool = Pool(1)
result = pool.apply_async(_getrawimagelist, (client, ))
images = result.get(timeout=timeout)
image_list = list()
for image in images:
i = GlanceSyncImage(image['name'], image['id'],
regionobj.fullname, image['owner'],
image['is_public'], image['checksum'],
image['size'], image['status'],
image['properties'], image)
image_list.append(i)
except TimeoutError:
msg = regionobj.fullname + \
': Timeout while retrieving image list.'
self.logger.error(msg)
raise GlanceFacadeException(msg)
except Exception, e:
cause = str(e)
if not cause:
cause = repr(e)
msg = regionobj.fullname + \
': Error retrieving image list. Cause: ' + cause
self.logger.error(msg)
raise GlanceFacadeException(msg)
return image_list
