def test_get_swiftclient(self):
"""test_get_swiftclient check that we could retrieve a Session client to work with swift using keystone v3"""
osclients = OpenStackClients(modules="swift")
swiftClient = osclients.get_swiftclient()
self.assertIsInstance(swiftClient, Connection)
def test_get_cinderclient(self):
"""test_get_cinderclient check that we could retrieve a Session client to work with cinder"""
osclients = OpenStackClients(modules="cinder")
cinderClient = osclients.get_cinderclient()
# api_version = cinderClient.get_volume_api_version_from_endpoint() --> This should return "2" against a server
self.assertIsInstance(cinderClient, cinderclient.v2.client.Client)
def test_get_swiftclient(self):
"""test_get_swiftclient check that we could retrieve a Session client to work with swift using keystone v3"""
osclients = OpenStackClients(modules="swift")
swiftClient = osclients.get_swiftclient()
self.assertIsInstance(swiftClient, Connection)
def setUp(self):
d = defaultdict(list)
d['catalog'].append(service)
self.access = d
self.osclients = OpenStackClients()
self.url = 'http://fake.org:9090'
self.original_url = service['endpoints'][1]['url']
def test_get_keystoneclient_v2(self):
"""test_get_keystoneclient_v2 check that we could retrieve a Session client to work with keystone v2"""
osclients = OpenStackClients()
osclients.use_v3 = False
keystoneClient = osclients.get_keystoneclient()
self.assertIsInstance(keystoneClient, keystoneclient.v2_0.client.Client)
def test_get_cinderclient(self):
"""test_get_cinderclient check that we could retrieve a Session client to work with cinder"""
osclients = OpenStackClients(modules="cinder")
cinderClient = osclients.get_cinderclient()
# api_version = cinderClient.get_volume_api_version_from_endpoint() --> This should return "2" against a server
self.assertIsInstance(cinderClient, cinderclient.v2.client.Client)
def test_get_glanceclient(self):
"""test_get_glanceclient check that we could retrieve a Session client to work with glance"""
osclients = OpenStackClients(modules="glance")
osclients.set_keystone_version(use_v3=False)
glanceClient = osclients.get_glanceclient()
self.assertIsInstance(glanceClient, glanceclient.v1.client.Client)
def test_get_keystoneclient_v2(self):
"""test_get_keystoneclient_v2 check that we could retrieve a Session client to work with keystone v2"""
osclients = OpenStackClients()
osclients.use_v3 = False
keystoneClient = osclients.get_keystoneclient()
self.assertIsInstance(keystoneClient,
keystoneclient.v2_0.client.Client)
def test_get_glanceclient(self):
"""test_get_glanceclient check that we could retrieve a Session client to work with glance"""
osclients = OpenStackClients(modules="glance")
osclients.set_keystone_version(use_v3=False)
glanceClient = osclients.get_glanceclient()
self.assertIsInstance(glanceClient, glanceclient.v1.client.Client)
def test_get_neutronclient_with_all_modules(self):
"""test_get_neutronclient_with_all_modules check that we could retrieve a Session client to work with neutron if
osclients is created with all modules"""
osclients = OpenStackClients(modules="auto")
neutronClient = osclients.get_neutronclient()
self.assertIsInstance(neutronClient, neutronclient.v2_0.client.Client)
def test_get_neutronclient_with_all_modules(self):
"""test_get_neutronclient_with_all_modules check that we could retrieve a Session client to work with neutron if
osclients is created with all modules"""
osclients = OpenStackClients(modules="auto")
neutronClient = osclients.get_neutronclient()
self.assertIsInstance(neutronClient, neutronclient.v2_0.client.Client)
def test_get_cinderclient_unknown_module(self):
"""test_get_cinderclient_unknown_module check that we could not retrieve a Session client to work with cinder if
there is no modules defined"""
try:
osclients = OpenStackClients(modules="")
osclients.get_cinderclient()
except Exception as ex:
self.assertRaises(ex)
def test_get_cinderclient_unknown_module(self):
"""test_get_cinderclient_unknown_module check that we could not retrieve a Session client to work with cinder if
there is no modules defined"""
try:
osclients = OpenStackClients(modules="")
osclients.get_cinderclient()
except Exception as ex:
self.assertRaises(ex)
def test_get_session_using_token(self):
"""test creating a session using a token instead of a password"""
osclients = OpenStackClients()
osclients.set_token('faketoken')
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
self.assertTrue(type(session.auth) == keystoneclient.auth.identity.v3.token.Token)
def test_get_keystoneclient_v3_with_trust_id(self):
"""test_get_keystoneclient_v3_with_trust_id check that we could retrieve a Session client to work
with keystone v3 and using trust_id"""
osclients = OpenStackClients()
trust_id = "randomid0000000000000000000000001"
osclients.set_credential(self.OS_USERNAME, self.OS_PASSWORD, trust_id=trust_id)
keystoneClient = osclients.get_keystoneclient()
self.assertIsInstance(keystoneClient, keystoneclient.v3.client.Client)
def test_get_session_using_token(self):
"""test creating a session using a token instead of a password"""
osclients = OpenStackClients()
osclients.set_token('faketoken')
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
self.assertTrue(
type(session.auth) == keystoneclient.auth.identity.v3.token.Token)
def test_set_region(self):
"""test_set_region check that we could change the region after create the client"""
# FIRST CHECK: Region is recovered from ENV
osclients = OpenStackClients()
self.assertEqual(osclients.region, self.OS_REGION_NAME)
# Check that region is updated to a new Value.
region = "Budapest"
osclients.set_region(region)
self.assertEqual(osclients.region, region)
def test_get_keystoneclient_v2_with_tenant_id(self):
"""test_get_keystoneclient_v2_with_tenant_id check that we could retrieve a Session client to work
with keystone v2 and using tenant_id"""
osclients = OpenStackClients()
osclients.use_v3 = False
osclients.set_credential(self.OS_USERNAME, self.OS_PASSWORD, tenant_id=self.OS_TENANT_ID)
keystoneClient = osclients.get_keystoneclient()
self.assertIsInstance(keystoneClient, keystoneclient.v2_0.client.Client)
def test_set_region(self):
"""test_set_region check that we could change the region after create the client"""
# FIRST CHECK: Region is recovered from ENV
osclients = OpenStackClients()
self.assertEqual(osclients.region, self.OS_REGION_NAME)
# Check that region is updated to a new Value.
region = "Budapest"
osclients.set_region(region)
self.assertEqual(osclients.region, region)
def test_get_keystoneclient_v3_with_trust_id(self):
"""test_get_keystoneclient_v3_with_trust_id check that we could retrieve a Session client to work
with keystone v3 and using trust_id"""
osclients = OpenStackClients()
trust_id = "randomid0000000000000000000000001"
osclients.set_credential(self.OS_USERNAME,
self.OS_PASSWORD,
trust_id=trust_id)
keystoneClient = osclients.get_keystoneclient()
self.assertIsInstance(keystoneClient, keystoneclient.v3.client.Client)
def setUp(self):
d = defaultdict(list)
d['catalog'].append(service)
self.access = d
self.osclients = OpenStackClients()
self.url = 'http://fake.org:9090'
self.original_url = service['endpoints'][1]['url']
def test_implement_client_with_unknown_module(self):
"""test_implement_client_with_unknown_module check that we could not implement an empty client,
raising an exception."""
try:
OpenStackClients(modules="fakeOpenstackModule")
except Exception as ex:
self.assertRaises(ex)
def test_implement_client_with_all_modules(self):
"""test_implement_client_with_all_modules check that we could not implement an empty client,
with all modules and a given auth_url"""
OS_AUTH_URL = 'http://host.com:4731/v3'
osclients = OpenStackClients(modules="all", auth_url=OS_AUTH_URL)
self.assertIsNotNone(osclients)
def test_implement_client_with_selected_module(self):
"""test_implement_client_with_selected_module check that we could not implement an empty client, with selected
modules (keystone and cinder)"""
selected_modules = "keystone,cinder,"
osclients = OpenStackClients(modules=selected_modules)
self.assertIsNotNone(osclients)
def generate_trust_ids(users_to_delete):
"""
From a list of users to delete, generate a file with a trustid for each
user. The user is acting as the trustor, delegating in a trustee, which
will impersonate it to delete its resources.
:param users_to_delete: a list of trustors.
:return: this function does not return anything. It creates a file.
"""
global logger
osclients = OpenStackClients()
users_trusted_ids = open('users_trusted_ids.txt', 'w')
check_users = CheckUsers()
# Use an alternative URL that allow direct access to the keystone admin
# endpoint, because the registered one uses an internal IP address.
osclients.override_endpoint('identity', osclients.region, 'admin',
KEYSTONE_ENDPOINT)
trust_factory = TrustFactory(osclients)
lines = users_to_delete.readlines()
total = len(lines)
count = 0
if 'TRUSTEE_USER' in env:
trustee = env['TRUSTEE_USER']
else:
trustee = TRUSTEE
for user in lines:
user = user.strip()
if user == '':
continue
try:
count += 1
(username,
trust_id) = trust_factory.create_trust_admin(user, trustee)
users_trusted_ids.write(username + ',' + trust_id + '\n')
msg = 'Generated trustid for user {0} ({1}/{2})'
logger.info(msg.format(user, count, total))
except Exception, e:
msg = 'Failed getting trust-id from trustor {0}. Reason: {1}'
logger.error(msg.format(user, str(e)))
def generate_trust_ids(users_to_delete):
"""
From a list of users to delete, generate a file with a trustid for each
user. The user is acting as the trustor, delegating in a trustee, which
will impersonate it to delete its resources.
:param users_to_delete: a list of trustors.
:return: this function does not return anything. It creates a file.
"""
global logger
osclients = OpenStackClients()
users_trusted_ids = open('users_trusted_ids.txt', 'w')
check_users = CheckUsers()
# Use an alternative URL that allow direct access to the keystone admin
# endpoint, because the registered one uses an internal IP address.
osclients.override_endpoint(
'identity', osclients.region, 'admin', KEYSTONE_ENDPOINT)
trust_factory = TrustFactory(osclients)
lines = users_to_delete.readlines()
total = len(lines)
count = 0
if 'TRUSTEE_USER' in env:
trustee = env['TRUSTEE_USER']
else:
trustee = TRUSTEE
for user in lines:
user = user.strip()
if user == '':
continue
try:
count += 1
(username, trust_id) = trust_factory.create_trust_admin(
user, trustee)
users_trusted_ids.write(username + ',' + trust_id + '\n')
msg = 'Generated trustid for user {0} ({1}/{2})'
logger.info(msg.format(user, count, total))
except Exception, e:
msg = 'Failed getting trust-id from trustor {0}. Reason: {1}'
logger.error(msg.format(user, str(e)))
def test_get_session_without_username_nor_token(self):
"""test_get_session_without_username check that we could not retrieve a session without username"""
osclients = OpenStackClients()
osclients.set_credential("",
self.OS_PASSWORD,
tenant_id=self.OS_TENANT_ID)
# Checking v3
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
# Checking v2
osclients.use_v3 = False
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
def test_get_session_without_auth_url(self):
"""test_get_session_without_auth_url check that we could not retrieve a session without auth_url"""
osclients = OpenStackClients()
osclients.auth_url = None
# Checking v3
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
# Checking v2
osclients.use_v3 = False
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
def test_get_session_without_username_nor_token(self):
"""test_get_session_without_username check that we could not retrieve a session without username"""
osclients = OpenStackClients()
osclients.set_credential("", self.OS_PASSWORD, tenant_id=self.OS_TENANT_ID)
# Checking v3
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
# Checking v2
osclients.use_v3 = False
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
def test_get_keystoneclient_v2_with_tenant_id(self):
"""test_get_keystoneclient_v2_with_tenant_id check that we could retrieve a Session client to work
with keystone v2 and using tenant_id"""
osclients = OpenStackClients()
osclients.use_v3 = False
osclients.set_credential(self.OS_USERNAME,
self.OS_PASSWORD,
tenant_id=self.OS_TENANT_ID)
keystoneClient = osclients.get_keystoneclient()
self.assertIsInstance(keystoneClient,
keystoneclient.v2_0.client.Client)
def test_get_session_without_auth_url(self):
"""test_get_session_without_auth_url check that we could not retrieve a session without auth_url"""
osclients = OpenStackClients()
osclients.auth_url = None
# Checking v3
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
# Checking v2
osclients.use_v3 = False
try:
osclients.get_session()
except Exception as ex:
self.assertRaises(ex)
def test_get_session_with_different_auth_url(self):
"""test_get_session_without_auth_url check that we could retrieve a session with auth_url formats"""
auth_url_v2_1 = "http://cloud.lab.fi-ware.org:4731/v2.0"
auth_url_v2_2 = "http://cloud.lab.fi-ware.org:4731/v2.0/"
auth_url_v3_1 = "http://cloud.lab.fi-ware.org:4731/v3"
auth_url_v3_2 = "http://cloud.lab.fi-ware.org:4731/v3/"
osclients = OpenStackClients()
# Checking v3
osclients.auth_url = auth_url_v2_1
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v3 = None
osclients.auth_url = auth_url_v2_2
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v3 = None
# Checking v2
osclients.use_v3 = False
osclients.auth_url = auth_url_v3_1
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v2 = None
osclients.auth_url = auth_url_v3_2
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v2 = None
def test_get_novaclient(self):
"""test_get_novaclient check that we could retrieve a Session client to work with nova"""
osclients = OpenStackClients(modules="nova")
novaClient = osclients.get_novaclient()
self.assertIsInstance(novaClient, novaclient.v2.client.Client)
def test_set_credential_to_osclients(self):
"""test_set_credential_to_osclients check that we could set credentials using method set_credential"""
username = "******"
password = "******"
tenant_name = "new_user cloud"
tenant_id = "00000000000000000000000000000002"
trust_id = "randomid0000000000000000000000001"
# FIRST CHECK: Credentials from ENV
osclients = OpenStackClients()
self.assertEqual(osclients._OpenStackClients__username, self.OS_USERNAME)
self.assertEqual(osclients._OpenStackClients__tenant_id, self.OS_TENANT_ID)
# SECOND CHECK: updating Credentials with tenant_id
osclients.set_credential(username, password, tenant_id=tenant_id)
self.assertEqual(osclients._OpenStackClients__tenant_id, tenant_id)
# THIRD CHECK: updating Credentials with tenant_name
osclients.set_credential(username, password, tenant_name=tenant_name)
self.assertEqual(osclients._OpenStackClients__tenant_name, tenant_name)
# FOURTH CHECK: updating Credentials with trust_id
osclients.set_credential(username, password, trust_id=trust_id)
self.assertEqual(osclients._OpenStackClients__trust_id, trust_id)
# FIFTH CHECK: updating Credentials without trust_id, tenant_id and tenant_name
osclients.set_credential(username, password)
self.assertIsNone(osclients._OpenStackClients__trust_id)
self.assertIsNone(osclients._OpenStackClients__tenant_name)
self.assertIsNone(osclients._OpenStackClients__tenant_id)
# Creating a client to check that set_credential destroy the session with v3
novaclient = osclients.get_novaclient()
self.assertIsNotNone(osclients._session_v3)
osclients.set_credential(username, password)
self.assertIsNone(osclients._session_v3)
# Creating a client to check that set_credential destroy the session with v2
osclients.use_v3 = False
novaclient = osclients.get_novaclient()
self.assertIsNotNone(osclients._session_v2)
osclients.set_credential(username, password)
self.assertIsNone(osclients._session_v2)
def __init__(self):
"""constructor"""
osclients = OpenStackClients()
neutron = osclients.get_neutronclient()
cinder = osclients.get_cinderclient()
glance = osclients.get_glanceclient()
nova = osclients.get_novaclient()
swift = osclients.get_swiftclient()
print('Creating a container')
swift.put_container('container', dict())
print('Creating two objects')
swift.put_object('container', 'object', 'content')
swift.put_object('container', 'object2', 'content2')
print('Creating a volume')
volume = cinder.volumes.create(name='cindervolume', size=1)
external_net = None
for net in neutron.list_networks()['networks']:
if net['router:external']:
external_net = net['id']
break
properties = {'key1': 'value1'}
print('Creating a private image')
glance.images.create(container_format='bare',
name='testimage1',
disk_format='qcow2',
data='aaaaa',
properties=properties,
is_public=False)
if can_create_shared_images:
download_images()
print('Creating a shared image')
cirrosfile = open(img_name)
image_shared1 = glance.images.create(container_format='bare',
name='testimg2',
disk_format='qcow2',
data=cirrosfile,
properties={'key2': 'value2'},
is_public=True)
print('Creating another shared image')
cirrosfile2 = open(img_name2)
image_shared2 = glance.images.create(container_format='bare',
name='testima3',
disk_format='qcow2',
data=cirrosfile2,
properties={'key3': 'val3'},
is_public=True)
image_id = image_shared1.id
else:
image_id = glance.images.find(name=image_name)
print('Creating a keypair')
nova.keypairs.create(name='testpublickey')
print('Allocating a new security group')
nova.security_groups.create(
'testsecgroup a security group for testing')
print('Reserving a flotaing ip')
floatingip = nova.floating_ips.create(pool=external_net)
if can_create_networks:
print('Creating a router')
router = neutron.create_router(
{'router': {
'name': 'testrouter',
'admin_state_up': True
}})['router']
print('Creating a network')
n = neutron.create_network(
{'network': {
'name': 'testnetwork',
'admin_state_up': True,
}})
network = n['network']
print('Creating a subnet')
subnet = neutron.create_subnet({
'subnet': {
'name': 'testsubnet',
'network_id': network['id'],
'ip_version': 4,
'cidr': '192.168.1.0/24',
'dns_nameservers': ['8.8.8.8']
}
})['subnet']
"""
Only admin users can create shared networks.
network2 = neutron.create_network(
{'network': {'name': 'testnetwork_shared', 'admin_state_up': True,
'shared': True}})['network']
subnet2 = neutron.create_subnet(
{'subnet': {'name': 'testsubnet_shared',
'network_id': network2['id'],
'ip_version': 4, 'cidr': '192.168.2.0/24',
'dns_nameservers': ['8.8.8.8']}})['subnet']
"""
print('Adding interface and gateway to router')
neutron.add_interface_router(router['id'],
{'subnet_id': subnet['id']})
neutron.add_gateway_router(router['id'],
{'network_id': external_net})
else:
# use any internal network
network = None
for net in neutron.list_networks()['networks']:
if not net['router:external']:
network = net
break
# The volume must be available before creating the snapshot.
time.sleep(3)
print('Creating a volume snapshot')
cinder.volume_snapshots.create(volume.id)
tiny = nova.flavors.find(name='m1.tiny')
nova.flavors.find(name='m1.small')
nic = {'net-id': network['id']}
print('Creating a VM')
server = nova.servers.create('vm_testdelete',
flavor=tiny,
image=image_id,
key_name='testpublickey',
security_groups=['default'],
nics=[nic])
# , files=files, config_drive=True)
# give some time before assigning the floating ip
time.sleep(10)
server.add_floating_ip(floatingip.ip)
if can_create_shared_images:
# create a VM using another tenant, based in a shared image
osclients2 = OpenStackClients()
second_user = os.environ['USER2']
second_user_tenant = os.environ['USER2_TENANT']
osclients2.set_credential(second_user,
os.environ['PASSWORD_USER2'],
tenant_name=second_user_tenant)
nova = osclients2.get_novaclient()
neutron = osclients2.get_neutronclient()
net2 = None
for net in neutron.list_networks()['networks']:
if not net['router:external']:
net2 = net['id']
break
nics = [{'net-id': net2}]
print('Creating a second VM, with a different user')
nova.servers.create('vm_testdelete2',
flavor=tiny,
image=image_shared2.id,
nics=nics)
class TestOSClientsOverrideEndpoint(TestCase):
"""Class to test the endpoint override feature"""
def setUp(self):
d = defaultdict(list)
d['catalog'].append(service)
self.access = d
self.osclients = OpenStackClients()
self.url = 'http://fake.org:9090'
self.original_url = service['endpoints'][1]['url']
def restore_catalog(self):
"""restore catalog"""
service['endpoints'][1]['url'] = self.original_url
def tearDown(self):
"""restore objects"""
self.restore_catalog()
def override_endpoint(self):
"""method that override the endpoint"""
self.osclients.override_endpoint('object-store', 'Spain2', 'admin', self.url)
def assertOverrideEndpoint(self):
"""check that the override has been done"""
self.assertEquals(self.osclients.get_admin_endpoint('object-store', 'Spain2'), self.url)
def test_override_endpoint_session(self):
"""test that invoking override endpoint does not create a session"""
self.override_endpoint()
self.assertFalse(self.osclients._session_v2)
self.assertFalse(self.osclients._session_v3)
def test_override_endpoint(self):
"""check that a session catalog is overriden"""
mock = MagicMock()
config = {'auth.get_access.return_value': self.access}
mock.configure_mock(**config)
self.osclients._session_v3 = mock
self.override_endpoint()
self.assertOverrideEndpoint()
@patch('fiwareskuld.utils.osclients.session')
def test_override_endpoint_multiple(self, mock):
"""test that override works with an already created session and then
with a new one without invoking the method again"""
config = {'Session.return_value.auth.get_access.return_value': self.access}
mock.configure_mock(**config)
session = self.osclients.get_session()
self.override_endpoint()
self.assertOverrideEndpoint()
# invalidate and create a new session; ensure than catalog is again
# the original. Setting a new token invalidate the session. The new
# one is created at the invocation of get_admin_endpoint.
self.restore_catalog()
self.osclients.set_token('faketoken')
# check again
self.assertOverrideEndpoint()
def test_set_credential_to_osclients(self):
"""test_set_credential_to_osclients check that we could set credentials using method set_credential"""
username = "******"
password = "******"
tenant_name = "new_user cloud"
tenant_id = "00000000000000000000000000000002"
trust_id = "randomid0000000000000000000000001"
# FIRST CHECK: Credentials from ENV
osclients = OpenStackClients()
self.assertEqual(osclients._OpenStackClients__username,
self.OS_USERNAME)
self.assertEqual(osclients._OpenStackClients__tenant_id,
self.OS_TENANT_ID)
# SECOND CHECK: updating Credentials with tenant_id
osclients.set_credential(username, password, tenant_id=tenant_id)
self.assertEqual(osclients._OpenStackClients__tenant_id, tenant_id)
# THIRD CHECK: updating Credentials with tenant_name
osclients.set_credential(username, password, tenant_name=tenant_name)
self.assertEqual(osclients._OpenStackClients__tenant_name, tenant_name)
# FOURTH CHECK: updating Credentials with trust_id
osclients.set_credential(username, password, trust_id=trust_id)
self.assertEqual(osclients._OpenStackClients__trust_id, trust_id)
# FIFTH CHECK: updating Credentials without trust_id, tenant_id and tenant_name
osclients.set_credential(username, password)
self.assertIsNone(osclients._OpenStackClients__trust_id)
self.assertIsNone(osclients._OpenStackClients__tenant_name)
self.assertIsNone(osclients._OpenStackClients__tenant_id)
# Creating a client to check that set_credential destroy the session with v3
novaclient = osclients.get_novaclient()
self.assertIsNotNone(osclients._session_v3)
osclients.set_credential(username, password)
self.assertIsNone(osclients._session_v3)
# Creating a client to check that set_credential destroy the session with v2
osclients.use_v3 = False
novaclient = osclients.get_novaclient()
self.assertIsNotNone(osclients._session_v2)
osclients.set_credential(username, password)
self.assertIsNone(osclients._session_v2)
def test_get_session_with_different_auth_url(self):
"""test_get_session_without_auth_url check that we could retrieve a session with auth_url formats"""
auth_url_v2_1 = "http://cloud.lab.fi-ware.org:4731/v2.0"
auth_url_v2_2 = "http://cloud.lab.fi-ware.org:4731/v2.0/"
auth_url_v3_1 = "http://cloud.lab.fi-ware.org:4731/v3"
auth_url_v3_2 = "http://cloud.lab.fi-ware.org:4731/v3/"
osclients = OpenStackClients()
# Checking v3
osclients.auth_url = auth_url_v2_1
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v3 = None
osclients.auth_url = auth_url_v2_2
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v3 = None
# Checking v2
osclients.use_v3 = False
osclients.auth_url = auth_url_v3_1
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v2 = None
osclients.auth_url = auth_url_v3_2
session = osclients.get_session()
self.assertIsInstance(session, keystoneclient.session.Session)
session.invalidate()
osclients._session_v2 = None
def test_get_novaclient(self):
"""test_get_novaclient check that we could retrieve a Session client to work with nova"""
osclients = OpenStackClients(modules="nova")
novaClient = osclients.get_novaclient()
self.assertIsInstance(novaClient, novaclient.v2.client.Client)
class TestOSClientsOverrideEndpoint(TestCase):
"""Class to test the endpoint override feature"""
def setUp(self):
d = defaultdict(list)
d['catalog'].append(service)
self.access = d
self.osclients = OpenStackClients()
self.url = 'http://fake.org:9090'
self.original_url = service['endpoints'][1]['url']
def restore_catalog(self):
"""restore catalog"""
service['endpoints'][1]['url'] = self.original_url
def tearDown(self):
"""restore objects"""
self.restore_catalog()
def override_endpoint(self):
"""method that override the endpoint"""
self.osclients.override_endpoint('object-store', 'Spain2', 'admin',
self.url)
def assertOverrideEndpoint(self):
"""check that the override has been done"""
self.assertEquals(
self.osclients.get_admin_endpoint('object-store', 'Spain2'),
self.url)
def test_override_endpoint_session(self):
"""test that invoking override endpoint does not create a session"""
self.override_endpoint()
self.assertFalse(self.osclients._session_v2)
self.assertFalse(self.osclients._session_v3)
def test_override_endpoint(self):
"""check that a session catalog is overriden"""
mock = MagicMock()
config = {'auth.get_access.return_value': self.access}
mock.configure_mock(**config)
self.osclients._session_v3 = mock
self.override_endpoint()
self.assertOverrideEndpoint()
@patch('fiwareskuld.utils.osclients.session')
def test_override_endpoint_multiple(self, mock):
"""test that override works with an already created session and then
with a new one without invoking the method again"""
config = {
'Session.return_value.auth.get_access.return_value': self.access
}
mock.configure_mock(**config)
session = self.osclients.get_session()
self.override_endpoint()
self.assertOverrideEndpoint()
# invalidate and create a new session; ensure than catalog is again
# the original. Setting a new token invalidate the session. The new
# one is created at the invocation of get_admin_endpoint.
self.restore_catalog()
self.osclients.set_token('faketoken')
# check again
self.assertOverrideEndpoint()
def __init__(self):
"""constructor"""
osclients = OpenStackClients()
neutron = osclients.get_neutronclient()
cinder = osclients.get_cinderclient()
glance = osclients.get_glanceclient()
nova = osclients.get_novaclient()
swift = osclients.get_swiftclient()
print('Creating a container')
swift.put_container('container', dict())
print('Creating two objects')
swift.put_object('container', 'object', 'content')
swift.put_object('container', 'object2', 'content2')
print('Creating a volume')
volume = cinder.volumes.create(name='cindervolume', size=1)
external_net = None
for net in neutron.list_networks()['networks']:
if net['router:external']:
external_net = net['id']
break
properties = {'key1': 'value1'}
print('Creating a private image')
glance.images.create(
container_format='bare', name='testimage1', disk_format='qcow2',
data='aaaaa', properties=properties, is_public=False)
if can_create_shared_images:
download_images()
print('Creating a shared image')
cirrosfile = open(img_name)
image_shared1 = glance.images.create(
container_format='bare', name='testimg2', disk_format='qcow2',
data=cirrosfile, properties={'key2': 'value2'}, is_public=True)
print('Creating another shared image')
cirrosfile2 = open(img_name2)
image_shared2 = glance.images.create(
container_format='bare', name='testima3', disk_format='qcow2',
data=cirrosfile2, properties={'key3': 'val3'}, is_public=True)
image_id = image_shared1.id
else:
image_id = glance.images.find(name=image_name)
print('Creating a keypair')
nova.keypairs.create(name='testpublickey')
print('Allocating a new security group')
nova.security_groups.create('testsecgroup a security group for testing')
print('Reserving a flotaing ip')
floatingip = nova.floating_ips.create(pool=external_net)
if can_create_networks:
print('Creating a router')
router = neutron.create_router(
{'router': {'name': 'testrouter', 'admin_state_up': True}}
)['router']
print('Creating a network')
n = neutron.create_network(
{'network': {'name': 'testnetwork', 'admin_state_up': True, }})
network = n['network']
print('Creating a subnet')
subnet = neutron.create_subnet(
{'subnet': {'name': 'testsubnet', 'network_id': network['id'],
'ip_version': 4, 'cidr': '192.168.1.0/24',
'dns_nameservers': ['8.8.8.8']}})['subnet']
"""
Only admin users can create shared networks.
network2 = neutron.create_network(
{'network': {'name': 'testnetwork_shared', 'admin_state_up': True,
'shared': True}})['network']
subnet2 = neutron.create_subnet(
{'subnet': {'name': 'testsubnet_shared',
'network_id': network2['id'],
'ip_version': 4, 'cidr': '192.168.2.0/24',
'dns_nameservers': ['8.8.8.8']}})['subnet']
"""
print('Adding interface and gateway to router')
neutron.add_interface_router(router['id'], {'subnet_id': subnet['id']})
neutron.add_gateway_router(router['id'], {'network_id': external_net})
else:
# use any internal network
network = None
for net in neutron.list_networks()['networks']:
if not net['router:external']:
network = net
break
# The volume must be available before creating the snapshot.
time.sleep(3)
print('Creating a volume snapshot')
cinder.volume_snapshots.create(volume.id)
tiny = nova.flavors.find(name='m1.tiny')
nova.flavors.find(name='m1.small')
nic = {'net-id': network['id']}
print('Creating a VM')
server = nova.servers.create(
'vm_testdelete', flavor=tiny, image=image_id,
key_name='testpublickey', security_groups=['default'], nics=[nic])
# , files=files, config_drive=True)
# give some time before assigning the floating ip
time.sleep(10)
server.add_floating_ip(floatingip.ip)
if can_create_shared_images:
# create a VM using another tenant, based in a shared image
osclients2 = OpenStackClients()
second_user = os.environ['USER2']
second_user_tenant = os.environ['USER2_TENANT']
osclients2.set_credential(second_user, os.environ['PASSWORD_USER2'],
tenant_name=second_user_tenant)
nova = osclients2.get_novaclient()
neutron = osclients2.get_neutronclient()
net2 = None
for net in neutron.list_networks()['networks']:
if not net['router:external']:
net2 = net['id']
break
nics = [{'net-id': net2}]
print('Creating a second VM, with a different user')
nova.servers.create(
'vm_testdelete2', flavor=tiny, image=image_shared2.id, nics=nics)
def test_get_keystoneclient_v3(self):
"""test_get_keystoneclient_v3 check that we could retrieve a Session client to work with keystone v3"""
osclients = OpenStackClients()
keystoneClient = osclients.get_keystoneclient()
self.assertIsInstance(keystoneClient, keystoneclient.v3.client.Client)
def test_implement_client_with_env(self):
"""test_implement_client_with_env check that we could implement a client with data from the OS environment."""
osclients = OpenStackClients()
self.assertIsNotNone(osclients)
def test_get_keystoneclient_v3(self):
"""test_get_keystoneclient_v3 check that we could retrieve a Session client to work with keystone v3"""
osclients = OpenStackClients()
keystoneClient = osclients.get_keystoneclient()
self.assertIsInstance(keystoneClient, keystoneclient.v3.client.Client)
def test_implement_client(self):
"""test_implement_client check that we could implement an empty client."""
osclients = OpenStackClients()
self.assertIsNotNone(osclients)
"""
domain = usertocheck.name.partition('@')[2]
if domain in settings.DONT_DELETE_DOMAINS:
logger.warning(
'User with name %(name)s should not be deleted due to its domain',
{'name': usertocheck.name})
return True
else:
return False
logger.debug('Getting expired users')
(next_to_expire, expired_users) = ExpiredUsers(
username=env['OS_USERNAME'], password=env['OS_PASSWORD'],
tenant=env['OS_TENANT_NAME']).get_yellow_red_users()
osclients = OpenStackClients()
# Use an alternative URL that allow direct access to the keystone admin
# endpoint, because the registered one uses an internal IP address.
osclients.override_endpoint(
'identity', osclients.region, 'admin', settings.KEYSTONE_ENDPOINT)
keystone = osclients.get_keystoneclientv3()
# build users map
logger.debug('Building user map')
users_by_id = dict()
for user in keystone.users.list():
users_by_id[user.id] = user
