def _CreateRapiUser(rapi_user):
"""RAPI credentials creation, with the secret auto-generated.
"""
rapi_secret = utils.GenerateSecret()
master = qa_config.GetMasterNode()
rapi_users_path = qa_utils.MakeNodePath(master, pathutils.RAPI_USERS_FILE)
rapi_dir = os.path.dirname(rapi_users_path)
fh = tempfile.NamedTemporaryFile()
try:
fh.write("%s %s write\n" % (rapi_user, rapi_secret))
fh.flush()
tmpru = qa_utils.UploadFile(master.primary, fh.name)
try:
AssertCommand(["mkdir", "-p", rapi_dir])
AssertCommand(["mv", tmpru, rapi_users_path])
finally:
AssertCommand(["rm", "-f", tmpru])
finally:
fh.close()
# The certificates have to be reloaded now
AssertCommand(["service", "ganeti", "restart"])
return rapi_secret
def _ResetWatcherDaemon():
"""Removes the watcher daemon's state file.
"""
path = \
qa_utils.MakeNodePath(qa_config.GetMasterNode(),
pathutils.WATCHER_GROUP_STATE_FILE % "*-*-*-*")
AssertCommand(["bash", "-c", "rm -vf %s" % path])
def ReloadCertificates(ensure_presence=True):
"""Reloads the client RAPI certificate with the one present on the node.
If the QA is set up to use a specific certificate using the
"rapi-files-location" parameter, it will be put in place prior to retrieving
it.
"""
if ensure_presence:
_EnsureRapiFilesPresence()
if _rapi_username is None or _rapi_password is None:
raise qa_error.Error("RAPI username and password have to be set before"
" attempting to reload a certificate.")
# pylint: disable=W0603
# due to global usage
global _rapi_ca
global _rapi_client
master = qa_config.GetMasterNode()
# Load RAPI certificate from master node
cmd = [
"openssl", "x509", "-in",
qa_utils.MakeNodePath(master, pathutils.RAPI_CERT_FILE)
]
# Write to temporary file
_rapi_ca = tempfile.NamedTemporaryFile()
_rapi_ca.write(
qa_utils.GetCommandOutput(master.primary, utils.ShellQuoteArgs(cmd)))
_rapi_ca.flush()
port = qa_config.get("rapi-port", default=constants.DEFAULT_RAPI_PORT)
cfg_curl = rapi.client.GenericCurlConfig(cafile=_rapi_ca.name, proxy="")
if qa_config.UseVirtualCluster():
# TODO: Implement full support for RAPI on virtual clusters
print qa_logging.FormatWarning(
"RAPI tests are not yet supported on"
" virtual clusters and will be disabled")
assert _rapi_client is None
else:
_rapi_client = rapi.client.GanetiRapiClient(master.primary,
port=port,
username=_rapi_username,
password=_rapi_password,
curl_config_fn=cfg_curl)
print "RAPI protocol version: %s" % _rapi_client.GetVersion()
def _ReadSsconfInstanceList():
"""Reads ssconf_instance_list from the master node.
"""
master = qa_config.GetMasterNode()
ssconf_path = utils.PathJoin(pathutils.DATA_DIR,
"ssconf_%s" % constants.SS_INSTANCE_LIST)
cmd = ["cat", qa_utils.MakeNodePath(master, ssconf_path)]
return qa_utils.GetCommandOutput(master.primary,
utils.ShellQuoteArgs(cmd)).splitlines()
def Setup(username, password):
"""Configures the RAPI client.
"""
# pylint: disable=W0603
# due to global usage
global _rapi_ca
global _rapi_client
global _rapi_username
global _rapi_password
_rapi_username = username
_rapi_password = password
master = qa_config.GetMasterNode()
# Load RAPI certificate from master node
cmd = ["cat", qa_utils.MakeNodePath(master, pathutils.RAPI_CERT_FILE)]
# Write to temporary file
_rapi_ca = tempfile.NamedTemporaryFile()
_rapi_ca.write(
qa_utils.GetCommandOutput(master.primary, utils.ShellQuoteArgs(cmd)))
_rapi_ca.flush()
port = qa_config.get("rapi-port", default=constants.DEFAULT_RAPI_PORT)
cfg_curl = rapi.client.GenericCurlConfig(cafile=_rapi_ca.name, proxy="")
if qa_config.UseVirtualCluster():
# TODO: Implement full support for RAPI on virtual clusters
print qa_logging.FormatWarning(
"RAPI tests are not yet supported on"
" virtual clusters and will be disabled")
assert _rapi_client is None
else:
_rapi_client = rapi.client.GanetiRapiClient(master.primary,
port=port,
username=username,
password=password,
curl_config_fn=cfg_curl)
print "RAPI protocol version: %s" % _rapi_client.GetVersion()
return _rapi_client
def LookupRapiSecret(rapi_user):
"""Find the RAPI secret for the given user.
@param rapi_user: Login user
@return: Login secret for the user
"""
CTEXT = "{CLEARTEXT}"
master = qa_config.GetMasterNode()
cmd = ["cat", qa_utils.MakeNodePath(master, pathutils.RAPI_USERS_FILE)]
file_content = qa_utils.GetCommandOutput(master.primary,
utils.ShellQuoteArgs(cmd))
users = ParsePasswordFile(file_content)
entry = users.get(rapi_user)
if not entry:
raise qa_error.Error("User %s not found in RAPI users file" % rapi_user)
secret = entry.password
if secret.upper().startswith(CTEXT):
secret = secret[len(CTEXT):]
elif secret.startswith("{"):
raise qa_error.Error("Unsupported password schema for RAPI user %s:"
" not a clear text password" % rapi_user)
return secret
def TestClusterInit(rapi_user, rapi_secret):
"""gnt-cluster init"""
master = qa_config.GetMasterNode()
rapi_users_path = qa_utils.MakeNodePath(master, pathutils.RAPI_USERS_FILE)
rapi_dir = os.path.dirname(rapi_users_path)
# First create the RAPI credentials
fh = tempfile.NamedTemporaryFile()
try:
fh.write("%s %s write\n" % (rapi_user, rapi_secret))
fh.flush()
tmpru = qa_utils.UploadFile(master.primary, fh.name)
try:
AssertCommand(["mkdir", "-p", rapi_dir])
AssertCommand(["mv", tmpru, rapi_users_path])
finally:
AssertCommand(["rm", "-f", tmpru])
finally:
fh.close()
# Initialize cluster
enabled_disk_templates = qa_config.GetEnabledDiskTemplates()
cmd = [
"gnt-cluster",
"init",
"--primary-ip-version=%d" % qa_config.get("primary_ip_version", 4),
"--enabled-hypervisors=%s" %
",".join(qa_config.GetEnabledHypervisors()),
"--enabled-disk-templates=%s" % ",".join(enabled_disk_templates),
]
if constants.DT_FILE in enabled_disk_templates:
cmd.append("--file-storage-dir=%s" % qa_config.get(
"default-file-storage-dir", pathutils.DEFAULT_FILE_STORAGE_DIR))
for spec_type in ("mem-size", "disk-size", "disk-count", "cpu-count",
"nic-count"):
for spec_val in ("min", "max", "std"):
spec = qa_config.get(
"ispec_%s_%s" % (spec_type.replace("-", "_"), spec_val), None)
if spec is not None:
cmd.append("--specs-%s=%s=%d" % (spec_type, spec_val, spec))
if master.secondary:
cmd.append("--secondary-ip=%s" % master.secondary)
if utils.IsLvmEnabled(qa_config.GetEnabledDiskTemplates()):
vgname = qa_config.get("vg-name", constants.DEFAULT_VG)
if vgname:
cmd.append("--vg-name=%s" % vgname)
else:
raise qa_error.Error("Please specify a volume group if you enable"
" lvm-based disk templates in the QA.")
master_netdev = qa_config.get("master-netdev", None)
if master_netdev:
cmd.append("--master-netdev=%s" % master_netdev)
nicparams = qa_config.get("default-nicparams", None)
if nicparams:
cmd.append("--nic-parameters=%s" %
",".join(utils.FormatKeyValue(nicparams)))
# Cluster value of the exclusive-storage node parameter
e_s = qa_config.get("exclusive-storage")
if e_s is not None:
cmd.extend(["--node-parameters", "exclusive_storage=%s" % e_s])
else:
e_s = False
qa_config.SetExclusiveStorage(e_s)
extra_args = qa_config.get("cluster-init-args")
if extra_args:
# This option was removed in 2.10, but in order to not break QA of older
# branches we remove it from the extra_args if it is in there.
opt_drbd_storage = "--no-drbd-storage"
if opt_drbd_storage in extra_args:
extra_args.remove(opt_drbd_storage)
cmd.extend(extra_args)
cmd.append(qa_config.get("name"))
AssertCommand(cmd)
cmd = ["gnt-cluster", "modify"]
# hypervisor parameter modifications
hvp = qa_config.get("hypervisor-parameters", {})
for k, v in hvp.items():
cmd.extend(["-H", "%s:%s" % (k, v)])
# backend parameter modifications
bep = qa_config.get("backend-parameters", "")
if bep:
cmd.extend(["-B", bep])
if len(cmd) > 2:
AssertCommand(cmd)
# OS parameters
osp = qa_config.get("os-parameters", {})
for k, v in osp.items():
AssertCommand(["gnt-os", "modify", "-O", v, k])
# OS hypervisor parameters
os_hvp = qa_config.get("os-hvp", {})
for os_name in os_hvp:
for hv, hvp in os_hvp[os_name].items():
AssertCommand(
["gnt-os", "modify", "-H",
"%s:%s" % (hv, hvp), os_name])
def _NodeQueueDrainFile(node):
"""Returns path to queue drain file for a node.
"""
return qa_utils.MakeNodePath(node, pathutils.JOB_QUEUE_DRAIN_FILE)
