def test_stonith_ok(self):
"""Check Stonith configuration."""
for node in self.node_list:
bmc_ip = self.bmc_data[node]['ip']
bmc_user = self.bmc_data[node]['user']
secret = self.bmc_data[node]['secret']
key = Cipher.generate_key(self.cluster_id, 'cluster')
bmc_passwd = Cipher.decrypt(key, secret.encode('ascii')).decode()
BmcV().validate('stonith', [node, bmc_ip, bmc_user, bmc_passwd])
def test_accessibility_error_on_invalid_auth(self):
"""Check 'accessible' validation type for fake password argument."""
node = self.node_list[0]
bmc_ip = self.bmc_data[node]['ip']
user = self.bmc_data[node]['user']
passwd = 'srv-1PASS'
self.assertRaises(VError,
BmcV().validate, 'accessible',
[node, bmc_ip, user, passwd])
def test_accessibility_ok(self):
"""Check BMC accessibility for nodes in cluster."""
for node in self.node_list:
bmc_ip = self.bmc_data[node]['ip']
bmc_user = self.bmc_data[node]['user']
secret = self.bmc_data[node]['secret']
key = Cipher.generate_key(self.cluster_id, 'cluster')
bmc_passwd = Cipher.decrypt(key, secret.encode('ascii')).decode()
BmcV().validate('accessible', [node, bmc_ip, bmc_user, bmc_passwd])
def _validate_bmc_check(self, check: str):
if check == self.STONITH:
bmc_check = cfg.Checks.BMC_STONITH.value
elif check == self.ACCESSIBLE:
bmc_check = cfg.Checks.BMC_ACCESSIBILITY.value
else:
raise ValueError(f'BMC Check "{check}" is not supported')
check_entry: CheckEntry = CheckEntry(bmc_check)
# Check for import errors
if cortx_py_utils_import_error:
check_entry.set_fail(
checked_target=cfg.ALL_MINIONS,
comment="Package cortx-py-utils not installed")
return check_entry
try:
# Get node list
nodes = Check._get_nodes_list()
except Exception as exc:
check_entry.set_fail(checked_target=cfg.ALL_MINIONS,
comment=str(exc))
return check_entry
res: List[CheckEntry] = list()
# TODO use of salt python API with function_run
_DECRYPT_PSWD_CMD = ('salt-call lyveutils.decrypt cluster {val}'
' --output=newline_values_only')
minion_id = local_minion_id()
for node in nodes:
check_res: CheckEntry = CheckEntry(bmc_check)
try:
# Get BMC IP, user and secret.
bmc_ip = Check._get_pillar_data(f"cluster/{node}/bmc/ip")
bmc_user = Check._get_pillar_data(f"cluster/{node}/bmc/user")
secret = Check._get_pillar_data(f"cluster/{node}/bmc/secret")
# Decrypt the secret
cmd = _DECRYPT_PSWD_CMD.format(val=secret)
bmc_passwd = cmd_run(cmd, targets=minion_id)[minion_id]
# Check the stonith configuration
BmcV().validate(check, [node, bmc_ip, bmc_user, bmc_passwd])
except Exception as exc:
check_res.set_fail(checked_target=node, comment=str(exc))
else:
check_res.set_passed(checked_target=node)
res.append(check_res)
return res
def test_accessibility_error_on_invalid_bmc_ip(self):
"""Check 'accessible' validation type for fake bmc_ip argument."""
node = self.node_list[0]
bmc_ip = "10.256.256.10"
user = self.bmc_data[node]['user']
secret = self.bmc_data[node]['secret']
key = Cipher.generate_key(self.cluster_id, 'cluster')
passwd = Cipher.decrypt(key, secret.encode('ascii')).decode()
self.assertRaises(VError,
BmcV().validate, 'accessible',
[node, bmc_ip, user, passwd])
def validate(self):
"""Check below requirements.
1. Validate input configs
2. Validate BMC connectivity
3. Validate storage controller connectivity
4. Validate network interface availability
"""
machine_id = Utility.get_machine_id()
mgmt_interfaces = []
data_private_interfaces = []
data_public_interfaces = []
# Validate input/provisioner configs
node_type = Utility.get_config_value(
PRVSNR_CONFIG_INDEX, "server_node>%s>type" % machine_id)
cluster_id = Utility.get_config_value(
PRVSNR_CONFIG_INDEX, "server_node>%s>cluster_id" % machine_id)
if node_type.lower() not in ["virtual", "vm"]:
bmc_ip = Utility.get_config_value(
PRVSNR_CONFIG_INDEX, "server_node>%s>bmc>ip" % machine_id)
bmc_user = Utility.get_config_value(
PRVSNR_CONFIG_INDEX, "server_node>%s>bmc>user" % machine_id)
bmc_secret = Utility.get_config_value(
PRVSNR_CONFIG_INDEX, "server_node>%s>bmc>secret" % machine_id)
bmc_key = Cipher.generate_key(machine_id,
ServiceTypes.SERVER_NODE.value)
bmc_passwd = Cipher.decrypt(
bmc_key, bmc_secret.encode("utf-8")).decode("utf-8")
data_private_interfaces = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"server_node>%s>network>data>private_interfaces" % machine_id)
data_public_interfaces = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"server_node>%s>network>data>public_interfaces" % machine_id)
mgmt_public_fqdn = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"server_node>%s>network>management>public_fqdn" % machine_id)
mgmt_interfaces = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"server_node>%s>network>management>interfaces" % machine_id)
data_private_fqdn = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"server_node>%s>network>data>private_fqdn" % machine_id)
data_public_fqdn = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"server_node>%s>network>data>public_fqdn" % machine_id)
enclosure_id = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"server_node>%s>storage>enclosure_id" % machine_id)
primary_ip = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"storage_enclosure>%s>controller>primary>ip" % enclosure_id)
secondary_ip = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"storage_enclosure>%s>controller>secondary>ip" % enclosure_id)
cntrlr_user = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"storage_enclosure>%s>controller>user" % enclosure_id)
cntrlr_secret = Utility.get_config_value(
PRVSNR_CONFIG_INDEX,
"storage_enclosure>%s>controller>secret" % enclosure_id)
cntrlr_key = Cipher.generate_key(enclosure_id,
ServiceTypes.STORAGE_ENCLOSURE.value)
cntrlr_passwd = Cipher.decrypt(
cntrlr_key, cntrlr_secret.encode("utf-8")).decode("utf-8")
# Validate BMC connectivity & storage controller accessibility
if node_type.lower() not in ["virtual", "vm"]:
NetworkV().validate("connectivity",
[bmc_ip, primary_ip, secondary_ip])
BmcV().validate("accessible",
[socket.getfqdn(), bmc_ip, bmc_user, bmc_passwd])
c_validator = ControllerV()
c_validator.validate("accessible",
[primary_ip, cntrlr_user, cntrlr_passwd])
c_validator.validate("accessible",
[secondary_ip, cntrlr_user, cntrlr_passwd])
# Validate network fqdn reachability
NetworkV().validate(
"connectivity",
[mgmt_public_fqdn, data_private_fqdn, data_public_fqdn])
# Validate network interface availability
for i_list in [
mgmt_interfaces, data_private_interfaces,
data_public_interfaces
]:
self.validate_nw_cable_connection(i_list)
self.validate_nw_interfaces(i_list)
def test_incorrect_vtype(self):
""" Check incorrect validation type """
self.assertRaises(VError, BmcV().validate, 'dummy',[])
def test_stonith_more_args_error(self):
""" Check 'stonith' validation type for more arguments """
cfg_args = ['srvnode-1', '192.168.12.123', 'admin', 'Admin!', 'DummyData']
self.assertRaises(VError, BmcV().validate, 'stonith',cfg_args)
def test_stonith_less_args_error(self):
""" Check 'stonith' validation type for less arguments """
cfg_args = ['srvnode-1', '192.168.12.123', 'admin']
self.assertRaises(VError, BmcV().validate, 'stonith',cfg_args)
def test_stonith_no_args_error(self):
""" Check 'stonith' validation type for no arguments """
self.assertRaises(VError, BmcV().validate, 'stonith',[])
def test_stonith_ok(self):
""" Check Stonith configuration """
cfg_args = ['srvnode-1', '192.168.12.123', 'admin', 'Admin!']
BmcV().validate('stonith', cfg_args)
def test_accessibility_error(self):
""" Check 'accessible' validation type for fake arguments """
fake_hosts = ['srv-1', 'srv-2']
self.assertRaises(VError, BmcV().validate, 'accessible',fake_hosts)
def test_accessibility_no_args_error(self):
""" Check 'accessible' validation type for no arguments """
self.assertRaises(VError, BmcV().validate, 'accessible',[])
def test_accessibility_ok(self):
""" Check BMC Accessibility """
BmcV().validate('accessible', ['srvnode-1','srvnode-2'])