def computeTDD():
    "Check if all compute nodes have an OVS agent active"

    with prefix(env_config.admin_openrc):
        msg = 'Run agent-list'
        agentList = runCheck(msg, 'neutron agent-list')

    # check if all compute nodes are mentioned in the list
    computeNodes = [host.replace('root@','') for host in env.roledefs['compute']]
    allInList = True
    for node in computeNodes:
        if node not in agentList:
            print align_n('%s is not mentioned in the agent list' % node)
            allInList = False
    if allInList:
        print align_y('All compute nodes are mentioned in agent list')

    # check if agents are active
    agentLines = agentList.splitlines()[3:-1] # remove header and footer
    allActive = True
    for line in agentLines:
        if ':-)' not in line:
            print align_n('One of the agents is not active')
            print line
            allActive = False
    if allActive:
        print align_y('All agents active')

    if not allActive or not allInList:
        execute(saveConfigCompute,'bad')
        sys.exit(1)
Example #2
0
def tdd():
    execute(showStatus)

    with prefix(env_config.admin_openrc):
        runCheck('List service components', 'cinder service-list')

    with prefix(env_config.demo_openrc):
        timestamp = run('date +"%Y-%m-%d %H:%M:%S"', quiet=True)
        runCheck('Create a 1 GB volume',
                 'cinder create --display-name demo-volume1 1')

        msg = 'Verify creation and availability of volume'
        run('cinder list')
        status = run("cinder list | awk '/demo-volume1/ {print $4}'",
                     quiet=True)
        if not status:
            print align_n('There is no volume called demo-volume1')
            sys.exit(1)
        else:
            # volume takes a while to build, so we loop until it's done
            while status != 'error' and status != 'available':
                status = run("cinder list | awk '/demo-volume1/ {print $4}'",
                             quiet=True)

            if status == 'available':
                print align_y('demo-volume1 is available')
                runCheck('Delete test volume', 'cinder delete demo-volume1')
            else:
                print align_n('Problem with demo-volume1:')
                checkLog(timestamp)
                runCheck('Delete test volume', 'cinder delete demo-volume1')
                sys.exit(1)
def curlTDD():
    """
    TDD: make some curl operations and check their results
    """

    with prefix(env_config.admin_openrc):
        msg = 'Get storage URL and token'
        url, token = runCheck(msg, "swift stat -v | awk '/StorageURL/ {print $2} /Auth Token/ {print $3}'").splitlines()

    msg = 'Show containers'
    runCheck(msg, 'curl -v -X GET -H "X-Auth-Token: %s" %s' % (token,url))

    msg = 'Make a container creation request'
    out = runCheck(msg, 'curl -v -X PUT -H "X-Auth-Token: %s" %s/mycontainer' % (token,url))
    if 'HTTP/1.1 201 Created' in out:
        print align_y('Container creation succeeded')
    else:
        print align_n('Problem in the container creation')

    run('echo "Now testing object creation" >mytestfile')
    msg = 'Request object creation'
    runCheck(msg, 'curl -v -X PUT -T mytestfile -H "X-Auth-Token: %s" %s/mycontainer/mytestfile' % (token, url))

    msg = 'Request the new object'
    runCheck(msg, 'curl -v -X GET -o newfile -H "X-Auth-Token: %s" %s/mycontainer/mytestfile' % (token, url))

    diff = run('diff newfile mytestfile', quiet=True)
    if diff:
        print align_n('File downloaded and local file are not the same')
        run('cat newfile')
        run('cat mytestfile')
    else:
        print align_y('File downloaded and local file are the same')

    run('rm newfile mytestfile')
def tdd():
    execute(showStatus)

    with prefix(env_config.admin_openrc):
        runCheck("List service components", "cinder service-list")

    with prefix(env_config.demo_openrc):
        timestamp = run('date +"%Y-%m-%d %H:%M:%S"', quiet=True)
        runCheck("Create a 1 GB volume", "cinder create --display-name demo-volume1 1")

        msg = "Verify creation and availability of volume"
        run("cinder list")
        status = run("cinder list | awk '/demo-volume1/ {print $4}'", quiet=True)
        if not status:
            print align_n("There is no volume called demo-volume1")
            sys.exit(1)
        else:
            # volume takes a while to build, so we loop until it's done
            while status != "error" and status != "available":
                status = run("cinder list | awk '/demo-volume1/ {print $4}'", quiet=True)

            if status == "available":
                print align_y("demo-volume1 is available")
                runCheck("Delete test volume", "cinder delete demo-volume1")
            else:
                print align_n("Problem with demo-volume1:")
                checkLog(timestamp)
                runCheck("Delete test volume", "cinder delete demo-volume1")
                sys.exit(1)
Example #5
0
def glusterTDD():
    """
    TDD: check if the contents of the Gluster brick are the same on all nodes
    """

    #@roles('controller','network','storage','compute')
    @roles('controller', 'network', 'compute')
    def _glusterTDD():
        "Grab the contents of the gluster brick for each host"
        directory = swiftGlusterDir
        with cd(directory):
            msg = 'Get contents of brick on ' + env.host
            contents = runCheck(msg, "ls -a")
        return contents

    results = execute(_glusterTDD)
    hosts = results.keys()

    for i, host in enumerate(hosts):
        for otherHost in hosts[i + 1:]:
            if results[host] != results[otherHost]:
                print align_n('Hosts %s and %s have different contents' %
                              (host, otherHost))
            else:
                print align_y('Hosts %s and %s OK' % (host, otherHost))
Example #6
0
def networkTDD():
    "Check if all agents are functioning"

    with prefix(env_config.admin_openrc):
        msg = 'Run agent-list'
        agentList = runCheck(msg, 'neutron agent-list')

    # check if all agents are in the list
    allInList = True
    for agent in ['Metadata', 'Open vSwitch', 'L3', 'DHCP']:
        if agent not in agentList:
            print align_n('Agent %s is not in agent list' % agent)
            allInList = False
    if allInList:
        print align_y('All agents in list')

    # check if agents are active
    agentLines = agentList.splitlines()[3:-1]  # remove header and footer
    allActive = True
    for line in agentLines:
        if ':-)' not in line:
            print align_n('One of the agents is not active')
            print line
            allActive = False
    if allActive:
        print align_y('All agents active')

    if not allActive or not allInList:
        execute(saveConfigNetwork, 'bad')
        sys.exit(1)
Example #7
0
def computeTDD():
    "Check if all compute nodes have an OVS agent active"

    with prefix(env_config.admin_openrc):
        msg = 'Run agent-list'
        agentList = runCheck(msg, 'neutron agent-list')

    # check if all compute nodes are mentioned in the list
    computeNodes = [
        host.replace('root@', '') for host in env.roledefs['compute']
    ]
    allInList = True
    for node in computeNodes:
        if node not in agentList:
            print align_n('%s is not mentioned in the agent list' % node)
            allInList = False
    if allInList:
        print align_y('All compute nodes are mentioned in agent list')

    # check if agents are active
    agentLines = agentList.splitlines()[3:-1]  # remove header and footer
    allActive = True
    for line in agentLines:
        if ':-)' not in line:
            print align_n('One of the agents is not active')
            print line
            allActive = False
    if allActive:
        print align_y('All agents active')

    if not allActive or not allInList:
        execute(saveConfigCompute, 'bad')
        sys.exit(1)
def glusterTDD(imageID):
    """
    TDD: Check the bricks and see if the image is there
    """
    result = 'OK'

    imageDir = glanceGlusterDir

    if run("[ -e {} ]".format(imageDir)).return_code != 0:
        print red("Directory {} does not exist in host {}!".format(
            imageDir, env.host))
        return 'FAIL'


    imagesInDir = runCheck("See inside directory", "ls " + imageDir)

    if not imagesInDir:
        print align_n('Directory seems to be empty in host' + env.host)
        result = 'FAIL'
    elif imageID not in imagesInDir:
        print align_n('The image requested '
                'is not in the glance brick in host ' + env.host)
        print 'Image requested: ', blue(imageID)
        print 'Contents of directory: ', red(imagesInDir)
        result = 'FAIL'
    else:
        print align_y('Can see the image in host ' + env.host)

    return result
def networkTDD():
    "Check if all agents are functioning"

    with prefix(env_config.admin_openrc):
        msg = 'Run agent-list'
        agentList = runCheck(msg, 'neutron agent-list')

    # check if all agents are in the list
    allInList = True
    for agent in ['Metadata', 'Open vSwitch', 'L3', 'DHCP']:
        if agent not in agentList:
            print align_n('Agent %s is not in agent list' % agent)
            allInList = False
    if allInList:
        print align_y('All agents in list')

    # check if agents are active
    agentLines = agentList.splitlines()[3:-1] # remove header and footer
    allActive = True
    for line in agentLines:
        if ':-)' not in line:
            print align_n('One of the agents is not active')
            print line
            allActive = False
    if allActive:
        print align_y('All agents active')

    if not allActive or not allInList:
        execute(saveConfigNetwork,'bad')
        sys.exit(1)
Example #10
0
def glusterTDD(imageID):
    """
    TDD: Check the bricks and see if the image is there
    """
    result = 'OK'

    imageDir = glanceGlusterDir

    if run("[ -e {} ]".format(imageDir)).return_code != 0:
        print red("Directory {} does not exist in host {}!".format(
            imageDir, env.host))
        return 'FAIL'

    imagesInDir = runCheck("See inside directory", "ls " + imageDir)

    if not imagesInDir:
        print align_n('Directory seems to be empty in host' + env.host)
        result = 'FAIL'
    elif imageID not in imagesInDir:
        print align_n('The image requested '
                      'is not in the glance brick in host ' + env.host)
        print 'Image requested: ', blue(imageID)
        print 'Contents of directory: ', red(imagesInDir)
        result = 'FAIL'
    else:
        print align_y('Can see the image in host ' + env.host)

    return result
Example #11
0
def reach_dashboard():
    msg = 'Connect to dashboard'
    output = runCheck(msg, "curl --connect-timeout 10 http://controller/dashboard | head -10")

    # check if it's the Dashboard frontpage
    if any(value in output for value in ['<title>','Login']):
        print align_y('Can access Dashboard frontpage')
    else:
        print align_n('Cannot access Dashboard frontpage')
        status = 'bad'
Example #12
0
def peerStatus():
    """
    TDD: Check gluster peer status
    """
    expectedNumPeers = sum([len(rolelist) for rolelist in env.roledefs.values()]) - 1
    numPeersConnected = int(run('gluster peer status | '
                   'grep -c "Peer in Cluster (Connected)"'))
    if numPeersConnected != expectedNumPeers:
        print align_n('Problem on host '+env.host)
        run('gluster peer status')
    else:
        print align_y('Peer status on host %s OK')
Example #13
0
def reach_dashboard():
    msg = 'Connect to dashboard'
    output = runCheck(
        msg,
        "curl --connect-timeout 10 http://controller/dashboard | head -10")

    # check if it's the Dashboard frontpage
    if any(value in output for value in ['<title>', 'Login']):
        print align_y('Can access Dashboard frontpage')
    else:
        print align_n('Cannot access Dashboard frontpage')
        status = 'bad'
Example #14
0
def setSettingsFile():
    "Set the local_setting.py file in the controller"

    newLines = "# Dashboard configuration\n"
    newLines += "SITE_BRANDING = 'Electrical and Computer Engineering Department'"

    out = append(localsettings, newLines)
    msg = "Set the local_setting.py file in the controller"
    if out:
        print align_n(msg)
    else:
        print align_y(msg)
Example #15
0
def tdd():
    msg = 'Connect to dashboard'
    output = runCheck(msg, "curl --connect-timeout 10 http://controller/dashboard | head -10")

    # check if the Dashboard frontpage has been customized
    if '<title>Login - Electrical and Computer Engineering Department</title>' in output:
        msg = 'Dashboard frontpage has been customized' 
        print align_y(msg)
        logging.info(msg)
    else:
        msg = 'Dashboard frontpage has NOT been customized' 
        print align_n(msg)
        logging.error(msg)
        sys.exit(1)
Example #16
0
def peerStatus():
    """
    TDD: Check gluster peer status
    """
    expectedNumPeers = sum(
        [len(rolelist) for rolelist in env.roledefs.values()]) - 1
    numPeersConnected = int(
        run('gluster peer status | '
            'grep -c "Peer in Cluster (Connected)"'))
    if numPeersConnected != expectedNumPeers:
        print align_n('Problem on host ' + env.host)
        run('gluster peer status')
    else:
        print align_y('Peer status on host %s OK')
Example #17
0
def deploy():
    logging.info("Deploy begin at: {:%Y-%b-%d %H:%M:%S}".format(datetime.datetime.now()))
    execute(mustDoOnHost)
    execute(installConfigureChrony)
    execute(install_packages)
    execute(installMariaDB)
    execute(secureDB)
    # execute(shrinkHome)
    # execute(prepGlusterFS)
    # execute(setupGlusterFS)
    # execute(probe, env_config.hosts)
    # execute(createVolume, env_config.hosts)
    # execute(mount)
    logging.info("Deploy ended at: {:%Y-%b-%d %H:%M:%S}".format(datetime.datetime.now()))
    print align_y('Yeah we are done')
Example #18
0
def curlTDD():
    """
    TDD: make some curl operations and check their results
    """

    with prefix(env_config.admin_openrc):
        msg = 'Get storage URL and token'
        url, token = runCheck(
            msg,
            "swift stat -v | awk '/StorageURL/ {print $2} /Auth Token/ {print $3}'"
        ).splitlines()

    msg = 'Show containers'
    runCheck(msg, 'curl -v -X GET -H "X-Auth-Token: %s" %s' % (token, url))

    msg = 'Make a container creation request'
    out = runCheck(
        msg,
        'curl -v -X PUT -H "X-Auth-Token: %s" %s/mycontainer' % (token, url))
    if 'HTTP/1.1 201 Created' in out:
        print align_y('Container creation succeeded')
    else:
        print align_n('Problem in the container creation')

    run('echo "Now testing object creation" >mytestfile')
    msg = 'Request object creation'
    runCheck(
        msg,
        'curl -v -X PUT -T mytestfile -H "X-Auth-Token: %s" %s/mycontainer/mytestfile'
        % (token, url))

    msg = 'Request the new object'
    runCheck(
        msg,
        'curl -v -X GET -o newfile -H "X-Auth-Token: %s" %s/mycontainer/mytestfile'
        % (token, url))

    diff = run('diff newfile mytestfile', quiet=True)
    if diff:
        print align_n('File downloaded and local file are not the same')
        run('cat newfile')
        run('cat mytestfile')
    else:
        print align_y('File downloaded and local file are the same')

    run('rm newfile mytestfile')
Example #19
0
def deploy():
    logging.info("Deploy begin at: {:%Y-%b-%d %H:%M:%S}".format(
        datetime.datetime.now()))
    execute(mustDoOnHost)
    execute(installConfigureChrony)
    execute(install_packages)
    execute(installMariaDB)
    execute(secureDB)
    # execute(shrinkHome)
    # execute(prepGlusterFS)
    # execute(setupGlusterFS)
    # execute(probe, env_config.hosts)
    # execute(createVolume, env_config.hosts)
    # execute(mount)
    logging.info("Deploy ended at: {:%Y-%b-%d %H:%M:%S}".format(
        datetime.datetime.now()))
    print align_y('Yeah we are done')
Example #20
0
def servicesTDD():
    "Check service-list to see if the nova services are up and running"

    with prefix(env_config.admin_openrc):
        msg = 'Get service list'
        serviceList = runCheck(msg, 'nova service-list >service-list')

    run('cat service-list')

    servlist = run('cat service-list | grep nova', quiet=True)

    # check if all services are running
    allRunning = True
    for line in servlist.splitlines():
        if 'enabled' not in line:
            print align_n('One of the services is not enabled')
            print line
            allRunning = False
        elif 'up' not in line:
            print align_n('One of the services is not up')
            print line
            allRunning = False
    if allRunning:
        print align_y('All services OK')

    # check if all compute nodes are mentioned in the list
    computeNodes = [
        host.replace('root@', '') for host in env.roledefs['compute']
    ]
    allComputes = True
    for node in computeNodes:
        if node not in servlist:
            print align_n('%s is not mentioned in the service list' % node)
            allComputes = False
    if allComputes:
        print align_y('All compute nodes have a service')

    if not allRunning or not allComputes:
        saveConfigFile(etc_nova_config_file, 'bad')
        sys.exit(1)
Example #21
0
def servicesTDD():
    "Check service-list to see if the nova services are up and running"

    with prefix(env_config.admin_openrc):
        msg = 'Get service list'
        serviceList = runCheck(msg, 'nova service-list >service-list')

    run('cat service-list')

    servlist = run('cat service-list | grep nova', quiet=True)

    # check if all services are running
    allRunning = True
    for line in servlist.splitlines():
        if 'enabled' not in line:
            print align_n('One of the services is not enabled')
            print line
            allRunning = False
        elif 'up' not in line: 
            print align_n('One of the services is not up')
            print line
            allRunning = False
    if allRunning:
        print align_y('All services OK')

    # check if all compute nodes are mentioned in the list
    computeNodes = [host.replace('root@','') for host in env.roledefs['compute']]
    allComputes = True
    for node in computeNodes:
        if node not in servlist:
            print align_n('%s is not mentioned in the service list' % node)
            allComputes = False
    if allComputes:
        print align_y('All compute nodes have a service')


    if not allRunning or not allComputes:
        saveConfigFile(etc_nova_config_file, 'bad')
        sys.exit(1)
Example #22
0
def imageCreationTDD():
    """
    TDD: Try to create an image and see if it shows up in all hosts
    """

    result = 'OK'

    msg = 'Retrieve instance image from the cirros website'
    run_v("mkdir /tmp/images")
    url = "http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img"
    runCheck(msg, "wget -qP /tmp/images " + url)

    with prefix(env_config.admin_openrc):

        msg = 'Create glance image'
        runCheck(
            msg, "glance image-create --name 'cirros-test' "
            "--file /tmp/images/cirros-0.3.3-x86_64-disk.img "
            "--disk-format qcow2 "
            "--container-format bare "
            "--is-public True ")

        msg = 'List images'
        output = runCheck(msg, "glance image-list | grep 'cirros-test'")
        # imageIDs = [l.split()[1] for l in output.splitlines() if 'cirros-test' in l]
        imageID = run(
            "glance image-list | grep 'cirros-test' | awk '{print $2}'")

        if len(output.splitlines()) > 1:
            align_n("There seems to be more than one 'cirros-test'!")
            return 'FAIL'

        if output:
            print(align_y("Successfully installed cirros image"))
        else:
            print(align_n("Couldn't install cirros image"))
            return 'FAIL'

    # check the hosts and see if the image file
    # was distributed among all of them

    #results = execute(glusterTDD,imageID).values()
    #for r in results:
    #    if r == 'FAIL':
    #        result = 'FAIL'

    msg = 'Clear local files'
    runCheck(msg, "rm -r /tmp/images")

    return result
Example #23
0
def configurersyncd():

    fileContents = env_config.rsyncd_conf

    # replace variables
    fileContents = fileContents.replace('MANAGEMENT_INTERFACE_IP_ADDRESS', 
            env_config.nicDictionary['compute1']['mgtIPADDR'])

    devicepath = swiftGlusterDir
    fileContents = fileContents.replace('PATH', devicepath)

    out = append('/etc/rsynd.conf', fileContents)
    if out:
        print align_n("Error appending to rsyncd.conf")
        logging.error(out)
    else:
        print align_y("Success appending to rsyncd.conf")
        logging.info(out)

    msg= 'Enable rsyncd service'
    runCheck(msg, 'systemctl enable rsyncd.service')
    msg= 'Start rsyncd service'
    runCheck(msg, 'systemctl start rsyncd.service')
Example #24
0
def controllerTDD():
    "Check if all extensions are functioning"

    with prefix(env_config.admin_openrc):
        msg = 'Run ext-list'
        extList = runCheck(msg, 'neutron ext-list')

    extensions = [
            'security-group',
            'l3_agent_scheduler',
            'ext-gw-mode',
            'binding',
            'provider',
            'agent',
            'quotas',
            'dhcp_agent_scheduler',
            'l3-ha',
            'multi-provider',
            'external-net',
            'router',
            'allowed-address-pairs',
            'extraroute',
            'extra_dhcp_opt',
            'dvr',
            ]

    allInList = True
    for extension in extensions:
        if extension not in extList:
            print align_n('Extension %s is not in the list' % extension)
            allInList = False

    if allInList:
        print align_y('All extensions in list')
    else:
        execute(saveConfigController,'bad')
        sys.exit(1)
Example #25
0
def controllerTDD():
    "Check if all extensions are functioning"

    with prefix(env_config.admin_openrc):
        msg = 'Run ext-list'
        extList = runCheck(msg, 'neutron ext-list')

    extensions = [
        'security-group',
        'l3_agent_scheduler',
        'ext-gw-mode',
        'binding',
        'provider',
        'agent',
        'quotas',
        'dhcp_agent_scheduler',
        'l3-ha',
        'multi-provider',
        'external-net',
        'router',
        'allowed-address-pairs',
        'extraroute',
        'extra_dhcp_opt',
        'dvr',
    ]

    allInList = True
    for extension in extensions:
        if extension not in extList:
            print align_n('Extension %s is not in the list' % extension)
            allInList = False

    if allInList:
        print align_y('All extensions in list')
    else:
        execute(saveConfigController, 'bad')
        sys.exit(1)
Example #26
0
def imageCreationTDD():
    """
    TDD: Try to create an image and see if it shows up in all hosts
    """

    result = 'OK'
    
    msg = 'Retrieve instance image from the cirros website'
    run_v("mkdir /tmp/images")
    url = "http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img"
    runCheck(msg, "wget -qP /tmp/images " + url)

    with prefix(env_config.admin_openrc):

        msg = 'Create glance image'
        runCheck(msg, "glance image-create --name 'cirros-test' "
                "--file /tmp/images/cirros-0.3.3-x86_64-disk.img "
                "--disk-format qcow2 "
                "--container-format bare "
                "--is-public True "
                )

        msg = 'List images'
        output = runCheck(msg, "glance image-list | grep 'cirros-test'")
        # imageIDs = [l.split()[1] for l in output.splitlines() if 'cirros-test' in l]
        imageID = run("glance image-list | grep 'cirros-test' | awk '{print $2}'") 
        
        if len(output.splitlines()) > 1:
            align_n("There seems to be more than one 'cirros-test'!")
            return 'FAIL'

        if output:
            print(align_y("Successfully installed cirros image"))
        else:
            print(align_n("Couldn't install cirros image"))
            return 'FAIL'

    # check the hosts and see if the image file
    # was distributed among all of them

    #results = execute(glusterTDD,imageID).values()
    #for r in results:
    #    if r == 'FAIL':
    #        result = 'FAIL'

    msg = 'Clear local files'
    runCheck(msg, "rm -r /tmp/images")

    return result
Example #27
0
def configurersyncd():

    fileContents = env_config.rsyncd_conf

    # replace variables
    fileContents = fileContents.replace(
        'MANAGEMENT_INTERFACE_IP_ADDRESS',
        env_config.nicDictionary['compute1']['mgtIPADDR'])

    devicepath = swiftGlusterDir
    fileContents = fileContents.replace('PATH', devicepath)

    out = append('/etc/rsynd.conf', fileContents)
    if out:
        print align_n("Error appending to rsyncd.conf")
        logging.error(out)
    else:
        print align_y("Success appending to rsyncd.conf")
        logging.info(out)

    msg = 'Enable rsyncd service'
    runCheck(msg, 'systemctl enable rsyncd.service')
    msg = 'Start rsyncd service'
    runCheck(msg, 'systemctl start rsyncd.service')
Example #28
0
def glusterTDD():
    """
    TDD: check if the contents of the Gluster brick are the same on all nodes
    """

    #@roles('controller','network','storage','compute')
    @roles('controller', 'network', 'compute')
    def _glusterTDD():
        "Grab the contents of the gluster brick for each host"
        directory = swiftGlusterDir 
        with cd(directory):
            msg = 'Get contents of brick on '+env.host
            contents = runCheck(msg, "ls -a")
        return contents

    results = execute(_glusterTDD)
    hosts = results.keys()

    for i, host in enumerate(hosts):
        for otherHost in hosts[i+1:]:
            if results[host] != results[otherHost]:
                print align_n('Hosts %s and %s have different contents' % (host,otherHost))
            else:
                print align_y('Hosts %s and %s OK' % (host,otherHost))
Example #29
0
def check_selinux():
    output = run("getenforce")
    if "Disabled" in output:
        print align_y("SELINUX is " + output)
    else:            
        print align_n("Oh no! SELINUX is " + output)
Example #30
0
def keystone_tdd():

    with settings(warn_only=True):

        status = 'good'

        resk = keystone_check('keystone')
        resd = database_check('keystone')

        if (resk == 'FAIL') or (resd == 'FAIL'):
            status = 'bad'

        # Check if 'admin' and 'demo' are users
        user_list_output = run("keystone --os-tenant-name admin --os-username admin " + \
                "--os-password {} --os-auth-url http://controller:35357/v2.0 user-list"\
                                 .format(passwd['ADMIN_PASS']), quiet=True)
        if 'admin' in user_list_output:
            print align_y('Admin was found in user list')
        else:
            print align_n('admin not a user')
            status = 'bad'

        if 'demo' in user_list_output:
            print align_y('Demo was found in user list')
        else:
            print align_n('demo not a user')
            status = 'bad'

        # Check if 'admin', 'service' and 'demo' are tenants
        tenant_list_output = run("keystone --os-tenant-name admin --os-username admin " + \
                "--os-password {} --os-auth-url http://controller:35357/v2.0 tenant-list"\
                .format(passwd['ADMIN_PASS']), quiet=True)
        for name in ['admin','demo','service']:
            if name in tenant_list_output:
                print align_y('{} was found in tenant list'.format(name))
            else:
                print align_n('{} not a tenant'.format(name))
                status = 'bad'

        # Check if '_member_' and 'admin' are roles
        role_list_output = run("keystone --os-tenant-name admin --os-username admin " + \
                "--os-password {} --os-auth-url http://controller:35357/v2.0 role-list"\
                .format(passwd['ADMIN_PASS']), quiet=True)
        if '_member_' in role_list_output:
            print align_y('_member_ is a role')
        else:
            print align_n('_member_ not a role')
            status = 'bad'

        if 'admin' in role_list_output:
            print align_y('admin is a role')
        else:
            print align_n('admin not a role')
            status = 'bad'

        # Check if non-admin user is forbidden to perform admin tasks
        user_list_output = run("keystone --os-tenant-name demo --os-username demo " + \
                "--os-password {} --os-auth-url http://controller:35357/v2.0 user-list"\
                .format(passwd['DEMO_PASS']), quiet=True)
        if 'You are not authorized to perform the requested action' in user_list_output:
            print align_y('demo was not allowed to run user-list')
        else:
            print align_n('demo was allowed to run user-list')
            status = 'bad'

        confFile= '/etc/keystone/keystone.conf'
        saveConfigFile(confFile,status)
        print blue('\nCalling openstack-status\n###########################\n')
        run('openstack-status')
Example #31
0
def keystone_tdd():

    with settings(warn_only=True):

        status = 'good'

        resk = keystone_check('keystone')
        resd = database_check('keystone')

        if (resk == 'FAIL') or (resd == 'FAIL'):
            status = 'bad'

        # Check if 'admin' and 'demo' are users
        user_list_output = run("keystone --os-tenant-name admin --os-username admin " + \
                "--os-password {} --os-auth-url http://controller:35357/v2.0 user-list"\
                                 .format(passwd['ADMIN_PASS']), quiet=True)
        if 'admin' in user_list_output:
            print align_y('Admin was found in user list')
        else:
            print align_n('admin not a user')
            status = 'bad'

        if 'demo' in user_list_output:
            print align_y('Demo was found in user list')
        else:
            print align_n('demo not a user')
            status = 'bad'

        # Check if 'admin', 'service' and 'demo' are tenants
        tenant_list_output = run("keystone --os-tenant-name admin --os-username admin " + \
                "--os-password {} --os-auth-url http://controller:35357/v2.0 tenant-list"\
                .format(passwd['ADMIN_PASS']), quiet=True)
        for name in ['admin', 'demo', 'service']:
            if name in tenant_list_output:
                print align_y('{} was found in tenant list'.format(name))
            else:
                print align_n('{} not a tenant'.format(name))
                status = 'bad'

        # Check if '_member_' and 'admin' are roles
        role_list_output = run("keystone --os-tenant-name admin --os-username admin " + \
                "--os-password {} --os-auth-url http://controller:35357/v2.0 role-list"\
                .format(passwd['ADMIN_PASS']), quiet=True)
        if '_member_' in role_list_output:
            print align_y('_member_ is a role')
        else:
            print align_n('_member_ not a role')
            status = 'bad'

        if 'admin' in role_list_output:
            print align_y('admin is a role')
        else:
            print align_n('admin not a role')
            status = 'bad'

        # Check if non-admin user is forbidden to perform admin tasks
        user_list_output = run("keystone --os-tenant-name demo --os-username demo " + \
                "--os-password {} --os-auth-url http://controller:35357/v2.0 user-list"\
                .format(passwd['DEMO_PASS']), quiet=True)
        if 'You are not authorized to perform the requested action' in user_list_output:
            print align_y('demo was not allowed to run user-list')
        else:
            print align_n('demo was allowed to run user-list')
            status = 'bad'

        confFile = '/etc/keystone/keystone.conf'
        saveConfigFile(confFile, status)
        print blue('\nCalling openstack-status\n###########################\n')
        run('openstack-status')
Example #32
0
def check_selinux():
    output = run("getenforce")
    if "Disabled" in output:
        print align_y("SELINUX is " + output)
    else:
        print align_n("Oh no! SELINUX is " + output)