def __init__(self, server, username, password=None, pkey=None,
key_filename=None):
ssh_timeout = CONF.validation.ssh_timeout
network = CONF.compute.network_for_ssh
ip_version = CONF.validation.ip_version_for_ssh
connect_timeout = CONF.validation.connect_timeout
if isinstance(server, six.string_types):
ip_address = server
else:
addresses = server['addresses'][network]
for address in addresses:
if address['version'] == ip_version:
ip_address = address['addr']
break
else:
raise exceptions.ServerUnreachable()
if CONF.compute.ssh_auth_method == 'keypair' and pkey == None:
key_filename = CONF.compute.path_to_private_key if \
CONF.compute.path_to_private_key else None
self.ssh_client = ssh.Client(ip_address, username, password=None,
timeout=ssh_timeout, pkey=pkey,
key_filename=key_filename,
channel_timeout=connect_timeout)
def test_userdata(self):
key_name = data_utils.rand_name('testkey')
pkey = self.create_key_pair(key_name)
sec_group_name = self.create_standard_security_group()
user_data = data_utils.rand_uuid()
instance_id = self.run_instance(KeyName=key_name,
UserData=user_data,
SecurityGroups=[sec_group_name])
data = self.client.describe_instance_attribute(InstanceId=instance_id,
Attribute='userData')
self.assertEqual(data['UserData']['Value'],
base64.b64encode(user_data))
ip_address = self.get_instance_ip(instance_id)
ssh_client = ssh.Client(ip_address, CONF.aws.image_user, pkey=pkey)
url = 'http://169.254.169.254'
data = ssh_client.exec_command('curl %s/latest/user-data' % url)
self.assertEqual(user_data, data)
data = ssh_client.exec_command('curl %s/latest/meta-data/ami-id' % url)
self.assertEqual(CONF.aws.image_id, data)
def test_stop_start_instance(self):
key_name = data_utils.rand_name('testkey')
pkey = self.create_key_pair(key_name)
sec_group_name = self.create_standard_security_group()
instance_id = self.run_instance(KeyName=key_name,
ImageId=CONF.aws.image_id_ubuntu,
SecurityGroups=[sec_group_name])
ip_address = self.get_instance_ip(instance_id)
ssh_client = ssh.Client(ip_address,
CONF.aws.image_user_ubuntu,
pkey=pkey)
ssh_client.exec_command('last -x')
self.client.stop_instances(InstanceIds=[instance_id])
self.get_instance_waiter().wait_available(instance_id,
final_set=('stopped'))
self.client.start_instances(InstanceIds=[instance_id])
self.get_instance_waiter().wait_available(instance_id,
final_set=('running'))
data = ssh_client.exec_command('last -x')
self.assertIn("shutdown", data)
def test_metadata(self):
key_name = data_utils.rand_name('testkey')
self.client.import_key_pair(KeyName=key_name,
PublicKeyMaterial=PUBLIC_KEY_MATERIAL)
self.addResourceCleanUp(self.client.delete_key_pair, KeyName=key_name)
sec_group_name = self.create_standard_security_group()
user_data = six.text_type(data_utils.rand_uuid()) + six.unichr(1071)
instance_id = self.run_instance(KeyName=key_name,
UserData=user_data,
SecurityGroups=[sec_group_name])
data = self.client.describe_instance_attribute(InstanceId=instance_id,
Attribute='userData')
self.assertEqual(
data['UserData']['Value'],
base64.b64encode(user_data.encode("utf-8")).decode("utf-8"))
ip_address = self.get_instance_ip(instance_id)
ssh_client = ssh.Client(ip_address,
CONF.aws.image_user,
pkey=PRIVATE_KEY_MATERIAL)
url = 'http://169.254.169.254'
data = ssh_client.exec_command('curl %s/latest/user-data' % url)
if isinstance(data, six.binary_type):
data = data.decode("utf-8")
self.assertEqual(user_data, data)
data = ssh_client.exec_command('curl %s/latest/meta-data/ami-id' % url)
self.assertEqual(CONF.aws.image_id, data)
data = ssh_client.exec_command(
'curl %s/latest/meta-data/public-keys/0/openssh-key' % url)
self.assertEqual(PUBLIC_KEY_MATERIAL, data)
def test_default_gateway(self):
novpc_group = self.create_standard_security_group()
novpc_instance_id = self.run_instance(SecurityGroups=[novpc_group])
ping_destination = self.get_instance_ip(novpc_instance_id)
data = self.client.create_vpc(CidrBlock='10.10.0.0/16')
vpc_id = data['Vpc']['VpcId']
self.addResourceCleanUp(self.client.delete_vpc, VpcId=vpc_id)
self.get_vpc_waiter().wait_available(vpc_id)
data = self.client.create_subnet(
VpcId=vpc_id, CidrBlock='10.10.1.0/24',
AvailabilityZone=CONF.aws.aws_zone)
subnet_1_id = data['Subnet']['SubnetId']
self.addResourceCleanUp(self.client.delete_subnet,
SubnetId=subnet_1_id)
data = self.client.create_subnet(
VpcId=vpc_id, CidrBlock='10.10.2.0/24',
AvailabilityZone=CONF.aws.aws_zone)
subnet_2_id = data['Subnet']['SubnetId']
self.addResourceCleanUp(self.client.delete_subnet,
SubnetId=subnet_2_id)
data = self.client.create_internet_gateway()
gw_id = data['InternetGateway']['InternetGatewayId']
self.addResourceCleanUp(self.client.delete_internet_gateway,
InternetGatewayId=gw_id)
data = self.client.attach_internet_gateway(VpcId=vpc_id,
InternetGatewayId=gw_id)
self.addResourceCleanUp(self.client.detach_internet_gateway,
VpcId=vpc_id, InternetGatewayId=gw_id)
self.prepare_route(vpc_id, gw_id)
data = self.client.create_route_table(VpcId=vpc_id)
rt_id = data['RouteTable']['RouteTableId']
self.addResourceCleanUp(self.client.delete_route_table,
RouteTableId=rt_id)
data = self.client.associate_route_table(RouteTableId=rt_id,
SubnetId=subnet_2_id)
assoc_id = data['AssociationId']
self.addResourceCleanUp(self.client.disassociate_route_table,
AssociationId=assoc_id)
self.prepare_vpc_default_security_group(vpc_id)
key_name = data_utils.rand_name('testkey')
pkey = self.create_key_pair(key_name)
instance_2_id = self.run_instance(KeyName=key_name,
SubnetId=subnet_2_id)
instance_1_id = self.run_instance(KeyName=key_name,
SubnetId=subnet_1_id,
UserData=pkey)
ip_address = self.get_instance_ip(instance_1_id)
ip_private_address_1 = self.get_instance(
instance_1_id)['PrivateIpAddress']
ip_private_address_2 = self.get_instance(
instance_2_id)['PrivateIpAddress']
ssh_client = ssh.Client(ip_address, CONF.aws.image_user, pkey=pkey,
channel_timeout=30)
ssh_client.exec_command(
'curl http://169.254.169.254/latest/user-data > key.pem && '
'chmod 400 key.pem')
if 'cirros' in ssh_client.exec_command('cat /etc/issue'):
ssh_client.exec_command(
'dropbearconvert openssh dropbear key.pem key.db && '
'mv key.db key.pem')
extra_ssh_opts = '-y'
else:
extra_ssh_opts = ('-o UserKnownHostsFile=/dev/null '
'-o StrictHostKeyChecking=no')
ssh_client.exec_command('ping -c 1 %s' % ip_private_address_2)
ssh_client.exec_command('ping -c 1 %s' % ping_destination)
remote_ping_template = (
'ssh -i key.pem %(extra_opts)s %(user)s@%(ip)s '
'ping -c 1 %%s' %
{'extra_opts': extra_ssh_opts,
'user': CONF.aws.image_user,
'ip': ip_private_address_2})
ssh_client.exec_command(remote_ping_template % ip_private_address_1)
try:
resp = ssh_client.exec_command(remote_ping_template %
ping_destination)
except exceptions.SSHExecCommandFailed:
pass
else:
self.assertEqual('', resp)
def test_vpn_connectivity(self):
response = urllib2.urlopen(self.OPENSWAN_LINK, timeout=30)
content = response.read()
filename = os.path.basename(self.OPENSWAN_LINK)
f = open(filename, 'w')
f.write(content)
f.close()
key_name = data_utils.rand_name('testkey')
pkey = self.create_key_pair(key_name)
# run ubuntu instance to create one of VPN endpoint inside
sec_group_name = self.create_standard_security_group()
instance_id_ubuntu = self.run_instance(
KeyName=key_name, ImageId=CONF.aws.image_id_ubuntu,
SecurityGroups=[sec_group_name])
public_ip_ubuntu = self.get_instance_ip(instance_id_ubuntu)
instance = self.get_instance(instance_id_ubuntu)
private_ip_ubuntu = instance['PrivateIpAddress']
# create VPC, ..., VPN
vpc_id, subnet_id = self.create_vpc_and_subnet(self.VPC_CIDR)
self.prepare_vpc_default_security_group(vpc_id)
vpn_data = self._create_and_configure_vpn(
vpc_id, public_ip_ubuntu, private_ip_ubuntu + '/32')
# run general instance inside VPC
instance_id = self.run_instance(KeyName=key_name,
ImageId=CONF.aws.image_id,
SubnetId=subnet_id)
instance = self.get_instance(instance_id)
private_ip_in_vpc = instance['PrivateIpAddress']
# configure ubuntu, install openswan and run it
ssh_client = ssh.Client(public_ip_ubuntu, CONF.aws.image_user_ubuntu,
pkey=pkey)
self._upload_file(ssh_client, filename, filename)
ssh_client.exec_command('sudo DEBIAN_FRONTEND=noninteractive dpkg -i '
+ filename)
ssh_client.exec_command('sudo -s su -c "'
'echo 1 > /proc/sys/net/ipv4/ip_forward"')
ssh_client.exec_command(
'for vpn in /proc/sys/net/ipv4/conf/*; do sudo -s su -c'
' "echo 0 > $vpn/accept_redirects; echo 0 > $vpn/send_redirects";'
' done')
sysctl_additions = [
'net.ipv4.ip_forward = 1',
'net.ipv4.conf.all.accept_redirects = 0',
'net.ipv4.conf.all.send_redirects = 0']
for item in sysctl_additions:
ssh_client.exec_command(
'sudo -s su -c "echo \'' + item + '\' >> /etc/sysctl.conf"')
ssh_client.exec_command('sudo sysctl -p')
ipsec_conf, ipsec_secrets = self._get_ipsec_conf(
vpn_data['VpnConnectionId'], private_ip_ubuntu)
ssh_client.exec_command('sudo -s su -c "echo \'\' > /etc/ipsec.conf"')
for fstr in ipsec_conf:
ssh_client.exec_command(
'sudo -s su -c "echo \'%s\' >> /etc/ipsec.conf"' % fstr)
ssh_client.exec_command(
'sudo -s su -c "echo \'%s\' > /etc/ipsec.secrets"' % ipsec_secrets)
ssh_client.exec_command('sudo service ipsec restart')
try:
self.get_vpn_connection_tunnel_waiter().wait_available(
vpn_data['VpnConnectionId'], ('UP'))
except Exception:
exc_info = sys.exc_info()
try:
output = ssh_client.exec_command('sudo ipsec auto --status')
LOG.warning(output)
except Exception:
pass
raise exc_info[1], None, exc_info[2]
time.sleep(10)
ssh_client.exec_command('ping -c 4 %s' % private_ip_in_vpc)
def test_exec_command(self):
gsc_mock = self.patch('tempest_lib.common.ssh.Client.'
'_get_ssh_connection')
ito_mock = self.patch('tempest_lib.common.ssh.Client._is_timed_out')
select_mock = self.patch('select.poll')
client_mock = mock.MagicMock()
tran_mock = mock.MagicMock()
chan_mock = mock.MagicMock()
poll_mock = mock.MagicMock()
def reset_mocks():
gsc_mock.reset_mock()
ito_mock.reset_mock()
select_mock.reset_mock()
poll_mock.reset_mock()
client_mock.reset_mock()
tran_mock.reset_mock()
chan_mock.reset_mock()
select_mock.return_value = poll_mock
gsc_mock.return_value = client_mock
ito_mock.return_value = True
client_mock.get_transport.return_value = tran_mock
tran_mock.open_session.return_value = chan_mock
poll_mock.poll.side_effect = [[0, 0, 0]]
# Test for a timeout condition immediately raised
client = ssh.Client('localhost', 'root', timeout=2)
with testtools.ExpectedException(exceptions.TimeoutException):
client.exec_command("test")
chan_mock.fileno.assert_called_once_with()
chan_mock.exec_command.assert_called_once_with("test")
chan_mock.shutdown_write.assert_called_once_with()
SELECT_POLLIN = 1
poll_mock.register.assert_called_once_with(chan_mock, SELECT_POLLIN)
poll_mock.poll.assert_called_once_with(10)
# Test for proper reading of STDOUT and STDERROR and closing
# of all file descriptors.
reset_mocks()
select_mock.return_value = poll_mock
gsc_mock.return_value = client_mock
ito_mock.return_value = False
client_mock.get_transport.return_value = tran_mock
tran_mock.open_session.return_value = chan_mock
poll_mock.poll.side_effect = [[1, 0, 0]]
closed_prop = mock.PropertyMock(return_value=True)
type(chan_mock).closed = closed_prop
chan_mock.recv_exit_status.return_value = 0
chan_mock.recv.return_value = ''
chan_mock.recv_stderr.return_value = ''
client = ssh.Client('localhost', 'root', timeout=2)
client.exec_command("test")
chan_mock.fileno.assert_called_once_with()
chan_mock.exec_command.assert_called_once_with("test")
chan_mock.shutdown_write.assert_called_once_with()
SELECT_POLLIN = 1
poll_mock.register.assert_called_once_with(chan_mock, SELECT_POLLIN)
poll_mock.poll.assert_called_once_with(10)
chan_mock.recv_ready.assert_called_once_with()
chan_mock.recv.assert_called_once_with(1024)
chan_mock.recv_stderr_ready.assert_called_once_with()
chan_mock.recv_stderr.assert_called_once_with(1024)
chan_mock.recv_exit_status.assert_called_once_with()
closed_prop.assert_called_once_with()
def _run_command_on_node(self, node_ip, command):
ssh_session = connection.Client(node_ip, self.testcase['ssh_username'],
pkey=self.private_key)
return ssh_session.exec_command(command)
