def try_deploy_instance(self, create_params, conf): with keystone.AddAdminUserToNonAdminTenant( self.identity.keystone_client, conf.cloud.user, conf.cloud.tenant): nclient = self.proxy(self.get_client(conf), conf) new_id = self.create_instance(nclient, **create_params) try: self.wait_for_status(new_id, self.get_status, 'active', timeout=conf.migrate.boot_timeout, stop_statuses=[ERROR]) except (exception.TimeoutException, signal_handler.InterruptedException): LOG.warning("Failed to create instance '%s'", new_id) if self.instance_exists(new_id): self.reset_state(new_id) instance = self.get_instance(new_id) if hasattr(instance, 'fault') and instance.fault: LOG.debug("Error message of failed instance '%s': %s", new_id, instance.fault) self.failed_instances.append(new_id) raise self.processing_instances.append(new_id) return new_id
def get_server_group_id_by_vm(self, instance_id, instance_tenant): """ Get Nova Server Group by it's member :param instance_id: VM's ID :param instance_tenant: VM's tenant name :return str: Nova Server Group ID """ client_config = copy.deepcopy(self.config) client_config.cloud.tenant = instance_tenant with keystone.AddAdminUserToNonAdminTenant( self.identity.keystone_client, client_config.cloud.user, instance_tenant): nclient = self.compute.get_client(client_config) try: server_group_list = nclient.server_groups.list() except nova_exc.NotFound: LOG.info("Cloud does not support server_groups") return for server_group in server_group_list: if instance_id in server_group.members: return server_group.id LOG.debug("Instance '%s' is not a member of any server group...", instance_id)
def create_volume(self, size, **kwargs): """Creates volume of given size :raises: OverLimit in case quota exceeds for tenant """ cinder = self.cinder_client tenant_id = kwargs.get('project_id') # If migrated volume needs to be created on non default volume_type kwargs['volume_type'] = self.attr_override.get_attr( kwargs, 'volume_type') # if volume needs to be created in non-admin tenant, re-auth is # required in that tenant if tenant_id: identity = self.cloud.resources[utils.IDENTITY_RESOURCE] ks = identity.keystone_client user = self.config.cloud.user with keystone.AddAdminUserToNonAdminTenant(ks, user, tenant_id): tenant = ks.tenants.get(tenant_id) cinder = self.proxy(self.get_client(tenant=tenant.name), self.config) with proxy_client.expect_exception(cinder_exc.OverLimit): return cinder.volumes.create(size, **kwargs) else: with proxy_client.expect_exception(cinder_exc.OverLimit): return cinder.volumes.create(size, **kwargs)
def test_user_role_is_removed_on_scope_exit(self): ksclient = mock.MagicMock() member_role = mock.Mock() member_role.name = 'admin' user = mock.MagicMock() user.name = 'adm' tenant = mock.MagicMock() tenant.name = 'tenant' ksclient.roles.list.return_value = [member_role] ksclient.users.list.return_value = [user] ksclient.tenants.list.return_value = [tenant] ksclient.roles.roles_for_user.return_value = [] with keystone.AddAdminUserToNonAdminTenant(ksclient, 'adm', 'tenant'): pass assert ksclient.roles.add_user_role.called assert ksclient.roles.remove_user_role.called
def test_nothing_happens_if_admin_is_already_member_of_a_tenant(self): ksclient = mock.MagicMock() role_name = 'member' member_role = mock.Mock() member_role.name = role_name user = mock.MagicMock() user.name = 'adm' tenant = mock.MagicMock() tenant.name = 'tenant' ksclient.roles.list.return_value = [member_role] ksclient.users.list.return_value = [user] ksclient.tenants.list.return_value = [tenant] ksclient.roles.roles_for_user.return_value = [member_role] with keystone.AddAdminUserToNonAdminTenant(ksclient, 'adm', 'tenant', member_role=role_name): pass assert not ksclient.roles.add_user_role.called assert not ksclient.roles.remove_user_role.called