def identity_utils(self): """A client that abstracts v2 and v3 identity operations. This can be used for creating and tearing down projects in tests. It should not be used for testing identity features. """ if CONF.identity.auth_version == 'v2': client = self.os_admin.identity_client users_client = self.os_admin.users_client project_client = self.os_admin.tenants_client roles_client = self.os_admin.roles_client domains_client = None else: client = self.os_admin.identity_v3_client users_client = self.os_admin.users_v3_client project_client = self.os_admin.projects_client roles_client = self.os_admin.roles_v3_client domains_client = self.os_admin.domains_client try: domain = client.auth_provider.credentials.project_domain_name except AttributeError: domain = 'Default' return cred_client.get_creds_client(client, project_client, users_client, roles_client, domains_client, project_domain_name=domain)
def setup_clients(cls): super(CLIClientTestCase, cls).setup_clients() # This creates a client that abstracts identity v2 and v3 operations if CONF.identity.auth_version == 'v2': client = cls.os_admin.identity_client users_client = cls.os_admin.users_client project_client = cls.os_admin.tenants_client roles_client = cls.os_admin.roles_client domains_client = None else: client = cls.os_admin.identity_v3_client users_client = cls.os_admin.users_v3_client project_client = cls.os_admin.projects_client roles_client = cls.os_admin.roles_v3_client domains_client = cls.os_admin.domains_client try: domain = client.auth_provider.credentials.project_domain_name except AttributeError: domain = 'Default' cls.creds_client = \ cred_client.get_creds_client(client, project_client, users_client, roles_client, domains_client, project_domain_name=domain)
def identity_utils(clients): """A client that abstracts v2 and v3 identity operations. This can be used for creating and tearing down projects in tests. It should not be used for testing identity features. :param clients: a client manager. :return """ if CONF.identity.auth_version == 'v2': client = clients.identity_client users_client = clients.users_client project_client = clients.tenants_client roles_client = clients.roles_client domains_client = None else: client = clients.identity_v3_client users_client = clients.users_v3_client project_client = clients.projects_client roles_client = clients.roles_v3_client domains_client = clients.domains_client try: domain = client.auth_provider.credentials.project_domain_name except AttributeError: domain = CONF.auth.default_credentials_domain_name return cred_client.get_creds_client(client, project_client, users_client, roles_client, domains_client, project_domain_name=domain)
def __init__(self, identity_version, name=None, network_resources=None, credentials_domain=None, admin_role=None, admin_creds=None, identity_admin_domain_scope=False, identity_admin_role='admin', extra_roles=None, neutron_available=False, create_networks=True, project_network_cidr=None, project_network_mask_bits=None, public_network_id=None, resource_prefix=None, identity_admin_endpoint_type='public', identity_uri=None): super(DynamicCredentialProvider, self).__init__(identity_version=identity_version, identity_uri=identity_uri, admin_role=admin_role, name=name, credentials_domain=credentials_domain, network_resources=network_resources) self.network_resources = network_resources self._creds = {} self.ports = [] self.resource_prefix = resource_prefix or '' self.neutron_available = neutron_available self.create_networks = create_networks self.project_network_cidr = project_network_cidr self.project_network_mask_bits = project_network_mask_bits self.public_network_id = public_network_id self.default_admin_creds = admin_creds self.identity_admin_domain_scope = identity_admin_domain_scope self.identity_admin_role = identity_admin_role or 'admin' self.identity_admin_endpoint_type = identity_admin_endpoint_type self.extra_roles = extra_roles or [] (self.identity_admin_client, self.tenants_admin_client, self.users_admin_client, self.roles_admin_client, self.domains_admin_client, self.networks_admin_client, self.routers_admin_client, self.subnets_admin_client, self.ports_admin_client, self.security_groups_admin_client ) = self._get_admin_clients(identity_admin_endpoint_type) # Domain where isolated credentials are provisioned (v3 only). # Use that of the admin account is None is configured. self.creds_domain_name = None if self.identity_version == 'v3': self.creds_domain_name = ( self.default_admin_creds.project_domain_name or self.credentials_domain) self.creds_client = cred_client.get_creds_client( self.identity_admin_client, self.tenants_admin_client, self.users_admin_client, self.roles_admin_client, self.domains_admin_client, self.creds_domain_name)
def __init__(self, identity_version, name=None, network_resources=None, credentials_domain=None, admin_role=None, admin_creds=None, identity_admin_domain_scope=False, identity_admin_role='admin', extra_roles=None, neutron_available=False, create_networks=True, project_network_cidr=None, project_network_mask_bits=None, public_network_id=None, resource_prefix=None, identity_admin_endpoint_type='public', identity_uri=None): super(DynamicCredentialProvider, self).__init__( identity_version=identity_version, identity_uri=identity_uri, admin_role=admin_role, name=name, credentials_domain=credentials_domain, network_resources=network_resources) self.network_resources = network_resources self._creds = {} self.ports = [] self.resource_prefix = resource_prefix or '' self.neutron_available = neutron_available self.create_networks = create_networks self.project_network_cidr = project_network_cidr self.project_network_mask_bits = project_network_mask_bits self.public_network_id = public_network_id self.default_admin_creds = admin_creds self.identity_admin_domain_scope = identity_admin_domain_scope self.identity_admin_role = identity_admin_role or 'admin' self.identity_admin_endpoint_type = identity_admin_endpoint_type self.extra_roles = extra_roles or [] (self.identity_admin_client, self.tenants_admin_client, self.users_admin_client, self.roles_admin_client, self.domains_admin_client, self.networks_admin_client, self.routers_admin_client, self.subnets_admin_client, self.ports_admin_client, self.security_groups_admin_client) = self._get_admin_clients( identity_admin_endpoint_type) # Domain where isolated credentials are provisioned (v3 only). # Use that of the admin account is None is configured. self.creds_domain_name = None if self.identity_version == 'v3': self.creds_domain_name = ( self.default_admin_creds.project_domain_name or self.credentials_domain) self.creds_client = cred_client.get_creds_client( self.identity_admin_client, self.tenants_admin_client, self.users_admin_client, self.roles_admin_client, self.domains_admin_client, self.creds_domain_name)
def __init__(self, identity_version, name=None, network_resources=None, credentials_domain=None, admin_role=None, admin_creds=None, identity_admin_domain_scope=False, identity_admin_role='admin', extra_roles=None, neutron_available=False, create_networks=True, project_network_cidr=None, project_network_mask_bits=None, public_network_id=None, resource_prefix=None): """Creates credentials dynamically for tests A credential provider that, based on an initial set of admin credentials, creates new credentials on the fly for tests to use and then discard. :param str identity_version: identity API version to use `v2` or `v3` :param str admin_role: name of the admin role added to admin users :param str name: names of dynamic resources include this parameter when specified :param str credentials_domain: name of the domain where the users are created. If not defined, the project domain from admin_credentials is used :param dict network_resources: network resources to be created for the created credentials :param Credentials admin_creds: initial admin credentials :param bool identity_admin_domain_scope: Set to true if admin should be scoped to the domain. By default this is False and the admin role is scoped to the project. :param str identity_admin_role: The role name to use for admin :param list extra_roles: A list of strings for extra roles that should be assigned to all created users :param bool neutron_available: Whether we are running in an environemnt with neutron :param bool create_networks: Whether dynamic project networks should be created or not :param project_network_cidr: The CIDR to use for created project networks :param project_network_mask_bits: The network mask bits to use for created project networks :param public_network_id: The id for the public network to use """ super(DynamicCredentialProvider, self).__init__(identity_version=identity_version, admin_role=admin_role, name=name, credentials_domain=credentials_domain, network_resources=network_resources) self.network_resources = network_resources self._creds = {} self.ports = [] self.resource_prefix = resource_prefix or '' self.neutron_available = neutron_available self.create_networks = create_networks self.project_network_cidr = project_network_cidr self.project_network_mask_bits = project_network_mask_bits self.public_network_id = public_network_id self.default_admin_creds = admin_creds self.identity_admin_domain_scope = identity_admin_domain_scope self.identity_admin_role = identity_admin_role or 'admin' self.extra_roles = extra_roles or [] (self.identity_admin_client, self.tenants_admin_client, self.users_admin_client, self.roles_admin_client, self.domains_admin_client, self.networks_admin_client, self.routers_admin_client, self.subnets_admin_client, self.ports_admin_client, self.security_groups_admin_client) = self._get_admin_clients() # Domain where isolated credentials are provisioned (v3 only). # Use that of the admin account is None is configured. self.creds_domain_name = None if self.identity_version == 'v3': self.creds_domain_name = ( self.default_admin_creds.project_domain_name or self.credentials_domain) self.creds_client = cred_client.get_creds_client( self.identity_admin_client, self.tenants_admin_client, self.users_admin_client, self.roles_admin_client, self.domains_admin_client, self.creds_domain_name)
def __init__(self, identity_version, name=None, network_resources=None, credentials_domain=None, admin_role=None, admin_creds=None, identity_admin_domain_scope=False, identity_admin_role='admin', extra_roles=None, neutron_available=False, create_networks=True, project_network_cidr=None, project_network_mask_bits=None, public_network_id=None, resource_prefix=None): """Creates credentials dynamically for tests A credential provider that, based on an initial set of admin credentials, creates new credentials on the fly for tests to use and then discard. :param str identity_version: identity API version to use `v2` or `v3` :param str admin_role: name of the admin role added to admin users :param str name: names of dynamic resources include this parameter when specified :param str credentials_domain: name of the domain where the users are created. If not defined, the project domain from admin_credentials is used :param dict network_resources: network resources to be created for the created credentials :param Credentials admin_creds: initial admin credentials :param bool identity_admin_domain_scope: Set to true if admin should be scoped to the domain. By default this is False and the admin role is scoped to the project. :param str identity_admin_role: The role name to use for admin :param list extra_roles: A list of strings for extra roles that should be assigned to all created users :param bool neutron_available: Whether we are running in an environemnt with neutron :param bool create_networks: Whether dynamic project networks should be created or not :param project_network_cidr: The CIDR to use for created project networks :param project_network_mask_bits: The network mask bits to use for created project networks :param public_network_id: The id for the public network to use """ super(DynamicCredentialProvider, self).__init__( identity_version=identity_version, admin_role=admin_role, name=name, credentials_domain=credentials_domain, network_resources=network_resources) self.network_resources = network_resources self._creds = {} self.ports = [] self.resource_prefix = resource_prefix or '' self.neutron_available = neutron_available self.create_networks = create_networks self.project_network_cidr = project_network_cidr self.project_network_mask_bits = project_network_mask_bits self.public_network_id = public_network_id self.default_admin_creds = admin_creds self.identity_admin_domain_scope = identity_admin_domain_scope self.identity_admin_role = identity_admin_role or 'admin' self.extra_roles = extra_roles or [] (self.identity_admin_client, self.tenants_admin_client, self.users_admin_client, self.roles_admin_client, self.domains_admin_client, self.networks_admin_client, self.routers_admin_client, self.subnets_admin_client, self.ports_admin_client, self.security_groups_admin_client) = self._get_admin_clients() # Domain where isolated credentials are provisioned (v3 only). # Use that of the admin account is None is configured. self.creds_domain_name = None if self.identity_version == 'v3': self.creds_domain_name = ( self.default_admin_creds.project_domain_name or self.credentials_domain) self.creds_client = cred_client.get_creds_client( self.identity_admin_client, self.tenants_admin_client, self.users_admin_client, self.roles_admin_client, self.domains_admin_client, self.creds_domain_name)
def stress_openstack(tests, duration, max_runs=None, stop_on_error=False): """Workload driver. Executes an action function against a nova-cluster.""" admin_manager = credentials.AdminManager() ssh_user = STRESS_CONF.stress.target_ssh_user ssh_key = STRESS_CONF.stress.target_private_key_path logfiles = STRESS_CONF.stress.target_logfiles log_check_interval = int(STRESS_CONF.stress.log_check_interval) default_thread_num = int( STRESS_CONF.stress.default_thread_number_per_action) if logfiles: controller = STRESS_CONF.stress.target_controller computes = _get_compute_nodes(controller, ssh_user, ssh_key) for node in computes: do_ssh("rm -f %s" % logfiles, node, ssh_user, ssh_key) skip = False for test in tests: for service in test.get('required_services', []): if not CONF.service_available.get(service): skip = True break if skip: break # TODO(andreaf) This has to be reworked to use the credential # provider interface. For now only tests marked as 'use_admin' will # work. if test.get('use_admin', False): manager = admin_manager else: raise NotImplemented('Non admin tests are not supported') for p_number in range(test.get('threads', default_thread_num)): if test.get('use_isolated_tenants', False): username = data_utils.rand_name("stress_user") tenant_name = data_utils.rand_name("stress_tenant") password = "******" if CONF.identity.auth_version == 'v2': identity_client = admin_manager.identity_client projects_client = admin_manager.tenants_client roles_client = admin_manager.roles_client users_client = admin_manager.users_client domains_client = None else: identity_client = admin_manager.identity_v3_client projects_client = admin_manager.projects_client roles_client = admin_manager.roles_v3_client users_client = admin_manager.users_v3_client domains_client = admin_manager.domains_client domain = (identity_client.auth_provider.credentials. get('project_domain_name', 'Default')) credentials_client = cred_client.get_creds_client( identity_client, projects_client, users_client, roles_client, domains_client, project_domain_name=domain) project = credentials_client.create_project( name=tenant_name, description=tenant_name) user = credentials_client.create_user(username, password, project, "email") # Add roles specified in config file for conf_role in CONF.auth.tempest_roles: credentials_client.assign_user_role(user, project, conf_role) creds = credentials_client.get_credentials(user, project, password) manager = clients.Manager(credentials=creds) test_obj = importutils.import_class(test['action']) test_run = test_obj(manager, max_runs, stop_on_error) kwargs = test.get('kwargs', {}) test_run.setUp(**dict(six.iteritems(kwargs))) LOG.debug("calling Target Object %s" % test_run.__class__.__name__) mp_manager = multiprocessing.Manager() shared_statistic = mp_manager.dict() shared_statistic['runs'] = 0 shared_statistic['fails'] = 0 p = multiprocessing.Process(target=test_run.execute, args=(shared_statistic,)) process = {'process': p, 'p_number': p_number, 'action': test_run.action, 'statistic': shared_statistic} processes.append(process) p.start() if stop_on_error: # NOTE(mkoderer): only the parent should register the handler signal.signal(signal.SIGCHLD, sigchld_handler) end_time = time.time() + duration had_errors = False try: while True: if max_runs is None: remaining = end_time - time.time() if remaining <= 0: break else: remaining = log_check_interval all_proc_term = True for process in processes: if process['process'].is_alive(): all_proc_term = False break if all_proc_term: break time.sleep(min(remaining, log_check_interval)) if stop_on_error: if any([True for proc in processes if proc['statistic']['fails'] > 0]): break if not logfiles: continue if _has_error_in_logs(logfiles, computes, ssh_user, ssh_key, stop_on_error): had_errors = True break except KeyboardInterrupt: LOG.warning("Interrupted, going to print statistics and exit ...") if stop_on_error: signal.signal(signal.SIGCHLD, signal.SIG_DFL) terminate_all_processes() sum_fails = 0 sum_runs = 0 LOG.info("Statistics (per process):") for process in processes: if process['statistic']['fails'] > 0: had_errors = True sum_runs += process['statistic']['runs'] sum_fails += process['statistic']['fails'] print("Process %d (%s): Run %d actions (%d failed)" % ( process['p_number'], process['action'], process['statistic']['runs'], process['statistic']['fails'])) print("Summary:") print("Run %d actions (%d failed)" % (sum_runs, sum_fails)) if not had_errors and STRESS_CONF.stress.full_clean_stack: LOG.info("cleaning up") cleanup.cleanup() if had_errors: return 1 else: return 0