示例#1
0
def pytest_collectstart():
    """
    Set up the ssh session at collectstart. Because skipif condition is evaluated at the collecting test cases phase.
    """
    global con_ssh
    con_ssh = setups.setup_tis_ssh(InstallVars.get_install_var("LAB"))
    InstallVars.set_install_var(con_ssh=con_ssh)
    auth = setups.get_auth_via_openrc(con_ssh)
    if auth:
        CliAuth.set_vars(**setups.get_auth_via_openrc(con_ssh))

    Tenant.set_platform_url(CliAuth.get_var('OS_AUTH_URL'))
    Tenant.set_region(CliAuth.get_var('OS_REGION_NAME'))
示例#2
0
def pytest_collectstart():
    """
    Set up the ssh session at collectstart. Because skipif condition is evaluated at the collecting test cases phase.
    """
    global con_ssh
    lab = ProjVar.get_var("LAB")
    if 'vbox' in lab['short_name']:
        con_ssh = setups.setup_vbox_tis_ssh(lab)
    else:
        con_ssh = setups.setup_tis_ssh(lab)
    ProjVar.set_var(con_ssh=con_ssh)
    CliAuth.set_vars(**setups.get_auth_via_openrc(con_ssh))
    Tenant.set_region(region=CliAuth.get_var('OS_REGION_NAME'))
    Tenant.set_platform_url(url='OS_AUTH_URL')
示例#3
0
def set_region(region=None):
    """
    set global variable region.
    This needs to be called after CliAuth.set_vars, since the custom region
    value needs to override what is
    specified in openrc file.

    local region and auth url is saved in CliAuth, while the remote region
    and auth url is saved in Tenant.

    Args:
        region: region to set

    """
    local_region = CliAuth.get_var('OS_REGION_NAME')
    if not region:
        if ProjVar.get_var('IS_DC'):
            region = 'SystemController'
        else:
            region = local_region
    Tenant.set_region(region=region)
    ProjVar.set_var(REGION=region)
    if re.search(SUBCLOUD_PATTERN, region):
        # Distributed cloud, lab specified is a subcloud.
        urls = keystone_helper.get_endpoints(region=region,
                                             field='URL',
                                             interface='internal',
                                             service_name='keystone')
        if not urls:
            raise ValueError(
                "No internal endpoint found for region {}. Invalid value for "
                "--region with specified lab."
                "sub-cloud tests can be run on controller, but not the other "
                "way round".format(region))
        Tenant.set_platform_url(urls[0])
示例#4
0
    def base_url(self):
        from consts.auth import CliAuth
        if CliAuth.get_var('HTTPS'):
            prefix = 'https'
            lab_name = ProjVar.get_var('LAB').get('name')
            if not lab_name:
                skip('Skip https testing on unknown lab')
            domain = '{}.cumulus.wrs.com'.format(
                lab_name.split('yow-')[-1].replace('_', '-'))
            if self.port and self.port == 31000:
                domain = ProjVar.get_var('OPENSTACK_DOMAIN')
                if not domain:
                    skip(
                        'OpenStack endpoint domain not found in service parameters. Skip '
                        'OpenStack horizon test with https.')
        else:
            prefix = 'http'
            domain = ProjVar.get_var("LAB")['floating ip']

        if ProjVar.get_var('IPV6_OAM'):
            domain = '[{}]'.format(domain)

        if not self.port:
            self.port = 8080 if prefix == 'http' else 8443
        base_url = '{}://{}:{}'.format(prefix, domain,
                                       self.port)  # horizon url matt
        if not base_url.endswith('/'):
            base_url += '/'
        return base_url
示例#5
0
def test_clis():
    print(CliAuth.get_var('HTTPS'))
    cli.system('host-list')
    cli.system('host-show controller-0')
    cli.openstack('server list')
    cli.openstack('stack list')
    ceilometer_helper.get_alarms()
    keystone_helper.get_endpoints()
    cli.openstack('router list')
    cli.openstack('volume list')
    cli.openstack('image list')
示例#6
0
def pytest_collectstart():
    """
    Set up the ssh session at collectstart. Because skipif condition is
    evaluated at the collecting test cases phase.
    """
    global initialized
    if not initialized:
        global con_ssh
        con_ssh = setups.setup_tis_ssh(ProjVar.get_var("LAB"))
        ProjVar.set_var(con_ssh=con_ssh)
        CliAuth.set_vars(**setups.get_auth_via_openrc(con_ssh))
        if setups.is_https(con_ssh):
            CliAuth.set_vars(HTTPS=True)

        auth_url = CliAuth.get_var('OS_AUTH_URL')
        Tenant.set_platform_url(auth_url)
        setups.set_region(region=None)
        if ProjVar.get_var('IS_DC'):
            Tenant.set_platform_url(url=auth_url, central_region=True)
        initialized = True
示例#7
0
    def base_url(self):
        from consts.auth import CliAuth
        prefix = 'http'
        if CliAuth.get_var('HTTPS'):
            prefix = 'https'
        oam_ip = ProjVar.get_var("LAB")['floating ip']

        if not self.port:
            self.port = 8080 if prefix == 'http' else 8443
        base_url = '{}://{}:{}'.format(prefix, oam_ip,
                                       self.port)  # horizon url matt
        if not base_url.endswith('/'):
            base_url += '/'
        return base_url
示例#8
0
def get_url(dnsname=False):
    """
    Get the base url of the Horizon application
    Args:
        dnsname(bool): True if return the dns name of the host instead of the IP

    Returns(str): the url on the active controller to access Horizon

    """
    domain = common.get_lab_fip(region='RegionOne') if not dnsname else \
        common.get_dnsname(region='RegionOne')
    prefix = 'https' if CliAuth.get_var('https') else 'http'
    port = 8080 if prefix == 'http' else 8443
    return '{}://{}:{}'.format(prefix, domain, port)
示例#9
0
def driver(request):
    auth_info = Tenant.get('admin_platform')
    if CliAuth.get_var('HTTPS') and container_helper.is_stx_openstack_deployed(
            auth_info=auth_info):
        openstack_domain = system_helper.get_service_parameter_values(
            service='openstack',
            section='helm',
            name='endpoint_domain',
            auth_info=auth_info)
        domain = openstack_domain[0] if openstack_domain else None
        ProjVar.set_var(openstack_domain=domain)

    driver_ = HorizonDriver.get_driver()

    def teardown():
        HorizonDriver.quit_driver()

    request.addfinalizer(teardown)
    return driver_
示例#10
0
def _test_firewall_rules_default():
    """
    Verify default ports are open.

    Test Steps:
        - Confirm iptables service is running on active controller
        - Check if lab is http(s), add corresponding port to check
        - Confirm the default ports are open
        - Swact and repeat the above steps
    """
    # Cannot test connecting to the ports as they are in use.

    default_ports = [
        123, 161, 199, 5000, 6080, 6385, 8000, 8003, 8004, 8041, 8774, 8776,
        8778, 9292, 9696, 15491
    ]

    from consts.proj_vars import ProjVar
    region = ProjVar.get_var('REGION')
    if region != 'RegionOne' and region in MULTI_REGION_MAP:
        default_ports.remove(5000)
        default_ports.remove(9292)

    default_ports.append(8443) if CliAuth.get_var(
        'HTTPS') else default_ports.append(8080)

    active_controller = system_helper.get_active_controller_name()
    con_ssh = ControllerClient.get_active_controller()

    _verify_iptables_status(con_ssh, active_controller)
    _check_ports_with_netstat(con_ssh, active_controller, default_ports)

    active_controller, new_active = system_helper.get_active_standby_controllers(
    )
    if new_active:
        LOG.tc_step(
            "Swact {} and verify firewall rules".format(active_controller))
        host_helper.swact_host(active_controller)
        con_ssh = ControllerClient.get_active_controller()

        _verify_iptables_status(con_ssh, new_active)
        _check_ports_with_netstat(con_ssh, new_active, default_ports)
示例#11
0
    def __init__(self, serviceName, platform=False):
        """
        Initiate an object for handling REST calls.
        Args:
            serviceName -

        """
        auth_info = Tenant.get('admin_platform') if platform else Tenant.get(
            'admin')
        self.token = ""
        self.token_payload = ""
        self.region = ProjVar.get_var('REGION')
        self.baseURL = keystone_helper.get_endpoints(field='URL',
                                                     service_name=serviceName,
                                                     interface="public",
                                                     region=self.region,
                                                     auth_info=auth_info)[0]
        self.ksURL = keystone_helper.get_endpoints(field='URL',
                                                   service_name='keystone',
                                                   interface="public",
                                                   region=self.region,
                                                   auth_info=auth_info)[0]
        self.cert_path = None
        self.verify = True
        self.is_https = CliAuth.get_var('HTTPS')
        if self.is_https:
            self.verify = False
            cert_path = os.path.join(ProjVar.get_var('TEMP_DIR'),
                                     'server-with-key.pem')
            if not os.path.exists(cert_path):
                cert_path = security_helper.fetch_cert_file(scp_to_local=True)
            self.cert_path = cert_path
            if cert_path:
                self.verify = cert_path

        self.generate_token_request()
        self.retrieve_token('/auth/tokens')
示例#12
0
def modify_https(enable_https=True,
                 check_first=True,
                 con_ssh=None,
                 auth_info=Tenant.get('admin_platform'),
                 fail_ok=False):
    """
    Modify platform https via 'system modify https_enable=<bool>'

    Args:
        enable_https (bool): True/False to enable https or not
        check_first (bool): if user want to check if the lab is already in
        the state that user try to enable
        con_ssh (SSHClient):
        auth_info (dict):
        fail_ok (bool):

    Returns (tuple):
        (-1, msg)
        (0, msg)
        (1, <std_err>)

    """
    if check_first:
        is_https = keystone_helper.is_https_enabled(source_openrc=False,
                                                    auth_info=auth_info,
                                                    con_ssh=con_ssh)
        if (is_https and enable_https) or (not is_https and not enable_https):
            msg = "Https is already {}. Do nothing.".format(
                'enabled' if enable_https else 'disabled')
            LOG.info(msg)
            return -1, msg

    LOG.info("Modify system to {} https".format(
        'enable' if enable_https else 'disable'))
    res, output = system_helper.modify_system(fail_ok=fail_ok,
                                              con_ssh=con_ssh,
                                              auth_info=auth_info,
                                              https_enabled='{}'.format(
                                                  str(enable_https).lower()))
    if res == 1:
        return 1, output

    LOG.info("Wait up to 60s for config out-of-date alarm with best effort.")
    system_helper.wait_for_alarm(alarm_id=EventLogID.CONFIG_OUT_OF_DATE,
                                 entity_id='controller-',
                                 strict=False,
                                 con_ssh=con_ssh,
                                 timeout=60,
                                 fail_ok=True,
                                 auth_info=auth_info)

    LOG.info("Wait up to 600s for config out-of-date alarm to clear.")
    system_helper.wait_for_alarm_gone(EventLogID.CONFIG_OUT_OF_DATE,
                                      con_ssh=con_ssh,
                                      timeout=600,
                                      check_interval=20,
                                      fail_ok=False,
                                      auth_info=auth_info)

    LOG.info("Wait up to 300s for public endpoints to be updated")
    expt_status = 'enabled' if enable_https else 'disabled'
    end_time = time.time() + 300
    while time.time() < end_time:
        if keystone_helper.is_https_enabled(con_ssh=con_ssh,
                                            source_openrc=False,
                                            auth_info=auth_info) == \
                enable_https:
            break
        time.sleep(10)
    else:
        raise exceptions.KeystoneError(
            "Https is not {} in 'openstack endpoint list'".format(expt_status))

    msg = 'Https is {} successfully'.format(expt_status)
    LOG.info(msg)
    # TODO: install certificate for https. There will be a warning msg if
    #  self-signed certificate is used

    if not ProjVar.get_var('IS_DC') or \
            (auth_info and auth_info.get('region', None) in (
            'RegionOne', 'SystemController')):
        # If DC, use the central region https as system https, since that is
        # the one used for external access
        CliAuth.set_vars(HTTPS=enable_https)

    return 0, msg
示例#13
0
def configure_dovetail_server(hosts_per_personality):
    """
    - Update env_config.sh on dovetail test node
    - Update tempest_conf.yaml min_compute_nodes count
    - Update nova-api process count in docker overlay monitor_process.py
    - Update monitor.py
    - Create pod.yaml file on localhost and scp to dovetail test node

    Args:
        hosts_per_personality:

    """
    con_ssh = ControllerClient.get_active_controller()
    # # Do not modify the tool
    # nova_proc_count = int(con_ssh.exec_cmd('ps -fC nova-api | grep nova | wc -l')[1])
    # assert nova_proc_count > 0, "0 nova-api processes running on active controller"

    LOG.fixture_step("Update {} on dovetail test node".format(Dovetail.ENV_SH))
    admin_dict = Tenant.get('admin')
    tenant_name = admin_dict['tenant']
    keystone_public_url = keystone_helper.get_endpoints(
        service_name='keystone',
        interface='public',
        region=admin_dict['region'],
        field='url')[0]
    env_conf_dict = {
        'OS_PROJECT_NAME':
        tenant_name,
        'OS_PROJECT_ID':
        keystone_helper.get_projects(field='ID', name=tenant_name)[0],
        'OS_TENANT_NAME':
        tenant_name,
        'OS_USERNAME':
        admin_dict['user'],
        'OS_PASSWORD':
        admin_dict['password'],
        'OS_AUTH_URL':
        keystone_public_url.replace(':', r'\:').replace(r'/', r'\/'),
        'OS_IDENTITY_API_VERSION':
        CliAuth.get_var('OS_IDENTITY_API_VERSION'),
    }

    Dovetail.set_auth_url(keystone_public_url)
    ComplianceCreds.set_host(Dovetail.TEST_NODE)
    ComplianceCreds.set_user(Dovetail.USERNAME)
    ComplianceCreds.set_password(Dovetail.PASSWORD)
    with compliance_helper.ssh_to_compliance_server() as compliance_ssh:
        env_path = Dovetail.ENV_SH
        for var, value in env_conf_dict.items():
            compliance_ssh.exec_cmd(
                'sed -i "s/^export {}=.*/export {}={}/g" {}'.format(
                    var, var, value, env_path))
            compliance_ssh.exec_cmd('grep "export {}={}" {}'.format(
                var, value, env_path),
                                    fail_ok=False)

        LOG.fixture_step("Update tempest_conf.yaml min_compute_nodes count")
        compliance_ssh.exec_sudo_cmd(
            'sed -i "s/^  min_compute_nodes:.*/  min_compute_nodes: {}/g" {}'.
            format(len(hosts_per_personality['compute']),
                   Dovetail.TEMPEST_YAML))

        # # Do not modify the tool
        # LOG.fixture_step("Update nova-api process count in docker overlay monitor_process.py")
        # file_path = compliance_ssh.exec_sudo_cmd("find / -name monitor_process.py")[1]
        # LOG.fixture_step('Fixing monitor.py located at {}'.format(file_path))
        # compliance_ssh.exec_sudo_cmd("sed -ie 's/processes=.*/processes={}/g' {}".format(nova_proc_count, file_path))

        compliance_helper.add_route_for_vm_access(compliance_ssh)

    LOG.fixture_step(
        "Collect hosts info, create pod.yaml file on localhost and scp to dovetail test node"
    )
    import yaml
    yaml_nodes = []
    controllers = hosts_per_personality['controller']
    computes = hosts_per_personality['compute']

    node_count = 1
    for host in controllers:
        node_ip = con_ssh.exec_cmd(
            'nslookup {} | grep -A 2 "Name:" | grep --color=never "Address:"'.
            format(host),
            fail_ok=False)[1].split('Address:')[1].strip()
        yaml_nodes.append({
            'name': 'node{}'.format(node_count),
            'role': 'Controller',
            'ip': node_ip,
            'user': '******',
            'password': HostLinuxUser.get_password()
        })
        node_count += 1

    for compute in computes:
        node_ip = con_ssh.exec_cmd(
            'nslookup {} | grep -A 2 "Name:" | grep --color=never "Address:"'.
            format(compute),
            fail_ok=False)[1].split('Address:')[1].strip()
        yaml_nodes.append({
            'name': 'node{}'.format(node_count),
            'role': 'Compute',
            'ip': node_ip,
            'user': '******',
            'password': HostLinuxUser.get_password()
        })
        node_count += 1

    pod_yaml_dict = {'nodes': yaml_nodes}
    local_path = '{}/pod.yaml'.format(ProjVar.get_var('TEMP_DIR'))
    with open(local_path, 'w') as f:
        yaml.dump(pod_yaml_dict, f, default_flow_style=False)

    common.scp_from_local(source_path=local_path,
                          dest_path=Dovetail.POD_YAML,
                          dest_ip=Dovetail.TEST_NODE,
                          dest_user=Dovetail.USERNAME,
                          dest_password=Dovetail.PASSWORD,
                          timeout=30)