def get_primary_creds(self):
if self.isolated_creds.get('primary'):
return self.isolated_creds.get('primary')
creds = self.get_creds(0)
primary_credential = auth.get_credentials(**creds)
self.isolated_creds['primary'] = primary_credential
return primary_credential
def _clean_tenant(self, tenant):
LOG.debug("Cleaning tenant: %s " % tenant['name'])
is_dry_run = self.options.dry_run
dry_run_data = self.dry_run_data
is_preserve = not self.options.delete_tempest_conf_objects
tenant_id = tenant['id']
tenant_name = tenant['name']
tenant_data = None
if is_dry_run:
tenant_data = dry_run_data["_tenants_to_clean"][tenant_id] = {}
tenant_data['name'] = tenant_name
kwargs = {
"username": CONF.identity.admin_username,
"password": CONF.identity.admin_password,
"tenant_name": tenant['name']
}
mgr = clients.Manager(credentials=auth.get_credentials(**kwargs))
kwargs = {
'data': tenant_data,
'is_dry_run': is_dry_run,
'saved_state_json': None,
'is_preserve': is_preserve,
'is_save_state': False,
'tenant_id': tenant_id
}
for service in self.tenant_services:
svc = service(mgr, **kwargs)
svc.run()
def _clean_tenant(self, tenant):
LOG.debug("Cleaning tenant: %s " % tenant['name'])
is_dry_run = self.options.dry_run
dry_run_data = self.dry_run_data
is_preserve = self.options.preserve_tempest_conf_objects
tenant_id = tenant['id']
tenant_name = tenant['name']
tenant_data = None
if is_dry_run:
tenant_data = dry_run_data["_tenants_to_clean"][tenant_id] = {}
tenant_data['name'] = tenant_name
kwargs = {"username": CONF.identity.admin_username,
"password": CONF.identity.admin_password,
"tenant_name": tenant['name']}
mgr = clients.Manager(credentials=auth.get_credentials(**kwargs))
kwargs = {'data': tenant_data,
'is_dry_run': is_dry_run,
'saved_state_json': None,
'is_preserve': is_preserve,
'is_save_state': False,
'tenant_id': tenant_id}
for service in self.tenant_services:
svc = service(mgr, **kwargs)
svc.run()
def get_alt_creds(self):
if self.isolated_creds.get('alt'):
return self.isolated_creds.get('alt')
creds = self._get_creds()
alt_credential = auth.get_credentials(**creds)
self.isolated_creds['alt'] = alt_credential
return alt_credential
def get_primary_creds(self):
if self.credentials.get('primary'):
return self.credentials.get('primary')
creds = self._get_creds()
primary_credential = auth.get_credentials(**creds)
self.credentials['primary'] = primary_credential
return primary_credential
def get_primary_creds(self):
if self.isolated_creds.get('primary'):
return self.isolated_creds.get('primary')
creds = self._get_creds()
primary_credential = auth.get_credentials(**creds)
self.isolated_creds['primary'] = primary_credential
return primary_credential
def _verify_credentials(self,
credentials_class,
filled=True,
creds_dict=None):
def _check(credentials):
# Check the right version of credentials has been returned
self.assertIsInstance(credentials, credentials_class)
# Check the id attributes are filled in
attributes = [
x for x in credentials.ATTRIBUTES
if ('_id' in x and x != 'domain_id')
]
for attr in attributes:
if filled:
self.assertIsNotNone(getattr(credentials, attr))
else:
self.assertIsNone(getattr(credentials, attr))
if creds_dict is None:
for ctype in auth.Credentials.TYPES:
creds = auth.get_default_credentials(credential_type=ctype,
fill_in=filled)
_check(creds)
else:
creds = auth.get_credentials(fill_in=filled, **creds_dict)
_check(creds)
def get_alt_creds(self):
if self.isolated_creds.get('alt'):
return self.isolated_creds.get('alt')
creds = self.get_creds(1)
alt_credential = auth.get_credentials(**creds)
self.isolated_creds['alt'] = alt_credential
return alt_credential
def get_alt_creds(self):
if self.credentials.get('alt'):
return self.credentials.get('alt')
creds = self._get_creds()
alt_credential = auth.get_credentials(**creds)
self.credentials['alt'] = alt_credential
return alt_credential
def test_get_hash(self):
self.stubs.Set(http.ClosingHttp, "request", fake_identity._fake_v2_response)
test_account_class = accounts.Accounts("test_name")
hash_list = self._get_hash_list(self.test_accounts)
test_cred_dict = self.test_accounts[3]
test_creds = auth.get_credentials(**test_cred_dict)
results = test_account_class.get_hash(test_creds)
self.assertEqual(hash_list[3], results)
def test_credentials(self):
return auth.get_credentials(
username=self.test_user,
user_id=self.user["id"],
password=self.test_password,
tenant_name=self.test_tenant,
tenant_id=self.tenant["id"],
)
def test_get_hash(self):
self.stubs.Set(token_client.TokenClientJSON, 'raw_request',
fake_identity._fake_v2_response)
test_account_class = accounts.Accounts('test_name')
hash_list = self._get_hash_list(self.test_accounts)
test_cred_dict = self.test_accounts[3]
test_creds = auth.get_credentials(**test_cred_dict)
results = test_account_class.get_hash(test_creds)
self.assertEqual(hash_list[3], results)
def test_get_hash(self):
self.stubs.Set(token_client.TokenClientJSON, 'raw_request',
fake_identity._fake_v2_response)
test_account_class = accounts.Accounts('test_name')
hash_list = self._get_hash_list(self.test_accounts)
test_cred_dict = self.test_accounts[3]
test_creds = auth.get_credentials(**test_cred_dict)
results = test_account_class.get_hash(test_creds)
self.assertEqual(hash_list[3], results)
def get_alt_creds(self):
if self.isolated_creds.get('alt'):
return self.isolated_creds.get('alt')
if not self.use_default_creds:
creds = self.get_creds(1)
alt_credential = auth.get_credentials(**creds)
else:
alt_credential = auth.get_default_credentials('alt_user')
self.isolated_creds['alt'] = alt_credential
return alt_credential
def get_primary_creds(self):
if self.isolated_creds.get('primary'):
return self.isolated_creds.get('primary')
if not self.use_default_creds:
creds = self.get_creds(0)
primary_credential = auth.get_credentials(**creds)
else:
primary_credential = auth.get_default_credentials('user')
self.isolated_creds['primary'] = primary_credential
return primary_credential
def get_alt_creds(self):
if self.isolated_creds.get('alt'):
return self.isolated_creds.get('alt')
if not self.use_default_creds:
creds = self.get_creds(1)
alt_credential = auth.get_credentials(**creds)
else:
alt_credential = auth.get_default_credentials('alt_user')
self.isolated_creds['alt'] = alt_credential
return alt_credential
def get_primary_creds(self):
if self.isolated_creds.get('primary'):
return self.isolated_creds.get('primary')
if not self.use_default_creds:
creds = self.get_creds(0)
primary_credential = auth.get_credentials(**creds)
else:
primary_credential = auth.get_default_credentials('user')
self.isolated_creds['primary'] = primary_credential
return primary_credential
def create_trustor_and_roles(self):
# Get trustor project ID, use the admin project
self.trustor_project_name = self.client.tenant_name
self.trustor_project_id = self.get_tenant_by_name(
self.trustor_project_name)['id']
self.assertIsNotNone(self.trustor_project_id)
# Create a trustor User
self.trustor_username = data_utils.rand_name('user-')
u_desc = self.trustor_username + 'description'
u_email = self.trustor_username + '@testmail.xx'
self.trustor_password = data_utils.rand_name('pass-')
resp, user = self.client.create_user(
self.trustor_username,
description=u_desc,
password=self.trustor_password,
email=u_email,
project_id=self.trustor_project_id)
self.assertEqual(resp['status'], '201')
self.trustor_user_id = user['id']
# And two roles, one we'll delegate and one we won't
self.delegated_role = data_utils.rand_name('DelegatedRole-')
self.not_delegated_role = data_utils.rand_name('NotDelegatedRole-')
resp, role = self.client.create_role(self.delegated_role)
self.assertEqual(resp['status'], '201')
self.delegated_role_id = role['id']
resp, role = self.client.create_role(self.not_delegated_role)
self.assertEqual(resp['status'], '201')
self.not_delegated_role_id = role['id']
# Assign roles to trustor
self.client.assign_user_role(self.trustor_project_id,
self.trustor_user_id,
self.delegated_role_id)
self.client.assign_user_role(self.trustor_project_id,
self.trustor_user_id,
self.not_delegated_role_id)
# Get trustee user ID, use the demo user
trustee_username = self.non_admin_client.user
self.trustee_user_id = self.get_user_by_name(trustee_username)['id']
self.assertIsNotNone(self.trustee_user_id)
# Initialize a new client with the trustor credentials
creds = auth.get_credentials(
username=self.trustor_username,
password=self.trustor_password,
tenant_name=self.trustor_project_name)
os = clients.Manager(
credentials=creds,
interface=self._interface)
self.trustor_client = os.identity_v3_client
def _get_credentials(self, user, tenant):
if self.tempest_client:
user_get = user.get
tenant_get = tenant.get
else:
user_get = user.__dict__.get
tenant_get = tenant.__dict__.get
return auth.get_credentials(
username=user_get('name'), user_id=user_get('id'),
tenant_name=tenant_get('name'), tenant_id=tenant_get('id'),
password=self.password)
def get_credentials(fill_in=True, identity_version=None, **kwargs):
identity_version = identity_version or CONF.identity.auth_version
# In case of "v3" add the domain from config if not specified
if identity_version == 'v3':
domain_fields = set(x for x in auth.KeystoneV3Credentials.ATTRIBUTES
if 'domain' in x)
if not domain_fields.intersection(kwargs.keys()):
kwargs['user_domain_name'] = CONF.identity.admin_domain_name
return auth.get_credentials(fill_in=fill_in,
identity_version=identity_version,
**kwargs)
def _get_credentials(self, user, tenant):
if self.tempest_client:
user_get = user.get
tenant_get = tenant.get
else:
user_get = user.__dict__.get
tenant_get = tenant.__dict__.get
return auth.get_credentials(username=user_get('name'),
user_id=user_get('id'),
tenant_name=tenant_get('name'),
tenant_id=tenant_get('id'),
password=self.password)
def create_trustor_and_roles(self):
# Get trustor project ID, use the admin project
self.trustor_project_name = self.client.tenant_name
self.trustor_project_id = self.get_tenant_by_name(
self.trustor_project_name)['id']
self.assertIsNotNone(self.trustor_project_id)
# Create a trustor User
self.trustor_username = data_utils.rand_name('user-')
u_desc = self.trustor_username + 'description'
u_email = self.trustor_username + '@testmail.xx'
self.trustor_password = data_utils.rand_name('pass-')
resp, user = self.client.create_user(
self.trustor_username,
description=u_desc,
password=self.trustor_password,
email=u_email,
project_id=self.trustor_project_id)
self.assertEqual(resp['status'], '201')
self.trustor_user_id = user['id']
# And two roles, one we'll delegate and one we won't
self.delegated_role = data_utils.rand_name('DelegatedRole-')
self.not_delegated_role = data_utils.rand_name('NotDelegatedRole-')
resp, role = self.client.create_role(self.delegated_role)
self.assertEqual(resp['status'], '201')
self.delegated_role_id = role['id']
resp, role = self.client.create_role(self.not_delegated_role)
self.assertEqual(resp['status'], '201')
self.not_delegated_role_id = role['id']
# Assign roles to trustor
self.client.assign_user_role(self.trustor_project_id,
self.trustor_user_id,
self.delegated_role_id)
self.client.assign_user_role(self.trustor_project_id,
self.trustor_user_id,
self.not_delegated_role_id)
# Get trustee user ID, use the demo user
trustee_username = self.non_admin_client.user
self.trustee_user_id = self.get_user_by_name(trustee_username)['id']
self.assertIsNotNone(self.trustee_user_id)
# Initialize a new client with the trustor credentials
creds = auth.get_credentials(username=self.trustor_username,
password=self.trustor_password,
tenant_name=self.trustor_project_name)
os = clients.Manager(credentials=creds, interface=self._interface)
self.trustor_client = os.identity_v3_client
def get_credentials(fill_in=True, identity_version=None, **kwargs):
identity_version = identity_version or CONF.identity.auth_version
# In case of "v3" add the domain from config if not specified
if identity_version == 'v3':
domain_fields = set(x for x in auth.KeystoneV3Credentials.ATTRIBUTES
if 'domain' in x)
if not domain_fields.intersection(kwargs.keys()):
kwargs['user_domain_name'] = CONF.identity.admin_domain_name
auth_url = CONF.identity.uri_v3
else:
auth_url = CONF.identity.uri
return auth.get_credentials(auth_url,
fill_in=fill_in,
identity_version=identity_version,
**kwargs)
def get_credentials(fill_in=True, identity_version=None, **kwargs):
params = dict(DEFAULT_PARAMS, **kwargs)
identity_version = identity_version or CONF.identity.auth_version
# In case of "v3" add the domain from config if not specified
if identity_version == 'v3':
domain_fields = set(x for x in auth.KeystoneV3Credentials.ATTRIBUTES
if 'domain' in x)
if not domain_fields.intersection(kwargs.keys()):
# TODO(andreaf) It might be better here to use a dedicated config
# option such as CONF.auth.tenant_isolation_domain_name
params['user_domain_name'] = CONF.identity.admin_domain_name
auth_url = CONF.identity.uri_v3
else:
auth_url = CONF.identity.uri
return auth.get_credentials(auth_url,
fill_in=fill_in,
identity_version=identity_version,
**params)
def get_credentials(fill_in=True, identity_version=None, **kwargs):
params = dict(DEFAULT_PARAMS, **kwargs)
identity_version = identity_version or CONF.identity.auth_version
# In case of "v3" add the domain from config if not specified
if identity_version == 'v3':
domain_fields = set(x for x in auth.KeystoneV3Credentials.ATTRIBUTES
if 'domain' in x)
if not domain_fields.intersection(kwargs.keys()):
# TODO(andreaf) It might be better here to use a dedicated config
# option such as CONF.auth.tenant_isolation_domain_name
params['user_domain_name'] = CONF.identity.admin_domain_name
auth_url = CONF.identity.uri_v3
else:
auth_url = CONF.identity.uri
return auth.get_credentials(auth_url,
fill_in=fill_in,
identity_version=identity_version,
**params)
def _verify_credentials(self, credentials_class, filled=True,
creds_dict=None):
def _check(credentials):
# Check the right version of credentials has been returned
self.assertIsInstance(credentials, credentials_class)
# Check the id attributes are filled in
attributes = [x for x in credentials.ATTRIBUTES if (
'_id' in x and x != 'domain_id')]
for attr in attributes:
if filled:
self.assertIsNotNone(getattr(credentials, attr))
else:
self.assertIsNone(getattr(credentials, attr))
if creds_dict is None:
for ctype in auth.Credentials.TYPES:
creds = auth.get_default_credentials(credential_type=ctype,
fill_in=filled)
_check(creds)
else:
creds = auth.get_credentials(fill_in=filled, **creds_dict)
_check(creds)
def __init__(self, interface='json', service=None):
self.credentials = auth.get_credentials('alt_user')
super(AltManager, self).__init__(self.credentials, interface, service)
def __init__(self, interface='json', service=None):
self.credentials = auth.get_credentials('alt_user')
super(AltManager, self).__init__(self.credentials, interface, service)
def _verify_credentials(self, credentials_class, creds_dict, filled=True):
creds = auth.get_credentials(fake_identity.FAKE_AUTH_URL,
fill_in=filled,
identity_version=self.identity_version,
**creds_dict)
self._check(creds, credentials_class, filled)
def _verify_credentials(self, credentials_class, creds_dict, filled=True):
creds = auth.get_credentials(fake_identity.FAKE_AUTH_URL,
fill_in=filled,
identity_version=self.identity_version,
**creds_dict)
self._check(creds, credentials_class, filled)
def __init__(self, interface='json', service=None):
self.credentials = auth.get_credentials('identity_admin')
super(AdminManager, self).__init__(self.credentials, interface,
service)
def _get_credentials(self, user, tenant):
return auth.get_credentials(username=user['name'],
user_id=user['id'],
tenant_name=tenant['name'],
tenant_id=tenant['id'],
password=self.password)
def _get_credentials(self, user, tenant):
return auth.get_credentials(
username=user['name'], user_id=user['id'],
tenant_name=tenant['name'], tenant_id=tenant['id'],
password=self.password)
def stress_openstack(tests, duration, max_runs=None, stop_on_error=False):
"""
Workload driver. Executes an action function against a nova-cluster.
"""
admin_manager = clients.AdminManager()
ssh_user = CONF.stress.target_ssh_user
ssh_key = CONF.stress.target_private_key_path
logfiles = CONF.stress.target_logfiles
log_check_interval = int(CONF.stress.log_check_interval)
default_thread_num = int(CONF.stress.default_thread_number_per_action)
if logfiles:
controller = CONF.stress.target_controller
computes = _get_compute_nodes(controller, ssh_user, ssh_key)
for node in computes:
do_ssh("rm -f %s" % logfiles, node, ssh_user, ssh_key)
for test in tests:
if test.get("use_admin", False):
manager = admin_manager
else:
manager = clients.Manager()
for p_number in moves.xrange(test.get("threads", default_thread_num)):
if test.get("use_isolated_tenants", False):
username = data_utils.rand_name("stress_user")
tenant_name = data_utils.rand_name("stress_tenant")
password = "******"
identity_client = admin_manager.identity_client
tenant = identity_client.create_tenant(name=tenant_name)
identity_client.create_user(username, password, tenant["id"], "email")
creds = auth.get_credentials(username=username, password=password, tenant_name=tenant_name)
manager = clients.Manager(credentials=creds)
test_obj = importutils.import_class(test["action"])
test_run = test_obj(manager, max_runs, stop_on_error)
kwargs = test.get("kwargs", {})
test_run.setUp(**dict(kwargs.iteritems()))
LOG.debug("calling Target Object %s" % test_run.__class__.__name__)
mp_manager = multiprocessing.Manager()
shared_statistic = mp_manager.dict()
shared_statistic["runs"] = 0
shared_statistic["fails"] = 0
p = multiprocessing.Process(target=test_run.execute, args=(shared_statistic,))
process = {"process": p, "p_number": p_number, "action": test_run.action, "statistic": shared_statistic}
processes.append(process)
p.start()
if stop_on_error:
# NOTE(mkoderer): only the parent should register the handler
signal.signal(signal.SIGCHLD, sigchld_handler)
end_time = time.time() + duration
had_errors = False
try:
while True:
if max_runs is None:
remaining = end_time - time.time()
if remaining <= 0:
break
else:
remaining = log_check_interval
all_proc_term = True
for process in processes:
if process["process"].is_alive():
all_proc_term = False
break
if all_proc_term:
break
time.sleep(min(remaining, log_check_interval))
if stop_on_error:
if any([True for proc in processes if proc["statistic"]["fails"] > 0]):
break
if not logfiles:
continue
if _has_error_in_logs(logfiles, computes, ssh_user, ssh_key, stop_on_error):
had_errors = True
break
except KeyboardInterrupt:
LOG.warning("Interrupted, going to print statistics and exit ...")
if stop_on_error:
signal.signal(signal.SIGCHLD, signal.SIG_DFL)
terminate_all_processes()
sum_fails = 0
sum_runs = 0
LOG.info("Statistics (per process):")
for process in processes:
if process["statistic"]["fails"] > 0:
had_errors = True
sum_runs += process["statistic"]["runs"]
sum_fails += process["statistic"]["fails"]
LOG.info(
" Process %d (%s): Run %d actions (%d failed)"
% (process["p_number"], process["action"], process["statistic"]["runs"], process["statistic"]["fails"])
)
LOG.info("Summary:")
LOG.info("Run %d actions (%d failed)" % (sum_runs, sum_fails))
if not had_errors and CONF.stress.full_clean_stack:
LOG.info("cleaning up")
cleanup.cleanup()
if had_errors:
return 1
else:
return 0
def __init__(self, interface='json', service=None):
self.credentials = auth.get_credentials('identity_admin')
super(AdminManager, self).__init__(
self.credentials, interface, service)
def stress_openstack(tests, duration, max_runs=None, stop_on_error=False):
"""
Workload driver. Executes an action function against a nova-cluster.
"""
admin_manager = clients.AdminManager()
ssh_user = CONF.stress.target_ssh_user
ssh_key = CONF.stress.target_private_key_path
logfiles = CONF.stress.target_logfiles
log_check_interval = int(CONF.stress.log_check_interval)
default_thread_num = int(CONF.stress.default_thread_number_per_action)
if logfiles:
controller = CONF.stress.target_controller
computes = _get_compute_nodes(controller, ssh_user, ssh_key)
for node in computes:
do_ssh("rm -f %s" % logfiles, node, ssh_user, ssh_key)
for test in tests:
if test.get('use_admin', False):
manager = admin_manager
else:
manager = clients.Manager()
for p_number in moves.xrange(test.get('threads', default_thread_num)):
if test.get('use_isolated_tenants', False):
username = data_utils.rand_name("stress_user")
tenant_name = data_utils.rand_name("stress_tenant")
password = "******"
identity_client = admin_manager.identity_client
tenant = identity_client.create_tenant(name=tenant_name)
identity_client.create_user(username, password, tenant['id'],
"email")
creds = auth.get_credentials(username=username,
password=password,
tenant_name=tenant_name)
manager = clients.Manager(credentials=creds)
test_obj = importutils.import_class(test['action'])
test_run = test_obj(manager, max_runs, stop_on_error)
kwargs = test.get('kwargs', {})
test_run.setUp(**dict(kwargs.iteritems()))
LOG.debug("calling Target Object %s" % test_run.__class__.__name__)
mp_manager = multiprocessing.Manager()
shared_statistic = mp_manager.dict()
shared_statistic['runs'] = 0
shared_statistic['fails'] = 0
p = multiprocessing.Process(target=test_run.execute,
args=(shared_statistic, ))
process = {
'process': p,
'p_number': p_number,
'action': test_run.action,
'statistic': shared_statistic
}
processes.append(process)
p.start()
if stop_on_error:
# NOTE(mkoderer): only the parent should register the handler
signal.signal(signal.SIGCHLD, sigchld_handler)
end_time = time.time() + duration
had_errors = False
try:
while True:
if max_runs is None:
remaining = end_time - time.time()
if remaining <= 0:
break
else:
remaining = log_check_interval
all_proc_term = True
for process in processes:
if process['process'].is_alive():
all_proc_term = False
break
if all_proc_term:
break
time.sleep(min(remaining, log_check_interval))
if stop_on_error:
if any([
True for proc in processes
if proc['statistic']['fails'] > 0
]):
break
if not logfiles:
continue
if _has_error_in_logs(logfiles, computes, ssh_user, ssh_key,
stop_on_error):
had_errors = True
break
except KeyboardInterrupt:
LOG.warning("Interrupted, going to print statistics and exit ...")
if stop_on_error:
signal.signal(signal.SIGCHLD, signal.SIG_DFL)
terminate_all_processes()
sum_fails = 0
sum_runs = 0
LOG.info("Statistics (per process):")
for process in processes:
if process['statistic']['fails'] > 0:
had_errors = True
sum_runs += process['statistic']['runs']
sum_fails += process['statistic']['fails']
LOG.info(" Process %d (%s): Run %d actions (%d failed)" %
(process['p_number'], process['action'],
process['statistic']['runs'], process['statistic']['fails']))
LOG.info("Summary:")
LOG.info("Run %d actions (%d failed)" % (sum_runs, sum_fails))
if not had_errors and CONF.stress.full_clean_stack:
LOG.info("cleaning up")
cleanup.cleanup()
if had_errors:
return 1
else:
return 0
def test_credentials(self):
return auth.get_credentials(username=self.test_user,
user_id=self.user['id'],
password=self.test_password,
tenant_name=self.test_tenant,
tenant_id=self.tenant['id'])