def __init__(self, server, username, password=None, pkey=None, key_filename=None): ssh_timeout = CONF.validation.ssh_timeout network = CONF.compute.network_for_ssh ip_version = CONF.validation.ip_version_for_ssh connect_timeout = CONF.validation.connect_timeout if isinstance(server, six.string_types): ip_address = server else: addresses = server['addresses'][network] for address in addresses: if address['version'] == ip_version: ip_address = address['addr'] break else: raise exceptions.ServerUnreachable() if CONF.compute.ssh_auth_method == 'keypair' and pkey == None: key_filename = CONF.compute.path_to_private_key if \ CONF.compute.path_to_private_key else None self.ssh_client = ssh.Client(ip_address, username, password=None, timeout=ssh_timeout, pkey=pkey, key_filename=key_filename, channel_timeout=connect_timeout)
def test_userdata(self): key_name = data_utils.rand_name('testkey') pkey = self.create_key_pair(key_name) sec_group_name = self.create_standard_security_group() user_data = data_utils.rand_uuid() instance_id = self.run_instance(KeyName=key_name, UserData=user_data, SecurityGroups=[sec_group_name]) data = self.client.describe_instance_attribute(InstanceId=instance_id, Attribute='userData') self.assertEqual(data['UserData']['Value'], base64.b64encode(user_data)) ip_address = self.get_instance_ip(instance_id) ssh_client = ssh.Client(ip_address, CONF.aws.image_user, pkey=pkey) url = 'http://169.254.169.254' data = ssh_client.exec_command('curl %s/latest/user-data' % url) self.assertEqual(user_data, data) data = ssh_client.exec_command('curl %s/latest/meta-data/ami-id' % url) self.assertEqual(CONF.aws.image_id, data)
def test_stop_start_instance(self): key_name = data_utils.rand_name('testkey') pkey = self.create_key_pair(key_name) sec_group_name = self.create_standard_security_group() instance_id = self.run_instance(KeyName=key_name, ImageId=CONF.aws.image_id_ubuntu, SecurityGroups=[sec_group_name]) ip_address = self.get_instance_ip(instance_id) ssh_client = ssh.Client(ip_address, CONF.aws.image_user_ubuntu, pkey=pkey) ssh_client.exec_command('last -x') self.client.stop_instances(InstanceIds=[instance_id]) self.get_instance_waiter().wait_available(instance_id, final_set=('stopped')) self.client.start_instances(InstanceIds=[instance_id]) self.get_instance_waiter().wait_available(instance_id, final_set=('running')) data = ssh_client.exec_command('last -x') self.assertIn("shutdown", data)
def test_metadata(self): key_name = data_utils.rand_name('testkey') self.client.import_key_pair(KeyName=key_name, PublicKeyMaterial=PUBLIC_KEY_MATERIAL) self.addResourceCleanUp(self.client.delete_key_pair, KeyName=key_name) sec_group_name = self.create_standard_security_group() user_data = six.text_type(data_utils.rand_uuid()) + six.unichr(1071) instance_id = self.run_instance(KeyName=key_name, UserData=user_data, SecurityGroups=[sec_group_name]) data = self.client.describe_instance_attribute(InstanceId=instance_id, Attribute='userData') self.assertEqual( data['UserData']['Value'], base64.b64encode(user_data.encode("utf-8")).decode("utf-8")) ip_address = self.get_instance_ip(instance_id) ssh_client = ssh.Client(ip_address, CONF.aws.image_user, pkey=PRIVATE_KEY_MATERIAL) url = 'http://169.254.169.254' data = ssh_client.exec_command('curl %s/latest/user-data' % url) if isinstance(data, six.binary_type): data = data.decode("utf-8") self.assertEqual(user_data, data) data = ssh_client.exec_command('curl %s/latest/meta-data/ami-id' % url) self.assertEqual(CONF.aws.image_id, data) data = ssh_client.exec_command( 'curl %s/latest/meta-data/public-keys/0/openssh-key' % url) self.assertEqual(PUBLIC_KEY_MATERIAL, data)
def test_default_gateway(self): novpc_group = self.create_standard_security_group() novpc_instance_id = self.run_instance(SecurityGroups=[novpc_group]) ping_destination = self.get_instance_ip(novpc_instance_id) data = self.client.create_vpc(CidrBlock='10.10.0.0/16') vpc_id = data['Vpc']['VpcId'] self.addResourceCleanUp(self.client.delete_vpc, VpcId=vpc_id) self.get_vpc_waiter().wait_available(vpc_id) data = self.client.create_subnet( VpcId=vpc_id, CidrBlock='10.10.1.0/24', AvailabilityZone=CONF.aws.aws_zone) subnet_1_id = data['Subnet']['SubnetId'] self.addResourceCleanUp(self.client.delete_subnet, SubnetId=subnet_1_id) data = self.client.create_subnet( VpcId=vpc_id, CidrBlock='10.10.2.0/24', AvailabilityZone=CONF.aws.aws_zone) subnet_2_id = data['Subnet']['SubnetId'] self.addResourceCleanUp(self.client.delete_subnet, SubnetId=subnet_2_id) data = self.client.create_internet_gateway() gw_id = data['InternetGateway']['InternetGatewayId'] self.addResourceCleanUp(self.client.delete_internet_gateway, InternetGatewayId=gw_id) data = self.client.attach_internet_gateway(VpcId=vpc_id, InternetGatewayId=gw_id) self.addResourceCleanUp(self.client.detach_internet_gateway, VpcId=vpc_id, InternetGatewayId=gw_id) self.prepare_route(vpc_id, gw_id) data = self.client.create_route_table(VpcId=vpc_id) rt_id = data['RouteTable']['RouteTableId'] self.addResourceCleanUp(self.client.delete_route_table, RouteTableId=rt_id) data = self.client.associate_route_table(RouteTableId=rt_id, SubnetId=subnet_2_id) assoc_id = data['AssociationId'] self.addResourceCleanUp(self.client.disassociate_route_table, AssociationId=assoc_id) self.prepare_vpc_default_security_group(vpc_id) key_name = data_utils.rand_name('testkey') pkey = self.create_key_pair(key_name) instance_2_id = self.run_instance(KeyName=key_name, SubnetId=subnet_2_id) instance_1_id = self.run_instance(KeyName=key_name, SubnetId=subnet_1_id, UserData=pkey) ip_address = self.get_instance_ip(instance_1_id) ip_private_address_1 = self.get_instance( instance_1_id)['PrivateIpAddress'] ip_private_address_2 = self.get_instance( instance_2_id)['PrivateIpAddress'] ssh_client = ssh.Client(ip_address, CONF.aws.image_user, pkey=pkey, channel_timeout=30) ssh_client.exec_command( 'curl http://169.254.169.254/latest/user-data > key.pem && ' 'chmod 400 key.pem') if 'cirros' in ssh_client.exec_command('cat /etc/issue'): ssh_client.exec_command( 'dropbearconvert openssh dropbear key.pem key.db && ' 'mv key.db key.pem') extra_ssh_opts = '-y' else: extra_ssh_opts = ('-o UserKnownHostsFile=/dev/null ' '-o StrictHostKeyChecking=no') ssh_client.exec_command('ping -c 1 %s' % ip_private_address_2) ssh_client.exec_command('ping -c 1 %s' % ping_destination) remote_ping_template = ( 'ssh -i key.pem %(extra_opts)s %(user)s@%(ip)s ' 'ping -c 1 %%s' % {'extra_opts': extra_ssh_opts, 'user': CONF.aws.image_user, 'ip': ip_private_address_2}) ssh_client.exec_command(remote_ping_template % ip_private_address_1) try: resp = ssh_client.exec_command(remote_ping_template % ping_destination) except exceptions.SSHExecCommandFailed: pass else: self.assertEqual('', resp)
def test_vpn_connectivity(self): response = urllib2.urlopen(self.OPENSWAN_LINK, timeout=30) content = response.read() filename = os.path.basename(self.OPENSWAN_LINK) f = open(filename, 'w') f.write(content) f.close() key_name = data_utils.rand_name('testkey') pkey = self.create_key_pair(key_name) # run ubuntu instance to create one of VPN endpoint inside sec_group_name = self.create_standard_security_group() instance_id_ubuntu = self.run_instance( KeyName=key_name, ImageId=CONF.aws.image_id_ubuntu, SecurityGroups=[sec_group_name]) public_ip_ubuntu = self.get_instance_ip(instance_id_ubuntu) instance = self.get_instance(instance_id_ubuntu) private_ip_ubuntu = instance['PrivateIpAddress'] # create VPC, ..., VPN vpc_id, subnet_id = self.create_vpc_and_subnet(self.VPC_CIDR) self.prepare_vpc_default_security_group(vpc_id) vpn_data = self._create_and_configure_vpn( vpc_id, public_ip_ubuntu, private_ip_ubuntu + '/32') # run general instance inside VPC instance_id = self.run_instance(KeyName=key_name, ImageId=CONF.aws.image_id, SubnetId=subnet_id) instance = self.get_instance(instance_id) private_ip_in_vpc = instance['PrivateIpAddress'] # configure ubuntu, install openswan and run it ssh_client = ssh.Client(public_ip_ubuntu, CONF.aws.image_user_ubuntu, pkey=pkey) self._upload_file(ssh_client, filename, filename) ssh_client.exec_command('sudo DEBIAN_FRONTEND=noninteractive dpkg -i ' + filename) ssh_client.exec_command('sudo -s su -c "' 'echo 1 > /proc/sys/net/ipv4/ip_forward"') ssh_client.exec_command( 'for vpn in /proc/sys/net/ipv4/conf/*; do sudo -s su -c' ' "echo 0 > $vpn/accept_redirects; echo 0 > $vpn/send_redirects";' ' done') sysctl_additions = [ 'net.ipv4.ip_forward = 1', 'net.ipv4.conf.all.accept_redirects = 0', 'net.ipv4.conf.all.send_redirects = 0'] for item in sysctl_additions: ssh_client.exec_command( 'sudo -s su -c "echo \'' + item + '\' >> /etc/sysctl.conf"') ssh_client.exec_command('sudo sysctl -p') ipsec_conf, ipsec_secrets = self._get_ipsec_conf( vpn_data['VpnConnectionId'], private_ip_ubuntu) ssh_client.exec_command('sudo -s su -c "echo \'\' > /etc/ipsec.conf"') for fstr in ipsec_conf: ssh_client.exec_command( 'sudo -s su -c "echo \'%s\' >> /etc/ipsec.conf"' % fstr) ssh_client.exec_command( 'sudo -s su -c "echo \'%s\' > /etc/ipsec.secrets"' % ipsec_secrets) ssh_client.exec_command('sudo service ipsec restart') try: self.get_vpn_connection_tunnel_waiter().wait_available( vpn_data['VpnConnectionId'], ('UP')) except Exception: exc_info = sys.exc_info() try: output = ssh_client.exec_command('sudo ipsec auto --status') LOG.warning(output) except Exception: pass raise exc_info[1], None, exc_info[2] time.sleep(10) ssh_client.exec_command('ping -c 4 %s' % private_ip_in_vpc)
def test_exec_command(self): gsc_mock = self.patch('tempest_lib.common.ssh.Client.' '_get_ssh_connection') ito_mock = self.patch('tempest_lib.common.ssh.Client._is_timed_out') select_mock = self.patch('select.poll') client_mock = mock.MagicMock() tran_mock = mock.MagicMock() chan_mock = mock.MagicMock() poll_mock = mock.MagicMock() def reset_mocks(): gsc_mock.reset_mock() ito_mock.reset_mock() select_mock.reset_mock() poll_mock.reset_mock() client_mock.reset_mock() tran_mock.reset_mock() chan_mock.reset_mock() select_mock.return_value = poll_mock gsc_mock.return_value = client_mock ito_mock.return_value = True client_mock.get_transport.return_value = tran_mock tran_mock.open_session.return_value = chan_mock poll_mock.poll.side_effect = [[0, 0, 0]] # Test for a timeout condition immediately raised client = ssh.Client('localhost', 'root', timeout=2) with testtools.ExpectedException(exceptions.TimeoutException): client.exec_command("test") chan_mock.fileno.assert_called_once_with() chan_mock.exec_command.assert_called_once_with("test") chan_mock.shutdown_write.assert_called_once_with() SELECT_POLLIN = 1 poll_mock.register.assert_called_once_with(chan_mock, SELECT_POLLIN) poll_mock.poll.assert_called_once_with(10) # Test for proper reading of STDOUT and STDERROR and closing # of all file descriptors. reset_mocks() select_mock.return_value = poll_mock gsc_mock.return_value = client_mock ito_mock.return_value = False client_mock.get_transport.return_value = tran_mock tran_mock.open_session.return_value = chan_mock poll_mock.poll.side_effect = [[1, 0, 0]] closed_prop = mock.PropertyMock(return_value=True) type(chan_mock).closed = closed_prop chan_mock.recv_exit_status.return_value = 0 chan_mock.recv.return_value = '' chan_mock.recv_stderr.return_value = '' client = ssh.Client('localhost', 'root', timeout=2) client.exec_command("test") chan_mock.fileno.assert_called_once_with() chan_mock.exec_command.assert_called_once_with("test") chan_mock.shutdown_write.assert_called_once_with() SELECT_POLLIN = 1 poll_mock.register.assert_called_once_with(chan_mock, SELECT_POLLIN) poll_mock.poll.assert_called_once_with(10) chan_mock.recv_ready.assert_called_once_with() chan_mock.recv.assert_called_once_with(1024) chan_mock.recv_stderr_ready.assert_called_once_with() chan_mock.recv_stderr.assert_called_once_with(1024) chan_mock.recv_exit_status.assert_called_once_with() closed_prop.assert_called_once_with()
def _run_command_on_node(self, node_ip, command): ssh_session = connection.Client(node_ip, self.testcase['ssh_username'], pkey=self.private_key) return ssh_session.exec_command(command)