Fix changes domain name in MOS services endpoints
We couldn't use public vip ip before start deploying cluster. So, we need to add option to skip SSL cert verification when connecting to the MOS services, and replace unresolvable domain name with public vip ip after deployment Closes-Bug:1537833 Change-Id: I53621022a3ae55cb30ab224800fc812ce2b0a79b
This commit is contained in:
parent
95c1b94bf0
commit
5e89825fd3
@ -13,21 +13,22 @@
|
||||
# under the License.
|
||||
|
||||
import time
|
||||
|
||||
from fuelweb_test import logger as LOGGER
|
||||
from fuelweb_test import logwrap as LOGWRAP
|
||||
from fuelweb_test.settings import DISABLE_SSL
|
||||
from fuelweb_test.settings import PATH_TO_CERT
|
||||
|
||||
from urlparse import urlparse
|
||||
|
||||
from cinderclient import client as cinderclient
|
||||
from glanceclient.v1 import Client as GlanceClient
|
||||
import ironicclient.client as ironicclient
|
||||
from keystoneclient.v2_0 import Client as KeystoneClient
|
||||
from keystoneclient.exceptions import ClientException
|
||||
from novaclient.v2 import Client as NovaClient
|
||||
import neutronclient.v2_0.client as neutronclient
|
||||
from proboscis.asserts import assert_equal
|
||||
import ironicclient.client as ironicclient
|
||||
|
||||
from fuelweb_test import logger as LOGGER
|
||||
from fuelweb_test import logwrap as LOGWRAP
|
||||
from fuelweb_test.settings import DISABLE_SSL
|
||||
from fuelweb_test.settings import PATH_TO_CERT
|
||||
from fuelweb_test.settings import VERIFY_SSL
|
||||
|
||||
|
||||
class Common(object):
|
||||
@ -36,6 +37,12 @@ class Common(object):
|
||||
def __init__(self, controller_ip, user, password, tenant):
|
||||
self.controller_ip = controller_ip
|
||||
|
||||
def make_endpoint(endpoint):
|
||||
parse = urlparse(endpoint)
|
||||
return parse._replace(
|
||||
netloc='{}:{}'.format(
|
||||
self.controller_ip, parse.port)).geturl()
|
||||
|
||||
if DISABLE_SSL:
|
||||
auth_url = 'http://{0}:5000/v2.0/'.format(self.controller_ip)
|
||||
path_to_cert = None
|
||||
@ -43,38 +50,54 @@ class Common(object):
|
||||
auth_url = 'https://{0}:5000/v2.0/'.format(self.controller_ip)
|
||||
path_to_cert = PATH_TO_CERT
|
||||
|
||||
insecure = not VERIFY_SSL
|
||||
|
||||
LOGGER.debug('Auth URL is {0}'.format(auth_url))
|
||||
self.nova = NovaClient(username=user,
|
||||
api_key=password,
|
||||
project_id=tenant,
|
||||
auth_url=auth_url,
|
||||
cacert=path_to_cert)
|
||||
|
||||
self.cinder = cinderclient.Client(1, user, password,
|
||||
tenant, auth_url,
|
||||
cacert=path_to_cert)
|
||||
|
||||
self.neutron = neutronclient.Client(username=user,
|
||||
password=password,
|
||||
tenant_name=tenant,
|
||||
auth_url=auth_url,
|
||||
ca_cert=path_to_cert)
|
||||
|
||||
self.keystone = self._get_keystoneclient(username=user,
|
||||
password=password,
|
||||
tenant_name=tenant,
|
||||
auth_url=auth_url,
|
||||
ca_cert=path_to_cert)
|
||||
keystone_args = {'username': user, 'password': password,
|
||||
'tenant_name': tenant, 'auth_url': auth_url,
|
||||
'ca_cert': path_to_cert, 'insecure': insecure}
|
||||
self.keystone = self._get_keystoneclient(**keystone_args)
|
||||
|
||||
token = self.keystone.auth_token
|
||||
LOGGER.debug('Token is {0}'.format(token))
|
||||
|
||||
neutron_endpoint = self.keystone.service_catalog.url_for(
|
||||
service_type='network', endpoint_type='publicURL')
|
||||
neutron_args = {'username': user, 'password': password,
|
||||
'tenant_name': tenant, 'auth_url': auth_url,
|
||||
'ca_cert': path_to_cert, 'insecure': insecure,
|
||||
'endpoint_url': make_endpoint(neutron_endpoint)}
|
||||
self.neutron = neutronclient.Client(**neutron_args)
|
||||
|
||||
nova_endpoint = self.keystone.service_catalog.url_for(
|
||||
service_type='compute', endpoint_type='publicURL')
|
||||
nova_args = {'username': user, 'api_key': password,
|
||||
'project_id': tenant, 'auth_url': auth_url,
|
||||
'cacert': path_to_cert, 'insecure': insecure,
|
||||
'bypass_url': make_endpoint(nova_endpoint),
|
||||
'auth_token': token}
|
||||
self.nova = NovaClient(**nova_args)
|
||||
|
||||
cinder_endpoint = self.keystone.service_catalog.url_for(
|
||||
service_type='volume', endpoint_type='publicURL')
|
||||
cinder_args = {'version': 1, 'username': user,
|
||||
'api_key': password, 'project_id': tenant,
|
||||
'auth_url': auth_url, 'cacert': path_to_cert,
|
||||
'insecure': insecure,
|
||||
'bypass_url': make_endpoint(cinder_endpoint)}
|
||||
self.cinder = cinderclient.Client(**cinder_args)
|
||||
|
||||
glance_endpoint = self.keystone.service_catalog.url_for(
|
||||
service_type='image', endpoint_type='publicURL')
|
||||
LOGGER.debug('Glance endpoint is {0}'.format(glance_endpoint))
|
||||
LOGGER.debug('Glance endpoint is {0}'.format(
|
||||
make_endpoint(glance_endpoint)))
|
||||
glance_args = {'endpoint': make_endpoint(glance_endpoint),
|
||||
'token': token,
|
||||
'cacert': path_to_cert,
|
||||
'insecure': insecure}
|
||||
self.glance = GlanceClient(**glance_args)
|
||||
|
||||
self.glance = GlanceClient(endpoint=glance_endpoint,
|
||||
token=token,
|
||||
cacert=path_to_cert)
|
||||
try:
|
||||
ironic_endpoint = self.keystone.service_catalog.url_for(
|
||||
service_type='baremetal',
|
||||
@ -82,7 +105,7 @@ class Common(object):
|
||||
self.ironic = ironicclient.get_client(
|
||||
api_version=1,
|
||||
os_auth_token=token,
|
||||
ironic_url=ironic_endpoint, insecure=True)
|
||||
ironic_url=make_endpoint(ironic_endpoint), insecure=True)
|
||||
except ClientException as e:
|
||||
LOGGER.warning('Could not initialize ironic client {0}'.format(e))
|
||||
|
||||
@ -179,7 +202,7 @@ class Common(object):
|
||||
return self.nova.flavors.delete(flavor)
|
||||
|
||||
def _get_keystoneclient(self, username, password, tenant_name, auth_url,
|
||||
retries=3, ca_cert=None):
|
||||
retries=3, ca_cert=None, insecure=False):
|
||||
keystone = None
|
||||
for i in range(retries):
|
||||
try:
|
||||
@ -188,7 +211,8 @@ class Common(object):
|
||||
password=password,
|
||||
tenant_name=tenant_name,
|
||||
auth_url=auth_url,
|
||||
cacert=ca_cert)
|
||||
cacert=ca_cert,
|
||||
insecure=insecure)
|
||||
|
||||
else:
|
||||
keystone = KeystoneClient(username=username,
|
||||
|
@ -75,6 +75,7 @@ from fuelweb_test.settings import OSTF_TEST_NAME
|
||||
from fuelweb_test.settings import OSTF_TEST_RETRIES_COUNT
|
||||
from fuelweb_test.settings import REPLACE_DEFAULT_REPOS
|
||||
from fuelweb_test.settings import REPLACE_DEFAULT_REPOS_ONLY_ONCE
|
||||
from fuelweb_test.settings import SSL_CN
|
||||
from fuelweb_test.settings import TIMEOUT
|
||||
from fuelweb_test.settings import VCENTER_DATACENTER
|
||||
from fuelweb_test.settings import VCENTER_DATASTORE
|
||||
@ -575,8 +576,7 @@ class FuelWebClient(object):
|
||||
@logwrap
|
||||
def ssl_configure(self, cluster_id):
|
||||
attributes = self.client.get_cluster_attributes(cluster_id)
|
||||
cn = self.get_public_vip(cluster_id)
|
||||
change_cluster_ssl_config(attributes, cn)
|
||||
change_cluster_ssl_config(attributes, SSL_CN)
|
||||
logger.debug("Try to update cluster "
|
||||
"with next attributes {0}".format(attributes))
|
||||
self.client.update_cluster_attributes(cluster_id, attributes)
|
||||
|
@ -55,6 +55,8 @@ DNS = os.environ.get('DNS', '8.8.8.8')
|
||||
PUBLIC_TEST_IP = os.environ.get('PUBLIC_TEST_IP', '8.8.8.8')
|
||||
|
||||
DISABLE_SSL = get_var_as_bool('DISABLE_SSL', False)
|
||||
VERIFY_SSL = get_var_as_bool('VERIFY_SSL', False)
|
||||
SSL_CN = os.environ.get('SSL_CN', 'public.fuel.local')
|
||||
SSL_CERTS_DIR = os.environ.get('SSL_CERTS_DIR', os.getcwd())
|
||||
if not os.path.exists(SSL_CERTS_DIR):
|
||||
os.makedirs(SSL_CERTS_DIR)
|
||||
|
@ -24,6 +24,7 @@ from fuelweb_test.tests.base_test_case import TestBasic
|
||||
from fuelweb_test import logwrap
|
||||
from fuelweb_test import logger
|
||||
from fuelweb_test.helpers.utils import hiera_json_out
|
||||
from fuelweb_test.settings import SSL_CN
|
||||
|
||||
|
||||
class CommandLine(TestBasic):
|
||||
@ -168,8 +169,7 @@ class CommandLine(TestBasic):
|
||||
@logwrap
|
||||
def update_ssl_configuration(self, cluster_id, remote):
|
||||
settings = self.download_settings(cluster_id, remote)
|
||||
cn = self.get_public_vip(cluster_id, remote)
|
||||
change_cluster_ssl_config(settings, cn)
|
||||
change_cluster_ssl_config(settings, SSL_CN)
|
||||
self.upload_settings(cluster_id, remote, settings)
|
||||
|
||||
def add_nodes_to_cluster(
|
||||
|
Loading…
Reference in New Issue
Block a user