Fix changes domain name in MOS services endpoints

We couldn't use public vip ip before start deploying cluster.
So, we need to add option to skip SSL cert verification
when connecting to the MOS services, and replace unresolvable
domain name with public vip ip after deployment

Closes-Bug:1537833

Change-Id: I53621022a3ae55cb30ab224800fc812ce2b0a79b
This commit is contained in:
Alexander Kurenyshev 2016-01-29 13:52:01 +03:00
parent 95c1b94bf0
commit 5e89825fd3
4 changed files with 64 additions and 38 deletions

View File

@ -13,21 +13,22 @@
# under the License.
import time
from fuelweb_test import logger as LOGGER
from fuelweb_test import logwrap as LOGWRAP
from fuelweb_test.settings import DISABLE_SSL
from fuelweb_test.settings import PATH_TO_CERT
from urlparse import urlparse
from cinderclient import client as cinderclient
from glanceclient.v1 import Client as GlanceClient
import ironicclient.client as ironicclient
from keystoneclient.v2_0 import Client as KeystoneClient
from keystoneclient.exceptions import ClientException
from novaclient.v2 import Client as NovaClient
import neutronclient.v2_0.client as neutronclient
from proboscis.asserts import assert_equal
import ironicclient.client as ironicclient
from fuelweb_test import logger as LOGGER
from fuelweb_test import logwrap as LOGWRAP
from fuelweb_test.settings import DISABLE_SSL
from fuelweb_test.settings import PATH_TO_CERT
from fuelweb_test.settings import VERIFY_SSL
class Common(object):
@ -36,6 +37,12 @@ class Common(object):
def __init__(self, controller_ip, user, password, tenant):
self.controller_ip = controller_ip
def make_endpoint(endpoint):
parse = urlparse(endpoint)
return parse._replace(
netloc='{}:{}'.format(
self.controller_ip, parse.port)).geturl()
if DISABLE_SSL:
auth_url = 'http://{0}:5000/v2.0/'.format(self.controller_ip)
path_to_cert = None
@ -43,38 +50,54 @@ class Common(object):
auth_url = 'https://{0}:5000/v2.0/'.format(self.controller_ip)
path_to_cert = PATH_TO_CERT
insecure = not VERIFY_SSL
LOGGER.debug('Auth URL is {0}'.format(auth_url))
self.nova = NovaClient(username=user,
api_key=password,
project_id=tenant,
auth_url=auth_url,
cacert=path_to_cert)
self.cinder = cinderclient.Client(1, user, password,
tenant, auth_url,
cacert=path_to_cert)
self.neutron = neutronclient.Client(username=user,
password=password,
tenant_name=tenant,
auth_url=auth_url,
ca_cert=path_to_cert)
self.keystone = self._get_keystoneclient(username=user,
password=password,
tenant_name=tenant,
auth_url=auth_url,
ca_cert=path_to_cert)
keystone_args = {'username': user, 'password': password,
'tenant_name': tenant, 'auth_url': auth_url,
'ca_cert': path_to_cert, 'insecure': insecure}
self.keystone = self._get_keystoneclient(**keystone_args)
token = self.keystone.auth_token
LOGGER.debug('Token is {0}'.format(token))
neutron_endpoint = self.keystone.service_catalog.url_for(
service_type='network', endpoint_type='publicURL')
neutron_args = {'username': user, 'password': password,
'tenant_name': tenant, 'auth_url': auth_url,
'ca_cert': path_to_cert, 'insecure': insecure,
'endpoint_url': make_endpoint(neutron_endpoint)}
self.neutron = neutronclient.Client(**neutron_args)
nova_endpoint = self.keystone.service_catalog.url_for(
service_type='compute', endpoint_type='publicURL')
nova_args = {'username': user, 'api_key': password,
'project_id': tenant, 'auth_url': auth_url,
'cacert': path_to_cert, 'insecure': insecure,
'bypass_url': make_endpoint(nova_endpoint),
'auth_token': token}
self.nova = NovaClient(**nova_args)
cinder_endpoint = self.keystone.service_catalog.url_for(
service_type='volume', endpoint_type='publicURL')
cinder_args = {'version': 1, 'username': user,
'api_key': password, 'project_id': tenant,
'auth_url': auth_url, 'cacert': path_to_cert,
'insecure': insecure,
'bypass_url': make_endpoint(cinder_endpoint)}
self.cinder = cinderclient.Client(**cinder_args)
glance_endpoint = self.keystone.service_catalog.url_for(
service_type='image', endpoint_type='publicURL')
LOGGER.debug('Glance endpoint is {0}'.format(glance_endpoint))
LOGGER.debug('Glance endpoint is {0}'.format(
make_endpoint(glance_endpoint)))
glance_args = {'endpoint': make_endpoint(glance_endpoint),
'token': token,
'cacert': path_to_cert,
'insecure': insecure}
self.glance = GlanceClient(**glance_args)
self.glance = GlanceClient(endpoint=glance_endpoint,
token=token,
cacert=path_to_cert)
try:
ironic_endpoint = self.keystone.service_catalog.url_for(
service_type='baremetal',
@ -82,7 +105,7 @@ class Common(object):
self.ironic = ironicclient.get_client(
api_version=1,
os_auth_token=token,
ironic_url=ironic_endpoint, insecure=True)
ironic_url=make_endpoint(ironic_endpoint), insecure=True)
except ClientException as e:
LOGGER.warning('Could not initialize ironic client {0}'.format(e))
@ -179,7 +202,7 @@ class Common(object):
return self.nova.flavors.delete(flavor)
def _get_keystoneclient(self, username, password, tenant_name, auth_url,
retries=3, ca_cert=None):
retries=3, ca_cert=None, insecure=False):
keystone = None
for i in range(retries):
try:
@ -188,7 +211,8 @@ class Common(object):
password=password,
tenant_name=tenant_name,
auth_url=auth_url,
cacert=ca_cert)
cacert=ca_cert,
insecure=insecure)
else:
keystone = KeystoneClient(username=username,

View File

@ -75,6 +75,7 @@ from fuelweb_test.settings import OSTF_TEST_NAME
from fuelweb_test.settings import OSTF_TEST_RETRIES_COUNT
from fuelweb_test.settings import REPLACE_DEFAULT_REPOS
from fuelweb_test.settings import REPLACE_DEFAULT_REPOS_ONLY_ONCE
from fuelweb_test.settings import SSL_CN
from fuelweb_test.settings import TIMEOUT
from fuelweb_test.settings import VCENTER_DATACENTER
from fuelweb_test.settings import VCENTER_DATASTORE
@ -575,8 +576,7 @@ class FuelWebClient(object):
@logwrap
def ssl_configure(self, cluster_id):
attributes = self.client.get_cluster_attributes(cluster_id)
cn = self.get_public_vip(cluster_id)
change_cluster_ssl_config(attributes, cn)
change_cluster_ssl_config(attributes, SSL_CN)
logger.debug("Try to update cluster "
"with next attributes {0}".format(attributes))
self.client.update_cluster_attributes(cluster_id, attributes)

View File

@ -55,6 +55,8 @@ DNS = os.environ.get('DNS', '8.8.8.8')
PUBLIC_TEST_IP = os.environ.get('PUBLIC_TEST_IP', '8.8.8.8')
DISABLE_SSL = get_var_as_bool('DISABLE_SSL', False)
VERIFY_SSL = get_var_as_bool('VERIFY_SSL', False)
SSL_CN = os.environ.get('SSL_CN', 'public.fuel.local')
SSL_CERTS_DIR = os.environ.get('SSL_CERTS_DIR', os.getcwd())
if not os.path.exists(SSL_CERTS_DIR):
os.makedirs(SSL_CERTS_DIR)

View File

@ -24,6 +24,7 @@ from fuelweb_test.tests.base_test_case import TestBasic
from fuelweb_test import logwrap
from fuelweb_test import logger
from fuelweb_test.helpers.utils import hiera_json_out
from fuelweb_test.settings import SSL_CN
class CommandLine(TestBasic):
@ -168,8 +169,7 @@ class CommandLine(TestBasic):
@logwrap
def update_ssl_configuration(self, cluster_id, remote):
settings = self.download_settings(cluster_id, remote)
cn = self.get_public_vip(cluster_id, remote)
change_cluster_ssl_config(settings, cn)
change_cluster_ssl_config(settings, SSL_CN)
self.upload_settings(cluster_id, remote, settings)
def add_nodes_to_cluster(