openstack/fuel-qa
Code Issues Proposed changes

Fix changes domain name in MOS services endpoints

Browse Source 
We couldn't use public vip ip before start deploying cluster.
So, we need to add option to skip SSL cert verification
when connecting to the MOS services, and replace unresolvable
domain name with public vip ip after deployment

Closes-Bug:1537833

Change-Id: I53621022a3ae55cb30ab224800fc812ce2b0a79b
This commit is contained in:
Alexander Kurenyshev 2016-01-29 13:52:01 +03:00
parent 95c1b94bf0
commit 5e89825fd3
4 changed files with 64 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
fuelweb_test/helpers/common.py
View File

@ -13,21 +13,22 @@
# under the License. # under the License.
import time import time
from urlparse import urlparse
from fuelweb_test import logger as LOGGER
from fuelweb_test import logwrap as LOGWRAP
from fuelweb_test.settings import DISABLE_SSL
from fuelweb_test.settings import PATH_TO_CERT
from cinderclient import client as cinderclient from cinderclient import client as cinderclient
from glanceclient.v1 import Client as GlanceClient from glanceclient.v1 import Client as GlanceClient
import ironicclient.client as ironicclient
from keystoneclient.v2_0 import Client as KeystoneClient from keystoneclient.v2_0 import Client as KeystoneClient
from keystoneclient.exceptions import ClientException from keystoneclient.exceptions import ClientException
from novaclient.v2 import Client as NovaClient from novaclient.v2 import Client as NovaClient
import neutronclient.v2_0.client as neutronclient import neutronclient.v2_0.client as neutronclient
from proboscis.asserts import assert_equal from proboscis.asserts import assert_equal
import ironicclient.client as ironicclient
from fuelweb_test import logger as LOGGER
from fuelweb_test import logwrap as LOGWRAP
from fuelweb_test.settings import DISABLE_SSL
from fuelweb_test.settings import PATH_TO_CERT
from fuelweb_test.settings import VERIFY_SSL
class Common(object): class Common(object):
@ -36,6 +37,12 @@ class Common(object):
def __init__(self, controller_ip, user, password, tenant): def __init__(self, controller_ip, user, password, tenant):
self.controller_ip = controller_ip self.controller_ip = controller_ip
def make_endpoint(endpoint):
parse = urlparse(endpoint)
return parse._replace(
netloc='{}:{}'.format(
self.controller_ip, parse.port)).geturl()
if DISABLE_SSL: if DISABLE_SSL:
auth_url = 'http://{0}:5000/v2.0/'.format(self.controller_ip) auth_url = 'http://{0}:5000/v2.0/'.format(self.controller_ip)
path_to_cert = None path_to_cert = None
@ -43,38 +50,54 @@ class Common(object):
auth_url = 'https://{0}:5000/v2.0/'.format(self.controller_ip) auth_url = 'https://{0}:5000/v2.0/'.format(self.controller_ip)
path_to_cert = PATH_TO_CERT path_to_cert = PATH_TO_CERT
insecure = not VERIFY_SSL
LOGGER.debug('Auth URL is {0}'.format(auth_url)) LOGGER.debug('Auth URL is {0}'.format(auth_url))
self.nova = NovaClient(username=user,
api_key=password,
project_id=tenant,
auth_url=auth_url,
cacert=path_to_cert)
self.cinder = cinderclient.Client(1, user, password, keystone_args = {'username': user, 'password': password,
tenant, auth_url, 'tenant_name': tenant, 'auth_url': auth_url,
cacert=path_to_cert) 'ca_cert': path_to_cert, 'insecure': insecure}
self.keystone = self._get_keystoneclient(**keystone_args)
self.neutron = neutronclient.Client(username=user,
password=password,
tenant_name=tenant,
auth_url=auth_url,
ca_cert=path_to_cert)
self.keystone = self._get_keystoneclient(username=user,
password=password,
tenant_name=tenant,
auth_url=auth_url,
ca_cert=path_to_cert)
token = self.keystone.auth_token token = self.keystone.auth_token
LOGGER.debug('Token is {0}'.format(token)) LOGGER.debug('Token is {0}'.format(token))
neutron_endpoint = self.keystone.service_catalog.url_for(
service_type='network', endpoint_type='publicURL')
neutron_args = {'username': user, 'password': password,
'tenant_name': tenant, 'auth_url': auth_url,
'ca_cert': path_to_cert, 'insecure': insecure,
'endpoint_url': make_endpoint(neutron_endpoint)}
self.neutron = neutronclient.Client(**neutron_args)
nova_endpoint = self.keystone.service_catalog.url_for(
service_type='compute', endpoint_type='publicURL')
nova_args = {'username': user, 'api_key': password,
'project_id': tenant, 'auth_url': auth_url,
'cacert': path_to_cert, 'insecure': insecure,
'bypass_url': make_endpoint(nova_endpoint),
'auth_token': token}
self.nova = NovaClient(**nova_args)
cinder_endpoint = self.keystone.service_catalog.url_for(
service_type='volume', endpoint_type='publicURL')
cinder_args = {'version': 1, 'username': user,
'api_key': password, 'project_id': tenant,
'auth_url': auth_url, 'cacert': path_to_cert,
'insecure': insecure,
'bypass_url': make_endpoint(cinder_endpoint)}
self.cinder = cinderclient.Client(**cinder_args)
glance_endpoint = self.keystone.service_catalog.url_for( glance_endpoint = self.keystone.service_catalog.url_for(
service_type='image', endpoint_type='publicURL') service_type='image', endpoint_type='publicURL')
LOGGER.debug('Glance endpoint is {0}'.format(glance_endpoint)) LOGGER.debug('Glance endpoint is {0}'.format(
make_endpoint(glance_endpoint)))
glance_args = {'endpoint': make_endpoint(glance_endpoint),
'token': token,
'cacert': path_to_cert,
'insecure': insecure}
self.glance = GlanceClient(**glance_args)
self.glance = GlanceClient(endpoint=glance_endpoint,
token=token,
cacert=path_to_cert)
try: try:
ironic_endpoint = self.keystone.service_catalog.url_for( ironic_endpoint = self.keystone.service_catalog.url_for(
service_type='baremetal', service_type='baremetal',
@ -82,7 +105,7 @@ class Common(object):
self.ironic = ironicclient.get_client( self.ironic = ironicclient.get_client(
api_version=1, api_version=1,
os_auth_token=token, os_auth_token=token,
ironic_url=ironic_endpoint, insecure=True) ironic_url=make_endpoint(ironic_endpoint), insecure=True)
except ClientException as e: except ClientException as e:
LOGGER.warning('Could not initialize ironic client {0}'.format(e)) LOGGER.warning('Could not initialize ironic client {0}'.format(e))
@ -179,7 +202,7 @@ class Common(object):
return self.nova.flavors.delete(flavor) return self.nova.flavors.delete(flavor)
def _get_keystoneclient(self, username, password, tenant_name, auth_url, def _get_keystoneclient(self, username, password, tenant_name, auth_url,
retries=3, ca_cert=None): retries=3, ca_cert=None, insecure=False):
keystone = None keystone = None
for i in range(retries): for i in range(retries):
try: try:
@ -188,7 +211,8 @@ class Common(object):
password=password, password=password,
tenant_name=tenant_name, tenant_name=tenant_name,
auth_url=auth_url, auth_url=auth_url,
cacert=ca_cert) cacert=ca_cert,
insecure=insecure)
else: else:
keystone = KeystoneClient(username=username, keystone = KeystoneClient(username=username,

4
fuelweb_test/models/fuel_web_client.py
View File

@ -75,6 +75,7 @@ from fuelweb_test.settings import OSTF_TEST_NAME
from fuelweb_test.settings import OSTF_TEST_RETRIES_COUNT from fuelweb_test.settings import OSTF_TEST_RETRIES_COUNT
from fuelweb_test.settings import REPLACE_DEFAULT_REPOS from fuelweb_test.settings import REPLACE_DEFAULT_REPOS
from fuelweb_test.settings import REPLACE_DEFAULT_REPOS_ONLY_ONCE from fuelweb_test.settings import REPLACE_DEFAULT_REPOS_ONLY_ONCE
from fuelweb_test.settings import SSL_CN
from fuelweb_test.settings import TIMEOUT from fuelweb_test.settings import TIMEOUT
from fuelweb_test.settings import VCENTER_DATACENTER from fuelweb_test.settings import VCENTER_DATACENTER
from fuelweb_test.settings import VCENTER_DATASTORE from fuelweb_test.settings import VCENTER_DATASTORE
@ -575,8 +576,7 @@ class FuelWebClient(object):
@logwrap @logwrap
def ssl_configure(self, cluster_id): def ssl_configure(self, cluster_id):
attributes = self.client.get_cluster_attributes(cluster_id) attributes = self.client.get_cluster_attributes(cluster_id)
cn = self.get_public_vip(cluster_id) change_cluster_ssl_config(attributes, SSL_CN)
change_cluster_ssl_config(attributes, cn)
logger.debug("Try to update cluster " logger.debug("Try to update cluster "
"with next attributes {0}".format(attributes)) "with next attributes {0}".format(attributes))
self.client.update_cluster_attributes(cluster_id, attributes) self.client.update_cluster_attributes(cluster_id, attributes)

2
fuelweb_test/settings.py
View File

@ -55,6 +55,8 @@ DNS = os.environ.get('DNS', '8.8.8.8')
PUBLIC_TEST_IP = os.environ.get('PUBLIC_TEST_IP', '8.8.8.8') PUBLIC_TEST_IP = os.environ.get('PUBLIC_TEST_IP', '8.8.8.8')
DISABLE_SSL = get_var_as_bool('DISABLE_SSL', False) DISABLE_SSL = get_var_as_bool('DISABLE_SSL', False)
VERIFY_SSL = get_var_as_bool('VERIFY_SSL', False)
SSL_CN = os.environ.get('SSL_CN', 'public.fuel.local')
SSL_CERTS_DIR = os.environ.get('SSL_CERTS_DIR', os.getcwd()) SSL_CERTS_DIR = os.environ.get('SSL_CERTS_DIR', os.getcwd())
if not os.path.exists(SSL_CERTS_DIR): if not os.path.exists(SSL_CERTS_DIR):
os.makedirs(SSL_CERTS_DIR) os.makedirs(SSL_CERTS_DIR)

4
fuelweb_test/tests/test_cli_base.py
View File

@ -24,6 +24,7 @@ from fuelweb_test.tests.base_test_case import TestBasic
from fuelweb_test import logwrap from fuelweb_test import logwrap
from fuelweb_test import logger from fuelweb_test import logger
from fuelweb_test.helpers.utils import hiera_json_out from fuelweb_test.helpers.utils import hiera_json_out
from fuelweb_test.settings import SSL_CN
class CommandLine(TestBasic): class CommandLine(TestBasic):
@ -168,8 +169,7 @@ class CommandLine(TestBasic):
@logwrap @logwrap
def update_ssl_configuration(self, cluster_id, remote): def update_ssl_configuration(self, cluster_id, remote):
settings = self.download_settings(cluster_id, remote) settings = self.download_settings(cluster_id, remote)
cn = self.get_public_vip(cluster_id, remote) change_cluster_ssl_config(settings, SSL_CN)
change_cluster_ssl_config(settings, cn)
self.upload_settings(cluster_id, remote, settings) self.upload_settings(cluster_id, remote, settings)
def add_nodes_to_cluster( def add_nodes_to_cluster(