Switch to ini_setting for managing tempest.conf.

* The previous way of customizing tempest.conf was problematic for a number of reasons: - default values were being defined in the manifest and those values differed from the defaults in tempest.conf.sample. Defaults should be the province of the tempest maintainers, not the puppet module. - the use of templating meant that extra work would have to be expended maintaining the templates, not only for releases but also for the upstream master. * This changeset switches to using ini_setting to ensure that: - individual configuration settings can be set ad hoc, and the upstream defaults will be left alone if no value is provided. - tempest.conf can be sourced from the tempest repo sample rather than having to be maintained in the module. * Other included fixes: - removing unused glance uri configuration - consolidating the identity uri parameters into a single parameter, since that is how it is represented in tempest.conf Change-Id: Idcdf7a1002a447b7d3ae909ca9043b8d7143c313
2013-06-28 17:22:47 +00:00 · 2013-06-28 17:22:47 +00:00 · a60f362515
commit a60f362515
parent 017c7578d7
6 changed files with 126 additions and 795 deletions
--- a/lib/puppet/provider/tempest_config/ini_setting.rb
+++ b/lib/puppet/provider/tempest_config/ini_setting.rb
@ -0,0 +1,18 @@
+Puppet::Type.type(:tempest_config).provide(
+  :ini_setting,
+  :parent => Puppet::Type.type(:ini_setting).provider(:ruby)
+) do
+
+  def section
+    resource[:name].split('/', 2).first
+  end
+
+  def setting
+    resource[:name].split('/', 2).last
+  end
+
+  def separator
+    '='
+  end
+
+end
--- a/lib/puppet/type/tempest_config.rb
+++ b/lib/puppet/type/tempest_config.rb
@ -0,0 +1,28 @@
+Puppet::Type.newtype(:tempest_config) do
+
+  ensurable
+
+  newparam(:name, :namevar => true) do
+    desc 'Section/setting name to manage from tempest.conf'
+    newvalues(/\S+\/\S+/)
+  end
+
+  newproperty(:value) do
+    desc 'The value of the setting to be defined.'
+    munge do |value|
+      value = value.to_s.strip
+      value.capitalize! if value =~ /^(true|false)$/i
+      value
+    end
+  end
+
+  newparam(:path) do
+    desc 'The ini file Puppet will ensure contains the specified setting.'
+    validate do |value|
+      unless (Puppet.features.posix? and value =~ /^\//) or (Puppet.features.microsoft_windows? and (value =~ /^.:\// or value =~ /^\/\/[^\/]+\/[^\/]+/))
+        raise(Puppet::Error, "File paths must be fully qualified, not '#{value}'")
+      end
+    end
+  end
+
+end
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -9,43 +9,49 @@
 #  - fill in the XXXX in /var/lib/tempest/etc/tempest.conf with the image ID
 #  - run `nosetests temptest`
 #
+# Note that only parameters for which values are provided will be
+# managed in tempest.conf.
+#
 class tempest(
-  $identity_host        = 'localhost',
-  $identity_port        = '35357',
-  $identity_api_version = 'v2.0',
+  # Clone config
+  #
+  $tempest_repo_uri          = "git://github.com/openstack/tempest.git",
+  $tempest_clone_path        = '/var/lib/tempest',
+  $tempest_clone_owner       = 'root',
+
+  $version_to_test           = 'master',
+
+  # Glance image config
+  #
+  $image_name                = 'cirros',
+  $image_source              = 'https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img',
+
+  # tempest.conf parameters
+  #
+  $identity_uri              = undef,
  # non admin user
-  $username             = 'user1',
-  $password             = 'user1_password',
-  $tenant_name          = 'tenant1',
+  $username                  = undef,
+  $password                  = undef,
+  $tenant_name               = undef,
  # another non-admin user
-  $alt_username         = 'user2',
-  $alt_password         = 'user2_password',
-  $alt_tenant_name      = 'tenant2',
+  $alt_username              = undef,
+  $alt_password              = undef,
+  $alt_tenant_name           = undef,
+  # admin user
+  $admin_username            = undef,
+  $admin_password            = undef,
+  $admin_tenant_name         = undef,
  # image information
-  $image_id             = 'XXXXXXX',#<%= image_id %>,
-  $image_id_alt         = 'XXXXXXX',#<%= image_id_alt %>,
-  $flavor_ref           = 1,
-  $flavor_ref_alt       = 1,
-  # the version of the openstack images api to use
-  $image_api_version    = '1',
-  $image_host           = 'localhost',
-  $image_port           = '9292',
-
-  # this should be the username of a user with administrative privileges
-  $admin_username       = 'admin',
-  $admin_password       = 'ChangeMe',
-  $admin_tenant_name    = 'openstack',
-
-  $nova_db_uri          = 'mysql://nova:nova_db_password@127.0.0.1/nova',
-
+  $image_ref                 = undef,
+  $image_ref_alt             = undef,
+  $flavor_ref                = undef,
+  $flavor_ref_alt            = undef,
+  # whitebox
+  $whitebox_db_uri           = undef,
  # testing features that are supported
-  $resize_available     = false,
-  $change_pw_available  = false,
+  $resize_available          = undef,
+  $change_password_available = undef,

-  $git_protocol         = 'git',
-  $image_name           = 'cirros',
-  $version_to_test      = 'master',
-  $image_source         = 'https://launchpad.net/cirros/trunk/0.3.0/+download/cirros-0.3.0-x86_64-disk.img'
 ) {

  include 'tempest::params'
@ -63,40 +69,62 @@ class tempest(
    require => Package['python-setuptools'],
  }

-  if $version_to_test == 'master' {
-    $template_path = "tempest/tempest.conf.erb"
-    $revision      = 'origin/master'
-  } else {
-    $template_path = "tempest/tempest.${version_to_test}.conf.erb"
-    $revision      = "origin/stable/${version_to_test}"
-  }
-
-  vcsrepo { '/var/lib/tempest':
+  vcsrepo { $tempest_clone_path:
    ensure   => 'present',
-    source   => "${git_protocol}://github.com/openstack/tempest.git",
+    source   => $tempest_repo_uri,
    revision => $revision,
    provider => 'git',
    require  => Package['git'],
+    user     => $tempest_clone_owner,
  }

-  file { '/var/lib/tempest/jenkins_launch_script.sh':
+  file { "${tempest_clone_path}/jenkins_launch_script.sh":
    source  => 'puppet:///modules/tempest/run_tests.sh',
    mode    => '777',
-    require => Vcsrepo['/var/lib/tempest'],
+    require => Vcsrepo[$tempest_clone_path],
  }


  if $version_to_test == 'folsom' {
-    file { "/var/lib/tempest/tempest/openstack":
+    file { "${tempest_clone_path}/tempest/openstack":
      purge   => true,
      recurse => true,
-      require => Vcsrepo['/var/lib/tempest'],
+      require => Vcsrepo[$tempest_clone_path],
    }
  }

-  file { '/var/lib/tempest/etc/tempest.conf':
-    content => template($template_path),
-    require => Vcsrepo['/var/lib/tempest'],
+  $tempest_conf = "${tempest_clone_path}/etc/tempest.conf"
+
+  file { $tempest_conf:
+    replace => false,
+    source  => "${tempest_conf}.sample",
+    require => Vcsrepo[$tempest_clone_path],
+    owner   => $tempest_clone_owner,
+  }
+
+  Tempest_config {
+    path    => $tempest_conf,
+    require => File[$tempest_conf],
+  }
+
+  tempest_config {
+    'compute/change_password_available': value => $change_password_available;
+    'compute/flavor_ref':                value => $flavor_ref;
+    'compute/flavor_ref_alt':            value => $flavor_ref_alt;
+    'compute/image_ref':                 value => $image_ref;
+    'compute/image_ref_alt':             value => $image_ref_alt;
+    'compute/resize_available':          value => $resize_available;
+    'identity/admin_password':           value => $admin_password;
+    'identity/admin_tenant_name':        value => $admin_tenant_name;
+    'identity/admin_username':           value => $admin_username;
+    'identity/alt_password':             value => $alt_password;
+    'identity/alt_tenant_name':          value => $alt_tenant_name;
+    'identity/alt_username':             value => $alt_username;
+    'identity/password':                 value => $password;
+    'identity/tenant_name':              value => $tenant_name;
+    'identity/uri':                      value => $identity_uri;
+    'identity/username':                 value => $username;
+    'whitebox/db_uri':                   value => $whitebox_db_uri;
  }

  keystone_tenant { $tenant_name:
@ -136,15 +164,15 @@ class tempest(
  # and use it to set tempest.conf
  tempest_glance_id_setter { 'image_ref':
    ensure            => present,
-    tempest_conf_path => '/var/lib/tempest/etc/tempest.conf',
+    tempest_conf_path => $tempest_conf,
    image_name        => $image_name,
-    require => [File['/var/lib/tempest/etc/tempest.conf'], Glance_image[$image_name]]
+    require => [File[$tempest_conf], Glance_image[$image_name]]
  }
  tempest_glance_id_setter { 'image_ref_alt':
    ensure            => present,
-    tempest_conf_path => '/var/lib/tempest/etc/tempest.conf',
+    tempest_conf_path => $tempest_conf,
    image_name        => $image_name,
-    require => [File['/var/lib/tempest/etc/tempest.conf'], Glance_image[$image_name]]
+    require => [File[$tempest_conf], Glance_image[$image_name]]
  }

 }
--- a/templates/tempest.conf.erb
+++ b/templates/tempest.conf.erb
@ -1,271 +0,0 @@
-[identity]
-# This section contains configuration options that a variety of Tempest
-# test clients use when authenticating with different user/tenant
-# combinations
-
-# The type of endpoint for a Identity service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "identity"
-catalog_type = identity
-# Ignore SSL certificate validation failures? Use when in testing
-# environments that have self-signed SSL certs.
-disable_ssl_certificate_validation = False
-# URL for where to find the OpenStack Identity API endpoint (Keystone)
-uri = http://<%= identity_host %>:<%= identity_port %>/<%= identity_api_version %>
-# Should typically be left as keystone unless you have a non-Keystone
-# authentication API service
-strategy = keystone
-# The identity region
-region = RegionOne
-
-# This should be the username of a user WITHOUT administrative privileges
-username = <%= username %>
-# The above non-administrative user's password
-password = <%= password %>
-# The above non-administrative user's tenant name
-tenant_name = <%= tenant_name %>
-
-# This should be the username of an alternate user WITHOUT
-# administrative privileges
-alt_username = <%= alt_username %>
-# The above non-administrative user's password
-alt_password = <%= alt_password %>
-# The above non-administrative user's tenant name
-alt_tenant_name = <%= alt_tenant_name %>
-
-# This should be the username of a user WITH administrative privileges
-admin_username = <%= admin_username %>
-# The above non-administrative user's password
-admin_password = <%= admin_password %>
-# The above non-administrative user's tenant name
-admin_tenant_name = <%= admin_tenant_name %>
-
-[compute]
-# This section contains configuration options used when executing tests
-# against the OpenStack Compute API.
-
-# Allows test cases to create/destroy tenants and users. This option
-# enables isolated test cases and better parallel execution,
-# but also requires that OpenStack Identity API admin credentials
-# are known.
-allow_tenant_isolation = true
-
-# Allows test cases to create/destroy tenants and users. This option
-# enables isolated test cases and better parallel execution,
-# but also requires that OpenStack Identity API admin credentials
-# are known.
-allow_tenant_reuse = true
-
-# Reference data for tests. The ref and ref_alt should be
-# distinct images/flavors.
-#image_ref = {$IMAGE_ID}
-#image_ref_alt = {$IMAGE_ID_ALT}
-image_ref = <%= image_id %>
-image_ref_alt = <%= image_id_alt %>
-flavor_ref = <%= flavor_ref %>
-flavor_ref_alt = <%= flavor_ref_alt %>
-
-# Number of seconds to wait while looping to check the status of an
-# instance that is building.
-build_interval = 10
-
-# Number of seconds to time out on waiting for an instance
-# to build or reach an expected status
-build_timeout = 600
-
-# Run additional tests that use SSH for instance validation?
-# This requires the instances be routable from the host
-#  executing the tests
-run_ssh = false
-
-# Name of a user used to authenticated to an instance
-ssh_user = cirros
-
-# Network id used for SSH (public, private, etc)
-network_for_ssh = private
-
-# IP version of the address used for SSH
-ip_version_for_ssh = 4
-
-# Number of seconds to wait to authenticate to an instance
-ssh_timeout = 300
-
-# The type of endpoint for a Compute API service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "compute"
-catalog_type = compute
-
-# Does the Compute API support creation of images?
-create_image_enabled = true
-
-# For resize to work with libvirt/kvm, one of the following must be true:
-# Single node: allow_resize_to_same_host=True must be set in nova.conf
-# Cluster: the 'nova' user must have scp access between cluster nodes
-resize_available = <%= resize_available %>
-
-# Does the compute API support changing the admin password?
-change_password_available= <%= change_pw_available %>
-
-# Run live migration tests (requires 2 hosts)
-live_migration_available = false
-
-# Use block live migration (Otherwise, non-block migration will be
-# performed, which requires XenServer pools in case of using XS)
-use_block_migration_for_live_migration = false
-
-# By default, rely on the status of the diskConfig extension to
-# decide if to execute disk config tests. When set to false, tests
-# are forced to skip, regardless of the extension status
-disk_config_enabled_override = true
-
-
-[whitebox]
-# Whitebox options for compute. Whitebox options enable the
-# whitebox test cases, which look at internal Nova database state,
-# SSH into VMs to check instance state, etc.
-
-# Should we run whitebox tests for Compute?
-whitebox_enabled = true
-
-# Path of nova source directory
-source_dir = /opt/stack/nova
-
-# Path of nova configuration file
-config_path = /etc/nova/nova.conf
-
-# Directory containing nova binaries such as nova-manage
-bin_dir = /usr/local/bin
-
-# Connection string to the database of Compute service
-db_uri = mysql://nova:secret@localhost/nova
-
-# Path to a private key file for SSH access to remote hosts
-path_to_private_key = /home/user/.ssh/id_rsa
-
-[compute-admin]
-# This should be the username of a user WITH administrative privileges
-# If not defined the admin user from the identity section will be used
-username = <%= admin_username %>
-# The above administrative user's password
-password = <%= admin_password %>
-# The above administrative user's tenant name
-tenant_name = <%= admin_tenant_name %>
-
-[image]
-# This section contains configuration options used when executing tests
-# against the OpenStack Images API
-
-# The type of endpoint for an Image API service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "image"
-catalog_type = image
-
-# The version of the OpenStack Images API to use
-api_version = 1
-
-[network]
-# This section contains configuration options used when executing tests
-# against the OpenStack Network API.
-
-# Version of the Quantum API
-api_version = v1.1
-# Catalog type of the Quantum Service
-catalog_type = network
-
-# A large private cidr block from which to allocate smaller blocks for
-# tenant networks.
-tenant_network_cidr = 10.100.0.0/16
-
-# The mask bits used to partition the tenant block.
-tenant_network_mask_bits = 29
-
-# If tenant networks are reachable, connectivity checks will be
-# performed directly against addresses on those networks.
-tenant_networks_reachable = false
-
-# Id of the public network that provides external connectivity.
-public_network_id = {$PUBLIC_NETWORK_ID}
-
-# Id of a shared public router that provides external connectivity.
-# A shared public router would commonly be used where IP namespaces
-# were disabled.  If namespaces are enabled, it would be preferable
-# for each tenant to have their own router.
-public_router_id = {$PUBLIC_ROUTER_ID}
-
-[volume]
-# This section contains the configuration options used when executing tests
-# against the OpenStack Block Storage API service
-
-# The type of endpoint for a Cinder or Block Storage API service.
-# Unless you have a custom Keystone service catalog implementation, you
-# probably want to leave this value as "volume"
-catalog_type = volume
-# Number of seconds to wait while looping to check the status of a
-# volume that is being made available
-build_interval = 10
-# Number of seconds to time out on waiting for a volume
-# to be available or reach an expected status
-build_timeout = 300
-
-[object-storage]
-# This section contains configuration options used when executing tests
-# against the OpenStack Object Storage API.
-
-# You can configure the credentials in the compute section
-
-# The type of endpoint for an Object Storage API service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "object-store"
-catalog_type = object-store
-
-# Number of seconds to time on waiting for a container to container
-# synchronization complete
-container_sync_timeout = 120
-# Number of seconds to wait while looping to check the status of a
-# container to container synchronization
-container_sync_interval = 5
-
-[boto]
-# This section contains configuration options used when executing tests
-# with boto.
-
-# EC2 URL
-ec2_url = http://localhost:8773/services/Cloud
-# S3 URL
-s3_url = http://localhost:3333
-
-# Use keystone ec2-* command to get those values for your test user and tenant
-aws_access =
-aws_secret =
-
-#Image materials for S3 upload
-# ALL content of the specified directory will be uploaded to S3
-s3_materials_path = /opt/stack/devstack/files/images/s3-materials/cirros-0.3.0
-
-# The manifest.xml files, must be in the s3_materials_path directory
-# Subdirectories not allowed!
-# The filenames will be used as a Keys in the S3 Buckets
-
-#ARI Ramdisk manifest. Must be in the above s3_materials_path
-ari_manifest = cirros-0.3.0-x86_64-initrd.manifest.xml
-
-#AMI Machine Image manifest. Must be in the above s3_materials_path
-ami_manifest = cirros-0.3.0-x86_64-blank.img.manifest.xml
-
-#AKI Kernel Image manifest, Must be in the above s3_materials_path
-aki_manifest = cirros-0.3.0-x86_64-vmlinuz.manifest.xml
-
-#Instance type
-instance_type = m1.tiny
-
-#TCP/IP connection timeout
-http_socket_timeout = 5
-
-#Number of retries actions on connection or 5xx error
-num_retries = 1
-
-# Status change wait timout
-build_timeout = 120
-
-# Status change wait interval
-
--- a/templates/tempest.folsom.conf.erb
+++ b/templates/tempest.folsom.conf.erb
@ -1,201 +0,0 @@
-[identity]
-# This section contains configuration options that a variety of Tempest
-# test clients use when authenticating with different user/tenant
-# combinations
-
-# The type of endpoint for a Identity service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "identity"
-catalog_type = identity
-# Set to True if your test environment's Keystone authentication service should
-# be accessed over HTTPS
-use_ssl = False
-# This is the main host address of the authentication service API
-host = <%= identity_host %>
-# Port that the authentication service API is running on
-port = <%= identity_port %>
-# Version of the authentication service API (a string)
-api_version = <%= identity_api_version %>
-# Path to the authentication service tokens resource (do not modify unless you
-# have a custom authentication API and are not using Keystone)
-path = tokens
-# Should typically be left as keystone unless you have a non-Keystone
-# authentication API service
-strategy = keystone
-
-[compute]
-# This section contains configuration options used when executing tests
-# against the OpenStack Compute API.
-
-# Allows test cases to create/destroy tenants and users. This option
-# enables isolated test cases and better parallel execution,
-# but also requires that OpenStack Identity API admin credentials
-# are known.
-allow_tenant_isolation = true
-
-# Allows test cases to create/destroy tenants and users. This option
-# enables isolated test cases and better parallel execution,
-# but also requires that OpenStack Identity API admin credentials
-# are known.
-allow_tenant_reuse = true
-
-# This should be the username of a user WITHOUT administrative privileges
-username = <%= username %>
-# The above non-administrative user's password
-password = <%= password %>
-# The above non-administrative user's tenant name
-tenant_name = <%= tenant_name %>
-
-# This should be the username of an alternate user WITHOUT
-# administrative privileges
-alt_username = <% alt_username %>
-# The above non-administrative user's password
-alt_password = <%= alt_password %>
-# The above non-administrative user's tenant name
-alt_tenant_name = <%= alt_tenant_name %>
-
-# Reference data for tests. The ref and ref_alt should be
-# distinct images/flavors.
-image_ref = <%= image_id %>
-image_ref_alt = <%= image_id_alt %>
-flavor_ref = <%= flavor_ref %>
-flavor_ref_alt = <%= flavor_ref_alt %>
-
-# Number of seconds to wait while looping to check the status of an
-# instance that is building.
-build_interval = 10
-
-# Number of seconds to time out on waiting for an instance
-# to build or reach an expected status
-build_timeout = 600
-
-# Run additional tests that use SSH for instance validation?
-# This requires the instances be routable from the host
-#  executing the tests
-run_ssh = false
-
-# Name of a user used to authenticated to an instance
-ssh_user = cirros
-
-# Network id used for SSH (public, private, etc)
-network_for_ssh = private
-
-# IP version of the address used for SSH
-ip_version_for_ssh = 4
-
-# Number of seconds to wait to authenticate to an instance
-ssh_timeout = 300
-
-# The type of endpoint for a Compute API service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "compute"
-catalog_type = compute
-
-# Does the Compute API support creation of images?
-create_image_enabled = true
-
-# For resize to work with libvirt/kvm, one of the following must be true:
-# Single node: allow_resize_to_same_host=True must be set in nova.conf
-# Cluster: the 'nova' user must have scp access between cluster nodes
-resize_available = <%= resize_available %>
-
-# Does the compute API support changing the admin password?
-change_password_available= <%= change_pw_available %>
-
-# Level to log Compute API request/response details.
-log_level = ERROR
-
-# Whitebox options for compute. Whitebox options enable the
-# whitebox test cases, which look at internal Nova database state,
-# SSH into VMs to check instance state, etc.
-
-# Should we run whitebox tests for Compute?
-whitebox_enabled = true
-
-# Path of nova source directory
-source_dir = /opt/stack/nova
-
-# Path of nova configuration file
-config_path = /etc/nova/nova.conf
-
-# Directory containing nova binaries such as nova-manage
-bin_dir = /usr/local/bin
-
-# Path to a private key file for SSH access to remote hosts
-path_to_private_key = /home/user/.ssh/id_rsa
-
-# Connection string to the database of Compute service
-db_uri = <%= nova_db_uri %>
-
-[image]
-# This section contains configuration options used when executing tests
-# against the OpenStack Images API
-
-# The type of endpoint for an Image API service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "image"
-catalog_type = image
-
-# The version of the OpenStack Images API to use
-api_version = 1
-
-# This is the main host address of the Image API
-host = 127.0.0.1
-
-# Port that the Image API is running on
-port = 9292
-
-# This should be the username of a user WITHOUT administrative privileges
-username = <%= username %>
-# The above non-administrative user's password
-password = <%= password %>
-# The above non-administrative user's tenant name
-tenant_name = <%= tenant_name %>
-
-[compute-admin]
-# This section contains configuration options for an administrative
-# user of the Compute API. These options are used in tests that stress
-# the admin-only parts of the Compute API
-
-# This should be the username of a user WITH administrative privileges
-username = <%= admin_username %>
-# The above administrative user's password
-password = <%= admin_password %>
-# The above administrative user's tenant name
-tenant_name = <%= admin_tenant_name %>
-
-[network]
-# This section contains configuration options used when executing tests
-# against the OpenStack Network API.
-
-# Version of the Quantum API
-api_version = v1.1
-# Catalog type of the Quantum Service
-catalog_type = network
-
-[identity-admin]
-# This section contains configuration options for an administrative
-# user of the Compute API. These options are used in tests that stress
-# the admin-only parts of the Compute API
-
-# This should be the username of a user WITH administrative privileges
-username = <%= admin_username %>
-# The above administrative user's password
-password = <%= admin_password %>
-# The above administrative user's tenant name
-tenant_name = <%= admin_tenant_name %>
-
-[volume]
-# This section contains the configuration options used when executng tests
-# against the OpenStack Block Storage API service
-
-# The type of endpoint for a Cinder or Block Storage API service.
-# Unless you have a custom Keystone service catalog implementation, you
-# probably want to leave this value as "volume"
-catalog_type = volume
-# Number of seconds to wait while looping to check the status of a
-# volume that is being made available
-build_interval = 10
-# Number of seconds to time out on waiting for a volume
-# to be available or reach an expected status
-build_timeout = 300
--- a/templates/tempest.grizzly.conf.erb
+++ b/templates/tempest.grizzly.conf.erb
@ -1,271 +0,0 @@
-[identity]
-# This section contains configuration options that a variety of Tempest
-# test clients use when authenticating with different user/tenant
-# combinations
-
-# The type of endpoint for a Identity service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "identity"
-catalog_type = identity
-# Ignore SSL certificate validation failures? Use when in testing
-# environments that have self-signed SSL certs.
-disable_ssl_certificate_validation = False
-# URL for where to find the OpenStack Identity API endpoint (Keystone)
-uri = http://<%= identity_host %>:<%= identity_port %>/<%= identity_api_version %>
-# Should typically be left as keystone unless you have a non-Keystone
-# authentication API service
-strategy = keystone
-# The identity region
-region = RegionOne
-
-# This should be the username of a user WITHOUT administrative privileges
-username = <%= username %>
-# The above non-administrative user's password
-password = <%= password %>
-# The above non-administrative user's tenant name
-tenant_name = <%= tenant_name %>
-
-# This should be the username of an alternate user WITHOUT
-# administrative privileges
-alt_username = <%= alt_username %>
-# The above non-administrative user's password
-alt_password = <%= alt_password %>
-# The above non-administrative user's tenant name
-alt_tenant_name = <%= alt_tenant_name %>
-
-# This should be the username of a user WITH administrative privileges
-admin_username = <%= admin_username %>
-# The above non-administrative user's password
-admin_password = <%= admin_password %>
-# The above non-administrative user's tenant name
-admin_tenant_name = <%= admin_tenant_name %>
-
-[compute]
-# This section contains configuration options used when executing tests
-# against the OpenStack Compute API.
-
-# Allows test cases to create/destroy tenants and users. This option
-# enables isolated test cases and better parallel execution,
-# but also requires that OpenStack Identity API admin credentials
-# are known.
-allow_tenant_isolation = true
-
-# Allows test cases to create/destroy tenants and users. This option
-# enables isolated test cases and better parallel execution,
-# but also requires that OpenStack Identity API admin credentials
-# are known.
-allow_tenant_reuse = true
-
-# Reference data for tests. The ref and ref_alt should be
-# distinct images/flavors.
-#image_ref = {$IMAGE_ID}
-#image_ref_alt = {$IMAGE_ID_ALT}
-image_ref = <%= image_id %>
-image_ref_alt = <%= image_id_alt %>
-flavor_ref = <%= flavor_ref %>
-flavor_ref_alt = <%= flavor_ref_alt %>
-
-# Number of seconds to wait while looping to check the status of an
-# instance that is building.
-build_interval = 10
-
-# Number of seconds to time out on waiting for an instance
-# to build or reach an expected status
-build_timeout = 600
-
-# Run additional tests that use SSH for instance validation?
-# This requires the instances be routable from the host
-#  executing the tests
-run_ssh = false
-
-# Name of a user used to authenticated to an instance
-ssh_user = cirros
-
-# Network id used for SSH (public, private, etc)
-network_for_ssh = private
-
-# IP version of the address used for SSH
-ip_version_for_ssh = 4
-
-# Number of seconds to wait to authenticate to an instance
-ssh_timeout = 300
-
-# The type of endpoint for a Compute API service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "compute"
-catalog_type = compute
-
-# Does the Compute API support creation of images?
-create_image_enabled = true
-
-# For resize to work with libvirt/kvm, one of the following must be true:
-# Single node: allow_resize_to_same_host=True must be set in nova.conf
-# Cluster: the 'nova' user must have scp access between cluster nodes
-resize_available = <%= resize_available %>
-
-# Does the compute API support changing the admin password?
-change_password_available= <%= change_pw_available %>
-
-# Run live migration tests (requires 2 hosts)
-live_migration_available = false
-
-# Use block live migration (Otherwise, non-block migration will be
-# performed, which requires XenServer pools in case of using XS)
-use_block_migration_for_live_migration = false
-
-# By default, rely on the status of the diskConfig extension to
-# decide if to execute disk config tests. When set to false, tests
-# are forced to skip, regardless of the extension status
-disk_config_enabled_override = true
-
-
-[whitebox]
-# Whitebox options for compute. Whitebox options enable the
-# whitebox test cases, which look at internal Nova database state,
-# SSH into VMs to check instance state, etc.
-
-# Should we run whitebox tests for Compute?
-whitebox_enabled = true
-
-# Path of nova source directory
-source_dir = /opt/stack/nova
-
-# Path of nova configuration file
-config_path = /etc/nova/nova.conf
-
-# Directory containing nova binaries such as nova-manage
-bin_dir = /usr/local/bin
-
-# Connection string to the database of Compute service
-db_uri = mysql://nova:secret@localhost/nova
-
-# Path to a private key file for SSH access to remote hosts
-path_to_private_key = /home/user/.ssh/id_rsa
-
-[compute-admin]
-# This should be the username of a user WITH administrative privileges
-# If not defined the admin user from the identity section will be used
-username = <%= admin_username %>
-# The above administrative user's password
-password = <%= admin_password %>
-# The above administrative user's tenant name
-tenant_name = <%= admin_tenant_name %>
-
-[image]
-# This section contains configuration options used when executing tests
-# against the OpenStack Images API
-
-# The type of endpoint for an Image API service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "image"
-catalog_type = image
-
-# The version of the OpenStack Images API to use
-api_version = 1
-
-[network]
-# This section contains configuration options used when executing tests
-# against the OpenStack Network API.
-
-# Version of the Quantum API
-api_version = v1.1
-# Catalog type of the Quantum Service
-catalog_type = network
-
-# A large private cidr block from which to allocate smaller blocks for
-# tenant networks.
-tenant_network_cidr = 10.100.0.0/16
-
-# The mask bits used to partition the tenant block.
-tenant_network_mask_bits = 29
-
-# If tenant networks are reachable, connectivity checks will be
-# performed directly against addresses on those networks.
-tenant_networks_reachable = false
-
-# Id of the public network that provides external connectivity.
-public_network_id = {$PUBLIC_NETWORK_ID}
-
-# Id of a shared public router that provides external connectivity.
-# A shared public router would commonly be used where IP namespaces
-# were disabled.  If namespaces are enabled, it would be preferable
-# for each tenant to have their own router.
-public_router_id = {$PUBLIC_ROUTER_ID}
-
-[volume]
-# This section contains the configuration options used when executing tests
-# against the OpenStack Block Storage API service
-
-# The type of endpoint for a Cinder or Block Storage API service.
-# Unless you have a custom Keystone service catalog implementation, you
-# probably want to leave this value as "volume"
-catalog_type = volume
-# Number of seconds to wait while looping to check the status of a
-# volume that is being made available
-build_interval = 10
-# Number of seconds to time out on waiting for a volume
-# to be available or reach an expected status
-build_timeout = 300
-
-[object-storage]
-# This section contains configuration options used when executing tests
-# against the OpenStack Object Storage API.
-
-# You can configure the credentials in the compute section
-
-# The type of endpoint for an Object Storage API service. Unless you have a
-# custom Keystone service catalog implementation, you probably want to leave
-# this value as "object-store"
-catalog_type = object-store
-
-# Number of seconds to time on waiting for a container to container
-# synchronization complete
-container_sync_timeout = 120
-# Number of seconds to wait while looping to check the status of a
-# container to container synchronization
-container_sync_interval = 5
-
-[boto]
-# This section contains configuration options used when executing tests
-# with boto.
-
-# EC2 URL
-ec2_url = http://localhost:8773/services/Cloud
-# S3 URL
-s3_url = http://localhost:3333
-
-# Use keystone ec2-* command to get those values for your test user and tenant
-aws_access =
-aws_secret =
-
-#Image materials for S3 upload
-# ALL content of the specified directory will be uploaded to S3
-s3_materials_path = /opt/stack/devstack/files/images/s3-materials/cirros-0.3.0
-
-# The manifest.xml files, must be in the s3_materials_path directory
-# Subdirectories not allowed!
-# The filenames will be used as a Keys in the S3 Buckets
-
-#ARI Ramdisk manifest. Must be in the above s3_materials_path
-ari_manifest = cirros-0.3.0-x86_64-initrd.manifest.xml
-
-#AMI Machine Image manifest. Must be in the above s3_materials_path
-ami_manifest = cirros-0.3.0-x86_64-blank.img.manifest.xml
-
-#AKI Kernel Image manifest, Must be in the above s3_materials_path
-aki_manifest = cirros-0.3.0-x86_64-vmlinuz.manifest.xml
-
-#Instance type
-instance_type = m1.tiny
-
-#TCP/IP connection timeout
-http_socket_timeout = 5
-
-#Number of retries actions on connection or 5xx error
-num_retries = 1
-
-# Status change wait timout
-build_timeout = 120
-
-# Status change wait interval
-