From 13620fc4ff3b03d19a17663e26036e4a05c5e8d5 Mon Sep 17 00:00:00 2001 From: Mathieu Bultel Date: Thu, 22 Sep 2016 16:54:45 +0200 Subject: [PATCH] Keystone credentials needs to be set with the overcloud password While working on upgrade Mitaka to newton we hit this issue https://bugs.launchpad.net/tripleo/+bug/1626422 It appear that the keystone credentials needs to be generated and store with the overcloud password only once Change-Id: I15888f31c6b275ac785107bb95256296fd67487f Closes-Bug: #1626422 --- tripleoclient/tests/test_utils.py | 19 +++++++++++++++---- .../overcloud_deploy/test_overcloud_deploy.py | 12 ++++++------ tripleoclient/tests/v1/utils.py | 3 ++- tripleoclient/utils.py | 9 +++++++++ tripleoclient/v1/overcloud_deploy.py | 8 +++++--- 5 files changed, 37 insertions(+), 14 deletions(-) diff --git a/tripleoclient/tests/test_utils.py b/tripleoclient/tests/test_utils.py index 7d8618c63..c673adc95 100644 --- a/tripleoclient/tests/test_utils.py +++ b/tripleoclient/tests/test_utils.py @@ -33,8 +33,11 @@ class TestPasswordsUtil(TestCase): return_value="PASSWORD") @mock.patch("tripleoclient.utils.create_cephx_key", return_value="CEPHX_KEY") - def test_generate_passwords(self, create_cephx_key_mock, - generate_password_mock, isfile_mock): + @mock.patch("tripleoclient.utils.create_keystone_credential", + return_value="PASSWORD") + def test_generate_passwords(self, create_keystone_creds_mock, + create_cephx_key_mock, generate_password_mock, + isfile_mock): mock_open = mock.mock_open() @@ -61,6 +64,8 @@ class TestPasswordsUtil(TestCase): mock.call('OVERCLOUD_HEAT_PASSWORD=PASSWORD\n'), mock.call('OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD=PASSWORD\n'), mock.call('OVERCLOUD_IRONIC_PASSWORD=PASSWORD\n'), + mock.call('OVERCLOUD_KEYSTONE_CREDENTIALS_0=PASSWORD\n'), + mock.call('OVERCLOUD_KEYSTONE_CREDENTIALS_1=PASSWORD\n'), mock.call('OVERCLOUD_MANILA_PASSWORD=PASSWORD\n'), mock.call('OVERCLOUD_MISTRAL_PASSWORD=PASSWORD\n'), mock.call('OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD=PASSWORD\n'), @@ -76,6 +81,7 @@ class TestPasswordsUtil(TestCase): ] self.assertEqual(sorted(mock_open().write.mock_calls), mock_calls) self.assertEqual(generate_password_mock.call_count + + create_keystone_creds_mock.call_count + create_cephx_key_mock.call_count, len(mock_calls)) self.assertEqual(len(passwords), len(mock_calls)) @@ -93,8 +99,11 @@ class TestPasswordsUtil(TestCase): return_value="PASSWORD") @mock.patch("tripleoclient.utils.create_cephx_key", return_value="CEPHX_KEY") - def test_load_passwords(self, create_cephx_key_mock, - generate_password_mock, isfile_mock): + @mock.patch("tripleoclient.utils.create_keystone_credential", + return_value="PASSWORD") + def test_load_passwords(self, create_keystone_creds_mock, + create_cephx_key_mock, generate_password_mock, + isfile_mock): PASSWORDS = [ 'OVERCLOUD_ADMIN_PASSWORD=PASSWORD\n', 'OVERCLOUD_ADMIN_TOKEN=PASSWORD\n', @@ -114,6 +123,8 @@ class TestPasswordsUtil(TestCase): 'OVERCLOUD_HEAT_PASSWORD=PASSWORD\n', 'OVERCLOUD_HEAT_STACK_DOMAIN_PASSWORD=PASSWORD\n', 'OVERCLOUD_IRONIC_PASSWORD=PASSWORD\n', + 'OVERCLOUD_KEYSTONE_CREDENTIALS_0=PASSWORD\n', + 'OVERCLOUD_KEYSTONE_CREDENTIALS_1=PASSWORD\n', 'OVERCLOUD_MANILA_PASSWORD=PASSWORD\n', 'OVERCLOUD_MISTRAL_PASSWORD=PASSWORD\n', 'OVERCLOUD_MYSQL_CLUSTERCHECK_PASSWORD=PASSWORD\n', diff --git a/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py b/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py index ef24f490f..cb136877b 100644 --- a/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py +++ b/tripleoclient/tests/v1/overcloud_deploy/test_overcloud_deploy.py @@ -176,8 +176,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): 'HypervisorNeutronPhysicalBridge': 'br-ex', 'HypervisorNeutronPublicInterface': 'nic1', 'IronicPassword': 'password', - 'KeystoneCredential0': 'key', - 'KeystoneCredential1': 'key', + 'KeystoneCredential0': 'password', + 'KeystoneCredential1': 'password', 'ManilaPassword': 'password', 'MistralPassword': 'password', 'MysqlClustercheckPassword': 'password', @@ -349,8 +349,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): 'HypervisorNeutronPhysicalBridge': 'br-ex', 'HypervisorNeutronPublicInterface': 'nic1', 'IronicPassword': 'password', - 'KeystoneCredential0': 'key', - 'KeystoneCredential1': 'key', + 'KeystoneCredential0': 'password', + 'KeystoneCredential1': 'password', 'ManilaPassword': 'password', 'MistralPassword': 'password', 'MysqlClustercheckPassword': 'password', @@ -1286,8 +1286,8 @@ class TestDeployOvercloud(fakes.TestDeployOvercloud): 'HypervisorNeutronPhysicalBridge': 'br-ex', 'HypervisorNeutronPublicInterface': 'nic1', 'IronicPassword': 'password', - 'KeystoneCredential0': 'key', - 'KeystoneCredential1': 'key', + 'KeystoneCredential0': 'password', + 'KeystoneCredential1': 'password', 'ManilaPassword': 'password', 'MistralPassword': 'password', 'MysqlClustercheckPassword': 'password', diff --git a/tripleoclient/tests/v1/utils.py b/tripleoclient/tests/v1/utils.py index 1685df1d8..52810b6aa 100644 --- a/tripleoclient/tests/v1/utils.py +++ b/tripleoclient/tests/v1/utils.py @@ -17,6 +17,7 @@ from tripleoclient import utils def generate_overcloud_passwords_mock(): - passwords = utils._PASSWORD_NAMES + utils._CEPH_PASSWORD_NAMES + passwords = utils._PASSWORD_NAMES + utils._CEPH_PASSWORD_NAMES + \ + utils._KEYSTONE_CREDENTIALS_NAME return dict((password, 'password') for password in passwords) diff --git a/tripleoclient/utils.py b/tripleoclient/utils.py index 04cd2babf..dbdc86d32 100644 --- a/tripleoclient/utils.py +++ b/tripleoclient/utils.py @@ -75,6 +75,11 @@ _CEPH_PASSWORD_NAMES = ( "OVERCLOUD_CEPH_RGW_KEY" ) +_KEYSTONE_CREDENTIALS_NAME = ( + "OVERCLOUD_KEYSTONE_CREDENTIALS_0", + "OVERCLOUD_KEYSTONE_CREDENTIALS_1" +) + def generate_overcloud_passwords(output_file="tripleo-overcloud-passwords", create_password_file=False): @@ -108,6 +113,10 @@ def generate_overcloud_passwords(output_file="tripleo-overcloud-passwords", if not passwords.get(name): passwords[name] = create_cephx_key() + for name in _KEYSTONE_CREDENTIALS_NAME: + if not passwords.get(name): + passwords[name] = create_keystone_credential() + with open(output_file, 'w') as f: for name, password in passwords.items(): f.write("{0}={1}\n".format(name, password)) diff --git a/tripleoclient/v1/overcloud_deploy.py b/tripleoclient/v1/overcloud_deploy.py index e43b45ebd..340ccfab1 100644 --- a/tripleoclient/v1/overcloud_deploy.py +++ b/tripleoclient/v1/overcloud_deploy.py @@ -112,6 +112,10 @@ class DeployOvercloud(command.Command): parameters['CephAdminKey'] = passwords['OVERCLOUD_CEPH_ADMIN_KEY'] parameters['CephClientKey'] = passwords['OVERCLOUD_CEPH_CLIENT_KEY'] parameters['CephRgwKey'] = passwords['OVERCLOUD_CEPH_RGW_KEY'] + parameters['KeystoneCredential0'] = passwords[ + 'OVERCLOUD_KEYSTONE_CREDENTIALS_0'] + parameters['KeystoneCredential1'] = passwords[ + 'OVERCLOUD_KEYSTONE_CREDENTIALS_1'] def _update_parameters(self, args, network_client, stack): parameters = {} @@ -189,9 +193,7 @@ class DeployOvercloud(command.Command): if stack_is_new: parameters.update({ - 'CephClusterFSID': six.text_type(uuid.uuid1()), - 'KeystoneCredential0': utils.create_keystone_credential(), - 'KeystoneCredential1': utils.create_keystone_credential()}) + 'CephClusterFSID': six.text_type(uuid.uuid1())}) return parameters