Add new multi ssh configuration options

This patch add new configuration options for the multiple strategies for ssh access to VMs. Partially implements: blueprint ssh-auth-strategy Change-Id: I16cdbe0982aa35b752828054b6be2cae6c51c6ef
2015-01-12 16:01:20 +00:00 · 2015-01-12 16:01:20 +00:00 · 2f81cc1981
commit 2f81cc1981
parent 7c8fcc6734
2 changed files with 97 additions and 35 deletions
--- a/etc/tempest.conf.sample
+++ b/etc/tempest.conf.sample
@ -253,10 +253,6 @@
 # image. (string value)
 #image_alt_ssh_user = root

-# Password used to authenticate to an instance using the alternate
-# image. (string value)
-#image_alt_ssh_password = password
-
 # Time in seconds between build status checks. (integer value)
 #build_interval = 1

@ -269,16 +265,16 @@
 #run_ssh = false

 # Auth method used for authenticate to the instance. Valid choices
-# are: keypair, configured, adminpass. keypair: start the servers with
-# an ssh keypair. configured: use the configured user and password.
-# adminpass: use the injected adminPass. disabled: avoid using ssh
-# when it is an option. (string value)
+# are: keypair, configured, adminpass and disabled. Keypair: start the
+# servers with a ssh keypair. Configured: use the configured user and
+# password. Adminpass: use the injected adminPass. Disabled: avoid
+# using ssh when it is an option. (string value)
 #ssh_auth_method = keypair

 # How to connect to the instance? fixed: using the first ip belongs
-# the fixed network floating: creating and using a floating ip (string
-# value)
-#ssh_connect_method = fixed
+# the fixed network floating: creating and using a floating ip.
+# (string value)
+#ssh_connect_method = floating

 # User name used to authenticate to an instance. (string value)
 #ssh_user = root
@ -301,7 +297,8 @@
 # Name of the fixed network that is visible to all test tenants. If
 # multiple networks are available for a tenant this is the network
 # which will be used for creating servers if tempest does not create a
-# network or a network is not specified elsewhere (string value)
+# network or a network is not specified elsewhere. It may be used for
+# ssh validation only if floating IPs are disabled. (string value)
 #fixed_network_name = <None>

 # Network used for SSH connections. Ignored if
@ -326,10 +323,6 @@
 # Allowed values: public, admin, internal, publicURL, adminURL, internalURL
 #endpoint_type = publicURL

-# Path to a private key file for SSH access to remote hosts (string
-# value)
-#path_to_private_key = <None>
-
 # Expected device name when a volume is attached to an instance
 # (string value)
 #volume_device_name = vdb
@ -746,14 +739,19 @@
 # The mask bits for tenant ipv6 subnets (integer value)
 #tenant_network_v6_mask_bits = 64

-# Whether tenant network connectivity should be evaluated directly
-# (boolean value)
+# Whether tenant networks can be reached directly from the test
+# client. This must be set to True when the 'fixed' ssh_connect_method
+# is selected. (boolean value)
 #tenant_networks_reachable = false

 # Id of the public network that provides external connectivity (string
 # value)
 #public_network_id =

+# Default floating network name. Used to allocate floating IPs when
+# neutron is enabled. (string value)
+#floating_network_name = <None>
+
 # Id of the public router that provides external connectivity. This
 # should only be used when Neutron's 'allow_overlapping_ips' is set to
 # 'False' in neutron.conf. usually not needed past 'Grizzly' release
@ -1071,6 +1069,38 @@
 #too_slow_to_test = true


+[validation]
+
+#
+# From tempest.config
+#
+
+# Default IP type used for validation: -fixed: uses the first IP
+# belonging to the fixed network -floating: creates and uses a
+# floating IP (string value)
+# Allowed values: fixed, floating
+#connect_method = floating
+
+# Default authentication method to the instance. Only ssh via keypair
+# is supported for now. Additional methods will be handled in a
+# separate spec. (string value)
+# Allowed values: keypair
+#auth_method = keypair
+
+# Default IP version for ssh connections. (integer value)
+#ip_version_for_ssh = 4
+
+# Timeout in seconds to wait for ping to succeed. (integer value)
+#ping_timeout = 120
+
+# Timeout in seconds to wait for the TCP connection to be successful.
+# (integer value)
+#connect_timeout = 60
+
+# Timeout in seconds to wait for the ssh banner. (integer value)
+#ssh_timeout = 300
+
+
 [volume]

 #
--- a/tempest/config.py
+++ b/tempest/config.py
@ -187,10 +187,6 @@ ComputeGroup = [
               default="root",
               help="User name used to authenticate to an instance using "
                    "the alternate image."),
-    cfg.StrOpt('image_alt_ssh_password',
-               default="password",
-               help="Password used to authenticate to an instance using "
-                    "the alternate image."),
    cfg.IntOpt('build_interval',
               default=1,
               help="Time in seconds between build status checks."),
@ -205,16 +201,17 @@ ComputeGroup = [
    cfg.StrOpt('ssh_auth_method',
               default='keypair',
               help="Auth method used for authenticate to the instance. "
-                    "Valid choices are: keypair, configured, adminpass. "
-                    "keypair: start the servers with an ssh keypair. "
-                    "configured: use the configured user and password. "
-                    "adminpass: use the injected adminPass. "
-                    "disabled: avoid using ssh when it is an option."),
+                    "Valid choices are: keypair, configured, adminpass "
+                    "and disabled. "
+                    "Keypair: start the servers with a ssh keypair. "
+                    "Configured: use the configured user and password. "
+                    "Adminpass: use the injected adminPass. "
+                    "Disabled: avoid using ssh when it is an option."),
    cfg.StrOpt('ssh_connect_method',
-               default='fixed',
+               default='floating',
               help="How to connect to the instance? "
                    "fixed: using the first ip belongs the fixed network "
-                    "floating: creating and using a floating ip"),
+                    "floating: creating and using a floating ip."),
    cfg.StrOpt('ssh_user',
               default='root',
               help="User name used to authenticate to an instance."),
@ -239,7 +236,8 @@ ComputeGroup = [
                    "tenants. If multiple networks are available for a tenant"
                    " this is the network which will be used for creating "
                    "servers if tempest does not create a network or a "
-                    "network is not specified elsewhere"),
+                    "network is not specified elsewhere. It may be used for "
+                    "ssh validation only if floating IPs are disabled."),
    cfg.StrOpt('network_for_ssh',
               default='public',
               help="Network used for SSH connections. Ignored if "
@ -264,9 +262,6 @@ ComputeGroup = [
               choices=['public', 'admin', 'internal',
                        'publicURL', 'adminURL', 'internalURL'],
               help="The endpoint type to use for the compute service."),
-    cfg.StrOpt('path_to_private_key',
-               help="Path to a private key file for SSH access to remote "
-                    "hosts"),
    cfg.StrOpt('volume_device_name',
               default='vdb',
               help="Expected device name when a volume is attached to "
@ -449,12 +444,16 @@ NetworkGroup = [
               help="The mask bits for tenant ipv6 subnets"),
    cfg.BoolOpt('tenant_networks_reachable',
                default=False,
-                help="Whether tenant network connectivity should be "
-                     "evaluated directly"),
+                help="Whether tenant networks can be reached directly from "
+                     "the test client. This must be set to True when the "
+                     "'fixed' ssh_connect_method is selected."),
    cfg.StrOpt('public_network_id',
               default="",
               help="Id of the public network that provides external "
                    "connectivity"),
+    cfg.StrOpt('floating_network_name',
+               help="Default floating network name. Used to allocate floating "
+                    "IPs when neutron is enabled."),
    cfg.StrOpt('public_router_id',
               default="",
               help="Id of the public router that provides external "
@ -536,6 +535,37 @@ MessagingGroup = [
               help='The maximum grace period for a claim'),
 ]

+validation_group = cfg.OptGroup(name='validation',
+                                title='SSH Validation options')
+
+ValidationGroup = [
+    cfg.StrOpt('connect_method',
+               default='floating',
+               choices=['fixed', 'floating'],
+               help='Default IP type used for validation: '
+                    '-fixed: uses the first IP belonging to the fixed network '
+                    '-floating: creates and uses a floating IP'),
+    cfg.StrOpt('auth_method',
+               default='keypair',
+               choices=['keypair'],
+               help='Default authentication method to the instance. '
+                    'Only ssh via keypair is supported for now. '
+                    'Additional methods will be handled in a separate spec.'),
+    cfg.IntOpt('ip_version_for_ssh',
+               default=4,
+               help='Default IP version for ssh connections.'),
+    cfg.IntOpt('ping_timeout',
+               default=120,
+               help='Timeout in seconds to wait for ping to succeed.'),
+    cfg.IntOpt('connect_timeout',
+               default=60,
+               help='Timeout in seconds to wait for the TCP connection to be '
+                    'successful.'),
+    cfg.IntOpt('ssh_timeout',
+               default=300,
+               help='Timeout in seconds to wait for the ssh banner.'),
+]
+
 volume_group = cfg.OptGroup(name='volume',
                            title='Block Storage Options')

@ -1088,6 +1118,7 @@ _opts = [
    (network_group, NetworkGroup),
    (network_feature_group, NetworkFeaturesGroup),
    (messaging_group, MessagingGroup),
+    (validation_group, ValidationGroup),
    (volume_group, VolumeGroup),
    (volume_feature_group, VolumeFeaturesGroup),
    (object_storage_group, ObjectStoreGroup),
@ -1148,6 +1179,7 @@ class TempestConfigPrivate(object):
        self.image_feature_enabled = _CONF['image-feature-enabled']
        self.network = _CONF.network
        self.network_feature_enabled = _CONF['network-feature-enabled']
+        self.validation = _CONF.validation
        self.volume = _CONF.volume
        self.volume_feature_enabled = _CONF['volume-feature-enabled']
        self.object_storage = _CONF['object-storage']