diff --git a/tempest/scenario/manager.py b/tempest/scenario/manager.py index 38e03c73ca..aecb3741ed 100644 --- a/tempest/scenario/manager.py +++ b/tempest/scenario/manager.py @@ -1249,6 +1249,17 @@ class EncryptionScenarioTest(ScenarioTest): type_id, provider=provider, key_size=key_size, cipher=cipher, control_location=control_location)['encryption'] + def create_encrypted_volume(self, encryption_provider, volume_type, + key_size=256, cipher='aes-xts-plain64', + control_location='front-end'): + volume_type = self.create_volume_type(name=volume_type) + self.create_encryption_type(type_id=volume_type['id'], + provider=encryption_provider, + key_size=key_size, + cipher=cipher, + control_location=control_location) + return self.create_volume(volume_type=volume_type['name']) + class ObjectStorageScenarioTest(ScenarioTest): """Provide harness to do Object Storage scenario tests. diff --git a/tempest/scenario/test_encrypted_cinder_volumes.py b/tempest/scenario/test_encrypted_cinder_volumes.py index d7b86f6ca3..cbdf30766c 100644 --- a/tempest/scenario/test_encrypted_cinder_volumes.py +++ b/tempest/scenario/test_encrypted_cinder_volumes.py @@ -48,15 +48,6 @@ class TestEncryptedCinderVolumes(manager.EncryptionScenarioTest): return self.create_server(image_id=image, key_name=keypair['name']) - def create_encrypted_volume(self, encryption_provider, volume_type): - volume_type = self.create_volume_type(name=volume_type) - self.create_encryption_type(type_id=volume_type['id'], - provider=encryption_provider, - key_size=256, - cipher='aes-xts-plain64', - control_location='front-end') - return self.create_volume(volume_type=volume_type['name']) - def attach_detach_volume(self, server, volume): attached_volume = self.nova_volume_attach(server, volume) self.nova_volume_detach(server, attached_volume) diff --git a/tempest/scenario/test_volume_boot_pattern.py b/tempest/scenario/test_volume_boot_pattern.py index 3dfbf186d0..96d0474695 100644 --- a/tempest/scenario/test_volume_boot_pattern.py +++ b/tempest/scenario/test_volume_boot_pattern.py @@ -24,7 +24,7 @@ CONF = config.CONF LOG = logging.getLogger(__name__) -class TestVolumeBootPattern(manager.ScenarioTest): +class TestVolumeBootPattern(manager.EncryptionScenarioTest): # Boot from volume scenario is quite slow, and needs extra # breathing room to get through deletes in the time allotted. @@ -227,3 +227,26 @@ class TestVolumeBootPattern(manager.ScenarioTest): # delete instance self._delete_server(instance) + + @decorators.idempotent_id('cb78919a-e553-4bab-b73b-10cf4d2eb125') + @testtools.skipIf(CONF.volume.storage_protocol.lower() in ['ceph', 'nfs'], + 'Currently, {} does not support volume encryption' + .format(CONF.volume.storage_protocol)) + @test.services('compute', 'volume') + def test_boot_server_from_encrypted_volume_luks(self): + # Create an encrypted volume + volume = self.create_encrypted_volume('nova.volume.encryptors.' + 'luks.LuksEncryptor', + volume_type='luks') + + self.volumes_client.set_bootable_volume(volume['id'], bootable=True) + + # Boot a server from the encrypted volume + server = self._boot_instance_from_resource( + source_id=volume['id'], + source_type='volume', + delete_on_termination=False) + + server_info = self.servers_client.show_server(server['id'])['server'] + created_volume = server_info['os-extended-volumes:volumes_attached'] + self.assertEqual(volume['id'], created_volume[0]['id'])