51c0f9a353
In many scenario tests, resource either same or different services are created serially which is ok at some extend as most of the resource creation is async operation. But when we wait for resource status serially for example volume to reach to 'avaiable' state, server to become 'SSHABLE' then it add a lot of time in test execution. This commit try to make resources creation and their status waiting in parallel operation so that while we wait for volume to be reach in 'available' state we create server and same time we wait for server to be ACTIVE or SSHABLE. Related-Bug: #2004780 Change-Id: I30f2a44d94dc1e94aefeefecd4dc4e25bdda7a72
106 lines
4.6 KiB
Python
106 lines
4.6 KiB
Python
# Copyright (c) 2014 The Johns Hopkins University/Applied Physics Laboratory
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import testtools
|
|
|
|
from tempest.common import utils
|
|
from tempest.common import waiters
|
|
from tempest import config
|
|
from tempest.lib import decorators
|
|
from tempest.scenario import manager
|
|
|
|
CONF = config.CONF
|
|
|
|
|
|
class TestEncryptedCinderVolumes(manager.EncryptionScenarioTest):
|
|
|
|
"""The test suite for encrypted cinder volumes
|
|
|
|
This test is for verifying the functionality of encrypted cinder volumes.
|
|
|
|
For both LUKS (v1 & v2) and cryptsetup encryption types, this test performs
|
|
the following:
|
|
|
|
* Boots an instance from an image (CONF.compute.image_ref)
|
|
* Creates an encryption type (as admin)
|
|
* Creates a volume of that encryption type (as a regular user)
|
|
* Attaches and detaches the encrypted volume to the instance
|
|
"""
|
|
|
|
@classmethod
|
|
def skip_checks(cls):
|
|
super(TestEncryptedCinderVolumes, cls).skip_checks()
|
|
if not CONF.compute_feature_enabled.attach_encrypted_volume:
|
|
raise cls.skipException('Encrypted volume attach is not supported')
|
|
|
|
def launch_instance(self):
|
|
return self.create_server(wait_until='SSHABLE')
|
|
|
|
def attach_detach_volume(self, server, volume):
|
|
attached_volume = self.nova_volume_attach(server, volume)
|
|
self.nova_volume_detach(server, attached_volume)
|
|
|
|
@decorators.idempotent_id('79165fb4-5534-4b9d-8429-97ccffb8f86e')
|
|
@decorators.attr(type='slow')
|
|
@utils.services('compute', 'volume', 'image')
|
|
def test_encrypted_cinder_volumes_luks(self):
|
|
"""LUKs v1 decrypts volume through libvirt."""
|
|
volume = self.create_encrypted_volume('luks',
|
|
volume_type='luks',
|
|
wait_until=None)
|
|
server = self.launch_instance()
|
|
waiters.wait_for_volume_resource_status(self.volumes_client,
|
|
volume['id'], 'available')
|
|
# The volume retrieved on creation has a non-up-to-date status.
|
|
# Retrieval after it becomes active ensures correct details.
|
|
volume = self.volumes_client.show_volume(volume['id'])['volume']
|
|
|
|
self.attach_detach_volume(server, volume)
|
|
|
|
@decorators.idempotent_id('7abec0a3-61a0-42a5-9e36-ad3138fb38b4')
|
|
@testtools.skipIf(CONF.volume.storage_protocol == 'ceph',
|
|
'Ceph only supports LUKSv2 if doing host attach.')
|
|
@decorators.attr(type='slow')
|
|
@utils.services('compute', 'volume', 'image')
|
|
def test_encrypted_cinder_volumes_luksv2(self):
|
|
"""LUKs v2 decrypts volume through os-brick."""
|
|
volume = self.create_encrypted_volume('luks2',
|
|
volume_type='luksv2',
|
|
wait_until=None)
|
|
server = self.launch_instance()
|
|
waiters.wait_for_volume_resource_status(self.volumes_client,
|
|
volume['id'], 'available')
|
|
# The volume retrieved on creation has a non-up-to-date status.
|
|
# Retrieval after it becomes active ensures correct details.
|
|
volume = self.volumes_client.show_volume(volume['id'])['volume']
|
|
|
|
self.attach_detach_volume(server, volume)
|
|
|
|
@decorators.idempotent_id('cbc752ed-b716-4717-910f-956cce965722')
|
|
@decorators.attr(type='slow')
|
|
@utils.services('compute', 'volume', 'image')
|
|
def test_encrypted_cinder_volumes_cryptsetup(self):
|
|
volume = self.create_encrypted_volume('plain',
|
|
volume_type='cryptsetup',
|
|
wait_until=None)
|
|
server = self.launch_instance()
|
|
waiters.wait_for_volume_resource_status(self.volumes_client,
|
|
volume['id'], 'available')
|
|
# The volume retrieved on creation has a non-up-to-date status.
|
|
# Retrieval after it becomes active ensures correct details.
|
|
volume = self.volumes_client.show_volume(volume['id'])['volume']
|
|
|
|
self.attach_detach_volume(server, volume)
|