From 981c33a1fd26914036a4739c39f883f8d773c05e Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Robles Date: Tue, 29 Nov 2016 15:49:54 +0200 Subject: [PATCH] Test encrypted volumes in scenario002 This effectively adds barbican-api to the deployment in scenario002 and uses it to provide encrypted volumes for cinder that a nova instance boots from in the test. Change-Id: I132e346755fb49c9563247b4404be06b97f77872 --- ci/environments/scenario002-multinode.yaml | 2 ++ ci/pingtests/scenario002-multinode.yaml | 16 ++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/ci/environments/scenario002-multinode.yaml b/ci/environments/scenario002-multinode.yaml index 9ba5607bdb..b8bc5762f9 100644 --- a/ci/environments/scenario002-multinode.yaml +++ b/ci/environments/scenario002-multinode.yaml @@ -1,6 +1,7 @@ resource_registry: OS::TripleO::Controller::Net::SoftwareConfig: ../common/net-config-multinode.yaml OS::TripleO::Compute::Net::SoftwareConfig: ../common/net-config-multinode.yaml + OS::TripleO::Services::BarbicanApi: /usr/share/openstack-tripleo-heat-templates/puppet/services/barbican-api.yaml parameter_defaults: ControllerServices: @@ -40,6 +41,7 @@ parameter_defaults: - OS::TripleO::Services::SwiftProxy - OS::TripleO::Services::SwiftStorage - OS::TripleO::Services::SwiftRingBuilder + - OS::TripleO::Services::BarbicanApi ControllerExtraConfig: nova::compute::libvirt::services::libvirt_virt_type: qemu nova::compute::libvirt::libvirt_virt_type: qemu diff --git a/ci/pingtests/scenario002-multinode.yaml b/ci/pingtests/scenario002-multinode.yaml index 2421988787..d7a30fd9f3 100644 --- a/ci/pingtests/scenario002-multinode.yaml +++ b/ci/pingtests/scenario002-multinode.yaml @@ -72,12 +72,28 @@ resources: router_id: { get_resource: router } subnet_id: { get_resource: private_subnet } + luks_volume_type: + type: OS::Cinder::VolumeType + properties: + name: LUKS + + encrypted_volume_type: + type: OS::Cinder::EncryptedVolumeType + properties: + volume_type: {get_resource: luks_volume_type} + provider: nova.volume.encryptors.luks.LuksEncryptor + cipher: aes-xts-plain64 + control_location: front-end + key_size: 256 + volume1: type: OS::Cinder::Volume + depends_on: encrypted_volume_type properties: name: Volume1 image: { get_param: image } size: 1 + volume_type: {get_resource: luks_volume_type} server1: type: OS::Nova::Server