Add password auth to devstack and tcpcloud
* Fixed password auth in ansible executor Change-Id: I6f2f21b3c893dc42032dba537c21c8f4bd0521dc
This commit is contained in:
parent
66d394be2b
commit
3ddf8dda85
@ -113,7 +113,7 @@ def add_module_paths(paths):
|
||||
|
||||
Options = collections.namedtuple(
|
||||
'Options',
|
||||
['connection', 'password', 'module_path', 'forks',
|
||||
['connection', 'module_path', 'forks',
|
||||
'remote_user', 'private_key_file',
|
||||
'ssh_common_args', 'ssh_extra_args', 'sftp_extra_args',
|
||||
'scp_extra_args', 'become', 'become_method',
|
||||
@ -134,8 +134,9 @@ class AnsibleRunner(object):
|
||||
% dict(key=private_key_file, user=jump_user or remote_user,
|
||||
host=jump_host, ssh_args=SSH_COMMON_ARGS))
|
||||
|
||||
self.passwords = dict(conn_pass=password, become_pass=password)
|
||||
self.options = Options(
|
||||
connection='smart', password=password,
|
||||
connection='smart',
|
||||
module_path=os.pathsep.join(get_module_paths()),
|
||||
forks=forks, remote_user=remote_user,
|
||||
private_key_file=private_key_file,
|
||||
@ -153,7 +154,6 @@ class AnsibleRunner(object):
|
||||
variable_manager=variable_manager,
|
||||
host_list=host_list)
|
||||
variable_manager.set_inventory(inventory_inst)
|
||||
passwords = dict(vault_pass='secret')
|
||||
|
||||
# create play
|
||||
play_inst = play.Play().load(play_source,
|
||||
@ -171,7 +171,7 @@ class AnsibleRunner(object):
|
||||
variable_manager=variable_manager,
|
||||
loader=loader,
|
||||
options=self.options,
|
||||
passwords=passwords,
|
||||
passwords=self.passwords,
|
||||
stdout_callback=callback,
|
||||
)
|
||||
tqm.run(play_inst)
|
||||
|
@ -134,6 +134,7 @@ class DevStackManagement(cloud_management.CloudManagement,
|
||||
args:
|
||||
address: 192.168.1.10
|
||||
username: ubuntu
|
||||
password: ubuntu_pass
|
||||
private_key_file: ~/.ssh/id_rsa_devstack
|
||||
slaves:
|
||||
- 192.168.1.11
|
||||
@ -144,6 +145,7 @@ class DevStackManagement(cloud_management.CloudManagement,
|
||||
|
||||
- **address** - ip address of any devstack node
|
||||
- **username** - username for all nodes
|
||||
- **password** - password for all nodes (optional)
|
||||
- **private_key_file** - path to key file (optional)
|
||||
- **slaves** - list of ips for additional nodes (optional)
|
||||
- **iface** - network interface name to retrive mac address (optional)
|
||||
@ -171,6 +173,7 @@ class DevStackManagement(cloud_management.CloudManagement,
|
||||
'properties': {
|
||||
'address': {'type': 'string'},
|
||||
'username': {'type': 'string'},
|
||||
'password': {'type': 'string'},
|
||||
'private_key_file': {'type': 'string'},
|
||||
'slaves': {
|
||||
'type': 'array',
|
||||
@ -194,6 +197,7 @@ class DevStackManagement(cloud_management.CloudManagement,
|
||||
|
||||
self.cloud_executor = executor.AnsibleRunner(
|
||||
remote_user=self.username, private_key_file=self.private_key_file,
|
||||
password=cloud_management_params.get('password'),
|
||||
become=False)
|
||||
|
||||
self.hosts = [self.address]
|
||||
|
@ -218,8 +218,10 @@ class TCPCloudManagement(cloud_management.CloudManagement,
|
||||
args:
|
||||
address: 192.168.1.10
|
||||
username: root
|
||||
private_key_file: ~/.ssh/id_rsa_fuel
|
||||
password: root_pass
|
||||
private_key_file: ~/.ssh/id_rsa_tcpcloud
|
||||
slave_username: ubuntu
|
||||
slave_password: ubuntu_pass
|
||||
master_sudo: False
|
||||
slave_sudo: True
|
||||
slave_name_regexp: ^(?!cfg|mon)
|
||||
@ -230,13 +232,17 @@ class TCPCloudManagement(cloud_management.CloudManagement,
|
||||
|
||||
- **address** - ip address of salt config node
|
||||
- **username** - username for salt config node
|
||||
- **password** - password for salt config node (optional)
|
||||
- **private_key_file** - path to key file (optional)
|
||||
- **slave_username** - username for salt minions (optional) *username*
|
||||
will be used if *slave_username* not specified
|
||||
- **slave_password** - password for salt minions (optional) *password*
|
||||
will be used if *slave_password* not specified
|
||||
- **master_sudo** - Use sudo on salt config node (optional)
|
||||
- **slave_sudo** - Use sudi on salt minion nodes (optional)
|
||||
- **slave_name_regexp** - regexp for minion FQDNs (optional)
|
||||
- **slave_direct_ssh** - if *False* then salt master is used as ssh proxy
|
||||
(optional)
|
||||
- **get_ips_cmd** - salt command to get IPs of minions (optional)
|
||||
"""
|
||||
|
||||
@ -278,8 +284,10 @@ class TCPCloudManagement(cloud_management.CloudManagement,
|
||||
'properties': {
|
||||
'address': {'type': 'string'},
|
||||
'username': {'type': 'string'},
|
||||
'password': {'type': 'string'},
|
||||
'private_key_file': {'type': 'string'},
|
||||
'slave_username': {'type': 'string'},
|
||||
'slave_password': {'type': 'string'},
|
||||
'master_sudo': {'type': 'boolean'},
|
||||
'slave_sudo': {'type': 'boolean'},
|
||||
'slave_name_regexp': {'type': 'string'},
|
||||
@ -305,13 +313,16 @@ class TCPCloudManagement(cloud_management.CloudManagement,
|
||||
self.get_ips_cmd = cloud_management_params.get(
|
||||
'get_ips_cmd', 'pillar.get _param:single_address')
|
||||
|
||||
password = cloud_management_params.get('password')
|
||||
self.master_node_executor = executor.AnsibleRunner(
|
||||
remote_user=self.username,
|
||||
password=password,
|
||||
private_key_file=self.private_key_file,
|
||||
become=cloud_management_params.get('master_sudo'))
|
||||
|
||||
self.cloud_executor = executor.AnsibleRunner(
|
||||
remote_user=self.slave_username,
|
||||
password=cloud_management_params.get('slave_password', password),
|
||||
private_key_file=self.private_key_file,
|
||||
jump_host=self.master_node_address if use_jump else None,
|
||||
jump_user=self.username if use_jump else None,
|
||||
|
@ -119,16 +119,25 @@ class AnsibleRunnerTestCase(test.TestCase):
|
||||
{},
|
||||
dict(become=None, become_method='sudo', become_user='root',
|
||||
check=False, connection='smart', forks=100,
|
||||
password=None, private_key_file=None,
|
||||
private_key_file=None,
|
||||
remote_user='root', scp_extra_args=None, sftp_extra_args=None,
|
||||
ssh_common_args=executor.SSH_COMMON_ARGS,
|
||||
ssh_extra_args=None, verbosity=100)
|
||||
ssh_extra_args=None, verbosity=100),
|
||||
dict(conn_pass=None, become_pass=None),
|
||||
), (
|
||||
dict(remote_user='root', password='foobar'),
|
||||
dict(become=None, become_method='sudo', become_user='root',
|
||||
check=False, connection='smart', forks=100,
|
||||
private_key_file=None,
|
||||
remote_user='root', scp_extra_args=None, sftp_extra_args=None,
|
||||
ssh_common_args=executor.SSH_COMMON_ARGS,
|
||||
ssh_extra_args=None, verbosity=100),
|
||||
dict(conn_pass='foobar', become_pass='foobar'),
|
||||
), (
|
||||
dict(remote_user='root', jump_host='jhost.com',
|
||||
private_key_file='/path/my.key'),
|
||||
dict(become=None, become_method='sudo', become_user='root',
|
||||
check=False, connection='smart', forks=100,
|
||||
password=None,
|
||||
private_key_file='/path/my.key',
|
||||
remote_user='root', scp_extra_args=None, sftp_extra_args=None,
|
||||
ssh_common_args=('-o UserKnownHostsFile=/dev/null '
|
||||
@ -139,13 +148,13 @@ class AnsibleRunnerTestCase(test.TestCase):
|
||||
'-o UserKnownHostsFile=/dev/null '
|
||||
'-o StrictHostKeyChecking=no '
|
||||
'root@jhost.com"'),
|
||||
ssh_extra_args=None, verbosity=100)
|
||||
ssh_extra_args=None, verbosity=100),
|
||||
dict(conn_pass=None, become_pass=None),
|
||||
), (
|
||||
dict(remote_user='root', jump_host='jhost.com', jump_user='juser',
|
||||
private_key_file='/path/my.key'),
|
||||
dict(become=None, become_method='sudo', become_user='root',
|
||||
check=False, connection='smart', forks=100,
|
||||
password=None,
|
||||
private_key_file='/path/my.key',
|
||||
remote_user='root', scp_extra_args=None, sftp_extra_args=None,
|
||||
ssh_common_args=('-o UserKnownHostsFile=/dev/null '
|
||||
@ -156,15 +165,18 @@ class AnsibleRunnerTestCase(test.TestCase):
|
||||
'-o UserKnownHostsFile=/dev/null '
|
||||
'-o StrictHostKeyChecking=no '
|
||||
'juser@jhost.com"'),
|
||||
ssh_extra_args=None, verbosity=100)
|
||||
ssh_extra_args=None, verbosity=100),
|
||||
dict(conn_pass=None, become_pass=None),
|
||||
))
|
||||
@ddt.unpack
|
||||
def test___init__options(self, config, options_args, mock_options):
|
||||
executor.AnsibleRunner(**config)
|
||||
def test___init__options(self, config, options_args, passwords,
|
||||
mock_options):
|
||||
runner = executor.AnsibleRunner(**config)
|
||||
module_path = executor.resolve_relative_path(
|
||||
'os_faults/ansible/modules')
|
||||
mock_options.assert_called_once_with(module_path=module_path,
|
||||
**options_args)
|
||||
self.assertEqual(passwords, runner.passwords)
|
||||
|
||||
@mock.patch.object(executor.task_queue_manager, 'TaskQueueManager')
|
||||
@mock.patch('ansible.playbook.play.Play.load')
|
||||
|
@ -67,34 +67,54 @@ class TCPCloudManagementTestCase(test.TestCase):
|
||||
@mock.patch('os_faults.ansible.executor.AnsibleRunner', autospec=True)
|
||||
@ddt.data((
|
||||
dict(address='tcp.local', username='root'),
|
||||
(mock.call(become=None, private_key_file=None, remote_user='root'),
|
||||
(mock.call(become=None, private_key_file=None, remote_user='root',
|
||||
password=None),
|
||||
mock.call(become=None, jump_host='tcp.local', jump_user='root',
|
||||
private_key_file=None, remote_user='root'))
|
||||
private_key_file=None, remote_user='root',
|
||||
password=None))
|
||||
), (
|
||||
dict(address='tcp.local', username='ubuntu',
|
||||
slave_username='root', master_sudo=True,
|
||||
private_key_file='/path/id_rsa'),
|
||||
(mock.call(become=True, private_key_file='/path/id_rsa',
|
||||
remote_user='ubuntu'),
|
||||
remote_user='ubuntu', password=None),
|
||||
mock.call(become=None, jump_host='tcp.local', jump_user='ubuntu',
|
||||
private_key_file='/path/id_rsa', remote_user='root'))
|
||||
private_key_file='/path/id_rsa', remote_user='root',
|
||||
password=None))
|
||||
), (
|
||||
dict(address='tcp.local', username='ubuntu',
|
||||
slave_username='root', slave_sudo=True,
|
||||
private_key_file='/path/id_rsa'),
|
||||
(mock.call(become=None, private_key_file='/path/id_rsa',
|
||||
remote_user='ubuntu'),
|
||||
remote_user='ubuntu', password=None),
|
||||
mock.call(become=True, jump_host='tcp.local', jump_user='ubuntu',
|
||||
private_key_file='/path/id_rsa', remote_user='root'))
|
||||
private_key_file='/path/id_rsa', remote_user='root',
|
||||
password=None))
|
||||
), (
|
||||
dict(address='tcp.local', username='ubuntu',
|
||||
slave_username='root', slave_sudo=True,
|
||||
private_key_file='/path/id_rsa',
|
||||
slave_direct_ssh=True),
|
||||
(mock.call(become=None, private_key_file='/path/id_rsa',
|
||||
remote_user='ubuntu'),
|
||||
remote_user='ubuntu', password=None),
|
||||
mock.call(become=True, jump_host=None, jump_user=None,
|
||||
private_key_file='/path/id_rsa', remote_user='root'))
|
||||
private_key_file='/path/id_rsa', remote_user='root',
|
||||
password=None))
|
||||
), (
|
||||
dict(address='tcp.local', username='root', password='root_pass'),
|
||||
(mock.call(become=None, private_key_file=None, remote_user='root',
|
||||
password='root_pass'),
|
||||
mock.call(become=None, jump_host='tcp.local', jump_user='root',
|
||||
private_key_file=None, remote_user='root',
|
||||
password='root_pass'))
|
||||
), (
|
||||
dict(address='tcp.local', username='root',
|
||||
slave_password='slave_pass'),
|
||||
(mock.call(become=None, private_key_file=None, remote_user='root',
|
||||
password=None),
|
||||
mock.call(become=None, jump_host='tcp.local', jump_user='root',
|
||||
private_key_file=None, remote_user='root',
|
||||
password='slave_pass'))
|
||||
))
|
||||
@ddt.unpack
|
||||
def test_init(self, config, expected_runner_calls, mock_ansible_runner):
|
||||
|
Loading…
Reference in New Issue
Block a user