Fix up amulet for queens
Switch to use Keystone v3 clients for Queens Change-Id: Ic93b430fa12f9d283c507a51a58e0468b7d4a850
This commit is contained in:
parent
f5213021b7
commit
1cd062efde
|
@ -26,6 +26,10 @@ from charmhelpers.contrib.openstack.amulet.utils import (
|
|||
)
|
||||
from charmhelpers.contrib.openstack.utils import CompareOpenStackReleases
|
||||
|
||||
import keystoneclient
|
||||
from keystoneclient.v3 import client as keystone_client_v3
|
||||
import glanceclient
|
||||
from novaclient import client as nova_client
|
||||
from novaclient import exceptions
|
||||
|
||||
|
||||
|
@ -186,46 +190,95 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||
self._get_openstack_release_string()))
|
||||
|
||||
# Authenticate admin with keystone
|
||||
self.keystone = u.authenticate_keystone_admin(self.keystone_sentry,
|
||||
user='admin',
|
||||
password='openstack',
|
||||
tenant='admin')
|
||||
self.keystone_session, self.keystone = u.get_default_keystone_session(
|
||||
self.keystone_sentry,
|
||||
openstack_release=self._get_openstack_release())
|
||||
|
||||
# Authenticate admin with glance endpoint
|
||||
self.glance = u.authenticate_glance_admin(self.keystone)
|
||||
self.glance = glanceclient.Client('1', session=self.keystone_session)
|
||||
|
||||
# Authenticate admin with nova endpoint
|
||||
self.nova = u.authenticate_nova_user(self.keystone,
|
||||
user='admin',
|
||||
password='openstack',
|
||||
tenant='admin')
|
||||
self.nova = nova_client.Client(2, session=self.keystone_session)
|
||||
|
||||
keystone_ip = self.keystone_sentry.info['public-address']
|
||||
|
||||
# Create a demo tenant/role/user
|
||||
self.demo_tenant = 'demoTenant'
|
||||
self.demo_role = 'demoRole'
|
||||
self.demo_user = 'demoUser'
|
||||
self.demo_project = 'demoProject'
|
||||
self.demo_domain = 'demoDomain'
|
||||
if self._get_openstack_release() >= self.xenial_queens:
|
||||
self.create_users_v3()
|
||||
self.demo_user_session, auth = u.get_keystone_session(
|
||||
keystone_ip,
|
||||
self.demo_user,
|
||||
'password',
|
||||
api_version=3,
|
||||
user_domain_name=self.demo_domain,
|
||||
project_domain_name=self.demo_domain,
|
||||
project_name=self.demo_project
|
||||
)
|
||||
self.keystone_demo = keystone_client_v3.Client(
|
||||
session=self.demo_user_session)
|
||||
self.nova_demo = nova_client.Client(
|
||||
2,
|
||||
session=self.demo_user_session)
|
||||
else:
|
||||
self.create_users_v2()
|
||||
# Authenticate demo user with keystone
|
||||
self.keystone_demo = \
|
||||
u.authenticate_keystone_user(
|
||||
self.keystone, user=self.demo_user,
|
||||
password='password',
|
||||
tenant=self.demo_tenant)
|
||||
# Authenticate demo user with nova-api
|
||||
self.nova_demo = u.authenticate_nova_user(self.keystone,
|
||||
user=self.demo_user,
|
||||
password='password',
|
||||
tenant=self.demo_tenant)
|
||||
|
||||
def create_users_v3(self):
|
||||
try:
|
||||
self.keystone.projects.find(name=self.demo_project)
|
||||
except keystoneclient.exceptions.NotFound:
|
||||
domain = self.keystone.domains.create(
|
||||
self.demo_domain,
|
||||
description='Demo Domain',
|
||||
enabled=True
|
||||
)
|
||||
project = self.keystone.projects.create(
|
||||
self.demo_project,
|
||||
domain,
|
||||
description='Demo Project',
|
||||
enabled=True,
|
||||
)
|
||||
user = self.keystone.users.create(
|
||||
self.demo_user,
|
||||
domain=domain.id,
|
||||
project=self.demo_project,
|
||||
password='password',
|
||||
email='demov3@demo.com',
|
||||
description='Demo',
|
||||
enabled=True)
|
||||
role = self.keystone.roles.find(name='Admin')
|
||||
self.keystone.roles.grant(
|
||||
role.id,
|
||||
user=user.id,
|
||||
project=project.id)
|
||||
|
||||
def create_users_v2(self):
|
||||
if not u.tenant_exists(self.keystone, self.demo_tenant):
|
||||
tenant = self.keystone.tenants.create(tenant_name=self.demo_tenant,
|
||||
description='demo tenant',
|
||||
enabled=True)
|
||||
|
||||
self.keystone.roles.create(name=self.demo_role)
|
||||
self.keystone.users.create(name=self.demo_user,
|
||||
password='password',
|
||||
tenant_id=tenant.id,
|
||||
email='demo@demo.com')
|
||||
|
||||
# Authenticate demo user with keystone
|
||||
self.keystone_demo = \
|
||||
u.authenticate_keystone_user(self.keystone, user=self.demo_user,
|
||||
password='password',
|
||||
tenant=self.demo_tenant)
|
||||
|
||||
# Authenticate demo user with nova-api
|
||||
self.nova_demo = u.authenticate_nova_user(self.keystone,
|
||||
user=self.demo_user,
|
||||
password='password',
|
||||
tenant=self.demo_tenant)
|
||||
|
||||
def test_100_services(self):
|
||||
"""Verify the expected services are running on the corresponding
|
||||
service units."""
|
||||
|
@ -285,9 +338,12 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||
expected = {'s3': [endpoint_vol], 'compute': [endpoint_vol],
|
||||
'ec2': [endpoint_vol], 'identity': [endpoint_id]}
|
||||
|
||||
actual = self.keystone_demo.service_catalog.get_endpoints()
|
||||
actual = self.keystone.service_catalog.get_endpoints()
|
||||
|
||||
ret = u.validate_svc_catalog_endpoint_data(expected, actual)
|
||||
ret = u.validate_svc_catalog_endpoint_data(
|
||||
expected,
|
||||
actual,
|
||||
openstack_release=self._get_openstack_release())
|
||||
if ret:
|
||||
amulet.raise_status(amulet.FAIL, msg=ret)
|
||||
|
||||
|
@ -307,8 +363,14 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||
'service_id': u.not_null
|
||||
}
|
||||
|
||||
ret = u.validate_endpoint_data(endpoints, admin_port, internal_port,
|
||||
public_port, expected)
|
||||
ret = u.validate_endpoint_data(
|
||||
endpoints,
|
||||
admin_port,
|
||||
internal_port,
|
||||
public_port,
|
||||
expected,
|
||||
openstack_release=self._get_openstack_release())
|
||||
|
||||
if ret:
|
||||
message = 'osapi endpoint: {}'.format(ret)
|
||||
amulet.raise_status(amulet.FAIL, msg=message)
|
||||
|
@ -582,10 +644,10 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||
# Since >= liberty endpoint_type was replaced by interface
|
||||
# https://github.com/openstack/keystoneauth/commit/d227f6d237c4309b21a32a115fc5b09b9ba46ef0
|
||||
try:
|
||||
ks_ep = self.keystone_demo.service_catalog.url_for(
|
||||
ks_ep = self.keystone.service_catalog.url_for(
|
||||
service_type='identity', interface='publicURL')
|
||||
except TypeError:
|
||||
ks_ep = self.keystone_demo.service_catalog.url_for(
|
||||
ks_ep = self.keystone.service_catalog.url_for(
|
||||
service_type='identity', endpoint_type='publicURL')
|
||||
|
||||
ks_ec2 = "{}/ec2tokens".format(ks_ep)
|
||||
|
@ -691,7 +753,19 @@ class NovaCCBasicDeployment(OpenStackAmuletDeployment):
|
|||
'lock_path': '/var/lock/nova',
|
||||
}
|
||||
|
||||
if self._get_openstack_release() >= self.trusty_mitaka:
|
||||
if self._get_openstack_release() >= self.xenial_queens:
|
||||
expected['keystone_authtoken'] = {
|
||||
'auth_uri': ks_uri.rstrip('/'),
|
||||
'auth_url': id_uri.rstrip('/'),
|
||||
'auth_type': 'password',
|
||||
'project_domain_name': 'service_domain',
|
||||
'user_domain_name': 'service_domain',
|
||||
'project_name': 'services',
|
||||
'username': ks_ncc_rel['service_username'],
|
||||
'password': ks_ncc_rel['service_password'],
|
||||
'signing_dir': '/var/cache/nova'
|
||||
}
|
||||
elif self._get_openstack_release() >= self.trusty_mitaka:
|
||||
expected['keystone_authtoken'] = {
|
||||
'auth_uri': ks_uri.rstrip('/'),
|
||||
'auth_url': id_uri.rstrip('/'),
|
||||
|
|
Loading…
Reference in New Issue