100
118
description='demo tenant',
102
120
self.keystone.roles.create(name=self.demo_role)
103
self.keystone.users.create(name=self.demo_user, password='password',
121
self.keystone.users.create(name=self.demo_user,
104
123
tenant_id=tenant.id,
105
124
email='demo@demo.com')
107
126
# Authenticate keystone demo
108
self.keystone_demo = u.authenticate_keystone_user(self.keystone,
111
tenant=self.demo_tenant)
127
self.keystone_demo = u.authenticate_keystone_user(
128
self.keystone, user=self.demo_user,
129
password='password', tenant=self.demo_tenant)
113
def test_services(self):
131
def test_100_services(self):
114
132
"""Verify the expected services are running on the corresponding
115
133
service units."""
117
self.mysql_sentry: ['status mysql'],
118
self.keystone_sentry: ['status keystone'],
119
self.cinder_sentry: ['status cinder-api', 'status cinder-scheduler',
120
'status cinder-volume']
135
self.mysql_sentry: ['mysql'],
136
self.keystone_sentry: ['keystone'],
137
self.cinder_sentry: ['cinder-api',
122
ret = u.validate_services(commands)
141
ret = u.validate_services_by_name(services)
124
143
amulet.raise_status(amulet.FAIL, msg=ret)
126
def test_tenants(self):
145
def test_102_keystone_tenants(self):
127
146
"""Verify all existing tenants."""
128
tenant1 = {'enabled': True,
129
'description': 'Created by Juju',
132
tenant2 = {'enabled': True,
133
'description': 'demo tenant',
134
'name': 'demoTenant',
136
tenant3 = {'enabled': True,
137
'description': 'Created by Juju',
140
expected = [tenant1, tenant2, tenant3]
147
u.log.debug('Checking keystone tenants...')
151
'description': 'Created by Juju',
153
{'name': 'demoTenant',
155
'description': 'demo tenant',
159
'description': 'Created by Juju',
141
162
actual = self.keystone.tenants.list()
143
164
ret = u.validate_tenant_data(expected, actual)
145
166
amulet.raise_status(amulet.FAIL, msg=ret)
147
def test_roles(self):
168
def test_104_keystone_roles(self):
148
169
"""Verify all existing roles."""
149
role1 = {'name': 'demoRole', 'id': u.not_null}
150
role2 = {'name': 'Admin', 'id': u.not_null}
151
expected = [role1, role2]
170
u.log.debug('Checking keystone roles...')
152
177
actual = self.keystone.roles.list()
154
179
ret = u.validate_role_data(expected, actual)
156
181
amulet.raise_status(amulet.FAIL, msg=ret)
158
def test_users(self):
183
def test_106_keystone_users(self):
159
184
"""Verify all existing roles."""
160
user1 = {'name': 'demoUser',
162
'tenantId': u.not_null,
164
'email': 'demo@demo.com'}
165
user2 = {'name': 'admin',
167
'tenantId': u.not_null,
169
'email': 'juju@localhost'}
170
user3 = {'name': 'cinder_cinderv2',
172
'tenantId': u.not_null,
174
'email': u'juju@localhost'}
175
expected = [user1, user2, user3]
185
u.log.debug('Checking keystone users...')
189
'tenantId': u.not_null,
191
'email': 'demo@demo.com'},
194
'tenantId': u.not_null,
196
'email': 'juju@localhost'},
197
{'name': 'cinder_cinderv2',
199
'tenantId': u.not_null,
201
'email': u'juju@localhost'}
176
203
actual = self.keystone.users.list()
177
204
ret = u.validate_user_data(expected, actual)
179
206
amulet.raise_status(amulet.FAIL, msg=ret)
181
def test_service_catalog(self):
208
def test_108_service_catalog(self):
182
209
"""Verify that the service catalog endpoint data is valid."""
183
endpoint_vol = {'adminURL': u.valid_url,
184
'region': 'RegionOne',
185
'publicURL': u.valid_url,
186
'internalURL': u.valid_url}
187
endpoint_id = {'adminURL': u.valid_url,
188
'region': 'RegionOne',
189
'publicURL': u.valid_url,
190
'internalURL': u.valid_url}
191
if self._get_openstack_release() > self.precise_essex:
192
endpoint_vol['id'] = u.not_null
193
endpoint_id['id'] = u.not_null
194
expected = {'volume': [endpoint_vol], 'identity': [endpoint_id]}
195
actual = self.keystone_demo.service_catalog.get_endpoints()
210
u.log.debug('Checking keystone service catalog...')
212
'adminURL': u.valid_url,
214
'region': 'RegionOne',
215
'publicURL': u.valid_url,
216
'internalURL': u.valid_url
219
'volume': [endpoint_check],
220
'identity': [endpoint_check]
222
actual = self.keystone.service_catalog.get_endpoints()
197
224
ret = u.validate_svc_catalog_endpoint_data(expected, actual)
199
226
amulet.raise_status(amulet.FAIL, msg=ret)
201
def test_keystone_endpoint(self):
228
def test_110_keystone_endpoint(self):
202
229
"""Verify the keystone endpoint data."""
230
u.log.debug('Checking keystone api endpoint data...')
203
231
endpoints = self.keystone.endpoints.list()
204
232
admin_port = '35357'
205
233
internal_port = public_port = '5000'
206
expected = {'id': u.not_null,
207
'region': 'RegionOne',
208
'adminurl': u.valid_url,
209
'internalurl': u.valid_url,
210
'publicurl': u.valid_url,
211
'service_id': u.not_null}
236
'region': 'RegionOne',
237
'adminurl': u.valid_url,
238
'internalurl': u.valid_url,
239
'publicurl': u.valid_url,
240
'service_id': u.not_null
212
242
ret = u.validate_endpoint_data(endpoints, admin_port, internal_port,
213
243
public_port, expected)
215
245
amulet.raise_status(amulet.FAIL,
216
246
msg='keystone endpoint: {}'.format(ret))
218
def test_cinder_endpoint(self):
248
def test_112_cinder_endpoint(self):
219
249
"""Verify the cinder endpoint data."""
250
u.log.debug('Checking cinder endpoint...')
220
251
endpoints = self.keystone.endpoints.list()
221
252
admin_port = internal_port = public_port = '8776'
222
expected = {'id': u.not_null,
223
'region': 'RegionOne',
224
'adminurl': u.valid_url,
225
'internalurl': u.valid_url,
226
'publicurl': u.valid_url,
227
'service_id': u.not_null}
255
'region': 'RegionOne',
256
'adminurl': u.valid_url,
257
'internalurl': u.valid_url,
258
'publicurl': u.valid_url,
259
'service_id': u.not_null
228
262
ret = u.validate_endpoint_data(endpoints, admin_port, internal_port,
229
263
public_port, expected)
231
265
amulet.raise_status(amulet.FAIL,
232
266
msg='cinder endpoint: {}'.format(ret))
234
def test_keystone_shared_db_relation(self):
268
def test_200_keystone_mysql_shared_db_relation(self):
235
269
"""Verify the keystone shared-db relation data"""
270
u.log.debug('Checking keystone to mysql db relation data...')
236
271
unit = self.keystone_sentry
237
272
relation = ['shared-db', 'mysql:shared-db']
305
343
message = u.relation_error('cinder identity-service', ret)
306
344
amulet.raise_status(amulet.FAIL, msg=message)
308
def test_z_restart_on_config_change(self):
309
"""Verify that keystone is restarted when the config is changed.
311
Note(coreycb): The method name with the _z_ is a little odd
312
but it forces the test to run last. It just makes things
313
easier because restarting services requires re-authorization.
315
self.d.configure('keystone', {'verbose': 'True'})
316
if not u.service_restarted(self.keystone_sentry, 'keystone-all',
317
'/etc/keystone/keystone.conf',
319
self.d.configure('keystone', {'verbose': 'False'})
320
message = "keystone service didn't restart after config change"
321
amulet.raise_status(amulet.FAIL, msg=message)
322
self.d.configure('keystone', {'verbose': 'False'})
324
def test_default_config(self):
325
"""Verify the data in the keystone config file's default section,
346
def test_300_keystone_default_config(self):
347
"""Verify the data in the keystone config file,
326
348
comparing some of the variables vs relation data."""
327
unit = self.keystone_sentry
328
conf = '/etc/keystone/keystone.conf'
329
relation = unit.relation('identity-service', 'cinder:identity-service')
330
expected = {'admin_token': relation['admin_token'],
331
'admin_port': '35347',
332
'public_port': '4990',
333
'use_syslog': 'False',
334
'log_config': '/etc/keystone/logging.conf',
338
ret = u.validate_config_data(unit, conf, 'DEFAULT', expected)
340
message = "keystone config error: {}".format(ret)
341
amulet.raise_status(amulet.FAIL, msg=message)
343
def test_database_config(self):
344
"""Verify the data in the keystone config file's database (or sql
345
depending on release) section, comparing vs relation data."""
346
unit = self.keystone_sentry
347
conf = '/etc/keystone/keystone.conf'
348
relation = self.mysql_sentry.relation('shared-db', 'keystone:shared-db')
349
db_uri = "mysql://{}:{}@{}/{}".format('keystone', relation['password'],
350
relation['db_host'], 'keystone')
351
expected = {'connection': db_uri, 'idle_timeout': '200'}
353
if self._get_openstack_release() > self.precise_havana:
354
ret = u.validate_config_data(unit, conf, 'database', expected)
349
u.log.debug('Checking keystone config file...')
350
unit = self.keystone_sentry
351
conf = '/etc/keystone/keystone.conf'
352
ks_ci_rel = unit.relation('identity-service',
353
'cinder:identity-service')
354
my_ks_rel = self.mysql_sentry.relation('shared-db',
355
'keystone:shared-db')
356
db_uri = "mysql://{}:{}@{}/{}".format('keystone',
357
my_ks_rel['password'],
358
my_ks_rel['db_host'],
364
'admin_token': ks_ci_rel['admin_token'],
365
'use_syslog': 'False',
366
'log_config': '/etc/keystone/logging.conf',
367
'public_endpoint': u.valid_url, # get specific
368
'admin_endpoint': u.valid_url, # get specific
371
'Distribution': 'Ubuntu'
374
'connection': db_uri,
375
'idle_timeout': '200'
379
if self._get_openstack_release() >= self.trusty_kilo:
381
expected['eventlet_server'] = {
382
'admin_bind_host': '0.0.0.0',
383
'public_bind_host': '0.0.0.0',
384
'admin_port': '35347',
385
'public_port': '4990',
356
ret = u.validate_config_data(unit, conf, 'sql', expected)
358
message = "keystone config error: {}".format(ret)
359
amulet.raise_status(amulet.FAIL, msg=message)
389
expected['DEFAULT'].update({
390
'admin_port': '35347',
391
'public_port': '4990',
392
'bind_host': '0.0.0.0',
395
for section, pairs in expected.iteritems():
396
ret = u.validate_config_data(unit, conf, section, pairs)
398
message = "keystone config error: {}".format(ret)
399
amulet.raise_status(amulet.FAIL, msg=message)
401
def test_302_keystone_logging_config(self):
402
"""Verify the data in the keystone logging config file"""
403
u.log.debug('Checking keystone config file...')
404
unit = self.keystone_sentry
405
conf = '/etc/keystone/logging.conf'
412
'keys': 'production,file,devel'
416
'args': "('/var/log/keystone/keystone.log', 'a')"
420
for section, pairs in expected.iteritems():
421
ret = u.validate_config_data(unit, conf, section, pairs)
423
message = "keystone logging config error: {}".format(ret)
424
amulet.raise_status(amulet.FAIL, msg=message)
426
def test_900_keystone_restart_on_config_change(self):
427
"""Verify that the specified services are restarted when the config
429
sentry = self.keystone_sentry
430
juju_service = 'keystone'
432
# Expected default and alternate values
433
set_default = {'use-syslog': 'False'}
434
set_alternate = {'use-syslog': 'True'}
436
# Config file affected by juju set config change
437
conf_file = '/etc/keystone/keystone.conf'
439
# Services which are expected to restart upon config change
440
services = ['keystone-all']
442
# Make config change, check for service restarts
443
u.log.debug('Making config change on {}...'.format(juju_service))
444
self.d.configure(juju_service, set_alternate)
448
u.log.debug("Checking that service restarted: {}".format(s))
449
if not u.service_restarted(sentry, s,
450
conf_file, sleep_time=sleep_time):
451
self.d.configure(juju_service, set_default)
452
msg = "service {} didn't restart after config change".format(s)
453
amulet.raise_status(amulet.FAIL, msg=msg)
456
self.d.configure(juju_service, set_default)