diff --git a/ranger-tempest-plugin/ranger_tempest_plugin/config.py b/ranger-tempest-plugin/ranger_tempest_plugin/config.py index cc005340..1a8cfc9f 100755 --- a/ranger-tempest-plugin/ranger_tempest_plugin/config.py +++ b/ranger-tempest-plugin/ranger_tempest_plugin/config.py @@ -60,6 +60,12 @@ OrmGroup = [ help="Ranger Image Service URL"), cfg.StrOpt("RANGER_RMS_BASE_URL", help="Ranger Region Service URL"), + cfg.BoolOpt('verify', + default=False, + help='Flag for SSL verfiy Enabled/Disabled.'), + cfg.BoolOpt('auth_enabled', + default=False, + help='Token Authentication enabled/disabled'), cfg.ListOpt("flavor_series", default=['xx'], help="Supported flavor series") diff --git a/ranger-tempest-plugin/ranger_tempest_plugin/services/base_client.py b/ranger-tempest-plugin/ranger_tempest_plugin/services/base_client.py index 769d7843..3ecc98bf 100755 --- a/ranger-tempest-plugin/ranger_tempest_plugin/services/base_client.py +++ b/ranger-tempest-plugin/ranger_tempest_plugin/services/base_client.py @@ -14,7 +14,7 @@ # under the License. import json - +import requests from tempest import config from tempest.lib import auth from tempest.lib.common import rest_client @@ -22,10 +22,120 @@ from tempest.lib.common import rest_client CONF = config.CONF +class ResponseError(Exception): + pass + + +class ConnectionError(Exception): + pass + + class RangerClientBase(rest_client.RestClient): + rms_url = CONF.ranger.RANGER_RMS_BASE_URL + auth_region = CONF.identity.region + timeout = 10 + + # def get_keystone_ep(rms_url, region_name): + def get_keystone_ep(self, rms_url, region_name): + """Get the Keystone EP from RMS. + + :param rms_url: RMS server URL + :param region_name: The region name + :return: Keystone EP (string), None if it was not found + """ + try: + response = requests.get('%s/v2/orm/regions?regionname=%s' % ( + rms_url, region_name, ), verify=CONF.ranger.verify) + except requests.exceptions.ConnectionError as e: + print('Could not connect to RMS, URL: {}'.format(rms_url)) + return None + + if response.status_code != 200: + print('RMS returned status: {}, content: {}'.format( + response.status_code, response.content)) + return None + + # get the identity URL info from the rms region record + lcp = response.json() + try: + for endpoint in lcp['regions'][0]['endpoints']: + if endpoint['type'] == 'identity': + return endpoint['publicURL'] + except KeyError: + print('Key error while attempting to get keystone endpoint. ' + 'Please investigate.') + return None + + # Keystone EP not found in the response + print('No identity endpoint was found in the response from RMS') + return None + + def get_token(self, timeout, host): + headers = { + 'Content-Type': 'application/json', + } + url = '%s/v3/auth/tokens' + data = ''' +{ + "auth":{ + "identity":{ + "methods":[ + "password" + ], + "password":{ + "user":{ + "domain":{ + "name":"%s" + }, + "name":"%s", + "password":"%s" + } + } + }, + "scope":{ + "project":{ + "name":"%s", + "domain":{ + "name":"%s" + } + } + } + } +}''' + if not CONF.ranger.auth_enabled: + return None + + region = self.auth_region + + keystone_ep = self.get_keystone_ep('{}'.format(host), region) + if keystone_ep is None: + raise ConnectionError( + 'Failed in get_token, host: {}, region: {}'.format(host, + region)) + + url = url % (keystone_ep,) + data = data % (CONF.auth.admin_domain_name, + CONF.auth.admin_username, + CONF.auth.admin_password, + CONF.auth.admin_project_name, + CONF.auth.admin_domain_name,) + + try: + resp = requests.post(url, timeout=timeout, data=data, headers=headers) + if resp.status_code != 201: + raise ResponseError( + 'Failed to get token (Reason: {})'.format( + resp.status_code)) + return resp.headers['x-subject-token'] + + except Exception as e: + print e.message + raise ConnectionError(e.message) + def get_headers(self): headers = {'X-Auth-Region': CONF.identity.region, + 'X-Auth-Token': self.get_token(self.timeout, self.rms_url), 'X-RANGER-Tracking-Id': 'test', 'X-RANGER-Requester': CONF.auth.admin_username, 'X-RANGER-Client': 'cli', diff --git a/ranger-tempest-plugin/ranger_tempest_plugin/services/fms_client.py b/ranger-tempest-plugin/ranger_tempest_plugin/services/fms_client.py index 3b78f1c9..cb6afc78 100755 --- a/ranger-tempest-plugin/ranger_tempest_plugin/services/fms_client.py +++ b/ranger-tempest-plugin/ranger_tempest_plugin/services/fms_client.py @@ -29,24 +29,10 @@ class FmsClient(base_client.RangerClientBase): fms_url = CONF.ranger.RANGER_FMS_BASE_URL version = "v1" - def get_extra_headers(self): - headers = {'X-Auth-Region': CONF.identity.region, - 'X-RANGER-Tracking-Id': 'test', - 'X-RANGER-Requester': CONF.auth.admin_username, - 'X-RANGER-Client': 'cli' - } - return headers - def create_flavor(self, **kwargs): uri = '%s/%s/orm/flavors' % (self.fms_url, self.version) post_body = {"flavor": kwargs} post_body = json.dumps(post_body) - # ex_headers = self.get_headers() - # resp, body = self.post(uri, body=post_body, - # extra_headers=ex_headers) - # body = json.loads(body) - # self.validate_response(schema.create_flavor, resp, body) - # return rest_client.ResponseBody(resp, body["flavor"]) return self.post_request(uri, post_body, schema.create_flavor) def get_flavor(self, identifier, para=None): @@ -63,12 +49,6 @@ class FmsClient(base_client.RangerClientBase): uri = '%s/%s/orm/flavors' % (self.fms_url, self.version) else: uri = '%s/%s/orm/flavors/%s' % (self.fms_url, self.version, para) - # ex_headers = self.get_headers() - # resp, body = self.get(url, extra_headers=ex_headers) - # self.expected_success(200, resp.status) - # body = json.loads(body) - # self.validate_response(schema.list_flavors, resp, body) - # return rest_client.ResponseBody(resp, body) return self.get_request(uri, schema.list_flavors) def delete_region_from_flavor(self, flavor_id, region_id): diff --git a/ranger-tempest-plugin/ranger_tempest_plugin/services/ims_client.py b/ranger-tempest-plugin/ranger_tempest_plugin/services/ims_client.py index 0b2b5fc7..f560f436 100755 --- a/ranger-tempest-plugin/ranger_tempest_plugin/services/ims_client.py +++ b/ranger-tempest-plugin/ranger_tempest_plugin/services/ims_client.py @@ -27,16 +27,6 @@ class ImsClient(base_client.RangerClientBase): ims_url = CONF.ranger.RANGER_IMS_BASE_URL version = "v1" - def get_headers(self): - headers = {'Content-Type': 'application/json', - 'Accept': 'application/json', - 'X-Auth-Region': CONF.identity.region, - 'X-RANGER-Tracking-Id': 'test', - 'X-RANGER-Requester': CONF.auth.admin_username, - 'X-RANGER-Client': 'cli' - } - return headers - def create_image(self, **kwargs): uri = '%s/%s/orm/images' % (self.ims_url, self.version) post_body = {"image": kwargs} diff --git a/ranger-tempest-plugin/tempest_setup/tempest.conf b/ranger-tempest-plugin/tempest_setup/tempest.conf index 8a980340..af3020d5 100644 --- a/ranger-tempest-plugin/tempest_setup/tempest.conf +++ b/ranger-tempest-plugin/tempest_setup/tempest.conf @@ -110,11 +110,18 @@ storage_protocol = iSCSI multi_backend = false [ranger] -# change uri IP address as needed +### set ranger RMS service URL # RANGER_RMS_BASE_URL='https://:443' +### set ranger CMS service URL # RANGER_CMS_BASE_URL='https://:443' +### set ranger FMS service URL # RANGER_FMS_BASE_URL='https://:443' +### set ranger IMS service URL # RANGER_IMS_BASE_URL='https://:443' +### uncomment below to set verify = TRUE +# verify=True +### uncomment to set token authentication ON +# auth_enabled=True catalog_type = ranger -# uncomment flavor_series and set it accordingly +### uncomment flavor_series and set it accordingly # flavor_series =