Update configuration options ssh-auth-strategy
Update the configuration options for the new ssh-auth-strategy.
Partially implements: blueprint ssh-auth-strategy
Change-Id: I1908e37d2551760831e338788511db93d5129e16
diff --git a/tempest/api/compute/admin/test_floating_ips_bulk.py b/tempest/api/compute/admin/test_floating_ips_bulk.py
index fe05ddb..456363c 100644
--- a/tempest/api/compute/admin/test_floating_ips_bulk.py
+++ b/tempest/api/compute/admin/test_floating_ips_bulk.py
@@ -38,7 +38,7 @@
@classmethod
def resource_setup(cls):
super(FloatingIPsBulkAdminTestJSON, cls).resource_setup()
- cls.ip_range = CONF.compute.floating_ip_range
+ cls.ip_range = CONF.validation.floating_ip_range
cls.verify_unallocated_floating_ip_range(cls.ip_range)
@classmethod
diff --git a/tempest/api/compute/base.py b/tempest/api/compute/base.py
index 2321b4e..aa8ee3f 100644
--- a/tempest/api/compute/base.py
+++ b/tempest/api/compute/base.py
@@ -101,13 +101,13 @@
super(BaseV2ComputeTest, cls).resource_setup()
cls.build_interval = CONF.compute.build_interval
cls.build_timeout = CONF.compute.build_timeout
- cls.ssh_user = CONF.compute.ssh_user
cls.image_ref = CONF.compute.image_ref
cls.image_ref_alt = CONF.compute.image_ref_alt
cls.flavor_ref = CONF.compute.flavor_ref
cls.flavor_ref_alt = CONF.compute.flavor_ref_alt
- cls.image_ssh_user = CONF.compute.image_ssh_user
- cls.image_ssh_password = CONF.compute.image_ssh_password
+ cls.ssh_user = CONF.validation.image_ssh_user
+ cls.image_ssh_user = CONF.validation.image_ssh_user
+ cls.image_ssh_password = CONF.validation.image_ssh_password
cls.servers = []
cls.images = []
cls.security_groups = []
diff --git a/tempest/cmd/javelin.py b/tempest/cmd/javelin.py
index 826d8e8..991ceca 100755
--- a/tempest/cmd/javelin.py
+++ b/tempest/cmd/javelin.py
@@ -492,24 +492,26 @@
for network_name, body in found['addresses'].items():
for addr in body:
ip = addr['addr']
- # If floatingip_for_ssh is at True, it's assumed
- # you want to use the floating IP to reach the server,
- # fallback to fixed IP, then other type.
+ # Use floating IP, fixed IP or other type to
+ # reach the server.
# This is useful in multi-node environment.
- if CONF.compute.use_floatingip_for_ssh:
+ if CONF.validation.connect_method == 'floating':
if addr.get('OS-EXT-IPS:type',
'floating') == 'floating':
self._ping_ip(ip, 60)
_floating_is_alive = True
- elif addr.get('OS-EXT-IPS:type', 'fixed') == 'fixed':
- namespace = _get_router_namespace(client,
- network_name)
- self._ping_ip(ip, 60, namespace)
+ elif CONF.validation.connect_method == 'fixed':
+ if addr.get('OS-EXT-IPS:type',
+ 'fixed') == 'fixed':
+ namespace = _get_router_namespace(client,
+ network_name)
+ self._ping_ip(ip, 60, namespace)
else:
self._ping_ip(ip, 60)
- # if floatingip_for_ssh is at True, validate found a
- # floating IP and ping worked.
- if CONF.compute.use_floatingip_for_ssh:
+ # If CONF.validation.connect_method is floating, validate
+ # that the floating IP is attached to the server and the
+ # the server is pingable.
+ if CONF.validation.connect_method == 'floating':
self.assertTrue(_floating_is_alive,
"Server %s has no floating IP." %
server['name'])
@@ -903,7 +905,7 @@
# create security group(s) after server spawning
for secgroup in server['secgroups']:
client.servers.add_security_group(server_id, name=secgroup)
- if CONF.compute.use_floatingip_for_ssh:
+ if CONF.validation.connect_method == 'floating':
floating_ip_pool = server.get('floating_ip_pool')
floating_ip = client.floating_ips.create_floating_ip(
pool_name=floating_ip_pool)['floating_ip']
diff --git a/tempest/common/utils/linux/remote_client.py b/tempest/common/utils/linux/remote_client.py
index 025b79f..6150b4d 100644
--- a/tempest/common/utils/linux/remote_client.py
+++ b/tempest/common/utils/linux/remote_client.py
@@ -31,7 +31,7 @@
# NOTE(afazekas): It should always get an address instead of server
def __init__(self, server, username, password=None, pkey=None):
ssh_timeout = CONF.validation.ssh_timeout
- network = CONF.compute.network_for_ssh
+ network = CONF.validation.network_for_ssh
ip_version = CONF.validation.ip_version_for_ssh
connect_timeout = CONF.validation.connect_timeout
if isinstance(server, six.string_types):
@@ -51,7 +51,7 @@
def exec_command(self, cmd):
# Shell options below add more clearness on failures,
# path is extended for some non-cirros guest oses (centos7)
- cmd = CONF.compute.ssh_shell_prologue + " " + cmd
+ cmd = CONF.validation.ssh_shell_prologue + " " + cmd
LOG.debug("Remote command: %s" % cmd)
return self.ssh_client.exec_command(cmd)
@@ -94,8 +94,8 @@
cmd = 'sudo sh -c "echo \\"%s\\" >/dev/console"' % message
return self.exec_command(cmd)
- def ping_host(self, host, count=CONF.compute.ping_count,
- size=CONF.compute.ping_size, nic=None):
+ def ping_host(self, host, count=CONF.validation.ping_count,
+ size=CONF.validation.ping_size, nic=None):
addr = netaddr.IPAddress(host)
cmd = 'ping6' if addr.version == 6 else 'ping'
if nic:
diff --git a/tempest/config.py b/tempest/config.py
index a6212fb..0da502c 100644
--- a/tempest/config.py
+++ b/tempest/config.py
@@ -231,12 +231,6 @@
cfg.StrOpt('flavor_ref_alt',
default="2",
help='Valid secondary flavor to be used in tests.'),
- cfg.StrOpt('image_ssh_user',
- default="root",
- help="User name used to authenticate to an instance."),
- cfg.StrOpt('image_ssh_password',
- default="password",
- help="Password used to authenticate to an instance."),
cfg.IntOpt('build_interval',
default=1,
help="Time in seconds between build status checks."),
@@ -245,41 +239,6 @@
help="Timeout in seconds to wait for an instance to build. "
"Other services that do not define build_timeout will "
"inherit this value."),
- cfg.StrOpt('ssh_shell_prologue',
- default="set -eu -o pipefail; PATH=$$PATH:/sbin;",
- help="Shell fragments to use before executing a command "
- "when sshing to a guest."),
- cfg.StrOpt('ssh_auth_method',
- default='keypair',
- choices=('keypair', 'configured', 'adminpass', 'disabled'),
- help="Auth method used for authenticate to the instance. "
- "Valid choices are: keypair, configured, adminpass "
- "and disabled. "
- "Keypair: start the servers with a ssh keypair. "
- "Configured: use the configured user and password. "
- "Adminpass: use the injected adminPass. "
- "Disabled: avoid using ssh when it is an option."),
- cfg.StrOpt('ssh_connect_method',
- default='floating',
- choices=('fixed', 'floating'),
- help="How to connect to the instance? "
- "fixed: using the first ip belongs the fixed network "
- "floating: creating and using a floating ip."),
- cfg.StrOpt('ssh_user',
- default='root',
- help="User name used to authenticate to an instance."),
- cfg.IntOpt('ping_timeout',
- default=120,
- help="Timeout in seconds to wait for ping to "
- "succeed."),
- cfg.IntOpt('ping_size',
- default=56,
- help="The packet size for ping packets originating "
- "from remote linux hosts"),
- cfg.IntOpt('ping_count',
- default=1,
- help="The number of ping packets originating from remote "
- "linux hosts"),
cfg.IntOpt('ready_wait',
default=0,
help="Additional wait time for clean state, when there is "
@@ -291,13 +250,6 @@
"servers if tempest does not create a network or a "
"network is not specified elsewhere. It may be used for "
"ssh validation only if floating IPs are disabled."),
- cfg.StrOpt('network_for_ssh',
- default='public',
- help="Network used for SSH connections. Ignored if "
- "use_floatingip_for_ssh=true or run_validation=false."),
- cfg.BoolOpt('use_floatingip_for_ssh',
- default=True,
- help="Does SSH use Floating IPs?"),
cfg.StrOpt('catalog_type',
default='compute',
help="Catalog type of the Compute service."),
@@ -323,12 +275,6 @@
'when shelved. This time should be the same as the time '
'of nova.conf, and some tests will run for as long as the '
'time.'),
- cfg.StrOpt('floating_ip_range',
- default='10.0.0.0/29',
- help='Unallocated floating IP range, which will be used to '
- 'test the floating IP bulk feature for CRUD operation. '
- 'This block must not overlap an existing floating IP '
- 'pool.'),
cfg.IntOpt('min_compute_nodes',
default=1,
help=('The minimum number of compute nodes expected. This will '
@@ -672,9 +618,7 @@
cfg.BoolOpt('run_validation',
default=False,
help='Enable ssh on created servers and creation of additional'
- ' validation resources to enable remote access',
- deprecated_opts=[cfg.DeprecatedOpt('run_ssh',
- group='compute')]),
+ ' validation resources to enable remote access'),
cfg.BoolOpt('security_group',
default=True,
help='Enable/disable security groups.'),
@@ -686,31 +630,77 @@
choices=['fixed', 'floating'],
help='Default IP type used for validation: '
'-fixed: uses the first IP belonging to the fixed network '
- '-floating: creates and uses a floating IP'),
+ '-floating: creates and uses a floating IP',
+ deprecated_opts=[cfg.DeprecatedOpt('use_floatingip_for_ssh',
+ group='compute')]),
cfg.StrOpt('auth_method',
default='keypair',
choices=['keypair'],
help='Default authentication method to the instance. '
'Only ssh via keypair is supported for now. '
- 'Additional methods will be handled in a separate spec.'),
+ 'Additional methods will be handled in a separate spec.',
+ deprecated_opts=[cfg.DeprecatedOpt('ssh_auth_method',
+ group='compute')]),
cfg.IntOpt('ip_version_for_ssh',
default=4,
- help='Default IP version for ssh connections.',
- deprecated_opts=[cfg.DeprecatedOpt('ip_version_for_ssh',
- group='compute')]),
+ help='Default IP version for ssh connections.'),
cfg.IntOpt('ping_timeout',
default=120,
- help='Timeout in seconds to wait for ping to succeed.'),
+ help='Timeout in seconds to wait for ping to succeed.',
+ deprecated_opts=[cfg.DeprecatedOpt('ping_timeout',
+ group='compute')]),
cfg.IntOpt('connect_timeout',
default=60,
help='Timeout in seconds to wait for the TCP connection to be '
- 'successful.',
- deprecated_opts=[cfg.DeprecatedOpt('ssh_channel_timeout',
- group='compute')]),
+ 'successful.'),
cfg.IntOpt('ssh_timeout',
default=300,
- help='Timeout in seconds to wait for the ssh banner.',
- deprecated_opts=[cfg.DeprecatedOpt('ssh_timeout',
+ help='Timeout in seconds to wait for the ssh banner.'),
+ cfg.StrOpt('image_ssh_user',
+ default="root",
+ help="User name used to authenticate to an instance.",
+ deprecated_opts=[cfg.DeprecatedOpt('image_ssh_user',
+ group='compute'),
+ cfg.DeprecatedOpt('ssh_user',
+ group='compute'),
+ cfg.DeprecatedOpt('ssh_user',
+ group='scenario')]),
+ cfg.StrOpt('image_ssh_password',
+ default="password",
+ help="Password used to authenticate to an instance.",
+ deprecated_opts=[cfg.DeprecatedOpt('image_ssh_password',
+ group='compute')]),
+ cfg.StrOpt('ssh_shell_prologue',
+ default="set -eu -o pipefail; PATH=$$PATH:/sbin;",
+ help="Shell fragments to use before executing a command "
+ "when sshing to a guest.",
+ deprecated_opts=[cfg.DeprecatedOpt('ssh_shell_prologue',
+ group='compute')]),
+ cfg.IntOpt('ping_size',
+ default=56,
+ help="The packet size for ping packets originating "
+ "from remote linux hosts",
+ deprecated_opts=[cfg.DeprecatedOpt('ping_size',
+ group='compute')]),
+ cfg.IntOpt('ping_count',
+ default=1,
+ help="The number of ping packets originating from remote "
+ "linux hosts",
+ deprecated_opts=[cfg.DeprecatedOpt('ping_count',
+ group='compute')]),
+ cfg.StrOpt('floating_ip_range',
+ default='10.0.0.0/29',
+ help='Unallocated floating IP range, which will be used to '
+ 'test the floating IP bulk feature for CRUD operation. '
+ 'This block must not overlap an existing floating IP '
+ 'pool.',
+ deprecated_opts=[cfg.DeprecatedOpt('floating_ip_range',
+ group='compute')]),
+ cfg.StrOpt('network_for_ssh',
+ default='public',
+ help="Network used for SSH connections. Ignored if "
+ "use_floatingip_for_ssh=true or run_validation=false.",
+ deprecated_opts=[cfg.DeprecatedOpt('network_for_ssh',
group='compute')]),
]
@@ -1126,9 +1116,6 @@
cfg.StrOpt('aki_img_file',
default='cirros-0.3.1-x86_64-vmlinuz',
help='AKI image file name'),
- cfg.StrOpt('ssh_user',
- default='cirros',
- help='ssh username for the image file'),
cfg.IntOpt(
'large_ops_number',
default=0,
diff --git a/tempest/scenario/manager.py b/tempest/scenario/manager.py
index c304136..501374f 100644
--- a/tempest/scenario/manager.py
+++ b/tempest/scenario/manager.py
@@ -359,7 +359,7 @@
if isinstance(server_or_ip, six.string_types):
ip = server_or_ip
else:
- addrs = server_or_ip['addresses'][CONF.compute.network_for_ssh]
+ addrs = server_or_ip['addresses'][CONF.validation.network_for_ssh]
try:
ip = (addr['addr'] for addr in addrs if
netaddr.valid_ipv4(addr['addr'])).next()
@@ -368,7 +368,7 @@
"remote server.")
if username is None:
- username = CONF.scenario.ssh_user
+ username = CONF.validation.image_ssh_user
# Set this with 'keypair' or others to log in with keypair or
# username/password.
if CONF.validation.auth_method == 'keypair':
@@ -376,7 +376,7 @@
if private_key is None:
private_key = self.keypair['private_key']
else:
- password = CONF.compute.image_ssh_password
+ password = CONF.validation.image_ssh_password
private_key = None
linux_client = remote_client.RemoteClient(ip, username,
pkey=private_key,
@@ -1095,7 +1095,7 @@
return rules
def _ssh_to_server(self, server, private_key):
- ssh_login = CONF.compute.image_ssh_user
+ ssh_login = CONF.validation.image_ssh_user
return self.get_remote_client(server,
username=ssh_login,
private_key=private_key)
diff --git a/tempest/scenario/test_network_advanced_server_ops.py b/tempest/scenario/test_network_advanced_server_ops.py
index a45a730..5a991de 100644
--- a/tempest/scenario/test_network_advanced_server_ops.py
+++ b/tempest/scenario/test_network_advanced_server_ops.py
@@ -74,7 +74,7 @@
def _check_network_connectivity(self, server, keypair, floating_ip,
should_connect=True):
- username = CONF.compute.image_ssh_user
+ username = CONF.validation.image_ssh_user
private_key = keypair['private_key']
self._check_tenant_network_connectivity(
server, username, private_key,
diff --git a/tempest/scenario/test_network_basic_ops.py b/tempest/scenario/test_network_basic_ops.py
index 20ccc59..a238a56 100644
--- a/tempest/scenario/test_network_basic_ops.py
+++ b/tempest/scenario/test_network_basic_ops.py
@@ -172,7 +172,7 @@
return self.keypairs[server['key_name']]['private_key']
def _check_tenant_network_connectivity(self):
- ssh_login = CONF.compute.image_ssh_user
+ ssh_login = CONF.validation.image_ssh_user
for server in self.servers:
# call the common method in the parent class
super(TestNetworkBasicOps, self).\
@@ -195,7 +195,7 @@
:param should_check_floating_ip_status: bool. should status of
floating_ip be checked or not
"""
- ssh_login = CONF.compute.image_ssh_user
+ ssh_login = CONF.validation.image_ssh_user
floating_ip, server = self.floating_ip_tuple
ip_address = floating_ip.floating_ip_address
private_key = None
diff --git a/tempest/scenario/test_network_v6.py b/tempest/scenario/test_network_v6.py
index d6ad46a..40c7680 100644
--- a/tempest/scenario/test_network_v6.py
+++ b/tempest/scenario/test_network_v6.py
@@ -114,7 +114,7 @@
return ips
def prepare_server(self, networks=None):
- username = CONF.compute.image_ssh_user
+ username = CONF.validation.image_ssh_user
networks = networks or [self.network]
diff --git a/tempest/scenario/test_security_groups_basic_ops.py b/tempest/scenario/test_security_groups_basic_ops.py
index e266dc2..4e5a1e0 100644
--- a/tempest/scenario/test_security_groups_basic_ops.py
+++ b/tempest/scenario/test_security_groups_basic_ops.py
@@ -512,7 +512,7 @@
tenant = self.primary_tenant
ip = self._get_server_ip(tenant.access_point,
floating=self.floating_ip_access)
- ssh_login = CONF.compute.image_ssh_user
+ ssh_login = CONF.validation.image_ssh_user
private_key = tenant.keypair['private_key']
self.check_vm_connectivity(ip,
should_connect=False)
diff --git a/tempest/stress/actions/volume_attach_verify.py b/tempest/stress/actions/volume_attach_verify.py
index 2a23291..8bbbfc4 100644
--- a/tempest/stress/actions/volume_attach_verify.py
+++ b/tempest/stress/actions/volume_attach_verify.py
@@ -161,7 +161,7 @@
self._create_sec_group()
self._create_keypair()
private_key = self.key['private_key']
- username = CONF.compute.image_ssh_user
+ username = CONF.validation.image_ssh_user
self.remote_client = remote_client.RemoteClient(self.floating['ip'],
username,
pkey=private_key)
diff --git a/tempest/tests/common/utils/linux/test_remote_client.py b/tempest/tests/common/utils/linux/test_remote_client.py
index e596aab..6b02d02 100644
--- a/tempest/tests/common/utils/linux/test_remote_client.py
+++ b/tempest/tests/common/utils/linux/test_remote_client.py
@@ -29,7 +29,7 @@
self.useFixture(fake_config.ConfigFixture())
self.stubs.Set(config, 'TempestConfigPrivate', fake_config.FakePrivate)
cfg.CONF.set_default('ip_version_for_ssh', 4, group='validation')
- cfg.CONF.set_default('network_for_ssh', 'public', group='compute')
+ cfg.CONF.set_default('network_for_ssh', 'public', group='validation')
cfg.CONF.set_default('connect_timeout', 1, group='validation')
self.conn = remote_client.RemoteClient('127.0.0.1', 'user', 'pass')
diff --git a/tempest/thirdparty/boto/test_ec2_instance_run.py b/tempest/thirdparty/boto/test_ec2_instance_run.py
index 6c1b362..8fe9406 100644
--- a/tempest/thirdparty/boto/test_ec2_instance_run.py
+++ b/tempest/thirdparty/boto/test_ec2_instance_run.py
@@ -280,7 +280,7 @@
# NOTE(afazekas): it may be reports available before it is available
ssh = remote_client.RemoteClient(address.public_ip,
- CONF.compute.ssh_user,
+ CONF.validation.image_ssh_user,
pkey=self.keypair.material)
text = data_utils.rand_name("Pattern text for console output")
try: