#!/bin/bash
#
# lib/tempest
# Install and configure Tempest
# Dependencies:
#
# - ``functions`` file
# - ``lib/nova`` service is running
# - Global vars that are assumed to be defined:
# - ``DEST``, ``FILES``
# - ``ADMIN_PASSWORD``
# - ``DEFAULT_IMAGE_NAME``
# - ``S3_SERVICE_PORT``
# - ``SERVICE_HOST``
# - ``BASE_SQL_CONN`` ``lib/database`` declares
# - ``PUBLIC_NETWORK_NAME``
# - ``Q_USE_NAMESPACE``
# - ``Q_ROUTER_NAME``
# - ``Q_L3_ENABLED``
# - ``VIRT_DRIVER``
# - ``LIBVIRT_TYPE``
# - ``KEYSTONE_SERVICE_PROTOCOL``, ``KEYSTONE_SERVICE_HOST`` from lib/keystone
#
# Optional Dependencies:
#
# - ``ALT_*`` (similar vars exists in keystone_data.sh)
# - ``LIVE_MIGRATION_AVAILABLE``
# - ``USE_BLOCK_MIGRATION_FOR_LIVE_MIGRATION``
# - ``DEFAULT_INSTANCE_TYPE``
# - ``DEFAULT_INSTANCE_USER``
# - ``CINDER_ENABLED_BACKENDS``
# - ``NOVA_ALLOW_DUPLICATE_NETWORKS``
#
# ``stack.sh`` calls the entry points in this order:
#
# - install_tempest
# - configure_tempest
# - init_tempest
# Save trace setting
XTRACE=$(set +o | grep xtrace)
set +o xtrace
# Defaults
# --------
# Set up default directories
GITDIR["tempest-lib"]=$DEST/tempest-lib
TEMPEST_DIR=$DEST/tempest
TEMPEST_CONFIG_DIR=${TEMPEST_CONFIG_DIR:-$TEMPEST_DIR/etc}
TEMPEST_CONFIG=$TEMPEST_CONFIG_DIR/tempest.conf
TEMPEST_STATE_PATH=${TEMPEST_STATE_PATH:=$DATA_DIR/tempest}
NOVA_SOURCE_DIR=$DEST/nova
BUILD_INTERVAL=1
# This is the timeout that tempest will wait for a VM to change state,
# spawn, delete, etc.
# The default is set to 196 seconds.
BUILD_TIMEOUT=${BUILD_TIMEOUT:-196}
# This must be False on stable branches, as master tempest
# deps do not match stable branch deps. Set this to True to
# have tempest installed in DevStack by default.
INSTALL_TEMPEST=${INSTALL_TEMPEST:-"False"}
BOTO_MATERIALS_PATH="$FILES/images/s3-materials/cirros-${CIRROS_VERSION}"
BOTO_CONF=/etc/boto.cfg
# This variable is passed directly to pip install inside the common tox venv
# that is created
TEMPEST_PLUGINS=${TEMPEST_PLUGINS:-0}
# Cinder/Volume variables
TEMPEST_VOLUME_DRIVER=${TEMPEST_VOLUME_DRIVER:-default}
TEMPEST_DEFAULT_VOLUME_VENDOR="Open Source"
TEMPEST_VOLUME_VENDOR=${TEMPEST_VOLUME_VENDOR:-$TEMPEST_DEFAULT_VOLUME_VENDOR}
TEMPEST_DEFAULT_STORAGE_PROTOCOL="iSCSI"
TEMPEST_STORAGE_PROTOCOL=${TEMPEST_STORAGE_PROTOCOL:-$TEMPEST_DEFAULT_STORAGE_PROTOCOL}
# Neutron/Network variables
IPV6_ENABLED=$(trueorfalse True IPV6_ENABLED)
IPV6_SUBNET_ATTRIBUTES_ENABLED=$(trueorfalse True IPV6_SUBNET_ATTRIBUTES_ENABLED)
# Do we want to make a configuration where Tempest has admin on
# the cloud. We don't always want to so that we can ensure Tempest
# would work on a public cloud.
TEMPEST_HAS_ADMIN=$(trueorfalse True TEMPEST_HAS_ADMIN)
# Credential provider configuration option variables
TEMPEST_ALLOW_TENANT_ISOLATION=${TEMPEST_ALLOW_TENANT_ISOLATION:-$TEMPEST_HAS_ADMIN}
TEMPEST_USE_TEST_ACCOUNTS=$(trueorfalse False TEMPEST_USE_TEST_ACCOUNTS)
# The number of workers tempest is expected to be run with. This is used for
# generating a accounts.yaml for running with test-accounts. This is also the
# same variable that devstack-gate uses to specify the number of workers that
# it will run tempest with
TEMPEST_CONCURRENCY=${TEMPEST_CONCURRENCY:-$(nproc)}
# Functions
# ---------
# remove_disabled_extension - removes disabled extensions from the list of extensions
# to test for a given service
function remove_disabled_extensions {
local extensions_list=$1
shift
local disabled_exts=$*
remove_disabled_services "$extensions_list" "$disabled_exts"
}
# configure_tempest() - Set config files, create data dirs, etc
function configure_tempest {
if [[ "$INSTALL_TEMPEST" == "True" ]]; then
setup_develop $TEMPEST_DIR
else
# install testr since its used to process tempest logs
pip_install_gr testrepository
fi
# Used during configuration so make sure we have the correct
# version installed
pip_install_gr python-openstackclient
local image_lines
local images
local num_images
local image_uuid
local image_uuid_alt
local password
local line
local flavors
local available_flavors
local flavors_ref
local flavor_lines
local public_network_id
local public_router_id
local tenant_networks_reachable
local boto_instance_type="m1.tiny"
local ssh_connect_method="floating"
# Save IFS
ifs=$IFS
# Glance should already contain images to be used in tempest
# testing. Here we simply look for images stored in Glance
# and set the appropriate variables for use in the tempest config
# We ignore ramdisk and kernel images, look for the default image
# ``DEFAULT_IMAGE_NAME``. If not found, we set the ``image_uuid`` to the
# first image returned and set ``image_uuid_alt`` to the second,
# if there is more than one returned...
# ... Also ensure we only take active images, so we don't get snapshots in process
declare -a images
if is_service_enabled glance; then
while read -r IMAGE_NAME IMAGE_UUID; do
if [ "$IMAGE_NAME" = "$DEFAULT_IMAGE_NAME" ]; then
image_uuid="$IMAGE_UUID"
image_uuid_alt="$IMAGE_UUID"
fi
images+=($IMAGE_UUID)
done < <(openstack image list --property status=active | awk -F'|' '!/^(+--)|ID|aki|ari/ { print $3,$2 }')
case "${#images[*]}" in
0)
echo "Found no valid images to use!"
exit 1
;;
1)
if [ -z "$image_uuid" ]; then
image_uuid=${images[0]}
image_uuid_alt=${images[0]}
fi
;;
*)
if [ -z "$image_uuid" ]; then
image_uuid=${images[0]}
image_uuid_alt=${images[1]}
fi
;;
esac
fi
# (Re)create ``tempest.conf``
# Create every time because the image UUIDS are going to change
sudo install -d -o $STACK_USER $TEMPEST_CONFIG_DIR
rm -f $TEMPEST_CONFIG
password=${ADMIN_PASSWORD:-secrete}
# See ``lib/keystone`` where these users and tenants are set up
ADMIN_USERNAME=${ADMIN_USERNAME:-admin}
ADMIN_TENANT_NAME=${ADMIN_TENANT_NAME:-admin}
ADMIN_DOMAIN_NAME=${ADMIN_DOMAIN_NAME:-Default}
TEMPEST_USERNAME=${TEMPEST_USERNAME:-demo}
TEMPEST_TENANT_NAME=${TEMPEST_TENANT_NAME:-demo}
ALT_USERNAME=${ALT_USERNAME:-alt_demo}
ALT_TENANT_NAME=${ALT_TENANT_NAME:-alt_demo}
ADMIN_TENANT_ID=$(openstack project list | awk "/ admin / { print \$2 }")
if is_service_enabled nova; then
# If ``DEFAULT_INSTANCE_TYPE`` is not declared, use the new behavior
# Tempest creates its own instance types
if [[ -z "$DEFAULT_INSTANCE_TYPE" ]]; then
available_flavors=$(nova flavor-list)
if [[ ! ( $available_flavors =~ 'm1.nano' ) ]]; then
if is_arch "ppc64"; then
# Qemu needs at least 128MB of memory to boot on ppc64
nova flavor-create m1.nano 42 128 0 1
else
nova flavor-create m1.nano 42 64 0 1
fi
fi
flavor_ref=42
boto_instance_type=m1.nano
if [[ ! ( $available_flavors =~ 'm1.micro' ) ]]; then
if is_arch "ppc64"; then
nova flavor-create m1.micro 84 256 0 1
else
nova flavor-create m1.micro 84 128 0 1
fi
fi
flavor_ref_alt=84
else
# Check Nova for existing flavors, if ``DEFAULT_INSTANCE_TYPE`` is set use it.
boto_instance_type=$DEFAULT_INSTANCE_TYPE
flavor_lines=`nova flavor-list`
IFS=$'\r\n'
flavors=""
for line in $flavor_lines; do
f=$(echo $line | awk "/ $DEFAULT_INSTANCE_TYPE / { print \$2 }")
flavors="$flavors $f"
done
for line in $flavor_lines; do
flavors="$flavors `echo $line | grep -v "^\(|\s*ID\|+--\)" | cut -d' ' -f2`"
done
IFS=" "
flavors=($flavors)
num_flavors=${#flavors[*]}
echo "Found $num_flavors flavors"
if [[ $num_flavors -eq 0 ]]; then
echo "Found no valid flavors to use!"
exit 1
fi
flavor_ref=${flavors[0]}
flavor_ref_alt=$flavor_ref
# Ensure ``flavor_ref`` and ``flavor_ref_alt`` have different values.
# Some resize instance in tempest tests depends on this.
for f in ${flavors[@]:1}; do
if [[ $f -ne $flavor_ref ]]; then
flavor_ref_alt=$f
break
fi
done
fi
fi
if [ "$Q_USE_NAMESPACE" != "False" ]; then
tenant_networks_reachable=false
else
tenant_networks_reachable=true
fi
ssh_connect_method=${TEMPEST_SSH_CONNECT_METHOD:-$ssh_connect_method}
if [ "$Q_L3_ENABLED" = "True" ]; then
public_network_id=$(neutron net-list | grep $PUBLIC_NETWORK_NAME | \
awk '{print $2}')
if [ "$Q_USE_NAMESPACE" == "False" ]; then
# If namespaces are disabled, DevStack will create a single
# public router that tempest should be configured to use.
public_router_id=$(neutron router-list | awk "/ $Q_ROUTER_NAME / \
{ print \$2 }")
fi
fi
EC2_URL=$(get_endpoint_url ec2 public || true)
if [[ -z $EC2_URL ]]; then
EC2_URL="$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/"
fi
S3_URL=$(get_endpoint_url s3 public || true)
if [[ -z $S3_URL ]]; then
S3_URL="http://$SERVICE_HOST:${S3_SERVICE_PORT:-3333}"
fi
iniset $TEMPEST_CONFIG DEFAULT use_syslog $SYSLOG
# Oslo
iniset $TEMPEST_CONFIG oslo_concurrency lock_path $TEMPEST_STATE_PATH
mkdir -p $TEMPEST_STATE_PATH
iniset $TEMPEST_CONFIG DEFAULT use_stderr False
iniset $TEMPEST_CONFIG DEFAULT log_file tempest.log
iniset $TEMPEST_CONFIG DEFAULT debug True
# Timeouts
iniset $TEMPEST_CONFIG compute build_timeout $BUILD_TIMEOUT
iniset $TEMPEST_CONFIG volume build_timeout $BUILD_TIMEOUT
iniset $TEMPEST_CONFIG boto build_timeout $BUILD_TIMEOUT
iniset $TEMPEST_CONFIG boto http_socket_timeout 5
# Identity
iniset $TEMPEST_CONFIG identity uri "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:5000/v2.0/"
iniset $TEMPEST_CONFIG identity uri_v3 "$KEYSTONE_SERVICE_URI_V3"
iniset $TEMPEST_CONFIG identity username $TEMPEST_USERNAME
iniset $TEMPEST_CONFIG identity password "$password"
iniset $TEMPEST_CONFIG identity tenant_name $TEMPEST_TENANT_NAME
iniset $TEMPEST_CONFIG identity alt_username $ALT_USERNAME
iniset $TEMPEST_CONFIG identity alt_password "$password"
iniset $TEMPEST_CONFIG identity alt_tenant_name $ALT_TENANT_NAME
if [[ "$TEMPEST_HAS_ADMIN" == "True" ]]; then
iniset $TEMPEST_CONFIG identity admin_username $ADMIN_USERNAME
iniset $TEMPEST_CONFIG identity admin_password "$password"
iniset $TEMPEST_CONFIG identity admin_tenant_name $ADMIN_TENANT_NAME
iniset $TEMPEST_CONFIG identity admin_tenant_id $ADMIN_TENANT_ID
iniset $TEMPEST_CONFIG identity admin_domain_name $ADMIN_DOMAIN_NAME
fi
if [ "$ENABLE_IDENTITY_V2" == "False" ]; then
# Only Identity v3 is available; then skip Identity API v2 tests
iniset $TEMPEST_CONFIG identity-feature-enabled api_v2 False
# In addition, use v3 auth tokens for running all Tempest tests
iniset $TEMPEST_CONFIG identity auth_version v3
else
iniset $TEMPEST_CONFIG identity auth_version ${TEMPEST_AUTH_VERSION:-v2}
fi
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
iniset $TEMPEST_CONFIG identity ca_certificates_file $SSL_BUNDLE_FILE
fi
iniset $TEMPEST_CONFIG identity-feature-enabled api_extensions OS-EC2
# Image
# We want to be able to override this variable in the gate to avoid
# doing an external HTTP fetch for this test.
if [[ ! -z "$TEMPEST_HTTP_IMAGE" ]]; then
iniset $TEMPEST_CONFIG image http_image $TEMPEST_HTTP_IMAGE
fi
if [ "$VIRT_DRIVER" = "xenserver" ]; then
iniset $TEMPEST_CONFIG image disk_formats "ami,ari,aki,vhd,raw,iso"
iniset $TEMPEST_CONFIG scenario img_disk_format vhd
fi
# Image Features
iniset $TEMPEST_CONFIG image-feature-enabled deactivate_image True
# Compute
iniset $TEMPEST_CONFIG compute ssh_user ${DEFAULT_INSTANCE_USER:-cirros} # DEPRECATED
iniset $TEMPEST_CONFIG compute network_for_ssh $PRIVATE_NETWORK_NAME
iniset $TEMPEST_CONFIG compute ip_version_for_ssh 4
iniset $TEMPEST_CONFIG compute ssh_timeout $BUILD_TIMEOUT
iniset $TEMPEST_CONFIG compute image_ref $image_uuid
iniset $TEMPEST_CONFIG compute image_ssh_user ${DEFAULT_INSTANCE_USER:-cirros}
iniset $TEMPEST_CONFIG compute image_ref_alt $image_uuid_alt
iniset $TEMPEST_CONFIG compute image_alt_ssh_user ${ALT_INSTANCE_USER:-cirros}
iniset $TEMPEST_CONFIG compute flavor_ref $flavor_ref
iniset $TEMPEST_CONFIG compute flavor_ref_alt $flavor_ref_alt
iniset $TEMPEST_CONFIG compute ssh_connect_method $ssh_connect_method
if [[ ! $(is_service_enabled n-cell) && ! $(is_service_enabled neutron) ]]; then
iniset $TEMPEST_CONFIG compute fixed_network_name $PRIVATE_NETWORK_NAME
fi
# Set the service catalog entry for Tempest to run on. Typically
# used to try different compute API version targets. The tempest
# default if 'compute', which is typically valid, so only set this
# if you want to change it.
if [[ -n "$TEMPEST_COMPUTE_TYPE" ]]; then
iniset $TEMPEST_CONFIG compute catalog_type $TEMPEST_COMPUTE_TYPE
fi
# Compute Features
# Run ``verify_tempest_config -ur`` to retrieve enabled extensions on API endpoints
# NOTE(mtreinish): This must be done after auth settings are added to the tempest config
local tmp_cfg_file=$(mktemp)
cd $TEMPEST_DIR
tox -revenv-tempest -- verify-tempest-config -u -r -o $tmp_cfg_file
local compute_api_extensions=${COMPUTE_API_EXTENSIONS:-"all"}
if [[ ! -z "$DISABLE_COMPUTE_API_EXTENSIONS" ]]; then
# Enabled extensions are either the ones explicitly specified or those available on the API endpoint
compute_api_extensions=${COMPUTE_API_EXTENSIONS:-$(iniget $tmp_cfg_file compute-feature-enabled api_extensions | tr -d " ")}
# Remove disabled extensions
compute_api_extensions=$(remove_disabled_extensions $compute_api_extensions $DISABLE_COMPUTE_API_EXTENSIONS)
fi
iniset $TEMPEST_CONFIG compute-feature-enabled resize True
iniset $TEMPEST_CONFIG compute-feature-enabled live_migration ${LIVE_MIGRATION_AVAILABLE:-False}
iniset $TEMPEST_CONFIG compute-feature-enabled change_password False
iniset $TEMPEST_CONFIG compute-feature-enabled block_migration_for_live_migration ${USE_BLOCK_MIGRATION_FOR_LIVE_MIGRATION:-False}
iniset $TEMPEST_CONFIG compute-feature-enabled api_extensions $compute_api_extensions
# TODO(mriedem): Remove the preserve_ports flag when Juno is end of life.
iniset $TEMPEST_CONFIG compute-feature-enabled preserve_ports True
# TODO(gilliard): Remove the live_migrate_paused_instances flag when Juno is end of life.
iniset $TEMPEST_CONFIG compute-feature-enabled live_migrate_paused_instances True
iniset $TEMPEST_CONFIG compute-feature-enabled attach_encrypted_volume ${ATTACH_ENCRYPTED_VOLUME_AVAILABLE:-True}
# TODO(mriedem): Remove this when kilo-eol happens since the
# neutron.allow_duplicate_networks option was removed from nova in Liberty
# and is now the default behavior.
iniset $TEMPEST_CONFIG compute-feature-enabled allow_duplicate_networks ${NOVA_ALLOW_DUPLICATE_NETWORKS:-True}
if is_service_enabled n-cell; then
# Cells doesn't support shelving/unshelving
iniset $TEMPEST_CONFIG compute-feature-enabled shelve False
# Cells doesn't support hot-plugging virtual interfaces.
iniset $TEMPEST_CONFIG compute-feature-enabled interface_attach False
if [[ -z "$DEFAULT_INSTANCE_TYPE" ]]; then
# Cells supports resize but does not currently work with devstack
# because of the custom flavors created for Tempest runs which are
# not in the cells database.
# TODO(mriedem): work on adding a nova-manage command to sync
# flavors into the cells database.
iniset $TEMPEST_CONFIG compute-feature-enabled resize False
fi
fi
# Network
iniset $TEMPEST_CONFIG network api_version 2.0
iniset $TEMPEST_CONFIG network tenant_networks_reachable "$tenant_networks_reachable"
iniset $TEMPEST_CONFIG network public_network_id "$public_network_id"
iniset $TEMPEST_CONFIG network public_router_id "$public_router_id"
iniset $TEMPEST_CONFIG network default_network "$FIXED_RANGE"
iniset $TEMPEST_CONFIG network-feature-enabled ipv6 "$IPV6_ENABLED"
iniset $TEMPEST_CONFIG network-feature-enabled ipv6_subnet_attributes "$IPV6_SUBNET_ATTRIBUTES_ENABLED"
DEFAULT_NET_EXT="agent,allowed-address-pairs,binding"
DEFAULT_NET_EXT+=",dhcp_agent_scheduler,dns-integration"
DEFAULT_NET_EXT+=",dvr,ext-gw-mode,external-net"
DEFAULT_NET_EXT+=",extra_dhcp_opt,extraroute,flavors,fwaas"
DEFAULT_NET_EXT+=",fwaasrouterinsertion,l3-ha,l3_agent_scheduler,lbaas"
DEFAULT_NET_EXT+=",lbaas_agent_scheduler,metering,multi-provider,net-mtu,port-security"
DEFAULT_NET_EXT+=",provider,quotas,rbac-policies,router,security-group,service-type"
DEFAULT_NET_EXT+=",subnet_allocation,vpnaas"
local network_api_extensions="${NETWORK_API_EXTENSIONS:-$DEFAULT_NET_EXT}"
if [[ ! -z "$DISABLE_NETWORK_API_EXTENSIONS" ]]; then
# Enabled extensions are either the ones explicitly specified or those available on the API endpoint
network_api_extensions=${NETWORK_API_EXTENSIONS:-$(iniget $tmp_cfg_file network-feature-enabled api_extensions | tr -d " ")}
# Remove disabled extensions
network_api_extensions=$(remove_disabled_extensions $network_api_extensions $DISABLE_NETWORK_API_EXTENSIONS)
fi
iniset $TEMPEST_CONFIG network-feature-enabled api_extensions $network_api_extensions
# boto
iniset $TEMPEST_CONFIG boto ec2_url "$EC2_URL"
iniset $TEMPEST_CONFIG boto s3_url "$S3_URL"
iniset $TEMPEST_CONFIG boto s3_materials_path "$BOTO_MATERIALS_PATH"
iniset $TEMPEST_CONFIG boto ari_manifest cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-initrd.manifest.xml
iniset $TEMPEST_CONFIG boto ami_manifest cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-blank.img.manifest.xml
iniset $TEMPEST_CONFIG boto aki_manifest cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-vmlinuz.manifest.xml
iniset $TEMPEST_CONFIG boto instance_type "$boto_instance_type"
iniset $TEMPEST_CONFIG boto http_socket_timeout 30
# Orchestration Tests
if is_service_enabled heat; then
if [[ ! -z "$HEAT_CFN_IMAGE_URL" ]]; then
iniset $TEMPEST_CONFIG orchestration image_ref $(basename "${HEAT_CFN_IMAGE_URL%.*}")
fi
# build a specialized heat flavor
available_flavors=$(nova flavor-list)
if [[ ! ( $available_flavors =~ 'm1.heat' ) ]]; then
nova flavor-create m1.heat 451 512 0 1
fi
iniset $TEMPEST_CONFIG orchestration instance_type "m1.heat"
iniset $TEMPEST_CONFIG orchestration build_timeout 900
iniset $TEMPEST_CONFIG orchestration stack_owner_role "_member_"
fi
# Scenario
SCENARIO_IMAGE_DIR=${SCENARIO_IMAGE_DIR:-$FILES/images/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec}
iniset $TEMPEST_CONFIG scenario img_dir $SCENARIO_IMAGE_DIR
iniset $TEMPEST_CONFIG scenario ami_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-blank.img"
iniset $TEMPEST_CONFIG scenario ari_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-initrd"
iniset $TEMPEST_CONFIG scenario aki_img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-vmlinuz"
iniset $TEMPEST_CONFIG scenario img_file "cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-disk.img"
# Large Ops Number
iniset $TEMPEST_CONFIG scenario large_ops_number ${TEMPEST_LARGE_OPS_NUMBER:-0}
# Telemetry
iniset $TEMPEST_CONFIG telemetry-feature-enabled events "True"
# Object Store
DEFAULT_SWIFT_OPT="account_quotas,bulk,bulk_delete,bulk_upload,container_quotas"
DEFAULT_SWIFT_OPT+=",container_sync,crossdomain,formpost,ratelimit,slo"
DEFAULT_SWIFT_OPT+=",staticweb,tempauth,tempurl"
local object_storage_api_extensions="${OBJECT_STORAGE_API_EXTENSIONS:-$DEFAULT_SWIFT_OPT}"
if [[ ! -z "$DISABLE_OBJECT_STORAGE_API_EXTENSIONS" ]]; then
# Enabled extensions are either the ones explicitly specified or those available on the API endpoint
object_storage_api_extensions=${OBJECT_STORAGE_API_EXTENSIONS:-$(iniget $tmp_cfg_file object-storage-feature-enabled discoverable_apis | tr -d " ")}
# Remove disabled extensions
object_storage_api_extensions=$(remove_disabled_extensions $object_storage_api_extensions $DISABLE_STORAGE_API_EXTENSIONS)
fi
iniset $TEMPEST_CONFIG object-storage-feature-enabled discoverable_apis $object_storage_api_extensions
# Validation
iniset $TEMPEST_CONFIG validation run_validation ${TEMPEST_RUN_VALIDATION:-False}
# Volume
# TODO(dkranz): Remove the bootable flag when Juno is end of life.
iniset $TEMPEST_CONFIG volume-feature-enabled bootable True
# TODO(jordanP): Remove the extend_with_snapshot flag when Juno is end of life.
iniset $TEMPEST_CONFIG volume-feature-enabled extend_with_snapshot True
# TODO(obutenko): Remove the incremental_backup_force flag when Kilo and Juno is end of life.
iniset $TEMPEST_CONFIG volume-feature-enabled incremental_backup_force True
DEFAULT_VOL_EXT="OS-SCH-HNT,backups,capabilities,cgsnapshots,consistencygroups"
DEFAULT_VOL_EXT+=",encryption,os-admin-actions,os-availability-zone"
DEFAULT_VOL_EXT+=",os-extended-services,os-extended-snapshot-attributes"
DEFAULT_VOL_EXT+=",os-hosts,os-image-create,os-quota-class-sets,os-quota-sets"
DEFAULT_VOL_EXT+=",os-services,os-snapshot-actions,os-snapshot-manage,os-snapshot-unmanage"
DEFAULT_VOL_EXT+=",os-types-extra-specs"
DEFAULT_VOL_EXT+=",os-types-manage,os-used-limits,os-vol-host-attr,os-vol-image-meta"
DEFAULT_VOL_EXT+=",os-vol-mig-status-attr,os-vol-tenant-attr,os-volume-actions"
DEFAULT_VOL_EXT+=",os-volume-encryption-metadata,os-volume-manage"
DEFAULT_VOL_EXT+=",os-volume-replication,os-volume-transfer,os-volume-type-access"
DEFAULT_VOL_EXT+=",os-volume-unmanage,qos-specs,scheduler-stats"
local volume_api_extensions="${VOLUME_API_EXTENSIONS:-$DEFAULT_VOL_EXT}"
if [[ ! -z "$DISABLE_VOLUME_API_EXTENSIONS" ]]; then
# Enabled extensions are either the ones explicitly specified or those available on the API endpoint
volume_api_extensions=${VOLUME_API_EXTENSIONS:-$(iniget $tmp_cfg_file volume-feature-enabled api_extensions | tr -d " ")}
# Remove disabled extensions
volume_api_extensions=$(remove_disabled_extensions $volume_api_extensions $DISABLE_VOLUME_API_EXTENSIONS)
fi
iniset $TEMPEST_CONFIG volume-feature-enabled api_extensions $volume_api_extensions
if ! is_service_enabled c-bak; then
iniset $TEMPEST_CONFIG volume-feature-enabled backup False
fi
# Using ``CINDER_ENABLED_BACKENDS``
if [[ -n "$CINDER_ENABLED_BACKENDS" ]] && [[ $CINDER_ENABLED_BACKENDS =~ .*,.* ]]; then
iniset $TEMPEST_CONFIG volume-feature-enabled multi_backend "True"
local i=1
local be
for be in ${CINDER_ENABLED_BACKENDS//,/ }; do
local be_name=${be##*:}
iniset $TEMPEST_CONFIG volume "backend${i}_name" "$be_name"
i=$(( i + 1 ))
done
fi
if [ $TEMPEST_VOLUME_DRIVER != "default" -o \
"$TEMPEST_VOLUME_VENDOR" != "$TEMPEST_DEFAULT_VOLUME_VENDOR" ]; then
iniset $TEMPEST_CONFIG volume vendor_name "$TEMPEST_VOLUME_VENDOR"
fi
if [ $TEMPEST_VOLUME_DRIVER != "default" -o \
"$TEMPEST_STORAGE_PROTOCOL" != "$TEMPEST_DEFAULT_STORAGE_PROTOCOL" ]; then
iniset $TEMPEST_CONFIG volume storage_protocol "$TEMPEST_STORAGE_PROTOCOL"
fi
# Dashboard
iniset $TEMPEST_CONFIG dashboard dashboard_url "http://$SERVICE_HOST/"
iniset $TEMPEST_CONFIG dashboard login_url "http://$SERVICE_HOST/auth/login/"
# CLI
iniset $TEMPEST_CONFIG cli cli_dir $NOVA_BIN_DIR
# Baremetal
if [ "$VIRT_DRIVER" = "ironic" ] ; then
iniset $TEMPEST_CONFIG baremetal driver_enabled True
iniset $TEMPEST_CONFIG baremetal unprovision_timeout $BUILD_TIMEOUT
iniset $TEMPEST_CONFIG baremetal active_timeout $BUILD_TIMEOUT
iniset $TEMPEST_CONFIG baremetal deploy_img_dir $FILES
iniset $TEMPEST_CONFIG baremetal node_uuid $IRONIC_NODE_UUID
iniset $TEMPEST_CONFIG compute-feature-enabled change_password False
iniset $TEMPEST_CONFIG compute-feature-enabled console_output False
iniset $TEMPEST_CONFIG compute-feature-enabled interface_attach False
iniset $TEMPEST_CONFIG compute-feature-enabled live_migration False
iniset $TEMPEST_CONFIG compute-feature-enabled pause False
iniset $TEMPEST_CONFIG compute-feature-enabled rescue False
iniset $TEMPEST_CONFIG compute-feature-enabled resize False
iniset $TEMPEST_CONFIG compute-feature-enabled shelve False
iniset $TEMPEST_CONFIG compute-feature-enabled snapshot False
iniset $TEMPEST_CONFIG compute-feature-enabled suspend False
fi
# Libvirt-LXC
if [ "$VIRT_DRIVER" = "libvirt" ] && [ "$LIBVIRT_TYPE" = "lxc" ]; then
iniset $TEMPEST_CONFIG compute-feature-enabled rescue False
iniset $TEMPEST_CONFIG compute-feature-enabled resize False
iniset $TEMPEST_CONFIG compute-feature-enabled suspend False
fi
# ``service_available``
#
# this tempest service list needs to be all the services that
# tempest supports, otherwise we can have an erroneous set of
# defaults (something defaulting true in Tempest, but not listed here).
TEMPEST_SERVICES="key,glance,nova,neutron,cinder,swift,heat,ceilometer,horizon,sahara,ironic,trove"
for service in ${TEMPEST_SERVICES//,/ }; do
if is_service_enabled $service ; then
iniset $TEMPEST_CONFIG service_available $service "True"
else
iniset $TEMPEST_CONFIG service_available $service "False"
fi
done
if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
# Use the ``BOTO_CONFIG`` environment variable to point to this file
iniset -sudo $BOTO_CONF Boto ca_certificates_file $SSL_BUNDLE_FILE
sudo chown $STACK_USER $BOTO_CONF
fi
# Auth
iniset $TEMPEST_CONFIG auth tempest_roles "Member"
if [[ $TEMPEST_USE_TEST_ACCOUNTS == "True" ]]; then
if [[ $TEMPEST_HAS_ADMIN == "True" ]]; then
tempest-account-generator -c $TEMPEST_CONFIG --os-username $ADMIN_USERNAME --os-password $ADMIN_PASSWORD --os-tenant-name $ADMIN_TENANT_NAME -r $TEMPEST_CONCURRENCY --with-admin etc/accounts.yaml
else
tempest-account-generator -c $TEMPEST_CONFIG --os-username $ADMIN_USERNAME --os-password $ADMIN_PASSWORD --os-tenant-name $ADMIN_TENANT_NAME -r $TEMPEST_CONCURRENCY etc/accounts.yaml
fi
iniset $TEMPEST_CONFIG auth allow_tenant_isolation False
iniset $TEMPEST_CONFIG auth test_accounts_file "etc/accounts.yaml"
else
iniset $TEMPEST_CONFIG auth allow_tenant_isolation ${TEMPEST_ALLOW_TENANT_ISOLATION:-True}
fi
# Restore IFS
IFS=$ifs
}
# create_tempest_accounts() - Set up common required tempest accounts
# Project User Roles
# ------------------------------------------------------------------
# alt_demo alt_demo Member
function create_tempest_accounts {
if is_service_enabled tempest; then
# Tempest has some tests that validate various authorization checks
# between two regular users in separate tenants
get_or_create_project alt_demo default
get_or_create_user alt_demo "$ADMIN_PASSWORD" "default" "alt_demo@example.com"
get_or_add_user_project_role Member alt_demo alt_demo
fi
}
# install_tempest_lib() - Collect source, prepare, and install ``tempest-lib``
function install_tempest_lib {
if use_library_from_git "tempest-lib"; then
git_clone_by_name "tempest-lib"
setup_dev_lib "tempest-lib"
# NOTE(mtreinish) For testing ``tempest-lib`` from git with Tempest we need to
# put the git version of ``tempest-lib`` in the Tempest job's tox venv
export PIP_VIRTUAL_ENV=${PROJECT_VENV["tempest"]}
setup_dev_lib "tempest-lib"
unset PIP_VIRTUAL_ENV
fi
}
# install_tempest() - Collect source and prepare
function install_tempest {
git_clone $TEMPEST_REPO $TEMPEST_DIR $TEMPEST_BRANCH
pip_install tox
pushd $TEMPEST_DIR
tox --notest -efull
PROJECT_VENV["tempest"]=${TEMPEST_DIR}/.tox/tempest
popd
}
# install_tempest_plugins() - Install any specified plugins into the tempest venv
function install_tempest_plugins {
pushd $TEMPEST_DIR
if [[ $TEMPEST_PLUGINS != 0 ]] ; then
tox -evenv-tempest -- pip install $TEMPEST_PLUGINS
fi
install_tempest_lib
popd
}
# init_tempest() - Initialize EC2 images
function init_tempest {
local base_image_name=cirros-${CIRROS_VERSION}-${CIRROS_ARCH}
# /opt/stack/devstack/files/images/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec
local image_dir="$FILES/images/${base_image_name}-uec"
local kernel="$image_dir/${base_image_name}-vmlinuz"
local ramdisk="$image_dir/${base_image_name}-initrd"
local disk_image="$image_dir/${base_image_name}-blank.img"
if is_service_enabled nova; then
# If the CirrOS uec downloaded and the system is UEC capable
if [ -f "$kernel" -a -f "$ramdisk" -a -f "$disk_image" -a "$VIRT_DRIVER" != "openvz" \
-a \( "$LIBVIRT_TYPE" != "lxc" -o "$VIRT_DRIVER" != "libvirt" \) ]; then
echo "Prepare aki/ari/ami Images"
mkdir -p $BOTO_MATERIALS_PATH
( #new namespace
# euca2ools should be installed to call euca-* commands
is_package_installed euca2ools || install_package euca2ools
# tenant:demo ; user: demo
source $TOP_DIR/accrc/demo/demo
euca-bundle-image -r ${CIRROS_ARCH} -i "$kernel" --kernel true -d "$BOTO_MATERIALS_PATH"
euca-bundle-image -r ${CIRROS_ARCH} -i "$ramdisk" --ramdisk true -d "$BOTO_MATERIALS_PATH"
euca-bundle-image -r ${CIRROS_ARCH} -i "$disk_image" -d "$BOTO_MATERIALS_PATH"
) 2>&1 </dev/null | cat
else
echo "Boto materials are not prepared"
fi
fi
}
# Restore xtrace
$XTRACE
# Tell emacs to use shell-script-mode
## Local variables:
## mode: shell-script
## End: