This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch 4.11
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/4.11 by this push:
new d4e302d smoketest: Fix test_vm_life_cycle secure migration tests
(#2715)
d4e302d is described below
commit d4e302dcc67ca740242f09ef43ca97a72696c204
Author: Rohit Yadav <ro...@apache.org>
AuthorDate: Wed Jun 20 21:18:38 2018 +0530
smoketest: Fix test_vm_life_cycle secure migration tests (#2715)
This fixes intermittently failing secure live VM migration tests on KVM.
Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com>
---
test/integration/smoke/test_vm_life_cycle.py | 292 +++++++++++----------------
1 file changed, 120 insertions(+), 172 deletions(-)
diff --git a/test/integration/smoke/test_vm_life_cycle.py
b/test/integration/smoke/test_vm_life_cycle.py
index a2daee8..e9970b6 100644
--- a/test/integration/smoke/test_vm_life_cycle.py
+++ b/test/integration/smoke/test_vm_life_cycle.py
@@ -839,7 +839,6 @@ class TestSecuredVmMigration(cloudstackTestCase):
@classmethod
def tearDownClass(cls):
-
cls.apiclient = super(TestSecuredVmMigration,
cls).getClsTestClient().getApiClient()
try:
cleanup_resources(cls.apiclient, cls._cleanup)
@@ -850,136 +849,30 @@ class TestSecuredVmMigration(cloudstackTestCase):
self.apiclient = self.testClient.getApiClient()
self.dbclient = self.testClient.getDbConnection()
self.cleanup = []
+
if self.hypervisor.lower() not in ["kvm"]:
self.skipTest("Secured migration is not supported on other than
KVM")
+ self.hosts = Host.list(
+ self.apiclient,
+ zoneid=self.zone.id,
+ type='Routing',
+ hypervisor='KVM')
+
+ if len(self.hosts) < 2:
+ self.skipTest("Requires at least two hosts for performing
migration related tests")
+
+ self.secure_all_hosts()
self.updateConfiguration("ca.plugin.root.auth.strictness", "false")
- self.make_all_hosts_secure()
def tearDown(self):
- self.make_all_hosts_secure()
-
+ self.secure_all_hosts()
+ self.updateConfiguration("ca.plugin.root.auth.strictness", "true")
try:
cleanup_resources(self.apiclient, self.cleanup)
except Exception as e:
raise Exception("Warning: Exception during cleanup : %s" % e)
- @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg"],
required_hardware="false")
- def test_01_secured_vm_migration(self):
- """Test secured VM migration"""
-
- # Validate the following
- # 1. Environment has enough hosts for migration
- # 2. DeployVM on suitable host (with another host in the cluster)
- # 3. Migrate the VM and assert migration successful
-
- hosts = self.get_hosts()
-
- secured_hosts = []
-
- for host in hosts:
- if host.details.secured == 'true':
- secured_hosts.append(host)
-
- if len(secured_hosts) < 2:
- self.skipTest("At least two hosts should be present in the zone
for migration")
-
- origin_host = secured_hosts[0]
-
- self.vm_to_migrate = self.deploy_vm(origin_host)
-
- target_host = self.get_target_host(secured='true',
virtualmachineid=self.vm_to_migrate.id)
-
- self.migrate_and_check(origin_host, target_host, proto='tls')
-
- @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg"],
required_hardware="false")
- def test_02_not_secured_vm_migration(self):
- """Test Non-secured VM Migration
- """
- #self.skipTest()
- # Validate the following
- # 1. Prepare 2 hosts to run in non-secured more
- # 2. DeployVM on suitable host (with another host in the cluster)
- # 3. Migrate the VM and assert migration successful
- hosts = self.get_hosts()
- for host in hosts:
- self.make_unsecure_connection(host)
-
- non_secured_hosts = []
-
- hosts = self.get_hosts()
-
- for host in hosts:
- if host.details.secured == 'false':
- non_secured_hosts.append(host)
-
- if len(non_secured_hosts) < 2:
- self.skipTest("At least two hosts should be present in the zone
for migration")
- origin_host = non_secured_hosts[0]
-
- self.vm_to_migrate = self.deploy_vm(origin_host)
-
- target_host = self.get_target_host(secured='false',
virtualmachineid=self.vm_to_migrate.id)
-
- self.migrate_and_check(origin_host, target_host, proto='tcp')
-
- @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg"],
required_hardware="false")
- def test_03_secured_to_nonsecured_vm_migration(self):
- """Test destroy Virtual Machine
- """
-
- # Validate the following
- # 1. Makes one of the hosts non-secured
- # 2. Deploys a VM to a Secured host
- # 3. Migrates the VM to the non-secured host and assers the migration
is via TCP.
-
- hosts = self.get_hosts()
-
- non_secured_host = self.make_unsecure_connection(hosts[0])
-
- secured_hosts = []
- hosts = self.get_hosts()
-
- for host in hosts:
- if host.details.secured == 'true':
- secured_hosts.append(host)
-
- self.vm_to_migrate = self.deploy_vm(secured_hosts[0])
- try:
- self.migrate_and_check(origin_host=secured_hosts[0],
destination_host=non_secured_host, proto='tcp')
- except Exception:
- pass
- else: self.fail("Migration succeed, instead it should fail")
-
- @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg"],
required_hardware="false")
- def test_04_nonsecured_to_secured_vm_migration(self):
- """Test Non-secured VM Migration
- """
-
- # Validate the following
- # 1. Makes one of the hosts non-secured
- # 2. Deploys a VM to the non-secured host
- # 3. Migrates the VM to the secured host and assers the migration is
via TCP.
- hosts = self.get_hosts()
-
- non_secured_host = self.make_unsecure_connection(hosts[0])
-
- secured_hosts = []
-
- hosts = self.get_hosts()
- for host in hosts:
- if host.details.secured == 'true':
- secured_hosts.append(host)
-
- self.vm_to_migrate = self.deploy_vm(non_secured_host)
-
- try:
- self.migrate_and_check(origin_host=non_secured_host,
destination_host=secured_hosts[0], proto='tcp')
- except Exception:
- pass
- else:
- self.fail("Migration succeed, instead it should fail")
-
def get_target_host(self, secured, virtualmachineid):
target_hosts = Host.listForMigration(self.apiclient,
virtualmachineid=virtualmachineid)
@@ -992,55 +885,44 @@ class TestSecuredVmMigration(cloudstackTestCase):
def check_migration_protocol(self, protocol, host):
resp = SshClient(host.ipaddress, port=22,
user=self.hostConfig["username"],passwd=self.hostConfig["password"])\
- .execute("grep -a Live /var/log/cloudstack/agent/agent.log | tail
-1")
+ .execute("grep -a listen_%s=1 /etc/libvirt/libvirtd.conf | tail
-1" % protocol)
if protocol not in resp[0]:
- cloudstackTestCase.fail(self, "Migration protocol was not as
expected: '" + protocol + "\n"
- "Instead we got: " + resp[0])
-
- def make_unsecure_connection(self, host):
- SshClient(host.ipaddress, port=22,
user=self.hostConfig["username"],passwd=self.hostConfig["password"])\
- .execute("rm -f /etc/cloudstack/agent/cloud*")
-
- SshClient(host.ipaddress, port=22,
user=self.hostConfig["username"],passwd=self.hostConfig["password"])\
- .execute("sed -i 's/listen_tls.*/listen_tls=0/g'
/etc/libvirt/libvirtd.conf")
- SshClient(host.ipaddress, port=22,
user=self.hostConfig["username"],passwd=self.hostConfig["password"])\
- .execute("sed -i 's/listen_tcp.*/listen_tcp=1/g'
/etc/libvirt/libvirtd.conf ")
- SshClient(host.ipaddress, port=22,
user=self.hostConfig["username"],passwd=self.hostConfig["password"])\
- .execute("sed -i '/.*_file.*/d' /etc/libvirt/libvirtd.conf")
- SshClient(host.ipaddress, port=22,
user=self.hostConfig["username"],passwd=self.hostConfig["password"])\
- .execute("service libvirtd restart")
- SshClient(host.ipaddress, port=22,
user=self.hostConfig["username"],passwd=self.hostConfig["password"])\
- .execute("service cloudstack-agent restart")
+ cloudstackTestCase.fail(self, "Libvirt listen protocol expected:
'" + protocol + "\n"
+ "does not match actual: " + resp[0])
+
+ def migrate_and_check(self, vm, src_host, dest_host, proto='tls'):
+ """
+ Migrates a VM from source host to destination host and checks
status
+ """
+ self.check_migration_protocol(protocol=proto, host=src_host)
+ vm.migrate(self.apiclient, hostid=dest_host.id)
+ vm_response = VirtualMachine.list(self.apiclient, id=vm.id)[0]
+ self.assertEqual(vm_response.hostid, dest_host.id, "Check destination
host ID of migrated VM")
+
+ def unsecure_host(self, host):
+ SshClient(host.ipaddress, port=22, user=self.hostConfig["username"],
passwd=self.hostConfig["password"])\
+ .execute("rm -f /etc/cloudstack/agent/cloud* && \
+ sed -i 's/listen_tls.*/listen_tls=0/g'
/etc/libvirt/libvirtd.conf && \
+ sed -i 's/listen_tcp.*/listen_tcp=1/g'
/etc/libvirt/libvirtd.conf && \
+ sed -i '/.*_file=.*/d' /etc/libvirt/libvirtd.conf && \
+ service libvirtd restart && \
+ service cloudstack-agent restart")
- self.check_connection(host=host, secured='false')
time.sleep(10)
+ self.check_connection(host=host, secured='false')
return host
- def make_all_hosts_secure(self):
- hosts = Host.list(
- self.apiclient,
- zoneid=self.zone.id,
- type='Routing'
- )
- for host in hosts:
+ def secure_all_hosts(self):
+ for host in self.hosts:
cmd = provisionCertificate.provisionCertificateCmd()
cmd.hostid = host.id
+ cmd.reconnect = True
self.apiclient.updateConfiguration(cmd)
- for host in hosts:
+ for host in self.hosts:
self.check_connection(secured='true', host=host)
- def get_hosts(self):
-
- hosts = Host.list(
- self.apiclient,
- zoneid=self.zone.id,
- type='Routing'
- )
- self.assertEqual(validateList(hosts)[0], PASS, "hosts list validation
failed")
- return hosts
-
def deploy_vm(self, origin_host):
return VirtualMachine.create(
self.apiclient,
@@ -1049,10 +931,9 @@ class TestSecuredVmMigration(cloudstackTestCase):
domainid=self.account.domainid,
serviceofferingid=self.small_offering.id,
mode=self.services["mode"],
- hostid=origin_host.id
- )
+ hostid=origin_host.id)
- def check_connection(self, secured, host, retries=5, interval=5):
+ def check_connection(self, secured, host, retries=20, interval=6):
while retries > -1:
time.sleep(interval)
@@ -1069,21 +950,88 @@ class TestSecuredVmMigration(cloudstackTestCase):
else:
return
- raise Exception("Host communication is not as expected: " + secured +
- ". Instead it's: " + host.details.secured)
+ raise Exception("Host detail 'secured' was expected: " + secured +
+ ", actual is: " + host.details.secured)
+
+ def updateConfiguration(self, name, value):
+ cmd = updateConfiguration.updateConfigurationCmd()
+ cmd.name = name
+ cmd.value = value
+ self.apiclient.updateConfiguration(cmd)
+
+ @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg",
"security"], required_hardware="false")
+ def test_01_secure_vm_migration(self):
+ """Test secure VM migration"""
+ # Validate the following
+ # 1. Environment has enough hosts for migration
+ # 2. DeployVM on suitable host (with another host in the cluster)
+ # 3. Migrate the VM and assert migration successful
+
+ src_host = self.hosts[0]
+ vm = self.deploy_vm(src_host)
+ self.cleanup.append(vm)
+
+ dest_host = self.get_target_host(secured='true',
virtualmachineid=vm.id)
+ self.migrate_and_check(vm, src_host, dest_host)
+
+ @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg",
"security"], required_hardware="false")
+ def test_02_unsecure_vm_migration(self):
+ """Test Non-secured VM Migration
+ """
+ # Validate the following
+ # 1. Prepare 2 hosts to run in non-secured more
+ # 2. DeployVM on suitable host (with another host in the cluster)
+ # 3. Migrate the VM and assert migration successful
- def migrate_and_check(self, origin_host, destination_host, proto):
+ for host in self.hosts:
+ self.unsecure_host(host)
- self.vm_to_migrate.migrate(self.apiclient, hostid=destination_host.id)
+ src_host = self.hosts[0]
+ vm = self.deploy_vm(src_host)
+ self.cleanup.append(vm)
- self.check_migration_protocol(protocol=proto, host=origin_host)
+ dest_host = self.get_target_host(secured='false',
virtualmachineid=vm.id)
+ self.migrate_and_check(vm, src_host, dest_host, proto='tcp')
- vm_response = VirtualMachine.list(self.apiclient,
id=self.vm_to_migrate.id)[0]
+ @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg",
"security"], required_hardware="false")
+ def test_03_secured_to_nonsecured_vm_migration(self):
+ """Test destroy Virtual Machine
+ """
+ # Validate the following
+ # 1. Makes one of the hosts non-secured
+ # 2. Deploys a VM to a Secured host
+ # 3. Migrates the VM to the non-secured host via TLS, and ensure
exception
- self.assertEqual(vm_response.hostid, destination_host.id, "Check
destination hostID of migrated VM")
+ unsecure_host = self.unsecure_host(self.hosts[0])
+ secure_host = self.hosts[1]
+
+ vm = self.deploy_vm(secure_host)
+ self.cleanup.append(vm)
+
+ try:
+ self.migrate_and_check(vm, secure_host, unsecure_host, proto='tls')
+ except Exception:
+ pass
+ else: self.fail("Migration succeeded, instead it should fail")
+
+ @attr(tags=["devcloud", "advanced", "advancedns", "smoke", "basic", "sg",
"security"], required_hardware="false")
+ def test_04_nonsecured_to_secured_vm_migration(self):
+ """Test Non-secured VM Migration
+ """
+ # Validate the following
+ # 1. Makes one of the hosts non-secured
+ # 2. Deploys a VM to the non-secured host
+ # 3. Migrates the VM to the non-secured host via TCP, and ensure
exception
+
+ unsecure_host = self.unsecure_host(self.hosts[0])
+ secure_host = self.hosts[1]
+
+ vm = self.deploy_vm(unsecure_host)
+ self.cleanup.append(vm)
+
+ try:
+ self.migrate_and_check(vm, unsecure_host, secure_host, proto='tcp')
+ except Exception:
+ pass
+ else: self.fail("Migration succeeded, instead it should fail")
- def updateConfiguration(self, name, value):
- cmd = updateConfiguration.updateConfigurationCmd()
- cmd.name = name
- cmd.value = value
- self.apiclient.updateConfiguration(cmd)
\ No newline at end of file
