github.com/altoros/juju-vmware@v0.0.0-20150312064031-f19ae857ccca/provider/openstack/live_test.go (about) 1 // Copyright 2012, 2013 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package openstack_test 5 6 import ( 7 "crypto/rand" 8 "fmt" 9 "io" 10 "sort" 11 12 jc "github.com/juju/testing/checkers" 13 gc "gopkg.in/check.v1" 14 "launchpad.net/goose/client" 15 "launchpad.net/goose/identity" 16 "launchpad.net/goose/nova" 17 18 "github.com/juju/juju/environs" 19 "github.com/juju/juju/environs/bootstrap" 20 "github.com/juju/juju/environs/config" 21 "github.com/juju/juju/environs/jujutest" 22 "github.com/juju/juju/environs/storage" 23 envtesting "github.com/juju/juju/environs/testing" 24 jujutesting "github.com/juju/juju/juju/testing" 25 "github.com/juju/juju/provider/openstack" 26 coretesting "github.com/juju/juju/testing" 27 ) 28 29 // generate a different bucket name for each config instance, so that 30 // we are not polluted by previous test state. 31 func randomName() string { 32 buf := make([]byte, 8) 33 _, err := io.ReadFull(rand.Reader, buf) 34 if err != nil { 35 panic(fmt.Sprintf("error from crypto rand: %v", err)) 36 } 37 return fmt.Sprintf("%x", buf) 38 } 39 40 func makeTestConfig(cred *identity.Credentials) map[string]interface{} { 41 // The following attributes hold the environment configuration 42 // for running the OpenStack integration tests. 43 // 44 // This is missing keys for security reasons; set the following 45 // environment variables to make the OpenStack testing work: 46 // access-key: $OS_USERNAME 47 // secret-key: $OS_PASSWORD 48 // 49 attrs := coretesting.FakeConfig().Merge(coretesting.Attrs{ 50 "name": "sample-" + randomName(), 51 "type": "openstack", 52 "auth-mode": "userpass", 53 "control-bucket": "juju-test-" + randomName(), 54 "username": cred.User, 55 "password": cred.Secrets, 56 "region": cred.Region, 57 "auth-url": cred.URL, 58 "tenant-name": cred.TenantName, 59 }) 60 return attrs 61 } 62 63 // Register tests to run against a real Openstack instance. 64 func registerLiveTests(cred *identity.Credentials) { 65 config := makeTestConfig(cred) 66 gc.Suite(&LiveTests{ 67 cred: cred, 68 LiveTests: jujutest.LiveTests{ 69 TestConfig: config, 70 Attempt: *openstack.ShortAttempt, 71 CanOpenState: true, 72 HasProvisioner: true, 73 }, 74 }) 75 } 76 77 // LiveTests contains tests that can be run against OpenStack deployments. 78 // The deployment can be a real live instance or service doubles. 79 // Each test runs using the same connection. 80 type LiveTests struct { 81 coretesting.BaseSuite 82 jujutest.LiveTests 83 cred *identity.Credentials 84 metadataStorage storage.Storage 85 } 86 87 func (t *LiveTests) SetUpSuite(c *gc.C) { 88 t.BaseSuite.SetUpSuite(c) 89 // Update some Config items now that we have services running. 90 // This is setting the simplestreams urls and auth-url because that 91 // information is set during startup of the localLiveSuite 92 cl := client.NewClient(t.cred, identity.AuthUserPass, nil) 93 err := cl.Authenticate() 94 c.Assert(err, jc.ErrorIsNil) 95 containerURL, err := cl.MakeServiceURL("object-store", nil) 96 c.Assert(err, jc.ErrorIsNil) 97 t.TestConfig = t.TestConfig.Merge(coretesting.Attrs{ 98 "agent-metadata-url": containerURL + "/juju-dist-test/tools", 99 "image-metadata-url": containerURL + "/juju-dist-test", 100 "auth-url": t.cred.URL, 101 }) 102 t.LiveTests.SetUpSuite(c) 103 // For testing, we create a storage instance to which is uploaded tools and image metadata. 104 t.PrepareOnce(c) 105 t.metadataStorage = openstack.MetadataStorage(t.Env) 106 // Put some fake tools metadata in place so that tests that are simply 107 // starting instances without any need to check if those instances 108 // are running can find the metadata. 109 envtesting.UploadFakeTools(c, t.metadataStorage, t.Env.Config().AgentStream(), t.Env.Config().AgentStream()) 110 } 111 112 func (t *LiveTests) TearDownSuite(c *gc.C) { 113 if t.Env == nil { 114 // This can happen if SetUpSuite fails. 115 return 116 } 117 if t.metadataStorage != nil { 118 envtesting.RemoveFakeToolsMetadata(c, t.metadataStorage) 119 } 120 t.LiveTests.TearDownSuite(c) 121 t.BaseSuite.TearDownSuite(c) 122 } 123 124 func (t *LiveTests) SetUpTest(c *gc.C) { 125 t.BaseSuite.SetUpTest(c) 126 t.LiveTests.SetUpTest(c) 127 } 128 129 func (t *LiveTests) TearDownTest(c *gc.C) { 130 t.LiveTests.TearDownTest(c) 131 t.BaseSuite.TearDownTest(c) 132 } 133 134 func (t *LiveTests) TestEnsureGroupSetsGroupId(c *gc.C) { 135 t.PrepareOnce(c) 136 rules := []nova.RuleInfo{ 137 { // First group explicitly asks for all services 138 IPProtocol: "tcp", 139 FromPort: 22, 140 ToPort: 22, 141 Cidr: "0.0.0.0/0", 142 }, 143 { // Second group should only allow access from within the group 144 IPProtocol: "tcp", 145 FromPort: 1, 146 ToPort: 65535, 147 }, 148 } 149 groupName := "juju-test-group-" + randomName() 150 // Make sure things are clean before we start, and clean when we are done 151 cleanup := func() { 152 c.Check(openstack.DiscardSecurityGroup(t.Env, groupName), gc.IsNil) 153 } 154 cleanup() 155 defer cleanup() 156 group, err := openstack.EnsureGroup(t.Env, groupName, rules) 157 c.Assert(err, jc.ErrorIsNil) 158 c.Check(group.Rules, gc.HasLen, 2) 159 c.Check(*group.Rules[0].IPProtocol, gc.Equals, "tcp") 160 c.Check(*group.Rules[0].FromPort, gc.Equals, 22) 161 c.Check(*group.Rules[0].ToPort, gc.Equals, 22) 162 c.Check(group.Rules[0].IPRange["cidr"], gc.Equals, "0.0.0.0/0") 163 c.Check(group.Rules[0].Group.Name, gc.Equals, "") 164 c.Check(group.Rules[0].Group.TenantId, gc.Equals, "") 165 c.Check(*group.Rules[1].IPProtocol, gc.Equals, "tcp") 166 c.Check(*group.Rules[1].FromPort, gc.Equals, 1) 167 c.Check(*group.Rules[1].ToPort, gc.Equals, 65535) 168 c.Check(group.Rules[1].IPRange, gc.HasLen, 0) 169 c.Check(group.Rules[1].Group.Name, gc.Equals, groupName) 170 c.Check(group.Rules[1].Group.TenantId, gc.Equals, group.TenantId) 171 } 172 173 func (t *LiveTests) TestSetupGlobalGroupExposesCorrectPorts(c *gc.C) { 174 t.PrepareOnce(c) 175 groupName := "juju-test-group-" + randomName() 176 // Make sure things are clean before we start, and will be clean when we finish 177 cleanup := func() { 178 c.Check(openstack.DiscardSecurityGroup(t.Env, groupName), gc.IsNil) 179 } 180 cleanup() 181 defer cleanup() 182 apiPort := 34567 // Default 17070 183 group, err := openstack.SetUpGlobalGroup(t.Env, groupName, apiPort) 184 c.Assert(err, jc.ErrorIsNil) 185 // We default to exporting 22, apiPort, and icmp/udp/tcp on 186 // all ports to other machines inside the same group 187 // TODO(jam): 2013-09-18 http://pad.lv/1227142 188 // We shouldn't be exposing the API port on all the machines 189 // that *aren't* hosting the state server. 190 stringRules := make([]string, 0, len(group.Rules)) 191 for _, rule := range group.Rules { 192 ruleStr := fmt.Sprintf("%s %d %d %q %q", 193 *rule.IPProtocol, 194 *rule.FromPort, 195 *rule.ToPort, 196 rule.IPRange["cidr"], 197 rule.Group.Name, 198 ) 199 stringRules = append(stringRules, ruleStr) 200 } 201 // We don't care about the ordering, so we sort the result, and compare it. 202 expectedRules := []string{ 203 `tcp 22 22 "0.0.0.0/0" ""`, 204 fmt.Sprintf(`tcp %d %d "0.0.0.0/0" ""`, apiPort, apiPort), 205 fmt.Sprintf(`tcp 1 65535 "" "%s"`, groupName), 206 fmt.Sprintf(`udp 1 65535 "" "%s"`, groupName), 207 fmt.Sprintf(`icmp -1 -1 "" "%s"`, groupName), 208 } 209 sort.Strings(stringRules) 210 sort.Strings(expectedRules) 211 c.Check(stringRules, gc.DeepEquals, expectedRules) 212 } 213 214 func (s *LiveTests) assertStartInstanceDefaultSecurityGroup(c *gc.C, useDefault bool) { 215 attrs := s.TestConfig.Merge(coretesting.Attrs{ 216 "name": "sample-" + randomName(), 217 "control-bucket": "juju-test-" + randomName(), 218 "use-default-secgroup": useDefault, 219 }) 220 cfg, err := config.New(config.NoDefaults, attrs) 221 c.Assert(err, jc.ErrorIsNil) 222 // Set up a test environment. 223 env, err := environs.New(cfg) 224 c.Assert(err, jc.ErrorIsNil) 225 c.Assert(env, gc.NotNil) 226 defer env.Destroy() 227 // Bootstrap and start an instance. 228 err = bootstrap.Bootstrap(envtesting.BootstrapContext(c), env, bootstrap.BootstrapParams{}) 229 c.Assert(err, jc.ErrorIsNil) 230 inst, _ := jujutesting.AssertStartInstance(c, env, "100") 231 // Check whether the instance has the default security group assigned. 232 novaClient := openstack.GetNovaClient(env) 233 groups, err := novaClient.GetServerSecurityGroups(string(inst.Id())) 234 c.Assert(err, jc.ErrorIsNil) 235 defaultGroupFound := false 236 for _, group := range groups { 237 if group.Name == "default" { 238 defaultGroupFound = true 239 break 240 } 241 } 242 c.Assert(defaultGroupFound, gc.Equals, useDefault) 243 } 244 245 func (s *LiveTests) TestStartInstanceWithDefaultSecurityGroup(c *gc.C) { 246 s.assertStartInstanceDefaultSecurityGroup(c, true) 247 } 248 249 func (s *LiveTests) TestStartInstanceWithoutDefaultSecurityGroup(c *gc.C) { 250 s.assertStartInstanceDefaultSecurityGroup(c, false) 251 }