Add new method in the Instance class, which uses paramiko
invoke_shell instead of exec_command, so sudo commands can
run despite requiretty being set in our sudo config
Ref #246
Change-Id: I3be691167d4c757b68e589261d6f3a1263d77e69 Signed-off-by: Steven Hardy <shardy@redhat.com>
Steven Hardy [Wed, 19 Sep 2012 10:48:29 +0000 (11:48 +0100)]
heat : ensure DB user creds aren't written decrypted
Return the decrypted user_creds record as a dict copy
and do not decrypt the credentials direct into the
sqlalchemy model object, or we can inadvertently
end up committing decrypted credentials to the DB
Ref #218
Change-Id: I0df9afcb271804557c94cdf0c913f7a26affdc83 Signed-off-by: Steven Hardy <shardy@redhat.com>
Steven Dake [Sun, 16 Sep 2012 19:40:02 +0000 (12:40 -0700)]
Remove unnecesssary nova constructor calls in each manager API call path
auth.authenticate() creates a nova client object. This nova client
object is never reused introducing a 40msec penalty for each API call.
The heat-api-cfn module authenticates incoming requests. In a
properly secured environment (one where RPC is secured), the
auth.authenticate() calls serve no purpose.
Change-Id: I847af259f521a32a7bf3fda0ce3f72735f762a0c Signed-off-by: Steven Dake <sdake@redhat.com>
Steven Hardy [Mon, 17 Sep 2012 15:56:36 +0000 (16:56 +0100)]
heat templates : add LinuxDistribution parameter to HAProxy
Add LinuxDistribution section and mappings to HAProxy template,
to align with other templates and for compatibility with functional
test infrastructure
Change-Id: Ib86ac4f587aebf712df1c9ad09cebc44f853e114 Signed-off-by: Steven Hardy <shardy@redhat.com>
Steven Hardy [Mon, 17 Sep 2012 09:59:56 +0000 (10:59 +0100)]
heat : Show user parameter values in heat describe
Return an agregate set of stack parameters via heat describe
and underlying engine show_stack call, so we see the template
parameters, and any user-overridden values (ie don't just show
the template defaults, which is not really very useful)
Fixes #238
Change-Id: Ia2cc3271f0dcf8c986e968bc21775d31ecbe6228 Signed-off-by: Steven Hardy <shardy@redhat.com>
Steven Dake [Mon, 17 Sep 2012 00:00:56 +0000 (17:00 -0700)]
Use openstack.common.timeutils.isotime()
Remove heat_utils.strftime() and replace callers with
openstack.common.timeutils.isotime(). They do similar activites, and
since its carried in common, makes more sense to use that version.
Change-Id: Icd919fb218a5f97be103eda7814a5fb56e1b0a02 Signed-off-by: Steven Dake <sdake@redhat.com>
Jeff Peeler [Sat, 15 Sep 2012 01:52:15 +0000 (21:52 -0400)]
Change rpc cleanup to occur before killing engine thread
This bug only manifested itself after a heat request was made to the
engine. Once a request was made a Qpid connection handler continued
to wait in a select call, presumably for a subsequent request. Closing
the connection immediately after detecting a keyboard interrupt and then
terminating the thread yields a clean shutdown with no traceback.
Closes #176
Change-Id: Ifdb82d33a6c52a004bbd6b08c564264f4140e800 Signed-off-by: Jeff Peeler <jpeeler@redhat.com>
Steven Hardy [Fri, 14 Sep 2012 10:59:58 +0000 (11:59 +0100)]
heat tests : bugfix utils cleanup function
end state for stacks is DELETE_COMPLETE, but then they
are deleted, hence we need to test for either DELETE_COMPLETE
or a null result to avoid false failures
Change-Id: I7e35c5a734d1005fa38d587353cbca5b911ec77b Signed-off-by: Steven Hardy <shardy@redhat.com>
Ensure that whenever a stack is created, we delete it after the test by
putting the cleanup() call into the tearDown() method. For this to work,
we must also move the actual creation into the test itself, since an
exception during setUp() will mean that tearDown is not called.
Steven Dake [Thu, 13 Sep 2012 05:43:30 +0000 (22:43 -0700)]
creating instances failed as a result of regression in last commit
The previous commit to the tree organizes resource names by
stack.resource. Most of the openstack APIs take resource ids
but the instance create operation requires text identifiers.
Rewrite the text identifiers for the nova security groups before
starting an instance.
Change-Id: I8a842868781ecb353f66b5a4e3d022766a4c8a0e Signed-off-by: Steven Dake <sdake@redhat.com>
Steven Dake [Wed, 12 Sep 2012 22:12:50 +0000 (15:12 -0700)]
Make physical resource names unique based upon stack name
Some templates use the same resource name when registering with
nova. Nova will not allow mulitple resource names to register
with the same name in all cases, and in those it does, it often
becomes confused (in the case of EIP). This patch creates a
dot notation
For the LB test, an example of the resources would be:
teststack.LoadBalancer.LB_instance
teststack.DatabaseServer.MySqlDatabaseServer
teststack.WikiServerOne
Fixes Issue #160
Fixes Issue #136
Thanks to asalkeld@redhat.com for helping sort out the unit
test cases.
Change-Id: I14f4551feb41c7f98caa30dd98f997da6d00c467 Signed-off-by: Steven Dake <sdake@redhat.com>
Jeff Peeler [Wed, 12 Sep 2012 20:25:25 +0000 (16:25 -0400)]
Change Stack to support user defined parameter
This change allows tests to specify DBUsername/DBPassword if necessary.
The keyname is still looked up in nova and the distribution is retrieved
from the already existing Stack parameter.
Change-Id: I3732ffb685d68c8a72a83247f74ed11a50a74cd1 Signed-off-by: Jeff Peeler <jpeeler@redhat.com>
Steven Hardy [Tue, 11 Sep 2012 18:23:27 +0000 (19:23 +0100)]
heat : test utils, extract ec2 credentials from keystone
For StackBoto extract the ec2 credentials from keystone and
pass them into the client, so the functional tests don't rely
on ec2 credentials from config-files and only need the currently
provided keystone credentials
Change-Id: Ifc959011cc5b9ee77ebf04e380dc6a4059903c6d Signed-off-by: Steven Hardy <shardy@redhat.com>
Steven Hardy [Tue, 11 Sep 2012 18:03:41 +0000 (19:03 +0100)]
heat : comment credentials in template boto.cfg
Comment out the credentials section in /etc/boto.cfg
this allows us to pass the correct host/endpoint without
having world-readable credentials. This can then be used
as a template for per-user ~/.boto files if desired
Change-Id: I4cea0cb3b790186ddc041edad0ab4ee4b7e8f956 Signed-off-by: Steven Hardy <shardy@redhat.com>
Steve Baker [Tue, 11 Sep 2012 02:58:34 +0000 (14:58 +1200)]
Implement the AWS::S3::Bucket resource type.
An attempt was made to make created bucket names readable and unique.
Names are of the format heat-<resource name>-<random hex>. eg:
heat-S3Bucket-b420d12d02e5d6e46f13
Only the swift v2 auth is currently supported, which means swift will need to
use keystone for auth. This may be a valid assumption for any environment that
is running Heat.
When DeletionPolicy is Delete then an attempt is made to delete the container,
but the stack will still be deleted if container delete fails.
Run the template S3_Single_Instance.template to give it a try.
Functional tests will be coming in a later change.
Update documentation on configuring metadata server
The docs need to reflect the fact that the metadata server cannot be
configured and launched until after Nova has created the virtual bridge
interface.
Add retry logic in order to make creating flavors more
robust. Nova rate-limiting frequently causes actions to fail
so wrap all requests in retry/sleep logic and check we can
connect to nova before attempting to change anything
Ref #225
Change-Id: I1b1014df04602935f561c08ba29287061224b5f3 Signed-off-by: Steven Hardy <shardy@redhat.com>
Code Review / openstack-build / heat-build.git / log