Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1564866

Summary: Configure tempest for Octavia tests
Product: Red Hat OpenStack Reporter: Nir Magnezi <nmagnezi>
Component: python-tempestconfAssignee: Nir Magnezi <nmagnezi>
Status: CLOSED ERRATA QA Contact: Martin Kopec <mkopec>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 14.0 (Rocky)CC: amuller, astafeye, nmanos, udesale, whayutin
Target Milestone: Upstream M3Keywords: Triaged
Target Release: 14.0 (Rocky)   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: python-tempestconf-2.0.0-0.20180821043805.d7db90e.el7ost Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1599753 (view as bug list) Environment:
Last Closed: 2019-01-11 11:49:20 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1622011    
Bug Blocks: 1488126, 1599753    

Description Nir Magnezi 2018-04-08 11:33:05 UTC 
Description of problem:
=======================
As part a part of Octavia API RBAC enforcement[1], in order to interact with Octavia API a user/project must be assigned with one of the roles mentioned here[2]. As a result, in devstack we both create demo/demo and assign [3] it with a load-balancer_member role.

In order to successfully run, tempest against Octavia python-tempestconf should assign the load-balancer_member role when it creates[4].

Otherwise (what currently happens), test_basic_ops fails to run

[1] https://review.openstack.org/#/c/472872/

[2] https://github.com/openstack/octavia/blob/02c7a1d496e6c473876e11bfd12ed14394c0e41c/devstack/plugin.sh#L507-L511

[3] https://github.com/openstack/octavia/blob/02c7a1d496e6c473876e11bfd12ed14394c0e41c/devstack/plugin.sh#L512

[4] https://github.com/openstack/python-tempestconf/blob/6a10dbb153e39e62c0ca748c46aedd28ff47861e/config_tempest/main.py#L336

[5] https://github.com/openstack/octavia-tempest-plugin/blob/master/octavia_tempest_plugin/tests/v2/scenario/test_basic_ops.py
Comment 1 Chandan Kumar 2018-04-09 06:53:17 UTC 
Hello,

Arie added the same in Infrared in https://review.gerrithub.io/#/c/406734/

Thanks,

Chandan Kumar
Comment 2 Nir Magnezi 2018-04-09 10:54:32 UTC 
(In reply to Chandan Kumar from comment #1)
> Hello,
> 
> Arie added the same in Infrared in https://review.gerrithub.io/#/c/406734/
> 
> Thanks,
> 
> Chandan Kumar

We need the fix in python-tempestconf since Infrared is not a component that we ship as a part of OSP.
Comment 7 Chandan Kumar 2018-04-27 14:41:05 UTC 
Moving to RHOS-14, As it linked with refactoring python-tempestconf
Comment 8 Chandan Kumar 2018-06-04 16:12:28 UTC 
*** Bug 1562085 has been marked as a duplicate of this bug. ***
Comment 9 Nir Magnezi 2018-06-11 09:41:57 UTC 
Instead of creating and assigning custom roles, I submitted a patch[1] that configures tempest.conf to work with Octavia with legacy RBAC.
The above matches the way we configure Octavia, using policy.json[2]

[1] https://review.openstack.org/#/c/571177/
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1577635
Comment 10 Martin Kopec 2018-06-27 07:54:43 UTC 
The review has been merged to master.
Comment 16 Martin Kopec 2018-09-05 06:24:34 UTC 
python-tempestconf-2.0.0-0.20180821043805.d7db90e.el7ost package has been released and it contains a feature which discovers octavia service and sets its configuration. The following values are set under load_balancer section in tempest.conf:

enable_security_groups
member_role
admin_role
RBAC_test_type

The package is available in the latest puddle (2018-09-05.1).
Comment 18 errata-xmlrpc 2019-01-11 11:49:20 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2019:0045