Merge pull request #4987 from cliping/tls-dest

migration: Add cases about live migration with copy storage
autotest · Jul 5, 2023 · 4295dec · 4295dec
2 parents 72c045f + 101b74f
commit 4295dec
Show file tree

Hide file tree

Showing 4 changed files with 224 additions and 0 deletions.
diff --git a/libvirt/tests/cfg/migration_with_copy_storage/network_data_transport/tls_destination.cfg b/libvirt/tests/cfg/migration_with_copy_storage/network_data_transport/tls_destination.cfg
@@ -0,0 +1,56 @@
+- migration_with_copy_storage.network_data_transport.tls.tls_destination:
+    type = tls
+    migration_setup = 'yes'
+    # Console output can only be monitored via virsh console output
+    only_pty = True
+    take_regular_screendumps = no
+    # Extra options to pass after <domain> <desturi>
+    virsh_migrate_extra = ''
+    # SSH connection time out
+    ssh_timeout = 60
+    # Local URI
+    virsh_migrate_connect_uri = 'qemu:///system'
+    virsh_migrate_dest_state = "running"
+    virsh_migrate_src_state = "shut off"
+    image_convert = 'no'
+    server_ip = "${migrate_dest_host}"
+    server_user = "root"
+    server_pwd = "${migrate_dest_pwd}"
+    client_ip = "${migrate_source_host}"
+    client_user = "root"
+    client_pwd = "${migrate_source_pwd}"
+    status_error = "yes"
+    check_network_accessibility_after_mig = "yes"
+    migrate_desturi_port = "16509"
+    migrate_desturi_type = "tcp"
+    virsh_migrate_desturi = "qemu+tcp://${migrate_dest_host}/system"
+    transport_type = "tls"
+    setup_nfs = "no"
+    nfs_mount_dir =
+    custom_pki_path = "/etc/pki/qemu"
+    qemu_tls = "yes"
+    server_cn = "copy-storage-test.com.cn"
+    client_cn = "ENTER.YOUR.EXAMPLE.CLIENT_CN"
+    err_msg = "Certificate does not match the hostname"
+    status_error = "yes"
+    migrate_again = "yes"
+    test_case = "tls_destination"
+    virsh_migrate_extra = "--tls"
+
+    variants:
+        - p2p:
+            virsh_migrate_options = '--live --p2p --verbose'
+        - non_p2p:
+            virsh_migrate_options = '--live --verbose'
+    variants:
+        - copy_storage_all:
+            copy_storage_option = "--copy-storage-all"
+        - copy_storage_inc:
+            copy_storage_option = "--copy-storage-inc"
+    variants:
+        - correct_value:
+            virsh_migrate_extra_mig_again = "--tls --tls-destination ${server_cn}"
+        - wrong_value:
+            migrate_again_status_error = "yes"
+            virsh_migrate_extra_mig_again = "--tls --tls-destination fake${server_cn}"
+            err_msg_again = "Certificate does not match the hostname"
diff --git a/.../cfg/migration_with_copy_storage/network_data_transport/tls_wrong_cert_configurations.cfg b/.../cfg/migration_with_copy_storage/network_data_transport/tls_wrong_cert_configurations.cfg
@@ -0,0 +1,54 @@
+- migration_with_copy_storage.network_data_transport.tls.wrong_cert_configurations:
+    type = tls
+    migration_setup = 'yes'
+    # Console output can only be monitored via virsh console output
+    only_pty = True
+    take_regular_screendumps = no
+    # Extra options to pass after <domain> <desturi>
+    virsh_migrate_extra = ''
+    # SSH connection time out
+    ssh_timeout = 60
+    # Local URI
+    virsh_migrate_connect_uri = 'qemu:///system'
+    image_convert = 'no'
+    server_ip = "${migrate_dest_host}"
+    server_user = "root"
+    server_pwd = "${migrate_dest_pwd}"
+    client_ip = "${migrate_source_host}"
+    client_user = "root"
+    client_pwd = "${migrate_source_pwd}"
+    migrate_desturi_port = "16509"
+    migrate_desturi_type = "tcp"
+    virsh_migrate_desturi = "qemu+tcp://${migrate_dest_host}/system"
+    transport_type = "tls"
+    setup_nfs = "no"
+    nfs_mount_dir =
+    custom_pki_path = "/etc/pki/qemu"
+    qemu_tls = "yes"
+    server_cn = "ENTER.YOUR.EXAMPLE.SERVER_CN"
+    client_cn = "ENTER.YOUR.EXAMPLE.CLIENT_CN"
+    err_msg = "Certificate does not match the hostname"
+    status_error = "yes"
+    test_case = "wrong_cert_configuration"
+    virsh_migrate_extra = "--tls"
+
+    variants:
+        - p2p:
+            virsh_migrate_options = '--live --p2p --verbose'
+        - non_p2p:
+            virsh_migrate_options = '--live --verbose'
+    variants:
+        - copy_storage_all:
+            copy_storage_option = "--copy-storage-all"
+        - copy_storage_inc:
+            copy_storage_option = "--copy-storage-inc"
+    variants cert_configuration:
+        - no_client_cert_on_src:
+            cert_path = "${custom_pki_path}/client-cert.pem"
+            err_msg = "Cannot read from TLS channel: Software caused connection abort"
+        - no_server_cert_on_target:
+            cert_path = "${custom_pki_path}/server-cert.pem"
+            err_msg = "unable to execute QEMU command 'object-add': Unable to access credentials ${cert_path}: No such file or directory"
+        - wrong_cn_in_cert:
+            server_cn = "test.com.cn"
+            err_msg = "Certificate does not match the hostname"
diff --git a/libvirt/tests/src/migration_with_copy_storage/network_data_transport/tls.py b/libvirt/tests/src/migration_with_copy_storage/network_data_transport/tls.py
@@ -0,0 +1,58 @@
+from avocado.utils import process
+
+from virttest import remote
+
+from provider.migration import base_steps
+
+
+def run(test, params, env):
+    """
+    Test live migration with copy storage - network data transport - TLS.
+
+    :param test: test object
+    :param params: Dictionary with the test parameters
+    :param env: Dictionary with test environment.
+    """
+    def setup_wrong_cert_configuration():
+        """
+        Setup for wrong cert configuration
+
+        """
+        cert_configuration = params.get("cert_configuration", '')
+        custom_pki_path = params.get("custom_pki_path")
+        cert_path = params.get("cert_path")
+
+        test.log.info("Setup for wrong cert configuration.")
+        migration_obj.setup_connection()
+        cmd = "rm -f %s" % cert_path
+        if cert_configuration == "no_client_cert_on_src":
+            process.run(cmd, shell=True)
+        elif cert_configuration == "no_server_cert_on_target":
+            remote.run_remote_cmd(cmd, params, ignore_status=False)
+
+    def cleanup_test():
+        """
+        Cleanup steps
+
+        """
+        migration_obj.cleanup_connection()
+        base_steps.cleanup_disks_remote(params, vm)
+
+    test_case = params.get('test_case', '')
+    migrate_again = "yes" == params.get("migrate_again", "no")
+    vm_name = params.get("migrate_main_vm")
+
+    vm = env.get_vm(vm_name)
+    migration_obj = base_steps.MigrationBase(test, vm, params)
+    setup_test = eval("setup_%s" % test_case) if "setup_%s" % test_case in \
+        locals() else migration_obj.setup_connection
+
+    try:
+        setup_test()
+        base_steps.prepare_disks_remote(params, vm)
+        migration_obj.run_migration()
+        if migrate_again:
+            migration_obj.run_migration_again()
+        migration_obj.verify_default()
+    finally:
+        cleanup_test()
diff --git a/provider/migration/base_steps.py b/provider/migration/base_steps.py
@@ -1,6 +1,8 @@
 import os
 import time
 
+from six import itervalues
+
 from virttest import migration
 from virttest import libvirt_remote
 from virttest import libvirt_vm
@@ -9,7 +11,9 @@
 from virttest import utils_conn
 from virttest import utils_libvirtd
 from virttest import utils_iptables
+from virttest import utils_misc
 
+from virttest.utils_libvirt import libvirt_disk
 from virttest.utils_test import libvirt
 from virttest.libvirt_xml import vm_xml
 
@@ -92,9 +96,12 @@ def run_migration(self):
         do_migration_during_mig = "yes" == self.params.get("do_migration_during_mig", "no")
         initiating_bandwidth = self.params.get("initiating_bandwidth")
         second_bandwidth = self.params.get("second_bandwidth")
+        copy_storage_option = self.params.get("copy_storage_option")
 
         if postcopy_options:
             extra = "%s %s" % (extra, postcopy_options)
+        if copy_storage_option:
+            extra = "%s %s" % (extra, copy_storage_option)
 
         if check_vm_conn_before_migration:
             # Check local guest network connection before migration
@@ -169,8 +176,12 @@ def run_migration_again(self):
         extra_args = self.migration_test.update_virsh_migrate_extra_args(self.params)
         postcopy_resume_migration = "yes" == self.params.get("postcopy_resume_migration", "no")
         postcopy_options = self.params.get("postcopy_options")
+        copy_storage_option = self.params.get("copy_storage_option")
+
         if postcopy_options:
             extra = "%s %s" % (extra, postcopy_options)
+        if copy_storage_option:
+            extra = "%s %s" % (extra, copy_storage_option)
 
         if not postcopy_resume_migration:
             if not self.vm.is_alive():
@@ -185,6 +196,8 @@ def run_migration_again(self):
             extra_args['err_msg'] = err_msg_again
         if self.params.get("virsh_migrate_extra_mig_again"):
             extra = self.params.get("virsh_migrate_extra_mig_again")
+            if copy_storage_option:
+                extra = "%s %s" % (extra, copy_storage_option)
 
         mode = 'both' if postcopy_options else 'precopy'
         if migrate_speed_again:
@@ -403,3 +416,46 @@ def recreate_conn_objs(params):
     migration_base.cleanup_conn_obj(migration_obj.conn_list, migration_obj.test)
     migration_obj.conn_list.append(migration_base.setup_conn_obj(transport_type, params, migration_obj.test))
     time.sleep(3)
+
+
+def prepare_disks_remote(params, vm):
+    """
+    Prepare disks on target host
+
+    :param params: dict, get server ip, server user and server password
+    :param vm: vm object
+    """
+    server_ip = params.get("server_ip")
+    server_user = params.get("server_user")
+    server_pwd = params.get("server_pwd")
+
+    remote_session = remote.remote_login("ssh", server_ip, "22",
+                                         server_user, server_pwd,
+                                         r'[$#%]')
+
+    all_vm_disks = vm.get_blk_devices()
+    for disk in list(itervalues(all_vm_disks)):
+        disk_type = disk.get("type")
+        disk_path = disk.get("source")
+        image_info = utils_misc.get_image_info(disk_path)
+        disk_size = image_info.get("vsize")
+        disk_format = image_info.get("format")
+        utils_misc.make_dirs(os.path.dirname(disk_path), remote_session)
+        libvirt_disk.create_disk(disk_type, path=disk_path,
+                                 size=disk_size, disk_format=disk_format,
+                                 session=remote_session)
+    remote_session.close()
+
+
+def cleanup_disks_remote(params, vm):
+    """
+    Cleanup disks on target host
+
+    :param params: Dictionary with the test parameters
+    :param vm: vm object
+    """
+    all_vm_disks = vm.get_blk_devices()
+    for disk in list(itervalues(all_vm_disks)):
+        disk_path = disk.get("source")
+        cmd = "rm -f %s" % disk_path
+        remote.run_remote_cmd(cmd, params, ignore_status=False)