Rally

  1. Bug #1441379
  2. Comment #0

Comment 0 for bug 1441379

Revision history for this message
apal (yun-song) wrote : rally deployment create failed on schema validation, if using domain scoped token deployment

For keystone v3 testing, most test should based on domain scoped token but not project scoped token. And either domain_name/domain_id is required for keystone v3 domain scoped token. Rally need to pick up either domain_id or domain_name in its v3 config, in order to work with keystone v3:
Failed validating 'anyOf' in schema:
    {'anyOf': [{'properties': {'admin': {'$ref': '#/definitions/user'}},
                'required': ['type', 'auth_url', 'admin']},
               {'required': ['type', 'auth_url', 'users'],
                'users': {'items': {'$ref': '#/definitions/user'},
                          'type': 'array'}}],
     'definitions': {'user': {'oneOf': [{'properties': {'tenant_name': {'type': 'string'}},
                                         'required': ['username',
                                                      'password',
                                                      'tenant_name']},
                                        {'properties': {'project_domain_name': {'type': 'string'},
                                                        'project_name': {'type': 'string'},
                                                        'user_domain_name': {'type': 'string'}},
                                         'required': ['username',
                                                      'password',
                                                      'project_name']}],
                              'properties': {'password': {'type': 'string'},
                                             'username': {'type': 'string'}},
                              'type': 'object'}},
     'properties': {'auth_url': {'type': 'string'},
                    'endpoint_type': {'enum': ['admin',
                                               'internal',
                                               'public'],
                                      'type': 'string'},
                    'region_name': {'type': 'string'},
                    'type': {'type': 'string'}},
     'type': 'object'}

Here's a test:
Project scoped token deployment looks fine, but domain scoped token deployment failed. Check the following test:

1. Project scoped token deploy:
$ cat m.json
{
    "admin": {
        "project_name": "admin",
        "password": "admin",
        "project_domain_name": "Default",
        "user_domain_name": "Default",
        "username": "admin"
    },
    "auth_url": "https://localhost:5000/v3/",
    "endpoint_type": "public",
    "https_cacert": "/usr/local/share/ca-certificates/ephemeralca-cacert.crt",
    "https_insecure": False,
    "region_name": "regionOne",
    "type": "ExistingCloud",
}

$ rally deployment create --filename=m.json --name=apaltestHAKVMv3
+--------------------------------------+----------------------------+-----------------+------------------+--------+
| uuid | created_at | name | status | active |
 +--------------------------------------+----------------------------+-----------------+------------------+--------+
| 01ca22c6-9ad0-422b-ae77-7e9d863234b0 | 2015-04-07 22:33:55.921296 | apaltestHAKVMv3 | deploy->finished | |
 +--------------------------------------+----------------------------+-----------------+------------------+--------+
Using deployment: 01ca22c6-9ad0-422b-ae77-7e9d863234b0
~/.rally/openrc was updated

HINTS:
* To get your cloud resources, run:
        rally show [flavors|images|keypairs|networks|secgroups]

* To use standard OpenStack clients, set up your env by running:
        source ~/.rally/openrc
  OpenStack clients are now configured, e.g run:
        glance image-list

$ rally deployment check
keystone endpoints are valid and following services are available:
+------------+---------------+-----------+
| services | type | status |
 +------------+---------------+-----------+
| ceilometer | metering | Available |
| cinder | volume | Available |
| cinderv2 | volumev2 | Available |
| ec2 | ec2 | Available |
| glance | image | Available |
| heat | orchestration | Available |
| keystone | identity | Available |
| neutron | network | Available |
| nova | compute | Available |
| sherpa | hp-catalog | Available |
| swift | object-store | Available |
 +------------+---------------+-----------+

2. Project scoped token deploy failed: - I just updated one line in this config -> from ""project_name": "admin"," to ""domain_name": "Default",":

$ cat u.json
{
    "admin": {
        "domain_name": "Default",
        "password": "admin",
        "project_domain_name": "Default",
        "user_domain_name": "Default",
        "username": "admin"
    },
    "auth_url": "https://localhost:5000/v3/",
    "endpoint_type": "public",
    "https_cacert": "/usr/local/share/ca-certificates/ephemeralca-cacert.crt",
    "https_insecure": False,
    "region_name": "regionOne",
    "type": "ExistingCloud",
}

$ rally deployment create --filename=u.json --name=apaltestHAKVMv3
2015-04-07 22:36:18.996 20739 ERROR rally.api [-] Deployment 44f819e6-deb9-4109-a52b-f751825e7f9c: Schema validation error.
Config schema validation error: {'endpoint_type': 'public', 'auth_url': 'https://localhost:5000/v3/', 'region_name': 'regionOne', 'https_insecure': False, 'admin': {'username': 'admin', 'user_domain_name': 'Default', 'password': 'admin', 'domain_name': 'Default', 'project_domain_name': 'Default'}, 'https_cacert': '/usr/local/share/ca-certificates/ephemeralca-cacert.crt', 'type': 'ExistingCloud'} is not valid under any of the given schemas

Failed validating 'anyOf' in schema:
    {'anyOf': [{'properties': {'admin': {'$ref': '#/definitions/user'}},
                'required': ['type', 'auth_url', 'admin']},
               {'required': ['type', 'auth_url', 'users'],
                'users': {'items': {'$ref': '#/definitions/user'},
                          'type': 'array'}}],
     'definitions': {'user': {'oneOf': [{'properties': {'tenant_name': {'type': 'string'}},
                                         'required': ['username',
                                                      'password',
                                                      'tenant_name']},
                                        {'properties': {'project_domain_name': {'type': 'string'},
                                                        'project_name': {'type': 'string'},
                                                        'user_domain_name': {'type': 'string'}},
                                         'required': ['username',
                                                      'password',
                                                      'project_name']}],
                              'properties': {'password': {'type': 'string'},
                                             'username': {'type': 'string'}},
                              'type': 'object'}},
     'properties': {'auth_url': {'type': 'string'},
                    'endpoint_type': {'enum': ['admin',
                                               'internal',
                                               'public'],
                                      'type': 'string'},
                    'region_name': {'type': 'string'},
                    'type': {'type': 'string'}},
     'type': 'object'}

On instance:
    {'admin': {'domain_name': 'Default',
               'password': 'admin',
               'project_domain_name': 'Default',
               'user_domain_name': 'Default',
               'username': 'admin'},
     'auth_url': 'https://localhost:5000/v3/',
     'endpoint_type': 'public',
     'https_cacert': '/usr/local/share/ca-certificates/ephemeralca-cacert.crt',
     'https_insecure': False,
     'region_name': 'regionOne',
     'type': 'ExistingCloud'}.