| Kaitlin Farr | 366a51f | 2014-04-21 12:43:54 -0400 | [diff] [blame] | 1 | # Copyright (c) 2014 The Johns Hopkins University/Applied Physics Laboratory |
| 2 | # All Rights Reserved. |
| 3 | # |
| 4 | # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| 5 | # not use this file except in compliance with the License. You may obtain |
| 6 | # a copy of the License at |
| 7 | # |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| 12 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| 13 | # License for the specific language governing permissions and limitations |
| 14 | # under the License. |
| 15 | |
| 16 | from tempest.scenario import manager |
| 17 | from tempest import test |
| 18 | |
| 19 | |
| 20 | class TestEncryptedCinderVolumes(manager.EncryptionScenarioTest): |
| 21 | |
| 22 | """ |
| 23 | This test is for verifying the functionality of encrypted cinder volumes. |
| 24 | |
| 25 | For both LUKS and cryptsetup encryption types, this test performs |
| 26 | the following: |
| 27 | * Creates an image in Glance |
| 28 | * Boots an instance from the image |
| 29 | * Creates an encryption type (as admin) |
| 30 | * Creates a volume of that encryption type (as a regular user) |
| 31 | * Attaches and detaches the encrypted volume to the instance |
| Kaitlin Farr | 366a51f | 2014-04-21 12:43:54 -0400 | [diff] [blame] | 32 | """ |
| 33 | |
| 34 | def launch_instance(self): |
| 35 | self.glance_image_create() |
| 36 | self.nova_boot() |
| 37 | |
| 38 | def create_encrypted_volume(self, encryption_provider): |
| 39 | volume_type = self.create_volume_type(name='luks') |
| 40 | self.create_encryption_type(type_id=volume_type.id, |
| 41 | provider=encryption_provider, |
| 42 | key_size=512, |
| 43 | cipher='aes-xts-plain64', |
| 44 | control_location='front-end') |
| 45 | self.volume = self.create_volume(volume_type=volume_type.name) |
| 46 | |
| 47 | def attach_detach_volume(self): |
| 48 | self.nova_volume_attach() |
| 49 | self.nova_volume_detach() |
| 50 | |
| Kaitlin Farr | 366a51f | 2014-04-21 12:43:54 -0400 | [diff] [blame] | 51 | @test.services('compute', 'volume', 'image') |
| 52 | def test_encrypted_cinder_volumes_luks(self): |
| 53 | self.launch_instance() |
| 54 | self.create_encrypted_volume('nova.volume.encryptors.' |
| 55 | 'luks.LuksEncryptor') |
| 56 | self.attach_detach_volume() |
| Kaitlin Farr | 366a51f | 2014-04-21 12:43:54 -0400 | [diff] [blame] | 57 | |
| 58 | @test.services('compute', 'volume', 'image') |
| 59 | def test_encrypted_cinder_volumes_cryptsetup(self): |
| 60 | self.launch_instance() |
| 61 | self.create_encrypted_volume('nova.volume.encryptors.' |
| 62 | 'cryptsetup.CryptsetupEncryptor') |
| Matthew Treinish | b7144eb | 2013-12-13 22:57:35 +0000 | [diff] [blame] | 63 | self.attach_detach_volume() |