blob: 9686bef71b3b5bf21c6ad1ca1ce59ebde908709a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
==========================
Bucket Notification Tests
==========================
You will need to use the sample configuration file named ``bntests.conf.SAMPLE``
that has been provided at ``/path/to/ceph/src/test/rgw/bucket_notification/``. You can also copy this file to the directory where you are
running the tests and modify it if needed. This file can be used to run the bucket notification tests on a Ceph cluster started
with vstart.
For the tests covering Kafka and RabbitMQ security, the RGW will need to accept use/password without TLS connection between the client and the RGW.
So, the cluster will have to be started with the following ``rgw_allow_notification_secrets_in_cleartext`` parameter set to ``true``.
For example::
MON=1 OSD=1 MDS=0 MGR=1 RGW=1 ../src/vstart.sh -n -d -o "rgw_allow_notification_secrets_in_cleartext=true"
===========
Kafka Tests
===========
You also need to install Kafka which can be downloaded from: https://kafka.apache.org/downloads
To test Kafka security, you should first run the ``kafka-security.sh`` script inside the Kafka directory.
Then edit the Kafka server properties file (``/path/to/kafka/config/server.properties``)
to have the following lines::
listeners=PLAINTEXT://localhost:9092,SSL://localhost:9093,SASL_SSL://localhost:9094
ssl.keystore.location=/home/ylifshit/kafka-3.3.1-src/server.keystore.jks
ssl.keystore.password=mypassword
ssl.key.password=mypassword
ssl.truststore.location=/home/ylifshit/kafka-3.3.1-src/server.truststore.jks
ssl.truststore.password=mypassword
sasl.enabled.mechanisms=PLAIN
listener.name.sasl_ssl.plain.sasl.jaas.config=org.apache.kafka.common.security.plain.PlainLoginModule required \
username="alice" \
password="alice-secret" \
user_alice="alice-secret";
After following the above steps, start the Zookeeper and Kafka services.
For starting Zookeeper service run::
bin/zookeeper-server-start.sh config/zookeeper.properties
and then start the Kafka service::
bin/kafka-server-start.sh config/server.properties
If you want to run Zookeeper and Kafka services in the background add ``-daemon`` at the end of the command like::
bin/zookeeper-server-start.sh -daemon config/zookeeper.properties
and::
bin/kafka-server-start.sh -daemon config/server.properties
After running vstart, Zookeeper, and Kafka services you're ready to run the Kafka tests::
BNTESTS_CONF=bntests.conf python -m nose -s /path/to/ceph/src/test/rgw/bucket_notification/test_bn.py -v -a 'kafka_test'
To run the Kafka security test, you also need to provide the test with the location of the Kafka directory::
KAFKA_DIR=/path/to/kafkaBNTESTS_CONF=bntests.conf python -m nose -s /path/to/ceph/src/test/rgw/bucket_notification/test_bn.py -v -a 'kafka_ssl_test'
==============
RabbitMQ Tests
==============
You need to install RabbitMQ in the following way::
sudo dnf install rabbitmq-server
Then you need to run the following command::
sudo chkconfig rabbitmq-server on
Finally, to start the RabbitMQ server you need to run the following command::
sudo /sbin/service rabbitmq-server start
To confirm that the RabbitMQ server is running you can run the following command to check the status of the server::
sudo /sbin/service rabbitmq-server status
After running vstart and RabbitMQ server you're ready to run the AMQP tests::
BNTESTS_CONF=bntests.conf python -m nose -s /path/to/ceph/src/test/rgw/bucket_notification/test_bn.py -v -a 'amqp_test'
After running the tests you need to stop the vstart cluster (``/path/to/ceph/src/stop.sh``) and the RabbitMQ server by running the following command::
sudo /sbin/service rabbitmq-server stop
To run the RabbitMQ SSL security tests use the following::
BNTESTS_CONF=bntests.conf python -m nose -s /path/to/ceph/src/test/rgw/bucket_notification/test_bn.py -v -a 'amqp_ssl_test'
During these tests, the test script will restart the RabbitMQ server with the correct security configuration (``sudo`` privileges will be needed).
|