nodepool-builder: put container configs in /etc

Currently we deploy the openstacksdk config into ~nodepool/.config on
the container, and then map this directory back to /etc/openstack in
the docker-compose.  The config-file still hard-codes the
limestone.pem file to ~nodepool/.config.

Switch the nodepool-builder_opendev group to install to
/etc/openstack, and update the nodepool config file template to use
the configured directory for the .pem path.

Also update the testing paths.

Story: #2007407
Task: #39015
Change-Id: I9ca77927046e2b2e3cee9a642d0bc566e3871515
This commit is contained in:
Ian Wienand 2020-03-16 10:01:14 +11:00
parent b1576b6020
commit b967495dc3
4 changed files with 14 additions and 11 deletions

View File

@ -1,4 +1,4 @@
openstacksdk_config_dir: /home/nodepool/.config/openstack
openstacksdk_config_owner: nodepool
openstacksdk_config_group: nodepool
openstacksdk_config_dir: /etc/openstack
openstacksdk_config_owner: root
openstacksdk_config_group: root
openstacksdk_config_template: clouds/nodepool_clouds.yaml.j2

View File

@ -12,12 +12,10 @@ services:
- DEBUG=1
volumes:
# NOTE(ianw): for non-containerised builds the base roles
# (configure-openstacksdk) have always deployed the cloud config
# in ~nodepool/.config.
- /home/nodepool/.config/openstack:/etc/openstack:ro
# nodepool config
- /etc/nodepool:/etc/nodepool:ro
# openstacksdk config
- /etc/openstack:/etc/openstack:ro
# project-config
- /opt/project-config:/opt/project-config:ro
# dib temporary storage; see config in project-config
@ -25,4 +23,4 @@ services:
# dib image output; see config in project-config
- /opt/nodepool_dib:/opt/nodepool_dib:rw
# logs (builder + dib build logs under /build)
- /var/log/nodepool:/var/log/nodepool:rw
- /var/log/nodepool:/var/log/nodepool:rw

View File

@ -3,7 +3,7 @@
#
# This file is deployed to nodepool builder hosts as
#
# ~nodepool/.config/openstack/config/clouds.yaml
# {{ openstacksdk_config_dir }}/clouds.yaml
#
# and is used there to authenticate nodepool operations to clouds.
# The naming should correspond that used in nodepool configuration
@ -155,7 +155,7 @@ clouds:
api_timeout: 60
identity_api_version: 3
floating_ip_source: None
cacert: /home/nodepool/.config/openstack/limestone_cacert.pem
cacert: '{{ openstacksdk_config_dir }}/limestone_cacert.pem'
packethost:
regions:
- name: us-west-1

View File

@ -19,7 +19,12 @@ testinfra_hosts = ['nl01.openstack.org', 'nb01.openstack.org',
def test_clouds_yaml(host):
clouds_yaml = host.file('/home/nodepool/.config/openstack/clouds.yaml')
if host.backend.get_hostname().endswith('openstack.org'):
cfg_file = '/home/nodepool/.config/openstack/clouds.yaml'
else:
cfg_file = '/etc/openstack/clouds.yaml'
clouds_yaml = host.file(cfg_file)
assert clouds_yaml.exists
assert b'password' in clouds_yaml.content