General template cleanup

* Add more template tests
* Parameterize more attributes
* Use default values instead of blank values (blanks cause issues)
* Several template bugfixes ported from production usage

Change-Id: I7165ca3f2a4e3359b1e8a673c1f53e1938625cbf
This commit is contained in:
Alan Meadows 2013-07-28 08:54:41 -07:00
parent 2b6ecb00e8
commit db5437c8cd
10 changed files with 250 additions and 76 deletions

View File

@ -54,6 +54,12 @@ default["openstack"]["network"]["service_tenant_name"] = "service"
default["openstack"]["network"]["service_user"] = "quantum"
default["openstack"]["network"]["service_role"] = "admin"
# The default agent reporting interval
default["openstack"]["network"]["api"]["agent"]["agent_report_interval"] = 4
# The agent signing directory for api server
default["openstack"]["network"]["api"]["agent"]["signing_dir"] = "/var/lib/quantum/keystone-signing"
# Keystone PKI signing directory.
default["openstack"]["network"]["api"]["auth"]["cache_dir"] = "/var/cache/quantum/api"
@ -98,6 +104,9 @@ default["openstack"]["network"]["dhcp_driver"] = 'quantum.agent.linux.dhcp.Dnsma
# iproute2 package that supports namespaces).
default["openstack"]["network"]["use_namespaces"] = "True"
# use quantum root wrap
default["openstack"]["network"]["use_rootwrap"] = true
# ============================= DHCP Agent Configuration ===================
# Number of seconds between sync of DHCP agent with Quantum API server
@ -149,13 +158,13 @@ default["openstack"]["network"]["dhcp"]["dnsmasq_dpkgversion"] = "2.65-1"
# If use_namespaces is set as False then the agent can only configure one router.
# This is done by setting the specific router_id.
default["openstack"]["network"]["l3"]["router_id"] = ""
default["openstack"]["network"]["l3"]["router_id"] = nil
# Each L3 agent can be associated with at most one external network. This
# value should be set to the UUID of that external network. If empty,
# the agent will enforce that only a single external networks exists and
# use that external network id
default["openstack"]["network"]["l3"]["gateway_external_network_id"] = ""
default["openstack"]["network"]["l3"]["gateway_external_network_id"] = nil
# Indicates that this L3 agent should also handle routers that do not have
# an external network gateway configured. This option should be True only
@ -224,7 +233,7 @@ default["openstack"]["network"]["openvswitch"]["tenant_network_type"] = 'local'
# networks may be created.
#
# Example: network_vlan_ranges = physnet1:1000:2999
default["openstack"]["network"]["openvswitch"]["network_vlan_ranges"] = ""
default["openstack"]["network"]["openvswitch"]["network_vlan_ranges"] = nil
# Set to True in the server and the agents to enable support
# for GRE networks. Requires kernel support for OVS patch ports and
@ -236,29 +245,33 @@ default["openstack"]["network"]["openvswitch"]["enable_tunneling"] = "False"
# network allocation if tenant_network_type is 'gre'.
#
# Example: tunnel_id_ranges = 1:1000
default["openstack"]["network"]["openvswitch"]["tunnel_id_ranges"] = ""
default["openstack"]["network"]["openvswitch"]["tunnel_id_ranges"] = nil
# Do not change this parameter unless you have a good reason to.
# This is the name of the OVS integration bridge. There is one per hypervisor.
# The integration bridge acts as a virtual "patch bay". All VM VIFs are
# attached to this bridge and then "patched" according to their network
# connectivity.
default["openstack"]["network"]["openvswitch"]["integration_bridge"] = "br-int"
# connectivity (nil uses default)
default["openstack"]["network"]["openvswitch"]["integration_bridge"] = nil
# Only used for the agent if tunnel_id_ranges (above) is not empty for
# the server. In most cases, the default value should be fine
default["openstack"]["network"]["openvswitch"]["tunnel_bridge"] = "br-tun"
# the server. In most cases, the default value should be fine (nil
# uses default)
default["openstack"]["network"]["openvswitch"]["tunnel_bridge"] = nil
# Peer patch port in integration bridge for tunnel bridge
default["openstack"]["network"]["openvswitch"]["int_peer_patch_port"] = "patch-tun"
# Peer patch port in integration bridge for tunnel bridge (nil uses default)
default["openstack"]["network"]["openvswitch"]["int_peer_patch_port"] = nil
# Peer patch port in tunnel bridge for integration bridge
default["openstack"]["network"]["openvswitch"]["tun_peer_patch_port"] = "patch-int"
# Peer patch port in tunnel bridge for integration bridge (nil uses default)
default["openstack"]["network"]["openvswitch"]["tun_peer_patch_port"] = nil
# Uncomment this line for the agent if tunnel_id_ranges (above) is not
# empty for the server. Set local-ip to be the local IP address of
# this hypervisor
default["openstack"]["network"]["openvswitch"]["local_ip"] = ""
# empty for the server. Set local_ip to be the local IP address of
# this hypervisor or set the local_ip_interface parameter to use the IP
# address of the specified interface. If local_ip_interface is set
# it will take precedence.
default["openstack"]["network"]["openvswitch"]["local_ip"] = "127.0.0.1"
default["openstack"]["network"]["openvswitch"]["local_ip_interface"] = nil
# Comma-separated list of <physical_network>:<bridge> tuples
# mapping physical network names to the agent's node-specific OVS
@ -269,7 +282,7 @@ default["openstack"]["network"]["openvswitch"]["local_ip"] = ""
# server should have mappings to appropriate bridges on each agent.
#
# Example: bridge_mappings = physnet1:br-eth1
default["openstack"]["network"]["openvswitch"]["bridge_mappings"] = ""
default["openstack"]["network"]["openvswitch"]["bridge_mappings"] = nil
# Firewall driver for realizing quantum security group function
default["openstack"]["network"]["openvswitch"]["fw_driver"] = "quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver"

View File

@ -58,15 +58,29 @@ execute "quantum-node-setup --plugin openvswitch" do
only_if { platform?(%w(fedora redhat centos)) } # :pragma-foodcritic: ~FC024 - won't fix this
end
if node.run_list.expand(node.chef_environment).recipes.include?("openstack-network::server")
# retrieve the local interface for tunnels
if node["openstack"]["network"]["openvswitch"]["local_ip_interface"]
local_ip = address_for node["openstack"]["network"]["openvswitch"]["local_ip_interface"]
else
local_ip = node["openstack"]["network"]["openvswitch"]["local_ip"]
end
service "quantum-server" do
service_name platform_options["quantum_server_service"]
supports :status => true, :restart => true
ignore_failure true
action :nothing
end
template "/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini" do
source "plugins/openvswitch/ovs_quantum_plugin.ini.erb"
owner node["openstack"]["network"]["platform"]["user"]
group node["openstack"]["network"]["platform"]["group"]
mode 00644
variables(
:sql_connection => sql_connection
:sql_connection => sql_connection,
:local_ip => local_ip
)
notifies :restart, "service[quantum-server]", :immediately
end
end

View File

@ -153,8 +153,10 @@ service_user = node["openstack"]["network"]["service_user"]
if node["openstack"]["network"]["api"]["bind_interface"].nil?
bind_address = api_endpoint.host
bind_port = api_endpoint.port
else
bind_address = address_for node["openstack"]["network"]["api"]["bind_interface"]
bind_port = node["openstack"]["network"]["api"]["bind_port"]
end
# Here is where we set up the appropriate plugin INI files
@ -185,10 +187,12 @@ template "/etc/quantum/quantum.conf" do
mode 00644
variables(
:bind_address => bind_address,
:bind_port => api_endpoint.port,
:bind_port => bind_port,
:rabbit_pass => rabbit_pass,
:rabbit_hosts => rabbit_hosts,
:core_plugin => core_plugin
:core_plugin => core_plugin,
:identity_endpoint => identity_endpoint,
:service_pass => service_pass
)
notifies :restart, "service[quantum-server]", :immediately
@ -200,8 +204,8 @@ template "/etc/quantum/api-paste.ini" do
group node["openstack"]["network"]["platform"]["group"]
mode 00644
variables(
"identity_endpoint" => identity_endpoint,
"service_pass" => service_pass
:identity_endpoint => identity_endpoint,
:service_pass => service_pass
)
notifies :restart, "service[quantum-server]", :immediately

View File

@ -48,11 +48,14 @@ describe 'openstack-network::dhcp_agent' do
it "has proper modes" do
expect(sprintf("%o", @file.mode)).to eq "644"
end
it "template contents" do
pending "TODO: implement"
it "uses ovs driver" do
expect(@chef_run).to create_file_with_content @file.name,
"interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver"
end
it "uses namespaces" do
expect(@chef_run).to create_file_with_content @file.name,
"use_namespaces = True"
end
end
end
end

View File

@ -14,6 +14,39 @@ describe 'openstack-network::l3_agent' do
expect(@chef_run).to install_package "quantum-l3-agent"
end
describe "l3_agent.ini" do
before do
@file = @chef_run.template "/etc/quantum/l3_agent.ini"
end
it "has proper owner" do
expect(@file).to be_owned_by "quantum", "quantum"
end
it "has proper modes" do
expect(sprintf("%o", @file.mode)).to eq "644"
end
it "it has ovs driver" do
expect(@chef_run).to create_file_with_content @file.name,
"interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver"
end
it "sets fuzzy delay to default" do
expect(@chef_run).to create_file_with_content @file.name,
"periodic_fuzzy_delay = 5"
end
it "it does not set a nil router_id" do
expect(@chef_run).not_to create_file_with_content @file.name,
/^router_id =/
end
it "it does not set a nil router_id" do
expect(@chef_run).not_to create_file_with_content @file.name,
/^gateway_external_network_id =/
end
end
end
end

View File

@ -1,13 +1,11 @@
require_relative 'spec_helper'
describe 'openstack-network::openvswitch' do
describe "ubuntu" do
before do
quantum_stubs
@chef_run = ::ChefSpec::ChefRunner.new(::UBUNTU_OPTS) do |n|
n.automatic_attrs["kernel"]["release"] = "1.2.3"
n.set["openstack"]["network"]["local_ip_interface"] = "eth0"
end
@chef_run.converge "openstack-network::openvswitch"
end
@ -21,13 +19,58 @@ describe 'openstack-network::openvswitch' do
it "installs linux bridge utils" do
expect(@chef_run).to install_package "bridge-utils"
end
it "installs linux kernel headers" do
it "installs linux linux headers" do
expect(@chef_run).to install_package "linux-headers-1.2.3"
end
it "sets the openvswitch service to start on boot" do
expect(@chef_run).to set_service_to_start_on_boot 'openvswitch-switch'
end
describe "ovs_quantum_plugin.ini" do
before do
@file = @chef_run.template "/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini"
end
it "has proper owner" do
expect(@file).to be_owned_by "quantum", "quantum"
end
it "has proper modes" do
expect(sprintf("%o", @file.mode)).to eq "644"
end
it "uses default network_vlan_range" do
expect(@chef_run).not_to create_file_with_content @file.name,
/^network_vlan_ranges =/
end
it "uses default tunnel_id_ranges" do
expect(@chef_run).not_to create_file_with_content @file.name,
/^tunnel_id_ranges =/
end
it "uses default integration_bridge" do
expect(@chef_run).not_to create_file_with_content @file.name,
/^integration_bridge =/
end
it "uses default tunnel bridge" do
expect(@chef_run).not_to create_file_with_content @file.name,
/^tunnel_bridge =/
end
it "uses default int_peer_patch_port" do
expect(@chef_run).not_to create_file_with_content @file.name,
/^int_peer_patch_port =/
end
it "uses default tun_peer_patch_port" do
expect(@chef_run).not_to create_file_with_content @file.name,
/^tun_peer_patch_port =/
end
it "it has firewall driver" do
expect(@chef_run).to create_file_with_content @file.name,
"firewall_driver = quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver"
end
it "it uses local_ip from eth0 when local_ip_interface is set" do
expect(@chef_run).to create_file_with_content @file.name,
"local_ip = 10.0.0.3"
end
end
end

View File

@ -62,6 +62,36 @@ describe 'openstack-network::server' do
expect(sprintf("%o", @file.mode)).to eq "644"
end
it "it sets root_helper" do
expect(@chef_run).to create_file_with_content @file.name,
'root_helper = "sudo quantum-rootwrap /etc/quantum/rootwrap.conf"'
end
it "binds to appropriate api ip" do
expect(@chef_run).to create_file_with_content @file.name,
"bind_host = 127.0.0.1"
end
it "binds to appropriate api port" do
expect(@chef_run).to create_file_with_content @file.name,
"bind_port = 9696"
end
it "has appropriate auth host for agents" do
expect(@chef_run).to create_file_with_content @file.name,
"auth_host = 127.0.0.1"
end
it "has appropriate auth port for agents" do
expect(@chef_run).to create_file_with_content @file.name,
"auth_port = 5000"
end
it "has appropriate admin password for agents" do
expect(@chef_run).to create_file_with_content @file.name,
"admin_password = quantum-pass"
end
it "has rabbit_host" do
expect(@chef_run).to create_file_with_content @file.name,
"rabbit_host=127.0.0.1"

View File

@ -19,13 +19,19 @@ use_namespaces = <%= node["openstack"]["network"]["use_namespaces"] %>
# If use_namespaces is set as False then the agent can only configure one router.
# This is done by setting the specific router_id.
# Default: router_id =
<% if node["openstack"]["network"]["l3"]["router_id"] -%>
router_id = <%= node["openstack"]["network"]["l3"]["router_id"] %>
<% end -%>
# Each L3 agent can be associated with at most one external network. This
# value should be set to the UUID of that external network. If empty,
# the agent will enforce that only a single external networks exists and
# use that external network id
# gateway_external_network_id = <%= node["openstack"]["network"]["l3"]["gateway_external_network_id"] %>
# Default: gateway_external_network_id =
<% if node["openstack"]["network"]["l3"]["gateway_external_network_id"] -%>
gateway_external_network_id = <%= node["openstack"]["network"]["l3"]["gateway_external_network_id"] %>
<% end -%>
# Indicates that this L3 agent should also handle routers that do not have
# an external network gateway configured. This option should be True only
@ -49,4 +55,4 @@ periodic_interval = <%= node["openstack"]["network"]["l3"]["periodic_interval"]
# seconds to start to sync routers' data after
# starting agent
periodic_fuzzy_delay = <%= node["openstack"]["network"]["l3"]["periodic_fuzz_delay"] %>
periodic_fuzzy_delay = <%= node["openstack"]["network"]["l3"]["periodic_fuzzy_delay"] %>

View File

@ -45,7 +45,9 @@ tenant_network_type = <%= node["openstack"]["network"]["openvswitch"]["tenant_ne
#
# Default: network_vlan_ranges =
# Example: network_vlan_ranges = physnet1:1000:2999
<% if node["openstack"]["network"]["openvswitch"]["network_vlan_ranges"] -%>
network_vlan_ranges = <%= node["openstack"]["network"]["openvswitch"]["network_vlan_ranges"] %>
<% end -%>
# (BoolOpt) Set to True in the server and the agents to enable support
# for GRE networks. Requires kernel support for OVS patch ports and
@ -60,7 +62,9 @@ enable_tunneling = <%= node["openstack"]["network"]["openvswitch"]["enable_tunne
#
# Default: tunnel_id_ranges =
# Example: tunnel_id_ranges = 1:1000
<% if node["openstack"]["network"]["openvswitch"]["tunnel_id_ranges"] -%>
tunnel_id_ranges = <%= node["openstack"]["network"]["openvswitch"]["tunnel_id_ranges"] %>
<% end -%>
# Do not change this parameter unless you have a good reason to.
# This is the name of the OVS integration bridge. There is one per hypervisor.
@ -69,28 +73,36 @@ tunnel_id_ranges = <%= node["openstack"]["network"]["openvswitch"]["tunnel_id_ra
# connectivity.
#
# Default: integration_bridge = br-int
<% if node["openstack"]["network"]["openvswitch"]["integration_bridge"] -%>
integration_bridge = <%= node["openstack"]["network"]["openvswitch"]["integration_bridge"] %>
<% end -%>
# Only used for the agent if tunnel_id_ranges (above) is not empty for
# the server. In most cases, the default value should be fine.
#
# Default: tunnel_bridge = br-tun
<% if node["openstack"]["network"]["openvswitch"]["tunnel_bridge"] -%>
tunnel_bridge = <%= node["openstack"]["network"]["openvswitch"]["tunnel_bridge"] %>
<% end -%>
# Peer patch port in integration bridge for tunnel bridge
# int_peer_patch_port = patch-tun
# Default: int_peer_patch_port = patch-tun
<% if node["openstack"]["network"]["openvswitch"]["int_peer_patch_port"] -%>
int_peer_patch_port = <%= node["openstack"]["network"]["openvswitch"]["int_peer_patch_port"] %>
<% end -%>
# Peer patch port in tunnel bridge for integration bridge
# tun_peer_patch_port = patch-int
# Default: tun_peer_patch_port = patch-int
<% if node["openstack"]["network"]["openvswitch"]["tun_peer_patch_port"] -%>
tun_peer_patch_port = <%= node["openstack"]["network"]["openvswitch"]["tun_peer_patch_port"] %>
<% end -%>
# Uncomment this line for the agent if tunnel_id_ranges (above) is not
# empty for the server. Set local-ip to be the local IP address of
# this hypervisor.
#
# Default: local_ip =
local_ip = <%= node["openstack"]["network"]["openvswitch"]["local_ip"] %>
local_ip = <%= @local_ip %>
# (ListOpt) Comma-separated list of <physical_network>:<bridge> tuples
# mapping physical network names to the agent's node-specific OVS
@ -102,7 +114,9 @@ local_ip = <%= node["openstack"]["network"]["openvswitch"]["local_ip"] %>
#
# Default: bridge_mappings =
# Example: bridge_mappings = physnet1:br-eth1
<% if node["openstack"]["network"]["openvswitch"]["bridge_mappings"] -%>
bridge_mappings = <%= node["openstack"]["network"]["openvswitch"]["bridge_mappings"] %>
<% end -%>
[AGENT]
# Agent's polling interval in seconds
@ -110,8 +124,10 @@ polling_interval = 2
[SECURITYGROUP]
# Firewall driver for realizing quantum security group function
# firewall_driver = quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
# Default: firewall_driver = quantum.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
<% if node["openstack"]["network"]["openvswitch"]["fw_driver"] -%>
firewall_driver = <%= node["openstack"]["network"]["openvswitch"]["fw_driver"] %>
<% end -%>
#-----------------------------------------------------------------------------
# Sample Configurations.

View File

@ -300,10 +300,22 @@ notification_topics = notifications
# root filter facility.
# Change to "sudo" to skip the filtering and just run the comand directly
# root_helper = sudo
<% if node["openstack"]["network"]["use_rootwrap"] %>
root_helper = "sudo quantum-rootwrap /etc/quantum/rootwrap.conf"
<% end -%>
# =========== items for agent management extension =============
# seconds between nodes reporting state to server, should be less than
# agent_down_time
# report_interval = 4
report_interval = <%= node["openstack"]["network"]["api"]["agent"]["agent_report_interval"] %>
[keystone_authtoken]
auth_host = <%= @identity_endpoint.host %>
auth_port = <%= @identity_endpoint.port %>
auth_protocol = <%= @identity_endpoint.scheme %>
admin_tenant_name = <%= node["openstack"]["network"]["service_tenant_name"] %>
admin_user = <%= node["openstack"]["network"]["service_user"] %>
admin_password = <%= @service_pass %>
signing_dir = <%= node["openstack"]["network"]["api"]["agent"]["signing_dir"] %>
# =========== end of items for agent management extension =====