From 4418fba67d370cc5be7f40bd77776cde2d69828b Mon Sep 17 00:00:00 2001
From: Roman Podoliaka <rpodolyaka@mirantis.com>
Date: Fri, 27 May 2016 12:35:50 +0300
Subject: [PATCH] nova: configure file injection by the means of config drive

We've seen a number of problems with qemu-nbd (from files not being
injected randomly to kernel panics), and while libguestfs is a
better solution here it does not work out of box on Ubuntu. Neither
of these can be used for file injection when instance ephemeral
drives are stored in Ceph.

Disabling of file injection in Nova libvirt drive allows us to unify
the settings for Ubuntu vs CentOS and file vs Ceph-based ephemerals.
In this case file injection can still be performed by the means of
config drive + cloud-init within images.

Upstream Nova / Devstack explicitly disabled file injection in favor
of using config drives in:

9ce99a44cf85e431227536e2251ef05b52e61524

and

I2388ef0df12a6289b619bfaf30cb952fcc48ef41


DocImpact

File injection is no longer performed on the compute node because it's
slow and error-prone. Instead files to be injected are placed on a
config drive, which is automatically created for every instance. It's up
to cloud-init or a similar mechanism within the image itself to perform
injection on instance boot.

Closes-Bug: #1467860
Closes-Bug: #1556819
Related-Bug: #1467579
Related-Bug: #1493767

Change-Id: Ie46aa3f48d62b7500a7e326348b35573b3262641
---
 .../manifests/roles/compute.pp                | 28 +++++++------------
 tests/noop/spec/hosts/roles/compute_spec.rb   | 22 ++++++---------
 2 files changed, 18 insertions(+), 32 deletions(-)

diff --git a/deployment/puppet/openstack_tasks/manifests/roles/compute.pp b/deployment/puppet/openstack_tasks/manifests/roles/compute.pp
index 675ba616e8..164bd7034a 100644
--- a/deployment/puppet/openstack_tasks/manifests/roles/compute.pp
+++ b/deployment/puppet/openstack_tasks/manifests/roles/compute.pp
@@ -347,6 +347,15 @@ class openstack_tasks::roles::compute {
     }
   }
 
+  # Explicitly disable file injection by the means of nbd and libguestfs:
+  # the former is known to have reliability problems, while the latter does not
+  # work out of box on Ubuntu. Neither works with Ceph ephemerals. The solution
+  # here is to use config drive + cloud-init instead. This allows us to unify
+  # settings for Ubuntu vs CentOS, as well as Ceph vs file ephemerals.
+  # See LP #1467860 , LP #1556819 and LP #1467579 for details.
+  $libvirt_inject_partition = '-2'
+  $force_config_drive = true
+
   # NOTE(bogdando) deploy compute node with disabled nova-compute
   #   service #LP1398817. The orchestration will start and enable it back
   #   after the deployment is done.
@@ -357,7 +366,7 @@ class openstack_tasks::roles::compute {
     vncproxy_protocol             => $vncproxy_protocol,
     vncproxy_host                 => $vncproxy_host,
     vncproxy_port                 => $nova_hash_real['vncproxy_port'],
-    force_config_drive            => $nova_hash_real['force_config_drive'],
+    force_config_drive            => $force_config_drive,
     pci_passthrough               => nic_whitelist_to_json(get_nic_passthrough_whitelist('sriov')),
     network_device_mtu            => $network_device_mtu,
     instance_usage_audit          => $instance_usage_audit,
@@ -380,26 +389,9 @@ class openstack_tasks::roles::compute {
     }
   }
 
-  # The default value for inject_partition is -2, so it will be disabled
-  # when we use Ceph for ephemeral storage or for Cinder. We only need to
-  # modify the libvirt_disk_cachemodes in that case.
   if ($storage_hash['ephemeral_ceph'] or $storage_hash['volumes_ceph']) {
     $disk_cachemodes = ['"network=writeback,block=none"']
-    $libvirt_inject_partition = '-2'
   } else {
-    if $::osfamily == 'RedHat' {
-      $libvirt_inject_partition = '-1'
-    } else {
-      # Enable module by default on each compute node
-      k_mod {'nbd':
-        ensure => 'present'
-      }
-      file_line {'nbd_on_boot':
-        path => '/etc/modules',
-        line => 'nbd',
-      }
-      $libvirt_inject_partition = '1'
-    }
     $disk_cachemodes = ['"file=directsync,block=none"']
   }
 
diff --git a/tests/noop/spec/hosts/roles/compute_spec.rb b/tests/noop/spec/hosts/roles/compute_spec.rb
index 2bab5fef1f..89ae1e4043 100644
--- a/tests/noop/spec/hosts/roles/compute_spec.rb
+++ b/tests/noop/spec/hosts/roles/compute_spec.rb
@@ -94,25 +94,19 @@ describe manifest do
       compute_driver = 'libvirt.LibvirtDriver'
     end
 
-    it 'should configure libvirt_inject_partition for compute node' do
-      if storage_hash && (storage_hash['ephemeral_ceph'] || storage_hash['volumes_ceph'])
-        libvirt_inject_partition = '-2'
-      elsif facts[:operatingsystem] == 'CentOS'
-        libvirt_inject_partition = '-1'
-      else
-        should contain_k_mod('nbd').with('ensure' => 'present')
-
-        should contain_file_line('nbd_on_boot').with(
-          'path' => '/etc/modules',
-          'line' => 'nbd',
-        )
-        libvirt_inject_partition = '1'
-      end
+    it 'should explicitly disable libvirt_inject_partition for compute node' do
+      libvirt_inject_partition = '-2'
       should contain_class('nova::compute::libvirt').with(
         'libvirt_inject_partition' => libvirt_inject_partition,
       )
     end
 
+    it 'should force instances to have config drives' do
+        should contain_class('nova::compute').with(
+            'force_config_drive' => true
+        )
+    end
+
     it 'should enable migration support for libvirt with vncserver listen on 0.0.0.0' do
       should contain_class('nova::compute::libvirt').with('vncserver_listen' => '0.0.0.0')
       should contain_class('nova::migration::libvirt')