Do not flush addresses on all bridges in nova-network OCF script

- if nova-network is configured with VlanManager cleanup function in OCF script removes IP addresses from all bridges that exist on system, this way server loses connectivity; we need to flush IP addresses only from bridges that might be previosly created by nova-network (br103, br104, br105, etc) - in order not to rely on ~/openrc file introduce new parameters for OCF script: password (nova's password) and auth_url (URL to reach Keystone) - use tenant 'services' inside OCF script - query hiera to get password and management IP (needed to form auth URL) in order to pass them to cs_resource declaration - remove redunant quotes around parameter names in cs_resource 'p_vcenter_nova_network' declaration (no functional change) Change-Id: I3ab0de05c46ce50792619760472ef527967515ec Closes-bug: #1437326
2015-04-15 15:52:32 +03:00 · 2015-04-15 15:52:32 +03:00 · 52fb5f0d9b
commit 52fb5f0d9b
parent dbb93e85b8
2 changed files with 54 additions and 15 deletions
--- a/deployment/puppet/vmware/files/ocf/nova-network
+++ b/deployment/puppet/vmware/files/ocf/nova-network
@ -19,6 +19,8 @@
 #   OCF_RESKEY_binary
 #   OCF_RESKEY_config
 #   OCF_RESKEY_user
+#   OCF_RESKEY_password
+#   OCF_RESKEY_auth_url
 #   OCF_RESKEY_pid
 #   OCF_RESKEY_amqp_server_port
 #   OCF_RESKEY_zeromq
@ -37,6 +39,9 @@ PATH=/bin:/sbin:/usr/bin:/usr/sbin
 OCF_RESKEY_binary_default="nova-network"
 OCF_RESKEY_config_default="/etc/nova/nova.conf"
 OCF_RESKEY_user_default="nova"
+OCF_RESKEY_password_default="nova_password"
+OCF_RESKEY_tenant_default="services"
+OCF_RESKEY_auth_url_default="http://127.0.0.1:5000/v2.0/"
 OCF_RESKEY_pid_default="${HA_RSCTMP}/${__SCRIPT_NAME}/${__SCRIPT_NAME}.pid"
 OCF_RESKEY_amqp_server_port_default="5672"
 OCF_RESKEY_zeromq_default="false"
@ -44,6 +49,9 @@ OCF_RESKEY_zeromq_default="false"
 : ${OCF_RESKEY_binary=${OCF_RESKEY_binary_default}}
 : ${OCF_RESKEY_config=${OCF_RESKEY_config_default}}
 : ${OCF_RESKEY_user=${OCF_RESKEY_user_default}}
+: ${OCF_RESKEY_password=${OCF_RESKEY_password_default}}
+: ${OCF_RESKEY_tenant=${OCF_RESKEY_tenant_default}}
+: ${OCF_RESKEY_auth_url=${OCF_RESKEY_auth_url_default}}
 : ${OCF_RESKEY_pid=${OCF_RESKEY_pid_default}}
 : ${OCF_RESKEY_amqp_server_port=${OCF_RESKEY_amqp_server_port_default}}
 : ${OCF_RESKEY_zeromq=${OCF_RESKEY_zeromq_default}}
@ -105,6 +113,22 @@ User running OpenStack Network Service (nova-network)
 <content type="string" default="${OCF_RESKEY_user_default}" />
 </parameter>

+<parameter name="password" unique="0" required="0">
+<longdesc lang="en">
+Password for nova-network
+</longdesc>
+<shortdesc lang="en">nova-network password</shortdesc>
+<content type="string" default="${OCF_RESKEY_password_default}" />
+</parameter>
+
+<parameter name="auth_url" unique="0" required="0">
+<longdesc lang="en">
+OpenStack Identity Service (Keystone) URL
+</longdesc>
+<shortdesc lang="en">Keystone URL for nova-network</shortdesc>
+<content type="string" default="${OCF_RESKEY_auth_url_default}" />
+</parameter>
+
 <parameter name="pid" unique="0" required="0">
 <longdesc lang="en">
 The pid file to use for this OpenStack Network Service (nova-network) instance
@ -327,10 +351,15 @@ nova_network_cleanup() {
            ocf_run ip addr flush dev $flat_network_bridge
        ;;
        nova.network.manager.VlanManager)
-            # Collect all bridge interfaces that were created by nova-network and
-            # remove IP addresses assigned to them
-            bridges=$(ifconfig | egrep -e '^br*'| awk '{ print $1; }')
-            for bridge in $bridges
+            # Collect all bridge interfaces that were created by
+            # nova-network and remove IP addresses assigned to them
+            nova_bridges=$(OS_TENANT_NAME=services          \
+                           OS_USERNAME=$OCF_RESKEY_user     \
+                           OS_PASSWORD=$OCF_RESKEY_password \
+                           OS_AUTH_URL=$OCF_RESKEY_auth_url \
+                           OS_ENDPOINT_TYPE=internalURL     \
+                           nova network-list --fields bridge | egrep -o -e 'br[0-9]{1,4}')
+            for bridge in $nova_bridges
            do
                    ocf_run ip addr flush dev $bridge
            done
--- a/deployment/puppet/vmware/manifests/network/nova.pp
+++ b/deployment/puppet/vmware/manifests/network/nova.pp
@ -44,29 +44,39 @@ class vmware::network::nova (
    }
  }

+
+  $nova_user = 'nova'
+  $nova_hash = hiera('nova')
+  $nova_password = $nova_hash['user_password']
+  $management_vip = hiera('management_vip')
+  $auth_url = "http://${management_vip}:5000/v2.0"
+
  cs_resource { 'p_vcenter_nova_network':
    ensure          => present,
    primitive_class => 'ocf',
    provided_by     => 'fuel',
    primitive_type  => 'nova-network',
    metadata        => {
-      'resource-stickiness' => '1'
+      resource-stickiness => '1'
    },
    parameters      => {
-      'amqp_server_port' => $amqp_port,
-      'config' => $nova_network_config,
-      'additional_parameters' => "--config-file=${nova_network_config_ha}",
+      amqp_server_port      => $amqp_port,
+      user                  => $nova_user,
+      password              => $nova_password,
+      auth_url              => $auth_url,
+      config                => $nova_network_config,
+      additional_parameters => "--config-file=${nova_network_config_ha}",
    },
    operations      => {
-      'monitor' => {
-        'interval' => '20',
-        'timeout'  => '30',
+      monitor => {
+        interval => '20',
+        timeout  => '30',
      },
-      'start'   => {
-        'timeout' => '20',
+      start   => {
+        timeout => '20',
      },
-      'stop'    => {
-        'timeout' => '20',
+      stop    => {
+        timeout => '20',
      }
    }
  }