Move ping public vip to post action

* Cleanup and refactor of virtual_ips task
* Ping public vip resource moved to post_deploy
* Noop and functional tests

Change-Id: I9a11f6473d1b9ec94f99764419a4f0fc2534a99e
Closes-Bug: 1391773

deployment/puppet/cluster/manifests/virtual_ip.pp

@@ -128,49 +128,6 @@ define cluster::virtual_ip (
 
   }
 
-  if $vip[tie_with_ping] {
-    # Tie vip with ping
-    cs_resource { "ping_${vip_name}":
-      ensure          => present,
-      primitive_class => 'ocf',
-      provided_by     => 'pacemaker',
-      primitive_type  => 'ping',
-      parameters      => {
-        'host_list'  => $vip[ping_host_list],
-        'multiplier' => '1000',
-        'dampen'     => '30s',
-        'timeout'    => '3s',
-      },
-      operations     => {
-        'monitor' => { 'interval' => '20', 'timeout'  => '30' },
-      },
-      complex_type   => 'clone',
-    }
-    service { "ping_${vip_name}":
-      ensure   => 'running',
-      enable   => true,
-      provider => 'pacemaker',
-    }
-    cs_rsc_location { "loc_ping_${vip_name}":
-      primitive => $vip_name,
-      cib       => "ping_${vip_name}",
-      rules     => [
-        {
-          'score'   => '-inf',
-          'boolean' => '',
-          'expressions' => [
-            {'attribute'=>"not_defined",'operation'=>'pingd','value'=>'or'},
-            {'attribute'=>"pingd",'operation'=>'lte','value'=>'0'},
-          ],
-        },
-      ],
-    }
-    # Resource ordering
-    Service[$vip_name] ->
-    Cs_resource["ping_${vip_name}"] ->
-    Cs_rsc_location["loc_ping_${vip_name}"] ->
-    Service["ping_${vip_name}"]
-  }
 }
 
 Class['corosync'] -> Cluster::Virtual_ip <||>

deployment/puppet/cluster/manifests/virtual_ip_ping.pp

@@ -0,0 +1,59 @@
+define cluster::virtual_ip_ping (
+  $host_list = '127.0.0.1',
+) {
+  $vip_name = $title
+
+  cs_resource { "ping_${vip_name}":
+    ensure          => present,
+    primitive_class => 'ocf',
+    provided_by     => 'pacemaker',
+    primitive_type  => 'ping',
+    parameters      => {
+      'host_list'  => $host_list,
+      'multiplier' => '1000',
+      'dampen'     => '30s',
+      'timeout'    => '3s',
+    },
+    operations     => {
+      'monitor' => {
+        'interval' => '20',
+        'timeout'  => '30',
+      },
+    },
+    complex_type   => 'clone',
+  }
+
+  service { "ping_${vip_name}":
+    ensure   => 'running',
+    enable   => true,
+    provider => 'pacemaker',
+  }
+
+  cs_rsc_location { "loc_ping_${vip_name}":
+    primitive => $vip_name,
+    cib       => "ping_${vip_name}",
+    rules     => [
+      {
+        'score'   => '-inf',
+        'boolean' => '',
+        'expressions' => [
+          {
+            'attribute' => "not_defined",
+            'operation' => 'pingd',
+            'value' => 'or',
+          },
+          {
+            'attribute' => "pingd",
+            'operation'=>'lte',
+            'value' => '0',
+          },
+        ],
+      },
+    ],
+  }
+
+  Service<| title == $vip_name |> ->
+  Cs_resource["ping_${vip_name}"] ->
+  Cs_rsc_location["loc_ping_${vip_name}"] ->
+  Service["ping_${vip_name}"]
+}

deployment/puppet/cluster/manifests/virtual_ips.pp

@@ -1,31 +0,0 @@
-# == Define: cluster::virtual_ips
-#
-# Configure set of VirtualIP resources for corosync/pacemaker.
-#
-# === Parameters
-#
-# [*vips*]
-#   Specify dictionary of VIPs describing. Ex:
-#   {
-#     virtual_ip1_name => {
-#       nic    => 'eth0',
-#       ip     => '10.1.1.253'
-#     },
-#     virtual_ip2_name => {
-#       nic    => 'eth2',
-#       ip     => '192.168.12.254',
-#     },
-#   }
-#
-# [*name*]
-#   keys($vips) list, need for emulating loop in puppet.
-#
-define cluster::virtual_ips (
-  $vips
-){
-  cluster::virtual_ip { $name:
-    vip => $vips[$name],
-  }
-}
-#
-###

deployment/puppet/osnailyfacter/modular/astute/tasks.yaml

@@ -89,6 +89,17 @@
     timeout: 3600
     cwd: /
 
+- id: public_vip_ping
+  type: puppet
+  role: [primary-controller]
+  requires: [post_deployment_start]
+  required_for: [post_deployment_end]
+  parameters:
+    puppet_manifest: /etc/puppet/modules/osnailyfacter/modular/virtual_ips/public_vip_ping.pp
+    puppet_modules: /etc/puppet/modules
+    timeout: 3600
+    cwd: /
+
 #PRE DEPLOYMENT
 - id: upload_core_repos
   type: upload_file

deployment/puppet/osnailyfacter/modular/virtual_ips/contrackd_post.rb

@@ -0,0 +1,14 @@
+require File.join File.dirname(__FILE__), '../test_common.rb'
+
+class PublicVipPingPostTest < Test::Unit::TestCase
+
+  def ubuntu?
+    TestCommon::Facts.operatingsystem == 'Ubuntu'
+  end
+
+  def test_contrack_resource_started
+    return unless ubuntu?
+    assert TestCommon::Pacemaker.primitive_present?('p_conntrackd'), 'p_conntrackd is not created!'
+  end
+
+end

deployment/puppet/osnailyfacter/modular/virtual_ips/contrackd_pre.rb

@@ -0,0 +1,9 @@
+require File.join File.dirname(__FILE__), '../test_common.rb'
+
+class ContrackdPreTest < Test::Unit::TestCase
+
+  def test_pacemaker_is_online
+    assert TestCommon::Pacemaker.online?, 'Could not query Pacemaker CIB!'
+  end
+
+end

deployment/puppet/osnailyfacter/modular/virtual_ips/public_vip_ping.pp

@@ -0,0 +1,15 @@
+notice('MODULAR: public_vip_ping.pp')
+
+$run_ping_checker = hiera('run_ping_checker', true)
+$network_scheme = hiera('network_scheme')
+$ping_host_list = $network_scheme['endpoints']['br-ex']['gateway']
+
+if $run_ping_checker {
+  $vip = 'vip__public'
+
+  cluster::virtual_ip_ping { $vip :
+    host_list => $ping_host_list,
+  }
+
+}
+

deployment/puppet/osnailyfacter/modular/virtual_ips/public_vip_ping_post.rb

@@ -0,0 +1,20 @@
+require File.join File.dirname(__FILE__), '../test_common.rb'
+
+class PublicVipPingPostTest < Test::Unit::TestCase
+
+  def has_public?
+    TestCommon::Settings.lookup 'public_vip'
+  end
+
+  def test_ping_resource_started
+    return unless has_public?
+    assert TestCommon::Pacemaker.primitive_started?('ping_vip__public'), 'ping_vip__public is not started!'
+  end
+
+  def test_paceamaker_public_vips
+    return unless has_public?
+    assert TestCommon::Pacemaker.primitive_started?('vip__public'), 'vip__public Pacemaker service is not started!'
+    assert TestCommon::Pacemaker.primitive_started?('vip__public_vrouter'), 'vip__public_vrouter Pacemaker service is not started!'
+  end
+
+end

deployment/puppet/osnailyfacter/modular/virtual_ips/public_vip_ping_pre.rb

@@ -0,0 +1,13 @@
+require File.join File.dirname(__FILE__), '../test_common.rb'
+
+class PublicVipPingPreTest < Test::Unit::TestCase
+
+  def test_pacemaker_is_online
+    assert TestCommon::Pacemaker.online?, 'Could not query Pacemaker CIB!'
+  end
+
+  def test_hiera_data
+    assert TestCommon::Settings.lookup('network_scheme'), 'No network_scheme in Hiera!'
+  end
+
+end

deployment/puppet/osnailyfacter/modular/virtual_ips/virtual_ips.pp

@@ -8,14 +8,12 @@ $vip_management_cidr_netmask = netmask_to_cidr($primary_controller_nodes[0]['int
 $vip_public_cidr_netmask     = netmask_to_cidr($primary_controller_nodes[0]['public_netmask'])
 $use_neutron                 = hiera('use_neutron', false)
 
-#todo:(sv): temporary commented. Will be uncommented while
-#           'multiple-l2-network' feature re-implemented
+# todo:(sv): temporary commented. Will be uncommented while 'multiple-l2-network' feature re-implemented
 # if $use_neutron {
 #   ip_mgmt_other_nets = join($network_scheme['endpoints']["$internal_int"]['other_nets'], ' ')
 # }
 
-$vips = { # Do not convert to ARRAY, It can't work in 2.7
-    management   => {
+$management_vip_data = {
   namespace            => 'haproxy',
   nic                  => $internal_int,
   base_veth            => "${internal_int}-hapr",
@@ -28,8 +26,9 @@ $vips = { # Do not convert to ARRAY, It can't work in 2.7
   other_networks       => $vip_mgmt_other_nets,
   with_ping            => false,
   ping_host_list       => "",
-    },
-    management_vrouter => {
+}
+
+$management_vrouter_vip_data = {
   namespace            => 'vrouter',
   nic                  => $internal_int,
   base_veth            => "${internal_int}-vrouter",
@@ -42,17 +41,25 @@ $vips = { # Do not convert to ARRAY, It can't work in 2.7
   bridge               => $network_scheme['roles']['management'],
   tie_with_ping        => false,
   ping_host_list       => "",
-    },
 }
 
+cluster::virtual_ip { 'management' :
+  vip => $management_vip_data,
+}
+
+cluster::virtual_ip { 'management_vrouter' :
+  vip => $management_vrouter_vip_data,
+}
+
+$management_vips = ['management', 'management_vrouter']
+
 if $public_int {
-  #todo:(sv): temporary commented. Will be uncommented while
-  #           'multiple-l2-network' feature re-implemented
-  # if $use_neutron{
+  # todo:(sv): temporary commented. Will be uncommented while 'multiple-l2-network' feature re-implemented
+  # if $use_neutron {
   #   vip_publ_other_nets = join($network_scheme['endpoints']["$public_int"]['other_nets'], ' ')
   # }
 
-    $vips[public] = {
+  $public_vip_data = {
     namespace            => 'haproxy',
     nic                  => $public_int,
     base_veth            => "${public_int}-hapr",
@@ -63,10 +70,9 @@ if $public_int {
     gateway_metric       => '10',
     bridge               => $network_scheme['roles']['ex'],
     other_networks       => $vip_publ_other_nets,
-      tie_with_ping        => hiera('run_ping_checker', true),
-      ping_host_list       => $network_scheme['endpoints']['br-ex']['gateway'],
   }
-    $vips[public_vrouter] = {
+
+  $public_vrouter_vip_data = {
     namespace               => 'vrouter',
     nic                     => $public_int,
     base_veth               => "${public_int}-vrouter",
@@ -81,32 +87,38 @@ if $public_int {
     ns_iptables_stop_rules  => "iptables -t nat -D POSTROUTING -o vr-ex -j MASQUERADE",
     collocation             => 'management_vrouter',
   }
-  }
-$vip_keys = keys($vips)
 
-class virtual_ips () {
-  file { 'ns-ipaddr2-ocf':
-    path   =>'/usr/lib/ocf/resource.d/fuel/ns_IPaddr2',
-    mode   => '0755',
-    owner  => root,
-    group  => root,
-    source => 'puppet:///modules/cluster/ocf/ns_IPaddr2',
+  cluster::virtual_ip { 'public' :
+    vip => $public_vip_data,
   }
 
-  cluster::virtual_ips { $::vip_keys:
-    vips => $::vips,
+  cluster::virtual_ip { 'public_vrouter' :
+    vip => $public_vrouter_vip_data,
   }
 
-  # Some topologies might need to keep the vips on the same node during
-  # deploymenet. This would only need to be changed by hand.
-  $keep_vips_together = false
-  if ($keep_vips_together) {
-    cs_rsc_colocation { 'ha_vips':
-      ensure      => present,
-      primitives  => [prefix(keys($::vips),"vip__")],
-      after       => Cluster::Virtual_ips[$::vip_keys]
-    }
-  } # End If keep_vips_together
+  $public_vips = ['public_vip', 'public_vrouter']
+  $vips = concat($management_vips, $public_vips)
+} else {
+  $vips = $management_vips
+}
+
+file { 'ns-ipaddr2-ocf':
+  path   =>'/usr/lib/ocf/resource.d/fuel/ns_IPaddr2',
+  mode   => '0755',
+  owner  => 'root',
+  group  => 'root',
+  source => 'puppet:///modules/cluster/ocf/ns_IPaddr2',
+}
+
+# Some topologies might need to keep the vips on the same node during
+# deploymenet. This would only need to be changed by hand.
+$keep_vips_together = false
+
+if $keep_vips_together {
+  cs_rsc_colocation { 'ha_vips':
+    ensure      => present,
+    primitives  => [prefix($vips, "vip__")],
+  }
+  Cluster::Virtual_ip[$vips] -> Cs_rsc_colocation['ha_vips']
 }
 
-class { 'virtual_ips': }

deployment/puppet/osnailyfacter/modular/virtual_ips/virtual_ips_post.rb

@@ -2,14 +2,8 @@ require File.join File.dirname(__FILE__), '../test_common.rb'
 
 class VirtualIPsPostTest < Test::Unit::TestCase
 
-  def test_public_vip_ping
-    ip = TestCommon::Settings.public_vip
-    assert TestCommon::Network.ping?(ip), "Could not ping the public vip '#{ip}'!"
-  end
-
-  def test_management_vip_ping
-    ip = TestCommon::Settings.management_vip
-    assert TestCommon::Network.ping?(ip), "Could not ping the management vip '#{ip}'!"
+  def has_public?
+    TestCommon::Settings.lookup 'public_vip'
   end
 
   def test_can_ping_the_default_router
@@ -17,4 +11,42 @@ class VirtualIPsPostTest < Test::Unit::TestCase
     assert TestCommon::Network.ping?(ip), "Cannot ping the default router '#{ip}'!"
   end
 
+  def test_public_vip_ping
+    return unless has_public?
+    ip = TestCommon::Settings.public_vip
+    assert TestCommon::Network.ping?(ip), "Could not ping the public vip '#{ip}'!"
+  end
+
+  def test_public_vrouter_vip_ping
+    return unless has_public?
+    ip = TestCommon::Settings.public_vrouter_vip
+    assert TestCommon::Network.ping?(ip), "Could not ping the public vrouter vip '#{ip}'!"
+  end
+
+  def test_management_vip_ping
+    ip = TestCommon::Settings.management_vip
+    assert TestCommon::Network.ping?(ip), "Could not ping the management vip '#{ip}'!"
+  end
+
+  def test_management_vrouter_vip_ping
+    ip = TestCommon::Settings.management_vrouter_vip
+    assert TestCommon::Network.ping?(ip), "Could not ping the management vrouter vip '#{ip}'!"
+  end
+
+  def test_vip_ocf_present
+    file = '/usr/lib/ocf/resource.d/fuel/ns_IPaddr2'
+    assert File.exist?(file), 'VIP OCF file is missing!'
+  end
+
+  def test_paceamaker_management_vips
+    assert TestCommon::Pacemaker.primitive_started?('vip__management'), 'vip__management Pacemaker service is not started!'
+    assert TestCommon::Pacemaker.primitive_started?('vip__management_vrouter'), 'vip__management_vrouter Pacemaker service is not started!'
+  end
+
+  def test_paceamaker_public_vips
+    return unless has_public?
+    assert TestCommon::Pacemaker.primitive_started?('vip__public'), 'vip__public Pacemaker service is not started!'
+    assert TestCommon::Pacemaker.primitive_started?('vip__public_vrouter'), 'vip__public_vrouter Pacemaker service is not started!'
+  end
+
 end

deployment/puppet/osnailyfacter/modular/virtual_ips/virtual_ips_pre.rb

@@ -0,0 +1,18 @@
+require File.join File.dirname(__FILE__), '../test_common.rb'
+
+class VirtualIpsPrePreTest < Test::Unit::TestCase
+
+  def test_pacemaker_is_online
+    assert TestCommon::Pacemaker.online?, 'Could not query Pacemaker CIB!'
+  end
+
+  def test_hiera_data
+    assert TestCommon::Settings.lookup('management_vip'), 'No management_vip in Hiera!'
+    assert TestCommon::Settings.lookup('management_vrouter_vip'), 'No management_vrouter_vip in Hiera!'
+    if TestCommon::Settings.lookup 'public_int'
+      assert TestCommon::Settings.lookup('public_vip'), 'No public_vip in Hiera!'
+      assert TestCommon::Settings.lookup('public_vrouter_vip'), 'No public_vrouter_vip in Hiera!'
+    end
+  end
+
+end

tests/noop/spec/hosts/virtual_ips/public_vip_ping_spec.rb

@@ -0,0 +1,50 @@
+require 'spec_helper'
+require 'shared-examples'
+manifest = 'virtual_ips/public_vip_ping.pp'
+
+describe manifest do
+  shared_examples 'catalog' do
+
+    let (:ping_host) {
+      ping_host = Noop.hiera_structure('network_scheme/endpoints/br-ex/gateway')
+      raise 'Could not get the ping host!' unless ping_host
+      ping_host
+    }
+
+    it do
+      expect(subject).to contain_cs_resource('ping_vip__public').with(
+                             :name            => "ping_vip__public",
+                             :ensure          => "present",
+                             :primitive_class => "ocf",
+                             :provided_by     => "pacemaker",
+                             :primitive_type  => "ping",
+                             :parameters      => {"host_list"=>ping_host, "multiplier"=>"1000", "dampen"=>"30s", "timeout"=>"3s"},
+                             :operations      => {"monitor"=>{"interval"=>"20", "timeout"=>"30"}},
+                             :complex_type    => "clone",
+                             :before          => "Cs_rsc_location[loc_ping_vip__public]",
+                         )
+    end
+
+    it do
+      expect(subject).to contain_service('ping_vip__public').with(
+                             :name     => "ping_vip__public",
+                             :ensure   => "running",
+                             :enable   => true,
+                             :provider => "pacemaker",
+                         )
+    end
+
+    it do
+      expect(subject).to contain_cs_rsc_location('loc_ping_vip__public').with(
+                             :name      => "loc_ping_vip__public",
+                             :primitive => "vip__public",
+                             :cib       => "ping_vip__public",
+                             :rules     => {"score"=>"-inf", "boolean"=>"", "expressions"=>[{"attribute"=>"not_defined", "operation"=>"pingd", "value"=>"or"}, {"attribute"=>"pingd", "operation"=>"lte", "value"=>"0"}]},
+                             :before    => "Service[ping_vip__public]",
+                         )
+    end
+
+  end
+
+  test_ubuntu_and_centos manifest
+end

tests/noop/spec/hosts/virtual_ips/virtual_ips_spec.rb

@@ -3,6 +3,41 @@ require 'shared-examples'
 manifest = 'virtual_ips/virtual_ips.pp'
 
 describe manifest do
+  shared_examples 'catalog' do
+    interfaces = %w(public management public_vrouter management_vrouter)
+    vip_interfaces = interfaces.map { |interface| "vip__#{interface}" }
+    let (:interfaces) { interfaces }
+    let (:vip_interfaces) { vip_interfaces }
+
+    it do
+      expect(subject).to contain_file('ns-ipaddr2-ocf').with(
+                             :path => '/usr/lib/ocf/resource.d/fuel/ns_IPaddr2',
+                         )
+    end
+
+    vip_interfaces.each do |interface|
+      it do
+        expect(subject).to contain_cs_resource(interface).with(
+                               :ensure => 'present',
+                           )
+      end
+
+      it do
+        expect(subject).to contain_service(interface).with(
+                               :provider => 'pacemaker',
+                               :ensure   => 'running',
+                               :enable   => true,
+                           )
+      end
+    end
+
+    it do
+      should contain_cs_rsc_colocation('vip__public_vrouter-with-vip__management_vrouter').with(
+                 :primitives => %w(vip__public_vrouter vip__management_vrouter),
+             )
+    end
+
+  end
+
   test_ubuntu_and_centos manifest
 end
-