Expose baremetal-introspection endpoint via mdns

This change adds an option to publish the endpoint via mDNS on start up and clean it up on tear down. Story: #2005393 Task: #30384 Change-Id: Ia9407cb065979aac6761d3e4122d3884e45b559d
3 years ago · 258d7388a4
12 changed files with 92 additions and 5 deletions
--- a/devstack/plugin.sh
+++ b/devstack/plugin.sh
@ -261,6 +261,7 @@ function configure_inspector {

    inspector_iniset DEFAULT debug $IRONIC_INSPECTOR_DEBUG
    inspector_configure_auth_for ironic
+    inspector_configure_auth_for service_catalog
    configure_auth_token_middleware $IRONIC_INSPECTOR_CONF_FILE $IRONIC_INSPECTOR_ADMIN_USER $IRONIC_INSPECTOR_AUTH_CACHE_DIR/api

    inspector_iniset DEFAULT listen_port $IRONIC_INSPECTOR_PORT
--- a/ironic_inspector/common/keystone.py
+++ b/ironic_inspector/common/keystone.py
@ -70,3 +70,8 @@ def add_auth_options(options, service_type):
    add_options(opts, adapter_opts)
    opts.sort(key=lambda x: x.name)
    return opts
+
+
+def get_endpoint(group, **kwargs):
+    return get_adapter(group, session=get_session(group)).get_endpoint(
+        **kwargs)
--- a/ironic_inspector/conductor/manager.py
+++ b/ironic_inspector/conductor/manager.py
@ -17,6 +17,7 @@ import traceback as traceback_mod
 import eventlet
 from eventlet import semaphore
 from futurist import periodics
+from ironic_lib import mdns
 from oslo_config import cfg
 from oslo_log import log
 import oslo_messaging as messaging
@ -24,6 +25,7 @@ from oslo_utils import reflection

 from ironic_inspector.common.i18n import _
 from ironic_inspector.common import ironic as ir_utils
+from ironic_inspector.common import keystone
 from ironic_inspector import db
 from ironic_inspector import introspect
 from ironic_inspector import node_cache
@ -45,6 +47,7 @@ class ConductorManager(object):

    def __init__(self):
        self._periodics_worker = None
+        self._zeroconf = None
        self._shutting_down = semaphore.Semaphore()

    def init_host(self):
@ -86,6 +89,12 @@ class ConductorManager(object):
            on_failure=self._periodics_watchdog)
        utils.executor().submit(self._periodics_worker.start)

+        if CONF.enable_mdns:
+            endpoint = keystone.get_endpoint('service_catalog')
+            self._zeroconf = mdns.Zeroconf()
+            self._zeroconf.register_service('baremetal-introspection',
+                                            endpoint)
+
    def del_host(self):

        if not self._shutting_down.acquire(blocking=False):
@ -105,6 +114,10 @@ class ConductorManager(object):
        if utils.executor().alive:
            utils.executor().shutdown(wait=True)

+        if self._zeroconf is not None:
+            self._zeroconf.close()
+            self._zeroconf = None
+
        self._shutting_down.release()
        LOG.info('Shut down successfully')

--- a/ironic_inspector/conf/init.py
+++ b/ironic_inspector/conf/init.py
@ -21,6 +21,7 @@ from ironic_inspector.conf import ironic
 from ironic_inspector.conf import pci_devices
 from ironic_inspector.conf import processing
 from ironic_inspector.conf import pxe_filter
+from ironic_inspector.conf import service_catalog
 from ironic_inspector.conf import swift


@ -36,4 +37,5 @@ ironic.register_opts(CONF)
 pci_devices.register_opts(CONF)
 processing.register_opts(CONF)
 pxe_filter.register_opts(CONF)
+service_catalog.register_opts(CONF)
 swift.register_opts(CONF)
--- a/ironic_inspector/conf/default.py
+++ b/ironic_inspector/conf/default.py
@ -76,6 +76,9 @@ _OPTS = [
                       'can manage PXE booting of nodes. If set to False, '
                       'the API will reject introspection requests with '
                       'manage_boot missing or set to True.')),
+    cfg.BoolOpt('enable_mdns', default=False,
+                help=_('Whether to enable publishing the ironic-inspector API '
+                       'endpoint via multicast DNS.')),
 ]


--- a/ironic_inspector/conf/opts.py
+++ b/ironic_inspector/conf/opts.py
@ -69,4 +69,5 @@ def list_opts():
        ('processing', ironic_inspector.conf.processing.list_opts()),
        ('pci_devices', ironic_inspector.conf.pci_devices.list_opts()),
        ('pxe_filter', ironic_inspector.conf.pxe_filter.list_opts()),
+        ('service_catalog', ironic_inspector.conf.service_catalog.list_opts()),
    ]
--- a/ironic_inspector/conf/service_catalog.py
+++ b/ironic_inspector/conf/service_catalog.py
@ -0,0 +1,22 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from ironic_inspector.common import keystone
+
+
+def register_opts(conf):
+    keystone.register_auth_opts('service_catalog', 'baremetal-introspection')
+
+
+def list_opts():
+    return keystone.add_auth_options([], 'baremetal-introspection')
--- a/ironic_inspector/test/unit/test_manager.py
+++ b/ironic_inspector/test/unit/test_manager.py
@ -14,9 +14,11 @@
 import json

 import fixtures
+from ironic_lib import mdns
 import mock
 import oslo_messaging as messaging

+from ironic_inspector.common import keystone
 from ironic_inspector.common import swift
 from ironic_inspector.conductor import manager
 import ironic_inspector.conf
@ -99,12 +101,14 @@ class TestManagerInitHost(BaseManagerTest):
            'Introspection data will not be stored. Change "[processing] '
            'store_data" option if this is not the desired behavior')

-    def test_init_host(self):
+    @mock.patch.object(mdns, 'Zeroconf', autospec=True)
+    def test_init_host(self, mock_zc):
        self.manager.init_host()
-        self.mock_db_init.asset_called_once_with()
+        self.mock_db_init.assert_called_once_with()
        self.mock_validate_processing_hooks.assert_called_once_with()
        self.mock_filter.init_filter.assert_called_once_with()
        self.assert_periodics()
+        self.assertFalse(mock_zc.called)

    def test_init_host_validate_processing_hooks_exception(self):
        class MyError(Exception):
@ -123,6 +127,18 @@ class TestManagerInitHost(BaseManagerTest):
        self.mock_exit.assert_called_once_with(1)
        self.mock_filter.init_filter.assert_not_called()

+    @mock.patch.object(mdns, 'Zeroconf', autospec=True)
+    @mock.patch.object(keystone, 'get_endpoint', autospec=True)
+    def test_init_host_with_mdns(self, mock_endpoint, mock_zc):
+        CONF.set_override('enable_mdns', True)
+        self.manager.init_host()
+        self.mock_db_init.assert_called_once_with()
+        self.mock_validate_processing_hooks.assert_called_once_with()
+        self.mock_filter.init_filter.assert_called_once_with()
+        self.assert_periodics()
+        mock_zc.return_value.register_service.assert_called_once_with(
+            'baremetal-introspection', mock_endpoint.return_value)
+

 class TestManagerDelHost(BaseManagerTest):
    def setUp(self):
@ -151,6 +167,23 @@ class TestManagerDelHost(BaseManagerTest):
        self.mock_filter.tear_down_filter.assert_called_once_with()
        self.mock__shutting_down.release.assert_called_once_with()

+    def test_del_host_with_mdns(self):
+        mock_zc = mock.Mock(spec=mdns.Zeroconf)
+        self.manager._zeroconf = mock_zc
+
+        self.manager.del_host()
+
+        mock_zc.close.assert_called_once_with()
+        self.assertIsNone(self.manager._zeroconf)
+        self.mock__shutting_down.acquire.assert_called_once_with(
+            blocking=False)
+        self.mock__periodic_worker.stop.assert_called_once_with()
+        self.mock__periodic_worker.wait.assert_called_once_with()
+        self.assertIsNone(self.manager._periodics_worker)
+        self.mock_executor.shutdown.assert_called_once_with(wait=True)
+        self.mock_filter.tear_down_filter.assert_called_once_with()
+        self.mock__shutting_down.release.assert_called_once_with()
+
    def test_del_host_race(self):
        self.mock__shutting_down.acquire.return_value = False

--- a/lower-constraints.txt
+++ b/lower-constraints.txt
@ -32,7 +32,7 @@ greenlet==0.4.13
 hacking==1.0.0
 idna==2.6
 imagesize==1.0.0
-ironic-lib==2.5.0
+ironic-lib==2.17.0
 iso8601==0.1.12
 itsdangerous==0.24
 Jinja2==2.10
--- a/releasenotes/notes/mdns-a5f4034257139e31.yaml
+++ b/releasenotes/notes/mdns-a5f4034257139e31.yaml
@ -0,0 +1,6 @@
+---
+features:
+  - |
+    A new option ``enable_mdns`` allows to enable publishing the baremetal
+    introspection API endpoint via mDNS as specified in the `API SIG guideline
+    <http://specs.openstack.org/openstack/api-sig/guidelines/dns-sd.html>`_.
--- a/requirements.txt
+++ b/requirements.txt
@ -8,7 +8,7 @@ construct<2.9,>=2.8.10 # MIT
 eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
 Flask!=0.11,>=0.10 # BSD
 futurist>=1.2.0 # Apache-2.0
-ironic-lib>=2.5.0 # Apache-2.0
+ironic-lib>=2.17.0 # Apache-2.0
 jsonpath-rw<2.0,>=1.2.0 # Apache-2.0
 jsonschema<3.0.0,>=2.6.0 # MIT
 keystoneauth1>=3.4.0 # Apache-2.0
--- a/tools/config-generator.conf
+++ b/tools/config-generator.conf
@ -1,6 +1,7 @@
 [DEFAULT]
 output_file = example.conf
 namespace = ironic_inspector
+namespace = ironic_lib.mdns
 namespace = keystonemiddleware.auth_token
 namespace = oslo.db
 namespace = oslo.log
@ -9,4 +10,4 @@ namespace = oslo.middleware.cors
 namespace = oslo.policy
 namespace = oslo.service.service
 namespace = oslo.service.sslutils
-namespace = oslo.service.wsgi
+namespace = oslo.service.wsgi