Expose baremetal-introspection endpoint via mdns

This change adds an option to publish the endpoint via mDNS on start
up and clean it up on tear down.

Story: #2005393
Task: #30384
Change-Id: Ia9407cb065979aac6761d3e4122d3884e45b559d
This commit is contained in:
Dmitry Tantsur 2019-04-17 12:37:54 +02:00
parent 0ac77190e5
commit 258d7388a4
12 changed files with 92 additions and 5 deletions

View File

@ -261,6 +261,7 @@ function configure_inspector {
inspector_iniset DEFAULT debug $IRONIC_INSPECTOR_DEBUG
inspector_configure_auth_for ironic
inspector_configure_auth_for service_catalog
configure_auth_token_middleware $IRONIC_INSPECTOR_CONF_FILE $IRONIC_INSPECTOR_ADMIN_USER $IRONIC_INSPECTOR_AUTH_CACHE_DIR/api
inspector_iniset DEFAULT listen_port $IRONIC_INSPECTOR_PORT

View File

@ -70,3 +70,8 @@ def add_auth_options(options, service_type):
add_options(opts, adapter_opts)
opts.sort(key=lambda x: x.name)
return opts
def get_endpoint(group, **kwargs):
return get_adapter(group, session=get_session(group)).get_endpoint(
**kwargs)

View File

@ -17,6 +17,7 @@ import traceback as traceback_mod
import eventlet
from eventlet import semaphore
from futurist import periodics
from ironic_lib import mdns
from oslo_config import cfg
from oslo_log import log
import oslo_messaging as messaging
@ -24,6 +25,7 @@ from oslo_utils import reflection
from ironic_inspector.common.i18n import _
from ironic_inspector.common import ironic as ir_utils
from ironic_inspector.common import keystone
from ironic_inspector import db
from ironic_inspector import introspect
from ironic_inspector import node_cache
@ -45,6 +47,7 @@ class ConductorManager(object):
def __init__(self):
self._periodics_worker = None
self._zeroconf = None
self._shutting_down = semaphore.Semaphore()
def init_host(self):
@ -86,6 +89,12 @@ class ConductorManager(object):
on_failure=self._periodics_watchdog)
utils.executor().submit(self._periodics_worker.start)
if CONF.enable_mdns:
endpoint = keystone.get_endpoint('service_catalog')
self._zeroconf = mdns.Zeroconf()
self._zeroconf.register_service('baremetal-introspection',
endpoint)
def del_host(self):
if not self._shutting_down.acquire(blocking=False):
@ -105,6 +114,10 @@ class ConductorManager(object):
if utils.executor().alive:
utils.executor().shutdown(wait=True)
if self._zeroconf is not None:
self._zeroconf.close()
self._zeroconf = None
self._shutting_down.release()
LOG.info('Shut down successfully')

View File

@ -21,6 +21,7 @@ from ironic_inspector.conf import ironic
from ironic_inspector.conf import pci_devices
from ironic_inspector.conf import processing
from ironic_inspector.conf import pxe_filter
from ironic_inspector.conf import service_catalog
from ironic_inspector.conf import swift
@ -36,4 +37,5 @@ ironic.register_opts(CONF)
pci_devices.register_opts(CONF)
processing.register_opts(CONF)
pxe_filter.register_opts(CONF)
service_catalog.register_opts(CONF)
swift.register_opts(CONF)

View File

@ -76,6 +76,9 @@ _OPTS = [
'can manage PXE booting of nodes. If set to False, '
'the API will reject introspection requests with '
'manage_boot missing or set to True.')),
cfg.BoolOpt('enable_mdns', default=False,
help=_('Whether to enable publishing the ironic-inspector API '
'endpoint via multicast DNS.')),
]

View File

@ -69,4 +69,5 @@ def list_opts():
('processing', ironic_inspector.conf.processing.list_opts()),
('pci_devices', ironic_inspector.conf.pci_devices.list_opts()),
('pxe_filter', ironic_inspector.conf.pxe_filter.list_opts()),
('service_catalog', ironic_inspector.conf.service_catalog.list_opts()),
]

View File

@ -0,0 +1,22 @@
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from ironic_inspector.common import keystone
def register_opts(conf):
keystone.register_auth_opts('service_catalog', 'baremetal-introspection')
def list_opts():
return keystone.add_auth_options([], 'baremetal-introspection')

View File

@ -14,9 +14,11 @@
import json
import fixtures
from ironic_lib import mdns
import mock
import oslo_messaging as messaging
from ironic_inspector.common import keystone
from ironic_inspector.common import swift
from ironic_inspector.conductor import manager
import ironic_inspector.conf
@ -99,12 +101,14 @@ class TestManagerInitHost(BaseManagerTest):
'Introspection data will not be stored. Change "[processing] '
'store_data" option if this is not the desired behavior')
def test_init_host(self):
@mock.patch.object(mdns, 'Zeroconf', autospec=True)
def test_init_host(self, mock_zc):
self.manager.init_host()
self.mock_db_init.asset_called_once_with()
self.mock_db_init.assert_called_once_with()
self.mock_validate_processing_hooks.assert_called_once_with()
self.mock_filter.init_filter.assert_called_once_with()
self.assert_periodics()
self.assertFalse(mock_zc.called)
def test_init_host_validate_processing_hooks_exception(self):
class MyError(Exception):
@ -123,6 +127,18 @@ class TestManagerInitHost(BaseManagerTest):
self.mock_exit.assert_called_once_with(1)
self.mock_filter.init_filter.assert_not_called()
@mock.patch.object(mdns, 'Zeroconf', autospec=True)
@mock.patch.object(keystone, 'get_endpoint', autospec=True)
def test_init_host_with_mdns(self, mock_endpoint, mock_zc):
CONF.set_override('enable_mdns', True)
self.manager.init_host()
self.mock_db_init.assert_called_once_with()
self.mock_validate_processing_hooks.assert_called_once_with()
self.mock_filter.init_filter.assert_called_once_with()
self.assert_periodics()
mock_zc.return_value.register_service.assert_called_once_with(
'baremetal-introspection', mock_endpoint.return_value)
class TestManagerDelHost(BaseManagerTest):
def setUp(self):
@ -151,6 +167,23 @@ class TestManagerDelHost(BaseManagerTest):
self.mock_filter.tear_down_filter.assert_called_once_with()
self.mock__shutting_down.release.assert_called_once_with()
def test_del_host_with_mdns(self):
mock_zc = mock.Mock(spec=mdns.Zeroconf)
self.manager._zeroconf = mock_zc
self.manager.del_host()
mock_zc.close.assert_called_once_with()
self.assertIsNone(self.manager._zeroconf)
self.mock__shutting_down.acquire.assert_called_once_with(
blocking=False)
self.mock__periodic_worker.stop.assert_called_once_with()
self.mock__periodic_worker.wait.assert_called_once_with()
self.assertIsNone(self.manager._periodics_worker)
self.mock_executor.shutdown.assert_called_once_with(wait=True)
self.mock_filter.tear_down_filter.assert_called_once_with()
self.mock__shutting_down.release.assert_called_once_with()
def test_del_host_race(self):
self.mock__shutting_down.acquire.return_value = False

View File

@ -32,7 +32,7 @@ greenlet==0.4.13
hacking==1.0.0
idna==2.6
imagesize==1.0.0
ironic-lib==2.5.0
ironic-lib==2.17.0
iso8601==0.1.12
itsdangerous==0.24
Jinja2==2.10

View File

@ -0,0 +1,6 @@
---
features:
- |
A new option ``enable_mdns`` allows to enable publishing the baremetal
introspection API endpoint via mDNS as specified in the `API SIG guideline
<http://specs.openstack.org/openstack/api-sig/guidelines/dns-sd.html>`_.

View File

@ -8,7 +8,7 @@ construct<2.9,>=2.8.10 # MIT
eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
Flask!=0.11,>=0.10 # BSD
futurist>=1.2.0 # Apache-2.0
ironic-lib>=2.5.0 # Apache-2.0
ironic-lib>=2.17.0 # Apache-2.0
jsonpath-rw<2.0,>=1.2.0 # Apache-2.0
jsonschema<3.0.0,>=2.6.0 # MIT
keystoneauth1>=3.4.0 # Apache-2.0

View File

@ -1,6 +1,7 @@
[DEFAULT]
output_file = example.conf
namespace = ironic_inspector
namespace = ironic_lib.mdns
namespace = keystonemiddleware.auth_token
namespace = oslo.db
namespace = oslo.log
@ -9,4 +10,4 @@ namespace = oslo.middleware.cors
namespace = oslo.policy
namespace = oslo.service.service
namespace = oslo.service.sslutils
namespace = oslo.service.wsgi
namespace = oslo.service.wsgi