openstack
/
puppet-ceph
Code Issues Proposed changes

Re-boostrap beaker tests 

Current puppet-ceph CI is broken for all functional jobs.
I would like to restart from scratch the way we test the module.

1) centos7: deploy Jewel using buildlogs.centos.org repo
CentOS SIG does not provide packaging to deploy the Jewel repository,
let's install it by hand.

2) Remove RGW tests for now. We'll re-add them later, in a
puppet-openstack-integration scenario.

3) Reset spec files to match with other Puppet OpenStack modules.

4) On CentOS, use systemd resource and not sysvinit.

5) Fix keyring idempotency with SElinux.

Change-Id: Ie9ba521cdb4ac6823746d37bb5d1697e274e4119
This commit is contained in:
Emilien Macchi 2016-07-07 11:23:37 -04:00
parent 874e7a803c
commit fb88544ab5
19 changed files with 145 additions and 1712 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.fixtures.yml
View File

@ -1,16 +0,0 @@
fixtures:
repositories:
'stdlib': 'git://github.com/puppetlabs/puppetlabs-stdlib'
'apt':
repo: 'git://github.com/puppetlabs/puppetlabs-apt.git'
ref: '2.2.1'
'inifile': 'git://github.com/puppetlabs/puppetlabs-inifile'
'apache':
repo: 'git://github.com/puppetlabs/puppetlabs-apache'
ref: '1.4.1'
'concat':
repo: 'git://github.com/puppetlabs/puppetlabs-concat'
ref: '2.1.0'
symlinks:
'ceph': "#{source_dir}"

24
.gitignore vendored
View File

@ -1,11 +1,15 @@
*.swp
*~
.project
spec/fixtures/modules/*
pkg
pkg/
Gemfile.lock
.bundle
vendor
.vagrant/*
log
.bundled_gems/
vendor/
spec/fixtures/
.vagrant/
.bundle/
coverage/
.idea/
*.swp
*.iml
openstack/
# Files created by releasenotes build
releasenotes/build
.tox

109
.nodeset.yml
View File

@ -1,109 +0,0 @@
default_set: 'two-ubuntu-server-12042-x64'
sets:
'two-ubuntu-server-1404-x64':
default_node: 'first'
nodes:
'first':
prefab: 'ubuntu-server-1404-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'second':
prefab: 'ubuntu-server-1404-x64'
options:
ip: '10.11.12.3'
idedisk: 10
'ubuntu-server-1404-x64':
nodes:
'first':
prefab: 'ubuntu-server-1404-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'two-ubuntu-server-1204-x64':
default_node: 'first'
nodes:
'first':
prefab: 'ubuntu-server-1204-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'second':
prefab: 'ubuntu-server-1204-x64'
options:
ip: '10.11.12.3'
idedisk: 10
'ubuntu-server-1204-x64':
nodes:
'first':
prefab: 'ubuntu-server-1204-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'two-ubuntu-server-12042-x64':
default_node: 'first'
nodes:
'first':
prefab: 'ubuntu-server-12042-x64'
options:
ip: '10.11.12.2'
disk: 10
'second':
prefab: 'ubuntu-server-12042-x64'
options:
ip: '10.11.12.3'
disk: 10
'two-centos-70-x64':
default_node: 'first'
nodes:
'first':
prefab: 'centos-70-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'second':
prefab: 'centos-70-x64'
options:
ip: '10.11.12.3'
idedisk: 10
'centos-70-x64':
nodes:
'first':
prefab: 'centos-70-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'two-centos-66-x64':
default_node: 'first'
nodes:
'first':
prefab: 'centos-66-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'second':
prefab: 'centos-66-x64'
options:
ip: '10.11.12.3'
idedisk: 10
'centos-66-x64':
nodes:
'first':
prefab: 'centos-66-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'two-centos-65-x64':
default_node: 'first'
nodes:
'first':
prefab: 'centos-65-x64'
options:
ip: '10.11.12.2'
idedisk: 10
'second':
prefab: 'centos-65-x64'
options:
ip: '10.11.12.3'
idedisk: 10

134
.prefabs.yml
View File

@ -1,134 +0,0 @@
---
'ubuntu-server-1404-x64':
description: ""
facts:
architecture: amd64
kernel: Linux
operatingsystem: Ubuntu
lsbdistid: Ubuntu
facterversion: "2.4.1"
kernelmajversion: "3.13"
kernelrelease: "3.13.0-24-generic"
kernelversion: "3.13.0"
lsbdistcodename: trusty
lsbdistdescription: "Ubuntu 14.04 LTS"
lsbdistrelease: "14.04"
lsbmajdistrelease: "14.04"
operatingsystemrelease: "14.04"
osfamily: Debian
rubyversion: "1.9.3"
provider_specifics:
vagrant_virtualbox:
box: 'puppetlabs/ubuntu-14.04-64-nocm'
box_url: 'https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm'
vagrant_vmware_fusion:
box: 'puppetlabs/ubuntu-14.04-64-nocm'
box_url: 'https://vagrantcloud.com/puppetlabs/boxes/ubuntu-14.04-64-nocm'
vsphere:
template: 'ubuntu-1404-x86_64'
'ubuntu-server-1204-x64':
description: ""
facts:
architecture: amd64
kernel: Linux
operatingsystem: Ubuntu
lsbdistid: Ubuntu
facterversion: "2.4.1"
kernelmajversion: "3.11"
kernelrelease: "3.11.0-15-generic"
kernelversion: "3.11.0"
lsbdistcodename: precise
lsbdistdescription: "Ubuntu 12.04.4 LTS"
lsbdistrelease: "12.04"
lsbmajdistrelease: "12.04"
operatingsystemrelease: "12.04"
osfamily: Debian
rubyversion: "1.8.7"
provider_specifics:
vagrant_virtualbox:
box: 'puppetlabs/ubuntu-12.04-64-nocm'
box_url: 'https://vagrantcloud.com/puppetlabs/boxes/ubuntu-12.04-64-nocm'
vagrant_vmware_fusion:
box: 'puppetlabs/ubuntu-12.04-64-nocm'
box_url: 'https://vagrantcloud.com/puppetlabs/boxes/ubuntu-12.04-64-nocm'
vsphere:
template: 'ubuntu-1402-x86_64'
'centos-70-x64':
description: ""
facts:
kernelrelease: "3.10.0-123.el7.x86_64"
operatingsystem: CentOS
kernelmajversion: "3.10"
architecture: x86_64
facterversion: "2.4.1"
kernelversion: "3.10.0"
operatingsystemrelease: "7.0.1406"
osfamily: RedHat
lsbmajdistrelease: "7"
lsbdistcodename: Core
lsbdistdescription: "CentOS Linux release 7.0.1406 (Core)"
lsbdistid: CentOS
lsbdistrelease: "7.0.1406"
kernel: Linux
rubyversion: "2.0.0"
provider_specifics:
vagrant_virtualbox:
box: 'puppetlabs/centos-7.0-64-nocm'
box_url: 'https://atlas.hashicorp.com/puppetlabs/boxes/centos-7.0-64-nocm'
vagrant_vmware_fusion:
box: 'puppetlabs/centos-7.0-64-nocm'
box_url: 'https://atlas.hashicorp.com/puppetlabs/boxes/centos-7.0-64-nocm'
vsphere:
template: 'centos-7-x86_64'
'centos-66-x64':
description: ""
facts:
kernelrelease: "2.6.32-504.8.1.el6.x86_64"
operatingsystem: CentOS
kernelmajversion: "2.6"
architecture: x86_64
facterversion: "2.4.1"
kernelversion: "2.6.32"
operatingsystemrelease: "6.6"
osfamily: RedHat
lsbmajdistrelease: "6"
lsbdistcodename: Final
lsbdistdescription: "CentOS release 6.6 (Final)"
lsbdistid: CentOS
lsbdistrelease: "6.6"
kernel: Linux
rubyversion: "1.8.7"
provider_specifics:
vagrant_virtualbox:
box: 'puppetlabs/centos-6.6-64-nocm'
box_url: 'https://atlas.hashicorp.com/puppetlabs/boxes/centos-6.6-64-nocm'
vagrant_vmware_fusion:
box: 'puppetlabs/centos-6.6-64-nocm'
box_url: 'https://atlas.hashicorp.com/puppetlabs/boxes/centos-6.6-64-nocm'
vsphere:
template: 'centos-6-x86_64'
'centos-65-x64':
description: ""
facts:
kernelrelease: "2.6.32-431.el6.x86_64"
operatingsystem: CentOS
kernelmajversion: "2.6"
architecture: x86_64
facterversion: "2.4.1"
kernelversion: "2.6.32"
operatingsystemrelease: "6.5"
osfamily: RedHat
lsbmajdistrelease: "6"
lsbdistcodename: Final
lsbdistdescription: "CentOS release 6.5 (Final)"
lsbdistid: CentOS
lsbdistrelease: "6.5"
kernel: Linux
rubyversion: "1.8.7"
provider_specifics:
vagrant_virtualbox:
box: 'puppetlabs/centos-6.5-64-nocm'
vagrant_vmware_fusion:
box: 'puppetlabs/centos-6.5-64-nocm'
vsphere:
template: 'centos-6-x86_64'

30
Gemfile
View File

@ -1,25 +1,15 @@
source 'https://rubygems.org'
source ENV['GEM_SOURCE'] || "https://rubygems.org"
group :development, :test do
gem 'puppetlabs_spec_helper', :require => false
gem 'rspec-puppet', '~> 2.1.0', :require => false
gem 'beaker-rspec', :require => false
gem 'puppet-lint-param-docs'
gem 'metadata-json-lint'
gem 'puppet-lint-absolute_classname-check'
gem 'puppet-lint-absolute_template_path'
gem 'puppet-lint-trailing_newline-check'
group :development, :test, :system_tests do
gem 'puppet-openstack_spec_helper',
:git => 'https://git.openstack.org/openstack/puppet-openstack_spec_helper',
:require => false
end
# Puppet 4.x related lint checks
gem 'puppet-lint-unquoted_string-check'
gem 'puppet-lint-leading_zero-check'
gem 'puppet-lint-variable_contains_upcase'
gem 'puppet-lint-numericvariable'
gem 'json'
gem 'minitest', :require => false
gem 'test', :require => false
gem 'test-unit', :require => false
if facterversion = ENV['FACTER_GEM_VERSION']
gem 'facter', facterversion, :require => false
else
gem 'facter', :require => false
end
if puppetversion = ENV['PUPPET_GEM_VERSION']

13
Rakefile
View File

@ -1,12 +1 @@
require 'puppetlabs_spec_helper/rake_tasks'
require 'puppet-lint/tasks/puppet-lint'
require 'metadata-json-lint/rake_task'
begin
require 'rspec-system/rake_task'
rescue LoadError
# don't warn anymore as rspec-system is deprecated
end
PuppetLint.configuration.fail_on_warnings = true
PuppetLint.configuration.send('disable_80chars')
require 'puppet-openstack_spec_helper/rake_tasks'

11
manifests/key.pp
View File

@ -104,11 +104,12 @@ define ceph::key (
# which is supported by ceph-authtool
if ! defined(File[$keyring_path]) {
file { $keyring_path:
ensure => file,
owner => $user,
group => $group,
mode => $mode,
require => Package['ceph'],
ensure => file,
owner => $user,
group => $group,
mode => $mode,
selinux_ignore_defaults => true,
require => Package['ceph'],
}
}

6
manifests/mon.pp
View File

@ -89,11 +89,7 @@ define ceph::mon (
status => "status ceph-mon id=${id}",
}
}
# For Ubuntu Xenial system
# Note: once CentOS7 SIG provides ceph packaging on:
# http://buildlogs.centos.org/centos/7/storage/x86_64/ceph-jewel/
# then we can drop the Ubuntu conditional.
elsif $::service_provider == 'systemd' and $::operatingsystem == 'Ubuntu' {
elsif $::service_provider == 'systemd' {
$init = 'systemd'
Service {
name => $mon_service,

16
manifests/repo.pp
View File

@ -114,17 +114,15 @@ class ceph::repo (
if $::operatingsystem != 'CentOS' {
warning("CentOS SIG repository is only supported on CentOS operating system, not on ${::operatingsystem}, which can lead to packaging issues.")
}
# Bump to Jewel once this bug is solved:
# https://bugs.centos.org/view.php?id=10803
exec { 'installing_centos-release-ceph':
command => '/usr/bin/yum install -y centos-release-ceph-hammer',
logoutput => 'on_failure',
tries => 3,
try_sleep => 1,
unless => '/usr/bin/rpm -qa | /usr/bin/grep -q centos-release-ceph-hammer',
yumrepo { 'ceph-jewel-sig':
enabled => '1',
baseurl => 'http://buildlogs.centos.org/centos/7/storage/x86_64/ceph-jewel/',
descr => 'Ceph Jewel SIG',
mirrorlist => 'absent',
gpgcheck => '0',
}
# Make sure we install the repo before any Package resource
Exec['installing_centos-release-ceph'] -> Package<| tag == 'ceph' |>
Yumrepo['ceph-jewel-sig'] -> Package<| tag == 'ceph' |>
} else {
# If you want to deploy Ceph using packages provided by ceph.com repositories.
if ((($::operatingsystem == 'RedHat' or $::operatingsystem == 'CentOS') and (versioncmp($::operatingsystemmajrelease, '7') < 0)) or ($::operatingsystem == 'Fedora' and (versioncmp($::operatingsystemmajrelease, '19') < 0))) {

67
spec/acceptance/ceph_mon_osd_spec.rb Normal file
View File

@ -0,0 +1,67 @@
#
# Copyright (C) 2015 David Gurtner
#
# Author: David Gurtner <aldavud@crimson.ch>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'spec_helper_acceptance'
describe 'ceph mon osd' do
context 'default parameters' do
it 'should install one monitor and one OSD on /srv/data' do
pp = <<-EOS
class { 'ceph::repo':
release => 'jewel',
enable_sig => true,
enable_epel => false,
}
class { 'ceph':
fsid => '82274746-9a2c-426b-8c51-107fb0d890c6',
mon_host => $::ipaddress,
authentication_type => 'none',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
ceph_config {
'global/osd_journal_size': value => '100';
'global/osd_max_object_namespace_len': value => '64';
'global/osd_max_object_name_len': value => '256';
}
ceph::mon { 'a':
public_addr => $::ipaddress,
authentication_type => 'none',
}
ceph::osd { '/srv/data': }
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
shell 'sleep 10' # we need to wait a bit until the OSD is up
shell 'ceph -s', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/1 mons at/)
expect(r.stderr).to be_empty
end
shell 'ceph osd tree | grep osd.0', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/up/)
expect(r.stderr).to be_empty
end
end
end
end

394
spec/acceptance/ceph_rgw_civet_spec.rb
View File

@ -1,394 +0,0 @@
#
# Copyright (C) 2016 Keith Schincke
#
# Author: Keith Schincke <kschinck@redhat.com>
# forked from:
# Author: David Gurtner <aldavud@crimson.ch>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'spec_helper_acceptance'
describe 'ceph rgw/civetweb' do
if os[:family].casecmp('RedHat') == 0
release = 'hammer'
else
release = 'jewel'
end
fsid = 'a4807c9a-e76f-4666-a297-6d6cbc922e3a'
mon_key ='AQCztJdSyNb0NBAASA2yPZPuwXeIQnDJ9O8gVw=='
admin_key = 'AQA0TVRTsP/aHxAAFBvntu1dSEJHxtJeFFrRsg=='
radosgw_key = 'AQA0TVRTsP/aHxAAFBvntu1dSEJHxtJeFFrRwg=='
# passing it directly as unqoted array is not supported everywhere
packages = "[ 'python-ceph', 'ceph-common', 'librados2', 'librbd1', 'libcephfs1' ]"
keystone_admin_token = 'keystonetoken'
keystone_password = '123456'
test_user = 'testuser'
test_password = '123456'
test_email = 'testuser@example.com'
test_tenant = 'openstack'
describe 'ceph::rgw::civetweb' do
it 'should install one monitor/osd with a rgw/civetweb' do
pp = <<-EOS
$user = 'root'
case $::osfamily {
'Debian': {
include ::apt
apt::source { 'cloudarchive-kilo':
location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu',
release => 'trusty-updates/kilo',
repos => 'main',
include_src => false,
required_packages => 'ubuntu-cloud-keyring',
}
package { 'python-tz':
ensure => latest,
}
}
'RedHat': {
# ceph-radosgw expects open file limit of 32768
file { '/etc/security/limits.d/80-nofile.conf':
content => '* hard nofile 32768',
}
yumrepo { 'openstack-kilo':
descr => 'OpenStack Kilo Repository',
baseurl => 'http://mirror.centos.org/centos/7/cloud/x86_64/openstack-kilo/',
enabled => '1',
gpgcheck => '0',
gpgkey => 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/kilo/RPM-GPG-KEY-CentOS-SIG-Cloud',
priority => '15', # prefer over EPEL, but below ceph
}
}
default: {
fail ("Unsupported OS family ${::osfamily}")
}
}
# ceph setup
class { 'ceph::repo':
ensure => present,
release => '#{release}',
}
->
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
ceph::mon { 'a':
public_addr => $::ipaddress,
key => '#{mon_key}',
}
ceph::key { 'client.admin':
secret => '#{admin_key}',
cap_mon => 'allow *',
cap_osd => 'allow *',
cap_mds => 'allow *',
inject => true,
inject_as_id => 'mon.',
inject_keyring => '/var/lib/ceph/mon/ceph-a/keyring',
}
->
ceph::key { 'client.radosgw.gateway':
user => $user,
secret => '#{radosgw_key}',
cap_mon => 'allow rwx',
cap_osd => 'allow rwx',
inject => true,
}
->
exec { 'bootstrap-key':
command => '/usr/sbin/ceph-create-keys --id a',
}
->
ceph::osd { '/srv/data': }
# setup ceph radosgw
host { $::fqdn: # workaround for bad 'hostname -f' in vagrant box
ip => $ipaddress,
host_aliases => [$::hostname],
}
->
file { '/var/run/ceph': # workaround for bad sysvinit script (ignores socket)
ensure => directory,
owner => $user,
}
->
ceph::rgw { 'radosgw.gateway':
user => $user,
frontend_type => 'civetweb',
rgw_frontends => 'civetweb port=80',
}
Ceph::Osd['/srv/data'] -> Service['radosgw-radosgw.gateway']
package { 'python-swiftclient': # required for tests below
ensure => present,
}
ceph_config {
'global/mon_data_avail_warn': value => 10; # workaround for health warn in mon
'global/osd_journal_size': value => 100;
}
EOS
osfamily = fact 'osfamily'
servicequery = {
'Debian' => 'status radosgw id=radosgw.gateway',
'RedHat' => 'service ceph-radosgw status id=radosgw.gateway',
}
apply_manifest(pp, :catch_failures => true)
shell servicequery[osfamily] do |r|
expect(r.exit_code).to be_zero
end
shell "/usr/bin/radosgw-admin user create --uid=#{test_user} --email=#{test_email} --secret=#{test_password} --display-name=\"Test User\"" do |r|
expect(r.exit_code).to be_zero
end
shell "/usr/bin/radosgw-admin subuser create --uid=#{test_user} --subuser=#{test_user}:swift --access=full" do |r|
expect(r.exit_code).to be_zero
end
shell "/usr/bin/radosgw-admin key create --subuser=#{test_user}:swift --key-type=swift --secret=#{test_password}" do |r|
expect(r.exit_code).to be_zero
end
shell "curl -i -H 'X-Auth-User: #{test_user}:swift' -H 'X-Auth-Key: #{test_password}' http://127.0.0.1:80/auth/v1.0/" do |r|
expect(r.exit_code).to be_zero
expect(r.stdout).to match(/HTTP\/1\.1 204 No Content/)
expect(r.stdout).not_to match(/401 Unauthorized/)
end
end
it 'should configure keystone and ceph-rgw' do
pp = <<-EOS
$user = 'root'
class { 'ceph::repo':
release => '#{release}',
fastcgi => false,
}
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
ceph::rgw { 'radosgw.gateway':
user => $user,
frontend_type => 'civetweb',
rgw_frontends => 'civetweb port=80',
}
case $::osfamily {
'Debian': {
#trusty ships with pbr 0.7
#openstackclient.shell raises an requiring pbr!=0.7,<1.0,>=0.6'
#the latest is 0.10
package { 'python-pbr':
ensure => 'latest',
}
include ::apt
apt::source { 'cloudarchive-kilo':
location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu',
release => 'trusty-updates/kilo',
repos => 'main',
include => {
'src' => 'false',
},
}
package { 'ubuntu-cloud-keyring':
ensure => present,
}
package { 'python-tz':
ensure => latest,
}
Apt::Source['cloudarchive-kilo'] -> Package['ubuntu-cloud-keyring']
#Package['ubuntu-cloud-keyring'] -> Package['keystone','python-swiftclient']
#Exec['apt_update'] -> Package['keystone','python-swiftclient']
#xec['apt_update'] -> Package['keystone']
}
'RedHat': {
yumrepo { 'openstack-kilo':
descr => 'OpenStack Kilo Repository',
baseurl => 'http://mirror.centos.org/centos/7/cloud/x86_64/openstack-kilo/',
enabled => '1',
gpgcheck => '0',
gpgkey => 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/kilo/RPM-GPG-KEY-CentOS-SIG-Cloud',
priority => '15', # prefer over EPEL, but below ceph
}
Yumrepo<||> -> Package['keystone']
}
}
class { 'keystone':
verbose => true,
catalog_type => 'sql',
admin_token => '#{keystone_admin_token}',
admin_endpoint => "http://${::ipaddress}:35357",
}
->
class { 'keystone::roles::admin':
email => 'admin@example.com',
password => '#{keystone_password}',
}
->
class { 'keystone::endpoint':
public_url => "http://${::ipaddress}:5000",
admin_url => "http://${::ipaddress}:35357",
internal_url => "http://${::ipaddress}:5000",
region => 'example-1',
}
Service['keystone'] -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_service { 'swift':
ensure => present,
type => 'object-store',
description => 'Openstack Object Storage Service',
}
Keystone_service<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_endpoint { 'example-1/swift':
ensure => present,
public_url => "http://${::fqdn}:8080/swift/v1",
admin_url => "http://${::fqdn}:8080/swift/v1",
internal_url => "http://${::fqdn}:8080/swift/v1",
}
Keystone_endpoint<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_user { '#{test_user}':
ensure => present,
enabled => true,
email => '#{test_email}',
password => '#{test_password}',
tenant => '#{test_tenant}',
}
Keystone_user<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_user_role { 'testuser@openstack':
ensure => present,
roles => ['_member_'],
}
Keystone_user_role<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
#wget is used by ceph::rgw::keystone to pull down files
package { 'wget': # required for tests below
ensure => present,
} ->
ceph::rgw::keystone { 'radosgw.gateway':
rgw_keystone_url => "http://${::ipaddress}:5000",
rgw_keystone_admin_token => '#{keystone_admin_token}',
rgw_keystone_version => "v2.0",
user => $user,
}
EOS
osfamily = fact 'osfamily'
servicequery = {
'Debian' => 'status radosgw id=radosgw.gateway',
'RedHat' => 'service ceph-radosgw status id=radosgw.gateway',
}
apply_manifest(pp, :catch_failures => true)
shell servicequery[osfamily] do |r|
expect(r.exit_code).to be_zero
end
shell "curl -i -H 'X-Auth-User: #{test_user}:swift' -H 'X-Auth-Key: #{test_password}' http://127.0.0.1:80/auth/v1.0/" do |r|
expect(r.exit_code).to be_zero
expect(r.stdout).to match(/HTTP\/1\.1 204 No Content/)
expect(r.stdout).not_to match(/401 Unauthorized/)
end
end
it 'should purge everything' do
purge = <<-EOS
case $::osfamily {
'Debian': {
$radosgw = 'radosgw'
include ::apt
apt::source { 'cloudarchive-kilo':
ensure => absent,
}
}
'RedHat': {
$radosgw = 'ceph-radosgw'
yumrepo { 'openstack-kilo':
ensure => absent,
}
}
}
ceph::osd { '/srv/data':
ensure => absent,
}
->
ceph::mon { 'a': ensure => absent }
->
file { [
'/var/lib/ceph/bootstrap-osd/ceph.keyring',
'/var/lib/ceph/bootstrap-mds/ceph.keyring',
'/var/lib/ceph/nss/cert8.db',
'/var/lib/ceph/nss/key3.db',
'/var/lib/ceph/nss/secmod.db',
'/var/lib/ceph/radosgw/ceph-radosgw.gateway',
'/var/lib/ceph/radosgw',
'/var/lib/ceph/nss',
'/etc/ceph/ceph.client.admin.keyring',
'/etc/ceph/ceph.client.radosgw.gateway',
'/var/lib/ceph',
'/srv/data',
]:
ensure => absent,
recurse => true,
purge => true,
force => true,
}
->
package { $radosgw: ensure => purged }
->
package { #{packages}:
ensure => purged
}
class { 'ceph::repo':
ensure => absent,
release => '#{release}',
fastcgi => false,
}
EOS
osfamily = fact 'osfamily'
apply_manifest(purge, :catch_failures => true)
end
end
end
# Local Variables:
# compile-command: "cd ../..
# BUNDLE_PATH=/tmp/vendor bundle install
# BEAKER_set=ubuntu-server-1404-x64 \
# BUNDLE_PATH=/tmp/vendor \
# bundle exec rspec spec/acceptance/ceph_usecases_spec.rb
# "
# End:

744
spec/acceptance/ceph_rgw_spec.rb
View File

@ -1,744 +0,0 @@
#
# Copyright (C) 2015 David Gurtner
#
# Author: David Gurtner <aldavud@crimson.ch>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'spec_helper_acceptance'
describe 'ceph rgw' do
if os[:family].casecmp('RedHat') == 0
release = 'hammer'
else
release = 'jewel'
end
fsid = 'a4807c9a-e76f-4666-a297-6d6cbc922e3a'
mon_key ='AQCztJdSyNb0NBAASA2yPZPuwXeIQnDJ9O8gVw=='
admin_key = 'AQA0TVRTsP/aHxAAFBvntu1dSEJHxtJeFFrRsg=='
radosgw_key = 'AQA0TVRTsP/aHxAAFBvntu1dSEJHxtJeFFrRwg=='
# passing it directly as unqoted array is not supported everywhere
packages = "[ 'python-ceph', 'ceph-common', 'librados2', 'librbd1', 'libcephfs1' ]"
keystone_admin_token = 'keystonetoken'
keystone_password = '123456'
test_user = 'testuser'
test_password = '123456'
test_email = 'testuser@example.com'
test_tenant = 'openstack'
describe 'ceph::rgw::keystone' do
it 'should install one monitor/osd with cephx keys for rgw-fcgi' do
pp = <<-EOS
if $::osfamily == 'Debian' {
#trusty ships with pbr 0.7
#openstackclient.shell raises an requiring pbr!=0.7,<1.0,>=0.6'
#the latest is 0.10
package { 'python-pbr':
ensure => 'latest',
}
}
$apache_user = $::osfamily ? {
'RedHat' => 'apache',
default => 'www-data',
}
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
->
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
ceph_config {
'global/mon_data_avail_warn': value => 10; # workaround for health warn in mon
'global/osd_journal_size': value => 100;
}
ceph::mon { 'a':
public_addr => $::ipaddress,
key => '#{mon_key}',
}
ceph::key { 'client.admin':
secret => '#{admin_key}',
cap_mon => 'allow *',
cap_osd => 'allow *',
cap_mds => 'allow *',
inject => true,
inject_as_id => 'mon.',
inject_keyring => '/var/lib/ceph/mon/ceph-a/keyring',
}
->
ceph::key { 'client.radosgw.gateway':
user => $apache_user,
secret => '#{radosgw_key}',
cap_mon => 'allow rwx',
cap_osd => 'allow rwx',
inject => true,
}
~>
exec { 'bootstrap-key':
command => '/usr/sbin/ceph-create-keys --id a',
refreshonly => true,
}
->
ceph::osd { '/srv/data': }
EOS
osfamily = fact 'osfamily'
# RGW on CentOS is currently broken, so lets disable tests for now.
if osfamily != 'RedHat'
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
shell 'sleep 10' # we need to wait a bit until the OSD is up
shell 'ceph -s', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/1 mons at/)
expect(r.stderr).to be_empty
end
shell 'ceph osd tree', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/osd.0/)
expect(r.stderr).to be_empty
end
end
end
it 'should install a radosgw with fcgi' do
pp = <<-EOS
# ceph::repo and ceph are needed as dependencies in the catalog
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
$apache_user = $::osfamily ? {
'RedHat' => 'apache',
default => 'www-data',
}
host { $::fqdn: # workaround for bad 'hostname -f' in vagrant box
ip => $ipaddress,
host_aliases => [$::hostname],
}
->
file { '/var/run/ceph': # workaround for bad sysvinit script (ignores socket)
ensure => directory,
owner => $apache_user,
}
->
ceph::rgw { 'radosgw.gateway':
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
ceph::rgw::apache_fastcgi { 'radosgw.gateway':
rgw_port => '8080',
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
EOS
osfamily = fact 'osfamily'
operatingsystem = fact 'operatingsystem'
servicequery = {
'Debian' => 'status radosgw id=radosgw.gateway',
'RedHat' => 'service ceph-radosgw status id=radosgw.gateway',
}
# RGW on CentOS is currently broken, so lets disable tests for now.
# RGW testing disabled on Ubuntu while bumping Jewel
if osfamily != 'RedHat' and operatingsystem != 'Ubuntu'
apply_manifest(pp, :catch_failures => true)
# Enable as soon as remaining changes are fixed
#apply_manifest(pp, :catch_changes => true)
shell servicequery[osfamily] do |r|
expect(r.exit_code).to be_zero
end
shell "radosgw-admin user create --uid=#{test_user} --display-name=#{test_user}"
shell "radosgw-admin subuser create --uid=#{test_user} --subuser=#{test_user}:swift --access=full"
shell "radosgw-admin key create --subuser=#{test_user}:swift --key-type=swift --secret='#{test_password}'"
shell "curl -i -H 'X-Auth-User: #{test_user}:swift' -H 'X-Auth-Key: #{test_password}' http://127.0.0.1:8080/auth/v1.0/" do |r|
expect(r.exit_code).to be_zero
expect(r.stdout).to match(/HTTP\/1\.1 204 No Content/)
expect(r.stdout).not_to match(/401 Unauthorized/)
end
end
end
it 'should configure keystone and rgw-fcgi keystone integration' do
pp = <<-EOS
# ceph::repo and ceph are needed as dependencies in the catalog
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
# this is needed for the refresh triggered by ceph::rgw::keystone
ceph::rgw { 'radosgw.gateway':
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
case $::osfamily {
'Debian': {
include ::apt
apt::source { 'cloudarchive-juno':
location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu',
release => 'trusty-updates/juno',
repos => 'main',
include => {
'src' => 'false',
},
}
package { 'ubuntu-cloud-keyring':
ensure => present,
}
Apt::Source['cloudarchive-juno'] -> Package['ubuntu-cloud-keyring']
Package['ubuntu-cloud-keyring'] -> Package['keystone','python-swiftclient']
Exec['apt_update'] -> Package['keystone','python-swiftclient']
}
'RedHat': {
yumrepo { 'openstack-juno':
descr => 'OpenStack Juno Repository',
baseurl => 'http://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/',
enabled => '1',
gpgcheck => '1',
gpgkey => 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/juno/RPM-GPG-KEY-RDO-Juno',
priority => '15', # prefer over EPEL, but below ceph
}
Yumrepo<||> -> Package['python-swiftclient','keystone']
}
}
class { 'keystone':
verbose => true,
catalog_type => 'sql',
admin_token => '#{keystone_admin_token}',
admin_endpoint => "http://${::ipaddress}:35357",
}
->
class { 'keystone::roles::admin':
email => 'admin@example.com',
password => '#{keystone_password}',
}
->
class { 'keystone::endpoint':
public_url => "http://${::ipaddress}:5000",
admin_url => "http://${::ipaddress}:35357",
internal_url => "http://${::ipaddress}:5000",
region => 'example-1',
}
Service['keystone'] -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_service { 'swift':
ensure => present,
type => 'object-store',
description => 'Openstack Object Storage Service',
}
Keystone_service<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_endpoint { 'example-1/swift':
ensure => present,
public_url => "http://${::fqdn}:8080/swift/v1",
admin_url => "http://${::fqdn}:8080/swift/v1",
internal_url => "http://${::fqdn}:8080/swift/v1",
}
Keystone_endpoint<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
# add a testuser for validation below
keystone_user { '#{test_user}':
ensure => present,
enabled => true,
email => '#{test_email}',
password => '#{test_password}',
tenant => '#{test_tenant}',
}
Keystone_user<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_user_role { 'testuser@openstack':
ensure => present,
roles => ['_member_'],
}
Keystone_user_role<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
package { 'python-swiftclient': # required for tests below
ensure => present,
}
ceph::rgw::keystone { 'radosgw.gateway':
rgw_keystone_url => "http://${::ipaddress}:5000",
rgw_keystone_admin_token => '#{keystone_admin_token}',
}
EOS
osfamily = fact 'osfamily'
operatingsystem = fact 'operatingsystem'
servicequery = {
'Debian' => 'status radosgw id=radosgw.gateway',
'RedHat' => 'service ceph-radosgw status id=radosgw.gateway',
}
# RGW on CentOS is currently broken, so lets disable tests for now.
# RGW testing disabled on Ubuntu while bumping Jewel
if osfamily != 'RedHat' and operatingsystem != 'Ubuntu'
apply_manifest(pp, :catch_failures => true)
# Enable as soon as remaining changes are fixed
#apply_manifest(pp, :catch_changes => true)
shell servicequery[osfamily] do |r|
expect(r.exit_code).to be_zero
end
shell "swift -V 2.0 -A http://127.0.0.1:5000/v2.0 -U #{test_tenant}:#{test_user} -K #{test_password} stat" do |r|
expect(r.exit_code).to be_zero
expect(r.stdout).to match(/Content-Type: text\/plain; charset=utf-8/)
expect(r.stdout).not_to match(/401 Unauthorized/)
end
end
end
it 'should purge everything' do
purge = <<-EOS
$radosgw = $::osfamily ? {
'RedHat' => 'ceph-radosgw',
default => 'radosgw',
}
class { 'keystone':
admin_token => 'keystonetoken',
enabled => false,
}
->
ceph::osd { '/srv/data':
ensure => absent,
}
->
ceph::mon { 'a': ensure => absent }
->
file { [
'/var/lib/ceph/bootstrap-osd/ceph.keyring',
'/var/lib/ceph/bootstrap-mds/ceph.keyring',
'/var/lib/ceph/nss/cert8.db',
'/var/lib/ceph/nss/key3.db',
'/var/lib/ceph/nss/secmod.db',
'/var/lib/ceph/radosgw/ceph-radosgw.gateway',
'/var/lib/ceph/radosgw',
'/var/lib/ceph/nss',
'/etc/ceph/ceph.client.admin.keyring',
'/etc/ceph/ceph.client.radosgw.gateway',
'/var/lib/ceph',
'/srv/data',
]:
ensure => absent,
recurse => true,
purge => true,
force => true,
}
->
package { $radosgw: ensure => purged }
->
package { #{packages}:
ensure => purged
}
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
ensure => absent,
}
class { 'apache':
service_ensure => stopped,
service_enable => false,
}
apache::vhost { "$fqdn-radosgw":
ensure => absent,
docroot => '/var/www',
}
EOS
osfamily = fact 'osfamily'
# RGW on CentOS is currently broken, so lets disable tests for now.
if osfamily != 'RedHat'
apply_manifest(purge, :catch_failures => true)
end
end
it 'should install one monitor/osd with cephx keys for rgw-proxy' do
pp = <<-EOS
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
->
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
ceph_config {
'global/mon_data_avail_warn': value => 10; # workaround for health warn in mon
'global/osd_journal_size': value => 100;
}
ceph::mon { 'a':
public_addr => $::ipaddress,
key => '#{mon_key}',
}
ceph::key { 'client.admin':
secret => '#{admin_key}',
cap_mon => 'allow *',
cap_osd => 'allow *',
cap_mds => 'allow *',
inject => true,
inject_as_id => 'mon.',
inject_keyring => '/var/lib/ceph/mon/ceph-a/keyring',
}
->
ceph::key { 'client.radosgw.gateway':
user => $apache_user,
secret => '#{radosgw_key}',
cap_mon => 'allow rwx',
cap_osd => 'allow rwx',
inject => true,
}
->
exec { 'bootstrap-key':
command => '/usr/sbin/ceph-create-keys --id a',
}
->
ceph::osd { '/srv/data': }
EOS
osfamily = fact 'osfamily'
# RGW on CentOS is currently broken, so lets disable tests for now.
if osfamily != 'RedHat'
apply_manifest(pp, :catch_failures => true)
# Enable as soon as remaining changes are fixed
#apply_manifest(pp, :catch_changes => true)
shell 'sleep 10' # we need to wait a bit until the OSD is up
shell 'ceph -s', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/1 mons at/)
expect(r.stderr).to be_empty
end
shell 'ceph osd tree', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/osd.0/)
expect(r.stderr).to be_empty
end
end
end
it 'should install a radosgw with mod_proxy' do
pp = <<-EOS
# ceph::repo and ceph are needed as dependencies in the catalog
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
$apache_user = $::osfamily ? {
'RedHat' => 'apache',
default => 'www-data',
}
host { $::fqdn: # workaround for bad 'hostname -f' in vagrant box
ip => $ipaddress,
host_aliases => [$::hostname],
}
->
file { '/var/run/ceph': # workaround for bad sysvinit script (ignores socket)
ensure => directory,
owner => $apache_user,
}
->
ceph::rgw { 'radosgw.gateway':
frontend_type => 'apache-proxy-fcgi',
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
ceph::rgw::apache_proxy_fcgi { 'radosgw.gateway':
rgw_port => '8080',
proxy_pass => {'path' => '/', 'url' => 'fcgi://127.0.0.1:9000/', 'params' => { 'retry' => '0' }},
}
EOS
osfamily = fact 'osfamily'
operatingsystem = fact 'operatingsystem'
servicequery = {
'Debian' => 'status radosgw id=radosgw.gateway',
'RedHat' => 'service ceph-radosgw status id=radosgw.gateway',
}
# RGW on CentOS is currently broken, so lets disable tests for now.
# RGW on Ubuntu is disabled until Jewel.
if osfamily != 'RedHat' and operatingsystem != 'Ubuntu'
apply_manifest(pp, :catch_failures => true)
# Enable as soon as remaining changes are fixed
#apply_manifest(pp, :catch_changes => true)
shell servicequery[osfamily] do |r|
expect(r.exit_code).to be_zero
end
shell "radosgw-admin user create --uid=#{test_user} --display-name=#{test_user}"
shell "radosgw-admin subuser create --uid=#{test_user} --subuser=#{test_user}:swift --access=full"
shell "radosgw-admin key create --subuser=#{test_user}:swift --key-type=swift --secret='#{test_password}'"
shell "curl -i -H 'X-Auth-User: #{test_user}:swift' -H 'X-Auth-Key: #{test_password}' http://127.0.0.1:8080/auth/v1.0/" do |r|
expect(r.exit_code).to be_zero
expect(r.stdout).to match(/HTTP\/1\.1 204 No Content/)
expect(r.stdout).not_to match(/401 Unauthorized/)
end
end
end
it 'should configure keystone and rgw-proxy keystone integration' do
pp = <<-EOS
# ceph::repo and ceph are needed as dependencies in the catalog
class { 'ceph::repo':
release => '#{release}',
fastcgi => true,
}
class { 'ceph':
fsid => '#{fsid}',
mon_host => $::ipaddress,
mon_initial_members => 'a',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
# this is needed for the refresh triggered by ceph::rgw::keystone
ceph::rgw { 'radosgw.gateway':
rgw_socket_path => '/var/run/ceph/ceph-client.radosgw.gateway.asok',
}
case $::osfamily {
'Debian': {
include ::apt
apt::source { 'cloudarchive-juno':
location => 'http://ubuntu-cloud.archive.canonical.com/ubuntu',
release => 'trusty-updates/juno',
repos => 'main',
include_src => false,
required_packages => 'ubuntu-cloud-keyring',
}
Apt::Source['cloudarchive-juno'] -> Package['keystone','python-swiftclient']
Exec['apt_update'] -> Package['keystone','python-swiftclient']
}
'RedHat': {
yumrepo { 'openstack-juno':
descr => 'OpenStack Juno Repository',
baseurl => 'http://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/',
enabled => '1',
gpgcheck => '1',
gpgkey => 'https://raw.githubusercontent.com/redhat-openstack/rdo-release/juno/RPM-GPG-KEY-RDO-Juno',
priority => '15', # prefer over EPEL, but below ceph
}
Yumrepo<||> -> Package['python-swiftclient','keystone']
}
}
class { 'keystone':
verbose => true,
catalog_type => 'sql',
admin_token => '#{keystone_admin_token}',
admin_endpoint => "http://${::ipaddress}:35357",
}
->
class { 'keystone::roles::admin':
email => 'admin@example.com',
password => '#{keystone_password}',
}
->
class { 'keystone::endpoint':
public_url => "http://${::ipaddress}:5000",
admin_url => "http://${::ipaddress}:35357",
internal_url => "http://${::ipaddress}:5000",
region => 'example-1',
}
Service['keystone'] -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_service { 'swift':
ensure => present,
type => 'object-store',
description => 'Openstack Object Storage Service',
}
Keystone_service<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_endpoint { 'example-1/swift':
ensure => present,
public_url => "http://${::fqdn}:8080/swift/v1",
admin_url => "http://${::fqdn}:8080/swift/v1",
internal_url => "http://${::fqdn}:8080/swift/v1",
}
Keystone_endpoint<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
# add a testuser for validation below
keystone_user { '#{test_user}':
ensure => present,
enabled => true,
email => '#{test_email}',
password => '#{test_password}',
tenant => '#{test_tenant}',
}
Keystone_user<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
keystone_user_role { 'testuser@openstack':
ensure => present,
roles => ['_member_'],
}
Keystone_user_role<||> -> Ceph::Rgw::Keystone['radosgw.gateway']
package { 'python-swiftclient': # required for tests below
ensure => present,
}
ceph::rgw::keystone { 'radosgw.gateway':
rgw_keystone_url => "http://${::ipaddress}:5000",
rgw_keystone_admin_token => '#{keystone_admin_token}',
}
EOS
osfamily = fact 'osfamily'
operatingsystem = fact 'operatingsystem'
servicequery = {
'Debian' => 'status radosgw id=radosgw.gateway',
'RedHat' => 'service ceph-radosgw status id=radosgw.gateway',
}
# RGW on CentOS is currently broken, so lets disable tests for now.
# RGW on Ubuntu is disabled until Jewel.
if osfamily != 'RedHat' and operatingsystem != 'Ubuntu'
apply_manifest(pp, :catch_failures => true)
# Enable as soon as remaining changes are fixed
#apply_manifest(pp, :catch_changes => true)
shell servicequery[osfamily] do |r|
expect(r.exit_code).to be_zero
end
shell "swift -V 2.0 -A http://127.0.0.1:5000/v2.0 -U #{test_tenant}:#{test_user} -K #{test_password} stat" do |r|
expect(r.exit_code).to be_zero
expect(r.stdout).to match(/Content-Type: text\/plain; charset=utf-8/)
expect(r.stdout).not_to match(/401 Unauthorized/)
end
end
end
it 'should purge everything again' do
purge = <<-EOS
$radosgw = $::osfamily ? {
'RedHat' => 'ceph-radosgw',
default => 'radosgw',
}
class { 'keystone':
admin_token => 'keystonetoken',
enabled => false,
}
->
ceph::osd { '/srv/data':
ensure => absent,
}
->
ceph::mon { 'a': ensure => absent }
->
file { [
'/var/lib/ceph/bootstrap-osd/ceph.keyring',
'/var/lib/ceph/bootstrap-mds/ceph.keyring',
'/var/lib/ceph/nss/cert8.db',
'/var/lib/ceph/nss/key3.db',
'/var/lib/ceph/nss/secmod.db',
'/var/lib/ceph/radosgw/ceph-radosgw.gateway',
'/var/lib/ceph/radosgw',
'/var/lib/ceph/nss',
'/etc/ceph/ceph.client.admin.keyring',
'/etc/ceph/ceph.client.radosgw.gateway',
]:
ensure => absent
}
->
package { $radosgw: ensure => purged }
->
package { #{packages}:
ensure => purged
}
class { 'ceph::repo':
release => '#{release}',
ensure => absent,
}
class { 'apache':
service_ensure => stopped,
service_enable => false,
}
apache::vhost { "$fqdn-radosgw":
ensure => absent,
docroot => '/var/www',
}
EOS
osfamily = fact 'osfamily'
# RGW on CentOS is currently broken, so lets disable tests for now.
if osfamily != 'RedHat'
apply_manifest(purge, :catch_failures => true)
end
end
end
end
# Local Variables:
# compile-command: "cd ../..
# BUNDLE_PATH=/tmp/vendor bundle install
# BEAKER_set=ubuntu-server-1204-x64 \
# BUNDLE_PATH=/tmp/vendor \
# bundle exec rspec spec/acceptance/ceph_usecases_spec.rb
# "
# End:

154
spec/acceptance/ceph_usecases_spec.rb
View File

@ -1,154 +0,0 @@
#
# Copyright (C) 2015 David Gurtner
#
# Author: David Gurtner <aldavud@crimson.ch>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'spec_helper_acceptance'
describe 'ceph usecases' do
# passing it directly as unqoted array is not supported everywhere
packages = "[ 'python-ceph', 'ceph-common', 'librados2', 'librbd1', 'libcephfs1' ]"
if os[:family].casecmp('RedHat') == 0
release = 'hammer'
else
release = 'jewel'
end
describe 'I want to try this module, heard of ceph, want to see it in action' do
it 'should install one monitor and one OSD on /srv/data' do
pp = <<-EOS
class { 'ceph::repo':
release => #{release},
}
class { 'ceph':
fsid => '82274746-9a2c-426b-8c51-107fb0d890c6',
mon_host => $::ipaddress,
authentication_type => 'none',
osd_pool_default_size => '1',
osd_pool_default_min_size => '1',
}
ceph_config {
'global/osd_journal_size': value => '100';
'global/osd_max_object_namespace_len': value => '64';
'global/osd_max_object_name_len': value => '256';
}
ceph::mon { 'a':
public_addr => $::ipaddress,
authentication_type => 'none',
}
ceph::osd { '/srv/data': }
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
shell 'sleep 10' # we need to wait a bit until the OSD is up
shell 'ceph -s', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/1 mons at/)
expect(r.stderr).to be_empty
end
shell 'ceph osd tree | grep osd.0', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/up/)
expect(r.stderr).to be_empty
end
end
it 'should uninstall one osd' do
shell 'ceph osd tree | grep osd.0', { :acceptable_exit_codes => [0] } do |r|
expect(r.stdout).to match(/up/)
expect(r.stderr).to be_empty
end
pp = <<-EOS
ceph::osd { '/srv/data':
ensure => absent,
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
shell 'sleep 10' # we need to wait a bit until the OSD is down
shell 'ceph osd tree | grep osd.0', { :acceptable_exit_codes => [1] }
end
it 'should uninstall one monitor' do
pp = <<-EOS
ceph::mon { 'a':
ensure => absent,
}
EOS
apply_manifest(pp, :catch_failures => true)
apply_manifest(pp, :catch_changes => true)
osfamily = fact 'osfamily'
operatingsystem = fact 'operatingsystem'
if osfamily == 'Debian' && operatingsystem == 'Ubuntu'
shell 'status ceph-mon id=a', { :acceptable_exit_codes => [1] } do |r|
expect(r.stdout).to be_empty
expect(r.stderr).to match(/Unknown instance: ceph.a/)
end
end
if osfamily == 'RedHat'
shell 'systemctl status ceph-mon@a', { :acceptable_exit_codes => [1] } do |r|
expect(r.stdout).to match(/Active: inactive/)
expect(r.stderr).to be_empty
end
end
end
it 'should purge all packages' do
pp = <<-EOS
package { #{packages}:
ensure => purged
}
class { 'ceph::repo':
ensure => absent,
}
file { [
'/var/lib/ceph',
'/srv/data',
]:
ensure => absent,
recurse => true,
purge => true,
force => true,
}
EOS
apply_manifest(pp, :catch_failures => true)
# can't check for idempotency because of https://tickets.puppetlabs.com/browse/PUP-1198
#apply_manifest(pp, :catch_changes => true)
apply_manifest(pp, :catch_failures => true)
end
end
end
# Local Variables:
# compile-command: "cd ../..
# BUNDLE_PATH=/tmp/vendor bundle install
# BEAKER_set=ubuntu-server-1204-x64 \
# BUNDLE_PATH=/tmp/vendor \
# bundle exec rspec spec/acceptance/ceph_usecases_spec.rb
# "
# End:

8
spec/classes/ceph_repo_spec.rb
View File

@ -536,13 +536,7 @@ describe 'ceph::repo' do
it { is_expected.to_not contain_yumrepo('ext-epel-7') }
it { is_expected.to_not contain_yumrepo('ext-ceph') }
it { is_expected.to_not contain_yumrepo('ext-ceph-noarch') }
it { is_expected.to contain_exec('installing_centos-release-ceph').with(
:command => '/usr/bin/yum install -y centos-release-ceph-hammer',
:logoutput => 'on_failure',
:tries => 3,
:try_sleep => 1,
:unless => '/usr/bin/rpm -qa | /usr/bin/grep -q centos-release-ceph-hammer',
) }
it { is_expected.to contain_yumrepo('ceph-jewel-sig') }
end
describe "with ensure => absent to disable" do

7
spec/defines/ceph_key_spec.rb
View File

@ -44,9 +44,10 @@ describe 'ceph::key' do
'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph-authtool /etc/ceph/ceph.client.admin.keyring --name 'client.admin' --add-key 'supersecret' --cap mon 'allow *' --cap osd 'allow rw' "
)
is_expected.to contain_file('/etc/ceph/ceph.client.admin.keyring').with(
'owner' => 'nobody',
'group' => 'nogroup',
'mode' => '0600'
'owner' => 'nobody',
'group' => 'nogroup',
'mode' => '0600',
'selinux_ignore_defaults' => true,
)
is_expected.to contain_exec('ceph-injectkey-client.admin').with(
'command' => "/bin/true # comment to satisfy puppet syntax requirements\nset -ex\nceph auth add client.admin --in-file=/etc/ceph/ceph.client.admin.keyring"

23
spec/defines/ceph_mon_spec.rb
View File

@ -484,8 +484,9 @@ test ! -d \$mon_data
let :facts do
{
:osfamily => 'RedHat',
:operatingsystem => 'RHEL7',
:osfamily => 'RedHat',
:operatingsystem => 'RHEL7',
:service_provider => 'systemd',
}
end
@ -552,8 +553,8 @@ if [ ! -d \$mon_data ] ; then
--mkfs \
--id A \
--keyring /tmp/ceph-mon-keyring-A ; then
touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
chown -h ceph:ceph \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
touch \$mon_data/done \$mon_data/systemd \$mon_data/keyring
chown -h ceph:ceph \$mon_data/done \$mon_data/systemd \$mon_data/keyring
else
rm -fr \$mon_data
fi
@ -562,7 +563,7 @@ if [ ! -d \$mon_data ] ; then
--mkfs \
--id A \
--keyring /tmp/ceph-mon-keyring-A ; then
touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
touch \$mon_data/done \$mon_data/systemd \$mon_data/keyring
else
rm -fr \$mon_data
fi
@ -609,8 +610,8 @@ if [ ! -d \$mon_data ] ; then
--mkfs \
--id A \
--keyring /etc/ceph/ceph.mon.keyring ; then
touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
chown -h ceph:ceph \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
touch \$mon_data/done \$mon_data/systemd \$mon_data/keyring
chown -h ceph:ceph \$mon_data/done \$mon_data/systemd \$mon_data/keyring
else
rm -fr \$mon_data
fi
@ -619,7 +620,7 @@ if [ ! -d \$mon_data ] ; then
--mkfs \
--id A \
--keyring /etc/ceph/ceph.mon.keyring ; then
touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
touch \$mon_data/done \$mon_data/systemd \$mon_data/keyring
else
rm -fr \$mon_data
fi
@ -663,8 +664,8 @@ if [ ! -d \$mon_data ] ; then
--mkfs \
--id A \
--keyring /dev/null ; then
touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
chown -h ceph:ceph \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
touch \$mon_data/done \$mon_data/systemd \$mon_data/keyring
chown -h ceph:ceph \$mon_data/done \$mon_data/systemd \$mon_data/keyring
else
rm -fr \$mon_data
fi
@ -673,7 +674,7 @@ if [ ! -d \$mon_data ] ; then
--mkfs \
--id A \
--keyring /dev/null ; then
touch \$mon_data/done \$mon_data/sysvinit \$mon_data/keyring
touch \$mon_data/done \$mon_data/systemd \$mon_data/keyring
else
rm -fr \$mon_data
fi

5
spec/shared_examples.rb Normal file
View File

@ -0,0 +1,5 @@
shared_examples_for "a Puppet::Error" do |description|
it "with message matching #{description.inspect}" do
expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description)
end
end

35
spec/spec_helper.rb
View File

@ -1,29 +1,24 @@
#
# Copyright (C) 2014 Nine Internet Solutions AG
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Author: David Gurtner <aldavud@crimson.ch>
#
# Load libraries from openstacklib here to simulate how they live together in a real puppet run (for provider unit tests)
$LOAD_PATH.push(File.join(File.dirname(__FILE__), 'fixtures', 'modules', 'openstacklib', 'lib'))
require 'puppetlabs_spec_helper/module_spec_helper'
require 'shared_examples'
require 'puppet-openstack_spec_helper/defaults'
require 'rspec-puppet-facts'
include RspecPuppetFacts
RSpec.configure do |c|
c.alias_it_should_behave_like_to :it_configures, 'configures'
c.alias_it_should_behave_like_to :it_raises, 'raises'
# TODO(aschultz): remove this after all tests converted to use OSDefaults
# instead of referencing @default_facts
c.before :each do
@default_facts = OSDefaults.get_facts
end
fixture_path = File.expand_path(File.join(File.dirname(__FILE__), 'fixtures'))
c.hiera_config = File.join(fixture_path, 'hieradata/hiera.yaml')
c.alias_it_should_behave_like_to(:it_configures, 'configures')
c.before(:all) do
data = YAML.load_file(c.hiera_config)
data[:yaml][:datadir] = File.join(fixture_path, 'hieradata')
@ -36,3 +31,5 @@ RSpec.configure do |c|
`git checkout -- #{c.hiera_config}`
end
end
at_exit { RSpec::Puppet::Coverage.report! }

61
spec/spec_helper_acceptance.rb
View File

@ -1,60 +1 @@
#
# Copyright (C) 2015 David Gurtner
#
# Author: David Gurtner <aldavud@crimson.ch>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
require 'minitest'
require 'beaker-rspec'
RSpec.configure do |c|
# Project root
proj_root = File.expand_path(File.join(File.dirname(__FILE__), '..'))
hosts.each do |host|
install_puppet
# clean out any module cruft
shell('rm -fr /etc/puppet/modules/*')
on host, "mkdir -p #{host['distmoduledir']}"
# we will provide our own epel, but excluding the ceph packages later
shell('rm -f /etc/yum.repos.d/epel.repo')
end
c.formatter = :documentation
c.before :suite do
hosts.each do |host|
scp_to hosts, File.join(proj_root, 'spec/fixtures/hieradata/hiera.yaml'), '/etc/puppet/hiera.yaml'
# https://tickets.puppetlabs.com/browse/PUP-2566
on host, 'sed -i "/templatedir/d" /etc/puppet/puppet.conf'
install_package host, 'git'
on host, puppet('module install puppetlabs/stdlib --version ">=4.0.0 <5.0.0"'), { :acceptable_exit_codes => [0,1] }
on host, puppet('module install puppetlabs/inifile --version ">=1.0.0 <2.0.0"'), { :acceptable_exit_codes => [0,1] }
on host, puppet('module install puppetlabs/apt --version ">=2.0.0 <3.0.0"'), { :acceptable_exit_codes => [0,1] }
on host, puppet('module install puppetlabs/concat --version ">=1.2.1 <3.0.0"'), { :acceptable_exit_codes => [0,1] }
on host, puppet('module install puppetlabs/apache --version ">=1.4.1 <2.0.0"'), { :acceptable_exit_codes => [0,1] }
on host, puppet('module install stackforge/keystone --version ">=5.1.0 <6.0.0"'), { :acceptable_exit_codes => [0,1] } # keystone >=5.1.0 <6.0.0 is not present in openstack/keystone
puppet_module_install(:source => proj_root, :module_name => 'ceph')
# Flush the firewall
flushfw = <<-EOS
iptables -F
iptables -X
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
EOS
on host, flushfw
end
end
end
require 'puppet-openstack_spec_helper/beaker_spec_helper'