diff --git a/manifests/deps.pp b/manifests/deps.pp index 30abc6b0..8b5eb3ee 100644 --- a/manifests/deps.pp +++ b/manifests/deps.pp @@ -30,6 +30,10 @@ class ironic::deps { # before dbsync starts Oslo::Db<||> -> Anchor['ironic::dbsync::begin'] + # all coordination settings should be applied and all packages should be + # installed before service startup + Oslo::Coordination<| tag == 'ironic-inspector' |> -> Anchor['ironic-inspector::service::begin'] + # ironic-inspector is supported by this module. This service uses a # specific conf file and uses it's own config provider. Split out install # and configure of this service so that other services are not affected. diff --git a/manifests/inspector.pp b/manifests/inspector.pp index bf7a417a..fc090d67 100644 --- a/manifests/inspector.pp +++ b/manifests/inspector.pp @@ -306,6 +306,10 @@ # (optional) Define queues as "durable" to rabbitmq. (boolean value) # Defaults to $facts['os_service_default'] # +# [*standalone*] +# (optional) Whether to run ironic-inspector as a standalone service. +# Defaults to false +# class ironic::inspector ( $package_ensure = 'present', Boolean $manage_service = true, @@ -365,6 +369,7 @@ class ironic::inspector ( $kombu_failover_strategy = $facts['os_service_default'], $kombu_compression = $facts['os_service_default'], $amqp_durable_queues = $facts['os_service_default'], + Boolean $standalone = true, ) inherits ironic::params { include ironic::deps @@ -376,6 +381,10 @@ class ironic::inspector ( include ironic::inspector::authtoken } + if !standalone and $facts['os']['family'] != 'RedHat' { + fail('Non-standalone mode configuration is not supported in this operating system') + } + $tftp_root_real = pick($::ironic::pxe::common::tftp_root, $tftp_root) $http_root_real = pick($::ironic::pxe::common::http_root, $http_root) $http_port_real = pick($::ironic::pxe::common::http_port, $http_port) @@ -468,6 +477,7 @@ class ironic::inspector ( 'processing/node_not_found_hook': value => $node_not_found_hook; 'discovery/enroll_node_driver': value => $discovery_default_driver; 'port_physnet/cidr_map': value => $port_physnet_cidr_map_real; + 'DEFAULT/standalone': value => $standalone; } oslo::messaging::default {'ironic_inspector_config': @@ -510,6 +520,19 @@ included in the manifest") tag => ['openstack', 'ironic-inspector-package'], } + if ! $standalone { + package { 'ironic-inspector-api': + ensure => $package_ensure, + name => $::ironic::params::inspector_api_package, + tag => ['openstack', 'ironic-inspector-package'], + } + package { 'ironic-inspector-conductor': + ensure => $package_ensure, + name => $::ironic::params::inspector_conductor_package, + tag => ['openstack', 'ironic-inspector-package'], + } + } + if $::ironic::params::inspector_dnsmasq_package { package { 'ironic-inspector-dnsmasq': ensure => $package_ensure, @@ -529,15 +552,38 @@ included in the manifest") $ensure = 'stopped' } - # Manage services - service { 'ironic-inspector': - ensure => $ensure, - name => $::ironic::params::inspector_service, - enable => $enabled, - hasstatus => true, - tag => 'ironic-inspector-service', + if $standalone { + service { 'ironic-inspector': + ensure => $ensure, + name => $::ironic::params::inspector_service, + enable => $enabled, + hasstatus => true, + tag => 'ironic-inspector-service', + } + Keystone_endpoint<||> -> Service['ironic-inspector'] + } else { + + # NOTE(tkajinam): Ensure ironic-inspector is stopped before starting + # -api and -conductor. + service { 'ironic-inspector': + ensure => 'stopped', + name => $::ironic::params::inspector_service, + enable => false, + hasstatus => true, + tag => 'ironic-inspector-service', + } + Service['ironic-inspector'] -> Service['ironic-inspector-conductor'] + Service <| title == 'httpd' |> { tag +> 'ironic-inspector-service' } + + service { 'ironic-inspector-conductor': + ensure => $ensure, + name => $::ironic::params::inspector_conductor_service, + enable => $enabled, + hasstatus => true, + tag => 'ironic-inspector-service', + } + Keystone_endpoint<||> -> Service['ironic-inspector-conductor'] } - Keystone_endpoint<||> -> Service['ironic-inspector'] if $::ironic::params::inspector_dnsmasq_service { service { 'ironic-inspector-dnsmasq': diff --git a/manifests/inspector/coordination.pp b/manifests/inspector/coordination.pp new file mode 100644 index 00000000..174d2eda --- /dev/null +++ b/manifests/inspector/coordination.pp @@ -0,0 +1,21 @@ +# == Class: ironic::inspector::coordination +# +# Setup and configure ironic-inspector coordination settings. +# +# === Parameters +# +# [*backend_url*] +# (Optional) Coordination backend URL. +# Defaults to $facts['os_service_default'] +# +class ironic::inspector::coordination ( + $backend_url = $facts['os_service_default'], +) { + + include ironic::deps + + oslo::coordination{ 'ironic_inspector_config': + backend_url => $backend_url, + tag => 'ironic-inspector', + } +} diff --git a/manifests/inspector/wsgi/apache.pp b/manifests/inspector/wsgi/apache.pp new file mode 100644 index 00000000..673c8d3a --- /dev/null +++ b/manifests/inspector/wsgi/apache.pp @@ -0,0 +1,201 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# Class to serve ironic API with apache mod_wsgi in place of +# ironic-inspector-api service. +# +# == Parameters +# +# [*servername*] +# (Optional) The servername for the virtualhost. +# Defaults to $facts['networking']['fqdn'] +# +# [*port*] +# (Optional) The port. +# Defaults to 5050 +# +# [*bind_host*] +# (Optional) The host/ip address Apache will listen on. +# Defaults to undef (listen on all ip addresses). +# +# [*path*] +# (Optional) The prefix for the endpoint. +# Defaults to '/' +# +# [*ssl*] +# (Optional) Use ssl ? (boolean) +# Defaults to false +# +# [*workers*] +# (Optional) Number of WSGI workers to spawn. +# Defaults to $facts['os_workers'] +# +# [*priority*] +# (Optional) The priority for the vhost. +# Defaults to 10 +# +# [*threads*] +# (Optional) The number of threads for the vhost. +# Defaults to 15 +# +# [*wsgi_process_display_name*] +# (Optional) Name of the WSGI process display-name. +# Defaults to undef +# +# [*ssl_cert*] +# [*ssl_key*] +# [*ssl_chain*] +# [*ssl_ca*] +# [*ssl_crl_path*] +# [*ssl_crl*] +# [*ssl_certs_dir*] +# (Optional) apache::vhost ssl parameters. +# Default to apache::vhost 'ssl_*' defaults. +# +# [*access_log_file*] +# (Optional) The log file name for the virtualhost. +# Defaults to undef. +# +# [*access_log_pipe*] +# (Optional) Specifies a pipe where Apache sends access logs for +# the virtualhost. +# Defaults to undef. +# +# [*access_log_syslog*] +# (Optional) Sends the virtualhost access log messages to syslog. +# Defaults to undef. +# +# [*access_log_format*] +# (Optional) The log format for the virtualhost. +# Defaults to undef. +# +# [*error_log_file*] +# (Optional) The error log file name for the virtualhost. +# Defaults to undef. +# +# [*error_log_pipe*] +# (Optional) Specifies a pipe where Apache sends error logs for +# the virtualhost. +# Defaults to undef. +# +# [*error_log_syslog*] +# (Optional) Sends the virtualhost error log messages to syslog. +# Defaults to undef. +# +# [*custom_wsgi_process_options*] +# (Optional) gives you the opportunity to add custom process options or to +# overwrite the default options for the WSGI main process. +# eg. to use a virtual python environment for the WSGI process +# you could set it to: +# { python-path => '/my/python/virtualenv' } +# Defaults to {} +# +# [*headers*] +# (Optional) Headers for the vhost. +# Defaults to undef +# +# [*request_headers*] +# (Optional) Modifies collected request headers in various ways. +# Defaults to undef +# +# [*vhost_custom_fragment*] +# (Optional) Passes a string of custom configuration +# directives to be placed at the end of the vhost configuration. +# Defaults to undef. +# +# == Dependencies +# +# requires Class['apache'] & Class['ironic::inspector'] +# +# == Examples +# +# include apache +# +# class { 'ironic::inspector::wsgi::apache': } +# +# +class ironic::inspector::wsgi::apache ( + $servername = $facts['networking']['fqdn'], + $port = 5050, + $bind_host = undef, + $path = '/', + $ssl = false, + $workers = $facts['os_workers'], + $ssl_cert = undef, + $ssl_key = undef, + $ssl_chain = undef, + $ssl_ca = undef, + $ssl_crl_path = undef, + $ssl_crl = undef, + $ssl_certs_dir = undef, + $wsgi_process_display_name = undef, + $threads = 15, + $priority = 10, + $access_log_file = undef, + $access_log_pipe = undef, + $access_log_syslog = undef, + $access_log_format = undef, + $error_log_file = undef, + $error_log_pipe = undef, + $error_log_syslog = undef, + $custom_wsgi_process_options = {}, + $headers = undef, + $request_headers = undef, + $vhost_custom_fragment = undef, +) { + + include ironic::deps + include ironic::params + + if $facts['os']['family'] != 'RedHat' { + fail('Non-standalone mode configuration is not supported in this operating system') + } + + Anchor['ironic-inspector::install::end'] -> Class['apache'] + + ::openstacklib::wsgi::apache { 'ironic_inspector_wsgi': + bind_host => $bind_host, + bind_port => $port, + group => $::ironic::params::inspector_group, + path => $path, + priority => $priority, + servername => $servername, + ssl => $ssl, + ssl_ca => $ssl_ca, + ssl_cert => $ssl_cert, + ssl_certs_dir => $ssl_certs_dir, + ssl_chain => $ssl_chain, + ssl_crl => $ssl_crl, + ssl_crl_path => $ssl_crl_path, + ssl_key => $ssl_key, + threads => $threads, + user => $::ironic::params::inspector_user, + vhost_custom_fragment => $vhost_custom_fragment, + workers => $workers, + wsgi_daemon_process => 'ironic-inspector', + wsgi_process_display_name => $wsgi_process_display_name, + wsgi_process_group => 'ironic-inspector', + wsgi_script_dir => $::ironic::params::inspector_wsgi_script_path, + wsgi_script_file => 'app', + wsgi_script_source => $::ironic::params::inspector_wsgi_script_source, + headers => $headers, + request_headers => $request_headers, + custom_wsgi_process_options => $custom_wsgi_process_options, + access_log_file => $access_log_file, + access_log_pipe => $access_log_pipe, + access_log_syslog => $access_log_syslog, + access_log_format => $access_log_format, + error_log_file => $error_log_file, + error_log_pipe => $error_log_pipe, + error_log_syslog => $error_log_syslog, + } +} diff --git a/manifests/params.pp b/manifests/params.pp index 7ab27225..cd8494f9 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -39,35 +39,41 @@ class ironic::params { case $facts['os']['family'] { 'RedHat': { - $common_package_name = 'openstack-ironic-common' - $api_package = 'openstack-ironic-api' - $api_service = 'openstack-ironic-api' - $conductor_package = 'openstack-ironic-conductor' - $conductor_service = 'openstack-ironic-conductor' - $dnsmasq_tftp_package = 'openstack-ironic-dnsmasq-tftp-server' - $dnsmasq_tftp_service = 'openstack-ironic-dnsmasq-tftp-server' - $inspector_package = 'openstack-ironic-inspector' - $inspector_dnsmasq_package = 'openstack-ironic-inspector-dnsmasq' - $inspector_service = 'openstack-ironic-inspector' - $inspector_dnsmasq_service = 'openstack-ironic-inspector-dnsmasq' - $staging_drivers_package = 'openstack-ironic-staging-drivers' - $systemd_python_package = 'systemd-python' - $ipxe_rom_dir = '/usr/share/ipxe' - $ipxe_name_base = 'ipxe-snponly' - $uefi_pxe_bootfile_name = 'bootx64.efi' - $uefi_ipxe_bootfile_name = 'snponly.efi' - $ironic_wsgi_script_path = '/var/www/cgi-bin/ironic' - $ironic_wsgi_script_source = '/usr/bin/ironic-api-wsgi' - $xinetd_available = false - $tftpd_package = false - $ipxe_package = 'ipxe-bootimgs' - $pxelinux_package = false - $pxelinux_path = false - $syslinux_package = 'syslinux-tftpboot' - $syslinux_path = '/tftpboot' - $syslinux_files = ['pxelinux.0', 'chain.c32', 'ldlinux.c32'] - $grub_efi_package = 'grub2-efi-x64' - $shim_package = 'shim' + $common_package_name = 'openstack-ironic-common' + $api_package = 'openstack-ironic-api' + $api_service = 'openstack-ironic-api' + $conductor_package = 'openstack-ironic-conductor' + $conductor_service = 'openstack-ironic-conductor' + $dnsmasq_tftp_package = 'openstack-ironic-dnsmasq-tftp-server' + $dnsmasq_tftp_service = 'openstack-ironic-dnsmasq-tftp-server' + $inspector_package = 'openstack-ironic-inspector' + $inspector_service = 'openstack-ironic-inspector' + $inspector_dnsmasq_package = 'openstack-ironic-inspector-dnsmasq' + $inspector_dnsmasq_service = 'openstack-ironic-inspector-dnsmasq' + $inspector_api_package = 'openstack-ironic-inspector-api' + $inspector_api_service = undef + $inspector_conductor_package = 'openstack-ironic-inspector-conductor' + $inspector_conductor_service = 'openstack-ironic-inspector-conductor' + $staging_drivers_package = 'openstack-ironic-staging-drivers' + $systemd_python_package = 'systemd-python' + $ipxe_rom_dir = '/usr/share/ipxe' + $ipxe_name_base = 'ipxe-snponly' + $uefi_pxe_bootfile_name = 'bootx64.efi' + $uefi_ipxe_bootfile_name = 'snponly.efi' + $ironic_wsgi_script_path = '/var/www/cgi-bin/ironic' + $ironic_wsgi_script_source = '/usr/bin/ironic-api-wsgi' + $inspector_wsgi_script_path = '/var/www/cgi-bin/ironic-inspector' + $inspector_wsgi_script_source = '/usr/bin/ironic-inspector-api-wsgi' + $xinetd_available = false + $tftpd_package = undef + $ipxe_package = 'ipxe-bootimgs' + $pxelinux_package = undef + $pxelinux_path = undef + $syslinux_package = 'syslinux-tftpboot' + $syslinux_path = '/tftpboot' + $syslinux_files = ['pxelinux.0', 'chain.c32', 'ldlinux.c32'] + $grub_efi_package = 'grub2-efi-x64' + $shim_package = 'shim' case $facts['os']['name'] { 'RedHat': { $grub_efi_file = '/boot/efi/EFI/redhat/grubx64.efi' @@ -80,38 +86,44 @@ class ironic::params { } } 'Debian': { - $common_package_name = 'ironic-common' - $api_service = 'ironic-api' - $api_package = 'ironic-api' - $conductor_service = 'ironic-conductor' - $conductor_package = 'ironic-conductor' - $dnsmasq_tftp_package = false - $dnsmasq_tftp_service = false - $inspector_package = 'ironic-inspector' - $inspector_dnsmasq_package = false - $inspector_service = 'ironic-inspector' - $inspector_dnsmasq_service = false + $common_package_name = 'ironic-common' + $api_service = 'ironic-api' + $api_package = 'ironic-api' + $conductor_package = 'ironic-conductor' + $conductor_service = 'ironic-conductor' + $dnsmasq_tftp_package = undef + $dnsmasq_tftp_service = undef + $inspector_package = 'ironic-inspector' + $inspector_service = 'ironic-inspector' + $inspector_dnsmasq_package = undef + $inspector_dnsmasq_service = undef + $inspector_api_package = undef + $inspector_api_service = undef + $inspector_conductor_package = undef + $inspector_conductor_service = undef # guessing the name, ironic-staging-drivers is not packaged in debian yet - $staging_drivers_package = 'ironic-staging-drivers' - $systemd_python_package = 'python3-systemd' - $ipxe_rom_dir = '/usr/lib/ipxe' - $ipxe_name_base = 'snponly' - $uefi_pxe_bootfile_name = 'bootx64.efi' - $uefi_ipxe_bootfile_name = 'snponly.efi' - $ironic_wsgi_script_path = '/usr/lib/cgi-bin/ironic' - $ironic_wsgi_script_source = '/usr/bin/ironic-api-wsgi' - $xinetd_available = true - $tftpd_package = 'tftpd-hpa' - $ipxe_package = 'ipxe' - $pxelinux_package = 'pxelinux' - $pxelinux_path = '/usr/lib/PXELINUX' - $syslinux_package = 'syslinux-common' - $syslinux_path = '/usr/lib/syslinux/modules/bios' - $syslinux_files = ['chain.c32', 'libcom32.c32', 'libutil.c32'] - $grub_efi_package = 'grub-efi-amd64-signed' - $grub_efi_file = '/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed' - $shim_package = 'shim-signed' - $shim_file = '/usr/lib/shim/shimx64.efi.signed' + $staging_drivers_package = 'ironic-staging-drivers' + $systemd_python_package = 'python3-systemd' + $ipxe_rom_dir = '/usr/lib/ipxe' + $ipxe_name_base = 'snponly' + $uefi_pxe_bootfile_name = 'bootx64.efi' + $uefi_ipxe_bootfile_name = 'snponly.efi' + $ironic_wsgi_script_path = '/usr/lib/cgi-bin/ironic' + $ironic_wsgi_script_source = '/usr/bin/ironic-api-wsgi' + $inspector_wsgi_script_path = '/usr/lib/cgi-bin/ironic-inspector' + $inspector_wsgi_script_source = '/usr/bin/ironic-inspector-api-wsgi' + $xinetd_available = true + $tftpd_package = 'tftpd-hpa' + $ipxe_package = 'ipxe' + $pxelinux_package = 'pxelinux' + $pxelinux_path = '/usr/lib/PXELINUX' + $syslinux_package = 'syslinux-common' + $syslinux_path = '/usr/lib/syslinux/modules/bios' + $syslinux_files = ['chain.c32', 'libcom32.c32', 'libutil.c32'] + $grub_efi_package = 'grub-efi-amd64-signed' + $grub_efi_file = '/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed' + $shim_package = 'shim-signed' + $shim_file = '/usr/lib/shim/shimx64.efi.signed' } default: { fail("Unsupported osfamily: ${facts['os']['family']}") diff --git a/releasenotes/notes/inspector-non-standalone-redhat-bf21d0472e196e15.yaml b/releasenotes/notes/inspector-non-standalone-redhat-bf21d0472e196e15.yaml new file mode 100644 index 00000000..6ac2ae86 --- /dev/null +++ b/releasenotes/notes/inspector-non-standalone-redhat-bf21d0472e196e15.yaml @@ -0,0 +1,10 @@ +--- +features: + - | + The ``ironic::inspector`` class now supports deploying separate services + for api and conductor. Now this feature is supported in RHEL and CentOS + only. The api service should be run by httpd and mod_wsgi, which can be + deployed using the new ``ironic::inspector::wsgi::apache`` class. + + - | + The new ``ironic::inspector::coordination`` class has been added. diff --git a/spec/classes/ironic_inspector_coordination_spec.rb b/spec/classes/ironic_inspector_coordination_spec.rb new file mode 100644 index 00000000..4e6d4284 --- /dev/null +++ b/spec/classes/ironic_inspector_coordination_spec.rb @@ -0,0 +1,39 @@ +require 'spec_helper' + +describe 'ironic::inspector::coordination' do + shared_examples 'ironic::inspector::coordination' do + context 'with default parameters' do + it { + is_expected.to contain_oslo__coordination('ironic_inspector_config').with( + :backend_url => '' + ) + } + end + + context 'with specified parameters' do + let :params do + { + :backend_url => 'etcd3+http://127.0.0.1:2379', + } + end + + it { + is_expected.to contain_oslo__coordination('ironic_inspector_config').with( + :backend_url => 'etcd3+http://127.0.0.1:2379' + ) + } + end + end + + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge(OSDefaults.get_facts()) + end + + it_behaves_like 'ironic::inspector::coordination' + end + end +end diff --git a/spec/classes/ironic_inspector_spec.rb b/spec/classes/ironic_inspector_spec.rb index d95b7533..682b3e30 100644 --- a/spec/classes/ironic_inspector_spec.rb +++ b/spec/classes/ironic_inspector_spec.rb @@ -26,8 +26,7 @@ describe 'ironic::inspector' do end let :params do - { :package_ensure => 'present', - :enabled => true, + { :pxe_transfer_protocol => 'tftp', :auth_strategy => 'keystone', :dnsmasq_interface => 'br-ctlplane', @@ -73,39 +72,39 @@ describe 'ironic::inspector' do it { is_expected.to contain_class('ironic::params') } it 'installs ironic inspector package' do - if platform_params.has_key?(:inspector_package) - is_expected.to contain_package('ironic-inspector').with( - :ensure => p[:package_ensure], - :name => platform_params[:inspector_package], - :tag => ['openstack', 'ironic-inspector-package'], - ) - is_expected.to contain_package('ironic-inspector').that_requires('Anchor[ironic-inspector::install::begin]') - is_expected.to contain_package('ironic-inspector').that_notifies('Anchor[ironic-inspector::install::end]') - end + is_expected.to contain_package('ironic-inspector').with( + :ensure => 'present', + :name => platform_params[:inspector_package], + :tag => ['openstack', 'ironic-inspector-package'], + ) if platform_params.has_key?(:inspector_dnsmasq_package) is_expected.to contain_package('ironic-inspector-dnsmasq').with( - :ensure => p[:package_ensure], + :ensure => 'present', :name => platform_params[:inspector_dnsmasq_package], :tag => ['openstack', 'ironic-inspector-package'], ) - is_expected.to contain_package('ironic-inspector-dnsmasq').that_requires('Anchor[ironic-inspector::install::begin]') - is_expected.to contain_package('ironic-inspector-dnsmasq').that_notifies('Anchor[ironic-inspector::install::end]') end end it 'ensure ironic inspector service is running' do is_expected.to contain_service('ironic-inspector').with( - 'hasstatus' => true, - 'tag' => 'ironic-inspector-service', + :ensure => 'running', + :name => platform_params[:inspector_service], + :enable => true, + :hasstatus => true, + :tag => 'ironic-inspector-service', ) end it 'ensure ironic inspector dnsmasq service is running' do - if platform_params.has_key?(:inspector_dnsmasq_package) + if platform_params.has_key?(:inspector_dnsmasq_service) is_expected.to contain_service('ironic-inspector-dnsmasq').with( - 'hasstatus' => true, - 'tag' => 'ironic-inspector-dnsmasq-service', + :ensure => 'running', + :name => platform_params[:inspector_dnsmasq_service], + :enable => true, + :hasstatus => true, + :tag => 'ironic-inspector-dnsmasq-service', ) end end @@ -126,6 +125,7 @@ describe 'ironic::inspector' do is_expected.to contain_ironic_inspector_config('processing/node_not_found_hook').with_value('') is_expected.to contain_ironic_inspector_config('discovery/enroll_node_driver').with_value('') is_expected.to contain_ironic_inspector_config('port_physnet/cidr_map').with_value('') + is_expected.to contain_ironic_inspector_config('DEFAULT/standalone').with_value(true) is_expected.to contain_oslo__messaging__default('ironic_inspector_config').with( :executor_thread_pool_size => '', @@ -384,10 +384,6 @@ describe 'ironic::inspector' do end context 'when enabling ppc64le support' do - let :pre_condition do - "class { 'ironic::inspector::authtoken': password => 'password', }" - end - before do params.merge!( :enable_ppc64le => true, @@ -421,10 +417,6 @@ describe 'ironic::inspector' do end context 'when enabling ppc64le support with http default transport' do - let :pre_condition do - "class { 'ironic::inspector::authtoken': password => 'password', }" - end - before do params.merge!( :enable_ppc64le => true, @@ -452,6 +444,56 @@ describe 'ironic::inspector' do end end + shared_examples_for 'ironic inspector with non-standalone services' do + before do + params.merge!( + :standalone => false + ) + end + + it 'configures ironic-inspector.conf' do + is_expected.to contain_ironic_inspector_config('DEFAULT/standalone').with_value(false) + end + + it 'ensure ironic inspector packages are installed' do + is_expected.to contain_package('ironic-inspector').with( + :ensure => 'present', + :name => platform_params[:inspector_package], + :tag => ['openstack', 'ironic-inspector-package'], + ) + is_expected.to contain_package('ironic-inspector-api').with( + :ensure => 'present', + :name => platform_params[:inspector_api_package], + :tag => ['openstack', 'ironic-inspector-package'], + ) + is_expected.to contain_package('ironic-inspector-conductor').with( + :ensure => 'present', + :name => platform_params[:inspector_conductor_package], + :tag => ['openstack', 'ironic-inspector-package'], + ) + end + + it 'ensure ironic inspector service is stopped' do + is_expected.to contain_service('ironic-inspector').with( + :ensure => 'stopped', + :name => platform_params[:inspector_service], + :enable => false, + :hasstatus => true, + :tag => 'ironic-inspector-service', + ) + end + + it 'ensure ironic inspector conductor service is running' do + is_expected.to contain_service('ironic-inspector-conductor').with( + :ensure => 'running', + :name => platform_params[:inspector_conductor_service], + :enable => true, + :hasstatus => true, + :tag => 'ironic-inspector-service', + ) + end + end + on_supported_os({ :supported_os => OSDefaults.get_supported_os }).each do |os,facts| @@ -463,16 +505,27 @@ describe 'ironic::inspector' do let :platform_params do case facts[:os]['family'] when 'Debian' - { :inspector_package => 'ironic-inspector', - :inspector_service => 'ironic-inspector' } + { + :inspector_package => 'ironic-inspector', + :inspector_service => 'ironic-inspector' + } when 'RedHat' - { :inspector_package => 'openstack-ironic-inspector', - :inspector_dnsmasq_package => 'openstack-ironic-inspector-dnsmasq', - :inspector_service => 'ironic-inspector' } + { + :inspector_package => 'openstack-ironic-inspector', + :inspector_dnsmasq_package => 'openstack-ironic-inspector-dnsmasq', + :inspector_dnsmasq_service => 'openstack-ironic-inspector-dnsmasq', + :inspector_service => 'openstack-ironic-inspector', + :inspector_api_package => 'openstack-ironic-inspector-api', + :inspector_conductor_package => 'openstack-ironic-inspector-conductor', + :inspector_conductor_service => 'openstack-ironic-inspector-conductor' + } end end it_behaves_like 'ironic inspector' + if facts[:os]['family'] == 'RedHat' + it_behaves_like 'ironic inspector with non-standalone services' + end end end diff --git a/spec/classes/ironic_inspector_wsgi_apache_spec.rb b/spec/classes/ironic_inspector_wsgi_apache_spec.rb new file mode 100644 index 00000000..845c309a --- /dev/null +++ b/spec/classes/ironic_inspector_wsgi_apache_spec.rb @@ -0,0 +1,175 @@ +require 'spec_helper' + +describe 'ironic::inspector::wsgi::apache' do + + shared_examples_for 'apache serving ironic-inspector with mod_wsgi' do + context 'with default parameters' do + it { is_expected.to contain_class('ironic::params') } + it { is_expected.to contain_openstacklib__wsgi__apache('ironic_inspector_wsgi').with( + :bind_port => 5050, + :group => 'ironic-inspector', + :path => '/', + :priority => 10, + :servername => 'foo.example.com', + :ssl => false, + :threads => 15, + :user => 'ironic-inspector', + :workers => facts[:os_workers], + :wsgi_daemon_process => 'ironic-inspector', + :wsgi_process_group => 'ironic-inspector', + :wsgi_script_dir => platform_params[:wsgi_script_path], + :wsgi_script_file => 'app', + :wsgi_script_source => platform_params[:wsgi_script_source], + :headers => nil, + :request_headers => nil, + :custom_wsgi_process_options => {}, + :access_log_file => nil, + :access_log_pipe => nil, + :access_log_syslog => nil, + :access_log_format => nil, + :error_log_file => nil, + :error_log_pipe => nil, + :error_log_syslog => nil, + )} + end + + context 'when overriding parameters' do + let :params do + { + :servername => 'dummy.host', + :bind_host => '10.42.51.1', + :port => 12345, + :ssl => true, + :vhost_custom_fragment => 'Timeout 99', + :wsgi_process_display_name => 'ironic-inspector', + :workers => 37, + :custom_wsgi_process_options => { + 'python_path' => '/my/python/path', + }, + :headers => ['set X-XSS-Protection "1; mode=block"'], + :request_headers => ['set Content-Type "application/json"'], + } + end + it { is_expected.to contain_class('ironic::params') } + it { is_expected.to contain_openstacklib__wsgi__apache('ironic_inspector_wsgi').with( + :bind_host => '10.42.51.1', + :bind_port => 12345, + :group => 'ironic-inspector', + :path => '/', + :servername => 'dummy.host', + :ssl => true, + :threads => 15, + :user => 'ironic-inspector', + :vhost_custom_fragment => 'Timeout 99', + :workers => 37, + :wsgi_daemon_process => 'ironic-inspector', + :wsgi_process_display_name => 'ironic-inspector', + :wsgi_process_group => 'ironic-inspector', + :wsgi_script_dir => platform_params[:wsgi_script_path], + :wsgi_script_file => 'app', + :wsgi_script_source => platform_params[:wsgi_script_source], + :headers => ['set X-XSS-Protection "1; mode=block"'], + :request_headers => ['set Content-Type "application/json"'], + :custom_wsgi_process_options => { + 'python_path' => '/my/python/path', + }, + )} + end + + context 'with custom access logging' do + let :params do + { + :access_log_format => 'foo', + :access_log_syslog => 'syslog:local0', + :error_log_syslog => 'syslog:local1', + } + end + + it { should contain_openstacklib__wsgi__apache('ironic_inspector_wsgi').with( + :access_log_format => params[:access_log_format], + :access_log_syslog => params[:access_log_syslog], + :error_log_syslog => params[:error_log_syslog], + )} + end + + context 'with access_log_file' do + let :params do + { + :access_log_file => '/path/to/file', + } + end + + it { should contain_openstacklib__wsgi__apache('ironic_inspector_wsgi').with( + :access_log_file => params[:access_log_file], + )} + end + + context 'with access_log_pipe' do + let :params do + { + :access_log_pipe => 'pipe', + } + end + + it { should contain_openstacklib__wsgi__apache('ironic_inspector_wsgi').with( + :access_log_pipe => params[:access_log_pipe], + )} + end + + context 'with error_log_file' do + let :params do + { + :error_log_file => '/path/to/file', + } + end + + it { should contain_openstacklib__wsgi__apache('ironic_inspector_wsgi').with( + :error_log_file => params[:error_log_file], + )} + end + + context 'with error_log_pipe' do + let :params do + { + :error_log_pipe => 'pipe', + } + end + + it { should contain_openstacklib__wsgi__apache('ironic_inspector_wsgi').with( + :error_log_pipe => params[:error_log_pipe], + )} + end + end + + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge(OSDefaults.get_facts({ + :os_workers => 8, + })) + end + + let :platform_params do + case facts[:os]['family'] + when 'Debian' + { + :wsgi_script_path => '/usr/lib/cgi-bin/ironic-inspector', + :wsgi_script_source => '/usr/bin/ironic-inspector-api-wsgi', + } + when 'RedHat' + { + :wsgi_script_path => '/var/www/cgi-bin/ironic-inspector', + :wsgi_script_source => '/usr/bin/ironic-inspector-api-wsgi', + } + end + end + + if facts[:os]['family'] == 'RedHat' + it_behaves_like 'apache serving ironic-inspector with mod_wsgi' + end + end + end + +end