From 44f7959051ae382deb820be33d66eb8f741eaf81 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Wed, 11 Jan 2023 17:19:02 +0900 Subject: [PATCH] Allow customizing qemu user This change introduces the parameter to customize the user option which determines the user to run the qemu system process. Change-Id: I2e2213532b88f2224950a601220417bd6e102007 --- manifests/compute/libvirt/qemu.pp | 22 ++++++++++++++++++- .../notes/qemu-user-2dfecf8a9291b3a2.yaml | 4 ++++ .../classes/nova_compute_libvirt_qemu_spec.rb | 16 +++++++++++--- 3 files changed, 38 insertions(+), 4 deletions(-) create mode 100644 releasenotes/notes/qemu-user-2dfecf8a9291b3a2.yaml diff --git a/manifests/compute/libvirt/qemu.pp b/manifests/compute/libvirt/qemu.pp index e8fb0201d..d1f0e8def 100644 --- a/manifests/compute/libvirt/qemu.pp +++ b/manifests/compute/libvirt/qemu.pp @@ -8,6 +8,10 @@ # (optional) Whether or not configure qemu bits. # Defaults to false. # +# [*user*] +# (optional) User for qemu processes run by the system instance. +# Defaults to undef. +# # [*group*] # (optional) Group under which the qemu should run. # Defaults to undef. @@ -48,6 +52,7 @@ # class nova::compute::libvirt::qemu( $configure_qemu = false, + $user = undef, $group = undef, $max_files = 1024, $max_processes = 4096, @@ -100,11 +105,19 @@ class nova::compute::libvirt::qemu( "set vnc_tls_x509_verify ${vnc_tls_verify_value}", "set default_tls_x509_verify ${default_tls_verify_value}", ] + + if $user and !empty($user) { + $augues_user_changes = ["set user ${user}"] + } else { + $augues_user_changes = ['rm user'] + } + if $group and !empty($group) { $augues_group_changes = ["set group ${group}"] } else { $augues_group_changes = ['rm group'] } + if $memory_backing_dir and !empty($memory_backing_dir) { $augues_memory_backing_dir_changes = ["set memory_backing_dir ${memory_backing_dir}"] } else { @@ -112,7 +125,13 @@ class nova::compute::libvirt::qemu( } $augues_nbd_tls_changes = ["set nbd_tls ${nbd_tls_value}"] - $augues_changes = concat($augues_changes_default, $augues_group_changes, $augues_memory_backing_dir_changes, $augues_nbd_tls_changes) + $augues_changes = concat( + $augues_changes_default, + $augues_user_changes, + $augues_group_changes, + $augues_memory_backing_dir_changes, + $augues_nbd_tls_changes + ) augeas { 'qemu-conf-limits': context => '/files/etc/libvirt/qemu.conf', @@ -127,6 +146,7 @@ class nova::compute::libvirt::qemu( 'rm vnc_tls', 'rm vnc_tls_x509_verify', 'rm default_tls_x509_verify', + 'rm user', 'rm group', 'rm memory_backing_dir', 'rm nbd_tls', diff --git a/releasenotes/notes/qemu-user-2dfecf8a9291b3a2.yaml b/releasenotes/notes/qemu-user-2dfecf8a9291b3a2.yaml new file mode 100644 index 000000000..8f09262eb --- /dev/null +++ b/releasenotes/notes/qemu-user-2dfecf8a9291b3a2.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + The new ``nova::compute::libvirt::qemu::user`` parameter has been added. diff --git a/spec/classes/nova_compute_libvirt_qemu_spec.rb b/spec/classes/nova_compute_libvirt_qemu_spec.rb index 81f8afcf5..39996bb35 100644 --- a/spec/classes/nova_compute_libvirt_qemu_spec.rb +++ b/spec/classes/nova_compute_libvirt_qemu_spec.rb @@ -18,6 +18,7 @@ describe 'nova::compute::libvirt::qemu' do "rm vnc_tls", "rm vnc_tls_x509_verify", "rm default_tls_x509_verify", + "rm user", "rm group", "rm memory_backing_dir", "rm nbd_tls", @@ -39,6 +40,7 @@ describe 'nova::compute::libvirt::qemu' do "set vnc_tls 0", "set vnc_tls_x509_verify 0", "set default_tls_x509_verify 1", + "rm user", "rm group", "rm memory_backing_dir", "set nbd_tls 0", @@ -63,6 +65,7 @@ describe 'nova::compute::libvirt::qemu' do "set vnc_tls 0", "set vnc_tls_x509_verify 0", "set default_tls_x509_verify 1", + "rm user", "rm group", "rm memory_backing_dir", "set nbd_tls 0", @@ -71,11 +74,12 @@ describe 'nova::compute::libvirt::qemu' do }) } end - context 'when configuring qemu with group parameter' do + context 'when configuring qemu with user/group parameter' do let :params do { :configure_qemu => true, - :group => 'openvswitch', + :user => 'qemu-user', + :group => 'qemu-group', :max_files => 32768, :max_processes => 131072, :memory_backing_dir => '/tmp', @@ -89,7 +93,8 @@ describe 'nova::compute::libvirt::qemu' do "set vnc_tls 0", "set vnc_tls_x509_verify 0", "set default_tls_x509_verify 1", - "set group openvswitch", + "set user qemu-user", + "set group qemu-group", "set memory_backing_dir /tmp", "set nbd_tls 0", ], @@ -112,6 +117,7 @@ describe 'nova::compute::libvirt::qemu' do "set vnc_tls 1", "set vnc_tls_x509_verify 1", "set default_tls_x509_verify 1", + "rm user", "rm group", "rm memory_backing_dir", "set nbd_tls 0", @@ -135,6 +141,7 @@ describe 'nova::compute::libvirt::qemu' do "set vnc_tls 0", "set vnc_tls_x509_verify 0", "set default_tls_x509_verify 1", + "rm user", "rm group", "rm memory_backing_dir", "set nbd_tls 0", @@ -159,6 +166,7 @@ describe 'nova::compute::libvirt::qemu' do "set vnc_tls 1", "set vnc_tls_x509_verify 0", "set default_tls_x509_verify 1", + "rm user", "rm group", "rm memory_backing_dir", "set nbd_tls 0", @@ -182,6 +190,7 @@ describe 'nova::compute::libvirt::qemu' do "set vnc_tls 0", "set vnc_tls_x509_verify 0", "set default_tls_x509_verify 0", + "rm user", "rm group", "rm memory_backing_dir", "set nbd_tls 0", @@ -205,6 +214,7 @@ describe 'nova::compute::libvirt::qemu' do "set vnc_tls 0", "set vnc_tls_x509_verify 0", "set default_tls_x509_verify 1", + "rm user", "rm group", "rm memory_backing_dir", "set nbd_tls 1",