From 6686406bce9e7fc9623dea130daa3f16c0f93905 Mon Sep 17 00:00:00 2001 From: Martin Schuppert Date: Tue, 23 Oct 2018 17:10:32 +0200 Subject: [PATCH] Split off metadata vendordata plugin in own class A recent change making nova-metadata-api work with wsgi [1] moved the vendordata plugin parameters to the nova::metadata manifest. While this is conceptually correct as nova-metadata is the one that should be using this parameters. In practice the parameters are also used in compute drivers (in the ironic driver, for instance), thats why we should split them to be able to deploy nova-metadata-api separate from nova-compute. [1] https://review.openstack.org/#/c/582621/ Change-Id: Ic3654c79d8cf275f0c58d57a4b66e2598450a7ed Related-Bug: 1799352 --- manifests/api.pp | 104 +++++----- manifests/compute.pp | 1 + manifests/metadata.pp | 103 +++++----- ...ordata_from_metadata-5bc86b342574d8e8.yaml | 11 ++ manifests/vendordata.pp | 183 ++++++++++++++++++ spec/classes/nova_api_spec.rb | 42 ++-- spec/classes/nova_compute_spec.rb | 17 ++ spec/classes/nova_metadata_spec.rb | 14 -- spec/classes/nova_vendordata_spec.rb | 94 +++++++++ 9 files changed, 416 insertions(+), 153 deletions(-) create mode 100644 manifests/releasenotes/notes/split_vendordata_from_metadata-5bc86b342574d8e8.yaml create mode 100644 manifests/vendordata.pp create mode 100644 spec/classes/nova_vendordata_spec.rb diff --git a/manifests/api.pp b/manifests/api.pp index 41f656cb4..b58e2fb92 100644 --- a/manifests/api.pp +++ b/manifests/api.pp @@ -182,65 +182,65 @@ # available to the instances via the metadata service, and to the rendering of # config-drive. The default class for this, JsonFileVendorData, loads this # information from a JSON file, whose path is configured by this option -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_providers*] # (optional) vendordata providers are how deployers can provide metadata via # configdrive and metadata that is specific to their deployment. There are # currently two supported providers: StaticJSON and DynamicJSON. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_targets*] # (optional) A list of targets for the dynamic vendordata provider. These # targets are of the form @. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_connect_timeout*] # (optional) Maximum wait time for an external REST service to connect. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_read_timeout*] # (optional) Maximum wait time for an external REST service to return data # once connected. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_failure_fatal*] # (optional) Should failures to fetch dynamic vendordata be fatal to # instance boot? -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_auth_type*] # (optional) Authentication type to load for vendordata dynamic plugins. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_auth_url*] # (optional) URL to use for authenticating. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_os_region_name*] # (optional) Region name for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_password*] # (optional) Password for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_project_domain_name*] # (optional) Project domain name for the vendordata dynamic plugin # credentials. -# Defaults to 'Default' +# Defaults to undef. # # [*vendordata_dynamic_auth_project_name*] # (optional) Project name for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_user_domain_name*] # (optional) User domain name for the vendordata dynamic plugin credentials. -# Defaults to 'Default' +# Defaults to undef. # # [*vendordata_dynamic_auth_username*] # (optional) User name for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default +# Defaults to undef. # # [*fping_path*] # (optional) Full path to fping. @@ -272,12 +272,6 @@ class nova::api( $service_name = $::nova::params::api_service_name, $enable_proxy_headers_parsing = $::os_service_default, $metadata_cache_expiration = $::os_service_default, - $vendordata_jsonfile_path = $::os_service_default, - $vendordata_providers = $::os_service_default, - $vendordata_dynamic_targets = $::os_service_default, - $vendordata_dynamic_connect_timeout = $::os_service_default, - $vendordata_dynamic_read_timeout = $::os_service_default, - $vendordata_dynamic_failure_fatal = $::os_service_default, $max_limit = $::os_service_default, $compute_link_prefix = $::os_service_default, $glance_link_prefix = $::os_service_default, @@ -288,17 +282,23 @@ class nova::api( $password_length = $::os_service_default, $install_cinder_client = true, $allow_resize_to_same_host = false, - $vendordata_dynamic_auth_auth_type = $::os_service_default, - $vendordata_dynamic_auth_auth_url = $::os_service_default, - $vendordata_dynamic_auth_os_region_name = $::os_service_default, - $vendordata_dynamic_auth_password = $::os_service_default, - $vendordata_dynamic_auth_project_domain_name = 'Default', - $vendordata_dynamic_auth_project_name = $::os_service_default, - $vendordata_dynamic_auth_user_domain_name = 'Default', - $vendordata_dynamic_auth_username = $::os_service_default, # DEPRECATED PARAMETER $nova_metadata_wsgi_enabled = false, $fping_path = undef, + $vendordata_jsonfile_path = undef, + $vendordata_providers = undef, + $vendordata_dynamic_targets = undef, + $vendordata_dynamic_connect_timeout = undef, + $vendordata_dynamic_read_timeout = undef, + $vendordata_dynamic_failure_fatal = undef, + $vendordata_dynamic_auth_auth_type = undef, + $vendordata_dynamic_auth_auth_url = undef, + $vendordata_dynamic_auth_os_region_name = undef, + $vendordata_dynamic_auth_password = undef, + $vendordata_dynamic_auth_project_domain_name = undef, + $vendordata_dynamic_auth_project_name = undef, + $vendordata_dynamic_auth_user_domain_name = undef, + $vendordata_dynamic_auth_username = undef, ) inherits nova::params { include ::nova::deps @@ -329,20 +329,6 @@ class nova::api( } } - if !is_service_default($vendordata_providers) and !empty($vendordata_providers){ - validate_array($vendordata_providers) - $vendordata_providers_real = join($vendordata_providers, ',') - } else { - $vendordata_providers_real = $::os_service_default - } - - if !is_service_default($vendordata_dynamic_targets) and !empty($vendordata_dynamic_targets){ - validate_array($vendordata_dynamic_targets) - $vendordata_dynamic_targets_real = join($vendordata_dynamic_targets, ',') - } else { - $vendordata_dynamic_targets_real = $::os_service_default - } - # enable metadata in eventlet if we do not run metadata via wsgi (nova::metadata) if ('metadata' in $enabled_apis and $service_name == 'httpd' and !$nova_metadata_wsgi_enabled) { $enable_metadata = true @@ -391,26 +377,32 @@ as a standalone service, or httpd for being run by a httpd server") } if !$nova_metadata_wsgi_enabled { + if (length(delete_undef_values([$vendordata_jsonfile_path, + $vendordata_providers, + $vendordata_dynamic_targets, + $vendordata_dynamic_connect_timeout, + $vendordata_dynamic_read_timeout, + $vendordata_dynamic_failure_fatal, + $vendordata_dynamic_auth_auth_type, + $vendordata_dynamic_auth_auth_url, + $vendordata_dynamic_auth_os_region_name, + $vendordata_dynamic_auth_password, + $vendordata_dynamic_auth_project_domain_name, + $vendordata_dynamic_auth_project_name, + $vendordata_dynamic_auth_user_domain_name, + $vendordata_dynamic_auth_username])) > 0) { + warning('Vendordata parameters are deprecated in nova::api, nova::vendordata should be used instead.') + } + class { '::nova::vendordata': + vendordata_caller => 'api', + } + nova_config { 'DEFAULT/enabled_apis': value => join($enabled_apis_real, ','); 'DEFAULT/metadata_workers': value => $metadata_workers; 'DEFAULT/metadata_listen': value => $metadata_listen; 'DEFAULT/metadata_listen_port': value => $metadata_listen_port; - 'api/vendordata_jsonfile_path': value => $vendordata_jsonfile_path; - 'api/vendordata_providers': value => $vendordata_providers_real; - 'api/vendordata_dynamic_targets': value => $vendordata_dynamic_targets_real; - 'api/vendordata_dynamic_connect_timeout': value => $vendordata_dynamic_connect_timeout; - 'api/vendordata_dynamic_read_timeout': value => $vendordata_dynamic_read_timeout; - 'api/vendordata_dynamic_failure_fatal': value => $vendordata_dynamic_failure_fatal; 'api/metadata_cache_expiration': value => $metadata_cache_expiration; - 'vendordata_dynamic_auth/auth_type': value => $vendordata_dynamic_auth_auth_type; - 'vendordata_dynamic_auth/auth_url': value => $vendordata_dynamic_auth_auth_url; - 'vendordata_dynamic_auth/os_region_name': value => $vendordata_dynamic_auth_os_region_name; - 'vendordata_dynamic_auth/password': value => $vendordata_dynamic_auth_password, secret => true; - 'vendordata_dynamic_auth/project_domain_name': value => $vendordata_dynamic_auth_project_domain_name; - 'vendordata_dynamic_auth/project_name': value => $vendordata_dynamic_auth_project_name; - 'vendordata_dynamic_auth/user_domain_name': value => $vendordata_dynamic_auth_user_domain_name; - 'vendordata_dynamic_auth/username': value => $vendordata_dynamic_auth_username; } if ($neutron_metadata_proxy_shared_secret){ diff --git a/manifests/compute.pp b/manifests/compute.pp index c1b8df47e..36d2c0867 100644 --- a/manifests/compute.pp +++ b/manifests/compute.pp @@ -233,6 +233,7 @@ class nova::compute ( include ::nova::pci include ::nova::compute::vgpu + include ::nova::vendordata if $vnc_keymap { warning('vnc_keymap parameter is deprecated, has no effect and will be removed in the future.') diff --git a/manifests/metadata.pp b/manifests/metadata.pp index a1d255ae0..c563f278f 100644 --- a/manifests/metadata.pp +++ b/manifests/metadata.pp @@ -21,130 +21,123 @@ # (optional) This option is the time (in seconds) to cache metadata. # Defaults to $::os_service_default # +# DEPRECATED +# # [*vendordata_jsonfile_path*] # (optional) Represent the path to the data file. # Cloud providers may store custom data in vendor data file that will then be # available to the instances via the metadata service, and to the rendering of # config-drive. The default class for this, JsonFileVendorData, loads this # information from a JSON file, whose path is configured by this option -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_providers*] # (optional) vendordata providers are how deployers can provide metadata via # configdrive and metadata that is specific to their deployment. There are # currently two supported providers: StaticJSON and DynamicJSON. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_targets*] # (optional) A list of targets for the dynamic vendordata provider. These # targets are of the form @. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_connect_timeout*] # (optional) Maximum wait time for an external REST service to connect. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_read_timeout*] # (optional) Maximum wait time for an external REST service to return data # once connected. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_failure_fatal*] # (optional) Should failures to fetch dynamic vendordata be fatal to # instance boot? -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_auth_type*] # (optional) Authentication type to load for vendordata dynamic plugins. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_auth_url*] # (optional) URL to use for authenticating. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_os_region_name*] # (optional) Region name for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_password*] # (optional) Password for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_project_domain_name*] # (optional) Project domain name for the vendordata dynamic plugin # credentials. -# Defaults to 'Default' +# Defaults to undef. # # [*vendordata_dynamic_auth_project_name*] # (optional) Project name for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default +# Defaults to undef. # # [*vendordata_dynamic_auth_user_domain_name*] # (optional) User domain name for the vendordata dynamic plugin credentials. -# Defaults to 'Default' +# Defaults to undef. # # [*vendordata_dynamic_auth_username*] # (optional) User name for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default -# -# DEPRECATED +# Defaults to undef. # class nova::metadata( $enabled_apis = 'metadata', $neutron_metadata_proxy_shared_secret = undef, $enable_proxy_headers_parsing = $::os_service_default, $metadata_cache_expiration = $::os_service_default, - $vendordata_jsonfile_path = $::os_service_default, - $vendordata_providers = $::os_service_default, - $vendordata_dynamic_targets = $::os_service_default, - $vendordata_dynamic_connect_timeout = $::os_service_default, - $vendordata_dynamic_read_timeout = $::os_service_default, - $vendordata_dynamic_failure_fatal = $::os_service_default, - $vendordata_dynamic_auth_auth_type = $::os_service_default, - $vendordata_dynamic_auth_auth_url = $::os_service_default, - $vendordata_dynamic_auth_os_region_name = $::os_service_default, - $vendordata_dynamic_auth_password = $::os_service_default, - $vendordata_dynamic_auth_project_domain_name = 'Default', - $vendordata_dynamic_auth_project_name = $::os_service_default, - $vendordata_dynamic_auth_user_domain_name = 'Default', - $vendordata_dynamic_auth_username = $::os_service_default, + # DEPRECATED PARAMETERS + $vendordata_jsonfile_path = undef, + $vendordata_providers = undef, + $vendordata_dynamic_targets = undef, + $vendordata_dynamic_connect_timeout = undef, + $vendordata_dynamic_read_timeout = undef, + $vendordata_dynamic_failure_fatal = undef, + $vendordata_dynamic_auth_auth_type = undef, + $vendordata_dynamic_auth_auth_url = undef, + $vendordata_dynamic_auth_os_region_name = undef, + $vendordata_dynamic_auth_password = undef, + $vendordata_dynamic_auth_project_domain_name = undef, + $vendordata_dynamic_auth_project_name = undef, + $vendordata_dynamic_auth_user_domain_name = undef, + $vendordata_dynamic_auth_username = undef, ) inherits nova::params { include ::nova::deps include ::nova::db include ::nova::keystone::authtoken - if !is_service_default($vendordata_providers) and !empty($vendordata_providers){ - validate_array($vendordata_providers) - $vendordata_providers_real = join($vendordata_providers, ',') - } else { - $vendordata_providers_real = $::os_service_default + if (length(delete_undef_values([$vendordata_jsonfile_path, + $vendordata_providers, + $vendordata_dynamic_targets, + $vendordata_dynamic_connect_timeout, + $vendordata_dynamic_read_timeout, + $vendordata_dynamic_failure_fatal, + $vendordata_dynamic_auth_auth_type, + $vendordata_dynamic_auth_auth_url, + $vendordata_dynamic_auth_os_region_name, + $vendordata_dynamic_auth_password, + $vendordata_dynamic_auth_project_domain_name, + $vendordata_dynamic_auth_project_name, + $vendordata_dynamic_auth_user_domain_name, + $vendordata_dynamic_auth_username])) > 0) { + warning('Vendordata parameters are deprecated in nova::metadata, nova::vendordata should be used instead.') } - - if !is_service_default($vendordata_dynamic_targets) and !empty($vendordata_dynamic_targets){ - validate_array($vendordata_dynamic_targets) - $vendordata_dynamic_targets_real = join($vendordata_dynamic_targets, ',') - } else { - $vendordata_dynamic_targets_real = $::os_service_default + class { '::nova::vendordata': + vendordata_caller => 'metadata', } nova_config { 'DEFAULT/enabled_apis': value => $enabled_apis; 'api/metadata_cache_expiration': value => $metadata_cache_expiration; - 'api/vendordata_jsonfile_path': value => $vendordata_jsonfile_path; - 'api/vendordata_providers': value => $vendordata_providers_real; - 'api/vendordata_dynamic_targets': value => $vendordata_dynamic_targets_real; - 'api/vendordata_dynamic_connect_timeout': value => $vendordata_dynamic_connect_timeout; - 'api/vendordata_dynamic_read_timeout': value => $vendordata_dynamic_read_timeout; - 'api/vendordata_dynamic_failure_fatal': value => $vendordata_dynamic_failure_fatal; - 'vendordata_dynamic_auth/auth_type': value => $vendordata_dynamic_auth_auth_type; - 'vendordata_dynamic_auth/auth_url': value => $vendordata_dynamic_auth_auth_url; - 'vendordata_dynamic_auth/os_region_name': value => $vendordata_dynamic_auth_os_region_name; - 'vendordata_dynamic_auth/password': value => $vendordata_dynamic_auth_password, secret => true; - 'vendordata_dynamic_auth/project_domain_name': value => $vendordata_dynamic_auth_project_domain_name; - 'vendordata_dynamic_auth/project_name': value => $vendordata_dynamic_auth_project_name; - 'vendordata_dynamic_auth/user_domain_name': value => $vendordata_dynamic_auth_user_domain_name; - 'vendordata_dynamic_auth/username': value => $vendordata_dynamic_auth_username; } oslo::middleware {'nova_config': diff --git a/manifests/releasenotes/notes/split_vendordata_from_metadata-5bc86b342574d8e8.yaml b/manifests/releasenotes/notes/split_vendordata_from_metadata-5bc86b342574d8e8.yaml new file mode 100644 index 000000000..f1f215509 --- /dev/null +++ b/manifests/releasenotes/notes/split_vendordata_from_metadata-5bc86b342574d8e8.yaml @@ -0,0 +1,11 @@ +--- +fixes: + - | + A recent change making nova-metadata-api work with wsgi + https://review.openstack.org/#/c/582621/ moved the vendordata plugin + parameters to the nova::metadata manifest. + While this is conceptually correct as nova-metadata is the one that + should be using this parameters. In practice the parameters are also + used in compute drivers (in the ironic driver, for instance), thats + why we should split them to be able to deploy nova-metadata-api + separate from nova-compute. diff --git a/manifests/vendordata.pp b/manifests/vendordata.pp new file mode 100644 index 000000000..28d73c365 --- /dev/null +++ b/manifests/vendordata.pp @@ -0,0 +1,183 @@ +# Class nova::vendordata +# +# Configures nova vendordata options +# +# === Parameters: +# +# [*vendordata_jsonfile_path*] +# (optional) Represent the path to the data file. +# Cloud providers may store custom data in vendor data file that will then be +# available to the instances via the metadata service, and to the rendering of +# config-drive. The default class for this, JsonFileVendorData, loads this +# information from a JSON file, whose path is configured by this option +# Defaults to $::os_service_default +# +# [*vendordata_providers*] +# (optional) vendordata providers are how deployers can provide metadata via +# configdrive and metadata that is specific to their deployment. There are +# currently two supported providers: StaticJSON and DynamicJSON. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_targets*] +# (optional) A list of targets for the dynamic vendordata provider. These +# targets are of the form @. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_connect_timeout*] +# (optional) Maximum wait time for an external REST service to connect. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_read_timeout*] +# (optional) Maximum wait time for an external REST service to return data +# once connected. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_failure_fatal*] +# (optional) Should failures to fetch dynamic vendordata be fatal to +# instance boot? +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_auth_auth_type*] +# (optional) Authentication type to load for vendordata dynamic plugins. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_auth_auth_url*] +# (optional) URL to use for authenticating. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_auth_os_region_name*] +# (optional) Region name for the vendordata dynamic plugin credentials. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_auth_password*] +# (optional) Password for the vendordata dynamic plugin credentials. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_auth_project_domain_name*] +# (optional) Project domain name for the vendordata dynamic plugin +# credentials. +# Defaults to 'Default' +# +# [*vendordata_dynamic_auth_project_name*] +# (optional) Project name for the vendordata dynamic plugin credentials. +# Defaults to $::os_service_default +# +# [*vendordata_dynamic_auth_user_domain_name*] +# (optional) User domain name for the vendordata dynamic plugin credentials. +# Defaults to 'Default' +# +# [*vendordata_dynamic_auth_username*] +# (optional) User name for the vendordata dynamic plugin credentials. +# Defaults to $::os_service_default +# +# DEPRECATED +# +# [*vendordata_caller*] +# (optional) calling class to be able to consider if we come from +# ::nova::metadata or ::nova::api. This is only needed until the backward +# compatability in parameters are removed in these classes. +# Defaults to undef. +# +class nova::vendordata( + $vendordata_jsonfile_path = $::os_service_default, + $vendordata_providers = $::os_service_default, + $vendordata_dynamic_targets = $::os_service_default, + $vendordata_dynamic_connect_timeout = $::os_service_default, + $vendordata_dynamic_read_timeout = $::os_service_default, + $vendordata_dynamic_failure_fatal = $::os_service_default, + $vendordata_dynamic_auth_auth_type = $::os_service_default, + $vendordata_dynamic_auth_auth_url = $::os_service_default, + $vendordata_dynamic_auth_os_region_name = $::os_service_default, + $vendordata_dynamic_auth_password = $::os_service_default, + $vendordata_dynamic_auth_project_domain_name = 'Default', + $vendordata_dynamic_auth_project_name = $::os_service_default, + $vendordata_dynamic_auth_user_domain_name = 'Default', + $vendordata_dynamic_auth_username = $::os_service_default, + # DEPRECATED + $vendordata_caller = undef, +) inherits nova::params { + include ::nova::deps + + # TODO(mschuppert): In order to keep backward compatibility we rely on the + # pick function. When vendordata parameters got removed from ::nova::api and + # ::nova::metadata, we remove the checkes here. + if $vendordata_caller { + if ($vendordata_caller == 'metadata') { + $vendordata_jsonfile_path_real = pick($::nova::metadata::vendordata_jsonfile_path, $vendordata_jsonfile_path) + $vendordata_providers_pick = pick($::nova::metadata::vendordata_providers, $vendordata_providers) + $vendordata_dynamic_targets_pick = pick($::nova::metadata::vendordata_dynamic_targets, $vendordata_dynamic_targets) + $vendordata_dynamic_connect_timeout_real = pick($::nova::metadata::vendordata_dynamic_connect_timeout, $vendordata_dynamic_connect_timeout) + $vendordata_dynamic_read_timeout_real = pick($::nova::metadata::vendordata_dynamic_read_timeout, $vendordata_dynamic_read_timeout) + $vendordata_dynamic_failure_fatal_real = pick($::nova::metadata::vendordata_dynamic_failure_fatal, $vendordata_dynamic_failure_fatal) + $vendordata_dynamic_auth_auth_type_real = pick($::nova::metadata::vendordata_dynamic_auth_auth_type, $vendordata_dynamic_auth_auth_type) + $vendordata_dynamic_auth_auth_url_real = pick($::nova::metadata::vendordata_dynamic_auth_auth_url, $vendordata_dynamic_auth_auth_url) + $vendordata_dynamic_auth_os_region_name_real = pick($::nova::metadata::vendordata_dynamic_auth_os_region_name, $vendordata_dynamic_auth_os_region_name) + $vendordata_dynamic_auth_password_real = pick($::nova::metadata::vendordata_dynamic_auth_password, $vendordata_dynamic_auth_password) + $vendordata_dynamic_auth_project_domain_name_real = pick($::nova::metadata::vendordata_dynamic_auth_project_domain_name, $vendordata_dynamic_auth_project_domain_name) + $vendordata_dynamic_auth_project_name_real = pick($::nova::metadata::vendordata_dynamic_auth_project_name, $vendordata_dynamic_auth_project_name) + $vendordata_dynamic_auth_user_domain_name_real = pick($::nova::metadata::vendordata_dynamic_auth_user_domain_name, $vendordata_dynamic_auth_user_domain_name) + $vendordata_dynamic_auth_username_real = pick($::nova::metadata::vendordata_dynamic_auth_username, $vendordata_dynamic_auth_username) + } elsif ($vendordata_caller == 'api') { + $vendordata_jsonfile_path_real = pick($::nova::api::vendordata_jsonfile_path, $vendordata_jsonfile_path) + $vendordata_providers_pick = pick($::nova::api::vendordata_providers, $vendordata_providers) + $vendordata_dynamic_targets_pick = pick($::nova::api::vendordata_dynamic_targets, $vendordata_dynamic_targets) + $vendordata_dynamic_connect_timeout_real = pick($::nova::api::vendordata_dynamic_connect_timeout, $vendordata_dynamic_connect_timeout) + $vendordata_dynamic_read_timeout_real = pick($::nova::api::vendordata_dynamic_read_timeout, $vendordata_dynamic_read_timeout) + $vendordata_dynamic_failure_fatal_real = pick($::nova::api::vendordata_dynamic_failure_fatal, $vendordata_dynamic_failure_fatal) + $vendordata_dynamic_auth_auth_type_real = pick($::nova::api::vendordata_dynamic_auth_auth_type, $vendordata_dynamic_auth_auth_type) + $vendordata_dynamic_auth_auth_url_real = pick($::nova::api::vendordata_dynamic_auth_auth_url, $vendordata_dynamic_auth_auth_url) + $vendordata_dynamic_auth_os_region_name_real = pick($::nova::api::vendordata_dynamic_auth_os_region_name, $vendordata_dynamic_auth_os_region_name) + $vendordata_dynamic_auth_password_real = pick($::nova::api::vendordata_dynamic_auth_password, $vendordata_dynamic_auth_password) + $vendordata_dynamic_auth_project_domain_name_real = pick($::nova::api::vendordata_dynamic_auth_project_domain_name, $vendordata_dynamic_auth_project_domain_name) + $vendordata_dynamic_auth_project_name_real = pick($::nova::api::vendordata_dynamic_auth_project_name, $vendordata_dynamic_auth_project_name) + $vendordata_dynamic_auth_user_domain_name_real = pick($::nova::api::vendordata_dynamic_auth_user_domain_name, $vendordata_dynamic_auth_user_domain_name) + $vendordata_dynamic_auth_username_real = pick($::nova::api::vendordata_dynamic_auth_username, $vendordata_dynamic_auth_username) + } + } else { + $vendordata_jsonfile_path_real = $vendordata_jsonfile_path + $vendordata_providers_pick = $vendordata_providers + $vendordata_dynamic_targets_pick = $vendordata_dynamic_targets + $vendordata_dynamic_connect_timeout_real = $vendordata_dynamic_connect_timeout + $vendordata_dynamic_read_timeout_real = $vendordata_dynamic_read_timeout + $vendordata_dynamic_failure_fatal_real = $vendordata_dynamic_failure_fatal + $vendordata_dynamic_auth_auth_type_real = $vendordata_dynamic_auth_auth_type + $vendordata_dynamic_auth_auth_url_real = $vendordata_dynamic_auth_auth_url + $vendordata_dynamic_auth_os_region_name_real = $vendordata_dynamic_auth_os_region_name + $vendordata_dynamic_auth_password_real = $vendordata_dynamic_auth_password + $vendordata_dynamic_auth_project_domain_name_real = $vendordata_dynamic_auth_project_domain_name + $vendordata_dynamic_auth_project_name_real = $vendordata_dynamic_auth_project_name + $vendordata_dynamic_auth_user_domain_name_real = $vendordata_dynamic_auth_user_domain_name + $vendordata_dynamic_auth_username_real = $vendordata_dynamic_auth_username + } + + if !is_service_default($vendordata_providers_pick) and !empty($vendordata_providers_pick){ + validate_array($vendordata_providers_pick) + $vendordata_providers_real = join($vendordata_providers_pick, ',') + } else { + $vendordata_providers_real = $::os_service_default + } + + if !is_service_default($vendordata_dynamic_targets_pick) and !empty($vendordata_dynamic_targets_pick){ + validate_array($vendordata_dynamic_targets_pick) + $vendordata_dynamic_targets_real = join($vendordata_dynamic_targets_pick, ',') + } else { + $vendordata_dynamic_targets_real = $::os_service_default + } + + nova_config { + 'api/vendordata_jsonfile_path': value => $vendordata_jsonfile_path_real; + 'api/vendordata_providers': value => $vendordata_providers_real; + 'api/vendordata_dynamic_targets': value => $vendordata_dynamic_targets_real; + 'api/vendordata_dynamic_connect_timeout': value => $vendordata_dynamic_connect_timeout_real; + 'api/vendordata_dynamic_read_timeout': value => $vendordata_dynamic_read_timeout_real; + 'api/vendordata_dynamic_failure_fatal': value => $vendordata_dynamic_failure_fatal_real; + 'vendordata_dynamic_auth/auth_type': value => $vendordata_dynamic_auth_auth_type_real; + 'vendordata_dynamic_auth/auth_url': value => $vendordata_dynamic_auth_auth_url_real; + 'vendordata_dynamic_auth/os_region_name': value => $vendordata_dynamic_auth_os_region_name_real; + 'vendordata_dynamic_auth/password': value => $vendordata_dynamic_auth_password_real, secret => true; + 'vendordata_dynamic_auth/project_domain_name': value => $vendordata_dynamic_auth_project_domain_name_real; + 'vendordata_dynamic_auth/project_name': value => $vendordata_dynamic_auth_project_name_real; + 'vendordata_dynamic_auth/user_domain_name': value => $vendordata_dynamic_auth_user_domain_name_real; + 'vendordata_dynamic_auth/username': value => $vendordata_dynamic_auth_username_real; + } +} diff --git a/spec/classes/nova_api_spec.rb b/spec/classes/nova_api_spec.rb index 3b1e5799d..8dfbdf85d 100644 --- a/spec/classes/nova_api_spec.rb +++ b/spec/classes/nova_api_spec.rb @@ -56,12 +56,6 @@ describe 'nova::api' do :enable_proxy_headers_parsing => '', ) is_expected.to contain_nova_config('api/metadata_cache_expiration').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_jsonfile_path').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_providers').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_dynamic_targets').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_dynamic_connect_timeout').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_dynamic_read_timeout').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_dynamic_failure_fatal').with('value' => '') is_expected.to contain_nova_config('api/max_limit').with('value' => '') is_expected.to contain_nova_config('api/compute_link_prefix').with('value' => '') is_expected.to contain_nova_config('api/glance_link_prefix').with('value' => '') @@ -71,14 +65,6 @@ describe 'nova::api' do is_expected.to contain_nova_config('api/enable_instance_password').with('value' => '') is_expected.to contain_nova_config('DEFAULT/password_length').with('value' => '') is_expected.to contain_nova_config('DEFAULT/allow_resize_to_same_host').with('value' => false) - is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_type').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_url').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/os_region_name').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/password').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/project_domain_name').with('value' => 'Default') - is_expected.to contain_nova_config('vendordata_dynamic_auth/project_name').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/user_domain_name').with('value' => 'Default') - is_expected.to contain_nova_config('vendordata_dynamic_auth/username').with('value' => '') end it 'unconfigures neutron_metadata proxy' do @@ -103,12 +89,6 @@ describe 'nova::api' do :metadata_workers => 2, :enable_proxy_headers_parsing => true, :metadata_cache_expiration => 15, - :vendordata_jsonfile_path => '/tmp', - :vendordata_providers => ['StaticJSON', 'DynamicJSON'], - :vendordata_dynamic_targets => ['join@http://127.0.0.1:9999/v1/'], - :vendordata_dynamic_connect_timeout => 30, - :vendordata_dynamic_read_timeout => 30, - :vendordata_dynamic_failure_fatal => false, :max_limit => 1000, :compute_link_prefix => 'https://10.0.0.1:7777/', :glance_link_prefix => 'https://10.0.0.1:6666/', @@ -118,6 +98,12 @@ describe 'nova::api' do :enable_instance_password => true, :password_length => 12, :allow_resize_to_same_host => true, + :vendordata_jsonfile_path => '/tmp', + :vendordata_providers => ['StaticJSON', 'DynamicJSON'], + :vendordata_dynamic_targets => ['join@http://127.0.0.1:9999/v1/'], + :vendordata_dynamic_connect_timeout => 30, + :vendordata_dynamic_read_timeout => 30, + :vendordata_dynamic_failure_fatal => false, :vendordata_dynamic_auth_auth_type => 'password', :vendordata_dynamic_auth_auth_url => 'http://127.0.0.1:5000', :vendordata_dynamic_auth_os_region_name => 'RegionOne', @@ -125,7 +111,7 @@ describe 'nova::api' do :vendordata_dynamic_auth_project_domain_name => 'Default', :vendordata_dynamic_auth_project_name => 'project', :vendordata_dynamic_auth_user_domain_name => 'Default', - :vendordata_dynamic_auth_username => 'user', + :vendordata_dynamic_auth_username => 'user', }) end @@ -153,12 +139,6 @@ describe 'nova::api' do is_expected.to contain_nova_config('DEFAULT/osapi_compute_workers').with('value' => '1') is_expected.to contain_nova_config('DEFAULT/metadata_workers').with('value' => '2') is_expected.to contain_nova_config('api/metadata_cache_expiration').with('value' => '15') - is_expected.to contain_nova_config('api/vendordata_jsonfile_path').with('value' => '/tmp') - is_expected.to contain_nova_config('api/vendordata_providers').with('value' => 'StaticJSON,DynamicJSON') - is_expected.to contain_nova_config('api/vendordata_dynamic_targets').with('value' => 'join@http://127.0.0.1:9999/v1/') - is_expected.to contain_nova_config('api/vendordata_dynamic_connect_timeout').with('value' => '30') - is_expected.to contain_nova_config('api/vendordata_dynamic_read_timeout').with('value' => '30') - is_expected.to contain_nova_config('api/vendordata_dynamic_failure_fatal').with('value' => false) is_expected.to contain_nova_config('api/max_limit').with('value' => '1000') is_expected.to contain_nova_config('api/compute_link_prefix').with('value' => 'https://10.0.0.1:7777/') is_expected.to contain_nova_config('api/glance_link_prefix').with('value' => 'https://10.0.0.1:6666/') @@ -173,6 +153,12 @@ describe 'nova::api' do is_expected.to contain_nova_config('api/enable_instance_password').with('value' => true) is_expected.to contain_nova_config('DEFAULT/password_length').with('value' => '12') is_expected.to contain_nova_config('DEFAULT/allow_resize_to_same_host').with('value' => true) + is_expected.to contain_nova_config('api/vendordata_jsonfile_path').with('value' => '/tmp') + is_expected.to contain_nova_config('api/vendordata_providers').with('value' => 'StaticJSON,DynamicJSON') + is_expected.to contain_nova_config('api/vendordata_dynamic_targets').with('value' => 'join@http://127.0.0.1:9999/v1/') + is_expected.to contain_nova_config('api/vendordata_dynamic_connect_timeout').with('value' => '30') + is_expected.to contain_nova_config('api/vendordata_dynamic_read_timeout').with('value' => '30') + is_expected.to contain_nova_config('api/vendordata_dynamic_failure_fatal').with('value' => false) is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_type').with('value' => 'password') is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_url').with('value' => 'http://127.0.0.1:5000') is_expected.to contain_nova_config('vendordata_dynamic_auth/os_region_name').with('value' => 'RegionOne') @@ -180,7 +166,7 @@ describe 'nova::api' do is_expected.to contain_nova_config('vendordata_dynamic_auth/project_domain_name').with('value' => 'Default') is_expected.to contain_nova_config('vendordata_dynamic_auth/project_name').with('value' => 'project') is_expected.to contain_nova_config('vendordata_dynamic_auth/user_domain_name').with('value' => 'Default') - is_expected.to contain_nova_config('vendordata_dynamic_auth/username').with('value' => 'user') + is_expected.to contain_nova_config('vendordata_dynamic_auth/username').with('value' => 'user') end end diff --git a/spec/classes/nova_compute_spec.rb b/spec/classes/nova_compute_spec.rb index 1a50591b2..4445fe33b 100644 --- a/spec/classes/nova_compute_spec.rb +++ b/spec/classes/nova_compute_spec.rb @@ -55,6 +55,23 @@ describe 'nova::compute' do is_expected.to contain_nova_config('DEFAULT/internal_service_availability_zone').with_value('') end + it 'configures vendordata' do + is_expected.to contain_nova_config('api/vendordata_jsonfile_path').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_providers').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_dynamic_targets').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_dynamic_connect_timeout').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_dynamic_read_timeout').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_dynamic_failure_fatal').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_type').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_url').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/os_region_name').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/password').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/project_domain_name').with('value' => 'Default') + is_expected.to contain_nova_config('vendordata_dynamic_auth/project_name').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/user_domain_name').with('value' => 'Default') + is_expected.to contain_nova_config('vendordata_dynamic_auth/username').with('value' => '') + end + it { is_expected.to contain_nova_config('DEFAULT/heal_instance_info_cache_interval').with_value('60') } it 'installs genisoimage package and sets config_drive_format' do diff --git a/spec/classes/nova_metadata_spec.rb b/spec/classes/nova_metadata_spec.rb index c2463a3b2..7a926ac04 100644 --- a/spec/classes/nova_metadata_spec.rb +++ b/spec/classes/nova_metadata_spec.rb @@ -26,20 +26,6 @@ describe 'nova::metadata' do :enable_proxy_headers_parsing => '', ) is_expected.to contain_nova_config('api/metadata_cache_expiration').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_jsonfile_path').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_providers').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_dynamic_targets').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_dynamic_connect_timeout').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_dynamic_read_timeout').with('value' => '') - is_expected.to contain_nova_config('api/vendordata_dynamic_failure_fatal').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_type').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_url').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/os_region_name').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/password').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/project_domain_name').with('value' => 'Default') - is_expected.to contain_nova_config('vendordata_dynamic_auth/project_name').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/user_domain_name').with('value' => 'Default') - is_expected.to contain_nova_config('vendordata_dynamic_auth/username').with('value' => '') end it 'unconfigures neutron_metadata proxy' do diff --git a/spec/classes/nova_vendordata_spec.rb b/spec/classes/nova_vendordata_spec.rb new file mode 100644 index 000000000..96f183715 --- /dev/null +++ b/spec/classes/nova_vendordata_spec.rb @@ -0,0 +1,94 @@ +require 'spec_helper' + +describe 'nova::vendordata' do + + let :pre_condition do + 'include nova' + end + + let :params do + {} + end + + shared_examples 'nova-vendordata' do + + context 'with default parameters' do + it 'configures various stuff' do + is_expected.to contain_nova_config('api/vendordata_jsonfile_path').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_providers').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_dynamic_targets').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_dynamic_connect_timeout').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_dynamic_read_timeout').with('value' => '') + is_expected.to contain_nova_config('api/vendordata_dynamic_failure_fatal').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_type').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_url').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/os_region_name').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/password').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/project_domain_name').with('value' => 'Default') + is_expected.to contain_nova_config('vendordata_dynamic_auth/project_name').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/user_domain_name').with('value' => 'Default') + is_expected.to contain_nova_config('vendordata_dynamic_auth/username').with('value' => '') + end + end + + context 'with overridden parameters' do + before do + params.merge!({ + :vendordata_jsonfile_path => '/tmp', + :vendordata_providers => ['StaticJSON', 'DynamicJSON'], + :vendordata_dynamic_targets => ['join@http://127.0.0.1:9999/v1/'], + :vendordata_dynamic_connect_timeout => 30, + :vendordata_dynamic_read_timeout => 30, + :vendordata_dynamic_failure_fatal => false, + :vendordata_dynamic_auth_auth_type => 'password', + :vendordata_dynamic_auth_auth_url => 'http://127.0.0.1:5000', + :vendordata_dynamic_auth_os_region_name => 'RegionOne', + :vendordata_dynamic_auth_password => 'secrete', + :vendordata_dynamic_auth_project_domain_name => 'Default', + :vendordata_dynamic_auth_project_name => 'project', + :vendordata_dynamic_auth_user_domain_name => 'Default', + :vendordata_dynamic_auth_username => 'user', + }) + end + + it 'configures various stuff' do + is_expected.to contain_nova_config('api/vendordata_jsonfile_path').with('value' => '/tmp') + is_expected.to contain_nova_config('api/vendordata_providers').with('value' => 'StaticJSON,DynamicJSON') + is_expected.to contain_nova_config('api/vendordata_dynamic_targets').with('value' => 'join@http://127.0.0.1:9999/v1/') + is_expected.to contain_nova_config('api/vendordata_dynamic_connect_timeout').with('value' => '30') + is_expected.to contain_nova_config('api/vendordata_dynamic_read_timeout').with('value' => '30') + is_expected.to contain_nova_config('api/vendordata_dynamic_failure_fatal').with('value' => false) + is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_type').with('value' => 'password') + is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_url').with('value' => 'http://127.0.0.1:5000') + is_expected.to contain_nova_config('vendordata_dynamic_auth/os_region_name').with('value' => 'RegionOne') + is_expected.to contain_nova_config('vendordata_dynamic_auth/password').with('value' => 'secrete').with_secret(true) + is_expected.to contain_nova_config('vendordata_dynamic_auth/project_domain_name').with('value' => 'Default') + is_expected.to contain_nova_config('vendordata_dynamic_auth/project_name').with('value' => 'project') + is_expected.to contain_nova_config('vendordata_dynamic_auth/user_domain_name').with('value' => 'Default') + is_expected.to contain_nova_config('vendordata_dynamic_auth/username').with('value' => 'user') + end + end + end + + on_supported_os({ + :supported_os => OSDefaults.get_supported_os + }).each do |os,facts| + context "on #{os}" do + let (:facts) do + facts.merge!(OSDefaults.get_facts({ :os_workers => 5 })) + end + + let (:platform_params) do + case facts[:osfamily] + when 'Debian' + { :nova_api_package => 'nova-api', + :nova_api_service => 'nova-api' } + when 'RedHat' + { :nova_api_package => 'openstack-nova-api', + :nova_api_service => 'openstack-nova-api' } + end + end + it_behaves_like 'nova-vendordata' + end + end +end