diff --git a/manifests/migration/libvirt.pp b/manifests/migration/libvirt.pp index 64bf9c264..cb0c768d9 100644 --- a/manifests/migration/libvirt.pp +++ b/manifests/migration/libvirt.pp @@ -18,6 +18,14 @@ # (optional) Bind libvirtd tcp/tls socket to the given address. # Defaults to undef (bind to all addresses) # +# [*live_migration_inbound_addr*] +# (optional) The IP address or hostname to be used as the target for live +# migration traffic. If left unset, and if TLS is enabled, this module will +# default the 'live_migration_uri' to 'qemu+tls://%s/system' to be compatible +# with the previous behavior of this module. However, the usage of +# 'live_migration_uri' is not recommended as it's scheduled for removal. +# Defaults to $::os_service_default +# # [*live_migration_tunnelled*] # (optional) Whether to use tunnelled migration, where migration data is # transported over the libvirtd connection. @@ -79,6 +87,7 @@ class nova::migration::libvirt( $transport = undef, $auth = 'none', $listen_address = undef, + $live_migration_inbound_addr = $::os_service_default, $live_migration_tunnelled = $::os_service_default, $live_migration_completion_timeout = $::os_service_default, $live_migration_progress_timeout = $::os_service_default, @@ -120,7 +129,6 @@ class nova::migration::libvirt( } if $configure_nova { - if $transport_real == 'ssh' { if $client_user { $prefix = "${client_user}@" @@ -145,13 +153,21 @@ class nova::migration::libvirt( $extra_params ='' } - $live_migration_uri = "qemu+${transport_real}://${prefix}%s${postfix}/system${extra_params}" + if is_service_default($live_migration_inbound_addr) { + $live_migration_uri = "qemu+${transport_real}://${prefix}%s${postfix}/system${extra_params}" + $live_migration_scheme = $::os_service_default + } else { + $live_migration_uri = $::os_service_default + $live_migration_scheme = $transport_real + } nova_config { 'libvirt/live_migration_uri': value => $live_migration_uri; 'libvirt/live_migration_tunnelled': value => $live_migration_tunnelled; 'libvirt/live_migration_completion_timeout': value => $live_migration_completion_timeout; 'libvirt/live_migration_progress_timeout': value => $live_migration_progress_timeout; + 'libvirt/live_migration_inbound_addr': value => $live_migration_inbound_addr; + 'libvirt/live_migration_scheme': value => $live_migration_scheme; } } diff --git a/releasenotes/notes/add-live-migration-inbound-addr-and-scheme-b5f864ce3f0e58f9.yaml b/releasenotes/notes/add-live-migration-inbound-addr-and-scheme-b5f864ce3f0e58f9.yaml new file mode 100644 index 000000000..93b97dbd6 --- /dev/null +++ b/releasenotes/notes/add-live-migration-inbound-addr-and-scheme-b5f864ce3f0e58f9.yaml @@ -0,0 +1,11 @@ +--- +features: + - The paremeter 'live_migration_inbound_addr' was introduced to the libvirt + live migration module. This sets the configuration option with the same + name in the nova configuration, in the 'libvirt' section. + - If TLS is enabled for libvirt's live migration, the module will set the + configuration option named 'live_migration_scheme' in the 'libvirt' section + to have the value 'tls'. This will be used by nova to form the scheme for + the live migration URI, e.g. 'qemu+tls://...'. + - Note that the usage of 'live_migratin_inbound_addr' doesn't permit adding + extra parameters to the live migration URI as of the writing of this. diff --git a/spec/classes/nova_migration_libvirt_spec.rb b/spec/classes/nova_migration_libvirt_spec.rb index eef40a64e..8b413ca4f 100644 --- a/spec/classes/nova_migration_libvirt_spec.rb +++ b/spec/classes/nova_migration_libvirt_spec.rb @@ -48,7 +48,8 @@ describe 'nova::migration::libvirt' do it { is_expected.to contain_nova_config('libvirt/live_migration_completion_timeout').with_value('') } it { is_expected.to contain_nova_config('libvirt/live_migration_progress_timeout').with_value('') } it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tcp://%s/system') } - + it { is_expected.to contain_nova_config('libvirt/live_migration_inbound_addr').with_value('')} + it { is_expected.to contain_nova_config('libvirt/live_migration_scheme').with_value('')} end context 'with override_uuid enabled' do @@ -79,6 +80,8 @@ describe 'nova::migration::libvirt' do it { is_expected.to contain_file_line('/etc/libvirt/libvirtd.conf auth_tls').with(:line => "auth_tls = \"none\"") } it { is_expected.not_to contain_file_line('/etc/libvirt/libvirtd.conf auth_tcp')} it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tls://%s/system')} + it { is_expected.to contain_nova_config('libvirt/live_migration_inbound_addr').with_value('')} + it { is_expected.to contain_nova_config('libvirt/live_migration_scheme').with_value('')} end context 'with tls enabled' do @@ -94,6 +97,22 @@ describe 'nova::migration::libvirt' do it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tls://%s/system')} end + context 'with tls enabled and inbound addr set' do + let :params do + { + :transport => 'tls', + :live_migration_inbound_addr => 'host1.example.com', + } + end + it { is_expected.to contain_file_line('/etc/libvirt/libvirtd.conf listen_tls').with(:line => "listen_tls = 1") } + it { is_expected.to contain_file_line('/etc/libvirt/libvirtd.conf listen_tcp').with(:line => "listen_tcp = 0") } + it { is_expected.to contain_file_line('/etc/libvirt/libvirtd.conf auth_tls').with(:line => "auth_tls = \"none\"") } + it { is_expected.not_to contain_file_line('/etc/libvirt/libvirtd.conf auth_tcp')} + it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('')} + it { is_expected.to contain_nova_config('libvirt/live_migration_inbound_addr').with_value('host1.example.com')} + it { is_expected.to contain_nova_config('libvirt/live_migration_scheme').with_value('tls')} + end + context 'with migration flags set' do let :params do {