openstack/puppet-nova
Code Issues Proposed changes

Prohibit modular libvirt in non RedHat distributions

Browse Source 
Currently modular libvirt daemons are supported only by CentOS and
RHEL. This makes sure the deployment fails in case the architecture is
requested in distros which do not support it.

Conflicts:
	spec/classes/nova_migration_libvirt_spec.rb

Change-Id: I8eefc65e206bdb0532b6c5d08eee0d35d764a2b9
(cherry picked from commit 0fe7de9b77)
(cherry picked from commit 861bef82b5)
This commit is contained in:
Takashi Kajinami
2023-05-23 11:39:14 +09:00
committed by Tobias Urdin
parent e29196040a
commit 8b60d6ba83
5 changed files with 150 additions and 183 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/compute/libvirt/services.pp
View File

@@ -61,6 +61,10 @@ class nova::compute::libvirt::services (
include nova::deps
include nova::params
if $modular_libvirt and !$::nova::params::modular_libvirt_support {
fail('Modular libvirt daemons are not support in this distribution')
}
if $libvirt_service_name {
# libvirt-nwfilter
if $::osfamily == 'RedHat' {

5
manifests/migration/libvirt.pp
View File

@@ -166,8 +166,11 @@ class nova::migration::libvirt(
$transport_real = 'tcp'
}
$modular_libvirt_real = pick($modular_libvirt, $nova::params::modular_libvirt)
$modular_libvirt_real = pick($modular_libvirt, $::nova::params::modular_libvirt)
if $modular_libvirt_real and !$::nova::params::modular_libvirt_support {
fail('Modular libvirt daemons are not support in this distribution')
}
validate_legacy(Enum['tcp', 'tls', 'ssh'], 'validate_re', $transport_real,
[['^tcp$', '^tls$', '^ssh$'], 'Valid options for transport are tcp, tls, ssh.'])

5
manifests/params.pp
View File

@@ -53,6 +53,7 @@ class nova::params {
$serialproxy_service_name = 'openstack-nova-serialproxy'
$spicehtml5proxy_service_name = 'openstack-nova-spicehtml5proxy'
$modular_libvirt = false
$modular_libvirt_support = true
# redhat specific config defaults
$root_helper = 'sudo nova-rootwrap'
$lock_path = '/var/lib/nova/tmp'
@@ -111,7 +112,6 @@ class nova::params {
$virtqemu_service_name = 'virtqemud.socket'
$virtproxy_service_name = 'virtproxyd.socket'
$virtstorage_service_name = 'virtstoraged.socket'
$modular_libvirt = false
}
default: {
$api_metadata_service_name = undef
@@ -127,9 +127,10 @@ class nova::params {
$virtqemu_service_name = 'virtqemud'
$virtproxy_service_name = 'virtproxyd'
$virtstorage_service_name = 'virtstoraged'
$modular_libvirt = false
}
}
$modular_libvirt = false
$modular_libvirt_support = false
$libvirt_service_name = 'libvirtd'
}
default: {

7
spec/classes/nova_compute_libvirt_services_spec.rb
View File

@@ -24,8 +24,10 @@ describe 'nova::compute::libvirt::services' do
is_expected.not_to contain_service('libvirt')
end
end
end
context 'with default parameters and modular-libvirt true' do
shared_examples_for 'nova compute libvirt services with modular libvirt' do
context 'with default parameters' do
let :params do
{
:modular_libvirt => true
@@ -56,6 +58,9 @@ describe 'nova::compute::libvirt::services' do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'nova compute libvirt services'
if facts['osfamily'] == 'RedHat'
it_configures 'nova compute libvirt services with modular libvirt'
end
end
end
end

312
spec/classes/nova_migration_libvirt_spec.rb
View File

@@ -49,25 +49,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_auto_converge').with_value('<SERVICE DEFAULT>')}
end
context 'with modular_libvirt set to true' do
let(:params) { { :modular_libvirt => true} }
it { is_expected.to contain_virtproxyd_config('listen_tls').with_value('0') }
it { is_expected.to contain_virtproxyd_config('listen_tcp').with_value('1') }
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_nova_config('libvirt/live_migration_tunnelled').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_with_native_tls').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_completion_timeout').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_timeout_action').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tcp://%s/system') }
it { is_expected.to contain_nova_config('libvirt/live_migration_inbound_addr').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_post_copy').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_auto_converge').with_value('<SERVICE DEFAULT>')}
end
context 'with override_uuid enabled' do
let :params do
{
@@ -118,23 +99,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tls://%s/system')}
end
context 'with tls enabled and modular-libvirt set to true' do
let :params do
{
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('listen_tls').with_value('1') }
it { is_expected.to contain_virtproxyd_config('listen_tcp').with_value('0') }
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tls://%s/system')}
end
context 'with tls enabled and inbound addr set' do
let :params do
{
@@ -197,20 +161,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with auth set to sasl and modular_libvirt is true' do
let :params do
{
:auth => 'sasl',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('sasl').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with auth set to sasl and tls enabled' do
let :params do
{
@@ -224,21 +174,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with auth set to sasl and tls enabled and modular_libvirt set to true' do
let :params do
{
:auth => 'sasl',
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('sasl').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with certificates set and tls enabled' do
let :params do
{
@@ -253,21 +188,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('crl_file').with_value('/crl').with_quote(true) }
end
context 'with certificates set and tls enabled and modular_libvirt set to true' do
let :params do
{
:transport => 'tls',
:ca_file => '/ca',
:crl_file => '/crl',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('/ca').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('/crl').with_quote(true) }
end
context 'with auth set to an invalid setting' do
let :params do
{
@@ -307,16 +227,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('listen_addr').with_value('127.0.0.1').with_quote(true) }
end
context 'with listen_address set and modular_libvirt set to true' do
let :params do
{
:listen_address => "127.0.0.1",
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('listen_addr').with_value('127.0.0.1').with_quote(true) }
end
context 'with ssh transport' do
let :params do
{
@@ -328,18 +238,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('listen_tcp').with_value('0') }
end
context 'with ssh transport and modular_libvirt set to true' do
let :params do
{
:transport => 'ssh',
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system')}
it { is_expected.to contain_virtproxyd_config('listen_tls').with_value('0') }
it { is_expected.to contain_virtproxyd_config('listen_tcp').with_value('0') }
end
context 'with ssh transport with user' do
let :params do
{
@@ -352,19 +250,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('listen_tcp').with_value('0') }
end
context 'with ssh transport with user and modular_libvirt set to true' do
let :params do
{
:transport => 'ssh',
:client_user => 'foobar',
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://foobar@%s/system')}
it { is_expected.to contain_virtproxyd_config('listen_tls').with_value('0') }
it { is_expected.to contain_virtproxyd_config('listen_tcp').with_value('0') }
end
context 'with ssh transport with port' do
let :params do
{
@@ -377,19 +262,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('listen_tcp').with_value('0') }
end
context 'with ssh transport with port and modular_libvirt set to true' do
let :params do
{
:transport => 'ssh',
:client_port => 1234,
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s:1234/system')}
it { is_expected.to contain_virtproxyd_config('listen_tls').with_value('0') }
it { is_expected.to contain_virtproxyd_config('listen_tcp').with_value('0') }
end
context 'with ssh transport with extraparams' do
let :params do
{
@@ -401,20 +273,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('listen_tls').with_value('0') }
it { is_expected.to contain_libvirtd_config('listen_tcp').with_value('0') }
end
context 'with ssh transport with extraparams and modular_libvirt set to true' do
let :params do
{
:transport => 'ssh',
:client_extraparams => {'foo' => '%', 'bar' => 'baz'},
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system?foo=%%25&bar=baz')}
it { is_expected.to contain_virtproxyd_config('listen_tls').with_value('0') }
it { is_expected.to contain_virtproxyd_config('listen_tcp').with_value('0') }
end
end
shared_examples_for 'nova migration with libvirt in Debian' do
@@ -453,36 +311,6 @@ describe 'nova::migration::libvirt' do
:enable => true,
)}
end
context 'with tls transport and modular daemons' do
let :params do
{
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_service('virtproxyd-tls').with(
:name => 'virtproxyd-tls.socket',
:ensure => 'running',
:enable => true,
)}
end
context 'with tcp transport and modular daemons' do
let :params do
{
:transport => 'tcp',
:modular_libvirt => true,
}
end
it { is_expected.to contain_service('virtproxyd-tcp').with(
:name => 'virtproxyd-tcp.socket',
:ensure => 'running',
:enable => true,
)}
end
end
shared_examples_for 'nova migration with libvirt in RedHat' do
@@ -531,8 +359,126 @@ describe 'nova::migration::libvirt' do
:enable => true,
)}
end
end
context 'with tls transport and modular daemons' do
shared_examples_for 'nova migration with modular libvirt' do
context 'with modular_libvirt set to true' do
let(:params) { { :modular_libvirt => true} }
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_nova_config('libvirt/live_migration_tunnelled').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_with_native_tls').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_completion_timeout').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_timeout_action').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tcp://%s/system') }
it { is_expected.to contain_nova_config('libvirt/live_migration_inbound_addr').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_post_copy').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_auto_converge').with_value('<SERVICE DEFAULT>')}
end
context 'with tls enabled' do
let :params do
{
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tls://%s/system')}
end
context 'with auth set to sasl' do
let :params do
{
:auth => 'sasl',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('sasl').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with auth set to sasl and tls enabled' do
let :params do
{
:auth => 'sasl',
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('sasl').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with certificates set and tls enabled' do
let :params do
{
:transport => 'tls',
:ca_file => '/ca',
:crl_file => '/crl',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('/ca').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('/crl').with_quote(true) }
end
context 'with ssh transport' do
let :params do
{
:transport => 'ssh',
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system')}
end
context 'with ssh transport with user' do
let :params do
{
:transport => 'ssh',
:client_user => 'foobar',
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://foobar@%s/system')}
end
context 'with ssh transport with port' do
let :params do
{
:transport => 'ssh',
:client_port => 1234,
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s:1234/system')}
end
context 'with ssh transport with extraparams' do
let :params do
{
:transport => 'ssh',
:client_extraparams => {'foo' => '%', 'bar' => 'baz'},
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system?foo=%%25&bar=baz')}
end
context 'with tls transport' do
let :params do
{
:transport => 'tls',
@@ -547,7 +493,7 @@ describe 'nova::migration::libvirt' do
)}
end
context 'with tcp transport and modular daemons' do
context 'with tcp transport' do
let :params do
{
:transport => 'tcp',
@@ -561,6 +507,16 @@ describe 'nova::migration::libvirt' do
:enable => true,
)}
end
context 'with listen_address set' do
let :params do
{
:listen_address => "127.0.0.1",
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('listen_addr').with_value('127.0.0.1').with_quote(true) }
end
end
on_supported_os({
@@ -572,11 +528,9 @@ describe 'nova::migration::libvirt' do
end
it_behaves_like 'nova migration with libvirt'
case facts[:osfamily]
when 'Debian'
it_behaves_like 'nova migration with libvirt in Debian'
when 'RedHat'
it_behaves_like 'nova migration with libvirt in RedHat'
it_behaves_like "nova migration with libvirt in #{facts[:os]['family']}"
if facts['osfamily'] == 'RedHat'
it_behaves_like 'nova migration with modular libvirt'
end
end
end