Use systemd units to enable tcp/tls in libvirt
Since v5.7.0, libvirt requires that proper socket unit is used to listen on tcp/tls, and the usage of --listen option is forbidden by default[1]. This patch makes puppet-nova depend on socket units instead of listen option, to avoid failure when systemd tries to start libvrit service. [1]3a6a725b8f
Change-Id: I902169f54ff723c8f35ce12a7909950f61b4b7c6 Closes-Bug: #1880619 (cherry picked from commit87f2437bdc
) (cherry picked from commit5dd7c20fa0
)
This commit is contained in:
parent
74473423a0
commit
9d933a3e31
|
@ -11,7 +11,9 @@ class nova::compute::libvirt::version {
|
||||||
'RedHat': {
|
'RedHat': {
|
||||||
case $facts['os']['name'] {
|
case $facts['os']['name'] {
|
||||||
'RedHat', 'CentOS': {
|
'RedHat', 'CentOS': {
|
||||||
if versioncmp($facts['os']['release']['full'], '7.6') >= 0 {
|
if versioncmp($facts['os']['release']['full'], '8.1') >= 0 {
|
||||||
|
$default = '5.6'
|
||||||
|
} elsif versioncmp($facts['os']['release']['full'], '7.6') >= 0 {
|
||||||
$default = '4.5'
|
$default = '4.5'
|
||||||
} else {
|
} else {
|
||||||
$default = '3.9'
|
$default = '3.9'
|
||||||
|
|
|
@ -89,6 +89,11 @@
|
||||||
# "transport" option.
|
# "transport" option.
|
||||||
# Defaults to undef
|
# Defaults to undef
|
||||||
#
|
#
|
||||||
|
# [*libvirt_version*]
|
||||||
|
# (optional) installed libvirt version. Default is automatic detected depending
|
||||||
|
# of the used OS installed via ::nova::compute::libvirt::version::default .
|
||||||
|
# Defaults to ::nova::compute::libvirt::version::default
|
||||||
|
#
|
||||||
class nova::migration::libvirt(
|
class nova::migration::libvirt(
|
||||||
$transport = undef,
|
$transport = undef,
|
||||||
$auth = 'none',
|
$auth = 'none',
|
||||||
|
@ -105,7 +110,8 @@ class nova::migration::libvirt(
|
||||||
$client_extraparams = {},
|
$client_extraparams = {},
|
||||||
$ca_file = undef,
|
$ca_file = undef,
|
||||||
$crl_file = undef,
|
$crl_file = undef,
|
||||||
){
|
$libvirt_version = $::nova::compute::libvirt::version::default,
|
||||||
|
) inherits nova::compute::libvirt::version {
|
||||||
|
|
||||||
include ::nova::deps
|
include ::nova::deps
|
||||||
|
|
||||||
|
@ -233,12 +239,37 @@ class nova::migration::libvirt(
|
||||||
|
|
||||||
case $::osfamily {
|
case $::osfamily {
|
||||||
'RedHat': {
|
'RedHat': {
|
||||||
if $transport_real != 'ssh' {
|
if versioncmp($libvirt_version, '5.6') >= 0 {
|
||||||
file_line { '/etc/sysconfig/libvirtd libvirtd args':
|
$manage_services = pick($::nova::compute::libvirt::manage_libvirt_services, true)
|
||||||
path => '/etc/sysconfig/libvirtd',
|
|
||||||
line => 'LIBVIRTD_ARGS="--listen"',
|
if $manage_services {
|
||||||
match => '^LIBVIRTD_ARGS=',
|
if $transport_real == 'tls' {
|
||||||
tag => 'libvirt-file_line',
|
service { 'libvirtd-tls':
|
||||||
|
ensure => 'running',
|
||||||
|
name => 'libvirtd-tls.socket',
|
||||||
|
enable => true,
|
||||||
|
require => Anchor['nova::config::end']
|
||||||
|
}
|
||||||
|
Service['libvirtd-tls'] -> Service<| title == 'libvirt' |>
|
||||||
|
} elsif $transport_real == 'tcp' {
|
||||||
|
service { 'libvirtd-tcp':
|
||||||
|
ensure => 'running',
|
||||||
|
name => 'libvirtd-tcp.socket',
|
||||||
|
enable => true,
|
||||||
|
require => Anchor['nova::config::end']
|
||||||
|
}
|
||||||
|
Service['libvirtd-tcp'] -> Service<| title == 'libvirt' |>
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
} else {
|
||||||
|
if $transport_real != 'ssh' {
|
||||||
|
file_line { '/etc/sysconfig/libvirtd libvirtd args':
|
||||||
|
path => '/etc/sysconfig/libvirtd',
|
||||||
|
line => 'LIBVIRTD_ARGS="--listen"',
|
||||||
|
match => '^LIBVIRTD_ARGS=',
|
||||||
|
tag => 'libvirt-file_line',
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,7 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Now puppet-nova supports configuration of libvirtd-tls.socket and
|
||||||
|
libvirtd-tcp.socket, which should be enabled according to the transport
|
||||||
|
protocol when libvirt is running under systemd. This feature is enforced
|
||||||
|
since libvirt v5.8.
|
|
@ -239,6 +239,36 @@ describe 'nova::migration::libvirt' do
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
shared_examples_for 'nova migration with libvirt in Debian' do
|
||||||
|
it { is_expected.to contain_file_line('/etc/default/libvirtd libvirtd opts').with(:line => 'libvirtd_opts="-l"') }
|
||||||
|
end
|
||||||
|
|
||||||
|
shared_examples_for 'nova migration with libvirt in RedHat' do
|
||||||
|
context 'with tls transport' do
|
||||||
|
let(:params) do
|
||||||
|
{ :transport => 'tls' }
|
||||||
|
end
|
||||||
|
|
||||||
|
it { is_expected.to contain_service('libvirtd-tls').with(
|
||||||
|
:name => 'libvirtd-tls.socket',
|
||||||
|
:ensure => 'running',
|
||||||
|
:enable => true,
|
||||||
|
)}
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with tls transport' do
|
||||||
|
let(:params) do
|
||||||
|
{ :transport => 'tcp' }
|
||||||
|
end
|
||||||
|
|
||||||
|
it { is_expected.to contain_service('libvirtd-tcp').with(
|
||||||
|
:name => 'libvirtd-tcp.socket',
|
||||||
|
:ensure => 'running',
|
||||||
|
:enable => true,
|
||||||
|
)}
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
on_supported_os({
|
on_supported_os({
|
||||||
:supported_os => OSDefaults.get_supported_os
|
:supported_os => OSDefaults.get_supported_os
|
||||||
}).each do |os,facts|
|
}).each do |os,facts|
|
||||||
|
@ -247,15 +277,6 @@ describe 'nova::migration::libvirt' do
|
||||||
facts.merge!(OSDefaults.get_facts({ :os_workers => 5 }))
|
facts.merge!(OSDefaults.get_facts({ :os_workers => 5 }))
|
||||||
end
|
end
|
||||||
|
|
||||||
let (:platform_params) do
|
|
||||||
case facts[:osfamily]
|
|
||||||
when 'Debian'
|
|
||||||
it { is_expected.to contain_file_line('/etc/default/libvirtd libvirtd opts').with(:line => 'libvirtd_opts="-l"') }
|
|
||||||
when 'RedHat'
|
|
||||||
it { is_expected.to contain_file_line('/etc/sysconfig/libvirtd libvirtd args').with(:line => 'LIBVIRTD_ARGS="--listen"') }
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
it_configures 'nova migration with libvirt'
|
it_configures 'nova migration with libvirt'
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue