From 728d549daff0290ffc0c656bb85df9c3416d8702 Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Wed, 10 Nov 2021 00:42:14 +0900 Subject: [PATCH] ovn: Add support for ovn_sb_* parameters This change introduces support for the [ovn] ovn_sb_* parameters, which are required to use health monitors for ovn-octavia-provider[1]. [1] 8bbd8f1b62d7811433079bff8ce940fbdd041a0c Change-Id: Ie260a82c96b3e5f847a12027ccc7f416b6d456e4 --- manifests/provider/ovn.pp | 26 +++++++++++++++++++ .../notes/ovnsb-params-e7bdca2b53465ed9.yaml | 5 ++++ spec/classes/octavia_provider_ovn_spec.rb | 12 +++++++++ 3 files changed, 43 insertions(+) create mode 100644 releasenotes/notes/ovnsb-params-e7bdca2b53465ed9.yaml diff --git a/manifests/provider/ovn.pp b/manifests/provider/ovn.pp index 975731e4..18718761 100644 --- a/manifests/provider/ovn.pp +++ b/manifests/provider/ovn.pp @@ -24,6 +24,24 @@ # verify certificates presented to it by SSL peers # Defaults to $::os_service_default # +# [*ovn_sb_connection*] +# (optional) The connection string for the OVN_Southbound OVSDB. +# Defaults to $::os_service_default +# +# [*ovn_sb_private_key*] +# (optional) The PEM file with private key for SSL connection to OVN-SB-DB +# Defaults to $::os_service_default +# +# [*ovn_sb_certificate*] +# (optional) The PEM file with certificate that certifies the private +# key specified in ovn_sb_private_key +# Defaults to $::os_service_default +# +# [*ovn_sb_ca_cert*] +# (optional) The PEM file with CA certificate that OVN should use to +# verify certificates presented to it by SSL peers +# Defaults to $::os_service_default +# # [*ovsdb_connection_timeout*] # (optional) Timeout in seconds for the OVSDB connection transaction. # Defaults to $::os_service_default @@ -43,6 +61,10 @@ class octavia::provider::ovn ( $ovn_nb_private_key = $::os_service_default, $ovn_nb_certificate = $::os_service_default, $ovn_nb_ca_cert = $::os_service_default, + $ovn_sb_connection = $::os_service_default, + $ovn_sb_private_key = $::os_service_default, + $ovn_sb_certificate = $::os_service_default, + $ovn_sb_ca_cert = $::os_service_default, $ovsdb_connection_timeout = $::os_service_default, $ovsdb_retry_max_interval = $::os_service_default, $ovsdb_probe_interval = $::os_service_default, @@ -72,6 +94,10 @@ class octavia::provider::ovn ( 'ovn/ovn_nb_private_key': value => $ovn_nb_private_key; 'ovn/ovn_nb_certificate': value => $ovn_nb_certificate; 'ovn/ovn_nb_ca_cert': value => $ovn_nb_ca_cert; + 'ovn/ovn_sb_connection': value => $ovn_sb_connection; + 'ovn/ovn_sb_private_key': value => $ovn_sb_private_key; + 'ovn/ovn_sb_certificate': value => $ovn_sb_certificate; + 'ovn/ovn_sb_ca_cert': value => $ovn_sb_ca_cert; 'ovn/ovsdb_connection_timeout': value => $ovsdb_connection_timeout; 'ovn/ovsdb_retry_max_interval': value => $ovsdb_retry_max_interval; 'ovn/ovsdb_probe_interval': value => $ovsdb_probe_interval; diff --git a/releasenotes/notes/ovnsb-params-e7bdca2b53465ed9.yaml b/releasenotes/notes/ovnsb-params-e7bdca2b53465ed9.yaml new file mode 100644 index 00000000..68960aed --- /dev/null +++ b/releasenotes/notes/ovnsb-params-e7bdca2b53465ed9.yaml @@ -0,0 +1,5 @@ +--- +features: + - | + Support for the ``ovn_sb_*`` parameters has been added to + the ``octavia::provider::ovn`` class. diff --git a/spec/classes/octavia_provider_ovn_spec.rb b/spec/classes/octavia_provider_ovn_spec.rb index 6e364b2f..61b2813b 100644 --- a/spec/classes/octavia_provider_ovn_spec.rb +++ b/spec/classes/octavia_provider_ovn_spec.rb @@ -13,6 +13,10 @@ describe 'octavia::provider::ovn' do it { is_expected.to contain_octavia_config('ovn/ovn_nb_private_key').with_value('') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_certificate').with_value('') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_ca_cert').with_value('') } + it { is_expected.to contain_octavia_config('ovn/ovn_sb_connection').with_value('') } + it { is_expected.to contain_octavia_config('ovn/ovn_sb_private_key').with_value('') } + it { is_expected.to contain_octavia_config('ovn/ovn_sb_certificate').with_value('') } + it { is_expected.to contain_octavia_config('ovn/ovn_sb_ca_cert').with_value('') } it { is_expected.to contain_octavia_config('ovn/ovsdb_connection_timeout').with_value('') } it { is_expected.to contain_octavia_config('ovn/ovsdb_retry_max_interval').with_value('') } it { is_expected.to contain_octavia_config('ovn/ovsdb_probe_interval').with_value('') } @@ -31,6 +35,10 @@ describe 'octavia::provider::ovn' do :ovn_nb_private_key => '/foo.key', :ovn_nb_certificate => '/foo.pem', :ovn_nb_ca_cert => '/ca_foo.pem', + :ovn_sb_connection => 'tcp:127.0.0.1:6642', + :ovn_sb_private_key => '/bar.key', + :ovn_sb_certificate => '/bar.pem', + :ovn_sb_ca_cert => '/ca_bar.pem', :ovsdb_connection_timeout => 180, :ovsdb_retry_max_interval => 180, :ovsdb_probe_interval => 60000, @@ -41,6 +49,10 @@ describe 'octavia::provider::ovn' do it { is_expected.to contain_octavia_config('ovn/ovn_nb_private_key').with_value('/foo.key') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_certificate').with_value('/foo.pem') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_ca_cert').with_value('/ca_foo.pem') } + it { is_expected.to contain_octavia_config('ovn/ovn_sb_connection').with_value('tcp:127.0.0.1:6642') } + it { is_expected.to contain_octavia_config('ovn/ovn_sb_private_key').with_value('/bar.key') } + it { is_expected.to contain_octavia_config('ovn/ovn_sb_certificate').with_value('/bar.pem') } + it { is_expected.to contain_octavia_config('ovn/ovn_sb_ca_cert').with_value('/ca_bar.pem') } it { is_expected.to contain_octavia_config('ovn/ovsdb_connection_timeout').with_value(180) } it { is_expected.to contain_octavia_config('ovn/ovsdb_retry_max_interval').with_value(180) } it { is_expected.to contain_octavia_config('ovn/ovsdb_probe_interval').with_value(60000) }