openstack/puppet-octavia
Code Issues Proposed changes

Add Octavia OVN Provider configuration (2 of 2)

Browse Source 
This patch enhances Octavia's OVN driver config, so it can connect to
OVN_Northbound DB using TLS.

Related-Bug: #1861886

Change-Id: Ic2602e7a219f3c3be7f085726ee9736975062306
This commit is contained in:
Flavio Fernandes
2020-03-05 16:40:44 -05:00
parent dce599e498
commit 8777b5031c
5 changed files with 25 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
manifests/api.pp
View File

@@ -63,9 +63,11 @@
# (optional) Configure the loadbalancer provider drivers. # (optional) Configure the loadbalancer provider drivers.
# Defaults to $::os_service_default # Defaults to $::os_service_default
# #
# DEPRECATED PARAMETERS
#
# [*ovn_nb_connection*] # [*ovn_nb_connection*]
# (optional) The connection string for the OVN_Northbound OVSDB. # (optional) The connection string for the OVN_Northbound OVSDB.
# Defaults to $::os_service_default # Defaults to undef
# #
class octavia::api ( class octavia::api (
$enabled = true, $enabled = true,
@@ -82,7 +84,8 @@ class octavia::api (
$sync_db = false, $sync_db = false,
$default_provider_driver = $::os_service_default, $default_provider_driver = $::os_service_default,
$provider_drivers = $::os_service_default, $provider_drivers = $::os_service_default,
$ovn_nb_connection = $::os_service_default, # DEPRECATED PARAMETERS
$ovn_nb_connection = undef
) inherits octavia::params { ) inherits octavia::params {
include octavia::deps include octavia::deps
@@ -93,6 +96,10 @@ class octavia::api (
include octavia::keystone::authtoken include octavia::keystone::authtoken
} }
if $ovn_nb_connection {
warning('The ovn_nb_connection parameter is deprecated from octavia::api. Use octavia::provider::ovn::ovn_nb_connection.')
}
package { 'octavia-api': package { 'octavia-api':
ensure => $package_ensure, ensure => $package_ensure,
name => $::octavia::params::api_package_name, name => $::octavia::params::api_package_name,
@@ -142,6 +149,5 @@ class octavia::api (
'api_settings/allow_tls_terminated_listeners': value => $allow_tls_terminated_listeners; 'api_settings/allow_tls_terminated_listeners': value => $allow_tls_terminated_listeners;
'api_settings/default_provider_driver': value => $default_provider_driver; 'api_settings/default_provider_driver': value => $default_provider_driver;
'api_settings/enabled_provider_drivers': value => $provider_drivers; 'api_settings/enabled_provider_drivers': value => $provider_drivers;
'ovn/ovn_nb_connection': value => $ovn_nb_connection;
} }
} }

5
manifests/provider/ovn.pp
View File

@@ -36,7 +36,10 @@ class octavia::provider::ovn (
$ovn_nb_connection_real = $ovn_nb_connection $ovn_nb_connection_real = $ovn_nb_connection
} }
octavia_ovn_provider_config { # TODO(flaviof): We need to replace octavia_config with octavia_ovn_provider_config in the future.
# For now, the config below uses octavia_config until we can figure out how to pass extra
# configuration files to the api running as wsgi process.
octavia_config {
'ovn/ovn_nb_connection': value => $ovn_nb_connection_real; 'ovn/ovn_nb_connection': value => $ovn_nb_connection_real;
'ovn/ovn_nb_private_key': value => $ovn_nb_private_key; 'ovn/ovn_nb_private_key': value => $ovn_nb_private_key;
'ovn/ovn_nb_certificate': value => $ovn_nb_certificate; 'ovn/ovn_nb_certificate': value => $ovn_nb_certificate;

4
releasenotes/notes/add-ovn-provider-71b506e3d81e92fe.yaml
View File

@@ -2,3 +2,7 @@
features: features:
- | - |
Added octavia::provider::ovn for configuring OVN driver properties. Added octavia::provider::ovn for configuring OVN driver properties.
deprecations:
- |
octavia::api::ovn_nb_connection is now deprecated and will be removed in the
future release. Please use octavia::provider::ovn::ovn_nb_connection instead.

3
spec/classes/octavia_api_spec.rb
View File

@@ -13,7 +13,6 @@ describe 'octavia::api' do
:allow_tls_terminated_listeners => false, :allow_tls_terminated_listeners => false,
:default_provider_driver => 'ovn', :default_provider_driver => 'ovn',
:provider_drivers => { 'amphora' => 'Octavia Amphora Driver', 'ovn' => 'Octavia OVN driver' }, :provider_drivers => { 'amphora' => 'Octavia Amphora Driver', 'ovn' => 'Octavia OVN driver' },
:ovn_nb_connection => 'tcp:127.0.0.1:6641'
} }
end end
@@ -54,7 +53,6 @@ describe 'octavia::api' do
is_expected.to contain_octavia_config('api_settings/allow_tls_terminated_listeners').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('api_settings/allow_tls_terminated_listeners').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('api_settings/default_provider_driver').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('api_settings/default_provider_driver').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('api_settings/enabled_provider_drivers').with_value('<SERVICE DEFAULT>') is_expected.to contain_octavia_config('api_settings/enabled_provider_drivers').with_value('<SERVICE DEFAULT>')
is_expected.to contain_octavia_config('ovn/ovn_nb_connection').with_value('<SERVICE DEFAULT>')
end end
it 'does not sync the database' do it 'does not sync the database' do
is_expected.not_to contain_class('octavia::db::sync') is_expected.not_to contain_class('octavia::db::sync')
@@ -70,7 +68,6 @@ describe 'octavia::api' do
is_expected.to contain_octavia_config('api_settings/allow_tls_terminated_listeners').with_value( params[:allow_tls_terminated_listeners] ) is_expected.to contain_octavia_config('api_settings/allow_tls_terminated_listeners').with_value( params[:allow_tls_terminated_listeners] )
is_expected.to contain_octavia_config('api_settings/default_provider_driver').with_value( params[:default_provider_driver] ) is_expected.to contain_octavia_config('api_settings/default_provider_driver').with_value( params[:default_provider_driver] )
is_expected.to contain_octavia_config('api_settings/enabled_provider_drivers').with_value( params[:provider_drivers] ) is_expected.to contain_octavia_config('api_settings/enabled_provider_drivers').with_value( params[:provider_drivers] )
is_expected.to contain_octavia_config('ovn/ovn_nb_connection').with_value(params[:ovn_nb_connection])
end end
[{:enabled => true}, {:enabled => false}].each do |param_hash| [{:enabled => true}, {:enabled => false}].each do |param_hash|

16
spec/classes/octavia_ovn_provider_spec.rb
View File

@@ -10,10 +10,10 @@ describe 'octavia::provider::ovn' do
shared_examples_for 'octavia-ovn-provider' do shared_examples_for 'octavia-ovn-provider' do
context 'with default parameters' do context 'with default parameters' do
it { is_expected.to contain_octavia_ovn_provider_config('ovn/ovn_nb_connection').with_value('<SERVICE DEFAULT>') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_connection').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_octavia_ovn_provider_config('ovn/ovn_nb_private_key').with_value('<SERVICE DEFAULT>') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_private_key').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_octavia_ovn_provider_config('ovn/ovn_nb_certificate').with_value('<SERVICE DEFAULT>') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_certificate').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_octavia_ovn_provider_config('ovn/ovn_nb_ca_cert').with_value('<SERVICE DEFAULT>') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_ca_cert').with_value('<SERVICE DEFAULT>') }
end end
context 'with specific parameters' do context 'with specific parameters' do
@@ -26,10 +26,10 @@ describe 'octavia::provider::ovn' do
}) })
end end
it { is_expected.to contain_octavia_ovn_provider_config('ovn/ovn_nb_connection').with_value('tcp:127.0.0.1:6641') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_connection').with_value('tcp:127.0.0.1:6641') }
it { is_expected.to contain_octavia_ovn_provider_config('ovn/ovn_nb_private_key').with_value('/foo.key') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_private_key').with_value('/foo.key') }
it { is_expected.to contain_octavia_ovn_provider_config('ovn/ovn_nb_certificate').with_value('/foo.pem') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_certificate').with_value('/foo.pem') }
it { is_expected.to contain_octavia_ovn_provider_config('ovn/ovn_nb_ca_cert').with_value('/ca_foo.pem') } it { is_expected.to contain_octavia_config('ovn/ovn_nb_ca_cert').with_value('/ca_foo.pem') }
end end
end end