openstack/puppet-ovn
Code Issues Proposed changes

Support customizing inactivity probe for DB connections

Browse Source 
Inactivity probe needs to be tuned in some deployments to avoid
frequent disconnection between neutron and OVN DBs. Expose parameters
to tune the option for NB DB and SB DB.

Note that configuring inactivity probe requires that connections are
explicitly set. So now connections are configured regardless of
connection protocol (tcp or ssl).

Change-Id: I88512683c88c403acca67d5d7c839d6fb7354557
This commit is contained in:
Takashi Kajinami
2024-10-25 02:16:47 +09:00
parent ad75ab1eca
commit 7bdc37018d
3 changed files with 172 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
manifests/northd.pp
View File

@@ -76,6 +76,14 @@
# OVN SB DB SSL CA certificate file
# Defaults to undef
#
# [*ovn_nb_db_inactivity_probe*]
# Inactivity probe for OVN NB DB connections
# Defaults to undef
#
# [*ovn_sb_db_inactivity_probe*]
# Inactivity probe for OVN SB DB connections
# Defaults to undef
#
# [*ovn_northd_extra_opts*]
# Additional command line options for ovn-northd service
# Defaults to []
@@ -100,6 +108,8 @@ class ovn::northd(
Optional[Stdlib::Absolutepath] $ovn_sb_db_ssl_key = undef,
Optional[Stdlib::Absolutepath] $ovn_sb_db_ssl_cert = undef,
Optional[Stdlib::Absolutepath] $ovn_sb_db_ssl_ca_cert = undef,
Optional[Integer[0]] $ovn_nb_db_inactivity_probe = undef,
Optional[Integer[0]] $ovn_sb_db_inactivity_probe = undef,
Array[String] $ovn_northd_extra_opts = [],
) {
include vswitch::ovs
@@ -252,22 +262,46 @@ class ovn::northd(
# these wrongly.
$dbs_listen_ip_reg = regsubst(regsubst($dbs_listen_ip_real, '\]$', '\\]'), '^\[', '\\[')
if $ovn_nb_db_ssl_key {
exec { 'ovn-nb-set-connection':
command => "ovn-nbctl set-connection pssl:6641:${dbs_listen_ip_real}",
$nb_protocol = $ovn_nb_db_ssl_key ? {
undef => 'tcp',
default => 'ssl'
}
exec { 'ovn-nb-set-connection':
command => ['ovn-nbctl', 'set-connection', "p${nb_protocol}:6641:${dbs_listen_ip_real}"],
path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
unless => "ovn-nbctl get-connection | egrep -e '^p${nb_protocol}:6641:${dbs_listen_ip_reg}$'",
tag => 'ovn-db-set-connections',
require => Service['northd']
}
$sb_protocol = $ovn_sb_db_ssl_key ? {
undef => 'tcp',
default => 'ssl'
}
exec { 'ovn-sb-set-connection':
command => ['ovn-sbctl', 'set-connection', "p${sb_protocol}:6642:${dbs_listen_ip_real}"],
path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
unless => "ovn-sbctl get-connection | egrep -e ' p${sb_protocol}:6642:${dbs_listen_ip_reg}$'",
tag => 'ovn-db-set-connections',
require => Service['northd']
}
if $ovn_nb_db_inactivity_probe {
exec { 'ovn-nb-set-inactivity-probe':
command => ['ovn-nbctl', 'set', 'connection', '.', "inactivity_probe=${ovn_nb_db_inactivity_probe}"],
path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
unless => "ovn-nbctl get-connection | egrep -e '^pssl:6641:${dbs_listen_ip_reg}$'",
tag => 'ovn-db-set-connections',
require => Service['northd']
unless => "test \"$(sudo ovn-nbctl get connection . inactivity_probe)\" = \"${ovn_nb_db_inactivity_probe}\"",
tag => 'ovn-db-set-inactivity-probe',
require => Exec['ovn-nb-set-connection'],
}
}
if $ovn_sb_db_ssl_key {
exec { 'ovn-sb-set-connection':
command => "ovn-sbctl set-connection pssl:6642:${dbs_listen_ip_real}",
if $ovn_sb_db_inactivity_probe {
exec { 'ovn-sb-set-inactivity-probe':
command => ['ovn-sbctl', 'set', 'connection', '.', "inactivity_probe=${ovn_sb_db_inactivity_probe}"],
path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
unless => "ovn-sbctl get-connection | egrep -e ' pssl:6642:${dbs_listen_ip_reg}$'",
tag => 'ovn-db-set-connections',
require => Service['northd']
unless => "test \"$(sudo ovn-sbctl get connection . inactivity_probe)\" = \"${ovn_sb_db_inactivity_probe}\"",
tag => 'ovn-db-set-inactivity-probe',
require => Exec['ovn-sb-set-connection'],
}
}
}

7
releasenotes/notes/ovn-db-inactivity-probe-c0af47fdcaa9c3b5.yaml Normal file
View File

@@ -0,0 +1,7 @@
---
features:
- |
The following parameters have been added to the ``ovn::northed`` class.
- ``ovn_nb_db_inactivity_probe``
- ``ovn_sb_db_inactivity_probe``

150
spec/classes/ovn_northd_spec.rb
View File

@@ -16,9 +16,19 @@ describe 'ovn::northd' do
"\"'",
})
end
it 'does not configure db connections' do
is_expected.to_not contain_exec('ovn-nb-set-connection')
is_expected.to_not contain_exec('ovn-sb-set-connection')
it 'configures db connections' do
is_expected.to contain_exec('ovn-nb-set-connection').with({
:command => ['ovn-nbctl', 'set-connection', 'ptcp:6641:0.0.0.0'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-nbctl get-connection | egrep -e \'^ptcp:6641:0.0.0.0$\'',
:tag => 'ovn-db-set-connections',
})
is_expected.to contain_exec('ovn-sb-set-connection').with({
:command => ['ovn-sbctl', 'set-connection', 'ptcp:6642:0.0.0.0'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-sbctl get-connection | egrep -e \' ptcp:6642:0.0.0.0$\'',
:tag => 'ovn-db-set-connections',
})
end
end
@@ -35,6 +45,20 @@ describe 'ovn::northd' do
" '\"--db-nb-addr=[::1] --db-sb-addr=[::1] --db-nb-create-insecure-remote=yes --db-sb-create-insecure-remote=yes\"'",
})
end
it 'configures db connections' do
is_expected.to contain_exec('ovn-nb-set-connection').with({
:command => ['ovn-nbctl', 'set-connection', 'ptcp:6641:[::1]'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-nbctl get-connection | egrep -e \'^ptcp:6641:\\[::1\\]$\'',
:tag => 'ovn-db-set-connections',
})
is_expected.to contain_exec('ovn-sb-set-connection').with({
:command => ['ovn-sbctl', 'set-connection', 'ptcp:6642:[::1]'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-sbctl get-connection | egrep -e \' ptcp:6642:\\[::1\\]$\'',
:tag => 'ovn-db-set-connections',
})
end
end
context 'with parameters' do
@@ -60,9 +84,19 @@ describe 'ovn::northd' do
"\"'",
})
end
it 'does not configures db connections' do
is_expected.to_not contain_exec('ovn-nb-set-connection')
is_expected.to_not contain_exec('ovn-sb-set-connection')
it 'configures db connections' do
is_expected.to contain_exec('ovn-nb-set-connection').with({
:command => ['ovn-nbctl', 'set-connection', 'ptcp:6641:0.0.0.0'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-nbctl get-connection | egrep -e \'^ptcp:6641:0.0.0.0$\'',
:tag => 'ovn-db-set-connections',
})
is_expected.to contain_exec('ovn-sb-set-connection').with({
:command => ['ovn-sbctl', 'set-connection', 'ptcp:6642:0.0.0.0'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-sbctl get-connection | egrep -e \' ptcp:6642:0.0.0.0$\'',
:tag => 'ovn-db-set-connections',
})
end
end
@@ -85,15 +119,19 @@ describe 'ovn::northd' do
"\"'",
})
end
it 'configures db connections' do
is_expected.to contain_exec('ovn-nb-set-connection').with({
:command => 'ovn-nbctl set-connection pssl:6641:0.0.0.0',
:command => ['ovn-nbctl', 'set-connection', 'pssl:6641:0.0.0.0'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-nbctl get-connection | egrep -e \'^pssl:6641:0.0.0.0$\'',
:tag => 'ovn-db-set-connections',
})
is_expected.to_not contain_exec('ovn-sb-set-connection')
is_expected.to contain_exec('ovn-sb-set-connection').with({
:command => ['ovn-sbctl', 'set-connection', 'ptcp:6642:0.0.0.0'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-sbctl get-connection | egrep -e \' ptcp:6642:0.0.0.0$\'',
:tag => 'ovn-db-set-connections',
})
end
end
@@ -117,15 +155,19 @@ describe 'ovn::northd' do
"\"'",
})
end
it 'configures db connections' do
is_expected.to contain_exec('ovn-nb-set-connection').with({
:command => 'ovn-nbctl set-connection pssl:6641:[::1]',
:command => ['ovn-nbctl', 'set-connection', 'pssl:6641:[::1]'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-nbctl get-connection | egrep -e \'^pssl:6641:\\[::1\\]$\'',
:tag => 'ovn-db-set-connections',
})
is_expected.to_not contain_exec('ovn-sb-set-connection')
is_expected.to contain_exec('ovn-sb-set-connection').with({
:command => ['ovn-sbctl', 'set-connection', 'ptcp:6642:[::1]'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-sbctl get-connection | egrep -e \' ptcp:6642:\\[::1\\]$\'',
:tag => 'ovn-db-set-connections',
})
end
end
@@ -148,11 +190,15 @@ describe 'ovn::northd' do
"\"'",
})
end
it 'configures db connections' do
is_expected.to_not contain_exec('ovn-nb-set-connection')
is_expected.to contain_exec('ovn-nb-set-connection').with({
:command => ['ovn-nbctl', 'set-connection', 'ptcp:6641:0.0.0.0'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-nbctl get-connection | egrep -e \'^ptcp:6641:0.0.0.0$\'',
:tag => 'ovn-db-set-connections',
})
is_expected.to contain_exec('ovn-sb-set-connection').with({
:command => 'ovn-sbctl set-connection pssl:6642:0.0.0.0',
:command => ['ovn-sbctl', 'set-connection', 'pssl:6642:0.0.0.0'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-sbctl get-connection | egrep -e \' pssl:6642:0.0.0.0$\'',
:tag => 'ovn-db-set-connections',
@@ -180,11 +226,15 @@ describe 'ovn::northd' do
"\"'",
})
end
it 'configures db connections' do
is_expected.to_not contain_exec('ovn-nb-set-connection')
is_expected.to contain_exec('ovn-nb-set-connection').with({
:command => ['ovn-nbctl', 'set-connection', 'ptcp:6641:[::1]'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-nbctl get-connection | egrep -e \'^ptcp:6641:\\[::1\\]$\'',
:tag => 'ovn-db-set-connections',
})
is_expected.to contain_exec('ovn-sb-set-connection').with({
:command => 'ovn-sbctl set-connection pssl:6642:[::1]',
:command => ['ovn-sbctl', 'set-connection', 'pssl:6642:[::1]'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'ovn-sbctl get-connection | egrep -e \' pssl:6642:\\[::1\\]$\'',
:tag => 'ovn-db-set-connections',
@@ -224,20 +274,59 @@ describe 'ovn::northd' do
end
shared_examples_for 'ovn northd' do
it 'starts northd' do
is_expected.to contain_service('northd').with(
:ensure => true,
:name => platform_params[:ovn_northd_service_name],
:enable => true,
)
context 'with defaults' do
it 'starts northd' do
is_expected.to contain_service('northd').with(
:ensure => true,
:name => platform_params[:ovn_northd_service_name],
:enable => true,
)
end
it 'installs package' do
is_expected.to contain_package('ovn-northd').with(
:ensure => 'present',
:name => platform_params[:ovn_northd_package_name],
:notify => 'Service[northd]'
)
end
it 'should not manage inactivity probe' do
is_expected.to_not contain_exec('ovn-nb-set-inactivity-probe')
is_expected.to_not contain_exec('ovn-sb-set-inactivity-probe')
end
end
it 'installs package' do
is_expected.to contain_package('ovn-northd').with(
:ensure => 'present',
:name => platform_params[:ovn_northd_package_name],
:notify => 'Service[northd]'
)
context 'with nb db inactivity probe' do
let :params do
{
:ovn_nb_db_inactivity_probe => 60000,
}
end
it { is_expected.to contain_exec('ovn-nb-set-inactivity-probe').with(
:command => ['ovn-nbctl', 'set', 'connection', '.', 'inactivity_probe=60000'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'test "$(sudo ovn-nbctl get connection . inactivity_probe)" = "60000"',
:tag => 'ovn-db-set-inactivity-probe',
) }
it { is_expected.to_not contain_exec('ovn-sb-set-inactivity-probe') }
end
context 'with sb db inactivity probe' do
let :params do
{
:ovn_sb_db_inactivity_probe => 60000,
}
end
it { is_expected.to_not contain_exec('ovn-nb-set-inactivity-probe') }
it { is_expected.to contain_exec('ovn-sb-set-inactivity-probe').with(
:command => ['ovn-sbctl', 'set', 'connection', '.', 'inactivity_probe=60000'],
:path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'],
:unless => 'test "$(sudo ovn-sbctl get connection . inactivity_probe)" = "60000"',
:tag => 'ovn-db-set-inactivity-probe',
) }
end
end
@@ -276,4 +365,3 @@ describe 'ovn::northd' do
end
end
end