diff --git a/manifests/profile/base/ironic/api.pp b/manifests/profile/base/ironic/api.pp index 0fd04933c..aa48bf914 100644 --- a/manifests/profile/base/ironic/api.pp +++ b/manifests/profile/base/ironic/api.pp @@ -55,6 +55,7 @@ class tripleo::profile::base::ironic::api ( $step = Integer(hiera('step')), ) { include ::tripleo::profile::base::ironic + include ::tripleo::profile::base::ironic::authtoken if $::hostname == downcase($bootstrap_node) { $is_bootstrap = true diff --git a/manifests/profile/base/ironic/authtoken.pp b/manifests/profile/base/ironic/authtoken.pp new file mode 100644 index 000000000..fe743244a --- /dev/null +++ b/manifests/profile/base/ironic/authtoken.pp @@ -0,0 +1,44 @@ +# Copyright 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ironic::authtoken +# +# Ironic authtoken profile for TripleO +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*memcached_ips*] +# (Optional) Array of ipv4 or ipv6 addresses for memcache. +# Defaults to hiera('memcached_node_ips') +# +class tripleo::profile::base::ironic::authtoken ( + $step = Integer(hiera('step')), + $memcached_ips = hiera('memcached_node_ips'), +) { + + if $step >= 3 { + if is_ipv6_address($memcached_ips[0]) { + $memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:') + } else { + $memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211') + } + + class { '::ironic::api::authtoken': + memcached_servers => $memcache_servers + } + } +} diff --git a/manifests/profile/base/ironic_inspector.pp b/manifests/profile/base/ironic_inspector.pp index 1b0b1f871..af5724d3c 100644 --- a/manifests/profile/base/ironic_inspector.pp +++ b/manifests/profile/base/ironic_inspector.pp @@ -59,6 +59,8 @@ class tripleo::profile::base::ironic_inspector ( $step = Integer(hiera('step')), ) { + include ::tripleo::profile::base::ironic_inspector::authtoken + if $::hostname == downcase($bootstrap_node) { $sync_db = true } else { diff --git a/manifests/profile/base/ironic_inspector/authtoken.pp b/manifests/profile/base/ironic_inspector/authtoken.pp new file mode 100644 index 000000000..0d39b6978 --- /dev/null +++ b/manifests/profile/base/ironic_inspector/authtoken.pp @@ -0,0 +1,44 @@ +# Copyright 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# == Class: tripleo::profile::base::ironic_inspector::authtoken +# +# Ironic inspector authtoken profile for TripleO +# +# [*step*] +# (Optional) The current step in deployment. See tripleo-heat-templates +# for more details. +# Defaults to hiera('step') +# +# [*memcached_ips*] +# (Optional) Array of ipv4 or ipv6 addresses for memcache. +# Defaults to hiera('memcached_node_ips') +# +class tripleo::profile::base::ironic_inspector::authtoken ( + $step = Integer(hiera('step')), + $memcached_ips = hiera('memcached_node_ips'), +) { + + if $step >= 3 { + if is_ipv6_address($memcached_ips[0]) { + $memcache_servers = prefix(suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211'), 'inet6:') + } else { + $memcache_servers = suffix(any2array(normalize_ip_for_uri($memcached_ips)), ':11211') + } + + class { '::ironic::inspector::authtoken': + memcached_servers => $memcache_servers + } + } +} diff --git a/spec/classes/tripleo_profile_base_ironic_api_spec.rb b/spec/classes/tripleo_profile_base_ironic_api_spec.rb new file mode 100644 index 000000000..c5c1dc0d6 --- /dev/null +++ b/spec/classes/tripleo_profile_base_ironic_api_spec.rb @@ -0,0 +1,117 @@ +# +# Copyright (C) 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::ironic::api' do + shared_examples_for 'tripleo::profile::base::ironic::api' do + + before :each do + facts.merge!({ :step => params[:step] }) + end + + let(:pre_condition) do + <<-eos + class { '::tripleo::profile::base::ironic': + step => #{params[:step]}, + oslomsg_rpc_hosts => [ 'localhost' ], + oslomsg_rpc_username => 'ironic', + oslomsg_rpc_password => 'foo' + } +eos + end + + context 'with step less than 3' do + let(:params) { { + :step => 1, + :bootstrap_node => 'node.example.com', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic::api') + is_expected.to contain_class('tripleo::profile::base::ironic::authtoken') + is_expected.to contain_class('tripleo::profile::base::ironic') + is_expected.to_not contain_class('ironic::api') + is_expected.to_not contain_class('ironic::cors') + is_expected.to_not contain_class('tripleo::profile::base::apache') + is_expected.to_not contain_class('ironic::wsgi::apache') + } + end + + context 'with step 3 on bootstrap node' do + let(:params) { { + :step => 3, + :bootstrap_node => 'node.example.com', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic::api') + is_expected.to contain_class('tripleo::profile::base::ironic::authtoken') + is_expected.to contain_class('tripleo::profile::base::ironic') + is_expected.to contain_class('ironic::api') + is_expected.to contain_class('ironic::cors') + is_expected.to contain_class('tripleo::profile::base::apache') + is_expected.to contain_class('ironic::wsgi::apache') + } + end + + context 'with step 3 not on bootstrap node' do + let(:params) { { + :step => 3, + :bootstrap_node => 'other.example.com', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic::api') + is_expected.to contain_class('tripleo::profile::base::ironic::authtoken') + is_expected.to contain_class('tripleo::profile::base::ironic') + is_expected.to_not contain_class('ironic::api') + is_expected.to_not contain_class('ironic::cors') + is_expected.to_not contain_class('tripleo::profile::base::apache') + is_expected.to_not contain_class('ironic::wsgi::apache') + } + end + + context 'with step 4 not on bootstrap node' do + let(:params) { { + :step => 4, + :bootstrap_node => 'other.example.com', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic::api') + is_expected.to contain_class('tripleo::profile::base::ironic::authtoken') + is_expected.to contain_class('tripleo::profile::base::ironic') + is_expected.to contain_class('ironic::api') + is_expected.to contain_class('ironic::cors') + is_expected.to contain_class('tripleo::profile::base::apache') + is_expected.to contain_class('ironic::wsgi::apache') + } + end + + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::ironic::api' + end + end +end diff --git a/spec/classes/tripleo_profile_base_ironic_authtoken_spec.rb b/spec/classes/tripleo_profile_base_ironic_authtoken_spec.rb new file mode 100644 index 000000000..f8bce4a72 --- /dev/null +++ b/spec/classes/tripleo_profile_base_ironic_authtoken_spec.rb @@ -0,0 +1,70 @@ +# +# Copyright (C) 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::ironic::authtoken' do + shared_examples_for 'tripleo::profile::base::ironic::authtoken' do + context 'with step less than 3' do + let(:params) { { + :step => 1, + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic::authtoken') + is_expected.to_not contain_class('ironic::api::authtoken') + } + end + + context 'with step 3' do + let(:params) { { + :step => 3, + :memcached_ips => '127.0.0.1', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic::authtoken') + is_expected.to contain_class('ironic::api::authtoken').with( + :memcached_servers => ['127.0.0.1:11211']) + } + end + + context 'with step 3 with ipv6' do + let(:params) { { + :step => 3, + :memcached_ips => '::1', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic::authtoken') + is_expected.to contain_class('ironic::api::authtoken').with( + :memcached_servers => ['[::1]:11211']) + } + end + + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::ironic::authtoken' + end + end +end diff --git a/spec/classes/tripleo_profile_base_ironic_inspector_authtoken_spec.rb b/spec/classes/tripleo_profile_base_ironic_inspector_authtoken_spec.rb new file mode 100644 index 000000000..8b43969b3 --- /dev/null +++ b/spec/classes/tripleo_profile_base_ironic_inspector_authtoken_spec.rb @@ -0,0 +1,70 @@ +# +# Copyright (C) 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::ironic_inspector::authtoken' do + shared_examples_for 'tripleo::profile::base::ironic_inspector::authtoken' do + context 'with step less than 3' do + let(:params) { { + :step => 1, + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic_inspector::authtoken') + is_expected.to_not contain_class('ironic::inspector::authtoken') + } + end + + context 'with step 3' do + let(:params) { { + :step => 3, + :memcached_ips => '127.0.0.1', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic_inspector::authtoken') + is_expected.to contain_class('ironic::inspector::authtoken').with( + :memcached_servers => ['127.0.0.1:11211']) + } + end + + context 'with step 3 with ipv6' do + let(:params) { { + :step => 3, + :memcached_ips => '::1', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic_inspector::authtoken') + is_expected.to contain_class('ironic::inspector::authtoken').with( + :memcached_servers => ['[::1]:11211']) + } + end + + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::ironic_inspector::authtoken' + end + end +end diff --git a/spec/classes/tripleo_profile_base_ironic_inspector_spec.rb b/spec/classes/tripleo_profile_base_ironic_inspector_spec.rb new file mode 100644 index 000000000..b2636ec39 --- /dev/null +++ b/spec/classes/tripleo_profile_base_ironic_inspector_spec.rb @@ -0,0 +1,108 @@ +# +# Copyright (C) 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::ironic_inspector' do + shared_examples_for 'tripleo::profile::base::ironic_inspector' do + + before :each do + facts.merge!({ :step => params[:step] }) + end + + context 'with step less than 3' do + let(:params) { { + :step => 1, + :bootstrap_node => 'node.example.com', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic_inspector') + is_expected.to_not contain_class('ironic::inspector') + is_expected.to_not contain_class('ironic::inspector::pxe_filter') + is_expected.to_not contain_class('ironic::inspector::pxe_filter::dnsmasq') + is_expected.to_not contain_class('ironic::config') + is_expected.to_not contain_class('ironic::inspector::logging') + } + end + + context 'with step 3 on bootstrap node' do + let(:params) { { + :step => 3, + :bootstrap_node => 'node.example.com', + :inspection_subnets => ['192.168.24.0/24'], + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic_inspector') + is_expected.to contain_class('ironic::inspector').with( + :dnsmasq_ip_subnets => ['192.168.24.0/24'] + ) + is_expected.to contain_class('ironic::inspector::pxe_filter') + is_expected.to contain_class('ironic::inspector::pxe_filter::dnsmasq') + is_expected.to contain_class('ironic::config') + is_expected.to contain_class('ironic::inspector::logging') + } + end + + context 'with step 3 not on bootstrap node' do + let(:params) { { + :step => 3, + :bootstrap_node => 'other.example.com', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic_inspector') + is_expected.to_not contain_class('ironic::inspector') + is_expected.to_not contain_class('ironic::inspector::pxe_filter') + is_expected.to_not contain_class('ironic::inspector::pxe_filter::dnsmasq') + is_expected.to_not contain_class('ironic::config') + is_expected.to_not contain_class('ironic::inspector::logging') + } + end + + context 'with step 4' do + let(:params) { { + :step => 4, + :bootstrap_node => 'other.example.com', + :inspection_subnets => ['192.168.24.0/24'], + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic_inspector') + is_expected.to contain_class('ironic::inspector').with( + :dnsmasq_ip_subnets => ['192.168.24.0/24'] + ) + is_expected.to contain_class('ironic::inspector::pxe_filter') + is_expected.to contain_class('ironic::inspector::pxe_filter::dnsmasq') + is_expected.to contain_class('ironic::config') + is_expected.to contain_class('ironic::inspector::logging') + } + end + + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::ironic_inspector' + end + end +end diff --git a/spec/classes/tripleo_profile_base_ironic_spec.rb b/spec/classes/tripleo_profile_base_ironic_spec.rb new file mode 100644 index 000000000..5ddf3bcef --- /dev/null +++ b/spec/classes/tripleo_profile_base_ironic_spec.rb @@ -0,0 +1,107 @@ +# +# Copyright (C) 2019 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::ironic' do + shared_examples_for 'tripleo::profile::base::ironic' do + + context 'with step less than 3' do + let(:params) { { + :step => 1, + :bootstrap_node => 'node.example.com', + :oslomsg_rpc_hosts => [ 'localhost' ], + :oslomsg_rpc_password => 'foo' + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic') + is_expected.to_not contain_class('ironic') + is_expected.to_not contain_class('ironic::config') + is_expected.to_not contain_class('ironic::cors') + is_expected.to_not contain_class('ironic::logging') + } + end + + context 'with step 3 on bootstrap node' do + let(:params) { { + :step => 3, + :bootstrap_node => 'node.example.com', + :oslomsg_rpc_hosts => [ 'localhost' ], + :oslomsg_rpc_username => 'ironic', + :oslomsg_rpc_password => 'foo', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic') + is_expected.to contain_class('ironic').with( + :default_transport_url => 'rabbit://ironic:foo@localhost:5672/?ssl=0' + ) + is_expected.to contain_class('ironic::config') + is_expected.to contain_class('ironic::cors') + is_expected.to contain_class('ironic::logging') + } + end + + context 'with step 3 not on bootstrap node' do + let(:params) { { + :step => 3, + :bootstrap_node => 'other.example.com', + :oslomsg_rpc_hosts => [ 'localhost' ], + :oslomsg_rpc_password => 'foo' + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic') + is_expected.to_not contain_class('ironic') + is_expected.to_not contain_class('ironic::config') + is_expected.to_not contain_class('ironic::cors') + is_expected.to_not contain_class('ironic::logging') + } + end + + context 'with step 4' do + let(:params) { { + :step => 4, + :bootstrap_node => 'other.example.com', + :oslomsg_rpc_hosts => [ 'localhost' ], + :oslomsg_rpc_password => 'foo', + } } + + it { + is_expected.to contain_class('tripleo::profile::base::ironic') + is_expected.to contain_class('ironic').with( + :default_transport_url => /.+/, + ) + is_expected.to contain_class('ironic::config') + is_expected.to contain_class('ironic::cors') + is_expected.to contain_class('ironic::logging') + } + end + + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::ironic' + end + end +end diff --git a/spec/fixtures/hieradata/default.yaml b/spec/fixtures/hieradata/default.yaml index e35b3b7b3..4207d19b6 100644 --- a/spec/fixtures/hieradata/default.yaml +++ b/spec/fixtures/hieradata/default.yaml @@ -44,6 +44,11 @@ gnocchi_api_short_bootstrap_node_name: node gnocchi::keystone::authtoken::password: 'password' gnocchi::storage::ceph::ceph_username: 'gnocchi' gnocchi::storage::ceph::ceph_secret: 'password' +# ironic related items +ironic::api::authtoken::password: 'password' +ironic_api_short_bootstrap_node_name: node +ironic::inspector::authtoken::password: 'password' +ironic_inspector_short_bootstrap_node_name: node # haproxy related items mysql_enabled: true controller_node_ips: '10.1.0.1,10.1.0.2'