Merge "Add parameter for chap_algs in iscsid.conf"

This commit is contained in:
Zuul 2021-03-30 05:54:01 +00:00 committed by Gerrit Code Review
commit 12aa5c8a08
2 changed files with 61 additions and 7 deletions

View File

@ -14,23 +14,40 @@
# #
# == Class: tripleo::profile::base::iscsid # == Class: tripleo::profile::base::iscsid
# #
# Nova Compute profile for tripleo # Iscsid profile for tripleo
# #
# === Parameters # === Parameters
# #
# [*chap_algs*]
# (Optional) Comma separated list of algorithms to use in CHAP protocol
# Defaults to 'SHA3-256,SHA256,SHA1,MD5'
#
# [*step*] # [*step*]
# (Optional) The current step in deployment. See tripleo-heat-templates # (Optional) The current step in deployment. See tripleo-heat-templates
# for more details. # for more details.
# Defaults to hiera('step') # Defaults to hiera('step')
# #
class tripleo::profile::base::iscsid ( class tripleo::profile::base::iscsid (
$step = Integer(hiera('step')), $chap_algs = 'SHA3-256,SHA256,SHA1,MD5',
$step = Integer(hiera('step')),
) { ) {
if $step >= 2 { if $step >= 2 {
# When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique # When utilising images for deployment, we need to reset the iSCSI initiator name to make it unique
# https://bugzilla.redhat.com/show_bug.cgi?id=1244328 # https://bugzilla.redhat.com/show_bug.cgi?id=1244328
ensure_resource('package', 'iscsi-initiator-utils', { ensure => 'present' }) ensure_resource('package', 'iscsi-initiator-utils', { ensure => 'present' })
# THT supplies a volume mount to the host's /etc/iscsi directory (at
# /tmp/iscsi.host). If the sentinel file (.initiator_reset) exists on the
# host, then copy the IQN from the host. This ensures the IQN is reset
# once, and only once.
exec { 'sync-iqn-from-host':
command => '/bin/cp /tmp/iscsi.host/.initiator_reset /tmp/iscsi.host/initiatorname.iscsi /etc/iscsi/',
onlyif => '/usr/bin/test -f /tmp/iscsi.host/.initiator_reset',
before => Exec['reset-iscsi-initiator-name'],
tag => 'iscsid_config'
}
exec { 'reset-iscsi-initiator-name': exec { 'reset-iscsi-initiator-name':
command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi', command => '/bin/echo InitiatorName=$(/usr/sbin/iscsi-iname) > /etc/iscsi/initiatorname.iscsi',
onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset', onlyif => '/usr/bin/test ! -f /etc/iscsi/.initiator_reset',
@ -38,8 +55,25 @@ class tripleo::profile::base::iscsid (
require => Package['iscsi-initiator-utils'], require => Package['iscsi-initiator-utils'],
tag => 'iscsid_config' tag => 'iscsid_config'
} }
file { '/etc/iscsi/.initiator_reset': file { '/etc/iscsi/.initiator_reset':
ensure => present, ensure => present,
before => Exec['sync-iqn-to-host'],
}
exec { 'sync-iqn-to-host':
command => '/bin/cp /etc/iscsi/initiatorname.iscsi /etc/iscsi/.initiator_reset /tmp/iscsi.host/',
onlyif => [
'/usr/bin/test -d /tmp/iscsi.host',
'/usr/bin/test ! -f /tmp/iscsi.host/iscsi/.initiator_reset',
],
tag => 'iscsid_config',
}
$chap_algs_real = join(any2array($chap_algs), ',')
augeas {'chap_algs in /etc/iscsi/iscsid.conf':
context => '/files/etc/iscsi/iscsid.conf',
changes => ["set node.session.auth.chap_algs ${chap_algs_real}"],
} }
} }
} }

View File

@ -18,18 +18,38 @@ require 'spec_helper'
describe 'tripleo::profile::base::iscsid' do describe 'tripleo::profile::base::iscsid' do
shared_examples_for 'tripleo::profile::base::iscsid' do shared_examples_for 'tripleo::profile::base::iscsid' do
context 'default params' do context 'with step less than 2' do
let(:params) { { :step => 2, } } let(:params) { { :step => 1 } }
it { it 'should do nothing' do
is_expected.to_not contain_package('iscsi-initiator-utils')
is_expected.to_not contain_exec('sync-iqn-from-host')
is_expected.to_not contain_exec('reset-iscsi-initiator-name')
is_expected.to_not contain_file('/etc/iscsi/.initiator_reset')
is_expected.to_not contain_exec('sync-iqn-to-host')
is_expected.to_not contain_augeas('chap_algs in /etc/iscsi/iscsid.conf')
end
end
context 'with step 2' do
let(:params) { {
:step => 2,
:chap_algs => "SHA3-256,SHA256,SHA1",
} }
it 'should trigger complete configuration' do
is_expected.to contain_package('iscsi-initiator-utils') is_expected.to contain_package('iscsi-initiator-utils')
is_expected.to contain_exec('sync-iqn-from-host')
is_expected.to contain_exec('reset-iscsi-initiator-name') is_expected.to contain_exec('reset-iscsi-initiator-name')
is_expected.to contain_file('/etc/iscsi/.initiator_reset') is_expected.to contain_file('/etc/iscsi/.initiator_reset')
} is_expected.to contain_exec('sync-iqn-to-host')
is_expected.to contain_augeas('chap_algs in /etc/iscsi/iscsid.conf')
.with_changes(
["set node.session.auth.chap_algs #{params[:chap_algs]}"])
end
end end
end end
on_supported_os.each do |os, facts| on_supported_os.each do |os, facts|
context "on #{os}" do context "on #{os}" do
let(:facts) do let(:facts) do