From 7ce90cb74d1fd8b24cd92df55b9d4f736897f664 Mon Sep 17 00:00:00 2001 From: Alan Bishop Date: Fri, 20 Mar 2020 09:42:45 -0700 Subject: [PATCH] Handle ipv6 addresses in etcd and cinder's backend_url When configured to use an ipv6 address, the etcd URLs and the cinder lock manager's backend_url need to include brackets around the address. Closes-Bug: #1868284 Change-Id: I79f385f14b5904803cdc7fdd145afa2dbcef9c49 (cherry picked from commit aed9bda1b0b97305be3d147ded862f936253bac2) --- manifests/profile/base/cinder/volume.pp | 2 +- manifests/profile/base/etcd.pp | 10 +- ...tripleo_profile_base_cinder_volume_spec.rb | 26 ++++ .../classes/tripleo_profile_base_etcd_spec.rb | 131 ++++++++++++++++++ 4 files changed, 164 insertions(+), 5 deletions(-) create mode 100644 spec/classes/tripleo_profile_base_etcd_spec.rb diff --git a/manifests/profile/base/cinder/volume.pp b/manifests/profile/base/cinder/volume.pp index 9a7cb2cd2..67636c31c 100644 --- a/manifests/profile/base/cinder/volume.pp +++ b/manifests/profile/base/cinder/volume.pp @@ -157,7 +157,7 @@ class tripleo::profile::base::cinder::volume ( } else { $protocol = 'http' } - $backend_url = sprintf('etcd3+%s://%s:%s', $protocol, $etcd_host, $etcd_port) + $backend_url = sprintf('etcd3+%s://%s:%s', $protocol, normalize_ip_for_uri($etcd_host), $etcd_port) class { '::cinder::coordination' : backend_url => $backend_url, } diff --git a/manifests/profile/base/etcd.pp b/manifests/profile/base/etcd.pp index 36596a235..e79ba8084 100644 --- a/manifests/profile/base/etcd.pp +++ b/manifests/profile/base/etcd.pp @@ -78,11 +78,13 @@ class tripleo::profile::base::etcd ( } if $step >= 2 { + $bind_ip_normalized = normalize_ip_for_uri($bind_ip) + class {'::etcd': - listen_client_urls => "${protocol}://${bind_ip}:${client_port}", - advertise_client_urls => "${protocol}://${bind_ip}:${client_port}", - listen_peer_urls => "${protocol}://${bind_ip}:${peer_port}", - initial_advertise_peer_urls => "${protocol}://${bind_ip}:${peer_port}", + listen_client_urls => "${protocol}://${bind_ip_normalized}:${client_port}", + advertise_client_urls => "${protocol}://${bind_ip_normalized}:${client_port}", + listen_peer_urls => "${protocol}://${bind_ip_normalized}:${peer_port}", + initial_advertise_peer_urls => "${protocol}://${bind_ip_normalized}:${peer_port}", initial_cluster => regsubst($nodes, '.+', "\\0=${protocol}://\\0:${peer_port}"), proxy => 'off', cert_file => $tls_certfile, diff --git a/spec/classes/tripleo_profile_base_cinder_volume_spec.rb b/spec/classes/tripleo_profile_base_cinder_volume_spec.rb index dc7a6a4a3..c3b900bb3 100644 --- a/spec/classes/tripleo_profile_base_cinder_volume_spec.rb +++ b/spec/classes/tripleo_profile_base_cinder_volume_spec.rb @@ -307,6 +307,32 @@ describe 'tripleo::profile::base::cinder::volume' do end end + context 'with an ipv6 etcd_host' do + before :each do + params.merge!({ + :etcd_host => 'fe80::1ff:fe23:4567:890a', + }) + end + it 'should normalize it in the URI' do + is_expected.to contain_class('cinder::coordination').with( + :backend_url => 'etcd3+http://[fe80::1ff:fe23:4567:890a]:2379', + ) + end + end + + context 'with a named etcd_host' do + before :each do + params.merge!({ + :etcd_host => 'etcdhost.localdomain', + }) + end + it 'should craft a correct URI' do + is_expected.to contain_class('cinder::coordination').with( + :backend_url => 'etcd3+http://etcdhost.localdomain:2379', + ) + end + end + context 'with etcd service not enabled' do before :each do params.merge!({ diff --git a/spec/classes/tripleo_profile_base_etcd_spec.rb b/spec/classes/tripleo_profile_base_etcd_spec.rb new file mode 100644 index 000000000..929be197a --- /dev/null +++ b/spec/classes/tripleo_profile_base_etcd_spec.rb @@ -0,0 +1,131 @@ +# +# Copyright (C) 2020 Red Hat Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# Unit tests for tripleo +# + +require 'spec_helper' + +describe 'tripleo::profile::base::etcd' do + + shared_examples_for 'tripleo::profile::base::etcd' do + before :each do + facts.merge!({ :step => params[:step] }) + end + + context 'with step less than 2' do + let(:params) { { :step => 1 } } + + it 'should do nothing' do + is_expected.to_not contain_class('etcd') + end + end + + context 'with step 2' do + let(:params) { { :step => 2 } } + + context 'with defaults' do + it 'should configure etcd with defaults' do + is_expected.to contain_class('etcd').with( + :listen_client_urls => 'http://127.0.0.1:2379', + :advertise_client_urls => 'http://127.0.0.1:2379', + :listen_peer_urls => 'http://127.0.0.1:2380', + :initial_advertise_peer_urls => 'http://127.0.0.1:2380', + :initial_cluster => [], + :proxy => 'off', + :cert_file => nil, + :key_file => nil, + :client_cert_auth => false, + :peer_cert_file => nil, + :peer_key_file => nil, + :peer_client_cert_auth => false, + ) + end + end + + context 'with overrides' do + before :each do + params.merge!({ + :bind_ip => '127.0.0.2', + :client_port => '1234', + :peer_port => '4321', + :nodes => ['node3', 'node4'] + }) + end + it 'should configure etcd with overrides' do + is_expected.to contain_class('etcd').with( + :listen_client_urls => 'http://127.0.0.2:1234', + :advertise_client_urls => 'http://127.0.0.2:1234', + :listen_peer_urls => 'http://127.0.0.2:4321', + :initial_advertise_peer_urls => 'http://127.0.0.2:4321', + :initial_cluster => ['node3=http://node3:4321', 'node4=http://node4:4321'], + ) + end + end + + context 'with TLS enabled' do + before :each do + params.merge!({ + :enable_internal_tls => true, + :certificate_specs => { + 'service_certificate' => '/path/to/etcd.cert', + 'service_key' => '/path/to/etcd.key', + }, + }) + end + it 'should configure etcd with TLS' do + is_expected.to contain_class('etcd').with( + :listen_client_urls => 'https://127.0.0.1:2379', + :advertise_client_urls => 'https://127.0.0.1:2379', + :listen_peer_urls => 'https://127.0.0.1:2380', + :initial_advertise_peer_urls => 'https://127.0.0.1:2380', + :cert_file => '/path/to/etcd.cert', + :key_file => '/path/to/etcd.key', + :client_cert_auth => true, + :peer_cert_file => '/path/to/etcd.cert', + :peer_key_file => '/path/to/etcd.key', + :peer_client_cert_auth => true, + ) + end + end + + context 'with an IPv6 bind_ip' do + before :each do + params.merge!({ + :bind_ip => 'fe80::1ff:fe23:4567:890a', + }) + end + it 'should normalize it in the URLs' do + is_expected.to contain_class('etcd').with( + :listen_client_urls => 'http://[fe80::1ff:fe23:4567:890a]:2379', + :advertise_client_urls => 'http://[fe80::1ff:fe23:4567:890a]:2379', + :listen_peer_urls => 'http://[fe80::1ff:fe23:4567:890a]:2380', + :initial_advertise_peer_urls => 'http://[fe80::1ff:fe23:4567:890a]:2380', + ) + end + end + end + end + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({}) + end + + it_behaves_like 'tripleo::profile::base::etcd' + end + end +end