diff --git a/manifests/profile/pacemaker/manila/share_bundle.pp b/manifests/profile/pacemaker/manila/share_bundle.pp index 5cf462748..64ef592f9 100644 --- a/manifests/profile/pacemaker/manila/share_bundle.pp +++ b/manifests/profile/pacemaker/manila/share_bundle.pp @@ -26,6 +26,18 @@ # (Optional) The docker image to use for creating the pacemaker bundle # Defaults to hiera('tripleo::profile::pacemaker::manila::share_bundle::manila_docker_image', undef) # +# [*docker_volumes*] +# (Optional) The list of volumes to be mounted in the docker container +# Defaults to [] +# +# [*docker_environment*] +# (Optional) The list of environment variables set in the docker container +# Defaults to ['KOLLA_CONFIG_STRATEGY=COPY_ALWAYS'] +# +# [*backend_cephfs_enabled*] +# (Optional) Whether the CephFS Manila backend is enabled +# Defaults to hiera('manila_backend_cephfs_enabled', false) +# # [*pcs_tries*] # (Optional) The number of times pcs commands should be retried. # Defaults to hiera('pcs_tries', 20) @@ -43,6 +55,8 @@ class tripleo::profile::pacemaker::manila::share_bundle ( $bootstrap_node = hiera('manila_share_short_bootstrap_node_name'), $manila_share_docker_image = hiera('tripleo::profile::pacemaker::manila::share_bundle::manila_share_docker_image', undef), + $docker_volumes = [], + $docker_environment = ['KOLLA_CONFIG_STRATEGY=COPY_ALWAYS'], $backend_cephfs_enabled = hiera('manila_backend_cephfs_enabled', false), $pcs_tries = hiera('pcs_tries', 20), $step = Integer(hiera('step')), @@ -72,88 +86,119 @@ class tripleo::profile::pacemaker::manila::share_bundle ( if $pacemaker_master { $manila_share_nodes_count = count(hiera('manila_share_short_node_names', [])) - $default_storage_maps = { - 'manila-share-cfg-files' => { - 'source-dir' => '/var/lib/kolla/config_files/manila_share.json', - 'target-dir' => '/var/lib/kolla/config_files/config.json', - 'options' => 'ro', - }, - 'manila-share-cfg-data' => { - 'source-dir' => '/var/lib/config-data/puppet-generated/manila/', - 'target-dir' => '/var/lib/kolla/config_files/src', - 'options' => 'ro', - }, - 'manila-share-hosts' => { - 'source-dir' => '/etc/hosts', - 'target-dir' => '/etc/hosts', - 'options' => 'ro', - }, - 'manila-share-localtime' => { - 'source-dir' => '/etc/localtime', - 'target-dir' => '/etc/localtime', - 'options' => 'ro', - }, - 'manila-share-dev' => { - 'source-dir' => '/dev', - 'target-dir' => '/dev', - 'options' => 'rw', - }, - 'manila-share-run' => { - 'source-dir' => '/run', - 'target-dir' => '/run', - 'options' => 'rw', - }, - 'manila-share-sys' => { - 'source-dir' => '/sys', - 'target-dir' => '/sys', - 'options' => 'rw', - }, - 'manila-share-lib-modules' => { - 'source-dir' => '/lib/modules', - 'target-dir' => '/lib/modules', - 'options' => 'ro', - }, - 'manila-share-var-lib-manila' => { - 'source-dir' => '/var/lib/manila', - 'target-dir' => '/var/lib/manila', - 'options' => 'rw', - }, - 'manila-share-var-log' => { - 'source-dir' => '/var/log/containers/manila', - 'target-dir' => '/var/log/manila', - 'options' => 'rw', - }, - 'ceph-cfg-dir' => { - 'source-dir' => '/etc/ceph', - 'target-dir' => '/etc/ceph', - 'options' => 'ro', - }, - } - - # if ceph-nfs backend is used, then DBus is used for dynamic - # creation of NFS exports and DBus socket has to be mounted - # both to manila-share and ganesha containers so they can talk - # to each other $manila_cephfs_protocol_helper_type = hiera('manila::backend::cephfs::cephfs_protocol_helper_type', '') $nfs_ganesha = ($backend_cephfs_enabled and $manila_cephfs_protocol_helper_type == 'NFS') - if $nfs_ganesha { - $extra_storage_maps = { - 'dbus-docker' => { - 'source-dir' => '/var/run/dbus/system_bus_socket', - 'target-dir' => '/var/run/dbus/system_bus_socket', + $docker_vol_arr = delete(any2array($docker_volumes), '').flatten() + + unless empty($docker_vol_arr) { + $storage_maps = docker_volumes_to_storage_maps($docker_vol_arr, 'manila-share') + } else { + notice('Using fixed list of docker volumes for manila-share bundle') + # Default to previous hard-coded list + $default_storage_maps = { + 'manila-share-cfg-files' => { + 'source-dir' => '/var/lib/kolla/config_files/manila_share.json', + 'target-dir' => '/var/lib/kolla/config_files/config.json', + 'options' => 'ro', + }, + 'manila-share-cfg-data' => { + 'source-dir' => '/var/lib/config-data/puppet-generated/manila/', + 'target-dir' => '/var/lib/kolla/config_files/src', + 'options' => 'ro', + }, + 'manila-share-hosts' => { + 'source-dir' => '/etc/hosts', + 'target-dir' => '/etc/hosts', + 'options' => 'ro', + }, + 'manila-share-localtime' => { + 'source-dir' => '/etc/localtime', + 'target-dir' => '/etc/localtime', + 'options' => 'ro', + }, + 'manila-share-dev' => { + 'source-dir' => '/dev', + 'target-dir' => '/dev', 'options' => 'rw', }, - 'etc-ganesha' => { - 'source-dir' => '/etc/ganesha', - 'target-dir' => '/etc/ganesha', + 'manila-share-run' => { + 'source-dir' => '/run', + 'target-dir' => '/run', 'options' => 'rw', }, + 'manila-share-sys' => { + 'source-dir' => '/sys', + 'target-dir' => '/sys', + 'options' => 'rw', + }, + 'manila-share-lib-modules' => { + 'source-dir' => '/lib/modules', + 'target-dir' => '/lib/modules', + 'options' => 'ro', + }, + 'manila-share-var-lib-manila' => { + 'source-dir' => '/var/lib/manila', + 'target-dir' => '/var/lib/manila', + 'options' => 'rw', + }, + 'manila-share-pki-extracted' => { + 'source-dir' => '/etc/pki/ca-trust/extracted', + 'target-dir' => '/etc/pki/ca-trust/extracted', + 'options' => 'ro', + }, + 'manila-share-pki-ca-bundle-crt' => { + 'source-dir' => '/etc/pki/tls/certs/ca-bundle.crt', + 'target-dir' => '/etc/pki/tls/certs/ca-bundle.crt', + 'options' => 'ro', + }, + 'manila-share-pki-ca-bundle-trust-crt' => { + 'source-dir' => '/etc/pki/tls/certs/ca-bundle.trust.crt', + 'target-dir' => '/etc/pki/tls/certs/ca-bundle.trust.crt', + 'options' => 'ro', + }, + 'manila-share-pki-cert' => { + 'source-dir' => '/etc/pki/tls/cert.pem', + 'target-dir' => '/etc/pki/tls/cert.pem', + 'options' => 'ro', + }, + 'manila-share-var-log' => { + 'source-dir' => '/var/log/containers/manila', + 'target-dir' => '/var/log/manila', + 'options' => 'rw', + }, + 'manila-share-ceph-cfg-dir' => { + 'source-dir' => '/etc/ceph', + 'target-dir' => '/etc/ceph', + 'options' => 'ro', + }, } - } else { - $extra_storage_maps = {} + + # if ceph-nfs backend is used, then DBus is used for dynamic + # creation of NFS exports and DBus socket has to be mounted + # both to manila-share and ganesha containers so they can talk + # to each other + if $nfs_ganesha { + $extra_storage_maps = { + 'manila-share-dbus-docker' => { + 'source-dir' => '/var/run/dbus/system_bus_socket', + 'target-dir' => '/var/run/dbus/system_bus_socket', + 'options' => 'rw', + }, + 'manila-share-etc-ganesha' => { + 'source-dir' => '/etc/ganesha', + 'target-dir' => '/etc/ganesha', + 'options' => 'rw', + }, + } + } else { + $extra_storage_maps = {} + } + + $storage_maps = merge($default_storage_maps, $extra_storage_maps) } - $storage_maps = merge($default_storage_maps, $extra_storage_maps) + $docker_env_arr = delete(any2array($docker_environment), '').flatten() + $docker_env = join($docker_env_arr.map |$var| { "-e ${var}" }, ' ') pacemaker::resource::bundle { $::manila::params::share_service: image => $manila_share_docker_image, @@ -164,7 +209,7 @@ class tripleo::profile::pacemaker::manila::share_bundle ( expression => ['manila-share-role eq true'], }, container_options => 'network=host', - options => '--ipc=host --privileged=true --user=root --log-driver=journald -e KOLLA_CONFIG_STRATEGY=COPY_ALWAYS', + options => "--ipc=host --privileged=true --user=root --log-driver=journald ${docker_env}", run_command => '/bin/bash /usr/local/bin/kolla_start', storage_maps => $storage_maps, } diff --git a/spec/classes/tripleo_profile_pacemaker_manila_share_bundle_spec.rb b/spec/classes/tripleo_profile_pacemaker_manila_share_bundle_spec.rb new file mode 100644 index 000000000..fd4441b31 --- /dev/null +++ b/spec/classes/tripleo_profile_pacemaker_manila_share_bundle_spec.rb @@ -0,0 +1,140 @@ +# +# Copyright (C) 2018 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::pacemaker::manila::share_bundle' do + shared_examples_for 'tripleo::profile::pacemaker::manila::share_bundle' do + before :each do + facts.merge!({ :step => params[:step] }) + end + + context 'with step less than 2' do + let(:params) { { :step => 1 } } + + it 'should do nothing' do + is_expected.to contain_class('tripleo::profile::base::manila::share') + end + end + + context 'with step 2 on bootstrap node' do + let(:params) { { + :step => 2, + } } + + it 'should create pacemaker properties' do + is_expected.to contain_pacemaker__property('manila-share-role-manila-1') + is_expected.to contain_pacemaker__property('manila-share-role-manila-2') + end + end + + context 'with step 2 not on bootstrap node' do + let(:params) { { + :step => 2, + :bootstrap_node => 'other.example.com', + } } + + it 'should not create pacemaker properties' do + is_expected.to_not contain_pacemaker__property('manila-share-role-manila-1') + is_expected.to_not contain_pacemaker__property('manila-share-role-manila-2') + end + end + + context 'with step 5' do + let(:params) { { + :step => 5, + :manila_share_docker_image => 'manila-share-image', + } } + + context 'with default inputs' do + it 'should create default manila-share resource bundle' do + is_expected.to contain_pacemaker__resource__bundle('openstack-manila-share').with( + :image => 'manila-share-image', + :options => '--ipc=host --privileged=true --user=root --log-driver=journald -e KOLLA_CONFIG_STRATEGY=COPY_ALWAYS', + ) + # The default list of storage_maps is rather long, and this + # just does a spot-check of a few key entries. The point is + # to verify the default list is used when the docker_volumes + # input parameter isn't specified. + storage_maps = catalogue.resource( + 'Pacemaker::Resource::Bundle', 'openstack-manila-share').send(:parameters)[:storage_maps] + expect(storage_maps).to include('manila-share-cfg-files', 'manila-share-cfg-data') + # CephFS is disabled by default, so ensure no resources are created. + is_expected.to_not contain_pacemaker__constraint__order('ceph-nfs-then-manila-share') + is_expected.to_not contain_pacemaker__constraint__colocation('openstack-manila-share-with-ceph-nfs') + expect(storage_maps).to_not include('manila-share-dbus-docker', 'manila-share-etc-ganesha') + end + end + + context 'with cephfs backend enabled' do + before :each do + params.merge!({ + :backend_cephfs_enabled => true, + }) + end + it 'should include cephfs docker volumes and pacemaker constraints' do + is_expected.to contain_pacemaker__constraint__order('ceph-nfs-then-manila-share') + is_expected.to contain_pacemaker__constraint__colocation('openstack-manila-share-with-ceph-nfs') + storage_maps = catalogue.resource( + 'Pacemaker::Resource::Bundle', 'openstack-manila-share').send(:parameters)[:storage_maps] + expect(storage_maps).to include('manila-share-dbus-docker', 'manila-share-etc-ganesha') + end + end + + context 'with docker volumes and environment inputs' do + before :each do + params.merge!({ + :docker_volumes => ['/src/1:/tgt/1', '/src/2:/tgt/2:ro', '/src/3:/tgt/3:ro,z'], + :docker_environment => ['RIGHT=LEFT', 'UP=DOWN'], + }) + end + it 'should create custom manila-share resource bundle' do + is_expected.to contain_pacemaker__resource__bundle('openstack-manila-share').with( + :image => 'manila-share-image', + :options => '--ipc=host --privileged=true --user=root --log-driver=journald -e RIGHT=LEFT -e UP=DOWN', + :storage_maps => { + 'manila-share-src-1' => { + 'source-dir' => '/src/1', + 'target-dir' => '/tgt/1', + 'options' => 'rw', + }, + 'manila-share-src-2' => { + 'source-dir' => '/src/2', + 'target-dir' => '/tgt/2', + 'options' => 'ro', + }, + 'manila-share-src-3' => { + 'source-dir' => '/src/3', + 'target-dir' => '/tgt/3', + 'options' => 'ro,z', + }, + }, + ) + end + end + end + end + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::pacemaker::manila::share_bundle' + end + end +end diff --git a/spec/fixtures/hieradata/default.yaml b/spec/fixtures/hieradata/default.yaml index f91d87055..94a7eb225 100644 --- a/spec/fixtures/hieradata/default.yaml +++ b/spec/fixtures/hieradata/default.yaml @@ -44,6 +44,13 @@ gnocchi::storage::ceph::ceph_secret: 'password' # haproxy related items mysql_enabled: true controller_node_ips: '10.1.0.1,10.1.0.2' +# manila related items +manila::rabbit_password: 'password' +manila::backend::cephfs::cephfs_protocol_helper_type: 'NFS' +manila_share_short_bootstrap_node_name: 'node.example.com' +manila_share_short_node_names: + - 'manila-1' + - 'manila-2' # nova related items nova::rabbit_password: 'password' nova::keystone::authtoken::password: 'password'