Designate: configure unbound resolvers as dns servers
Configure dns related config in neutron with the IPs for the unbound resolvers if they are available. Change-Id: I2f161e7247c696a75fc53af5043d94bc85d4ec0f
This commit is contained in:
parent
ec26d49c25
commit
f736d081bf
|
@ -23,12 +23,29 @@
|
|||
# for more details.
|
||||
# Defaults to hiera('step')
|
||||
#
|
||||
# [*neutron_dns_integration*]
|
||||
# (Optional) Configure neutron to use the supplied unbound resolver nodes.
|
||||
# Defaults to false
|
||||
#
|
||||
# [*unbound_resolvers*]
|
||||
# (Optional) Unbound resolvers if configured.
|
||||
# Defaults to hiera('unbound_node_ips', undef)
|
||||
#
|
||||
class tripleo::profile::base::neutron::dhcp (
|
||||
$step = Integer(hiera('step')),
|
||||
$step = Integer(hiera('step')),
|
||||
$neutron_dns_integration = false,
|
||||
$unbound_resolvers = hiera('unbound_node_ips', undef),
|
||||
) {
|
||||
if $step >= 4 {
|
||||
include tripleo::profile::base::neutron
|
||||
include neutron::agents::dhcp
|
||||
|
||||
if $neutron_dns_integration and $unbound_resolvers {
|
||||
class{ 'neutron::agents::dhcp':
|
||||
dnsmasq_dns_servers => $unbound_resolvers
|
||||
}
|
||||
} else {
|
||||
include neutron::agents::dhcp
|
||||
}
|
||||
|
||||
Service<| title == 'neutron-server' |> -> Service <| title == 'neutron-dhcp' |>
|
||||
}
|
||||
|
|
|
@ -74,6 +74,18 @@
|
|||
# for more details.
|
||||
# Defaults to hiera('step')
|
||||
#
|
||||
# [*neutron_dns_integration*]
|
||||
# (Optional) Configure neutron to use the supplied unbound resolver nodes.
|
||||
# Defaults to false
|
||||
#
|
||||
# [*unbound_resolvers*]
|
||||
# (Optional) Unbound resolvers if configured.
|
||||
# Defaults to hiera('unbound_node_ips', undef)
|
||||
#
|
||||
# [*dns_servers*]
|
||||
# (Optional) Heat template defined dns servers if provided.
|
||||
# Defaults to hiera('neutron::plugins::ml2::ovn', $::os_service_default)
|
||||
#
|
||||
class tripleo::profile::base::neutron::plugins::ml2::ovn (
|
||||
$ovn_db_host = hiera('ovn_dbs_vip', undef),
|
||||
$ovn_db_node_ips = hiera('ovn_dbs_node_ips', undef),
|
||||
|
@ -87,7 +99,10 @@ class tripleo::profile::base::neutron::plugins::ml2::ovn (
|
|||
$ovn_sb_certificate = $::os_service_default,
|
||||
$ovn_sb_ca_cert = $::os_service_default,
|
||||
$protocol = 'tcp',
|
||||
$step = Integer(hiera('step'))
|
||||
$step = Integer(hiera('step')),
|
||||
$neutron_dns_integration = false,
|
||||
$unbound_resolvers = hiera('unbound_node_ips', undef),
|
||||
$dns_servers = hiera('neutron::plugins::ml2::ovn::dns_servers', $::os_service_default),
|
||||
) {
|
||||
|
||||
if $step >= 4 {
|
||||
|
@ -99,6 +114,12 @@ class tripleo::profile::base::neutron::plugins::ml2::ovn (
|
|||
$sb_conn = $db_hosts.map |$h| { join([$protocol, normalize_ip_for_uri($h), "${ovn_sb_port}"], ':') }
|
||||
$nb_conn = $db_hosts.map |$h| { join([$protocol, normalize_ip_for_uri($h), "${ovn_nb_port}"], ':') }
|
||||
|
||||
if $neutron_dns_integration and $unbound_resolvers {
|
||||
$unbound_resolvers_real = $unbound_resolvers
|
||||
} else {
|
||||
$unbound_resolvers_real = $dns_servers
|
||||
}
|
||||
|
||||
class { 'neutron::plugins::ml2::ovn':
|
||||
ovn_nb_connection => join(any2array($nb_conn), ','),
|
||||
ovn_sb_connection => join(any2array($sb_conn), ','),
|
||||
|
@ -108,6 +129,7 @@ class tripleo::profile::base::neutron::plugins::ml2::ovn (
|
|||
ovn_sb_private_key => $ovn_sb_private_key,
|
||||
ovn_sb_certificate => $ovn_sb_certificate,
|
||||
ovn_sb_ca_cert => $ovn_sb_ca_cert,
|
||||
dns_servers => $unbound_resolvers_real
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -38,7 +38,38 @@ describe 'tripleo::profile::base::neutron::dhcp' do
|
|||
it 'should trigger complete configuration' do
|
||||
is_expected.to contain_class('tripleo::profile::base::neutron::dhcp')
|
||||
is_expected.to contain_class('tripleo::profile::base::neutron')
|
||||
is_expected.to contain_class('neutron::agents::dhcp')
|
||||
is_expected.to contain_class('neutron::agents::dhcp').with({
|
||||
:dnsmasq_dns_servers => '<SERVICE DEFAULT>'
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4, dns integration enabled and resolvers' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:neutron_dns_integration => true,
|
||||
:unbound_resolvers => ['192.168.111.111']
|
||||
} }
|
||||
it 'should trigger configuration with dns integration' do
|
||||
is_expected.to contain_class('tripleo::profile::base::neutron::dhcp')
|
||||
is_expected.to contain_class('tripleo::profile::base::neutron')
|
||||
is_expected.to contain_class('neutron::agents::dhcp').with({
|
||||
:dnsmasq_dns_servers => ['192.168.111.111']
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4, dns integration enabled but no resolvers' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:neutron_dns_integration => true,
|
||||
} }
|
||||
it 'should trigger configuration without dns integration' do
|
||||
is_expected.to contain_class('tripleo::profile::base::neutron::dhcp')
|
||||
is_expected.to contain_class('tripleo::profile::base::neutron')
|
||||
is_expected.to contain_class('neutron::agents::dhcp').with({
|
||||
:dnsmasq_dns_servers => '<SERVICE DEFAULT>'
|
||||
})
|
||||
end
|
||||
end
|
||||
end
|
||||
|
@ -48,7 +79,6 @@ describe 'tripleo::profile::base::neutron::dhcp' do
|
|||
let(:facts) do
|
||||
facts.merge(OSDefaults.get_facts({ :hostname => 'node.example.com' }))
|
||||
end
|
||||
|
||||
it_behaves_like 'tripleo::profile::base::neutron::dhcp'
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,258 @@
|
|||
#
|
||||
# Copyright (C) 2022 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'tripleo::profile::base::neutron::plugins::ml2::ovn' do
|
||||
|
||||
shared_examples_for 'tripleo::profile::base::neutron::plugins::ml2::ovn' do
|
||||
|
||||
before :each do
|
||||
facts.merge!({ :step => params[:step] })
|
||||
end
|
||||
|
||||
context 'with step less than 4' do
|
||||
let(:params) { {
|
||||
:step => 3,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_clustered => true,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
} }
|
||||
it 'should do nothing' do
|
||||
is_expected.to contain_class('tripleo::profile::base::neutron::plugins::ml2::ovn')
|
||||
is_expected.to_not contain_class('neutron::plugins::ml2::ovn')
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4 and later and clustered ovn dbs' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_clustered => true,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
} }
|
||||
it 'should configure ovn ML2 plugin with clustered node ips' do
|
||||
is_expected.to contain_class('neutron::plugins::ml2::ovn').with({
|
||||
:ovn_nb_connection => ['tcp:192.168.111.10:998,tcp:192.168.111.11:998'],
|
||||
:ovn_sb_connection => ['tcp:192.168.111.10:999,tcp:192.168.111.11:999'],
|
||||
:ovn_nb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:dns_servers => '<SERVICE DEFAULT>'
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4 and later and clustered ovn dbs, ssl connections' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_clustered => true,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
:protocol => 'ssl',
|
||||
:ovn_nb_private_key => 'nb private key',
|
||||
:ovn_nb_certificate => 'nb certificate',
|
||||
:ovn_sb_private_key => 'sb private key',
|
||||
:ovn_sb_certificate => 'sb certificate',
|
||||
:ovn_sb_ca_cert => 'sb ca cert',
|
||||
:ovn_nb_ca_cert => 'nb ca cert',
|
||||
} }
|
||||
it 'should configure ovn ML2 plugin with clustered node ips and ssl connections' do
|
||||
is_expected.to contain_class('neutron::plugins::ml2::ovn').with({
|
||||
:ovn_nb_connection => ['ssl:192.168.111.10:998,ssl:192.168.111.11:998'],
|
||||
:ovn_sb_connection => ['ssl:192.168.111.10:999,ssl:192.168.111.11:999'],
|
||||
:ovn_nb_private_key => 'nb private key',
|
||||
:ovn_nb_certificate => 'nb certificate',
|
||||
:ovn_sb_private_key => 'sb private key',
|
||||
:ovn_sb_certificate => 'sb certificate',
|
||||
:ovn_sb_ca_cert => 'sb ca cert',
|
||||
:ovn_nb_ca_cert => 'nb ca cert',
|
||||
:dns_servers => '<SERVICE DEFAULT>'
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4 and later and non clustered ovn dbs' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_host => ['192.168.100.99'],
|
||||
:ovn_db_clustered => false,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
} }
|
||||
it 'should configure ovn ML2 plugin with non-clustered node ips' do
|
||||
is_expected.to contain_class('neutron::plugins::ml2::ovn').with({
|
||||
:ovn_nb_connection => ['tcp:192.168.100.99:998'],
|
||||
:ovn_sb_connection => ['tcp:192.168.100.99:999'],
|
||||
:ovn_nb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:dns_servers => '<SERVICE DEFAULT>'
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4 and dns integration enabled, unbound resolvers present' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_host => ['192.168.100.99'],
|
||||
:ovn_db_clustered => false,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
:neutron_dns_integration => true,
|
||||
:unbound_resolvers => ['10.0.0.50', '10.0.3.20']
|
||||
} }
|
||||
it 'should configure ovn ML2 plugin with non-clustered node ips' do
|
||||
is_expected.to contain_class('neutron::plugins::ml2::ovn').with({
|
||||
:ovn_nb_connection => ['tcp:192.168.100.99:998'],
|
||||
:ovn_sb_connection => ['tcp:192.168.100.99:999'],
|
||||
:ovn_nb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:dns_servers => ['10.0.0.50', '10.0.3.20']
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4 and dns integration enabled, unbound resolvers missing' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_host => ['192.168.100.99'],
|
||||
:ovn_db_clustered => false,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
:neutron_dns_integration => true,
|
||||
} }
|
||||
it 'should configure ovn ML2 plugin with non-clustered node ips' do
|
||||
is_expected.to contain_class('neutron::plugins::ml2::ovn').with({
|
||||
:ovn_nb_connection => ['tcp:192.168.100.99:998'],
|
||||
:ovn_sb_connection => ['tcp:192.168.100.99:999'],
|
||||
:ovn_nb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:dns_servers => '<SERVICE DEFAULT>'
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4 and dns integration disabled, unbound resolvers present' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_host => ['192.168.100.99'],
|
||||
:ovn_db_clustered => false,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
:neutron_dns_integration => false,
|
||||
:unbound_resolvers => ['10.0.0.50', '10.0.3.20']
|
||||
} }
|
||||
it 'should configure ovn ML2 plugin with non-clustered node ips' do
|
||||
is_expected.to contain_class('neutron::plugins::ml2::ovn').with({
|
||||
:ovn_nb_connection => ['tcp:192.168.100.99:998'],
|
||||
:ovn_sb_connection => ['tcp:192.168.100.99:999'],
|
||||
:ovn_nb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:dns_servers => '<SERVICE DEFAULT>'
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4 and dns integration enabled, unbound resolvers missing, but user def DNS present' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_host => ['192.168.100.99'],
|
||||
:ovn_db_clustered => false,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
:neutron_dns_integration => true,
|
||||
:dns_servers => ['10.0.0.99']
|
||||
} }
|
||||
it 'should configure ovn ML2 plugin with non-clustered node ips' do
|
||||
is_expected.to contain_class('neutron::plugins::ml2::ovn').with({
|
||||
:ovn_nb_connection => ['tcp:192.168.100.99:998'],
|
||||
:ovn_sb_connection => ['tcp:192.168.100.99:999'],
|
||||
:ovn_nb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:dns_servers => ['10.0.0.99']
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
context 'with step 4 and dns integration disabled, but user def DNS present' do
|
||||
let(:params) { {
|
||||
:step => 4,
|
||||
:ovn_db_node_ips => ['192.168.111.10', '192.168.111.11'],
|
||||
:ovn_db_host => ['192.168.100.99'],
|
||||
:ovn_db_clustered => false,
|
||||
:ovn_sb_port => 999,
|
||||
:ovn_nb_port => 998,
|
||||
:neutron_dns_integration => false,
|
||||
:dns_servers => ['10.0.0.99']
|
||||
} }
|
||||
it 'should configure ovn ML2 plugin with non-clustered node ips' do
|
||||
is_expected.to contain_class('neutron::plugins::ml2::ovn').with({
|
||||
:ovn_nb_connection => ['tcp:192.168.100.99:998'],
|
||||
:ovn_sb_connection => ['tcp:192.168.100.99:999'],
|
||||
:ovn_nb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_nb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_private_key => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_certificate => '<SERVICE DEFAULT>',
|
||||
:ovn_sb_ca_cert => '<SERVICE DEFAULT>',
|
||||
:dns_servers => ['10.0.0.99']
|
||||
})
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
on_supported_os.each do |os, facts|
|
||||
context "on #{os}" do
|
||||
let(:facts) do
|
||||
facts.merge(OSDefaults.get_facts({ :hostname => 'node.example.com'}))
|
||||
end
|
||||
it_behaves_like 'tripleo::profile::base::neutron::plugins::ml2::ovn'
|
||||
end
|
||||
end
|
||||
|
||||
end
|
Loading…
Reference in New Issue