Merge "Configure ovn sb connection for the ovn provider"
This commit is contained in:
commit
fff374176b
|
@ -42,7 +42,11 @@
|
|||
#
|
||||
# [*ovn_nb_port*]
|
||||
# (Optional) Port number on which northbound database is listening
|
||||
# Defaults to lookup('ovn::northbound::port')
|
||||
# Defaults to lookup('ovn::northbound::port', undef, undef, undef)
|
||||
#
|
||||
# [*ovn_sb_port*]
|
||||
# (Optional) Port number on which southbound database is listening
|
||||
# Defaults to lookup('ovn::southbound::port', undef, undef, undef)
|
||||
#
|
||||
# [*ovn_nb_private_key*]
|
||||
# (optional) The PEM file with private key for SSL connection to OVN-NB-DB
|
||||
|
@ -58,6 +62,20 @@
|
|||
# verify certificates presented to it by SSL peers
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*ovn_sb_private_key*]
|
||||
# (optional) The PEM file with private key for SSL connection to OVN-SB-DB
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*ovn_sb_certificate*]
|
||||
# (optional) The PEM file with certificate that certifies the
|
||||
# private key specified in ovn_sb_private_key
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*ovn_sb_ca_cert*]
|
||||
# (optional) The PEM file with CA certificate that OVN should use to
|
||||
# verify certificates presented to it by SSL peers
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
class tripleo::profile::base::octavia::provider::ovn (
|
||||
$step = Integer(lookup('step')),
|
||||
$protocol = lookup('ovn_nb_connection_protocol', undef, undef, 'tcp'),
|
||||
|
@ -65,9 +83,13 @@ class tripleo::profile::base::octavia::provider::ovn (
|
|||
$ovn_db_node_ips = lookup('ovn_dbs_node_ips', undef, undef, undef),
|
||||
$ovn_db_clustered = lookup('ovn_db_clustered', undef, undef, false),
|
||||
$ovn_nb_port = lookup('ovn::northbound::port', undef, undef, undef),
|
||||
$ovn_sb_port = lookup('ovn::southbound::port', undef, undef, undef),
|
||||
$ovn_nb_private_key = $::os_service_default,
|
||||
$ovn_nb_certificate = $::os_service_default,
|
||||
$ovn_nb_ca_cert = $::os_service_default
|
||||
$ovn_nb_ca_cert = $::os_service_default,
|
||||
$ovn_sb_private_key = $::os_service_default,
|
||||
$ovn_sb_certificate = $::os_service_default,
|
||||
$ovn_sb_ca_cert = $::os_service_default,
|
||||
) {
|
||||
|
||||
include tripleo::profile::base::octavia::api
|
||||
|
@ -78,23 +100,35 @@ class tripleo::profile::base::octavia::provider::ovn (
|
|||
if $::tripleo::profile::base::octavia::api::ovn_db_host and !is_service_default(::tripleo::profile::base::octavia::api::ovn_db_host) {
|
||||
$ovn_db_hosts_real = any2array($::tripleo::profile::base::octavia::api::ovn_db_host)
|
||||
$ovn_nb_port_real = $::tripleo::profile::base::octavia::api::ovn_nb_port
|
||||
# NOTE(beagles): there is no backwards compatible case for the sb_port but I'm
|
||||
# adding this line for consistency.
|
||||
$ovn_sb_port_real = $ovn_sb_port
|
||||
} elsif $ovn_db_clustered {
|
||||
$ovn_db_hosts_real = any2array($ovn_db_node_ips)
|
||||
$ovn_nb_port_real = $ovn_nb_port
|
||||
$ovn_sb_port_real = $ovn_sb_port
|
||||
} else {
|
||||
$ovn_db_hosts_real = any2array($ovn_db_host)
|
||||
$ovn_nb_port_real = $ovn_nb_port
|
||||
$ovn_sb_port_real = $ovn_sb_port
|
||||
}
|
||||
|
||||
if ! empty($ovn_db_hosts_real) {
|
||||
$nb_conn = $ovn_db_hosts_real.map |$h| {
|
||||
join([$protocol, normalize_ip_for_uri($h), "${ovn_nb_port_real}"].filter |$c| { !$c.empty() }, ':')
|
||||
}
|
||||
$sb_conn = $ovn_db_hosts_real.map |$h| {
|
||||
join([$protocol, normalize_ip_for_uri($h), "${ovn_sb_port_real}"].filter |$c| { !$c.empty() }, ':')
|
||||
}
|
||||
class { 'octavia::provider::ovn':
|
||||
ovn_nb_connection => join(any2array($nb_conn), ','),
|
||||
ovn_sb_connection => join(any2array($sb_conn), ','),
|
||||
ovn_nb_private_key => $ovn_nb_private_key,
|
||||
ovn_nb_certificate => $ovn_nb_certificate,
|
||||
ovn_nb_ca_cert => $ovn_nb_ca_cert,
|
||||
ovn_sb_private_key => $ovn_sb_private_key,
|
||||
ovn_sb_certificate => $ovn_sb_certificate,
|
||||
ovn_sb_ca_cert => $ovn_sb_ca_cert,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -64,6 +64,7 @@ eos
|
|||
:step => 4,
|
||||
:protocol => 'tcp',
|
||||
:ovn_nb_port => '6641',
|
||||
:ovn_sb_port => '6642',
|
||||
})
|
||||
end
|
||||
|
||||
|
@ -78,14 +79,19 @@ eos
|
|||
:step => 4,
|
||||
:ovn_db_host => '127.0.0.1',
|
||||
:ovn_nb_port => '6641',
|
||||
:ovn_sb_port => '6642',
|
||||
})
|
||||
end
|
||||
|
||||
it 'should set octavia provider ovn nb connection using tcp' do
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_connection => 'tcp:127.0.0.1:6641')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_connection => 'tcp:127.0.0.1:6642')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_private_key => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_certificate => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_ca_cert => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_private_key => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_certificate => '<SERVICE DEFAULT>')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_ca_cert => '<SERVICE DEFAULT>')
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -96,17 +102,25 @@ eos
|
|||
:protocol => 'ssl',
|
||||
:ovn_db_host => '192.168.123.111',
|
||||
:ovn_nb_port => '6641',
|
||||
:ovn_sb_port => '6642',
|
||||
:ovn_nb_private_key => '/foo.key',
|
||||
:ovn_nb_certificate => '/foo.pem',
|
||||
:ovn_nb_ca_cert => '/ca_foo.pem',
|
||||
:ovn_sb_private_key => '/bar.key',
|
||||
:ovn_sb_certificate => '/bar.pem',
|
||||
:ovn_sb_ca_cert => '/ca_bar.pem',
|
||||
})
|
||||
end
|
||||
|
||||
it 'should set octavia provider ovn nb connection using ssl' do
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_connection => 'ssl:192.168.123.111:6641')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_connection => 'ssl:192.168.123.111:6642')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_private_key => '/foo.key')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_certificate => '/foo.pem')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_ca_cert => '/ca_foo.pem')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_private_key => '/bar.key')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_certificate => '/bar.pem')
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_ca_cert => '/ca_bar.pem')
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -118,6 +132,7 @@ eos
|
|||
:ovn_db_node_ips => ['192.0.2.11', '192.0.2.12'],
|
||||
:ovn_db_clustered => true,
|
||||
:ovn_nb_port => '6641',
|
||||
:ovn_sb_port => '6642',
|
||||
})
|
||||
end
|
||||
|
||||
|
@ -125,6 +140,9 @@ eos
|
|||
is_expected.to contain_class('octavia::provider::ovn').with(
|
||||
:ovn_nb_connection => 'tcp:192.0.2.11:6641,tcp:192.0.2.12:6641'
|
||||
)
|
||||
is_expected.to contain_class('octavia::provider::ovn').with(
|
||||
:ovn_sb_connection => 'tcp:192.0.2.11:6642,tcp:192.0.2.12:6642'
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue