Merge "Configure ovn sb connection for the ovn provider"

This commit is contained in:
Zuul 2022-07-14 14:14:08 +00:00 committed by Gerrit Code Review
commit fff374176b
2 changed files with 54 additions and 2 deletions

View File

@ -42,7 +42,11 @@
#
# [*ovn_nb_port*]
# (Optional) Port number on which northbound database is listening
# Defaults to lookup('ovn::northbound::port')
# Defaults to lookup('ovn::northbound::port', undef, undef, undef)
#
# [*ovn_sb_port*]
# (Optional) Port number on which southbound database is listening
# Defaults to lookup('ovn::southbound::port', undef, undef, undef)
#
# [*ovn_nb_private_key*]
# (optional) The PEM file with private key for SSL connection to OVN-NB-DB
@ -58,6 +62,20 @@
# verify certificates presented to it by SSL peers
# Defaults to $::os_service_default
#
# [*ovn_sb_private_key*]
# (optional) The PEM file with private key for SSL connection to OVN-SB-DB
# Defaults to $::os_service_default
#
# [*ovn_sb_certificate*]
# (optional) The PEM file with certificate that certifies the
# private key specified in ovn_sb_private_key
# Defaults to $::os_service_default
#
# [*ovn_sb_ca_cert*]
# (optional) The PEM file with CA certificate that OVN should use to
# verify certificates presented to it by SSL peers
# Defaults to $::os_service_default
#
class tripleo::profile::base::octavia::provider::ovn (
$step = Integer(lookup('step')),
$protocol = lookup('ovn_nb_connection_protocol', undef, undef, 'tcp'),
@ -65,9 +83,13 @@ class tripleo::profile::base::octavia::provider::ovn (
$ovn_db_node_ips = lookup('ovn_dbs_node_ips', undef, undef, undef),
$ovn_db_clustered = lookup('ovn_db_clustered', undef, undef, false),
$ovn_nb_port = lookup('ovn::northbound::port', undef, undef, undef),
$ovn_sb_port = lookup('ovn::southbound::port', undef, undef, undef),
$ovn_nb_private_key = $::os_service_default,
$ovn_nb_certificate = $::os_service_default,
$ovn_nb_ca_cert = $::os_service_default
$ovn_nb_ca_cert = $::os_service_default,
$ovn_sb_private_key = $::os_service_default,
$ovn_sb_certificate = $::os_service_default,
$ovn_sb_ca_cert = $::os_service_default,
) {
include tripleo::profile::base::octavia::api
@ -78,23 +100,35 @@ class tripleo::profile::base::octavia::provider::ovn (
if $::tripleo::profile::base::octavia::api::ovn_db_host and !is_service_default(::tripleo::profile::base::octavia::api::ovn_db_host) {
$ovn_db_hosts_real = any2array($::tripleo::profile::base::octavia::api::ovn_db_host)
$ovn_nb_port_real = $::tripleo::profile::base::octavia::api::ovn_nb_port
# NOTE(beagles): there is no backwards compatible case for the sb_port but I'm
# adding this line for consistency.
$ovn_sb_port_real = $ovn_sb_port
} elsif $ovn_db_clustered {
$ovn_db_hosts_real = any2array($ovn_db_node_ips)
$ovn_nb_port_real = $ovn_nb_port
$ovn_sb_port_real = $ovn_sb_port
} else {
$ovn_db_hosts_real = any2array($ovn_db_host)
$ovn_nb_port_real = $ovn_nb_port
$ovn_sb_port_real = $ovn_sb_port
}
if ! empty($ovn_db_hosts_real) {
$nb_conn = $ovn_db_hosts_real.map |$h| {
join([$protocol, normalize_ip_for_uri($h), "${ovn_nb_port_real}"].filter |$c| { !$c.empty() }, ':')
}
$sb_conn = $ovn_db_hosts_real.map |$h| {
join([$protocol, normalize_ip_for_uri($h), "${ovn_sb_port_real}"].filter |$c| { !$c.empty() }, ':')
}
class { 'octavia::provider::ovn':
ovn_nb_connection => join(any2array($nb_conn), ','),
ovn_sb_connection => join(any2array($sb_conn), ','),
ovn_nb_private_key => $ovn_nb_private_key,
ovn_nb_certificate => $ovn_nb_certificate,
ovn_nb_ca_cert => $ovn_nb_ca_cert,
ovn_sb_private_key => $ovn_sb_private_key,
ovn_sb_certificate => $ovn_sb_certificate,
ovn_sb_ca_cert => $ovn_sb_ca_cert,
}
}
}

View File

@ -64,6 +64,7 @@ eos
:step => 4,
:protocol => 'tcp',
:ovn_nb_port => '6641',
:ovn_sb_port => '6642',
})
end
@ -78,14 +79,19 @@ eos
:step => 4,
:ovn_db_host => '127.0.0.1',
:ovn_nb_port => '6641',
:ovn_sb_port => '6642',
})
end
it 'should set octavia provider ovn nb connection using tcp' do
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_connection => 'tcp:127.0.0.1:6641')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_connection => 'tcp:127.0.0.1:6642')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_private_key => '<SERVICE DEFAULT>')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_certificate => '<SERVICE DEFAULT>')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_ca_cert => '<SERVICE DEFAULT>')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_private_key => '<SERVICE DEFAULT>')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_certificate => '<SERVICE DEFAULT>')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_ca_cert => '<SERVICE DEFAULT>')
end
end
@ -96,17 +102,25 @@ eos
:protocol => 'ssl',
:ovn_db_host => '192.168.123.111',
:ovn_nb_port => '6641',
:ovn_sb_port => '6642',
:ovn_nb_private_key => '/foo.key',
:ovn_nb_certificate => '/foo.pem',
:ovn_nb_ca_cert => '/ca_foo.pem',
:ovn_sb_private_key => '/bar.key',
:ovn_sb_certificate => '/bar.pem',
:ovn_sb_ca_cert => '/ca_bar.pem',
})
end
it 'should set octavia provider ovn nb connection using ssl' do
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_connection => 'ssl:192.168.123.111:6641')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_connection => 'ssl:192.168.123.111:6642')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_private_key => '/foo.key')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_certificate => '/foo.pem')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_nb_ca_cert => '/ca_foo.pem')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_private_key => '/bar.key')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_certificate => '/bar.pem')
is_expected.to contain_class('octavia::provider::ovn').with(:ovn_sb_ca_cert => '/ca_bar.pem')
end
end
@ -118,6 +132,7 @@ eos
:ovn_db_node_ips => ['192.0.2.11', '192.0.2.12'],
:ovn_db_clustered => true,
:ovn_nb_port => '6641',
:ovn_sb_port => '6642',
})
end
@ -125,6 +140,9 @@ eos
is_expected.to contain_class('octavia::provider::ovn').with(
:ovn_nb_connection => 'tcp:192.0.2.11:6641,tcp:192.0.2.12:6641'
)
is_expected.to contain_class('octavia::provider::ovn').with(
:ovn_sb_connection => 'tcp:192.0.2.11:6642,tcp:192.0.2.12:6642'
)
end
end