Moving setting validation from nova_event_callback

The newly introduced role oslo_config_validator is probably a better framework to validate settings as it's centralized and will most probably be called by sosreport for troubleshooting purpose. It only makes sense to move some setting validations to this new role when possible. This patch also adds the nova_event_callback role documentation in sphinx. Closes-Bug: #1934609 Conflicts: - playbooks/nova-event-callback.yaml Change-Id: Iac8126429773d3b63d17ad851d24e8c6f498f557 (cherry picked from commit 23992a3576) (cherry picked from commit 23a2ec2164)
2021-06-04 17:15:14 +00:00 · 2021-06-04 17:15:14 +00:00 · 0c00c50064
parent bb04fb5ad3
commit 0c00c50064
5 changed files with 51 additions and 99 deletions
--- a/doc/source/roles/role-nova_event_callback.rst
+++ b/doc/source/roles/role-nova_event_callback.rst
@ -2,6 +2,48 @@
 nova_event_callback
 ===================

+--------------
+About the role
+--------------
+
+An Ansible role to check if the **Nova** ``auth_url`` in **Neutron** is
+configured correctly on the **Overcloud Controller(s)**.
+
+Requirements
+============
+
+None.
+
+Dependencies
+============
+
+None.
+
+Example Playbook
+================
+
+.. code-block:: yaml
+
+   - hosts: Controller
+     vars:
+       neutron_config_file: /path/to/neutron.conf
+     roles:
+       - nova_event_callback
+
+License
+=======
+
+Apache
+
+Author Information
+==================
+
+**Red Hat TripleO DFG:Compute Deployment Squad**
+
+----------------
+Full Description
+----------------
+
 .. ansibleautoplugin::
   :role: roles/nova_event_callback

--- a/playbooks/nova-event-callback.yaml
+++ b/playbooks/nova-event-callback.yaml
@ -4,28 +4,13 @@
    metadata:
      name: Nova Event Callback Configuration Check
      description: |
-        This validations verifies that the Nova Event Callback feature is
-        configured which is generally enabled by default.
+        This validations verifies that the Nova auth_url in neutron,
+        which is generally enabled by default, is configured correctly
        It checks the following files on the Overcloud Controller(s):

-        - /etc/nova/nova.conf:
-          [DEFAULT]/vif_plugging_is_fatal = True
-          [DEFAULT]/vif_plugging_timeout >= 300
-        - /etc/neutron/neutron.conf:
-          [nova]/auth_url = 'http://nova_admin_auth_ip:5000'
-          [nova]/tenant_name = 'service'
-          [DEFAULT]/notify_nova_on_port_data_changes = True
-          [DEFAULT]/notify_nova_on_port_status_changes = True
-
+        - **/etc/neutron/neutron.conf**: [nova]/auth_url = 'http://nova_admin_auth_ip:5000'
      groups:
        - post-deployment
-    nova_config_file: /var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf
    neutron_config_file: /var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf
-    vif_plugging_fatal_check: "vif_plugging_is_fatal"
-    vif_plugging_timeout_check: "vif_plugging_timeout"
-    vif_plugging_timeout_value_min: 300
-    notify_nova_on_port_data_check: "notify_nova_on_port_data_changes"
-    notify_nova_on_port_status_check: "notify_nova_on_port_status_changes"
-    tenant_name_check: "tenant_name"
  roles:
    - nova_event_callback
--- a/roles/nova_event_callback/defaults/main.yml
+++ b/roles/nova_event_callback/defaults/main.yml
@ -1,9 +1,3 @@
 ---
-nova_config_file: /var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf
+# Absolute path of the neutron configuration file
 neutron_config_file: /var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf
-vif_plugging_fatal_check: "vif_plugging_is_fatal"
-vif_plugging_timeout_check: "vif_plugging_timeout"
-vif_plugging_timeout_value_min: 300
-notify_nova_on_port_data_check: "notify_nova_on_port_data_changes"
-notify_nova_on_port_status_check: "notify_nova_on_port_status_changes"
-tenant_name_check: "tenant_name"
--- a/roles/nova_event_callback/tasks/main.yml
+++ b/roles/nova_event_callback/tasks/main.yml
@ -1,35 +1,7 @@
 ---
- name: Get vif_plugging_fatal value from nova.conf
-  become: true
-  validations_read_ini:
-    path: "{{ nova_config_file }}"
-    section: DEFAULT
-    key: "{{ vif_plugging_fatal_check }}"
-    ignore_missing_file: true
-  register: vif_plugging_fatal_value
-
- name: Get vif_plugging_timeout value from nova.conf
-  become: true
-  validations_read_ini:
-    path: "{{ nova_config_file }}"
-    section: DEFAULT
-    key: "{{ vif_plugging_timeout_check }}"
-    ignore_missing_file: true
-  register: vif_plugging_timeout_value
-
- name: Ensure vif plugging timeout minimum
-  fail:
-    msg: "vif_plugging_timeout is below minimum value. Minimum: {{ vif_plugging_timeout_value_min|ing }}. Current value: {{ vig_plugging_timeout_value }}"
-  when: "{{ vif_plugging_timeout_value|int < vif_plugging_timeout_value_min|int }}"
-
- name: Ensure vif plugging is fatal
-  fail:
-    msg: "vif_plugging_fatal should be set to True. Current value: {{ vif_plugging_fatal_value }}."
-  when: "not {{ vif_plugging_fatal_value|bool }}"
-
 - name: Get auth_url value from hiera
  become: true
-  command: hiera -c /etc/puppet/hiera.yaml neutron::server::notifications::auth_url
+  command: hiera -c /etc/puppet/hiera.yaml neutron::server::notifications::nova::auth_url
  ignore_errors: true
  changed_when: false
  register: auth_url
@ -50,38 +22,3 @@
      {{ neutron_auth_url_result.value or 'None' }}
      but it should be set to {{ auth_url.stdout }}.
  failed_when: "neutron_auth_url_result.value != auth_url.stdout"
-
- name: Get Notify Nova settings values from neutron.conf
-  become: true
-  validations_read_ini:
-    path: "{{ neutron_config_file }}"
-    section: DEFAULT
-    key: "{{ item }}"
-    ignore_missing_file: true
-  register: neutron_notify_nova_result
-  with_items:
-    - "{{ notify_nova_on_port_data_check }}"
-    - "{{ notify_nova_on_port_status_check }}"
-
- name: Check Notify Nova settings values
-  fail:
-    msg: "{{ item.item }} should be set ro True. Current value: {{ item.value }}."
-  when: not item.value|bool or item.value == None
-  with_items: "{{ neutron_notify_nova_result.results }}"
-
- name: Get Tenant Name setting value from neutron.conf
-  become: true
-  validations_read_ini:
-    path: "{{ neutron_config_file }}"
-    section: nova
-    key: "{{ tenant_name_check }}"
-    ignore_missing_file: true
-  register: neutron_tenant_name_result
-
- name: Check Tenant Name settings value
-  fail:
-    msg: >-
-      [nova]/tenant_name from {{ neutron_config_file }} is set to
-      {{ neutron_tenant_name_result.value or 'None' }}
-      but it should be set to 'service'.
-  when: neutron_tenant_name_result.value != 'service'
--- a/roles/nova_event_callback/vars/main.yml
+++ b/roles/nova_event_callback/vars/main.yml
@ -2,16 +2,10 @@
 metadata:
  name: Nova Event Callback Configuration Check
  description: >
-    This validations verifies that the Nova Event Callback feature is
-    configured which is generally enabled by default.
+    This validations verifies that the Nova auth_url in neutron,
+    which is generally enabled by default, is configured correctly
    It checks the following files on the Overcloud Controller(s):
-      - /etc/nova/nova.conf:
-        [DEFAULT]/vif_plugging_is_fatal = True
-        [DEFAULT]/vif_plugging_timeout >= 300
-      - /etc/neutron/neutron.conf:
-        [nova]/auth_url = 'http://nova_admin_auth_ip:5000'
-        [nova]/tenant_name = 'service'
-        [DEFAULT]/notify_nova_on_port_data_changes = True
-        [DEFAULT]/notify_nova_on_port_status_changes = True
+    - /etc/neutron/neutron.conf:
+      [nova]/auth_url = 'http://nova_admin_auth_ip:5000'
  groups:
    - post-deployment