openstack
/
tripleo-validations
Code Issues Proposed changes

Add nova-event-callback role 

This patch adds the nova-event-callback role created from
validations/nova-event-callback.yaml.

Change-Id: I565b7adccd5ec716a14a5dd2ae4c060a0e802448
Implements: blueprint validation-framework
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
This commit is contained in:
Gael Chamoulaud 2019-02-25 15:08:38 +01:00
parent d80e3277af
commit d0c7b3afc2
5 changed files with 162 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
playbooks/nova-event-callback.yaml Normal file
View File

@ -0,0 +1,29 @@
---
- hosts: Controller
vars:
metadata:
name: Nova Event Callback Configuration Check
description: >
This validations verifies that the Nova Event Callback feature is
configured which is generally enabled by default.
It checks the following files on the Overcloud Controller(s):
- /etc/nova/nova.conf:
[DEFAULT]/vif_plugging_is_fatal = True
[DEFAULT]/vif_plugging_timeout >= 300
- /etc/neutron/neutron.conf:
[nova]/auth_url = 'http://nova_admin_auth_ip:5000'
[nova]/tenant_name = 'service'
[DEFAULT]/notify_nova_on_port_data_changes = True
[DEFAULT]/notify_nova_on_port_status_changes = True
groups:
- post-deployment
nova_config_file: /var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf
neutron_config_file: /var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf
vif_plugging_fatal_check: "vif_plugging_is_fatal"
vif_plugging_timeout_check: "vif_plugging_timeout"
vif_plugging_timeout_value_min: 300
notify_nova_on_port_data_check: "notify_nova_on_port_data_changes"
notify_nova_on_port_status_check: "notify_nova_on_port_status_changes"
tenant_name_check: "tenant_name"
roles:
- nova-event-callback

9
roles/nova-event-callback/defaults/main.yml Normal file
View File

@ -0,0 +1,9 @@
---
nova_config_file: /var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf
neutron_config_file: /var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf
vif_plugging_fatal_check: "vif_plugging_is_fatal"
vif_plugging_timeout_check: "vif_plugging_timeout"
vif_plugging_timeout_value_min: 300
notify_nova_on_port_data_check: "notify_nova_on_port_data_changes"
notify_nova_on_port_status_check: "notify_nova_on_port_status_changes"
tenant_name_check: "tenant_name"

27
roles/nova-event-callback/meta/main.yml Normal file
View File

@ -0,0 +1,27 @@
galaxy_info:
author: TripleO Validations Team
company: Red Hat
license: Apache
min_ansible_version: 2.4
platforms:
- name: CentOS
versions:
- 7
- name: RHEL
versions:
- 7
categories:
- cloud
- baremetal
- system
galaxy_tags: []
# List tags for your role here, one per line. A tag is a keyword that describes
# and categorizes the role. Users find roles by searching for tags. Be sure to
# remove the '[]' above, if you add tags to this list.
#
# NOTE: A tag is limited to a single word comprised of alphanumeric characters.
# Maximum 20 tags per role.
dependencies: []

80
roles/nova-event-callback/tasks/main.yml Normal file
View File

@ -0,0 +1,80 @@
---
- name: Get VIF Plugging setting values from nova.conf
become: True
ini:
path: "{{ nova_config_file }}"
section: DEFAULT
key: "{{ item }}"
ignore_missing_file: true
register: nova_config_result
with_items:
- "{{ vif_plugging_fatal_check }}"
- "{{ vif_plugging_timeout_check }}"
- name: Check Nova configuration values
fail:
msg: "Value of {{ item.item }} is set to {{ item.value or 'None' }}."
when:
- "(item.item == vif_plugging_fatal_check and (not item.value|bool or None)) or
(item.item == vif_plugging_timeout_check and (item.value|int <= vif_plugging_timeout_value_min|int
or None))"
with_items: "{{ nova_config_result.results }}"
- name: Get auth_url value from hiera
become: True
command: hiera -c /etc/puppet/hiera.yaml neutron::server::notifications::auth_url
ignore_errors: True
changed_when: False
register: auth_url
- name: Get auth_url value from neutron.conf
become: True
ini:
path: "{{ neutron_config_file }}"
section: nova
key: auth_url
ignore_missing_file: true
register: neutron_auth_url_result
- name: Check [nova]/auth_url setting value from neutron.conf
fail:
msg: >-
[nova]/auth_url from {{ neutron_config_file }} is set to
{{ neutron_auth_url_result.value or 'None' }}
but it should be set to {{ auth_url.stdout }}.
failed_when: "neutron_auth_url_result.value != auth_url.stdout"
- name: Get Notify Nova settings values from neutron.conf
become: True
ini:
path: "{{ neutron_config_file }}"
section: DEFAULT
key: "{{ item }}"
ignore_missing_file: true
register: neutron_notify_nova_result
with_items:
- "{{ notify_nova_on_port_data_check }}"
- "{{ notify_nova_on_port_status_check }}"
- name: Check Notify Nova settings values
fail:
msg: "Value of {{ item.item }} is set to {{ item.value|bool }}."
when: not item.value|bool or item.value == None
with_items: "{{ neutron_notify_nova_result.results }}"
- name: Get Tenant Name setting value from neutron.conf
become: True
ini:
path: "{{ neutron_config_file }}"
section: nova
key: "{{ tenant_name_check }}"
ignore_missing_file: true
register: neutron_tenant_name_result
- name: Check Tenant Name settings value
fail:
msg: >-
[nova]/tenant_name from {{ neutron_config_file }} is set to
{{ neutron_tenant_name_result.value or 'None' }}
but it should be set to 'service'.
when: neutron_tenant_name_result.value != 'service'

17
roles/nova-event-callback/vars/main.yml Normal file
View File

@ -0,0 +1,17 @@
---
metadata:
name: Nova Event Callback Configuration Check
description: >
This validations verifies that the Nova Event Callback feature is
configured which is generally enabled by default.
It checks the following files on the Overcloud Controller(s):
- /etc/nova/nova.conf:
[DEFAULT]/vif_plugging_is_fatal = True
[DEFAULT]/vif_plugging_timeout >= 300
- /etc/neutron/neutron.conf:
[nova]/auth_url = 'http://nova_admin_auth_ip:5000'
[nova]/tenant_name = 'service'
[DEFAULT]/notify_nova_on_port_data_changes = True
[DEFAULT]/notify_nova_on_port_status_changes = True
groups:
- post-deployment