loadbalancer: fail if VIP is incorrect

Fails the catalog if OpenStack or Galera IP are not in the Keepalived
VIP list.
It avoids configuration mistakes.

Bug #237

Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>

manifests/loadbalancer.pp

@@ -242,6 +242,17 @@ class cloud::loadbalancer(
     $keepalived_public_ipvs_real = $keepalived_public_ipvs
   }
 
+  # Fail if OpenStack and Galera VIP are  not in the VIP list
+  if $vip_public_ip and !($vip_public_ip in $keepalived_public_ipvs_real) {
+    fail('vip_public_ip should be part of keepalived_public_ipvs.')
+  }
+  if $vip_internal_ip and !($vip_internal_ip in $keepalived_internal_ipvs) {
+    fail('vip_internal_ip should be part of keepalived_internal_ipvs.')
+  }
+  if $galera_ip and !(($galera_ip in $keepalived_public_ipvs_real) or ($galera_ip in $keepalived_internal_ipvs)) {
+    fail('galera_ip should be part of keepalived_public_ipvs or keepalived_internal_ipvs.')
+  }
+
   # Ensure Keepalived is started before HAproxy to avoid binding errors.
   class { 'keepalived': } ->
   class { 'haproxy': }

spec/classes/cloud_loadbalancer_spec.rb

@@ -46,8 +46,8 @@ describe 'cloud::loadbalancer' do
         :keepalived_public_ipvs            => ['10.0.0.1', '10.0.0.2'],
         :horizon_port                      => '80',
         :spice_port                        => '6082',
-        :vip_public_ip                     => '10.0.0.3',
-        :galera_ip                         => '10.0.0.4',
+        :vip_public_ip                     => '10.0.0.1',
+        :galera_ip                         => '10.0.0.2',
         :ks_ceilometer_public_port         => '8777',
         :ks_nova_public_port               => '8774',
         :ks_ec2_public_port                => '8773',
@@ -93,6 +93,8 @@ describe 'cloud::loadbalancer' do
       before :each do
         params.merge!(
           :keepalived_ipvs      => ['192.168.0.2'],
+          :vip_public_ip        => '192.168.0.2',
+          :galera_ip            => '192.168.0.2',
           :keepalived_interface => 'eth3'
         )
       end
@@ -169,6 +171,43 @@ describe 'cloud::loadbalancer' do
       )}
     end # configure monitor haproxy listen
 
+    context 'with a public OpenStack VIP not in the keepalived VIP list' do
+      before :each do
+        params.merge!(
+          :vip_public_ip          => '172.16.0.1',
+          :keepalived_public_ipvs => ['192.168.0.1', '192.168.0.2']
+        )
+      end
+      it 'should fail to configure HAproxy' do
+        expect { should contain_class('cloud::loadbalancer') }.to raise_error(Puppet::Error, /vip_public_ip should be part of keepalived_public_ipvs./)
+      end
+    end
+
+    context 'with an internal OpenStack VIP not in the keepalived VIP list' do
+      before :each do
+        params.merge!(
+          :vip_internal_ip          => '172.16.0.1',
+          :keepalived_internal_ipvs => ['192.168.0.1', '192.168.0.2']
+        )
+      end
+      it 'should fail to configure HAproxy' do
+        expect { should contain_class('cloud::loadbalancer') }.to raise_error(Puppet::Error, /vip_internal_ip should be part of keepalived_internal_ipvs./)
+      end
+    end
+
+    context 'with a Galera VIP not in the keepalived VIP list' do
+      before :each do
+        params.merge!(
+          :galera_ip                => '172.16.0.1',
+          :vip_public_ip            => '192.168.0.1',
+          :keepalived_public_ipvs   => ['192.168.0.1', '192.168.0.2'],
+          :keepalived_internal_ipvs => ['192.168.1.1', '192.168.1.2']
+        )
+      end
+      it 'should fail to configure HAproxy' do
+        expect { should contain_class('cloud::loadbalancer') }.to raise_error(Puppet::Error, /galera_ip should be part of keepalived_public_ipvs or keepalived_internal_ipvs./)
+      end
+    end
   end # shared:: openstack loadbalancer
 
   context 'on Debian platforms' do