From 4e6e9a7c2e08004d09ead1f9a16467ae856b09df Mon Sep 17 00:00:00 2001
From: Emilien Macchi <emilien.macchi@enovance.com>
Date: Mon, 28 Apr 2014 12:25:10 +0200
Subject: [PATCH] loadbalancer: fail if VIP is incorrect

Fails the catalog if OpenStack or Galera IP are not in the Keepalived
VIP list.
It avoids configuration mistakes.

Bug #237

Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
---
 manifests/loadbalancer.pp               | 11 +++++++
 spec/classes/cloud_loadbalancer_spec.rb | 43 +++++++++++++++++++++++--
 2 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp
index 0659be4c..921f439b 100644
--- a/manifests/loadbalancer.pp
+++ b/manifests/loadbalancer.pp
@@ -242,6 +242,17 @@ class cloud::loadbalancer(
     $keepalived_public_ipvs_real = $keepalived_public_ipvs
   }
 
+  # Fail if OpenStack and Galera VIP are  not in the VIP list
+  if $vip_public_ip and !($vip_public_ip in $keepalived_public_ipvs_real) {
+    fail('vip_public_ip should be part of keepalived_public_ipvs.')
+  }
+  if $vip_internal_ip and !($vip_internal_ip in $keepalived_internal_ipvs) {
+    fail('vip_internal_ip should be part of keepalived_internal_ipvs.')
+  }
+  if $galera_ip and !(($galera_ip in $keepalived_public_ipvs_real) or ($galera_ip in $keepalived_internal_ipvs)) {
+    fail('galera_ip should be part of keepalived_public_ipvs or keepalived_internal_ipvs.')
+  }
+
   # Ensure Keepalived is started before HAproxy to avoid binding errors.
   class { 'keepalived': } ->
   class { 'haproxy': }
diff --git a/spec/classes/cloud_loadbalancer_spec.rb b/spec/classes/cloud_loadbalancer_spec.rb
index bc11450e..502af640 100644
--- a/spec/classes/cloud_loadbalancer_spec.rb
+++ b/spec/classes/cloud_loadbalancer_spec.rb
@@ -46,8 +46,8 @@ describe 'cloud::loadbalancer' do
         :keepalived_public_ipvs            => ['10.0.0.1', '10.0.0.2'],
         :horizon_port                      => '80',
         :spice_port                        => '6082',
-        :vip_public_ip                     => '10.0.0.3',
-        :galera_ip                         => '10.0.0.4',
+        :vip_public_ip                     => '10.0.0.1',
+        :galera_ip                         => '10.0.0.2',
         :ks_ceilometer_public_port         => '8777',
         :ks_nova_public_port               => '8774',
         :ks_ec2_public_port                => '8773',
@@ -93,6 +93,8 @@ describe 'cloud::loadbalancer' do
       before :each do
         params.merge!(
           :keepalived_ipvs      => ['192.168.0.2'],
+          :vip_public_ip        => '192.168.0.2',
+          :galera_ip            => '192.168.0.2',
           :keepalived_interface => 'eth3'
         )
       end
@@ -169,6 +171,43 @@ describe 'cloud::loadbalancer' do
       )}
     end # configure monitor haproxy listen
 
+    context 'with a public OpenStack VIP not in the keepalived VIP list' do
+      before :each do
+        params.merge!(
+          :vip_public_ip          => '172.16.0.1',
+          :keepalived_public_ipvs => ['192.168.0.1', '192.168.0.2']
+        )
+      end
+      it 'should fail to configure HAproxy' do
+        expect { should contain_class('cloud::loadbalancer') }.to raise_error(Puppet::Error, /vip_public_ip should be part of keepalived_public_ipvs./)
+      end
+    end
+
+    context 'with an internal OpenStack VIP not in the keepalived VIP list' do
+      before :each do
+        params.merge!(
+          :vip_internal_ip          => '172.16.0.1',
+          :keepalived_internal_ipvs => ['192.168.0.1', '192.168.0.2']
+        )
+      end
+      it 'should fail to configure HAproxy' do
+        expect { should contain_class('cloud::loadbalancer') }.to raise_error(Puppet::Error, /vip_internal_ip should be part of keepalived_internal_ipvs./)
+      end
+    end
+
+    context 'with a Galera VIP not in the keepalived VIP list' do
+      before :each do
+        params.merge!(
+          :galera_ip                => '172.16.0.1',
+          :vip_public_ip            => '192.168.0.1',
+          :keepalived_public_ipvs   => ['192.168.0.1', '192.168.0.2'],
+          :keepalived_internal_ipvs => ['192.168.1.1', '192.168.1.2']
+        )
+      end
+      it 'should fail to configure HAproxy' do
+        expect { should contain_class('cloud::loadbalancer') }.to raise_error(Puppet::Error, /galera_ip should be part of keepalived_public_ipvs or keepalived_internal_ipvs./)
+      end
+    end
   end # shared:: openstack loadbalancer
 
   context 'on Debian platforms' do