From b86b09c252bcb68e7bf5f3a29ca378d3fb873d6c Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Tue, 16 Sep 2014 13:24:37 -0400 Subject: [PATCH] Revert "loadbalancer: Allow user to bind multiple public/private ips" Error to compile the catalog: Error: Could not retrieve catalog from remote server: Error 400 on SERVER: member(): Requires array to work with at /etc/puppet/modules/cloud/manifests/loadbalancer.pp:262 on node os-ci-test10 Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run The patch is going to be reverted and redone by spredzy. This reverts commit 78397ab2406c66f76614b91672e5b2320f6cdfab. Signed-off-by: Emilien Macchi --- .fixtures.yml | 2 +- Puppetfile | 4 +--- manifests/loadbalancer.pp | 8 ++++---- manifests/loadbalancer/binding.pp | 2 +- manifests/loadbalancer/listen_http.pp | 2 +- spec/classes/cloud_loadbalancer_spec.rb | 17 ----------------- 6 files changed, 8 insertions(+), 27 deletions(-) diff --git a/.fixtures.yml b/.fixtures.yml index e12e6c99..7ff35100 100644 --- a/.fixtures.yml +++ b/.fixtures.yml @@ -98,7 +98,7 @@ fixtures: ref: '4592bfd59cd5d4795069798a14b483e16c98c1ff' 'stdlib': repo: 'git://github.com/enovance/puppetlabs-stdlib.git' - ref: '8a9b2dfc0e463bec39c00c82c30e0a8a8b7867f3' + ref: '224b8f9a191f635b03ee900a9bf87bfdb0f1a6ed' 'xinetd': repo: 'git://github.com/enovance/puppetlabs-xinetd.git' ref: '7557af0e418d1a587df04fe7d01322ff2473c32e' diff --git a/Puppetfile b/Puppetfile index d5315311..b910844b 100644 --- a/Puppetfile +++ b/Puppetfile @@ -140,11 +140,9 @@ mod 'ssh', mod 'rsyslog', :git => 'git://github.com/enovance/puppet-rsyslog.git', :ref => '67c7c501b916ebd1a27a8a218d49602339526c4f' -#TODO(Spredzy) come back to upstream after -# https://github.com/puppetlabs/puppetlabs-stdlib/pull/319 mod 'stdlib', :git => 'git://github.com/enovance/puppetlabs-stdlib.git', - :ref => '8a9b2dfc0e463bec39c00c82c30e0a8a8b7867f3' + :ref => '224b8f9a191f635b03ee900a9bf87bfdb0f1a6ed' mod 'sysctl', :git => 'git://github.com/enovance/puppet-sysctl.git', :ref => '4a463384e844f51b270428643a5b8beb3628e854' diff --git a/manifests/loadbalancer.pp b/manifests/loadbalancer.pp index 17a900c7..ec0b3c55 100644 --- a/manifests/loadbalancer.pp +++ b/manifests/loadbalancer.pp @@ -259,13 +259,13 @@ class cloud::loadbalancer( # end of deprecation support # Fail if OpenStack and Galera VIP are not in the VIP list - if $vip_public_ip and !(member($keepalived_public_ipvs_real, $vip_public_ip)) { + if $vip_public_ip and !($vip_public_ip in $keepalived_public_ipvs_real) { fail('vip_public_ip should be part of keepalived_public_ipvs.') } - if $vip_internal_ip and !(member($keepalived_internal_ipvs,$vip_internal_ip)) { + if $vip_internal_ip and !($vip_internal_ip in $keepalived_internal_ipvs) { fail('vip_internal_ip should be part of keepalived_internal_ipvs.') } - if $galera_ip and !((member($keepalived_public_ipvs_real,$galera_ip)) or (member($keepalived_internal_ipvs,$galera_ip))) { + if $galera_ip and !(($galera_ip in $keepalived_public_ipvs_real) or ($galera_ip in $keepalived_internal_ipvs)) { fail('galera_ip should be part of keepalived_public_ipvs or keepalived_internal_ipvs.') } @@ -484,7 +484,7 @@ class cloud::loadbalancer( bind_options => $horizon_ssl_bind_options, } - if (member($keepalived_public_ipvs_real, $galera_ip)) { + if ($galera_ip in $keepalived_public_ipvs_real) { warning('Exposing Galera cluster to public network is a security issue.') } haproxy::listen { 'galera_cluster': diff --git a/manifests/loadbalancer/binding.pp b/manifests/loadbalancer/binding.pp index c315b537..d24fc195 100644 --- a/manifests/loadbalancer/binding.pp +++ b/manifests/loadbalancer/binding.pp @@ -49,7 +49,7 @@ define cloud::loadbalancer::binding ( $listen_ip_real = $all_vip_array } else { # when binding is specified in parameter - if (member($all_vip_array, $ip)) { + if ($ip in $all_vip_array) { $listen_ip_real = $ip } else { fail("${ip} is not part of VIP pools.") diff --git a/manifests/loadbalancer/listen_http.pp b/manifests/loadbalancer/listen_http.pp index bb1a26da..e03980ba 100644 --- a/manifests/loadbalancer/listen_http.pp +++ b/manifests/loadbalancer/listen_http.pp @@ -22,7 +22,7 @@ define cloud::loadbalancer::listen_http( $httpchk = 'httpchk', $options = {}, $bind_options = [], - $listen_ip = ['0.0.0.0']) { + $listen_ip = '0.0.0.0') { $options_basic = {'mode' => 'http', 'balance' => 'roundrobin', diff --git a/spec/classes/cloud_loadbalancer_spec.rb b/spec/classes/cloud_loadbalancer_spec.rb index dc5f3ad0..9e2eb05c 100644 --- a/spec/classes/cloud_loadbalancer_spec.rb +++ b/spec/classes/cloud_loadbalancer_spec.rb @@ -247,23 +247,6 @@ describe 'cloud::loadbalancer' do )} end - context 'configure OpenStack binding on IPv4 and IPv6 public ip' do - before do - params.merge!( - :nova_api => true, - :galera_ip => '172.16.0.1', - :vip_public_ip => ['172.16.0.1', '2001:0db8:85a3:0000:0000:8a2e:0370:7334'], - :vip_internal_ip => '192.168.0.1', - :keepalived_public_ipvs => ['172.16.0.1', '172.16.0.2', '2001:0db8:85a3:0000:0000:8a2e:0370:7334'], - :keepalived_internal_ipvs => ['192.168.0.1', '192.168.0.2'] - ) - end - it { should contain_haproxy__listen('nova_api_cluster').with( - :ipaddress => ['172.16.0.1', '2001:0db8:85a3:0000:0000:8a2e:0370:7334', '192.168.0.1'], - :ports => '8774' - )} - end - context 'disable an OpenStack service binding' do before do params.merge!(:metadata_api => false)