Expose baremetal-introspection endpoint via mdns

This change adds an option to publish the endpoint via mDNS on start
up and clean it up on tear down.

Story: #2005393
Task: #30384
Change-Id: Ia9407cb065979aac6761d3e4122d3884e45b559d

devstack/plugin.sh

@@ -261,6 +261,7 @@ function configure_inspector {
 
     inspector_iniset DEFAULT debug $IRONIC_INSPECTOR_DEBUG
     inspector_configure_auth_for ironic
+    inspector_configure_auth_for service_catalog
     configure_auth_token_middleware $IRONIC_INSPECTOR_CONF_FILE $IRONIC_INSPECTOR_ADMIN_USER $IRONIC_INSPECTOR_AUTH_CACHE_DIR/api
 
     inspector_iniset DEFAULT listen_port $IRONIC_INSPECTOR_PORT

ironic_inspector/common/keystone.py

@@ -70,3 +70,8 @@ def add_auth_options(options, service_type):
     add_options(opts, adapter_opts)
     opts.sort(key=lambda x: x.name)
     return opts
+
+
+def get_endpoint(group, **kwargs):
+    return get_adapter(group, session=get_session(group)).get_endpoint(
+        **kwargs)

ironic_inspector/conductor/manager.py

@@ -17,6 +17,7 @@ import traceback as traceback_mod
 import eventlet
 from eventlet import semaphore
 from futurist import periodics
+from ironic_lib import mdns
 from oslo_config import cfg
 from oslo_log import log
 import oslo_messaging as messaging
@@ -24,6 +25,7 @@ from oslo_utils import reflection
 
 from ironic_inspector.common.i18n import _
 from ironic_inspector.common import ironic as ir_utils
+from ironic_inspector.common import keystone
 from ironic_inspector import db
 from ironic_inspector import introspect
 from ironic_inspector import node_cache
@@ -45,6 +47,7 @@ class ConductorManager(object):
 
     def __init__(self):
         self._periodics_worker = None
+        self._zeroconf = None
         self._shutting_down = semaphore.Semaphore()
 
     def init_host(self):
@@ -86,6 +89,12 @@ class ConductorManager(object):
             on_failure=self._periodics_watchdog)
         utils.executor().submit(self._periodics_worker.start)
 
+        if CONF.enable_mdns:
+            endpoint = keystone.get_endpoint('service_catalog')
+            self._zeroconf = mdns.Zeroconf()
+            self._zeroconf.register_service('baremetal-introspection',
+                                            endpoint)
+
     def del_host(self):
 
         if not self._shutting_down.acquire(blocking=False):
@@ -105,6 +114,10 @@ class ConductorManager(object):
         if utils.executor().alive:
             utils.executor().shutdown(wait=True)
 
+        if self._zeroconf is not None:
+            self._zeroconf.close()
+            self._zeroconf = None
+
         self._shutting_down.release()
         LOG.info('Shut down successfully')
 

ironic_inspector/conf/__init__.py

@@ -21,6 +21,7 @@ from ironic_inspector.conf import ironic
 from ironic_inspector.conf import pci_devices
 from ironic_inspector.conf import processing
 from ironic_inspector.conf import pxe_filter
+from ironic_inspector.conf import service_catalog
 from ironic_inspector.conf import swift
 
 
@@ -36,4 +37,5 @@ ironic.register_opts(CONF)
 pci_devices.register_opts(CONF)
 processing.register_opts(CONF)
 pxe_filter.register_opts(CONF)
+service_catalog.register_opts(CONF)
 swift.register_opts(CONF)

ironic_inspector/conf/default.py

@@ -76,6 +76,9 @@ _OPTS = [
                        'can manage PXE booting of nodes. If set to False, '
                        'the API will reject introspection requests with '
                        'manage_boot missing or set to True.')),
+    cfg.BoolOpt('enable_mdns', default=False,
+                help=_('Whether to enable publishing the ironic-inspector API '
+                       'endpoint via multicast DNS.')),
 ]
 
 

ironic_inspector/conf/opts.py

@@ -69,4 +69,5 @@ def list_opts():
         ('processing', ironic_inspector.conf.processing.list_opts()),
         ('pci_devices', ironic_inspector.conf.pci_devices.list_opts()),
         ('pxe_filter', ironic_inspector.conf.pxe_filter.list_opts()),
+        ('service_catalog', ironic_inspector.conf.service_catalog.list_opts()),
     ]

ironic_inspector/conf/service_catalog.py

@@ -0,0 +1,22 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from ironic_inspector.common import keystone
+
+
+def register_opts(conf):
+    keystone.register_auth_opts('service_catalog', 'baremetal-introspection')
+
+
+def list_opts():
+    return keystone.add_auth_options([], 'baremetal-introspection')

ironic_inspector/test/unit/test_manager.py

@@ -14,9 +14,11 @@
 import json
 
 import fixtures
+from ironic_lib import mdns
 import mock
 import oslo_messaging as messaging
 
+from ironic_inspector.common import keystone
 from ironic_inspector.common import swift
 from ironic_inspector.conductor import manager
 import ironic_inspector.conf
@@ -99,12 +101,14 @@ class TestManagerInitHost(BaseManagerTest):
             'Introspection data will not be stored. Change "[processing] '
             'store_data" option if this is not the desired behavior')
 
-    def test_init_host(self):
+    @mock.patch.object(mdns, 'Zeroconf', autospec=True)
+    def test_init_host(self, mock_zc):
         self.manager.init_host()
-        self.mock_db_init.asset_called_once_with()
+        self.mock_db_init.assert_called_once_with()
         self.mock_validate_processing_hooks.assert_called_once_with()
         self.mock_filter.init_filter.assert_called_once_with()
         self.assert_periodics()
+        self.assertFalse(mock_zc.called)
 
     def test_init_host_validate_processing_hooks_exception(self):
         class MyError(Exception):
@@ -123,6 +127,18 @@ class TestManagerInitHost(BaseManagerTest):
         self.mock_exit.assert_called_once_with(1)
         self.mock_filter.init_filter.assert_not_called()
 
+    @mock.patch.object(mdns, 'Zeroconf', autospec=True)
+    @mock.patch.object(keystone, 'get_endpoint', autospec=True)
+    def test_init_host_with_mdns(self, mock_endpoint, mock_zc):
+        CONF.set_override('enable_mdns', True)
+        self.manager.init_host()
+        self.mock_db_init.assert_called_once_with()
+        self.mock_validate_processing_hooks.assert_called_once_with()
+        self.mock_filter.init_filter.assert_called_once_with()
+        self.assert_periodics()
+        mock_zc.return_value.register_service.assert_called_once_with(
+            'baremetal-introspection', mock_endpoint.return_value)
+
 
 class TestManagerDelHost(BaseManagerTest):
     def setUp(self):
@@ -151,6 +167,23 @@ class TestManagerDelHost(BaseManagerTest):
         self.mock_filter.tear_down_filter.assert_called_once_with()
         self.mock__shutting_down.release.assert_called_once_with()
 
+    def test_del_host_with_mdns(self):
+        mock_zc = mock.Mock(spec=mdns.Zeroconf)
+        self.manager._zeroconf = mock_zc
+
+        self.manager.del_host()
+
+        mock_zc.close.assert_called_once_with()
+        self.assertIsNone(self.manager._zeroconf)
+        self.mock__shutting_down.acquire.assert_called_once_with(
+            blocking=False)
+        self.mock__periodic_worker.stop.assert_called_once_with()
+        self.mock__periodic_worker.wait.assert_called_once_with()
+        self.assertIsNone(self.manager._periodics_worker)
+        self.mock_executor.shutdown.assert_called_once_with(wait=True)
+        self.mock_filter.tear_down_filter.assert_called_once_with()
+        self.mock__shutting_down.release.assert_called_once_with()
+
     def test_del_host_race(self):
         self.mock__shutting_down.acquire.return_value = False
 

lower-constraints.txt

@@ -32,7 +32,7 @@ greenlet==0.4.13
 hacking==1.0.0
 idna==2.6
 imagesize==1.0.0
-ironic-lib==2.5.0
+ironic-lib==2.17.0
 iso8601==0.1.12
 itsdangerous==0.24
 Jinja2==2.10

releasenotes/notes/mdns-a5f4034257139e31.yaml

@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    A new option ``enable_mdns`` allows to enable publishing the baremetal
+    introspection API endpoint via mDNS as specified in the `API SIG guideline
+    <http://specs.openstack.org/openstack/api-sig/guidelines/dns-sd.html>`_.

requirements.txt

@@ -8,7 +8,7 @@ construct<2.9,>=2.8.10 # MIT
 eventlet!=0.18.3,!=0.20.1,>=0.18.2 # MIT
 Flask!=0.11,>=0.10 # BSD
 futurist>=1.2.0 # Apache-2.0
-ironic-lib>=2.5.0 # Apache-2.0
+ironic-lib>=2.17.0 # Apache-2.0
 jsonpath-rw<2.0,>=1.2.0 # Apache-2.0
 jsonschema<3.0.0,>=2.6.0 # MIT
 keystoneauth1>=3.4.0 # Apache-2.0

tools/config-generator.conf

@@ -1,6 +1,7 @@
 [DEFAULT]
 output_file = example.conf
 namespace = ironic_inspector
+namespace = ironic_lib.mdns
 namespace = keystonemiddleware.auth_token
 namespace = oslo.db
 namespace = oslo.log
@@ -9,4 +10,4 @@ namespace = oslo.middleware.cors
 namespace = oslo.policy
 namespace = oslo.service.service
 namespace = oslo.service.sslutils
-namespace = oslo.service.wsgi
+namespace = oslo.service.wsgi