Add "none" RPC transport that disables the RPC bus

When using the new combined executable in a single-conductor scenario, it may make sense to completely disable the remote RPC. The new ``rpc_transport`` value ``none`` achieves that. Change-Id: I6a83358c65b3ed213c8a991d42660ca51fc3a8ec Story: #2009676 Task: #44104
2021-11-29 11:36:06 +01:00 · 2021-11-29 11:36:06 +01:00 · 019ed2d7b1
commit 019ed2d7b1
parent 9a6f2d101b
11 changed files with 123 additions and 16 deletions
--- a/doc/source/install/standalone/configure.rst
+++ b/doc/source/install/standalone/configure.rst
@ -92,6 +92,20 @@ You should make the following changes to ``/etc/ironic/ironic.conf``:
    username = myName
    password = myPassword
 #. Starting with the Yoga release series, you can use a combined API+conductor
   service and completely disable the RPC. Set
   .. code-block:: ini
    [DEFAULT]
    rpc_transport = none
   and use the ``ironic`` executable to start the combined service.
   .. note::
      The combined service also works with RPC enabled, which can be useful for
      some deployments, but may not be advisable for all security models.
 Using CLI
 ---------
--- a/ironic/api/wsgi.py
+++ b/ironic/api/wsgi.py
@ -30,6 +30,7 @@ def initialize_wsgi_app(argv=sys.argv):
    i18n.install('ironic')
    service.prepare_command(argv)
    service.ensure_rpc_transport()
    LOG.debug("Configuration:")
    CONF.log_opt_values(LOG, log.DEBUG)
--- a/ironic/cmd/api.py
+++ b/ironic/cmd/api.py
@ -33,6 +33,7 @@ LOG = log.getLogger(__name__)
 def main():
    # Parse config file and command line options, then start logging
    ironic_service.prepare_service('ironic_api', sys.argv)
    ironic_service.ensure_rpc_transport()
    # Build and start the WSGI app
    launcher = ironic_service.process_launcher()
--- a/ironic/cmd/conductor.py
+++ b/ironic/cmd/conductor.py
@ -58,6 +58,7 @@ def main():
    # Parse config file and command line options, then start logging
    ironic_service.prepare_service('ironic_conductor', sys.argv)
    ironic_service.ensure_rpc_transport(CONF)
    mgr = rpc_service.RPCService(CONF.host,
                                 'ironic.conductor.manager',
--- a/ironic/common/rpc_service.py
+++ b/ironic/common/rpc_service.py
@ -53,19 +53,22 @@ class RPCService(service.Service):
        if CONF.rpc_transport == 'json-rpc':
            self.rpcserver = json_rpc.WSGIService(
                self.manager, serializer, context.RequestContext.from_dict)
-        else:
+        elif CONF.rpc_transport != 'none':
            target = messaging.Target(topic=self.topic, server=self.host)
            endpoints = [self.manager]
            self.rpcserver = rpc.get_server(target, endpoints, serializer)
-        self.rpcserver.start()
+
        if self.rpcserver is not None:
            self.rpcserver.start()
        self.handle_signal()
        self.manager.init_host(admin_context)
        rpc.set_global_manager(self.manager)
-        LOG.info('Created RPC server for service %(service)s on host '
+        LOG.info('Created RPC server with %(transport)s transport for service '
-                 '%(host)s.',
+                 '%(service)s on host %(host)s.',
-                 {'service': self.topic, 'host': self.host})
+                 {'service': self.topic, 'host': self.host,
                  'transport': CONF.rpc_transport})
    def stop(self):
        try:
--- a/ironic/common/service.py
+++ b/ironic/common/service.py
@ -69,3 +69,11 @@ def prepare_service(name, argv=None, conf=CONF):
 def process_launcher():
    return service.ProcessLauncher(CONF, restart_method='mutate')
 def ensure_rpc_transport(conf=CONF):
    # Only the combined ironic executable can use rpc_transport = none
    if conf.rpc_transport == 'none':
        raise RuntimeError("This service is not designed to work with "
                           "rpc_transport = none. Please use the combined "
                           "ironic executable or another RPC transport.")
--- a/ironic/conductor/rpcapi.py
+++ b/ironic/conductor/rpcapi.py
@ -174,10 +174,12 @@ class ConductorAPI(object):
            self.client = json_rpc.Client(serializer=serializer,
                                          version_cap=version_cap)
            self.topic = ''
-        else:
+        elif CONF.rpc_transport != 'none':
            target = messaging.Target(topic=self.topic, version='1.0')
            self.client = rpc.get_client(target, version_cap=version_cap,
                                         serializer=serializer)
        else:
            self.client = None
        # NOTE(tenbrae): this is going to be buggy
        self.ring_manager = hash_ring.HashRingManager()
@ -203,6 +205,13 @@ class ConductorAPI(object):
            # conductor.
            return _LOCAL_CONTEXT
        # A safeguard for the case someone uses rpc_transport=None with no
        # built-in conductor.
        if self.client is None:
            raise exception.ServiceUnavailable(
                _("Cannot use 'none' RPC to connect to remote conductor %s")
                % host)
        # Normal RPC path
        return self.client.prepare(topic=topic, version=version)
@ -276,13 +285,17 @@ class ConductorAPI(object):
        """Get RPC topic name for the current conductor."""
        return self.topic + "." + CONF.host
    def _can_send_version(self, version):
        return (self.client.can_send_version(version)
                if self.client is not None else True)
    def can_send_create_port(self):
        """Return whether the RPCAPI supports the create_port method."""
-        return self.client.can_send_version("1.41")
+        return self._can_send_version("1.41")
    def can_send_rescue(self):
        """Return whether the RPCAPI supports node rescue methods."""
-        return self.client.can_send_version("1.43")
+        return self._can_send_version("1.43")
    def create_node(self, context, node_obj, topic=None):
        """Synchronously, have a conductor validate and create a node.
@ -1047,16 +1060,16 @@ class ConductorAPI(object):
        """
        new_kws = {}
        version = '1.34'
-        if self.client.can_send_version('1.42'):
+        if self._can_send_version('1.42'):
            version = '1.42'
            new_kws['agent_version'] = agent_version
-        if self.client.can_send_version('1.49'):
+        if self._can_send_version('1.49'):
            version = '1.49'
            new_kws['agent_token'] = agent_token
-        if self.client.can_send_version('1.51'):
+        if self._can_send_version('1.51'):
            version = '1.51'
            new_kws['agent_verify_ca'] = agent_verify_ca
-        if self.client.can_send_version('1.54'):
+        if self._can_send_version('1.54'):
            version = '1.54'
            new_kws['agent_status'] = agent_status
            new_kws['agent_status_message'] = agent_status_message
@ -1082,7 +1095,7 @@ class ConductorAPI(object):
        :returns: The result of the action method, which may (or may not)
            be an instance of the implementing VersionedObject class.
        """
-        if not self.client.can_send_version('1.31'):
+        if not self._can_send_version('1.31'):
            raise NotImplementedError(_('Incompatible conductor version - '
                                        'please upgrade ironic-conductor '
                                        'first'))
@ -1108,7 +1121,7 @@ class ConductorAPI(object):
        :returns: A tuple with the updates made to the object and
            the result of the action method
        """
-        if not self.client.can_send_version('1.31'):
+        if not self._can_send_version('1.31'):
            raise NotImplementedError(_('Incompatible conductor version - '
                                        'please upgrade ironic-conductor '
                                        'first'))
@ -1133,7 +1146,7 @@ class ConductorAPI(object):
            upgrade
        :returns: The downgraded instance of objinst
        """
-        if not self.client.can_send_version('1.31'):
+        if not self._can_send_version('1.31'):
            raise NotImplementedError(_('Incompatible conductor version - '
                                        'please upgrade ironic-conductor '
                                        'first'))
--- a/ironic/conf/default.py
+++ b/ironic/conf/default.py
@ -362,7 +362,8 @@ service_opts = [
    cfg.StrOpt('rpc_transport',
               default='oslo',
               choices=[('oslo', _('use oslo.messaging transport')),
-                        ('json-rpc', _('use JSON RPC transport'))],
+                        ('json-rpc', _('use JSON RPC transport')),
                        ('none', _('No RPC, only use local conductor'))],
               help=_('Which RPC transport implementation to use between '
                      'conductor and API services')),
    cfg.BoolOpt('minimum_memory_warning_only',
--- a/ironic/tests/unit/common/test_rpc_service.py
+++ b/ironic/tests/unit/common/test_rpc_service.py
@ -55,3 +55,25 @@ class TestRPCService(base.TestCase):
        mock_init_method.assert_called_once_with(self.rpc_svc.manager,
                                                 mock_ctx.return_value)
        self.assertIs(rpc.GLOBAL_MANAGER, self.rpc_svc.manager)
    @mock.patch.object(manager.ConductorManager, 'prepare_host', autospec=True)
    @mock.patch.object(oslo_messaging, 'Target', autospec=True)
    @mock.patch.object(objects_base, 'IronicObjectSerializer', autospec=True)
    @mock.patch.object(rpc, 'get_server', autospec=True)
    @mock.patch.object(manager.ConductorManager, 'init_host', autospec=True)
    @mock.patch.object(context, 'get_admin_context', autospec=True)
    def test_start_no_rpc(self, mock_ctx, mock_init_method,
                          mock_rpc, mock_ios, mock_target,
                          mock_prepare_method):
        CONF.set_override('rpc_transport', 'none')
        self.rpc_svc.start()
        self.assertIsNone(self.rpc_svc.rpcserver)
        mock_ctx.assert_called_once_with()
        mock_target.assert_not_called()
        mock_rpc.assert_not_called()
        mock_ios.assert_called_once_with(is_server=True)
        mock_prepare_method.assert_called_once_with(self.rpc_svc.manager)
        mock_init_method.assert_called_once_with(self.rpc_svc.manager,
                                                 mock_ctx.return_value)
        self.assertIs(rpc.GLOBAL_MANAGER, self.rpc_svc.manager)
--- a/ironic/tests/unit/conductor/test_rpcapi.py
+++ b/ironic/tests/unit/conductor/test_rpcapi.py
@ -77,6 +77,12 @@ class RPCAPITestCase(db_base.DbTestCase):
            self.context, objects.Node(), self.fake_node)
        self.fake_portgroup = db_utils.get_test_portgroup()
    def test_rpc_disabled(self):
        CONF.set_override('rpc_transport', 'none')
        rpcapi = conductor_rpcapi.ConductorAPI(topic='fake-topic')
        self.assertIsNone(rpcapi.client)
        self.assertTrue(rpcapi._can_send_version('9.99'))
    def test_serialized_instance_has_uuid(self):
        self.assertIn('uuid', self.fake_node)
@ -726,6 +732,17 @@ class RPCAPITestCase(db_base.DbTestCase):
        mock_manager.create_node.assert_called_once_with(
            mock.sentinel.context, node_obj=mock.sentinel.node)
    @mock.patch.object(rpc, 'GLOBAL_MANAGER',
                       spec_set=conductor_manager.ConductorManager)
    def test_local_call_with_rpc_disabled(self, mock_manager):
        CONF.set_override('host', 'fake.host')
        CONF.set_override('rpc_transport', 'none')
        rpcapi = conductor_rpcapi.ConductorAPI(topic='fake.topic')
        rpcapi.create_node(mock.sentinel.context, mock.sentinel.node,
                           topic='fake.topic.fake.host')
        mock_manager.create_node.assert_called_once_with(
            mock.sentinel.context, node_obj=mock.sentinel.node)
    @mock.patch.object(rpc, 'GLOBAL_MANAGER',
                       spec_set=conductor_manager.ConductorManager)
    def test_local_call_host_mismatch(self, mock_manager):
@ -738,6 +755,27 @@ class RPCAPITestCase(db_base.DbTestCase):
        rpcapi.client.prepare.assert_called_once_with(
            topic='fake.topic.not-fake.host', version=mock.ANY)
    @mock.patch.object(rpc, 'GLOBAL_MANAGER',
                       spec_set=conductor_manager.ConductorManager)
    def test_local_call_host_mismatch_with_rpc_disabled(self, mock_manager):
        CONF.set_override('host', 'fake.host')
        CONF.set_override('rpc_transport', 'none')
        rpcapi = conductor_rpcapi.ConductorAPI(topic='fake.topic')
        self.assertRaises(exception.ServiceUnavailable,
                          rpcapi.create_node,
                          mock.sentinel.context, mock.sentinel.node,
                          topic='fake.topic.not-fake.host')
    @mock.patch.object(rpc, 'GLOBAL_MANAGER', None)
    def test_local_call_no_conductor_with_rpc_disabled(self):
        CONF.set_override('host', 'fake.host')
        CONF.set_override('rpc_transport', 'none')
        rpcapi = conductor_rpcapi.ConductorAPI(topic='fake.topic')
        self.assertRaises(exception.ServiceUnavailable,
                          rpcapi.create_node,
                          mock.sentinel.context, mock.sentinel.node,
                          topic='fake.topic.fake.host')
    @mock.patch.object(rpc, 'GLOBAL_MANAGER',
                       spec_set=conductor_manager.ConductorManager)
    def test_local_cast(self, mock_manager):
--- a/releasenotes/notes/rpc-none-f05dac657eef4b66.yaml
+++ b/releasenotes/notes/rpc-none-f05dac657eef4b66.yaml
@ -0,0 +1,5 @@
 ---
 features:
  - |
    Adds a new ``none`` RPC transport that can be used together with the
    combined ``ironic`` executable to completely disable the RPC bus.