inspector: configure "dnsmasq" DHCP filter

Co-Authored-By: Harald Jensås <hjensas@redhat.com> Related-Bug: #1756075 Change-Id: I056cdadc025f35d8b6fd22f510a7c0a8e259a1f0
2017-11-29 17:08:59 +01:00
parent fbd8c08e5e
commit 76e4a89922
9 changed files with 236 additions and 2 deletions
--- a/manifests/inspector.pp
+++ b/manifests/inspector.pp
@@ -158,6 +158,11 @@
 #   (optional) IP interface for the dnsmasq process
 #   Defaults to '192.168.0.1'
 #
+# [*dnsmasq_dhcp_hostsdir*]
+#   (optional) directory with DHCP hosts, only used with the "dnsmasq" PXE
+#   filter.
+#   Defaults to undef
+#
 # [*sync_db*]
 #   Enable dbsync
 #   Defaults to true
@@ -250,6 +255,7 @@ class ironic::inspector (
  $swift_auth_url                  = 'http://127.0.0.1:5000/v2.0',
  $dnsmasq_ip_subnets              = [],
  $dnsmasq_local_ip                = '192.168.0.1',
+  $dnsmasq_dhcp_hostsdir           = undef,
  $sync_db                         = true,
  $ramdisk_collectors              = 'default',
  $ramdisk_filename                = 'agent.ramdisk',
@@ -345,7 +351,7 @@ class ironic::inspector (
    'DEFAULT/auth_strategy':                      value => $auth_strategy;
    'DEFAULT/timeout':                            value => $timeout;
    'capabilities/boot_mode':                     value => $detect_boot_mode;
-    'firewall/dnsmasq_interface':                 value => $dnsmasq_interface;
+    'iptables/dnsmasq_interface':                 value => $dnsmasq_interface;
    'processing/ramdisk_logs_dir':                value => $ramdisk_logs_dir;
    'processing/add_ports':                       value => $add_ports;
    'processing/keep_ports':                      value => $keep_ports;
--- a/manifests/inspector/pxe_filter.pp
+++ b/manifests/inspector/pxe_filter.pp
@@ -0,0 +1,38 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# Configure PXE filters for ironic-inspector
+#
+# === Parameters
+#
+# [*driver*]
+#   (optional) PXE filter driver to use.
+#   Defaults to $::os_service_default.
+#
+# [*sync_period*]
+#   (optional) Number of seconds between periodic updates of filters.
+#   Should be a non-negative integer value.
+#   Defaults to $::os_service_default.
+#
+class ironic::inspector::pxe_filter (
+  $driver      = $::os_service_default,
+  $sync_period = $::os_service_default,
+) {
+
+  include ::ironic::deps
+
+  ironic_inspector_config {
+    'pxe_filter/driver':      value => $driver;
+    'pxe_filter/sync_period': value => $sync_period;
+  }
+
+}
--- a/manifests/inspector/pxe_filter/dnsmasq.pp
+++ b/manifests/inspector/pxe_filter/dnsmasq.pp
@@ -0,0 +1,41 @@
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+# Configure parameters related to the "dnsmasq" PXE filter
+#
+# === Parameters
+#
+# [*dnsmasq_start_command*]
+#   (optional) A (shell) command line to start the dnsmasq service.
+#   Defaults to $::os_service_default.
+#
+# [*dnsmasq_stop_command*]
+#   (optional) A (shell) command line to stop the dnsmasq service.
+#   Defaults to $::os_service_default.
+#
+class ironic::inspector::pxe_filter::dnsmasq (
+  $dnsmasq_start_command = $::os_service_default,
+  $dnsmasq_stop_command  = $::os_service_default,
+) {
+
+  include ::ironic::deps
+  include ::ironic::inspector
+
+  $hostsdir = pick($::ironic::inspector::dnsmasq_dhcp_hostsdir, $::os_service_default)
+
+  ironic_inspector_config {
+    'dnsmasq_pxe_filter/dhcp_hostsdir':         value => $hostsdir;
+    'dnsmasq_pxe_filter/dnsmasq_start_command': value => $dnsmasq_start_command;
+    'dnsmasq_pxe_filter/dnsmasq_stop_command':  value => $dnsmasq_stop_command;
+  }
+
+}
--- a/releasenotes/notes/ironic-inspector-pxe-filter-dnsmasq-98af54c3cbf105c8.yaml
+++ b/releasenotes/notes/ironic-inspector-pxe-filter-dnsmasq-98af54c3cbf105c8.yaml
@@ -0,0 +1,4 @@
+---
+features:
+  - |
+    Adds support for the ``dnsmasq`` PXE filter driver in ironic-inspector.
--- a/spec/classes/ironic_inspector_pxe_filter_dnsmasq_spec.rb
+++ b/spec/classes/ironic_inspector_pxe_filter_dnsmasq_spec.rb
@@ -0,0 +1,75 @@
+#
+# Copyright (C) 2018 Red Hat, Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# Unit tests for ironic::inspector::pxe_filter::dnsmasq class
+#
+
+require 'spec_helper'
+
+describe 'ironic::inspector::pxe_filter::dnsmasq' do
+  let :pre_condition do
+     "class { 'ironic::inspector::authtoken':
+        password => 'password',
+      }
+      class { 'ironic::inspector':
+        dnsmasq_dhcp_hostsdir => '/etc/ironic-inspector/dhcp-hostsdir',
+      }"
+  end
+
+  shared_examples_for 'ironic inspector pxe_filter dnsmasq' do
+    it 'configure pxe_filter default params' do
+      is_expected.to contain_ironic_inspector_config('dnsmasq_pxe_filter/dhcp_hostsdir').with_value('/etc/ironic-inspector/dhcp-hostsdir')
+      is_expected.to contain_ironic_inspector_config('dnsmasq_pxe_filter/dnsmasq_start_command').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_ironic_inspector_config('dnsmasq_pxe_filter/dnsmasq_stop_command').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_file('/etc/ironic-inspector/dnsmasq.conf').with_content(
+        /dhcp-hostsdir=\/etc\/ironic-inspector\/dhcp-hostsdir/
+      )
+    end
+
+    context 'with specific parameters' do
+      let :params do
+        { :dnsmasq_start_command => 'dnsmasq --conf-file /etc/ironic-inspector/dnsmasq.conf',
+          :dnsmasq_stop_command  => 'kill $(cat /var/run/dnsmasq.pid)',
+        }
+      end
+
+      let :p do
+        params
+      end
+
+      it 'configure pxe_filter dnsmasq specific params' do
+        is_expected.to contain_ironic_inspector_config('dnsmasq_pxe_filter/dhcp_hostsdir').with_value('/etc/ironic-inspector/dhcp-hostsdir')
+        is_expected.to contain_ironic_inspector_config('dnsmasq_pxe_filter/dnsmasq_start_command').with_value(p[:dnsmasq_start_command])
+        is_expected.to contain_ironic_inspector_config('dnsmasq_pxe_filter/dnsmasq_stop_command').with_value(p[:dnsmasq_stop_command])
+        is_expected.to contain_file('/etc/ironic-inspector/dnsmasq.conf').with_content(
+          /dhcp-hostsdir=\/etc\/ironic-inspector\/dhcp-hostsdir/
+        )
+      end
+    end
+  end
+
+  on_supported_os({
+    :supported_os   => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      it_behaves_like 'ironic inspector pxe_filter dnsmasq'
+    end
+  end
+
+end
--- a/spec/classes/ironic_inspector_pxe_filter_spec.rb
+++ b/spec/classes/ironic_inspector_pxe_filter_spec.rb
@@ -0,0 +1,64 @@
+#
+# Copyright (C) 2018 Red Hat, Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# Unit tests for ironic::inspector::pxe_filter class
+#
+
+require 'spec_helper'
+
+describe 'ironic::inspector::pxe_filter' do
+  let :pre_condition do
+     "class { 'ironic::inspector::authtoken':
+        password => 'password',
+      }"
+  end
+
+  shared_examples_for 'ironic inspector pxe_filter' do
+    it 'configure pxe_filter default params' do
+      is_expected.to contain_ironic_inspector_config('pxe_filter/driver').with_value('<SERVICE DEFAULT>')
+      is_expected.to contain_ironic_inspector_config('pxe_filter/sync_period').with_value('<SERVICE DEFAULT>')
+    end
+
+    context 'with specific parameters' do
+      let :params do
+        { :driver      => 'dnsmasq',
+          :sync_period => '30',
+        }
+      end
+
+      let :p do
+        params
+      end
+
+      it 'configure pxe_filter specific params' do
+        is_expected.to contain_ironic_inspector_config('pxe_filter/driver').with_value(p[:driver])
+        is_expected.to contain_ironic_inspector_config('pxe_filter/sync_period').with_value(p[:sync_period])
+      end
+    end
+  end
+
+  on_supported_os({
+    :supported_os   => OSDefaults.get_supported_os
+  }).each do |os,facts|
+    context "on #{os}" do
+      let (:facts) do
+        facts.merge!(OSDefaults.get_facts())
+      end
+
+      it_behaves_like 'ironic inspector pxe_filter'
+    end
+  end
+
+end
--- a/spec/classes/ironic_inspector_spec.rb
+++ b/spec/classes/ironic_inspector_spec.rb
@@ -103,7 +103,7 @@ describe 'ironic::inspector' do
      is_expected.to contain_ironic_inspector_config('DEFAULT/auth_strategy').with_value(p[:auth_strategy])
      is_expected.to contain_ironic_inspector_config('DEFAULT/timeout').with_value('<SERVICE DEFAULT>')
      is_expected.to contain_ironic_inspector_config('capabilities/boot_mode').with_value('<SERVICE DEFAULT>')
-      is_expected.to contain_ironic_inspector_config('firewall/dnsmasq_interface').with_value(p[:dnsmasq_interface])
+      is_expected.to contain_ironic_inspector_config('iptables/dnsmasq_interface').with_value(p[:dnsmasq_interface])
      is_expected.to contain_ironic_inspector_config('processing/ramdisk_logs_dir').with_value(p[:ramdisk_logs_dir])
      is_expected.to contain_ironic_inspector_config('processing/add_ports').with_value(p[:add_ports])
      is_expected.to contain_ironic_inspector_config('processing/keep_ports').with_value(p[:keep_ports])
--- a/templates/inspector_dnsmasq_http.erb
+++ b/templates/inspector_dnsmasq_http.erb
@@ -32,3 +32,6 @@ dhcp-boot=tag:ipxe,http://<%= @dnsmasq_local_ip %>:<%= @http_port_real %>/inspec
 dhcp-boot=tag:efi,tag:!ipxe,ipxe.efi
 # Client is running PXE over BIOS; send BIOS version of iPXE chainloader
 dhcp-boot=undionly.kpxe,localhost.localdomain,<%= @dnsmasq_local_ip %>
+<% if @dnsmasq_dhcp_hostsdir %>
+dhcp-hostsdir=<%= @dnsmasq_dhcp_hostsdir %>
+<% end %>
--- a/templates/inspector_dnsmasq_tftp.erb
+++ b/templates/inspector_dnsmasq_tftp.erb
@@ -23,3 +23,6 @@ dhcp-option=option:router,<%= s['gateway'] %>
 <% end -%>
 dhcp-boot=pxelinux.0,localhost.localdomain,<%= @dnsmasq_local_ip %>
 dhcp-sequential-ip
+<% if @dnsmasq_dhcp_hostsdir %>
+dhcp-hostsdir=<%= @dnsmasq_dhcp_hostsdir %>
+<% end %>