openstack/puppet-nova
Code Issues Proposed changes

Prohibit modular libvirt in non RedHat distributions

Browse Source 
Currently modular libvirt daemons are supported only by CentOS and
RHEL. This makes sure the deployment fails in case the architecture is
requested in distros which do not support it.

Change-Id: I8eefc65e206bdb0532b6c5d08eee0d35d764a2b9
This commit is contained in:
Takashi Kajinami
2023-05-23 11:39:14 +09:00
parent 272ed9f1c5
commit 0fe7de9b77
5 changed files with 140 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
manifests/compute/libvirt/services.pp
View File

@@ -66,6 +66,10 @@ class nova::compute::libvirt::services (
include nova::deps
include nova::params
if $modular_libvirt and !$::nova::params::modular_libvirt_support {
fail('Modular libvirt daemons are not support in this distribution')
}
if $libvirt_service_name {
# libvirt-nwfilter
if $facts['os']['family'] == 'RedHat' {

5
manifests/migration/libvirt.pp
View File

@@ -184,8 +184,11 @@ class nova::migration::libvirt(
$transport_real = 'tcp'
}
$modular_libvirt_real = pick($modular_libvirt, $nova::params::modular_libvirt)
$modular_libvirt_real = pick($modular_libvirt, $::nova::params::modular_libvirt)
if $modular_libvirt_real and !$::nova::params::modular_libvirt_support {
fail('Modular libvirt daemons are not support in this distribution')
}
validate_legacy(Enum['tcp', 'tls', 'ssh'], 'validate_re', $transport_real,
[['^tcp$', '^tls$', '^ssh$'], 'Valid options for transport are tcp, tls, ssh.'])

5
manifests/params.pp
View File

@@ -55,6 +55,7 @@ class nova::params {
$serialproxy_service_name = 'openstack-nova-serialproxy'
$spicehtml5proxy_service_name = 'openstack-nova-spicehtml5proxy'
$modular_libvirt = false
$modular_libvirt_support = true
# redhat specific config defaults
$root_helper = 'sudo nova-rootwrap'
$lock_path = '/var/lib/nova/tmp'
@@ -107,7 +108,6 @@ class nova::params {
$virtqemu_service_name = 'virtqemud.socket'
$virtproxy_service_name = 'virtproxyd.socket'
$virtstorage_service_name = 'virtstoraged.socket'
$modular_libvirt = false
}
default: {
$api_metadata_service_name = undef
@@ -123,9 +123,10 @@ class nova::params {
$virtqemu_service_name = 'virtqemud'
$virtproxy_service_name = 'virtproxyd'
$virtstorage_service_name = 'virtstoraged'
$modular_libvirt = false
}
}
$modular_libvirt = false
$modular_libvirt_support = false
$libvirt_service_name = 'libvirtd'
}
default: {

7
spec/classes/nova_compute_libvirt_services_spec.rb
View File

@@ -24,8 +24,10 @@ describe 'nova::compute::libvirt::services' do
is_expected.not_to contain_service('libvirt')
end
end
end
context 'with default parameters and modular-libvirt true' do
shared_examples_for 'nova compute libvirt services with modular libvirt' do
context 'with default parameters' do
let :params do
{
:modular_libvirt => true
@@ -56,6 +58,9 @@ describe 'nova::compute::libvirt::services' do
facts.merge!(OSDefaults.get_facts())
end
it_configures 'nova compute libvirt services'
if facts['osfamily'] == 'RedHat'
it_configures 'nova compute libvirt services with modular libvirt'
end
end
end
end

244
spec/classes/nova_migration_libvirt_spec.rb
View File

@@ -50,23 +50,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_auto_converge').with_value('<SERVICE DEFAULT>')}
end
context 'with modular_libvirt set to true' do
let(:params) { { :modular_libvirt => true} }
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_nova_config('libvirt/live_migration_tunnelled').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_with_native_tls').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_completion_timeout').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_timeout_action').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tcp://%s/system') }
it { is_expected.to contain_nova_config('libvirt/live_migration_inbound_addr').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_post_copy').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_auto_converge').with_value('<SERVICE DEFAULT>')}
end
context 'with override_uuid enabled' do
let :params do
{
@@ -115,21 +98,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tls://%s/system')}
end
context 'with tls enabled and modular-libvirt set to true' do
let :params do
{
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tls://%s/system')}
end
context 'with tls enabled and inbound addr set' do
let :params do
{
@@ -196,20 +164,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with auth set to sasl and modular_libvirt is true' do
let :params do
{
:auth => 'sasl',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('sasl').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with auth set to sasl and tls enabled' do
let :params do
{
@@ -223,21 +177,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with auth set to sasl and tls enabled and modular_libvirt set to true' do
let :params do
{
:auth => 'sasl',
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('sasl').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with certificates set and tls enabled' do
let :params do
{
@@ -252,21 +191,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_libvirtd_config('crl_file').with_value('/crl').with_quote(true) }
end
context 'with certificates set and tls enabled and modular_libvirt set to true' do
let :params do
{
:transport => 'tls',
:ca_file => '/ca',
:crl_file => '/crl',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('/ca').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('/crl').with_quote(true) }
end
context 'with auth set to an invalid setting' do
let :params do
{
@@ -308,16 +232,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system')}
end
context 'with ssh transport and modular_libvirt set to true' do
let :params do
{
:transport => 'ssh',
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system')}
end
context 'with ssh transport with user' do
let :params do
{
@@ -328,17 +242,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://foobar@%s/system')}
end
context 'with ssh transport with user and modular_libvirt set to true' do
let :params do
{
:transport => 'ssh',
:client_user => 'foobar',
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://foobar@%s/system')}
end
context 'with ssh transport with port' do
let :params do
{
@@ -349,17 +252,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s:1234/system')}
end
context 'with ssh transport with port and modular_libvirt set to true' do
let :params do
{
:transport => 'ssh',
:client_port => 1234,
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s:1234/system')}
end
context 'with ssh transport with extraparams' do
let :params do
{
@@ -370,17 +262,6 @@ describe 'nova::migration::libvirt' do
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system?foo=%%25&bar=baz')}
end
context 'with ssh transport with extraparams and modular_libvirt set to true' do
let :params do
{
:transport => 'ssh',
:client_extraparams => {'foo' => '%', 'bar' => 'baz'},
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system?foo=%%25&bar=baz')}
end
context 'with tls transport' do
let :params do
{ :transport => 'tls' }
@@ -415,8 +296,126 @@ describe 'nova::migration::libvirt' do
:match => '^ListenStream=.*',
)}
end
end
context 'with tls transport and modular daemons' do
shared_examples_for 'nova migration with modular libvirt' do
context 'with modular_libvirt set to true' do
let(:params) { { :modular_libvirt => true} }
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_nova_config('libvirt/live_migration_tunnelled').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_with_native_tls').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_completion_timeout').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_timeout_action').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tcp://%s/system') }
it { is_expected.to contain_nova_config('libvirt/live_migration_inbound_addr').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_post_copy').with_value('<SERVICE DEFAULT>')}
it { is_expected.to contain_nova_config('libvirt/live_migration_permit_auto_converge').with_value('<SERVICE DEFAULT>')}
end
context 'with tls enabled' do
let :params do
{
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+tls://%s/system')}
end
context 'with auth set to sasl' do
let :params do
{
:auth => 'sasl',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('sasl').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with auth set to sasl and tls enabled' do
let :params do
{
:auth => 'sasl',
:transport => 'tls',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('sasl').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('<SERVICE DEFAULT>').with_quote(true) }
end
context 'with certificates set and tls enabled' do
let :params do
{
:transport => 'tls',
:ca_file => '/ca',
:crl_file => '/crl',
:modular_libvirt => true,
}
end
it { is_expected.to contain_virtproxyd_config('auth_tls').with_value('none').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('auth_tcp').with_value('<SERVICE DEFAULT>').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('ca_file').with_value('/ca').with_quote(true) }
it { is_expected.to contain_virtproxyd_config('crl_file').with_value('/crl').with_quote(true) }
end
context 'with ssh transport' do
let :params do
{
:transport => 'ssh',
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system')}
end
context 'with ssh transport with user' do
let :params do
{
:transport => 'ssh',
:client_user => 'foobar',
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://foobar@%s/system')}
end
context 'with ssh transport with port' do
let :params do
{
:transport => 'ssh',
:client_port => 1234,
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s:1234/system')}
end
context 'with ssh transport with extraparams' do
let :params do
{
:transport => 'ssh',
:client_extraparams => {'foo' => '%', 'bar' => 'baz'},
:modular_libvirt => true,
}
end
it { is_expected.to contain_nova_config('libvirt/live_migration_uri').with_value('qemu+ssh://%s/system?foo=%%25&bar=baz')}
end
context 'with tls transport' do
let :params do
{
:transport => 'tls',
@@ -437,7 +436,7 @@ describe 'nova::migration::libvirt' do
)}
end
context 'with tcp transport and modular daemons' do
context 'with tcp transport' do
let :params do
{
:transport => 'tcp',
@@ -465,6 +464,9 @@ describe 'nova::migration::libvirt' do
end
it_behaves_like 'nova migration with libvirt'
if facts['osfamily'] == 'RedHat'
it_behaves_like 'nova migration with modulr libvirt'
end
end
end
end