Raise an error when san private key is missing

Currently, if san private key is missing, cookbook will create an
empty one which cause cinder can't work properly.

This patch will check whether san private key is exist or not, if
not, raise an error to remind user to provide one.

Change-Id: Ia1e0a60dec9ef463a908756fffa5f5274ebc0fb7
This commit is contained in:
lqslan 2015-03-25 11:04:37 +08:00
parent c11812f7eb
commit 1a7152c2d9
4 changed files with 20 additions and 9 deletions

View File

@ -147,6 +147,7 @@ Cinder attributes
* `openstack['block-storage']['san']['san_ip'] - IP address of SAN controller
* `openstack['block-storage']['san']['san_login'] - Username for SAN controller
* `openstack['block-storage']['san']['san_private_key'] - Filename of private key to use for SSH authentication
* `openstack['block-storage']['san']['san_private_key_url'] - Source url of private key to use for SSH authentication
* `openstack['block-storage']['storwize']['storwize_svc_volpool_name'] - Storage system storage pool for volumes
* `openstack['block-storage']['storwize']['storwize_svc_vol_rsize'] - Storage system space-efficiency parameter for volumes
* `openstack['block-storage']['storwize']['storwize_svc_vol_warning'] - Storage system threshold for volume capacity warnings

View File

@ -135,6 +135,8 @@ default['openstack']['block-storage']['service_role'] = 'admin'
default['openstack']['block-storage']['san']['san_ip'] = '127.0.0.1'
default['openstack']['block-storage']['san']['san_login'] = 'admin'
default['openstack']['block-storage']['san']['san_private_key'] = '/v7000_rsa'
# The location(URL) of the san_private_key. This value may also specify HTTP(http://), FTP("ftp://"), or local(file://), if the san private key is in the local, you should also specify this attribute using(file://)
default['openstack']['block-storage']['san']['san_private_key_url'] = nil
# NFS support
default['openstack']['block-storage']['nfs']['nas_ip'] = '127.0.0.1'
@ -166,6 +168,7 @@ default['openstack']['block-storage']['storwize']['san_ip'] = node['openstack'][
default['openstack']['block-storage']['storwize']['san_login'] = node['openstack']['block-storage']['san']['san_login']
# If the key is set to nil, the san_login and san_password will be used.
default['openstack']['block-storage']['storwize']['san_private_key'] = node['openstack']['block-storage']['san']['san_private_key']
default['openstack']['block-storage']['storwize']['san_private_key_url'] = node['openstack']['block-storage']['san']['san_private_key_url']
default['openstack']['block-storage']['storwize']['storwize_svc_volpool_name'] = 'volpool'
default['openstack']['block-storage']['storwize']['storwize_svc_vol_rsize'] = 2
default['openstack']['block-storage']['storwize']['storwize_svc_vol_warning'] = 0

View File

@ -106,10 +106,16 @@ when 'cinder.volume.drivers.netapp.nfs.NetAppDirect7modeNfsDriver'
end
when 'cinder.volume.drivers.ibm.storwize_svc.StorwizeSVCDriver'
file node['openstack']['block-storage']['san']['san_private_key'] do
mode '0400'
owner node['openstack']['block-storage']['user']
group node['openstack']['block-storage']['group']
san_private_key = node['openstack']['block-storage']['storwize']['san_private_key']
san_private_key_url = node['openstack']['block-storage']['storwize']['san_private_key_url']
if san_private_key && san_private_key_url
remote_file san_private_key do
source san_private_key_url
mode '0400'
owner node['openstack']['block-storage']['user']
group node['openstack']['block-storage']['group']
end
end
platform_options['cinder_svc_packages'].each do |pkg|

View File

@ -165,12 +165,13 @@ describe 'openstack-block-storage::volume' do
node.set['openstack']['block-storage']['volume']['driver'] = 'cinder.volume.drivers.ibm.storwize_svc.StorwizeSVCDriver'
end
it 'configures storewize private key' do
san_key = chef_run.file chef_run.node['openstack']['block-storage']['san']['san_private_key']
expect(san_key.mode).to eq('0400')
expect(chef_run).to create_file('/v7000_rsa').with(
it 'download san private key if needed' do
node.set['openstack']['block-storage']['storwize']['san_private_key_url'] = 'http://server/key'
expect(chef_run).to create_remote_file('/v7000_rsa').with(
source: 'http://server/key',
user: 'cinder',
group: 'cinder'
group: 'cinder',
mode: '0400'
)
end