openstack
/
cookbook-openstack-network
Code Issues Proposed changes

Use new nova_admin_tenant_name 

Patches in base neutron allow for use of just the nova tenant name
instead of having to make an ugly cli call into keystone to get the
uuid.   This is much much cleaner way to do it.
Kept the old admin_tenant_id attribute, added a new
admin_tenant_name one.  This should come directly from the Compute
cookbook attribute, service_tenant_name, but since Network does
not depend upon Compute cookbook, I simply added the default here.
I don't think we want to introduce a depends between Network and
Compute, that would be a circular dependency.

Change-Id: I88948b6ad300192cb00b07f10d29dc7ec19d4ba2
Closes-Bug: #1427817
This commit is contained in:
Mark Vanderwiel 2015-03-03 14:24:10 -06:00
parent 6ec0caf181
commit 48d3cafe4f
4 changed files with 20 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
attributes/default.rb
View File

@ -250,9 +250,16 @@ default['openstack']['network']['nova']['admin_username'] = 'nova'
default['openstack']['network']['nova']['url_version'] = '/v2'
# The uuid of the nova tenant
# Nil will cause the uuid to be queried from keystone.
# Nil will cause the name below to be used.
default['openstack']['network']['nova']['admin_tenant_id'] = nil
# The name of the nova tenant
# defined here based upon Compute cookbook attribute:
# default['openstack']['compute']['service_tenant_name'] = 'service'
# Since this cookbook does not depend upon Compute, can't directly
# reference that here.
default['openstack']['network']['nova']['admin_tenant_name'] = 'service'
# Number of seconds between sending events to nova if there are any events to send
default['openstack']['network']['nova']['send_events_interval'] = 2

26
recipes/default.rb
View File

@ -159,32 +159,6 @@ nova_endpoint = internal_endpoint 'compute-api'
nova_version = node['openstack']['network']['nova']['url_version']
nova_endpoint = uri_from_hash('scheme' => nova_endpoint.scheme.to_s, 'host' => nova_endpoint.host.to_s, 'port' => nova_endpoint.port.to_s, 'path' => nova_version)
nova_admin_pass = get_password 'service', 'openstack-compute'
ruby_block 'query service tenant uuid' do
# query keystone for the service tenant uuid
block do
begin
admin_user = node['openstack']['identity']['admin_user']
admin_tenant = node['openstack']['identity']['admin_tenant_name']
is_insecure = node['openstack']['network']['api']['auth']['insecure']
cafile = node['openstack']['network']['api']['auth']['cafile']
args = {}
is_insecure && args['insecure'] = ''
!cafile.to_s.empty? && args['os-cacert'] = cafile
env = openstack_command_env admin_user, admin_tenant
tenant_id = identity_uuid 'tenant', 'name', 'service', env, args
Chef::Log.error('service tenant UUID for nova_admin_tenant_id not found.') if tenant_id.nil?
node.set['openstack']['network']['nova']['admin_tenant_id'] = tenant_id
rescue RuntimeError => e
Chef::Log.error("Could not query service tenant UUID for nova_admin_tenant_id. Error was #{e.message}")
end
end
action :run
only_if do
(node['openstack']['network']['nova']['notify_nova_on_port_status_changes'] == 'True' ||
node['openstack']['network']['nova']['notify_nova_on_port_data_changes'] == 'True') &&
node['openstack']['network']['nova']['admin_tenant_id'].nil?
end
end
template '/etc/neutron/neutron.conf' do
source 'neutron.conf.erb'

136
spec/default_spec.rb
View File

@ -569,10 +569,14 @@ describe 'openstack-network' do
end
end
%w(region_name admin_username admin_tenant_id).each do |attr|
it 'does not set the sets admin_tenant_id' do
expect(chef_run).not_to render_config_file(file.name).with_section_content('DEFAULT', /^nova_admin_tenant_id =/)
end
%w(region_name admin_username admin_tenant_id admin_tenant_name).each do |attr|
it "sets the #{attr} nova attribute" do
node.set['openstack']['network']['nova'][attr] = "nova_#{attr}_value"
expect(chef_run).to render_file(file.name).with_content(/^nova_#{attr} = nova_#{attr}_value$/)
expect(chef_run).to render_config_file(file.name).with_section_content('DEFAULT', /^nova_#{attr} = nova_#{attr}_value$/)
end
end
@ -756,134 +760,6 @@ describe 'openstack-network' do
expect(chef_run).not_to render_file(file.name).with_content(/^service_provider = /)
end
end
describe 'query service tenant uuid' do
it 'has queried service tenant uuid for nova interactions' do
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('000-UUID-FROM-CLI')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 000-UUID-FROM-CLI')
end
it 'has queried service tenant uuid for nova interactions with ssl' do
chef_run.node.set['openstack']['network']['api']['auth']['cafile'] = 'cafile'
chef_run.node.set['openstack']['network']['api']['auth']['insecure'] = true
allow_any_instance_of(Chef::Resource::RubyBlock).to receive(:identity_uuid)
.with('tenant', 'name', 'service', {}, 'insecure' => '', 'os-cacert' => 'cafile')
.and_return('000-UUID-FROM-CLI')
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('000-UUID-FROM-CLI')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 000-UUID-FROM-CLI')
end
it 'has queried service tenant uuid for nova interactions with ssl empty cafile' do
chef_run.node.set['openstack']['network']['api']['auth']['cafile'] = ''
chef_run.node.set['openstack']['network']['api']['auth']['insecure'] = true
allow_any_instance_of(Chef::Resource::RubyBlock).to receive(:identity_uuid)
.with('tenant', 'name', 'service', {}, 'insecure' => '')
.and_return('000-UUID-FROM-CLI')
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('000-UUID-FROM-CLI')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 000-UUID-FROM-CLI')
end
it 'has queried service tenant uuid for nova interactions with ssl nil cafile' do
chef_run.node.set['openstack']['network']['api']['auth']['cafile'] = nil
chef_run.node.set['openstack']['network']['api']['auth']['insecure'] = true
allow_any_instance_of(Chef::Resource::RubyBlock).to receive(:identity_uuid)
.with('tenant', 'name', 'service', {}, 'insecure' => '')
.and_return('000-UUID-FROM-CLI')
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('000-UUID-FROM-CLI')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 000-UUID-FROM-CLI')
end
it 'has status changes for nova interactions disabled without id override' do
chef_run.node.set['openstack']['network']['nova']['notify_nova_on_port_status_changes'] = 'False'
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('000-UUID-FROM-CLI')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 000-UUID-FROM-CLI')
end
it 'has data changes for nova interactions disabled without id override' do
chef_run.node.set['openstack']['network']['nova']['notify_nova_on_port_data_changes'] = 'False'
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('000-UUID-FROM-CLI')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 000-UUID-FROM-CLI')
end
it 'has all changes for nova interactions disabled without id override' do
chef_run.node.set['openstack']['network']['nova']['notify_nova_on_port_status_changes'] = 'False'
chef_run.node.set['openstack']['network']['nova']['notify_nova_on_port_data_changes'] = 'False'
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq(nil)
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id =')
end
it 'has status changes for nova interactions disabled with id override' do
chef_run.node.set['openstack']['network']['nova']['notify_nova_on_port_status_changes'] = 'False'
chef_run.node.set['openstack']['network']['nova']['admin_tenant_id'] = '111-UUID-OVERRIDE'
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('111-UUID-OVERRIDE')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 111-UUID-OVERRIDE')
end
it 'has data changes for nova interactions disabled with id override' do
chef_run.node.set['openstack']['network']['nova']['notify_nova_on_port_data_changes'] = 'False'
chef_run.node.set['openstack']['network']['nova']['admin_tenant_id'] = '111-UUID-OVERRIDE'
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('111-UUID-OVERRIDE')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 111-UUID-OVERRIDE')
end
it 'has all changes for nova interactions disabled with id override' do
chef_run.node.set['openstack']['network']['nova']['notify_nova_on_port_status_changes'] = 'False'
chef_run.node.set['openstack']['network']['nova']['notify_nova_on_port_data_changes'] = 'False'
chef_run.node.set['openstack']['network']['nova']['admin_tenant_id'] = '111-UUID-OVERRIDE'
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('111-UUID-OVERRIDE')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 111-UUID-OVERRIDE')
end
it 'has overriden service tenant uuid for nova interactions' do
chef_run.node.set['openstack']['network']['nova']['admin_tenant_id'] = '111-UUID-OVERRIDE'
# run actual ruby_block resource
chef_run.find_resource(:ruby_block, 'query service tenant uuid').old_run_action(:create)
nova_tenant_id = chef_run.node['openstack']['network']['nova']['admin_tenant_id']
expect(nova_tenant_id).to eq('111-UUID-OVERRIDE')
expect(chef_run).to render_file(file.name).with_content(
'nova_admin_tenant_id = 111-UUID-OVERRIDE')
end
end
end
describe 'policy file' do

6
templates/default/neutron.conf.erb
View File

@ -359,8 +359,14 @@ nova_region_name = <%= node["openstack"]["network"]["nova"]["region_name"] %>
# Username for connection to nova in admin context
nova_admin_username = <%= node["openstack"]["network"]["nova"]["admin_username"] %>
<% if node['openstack']['network']['nova']['admin_tenant_id'] -%>
# The uuid of the admin nova tenant
nova_admin_tenant_id = <%= node["openstack"]["network"]["nova"]["admin_tenant_id"] %>
<% end -%>
# The name of the admin nova tenant. If the uuid of the admin nova tenant
# is set, this is optional.
nova_admin_tenant_name = <%= node["openstack"]["network"]["nova"]["admin_tenant_name"] %>
# Password for connection to nova in admin context.
nova_admin_password = <%= @nova_admin_pass %>