Merge "Raise an error when san private key is missing"

This commit is contained in:
Jenkins 2015-04-02 21:10:40 +00:00 committed by Gerrit Code Review
commit 388d95b8aa
4 changed files with 20 additions and 9 deletions

View File

@ -147,6 +147,7 @@ Cinder attributes
* `openstack['block-storage']['san']['san_ip'] - IP address of SAN controller
* `openstack['block-storage']['san']['san_login'] - Username for SAN controller
* `openstack['block-storage']['san']['san_private_key'] - Filename of private key to use for SSH authentication
* `openstack['block-storage']['san']['san_private_key_url'] - Source url of private key to use for SSH authentication
* `openstack['block-storage']['storwize']['storwize_svc_volpool_name'] - Storage system storage pool for volumes
* `openstack['block-storage']['storwize']['storwize_svc_vol_rsize'] - Storage system space-efficiency parameter for volumes
* `openstack['block-storage']['storwize']['storwize_svc_vol_warning'] - Storage system threshold for volume capacity warnings

View File

@ -135,6 +135,8 @@ default['openstack']['block-storage']['service_role'] = 'admin'
default['openstack']['block-storage']['san']['san_ip'] = '127.0.0.1'
default['openstack']['block-storage']['san']['san_login'] = 'admin'
default['openstack']['block-storage']['san']['san_private_key'] = '/v7000_rsa'
# The location(URL) of the san_private_key. This value may also specify HTTP(http://), FTP("ftp://"), or local(file://), if the san private key is in the local, you should also specify this attribute using(file://)
default['openstack']['block-storage']['san']['san_private_key_url'] = nil
# NFS support
default['openstack']['block-storage']['nfs']['nas_ip'] = '127.0.0.1'
@ -166,6 +168,7 @@ default['openstack']['block-storage']['storwize']['san_ip'] = node['openstack'][
default['openstack']['block-storage']['storwize']['san_login'] = node['openstack']['block-storage']['san']['san_login']
# If the key is set to nil, the san_login and san_password will be used.
default['openstack']['block-storage']['storwize']['san_private_key'] = node['openstack']['block-storage']['san']['san_private_key']
default['openstack']['block-storage']['storwize']['san_private_key_url'] = node['openstack']['block-storage']['san']['san_private_key_url']
default['openstack']['block-storage']['storwize']['storwize_svc_volpool_name'] = 'volpool'
default['openstack']['block-storage']['storwize']['storwize_svc_vol_rsize'] = 2
default['openstack']['block-storage']['storwize']['storwize_svc_vol_warning'] = 0

View File

@ -106,10 +106,16 @@ when 'cinder.volume.drivers.netapp.nfs.NetAppDirect7modeNfsDriver'
end
when 'cinder.volume.drivers.ibm.storwize_svc.StorwizeSVCDriver'
file node['openstack']['block-storage']['san']['san_private_key'] do
mode '0400'
owner node['openstack']['block-storage']['user']
group node['openstack']['block-storage']['group']
san_private_key = node['openstack']['block-storage']['storwize']['san_private_key']
san_private_key_url = node['openstack']['block-storage']['storwize']['san_private_key_url']
if san_private_key && san_private_key_url
remote_file san_private_key do
source san_private_key_url
mode '0400'
owner node['openstack']['block-storage']['user']
group node['openstack']['block-storage']['group']
end
end
platform_options['cinder_svc_packages'].each do |pkg|

View File

@ -165,12 +165,13 @@ describe 'openstack-block-storage::volume' do
node.set['openstack']['block-storage']['volume']['driver'] = 'cinder.volume.drivers.ibm.storwize_svc.StorwizeSVCDriver'
end
it 'configures storewize private key' do
san_key = chef_run.file chef_run.node['openstack']['block-storage']['san']['san_private_key']
expect(san_key.mode).to eq('0400')
expect(chef_run).to create_file('/v7000_rsa').with(
it 'download san private key if needed' do
node.set['openstack']['block-storage']['storwize']['san_private_key_url'] = 'http://server/key'
expect(chef_run).to create_remote_file('/v7000_rsa').with(
source: 'http://server/key',
user: 'cinder',
group: 'cinder'
group: 'cinder',
mode: '0400'
)
end