summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDiana Clarke <diana.joan.clarke@gmail.com>2017-03-07 14:07:16 -0500
committerOliver Walsh <owalsh@redhat.com>2017-12-19 20:24:52 +0000
commite128ba6538eb806589ebc01c16ee5e298bb0ee86 (patch)
tree0504cade9ba46efa19a4a29e432a1d23e85db2e6
parent9606525df2e38224a6d88f6d014284d5496547d6 (diff)
Correct permissions on the nova logfiles
When you execute nova-manage commands, oslo logs to the following location (file name is dynamically created based on command name). /var/log/nova/nova-manage.log Because puppet-nova is executing these commands as root, nova-manage.log is owned by root, preventing the 'nova-manage db archive_deleted_rows' entry in nova's crontab from executing. Permission denied: '/var/log/nova/nova-manage.log' This log file is also an outlier, as all other log files in /var/log/nova/ are owned by nova:nova. Similar issues are possible for other nova logs, if for example a nova services is initially started manually as root, so the ownership of all nova logs is corrected before configuring nova. Co-Authored-By: Oliver Walsh <owalsh@redhat.com> Co-Authored-By: Diana Clarke <diana.joan.clarke@gmail.com> Co-Authored-By: Maciej Kucia <maciej@kucia.net> Closes-Bug: #1671681 Change-Id: I0ca0110cbf9139c79074cf603dcab9135f96e765
Notes
Notes (review): Code-Review+1: Oliver Walsh <owalsh@redhat.com> Code-Review+2: Alex Schultz <aschultz@redhat.com> Code-Review+2: Emilien Macchi <emilien@redhat.com> Workflow+1: Emilien Macchi <emilien@redhat.com> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Wed, 20 Dec 2017 07:06:20 +0000 Reviewed-on: https://review.openstack.org/498723 Project: openstack/puppet-nova Branch: refs/heads/master
-rw-r--r--lib/puppet/provider/nova.rb5
-rw-r--r--manifests/cell_v2/discover_hosts.pp2
-rw-r--r--manifests/cell_v2/map_cell0.pp2
-rw-r--r--manifests/cell_v2/map_cell_and_hosts.pp2
-rw-r--r--manifests/cell_v2/map_instances.pp2
-rw-r--r--manifests/cron/archive_deleted_rows.pp8
-rw-r--r--manifests/db/online_data_migrations.pp1
-rw-r--r--manifests/db/sync.pp1
-rw-r--r--manifests/db/sync_api.pp1
-rw-r--r--manifests/logging.pp41
-rw-r--r--manifests/params.pp6
-rw-r--r--releasenotes/notes/nova-manage-user-16e7145d0c10bf57.yaml17
-rw-r--r--spec/classes/nova_cell_v2_discover_hosts_spec.rb2
-rw-r--r--spec/classes/nova_cell_v2_map_cell0_spec.rb2
-rw-r--r--spec/classes/nova_cell_v2_map_cell_and_hosts_spec.rb2
-rw-r--r--spec/classes/nova_cell_v2_map_instances.rb2
-rw-r--r--spec/classes/nova_cron_archive_deleted_rows_spec.rb2
-rw-r--r--spec/classes/nova_db_online_data_migrations_spec.rb3
-rw-r--r--spec/classes/nova_db_sync_api_spec.rb3
-rw-r--r--spec/classes/nova_db_sync_spec.rb3
-rw-r--r--spec/classes/nova_logging_spec.rb25
21 files changed, 126 insertions, 6 deletions
diff --git a/lib/puppet/provider/nova.rb b/lib/puppet/provider/nova.rb
index 6754c51..bb5f321 100644
--- a/lib/puppet/provider/nova.rb
+++ b/lib/puppet/provider/nova.rb
@@ -46,6 +46,7 @@ class Puppet::Provider::Nova < Puppet::Provider::Openstack
46 # NOTE(mnaser): We pass the arguments as an array to avoid problems with 46 # NOTE(mnaser): We pass the arguments as an array to avoid problems with
47 # symbols in the arguments breaking things. 47 # symbols in the arguments breaking things.
48 Puppet::Util::Execution.execute(args, { 48 Puppet::Util::Execution.execute(args, {
49 :uid => nova_user,
49 :failonfail => true, 50 :failonfail => true,
50 :combine => false, 51 :combine => false,
51 :custom_environment => {} 52 :custom_environment => {}
@@ -56,6 +57,10 @@ class Puppet::Provider::Nova < Puppet::Provider::Openstack
56 self.class.nova_manage_request(args) 57 self.class.nova_manage_request(args)
57 end 58 end
58 59
60 def self.nova_user
61 'nova'
62 end
63
59 def self.conf_filename 64 def self.conf_filename
60 '/etc/nova/nova.conf' 65 '/etc/nova/nova.conf'
61 end 66 end
diff --git a/manifests/cell_v2/discover_hosts.pp b/manifests/cell_v2/discover_hosts.pp
index 82b00f5..c392e2b 100644
--- a/manifests/cell_v2/discover_hosts.pp
+++ b/manifests/cell_v2/discover_hosts.pp
@@ -13,10 +13,12 @@ class nova::cell_v2::discover_hosts (
13) { 13) {
14 14
15 include ::nova::deps 15 include ::nova::deps
16 include ::nova::params
16 17
17 exec { 'nova-cell_v2-discover_hosts': 18 exec { 'nova-cell_v2-discover_hosts':
18 path => ['/bin', '/usr/bin'], 19 path => ['/bin', '/usr/bin'],
19 command => "nova-manage ${extra_params} cell_v2 discover_hosts", 20 command => "nova-manage ${extra_params} cell_v2 discover_hosts",
21 user => $::nova::params::nova_user,
20 refreshonly => true, 22 refreshonly => true,
21 subscribe => Anchor['nova::service::end'] 23 subscribe => Anchor['nova::service::end']
22 } 24 }
diff --git a/manifests/cell_v2/map_cell0.pp b/manifests/cell_v2/map_cell0.pp
index 1ee83ab..40ace35 100644
--- a/manifests/cell_v2/map_cell0.pp
+++ b/manifests/cell_v2/map_cell0.pp
@@ -16,10 +16,12 @@ class nova::cell_v2::map_cell0 (
16) { 16) {
17 17
18 include ::nova::deps 18 include ::nova::deps
19 include ::nova::params
19 20
20 exec { 'nova-cell_v2-map_cell0': 21 exec { 'nova-cell_v2-map_cell0':
21 path => ['/bin', '/usr/bin'], 22 path => ['/bin', '/usr/bin'],
22 command => "nova-manage ${extra_params} cell_v2 map_cell0", 23 command => "nova-manage ${extra_params} cell_v2 map_cell0",
24 user => $::nova::params::nova_user,
23 refreshonly => true, 25 refreshonly => true,
24 logoutput => on_failure, 26 logoutput => on_failure,
25 subscribe => Anchor['nova::cell_v2::begin'], 27 subscribe => Anchor['nova::cell_v2::begin'],
diff --git a/manifests/cell_v2/map_cell_and_hosts.pp b/manifests/cell_v2/map_cell_and_hosts.pp
index a8a632f..5d4cfab 100644
--- a/manifests/cell_v2/map_cell_and_hosts.pp
+++ b/manifests/cell_v2/map_cell_and_hosts.pp
@@ -13,10 +13,12 @@ class nova::cell_v2::map_cell_and_hosts (
13) { 13) {
14 14
15 include ::nova::deps 15 include ::nova::deps
16 include ::nova::params
16 17
17 exec { 'nova-cell_v2-map_cell_and_hosts': 18 exec { 'nova-cell_v2-map_cell_and_hosts':
18 path => ['/bin', '/usr/bin'], 19 path => ['/bin', '/usr/bin'],
19 command => "nova-manage ${extra_params} cell_v2 map_cell_and_hosts", 20 command => "nova-manage ${extra_params} cell_v2 map_cell_and_hosts",
21 user => $::nova::params::nova_user,
20 refreshonly => true, 22 refreshonly => true,
21 } 23 }
22} 24}
diff --git a/manifests/cell_v2/map_instances.pp b/manifests/cell_v2/map_instances.pp
index 435753e..7d90044 100644
--- a/manifests/cell_v2/map_instances.pp
+++ b/manifests/cell_v2/map_instances.pp
@@ -26,6 +26,7 @@ class nova::cell_v2::map_instances (
26) { 26) {
27 27
28 include ::nova::deps 28 include ::nova::deps
29 include ::nova::params
29 30
30 if (!$cell_uuid and !$cell_name) { 31 if (!$cell_uuid and !$cell_name) {
31 fail('Either cell_uuid or cell_name must be provided') 32 fail('Either cell_uuid or cell_name must be provided')
@@ -42,6 +43,7 @@ class nova::cell_v2::map_instances (
42 exec { 'nova-cell_v2-map_instances': 43 exec { 'nova-cell_v2-map_instances':
43 path => ['/bin', '/usr/bin'], 44 path => ['/bin', '/usr/bin'],
44 command => "nova-manage ${extra_params} cell_v2 map_instances --cell_uuid=${cell_uuid_real}", 45 command => "nova-manage ${extra_params} cell_v2 map_instances --cell_uuid=${cell_uuid_real}",
46 user => $::nova::params::nova_user,
45 refreshonly => true, 47 refreshonly => true,
46 } 48 }
47} 49}
diff --git a/manifests/cron/archive_deleted_rows.pp b/manifests/cron/archive_deleted_rows.pp
index 8cd3e45..3f2ce2f 100644
--- a/manifests/cron/archive_deleted_rows.pp
+++ b/manifests/cron/archive_deleted_rows.pp
@@ -43,7 +43,8 @@
43# 43#
44# [*user*] 44# [*user*]
45# (optional) User with access to nova files. 45# (optional) User with access to nova files.
46# Defaults to 'nova'. 46# nova::params::nova_user will be used if this is undef.
47# Defaults to undef.
47# 48#
48# [*destination*] 49# [*destination*]
49# (optional) Path to file to which rows should be archived 50# (optional) Path to file to which rows should be archived
@@ -60,12 +61,13 @@ class nova::cron::archive_deleted_rows (
60 $month = '*', 61 $month = '*',
61 $weekday = '*', 62 $weekday = '*',
62 $max_rows = '100', 63 $max_rows = '100',
63 $user = 'nova', 64 $user = undef,
64 $destination = '/var/log/nova/nova-rowsflush.log', 65 $destination = '/var/log/nova/nova-rowsflush.log',
65 $until_complete = false, 66 $until_complete = false,
66) { 67) {
67 68
68 include ::nova::deps 69 include ::nova::deps
70 include ::nova::params
69 71
70 if $until_complete { 72 if $until_complete {
71 $until_complete_real = '--until_complete' 73 $until_complete_real = '--until_complete'
@@ -74,7 +76,7 @@ class nova::cron::archive_deleted_rows (
74 cron { 'nova-manage db archive_deleted_rows': 76 cron { 'nova-manage db archive_deleted_rows':
75 command => "nova-manage db archive_deleted_rows --max_rows ${max_rows} ${until_complete_real} >>${destination} 2>&1", 77 command => "nova-manage db archive_deleted_rows --max_rows ${max_rows} ${until_complete_real} >>${destination} 2>&1",
76 environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', 78 environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
77 user => $user, 79 user => pick($user, $::nova::params::nova_user),
78 minute => $minute, 80 minute => $minute,
79 hour => $hour, 81 hour => $hour,
80 monthday => $monthday, 82 monthday => $monthday,
diff --git a/manifests/db/online_data_migrations.pp b/manifests/db/online_data_migrations.pp
index f1bfafc..a4db861 100644
--- a/manifests/db/online_data_migrations.pp
+++ b/manifests/db/online_data_migrations.pp
@@ -23,6 +23,7 @@ class nova::db::online_data_migrations(
23 23
24 exec { 'nova-db-online-data-migrations': 24 exec { 'nova-db-online-data-migrations':
25 command => "/usr/bin/nova-manage ${extra_params} db online_data_migrations", 25 command => "/usr/bin/nova-manage ${extra_params} db online_data_migrations",
26 user => $::nova::params::nova_user,
26 refreshonly => true, 27 refreshonly => true,
27 try_sleep => 5, 28 try_sleep => 5,
28 tries => 10, 29 tries => 10,
diff --git a/manifests/db/sync.pp b/manifests/db/sync.pp
index 668520f..94a336f 100644
--- a/manifests/db/sync.pp
+++ b/manifests/db/sync.pp
@@ -23,6 +23,7 @@ class nova::db::sync(
23 23
24 exec { 'nova-db-sync': 24 exec { 'nova-db-sync':
25 command => "/usr/bin/nova-manage ${extra_params} db sync", 25 command => "/usr/bin/nova-manage ${extra_params} db sync",
26 user => $::nova::params::nova_user,
26 refreshonly => true, 27 refreshonly => true,
27 try_sleep => 5, 28 try_sleep => 5,
28 tries => 10, 29 tries => 10,
diff --git a/manifests/db/sync_api.pp b/manifests/db/sync_api.pp
index 5f09582..b26bfa3 100644
--- a/manifests/db/sync_api.pp
+++ b/manifests/db/sync_api.pp
@@ -32,6 +32,7 @@ class nova::db::sync_api(
32 32
33 exec { 'nova-db-sync-api': 33 exec { 'nova-db-sync-api':
34 command => "/usr/bin/nova-manage ${extra_params} api_db sync", 34 command => "/usr/bin/nova-manage ${extra_params} api_db sync",
35 user => $::nova::params::nova_user,
35 refreshonly => true, 36 refreshonly => true,
36 try_sleep => 5, 37 try_sleep => 5,
37 tries => 10, 38 tries => 10,
diff --git a/manifests/logging.pp b/manifests/logging.pp
index 7d53d7a..63c88e6 100644
--- a/manifests/logging.pp
+++ b/manifests/logging.pp
@@ -110,6 +110,7 @@ class nova::logging(
110) { 110) {
111 111
112 include ::nova::deps 112 include ::nova::deps
113 include ::nova::params
113 114
114 # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function 115 # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function
115 # to use nova::<myparam> first then nova::logging::<myparam>. 116 # to use nova::<myparam> first then nova::logging::<myparam>.
@@ -123,6 +124,46 @@ class nova::logging(
123 } 124 }
124 $debug_real = pick($::nova::debug,$debug) 125 $debug_real = pick($::nova::debug,$debug)
125 126
127 if $log_dir_real != $::os_service_default {
128 # TODO: can probably remove this in Rocky once we've had it for 1 upgrade cycle
129 # Ensure ownership/permissions for any existing logfiles are correct before configuring nova
130 # This matches the rpm/deb logic:
131 # Ubuntu: /var/log/nova is nova:adm
132 # CentOS: /var/log/nova is nova:root
133 # Both: /var/log/nova/*.log is nova:nova
134 $log_dir_owner = $::nova::params::nova_user
135 $log_dir_group = $::nova::params::nova_log_group
136 $log_file_owner = $::nova::params::nova_user
137 $log_file_group = $::nova::params::nova_group
138
139 file { $log_dir_real:
140 ensure => directory,
141 owner => $log_dir_owner,
142 group => $log_dir_group,
143 require => Anchor['nova::install::end'],
144 before => Anchor['nova::config::begin']
145 }
146
147 # Can't tell File[$log_dir_real] to use a different user/group when recursing so resort to chown
148 exec { 'chown nova logfiles':
149 command => "chown ${log_file_owner}:${log_file_group} ${log_dir_real}/*.log",
150 onlyif => "test \"\$(stat -c '%U:%G' ${log_dir_real}/*.log | grep -v '${log_file_owner}:${log_file_group}')\" != ''",
151 path => ['/usr/bin', '/bin'],
152 require => File[$log_dir_real],
153 before => Anchor['nova::config::begin']
154 }
155
156 # END TODO, the following resource is likely to be necessary in Rocky and later
157
158 # This should force an update the selinux role if the logfile exists.
159 # It will be incorrect if the file was created by the dbsync exec resources.
160 file { "${log_dir_real}/nova-manage.log":
161 owner => $log_file_owner,
162 group => $log_file_group,
163 require => Anchor['nova::service::end']
164 }
165 }
166
126 oslo::log { 'nova_config': 167 oslo::log { 'nova_config':
127 debug => $debug_real, 168 debug => $debug_real,
128 use_stderr => $use_stderr_real, 169 use_stderr => $use_stderr_real,
diff --git a/manifests/params.pp b/manifests/params.pp
index c55b6f2..a7cf621 100644
--- a/manifests/params.pp
+++ b/manifests/params.pp
@@ -45,7 +45,7 @@ class nova::params {
45 # redhat specific config defaults 45 # redhat specific config defaults
46 $root_helper = 'sudo nova-rootwrap' 46 $root_helper = 'sudo nova-rootwrap'
47 $lock_path = '/var/lib/nova/tmp' 47 $lock_path = '/var/lib/nova/tmp'
48 $nova_log_group = 'nova' 48 $nova_log_group = 'root'
49 $nova_wsgi_script_path = '/var/www/cgi-bin/nova' 49 $nova_wsgi_script_path = '/var/www/cgi-bin/nova'
50 $nova_api_wsgi_script_source = '/usr/bin/nova-api-wsgi' 50 $nova_api_wsgi_script_source = '/usr/bin/nova-api-wsgi'
51 $placement_wsgi_script_source = '/usr/bin/nova-placement-api' 51 $placement_wsgi_script_source = '/usr/bin/nova-placement-api'
@@ -70,6 +70,8 @@ class nova::params {
70 $messagebus_service_name = undef 70 $messagebus_service_name = undef
71 } 71 }
72 } 72 }
73 $nova_user = 'nova'
74 $nova_group = 'nova'
73 } 75 }
74 'Debian': { 76 'Debian': {
75 # package names 77 # package names
@@ -132,6 +134,8 @@ class nova::params {
132 } 134 }
133 } 135 }
134 $libvirt_service_name = 'libvirtd' 136 $libvirt_service_name = 'libvirtd'
137 $nova_user = 'nova'
138 $nova_group = 'nova'
135 } 139 }
136 default: { 140 default: {
137 fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, \ 141 fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, \
diff --git a/releasenotes/notes/nova-manage-user-16e7145d0c10bf57.yaml b/releasenotes/notes/nova-manage-user-16e7145d0c10bf57.yaml
new file mode 100644
index 0000000..8888cf3
--- /dev/null
+++ b/releasenotes/notes/nova-manage-user-16e7145d0c10bf57.yaml
@@ -0,0 +1,17 @@
1---
2fixes:
3 - |
4 Correct permissions on the nova logfiles.
5 If the ``nova-manage`` commands (such as dbsync) were initially run as
6 root then subsequent runs as the nova user would fail as the logfile is
7 owned by root (see `bug 1671681`_).
8 The ownership of all nova logfiles is now checked before configuring
9 nova, as a similar issue could prevent a service starting, and the
10 nova-manage command is now run as the correct user.
11
12 Adds nova::params::nova_user and nova::params::nova_group.
13 nova::cron::archive_deleted_rows::user now defaults to
14 nova::params::nova_user instead of hardcoding 'nova'
15
16 .. _bug 1671681: https://bugs.launchpad.net/puppet-nova/+bug/1671681
17
diff --git a/spec/classes/nova_cell_v2_discover_hosts_spec.rb b/spec/classes/nova_cell_v2_discover_hosts_spec.rb
index 62d092c..8e74215 100644
--- a/spec/classes/nova_cell_v2_discover_hosts_spec.rb
+++ b/spec/classes/nova_cell_v2_discover_hosts_spec.rb
@@ -9,6 +9,7 @@ describe 'nova::cell_v2::discover_hosts' do
9 is_expected.to contain_exec('nova-cell_v2-discover_hosts').with( 9 is_expected.to contain_exec('nova-cell_v2-discover_hosts').with(
10 :path => ['/bin', '/usr/bin'], 10 :path => ['/bin', '/usr/bin'],
11 :command => 'nova-manage cell_v2 discover_hosts', 11 :command => 'nova-manage cell_v2 discover_hosts',
12 :user => 'nova',
12 :refreshonly => true, 13 :refreshonly => true,
13 :subscribe => 'Anchor[nova::service::end]' 14 :subscribe => 'Anchor[nova::service::end]'
14 ) 15 )
@@ -26,6 +27,7 @@ describe 'nova::cell_v2::discover_hosts' do
26 is_expected.to contain_exec('nova-cell_v2-discover_hosts').with( 27 is_expected.to contain_exec('nova-cell_v2-discover_hosts').with(
27 :path => ['/bin', '/usr/bin'], 28 :path => ['/bin', '/usr/bin'],
28 :command => 'nova-manage --config-file /etc/nova/nova.conf cell_v2 discover_hosts', 29 :command => 'nova-manage --config-file /etc/nova/nova.conf cell_v2 discover_hosts',
30 :user => 'nova',
29 :refreshonly => true, 31 :refreshonly => true,
30 :subscribe => 'Anchor[nova::service::end]' 32 :subscribe => 'Anchor[nova::service::end]'
31 ) 33 )
diff --git a/spec/classes/nova_cell_v2_map_cell0_spec.rb b/spec/classes/nova_cell_v2_map_cell0_spec.rb
index 3dfeb0a..45272bf 100644
--- a/spec/classes/nova_cell_v2_map_cell0_spec.rb
+++ b/spec/classes/nova_cell_v2_map_cell0_spec.rb
@@ -9,6 +9,7 @@ describe 'nova::cell_v2::map_cell0' do
9 is_expected.to contain_exec('nova-cell_v2-map_cell0').with( 9 is_expected.to contain_exec('nova-cell_v2-map_cell0').with(
10 :path => ['/bin', '/usr/bin'], 10 :path => ['/bin', '/usr/bin'],
11 :command => 'nova-manage cell_v2 map_cell0', 11 :command => 'nova-manage cell_v2 map_cell0',
12 :user => 'nova',
12 :refreshonly => 'true', 13 :refreshonly => 'true',
13 :logoutput => 'on_failure', 14 :logoutput => 'on_failure',
14 :subscribe => 'Anchor[nova::cell_v2::begin]', 15 :subscribe => 'Anchor[nova::cell_v2::begin]',
@@ -28,6 +29,7 @@ describe 'nova::cell_v2::map_cell0' do
28 is_expected.to contain_exec('nova-cell_v2-map_cell0').with( 29 is_expected.to contain_exec('nova-cell_v2-map_cell0').with(
29 :path => ['/bin', '/usr/bin'], 30 :path => ['/bin', '/usr/bin'],
30 :command => 'nova-manage --config-file /etc/nova/nova.conf cell_v2 map_cell0', 31 :command => 'nova-manage --config-file /etc/nova/nova.conf cell_v2 map_cell0',
32 :user => 'nova',
31 :refreshonly => 'true', 33 :refreshonly => 'true',
32 :logoutput => 'on_failure', 34 :logoutput => 'on_failure',
33 :subscribe => 'Anchor[nova::cell_v2::begin]', 35 :subscribe => 'Anchor[nova::cell_v2::begin]',
diff --git a/spec/classes/nova_cell_v2_map_cell_and_hosts_spec.rb b/spec/classes/nova_cell_v2_map_cell_and_hosts_spec.rb
index 47aa8aa..45ad565 100644
--- a/spec/classes/nova_cell_v2_map_cell_and_hosts_spec.rb
+++ b/spec/classes/nova_cell_v2_map_cell_and_hosts_spec.rb
@@ -9,6 +9,7 @@ describe 'nova::cell_v2::map_cell_and_hosts' do
9 is_expected.to contain_exec('nova-cell_v2-map_cell_and_hosts').with( 9 is_expected.to contain_exec('nova-cell_v2-map_cell_and_hosts').with(
10 :path => ['/bin', '/usr/bin'], 10 :path => ['/bin', '/usr/bin'],
11 :command => 'nova-manage cell_v2 map_cell_and_hosts', 11 :command => 'nova-manage cell_v2 map_cell_and_hosts',
12 :user => 'nova',
12 :refreshonly => true, 13 :refreshonly => true,
13 ) 14 )
14 } 15 }
@@ -25,6 +26,7 @@ describe 'nova::cell_v2::map_cell_and_hosts' do
25 is_expected.to contain_exec('nova-cell_v2-map_cell_and_hosts').with( 26 is_expected.to contain_exec('nova-cell_v2-map_cell_and_hosts').with(
26 :path => ['/bin', '/usr/bin'], 27 :path => ['/bin', '/usr/bin'],
27 :command => 'nova-manage --config-file /etc/nova/nova.conf cell_v2 map_cell_and_hosts', 28 :command => 'nova-manage --config-file /etc/nova/nova.conf cell_v2 map_cell_and_hosts',
29 :user => 'nova',
28 :refreshonly => true, 30 :refreshonly => true,
29 ) 31 )
30 } 32 }
diff --git a/spec/classes/nova_cell_v2_map_instances.rb b/spec/classes/nova_cell_v2_map_instances.rb
index 4c0c148..50b21dc 100644
--- a/spec/classes/nova_cell_v2_map_instances.rb
+++ b/spec/classes/nova_cell_v2_map_instances.rb
@@ -10,6 +10,7 @@ describe 'nova::cell_v2::map_instances' do
10 is_expected.to contain_exec('nova-cell_v2-map_instances').with( 10 is_expected.to contain_exec('nova-cell_v2-map_instances').with(
11 :path => ['/bin', '/usr/bin'], 11 :path => ['/bin', '/usr/bin'],
12 :command => 'nova-manage cell_v2 map_instances --cell_uuid=uuid', 12 :command => 'nova-manage cell_v2 map_instances --cell_uuid=uuid',
13 :user => 'nova',
13 :refreshonly => true, 14 :refreshonly => true,
14 ) 15 )
15 } 16 }
@@ -27,6 +28,7 @@ describe 'nova::cell_v2::map_instances' do
27 is_expected.to contain_exec('nova-cell_v2-map_instances').with( 28 is_expected.to contain_exec('nova-cell_v2-map_instances').with(
28 :path => ['/bin', '/usr/bin'], 29 :path => ['/bin', '/usr/bin'],
29 :command => 'nova-manage --config-file /etc/nova/nova.conf cell_v2 map_instances --cell_uuid=uuid', 30 :command => 'nova-manage --config-file /etc/nova/nova.conf cell_v2 map_instances --cell_uuid=uuid',
31 :user => 'nova',
30 :refreshonly => true, 32 :refreshonly => true,
31 ) 33 )
32 } 34 }
diff --git a/spec/classes/nova_cron_archive_deleted_rows_spec.rb b/spec/classes/nova_cron_archive_deleted_rows_spec.rb
index 0bc1217..576bf1a 100644
--- a/spec/classes/nova_cron_archive_deleted_rows_spec.rb
+++ b/spec/classes/nova_cron_archive_deleted_rows_spec.rb
@@ -22,6 +22,7 @@ describe 'nova::cron::archive_deleted_rows' do
22 it 'configures a cron without until_complete' do 22 it 'configures a cron without until_complete' do
23 is_expected.to contain_cron('nova-manage db archive_deleted_rows').with( 23 is_expected.to contain_cron('nova-manage db archive_deleted_rows').with(
24 :command => "nova-manage db archive_deleted_rows --max_rows #{params[:max_rows]} >>#{params[:destination]} 2>&1", 24 :command => "nova-manage db archive_deleted_rows --max_rows #{params[:max_rows]} >>#{params[:destination]} 2>&1",
25 :user => 'nova',
25 :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', 26 :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
26 :user => params[:user], 27 :user => params[:user],
27 :minute => params[:minute], 28 :minute => params[:minute],
@@ -44,6 +45,7 @@ describe 'nova::cron::archive_deleted_rows' do
44 it 'configures a cron with until_complete' do 45 it 'configures a cron with until_complete' do
45 is_expected.to contain_cron('nova-manage db archive_deleted_rows').with( 46 is_expected.to contain_cron('nova-manage db archive_deleted_rows').with(
46 :command => "nova-manage db archive_deleted_rows --max_rows #{params[:max_rows]} --until_complete >>#{params[:destination]} 2>&1", 47 :command => "nova-manage db archive_deleted_rows --max_rows #{params[:max_rows]} --until_complete >>#{params[:destination]} 2>&1",
48 :user => 'nova',
47 :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', 49 :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
48 :user => params[:user], 50 :user => params[:user],
49 :minute => params[:minute], 51 :minute => params[:minute],
diff --git a/spec/classes/nova_db_online_data_migrations_spec.rb b/spec/classes/nova_db_online_data_migrations_spec.rb
index 89c7f5f..b6fcbea 100644
--- a/spec/classes/nova_db_online_data_migrations_spec.rb
+++ b/spec/classes/nova_db_online_data_migrations_spec.rb
@@ -7,6 +7,7 @@ describe 'nova::db::online_data_migrations' do
7 it 'runs nova-db-sync' do 7 it 'runs nova-db-sync' do
8 is_expected.to contain_exec('nova-db-online-data-migrations').with( 8 is_expected.to contain_exec('nova-db-online-data-migrations').with(
9 :command => '/usr/bin/nova-manage db online_data_migrations', 9 :command => '/usr/bin/nova-manage db online_data_migrations',
10 :user => 'nova',
10 :refreshonly => 'true', 11 :refreshonly => 'true',
11 :try_sleep => 5, 12 :try_sleep => 5,
12 :tries => 10, 13 :tries => 10,
@@ -30,6 +31,7 @@ describe 'nova::db::online_data_migrations' do
30 it { 31 it {
31 is_expected.to contain_exec('nova-db-online-data-migrations').with( 32 is_expected.to contain_exec('nova-db-online-data-migrations').with(
32 :command => '/usr/bin/nova-manage --config-file /etc/nova/nova.conf db online_data_migrations', 33 :command => '/usr/bin/nova-manage --config-file /etc/nova/nova.conf db online_data_migrations',
34 :user => 'nova',
33 :refreshonly => 'true', 35 :refreshonly => 'true',
34 :try_sleep => 5, 36 :try_sleep => 5,
35 :tries => 10, 37 :tries => 10,
@@ -54,6 +56,7 @@ describe 'nova::db::online_data_migrations' do
54 it { 56 it {
55 is_expected.to contain_exec('nova-db-online-data-migrations').with( 57 is_expected.to contain_exec('nova-db-online-data-migrations').with(
56 :command => '/usr/bin/nova-manage db online_data_migrations', 58 :command => '/usr/bin/nova-manage db online_data_migrations',
59 :user => 'nova',
57 :refreshonly => 'true', 60 :refreshonly => 'true',
58 :try_sleep => 5, 61 :try_sleep => 5,
59 :tries => 10, 62 :tries => 10,
diff --git a/spec/classes/nova_db_sync_api_spec.rb b/spec/classes/nova_db_sync_api_spec.rb
index 3dfd801..fc2a412 100644
--- a/spec/classes/nova_db_sync_api_spec.rb
+++ b/spec/classes/nova_db_sync_api_spec.rb
@@ -7,6 +7,7 @@ describe 'nova::db::sync_api' do
7 it { 7 it {
8 is_expected.to contain_exec('nova-db-sync-api').with( 8 is_expected.to contain_exec('nova-db-sync-api').with(
9 :command => '/usr/bin/nova-manage api_db sync', 9 :command => '/usr/bin/nova-manage api_db sync',
10 :user => 'nova',
10 :refreshonly => 'true', 11 :refreshonly => 'true',
11 :timeout => 300, 12 :timeout => 300,
12 :logoutput => 'on_failure', 13 :logoutput => 'on_failure',
@@ -31,6 +32,7 @@ describe 'nova::db::sync_api' do
31 it { 32 it {
32 is_expected.to contain_exec('nova-db-sync-api').with( 33 is_expected.to contain_exec('nova-db-sync-api').with(
33 :command => '/usr/bin/nova-manage --config-file /etc/nova/nova.conf api_db sync', 34 :command => '/usr/bin/nova-manage --config-file /etc/nova/nova.conf api_db sync',
35 :user => 'nova',
34 :refreshonly => 'true', 36 :refreshonly => 'true',
35 :timeout => 300, 37 :timeout => 300,
36 :logoutput => 'on_failure', 38 :logoutput => 'on_failure',
@@ -54,6 +56,7 @@ describe 'nova::db::sync_api' do
54 it { 56 it {
55 is_expected.to contain_exec('nova-db-sync-api').with( 57 is_expected.to contain_exec('nova-db-sync-api').with(
56 :command => '/usr/bin/nova-manage api_db sync', 58 :command => '/usr/bin/nova-manage api_db sync',
59 :user => 'nova',
57 :refreshonly => 'true', 60 :refreshonly => 'true',
58 :timeout => 750, 61 :timeout => 750,
59 :logoutput => 'on_failure', 62 :logoutput => 'on_failure',
diff --git a/spec/classes/nova_db_sync_spec.rb b/spec/classes/nova_db_sync_spec.rb
index 72b3cb2..e6fb133 100644
--- a/spec/classes/nova_db_sync_spec.rb
+++ b/spec/classes/nova_db_sync_spec.rb
@@ -7,6 +7,7 @@ describe 'nova::db::sync' do
7 it 'runs nova-db-sync' do 7 it 'runs nova-db-sync' do
8 is_expected.to contain_exec('nova-db-sync').with( 8 is_expected.to contain_exec('nova-db-sync').with(
9 :command => '/usr/bin/nova-manage db sync', 9 :command => '/usr/bin/nova-manage db sync',
10 :user => 'nova',
10 :refreshonly => 'true', 11 :refreshonly => 'true',
11 :try_sleep => 5, 12 :try_sleep => 5,
12 :tries => 10, 13 :tries => 10,
@@ -30,6 +31,7 @@ describe 'nova::db::sync' do
30 it { 31 it {
31 is_expected.to contain_exec('nova-db-sync').with( 32 is_expected.to contain_exec('nova-db-sync').with(
32 :command => '/usr/bin/nova-manage --config-file /etc/nova/nova.conf db sync', 33 :command => '/usr/bin/nova-manage --config-file /etc/nova/nova.conf db sync',
34 :user => 'nova',
33 :refreshonly => 'true', 35 :refreshonly => 'true',
34 :try_sleep => 5, 36 :try_sleep => 5,
35 :tries => 10, 37 :tries => 10,
@@ -54,6 +56,7 @@ describe 'nova::db::sync' do
54 it { 56 it {
55 is_expected.to contain_exec('nova-db-sync').with( 57 is_expected.to contain_exec('nova-db-sync').with(
56 :command => '/usr/bin/nova-manage db sync', 58 :command => '/usr/bin/nova-manage db sync',
59 :user => 'nova',
57 :refreshonly => 'true', 60 :refreshonly => 'true',
58 :try_sleep => 5, 61 :try_sleep => 5,
59 :tries => 10, 62 :tries => 10,
diff --git a/spec/classes/nova_logging_spec.rb b/spec/classes/nova_logging_spec.rb
index 62f51d9..dba768b 100644
--- a/spec/classes/nova_logging_spec.rb
+++ b/spec/classes/nova_logging_spec.rb
@@ -27,7 +27,7 @@ describe 'nova::logging' do
27 :use_json => true, 27 :use_json => true,
28 :use_stderr => false, 28 :use_stderr => false,
29 :log_facility => 'LOG_FOO', 29 :log_facility => 'LOG_FOO',
30 :log_dir => '/var/log', 30 :log_dir => '/var/log/foo',
31 :debug => true, 31 :debug => true,
32 } 32 }
33 end 33 end
@@ -63,6 +63,13 @@ describe 'nova::logging' do
63 :log_dir => '/var/log/nova', 63 :log_dir => '/var/log/nova',
64 :debug => '<SERVICE DEFAULT>', 64 :debug => '<SERVICE DEFAULT>',
65 ) 65 )
66 is_expected.to contain_file('/var/log/nova').with(
67 :owner => 'nova',
68 )
69 is_expected.to contain_file('/var/log/nova/nova-manage.log').with(
70 :owner => 'nova',
71 )
72 is_expected.to contain_exec('chown nova logfiles')
66 end 73 end
67 end 74 end
68 75
@@ -73,9 +80,16 @@ describe 'nova::logging' do
73 :use_json => true, 80 :use_json => true,
74 :use_stderr => false, 81 :use_stderr => false,
75 :syslog_log_facility => 'LOG_FOO', 82 :syslog_log_facility => 'LOG_FOO',
76 :log_dir => '/var/log', 83 :log_dir => '/var/log/foo',
77 :debug => true, 84 :debug => true,
78 ) 85 )
86 is_expected.to contain_file('/var/log/foo').with(
87 :owner => 'nova',
88 )
89 is_expected.to contain_file('/var/log/foo/nova-manage.log').with(
90 :owner => 'nova',
91 )
92 is_expected.to contain_exec('chown nova logfiles')
79 end 93 end
80 end 94 end
81 95
@@ -98,6 +112,13 @@ describe 'nova::logging' do
98 :instance_uuid_format => '[instance: %(uuid)s] ', 112 :instance_uuid_format => '[instance: %(uuid)s] ',
99 :log_date_format => '%Y-%m-%d %H:%M:%S', 113 :log_date_format => '%Y-%m-%d %H:%M:%S',
100 ) 114 )
115 is_expected.to contain_file('/var/log/foo').with(
116 :owner => 'nova',
117 )
118 is_expected.to contain_file('/var/log/foo/nova-manage.log').with(
119 :owner => 'nova',
120 )
121 is_expected.to contain_exec('chown nova logfiles')
101 end 122 end
102 end 123 end
103 124