diff options
Diffstat (limited to 'spec/classes')
21 files changed, 990 insertions, 456 deletions
diff --git a/spec/classes/tripleo_certmonger_ca_local_spec.rb b/spec/classes/tripleo_certmonger_ca_local_spec.rb index 7ee9383..b6ecebc 100644 --- a/spec/classes/tripleo_certmonger_ca_local_spec.rb +++ b/spec/classes/tripleo_certmonger_ca_local_spec.rb @@ -21,6 +21,11 @@ require 'spec_helper' describe 'tripleo::certmonger::ca::local' do shared_examples_for 'tripleo::certmonger::ca::local' do + + let :pre_condition do + "include ::certmonger" + end + let :params do { :ca_pem => '/etc/pki/ca-trust/source/anchors/cm-local-ca.pem', diff --git a/spec/classes/tripleo_haproxy_spec.rb b/spec/classes/tripleo_haproxy_spec.rb new file mode 100644 index 0000000..966729a --- /dev/null +++ b/spec/classes/tripleo_haproxy_spec.rb @@ -0,0 +1,115 @@ +# Copyright 2016 Red Hat, Inc. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::haproxy' do + + shared_examples_for 'tripleo::haproxy' do + let :params do { + :controller_virtual_ip => '10.1.0.1', + :public_virtual_ip => '192.168.0.1' + } + end + + describe "default settings" do + it 'should configure haproxy' do + is_expected.to contain_haproxy__listen('mysql').with( + :options => { + 'timeout client' => "90m", + 'timeout server' => "90m", + 'maxconn' => :undef + } + ) + end + end + + describe "set clustercheck" do + before :each do + params.merge!({ + :mysql_clustercheck => true, + }) + end + + it 'should configure haproxy with clustercheck' do + is_expected.to contain_haproxy__listen('mysql').with( + :options => { + 'timeout client' => "90m", + 'timeout server' => "90m", + 'option' => ["tcpka", "httpchk"], + 'timeout client' => "90m", + 'timeout server' => "90m", + 'stick-table' => "type ip size 1000", + 'stick' => "on dst", + 'maxconn' => :undef + } + ) + end + end + + describe "override maxconn with clustercheck" do + before :each do + params.merge!({ + :mysql_clustercheck => true, + :mysql_max_conn => 6500, + }) + end + + it 'should configure haproxy' do + is_expected.to contain_haproxy__listen('mysql').with( + :options => { + 'option' => ["tcpka", "httpchk"], + 'timeout client' => "90m", + 'timeout server' => "90m", + 'stick-table' => "type ip size 1000", + 'stick' => "on dst", + 'maxconn' => 6500 + } + ) + end + end + + describe "override maxconn without clustercheck" do + before :each do + params.merge!({ + :mysql_max_conn => 6500, + }) + end + + it 'should configure haproxy' do + is_expected.to contain_haproxy__listen('mysql').with( + :options => { + 'timeout client' => "90m", + 'timeout server' => "90m", + 'maxconn' => 6500 + } + ) + end + end + + end + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ }) + end + + it_behaves_like 'tripleo::haproxy' + end + end + +end
\ No newline at end of file diff --git a/spec/classes/tripleo_host_sriov_spec.rb b/spec/classes/tripleo_host_sriov_spec.rb index 920eb9b..eb2213a 100644 --- a/spec/classes/tripleo_host_sriov_spec.rb +++ b/spec/classes/tripleo_host_sriov_spec.rb @@ -17,8 +17,8 @@ describe 'tripleo::host::sriov' do end it 'configures numvfs' do - is_expected.to contain_sriov_vf_config('eth0:4').with( :ensure => 'present' ) - is_expected.to contain_sriov_vf_config('eth1:5').with( :ensure => 'present') + is_expected.to contain_sriov_vf_config('eth0:4') + is_expected.to contain_sriov_vf_config('eth1:5') is_expected.to contain_tripleo__host__sriov__numvfs_persistence('persistent_numvfs').with( :vf_defs => ['eth0:4','eth1:5'], :content_string => "#!/bin/bash\n" diff --git a/spec/classes/tripleo_profile_base_aodh_api_spec.rb b/spec/classes/tripleo_profile_base_aodh_api_spec.rb index a82cf49..27bd735 100644 --- a/spec/classes/tripleo_profile_base_aodh_api_spec.rb +++ b/spec/classes/tripleo_profile_base_aodh_api_spec.rb @@ -33,12 +33,35 @@ describe 'tripleo::profile::base::aodh::api' do end end - context 'with step 3' do + context 'with step 3 and not bootstrap' do let(:params) { { :step => 3, } } it 'should trigger complete configuration' do + is_expected.not_to contain_class('aodh::api') + is_expected.not_to contain_class('aodh::wsgi::apache') + end + end + + context 'with step 3 and bootstrap' do + let(:params) { { + :step => 3, + :bootstrap_node => 'node.example.com' + } } + + it 'should trigger complete configuration' do + is_expected.to contain_class('aodh::api') + is_expected.to contain_class('aodh::wsgi::apache') + end + end + + context 'with step 4' do + let(:params) { { + :step => 4, + } } + + it 'should trigger complete configuration' do is_expected.to contain_class('aodh::api') is_expected.to contain_class('aodh::wsgi::apache') end diff --git a/spec/classes/tripleo_profile_base_ceilometer_api_spec.rb b/spec/classes/tripleo_profile_base_ceilometer_api_spec.rb index cec2b54..9cb657f 100644 --- a/spec/classes/tripleo_profile_base_ceilometer_api_spec.rb +++ b/spec/classes/tripleo_profile_base_ceilometer_api_spec.rb @@ -32,9 +32,32 @@ describe 'tripleo::profile::base::ceilometer::api' do end end - context 'with step 3' do + context 'with step 3 and not bootstrap' do let(:params) { { - :step => 3, + :step => 3, + } } + + it 'should trigger complete configuration' do + is_expected.not_to contain_class('ceilometer::api') + is_expected.not_to contain_class('ceilometer::wsgi::apache') + end + end + + context 'with step 3 and bootstrap' do + let(:params) { { + :step => 3, + :bootstrap_node => 'node.example.com' + } } + + it 'should trigger complete configuration' do + is_expected.to contain_class('ceilometer::api') + is_expected.to contain_class('ceilometer::wsgi::apache') + end + end + + context 'with step 4' do + let(:params) { { + :step => 4, } } it 'should trigger complete configuration' do diff --git a/spec/classes/tripleo_profile_base_cinder_veritas_hyperscale_spec.rb b/spec/classes/tripleo_profile_base_cinder_veritas_hyperscale_spec.rb new file mode 100644 index 0000000..63c1147 --- /dev/null +++ b/spec/classes/tripleo_profile_base_cinder_veritas_hyperscale_spec.rb @@ -0,0 +1,57 @@ +# +# Copyright (c) 2017 Veritas Technologies LLC. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::cinder::volume::veritas_hyperscale' do + shared_examples_for 'tripleo::profile::base::cinder::volume::veritas_hyperscale' do + before :each do + facts.merge!({ :step => params[:step] }) + end + + context 'with step less than 4' do + let(:params) { { :step => 3 } } + + it 'should do nothing' do + is_expected.to contain_class('tripleo::profile::base::cinder::volume::veritas_hyperscale') + is_expected.to contain_class('tripleo::profile::base::cinder::volume') + is_expected.to contain_class('tripleo::profile::base::cinder') + is_expected.to_not contain_cinder__backend__veritas_hyperscale('Veritas_HyperScale') + end + end + + context 'with step 4' do + let(:params) { { + :step => 4, + } } + + it 'should trigger complete configuration' do + is_expected.to contain_cinder__backend__veritas_hyperscale('Veritas_HyperScale') + end + end + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::cinder::volume::veritas_hyperscale' + end + end +end diff --git a/spec/classes/tripleo_profile_base_cinder_volume_spec.rb b/spec/classes/tripleo_profile_base_cinder_volume_spec.rb index aa3dd89..03f5325 100644 --- a/spec/classes/tripleo_profile_base_cinder_volume_spec.rb +++ b/spec/classes/tripleo_profile_base_cinder_volume_spec.rb @@ -132,6 +132,25 @@ describe 'tripleo::profile::base::cinder::volume' do end end + context 'with only veritas hyperscale' do + before :each do + params.merge!({ + :cinder_enable_vrts_hs_backend => true, + :cinder_enable_iscsi_backend => false, + }) + end + it 'should configure only veritas hyperscale' do + is_expected.to contain_class('tripleo::profile::base::cinder::volume::veritas_hyperscale') + is_expected.to_not contain_class('tripleo::profile::base::cinder::volume::iscsi') + is_expected.to contain_class('tripleo::profile::base::cinder::volume') + is_expected.to contain_class('tripleo::profile::base::cinder') + is_expected.to contain_class('cinder::volume') + is_expected.to contain_class('cinder::backends').with( + :enabled_backends => ['Veritas_HyperScale'] + ) + end + end + context 'with only nfs' do before :each do params.merge!({ @@ -183,6 +202,7 @@ describe 'tripleo::profile::base::cinder::volume' do is_expected.to_not contain_class('tripleo::profile::base::cinder::volume::dellsc') is_expected.to_not contain_class('tripleo::profile::base::cinder::volume::dellps') is_expected.to_not contain_class('tripleo::profile::base::cinder::volume::netapp') + is_expected.to_not contain_class('tripleo::profile::base::cinder::volume::veritas_hyperscale') is_expected.to_not contain_class('tripleo::profile::base::cinder::volume::nfs') is_expected.to_not contain_class('tripleo::profile::base::cinder::volume::rbd') is_expected.to contain_class('tripleo::profile::base::cinder::volume') @@ -197,13 +217,14 @@ describe 'tripleo::profile::base::cinder::volume' do context 'with all tripleo backends' do before :each do params.merge!({ - :cinder_enable_nfs_backend => true, - :cinder_enable_rbd_backend => true, - :cinder_enable_iscsi_backend => true, - :cinder_enable_pure_backend => true, - :cinder_enable_dellsc_backend => true, - :cinder_enable_dellps_backend => true, - :cinder_enable_netapp_backend => true, + :cinder_enable_nfs_backend => true, + :cinder_enable_rbd_backend => true, + :cinder_enable_iscsi_backend => true, + :cinder_enable_pure_backend => true, + :cinder_enable_dellsc_backend => true, + :cinder_enable_dellps_backend => true, + :cinder_enable_netapp_backend => true, + :cinder_enable_vrts_hs_backend => true, }) end it 'should configure all backends' do @@ -212,6 +233,7 @@ describe 'tripleo::profile::base::cinder::volume' do is_expected.to contain_class('tripleo::profile::base::cinder::volume::dellsc') is_expected.to contain_class('tripleo::profile::base::cinder::volume::dellps') is_expected.to contain_class('tripleo::profile::base::cinder::volume::netapp') + is_expected.to contain_class('tripleo::profile::base::cinder::volume::veritas_hyperscale') is_expected.to contain_class('tripleo::profile::base::cinder::volume::nfs') is_expected.to contain_class('tripleo::profile::base::cinder::volume::rbd') is_expected.to contain_class('tripleo::profile::base::cinder::volume') @@ -219,7 +241,7 @@ describe 'tripleo::profile::base::cinder::volume' do is_expected.to contain_class('cinder::volume') is_expected.to contain_class('cinder::backends').with( :enabled_backends => ['tripleo_iscsi', 'tripleo_ceph', 'tripleo_pure', 'tripleo_dellps', - 'tripleo_dellsc', 'tripleo_netapp','tripleo_nfs'] + 'tripleo_dellsc', 'tripleo_netapp','tripleo_nfs','Veritas_HyperScale'] ) end end diff --git a/spec/classes/tripleo_profile_base_docker_spec.rb b/spec/classes/tripleo_profile_base_docker_spec.rb index bb21055..dc5efa7 100644 --- a/spec/classes/tripleo_profile_base_docker_spec.rb +++ b/spec/classes/tripleo_profile_base_docker_spec.rb @@ -27,8 +27,7 @@ describe 'tripleo::profile::base::docker' do it { is_expected.to contain_package('docker') } it { is_expected.to contain_service('docker') } it { - is_expected.to contain_augeas('docker-sysconfig').with_changes([ - 'rm INSECURE_REGISTRY', + is_expected.to contain_augeas('docker-sysconfig-options').with_changes([ "set OPTIONS '\"--log-driver=journald --signature-verification=false\"'", ]) } @@ -45,9 +44,8 @@ describe 'tripleo::profile::base::docker' do it { is_expected.to contain_package('docker') } it { is_expected.to contain_service('docker') } it { - is_expected.to contain_augeas('docker-sysconfig').with_changes([ + is_expected.to contain_augeas('docker-sysconfig-registry').with_changes([ "set INSECURE_REGISTRY '\"--insecure-registry foo:8787\"'", - "set OPTIONS '\"--log-driver=journald --signature-verification=false\"'", ]) } end @@ -85,8 +83,7 @@ describe 'tripleo::profile::base::docker' do it { is_expected.to contain_package('docker') } it { is_expected.to contain_service('docker') } it { - is_expected.to contain_augeas('docker-sysconfig').with_changes([ - "rm INSECURE_REGISTRY", + is_expected.to contain_augeas('docker-sysconfig-options').with_changes([ "set OPTIONS '\"--log-driver=syslog\"'", ]) } diff --git a/spec/classes/tripleo_profile_base_horizon_spec.rb b/spec/classes/tripleo_profile_base_horizon_spec.rb index fb076b8..d8a672b 100644 --- a/spec/classes/tripleo_profile_base_horizon_spec.rb +++ b/spec/classes/tripleo_profile_base_horizon_spec.rb @@ -31,11 +31,37 @@ describe 'tripleo::profile::base::horizon' do end end - context 'with step 3' do + context 'with step 3 and not bootstrap' do let(:params) { { :step => 3, } } + it 'should not configure anything' do + is_expected.to_not contain_class('horizon') + is_expected.to_not contain_class('apache::mod::remoteip') + is_expected.to_not contain_class('apache::mod::status') + end + end + + context 'with step 3 and bootstrap' do + let(:params) { { + :step => 3, + :bootstrap_node => 'node.example.com' + } } + + it 'should trigger complete configuration' do + is_expected.to contain_class('horizon') + is_expected.to contain_class('apache::mod::remoteip') + is_expected.to contain_class('apache::mod::status') + end + end + + context 'with step 4' do + let(:params) { { + :step => 3, + :bootstrap_node => 'node.example.com' + } } + it 'should trigger complete configuration' do is_expected.to contain_class('horizon') is_expected.to contain_class('apache::mod::remoteip') diff --git a/spec/classes/tripleo_profile_base_iscsid_spec.rb b/spec/classes/tripleo_profile_base_iscsid_spec.rb new file mode 100644 index 0000000..04f3c2c --- /dev/null +++ b/spec/classes/tripleo_profile_base_iscsid_spec.rb @@ -0,0 +1,42 @@ +# +# Copyright (C) 2017 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::iscsid' do + shared_examples_for 'tripleo::profile::base::iscsid' do + context 'default params' do + let(:params) { { :step => 2, } } + + it { + is_expected.to contain_package('iscsi-initiator-utils') + is_expected.to contain_exec('reset-iscsi-initiator-name') + is_expected.to contain_file('/etc/iscsi/.initiator_reset') + } + end + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::iscsid' + end + end +end diff --git a/spec/classes/tripleo_profile_base_kernel_spec.rb b/spec/classes/tripleo_profile_base_kernel_spec.rb new file mode 100644 index 0000000..4c2aab2 --- /dev/null +++ b/spec/classes/tripleo_profile_base_kernel_spec.rb @@ -0,0 +1,59 @@ +# +# Copyright (C) 2017 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::kernel' do + + shared_examples_for 'tripleo::profile::base::kernel' do + context 'with kernel modules' do + let :params do + { + :module_list => { + 'nf_conntrack' => {}, + } + } + end + + it 'should load kernel module' do + is_expected.to contain_kmod__load('nf_conntrack') + end + end + context 'with sysctl settings' do + let :params do + { + :sysctl_settings => { + 'net.ipv4.tcp_keepalive_intvl' => { 'value' => '1'}, + } + } + end + + it 'should load kernel module' do + is_expected.to contain_sysctl__value('net.ipv4.tcp_keepalive_intvl') + end + end + end + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts + } + + it_behaves_like 'tripleo::profile::base::kernel' + end + end +end diff --git a/spec/classes/tripleo_profile_base_lvm_spec.rb b/spec/classes/tripleo_profile_base_lvm_spec.rb new file mode 100644 index 0000000..ac0031f --- /dev/null +++ b/spec/classes/tripleo_profile_base_lvm_spec.rb @@ -0,0 +1,53 @@ +# coding: utf-8 +# +# Copyright (C) 2017 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::lvm' do + + shared_examples_for 'tripleo::profile::base::lvm' do + + context 'with default params' do + it 'should enable udev_sync and udev_rules' do + is_expected.to contain_augeas('udev options in lvm.conf') + .with_changes(["set udev_sync/int 1", + "set udev_rules/int 1"]) + end + end + + context 'with enable_udev false' do + let(:params) { { :enable_udev => false } } + + it 'should disable udev_sync and udev_rules' do + is_expected.to contain_augeas('udev options in lvm.conf') + .with_changes(["set udev_sync/int 0", + "set udev_rules/int 0"]) + end + end + end + + + on_supported_os.each do |os, facts| + context 'on #{os}' do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + + it_behaves_like 'tripleo::profile::base::lvm' + end + end +end diff --git a/spec/classes/tripleo_profile_base_nova_authtoken_spec.rb b/spec/classes/tripleo_profile_base_nova_authtoken_spec.rb index f910729..0a87bf4 100644 --- a/spec/classes/tripleo_profile_base_nova_authtoken_spec.rb +++ b/spec/classes/tripleo_profile_base_nova_authtoken_spec.rb @@ -32,6 +32,7 @@ describe 'tripleo::profile::base::nova::authtoken' do context 'with step 3' do let(:params) { { :step => 3, + :memcached_ips => '127.0.0.1', } } it { @@ -44,7 +45,7 @@ describe 'tripleo::profile::base::nova::authtoken' do context 'with step 3 with ipv6' do let(:params) { { :step => 3, - :use_ipv6 => true, + :memcached_ips => '::1', } } it { diff --git a/spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb b/spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb index 32482a9..db9e77e 100644 --- a/spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb +++ b/spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb @@ -41,6 +41,12 @@ describe 'tripleo::profile::base::nova::compute::libvirt' do class { '::tripleo::profile::base::nova::compute': step => #{params[:step]}, } + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::tripleo::profile::base::nova::migration::client': + step => #{params[:step]} + } eos end diff --git a/spec/classes/tripleo_profile_base_nova_compute_spec.rb b/spec/classes/tripleo_profile_base_nova_compute_spec.rb index 545a1fa..b3959c4 100644 --- a/spec/classes/tripleo_profile_base_nova_compute_spec.rb +++ b/spec/classes/tripleo_profile_base_nova_compute_spec.rb @@ -27,9 +27,6 @@ describe 'tripleo::profile::base::nova::compute' do is_expected.to_not contain_class('tripleo::profile::base::nova') is_expected.to_not contain_class('nova::compute') is_expected.to_not contain_class('nova::network::neutron') - is_expected.to_not contain_package('iscsi-initiator-utils') - is_expected.to_not contain_exec('reset-iscsi-initiator-name') - is_expected.to_not contain_file('/etc/iscsi/.initiator_reset') } end @@ -40,6 +37,12 @@ describe 'tripleo::profile::base::nova::compute' do step => #{params[:step]}, oslomsg_rpc_hosts => [ '127.0.0.1' ], } + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::tripleo::profile::base::nova::migration::client': + step => #{params[:step]} + } eos end @@ -52,9 +55,6 @@ eos is_expected.to contain_class('tripleo::profile::base::nova') is_expected.to contain_class('nova::compute') is_expected.to contain_class('nova::network::neutron') - is_expected.to contain_package('iscsi-initiator-utils') - is_expected.to contain_exec('reset-iscsi-initiator-name') - is_expected.to contain_file('/etc/iscsi/.initiator_reset') is_expected.to_not contain_package('nfs-utils') } end @@ -68,9 +68,6 @@ eos is_expected.to contain_class('tripleo::profile::base::nova') is_expected.to contain_class('nova::compute') is_expected.to contain_class('nova::network::neutron') - is_expected.to contain_package('iscsi-initiator-utils') - is_expected.to contain_exec('reset-iscsi-initiator-name') - is_expected.to contain_file('/etc/iscsi/.initiator_reset') is_expected.to contain_package('nfs-utils') } end diff --git a/spec/classes/tripleo_profile_base_nova_libvirt_spec.rb b/spec/classes/tripleo_profile_base_nova_libvirt_spec.rb index 36a6110..d9a06b2 100644 --- a/spec/classes/tripleo_profile_base_nova_libvirt_spec.rb +++ b/spec/classes/tripleo_profile_base_nova_libvirt_spec.rb @@ -39,6 +39,12 @@ describe 'tripleo::profile::base::nova::libvirt' do step => #{params[:step]}, oslomsg_rpc_hosts => [ '127.0.0.1' ], } + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::tripleo::profile::base::nova::migration::client': + step => #{params[:step]} + } eos end diff --git a/spec/classes/tripleo_profile_base_nova_migration_client_spec.rb b/spec/classes/tripleo_profile_base_nova_migration_client_spec.rb new file mode 100644 index 0000000..91294dd --- /dev/null +++ b/spec/classes/tripleo_profile_base_nova_migration_client_spec.rb @@ -0,0 +1,188 @@ +# +# Copyright (C) 2017 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::nova::migration::client' do + shared_examples_for 'tripleo::profile::base::nova::migration::client' do + + context 'with step 4' do + let(:pre_condition) { + <<-eos + include ::nova::compute::libvirt::services + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } +eos + } + let(:params) { { + :step => 4, + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::migration') + is_expected.to contain_class('nova::migration::libvirt').with( + :transport => 'ssh', + :configure_libvirt => false, + :configure_nova => false + ) + is_expected.to contain_file('/etc/nova/migration/identity').with( + :content => '# Migration over SSH disabled by TripleO', + :mode => '0600', + :owner => 'nova', + :group => 'nova', + ) + } + end + + context 'with step 4 with libvirt' do + let(:pre_condition) { + <<-eos + include ::nova::compute::libvirt::services + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } +eos + } + let(:params) { { + :step => 4, + :libvirt_enabled => true, + :nova_compute_enabled => true, + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::migration') + is_expected.to contain_class('nova::migration::libvirt').with( + :transport => 'ssh', + :configure_libvirt => params[:libvirt_enabled], + :configure_nova => params[:nova_compute_enabled] + ) + is_expected.to contain_file('/etc/nova/migration/identity').with( + :content => '# Migration over SSH disabled by TripleO', + :mode => '0600', + :owner => 'nova', + :group => 'nova', + ) + } + end + + context 'with step 4 with libvirt TLS' do + let(:pre_condition) { + <<-eos + include ::nova::compute::libvirt::services + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } +eos + } + let(:params) { { + :step => 4, + :libvirt_enabled => true, + :nova_compute_enabled => true, + :libvirt_tls => true, + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::migration') + is_expected.to contain_class('nova::migration::libvirt').with( + :transport => 'tls', + :configure_libvirt => params[:libvirt_enabled], + :configure_nova => params[:nova_compute_enabled], + ) + is_expected.to contain_file('/etc/nova/migration/identity').with( + :content => '# Migration over SSH disabled by TripleO', + :mode => '0600', + :owner => 'nova', + :group => 'nova', + ) + } + end + + context 'with step 4 with libvirt and migration ssh key' do + let(:pre_condition) { + <<-eos + include ::nova::compute::libvirt::services + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } +eos + } + let(:params) { { + :step => 4, + :libvirt_enabled => true, + :nova_compute_enabled => true, + :ssh_private_key => 'foo' + } } + + it { + is_expected.to contain_class('nova::migration::libvirt').with( + :transport => 'ssh', + :configure_libvirt => params[:libvirt_enabled], + :configure_nova => params[:nova_compute_enabled] + ) + is_expected.to contain_file('/etc/nova/migration/identity').with( + :content => 'foo', + :mode => '0600', + :owner => 'nova', + :group => 'nova', + ) + } + end + + context 'with step 4 with libvirt TLS and migration ssh key' do + let(:pre_condition) { + <<-eos + include ::nova::compute::libvirt::services + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } +eos + } + let(:params) { { + :step => 4, + :libvirt_enabled => true, + :nova_compute_enabled => true, + :libvirt_tls => true, + :ssh_private_key => 'foo' + } } + + it { + is_expected.to contain_class('nova::migration::libvirt').with( + :transport => 'tls', + :configure_libvirt => params[:libvirt_enabled], + :configure_nova => params[:nova_compute_enabled] + ) + is_expected.to contain_file('/etc/nova/migration/identity').with( + :content => 'foo', + :mode => '0600', + :owner => 'nova', + :group => 'nova', + ) + } + end + + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + it_behaves_like 'tripleo::profile::base::nova::migration::client' + end + end +end diff --git a/spec/classes/tripleo_profile_base_nova_migration_spec.rb b/spec/classes/tripleo_profile_base_nova_migration_spec.rb new file mode 100644 index 0000000..86c790e --- /dev/null +++ b/spec/classes/tripleo_profile_base_nova_migration_spec.rb @@ -0,0 +1,40 @@ +# +# Copyright (C) 2017 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::nova::migration' do + shared_examples_for 'tripleo::profile::base::nova::migration' do + + context 'with step 3' do + let(:params) { { + :step => 3, + } } + + it { + is_expected.to contain_package('openstack-nova-migration') + } + end + + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + it_behaves_like 'tripleo::profile::base::nova::migration' + end + end +end diff --git a/spec/classes/tripleo_profile_base_nova_migration_target_spec.rb b/spec/classes/tripleo_profile_base_nova_migration_target_spec.rb new file mode 100644 index 0000000..a14b89a --- /dev/null +++ b/spec/classes/tripleo_profile_base_nova_migration_target_spec.rb @@ -0,0 +1,283 @@ +# +# Copyright (C) 2017 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::nova::migration::target' do + shared_examples_for 'tripleo::profile::base::nova::migration::target' do + + context 'with step 4 without authorized_keys' do + let(:pre_condition) { + <<-eos + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::ssh::server': + storeconfigs_enabled => false, + options => {} + } +eos + } + let(:params) { { + :step => 4, + :services_enabled => ['docker', 'nova_migration_target'] + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::migration') + is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( + :content => '# Migration over SSH disabled by TripleO', + :mode => '0640', + :owner => 'root', + :group => 'nova_migration', + ) + is_expected.to contain_user('nova_migration').with( + :shell => '/sbin/nologin' + ) + } + end + + context 'with step 4 without nova_migration_target service enabled' do + let(:pre_condition) { + <<-eos + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::ssh::server': + storeconfigs_enabled => false, + options => {} + } +eos + } + let(:params) { { + :step => 4, + :ssh_authorized_keys => ['bar', 'baz'], + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::migration') + is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( + :content => '# Migration over SSH disabled by TripleO', + :mode => '0640', + :owner => 'root', + :group => 'nova_migration', + ) + is_expected.to contain_user('nova_migration').with( + :shell => '/sbin/nologin' + ) + } + end + + context 'with step 4 with invalid ssh_authorized_keys' do + let(:pre_condition) { + <<-eos + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::ssh::server': + storeconfigs_enabled => false, + options => {} + } +eos + } + let(:params) { { + :step => 4, + :ssh_authorized_keys => 'ssh-rsa bar', + } } + + it { is_expected.to_not compile } + end + + context 'with step 4 with nova_migration_target services enabled' do + let(:pre_condition) { + <<-eos + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::ssh::server': + storeconfigs_enabled => false, + options => {} + } +eos + } + let(:params) { { + :step => 4, + :ssh_authorized_keys => ['ssh-rsa bar', 'ssh-rsa baz'], + :services_enabled => ['docker', 'nova_migration_target'] + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::migration') + is_expected.to contain_ssh__server__match_block('nova_migration allow').with( + :type => 'User', + :name => 'nova_migration', + :options => { + 'ForceCommand' => '/bin/nova-migration-wrapper', + 'PasswordAuthentication' => 'no', + 'AllowTcpForwarding' => 'no', + 'X11Forwarding' => 'no', + 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys' + } + ) + is_expected.to_not contain_ssh__server__match_block('nova_migration deny') + is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( + :content => 'ssh-rsa bar\nssh-rsa baz', + :mode => '0640', + :owner => 'root', + :group => 'nova_migration', + ) + is_expected.to contain_user('nova_migration').with( + :shell => '/bin/bash' + ) + } + end + + context 'with step 4 with ssh_localaddrs' do + let(:pre_condition) { + <<-eos + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::ssh::server': + storeconfigs_enabled => false, + options => {} + } +eos + } + let(:params) { { + :step => 4, + :ssh_authorized_keys => ['ssh-rsa bar', 'ssh-rsa baz'], + :services_enabled => ['docker', 'nova_migration_target'], + :ssh_localaddrs => ['127.0.0.1', '127.0.0.2'] + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::migration') + is_expected.to contain_ssh__server__match_block('nova_migration allow').with( + :type => 'LocalAddress 127.0.0.1,127.0.0.2 User', + :name => 'nova_migration', + :options => { + 'ForceCommand' => '/bin/nova-migration-wrapper', + 'PasswordAuthentication' => 'no', + 'AllowTcpForwarding' => 'no', + 'X11Forwarding' => 'no', + 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys' + } + ) + is_expected.to contain_ssh__server__match_block('nova_migration deny').with( + :type => 'LocalAddress', + :name => '!127.0.0.1,!127.0.0.2', + :options => { + 'DenyUsers' => 'nova_migration' + } + ) + is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( + :content => 'ssh-rsa bar\nssh-rsa baz', + :mode => '0640', + :owner => 'root', + :group => 'nova_migration', + ) + is_expected.to contain_user('nova_migration').with( + :shell => '/bin/bash' + ) + } + end + + context 'with step 4 with duplicate ssh_localaddrs' do + let(:pre_condition) { + <<-eos + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::ssh::server': + storeconfigs_enabled => false, + options => {} + } +eos + } + let(:params) { { + :step => 4, + :ssh_authorized_keys => ['ssh-rsa bar', 'ssh-rsa baz'], + :services_enabled => ['docker', 'nova_migration_target'], + :ssh_localaddrs => ['127.0.0.1', '127.0.0.1'] + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::migration') + is_expected.to contain_ssh__server__match_block('nova_migration allow').with( + :type => 'LocalAddress 127.0.0.1 User', + :name => 'nova_migration', + :options => { + 'ForceCommand' => '/bin/nova-migration-wrapper', + 'PasswordAuthentication' => 'no', + 'AllowTcpForwarding' => 'no', + 'X11Forwarding' => 'no', + 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys' + } + ) + is_expected.to contain_ssh__server__match_block('nova_migration deny').with( + :type => 'LocalAddress', + :name => '!127.0.0.1', + :options => { + 'DenyUsers' => 'nova_migration' + } + ) + is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( + :content => 'ssh-rsa bar\nssh-rsa baz', + :mode => '0640', + :owner => 'root', + :group => 'nova_migration', + ) + is_expected.to contain_user('nova_migration').with( + :shell => '/bin/bash' + ) + } + end + + context 'with step 4 with invalid ssh_localaddrs' do + let(:pre_condition) { + <<-eos + class { '::tripleo::profile::base::nova::migration': + step => #{params[:step]} + } + class { '::ssh::server': + storeconfigs_enabled => false, + options => {} + } +eos + } + let(:params) { { + :step => 4, + :ssh_authorized_keys => ['ssh-rsa bar', 'ssh-rsa baz'], + :services_enabled => ['docker', 'nova_migration_target'], + :ssh_localaddrs => ['127.0.0.1', ''] + } } + + it { is_expected.to_not compile } + end + + end + + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) do + facts.merge({ :hostname => 'node.example.com' }) + end + it_behaves_like 'tripleo::profile::base::nova::migration::target' + end + end +end
\ No newline at end of file diff --git a/spec/classes/tripleo_profile_base_nova_placement_spec.rb b/spec/classes/tripleo_profile_base_nova_placement_spec.rb index 04e032a..574489e 100644 --- a/spec/classes/tripleo_profile_base_nova_placement_spec.rb +++ b/spec/classes/tripleo_profile_base_nova_placement_spec.rb @@ -67,8 +67,7 @@ eos } end - - context 'with step 3' do + context 'with step 3 and not bootstrap' do let(:params) { { :step => 3, } } @@ -77,15 +76,30 @@ eos is_expected.to contain_class('tripleo::profile::base::nova::placement') is_expected.to contain_class('tripleo::profile::base::nova') is_expected.to contain_class('nova::keystone::authtoken') + is_expected.not_to contain_class('nova::wsgi::apache_placement') + } + end + + context 'with step 3 and bootstrap' do + let(:params) { { + :step => 3, + :bootstrap_node => 'node.example.com' + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::placement') + is_expected.to contain_class('tripleo::profile::base::nova') + is_expected.to contain_class('nova::keystone::authtoken') is_expected.to contain_class('nova::wsgi::apache_placement') } end - context 'with step 3 with enable_internal_tls and skip generate certs' do + context 'with step 3 and bootstrap with enable_internal_tls and skip generate certs' do let(:params) { { :step => 3, :enable_internal_tls => true, :nova_placement_network => 'bar', + :bootstrap_node => 'node.example.com', :certificates_specs => { 'httpd-bar' => { 'hostname' => 'foo', diff --git a/spec/classes/tripleo_profile_base_nova_spec.rb b/spec/classes/tripleo_profile_base_nova_spec.rb index a7f1cce..c6878c6 100644 --- a/spec/classes/tripleo_profile_base_nova_spec.rb +++ b/spec/classes/tripleo_profile_base_nova_spec.rb @@ -100,429 +100,6 @@ describe 'tripleo::profile::base::nova' do } end - context 'with step 4 with libvirt' do - let(:pre_condition) { - 'include ::nova::compute::libvirt::services' - } - let(:params) { { - :step => 4, - :libvirt_enabled => true, - :manage_migration => true, - :nova_compute_enabled => true, - :bootstrap_node => 'node.example.com', - :oslomsg_rpc_hosts => [ 'localhost' ], - :oslomsg_rpc_password => 'foo', - } } - - it { - is_expected.to contain_class('tripleo::profile::base::nova') - is_expected.to contain_class('nova').with( - :default_transport_url => /.+/, - :notification_transport_url => /.+/, - :nova_public_key => nil, - :nova_private_key => nil, - ) - is_expected.to contain_class('nova::config') - is_expected.to contain_class('nova::placement') - is_expected.to contain_class('nova::cache') - is_expected.to contain_class('nova::migration::libvirt').with( - :transport => 'ssh', - :configure_libvirt => params[:libvirt_enabled], - :configure_nova => params[:nova_compute_enabled] - ) - is_expected.to contain_package('openstack-nova-migration').with( - :ensure => 'present' - ) - is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( - :content => '# Migration over SSH disabled by TripleO', - :mode => '0640', - :owner => 'root', - :group => 'nova_migration', - ) - is_expected.to contain_file('/etc/nova/migration/identity').with( - :content => '# Migration over SSH disabled by TripleO', - :mode => '0600', - :owner => 'nova', - :group => 'nova', - ) - is_expected.to contain_user('nova_migration').with( - :shell => '/sbin/nologin' - ) - } - end - - context 'with step 4 with libvirt TLS' do - let(:pre_condition) { - 'include ::nova::compute::libvirt::services' - } - let(:params) { { - :step => 4, - :libvirt_enabled => true, - :manage_migration => true, - :nova_compute_enabled => true, - :bootstrap_node => 'node.example.com', - :oslomsg_rpc_hosts => [ 'localhost' ], - :oslomsg_rpc_password => 'foo', - :libvirt_tls => true, - } } - - it { - is_expected.to contain_class('tripleo::profile::base::nova') - is_expected.to contain_class('nova').with( - :default_transport_url => /.+/, - :notification_transport_url => /.+/, - :nova_public_key => nil, - :nova_private_key => nil, - ) - is_expected.to contain_class('nova::config') - is_expected.to contain_class('nova::placement') - is_expected.to contain_class('nova::cache') - is_expected.to contain_class('nova::migration::libvirt').with( - :transport => 'tls', - :configure_libvirt => params[:libvirt_enabled], - :configure_nova => params[:nova_compute_enabled], - ) - is_expected.to contain_package('openstack-nova-migration').with( - :ensure => 'present' - ) - is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( - :content => '# Migration over SSH disabled by TripleO', - :mode => '0640', - :owner => 'root', - :group => 'nova_migration', - ) - is_expected.to contain_file('/etc/nova/migration/identity').with( - :content => '# Migration over SSH disabled by TripleO', - :mode => '0600', - :owner => 'nova', - :group => 'nova', - ) - is_expected.to contain_user('nova_migration').with( - :shell => '/sbin/nologin' - ) - } - end - - context 'with step 4 with libvirt and migration ssh key' do - let(:pre_condition) do - <<-eof - include ::nova::compute::libvirt::services - class { '::ssh::server': - storeconfigs_enabled => false, - options => {} - } - eof - end - let(:params) { { - :step => 4, - :libvirt_enabled => true, - :manage_migration => true, - :nova_compute_enabled => true, - :bootstrap_node => 'node.example.com', - :oslomsg_rpc_hosts => [ 'localhost' ], - :oslomsg_rpc_password => 'foo', - :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'} - } } - - it { - is_expected.to contain_class('tripleo::profile::base::nova') - is_expected.to contain_class('nova').with( - :default_transport_url => /.+/, - :notification_transport_url => /.+/, - :nova_public_key => nil, - :nova_private_key => nil, - ) - is_expected.to contain_class('nova::config') - is_expected.to contain_class('nova::placement') - is_expected.to contain_class('nova::cache') - is_expected.to contain_class('nova::migration::libvirt').with( - :transport => 'ssh', - :configure_libvirt => params[:libvirt_enabled], - :configure_nova => params[:nova_compute_enabled] - ) - is_expected.to contain_ssh__server__match_block('nova_migration allow').with( - :type => 'User', - :name => 'nova_migration', - :options => { - 'ForceCommand' => '/bin/nova-migration-wrapper', - 'PasswordAuthentication' => 'no', - 'AllowTcpForwarding' => 'no', - 'X11Forwarding' => 'no', - 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys' - } - ) - is_expected.to_not contain_ssh__server__match_block('nova_migration deny') - is_expected.to contain_package('openstack-nova-migration').with( - :ensure => 'present' - ) - is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( - :content => 'ssh-rsa bar', - :mode => '0640', - :owner => 'root', - :group => 'nova_migration', - ) - is_expected.to contain_file('/etc/nova/migration/identity').with( - :content => 'foo', - :mode => '0600', - :owner => 'nova', - :group => 'nova', - ) - is_expected.to contain_user('nova_migration').with( - :shell => '/bin/bash' - ) - } - end - - context 'with step 4 with libvirt and migration ssh key and migration_ssh_localaddrs' do - let(:pre_condition) do - <<-eof - include ::nova::compute::libvirt::services - class { '::ssh::server': - storeconfigs_enabled => false, - options => {} - } - eof - end - let(:params) { { - :step => 4, - :libvirt_enabled => true, - :manage_migration => true, - :nova_compute_enabled => true, - :bootstrap_node => 'node.example.com', - :oslomsg_rpc_hosts => [ 'localhost' ], - :oslomsg_rpc_password => 'foo', - :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'}, - :migration_ssh_localaddrs => ['127.0.0.1', '127.0.0.2'] - } } - - it { - is_expected.to contain_class('tripleo::profile::base::nova') - is_expected.to contain_class('nova').with( - :default_transport_url => /.+/, - :notification_transport_url => /.+/, - :nova_public_key => nil, - :nova_private_key => nil, - ) - is_expected.to contain_class('nova::config') - is_expected.to contain_class('nova::placement') - is_expected.to contain_class('nova::cache') - is_expected.to contain_class('nova::migration::libvirt').with( - :transport => 'ssh', - :configure_libvirt => params[:libvirt_enabled], - :configure_nova => params[:nova_compute_enabled] - ) - is_expected.to contain_ssh__server__match_block('nova_migration allow').with( - :type => 'LocalAddress 127.0.0.1,127.0.0.2 User', - :name => 'nova_migration', - :options => { - 'ForceCommand' => '/bin/nova-migration-wrapper', - 'PasswordAuthentication' => 'no', - 'AllowTcpForwarding' => 'no', - 'X11Forwarding' => 'no', - 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys' - } - ) - is_expected.to contain_ssh__server__match_block('nova_migration deny').with( - :type => 'LocalAddress', - :name => '!127.0.0.1,!127.0.0.2', - :options => { - 'DenyUsers' => 'nova_migration' - } - ) - is_expected.to contain_package('openstack-nova-migration').with( - :ensure => 'present' - ) - is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( - :content => 'ssh-rsa bar', - :mode => '0640', - :owner => 'root', - :group => 'nova_migration', - ) - is_expected.to contain_file('/etc/nova/migration/identity').with( - :content => 'foo', - :mode => '0600', - :owner => 'nova', - :group => 'nova', - ) - is_expected.to contain_user('nova_migration').with( - :shell => '/bin/bash' - ) - } - end - - context 'with step 4 with libvirt and migration ssh key and invalid migration_ssh_localaddrs' do - let(:pre_condition) do - <<-eof - include ::nova::compute::libvirt::services - class { '::ssh::server': - storeconfigs_enabled => false, - options => {} - } - eof - end - let(:params) { { - :step => 4, - :libvirt_enabled => true, - :manage_migration => true, - :nova_compute_enabled => true, - :bootstrap_node => 'node.example.com', - :oslomsg_rpc_hosts => [ 'localhost' ], - :oslomsg_rpc_password => 'foo', - :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'}, - :migration_ssh_localaddrs => ['127.0.0.1', ''] - } } - - it { is_expected.to_not compile } - end - - context 'with step 4 with libvirt and migration ssh key and duplicate migration_ssh_localaddrs' do - let(:pre_condition) do - <<-eof - include ::nova::compute::libvirt::services - class { '::ssh::server': - storeconfigs_enabled => false, - options => {} - } - eof - end - let(:params) { { - :step => 4, - :libvirt_enabled => true, - :manage_migration => true, - :nova_compute_enabled => true, - :bootstrap_node => 'node.example.com', - :oslomsg_rpc_hosts => [ 'localhost' ], - :oslomsg_rpc_password => 'foo', - :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'}, - :migration_ssh_localaddrs => ['127.0.0.1', '127.0.0.1'] - } } - - it { - is_expected.to contain_class('tripleo::profile::base::nova') - is_expected.to contain_class('nova').with( - :default_transport_url => /.+/, - :notification_transport_url => /.+/, - :nova_public_key => nil, - :nova_private_key => nil, - ) - is_expected.to contain_class('nova::config') - is_expected.to contain_class('nova::placement') - is_expected.to contain_class('nova::cache') - is_expected.to contain_class('nova::migration::libvirt').with( - :transport => 'ssh', - :configure_libvirt => params[:libvirt_enabled], - :configure_nova => params[:nova_compute_enabled] - ) - is_expected.to contain_ssh__server__match_block('nova_migration allow').with( - :type => 'LocalAddress 127.0.0.1 User', - :name => 'nova_migration', - :options => { - 'ForceCommand' => '/bin/nova-migration-wrapper', - 'PasswordAuthentication' => 'no', - 'AllowTcpForwarding' => 'no', - 'X11Forwarding' => 'no', - 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys' - } - ) - is_expected.to contain_ssh__server__match_block('nova_migration deny').with( - :type => 'LocalAddress', - :name => '!127.0.0.1', - :options => { - 'DenyUsers' => 'nova_migration' - } - ) - is_expected.to contain_package('openstack-nova-migration').with( - :ensure => 'present' - ) - is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( - :content => 'ssh-rsa bar', - :mode => '0640', - :owner => 'root', - :group => 'nova_migration', - ) - is_expected.to contain_file('/etc/nova/migration/identity').with( - :content => 'foo', - :mode => '0600', - :owner => 'nova', - :group => 'nova', - ) - is_expected.to contain_user('nova_migration').with( - :shell => '/bin/bash' - ) - } - end - - context 'with step 4 with libvirt TLS and migration ssh key' do - let(:pre_condition) do - <<-eof - include ::nova::compute::libvirt::services - class { '::ssh::server': - storeconfigs_enabled => false, - options => {} - } - eof - end - let(:params) { { - :step => 4, - :libvirt_enabled => true, - :manage_migration => true, - :nova_compute_enabled => true, - :bootstrap_node => 'node.example.com', - :oslomsg_rpc_hosts => [ 'localhost' ], - :oslomsg_rpc_password => 'foo', - :libvirt_tls => true, - :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'} - } } - - it { - is_expected.to contain_class('tripleo::profile::base::nova') - is_expected.to contain_class('nova').with( - :default_transport_url => /.+/, - :notification_transport_url => /.+/, - :nova_public_key => nil, - :nova_private_key => nil, - ) - is_expected.to contain_class('nova::config') - is_expected.to contain_class('nova::placement') - is_expected.to contain_class('nova::cache') - is_expected.to contain_class('nova::migration::libvirt').with( - :transport => 'tls', - :configure_libvirt => params[:libvirt_enabled], - :configure_nova => params[:nova_compute_enabled] - ) - is_expected.to contain_ssh__server__match_block('nova_migration allow').with( - :type => 'User', - :name => 'nova_migration', - :options => { - 'ForceCommand' => '/bin/nova-migration-wrapper', - 'PasswordAuthentication' => 'no', - 'AllowTcpForwarding' => 'no', - 'X11Forwarding' => 'no', - 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys' - } - ) - is_expected.to_not contain_ssh__server__match_block('nova_migration deny') - is_expected.to contain_package('openstack-nova-migration').with( - :ensure => 'present' - ) - is_expected.to contain_file('/etc/nova/migration/authorized_keys').with( - :content => 'ssh-rsa bar', - :mode => '0640', - :owner => 'root', - :group => 'nova_migration', - ) - is_expected.to contain_file('/etc/nova/migration/identity').with( - :content => 'foo', - :mode => '0600', - :owner => 'nova', - :group => 'nova', - ) - is_expected.to contain_user('nova_migration').with( - :shell => '/bin/bash' - ) - } - end - end |