aboutsummaryrefslogtreecommitdiffstats
path: root/spec/classes
diff options
context:
space:
mode:
Diffstat (limited to 'spec/classes')
-rw-r--r--spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb6
-rw-r--r--spec/classes/tripleo_profile_base_nova_compute_spec.rb6
-rw-r--r--spec/classes/tripleo_profile_base_nova_libvirt_spec.rb6
-rw-r--r--spec/classes/tripleo_profile_base_nova_migration_client_spec.rb188
-rw-r--r--spec/classes/tripleo_profile_base_nova_migration_spec.rb40
-rw-r--r--spec/classes/tripleo_profile_base_nova_migration_target_spec.rb283
-rw-r--r--spec/classes/tripleo_profile_base_nova_spec.rb423
7 files changed, 529 insertions, 423 deletions
diff --git a/spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb b/spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb
index 32482a9..db9e77e 100644
--- a/spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb
+++ b/spec/classes/tripleo_profile_base_nova_compute_libvirt_spec.rb
@@ -41,6 +41,12 @@ describe 'tripleo::profile::base::nova::compute::libvirt' do
class { '::tripleo::profile::base::nova::compute':
step => #{params[:step]},
}
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::tripleo::profile::base::nova::migration::client':
+ step => #{params[:step]}
+ }
eos
end
diff --git a/spec/classes/tripleo_profile_base_nova_compute_spec.rb b/spec/classes/tripleo_profile_base_nova_compute_spec.rb
index 545a1fa..9082075 100644
--- a/spec/classes/tripleo_profile_base_nova_compute_spec.rb
+++ b/spec/classes/tripleo_profile_base_nova_compute_spec.rb
@@ -40,6 +40,12 @@ describe 'tripleo::profile::base::nova::compute' do
step => #{params[:step]},
oslomsg_rpc_hosts => [ '127.0.0.1' ],
}
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::tripleo::profile::base::nova::migration::client':
+ step => #{params[:step]}
+ }
eos
end
diff --git a/spec/classes/tripleo_profile_base_nova_libvirt_spec.rb b/spec/classes/tripleo_profile_base_nova_libvirt_spec.rb
index 36a6110..d9a06b2 100644
--- a/spec/classes/tripleo_profile_base_nova_libvirt_spec.rb
+++ b/spec/classes/tripleo_profile_base_nova_libvirt_spec.rb
@@ -39,6 +39,12 @@ describe 'tripleo::profile::base::nova::libvirt' do
step => #{params[:step]},
oslomsg_rpc_hosts => [ '127.0.0.1' ],
}
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::tripleo::profile::base::nova::migration::client':
+ step => #{params[:step]}
+ }
eos
end
diff --git a/spec/classes/tripleo_profile_base_nova_migration_client_spec.rb b/spec/classes/tripleo_profile_base_nova_migration_client_spec.rb
new file mode 100644
index 0000000..91294dd
--- /dev/null
+++ b/spec/classes/tripleo_profile_base_nova_migration_client_spec.rb
@@ -0,0 +1,188 @@
+#
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::nova::migration::client' do
+ shared_examples_for 'tripleo::profile::base::nova::migration::client' do
+
+ context 'with step 4' do
+ let(:pre_condition) {
+ <<-eos
+ include ::nova::compute::libvirt::services
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ } }
+
+ it {
+ is_expected.to contain_class('tripleo::profile::base::nova::migration')
+ is_expected.to contain_class('nova::migration::libvirt').with(
+ :transport => 'ssh',
+ :configure_libvirt => false,
+ :configure_nova => false
+ )
+ is_expected.to contain_file('/etc/nova/migration/identity').with(
+ :content => '# Migration over SSH disabled by TripleO',
+ :mode => '0600',
+ :owner => 'nova',
+ :group => 'nova',
+ )
+ }
+ end
+
+ context 'with step 4 with libvirt' do
+ let(:pre_condition) {
+ <<-eos
+ include ::nova::compute::libvirt::services
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :libvirt_enabled => true,
+ :nova_compute_enabled => true,
+ } }
+
+ it {
+ is_expected.to contain_class('tripleo::profile::base::nova::migration')
+ is_expected.to contain_class('nova::migration::libvirt').with(
+ :transport => 'ssh',
+ :configure_libvirt => params[:libvirt_enabled],
+ :configure_nova => params[:nova_compute_enabled]
+ )
+ is_expected.to contain_file('/etc/nova/migration/identity').with(
+ :content => '# Migration over SSH disabled by TripleO',
+ :mode => '0600',
+ :owner => 'nova',
+ :group => 'nova',
+ )
+ }
+ end
+
+ context 'with step 4 with libvirt TLS' do
+ let(:pre_condition) {
+ <<-eos
+ include ::nova::compute::libvirt::services
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :libvirt_enabled => true,
+ :nova_compute_enabled => true,
+ :libvirt_tls => true,
+ } }
+
+ it {
+ is_expected.to contain_class('tripleo::profile::base::nova::migration')
+ is_expected.to contain_class('nova::migration::libvirt').with(
+ :transport => 'tls',
+ :configure_libvirt => params[:libvirt_enabled],
+ :configure_nova => params[:nova_compute_enabled],
+ )
+ is_expected.to contain_file('/etc/nova/migration/identity').with(
+ :content => '# Migration over SSH disabled by TripleO',
+ :mode => '0600',
+ :owner => 'nova',
+ :group => 'nova',
+ )
+ }
+ end
+
+ context 'with step 4 with libvirt and migration ssh key' do
+ let(:pre_condition) {
+ <<-eos
+ include ::nova::compute::libvirt::services
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :libvirt_enabled => true,
+ :nova_compute_enabled => true,
+ :ssh_private_key => 'foo'
+ } }
+
+ it {
+ is_expected.to contain_class('nova::migration::libvirt').with(
+ :transport => 'ssh',
+ :configure_libvirt => params[:libvirt_enabled],
+ :configure_nova => params[:nova_compute_enabled]
+ )
+ is_expected.to contain_file('/etc/nova/migration/identity').with(
+ :content => 'foo',
+ :mode => '0600',
+ :owner => 'nova',
+ :group => 'nova',
+ )
+ }
+ end
+
+ context 'with step 4 with libvirt TLS and migration ssh key' do
+ let(:pre_condition) {
+ <<-eos
+ include ::nova::compute::libvirt::services
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :libvirt_enabled => true,
+ :nova_compute_enabled => true,
+ :libvirt_tls => true,
+ :ssh_private_key => 'foo'
+ } }
+
+ it {
+ is_expected.to contain_class('nova::migration::libvirt').with(
+ :transport => 'tls',
+ :configure_libvirt => params[:libvirt_enabled],
+ :configure_nova => params[:nova_compute_enabled]
+ )
+ is_expected.to contain_file('/etc/nova/migration/identity').with(
+ :content => 'foo',
+ :mode => '0600',
+ :owner => 'nova',
+ :group => 'nova',
+ )
+ }
+ end
+
+ end
+
+
+ on_supported_os.each do |os, facts|
+ context "on #{os}" do
+ let(:facts) do
+ facts.merge({ :hostname => 'node.example.com' })
+ end
+ it_behaves_like 'tripleo::profile::base::nova::migration::client'
+ end
+ end
+end
diff --git a/spec/classes/tripleo_profile_base_nova_migration_spec.rb b/spec/classes/tripleo_profile_base_nova_migration_spec.rb
new file mode 100644
index 0000000..86c790e
--- /dev/null
+++ b/spec/classes/tripleo_profile_base_nova_migration_spec.rb
@@ -0,0 +1,40 @@
+#
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::nova::migration' do
+ shared_examples_for 'tripleo::profile::base::nova::migration' do
+
+ context 'with step 3' do
+ let(:params) { {
+ :step => 3,
+ } }
+
+ it {
+ is_expected.to contain_package('openstack-nova-migration')
+ }
+ end
+
+ end
+
+
+ on_supported_os.each do |os, facts|
+ context "on #{os}" do
+ it_behaves_like 'tripleo::profile::base::nova::migration'
+ end
+ end
+end
diff --git a/spec/classes/tripleo_profile_base_nova_migration_target_spec.rb b/spec/classes/tripleo_profile_base_nova_migration_target_spec.rb
new file mode 100644
index 0000000..a14b89a
--- /dev/null
+++ b/spec/classes/tripleo_profile_base_nova_migration_target_spec.rb
@@ -0,0 +1,283 @@
+#
+# Copyright (C) 2017 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+
+require 'spec_helper'
+
+describe 'tripleo::profile::base::nova::migration::target' do
+ shared_examples_for 'tripleo::profile::base::nova::migration::target' do
+
+ context 'with step 4 without authorized_keys' do
+ let(:pre_condition) {
+ <<-eos
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::ssh::server':
+ storeconfigs_enabled => false,
+ options => {}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :services_enabled => ['docker', 'nova_migration_target']
+ } }
+
+ it {
+ is_expected.to contain_class('tripleo::profile::base::nova::migration')
+ is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
+ :content => '# Migration over SSH disabled by TripleO',
+ :mode => '0640',
+ :owner => 'root',
+ :group => 'nova_migration',
+ )
+ is_expected.to contain_user('nova_migration').with(
+ :shell => '/sbin/nologin'
+ )
+ }
+ end
+
+ context 'with step 4 without nova_migration_target service enabled' do
+ let(:pre_condition) {
+ <<-eos
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::ssh::server':
+ storeconfigs_enabled => false,
+ options => {}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :ssh_authorized_keys => ['bar', 'baz'],
+ } }
+
+ it {
+ is_expected.to contain_class('tripleo::profile::base::nova::migration')
+ is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
+ :content => '# Migration over SSH disabled by TripleO',
+ :mode => '0640',
+ :owner => 'root',
+ :group => 'nova_migration',
+ )
+ is_expected.to contain_user('nova_migration').with(
+ :shell => '/sbin/nologin'
+ )
+ }
+ end
+
+ context 'with step 4 with invalid ssh_authorized_keys' do
+ let(:pre_condition) {
+ <<-eos
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::ssh::server':
+ storeconfigs_enabled => false,
+ options => {}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :ssh_authorized_keys => 'ssh-rsa bar',
+ } }
+
+ it { is_expected.to_not compile }
+ end
+
+ context 'with step 4 with nova_migration_target services enabled' do
+ let(:pre_condition) {
+ <<-eos
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::ssh::server':
+ storeconfigs_enabled => false,
+ options => {}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :ssh_authorized_keys => ['ssh-rsa bar', 'ssh-rsa baz'],
+ :services_enabled => ['docker', 'nova_migration_target']
+ } }
+
+ it {
+ is_expected.to contain_class('tripleo::profile::base::nova::migration')
+ is_expected.to contain_ssh__server__match_block('nova_migration allow').with(
+ :type => 'User',
+ :name => 'nova_migration',
+ :options => {
+ 'ForceCommand' => '/bin/nova-migration-wrapper',
+ 'PasswordAuthentication' => 'no',
+ 'AllowTcpForwarding' => 'no',
+ 'X11Forwarding' => 'no',
+ 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys'
+ }
+ )
+ is_expected.to_not contain_ssh__server__match_block('nova_migration deny')
+ is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
+ :content => 'ssh-rsa bar\nssh-rsa baz',
+ :mode => '0640',
+ :owner => 'root',
+ :group => 'nova_migration',
+ )
+ is_expected.to contain_user('nova_migration').with(
+ :shell => '/bin/bash'
+ )
+ }
+ end
+
+ context 'with step 4 with ssh_localaddrs' do
+ let(:pre_condition) {
+ <<-eos
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::ssh::server':
+ storeconfigs_enabled => false,
+ options => {}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :ssh_authorized_keys => ['ssh-rsa bar', 'ssh-rsa baz'],
+ :services_enabled => ['docker', 'nova_migration_target'],
+ :ssh_localaddrs => ['127.0.0.1', '127.0.0.2']
+ } }
+
+ it {
+ is_expected.to contain_class('tripleo::profile::base::nova::migration')
+ is_expected.to contain_ssh__server__match_block('nova_migration allow').with(
+ :type => 'LocalAddress 127.0.0.1,127.0.0.2 User',
+ :name => 'nova_migration',
+ :options => {
+ 'ForceCommand' => '/bin/nova-migration-wrapper',
+ 'PasswordAuthentication' => 'no',
+ 'AllowTcpForwarding' => 'no',
+ 'X11Forwarding' => 'no',
+ 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys'
+ }
+ )
+ is_expected.to contain_ssh__server__match_block('nova_migration deny').with(
+ :type => 'LocalAddress',
+ :name => '!127.0.0.1,!127.0.0.2',
+ :options => {
+ 'DenyUsers' => 'nova_migration'
+ }
+ )
+ is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
+ :content => 'ssh-rsa bar\nssh-rsa baz',
+ :mode => '0640',
+ :owner => 'root',
+ :group => 'nova_migration',
+ )
+ is_expected.to contain_user('nova_migration').with(
+ :shell => '/bin/bash'
+ )
+ }
+ end
+
+ context 'with step 4 with duplicate ssh_localaddrs' do
+ let(:pre_condition) {
+ <<-eos
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::ssh::server':
+ storeconfigs_enabled => false,
+ options => {}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :ssh_authorized_keys => ['ssh-rsa bar', 'ssh-rsa baz'],
+ :services_enabled => ['docker', 'nova_migration_target'],
+ :ssh_localaddrs => ['127.0.0.1', '127.0.0.1']
+ } }
+
+ it {
+ is_expected.to contain_class('tripleo::profile::base::nova::migration')
+ is_expected.to contain_ssh__server__match_block('nova_migration allow').with(
+ :type => 'LocalAddress 127.0.0.1 User',
+ :name => 'nova_migration',
+ :options => {
+ 'ForceCommand' => '/bin/nova-migration-wrapper',
+ 'PasswordAuthentication' => 'no',
+ 'AllowTcpForwarding' => 'no',
+ 'X11Forwarding' => 'no',
+ 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys'
+ }
+ )
+ is_expected.to contain_ssh__server__match_block('nova_migration deny').with(
+ :type => 'LocalAddress',
+ :name => '!127.0.0.1',
+ :options => {
+ 'DenyUsers' => 'nova_migration'
+ }
+ )
+ is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
+ :content => 'ssh-rsa bar\nssh-rsa baz',
+ :mode => '0640',
+ :owner => 'root',
+ :group => 'nova_migration',
+ )
+ is_expected.to contain_user('nova_migration').with(
+ :shell => '/bin/bash'
+ )
+ }
+ end
+
+ context 'with step 4 with invalid ssh_localaddrs' do
+ let(:pre_condition) {
+ <<-eos
+ class { '::tripleo::profile::base::nova::migration':
+ step => #{params[:step]}
+ }
+ class { '::ssh::server':
+ storeconfigs_enabled => false,
+ options => {}
+ }
+eos
+ }
+ let(:params) { {
+ :step => 4,
+ :ssh_authorized_keys => ['ssh-rsa bar', 'ssh-rsa baz'],
+ :services_enabled => ['docker', 'nova_migration_target'],
+ :ssh_localaddrs => ['127.0.0.1', '']
+ } }
+
+ it { is_expected.to_not compile }
+ end
+
+ end
+
+
+ on_supported_os.each do |os, facts|
+ context "on #{os}" do
+ let(:facts) do
+ facts.merge({ :hostname => 'node.example.com' })
+ end
+ it_behaves_like 'tripleo::profile::base::nova::migration::target'
+ end
+ end
+end \ No newline at end of file
diff --git a/spec/classes/tripleo_profile_base_nova_spec.rb b/spec/classes/tripleo_profile_base_nova_spec.rb
index a7f1cce..c6878c6 100644
--- a/spec/classes/tripleo_profile_base_nova_spec.rb
+++ b/spec/classes/tripleo_profile_base_nova_spec.rb
@@ -100,429 +100,6 @@ describe 'tripleo::profile::base::nova' do
}
end
- context 'with step 4 with libvirt' do
- let(:pre_condition) {
- 'include ::nova::compute::libvirt::services'
- }
- let(:params) { {
- :step => 4,
- :libvirt_enabled => true,
- :manage_migration => true,
- :nova_compute_enabled => true,
- :bootstrap_node => 'node.example.com',
- :oslomsg_rpc_hosts => [ 'localhost' ],
- :oslomsg_rpc_password => 'foo',
- } }
-
- it {
- is_expected.to contain_class('tripleo::profile::base::nova')
- is_expected.to contain_class('nova').with(
- :default_transport_url => /.+/,
- :notification_transport_url => /.+/,
- :nova_public_key => nil,
- :nova_private_key => nil,
- )
- is_expected.to contain_class('nova::config')
- is_expected.to contain_class('nova::placement')
- is_expected.to contain_class('nova::cache')
- is_expected.to contain_class('nova::migration::libvirt').with(
- :transport => 'ssh',
- :configure_libvirt => params[:libvirt_enabled],
- :configure_nova => params[:nova_compute_enabled]
- )
- is_expected.to contain_package('openstack-nova-migration').with(
- :ensure => 'present'
- )
- is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
- :content => '# Migration over SSH disabled by TripleO',
- :mode => '0640',
- :owner => 'root',
- :group => 'nova_migration',
- )
- is_expected.to contain_file('/etc/nova/migration/identity').with(
- :content => '# Migration over SSH disabled by TripleO',
- :mode => '0600',
- :owner => 'nova',
- :group => 'nova',
- )
- is_expected.to contain_user('nova_migration').with(
- :shell => '/sbin/nologin'
- )
- }
- end
-
- context 'with step 4 with libvirt TLS' do
- let(:pre_condition) {
- 'include ::nova::compute::libvirt::services'
- }
- let(:params) { {
- :step => 4,
- :libvirt_enabled => true,
- :manage_migration => true,
- :nova_compute_enabled => true,
- :bootstrap_node => 'node.example.com',
- :oslomsg_rpc_hosts => [ 'localhost' ],
- :oslomsg_rpc_password => 'foo',
- :libvirt_tls => true,
- } }
-
- it {
- is_expected.to contain_class('tripleo::profile::base::nova')
- is_expected.to contain_class('nova').with(
- :default_transport_url => /.+/,
- :notification_transport_url => /.+/,
- :nova_public_key => nil,
- :nova_private_key => nil,
- )
- is_expected.to contain_class('nova::config')
- is_expected.to contain_class('nova::placement')
- is_expected.to contain_class('nova::cache')
- is_expected.to contain_class('nova::migration::libvirt').with(
- :transport => 'tls',
- :configure_libvirt => params[:libvirt_enabled],
- :configure_nova => params[:nova_compute_enabled],
- )
- is_expected.to contain_package('openstack-nova-migration').with(
- :ensure => 'present'
- )
- is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
- :content => '# Migration over SSH disabled by TripleO',
- :mode => '0640',
- :owner => 'root',
- :group => 'nova_migration',
- )
- is_expected.to contain_file('/etc/nova/migration/identity').with(
- :content => '# Migration over SSH disabled by TripleO',
- :mode => '0600',
- :owner => 'nova',
- :group => 'nova',
- )
- is_expected.to contain_user('nova_migration').with(
- :shell => '/sbin/nologin'
- )
- }
- end
-
- context 'with step 4 with libvirt and migration ssh key' do
- let(:pre_condition) do
- <<-eof
- include ::nova::compute::libvirt::services
- class { '::ssh::server':
- storeconfigs_enabled => false,
- options => {}
- }
- eof
- end
- let(:params) { {
- :step => 4,
- :libvirt_enabled => true,
- :manage_migration => true,
- :nova_compute_enabled => true,
- :bootstrap_node => 'node.example.com',
- :oslomsg_rpc_hosts => [ 'localhost' ],
- :oslomsg_rpc_password => 'foo',
- :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'}
- } }
-
- it {
- is_expected.to contain_class('tripleo::profile::base::nova')
- is_expected.to contain_class('nova').with(
- :default_transport_url => /.+/,
- :notification_transport_url => /.+/,
- :nova_public_key => nil,
- :nova_private_key => nil,
- )
- is_expected.to contain_class('nova::config')
- is_expected.to contain_class('nova::placement')
- is_expected.to contain_class('nova::cache')
- is_expected.to contain_class('nova::migration::libvirt').with(
- :transport => 'ssh',
- :configure_libvirt => params[:libvirt_enabled],
- :configure_nova => params[:nova_compute_enabled]
- )
- is_expected.to contain_ssh__server__match_block('nova_migration allow').with(
- :type => 'User',
- :name => 'nova_migration',
- :options => {
- 'ForceCommand' => '/bin/nova-migration-wrapper',
- 'PasswordAuthentication' => 'no',
- 'AllowTcpForwarding' => 'no',
- 'X11Forwarding' => 'no',
- 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys'
- }
- )
- is_expected.to_not contain_ssh__server__match_block('nova_migration deny')
- is_expected.to contain_package('openstack-nova-migration').with(
- :ensure => 'present'
- )
- is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
- :content => 'ssh-rsa bar',
- :mode => '0640',
- :owner => 'root',
- :group => 'nova_migration',
- )
- is_expected.to contain_file('/etc/nova/migration/identity').with(
- :content => 'foo',
- :mode => '0600',
- :owner => 'nova',
- :group => 'nova',
- )
- is_expected.to contain_user('nova_migration').with(
- :shell => '/bin/bash'
- )
- }
- end
-
- context 'with step 4 with libvirt and migration ssh key and migration_ssh_localaddrs' do
- let(:pre_condition) do
- <<-eof
- include ::nova::compute::libvirt::services
- class { '::ssh::server':
- storeconfigs_enabled => false,
- options => {}
- }
- eof
- end
- let(:params) { {
- :step => 4,
- :libvirt_enabled => true,
- :manage_migration => true,
- :nova_compute_enabled => true,
- :bootstrap_node => 'node.example.com',
- :oslomsg_rpc_hosts => [ 'localhost' ],
- :oslomsg_rpc_password => 'foo',
- :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'},
- :migration_ssh_localaddrs => ['127.0.0.1', '127.0.0.2']
- } }
-
- it {
- is_expected.to contain_class('tripleo::profile::base::nova')
- is_expected.to contain_class('nova').with(
- :default_transport_url => /.+/,
- :notification_transport_url => /.+/,
- :nova_public_key => nil,
- :nova_private_key => nil,
- )
- is_expected.to contain_class('nova::config')
- is_expected.to contain_class('nova::placement')
- is_expected.to contain_class('nova::cache')
- is_expected.to contain_class('nova::migration::libvirt').with(
- :transport => 'ssh',
- :configure_libvirt => params[:libvirt_enabled],
- :configure_nova => params[:nova_compute_enabled]
- )
- is_expected.to contain_ssh__server__match_block('nova_migration allow').with(
- :type => 'LocalAddress 127.0.0.1,127.0.0.2 User',
- :name => 'nova_migration',
- :options => {
- 'ForceCommand' => '/bin/nova-migration-wrapper',
- 'PasswordAuthentication' => 'no',
- 'AllowTcpForwarding' => 'no',
- 'X11Forwarding' => 'no',
- 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys'
- }
- )
- is_expected.to contain_ssh__server__match_block('nova_migration deny').with(
- :type => 'LocalAddress',
- :name => '!127.0.0.1,!127.0.0.2',
- :options => {
- 'DenyUsers' => 'nova_migration'
- }
- )
- is_expected.to contain_package('openstack-nova-migration').with(
- :ensure => 'present'
- )
- is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
- :content => 'ssh-rsa bar',
- :mode => '0640',
- :owner => 'root',
- :group => 'nova_migration',
- )
- is_expected.to contain_file('/etc/nova/migration/identity').with(
- :content => 'foo',
- :mode => '0600',
- :owner => 'nova',
- :group => 'nova',
- )
- is_expected.to contain_user('nova_migration').with(
- :shell => '/bin/bash'
- )
- }
- end
-
- context 'with step 4 with libvirt and migration ssh key and invalid migration_ssh_localaddrs' do
- let(:pre_condition) do
- <<-eof
- include ::nova::compute::libvirt::services
- class { '::ssh::server':
- storeconfigs_enabled => false,
- options => {}
- }
- eof
- end
- let(:params) { {
- :step => 4,
- :libvirt_enabled => true,
- :manage_migration => true,
- :nova_compute_enabled => true,
- :bootstrap_node => 'node.example.com',
- :oslomsg_rpc_hosts => [ 'localhost' ],
- :oslomsg_rpc_password => 'foo',
- :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'},
- :migration_ssh_localaddrs => ['127.0.0.1', '']
- } }
-
- it { is_expected.to_not compile }
- end
-
- context 'with step 4 with libvirt and migration ssh key and duplicate migration_ssh_localaddrs' do
- let(:pre_condition) do
- <<-eof
- include ::nova::compute::libvirt::services
- class { '::ssh::server':
- storeconfigs_enabled => false,
- options => {}
- }
- eof
- end
- let(:params) { {
- :step => 4,
- :libvirt_enabled => true,
- :manage_migration => true,
- :nova_compute_enabled => true,
- :bootstrap_node => 'node.example.com',
- :oslomsg_rpc_hosts => [ 'localhost' ],
- :oslomsg_rpc_password => 'foo',
- :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'},
- :migration_ssh_localaddrs => ['127.0.0.1', '127.0.0.1']
- } }
-
- it {
- is_expected.to contain_class('tripleo::profile::base::nova')
- is_expected.to contain_class('nova').with(
- :default_transport_url => /.+/,
- :notification_transport_url => /.+/,
- :nova_public_key => nil,
- :nova_private_key => nil,
- )
- is_expected.to contain_class('nova::config')
- is_expected.to contain_class('nova::placement')
- is_expected.to contain_class('nova::cache')
- is_expected.to contain_class('nova::migration::libvirt').with(
- :transport => 'ssh',
- :configure_libvirt => params[:libvirt_enabled],
- :configure_nova => params[:nova_compute_enabled]
- )
- is_expected.to contain_ssh__server__match_block('nova_migration allow').with(
- :type => 'LocalAddress 127.0.0.1 User',
- :name => 'nova_migration',
- :options => {
- 'ForceCommand' => '/bin/nova-migration-wrapper',
- 'PasswordAuthentication' => 'no',
- 'AllowTcpForwarding' => 'no',
- 'X11Forwarding' => 'no',
- 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys'
- }
- )
- is_expected.to contain_ssh__server__match_block('nova_migration deny').with(
- :type => 'LocalAddress',
- :name => '!127.0.0.1',
- :options => {
- 'DenyUsers' => 'nova_migration'
- }
- )
- is_expected.to contain_package('openstack-nova-migration').with(
- :ensure => 'present'
- )
- is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
- :content => 'ssh-rsa bar',
- :mode => '0640',
- :owner => 'root',
- :group => 'nova_migration',
- )
- is_expected.to contain_file('/etc/nova/migration/identity').with(
- :content => 'foo',
- :mode => '0600',
- :owner => 'nova',
- :group => 'nova',
- )
- is_expected.to contain_user('nova_migration').with(
- :shell => '/bin/bash'
- )
- }
- end
-
- context 'with step 4 with libvirt TLS and migration ssh key' do
- let(:pre_condition) do
- <<-eof
- include ::nova::compute::libvirt::services
- class { '::ssh::server':
- storeconfigs_enabled => false,
- options => {}
- }
- eof
- end
- let(:params) { {
- :step => 4,
- :libvirt_enabled => true,
- :manage_migration => true,
- :nova_compute_enabled => true,
- :bootstrap_node => 'node.example.com',
- :oslomsg_rpc_hosts => [ 'localhost' ],
- :oslomsg_rpc_password => 'foo',
- :libvirt_tls => true,
- :migration_ssh_key => { 'private_key' => 'foo', 'public_key' => 'ssh-rsa bar'}
- } }
-
- it {
- is_expected.to contain_class('tripleo::profile::base::nova')
- is_expected.to contain_class('nova').with(
- :default_transport_url => /.+/,
- :notification_transport_url => /.+/,
- :nova_public_key => nil,
- :nova_private_key => nil,
- )
- is_expected.to contain_class('nova::config')
- is_expected.to contain_class('nova::placement')
- is_expected.to contain_class('nova::cache')
- is_expected.to contain_class('nova::migration::libvirt').with(
- :transport => 'tls',
- :configure_libvirt => params[:libvirt_enabled],
- :configure_nova => params[:nova_compute_enabled]
- )
- is_expected.to contain_ssh__server__match_block('nova_migration allow').with(
- :type => 'User',
- :name => 'nova_migration',
- :options => {
- 'ForceCommand' => '/bin/nova-migration-wrapper',
- 'PasswordAuthentication' => 'no',
- 'AllowTcpForwarding' => 'no',
- 'X11Forwarding' => 'no',
- 'AuthorizedKeysFile' => '/etc/nova/migration/authorized_keys'
- }
- )
- is_expected.to_not contain_ssh__server__match_block('nova_migration deny')
- is_expected.to contain_package('openstack-nova-migration').with(
- :ensure => 'present'
- )
- is_expected.to contain_file('/etc/nova/migration/authorized_keys').with(
- :content => 'ssh-rsa bar',
- :mode => '0640',
- :owner => 'root',
- :group => 'nova_migration',
- )
- is_expected.to contain_file('/etc/nova/migration/identity').with(
- :content => 'foo',
- :mode => '0600',
- :owner => 'nova',
- :group => 'nova',
- )
- is_expected.to contain_user('nova_migration').with(
- :shell => '/bin/bash'
- )
- }
- end
-
end