From 87652700db4532030360ad251e2a75484708bb26 Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Fri, 3 Feb 2017 15:53:20 -0500 Subject: nova/api: more cleanup - transform nova_api_wsgi_enabled in a parameter - update rspec tests - fix TLS to run at step 1 Change-Id: I4d3f9c92f0717ae8c3bc8d71065fab281de82008 --- manifests/profile/base/nova/api.pp | 40 +++++++++++++--------- spec/classes/tripleo_profile_base_nova_api_spec.rb | 40 ++++++++++++++++------ 2 files changed, 53 insertions(+), 27 deletions(-) diff --git a/manifests/profile/base/nova/api.pp b/manifests/profile/base/nova/api.pp index b039506..f925fe7 100644 --- a/manifests/profile/base/nova/api.pp +++ b/manifests/profile/base/nova/api.pp @@ -49,6 +49,11 @@ # This is set by t-h-t. # Defaults to hiera('nova_api_network', undef) # +# [*nova_api_wsgi_enabled*] +# (Optional) Whether or not deploy Nova API in WSGI with Apache. +# Nova Team discourages it. +# Defaults to hiera('nova_wsgi_enabled', false) +# # [*step*] # (Optional) The current step in deployment. See tripleo-heat-templates # for more details. @@ -60,6 +65,7 @@ class tripleo::profile::base::nova::api ( $enable_internal_tls = hiera('enable_internal_tls', false), $generate_service_certificates = hiera('generate_service_certificates', false), $nova_api_network = hiera('nova_api_network', undef), + $nova_api_wsgi_enabled = hiera('nova_wsgi_enabled', false), $step = hiera('step'), ) { if $::hostname == downcase($bootstrap_node) { @@ -90,29 +96,31 @@ class tripleo::profile::base::nova::api ( sync_db => $sync_db, sync_db_api => $sync_db, } - # Temporarily disable Nova API deployed in WSGI - # https://bugs.launchpad.net/nova/+bug/1661360 - if hiera('nova_wsgi_enabled', false) { - if $enable_internal_tls { - if $generate_service_certificates { - ensure_resources('tripleo::certmonger::httpd', $certificates_specs) - } + include ::nova::network::neutron + } + # Temporarily disable Nova API deployed in WSGI + # https://bugs.launchpad.net/nova/+bug/1661360 + if $nova_api_wsgi_enabled { + if $enable_internal_tls { + if $generate_service_certificates { + ensure_resources('tripleo::certmonger::httpd', $certificates_specs) + } - if !$nova_api_network { - fail('nova_api_network is not set in the hieradata.') - } - $tls_certfile = $certificates_specs["httpd-${nova_api_network}"]['service_certificate'] - $tls_keyfile = $certificates_specs["httpd-${nova_api_network}"]['service_key'] - } else { - $tls_certfile = undef - $tls_keyfile = undef + if !$nova_api_network { + fail('nova_api_network is not set in the hieradata.') } + $tls_certfile = $certificates_specs["httpd-${nova_api_network}"]['service_certificate'] + $tls_keyfile = $certificates_specs["httpd-${nova_api_network}"]['service_key'] + } else { + $tls_certfile = undef + $tls_keyfile = undef + } + if $step >= 4 or ($step >= 3 and $sync_db) { class { '::nova::wsgi::apache_api': ssl_cert => $tls_certfile, ssl_key => $tls_keyfile, } } - include ::nova::network::neutron } if $step >= 5 { diff --git a/spec/classes/tripleo_profile_base_nova_api_spec.rb b/spec/classes/tripleo_profile_base_nova_api_spec.rb index def4f4e..2072438 100644 --- a/spec/classes/tripleo_profile_base_nova_api_spec.rb +++ b/spec/classes/tripleo_profile_base_nova_api_spec.rb @@ -39,7 +39,7 @@ eos is_expected.to contain_class('tripleo::profile::base::nova') is_expected.to_not contain_class('nova::keystone::authtoken') is_expected.to_not contain_class('nova::api') - #is_expected.to_not contain_class('nova::wsgi::apache_api') + is_expected.to_not contain_class('nova::wsgi::apache_api') is_expected.to_not contain_class('nova::network::neutron') } end @@ -56,25 +56,25 @@ eos is_expected.to contain_class('nova::cell_v2::simple_setup') is_expected.to contain_class('nova::keystone::authtoken') is_expected.to contain_class('nova::api') - #is_expected.to contain_class('nova::wsgi::apache_api') + is_expected.to_not contain_class('nova::wsgi::apache_api') is_expected.to contain_class('nova::network::neutron') } end - context 'with step 3 not on bootstrap node' do + context 'with step 3 on bootstrap node' do let(:params) { { - :step => 3, - :bootstrap_node => 'other.example.com', + :step => 3, + :bootstrap_node => 'node.example.com', } } it { is_expected.to contain_class('tripleo::profile::base::nova::api') is_expected.to contain_class('tripleo::profile::base::nova') - is_expected.to_not contain_class('nova::db::sync_cell_v2') - is_expected.to_not contain_class('nova::keystone::authtoken') - is_expected.to_not contain_class('nova::api') - #is_expected.to_not contain_class('nova::wsgi::apache_api') - is_expected.to_not contain_class('nova::network::neutron') + is_expected.to contain_class('nova::cell_v2::simple_setup') + is_expected.to contain_class('nova::keystone::authtoken') + is_expected.to contain_class('nova::api') + is_expected.to_not contain_class('nova::wsgi::apache_api') + is_expected.to contain_class('nova::network::neutron') } end @@ -88,7 +88,25 @@ eos is_expected.to_not contain_class('nova::db::sync_cell_v2') is_expected.to contain_class('nova::keystone::authtoken') is_expected.to contain_class('nova::api') - #is_expected.to contain_class('nova::wsgi::apache_api') + is_expected.to_not contain_class('nova::wsgi::apache_api') + is_expected.to contain_class('nova::network::neutron') + } + end + + context 'with step 4 not on bootstrap node' do + let(:params) { { + :step => 4, + :bootstrap_node => 'other.example.com', + :nova_api_wsgi_enabled => true, + } } + + it { + is_expected.to contain_class('tripleo::profile::base::nova::api') + is_expected.to contain_class('tripleo::profile::base::nova') + is_expected.to_not contain_class('nova::db::sync_cell_v2') + is_expected.to contain_class('nova::keystone::authtoken') + is_expected.to contain_class('nova::api') + is_expected.to contain_class('nova::wsgi::apache_api') is_expected.to contain_class('nova::network::neutron') } end -- cgit 1.2.3-korg