starlingx
/
config
Code Issues Proposed changes
config/controllerconfig/controllerconfig
History
Jagatguru Prasad Mishra 4f4cc4c847 Avoid copying symlink content to fix sanity issue 
During ansible bootstrap, encryption-provider.yaml was copied to
'/opt/platform/config/<version>/kubernetes' directory from
'/etc/kubernetes'. After supporting luks volume, this file is moved
to the luks volume and symlink is created at '/etc/kubernetes'
and '/opt/platform/config/<version>/kubernetes' pointing to
encryption-provider.yaml file in the luks volume.

After ansible bootstrap completes, controllerconfig service tries to
copy the files from '/opt/platform/config/<version>/kubernetes' to
'/etc/kubernetes'. So it tries to copy encryption-provider.yaml as
well which is a symlink of a file in luks volume.

This change adds an argument '-P' to to the 'cp'
command which avoid copying the source content from the symlink
pointing to the luks volume. This change is required as the
luks volume may not be accessible while it is getting copied.
The directory for which this '-P' option is applied contains
only one symlink which is 'encryption-provider.yaml', so there
is no negative impact.

Test Plan:
PASS: build-pkgs -c -p controllerconfig
PASS: AIO-SX bootstrap should pass and host should come to
      unlocked/enabled/available state
PASS: Verify if a symlink encryption-provider.yaml is copied at
      '/etc/kubernetes/' location after host-unlock.
PASS: Verify if the below file is accessible
      /var/luks/stx/luks_fs/controller/etc/kubernetes/
      encryption-provider.yaml from symlink in
      /etc/kubernetes/
PASS: Standard setup- Verify if a symlink encryption-provider.yaml
      is copied at '/etc/kubernetes/' on both controllers.
PASS: Standard setup- Verify if a symlink encryption-provider.yaml
      is present at '/opt/platform/config/<version>/kubernetes/'
      on conroller-1 after 'system host-swact 1'
PASS: Standard setup- lock/unlock controller-1. Check if puppet
      mainfest is executed succesfully on controller-1 after reboot.
      Controller should come to unlocked/enabled/available state.
PASS: Standard setup- lock/unlock controller-0. Check if puppet
      mainfest is executed succesfully on controller-0 after reboot.
      Controller should come to unlocked/enabled/available state.

Depends-on: https://review.opendev.org/c/starlingx/ansible-playbooks/+/904342

Story: 2010873
Task: 49323

Change-Id: I8e064fc0e7a6fc8a0b571673fe8f6e66e4e43aee
Signed-off-by: Jagatguru Prasad Mishra <jagatguruprasad.mishra@windriver.com>
 		2023-12-28 13:18:49 +00:00
..
controllerconfig Removed extra steps during upgrade 2023-12-12 16:44:22 -05:00
scripts Avoid copying symlink content to fix sanity issue 2023-12-28 13:18:49 +00:00
upgrade-scripts Merge "Enable upgrade script to create platform certs" 2023-12-18 15:18:30 +00:00
.coveragerc StarlingX open source release updates 2018-05-31 07:35:52 -07:00
.gitignore Fix py27 tests in controllerconfig component 2018-09-06 12:27:08 -05:00
.stestr.conf Fix migration scripts execution sequence 2021-02-04 10:53:23 -05:00
.testr.conf StarlingX open source release updates 2018-05-31 07:35:52 -07:00
LICENSE StarlingX open source release updates 2018-05-31 07:35:52 -07:00
pylint.rc Update controllerconfig tox environment for debian 2023-05-31 15:25:25 +00:00
requirements.txt Add gate for python 3.9 2021-09-08 10:38:39 -04:00
setup.py Clean up dead code in controllerconfig 2020-01-21 15:32:41 -05:00
test-requirements.txt Update controllerconfig tox environment for debian 2023-05-31 15:25:25 +00:00
tox.ini Update controllerconfig tox environment for debian 2023-05-31 15:25:25 +00:00