Merge "Fix LDAP issue for DC subcloud"
This commit is contained in:
commit
b5344801fd
|
@ -716,13 +716,6 @@ class AddressPoolController(rest.RestController):
|
||||||
# The admin address pool can be deleted at runtime
|
# The admin address pool can be deleted at runtime
|
||||||
admin_network_reconfig = True
|
admin_network_reconfig = True
|
||||||
|
|
||||||
if (admin_network_reconfig):
|
|
||||||
# At runtime, remove the NAT rule that enables worker, storage
|
|
||||||
# nodes to communicate with the system controller. We must do
|
|
||||||
# this before deleting the address pool and addresses to obtain
|
|
||||||
# information about the current admin floating IP and interface.
|
|
||||||
pecan.request.rpcapi.remove_admin_firewall_config(pecan.request.context)
|
|
||||||
|
|
||||||
addresses = pecan.request.dbapi.addresses_get_by_pool(
|
addresses = pecan.request.dbapi.addresses_get_by_pool(
|
||||||
addrpool.id)
|
addrpool.id)
|
||||||
if addresses:
|
if addresses:
|
||||||
|
|
|
@ -206,11 +206,11 @@ class InterfaceNetworkController(rest.RestController):
|
||||||
ethernet_port_mac = tmp_interface['imac']
|
ethernet_port_mac = tmp_interface['imac']
|
||||||
_update_host_mgmt_mac(host, ethernet_port_mac)
|
_update_host_mgmt_mac(host, ethernet_port_mac)
|
||||||
cutils.perform_distributed_cloud_config(pecan.request.dbapi,
|
cutils.perform_distributed_cloud_config(pecan.request.dbapi,
|
||||||
interface_id)
|
interface_id, host)
|
||||||
elif network_type == constants.NETWORK_TYPE_ADMIN:
|
elif network_type == constants.NETWORK_TYPE_ADMIN:
|
||||||
pecan.request.rpcapi.update_admin_config(pecan.request.context, host)
|
pecan.request.rpcapi.update_admin_config(pecan.request.context, host)
|
||||||
cutils.perform_distributed_cloud_config(pecan.request.dbapi,
|
cutils.perform_distributed_cloud_config(pecan.request.dbapi,
|
||||||
interface_id)
|
interface_id, host)
|
||||||
elif network_type == constants.NETWORK_TYPE_OAM:
|
elif network_type == constants.NETWORK_TYPE_OAM:
|
||||||
pecan.request.rpcapi.initialize_oam_config(pecan.request.context, host)
|
pecan.request.rpcapi.initialize_oam_config(pecan.request.context, host)
|
||||||
|
|
||||||
|
|
|
@ -298,6 +298,8 @@ class NetworkController(rest.RestController):
|
||||||
if type == constants.NETWORK_TYPE_SYSTEM_CONTROLLER:
|
if type == constants.NETWORK_TYPE_SYSTEM_CONTROLLER:
|
||||||
pecan.request.rpcapi.update_ldap_client_config(
|
pecan.request.rpcapi.update_ldap_client_config(
|
||||||
pecan.request.context)
|
pecan.request.context)
|
||||||
|
pecan.request.rpcapi.update_ldap_nat_config(
|
||||||
|
pecan.request.context)
|
||||||
elif type == constants.NETWORK_TYPE_SYSTEM_CONTROLLER_OAM:
|
elif type == constants.NETWORK_TYPE_SYSTEM_CONTROLLER_OAM:
|
||||||
pecan.request.rpcapi.update_dnsmasq_config(
|
pecan.request.rpcapi.update_dnsmasq_config(
|
||||||
pecan.request.context)
|
pecan.request.context)
|
||||||
|
|
|
@ -1739,7 +1739,7 @@ def is_partition_the_last(dbapi, partition):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
def perform_distributed_cloud_config(dbapi, mgmt_iface_id):
|
def perform_distributed_cloud_config(dbapi, mgmt_iface_id, host):
|
||||||
"""
|
"""
|
||||||
Check if we are running in distributed cloud mode and perform any
|
Check if we are running in distributed cloud mode and perform any
|
||||||
necessary configuration.
|
necessary configuration.
|
||||||
|
@ -1796,8 +1796,9 @@ def perform_distributed_cloud_config(dbapi, mgmt_iface_id):
|
||||||
(new_route['network'], new_route['prefix'],
|
(new_route['network'], new_route['prefix'],
|
||||||
new_route['gateway'], mgmt_iface_id))
|
new_route['gateway'], mgmt_iface_id))
|
||||||
|
|
||||||
elif system.distributed_cloud_role == \
|
elif (system.distributed_cloud_role ==
|
||||||
constants.DISTRIBUTED_CLOUD_ROLE_SUBCLOUD:
|
constants.DISTRIBUTED_CLOUD_ROLE_SUBCLOUD and
|
||||||
|
host['personality'] == constants.CONTROLLER):
|
||||||
# Add the route back to the system controller.
|
# Add the route back to the system controller.
|
||||||
# Assumption is we do not have to do any error checking
|
# Assumption is we do not have to do any error checking
|
||||||
# for local & reachable gateway etc, as config_subcloud
|
# for local & reachable gateway etc, as config_subcloud
|
||||||
|
|
|
@ -3686,7 +3686,8 @@ class ConductorManager(service.PeriodicService):
|
||||||
# Do any potential distributed cloud config
|
# Do any potential distributed cloud config
|
||||||
# We do this here where the interface is created.
|
# We do this here where the interface is created.
|
||||||
cutils.perform_distributed_cloud_config(self.dbapi,
|
cutils.perform_distributed_cloud_config(self.dbapi,
|
||||||
new_interface['id'])
|
new_interface['id'],
|
||||||
|
ihost)
|
||||||
if port:
|
if port:
|
||||||
values = {'interface_id': port.interface_id}
|
values = {'interface_id': port.interface_id}
|
||||||
try:
|
try:
|
||||||
|
@ -9639,17 +9640,6 @@ class ConductorManager(service.PeriodicService):
|
||||||
config_uuid,
|
config_uuid,
|
||||||
config_dict)
|
config_dict)
|
||||||
|
|
||||||
def remove_admin_firewall_config(self, context):
|
|
||||||
""" Remove the platform firewall rules associated with the admin network """
|
|
||||||
personalities = [constants.CONTROLLER]
|
|
||||||
config_uuid = self._config_update_hosts(context,
|
|
||||||
personalities)
|
|
||||||
config_dict = {
|
|
||||||
"personalities": personalities,
|
|
||||||
"classes": ['platform::firewall::nat::admin::remove']
|
|
||||||
}
|
|
||||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
|
||||||
|
|
||||||
def update_admin_config(self, context, host, disable=False):
|
def update_admin_config(self, context, host, disable=False):
|
||||||
"""Update the admin network configuration"""
|
"""Update the admin network configuration"""
|
||||||
|
|
||||||
|
@ -9680,8 +9670,7 @@ class ConductorManager(service.PeriodicService):
|
||||||
'platform::sm::enable_admin_config::runtime',
|
'platform::sm::enable_admin_config::runtime',
|
||||||
'platform::haproxy::runtime',
|
'platform::haproxy::runtime',
|
||||||
'openstack::keystone::endpoint::runtime',
|
'openstack::keystone::endpoint::runtime',
|
||||||
'platform::firewall::runtime',
|
'platform::firewall::runtime']
|
||||||
'platform::firewall::nat::admin::runtime']
|
|
||||||
}
|
}
|
||||||
|
|
||||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||||
|
@ -14737,7 +14726,9 @@ class ConductorManager(service.PeriodicService):
|
||||||
|
|
||||||
def update_ldap_client_config(self, context):
|
def update_ldap_client_config(self, context):
|
||||||
"""Update the LDAP client configuration"""
|
"""Update the LDAP client configuration"""
|
||||||
personalities = [constants.CONTROLLER]
|
personalities = [constants.CONTROLLER,
|
||||||
|
constants.WORKER,
|
||||||
|
constants.STORAGE]
|
||||||
config_uuid = self._config_update_hosts(context, personalities)
|
config_uuid = self._config_update_hosts(context, personalities)
|
||||||
config_dict = {
|
config_dict = {
|
||||||
"personalities": personalities,
|
"personalities": personalities,
|
||||||
|
@ -14746,6 +14737,16 @@ class ConductorManager(service.PeriodicService):
|
||||||
}
|
}
|
||||||
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||||
|
|
||||||
|
def update_ldap_nat_config(self, context):
|
||||||
|
"""Update the LDAP NAT configuration"""
|
||||||
|
personalities = [constants.CONTROLLER]
|
||||||
|
config_uuid = self._config_update_hosts(context, personalities)
|
||||||
|
config_dict = {
|
||||||
|
"personalities": personalities,
|
||||||
|
"classes": ['platform::firewall::dc::nat::ldap::runtime']
|
||||||
|
}
|
||||||
|
self._config_apply_runtime_manifest(context, config_uuid, config_dict)
|
||||||
|
|
||||||
def get_controllerfs_lv_sizes(self, context):
|
def get_controllerfs_lv_sizes(self, context):
|
||||||
system = self.dbapi.isystem_get_one()
|
system = self.dbapi.isystem_get_one()
|
||||||
system_dc_role = system.get('distributed_cloud_role', None)
|
system_dc_role = system.get('distributed_cloud_role', None)
|
||||||
|
|
|
@ -828,15 +828,6 @@ class ConductorAPI(sysinv.openstack.common.rpc.proxy.RpcProxy):
|
||||||
host=host,
|
host=host,
|
||||||
disable=disable))
|
disable=disable))
|
||||||
|
|
||||||
def remove_admin_firewall_config(self, context):
|
|
||||||
"""Synchronously, have the conductor remove the admin firewall
|
|
||||||
configuration.
|
|
||||||
|
|
||||||
:param context: request context.
|
|
||||||
"""
|
|
||||||
return self.call(context, self.make_msg(
|
|
||||||
'remove_admin_firewall_config'))
|
|
||||||
|
|
||||||
def set_mgmt_network_reconfig_flag(self, context):
|
def set_mgmt_network_reconfig_flag(self, context):
|
||||||
"""Synchronously, have the conductor update the mgmt network reconfig flag.
|
"""Synchronously, have the conductor update the mgmt network reconfig flag.
|
||||||
:param context: request context.
|
:param context: request context.
|
||||||
|
@ -2170,6 +2161,17 @@ class ConductorAPI(sysinv.openstack.common.rpc.proxy.RpcProxy):
|
||||||
return self.call(context,
|
return self.call(context,
|
||||||
self.make_msg('update_ldap_client_config'))
|
self.make_msg('update_ldap_client_config'))
|
||||||
|
|
||||||
|
def update_ldap_nat_config(self, context):
|
||||||
|
"""Synchronously, have a conductor configure LDAP NAT configureation
|
||||||
|
|
||||||
|
Does the following tasks:
|
||||||
|
- Update puppet hiera configuration file and apply run time manifest.
|
||||||
|
|
||||||
|
:param context: request context.
|
||||||
|
"""
|
||||||
|
return self.call(context,
|
||||||
|
self.make_msg('update_ldap_nat_config'))
|
||||||
|
|
||||||
def update_dnsmasq_config(self, context):
|
def update_dnsmasq_config(self, context):
|
||||||
"""Synchronously, have a conductor configure the DNS configuration
|
"""Synchronously, have a conductor configure the DNS configuration
|
||||||
|
|
||||||
|
|
|
@ -223,15 +223,21 @@ class TestPostMixin(NetworkTestCase):
|
||||||
update_ldap_client_config = "sysinv.conductor.rpcapi." \
|
update_ldap_client_config = "sysinv.conductor.rpcapi." \
|
||||||
"ConductorAPI." \
|
"ConductorAPI." \
|
||||||
"update_ldap_client_config"
|
"update_ldap_client_config"
|
||||||
|
update_ldap_nat_config = "sysinv.conductor.rpcapi." \
|
||||||
|
"ConductorAPI." \
|
||||||
|
"update_ldap_nat_config"
|
||||||
with mock.patch('sysinv.common.utils.is_initial_config_complete',
|
with mock.patch('sysinv.common.utils.is_initial_config_complete',
|
||||||
lambda: True), \
|
lambda: True), \
|
||||||
mock.patch(update_ldap_client_config,
|
mock.patch(update_ldap_client_config,
|
||||||
m.update_ldap_client_config):
|
m.update_ldap_client_config), \
|
||||||
|
mock.patch(update_ldap_nat_config,
|
||||||
|
m.update_ldap_nat_config):
|
||||||
self._test_create_network_success(
|
self._test_create_network_success(
|
||||||
'system-controller',
|
'system-controller',
|
||||||
constants.NETWORK_TYPE_SYSTEM_CONTROLLER,
|
constants.NETWORK_TYPE_SYSTEM_CONTROLLER,
|
||||||
self.system_controller_subnet)
|
self.system_controller_subnet)
|
||||||
m.update_ldap_client_config.assert_called_once()
|
m.update_ldap_client_config.assert_called_once()
|
||||||
|
m.update_ldap_nat_config.assert_called_once()
|
||||||
|
|
||||||
def test_create_success_pxeboot(self):
|
def test_create_success_pxeboot(self):
|
||||||
self._test_create_network_success(
|
self._test_create_network_success(
|
||||||
|
|
|
@ -5122,7 +5122,9 @@ class ManagerTestCase(base.DbTestCase):
|
||||||
p2.start()
|
p2.start()
|
||||||
self.addCleanup(p2.stop)
|
self.addCleanup(p2.stop)
|
||||||
self.service.update_ldap_client_config(self.context)
|
self.service.update_ldap_client_config(self.context)
|
||||||
personalities = [constants.CONTROLLER]
|
personalities = [constants.CONTROLLER,
|
||||||
|
constants.WORKER,
|
||||||
|
constants.STORAGE]
|
||||||
config_dict = {
|
config_dict = {
|
||||||
"personalities": personalities,
|
"personalities": personalities,
|
||||||
"classes": ['platform::ldap::client::runtime',
|
"classes": ['platform::ldap::client::runtime',
|
||||||
|
|
|
@ -100,6 +100,9 @@ class RPCAPITestCase(base.DbTestCase):
|
||||||
def test_update_ldap_client_config(self):
|
def test_update_ldap_client_config(self):
|
||||||
self._test_rpcapi('update_ldap_client_config', 'call')
|
self._test_rpcapi('update_ldap_client_config', 'call')
|
||||||
|
|
||||||
|
def test_update_ldap_nat_config(self):
|
||||||
|
self._test_rpcapi('update_ldap_nat_config', 'call')
|
||||||
|
|
||||||
def test_update_dnsmasq_config(self):
|
def test_update_dnsmasq_config(self):
|
||||||
self._test_rpcapi('update_dnsmasq_config', 'call')
|
self._test_rpcapi('update_dnsmasq_config', 'call')
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue