From af1e19ef491553b75863d6da37625f6fe78a0f02 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Thu, 28 Sep 2017 09:56:23 -0500 Subject: [PATCH] libvirt: fix operation when ceph is disabled The movement of the ceph secret logic into the start script introduced a bug that was missed in review when ceph is disabled, this PS restores expected operation. Closes-Bug: #1720061 Change-Id: Ie373ff94814ea396832a83101c885ebf92b6f8cc --- libvirt/templates/bin/_libvirt.sh.tpl | 84 +++++++++++++----------- libvirt/templates/daemonset-libvirt.yaml | 7 ++ 2 files changed, 51 insertions(+), 40 deletions(-) diff --git a/libvirt/templates/bin/_libvirt.sh.tpl b/libvirt/templates/bin/_libvirt.sh.tpl index 28dae52109..860f6ffdd1 100644 --- a/libvirt/templates/bin/_libvirt.sh.tpl +++ b/libvirt/templates/bin/_libvirt.sh.tpl @@ -30,49 +30,50 @@ if [[ -c /dev/kvm ]]; then chown root:kvm /dev/kvm fi -libvirtd --listen & +if [ "x${LIBVIRT_CEPH_ENABLED}" == "xTrue" ] ; then + libvirtd --listen & -LIBVIRT_SECRET_DEF=$(mktemp --suffix .xml) -function cleanup { - rm -f ${LIBVIRT_SECRET_DEF} -} -trap cleanup EXIT + LIBVIRT_SECRET_DEF=$(mktemp --suffix .xml) + function cleanup { + rm -f ${LIBVIRT_SECRET_DEF} + } + trap cleanup EXIT -# Wait for the libvirtd is up -TIMEOUT=60 -while [[ ! -f /var/run/libvirtd.pid ]]; do - if [[ ${TIMEOUT} -gt 0 ]]; then - let TIMEOUT-=1 - sleep 1 - else - echo "ERROR: libvirt did not start in time (pid file missing)" + # Wait for the libvirtd is up + TIMEOUT=60 + while [[ ! -f /var/run/libvirtd.pid ]]; do + if [[ ${TIMEOUT} -gt 0 ]]; then + let TIMEOUT-=1 + sleep 1 + else + echo "ERROR: libvirt did not start in time (pid file missing)" + exit 1 + fi + done + + # Even though we see the pid file the socket immediately (this is + # needed for virsh) + TIMEOUT=10 + while [[ ! -e /var/run/libvirt/libvirt-sock ]]; do + if [[ ${TIMEOUT} -gt 0 ]]; then + let TIMEOUT-=1 + sleep 1 + else + echo "ERROR: libvirt did not start in time (socket missing)" + exit 1 + fi + done + + if [ -z "${LIBVIRT_CEPH_SECRET_UUID}" ] ; then + echo "ERROR: No libvirt Secret UUID Supplied" exit 1 fi -done -# Even though we see the pid file the socket immediately (this is -# needed for virsh) -TIMEOUT=10 -while [[ ! -e /var/run/libvirt/libvirt-sock ]]; do - if [[ ${TIMEOUT} -gt 0 ]]; then - let TIMEOUT-=1 - sleep 1 - else - echo "ERROR: libvirt did not start in time (socket missing)" - exit 1 + if [ -z "${CEPH_CINDER_KEYRING}" ] ; then + CEPH_CINDER_KEYRING=$(sed -n 's/^[[:space:]]*key[[:blank:]]\+=[[:space:]]\(.*\)/\1/p' /etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring) fi -done -if [ -z "${LIBVIRT_CEPH_SECRET_UUID}" ] ; then - echo "ERROR: No libvirt Secret UUID Supplied" - exit 1 -fi - -if [ -z "${CEPH_CINDER_KEYRING}" ] ; then - CEPH_CINDER_KEYRING=$(sed -n 's/^[[:space:]]*key[[:blank:]]\+=[[:space:]]\(.*\)/\1/p' /etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring) -fi - -cat > ${LIBVIRT_SECRET_DEF} < ${LIBVIRT_SECRET_DEF} < ${LIBVIRT_CEPH_SECRET_UUID} @@ -81,8 +82,11 @@ cat > ${LIBVIRT_SECRET_DEF} < EOF -virsh secret-define --file ${LIBVIRT_SECRET_DEF} -virsh secret-set-value --secret "${LIBVIRT_CEPH_SECRET_UUID}" --base64 "${CEPH_CINDER_KEYRING}" + virsh secret-define --file ${LIBVIRT_SECRET_DEF} + virsh secret-set-value --secret "${LIBVIRT_CEPH_SECRET_UUID}" --base64 "${CEPH_CINDER_KEYRING}" -# rejoin libvirtd -wait + # rejoin libvirtd + wait +else + exec libvirtd --listen +fi diff --git a/libvirt/templates/daemonset-libvirt.yaml b/libvirt/templates/daemonset-libvirt.yaml index c26c65b008..fff6108de5 100644 --- a/libvirt/templates/daemonset-libvirt.yaml +++ b/libvirt/templates/daemonset-libvirt.yaml @@ -46,6 +46,9 @@ spec: securityContext: runAsUser: 0 env: + {{- if .Values.ceph.enabled }} + - name: LIBVIRT_CEPH_ENABLED + value: "True" - name: CEPH_CINDER_USER value: "{{ .Values.ceph.cinder_user }}" {{- if .Values.ceph.cinder_keyring }} @@ -54,6 +57,10 @@ spec: {{ end }} - name: LIBVIRT_CEPH_SECRET_UUID value: "{{ .Values.ceph.secret_uuid }}" + {{- else }} + - name: LIBVIRT_CEPH_ENABLED + value: "False" + {{- end }} command: - /tmp/ceph-keyring.sh volumeMounts: