libvirt: fix operation when ceph is disabled
The movement of the ceph secret logic into the start script introduced a bug that was missed in review when ceph is disabled, this PS restores expected operation. Closes-Bug: #1720061 Change-Id: Ie373ff94814ea396832a83101c885ebf92b6f8cc
This commit is contained in:
parent
a2cc27ea6a
commit
af1e19ef49
@ -30,49 +30,50 @@ if [[ -c /dev/kvm ]]; then
|
|||||||
chown root:kvm /dev/kvm
|
chown root:kvm /dev/kvm
|
||||||
fi
|
fi
|
||||||
|
|
||||||
libvirtd --listen &
|
if [ "x${LIBVIRT_CEPH_ENABLED}" == "xTrue" ] ; then
|
||||||
|
libvirtd --listen &
|
||||||
|
|
||||||
LIBVIRT_SECRET_DEF=$(mktemp --suffix .xml)
|
LIBVIRT_SECRET_DEF=$(mktemp --suffix .xml)
|
||||||
function cleanup {
|
function cleanup {
|
||||||
rm -f ${LIBVIRT_SECRET_DEF}
|
rm -f ${LIBVIRT_SECRET_DEF}
|
||||||
}
|
}
|
||||||
trap cleanup EXIT
|
trap cleanup EXIT
|
||||||
|
|
||||||
# Wait for the libvirtd is up
|
# Wait for the libvirtd is up
|
||||||
TIMEOUT=60
|
TIMEOUT=60
|
||||||
while [[ ! -f /var/run/libvirtd.pid ]]; do
|
while [[ ! -f /var/run/libvirtd.pid ]]; do
|
||||||
if [[ ${TIMEOUT} -gt 0 ]]; then
|
if [[ ${TIMEOUT} -gt 0 ]]; then
|
||||||
let TIMEOUT-=1
|
let TIMEOUT-=1
|
||||||
sleep 1
|
sleep 1
|
||||||
else
|
else
|
||||||
echo "ERROR: libvirt did not start in time (pid file missing)"
|
echo "ERROR: libvirt did not start in time (pid file missing)"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# Even though we see the pid file the socket immediately (this is
|
||||||
|
# needed for virsh)
|
||||||
|
TIMEOUT=10
|
||||||
|
while [[ ! -e /var/run/libvirt/libvirt-sock ]]; do
|
||||||
|
if [[ ${TIMEOUT} -gt 0 ]]; then
|
||||||
|
let TIMEOUT-=1
|
||||||
|
sleep 1
|
||||||
|
else
|
||||||
|
echo "ERROR: libvirt did not start in time (socket missing)"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
if [ -z "${LIBVIRT_CEPH_SECRET_UUID}" ] ; then
|
||||||
|
echo "ERROR: No libvirt Secret UUID Supplied"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
done
|
|
||||||
|
|
||||||
# Even though we see the pid file the socket immediately (this is
|
if [ -z "${CEPH_CINDER_KEYRING}" ] ; then
|
||||||
# needed for virsh)
|
CEPH_CINDER_KEYRING=$(sed -n 's/^[[:space:]]*key[[:blank:]]\+=[[:space:]]\(.*\)/\1/p' /etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring)
|
||||||
TIMEOUT=10
|
|
||||||
while [[ ! -e /var/run/libvirt/libvirt-sock ]]; do
|
|
||||||
if [[ ${TIMEOUT} -gt 0 ]]; then
|
|
||||||
let TIMEOUT-=1
|
|
||||||
sleep 1
|
|
||||||
else
|
|
||||||
echo "ERROR: libvirt did not start in time (socket missing)"
|
|
||||||
exit 1
|
|
||||||
fi
|
fi
|
||||||
done
|
|
||||||
|
|
||||||
if [ -z "${LIBVIRT_CEPH_SECRET_UUID}" ] ; then
|
cat > ${LIBVIRT_SECRET_DEF} <<EOF
|
||||||
echo "ERROR: No libvirt Secret UUID Supplied"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -z "${CEPH_CINDER_KEYRING}" ] ; then
|
|
||||||
CEPH_CINDER_KEYRING=$(sed -n 's/^[[:space:]]*key[[:blank:]]\+=[[:space:]]\(.*\)/\1/p' /etc/ceph/ceph.client.${CEPH_CINDER_USER}.keyring)
|
|
||||||
fi
|
|
||||||
|
|
||||||
cat > ${LIBVIRT_SECRET_DEF} <<EOF
|
|
||||||
<secret ephemeral='no' private='no'>
|
<secret ephemeral='no' private='no'>
|
||||||
<uuid>${LIBVIRT_CEPH_SECRET_UUID}</uuid>
|
<uuid>${LIBVIRT_CEPH_SECRET_UUID}</uuid>
|
||||||
<usage type='ceph'>
|
<usage type='ceph'>
|
||||||
@ -81,8 +82,11 @@ cat > ${LIBVIRT_SECRET_DEF} <<EOF
|
|||||||
</secret>
|
</secret>
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
virsh secret-define --file ${LIBVIRT_SECRET_DEF}
|
virsh secret-define --file ${LIBVIRT_SECRET_DEF}
|
||||||
virsh secret-set-value --secret "${LIBVIRT_CEPH_SECRET_UUID}" --base64 "${CEPH_CINDER_KEYRING}"
|
virsh secret-set-value --secret "${LIBVIRT_CEPH_SECRET_UUID}" --base64 "${CEPH_CINDER_KEYRING}"
|
||||||
|
|
||||||
# rejoin libvirtd
|
# rejoin libvirtd
|
||||||
wait
|
wait
|
||||||
|
else
|
||||||
|
exec libvirtd --listen
|
||||||
|
fi
|
||||||
|
@ -46,6 +46,9 @@ spec:
|
|||||||
securityContext:
|
securityContext:
|
||||||
runAsUser: 0
|
runAsUser: 0
|
||||||
env:
|
env:
|
||||||
|
{{- if .Values.ceph.enabled }}
|
||||||
|
- name: LIBVIRT_CEPH_ENABLED
|
||||||
|
value: "True"
|
||||||
- name: CEPH_CINDER_USER
|
- name: CEPH_CINDER_USER
|
||||||
value: "{{ .Values.ceph.cinder_user }}"
|
value: "{{ .Values.ceph.cinder_user }}"
|
||||||
{{- if .Values.ceph.cinder_keyring }}
|
{{- if .Values.ceph.cinder_keyring }}
|
||||||
@ -54,6 +57,10 @@ spec:
|
|||||||
{{ end }}
|
{{ end }}
|
||||||
- name: LIBVIRT_CEPH_SECRET_UUID
|
- name: LIBVIRT_CEPH_SECRET_UUID
|
||||||
value: "{{ .Values.ceph.secret_uuid }}"
|
value: "{{ .Values.ceph.secret_uuid }}"
|
||||||
|
{{- else }}
|
||||||
|
- name: LIBVIRT_CEPH_ENABLED
|
||||||
|
value: "False"
|
||||||
|
{{- end }}
|
||||||
command:
|
command:
|
||||||
- /tmp/ceph-keyring.sh
|
- /tmp/ceph-keyring.sh
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
|
Loading…
Reference in New Issue
Block a user