zuul/nodepool
Code Issues Proposed changes

Toggle host-key-checking for openstack provider.labels

Browse Source 
This adds the ability for a pool.label to override the
pool.host-key-checking value, while having a label exist in the same
pool.  This is helpful because it is possible for 1 pool to mix network
configuration, and some nodes maybe missing a default gateway (making
them unroutable by default).

Change-Id: I934d42b8e48aedb0ebc03137b7305eb2af390fc7
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
Paul Belanger 2019-06-05 12:31:24 -04:00
parent 74f960848c
commit 3a5cabedcb
6 changed files with 60 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/source/configuration.rst
View File

@ -926,6 +926,18 @@ Selecting the OpenStack driver adds the following options to the
If given, the label for use in this pool will create a
volume from the image and boot the node from it.
.. attr:: host-key-checking
:type: bool
:default: True
Specify custom behavior of validation of SSH host keys. When set to
False, nodepool-launcher will not ssh-keyscan nodes after they are
booted. This might be needed if nodepool-launcher and the nodes it
launches are on different networks. The default value is True.
.. note:: This value will override the value for
:attr:`providers.[openstack].pools.host-key-checking`.
.. attr:: networks
:type: list

7
nodepool/driver/openstack/config.py
View File

@ -91,6 +91,7 @@ class ProviderLabel(ConfigValue):
self.instance_properties = None
self.userdata = None
self.networks = []
self.host_key_checking = True
# The ProviderPool object that owns this label.
self.pool = None
@ -109,7 +110,8 @@ class ProviderLabel(ConfigValue):
other.volume_size == self.volume_size and
other.instance_properties == self.instance_properties and
other.userdata == self.userdata and
other.networks == self.networks)
other.networks == self.networks and
other.host_key_checking == self.host_key_checking)
return False
def __repr__(self):
@ -211,6 +213,8 @@ class ProviderPool(ConfigPool):
None)
pl.userdata = label.get('userdata', None)
pl.networks = label.get('networks', self.networks)
pl.host_key_checking = label.get(
'host-key-checking', self.host_key_checking)
top_label = full_config.labels[pl.name]
top_label.pools.append(self)
@ -367,6 +371,7 @@ class OpenStackProviderConfig(ProviderConfig):
'instance-properties': dict,
'userdata': str,
'networks': [str],
'host-key-checking': bool,
}
label_min_ram = v.Schema({v.Required('min-ram'): int}, extra=True)

2
nodepool/driver/openstack/handler.py
View File

@ -217,7 +217,7 @@ class OpenStackNodeLauncher(NodeLauncher):
# wait and scan the new node and record in ZooKeeper
host_keys = []
if self.pool.host_key_checking:
if self.label.host_key_checking:
try:
self.log.debug(
"Gathering host keys for node %s", self.node.id)

18
nodepool/tests/fixtures/node-host-key-checking.yaml vendored
View File

@ -11,6 +11,8 @@ zookeeper-servers:
labels:
- name: fake-label
min-ready: 1
- name: fake-label2
min-ready: 1
providers:
- name: fake-provider
@ -37,6 +39,22 @@ providers:
min-ram: 8192
flavor-name: 'Fake'
- name: fake-provider2
cloud: fake
driver: fake
region-name: fake-region
rate: 0.0001
diskimages:
- name: fake-image
pools:
- name: main
max-servers: 96
labels:
- name: fake-label2
diskimage: fake-image
host-key-checking: False
min-ram: 8192
diskimages:
- name: fake-image
elements:

24
nodepool/tests/unit/test_launcher.py
View File

@ -514,21 +514,29 @@ class TestLauncher(tests.DBTestCase):
{'key1': 'value1', 'key2': 'value2'})
def test_node_host_key_checking_false(self):
"""Test that an image and node are created"""
"""Test that images and nodes are created"""
configfile = self.setup_config('node-host-key-checking.yaml')
pool = self.useNodepool(configfile, watermark_sleep=1)
self.useBuilder(configfile)
pool.start()
image = self.waitForImage('fake-provider', 'fake-image')
self.assertEqual(image.username, 'zuul')
nodes = self.waitForNodes('fake-label')
label1_nodes = self.waitForNodes('fake-label')
label2_nodes = self.waitForNodes('fake-label2')
self.assertEqual(len(nodes), 1)
self.assertEqual(nodes[0].provider, 'fake-provider')
self.assertEqual(nodes[0].type, ['fake-label'])
self.assertEqual(nodes[0].username, 'zuul')
# We have no host_keys because host-key-checking is False.
self.assertEqual(nodes[0].host_keys, [])
self.assertEqual(len(label1_nodes), 1)
self.assertEqual(label1_nodes[0].provider, 'fake-provider')
self.assertEqual(label1_nodes[0].type, ['fake-label'])
self.assertEqual(label1_nodes[0].username, 'zuul')
# We have no host_keys because pool.host-key-checking is False.
self.assertEqual(label1_nodes[0].host_keys, [])
self.assertEqual(len(label2_nodes), 1)
self.assertEqual(label2_nodes[0].provider, 'fake-provider2')
self.assertEqual(label2_nodes[0].type, ['fake-label2'])
self.assertEqual(label2_nodes[0].username, 'zuul')
# We have no host_keys because label.host-key-checking is False.
self.assertEqual(label2_nodes[0].host_keys, [])
def test_multiple_launcher(self):
"""Test that an image and node are created with 2 launchers"""

7
releasenotes/notes/openstack-driver-labels-host-key-checking-f102c013040f5f15.yaml Normal file
View File

@ -0,0 +1,7 @@
---
features:
- |
Provider labels for the OpenStack driver are now able to toggle
:attr:`providers.[openstack].pools.labels.host-key-checking`. This
overrides the host-key-checking value defined by
:attr:`providers.[openstack].pools.host-key-checking`.