From b0306984f8aa2580d05b414e6c0881cc136afc8d Mon Sep 17 00:00:00 2001 From: Tim Rozet Date: Thu, 27 Sep 2018 21:51:23 -0400 Subject: [PATCH] Binds OpenFlow and OVSDB IPs The odl_bind_ip has been used to bind the northbound HTTP REST server to a fixed IP, however the OVSDB and OpenFlow services were running on 0.0.0.0. This patch binds those services as well. Change-Id: I7173706b3e812adc0ad899f2a3b6f4b28b91897f Signed-off-by: Tim Rozet --- CHANGELOG | 2 ++ manifests/config.pp | 19 ++++++----- manifests/init.pp | 2 +- metadata.json | 2 +- spec/classes/opendaylight_spec.rb | 4 +-- spec/spec_helper.rb | 34 +++++++++++++++---- spec/spec_helper_acceptance.rb | 22 ++++++++++++ ...default-openflow-connection-config.xml.erb | 1 + .../org.opendaylight.ovsdb.library.cfg.erb | 4 ++- 9 files changed, 69 insertions(+), 21 deletions(-) rename files/org.opendaylight.ovsdb.library.cfg => templates/org.opendaylight.ovsdb.library.cfg.erb (92%) diff --git a/CHANGELOG b/CHANGELOG index 36fb52a..a20fe98 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -84,3 +84,5 @@ - Enable IPv6 deployment 2018-09-18 Release 8.4.1 - Fix opendaylight karaf log file rotation +2018-09-27 Release 8.4.2 +- Bind OVSDB and OpenFlow addresses to specific IP diff --git a/manifests/config.pp b/manifests/config.pp index fba6e55..a3b33ca 100644 --- a/manifests/config.pp +++ b/manifests/config.pp @@ -131,15 +131,6 @@ class opendaylight::config { require => File['org.ops4j.pax.web.cfg'] } - # Enable TLS with OVSDB - file { 'org.opendaylight.ovsdb.library.cfg': - ensure => file, - path => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg', - owner => 'odl', - group => 'odl', - source => 'puppet:///modules/opendaylight/org.opendaylight.ovsdb.library.cfg', - } - # Configure OpenFlow plugin to use TLS $transport_protocol = 'TLS' } else { @@ -161,6 +152,16 @@ class opendaylight::config { require => File['org.ops4j.pax.web.cfg'] } } + + # Configure OVSDB + file { 'org.opendaylight.ovsdb.library.cfg': + ensure => file, + path => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg', + owner => 'odl', + group => 'odl', + content => template('opendaylight/org.opendaylight.ovsdb.library.cfg.erb'), + } + # Configure OpenFlow plugin to use TCP/TLS file { 'default-openflow-connection-config.xml': ensure => file, diff --git a/manifests/init.pp b/manifests/init.pp index e80bc5a..f485edd 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -11,7 +11,7 @@ # [*odl_rest_port *] # Port for ODL northbound REST interface to listen on. # [*odl_bind_ip *] -# IP for ODL northbound REST interface to bind to. +# IP for ODL northbound REST interface and southbound OVSDB/OpenFlow to bind to. # [*rpm_repo*] # Repo URL to install ODL RPM from, in .repo baseurl format. # [*deb_repo*] diff --git a/metadata.json b/metadata.json index 667feac..45408dd 100644 --- a/metadata.json +++ b/metadata.json @@ -1,6 +1,6 @@ { "name": "opendaylight-opendaylight", - "version": "8.4.1", + "version": "8.4.2", "author": "Daniel Farrell", "summary": "Puppet module that installs and configures the OpenDaylight SDN controller", "license": "BSD-2-Clause", diff --git a/spec/classes/opendaylight_spec.rb b/spec/classes/opendaylight_spec.rb index 7013d22..ace2dac 100644 --- a/spec/classes/opendaylight_spec.rb +++ b/spec/classes/opendaylight_spec.rb @@ -365,7 +365,7 @@ describe 'opendaylight' do # Run shared tests applicable to all supported OSs # Note that this function is defined in spec_helper - generic_tests + generic_tests(odl_bind_ip: '127.0.0.1') # Run test that specialize in checking ODL REST port config # Note that this function is defined in spec_helper @@ -1033,7 +1033,7 @@ describe 'opendaylight' do # Run shared tests applicable to all supported OSs # Note that this function is defined in spec_helper - generic_tests + generic_tests(odl_bind_ip: '127.0.0.1') # Run test that specialize in checking websocket address # Note that this function is defined in spec_helper diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 06dbf1c..1000321 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -15,7 +15,7 @@ RSpec::Puppet::Coverage.filters.push(*custom_filters) # Tests that are common to all possible configurations def generic_tests(options = {}) java_opts = options.fetch(:java_opts, '') - odl_bind_ip = options.fetch(:odl_bind_ip, '127.0.0.1') + odl_bind_ip = options.fetch(:odl_bind_ip, '0.0.0.0') # Confirm that module compiles it { should compile } @@ -79,6 +79,26 @@ def generic_tests(options = {}) ) } + it { + should contain_file('org.opendaylight.ovsdb.library.cfg').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg', + 'owner' => 'odl', + 'group' => 'odl', + 'content' => /ovsdb-listener-ip = #{odl_bind_ip}/ + ) + } + + it { + should contain_file('default-openflow-connection-config.xml').with( + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/opendaylight/datastore/initial/config/default-openflow-connection-config.xml', + 'owner' => 'odl', + 'group' => 'odl', + 'content' => /
#{odl_bind_ip}<\/address>/ + ) + } + end # Shared tests that specialize in testing log file size and rollover @@ -587,11 +607,11 @@ def odl_tls_tests(options = {}) 'group' => 'odl', ) should contain_file('org.opendaylight.ovsdb.library.cfg').with( - 'ensure' => 'file', - 'path' => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg', - 'owner' => 'odl', - 'group' => 'odl', - 'source' => 'puppet:///modules/opendaylight/org.opendaylight.ovsdb.library.cfg' + 'ensure' => 'file', + 'path' => '/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg', + 'owner' => 'odl', + 'group' => 'odl', + 'content' => /use-ssl = true/ ) should contain_file('/opt/opendaylight/configuration/ssl').with( 'ensure' => 'directory', @@ -651,4 +671,4 @@ def stats_polling_enablement_tests(options = {}) 'match' => '^is-statistics-polling-on=.*$', ) } -end \ No newline at end of file +end diff --git a/spec/spec_helper_acceptance.rb b/spec/spec_helper_acceptance.rb index 339ed42..389fabc 100644 --- a/spec/spec_helper_acceptance.rb +++ b/spec/spec_helper_acceptance.rb @@ -322,9 +322,31 @@ def odl_bind_ip_validation(options = {}) its(:content) { should match /sshHost = #{odl_bind_ip}/ } end + describe file('/opt/opendaylight/etc/org.opendaylight.ovsdb.library.cfg') do + it { should be_file } + it { should be_owned_by 'odl' } + it { should be_grouped_into 'odl' } + its(:content) { should match /ovsdb-listener-ip = #{odl_bind_ip}/ } + end + + describe file('/opt/opendaylight/etc/opendaylight/datastore/initial/config/default-openflow-connection-config.xml') do + it { should be_file } + it { should be_owned_by 'odl' } + it { should be_grouped_into 'odl' } + its(:content) { should match /
#{odl_bind_ip}<\/address>/ } + end + describe command("loop_count=0; until [[ \$loop_count -ge 30 ]]; do netstat -punta | grep 8101 | grep #{odl_bind_ip} && break; loop_count=\$[\$loop_count+1]; sleep 1; done; echo \"Waited \$loop_count seconds to detect ODL karaf bound to IP\"") do its(:exit_status) { should eq 0 } end + + describe command("loop_count=0; until [[ \$loop_count -ge 60 ]]; do netstat -punta | grep 6653 | grep #{odl_bind_ip} && break; loop_count=\$[\$loop_count+1]; sleep 1; done; echo \"Waited \$loop_count seconds to detect ODL karaf bound to IP\"") do + its(:exit_status) { should eq 0 } + end + + describe command("loop_count=0; until [[ \$loop_count -ge 60 ]]; do netstat -punta | grep 6640 | grep #{odl_bind_ip} && break; loop_count=\$[\$loop_count+1]; sleep 1; done; echo \"Waited \$loop_count seconds to detect ODL karaf bound to IP\"") do + its(:exit_status) { should eq 0 } + end end end diff --git a/templates/default-openflow-connection-config.xml.erb b/templates/default-openflow-connection-config.xml.erb index 3736fb5..2912ca9 100644 --- a/templates/default-openflow-connection-config.xml.erb +++ b/templates/default-openflow-connection-config.xml.erb @@ -1,6 +1,7 @@ openflow-switch-connection-provider-default-impl 6653 +
<%= scope.lookupvar('opendaylight::odl_bind_ip') %>
<%= scope.lookupvar('opendaylight::config::transport_protocol') %> configuration/ssl/ctl.jks diff --git a/files/org.opendaylight.ovsdb.library.cfg b/templates/org.opendaylight.ovsdb.library.cfg.erb similarity index 92% rename from files/org.opendaylight.ovsdb.library.cfg rename to templates/org.opendaylight.ovsdb.library.cfg.erb index cdb9b17..ead2c83 100644 --- a/files/org.opendaylight.ovsdb.library.cfg +++ b/templates/org.opendaylight.ovsdb.library.cfg.erb @@ -7,10 +7,12 @@ #default listens on port 6640 for switch initiated connection. Please use following config #knob for changing this default port. ovsdb-listener-port = 6640 +ovsdb-listener-ip = <%= scope.lookupvar('opendaylight::odl_bind_ip') %> #This flag will be enforced across all the connection's (passive and active) if set to true +<%- if scope.lookupvar('opendaylight::enable_tls') -%> use-ssl = true - +<%- end -%> #Set Json Rpc decoder max frame length value. If the OVSDB node contains large configurations #that can cause connection related issue while reading the configuration from the OVSDB node #database. Increasing the max frame lenge helps resolve the issue. Please see following bug -- 2.36.6