Skip to content

Commit

Permalink
[kuttl] add test to enable tls as day2 in ctlplane-tls-cert-rotation
Browse files Browse the repository at this point in the history
Changes the ctlplane-tls-cert-rotation tls kuttl test to start
with a deployment where only the ingress/routes are configured to
have tls. The podLevel tls is disabled. Later it gets enabled
and the usual test steps to run.

Signed-off-by: Martin Schuppert <[email protected]>
  • Loading branch information
stuggi committed Oct 15, 2024
1 parent 5284b94 commit b0a9978
Show file tree
Hide file tree
Showing 2 changed files with 300 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,295 @@
apiVersion: core.openstack.org/v1beta1
kind: OpenStackControlPlane
metadata:
name: openstack
spec:
secret: osp-secret
keystone:
template:
databaseInstance: openstack
secret: osp-secret
galera:
enabled: true
templates:
openstack:
storageRequest: 500M
secret: osp-secret
replicas: 1
openstack-cell1:
storageRequest: 500M
secret: osp-secret
replicas: 1
rabbitmq:
templates:
rabbitmq:
replicas: 1
rabbitmq-cell1:
replicas: 1
memcached:
templates:
memcached:
replicas: 1
placement:
template:
databaseInstance: openstack
secret: osp-secret
glance:
template:
databaseInstance: openstack
secret: osp-secret
glanceAPIs:
default:
replicas: 1
storage:
storageRequest: 10G
cinder:
template:
databaseInstance: openstack
secret: osp-secret
cinderAPI:
replicas: 1
cinderScheduler:
replicas: 1
cinderBackup:
replicas: 0 # backend needs to be configured
cinderVolumes:
volume1:
replicas: 0 # backend needs to be configured
manila:
template:
manilaAPI:
replicas: 1
manilaScheduler:
replicas: 1
manilaShares:
share1:
replicas: 1
ovn:
template:
ovnDBCluster:
ovndbcluster-nb:
replicas: 1
dbType: NB
storageRequest: 10G
ovndbcluster-sb:
replicas: 1
dbType: SB
storageRequest: 10G
ovnNorthd:
replicas: 1
ovnController:
external-ids:
system-id: "random"
ovn-bridge: "br-int"
ovn-encap-type: "geneve"
neutron:
template:
databaseInstance: openstack
secret: osp-secret
horizon:
template:
replicas: 1
secret: osp-secret
nova:
template:
secret: osp-secret
heat:
enabled: false
template:
databaseInstance: openstack
heatAPI:
replicas: 1
heatEngine:
replicas: 1
secret: osp-secret
octavia:
enabled: false
template:
databaseInstance: openstack
octaviaAPI:
replicas: 1
secret: osp-secret
ironic:
enabled: false
template:
databaseInstance: openstack
ironicAPI:
replicas: 1
ironicConductors:
- replicas: 1
storageRequest: 10G
ironicInspector:
replicas: 1
ironicNeutronAgent:
replicas: 1
secret: osp-secret
telemetry:
enabled: true
template:
autoscaling:
aodh:
secret: osp-secret
serviceUser: aodh
ceilometer:
passwordSelector:
ceilometerService: CeilometerPassword
secret: osp-secret
serviceUser: ceilometer
swift:
enabled: true
template:
swiftRing:
ringReplicas: 1
swiftStorage:
replicas: 1
swiftProxy:
replicas: 1
designate:
enabled: false
template:
databaseInstance: openstack
secret: osp-secret
designateAPI:
replicas: 1
designateCentral:
replicas: 0 # backend needs to be configured
designateWorker:
replicas: 0 # backend needs to be configured
designateProducer:
replicas: 0 # backend needs to be configured
designateBackendbind9:
replicas: 0 # backend needs to be configured
barbican:
enabled: true
template:
databaseInstance: openstack
secret: osp-secret
barbicanAPI:
replicas: 1
barbicanWorker:
replicas: 1
barbicanKeystoneListener:
replicas: 1
tls:
ingress:
ca:
duration: 87600h0m0s
cert:
duration: 43800h0m0s
enabled: true
podLevel:
enabled: false
status:
conditions:
- message: Setup complete
reason: Ready
status: "True"
type: Ready
- message: OpenStackControlPlane Barbican completed
reason: Ready
status: "True"
type: OpenStackControlPlaneBarbicanReady
- message: OpenStackControlPlane CAs completed
reason: Ready
status: "True"
type: OpenStackControlPlaneCAReadyCondition
- message: OpenStackControlPlane Cinder completed
reason: Ready
status: "True"
type: OpenStackControlPlaneCinderReady
- message: OpenStackControlPlane Client completed
reason: Ready
status: "True"
type: OpenStackControlPlaneClientReady
- message: OpenStackControlPlane barbican service exposed
reason: Ready
status: "True"
type: OpenStackControlPlaneExposeBarbicanReady
- message: OpenStackControlPlane cinder service exposed
reason: Ready
status: "True"
type: OpenStackControlPlaneExposeCinderReady
- message: OpenStackControlPlane glance service exposed
reason: Ready
status: "True"
type: OpenStackControlPlaneExposeGlanceReady
- message: OpenStackControlPlane keystone service exposed
reason: Ready
status: "True"
type: OpenStackControlPlaneExposeKeystoneAPIReady
- message: OpenStackControlPlane neutron service exposed
reason: Ready
status: "True"
type: OpenStackControlPlaneExposeNeutronReady
- message: OpenStackControlPlane nova service exposed
reason: Ready
status: "True"
type: OpenStackControlPlaneExposeNovaReady
- message: OpenStackControlPlane placement service exposed
reason: Ready
status: "True"
type: OpenStackControlPlaneExposePlacementAPIReady
- message: OpenStackControlPlane swift service exposed
reason: Ready
status: "True"
type: OpenStackControlPlaneExposeSwiftReady
- message: OpenStackControlPlane Glance completed
reason: Ready
status: "True"
type: OpenStackControlPlaneGlanceReady
- message: OpenStackControlPlane InstanceHa CM is available
reason: Ready
status: "True"
type: OpenStackControlPlaneInstanceHaCMReadyCondition
- message: OpenStackControlPlane KeystoneAPI completed
reason: Ready
status: "True"
type: OpenStackControlPlaneKeystoneAPIReady
- message: OpenStackControlPlane MariaDB completed
reason: Ready
status: "True"
type: OpenStackControlPlaneMariaDBReady
- message: OpenStackControlPlane Memcached completed
reason: Ready
status: "True"
type: OpenStackControlPlaneMemcachedReady
- message: OpenStackControlPlane Neutron completed
reason: Ready
status: "True"
type: OpenStackControlPlaneNeutronReady
- message: OpenStackControlPlane Nova completed
reason: Ready
status: "True"
type: OpenStackControlPlaneNovaReady
- message: OpenStackControlPlane OVN completed
reason: Ready
status: "True"
type: OpenStackControlPlaneOVNReady
- message: OpenStackControlPlane PlacementAPI completed
reason: Ready
status: "True"
type: OpenStackControlPlanePlacementAPIReady
- message: OpenStackControlPlane RabbitMQ completed
reason: Ready
status: "True"
type: OpenStackControlPlaneRabbitMQReady
- message: OpenStackControlPlane Swift completed
reason: Ready
status: "True"
type: OpenStackControlPlaneSwiftReady
- message: OpenStackControlPlane Telemetry completed
reason: Ready
status: "True"
type: OpenStackControlPlaneTelemetryReady
- message: OpenStackControlPlane Test Operator CM is available
reason: Ready
status: "True"
type: OpenStackControlPlaneTestCMReadyCondition
---
apiVersion: kuttl.dev/v1beta1
kind: TestAssert
timeout: 500
commands:
- script: |
echo "Waiting for OpenStack control plane to be ready..."
oc wait openstackcontrolplane -n $NAMESPACE --for=condition=Ready --timeout=400s -l core.openstack.org/openstackcontrolplane
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
apiVersion: kuttl.dev/v1beta1
kind: TestStep
commands:
- script: |
oc kustomize ../../../../config/samples/base/openstackcontrolplane | oc apply -n $NAMESPACE -f -

0 comments on commit b0a9978

Please sign in to comment.