From 200f887a82246aebb3d4ae007fce82dbb99a5341 Mon Sep 17 00:00:00 2001
From: Gael Chamoulaud <gchamoul@redhat.com>
Date: Thu, 19 Oct 2017 11:54:56 +0200
Subject: [PATCH] Add new nova-event-callback validation

New validation to check for the Nova Event Callback feature configuration
on the Overcloud Controller(s).

Change-Id: I90750332e2f1b79635017797cf36291f714e2c18
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>
---
 ..._callback_validation-bd966e11a459d638.yaml |  5 +
 validations/nova-event-callback.yaml          | 91 +++++++++++++++++++
 2 files changed, 96 insertions(+)
 create mode 100644 releasenotes/notes/add_nova_event_callback_validation-bd966e11a459d638.yaml
 create mode 100644 validations/nova-event-callback.yaml

diff --git a/releasenotes/notes/add_nova_event_callback_validation-bd966e11a459d638.yaml b/releasenotes/notes/add_nova_event_callback_validation-bd966e11a459d638.yaml
new file mode 100644
index 000000000..52c84e573
--- /dev/null
+++ b/releasenotes/notes/add_nova_event_callback_validation-bd966e11a459d638.yaml
@@ -0,0 +1,5 @@
+---
+features:
+  - |
+    New validation to check for the Nova Event Callback feature configuration
+    on the Overcloud Controller(s).
diff --git a/validations/nova-event-callback.yaml b/validations/nova-event-callback.yaml
new file mode 100644
index 000000000..e503dead8
--- /dev/null
+++ b/validations/nova-event-callback.yaml
@@ -0,0 +1,91 @@
+---
+- hosts: Controller
+  vars:
+    metadata:
+      name: Nova Event Callback Configuration Check
+      description: >
+        This validations verifies that the Nova Event Callback feature is
+        configured which is generally enabled by default.
+        It checks the following files on the Overcloud Controller(s):
+          - /etc/nova/nova.conf:
+            [DEFAULT]/vif_plugging_is_fatal = True
+            [DEFAULT]/vif_plugging_timeout >= 300
+          - /etc/neutron/neutron.conf:
+            [nova]/auth_url = 'http://nova_admin_auth_ip:5000'
+            [nova]/tenant_name = 'service'
+            [DEFAULT]/notify_nova_on_port_data_changes = True
+            [DEFAULT]/notify_nova_on_port_status_changes = True
+      groups:
+        - post-deployment
+    nova_config_file: /var/lib/config-data/puppet-generated/nova/etc/nova/nova.conf
+    neutron_config_file: /var/lib/config-data/puppet-generated/neutron/etc/neutron/neutron.conf
+    vif_plugging_fatal_check: "vif_plugging_is_fatal"
+    vif_plugging_timeout_check: "vif_plugging_timeout"
+    vif_plugging_timeout_value_min: 300
+    notify_nova_on_port_data_check: "notify_nova_on_port_data_changes"
+    notify_nova_on_port_status_check: "notify_nova_on_port_status_changes"
+    tenant_name_check: "tenant_name"
+  tasks:
+    - name: Get VIF Plugging setting values from nova.conf
+      become: True
+      ini: path={{ nova_config_file }} section=DEFAULT key={{ item }} ignore_missing_file=true
+      register: nova_config_result
+      with_items:
+        - "{{ vif_plugging_fatal_check }}"
+        - "{{ vif_plugging_timeout_check }}"
+
+    - name: Check Nova configuration values
+      fail: msg="Value of {{ item.item }} is set to {{ item.value or 'None' }}."
+      when:
+        - "(item.item == vif_plugging_fatal_check and (item.value|bool == False or None)) or
+          (item.item == vif_plugging_timeout_check and (item.value|int <= vif_plugging_timeout_value_min|int
+          or None))"
+      with_items: "{{ nova_config_result.results }}"
+
+    - name: Get auth_url value from hiera
+      become: True
+      command: hiera -c /etc/puppet/hiera.yaml neutron::server::notifications::auth_url
+      ignore_errors: True
+      changed_when: False
+      register: auth_url
+
+    - name: Get auth_url value from neutron.conf
+      become: True
+      ini: path={{ neutron_config_file }} section=nova key=auth_url ignore_missing_file=true
+      register: neutron_auth_url_result
+
+    - name: Check [nova]/auth_url setting value from neutron.conf
+      fail:
+        msg: >-
+          [nova]/auth_url from {{ neutron_config_file }} is set to
+          {{ neutron_auth_url_result.value or 'None' }}
+          but it should be set to {{ auth_url.stdout }}.
+      failed_when: "neutron_auth_url_result.value != auth_url.stdout"
+
+    - name: Get Notify Nova settings values from neutron.conf
+      become: True
+      ini: path={{ neutron_config_file }} section=DEFAULT key={{ item }} ignore_missing_file=true
+      register: neutron_notify_nova_result
+      with_items:
+        - "{{ notify_nova_on_port_data_check }}"
+        - "{{ notify_nova_on_port_status_check }}"
+
+    - name: Check Notify Nova settings values
+      fail: msg="Value of {{ item.item }} is set to {{ item.value|bool }}."
+      when: item.value|bool != True or item.value == None
+      with_items: "{{ neutron_notify_nova_result.results }}"
+
+    - name: Get Tenant Name setting value from neutron.conf
+      become: True
+      ini: path={{ neutron_config_file }} section=nova key={{ tenant_name_check }} ignore_missing_file=true
+      register: neutron_tenant_name_result
+
+    - name: Check Tenant Name settings value
+      fail:
+        msg: >-
+          [nova]/tenant_name from {{ neutron_config_file }} is set to
+          {{ neutron_tenant_name_result.value or 'None' }}
+          but it should be set to 'service'.
+      when: neutron_tenant_name_result.value != 'service'
+
+