diff --git a/Berksfile b/Berksfile index d3770f0..84e5b6d 100644 --- a/Berksfile +++ b/Berksfile @@ -1,4 +1,4 @@ metadata cookbook "openstack-common", - git: "git@github.com:att-cloud/cookbook-openstack-common.git" + git: "git://github.com/stackforge/cookbook-openstack-common.git" diff --git a/Gemfile b/Gemfile index 9985671..81ba419 100644 --- a/Gemfile +++ b/Gemfile @@ -4,4 +4,3 @@ gem "chef", "~> 10.18.2" gem "berkshelf", "~> 1.4.0" gem "chefspec", "~> 1.0.0" gem "foodcritic", "~> 2.1.0" -gem "webmock", "~> 1.11.0" diff --git a/Gemfile.lock b/Gemfile.lock index 3fe30a2..5b7b920 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -56,7 +56,6 @@ GEM multi_json (>= 1.3.0) ci_reporter (1.8.4) builder (>= 2.1.2) - crack (0.3.2) diff-lcs (1.2.4) erubis (2.7.0) faraday (0.8.7) @@ -154,9 +153,6 @@ GEM polyglot polyglot (>= 0.3.1) uuidtools (2.1.4) - webmock (1.11.0) - addressable (>= 2.2.7) - crack (>= 0.3.2) yajl-ruby (1.1.0) PLATFORMS @@ -167,4 +163,3 @@ DEPENDENCIES chef (~> 10.18.2) chefspec (~> 1.0.0) foodcritic (~> 2.1.0) - webmock (~> 1.11.0) diff --git a/README.md b/README.md index e089dd3..2d7f3a5 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ Configures database for use with keystone ```json "run_list": [ - "recipe[keystone::db]" + "recipe[openstack-identity::db]" ] ``` @@ -42,7 +42,7 @@ Installs and Configures Keystone Service ```json "run_list": [ - "recipe[keystone::server]" + "recipe[openstack-identity::server]" ] ``` @@ -122,7 +122,7 @@ Register users, tenants, roles, services and endpoints with Keystone ### Examples # Create 'openstack' tenant - keystone_register "Register 'openstack' Tenant" do + openstack_identity_register "Register 'openstack' Tenant" do auth_host "192.168.1.10" auth_port "35357" auth_protocol "http" @@ -135,7 +135,7 @@ Register users, tenants, roles, services and endpoints with Keystone end # Create 'admin' user - keystone_register "Register 'admin' User" do + openstack_identity_register "Register 'admin' User" do auth_host "192.168.1.10" auth_port "35357" auth_protocol "http" @@ -149,7 +149,7 @@ Register users, tenants, roles, services and endpoints with Keystone end # Create 'admin' role - keystone_register "Register 'admin' Role" do + openstack_identity_register "Register 'admin' Role" do auth_host "192.168.1.10" auth_port "35357" auth_protocol "http" @@ -161,7 +161,7 @@ Register users, tenants, roles, services and endpoints with Keystone # Grant 'admin' role to 'admin' user in the 'openstack' tenant - keystone_register "Grant 'admin' Role to 'admin' User" do + openstack_identity_register "Grant 'admin' Role to 'admin' User" do auth_host "192.168.1.10" auth_port "35357" auth_protocol "http" @@ -174,7 +174,7 @@ Register users, tenants, roles, services and endpoints with Keystone end # Create 'identity' service - keystone_register "Register Identity Service" do + openstack_identity_register "Register Identity Service" do auth_host "192.168.1.10" auth_port "35357" auth_protocol "http" @@ -187,7 +187,7 @@ Register users, tenants, roles, services and endpoints with Keystone end # Create 'identity' endpoint - keystone_register "Register Identity Endpoint" do + openstack_identity_register "Register Identity Endpoint" do auth_host "192.168.1.10" auth_port "35357" auth_protocol "http" @@ -226,7 +226,7 @@ Create EC2 credentials for a given user in the specified tenant ### Examples - keystone_credentials "Create EC2 credentials for 'admin' user" do + openstack_identity_credentials "Create EC2 credentials for 'admin' user" do auth_host "192.168.1.10" auth_port "35357" auth_protocol "http" @@ -239,24 +239,24 @@ Create EC2 credentials for a given user in the specified tenant Attributes ========== -* `keystone["db_server_chef_role"]` - The name of the Chef role that knows about the db server -* `keystone["bind_interface"]` - Interface to bind keystone to -* `keystone["service_port"]` - Port to listen on for client functions -* `keystone["admin_port"]` - Port to listen on for admin functions -* `keystone["user"]` - User keystone runs as -* `keystone["group"]` - Group keystone runs as -* `keystone["db"]` - Name of keystone database -* `keystone["db_user"]` - Username for keystone database access -* `keystone["db_passwd"]` - Password for keystone database access -* `keystone["db_ipaddress"]` - IP address of the keystone database -* `keystone["api_ipaddress"]` - IP address for the keystone API to bind to. _TODO_: Rename to bind_address -* `keystone["verbose"]` - Enables/disables verbose output for keystone API server -* `keystone["debug"]` - Enables/disables debug output for keystone API server -* `keystone["service_port"]` - Port for the keystone service API to bind to -* `keystone["admin_port"]` - Port for the keystone admin service to bind to -* `keystone["admin_token"]` - Admin token for bootstraping keystone server -* `keystone["roles"]` - Array of roles to create in the keystone server -* `keystone["users"]` - Array of users to create in the keystone server +* `openstack-identity["db_server_chef_role"]` - The name of the Chef role that knows about the db server +* `openstack-identity["bind_interface"]` - Interface to bind keystone to +* `openstack-identity["service_port"]` - Port to listen on for client functions +* `openstack-identity["admin_port"]` - Port to listen on for admin functions +* `openstack-identity["user"]` - User keystone runs as +* `openstack-identity["group"]` - Group keystone runs as +* `openstack-identity["db"]` - Name of keystone database +* `openstack-identity["db_user"]` - Username for keystone database access +* `openstack-identity["db_passwd"]` - Password for keystone database access +* `openstack-identity["db_ipaddress"]` - IP address of the keystone database +* `openstack-identity["api_ipaddress"]` - IP address for the keystone API to bind to. _TODO_: Rename to bind_address +* `openstack-identity["verbose"]` - Enables/disables verbose output for keystone API server +* `openstack-identity["debug"]` - Enables/disables debug output for keystone API server +* `openstack-identity["service_port"]` - Port for the keystone service API to bind to +* `openstack-identity["admin_port"]` - Port for the keystone admin service to bind to +* `openstack-identity["admin_token"]` - Admin token for bootstraping keystone server +* `openstack-identity["roles"]` - Array of roles to create in the keystone server +* `openstack-identity["users"]` - Array of users to create in the keystone server Testing ===== diff --git a/attributes/default.rb b/attributes/default.rb index bfe133b..2ae1213 100644 --- a/attributes/default.rb +++ b/attributes/default.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Recipe:: default # # Copyright 2012-2013, AT&T Services, Inc. @@ -19,7 +19,7 @@ # Set to some text value if you want templated config files # to contain a custom banner at the top of the written file -default["keystone"]["custom_template_banner"] = " +default["openstack-identity"]["custom_template_banner"] = " # This file autogenerated by Chef # Do not edit, changes will be overwritten " @@ -29,36 +29,36 @@ default["keystone"]["custom_template_banner"] = " default["credentials"]["EC2"]["admin"]["access"] = "" default["credentials"]["EC2"]["admin"]["secret"] = "" -default["keystone"]["db"]["username"] = "keystone" +default["openstack-identity"]["db"]["username"] = "keystone" -default["keystone"]["verbose"] = "False" -default["keystone"]["debug"] = "False" +default["openstack-identity"]["verbose"] = "False" +default["openstack-identity"]["debug"] = "False" -default["keystone"]["service_port"] = "5000" -default["keystone"]["admin_port"] = "35357" -default['keystone']['user'] = "keystone" -default['keystone']['group'] = "keystone" -default["keystone"]["region"] = "RegionOne" +default["openstack-identity"]["service_port"] = "5000" +default["openstack-identity"]["admin_port"] = "35357" +default["openstack-identity"]["user"] = "keystone" +default["openstack-identity"]["group"] = "keystone" +default["openstack-identity"]["region"] = "RegionOne" -default["keystone"]["bind_interface"] = "lo" +default["openstack-identity"]["bind_interface"] = "lo" # Logging stuff -default["keystone"]["syslog"]["use"] = false -default["keystone"]["syslog"]["facility"] = "LOG_LOCAL2" -default["keystone"]["syslog"]["config_facility"] = "local2" +default["openstack-identity"]["syslog"]["use"] = false +default["openstack-identity"]["syslog"]["facility"] = "LOG_LOCAL2" +default["openstack-identity"]["syslog"]["config_facility"] = "local2" -# default["keystone"]["roles"] = [ "admin", "Member", "KeystoneAdmin", "KeystoneServiceAdmin", "sysadmin", "netadmin" ] -default["keystone"]["roles"] = [ "admin", "Member", "KeystoneAdmin", "KeystoneServiceAdmin" ] +# default["openstack-identity"]["roles"] = [ "admin", "Member", "KeystoneAdmin", "KeystoneServiceAdmin", "sysadmin", "netadmin" ] +default["openstack-identity"]["roles"] = [ "admin", "Member", "KeystoneAdmin", "KeystoneServiceAdmin" ] #TODO(shep): this should probably be derived from keystone.users hash keys -default["keystone"]["tenants"] = [ "admin", "service"] +default["openstack-identity"]["tenants"] = [ "admin", "service"] -default["keystone"]["admin_user"] = "admin" -default["keystone"]["admin_tenant_name"] = "admin" +default["openstack-identity"]["admin_user"] = "admin" +default["openstack-identity"]["admin_tenant_name"] = "admin" -default["keystone"]["users"] = { - default["keystone"]["admin_user"] => { - "default_tenant" => default["keystone"]["admin_tenant_name"], +default["openstack-identity"]["users"] = { + default["openstack-identity"]["admin_user"] => { + "default_tenant" => default["openstack-identity"]["admin_tenant_name"], "roles" => { "admin" => [ "admin" ], "KeystoneAdmin" => [ "admin" ], @@ -76,23 +76,23 @@ default["keystone"]["users"] = { # PKI signing. Corresponds to the [signing] section of keystone.conf # Note this section is only written if node["openstack"]["auth"]["straegy"] == "pki" -default["keystone"]["signing"]["basedir"] = "/etc/keystone/ssl" -default["keystone"]["signing"]["certfile"] = "/etc/keystone/ssl/certs/signing_cert.pem" -default["keystone"]["signing"]["keyfile"] = "/etc/keystone/ssl/private/signing_key.pem" -default["keystone"]["signing"]["ca_certs"] = "/etc/keystone/ssl/certs/ca.pem" -default["keystone"]["signing"]["key_size"] = "1024" -default["keystone"]["signing"]["valid_days"] = "3650" -default["keystone"]["signing"]["ca_password"] = nil +default["openstack-identity"]["signing"]["basedir"] = "/etc/keystone/ssl" +default["openstack-identity"]["signing"]["certfile"] = "/etc/keystone/ssl/certs/signing_cert.pem" +default["openstack-identity"]["signing"]["keyfile"] = "/etc/keystone/ssl/private/signing_key.pem" +default["openstack-identity"]["signing"]["ca_certs"] = "/etc/keystone/ssl/certs/ca.pem" +default["openstack-identity"]["signing"]["key_size"] = "1024" +default["openstack-identity"]["signing"]["valid_days"] = "3650" +default["openstack-identity"]["signing"]["ca_password"] = nil # These switches set the various drivers for the different Keystone components -default['keystone']['identity']['backend'] = 'sql' -default['keystone']['token']['backend'] = 'sql' -default['keystone']['catalog']['backend'] = 'sql' +default["openstack-identity"]["identity"]["backend"] = "sql" +default["openstack-identity"]["token"]["backend"] = "sql" +default["openstack-identity"]["catalog"]["backend"] = "sql" # platform defaults case platform when "fedora", "redhat", "centos" # :pragma-foodcritic: ~FC024 - won't fix this - default["keystone"]["platform"] = { + default["openstack-identity"]["platform"] = { "mysql_python_packages" => [ "MySQL-python" ], "memcache_python_packages" => [ "python-memcached" ], "keystone_packages" => [ "openstack-keystone" ], @@ -101,7 +101,7 @@ when "fedora", "redhat", "centos" # :pragma-foodcritic: ~FC024 - won't fix this "package_options" => "" } when "ubuntu" - default["keystone"]["platform"] = { + default["openstack-identity"]["platform"] = { "mysql_python_packages" => [ "python-mysqldb" ], "memcache_python_packages" => [ "python-memcache" ], "keystone_packages" => [ "keystone" ], diff --git a/metadata.rb b/metadata.rb index f86ff73..3f91009 100644 --- a/metadata.rb +++ b/metadata.rb @@ -1,4 +1,4 @@ -name "keystone" +name "openstack-identity" maintainer "Opscode, Inc." maintainer_email "matt@opscode.com" license "Apache 2.0" @@ -6,9 +6,9 @@ description "The OpenStack Identity service Keystone." long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) version "2012.2.1" -recipe "keystone::db", "Configures database for use with keystone" -recipe "keystone::server", "Installs and Configures Keystone Service" -recipe "keystone::registration", "Adds user, tenant, role and endpoint records to Keystone" +recipe "openstack-identity::db", "Configures database for use with keystone" +recipe "openstack-identity::server", "Installs and Configures Keystone Service" +recipe "openstack-identity::registration", "Adds user, tenant, role and endpoint records to Keystone" %w{ ubuntu fedora redhat centos }.each do |os| supports os diff --git a/providers/credentials.rb b/providers/credentials.rb index 773839a..27cc9dd 100644 --- a/providers/credentials.rb +++ b/providers/credentials.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Provider:: credentials # # Copyright 2012, Rackspace US, Inc. diff --git a/providers/register.rb b/providers/register.rb index 28e707c..4c05581 100644 --- a/providers/register.rb +++ b/providers/register.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Provider:: register # # Copyright 2012, Rackspace US, Inc. @@ -21,7 +21,7 @@ require "uri" action :create_service do - if node['keystone']['catalog']['backend'] == 'templated' + if node["openstack-identity"]["catalog"]["backend"] == "templated" Chef::Log.info("Skipping service creation - templated catalog backend in use.") new_resource.updated_by_last_action(false) else @@ -61,7 +61,7 @@ end action :create_endpoint do - if node['keystone']['catalog']['backend'] == 'templated' + if node["openstack-identity"]["catalog"]["backend"] == "templated" Chef::Log.info("Skipping endpoint creation - templated catalog backend in use.") new_resource.updated_by_last_action(false) else diff --git a/recipes/db.rb b/recipes/db.rb index 8659f70..f36b3eb 100644 --- a/recipes/db.rb +++ b/recipes/db.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Recipe:: db # # Copyright 2012-2013, AT&T Services, Inc. @@ -30,7 +30,7 @@ include_recipe "mysql::client" include_recipe "mysql::ruby" db_pass = db_password "keystone" -db_user = node["keystone"]["db"]["username"] +db_user = node["openstack-identity"]["db"]["username"] db_create_with_user("identity", db_user, diff --git a/recipes/default.rb b/recipes/default.rb index 499b489..9c0e915 100644 --- a/recipes/default.rb +++ b/recipes/default.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Recipe:: default # # Copyright 2012-2013, AT&T Services, Inc. diff --git a/recipes/registration.rb b/recipes/registration.rb index 2ae1625..b720e19 100644 --- a/recipes/registration.rb +++ b/recipes/registration.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Recipe:: setup # # Copyright 2012, Rackspace US, Inc. @@ -27,9 +27,9 @@ end identity_admin_endpoint = endpoint "identity-admin" identity_endpoint = endpoint "identity-api" -admin_tenant_name = node["keystone"]["admin_tenant_name"] -admin_user = node["keystone"]["admin_user"] -admin_pass = user_password node["keystone"]["admin_user"] +admin_tenant_name = node["openstack-identity"]["admin_tenant_name"] +admin_user = node["openstack-identity"]["admin_user"] +admin_pass = user_password node["openstack-identity"]["admin_user"] auth_uri = ::URI.decode identity_admin_endpoint.to_s bootstrap_token = secret "secrets", "keystone_bootstrap_token" @@ -75,9 +75,9 @@ exit 0 EOF end -node["keystone"]["tenants"].each do |tenant_name| +node["openstack-identity"]["tenants"].each do |tenant_name| ## Add openstack tenant ## - keystone_register "Register '#{tenant_name}' Tenant" do + openstack_identity_register "Register '#{tenant_name}' Tenant" do auth_uri auth_uri bootstrap_token bootstrap_token tenant_name tenant_name @@ -88,8 +88,8 @@ node["keystone"]["tenants"].each do |tenant_name| end end -node["keystone"]["roles"].each do |role_key| - keystone_register "Register '#{role_key.to_s}' Role" do +node["openstack-identity"]["roles"].each do |role_key| + openstack_identity_register "Register '#{role_key.to_s}' Role" do auth_uri auth_uri bootstrap_token bootstrap_token role_name role_key @@ -98,8 +98,8 @@ node["keystone"]["roles"].each do |role_key| end end -node["keystone"]["users"].each do |username, user_info| - keystone_register "Register '#{username}' User" do +node["openstack-identity"]["users"].each do |username, user_info| + openstack_identity_register "Register '#{username}' User" do auth_uri auth_uri bootstrap_token bootstrap_token user_name username @@ -112,7 +112,7 @@ node["keystone"]["users"].each do |username, user_info| user_info["roles"].each do |rolename, tenant_list| tenant_list.each do |tenantname| - keystone_register "Grant '#{rolename}' Role to '#{username}' User in '#{tenantname}' Tenant" do + openstack_identity_register "Grant '#{rolename}' Role to '#{username}' User in '#{tenantname}' Tenant" do auth_uri auth_uri bootstrap_token bootstrap_token user_name username @@ -125,7 +125,7 @@ node["keystone"]["users"].each do |username, user_info| end end -keystone_register "Register Identity Service" do +openstack_identity_register "Register Identity Service" do auth_uri auth_uri bootstrap_token bootstrap_token service_name "keystone" @@ -135,32 +135,31 @@ keystone_register "Register Identity Service" do action :create_service end -node.set["keystone"]["adminURL"] = identity_admin_endpoint.to_s -node.set["keystone"]["internalURL"] = identity_endpoint.to_s -node.set["keystone"]["publicURL"] = identity_endpoint.to_s +node.set["openstack-identity"]["adminURL"] = identity_admin_endpoint.to_s +node.set["openstack-identity"]["internalURL"] = identity_endpoint.to_s +node.set["openstack-identity"]["publicURL"] = identity_endpoint.to_s Chef::Log.info "Keystone AdminURL: #{identity_admin_endpoint.to_s}" Chef::Log.info "Keystone InternalURL: #{identity_endpoint.to_s}" Chef::Log.info "Keystone PublicURL: #{identity_endpoint.to_s}" -keystone_register "Register Identity Endpoint" do +openstack_identity_register "Register Identity Endpoint" do auth_uri auth_uri bootstrap_token bootstrap_token service_type "identity" - endpoint_region node["keystone"]["region"] - endpoint_adminurl node["keystone"]["adminURL"] - endpoint_internalurl node["keystone"]["adminURL"] - endpoint_publicurl node["keystone"]["publicURL"] + endpoint_region node["openstack-identity"]["region"] + endpoint_adminurl node["openstack-identity"]["adminURL"] + endpoint_internalurl node["openstack-identity"]["adminURL"] + endpoint_publicurl node["openstack-identity"]["publicURL"] action :create_endpoint end -node["keystone"]["users"].each do |username, user_info| - keystone_credentials "Create EC2 credentials for '#{username}' user" do +node["openstack-identity"]["users"].each do |username, user_info| + openstack_identity_credentials "Create EC2 credentials for '#{username}' user" do auth_uri auth_uri bootstrap_token bootstrap_token user_name username tenant_name user_info["default_tenant"] end end - diff --git a/recipes/server.rb b/recipes/server.rb index 3903a9e..e134225 100644 --- a/recipes/server.rb +++ b/recipes/server.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Recipe:: server # # Copyright 2012, Rackspace US, Inc. @@ -24,11 +24,11 @@ class ::Chef::Recipe include ::Openstack end -if node["keystone"]["syslog"]["use"] +if node["openstack-identity"]["syslog"]["use"] include_recipe "openstack-common::logging" end -platform_options = node["keystone"]["platform"] +platform_options = node["openstack-identity"]["platform"] ##### NOTE ##### # https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/931236 @@ -70,14 +70,14 @@ service "keystone" do end directory "/etc/keystone" do - owner node['keystone']['user'] - group node['keystone']['group'] + owner node["openstack-identity"]["user"] + group node["openstack-identity"]["group"] mode 00700 end -directory node["keystone"]["signing"]["basedir"] do - owner node['keystone']['user'] - group node['keystone']['group'] +directory node["openstack-identity"]["signing"]["basedir"] do + owner node["openstack-identity"]["user"] + group node["openstack-identity"]["group"] mode 00700 only_if { node["openstack"]["auth"]["strategy"] == "pki" } @@ -88,10 +88,10 @@ file "/var/lib/keystone/keystone.db" do end execute "keystone-manage pki_setup" do - user node["keystone"]["user"] + user node["openstack-identity"]["user"] only_if { node["openstack"]["auth"]["strategy"] == "pki" } - not_if { ::FileTest.exists? node["keystone"]["signing"]["keyfile"] } + not_if { ::FileTest.exists? node["openstack-identity"]["signing"]["keyfile"] } end identity_admin_endpoint = endpoint "identity-admin" @@ -101,13 +101,13 @@ ec2_endpoint = endpoint "compute-ec2-api" image_endpoint = endpoint "image-api" volume_endpoint = endpoint "volume-api" -db_user = node["keystone"]["db"]["username"] +db_user = node["openstack-identity"]["db"]["username"] db_pass = db_password "keystone" sql_connection = db_uri("identity", db_user, db_pass) bootstrap_token = secret "secrets", "keystone_bootstrap_token" -ip_address = node["network"]["ipaddress_#{node["keystone"]["bind_interface"]}"] +ip_address = node["network"]["ipaddress_#{node["openstack-identity"]["bind_interface"]}"] # If the search role is set, we search for memcache # servers via a Chef search. If not, we look at the @@ -116,8 +116,8 @@ memcache_servers = memcached_servers.join "," # from openstack-common lib template "/etc/keystone/keystone.conf" do source "keystone.conf.erb" - owner node["keystone"]["user"] - group node["keystone"]["group"] + owner node["openstack-identity"]["user"] + group node["openstack-identity"]["group"] mode 00644 variables( :sql_connection => sql_connection, @@ -140,15 +140,15 @@ uris = { template "/etc/keystone/default_catalog.templates" do source "default_catalog.templates.erb" - owner node["keystone"]["user"] - group node["keystone"]["group"] + owner node["openstack-identity"]["user"] + group node["openstack-identity"]["group"] mode 00644 variables( "uris" => uris ) notifies :restart, "service[keystone]", :immediately - only_if { node['keystone']['catalog']['backend'] == 'templated' } + only_if { node["openstack-identity"]["catalog"]["backend"] == "templated" } end # sync db after keystone.conf is generated diff --git a/resources/credentials.rb b/resources/credentials.rb index ba4171f..dce9b14 100644 --- a/resources/credentials.rb +++ b/resources/credentials.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Resource:: credentials # # Copyright 2012, Rackspace US, Inc. diff --git a/resources/register.rb b/resources/register.rb index 4c42ca6..b515c6b 100644 --- a/resources/register.rb +++ b/resources/register.rb @@ -1,5 +1,5 @@ # -# Cookbook Name:: keystone +# Cookbook Name:: openstack-identity # Resource:: register # # Copyright 2012, Rackspace US, Inc. diff --git a/spec/db_spec.rb b/spec/db_spec.rb index 8f95dfe..5dad559 100644 --- a/spec/db_spec.rb +++ b/spec/db_spec.rb @@ -1,6 +1,6 @@ require "spec_helper" -describe "keystone::db" do +describe "openstack-identity::db" do it "installs mysql packages" do @chef_run = converge @@ -19,6 +19,6 @@ describe "keystone::db" do ::Chef::Recipe.any_instance.stub(:db_password).with("keystone"). and_return "test-pass" - ::ChefSpec::ChefRunner.new(::UBUNTU_OPTS).converge "keystone::db" + ::ChefSpec::ChefRunner.new(::UBUNTU_OPTS).converge "openstack-identity::db" end end diff --git a/spec/default_spec.rb b/spec/default_spec.rb index d0769de..8840ab4 100644 --- a/spec/default_spec.rb +++ b/spec/default_spec.rb @@ -1,4 +1,4 @@ require "spec_helper" -describe "keystone::default" do +describe "openstack-identity::default" do end diff --git a/spec/server-redhat_spec.rb b/spec/server-redhat_spec.rb index 2318a5d..7932cd2 100644 --- a/spec/server-redhat_spec.rb +++ b/spec/server-redhat_spec.rb @@ -1,11 +1,11 @@ require "spec_helper" -describe "keystone::server" do +describe "openstack-identity::server" do describe "redhat" do before do keystone_stubs @chef_run = ::ChefSpec::ChefRunner.new ::REDHAT_OPTS - @chef_run.converge "keystone::server" + @chef_run.converge "openstack-identity::server" end it "installs mysql python packages" do diff --git a/spec/server_spec.rb b/spec/server_spec.rb index 1d26e1e..87d5f07 100644 --- a/spec/server_spec.rb +++ b/spec/server_spec.rb @@ -1,14 +1,14 @@ require "spec_helper" -describe "keystone::server" do +describe "openstack-identity::server" do describe "ubuntu" do before do keystone_stubs @chef_run = ::ChefSpec::ChefRunner.new ::UBUNTU_OPTS @node = @chef_run.node - @node.set["keystone"]["syslog"]["use"] = true + @node.set["openstack-identity"]["syslog"]["use"] = true @node.set["network"]["ipaddress_lo"] = "10.10.10.10" - @chef_run.converge "keystone::server" + @chef_run.converge "openstack-identity::server" end it "runs logging recipe if node attributes say to" do @@ -17,7 +17,7 @@ describe "keystone::server" do it "doesn't run logging recipe" do chef_run = ::ChefSpec::ChefRunner.new ::UBUNTU_OPTS - chef_run.converge "keystone::server" + chef_run.converge "openstack-identity::server" expect(chef_run).not_to include_recipe "openstack-common::logging" end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 3482619..014342a 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,5 +1,4 @@ require "chefspec" -require "webmock/rspec" ::LOG_LEVEL = :fatal ::REDHAT_OPTS = { @@ -13,6 +12,7 @@ require "webmock/rspec" } def keystone_stubs + ::Chef::Recipe.any_instance.stub(:memcached_servers).and_return [] ::Chef::Recipe.any_instance.stub(:db_password).and_return String.new ::Chef::Recipe.any_instance.stub(:secret).and_return String.new end diff --git a/templates/default/default_catalog.templates.erb b/templates/default/default_catalog.templates.erb index 410c661..d877083 100644 --- a/templates/default/default_catalog.templates.erb +++ b/templates/default/default_catalog.templates.erb @@ -1,24 +1,24 @@ -catalog.<%= node['keystone']['region'] %>.identity.publicURL = <%= @uris['identity'].to_s %> -catalog.<%= node['keystone']['region'] %>.identity.adminURL = <%= @uris['identity-admin'].to_s %> -catalog.<%= node['keystone']['region'] %>.identity.internalURL = <%= @uris['identity'].to_s %> -catalog.<%= node['keystone']['region'] %>.identity.name = Identity Service +catalog.<%= node["openstack-identity"]["region"] %>.identity.publicURL = <%= @uris["identity"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.identity.adminURL = <%= @uris["identity-admin"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.identity.internalURL = <%= @uris["identity"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.identity.name = Identity Service -catalog.<%= node['keystone']['region'] %>.compute.publicURL = <%= @uris['compute'].to_s %> -catalog.<%= node['keystone']['region'] %>.compute.adminURL = <%= @uris['compute'].to_s %> -catalog.<%= node['keystone']['region'] %>.compute.internalURL = <%= @uris['compute'].to_s %> -catalog.<%= node['keystone']['region'] %>.compute.name = Compute Service +catalog.<%= node["openstack-identity"]["region"] %>.compute.publicURL = <%= @uris["compute"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.compute.adminURL = <%= @uris["compute"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.compute.internalURL = <%= @uris["compute"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.compute.name = Compute Service -catalog.<%= node['keystone']['region'] %>.volume.publicURL = <%= @uris['volume'].to_s %> -catalog.<%= node['keystone']['region'] %>.volume.adminURL = <%= @uris['volume'].to_s %> -catalog.<%= node['keystone']['region'] %>.volume.internalURL = <%= @uris['volume'].to_s %> -catalog.<%= node['keystone']['region'] %>.volume.name = Volume Service +catalog.<%= node["openstack-identity"]["region"] %>.volume.publicURL = <%= @uris["volume"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.volume.adminURL = <%= @uris["volume"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.volume.internalURL = <%= @uris["volume"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.volume.name = Volume Service -catalog.<%= node['keystone']['region'] %>.ec2.publicURL = <%= @uris['ec2'].to_s %> -catalog.<%= node['keystone']['region'] %>.ec2.adminURL = <%= @uris['ec2'].to_s %> -catalog.<%= node['keystone']['region'] %>.ec2.internalURL = <%= @uris['ec2'].to_s %> -catalog.<%= node['keystone']['region'] %>.ec2.name = EC2 Service +catalog.<%= node["openstack-identity"]["region"] %>.ec2.publicURL = <%= @uris["ec2"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.ec2.adminURL = <%= @uris["ec2"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.ec2.internalURL = <%= @uris["ec2"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.ec2.name = EC2 Service -catalog.<%= node['keystone']['region'] %>.image.publicURL = <%= @uris['image'].to_s %> -catalog.<%= node['keystone']['region'] %>.image.adminURL = <%= @uris['image'].to_s %> -catalog.<%= node['keystone']['region'] %>.image.internalURL = <%= @uris['image'].to_s %> -catalog.<%= node['keystone']['region'] %>.image.name = Image Service +catalog.<%= node["openstack-identity"]["region"] %>.image.publicURL = <%= @uris["image"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.image.adminURL = <%= @uris["image"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.image.internalURL = <%= @uris["image"].to_s %> +catalog.<%= node["openstack-identity"]["region"] %>.image.name = Image Service diff --git a/templates/default/keystone.conf.erb b/templates/default/keystone.conf.erb index f748110..a5c3856 100644 --- a/templates/default/keystone.conf.erb +++ b/templates/default/keystone.conf.erb @@ -1,14 +1,14 @@ -<%= node["keystone"]["custom_template_banner"] %> +<%= node["openstack-identity"]["custom_template_banner"] %> [DEFAULT] -public_port = <%= node["keystone"]["service_port"] %> -admin_port = <%= node["keystone"]["admin_port"] %> +public_port = <%= node["openstack-identity"]["service_port"] %> +admin_port = <%= node["openstack-identity"]["admin_port"] %> admin_token = <%= @bootstrap_token %> bind_host = <%= @ip_address %> compute_port = 8774 -verbose = <%= node["keystone"]["verbose"] %> -debug = <%= node["keystone"]["debug"] %> -<% if node["keystone"]["syslog"]["use"] %> +verbose = <%= node["openstack-identity"]["verbose"] %> +debug = <%= node["openstack-identity"]["debug"] %> +<% if node["openstack-identity"]["syslog"]["use"] %> log_config = /etc/openstack/logging.conf <% else %> log_file = /var/log/keystone/keystone.log @@ -37,19 +37,19 @@ pool_timeout = 200 #suffix = cn=example,cn=com [identity] -driver = keystone.identity.backends.<%= node['keystone']['identity']['backend'] %>.Identity +driver = keystone.identity.backends.<%= node["openstack-identity"]["identity"]["backend"] %>.Identity [catalog] -<% if node['keystone']['catalog']['backend'] == 'templated' -%> +<% if node["openstack-identity"]["catalog"]["backend"] == "templated" -%> # templated driver uses different class name :( driver = keystone.catalog.backends.templated.TemplatedCatalog <% else -%> -driver = keystone.catalog.backends.<%= node['keystone']['catalog']['backend'] %>.Catalog +driver = keystone.catalog.backends.<%= node["openstack-identity"]["catalog"]["backend"] %>.Catalog <% end -%> template_file = /etc/keystone/default_catalog.templates [token] -driver = keystone.token.backends.<%= node['keystone']['token']['backend'] %>.Token +driver = keystone.token.backends.<%= node["openstack-identity"]["token"]["backend"] %>.Token # Amount of time a token should remain valid (in seconds) expiration = 86400 @@ -63,12 +63,12 @@ driver = keystone.contrib.ec2.backends.sql.Ec2 [signing] <% if node["openstack"]["auth"]["strategy"] == "pki" -%> token_format = PKI -certfile = <%= node["keystone"]["signing"]["certfile"] %> -keyfile = <%= node["keystone"]["signing"]["keyfile"] %> -ca_certs = <%= node["keystone"]["signing"]["ca_certs"] %> -key_size = <%= node["keystone"]["signing"]["key_size"] %> -valid_days = <%= node["keystone"]["signing"]["valid_days"] %> -ca_password = <%= node["keystone"]["signing"]["ca_password"] %> +certfile = <%= node["openstack-identity"]["signing"]["certfile"] %> +keyfile = <%= node["openstack-identity"]["signing"]["keyfile"] %> +ca_certs = <%= node["openstack-identity"]["signing"]["ca_certs"] %> +key_size = <%= node["openstack-identity"]["signing"]["key_size"] %> +valid_days = <%= node["openstack-identity"]["signing"]["valid_days"] %> +ca_password = <%= node["openstack-identity"]["signing"]["ca_password"] %> <% else -%> token_format = UUID <% end -%>