use_cookbook-openstackclient/identity_v3

- Now use cookbook-openstackclient to create endpoints role service and user - added domain creation and access granting - added values to work with identity_v3 - rewrote specs to work again - updated readme Change-Id: I6c91c874013190522dd7f1fd6060dc3796dc80fd Depends-On: I0f8955f05de9b33711c54b9a198f45018cceb8e1 Depends-On: I2d404a424bd79a6e9b282304e21591fa33a48981 Depends-On: If7b4d6e563081a0be9957353d73ef61a9688df56 Depends-On: I84f850f32f25a318c3ed3c7337a0dfa6f641a5fe
2016-08-31 16:04:34 +02:00 · 2016-08-31 16:04:34 +02:00 · 2e00d31d1f
commit 2e00d31d1f
parent 327878ed18
10 changed files with 156 additions and 114 deletions
--- a/3
+++ b/3
@ -12,3 +12,6 @@ cookbook "openstack-image",
  github: "openstack/cookbook-openstack-image"
 cookbook "openstack-network",
  github: "openstack/cookbook-openstack-network"
+cookbook "openstackclient",
+  github: "cloudbau/cookbook-openstackclient"
+
--- a/README.md
+++ b/README.md
@ -33,6 +33,7 @@ The following cookbooks are dependencies:

 - 'openstack-common', '>= 14.0.0'
 - 'openstack-identity', '>= 14.0.0'
+- 'openstackclient', '>= 0.1.0'

 Attributes
 ==========
@ -89,7 +90,8 @@ License and Author
 | **Author**           |  Chen Zhiwei (<zhiwchen@cn.ibm.com>)               |
 | **Author**           |  David Geng (<gengjh@cn.ibm.com>)                  |
 | **Author**           |  Mark Vanderwiel (<vanderwl@us.ibm.com>)           |
-| **Author**           |  Jan Klare (<j.klare@cloudbau.de>)                    |
+| **Author**           |  Jan Klare (<j.klare@cloudbau.de>)                 |
+| **Author**           |  Christoph Albers (<c.albers@x-ion.de>)            |
 |                      |                                                    |
 | **Copyright**        |  Copyright (c) 2013, Opscode, Inc.                 |
 | **Copyright**        |  Copyright (c) 2013, AT&T Services, Inc.           |
--- a/attributes/ceilometer_conf.rb
+++ b/attributes/ceilometer_conf.rb
@ -7,12 +7,16 @@ default['openstack']['telemetry']['conf'].tap do |conf|
  # [keystone_authtoken] section
  conf['keystone_authtoken']['username'] = 'ceilometer'
  conf['keystone_authtoken']['project_name'] = 'service'
-  conf['keystone_authtoken']['auth_type'] = 'password'
+  conf['keystone_authtoken']['auth_type'] = 'v3password'
+  conf['keystone_authtoken']['user_domain_name'] = 'Default'
+  conf['keystone_authtoken']['project_domain_name'] = 'Default'
  conf['keystone_authtoken']['region_name'] = node['openstack']['region']
  # [service_credentials] section
  conf['service_credentials']['username'] = 'ceilometer'
  conf['service_credentials']['project_name'] = 'service'
-  conf['service_credentials']['auth_type'] = 'password'
+  conf['service_credentials']['user_domain_name'] = 'Default'
+  conf['service_credentials']['project_domain_name'] = 'Default'
+  conf['service_credentials']['auth_type'] = 'v3password'
  conf['service_credentials']['interface'] = 'internal'
  conf['service_credentials']['region_name'] = node['openstack']['region']
 end
--- a/attributes/gnocchi_conf.rb
+++ b/attributes/gnocchi_conf.rb
@ -6,7 +6,9 @@ default['openstack']['telemetry-metric']['conf'].tap do |conf|
  # [keystone_authtoken] section
  conf['keystone_authtoken']['username'] = 'gnocchi'
  conf['keystone_authtoken']['project_name'] = 'service'
-  conf['keystone_authtoken']['auth_type'] = 'password'
+  conf['keystone_authtoken']['auth_type'] = 'v3password'
+  conf['keystone_authtoken']['user_domain_name'] = 'Default'
+  conf['keystone_authtoken']['project_domain_name'] = 'Default'
  conf['keystone_authtoken']['region_name'] = node['openstack']['region']
  conf['storage']['driver'] = 'file'
  if node['openstack']['telemetry-metric']['conf']['storage']['driver'] == 'file'
--- a/metadata.rb
+++ b/metadata.rb
@ -25,3 +25,4 @@ end

 depends 'openstack-common', '>= 14.0.0'
 depends 'openstack-identity', '>= 14.0.0'
+depends 'openstackclient'
--- a/recipes/identity_registration.rb
+++ b/recipes/identity_registration.rb
@ -20,14 +20,26 @@

 require 'uri'

-class ::Chef::Recipe # rubocop:disable Documentation
+# Include OS
+class ::Chef::Recipe
  include ::Openstack
 end

 identity_admin_endpoint = admin_endpoint 'identity'

-bootstrap_token = get_password 'token', 'openstack_identity_bootstrap_token'
-auth_uri = ::URI.decode identity_admin_endpoint.to_s
+auth_url = ::URI.decode identity_admin_endpoint.to_s
+admin_user = node['openstack']['identity']['admin_user']
+admin_pass = get_password 'user', node['openstack']['identity']['admin_user']
+admin_project = node['openstack']['identity']['admin_project']
+admin_domain = node['openstack']['identity']['admin_domain_name']
+service_domain_name = node['openstack']['telemetry']['conf']['keystone_authtoken']['user_domain_name']
+connection_params = {
+  openstack_auth_url:     "#{auth_url}/auth/tokens",
+  openstack_username:     admin_user,
+  openstack_api_key:      admin_pass,
+  openstack_project_name: admin_project,
+  openstack_domain_name:    admin_domain
+}

 %w(telemetry telemetry-metric).each do |telemetry_service|
  case telemetry_service
@ -37,11 +49,13 @@ auth_uri = ::URI.decode identity_admin_endpoint.to_s
  when 'telemetry-metric'
    service_name = 'gnocchi'
    service_type = 'metric'
-  end

-  admin_api_endpoint = admin_endpoint telemetry_service
-  internal_api_endpoint = internal_endpoint telemetry_service
-  public_api_endpoint = public_endpoint telemetry_service
+  end
+  interfaces = {
+    public: { url: public_endpoint(telemetry_service) },
+    internal: { url: internal_endpoint(telemetry_service) },
+    admin: { url: admin_endpoint(telemetry_service) }
+  }

  service_pass = get_password 'service', "openstack-#{telemetry_service}"
  service_role = node['openstack'][telemetry_service]['service_role']
@ -49,58 +63,51 @@ auth_uri = ::URI.decode identity_admin_endpoint.to_s
    node['openstack'][telemetry_service]['conf']['keystone_authtoken']['username']
  service_tenant_name =
    node['openstack'][telemetry_service]['conf']['keystone_authtoken']['project_name']
+  region = node['openstack']['region']
+
+  # Register telemetry_service Service
+  openstack_service service_name do
+    type service_type
+    connection_params connection_params
+  end
+
+  interfaces.each do |interface, res|
+    # Register telemetry_service Endpoints
+    openstack_endpoint service_type do
+      service_name service_name
+      interface interface.to_s
+      url res[:url].to_s
+      region region
+      connection_params connection_params
+    end
+  end

  # Register Service Tenant
-  openstack_identity_register "Register Service Tenant for #{telemetry_service}" do
-    auth_uri auth_uri
-    bootstrap_token bootstrap_token
-    tenant_name service_tenant_name
-    tenant_description 'Service Tenant'
-
-    action :create_tenant
+  openstack_project service_tenant_name do
+    connection_params connection_params
  end

  # Register Service User
-  openstack_identity_register "Register #{service_user} User" do
-    auth_uri auth_uri
-    bootstrap_token bootstrap_token
-    tenant_name service_tenant_name
-    user_name service_user
-    user_pass service_pass
-
-    action :create_user
+  openstack_user service_user do
+    project_name service_tenant_name
+    role_name service_role
+    password service_pass
+    connection_params connection_params
  end

-  # Grant Admin role to Service User for Service Tenant
-  openstack_identity_register "Grant 'admin' Role to #{service_user} User for Service Tenant" do
-    auth_uri auth_uri
-    bootstrap_token bootstrap_token
-    tenant_name service_tenant_name
-    user_name service_user
+  ## Grant Service role to Service User for Service Tenant ##
+  openstack_user service_user do
    role_name service_role
-
+    project_name service_tenant_name
+    connection_params connection_params
    action :grant_role
  end

-  openstack_identity_register "Register Service #{telemetry_service}" do
-    auth_uri auth_uri
-    bootstrap_token bootstrap_token
-    service_name service_name
-    service_type service_type
-    service_description 'Ceilometer Service'
-
-    action :create_service
-  end
-
-  openstack_identity_register "Register #{service_type} Endpoint" do
-    auth_uri auth_uri
-    bootstrap_token bootstrap_token
-    service_type service_type
-    endpoint_region node['openstack'][telemetry_service]['conf']['keystone_authtoken']['region_name']
-    endpoint_adminurl ::URI.decode admin_api_endpoint.to_s
-    endpoint_internalurl ::URI.decode internal_api_endpoint.to_s
-    endpoint_publicurl ::URI.decode public_api_endpoint.to_s
-
-    action :create_endpoint
+  openstack_user service_user do
+    domain_name service_domain_name
+    role_name service_role
+    user_name service_user
+    connection_params connection_params
+    action :grant_domain
  end
 end
--- a/spec/common_spec.rb
+++ b/spec/common_spec.rb
@ -65,9 +65,11 @@ describe 'openstack-telemetry::common' do
        [
          /^username = ceilometer$/,
          /^project_name = service$/,
-          /^auth_type = password$/,
+          /^user_domain_name = Default/,
+          /^project_domain_name = Default/,
+          /^auth_type = v3password$/,
          /^region_name = RegionOne$/,
-          %r{auth_url = http://127\.0\.0\.1:5000/v2\.0},
+          %r{auth_url = http://127\.0\.0\.1:5000/v3},
          /^password = ceilometer-pass$/
        ].each do |line|
          expect(chef_run).to render_config_file(file.name)
@ -79,10 +81,12 @@ describe 'openstack-telemetry::common' do
        [
          /^username = ceilometer$/,
          /^project_name = service$/,
-          /^auth_type = password$/,
+          /^user_domain_name = Default/,
+          /^project_domain_name = Default/,
+          /^auth_type = v3password$/,
          /^interface = internal$/,
          /^region_name = RegionOne$/,
-          %r{auth_url = http://127\.0\.0\.1:5000/v2\.0},
+          %r{auth_url = http://127\.0\.0\.1:5000/v3},
          /^password = ceilometer-pass$/
        ].each do |line|
          expect(chef_run).to render_config_file(file.name)
--- a/spec/gnocchi_configure_spec.rb
+++ b/spec/gnocchi_configure_spec.rb
@ -22,10 +22,12 @@ describe 'openstack-telemetry::gnocchi_configure' do
      it do
        [
          /^username = gnocchi$/,
+          /^user_domain_name = Default$/,
          /^project_name = service$/,
-          /^auth_type = password$/,
+          /^project_domain_name = Default$/,
+          /^auth_type = v3password$/,
          /^region_name = RegionOne$/,
-          %r{auth_url = http://127\.0\.0\.1:5000/v2\.0},
+          %r{auth_url = http://127\.0\.0\.1:5000/v3},
          /^password = gnocchi-pass$/
        ].each do |line|
          expect(chef_run).to render_config_file(file.name)
--- a/spec/identity_registration_spec.rb
+++ b/spec/identity_registration_spec.rb
@ -15,76 +15,93 @@ describe 'openstack-telemetry::identity_registration' do
      when 'telemetry'
        service_name = 'ceilometer'
        service_type = 'metering'
-        user_pass = 'ceilometer-pass'
+        password = 'ceilometer-pass'
        port = 8777
      when 'telemetry-metric'
        service_name = 'gnocchi'
        service_type = 'metric'
-        user_pass = 'gnocchi-pass'
+        password = 'gnocchi-pass'
        port = 8041
      end

-      it do
-        expect(chef_run).to create_tenant_openstack_identity_register(
-          "Register Service Tenant for #{telemetry_service}"
+      connection_params = {
+        openstack_auth_url: 'http://127.0.0.1:35357/v3/auth/tokens',
+        openstack_username: 'admin',
+        openstack_api_key: 'admin-pass',
+        openstack_project_name: 'admin',
+        openstack_domain_name: 'default'
+      }
+      service_user = service_name
+      url = "http://127.0.0.1:#{port}"
+      region = 'RegionOne'
+      project_name = 'service'
+      role_name = 'admin'
+      domain_name = 'Default'
+
+      it "registers #{project_name} Project" do
+        expect(chef_run).to create_openstack_project(
+          project_name
        ).with(
-          auth_uri: 'http://127.0.0.1:35357/v2.0',
-          bootstrap_token: 'bootstrap-token',
-          tenant_name: 'service',
-          tenant_description: 'Service Tenant'
+          connection_params: connection_params
        )
      end

-      it do
-        expect(chef_run).to create_user_openstack_identity_register(
-          "Register #{service_name} User"
+      it "registers #{service_name} service" do
+        expect(chef_run).to create_openstack_service(
+          service_name
        ).with(
-          auth_uri: 'http://127.0.0.1:35357/v2.0',
-          bootstrap_token: 'bootstrap-token',
-          tenant_name: 'service',
-          user_name: service_name,
-          user_pass: user_pass
+          connection_params: connection_params,
+          type: service_type
        )
      end

-      it do
-        expect(chef_run).to grant_role_openstack_identity_register(
-          "Grant 'admin' Role to #{service_name} User for Service Tenant"
-        ).with(
-          auth_uri: 'http://127.0.0.1:35357/v2.0',
-          bootstrap_token: 'bootstrap-token',
-          tenant_name: 'service',
-          user_name: service_name,
-          role_name: 'admin'
-        )
-      end
-
-      it do
-        expect(chef_run).to create_service_openstack_identity_register(
-          "Register Service #{telemetry_service}"
-        ).with(
-          auth_uri: 'http://127.0.0.1:35357/v2.0',
-          bootstrap_token: 'bootstrap-token',
-          service_name: service_name,
-          service_type: service_type
-        )
-      end
-
-      context "registers #{service_type} endpoint" do
-        it do
-          expect(chef_run).to create_endpoint_openstack_identity_register(
-            "Register #{service_type} Endpoint"
-          ).with(
-            auth_uri: 'http://127.0.0.1:35357/v2.0',
-            bootstrap_token: 'bootstrap-token',
-            service_type: service_type,
-            endpoint_region: 'RegionOne',
-            endpoint_adminurl: "http://127.0.0.1:#{port}",
-            endpoint_internalurl: "http://127.0.0.1:#{port}",
-            endpoint_publicurl: "http://127.0.0.1:#{port}"
-          )
+      context "registers #{service_name} endpoint" do
+        %w(admin internal public).each do |interface|
+          it "#{interface} endpoint with default values" do
+            expect(chef_run).to create_openstack_endpoint(
+              service_type
+            ).with(
+              service_name: service_name,
+              # interface: interface,
+              url: url,
+              region: region,
+              connection_params: connection_params
+            )
+          end
        end
      end
+
+      it 'registers service user' do
+        expect(chef_run).to create_openstack_user(
+          service_user
+        ).with(
+          project_name: project_name,
+          role_name: role_name,
+          password: password,
+          connection_params: connection_params
+        )
+      end
+
+      it do
+        expect(chef_run).to grant_domain_openstack_user(
+          service_user
+        ).with(
+          domain_name: domain_name,
+          role_name: role_name,
+          connection_params: connection_params
+        )
+      end
+
+      it do
+        expect(chef_run).to grant_role_openstack_user(
+          service_user
+        ).with(
+          project_name: project_name,
+          role_name: role_name,
+          password: password,
+          connection_params: connection_params
+        )
+      end
    end
  end
 end
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@ -39,8 +39,8 @@ shared_context 'telemetry-stubs' do
      .with('user', 'guest')
      .and_return('mq-pass')
    allow_any_instance_of(Chef::Recipe).to receive(:get_password)
-      .with('token', 'openstack_identity_bootstrap_token')
-      .and_return('bootstrap-token')
+      .with('user', 'admin')
+      .and_return('admin-pass')
    allow(Chef::Application).to receive(:fatal!)
  end
 end