From 788a49e21fd773db654b2c1a48465f4cce30dd84 Mon Sep 17 00:00:00 2001 From: Dan Bode Date: Tue, 2 Oct 2012 20:26:00 -0700 Subject: [PATCH] Refactor keystone to use keystone_config This commit refactors keystone to use the native type keystone_config. - replace all concat usage with keystone_config - remove concat templates --- .../puppet/keystone/manifests/config/ldap.pp | 24 +++++-- .../puppet/keystone/manifests/config/mysql.pp | 54 --------------- .../keystone/manifests/config/postgresql.pp | 59 ---------------- .../keystone/manifests/config/sqlite.pp | 25 ------- deployment/puppet/keystone/manifests/init.pp | 61 +++++++---------- .../puppet/keystone/templates/DEFAULT.erb | 10 --- .../puppet/keystone/templates/footer.erb | 68 ------------------- .../puppet/keystone/templates/identity.erb | 2 - .../puppet/keystone/templates/mysql.erb | 11 --- .../puppet/keystone/templates/sql_catalog.erb | 2 - .../keystone/templates/template_catalog.erb | 3 - 11 files changed, 44 insertions(+), 275 deletions(-) delete mode 100644 deployment/puppet/keystone/manifests/config/mysql.pp delete mode 100644 deployment/puppet/keystone/manifests/config/postgresql.pp delete mode 100644 deployment/puppet/keystone/manifests/config/sqlite.pp delete mode 100644 deployment/puppet/keystone/templates/DEFAULT.erb delete mode 100644 deployment/puppet/keystone/templates/footer.erb delete mode 100644 deployment/puppet/keystone/templates/identity.erb delete mode 100644 deployment/puppet/keystone/templates/mysql.erb delete mode 100644 deployment/puppet/keystone/templates/sql_catalog.erb delete mode 100644 deployment/puppet/keystone/templates/template_catalog.erb diff --git a/deployment/puppet/keystone/manifests/config/ldap.pp b/deployment/puppet/keystone/manifests/config/ldap.pp index bf10654f34..437c084a8f 100644 --- a/deployment/puppet/keystone/manifests/config/ldap.pp +++ b/deployment/puppet/keystone/manifests/config/ldap.pp @@ -2,8 +2,6 @@ # This class implements a config fragment for # the ldap specific backend for keystone. # -# TODO finish implementing this -# # == Dependencies # == Examples # == Authors @@ -14,10 +12,24 @@ # # Copyright 2012 Puppetlabs Inc, unless otherwise noted. # -class keystone::ldap { +class keystone::ldap( + $url = 'ldap://localhost', + $user = 'dc=Manager,dc=example,dc=com', + $password = 'None', + $suffix = 'cn=example,cn=com', + $user_tree_dn = 'ou=Users,dc=example,dc=com', + $tenant_tree_dn = 'ou=Roles,dc=example,dc=com', + $role_tree_dn = 'dc=example,dc=com' +) { - keystone::config { 'ldap': - order => '01', + keystone_config { + 'ldap/url': value => $url; + 'ldap/user': value => $user; + 'ldap/password': value => $password; + 'ldap/suffix': value => $suffix; + 'ldap/user_tree_dn': value => $user_tree_dn; + 'ldap/tenant_tree_dn': value => $tenant_tree_dn; + 'ldap/role_tree_dn': value => $role_tree_dn; + #"ldap/tree_dn" value => "dc=example,dc=com", } - } diff --git a/deployment/puppet/keystone/manifests/config/mysql.pp b/deployment/puppet/keystone/manifests/config/mysql.pp deleted file mode 100644 index f06263db64..0000000000 --- a/deployment/puppet/keystone/manifests/config/mysql.pp +++ /dev/null @@ -1,54 +0,0 @@ -# Class used to configure keystone connection information -# for mysql databases. -# -# [*Parameters*] -# -# [user] User keystone should use to connect to database. Optional. Defaults to keystone_admin -# -# [password] Password that keystone should use to connect to database. -# Optional. Defaults to: 'keystone_default_password' -# -# [host] Host where keystone should connect to database. -# Optional. Defaults to 127.0.0.1. -# -# [dbname] Name of database that keystone should connect to. Optional. Defaults to keystone. -# -# [idle_timeout] The timeout before idle qdl connection are reaped. -# -# == Dependencies -# == Examples -# == Authors -# -# Dan Bode dan@puppetlabs.com -# -# == Copyright -# -# Copyright 2012 Puppetlabs Inc, unless otherwise noted. -# -class keystone::config::mysql( - $user = 'keystone_admin', - $password = 'keystone_default_password', - $host = '127.0.0.1', - $dbname = 'keystone', - $idle_timeout = '200', -# the below key,values will not be read from the keystone.conf and should be removed -# $min_pool_size = '5', -# $max_pool_size = '10', -# $pool_timeout = '200' -) { - - keystone::config { 'mysql': - config => { - user => $user, - password => $password, - host => $host, - dbname => $dbname, - idle_timeout => $idle_timeout, -# min_pool_size => $min_pool_size, -# max_pool_size => $max_pool_size, -# pool_timeout => $pool_timeout - }, - order => '02', - } - -} diff --git a/deployment/puppet/keystone/manifests/config/postgresql.pp b/deployment/puppet/keystone/manifests/config/postgresql.pp deleted file mode 100644 index 24d581c565..0000000000 --- a/deployment/puppet/keystone/manifests/config/postgresql.pp +++ /dev/null @@ -1,59 +0,0 @@ -# Class used to configure keystone connection information -# for postgresql databases. -# -# [*Parameters*] -# -# [user] User keystone should use to connect to database. Optional. Defaults to keystone_admin -# -# [password] Password that keystone should use to connect to database. -# Optional. Defaults to: 'keystone_default_password' -# -# [host] Host where keystone should connect to database. -# Optional. Defaults to 127.0.0.1. -# -# [dbname] Name of database that keystone should connect to. Optional. Defaults to keystone. -# -# [idle_timeout] TODO document -# -# [min_pool_size] TODO document -# -# [max_pool_size] TODO document -# -# [pool_timeout] TODO document -# -# == Dependencies -# == Examples -# == Authors -# -# Etienne Pelletier epelletier@morphlabs.com -# -# == Copyright -# -# Copyright 2012 Etienne Pelletier, unless otherwise noted. -# -class keystone::config::postgresql( - $user = 'keystone_admin', - $password = 'keystone_default_password', - $host = '127.0.0.1', - $dbname = 'keystone', - $idle_timeout = '300', - $min_pool_size = '5', - $max_pool_size = '10', - $pool_timeout = '200' -) { - - keystone::config { 'postgresql': - config => { - user => $user, - password => $password, - host => $host, - dbname => $dbname, - idle_timeout => $idle_timeout, - min_pool_size => $min_pool_size, - max_pool_size => $max_pool_size, - pool_timeout => $pool_timeout - }, - order => '02', - } - -} diff --git a/deployment/puppet/keystone/manifests/config/sqlite.pp b/deployment/puppet/keystone/manifests/config/sqlite.pp deleted file mode 100644 index c88187063b..0000000000 --- a/deployment/puppet/keystone/manifests/config/sqlite.pp +++ /dev/null @@ -1,25 +0,0 @@ -# -# Manages configuration section for sqlite backend. -# -# == Dependencies -# == Examples -# == Authors -# -# Dan Bode dan@puppetlabs.com -# -# == Copyright -# -# Copyright 2012 Puppetlabs Inc, unless otherwise noted. -# -class keystone::config::sqlite( - $idle_timeout = 200 -) { - keystone::config { 'sql': - content => inline_template(' -[sql] -connection = sqlite:////var/lib/keystone/keystone.db -idle_timeout = <%= idle_timeout %> -'), - order => '02', - } -} diff --git a/deployment/puppet/keystone/manifests/init.pp b/deployment/puppet/keystone/manifests/init.pp index 9139173b5f..11212e7dea 100644 --- a/deployment/puppet/keystone/manifests/init.pp +++ b/deployment/puppet/keystone/manifests/init.pp @@ -39,11 +39,11 @@ # Copyright 2012 Puppetlabs Inc, unless otherwise noted. # class keystone( + $admin_token = 'service_token', $package_ensure = 'present', $bind_host = '0.0.0.0', $public_port = '5000', $admin_port = '35357', - $admin_token = 'service_token', $compute_port = '3000', $log_verbose = 'False', $log_debug = 'False', @@ -54,6 +54,8 @@ class keystone( ) { validate_re($catalog_type, 'template|sql') + File['/etc/keystone/keystone.conf'] -> Keystone_config<||> ~> Service['keystone'] + Keystone_config<||> -> Exec['keystone-manage db_sync'] # TODO implement syslog features if ( $use_syslog != 'False') { @@ -61,7 +63,6 @@ class keystone( } include 'keystone::params' - include 'concat::setup' package { 'keystone': name => $::keystone::params::package_name, @@ -89,51 +90,41 @@ class keystone( require => Package['keystone'] } - concat { '/etc/keystone/keystone.conf': - owner => 'keystone', - group => 'keystone', + file { '/etc/keystone/keystone.conf': mode => '0600', - require => Package['keystone'], - notify => Service['keystone'], } - # config sections - keystone::config { 'DEFAULT': - config => { - 'bind_host' => $bind_host, - 'public_port' => $public_port, - 'admin_port' => $admin_port, - 'admin_token' => $admin_token, - 'compute_port' => $compute_port, - 'log_verbose' => $log_verbose, - 'log_debug' => $log_debug, - 'use_syslog' => $use_syslog, - }, - order => '00', + # default config + keystone_config { + 'DEFAULT/admin_token': value => $admin_token; + 'DEFAULT/bind_host': value => $bind_host; + 'DEFAULT/public_port': value => $public_port; + 'DEFAULT/admin_port': value => $admin_port; + 'DEFAULT/compute_port': value => $compute_port; + 'DEFAULT/verbose': value => $log_verbose; + 'DEFAULT/debug': value => $log_debug; } - keystone::config { 'identity': - order => '03', + # db connection config + keystone_config { + 'sql/connection': value => $sql_connection; + 'sql/idle_timeout': value => $idle_timeout; } + # configure based on the catalog backend if($catalog_type == 'template') { - # if we are using a catalog, then I may want to manage the file - keystone::config { 'template_catalog': - order => '04', + keystone_config { + 'catalog/driver': + value => 'keystone.catalog.backends.templated.TemplatedCatalog'; + 'catalog/template_file': + value => '/etc/keystone/default_catalog.templates'; } } elsif($catalog_type == 'sql' ) { - keystone::config { 'sql_catalog': - order => '04', + keystone_config { 'catalog/driver': + value => ' keystone.catalog.backends.sql.Catalog' } } - keystone::config { 'footer': - order => '99', - config => { - 'backend_driver' => $backend_driver - }, - } - if $enabled { $service_ensure = 'running' } else { @@ -156,7 +147,7 @@ class keystone( path => '/usr/bin', refreshonly => true, notify => Service['keystone'], - subscribe => [Package['keystone'], Concat['/etc/keystone/keystone.conf']] + subscribe => Package['keystone'], } } } diff --git a/deployment/puppet/keystone/templates/DEFAULT.erb b/deployment/puppet/keystone/templates/DEFAULT.erb deleted file mode 100644 index 57fb2f557d..0000000000 --- a/deployment/puppet/keystone/templates/DEFAULT.erb +++ /dev/null @@ -1,10 +0,0 @@ -[DEFAULT] -bind_host = <%= config['bind_host'] %> -public_port = <%= config['public_port'] %> -admin_port = <%= config['admin_port'] %> -admin_token = <%= config['admin_token'] %> -compute_port = <%= config['compute_port'] %> -verbose = <%= config['log_verbose'] %> -debug = <%= config['log_debug'] %> -log_file = /var/log/keystone/keystone.log -use_syslog = <%= config['use_syslog'] %> diff --git a/deployment/puppet/keystone/templates/footer.erb b/deployment/puppet/keystone/templates/footer.erb deleted file mode 100644 index 347282914f..0000000000 --- a/deployment/puppet/keystone/templates/footer.erb +++ /dev/null @@ -1,68 +0,0 @@ - -[token] -driver = <%= config['backend_driver'] %> -expiration = 86400 - -[policy] -driver = keystone.policy.backends.rules.Policy - -[ec2] -driver = keystone.contrib.ec2.backends.sql.Ec2 - -[filter:debug] -paste.filter_factory = keystone.common.wsgi:Debug.factory - -[filter:token_auth] -paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory - -[filter:admin_token_auth] -paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory - -[filter:xml_body] -paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory - -[filter:json_body] -paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory - -[filter:crud_extension] -paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory - -[filter:ec2_extension] -paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory - -[filter:s3_extension] -paste.filter_factory = keystone.contrib.s3:S3Extension.factory - -[app:public_service] -paste.app_factory = keystone.service:public_app_factory - -[app:admin_service] -paste.app_factory = keystone.service:admin_app_factory - -[pipeline:public_api] -pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension public_service - -[pipeline:admin_api] -pipeline = token_auth admin_token_auth xml_body json_body debug ec2_extension s3_extension crud_extension admin_service - -[app:public_version_service] -paste.app_factory = keystone.service:public_version_app_factory - -[app:admin_version_service] -paste.app_factory = keystone.service:admin_version_app_factory - -[pipeline:public_version_api] -pipeline = xml_body public_version_service - -[pipeline:admin_version_api] -pipeline = xml_body admin_version_service - -[composite:main] -use = egg:Paste#urlmap -/v2.0 = public_api -/ = public_version_api - -[composite:admin] -use = egg:Paste#urlmap -/v2.0 = admin_api -/ = admin_version_api diff --git a/deployment/puppet/keystone/templates/identity.erb b/deployment/puppet/keystone/templates/identity.erb deleted file mode 100644 index 46cbf960b5..0000000000 --- a/deployment/puppet/keystone/templates/identity.erb +++ /dev/null @@ -1,2 +0,0 @@ -[identity] -driver = keystone.identity.backends.sql.Identity diff --git a/deployment/puppet/keystone/templates/mysql.erb b/deployment/puppet/keystone/templates/mysql.erb deleted file mode 100644 index 3cbd7bccc0..0000000000 --- a/deployment/puppet/keystone/templates/mysql.erb +++ /dev/null @@ -1,11 +0,0 @@ - -[sql] -# The SQLAlchemy connection string used to connect to the database -connection = mysql://<%= "#{config['user']}:#{config['password']}@#{config['host']}/#{config['dbname']}" %> - -# the timeout before idle sql connections are reaped -idle_timeout = <%= config['idle_timeout'] %> - -#min_pool_size = <%= config['min_pool_size'] %> -#max_pool_size = <%= config['max_pool_size'] %> -#pool_timeout = <%= config['pool_timeout'] %> diff --git a/deployment/puppet/keystone/templates/sql_catalog.erb b/deployment/puppet/keystone/templates/sql_catalog.erb deleted file mode 100644 index 08163848d6..0000000000 --- a/deployment/puppet/keystone/templates/sql_catalog.erb +++ /dev/null @@ -1,2 +0,0 @@ -[catalog] -driver=keystone.catalog.backends.sql.Catalog diff --git a/deployment/puppet/keystone/templates/template_catalog.erb b/deployment/puppet/keystone/templates/template_catalog.erb deleted file mode 100644 index 30f923af08..0000000000 --- a/deployment/puppet/keystone/templates/template_catalog.erb +++ /dev/null @@ -1,3 +0,0 @@ -[catalog] -driver = keystone.catalog.backends.templated.TemplatedCatalog -template_file = /etc/keystone/default_catalog.templates