Add Cinder API v3 support
The v1 api is deprecated and is not under active development. This patch: * activate v2 Keystone resources by default from now. * allow to activate cinder v3 api (enabled by default, like recommended by OpenStack logs) * allow to manage Keystone resources for v3 API, enabled by default from Mitaka. Depends-On: Ibfc3988a4de47c9d7d97159e7d1c0e57d64979ae Change-Id: Ie2ca974dfa583c176fce4907f1d81c80426ecccc
This commit is contained in:
parent
06e52c2078
commit
7034a70d5a
@ -193,7 +193,11 @@
|
||||
# Defaults to 'true'.
|
||||
#
|
||||
# [*enable_v2_api*]
|
||||
# (Optional) Whether to enable the v1 API (true/false).
|
||||
# (Optional) Whether to enable the v2 API (true/false).
|
||||
# Defaults to 'true'.
|
||||
#
|
||||
# [*enable_v3_api*]
|
||||
# (Optional) Whether to enable the v3 API (true/false).
|
||||
# Defaults to 'true'.
|
||||
#
|
||||
# [*lock_path*]
|
||||
@ -307,6 +311,7 @@ class cinder (
|
||||
$default_availability_zone = false,
|
||||
$enable_v1_api = true,
|
||||
$enable_v2_api = true,
|
||||
$enable_v3_api = true,
|
||||
$lock_path = $::cinder::params::lock_path,
|
||||
$image_conversion_dir = $::os_service_default,
|
||||
$host = $::os_service_default,
|
||||
@ -433,10 +438,11 @@ class cinder (
|
||||
}
|
||||
}
|
||||
|
||||
# V1/V2 APIs
|
||||
# V1/V2/V3 APIs
|
||||
cinder_config {
|
||||
'DEFAULT/enable_v1_api': value => $enable_v1_api;
|
||||
'DEFAULT/enable_v2_api': value => $enable_v2_api;
|
||||
'DEFAULT/enable_v3_api': value => $enable_v3_api;
|
||||
'oslo_concurrency/lock_path': value => $lock_path;
|
||||
}
|
||||
|
||||
|
@ -16,12 +16,21 @@
|
||||
# [*email_user_v2*]
|
||||
# Email for Cinder v2 user. Optional. Defaults to 'cinderv2@localhost'.
|
||||
#
|
||||
# [*password_user_v3*]
|
||||
# Password for Cinder v3 user. Optional. Defaults to undef.
|
||||
#
|
||||
# [*email_user_v3*]
|
||||
# Email for Cinder v3 user. Optional. Defaults to 'cinderv3@localhost'.
|
||||
#
|
||||
# [*auth_name*]
|
||||
# Username for Cinder service. Optional. Defaults to 'cinder'.
|
||||
#
|
||||
# [*auth_name_v2*]
|
||||
# Username for Cinder v2 service. Optional. Defaults to 'cinderv2'.
|
||||
#
|
||||
# [*auth_name_v3*]
|
||||
# Username for Cinder v3 service. Optional. Defaults to 'cinderv3'.
|
||||
#
|
||||
# [*configure_endpoint*]
|
||||
# Should Cinder endpoint be configured? Optional. Defaults to 'true'.
|
||||
# API v1 endpoint should be enabled in Icehouse for compatibility with Nova.
|
||||
@ -29,12 +38,18 @@
|
||||
# [*configure_endpoint_v2*]
|
||||
# Should Cinder v2 endpoint be configured? Optional. Defaults to 'true'.
|
||||
#
|
||||
# [*configure_endpoint_v3*]
|
||||
# Should Cinder v3 endpoint be configured? Optional. Defaults to 'true'.
|
||||
#
|
||||
# [*configure_user*]
|
||||
# Should the service user be configured? Optional. Defaults to 'true'.
|
||||
#
|
||||
# [*configure_user_v2*]
|
||||
# Should the service user be configured for cinder v2? Optional. Defaults to 'false'.
|
||||
#
|
||||
# [*configure_user_v3*]
|
||||
# Should the service user be configured for cinder v3? Optional. Defaults to 'false'.
|
||||
#
|
||||
# [*configure_user_role*]
|
||||
# Should the admin role be configured for the service user?
|
||||
# Optional. Defaults to 'true'.
|
||||
@ -43,6 +58,10 @@
|
||||
# Should the admin role be configured for the service user for cinder v2?
|
||||
# Optional. Defaults to 'false'.
|
||||
#
|
||||
# [*configure_user_role_v3*]
|
||||
# Should the admin role be configured for the service user for cinder v3?
|
||||
# Optional. Defaults to 'false'.
|
||||
#
|
||||
# [*service_name*]
|
||||
# (optional) Name of the service.
|
||||
# Defaults to the value of auth_name, but must differ from the value
|
||||
@ -53,12 +72,20 @@
|
||||
# Defaults to the value of auth_name_v2, but must differ from the value
|
||||
# of service_name.
|
||||
#
|
||||
# [*service_name_v3*]
|
||||
# (optional) Name of the v3 service.
|
||||
# Defaults to the value of auth_name_v3, but must differ from the value
|
||||
# of service_name.
|
||||
#
|
||||
# [*service_type*]
|
||||
# Type of service. Optional. Defaults to 'volume'.
|
||||
#
|
||||
# [*service_type_v2*]
|
||||
# Type of API v2 service. Optional. Defaults to 'volumev2'.
|
||||
#
|
||||
# [*service_type_v3*]
|
||||
# Type of API v3 service. Optional. Defaults to 'volumev3'.
|
||||
#
|
||||
# [*service_description*]
|
||||
# (optional) Description for keystone service.
|
||||
# Defaults to 'Cinder Service'.
|
||||
@ -67,6 +94,10 @@
|
||||
# (optional) Description for keystone v2 service.
|
||||
# Defaults to 'Cinder Service v2'.
|
||||
#
|
||||
# [*service_description_v3*]
|
||||
# (optional) Description for keystone v3 service.
|
||||
# Defaults to 'Cinder Service v3'.
|
||||
#
|
||||
# [*region*]
|
||||
# Region for endpoint. Optional. Defaults to 'RegionOne'.
|
||||
#
|
||||
@ -76,6 +107,9 @@
|
||||
# [*tenant_user_v2*]
|
||||
# Tenant for Cinder v2 user. Optional. Defaults to 'services'.
|
||||
#
|
||||
# [*tenant_user_v3*]
|
||||
# Tenant for Cinder v3 user. Optional. Defaults to 'services'.
|
||||
#
|
||||
# [*public_url*]
|
||||
# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s')
|
||||
# This url should *not* contain any trailing '/'.
|
||||
@ -100,6 +134,18 @@
|
||||
# (optional) The v2 endpoint's admin url. (Defaults to 'http://127.0.0.1:8776/v2/%(tenant_id)s')
|
||||
# This url should *not* contain any trailing '/'.
|
||||
#
|
||||
# [*public_url_v3*]
|
||||
# (optional) The v3 endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v3/%(tenant_id)s')
|
||||
# This url should *not* contain any trailing '/'.
|
||||
#
|
||||
# [*internal_url_v3*]
|
||||
# (optional) The v3 endpoint's internal url. (Defaults to 'http://127.0.0.1:8776/v3/%(tenant_id)s')
|
||||
# This url should *not* contain any trailing '/'.
|
||||
#
|
||||
# [*admin_url_v3*]
|
||||
# (optional) The v3 endpoint's admin url. (Defaults to 'http://127.0.0.1:8776/v3/%(tenant_id)s')
|
||||
# This url should *not* contain any trailing '/'.
|
||||
#
|
||||
# === Examples
|
||||
#
|
||||
# class { 'cinder::keystone::auth':
|
||||
@ -111,35 +157,49 @@
|
||||
class cinder::keystone::auth (
|
||||
$password,
|
||||
$password_user_v2 = undef,
|
||||
$password_user_v3 = undef,
|
||||
$auth_name = 'cinder',
|
||||
$auth_name_v2 = 'cinderv2',
|
||||
$auth_name_v3 = 'cinderv3',
|
||||
$tenant = 'services',
|
||||
$tenant_user_v2 = 'services',
|
||||
$tenant_user_v3 = 'services',
|
||||
$email = 'cinder@localhost',
|
||||
$email_user_v2 = 'cinderv2@localhost',
|
||||
$email_user_v3 = 'cinderv3@localhost',
|
||||
$public_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s',
|
||||
$internal_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s',
|
||||
$admin_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s',
|
||||
$public_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s',
|
||||
$internal_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s',
|
||||
$admin_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s',
|
||||
$public_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s',
|
||||
$internal_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s',
|
||||
$admin_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s',
|
||||
$configure_endpoint = true,
|
||||
$configure_endpoint_v2 = true,
|
||||
$configure_endpoint_v3 = true,
|
||||
$configure_user = true,
|
||||
$configure_user_v2 = false,
|
||||
$configure_user_v3 = false,
|
||||
$configure_user_role = true,
|
||||
$configure_user_role_v2 = false,
|
||||
$configure_user_role_v3 = false,
|
||||
$service_name = undef,
|
||||
$service_name_v2 = undef,
|
||||
$service_name_v3 = undef,
|
||||
$service_type = 'volume',
|
||||
$service_type_v2 = 'volumev2',
|
||||
$service_type_v3 = 'volumev3',
|
||||
$service_description = 'Cinder Service',
|
||||
$service_description_v2 = 'Cinder Service v2',
|
||||
$service_description_v3 = 'Cinder Service v3',
|
||||
$region = 'RegionOne',
|
||||
) {
|
||||
|
||||
$real_service_name = pick($service_name, $auth_name)
|
||||
$real_service_name_v2 = pick($service_name_v2, $auth_name_v2)
|
||||
$real_service_name_v3 = pick($service_name_v3, $auth_name_v3)
|
||||
|
||||
if $real_service_name == $real_service_name_v2 {
|
||||
fail('cinder::keystone::auth parameters service_name and service_name_v2 must be different.')
|
||||
@ -179,6 +239,23 @@ class cinder::keystone::auth (
|
||||
internal_url => $internal_url_v2,
|
||||
}
|
||||
|
||||
keystone::resource::service_identity { 'cinderv3':
|
||||
configure_user => $configure_user_v3,
|
||||
configure_user_role => $configure_user_role_v3,
|
||||
configure_endpoint => $configure_endpoint_v3,
|
||||
service_type => $service_type_v3,
|
||||
service_description => $service_description_v3,
|
||||
service_name => $real_service_name_v3,
|
||||
region => $region,
|
||||
auth_name => $auth_name_v3,
|
||||
password => $password_user_v3,
|
||||
email => $email_user_v3,
|
||||
tenant => $tenant_user_v3,
|
||||
public_url => $public_url_v3,
|
||||
admin_url => $admin_url_v3,
|
||||
internal_url => $internal_url_v3,
|
||||
}
|
||||
|
||||
if $configure_user_role {
|
||||
Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'cinder-api' |>
|
||||
Keystone_user_role["${auth_name}@${tenant}"] -> Cinder::Type <| |>
|
||||
|
@ -27,6 +27,10 @@ describe 'cinder::keystone::auth' do
|
||||
:ensure => 'present',
|
||||
:description => 'Cinder Service v2'
|
||||
)
|
||||
is_expected.to contain_keystone_service('cinderv3::volumev3').with(
|
||||
:ensure => 'present',
|
||||
:description => 'Cinder Service v3'
|
||||
)
|
||||
|
||||
end
|
||||
|
||||
@ -44,6 +48,13 @@ describe 'cinder::keystone::auth' do
|
||||
:admin_url => 'http://127.0.0.1:8776/v2/%(tenant_id)s',
|
||||
:internal_url => 'http://127.0.0.1:8776/v2/%(tenant_id)s'
|
||||
)
|
||||
|
||||
is_expected.to contain_keystone_endpoint('RegionOne/cinderv3::volumev3').with(
|
||||
:ensure => 'present',
|
||||
:public_url => 'http://127.0.0.1:8776/v3/%(tenant_id)s',
|
||||
:admin_url => 'http://127.0.0.1:8776/v3/%(tenant_id)s',
|
||||
:internal_url => 'http://127.0.0.1:8776/v3/%(tenant_id)s'
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
@ -56,7 +67,10 @@ describe 'cinder::keystone::auth' do
|
||||
:internal_url => 'https://10.0.42.3:4242/v41/%(tenant_id)s',
|
||||
:public_url_v2 => 'https://10.0.42.1:4242/v42/%(tenant_id)s',
|
||||
:admin_url_v2 => 'https://10.0.42.2:4242/v42/%(tenant_id)s',
|
||||
:internal_url_v2 => 'https://10.0.42.3:4242/v42/%(tenant_id)s'
|
||||
:internal_url_v2 => 'https://10.0.42.3:4242/v42/%(tenant_id)s',
|
||||
:public_url_v3 => 'https://10.0.42.1:4242/v43/%(tenant_id)s',
|
||||
:admin_url_v3 => 'https://10.0.42.2:4242/v43/%(tenant_id)s',
|
||||
:internal_url_v3 => 'https://10.0.42.3:4242/v43/%(tenant_id)s'
|
||||
})
|
||||
end
|
||||
|
||||
@ -74,6 +88,13 @@ describe 'cinder::keystone::auth' do
|
||||
:admin_url => 'https://10.0.42.2:4242/v42/%(tenant_id)s',
|
||||
:internal_url => 'https://10.0.42.3:4242/v42/%(tenant_id)s'
|
||||
)
|
||||
|
||||
is_expected.to contain_keystone_endpoint('RegionThree/cinderv3::volumev3').with(
|
||||
:ensure => 'present',
|
||||
:public_url => 'https://10.0.42.1:4242/v43/%(tenant_id)s',
|
||||
:admin_url => 'https://10.0.42.2:4242/v43/%(tenant_id)s',
|
||||
:internal_url => 'https://10.0.42.3:4242/v43/%(tenant_id)s'
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
@ -81,11 +102,13 @@ describe 'cinder::keystone::auth' do
|
||||
before do
|
||||
params.merge!(
|
||||
:configure_endpoint => false,
|
||||
:configure_endpoint_v2 => false
|
||||
:configure_endpoint_v2 => false,
|
||||
:configure_endpoint_v3 => false
|
||||
)
|
||||
end
|
||||
it { is_expected.to_not contain_keystone_endpoint('RegionOne/cinder::volume') }
|
||||
it { is_expected.to_not contain_keystone_endpoint('RegionOne/cinderv2::volumev2') }
|
||||
it { is_expected.to_not contain_keystone_endpoint('RegionOne/cinderv3::volumev3') }
|
||||
end
|
||||
|
||||
describe 'when user is_expected.to not be configured' do
|
||||
@ -138,12 +161,30 @@ describe 'cinder::keystone::auth' do
|
||||
|
||||
end
|
||||
|
||||
describe 'when user and user role for v3 is_expected.to be configured' do
|
||||
before do
|
||||
params.merge!(
|
||||
:configure_user_v3 => true,
|
||||
:configure_user_role_v3 => true,
|
||||
)
|
||||
end
|
||||
|
||||
it { is_expected.to contain_keystone__resource__service_identity('cinderv3').with(
|
||||
:configure_user => true,
|
||||
:configure_user_role => true,
|
||||
:email => 'cinderv3@localhost',
|
||||
:tenant => 'services'
|
||||
) }
|
||||
|
||||
end
|
||||
|
||||
describe 'when overriding service names' do
|
||||
|
||||
before do
|
||||
params.merge!(
|
||||
:service_name => 'cinder_service',
|
||||
:service_name_v2 => 'cinder_service_v2',
|
||||
:service_name_v3 => 'cinder_service_v3',
|
||||
)
|
||||
end
|
||||
|
||||
@ -151,8 +192,10 @@ describe 'cinder::keystone::auth' do
|
||||
it { is_expected.to contain_keystone_user_role('cinder@services') }
|
||||
it { is_expected.to contain_keystone_service('cinder_service::volume') }
|
||||
it { is_expected.to contain_keystone_service('cinder_service_v2::volumev2') }
|
||||
it { is_expected.to contain_keystone_service('cinder_service_v3::volumev3') }
|
||||
it { is_expected.to contain_keystone_endpoint('RegionOne/cinder_service::volume') }
|
||||
it { is_expected.to contain_keystone_endpoint('RegionOne/cinder_service_v2::volumev2') }
|
||||
it { is_expected.to contain_keystone_endpoint('RegionOne/cinder_service_v3::volumev3') }
|
||||
|
||||
end
|
||||
|
||||
|
@ -231,17 +231,19 @@ describe 'cinder' do
|
||||
it_raises 'a Puppet::Error', /The cert_file parameter is required when use_ssl is set to true/
|
||||
end
|
||||
|
||||
describe 'with APIs set for Kilo (proposed)' do
|
||||
describe 'with APIs set for Mitaka (proposed)' do
|
||||
let :params do
|
||||
{
|
||||
:enable_v1_api => false,
|
||||
:enable_v2_api => true,
|
||||
:enable_v3_api => true,
|
||||
:rabbit_password => 'guest',
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to contain_cinder_config('DEFAULT/enable_v1_api').with_value(false) }
|
||||
it { is_expected.to contain_cinder_config('DEFAULT/enable_v2_api').with_value(true) }
|
||||
it { is_expected.to contain_cinder_config('DEFAULT/enable_v3_api').with_value(true) }
|
||||
|
||||
end
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user