Avoid hard-coding OS user/group in each manifest

and replace hard-codes by definition in params.pp . Change-Id: Ic3ec6f43de5ac709bdba321f284581954c86297a
2022-02-20 19:15:01 +09:00 · 2022-02-20 19:15:01 +09:00 · f2bb2a688b
commit f2bb2a688b
parent 9123ac7270
4 changed files with 12 additions and 7 deletions
--- a/manifests/backend/vstorage.pp
+++ b/manifests/backend/vstorage.pp
@ -48,7 +48,7 @@
 #
 # [*mount_user*]
 #   (optional) Mount user.
-#   Defaults to: cinder
+#   Defaults to: $::cinder::params::user
 #
 # [*mount_group*]
 #   (optional) Mount group.
@ -73,13 +73,16 @@ define cinder::backend::vstorage (
  $mount_point_base          = $::os_service_default,
  $default_volume_format     = $::os_service_default,
  $manage_volume_type        = false,
-  $mount_user                = 'cinder',
+  $mount_user                = undef,
  $mount_group               = 'root',
  $mount_permissions         = '0770',
  $manage_package            = true,
 ) {
  include cinder::deps
  include cinder::params
  $mount_user_real = pick($mount_user, $::cinder::params::user)
  cinder_config {
    "${name}/volume_backend_name":             value => $volume_backend_name;
@ -110,12 +113,12 @@ define cinder::backend::vstorage (
    }
  }
-  $mount_opts = ['-u', $mount_user, '-g', $mount_group, '-m', $mount_permissions]
+  $mount_opts = ['-u', $mount_user_real, '-g', $mount_group, '-m', $mount_permissions]
  file { $shares_config_path:
    content => inline_template("${cluster_name}:${cluster_password} <%= @mount_opts %>"),
    owner   => 'root',
-    group   => 'cinder',
+    group   => $::cinder::params::group,
    mode    => '0640',
    require => Anchor['cinder::install::end'],
    notify  => Anchor['cinder::service::begin'],
--- a/manifests/db/sync.pp
+++ b/manifests/db/sync.pp
@ -19,11 +19,12 @@ class cinder::db::sync(
 ) {
  include cinder::deps
  include cinder::params
  exec { 'cinder-manage db_sync':
    command     => "cinder-manage ${extra_params} db sync",
    path        => ['/bin', '/usr/bin'],
-    user        => 'cinder',
+    user        => $::cinder::params::user,
    refreshonly => true,
    try_sleep   => 5,
    tries       => 10,
--- a/manifests/params.pp
+++ b/manifests/params.pp
@ -6,6 +6,7 @@ class cinder::params {
  include openstacklib::defaults
  $client_package            = 'python3-cinderclient'
  $user                      = 'cinder'
  $group                     = 'cinder'
  $cinder_wsgi_script_source = '/usr/bin/cinder-wsgi'
--- a/manifests/wsgi/apache.pp
+++ b/manifests/wsgi/apache.pp
@ -158,7 +158,7 @@ class cinder::wsgi::apache (
  ::openstacklib::wsgi::apache { 'cinder_wsgi':
    bind_host                   => $bind_host,
    bind_port                   => $port,
-    group                       => 'cinder',
+    group                       => $::cinder::params::group,
    path                        => $path,
    priority                    => $priority,
    servername                  => $servername,
@ -171,7 +171,7 @@ class cinder::wsgi::apache (
    ssl_crl_path                => $ssl_crl_path,
    ssl_key                     => $ssl_key,
    threads                     => $threads,
-    user                        => 'cinder',
+    user                        => $::cinder::params::user,
    vhost_custom_fragment       => $vhost_custom_fragment,
    workers                     => $workers,
    wsgi_daemon_process         => 'cinder-api',