openstack
/
puppet-glance
Code Issues Proposed changes

Remove support for glance-registry service

Browse Source 
This patch removes support for glance-registry service, because it has
been removed from glance [1].
 [1] https://review.opendev.org/#/c/738671/

Change-Id: Id05f736dbbddaff2cb90aa6678c777b9a0318e40
changes/79/743479/9
Takashi Kajinami 3 years ago
parent f919b6012f
commit 11599ba429
23 changed files with 95 additions and 1471 deletions
Show Stats Download Patch File Download Diff File

12
README.md
Unescape View File

@ -57,22 +57,12 @@ class { 'glance::api::authtoken':
auth_uri => 'http://172.17.0.3:5000',
}
class { 'glance::registry::authtoken':
password => '12345',
auth_url => 'http://172.17.0.3:5000',
auth_uri => 'http://172.17.0.3:5000',
}
class { 'glance::api':
database_connection => 'mysql+pymysql://glance:12345@127.0.0.1/glance',
stores => ['file', 'http'],
default_store => 'file',
}
class { 'glance::registry':
database_connection => 'mysql+pymysql://glance:12345@127.0.0.1/glance',
}
class { 'glance::backend::file': }
```
@ -157,7 +147,7 @@ Whether to hide the value from Puppet logs. Defaults to `false`.
If value is equal to ensure_absent_val then the resource will behave as if `ensure => absent` was specified. Defaults to `<SERVICE DEFAULT>`
#### glance_registry_config
#### glance_registry_config (DEPRECATED)
The `glance_registry_config` provider is a children of the ini_setting provider. It allows one to write an entry in the `/etc/glance/glance-registry.conf` file.

1
lib/puppet/type/glance_registry_config.rb
Unescape View File

@ -1,3 +1,4 @@
# DEPRECATED
Puppet::Type.newtype(:glance_registry_config) do
ensurable

1
lib/puppet/type/glance_registry_paste_ini.rb
Unescape View File

@ -1,3 +1,4 @@
# DEPRECATED!
Puppet::Type.newtype(:glance_registry_paste_ini) do
ensurable

113
manifests/api.pp
Unescape View File

@ -139,21 +139,6 @@
# (optional) CA certificate file to use to verify connecting clients
# Defaults to $::os_service_default
#
# [*registry_client_cert_file*]
# (optional) The path to the cert file to use in SSL connections to the
# registry server.
# Defaults to $::os_service_default
#
# [*registry_client_key_file*]
# (optional) The path to the private key file to use in SSL connections to the
# registry server.
# Defaults to $::os_service_default
#
# [*registry_client_ca_file*]
# (optional) The path to the CA certificate file to use in SSL connections to the
# registry server.
# Defaults to $::os_service_default
#
# [*enabled_backends*]
# (optional) List of Key:Value pairs of store identifier and store type.
# Example: ['swift:swift', 'ceph1:ceph', 'ceph2:ceph']
@ -288,18 +273,6 @@
# (optional) Boolean describing if multiple backends will be configured
# Defaults to false
#
# [*registry_host*]
# (optional) The address used to connect to the registry service.
# Default: undef
#
# [*registry_port*]
# (optional) The port of the Glance registry service.
# Default: undef
#
# [*registry_client_protocol*]
# (optional) The protocol of the Glance registry service.
# Default: undef
#
# [*show_multiple_locations*]
# (optional) Whether to include the backend image locations in image
# properties.
@ -320,6 +293,21 @@
# must be configured to True, since Registry is required in API v1.
# Defaults to false.
#
# [*registry_client_cert_file*]
# (optional) The path to the cert file to use in SSL connections to the
# registry server.
# Defaults to undef
#
# [*registry_client_key_file*]
# (optional) The path to the private key file to use in SSL connections to the
# registry server.
# Defaults to undef
#
# [*registry_client_ca_file*]
# (optional) The path to the CA certificate file to use in SSL connections to the
# registry server.
# Defaults to undef
#
class glance::api(
$package_ensure = 'present',
$bind_host = $::os_service_default,
@ -340,9 +328,6 @@ class glance::api(
$cert_file = $::os_service_default,
$key_file = $::os_service_default,
$ca_file = $::os_service_default,
$registry_client_cert_file = $::os_service_default,
$registry_client_key_file = $::os_service_default,
$registry_client_ca_file = $::os_service_default,
$enabled_backends = undef,
$default_backend = undef,
$database_connection = undef,
@ -383,13 +368,13 @@ class glance::api(
$stores = undef,
$default_store = undef,
$multi_store = false,
$registry_host = undef,
$registry_port = undef,
$registry_client_protocol = undef,
$show_multiple_locations = undef,
$database_min_pool_size = undef,
$os_region_name = undef,
$enable_v1_api = undef,
$registry_client_cert_file = undef,
$registry_client_key_file = undef,
$registry_client_ca_file = undef,
) inherits glance {
include glance::deps
@ -401,6 +386,18 @@ class glance::api(
cinder::backend::multistore::cinder::cinder_os_region_name instead.')
}
if $registry_client_cert_file != undef {
warning('glance::api::registry_client_cert_file is deprecated and has no effect')
}
if $registry_client_key_file != undef {
warning('glance::api::registry_client_key_file is deprecated and has no effect')
}
if $registry_client_ca_file != undef {
warning('glance::api::registry_client_ca_file is deprecated and has no effect')
}
if $enable_v1_api != undef {
warning('The glance::api::enable_v1_api was deprecated and has no effect.')
}
@ -410,13 +407,12 @@ cinder::backend::multistore::cinder::cinder_os_region_name instead.')
include glance::db::metadefs
}
if ( $glance::params::api_package_name != $glance::params::registry_package_name ) {
ensure_packages($glance::params::api_package_name,
{
ensure => $package_ensure,
tag => ['openstack', 'glance-package'],
}
)
if ( $glance::params::api_package_name != undef ) {
package { $::glance::params::api_package_name :
ensure => $package_ensure,
name => $::glance::params::api_package_name,
tag => ['openstack', 'glance-package'],
}
}
if $enabled_import_methods != $::os_service_default {
@ -587,34 +583,6 @@ enabled_backends instead.')
'inject_metadata_properties/ignore_user_roles': value => $ignore_user_roles_real;
}
# configure api service to connect registry service
if $registry_host {
warning('The registry_host parameter is deprecated, and will be removed in a future release')
glance_api_config {
'DEFAULT/registry_host': value => $registry_host;
}
glance_cache_config {
'DEFAULT/registry_host': value => $registry_host;
}
}
if $registry_port {
warning('The registry_port parameter is deprecated, and will be removed in a future release')
glance_api_config {
'DEFAULT/registry_port': value => $registry_port;
}
glance_cache_config {
'DEFAULT/registry_port': value => $registry_port;
}
}
if $registry_client_protocol {
warning('The registry_client_protocol parameter is deprecated, and will be removed in a future release')
glance_api_config {
'DEFAULT/registry_client_protocol': value => $registry_client_protocol;
}
}
# Set the pipeline, it is allowed to be blank
if $pipeline != '' {
validate_legacy(Pattern[/^(\w+([+]\w+)*)*$/], 'validate_re', $pipeline, ['^(\w+([+]\w+)*)*$'])
@ -640,12 +608,9 @@ enabled_backends instead.')
# SSL Options
glance_api_config {
'DEFAULT/cert_file': value => $cert_file;
'DEFAULT/key_file' : value => $key_file;
'DEFAULT/ca_file' : value => $ca_file;
'DEFAULT/registry_client_ca_file': value => $registry_client_ca_file;
'DEFAULT/registry_client_cert_file': value => $registry_client_cert_file;
'DEFAULT/registry_client_key_file': value => $registry_client_key_file;
'DEFAULT/cert_file': value => $cert_file;
'DEFAULT/key_file' : value => $key_file;
'DEFAULT/ca_file' : value => $ca_file;
}
if $keymgr_backend {

31
manifests/config.pp
Unescape View File

@ -23,43 +23,50 @@
# [*api_paste_ini_config*]
# (optional) Allow configuration of glance-api-paste.ini configurations.
#
# [*registry_config*]
# (optional) Allow configuration of glance-registry.conf configurations.
#
# [*registry_paste_ini_config*]
# (optional) Allow configuration of glance-registry-paste.ini configurations.
#
# [*cache_config*]
# (optional) Allow configuration of glance-cache.conf configurations.
#
# [*image_import_config*]
# (optional) Allow configuration of glance-image-import.conf configurations.
#
# DEPRECATED PARAMETERS
#
# [*registry_config*]
# (optional) Allow configuration of glance-registry.conf configurations.
#
# [*registry_paste_ini_config*]
# (optional) Allow configuration of glance-registry-paste.ini configurations.
#
# NOTE: The configuration MUST NOT be already handled by this module
# or Puppet catalog compilation will fail with duplicate resources.
#
class glance::config (
$api_config = {},
$api_paste_ini_config = {},
$registry_config = {},
$registry_paste_ini_config = {},
$cache_config = {},
$image_import_config = {},
# DEPRECATED PARAMETERS
$registry_config = undef,
$registry_paste_ini_config = undef,
) {
include glance::deps
if $registry_config != undef {
warning('glance::config::registry_config is deprecated and has no effect')
}
if $registry_paste_ini_config != undef {
warning('glance::config::registry_paste_ini_config is deprecated and has no effect')
}
validate_legacy(Hash, 'validate_hash', $api_config)
validate_legacy(Hash, 'validate_hash', $api_paste_ini_config)
validate_legacy(Hash, 'validate_hash', $registry_config)
validate_legacy(Hash, 'validate_hash', $registry_paste_ini_config)
validate_legacy(Hash, 'validate_hash', $cache_config)
validate_legacy(Hash, 'validate_hash', $image_import_config)
create_resources('glance_api_config', $api_config)
create_resources('glance_api_paste_ini', $api_paste_ini_config)
create_resources('glance_registry_config', $registry_config)
create_resources('glance_registry_paste_ini', $registry_paste_ini_config)
create_resources('glance_cache_config', $cache_config)
create_resources('glance_image_import_config', $image_import_config)
}

8
manifests/init.pp
Unescape View File

@ -6,7 +6,7 @@
#
# [*package_ensure*]
# (Optional) Ensure state for package. On Ubuntu this setting
# is ignored since Ubuntu has separate API and registry packages.
# is ignored since Ubuntu has packages per services
# Defaults to 'present'
#
class glance(
@ -16,10 +16,10 @@ class glance(
include glance::deps
include glance::params
if ( $glance::params::api_package_name == $glance::params::registry_package_name ) {
package { $::glance::params::api_package_name :
if ( $glance::params::package_name != undef ) {
package { $::glance::params::package_name :
ensure => $package_ensure,
name => $::glance::params::api_package_name,
name => $::glance::params::package_name,
tag => ['openstack', 'glance-package'],
}
}

10
manifests/notify/rabbitmq.pp
Unescape View File

@ -132,7 +132,7 @@ class glance::notify::rabbitmq(
include glance::deps
oslo::messaging::rabbit { ['glance_api_config', 'glance_registry_config']:
oslo::messaging::rabbit { 'glance_api_config':
rabbit_ha_queues => $rabbit_ha_queues,
heartbeat_timeout_threshold => $rabbit_heartbeat_timeout_threshold,
heartbeat_rate => $rabbit_heartbeat_rate,
@ -148,13 +148,13 @@ class glance::notify::rabbitmq(
kombu_compression => $kombu_compression,
}
oslo::messaging::default { ['glance_api_config', 'glance_registry_config']:
oslo::messaging::default { 'glance_api_config':
transport_url => $default_transport_url,
rpc_response_timeout => $rpc_response_timeout,
control_exchange => $control_exchange,
}
oslo::messaging::notifications { ['glance_api_config', 'glance_registry_config']:
oslo::messaging::notifications { 'glance_api_config':
driver => $notification_driver,
transport_url => $notification_transport_url,
topics => $rabbit_notification_topic,
@ -163,8 +163,4 @@ class glance::notify::rabbitmq(
glance_api_config {
'oslo_messaging_rabbit/default_notification_exchange': value => $rabbit_notification_exchange;
}
glance_registry_config {
'oslo_messaging_rabbit/default_notification_exchange': value => $rabbit_notification_exchange;
}
}

8
manifests/params.pp
Unescape View File

@ -12,17 +12,15 @@ class glance::params {
case $::osfamily {
'RedHat': {
$api_package_name = 'openstack-glance'
$registry_package_name = 'openstack-glance'
$package_name = 'openstack-glance'
$api_package_name = undef
$api_service_name = 'openstack-glance-api'
$registry_service_name = 'openstack-glance-registry'
$pyceph_package_name = "python${pyvers}-rbd"
}
'Debian': {
$package_name = undef
$api_package_name = 'glance-api'
$registry_package_name = 'glance-registry'
$api_service_name = 'glance-api'
$registry_service_name = 'glance-registry'
if $::os_package_type == 'debian' {
$pyceph_package_name = "python${pyvers}-ceph"
} else {

2
manifests/policy.pp
Unescape View File

@ -43,6 +43,6 @@ class glance::policy (
create_resources('openstacklib::policy::base', $policies)
oslo::policy { ['glance_api_config', 'glance_registry_config']: policy_file => $policy_path }
oslo::policy { 'glance_api_config': policy_file => $policy_path }
}

201
manifests/registry.pp
Unescape View File

@ -1,201 +0,0 @@
# == Class: glance::registry
#
# Installs and configures glance-registry
#
# === Parameters
#
# [*package_ensure*]
# (optional) Ensure state for package. Defaults to 'present'. On RedHat
# platforms this setting is ignored and the setting from the glance class is
# used because there is only one glance package.
#
# [*bind_host*]
# (optional) The address of the host to bind to.
# Defaults to $::os_service_default.
#
# [*bind_port*]
# (optional) The port the server should bind to. Defaults to '9191'.
#
# [*workers*]
# (optional) The number of child process workers that will be
# created to service Registry requests.
# Defaults to: $::os_workers.
#
# [*database_connection*]
# (optional) Connection url to connect to glance database.
# Defaults to undef
#
# [*database_idle_timeout*]
# (optional) Timeout before idle db connections are reaped.
# Defaults to undef
#
# [*database_max_retries*]
# (Optional) Maximum number of database connection retries during startup.
# Set to -1 to specify an infinite retry count.
# Defaults to undef.
#
# [*database_retry_interval*]
# (optional) Interval between retries of opening a database connection.
# Defaults to undef.
#
# [*database_max_pool_size*]
# (optional) Maximum number of SQL connections to keep open in a pool.
# Defaults to undef.
#
# [*database_max_overflow*]
# (optional) If set, use this value for max_overflow with sqlalchemy.
# Defaults to undef.
#
# [*auth_strategy*]
# (optional) Type is authorization being used.
# Defaults to 'keystone'
#
# [*pipeline*]
# (optional) Partial name of a pipeline in your paste configuration
# file with the service name removed.
# Defaults to 'keystone'.
#
# [*manage_service*]
# (optional) If Puppet should manage service startup / shutdown.
# Defaults to true.
#
# [*enabled*]
# (optional) Should the service be enabled.
# Defaults to true.
#
# [*purge_config*]
# (optional) Whether to create only the specified config values in
# the glance registry config file.
# Defaults to false.
#
# [*cert_file*]
# (optinal) Certificate file to use when starting registry server securely
# Defaults to $::os_service_default.
#
# [*key_file*]
# (optional) Private key file to use when starting registry server securely
# Defaults to $::os_service_default.
#
# [*ca_file*]
# (optional) CA certificate file to use to verify connecting clients
# Defaults to $::os_service_default.
#
# [*enable_v1_registry*]
# (optional) Deploy the v1 API Registry service.
# If glance::api::enable_v1_api is set to True, this option also needs to be
# set to True.
# If your OpenStack deployment is only using Glance API v2, this option
# should be set to False.
# Defaults to false.
#
# DEPRECATED PARAMETERS
#
# [*database_min_pool_size*]
# (optional) Minimum number of SQL connections to keep open in a pool.
# Defaults to undef.
#
# [*os_region_name*]
# (optional) Sets the keystone region to use.
# Defaults to undef.
#
class glance::registry(
$package_ensure = 'present',
$bind_host = $::os_service_default,
$bind_port = '9191',
$workers = $::os_workers,
$database_connection = undef,
$database_idle_timeout = undef,
$database_max_pool_size = undef,
$database_max_retries = undef,
$database_retry_interval = undef,
$database_max_overflow = undef,
$auth_strategy = 'keystone',
$pipeline = 'keystone',
$manage_service = true,
$enabled = true,
$purge_config = false,
$cert_file = $::os_service_default,
$key_file = $::os_service_default,
$ca_file = $::os_service_default,
$enable_v1_registry = false,
# DEPRECATED PARAMETERS
$database_min_pool_size = undef,
$os_region_name = undef,
) inherits glance {
warning('glance::registry is deprecated, and will be removed in a future release')
include glance::deps
include glance::registry::db
if $os_region_name != undef {
warning('glance::registry::os_region_name is deprecated. Use \
cinder::backend::multistore::cinder::cinder_os_region_name instead.')
}
if ( $glance::params::api_package_name != $glance::params::registry_package_name ) {
ensure_packages($glance::params::registry_package_name,
{
ensure => $package_ensure,
tag => ['openstack', 'glance-package'],
}
)
}
resources { 'glance_registry_config':
purge => $purge_config
}
glance_registry_config {
'DEFAULT/workers': value => $workers;
'DEFAULT/bind_host': value => $bind_host;
'DEFAULT/bind_port': value => $bind_port;
'DEFAULT/enable_v1_registry': value => $enable_v1_registry;
'glance_store/os_region_name': value => $os_region_name;
}
# Set the pipeline, it is allowed to be blank
if $pipeline != '' {
validate_legacy(Pattern[/^(\w+([+]\w+)*)*$/], 'validate_re', $pipeline, ['^(\w+([+]\w+)*)*$'])
glance_registry_config {
'paste_deploy/flavor':
ensure => present,
value => $pipeline,
}
} else {
glance_registry_config { 'paste_deploy/flavor': ensure => absent }
}
# keystone config
if $auth_strategy == 'keystone' {
include glance::registry::authtoken
}
# SSL Options
glance_registry_config {
'DEFAULT/cert_file': value => $cert_file;
'DEFAULT/key_file': value => $key_file;
'DEFAULT/ca_file': value => $ca_file;
}
if $manage_service {
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
} else {
warning('Execution of db_sync does not depend on $manage_service or $enabled anymore. Please use sync_db instead.')
}
service { 'glance-registry':
ensure => $service_ensure,
name => $::glance::params::registry_service_name,
enable => $enabled,
hasstatus => true,
hasrestart => true,
tag => 'glance-service',
}
}

266
manifests/registry/authtoken.pp
Unescape View File

@ -1,266 +0,0 @@
# class: glance::registry::authtoken
#
# Configure the keystone_authtoken section in the glance registry configuration file.
#
# === Parameters
#
# [*username*]
# (Optional) The name of the service user
# Defaults to 'glance'
#
# [*password*]
# (Optional) Password to create for the service user
# Defaults to $::os_service_default
#
# [*auth_url*]
# (Optional) The URL to use for authentication.
# Defaults to 'http://127.0.0.1:5000'
#
# [*project_name*]
# (Optional) Service project name
# Defaults to 'services'
#
# [*user_domain_name*]
# (Optional) Name of domain for $username
# Defaults to 'Default'
#
# [*project_domain_name*]
# (Optional) Name of domain for $project_name
# Defaults to 'Default'
#
# [*insecure*]
# (Optional) If true, explicitly allow TLS without checking server cert
# against any certificate authorities. WARNING: not recommended. Use with
# caution.
# Defaults to $::os_service_default
#
# [*auth_section*]
# (Optional) Config Section from which to load plugin specific options
# Defaults to $::os_service_default.
#
# [*auth_type*]
# (Optional) Authentication type to load
# Defaults to 'password'.
#
# [*www_authenticate_uri*]
# (Optional) Complete public Identity API endpoint.
# Defaults to 'http://127.0.0.1:5000'.
#
# [*auth_version*]
# (Optional) API version of the admin Identity API endpoint.
# Defaults to $::os_service_default.
#
# [*cache*]
# (Optional) Env key for the swift cache.
# Defaults to $::os_service_default.
#
# [*cafile*]
# (Optional) A PEM encoded Certificate Authority to use when verifying HTTPs
# connections.
# Defaults to $::os_service_default.
#
# [*certfile*]
# (Optional) Required if identity server requires client certificate
# Defaults to $::os_service_default.
#
# [*delay_auth_decision*]
# (Optional) Do not handle authorization requests within the middleware, but
# delegate the authorization decision to downstream WSGI components. Boolean
# value
# Defaults to $::os_service_default.
#
# [*enforce_token_bind*]
# (Optional) Used to control the use and type of token binding. Can be set
# to: "disabled" to not check token binding. "permissive" (default) to
# validate binding information if the bind type is of a form known to the
# server and ignore it if not. "strict" like "permissive" but if the bind
# type is unknown the token will be rejected. "required" any form of token
# binding is needed to be allowed. Finally the name of a binding method that
# must be present in tokens. String value.
# Defaults to $::os_service_default.
#
# [*http_connect_timeout*]
# (Optional) Request timeout value for communicating with Identity API
# server.
# Defaults to $::os_service_default.
#
# [*http_request_max_retries*]
# (Optional) How many times are we trying to reconnect when communicating
# with Identity API Server. Integer value
# Defaults to $::os_service_default.
#
# [*include_service_catalog*]
# (Optional) Indicate whether to set the X-Service-Catalog header. If False,
# middleware will not ask for service catalog on token validation and will
# not set the X-Service-Catalog header. Boolean value.
# Defaults to $::os_service_default.
#
# [*keyfile*]
# (Optional) Required if identity server requires client certificate
# Defaults to $::os_service_default.
#
# [*memcache_pool_conn_get_timeout*]
# (Optional) Number of seconds that an operation will wait to get a memcached
# client connection from the pool. Integer value
# Defaults to $::os_service_default.
#
# [*memcache_pool_dead_retry*]
# (Optional) Number of seconds memcached server is considered dead before it
# is tried again. Integer value
# Defaults to $::os_service_default.
#
# [*memcache_pool_maxsize*]
# (Optional) Maximum total number of open connections to every memcached
# server. Integer value
# Defaults to $::os_service_default.
#
# [*memcache_pool_socket_timeout*]
# (Optional) Number of seconds a connection to memcached is held unused in
# the pool before it is closed. Integer value
# Defaults to $::os_service_default.
#
# [*memcache_pool_unused_timeout*]
# (Optional) Number of seconds a connection to memcached is held unused in
# the pool before it is closed. Integer value
# Defaults to $::os_service_default.
#
# [*memcache_secret_key*]
# (Optional, mandatory if memcache_security_strategy is defined) This string
# is used for key derivation.
# Defaults to $::os_service_default.
#
# [*memcache_security_strategy*]
# (Optional) If defined, indicate whether token data should be authenticated
# or authenticated and encrypted. If MAC, token data is authenticated (with
# HMAC) in the cache. If ENCRYPT, token data is encrypted and authenticated in the
# cache. If the value is not one of these options or empty, auth_token will
# raise an exception on initialization.
# Defaults to $::os_service_default.
#
# [*memcache_use_advanced_pool*]
# (Optional) Use the advanced (eventlet safe) memcached client pool. The
# advanced pool will only work under python 2.x Boolean value
# Defaults to $::os_service_default.
#
# [*memcached_servers*]
# (Optional) Optionally specify a list of memcached server(s) to use for
# caching. If left undefined, tokens will instead be cached in-process.
# Defaults to $::os_service_default.
#
# [*manage_memcache_package*]
# (Optional) Whether to install the python-memcache package.
# Defaults to false.
#
# [*region_name*]
# (Optional) The region in which the identity server can be found.
# Defaults to $::os_service_default.
#
# [*token_cache_time*]
# (Optional) In order to prevent excessive effort spent validating tokens,
# the middleware caches previously-seen tokens for a configurable duration
# (in seconds). Set to -1 to disable caching completely. Integer value
# Defaults to $::os_service_default.
#
# [*service_token_roles*]
# (Optional) A choice of roles that must be present in a service token.
# Service tokens are allowed to request that an expired token
# can be used and so this check should tightly control that
# only actual services should be sending this token. Roles
# here are applied as an ANY check so any role in this list
# must be present. For backwards compatibility reasons this
# currently only affects the allow_expired check. (list value)
# Defaults to $::os_service_default.
#
# [*service_token_roles_required*]
# (optional) backwards compatibility to ensure that the service tokens are
# compared against a list of possible roles for validity
# true/false
# Defaults to $::os_service_default.
#
# [*interface*]
# (Optional) Interface to use for the Identity API endpoint. Valid values are
# "public", "internal" or "admin".
# Defaults to $::os_service_default.
#
class glance::registry::authtoken(
$username = 'glance',
$password = $::os_service_default,
$auth_url = 'http://127.0.0.1:5000',
$project_name = 'services',
$user_domain_name = 'Default',
$project_domain_name = 'Default',
$insecure = $::os_service_default,
$auth_section = $::os_service_default,
$auth_type = 'password',
$www_authenticate_uri = 'http://127.0.0.1:5000',
$auth_version = $::os_service_default,
$cache = $::os_service_default,
$cafile = $::os_service_default,
$certfile = $::os_service_default,
$delay_auth_decision = $::os_service_default,
$enforce_token_bind = $::os_service_default,
$http_connect_timeout = $::os_service_default,
$http_request_max_retries = $::os_service_default,
$include_service_catalog = $::os_service_default,
$keyfile = $::os_service_default,
$memcache_pool_conn_get_timeout = $::os_service_default,
$memcache_pool_dead_retry = $::os_service_default,
$memcache_pool_maxsize = $::os_service_default,
$memcache_pool_socket_timeout = $::os_service_default,
$memcache_pool_unused_timeout = $::os_service_default,
$memcache_secret_key = $::os_service_default,
$memcache_security_strategy = $::os_service_default,
$memcache_use_advanced_pool = $::os_service_default,
$memcached_servers = $::os_service_default,
$manage_memcache_package = false,
$region_name = $::os_service_default,
$token_cache_time = $::os_service_default,
$service_token_roles = $::os_service_default,
$service_token_roles_required = $::os_service_default,
$interface = $::os_service_default,
) {
include glance::deps
if is_service_default($password) {
fail('Please set password for Glance service user')
}
keystone::resource::authtoken { 'glance_registry_config':
username => $username,
password => $password,
project_name => $project_name,
auth_url => $auth_url,
www_authenticate_uri => $www_authenticate_uri,
auth_version => $auth_version,
auth_type => $auth_type,
auth_section => $auth_section,
user_domain_name => $user_domain_name,
project_domain_name => $project_domain_name,
insecure => $insecure,
cache => $cache,
cafile => $cafile,
certfile => $certfile,
delay_auth_decision => $delay_auth_decision,
enforce_token_bind => $enforce_token_bind,
http_connect_timeout => $http_connect_timeout,
http_request_max_retries => $http_request_max_retries,
include_service_catalog => $include_service_catalog,
keyfile => $keyfile,
memcache_pool_conn_get_timeout => $memcache_pool_conn_get_timeout,
memcache_pool_dead_retry => $memcache_pool_dead_retry,
memcache_pool_maxsize => $memcache_pool_maxsize,
memcache_pool_socket_timeout => $memcache_pool_socket_timeout,
memcache_secret_key => $memcache_secret_key,
memcache_security_strategy => $memcache_security_strategy,
memcache_use_advanced_pool => $memcache_use_advanced_pool,
memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
memcached_servers => $memcached_servers,
manage_memcache_package => $manage_memcache_package,
region_name => $region_name,
token_cache_time => $token_cache_time,
service_token_roles => $service_token_roles,
service_token_roles_required => $service_token_roles_required,
interface => $interface,
}
}

89
manifests/registry/db.pp
Unescape View File

@ -1,89 +0,0 @@
# == Class: glance::registry::db
#
# Configure the Glance database in the registry configuration file.
#
# === Parameters
#
# [*database_db_max_retries*]
# (optional) Maximum retries in case of connection error or deadlock error
# before error is raised. Set to -1 to specify an infinite retry count.
# Defaults to $::os_service_default.
#
# [*database_connection*]
# Url used to connect to database.
# (Optional) Defaults to 'sqlite:///var/lib/glance/glance.sqlite'.
#
# [*database_connection_recycle_time*]
# Timeout when db connections should be reaped.
# (Optional) Defaults to $::os_service_default.
#
# [*database_max_pool_size*]
# Maximum number of SQL connections to keep open in a pool.
# (Optional) Defaults to $::os_service_default.
#
# [*database_max_retries*]
# Maximum db connection retries during startup.
# Setting -1 implies an infinite retry count.
# (Optional) Defaults to $::os_service_default.
#
# [*database_retry_interval*]
# Interval between retries of opening a sql connection.
# (Optional) Defaults to $::os_service_default.
#
# [*database_max_overflow*]
# If set, use this value for max_overflow with sqlalchemy.
# (Optional) Defaults to $::os_service_default.
#
# [*database_pool_timeout*]
# (Optional) If set, use this value for pool_timeout with SQLAlchemy.
# Defaults to $::os_service_default
#
# DEPRECATED PARAMETERS
#
# [*database_min_pool_size*]
# Minimum number of SQL connections to keep open in a pool.
# (Optional) Defaults to undef.
#
class glance::registry::db (
$database_db_max_retries = $::os_service_default,
$database_connection = 'sqlite:///var/lib/glance/glance.sqlite',
$database_connection_recycle_time = $::os_service_default,
$database_max_pool_size = $::os_service_default,
$database_max_retries = $::os_service_default,
$database_retry_interval = $::os_service_default,
$database_max_overflow = $::os_service_default,
$database_pool_timeout = $::os_service_default,
# DEPRECATED PARAMETERS
$database_min_pool_size = $::os_service_default,
) {
include glance::deps
if $::glance::registry::database_min_pool_size or $database_min_pool_size {
warning('The database_min_pool_size parameter is deprecated, and will be removed in a future release.')
}
# NOTE(degorenko): In order to keep backward compatibility we rely on the pick function
# to use glance::registry::<myparam> if glance::registry::db::<myparam> isn't specified.
$database_connection_real = pick($::glance::registry::database_connection, $database_connection)
$database_connection_recycle_time_real = pick($::glance::registry::database_idle_timeout,
$database_connection_recycle_time)
$database_max_pool_size_real = pick($::glance::registry::database_max_pool_size, $database_max_pool_size)
$database_max_retries_real = pick($::glance::registry::database_max_retries, $database_max_retries)
$database_retry_interval_real = pick($::glance::registry::database_retry_interval, $database_retry_interval)
$database_max_overflow_real = pick($::glance::registry::database_max_overflow, $database_max_overflow)
validate_legacy(Oslo::Dbconn, 'validate_re', $database_connection_real,
['^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?'])
oslo::db { 'glance_registry_config':
db_max_retries => $database_db_max_retries,
connection => $database_connection_real,
connection_recycle_time => $database_connection_recycle_time_real,
max_retries => $database_max_retries_real,
retry_interval => $database_retry_interval_real,
max_pool_size => $database_max_pool_size_real,
max_overflow => $database_max_overflow_real,
pool_timeout => $database_pool_timeout,
}
}

147
manifests/registry/logging.pp
Unescape View File

@ -1,147 +0,0 @@
# Class glance::registry::logging
#
# glance-registry logging configuration
#
# == parameters
#
# [*debug*]
# (Optional) Should the daemons log debug messages
# Defaults to $::os_service_default.
#
# [*use_syslog*]
# (Optional) Use syslog for logging.
# Defaults to $::os_service_default.
#
# [*use_json*]
# (Optional) Use json for logging.
# Defaults to $::os_service_default.
#
# [*use_journal*]
# (Optional) Use journal for logging.
# Defaults to $::os_service_default.
#
# [*use_stderr*]
# (Optional) Use stderr for logging
# Defaults to $::os_service_default.
#
# [*log_facility*]
# (Optional) Syslog facility to receive log lines.
# Defaults to $::os_service_default.
#
# [*log_dir*]
# (Optional) Directory where logs should be stored.
# If set to $::os_service_default, it will not log to any directory.
# Defaults to '/var/log/glance'.
#
# [*log_file*]
# (Optional) File where logs should be stored.
# If set to $::os_service_default, it will not log to any file.
# Defaults to '/var/log/glance/registry.log'.
#
# [*logging_context_format_string*]
# (Optional) Format string to use for log messages with context.
# Defaults to $::os_service_default.
# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
# [%(request_id)s %(user_identity)s] %(instance)s%(message)s'
#
# [*logging_default_format_string*]
# (Optional) Format string to use for log messages without context.
# Defaults to $::os_service_default.
# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
# [-] %(instance)s%(message)s'
#
# [*logging_debug_format_suffix*]
# (Optional) Formatted data to append to log format when level is DEBUG.
# Defaults to $::os_service_default.
# Example: '%(funcName)s %(pathname)s:%(lineno)d'
#
# [*logging_exception_prefix*]
# (Optional) Prefix each line of exception output with this format.
# Defaults to $::os_service_default.
# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s'
#
# [*log_config_append*]
# (Optional) The name of an additional logging configuration file.
# Defaults to $::os_service_default.
# See https://docs.python.org/2/howto/logging.html
#
# [*default_log_levels*]
# (0ptional) Hash of logger (keys) and level (values) pairs.
# Defaults to $::os_service_default.
# Example:
# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN',
# 'sqlalchemy' => 'WARN', 'suds' => 'INFO', 'iso8601' => 'WARN',
# 'requests.packages.urllib3.connectionpool' => 'WARN' }
#
# [*publish_errors*]
# (Optional) Publish error events (boolean value).
# Defaults to $::os_service_default (false if unconfigured).
#
# [*fatal_deprecations*]
# (Optional) Make deprecations fatal (boolean value)
# Defaults to $::os_service_default (false if unconfigured).
#
# [*instance_format*]
# (Optional) If an instance is passed with the log message, format it
# like this (string value).
# Defaults to $::os_service_default.
# Example: '[instance: %(uuid)s] '
#
# [*instance_uuid_format*]
# (Optional) If an instance UUID is passed with the log message, format
# it like this (string value).
# Defaults to $::os_service_default.
# Example: instance_uuid_format='[instance: %(uuid)s] '
#
# [*log_date_format*]
# (Optional) Format string for %%(asctime)s in log records.
# Defaults to $::os_service_default.
# Example: 'Y-%m-%d %H:%M:%S'
#
class glance::registry::logging(
$use_syslog = $::os_service_default,
$use_json = $::os_service_default,
$use_journal = $::os_service_default,
$use_stderr = $::os_service_default,
$log_facility = $::os_service_default,
$log_dir = '/var/log/glance',
$log_file = '/var/log/glance/registry.log',
$debug = $::os_service_default,
$logging_context_format_string = $::os_service_default,
$logging_default_format_string = $::os_service_default,
$logging_debug_format_suffix = $::os_service_default,
$logging_exception_prefix = $::os_service_default,
$log_config_append = $::os_service_default,
$default_log_levels = $::os_service_default,
$publish_errors = $::os_service_default,
$fatal_deprecations = $::os_service_default,
$instance_format = $::os_service_default,
$instance_uuid_format = $::os_service_default,
$log_date_format = $::os_service_default,
) {
include glance::deps
oslo::log { 'glance_registry_config':
debug => $debug,
use_stderr => $use_stderr,
use_syslog => $use_syslog,
use_json => $use_json,
use_journal => $use_journal,
log_dir => $log_dir,
log_file => $log_file,
syslog_log_facility => $log_facility,
logging_context_format_string => $logging_context_format_string,
logging_default_format_string => $logging_default_format_string,
logging_debug_format_suffix => $logging_debug_format_suffix,
logging_exception_prefix => $logging_exception_prefix,
log_config_append => $log_config_append,
default_log_levels => $default_log_levels,
publish_errors => $publish_errors,
fatal_deprecations => $fatal_deprecations,
instance_format => $instance_format,
instance_uuid_format => $instance_uuid_format,
log_date_format => $log_date_format,
}
}

23
releasenotes/notes/remove-registry-2a8d771cc159401d.yaml
Unescape View File

@ -0,0 +1,23 @@
---
upgrade:
- |
The ``glance::registry`` class and its subsequent classes have been removed.
This means that support for glance-registry service has been removed.
deprecations:
- |
The following parameters have been deprecated and has no effect now, in
favor of removal of support for glance registry service.
- ``glance::api::registry_client_cert_file``
- ``glance::api::registry_client_key_file``
- ``glance::api::registry_client_ca_file``
- ``glance::config::registry_config``
- ``glance::config::registry_paste_ini_config``
- |
The following resource types have been deprecated and will be removed in a
future release.
- ``glance_registry_config``
- ``glance_registry_paste_ini``

33
spec/acceptance/glance_config_spec.rb
Unescape View File

@ -9,7 +9,6 @@ describe 'basic glance config resource' do
Exec { logoutput => 'on_failure' }
File <||> -> Glance_api_config <||>
File <||> -> Glance_registry_config <||>
File <||> -> Glance_cache_config <||>
File <||> -> Glance_image_import_config <||>
@ -19,9 +18,6 @@ describe 'basic glance config resource' do
file { '/etc/glance/glance-api.conf' :
ensure => file,
}
file { '/etc/glance/glance-registry.conf' :
ensure => file,
}
file { '/etc/glance/glance-cache.conf' :
ensure => file,
}
@ -47,24 +43,6 @@ describe 'basic glance config resource' do
ensure_absent_val => 'toto',
}
glance_registry_config { 'DEFAULT/thisshouldexist' :
value => 'foo',
}
glance_registry_config { 'DEFAULT/thisshouldnotexist' :
value => '<SERVICE DEFAULT>',
}
glance_registry_config { 'DEFAULT/thisshouldexist2' :
value => '<SERVICE DEFAULT>',
ensure_absent_val => 'toto',
}
glance_registry_config { 'DEFAULT/thisshouldnotexist2' :
value => 'toto',
ensure_absent_val => 'toto',
}
glance_cache_config { 'DEFAULT/thisshouldexist' :
value => 'foo',
}
@ -120,17 +98,6 @@ describe 'basic glance config resource' do
end
end
describe file('/etc/glance/glance-registry.conf') do
it { is_expected.to exist }
it { is_expected.to contain('thisshouldexist=foo') }
it { is_expected.to contain('thisshouldexist2=<SERVICE DEFAULT>') }
describe '#content' do
subject { super().content }
it { is_expected.not_to match /thisshouldnotexist/ }
end
end
describe file('/etc/glance/glance-cache.conf') do
it { is_expected.to exist }
it { is_expected.to contain('thisshouldexist=foo') }

17
spec/classes/glance_api_spec.rb
Unescape View File

@ -53,9 +53,6 @@ describe 'glance::api' do
[{
:bind_host => '127.0.0.1',
:bind_port => '9222',
:registry_host => '127.0.0.1',
:registry_port => '9111',
:registry_client_protocol => 'https',
:auth_strategy => 'not_keystone',
:enabled => false,
:backlog => '4095',
@ -121,9 +118,6 @@ describe 'glance::api' do
[
'bind_host',
'bind_port',
'registry_host',
'registry_port',
'registry_client_protocol',
'show_image_direct_url',
'show_multiple_locations',
'location_strategy',
@ -164,8 +158,6 @@ describe 'glance::api' do
it 'is_expected.to lay down default cache config' do
[
'registry_host',
'registry_port',
'image_cache_dir',
'image_cache_stall_time',
'image_cache_max_size',
@ -196,9 +188,6 @@ describe 'glance::api' do
is_expected.to contain_glance_api_config('DEFAULT/ca_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_api_config('DEFAULT/cert_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_api_config('DEFAULT/key_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_api_config('DEFAULT/registry_client_ca_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_api_config('DEFAULT/registry_client_cert_file').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_api_config('DEFAULT/registry_client_key_file').with_value('<SERVICE DEFAULT>')
end
it 'passes purge to resource' do
@ -292,9 +281,6 @@ describe 'glance::api' do
:ca_file => '/tmp/ca_file',
:cert_file => '/tmp/cert_file',
:key_file => '/tmp/key_file',
:registry_client_ca_file => '/tmp/registry_ca_file',
:registry_client_key_file => '/tmp/registry_key_file',
:registry_client_cert_file => '/tmp/registry_cert_file',
})
end
@ -302,9 +288,6 @@ describe 'glance::api' do
it { is_expected.to contain_glance_api_config('DEFAULT/ca_file').with_value('/tmp/ca_file') }
it { is_expected.to contain_glance_api_config('DEFAULT/cert_file').with_value('/tmp/cert_file') }
it { is_expected.to contain_glance_api_config('DEFAULT/key_file').with_value('/tmp/key_file') }
it { is_expected.to contain_glance_api_config('DEFAULT/registry_client_ca_file').with_value('/tmp/registry_ca_file') }
it { is_expected.to contain_glance_api_config('DEFAULT/registry_client_key_file').with_value('/tmp/registry_key_file') }
it { is_expected.to contain_glance_api_config('DEFAULT/registry_client_cert_file').with_value('/tmp/registry_cert_file') }
end
end

20
spec/classes/glance_config_spec.rb
Unescape View File

@ -30,25 +30,6 @@ describe 'glance::config' do
end
end
shared_examples_for 'glance_registry_config' do
let :params do
{ :registry_config => config_hash,
:registry_paste_ini_config => config_hash }
end
it 'configures arbitrary glance-registry configurations' do
is_expected.to contain_glance_registry_config('DEFAULT/foo').with_value('fooValue')
is_expected.to contain_glance_registry_config('DEFAULT/bar').with_value('barValue')
is_expected.to contain_glance_registry_config('DEFAULT/baz').with_ensure('absent')
end
it 'configures arbitrary glance-registry-paste configurations' do
is_expected.to contain_glance_registry_paste_ini('DEFAULT/foo').with_value('fooValue')
is_expected.to contain_glance_registry_paste_ini('DEFAULT/bar').with_value('barValue')
is_expected.to contain_glance_registry_paste_ini('DEFAULT/baz').with_ensure('absent')
end
end
shared_examples_for 'glance_cache_config' do
let :params do
{ :cache_config => config_hash }
@ -82,7 +63,6 @@ describe 'glance::config' do
end
it_configures 'glance_api_config'
it_configures 'glance_registry_config'
it_configures 'glance_cache_config'
it_configures 'glance_image_import_config'
end

34
spec/classes/glance_notify_rabbitmq_spec.rb
Unescape View File

@ -17,21 +17,6 @@ describe 'glance::notify::rabbitmq' do
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/heartbeat_in_pthread').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_failover_strategy').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('DEFAULT/transport_url').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('DEFAULT/rpc_response_timeout').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('DEFAULT/control_exchange').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_notifications/transport_url').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_notifications/driver').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/amqp_durable_queues').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/default_notification_exchange').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_notifications/topics').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/heartbeat_rate').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/heartbeat_in_pthread').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('<SERVICE DEFAULT>') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/kombu_failover_strategy').with_value('<SERVICE DEFAULT>') }
end
describe 'when passing params and use ssl' do
@ -45,13 +30,6 @@ describe 'glance::notify::rabbitmq' do
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/rabbit_durable_queues').with_value(true) }
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('5.0') }
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/kombu_failover_strategy').with_value('shuffle') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/rabbit_durable_queues').with_value(true) }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/kombu_reconnect_delay').with_value('5.0') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/kombu_failover_strategy').with_value('shuffle') }
it { is_expected.to contain_oslo__messaging__rabbit('glance_registry_config').with(
:rabbit_use_ssl => true,
)}
end
end
@ -99,11 +77,6 @@ describe 'glance::notify::rabbitmq' do
it { is_expected.to contain_oslo__messaging__rabbit('glance_api_config').with(
:rabbit_use_ssl => true,
)}
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/amqp_durable_queues').with_value(true) }
it { is_expected.to contain_oslo__messaging__rabbit('glance_registry_config').with(
:rabbit_use_ssl => true,
)}
end
describe 'when setting rabbit_ha_queues' do
@ -127,10 +100,6 @@ describe 'glance::notify::rabbitmq' do
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('60') }
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/heartbeat_rate').with_value('10') }
it { is_expected.to contain_glance_api_config('oslo_messaging_rabbit/heartbeat_in_pthread').with_value(true) }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/heartbeat_timeout_threshold').with_value('60') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/heartbeat_rate').with_value('10') }
it { is_expected.to contain_glance_registry_config('oslo_messaging_rabbit/heartbeat_in_pthread').with_value(true) }
end
describe 'when passing params transport_url' do
@ -144,9 +113,6 @@ describe 'glance::notify::rabbitmq' do
it { is_expected.to contain_glance_api_config('DEFAULT/transport_url').with_value('rabbit://user:pass@host:1234/virt') }
it { is_expected.to contain_glance_api_config('DEFAULT/rpc_response_timeout').with_value('120') }
it { is_expected.to contain_glance_api_config('DEFAULT/control_exchange').with_value('glance') }
it { is_expected.to contain_glance_registry_config('DEFAULT/transport_url').with_value('rabbit://user:pass@host:1234/virt') }
it { is_expected.to contain_glance_registry_config('DEFAULT/rpc_response_timeout').with_value('120') }
it { is_expected.to contain_glance_registry_config('DEFAULT/control_exchange').with_value('glance') }
end
end

3
spec/classes/glance_policy_spec.rb
Unescape View File

@ -25,9 +25,6 @@ describe 'glance::policy' do
is_expected.to contain_oslo__policy('glance_api_config').with(
:policy_file => '/etc/glance/policy.json',
)
is_expected.to contain_oslo__policy('glance_registry_config').with(
:policy_file => '/etc/glance/policy.json',
)
end
end

147
spec/classes/glance_registry_authtoken_spec.rb
Unescape View File

@ -1,147 +0,0 @@
require 'spec_helper'
describe 'glance::registry::authtoken' do
let :params do
{ :password => 'glance_registry_password', }
end
shared_examples 'glance_registry authtoken' do
context 'with default parameters' do
it 'configure keystone_authtoken' do
is_expected.to contain_glance_registry_config('keystone_authtoken/username').with_value('glance')
is_expected.to contain_glance_registry_config('keystone_authtoken/password').with_value('glance_registry_password')
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_url').with_value('http://127.0.0.1:5000')
is_expected.to contain_glance_registry_config('keystone_authtoken/project_name').with_value('services')
is_expected.to contain_glance_registry_config('keystone_authtoken/user_domain_name').with_value('Default')
is_expected.to contain_glance_registry_config('keystone_authtoken/project_domain_name').with_value('Default')
is_expected.to contain_glance_registry_config('keystone_authtoken/insecure').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_section').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_type').with_value('password')
is_expected.to contain_glance_registry_config('keystone_authtoken/www_authenticate_uri').with_value('http://127.0.0.1:5000')
is_expected.to contain_glance_registry_config('keystone_authtoken/auth_version').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/cache').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/cafile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/certfile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/delay_auth_decision').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/enforce_token_bind').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/http_connect_timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/http_request_max_retries').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/include_service_catalog').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/keyfile').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcache_pool_conn_get_timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcache_pool_dead_retry').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcache_pool_maxsize').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcache_pool_socket_timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcache_pool_unused_timeout').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcache_secret_key').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcache_security_strategy').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcache_use_advanced_pool').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/memcached_servers').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/region_name').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/token_cache_time').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/service_token_roles').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/service_token_roles_required').with_value('<SERVICE DEFAULT>')
is_expected.to contain_glance_registry_config('keystone_authtoken/interface').with_value('<SERVICE DEFAULT>')
end
end
context 'when overriding parameters' do
before do
params.merge!({
:www_authenticate_uri => 'https://10.0.0.1:9999/',
:username => 'myuser',
:password => 'mypasswd',
:auth_url => 'http://:127.0.0.1:5000',
:project_name => 'service_project',
:user_domain_name => 'domainX',
:project_domain_name => 'domainX',
:insecure => false,
:auth_section => 'new_section',
:auth_type => 'password',
:auth_version => 'v3',
:cache => 'somevalue',
:cafile => '/opt/stack/data/cafile.pem',
:certfile => 'certfile.crt',
:delay_auth_decision => false,
:enforce_token_bind => 'permissive',
:http_connect_timeout => '300',
:http_request_max_retries => '3',
:include_service_catalog => true,
:keyfile => 'keyfile',
:memcache_pool_conn_get_timeout => '9',
:memcache_pool_dead_retry => '302',
:memcache_pool_maxsize => '11',
:memcache_pool_socket_timeout => '2',
:memcache_pool_unused_timeout => '61',
:memcache_secret_key => 'secret_key',
:memcache_security_strategy => 'ENCRYPT',
:memcache_use_advanced_pool => true,
:memcached_servers => ['memcached01:11211','memcached02:11211'],
:manage_memcache_package => true,
:region_name => 'region2',
:token_cache_time => '301',
:service_token_roles => ['service'],
:service_token_roles_required => false,
:interface => 'internal',
})
end
it 'configure keystone_authtoken' do
is_expected.to contain_glance_registry_config('keystone_authtoken/www_authenticate_uri').with_value('https://10.0.0.1:9999/')