Commit Graph

36 Commits (1e09e553edf091f53b3bbfe667630adc236cf223)

Author SHA1 Message Date
Clayton O'Neill 18b010975c Add hooks for external install & svc management
This adds defined anchor points for external modules to hook into the
software install, config and service dependency chain.  This allows
external modules to manage software installation (virtualenv,
containers, etc) and service management (pacemaker) without needing rely
on resources that may change or be renamed.

Change-Id: If683fbd098e701a3c4da91941cf818b18b41b209
7 years ago
Dan Prince 44bf1232a5 Switch $service_name to 'glance' for keystone
This patch switches the service name from 'Image Service' to
just 'glance' so that it matches what we do for other services.
Typically we use the project (auth) name for the service_name.

Not having a consistent catalog can cause failure to find
endpoints for some services. Mistral for example would fail
to lookup the glance endpoint due to it being set as 'Image Service'
rather than 'glance'.

Change-Id: I17116c0f995ab76ed79bd8b2df57629c1ed4e4d0
Closes-bug: #1584229
7 years ago
Jenkins 20a186b8d9 Merge "Provide consisent default name for service_identity resource" 7 years ago
Juan Antonio Osorio Robles f2855769b3 Provide consisent default name for service_identity resource
This change updates glance::keystone::auth to include the
user-provided auth_name as a parameter for the service_identity
provider. Hardcoding the namevar of that resource as was agreed. the
service_name parameter was not undef as in other resources, so the
name was left as-is. And we no longer pick a service_name out of the
service_name and auth_name; now only the service_name is taken into

Closes-Bug: #1590040
Change-Id: I757930e05b6e14cb15139840c9e4a513c9af5d17
7 years ago
Mohammed Naser 92d9ac9368 Fix Keystone integration documentation
The README file refers to an invalid *_address parameters
when *_url parameters should be used.  The example in the
manifest does not show a password listed (which is required).

Change-Id: I03eb31f0c660afca1688e6fc7a992cfb70317706
7 years ago
Iury Gregory Melo Ferreira 1c1dd86ed7 Remove deprecated keystone::auth options
Change-Id: Id94793f682728b612e5324d28e01d6548fa53299
7 years ago
Denis Egorenko e0b34f450d Configure endpoint for Glance Glare
Change I3371d1d57486e79ccfae565417f2195d3ae66bc9 is introduced a new
glance service - Glare and it has own endpoint. This patch adds it.

Change-Id: Ibea50c249e6f0f33dbcfae4bf7cf3569f27c21e5
Related-bug: #1555697
7 years ago
Emilien Macchi 80faf9a017 Default service_name to 'Image Service'
In Liberty, we sent a warning if service_name was not set (and auth_name
was configured as the service name), with the goal to define the correct
default value during Mitaka.

This patch set the service_name parameter to 'Image Service' by default
to match with Keystone's default catalog.

Note: if you already run OpenStack, when you'll run Puppet after this
change, the old service will still be present and you'll have to drop it
manually. Though the Glance endpoint will be updated with the new

Change-Id: I740a9ad32361e6a78277ea0667fba7f631eb64af
Closes-bug: #1506061
8 years ago
Emilien Macchi 866af363f3 Make Keystone_endpoint match service by name/type
Since a chance in puppet-keystone (1], we now match an endpoint with a
service name/type.
This patch reflects this change for 'image' service endpoint.

Closes-Bug: #1528308

Change-Id: Idff0ff4052ee9db4395a0b556f4c01c5538450dd
8 years ago
Martin Mágr 144622fd30 Preparation for default endpoint names rename
This patch prepares for changes of default endpoint names,
so that they match default_catalog name [1]


Change-Id: I0aa0be260f119f461a37199fb608a9bd0ba2263f
Partial-bug: #1506061
8 years ago
Doug Knight a530adfc79 Stop collecting glance services by name
Collect glance service resources by title instead of name.  The service
name differs across distributions but the resource title does not.
These collectors were silently ignored when they did not match any
services on Red Hat systems.

Change-Id: I9c17395576b35920eda1f57d93ef684a00253c53
Closes-Bug: 1511891
8 years ago
Emilien Macchi afa0ed8122 Make sure Glance_image is executed after Keystone_endpoint
When running Keystone in WSGI, Glance_image is not run in the right
This patch aims to make sure Glance_image is run after creating Glance
endpoint Keystone resource by using the Puppet chain arrow.
Keystone_endpoint is actually the latest resource created by Keystone
providers to make Glance working.
If Glance_image resource is in the catalog, it will be executed when
keystone & glance are actually ready and not before.

Closes-Bug: #1488277
Change-Id: I97d1a77c5f4a67914738514d773ecbd4bfb2196c
8 years ago
Mathieu Gagné 1225528086 Introduce public_url, internal_url and admin_url
This change deprecates the following parameters:
- port (replaced by public/internal/admin_url)
- public_protocol (replaced by public_url)
- public_address (replaced by public_url)
- internal_protocol (replaced by internal_url)
- internal_address (replaced by internal_url)
- admin_protocol (replaced by admin_url)
- admin_address (replaced by admin_url)

Add deprecation warnings if any of those values are provided
while maintaining full backward compatibility.

Closes-bug: #1274979
Change-Id: Iac152347534874f8763d8df4f81d1568d3c5e222
8 years ago
Dan Bode 1d38834466 make service description configurable
The previous commit that changed the service description
from Openstack to OpenStack actually introduced a bug that means
that users cannot upgrade between those two versions of the code.

An attempt to use this manifest to upgrade from earlier versions
of the code before this change was made is currently not supported
because keystone_service does not support updating it's description.

This commit adds the service description as a class parameter so that
folks using older version of the module can update it to the incorrectly
spelled version.

Change-Id: Id8b01c7456b067c19fcf6cc1503c22a11b7d3fd9
8 years ago
Risto Laurikainen ee0549f15d Fix catalog compilation when not configuring endpoint
Previously when you set $configure_endpoint to false and did not have a
keystone_endpoint resource with the same name as is defined by
glance::keystone::auth, the catalog would not be compiled. This was
because a relationship was being established where one resource in the
relationship didn't exist.

This changes this so that the relationship involving the Keystone
endpoint is only defined if $configure_endpoint is set to true.

Also, the test for when $configure_endpoint is false was set to check
for an endpoint that doesn't get created even if $configure_endpoint is
true. Fixed so that it checks for an endpoint that has the correct name
(the same as when using the default values to call the class).

Change-Id: I6631a656a888d0df7ab173705bea0598bd2b2f58
Closes-Bug: 1368686
8 years ago
Sebastien Badia 0d83409381 Fix lint issues (doc, metadata, manifests)
Add puppet parameters lint (with puppet-lint-param-docs gem) and fix
missing documentations, this commit also fix metadata.json file (SPDX
license, and open dependencies).

Change-Id: I0d590b930a8d0263c3a74d861b9786770be7d183
8 years ago
Christian Berendt 26dac12bb5 Fix spelling of OpenStack
According to the OpenStack Documentation conventions it should
be OpenStack and not Openstack or openstack.

Change-Id: I13c85c91781448890656f37ae548f8da3ac31147
9 years ago
Emilien Macchi ac5c2bcf66 Refactorise Keystone resources management
Refactorise the code of Keystone resources management with backward
compatibility since we don't modify the unit tests.

Change-Id: If15a56de62d5d87d456cdc6aed1602aee5984124
Implements: blueprint common-openstack-identity-resource
9 years ago
Risto Laurikainen 246842f13c Make user creation optional when creating service.
In some cases it is useful to be able to just configure
the service in Keystone and not the service user. This
is the case when e.g. a read only LDAP backend is used.
Added parameters configure_user and configure_user_role
(default to true).

Change-Id: If9bb802ff2bb0b3ece55f36df773059ba9c7e9de
Closes-Bug: 1360232
9 years ago
Mike Dorman 1f27e17ea0 Adds ability to override service name for service catalog
Instead of forcing the name of the service in the service catalog to
match auth_name, this allows the ability to explicitly set the service
name, separately from auth_name.

Change-Id: I142b9e944eacdeba8a029d7f15f067ef5f1f87a4
9 years ago
Benedikt Trefzer 833c3845a2 add parameter for endpoint protocols
This gives the ability to specify https endpoint for
internal and/or admin endpoints.

Change-Id: I1f7d96693a5bc2140041658e77cc7920f9577eac
backport: havana
9 years ago
Michael Chapman cabf6d6b6c Ensure keystone endpoint set before service starts
This patch ensures that in the case where keystone and
glance-api are on the same node, nova-api is not started
until the keystone catalog contains the image service
and endpoint required to use glance.

Change-Id: I48ae07b2d7789d549a4412a21e842a1222a48caa
10 years ago
Mathieu Gagné d5567e6aef Various Puppet lint fixes
* Fix following warnings:
    * double quoted string containing no variables
    * indentation of => is not properly aligned
    * quoted boolean value found
    * variable not enclosed in {}
* Fix following errors:
    * two-space soft tabs not used
* Remove quotes around class in include/require statements
* Remove some comments from the code, they added no value

Change-Id: I341b37f2c6795951f3285037b2fa612d767a4474
10 years ago
François Charlier 51dc02d145 Glance's Keystone endpoint does not need the '/v1'
As said in [1], “This is useless and causes problem with library using
glanceclient. Glance has already a workaround for this […]”

11 years ago
Derek Higgins 68f7aecfeb Adding the ability to specify https for the public endpoint 11 years ago
Joe Topjian 47537dbbc4 Multi-region support 11 years ago
Dan Bode 7c396acd66 remove password defaults
This commit removes the password defaults.

Users should not rely on password defaults.
11 years ago
Dan Bode 845ef55ead Modify keystone auth
Make tenant configurable
Make email configurable
11 years ago
John Chilton db28c354ca Fix default boolean value for configure_endpoint. 11 years ago
John Chilton f1df5e64d1 Make endpoint configuration in glance::keystone::auth optional in case not using templated catalog file for defining endpoints. (keystone_endpoint type seems to assume always using SQL driver.) 11 years ago
Dan Bode b454b902cf Refactor of glance::keystone::auth
This refactor of glance::keystone::auth adds additional
class parameters to make it easier to configure the resulting
keystone objects.

Adds the following class parameters:
  - admin_address    = '',
  - internal_address = '',
  - region

Removes the following parameters:
  - address (which has been replaced by the above parameters)

Renames the following paramters:
  - service => service_type
11 years ago
Dan Bode c73c4a8fcf Do not start services until glance user_role exists
This ensures that the services will not start until they
can be authenticated.
11 years ago
Dan Bode e1529167d7 Update glance service definitions
This commit updates the service definitions for the
image service.

Removes dependencies that are no longer necessary (b/c I added

Specify ensure explicitly.
11 years ago
Dan Bode 616b32d617 Update keystone tenant name
Updates from service to services.
11 years ago
Dan Bode d1e33cc81f Add code to use latest ppas
The ppas are currently coded in the keystone module.

This code adds them to the glance example to ensure that
we get the latest version of the glance packages.
11 years ago
Dan Bode a5ac23272d Refactor config files for essex
The config files for glance have changed quite
a bit between the Diablo and Essex releases of

This commit refactors the config files.
11 years ago