In glance, user can specify the desired id when creating
a new image. This can be convenient for some cases where
users want predictable ids for image, as referencing ramdisk_id
or kernel_id for AMI images.
Change-Id: I7868f2005041dea6ecd63cd601e9244cefd08e5b
https://review.openstack.org/298718 changed the way images are listed,
by removing the '--long' parameter. This breaks when called by the
openstacklib provider, because that was the "properties" argument in
adb0b1d012/lib/puppet/provider/openstack.rb (L74)
so the command-line used '' as a last argument, causing the failure.
This will require a stable/mitaka backport.
Change-Id: I69e3cc848fbacbda01f9bd7d8a079c99b15cb5cf
This change updates the glance_image provider to support the ability to
specify properties for an image. This change only adds the support for
setting properties. The conversion and update to using the v2 will
require further rework of this provider.
Change-Id: I22b92c5ccd0f77c837e9abe987cee07c7d90867e
Co-Authored-By: Alex Schultz <aschultz@mirantis.com>
In Mitaka Glance v3 was moved to stand alone service [1] - now
it's called Glance Artifacts Repository (Glare).
This patch adds appropriate service managing, package installation,
configuration and related spec tests.
[1] I5b7bd4cdcc5f2a40fc4a5f74bcc422fd700c4fb0
Change-Id: I3371d1d57486e79ccfae565417f2195d3ae66bc9
Closes-bug: #1555697
For working with Swift backend, Glance needs authentication parameters,
which are supplied to Swift when making calls to its storage system.
Glance will use information from the file specified under parameter
swift_store_config_file. When this parameter is set to the same file
(glance-api.conf), we have lot of non-critical errors in glance-api
log, because of 'Invalid format of swift store config'.
The same problem, when we have RadosGW.
Change-Id: I18ee8f68f7ce793d2580685e79ed636556c57ddd
Related-bug: #1540890
This commit moves conditionals based on values obtained from Facter
inside code blocks that are only executed on agents and replaces
the use of Facter['osfamily'].value with Facter.value:(:osfamily).
Without this change we are returning values based off the master's
facts, so if a Debian agent checks into a RedHat master then the type
is currently making a decision based off of RedHat and not the actual
OS of the agent running the catalog. Code ran outside blocks is
evaluated on masters and inside a block is evaluated by the agent when
the catalog is executed. We do not notice this because all our
testing uses "puppet apply" and autorequire only matters when they
find a matching resource name in the catalog. The latter results
in no error because the relationship is simply ignored on the Debian
agent if a package resource with the RedHat name is not found.
This issue was found by running facter 3, the C++11 re-implementation
under the jruby and clojure implemented puppetserver. The clojure
jni shim written so that facter can be ran inside of puppetserver does
not implement the [] method for the Facter module but the ruby shim
does. So I noticed that the code had an issue when
Facter['osfamily'].value was executed on the master, which returned a
not method error. Once again, something we didn't notice becuase we
do not test against a master. I decided to migrate to
Facter.value(:osfamily) to simply keep to an API that is consistent
across both puppet and puppetserver but fixing where the code runs
does actually solve the not method found error.
Change-Id: I773f20e0bc1e917f6ec5fa8830f5bbfa60b6cd8a
Glance_image provider is using 'openstack image create' operation to
create an image.
This operation is supported by glanceclient but not in openstackclient.
Since openstackclient recently switched the default image-api-version to
2, we need to hardcode the version when using this operation so we can
still create images with openstackclient.
See https://bugs.launchpad.net/python-openstackclient/+bug/1405562
Closes-Bug: 1497385
Change-Id: I68adf3fb5c983f37b4b80171466928f6b94a0f6d
Some distros (RHEL based) have a single glance package. On those
distros the ensure_package/autorequire stuff doesn't quite work
correctly as per the type code it is assumed two packages 'glance-api'
and 'glance-registry'
This commit makes sure that on RHEL based distros type only autorequire
'openstack-glance' while on other distros it correctly autorequire
'glance-api' and 'glance-registry'
Change-Id: I17c84b2282beadaec80f4db42fa5696b7967159f
Closes-bug: #1493442
Co-Authored-By: Yanis Guenane <yguenane@redhat.com>
With the creation of the new openstack_config provider, some processing
that was done in glance_api_config has been centralized in
openstack_config.
The same changes apply for glance_registry_config and
glance_cache_config
Impacted methods are :
* section
* setting
* separator
Also, this commit adds the fact that, when passing a specific string
(ensure_absent_val) the provider will behave as if ensure => absent was
specified. '<SERVICE DEFAULT>' is the default value for
ensure_absent_val.
The use case is the following :
glance_api_config { 'DEFAULT/foo' : value => 'bar' } # will work as usual
glance_api_config { 'DEFAULT/foo' : value => '<SERVICE DEFAULT>' } # will mean absent
That means that all the current :
if $myvar {
glance_api_config { 'DEFAULT/foo' : value => $myvar }
} else {
glance_api_config { 'DEFAULT/foo' : ensure => absent }
}
can be removed in favor of :
glance_api_config { 'DEFAULT/foo' : value => $myvar }
If for any reason '<SERVICE DEFAULT>' turns out to be a valid value for
a specific parameter. One could by pass that doing the following :
glance_api_config { 'DEFAULT/foo' : value => '<SERVICE DEFAULT>',
ensure_absent_val => 'foo' }
Change-Id: I3bbdf63d1b9b5a2daba30fd4ba897db703f979ae
Depends-On: I0eeebde3aac2662cc7e69bfad7f8d2481463a218
Currently we specify the ordering of config resources wherever it is
necessary based on the presence of the file it will write to, or the
presence of the package in charge of providing the file it will write
to.
Those kind of ordering can be specified directly at the resource level
using the autorequire mechanism. With this patch, any config resource
will make sure the package in charge of providing the file will be
installed first.
Change-Id: Idb19da25958e79787b0c66e4ae275216849a9a2e
As we discovered before[1] with puppet-keystone, rspec-puppet has
trouble loading paths in some circumstances. This patch updates the
$LOAD_PATH in the newly rewritten glance_image type so that unit tests
in other modules can properly load the openstacklib backend.
[1] https://bugs.launchpad.net/puppet-keystone/+bug/1408531
Change-Id: Ifa3cbd46b8b32695848d4c2e8f837881c46a7d98
This patch changes the glance_image provider to use
puppet-openstacklib's authentication methods, which use
python-openstackclient as an interface, instead of the glance command
line client. The benefits of this is:
- Code reduction. This patch reduces the amount of code in the
glance parent provider and glance_image provider by reusing code from
Puppet::Provider::Openstack instead of implementing authentication,
retries, and response parsing in the provider.
- Presumed reduction in sudden API changes that require quick fixes in
this module, such as f377c0229c.
- Ability to set project-based access control for images
Additional reasoning for this change is in the blueprint.
Important note: this change does not work on Ubuntu under Juno due to a
major bug in the version of python-openstackclient shipped in UCA [1].
This change targets the Kilo releases.
Note about performance: the self.instances and instances methods make
API requests for each image found in the list of instances. This is not
a change from how this was implemented before. The --long formatted
list, either from the glance client or openstackclient, does not
provide all information needed to query an instance and populate
setters. Future patches could possibly improve on this.
Other details of this change:
- Removes auth_glance method, replaced by the request and
glance_request methods
- Removes auth_glance_stdin method which was not being used
- Removes parse_table which is now unnecessary because openstackclient
formats its responses as CSV and Puppet::Provider::Openstack#request
returns the results a hash
- Removes remove_warnings methods which are handled by
Puppet::Provider::Openstack#request
- Removes list_glance_images and get_glance_image_attr which are
sufficiently replaced by using the 'list' and 'show' commands with
Puppet::Provider::Openstack's request method.
- Removed self.prefetch since we can't populate auth parameters during
a prefetch. Instead we prepopulate the list via the instances method.
- Added a flush method to do updates more efficiently
- Changed is_public property to accept true/false in addition to yes/no
and to munge to a symbol instead of a capitalized string, for
consistency with keystone_tenant's enabled property
- Move the reset method into the spec tests since it is only necessary
for testing
- Added tests for glance_image, which did not exist before
- Removed connection retry test since this is taken care of in
openstacklib
[1] https://bugs.launchpad.net/python-openstackclient/+bug/1269821
blueprint use-openstackclient-in-module-resources
Change-Id: Iceab5e1c6138e7aba0f883ed4acb8f7ecbcd2830
This reverts commit b76fbcbea3.
With 268370457c now merged, we need to go
back to looking for os_region_name in [glance_store] instead of
[DEFAULT].
Change-Id: I197d012387d630ca6fb3a38c48f0603add6c6de1
In ::glance::api, os_region_name is set in DEFAULT which work for both
Juno & Kilo.
'glance_store' section has been introduced in Kilo which breaks Juno.
Until we decide our policy to manage master, let's use DEFAULT so both
releases work well.
Change-Id: I1c519146d3fe62f8c8fc8c2d85805db11af21e4c
When we revert the change that moved os_region_name, we must also
revert this fix that resulted from that change.
Depends on https://review.openstack.org/#/c/174968/
This reverts commit 354ae692a5.
Change-Id: I65249b0734ae1a1bfbf0e5e153d19787f6aded5f
Commit e6e8f6a562 changed the section
where the os_region_name setting is placed from 'DEFAULT' to
'glance_store'. However, the provider was not updated to reflect
this change, so it broke.
Change-Id: I9e91faac2a45ac4eba4cc27c328e8dc67e619ab3
The location property of the glance_image type has nearly identical
functionality as the source param, yet one is a param and one is a
property. It is possible to change either of these for a glance image,
but only if it is as of yet unset, and therefore unsaved. It is not
possible to change the location of a glance image once it has been
saved, nor is it possible to query it afterward. Since having location
be a property when it is usually unsettable and is always unqueryable
does not make much sense, we change it to be a param to be consistent
with the source param.
Change-Id: I686c3fec9bf571d18e282888c626d795c9958a6b
After https://review.openstack.org/152321 was merged, it was no
longer guaranteed that some now deprecated settings like auth_host
and auth_protocol would be present in glance-api.conf. This breaks
the Glance provider, which expects them to be present.
This patch adds support for identity_uri in provider, while
keeping backwards compatibility.
Change-Id: Ie8a2e45a4afea4828e02af36e64d65e7d4b7557e
Commit 031609b572 changed the way
is_public was munged. However, when testing it it looks like it
was always seen as an empty string after this, so all created
images were private. Changing the way the 'if' block is done fixes
it.
Change-Id: If2eb52a6d0d9be89c9323702616f62f8ecba5e02
glance expects True/False values whereas this type uses Yes/No.
Without this patch, puppet would return the following message with an
existing glance image with is_public attribute already set to 'True'.
puppet-agent[18190]: (/Stage[main]/Site::Controller/Glance_image[raring-server-cloudimg-amd64]/is_public) is_public changed 'True' to 'Yes'
Change-Id: I532e08e6815a8b03f5eb6a9495d886b9855762c8
When trying to upload an image from the local file system, the
resource provider was failing. Fixing it to use the --file option
for the glance client instead of going through stdin.
Change-Id: Ic6bade025d28e2eb33f86c2d4421b65d06e8274c
This is pretty important in situations where Keystone contains information about
multiple regions. The holding assumption is that the glance::image etc are used
for image upload for the current region.
Change-Id: I0a24cd24ddf3e0b1fab94e693a2fac847cc7271c
Since this patch has been merged in python-glanceclient 0.14.1:
1dfce5301c
We have to update the way to call Glance Client.
This patch updates for glance image-list, image-show and the way to get
a token, and also the way the glance command output is parsed.
Change-Id: If3e1e42b1245dd064fa00e07037535afc9caa04c
Currently secrets like rabbit_password or admin_password are displayed in
puppet logs when changed. This commit changes glance_*_config and
glance_*_ini types adding a new parameter that triggers obfuscation of
the values in puppet logs.
Change-Id: I31f974a9afadef42939ee092ecba3b8f4333bb8b
Closes-Bug: #1328448
The output of the glance show command in get_glance_image_attrs
does not get properly converted while being added to the
attrs array.
Change-Id: Ibe503b24ae3bfa10944537d5deaa068a01eaa5f3
Closes-Bug: #1199513
The python-glanceclient (glance) was updated to not report back
on the id of an uploaded image with the v2 API [1]. This broke
the parser for the glance_image provider. This change first checks
for the previous behavior (for performance and backwards
compatability), and failing that parses the results table and
pulls the id (if it exits) out of the results.
The new parse_table method was made to be generic so that any result
from the glance client could be parsed into an array of maps.
[1]
https://github.com/openstack/python-glanceclient/search?q=Added+new+image+with+ID&ref=cmdform
Change-Id: If7b5445c6f51d886427248827a73cc16b5a2e488
Some arguments are deprecated in API v2.
This patch aims to update glance_image provider to fit with the
OpenStack Images API v2.0 (latest stable).
Note: Glance API v2 is by default from OpenStack Folsom release.
Change-Id: Ic06a839324aa0a6e11b16a13ad8927a1da6e13e4
Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
Glance client is getting the same warnings as Keystone client,
hence puppet-glance should use the same hack as puppet-keystone
until providers will be refactored to use API calls instead.
See https://bugzilla.redhat.com/show_bug.cgi?id=1043725 for more details
Change-Id: I99e4308d0731307c019ad6cab8db5feee1b0ed73
Python-glanceclient removed the --silent-upload some time ago (I
believe when the client was split out from Glance itself). It's no
longer valid and needs to be removed. Otherwise users will see
an error of the form:
glance: error: unrecognized arguments: --silent-upload
Change-Id: I417688872bd8e7c4bac7be13d0b0eb13a030fe29
Just b/c the glance service has started correctly does not
mean the service is actually running. Often, the service
is not operational and attempts to use the glance_image provider
results in connection errors.
This commit inserts code that allows the glance provider to
sleep for 10 seconds and perform a single retry.
The template for the code and tests was borrowed from keystone.
Change-Id: I565f1befea6ec3d2347f8e29c9aa05d5a312a827
Check if auth_admin_prefix is defined (passed as a parameter to api.pp)
before trying to access it in the settings data structure.
Change-Id: I61a3ae41dca2a5e5bd9e635b0a2ab9eb05b0326a
Fixes: bug #1190481
This patch allows the usage of Puppet boolean values and still
configure values with OpenStack boolean style: True/False.
Change-Id: I1f96bf979e67fd7fb8fd1d984809fd072783224c
In order for the ini file type to support purging,
the file path must be accessible on the class instance.
This patch was made to test some new functionality being added
to the inifile type
https://github.com/cprice-puppet/puppetlabs-inifile/pull/25
It does effect backwards compat of this native type so its ok
to go ahead and merge.
This commit introduces a refactor of glance_image.
ensure that it follows the best practices for provider development.
- use property hash
- use mk_resource_methods
- update property hash on create and delete.
ensure that it keeps it property hash reasobly up to date.
- Add native types to manage all existing ini files
- remove all unused templates
- convert all concat with ini_setting resources
- remove all concat code