d3a63122cb
This change is the first step to support secure RBAC and allows usage of system scope credentials for Keystone API request. This change covers the following two items. - assignment of system scope roles to system user - credential parameters for authtoken middleware Depends-on: https://review.opendev.org/804325 Change-Id: I1429b2cc6f3c01c07ec26b1a7242e451072be368 |
||
---|---|---|
doc | ||
examples | ||
lib/puppet | ||
manifests | ||
releasenotes | ||
spec | ||
.gitignore | ||
.gitreview | ||
.zuul.yaml | ||
bindep.txt | ||
CHANGELOG.md | ||
CONTRIBUTING.rst | ||
Gemfile | ||
LICENSE | ||
metadata.json | ||
Rakefile | ||
README.md | ||
setup.cfg | ||
setup.py | ||
tox.ini |
Team and repository tags
puppet-heat
Table of Contents
- Overview - What is the heat module?
- Module Description - What does the module do?
- Setup - The basics of getting started with heat
- Implementation - An under-the-hood peek at what the module is doing
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
- Contributors - Those with commits
- Release Notes - Release notes for the project
- Repository - The project source code repository
Overview
The heat module is part of OpenStack, an effort by the OpenStack infrastructure team to provice continuous integration testing and code review for OpenStack and OpenStack community projects as part of the core software. The module itself is used to flexibly configure and manage the orchestration service for OpenStack.
Module Description
The heat module is an attempt to make Puppet capable of managing the entirety of heat.
Setup
What the heat module affects
- Heat, the orchestration service for OpenStack
Installing heat
puppet module install openstack/heat
Beginning with heat
To utilize the heat module's functionality you will need to declare multiple resources. The following is a modified excerpt from the openstack module. This is not an exhaustive list of all the components needed. We recommend that you consult and understand the openstack module and the core openstack documentation to assist you in understanding the available deployment options.
# enable heat resources
class { 'heat':
default_transport_url => 'rabbit://heat:an_even_bigger_secret@127.0.0.1:5672/heat',
database_connection => 'mysql+pymysql://heat:a_big_secret@127.0.0.1/heat?charset=utf8',
keystone_password => 'a_big_secret',
}
class { 'heat::api': }
class { 'heat::engine':
auth_encryption_key => '1234567890AZERTYUIOPMLKJHGFDSQ12',
}
class { 'heat::api_cfn': }
Implementation
puppet-heat
heat is a combination of Puppet manifests and Ruby code to deliver configuration and extra functionality through types and providers.
Types
heat_config
The heat_config
provider is a children of the ini_setting provider. It allows one to write an entry in the /etc/heat/heat.conf
file.
heat_config { 'DEFAULT/enable_stack_adopt' :
value => True,
}
This will write enable_stack_adopt=True
in the [DEFAULT]
section.
name
Section/setting name to manage from heat.conf
value
The value of the setting to be defined.
secret
Whether to hide the value from Puppet logs. Defaults to false
.
ensure_absent_val
If value is equal to ensure_absent_val then the resource will behave as if ensure => absent
was specified. Defaults to <SERVICE DEFAULT>
Limitations
None
Development
Developer documentation for the entire puppet-openstack project.