Set oslo options in keystone module through puppet-oslo
Key moments: * use oslo::{db,log,cache,policy}, oslo::messaging::{default,notifications,rabbit} * update top-file docs * add new parameters provided by oslo * update tests accordingly * add oslo dependency to "metadata.json" * add release notes Change-Id: I6840b7b9a0cd4832794b1b2a017fc241759aab66
This commit is contained in:
parent
51b8e2ce96
commit
030820aa2d
@ -44,7 +44,6 @@ class keystone::db (
|
|||||||
) {
|
) {
|
||||||
|
|
||||||
include ::keystone::deps
|
include ::keystone::deps
|
||||||
include ::keystone::params
|
|
||||||
|
|
||||||
# NOTE(spredzy): In order to keep backward compatibility we rely on the pick function
|
# NOTE(spredzy): In order to keep backward compatibility we rely on the pick function
|
||||||
# to use keystone::<myparam> if keystone::db::<myparam> isn't specified.
|
# to use keystone::<myparam> if keystone::db::<myparam> isn't specified.
|
||||||
@ -59,44 +58,14 @@ class keystone::db (
|
|||||||
validate_re($database_connection_real,
|
validate_re($database_connection_real,
|
||||||
'^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
|
'^(sqlite|mysql(\+pymysql)?|postgresql):\/\/(\S+:\S+@\S+\/\S+)?')
|
||||||
|
|
||||||
case $database_connection_real {
|
oslo::db { 'keystone_config':
|
||||||
/^mysql(\+pymysql)?:\/\//: {
|
connection => $database_connection_real,
|
||||||
require 'mysql::bindings'
|
idle_timeout => $database_idle_timeout_real,
|
||||||
require 'mysql::bindings::python'
|
min_pool_size => $database_min_pool_size_real,
|
||||||
if $database_connection_real =~ /^mysql\+pymysql/ {
|
max_pool_size => $database_max_pool_size_real,
|
||||||
$backend_package = $::keystone::params::pymysql_package_name
|
max_retries => $database_max_retries_real,
|
||||||
} else {
|
retry_interval => $database_retry_interval_real,
|
||||||
$backend_package = false
|
max_overflow => $database_max_overflow_real,
|
||||||
}
|
|
||||||
}
|
|
||||||
/^postgresql:\/\//: {
|
|
||||||
$backend_package = false
|
|
||||||
require 'postgresql::lib::python'
|
|
||||||
}
|
|
||||||
/^sqlite:\/\//: {
|
|
||||||
$backend_package = $::keystone::params::sqlite_package_name
|
|
||||||
}
|
|
||||||
default: {
|
|
||||||
fail('Unsupported backend configured')
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if $backend_package and !defined(Package[$backend_package]) {
|
|
||||||
package {'keystone-backend-package':
|
|
||||||
ensure => present,
|
|
||||||
name => $backend_package,
|
|
||||||
tag => ['openstack', 'keystone-package'],
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
keystone_config {
|
|
||||||
'database/connection': value => $database_connection_real, secret => true;
|
|
||||||
'database/idle_timeout': value => $database_idle_timeout_real;
|
|
||||||
'database/min_pool_size': value => $database_min_pool_size_real;
|
|
||||||
'database/max_retries': value => $database_max_retries_real;
|
|
||||||
'database/retry_interval': value => $database_retry_interval_real;
|
|
||||||
'database/max_pool_size': value => $database_max_pool_size_real;
|
|
||||||
'database/max_overflow': value => $database_max_overflow_real;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -130,6 +130,26 @@
|
|||||||
# This has no effects unless 'memcache_servers' is set.
|
# This has no effects unless 'memcache_servers' is set.
|
||||||
# Default to $::os_service_default
|
# Default to $::os_service_default
|
||||||
#
|
#
|
||||||
|
# [*cache_config_prefix*]
|
||||||
|
# (Optional) Prefix for building the configuration dictionary for
|
||||||
|
# the cache region. This should not need to be changed unless there
|
||||||
|
# is another dogpile.cache region with the same configuration name.
|
||||||
|
# (string value)
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*cache_expiration_time*]
|
||||||
|
# (Optional) Default TTL, in seconds, for any cached item in the
|
||||||
|
# dogpile.cache region. This applies to any cached method that
|
||||||
|
# doesn't have an explicit cache expiration time defined for it.
|
||||||
|
# (integer value)
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
# [*cache_proxies*]
|
||||||
|
# (Optional) Proxy classes to import that will affect the way the
|
||||||
|
# dogpile.cache backend functions. See the dogpile.cache documentation on
|
||||||
|
# changing-backend-behavior. (list value)
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
# [*token_caching*]
|
# [*token_caching*]
|
||||||
# (optional) Toggle for token system caching. This has no effects unless 'memcache_servers' is set.
|
# (optional) Toggle for token system caching. This has no effects unless 'memcache_servers' is set.
|
||||||
# Default to $::os_service_default
|
# Default to $::os_service_default
|
||||||
@ -222,7 +242,7 @@
|
|||||||
#
|
#
|
||||||
# [*rabbit_ha_queues*]
|
# [*rabbit_ha_queues*]
|
||||||
# (Optional) Use HA queues in RabbitMQ.
|
# (Optional) Use HA queues in RabbitMQ.
|
||||||
# Defaults to undef.
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
# [*rabbit_password*]
|
# [*rabbit_password*]
|
||||||
# (optional) Password used to connect to rabbitmq.
|
# (optional) Password used to connect to rabbitmq.
|
||||||
@ -274,11 +294,12 @@
|
|||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
# [*notification_driver*]
|
# [*notification_driver*]
|
||||||
# RPC driver. Not enabled by default
|
# RPC driver. Not enabled by default (list value)
|
||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
# [*notification_topics*]
|
# [*notification_topics*]
|
||||||
# (optional) AMQP topics to publish to when using the RPC notification driver.
|
# (optional) AMQP topics to publish to when using the RPC notification driver.
|
||||||
|
# (list value)
|
||||||
# Default to $::os_service_default
|
# Default to $::os_service_default
|
||||||
#
|
#
|
||||||
# [*notification_format*]
|
# [*notification_format*]
|
||||||
@ -287,6 +308,7 @@
|
|||||||
#
|
#
|
||||||
# [*control_exchange*]
|
# [*control_exchange*]
|
||||||
# (optional) AMQP exchange to connect to if using RabbitMQ or Qpid
|
# (optional) AMQP exchange to connect to if using RabbitMQ or Qpid
|
||||||
|
# (string value)
|
||||||
# Default to $::os_service_default
|
# Default to $::os_service_default
|
||||||
#
|
#
|
||||||
# [*public_bind_host*]
|
# [*public_bind_host*]
|
||||||
@ -471,6 +493,11 @@
|
|||||||
# the pool before it is closed.
|
# the pool before it is closed.
|
||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
#
|
#
|
||||||
|
# [*memcache_pool_connection_get_timeout*]
|
||||||
|
# (Optional) Number of seconds that an operation will wait to get a memcache
|
||||||
|
# client connection. (integer value)
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
# [*policy_driver*]
|
# [*policy_driver*]
|
||||||
# Policy backend driver. (string value)
|
# Policy backend driver. (string value)
|
||||||
# Defaults to $::os_service_default.
|
# Defaults to $::os_service_default.
|
||||||
@ -526,103 +553,107 @@
|
|||||||
#
|
#
|
||||||
class keystone(
|
class keystone(
|
||||||
$admin_token,
|
$admin_token,
|
||||||
$package_ensure = 'present',
|
$package_ensure = 'present',
|
||||||
$client_package_ensure = 'present',
|
$client_package_ensure = 'present',
|
||||||
$public_bind_host = '0.0.0.0',
|
$public_bind_host = '0.0.0.0',
|
||||||
$admin_bind_host = '0.0.0.0',
|
$admin_bind_host = '0.0.0.0',
|
||||||
$public_port = '5000',
|
$public_port = '5000',
|
||||||
$admin_port = '35357',
|
$admin_port = '35357',
|
||||||
$verbose = undef,
|
$verbose = undef,
|
||||||
$debug = undef,
|
$debug = undef,
|
||||||
$log_dir = undef,
|
$log_dir = undef,
|
||||||
$log_file = undef,
|
$log_file = undef,
|
||||||
$use_syslog = undef,
|
$use_syslog = undef,
|
||||||
$use_stderr = undef,
|
$use_stderr = undef,
|
||||||
$log_facility = undef,
|
$log_facility = undef,
|
||||||
$catalog_type = 'sql',
|
$catalog_type = 'sql',
|
||||||
$catalog_driver = false,
|
$catalog_driver = false,
|
||||||
$catalog_template_file = '/etc/keystone/default_catalog.templates',
|
$catalog_template_file = '/etc/keystone/default_catalog.templates',
|
||||||
$token_provider = 'uuid',
|
$token_provider = 'uuid',
|
||||||
$token_driver = 'sql',
|
$token_driver = 'sql',
|
||||||
$token_expiration = 3600,
|
$token_expiration = 3600,
|
||||||
$revoke_driver = $::os_service_default,
|
$revoke_driver = $::os_service_default,
|
||||||
$revoke_by_id = true,
|
$revoke_by_id = true,
|
||||||
$public_endpoint = $::os_service_default,
|
$public_endpoint = $::os_service_default,
|
||||||
$admin_endpoint = $::os_service_default,
|
$admin_endpoint = $::os_service_default,
|
||||||
$enable_ssl = false,
|
$enable_ssl = false,
|
||||||
$ssl_certfile = '/etc/keystone/ssl/certs/keystone.pem',
|
$ssl_certfile = '/etc/keystone/ssl/certs/keystone.pem',
|
||||||
$ssl_keyfile = '/etc/keystone/ssl/private/keystonekey.pem',
|
$ssl_keyfile = '/etc/keystone/ssl/private/keystonekey.pem',
|
||||||
$ssl_ca_certs = '/etc/keystone/ssl/certs/ca.pem',
|
$ssl_ca_certs = '/etc/keystone/ssl/certs/ca.pem',
|
||||||
$ssl_ca_key = '/etc/keystone/ssl/private/cakey.pem',
|
$ssl_ca_key = '/etc/keystone/ssl/private/cakey.pem',
|
||||||
$ssl_cert_subject = '/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost',
|
$ssl_cert_subject = '/C=US/ST=Unset/L=Unset/O=Unset/CN=localhost',
|
||||||
$cache_dir = '/var/cache/keystone',
|
$cache_dir = '/var/cache/keystone',
|
||||||
$memcache_servers = $::os_service_default,
|
$memcache_servers = $::os_service_default,
|
||||||
$manage_service = true,
|
$manage_service = true,
|
||||||
$cache_backend = $::os_service_default,
|
$cache_backend = $::os_service_default,
|
||||||
$cache_backend_argument = $::os_service_default,
|
$cache_backend_argument = $::os_service_default,
|
||||||
$cache_enabled = $::os_service_default,
|
$cache_enabled = $::os_service_default,
|
||||||
$cache_memcache_servers = $::os_service_default,
|
$cache_memcache_servers = $::os_service_default,
|
||||||
$debug_cache_backend = $::os_service_default,
|
$debug_cache_backend = $::os_service_default,
|
||||||
$token_caching = $::os_service_default,
|
$cache_config_prefix = $::os_service_default,
|
||||||
$enabled = true,
|
$cache_expiration_time = $::os_service_default,
|
||||||
$database_connection = undef,
|
$cache_proxies = $::os_service_default,
|
||||||
$database_idle_timeout = undef,
|
$token_caching = $::os_service_default,
|
||||||
$database_max_retries = undef,
|
$enabled = true,
|
||||||
$database_retry_interval = undef,
|
$database_connection = undef,
|
||||||
$database_min_pool_size = undef,
|
$database_idle_timeout = undef,
|
||||||
$database_max_pool_size = undef,
|
$database_max_retries = undef,
|
||||||
$database_max_overflow = undef,
|
$database_retry_interval = undef,
|
||||||
$enable_pki_setup = false,
|
$database_min_pool_size = undef,
|
||||||
$signing_certfile = '/etc/keystone/ssl/certs/signing_cert.pem',
|
$database_max_pool_size = undef,
|
||||||
$signing_keyfile = '/etc/keystone/ssl/private/signing_key.pem',
|
$database_max_overflow = undef,
|
||||||
$signing_ca_certs = '/etc/keystone/ssl/certs/ca.pem',
|
$enable_pki_setup = false,
|
||||||
$signing_ca_key = '/etc/keystone/ssl/private/cakey.pem',
|
$signing_certfile = '/etc/keystone/ssl/certs/signing_cert.pem',
|
||||||
$signing_cert_subject = '/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com',
|
$signing_keyfile = '/etc/keystone/ssl/private/signing_key.pem',
|
||||||
$signing_key_size = 2048,
|
$signing_ca_certs = '/etc/keystone/ssl/certs/ca.pem',
|
||||||
$rabbit_host = $::os_service_default,
|
$signing_ca_key = '/etc/keystone/ssl/private/cakey.pem',
|
||||||
$rabbit_hosts = $::os_service_default,
|
$signing_cert_subject = '/C=US/ST=Unset/L=Unset/O=Unset/CN=www.example.com',
|
||||||
$rabbit_password = $::os_service_default,
|
$signing_key_size = 2048,
|
||||||
$rabbit_port = $::os_service_default,
|
$rabbit_host = $::os_service_default,
|
||||||
$rabbit_userid = $::os_service_default,
|
$rabbit_hosts = $::os_service_default,
|
||||||
$rabbit_virtual_host = $::os_service_default,
|
$rabbit_password = $::os_service_default,
|
||||||
$rabbit_heartbeat_timeout_threshold = $::os_service_default,
|
$rabbit_port = $::os_service_default,
|
||||||
$rabbit_heartbeat_rate = $::os_service_default,
|
$rabbit_userid = $::os_service_default,
|
||||||
$rabbit_use_ssl = $::os_service_default,
|
$rabbit_virtual_host = $::os_service_default,
|
||||||
$rabbit_ha_queues = undef,
|
$rabbit_heartbeat_timeout_threshold = $::os_service_default,
|
||||||
$kombu_ssl_ca_certs = $::os_service_default,
|
$rabbit_heartbeat_rate = $::os_service_default,
|
||||||
$kombu_ssl_certfile = $::os_service_default,
|
$rabbit_use_ssl = $::os_service_default,
|
||||||
$kombu_ssl_keyfile = $::os_service_default,
|
$rabbit_ha_queues = $::os_service_default,
|
||||||
$kombu_ssl_version = $::os_service_default,
|
$kombu_ssl_ca_certs = $::os_service_default,
|
||||||
$notification_driver = $::os_service_default,
|
$kombu_ssl_certfile = $::os_service_default,
|
||||||
$notification_topics = $::os_service_default,
|
$kombu_ssl_keyfile = $::os_service_default,
|
||||||
$notification_format = $::os_service_default,
|
$kombu_ssl_version = $::os_service_default,
|
||||||
$control_exchange = $::os_service_default,
|
$notification_driver = $::os_service_default,
|
||||||
$validate_service = false,
|
$notification_topics = $::os_service_default,
|
||||||
$validate_insecure = false,
|
$notification_format = $::os_service_default,
|
||||||
$validate_auth_url = false,
|
$control_exchange = $::os_service_default,
|
||||||
$validate_cacert = undef,
|
$validate_service = false,
|
||||||
$paste_config = $::os_service_default,
|
$validate_insecure = false,
|
||||||
$service_provider = $::keystone::params::service_provider,
|
$validate_auth_url = false,
|
||||||
$service_name = $::keystone::params::service_name,
|
$validate_cacert = undef,
|
||||||
$max_token_size = $::os_service_default,
|
$paste_config = $::os_service_default,
|
||||||
$sync_db = true,
|
$service_provider = $::keystone::params::service_provider,
|
||||||
$enable_fernet_setup = false,
|
$service_name = $::keystone::params::service_name,
|
||||||
$fernet_key_repository = '/etc/keystone/fernet-keys',
|
$max_token_size = $::os_service_default,
|
||||||
$fernet_max_active_keys = $::os_service_default,
|
$sync_db = true,
|
||||||
$default_domain = undef,
|
$enable_fernet_setup = false,
|
||||||
$enable_bootstrap = true,
|
$fernet_key_repository = '/etc/keystone/fernet-keys',
|
||||||
$memcache_dead_retry = $::os_service_default,
|
$fernet_max_active_keys = $::os_service_default,
|
||||||
$memcache_socket_timeout = $::os_service_default,
|
$default_domain = undef,
|
||||||
$memcache_pool_maxsize = $::os_service_default,
|
$enable_bootstrap = true,
|
||||||
$memcache_pool_unused_timeout = $::os_service_default,
|
$memcache_dead_retry = $::os_service_default,
|
||||||
$policy_driver = $::os_service_default,
|
$memcache_socket_timeout = $::os_service_default,
|
||||||
$using_domain_config = false,
|
$memcache_pool_maxsize = $::os_service_default,
|
||||||
$domain_config_directory = '/etc/keystone/domains',
|
$memcache_pool_unused_timeout = $::os_service_default,
|
||||||
$keystone_user = $::keystone::params::keystone_user,
|
$memcache_pool_connection_get_timeout = $::os_service_default,
|
||||||
$keystone_group = $::keystone::params::keystone_group,
|
$policy_driver = $::os_service_default,
|
||||||
|
$using_domain_config = false,
|
||||||
|
$domain_config_directory = '/etc/keystone/domains',
|
||||||
|
$keystone_user = $::keystone::params::keystone_user,
|
||||||
|
$keystone_group = $::keystone::params::keystone_group,
|
||||||
# DEPRECATED PARAMETERS
|
# DEPRECATED PARAMETERS
|
||||||
$admin_workers = max($::processorcount, 2),
|
$admin_workers = max($::processorcount, 2),
|
||||||
$public_workers = max($::processorcount, 2),
|
$public_workers = max($::processorcount, 2),
|
||||||
) inherits keystone::params {
|
) inherits keystone::params {
|
||||||
|
|
||||||
include ::keystone::deps
|
include ::keystone::deps
|
||||||
@ -640,18 +671,6 @@ class keystone(
|
|||||||
warning('Version string /v2.0/ should not be included in keystone::public_endpoint')
|
warning('Version string /v2.0/ should not be included in keystone::public_endpoint')
|
||||||
}
|
}
|
||||||
|
|
||||||
if ! is_service_default($rabbit_use_ssl) and !$rabbit_use_ssl {
|
|
||||||
if ! is_service_default($kombu_ssl_ca_certs) and ($kombu_ssl_ca_certs) {
|
|
||||||
fail('The kombu_ssl_ca_certs parameter requires rabbit_use_ssl to be set to true')
|
|
||||||
}
|
|
||||||
if ! is_service_default($kombu_ssl_certfile) and ($kombu_ssl_certfile) {
|
|
||||||
fail('The kombu_ssl_certfile parameter requires rabbit_use_ssl to be set to true')
|
|
||||||
}
|
|
||||||
if ! is_service_default($kombu_ssl_keyfile) and ($kombu_ssl_keyfile) {
|
|
||||||
fail('The kombu_ssl_keyfile parameter requires rabbit_use_ssl to be set to true')
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
include ::keystone::db
|
include ::keystone::db
|
||||||
include ::keystone::params
|
include ::keystone::params
|
||||||
|
|
||||||
@ -741,15 +760,6 @@ class keystone(
|
|||||||
}
|
}
|
||||||
|
|
||||||
keystone_config {
|
keystone_config {
|
||||||
'cache/backend': value => $cache_backend;
|
|
||||||
'cache/backend_argument': value => join(any2array($cache_backend_argument), ',');
|
|
||||||
'cache/debug_cache_backend': value => $debug_cache_backend;
|
|
||||||
'cache/enabled': value => $cache_enabled_real;
|
|
||||||
'cache/memcache_dead_retry': value => $memcache_dead_retry;
|
|
||||||
'cache/memcache_pool_maxsize': value => $memcache_pool_maxsize;
|
|
||||||
'cache/memcache_pool_unused_timeout': value => $memcache_pool_unused_timeout;
|
|
||||||
'cache/memcache_servers': value => join(any2array($cache_memcache_servers_real), ',');
|
|
||||||
'cache/memcache_socket_timeout': value => $memcache_socket_timeout;
|
|
||||||
'memcache/dead_retry': value => $memcache_dead_retry;
|
'memcache/dead_retry': value => $memcache_dead_retry;
|
||||||
'memcache/pool_maxsize': value => $memcache_pool_maxsize;
|
'memcache/pool_maxsize': value => $memcache_pool_maxsize;
|
||||||
'memcache/pool_unused_timeout': value => $memcache_pool_unused_timeout;
|
'memcache/pool_unused_timeout': value => $memcache_pool_unused_timeout;
|
||||||
@ -758,6 +768,22 @@ class keystone(
|
|||||||
'token/caching': value => $token_caching;
|
'token/caching': value => $token_caching;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
oslo::cache { 'keystone_config':
|
||||||
|
config_prefix => $cache_config_prefix,
|
||||||
|
expiration_time => $cache_expiration_time,
|
||||||
|
backend => $cache_backend,
|
||||||
|
backend_argument => $cache_backend_argument,
|
||||||
|
proxies => $cache_proxies,
|
||||||
|
enabled => $cache_enabled_real,
|
||||||
|
debug_cache_backend => $debug_cache_backend,
|
||||||
|
memcache_servers => $cache_memcache_servers_real,
|
||||||
|
memcache_dead_retry => $memcache_dead_retry,
|
||||||
|
memcache_socket_timeout => $memcache_socket_timeout,
|
||||||
|
memcache_pool_maxsize => $memcache_pool_maxsize,
|
||||||
|
memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
|
||||||
|
memcache_pool_connection_get_timeout => $memcache_pool_connection_get_timeout,
|
||||||
|
}
|
||||||
|
|
||||||
# configure based on the catalog backend
|
# configure based on the catalog backend
|
||||||
if $catalog_driver {
|
if $catalog_driver {
|
||||||
$catalog_driver_real = $catalog_driver
|
$catalog_driver_real = $catalog_driver
|
||||||
@ -807,45 +833,33 @@ class keystone(
|
|||||||
keystone_config {
|
keystone_config {
|
||||||
'token/provider': value => $token_provider;
|
'token/provider': value => $token_provider;
|
||||||
'DEFAULT/max_token_size': value => $max_token_size;
|
'DEFAULT/max_token_size': value => $max_token_size;
|
||||||
'DEFAULT/notification_driver': value => $notification_driver;
|
|
||||||
'DEFAULT/notification_topics': value => $notification_topics;
|
|
||||||
'DEFAULT/notification_format': value => $notification_format;
|
'DEFAULT/notification_format': value => $notification_format;
|
||||||
'DEFAULT/control_exchange': value => $control_exchange;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if ! is_service_default($rabbit_hosts) and $rabbit_hosts {
|
oslo::messaging::default { 'keystone_config':
|
||||||
keystone_config {
|
control_exchange => $control_exchange,
|
||||||
'oslo_messaging_rabbit/rabbit_hosts': value => join($rabbit_hosts, ',');
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
keystone_config {
|
|
||||||
'oslo_messaging_rabbit/rabbit_host': value => $rabbit_host;
|
|
||||||
'oslo_messaging_rabbit/rabbit_port': value => $rabbit_port;
|
|
||||||
'oslo_messaging_rabbit/rabbit_hosts': ensure => absent;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if $rabbit_ha_queues != undef {
|
oslo::messaging::notifications { 'keystone_config':
|
||||||
keystone_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => $rabbit_ha_queues }
|
driver => $notification_driver,
|
||||||
} else {
|
topics => $notification_topics,
|
||||||
if ! is_service_default($rabbit_hosts) and $rabbit_hosts {
|
|
||||||
keystone_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => true }
|
|
||||||
} else {
|
|
||||||
keystone_config { 'oslo_messaging_rabbit/rabbit_ha_queues': value => false }
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
keystone_config {
|
oslo::messaging::rabbit { 'keystone_config':
|
||||||
'oslo_messaging_rabbit/rabbit_use_ssl': value => $rabbit_use_ssl;
|
kombu_ssl_version => $kombu_ssl_version,
|
||||||
'oslo_messaging_rabbit/rabbit_password': value => $rabbit_password, secret => true;
|
kombu_ssl_keyfile => $kombu_ssl_keyfile,
|
||||||
'oslo_messaging_rabbit/rabbit_userid': value => $rabbit_userid;
|
kombu_ssl_certfile => $kombu_ssl_certfile,
|
||||||
'oslo_messaging_rabbit/rabbit_virtual_host': value => $rabbit_virtual_host;
|
kombu_ssl_ca_certs => $kombu_ssl_ca_certs,
|
||||||
'oslo_messaging_rabbit/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold;
|
rabbit_host => $rabbit_host,
|
||||||
'oslo_messaging_rabbit/heartbeat_rate': value => $rabbit_heartbeat_rate;
|
rabbit_port => $rabbit_port,
|
||||||
'oslo_messaging_rabbit/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs;
|
rabbit_hosts => $rabbit_hosts,
|
||||||
'oslo_messaging_rabbit/kombu_ssl_certfile': value => $kombu_ssl_certfile;
|
rabbit_use_ssl => $rabbit_use_ssl,
|
||||||
'oslo_messaging_rabbit/kombu_ssl_keyfile': value => $kombu_ssl_keyfile;
|
rabbit_userid => $rabbit_userid,
|
||||||
'oslo_messaging_rabbit/kombu_ssl_version': value => $kombu_ssl_version;
|
rabbit_password => $rabbit_password,
|
||||||
|
rabbit_virtual_host => $rabbit_virtual_host,
|
||||||
|
rabbit_ha_queues => $rabbit_ha_queues,
|
||||||
|
heartbeat_timeout_threshold => $rabbit_heartbeat_timeout_threshold,
|
||||||
|
heartbeat_rate => $rabbit_heartbeat_rate,
|
||||||
}
|
}
|
||||||
|
|
||||||
keystone_config {
|
keystone_config {
|
||||||
|
@ -55,6 +55,11 @@
|
|||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s'
|
# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s'
|
||||||
#
|
#
|
||||||
|
# [*logging_user_identity_format*]
|
||||||
|
# (Optional) Defines the format string for %(user_identity)s that is used in logging_context_format_string.
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
# Example: '%(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s'
|
||||||
|
#
|
||||||
# [*log_config_append*]
|
# [*log_config_append*]
|
||||||
# The name of an additional logging configuration file.
|
# The name of an additional logging configuration file.
|
||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
@ -96,6 +101,12 @@
|
|||||||
# (optional) Format string for %%(asctime)s in log records.
|
# (optional) Format string for %%(asctime)s in log records.
|
||||||
# Defaults to $::os_service_default
|
# Defaults to $::os_service_default
|
||||||
# Example: 'Y-%m-%d %H:%M:%S'
|
# Example: 'Y-%m-%d %H:%M:%S'
|
||||||
|
#
|
||||||
|
# [*watch_log_file*]
|
||||||
|
# (Optional) Uses logging handler designed to watch file system (boolean value).
|
||||||
|
# Defaults to $::os_service_default
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
class keystone::logging(
|
class keystone::logging(
|
||||||
$use_syslog = $::os_service_default,
|
$use_syslog = $::os_service_default,
|
||||||
@ -109,6 +120,7 @@ class keystone::logging(
|
|||||||
$logging_default_format_string = $::os_service_default,
|
$logging_default_format_string = $::os_service_default,
|
||||||
$logging_debug_format_suffix = $::os_service_default,
|
$logging_debug_format_suffix = $::os_service_default,
|
||||||
$logging_exception_prefix = $::os_service_default,
|
$logging_exception_prefix = $::os_service_default,
|
||||||
|
$logging_user_identity_format = $::os_service_default,
|
||||||
$log_config_append = $::os_service_default,
|
$log_config_append = $::os_service_default,
|
||||||
$default_log_levels = $::os_service_default,
|
$default_log_levels = $::os_service_default,
|
||||||
$publish_errors = $::os_service_default,
|
$publish_errors = $::os_service_default,
|
||||||
@ -116,6 +128,7 @@ class keystone::logging(
|
|||||||
$instance_format = $::os_service_default,
|
$instance_format = $::os_service_default,
|
||||||
$instance_uuid_format = $::os_service_default,
|
$instance_uuid_format = $::os_service_default,
|
||||||
$log_date_format = $::os_service_default,
|
$log_date_format = $::os_service_default,
|
||||||
|
$watch_log_file = $::os_service_default,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
include ::keystone::deps
|
include ::keystone::deps
|
||||||
@ -130,31 +143,27 @@ class keystone::logging(
|
|||||||
$verbose_real = pick($::keystone::verbose,$verbose)
|
$verbose_real = pick($::keystone::verbose,$verbose)
|
||||||
$debug_real = pick($::keystone::debug,$debug)
|
$debug_real = pick($::keystone::debug,$debug)
|
||||||
|
|
||||||
if is_service_default($default_log_levels) {
|
oslo::log { 'keystone_config':
|
||||||
$default_log_levels_real = $default_log_levels
|
debug => $debug_real,
|
||||||
} else {
|
verbose => $verbose_real,
|
||||||
$default_log_levels_real = join(sort(join_keys_to_values($default_log_levels, '=')), ',')
|
log_config_append => $log_config_append,
|
||||||
}
|
log_date_format => $log_date_format,
|
||||||
|
log_file => $log_file_real,
|
||||||
keystone_config {
|
log_dir => $log_dir_real,
|
||||||
'DEFAULT/use_syslog' : value => $use_syslog_real;
|
watch_log_file => $watch_log_file,
|
||||||
'DEFAULT/use_stderr' : value => $use_stderr_real;
|
use_syslog => $use_syslog_real,
|
||||||
'DEFAULT/syslog_log_facility' : value => $log_facility_real;
|
syslog_log_facility => $log_facility_real,
|
||||||
'DEFAULT/log_dir' : value => $log_dir_real;
|
use_stderr => $use_stderr_real,
|
||||||
'DEFAULT/log_file': value => $log_file_real;
|
logging_context_format_string => $logging_context_format_string,
|
||||||
'DEFAULT/verbose' : value => $verbose_real;
|
logging_default_format_string => $logging_default_format_string,
|
||||||
'DEFAULT/debug' : value => $debug_real;
|
logging_debug_format_suffix => $logging_debug_format_suffix,
|
||||||
'DEFAULT/default_log_levels' : value => $default_log_levels_real;
|
logging_exception_prefix => $logging_exception_prefix,
|
||||||
'DEFAULT/logging_context_format_string' : value => $logging_context_format_string;
|
logging_user_identity_format => $logging_user_identity_format,
|
||||||
'DEFAULT/logging_default_format_string' : value => $logging_default_format_string;
|
default_log_levels => $default_log_levels,
|
||||||
'DEFAULT/logging_debug_format_suffix' : value => $logging_debug_format_suffix;
|
publish_errors => $publish_errors,
|
||||||
'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix;
|
instance_format => $instance_format,
|
||||||
'DEFAULT/log_config_append' : value => $log_config_append;
|
instance_uuid_format => $instance_uuid_format,
|
||||||
'DEFAULT/publish_errors' : value => $publish_errors;
|
fatal_deprecations => $fatal_deprecations,
|
||||||
'DEFAULT/fatal_deprecations' : value => $fatal_deprecations;
|
|
||||||
'DEFAULT/instance_format' : value => $instance_format;
|
|
||||||
'DEFAULT/instance_uuid_format' : value => $instance_uuid_format;
|
|
||||||
'DEFAULT/log_date_format' : value => $log_date_format;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -12,8 +12,6 @@ class keystone::params {
|
|||||||
$keystone_wsgi_script_path = '/usr/lib/cgi-bin/keystone'
|
$keystone_wsgi_script_path = '/usr/lib/cgi-bin/keystone'
|
||||||
$keystone_wsgi_script_source = '/usr/share/keystone/wsgi.py'
|
$keystone_wsgi_script_source = '/usr/share/keystone/wsgi.py'
|
||||||
$python_memcache_package_name = 'python-memcache'
|
$python_memcache_package_name = 'python-memcache'
|
||||||
$sqlite_package_name = 'python-pysqlite2'
|
|
||||||
$pymysql_package_name = 'python-pymysql'
|
|
||||||
$mellon_package_name = 'libapache2-mod-auth-mellon'
|
$mellon_package_name = 'libapache2-mod-auth-mellon'
|
||||||
case $::operatingsystem {
|
case $::operatingsystem {
|
||||||
'Debian': {
|
'Debian': {
|
||||||
@ -29,10 +27,8 @@ class keystone::params {
|
|||||||
$service_name = 'openstack-keystone'
|
$service_name = 'openstack-keystone'
|
||||||
$keystone_wsgi_script_path = '/var/www/cgi-bin/keystone'
|
$keystone_wsgi_script_path = '/var/www/cgi-bin/keystone'
|
||||||
$python_memcache_package_name = 'python-memcached'
|
$python_memcache_package_name = 'python-memcached'
|
||||||
$sqlite_package_name = undef
|
|
||||||
$service_provider = undef
|
$service_provider = undef
|
||||||
$keystone_wsgi_script_source = '/usr/share/keystone/keystone.wsgi'
|
$keystone_wsgi_script_source = '/usr/share/keystone/keystone.wsgi'
|
||||||
$pymysql_package_name = undef
|
|
||||||
$mellon_package_name = 'mod_auth_mellon'
|
$mellon_package_name = 'mod_auth_mellon'
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -37,5 +37,5 @@ class keystone::policy (
|
|||||||
}
|
}
|
||||||
|
|
||||||
create_resources('openstacklib::policy::base', $policies)
|
create_resources('openstacklib::policy::base', $policies)
|
||||||
|
oslo::policy { 'keystone_config': policy_file => $policy_path }
|
||||||
}
|
}
|
||||||
|
@ -34,6 +34,7 @@
|
|||||||
{ "name": "puppetlabs/apache", "version_requirement": ">=1.2.0 <2.0.0" },
|
{ "name": "puppetlabs/apache", "version_requirement": ">=1.2.0 <2.0.0" },
|
||||||
{ "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" },
|
{ "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" },
|
||||||
{ "name": "puppetlabs/stdlib", "version_requirement": ">=4.0.0 <5.0.0" },
|
{ "name": "puppetlabs/stdlib", "version_requirement": ">=4.0.0 <5.0.0" },
|
||||||
{ "name": "openstack/openstacklib", "version_requirement": ">=8.0.0 <9.0.0 " }
|
{ "name": "openstack/openstacklib", "version_requirement": ">=8.0.0 <9.0.0 " },
|
||||||
|
{ "name": "openstack/puppet-oslo", "version_requirement": "<9.0.0 " }
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
4
releasenotes/notes/switch_to_oslo-b7caf6d5906e29dc.yaml
Normal file
4
releasenotes/notes/switch_to_oslo-b7caf6d5906e29dc.yaml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
---
|
||||||
|
features:
|
||||||
|
- Switch to puppet-oslo resource usage (instead of
|
||||||
|
manual configuration file editing).
|
@ -89,10 +89,10 @@ describe 'keystone::db' do
|
|||||||
end
|
end
|
||||||
|
|
||||||
it 'install the proper backend package' do
|
it 'install the proper backend package' do
|
||||||
is_expected.to contain_package('keystone-backend-package').with(
|
is_expected.to contain_package('db_backend_package').with(
|
||||||
:ensure => 'present',
|
:ensure => 'present',
|
||||||
:name => 'python-pymysql',
|
:name => 'python-pymysql',
|
||||||
:tag => ['openstack', 'keystone-package']
|
:tag => ['openstack']
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
@ -111,7 +111,7 @@ describe 'keystone::db' do
|
|||||||
let :params do
|
let :params do
|
||||||
{ :database_connection => 'mysql+pymysql://keystone:keystone@localhost/keystone', }
|
{ :database_connection => 'mysql+pymysql://keystone:keystone@localhost/keystone', }
|
||||||
end
|
end
|
||||||
it { is_expected.not_to contain_package('keystone-backend-package') }
|
it { is_expected.not_to contain_package('db_backend_package') }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -20,6 +20,7 @@ describe 'keystone::policy' do
|
|||||||
:key => 'context_is_admin',
|
:key => 'context_is_admin',
|
||||||
:value => 'foo:bar'
|
:value => 'foo:bar'
|
||||||
})
|
})
|
||||||
|
is_expected.to contain_keystone_config('oslo_policy/policy_file').with_value('/etc/keystone/policy.json')
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -237,7 +237,7 @@ describe 'keystone' do
|
|||||||
if param_hash['rabbit_ha_queues']
|
if param_hash['rabbit_ha_queues']
|
||||||
is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(param_hash['rabbit_ha_queues'])
|
is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(param_hash['rabbit_ha_queues'])
|
||||||
else
|
else
|
||||||
is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value(false)
|
is_expected.to contain_keystone_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('<SERVICE DEFAULT>')
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
@ -635,7 +635,6 @@ describe 'keystone' do
|
|||||||
it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER3:11211,SERVER4:11211') }
|
it { is_expected.to contain_keystone_config('cache/memcache_servers').with_value('SERVER3:11211,SERVER4:11211') }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
describe 'do not configure memcache servers when not set' do
|
describe 'do not configure memcache servers when not set' do
|
||||||
let :params do
|
let :params do
|
||||||
default_params
|
default_params
|
||||||
@ -691,8 +690,8 @@ describe 'keystone' do
|
|||||||
default_params
|
default_params
|
||||||
end
|
end
|
||||||
|
|
||||||
it { is_expected.to contain_keystone_config('DEFAULT/notification_driver').with_value('<SERVICE DEFAULT>') }
|
it { is_expected.to contain_keystone_config('oslo_messaging_notifications/driver').with_value('<SERVICE DEFAULT>') }
|
||||||
it { is_expected.to contain_keystone_config('DEFAULT/notification_topics').with_value('<SERVICE DEFAULT>') }
|
it { is_expected.to contain_keystone_config('oslo_messaging_notifications/topics').with_value('<SERVICE DEFAULT>') }
|
||||||
it { is_expected.to contain_keystone_config('DEFAULT/notification_format').with_value('<SERVICE DEFAULT>') }
|
it { is_expected.to contain_keystone_config('DEFAULT/notification_format').with_value('<SERVICE DEFAULT>') }
|
||||||
it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_value('<SERVICE DEFAULT>') }
|
it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_value('<SERVICE DEFAULT>') }
|
||||||
end
|
end
|
||||||
@ -748,15 +747,15 @@ describe 'keystone' do
|
|||||||
describe 'setting notification settings' do
|
describe 'setting notification settings' do
|
||||||
let :params do
|
let :params do
|
||||||
default_params.merge({
|
default_params.merge({
|
||||||
:notification_driver => 'keystone.openstack.common.notifier.rpc_notifier',
|
:notification_driver => ['keystone.openstack.common.notifier.rpc_notifier'],
|
||||||
:notification_topics => 'notifications',
|
:notification_topics => ['notifications'],
|
||||||
:notification_format => 'cadf',
|
:notification_format => 'cadf',
|
||||||
:control_exchange => 'keystone'
|
:control_exchange => 'keystone'
|
||||||
})
|
})
|
||||||
end
|
end
|
||||||
|
|
||||||
it { is_expected.to contain_keystone_config('DEFAULT/notification_driver').with_value('keystone.openstack.common.notifier.rpc_notifier') }
|
it { is_expected.to contain_keystone_config('oslo_messaging_notifications/driver').with_value('keystone.openstack.common.notifier.rpc_notifier') }
|
||||||
it { is_expected.to contain_keystone_config('DEFAULT/notification_topics').with_value('notifications') }
|
it { is_expected.to contain_keystone_config('oslo_messaging_notifications/topics').with_value('notifications') }
|
||||||
it { is_expected.to contain_keystone_config('DEFAULT/notification_format').with_value('cadf') }
|
it { is_expected.to contain_keystone_config('DEFAULT/notification_format').with_value('cadf') }
|
||||||
it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_value('keystone') }
|
it { is_expected.to contain_keystone_config('DEFAULT/control_exchange').with_value('keystone') }
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user