... and migrate it to openstacklib so that all logics about database
configuration are implemented in one common place.
Depends-on: https://review.opendev.org/#/c/728595/
Change-Id: Ie564c3ae6023a36f317b963872059509754970e5
This changes all the puppet 3 validate_* functions
to use the validate_legacy function.
The validate_legacy function has been available since
about three years but require Puppet >= 4.4.0 and since
there is Puppet 4.10.12 as latest we should assume people
are running a fairly new Puppet 4 version.
This is the first step to then remove all validate function
calls and use proper types for parameter as described in spec [1].
[1] https://review.openstack.org/#/c/568929/
Depends-On: https://review.openstack.org/#/c/639215/
Change-Id: Idd720f18893bea0ec1d26859e0a6907a5daa8980
Make sure documentation is the same and follow
the standard which we are trying to enforce on
all modules.
Change-Id: I215f28f4ce417a3c098cbf4be21967b2ed4013bb
In order to make easy orchestration on all OpenStack db-sync, add this
tag so people can use this tag in composition layer.
A use case it to set some orchestration to make sure MySQL Galera is
ready before running any Exec with this tag.
Change-Id: Icd2700fe8c27a647dab8d91a4f9c20eda930b4e1
Closes-Bug: #1755102
If db sync fails, it is never retried leading to errors. So, this
patch adds retries for db_sync to avoid sync fails.
Change-Id: Ia9d09515435618624919ad715ffa3df833a50a7a
Closes-Bug: #1628580
* perform all keystone-manage commands only as keystone user
* as it possible to override keystone user in init class
we should also have an ability to override it in db::sync class
* ensure that fernet key directory is created before fernet
setup command and it's owned by keystone user
Closes-bug: #1604884
Change-Id: Ib90d8e2259b9a650a2edb5f0baf0e68451b9abf6
This code moves all deps to an external class so that Keystone can be
installed with mechanisms besides packages (like venv or docker). This
also cleans-up the dependency tree by removing false or confusing
dependencies.
Change-Id: If69cd7cba267f75faad51fdbc80a58b24d2095d8
Co-Author: Clayton O'Neill <clayton.oneill@twcable.com>
This patch is a squash between:
* I35187a857ae6e67b301d62e30525eaab75707161
* I30d759697ed42dc35f8df8e231c9e012d2762894
It entirely drops the usage of User resource dependency.
Note: since beaker jobs were failing with sepeparated patches, we
decided to use one patchset so Beaker job can pass the CI.
Change-Id: Id69eca0ce73ba7c16aca939821234717618f5ec4
Closes-bug: #1458915
Co-Authored-By: Drew Fisher <drew.fisher@oracle.com>
Add $extra_params parameter to keystone::db::sync class to allow
end-users to add command line parameters to the db_sync command.
Change-Id: I3965a4d0d4974e7ee925c99207d4d6d4510a517f
Closes-bug: 1472740
Un-pin puppet-lint gem and add puppet-lint-param-docs, this commit also
add missing puppetdoc and fixes lint issues.
Change-Id: I1eefc743c68c75eb54a65b3cc539922ef3a3b04d
Let migrate to the new openstacklib::db::postgresql helper for
postgresql backend. This commit also unpin postgresql fixture
(openstacklib support now the latest version of postgre module).
Change-Id: If748f8ff57d8aece1b4050bc4b841495088b2972
Implements: blueprint commmon-openstack-database-resource
When using version >= 2.2 of the MySQL module, setting up
the database for Keystone depended on the MySQL service
(Service['mysqld']). However, if the service is not managed
by Puppet (e.g. it is managed through Pacemaker instead),
this would cause catalog compilation to fail because there
is no Service['mysqld']. This is the case when the MySQL
module is called with service_manage => false. Requiring
Class['mysql::server'] instead fixes this.
Change-Id: Ia1b34051dd6e4fc0916ac788d6027c1f987418a8
Closes-Bug: 1349316
Version 2.2+ of the puppetlabs-mysql moudule starts the MySQL database
with the Service resource name mysqld [1]. The puppet-keystone module
lists a requirement for a Service resource with name mysql. This will
lead to an undefined resource error.
This patch corrects the dependency.
[1] https://github.com/puppetlabs/puppetlabs-mysql/blob/master/manifests/server/service.pp#L15
Change-Id: I2165b2c0529c0ecd9e9ba9853f3d15d5f86b0135
In Icehouse, the [sql] section in keystone.conf has been replaced with
a section called [database] instead to improve consistency across projects.
This patch modifies the puppet-keystone module so that it populates
the [database] section instead of the [sql] section.
Change-Id: I452601cc41d57a78b3390e9516b0b0bef44ceb19
Closes-Bug: #1308861
The keystone::db::mysql resource declares resources using
`$real_allowed_hosts` which is a copy of `$allowed_hosts` minus `$host`.
But then it declares dependencies using `$allowed_hosts` which includes
`$host` and will fail catalog compilation due to a missing dependency
This bug only affects users if the value of `$host` is included in the
array of `$allowed_hosts`
Change-Id: Ifdd8793bcf36178efd1a083ee35649d56dc3d768
Puppetlabs-mysql has been rewritten to be much
cleaner. This patch adds a new parameter for the
keystone mysql and init classes allowing users to
use the new version. Previous behavior will continue
as normal when using the old version (0.9)
Change-Id: Idf7c46d9aab8db7cca7d8377431c60b24ae4c9c6
Closes-bug: #1266241
This will decouple allowing for additions, like the apache wsgi
patch, so it can be included or triggered elsewhere.
Original author is François Charlier<francois.charlier@enovance.com>
Change-Id: I9ae544d58034ca30ddb0a4c616ff794ccd432d7f
The current default db username for keystone is
keystone_admin. This is inconsistent with the default
db username for every other service which use the
same name as the name of the service.
The documented installation instruction for keystone
also use keystone as the database user.
This commit updates the default to use keystone instead of
keyston_admin.
Change-Id: I1cfaf3fbbc691ff9dbef415b69492f9f965dc113
Puppet-lint will now fail if there is any warnings.
Disable 'class_inherits_from_params_class' check.
Change-Id: Ia1d7fa5109178f040b00abcdb3f7d84c4bdf58b4
In the origin keystone::db::mysql, if the value of $allowed_hosts
contains or equals to $host, then puppet will complain duplicate
declaration error. This patch is aim to update the allowed_hosts
conditonal statement in keystone::db::mysql.
There are two cases to pass $allowed_hosts to $real_allowed_hosts:
- If $allowed_hosts is array,then remove $host from $allowed_hosts;
- elsif $allowed_hosts is string and not equivalent to $host;
At last, if $real_allowed_hosts is not undef, then run
keystone::db::mysql::host_access
Fix bug 1206444
Change-Id: I8701aea9344a9151ce3d7ac8fa5792895a5aac6c
Previously, the db::mysql class required mysql::server. This is
unnecessary since the mysql::db define requires the mysql::config
class for db creattion. Additionally, this prevents users from
using a different class such as galera::server to manage
the database.
Change-Id: Ifb0fa261f9f5921cf9fe5b309decceab608d4726
* Fixes following warnings:
* indentation of => is not properly aligned
* string containing only a variable
* Fixes following errors:
* tab character found
* two-space soft tabs not used
* Remove quotes around class in include/require statements
Change-Id: I7e17d9153d413792e32f9d7c430dfbd37852ba51
Adds missing tests on the keystone::db::postgresql class. Also,
removes some unsupported options from the class.
Change-Id: Ifab6d06dcd388df07cc9cc06bb8e938d3af90c62
Since keystone can use different databases, it makes
sense to move the mysql classes to db::mysql. This way
there is a clear standard for where other DB implementations
should be located.
This commit moves keystone::mysql to keystone::db::mysql
and keystone::mysql::access to keystone::db::mysql::host_access.
