ec8e0452b6
If puppet compiles catalog with openrc being created before the keystone service and keystone endpoint is created it will result in an empty service catalog. This change adds a dependency to ensure they're created before openrc. Change-Id: I2bac57898ae645ae578ed55d620c89b7c0dcb3d1 Closes-Bug: 1559292
115 lines
3.5 KiB
Puppet
115 lines
3.5 KiB
Puppet
# == Class: keystone::endpoint
|
|
#
|
|
# Creates the auth endpoints for keystone
|
|
#
|
|
# === Parameters
|
|
#
|
|
# [*public_url*]
|
|
# (optional) Public url for keystone endpoint.
|
|
# Defaults to 'http://127.0.0.1:5000'
|
|
# This url should *not* contain any version or trailing '/'.
|
|
#
|
|
# [*internal_url*]
|
|
# (optional) Internal url for keystone endpoint.
|
|
# Defaults to $public_url
|
|
# This url should *not* contain any version or trailing '/'.
|
|
#
|
|
# [*admin_url*]
|
|
# (optional) Admin url for keystone endpoint.
|
|
# Defaults to 'http://127.0.0.1:35357'
|
|
# This url should *not* contain any version or trailing '/'.
|
|
#
|
|
# [*region*]
|
|
# (optional) Region for endpoint. (Defaults to 'RegionOne')
|
|
#
|
|
# [*user_domain*]
|
|
# (Optional) Domain for $auth_name
|
|
# Defaults to undef (use the keystone server default domain)
|
|
#
|
|
# [*project_domain*]
|
|
# (Optional) Domain for $tenant (project)
|
|
# Defaults to undef (use the keystone server default domain)
|
|
#
|
|
# [*default_domain*]
|
|
# (Optional) Domain for $auth_name and $tenant (project)
|
|
# If keystone_user_domain is not specified, use $keystone_default_domain
|
|
# If keystone_project_domain is not specified, use $keystone_default_domain
|
|
# Defaults to undef
|
|
#
|
|
# [*version*]
|
|
# (optional) API version for endpoint.
|
|
# Defaults to 'v2.0'. Valid values are 'v2.0', 'v3', or the empty string ''.
|
|
# If the version is set to the empty string (''), then it won't be
|
|
# used. This is the expected behaviour since Keystone V3 handles API versions
|
|
# from the context.
|
|
#
|
|
# === Examples
|
|
#
|
|
# class { 'keystone::endpoint':
|
|
# public_url => 'https://154.10.10.23:5000',
|
|
# internal_url => 'https://11.0.1.7:5000',
|
|
# admin_url => 'https://10.0.1.7:35357',
|
|
# }
|
|
#
|
|
class keystone::endpoint (
|
|
$public_url = 'http://127.0.0.1:5000',
|
|
$internal_url = undef,
|
|
$admin_url = 'http://127.0.0.1:35357',
|
|
$region = 'RegionOne',
|
|
$user_domain = undef,
|
|
$project_domain = undef,
|
|
$default_domain = undef,
|
|
$version = 'unset', # defaults to 'v2.0' if unset by user
|
|
) {
|
|
|
|
include ::keystone::deps
|
|
|
|
if $version == 'unset' {
|
|
# $version will be set to empty '' once tempest & all openstack clients
|
|
# actually support versionless endpoints.
|
|
# See ongoing work in Tempest:
|
|
# https://review.openstack.org/#/q/status:open+project:openstack/tempest-lib+branch:master+topic:bug/1530181
|
|
# Until that, we need to set a version by default.
|
|
$_version = 'v2.0'
|
|
} else {
|
|
$_version = $version
|
|
}
|
|
if empty($_version) {
|
|
$admin_url_real = $admin_url
|
|
$public_url_real = $public_url
|
|
|
|
if $internal_url {
|
|
$internal_url_real = $internal_url
|
|
}
|
|
else {
|
|
$internal_url_real = $public_url
|
|
}
|
|
}
|
|
else {
|
|
$public_url_real = "${public_url}/${_version}"
|
|
$admin_url_real = "${admin_url}/${_version}"
|
|
|
|
if $internal_url {
|
|
$internal_url_real = "${internal_url}/${_version}"
|
|
}
|
|
else {
|
|
$internal_url_real = "${public_url}/${_version}"
|
|
}
|
|
}
|
|
|
|
keystone::resource::service_identity { 'keystone':
|
|
configure_user => false,
|
|
configure_user_role => false,
|
|
service_type => 'identity',
|
|
service_description => 'OpenStack Identity Service',
|
|
public_url => $public_url_real,
|
|
admin_url => $admin_url_real,
|
|
internal_url => $internal_url_real,
|
|
region => $region,
|
|
user_domain => $user_domain,
|
|
project_domain => $project_domain,
|
|
default_domain => $default_domain,
|
|
}
|
|
Keystone::Resource::Service_identity['keystone'] -> File<| tag == 'openrc' |>
|
|
}
|