openstack/puppet-keystone
Code Issues Proposed changes
OpenStack Keystone Puppet Module
46 Commits 9 Branches 38 Tags 25 MiB
Ruby 64.6%
Puppet 32.3%
Python 1.6%
HTML 1.4%
fa7e3a87fc
Go to file
Dan Bode fa7e3a87fc Add inline docs and comments
2012-04-06 16:10:09 -07:00
examples Fix Mysql support 2012-04-06 09:14:40 -07:00
ext Add test code 2012-03-29 14:41:57 -07:00
lib/puppet Use admin token from keystone config 2012-04-06 23:19:05 +02:00
manifests Add inline docs and comments 2012-04-06 16:10:09 -07:00
spec Improve spec test coverage 2012-04-05 20:43:43 -07:00
templates Fix sql section name for keystone.conf template 2012-04-05 23:40:41 -07:00
Rakefile saving my work (not even the initial commit) 2012-01-02 15:39:23 -08:00
README.markdown Update README 2012-04-05 15:45:49 -07:00

README.markdown

Overview

The module contains a collection of manifests and native types that are capable of installing/managing/configuring Keystone.

Keystone is the Identity service for OpenStack.

Tested use cases

This module has been tested against the dev version of Ubuntu Precise.

It has only currently been tested as a single node installation of keystone.

It is currently targetting essex support and is being actively developed against packaging that are built off of trunk.

Dependencies:

This module has relatively few dependencies:

https://github.com/puppetlabs/puppet-concat

if used on Ubuntu

https://github.com/puppetlabs/puppet-apt

if using mysql as a backend

https://github.com/puppetlabs/puppetlabs-mysql

Usage

Manifests

class keystone

The keystone class sets up the basic configuration for the keystone service.

It must be used together with a class that expresses the db backend to use:

for example:

class { 'keystone':
  log_verbose => 'True',
  service_token => 'my_secret_token'
}

needs to be configured to use a backend database with either:

class { 'keystone::config::sqlite': }

or

class { 'keystone::config::mysql':
  password => 'keystone',
}

setting up a keystone mysql db

a keystone mysql database can be configured separately from the service.

If you need to actually install a mysql database server, you can use the mysql::server class from the puppetlabs mysql module

# check out the mysql module's README to learn more about
# how to more appropriately configure a server
class { 'mysql::server': }

class { 'keystone::mysql':
  dbname   => 'keystone',
  user     => 'keystone',
  password => 'keystone_password',
}

Native Types

The Puppet support for keystone also includes native types that can be used to manage the following keystone objects:

- keystone_tenant
- keystone_user
- keystone_role
- keystone_user_role
- keystone_service
- keystone_endpoint

These types will only work on an actualy keystone node (and they read keystone.conf to figure out the admin port and admin token, which is kind of hacky, but the best way I could think of.)

examples

keystone_tenant { 'openstack': ensure => present, enabled => 'True', } keystone_user { 'openstack': ensure => present, enabled => 'True' } keystone_role { 'admin': ensure => present, } keystone_user_role { 'admin@openstack': roles => ['admin', 'superawesomedue'], ensure => present }

puppet resource

These native types also allow for some interesting introspection using puppet resource

To list all of the objects of a certain type in the keystone database, you can run:

puppet resource

For example:

puppet resource keystone_tenant

would list all know keystone tenants for a given keystone instance.