diff --git a/manifests/cell_v2/discover_hosts.pp b/manifests/cell_v2/discover_hosts.pp index ef69c0ae6..9b44f1bd5 100644 --- a/manifests/cell_v2/discover_hosts.pp +++ b/manifests/cell_v2/discover_hosts.pp @@ -18,7 +18,7 @@ class nova::cell_v2::discover_hosts ( exec { 'nova-cell_v2-discover_hosts': path => ['/bin', '/usr/bin'], command => "nova-manage ${extra_params} cell_v2 discover_hosts", - user => $::nova::params::nova_user, + user => $::nova::params::user, refreshonly => true, subscribe => Anchor['nova::service::end'] } diff --git a/manifests/cell_v2/map_cell0.pp b/manifests/cell_v2/map_cell0.pp index db0dcaa68..12a55c910 100644 --- a/manifests/cell_v2/map_cell0.pp +++ b/manifests/cell_v2/map_cell0.pp @@ -21,7 +21,7 @@ class nova::cell_v2::map_cell0 ( exec { 'nova-cell_v2-map_cell0': path => ['/bin', '/usr/bin'], command => "nova-manage ${extra_params} cell_v2 map_cell0", - user => $::nova::params::nova_user, + user => $::nova::params::user, refreshonly => true, logoutput => on_failure, subscribe => Anchor['nova::cell_v2::begin'], diff --git a/manifests/cell_v2/map_cell_and_hosts.pp b/manifests/cell_v2/map_cell_and_hosts.pp index 0040eadd3..1bfc1293b 100644 --- a/manifests/cell_v2/map_cell_and_hosts.pp +++ b/manifests/cell_v2/map_cell_and_hosts.pp @@ -18,7 +18,7 @@ class nova::cell_v2::map_cell_and_hosts ( exec { 'nova-cell_v2-map_cell_and_hosts': path => ['/bin', '/usr/bin'], command => "nova-manage ${extra_params} cell_v2 map_cell_and_hosts", - user => $::nova::params::nova_user, + user => $::nova::params::user, refreshonly => true, } } diff --git a/manifests/cell_v2/map_instances.pp b/manifests/cell_v2/map_instances.pp index 578c69f65..866f73dbe 100644 --- a/manifests/cell_v2/map_instances.pp +++ b/manifests/cell_v2/map_instances.pp @@ -43,7 +43,7 @@ class nova::cell_v2::map_instances ( exec { 'nova-cell_v2-map_instances': path => ['/bin', '/usr/bin'], command => "nova-manage ${extra_params} cell_v2 map_instances --cell_uuid=${cell_uuid_real}", - user => $::nova::params::nova_user, + user => $::nova::params::user, refreshonly => true, } } diff --git a/manifests/compute/provider.pp b/manifests/compute/provider.pp index 38af39060..e709748c8 100644 --- a/manifests/compute/provider.pp +++ b/manifests/compute/provider.pp @@ -83,8 +83,8 @@ class nova::compute::provider ( file { "${config_location}": ensure => directory, mode => '0750', - owner => $::nova::params::nova_user, - group => $::nova::params::nova_group, + owner => $::nova::params::user, + group => $::nova::params::group, require => Anchor['nova::config::begin'], before => Anchor['nova::config::end'], } @@ -93,8 +93,8 @@ class nova::compute::provider ( file { "${config_location}/${config_file}": ensure => file, mode => '0640', - owner => $::nova::params::nova_user, - group => $::nova::params::nova_group, + owner => $::nova::params::user, + group => $::nova::params::group, content => template('nova/provider.yaml.erb'), require => Anchor['nova::config::begin'], } diff --git a/manifests/cron/archive_deleted_rows.pp b/manifests/cron/archive_deleted_rows.pp index cb691c43c..578201643 100644 --- a/manifests/cron/archive_deleted_rows.pp +++ b/manifests/cron/archive_deleted_rows.pp @@ -43,8 +43,7 @@ # # [*user*] # (optional) User with access to nova files. -# nova::params::nova_user will be used if this is undef. -# Defaults to undef. +# Defaults to $::nova::params::user. # # [*destination*] # (optional) Path to file to which rows should be archived @@ -96,7 +95,7 @@ class nova::cron::archive_deleted_rows ( $month = '*', $weekday = '*', $max_rows = '100', - $user = undef, + $user = $::nova::params::user, $destination = '/var/log/nova/nova-rowsflush.log', $until_complete = false, $purge = false, @@ -106,10 +105,9 @@ class nova::cron::archive_deleted_rows ( $sleep = undef, $verbose = false, $maxdelay = 0, -) { +) inherits nova::params { include nova::deps - include nova::params if $until_complete { $until_complete_real = ' --until-complete' @@ -171,7 +169,7 @@ class nova::cron::archive_deleted_rows ( command => "${delay_cmd}${cron_cmd}${purge_real} --max_rows ${max_rows}${verbose_real}${age_real}${until_complete_real}${all_cells_real}${task_log_real}${sleep_real} >>${destination} 2>&1", # lint:endignore environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - user => pick($user, $::nova::params::nova_user), + user => $user, minute => $minute, hour => $hour, monthday => $monthday, diff --git a/manifests/cron/purge_shadow_tables.pp b/manifests/cron/purge_shadow_tables.pp index 11f20086d..4e67a7f36 100644 --- a/manifests/cron/purge_shadow_tables.pp +++ b/manifests/cron/purge_shadow_tables.pp @@ -36,8 +36,7 @@ # # [*user*] # (optional) User with access to nova files. -# nova::params::nova_user will be used if this is undef. -# Defaults to undef. +# Defaults to $::nova::params::user. # # [*destination*] # (optional) Path to file to which rows should be archived @@ -68,13 +67,13 @@ class nova::cron::purge_shadow_tables ( $monthday = '*', $month = '*', $weekday = '*', - $user = undef, + $user = $::nova::params::user, $destination = '/var/log/nova/nova-rowspurge.log', $age = 14, $all_cells = false, $verbose = false, $maxdelay = 0, -) { +) inherits nova::params { include nova::deps include nova::params @@ -106,7 +105,7 @@ class nova::cron::purge_shadow_tables ( command => "${delay_cmd}${cron_cmd} --before `date --date='today - ${age} days' +\\%D`${verbose_real}${all_cells_real} >>${destination} 2>&1", # lint:endignore environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', - user => pick($user, $::nova::params::nova_user), + user => $user, minute => $minute, hour => $hour, monthday => $monthday, diff --git a/manifests/db/online_data_migrations.pp b/manifests/db/online_data_migrations.pp index 018df64c6..f3afea482 100644 --- a/manifests/db/online_data_migrations.pp +++ b/manifests/db/online_data_migrations.pp @@ -23,7 +23,7 @@ class nova::db::online_data_migrations( exec { 'nova-db-online-data-migrations': command => "/usr/bin/nova-manage ${extra_params} db online_data_migrations", - user => $::nova::params::nova_user, + user => $::nova::params::user, refreshonly => true, try_sleep => 5, tries => 10, diff --git a/manifests/db/sync.pp b/manifests/db/sync.pp index b0c1b1b88..410af94f6 100644 --- a/manifests/db/sync.pp +++ b/manifests/db/sync.pp @@ -23,7 +23,7 @@ class nova::db::sync( exec { 'nova-db-sync': command => "/usr/bin/nova-manage ${extra_params} db sync", - user => $::nova::params::nova_user, + user => $::nova::params::user, refreshonly => true, try_sleep => 5, tries => 10, diff --git a/manifests/db/sync_api.pp b/manifests/db/sync_api.pp index 3b039a0dd..bb5f53fbb 100644 --- a/manifests/db/sync_api.pp +++ b/manifests/db/sync_api.pp @@ -32,7 +32,7 @@ class nova::db::sync_api( exec { 'nova-db-sync-api': command => "/usr/bin/nova-manage ${extra_params} api_db sync", - user => $::nova::params::nova_user, + user => $::nova::params::user, refreshonly => true, try_sleep => 5, tries => 10, diff --git a/manifests/init.pp b/manifests/init.pp index 0a626da5d..69860af72 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -534,8 +534,8 @@ Use nova::cinder::cross_az_attach instead.') file { '/var/lib/nova/.ssh': ensure => directory, mode => '0700', - owner => $::nova::params::nova_user, - group => $::nova::params::nova_group, + owner => $::nova::params::user, + group => $::nova::params::group, require => Anchor['nova::config::begin'], before => Anchor['nova::config::end'], } @@ -549,7 +549,7 @@ Use nova::cinder::cross_az_attach instead.') ensure => present, key => $nova_public_key['key'], type => $nova_public_key['type'], - user => 'nova', + user => $::nova::params::user, require => File['/var/lib/nova/.ssh'], } } @@ -574,8 +574,8 @@ but should be one of: ssh-rsa, ssh-dsa, ssh-ecdsa.") file { $nova_private_key_file: content => $nova_private_key[key], mode => '0600', - owner => $::nova::params::nova_user, - group => $::nova::params::nova_group, + owner => $::nova::params::user, + group => $::nova::params::group, require => File['/var/lib/nova/.ssh'], } } diff --git a/manifests/logging.pp b/manifests/logging.pp index b7e8a85a0..38e0c9159 100644 --- a/manifests/logging.pp +++ b/manifests/logging.pp @@ -131,8 +131,8 @@ class nova::logging( # This should force an update the selinux role if the logfile exists. # It will be incorrect if the file was created by the dbsync exec resources. file { "${log_dir}/nova-manage.log": - owner => $::nova::params::nova_user, - group => $::nova::params::nova_group, + owner => $::nova::params::user, + group => $::nova::params::group, require => Anchor['nova::service::end'] } } diff --git a/manifests/params.pp b/manifests/params.pp index 49bce7def..c5c23cc18 100644 --- a/manifests/params.pp +++ b/manifests/params.pp @@ -6,8 +6,13 @@ class nova::params { include openstacklib::defaults $client_package = 'python3-novaclient' + $user = 'nova' $group = 'nova' + # NOTE(tkajinam) These are kept for backword compatibility + $nova_user = $user + $nova_group = $group + case $::osfamily { 'RedHat': { # package names @@ -57,8 +62,6 @@ class nova::params { $nova_api_wsgi_script_source = '/usr/bin/nova-api-wsgi' $nova_metadata_wsgi_script_source = '/usr/bin/nova-metadata-wsgi' $messagebus_service_name = 'dbus' - $nova_user = 'nova' - $nova_group = 'nova' if $::operatingsystemmajrelease >= '9' { $mkisofs_package_name = 'xorriso' $mkisofs_cmd = 'mkisofs' @@ -133,8 +136,6 @@ class nova::params { } } $libvirt_service_name = 'libvirtd' - $nova_user = 'nova' - $nova_group = 'nova' } default: { fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, \ diff --git a/manifests/wsgi/apache_api.pp b/manifests/wsgi/apache_api.pp index 3cf0460fd..48651a870 100644 --- a/manifests/wsgi/apache_api.pp +++ b/manifests/wsgi/apache_api.pp @@ -143,7 +143,7 @@ class nova::wsgi::apache_api ( ::openstacklib::wsgi::apache { 'nova_api_wsgi': bind_host => $bind_host, bind_port => $api_port, - group => 'nova', + group => $::nova::params::group, path => $path, priority => $priority, servername => $servername, @@ -156,7 +156,7 @@ class nova::wsgi::apache_api ( ssl_crl_path => $ssl_crl_path, ssl_key => $ssl_key, threads => $threads, - user => 'nova', + user => $::nova::params::user, vhost_custom_fragment => $vhost_custom_fragment, workers => $workers, wsgi_daemon_process => 'nova-api', diff --git a/manifests/wsgi/apache_metadata.pp b/manifests/wsgi/apache_metadata.pp index c55bacc5f..10bf3a48d 100644 --- a/manifests/wsgi/apache_metadata.pp +++ b/manifests/wsgi/apache_metadata.pp @@ -138,7 +138,7 @@ class nova::wsgi::apache_metadata ( ::openstacklib::wsgi::apache { 'nova_metadata_wsgi': bind_host => $bind_host, bind_port => $api_port, - group => 'nova', + group => $::nova::params::group, path => $path, priority => $priority, servername => $servername, @@ -151,7 +151,7 @@ class nova::wsgi::apache_metadata ( ssl_crl_path => $ssl_crl_path, ssl_key => $ssl_key, threads => $threads, - user => 'nova', + user => $::nova::params::user, vhost_custom_fragment => $vhost_custom_fragment, workers => $workers, wsgi_daemon_process => 'nova-metadata',