openstack/puppet-nova
Code Issues Proposed changes

Avoid hard-coding OS user/group in each manifest

Browse Source 
and replace hard-codes by definition in params.pp . This change
renames nova_user and nova_group to user and group, so that
the consistent variable names are used to define os user and group.

Change-Id: I5dfdc8588df3091412298507d93097388444e10b
This commit is contained in:
Takashi Kajinami 2022-02-21 01:27:29 +09:00
parent 32371f4afd
commit 39b2d75f69
15 changed files with 35 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
manifests/cell_v2/discover_hosts.pp
View File

@ -18,7 +18,7 @@ class nova::cell_v2::discover_hosts (
exec { 'nova-cell_v2-discover_hosts': exec { 'nova-cell_v2-discover_hosts':
path => ['/bin', '/usr/bin'], path => ['/bin', '/usr/bin'],
command => "nova-manage ${extra_params} cell_v2 discover_hosts", command => "nova-manage ${extra_params} cell_v2 discover_hosts",
user => $::nova::params::nova_user, user => $::nova::params::user,
refreshonly => true, refreshonly => true,
subscribe => Anchor['nova::service::end'] subscribe => Anchor['nova::service::end']
} }

2
manifests/cell_v2/map_cell0.pp
View File

@ -21,7 +21,7 @@ class nova::cell_v2::map_cell0 (
exec { 'nova-cell_v2-map_cell0': exec { 'nova-cell_v2-map_cell0':
path => ['/bin', '/usr/bin'], path => ['/bin', '/usr/bin'],
command => "nova-manage ${extra_params} cell_v2 map_cell0", command => "nova-manage ${extra_params} cell_v2 map_cell0",
user => $::nova::params::nova_user, user => $::nova::params::user,
refreshonly => true, refreshonly => true,
logoutput => on_failure, logoutput => on_failure,
subscribe => Anchor['nova::cell_v2::begin'], subscribe => Anchor['nova::cell_v2::begin'],

2
manifests/cell_v2/map_cell_and_hosts.pp
View File

@ -18,7 +18,7 @@ class nova::cell_v2::map_cell_and_hosts (
exec { 'nova-cell_v2-map_cell_and_hosts': exec { 'nova-cell_v2-map_cell_and_hosts':
path => ['/bin', '/usr/bin'], path => ['/bin', '/usr/bin'],
command => "nova-manage ${extra_params} cell_v2 map_cell_and_hosts", command => "nova-manage ${extra_params} cell_v2 map_cell_and_hosts",
user => $::nova::params::nova_user, user => $::nova::params::user,
refreshonly => true, refreshonly => true,
} }
} }

2
manifests/cell_v2/map_instances.pp
View File

@ -43,7 +43,7 @@ class nova::cell_v2::map_instances (
exec { 'nova-cell_v2-map_instances': exec { 'nova-cell_v2-map_instances':
path => ['/bin', '/usr/bin'], path => ['/bin', '/usr/bin'],
command => "nova-manage ${extra_params} cell_v2 map_instances --cell_uuid=${cell_uuid_real}", command => "nova-manage ${extra_params} cell_v2 map_instances --cell_uuid=${cell_uuid_real}",
user => $::nova::params::nova_user, user => $::nova::params::user,
refreshonly => true, refreshonly => true,
} }
} }

8
manifests/compute/provider.pp
View File

@ -83,8 +83,8 @@ class nova::compute::provider (
file { "${config_location}": file { "${config_location}":
ensure => directory, ensure => directory,
mode => '0750', mode => '0750',
owner => $::nova::params::nova_user, owner => $::nova::params::user,
group => $::nova::params::nova_group, group => $::nova::params::group,
require => Anchor['nova::config::begin'], require => Anchor['nova::config::begin'],
before => Anchor['nova::config::end'], before => Anchor['nova::config::end'],
} }
@ -93,8 +93,8 @@ class nova::compute::provider (
file { "${config_location}/${config_file}": file { "${config_location}/${config_file}":
ensure => file, ensure => file,
mode => '0640', mode => '0640',
owner => $::nova::params::nova_user, owner => $::nova::params::user,
group => $::nova::params::nova_group, group => $::nova::params::group,
content => template('nova/provider.yaml.erb'), content => template('nova/provider.yaml.erb'),
require => Anchor['nova::config::begin'], require => Anchor['nova::config::begin'],
} }

10
manifests/cron/archive_deleted_rows.pp
View File

@ -43,8 +43,7 @@
# #
# [*user*] # [*user*]
# (optional) User with access to nova files. # (optional) User with access to nova files.
# nova::params::nova_user will be used if this is undef. # Defaults to $::nova::params::user.
# Defaults to undef.
# #
# [*destination*] # [*destination*]
# (optional) Path to file to which rows should be archived # (optional) Path to file to which rows should be archived
@ -96,7 +95,7 @@ class nova::cron::archive_deleted_rows (
$month = '*', $month = '*',
$weekday = '*', $weekday = '*',
$max_rows = '100', $max_rows = '100',
$user = undef, $user = $::nova::params::user,
$destination = '/var/log/nova/nova-rowsflush.log', $destination = '/var/log/nova/nova-rowsflush.log',
$until_complete = false, $until_complete = false,
$purge = false, $purge = false,
@ -106,10 +105,9 @@ class nova::cron::archive_deleted_rows (
$sleep = undef, $sleep = undef,
$verbose = false, $verbose = false,
$maxdelay = 0, $maxdelay = 0,
) { ) inherits nova::params {
include nova::deps include nova::deps
include nova::params
if $until_complete { if $until_complete {
$until_complete_real = ' --until-complete' $until_complete_real = ' --until-complete'
@ -171,7 +169,7 @@ class nova::cron::archive_deleted_rows (
command => "${delay_cmd}${cron_cmd}${purge_real} --max_rows ${max_rows}${verbose_real}${age_real}${until_complete_real}${all_cells_real}${task_log_real}${sleep_real} >>${destination} 2>&1", command => "${delay_cmd}${cron_cmd}${purge_real} --max_rows ${max_rows}${verbose_real}${age_real}${until_complete_real}${all_cells_real}${task_log_real}${sleep_real} >>${destination} 2>&1",
# lint:endignore # lint:endignore
environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
user => pick($user, $::nova::params::nova_user), user => $user,
minute => $minute, minute => $minute,
hour => $hour, hour => $hour,
monthday => $monthday, monthday => $monthday,

9
manifests/cron/purge_shadow_tables.pp
View File

@ -36,8 +36,7 @@
# #
# [*user*] # [*user*]
# (optional) User with access to nova files. # (optional) User with access to nova files.
# nova::params::nova_user will be used if this is undef. # Defaults to $::nova::params::user.
# Defaults to undef.
# #
# [*destination*] # [*destination*]
# (optional) Path to file to which rows should be archived # (optional) Path to file to which rows should be archived
@ -68,13 +67,13 @@ class nova::cron::purge_shadow_tables (
$monthday = '*', $monthday = '*',
$month = '*', $month = '*',
$weekday = '*', $weekday = '*',
$user = undef, $user = $::nova::params::user,
$destination = '/var/log/nova/nova-rowspurge.log', $destination = '/var/log/nova/nova-rowspurge.log',
$age = 14, $age = 14,
$all_cells = false, $all_cells = false,
$verbose = false, $verbose = false,
$maxdelay = 0, $maxdelay = 0,
) { ) inherits nova::params {
include nova::deps include nova::deps
include nova::params include nova::params
@ -106,7 +105,7 @@ class nova::cron::purge_shadow_tables (
command => "${delay_cmd}${cron_cmd} --before `date --date='today - ${age} days' +\\%D`${verbose_real}${all_cells_real} >>${destination} 2>&1", command => "${delay_cmd}${cron_cmd} --before `date --date='today - ${age} days' +\\%D`${verbose_real}${all_cells_real} >>${destination} 2>&1",
# lint:endignore # lint:endignore
environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh',
user => pick($user, $::nova::params::nova_user), user => $user,
minute => $minute, minute => $minute,
hour => $hour, hour => $hour,
monthday => $monthday, monthday => $monthday,

2
manifests/db/online_data_migrations.pp
View File

@ -23,7 +23,7 @@ class nova::db::online_data_migrations(
exec { 'nova-db-online-data-migrations': exec { 'nova-db-online-data-migrations':
command => "/usr/bin/nova-manage ${extra_params} db online_data_migrations", command => "/usr/bin/nova-manage ${extra_params} db online_data_migrations",
user => $::nova::params::nova_user, user => $::nova::params::user,
refreshonly => true, refreshonly => true,
try_sleep => 5, try_sleep => 5,
tries => 10, tries => 10,

2
manifests/db/sync.pp
View File

@ -23,7 +23,7 @@ class nova::db::sync(
exec { 'nova-db-sync': exec { 'nova-db-sync':
command => "/usr/bin/nova-manage ${extra_params} db sync", command => "/usr/bin/nova-manage ${extra_params} db sync",
user => $::nova::params::nova_user, user => $::nova::params::user,
refreshonly => true, refreshonly => true,
try_sleep => 5, try_sleep => 5,
tries => 10, tries => 10,

2
manifests/db/sync_api.pp
View File

@ -32,7 +32,7 @@ class nova::db::sync_api(
exec { 'nova-db-sync-api': exec { 'nova-db-sync-api':
command => "/usr/bin/nova-manage ${extra_params} api_db sync", command => "/usr/bin/nova-manage ${extra_params} api_db sync",
user => $::nova::params::nova_user, user => $::nova::params::user,
refreshonly => true, refreshonly => true,
try_sleep => 5, try_sleep => 5,
tries => 10, tries => 10,

10
manifests/init.pp
View File

@ -534,8 +534,8 @@ Use nova::cinder::cross_az_attach instead.')
file { '/var/lib/nova/.ssh': file { '/var/lib/nova/.ssh':
ensure => directory, ensure => directory,
mode => '0700', mode => '0700',
owner => $::nova::params::nova_user, owner => $::nova::params::user,
group => $::nova::params::nova_group, group => $::nova::params::group,
require => Anchor['nova::config::begin'], require => Anchor['nova::config::begin'],
before => Anchor['nova::config::end'], before => Anchor['nova::config::end'],
} }
@ -549,7 +549,7 @@ Use nova::cinder::cross_az_attach instead.')
ensure => present, ensure => present,
key => $nova_public_key['key'], key => $nova_public_key['key'],
type => $nova_public_key['type'], type => $nova_public_key['type'],
user => 'nova', user => $::nova::params::user,
require => File['/var/lib/nova/.ssh'], require => File['/var/lib/nova/.ssh'],
} }
} }
@ -574,8 +574,8 @@ but should be one of: ssh-rsa, ssh-dsa, ssh-ecdsa.")
file { $nova_private_key_file: file { $nova_private_key_file:
content => $nova_private_key[key], content => $nova_private_key[key],
mode => '0600', mode => '0600',
owner => $::nova::params::nova_user, owner => $::nova::params::user,
group => $::nova::params::nova_group, group => $::nova::params::group,
require => File['/var/lib/nova/.ssh'], require => File['/var/lib/nova/.ssh'],
} }
} }

4
manifests/logging.pp
View File

@ -131,8 +131,8 @@ class nova::logging(
# This should force an update the selinux role if the logfile exists. # This should force an update the selinux role if the logfile exists.
# It will be incorrect if the file was created by the dbsync exec resources. # It will be incorrect if the file was created by the dbsync exec resources.
file { "${log_dir}/nova-manage.log": file { "${log_dir}/nova-manage.log":
owner => $::nova::params::nova_user, owner => $::nova::params::user,
group => $::nova::params::nova_group, group => $::nova::params::group,
require => Anchor['nova::service::end'] require => Anchor['nova::service::end']
} }
} }

9
manifests/params.pp
View File

@ -6,8 +6,13 @@ class nova::params {
include openstacklib::defaults include openstacklib::defaults
$client_package = 'python3-novaclient' $client_package = 'python3-novaclient'
$user = 'nova'
$group = 'nova' $group = 'nova'
# NOTE(tkajinam) These are kept for backword compatibility
$nova_user = $user
$nova_group = $group
case $::osfamily { case $::osfamily {
'RedHat': { 'RedHat': {
# package names # package names
@ -57,8 +62,6 @@ class nova::params {
$nova_api_wsgi_script_source = '/usr/bin/nova-api-wsgi' $nova_api_wsgi_script_source = '/usr/bin/nova-api-wsgi'
$nova_metadata_wsgi_script_source = '/usr/bin/nova-metadata-wsgi' $nova_metadata_wsgi_script_source = '/usr/bin/nova-metadata-wsgi'
$messagebus_service_name = 'dbus' $messagebus_service_name = 'dbus'
$nova_user = 'nova'
$nova_group = 'nova'
if $::operatingsystemmajrelease >= '9' { if $::operatingsystemmajrelease >= '9' {
$mkisofs_package_name = 'xorriso' $mkisofs_package_name = 'xorriso'
$mkisofs_cmd = 'mkisofs' $mkisofs_cmd = 'mkisofs'
@ -133,8 +136,6 @@ class nova::params {
} }
} }
$libvirt_service_name = 'libvirtd' $libvirt_service_name = 'libvirtd'
$nova_user = 'nova'
$nova_group = 'nova'
} }
default: { default: {
fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, \ fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, \

4
manifests/wsgi/apache_api.pp
View File

@ -143,7 +143,7 @@ class nova::wsgi::apache_api (
::openstacklib::wsgi::apache { 'nova_api_wsgi': ::openstacklib::wsgi::apache { 'nova_api_wsgi':
bind_host => $bind_host, bind_host => $bind_host,
bind_port => $api_port, bind_port => $api_port,
group => 'nova', group => $::nova::params::group,
path => $path, path => $path,
priority => $priority, priority => $priority,
servername => $servername, servername => $servername,
@ -156,7 +156,7 @@ class nova::wsgi::apache_api (
ssl_crl_path => $ssl_crl_path, ssl_crl_path => $ssl_crl_path,
ssl_key => $ssl_key, ssl_key => $ssl_key,
threads => $threads, threads => $threads,
user => 'nova', user => $::nova::params::user,
vhost_custom_fragment => $vhost_custom_fragment, vhost_custom_fragment => $vhost_custom_fragment,
workers => $workers, workers => $workers,
wsgi_daemon_process => 'nova-api', wsgi_daemon_process => 'nova-api',

4
manifests/wsgi/apache_metadata.pp
View File

@ -138,7 +138,7 @@ class nova::wsgi::apache_metadata (
::openstacklib::wsgi::apache { 'nova_metadata_wsgi': ::openstacklib::wsgi::apache { 'nova_metadata_wsgi':
bind_host => $bind_host, bind_host => $bind_host,
bind_port => $api_port, bind_port => $api_port,
group => 'nova', group => $::nova::params::group,
path => $path, path => $path,
priority => $priority, priority => $priority,
servername => $servername, servername => $servername,
@ -151,7 +151,7 @@ class nova::wsgi::apache_metadata (
ssl_crl_path => $ssl_crl_path, ssl_crl_path => $ssl_crl_path,
ssl_key => $ssl_key, ssl_key => $ssl_key,
threads => $threads, threads => $threads,
user => 'nova', user => $::nova::params::user,
vhost_custom_fragment => $vhost_custom_fragment, vhost_custom_fragment => $vhost_custom_fragment,
workers => $workers, workers => $workers,
wsgi_daemon_process => 'nova-metadata', wsgi_daemon_process => 'nova-metadata',