From 4c8a34e6ba45ce647eed54e33c95e4702a0be25e Mon Sep 17 00:00:00 2001 From: Emilien Macchi Date: Thu, 5 Oct 2017 10:38:59 -0700 Subject: [PATCH] Configure *_domain_name to Default by default Keystone v2.0 API was removed so we have no choice but configuring user_domain_name and project_domain_name otherwise it fallbacks to Keystone v2.0 and it fails. This patch sets the default value so we make sure Keystone v3 will be used out of the box for our users. Change-Id: I372928fca38664ac0638212386d1d7c7cb7666c8 --- manifests/api.pp | 8 ++++---- manifests/keystone/authtoken.pp | 12 ++++++------ manifests/metadata/novajoin/authtoken.pp | 12 ++++++------ .../notes/default_domain-c3a77897aa75ab0d.yaml | 6 ++++++ spec/classes/nova_api_spec.rb | 4 ++-- spec/classes/nova_keystone_authtoken_spec.rb | 4 ++-- .../classes/nova_metadata_novajoin_authtoken_spec.rb | 4 ++-- 7 files changed, 28 insertions(+), 22 deletions(-) create mode 100644 releasenotes/notes/default_domain-c3a77897aa75ab0d.yaml diff --git a/manifests/api.pp b/manifests/api.pp index 9d187ce1f..c1a5ecf25 100644 --- a/manifests/api.pp +++ b/manifests/api.pp @@ -224,7 +224,7 @@ # [*vendordata_dynamic_auth_project_domain_name*] # (optional) Project domain name for the vendordata dynamic plugin # credentials. -# Defaults to $::os_service_default +# Defaults to 'Default' # # [*vendordata_dynamic_auth_project_name*] # (optional) Project name for the vendordata dynamic plugin credentials. @@ -232,7 +232,7 @@ # # [*vendordata_dynamic_auth_user_domain_name*] # (optional) User domain name for the vendordata dynamic plugin credentials. -# Defaults to $::os_service_default +# Defaults to 'Default' # # [*vendordata_dynamic_auth_username*] # (optional) User name for the vendordata dynamic plugin credentials. @@ -323,9 +323,9 @@ class nova::api( $vendordata_dynamic_auth_auth_url = $::os_service_default, $vendordata_dynamic_auth_os_region_name = $::os_service_default, $vendordata_dynamic_auth_password = $::os_service_default, - $vendordata_dynamic_auth_project_domain_name = $::os_service_default, + $vendordata_dynamic_auth_project_domain_name = 'Default', $vendordata_dynamic_auth_project_name = $::os_service_default, - $vendordata_dynamic_auth_user_domain_name = $::os_service_default, + $vendordata_dynamic_auth_user_domain_name = 'Default', $vendordata_dynamic_auth_username = $::os_service_default, # DEPRECATED PARAMETER $conductor_workers = undef, diff --git a/manifests/keystone/authtoken.pp b/manifests/keystone/authtoken.pp index 15aef3659..abe195e1b 100644 --- a/manifests/keystone/authtoken.pp +++ b/manifests/keystone/authtoken.pp @@ -21,12 +21,12 @@ # Defaults to 'services' # # [*user_domain_name*] -# (Optional) Name of domain for $username -# Defaults to $::os_service_default +# (Optional) Name of domain for $user_domain_name +# Defaults to 'Default' # # [*project_domain_name*] -# (Optional) Name of domain for $project_name -# Defaults to $::os_service_default +# (Optional) Name of domain for $project_domain_name +# Defaults to 'Default' # # [*insecure*] # (Optional) If true, explicitly allow TLS without checking server cert @@ -183,8 +183,8 @@ class nova::keystone::authtoken( $password = $::os_service_default, $auth_url = 'http://127.0.0.1:35357/', $project_name = 'services', - $user_domain_name = $::os_service_default, - $project_domain_name = $::os_service_default, + $user_domain_name = 'Default', + $project_domain_name = 'Default', $insecure = $::os_service_default, $auth_section = $::os_service_default, $auth_type = 'password', diff --git a/manifests/metadata/novajoin/authtoken.pp b/manifests/metadata/novajoin/authtoken.pp index 7841444f3..8ba81dc50 100644 --- a/manifests/metadata/novajoin/authtoken.pp +++ b/manifests/metadata/novajoin/authtoken.pp @@ -21,12 +21,12 @@ # Defaults to 'services' # # [*user_domain_name*] -# (Optional) Name of domain for $username -# Defaults to $::os_service_default +# (Optional) Name of domain for $user_domain_name +# Defaults to 'Default' # # [*project_domain_name*] -# (Optional) Name of domain for $project_name -# Defaults to $::os_service_default +# (Optional) Name of domain for $project_domain_name +# Defaults to 'Default' # # [*insecure*] # (Optional) If true, explicitly allow TLS without checking server cert @@ -192,8 +192,8 @@ class nova::metadata::novajoin::authtoken( $password = $::os_service_default, $auth_url = 'http://127.0.0.1:35357/', $project_name = 'services', - $user_domain_name = $::os_service_default, - $project_domain_name = $::os_service_default, + $user_domain_name = 'Default', + $project_domain_name = 'Default', $insecure = $::os_service_default, $auth_section = $::os_service_default, $auth_type = 'password', diff --git a/releasenotes/notes/default_domain-c3a77897aa75ab0d.yaml b/releasenotes/notes/default_domain-c3a77897aa75ab0d.yaml new file mode 100644 index 000000000..7394505ca --- /dev/null +++ b/releasenotes/notes/default_domain-c3a77897aa75ab0d.yaml @@ -0,0 +1,6 @@ +--- +issues: + - | + Keystone v2.0 API was removed so we need to set a default value + for user_domain_name and project_domain name, which will be + Default as it is already in some other classes in modules. diff --git a/spec/classes/nova_api_spec.rb b/spec/classes/nova_api_spec.rb index 55ae06546..25b19850f 100644 --- a/spec/classes/nova_api_spec.rb +++ b/spec/classes/nova_api_spec.rb @@ -75,9 +75,9 @@ describe 'nova::api' do is_expected.to contain_nova_config('vendordata_dynamic_auth/auth_url').with('value' => '') is_expected.to contain_nova_config('vendordata_dynamic_auth/os_region_name').with('value' => '') is_expected.to contain_nova_config('vendordata_dynamic_auth/password').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/project_domain_name').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/project_domain_name').with('value' => 'Default') is_expected.to contain_nova_config('vendordata_dynamic_auth/project_name').with('value' => '') - is_expected.to contain_nova_config('vendordata_dynamic_auth/user_domain_name').with('value' => '') + is_expected.to contain_nova_config('vendordata_dynamic_auth/user_domain_name').with('value' => 'Default') is_expected.to contain_nova_config('vendordata_dynamic_auth/username').with('value' => '') end diff --git a/spec/classes/nova_keystone_authtoken_spec.rb b/spec/classes/nova_keystone_authtoken_spec.rb index 922d3e84c..ee443ae19 100644 --- a/spec/classes/nova_keystone_authtoken_spec.rb +++ b/spec/classes/nova_keystone_authtoken_spec.rb @@ -15,8 +15,8 @@ describe 'nova::keystone::authtoken' do is_expected.to contain_nova_config('keystone_authtoken/password').with_value('nova_password') is_expected.to contain_nova_config('keystone_authtoken/auth_url').with_value('http://127.0.0.1:35357/') is_expected.to contain_nova_config('keystone_authtoken/project_name').with_value('services') - is_expected.to contain_nova_config('keystone_authtoken/user_domain_name').with_value('') - is_expected.to contain_nova_config('keystone_authtoken/project_domain_name').with_value('') + is_expected.to contain_nova_config('keystone_authtoken/user_domain_name').with_value('Default') + is_expected.to contain_nova_config('keystone_authtoken/project_domain_name').with_value('Default') is_expected.to contain_nova_config('keystone_authtoken/insecure').with_value('') is_expected.to contain_nova_config('keystone_authtoken/auth_section').with_value('') is_expected.to contain_nova_config('keystone_authtoken/auth_type').with_value('password') diff --git a/spec/classes/nova_metadata_novajoin_authtoken_spec.rb b/spec/classes/nova_metadata_novajoin_authtoken_spec.rb index 0851a4a3f..b6093d365 100644 --- a/spec/classes/nova_metadata_novajoin_authtoken_spec.rb +++ b/spec/classes/nova_metadata_novajoin_authtoken_spec.rb @@ -15,8 +15,8 @@ describe 'nova::metadata::novajoin::authtoken' do is_expected.to contain_novajoin_config('keystone_authtoken/password').with_value('novajoin_password') is_expected.to contain_novajoin_config('keystone_authtoken/auth_url').with_value('http://127.0.0.1:35357/') is_expected.to contain_novajoin_config('keystone_authtoken/project_name').with_value('services') - is_expected.to contain_novajoin_config('keystone_authtoken/user_domain_name').with_value('') - is_expected.to contain_novajoin_config('keystone_authtoken/project_domain_name').with_value('') + is_expected.to contain_novajoin_config('keystone_authtoken/user_domain_name').with_value('Default') + is_expected.to contain_novajoin_config('keystone_authtoken/project_domain_name').with_value('Default') is_expected.to contain_novajoin_config('keystone_authtoken/insecure').with_value('') is_expected.to contain_novajoin_config('keystone_authtoken/auth_section').with_value('') is_expected.to contain_novajoin_config('keystone_authtoken/auth_type').with_value('password')