openstack/puppet-nova
Code Issues Proposed changes

Update ironic auth settings

Browse Source 
The underlying ironic auth paramters for nova.conf have been changed.
nova::ironic::common::admin_username,
nova::ironic::common::admin_password,
nova::ironic::common::admin_url,
nova::ironic::common::admin_tenant_name
have been deprecated in favor of nova::ironic::common::username,
nova::ironic::common::password, nova::ironic::common::auth_url,
nova::ironic::common::project_name.

Also the deprecated options from nova::compute::ironic have been
removed. Please use the options available via nova::ironic::common.

Change-Id: I163d99c407ef9e0725fec492be6440de67839650
Co-Authored-By: Xing Zhou <xing.zhou@easystack.cn>
This commit is contained in:
Alex Schultz 2016-10-28 17:28:20 -06:00
parent 7b897406aa
commit 87fb09cc69
5 changed files with 167 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
manifests/compute/ironic.pp
View File

@ -4,84 +4,21 @@
#
# === Parameters:
#
# [*admin_username*]
# The admin username for Ironic to connect to Nova.
# Defaults to 'admin'
#
# [*admin_password*]
# The admin password for Ironic to connect to Nova.
# Defaults to 'ironic'
#
# [*admin_url*]
# The address of the Keystone api endpoint.
# Defaults to 'http://127.0.0.1:35357/v2.0'
#
# [*admin_tenant_name*]
# The Ironic Keystone tenant name.
# Defaults to 'services'
#
# [*api_endpoint*]
# The url for Ironic api endpoint.
# Defaults to 'http://127.0.0.1:6385/v1'
#
# [*compute_driver*]
# (optional) Compute driver.
# Defaults to 'ironic.IronicDriver'
#
# [*admin_user*]
# (optional) DEPRECATED: Use admin_username instead.
#
# [*admin_passwd*]
# (optional) DEPRECATED: Use admin_password instead.
#
# [*max_concurrent_builds*]
# (optional) Maximum number of instance builds to run concurrently
# Defaults to $::os_service_default.
#
class nova::compute::ironic (
$max_concurrent_builds = $::os_service_default,
# DEPRECATED PARAMETERS
$admin_username = undef,
$admin_password = undef,
$admin_url = undef,
$admin_tenant_name = undef,
$api_endpoint = undef,
$admin_user = undef,
$admin_passwd = undef,
$compute_driver = 'ironic.IronicDriver'
) {
include ::nova::deps
if $admin_user {
warning('The admin_user parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_passwd {
warning('The admin_passwd parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_username {
warning('The admin_username parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_password {
warning('The admin_password parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_url {
warning('The admin_url parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_tenant_name {
warning('The admin_tenant_name parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $api_endpoint {
warning('The api_endpoint parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
include ::nova::ironic::common
require ::nova::ironic::common
nova_config {
'DEFAULT/compute_driver': value => $compute_driver;

103
manifests/ironic/common.pp
View File

@ -1,5 +1,31 @@
# == Class: nova::ironic::common
#
# [*api_endpoint*]
# The url for Ironic api endpoint.
# Defaults to 'http://127.0.0.1:6385/v1'
#
# [*auth_plugin*]
# The authentication plugin to use when connecting to nova.
# Defaults to 'password'
#
# [*auth_url*]
# The address of the Keystone api endpoint.
# Defaults to 'http://127.0.0.1:35357/'
#
# [*project_name*]
# The Ironic Keystone project name.
# Defaults to 'services'
#
# [*password*]
# The admin password for Ironic to connect to Nova.
# Defaults to 'ironic'
#
# [*username*]
# The admin username for Ironic to connect to Nova.
# Defaults to 'admin'
#
# === DEPRECATED
#
# [*admin_username*]
# The admin username for Ironic to connect to Nova.
# Defaults to 'admin'
@ -16,43 +42,60 @@
# The Ironic Keystone tenant name.
# Defaults to 'services'
#
# [*api_endpoint*]
# The url for Ironic api endpoint.
# Defaults to 'http://127.0.0.1:6385/v1'
#
class nova::ironic::common (
$admin_username = 'admin',
$admin_password = 'ironic',
$admin_tenant_name = 'services',
$admin_url = 'http://127.0.0.1:35357/v2.0',
$api_endpoint = 'http://127.0.0.1:6385/v1',
$auth_plugin = 'password',
$auth_url = 'http://127.0.0.1:35357/',
$password = 'ironic',
$project_name = 'services',
$username = 'admin',
# DEPRECATED
$admin_username = undef,
$admin_password = undef,
$admin_tenant_name = undef,
$admin_url = undef,
) {
include ::nova::deps
$admin_username_real = pick(
$::nova::compute::ironic::admin_user,
$::nova::compute::ironic::admin_username,
$admin_username)
$admin_password_real = pick(
$::nova::compute::ironic::admin_passwd,
$::nova::compute::ironic::admin_password,
$admin_password)
$admin_tenant_name_real = pick(
$::nova::compute::ironic::admin_tenant_name,
$admin_tenant_name)
$admin_url_real = pick(
$::nova::compute::ironic::admin_url,
$admin_url)
$api_endpoint_real = pick(
$::nova::compute::ironic::api_endpoint,
$api_endpoint)
if ($admin_username) {
warning('nova::ironic::common::admin_username is deprecated. Please use username')
}
if ($admin_password) {
warning('nova::ironic::common::admin_password is deprecated. Please use password')
}
if ($admin_tenant_name) {
warning('nova::ironic::common::admin_tenant_name is deprecated. Please use project_name')
}
if ($admin_url) {
warning('nova::ironic::common::admin_url is deprecated. Please use auth_url')
}
$username_real = pick($admin_username, $username)
$password_real = pick($admin_password, $password)
$auth_url_real = pick($admin_url, $auth_url)
$project_name_real = pick($admin_tenant_name, $project_name)
nova_config {
'ironic/admin_username': value => $admin_username_real;
'ironic/admin_password': value => $admin_password_real;
'ironic/admin_url': value => $admin_url_real;
'ironic/admin_tenant_name': value => $admin_tenant_name_real;
'ironic/api_endpoint': value => $api_endpoint_real;
'ironic/auth_plugin': value => $auth_plugin;
'ironic/username': value => $username_real;
'ironic/password': value => $password_real;
'ironic/auth_url': value => $auth_url_real;
'ironic/project_name': value => $project_name_real;
'ironic/api_endpoint': value => $api_endpoint;
}
# TODO(aschultz): these are deprecated, remove in P
nova_config {
'ironic/admin_username': value => $username_real;
'ironic/admin_password': value => $password_real;
'ironic/admin_url': value => $auth_url_real;
'ironic/admin_tenant_name': value => $project_name_real;
}
}

10
releasenotes/notes/nova-ironic-common-updates-c855c6e82281de9d.yaml Normal file
View File

@ -0,0 +1,10 @@
---
deprecation:
- nova::ironic::common::admin_username, nova::ironic::common::admin_password,
nova::ironic::common::admin_url, nova::ironic::common::admin_tenant_name
have been deprecated in favor of nova::ironic::common::username,
nova::ironic::common::password, nova::ironic::common::auth_url,
nova::ironic::common::project_name.
upgrade:
- Deprecated options from nova::compute::ironic have been removed. Please
use the options available via nova::ironic::common.

61
spec/classes/nova_compute_ironic_spec.rb
View File

@ -4,54 +4,33 @@ describe 'nova::compute::ironic' do
shared_examples_for 'nova-compute-ironic' do
context 'with default parameters' do
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/compute_driver').with_value('ironic.IronicDriver')
is_expected.to contain_nova_config('DEFAULT/max_concurrent_builds').with_value('<SERVICE DEFAULT>')
end
end
context 'with overridden parameters' do
let :params do
{
:compute_driver => 'ironic.FoobarDriver',
:max_concurrent_builds => 15,
}
context 'with default parameters' do
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/compute_driver').with_value('ironic.IronicDriver')
is_expected.to contain_nova_config('DEFAULT/max_concurrent_builds').with_value('<SERVICE DEFAULT>')
end
end
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/compute_driver').with_value('ironic.FoobarDriver')
is_expected.to contain_nova_config('DEFAULT/max_concurrent_builds').with_value(15)
end
end
context 'with overridden parameters' do
let :params do
{
:compute_driver => 'ironic.FoobarDriver',
:max_concurrent_builds => 15,
}
end
context 'with deprecated parameters' do
let :params do
{
:admin_user => 'ironic-user',
:admin_passwd => 'ironic-s3cr3t',
:admin_url => 'http://10.0.0.10:35357/v2.0',
:admin_tenant_name => 'services2',
:api_endpoint => 'http://10.0.0.10:6385/v1',
}
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/compute_driver').with_value('ironic.FoobarDriver')
is_expected.to contain_nova_config('DEFAULT/max_concurrent_builds').with_value(15)
end
end
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/admin_username').with_value('ironic-user')
is_expected.to contain_nova_config('ironic/admin_password').with_value('ironic-s3cr3t')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://10.0.0.10:35357/v2.0')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services2')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://10.0.0.10:6385/v1')
context 'always' do
it 'contains the ironic common class' do
is_expected.to contain_class('nova::ironic::common')
end
end
end
end
context 'always' do
it 'contains the ironic common class' do
is_expected.to contain_class('nova::ironic::common')
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os

93
spec/classes/nova_ironic_common_spec.rb
View File

@ -4,35 +4,72 @@ describe 'nova::ironic::common' do
shared_examples_for 'nova-ironic-common' do
context 'with default parameters' do
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/admin_username').with_value('admin')
is_expected.to contain_nova_config('ironic/admin_password').with_value('ironic')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://127.0.0.1:35357/v2.0')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://127.0.0.1:6385/v1')
end
end
context 'with default parameters' do
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/auth_plugin').with_value('password')
is_expected.to contain_nova_config('ironic/username').with_value('admin')
is_expected.to contain_nova_config('ironic/password').with_value('ironic')
is_expected.to contain_nova_config('ironic/auth_url').with_value('http://127.0.0.1:35357/')
is_expected.to contain_nova_config('ironic/project_name').with_value('services')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://127.0.0.1:6385/v1')
context 'with overridden parameters' do
let :params do
{
:admin_username => 'ironic',
:admin_password => 's3cr3t',
:admin_url => 'http://10.0.0.10:35357/v2.0',
:admin_tenant_name => 'services2',
:api_endpoint => 'http://10.0.0.10:6385/v1',
}
is_expected.to contain_nova_config('ironic/admin_username').with_value('admin')
is_expected.to contain_nova_config('ironic/admin_password').with_value('ironic')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://127.0.0.1:35357/')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services')
end
end
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/admin_username').with_value('ironic')
is_expected.to contain_nova_config('ironic/admin_password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://10.0.0.10:35357/v2.0')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services2')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://10.0.0.10:6385/v1')
context 'with parameters' do
let :params do
{
:username => 'ironic',
:password => 's3cr3t',
:auth_url => 'http://10.0.0.10:35357/',
:project_name => 'services2',
:api_endpoint => 'http://10.0.0.10:6385/v1',
}
end
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/auth_plugin').with_value('password')
is_expected.to contain_nova_config('ironic/username').with_value('ironic')
is_expected.to contain_nova_config('ironic/password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/auth_url').with_value('http://10.0.0.10:35357/')
is_expected.to contain_nova_config('ironic/project_name').with_value('services2')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://10.0.0.10:6385/v1')
is_expected.to contain_nova_config('ironic/admin_username').with_value('ironic')
is_expected.to contain_nova_config('ironic/admin_password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://10.0.0.10:35357/')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services2')
end
end
context 'with deprecated parameters' do
let :params do
{
:admin_username => 'ironic',
:admin_password => 's3cr3t',
:admin_url => 'http://10.0.0.10:35357/v2.0',
:admin_tenant_name => 'services2',
:api_endpoint => 'http://10.0.0.10:6385/v1',
}
end
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/username').with_value('ironic')
is_expected.to contain_nova_config('ironic/password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/auth_url').with_value('http://10.0.0.10:35357/v2.0')
is_expected.to contain_nova_config('ironic/project_name').with_value('services2')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://10.0.0.10:6385/v1')
is_expected.to contain_nova_config('ironic/admin_username').with_value('ironic')
is_expected.to contain_nova_config('ironic/admin_password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://10.0.0.10:35357/v2.0')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services2')
end
end
end
end
on_supported_os({
@ -40,11 +77,7 @@ describe 'nova::ironic::common' do
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge!(OSDefaults.get_facts({
:fqdn => 'some.host.tld',
:processorcount => 2,
:concat_basedir => '/var/lib/puppet/concat'
}))
facts.merge!(OSDefaults.get_facts)
end
it_configures 'nova-ironic-common'
end