commit
f2174b421a
|
@ -32,16 +32,7 @@ class nova::api(
|
|||
service_name => $::nova::params::api_service_name,
|
||||
}
|
||||
|
||||
nova_config {
|
||||
'api_paste_config': value => '/etc/nova/api-paste.ini';
|
||||
'auth_strategy': value => $auth_strategy;
|
||||
}
|
||||
|
||||
if $auth_strategy == 'keystone' {
|
||||
nova_config { 'use_deprecated_auth': value => false }
|
||||
} else {
|
||||
nova_config { 'use_deprecated_auth': value => true }
|
||||
}
|
||||
nova_config { 'api_paste_config': value => '/etc/nova/api-paste.ini'; }
|
||||
|
||||
file { '/etc/nova/api-paste.ini':
|
||||
content => template('nova/api-paste.ini.erb'),
|
||||
|
|
|
@ -13,6 +13,7 @@ class nova(
|
|||
$rabbit_port='5672',
|
||||
$rabbit_userid='guest',
|
||||
$rabbit_virtual_host='/',
|
||||
$auth_strategy = 'keystone',
|
||||
$network_manager = 'nova.network.manager.FlatManager',
|
||||
$multi_host_networking = false,
|
||||
$flat_network_bridge = 'br100',
|
||||
|
@ -130,6 +131,17 @@ class nova(
|
|||
}
|
||||
}
|
||||
|
||||
nova_config {
|
||||
'auth_strategy': value => $auth_strategy;
|
||||
}
|
||||
|
||||
if $auth_strategy == 'keystone' {
|
||||
nova_config { 'use_deprecated_auth': value => false }
|
||||
} else {
|
||||
nova_config { 'use_deprecated_auth': value => true }
|
||||
}
|
||||
|
||||
|
||||
# I may want to support exporting and collecting these
|
||||
nova_config {
|
||||
'rabbit_password': value => $rabbit_password;
|
||||
|
|
|
@ -1,12 +1,14 @@
|
|||
class nova::keystone::auth(
|
||||
$auth_name = 'nova',
|
||||
$password = 'nova_password',
|
||||
$service = 'compute',
|
||||
$address = '127.0.0.1',
|
||||
$compute_port = '8774',
|
||||
$volume_port = '8776',
|
||||
$ec2_port = '8773',
|
||||
$version = 'v1.1'
|
||||
$auth_name = 'nova',
|
||||
$password = 'nova_password',
|
||||
$public_address = '127.0.0.1',
|
||||
$admin_address = '127.0.0.1',
|
||||
$internal_address = '127.0.0.1',
|
||||
$compute_port = '8774',
|
||||
$volume_port = '8776',
|
||||
$ec2_port = '8773',
|
||||
$version = 'v1.1',
|
||||
$region = 'RegionOne'
|
||||
) {
|
||||
|
||||
keystone_user { $auth_name:
|
||||
|
@ -16,19 +18,18 @@ class nova::keystone::auth(
|
|||
keystone_user_role { "${auth_name}@services":
|
||||
ensure => present,
|
||||
roles => 'admin',
|
||||
require => Keystone_user[$auth_name]
|
||||
}
|
||||
keystone_service { $auth_name:
|
||||
ensure => present,
|
||||
ensure => present,
|
||||
type => 'compute',
|
||||
description => "Openstack Compute Service",
|
||||
}
|
||||
keystone_endpoint { $auth_name:
|
||||
ensure => present,
|
||||
region => 'RegionOne',
|
||||
public_url => "http://${address}:${compute_port}/${version}/%(tenant_id)s",
|
||||
admin_url => "http://${address}:${compute_port}/${version}/%(tenant_id)s",
|
||||
internal_url => "http://${address}:${compute_port}/${version}/%(tenant_id)s",
|
||||
region => $region,
|
||||
public_url => "http://${public_address}:${compute_port}/${version}/%(tenant_id)s",
|
||||
admin_url => "http://${admin_address}:${compute_port}/${version}/%(tenant_id)s",
|
||||
internal_url => "http://${internal_address}:${compute_port}/${version}/%(tenant_id)s",
|
||||
}
|
||||
|
||||
keystone_service { "${auth_name}_volume":
|
||||
|
@ -38,23 +39,23 @@ class nova::keystone::auth(
|
|||
}
|
||||
keystone_endpoint { "${auth_name}_volume":
|
||||
ensure => present,
|
||||
region => 'RegionOne',
|
||||
public_url => "http://${address}:${volume_port}/${version}/%(tenant_id)s",
|
||||
admin_url => "http://${address}:${volume_port}/${version}/%(tenant_id)s",
|
||||
internal_url => "http://${address}:${volume_port}/${version}/%(tenant_id)s",
|
||||
region => $region,
|
||||
public_url => "http://${public_address}:${volume_port}/${version}/%(tenant_id)s",
|
||||
admin_url => "http://${admin_address}:${volume_port}/${version}/%(tenant_id)s",
|
||||
internal_url => "http://${internal_address}:${volume_port}/${version}/%(tenant_id)s",
|
||||
}
|
||||
|
||||
keystone_service { "${auth_name}_ec2":
|
||||
ensure => present,
|
||||
type => 'ec2',
|
||||
description => 'EC2 service',
|
||||
description => 'EC2 Service',
|
||||
}
|
||||
keystone_endpoint { "${auth_name}_ec2":
|
||||
ensure => present,
|
||||
region => 'RegionOne',
|
||||
public_url => "http://${address}:${ec2_port}/services/Cloud",
|
||||
admin_url => "http://${address}:${ec2_port}/services/Admin",
|
||||
internal_url => "http://${address}:${ec2_port}/services/Cloud",
|
||||
region => $region,
|
||||
public_url => "http://${public_address}:${ec2_port}/services/Cloud",
|
||||
admin_url => "http://${admin_address}:${ec2_port}/services/Admin",
|
||||
internal_url => "http://${internal_address}:${ec2_port}/services/Cloud",
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -36,7 +36,6 @@ describe 'nova::api' do
|
|||
)}
|
||||
end
|
||||
describe 'with defaults' do
|
||||
it { should contain_nova_config('use_deprecated_auth').with_value('false') }
|
||||
it 'should use default params for api-paste.init' do
|
||||
verify_contents(subject, '/etc/nova/api-paste.ini',
|
||||
[
|
||||
|
@ -65,7 +64,6 @@ describe 'nova::api' do
|
|||
:admin_password => 'passw0rd2'
|
||||
}
|
||||
end
|
||||
it { should contain_nova_config('use_deprecated_auth').with_value('true') }
|
||||
it 'should use default params for api-paste.init' do
|
||||
verify_contents(subject, '/etc/nova/api-paste.ini',
|
||||
[
|
||||
|
|
|
@ -77,6 +77,7 @@ describe 'nova' do
|
|||
it { should contain_nova_config('flat_network_bridge').with_value('br100') }
|
||||
|
||||
it { should contain_nova_config('root_helper').with_value('sudo nova-rootwrap') }
|
||||
it { should contain_nova_config('use_deprecated_auth').with_value('false') }
|
||||
|
||||
describe 'with parameters supplied' do
|
||||
|
||||
|
@ -95,10 +96,12 @@ describe 'nova' do
|
|||
'lock_path' => '/var/locky/path',
|
||||
'state_path' => '/var/lib/nova2',
|
||||
'service_down_time' => '120',
|
||||
'network_manager' => 'nova.network.manager.FlatDHCPManager'
|
||||
'network_manager' => 'nova.network.manager.FlatDHCPManager',
|
||||
'auth_strategy' => 'foo'
|
||||
}
|
||||
end
|
||||
|
||||
it { should contain_nova_config('use_deprecated_auth').with_value('true') }
|
||||
it { should contain_nova_config('sql_connection').with_value('mysql://user:pass@db/db') }
|
||||
|
||||
it { should contain_nova_config('verbose').with_value(true) }
|
||||
|
|
|
@ -0,0 +1,152 @@
|
|||
require 'spec_helper'
|
||||
|
||||
describe 'nova::keystone::auth' do
|
||||
|
||||
describe 'with defaults' do
|
||||
|
||||
it { should contain_keystone_user('nova').with(
|
||||
:ensure => 'present',
|
||||
:password => 'nova_password'
|
||||
) }
|
||||
|
||||
it { should contain_keystone_user_role('nova@services').with(
|
||||
:ensure => 'present',
|
||||
:roles => 'admin'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_service('nova').with(
|
||||
:ensure => 'present',
|
||||
:type => 'compute',
|
||||
:description => 'Openstack Compute Service'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_service('nova_volume').with(
|
||||
:ensure => 'present',
|
||||
:type => 'volume',
|
||||
:description => 'Volume Service'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_service('nova_ec2').with(
|
||||
:ensure => 'present',
|
||||
:type => 'ec2',
|
||||
:description => 'EC2 Service'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_endpoint('nova').with(
|
||||
:ensure => 'present',
|
||||
:region => 'RegionOne',
|
||||
:public_url => 'http://127.0.0.1:8774/v1.1/%(tenant_id)s',
|
||||
:admin_url => 'http://127.0.0.1:8774/v1.1/%(tenant_id)s',
|
||||
:internal_url => 'http://127.0.0.1:8774/v1.1/%(tenant_id)s'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_endpoint('nova_volume').with(
|
||||
:ensure => 'present',
|
||||
:region => 'RegionOne',
|
||||
:public_url => 'http://127.0.0.1:8776/v1.1/%(tenant_id)s',
|
||||
:admin_url => 'http://127.0.0.1:8776/v1.1/%(tenant_id)s',
|
||||
:internal_url => 'http://127.0.0.1:8776/v1.1/%(tenant_id)s'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_endpoint('nova_ec2').with(
|
||||
:ensure => 'present',
|
||||
:region => 'RegionOne',
|
||||
:public_url => 'http://127.0.0.1:8773/services/Cloud',
|
||||
:admin_url => 'http://127.0.0.1:8773/services/Admin',
|
||||
:internal_url => 'http://127.0.0.1:8773/services/Cloud'
|
||||
)}
|
||||
|
||||
end
|
||||
|
||||
describe 'when setting auth name' do
|
||||
|
||||
let :params do
|
||||
{:auth_name => 'foo' }
|
||||
end
|
||||
|
||||
it { should contain_keystone_user('foo').with(
|
||||
:ensure => 'present',
|
||||
:password => 'nova_password'
|
||||
) }
|
||||
|
||||
it { should contain_keystone_user_role('foo@services').with(
|
||||
:ensure => 'present',
|
||||
:roles => 'admin'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_service('foo').with(
|
||||
:ensure => 'present',
|
||||
:type => 'compute',
|
||||
:description => 'Openstack Compute Service'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_service('foo_volume').with(
|
||||
:ensure => 'present',
|
||||
:type => 'volume',
|
||||
:description => 'Volume Service'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_service('foo_ec2').with(
|
||||
:ensure => 'present',
|
||||
:type => 'ec2',
|
||||
:description => 'EC2 Service'
|
||||
)}
|
||||
|
||||
end
|
||||
|
||||
describe 'when setting password' do
|
||||
|
||||
let :params do
|
||||
{ :password => 'pass'}
|
||||
end
|
||||
|
||||
it { should contain_keystone_user('nova').with(
|
||||
:ensure => 'present',
|
||||
:password => 'pass'
|
||||
) }
|
||||
|
||||
end
|
||||
|
||||
|
||||
describe 'when overriding endpoint params' do
|
||||
|
||||
let :params do
|
||||
{
|
||||
:public_address => '10.0.0.1',
|
||||
:admin_address => '10.0.0.2',
|
||||
:internal_address => '10.0.0.3',
|
||||
:compute_port => '9774',
|
||||
:volume_port => '9776',
|
||||
:ec2_port => '9773',
|
||||
:version => 'v2.1',
|
||||
:region => 'RegionTwo'
|
||||
}
|
||||
end
|
||||
|
||||
it { should contain_keystone_endpoint('nova').with(
|
||||
:ensure => 'present',
|
||||
:region => 'RegionTwo',
|
||||
:public_url => 'http://10.0.0.1:9774/v2.1/%(tenant_id)s',
|
||||
:admin_url => 'http://10.0.0.2:9774/v2.1/%(tenant_id)s',
|
||||
:internal_url => 'http://10.0.0.3:9774/v2.1/%(tenant_id)s'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_endpoint('nova_volume').with(
|
||||
:ensure => 'present',
|
||||
:region => 'RegionTwo',
|
||||
:public_url => 'http://10.0.0.1:9776/v2.1/%(tenant_id)s',
|
||||
:admin_url => 'http://10.0.0.2:9776/v2.1/%(tenant_id)s',
|
||||
:internal_url => 'http://10.0.0.3:9776/v2.1/%(tenant_id)s'
|
||||
)}
|
||||
|
||||
it { should contain_keystone_endpoint('nova_ec2').with(
|
||||
:ensure => 'present',
|
||||
:region => 'RegionTwo',
|
||||
:public_url => 'http://10.0.0.1:9773/services/Cloud',
|
||||
:admin_url => 'http://10.0.0.2:9773/services/Admin',
|
||||
:internal_url => 'http://10.0.0.3:9773/services/Cloud'
|
||||
)}
|
||||
|
||||
end
|
||||
|
||||
end
|
Loading…
Reference in New Issue