Merge pull request #57 from bodepd/dev

Essex refactor

examples/site.pp

@@ -10,8 +10,6 @@ $rabbit_host     = 'rabbitmq'
 $rabbit_port     = '5672'
 
 $glance_api_servers = 'glance:9292'
-$glance_host        = 'glance'
-$glance_port        = '9292'
 
 $api_server = 'controller'
 
@@ -76,8 +74,6 @@ node controller {
     image_service => 'nova.image.glance.GlanceImageService',
 
     glance_api_servers => $glance_api_servers,
-    glance_host => $glance_host,
-    glance_port => $glance_port,
 
     libvirt_type => 'qemu',
   }
@@ -101,8 +97,6 @@ node compute {
     sql_connection      => "mysql://${db_username}:${db_password}@${db_host}/${db_name}",
     image_service       => 'nova.image.glance.GlanceImageService',
     glance_api_servers  => $glance_api_servers,
-    glance_host         => $glance_host,
-    glance_port         => $glance_port,
     rabbit_host         => $rabbit_host,
     rabbit_port         => $rabbit_port,
     rabbit_userid       => $rabbit_user,
@@ -164,12 +158,21 @@ node all {
   #
   # This manifest installs all of the nova
   # components on one node.
+
   class { 'mysql::server': }
-  if($::operatingsystem == 'Ubuntu') {
-    class { 'rabbitmq::repo::apt':
-      stage => 'nova_ppa',
-    }
+  class { 'keystone::config::mysql':
+    password => 'keystone'
   }
+  class { 'keystone':
+    log_verbose  => true,
+    log_debug    => true,
+    catalog_type => 'sql',
+  }->
+  class { 'keystone::mysql':
+    password => 'keystone',
+  }->
+  class { 'keystone::roles::admin': }
+
   class { 'nova::all':
     db_password => 'password',
     db_name => 'nova',
@@ -183,9 +186,7 @@ node all {
     rabbit_host => 'localhost',
 
     image_service => 'nova.image.glance.GlanceImageService',
-
-    glance_host => 'localhost',
-    glance_port => '9292',
+    glance_api_servers => $glance_api_servers,
 
     libvirt_type => 'qemu',
   }

keystone/auth.pp

@@ -0,0 +1,32 @@
+class nova::keystone::auth(
+  $auth_name = 'nova',
+  $password  = 'nova_password',
+  $service   = 'compute',
+  $address   = '127.0.0.1',
+  $port      = '8774',
+  $version   = 'v1.1'
+) {
+
+  Class['keystone::roles::admin'] -> Class['nova::keystone::auth']
+
+  keystone_user { $auth_name:
+    ensure   => present,
+    password => $password,
+  }
+  keystone_user_role { "${auth_name}@services":
+    roles   => 'admin',
+    require => Keystone_user[$auth_name]
+  }
+  keystone_service { $auth_name:
+    type        => 'image',
+    description => "Openstack Compute Service",
+  }
+  keystone_endpoint { $auth_name:
+    ensure       => present,
+    public_url   => "http://${address}:${port}/${version}/%(tenant_id)s",
+    admin_url    => "http://${address}:${port}/${version}/%(tenant_id)s",
+    internal_url => "http://${address}:${port}/${version}/%(tenant_id)s",
+    require      => Keystone_service[$auth_name],
+  }
+
+}

manifests/all.pp

@@ -24,8 +24,6 @@ class nova::all(
 
   $image_service = 'nova.image.glance.GlanceImageService',
   $glance_api_servers = 'localhost:9292',
-  $glance_host = 'localhost',
-  $glance_port = '9292',
 
   $admin_user = 'novaadmin',
   $project_name = 'nova',
@@ -46,8 +44,6 @@ class nova::all(
     sql_connection      => "mysql://${db_user}:${db_password}@${db_host}/${db_name}",
     image_service       => $image_service,
     glance_api_servers  => $glance_api_servers,
-    glance_host         => $glance_host,
-    glance_port         => $glance_port,
     rabbit_host         => $rabbit_host,
     rabbit_port         => $rabbit_port,
     rabbit_userid       => $rabbit_userid,
@@ -87,6 +83,12 @@ class nova::all(
     host     => $db_host,
   }
 
+  class { 'nova::cert': }
+
+  class { 'nova::volume': }
+
+  class { 'nova::vncproxy': }
+
   nova::manage::admin { $admin_user: }
   nova::manage::project { $project_name:
     owner => $admin_user,
@@ -103,4 +105,5 @@ class nova::all(
 
   class { 'glance::registry': }
 
+
 }

manifests/api.pp

@@ -5,8 +5,8 @@ class nova::api(
   # TODO what exactly is this for?
   # This resource is adding a great deal of comlexity to the overall
   # modules. Removing it would be great
-  exec { "initial-db-sync":
-    command     => "/usr/bin/nova-manage db sync",
+  exec { 'initial-db-sync':
+    command     => '/usr/bin/nova-manage db sync',
     refreshonly => true,
     require     => [Package[$::nova::params::common_package_name], Nova_config['sql_connection']],
   }
@@ -21,8 +21,11 @@ class nova::api(
     service_name => $::nova::params::api_service_name,
   }
 
-  file { "/etc/nova/api-paste.ini":
-    content => template("nova/api-paste.ini.erb"),
-    require => Class[nova]
+  nova_config { 'api_paste_config': value => '/etc/nova/api-paste.ini' }
+
+  file { '/etc/nova/api-paste.ini':
+    content => template('nova/api-paste.ini.erb'),
+    require => Class['nova'],
+    notify  => Service['nova-api'],
   }
 }

manifests/controller.pp

@@ -26,8 +26,6 @@ class nova::controller(
 
   $image_service = 'nova.image.glance.GlanceImageService',
   $glance_api_servers = 'localhost:9292',
-  $glance_host   = undef,
-  $glance_port   = undef,
 
   $admin_user = 'novaadmin',
   $project_name = 'nova',
@@ -43,8 +41,6 @@ class nova::controller(
     sql_connection      => "mysql://${db_user}:${db_password}@${db_host}/${db_name}",
     image_service       => $image_service,
     glance_api_servers  => $glance_api_servers,
-    glance_host         => $glance_host,
-    glance_port         => $glance_port,
     rabbit_host         => $rabbit_host,
     rabbit_port         => $rabbit_port,
     rabbit_userid       => $rabbit_userid,

manifests/init.pp

@@ -7,8 +7,6 @@ class nova(
   # these glance params should be optional
   # this should probably just be configured as a glance client
   $glance_api_servers = 'localhost:9292',
-  $glance_host = 'localhost',
-  $glance_port = '9292',
   $allow_admin_api = false,
   $rabbit_host = 'localhost',
   $rabbit_password='guest',
@@ -141,7 +139,6 @@ class nova(
     # config b/c they have to be set by both compute
     # as well as controller.
     'network_manager': value => $network_manager;
-    'use_deprecated_auth': value => true;
     'root_helper': value => $root_helper;
     'auth_strategy': value => $auth_strategy;
   }
@@ -151,6 +148,12 @@ class nova(
     refreshonly => true,
   }
 
+  if $auth_strategy == 'keystone' {
+    nova_config { 'use_deprecated_auth': value => false }
+  } else {
+    nova_config { 'use_deprecated_auth': value => true }
+  }
+
   if $network_manager == 'nova.network.manager.FlatManager' {
     nova_config {
       'flat_network_bridge': value => $flat_network_bridge
@@ -167,8 +170,6 @@ class nova(
   if $image_service == 'nova.image.glance.GlanceImageService' {
     nova_config {
       'glance_api_servers': value => $glance_api_servers;
-      'glance_host': value => $glance_host;
-      'glance_port': value => $glance_port;
     }
   }
 }

manifests/params.pp

@@ -52,7 +52,7 @@ class nova::params {
       # some of the services need to be started form the special upstart provider
       $special_service_provider = 'upstart'
       # debian specific nova config
-      $root_helper              = 'sudo'
+      $root_helper              = 'sudo nova-rootwrap'
     }
     default: {
       fail("Unsupported osfamily: ${::osfamily} operatingsystem: ${::operatingsystem}, module ${module_name} only support osfamily RedHat and Debian")

manifests/volume.pp

@@ -9,7 +9,7 @@ class nova::volume(
     before => Service['nova-volume'],
   }
 
-  ova::generic_service { 'volume':
+  nova::generic_service { 'volume':
     enabled      => $enabled,
     package_name => $::nova::params::volume_package_name,
     service_name => $::nova::params::volume_service_name,
@@ -19,6 +19,6 @@ class nova::volume(
   service {'tgtd':
     ensure  => $service_ensure,
     enable  => $enabled,
-    require => Package["openstack-nova"],
+    require => Nova::Generic_service['volume'],
   }
 }