openstack
/
puppet-nova
Code Issues Proposed changes
puppet-nova/manifests/api.pp

143 lines
4.4 KiB
Puppet
Raw Blame History

#
# installs and configures nova api service
#
# * admin_password
# * enabled
# * ensure_package
# * auth_strategy
# * auth_host
# * auth_port
# * auth_protocol
# * auth_admin_prefix: path part of the auth url. Optional.
# This allow admin auth URIs like http://auth_host:35357/keystone/admin.
# (where '/keystone' is the admin prefix)
# Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
# * admin_tenant_name
# * admin_user
# * enabled_apis
# * use_forwarded_for:
# Treat X-Forwarded-For as the canonical remote address. Only
# enable this if you have a sanitizing proxy. (boolean value)
# (Optional). Defaults to false.
# * neutron_metadata_proxy_shared_secret
#
class nova::api(
$admin_password,
$enabled = false,
$ensure_package = 'present',
$auth_strategy = 'keystone',
$auth_host = '127.0.0.1',
$auth_port = 35357,
$auth_protocol = 'http',
$auth_admin_prefix = false,
$admin_tenant_name = 'services',
$admin_user = 'nova',
$api_bind_address = '0.0.0.0',
$metadata_listen = '0.0.0.0',
$enabled_apis = 'ec2,osapi_compute,metadata',
$volume_api_class = 'nova.volume.cinder.API',
$use_forwarded_for = false,
$workers = $::processorcount,
$sync_db = true,
$neutron_metadata_proxy_shared_secret = undef
) {
include nova::params
require keystone::python
Package<| title == 'nova-api' |> -> Nova_paste_api_ini<| |>
Package<| title == 'nova-common' |> -> Class['nova::api']
Nova_paste_api_ini<| |> ~> Exec['post-nova_config']
Nova_paste_api_ini<| |> ~> Service['nova-api']
class { 'cinder::client':
notify => Service[$::nova::params::api_service_name],
}
nova::generic_service { 'api':
enabled => $enabled,
ensure_package => $ensure_package,
package_name => $::nova::params::api_package_name,
service_name => $::nova::params::api_service_name,
}
nova_config {
'DEFAULT/api_paste_config': value => '/etc/nova/api-paste.ini';
'DEFAULT/enabled_apis': value => $enabled_apis;
'DEFAULT/volume_api_class': value => $volume_api_class;
'DEFAULT/ec2_listen': value => $api_bind_address;
'DEFAULT/osapi_compute_listen': value => $api_bind_address;
'DEFAULT/metadata_listen': value => $metadata_listen;
'DEFAULT/osapi_volume_listen': value => $api_bind_address;
'DEFAULT/osapi_compute_workers': value => $workers;
'DEFAULT/use_forwarded_for': value => $use_forwarded_for;
}
if ($neutron_metadata_proxy_shared_secret){
nova_config {
'DEFAULT/service_neutron_metadata_proxy': value => true;
'DEFAULT/neutron_metadata_proxy_shared_secret':
value => $neutron_metadata_proxy_shared_secret;
}
} else {
nova_config {
'DEFAULT/service_neutron_metadata_proxy': value => false;
'DEFAULT/neutron_metadata_proxy_shared_secret': ensure => absent;
}
}
nova_paste_api_ini {
'filter:authtoken/auth_host': value => $auth_host;
'filter:authtoken/auth_port': value => $auth_port;
'filter:authtoken/auth_protocol': value => $auth_protocol;
'filter:authtoken/admin_tenant_name': value => $admin_tenant_name;
'filter:authtoken/admin_user': value => $admin_user;
'filter:authtoken/admin_password': value => $admin_password, secret => true;
}
if $auth_admin_prefix {
validate_re($auth_admin_prefix, '^(/.+[^/])?$')
nova_paste_api_ini {
'filter:authtoken/auth_admin_prefix': value => $auth_admin_prefix;
}
} else {
nova_paste_api_ini {
'filter:authtoken/auth_admin_prefix': ensure => absent;
}
}
if 'occiapi' in $enabled_apis {
if !defined(Package['python-pip']) {
package { 'python-pip':
ensure => latest,
}
}
if !defined(Package['pyssf']) {
package { 'pyssf':
ensure => latest,
provider => pip,
require => Package['python-pip']
}
}
package { 'openstackocci':
ensure => latest,
provider => 'pip',
require => Package['python-pip'],
}
}
# Added arg and if statement prevents this from being run
# where db is not active i.e. the compute
if $sync_db {
Package<| title == 'nova-api' |> -> Exec['nova-db-sync']
exec { 'nova-db-sync':
command => '/usr/bin/nova-manage db sync',
refreshonly => true,
subscribe => Exec['post-nova_config'],
}
}
}
View Git Blame Copy Permalink