From 4df2ccaea596963cfffbc9838ade5bc0d1b0e41c Mon Sep 17 00:00:00 2001
From: Emilien Macchi <emilien@redhat.com>
Date: Wed, 3 May 2017 16:12:22 -0400
Subject: [PATCH] Revert "Stop deploying Nova API in WSGI with Apache"

This reverts commit 067e1a32a93b1aaad94746defe091ebc63b6ff66.

Depends-On: I012ce89554640a39cda5104e62a0f135ec5e92e1
Change-Id: I382b19fa3ea3289b31dad4b50ff29ac1519265a3
---
 manifests/neutron.pp   | 19 +++----------------
 manifests/nova.pp      | 20 ++++++++++----------
 manifests/provision.pp |  7 +++----
 3 files changed, 16 insertions(+), 30 deletions(-)

diff --git a/manifests/neutron.pp b/manifests/neutron.pp
index 2be050286..f732dfc78 100644
--- a/manifests/neutron.pp
+++ b/manifests/neutron.pp
@@ -152,23 +152,10 @@ class openstack_integration::neutron (
     mechanism_drivers    => $driver,
     firewall_driver      => $firewall_driver,
   }
-  if $::openstack_integration::config::ssl {
-    $metadata_protocol    = 'https'
-    $nova_client_cert     = $::openstack_integration::params::cert_path
-    $nova_client_priv_key = "/etc/neutron/ssl/private/${::fqdn}.pem"
-  } else {
-    $metadata_protocol    = $::os_service_default
-    $nova_client_cert     = $::os_service_default
-    $nova_client_priv_key = $::os_service_default
-  }
   class { '::neutron::agents::metadata':
-    debug                => true,
-    shared_secret        => 'a_big_secret',
-    metadata_workers     => 2,
-    metadata_protocol    => $metadata_protocol,
-    metadata_insecure    => true,
-    nova_client_cert     => $nova_client_cert,
-    nova_client_priv_key => $nova_client_priv_key,
+    debug            => true,
+    shared_secret    => 'a_big_secret',
+    metadata_workers => 2,
   }
   class { '::neutron::agents::lbaas':
     interface_driver => $driver,
diff --git a/manifests/nova.pp b/manifests/nova.pp
index 553f3f7ab..e10f2313b 100644
--- a/manifests/nova.pp
+++ b/manifests/nova.pp
@@ -30,13 +30,9 @@ class openstack_integration::nova (
 
   if $::openstack_integration::config::ssl {
     openstack_integration::ssl_key { 'nova':
-      notify  => [
-        Service['nova-api'],
-        Service['httpd'],
-      ],
+      notify  => Service['httpd'],
       require => Package['nova-common'],
     }
-    Exec['update-ca-certificates'] ~> Service['nova-api']
     Exec['update-ca-certificates'] ~> Service['httpd']
   }
 
@@ -115,18 +111,22 @@ class openstack_integration::nova (
     debug                         => true,
     notification_driver           => 'messagingv2',
     notify_on_state_change        => 'vm_and_task_state',
-    use_ssl                       => $::openstack_integration::config::ssl,
-    key_file                      => "/etc/nova/ssl/private/${::fqdn}.pem",
-    cert_file                     => $::openstack_integration::params::cert_path,
   }
   class { '::nova::api':
     api_bind_address                     => $::openstack_integration::config::host,
     neutron_metadata_proxy_shared_secret => 'a_big_secret',
     metadata_workers                     => 2,
-    osapi_compute_workers                => 2,
     default_floating_pool                => 'public',
     sync_db_api                          => true,
-
+    service_name                         => 'httpd',
+  }
+  include ::apache
+  class { '::nova::wsgi::apache_api':
+    bind_host => $::openstack_integration::config::ip_for_url,
+    ssl_key   => "/etc/nova/ssl/private/${::fqdn}.pem",
+    ssl_cert  => $::openstack_integration::params::cert_path,
+    ssl       => $::openstack_integration::config::ssl,
+    workers   => '2',
   }
   class { '::nova::wsgi::apache_placement':
     bind_host => $::openstack_integration::config::ip_for_url,
diff --git a/manifests/provision.pp b/manifests/provision.pp
index 4229459c2..5e025f22b 100644
--- a/manifests/provision.pp
+++ b/manifests/provision.pp
@@ -28,6 +28,7 @@ class openstack_integration::provision {
   }
   Keystone_user_role <||>-> Nova_flavor<||>
   Keystone_endpoint <||>-> Nova_flavor<||>
+  Keystone_user_role['admin@openstack'] -> Nova_flavor<||>
 
   neutron_network { 'public':
     tenant_name               => 'openstack',
@@ -35,8 +36,7 @@ class openstack_integration::provision {
     provider_physical_network => 'external',
     provider_network_type     => 'flat',
   }
-  Keystone_user_role <||>-> Neutron_network<||>
-  Keystone_endpoint <||>-> Neutron_network<||>
+  Keystone_user_role['admin@openstack'] -> Neutron_network<||>
 
   neutron_subnet { 'public-subnet':
     cidr             => '172.24.5.0/24',
@@ -62,6 +62,5 @@ class openstack_integration::provision {
     is_public        => 'yes',
     source           => '/tmp/openstack/image/cirros-0.3.4-x86_64-disk.img'
   }
-  Keystone_user_role <||>-> Glance_image<||>
-  Keystone_endpoint <||>-> Glance_image<||>
+  Keystone_user_role['admin@openstack'] -> Glance_image<||>
 }