Module for Common Puppet OpenStack Dependencies
Go to file
Takashi Kajinami 830038ff57 Victoria-only: Remove TripleO job
... because TripleO project has decided to EOL Victoria[1].

[1] https://review.opendev.org/c/openstack/releases/+/845148

Change-Id: Id661514db042aad356dfe1e417ba25bae4e10df9
2022-06-22 02:44:19 +00:00
doc Switch to newer openstackdocstheme and reno versions 2020-06-02 14:57:37 +02:00
examples Convert all class usage to relative names 2019-12-08 23:17:31 +01:00
facts.d Making immutable config setting when using <_IMMUTABLE_>. 2018-06-29 22:13:55 +02:00
lib Prevent --password from leaking in failed command output 2021-10-01 18:41:53 +00:00
manifests Make regex matching policy key stricter 2022-04-11 16:13:55 +00:00
releasenotes Add the aliases param to pass through to apache 2020-09-18 10:08:27 +10:00
spec Make regex matching policy key stricter 2022-04-11 16:13:55 +00:00
templates Added policy-rc.d class. 2016-04-22 10:41:36 -04:00
.gitignore Dissuade .gitignore references to personal tools 2018-10-08 11:39:24 +08:00
.gitreview Update .gitreview for stable/victoria 2020-10-08 14:44:39 +00:00
.zuul.yaml Victoria-only: Remove TripleO job 2022-06-22 02:44:19 +00:00
bindep.txt modulesync: sync and add nodepool-bionic for beaker 2018-07-18 16:19:17 +02:00
CHANGELOG.md Release 8.0.0 2016-03-23 16:07:47 -04:00
Gemfile Use openstack_spec_helper from zuul checkout 2020-08-30 23:01:54 +02:00
LICENSE Update LICENSE 2018-04-06 20:14:54 +08:00
metadata.json Prepare the final stable/victoria release 2022-04-18 09:25:53 +09:00
Rakefile Use puppet-openstack_spec_helper for Rakefile & spec_helper_acceptance 2016-01-18 09:11:30 -05:00
README.md Add Puppet Litmus 2020-09-14 23:40:34 +02:00
setup.cfg Change openstack-dev to openstack-discuss 2018-12-06 08:53:47 +00:00
setup.py Add basic structure for ReNo 2016-03-14 08:34:17 -04:00
tox.ini Update TOX_CONSTRAINTS_FILE for stable/victoria 2020-10-08 14:44:41 +00:00

Team and repository tags

Team and repository tags

openstacklib

Table of Contents

  1. Overview - What is the openstacklib module?
  2. Module Description - What does the module do?
  3. Setup - The basics of getting started with openstacklib
  4. Usage - The usage of the openstacklib module
  5. Implementation - An under-the-hood peek at what the module is doing
  6. Limitations - OS compatibility, etc.
  7. Development - Guide for contributing to the module
  8. Contributors - Those with commits
  9. Release Notes - Release notes for the project
  10. Repository - The project source code repository
  11. Versioning - Notes on the version numbering scheme

Overview

The openstacklib module is a part of OpenStack, an effort by the Openstack infrastructure team to provide continuous integration testing and code review for Openstack and Openstack community projects not part of the core software. The module itself is used to expose common functionality between Openstack modules as a library that can be utilized to avoid code duplication.

Module Description

The openstacklib module is a library module for other Openstack modules to utilize. A thorough description will be added later.

This module is tested in combination with other modules needed to build and leverage an entire Openstack software stack.

Setup

Installing openstacklib

puppet module install openstack/openstacklib

Usage

Classes and Defined Types

Defined type: openstacklib::db::mysql

The db::mysql resource is a library resource that can be used by nova, cinder, ceilometer, etc., to create a mysql database with configurable privileges for a user connecting from defined hosts.

Typically this resource will be declared with a notify parameter to configure the sync command to execute when the database resource is changed.

For example, in heat::db::mysql you might declare:

::openstacklib::db::mysql { 'heat':
    password_hash => mysql::password($password),
    dbname        => $dbname,
    user          => $user,
    host          => $host,
    charset       => $charset,
    collate       => $collate,
    allowed_hosts => $allowed_hosts,
    notify        => Exec['heat-dbsync'],
  }

Some modules should ensure that the database is created before the service is set up. For example, in keystone::db::mysql you would have:

::openstacklib::db::mysql { 'keystone':
    password_hash => mysql::password($password),
    dbname        => $dbname,
    user          => $user,
    host          => $host,
    charset       => $charset,
    collate       => $collate,
    allowed_hosts => $allowed_hosts,
    notify        => Exec['keystone-manage db_sync'],
    before        => Service['keystone'],
  }

** Parameters for openstacklib::db::mysql: **

#####password_hash Password hash to use for the database user for this service; string; required

#####dbname The name of the database string; optional; default to the $title of the resource, i.e. 'nova'

#####user The database user to create; string; optional; default to the $title of the resource, i.e. 'nova'

#####host The IP address or hostname of the user in mysql_grant; string; optional; default to '127.0.0.1'

#####charset The charset to use for the database; string; optional; default to 'utf8'

#####collate The collate to use for the database; string; optional; default to 'utf8_general_ci'

#####allowed_hosts Additional hosts that are allowed to access this database; array or string; optional; default to undef

#####privileges Privileges given to the database user; string or array of strings; optional; default to 'ALL'

Defined type: openstacklib::db::postgresql

The db::postgresql resource is a library resource that can be used by nova, cinder, ceilometer, etc., to create a postgresql database and a user with configurable privileges.

Typically this resource will be declared with a notify parameter to configure the sync command to execute when the database resource is changed.

For example, in heat::db::postgresql you might declare:

::openstacklib::db::postgresql { $dbname:
  password_hash => postgresql_password($user, $password),
  dbname        => $dbname,
  user          => $user,
  notify        => Exec['heat-dbsync'],
}

Some modules should ensure that the database is created before the service is set up. For example, in keystone::db::postgresql you would have:

::openstacklib::db::postgresql { $dbname:
  password_hash => postgresql_password($user, $password),
  dbname        => $dbname,
  user          => $user,
  notify        => Exec['keystone-manage db_sync'],
  before        => Service['keystone'],
}

** Parameters for openstacklib::db::postgresql: **

#####password_hash Password hash to use for the database user for this service; string; required

#####dbname The name of the database string; optional; default to the $title of the resource, i.e. 'nova'

#####user The database user to create; string; optional; default to the $title of the resource, i.e. 'nova'

#####encoding The encoding use for the database; string; optional; default to undef

#####privileges Privileges given to the database user; string or array of strings; optional; default to 'ALL'

Defined type: openstacklib::service_validation

The service_validation resource is a library resource that can be used by nova, cinder, ceilometer, etc., to validate that a resource is actually up and running.

For example, in nova::api you might declare:

::openstacklib::service_validation { 'nova-api':
    command => 'nova list',
  }

This defined resource creates an exec-anchor pair where the anchor depends upon the successful exec run.

** Parameters for openstacklib::service_validation: **

#####command Command to run for validating the service; string; required

#####service_name The name of the service to validate; string; optional; default to the $title of the resource, i.e. 'nova-api'

#####path The path of the command to validate the service; string; optional; default to '/usr/bin:/bin:/usr/sbin:/sbin'

#####provider The provider to use for the exec command; string; optional; default to 'shell'

#####tries Number of times to retry validation; string; optional; default to '10'

#####try_sleep Number of seconds between validation attempts; string; optional; default to '2'

Defined provider for openstack_config: ini_setting

It provides an interface to any INI configuration file as they are used in Openstack modules.

You use it like this:

Puppet::Type.type(:<module>_config).provide(
  :openstackconfig,
  :parent => Puppet::Type.type(:openstack_config).provider(:ini_setting)
) do

It has the standard features of the upstream puppetlabs' inifile module as it's a direct children of it. Furthermore it can transform a value with some function of you're choice, enabling you to get value that get filled at run-time like an uuid.

For an example of how that's working you can have a look at this review

Defined provider for openstack_config: ruby

This one has the same basic features as the ini_setting one but the ability to transformation the value. It offers another feature, though. It can parse array. What it enables one to do is to parse this correctly:

[DEFAULT]
conf1 = value1
conf1 = value2

On the opposite side if you put that:

module_config { 'DEFAULT/conf1' : value => ['value1', 'value2'] }

in your manifest, it will properly be written as the example above.

To use this provider you use this:

Puppet::Type.type(:<module>_config).provide(
  :openstackconfig,
  :parent => Puppet::Type.type(:openstack_config).provider(:ruby)
) do

and define you type with :array_matching => :all. An example of such provider is nova_config. Have a look for inspiration.

Implementation

openstacklib

openstacklib is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers.

Limitations

The python-migrate system package for RHEL 6 and below is out of date and may fail to correctly migrate postgresql databases. While this module does not handle database migrations, it is common to set up refresh relationships between openstacklib::db::postgresql resource and the database sync exec resource. Relying on this behavior may cause errors.

Development

Developer documentation for the entire puppet-openstack project.

Contributors

Release Notes

Repository

Versioning

This module has been given version 5 to track the puppet-openstack modules. The versioning for the puppet-openstack modules are as follows:

Puppet Module :: OpenStack Version :: OpenStack Codename
2.0.0         -> 2013.1.0          -> Grizzly
3.0.0         -> 2013.2.0          -> Havana
4.0.0         -> 2014.1.0          -> Icehouse
5.0.0         -> 2014.2.0          -> Juno
6.0.0         -> 2015.1.0          -> Kilo
7.0.0         -> 2015.2.0          -> Liberty