Pass parameters to manage endpoints via puppet

This commit passes the necessary hieradata in order to create
the endpoints, users and roles of the services in keystone via
puppet.

Change-Id: I2470dfa4661be7ba8218f6035fffa05f547214f0
This commit is contained in:
Juan Antonio Osorio Robles 2015-11-11 15:32:47 +00:00
parent 3c5521d2bb
commit 995ad9c32b
3 changed files with 103 additions and 0 deletions

View File

@ -908,6 +908,9 @@ resources:
- - 'http://'
- {get_param: HeatApiVirtualIPUri}
- ':8000/v1/waitcondition'
heat_public_url: {get_param: [EndpointMap, HeatPublic, uri]}
heat_internal_url: {get_param: [EndpointMap, HeatInternal, uri]}
heat_admin_url: {get_param: [EndpointMap, HeatAdmin, uri]}
heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
heat_enable_db_purge: {get_param: HeatEnableDBPurge}
horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
@ -937,6 +940,12 @@ resources:
- '@'
- {get_param: MysqlVirtualIPUri}
- '/cinder'
cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
heat_password: {get_param: HeatPassword}
heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
heat_dsn:
@ -1062,6 +1071,9 @@ resources:
ceilometer_password: {get_param: CeilometerPassword}
ceilometer_store_events: {get_param: CeilometerStoreEvents}
aodh_password: {get_param: AodhPassword}
aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
gnocchi_password: {get_param: GnocchiPassword}
gnocchi_backend: {get_param: GnocchiBackend}
@ -1091,6 +1103,11 @@ resources:
- {get_param: MysqlVirtualIPUri}
- '/gnocchi'
gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
nova_enable_db_purge: {get_param: NovaEnableDBPurge}
@ -1116,6 +1133,12 @@ resources:
- '/nova_api'
upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
instance_name_template: {get_param: InstanceNameTemplate}
nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
nova_ec2_public_url: {get_param: [EndpointMap, NovaEC2Public, uri]}
nova_ec2_internal_url: {get_param: [EndpointMap, NovaEC2Internal, uri]}
nova_ec2_admin_url: {get_param: [EndpointMap, NovaEC2Admin, uri]}
fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
rabbit_username: {get_param: RabbitUserName}
@ -1138,9 +1161,18 @@ resources:
swift_replicas: {get_param: SwiftReplicas}
swift_min_part_hours: {get_param: SwiftMinPartHours}
swift_mount_check: {get_param: SwiftMountCheck}
swift_public_url: {get_param: [EndpointMap, SwiftPublic, uri]}
swift_internal_url: {get_param: [EndpointMap, SwiftInternal, uri]}
swift_admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]}
swift_public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]}
swift_internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]}
swift_admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]}
enable_package_install: {get_param: EnablePackageInstall}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
sahara_password: {get_param: SaharaPassword}
sahara_public_url: {get_param: [EndpointMap, SaharaPublic, uri]}
sahara_internal_url: {get_param: [EndpointMap, SaharaInternal, uri]}
sahara_admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]}
sahara_dsn:
list_join:
- ''
@ -1272,6 +1304,14 @@ resources:
tripleo::ringbuilder::replicas: {get_input: swift_replicas}
tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
swift_mount_check: {get_input: swift_mount_check}
swift::keystone::auth::public_url: {get_input: swift_public_url }
swift::keystone::auth::internal_url: {get_input: swift_internal_url }
swift::keystone::auth::admin_url: {get_input: swift_admin_url }
swift::keystone::auth::public_url_s3: {get_input: swift_public_url_v3 }
swift::keystone::auth::internal_url_s3: {get_input: swift_internal_url_v3 }
swift::keystone::auth::admin_url_s3: {get_input: swift_admin_url_v3 }
swift::keystone::auth::password: {get_input: swift_password }
swift::keystone::auth::region: {get_input: keystone_region}
# Cinder
cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
@ -1296,10 +1336,20 @@ resources:
cinder::glance::glance_api_servers: {get_input: glance_api_servers}
cinder_backend_config: {get_input: CinderBackendConfig}
cinder::db::mysql::password: {get_input: cinder_password}
cinder::keystone::auth::public_url: {get_input: cinder_public_url }
cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
cinder::keystone::auth::password: {get_input: cinder_password }
cinder::keystone::auth::region: {get_input: keystone_region}
# Glance
glance::api::bind_host: {get_input: glance_api_network}
glance::registry::bind_host: {get_input: glance_registry_network}
glance::keystone::auth::region: {get_input: keystone_region}
# Heat
heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
@ -1326,6 +1376,12 @@ resources:
heat::db::mysql::password: {get_input: heat_password}
heat_enable_db_purge: {get_input: heat_enable_db_purge}
heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
heat::keystone::auth::public_url: {get_input: heat_public_url }
heat::keystone::auth::internal_url: {get_input: heat_internal_url }
heat::keystone::auth::admin_url: {get_input: heat_admin_url }
heat::keystone::auth::password: {get_input: heat_password }
heat::keystone::auth::region: {get_input: keystone_region}
# Keystone
keystone::admin_bind_host: {get_input: keystone_admin_api_network}
keystone::public_bind_host: {get_input: keystone_public_api_network}
@ -1433,6 +1489,11 @@ resources:
ceilometer::dispatcher::gnocchi::filter_project: 'service'
ceilometer::dispatcher::gnocchi::archive_policy: 'low'
ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
ceilometer::keystone::auth::password: {get_input: ceilometer_password }
ceilometer::keystone::auth::region: {get_input: keystone_region}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
@ -1453,6 +1514,11 @@ resources:
aodh::db::mysql::password: {get_input: aodh_password}
# for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
aodh::keystone::auth::public_url: {get_input: aodh_public_url }
aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
aodh::keystone::auth::password: {get_input: aodh_password }
aodh::keystone::auth::region: {get_input: keystone_region}
# Gnocchi
gnocchi_backend: {get_input: gnocchi_backend}
@ -1469,6 +1535,11 @@ resources:
gnocchi::db::mysql::password: {get_input: gnocchi_password}
gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
gnocchi::keystone::auth::password: {get_input: gnocchi_password }
gnocchi::keystone::auth::region: {get_input: keystone_region}
# Nova
nova::rabbit_userid: {get_input: rabbit_username}
@ -1499,6 +1570,14 @@ resources:
nova::db::mysql::password: {get_input: nova_password}
nova::db::mysql_api::password: {get_input: nova_password}
nova_enable_db_purge: {get_input: nova_enable_db_purge}
nova::keystone::auth::public_url: {get_input: nova_public_url}
nova::keystone::auth::internal_url: {get_input: nova_internal_url}
nova::keystone::auth::admin_url: {get_input: nova_admin_url}
nova::keystone::auth::ec2_public_url: {get_input: nova_ec2_public_url}
nova::keystone::auth::ec2_internal_url: {get_input: nova_ec2_internal_url}
nova::keystone::auth::ec2_admin_url: {get_input: nova_ec2_admin_url}
nova::keystone::auth::password: {get_input: nova_password }
nova::keystone::auth::region: {get_input: keystone_region}
# Horizon
apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
@ -1531,6 +1610,11 @@ resources:
sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
sahara::rabbit_port: {get_input: rabbit_client_port}
sahara::db::mysql::password: {get_input: sahara_password}
sahara::keystone::auth::public_url: {get_input: sahara_public_url }
sahara::keystone::auth::internal_url: {get_input: sahara_internal_url }
sahara::keystone::auth::admin_url: {get_input: sahara_admin_url }
sahara::keystone::auth::password: {get_input: sahara_password }
sahara::keystone::auth::region: {get_input: keystone_region}
# Rabbit
rabbitmq::node_ip_address: {get_input: rabbitmq_network}

View File

@ -57,6 +57,16 @@ ceilometer::api::keystone_tenant: 'service'
gnocchi::api::keystone_tenant: 'service'
heat::keystone_tenant: 'service'
sahara::admin_tenant_name: 'service'
aodh::keystone::auth::tenant: 'service'
ceilometer::keystone::auth::tenant: 'service'
cinder::keystone::auth::tenant: 'service'
glance::keystone::auth::tenant: 'service'
gnocchi::keystone::auth::tenant: 'service'
heat::keystone::auth::tenant: 'service'
neutron::keystone::auth::tenant: 'service'
nova::keystone::auth::tenant: 'service'
sahara::keystone::auth::tenant: 'service'
swift::keystone::auth::tenant: 'service'
# keystone
keystone::cron::token_flush::maxdelay: 3600
@ -86,6 +96,10 @@ swift::proxy::pipeline:
- 'proxy-server'
swift::proxy::account_autocreate: true
swift::keystone::auth::configure_s3_endpoint: false
swift::keystone::auth::operator_roles:
- admin
- swiftoperator
# glance
glance::api::pipeline: 'keystone'
@ -106,6 +120,7 @@ nova::scheduler::filter::ram_allocation_ratio: '1.0'
nova::cron::archive_deleted_rows::hour: '*/12'
nova::cron::archive_deleted_rows::destination: '/dev/null'
nova::notification_driver: messaging
nova::keystone::auth::configure_ec2_endpoint: false
# ceilometer
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'

View File

@ -94,5 +94,9 @@ outputs:
glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort}
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]}
glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]}
glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]}
glance::keystone::auth::password: {get_param: GlancePassword }
step_config: |
include ::tripleo::profile::base::glance::api