run db-sync with OpenStack users

When db-sync is run by OpenStack CLI tools (i.e. nova-manage), it writes in /var/log/ with root user. In the case where we don't use syslog, the service can't start since it will try to write as non-root user in the log file. This patch aims to run the commands with OpenStack users.
2014-04-15 17:28:28 +02:00
parent f709c91d1c
commit c7a4cdccad
12 changed files with 36 additions and 12 deletions
--- a/manifests/compute.pp
+++ b/manifests/compute.pp
@@ -138,7 +138,9 @@ class cloud::compute(
  # We have to do this only on the primary node of the galera cluster to avoid race condition
  # https://github.com/enovance/puppet-openstack-cloud/issues/156
  exec {'nova_db_sync':
-    command => '/usr/bin/nova-manage db sync',
+    command => 'nova-manage db sync',
+    user    => 'nova',
+    path    => '/usr/bin',
    unless  => "/usr/bin/mysql nova -h ${nova_db_host} -u ${encoded_user} -p${encoded_password} -e \"show tables\" | /bin/grep Tables"
  }

--- a/manifests/image.pp
+++ b/manifests/image.pp
@@ -170,7 +170,9 @@ class cloud::image(
  # We have to do this only on the primary node of the galera cluster to avoid race condition
  # https://github.com/enovance/puppet-openstack-cloud/issues/156
  exec {'glance_db_sync':
-    command => '/usr/bin/glance-manage db_sync',
+    command => 'glance-manage db_sync',
+    user    => 'glance',
+    path    => '/usr/bin',
    unless  => "/usr/bin/mysql glance -h ${glance_db_host} -u ${encoded_glance_user} -p${encoded_glance_password} -e \"show tables\" | /bin/grep Tables"
  }

--- a/manifests/network/controller.pp
+++ b/manifests/network/controller.pp
@@ -49,7 +49,9 @@ class cloud::network::controller(
  # It's a hack to fit with our setup where we run MySQL/Galera
  Neutron_config<| |> ->
  exec {'neutron_db_sync':
-    command => '/usr/bin/neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head',
+    command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head',
+    path    => '/usr/bin',
+    user    => 'neutron',
    unless  => "/usr/bin/mysql neutron -h ${neutron_db_host} -u ${encoded_user} -p${encoded_password} -e \"show tables\" | /bin/grep Tables",
    require => 'Neutron_config[DEFAULT/service_plugins]',
    notify  => Service['neutron-server']
--- a/manifests/orchestration.pp
+++ b/manifests/orchestration.pp
@@ -146,7 +146,9 @@ class cloud::orchestration(
  # We have to do this only on the primary node of the galera cluster to avoid race condition
  # https://github.com/enovance/puppet-openstack-cloud/issues/156
  exec {'heat_db_sync':
-    command => '/usr/bin/heat-manage --config-file /etc/heat/heat.conf db_sync',
+    command => 'heat-manage --config-file /etc/heat/heat.conf db_sync',
+    path    => '/usr/bin',
+    user    => 'heat',
    unless  => "/usr/bin/mysql heat -h ${heat_db_host} -u ${encoded_user} -p${encoded_password} -e \"show tables\" | /bin/grep Tables"
  }

--- a/manifests/volume.pp
+++ b/manifests/volume.pp
@@ -111,7 +111,9 @@ class cloud::volume(
  # We have to do this only on the primary node of the galera cluster to avoid race condition
  # https://github.com/enovance/puppet-openstack-cloud/issues/156
  exec {'cinder_db_sync':
-    command => '/usr/bin/cinder-manage db sync',
+    command => 'cinder-manage db sync',
+    path    => '/usr/bin',
+    user    => 'cinder',
    unless  => "/usr/bin/mysql cinder -h ${cinder_db_host} -u ${encoded_user} -p${encoded_password} -e \"show tables\" | /bin/grep Tables"
  }

--- a/spec/classes/cloud_compute_controller_spec.rb
+++ b/spec/classes/cloud_compute_controller_spec.rb
@@ -85,7 +85,9 @@ describe 'cloud::compute::controller' do

    it 'checks if Nova DB is populated' do
      should contain_exec('nova_db_sync').with(
-        :command => '/usr/bin/nova-manage db sync',
+        :command => 'nova-manage db sync',
+        :user    => 'nova',
+        :path    => '/usr/bin',
        :unless  => '/usr/bin/mysql nova -h 10.0.0.1 -u nova -psecrete -e "show tables" | /bin/grep Tables'
      )
    end
--- a/spec/classes/cloud_compute_hypervisor_spec.rb
+++ b/spec/classes/cloud_compute_hypervisor_spec.rb
@@ -188,7 +188,9 @@ describe 'cloud::compute::hypervisor' do

    it 'checks if Nova DB is populated' do
      should contain_exec('nova_db_sync').with(
-        :command => '/usr/bin/nova-manage db sync',
+        :command => 'nova-manage db sync',
+        :path    => '/usr/bin',
+        :user    => 'nova',
        :unless  => '/usr/bin/mysql nova -h 10.0.0.1 -u nova -psecrete -e "show tables" | /bin/grep Tables'
      )
    end
--- a/spec/classes/cloud_image_spec.rb
+++ b/spec/classes/cloud_image_spec.rb
@@ -107,7 +107,9 @@ describe 'cloud::image' do

    it 'checks if Glance DB is populated' do
      should contain_exec('glance_db_sync').with(
-        :command => '/usr/bin/glance-manage db_sync',
+        :command => 'glance-manage db_sync',
+        :user    => 'glance',
+        :path    => '/usr/bin',
        :unless  => '/usr/bin/mysql glance -h 10.0.0.1 -u glance -psecrete -e "show tables" | /bin/grep Tables'
      )
    end
--- a/spec/classes/cloud_network_controller_spec.rb
+++ b/spec/classes/cloud_network_controller_spec.rb
@@ -95,7 +95,9 @@ describe 'cloud::network::controller' do

    it 'checks if Neutron DB is populated' do
      should contain_exec('neutron_db_sync').with(
-        :command => '/usr/bin/neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head',
+        :command => 'neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head',
+        :path    => '/usr/bin',
+        :user    => 'neutron',
        :unless  => '/usr/bin/mysql neutron -h 10.0.0.1 -u neutron -psecrete -e "show tables" | /bin/grep Tables',
        :require => 'Neutron_config[DEFAULT/service_plugins]',
        :notify  => 'Service[neutron-server]'
--- a/spec/classes/cloud_orchestration_api_spec.rb
+++ b/spec/classes/cloud_orchestration_api_spec.rb
@@ -87,7 +87,9 @@ describe 'cloud::orchestration::api' do

    it 'checks if Heat DB is populated' do
      should contain_exec('heat_db_sync').with(
-        :command => '/usr/bin/heat-manage --config-file /etc/heat/heat.conf db_sync',
+        :command => 'heat-manage --config-file /etc/heat/heat.conf db_sync',
+        :user    => 'heat',
+        :path    => '/usr/bin',
        :unless  => '/usr/bin/mysql heat -h 10.0.0.1 -u heat -psecrete -e "show tables" | /bin/grep Tables'
      )
    end
--- a/spec/classes/cloud_volume_controller_spec.rb
+++ b/spec/classes/cloud_volume_controller_spec.rb
@@ -67,7 +67,9 @@ describe 'cloud::volume::controller' do

    it 'checks if Cinder DB is populated' do
      should contain_exec('cinder_db_sync').with(
-        :command => '/usr/bin/cinder-manage db sync',
+        :command => 'cinder-manage db sync',
+        :user    => 'cinder',
+        :path    => '/usr/bin',
        :unless  => '/usr/bin/mysql cinder -h 10.0.0.1 -u cinder -psecrete -e "show tables" | /bin/grep Tables'
      )
    end
--- a/spec/classes/cloud_volume_storage_spec.rb
+++ b/spec/classes/cloud_volume_storage_spec.rb
@@ -83,7 +83,9 @@ describe 'cloud::volume::storage' do

    it 'checks if Cinder DB is populated' do
      should contain_exec('cinder_db_sync').with(
-        :command => '/usr/bin/cinder-manage db sync',
+        :command => 'cinder-manage db sync',
+        :user    => 'cinder',
+        :path    => '/usr/bin',
        :unless  => '/usr/bin/mysql cinder -h 10.0.0.1 -u cinder -psecret -e "show tables" | /bin/grep Tables'
      )
    end