x/packstack
Code Issues Proposed changes

Added random passwords for components.

Browse Source 
Change-Id: I5a6e0dd51bfa858f1543799cf7295ec5b3c2d1ef
Fixes: rhbz#887299
This commit is contained in:
Martin Magr
2013-01-21 10:49:18 +01:00
parent 8bced500cb
commit acefd6adee
16 changed files with 119 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
packstack/plugins/cinder_250.py
View File

@@ -2,6 +2,7 @@
Installs and configures Cinder
"""
import uuid
import logging
import packstack.installer.engine_validators as validate
@@ -40,6 +41,30 @@ def initConfig(controllerObject):
"USE_DEFAULT" : False,
"NEED_CONFIRM" : False,
"CONDITION" : False },
{"CMD_OPTION" : "cinder-db-passwd",
"USAGE" : "The password to use for the Cinder to access DB",
"PROMPT" : "Enter the password for the Cinder DB access",
"OPTION_LIST" : [],
"VALIDATION_FUNC" : validate.validateStringNotEmpty,
"DEFAULT_VALUE" : uuid.uuid4().hex[:16],
"MASK_INPUT" : True,
"LOOSE_VALIDATION": False,
"CONF_NAME" : "CONFIG_CINDER_DB_PW",
"USE_DEFAULT" : True,
"NEED_CONFIRM" : True,
"CONDITION" : False },
{"CMD_OPTION" : "cinder-ks-passwd",
"USAGE" : "The password to use for the Cinder to authenticate with Keystone",
"PROMPT" : "Enter the password for the Cinder Keystone access",
"OPTION_LIST" : [],
"VALIDATION_FUNC" : validate.validateStringNotEmpty,
"DEFAULT_VALUE" : uuid.uuid4().hex[:16],
"MASK_INPUT" : True,
"LOOSE_VALIDATION": False,
"CONF_NAME" : "CONFIG_CINDER_KS_PW",
"USE_DEFAULT" : True,
"NEED_CONFIRM" : True,
"CONDITION" : False },
]
groupDict = { "GROUP_NAME" : "CINDER",

25
packstack/plugins/glance_200.py
View File

@@ -2,6 +2,7 @@
Installs and configures Glance
"""
import uuid
import logging
import packstack.installer.engine_validators as validate
@@ -40,6 +41,30 @@ def initConfig(controllerObject):
"USE_DEFAULT" : False,
"NEED_CONFIRM" : False,
"CONDITION" : False },
{"CMD_OPTION" : "glance-db-passwd",
"USAGE" : "The password to use for the Glance to access DB",
"PROMPT" : "Enter the password for the Glance DB access",
"OPTION_LIST" : [],
"VALIDATION_FUNC" : validate.validateStringNotEmpty,
"DEFAULT_VALUE" : uuid.uuid4().hex[:16],
"MASK_INPUT" : True,
"LOOSE_VALIDATION": False,
"CONF_NAME" : "CONFIG_GLANCE_DB_PW",
"USE_DEFAULT" : True,
"NEED_CONFIRM" : True,
"CONDITION" : False },
{"CMD_OPTION" : "glance-ks-passwd",
"USAGE" : "The password to use for the Glance to authenticate with Keystone",
"PROMPT" : "Enter the password for the Glance Keystone access",
"OPTION_LIST" : [],
"VALIDATION_FUNC" : validate.validateStringNotEmpty,
"DEFAULT_VALUE" : uuid.uuid4().hex[:16],
"MASK_INPUT" : True,
"LOOSE_VALIDATION": False,
"CONF_NAME" : "CONFIG_GLANCE_KS_PW",
"USE_DEFAULT" : True,
"NEED_CONFIRM" : True,
"CONDITION" : False },
]
groupDict = { "GROUP_NAME" : "GLANCE",

12
packstack/plugins/keystone_100.py
View File

@@ -42,6 +42,18 @@ def initConfig(controllerObject):
"USE_DEFAULT" : False,
"NEED_CONFIRM" : False,
"CONDITION" : False },
{"CMD_OPTION" : "keystone-db-passwd",
"USAGE" : "The password to use for the Keystone to access DB",
"PROMPT" : "Enter the password for the Keystone DB access",
"OPTION_LIST" : [],
"VALIDATION_FUNC" : validate.validateStringNotEmpty,
"DEFAULT_VALUE" : uuid.uuid4().hex[:16],
"MASK_INPUT" : True,
"LOOSE_VALIDATION": False,
"CONF_NAME" : "CONFIG_KEYSTONE_DB_PW",
"USE_DEFAULT" : True,
"NEED_CONFIRM" : True,
"CONDITION" : False },
{"CMD_OPTION" : "keystone-admin-token",
"USAGE" : "The token to use for the Keystone service api",
"PROMPT" : "The token to use for the Keystone service api",

28
packstack/plugins/nova_300.py
View File

@@ -2,8 +2,9 @@
Installs and configures nova
"""
import logging
import os
import uuid
import logging
import packstack.installer.engine_validators as validate
import packstack.installer.engine_processors as process
@@ -107,6 +108,30 @@ def initConfig(controllerObject):
"USE_DEFAULT" : False,
"NEED_CONFIRM" : False,
"CONDITION" : False },
{"CMD_OPTION" : "nova-db-passwd",
"USAGE" : "The password to use for the Nova to access DB",
"PROMPT" : "Enter the password for the Nova DB access",
"OPTION_LIST" : [],
"VALIDATION_FUNC" : validate.validateStringNotEmpty,
"DEFAULT_VALUE" : uuid.uuid4().hex[:16],
"MASK_INPUT" : True,
"LOOSE_VALIDATION": False,
"CONF_NAME" : "CONFIG_NOVA_DB_PW",
"USE_DEFAULT" : True,
"NEED_CONFIRM" : True,
"CONDITION" : False },
{"CMD_OPTION" : "nova-ks-passwd",
"USAGE" : "The password to use for the Nova to authenticate with Keystone",
"PROMPT" : "Enter the password for the Nova Keystone access",
"OPTION_LIST" : [],
"VALIDATION_FUNC" : validate.validateStringNotEmpty,
"DEFAULT_VALUE" : uuid.uuid4().hex[:16],
"MASK_INPUT" : True,
"LOOSE_VALIDATION": False,
"CONF_NAME" : "CONFIG_NOVA_KS_PW",
"USE_DEFAULT" : True,
"NEED_CONFIRM" : True,
"CONDITION" : False },
{"CMD_OPTION" : "novanetwork-pubif",
"USAGE" : "Public interface on the Nova network server",
"PROMPT" : "Enter the Public interface on the Nova network server",
@@ -253,4 +278,3 @@ def createcommonmanifest():
if manifestfile.endswith("_nova.pp"):
data = getManifestTemplate("nova_common.pp")
appendManifestFile(os.path.split(manifestfile)[1], data)

13
packstack/plugins/swift_600.py
View File

@@ -2,6 +2,7 @@
Installs and configures an openstack swift
"""
import uuid
import logging
import os
@@ -38,6 +39,18 @@ def initConfig(controllerObject):
"USE_DEFAULT" : False,
"NEED_CONFIRM" : False,
"CONDITION" : False },
{"CMD_OPTION" : "os-swift-ks-passwd",
"USAGE" : "The password to use for the Swift to authenticate with Keystone",
"PROMPT" : "Enter the password for the Swift Keystone access",
"OPTION_LIST" : [],
"VALIDATION_FUNC" : validate.validateStringNotEmpty,
"DEFAULT_VALUE" : uuid.uuid4().hex[:16],
"MASK_INPUT" : True,
"LOOSE_VALIDATION": False,
"CONF_NAME" : "CONFIG_SWIFT_KS_PW",
"USE_DEFAULT" : True,
"NEED_CONFIRM" : True,
"CONDITION" : False },
{"CMD_OPTION" : "os-swift-storage",
"USAGE" : "A comma separated list of IP addresses on which to install the Swift Storage services, each entry should take the format <ipaddress>[/dev], for example 127.0.0.1/vdb will install /dev/vdb on 127.0.0.1 as a swift storage device, if /dev is omitted Packstack will create a loopback device for a test setup",
"PROMPT" : "Enter the Swift Storage servers e.g. host/dev,host/dev",

5
packstack/puppet/templates/cinder.pp
View File

@@ -1,7 +1,7 @@
class {'cinder::base':
rabbit_password => '',
sql_connection => "mysql://cinder:cinder_default_password@%(CONFIG_MYSQL_HOST)s/cinder"
sql_connection => "mysql://cinder:%(CONFIG_CINDER_DB_PW)s@%(CONFIG_MYSQL_HOST)s/cinder"
}
cinder_config{
@@ -13,7 +13,7 @@ package {'python-keystone':
notify => Class['cinder::api'],
}
class {'cinder::api':
keystone_password => 'cinder_default_password',
keystone_password => '%(CONFIG_CINDER_KS_PW)s',
keystone_tenant => "services",
keystone_user => "cinder",
keystone_auth_host => "%(CONFIG_KEYSTONE_HOST)s",
@@ -34,4 +34,3 @@ firewall { '001 cinder incoming':
dport => ['3260', '8776'],
action => 'accept',
}

9
packstack/puppet/templates/glance.pp
View File

@@ -4,8 +4,8 @@ class {"glance::api":
auth_host => "%(CONFIG_KEYSTONE_HOST)s",
keystone_tenant => "services",
keystone_user => "glance",
keystone_password => "glance_default_password",
sql_connection => "mysql://glance:glance_default_password@%(CONFIG_MYSQL_HOST)s/glance"
keystone_password => "%(CONFIG_GLANCE_KS_PW)s",
sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MYSQL_HOST)s/glance"
}
class { 'glance::backend::file': }
@@ -14,8 +14,8 @@ class {"glance::registry":
auth_host => "%(CONFIG_KEYSTONE_HOST)s",
keystone_tenant => "services",
keystone_user => "glance",
keystone_password => "glance_default_password",
sql_connection => "mysql://glance:glance_default_password@%(CONFIG_MYSQL_HOST)s/glance"
keystone_password => "%(CONFIG_GLANCE_KS_PW)s",
sql_connection => "mysql://glance:%(CONFIG_GLANCE_DB_PW)s@%(CONFIG_MYSQL_HOST)s/glance"
}
firewall { '001 glance incoming':
@@ -23,4 +23,3 @@ firewall { '001 glance incoming':
dport => ['9292'],
action => 'accept',
}

3
packstack/puppet/templates/keystone.pp
View File

@@ -1,6 +1,6 @@
class {"keystone":
admin_token => "%(CONFIG_KEYSTONE_ADMINTOKEN)s",
sql_connection => "mysql://keystone_admin:keystone_default_password@%(CONFIG_MYSQL_HOST)s/keystone",
sql_connection => "mysql://keystone_admin:%(CONFIG_KEYSTONE_DB_PW)s@%(CONFIG_MYSQL_HOST)s/keystone",
}
class {"keystone::roles::admin":
@@ -20,4 +20,3 @@ firewall { '001 keystone incoming':
dport => ['5000', '35357'],
action => 'accept',
}

3
packstack/puppet/templates/keystone_cinder.pp
View File

@@ -1,8 +1,7 @@
class {"cinder::keystone::auth":
password => "cinder_default_password",
password => "%(CONFIG_CINDER_KS_PW)s",
public_address => "%(CONFIG_CINDER_HOST)s",
admin_address => "%(CONFIG_CINDER_HOST)s",
internal_address => "%(CONFIG_CINDER_HOST)s",
}

3
packstack/puppet/templates/keystone_glance.pp
View File

@@ -1,8 +1,7 @@
class {"glance::keystone::auth":
password => "glance_default_password",
password => "%(CONFIG_GLANCE_KS_PW)s",
public_address => "%(CONFIG_GLANCE_HOST)s",
admin_address => "%(CONFIG_GLANCE_HOST)s",
internal_address => "%(CONFIG_GLANCE_HOST)s",
}

3
packstack/puppet/templates/keystone_nova.pp
View File

@@ -1,9 +1,8 @@
class {"nova::keystone::auth":
password => "nova_default_password",
password => "%(CONFIG_NOVA_KS_PW)s",
public_address => "%(CONFIG_NOVA_API_HOST)s",
admin_address => "%(CONFIG_NOVA_API_HOST)s",
internal_address => "%(CONFIG_NOVA_API_HOST)s",
cinder => true,
}

2
packstack/puppet/templates/keystone_swift.pp
View File

@@ -1,4 +1,4 @@
class { 'swift::keystone::auth':
address => '%(CONFIG_SWIFT_PROXY)s',
password => 'swift_default_password',
password => '%(CONFIG_SWIFT_KS_PW)s',
}

8
packstack/puppet/templates/mysql.pp
View File

@@ -22,22 +22,22 @@ if ($::fqdn != $::hostname) {
}
class {"keystone::db::mysql":
password => "keystone_default_password",
password => "%(CONFIG_KEYSTONE_DB_PW)s",
allowed_hosts => "%%",
}
class {"glance::db::mysql":
password => "glance_default_password",
password => "%(CONFIG_GLANCE_DB_PW)s",
allowed_hosts => "%%",
}
class {"nova::db::mysql":
password => "nova_default_password",
password => "%(CONFIG_NOVA_DB_PW)s",
allowed_hosts => "%%",
}
class {"cinder::db::mysql":
password => "cinder_default_password",
password => "%(CONFIG_CINDER_DB_PW)s",
allowed_hosts => "%%",
}

2
packstack/puppet/templates/nova_api.pp
View File

@@ -3,7 +3,7 @@ require 'keystone::python'
class {"nova::api":
enabled => true,
auth_host => "%(CONFIG_KEYSTONE_HOST)s",
admin_password => "nova_default_password",
admin_password => "%(CONFIG_NOVA_KS_PW)s",
}
Package<| title == 'nova-common' |> -> Class['nova::api']

2
packstack/puppet/templates/nova_common.pp
View File

@@ -6,5 +6,5 @@ nova_config{
class {"nova":
glance_api_servers => "%(CONFIG_GLANCE_HOST)s:9292",
sql_connection => "mysql://nova:nova_default_password@%(CONFIG_MYSQL_HOST)s/nova",
sql_connection => "mysql://nova:%(CONFIG_NOVA_DB_PW)s@%(CONFIG_MYSQL_HOST)s/nova",
}

2
packstack/puppet/templates/swift_proxy.pp
View File

@@ -49,7 +49,7 @@ class { 'swift::proxy::keystone':
class { 'swift::proxy::authtoken':
admin_user => 'swift',
admin_tenant_name => 'services',
admin_password => 'swift_default_password',
admin_password => '%(CONFIG_SWIFT_KS_PW)s',
# assume that the controller host is the swift api server
auth_host => '%(CONFIG_KEYSTONE_HOST)s',
}