x/packstack
Code Issues Proposed changes

Revert "Configures Heat to use Trusts by default"

Browse Source 
- This is managed by the puppet-heat module itself,
  (https://review.openstack.org/126940).

This reverts commit 581a79ed85.

Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>

Conflicts:
	packstack/plugins/heat_750.py
	packstack/puppet/templates/heat_trusts.pp
	packstack/puppet/templates/provision_demo.pp
	packstack/puppet/templates/provision_tempest.pp

Change-Id: I61b06f6f2d7de9cbf32061437abef9c5d7860531
This commit is contained in:
Gael Chamoulaud
2014-11-10 14:37:30 +01:00
parent 1aa85fcb2d
commit d114ca8931
8 changed files with 8 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/packstack.rst
View File

@@ -434,9 +434,6 @@ Heat Config Parameters
**CONFIG_HEAT_KS_PW** **CONFIG_HEAT_KS_PW**
The password to use for the Heat to authenticate with Keystone. The password to use for the Heat to authenticate with Keystone.
**CONFIG_HEAT_USING_TRUSTS**
Set to 'y' if you would like Packstack to install heat with trusts as deferred auth method. If not, the stored password method will be used.
**CONFIG_HEAT_CLOUDWATCH_INSTALL** **CONFIG_HEAT_CLOUDWATCH_INSTALL**
Set to 'y' if you would like Packstack to install Heat CloudWatch API. Set to 'y' if you would like Packstack to install Heat CloudWatch API.

21
packstack/plugins/heat_750.py
View File

@@ -86,21 +86,6 @@ def initConfig(controller):
"NEED_CONFIRM": False, "NEED_CONFIRM": False,
"CONDITION": False}, "CONDITION": False},
{"CMD_OPTION": "os-heat-using-trusts",
"USAGE": ("Set to 'y' if you would like Packstack to install Heat "
"with trusts as deferred auth method. "
"If not, the stored password method will be used."),
"PROMPT": "Should Packstack configure Heat to use trusts",
"OPTION_LIST": ["y", "n"],
"VALIDATORS": [validators.validate_options],
"DEFAULT_VALUE": "y",
"MASK_INPUT": False,
"LOOSE_VALIDATION": False,
"CONF_NAME": "CONFIG_HEAT_USING_TRUSTS",
"USE_DEFAULT": False,
"NEED_CONFIRM": False,
"CONDITION": False},
{"CMD_OPTION": "os-heat-cfn-install", {"CMD_OPTION": "os-heat-cfn-install",
"USAGE": ("Set to 'y' if you would like Packstack to install Heat " "USAGE": ("Set to 'y' if you would like Packstack to install Heat "
"CloudFormation API"), "CloudFormation API"),
@@ -192,8 +177,6 @@ def create_manifest(config, messages):
manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_heat.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate(get_mq(config, "heat")) manifestdata = getManifestTemplate(get_mq(config, "heat"))
manifestdata += getManifestTemplate("heat.pp") manifestdata += getManifestTemplate("heat.pp")
if config.get('CONFIG_HEAT_USING_TRUSTS', 'n') == 'y':
manifestdata += getManifestTemplate("heat_trusts.pp")
fw_details = dict() fw_details = dict()
key = "heat" key = "heat"
@@ -212,10 +195,6 @@ def create_manifest(config, messages):
def create_keystone_manifest(config, messages): def create_keystone_manifest(config, messages):
manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST'] manifestfile = "%s_keystone.pp" % config['CONFIG_CONTROLLER_HOST']
manifestdata = getManifestTemplate("keystone_heat.pp") manifestdata = getManifestTemplate("keystone_heat.pp")
if config.get('CONFIG_HEAT_USING_TRUSTS', 'n') == 'y':
manifestdata += getManifestTemplate("keystone_heat_trusts.pp")
appendManifestFile(manifestfile, manifestdata) appendManifestFile(manifestfile, manifestdata)

7
packstack/plugins/provision_700.py
View File

@@ -270,11 +270,6 @@ def marshall_conf_bool(conf, key):
conf[key] = False conf[key] = False
def using_heat(config):
if config['CONFIG_HEAT_INSTALL'] != "y":
config['CONFIG_HEAT_USING_TRUSTS'] = "n"
def using_neutron(config): def using_neutron(config):
# Using the neutron or nova api servers as the provisioning target # Using the neutron or nova api servers as the provisioning target
# will suffice for the all-in-one case. # will suffice for the all-in-one case.
@@ -295,7 +290,6 @@ def using_neutron(config):
def create_demo_manifest(config, messages): def create_demo_manifest(config, messages):
using_neutron(config) using_neutron(config)
using_heat(config)
manifest_file = '%s_provision_demo.pp' % config['CONFIG_CONTROLLER_HOST'] manifest_file = '%s_provision_demo.pp' % config['CONFIG_CONTROLLER_HOST']
manifest_data = getManifestTemplate("provision_demo.pp") manifest_data = getManifestTemplate("provision_demo.pp")
appendManifestFile(manifest_file, manifest_data) appendManifestFile(manifest_file, manifest_data)
@@ -316,7 +310,6 @@ def create_storage_manifest(config, messages):
def create_tempest_manifest(config, messages): def create_tempest_manifest(config, messages):
using_neutron(config) using_neutron(config)
using_heat(config)
manifest_file = '%s_provision_tempest.pp' % \ manifest_file = '%s_provision_tempest.pp' % \
config['CONFIG_CONTROLLER_HOST'] config['CONFIG_CONTROLLER_HOST']
manifest_data = getManifestTemplate("provision_tempest.pp") manifest_data = getManifestTemplate("provision_tempest.pp")

6
packstack/puppet/templates/heat.pp
View File

@@ -10,6 +10,12 @@ class { 'heat::engine':
auth_encryption_key => hiera('CONFIG_HEAT_AUTH_ENC_KEY'), auth_encryption_key => hiera('CONFIG_HEAT_AUTH_ENC_KEY'),
} }
keystone_user_role { 'admin@admin':
ensure => present,
roles => ['admin', '_member_', 'heat_stack_owner'],
require => Class['heat::engine'],
}
class { 'heat::keystone::domain': class { 'heat::keystone::domain':
auth_url => "http://${heat_cfg_ctrl_host}:35357/v2.0", auth_url => "http://${heat_cfg_ctrl_host}:35357/v2.0",
keystone_admin => 'admin', keystone_admin => 'admin',

11
packstack/puppet/templates/heat_trusts.pp
View File

@@ -1,11 +0,0 @@
heat_config {
'DEFAULT/deferred_auth_method' : value => 'trusts';
'DEFAULT/trusts_delegated_roles' : value => 'heat_stack_owner';
}
keystone_user_role { 'admin@admin':
ensure => present,
roles => ['admin', '_member_', 'heat_stack_owner'],
}

4
packstack/puppet/templates/keystone_heat_trusts.pp
View File

@@ -1,4 +0,0 @@
keystone_role { 'heat_stack_owner':
ensure => present,
}

5
packstack/puppet/templates/provision_demo.pp
View File

@@ -8,9 +8,6 @@
$admin_password = hiera('CONFIG_KEYSTONE_ADMIN_PW') $admin_password = hiera('CONFIG_KEYSTONE_ADMIN_PW')
$admin_tenant_name = 'admin' $admin_tenant_name = 'admin'
# Heat Using Trusts
$heat_using_trusts = hiera('CONFIG_HEAT_USING_TRUSTS')
## Neutron ## Neutron
$public_network_name = 'public' $public_network_name = 'public'
$public_subnet_name = 'public_subnet' $public_subnet_name = 'public_subnet'
@@ -37,7 +34,7 @@
password => $password, password => $password,
} }
if $heat_using_trusts == 'y' { if hiera('CONFIG_HEAT_INSTALL') == 'y' {
keystone_user_role { "${username}@${tenant_name}": keystone_user_role { "${username}@${tenant_name}":
ensure => present, ensure => present,
roles => ['_member_', 'heat_stack_owner'], roles => ['_member_', 'heat_stack_owner'],

5
packstack/puppet/templates/provision_tempest.pp
View File

@@ -19,9 +19,6 @@ if $provision_tempest_user != '' {
$admin_password = hiera('CONFIG_KEYSTONE_ADMIN_PW') $admin_password = hiera('CONFIG_KEYSTONE_ADMIN_PW')
$admin_tenant_name = 'admin' $admin_tenant_name = 'admin'
# Heat Using Trusts
$heat_using_trusts = hiera('CONFIG_HEAT_USING_TRUSTS')
## Glance ## Glance
$image_name = 'cirros' $image_name = 'cirros'
$image_source = hiera('CONFIG_PROVISION_TEMPEST_CIRROS_URL') $image_source = hiera('CONFIG_PROVISION_TEMPEST_CIRROS_URL')
@@ -76,7 +73,7 @@ if $provision_tempest_user != '' {
password => $password, password => $password,
} }
if $heat_using_trusts == 'y' { if hiera('CONFIG_HEAT_INSTALL') == 'y' {
keystone_user_role { "${username}@${tenant_name}": keystone_user_role { "${username}@${tenant_name}":
ensure => present, ensure => present,
roles => ['_member_', 'heat_stack_owner'], roles => ['_member_', 'heat_stack_owner'],