openstack/puppet-neutron
Code Issues Proposed changes
f51323de8e
puppet-neutron/manifests/keystone/auth.pp
Emilien Macchi c1f019f8e1 Support Neutron API in WSGI with Apache 
Allow to deploy Neutron API in WSGI with Apache.

Note: the feature is not tested yet in our functional testing jobs
because it doesn't work in devstack yet. This code will maybe need
some change but that's fine, it's for Pike cycle, nothing needs to be
backported, so we can easily iterate later.

Also remove dependencies in keystone auth manifest where keystone
resources had to be created before we start neutron-server. This is not
possible anymore since neutron-server is run in httpd.

Change-Id: I27bdd8d011097c5fd49277578404b4facafaca25
2017-05-23 16:26:56 -04:00

108 lines
3.1 KiB
Puppet
Raw Blame History

# == Class: neutron::keystone::auth
#
# Configures Neutron user, service and endpoint in Keystone.
#
# === Parameters
#
# [*password*]
# (required) Password for Neutron user.
#
# [*auth_name*]
# Username for Neutron service. Defaults to 'neutron'.
#
# [*email*]
# Email for Neutron user. Defaults to 'neutron@localhost'.
#
# [*tenant*]
# Tenant for Neutron user. Defaults to 'services'.
#
# [*configure_endpoint*]
# Should Neutron endpoint be configured? Defaults to 'true'.
#
# [*configure_user*]
# Should the Neutron service user be configured? Defaults to 'true'.
#
# [*configure_user_role*]
# Should the admin role be configured for the service user?
# Defaults to 'true'.
#
# [*service_name*]
# Name of the service. Defaults 'neutron'.
#
# [*service_type*]
# Type of service. Defaults to 'network'.
#
# [*service_description*]
# Description for keystone service.
# (optional) Defaults to 'Neutron Networking Service'.
#
# [*region*]
# Region for endpoint. Defaults to 'RegionOne'.
#
# [*public_url*]
# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:9696')
# This url should *not* contain any trailing '/'.
#
# [*admin_url*]
# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:9696')
# This url should *not* contain any trailing '/'.
#
# [*internal_url*]
# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:9696')
# This url should *not* contain any trailing '/'.
#
# === Examples
#
# class { 'neutron::keystone::auth':
# public_url => 'https://10.0.0.10:9696',
# internal_url => 'https://10.0.0.11:9696',
# admin_url => 'https://10.0.0.11:9696',
# }
#
#
class neutron::keystone::auth (
$password,
$auth_name = 'neutron',
$email = 'neutron@localhost',
$tenant = 'services',
$configure_endpoint = true,
$configure_user = true,
$configure_user_role = true,
$service_name = 'neutron',
$service_type = 'network',
$service_description = 'Neutron Networking Service',
$region = 'RegionOne',
$public_url = 'http://127.0.0.1:9696',
$admin_url = 'http://127.0.0.1:9696',
$internal_url = 'http://127.0.0.1:9696',
) {
include ::neutron::deps
if $configure_endpoint {
Keystone_endpoint["${region}/${service_name}::${service_type}"] ~> Service <| tag == 'neutron-server-eventlet' |>
}
if $configure_user_role {
Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| tag == 'neutron-server-eventlet' |>
}
keystone::resource::service_identity { 'neutron':
configure_user => $configure_user,
configure_user_role => $configure_user_role,
configure_endpoint => $configure_endpoint,
service_type => $service_type,
service_description => $service_description,
service_name => $service_name,
auth_name => $auth_name,
region => $region,
password => $password,
email => $email,
tenant => $tenant,
public_url => $public_url,
admin_url => $admin_url,
internal_url => $internal_url,
}
}
View Git Blame Copy Permalink