openstack/puppet-nova
Code Issues Proposed changes

Merge "Update ironic auth settings"

Browse Source
This commit is contained in:
Jenkins
2016-12-23 18:14:46 +00:00
committed by Gerrit Code Review
parent afa003cf80 87fb09cc69
commit 972b6209d5
5 changed files with 167 additions and 165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
manifests/compute/ironic.pp
View File

@@ -4,84 +4,21 @@
# #
# === Parameters: # === Parameters:
# #
# [*admin_username*]
# The admin username for Ironic to connect to Nova.
# Defaults to 'admin'
#
# [*admin_password*]
# The admin password for Ironic to connect to Nova.
# Defaults to 'ironic'
#
# [*admin_url*]
# The address of the Keystone api endpoint.
# Defaults to 'http://127.0.0.1:35357/v2.0'
#
# [*admin_tenant_name*]
# The Ironic Keystone tenant name.
# Defaults to 'services'
#
# [*api_endpoint*]
# The url for Ironic api endpoint.
# Defaults to 'http://127.0.0.1:6385/v1'
#
# [*compute_driver*] # [*compute_driver*]
# (optional) Compute driver. # (optional) Compute driver.
# Defaults to 'ironic.IronicDriver' # Defaults to 'ironic.IronicDriver'
# #
# [*admin_user*]
# (optional) DEPRECATED: Use admin_username instead.
#
# [*admin_passwd*]
# (optional) DEPRECATED: Use admin_password instead.
#
# [*max_concurrent_builds*] # [*max_concurrent_builds*]
# (optional) Maximum number of instance builds to run concurrently # (optional) Maximum number of instance builds to run concurrently
# Defaults to $::os_service_default. # Defaults to $::os_service_default.
# #
class nova::compute::ironic ( class nova::compute::ironic (
$max_concurrent_builds = $::os_service_default, $max_concurrent_builds = $::os_service_default,
# DEPRECATED PARAMETERS
$admin_username = undef,
$admin_password = undef,
$admin_url = undef,
$admin_tenant_name = undef,
$api_endpoint = undef,
$admin_user = undef,
$admin_passwd = undef,
$compute_driver = 'ironic.IronicDriver' $compute_driver = 'ironic.IronicDriver'
) { ) {
include ::nova::deps include ::nova::deps
require ::nova::ironic::common
if $admin_user {
warning('The admin_user parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_passwd {
warning('The admin_passwd parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_username {
warning('The admin_username parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_password {
warning('The admin_password parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_url {
warning('The admin_url parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $admin_tenant_name {
warning('The admin_tenant_name parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
if $api_endpoint {
warning('The api_endpoint parameter in class nova::compute::ironic is deprecated, use class nova::ironic::common instead.')
}
include ::nova::ironic::common
nova_config { nova_config {
'DEFAULT/compute_driver': value => $compute_driver; 'DEFAULT/compute_driver': value => $compute_driver;

103
manifests/ironic/common.pp
View File

@@ -1,5 +1,31 @@
# == Class: nova::ironic::common # == Class: nova::ironic::common
# #
# [*api_endpoint*]
# The url for Ironic api endpoint.
# Defaults to 'http://127.0.0.1:6385/v1'
#
# [*auth_plugin*]
# The authentication plugin to use when connecting to nova.
# Defaults to 'password'
#
# [*auth_url*]
# The address of the Keystone api endpoint.
# Defaults to 'http://127.0.0.1:35357/'
#
# [*project_name*]
# The Ironic Keystone project name.
# Defaults to 'services'
#
# [*password*]
# The admin password for Ironic to connect to Nova.
# Defaults to 'ironic'
#
# [*username*]
# The admin username for Ironic to connect to Nova.
# Defaults to 'admin'
#
# === DEPRECATED
#
# [*admin_username*] # [*admin_username*]
# The admin username for Ironic to connect to Nova. # The admin username for Ironic to connect to Nova.
# Defaults to 'admin' # Defaults to 'admin'
@@ -16,43 +42,60 @@
# The Ironic Keystone tenant name. # The Ironic Keystone tenant name.
# Defaults to 'services' # Defaults to 'services'
# #
# [*api_endpoint*]
# The url for Ironic api endpoint.
# Defaults to 'http://127.0.0.1:6385/v1'
#
class nova::ironic::common ( class nova::ironic::common (
$admin_username = 'admin',
$admin_password = 'ironic',
$admin_tenant_name = 'services',
$admin_url = 'http://127.0.0.1:35357/v2.0',
$api_endpoint = 'http://127.0.0.1:6385/v1', $api_endpoint = 'http://127.0.0.1:6385/v1',
$auth_plugin = 'password',
$auth_url = 'http://127.0.0.1:35357/',
$password = 'ironic',
$project_name = 'services',
$username = 'admin',
# DEPRECATED
$admin_username = undef,
$admin_password = undef,
$admin_tenant_name = undef,
$admin_url = undef,
) { ) {
include ::nova::deps include ::nova::deps
$admin_username_real = pick( if ($admin_username) {
$::nova::compute::ironic::admin_user, warning('nova::ironic::common::admin_username is deprecated. Please use username')
$::nova::compute::ironic::admin_username, }
$admin_username)
$admin_password_real = pick( if ($admin_password) {
$::nova::compute::ironic::admin_passwd, warning('nova::ironic::common::admin_password is deprecated. Please use password')
$::nova::compute::ironic::admin_password, }
$admin_password)
$admin_tenant_name_real = pick( if ($admin_tenant_name) {
$::nova::compute::ironic::admin_tenant_name, warning('nova::ironic::common::admin_tenant_name is deprecated. Please use project_name')
$admin_tenant_name) }
$admin_url_real = pick(
$::nova::compute::ironic::admin_url, if ($admin_url) {
$admin_url) warning('nova::ironic::common::admin_url is deprecated. Please use auth_url')
$api_endpoint_real = pick( }
$::nova::compute::ironic::api_endpoint,
$api_endpoint)
$username_real = pick($admin_username, $username)
$password_real = pick($admin_password, $password)
$auth_url_real = pick($admin_url, $auth_url)
$project_name_real = pick($admin_tenant_name, $project_name)
nova_config { nova_config {
'ironic/admin_username': value => $admin_username_real; 'ironic/auth_plugin': value => $auth_plugin;
'ironic/admin_password': value => $admin_password_real; 'ironic/username': value => $username_real;
'ironic/admin_url': value => $admin_url_real; 'ironic/password': value => $password_real;
'ironic/admin_tenant_name': value => $admin_tenant_name_real; 'ironic/auth_url': value => $auth_url_real;
'ironic/api_endpoint': value => $api_endpoint_real; 'ironic/project_name': value => $project_name_real;
'ironic/api_endpoint': value => $api_endpoint;
}
# TODO(aschultz): these are deprecated, remove in P
nova_config {
'ironic/admin_username': value => $username_real;
'ironic/admin_password': value => $password_real;
'ironic/admin_url': value => $auth_url_real;
'ironic/admin_tenant_name': value => $project_name_real;
} }
} }

10
releasenotes/notes/nova-ironic-common-updates-c855c6e82281de9d.yaml Normal file
View File

@@ -0,0 +1,10 @@
---
deprecation:
- nova::ironic::common::admin_username, nova::ironic::common::admin_password,
nova::ironic::common::admin_url, nova::ironic::common::admin_tenant_name
have been deprecated in favor of nova::ironic::common::username,
nova::ironic::common::password, nova::ironic::common::auth_url,
nova::ironic::common::project_name.
upgrade:
- Deprecated options from nova::compute::ironic have been removed. Please
use the options available via nova::ironic::common.

61
spec/classes/nova_compute_ironic_spec.rb
View File

@@ -4,54 +4,33 @@ describe 'nova::compute::ironic' do
shared_examples_for 'nova-compute-ironic' do shared_examples_for 'nova-compute-ironic' do
context 'with default parameters' do context 'with default parameters' do
it 'configures ironic in nova.conf' do it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/compute_driver').with_value('ironic.IronicDriver') is_expected.to contain_nova_config('DEFAULT/compute_driver').with_value('ironic.IronicDriver')
is_expected.to contain_nova_config('DEFAULT/max_concurrent_builds').with_value('<SERVICE DEFAULT>') is_expected.to contain_nova_config('DEFAULT/max_concurrent_builds').with_value('<SERVICE DEFAULT>')
end end
end
context 'with overridden parameters' do
let :params do
{
:compute_driver => 'ironic.FoobarDriver',
:max_concurrent_builds => 15,
}
end end
it 'configures ironic in nova.conf' do context 'with overridden parameters' do
is_expected.to contain_nova_config('DEFAULT/compute_driver').with_value('ironic.FoobarDriver') let :params do
is_expected.to contain_nova_config('DEFAULT/max_concurrent_builds').with_value(15) {
end :compute_driver => 'ironic.FoobarDriver',
end :max_concurrent_builds => 15,
}
end
context 'with deprecated parameters' do it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('DEFAULT/compute_driver').with_value('ironic.FoobarDriver')
let :params do is_expected.to contain_nova_config('DEFAULT/max_concurrent_builds').with_value(15)
{ end
:admin_user => 'ironic-user',
:admin_passwd => 'ironic-s3cr3t',
:admin_url => 'http://10.0.0.10:35357/v2.0',
:admin_tenant_name => 'services2',
:api_endpoint => 'http://10.0.0.10:6385/v1',
}
end end
it 'configures ironic in nova.conf' do context 'always' do
is_expected.to contain_nova_config('ironic/admin_username').with_value('ironic-user') it 'contains the ironic common class' do
is_expected.to contain_nova_config('ironic/admin_password').with_value('ironic-s3cr3t') is_expected.to contain_class('nova::ironic::common')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://10.0.0.10:35357/v2.0') end
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services2')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://10.0.0.10:6385/v1')
end end
end end
end
context 'always' do
it 'contains the ironic common class' do
is_expected.to contain_class('nova::ironic::common')
end
end
on_supported_os({ on_supported_os({
:supported_os => OSDefaults.get_supported_os :supported_os => OSDefaults.get_supported_os

93
spec/classes/nova_ironic_common_spec.rb
View File

@@ -4,35 +4,72 @@ describe 'nova::ironic::common' do
shared_examples_for 'nova-ironic-common' do shared_examples_for 'nova-ironic-common' do
context 'with default parameters' do context 'with default parameters' do
it 'configures ironic in nova.conf' do it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/admin_username').with_value('admin') is_expected.to contain_nova_config('ironic/auth_plugin').with_value('password')
is_expected.to contain_nova_config('ironic/admin_password').with_value('ironic') is_expected.to contain_nova_config('ironic/username').with_value('admin')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://127.0.0.1:35357/v2.0') is_expected.to contain_nova_config('ironic/password').with_value('ironic')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services') is_expected.to contain_nova_config('ironic/auth_url').with_value('http://127.0.0.1:35357/')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://127.0.0.1:6385/v1') is_expected.to contain_nova_config('ironic/project_name').with_value('services')
end is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://127.0.0.1:6385/v1')
end
context 'with overridden parameters' do is_expected.to contain_nova_config('ironic/admin_username').with_value('admin')
let :params do is_expected.to contain_nova_config('ironic/admin_password').with_value('ironic')
{ is_expected.to contain_nova_config('ironic/admin_url').with_value('http://127.0.0.1:35357/')
:admin_username => 'ironic', is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services')
:admin_password => 's3cr3t', end
:admin_url => 'http://10.0.0.10:35357/v2.0',
:admin_tenant_name => 'services2',
:api_endpoint => 'http://10.0.0.10:6385/v1',
}
end end
it 'configures ironic in nova.conf' do context 'with parameters' do
is_expected.to contain_nova_config('ironic/admin_username').with_value('ironic') let :params do
is_expected.to contain_nova_config('ironic/admin_password').with_value('s3cr3t') {
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://10.0.0.10:35357/v2.0') :username => 'ironic',
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services2') :password => 's3cr3t',
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://10.0.0.10:6385/v1') :auth_url => 'http://10.0.0.10:35357/',
:project_name => 'services2',
:api_endpoint => 'http://10.0.0.10:6385/v1',
}
end
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/auth_plugin').with_value('password')
is_expected.to contain_nova_config('ironic/username').with_value('ironic')
is_expected.to contain_nova_config('ironic/password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/auth_url').with_value('http://10.0.0.10:35357/')
is_expected.to contain_nova_config('ironic/project_name').with_value('services2')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://10.0.0.10:6385/v1')
is_expected.to contain_nova_config('ironic/admin_username').with_value('ironic')
is_expected.to contain_nova_config('ironic/admin_password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://10.0.0.10:35357/')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services2')
end
end
context 'with deprecated parameters' do
let :params do
{
:admin_username => 'ironic',
:admin_password => 's3cr3t',
:admin_url => 'http://10.0.0.10:35357/v2.0',
:admin_tenant_name => 'services2',
:api_endpoint => 'http://10.0.0.10:6385/v1',
}
end
it 'configures ironic in nova.conf' do
is_expected.to contain_nova_config('ironic/username').with_value('ironic')
is_expected.to contain_nova_config('ironic/password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/auth_url').with_value('http://10.0.0.10:35357/v2.0')
is_expected.to contain_nova_config('ironic/project_name').with_value('services2')
is_expected.to contain_nova_config('ironic/api_endpoint').with_value('http://10.0.0.10:6385/v1')
is_expected.to contain_nova_config('ironic/admin_username').with_value('ironic')
is_expected.to contain_nova_config('ironic/admin_password').with_value('s3cr3t')
is_expected.to contain_nova_config('ironic/admin_url').with_value('http://10.0.0.10:35357/v2.0')
is_expected.to contain_nova_config('ironic/admin_tenant_name').with_value('services2')
end
end end
end
end end
on_supported_os({ on_supported_os({
@@ -40,11 +77,7 @@ describe 'nova::ironic::common' do
}).each do |os,facts| }).each do |os,facts|
context "on #{os}" do context "on #{os}" do
let (:facts) do let (:facts) do
facts.merge!(OSDefaults.get_facts({ facts.merge!(OSDefaults.get_facts)
:fqdn => 'some.host.tld',
:processorcount => 2,
:concat_basedir => '/var/lib/puppet/concat'
}))
end end
it_configures 'nova-ironic-common' it_configures 'nova-ironic-common'
end end