Introduce public_url, internal_url and admin_url (and v3/ec2)
Introduce the following new parameters: - public_url - internal_url - admin_url - public_url_v3 - internal_url_v3 - admin_url_v3 - ec2_public_url - ec2_internal_url - ec2_admin_url Deprecate the following parameters: - compute_version: replaced by public/internal/admin_url(_v3) - compute_port: replaced by public/internal/admin_url - public_protocol: replaced by public_url and ec2_public_url - public_address: replaced by public_url - public_protocol: replaced by internal_url and ec2_internal_url - internal_address: replaced by internal_url - admin_protocol: replaced by admin_url and ec2_admin_url - admin_address: replaced by admin_url - ec2_port: replaced by ec2_public/ec2_internal/ec2_admin_url - ec2_public_address: replaced by ec2_public_url - ec2_internal_address: replaced by ec2_internal_url - ec2_admin_address: replaced by ec2_admin_url Add deprecation warnings if any of those values are provided while maintaining full backward compatibility. Co-Authored-by: Richard Raseley <richard@raseley.com> Co-Authored-by: Hunter Haugen <hunter@puppetlabs.com> Change-Id: Ie56bcbee22489817941fa7a023bb4ed649872df5 Closes-bug: #1274979
This commit is contained in:
Mathieu Gagné
@@ -25,29 +25,41 @@
|
||||
# Defaults to the value of auth_name_v3, but must differ from the value
|
||||
# of service_name.
|
||||
#
|
||||
# [*public_address*]
|
||||
# (optional) The public nova-api endpoint
|
||||
# Defaults to '127.0.0.1'
|
||||
# [*public_url*]
|
||||
# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8774/v2/%(tenant_id)s')
|
||||
# This url should *not* contain any version or trailing '/'.
|
||||
#
|
||||
# [*admin_address*]
|
||||
# (optional) The admin nova-api endpoint
|
||||
# Defaults to '127.0.0.1'
|
||||
# [*internal_url*]
|
||||
# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:8774/v2/%(tenant_id)s')
|
||||
# This url should *not* contain any version or trailing '/'.
|
||||
#
|
||||
# [*internal_address*]
|
||||
# (optional) The internal nova-api endpoint
|
||||
# Defaults to '127.0.0.1'
|
||||
# [*admin_url*]
|
||||
# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:8774/v2/%(tenant_id)s')
|
||||
# This url should *not* contain any version or trailing '/'.
|
||||
#
|
||||
# [*compute_port*]
|
||||
# (optional) The port to use for the compute endpoint
|
||||
# Defaults to '8774'
|
||||
# [*public_url_v3*]
|
||||
# (optional) The v3 endpoint's public url. (Defaults to 'http://127.0.0.1:8774/v3')
|
||||
# This url should *not* contain any version or trailing '/'.
|
||||
#
|
||||
# [*ec2_port*]
|
||||
# (optional) The port to use for the ec2 endpoint
|
||||
# Defaults to '8773'
|
||||
# [*internal_url_v3*]
|
||||
# (optional) The v3 endpoint's internal url. (Defaults to 'http://127.0.0.1:8774/v3')
|
||||
# This url should *not* contain any version or trailing '/'.
|
||||
#
|
||||
# [*compute_version*]
|
||||
# (optional) The version of the compute api to put in the endpoint
|
||||
# Defaults to 'v2'
|
||||
# [*admin_url_v3*]
|
||||
# (optional) The v3 endpoint's admin url. (Defaults to 'http://127.0.0.1:8774/v3')
|
||||
# This url should *not* contain any version or trailing '/'.
|
||||
#
|
||||
# [*ec2_public_url*]
|
||||
# (optional) The endpoint's public url for EC2.
|
||||
# (Defaults to 'http://127.0.0.1:8773/services/Cloud')
|
||||
#
|
||||
# [*ec2_internal_url*]
|
||||
# (optional) The endpoint's internal url for EC2.
|
||||
# (Defaults to 'http://127.0.0.1:8773/services/Cloud')
|
||||
#
|
||||
# [*ec2_admin_url*]
|
||||
# (optional) The endpoint's admin url for EC2.
|
||||
# (Defaults to 'http://127.0.0.1:8773/services/Admin')
|
||||
#
|
||||
# [*region*]
|
||||
# (optional) The region in which to place the endpoints
|
||||
@@ -81,15 +93,50 @@
|
||||
# (optional) Whether to configure the admin role for the service user.
|
||||
# Defaults to true
|
||||
#
|
||||
# [*public_protocol*]
|
||||
# (optional) Protocol to use for the public endpoint. Can be http or https.
|
||||
# Defaults to 'http'
|
||||
# [*compute_version*]
|
||||
# (optional) DEPRECATED: Use public_url, internal_url and admin_url OR
|
||||
# public_url_v3, internal_url_v3 and admin_url_v3 instead.
|
||||
# The version of the compute api to put in the endpoint. (Defaults to v2)
|
||||
# Setting this parameter overrides public_url, internal_url and admin_url parameters.
|
||||
#
|
||||
# [*admin_protocol*]
|
||||
# Protocol for admin endpoints. Defaults to 'http'.
|
||||
# [*compute_port*]
|
||||
# (optional) DEPRECATED: Use public_url, internal_url and admin_url instead.
|
||||
# Port for endpoint. (Defaults to 9696)
|
||||
# Setting this parameter overrides public_url, internal_url and admin_url parameters.
|
||||
#
|
||||
# [*ec2_port*]
|
||||
# (optional) DEPRECATED: Use ec2_public_url, ec2_internal_url and ec2_admin_url instead.
|
||||
# (optional) The port to use for the ec2 endpoint. (Defaults to 8773)
|
||||
#
|
||||
# [*public_protocol*]
|
||||
# (optional) DEPRECATED: Use public_url and ec2_public_url instead.
|
||||
# Protocol for public endpoint. (Defaults to 'http')
|
||||
# Setting this parameter overrides public_url and ec2_public_url parameters.
|
||||
#
|
||||
# [*public_address*]
|
||||
# (optional) DEPRECATED: Use public_url and ec2_public_url instead.
|
||||
# Public address for endpoint. (Defaults to '127.0.0.1')
|
||||
# Setting this parameter overrides public_url and ec2_public_url parameters.
|
||||
#
|
||||
# [*internal_protocol*]
|
||||
# Protocol for internal endpoints. Defaults to 'http'.
|
||||
# (optional) DEPRECATED: Use internal_url and ec2_internal_url instead.
|
||||
# Protocol for internal endpoint. (Defaults to 'http')
|
||||
# Setting this parameter overrides internal_url and ec2_internal_url parameters.
|
||||
#
|
||||
# [*internal_address*]
|
||||
# (optional) DEPRECATED: Use internal_url and ec2_internal_url instead.
|
||||
# Internal address for endpoint. (Defaults to '127.0.0.1')
|
||||
# Setting this parameter overrides internal_url and ec2_internal_url parameters.
|
||||
#
|
||||
# [*admin_protocol*]
|
||||
# (optional) DEPRECATED: Use admin_url and ec2_admin_url instead.
|
||||
# Protocol for admin endpoint. (Defaults to 'http')
|
||||
# Setting this parameter overrides admin_url and ec2_admin_url parameters.
|
||||
#
|
||||
# [*admin_address*]
|
||||
# (optional) DEPRECATED: Use admin_url and ec2_admin_url instead.
|
||||
# Admin address for endpoint. (Defaults to '127.0.0.1')
|
||||
# Setting this parameter overrides admin_url and ec2_admin_url parameters.
|
||||
#
|
||||
class nova::keystone::auth(
|
||||
$password,
|
||||
@@ -97,25 +144,89 @@ class nova::keystone::auth(
|
||||
$auth_name_v3 = 'novav3',
|
||||
$service_name = undef,
|
||||
$service_name_v3 = undef,
|
||||
$public_address = '127.0.0.1',
|
||||
$admin_address = '127.0.0.1',
|
||||
$internal_address = '127.0.0.1',
|
||||
$compute_port = '8774',
|
||||
$ec2_port = '8773',
|
||||
$compute_version = 'v2',
|
||||
$region = 'RegionOne',
|
||||
$tenant = 'services',
|
||||
$email = 'nova@localhost',
|
||||
$public_url = 'http://127.0.0.1:8774/v2/%(tenant_id)s',
|
||||
$internal_url = 'http://127.0.0.1:8774/v2/%(tenant_id)s',
|
||||
$admin_url = 'http://127.0.0.1:8774/v2/%(tenant_id)s',
|
||||
$public_url_v3 = 'http://127.0.0.1:8774/v3',
|
||||
$internal_url_v3 = 'http://127.0.0.1:8774/v3',
|
||||
$admin_url_v3 = 'http://127.0.0.1:8774/v3',
|
||||
$ec2_public_url = 'http://127.0.0.1:8773/services/Cloud',
|
||||
$ec2_internal_url = 'http://127.0.0.1:8773/services/Cloud',
|
||||
$ec2_admin_url = 'http://127.0.0.1:8773/services/Admin',
|
||||
$configure_ec2_endpoint = true,
|
||||
$public_protocol = 'http',
|
||||
$configure_endpoint = true,
|
||||
$configure_endpoint_v3 = true,
|
||||
$configure_user = true,
|
||||
$configure_user_role = true,
|
||||
$admin_protocol = 'http',
|
||||
$internal_protocol = 'http'
|
||||
# DEPRECATED PARAMETERS
|
||||
$compute_version = undef,
|
||||
$compute_port = undef,
|
||||
$ec2_port = undef,
|
||||
$public_protocol = undef,
|
||||
$public_address = undef,
|
||||
$admin_protocol = undef,
|
||||
$admin_address = undef,
|
||||
$internal_protocol = undef,
|
||||
$internal_address = undef,
|
||||
) {
|
||||
|
||||
if $compute_version {
|
||||
warning('The compute_version parameter is deprecated, use public_url, internal_url and admin_url instead.')
|
||||
}
|
||||
|
||||
if $compute_port {
|
||||
warning('The compute_port parameter is deprecated, use public_url, internal_url and admin_url instead.')
|
||||
}
|
||||
|
||||
if $ec2_port {
|
||||
warning('The ec2_port parameter is deprecated, use ec2_public_url, ec2_internal_url and ec2_admin_url instead.')
|
||||
}
|
||||
|
||||
if $public_protocol {
|
||||
warning('The public_protocol parameter is deprecated, use public_url instead.')
|
||||
if $configure_ec2_endpoint {
|
||||
warning('The public_protocol parameter is deprecated, use ec2_public_url instead.')
|
||||
}
|
||||
}
|
||||
|
||||
if $internal_protocol {
|
||||
warning('The internal_protocol parameter is deprecated, use internal_url instead.')
|
||||
if $configure_ec2_endpoint {
|
||||
warning('The internal_protocol parameter is deprecated, use ec2_public_url instead.')
|
||||
}
|
||||
}
|
||||
|
||||
if $admin_protocol {
|
||||
warning('The admin_protocol parameter is deprecated, use admin_url instead.')
|
||||
if $configure_ec2_endpoint {
|
||||
warning('The admin_protocol parameter is deprecated, use ec2_admin_url instead.')
|
||||
}
|
||||
}
|
||||
|
||||
if $public_address {
|
||||
warning('The public_address parameter is deprecated, use public_url instead.')
|
||||
if $configure_ec2_endpoint {
|
||||
warning('The public_address parameter is deprecated, use ec2_public_url instead.')
|
||||
}
|
||||
}
|
||||
|
||||
if $internal_address {
|
||||
warning('The internal_address parameter is deprecated, use internal_url instead.')
|
||||
if $configure_ec2_endpoint {
|
||||
warning('The internal_address parameter is deprecated, use ec2_internal_url instead.')
|
||||
}
|
||||
}
|
||||
|
||||
if $admin_address {
|
||||
warning('The admin_address parameter is deprecated, use admin_url instead.')
|
||||
if $configure_ec2_endpoint {
|
||||
warning('The admin_address parameter is deprecated, use ec2_admin_url instead.')
|
||||
}
|
||||
}
|
||||
|
||||
if $service_name == undef {
|
||||
$real_service_name = $auth_name
|
||||
} else {
|
||||
@@ -132,6 +243,64 @@ class nova::keystone::auth(
|
||||
fail('nova::keystone::auth parameters service_name and service_name_v3 must be different.')
|
||||
}
|
||||
|
||||
if ($public_protocol or $public_address or $compute_port) {
|
||||
$public_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s',
|
||||
pick($public_protocol, 'http'),
|
||||
pick($public_address, '127.0.0.1'),
|
||||
pick($compute_port, '8774'),
|
||||
pick($compute_version, 'v2'))
|
||||
} else {
|
||||
$public_url_real = $public_url
|
||||
}
|
||||
|
||||
if ($internal_protocol or $internal_address or $compute_port) {
|
||||
$internal_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s',
|
||||
pick($internal_protocol, 'http'),
|
||||
pick($internal_address, '127.0.0.1'),
|
||||
pick($compute_port, '8774'),
|
||||
pick($compute_version, 'v2'))
|
||||
} else {
|
||||
$internal_url_real = $internal_url
|
||||
}
|
||||
|
||||
if ($admin_protocol or $admin_address or $compute_port) {
|
||||
$admin_url_real = sprintf('%s://%s:%s/%s/%%(tenant_id)s',
|
||||
pick($admin_protocol, 'http'),
|
||||
pick($admin_address, '127.0.0.1'),
|
||||
pick($compute_port, '8774'),
|
||||
pick($compute_version, 'v2'))
|
||||
} else {
|
||||
$admin_url_real = $admin_url
|
||||
}
|
||||
|
||||
# EC2 endpoints
|
||||
if ($public_protocol or $public_address or $ec2_port) {
|
||||
$ec2_public_url_real = sprintf('%s://%s:%s/services/Cloud',
|
||||
pick($public_protocol, 'http'),
|
||||
pick($public_address, '127.0.0.1'),
|
||||
pick($ec2_port, '8773'))
|
||||
} else {
|
||||
$ec2_public_url_real = $ec2_public_url
|
||||
}
|
||||
|
||||
if ($internal_protocol or $internal_address or $ec2_port) {
|
||||
$ec2_internal_url_real = sprintf('%s://%s:%s/services/Cloud',
|
||||
pick($internal_protocol, 'http'),
|
||||
pick($internal_address, '127.0.0.1'),
|
||||
pick($ec2_port, '8773'))
|
||||
} else {
|
||||
$ec2_internal_url_real = $ec2_internal_url
|
||||
}
|
||||
|
||||
if ($admin_protocol or $admin_address or $ec2_port) {
|
||||
$ec2_admin_url_real = sprintf('%s://%s:%s/services/Admin',
|
||||
pick($admin_protocol, 'http'),
|
||||
pick($admin_address, '127.0.0.1'),
|
||||
pick($ec2_port, '8773'))
|
||||
} else {
|
||||
$ec2_admin_url_real = $ec2_admin_url
|
||||
}
|
||||
|
||||
if $configure_endpoint {
|
||||
Keystone_endpoint["${region}/${real_service_name}"] ~> Service <| name == 'nova-api' |>
|
||||
}
|
||||
@@ -148,9 +317,9 @@ class nova::keystone::auth(
|
||||
password => $password,
|
||||
email => $email,
|
||||
tenant => $tenant,
|
||||
public_url => "${public_protocol}://${public_address}:${compute_port}/${compute_version}/%(tenant_id)s",
|
||||
admin_url => "${admin_protocol}://${admin_address}:${compute_port}/${compute_version}/%(tenant_id)s",
|
||||
internal_url => "${internal_protocol}://${internal_address}:${compute_port}/${compute_version}/%(tenant_id)s",
|
||||
public_url => $public_url_real,
|
||||
admin_url => $admin_url_real,
|
||||
internal_url => $internal_url_real,
|
||||
}
|
||||
|
||||
keystone::resource::service_identity { "nova v3 service, user ${auth_name_v3}":
|
||||
@@ -163,9 +332,9 @@ class nova::keystone::auth(
|
||||
service_name => $real_service_name_v3,
|
||||
region => $region,
|
||||
auth_name => $auth_name_v3,
|
||||
public_url => "${public_protocol}://${public_address}:${compute_port}/v3",
|
||||
admin_url => "${admin_protocol}://${admin_address}:${compute_port}/v3",
|
||||
internal_url => "${internal_protocol}://${internal_address}:${compute_port}/v3",
|
||||
public_url => $public_url_v3,
|
||||
admin_url => $admin_url_v3,
|
||||
internal_url => $internal_url_v3,
|
||||
}
|
||||
|
||||
keystone::resource::service_identity { "nova ec2 service, user ${auth_name}_ec2":
|
||||
@@ -178,9 +347,9 @@ class nova::keystone::auth(
|
||||
service_name => "${real_service_name}_ec2",
|
||||
region => $region,
|
||||
auth_name => "${auth_name}_ec2",
|
||||
public_url => "${public_protocol}://${public_address}:${ec2_port}/services/Cloud",
|
||||
admin_url => "${admin_protocol}://${admin_address}:${ec2_port}/services/Admin",
|
||||
internal_url => "${internal_protocol}://${internal_address}:${ec2_port}/services/Cloud",
|
||||
public_url => $ec2_public_url_real,
|
||||
admin_url => $ec2_admin_url_real,
|
||||
internal_url => $ec2_internal_url_real,
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -6,6 +6,23 @@ describe 'nova::keystone::auth' do
|
||||
{:password => 'nova_password'}
|
||||
end
|
||||
|
||||
let :default_params do
|
||||
{ :auth_name => 'nova',
|
||||
:region => 'RegionOne',
|
||||
:tenant => 'services',
|
||||
:email => 'nova@localhost',
|
||||
:public_url => 'http://127.0.0.1:8774/v2/%(tenant_id)s',
|
||||
:internal_url => 'http://127.0.0.1:8774/v2/%(tenant_id)s',
|
||||
:admin_url => 'http://127.0.0.1:8774/v2/%(tenant_id)s',
|
||||
:public_url_v3 => 'http://127.0.0.1:8774/v3',
|
||||
:internal_url_v3 => 'http://127.0.0.1:8774/v3',
|
||||
:admin_url_v3 => 'http://127.0.0.1:8774/v3',
|
||||
:configure_ec2_endpoint => true,
|
||||
:ec2_public_url => 'http://127.0.0.1:8773/services/Cloud',
|
||||
:ec2_internal_url => 'http://127.0.0.1:8773/services/Cloud',
|
||||
:ec2_admin_url => 'http://127.0.0.1:8773/services/Admin' }
|
||||
end
|
||||
|
||||
context 'with default parameters' do
|
||||
|
||||
it { is_expected.to contain_keystone_user('nova').with(
|
||||
@@ -15,7 +32,7 @@ describe 'nova::keystone::auth' do
|
||||
|
||||
it { is_expected.to contain_keystone_user_role('nova@services').with(
|
||||
:ensure => 'present',
|
||||
:roles => 'admin'
|
||||
:roles => ['admin']
|
||||
)}
|
||||
|
||||
it { is_expected.to contain_keystone_service('nova').with(
|
||||
@@ -71,7 +88,7 @@ describe 'nova::keystone::auth' do
|
||||
|
||||
it { is_expected.to contain_keystone_user_role('foo@services').with(
|
||||
:ensure => 'present',
|
||||
:roles => 'admin'
|
||||
:roles => ['admin']
|
||||
)}
|
||||
|
||||
it { is_expected.to contain_keystone_service('foo').with(
|
||||
@@ -133,7 +150,45 @@ describe 'nova::keystone::auth' do
|
||||
|
||||
end
|
||||
|
||||
context 'when overriding endpoint params' do
|
||||
context 'when overriding endpoint parameters' do
|
||||
before do
|
||||
params.merge!(
|
||||
:region => 'RegionTwo',
|
||||
:public_url => 'https://10.0.0.1:9774/v2.2/%(tenant_id)s',
|
||||
:internal_url => 'https://10.0.0.3:9774/v2.2/%(tenant_id)s',
|
||||
:admin_url => 'https://10.0.0.2:9774/v2.2/%(tenant_id)s',
|
||||
:public_url_v3 => 'https://10.0.3.1:9774/v3',
|
||||
:internal_url_v3 => 'https://10.0.3.3:9774/v3',
|
||||
:admin_url_v3 => 'https://10.0.3.2:9774/v3',
|
||||
:ec2_public_url => 'https://10.0.9.1:9773/services/Cloud',
|
||||
:ec2_internal_url => 'https://10.0.9.2:9773/services/Cloud',
|
||||
:ec2_admin_url => 'https://10.0.9.3:9773/services/Admin',
|
||||
)
|
||||
end
|
||||
|
||||
it { is_expected.to contain_keystone_endpoint('RegionTwo/nova').with(
|
||||
:ensure => 'present',
|
||||
:public_url => params[:public_url],
|
||||
:internal_url => params[:internal_url],
|
||||
:admin_url => params[:admin_url]
|
||||
)}
|
||||
|
||||
it { is_expected.to contain_keystone_endpoint('RegionTwo/novav3').with(
|
||||
:ensure => 'present',
|
||||
:public_url => params[:public_url_v3],
|
||||
:internal_url => params[:internal_url_v3],
|
||||
:admin_url => params[:admin_url_v3]
|
||||
)}
|
||||
|
||||
it { is_expected.to contain_keystone_endpoint('RegionTwo/nova_ec2').with(
|
||||
:ensure => 'present',
|
||||
:public_url => params[:ec2_public_url],
|
||||
:internal_url => params[:ec2_internal_url],
|
||||
:admin_url => params[:ec2_admin_url]
|
||||
)}
|
||||
end
|
||||
|
||||
context 'when providing deprecated endpoint parameters' do
|
||||
before do
|
||||
params.merge!(
|
||||
:public_address => '10.0.0.1',
|
||||
@@ -162,7 +217,6 @@ describe 'nova::keystone::auth' do
|
||||
:admin_url => 'https://10.0.0.2:9773/services/Admin',
|
||||
:internal_url => 'https://10.0.0.3:9773/services/Cloud'
|
||||
)}
|
||||
|
||||
end
|
||||
|
||||
describe 'when disabling endpoint configuration' do
|
||||
@@ -188,9 +242,7 @@ describe 'nova::keystone::auth' do
|
||||
end
|
||||
|
||||
it { is_expected.to_not contain_keystone_user('nova') }
|
||||
|
||||
it { is_expected.to contain_keystone_user_role('nova@services') }
|
||||
|
||||
it { is_expected.to contain_keystone_service('nova').with(
|
||||
:ensure => 'present',
|
||||
:type => 'compute',
|
||||
@@ -208,9 +260,7 @@ describe 'nova::keystone::auth' do
|
||||
end
|
||||
|
||||
it { is_expected.to_not contain_keystone_user('nova') }
|
||||
|
||||
it { is_expected.to_not contain_keystone_user_role('nova@services') }
|
||||
|
||||
it { is_expected.to contain_keystone_service('nova').with(
|
||||
:ensure => 'present',
|
||||
:type => 'compute',
|
||||
@@ -234,7 +284,7 @@ describe 'nova::keystone::auth' do
|
||||
}
|
||||
end
|
||||
|
||||
it { is_expected.to contain_keystone_endpoint('RegionOne/nova').with_notify('Service[nova-api]') }
|
||||
it { is_expected.to contain_keystone_endpoint('RegionOne/nova').with_notify(['Service[nova-api]']) }
|
||||
end
|
||||
|
||||
describe 'when overriding service names' do
|
||||
|
||||
Reference in New Issue
Block a user