diff --git a/Gemfile b/Gemfile index 3d9d4ad8..b0b2d45f 100644 --- a/Gemfile +++ b/Gemfile @@ -6,6 +6,15 @@ group :development, :test do gem 'metadata-json-lint' gem 'puppet-lint-param-docs' + gem 'puppet-lint-absolute_classname-check' + gem 'puppet-lint-absolute_template_path' + gem 'puppet-lint-trailing_newline-check' + + # Puppet 4.x related lint checks + gem 'puppet-lint-unquoted_string-check' + gem 'puppet-lint-leading_zero-check' + gem 'puppet-lint-variable_contains_upcase' + gem 'puppet-lint-numericvariable' gem 'json' gem 'webmock' diff --git a/manifests/auth_file.pp b/manifests/auth_file.pp index e2c3d354..78d297ca 100644 --- a/manifests/auth_file.pp +++ b/manifests/auth_file.pp @@ -26,7 +26,7 @@ class swift::auth_file ( ) { file { '/root/swiftrc': - ensure => present, + ensure => file, owner => 'root', group => 'root', mode => '0600', @@ -35,6 +35,6 @@ class swift::auth_file ( export ST_USER=${admin_tenant}:${admin_user} export ST_KEY=${admin_password} export ST_AUTH=${auth_url} - " + ", } } diff --git a/manifests/client.pp b/manifests/client.pp index d692285f..757a7478 100644 --- a/manifests/client.pp +++ b/manifests/client.pp @@ -12,7 +12,7 @@ class swift::client ( $ensure = 'present' ) { - include swift::params + include ::swift::params package { 'swiftclient': ensure => $ensure, diff --git a/manifests/dispersion.pp b/manifests/dispersion.pp index 9da17b1f..81f6d677 100644 --- a/manifests/dispersion.pp +++ b/manifests/dispersion.pp @@ -80,13 +80,13 @@ class swift::dispersion ( $dump_json = 'no' ) { - include swift::params + include ::swift::params Package['swift'] -> Swift_dispersion_config<||> Swift_dispersion_config<||> ~> Exec['swift-dispersion-populate'] file { '/etc/swift/dispersion.conf': - ensure => present, + ensure => file, owner => 'swift', group => 'swift', mode => '0660', diff --git a/manifests/init.pp b/manifests/init.pp index 088ed246..2163f3e5 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -30,8 +30,8 @@ class swift( $client_package_ensure = 'present', ) { - include swift::params - include ssh::server + include ::swift::params + include ::ssh::server Class['ssh::server::install'] -> Class['swift'] @@ -42,7 +42,7 @@ class swift( } } - class { 'swift::client': + class { '::swift::client': ensure => $client_package_ensure; } @@ -68,11 +68,11 @@ class swift( } file { '/etc/swift/swift.conf': - ensure => present, + ensure => file, mode => '0660', } swift_config { 'swift-hash/swift_hash_path_suffix': - value => $swift_hash_suffix + value => $swift_hash_suffix, } } diff --git a/manifests/keystone/dispersion.pp b/manifests/keystone/dispersion.pp index 685ce655..44b830c8 100644 --- a/manifests/keystone/dispersion.pp +++ b/manifests/keystone/dispersion.pp @@ -46,6 +46,6 @@ class swift::keystone::dispersion( keystone_user_role { "${auth_user}@${tenant}": ensure => present, roles => 'admin', - require => Keystone_user[$auth_user] + require => Keystone_user[$auth_user], } } diff --git a/manifests/proxy.pp b/manifests/proxy.pp index 7ebfcab6..503a8d54 100644 --- a/manifests/proxy.pp +++ b/manifests/proxy.pp @@ -132,8 +132,8 @@ class swift::proxy( $package_ensure = 'present' ) { - include swift::params - include concat::setup + include ::swift::params + include ::concat::setup validate_bool($account_autocreate) validate_bool($allow_account_management) diff --git a/manifests/proxy/ceilometer.pp b/manifests/proxy/ceilometer.pp index c4d90bb5..6ae73e7b 100644 --- a/manifests/proxy/ceilometer.pp +++ b/manifests/proxy/ceilometer.pp @@ -34,7 +34,7 @@ class swift::proxy::ceilometer( } file { '/var/log/ceilometer/swift-proxy-server.log': - ensure => present, + ensure => file, mode => '0664', owner => 'swift', group => 'swift', @@ -44,7 +44,7 @@ class swift::proxy::ceilometer( target => '/etc/swift/proxy-server.conf', content => template('swift/proxy/ceilometer.conf.erb'), order => '33', - require => Class['::ceilometer'] + require => Class['::ceilometer'], } } diff --git a/manifests/proxy/s3token.pp b/manifests/proxy/s3token.pp index 9d8883f8..da2e4175 100644 --- a/manifests/proxy/s3token.pp +++ b/manifests/proxy/s3token.pp @@ -34,7 +34,7 @@ class swift::proxy::s3token( $auth_protocol = 'http' ) { - include keystone::python + include ::keystone::python concat::fragment { 'swift_s3token': target => '/etc/swift/proxy-server.conf', diff --git a/manifests/proxy/swift3.pp b/manifests/proxy/swift3.pp index e13896b2..5eecba4f 100644 --- a/manifests/proxy/swift3.pp +++ b/manifests/proxy/swift3.pp @@ -24,7 +24,7 @@ class swift::proxy::swift3( $ensure = 'present' ) { - include swift::params + include ::swift::params package { 'swift-plugin-s3': ensure => $ensure, diff --git a/manifests/ringserver.pp b/manifests/ringserver.pp index f47a636e..9e6db0e2 100644 --- a/manifests/ringserver.pp +++ b/manifests/ringserver.pp @@ -33,7 +33,7 @@ class swift::ringserver( Class['swift::ringbuilder'] -> Class['swift::ringserver'] if !defined(Class['rsync::server']) { - class { 'rsync::server': + class { '::rsync::server': use_xinetd => true, address => $local_net_ip, use_chroot => 'no', diff --git a/manifests/storage.pp b/manifests/storage.pp index 9bc6ac61..61b893d4 100644 --- a/manifests/storage.pp +++ b/manifests/storage.pp @@ -24,7 +24,7 @@ class swift::storage( ) { if !defined(Class['rsync::server']){ - class{ 'rsync::server': + class{ '::rsync::server': use_xinetd => true, address => $storage_local_net_ip, use_chroot => 'no', diff --git a/manifests/storage/account.pp b/manifests/storage/account.pp index fa460f51..3a66d678 100644 --- a/manifests/storage/account.pp +++ b/manifests/storage/account.pp @@ -24,7 +24,7 @@ class swift::storage::account( package_ensure => $package_ensure, } - include swift::params + include ::swift::params if $manage_service { if $enabled { diff --git a/manifests/storage/all.pp b/manifests/storage/all.pp index 7ab7a0cb..9956c65c 100644 --- a/manifests/storage/all.pp +++ b/manifests/storage/all.pp @@ -60,7 +60,7 @@ class swift::storage::all( $log_facility = 'LOG_LOCAL2' ) { - class { 'swift::storage': + class { '::swift::storage': storage_local_net_ip => $storage_local_net_ip, } diff --git a/manifests/storage/container.pp b/manifests/storage/container.pp index e7187f64..f11bc03b 100644 --- a/manifests/storage/container.pp +++ b/manifests/storage/container.pp @@ -26,10 +26,10 @@ class swift::storage::container( swift::storage::generic { 'container': manage_service => $manage_service, enabled => $enabled, - package_ensure => $package_ensure + package_ensure => $package_ensure, } - include swift::params + include ::swift::params if $manage_service { if $enabled { @@ -69,7 +69,7 @@ class swift::storage::container( ensure => $service_ensure, enable => $enabled, provider => $::swift::params::service_provider, - require => File['/etc/init/swift-container-sync.conf', '/etc/init.d/swift-container-sync'] + require => File['/etc/init/swift-container-sync.conf', '/etc/init.d/swift-container-sync'], } } } diff --git a/manifests/storage/generic.pp b/manifests/storage/generic.pp index 341bc5af..928d52e9 100644 --- a/manifests/storage/generic.pp +++ b/manifests/storage/generic.pp @@ -35,7 +35,7 @@ define swift::storage::generic( $service_provider = $::swift::params::service_provider ) { - include swift::params + include ::swift::params Class['swift::storage'] -> Swift::Storage::Generic[$name] diff --git a/manifests/storage/mount.pp b/manifests/storage/mount.pp index 3a23cff9..a9f23a01 100644 --- a/manifests/storage/mount.pp +++ b/manifests/storage/mount.pp @@ -35,7 +35,7 @@ define swift::storage::mount( device => $device, fstype => $fstype, options => "${options},${fsoptions}", - require => File["${mnt_base_dir}/${name}"] + require => File["${mnt_base_dir}/${name}"], } # double checks to make sure that things are mounted diff --git a/manifests/storage/object.pp b/manifests/storage/object.pp index eb6a2c7a..2055843d 100644 --- a/manifests/storage/object.pp +++ b/manifests/storage/object.pp @@ -21,10 +21,10 @@ class swift::storage::object( swift::storage::generic { 'object': manage_service => $manage_service, enabled => $enabled, - package_ensure => $package_ensure + package_ensure => $package_ensure, } - include swift::params + include ::swift::params if $manage_service { if $enabled { diff --git a/manifests/storage/server.pp b/manifests/storage/server.pp index 391f79c0..389910d0 100644 --- a/manifests/storage/server.pp +++ b/manifests/storage/server.pp @@ -60,8 +60,8 @@ define swift::storage::server( warning("swift storage server ${type} must specify ${type}-server") } - include "swift::storage::${type}" - include concat::setup + include "::swift::storage::${type}" + include ::concat::setup validate_re($name, '^\d+$') validate_re($type, '^object|container|account$') diff --git a/manifests/storage/xfs.pp b/manifests/storage/xfs.pp index 7bf7d99d..dc77942d 100644 --- a/manifests/storage/xfs.pp +++ b/manifests/storage/xfs.pp @@ -22,7 +22,7 @@ define swift::storage::xfs( $loopback = false ) { - include swift::xfs + include ::swift::xfs if $device == '' { $target_device = "/dev/${name}" diff --git a/manifests/test_file.pp b/manifests/test_file.pp index 8dd5e086..c515f5be 100644 --- a/manifests/test_file.pp +++ b/manifests/test_file.pp @@ -38,6 +38,6 @@ class swift::test_file ( ) { file { '/tmp/swift_test_file.rb': mode => '0755', - content => template('swift/swift_keystone_test.erb') + content => template('swift/swift_keystone_test.erb'), } } diff --git a/spec/classes/swift_dispersion_spec.rb b/spec/classes/swift_dispersion_spec.rb index d9d8f9c4..00235c6b 100644 --- a/spec/classes/swift_dispersion_spec.rb +++ b/spec/classes/swift_dispersion_spec.rb @@ -29,7 +29,7 @@ describe 'swift::dispersion' do end it { is_expected.to contain_file('/etc/swift/dispersion.conf').with( - :ensure => 'present', + :ensure => 'file', :owner => 'swift', :group => 'swift', :mode => '0660', diff --git a/spec/classes/swift_spec.rb b/spec/classes/swift_spec.rb index 8f9bd27f..109af84a 100644 --- a/spec/classes/swift_spec.rb +++ b/spec/classes/swift_spec.rb @@ -47,8 +47,8 @@ describe 'swift' do {:ensure => 'directory'}.merge(file_defaults) )} it {is_expected.to contain_file('/etc/swift/swift.conf').with( - {:ensure => 'present', - :mode => '0660', + { :ensure => 'file', + :mode => '0660' }.merge(file_defaults) )} it 'configures swift.conf' do diff --git a/tests/all.pp b/tests/all.pp index 75083564..dd7b797f 100644 --- a/tests/all.pp +++ b/tests/all.pp @@ -11,11 +11,11 @@ Exec { logoutput => true } package { 'curl': ensure => present } -class { 'memcached': +class { '::memcached': listen_ip => $swift_local_net_ip, } -class { 'swift': +class { '::swift': # not sure how I want to deal with this shared secret swift_hash_suffix => $swift_shared_secret, package_ensure => latest, @@ -23,8 +23,8 @@ class { 'swift': # === Configure Storage -class { 'swift::storage': - storage_local_net_ip => $swift_local_net_ip +class { '::swift::storage': + storage_local_net_ip => $swift_local_net_ip, } # create xfs partitions on a loopback device and mounts them @@ -44,7 +44,7 @@ swift::storage::node { '2': require => Swift::Storage::Loopback[2] , } -class { 'swift::ringbuilder': +class { '::swift::ringbuilder': part_power => '18', replicas => '1', min_part_hours => 1, @@ -53,10 +53,10 @@ class { 'swift::ringbuilder': # TODO should I enable swath in the default config? -class { 'swift::proxy': +class { '::swift::proxy': proxy_local_net_ip => $swift_local_net_ip, pipeline => ['healthcheck', 'cache', 'tempauth', 'proxy-server'], account_autocreate => true, require => Class['swift::ringbuilder'], } -class { ['swift::proxy::healthcheck', 'swift::proxy::cache', 'swift::proxy::tempauth']: } +class { ['::swift::proxy::healthcheck', '::swift::proxy::cache', '::swift::proxy::tempauth']: } diff --git a/tests/site.pp b/tests/site.pp index f98154fe..fdc49868 100644 --- a/tests/site.pp +++ b/tests/site.pp @@ -52,16 +52,16 @@ $swift_verbose = hiera('verbose', 'True') # This node can be used to deploy a keystone service. # This service only contains the credentials for authenticating # swift -node swift-keystone { +node 'swift-keystone' { # set up mysql server - class { 'mysql::server': + class { '::mysql::server': config_hash => { # the priv grant fails on precise if I set a root password # TODO I should make sure that this works # 'root_password' => $mysql_root_password, - 'bind_address' => '0.0.0.0' - } + 'bind_address' => '0.0.0.0', + }, } keystone_config { @@ -69,7 +69,7 @@ node swift-keystone { } # set up all openstack databases, users, grants - class { 'keystone::db::mysql': + class { '::keystone::db::mysql': password => $swift_keystone_db_password, } @@ -83,29 +83,17 @@ node swift-keystone { } # Setup the Keystone Identity Endpoint - class { 'keystone::endpoint': } + class { '::keystone::endpoint': } # set up keystone admin users - class { 'keystone::roles::admin': + class { '::keystone::roles::admin': email => $swift_keystone_admin_email, password => $swift_keystone_admin_password, } # configure the keystone service user and endpoint - class { 'swift::keystone::auth': - password => $swift_admin_password, - public_address => $swift_proxy_node, - } - -} - - -node swift_base { - - - class { 'swift': - # not sure how I want to deal with this shared secret - swift_hash_suffix => $swift_shared_secret, - package_ensure => latest, + class { '::swift::keystone::auth': + password => $swift_admin_password, + public_address => $swift_proxy_node, } } @@ -118,7 +106,13 @@ node swift_base { # they would need to be replaced with something that create and mounts xfs # partitions # -node /swift-storage/ inherits swift_base { +node /swift-storage/ { + + class { '::swift': + # not sure how I want to deal with this shared secret + swift_hash_suffix => $swift_shared_secret, + package_ensure => latest, + } # create xfs partitions on a loopback device and mount them swift::storage::loopback { ['1', '2']: @@ -128,39 +122,39 @@ node /swift-storage/ inherits swift_base { } # install all swift storage servers together - class { 'swift::storage::all': + class { '::swift::storage::all': storage_local_net_ip => $swift_local_net_ip, } # specify endpoints per device to be added to the ring specification @@ring_object_device { "${swift_local_net_ip}:6000/1": - zone => $swift_zone, - weight => 1, + zone => $swift_zone, + weight => 1, } @@ring_object_device { "${swift_local_net_ip}:6000/2": - zone => $swift_zone, - weight => 1, + zone => $swift_zone, + weight => 1, } @@ring_container_device { "${swift_local_net_ip}:6001/1": - zone => $swift_zone, - weight => 1, + zone => $swift_zone, + weight => 1, } @@ring_container_device { "${swift_local_net_ip}:6001/2": - zone => $swift_zone, - weight => 1, + zone => $swift_zone, + weight => 1, } # TODO should device be changed to volume @@ring_account_device { "${swift_local_net_ip}:6002/1": - zone => $swift_zone, - weight => 1, + zone => $swift_zone, + weight => 1, } @@ring_account_device { "${swift_local_net_ip}:6002/2": - zone => $swift_zone, - weight => 1, + zone => $swift_zone, + weight => 1, } # collect resources for synchronizing the ring databases @@ -169,18 +163,23 @@ node /swift-storage/ inherits swift_base { } -node /swift-proxy/ inherits swift_base { +node /swift-proxy/ { + class { '::swift': + # not sure how I want to deal with this shared secret + swift_hash_suffix => $swift_shared_secret, + package_ensure => latest, + } # curl is only required so that I can run tests package { 'curl': ensure => present } - class { 'memcached': + class { '::memcached': listen_ip => '127.0.0.1', } # specify swift proxy and all of its middlewares - class { 'swift::proxy': + class { '::swift::proxy': proxy_local_net_ip => $swift_local_net_ip, pipeline => [ 'bulk', @@ -194,8 +193,7 @@ node /swift-proxy/ inherits swift_base { 'keystone', 'account_quotas', 'container_quotas', - 'proxy-server' - ], + 'proxy-server'], account_autocreate => true, # TODO where is the ringbuilder class? require => Class['swift::ringbuilder'], @@ -203,35 +201,35 @@ node /swift-proxy/ inherits swift_base { # configure all of the middlewares class { [ - 'swift::proxy::account_quotas', - 'swift::proxy::catch_errors', - 'swift::proxy::container_quotas', - 'swift::proxy::healthcheck', - 'swift::proxy::cache', - 'swift::proxy::swift3', + '::swift::proxy::account_quotas', + '::swift::proxy::catch_errors', + '::swift::proxy::container_quotas', + '::swift::proxy::healthcheck', + '::swift::proxy::cache', + '::swift::proxy::swift3', ]: } - class { 'swift::proxy::bulk': + class { '::swift::proxy::bulk': max_containers_per_extraction => 10000, max_failed_extractions => 1000, max_deletes_per_request => 10000, yield_frequency => 60, } - class { 'swift::proxy::ratelimit': + class { '::swift::proxy::ratelimit': clock_accuracy => 1000, max_sleep_time_seconds => 60, log_sleep_time_seconds => 0, rate_buffer_seconds => 5, - account_ratelimit => 0 + account_ratelimit => 0, } - class { 'swift::proxy::s3token': + class { '::swift::proxy::s3token': # assume that the controller host is the swift api server - auth_host => $swift_keystone_node, - auth_port => '35357', + auth_host => $swift_keystone_node, + auth_port => '35357', } - class { 'swift::proxy::keystone': + class { '::swift::proxy::keystone': operator_roles => ['admin', 'SwiftOperator'], } - class { 'swift::proxy::authtoken': + class { '::swift::proxy::authtoken': admin_user => 'swift', admin_tenant_name => 'services', admin_password => $swift_admin_password, @@ -246,7 +244,7 @@ node /swift-proxy/ inherits swift_base { Ring_account_device <<| |>> # create the ring - class { 'swift::ringbuilder': + class { '::swift::ringbuilder': # the part power should be determined by assuming 100 partitions per drive part_power => '18', replicas => '3', @@ -255,19 +253,18 @@ node /swift-proxy/ inherits swift_base { } # sets up an rsync db that can be used to sync the ring DB - class { 'swift::ringserver': + class { '::swift::ringserver': local_net_ip => $swift_local_net_ip, } # exports rsync gets that can be used to sync the ring files @@swift::ringsync { ['account', 'object', 'container']: - ring_server => $swift_local_net_ip + ring_server => $swift_local_net_ip, } # deploy a script that can be used for testing - class { 'swift::test_file': + class { '::swift::test_file': auth_server => $swift_keystone_node, password => $swift_keystone_admin_password, } } -