When reading credentials from the configuration's keystone_authtoken
section www_authenticate_uri was used as URL for Keystone.
As www_authenticate_uri is a public endpoint that is not necessarily
reachable for the Puppet agent, this change uses the more appropriate
auth_url as Keystone URL.
Change-Id: I231f578db145956ab61a514106a5e714a055a1cb
Option auth_uri from group keystone_authtoken is deprecated[1].
Use option www_authenticate_uri from group keystone_authtoken.
[1]https://review.openstack.org/#/c/508522/
Change-Id: If7049561c6a9e94fc5074112db9597cd8cb6996e
Depends-On: I4c82a63baabd6b9304b302c97cd751a0103d8316
Depends-On: I0dd36ef1f1f5dcdc57413736ecb8f2555712c36d
Closes-Bug: #1759098
Currently, trove auth provider has been implicitely using
keystone v2.0 by not declaring DOMAIN variables.
Now, api v2.0 is being deprecated and we need to use API v3.
Change-Id: Id2ed9ce08199d95e9438918ffda3417a1ee085f2
In trove::api, use keystone::resource::authtoken to configure
keystone_authtoken section in trove.conf, with all parameters required
to configure keystonemiddleware.
This patch will allow to deploy Trove to use Keystone v3
authentification.
Some deprecations:
- trove::api::keystone_tenant is deprecated in favor of trove::keystone::authtoken::project_name.
- trove::api::keystone_user is deprecated in favor of trove::keystone::authtoken::username.
- trove::api::keystone_password is deprecated in favor of trove::keystone::authtoken::password.
- trove::api::identity_uri is deprecated in favor of trove::keystone::authtoken::auth_url.
- trove::api::auth_uri is deprecated in favor of trove::keystone::authtoken::auth_uri.
Change-Id: I808ebda1c4ec3a5b2ed294eb8af4eecafa861051
Closes-Bug: #1604463
Bug #1365561 has been marked as fixed so it should be safe to remove
hack adding group and file before installing package.
Change-Id: Id447a47a056a41d8c98b01d6769f4121a36d7aae
With the creation of the new openstack_config provider, some processing
that was done in trove_config has been centralized in
openstack_config.
The same apply for trove_conductor_config, trove_guestagent_config and
trove_taskmanager_config
Impacted methods are :
* section
* setting
* separator
Also, this commit adds the fact that, when passing a specific string
(ensure_absent_val) the provider will behave as if ensure => absent was
specified. '<SERVICE DEFAULT>' is the default value for
ensure_absent_val.
The use case is the following :
trove_config { 'DEFAULT/foo' : value => 'bar' } # will work as usual
trove_config { 'DEFAULT/foo' : value => '<SERVICE DEFAULT>' } # will mean absent
That means that all the current :
if $myvar {
trove_config { 'DEFAULT/foo' : value => $myvar }
} else {
trove_config { 'DEFAULT/foo' : ensure => absent }
}
can be removed in favor of :
trove_config { 'DEFAULT/foo' : value => $myvar }
If for any reason '<SERVICE DEFAULT>' turns out to be a valid value for
a specific parameter. One could by pass that doing the following :
trove_config { 'DEFAULT/foo' : value => '<SERVICE DEFAULT>',
ensure_absent_val => 'foo' }
Change-Id: I44472b107c951d22932c533031f68aa67a5f2e18
Depends-On: I0eeebde3aac2662cc7e69bfad7f8d2481463a218