aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJuan Antonio Osorio Robles <jaosorior@redhat.com>2015-11-11 15:32:47 +0000
committerJuan Antonio Osorio Robles <jaosorior@redhat.com>2016-05-04 17:23:52 +0300
commit995ad9c32b86a8b04f0390265d82d8aa2bc066e7 (patch)
treef6ef1bdde4edaccd589013dfc35f03c3c2abef90
parent3c5521d2bbdeaf27d2f8d6db40a9ac952de6eb0c (diff)
Pass parameters to manage endpoints via puppet
This commit passes the necessary hieradata in order to create the endpoints, users and roles of the services in keystone via puppet. Change-Id: I2470dfa4661be7ba8218f6035fffa05f547214f0
-rw-r--r--puppet/controller.yaml84
-rw-r--r--puppet/hieradata/controller.yaml15
-rw-r--r--puppet/services/glance-api.yaml4
3 files changed, 103 insertions, 0 deletions
diff --git a/puppet/controller.yaml b/puppet/controller.yaml
index bf196d24..a08ed1bb 100644
--- a/puppet/controller.yaml
+++ b/puppet/controller.yaml
@@ -908,6 +908,9 @@ resources:
- - 'http://'
- {get_param: HeatApiVirtualIPUri}
- ':8000/v1/waitcondition'
+ heat_public_url: {get_param: [EndpointMap, HeatPublic, uri]}
+ heat_internal_url: {get_param: [EndpointMap, HeatInternal, uri]}
+ heat_admin_url: {get_param: [EndpointMap, HeatAdmin, uri]}
heat_auth_encryption_key: {get_param: HeatAuthEncryptionKey}
heat_enable_db_purge: {get_param: HeatEnableDBPurge}
horizon_allowed_hosts: {get_param: HorizonAllowedHosts}
@@ -937,6 +940,12 @@ resources:
- '@'
- {get_param: MysqlVirtualIPUri}
- '/cinder'
+ cinder_public_url: {get_param: [EndpointMap, CinderPublic, uri]}
+ cinder_internal_url: {get_param: [EndpointMap, CinderInternal, uri]}
+ cinder_admin_url: {get_param: [EndpointMap, CinderAdmin, uri]}
+ cinder_public_url_v2: {get_param: [EndpointMap, CinderV2Public, uri]}
+ cinder_internal_url_v2: {get_param: [EndpointMap, CinderV2Internal, uri]}
+ cinder_admin_url_v2: {get_param: [EndpointMap, CinderV2Admin, uri]}
heat_password: {get_param: HeatPassword}
heat_stack_domain_admin_password: {get_param: HeatStackDomainAdminPassword}
heat_dsn:
@@ -1062,6 +1071,9 @@ resources:
ceilometer_password: {get_param: CeilometerPassword}
ceilometer_store_events: {get_param: CeilometerStoreEvents}
aodh_password: {get_param: AodhPassword}
+ aodh_internal_url: { get_param: [ EndpointMap, AodhInternal, uri ] }
+ aodh_public_url: { get_param: [ EndpointMap, AodhPublic, uri ] }
+ aodh_admin_url: { get_param: [ EndpointMap, AodhAdmin, uri ] }
ceilometer_meter_dispatcher: {get_param: CeilometerMeterDispatcher}
gnocchi_password: {get_param: GnocchiPassword}
gnocchi_backend: {get_param: GnocchiBackend}
@@ -1091,6 +1103,11 @@ resources:
- {get_param: MysqlVirtualIPUri}
- '/gnocchi'
gnocchi_internal_url: {get_param: [EndpointMap, GnocchiInternal, uri]}
+ gnocchi_public_url: { get_param: [ EndpointMap, GnocchiPublic, uri ] }
+ gnocchi_admin_url: { get_param: [ EndpointMap, GnocchiAdmin, uri ] }
+ ceilometer_public_url: {get_param: [EndpointMap, CeilometerPublic, uri]}
+ ceilometer_internal_url: {get_param: [EndpointMap, CeilometerInternal, uri]}
+ ceilometer_admin_url: {get_param: [EndpointMap, CeilometerAdmin, uri]}
snmpd_readonly_user_name: {get_param: SnmpdReadonlyUserName}
snmpd_readonly_user_password: {get_param: SnmpdReadonlyUserPassword}
nova_enable_db_purge: {get_param: NovaEnableDBPurge}
@@ -1116,6 +1133,12 @@ resources:
- '/nova_api'
upgrade_level_nova_compute: {get_param: UpgradeLevelNovaCompute}
instance_name_template: {get_param: InstanceNameTemplate}
+ nova_public_url: {get_param: [EndpointMap, NovaPublic, uri]}
+ nova_internal_url: {get_param: [EndpointMap, NovaInternal, uri]}
+ nova_admin_url: {get_param: [EndpointMap, NovaAdmin, uri]}
+ nova_ec2_public_url: {get_param: [EndpointMap, NovaEC2Public, uri]}
+ nova_ec2_internal_url: {get_param: [EndpointMap, NovaEC2Internal, uri]}
+ nova_ec2_admin_url: {get_param: [EndpointMap, NovaEC2Admin, uri]}
fencing_config: {get_param: FencingConfig}
pcsd_password: {get_param: PcsdPassword}
rabbit_username: {get_param: RabbitUserName}
@@ -1138,9 +1161,18 @@ resources:
swift_replicas: {get_param: SwiftReplicas}
swift_min_part_hours: {get_param: SwiftMinPartHours}
swift_mount_check: {get_param: SwiftMountCheck}
+ swift_public_url: {get_param: [EndpointMap, SwiftPublic, uri]}
+ swift_internal_url: {get_param: [EndpointMap, SwiftInternal, uri]}
+ swift_admin_url: {get_param: [EndpointMap, SwiftAdmin, uri]}
+ swift_public_url_s3: {get_param: [EndpointMap, SwiftS3Public, uri]}
+ swift_internal_url_s3: {get_param: [EndpointMap, SwiftS3Internal, uri]}
+ swift_admin_url_s3: {get_param: [EndpointMap, SwiftS3Admin, uri]}
enable_package_install: {get_param: EnablePackageInstall}
enable_package_upgrade: {get_attr: [UpdateDeployment, update_managed_packages]}
sahara_password: {get_param: SaharaPassword}
+ sahara_public_url: {get_param: [EndpointMap, SaharaPublic, uri]}
+ sahara_internal_url: {get_param: [EndpointMap, SaharaInternal, uri]}
+ sahara_admin_url: {get_param: [EndpointMap, SaharaAdmin, uri]}
sahara_dsn:
list_join:
- ''
@@ -1272,6 +1304,14 @@ resources:
tripleo::ringbuilder::replicas: {get_input: swift_replicas}
tripleo::ringbuilder::min_part_hours: {get_input: swift_min_part_hours}
swift_mount_check: {get_input: swift_mount_check}
+ swift::keystone::auth::public_url: {get_input: swift_public_url }
+ swift::keystone::auth::internal_url: {get_input: swift_internal_url }
+ swift::keystone::auth::admin_url: {get_input: swift_admin_url }
+ swift::keystone::auth::public_url_s3: {get_input: swift_public_url_v3 }
+ swift::keystone::auth::internal_url_s3: {get_input: swift_internal_url_v3 }
+ swift::keystone::auth::admin_url_s3: {get_input: swift_admin_url_v3 }
+ swift::keystone::auth::password: {get_input: swift_password }
+ swift::keystone::auth::region: {get_input: keystone_region}
# Cinder
cinder_enable_db_purge: {get_input: cinder_enable_db_purge}
@@ -1296,10 +1336,20 @@ resources:
cinder::glance::glance_api_servers: {get_input: glance_api_servers}
cinder_backend_config: {get_input: CinderBackendConfig}
cinder::db::mysql::password: {get_input: cinder_password}
+ cinder::keystone::auth::public_url: {get_input: cinder_public_url }
+ cinder::keystone::auth::internal_url: {get_input: cinder_internal_url }
+ cinder::keystone::auth::admin_url: {get_input: cinder_admin_url }
+ cinder::keystone::auth::public_url_v2: {get_input: cinder_public_url_v2 }
+ cinder::keystone::auth::internal_url_v2: {get_input: cinder_internal_url_v2 }
+ cinder::keystone::auth::admin_url_v2: {get_input: cinder_admin_url_v2 }
+ cinder::keystone::auth::password: {get_input: cinder_password }
+ cinder::keystone::auth::region: {get_input: keystone_region}
# Glance
glance::api::bind_host: {get_input: glance_api_network}
glance::registry::bind_host: {get_input: glance_registry_network}
+ glance::keystone::auth::region: {get_input: keystone_region}
+
# Heat
heat_stack_domain_admin_password: {get_input: heat_stack_domain_admin_password}
heat::engine::heat_watch_server_url: {get_input: heat.watch_server_url}
@@ -1326,6 +1376,12 @@ resources:
heat::db::mysql::password: {get_input: heat_password}
heat_enable_db_purge: {get_input: heat_enable_db_purge}
heat::keystone::domain::domain_password: {get_input: heat_stack_domain_admin_password}
+ heat::keystone::auth::public_url: {get_input: heat_public_url }
+ heat::keystone::auth::internal_url: {get_input: heat_internal_url }
+ heat::keystone::auth::admin_url: {get_input: heat_admin_url }
+ heat::keystone::auth::password: {get_input: heat_password }
+ heat::keystone::auth::region: {get_input: keystone_region}
+
# Keystone
keystone::admin_bind_host: {get_input: keystone_admin_api_network}
keystone::public_bind_host: {get_input: keystone_public_api_network}
@@ -1433,6 +1489,11 @@ resources:
ceilometer::dispatcher::gnocchi::filter_project: 'service'
ceilometer::dispatcher::gnocchi::archive_policy: 'low'
ceilometer::dispatcher::gnocchi::resources_definition_file: 'gnocchi_resources.yaml'
+ ceilometer::keystone::auth::public_url: {get_input: ceilometer_public_url }
+ ceilometer::keystone::auth::internal_url: {get_input: ceilometer_internal_url }
+ ceilometer::keystone::auth::admin_url: {get_input: ceilometer_admin_url }
+ ceilometer::keystone::auth::password: {get_input: ceilometer_password }
+ ceilometer::keystone::auth::region: {get_input: keystone_region}
snmpd_readonly_user_name: {get_input: snmpd_readonly_user_name}
snmpd_readonly_user_password: {get_input: snmpd_readonly_user_password}
@@ -1453,6 +1514,11 @@ resources:
aodh::db::mysql::password: {get_input: aodh_password}
# for a migration path from ceilometer-alarm to aodh, we use the same database & coordination
aodh::evaluator::coordination_url: {get_input: ceilometer_coordination_url}
+ aodh::keystone::auth::public_url: {get_input: aodh_public_url }
+ aodh::keystone::auth::internal_url: {get_input: aodh_internal_url }
+ aodh::keystone::auth::admin_url: {get_input: aodh_admin_url }
+ aodh::keystone::auth::password: {get_input: aodh_password }
+ aodh::keystone::auth::region: {get_input: keystone_region}
# Gnocchi
gnocchi_backend: {get_input: gnocchi_backend}
@@ -1469,6 +1535,11 @@ resources:
gnocchi::db::mysql::password: {get_input: gnocchi_password}
gnocchi::storage::swift::swift_authurl: {get_input: keystone_auth_uri}
gnocchi::storage::swift::swift_key: {get_input: gnocchi_password}
+ gnocchi::keystone::auth::public_url: {get_input: gnocchi_public_url }
+ gnocchi::keystone::auth::internal_url: {get_input: gnocchi_internal_url }
+ gnocchi::keystone::auth::admin_url: {get_input: gnocchi_admin_url }
+ gnocchi::keystone::auth::password: {get_input: gnocchi_password }
+ gnocchi::keystone::auth::region: {get_input: keystone_region}
# Nova
nova::rabbit_userid: {get_input: rabbit_username}
@@ -1499,6 +1570,14 @@ resources:
nova::db::mysql::password: {get_input: nova_password}
nova::db::mysql_api::password: {get_input: nova_password}
nova_enable_db_purge: {get_input: nova_enable_db_purge}
+ nova::keystone::auth::public_url: {get_input: nova_public_url}
+ nova::keystone::auth::internal_url: {get_input: nova_internal_url}
+ nova::keystone::auth::admin_url: {get_input: nova_admin_url}
+ nova::keystone::auth::ec2_public_url: {get_input: nova_ec2_public_url}
+ nova::keystone::auth::ec2_internal_url: {get_input: nova_ec2_internal_url}
+ nova::keystone::auth::ec2_admin_url: {get_input: nova_ec2_admin_url}
+ nova::keystone::auth::password: {get_input: nova_password }
+ nova::keystone::auth::region: {get_input: keystone_region}
# Horizon
apache::mod::remoteip::proxy_ips: {get_input: horizon_subnet}
@@ -1531,6 +1610,11 @@ resources:
sahara::rabbit_use_ssl: {get_input: rabbit_client_use_ssl}
sahara::rabbit_port: {get_input: rabbit_client_port}
sahara::db::mysql::password: {get_input: sahara_password}
+ sahara::keystone::auth::public_url: {get_input: sahara_public_url }
+ sahara::keystone::auth::internal_url: {get_input: sahara_internal_url }
+ sahara::keystone::auth::admin_url: {get_input: sahara_admin_url }
+ sahara::keystone::auth::password: {get_input: sahara_password }
+ sahara::keystone::auth::region: {get_input: keystone_region}
# Rabbit
rabbitmq::node_ip_address: {get_input: rabbitmq_network}
diff --git a/puppet/hieradata/controller.yaml b/puppet/hieradata/controller.yaml
index 9316cf17..b662bc64 100644
--- a/puppet/hieradata/controller.yaml
+++ b/puppet/hieradata/controller.yaml
@@ -57,6 +57,16 @@ ceilometer::api::keystone_tenant: 'service'
gnocchi::api::keystone_tenant: 'service'
heat::keystone_tenant: 'service'
sahara::admin_tenant_name: 'service'
+aodh::keystone::auth::tenant: 'service'
+ceilometer::keystone::auth::tenant: 'service'
+cinder::keystone::auth::tenant: 'service'
+glance::keystone::auth::tenant: 'service'
+gnocchi::keystone::auth::tenant: 'service'
+heat::keystone::auth::tenant: 'service'
+neutron::keystone::auth::tenant: 'service'
+nova::keystone::auth::tenant: 'service'
+sahara::keystone::auth::tenant: 'service'
+swift::keystone::auth::tenant: 'service'
# keystone
keystone::cron::token_flush::maxdelay: 3600
@@ -86,6 +96,10 @@ swift::proxy::pipeline:
- 'proxy-server'
swift::proxy::account_autocreate: true
+swift::keystone::auth::configure_s3_endpoint: false
+swift::keystone::auth::operator_roles:
+ - admin
+ - swiftoperator
# glance
glance::api::pipeline: 'keystone'
@@ -106,6 +120,7 @@ nova::scheduler::filter::ram_allocation_ratio: '1.0'
nova::cron::archive_deleted_rows::hour: '*/12'
nova::cron::archive_deleted_rows::destination: '/dev/null'
nova::notification_driver: messaging
+nova::keystone::auth::configure_ec2_endpoint: false
# ceilometer
ceilometer::agent::auth::auth_endpoint_type: 'internalURL'
diff --git a/puppet/services/glance-api.yaml b/puppet/services/glance-api.yaml
index 3e8784b7..ca50d91d 100644
--- a/puppet/services/glance-api.yaml
+++ b/puppet/services/glance-api.yaml
@@ -94,5 +94,9 @@ outputs:
glance::notify::rabbitmq::rabbit_port: {get_param: RabbitClientPort}
glance::notify::rabbitmq::rabbit_password: {get_param: RabbitPassword}
glance::notify::rabbitmq::rabbit_use_ssl: {get_param: RabbitClientUseSSL}
+ glance::keystone::auth::public_url: {get_param: [EndpointMap, GlancePublic, uri]}
+ glance::keystone::auth::internal_url: {get_param: [EndpointMap, GlanceInternal, uri]}
+ glance::keystone::auth::admin_url: {get_param: [EndpointMap, GlanceAdmin, uri]}
+ glance::keystone::auth::password: {get_param: GlancePassword }
step_config: |
include ::tripleo::profile::base::glance::api