From 8dcfe1a692815ee3a34dca32fd427471dfd0046a Mon Sep 17 00:00:00 2001 From: blsaws Date: Mon, 16 May 2016 07:40:31 -0700 Subject: Refactor installer code folders. JIRA: COPPER-2 Add initial centos7 bash scripts in development. Change-Id: I112aa43c231dac035f0d1bc2ae416fabf6b8b650 Signed-off-by: blsaws --- components/congress/ansible/README.txt | 200 ---------- components/congress/ansible/build_congress.yml | 12 - components/congress/ansible/config.yml | 94 ----- components/congress/ansible/deploy_congress.yml | 12 - components/congress/ansible/hosts.ini | 6 - .../congress/ansible/roles/deploy/tasks/main.yml | 295 --------------- .../roles/deploy/templates/congress-api.conf | 7 - .../roles/deploy/templates/congress-api.service | 31 -- .../ansible/roles/deploy/templates/congress.conf | 75 ---- components/congress/install/ansible/README.txt | 200 ++++++++++ .../congress/install/ansible/build_congress.yml | 12 + components/congress/install/ansible/config.yml | 94 +++++ .../congress/install/ansible/deploy_congress.yml | 12 + components/congress/install/ansible/hosts.ini | 6 + .../install/ansible/roles/deploy/tasks/main.yml | 295 +++++++++++++++ .../roles/deploy/templates/congress-api.conf | 7 + .../roles/deploy/templates/congress-api.service | 31 ++ .../ansible/roles/deploy/templates/congress.conf | 75 ++++ .../congress/install/bash/centos/clean_congress.sh | 46 +++ .../install/bash/centos/install_congress_1.sh | 171 +++++++++ .../install/bash/centos/install_congress_2.sh | 165 +++++++++ components/congress/install/joid/clean_congress.sh | 46 +++ .../congress/install/joid/install_congress_1.sh | 187 ++++++++++ .../congress/install/joid/install_congress_2.sh | 174 +++++++++ .../puppet/provider/congress_config/ini_setting.rb | 27 ++ .../puppet/lib/puppet/type/congress_config.rb | 42 +++ .../congress/install/puppet/manifests/client.pp | 27 ++ .../congress/install/puppet/manifests/config.pp | 30 ++ components/congress/install/puppet/manifests/db.pp | 97 +++++ .../congress/install/puppet/manifests/db/mysql.pp | 69 ++++ .../install/puppet/manifests/db/postgresql.pp | 55 +++ .../congress/install/puppet/manifests/db/sync.pp | 14 + .../congress/install/puppet/manifests/init.pp | 410 +++++++++++++++++++++ .../install/puppet/manifests/keystone/auth.pp | 93 +++++ .../congress/install/puppet/manifests/logging.pp | 251 +++++++++++++ .../congress/install/puppet/manifests/params.pp | 31 ++ .../congress/install/puppet/manifests/policy.pp | 39 ++ .../congress/install/puppet/manifests/service.pp | 55 +++ components/congress/install/puppet/metadata.json | 34 ++ .../puppet/spec/classes/congress_db_mysql_spec.rb | 62 ++++ .../spec/classes/congress_db_postgresql_spec.rb | 58 +++ .../puppet/spec/classes/congress_db_spec.rb | 78 ++++ .../spec/classes/congress_keystone_auth_spec.rb | 123 +++++++ .../puppet/spec/classes/congress_logging_spec.rb | 144 ++++++++ .../puppet/spec/classes/congress_policy_spec.rb | 41 +++ .../install/puppet/spec/shared_examples.rb | 5 + .../provider/congress_config/ini_setting_spec.rb | 68 ++++ .../puppet/spec/unit/type/congress_config_spec.rb | 64 ++++ components/congress/install/puppet/tests/init.pp | 12 + components/congress/joid/clean_congress.sh | 46 --- components/congress/joid/install_congress_1.sh | 187 ---------- components/congress/joid/install_congress_2.sh | 174 --------- .../puppet/provider/congress_config/ini_setting.rb | 27 -- .../puppet/lib/puppet/type/congress_config.rb | 42 --- components/congress/puppet/manifests/client.pp | 27 -- components/congress/puppet/manifests/config.pp | 30 -- components/congress/puppet/manifests/db.pp | 97 ----- components/congress/puppet/manifests/db/mysql.pp | 69 ---- .../congress/puppet/manifests/db/postgresql.pp | 55 --- components/congress/puppet/manifests/db/sync.pp | 14 - components/congress/puppet/manifests/init.pp | 410 --------------------- .../congress/puppet/manifests/keystone/auth.pp | 93 ----- components/congress/puppet/manifests/logging.pp | 251 ------------- components/congress/puppet/manifests/params.pp | 31 -- components/congress/puppet/manifests/policy.pp | 39 -- components/congress/puppet/manifests/service.pp | 55 --- components/congress/puppet/metadata.json | 34 -- .../puppet/spec/classes/congress_db_mysql_spec.rb | 62 ---- .../spec/classes/congress_db_postgresql_spec.rb | 58 --- .../puppet/spec/classes/congress_db_spec.rb | 78 ---- .../spec/classes/congress_keystone_auth_spec.rb | 123 ------- .../puppet/spec/classes/congress_logging_spec.rb | 144 -------- .../puppet/spec/classes/congress_policy_spec.rb | 41 --- components/congress/puppet/spec/shared_examples.rb | 5 - .../provider/congress_config/ini_setting_spec.rb | 68 ---- .../puppet/spec/unit/type/congress_config_spec.rb | 64 ---- components/congress/puppet/tests/init.pp | 12 - 77 files changed, 3450 insertions(+), 3068 deletions(-) delete mode 100644 components/congress/ansible/README.txt delete mode 100644 components/congress/ansible/build_congress.yml delete mode 100644 components/congress/ansible/config.yml delete mode 100644 components/congress/ansible/deploy_congress.yml delete mode 100644 components/congress/ansible/hosts.ini delete mode 100644 components/congress/ansible/roles/deploy/tasks/main.yml delete mode 100644 components/congress/ansible/roles/deploy/templates/congress-api.conf delete mode 100644 components/congress/ansible/roles/deploy/templates/congress-api.service delete mode 100644 components/congress/ansible/roles/deploy/templates/congress.conf create mode 100644 components/congress/install/ansible/README.txt create mode 100644 components/congress/install/ansible/build_congress.yml create mode 100644 components/congress/install/ansible/config.yml create mode 100644 components/congress/install/ansible/deploy_congress.yml create mode 100644 components/congress/install/ansible/hosts.ini create mode 100644 components/congress/install/ansible/roles/deploy/tasks/main.yml create mode 100644 components/congress/install/ansible/roles/deploy/templates/congress-api.conf create mode 100644 components/congress/install/ansible/roles/deploy/templates/congress-api.service create mode 100644 components/congress/install/ansible/roles/deploy/templates/congress.conf create mode 100644 components/congress/install/bash/centos/clean_congress.sh create mode 100644 components/congress/install/bash/centos/install_congress_1.sh create mode 100644 components/congress/install/bash/centos/install_congress_2.sh create mode 100644 components/congress/install/joid/clean_congress.sh create mode 100644 components/congress/install/joid/install_congress_1.sh create mode 100644 components/congress/install/joid/install_congress_2.sh create mode 100644 components/congress/install/puppet/lib/puppet/provider/congress_config/ini_setting.rb create mode 100644 components/congress/install/puppet/lib/puppet/type/congress_config.rb create mode 100644 components/congress/install/puppet/manifests/client.pp create mode 100644 components/congress/install/puppet/manifests/config.pp create mode 100644 components/congress/install/puppet/manifests/db.pp create mode 100644 components/congress/install/puppet/manifests/db/mysql.pp create mode 100644 components/congress/install/puppet/manifests/db/postgresql.pp create mode 100644 components/congress/install/puppet/manifests/db/sync.pp create mode 100644 components/congress/install/puppet/manifests/init.pp create mode 100644 components/congress/install/puppet/manifests/keystone/auth.pp create mode 100644 components/congress/install/puppet/manifests/logging.pp create mode 100644 components/congress/install/puppet/manifests/params.pp create mode 100644 components/congress/install/puppet/manifests/policy.pp create mode 100644 components/congress/install/puppet/manifests/service.pp create mode 100644 components/congress/install/puppet/metadata.json create mode 100644 components/congress/install/puppet/spec/classes/congress_db_mysql_spec.rb create mode 100644 components/congress/install/puppet/spec/classes/congress_db_postgresql_spec.rb create mode 100644 components/congress/install/puppet/spec/classes/congress_db_spec.rb create mode 100644 components/congress/install/puppet/spec/classes/congress_keystone_auth_spec.rb create mode 100644 components/congress/install/puppet/spec/classes/congress_logging_spec.rb create mode 100644 components/congress/install/puppet/spec/classes/congress_policy_spec.rb create mode 100644 components/congress/install/puppet/spec/shared_examples.rb create mode 100644 components/congress/install/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb create mode 100644 components/congress/install/puppet/spec/unit/type/congress_config_spec.rb create mode 100644 components/congress/install/puppet/tests/init.pp delete mode 100644 components/congress/joid/clean_congress.sh delete mode 100644 components/congress/joid/install_congress_1.sh delete mode 100644 components/congress/joid/install_congress_2.sh delete mode 100644 components/congress/puppet/lib/puppet/provider/congress_config/ini_setting.rb delete mode 100644 components/congress/puppet/lib/puppet/type/congress_config.rb delete mode 100644 components/congress/puppet/manifests/client.pp delete mode 100644 components/congress/puppet/manifests/config.pp delete mode 100644 components/congress/puppet/manifests/db.pp delete mode 100644 components/congress/puppet/manifests/db/mysql.pp delete mode 100644 components/congress/puppet/manifests/db/postgresql.pp delete mode 100644 components/congress/puppet/manifests/db/sync.pp delete mode 100644 components/congress/puppet/manifests/init.pp delete mode 100644 components/congress/puppet/manifests/keystone/auth.pp delete mode 100644 components/congress/puppet/manifests/logging.pp delete mode 100644 components/congress/puppet/manifests/params.pp delete mode 100644 components/congress/puppet/manifests/policy.pp delete mode 100644 components/congress/puppet/manifests/service.pp delete mode 100644 components/congress/puppet/metadata.json delete mode 100644 components/congress/puppet/spec/classes/congress_db_mysql_spec.rb delete mode 100644 components/congress/puppet/spec/classes/congress_db_postgresql_spec.rb delete mode 100644 components/congress/puppet/spec/classes/congress_db_spec.rb delete mode 100644 components/congress/puppet/spec/classes/congress_keystone_auth_spec.rb delete mode 100644 components/congress/puppet/spec/classes/congress_logging_spec.rb delete mode 100644 components/congress/puppet/spec/classes/congress_policy_spec.rb delete mode 100644 components/congress/puppet/spec/shared_examples.rb delete mode 100644 components/congress/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb delete mode 100644 components/congress/puppet/spec/unit/type/congress_config_spec.rb delete mode 100644 components/congress/puppet/tests/init.pp diff --git a/components/congress/ansible/README.txt b/components/congress/ansible/README.txt deleted file mode 100644 index e664217..0000000 --- a/components/congress/ansible/README.txt +++ /dev/null @@ -1,200 +0,0 @@ -# Copyright 2015-2016 AT&T Intellectual Property, Inc -# This file contains instructions for installing Congress on a Centos7 OPNFV jumphost using Ansible -# Details are sparse so far - a user guide will be written -# Some of these instructions may already have been completed in the copper git Ansible installer files - -# INSTALLING - -# update -sudo yum -y update - -# install ansible (likely already installed) -sudo yum install ansible - -# if you got a Dropbox-related error in ansible installation, disable dropbox and repeat ansible install -sudo yum-config-manager --disable Dropbox - -# install sshpass (needed for ansible-playbook call with password authentication) -sudo yum install sshpass - -# download https://launchpad.net/congress/kilo/2015.1.0/+download/congress-2015.1.0.tar.gz and save in /tmp/congress-2015.1.0.tar.gz -wget https://launchpad.net/congress/kilo/2015.1.0/+download/congress-2015.1.0.tar.gz -O /tmp/congress-2015.1.0.tar.gz - -# clone copper -mkdir ~/git -cd ~/git -git clone https://gerrit.opnfv.org/gerrit/copper - -# edit hosts.ini and add your controller IP address -gedit ~/git/copper/components/congress/ansible/hosts.ini -[congress_prod_host] -(your controller IP) - -# edit deploy_congress.yml and add your controller IP address -# note: this should not be needed, unless the "congress_prod_host" setting in hosts.ini is not picked up for some reason (?) -gedit ~/git/copper/components/congress/ansible/deploy_congress.yml -- hosts: (your controller IP) - -# edit config.yml and set authRegion per your openstack install, your controller IP address where needed, publicEndpoint = http:// (not https://) -gedit ~/git/copper/components/congress/ansible/config.yml -authRegion: RegionOne -publicEndpoint = http://(your controller IP):1789/ -internalEndpoint = http://(your controller IP):1789/ -adminEndpoint = http://(your controller IP):1789/ -mysqlDBIP: (your controller IP) - -# edit congress.conf and set -# bind_host to controller IP address -# "auth_strategy = noauth" for testing -# drivers per the list to test (leave out swift due to issues below) -# TODO: auth_strategy noauth is needed to overcome some issue with keystone auth (debug needed) -gedit ~/git/copper/components/congress/ansible/roles/deploy/templates/congress.conf -bind_host = (your controller IP) -auth_strategy = noauth -drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver,congress.datasources.swift_driver.SwiftDriver - -# add controller host IP to /etc/ansible/hosts -sudo vi /etc/ansible/hosts - -# run the ansible playbook -ansible-playbook -vvv -u root -k deploy_congress.yml - -# use --start-at-task="task" when restarting to avoid idempotency errors (steps which fail because they have already completed and can't be completed successfully twice) -ansible-playbook -vvv -u root -k deploy_congress.yml --start-at-task="install datasource drivers" - -# install congress API test driver -# install lamp server: see https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-7 -sudo yum -y install httpd -sudo yum -y install php -sudo cp -r ~/git/copper/test/congress/driver/www/html/ /var/www/ -sudo cp ~/git/copper/test/congress/driver/www/httpd.conf /etc/httpd/conf -sudo systemctl start httpd.service - -# UNINSTALLING -# Ansible uninstaller will be developed... for now manual uninstall -# On the controller -openstack endpoint list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 -openstack endpoint delete --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 -openstack service list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 -openstack service delete --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 -systemctl stop congress-api -sudo rm /etc/init/congress-api.conf -sudo rm -r /opt/congress -sudo rm -r /opt/congress-2015.1.0 -sudo rm -r /var/log/congress -sudo rm -r /usr/lib/python2.7/site-packages/python_congressclient-2015.1.0.dist-info -sudo rm -r /usr/lib/python2.7/site-packages/congressclient/ -sudo rm -r /usr/lib/python2.7/site-packages/congress-2015.1.0-py2.7.egg-info -sudo rm -r /etc/congress -sudo rm -r /tmp/congress-2015.1.0.tar.gz -sudo rm -r /tmp/congress.tar.gz -sudo rm -r /var/lib/mysql/congress -sudo rm -r /var/spool/mail/congress -sudo rm -r /usr/bin/congress-server -sudo rm -r /usr/bin/congress-db-manage -sudo rm -r /usr/lib/python2.7/site-packages/congress -sudo rm /usr/lib/systemd/system/congress-api.service -sudo userdel -r congress -find / | grep congress - -# find ID of the installed congress services, and remove -openstack service list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 -openstack service delete --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 - - -# DEBUGGING RAW NOTES - -# various attempts to get a auth token (failed) -# found SSL issues with creating datasources; set config.yml publicEndpoint to http:// to fix -# to remove endpoints (to cleanup from incorrectly provisoned endpoints) -keystone endpoint-list -keystone endpoint-delete fa7c4b72faef402a919d50e5374705a9 - -# various issues resulted from trying to create the swift datasource driver. removed for now (see congress.conf notes above) -# server errors reading datasources -2015-11-20 20:02:59.398 17478 ERROR congress.api.application [-] Traceback (most recent call last): - File "/opt/congress/congress/api/application.py", line 47, in __call__ - response = handler.handle_request(request) - File "/opt/congress/congress/api/webservice.py", line 351, in handle_request - return self.list_members(request) - File "/opt/congress/congress/api/webservice.py", line 375, in list_members - context=self._get_context(request)) - File "/opt/congress/congress/api/datasource_model.py", line 52, in get_items - datasources = self.datasource_mgr.get_datasources(filter_secret=True) - File "/opt/congress/congress/managers/datasource.py", line 138, in get_datasources - hide_fields = cls.get_driver_info(result['driver'])['secret'] -KeyError: 'secret' - -vi /opt/congress/congress/managers/datasource.py -remove - if filter_secret: - hide_fields = cls.get_driver_info(result['driver'])['secret'] - for hide_field in hide_fields: - result['config'][hide_field] = "" -(didn't help) - -2015-11-20 19:58:13.021 17478 ERROR congress.api.application [-] Traceback (most recent call last): - File "/opt/congress/congress/api/application.py", line 47, in __call__ - response = handler.handle_request(request) - File "/opt/congress/congress/api/webservice.py", line 351, in handle_request - return self.list_members(request) - File "/opt/congress/congress/api/webservice.py", line 375, in list_members - context=self._get_context(request)) - File "/opt/congress/congress/api/datasource_model.py", line 52, in get_items - datasources = self.datasource_mgr.get_datasources(filter_secret=True) - File "/opt/congress/congress/managers/datasource.py", line 138, in get_datasources - return results -KeyError: 'secret' - -openstack congress datasource create ceilometer "ceilometer" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 - -openstack congress datasource create cinder "cinder" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 - -openstack congress datasource create glancev2 "glancev2" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 - -openstack congress datasource create keystone "keystone" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 - -openstack congress datasource create neutronv2 "neutronv2" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 - -openstack congress datasource create nova "nova" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 - -openstack congress datasource create swift "swift" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 - - -+++++++++++++++++++ -curl -s -X POST http://192.168.1.204:5000/v2.0/tokens \ - -H "Content-Type: application/json" \ - -d '{"auth": {"tenantName": "'"$OS_TENANT_NAME"'", "passwordCredentials": - {"username": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"}}}' \ - | python -m json.tool - -export OS_TOKEN=(token from the response) - -curl -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' -H "Content-type: application/json" http://192.168.1.204:35357/v2.0/tokens | python -m json.tool - -curl -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' -H "Content-type: application/json" http://192.168.1.204:5000/v2.0/tokens - -curl -v -s -X POST http://192.168.1.204:5000/v2.0/tokens -H "Content-Type: application/json" -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' - -curl -v -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' http://192.168.1.204:1789/v1/policies - -curl -v -d '{"auth": {"tenantName": "'"$OS_TENANT_NAME"'", "passwordCredentials": - {"username": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"}}}' http://192.168.1.204:1789/v1/policies - - -curl -i \ - -H "Content-Type: application/json" \ - -H "X-Auth-Token: $OS_TOKEN" \ - -d ' -{ "auth": { - "identity": { - "methods": ["token"], - "token": { - "id": "'$OS_TOKEN'" - } - } - } -}' \ -http://192.168.1.204:1789/v1/policies ; echo - - diff --git a/components/congress/ansible/build_congress.yml b/components/congress/ansible/build_congress.yml deleted file mode 100644 index 572f330..0000000 --- a/components/congress/ansible/build_congress.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -- hosts: congress_build_host - sudo: true - - - vars_files: - - config.yml - - - roles: - - build diff --git a/components/congress/ansible/config.yml b/components/congress/ansible/config.yml deleted file mode 100644 index cf94414..0000000 --- a/components/congress/ansible/config.yml +++ /dev/null @@ -1,94 +0,0 @@ ---- -# Copyright 2015-2016 AT&T Intellectual Property, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# What this is: An Ansible installer answer file for installing OpenStack Congress on Centos 7. -# Status: testing in progress -# - -# temp directory used to build congress dependencies -tempDir: /tmp - -# directory where the binary venv package will be built -virtualPackageDir: /var/tmp - -# package version -congressVersion: "2015.1.0" - -# directory where to install congress. This should only be the base directory and not the full path. We will create the congress folder automatically -installDir: /opt - -# If this is the first time you are installing then set init = True. For subsequent install or upgrades set init = False -# You can also use the --start-at-task="(name)" and --step options to re-run and skip non-idempotent steps -# (non-idempotent means the step will fail if already completed) -init: "True" - -# This section contains the answers for all "init" (initial install) steps to -# initialize congress services, keystone endpoint, congress user creation and database initialization. -#--------- start init --------- -#hostIP -hostIP: 192.168.10.6 - -#public endpoint -publicEndpoint: http://192.168.10.6:1789/ - -#internal endpoint -internalEndpoint: http://192.168.10.6:1789/ - -#admin endpoint -adminEndpoint: http://192.168.10.6:1789/ - -#keystone admin user -keystoneAdminUser: admin - -#keystone admin password -keystoneAdminPassword: octopus - -#keystone auth_url -#keystoneAuthURL: http://192.168.10.6:35357/v2.0 - -#keystone auth_host -keystoneAuthHost: localhost - -#keystone auth protocal (http or https) -keystoneAuthProto: http - -#openstack admin tenant name -adminTenantName: admin - -#region -authRegion: RegionOne - -#congress admin username -congressAdminUser: congress - -#congress admin password -congressAdminPassword: congress - -#mysql user ip address or hostname -# TODO: whether this needs to be localhost or the actual IP address -mysqlDBIP: localhost - -#mysql root password -mysqlDBPassword: octopus - -#mysql root username -mysqlDBUser: root - -#congress db user -dbUser: congress - -#congress db password -dbPassword: congress -#--------- end init --------- diff --git a/components/congress/ansible/deploy_congress.yml b/components/congress/ansible/deploy_congress.yml deleted file mode 100644 index b3e311c..0000000 --- a/components/congress/ansible/deploy_congress.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- - -- hosts: 192.168.1.204 - sudo: true - - - vars_files: - - config.yml - - - roles: - - deploy diff --git a/components/congress/ansible/hosts.ini b/components/congress/ansible/hosts.ini deleted file mode 100644 index 341bf16..0000000 --- a/components/congress/ansible/hosts.ini +++ /dev/null @@ -1,6 +0,0 @@ -[congress_build_host] -127.0.0.1 ansible_connection=local - -[congress_prod_host] -192.168.1.204 - diff --git a/components/congress/ansible/roles/deploy/tasks/main.yml b/components/congress/ansible/roles/deploy/tasks/main.yml deleted file mode 100644 index 3806034..0000000 --- a/components/congress/ansible/roles/deploy/tasks/main.yml +++ /dev/null @@ -1,295 +0,0 @@ ---- -# Copyright 2015-2016 AT&T Intellectual Property, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# What this is: An Ansible playbook for installing OpenStack Congress on Centos 7. -# Status: this is a work in progress, under test -# -# How to use: -# ansible-playbook -vvv -u root -k -i hosts.ini deploy_congress.yml -# - -# Update packages -# yum update_cache=yes name=* -- name: updating package cache -# apt: update_cache=yes - yum: update_cache=yes name=* - -# Install dependencies -# Direct command: -# yum pkg=python-pip,mariadb-libs,MySQL-python,git,gcc,python-devel,libxml2,libxslt-devel,libzip-devel,mysql-server state=present -- name: installing dependancies - yum: pkg={{item}} state=present - with_items: - - python-pip - - mariadb-libs - - MySQL-python - - git - - gcc -# - python-dev -# - libxslt1-dev -# - libzip-dev - - python-devel - - libxml2 - - libxslt-devel - - libzip-devel - - mysql-server -# - libmysqlclient-dev -# - python-mysqldb - -# Upgrade pip -# Direct command: pip install --upgrade pip -#- name: upgrade pip -# shell: pip install --upgrade pip - -# Install python dependencies -# Direct command: pip name=virtualenv -- name: installing python dependancies -# pip: name={{item}} extra_args='--upgrade' - pip: name={{item}} - with_items: - - virtualenv - - oslo.middleware -# - MySQL-python - -# Create the congress user group -# Direct command: group name=congress state=present -- name: creating congress group - group: name=congress state=present - when: init == "True" - -# Create the congress user -# Direct command: user name=congress group=congress state=present createhome=no -- name: creating congress user - user: name=congress group=congress state=present createhome=no - -# Create the congress install directory -# Direct command: mkdir {{item}}; chown congress {{item}}; chgrp congress {{item}}; -- name: creating remote install directory - file: path={{item}} state=directory owner=congress group=congress - with_items: - - /etc/congress - - /etc/congress/snapshot -# - "{{installDir}}" - - /var/log/congress - -# Copying congress build to prod host -# Direct command: what direct command this maps to is TBD -- name: copying congress build to prod host - unarchive: src={{tempDir}}/congress-{{congressVersion}}.tar.gz dest={{installDir}} owner=congress group=congress - args: - creates: "{{installDir}}/congress-{{congressVersion}}" - -# Run the congress python setup -# Direct command: cd /opt/congress-{{congressVersion}}; python setup.py install -- name: run setup.py - shell: python setup.py install - args: - chdir: "{{installDir}}/congress-{{congressVersion}}" - creates: /usr/bin/congress-db-manage - -# Activate virtualenv (creates virtual python script library to avoid conflicts with other code on the server) -# TODO: clarify need or benefit from virtualenv -# Direct command: virtualenv /opt/congress-{{congressVersion}} -- name: activating virtualenv - shell: virtualenv {{installDir}}/congress-{{congressVersion}} - -# Install dependencies in virtualenv -# Direct command: pip install --upgrade {{item}} -# TODO: how to invoke virtualenv install in manual command -#- name: Install dependencies in virtualenv -# pip: name={{item}} virtualenv={{installDir}}/congress-{{congressVersion}} virtualenv_site_packages=yes extra_args='--upgrade' -# with_items: -# - pbr -# - oslo.middleware -# - i18n - -# Copy api-paste.ini to the config directory -# Direct command: cd /opt/congress-{{congressVersion}}; cp etc/api-paste.ini /etc/congress -- name: copy /etc/congress/api-paste.ini - shell: cp etc/api-paste.ini /etc/congress - args: - creates: /etc/congress/api-paste.ini - chdir: "{{installDir}}/congress-{{congressVersion}}" - -# Copy policy.json to the config directory -# Direct command: cd /opt/congress-{{congressVersion}}; cp etc/policy.json /etc/congress -- name: copy /etc/congress/policy.json - shell: cp etc/policy.json /etc/congress - args: - creates: /etc/congress/policy.json - chdir: "{{installDir}}/congress-{{congressVersion}}" - -# Copy congress.conf to the config directory -# Direct command: what direct command this maps to is TBD) -- name: updating congress.conf - template: src=congress.conf dest=/etc/congress/congress.conf owner=congress group=congress - -# Create the congress service -# Direct command: bin/keystone --os-auth-url=http://localhost:35357/v2.0 --os-username=admin --os-tenant-name=admin --os-password=octopus service-create --name congress --type "policy" --description "Congress Service" -- name: create congress service - shell: > - /bin/keystone \ - --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 \ - --os-username={{keystoneAdminUser}} \ - --os-tenant-name={{adminTenantName}} \ - --os-password={{keystoneAdminPassword}} \ - service-create --name congress --type "policy" --description "Congress Service" - -# Create the congress service endpoint -# Direct command: bin/keystone --os-auth-url=http://localhost:35357/v2.0 --os-username=admin --os-tenant-name=admin --os-password=octopus endpoint-create --service congress --region RegionOne --publicurl http://192.168.1.204:1789/ -- name: creating keystone endpoint - shell: > - /bin/keystone \ - --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 \ - --os-username={{keystoneAdminUser}} \ - --os-tenant-name={{adminTenantName}} \ - --os-password={{keystoneAdminPassword}} \ - endpoint-create --service congress \ - --region {{authRegion}} \ - --publicurl {{publicEndpoint}} \ - --adminurl {{adminEndpoint}} \ - --internalurl {{internalEndpoint}} - -# Create the congress database -# TODO: fix some bug resulting in "msg: unable to connect, check login credentials " -# Workaround: on controller -# mysql mysql -# update user set host = '%' where user = 'root'; -# exit -# Direct command: mysql_db name=congress state=present login_host=192.168.1.204 login_user=root login_password=VALUE_HIDDEN -- name: creating congress database - mysql_db: name=congress state=present login_host={{mysqlDBIP}} login_user={{mysqlDBUser}} login_password={{mysqlDBPassword}} - -# Create the congress database user and access -# Direct command: mysql_user name=congress password=VALUE_HIDDEN login_host=localhost login_user=root login_password=VALUE_HIDDEN priv=congress.*:ALL host=% -- name: creating and granting congress user access to database - mysql_user: name={{dbUser}} password={{dbPassword}} login_host={{mysqlDBIP}} login_user={{mysqlDBUser}} login_password={{mysqlDBPassword}} priv=congress.*:ALL host={{ item }} - with_items: - - "%" - - "localhost" - -# Fix bug with congress-db-manage failure to import i18n -# See https://bugs.launchpad.net/tripleo/+bug/1468028 -# It's unclear if this patch causes other problems... -# Direct command: pip install oslo.i18n==1.7.0 -#- name: pip install oslo.i18n==1.7.0 -# shell: > -# pip install oslo.i18n==1.7.0 - -# Create the congress database schema -# Direct command: /usr/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head -- name: creating congress database schema - shell: > - /usr/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head - -# Enable congress to start on system restart -# Direct command: what direct command this maps to is TBD -- name: copy and enable congress-api.service thru systemd - template: src=congress-api.service dest=/usr/lib/systemd/system/congress-api.service - -# Install clients -# Direct command: pip install {{item}} -# pip: name={{item}} virtualenv={{installDir}}/congress-{{congressVersion}} virtualenv_site_packages=yes extra_args='--upgrade' -- name: Install clients - pip: name={{item}} - with_items: - - python-openstackclient - - python-congressclient - -# stderr: Exception raised: (pbr 0.11.0 (/usr/lib/python2.7/site-packages), Requirement.parse('pbr>=1.6')) -# Install pbr-1.8.1 -# Direct command: pip install pbr==1.8.1 -- name: Install pbr-1.8.1 - shell: > - pip install pbr==1.8.1 - -# stderr: Exception raised: (pbr 1.8.1 (/usr/lib/python2.7/site-packages), Requirement.parse('pbr>=0.6,!=0.7,<1.0')) -# fix per https://ask.openstack.org/en/question/83174/whole-cli-doesnt-work-anymore-kilo/ -# pip install --upgrade python-openstackclient -- name: Upgrade python-openstackclient - shell: > - pip install --upgrade python-openstackclient - -# stderr: Unable to establish connection to http://192.168.10.6:1789/v1/data-sources -# systemctl | grep congress -# congress-api.service loaded failed failed OpenStack Congress Server -# https://wiki.archlinux.org/index.php/Systemd#Investigating_systemd_errors -# systemctl status congress-api -l -# oscontroller1.opnfv.com systemd[4175]: Failed at step EXEC spawning /opt/congress/bin/congress-server: No such file or directory -# error in congress-api.service, needed to completely remove from systemd and reinstall -# systemctl stop congress-api.service -# systemctl disable congress-api.service -# rm /etc/systemd/system/congress-api.service -# systemctl daemon-reload -# systemctl reset-failed -# restart at -# ansible-playbook -vvv -u root -k -i hosts.ini deploy_congress.yml --start-at-task="copy and enable congress-api.service thru systemd" - -# congress-server: Traceback (most recent call last): -# congress-server: File "/opt/congress-2015.1.0/bin/congress-server", line 33, in -# congress-server: from congress.server import congress_server -# congress-server: File "/opt/congress-2015.1.0/congress/server/congress_server.py", line 26, in -# congress-server: from congress.common import config -# congress-server: File "/opt/congress-2015.1.0/congress/common/config.py", line 20, in -# congress-server: from congress.managers import datasource as datasource_mgr -# congress-server: File "/opt/congress-2015.1.0/congress/managers/datasource.py", line 19, in -# congress-server: from oslo.db import exception as db_exc -# congress-server: File "/usr/lib/python2.7/site-packages/oslo/db/exception.py", line 48, in -# congress-server: from oslo.db._i18n import _ -# congress-server: File "/usr/lib/python2.7/site-packages/oslo/db/_i18n.py", line 19, in -# congress-server: from oslo import i18n -# congress-server: ImportError: cannot import name i18n -# systemd: congress-api.service: main process exited, code=exited, status=1/FAILURE -# systemd: Unit congress-api.service entered failed state. -# See https://bugs.launchpad.net/tripleo/+bug/1468028 -# It's unclear if this patch causes other problems... -# Direct command: pip install oslo.i18n==1.7.0 -- name: install oslo.i18n==1.7.0 - shell: > - pip install oslo.i18n==1.7.0 - -# congress-server: 2015-11-26 00:30:42.754 24988 TRACE congress from oslo.middleware import request_id -# congress-server: 2015-11-26 00:30:42.754 24988 TRACE congress ImportError: No module named middleware -- name: install oslo.middleware - pip: name={{item}} - with_items: - - oslo.middleware - -# Start the congress service -# Direct command: systemctl start congress-api -- name: start congress-api service - shell: systemctl start congress-api - -# Create congress datasources -# leave out swift for now, as it seems to break access to the other datasources -# Direct command: openstack congress datasource create {{item}} "{{item}}" --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 -- name: install datasource drivers - shell: openstack congress datasource create {{item}} "{{item}}" \ - --os-username={{keystoneAdminUser}} \ - --os-tenant-name={{adminTenantName}} \ - --os-password={{keystoneAdminPassword}} \ - --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 - --config username={{keystoneAdminUser}} \ - --config tenant-name={{adminTenantName}} \ - --config password={{keystoneAdminPassword}} \ - --config auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 - with_items: - - ceilometer - - cinder - - glancev2 - - keystone - - neutronv2 - - nova -# - swift diff --git a/components/congress/ansible/roles/deploy/templates/congress-api.conf b/components/congress/ansible/roles/deploy/templates/congress-api.conf deleted file mode 100644 index 4eae24d..0000000 --- a/components/congress/ansible/roles/deploy/templates/congress-api.conf +++ /dev/null @@ -1,7 +0,0 @@ -description "Congress API server" - -env PYTHON_PATH={{installDir}}/congress -start on runlevel [2345] -stop on runlevel [!2345] - -exec {{installDir}}/congress/bin/congress-server --config-file /etc/congress/congress.conf diff --git a/components/congress/ansible/roles/deploy/templates/congress-api.service b/components/congress/ansible/roles/deploy/templates/congress-api.service deleted file mode 100644 index 224760b..0000000 --- a/components/congress/ansible/roles/deploy/templates/congress-api.service +++ /dev/null @@ -1,31 +0,0 @@ -# Copyright 2015-2016 AT&T Intellectual Property, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# What this is: Ansible configuration for the OpenStack Congress service. -# Used to setup the Congress server to startup on host restart. -# -# Status: testing in progress -# - -[Unit] -Description=OpenStack Congress Server -After=syslog.target network.target - -[Service] -Type=simple -User=congress -ExecStart={{installDir}}/congress/bin/congress-server --config-file /etc/congress/congress.conf - -[Install] -WantedBy=multi-user.target diff --git a/components/congress/ansible/roles/deploy/templates/congress.conf b/components/congress/ansible/roles/deploy/templates/congress.conf deleted file mode 100644 index 86b78a9..0000000 --- a/components/congress/ansible/roles/deploy/templates/congress.conf +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright 2015-2016 AT&T Intellectual Property, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# What this is: An template configuration file for OpenStack Congress -# Status: testing in progress -# - -[DEFAULT] -# Print more verbose output (set logging level to INFO instead of default WARNING level). -verbose = True - -# Print debugging output (set logging level to DEBUG instead of default WARNING level). -# debug = False - -# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s -# log_date_format = %Y-%m-%d %H:%M:%S - -# use_syslog -> syslog -# log_file and log_dir -> log_dir/log_file -# (not log_file) and log_dir -> log_dir/{binary_name}.log -# use_stderr -> stderr -# (not user_stderr) and (not log_file) -> stdout -# publish_errors -> notification system - -# use_syslog = False -# syslog_log_facility = LOG_USER - -# use_stderr = True -log_file = congress.log -log_dir = /var/log/congress - -# publish_errors = False - -# Address to bind the API server to -bind_host = {{hostIP}} - -# Port the bind the API server to -# bind_port = 1789 - -# The path to the latest policy dump -policy_path = /etc/congress/snapshot - -# Paste configuration file -# api_paste_config = api-paste.ini - -# The strategy to be used for auth. -# Supported values are 'keystone'(default), 'noauth'. -auth_strategy = noauth - -# List of datasource driver class paths to import. -# For example: congress.datasources.neutronv2_driver.NeutronV2Driver, etc -# errors seen in log, removed congress.datasources.swift_driver.SwiftDriver -drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver,congress.datasources.swift_driver.SwiftDriver - -[keystone_authtoken] -auth_host = {{ keystoneAuthHost }} -auth_port = 35357 -auth_protocol = {{ keystoneAuthProto }} -admin_tenant_name = {{ adminTenantName }} -admin_user = {{ congressAdminUser }} -admin_password = {{ congressAdminPassword }} - -[database] -connection = mysql://{{dbUser}}:{{dbPassword}}@{{mysqlDBIP}}:3306/congress diff --git a/components/congress/install/ansible/README.txt b/components/congress/install/ansible/README.txt new file mode 100644 index 0000000..e664217 --- /dev/null +++ b/components/congress/install/ansible/README.txt @@ -0,0 +1,200 @@ +# Copyright 2015-2016 AT&T Intellectual Property, Inc +# This file contains instructions for installing Congress on a Centos7 OPNFV jumphost using Ansible +# Details are sparse so far - a user guide will be written +# Some of these instructions may already have been completed in the copper git Ansible installer files + +# INSTALLING + +# update +sudo yum -y update + +# install ansible (likely already installed) +sudo yum install ansible + +# if you got a Dropbox-related error in ansible installation, disable dropbox and repeat ansible install +sudo yum-config-manager --disable Dropbox + +# install sshpass (needed for ansible-playbook call with password authentication) +sudo yum install sshpass + +# download https://launchpad.net/congress/kilo/2015.1.0/+download/congress-2015.1.0.tar.gz and save in /tmp/congress-2015.1.0.tar.gz +wget https://launchpad.net/congress/kilo/2015.1.0/+download/congress-2015.1.0.tar.gz -O /tmp/congress-2015.1.0.tar.gz + +# clone copper +mkdir ~/git +cd ~/git +git clone https://gerrit.opnfv.org/gerrit/copper + +# edit hosts.ini and add your controller IP address +gedit ~/git/copper/components/congress/ansible/hosts.ini +[congress_prod_host] +(your controller IP) + +# edit deploy_congress.yml and add your controller IP address +# note: this should not be needed, unless the "congress_prod_host" setting in hosts.ini is not picked up for some reason (?) +gedit ~/git/copper/components/congress/ansible/deploy_congress.yml +- hosts: (your controller IP) + +# edit config.yml and set authRegion per your openstack install, your controller IP address where needed, publicEndpoint = http:// (not https://) +gedit ~/git/copper/components/congress/ansible/config.yml +authRegion: RegionOne +publicEndpoint = http://(your controller IP):1789/ +internalEndpoint = http://(your controller IP):1789/ +adminEndpoint = http://(your controller IP):1789/ +mysqlDBIP: (your controller IP) + +# edit congress.conf and set +# bind_host to controller IP address +# "auth_strategy = noauth" for testing +# drivers per the list to test (leave out swift due to issues below) +# TODO: auth_strategy noauth is needed to overcome some issue with keystone auth (debug needed) +gedit ~/git/copper/components/congress/ansible/roles/deploy/templates/congress.conf +bind_host = (your controller IP) +auth_strategy = noauth +drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver,congress.datasources.swift_driver.SwiftDriver + +# add controller host IP to /etc/ansible/hosts +sudo vi /etc/ansible/hosts + +# run the ansible playbook +ansible-playbook -vvv -u root -k deploy_congress.yml + +# use --start-at-task="task" when restarting to avoid idempotency errors (steps which fail because they have already completed and can't be completed successfully twice) +ansible-playbook -vvv -u root -k deploy_congress.yml --start-at-task="install datasource drivers" + +# install congress API test driver +# install lamp server: see https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-centos-7 +sudo yum -y install httpd +sudo yum -y install php +sudo cp -r ~/git/copper/test/congress/driver/www/html/ /var/www/ +sudo cp ~/git/copper/test/congress/driver/www/httpd.conf /etc/httpd/conf +sudo systemctl start httpd.service + +# UNINSTALLING +# Ansible uninstaller will be developed... for now manual uninstall +# On the controller +openstack endpoint list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +openstack endpoint delete --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +openstack service list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +openstack service delete --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +systemctl stop congress-api +sudo rm /etc/init/congress-api.conf +sudo rm -r /opt/congress +sudo rm -r /opt/congress-2015.1.0 +sudo rm -r /var/log/congress +sudo rm -r /usr/lib/python2.7/site-packages/python_congressclient-2015.1.0.dist-info +sudo rm -r /usr/lib/python2.7/site-packages/congressclient/ +sudo rm -r /usr/lib/python2.7/site-packages/congress-2015.1.0-py2.7.egg-info +sudo rm -r /etc/congress +sudo rm -r /tmp/congress-2015.1.0.tar.gz +sudo rm -r /tmp/congress.tar.gz +sudo rm -r /var/lib/mysql/congress +sudo rm -r /var/spool/mail/congress +sudo rm -r /usr/bin/congress-server +sudo rm -r /usr/bin/congress-db-manage +sudo rm -r /usr/lib/python2.7/site-packages/congress +sudo rm /usr/lib/systemd/system/congress-api.service +sudo userdel -r congress +find / | grep congress + +# find ID of the installed congress services, and remove +openstack service list --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +openstack service delete --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 + + +# DEBUGGING RAW NOTES + +# various attempts to get a auth token (failed) +# found SSL issues with creating datasources; set config.yml publicEndpoint to http:// to fix +# to remove endpoints (to cleanup from incorrectly provisoned endpoints) +keystone endpoint-list +keystone endpoint-delete fa7c4b72faef402a919d50e5374705a9 + +# various issues resulted from trying to create the swift datasource driver. removed for now (see congress.conf notes above) +# server errors reading datasources +2015-11-20 20:02:59.398 17478 ERROR congress.api.application [-] Traceback (most recent call last): + File "/opt/congress/congress/api/application.py", line 47, in __call__ + response = handler.handle_request(request) + File "/opt/congress/congress/api/webservice.py", line 351, in handle_request + return self.list_members(request) + File "/opt/congress/congress/api/webservice.py", line 375, in list_members + context=self._get_context(request)) + File "/opt/congress/congress/api/datasource_model.py", line 52, in get_items + datasources = self.datasource_mgr.get_datasources(filter_secret=True) + File "/opt/congress/congress/managers/datasource.py", line 138, in get_datasources + hide_fields = cls.get_driver_info(result['driver'])['secret'] +KeyError: 'secret' + +vi /opt/congress/congress/managers/datasource.py +remove + if filter_secret: + hide_fields = cls.get_driver_info(result['driver'])['secret'] + for hide_field in hide_fields: + result['config'][hide_field] = "" +(didn't help) + +2015-11-20 19:58:13.021 17478 ERROR congress.api.application [-] Traceback (most recent call last): + File "/opt/congress/congress/api/application.py", line 47, in __call__ + response = handler.handle_request(request) + File "/opt/congress/congress/api/webservice.py", line 351, in handle_request + return self.list_members(request) + File "/opt/congress/congress/api/webservice.py", line 375, in list_members + context=self._get_context(request)) + File "/opt/congress/congress/api/datasource_model.py", line 52, in get_items + datasources = self.datasource_mgr.get_datasources(filter_secret=True) + File "/opt/congress/congress/managers/datasource.py", line 138, in get_datasources + return results +KeyError: 'secret' + +openstack congress datasource create ceilometer "ceilometer" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create cinder "cinder" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create glancev2 "glancev2" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create keystone "keystone" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create neutronv2 "neutronv2" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create nova "nova" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + +openstack congress datasource create swift "swift" --debug --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 --config username=admin --config tenant_name=admin --config password=octopus --config auth_url=http://localhost:35357/v2.0 + + ++++++++++++++++++++ +curl -s -X POST http://192.168.1.204:5000/v2.0/tokens \ + -H "Content-Type: application/json" \ + -d '{"auth": {"tenantName": "'"$OS_TENANT_NAME"'", "passwordCredentials": + {"username": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"}}}' \ + | python -m json.tool + +export OS_TOKEN=(token from the response) + +curl -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' -H "Content-type: application/json" http://192.168.1.204:35357/v2.0/tokens | python -m json.tool + +curl -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' -H "Content-type: application/json" http://192.168.1.204:5000/v2.0/tokens + +curl -v -s -X POST http://192.168.1.204:5000/v2.0/tokens -H "Content-Type: application/json" -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' + +curl -v -d '{"auth":{"passwordCredentials":{"username": "admin", "password": "octopus"}}}' http://192.168.1.204:1789/v1/policies + +curl -v -d '{"auth": {"tenantName": "'"$OS_TENANT_NAME"'", "passwordCredentials": + {"username": "'"$OS_USERNAME"'", "password": "'"$OS_PASSWORD"'"}}}' http://192.168.1.204:1789/v1/policies + + +curl -i \ + -H "Content-Type: application/json" \ + -H "X-Auth-Token: $OS_TOKEN" \ + -d ' +{ "auth": { + "identity": { + "methods": ["token"], + "token": { + "id": "'$OS_TOKEN'" + } + } + } +}' \ +http://192.168.1.204:1789/v1/policies ; echo + + diff --git a/components/congress/install/ansible/build_congress.yml b/components/congress/install/ansible/build_congress.yml new file mode 100644 index 0000000..572f330 --- /dev/null +++ b/components/congress/install/ansible/build_congress.yml @@ -0,0 +1,12 @@ +--- + +- hosts: congress_build_host + sudo: true + + + vars_files: + - config.yml + + + roles: + - build diff --git a/components/congress/install/ansible/config.yml b/components/congress/install/ansible/config.yml new file mode 100644 index 0000000..cf94414 --- /dev/null +++ b/components/congress/install/ansible/config.yml @@ -0,0 +1,94 @@ +--- +# Copyright 2015-2016 AT&T Intellectual Property, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# What this is: An Ansible installer answer file for installing OpenStack Congress on Centos 7. +# Status: testing in progress +# + +# temp directory used to build congress dependencies +tempDir: /tmp + +# directory where the binary venv package will be built +virtualPackageDir: /var/tmp + +# package version +congressVersion: "2015.1.0" + +# directory where to install congress. This should only be the base directory and not the full path. We will create the congress folder automatically +installDir: /opt + +# If this is the first time you are installing then set init = True. For subsequent install or upgrades set init = False +# You can also use the --start-at-task="(name)" and --step options to re-run and skip non-idempotent steps +# (non-idempotent means the step will fail if already completed) +init: "True" + +# This section contains the answers for all "init" (initial install) steps to +# initialize congress services, keystone endpoint, congress user creation and database initialization. +#--------- start init --------- +#hostIP +hostIP: 192.168.10.6 + +#public endpoint +publicEndpoint: http://192.168.10.6:1789/ + +#internal endpoint +internalEndpoint: http://192.168.10.6:1789/ + +#admin endpoint +adminEndpoint: http://192.168.10.6:1789/ + +#keystone admin user +keystoneAdminUser: admin + +#keystone admin password +keystoneAdminPassword: octopus + +#keystone auth_url +#keystoneAuthURL: http://192.168.10.6:35357/v2.0 + +#keystone auth_host +keystoneAuthHost: localhost + +#keystone auth protocal (http or https) +keystoneAuthProto: http + +#openstack admin tenant name +adminTenantName: admin + +#region +authRegion: RegionOne + +#congress admin username +congressAdminUser: congress + +#congress admin password +congressAdminPassword: congress + +#mysql user ip address or hostname +# TODO: whether this needs to be localhost or the actual IP address +mysqlDBIP: localhost + +#mysql root password +mysqlDBPassword: octopus + +#mysql root username +mysqlDBUser: root + +#congress db user +dbUser: congress + +#congress db password +dbPassword: congress +#--------- end init --------- diff --git a/components/congress/install/ansible/deploy_congress.yml b/components/congress/install/ansible/deploy_congress.yml new file mode 100644 index 0000000..b3e311c --- /dev/null +++ b/components/congress/install/ansible/deploy_congress.yml @@ -0,0 +1,12 @@ +--- + +- hosts: 192.168.1.204 + sudo: true + + + vars_files: + - config.yml + + + roles: + - deploy diff --git a/components/congress/install/ansible/hosts.ini b/components/congress/install/ansible/hosts.ini new file mode 100644 index 0000000..341bf16 --- /dev/null +++ b/components/congress/install/ansible/hosts.ini @@ -0,0 +1,6 @@ +[congress_build_host] +127.0.0.1 ansible_connection=local + +[congress_prod_host] +192.168.1.204 + diff --git a/components/congress/install/ansible/roles/deploy/tasks/main.yml b/components/congress/install/ansible/roles/deploy/tasks/main.yml new file mode 100644 index 0000000..3806034 --- /dev/null +++ b/components/congress/install/ansible/roles/deploy/tasks/main.yml @@ -0,0 +1,295 @@ +--- +# Copyright 2015-2016 AT&T Intellectual Property, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# What this is: An Ansible playbook for installing OpenStack Congress on Centos 7. +# Status: this is a work in progress, under test +# +# How to use: +# ansible-playbook -vvv -u root -k -i hosts.ini deploy_congress.yml +# + +# Update packages +# yum update_cache=yes name=* +- name: updating package cache +# apt: update_cache=yes + yum: update_cache=yes name=* + +# Install dependencies +# Direct command: +# yum pkg=python-pip,mariadb-libs,MySQL-python,git,gcc,python-devel,libxml2,libxslt-devel,libzip-devel,mysql-server state=present +- name: installing dependancies + yum: pkg={{item}} state=present + with_items: + - python-pip + - mariadb-libs + - MySQL-python + - git + - gcc +# - python-dev +# - libxslt1-dev +# - libzip-dev + - python-devel + - libxml2 + - libxslt-devel + - libzip-devel + - mysql-server +# - libmysqlclient-dev +# - python-mysqldb + +# Upgrade pip +# Direct command: pip install --upgrade pip +#- name: upgrade pip +# shell: pip install --upgrade pip + +# Install python dependencies +# Direct command: pip name=virtualenv +- name: installing python dependancies +# pip: name={{item}} extra_args='--upgrade' + pip: name={{item}} + with_items: + - virtualenv + - oslo.middleware +# - MySQL-python + +# Create the congress user group +# Direct command: group name=congress state=present +- name: creating congress group + group: name=congress state=present + when: init == "True" + +# Create the congress user +# Direct command: user name=congress group=congress state=present createhome=no +- name: creating congress user + user: name=congress group=congress state=present createhome=no + +# Create the congress install directory +# Direct command: mkdir {{item}}; chown congress {{item}}; chgrp congress {{item}}; +- name: creating remote install directory + file: path={{item}} state=directory owner=congress group=congress + with_items: + - /etc/congress + - /etc/congress/snapshot +# - "{{installDir}}" + - /var/log/congress + +# Copying congress build to prod host +# Direct command: what direct command this maps to is TBD +- name: copying congress build to prod host + unarchive: src={{tempDir}}/congress-{{congressVersion}}.tar.gz dest={{installDir}} owner=congress group=congress + args: + creates: "{{installDir}}/congress-{{congressVersion}}" + +# Run the congress python setup +# Direct command: cd /opt/congress-{{congressVersion}}; python setup.py install +- name: run setup.py + shell: python setup.py install + args: + chdir: "{{installDir}}/congress-{{congressVersion}}" + creates: /usr/bin/congress-db-manage + +# Activate virtualenv (creates virtual python script library to avoid conflicts with other code on the server) +# TODO: clarify need or benefit from virtualenv +# Direct command: virtualenv /opt/congress-{{congressVersion}} +- name: activating virtualenv + shell: virtualenv {{installDir}}/congress-{{congressVersion}} + +# Install dependencies in virtualenv +# Direct command: pip install --upgrade {{item}} +# TODO: how to invoke virtualenv install in manual command +#- name: Install dependencies in virtualenv +# pip: name={{item}} virtualenv={{installDir}}/congress-{{congressVersion}} virtualenv_site_packages=yes extra_args='--upgrade' +# with_items: +# - pbr +# - oslo.middleware +# - i18n + +# Copy api-paste.ini to the config directory +# Direct command: cd /opt/congress-{{congressVersion}}; cp etc/api-paste.ini /etc/congress +- name: copy /etc/congress/api-paste.ini + shell: cp etc/api-paste.ini /etc/congress + args: + creates: /etc/congress/api-paste.ini + chdir: "{{installDir}}/congress-{{congressVersion}}" + +# Copy policy.json to the config directory +# Direct command: cd /opt/congress-{{congressVersion}}; cp etc/policy.json /etc/congress +- name: copy /etc/congress/policy.json + shell: cp etc/policy.json /etc/congress + args: + creates: /etc/congress/policy.json + chdir: "{{installDir}}/congress-{{congressVersion}}" + +# Copy congress.conf to the config directory +# Direct command: what direct command this maps to is TBD) +- name: updating congress.conf + template: src=congress.conf dest=/etc/congress/congress.conf owner=congress group=congress + +# Create the congress service +# Direct command: bin/keystone --os-auth-url=http://localhost:35357/v2.0 --os-username=admin --os-tenant-name=admin --os-password=octopus service-create --name congress --type "policy" --description "Congress Service" +- name: create congress service + shell: > + /bin/keystone \ + --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 \ + --os-username={{keystoneAdminUser}} \ + --os-tenant-name={{adminTenantName}} \ + --os-password={{keystoneAdminPassword}} \ + service-create --name congress --type "policy" --description "Congress Service" + +# Create the congress service endpoint +# Direct command: bin/keystone --os-auth-url=http://localhost:35357/v2.0 --os-username=admin --os-tenant-name=admin --os-password=octopus endpoint-create --service congress --region RegionOne --publicurl http://192.168.1.204:1789/ +- name: creating keystone endpoint + shell: > + /bin/keystone \ + --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 \ + --os-username={{keystoneAdminUser}} \ + --os-tenant-name={{adminTenantName}} \ + --os-password={{keystoneAdminPassword}} \ + endpoint-create --service congress \ + --region {{authRegion}} \ + --publicurl {{publicEndpoint}} \ + --adminurl {{adminEndpoint}} \ + --internalurl {{internalEndpoint}} + +# Create the congress database +# TODO: fix some bug resulting in "msg: unable to connect, check login credentials " +# Workaround: on controller +# mysql mysql +# update user set host = '%' where user = 'root'; +# exit +# Direct command: mysql_db name=congress state=present login_host=192.168.1.204 login_user=root login_password=VALUE_HIDDEN +- name: creating congress database + mysql_db: name=congress state=present login_host={{mysqlDBIP}} login_user={{mysqlDBUser}} login_password={{mysqlDBPassword}} + +# Create the congress database user and access +# Direct command: mysql_user name=congress password=VALUE_HIDDEN login_host=localhost login_user=root login_password=VALUE_HIDDEN priv=congress.*:ALL host=% +- name: creating and granting congress user access to database + mysql_user: name={{dbUser}} password={{dbPassword}} login_host={{mysqlDBIP}} login_user={{mysqlDBUser}} login_password={{mysqlDBPassword}} priv=congress.*:ALL host={{ item }} + with_items: + - "%" + - "localhost" + +# Fix bug with congress-db-manage failure to import i18n +# See https://bugs.launchpad.net/tripleo/+bug/1468028 +# It's unclear if this patch causes other problems... +# Direct command: pip install oslo.i18n==1.7.0 +#- name: pip install oslo.i18n==1.7.0 +# shell: > +# pip install oslo.i18n==1.7.0 + +# Create the congress database schema +# Direct command: /usr/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head +- name: creating congress database schema + shell: > + /usr/bin/congress-db-manage --config-file /etc/congress/congress.conf upgrade head + +# Enable congress to start on system restart +# Direct command: what direct command this maps to is TBD +- name: copy and enable congress-api.service thru systemd + template: src=congress-api.service dest=/usr/lib/systemd/system/congress-api.service + +# Install clients +# Direct command: pip install {{item}} +# pip: name={{item}} virtualenv={{installDir}}/congress-{{congressVersion}} virtualenv_site_packages=yes extra_args='--upgrade' +- name: Install clients + pip: name={{item}} + with_items: + - python-openstackclient + - python-congressclient + +# stderr: Exception raised: (pbr 0.11.0 (/usr/lib/python2.7/site-packages), Requirement.parse('pbr>=1.6')) +# Install pbr-1.8.1 +# Direct command: pip install pbr==1.8.1 +- name: Install pbr-1.8.1 + shell: > + pip install pbr==1.8.1 + +# stderr: Exception raised: (pbr 1.8.1 (/usr/lib/python2.7/site-packages), Requirement.parse('pbr>=0.6,!=0.7,<1.0')) +# fix per https://ask.openstack.org/en/question/83174/whole-cli-doesnt-work-anymore-kilo/ +# pip install --upgrade python-openstackclient +- name: Upgrade python-openstackclient + shell: > + pip install --upgrade python-openstackclient + +# stderr: Unable to establish connection to http://192.168.10.6:1789/v1/data-sources +# systemctl | grep congress +# congress-api.service loaded failed failed OpenStack Congress Server +# https://wiki.archlinux.org/index.php/Systemd#Investigating_systemd_errors +# systemctl status congress-api -l +# oscontroller1.opnfv.com systemd[4175]: Failed at step EXEC spawning /opt/congress/bin/congress-server: No such file or directory +# error in congress-api.service, needed to completely remove from systemd and reinstall +# systemctl stop congress-api.service +# systemctl disable congress-api.service +# rm /etc/systemd/system/congress-api.service +# systemctl daemon-reload +# systemctl reset-failed +# restart at +# ansible-playbook -vvv -u root -k -i hosts.ini deploy_congress.yml --start-at-task="copy and enable congress-api.service thru systemd" + +# congress-server: Traceback (most recent call last): +# congress-server: File "/opt/congress-2015.1.0/bin/congress-server", line 33, in +# congress-server: from congress.server import congress_server +# congress-server: File "/opt/congress-2015.1.0/congress/server/congress_server.py", line 26, in +# congress-server: from congress.common import config +# congress-server: File "/opt/congress-2015.1.0/congress/common/config.py", line 20, in +# congress-server: from congress.managers import datasource as datasource_mgr +# congress-server: File "/opt/congress-2015.1.0/congress/managers/datasource.py", line 19, in +# congress-server: from oslo.db import exception as db_exc +# congress-server: File "/usr/lib/python2.7/site-packages/oslo/db/exception.py", line 48, in +# congress-server: from oslo.db._i18n import _ +# congress-server: File "/usr/lib/python2.7/site-packages/oslo/db/_i18n.py", line 19, in +# congress-server: from oslo import i18n +# congress-server: ImportError: cannot import name i18n +# systemd: congress-api.service: main process exited, code=exited, status=1/FAILURE +# systemd: Unit congress-api.service entered failed state. +# See https://bugs.launchpad.net/tripleo/+bug/1468028 +# It's unclear if this patch causes other problems... +# Direct command: pip install oslo.i18n==1.7.0 +- name: install oslo.i18n==1.7.0 + shell: > + pip install oslo.i18n==1.7.0 + +# congress-server: 2015-11-26 00:30:42.754 24988 TRACE congress from oslo.middleware import request_id +# congress-server: 2015-11-26 00:30:42.754 24988 TRACE congress ImportError: No module named middleware +- name: install oslo.middleware + pip: name={{item}} + with_items: + - oslo.middleware + +# Start the congress service +# Direct command: systemctl start congress-api +- name: start congress-api service + shell: systemctl start congress-api + +# Create congress datasources +# leave out swift for now, as it seems to break access to the other datasources +# Direct command: openstack congress datasource create {{item}} "{{item}}" --os-username=admin --os-tenant-name=admin --os-password=octopus --os-auth-url=http://localhost:35357/v2.0 +- name: install datasource drivers + shell: openstack congress datasource create {{item}} "{{item}}" \ + --os-username={{keystoneAdminUser}} \ + --os-tenant-name={{adminTenantName}} \ + --os-password={{keystoneAdminPassword}} \ + --os-auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 + --config username={{keystoneAdminUser}} \ + --config tenant-name={{adminTenantName}} \ + --config password={{keystoneAdminPassword}} \ + --config auth-url={{keystoneAuthProto}}://{{keystoneAuthHost}}:35357/v2.0 + with_items: + - ceilometer + - cinder + - glancev2 + - keystone + - neutronv2 + - nova +# - swift diff --git a/components/congress/install/ansible/roles/deploy/templates/congress-api.conf b/components/congress/install/ansible/roles/deploy/templates/congress-api.conf new file mode 100644 index 0000000..4eae24d --- /dev/null +++ b/components/congress/install/ansible/roles/deploy/templates/congress-api.conf @@ -0,0 +1,7 @@ +description "Congress API server" + +env PYTHON_PATH={{installDir}}/congress +start on runlevel [2345] +stop on runlevel [!2345] + +exec {{installDir}}/congress/bin/congress-server --config-file /etc/congress/congress.conf diff --git a/components/congress/install/ansible/roles/deploy/templates/congress-api.service b/components/congress/install/ansible/roles/deploy/templates/congress-api.service new file mode 100644 index 0000000..224760b --- /dev/null +++ b/components/congress/install/ansible/roles/deploy/templates/congress-api.service @@ -0,0 +1,31 @@ +# Copyright 2015-2016 AT&T Intellectual Property, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# What this is: Ansible configuration for the OpenStack Congress service. +# Used to setup the Congress server to startup on host restart. +# +# Status: testing in progress +# + +[Unit] +Description=OpenStack Congress Server +After=syslog.target network.target + +[Service] +Type=simple +User=congress +ExecStart={{installDir}}/congress/bin/congress-server --config-file /etc/congress/congress.conf + +[Install] +WantedBy=multi-user.target diff --git a/components/congress/install/ansible/roles/deploy/templates/congress.conf b/components/congress/install/ansible/roles/deploy/templates/congress.conf new file mode 100644 index 0000000..86b78a9 --- /dev/null +++ b/components/congress/install/ansible/roles/deploy/templates/congress.conf @@ -0,0 +1,75 @@ +# Copyright 2015-2016 AT&T Intellectual Property, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# What this is: An template configuration file for OpenStack Congress +# Status: testing in progress +# + +[DEFAULT] +# Print more verbose output (set logging level to INFO instead of default WARNING level). +verbose = True + +# Print debugging output (set logging level to DEBUG instead of default WARNING level). +# debug = False + +# log_format = %(asctime)s %(levelname)8s [%(name)s] %(message)s +# log_date_format = %Y-%m-%d %H:%M:%S + +# use_syslog -> syslog +# log_file and log_dir -> log_dir/log_file +# (not log_file) and log_dir -> log_dir/{binary_name}.log +# use_stderr -> stderr +# (not user_stderr) and (not log_file) -> stdout +# publish_errors -> notification system + +# use_syslog = False +# syslog_log_facility = LOG_USER + +# use_stderr = True +log_file = congress.log +log_dir = /var/log/congress + +# publish_errors = False + +# Address to bind the API server to +bind_host = {{hostIP}} + +# Port the bind the API server to +# bind_port = 1789 + +# The path to the latest policy dump +policy_path = /etc/congress/snapshot + +# Paste configuration file +# api_paste_config = api-paste.ini + +# The strategy to be used for auth. +# Supported values are 'keystone'(default), 'noauth'. +auth_strategy = noauth + +# List of datasource driver class paths to import. +# For example: congress.datasources.neutronv2_driver.NeutronV2Driver, etc +# errors seen in log, removed congress.datasources.swift_driver.SwiftDriver +drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver,congress.datasources.swift_driver.SwiftDriver + +[keystone_authtoken] +auth_host = {{ keystoneAuthHost }} +auth_port = 35357 +auth_protocol = {{ keystoneAuthProto }} +admin_tenant_name = {{ adminTenantName }} +admin_user = {{ congressAdminUser }} +admin_password = {{ congressAdminPassword }} + +[database] +connection = mysql://{{dbUser}}:{{dbPassword}}@{{mysqlDBIP}}:3306/congress diff --git a/components/congress/install/bash/centos/clean_congress.sh b/components/congress/install/bash/centos/clean_congress.sh new file mode 100644 index 0000000..4ab21a4 --- /dev/null +++ b/components/congress/install/bash/centos/clean_congress.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# CCopyright 2015-2016 AT&T Intellectual Property, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# This is a cleanup script for installation of Congress on an Ubuntu 14.04 +# LXC container in the OPNFV Controller node. +# Presumably something has failed, and any record of the Congress feature +# in OpenStack needs to be removed, so you can try the install again. +# +# Prequisite: OPFNV install per https://wiki.opnfv.org/copper/academy/joid +# How to use: +# Install OPNFV per https://wiki.opnfv.org/copper/academy/joid +# $ source ~/git/copper/components/congress/joid/clean_congress.sh +# is the name of the controller node in MAAS. + +source ~/admin-openrc.sh < present, password => sha1('congress'), }" +# ssh -x -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ssh heat-admin@$CONTROLLER_HOST1 "useradd congress; exit" + +echo "Create the environment file and copy to the congress server" +cat <~/env.sh +export CONGRESS_HOST=$CONTROLLER_HOST1 +export KEYSTONE_HOST=$CONTROLLER_HOST1 +export CEILOMETER_HOST=$CONTROLLER_HOST1 +export CINDER_HOST=$CONTROLLER_HOST1 +export GLANCE_HOST=$CONTROLLER_HOST1 +export NEUTRON_HOST=$CONTROLLER_HOST1 +export NOVA_HOST=$CONTROLLER_HOST1 +EOF +source ~/env.sh +scp ~/stackrc heat-admin@$CONTROLLER_HOST1:/home/heat-admin/admin-openrc.sh +scp ~/env.sh heat-admin@$CONTROLLER_HOST1:/home/heat-admin + +echo "Copy install_congress_2.sh to the congress server and execute" +scp ~/git/copper/components/congress/joid/install_congress_2.sh heat-admin@$CONTROLLER_HOST1:/home/heat-admin +ssh -x -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no heat-admin@$CONTROLLER_HOST1 "source ~/install_congress_2.sh; exit" + +echo "Install jumphost dependencies" + +echo "Update package repos" +sudo apt-get update + +echo "install pip" +sudo apt-get install python-pip -y + +echo "install other dependencies" +sudo apt-get install apg git gcc python-dev libxml2 libxslt1-dev libzip-dev -y +sudo pip install --upgrade pip virtualenv setuptools pbr tox + +echo "Clone congress" +mkdir ~/git +cd ~/git +git clone https://github.com/openstack/congress.git +cd congress +git checkout stable/liberty + +echo "Create virtualenv" +virtualenv ~/git/congress +source bin/activate + +echo "Install and test OpenStack client" +cd ~/git +git clone https://github.com/openstack/python-openstackclient.git +cd python-openstackclient +git checkout stable/liberty +~/git/congress/bin/pip install -r requirements.txt +~/git/congress/bin/pip install . +openstack service list + +echo "Install and test Congress client" +cd ~/git +git clone https://github.com/openstack/python-congressclient.git +cd python-congressclient +git checkout stable/liberty +~/git/congress/bin/pip install -r requirements.txt +~/git/congress/bin/pip install . +openstack congress driver list + +echo "Install and test Keystone client" +cd ~/git +git clone https://github.com/openstack/python-keystoneclient.git +cd python-keystoneclient +git checkout stable/liberty +~/git/congress/bin/pip install -r requirements.txt +~/git/congress/bin/pip install . + +echo "setup Congress user. TODO: needs update in http://congress.readthedocs.org/en/latest/readme.html#installing-congress" +pip install cliff --upgrade +export ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }") +export SERVICE_TENANT=$(openstack project list | awk "/ admin / { print \$2 }") +openstack user create --password congress --project admin --email "congress@example.com" congress +export CONGRESS_USER=$(openstack user list | awk "/ congress / { print \$2 }") +openstack role add --user $CONGRESS_USER --project $SERVICE_TENANT $ADMIN_ROLE + +echo "Create Congress service" +openstack service create congress --type "policy" --description "Congress Service" +export CONGRESS_SERVICE=$(openstack service list | awk "/ congress / { print \$2 }") + +echo "Create Congress endpoint" +openstack endpoint create $CONGRESS_SERVICE \ + --region $OS_REGION_NAME \ + --publicurl http://$CONGRESS_HOST:1789/ \ + --adminurl http://$CONGRESS_HOST:1789/ \ + --internalurl http://$CONGRESS_HOST:1789/ + +echo "Start the Congress service" +ssh -x -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ubuntu@$CONGRESS_HOST "~/git/congress/bin/congress-server &>/dev/null &" + +echo "Wait 30 seconds for Congress service to startup" +sleep 30 + +echo "Create data sources" +# To remove datasources: openstack congress datasource delete +openstack congress datasource create nova "nova" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create neutronv2 "neutronv2" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create ceilometer "ceilometer" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create cinder "cinder" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create glancev2 "glancev2" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create keystone "keystone" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 + +echo "Install tox test dependencies" +sudo apt-get install -y libffi-dev libssl-dev + +echo "Run Congress tox Tests" +cd ~/git/congress +tox -epy27 + +set +x #echo off diff --git a/components/congress/install/bash/centos/install_congress_2.sh b/components/congress/install/bash/centos/install_congress_2.sh new file mode 100644 index 0000000..588c780 --- /dev/null +++ b/components/congress/install/bash/centos/install_congress_2.sh @@ -0,0 +1,165 @@ +#!/bin/bash +# Copyright 2015-2016 AT&T Intellectual Property, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# This is script 2 of 2 for installation of Congress on the Centos 7 based +# OPNFV Controller node as installed per the OPNFV Apex project. +# Prequisites: +# OPFNV install per https://wiki.opnfv.org/display/copper/Apex +# On the jumphost, logged in as stack on the undercloud VM: +# su stack +# Clone the Copper repo and run the install script: +# git clone https://gerrit.opnfv.org/gerrit/copper +# source copper/components/install/bash/centos/install_congress_1.sh + +set -x +source ~/admin-openrc.sh +source ~/env.sh + +echo "install pip" +sudo yum install python-pip -y + +echo "install java" +sudo yum install default-jre -y +# No package default-jre available. + +echo "install other dependencies" +sudo yum install apg git gcc python-dev libxml2 libxslt1-dev libzip-dev -y +# No package python-dev available. +# No package libxslt1-dev available. +# No package libzip-dev available. +sudo pip install --upgrade pip virtualenv setuptools pbr tox + +echo "set mysql root user password and install mysql" +export MYSQL_PASSWORD=$(/usr/bin/apg -n 1 -m 16 -c cl_seed) +sudo debconf-set-selections <<< 'mysql-server mysql-server/root_password password '$MYSQL_PASSWORD +sudo debconf-set-selections <<< 'mysql-server mysql-server/root_password_again password '$MYSQL_PASSWORD +sudo -E yum -q -y install mysql-server python-mysqldb + +echo "Clone congress" +mkdir ~/git +cd ~/git +git clone https://github.com/openstack/congress.git +cd congress +git checkout stable/liberty + +echo "Create virtualenv" +virtualenv ~/git/congress +source bin/activate + +echo "Setup Congress" +sudo mkdir -p /etc/congress +sudo chown ubuntu /etc/congress +mkdir -p /etc/congress/snapshot +sudo mkdir /var/log/congress +sudo chown ubuntu /var/log/congress +cp etc/api-paste.ini /etc/congress +cp etc/policy.json /etc/congress + +echo "install requirements.txt and tox dependencies (detected by errors during 'tox -egenconfig')" +sudo yum install libffi-dev -y +sudo yum install openssl -y +sudo yum install libssl-dev -y + +echo "install dependencies of Congress" +cd ~/git/congress +bin/pip install -r requirements.txt +bin/pip install . + +echo "install tox" +bin/pip install tox + +echo "generate congress.conf.sample" +tox -egenconfig + +echo "edit congress.conf.sample as needed" +sed -i -- 's/#verbose = true/verbose = true/g' etc/congress.conf.sample +sed -i -- 's/#log_file = /log_file = congress.log/g' etc/congress.conf.sample +sed -i -- 's/#log_dir = /log_dir = \/var\/log\/congress/g' etc/congress.conf.sample +sed -i -- 's/#bind_host = 0.0.0.0/bind_host = '$CONGRESS_HOST'/g' etc/congress.conf.sample +sed -i -- 's/#policy_path = /policy_path = \/etc\/congress\/snapshot/g' etc/congress.conf.sample +sed -i -- 's/#auth_strategy = keystone/auth_strategy = noauth/g' etc/congress.conf.sample +sed -i -- 's/#drivers =/drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver/g' etc/congress.conf.sample +sed -i -- 's/#auth_host = 127.0.0.1/auth_host = '$CONGRESS_HOST'/g' etc/congress.conf.sample +sed -i -- 's/#auth_port = 35357/auth_port = 35357/g' etc/congress.conf.sample +sed -i -- 's/#auth_protocol = https/auth_protocol = http/g' etc/congress.conf.sample +sed -i -- 's/#admin_tenant_name = admin/admin_tenant_name = admin/g' etc/congress.conf.sample +sed -i -- 's/#admin_user = /admin_user = congress/g' etc/congress.conf.sample +sed -i -- 's/#admin_password = /admin_password = congress/g' etc/congress.conf.sample +sed -i -- 's/#connection = /connection = mysql:\/\/ubuntu:'$MYSQL_PASSWORD'@localhost:3306\/congress/g' etc/congress.conf.sample + +echo "copy congress.conf.sample to /etc/congress" +cp etc/congress.conf.sample /etc/congress/congress.conf + +echo "create congress database" +sudo mysql --user=root --password=$MYSQL_PASSWORD -e "CREATE DATABASE congress; GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu@localhost' IDENTIFIED BY '"$MYSQL_PASSWORD"'; GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu'@'%' IDENTIFIED BY '"$MYSQL_PASSWORD"';" + +echo "install congress-db-manage dependencies (detected by errors)" +sudo yum build-dep python-mysqldb -y +bin/pip install MySQL-python + +echo "create database schema" +congress-db-manage --config-file /etc/congress/congress.conf upgrade head + +echo "Install Congress client" +cd ~/git +git clone https://github.com/openstack/python-congressclient.git +cd python-congressclient +git checkout stable/liberty +../congress/bin/pip install -r requirements.txt +../congress/bin/pip install . + +function _congress_setup_horizon { + local HORIZON_DIR="/usr/share/openstack-dashboard" + local CONGRESS_HORIZON_DIR="/home/ubuntu/git/congress/contrib/horizon" + sudo cp -r $CONGRESS_HORIZON_DIR/datasources $HORIZON_DIR/openstack_dashboard/dashboards/admin/ + sudo cp -r $CONGRESS_HORIZON_DIR/policies $HORIZON_DIR/openstack_dashboard/dashboards/admin/ + sudo cp -r $CONGRESS_HORIZON_DIR/static $HORIZON_DIR/openstack_dashboard/dashboards/admin/ + sudo cp -r $CONGRESS_HORIZON_DIR/templates $HORIZON_DIR/openstack_dashboard/dashboards/admin/ + sudo cp $CONGRESS_HORIZON_DIR/congress.py $HORIZON_DIR/openstack_dashboard/api/ + sudo cp $CONGRESS_HORIZON_DIR/_50_policy.py $HORIZON_DIR/openstack_dashboard/local/enabled/ + sudo cp $CONGRESS_HORIZON_DIR/_60_policies.py $HORIZON_DIR/openstack_dashboard/local/enabled/ + sudo cp $CONGRESS_HORIZON_DIR/_70_datasources.py $HORIZON_DIR/openstack_dashboard/local/enabled/ + + # For unit tests + sudo sh -c 'echo "python-congressclient" >> '$HORIZON_DIR'/requirements.txt' + sudo sh -c 'echo -e \ +"\n# Load the pluggable dashboard settings"\ +"\nimport openstack_dashboard.local.enabled"\ +"\nfrom openstack_dashboard.utils import settings"\ +"\n\nINSTALLED_APPS = list(INSTALLED_APPS)"\ +"\nsettings.update_dashboards(["\ +"\n openstack_dashboard.local.enabled,"\ +"\n], HORIZON_CONFIG, INSTALLED_APPS)" >> '$HORIZON_DIR'/openstack_dashboard/test/settings.py' + + # Setup alias for django-admin which could be different depending on distro + local django_admin + if type -p django-admin > /dev/null; then + django_admin=django-admin + else + django_admin=django-admin.py + fi + + # Collect and compress static files (e.g., JavaScript, CSS) + DJANGO_SETTINGS_MODULE=openstack_dashboard.settings $django_admin collectstatic --noinput + DJANGO_SETTINGS_MODULE=openstack_dashboard.settings $django_admin compress --force + + # Restart Horizon + sudo service apache2 restart +} +# Commented out as the procedure is not yet working +#echo "Install Horizon Policy plugin" +#_congress_setup_horizon + +set +x #echo off diff --git a/components/congress/install/joid/clean_congress.sh b/components/congress/install/joid/clean_congress.sh new file mode 100644 index 0000000..4ab21a4 --- /dev/null +++ b/components/congress/install/joid/clean_congress.sh @@ -0,0 +1,46 @@ +#!/bin/bash +# CCopyright 2015-2016 AT&T Intellectual Property, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# This is a cleanup script for installation of Congress on an Ubuntu 14.04 +# LXC container in the OPNFV Controller node. +# Presumably something has failed, and any record of the Congress feature +# in OpenStack needs to be removed, so you can try the install again. +# +# Prequisite: OPFNV install per https://wiki.opnfv.org/copper/academy/joid +# How to use: +# Install OPNFV per https://wiki.opnfv.org/copper/academy/joid +# $ source ~/git/copper/components/congress/joid/clean_congress.sh +# is the name of the controller node in MAAS. + +source ~/admin-openrc.sh < +# (copies install_congress_2.sh to and executes it) +# is the name of the host in which to install Congress. +# +# If "horizon", Congress will be installed in the same LXC as Horizon, +# as necessary for the OpenStack Dashboard Policy plugins to work. +# Otherwise provide the node name of the controller node, where Congress +# will be installed in an LXC (NOTE: Policy plugin for OpenStack dashboard +# does not currently get installed for the LXC-based Congress deploy) + +if [ $# -gt 1 ] && [ $2 == "debug" ]; then set -x #echo on +fi + +source ~/admin-openrc.sh <~/env.sh +export CONGRESS_HOST=$CONGRESS_HOST +export HORIZON_HOST=$(juju status --format=short | awk "/openstack-dashboard/ { print \$3 }") +export KEYSTONE_HOST=$(juju status --format=short | awk "/keystone\/0/ { print \$3 }") +export CEILOMETER_HOST=$(juju status --format=short | awk "/ceilometer\/0/ { print \$3 }") +export CINDER_HOST=$(juju status --format=short | awk "/cinder\/0/ { print \$3 }") +export GLANCE_HOST=$(juju status --format=short | awk "/glance\/0/ { print \$3 }") +export NEUTRON_HOST=$(juju status --format=short | awk "/neutron-api\/0/ { print \$3 }") +export NOVA_HOST=$(juju status --format=short | awk "/nova-cloud-controller\/0/ { print \$3 }") +EOF +source ~/env.sh +juju scp ~/admin-openrc.sh ubuntu@$CONGRESS_HOST:/home/ubuntu +juju scp ~/env.sh ubuntu@$CONGRESS_HOST:/home/ubuntu + +echo "Copy install_congress_2.sh to the congress server and execute" +juju scp ~/git/copper/components/congress/joid/install_congress_2.sh ubuntu@$CONGRESS_HOST:/home/ubuntu +ssh -x -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ubuntu@$CONGRESS_HOST "source ~/install_congress_2.sh; exit" + +echo "Install jumphost dependencies" + +echo "Update package repos" +sudo apt-get update + +echo "install pip" +sudo apt-get install python-pip -y + +echo "install other dependencies" +sudo apt-get install apg git gcc python-dev libxml2 libxslt1-dev libzip-dev -y +sudo pip install --upgrade pip virtualenv setuptools pbr tox + +echo "Clone congress" +mkdir ~/git +cd ~/git +git clone https://github.com/openstack/congress.git +cd congress +git checkout stable/liberty + +echo "Create virtualenv" +virtualenv ~/git/congress +source bin/activate + +echo "Install and test OpenStack client" +cd ~/git +git clone https://github.com/openstack/python-openstackclient.git +cd python-openstackclient +git checkout stable/liberty +~/git/congress/bin/pip install -r requirements.txt +~/git/congress/bin/pip install . +openstack service list + +echo "Install and test Congress client" +cd ~/git +git clone https://github.com/openstack/python-congressclient.git +cd python-congressclient +git checkout stable/liberty +~/git/congress/bin/pip install -r requirements.txt +~/git/congress/bin/pip install . +openstack congress driver list + +echo "Install and test Keystone client" +cd ~/git +git clone https://github.com/openstack/python-keystoneclient.git +cd python-keystoneclient +git checkout stable/liberty +~/git/congress/bin/pip install -r requirements.txt +~/git/congress/bin/pip install . + +echo "setup Congress user. TODO: needs update in http://congress.readthedocs.org/en/latest/readme.html#installing-congress" +pip install cliff --upgrade +export ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }") +export SERVICE_TENANT=$(openstack project list | awk "/ admin / { print \$2 }") +openstack user create --password congress --project admin --email "congress@example.com" congress +export CONGRESS_USER=$(openstack user list | awk "/ congress / { print \$2 }") +openstack role add --user $CONGRESS_USER --project $SERVICE_TENANT $ADMIN_ROLE + +echo "Create Congress service" +openstack service create congress --type "policy" --description "Congress Service" +export CONGRESS_SERVICE=$(openstack service list | awk "/ congress / { print \$2 }") + +echo "Create Congress endpoint" +openstack endpoint create $CONGRESS_SERVICE \ + --region $OS_REGION_NAME \ + --publicurl http://$CONGRESS_HOST:1789/ \ + --adminurl http://$CONGRESS_HOST:1789/ \ + --internalurl http://$CONGRESS_HOST:1789/ + +echo "Start the Congress service" +ssh -x -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ubuntu@$CONGRESS_HOST "~/git/congress/bin/congress-server &>/dev/null &" + +echo "Wait 30 seconds for Congress service to startup" +sleep 30 + +echo "Create data sources" +# To remove datasources: openstack congress datasource delete +openstack congress datasource create nova "nova" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create neutronv2 "neutronv2" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create ceilometer "ceilometer" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create cinder "cinder" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create glancev2 "glancev2" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 +openstack congress datasource create keystone "keystone" \ + --config username=$OS_USERNAME \ + --config tenant_name=$OS_TENANT_NAME \ + --config password=$OS_PASSWORD \ + --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 + +echo "Install tox test dependencies" +sudo apt-get install -y libffi-dev libssl-dev + +echo "Run Congress tox Tests" +cd ~/git/congress +tox -epy27 + +set +x #echo off diff --git a/components/congress/install/joid/install_congress_2.sh b/components/congress/install/joid/install_congress_2.sh new file mode 100644 index 0000000..312a0c3 --- /dev/null +++ b/components/congress/install/joid/install_congress_2.sh @@ -0,0 +1,174 @@ +#!/bin/bash +# Copyright 2015-2016 AT&T Intellectual Property, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +# This is script 2 of 2 for installation of Congress on an Ubuntu 14.04 +# LXC container (same as Horizon) in the OPNFV Controller node. +# Prequisite: OPFNV install per https://wiki.opnfv.org/copper/academy/joid +# +# On jumphost: +# Download admin-openrc.sh from Horizon and save in ~ +# source install_congress_1.sh +# (copies install_congress_2.sh to and executes it) +# is the name of the host in which to install Congress. +# +# If "horizon", Congress will be installed in the same LXC as Horizon, +# as necessary for the OpenStack Dashboard Policy plugins to work. +# Otherwise provide the node name of the controller node, where Congress +# will be installed in an LXC (NOTE: Policy plugin for OpenStack dashboard +# does not currently get installed for the LXC-based Congress deploy) + +set -x +source ~/admin-openrc.sh </log_file = congress.log/g' etc/congress.conf.sample +sed -i -- 's/#log_dir = /log_dir = \/var\/log\/congress/g' etc/congress.conf.sample +sed -i -- 's/#bind_host = 0.0.0.0/bind_host = '$CONGRESS_HOST'/g' etc/congress.conf.sample +sed -i -- 's/#policy_path = /policy_path = \/etc\/congress\/snapshot/g' etc/congress.conf.sample +sed -i -- 's/#auth_strategy = keystone/auth_strategy = noauth/g' etc/congress.conf.sample +sed -i -- 's/#drivers =/drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver/g' etc/congress.conf.sample +sed -i -- 's/#auth_host = 127.0.0.1/auth_host = '$CONGRESS_HOST'/g' etc/congress.conf.sample +sed -i -- 's/#auth_port = 35357/auth_port = 35357/g' etc/congress.conf.sample +sed -i -- 's/#auth_protocol = https/auth_protocol = http/g' etc/congress.conf.sample +sed -i -- 's/#admin_tenant_name = admin/admin_tenant_name = admin/g' etc/congress.conf.sample +sed -i -- 's/#admin_user = /admin_user = congress/g' etc/congress.conf.sample +sed -i -- 's/#admin_password = /admin_password = congress/g' etc/congress.conf.sample +sed -i -- 's/#connection = /connection = mysql:\/\/ubuntu:'$MYSQL_PASSWORD'@localhost:3306\/congress/g' etc/congress.conf.sample + +echo "copy congress.conf.sample to /etc/congress" +cp etc/congress.conf.sample /etc/congress/congress.conf + +echo "create congress database" +sudo mysql --user=root --password=$MYSQL_PASSWORD -e "CREATE DATABASE congress; GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu@localhost' IDENTIFIED BY '"$MYSQL_PASSWORD"'; GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu'@'%' IDENTIFIED BY '"$MYSQL_PASSWORD"';" + +echo "install congress-db-manage dependencies (detected by errors)" +sudo apt-get build-dep python-mysqldb -y +bin/pip install MySQL-python + +echo "create database schema" +congress-db-manage --config-file /etc/congress/congress.conf upgrade head + +echo "Install Congress client" +cd ~/git +git clone https://github.com/openstack/python-congressclient.git +cd python-congressclient +git checkout stable/liberty +../congress/bin/pip install -r requirements.txt +../congress/bin/pip install . + +function _congress_setup_horizon { + local HORIZON_DIR="/usr/share/openstack-dashboard" + local CONGRESS_HORIZON_DIR="/home/ubuntu/git/congress/contrib/horizon" + sudo cp -r $CONGRESS_HORIZON_DIR/datasources $HORIZON_DIR/openstack_dashboard/dashboards/admin/ + sudo cp -r $CONGRESS_HORIZON_DIR/policies $HORIZON_DIR/openstack_dashboard/dashboards/admin/ + sudo cp -r $CONGRESS_HORIZON_DIR/static $HORIZON_DIR/openstack_dashboard/dashboards/admin/ + sudo cp -r $CONGRESS_HORIZON_DIR/templates $HORIZON_DIR/openstack_dashboard/dashboards/admin/ + sudo cp $CONGRESS_HORIZON_DIR/congress.py $HORIZON_DIR/openstack_dashboard/api/ + sudo cp $CONGRESS_HORIZON_DIR/_50_policy.py $HORIZON_DIR/openstack_dashboard/local/enabled/ + sudo cp $CONGRESS_HORIZON_DIR/_60_policies.py $HORIZON_DIR/openstack_dashboard/local/enabled/ + sudo cp $CONGRESS_HORIZON_DIR/_70_datasources.py $HORIZON_DIR/openstack_dashboard/local/enabled/ + + # For unit tests + sudo sh -c 'echo "python-congressclient" >> '$HORIZON_DIR'/requirements.txt' + sudo sh -c 'echo -e \ +"\n# Load the pluggable dashboard settings"\ +"\nimport openstack_dashboard.local.enabled"\ +"\nfrom openstack_dashboard.utils import settings"\ +"\n\nINSTALLED_APPS = list(INSTALLED_APPS)"\ +"\nsettings.update_dashboards(["\ +"\n openstack_dashboard.local.enabled,"\ +"\n], HORIZON_CONFIG, INSTALLED_APPS)" >> '$HORIZON_DIR'/openstack_dashboard/test/settings.py' + + # Setup alias for django-admin which could be different depending on distro + local django_admin + if type -p django-admin > /dev/null; then + django_admin=django-admin + else + django_admin=django-admin.py + fi + + # Collect and compress static files (e.g., JavaScript, CSS) + DJANGO_SETTINGS_MODULE=openstack_dashboard.settings $django_admin collectstatic --noinput + DJANGO_SETTINGS_MODULE=openstack_dashboard.settings $django_admin compress --force + + # Restart Horizon + sudo service apache2 restart +} +# Commented out as the procedure is not yet working +#echo "Install Horizon Policy plugin" +#_congress_setup_horizon + +set +x #echo off diff --git a/components/congress/install/puppet/lib/puppet/provider/congress_config/ini_setting.rb b/components/congress/install/puppet/lib/puppet/provider/congress_config/ini_setting.rb new file mode 100644 index 0000000..3d324b6 --- /dev/null +++ b/components/congress/install/puppet/lib/puppet/provider/congress_config/ini_setting.rb @@ -0,0 +1,27 @@ +Puppet::Type.type(:congress_config).provide( + :ini_setting, + :parent => Puppet::Type.type(:ini_setting).provider(:ruby) +) do + + def section + resource[:name].split('/', 2).first + end + + def setting + resource[:name].split('/', 2).last + end + + def separator + '=' + end + + def self.file_path + '/etc/congress/congress.conf' + end + + # added for backwards compatibility with older versions of inifile + def file_path + self.class.file_path + end + +end diff --git a/components/congress/install/puppet/lib/puppet/type/congress_config.rb b/components/congress/install/puppet/lib/puppet/type/congress_config.rb new file mode 100644 index 0000000..3b76fc6 --- /dev/null +++ b/components/congress/install/puppet/lib/puppet/type/congress_config.rb @@ -0,0 +1,42 @@ +Puppet::Type.newtype(:congress_config) do + + ensurable + + newparam(:name, :namevar => true) do + desc 'Section/setting name to manage from /etc/congress/congress.conf' + newvalues(/\S+\/\S+/) + end + + newproperty(:value) do + desc 'The value of the setting to be defined.' + munge do |value| + value = value.to_s.strip + value.capitalize! if value =~ /^(true|false)$/i + value + end + + def is_to_s( currentvalue ) + if resource.secret? + return '[old secret redacted]' + else + return currentvalue + end + end + + def should_to_s( newvalue ) + if resource.secret? + return '[new secret redacted]' + else + return newvalue + end + end + end + + newparam(:secret, :boolean => true) do + desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' + + newvalues(:true, :false) + + defaultto false + end +end diff --git a/components/congress/install/puppet/manifests/client.pp b/components/congress/install/puppet/manifests/client.pp new file mode 100644 index 0000000..bb016e4 --- /dev/null +++ b/components/congress/install/puppet/manifests/client.pp @@ -0,0 +1,27 @@ +# == Class: congress::client +# +# Installs congress client. +# +# === Parameters +# +# [*ensure*] +# (optional) Ensure state of the package. +# Defaults to 'present'. +# +class congress::client ( + $ensure = 'present' +) { + + package { 'python-congressclient': + ensure => $ensure, + tag => 'openstack', + } + + if $ensure == 'present' { + include '::openstacklib::openstackclient' + } else { + class { '::openstacklib::openstackclient': + package_ensure => $ensure, + } + } +} diff --git a/components/congress/install/puppet/manifests/config.pp b/components/congress/install/puppet/manifests/config.pp new file mode 100644 index 0000000..0a59d07 --- /dev/null +++ b/components/congress/install/puppet/manifests/config.pp @@ -0,0 +1,30 @@ +# == Class: congress::config +# +# This class is used to manage arbitrary congress configurations. +# +# === Parameters +# +# [*congress_config*] +# (optional) Allow configuration of arbitrary congress configurations. +# The value is an hash of congress_config resources. Example: +# { 'DEFAULT/foo' => { value => 'fooValue'}, +# 'DEFAULT/bar' => { value => 'barValue'} +# } +# In yaml format, Example: +# congress_config: +# DEFAULT/foo: +# value: fooValue +# DEFAULT/bar: +# value: barValue +# +# NOTE: The configuration MUST NOT be already handled by this module +# or Puppet catalog compilation will fail with duplicate resources. +# +class congress::config ( + $congress_config = {}, +) { + + validate_hash($congress_config) + + create_resources('congress_config', $congress_config) +} diff --git a/components/congress/install/puppet/manifests/db.pp b/components/congress/install/puppet/manifests/db.pp new file mode 100644 index 0000000..33dccc4 --- /dev/null +++ b/components/congress/install/puppet/manifests/db.pp @@ -0,0 +1,97 @@ +# == Class: congress::db +# +# Configure the congress database connection +# +# === Parameters +# +# [*database_connection*] +# Url used to connect to database. +# (Optional) Defaults to 'sqlite:////var/lib/congress/congress.sqlite'. +# +# [*database_idle_timeout*] +# Timeout when db connections should be reaped. +# (Optional) Defaults to 3600. +# +# [*database_max_retries*] +# Maximum number of database connection retries during startup. +# Setting -1 implies an infinite retry count. +# (Optional) Defaults to 10. +# +# [*database_retry_interval*] +# Interval between retries of opening a database connection. +# (Optional) Defaults to 10. +# +# [*database_min_pool_size*] +# Minimum number of SQL connections to keep open in a pool. +# (Optional) Defaults to 1. +# +# [*database_max_pool_size*] +# Maximum number of SQL connections to keep open in a pool. +# (Optional) Defaults to 10. +# +# [*database_max_overflow*] +# If set, use this value for max_overflow with sqlalchemy. +# (Optional) Defaults to 20. +# +class congress::db ( + $database_connection = 'sqlite:////var/lib/congress/congress.sqlite', + $database_idle_timeout = 3600, + $database_min_pool_size = 1, + $database_max_pool_size = 10, + $database_max_retries = 10, + $database_retry_interval = 10, + $database_max_overflow = 20, +) { + + # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function + # to use congress:: if congress::db:: isn't specified. + $database_connection_real = pick($::congress::database_connection, $database_connection) + $database_idle_timeout_real = pick($::congress::database_idle_timeout, $database_idle_timeout) + $database_min_pool_size_real = pick($::congress::database_min_pool_size, $database_min_pool_size) + $database_max_pool_size_real = pick($::congress::database_max_pool_size, $database_max_pool_size) + $database_max_retries_real = pick($::congress::database_max_retries, $database_max_retries) + $database_retry_interval_real = pick($::congress::database_retry_interval, $database_retry_interval) + $database_max_overflow_real = pick($::congress::database_max_overflow, $database_max_overflow) + + validate_re($database_connection_real, + '(sqlite|mysql|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') + + if $database_connection_real { + case $database_connection_real { + /^mysql:\/\//: { + $backend_package = false + require 'mysql::bindings' + require 'mysql::bindings::python' + } + /^postgresql:\/\//: { + $backend_package = false + require 'postgresql::lib::python' + } + /^sqlite:\/\//: { + $backend_package = $::congress::params::sqlite_package_name + } + default: { + fail('Unsupported backend configured') + } + } + + if $backend_package and !defined(Package[$backend_package]) { + package {'congress-backend-package': + ensure => present, + name => $backend_package, + tag => 'openstack', + } + } + + congress_config { + 'database/connection': value => $database_connection_real, secret => true; + 'database/idle_timeout': value => $database_idle_timeout_real; + 'database/min_pool_size': value => $database_min_pool_size_real; + 'database/max_retries': value => $database_max_retries_real; + 'database/retry_interval': value => $database_retry_interval_real; + 'database/max_pool_size': value => $database_max_pool_size_real; + 'database/max_overflow': value => $database_max_overflow_real; + } + } + +} diff --git a/components/congress/install/puppet/manifests/db/mysql.pp b/components/congress/install/puppet/manifests/db/mysql.pp new file mode 100644 index 0000000..456b812 --- /dev/null +++ b/components/congress/install/puppet/manifests/db/mysql.pp @@ -0,0 +1,69 @@ +# The congress::db::mysql class implements mysql backend for congress +# +# This class can be used to create tables, users and grant +# privelege for a mysql congress database. +# +# == parameters +# +# [*password*] +# (Mandatory) Password to connect to the database. +# Defaults to 'false'. +# +# [*dbname*] +# (Optional) Name of the database. +# Defaults to 'congress'. +# +# [*user*] +# (Optional) User to connect to the database. +# Defaults to 'congress'. +# +# [*host*] +# (Optional) The default source host user is allowed to connect from. +# Defaults to '127.0.0.1' +# +# [*allowed_hosts*] +# (Optional) Other hosts the user is allowed to connect from. +# Defaults to 'undef'. +# +# [*charset*] +# (Optional) The database charset. +# Defaults to 'utf8' +# +# [*collate*] +# (Optional) The database collate. +# Only used with mysql modules >= 2.2. +# Defaults to 'utf8_general_ci' +# +# == Dependencies +# Class['mysql::server'] +# +# == Examples +# +# == Authors +# +# == Copyright +# +class congress::db::mysql( + $password, + $dbname = 'congress', + $user = 'congress', + $host = '127.0.0.1', + $charset = 'utf8', + $collate = 'utf8_general_ci', + $allowed_hosts = undef +) { + + validate_string($password) + + ::openstacklib::db::mysql { 'congress': + user => $user, + password_hash => mysql_password($password), + dbname => $dbname, + host => $host, + charset => $charset, + collate => $collate, + allowed_hosts => $allowed_hosts, + } + + ::Openstacklib::Db::Mysql['congress'] ~> Exec<| title == 'congress-manage db_sync' |> +} diff --git a/components/congress/install/puppet/manifests/db/postgresql.pp b/components/congress/install/puppet/manifests/db/postgresql.pp new file mode 100644 index 0000000..4766eca --- /dev/null +++ b/components/congress/install/puppet/manifests/db/postgresql.pp @@ -0,0 +1,55 @@ +# == Class: congress::db::postgresql +# +# Class that configures postgresql for congress +# Requires the Puppetlabs postgresql module. +# +# === Parameters +# +# [*password*] +# (Required) Password to connect to the database. +# +# [*dbname*] +# (Optional) Name of the database. +# Defaults to 'congress'. +# +# [*user*] +# (Optional) User to connect to the database. +# Defaults to 'congress'. +# +# [*encoding*] +# (Optional) The charset to use for the database. +# Default to undef. +# +# [*privileges*] +# (Optional) Privileges given to the database user. +# Default to 'ALL' +# +# == Dependencies +# +# == Examples +# +# == Authors +# +# == Copyright +# +class congress::db::postgresql( + $password, + $dbname = 'congress', + $user = 'congress', + $encoding = undef, + $privileges = 'ALL', +) { + + Class['congress::db::postgresql'] -> Service<| title == 'congress' |> + + ::openstacklib::db::postgresql { 'congress': + password_hash => postgresql_password($user, $password), + dbname => $dbname, + user => $user, + encoding => $encoding, + privileges => $privileges, + } + + ::Openstacklib::Db::Postgresql['congress'] ~> Exec<| title == 'congress-manage db_sync' |> + +} diff --git a/components/congress/install/puppet/manifests/db/sync.pp b/components/congress/install/puppet/manifests/db/sync.pp new file mode 100644 index 0000000..bb07f7e --- /dev/null +++ b/components/congress/install/puppet/manifests/db/sync.pp @@ -0,0 +1,14 @@ +# +# Class to execute "congress-manage db_sync +# +class congress::db::sync { + exec { 'congress-manage db_sync': + path => '/usr/bin', + user => 'congress', + refreshonly => true, + subscribe => [Package['congress'], congress_config['database/connection']], + require => User['congress'], + } + + Exec['congress-manage db_sync'] ~> Service<| title == 'congress' |> +} diff --git a/components/congress/install/puppet/manifests/init.pp b/components/congress/install/puppet/manifests/init.pp new file mode 100644 index 0000000..a1367c3 --- /dev/null +++ b/components/congress/install/puppet/manifests/init.pp @@ -0,0 +1,410 @@ +# == Class: congress +# +# Module for managing congress config +# +# === Parameters +# +# [*keystone_password*] +# (required) Password used to authentication. +# +# [*package_ensure*] +# (optional) Desired ensure state of packages. +# accepts latest or specific versions. +# Defaults to present. +# +# [*client_package_ensure*] +# (optional) Desired ensure state of the client package. +# accepts latest or specific versions. +# Defaults to present. +# +# [*bind_host*] +# (optional) The IP address that congress binds to. +# Default to '0.0.0.0'. +# +# [*bind_port*] +# (optional) Port that congress binds to. +# Defaults to '1789' +# +# [*verbose*] +# (optional) Rather congress should log at verbose level. +# Defaults to undef. +# +# [*debug*] +# (optional) Rather congress should log at debug level. +# Defaults to undef. +# +# [*auth_type*] +# (optional) Type is authorization being used. +# Defaults to 'keystone' +# +# [*auth_uri*] +# (optional) Complete public Identity API endpoint. +# Defaults to false. +# +# [*identity_uri*] +# (optional) Complete admin Identity API endpoint. +# Defaults to: false +# +# [*keystone_tenant*] +# (optional) Tenant to authenticate to. +# Defaults to services. +# +# [*keystone_user*] +# (optional) User to authenticate as with keystone. +# Defaults to 'congress'. +# +# [*manage_service*] +# (Optional) If Puppet should manage service startup / shutdown. +# Defaults to true. +# +# [*enabled*] +# (optional) If the congress services should be enabled. +# Default to true. +# +# [*database_connection*] +# (optional) Url used to connect to database. +# Defaults to undef. +# +# [*database_idle_timeout*] +# (optional) Timeout when db connections should be reaped. +# Defaults to undef. +# +# [*database_max_retries*] +# (optional) Maximum number of database connection retries during startup. +# Setting -1 implies an infinite retry count. +# (Defaults to undef) +# +# [*database_retry_interval*] +# (optional) Interval between retries of opening a database connection. +# (Defaults to undef) +# +# [*database_min_pool_size*] +# (optional) Minimum number of SQL connections to keep open in a pool. +# Defaults to: undef +# +# [*database_max_pool_size*] +# (optional) Maximum number of SQL connections to keep open in a pool. +# Defaults to: undef +# +# [*database_max_overflow*] +# (optional) If set, use this value for max_overflow with sqlalchemy. +# Defaults to: undef +# +# [*rpc_backend*] +# (Optional) Use these options to configure the RabbitMQ message system. +# Defaults to 'rabbit' +# +# [*control_exchange*] +# (Optional) +# Defaults to 'openstack'. +# +# [*rabbit_host*] +# (Optional) IP or hostname of the rabbit server. +# Defaults to '127.0.0.1' +# +# [*rabbit_port*] +# (Optional) Port of the rabbit server. +# Defaults to 5672. +# +# [*rabbit_hosts*] +# (Optional) Array of host:port (used with HA queues). +# If defined, will remove rabbit_host & rabbit_port parameters from config +# Defaults to undef. +# +# [*rabbit_userid*] +# (Optional) User to connect to the rabbit server. +# Defaults to 'guest' +# +# [*rabbit_password*] +# (Required) Password to connect to the rabbit_server. +# Defaults to empty. Required if using the Rabbit (kombu) +# backend. +# +# [*rabbit_virtual_host*] +# (Optional) Virtual_host to use. +# Defaults to '/' +# +# [*rabbit_heartbeat_timeout_threshold*] +# (optional) Number of seconds after which the RabbitMQ broker is considered +# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. +# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently +# closed, resulting in missed or lost messages from the queue. +# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) +# Defaults to 0 +# +# [*rabbit_heartbeat_rate*] +# (optional) How often during the rabbit_heartbeat_timeout_threshold period to +# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 +# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked +# every 30 seconds. +# Defaults to 2 +# +# [*rabbit_use_ssl*] +# (optional) Connect over SSL for RabbitMQ +# Defaults to false +# +# [*kombu_ssl_ca_certs*] +# (optional) SSL certification authority file (valid only if SSL enabled). +# Defaults to $::os_service_default +# +# [*kombu_ssl_certfile*] +# (optional) SSL cert file (valid only if SSL enabled). +# Defaults to $::os_service_default +# +# [*kombu_ssl_keyfile*] +# (optional) SSL key file (valid only if SSL enabled). +# Defaults to $::os_service_default +# +# [*kombu_ssl_version*] +# (optional) SSL version to use (valid only if SSL enabled). +# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be +# available on some distributions. +# Defaults to $::os_service_default +# +# [*kombu_reconnect_delay*] +# (optional) How long to wait before reconnecting in response to an AMQP +# consumer cancel notification. +# Defaults to $::os_service_default +# +# [*amqp_durable_queues*] +# Use durable queues in amqp. +# (Optional) Defaults to false. +# +# [*service_provider*] +# (optional) Provider, that can be used for congress service. +# Default value defined in congress::params for given operation system. +# If you use Pacemaker or another Cluster Resource Manager, you can make +# custom service provider for changing start/stop/status behavior of service, +# and set it here. +# +# [*service_name*] +# (optional) Name of the service that will be providing the +# server functionality of congress. +# Defaults to '$::congress::params::service_name' +# +# [*sync_db*] +# (Optional) Run db sync on the node. +# Defaults to true +# +# == Dependencies +# None +# +# == Examples +# +# class { 'congress': +# keystone_password => 'congress', +# keystone_tenant => 'service', +# auth_uri => 'http://192.168.122.6:5000/', +# identity_uri => 'http://192.168.122.6:35357/', +# database_connection => 'mysql://congress:password@192.168.122.6/congress', +# rabbit_host => '192.168.122.6', +# rabbit_password => 'guest', +# } +# +# class { 'congress::db::mysql': +# password => 'password', +# host => '192.168.122.6', +# } +# +# class { 'congress::keystone::auth': +# password => 'congress', +# tenant => 'service', +# admin_url => 'http://192.168.122.6:1789', +# internal_url => 'http://192.168.122.6:1789', +# public_url => 'http://192.168.122.6:1789', +# region => 'regionOne', +# } +# +# == Authors +# +# Dan Radez +# +# == Copyright +# +# Copyright 2015 Red Hat Inc, unless otherwise noted. +# + +class congress( + $keystone_password, + $package_ensure = 'present', + $client_package_ensure = 'present', + $bind_host = '0.0.0.0', + $bind_port = '1789', + $verbose = undef, + $debug = undef, + $auth_type = 'keystone', + $auth_uri = false, + $identity_uri = false, + $keystone_tenant = 'services', + $keystone_user = 'congress', + $manage_service = true, + $enabled = true, + $database_connection = undef, + $database_idle_timeout = undef, + $database_max_retries = undef, + $database_retry_interval = undef, + $database_min_pool_size = undef, + $database_max_pool_size = undef, + $database_max_overflow = undef, + $rpc_backend = 'rabbit', + $control_exchange = 'congress', + $rabbit_host = '127.0.0.1', + $rabbit_port = 5672, + $rabbit_hosts = false, + $rabbit_virtual_host = '/', + $rabbit_heartbeat_timeout_threshold = 0, + $rabbit_heartbeat_rate = 2, + $rabbit_userid = 'guest', + $rabbit_password = false, + $rabbit_use_ssl = false, + $kombu_ssl_ca_certs = $::os_service_default, + $kombu_ssl_certfile = $::os_service_default, + $kombu_ssl_keyfile = $::os_service_default, + $kombu_ssl_version = $::os_service_default, + $kombu_reconnect_delay = $::os_service_default, + $amqp_durable_queues = false, + $service_provider = $::congress::params::service_provider, + $service_name = $::congress::params::service_name, +) inherits congress::params { + congress_config { + 'DEFAULT/drivers' : value => 'congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources. keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver'; + } + + if $identity_uri { + congress_config { 'keystone_authtoken/identity_uri': value => $identity_uri; } + congress_config { 'keystone_authtoken/auth_url' : value => $identity_uri; } + } else { + congress_config { 'keystone_authtoken/identity_uri': ensure => absent; } + } + + if $auth_uri { + congress_config { 'keystone_authtoken/auth_uri': value => $auth_uri; } + } else { + congress_config { 'keystone_authtoken/auth_uri': ensure => absent; } + } + + if $auth_type == 'keystone' { + congress_config { + 'keystone_authtoken/project_name' : value => $keystone_tenant; + 'keystone_authtoken/username' : value => $keystone_user; + 'keystone_authtoken/password' : value => $keystone_password, secret => true; + } + } + + congress_config<||> ~> Service[$service_name] + congress_config<||> ~> Exec<| title == 'congress-manage db_sync'|> + + include ::congress::db + include ::congress::params + + if $sync_db { + include ::congress::db::sync + Class['::congress::db::sync'] ~> Service[$service_name] + } + if $rpc_backend == 'rabbit' { + + if ! $rabbit_password { + fail('Please specify a rabbit_password parameter.') + } + + congress_config { + 'DEFAULT/rabbit_password': value => $rabbit_password, secret => true; + 'DEFAULT/rabbit_userid': value => $rabbit_userid; + 'DEFAULT/rabbit_virtual_host': value => $rabbit_virtual_host; + 'DEFAULT/control_exchange': value => $control_exchange; + #'DEFAULT/rabbit_use_ssl': value => $rabbit_use_ssl; + #'DEFAULT/kombu_reconnect_delay': value => $kombu_reconnect_delay; + #'DEFAULT/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; + #'DEFAULT/heartbeat_rate': value => $rabbit_heartbeat_rate; + #'DEFAULT/amqp_durable_queues': value => $amqp_durable_queues; + } + + if $rabbit_use_ssl { + congress_config { + 'DEFAULT/kombu_ssl_version' : value => $kombu_ssl_version; + 'DEFAULT/kombu_ssl_ca_certs' : value => $kombu_ssl_ca_certs; + 'DEFAULT/kombu_ssl_certfile' : value => $kombu_ssl_certfile; + 'DEFAULT/kombu_ssl_keyfile' : value => $kombu_ssl_keyfile; + } + } + + if $rabbit_hosts { + congress_config { 'DEFAULT/rabbit_hosts': value => join($rabbit_hosts, ',') } + congress_config { 'DEFAULT/rabbit_ha_queues': value => true } + congress_config { 'DEFAULT/rabbit_host': ensure => absent } + congress_config { 'DEFAULT/rabbit_port': ensure => absent } + } else { + congress_config { 'DEFAULT/rabbit_host': value => $rabbit_host } + congress_config { 'DEFAULT/rabbit_port': value => $rabbit_port } + congress_config { 'DEFAULT/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" } + congress_config { 'DEFAULT/rabbit_ha_queues': value => false } + } + + } + + package { 'congress': + ensure => $package_ensure, + name => $::congress::params::package_name, + tag => ['openstack', 'congress-package'], + } + if $client_package_ensure == 'present' { + include '::congress::client' + } else { + class { '::congress::client': + ensure => $client_package_ensure, + } + } + + group { 'congress': + ensure => present, + system => true, + require => Package['congress'], + } + + user { 'congress': + ensure => 'present', + gid => 'congress', + system => true, + require => Package['congress'], + } + + file { ['/etc/congress', '/var/log/congress', '/var/lib/congress']: + ensure => directory, + mode => '0750', + owner => 'congress', + group => 'congress', + require => Package['congress'], + notify => Service[$service_name], + } + + file { '/etc/congress/congress.conf': + ensure => present, + mode => '0600', + owner => 'congress', + group => 'congress', + require => Package['congress'], + notify => Service[$service_name], + } + + congress_config { + 'DEFAULT/bind_host': value => $bind_host; + 'DEFAULT/bind_port': value => $bind_port; + } + + if $manage_service { + if $enabled { + $service_ensure = 'running' + } else { + $service_ensure = 'stopped' + } + } + + class { '::congress::service': + ensure => $service_ensure, + service_name => $service_name, + enable => $enabled, + hasstatus => true, + hasrestart => true, + provider => $service_provider, + } +} diff --git a/components/congress/install/puppet/manifests/keystone/auth.pp b/components/congress/install/puppet/manifests/keystone/auth.pp new file mode 100644 index 0000000..13be1f0 --- /dev/null +++ b/components/congress/install/puppet/manifests/keystone/auth.pp @@ -0,0 +1,93 @@ +# == Class: congress::keystone::auth +# +# Configures congress user, service and endpoint in Keystone. +# +# === Parameters +# +# [*password*] +# (required) Password for congress user. +# +# [*auth_name*] +# Username for congress service. Defaults to 'congress'. +# +# [*email*] +# Email for congress user. Defaults to 'congress@localhost'. +# +# [*tenant*] +# Tenant for congress user. Defaults to 'services'. +# +# [*configure_endpoint*] +# Should congress endpoint be configured? Defaults to 'true'. +# +# [*configure_user*] +# (Optional) Should the service user be configured? +# Defaults to 'true'. +# +# [*configure_user_role*] +# (Optional) Should the admin role be configured for the service user? +# Defaults to 'true'. +# +# [*service_type*] +# Type of service. Defaults to 'NFV'. +# +# [*admin_url*] +# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:1789') +# This url should *not* contain any version or trailing '/'. +# +# [*internal_url*] +# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:1789') +# This url should *not* contain any version or trailing '/'. +# +# [*public_url*] +# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:1789') +# This url should *not* contain any version or trailing '/'. +# +# [*region*] +# Region for endpoint. Defaults to 'RegionOne'. +# +# [*service_name*] +# (optional) Name of the service. +# Defaults to the value of auth_name. +# +# +class congress::keystone::auth ( + $password, + $auth_name = 'congress', + $email = 'congress@localhost', + $tenant = 'services', + $configure_endpoint = true, + $configure_user = true, + $configure_user_role = true, + $service_name = undef, + $service_type = 'servicevm', + $admin_url = 'http://127.0.0.1:1789', + $internal_url = 'http://127.0.0.1:1789', + $public_url = 'http://127.0.0.1:1789', + $region = 'RegionOne' +) { + + $real_service_name = pick($service_name, $auth_name) + + if $configure_user_role { + Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'congress-server' |> + } + Keystone_endpoint["${region}/${real_service_name}"] ~> Service <| name == 'congress-server' |> + + keystone::resource::service_identity { 'congress': + configure_user => $configure_user, + configure_user_role => $configure_user_role, + configure_endpoint => $configure_endpoint, + service_name => $real_service_name, + service_type => $service_type, + service_description => 'congress VNF Manager service', + region => $region, + auth_name => $auth_name, + password => $password, + email => $email, + tenant => $tenant, + admin_url => "${admin_url}/", + internal_url => "${internal_url}/", + public_url => "${public_url}/", + } + +} diff --git a/components/congress/install/puppet/manifests/logging.pp b/components/congress/install/puppet/manifests/logging.pp new file mode 100644 index 0000000..7bcdc00 --- /dev/null +++ b/components/congress/install/puppet/manifests/logging.pp @@ -0,0 +1,251 @@ +# Class congress::logging +# +# congress logging configuration +# +# == parameters +# +# [*verbose*] +# (Optional) Should the daemons log verbose messages +# Defaults to false. +# +# [*debug*] +# (Optional) Should the daemons log debug messages +# Defaults to false. +# +# [*use_syslog*] +# (Optional) Use syslog for logging. +# Defaults to false. +# +# [*use_stderr*] +# (optional) Use stderr for logging +# Defaults to true. +# +# [*log_facility*] +# (Optional) Syslog facility to receive log lines. +# Defaults to 'LOG_USER'. +# +# [*log_dir*] +# (optional) Directory where logs should be stored. +# If set to boolean false, it will not log to any directory. +# Defaults to '/var/log/congress'. +# +# [*logging_context_format_string*] +# (optional) Format string to use for log messages with context. +# Defaults to undef. +# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ +# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' +# +# [*logging_default_format_string*] +# (optional) Format string to use for log messages without context. +# Defaults to undef. +# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ +# [-] %(instance)s%(message)s' +# +# [*logging_debug_format_suffix*] +# (optional) Formatted data to append to log format when level is DEBUG. +# Defaults to undef. +# Example: '%(funcName)s %(pathname)s:%(lineno)d' +# +# [*logging_exception_prefix*] +# (optional) Prefix each line of exception output with this format. +# Defaults to undef. +# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' +# +# [*log_config_append*] +# The name of an additional logging configuration file. +# Defaults to undef. +# See https://docs.python.org/2/howto/logging.html +# +# [*default_log_levels*] +# (optional) Hash of logger (keys) and level (values) pairs. +# Defaults to undef. +# Example: +# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', +# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', +# 'oslo.messaging' => 'INFO', 'iso8601' => 'WARN', +# 'requests.packages.urllib3.connectionpool' => 'WARN', +# 'urllib3.connectionpool' => 'WARN', +# 'websocket' => 'WARN', 'congressmiddleware' => 'WARN', +# 'routes.middleware' => 'WARN', stevedore => 'WARN' } +# +# [*publish_errors*] +# (optional) Publish error events (boolean value). +# Defaults to undef (false if unconfigured). +# +# [*fatal_deprecations*] +# (optional) Make deprecations fatal (boolean value) +# Defaults to undef (false if unconfigured). +# +# [*instance_format*] +# (optional) If an instance is passed with the log message, format it +# like this (string value). +# Defaults to undef. +# Example: '[instance: %(uuid)s] ' +# +# [*instance_uuid_format*] +# (optional) If an instance UUID is passed with the log message, format +# it like this (string value). +# Defaults to undef. +# Example: instance_uuid_format='[instance: %(uuid)s] ' +# +# [*log_date_format*] +# (optional) Format string for %%(asctime)s in log records. +# Defaults to undef. +# Example: 'Y-%m-%d %H:%M:%S' + +class congress::logging( + $use_syslog = false, + $use_stderr = true, + $log_facility = 'LOG_USER', + $log_dir = '/var/log/congress', + $verbose = false, + $debug = false, + $logging_context_format_string = undef, + $logging_default_format_string = undef, + $logging_debug_format_suffix = undef, + $logging_exception_prefix = undef, + $log_config_append = undef, + $default_log_levels = undef, + $publish_errors = undef, + $fatal_deprecations = undef, + $instance_format = undef, + $instance_uuid_format = undef, + $log_date_format = undef, +) { + + congress_config { + 'DEFAULT/use_syslog' : value => $use_syslog; + 'DEFAULT/use_stderr' : value => $use_stderr; + 'DEFAULT/log_dir' : value => $log_dir; + 'DEFAULT/verbose' : value => $verbose; + 'DEFAULT/debug' : value => $debug; + 'DEFAULT/syslog_log_facility' : value => $log_facility; + } + + if $logging_context_format_string { + congress_config { + 'DEFAULT/logging_context_format_string' : + value => $logging_context_format_string; + } + } + else { + congress_config { + 'DEFAULT/logging_context_format_string' : ensure => absent; + } + } + + if $logging_default_format_string { + congress_config { + 'DEFAULT/logging_default_format_string' : + value => $logging_default_format_string; + } + } + else { + congress_config { + 'DEFAULT/logging_default_format_string' : ensure => absent; + } + } + + if $logging_debug_format_suffix { + congress_config { + 'DEFAULT/logging_debug_format_suffix' : + value => $logging_debug_format_suffix; + } + } + else { + congress_config { + 'DEFAULT/logging_debug_format_suffix' : ensure => absent; + } + } + + if $logging_exception_prefix { + congress_config { + 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; + } + } + else { + congress_config { + 'DEFAULT/logging_exception_prefix' : ensure => absent; + } + } + + if $log_config_append { + congress_config { + 'DEFAULT/log_config_append' : value => $log_config_append; + } + } + else { + congress_config { + 'DEFAULT/log_config_append' : ensure => absent; + } + } + + if $default_log_levels { + congress_config { + 'DEFAULT/default_log_levels' : + value => join(sort(join_keys_to_values($default_log_levels, '=')), ','); + } + } + else { + congress_config { + 'DEFAULT/default_log_levels' : ensure => absent; + } + } + + if $publish_errors { + congress_config { + 'DEFAULT/publish_errors' : value => $publish_errors; + } + } + else { + congress_config { + 'DEFAULT/publish_errors' : ensure => absent; + } + } + + if $fatal_deprecations { + congress_config { + 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; + } + } + else { + congress_config { + 'DEFAULT/fatal_deprecations' : ensure => absent; + } + } + + if $instance_format { + congress_config { + 'DEFAULT/instance_format' : value => $instance_format; + } + } + else { + congress_config { + 'DEFAULT/instance_format' : ensure => absent; + } + } + + if $instance_uuid_format { + congress_config { + 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; + } + } + else { + congress_config { + 'DEFAULT/instance_uuid_format' : ensure => absent; + } + } + + if $log_date_format { + congress_config { + 'DEFAULT/log_date_format' : value => $log_date_format; + } + } + else { + congress_config { + 'DEFAULT/log_date_format' : ensure => absent; + } + } + + +} diff --git a/components/congress/install/puppet/manifests/params.pp b/components/congress/install/puppet/manifests/params.pp new file mode 100644 index 0000000..f2ceed0 --- /dev/null +++ b/components/congress/install/puppet/manifests/params.pp @@ -0,0 +1,31 @@ +# +# This class contains the platform differences for congress +# +class congress::params { + $client_package_name = 'python-congressclient' + + case $::osfamily { + 'Debian': { + $package_name = 'congress' + $service_name = 'congress' + $python_memcache_package_name = 'python-memcache' + $sqlite_package_name = 'python-pysqlite2' + $paste_config = undef + case $::operatingsystem { + 'Debian': { + $service_provider = undef + } + default: { + $service_provider = 'upstart' + } + } + } + 'RedHat': { + $package_name = 'openstack-congress' + $service_name = 'openstack-congress' + $python_memcache_package_name = 'python-memcached' + $sqlite_package_name = undef + $service_provider = undef + } + } +} diff --git a/components/congress/install/puppet/manifests/policy.pp b/components/congress/install/puppet/manifests/policy.pp new file mode 100644 index 0000000..cdca472 --- /dev/null +++ b/components/congress/install/puppet/manifests/policy.pp @@ -0,0 +1,39 @@ +# == Class: congress::policy +# +# Configure the congress policies +# +# === Parameters +# +# [*policies*] +# (optional) Set of policies to configure for congress +# Example : +# { +# 'congress-context_is_admin' => { +# 'key' => 'context_is_admin', +# 'value' => 'true' +# }, +# 'congress-default' => { +# 'key' => 'default', +# 'value' => 'rule:admin_or_owner' +# } +# } +# Defaults to empty hash. +# +# [*policy_path*] +# (optional) Path to the nova policy.json file +# Defaults to /etc/congress/policy.json +# +class congress::policy ( + $policies = {}, + $policy_path = '/etc/congress/policy.json', +) { + + validate_hash($policies) + + Openstacklib::Policy::Base { + file_path => $policy_path, + } + + create_resources('openstacklib::policy::base', $policies) + +} diff --git a/components/congress/install/puppet/manifests/service.pp b/components/congress/install/puppet/manifests/service.pp new file mode 100644 index 0000000..f802e9a --- /dev/null +++ b/components/congress/install/puppet/manifests/service.pp @@ -0,0 +1,55 @@ +# == Class congress::service +# +# Encapsulates the congress service to a class. +# This allows resources that require congress to +# require this class, which can optionally +# validate that the service can actually accept +# connections. +# +# === Parameters +# +# [*ensure*] +# (optional) The desired state of the congress service +# Defaults to undef +# +# [*service_name*] +# (optional) The name of the congress service +# Defaults to $::congress::params::service_name +# +# [*enable*] +# (optional) Whether to enable the congress service +# Defaults to true +# +# [*hasstatus*] +# (optional) Whether the congress service has status +# Defaults to true +# +# [*hasrestart*] +# (optional) Whether the congress service has restart +# Defaults to true +# +# [*provider*] +# (optional) Provider for congress service +# Defaults to $::congress::params::service_provider +# +class congress::service( + $ensure = undef, + $service_name = $::congress::params::service_name, + $enable = true, + $hasstatus = true, + $hasrestart = true, + $provider = $::congress::params::service_provider, +) { + include ::congress::params + + service { 'congress': + ensure => $ensure, + name => $service_name, + enable => $enable, + hasstatus => $hasstatus, + hasrestart => $hasrestart, + provider => $provider, + tag => 'congress-service', + } + +} diff --git a/components/congress/install/puppet/metadata.json b/components/congress/install/puppet/metadata.json new file mode 100644 index 0000000..e94dd68 --- /dev/null +++ b/components/congress/install/puppet/metadata.json @@ -0,0 +1,34 @@ +{ + "name": "puppet-congress", + "version": "0.0.1", + "author": "OpenStack Contributors", + "summary": "Puppet module for OpenStack congress", + "license": "Apache-2.0", + "source": "git://github.com/openstack/puppet-congress.git", + "project_page": "https://launchpad.net/puppet-congress", + "issues_url": "https://bugs.launchpad.net/puppet-congress", + "description": "Installs and configures OpenStack congress.", + "operatingsystem_support": [ + { + "operatingsystem": "Debian", + "operatingsystemrelease": ["8"] + }, + { + "operatingsystem": "Fedora", + "operatingsystemrelease": ["21","22"] + }, + { + "operatingsystem": "RedHat", + "operatingsystemrelease": ["7"] + }, + { + "operatingsystem": "Ubuntu", + "operatingsystemrelease": ["14.04"] + } + ], + "dependencies": [ + { "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" }, + { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.2.0 <5.0.0" }, + { "name": "stackforge/openstacklib", "version_requirement": ">=5.0.0 <6.0.0" } + ] +} diff --git a/components/congress/install/puppet/spec/classes/congress_db_mysql_spec.rb b/components/congress/install/puppet/spec/classes/congress_db_mysql_spec.rb new file mode 100644 index 0000000..6370bac --- /dev/null +++ b/components/congress/install/puppet/spec/classes/congress_db_mysql_spec.rb @@ -0,0 +1,62 @@ +require 'spec_helper' + +describe 'congress::db::mysql' do + + let :pre_condition do + [ + 'include mysql::server', + 'include congress::db::sync' + ] + end + + let :facts do + { :osfamily => 'Debian' } + end + + let :params do + { + 'password' => 'fooboozoo_default_password', + } + end + + describe 'with only required params' do + it { is_expected.to contain_openstacklib__db__mysql('congress').with( + 'user' => 'congress', + 'password_hash' => '*3DDF34A86854A312A8E2C65B506E21C91800D206', + 'dbname' => 'congress', + 'host' => '127.0.0.1', + 'charset' => 'utf8', + :collate => 'utf8_general_ci', + )} + end + + describe "overriding allowed_hosts param to array" do + let :params do + { + :password => 'congresspass', + :allowed_hosts => ['127.0.0.1','%'] + } + end + + end + describe "overriding allowed_hosts param to string" do + let :params do + { + :password => 'congresspass2', + :allowed_hosts => '192.168.1.1' + } + end + + end + + describe "overriding allowed_hosts param equals to host param " do + let :params do + { + :password => 'congresspass2', + :allowed_hosts => '127.0.0.1' + } + end + + end + +end diff --git a/components/congress/install/puppet/spec/classes/congress_db_postgresql_spec.rb b/components/congress/install/puppet/spec/classes/congress_db_postgresql_spec.rb new file mode 100644 index 0000000..74abbdb --- /dev/null +++ b/components/congress/install/puppet/spec/classes/congress_db_postgresql_spec.rb @@ -0,0 +1,58 @@ +require 'spec_helper' + +describe 'congress::db::postgresql' do + + let :req_params do + { :password => 'pw' } + end + + let :pre_condition do + 'include postgresql::server' + end + + context 'on a RedHat osfamily' do + let :facts do + { + :osfamily => 'RedHat', + :operatingsystemrelease => '7.0', + :concat_basedir => '/var/lib/puppet/concat' + } + end + + context 'with only required parameters' do + let :params do + req_params + end + + it { is_expected.to contain_postgresql__server__db('congress').with( + :user => 'congress', + :password => 'md5c530c33636c58ae83ca933f39319273e' + )} + end + + end + + context 'on a Debian osfamily' do + let :facts do + { + :operatingsystemrelease => '7.8', + :operatingsystem => 'Debian', + :osfamily => 'Debian', + :concat_basedir => '/var/lib/puppet/concat' + } + end + + context 'with only required parameters' do + let :params do + req_params + end + + it { is_expected.to contain_postgresql__server__db('congress').with( + :user => 'congress', + :password => 'md5c530c33636c58ae83ca933f39319273e' + )} + end + + end + +end diff --git a/components/congress/install/puppet/spec/classes/congress_db_spec.rb b/components/congress/install/puppet/spec/classes/congress_db_spec.rb new file mode 100644 index 0000000..3b84993 --- /dev/null +++ b/components/congress/install/puppet/spec/classes/congress_db_spec.rb @@ -0,0 +1,78 @@ +require 'spec_helper' + +describe 'congress::db' do + + shared_examples 'congress::db' do + context 'with default parameters' do + it { is_expected.to contain_congress_config('database/connection').with_value('mysql://congress:secrete@localhost:3306/congress') } + it { is_expected.to contain_congress_config('database/idle_timeout').with_value('3600') } + it { is_expected.to contain_congress_config('database/min_pool_size').with_value('1') } + it { is_expected.to contain_congress_config('database/max_retries').with_value('10') } + it { is_expected.to contain_congress_config('database/retry_interval').with_value('10') } + it { is_expected.to contain_congress_config('database/max_pool_size').with_value('10') } + it { is_expected.to contain_congress_config('database/max_overflow').with_value('20') } + end + + context 'with specific parameters' do + let :params do + { :database_connection => 'mysql://congress:congress@localhost/congress', + :database_idle_timeout => '3601', + :database_min_pool_size => '2', + :database_max_retries => '11', + :database_retry_interval => '11', + :database_max_pool_size => '11', + :database_max_overflow => '21', + } + end + + it { is_expected.to contain_congress_config('database/connection').with_value('mysql://congress:congress@localhost/congress') } + it { is_expected.to contain_congress_config('database/idle_timeout').with_value('3601') } + it { is_expected.to contain_congress_config('database/min_pool_size').with_value('2') } + it { is_expected.to contain_congress_config('database/max_retries').with_value('11') } + it { is_expected.to contain_congress_config('database/retry_interval').with_value('11') } + it { is_expected.to contain_congress_config('database/max_pool_size').with_value('11') } + it { is_expected.to contain_congress_config('database/max_overflow').with_value('21') } + end + + context 'with postgresql backend' do + let :params do + { :database_connection => 'postgresql://congress:congress@localhost/congress', } + end + + it 'install the proper backend package' do + is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') + end + + end + + context 'with incorrect database_connection string' do + let :params do + { :database_connection => 'sqlite://congress:congress@localhost/congress', } + end + + it_raises 'a Puppet::Error', /validate_re/ + end + end + + context 'on Debian platforms' do + let :facts do + { :osfamily => 'Debian', + :operatingsystem => 'Debian', + :operatingsystemrelease => 'jessie', + } + end + + it_configures 'congress::db' + end + + context 'on Redhat platforms' do + let :facts do + { :osfamily => 'RedHat', + :operatingsystemrelease => '7.1', + } + end + + it_configures 'congress::db' + end + +end diff --git a/components/congress/install/puppet/spec/classes/congress_keystone_auth_spec.rb b/components/congress/install/puppet/spec/classes/congress_keystone_auth_spec.rb new file mode 100644 index 0000000..3cb7e59 --- /dev/null +++ b/components/congress/install/puppet/spec/classes/congress_keystone_auth_spec.rb @@ -0,0 +1,123 @@ +# +# Unit tests for congress::keystone::auth +# + +require 'spec_helper' + +describe 'congress::keystone::auth' do + + let :facts do + { :osfamily => 'Debian' } + end + + describe 'with default class parameters' do + let :params do + { :password => 'congress_password', + :tenant => 'foobar' } + end + + it { is_expected.to contain_keystone_user('congress').with( + :ensure => 'present', + :password => 'congress_password', + ) } + + it { is_expected.to contain_keystone_user_role('congress@foobar').with( + :ensure => 'present', + :roles => ['admin'] + )} + + it { is_expected.to contain_keystone_service('congress').with( + :ensure => 'present', + :type => 'FIXME', + :description => 'congress FIXME Service' + ) } + + it { is_expected.to contain_keystone_endpoint('RegionOne/congress').with( + :ensure => 'present', + :public_url => 'http://127.0.0.1:FIXME', + :admin_url => 'http://127.0.0.1:FIXME', + :internal_url => 'http://127.0.0.1:FIXME', + ) } + end + + describe 'when overriding URL paramaters' do + let :params do + { :password => 'congress_password', + :public_url => 'https://10.10.10.10:80', + :internal_url => 'http://10.10.10.11:81', + :admin_url => 'http://10.10.10.12:81', } + end + + it { is_expected.to contain_keystone_endpoint('RegionOne/congress').with( + :ensure => 'present', + :public_url => 'https://10.10.10.10:80', + :internal_url => 'http://10.10.10.11:81', + :admin_url => 'http://10.10.10.12:81', + ) } + end + + describe 'when overriding auth name' do + let :params do + { :password => 'foo', + :auth_name => 'congressy' } + end + + it { is_expected.to contain_keystone_user('congressy') } + it { is_expected.to contain_keystone_user_role('congressy@services') } + it { is_expected.to contain_keystone_service('congressy') } + it { is_expected.to contain_keystone_endpoint('RegionOne/congressy') } + end + + describe 'when overriding service name' do + let :params do + { :service_name => 'congress_service', + :auth_name => 'congress', + :password => 'congress_password' } + end + + it { is_expected.to contain_keystone_user('congress') } + it { is_expected.to contain_keystone_user_role('congress@services') } + it { is_expected.to contain_keystone_service('congress_service') } + it { is_expected.to contain_keystone_endpoint('RegionOne/congress_service') } + end + + describe 'when disabling user configuration' do + + let :params do + { + :password => 'congress_password', + :configure_user => false + } + end + + it { is_expected.not_to contain_keystone_user('congress') } + it { is_expected.to contain_keystone_user_role('congress@services') } + it { is_expected.to contain_keystone_service('congress').with( + :ensure => 'present', + :type => 'FIXME', + :description => 'congress FIXME Service' + ) } + + end + + describe 'when disabling user and user role configuration' do + + let :params do + { + :password => 'congress_password', + :configure_user => false, + :configure_user_role => false + } + end + + it { is_expected.not_to contain_keystone_user('congress') } + it { is_expected.not_to contain_keystone_user_role('congress@services') } + it { is_expected.to contain_keystone_service('congress').with( + :ensure => 'present', + :type => 'FIXME', + :description => 'congress FIXME Service' + ) } + + end + +end diff --git a/components/congress/install/puppet/spec/classes/congress_logging_spec.rb b/components/congress/install/puppet/spec/classes/congress_logging_spec.rb new file mode 100644 index 0000000..0bfb994 --- /dev/null +++ b/components/congress/install/puppet/spec/classes/congress_logging_spec.rb @@ -0,0 +1,144 @@ +require 'spec_helper' + +describe 'congress::logging' do + + let :params do + { + } + end + + let :log_params do + { + :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', + :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', + :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', + :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', + :log_config_append => '/etc/congress/logging.conf', + :publish_errors => true, + :default_log_levels => { + 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', + 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', + 'iso8601' => 'WARN', + 'requests.packages.urllib3.connectionpool' => 'WARN' }, + :fatal_deprecations => true, + :instance_format => '[instance: %(uuid)s] ', + :instance_uuid_format => '[instance: %(uuid)s] ', + :log_date_format => '%Y-%m-%d %H:%M:%S', + :use_syslog => true, + :use_stderr => false, + :log_facility => 'LOG_FOO', + :log_dir => '/var/log', + :verbose => true, + :debug => true, + } + end + + shared_examples_for 'congress-logging' do + + context 'with basic logging options and default settings' do + it_configures 'basic default logging settings' + end + + context 'with basic logging options and non-default settings' do + before { params.merge!( log_params ) } + it_configures 'basic non-default logging settings' + end + + context 'with extended logging options' do + before { params.merge!( log_params ) } + it_configures 'logging params set' + end + + context 'without extended logging options' do + it_configures 'logging params unset' + end + + end + + shared_examples 'basic default logging settings' do + it 'configures ceilometer logging settins with default values' do + is_expected.to contain_ceilometer_config('DEFAULT/use_syslog').with(:value => 'false') + is_expected.to contain_ceilometer_config('DEFAULT/use_stderr').with(:value => 'true') + is_expected.to contain_ceilometer_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_USER') + is_expected.to contain_ceilometer_config('DEFAULT/log_dir').with(:value => '/var/log/congress') + is_expected.to contain_ceilometer_config('DEFAULT/verbose').with(:value => 'false') + is_expected.to contain_ceilometer_config('DEFAULT/debug').with(:value => 'false') + end + end + + shared_examples 'basic non-default logging settings' do + it 'configures ceilometer logging settins with non-default values' do + is_expected.to contain_ceilometer_config('DEFAULT/use_syslog').with(:value => 'true') + is_expected.to contain_ceilometer_config('DEFAULT/use_stderr').with(:value => 'false') + is_expected.to contain_ceilometer_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') + is_expected.to contain_ceilometer_config('DEFAULT/log_dir').with(:value => '/var/log') + is_expected.to contain_ceilometer_config('DEFAULT/verbose').with(:value => 'true') + is_expected.to contain_ceilometer_config('DEFAULT/debug').with(:value => 'true') + end + end + + shared_examples_for 'logging params set' do + it 'enables logging params' do + is_expected.to contain_congress_config('DEFAULT/logging_context_format_string').with_value( + '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') + + is_expected.to contain_congress_config('DEFAULT/logging_default_format_string').with_value( + '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') + + is_expected.to contain_congress_config('DEFAULT/logging_debug_format_suffix').with_value( + '%(funcName)s %(pathname)s:%(lineno)d') + + is_expected.to contain_congress_config('DEFAULT/logging_exception_prefix').with_value( + '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') + + is_expected.to contain_congress_config('DEFAULT/log_config_append').with_value( + '/etc/congress/logging.conf') + is_expected.to contain_congress_config('DEFAULT/publish_errors').with_value( + true) + + is_expected.to contain_congress_config('DEFAULT/default_log_levels').with_value( + 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') + + is_expected.to contain_congress_config('DEFAULT/fatal_deprecations').with_value( + true) + + is_expected.to contain_congress_config('DEFAULT/instance_format').with_value( + '[instance: %(uuid)s] ') + + is_expected.to contain_congress_config('DEFAULT/instance_uuid_format').with_value( + '[instance: %(uuid)s] ') + + is_expected.to contain_congress_config('DEFAULT/log_date_format').with_value( + '%Y-%m-%d %H:%M:%S') + end + end + + + shared_examples_for 'logging params unset' do + [ :logging_context_format_string, :logging_default_format_string, + :logging_debug_format_suffix, :logging_exception_prefix, + :log_config_append, :publish_errors, + :default_log_levels, :fatal_deprecations, + :instance_format, :instance_uuid_format, + :log_date_format, ].each { |param| + it { is_expected.to contain_congress_config("DEFAULT/#{param}").with_ensure('absent') } + } + end + + context 'on Debian platforms' do + let :facts do + { :osfamily => 'Debian' } + end + + it_configures 'congress-logging' + end + + context 'on RedHat platforms' do + let :facts do + { :osfamily => 'RedHat' } + end + + it_configures 'congress-logging' + end + +end diff --git a/components/congress/install/puppet/spec/classes/congress_policy_spec.rb b/components/congress/install/puppet/spec/classes/congress_policy_spec.rb new file mode 100644 index 0000000..d4e08ca --- /dev/null +++ b/components/congress/install/puppet/spec/classes/congress_policy_spec.rb @@ -0,0 +1,41 @@ +require 'spec_helper' + +describe 'congress::policy' do + + shared_examples_for 'congress policies' do + let :params do + { + :policy_path => '/etc/congress/policy.json', + :policies => { + 'context_is_admin' => { + 'key' => 'context_is_admin', + 'value' => 'foo:bar' + } + } + } + end + + it 'set up the policies' do + is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ + :key => 'context_is_admin', + :value => 'foo:bar' + }) + end + end + + context 'on Debian platforms' do + let :facts do + { :osfamily => 'Debian' } + end + + it_configures 'congress policies' + end + + context 'on RedHat platforms' do + let :facts do + { :osfamily => 'RedHat' } + end + + it_configures 'congress policies' + end +end diff --git a/components/congress/install/puppet/spec/shared_examples.rb b/components/congress/install/puppet/spec/shared_examples.rb new file mode 100644 index 0000000..fec0eac --- /dev/null +++ b/components/congress/install/puppet/spec/shared_examples.rb @@ -0,0 +1,5 @@ +shared_examples_for "a Puppet::Error" do |description| + it "with message matching #{description.inspect}" do + expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) + end +end diff --git a/components/congress/install/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb b/components/congress/install/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb new file mode 100644 index 0000000..0c4b9fa --- /dev/null +++ b/components/congress/install/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb @@ -0,0 +1,68 @@ +# +# these tests are a little concerning b/c they are hacking around the +# modulepath, so these tests will not catch issues that may eventually arise +# related to loading these plugins. +# I could not, for the life of me, figure out how to programatcally set the modulepath +$LOAD_PATH.push( + File.join( + File.dirname(__FILE__), + '..', + '..', + '..', + 'fixtures', + 'modules', + 'inifile', + 'lib') +) +$LOAD_PATH.push( + File.join( + File.dirname(__FILE__), + '..', + '..', + '..', + 'fixtures', + 'modules', + 'openstacklib', + 'lib') +) +require 'spec_helper' +provider_class = Puppet::Type.type(:congress_config).provider(:ini_setting) +describe provider_class do + + it 'should default to the default setting when no other one is specified' do + resource = Puppet::Type::congress_config.new( + {:name => 'DEFAULT/foo', :value => 'bar'} + ) + provider = provider_class.new(resource) + expect(provider.section).to eq('DEFAULT') + expect(provider.setting).to eq('foo') + end + + it 'should allow setting to be set explicitly' do + resource = Puppet::Type::congress_config.new( + {:name => 'dude/foo', :value => 'bar'} + ) + provider = provider_class.new(resource) + expect(provider.section).to eq('dude') + expect(provider.setting).to eq('foo') + end + + it 'should ensure absent when is specified as a value' do + resource = Puppet::Type::congress_config.new( + {:name => 'dude/foo', :value => ''} + ) + provider = provider_class.new(resource) + provider.exists? + expect(resource[:ensure]).to eq :absent + end + + it 'should ensure absent when value matches ensure_absent_val' do + resource = Puppet::Type::congress_config.new( + {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } + ) + provider = provider_class.new(resource) + provider.exists? + expect(resource[:ensure]).to eq :absent + end + +end diff --git a/components/congress/install/puppet/spec/unit/type/congress_config_spec.rb b/components/congress/install/puppet/spec/unit/type/congress_config_spec.rb new file mode 100644 index 0000000..22a70a1 --- /dev/null +++ b/components/congress/install/puppet/spec/unit/type/congress_config_spec.rb @@ -0,0 +1,64 @@ +require 'puppet' +require 'puppet/type/congress_config' +describe 'Puppet::Type.type(:congress_config)' do + before :each do + @congress_config = Puppet::Type.type(:congress_config).new(:name => 'DEFAULT/foo', :value => 'bar') + end + + it 'should require a name' do + expect { + Puppet::Type.type(:congress_config).new({}) + }.to raise_error(Puppet::Error, 'Title or name must be provided') + end + + it 'should not expect a name with whitespace' do + expect { + Puppet::Type.type(:congress_config).new(:name => 'f oo') + }.to raise_error(Puppet::Error, /Parameter name failed/) + end + + it 'should fail when there is no section' do + expect { + Puppet::Type.type(:congress_config).new(:name => 'foo') + }.to raise_error(Puppet::Error, /Parameter name failed/) + end + + it 'should not require a value when ensure is absent' do + Puppet::Type.type(:congress_config).new(:name => 'DEFAULT/foo', :ensure => :absent) + end + + it 'should accept a valid value' do + @congress_config[:value] = 'bar' + expect(@congress_config[:value]).to eq('bar') + end + + it 'should not accept a value with whitespace' do + @congress_config[:value] = 'b ar' + expect(@congress_config[:value]).to eq('b ar') + end + + it 'should accept valid ensure values' do + @congress_config[:ensure] = :present + expect(@congress_config[:ensure]).to eq(:present) + @congress_config[:ensure] = :absent + expect(@congress_config[:ensure]).to eq(:absent) + end + + it 'should not accept invalid ensure values' do + expect { + @congress_config[:ensure] = :latest + }.to raise_error(Puppet::Error, /Invalid value/) + end + + it 'should autorequire the package that install the file' do + catalog = Puppet::Resource::Catalog.new + package = Puppet::Type.type(:package).new(:name => 'congress-common') + catalog.add_resource package, @congress_config + dependency = @congress_config.autorequire + expect(dependency.size).to eq(1) + expect(dependency[0].target).to eq(@congress_config) + expect(dependency[0].source).to eq(package) + end + + +end diff --git a/components/congress/install/puppet/tests/init.pp b/components/congress/install/puppet/tests/init.pp new file mode 100644 index 0000000..922b1cb --- /dev/null +++ b/components/congress/install/puppet/tests/init.pp @@ -0,0 +1,12 @@ +# The baseline for module testing used by Puppet Labs is that each manifest +# should have a corresponding test manifest that declares that class or defined +# type. +# +# Tests are then run by using puppet apply --noop (to check for compilation +# errors and view a log of events) or by fully applying the test in a virtual +# environment (to compare the resulting system state to the desired state). +# +# Learn more about module testing here: +# http://docs.puppetlabs.com/guides/tests_smoke.html +# +include ::congress diff --git a/components/congress/joid/clean_congress.sh b/components/congress/joid/clean_congress.sh deleted file mode 100644 index 4ab21a4..0000000 --- a/components/congress/joid/clean_congress.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash -# CCopyright 2015-2016 AT&T Intellectual Property, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# This is a cleanup script for installation of Congress on an Ubuntu 14.04 -# LXC container in the OPNFV Controller node. -# Presumably something has failed, and any record of the Congress feature -# in OpenStack needs to be removed, so you can try the install again. -# -# Prequisite: OPFNV install per https://wiki.opnfv.org/copper/academy/joid -# How to use: -# Install OPNFV per https://wiki.opnfv.org/copper/academy/joid -# $ source ~/git/copper/components/congress/joid/clean_congress.sh -# is the name of the controller node in MAAS. - -source ~/admin-openrc.sh < -# (copies install_congress_2.sh to and executes it) -# is the name of the host in which to install Congress. -# -# If "horizon", Congress will be installed in the same LXC as Horizon, -# as necessary for the OpenStack Dashboard Policy plugins to work. -# Otherwise provide the node name of the controller node, where Congress -# will be installed in an LXC (NOTE: Policy plugin for OpenStack dashboard -# does not currently get installed for the LXC-based Congress deploy) - -if [ $# -gt 1 ] && [ $2 == "debug" ]; then set -x #echo on -fi - -source ~/admin-openrc.sh <~/env.sh -export CONGRESS_HOST=$CONGRESS_HOST -export HORIZON_HOST=$(juju status --format=short | awk "/openstack-dashboard/ { print \$3 }") -export KEYSTONE_HOST=$(juju status --format=short | awk "/keystone\/0/ { print \$3 }") -export CEILOMETER_HOST=$(juju status --format=short | awk "/ceilometer\/0/ { print \$3 }") -export CINDER_HOST=$(juju status --format=short | awk "/cinder\/0/ { print \$3 }") -export GLANCE_HOST=$(juju status --format=short | awk "/glance\/0/ { print \$3 }") -export NEUTRON_HOST=$(juju status --format=short | awk "/neutron-api\/0/ { print \$3 }") -export NOVA_HOST=$(juju status --format=short | awk "/nova-cloud-controller\/0/ { print \$3 }") -EOF -source ~/env.sh -juju scp ~/admin-openrc.sh ubuntu@$CONGRESS_HOST:/home/ubuntu -juju scp ~/env.sh ubuntu@$CONGRESS_HOST:/home/ubuntu - -echo "Copy install_congress_2.sh to the congress server and execute" -juju scp ~/git/copper/components/congress/joid/install_congress_2.sh ubuntu@$CONGRESS_HOST:/home/ubuntu -ssh -x -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ubuntu@$CONGRESS_HOST "source ~/install_congress_2.sh; exit" - -echo "Install jumphost dependencies" - -echo "Update package repos" -sudo apt-get update - -echo "install pip" -sudo apt-get install python-pip -y - -echo "install other dependencies" -sudo apt-get install apg git gcc python-dev libxml2 libxslt1-dev libzip-dev -y -sudo pip install --upgrade pip virtualenv setuptools pbr tox - -echo "Clone congress" -mkdir ~/git -cd ~/git -git clone https://github.com/openstack/congress.git -cd congress -git checkout stable/liberty - -echo "Create virtualenv" -virtualenv ~/git/congress -source bin/activate - -echo "Install and test OpenStack client" -cd ~/git -git clone https://github.com/openstack/python-openstackclient.git -cd python-openstackclient -git checkout stable/liberty -~/git/congress/bin/pip install -r requirements.txt -~/git/congress/bin/pip install . -openstack service list - -echo "Install and test Congress client" -cd ~/git -git clone https://github.com/openstack/python-congressclient.git -cd python-congressclient -git checkout stable/liberty -~/git/congress/bin/pip install -r requirements.txt -~/git/congress/bin/pip install . -openstack congress driver list - -echo "Install and test Keystone client" -cd ~/git -git clone https://github.com/openstack/python-keystoneclient.git -cd python-keystoneclient -git checkout stable/liberty -~/git/congress/bin/pip install -r requirements.txt -~/git/congress/bin/pip install . - -echo "setup Congress user. TODO: needs update in http://congress.readthedocs.org/en/latest/readme.html#installing-congress" -pip install cliff --upgrade -export ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }") -export SERVICE_TENANT=$(openstack project list | awk "/ admin / { print \$2 }") -openstack user create --password congress --project admin --email "congress@example.com" congress -export CONGRESS_USER=$(openstack user list | awk "/ congress / { print \$2 }") -openstack role add --user $CONGRESS_USER --project $SERVICE_TENANT $ADMIN_ROLE - -echo "Create Congress service" -openstack service create congress --type "policy" --description "Congress Service" -export CONGRESS_SERVICE=$(openstack service list | awk "/ congress / { print \$2 }") - -echo "Create Congress endpoint" -openstack endpoint create $CONGRESS_SERVICE \ - --region $OS_REGION_NAME \ - --publicurl http://$CONGRESS_HOST:1789/ \ - --adminurl http://$CONGRESS_HOST:1789/ \ - --internalurl http://$CONGRESS_HOST:1789/ - -echo "Start the Congress service" -ssh -x -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no ubuntu@$CONGRESS_HOST "~/git/congress/bin/congress-server &>/dev/null &" - -echo "Wait 30 seconds for Congress service to startup" -sleep 30 - -echo "Create data sources" -# To remove datasources: openstack congress datasource delete -openstack congress datasource create nova "nova" \ - --config username=$OS_USERNAME \ - --config tenant_name=$OS_TENANT_NAME \ - --config password=$OS_PASSWORD \ - --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 -openstack congress datasource create neutronv2 "neutronv2" \ - --config username=$OS_USERNAME \ - --config tenant_name=$OS_TENANT_NAME \ - --config password=$OS_PASSWORD \ - --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 -openstack congress datasource create ceilometer "ceilometer" \ - --config username=$OS_USERNAME \ - --config tenant_name=$OS_TENANT_NAME \ - --config password=$OS_PASSWORD \ - --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 -openstack congress datasource create cinder "cinder" \ - --config username=$OS_USERNAME \ - --config tenant_name=$OS_TENANT_NAME \ - --config password=$OS_PASSWORD \ - --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 -openstack congress datasource create glancev2 "glancev2" \ - --config username=$OS_USERNAME \ - --config tenant_name=$OS_TENANT_NAME \ - --config password=$OS_PASSWORD \ - --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 -openstack congress datasource create keystone "keystone" \ - --config username=$OS_USERNAME \ - --config tenant_name=$OS_TENANT_NAME \ - --config password=$OS_PASSWORD \ - --config auth_url=http://$KEYSTONE_HOST:5000/v2.0 - -echo "Install tox test dependencies" -sudo apt-get install -y libffi-dev libssl-dev - -echo "Run Congress tox Tests" -cd ~/git/congress -tox -epy27 - -set +x #echo off diff --git a/components/congress/joid/install_congress_2.sh b/components/congress/joid/install_congress_2.sh deleted file mode 100644 index 312a0c3..0000000 --- a/components/congress/joid/install_congress_2.sh +++ /dev/null @@ -1,174 +0,0 @@ -#!/bin/bash -# Copyright 2015-2016 AT&T Intellectual Property, Inc -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# This is script 2 of 2 for installation of Congress on an Ubuntu 14.04 -# LXC container (same as Horizon) in the OPNFV Controller node. -# Prequisite: OPFNV install per https://wiki.opnfv.org/copper/academy/joid -# -# On jumphost: -# Download admin-openrc.sh from Horizon and save in ~ -# source install_congress_1.sh -# (copies install_congress_2.sh to and executes it) -# is the name of the host in which to install Congress. -# -# If "horizon", Congress will be installed in the same LXC as Horizon, -# as necessary for the OpenStack Dashboard Policy plugins to work. -# Otherwise provide the node name of the controller node, where Congress -# will be installed in an LXC (NOTE: Policy plugin for OpenStack dashboard -# does not currently get installed for the LXC-based Congress deploy) - -set -x -source ~/admin-openrc.sh </log_file = congress.log/g' etc/congress.conf.sample -sed -i -- 's/#log_dir = /log_dir = \/var\/log\/congress/g' etc/congress.conf.sample -sed -i -- 's/#bind_host = 0.0.0.0/bind_host = '$CONGRESS_HOST'/g' etc/congress.conf.sample -sed -i -- 's/#policy_path = /policy_path = \/etc\/congress\/snapshot/g' etc/congress.conf.sample -sed -i -- 's/#auth_strategy = keystone/auth_strategy = noauth/g' etc/congress.conf.sample -sed -i -- 's/#drivers =/drivers = congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources.keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver/g' etc/congress.conf.sample -sed -i -- 's/#auth_host = 127.0.0.1/auth_host = '$CONGRESS_HOST'/g' etc/congress.conf.sample -sed -i -- 's/#auth_port = 35357/auth_port = 35357/g' etc/congress.conf.sample -sed -i -- 's/#auth_protocol = https/auth_protocol = http/g' etc/congress.conf.sample -sed -i -- 's/#admin_tenant_name = admin/admin_tenant_name = admin/g' etc/congress.conf.sample -sed -i -- 's/#admin_user = /admin_user = congress/g' etc/congress.conf.sample -sed -i -- 's/#admin_password = /admin_password = congress/g' etc/congress.conf.sample -sed -i -- 's/#connection = /connection = mysql:\/\/ubuntu:'$MYSQL_PASSWORD'@localhost:3306\/congress/g' etc/congress.conf.sample - -echo "copy congress.conf.sample to /etc/congress" -cp etc/congress.conf.sample /etc/congress/congress.conf - -echo "create congress database" -sudo mysql --user=root --password=$MYSQL_PASSWORD -e "CREATE DATABASE congress; GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu@localhost' IDENTIFIED BY '"$MYSQL_PASSWORD"'; GRANT ALL PRIVILEGES ON congress.* TO 'ubuntu'@'%' IDENTIFIED BY '"$MYSQL_PASSWORD"';" - -echo "install congress-db-manage dependencies (detected by errors)" -sudo apt-get build-dep python-mysqldb -y -bin/pip install MySQL-python - -echo "create database schema" -congress-db-manage --config-file /etc/congress/congress.conf upgrade head - -echo "Install Congress client" -cd ~/git -git clone https://github.com/openstack/python-congressclient.git -cd python-congressclient -git checkout stable/liberty -../congress/bin/pip install -r requirements.txt -../congress/bin/pip install . - -function _congress_setup_horizon { - local HORIZON_DIR="/usr/share/openstack-dashboard" - local CONGRESS_HORIZON_DIR="/home/ubuntu/git/congress/contrib/horizon" - sudo cp -r $CONGRESS_HORIZON_DIR/datasources $HORIZON_DIR/openstack_dashboard/dashboards/admin/ - sudo cp -r $CONGRESS_HORIZON_DIR/policies $HORIZON_DIR/openstack_dashboard/dashboards/admin/ - sudo cp -r $CONGRESS_HORIZON_DIR/static $HORIZON_DIR/openstack_dashboard/dashboards/admin/ - sudo cp -r $CONGRESS_HORIZON_DIR/templates $HORIZON_DIR/openstack_dashboard/dashboards/admin/ - sudo cp $CONGRESS_HORIZON_DIR/congress.py $HORIZON_DIR/openstack_dashboard/api/ - sudo cp $CONGRESS_HORIZON_DIR/_50_policy.py $HORIZON_DIR/openstack_dashboard/local/enabled/ - sudo cp $CONGRESS_HORIZON_DIR/_60_policies.py $HORIZON_DIR/openstack_dashboard/local/enabled/ - sudo cp $CONGRESS_HORIZON_DIR/_70_datasources.py $HORIZON_DIR/openstack_dashboard/local/enabled/ - - # For unit tests - sudo sh -c 'echo "python-congressclient" >> '$HORIZON_DIR'/requirements.txt' - sudo sh -c 'echo -e \ -"\n# Load the pluggable dashboard settings"\ -"\nimport openstack_dashboard.local.enabled"\ -"\nfrom openstack_dashboard.utils import settings"\ -"\n\nINSTALLED_APPS = list(INSTALLED_APPS)"\ -"\nsettings.update_dashboards(["\ -"\n openstack_dashboard.local.enabled,"\ -"\n], HORIZON_CONFIG, INSTALLED_APPS)" >> '$HORIZON_DIR'/openstack_dashboard/test/settings.py' - - # Setup alias for django-admin which could be different depending on distro - local django_admin - if type -p django-admin > /dev/null; then - django_admin=django-admin - else - django_admin=django-admin.py - fi - - # Collect and compress static files (e.g., JavaScript, CSS) - DJANGO_SETTINGS_MODULE=openstack_dashboard.settings $django_admin collectstatic --noinput - DJANGO_SETTINGS_MODULE=openstack_dashboard.settings $django_admin compress --force - - # Restart Horizon - sudo service apache2 restart -} -# Commented out as the procedure is not yet working -#echo "Install Horizon Policy plugin" -#_congress_setup_horizon - -set +x #echo off diff --git a/components/congress/puppet/lib/puppet/provider/congress_config/ini_setting.rb b/components/congress/puppet/lib/puppet/provider/congress_config/ini_setting.rb deleted file mode 100644 index 3d324b6..0000000 --- a/components/congress/puppet/lib/puppet/provider/congress_config/ini_setting.rb +++ /dev/null @@ -1,27 +0,0 @@ -Puppet::Type.type(:congress_config).provide( - :ini_setting, - :parent => Puppet::Type.type(:ini_setting).provider(:ruby) -) do - - def section - resource[:name].split('/', 2).first - end - - def setting - resource[:name].split('/', 2).last - end - - def separator - '=' - end - - def self.file_path - '/etc/congress/congress.conf' - end - - # added for backwards compatibility with older versions of inifile - def file_path - self.class.file_path - end - -end diff --git a/components/congress/puppet/lib/puppet/type/congress_config.rb b/components/congress/puppet/lib/puppet/type/congress_config.rb deleted file mode 100644 index 3b76fc6..0000000 --- a/components/congress/puppet/lib/puppet/type/congress_config.rb +++ /dev/null @@ -1,42 +0,0 @@ -Puppet::Type.newtype(:congress_config) do - - ensurable - - newparam(:name, :namevar => true) do - desc 'Section/setting name to manage from /etc/congress/congress.conf' - newvalues(/\S+\/\S+/) - end - - newproperty(:value) do - desc 'The value of the setting to be defined.' - munge do |value| - value = value.to_s.strip - value.capitalize! if value =~ /^(true|false)$/i - value - end - - def is_to_s( currentvalue ) - if resource.secret? - return '[old secret redacted]' - else - return currentvalue - end - end - - def should_to_s( newvalue ) - if resource.secret? - return '[new secret redacted]' - else - return newvalue - end - end - end - - newparam(:secret, :boolean => true) do - desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' - - newvalues(:true, :false) - - defaultto false - end -end diff --git a/components/congress/puppet/manifests/client.pp b/components/congress/puppet/manifests/client.pp deleted file mode 100644 index bb016e4..0000000 --- a/components/congress/puppet/manifests/client.pp +++ /dev/null @@ -1,27 +0,0 @@ -# == Class: congress::client -# -# Installs congress client. -# -# === Parameters -# -# [*ensure*] -# (optional) Ensure state of the package. -# Defaults to 'present'. -# -class congress::client ( - $ensure = 'present' -) { - - package { 'python-congressclient': - ensure => $ensure, - tag => 'openstack', - } - - if $ensure == 'present' { - include '::openstacklib::openstackclient' - } else { - class { '::openstacklib::openstackclient': - package_ensure => $ensure, - } - } -} diff --git a/components/congress/puppet/manifests/config.pp b/components/congress/puppet/manifests/config.pp deleted file mode 100644 index 0a59d07..0000000 --- a/components/congress/puppet/manifests/config.pp +++ /dev/null @@ -1,30 +0,0 @@ -# == Class: congress::config -# -# This class is used to manage arbitrary congress configurations. -# -# === Parameters -# -# [*congress_config*] -# (optional) Allow configuration of arbitrary congress configurations. -# The value is an hash of congress_config resources. Example: -# { 'DEFAULT/foo' => { value => 'fooValue'}, -# 'DEFAULT/bar' => { value => 'barValue'} -# } -# In yaml format, Example: -# congress_config: -# DEFAULT/foo: -# value: fooValue -# DEFAULT/bar: -# value: barValue -# -# NOTE: The configuration MUST NOT be already handled by this module -# or Puppet catalog compilation will fail with duplicate resources. -# -class congress::config ( - $congress_config = {}, -) { - - validate_hash($congress_config) - - create_resources('congress_config', $congress_config) -} diff --git a/components/congress/puppet/manifests/db.pp b/components/congress/puppet/manifests/db.pp deleted file mode 100644 index 33dccc4..0000000 --- a/components/congress/puppet/manifests/db.pp +++ /dev/null @@ -1,97 +0,0 @@ -# == Class: congress::db -# -# Configure the congress database connection -# -# === Parameters -# -# [*database_connection*] -# Url used to connect to database. -# (Optional) Defaults to 'sqlite:////var/lib/congress/congress.sqlite'. -# -# [*database_idle_timeout*] -# Timeout when db connections should be reaped. -# (Optional) Defaults to 3600. -# -# [*database_max_retries*] -# Maximum number of database connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Optional) Defaults to 10. -# -# [*database_retry_interval*] -# Interval between retries of opening a database connection. -# (Optional) Defaults to 10. -# -# [*database_min_pool_size*] -# Minimum number of SQL connections to keep open in a pool. -# (Optional) Defaults to 1. -# -# [*database_max_pool_size*] -# Maximum number of SQL connections to keep open in a pool. -# (Optional) Defaults to 10. -# -# [*database_max_overflow*] -# If set, use this value for max_overflow with sqlalchemy. -# (Optional) Defaults to 20. -# -class congress::db ( - $database_connection = 'sqlite:////var/lib/congress/congress.sqlite', - $database_idle_timeout = 3600, - $database_min_pool_size = 1, - $database_max_pool_size = 10, - $database_max_retries = 10, - $database_retry_interval = 10, - $database_max_overflow = 20, -) { - - # NOTE(spredzy): In order to keep backward compatibility we rely on the pick function - # to use congress:: if congress::db:: isn't specified. - $database_connection_real = pick($::congress::database_connection, $database_connection) - $database_idle_timeout_real = pick($::congress::database_idle_timeout, $database_idle_timeout) - $database_min_pool_size_real = pick($::congress::database_min_pool_size, $database_min_pool_size) - $database_max_pool_size_real = pick($::congress::database_max_pool_size, $database_max_pool_size) - $database_max_retries_real = pick($::congress::database_max_retries, $database_max_retries) - $database_retry_interval_real = pick($::congress::database_retry_interval, $database_retry_interval) - $database_max_overflow_real = pick($::congress::database_max_overflow, $database_max_overflow) - - validate_re($database_connection_real, - '(sqlite|mysql|postgresql):\/\/(\S+:\S+@\S+\/\S+)?') - - if $database_connection_real { - case $database_connection_real { - /^mysql:\/\//: { - $backend_package = false - require 'mysql::bindings' - require 'mysql::bindings::python' - } - /^postgresql:\/\//: { - $backend_package = false - require 'postgresql::lib::python' - } - /^sqlite:\/\//: { - $backend_package = $::congress::params::sqlite_package_name - } - default: { - fail('Unsupported backend configured') - } - } - - if $backend_package and !defined(Package[$backend_package]) { - package {'congress-backend-package': - ensure => present, - name => $backend_package, - tag => 'openstack', - } - } - - congress_config { - 'database/connection': value => $database_connection_real, secret => true; - 'database/idle_timeout': value => $database_idle_timeout_real; - 'database/min_pool_size': value => $database_min_pool_size_real; - 'database/max_retries': value => $database_max_retries_real; - 'database/retry_interval': value => $database_retry_interval_real; - 'database/max_pool_size': value => $database_max_pool_size_real; - 'database/max_overflow': value => $database_max_overflow_real; - } - } - -} diff --git a/components/congress/puppet/manifests/db/mysql.pp b/components/congress/puppet/manifests/db/mysql.pp deleted file mode 100644 index 456b812..0000000 --- a/components/congress/puppet/manifests/db/mysql.pp +++ /dev/null @@ -1,69 +0,0 @@ -# The congress::db::mysql class implements mysql backend for congress -# -# This class can be used to create tables, users and grant -# privelege for a mysql congress database. -# -# == parameters -# -# [*password*] -# (Mandatory) Password to connect to the database. -# Defaults to 'false'. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'congress'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'congress'. -# -# [*host*] -# (Optional) The default source host user is allowed to connect from. -# Defaults to '127.0.0.1' -# -# [*allowed_hosts*] -# (Optional) Other hosts the user is allowed to connect from. -# Defaults to 'undef'. -# -# [*charset*] -# (Optional) The database charset. -# Defaults to 'utf8' -# -# [*collate*] -# (Optional) The database collate. -# Only used with mysql modules >= 2.2. -# Defaults to 'utf8_general_ci' -# -# == Dependencies -# Class['mysql::server'] -# -# == Examples -# -# == Authors -# -# == Copyright -# -class congress::db::mysql( - $password, - $dbname = 'congress', - $user = 'congress', - $host = '127.0.0.1', - $charset = 'utf8', - $collate = 'utf8_general_ci', - $allowed_hosts = undef -) { - - validate_string($password) - - ::openstacklib::db::mysql { 'congress': - user => $user, - password_hash => mysql_password($password), - dbname => $dbname, - host => $host, - charset => $charset, - collate => $collate, - allowed_hosts => $allowed_hosts, - } - - ::Openstacklib::Db::Mysql['congress'] ~> Exec<| title == 'congress-manage db_sync' |> -} diff --git a/components/congress/puppet/manifests/db/postgresql.pp b/components/congress/puppet/manifests/db/postgresql.pp deleted file mode 100644 index 4766eca..0000000 --- a/components/congress/puppet/manifests/db/postgresql.pp +++ /dev/null @@ -1,55 +0,0 @@ -# == Class: congress::db::postgresql -# -# Class that configures postgresql for congress -# Requires the Puppetlabs postgresql module. -# -# === Parameters -# -# [*password*] -# (Required) Password to connect to the database. -# -# [*dbname*] -# (Optional) Name of the database. -# Defaults to 'congress'. -# -# [*user*] -# (Optional) User to connect to the database. -# Defaults to 'congress'. -# -# [*encoding*] -# (Optional) The charset to use for the database. -# Default to undef. -# -# [*privileges*] -# (Optional) Privileges given to the database user. -# Default to 'ALL' -# -# == Dependencies -# -# == Examples -# -# == Authors -# -# == Copyright -# -class congress::db::postgresql( - $password, - $dbname = 'congress', - $user = 'congress', - $encoding = undef, - $privileges = 'ALL', -) { - - Class['congress::db::postgresql'] -> Service<| title == 'congress' |> - - ::openstacklib::db::postgresql { 'congress': - password_hash => postgresql_password($user, $password), - dbname => $dbname, - user => $user, - encoding => $encoding, - privileges => $privileges, - } - - ::Openstacklib::Db::Postgresql['congress'] ~> Exec<| title == 'congress-manage db_sync' |> - -} diff --git a/components/congress/puppet/manifests/db/sync.pp b/components/congress/puppet/manifests/db/sync.pp deleted file mode 100644 index bb07f7e..0000000 --- a/components/congress/puppet/manifests/db/sync.pp +++ /dev/null @@ -1,14 +0,0 @@ -# -# Class to execute "congress-manage db_sync -# -class congress::db::sync { - exec { 'congress-manage db_sync': - path => '/usr/bin', - user => 'congress', - refreshonly => true, - subscribe => [Package['congress'], congress_config['database/connection']], - require => User['congress'], - } - - Exec['congress-manage db_sync'] ~> Service<| title == 'congress' |> -} diff --git a/components/congress/puppet/manifests/init.pp b/components/congress/puppet/manifests/init.pp deleted file mode 100644 index a1367c3..0000000 --- a/components/congress/puppet/manifests/init.pp +++ /dev/null @@ -1,410 +0,0 @@ -# == Class: congress -# -# Module for managing congress config -# -# === Parameters -# -# [*keystone_password*] -# (required) Password used to authentication. -# -# [*package_ensure*] -# (optional) Desired ensure state of packages. -# accepts latest or specific versions. -# Defaults to present. -# -# [*client_package_ensure*] -# (optional) Desired ensure state of the client package. -# accepts latest or specific versions. -# Defaults to present. -# -# [*bind_host*] -# (optional) The IP address that congress binds to. -# Default to '0.0.0.0'. -# -# [*bind_port*] -# (optional) Port that congress binds to. -# Defaults to '1789' -# -# [*verbose*] -# (optional) Rather congress should log at verbose level. -# Defaults to undef. -# -# [*debug*] -# (optional) Rather congress should log at debug level. -# Defaults to undef. -# -# [*auth_type*] -# (optional) Type is authorization being used. -# Defaults to 'keystone' -# -# [*auth_uri*] -# (optional) Complete public Identity API endpoint. -# Defaults to false. -# -# [*identity_uri*] -# (optional) Complete admin Identity API endpoint. -# Defaults to: false -# -# [*keystone_tenant*] -# (optional) Tenant to authenticate to. -# Defaults to services. -# -# [*keystone_user*] -# (optional) User to authenticate as with keystone. -# Defaults to 'congress'. -# -# [*manage_service*] -# (Optional) If Puppet should manage service startup / shutdown. -# Defaults to true. -# -# [*enabled*] -# (optional) If the congress services should be enabled. -# Default to true. -# -# [*database_connection*] -# (optional) Url used to connect to database. -# Defaults to undef. -# -# [*database_idle_timeout*] -# (optional) Timeout when db connections should be reaped. -# Defaults to undef. -# -# [*database_max_retries*] -# (optional) Maximum number of database connection retries during startup. -# Setting -1 implies an infinite retry count. -# (Defaults to undef) -# -# [*database_retry_interval*] -# (optional) Interval between retries of opening a database connection. -# (Defaults to undef) -# -# [*database_min_pool_size*] -# (optional) Minimum number of SQL connections to keep open in a pool. -# Defaults to: undef -# -# [*database_max_pool_size*] -# (optional) Maximum number of SQL connections to keep open in a pool. -# Defaults to: undef -# -# [*database_max_overflow*] -# (optional) If set, use this value for max_overflow with sqlalchemy. -# Defaults to: undef -# -# [*rpc_backend*] -# (Optional) Use these options to configure the RabbitMQ message system. -# Defaults to 'rabbit' -# -# [*control_exchange*] -# (Optional) -# Defaults to 'openstack'. -# -# [*rabbit_host*] -# (Optional) IP or hostname of the rabbit server. -# Defaults to '127.0.0.1' -# -# [*rabbit_port*] -# (Optional) Port of the rabbit server. -# Defaults to 5672. -# -# [*rabbit_hosts*] -# (Optional) Array of host:port (used with HA queues). -# If defined, will remove rabbit_host & rabbit_port parameters from config -# Defaults to undef. -# -# [*rabbit_userid*] -# (Optional) User to connect to the rabbit server. -# Defaults to 'guest' -# -# [*rabbit_password*] -# (Required) Password to connect to the rabbit_server. -# Defaults to empty. Required if using the Rabbit (kombu) -# backend. -# -# [*rabbit_virtual_host*] -# (Optional) Virtual_host to use. -# Defaults to '/' -# -# [*rabbit_heartbeat_timeout_threshold*] -# (optional) Number of seconds after which the RabbitMQ broker is considered -# down if the heartbeat keepalive fails. Any value >0 enables heartbeats. -# Heartbeating helps to ensure the TCP connection to RabbitMQ isn't silently -# closed, resulting in missed or lost messages from the queue. -# (Requires kombu >= 3.0.7 and amqp >= 1.4.0) -# Defaults to 0 -# -# [*rabbit_heartbeat_rate*] -# (optional) How often during the rabbit_heartbeat_timeout_threshold period to -# check the heartbeat on RabbitMQ connection. (i.e. rabbit_heartbeat_rate=2 -# when rabbit_heartbeat_timeout_threshold=60, the heartbeat will be checked -# every 30 seconds. -# Defaults to 2 -# -# [*rabbit_use_ssl*] -# (optional) Connect over SSL for RabbitMQ -# Defaults to false -# -# [*kombu_ssl_ca_certs*] -# (optional) SSL certification authority file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_certfile*] -# (optional) SSL cert file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_keyfile*] -# (optional) SSL key file (valid only if SSL enabled). -# Defaults to $::os_service_default -# -# [*kombu_ssl_version*] -# (optional) SSL version to use (valid only if SSL enabled). -# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be -# available on some distributions. -# Defaults to $::os_service_default -# -# [*kombu_reconnect_delay*] -# (optional) How long to wait before reconnecting in response to an AMQP -# consumer cancel notification. -# Defaults to $::os_service_default -# -# [*amqp_durable_queues*] -# Use durable queues in amqp. -# (Optional) Defaults to false. -# -# [*service_provider*] -# (optional) Provider, that can be used for congress service. -# Default value defined in congress::params for given operation system. -# If you use Pacemaker or another Cluster Resource Manager, you can make -# custom service provider for changing start/stop/status behavior of service, -# and set it here. -# -# [*service_name*] -# (optional) Name of the service that will be providing the -# server functionality of congress. -# Defaults to '$::congress::params::service_name' -# -# [*sync_db*] -# (Optional) Run db sync on the node. -# Defaults to true -# -# == Dependencies -# None -# -# == Examples -# -# class { 'congress': -# keystone_password => 'congress', -# keystone_tenant => 'service', -# auth_uri => 'http://192.168.122.6:5000/', -# identity_uri => 'http://192.168.122.6:35357/', -# database_connection => 'mysql://congress:password@192.168.122.6/congress', -# rabbit_host => '192.168.122.6', -# rabbit_password => 'guest', -# } -# -# class { 'congress::db::mysql': -# password => 'password', -# host => '192.168.122.6', -# } -# -# class { 'congress::keystone::auth': -# password => 'congress', -# tenant => 'service', -# admin_url => 'http://192.168.122.6:1789', -# internal_url => 'http://192.168.122.6:1789', -# public_url => 'http://192.168.122.6:1789', -# region => 'regionOne', -# } -# -# == Authors -# -# Dan Radez -# -# == Copyright -# -# Copyright 2015 Red Hat Inc, unless otherwise noted. -# - -class congress( - $keystone_password, - $package_ensure = 'present', - $client_package_ensure = 'present', - $bind_host = '0.0.0.0', - $bind_port = '1789', - $verbose = undef, - $debug = undef, - $auth_type = 'keystone', - $auth_uri = false, - $identity_uri = false, - $keystone_tenant = 'services', - $keystone_user = 'congress', - $manage_service = true, - $enabled = true, - $database_connection = undef, - $database_idle_timeout = undef, - $database_max_retries = undef, - $database_retry_interval = undef, - $database_min_pool_size = undef, - $database_max_pool_size = undef, - $database_max_overflow = undef, - $rpc_backend = 'rabbit', - $control_exchange = 'congress', - $rabbit_host = '127.0.0.1', - $rabbit_port = 5672, - $rabbit_hosts = false, - $rabbit_virtual_host = '/', - $rabbit_heartbeat_timeout_threshold = 0, - $rabbit_heartbeat_rate = 2, - $rabbit_userid = 'guest', - $rabbit_password = false, - $rabbit_use_ssl = false, - $kombu_ssl_ca_certs = $::os_service_default, - $kombu_ssl_certfile = $::os_service_default, - $kombu_ssl_keyfile = $::os_service_default, - $kombu_ssl_version = $::os_service_default, - $kombu_reconnect_delay = $::os_service_default, - $amqp_durable_queues = false, - $service_provider = $::congress::params::service_provider, - $service_name = $::congress::params::service_name, -) inherits congress::params { - congress_config { - 'DEFAULT/drivers' : value => 'congress.datasources.neutronv2_driver.NeutronV2Driver,congress.datasources.glancev2_driver.GlanceV2Driver,congress.datasources.nova_driver.NovaDriver,congress.datasources. keystone_driver.KeystoneDriver,congress.datasources.ceilometer_driver.CeilometerDriver,congress.datasources.cinder_driver.CinderDriver'; - } - - if $identity_uri { - congress_config { 'keystone_authtoken/identity_uri': value => $identity_uri; } - congress_config { 'keystone_authtoken/auth_url' : value => $identity_uri; } - } else { - congress_config { 'keystone_authtoken/identity_uri': ensure => absent; } - } - - if $auth_uri { - congress_config { 'keystone_authtoken/auth_uri': value => $auth_uri; } - } else { - congress_config { 'keystone_authtoken/auth_uri': ensure => absent; } - } - - if $auth_type == 'keystone' { - congress_config { - 'keystone_authtoken/project_name' : value => $keystone_tenant; - 'keystone_authtoken/username' : value => $keystone_user; - 'keystone_authtoken/password' : value => $keystone_password, secret => true; - } - } - - congress_config<||> ~> Service[$service_name] - congress_config<||> ~> Exec<| title == 'congress-manage db_sync'|> - - include ::congress::db - include ::congress::params - - if $sync_db { - include ::congress::db::sync - Class['::congress::db::sync'] ~> Service[$service_name] - } - if $rpc_backend == 'rabbit' { - - if ! $rabbit_password { - fail('Please specify a rabbit_password parameter.') - } - - congress_config { - 'DEFAULT/rabbit_password': value => $rabbit_password, secret => true; - 'DEFAULT/rabbit_userid': value => $rabbit_userid; - 'DEFAULT/rabbit_virtual_host': value => $rabbit_virtual_host; - 'DEFAULT/control_exchange': value => $control_exchange; - #'DEFAULT/rabbit_use_ssl': value => $rabbit_use_ssl; - #'DEFAULT/kombu_reconnect_delay': value => $kombu_reconnect_delay; - #'DEFAULT/heartbeat_timeout_threshold': value => $rabbit_heartbeat_timeout_threshold; - #'DEFAULT/heartbeat_rate': value => $rabbit_heartbeat_rate; - #'DEFAULT/amqp_durable_queues': value => $amqp_durable_queues; - } - - if $rabbit_use_ssl { - congress_config { - 'DEFAULT/kombu_ssl_version' : value => $kombu_ssl_version; - 'DEFAULT/kombu_ssl_ca_certs' : value => $kombu_ssl_ca_certs; - 'DEFAULT/kombu_ssl_certfile' : value => $kombu_ssl_certfile; - 'DEFAULT/kombu_ssl_keyfile' : value => $kombu_ssl_keyfile; - } - } - - if $rabbit_hosts { - congress_config { 'DEFAULT/rabbit_hosts': value => join($rabbit_hosts, ',') } - congress_config { 'DEFAULT/rabbit_ha_queues': value => true } - congress_config { 'DEFAULT/rabbit_host': ensure => absent } - congress_config { 'DEFAULT/rabbit_port': ensure => absent } - } else { - congress_config { 'DEFAULT/rabbit_host': value => $rabbit_host } - congress_config { 'DEFAULT/rabbit_port': value => $rabbit_port } - congress_config { 'DEFAULT/rabbit_hosts': value => "${rabbit_host}:${rabbit_port}" } - congress_config { 'DEFAULT/rabbit_ha_queues': value => false } - } - - } - - package { 'congress': - ensure => $package_ensure, - name => $::congress::params::package_name, - tag => ['openstack', 'congress-package'], - } - if $client_package_ensure == 'present' { - include '::congress::client' - } else { - class { '::congress::client': - ensure => $client_package_ensure, - } - } - - group { 'congress': - ensure => present, - system => true, - require => Package['congress'], - } - - user { 'congress': - ensure => 'present', - gid => 'congress', - system => true, - require => Package['congress'], - } - - file { ['/etc/congress', '/var/log/congress', '/var/lib/congress']: - ensure => directory, - mode => '0750', - owner => 'congress', - group => 'congress', - require => Package['congress'], - notify => Service[$service_name], - } - - file { '/etc/congress/congress.conf': - ensure => present, - mode => '0600', - owner => 'congress', - group => 'congress', - require => Package['congress'], - notify => Service[$service_name], - } - - congress_config { - 'DEFAULT/bind_host': value => $bind_host; - 'DEFAULT/bind_port': value => $bind_port; - } - - if $manage_service { - if $enabled { - $service_ensure = 'running' - } else { - $service_ensure = 'stopped' - } - } - - class { '::congress::service': - ensure => $service_ensure, - service_name => $service_name, - enable => $enabled, - hasstatus => true, - hasrestart => true, - provider => $service_provider, - } -} diff --git a/components/congress/puppet/manifests/keystone/auth.pp b/components/congress/puppet/manifests/keystone/auth.pp deleted file mode 100644 index 13be1f0..0000000 --- a/components/congress/puppet/manifests/keystone/auth.pp +++ /dev/null @@ -1,93 +0,0 @@ -# == Class: congress::keystone::auth -# -# Configures congress user, service and endpoint in Keystone. -# -# === Parameters -# -# [*password*] -# (required) Password for congress user. -# -# [*auth_name*] -# Username for congress service. Defaults to 'congress'. -# -# [*email*] -# Email for congress user. Defaults to 'congress@localhost'. -# -# [*tenant*] -# Tenant for congress user. Defaults to 'services'. -# -# [*configure_endpoint*] -# Should congress endpoint be configured? Defaults to 'true'. -# -# [*configure_user*] -# (Optional) Should the service user be configured? -# Defaults to 'true'. -# -# [*configure_user_role*] -# (Optional) Should the admin role be configured for the service user? -# Defaults to 'true'. -# -# [*service_type*] -# Type of service. Defaults to 'NFV'. -# -# [*admin_url*] -# (optional) The endpoint's admin url. (Defaults to 'http://127.0.0.1:1789') -# This url should *not* contain any version or trailing '/'. -# -# [*internal_url*] -# (optional) The endpoint's internal url. (Defaults to 'http://127.0.0.1:1789') -# This url should *not* contain any version or trailing '/'. -# -# [*public_url*] -# (optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:1789') -# This url should *not* contain any version or trailing '/'. -# -# [*region*] -# Region for endpoint. Defaults to 'RegionOne'. -# -# [*service_name*] -# (optional) Name of the service. -# Defaults to the value of auth_name. -# -# -class congress::keystone::auth ( - $password, - $auth_name = 'congress', - $email = 'congress@localhost', - $tenant = 'services', - $configure_endpoint = true, - $configure_user = true, - $configure_user_role = true, - $service_name = undef, - $service_type = 'servicevm', - $admin_url = 'http://127.0.0.1:1789', - $internal_url = 'http://127.0.0.1:1789', - $public_url = 'http://127.0.0.1:1789', - $region = 'RegionOne' -) { - - $real_service_name = pick($service_name, $auth_name) - - if $configure_user_role { - Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'congress-server' |> - } - Keystone_endpoint["${region}/${real_service_name}"] ~> Service <| name == 'congress-server' |> - - keystone::resource::service_identity { 'congress': - configure_user => $configure_user, - configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_name => $real_service_name, - service_type => $service_type, - service_description => 'congress VNF Manager service', - region => $region, - auth_name => $auth_name, - password => $password, - email => $email, - tenant => $tenant, - admin_url => "${admin_url}/", - internal_url => "${internal_url}/", - public_url => "${public_url}/", - } - -} diff --git a/components/congress/puppet/manifests/logging.pp b/components/congress/puppet/manifests/logging.pp deleted file mode 100644 index 7bcdc00..0000000 --- a/components/congress/puppet/manifests/logging.pp +++ /dev/null @@ -1,251 +0,0 @@ -# Class congress::logging -# -# congress logging configuration -# -# == parameters -# -# [*verbose*] -# (Optional) Should the daemons log verbose messages -# Defaults to false. -# -# [*debug*] -# (Optional) Should the daemons log debug messages -# Defaults to false. -# -# [*use_syslog*] -# (Optional) Use syslog for logging. -# Defaults to false. -# -# [*use_stderr*] -# (optional) Use stderr for logging -# Defaults to true. -# -# [*log_facility*] -# (Optional) Syslog facility to receive log lines. -# Defaults to 'LOG_USER'. -# -# [*log_dir*] -# (optional) Directory where logs should be stored. -# If set to boolean false, it will not log to any directory. -# Defaults to '/var/log/congress'. -# -# [*logging_context_format_string*] -# (optional) Format string to use for log messages with context. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [%(request_id)s %(user_identity)s] %(instance)s%(message)s' -# -# [*logging_default_format_string*] -# (optional) Format string to use for log messages without context. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ -# [-] %(instance)s%(message)s' -# -# [*logging_debug_format_suffix*] -# (optional) Formatted data to append to log format when level is DEBUG. -# Defaults to undef. -# Example: '%(funcName)s %(pathname)s:%(lineno)d' -# -# [*logging_exception_prefix*] -# (optional) Prefix each line of exception output with this format. -# Defaults to undef. -# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' -# -# [*log_config_append*] -# The name of an additional logging configuration file. -# Defaults to undef. -# See https://docs.python.org/2/howto/logging.html -# -# [*default_log_levels*] -# (optional) Hash of logger (keys) and level (values) pairs. -# Defaults to undef. -# Example: -# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', -# 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', -# 'oslo.messaging' => 'INFO', 'iso8601' => 'WARN', -# 'requests.packages.urllib3.connectionpool' => 'WARN', -# 'urllib3.connectionpool' => 'WARN', -# 'websocket' => 'WARN', 'congressmiddleware' => 'WARN', -# 'routes.middleware' => 'WARN', stevedore => 'WARN' } -# -# [*publish_errors*] -# (optional) Publish error events (boolean value). -# Defaults to undef (false if unconfigured). -# -# [*fatal_deprecations*] -# (optional) Make deprecations fatal (boolean value) -# Defaults to undef (false if unconfigured). -# -# [*instance_format*] -# (optional) If an instance is passed with the log message, format it -# like this (string value). -# Defaults to undef. -# Example: '[instance: %(uuid)s] ' -# -# [*instance_uuid_format*] -# (optional) If an instance UUID is passed with the log message, format -# it like this (string value). -# Defaults to undef. -# Example: instance_uuid_format='[instance: %(uuid)s] ' -# -# [*log_date_format*] -# (optional) Format string for %%(asctime)s in log records. -# Defaults to undef. -# Example: 'Y-%m-%d %H:%M:%S' - -class congress::logging( - $use_syslog = false, - $use_stderr = true, - $log_facility = 'LOG_USER', - $log_dir = '/var/log/congress', - $verbose = false, - $debug = false, - $logging_context_format_string = undef, - $logging_default_format_string = undef, - $logging_debug_format_suffix = undef, - $logging_exception_prefix = undef, - $log_config_append = undef, - $default_log_levels = undef, - $publish_errors = undef, - $fatal_deprecations = undef, - $instance_format = undef, - $instance_uuid_format = undef, - $log_date_format = undef, -) { - - congress_config { - 'DEFAULT/use_syslog' : value => $use_syslog; - 'DEFAULT/use_stderr' : value => $use_stderr; - 'DEFAULT/log_dir' : value => $log_dir; - 'DEFAULT/verbose' : value => $verbose; - 'DEFAULT/debug' : value => $debug; - 'DEFAULT/syslog_log_facility' : value => $log_facility; - } - - if $logging_context_format_string { - congress_config { - 'DEFAULT/logging_context_format_string' : - value => $logging_context_format_string; - } - } - else { - congress_config { - 'DEFAULT/logging_context_format_string' : ensure => absent; - } - } - - if $logging_default_format_string { - congress_config { - 'DEFAULT/logging_default_format_string' : - value => $logging_default_format_string; - } - } - else { - congress_config { - 'DEFAULT/logging_default_format_string' : ensure => absent; - } - } - - if $logging_debug_format_suffix { - congress_config { - 'DEFAULT/logging_debug_format_suffix' : - value => $logging_debug_format_suffix; - } - } - else { - congress_config { - 'DEFAULT/logging_debug_format_suffix' : ensure => absent; - } - } - - if $logging_exception_prefix { - congress_config { - 'DEFAULT/logging_exception_prefix' : value => $logging_exception_prefix; - } - } - else { - congress_config { - 'DEFAULT/logging_exception_prefix' : ensure => absent; - } - } - - if $log_config_append { - congress_config { - 'DEFAULT/log_config_append' : value => $log_config_append; - } - } - else { - congress_config { - 'DEFAULT/log_config_append' : ensure => absent; - } - } - - if $default_log_levels { - congress_config { - 'DEFAULT/default_log_levels' : - value => join(sort(join_keys_to_values($default_log_levels, '=')), ','); - } - } - else { - congress_config { - 'DEFAULT/default_log_levels' : ensure => absent; - } - } - - if $publish_errors { - congress_config { - 'DEFAULT/publish_errors' : value => $publish_errors; - } - } - else { - congress_config { - 'DEFAULT/publish_errors' : ensure => absent; - } - } - - if $fatal_deprecations { - congress_config { - 'DEFAULT/fatal_deprecations' : value => $fatal_deprecations; - } - } - else { - congress_config { - 'DEFAULT/fatal_deprecations' : ensure => absent; - } - } - - if $instance_format { - congress_config { - 'DEFAULT/instance_format' : value => $instance_format; - } - } - else { - congress_config { - 'DEFAULT/instance_format' : ensure => absent; - } - } - - if $instance_uuid_format { - congress_config { - 'DEFAULT/instance_uuid_format' : value => $instance_uuid_format; - } - } - else { - congress_config { - 'DEFAULT/instance_uuid_format' : ensure => absent; - } - } - - if $log_date_format { - congress_config { - 'DEFAULT/log_date_format' : value => $log_date_format; - } - } - else { - congress_config { - 'DEFAULT/log_date_format' : ensure => absent; - } - } - - -} diff --git a/components/congress/puppet/manifests/params.pp b/components/congress/puppet/manifests/params.pp deleted file mode 100644 index f2ceed0..0000000 --- a/components/congress/puppet/manifests/params.pp +++ /dev/null @@ -1,31 +0,0 @@ -# -# This class contains the platform differences for congress -# -class congress::params { - $client_package_name = 'python-congressclient' - - case $::osfamily { - 'Debian': { - $package_name = 'congress' - $service_name = 'congress' - $python_memcache_package_name = 'python-memcache' - $sqlite_package_name = 'python-pysqlite2' - $paste_config = undef - case $::operatingsystem { - 'Debian': { - $service_provider = undef - } - default: { - $service_provider = 'upstart' - } - } - } - 'RedHat': { - $package_name = 'openstack-congress' - $service_name = 'openstack-congress' - $python_memcache_package_name = 'python-memcached' - $sqlite_package_name = undef - $service_provider = undef - } - } -} diff --git a/components/congress/puppet/manifests/policy.pp b/components/congress/puppet/manifests/policy.pp deleted file mode 100644 index cdca472..0000000 --- a/components/congress/puppet/manifests/policy.pp +++ /dev/null @@ -1,39 +0,0 @@ -# == Class: congress::policy -# -# Configure the congress policies -# -# === Parameters -# -# [*policies*] -# (optional) Set of policies to configure for congress -# Example : -# { -# 'congress-context_is_admin' => { -# 'key' => 'context_is_admin', -# 'value' => 'true' -# }, -# 'congress-default' => { -# 'key' => 'default', -# 'value' => 'rule:admin_or_owner' -# } -# } -# Defaults to empty hash. -# -# [*policy_path*] -# (optional) Path to the nova policy.json file -# Defaults to /etc/congress/policy.json -# -class congress::policy ( - $policies = {}, - $policy_path = '/etc/congress/policy.json', -) { - - validate_hash($policies) - - Openstacklib::Policy::Base { - file_path => $policy_path, - } - - create_resources('openstacklib::policy::base', $policies) - -} diff --git a/components/congress/puppet/manifests/service.pp b/components/congress/puppet/manifests/service.pp deleted file mode 100644 index f802e9a..0000000 --- a/components/congress/puppet/manifests/service.pp +++ /dev/null @@ -1,55 +0,0 @@ -# == Class congress::service -# -# Encapsulates the congress service to a class. -# This allows resources that require congress to -# require this class, which can optionally -# validate that the service can actually accept -# connections. -# -# === Parameters -# -# [*ensure*] -# (optional) The desired state of the congress service -# Defaults to undef -# -# [*service_name*] -# (optional) The name of the congress service -# Defaults to $::congress::params::service_name -# -# [*enable*] -# (optional) Whether to enable the congress service -# Defaults to true -# -# [*hasstatus*] -# (optional) Whether the congress service has status -# Defaults to true -# -# [*hasrestart*] -# (optional) Whether the congress service has restart -# Defaults to true -# -# [*provider*] -# (optional) Provider for congress service -# Defaults to $::congress::params::service_provider -# -class congress::service( - $ensure = undef, - $service_name = $::congress::params::service_name, - $enable = true, - $hasstatus = true, - $hasrestart = true, - $provider = $::congress::params::service_provider, -) { - include ::congress::params - - service { 'congress': - ensure => $ensure, - name => $service_name, - enable => $enable, - hasstatus => $hasstatus, - hasrestart => $hasrestart, - provider => $provider, - tag => 'congress-service', - } - -} diff --git a/components/congress/puppet/metadata.json b/components/congress/puppet/metadata.json deleted file mode 100644 index e94dd68..0000000 --- a/components/congress/puppet/metadata.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "name": "puppet-congress", - "version": "0.0.1", - "author": "OpenStack Contributors", - "summary": "Puppet module for OpenStack congress", - "license": "Apache-2.0", - "source": "git://github.com/openstack/puppet-congress.git", - "project_page": "https://launchpad.net/puppet-congress", - "issues_url": "https://bugs.launchpad.net/puppet-congress", - "description": "Installs and configures OpenStack congress.", - "operatingsystem_support": [ - { - "operatingsystem": "Debian", - "operatingsystemrelease": ["8"] - }, - { - "operatingsystem": "Fedora", - "operatingsystemrelease": ["21","22"] - }, - { - "operatingsystem": "RedHat", - "operatingsystemrelease": ["7"] - }, - { - "operatingsystem": "Ubuntu", - "operatingsystemrelease": ["14.04"] - } - ], - "dependencies": [ - { "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" }, - { "name": "puppetlabs/stdlib", "version_requirement": ">= 4.2.0 <5.0.0" }, - { "name": "stackforge/openstacklib", "version_requirement": ">=5.0.0 <6.0.0" } - ] -} diff --git a/components/congress/puppet/spec/classes/congress_db_mysql_spec.rb b/components/congress/puppet/spec/classes/congress_db_mysql_spec.rb deleted file mode 100644 index 6370bac..0000000 --- a/components/congress/puppet/spec/classes/congress_db_mysql_spec.rb +++ /dev/null @@ -1,62 +0,0 @@ -require 'spec_helper' - -describe 'congress::db::mysql' do - - let :pre_condition do - [ - 'include mysql::server', - 'include congress::db::sync' - ] - end - - let :facts do - { :osfamily => 'Debian' } - end - - let :params do - { - 'password' => 'fooboozoo_default_password', - } - end - - describe 'with only required params' do - it { is_expected.to contain_openstacklib__db__mysql('congress').with( - 'user' => 'congress', - 'password_hash' => '*3DDF34A86854A312A8E2C65B506E21C91800D206', - 'dbname' => 'congress', - 'host' => '127.0.0.1', - 'charset' => 'utf8', - :collate => 'utf8_general_ci', - )} - end - - describe "overriding allowed_hosts param to array" do - let :params do - { - :password => 'congresspass', - :allowed_hosts => ['127.0.0.1','%'] - } - end - - end - describe "overriding allowed_hosts param to string" do - let :params do - { - :password => 'congresspass2', - :allowed_hosts => '192.168.1.1' - } - end - - end - - describe "overriding allowed_hosts param equals to host param " do - let :params do - { - :password => 'congresspass2', - :allowed_hosts => '127.0.0.1' - } - end - - end - -end diff --git a/components/congress/puppet/spec/classes/congress_db_postgresql_spec.rb b/components/congress/puppet/spec/classes/congress_db_postgresql_spec.rb deleted file mode 100644 index 74abbdb..0000000 --- a/components/congress/puppet/spec/classes/congress_db_postgresql_spec.rb +++ /dev/null @@ -1,58 +0,0 @@ -require 'spec_helper' - -describe 'congress::db::postgresql' do - - let :req_params do - { :password => 'pw' } - end - - let :pre_condition do - 'include postgresql::server' - end - - context 'on a RedHat osfamily' do - let :facts do - { - :osfamily => 'RedHat', - :operatingsystemrelease => '7.0', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('congress').with( - :user => 'congress', - :password => 'md5c530c33636c58ae83ca933f39319273e' - )} - end - - end - - context 'on a Debian osfamily' do - let :facts do - { - :operatingsystemrelease => '7.8', - :operatingsystem => 'Debian', - :osfamily => 'Debian', - :concat_basedir => '/var/lib/puppet/concat' - } - end - - context 'with only required parameters' do - let :params do - req_params - end - - it { is_expected.to contain_postgresql__server__db('congress').with( - :user => 'congress', - :password => 'md5c530c33636c58ae83ca933f39319273e' - )} - end - - end - -end diff --git a/components/congress/puppet/spec/classes/congress_db_spec.rb b/components/congress/puppet/spec/classes/congress_db_spec.rb deleted file mode 100644 index 3b84993..0000000 --- a/components/congress/puppet/spec/classes/congress_db_spec.rb +++ /dev/null @@ -1,78 +0,0 @@ -require 'spec_helper' - -describe 'congress::db' do - - shared_examples 'congress::db' do - context 'with default parameters' do - it { is_expected.to contain_congress_config('database/connection').with_value('mysql://congress:secrete@localhost:3306/congress') } - it { is_expected.to contain_congress_config('database/idle_timeout').with_value('3600') } - it { is_expected.to contain_congress_config('database/min_pool_size').with_value('1') } - it { is_expected.to contain_congress_config('database/max_retries').with_value('10') } - it { is_expected.to contain_congress_config('database/retry_interval').with_value('10') } - it { is_expected.to contain_congress_config('database/max_pool_size').with_value('10') } - it { is_expected.to contain_congress_config('database/max_overflow').with_value('20') } - end - - context 'with specific parameters' do - let :params do - { :database_connection => 'mysql://congress:congress@localhost/congress', - :database_idle_timeout => '3601', - :database_min_pool_size => '2', - :database_max_retries => '11', - :database_retry_interval => '11', - :database_max_pool_size => '11', - :database_max_overflow => '21', - } - end - - it { is_expected.to contain_congress_config('database/connection').with_value('mysql://congress:congress@localhost/congress') } - it { is_expected.to contain_congress_config('database/idle_timeout').with_value('3601') } - it { is_expected.to contain_congress_config('database/min_pool_size').with_value('2') } - it { is_expected.to contain_congress_config('database/max_retries').with_value('11') } - it { is_expected.to contain_congress_config('database/retry_interval').with_value('11') } - it { is_expected.to contain_congress_config('database/max_pool_size').with_value('11') } - it { is_expected.to contain_congress_config('database/max_overflow').with_value('21') } - end - - context 'with postgresql backend' do - let :params do - { :database_connection => 'postgresql://congress:congress@localhost/congress', } - end - - it 'install the proper backend package' do - is_expected.to contain_package('python-psycopg2').with(:ensure => 'present') - end - - end - - context 'with incorrect database_connection string' do - let :params do - { :database_connection => 'sqlite://congress:congress@localhost/congress', } - end - - it_raises 'a Puppet::Error', /validate_re/ - end - end - - context 'on Debian platforms' do - let :facts do - { :osfamily => 'Debian', - :operatingsystem => 'Debian', - :operatingsystemrelease => 'jessie', - } - end - - it_configures 'congress::db' - end - - context 'on Redhat platforms' do - let :facts do - { :osfamily => 'RedHat', - :operatingsystemrelease => '7.1', - } - end - - it_configures 'congress::db' - end - -end diff --git a/components/congress/puppet/spec/classes/congress_keystone_auth_spec.rb b/components/congress/puppet/spec/classes/congress_keystone_auth_spec.rb deleted file mode 100644 index 3cb7e59..0000000 --- a/components/congress/puppet/spec/classes/congress_keystone_auth_spec.rb +++ /dev/null @@ -1,123 +0,0 @@ -# -# Unit tests for congress::keystone::auth -# - -require 'spec_helper' - -describe 'congress::keystone::auth' do - - let :facts do - { :osfamily => 'Debian' } - end - - describe 'with default class parameters' do - let :params do - { :password => 'congress_password', - :tenant => 'foobar' } - end - - it { is_expected.to contain_keystone_user('congress').with( - :ensure => 'present', - :password => 'congress_password', - ) } - - it { is_expected.to contain_keystone_user_role('congress@foobar').with( - :ensure => 'present', - :roles => ['admin'] - )} - - it { is_expected.to contain_keystone_service('congress').with( - :ensure => 'present', - :type => 'FIXME', - :description => 'congress FIXME Service' - ) } - - it { is_expected.to contain_keystone_endpoint('RegionOne/congress').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:FIXME', - :admin_url => 'http://127.0.0.1:FIXME', - :internal_url => 'http://127.0.0.1:FIXME', - ) } - end - - describe 'when overriding URL paramaters' do - let :params do - { :password => 'congress_password', - :public_url => 'https://10.10.10.10:80', - :internal_url => 'http://10.10.10.11:81', - :admin_url => 'http://10.10.10.12:81', } - end - - it { is_expected.to contain_keystone_endpoint('RegionOne/congress').with( - :ensure => 'present', - :public_url => 'https://10.10.10.10:80', - :internal_url => 'http://10.10.10.11:81', - :admin_url => 'http://10.10.10.12:81', - ) } - end - - describe 'when overriding auth name' do - let :params do - { :password => 'foo', - :auth_name => 'congressy' } - end - - it { is_expected.to contain_keystone_user('congressy') } - it { is_expected.to contain_keystone_user_role('congressy@services') } - it { is_expected.to contain_keystone_service('congressy') } - it { is_expected.to contain_keystone_endpoint('RegionOne/congressy') } - end - - describe 'when overriding service name' do - let :params do - { :service_name => 'congress_service', - :auth_name => 'congress', - :password => 'congress_password' } - end - - it { is_expected.to contain_keystone_user('congress') } - it { is_expected.to contain_keystone_user_role('congress@services') } - it { is_expected.to contain_keystone_service('congress_service') } - it { is_expected.to contain_keystone_endpoint('RegionOne/congress_service') } - end - - describe 'when disabling user configuration' do - - let :params do - { - :password => 'congress_password', - :configure_user => false - } - end - - it { is_expected.not_to contain_keystone_user('congress') } - it { is_expected.to contain_keystone_user_role('congress@services') } - it { is_expected.to contain_keystone_service('congress').with( - :ensure => 'present', - :type => 'FIXME', - :description => 'congress FIXME Service' - ) } - - end - - describe 'when disabling user and user role configuration' do - - let :params do - { - :password => 'congress_password', - :configure_user => false, - :configure_user_role => false - } - end - - it { is_expected.not_to contain_keystone_user('congress') } - it { is_expected.not_to contain_keystone_user_role('congress@services') } - it { is_expected.to contain_keystone_service('congress').with( - :ensure => 'present', - :type => 'FIXME', - :description => 'congress FIXME Service' - ) } - - end - -end diff --git a/components/congress/puppet/spec/classes/congress_logging_spec.rb b/components/congress/puppet/spec/classes/congress_logging_spec.rb deleted file mode 100644 index 0bfb994..0000000 --- a/components/congress/puppet/spec/classes/congress_logging_spec.rb +++ /dev/null @@ -1,144 +0,0 @@ -require 'spec_helper' - -describe 'congress::logging' do - - let :params do - { - } - end - - let :log_params do - { - :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', - :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', - :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', - :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', - :log_config_append => '/etc/congress/logging.conf', - :publish_errors => true, - :default_log_levels => { - 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', - 'qpid' => 'WARN', 'sqlalchemy' => 'WARN', 'suds' => 'INFO', - 'iso8601' => 'WARN', - 'requests.packages.urllib3.connectionpool' => 'WARN' }, - :fatal_deprecations => true, - :instance_format => '[instance: %(uuid)s] ', - :instance_uuid_format => '[instance: %(uuid)s] ', - :log_date_format => '%Y-%m-%d %H:%M:%S', - :use_syslog => true, - :use_stderr => false, - :log_facility => 'LOG_FOO', - :log_dir => '/var/log', - :verbose => true, - :debug => true, - } - end - - shared_examples_for 'congress-logging' do - - context 'with basic logging options and default settings' do - it_configures 'basic default logging settings' - end - - context 'with basic logging options and non-default settings' do - before { params.merge!( log_params ) } - it_configures 'basic non-default logging settings' - end - - context 'with extended logging options' do - before { params.merge!( log_params ) } - it_configures 'logging params set' - end - - context 'without extended logging options' do - it_configures 'logging params unset' - end - - end - - shared_examples 'basic default logging settings' do - it 'configures ceilometer logging settins with default values' do - is_expected.to contain_ceilometer_config('DEFAULT/use_syslog').with(:value => 'false') - is_expected.to contain_ceilometer_config('DEFAULT/use_stderr').with(:value => 'true') - is_expected.to contain_ceilometer_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_USER') - is_expected.to contain_ceilometer_config('DEFAULT/log_dir').with(:value => '/var/log/congress') - is_expected.to contain_ceilometer_config('DEFAULT/verbose').with(:value => 'false') - is_expected.to contain_ceilometer_config('DEFAULT/debug').with(:value => 'false') - end - end - - shared_examples 'basic non-default logging settings' do - it 'configures ceilometer logging settins with non-default values' do - is_expected.to contain_ceilometer_config('DEFAULT/use_syslog').with(:value => 'true') - is_expected.to contain_ceilometer_config('DEFAULT/use_stderr').with(:value => 'false') - is_expected.to contain_ceilometer_config('DEFAULT/syslog_log_facility').with(:value => 'LOG_FOO') - is_expected.to contain_ceilometer_config('DEFAULT/log_dir').with(:value => '/var/log') - is_expected.to contain_ceilometer_config('DEFAULT/verbose').with(:value => 'true') - is_expected.to contain_ceilometer_config('DEFAULT/debug').with(:value => 'true') - end - end - - shared_examples_for 'logging params set' do - it 'enables logging params' do - is_expected.to contain_congress_config('DEFAULT/logging_context_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s') - - is_expected.to contain_congress_config('DEFAULT/logging_default_format_string').with_value( - '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s') - - is_expected.to contain_congress_config('DEFAULT/logging_debug_format_suffix').with_value( - '%(funcName)s %(pathname)s:%(lineno)d') - - is_expected.to contain_congress_config('DEFAULT/logging_exception_prefix').with_value( - '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s') - - is_expected.to contain_congress_config('DEFAULT/log_config_append').with_value( - '/etc/congress/logging.conf') - is_expected.to contain_congress_config('DEFAULT/publish_errors').with_value( - true) - - is_expected.to contain_congress_config('DEFAULT/default_log_levels').with_value( - 'amqp=WARN,amqplib=WARN,boto=WARN,iso8601=WARN,qpid=WARN,requests.packages.urllib3.connectionpool=WARN,sqlalchemy=WARN,suds=INFO') - - is_expected.to contain_congress_config('DEFAULT/fatal_deprecations').with_value( - true) - - is_expected.to contain_congress_config('DEFAULT/instance_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_congress_config('DEFAULT/instance_uuid_format').with_value( - '[instance: %(uuid)s] ') - - is_expected.to contain_congress_config('DEFAULT/log_date_format').with_value( - '%Y-%m-%d %H:%M:%S') - end - end - - - shared_examples_for 'logging params unset' do - [ :logging_context_format_string, :logging_default_format_string, - :logging_debug_format_suffix, :logging_exception_prefix, - :log_config_append, :publish_errors, - :default_log_levels, :fatal_deprecations, - :instance_format, :instance_uuid_format, - :log_date_format, ].each { |param| - it { is_expected.to contain_congress_config("DEFAULT/#{param}").with_ensure('absent') } - } - end - - context 'on Debian platforms' do - let :facts do - { :osfamily => 'Debian' } - end - - it_configures 'congress-logging' - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - - it_configures 'congress-logging' - end - -end diff --git a/components/congress/puppet/spec/classes/congress_policy_spec.rb b/components/congress/puppet/spec/classes/congress_policy_spec.rb deleted file mode 100644 index d4e08ca..0000000 --- a/components/congress/puppet/spec/classes/congress_policy_spec.rb +++ /dev/null @@ -1,41 +0,0 @@ -require 'spec_helper' - -describe 'congress::policy' do - - shared_examples_for 'congress policies' do - let :params do - { - :policy_path => '/etc/congress/policy.json', - :policies => { - 'context_is_admin' => { - 'key' => 'context_is_admin', - 'value' => 'foo:bar' - } - } - } - end - - it 'set up the policies' do - is_expected.to contain_openstacklib__policy__base('context_is_admin').with({ - :key => 'context_is_admin', - :value => 'foo:bar' - }) - end - end - - context 'on Debian platforms' do - let :facts do - { :osfamily => 'Debian' } - end - - it_configures 'congress policies' - end - - context 'on RedHat platforms' do - let :facts do - { :osfamily => 'RedHat' } - end - - it_configures 'congress policies' - end -end diff --git a/components/congress/puppet/spec/shared_examples.rb b/components/congress/puppet/spec/shared_examples.rb deleted file mode 100644 index fec0eac..0000000 --- a/components/congress/puppet/spec/shared_examples.rb +++ /dev/null @@ -1,5 +0,0 @@ -shared_examples_for "a Puppet::Error" do |description| - it "with message matching #{description.inspect}" do - expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) - end -end diff --git a/components/congress/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb b/components/congress/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb deleted file mode 100644 index 0c4b9fa..0000000 --- a/components/congress/puppet/spec/unit/provider/congress_config/ini_setting_spec.rb +++ /dev/null @@ -1,68 +0,0 @@ -# -# these tests are a little concerning b/c they are hacking around the -# modulepath, so these tests will not catch issues that may eventually arise -# related to loading these plugins. -# I could not, for the life of me, figure out how to programatcally set the modulepath -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'inifile', - 'lib') -) -$LOAD_PATH.push( - File.join( - File.dirname(__FILE__), - '..', - '..', - '..', - 'fixtures', - 'modules', - 'openstacklib', - 'lib') -) -require 'spec_helper' -provider_class = Puppet::Type.type(:congress_config).provider(:ini_setting) -describe provider_class do - - it 'should default to the default setting when no other one is specified' do - resource = Puppet::Type::congress_config.new( - {:name => 'DEFAULT/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('DEFAULT') - expect(provider.setting).to eq('foo') - end - - it 'should allow setting to be set explicitly' do - resource = Puppet::Type::congress_config.new( - {:name => 'dude/foo', :value => 'bar'} - ) - provider = provider_class.new(resource) - expect(provider.section).to eq('dude') - expect(provider.setting).to eq('foo') - end - - it 'should ensure absent when is specified as a value' do - resource = Puppet::Type::congress_config.new( - {:name => 'dude/foo', :value => ''} - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - - it 'should ensure absent when value matches ensure_absent_val' do - resource = Puppet::Type::congress_config.new( - {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } - ) - provider = provider_class.new(resource) - provider.exists? - expect(resource[:ensure]).to eq :absent - end - -end diff --git a/components/congress/puppet/spec/unit/type/congress_config_spec.rb b/components/congress/puppet/spec/unit/type/congress_config_spec.rb deleted file mode 100644 index 22a70a1..0000000 --- a/components/congress/puppet/spec/unit/type/congress_config_spec.rb +++ /dev/null @@ -1,64 +0,0 @@ -require 'puppet' -require 'puppet/type/congress_config' -describe 'Puppet::Type.type(:congress_config)' do - before :each do - @congress_config = Puppet::Type.type(:congress_config).new(:name => 'DEFAULT/foo', :value => 'bar') - end - - it 'should require a name' do - expect { - Puppet::Type.type(:congress_config).new({}) - }.to raise_error(Puppet::Error, 'Title or name must be provided') - end - - it 'should not expect a name with whitespace' do - expect { - Puppet::Type.type(:congress_config).new(:name => 'f oo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should fail when there is no section' do - expect { - Puppet::Type.type(:congress_config).new(:name => 'foo') - }.to raise_error(Puppet::Error, /Parameter name failed/) - end - - it 'should not require a value when ensure is absent' do - Puppet::Type.type(:congress_config).new(:name => 'DEFAULT/foo', :ensure => :absent) - end - - it 'should accept a valid value' do - @congress_config[:value] = 'bar' - expect(@congress_config[:value]).to eq('bar') - end - - it 'should not accept a value with whitespace' do - @congress_config[:value] = 'b ar' - expect(@congress_config[:value]).to eq('b ar') - end - - it 'should accept valid ensure values' do - @congress_config[:ensure] = :present - expect(@congress_config[:ensure]).to eq(:present) - @congress_config[:ensure] = :absent - expect(@congress_config[:ensure]).to eq(:absent) - end - - it 'should not accept invalid ensure values' do - expect { - @congress_config[:ensure] = :latest - }.to raise_error(Puppet::Error, /Invalid value/) - end - - it 'should autorequire the package that install the file' do - catalog = Puppet::Resource::Catalog.new - package = Puppet::Type.type(:package).new(:name => 'congress-common') - catalog.add_resource package, @congress_config - dependency = @congress_config.autorequire - expect(dependency.size).to eq(1) - expect(dependency[0].target).to eq(@congress_config) - expect(dependency[0].source).to eq(package) - end - - -end diff --git a/components/congress/puppet/tests/init.pp b/components/congress/puppet/tests/init.pp deleted file mode 100644 index 922b1cb..0000000 --- a/components/congress/puppet/tests/init.pp +++ /dev/null @@ -1,12 +0,0 @@ -# The baseline for module testing used by Puppet Labs is that each manifest -# should have a corresponding test manifest that declares that class or defined -# type. -# -# Tests are then run by using puppet apply --noop (to check for compilation -# errors and view a log of events) or by fully applying the test in a virtual -# environment (to compare the resulting system state to the desired state). -# -# Learn more about module testing here: -# http://docs.puppetlabs.com/guides/tests_smoke.html -# -include ::congress -- cgit 1.2.3-korg