opendev/system-config
Code Issues Proposed changes

Add limestone credentials to nodepool's cloud.yaml

Browse Source 
This makes the credentials available so nodepool launcher and builder
can use them.
The limestone credentials have been added to hiera for the nodepool
group.

Change-Id: Idb56db19110e6b30f6231869ff278b90caf99f4b
This commit is contained in:
David Moreau Simard 2018-03-22 17:57:49 -04:00
parent 77e38475fb
commit ead85b623f
No known key found for this signature in database
GPG Key ID: 33A07694CBB71ECC
2 changed files with 108 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

145
manifests/site.pp
View File

@ -913,35 +913,38 @@ node 'nodepool.openstack.org' {
$group = 'nodepool' $group = 'nodepool'
# TODO(pabelanger): Move all of this back into nodepool manifest, it has # TODO(pabelanger): Move all of this back into nodepool manifest, it has
# grown too big. # grown too big.
$rackspace_username = hiera('nodepool_rackspace_username', 'username') $rackspace_username = hiera('nodepool_rackspace_username', 'username')
$rackspace_password = hiera('nodepool_rackspace_password') $rackspace_password = hiera('nodepool_rackspace_password')
$rackspace_project = hiera('nodepool_rackspace_project', 'project') $rackspace_project = hiera('nodepool_rackspace_project', 'project')
$hpcloud_username = hiera('nodepool_hpcloud_username', 'username') $hpcloud_username = hiera('nodepool_hpcloud_username', 'username')
$hpcloud_password = hiera('nodepool_hpcloud_password') $hpcloud_password = hiera('nodepool_hpcloud_password')
$hpcloud_project = hiera('nodepool_hpcloud_project', 'project') $hpcloud_project = hiera('nodepool_hpcloud_project', 'project')
$internap_username = hiera('nodepool_internap_username', 'username') $internap_username = hiera('nodepool_internap_username', 'username')
$internap_password = hiera('nodepool_internap_password') $internap_password = hiera('nodepool_internap_password')
$internap_project = hiera('nodepool_internap_project', 'project') $internap_project = hiera('nodepool_internap_project', 'project')
$ovh_username = hiera('nodepool_ovh_username', 'username') $ovh_username = hiera('nodepool_ovh_username', 'username')
$ovh_password = hiera('nodepool_ovh_password') $ovh_password = hiera('nodepool_ovh_password')
$ovh_project = hiera('nodepool_ovh_project', 'project') $ovh_project = hiera('nodepool_ovh_project', 'project')
$tripleo_username = hiera('nodepool_tripleo_username', 'username') $tripleo_username = hiera('nodepool_tripleo_username', 'username')
$tripleo_password = hiera('nodepool_tripleo_password') $tripleo_password = hiera('nodepool_tripleo_password')
$tripleo_project = hiera('nodepool_tripleo_project', 'project') $tripleo_project = hiera('nodepool_tripleo_project', 'project')
$infracloud_vanilla_username = hiera('nodepool_infracloud_vanilla_username', 'username') $infracloud_vanilla_username = hiera('nodepool_infracloud_vanilla_username', 'username')
$infracloud_vanilla_password = hiera('nodepool_infracloud_vanilla_password') $infracloud_vanilla_password = hiera('nodepool_infracloud_vanilla_password')
$infracloud_vanilla_project = hiera('nodepool_infracloud_vanilla_project', 'project') $infracloud_vanilla_project = hiera('nodepool_infracloud_vanilla_project', 'project')
$infracloud_chocolate_username = hiera('nodepool_infracloud_chocolate_username', 'username') $infracloud_chocolate_username = hiera('nodepool_infracloud_chocolate_username', 'username')
$infracloud_chocolate_password = hiera('nodepool_infracloud_chocolate_password') $infracloud_chocolate_password = hiera('nodepool_infracloud_chocolate_password')
$infracloud_chocolate_project = hiera('nodepool_infracloud_chocolate_project', 'project') $infracloud_chocolate_project = hiera('nodepool_infracloud_chocolate_project', 'project')
$vexxhost_username = hiera('nodepool_vexxhost_username', 'username') $vexxhost_username = hiera('nodepool_vexxhost_username', 'username')
$vexxhost_password = hiera('nodepool_vexxhost_password') $vexxhost_password = hiera('nodepool_vexxhost_password')
$vexxhost_project = hiera('nodepool_vexxhost_project', 'project') $vexxhost_project = hiera('nodepool_vexxhost_project', 'project')
$citycloud_username = hiera('nodepool_citycloud_username', 'username') $citycloud_username = hiera('nodepool_citycloud_username', 'username')
$citycloud_password = hiera('nodepool_citycloud_password') $citycloud_password = hiera('nodepool_citycloud_password')
$linaro_username = hiera('nodepool_linaro_username', 'username') $linaro_username = hiera('nodepool_linaro_username', 'username')
$linaro_password = hiera('nodepool_linaro_password') $linaro_password = hiera('nodepool_linaro_password')
$linaro_project = hiera('nodepool_linaro_project', 'project') $linaro_project = hiera('nodepool_linaro_project', 'project')
$limestone_username = hiera('nodepool_limestone_username', 'username')
$limestone_password = hiera('nodepool_limestone_password')
$limestone_project = hiera('nodepool_limestone_project', 'project')
$clouds_yaml = template("openstack_project/nodepool/clouds.yaml.erb") $clouds_yaml = template("openstack_project/nodepool/clouds.yaml.erb")
@ -1005,6 +1008,14 @@ node 'nodepool.openstack.org' {
content => hiera('infracloud_chocolate_ssl_cert_file_contents'), content => hiera('infracloud_chocolate_ssl_cert_file_contents'),
require => Class['::openstackci::nodepool'], require => Class['::openstackci::nodepool'],
} }
file { '/etc/openstack/limestone_cacert.pem':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
content => hiera('limestone_ssl_cert_file_contents'),
require => Class['::openstackci::nodepool'],
}
cron { 'mirror_gitgc': cron { 'mirror_gitgc':
user => 'nodepool', user => 'nodepool',
@ -1048,9 +1059,12 @@ node /^nl\d+\.openstack\.org$/ {
$vexxhost_project = hiera('nodepool_vexxhost_project', 'project') $vexxhost_project = hiera('nodepool_vexxhost_project', 'project')
$citycloud_username = hiera('nodepool_citycloud_username', 'username') $citycloud_username = hiera('nodepool_citycloud_username', 'username')
$citycloud_password = hiera('nodepool_citycloud_password') $citycloud_password = hiera('nodepool_citycloud_password')
$linaro_username = hiera('nodepool_linaro_username', 'username') $linaro_username = hiera('nodepool_linaro_username', 'username')
$linaro_password = hiera('nodepool_linaro_password') $linaro_password = hiera('nodepool_linaro_password')
$linaro_project = hiera('nodepool_linaro_project', 'project') $linaro_project = hiera('nodepool_linaro_project', 'project')
$limestone_username = hiera('nodepool_limestone_username', 'username')
$limestone_password = hiera('nodepool_limestone_password')
$limestone_project = hiera('nodepool_limestone_project', 'project')
$clouds_yaml = template("openstack_project/nodepool/clouds.yaml.erb") $clouds_yaml = template("openstack_project/nodepool/clouds.yaml.erb")
class { 'openstack_project::server': class { 'openstack_project::server':
@ -1086,6 +1100,14 @@ node /^nl\d+\.openstack\.org$/ {
content => hiera('infracloud_chocolate_ssl_cert_file_contents'), content => hiera('infracloud_chocolate_ssl_cert_file_contents'),
require => Class['::openstackci::nodepool_launcher'], require => Class['::openstackci::nodepool_launcher'],
} }
file { '/etc/openstack/limestone_cacert.pem':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
content => hiera('limestone_ssl_cert_file_contents'),
require => Class['::openstackci::nodepool_launcher'],
}
} }
# Node-OS: xenial # Node-OS: xenial
@ -1093,36 +1115,39 @@ node /^nb\d+\.openstack\.org$/ {
$group = 'nodepool' $group = 'nodepool'
# TODO(pabelanger): Move all of this back into nodepool manifest, it has # TODO(pabelanger): Move all of this back into nodepool manifest, it has
# grown too big. # grown too big.
$rackspace_username = hiera('nodepool_rackspace_username', 'username') $rackspace_username = hiera('nodepool_rackspace_username', 'username')
$rackspace_password = hiera('nodepool_rackspace_password') $rackspace_password = hiera('nodepool_rackspace_password')
$rackspace_project = hiera('nodepool_rackspace_project', 'project') $rackspace_project = hiera('nodepool_rackspace_project', 'project')
$hpcloud_username = hiera('nodepool_hpcloud_username', 'username') $hpcloud_username = hiera('nodepool_hpcloud_username', 'username')
$hpcloud_password = hiera('nodepool_hpcloud_password') $hpcloud_password = hiera('nodepool_hpcloud_password')
$hpcloud_project = hiera('nodepool_hpcloud_project', 'project') $hpcloud_project = hiera('nodepool_hpcloud_project', 'project')
$internap_username = hiera('nodepool_internap_username', 'username') $internap_username = hiera('nodepool_internap_username', 'username')
$internap_password = hiera('nodepool_internap_password') $internap_password = hiera('nodepool_internap_password')
$internap_project = hiera('nodepool_internap_project', 'project') $internap_project = hiera('nodepool_internap_project', 'project')
$ovh_username = hiera('nodepool_ovh_username', 'username') $ovh_username = hiera('nodepool_ovh_username', 'username')
$ovh_password = hiera('nodepool_ovh_password') $ovh_password = hiera('nodepool_ovh_password')
$ovh_project = hiera('nodepool_ovh_project', 'project') $ovh_project = hiera('nodepool_ovh_project', 'project')
$tripleo_username = hiera('nodepool_tripleo_username', 'username') $tripleo_username = hiera('nodepool_tripleo_username', 'username')
$tripleo_password = hiera('nodepool_tripleo_password') $tripleo_password = hiera('nodepool_tripleo_password')
$tripleo_project = hiera('nodepool_tripleo_project', 'project') $tripleo_project = hiera('nodepool_tripleo_project', 'project')
$infracloud_vanilla_username = hiera('nodepool_infracloud_vanilla_username', 'username') $infracloud_vanilla_username = hiera('nodepool_infracloud_vanilla_username', 'username')
$infracloud_vanilla_password = hiera('nodepool_infracloud_vanilla_password') $infracloud_vanilla_password = hiera('nodepool_infracloud_vanilla_password')
$infracloud_vanilla_project = hiera('nodepool_infracloud_vanilla_project', 'project') $infracloud_vanilla_project = hiera('nodepool_infracloud_vanilla_project', 'project')
$infracloud_chocolate_username = hiera('nodepool_infracloud_chocolate_username', 'username') $infracloud_chocolate_username = hiera('nodepool_infracloud_chocolate_username', 'username')
$infracloud_chocolate_password = hiera('nodepool_infracloud_chocolate_password') $infracloud_chocolate_password = hiera('nodepool_infracloud_chocolate_password')
$infracloud_chocolate_project = hiera('nodepool_infracloud_chocolate_project', 'project') $infracloud_chocolate_project = hiera('nodepool_infracloud_chocolate_project', 'project')
$vexxhost_username = hiera('nodepool_vexxhost_username', 'username') $vexxhost_username = hiera('nodepool_vexxhost_username', 'username')
$vexxhost_password = hiera('nodepool_vexxhost_password') $vexxhost_password = hiera('nodepool_vexxhost_password')
$vexxhost_project = hiera('nodepool_vexxhost_project', 'project') $vexxhost_project = hiera('nodepool_vexxhost_project', 'project')
$citycloud_username = hiera('nodepool_citycloud_username', 'username') $citycloud_username = hiera('nodepool_citycloud_username', 'username')
$citycloud_password = hiera('nodepool_citycloud_password') $citycloud_password = hiera('nodepool_citycloud_password')
$linaro_username = hiera('nodepool_linaro_username', 'username') $linaro_username = hiera('nodepool_linaro_username', 'username')
$linaro_password = hiera('nodepool_linaro_password') $linaro_password = hiera('nodepool_linaro_password')
$linaro_project = hiera('nodepool_linaro_project', 'project') $linaro_project = hiera('nodepool_linaro_project', 'project')
$clouds_yaml = template("openstack_project/nodepool/clouds.yaml.erb") $limestone_username = hiera('nodepool_limestone_username', 'username')
$limestone_password = hiera('nodepool_limestone_password')
$limestone_project = hiera('nodepool_limestone_project', 'project')
$clouds_yaml = template("openstack_project/nodepool/clouds.yaml.erb")
class { 'openstack_project::server': class { 'openstack_project::server':
sysadmins => hiera('sysadmins', []), sysadmins => hiera('sysadmins', []),
@ -1162,6 +1187,14 @@ node /^nb\d+\.openstack\.org$/ {
content => hiera('infracloud_chocolate_ssl_cert_file_contents'), content => hiera('infracloud_chocolate_ssl_cert_file_contents'),
require => Class['::openstackci::nodepool_builder'], require => Class['::openstackci::nodepool_builder'],
} }
file { '/etc/openstack/limestone_cacert.pem':
ensure => present,
owner => 'root',
group => 'root',
mode => '0444',
content => hiera('limestone_ssl_cert_file_contents'),
require => Class['::openstackci::nodepool_builder'],
}
cron { 'mirror_gitgc': cron { 'mirror_gitgc':
user => 'nodepool', user => 'nodepool',

19
modules/openstack_project/templates/nodepool/clouds.yaml.erb
View File

@ -88,3 +88,22 @@ clouds:
project_name: <%= @linaro_project %> project_name: <%= @linaro_project %>
project_domain_name: default project_domain_name: default
user_domain_name: default user_domain_name: default
limestone:
regions:
- name: RegionOne
values:
networks:
- name: "Gateway Network"
routes_externally: false
routes_ipv6_externally: true
nat_destination: true
auth:
auth_url: https://osa.continuous.pw:5000
username: <%= @limestone_username %>
password: <%= @limestone_password %>
project_name: <%= @limestone_project %>
user_domain_name: default
project_domain_name: default
api_timeout: 60
identity_api_version: 3
cacert: /etc/openstack/limestone_cacert.pem