Merge "Remove sysinv bootstrap"

2024-04-15 18:32:33 +00:00 · 2024-04-15 18:32:33 +00:00 · 65ca94a953
commit 65ca94a953
parent 88f8f06d39 46db458e62
3 changed files with 2 additions and 81 deletions
--- a/puppet-manifests/src/manifests/ansible_bootstrap.pp
+++ b/puppet-manifests/src/manifests/ansible_bootstrap.pp
@ -18,8 +18,6 @@ include ::platform::amqp::bootstrap
 include ::openstack::keystone::bootstrap
 include ::platform::client::bootstrap

-include ::platform::sysinv::bootstrap
-
 # Puppet classes to enable the bring up of kubernetes master
 include ::platform::docker::bootstrap
 include ::platform::etcd::bootstrap
--- a/puppet-manifests/src/modules/openstack/manifests/keystone.pp
+++ b/puppet-manifests/src/modules/openstack/manifests/keystone.pp
@ -191,24 +191,6 @@ define openstack::keystone::delete_endpoints (
  }
 }

-define openstack::keystone::user::option (
-  $admin_username,
-  $admin_password,
-  $auth_url,
-  $username,
-  $option,
-  String $option_value,
-) {
-  exec { "Set user ${username} option ${option} to ${option_value}":
-    command   => @("EOC"/L),
-      /usr/local/bin/set_keystone_user_option.sh \
-      ${admin_username} '${admin_password}' ${auth_url} ${username} ${option} ${option_value}
-      | EOC
-    logoutput => true,
-    provider  => shell,
-  }
-}
-
 class openstack::keystone::api
  inherits ::openstack::keystone::params {

@ -302,8 +284,7 @@ class openstack::keystone::bootstrap(
            include ::keystone::roles::admin
            # disabling the admin token per openstack recommendation
            include ::keystone::disable_admin_token_auth
-            $dc_required_classes = [ Class['::keystone::roles::admin'],
-                    Class['::platform::sysinv::bootstrap'] ]
+            $dc_required_classes = [ Class['::keystone::roles::admin'] ]
        }

        default: {
@ -322,8 +303,7 @@ class openstack::keystone::bootstrap(
            class { '::keystone::bootstrap':
              password => lookup('keystone::roles::admin::password'),
            }
-            $dc_required_classes = [ Class['::keystone::bootstrap'],
-                    Class['::platform::sysinv::bootstrap'] ]
+            $dc_required_classes = [ Class['::keystone::bootstrap'] ]
        }
    }

@ -331,18 +311,6 @@ class openstack::keystone::bootstrap(
    keystone_role { '_member_':
      ensure => present,
    }
-
-    # set admin ignore_lockout_failure_attempts option to true to exempt
-    # admin user from auth fail lockout.
-    Keystone::Resource::Service_identity <||>
-    -> openstack::keystone::user::option { 'Set user option':
-      admin_username => $::platform::client::params::admin_username,
-      admin_password => $::platform::client::params::admin_password,
-      auth_url       => $::platform::client::params::identity_auth_url,
-      username       => $::platform::client::params::admin_username,
-      option         => 'ignore_lockout_failure_attempts',
-      option_value   => bool2str(true),
-    }
  }
 }

--- a/puppet-manifests/src/modules/platform/manifests/sysinv.pp
+++ b/puppet-manifests/src/modules/platform/manifests/sysinv.pp
@ -144,48 +144,3 @@ class platform::sysinv::api
  }
  include ::platform::sysinv::haproxy
 }
-
-
-class platform::sysinv::bootstrap (
-  $dc_sysinv_user_id = undef,
-) {
-  include ::sysinv::db::postgresql
-  include ::sysinv::keystone::auth
-  include ::platform::client::params
-
-  if $dc_sysinv_user_id {
-    exec { 'update keystone sysinv assignment actor_id to match system controller':
-      command => "psql -d keystone -c \"update public.assignment set actor_id='${dc_sysinv_user_id}' from public.local_user where\
-                  public.assignment.actor_id=public.local_user.user_id and public.local_user.name='sysinv'\"",
-      user    => 'postgres',
-      require => Class['::sysinv::keystone::auth'],
-    }
-    -> exec { 'update keystone sysinv user id to match system controller':
-      command => "psql -d keystone -c \"update public.user set id='${dc_sysinv_user_id}' from public.local_user where\
-                  public.user.id=public.local_user.user_id and public.local_user.name='sysinv'\"",
-      user    => 'postgres',
-    }
-  }
-
-  include ::platform::sysinv
-
-  class { '::sysinv::api':
-    enabled => true
-  }
-
-  class { '::sysinv::conductor':
-    enabled => true
-  }
-
-  # set sysinv ignore_lockout_failure_attempts option to true to
-  # exempt it from auth fail lockout.
-  Class['::sysinv::keystone::auth']
-  -> openstack::keystone::user::option { 'Set sysinv user option':
-    admin_username => $::platform::client::params::admin_username,
-    admin_password => $::platform::client::params::admin_password,
-    auth_url       => $::platform::client::params::identity_auth_url,
-    username       => $::sysinv::keystone::auth::auth_name,
-    option         => 'ignore_lockout_failure_attempts',
-    option_value   => bool2str(true),
-  }
-}