x/solar
Code Issues Proposed changes

Merge pull request #32 from Mirantis/glance-puppet

Browse Source 
Glance puppet
This commit is contained in:
Bogdan Dobrelya 2015-08-03 16:36:56 +02:00
commit 44196230db
22 changed files with 1020 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
example-puppet.py
View File

@ -353,6 +353,72 @@ def deploy():
# signals.connect(keystone_puppet, nova_keystone_service_endpoint, {'ip': 'keystone_host', 'admin_port': 'keystone_port', 'admin_token': 'admin_token'})
# signals.connect(rabbitmq_service1, nova_network_puppet, {'ip': 'rabbitmq_host', 'port': 'rabbitmq_port'})
# GLANCE (base and API)
glance_api_puppet = vr.create('glance_api_puppet', 'resources/glance_puppet', {})[0]
glance_db_user = vr.create('glance_db_user', 'resources/mariadb_user/', {
'user_name': 'glance', 'user_password': 'glance', 'login_user': 'root'})[0]
glance_db = vr.create('glance_db', 'resources/mariadb_db/', {
'db_name': 'glance', 'login_user': 'root'})[0]
glance_keystone_user = vr.create('glance_keystone_user', 'resources/keystone_user', {
'user_name': 'glance', 'user_password': 'glance123'})[0]
glance_keystone_role = vr.create('glance_keystone_role', 'resources/keystone_role', {
'role_name': 'admin'})[0]
glance_keystone_service_endpoint = vr.create(
'glance_keystone_service_endpoint',
'resources/keystone_service_endpoint', {
'endpoint_name': 'glance',
'adminurl': 'http://{{admin_ip}}:{{admin_port}}',
'internalurl': 'http://{{internal_ip}}:{{internal_port}}',
'publicurl': 'http://{{public_ip}}:{{public_port}}',
'description': 'OpenStack Image Service', 'type': 'volume'})[0]
signals.connect(node1, glance_api_puppet)
signals.connect(node1, glance_db)
signals.connect(node1, glance_db_user)
signals.connect(admin_user, glance_api_puppet, {
'user_name': 'keystone_user', 'user_password': 'keystone_password',
'tenant_name': 'keystone_tenant'}) #?
signals.connect(mariadb_service1, glance_db, {
'port': 'login_port',
'root_password': 'login_password',
'root_user': 'login_user',
'ip' : 'db_host'})
signals.connect(mariadb_service1, glance_db_user, {'port': 'login_port', 'root_password': 'login_password'})
signals.connect(glance_db, glance_db_user, {'db_name', 'db_host'})
signals.connect(glance_db_user, glance_api_puppet, {
'user_name':'db_user',
'db_name':'db_name',
'user_password':'db_password',
'db_host' : 'db_host'})
signals.connect(keystone_puppet, glance_api_puppet, {'ip': 'keystone_host', 'admin_port': 'keystone_port'}) #or non admin port?
signals.connect(services_tenant, glance_keystone_user)
signals.connect(glance_keystone_user, glance_keystone_role)
signals.connect(glance_keystone_user, glance_api_puppet, {
'user_name': 'keystone_user', 'tenant_name': 'keystone_tenant',
'user_password': 'keystone_password'})
signals.connect(mariadb_service1, glance_api_puppet, {'ip':'ip'})
signals.connect(glance_api_puppet, glance_keystone_service_endpoint, {
'ssh_key': 'ssh_key', 'ssh_user': 'ssh_user',
'ip': ['ip', 'keystone_host', 'admin_ip', 'internal_ip', 'public_ip'],
'bind_port': ['admin_port', 'internal_port', 'public_port'],})
signals.connect(keystone_puppet, glance_keystone_service_endpoint, {
'admin_port': 'keystone_admin_port', 'admin_token': 'admin_token'})
# GLANCE REGISTRY
glance_registry_puppet = vr.create('glance_registry_puppet', 'resources/glance_registry_puppet', {})[0]
signals.connect(node1, glance_registry_puppet)
signals.connect(glance_api_puppet, glance_registry_puppet)
# API and registry should not listen same ports
# should not use the same log destination and a pipeline,
# so disconnect them and restore the defaults
signals.disconnect_receiver_by_input(glance_registry_puppet, 'bind_port')
signals.disconnect_receiver_by_input(glance_registry_puppet, 'log_file')
signals.disconnect_receiver_by_input(glance_registry_puppet, 'pipeline')
glance_registry_puppet.update({
'bind_port': 9191,
'log_file': '/var/log/glance/registry.log',
'pipeline': 'keystone',
})
has_errors = False
for r in locals().values():
@ -409,6 +475,16 @@ def deploy():
actions.resource_action(nova_api, 'run')
actions.resource_action(nova_keystone_service_endpoint, 'run')
actions.resource_action(glance_db, 'run')
actions.resource_action(glance_db_user, 'run')
actions.resource_action(glance_keystone_user, 'run')
actions.resource_action(glance_keystone_role, 'run')
actions.resource_action(glance_keystone_service_endpoint, 'run')
actions.resource_action(glance_api_puppet, 'run')
actions.resource_action(glance_registry_puppet, 'run')
#actions.resource_action(glance, 'run')
time.sleep(10)
@ -417,6 +493,13 @@ def undeploy():
db = get_db()
to_remove = [
'glance_registry_puppet',
'glance_api_puppet',
'glance_keystone_service_endpoint',
'glance_keystone_role',
'glance_keystone_user',
'glance_db_user',
'glance_db',
'nova_db',
'nova_db_user',
'nova_keystone_service_endpoint',

2
resources/cinder_api_puppet/test.py
View File

@ -6,5 +6,5 @@ from solar.core.log import log
def test(resource):
log.debug('Testing cinder_api_puppet')
requests.get(
'http://%s:%s' % (resource.args['ip'].value, resource.args['port'].value)
'http://%s:%s' % (resource.args['ip'].value, resource.args['service_port'].value)
)

26
resources/glance_api_service/test.py
View File

@ -1,27 +1,21 @@
import json
import requests
from solar.core.log import log
from solar.core import validation
def test(resource):
log.debug('Testing glance_service')
token_data = requests.post(
'http://%s:%s/v2.0/tokens' % (resource.args['ip'].value, resource.args['keystone_port'].value),
json.dumps({
'auth': {
'tenantName': 'services',
'passwordCredentials': {
'username': 'glance_admin',
'password': resource.args['keystone_password'].value,
}
}
}),
headers={'Content-Type': 'application/json'}
)
token = token_data.json()['access']['token']['id']
log.debug('GLANCE TOKEN: %s', token)
args = resource.args
token = validation.validate_token(
keystone_host=args['keystone_host'].value,
keystone_port=args['keystone_port'].value,
user='glance_admin',
tenant='services',
password=args['keystone_password'].value,
)
images = requests.get(
'http://%s:%s/v1/images' % (resource.args['ip'].value, 9393),

194
resources/glance_puppet/README.md Normal file
View File

@ -0,0 +1,194 @@
# Glance (API) resource for puppet handler
Controlls a live cycle of the glance entities,
like the main puppet class, auth, DB, AMQP, packages,
keystone user, role and endpoint, API service. Also configures
glance file backend.
# Parameters
source https://github.com/openstack/puppet-glance/tree/5.1.0/manifests/init.pp
``package_ensure``
Ensure state for package.
(Optional) Defaults to 'present'.
``filesystem_store_datadir``
Location where dist images are stored.
(Optional) Defaults to /var/lib/glance/images/.
source https://github.com/openstack/puppet-glance/blob/5.1.0/manifests/api.pp
``keystone_password``
(required) Password used to authentication.
``verbose``
(optional) Rather to log the glance api service at verbose level.
Default: false
``debug``
(optional) Rather to log the glance api service at debug level.
Default: false
``bind_host``
(optional) The address of the host to bind to.
Default: 0.0.0.0
``bind_port``
(optional) The port the server should bind to.
Default: 9292
``backlog``
(optional) Backlog requests when creating socket
Default: 4096
``workers``
(optional) Number of Glance API worker processes to start
Default: $::processorcount
``log_file``
(optional) The path of file used for logging
If set to boolean false, it will not log to any file.
Default: /var/log/glance/api.log
``log_dir``
(optional) directory to which glance logs are sent.
If set to boolean false, it will not log to any directory.
Defaults to '/var/log/glance'
``registry_host``
(optional) The address used to connect to the registry service.
Default: 0.0.0.0
``registry_port``
(optional) The port of the Glance registry service.
Default: 9191
``registry_client_protocol``
(optional) The protocol of the Glance registry service.
Default: http
``auth_type``
(optional) Type is authorization being used.
Defaults to 'keystone'
`` auth_host``
(optional) Host running auth service.
Defaults to '127.0.0.1'.
``auth_url``
(optional) Authentication URL.
Defaults to 'http://localhost:5000/v2.0'.
`` auth_port``
(optional) Port to use for auth service on auth_host.
Defaults to '35357'.
`` auth_uri``
(optional) Complete public Identity API endpoint.
Defaults to false.
``auth_admin_prefix``
(optional) Path part of the auth url.
This allow admin auth URIs like http://auth_host:35357/keystone/admin.
(where '/keystone/admin' is auth_admin_prefix)
Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
`` auth_protocol``
(optional) Protocol to use for auth.
Defaults to 'http'.
``pipeline``
(optional) Partial name of a pipeline in your paste configuration file with the
service name removed.
Defaults to 'keystone+cachemanagement'.
``keystone_tenant``
(optional) Tenant to authenticate to.
Defaults to services.
``keystone_user``
(optional) User to authenticate as with keystone.
Defaults to 'glance'.
``sql_idle_timeout``
(optional) Deprecated. Use database_idle_timeout instead
Defaults to false
``sql_connection``
(optional) Deprecated. Use database_connection instead.
Defaults to false
``database_connection``
(optional) Connection url to connect to nova database.
Defaults to 'sqlite:///var/lib/glance/glance.sqlite'
``database_idle_timeout``
(optional) Timeout before idle db connections are reaped.
Defaults to 3600
``use_syslog``
(optional) Use syslog for logging.
Defaults to false.
``log_facility``
(optional) Syslog facility to receive log lines.
Defaults to 'LOG_USER'.
``show_image_direct_url``
(optional) Expose image location to trusted clients.
Defaults to false.
``purge_config``
(optional) Whether to set only the specified config options
in the api config.
Defaults to false.
``cert_file``
(optinal) Certificate file to use when starting API server securely
Defaults to false, not set
``key_file``
(optional) Private key file to use when starting API server securely
Defaults to false, not set
``ca_file``
(optional) CA certificate file to use to verify connecting clients
Defaults to false, not set
``mysql_module``
(optional) Deprecated. Does nothing.
``known_stores``
(optional)List of which store classes and store class locations are
currently known to glance at startup.
Defaults to false.
Example: ['glance.store.filesystem.Store','glance.store.http.Store']
``image_cache_dir``
(optional) Base directory that the Image Cache uses.
Defaults to '/var/lib/glance/image-cache'.
``os_region_name``
(optional) Sets the keystone region to use.
Defaults to 'RegionOne'.
``validate``
(optional) Whether to validate the service is working after any service refreshes
Defaults to false
``validation_options``
(optional) Service validation options
Should be a hash of options defined in openstacklib::service_validation
If empty, defaults values are taken from openstacklib function.
Default command list images.
Require validate set at True.
Example:
glance::api::validation_options:
glance-api:
command: check_glance-api.py
path: /usr/bin:/bin:/usr/sbin:/sbin
provider: shell
tries: 5
try_sleep: 10
Defaults to {}

11
resources/glance_puppet/actions/remove.pp Normal file
View File

@ -0,0 +1,11 @@
$resource = hiera($::resource_name)
include glance::params
class {'glance':
package_ensure => 'absent',
}
package { [$glance::params::api_package_name, $::glance::params::package_name] :
ensure => 'absent',
}

99
resources/glance_puppet/actions/run.pp Normal file
View File

@ -0,0 +1,99 @@
$resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value']
$db_user = $resource['input']['db_user']['value']
$db_password = $resource['input']['db_password']['value']
$db_name = $resource['input']['db_name']['value']
$filesystem_store_datadir = $resource['input']['filesystem_store_datadir']['value']
$keystone_password = $resource['input']['keystone_password']['value']
$verbose = $resource['input']['verbose']['value']
$debug = $resource['input']['debug']['value']
$bind_host = $resource['input']['bind_host']['value']
$bind_port = $resource['input']['bind_port']['value']
$backlog = $resource['input']['backlog']['value']
$workers = $resource['input']['workers']['value']
$log_file = $resource['input']['log_file']['value']
$log_dir = $resource['input']['log_dir']['value']
$registry_host = $resource['input']['registry_host']['value']
$registry_port = $resource['input']['registry_port']['value']
$registry_client_protocol = $resource['input']['registry_client_protocol']['value']
$auth_type = $resource['input']['auth_type']['value']
$auth_host = $resource['input']['auth_host']['value']
$auth_url = $resource['input']['auth_url']['value']
$auth_port = $resource['input']['auth_port']['value']
$auth_uri = $resource['input']['auth_uri']['value']
$auth_admin_prefix = $resource['input']['auth_admin_prefix']['value']
$auth_protocol = $resource['input']['auth_protocol']['value']
$pipeline = $resource['input']['pipeline']['value']
$keystone_tenant = $resource['input']['keystone_tenant']['value']
$keystone_user = $resource['input']['keystone_user']['value']
$use_syslog = $resource['input']['use_syslog']['value']
$log_facility = $resource['input']['log_facility']['value']
$show_image_direct_url = $resource['input']['show_image_direct_url']['value']
$purge_config = $resource['input']['purge_config']['value']
$cert_file = $resource['input']['cert_file']['value']
$key_file = $resource['input']['key_file']['value']
$ca_file = $resource['input']['ca_file']['value']
$known_stores = $resource['input']['known_stores']['value']
$database_connection = $resource['input']['database_connection']['value']
$database_idle_timeout = $resource['input']['database_idle_timeout']['value']
$image_cache_dir = $resource['input']['image_cache_dir']['value']
$os_region_name = $resource['input']['os_region_name']['value']
$validate = $resource['input']['validate']['value']
$validation_options = $resource['input']['validation_options']['value']
$mysql_module = $resource['input']['mysql_module']['value']
$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value']
class {'glance':
package_ensure => 'present',
}
class {'glance::api':
keystone_password => $keystone_password,
enabled => true,
manage_service => true,
verbose => $verbose,
debug => $debug,
bind_host => $bind_host,
bind_port => $bind_port,
backlog => $backlog,
workers => $workers,
log_file => $log_file,
log_dir => $log_dir,
registry_host => $registry_host,
registry_port => $registry_port,
registry_client_protocol => $registry_client_protocol,
auth_type => $auth_type,
auth_host => $auth_host,
auth_url => $auth_url,
auth_port => $auth_port,
auth_uri => $auth_uri,
auth_admin_prefix => $auth_admin_prefix,
auth_protocol => $auth_protocol,
pipeline => $pipeline,
keystone_tenant => $keystone_tenant,
keystone_user => $keystone_user,
use_syslog => $use_syslog,
log_facility => $log_facility,
show_image_direct_url => $show_image_direct_url,
purge_config => $purge_config,
cert_file => $cert_file,
key_file => $key_file,
ca_file => $ca_file,
known_stores => $known_stores,
database_connection => "mysql://${db_user}:${db_password}@${ip}/${db_name}",
database_idle_timeout => $database_idle_timeout,
image_cache_dir => $image_cache_dir,
os_region_name => $os_region_name,
validate => $validate,
validation_options => $validation_options,
mysql_module => $mysql_module,
sql_idle_timeout => $sql_idle_timeout,
}
class { 'glance::backend::file':
filesystem_store_datadir => $filesystem_store_datadir,
}

1
resources/glance_puppet/actions/update.pp Normal file
View File

@ -0,0 +1 @@
notify { "noop update": }

164
resources/glance_puppet/meta.yaml Normal file
View File

@ -0,0 +1,164 @@
id: glance_puppet
handler: puppet
puppet_module: glance
version: 1.0.0
input:
package_ensure:
schema: str
value: 'present'
filesystem_store_datadir:
schema: str
value: '/var/lib/glance/images/'
verbose:
schema: bool
value: false
debug:
schema: bool
value: false
bind_host:
schema: str
value: '0.0.0.0'
bind_port:
schema: int
value: 9292
backlog:
schema: int
value: 4096
workers:
schema: int
value: 1
log_file:
schema: str
value: '/var/log/glance/api.log'
log_dir:
schema: str
value: '/var/log/glance'
registry_host:
schema: str
value: '0.0.0.0'
registry_port:
schema: int
value: 9191
registry_client_protocol:
schema: str
value: 'http'
auth_type:
schema: str
value: 'keystone'
auth_host:
schema: str
value: '127.0.0.1'
auth_url:
schema: str
value: 'http://{{auth_host}}:{{auth_port}}/v2.0'
auth_port:
schema: int
value: 35357
auth_uri:
schema: str
value: ''
auth_admin_prefix:
schema: str
value: ''
auth_protocol:
schema: str
value: 'http'
pipeline:
schema: str
value: 'keystone+cachemanagement'
keystone_tenant:
schema: str!
value: 'services'
keystone_user:
schema: str!
value: 'glance'
use_syslog:
schema: bool
value: false
log_facility:
schema: str
value: 'LOG_USER'
show_image_direct_url:
schema: bool
value: false
purge_config:
schema: bool
value: false
cert_file:
schema: str
value: ''
key_file:
schema: str
value: ''
ca_file:
schema: str
value: ''
known_stores:
schema: str
value: ''
database_connection:
schema: str
value: 'sqlite:///var/lib/glance/glance.sqlite'
database_idle_timeout:
schema: int
value: 3600
image_cache_dir:
schema: str
value: '/var/lib/glance/image-cache'
os_region_name:
schema: str
value: 'RegionOne'
validate:
schema: bool
value: false
validation_options:
schema: {}
value: {}
mysql_module:
schema: str
value: ''
sql_idle_timeout:
schema: str
value: ''
sql_connection:
schema: str
value: ''
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-glance', branch: '5.1.0'}
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
db_user:
schema: str!
value: cinder
db_password:
schema: str!
value: cinder
db_name:
schema: str!
value: cinder
db_host:
schema: str!
value:
keystone_host:
schema: str!
value: ''
keystone_port:
schema: int!
value: ''
keystone_password:
schema: str!
value: ''
tags: [resource/glance_service, resources/glance, resource/glance_api_service]

22
resources/glance_puppet/test.py Normal file
View File

@ -0,0 +1,22 @@
import requests
from solar.core.log import log
from solar.core import validation
def test(resource):
log.debug('Testing glance_puppet')
requests.get(
'http://%s:%s' % (resource.args['ip'].value, resource.args['bind_port'].value)
)
#TODO(bogdando) test packages installed and filesystem store datadir created
args = resource.args
token = validation.validate_token(
keystone_host=args['keystone_host'].value,
keystone_port=args['keystone_port'].value,
user=args['keystone_user'].value,
tenant=args['keystone_tenant'].value,
password=args['keystone_password'].value,
)

116
resources/glance_registry_puppet/README.md Normal file
View File

@ -0,0 +1,116 @@
# Glance registry resource for puppet handler
Configures glance registry service.
# Parameters
source https://github.com/openstack/puppet-glance/tree/5.1.0/manifests/registry.pp
``keystone_password``
(required) The keystone password for administrative user
``package_ensure``
(optional) Ensure state for package. Defaults to 'present'. On RedHat
platforms this setting is ignored and the setting from the glance class is
used because there is only one glance package.
``verbose``
(optional) Enable verbose logs (true|false). Defaults to false.
``debug``
(optional) Enable debug logs (true|false). Defaults to false.
``bind_host``
(optional) The address of the host to bind to. Defaults to '0.0.0.0'.
``bind_port``
(optional) The port the server should bind to. Defaults to '9191'.
``log_file``
(optional) Log file for glance-registry.
If set to boolean false, it will not log to any file.
Defaults to '/var/log/glance/registry.log'.
``log_dir``
(optional) directory to which glance logs are sent.
If set to boolean false, it will not log to any directory.
Defaults to '/var/log/glance'
``sql_idle_timeout``
(optional) Deprecated. Use database_idle_timeout instead
Defaults to false
``sql_connection``
(optional) Deprecated. Use database_connection instead.
Defaults to false
``database_connection``
(optional) Connection url to connect to nova database.
Defaults to 'sqlite:///var/lib/glance/glance.sqlite'
``database_idle_timeout``
(optional) Timeout before idle db connections are reaped.
Defaults to 3600
``auth_type``
(optional) Authentication type. Defaults to 'keystone'.
``auth_host``
(optional) Address of the admin authentication endpoint.
Defaults to '127.0.0.1'.
``auth_port``
(optional) Port of the admin authentication endpoint. Defaults to '35357'.
``auth_admin_prefix``
(optional) path part of the auth url.
This allow admin auth URIs like http://auth_host:35357/keystone/admin.
(where '/keystone/admin' is auth_admin_prefix)
Defaults to false for empty. If defined, should be a string with a leading '/' and no trailing '/'.
``auth_protocol``
(optional) Protocol to communicate with the admin authentication endpoint.
Defaults to 'http'. Should be 'http' or 'https'.
``auth_uri``
(optional) Complete public Identity API endpoint.
``keystone_tenant``
(optional) administrative tenant name to connect to keystone.
Defaults to 'services'.
``keystone_user``
(optional) administrative user name to connect to keystone.
Defaults to 'glance'.
``use_syslog``
(optional) Use syslog for logging.
Defaults to false.
``log_facility``
(optional) Syslog facility to receive log lines.
Defaults to LOG_USER.
``purge_config``
(optional) Whether to create only the specified config values in
the glance registry config file.
Defaults to false.
``cert_file``
(optinal) Certificate file to use when starting registry server securely
Defaults to false, not set
``key_file``
(optional) Private key file to use when starting registry server securely
Defaults to false, not set
``ca_file``
(optional) CA certificate file to use to verify connecting clients
Defaults to false, not set
``sync_db``
(Optional) Run db sync on the node.
Defaults to true
``mysql_module``
(optional) Deprecated. Does nothing.

7
resources/glance_registry_puppet/actions/remove.pp Normal file
View File

@ -0,0 +1,7 @@
$resource = hiera($::resource_name)
class {'glance::registry':
enabled => false,
package_ensure => 'absent',
keystone_password => 'not important as removed'
}

72
resources/glance_registry_puppet/actions/run.pp Normal file
View File

@ -0,0 +1,72 @@
$resource = hiera($::resource_name)
$ip = $resource['input']['ip']['value']
$db_user = $resource['input']['db_user']['value']
$db_password = $resource['input']['db_password']['value']
$db_name = $resource['input']['db_name']['value']
$keystone_password = $resource['input']['keystone_password']['value']
$package_ensure = $resource['input']['package_ensure']['value']
$verbose = $resource['input']['verbose']['value']
$debug = $resource['input']['debug']['value']
$bind_host = $resource['input']['bind_host']['value']
$bind_port = $resource['input']['bind_port']['value']
$log_file = $resource['input']['log_file']['value']
$log_dir = $resource['input']['log_dir']['value']
$database_connection = $resource['input']['database_connection']['value']
$database_idle_timeout = $resource['input']['database_idle_timeout']['value']
$auth_type = $resource['input']['auth_type']['value']
$auth_host = $resource['input']['auth_host']['value']
$auth_port = $resource['input']['auth_port']['value']
$auth_admin_prefix = $resource['input']['auth_admin_prefix']['value']
$auth_uri = $resource['input']['auth_uri']['value']
$auth_protocol = $resource['input']['auth_protocol']['value']
$keystone_tenant = $resource['input']['keystone_tenant']['value']
$keystone_user = $resource['input']['keystone_user']['value']
$pipeline = $resource['input']['pipeline']['value']
$use_syslog = $resource['input']['use_syslog']['value']
$log_facility = $resource['input']['log_facility']['value']
$purge_config = $resource['input']['purge_config']['value']
$cert_file = $resource['input']['cert_file']['value']
$key_file = $resource['input']['key_file']['value']
$ca_file = $resource['input']['ca_file']['value']
$sync_db = $resource['input']['sync_db']['value']
$mysql_module = $resource['input']['mysql_module']['value']
$sql_idle_timeout = $resource['input']['sql_idle_timeout']['value']
$sql_connection = $resource['input']['sql_connection']['value']
include glance::params
class {'glance::registry':
keystone_password => $keystone_password,
enabled => true,
manage_service => true,
package_ensure => $package_ensure,
verbose => $verbose,
debug => $debug,
bind_host => $bind_host,
bind_port => $bind_port,
log_file => $log_file,
log_dir => $log_dir,
database_connection => "mysql://${db_user}:${db_password}@${ip}/${db_name}",
database_idle_timeout => $database_idle_timeout,
auth_type => $auth_type,
auth_host => $auth_host,
auth_port => $auth_port,
auth_admin_prefix => $auth_admin_prefix,
auth_uri => $auth_uri,
auth_protocol => $auth_protocol,
keystone_tenant => $keystone_tenant,
keystone_user => $keystone_user,
pipeline => $pipeline,
use_syslog => $use_syslog,
log_facility => $log_facility,
purge_config => $purge_config,
cert_file => $cert_file,
key_file => $key_file,
ca_file => $ca_file,
sync_db => $sync_db,
mysql_module => $mysql_module,
sql_idle_timeout => $sql_idle_timeout,
}

1
resources/glance_registry_puppet/actions/update.pp Normal file
View File

@ -0,0 +1 @@
notify { "noop update": }

128
resources/glance_registry_puppet/meta.yaml Normal file
View File

@ -0,0 +1,128 @@
id: glance_registry_puppet
handler: puppet
puppet_module: glance
version: 1.0.0
input:
package_ensure:
schema: str
value: 'present'
verbose:
schema: bool
value: false
debug:
schema: bool
value: false
bind_host:
schema: str
value: '0.0.0.0'
bind_port:
schema: int
value: 9191
log_file:
schema: str
value: '/var/log/glance/registry.log'
log_dir:
schema: str
value: '/var/log/glance'
database_connection:
schema: str
value: 'sqlite:///var/lib/glance/glance.sqlite'
database_idle_timeout:
schema: int
value: 3600
auth_type:
schema: str
value: 'keystone'
auth_host:
schema: str
value: '127.0.0.1'
auth_port:
schema: int
value: 35357
auth_admin_prefix:
schema: str
value: ''
auth_uri:
schema: str
value: ''
auth_protocol:
schema: str
value: 'http'
keystone_tenant:
schema: str!
value: 'services'
keystone_user:
schema: str!
value: 'glance'
pipeline:
schema: str
value: 'keystone'
use_syslog:
schema: bool
value: false
log_facility:
schema: str
value: 'LOG_USER'
purge_config:
schema: bool
value: false
cert_file:
schema: str
value: ''
key_file:
schema: str
value: ''
ca_file:
schema: str
value: ''
sync_db:
schema: bool
value: true
mysql_module:
schema: str
value: ''
sql_idle_timeout:
schema: str
value: ''
sql_connection:
schema: str
value: ''
git:
schema: {repository: str!, branch: str!}
value: {repository: 'https://github.com/openstack/puppet-glance', branch: '5.1.0'}
ip:
schema: str!
value:
ssh_key:
schema: str!
value:
ssh_user:
schema: str!
value:
db_user:
schema: str!
value: glance
db_password:
schema: str!
value: glance
db_name:
schema: str!
value: glance
db_host:
schema: str!
value:
keystone_host:
schema: str!
value: ''
keystone_port:
schema: int!
value: ''
keystone_password:
schema: str!
value: ''
tags: [resource/glance_registry_service, resources/glance_registry, resource/glance]

10
resources/glance_registry_puppet/test.py Normal file
View File

@ -0,0 +1,10 @@
import requests
from solar.core.log import log
def test(resource):
log.debug('Testing glance_registry_puppet')
requests.get(
'http://%s:%s' % (resource.args['ip'].value, resource.args['bind_port'].value)
)

27
resources/keystone_user/test.py
View File

@ -1,27 +1,18 @@
import json
import requests
from solar.core.log import log
from solar.core import validation
def test(resource):
log.debug('Testing keystone_user %s', resource.args['user_name'].value)
token_data = requests.post(
'http://%s:%s/v2.0/tokens' % (resource.args['keystone_host'].value,
resource.args['keystone_port'].value),
json.dumps({
'auth': {
'tenantName': resource.args['tenant_name'].value,
'passwordCredentials': {
'username': resource.args['user_name'].value,
'password': resource.args['user_password'].value,
},
},
}),
headers={'Content-Type': 'application/json'}
args = resource.args
token = validation.validate_token(
keystone_host=args['keystone_host'].value,
keystone_port=args['keystone_port'].value,
user=args['user_name'].value,
tenant=args['tenant_name'].value,
password=args['user_password'].value,
)
token = token_data.json()['access']['token']['id']
log.debug('%s TOKEN: %s', resource.args['user_name'].value, token)

2
resources/mariadb_db/actions/remove.yml
View File

@ -9,3 +9,5 @@
login_password: {{login_password}}
login_port: {{login_port}}
login_host: {{db_host}}
collation: {{collation}}
encoding: {{encoding}}

2
resources/mariadb_db/actions/run.yml
View File

@ -9,3 +9,5 @@
login_password: {{ login_password }}
login_port: {{ login_port }}
login_host: {{db_host}}
collation: {{collation}}
encoding: {{encoding}}

6
resources/mariadb_db/meta.yaml
View File

@ -21,6 +21,12 @@ input:
login_port:
schema: int!
value:
collation:
schema: str
value: 'utf8_general_ci'
encoding:
schema: str
value: 'utf8'
ip:
schema: str!

29
solar/solar/core/validation.py
View File

@ -41,7 +41,9 @@ mount_points:
minLength: 1
"""
import json
from jsonschema import validate, ValidationError
import requests
from solar.core.log import log
@ -164,3 +166,30 @@ def validate_resource(r):
ret[input_name] = errors
return ret
def validate_token(
keystone_host=None,
keystone_port=None,
user=None,
tenant=None,
password=None):
token_data = requests.post(
'http://%s:%s/v2.0/tokens' % (keystone_host, keystone_port),
json.dumps({
'auth': {
'tenantName': tenant,
'passwordCredentials': {
'username': user,
'password': password,
},
},
}),
headers={'Content-Type': 'application/json'}
)
token = token_data.json()['access']['token']['id']
log.debug('%s TOKEN: %s', user, token)
return token

23
templates/glance.yml Normal file
View File

@ -0,0 +1,23 @@
id: glance_{{idx}}
resources:
- id: glance_base_{{ idx }}
from: templates/glance_db.yml
values:
idx: '{{ idx }}'
db_name: '{{ db_name }}'
db_user: '{{ db_user }}'
db_password: '{{ db_password }}'
db_host: '{{ db_host }}'
db_login_port: '{{ db_port }}'
db_login_user: '{{ db_login_user }}'
db_login_password: '{{ db_login_password }}'
ip: '{{ ip }}'
ssh_user: '{{ ssh_user }}'
ssh_key: '{{ ssh_key }}'
tags: ['resources/glance', 'resource/glance_api', 'resource/glance_registry']

30
templates/glance_db.yml Normal file
View File

@ -0,0 +1,30 @@
id: glance_db_{{ idx }}
resources:
- id: glance_db_db_{{ idx }}
from: resources/mariadb_db
values:
db_name: '{{ db_name }}'
login_user: '{{ db_login_user }}'
login_password: '{{ db_login_password }}'
login_port: '{{ db_login_port }}'
ip: '{{ ip }}'
ssh_user: '{{ ssh_user }}'
ssh_key: '{{ ssh_key }}'
- id: glance_db_user
from: resources/mariadb_user
values:
user_password: '{{ db_password }}'
user_name: '{{ db_user }}'
db_name: '{{ db_name }}'
login_user: '{{ db_login_user }}'
login_password: '{{ db_login_password }}'
login_port: '{{ db_login_port }}'
ip: '{{ ip }}'
ssh_user: '{{ ssh_user }}'
ssh_key: '{{ ssh_key }}'