create config for sm-api
1. create smapi service endpoint, credential 2. create sm-api.conf for sm-api configuration 3. configure haproxy, so sm-api binds to mgmt fixed ip, with haproxy: mgmt fixed ip -> mgmt floating ip -> oam floating ip Story: 2002827 Task: 22744 Change-Id: I743f6b0f09c06325d3c9dc6e11902420882e7931 Signed-off-by: Bin Qian <bin.qian@windriver.com>
This commit is contained in:
parent
a04b0607e9
commit
1268e4aa09
|
@ -16,3 +16,4 @@ puppet-modules-wrs/puppet-patching
|
||||||
puppet-modules-wrs/puppet-sysinv
|
puppet-modules-wrs/puppet-sysinv
|
||||||
puppet-modules-wrs/puppet-dcorch
|
puppet-modules-wrs/puppet-dcorch
|
||||||
puppet-modules-wrs/puppet-dcmanager
|
puppet-modules-wrs/puppet-dcmanager
|
||||||
|
puppet-modules-wrs/puppet-smapi
|
||||||
|
|
|
@ -20,6 +20,7 @@ Requires: puppet-nova_api_proxy
|
||||||
Requires: puppet-patching
|
Requires: puppet-patching
|
||||||
Requires: puppet-sysinv
|
Requires: puppet-sysinv
|
||||||
Requires: puppet-sshd
|
Requires: puppet-sshd
|
||||||
|
Requires: puppet-smapi
|
||||||
|
|
||||||
# Openstack puppet modules
|
# Openstack puppet modules
|
||||||
Requires: puppet-aodh
|
Requires: puppet-aodh
|
||||||
|
|
|
@ -120,6 +120,7 @@ include ::platform::dcmanager::api
|
||||||
|
|
||||||
include ::platform::dcorch::snmp
|
include ::platform::dcorch::snmp
|
||||||
|
|
||||||
|
include ::platform::smapi
|
||||||
include ::platform::sm
|
include ::platform::sm
|
||||||
|
|
||||||
class { '::platform::config::controller::post':
|
class { '::platform::config::controller::post':
|
||||||
|
|
|
@ -386,6 +386,9 @@ class openstack::keystone::endpoint::runtime {
|
||||||
include ::dcorch::keystone::auth
|
include ::dcorch::keystone::auth
|
||||||
include ::dcmanager::keystone::auth
|
include ::dcmanager::keystone::auth
|
||||||
}
|
}
|
||||||
|
|
||||||
|
include ::smapi::keystone::auth
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,60 @@
|
||||||
|
class platform::smapi::params (
|
||||||
|
$auth_username = undef,
|
||||||
|
$keystone_auth_url = undef,
|
||||||
|
$keystone_username = undef,
|
||||||
|
$keystone_password = undef,
|
||||||
|
$public_url = undef,
|
||||||
|
$admin_url = undef,
|
||||||
|
$bind_ip = undef,
|
||||||
|
$port = undef,
|
||||||
|
$region = undef,
|
||||||
|
) {}
|
||||||
|
|
||||||
|
class platform::smap::firewall
|
||||||
|
inherits ::platform::smapi::params {
|
||||||
|
|
||||||
|
platform::firewall::rule { 'sm-api':
|
||||||
|
service_name => 'sm-api',
|
||||||
|
ports => $port,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
class platform::smapi::haproxy
|
||||||
|
inherits ::platform::smapi::params {
|
||||||
|
|
||||||
|
include ::platform::params
|
||||||
|
include ::platform::haproxy::params
|
||||||
|
|
||||||
|
platform::haproxy::proxy { 'sm-api-internal':
|
||||||
|
server_name => 's-smapi-internal',
|
||||||
|
public_ip_address => $::platform::haproxy::params::private_ip_address,
|
||||||
|
public_port => $port,
|
||||||
|
private_ip_address => $bind_ip,
|
||||||
|
private_port => $port,
|
||||||
|
}
|
||||||
|
platform::haproxy::proxy { 'sm-api-public':
|
||||||
|
server_name => 's-smapi-public',
|
||||||
|
public_port => $port,
|
||||||
|
private_port => $port,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
class platform::smapi
|
||||||
|
inherits ::platform::smapi::params {
|
||||||
|
if ($::platform::params::init_keystone) {
|
||||||
|
include ::smapi::keystone::auth
|
||||||
|
}
|
||||||
|
|
||||||
|
include ::platform::params
|
||||||
|
include ::platform::smap::firewall
|
||||||
|
include ::platform::smapi::haproxy
|
||||||
|
$bind_host_name = $::platform::params::hostname
|
||||||
|
file { "/etc/sm-api/sm-api.conf":
|
||||||
|
ensure => 'present',
|
||||||
|
content => template('platform/sm-api.conf.erb'),
|
||||||
|
owner => 'root',
|
||||||
|
group => 'root',
|
||||||
|
mode => '0400',
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
#
|
||||||
|
# Config file for sm-api.
|
||||||
|
#
|
||||||
|
[DEFAULT]
|
||||||
|
sm_api_port=<%= @port %>
|
||||||
|
sm_api_bind_ip=<%= @bind_host_name %>
|
||||||
|
api_public_url=<%= @public_url %>
|
||||||
|
api_admin_url=<%= @admin_url %>
|
||||||
|
|
||||||
|
[keystone_authtoken]
|
||||||
|
auth_type=password
|
||||||
|
auth_url=<%= @keystone_auth_url %>
|
||||||
|
auth_uri=<%= @keystone_auth_url %>
|
||||||
|
username=<%= @keystone_username %>
|
||||||
|
password=<%= @keystone_password %>
|
||||||
|
project_domain_name=Default
|
||||||
|
project_name=services
|
||||||
|
user_domain_name=Default
|
||||||
|
user_name=<%= @keystone_username %>
|
||||||
|
region_name=<%= @region %>
|
||||||
|
|
|
@ -0,0 +1,2 @@
|
||||||
|
Name: puppet-smapi
|
||||||
|
Version: 1.0.0
|
|
@ -0,0 +1,2 @@
|
||||||
|
SRC_DIR="src"
|
||||||
|
TIS_PATCH_VER=1
|
|
@ -0,0 +1,32 @@
|
||||||
|
%global module_dir smapi
|
||||||
|
|
||||||
|
Name: puppet-%{module_dir}
|
||||||
|
Version: 1.0.0
|
||||||
|
Release: %{tis_patch_ver}%{?_tis_dist}
|
||||||
|
Summary: Puppet smapi module
|
||||||
|
License: Apache-2.0
|
||||||
|
Packager: Wind River <info@windriver.com>
|
||||||
|
|
||||||
|
URL: unknown
|
||||||
|
|
||||||
|
Source0: %{name}-%{version}.tar.gz
|
||||||
|
|
||||||
|
BuildArch: noarch
|
||||||
|
|
||||||
|
BuildRequires: python2-devel
|
||||||
|
|
||||||
|
%description
|
||||||
|
A puppet module for smapi
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%autosetup -c %{module_dir}
|
||||||
|
|
||||||
|
#
|
||||||
|
# The src for this puppet module needs to be staged to puppet/modules
|
||||||
|
#
|
||||||
|
%install
|
||||||
|
install -d -m 0755 %{buildroot}%{_datadir}/puppet/modules/%{module_dir}
|
||||||
|
cp -R %{name}-%{version}/%{module_dir} %{buildroot}%{_datadir}/puppet/modules
|
||||||
|
|
||||||
|
%files
|
||||||
|
%{_datadir}/puppet/modules/%{module_dir}
|
|
@ -0,0 +1,202 @@
|
||||||
|
|
||||||
|
Apache License
|
||||||
|
Version 2.0, January 2004
|
||||||
|
http://www.apache.org/licenses/
|
||||||
|
|
||||||
|
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||||
|
|
||||||
|
1. Definitions.
|
||||||
|
|
||||||
|
"License" shall mean the terms and conditions for use, reproduction,
|
||||||
|
and distribution as defined by Sections 1 through 9 of this document.
|
||||||
|
|
||||||
|
"Licensor" shall mean the copyright owner or entity authorized by
|
||||||
|
the copyright owner that is granting the License.
|
||||||
|
|
||||||
|
"Legal Entity" shall mean the union of the acting entity and all
|
||||||
|
other entities that control, are controlled by, or are under common
|
||||||
|
control with that entity. For the purposes of this definition,
|
||||||
|
"control" means (i) the power, direct or indirect, to cause the
|
||||||
|
direction or management of such entity, whether by contract or
|
||||||
|
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||||
|
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||||
|
|
||||||
|
"You" (or "Your") shall mean an individual or Legal Entity
|
||||||
|
exercising permissions granted by this License.
|
||||||
|
|
||||||
|
"Source" form shall mean the preferred form for making modifications,
|
||||||
|
including but not limited to software source code, documentation
|
||||||
|
source, and configuration files.
|
||||||
|
|
||||||
|
"Object" form shall mean any form resulting from mechanical
|
||||||
|
transformation or translation of a Source form, including but
|
||||||
|
not limited to compiled object code, generated documentation,
|
||||||
|
and conversions to other media types.
|
||||||
|
|
||||||
|
"Work" shall mean the work of authorship, whether in Source or
|
||||||
|
Object form, made available under the License, as indicated by a
|
||||||
|
copyright notice that is included in or attached to the work
|
||||||
|
(an example is provided in the Appendix below).
|
||||||
|
|
||||||
|
"Derivative Works" shall mean any work, whether in Source or Object
|
||||||
|
form, that is based on (or derived from) the Work and for which the
|
||||||
|
editorial revisions, annotations, elaborations, or other modifications
|
||||||
|
represent, as a whole, an original work of authorship. For the purposes
|
||||||
|
of this License, Derivative Works shall not include works that remain
|
||||||
|
separable from, or merely link (or bind by name) to the interfaces of,
|
||||||
|
the Work and Derivative Works thereof.
|
||||||
|
|
||||||
|
"Contribution" shall mean any work of authorship, including
|
||||||
|
the original version of the Work and any modifications or additions
|
||||||
|
to that Work or Derivative Works thereof, that is intentionally
|
||||||
|
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||||
|
or by an individual or Legal Entity authorized to submit on behalf of
|
||||||
|
the copyright owner. For the purposes of this definition, "submitted"
|
||||||
|
means any form of electronic, verbal, or written communication sent
|
||||||
|
to the Licensor or its representatives, including but not limited to
|
||||||
|
communication on electronic mailing lists, source code control systems,
|
||||||
|
and issue tracking systems that are managed by, or on behalf of, the
|
||||||
|
Licensor for the purpose of discussing and improving the Work, but
|
||||||
|
excluding communication that is conspicuously marked or otherwise
|
||||||
|
designated in writing by the copyright owner as "Not a Contribution."
|
||||||
|
|
||||||
|
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||||
|
on behalf of whom a Contribution has been received by Licensor and
|
||||||
|
subsequently incorporated within the Work.
|
||||||
|
|
||||||
|
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||||
|
this License, each Contributor hereby grants to You a perpetual,
|
||||||
|
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||||
|
copyright license to reproduce, prepare Derivative Works of,
|
||||||
|
publicly display, publicly perform, sublicense, and distribute the
|
||||||
|
Work and such Derivative Works in Source or Object form.
|
||||||
|
|
||||||
|
3. Grant of Patent License. Subject to the terms and conditions of
|
||||||
|
this License, each Contributor hereby grants to You a perpetual,
|
||||||
|
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||||
|
(except as stated in this section) patent license to make, have made,
|
||||||
|
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||||
|
where such license applies only to those patent claims licensable
|
||||||
|
by such Contributor that are necessarily infringed by their
|
||||||
|
Contribution(s) alone or by combination of their Contribution(s)
|
||||||
|
with the Work to which such Contribution(s) was submitted. If You
|
||||||
|
institute patent litigation against any entity (including a
|
||||||
|
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||||
|
or a Contribution incorporated within the Work constitutes direct
|
||||||
|
or contributory patent infringement, then any patent licenses
|
||||||
|
granted to You under this License for that Work shall terminate
|
||||||
|
as of the date such litigation is filed.
|
||||||
|
|
||||||
|
4. Redistribution. You may reproduce and distribute copies of the
|
||||||
|
Work or Derivative Works thereof in any medium, with or without
|
||||||
|
modifications, and in Source or Object form, provided that You
|
||||||
|
meet the following conditions:
|
||||||
|
|
||||||
|
(a) You must give any other recipients of the Work or
|
||||||
|
Derivative Works a copy of this License; and
|
||||||
|
|
||||||
|
(b) You must cause any modified files to carry prominent notices
|
||||||
|
stating that You changed the files; and
|
||||||
|
|
||||||
|
(c) You must retain, in the Source form of any Derivative Works
|
||||||
|
that You distribute, all copyright, patent, trademark, and
|
||||||
|
attribution notices from the Source form of the Work,
|
||||||
|
excluding those notices that do not pertain to any part of
|
||||||
|
the Derivative Works; and
|
||||||
|
|
||||||
|
(d) If the Work includes a "NOTICE" text file as part of its
|
||||||
|
distribution, then any Derivative Works that You distribute must
|
||||||
|
include a readable copy of the attribution notices contained
|
||||||
|
within such NOTICE file, excluding those notices that do not
|
||||||
|
pertain to any part of the Derivative Works, in at least one
|
||||||
|
of the following places: within a NOTICE text file distributed
|
||||||
|
as part of the Derivative Works; within the Source form or
|
||||||
|
documentation, if provided along with the Derivative Works; or,
|
||||||
|
within a display generated by the Derivative Works, if and
|
||||||
|
wherever such third-party notices normally appear. The contents
|
||||||
|
of the NOTICE file are for informational purposes only and
|
||||||
|
do not modify the License. You may add Your own attribution
|
||||||
|
notices within Derivative Works that You distribute, alongside
|
||||||
|
or as an addendum to the NOTICE text from the Work, provided
|
||||||
|
that such additional attribution notices cannot be construed
|
||||||
|
as modifying the License.
|
||||||
|
|
||||||
|
You may add Your own copyright statement to Your modifications and
|
||||||
|
may provide additional or different license terms and conditions
|
||||||
|
for use, reproduction, or distribution of Your modifications, or
|
||||||
|
for any such Derivative Works as a whole, provided Your use,
|
||||||
|
reproduction, and distribution of the Work otherwise complies with
|
||||||
|
the conditions stated in this License.
|
||||||
|
|
||||||
|
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||||
|
any Contribution intentionally submitted for inclusion in the Work
|
||||||
|
by You to the Licensor shall be under the terms and conditions of
|
||||||
|
this License, without any additional terms or conditions.
|
||||||
|
Notwithstanding the above, nothing herein shall supersede or modify
|
||||||
|
the terms of any separate license agreement you may have executed
|
||||||
|
with Licensor regarding such Contributions.
|
||||||
|
|
||||||
|
6. Trademarks. This License does not grant permission to use the trade
|
||||||
|
names, trademarks, service marks, or product names of the Licensor,
|
||||||
|
except as required for reasonable and customary use in describing the
|
||||||
|
origin of the Work and reproducing the content of the NOTICE file.
|
||||||
|
|
||||||
|
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||||
|
agreed to in writing, Licensor provides the Work (and each
|
||||||
|
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||||
|
implied, including, without limitation, any warranties or conditions
|
||||||
|
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||||
|
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||||
|
appropriateness of using or redistributing the Work and assume any
|
||||||
|
risks associated with Your exercise of permissions under this License.
|
||||||
|
|
||||||
|
8. Limitation of Liability. In no event and under no legal theory,
|
||||||
|
whether in tort (including negligence), contract, or otherwise,
|
||||||
|
unless required by applicable law (such as deliberate and grossly
|
||||||
|
negligent acts) or agreed to in writing, shall any Contributor be
|
||||||
|
liable to You for damages, including any direct, indirect, special,
|
||||||
|
incidental, or consequential damages of any character arising as a
|
||||||
|
result of this License or out of the use or inability to use the
|
||||||
|
Work (including but not limited to damages for loss of goodwill,
|
||||||
|
work stoppage, computer failure or malfunction, or any and all
|
||||||
|
other commercial damages or losses), even if such Contributor
|
||||||
|
has been advised of the possibility of such damages.
|
||||||
|
|
||||||
|
9. Accepting Warranty or Additional Liability. While redistributing
|
||||||
|
the Work or Derivative Works thereof, You may choose to offer,
|
||||||
|
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||||
|
or other liability obligations and/or rights consistent with this
|
||||||
|
License. However, in accepting such obligations, You may act only
|
||||||
|
on Your own behalf and on Your sole responsibility, not on behalf
|
||||||
|
of any other Contributor, and only if You agree to indemnify,
|
||||||
|
defend, and hold each Contributor harmless for any liability
|
||||||
|
incurred by, or claims asserted against, such Contributor by reason
|
||||||
|
of your accepting any such warranty or additional liability.
|
||||||
|
|
||||||
|
END OF TERMS AND CONDITIONS
|
||||||
|
|
||||||
|
APPENDIX: How to apply the Apache License to your work.
|
||||||
|
|
||||||
|
To apply the Apache License to your work, attach the following
|
||||||
|
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||||
|
replaced with your own identifying information. (Don't include
|
||||||
|
the brackets!) The text should be enclosed in the appropriate
|
||||||
|
comment syntax for the file format. We also recommend that a
|
||||||
|
file or class name and description of purpose be included on the
|
||||||
|
same "printed page" as the copyright notice for easier
|
||||||
|
identification within third-party archives.
|
||||||
|
|
||||||
|
Copyright [yyyy] [name of copyright owner]
|
||||||
|
|
||||||
|
Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
you may not use this file except in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing, software
|
||||||
|
distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
See the License for the specific language governing permissions and
|
||||||
|
limitations under the License.
|
|
@ -0,0 +1,48 @@
|
||||||
|
#
|
||||||
|
# Files in this package are licensed under Apache; see LICENSE file.
|
||||||
|
#
|
||||||
|
# Copyright (c) 2018 Wind River Systems, Inc.
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
# == Class: smapi::keystone::auth
|
||||||
|
#
|
||||||
|
# Configures smapi user, service and endpoint in Keystone.
|
||||||
|
#
|
||||||
|
|
||||||
|
class smapi::keystone::auth (
|
||||||
|
$configure_endpoint = true,
|
||||||
|
$configure_user = true,
|
||||||
|
$configure_user_role = true,
|
||||||
|
$password = 'passwd',
|
||||||
|
$auth_name = 'smapi',
|
||||||
|
$public_url = 'http://127.0.0.1:7777',
|
||||||
|
$admin_url = 'http://127.0.0.1:7777',
|
||||||
|
$internal_url = 'http://127.0.0.1:7777',
|
||||||
|
$tenant = 'services',
|
||||||
|
$region = 'RegionOne',
|
||||||
|
$service_description = 'sm-api service',
|
||||||
|
$service_name = 'smapi',
|
||||||
|
$service_type = 'smapi',
|
||||||
|
) {
|
||||||
|
|
||||||
|
$real_service_name = pick($service_name, $auth_name)
|
||||||
|
|
||||||
|
keystone::resource::service_identity { $auth_name:
|
||||||
|
configure_endpoint => $configure_endpoint,
|
||||||
|
configure_user => $configure_user,
|
||||||
|
configure_user_role => $configure_user_role,
|
||||||
|
password => $password,
|
||||||
|
auth_name => $auth_name,
|
||||||
|
public_url => $public_url,
|
||||||
|
admin_url => $admin_url,
|
||||||
|
internal_url => $internal_url,
|
||||||
|
tenant => $tenant,
|
||||||
|
region => $region,
|
||||||
|
service_description => $service_description,
|
||||||
|
service_name => $real_service_name,
|
||||||
|
service_type => $service_type,
|
||||||
|
}
|
||||||
|
}
|
|
@ -1,5 +1,5 @@
|
||||||
#
|
#
|
||||||
# Copyright (c) 2013-2014 Wind River Systems, Inc.
|
# Copyright (c) 2013-2018 Wind River Systems, Inc.
|
||||||
#
|
#
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
#
|
#
|
||||||
|
@ -32,6 +32,14 @@ def _get_ksclient(**kwargs):
|
||||||
cacert=kwargs.get('os_cacert'))
|
cacert=kwargs.get('os_cacert'))
|
||||||
|
|
||||||
|
|
||||||
|
def _get_sm_endpoint(client, **kwargs):
|
||||||
|
"""Get an endpoint for smapi using the provided keystone client."""
|
||||||
|
return client.auth_ref.service_catalog.url_for(
|
||||||
|
service_type=kwargs.get('service_name') or 'smapi',
|
||||||
|
endpoint_type=kwargs.get('endpoint_type') or 'public',
|
||||||
|
region_name=kwargs.get('os_region_name') or 'RegionOne')
|
||||||
|
|
||||||
|
|
||||||
def _get_endpoint(client, **kwargs):
|
def _get_endpoint(client, **kwargs):
|
||||||
"""Get an endpoint using the provided keystone client."""
|
"""Get an endpoint using the provided keystone client."""
|
||||||
return client.auth_ref.service_catalog.url_for(
|
return client.auth_ref.service_catalog.url_for(
|
||||||
|
@ -106,6 +114,7 @@ def get_client(api_version, **kwargs):
|
||||||
'and token'))
|
'and token'))
|
||||||
raise exc.AmbigiousAuthSystem(e)
|
raise exc.AmbigiousAuthSystem(e)
|
||||||
|
|
||||||
|
smapi_endpoint = _get_sm_endpoint(_ksclient, **ep_kwargs)
|
||||||
cli_kwargs = {
|
cli_kwargs = {
|
||||||
'token': token,
|
'token': token,
|
||||||
'insecure': kwargs.get('insecure'),
|
'insecure': kwargs.get('insecure'),
|
||||||
|
@ -116,7 +125,7 @@ def get_client(api_version, **kwargs):
|
||||||
'key_file': kwargs.get('key_file'),
|
'key_file': kwargs.get('key_file'),
|
||||||
'auth_ref': auth_ref,
|
'auth_ref': auth_ref,
|
||||||
'auth_url': kwargs.get('os_auth_url'),
|
'auth_url': kwargs.get('os_auth_url'),
|
||||||
'smapi_endpoint': 'http:localhost:7777',
|
'smapi_endpoint': smapi_endpoint,
|
||||||
}
|
}
|
||||||
|
|
||||||
return Client(api_version, endpoint, **cli_kwargs)
|
return Client(api_version, endpoint, **cli_kwargs)
|
||||||
|
|
|
@ -1,12 +1,14 @@
|
||||||
#
|
#
|
||||||
# Copyright (c) 2016 Wind River Systems, Inc.
|
# Copyright (c) 2016-2018 Wind River Systems, Inc.
|
||||||
#
|
#
|
||||||
# SPDX-License-Identifier: Apache-2.0
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
#
|
#
|
||||||
import json
|
import json
|
||||||
|
import pecan
|
||||||
import socket
|
import socket
|
||||||
|
from rest_api import get_token
|
||||||
from rest_api import rest_api_request
|
from rest_api import rest_api_request
|
||||||
|
from sysinv.common.constants import REGION_ONE_NAME
|
||||||
from sysinv.openstack.common import log
|
from sysinv.openstack.common import log
|
||||||
|
|
||||||
LOG = log.getLogger(__name__)
|
LOG = log.getLogger(__name__)
|
||||||
|
@ -17,10 +19,15 @@ SM_API_PATH = "http://{host}:{port}".\
|
||||||
format(host=SM_API_HOST, port=SM_API_PORT)
|
format(host=SM_API_HOST, port=SM_API_PORT)
|
||||||
|
|
||||||
|
|
||||||
|
def _get_token():
|
||||||
|
system = pecan.request.dbapi.isystem_get_one()
|
||||||
|
return get_token(system.region_name)
|
||||||
|
|
||||||
def swact_pre_check(hostname, timeout):
|
def swact_pre_check(hostname, timeout):
|
||||||
"""
|
"""
|
||||||
Sends a Swact Pre-Check command to SM.
|
Sends a Swact Pre-Check command to SM.
|
||||||
"""
|
"""
|
||||||
|
token = _get_token()
|
||||||
api_cmd = SM_API_PATH
|
api_cmd = SM_API_PATH
|
||||||
api_cmd += "/v1/servicenode/%s" % hostname
|
api_cmd += "/v1/servicenode/%s" % hostname
|
||||||
|
|
||||||
|
@ -35,7 +42,7 @@ def swact_pre_check(hostname, timeout):
|
||||||
api_cmd_payload['oper'] = "unknown"
|
api_cmd_payload['oper'] = "unknown"
|
||||||
api_cmd_payload['avail'] = ""
|
api_cmd_payload['avail'] = ""
|
||||||
|
|
||||||
response = rest_api_request(None, "PATCH", api_cmd, api_cmd_headers,
|
response = rest_api_request(token, "PATCH", api_cmd, api_cmd_headers,
|
||||||
json.dumps(api_cmd_payload), timeout)
|
json.dumps(api_cmd_payload), timeout)
|
||||||
|
|
||||||
return response
|
return response
|
||||||
|
@ -45,6 +52,7 @@ def lock_pre_check(hostname, timeout):
|
||||||
"""
|
"""
|
||||||
Sends a Lock Pre-Check command to SM.
|
Sends a Lock Pre-Check command to SM.
|
||||||
"""
|
"""
|
||||||
|
token = _get_token()
|
||||||
api_cmd = SM_API_PATH
|
api_cmd = SM_API_PATH
|
||||||
api_cmd += "/v1/servicenode/%s" % hostname
|
api_cmd += "/v1/servicenode/%s" % hostname
|
||||||
|
|
||||||
|
@ -59,7 +67,7 @@ def lock_pre_check(hostname, timeout):
|
||||||
api_cmd_payload['oper'] = "unknown"
|
api_cmd_payload['oper'] = "unknown"
|
||||||
api_cmd_payload['avail'] = ""
|
api_cmd_payload['avail'] = ""
|
||||||
|
|
||||||
response = rest_api_request(None, "PATCH", api_cmd, api_cmd_headers,
|
response = rest_api_request(token, "PATCH", api_cmd, api_cmd_headers,
|
||||||
json.dumps(api_cmd_payload), timeout)
|
json.dumps(api_cmd_payload), timeout)
|
||||||
|
|
||||||
return response
|
return response
|
||||||
|
@ -69,6 +77,7 @@ def service_list():
|
||||||
"""
|
"""
|
||||||
Sends a service list command to SM.
|
Sends a service list command to SM.
|
||||||
"""
|
"""
|
||||||
|
token = _get_token()
|
||||||
api_cmd = SM_API_PATH
|
api_cmd = SM_API_PATH
|
||||||
api_cmd += "/v1/services"
|
api_cmd += "/v1/services"
|
||||||
|
|
||||||
|
@ -77,7 +86,7 @@ def service_list():
|
||||||
api_cmd_headers['Accept'] = "application/json"
|
api_cmd_headers['Accept'] = "application/json"
|
||||||
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
||||||
|
|
||||||
response = rest_api_request(None, "GET", api_cmd, api_cmd_headers, None)
|
response = rest_api_request(token, "GET", api_cmd, api_cmd_headers, None)
|
||||||
|
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
@ -86,6 +95,7 @@ def service_show(hostname):
|
||||||
"""
|
"""
|
||||||
Sends a service show command to SM.
|
Sends a service show command to SM.
|
||||||
"""
|
"""
|
||||||
|
token = _get_token()
|
||||||
api_cmd = SM_API_PATH
|
api_cmd = SM_API_PATH
|
||||||
api_cmd += "/v1/services/%s" % hostname
|
api_cmd += "/v1/services/%s" % hostname
|
||||||
|
|
||||||
|
@ -94,7 +104,7 @@ def service_show(hostname):
|
||||||
api_cmd_headers['Accept'] = "application/json"
|
api_cmd_headers['Accept'] = "application/json"
|
||||||
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
||||||
|
|
||||||
response = rest_api_request(None, "GET", api_cmd, api_cmd_headers, None)
|
response = rest_api_request(token, "GET", api_cmd, api_cmd_headers, None)
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
|
||||||
|
@ -102,6 +112,7 @@ def servicenode_list():
|
||||||
"""
|
"""
|
||||||
Sends a service list command to SM.
|
Sends a service list command to SM.
|
||||||
"""
|
"""
|
||||||
|
token = _get_token()
|
||||||
api_cmd = SM_API_PATH
|
api_cmd = SM_API_PATH
|
||||||
api_cmd += "/v1/nodes"
|
api_cmd += "/v1/nodes"
|
||||||
|
|
||||||
|
@ -110,7 +121,7 @@ def servicenode_list():
|
||||||
api_cmd_headers['Accept'] = "application/json"
|
api_cmd_headers['Accept'] = "application/json"
|
||||||
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
||||||
|
|
||||||
response = rest_api_request(None, "GET", api_cmd, api_cmd_headers, None)
|
response = rest_api_request(token, "GET", api_cmd, api_cmd_headers, None)
|
||||||
|
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
@ -119,6 +130,7 @@ def servicenode_show(hostname):
|
||||||
"""
|
"""
|
||||||
Sends a service show command to SM.
|
Sends a service show command to SM.
|
||||||
"""
|
"""
|
||||||
|
token = _get_token()
|
||||||
api_cmd = SM_API_PATH
|
api_cmd = SM_API_PATH
|
||||||
api_cmd += "/v1/nodes/%s" % hostname
|
api_cmd += "/v1/nodes/%s" % hostname
|
||||||
|
|
||||||
|
@ -127,7 +139,7 @@ def servicenode_show(hostname):
|
||||||
api_cmd_headers['Accept'] = "application/json"
|
api_cmd_headers['Accept'] = "application/json"
|
||||||
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
||||||
|
|
||||||
response = rest_api_request(None, "GET", api_cmd, api_cmd_headers, None)
|
response = rest_api_request(token, "GET", api_cmd, api_cmd_headers, None)
|
||||||
|
|
||||||
return response
|
return response
|
||||||
|
|
||||||
|
@ -136,6 +148,7 @@ def sm_servicegroup_list():
|
||||||
"""
|
"""
|
||||||
Sends a service list command to SM.
|
Sends a service list command to SM.
|
||||||
"""
|
"""
|
||||||
|
token = _get_token()
|
||||||
api_cmd = SM_API_PATH
|
api_cmd = SM_API_PATH
|
||||||
api_cmd += "/v1/sm_sda"
|
api_cmd += "/v1/sm_sda"
|
||||||
|
|
||||||
|
@ -144,7 +157,7 @@ def sm_servicegroup_list():
|
||||||
api_cmd_headers['Accept'] = "application/json"
|
api_cmd_headers['Accept'] = "application/json"
|
||||||
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
||||||
|
|
||||||
response = rest_api_request(None, "GET", api_cmd, api_cmd_headers, None)
|
response = rest_api_request(token, "GET", api_cmd, api_cmd_headers, None)
|
||||||
|
|
||||||
# rename the obsolete sm_sda to sm_servicegroups
|
# rename the obsolete sm_sda to sm_servicegroups
|
||||||
if isinstance(response, dict):
|
if isinstance(response, dict):
|
||||||
|
@ -158,6 +171,7 @@ def sm_servicegroup_show(hostname):
|
||||||
"""
|
"""
|
||||||
Sends a service show command to SM.
|
Sends a service show command to SM.
|
||||||
"""
|
"""
|
||||||
|
token = _get_token()
|
||||||
api_cmd = SM_API_PATH
|
api_cmd = SM_API_PATH
|
||||||
api_cmd += "/v1/sm_sda/%s" % hostname
|
api_cmd += "/v1/sm_sda/%s" % hostname
|
||||||
|
|
||||||
|
@ -166,6 +180,6 @@ def sm_servicegroup_show(hostname):
|
||||||
api_cmd_headers['Accept'] = "application/json"
|
api_cmd_headers['Accept'] = "application/json"
|
||||||
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
api_cmd_headers['User-Agent'] = "sysinv/1.0"
|
||||||
|
|
||||||
response = rest_api_request(None, "GET", api_cmd, api_cmd_headers, None)
|
response = rest_api_request(token, "GET", api_cmd, api_cmd_headers, None)
|
||||||
|
|
||||||
return response
|
return response
|
||||||
|
|
|
@ -49,6 +49,7 @@ from . import storage
|
||||||
from . import device
|
from . import device
|
||||||
from . import service_parameter
|
from . import service_parameter
|
||||||
from . import kubernetes
|
from . import kubernetes
|
||||||
|
from . import smapi
|
||||||
|
|
||||||
|
|
||||||
LOG = logging.getLogger(__name__)
|
LOG = logging.getLogger(__name__)
|
||||||
|
@ -103,6 +104,7 @@ class PuppetOperator(object):
|
||||||
self.ironic = ironic.IronicPuppet(self)
|
self.ironic = ironic.IronicPuppet(self)
|
||||||
self.kubernetes = kubernetes.KubernetesPuppet(self)
|
self.kubernetes = kubernetes.KubernetesPuppet(self)
|
||||||
self.service_parameter = service_parameter.ServiceParamPuppet(self)
|
self.service_parameter = service_parameter.ServiceParamPuppet(self)
|
||||||
|
self.smapi = smapi.SmPuppet(self)
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def context(self):
|
def context(self):
|
||||||
|
@ -143,6 +145,7 @@ class PuppetOperator(object):
|
||||||
config.update(self.ldap.get_static_config())
|
config.update(self.ldap.get_static_config())
|
||||||
config.update(self.dcmanager.get_static_config())
|
config.update(self.dcmanager.get_static_config())
|
||||||
config.update(self.dcorch.get_static_config())
|
config.update(self.dcorch.get_static_config())
|
||||||
|
config.update(self.smapi.get_static_config())
|
||||||
|
|
||||||
filename = 'static.yaml'
|
filename = 'static.yaml'
|
||||||
self._write_config(filename, config)
|
self._write_config(filename, config)
|
||||||
|
@ -186,6 +189,7 @@ class PuppetOperator(object):
|
||||||
config.update(self.panko.get_secure_static_config())
|
config.update(self.panko.get_secure_static_config())
|
||||||
config.update(self.dcmanager.get_secure_static_config())
|
config.update(self.dcmanager.get_secure_static_config())
|
||||||
config.update(self.dcorch.get_secure_static_config())
|
config.update(self.dcorch.get_secure_static_config())
|
||||||
|
config.update(self.smapi.get_secure_static_config())
|
||||||
|
|
||||||
filename = 'secure_static.yaml'
|
filename = 'secure_static.yaml'
|
||||||
self._write_config(filename, config)
|
self._write_config(filename, config)
|
||||||
|
@ -224,6 +228,7 @@ class PuppetOperator(object):
|
||||||
config.update(self.dcmanager.get_system_config())
|
config.update(self.dcmanager.get_system_config())
|
||||||
config.update(self.dcorch.get_system_config())
|
config.update(self.dcorch.get_system_config())
|
||||||
config.update(self.kubernetes.get_system_config())
|
config.update(self.kubernetes.get_system_config())
|
||||||
|
config.update(self.smapi.get_system_config())
|
||||||
# service_parameter must be last to permit overrides
|
# service_parameter must be last to permit overrides
|
||||||
config.update(self.service_parameter.get_system_config())
|
config.update(self.service_parameter.get_system_config())
|
||||||
|
|
||||||
|
@ -295,6 +300,7 @@ class PuppetOperator(object):
|
||||||
config.update(self.device.get_host_config(host))
|
config.update(self.device.get_host_config(host))
|
||||||
config.update(self.nova.get_host_config(host))
|
config.update(self.nova.get_host_config(host))
|
||||||
config.update(self.neutron.get_host_config(host))
|
config.update(self.neutron.get_host_config(host))
|
||||||
|
config.update(self.smapi.get_host_config(host))
|
||||||
# service_parameter must be last to permit overrides
|
# service_parameter must be last to permit overrides
|
||||||
config.update(self.service_parameter.get_host_config(host))
|
config.update(self.service_parameter.get_host_config(host))
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,71 @@
|
||||||
|
#
|
||||||
|
# Copyright (c) 2018 Wind River Systems, Inc.
|
||||||
|
#
|
||||||
|
# SPDX-License-Identifier: Apache-2.0
|
||||||
|
#
|
||||||
|
|
||||||
|
from . import openstack
|
||||||
|
|
||||||
|
|
||||||
|
class SmPuppet(openstack.OpenstackBasePuppet):
|
||||||
|
"""Class to encapsulate puppet operations for sm configuration"""
|
||||||
|
|
||||||
|
SERVICE_NAME = 'smapi'
|
||||||
|
SERVICE_PORT = 7777
|
||||||
|
|
||||||
|
def get_static_config(self):
|
||||||
|
config = {
|
||||||
|
'platform::smapi::params::auth_username': self.SERVICE_NAME,
|
||||||
|
}
|
||||||
|
return config
|
||||||
|
|
||||||
|
def get_secure_static_config(self):
|
||||||
|
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||||
|
|
||||||
|
config = {
|
||||||
|
'smapi::keystone::auth::password': kspass,
|
||||||
|
'smapi::keystone::authtoken::password': kspass,
|
||||||
|
'smapi::auth::auth_password': kspass,
|
||||||
|
'platform::smapi::params::keystone_password': kspass,
|
||||||
|
}
|
||||||
|
return config
|
||||||
|
|
||||||
|
def get_system_config(self):
|
||||||
|
ksuser = self._get_service_user_name(self.SERVICE_NAME)
|
||||||
|
kspass = self._get_service_password(self.SERVICE_NAME)
|
||||||
|
|
||||||
|
config = {
|
||||||
|
'smapi::keystone::authtoken::username': ksuser,
|
||||||
|
'smapi::keystone::authtoken::auth_url': self._keystone_identity_uri(),
|
||||||
|
'smapi::keystone::auth::auth_name': ksuser,
|
||||||
|
'smapi::keystone::auth::public_url': self.get_public_url(),
|
||||||
|
'smapi::keystone::auth::region': self._region_name(),
|
||||||
|
'smapi::keystone::auth::admin_url': self.get_admin_url(),
|
||||||
|
'smapi::keystone::auth::internal_url': self.get_internal_url(),
|
||||||
|
|
||||||
|
'platform::smapi::params::admin_url': self.get_admin_url(),
|
||||||
|
'platform::smapi::params::internal_url': self.get_internal_url(),
|
||||||
|
'platform::smapi::params::keystone_auth_url': self._keystone_identity_uri(),
|
||||||
|
'platform::smapi::params::keystone_username': ksuser,
|
||||||
|
'platform::smapi::params::public_url': self.get_public_url(),
|
||||||
|
'platform::smapi::params::port': self.SERVICE_PORT,
|
||||||
|
'platform::smapi::params::region': self._region_name(),
|
||||||
|
}
|
||||||
|
|
||||||
|
return config
|
||||||
|
|
||||||
|
def get_host_config(self, host):
|
||||||
|
config = {
|
||||||
|
'platform::smapi::params::bind_ip': host.hostname,
|
||||||
|
}
|
||||||
|
|
||||||
|
return config
|
||||||
|
|
||||||
|
def get_public_url(self):
|
||||||
|
return self._format_public_endpoint(self.SERVICE_PORT)
|
||||||
|
|
||||||
|
def get_internal_url(self):
|
||||||
|
return self._format_private_endpoint(self.SERVICE_PORT)
|
||||||
|
|
||||||
|
def get_admin_url(self):
|
||||||
|
return self._format_private_endpoint(self.SERVICE_PORT)
|
Loading…
Reference in New Issue