Containerization, support 2 keystones in sysinv
Support bare metal and pod based keystone in sysinv. The existing keystone_authtoken section of sysinv.conf remains and is used for platform service authentication, while openstack service authentication parameters are moved to a new openstack_keystone_authtoken section. Admin credentials are used in the new openstack_keystone_authtoken section and the region name parameters are also moved to this new section. Change-Id: I7a53dd5a2dc52213e0f1e0cc748649a33f0f9f40 Story: 2002876 Task: 26926 Signed-off-by: Kevin Smith <kevin.smith@windriver.com>
This commit is contained in:
parent
a275d8171a
commit
3a91cbae4d
|
@ -22,12 +22,13 @@
|
|||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*keystone_password*]
|
||||
# The password to use for authentication (keystone)
|
||||
#
|
||||
# [*keystone_enabled*]
|
||||
# (optional) Use keystone for authentification
|
||||
# Defaults to true
|
||||
# Applies to both bare metal and pod based keystones
|
||||
#
|
||||
# [*keystone_password*]
|
||||
# The password to use for authentication (keystone)
|
||||
#
|
||||
# [*keystone_tenant*]
|
||||
# (optional) The tenant of the auth user
|
||||
|
@ -88,6 +89,58 @@
|
|||
# (optional) The state of the service
|
||||
# Defaults to true
|
||||
#
|
||||
# [*openstack_keystone_tenant*]
|
||||
# (optional) The tenant of the auth user
|
||||
# Defaults to admin
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_keystone_user*]
|
||||
# (optional) The name of the auth user
|
||||
# Defaults to admin
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_keyring_service*]
|
||||
# (optional) The keyring service from which to retrieve the password
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_keystone_auth_host*]
|
||||
# (optional) The keystone host
|
||||
# Defaults to localhost
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_keystone_auth_port*]
|
||||
# (optional) The keystone auth port
|
||||
# Defaults to 5000
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_keystone_auth_protocol*]
|
||||
# (optional) The protocol used to access the auth host
|
||||
# Defaults to http.
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_keystone_auth_admin_prefix*]
|
||||
# (optional) The admin_prefix used to admin endpoint of the auth host
|
||||
# This allow admin auth URIs like http://auth_host:5000/keystone.
|
||||
# (where '/keystone' is the admin prefix)
|
||||
# Defaults to false for empty. If defined, should be a string with a
|
||||
# leading '/' and no trailing '/'.
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_keystone_user_domain*]
|
||||
# (Optional) domain name for auth user.
|
||||
# Defaults to 'Default'.
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_keystone_project_domain*]
|
||||
# (Optional) domain name for auth project.
|
||||
# Defaults to 'Default'.
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
# [*openstack_auth_type*]
|
||||
# (Optional) Authentication type to load.
|
||||
# Defaults to 'password'.
|
||||
# For pod based keystone for authentication with openstack services
|
||||
#
|
||||
class sysinv::api (
|
||||
$keystone_password,
|
||||
$keystone_enabled = true,
|
||||
|
@ -103,6 +156,19 @@ class sysinv::api (
|
|||
$keystone_user_domain = 'Default',
|
||||
$keystone_project_domain = 'Default',
|
||||
$auth_type = 'password',
|
||||
$openstack_keystone_tenant = 'admin',
|
||||
$openstack_keystone_user = 'admin',
|
||||
$openstack_keyring_service = undef,
|
||||
$openstack_keystone_auth_host = 'localhost',
|
||||
$openstack_keystone_auth_port = '5000',
|
||||
$openstack_keystone_auth_protocol = 'http',
|
||||
$openstack_keystone_auth_admin_prefix = false,
|
||||
$openstack_keystone_auth_uri = false,
|
||||
$openstack_keystone_auth_version = false,
|
||||
$openstack_keystone_identity_uri = false,
|
||||
$openstack_keystone_user_domain = 'Default',
|
||||
$openstack_keystone_project_domain = 'Default',
|
||||
$openstack_auth_type = 'password',
|
||||
$service_port = '5000',
|
||||
$package_ensure = 'latest',
|
||||
$bind_host = '0.0.0.0',
|
||||
|
@ -145,6 +211,12 @@ class sysinv::api (
|
|||
sysinv_api_paste_ini { 'filter:authtoken/auth_url': value => "${keystone_auth_protocol}://${keystone_auth_host}:5000/"; }
|
||||
}
|
||||
|
||||
if $openstack_keystone_identity_uri {
|
||||
sysinv_config { 'openstack_keystone_authtoken/auth_url': value => $openstack_keystone_identity_uri; }
|
||||
} else {
|
||||
sysinv_config { 'openstack_keystone_authtoken/auth_url': value => "${openstack_keystone_auth_protocol}://${openstack_keystone_auth_host}:5000/"; }
|
||||
}
|
||||
|
||||
if $keystone_auth_uri {
|
||||
sysinv_config { 'keystone_authtoken/auth_uri': value => $keystone_auth_uri; }
|
||||
sysinv_api_paste_ini { 'filter:authtoken/auth_uri': value => $keystone_auth_uri; }
|
||||
|
@ -157,6 +229,14 @@ class sysinv::api (
|
|||
}
|
||||
}
|
||||
|
||||
if $openstack_keystone_auth_uri {
|
||||
sysinv_config { 'openstack_keystone_authtoken/auth_uri': value => $openstack_keystone_auth_uri; }
|
||||
} else {
|
||||
sysinv_config {
|
||||
'openstack_keystone_authtoken/auth_uri': value => "${openstack_keystone_auth_protocol}://${openstack_keystone_auth_host}:5000/";
|
||||
}
|
||||
}
|
||||
|
||||
if $keystone_auth_version {
|
||||
sysinv_config { 'keystone_authtoken/auth_version': value => $keystone_auth_version; }
|
||||
sysinv_api_paste_ini { 'filter:authtoken/auth_version': value => $keystone_auth_version; }
|
||||
|
@ -165,6 +245,12 @@ class sysinv::api (
|
|||
sysinv_api_paste_ini { 'filter:authtoken/auth_version': ensure => absent; }
|
||||
}
|
||||
|
||||
if $openstack_keystone_auth_version {
|
||||
sysinv_config { 'openstack_keystone_authtoken/auth_version': value => $openstack_keystone_auth_version; }
|
||||
} else {
|
||||
sysinv_config { 'openstack_keystone_authtoken/auth_version': ensure => absent; }
|
||||
}
|
||||
|
||||
if $keystone_enabled {
|
||||
sysinv_config {
|
||||
'DEFAULT/auth_strategy': value => 'keystone' ;
|
||||
|
@ -177,6 +263,14 @@ class sysinv::api (
|
|||
'keystone_authtoken/user_domain_name': value => $keystone_user_domain;
|
||||
'keystone_authtoken/project_domain_name': value => $keystone_project_domain;
|
||||
}
|
||||
sysinv_config {
|
||||
'openstack_keystone_authtoken/auth_type': value => $openstack_auth_type;
|
||||
'openstack_keystone_authtoken/project_name': value => $openstack_keystone_tenant;
|
||||
'openstack_keystone_authtoken/username': value => $openstack_keystone_user;
|
||||
'openstack_keystone_authtoken/user_domain_name': value => $openstack_keystone_user_domain;
|
||||
'openstack_keystone_authtoken/project_domain_name': value => $openstack_keystone_project_domain;
|
||||
'openstack_keystone_authtoken/keyring_service': value => $openstack_keyring_service;
|
||||
}
|
||||
|
||||
sysinv_api_paste_ini {
|
||||
'filter:authtoken/project_name': value => $keystone_tenant;
|
||||
|
@ -202,6 +296,18 @@ class sysinv::api (
|
|||
'filter:authtoken/auth_admin_prefix': ensure => absent;
|
||||
}
|
||||
}
|
||||
|
||||
if $openstack_keystone_auth_admin_prefix {
|
||||
validate_re($openstack_keystone_auth_admin_prefix, '^(/.+[^/])?$')
|
||||
sysinv_config {
|
||||
'openstack_keystone_authtoken/auth_admin_prefix': value => $openstack_keystone_auth_admin_prefix;
|
||||
}
|
||||
} else {
|
||||
sysinv_config {
|
||||
'openstack_keystone_authtoken/auth_admin_prefix': ensure => absent;
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
|
@ -195,10 +195,11 @@ class sysinv (
|
|||
|
||||
sysinv_config {
|
||||
'keystone_authtoken/region_name': value => $region_name;
|
||||
'keystone_authtoken/neutron_region_name': value => $neutron_region_name;
|
||||
'keystone_authtoken/cinder_region_name': value => $cinder_region_name;
|
||||
'keystone_authtoken/nova_region_name': value => $nova_region_name;
|
||||
'keystone_authtoken/magnum_region_name': value => $magnum_region_name;
|
||||
'openstack_keystone_authtoken/region_name': value => $region_name;
|
||||
'openstack_keystone_authtoken/neutron_region_name': value => $neutron_region_name;
|
||||
'openstack_keystone_authtoken/cinder_region_name': value => $cinder_region_name;
|
||||
'openstack_keystone_authtoken/nova_region_name': value => $nova_region_name;
|
||||
'openstack_keystone_authtoken/magnum_region_name': value => $magnum_region_name;
|
||||
}
|
||||
|
||||
sysinv_config {
|
||||
|
|
|
@ -11,6 +11,7 @@
|
|||
|
||||
""" System Inventory Openstack Utilities and helper functions."""
|
||||
|
||||
import keyring
|
||||
from cinderclient.v2 import client as cinder_client_v2
|
||||
from sysinv.common import constants
|
||||
from sysinv.common import exception
|
||||
|
@ -23,7 +24,6 @@ from neutronclient.v2_0 import client as neutron_client_v2_0
|
|||
from oslo_config import cfg
|
||||
from keystoneclient.v3 import client as keystone_client
|
||||
from keystoneclient.auth.identity import v3
|
||||
from keystoneclient import exceptions as identity_exc
|
||||
from keystoneclient import session
|
||||
from sqlalchemy.orm import exc
|
||||
from magnumclient.v1 import client as magnum_client_v1
|
||||
|
@ -60,18 +60,6 @@ keystone_opts = [
|
|||
cfg.StrOpt('region_name',
|
||||
default='RegionOne',
|
||||
help=_("Region Name")),
|
||||
cfg.StrOpt('neutron_region_name',
|
||||
default='RegionOne',
|
||||
help=_("Neutron Region Name")),
|
||||
cfg.StrOpt('cinder_region_name',
|
||||
default='RegionOne',
|
||||
help=_("Cinder Region Name")),
|
||||
cfg.StrOpt('nova_region_name',
|
||||
default='RegionOne',
|
||||
help=_("Nova Region Name")),
|
||||
cfg.StrOpt('magnum_region_name',
|
||||
default='RegionOne',
|
||||
help=_("Magnum Region Name")),
|
||||
cfg.StrOpt('username',
|
||||
default='sysinv',
|
||||
help=_("Sysinv keystone user name")),
|
||||
|
@ -89,8 +77,52 @@ keystone_opts = [
|
|||
help=_("Sysinv keystone user project domain name"))
|
||||
]
|
||||
|
||||
|
||||
openstack_keystone_opts = [
|
||||
cfg.StrOpt('keyring_service',
|
||||
default='CGCS',
|
||||
help=_("Keyring service")),
|
||||
cfg.StrOpt('auth_uri',
|
||||
default='http://192.168.204.2:5000/',
|
||||
help=_("Authentication URI")),
|
||||
cfg.StrOpt('auth_url',
|
||||
default='http://127.0.0.1:5000/',
|
||||
help=_("Admin Authentication URI")),
|
||||
cfg.StrOpt('region_name',
|
||||
default='RegionOne',
|
||||
help=_("Region Name")),
|
||||
cfg.StrOpt('username',
|
||||
default='admin',
|
||||
help=_("keystone user name")),
|
||||
cfg.StrOpt('neutron_region_name',
|
||||
default='RegionOne',
|
||||
help=_("Neutron Region Name")),
|
||||
cfg.StrOpt('cinder_region_name',
|
||||
default='RegionOne',
|
||||
help=_("Cinder Region Name")),
|
||||
cfg.StrOpt('nova_region_name',
|
||||
default='RegionOne',
|
||||
help=_("Nova Region Name")),
|
||||
cfg.StrOpt('magnum_region_name',
|
||||
default='RegionOne',
|
||||
help=_("Magnum Region Name")),
|
||||
cfg.StrOpt('project_name',
|
||||
default='admin',
|
||||
help=_("keystone user project name")),
|
||||
cfg.StrOpt('user_domain_name',
|
||||
default='Default',
|
||||
help=_("keystone user domain name")),
|
||||
cfg.StrOpt('project_domain_name',
|
||||
default='Default',
|
||||
help=_("keystone user project domain name"))
|
||||
]
|
||||
|
||||
# Register the configuration options
|
||||
cfg.CONF.register_opts(keystone_opts, "KEYSTONE_AUTHTOKEN")
|
||||
PLATFORM_CONFIG = 'KEYSTONE_AUTHTOKEN'
|
||||
OPENSTACK_CONFIG = 'OPENSTACK_KEYSTONE_AUTHTOKEN'
|
||||
|
||||
cfg.CONF.register_opts(keystone_opts, PLATFORM_CONFIG)
|
||||
cfg.CONF.register_opts(openstack_keystone_opts, OPENSTACK_CONFIG)
|
||||
|
||||
|
||||
class OpenStackOperator(object):
|
||||
|
@ -105,7 +137,19 @@ class OpenStackOperator(object):
|
|||
self.nova_client = None
|
||||
self.neutron_client = None
|
||||
self._neutron_extension_list = []
|
||||
self.auth_url = cfg.CONF.KEYSTONE_AUTHTOKEN.auth_url + "/v3"
|
||||
self._auth_url = cfg.CONF[PLATFORM_CONFIG].auth_url + "/v3"
|
||||
self._openstack_auth_url = cfg.CONF[OPENSTACK_CONFIG].auth_url + "/v3"
|
||||
|
||||
def _get_auth_url(self, service_config):
|
||||
if service_config == PLATFORM_CONFIG:
|
||||
return self._auth_url
|
||||
elif service_config == OPENSTACK_CONFIG:
|
||||
return self._openstack_auth_url
|
||||
else:
|
||||
LOG.error("Unrecognized keystone service configuration. "
|
||||
"service_config=%s" % (service_config))
|
||||
raise exception.InvalidParameterValue(
|
||||
_("Unrecognized keystone service_config."))
|
||||
|
||||
#################
|
||||
# NEUTRON
|
||||
|
@ -116,10 +160,10 @@ class OpenStackOperator(object):
|
|||
# neutronclient doesn't yet support v3 keystone auth
|
||||
# use keystoneauth.session
|
||||
self.neutron_client = neutron_client_v2_0.Client(
|
||||
session=self._get_keystone_session(),
|
||||
auth_url=self.auth_url,
|
||||
session=self._get_keystone_session(OPENSTACK_CONFIG),
|
||||
auth_url=self._get_auth_url(OPENSTACK_CONFIG),
|
||||
endpoint_type='internalURL',
|
||||
region_name=cfg.CONF.KEYSTONE_AUTHTOKEN.neutron_region_name)
|
||||
region_name=cfg.CONF[OPENSTACK_CONFIG].neutron_region_name)
|
||||
return self.neutron_client
|
||||
|
||||
def get_providernetworksdict(self, pn_names=None, quiet=False):
|
||||
|
@ -243,11 +287,11 @@ class OpenStackOperator(object):
|
|||
# novaclient doesn't yet support v3 keystone auth
|
||||
# use keystoneauth.session
|
||||
self.nova_client = nova_client_v2.Client(
|
||||
session=self._get_keystone_session(),
|
||||
auth_url=self.auth_url,
|
||||
session=self._get_keystone_session(OPENSTACK_CONFIG),
|
||||
auth_url=self._get_auth_url(OPENSTACK_CONFIG),
|
||||
endpoint_type='internalURL',
|
||||
direct_use=False,
|
||||
region_name=cfg.CONF.KEYSTONE_AUTHTOKEN.nova_region_name)
|
||||
region_name=cfg.CONF[OPENSTACK_CONFIG].nova_region_name)
|
||||
return self.nova_client
|
||||
|
||||
def try_interface_get_by_host(self, host_uuid):
|
||||
|
@ -639,49 +683,49 @@ class OpenStackOperator(object):
|
|||
#################
|
||||
# Keystone
|
||||
#################
|
||||
def _get_keystone_session(self):
|
||||
def _get_keystone_session(self, service_config):
|
||||
if not self.keystone_session:
|
||||
auth = v3.Password(auth_url=self.auth_url,
|
||||
username=cfg.CONF.KEYSTONE_AUTHTOKEN.username,
|
||||
password=cfg.CONF.KEYSTONE_AUTHTOKEN.password,
|
||||
user_domain_name=cfg.CONF.KEYSTONE_AUTHTOKEN.
|
||||
if service_config == OPENSTACK_CONFIG:
|
||||
password = keyring.get_password(cfg.CONF[OPENSTACK_CONFIG].
|
||||
keyring_service,
|
||||
cfg.CONF[OPENSTACK_CONFIG].
|
||||
username)
|
||||
else:
|
||||
password = cfg.CONF[service_config].password
|
||||
|
||||
auth = v3.Password(auth_url=self._get_auth_url(service_config),
|
||||
username=cfg.CONF[service_config].username,
|
||||
password=password,
|
||||
user_domain_name=cfg.CONF[service_config].
|
||||
user_domain_name,
|
||||
project_name=cfg.CONF.KEYSTONE_AUTHTOKEN.
|
||||
project_name=cfg.CONF[service_config].
|
||||
project_name,
|
||||
project_domain_name=cfg.CONF.KEYSTONE_AUTHTOKEN.
|
||||
project_domain_name=cfg.CONF[service_config].
|
||||
project_domain_name)
|
||||
self.keystone_session = session.Session(auth=auth)
|
||||
return self.keystone_session
|
||||
|
||||
def _get_keystoneclient(self):
|
||||
def _get_keystoneclient(self, service_config):
|
||||
if service_config == OPENSTACK_CONFIG:
|
||||
password = keyring.get_password(cfg.CONF[OPENSTACK_CONFIG].
|
||||
keyring_service,
|
||||
cfg.CONF[OPENSTACK_CONFIG].
|
||||
username)
|
||||
else:
|
||||
password = cfg.CONF[service_config].password
|
||||
|
||||
if not self.keystone_client: # should not cache this forever
|
||||
self.keystone_client = keystone_client.Client(
|
||||
username=cfg.CONF.KEYSTONE_AUTHTOKEN.username,
|
||||
user_domain_name=cfg.CONF.KEYSTONE_AUTHTOKEN.user_domain_name,
|
||||
project_name=cfg.CONF.KEYSTONE_AUTHTOKEN.project_name,
|
||||
project_domain_name=cfg.CONF.KEYSTONE_AUTHTOKEN
|
||||
username=cfg.CONF[service_config].username,
|
||||
user_domain_name=cfg.CONF[service_config].user_domain_name,
|
||||
project_name=cfg.CONF[service_config].project_name,
|
||||
project_domain_name=cfg.CONF[service_config]
|
||||
.project_domain_name,
|
||||
password=cfg.CONF.KEYSTONE_AUTHTOKEN.password,
|
||||
auth_url=self.auth_url,
|
||||
region_name=cfg.CONF.KEYSTONE_AUTHTOKEN.region_name)
|
||||
password=password,
|
||||
auth_url=self._get_auth_url(service_config),
|
||||
region_name=cfg.CONF[service_config].region_name)
|
||||
return self.keystone_client
|
||||
|
||||
def _get_identity_id(self):
|
||||
try:
|
||||
LOG.debug("Search service id for : (%s)" %
|
||||
constants.SERVICE_TYPE_IDENTITY)
|
||||
service = self._get_keystoneclient().services.find(
|
||||
type=constants.SERVICE_TYPE_IDENTITY)
|
||||
except identity_exc.NotFound:
|
||||
LOG.error("Could not find service id for (%s)" %
|
||||
constants.SERVICE_TYPE_IDENTITY)
|
||||
return None
|
||||
except identity_exc.NoUniqueMatch:
|
||||
LOG.error("Multiple service matches found for (%s)" %
|
||||
constants.SERVICE_TYPE_IDENTITY)
|
||||
return None
|
||||
return service.id
|
||||
|
||||
#################
|
||||
# Cinder
|
||||
#################
|
||||
|
@ -692,10 +736,10 @@ class OpenStackOperator(object):
|
|||
region1_name = get_region_name('region_1_name')
|
||||
if region1_name is None:
|
||||
region1_name = 'RegionOne'
|
||||
service_list = self._get_keystoneclient().services.list()
|
||||
service_list = self._get_keystoneclient(OPENSTACK_CONFIG).services.list()
|
||||
for s in service_list:
|
||||
if s.name.find(constants.SERVICE_TYPE_CINDER) != -1:
|
||||
endpoint_list += self._get_keystoneclient().endpoints.list(
|
||||
endpoint_list += self._get_keystoneclient(OPENSTACK_CONFIG).endpoints.list(
|
||||
service=s, region=region1_name)
|
||||
except Exception:
|
||||
LOG.error("Failed to get keystone endpoints for cinder.")
|
||||
|
@ -704,10 +748,10 @@ class OpenStackOperator(object):
|
|||
def _get_cinderclient(self):
|
||||
if not self.cinder_client:
|
||||
self.cinder_client = cinder_client_v2.Client(
|
||||
session=self._get_keystone_session(),
|
||||
auth_url=self.auth_url,
|
||||
session=self._get_keystone_session(OPENSTACK_CONFIG),
|
||||
auth_url=self._get_auth_url(OPENSTACK_CONFIG),
|
||||
endpoint_type='internalURL',
|
||||
region_name=cfg.CONF.KEYSTONE_AUTHTOKEN.cinder_region_name)
|
||||
region_name=cfg.CONF[OPENSTACK_CONFIG].cinder_region_name)
|
||||
|
||||
return self.cinder_client
|
||||
|
||||
|
@ -817,7 +861,7 @@ class OpenStackOperator(object):
|
|||
region1_name = get_region_name('region_1_name')
|
||||
if region1_name is None:
|
||||
region1_name = 'RegionOne'
|
||||
auth_ref = self._get_keystoneclient().auth_ref
|
||||
auth_ref = self._get_keystoneclient(PLATFORM_CONFIG).auth_ref
|
||||
if auth_ref is None:
|
||||
raise exception.SysinvException(_("Unable to get auth ref "
|
||||
"from keystone client"))
|
||||
|
@ -830,7 +874,7 @@ class OpenStackOperator(object):
|
|||
version = 1
|
||||
return cgts_client.Client(version=version,
|
||||
endpoint=endpoint['url'],
|
||||
auth_url=self.auth_url,
|
||||
auth_url=self._get_auth_url(PLATFORM_CONFIG),
|
||||
token=auth_token['id'])
|
||||
|
||||
def get_ceph_mon_info(self):
|
||||
|
@ -879,11 +923,11 @@ class OpenStackOperator(object):
|
|||
# because neutron and nova client doesn't
|
||||
# and I shamelessly copied them
|
||||
self.magnum_client = magnum_client_v1.Client(
|
||||
session=self._get_keystone_session(),
|
||||
auth_url=self.auth_url,
|
||||
session=self._get_keystone_session(OPENSTACK_CONFIG),
|
||||
auth_url=self._get_auth_url(OPENSTACK_CONFIG),
|
||||
endpoint_type='internalURL',
|
||||
direct_use=False,
|
||||
region_name=cfg.CONF.KEYSTONE_AUTHTOKEN.magnum_region_name)
|
||||
region_name=cfg.CONF[OPENSTACK_CONFIG].magnum_region_name)
|
||||
return self.magnum_client
|
||||
|
||||
def get_magnum_cluster_count(self):
|
||||
|
|
|
@ -16,6 +16,8 @@ class SystemInventoryPuppet(openstack.OpenstackBasePuppet):
|
|||
SERVICE_PORT = 6385
|
||||
SERVICE_PATH = 'v1'
|
||||
|
||||
OPENSTACK_KEYRING_SERVICE = 'CGCS'
|
||||
|
||||
def get_static_config(self):
|
||||
dbuser = self._get_database_username(self.SERVICE_NAME)
|
||||
|
||||
|
@ -79,6 +81,21 @@ class SystemInventoryPuppet(openstack.OpenstackBasePuppet):
|
|||
'openstack::sysinv::params::region_name': self.get_region_name(),
|
||||
'platform::sysinv::params::service_create':
|
||||
self._to_create_services(),
|
||||
|
||||
'sysinv::api::openstack_keystone_auth_uri':
|
||||
self._keystone_auth_uri(),
|
||||
'sysinv::api::openstack_keystone_identity_uri':
|
||||
self._keystone_identity_uri(),
|
||||
'sysinv::api::openstack_keystone_user_domain':
|
||||
self._operator.keystone.get_admin_user_domain(),
|
||||
'sysinv::api::openstack_keystone_project_domain':
|
||||
self._operator.keystone.get_admin_project_domain(),
|
||||
'sysinv::api::openstack_keystone_user':
|
||||
self._operator.keystone.get_admin_user_name(),
|
||||
'sysinv::api::openstack_keystone_tenant':
|
||||
self._operator.keystone.get_admin_project_name(),
|
||||
'sysinv::api::openstack_keyring_service':
|
||||
self.OPENSTACK_KEYRING_SERVICE
|
||||
}
|
||||
|
||||
def get_secure_system_config(self):
|
||||
|
|
Loading…
Reference in New Issue