Create tenant/user and grant admin role for metering.
Create tenant/user and grant admin role for metering. Change-Id: Ia1803d7b7b34bf48fd1282785967ac82a571a8a9 Closes-Bug: #1288047
This commit is contained in:
ericzhou
parent
bad82e472a
commit
e3db2693b5
|
|
@ -42,7 +42,7 @@ common
|
|||
|
||||
identity_registration
|
||||
----
|
||||
- Registers the endpoints with Keystone.
|
||||
- Registers the endpoints, tenant and user for metering service with Keystone.
|
||||
|
||||
Attributes
|
||||
==========
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ default['openstack']['metering']['group'] = 'ceilometer'
|
|||
default['openstack']['metering']['region'] = node['openstack']['region']
|
||||
default['openstack']['metering']['service_user'] = 'ceilometer'
|
||||
default['openstack']['metering']['service_tenant_name'] = 'service'
|
||||
default['openstack']['metering']['service_role'] = 'admin'
|
||||
|
||||
case platform
|
||||
when 'suse' # :pragma-foodcritic: ~FC024 - won't fix this
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ recipe 'openstack-metering::api', 'Installs API service.'
|
|||
recipe 'openstack-metering::client', 'Installs client.'
|
||||
recipe 'openstack-metering::collector', 'Installs nova network service.'
|
||||
recipe 'openstack-metering::common', 'Common metering configuration.'
|
||||
recipe 'openstack-metering::identity_registration', 'Registers the endpoints with Keystone'
|
||||
recipe 'openstack-metering::identity_registration', 'Registers the endpoints, tenant and user for metering service with Keystone'
|
||||
|
||||
%w{ ubuntu suse }.each do |os|
|
||||
supports os
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ db_pass = get_password 'db', 'ceilometer'
|
|||
db_uri = db_uri('metering', db_user, db_pass).to_s
|
||||
|
||||
service_user = node['openstack']['metering']['service_user']
|
||||
service_pass = get_password 'service', 'openstack-compute'
|
||||
service_pass = get_password 'service', 'openstack-ceilometer'
|
||||
service_tenant = node['openstack']['metering']['service_tenant_name']
|
||||
|
||||
identity_endpoint = endpoint 'identity-api'
|
||||
|
|
|
|||
|
|
@ -28,6 +28,42 @@ api_endpoint = endpoint 'metering-api'
|
|||
identity_admin_endpoint = endpoint 'identity-admin'
|
||||
bootstrap_token = secret 'secrets', 'openstack_identity_bootstrap_token'
|
||||
auth_uri = ::URI.decode identity_admin_endpoint.to_s
|
||||
service_pass = get_password 'service', 'openstack-ceilometer'
|
||||
service_user = node['openstack']['metering']['service_user']
|
||||
service_role = node['openstack']['metering']['service_role']
|
||||
service_tenant_name = node['openstack']['metering']['service_tenant_name']
|
||||
|
||||
# Register Service Tenant
|
||||
openstack_identity_register 'Register Service Tenant' do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
tenant_name service_tenant_name
|
||||
tenant_description 'Service Tenant'
|
||||
|
||||
action :create_tenant
|
||||
end
|
||||
|
||||
# Register Service User
|
||||
openstack_identity_register 'Register Service User' do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
tenant_name service_tenant_name
|
||||
user_name service_user
|
||||
user_pass service_pass
|
||||
|
||||
action :create_user
|
||||
end
|
||||
|
||||
# Grant Admin role to Service User for Service Tenant
|
||||
openstack_identity_register "Grant 'admin' Role to Service User for Service Tenant" do
|
||||
auth_uri auth_uri
|
||||
bootstrap_token bootstrap_token
|
||||
tenant_name service_tenant_name
|
||||
user_name service_user
|
||||
role_name service_role
|
||||
|
||||
action :grant_role
|
||||
end
|
||||
|
||||
openstack_identity_register 'Register Metering Service' do
|
||||
auth_uri auth_uri
|
||||
|
|
|
|||
|
|
@ -8,36 +8,64 @@ describe 'openstack-metering::identity_registration' do
|
|||
@chef_run.converge 'openstack-metering::identity_registration'
|
||||
end
|
||||
|
||||
it 'registers metering service' do
|
||||
resource = @chef_run.find_resource(
|
||||
'openstack-identity_register',
|
||||
'Register Metering Service'
|
||||
).to_hash
|
||||
it 'registers service tenant' do
|
||||
expect(@chef_run).to create_tenant_openstack_identity_register(
|
||||
'Register Service Tenant'
|
||||
).with(
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
tenant_name: 'service',
|
||||
tenant_description: 'Service Tenant'
|
||||
)
|
||||
end
|
||||
|
||||
expect(resource).to include(
|
||||
it 'registers service user' do
|
||||
expect(@chef_run).to create_user_openstack_identity_register(
|
||||
'Register Service User'
|
||||
).with(
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
tenant_name: 'service',
|
||||
user_name: 'ceilometer',
|
||||
user_pass: 'ceilometer-pass'
|
||||
)
|
||||
end
|
||||
|
||||
it 'grants admin role to service user for service tenant' do
|
||||
expect(@chef_run).to grant_role_openstack_identity_register(
|
||||
"Grant 'admin' Role to Service User for Service Tenant"
|
||||
).with(
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
tenant_name: 'service',
|
||||
user_name: 'ceilometer',
|
||||
role_name: 'admin',
|
||||
action: [:grant_role]
|
||||
)
|
||||
end
|
||||
|
||||
it 'registers metering service' do
|
||||
expect(@chef_run).to create_service_openstack_identity_register(
|
||||
'Register Metering Service'
|
||||
).with(
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
service_name: 'ceilometer',
|
||||
service_type: 'metering',
|
||||
action: [:create_service]
|
||||
service_type: 'metering'
|
||||
)
|
||||
end
|
||||
|
||||
it 'registers metering endpoint' do
|
||||
resource = @chef_run.find_resource(
|
||||
'openstack-identity_register',
|
||||
expect(@chef_run).to create_endpoint_openstack_identity_register(
|
||||
'Register Metering Endpoint'
|
||||
).to_hash
|
||||
|
||||
expect(resource).to include(
|
||||
).with(
|
||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||
bootstrap_token: 'bootstrap-token',
|
||||
service_type: 'metering',
|
||||
endpoint_region: 'RegionOne',
|
||||
endpoint_adminurl: 'http://127.0.0.1:8777',
|
||||
endpoint_internalurl: 'http://127.0.0.1:8777',
|
||||
endpoint_publicurl: 'http://127.0.0.1:8777',
|
||||
action: [:create_endpoint]
|
||||
endpoint_publicurl: 'http://127.0.0.1:8777'
|
||||
)
|
||||
end
|
||||
|
||||
|
|
@ -47,14 +75,10 @@ describe 'openstack-metering::identity_registration' do
|
|||
end
|
||||
@chef_run.converge 'openstack-metering::identity_registration'
|
||||
|
||||
resource = @chef_run.find_resource(
|
||||
'openstack-identity_register',
|
||||
expect(@chef_run).to create_endpoint_openstack_identity_register(
|
||||
'Register Metering Endpoint'
|
||||
).to_hash
|
||||
|
||||
expect(resource).to include(
|
||||
endpoint_region: 'meteringRegion',
|
||||
action: [:create_endpoint]
|
||||
).with(
|
||||
endpoint_region: 'meteringRegion'
|
||||
)
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -27,8 +27,8 @@ def metering_stubs # rubocop:disable MethodLength
|
|||
.with('db', anything)
|
||||
.and_return('')
|
||||
::Chef::Recipe.any_instance.stub(:get_password)
|
||||
.with('service', anything)
|
||||
.and_return('')
|
||||
.with('service', 'openstack-ceilometer')
|
||||
.and_return('ceilometer-pass')
|
||||
::Chef::Recipe.any_instance.stub(:get_password)
|
||||
.with('user', 'guest')
|
||||
.and_return('rabbit-pass')
|
||||
|
|
|
|||
Loading…
Reference in New Issue