move generation of passwords and ssh keys to master node

Change-Id: If22761b75ed18fb95af6f43c54a7a1d50e8c109a
2016-08-16 16:49:01 +03:00 · 2016-08-16 16:49:01 +03:00 · 9c28d305c7
parent f6e7db8f0c
commit 9c28d305c7
10 changed files with 119 additions and 52 deletions
--- a/deployment_scripts/puppet/manifests/image_upload.pp
+++ b/deployment_scripts/puppet/manifests/image_upload.pp
@ -0,0 +1,13 @@
+notify {'MODULAR: fuel-plugin-manila/image_upload': }
+
+$manila = hiera_hash('fuel-plugin-manila', {})
+$image  = $manila['fuel-plugin-manila_image']
+
+$master_ip = hiera('master_ip')
+$src_image = "http://${master_ip}:8080/plugins/fuel-plugin-manila-1.0/repositories/ubuntu/${image}"
+
+
+class {'::manila_auxiliary::image':
+  src_image => $src_image,
+  image     => $image,
+}
--- a/deployment_scripts/puppet/manifests/install.pp
+++ b/deployment_scripts/puppet/manifests/install.pp
@ -1,10 +1,5 @@
 notify {'MODULAR: fuel-plugin-manila/install': }

-$manila = hiera_hash('fuel-plugin-manila', {})
-$image  = $manila['fuel-plugin-manila_image']
-
-$master_ip = hiera('master_ip')
-$src_image = "http://${master_ip}:8080/plugins/fuel-plugin-manila-1.0/repositories/ubuntu/${image}"
 $inits = {
  'manila-api' => {
    desc => 'manila-api init',
@ -45,14 +40,4 @@ class {'::manila_auxiliary::fs': }

 create_resources('::manila_auxiliary::initd', $inits)

-class {'::manila_auxiliary::image':
-  src_image => $src_image,
-  image     => $image,
-}
-
-class {'::manila_auxiliary::ssh_keygen':
-  name => '/root/.ssh/id_rsa',
-  user => 'root',
-}
-
 Package['python-pip']->Package['pycrypto']->Package['python-manila']->Package['python-manilaclient']->Package['python-manila-ui']
--- a/deployment_scripts/puppet/manifests/master.pp
+++ b/deployment_scripts/puppet/manifests/master.pp
@ -0,0 +1,6 @@
+notify {'MODULAR: fuel-plugin-manila/master': }
+
+file {'/tmp/manila_master':
+  ensure  => file,
+  content => 'I am the file',
+}
--- a/deployment_scripts/puppet/manifests/master2.pp
+++ b/deployment_scripts/puppet/manifests/master2.pp
@ -0,0 +1,6 @@
+notify {'MODULAR: fuel-plugin-manila/master2': }
+
+file {'/tmp/manila_master2':
+  ensure  => file,
+  content => 'I am the file2',
+}
--- a/deployment_scripts/puppet/manifests/site.pp
+++ b/deployment_scripts/puppet/manifests/site.pp
@ -57,11 +57,12 @@ $backends = {'generic' =>
    'service_instance_user'        => 'manila',
    'service_instance_password'    => 'manila',
    'service_image_name'           => $image,
-    'path_to_private_key'          => '/root/.ssh/id_rsa',
-    'path_to_public_key'           => '/root/.ssh/id_rsa.pub',
+    'path_to_private_key'          => '/var/lib/astute/manila/manila',
+    'path_to_public_key'           => '/var/lib/astute/manila/manila.pub',
  }
 }

+
 class {'::manila_auxiliary':
  sql_connection      => $sql_conn,
  shared_backends     => 'generic', #should be array of backends
@ -81,7 +82,6 @@ class {'::manila_auxiliary':
  debug               => $debug,
 }->

-create_resources('::manila_auxiliary::backend::generic', $backends)

 class {'::manila_auxiliary::services': }

@ -92,3 +92,5 @@ class {'::manila_auxiliary::meta': }
 Class['::manila_auxiliary']->
 Class['::manila_auxiliary::services']->
 Class['::manila_auxiliary::meta']
+
+create_resources('::manila_auxiliary::backend::generic', $backends)
--- a/deployment_scripts/puppet/modules/manila_auxiliary/manifests/image.pp
+++ b/deployment_scripts/puppet/modules/manila_auxiliary/manifests/image.pp
@ -1,4 +1,3 @@
-
 class manila_auxiliary::image (
  $src_image = 'http://host/manila-service-image.qcow2',
  $image     = 'manila-service-image.qcow2',
--- a/deployment_scripts/puppet/modules/manila_auxiliary/manifests/ssh_keygen.pp
+++ b/deployment_scripts/puppet/modules/manila_auxiliary/manifests/ssh_keygen.pp
@ -1,10 +0,0 @@
-class manila_auxiliary::ssh_keygen (
-  $name = '/root/.ssh/id_rsa',
-  $user = 'root',
-) {
-  exec {'manila_ssh_keygen':
-    command => "ssh-keygen -t rsa -f ${name} -N ''",
-    user    => $user,
-    path    => '/bin:/usr/bin',
-  }
-}
--- a/deployment_tasks.yaml
+++ b/deployment_tasks.yaml
@ -1,39 +1,65 @@
- id: manila-start
-  type: puppet
-  groups: [primary-controller, controller]
+- id: manila-generate_keys
+  type: shell
+  groups: [master]
  version: 2.1.0
-  cross-depends:
-    - name: deploy_start
-  cross-depended-by:
-    - name: deploy_end
+  requires: [pre_deployment_start]
+  required_for: [manila-copy_keys]
  parameters:
-    puppet_manifest: "puppet/manifests/notify.pp"
-    puppet_modules: "."
-    timeout: 3600
+    cmd: sh /etc/puppet/modules/osnailyfacter/modular/astute/generate_keys.sh -p /var/lib/fuel/keys/ -i {CLUSTER_ID} -s 'manila'
+    timeout: 180
+
+- id: manila-copy_keys
+  type: copy_files
+  version: 2.1.0
+  role: ['/.*/']
+  required_for: [pre_deployment_end]
+  requires: [manila-generate_keys]
+  cross-depends:
+      - name: manila-generate_keys
+        role: master
+  parameters:
+    files:
+      - src: /var/lib/fuel/keys/{CLUSTER_ID}/manila/manila.pub
+        dst: /var/lib/astute/manila/manila.pub
+      - src: /var/lib/fuel/keys/{CLUSTER_ID}/manila/manila
+        dst: /var/lib/astute/manila/manila
+    permissions: '0600'
+    dir_permissions: '0700'
+
+- id: manila-gen_password
+  type: shell
+  groups: [master]
+  version: 2.1.0
+  requires: [pre_deployment_start]
+  required_for: [manila-hiera]
+  parameters:
+    cmd: sh /var/www/nailgun/plugins/fuel-plugin-manila-1.0/gen_password.sh {CLUSTER_ID}
+    timeout: 180

 - id: manila-hiera
-  type: puppet
-  groups: [primary-controller, controller]
+  type: copy_files
  version: 2.1.0
-  requires: [hiera]
+  role: ['/.*/']
  required_for: [manila-keystone]
-  cross-depends:
-    - name: manila-start
-  cross-depended-by:
-    - name: deploy_end
+  requires: [manila-gen_password]
+  cross_depends:
+    - name: manila-gen_password
+      role: master
  parameters:
-    puppet_manifest: "puppet/manifests/populate_hiera.pp"
-    puppet_modules: "puppet/modules:/etc/puppet/modules"
-    timeout: 3600
+    files:
+      - src: /etc/fuel/cluster/{CLUSTER_ID}/fuel-plugin-manila.yaml
+        dst: /etc/hiera/plugins/fuel-plugin-manila.yaml
+    permissions: '0600'
+    dir_permissions: '0700'

 - id: manila-keystone
  type: puppet
-  groups: [primary-controller, controller]
+  groups: [primary-controller]
  version: 2.1.0
-  requires: [manila-hiera]
+  requires: [manila-hiera, primary-openstack-controller]
  required_for: [manila-db]
  cross-depends:
-    - name: manila-hiera
+    - name: keystone-db
  cross-depended-by:
    - name: deploy_end
  parameters:
@ -65,11 +91,24 @@
  version: 2.1.0
  required_for: [manila-main]
  requires: [manila-db]
+  cross-depends:
+     - name: manila-db
  parameters:
    puppet_manifest: "puppet/manifests/install.pp"
    puppet_modules: "puppet/modules:/etc/puppet/modules"
    timeout: 3600

+- id: manila-image_upload
+  type: puppet
+  groups: [primary-controller]
+  version: 2.1.0
+  required_for: [manila-main]
+  requires: [manila-install]
+  parameters:
+    puppet_manifest: "puppet/manifests/image_upload.pp"
+    puppet_modules: "puppet/modules:/etc/puppet/modules"
+    timeout: 3600
+
 - id: manila-haproxy
  type: puppet
  groups: [primary-controller, controller]
--- a/gen_password.sh
+++ b/gen_password.sh
@ -0,0 +1,26 @@
+#!/bin/sh
+
+CLUSTER_ID=$1
+
+function gen_pass {
+     openssl rand -base64 32|tr -d '='
+}
+
+user_pass=$(gen_pass)
+maniladb_pass=$(gen_pass)
+
+echo "
+---
+  manila:
+    user_password: $user_pass
+    db_password: $maniladb_pass
+    service_vm_image:
+      container_format: bare
+      disk_format: qcow2
+      glance_properties: \"\"
+      img_name: manila-service-image
+      img_path: /tmp/manila-service-image.qcow2
+      min_ram: \"256\"
+      os_name: ubuntu
+      public: \"true\"
+" > /etc/fuel/cluster/$CLUSTER_ID/fuel-plugin-manila.yaml
--- a/post_install.sh
+++ b/post_install.sh
@ -15,3 +15,4 @@


 cp $MANILA_IMAGE /var/www/nailgun/plugins/fuel-plugin-manila-1.0/repositories/ubuntu/
+mkdir -p /etc/fuel/plugins/fuel-plugin-manila-1.0/