Commit Graph

40 Commits

Author SHA1 Message Date
Takashi Kajinami 0f500ef7da cinder_type: Fix regex for properties to accept short value
This fixes the regex to validate the properties property so that value
strings shorter than 3 characters are accepted.

This also removes the heading spaces because these are not stripped but
added to the keys, which likely results in an unexpected result.

Change-Id: I8d703a48060abb61834ecec9c72bb6295eff2b81
2023-12-25 12:58:37 +09:00
Takashi Kajinami 04e3d15f1a Stop reading keystone_authtoken options
Using credentials in keystone_authtoken options for cinder_* resources
was deprecated some cycles ago[1].

[1] 596a77483b

Change-Id: I21fc46f49a143ae1282cad91732925195eda6541
2023-11-16 17:36:01 +09:00
Takashi Kajinami f23a76006e Switch provider to manage paste.ini file
... so that we users can use '<SERVICE DEFAULT>' similarly to
the resource types to manage the <service>.conf files.

Closes-Bug: #1981118
Change-Id: Ie967ffa9e2545d9089aaa4b255b13f479d296ff7
2022-07-09 13:30:48 +00:00
Takashi Kajinami 869e396eb5 Remove handling of 'u' prefix
... because the prefix is no longer printed in Python 3.

In python 2
>>> print({u'foo': u'baa'})
{u'foo': u'baa'}
>>> print([u'foo', 'baa'])
[u'foo', 'baa']

In python 3
>>> print({u'foo': u'baa'})
{'foo': 'baa'}
>>> print([u'foo', 'baa'])
['foo', 'baa']

Change-Id: I8f4adab5d7c6c8730d08f9311c55783ea719527f
2022-05-18 10:51:06 +09:00
Zuul 2a189bc7a9 Merge "Deprecate usage of authtoken parameters in providers" 2022-03-12 15:21:04 +00:00
Takashi Kajinami 596a77483b Deprecate usage of authtoken parameters in providers
When SRBAC is completely implemented according to the current spec,
each service user no longer has full admin privilege but has access
limited to the actual requirement. This means that we are no longer
able to use service users to create resources.

This change is a prep-work to get rid of usage of the service user,
currently loaded from authtoken parameters in the .conf file. Now
each providers loads clouds.yaml file placed in /etc/openstack/puppet.

Depends-on: https://review.opendev.org/806474
Depends-on: https://review.opendev.org/828025
Change-Id: I80ea9fc1da31696cafa77ff12febfd4054f435bc
2022-02-21 23:54:13 +09:00
Takashi Kajinami 440b124f95 Ensure auth_endpoint is reset
The auth_endpoint variable is loaded from cinder.conf, thus it should
be cleared when configurations loaded by cinder.conf is cleared.

Change-Id: Id651d5c5c7cb9794ab159bf2e129422af0a33bfa
2022-02-20 03:22:49 +00:00
Zuul 89bcdd5b8d Merge "Add support for rootwrap.conf" 2022-01-05 10:31:20 +00:00
Takashi Kajinami c495536f9a Add support for rootwrap.conf
Change-Id: I47eb5f99377974eeb8c6fe07c4baa6b40a8af407
2021-12-27 16:02:25 +09:00
Takashi Kajinami 3b6c317cd1 Fix typo in resource name
Change-Id: I5ec8a021f61c17553c42f39098229009ea7685a5
2021-12-27 02:50:20 +00:00
Takashi Kajinami b70ee62eca Allow customizing separator for api-paste.ini
The api-paste.ini accepts not only "=" but also ":" and some services
like Barbican have been using ":" for their default api-paste.ini
files.

[composite:main]
use = egg:Paste#urlmap
/: barbican_version
/v1: barbican-api-keystone

This change allows users to use ":" so that they can update the ini
files with keeping it consistent with the default contents.

Depends-on: https://review.opendev.org/813614
Change-Id: Id764feed8efb5aac08030b1147ce39c112cddc31
2021-10-15 12:00:12 +09:00
Zuul 74ca27890b Merge "Add support for MultiStrOpt" 2021-06-23 18:51:38 +00:00
Erik Berg 62899eba67 Allow for '-' in volume type property values
There's no validation going on (yet) in cinder as to which characters
are allowed in properties. So this change alters the regex to cast a
wide net catching '-' and other possible valid variations.

Also update unit-test to cover this scenario.

Closes-Bug: #1932272
Change-Id: I564528663a3d2f83136b98ed46e09e373a9ad6de
2021-06-19 02:37:34 +00:00
Takashi Kajinami 870ff62655 Add support for MultiStrOpt
This replaces the provider implementation of cinder_config type so that
MultiStrOpt, which is used by several options like
 - oslo_messaging_notifications/driver
 - oslo_policy/policy_dirs
is handled correctly.

Change-Id: If052cde4da84970df4af657136060532ccb422f7
2021-05-05 10:45:22 +09:00
Zuul 3fc60e2b9e Merge "Improve cinder_type properties regex" 2021-04-21 18:01:01 +00:00
Thomas Goirand 003b8d6ab6 Add support for cinder_api_uwsgi_config in Debian
This patch is adding the configuration of the number of workers,
threads, and the size of the listen queue in Debian, which uses
uwsgi to run Cinder API. Therefore, this patch adds a new
cinder_api_uwsgi_config provider as well as a new
cinder::wsgi::uwsgi class.

Change-Id: I6f4c6a51f8e33616069411a926a63ba2b388e25d
2021-04-10 22:40:57 +02:00
Tobias Urdin a032bec7d6 Improve cinder_type properties regex
This changes the regex for properties managed with
the cinder_type resource so that it supports the
format Cinder needs for multiattach and similar.

  multiattach=<is> True

This patch is needed so that cinder_type resources
can set the above.

See regex testing here [1]. Needs to be backported
to older versions so that cinder_type can be
properly used there as well.

[1] https://regexr.com/5imqk

Change-Id: If08fce9443281e65636aaaa99e3139732435f6f7
2021-04-08 21:33:15 +02:00
Takashi Kajinami 29e221fe55 Refer keystone_authtoken to find credentials
... because api/os_region_name is not set since [1].
This patch also fixes incorrect lookup about domain parameters.

This patch also removes useless and incorrect handling about keystone
version, so that domain parameters are correctly set.

[1] c2d618cae7

Change-Id: Idaa1c767e8cab645567b920dc9d377abf509ec54
2020-04-15 11:16:34 +09:00
Javier Pena 5821ade2cf Fix properties in cinder_type provider for osc >= 4.0.0
Openstackclient 4.0.0 changed the way some properties are displayed
on screen.

Old:
...,"Properties"
...,"volume_backend_name='BACKEND_1'"

New:
...,"Properties"
...,"{u'volume_backend_name': u'BACKEND_1'}"
or
...,"{'volume_backend_name': 'BACKEND_1'}"

This is breaking idempotency on the cinder_type provider, since it
does not detect them correctly. This patch aims at fixing this, by
trying to detect the new format, and using JSON parsing in that case.

Change-Id: I6a68505d15473b140c85a199a09d2fee45864800
2019-09-19 13:00:14 +02:00
Zuul a8628dc884 Merge "Cinder-type param is_public/access_project_ids" 2019-01-03 02:31:00 +00:00
Alexandre Arents 0fc0043a29 Fix cinder-qos provider issue with openstackclient >= 3.8.0
output of culmn name change making failed cinder-qos provider
column name 'Specs' changed to 'Properties'

Change-Id: I9470ed3f60971394740b19a2f42e4b55b5d046ea
Closes-bug: 1806705
2018-12-24 02:04:01 +00:00
Thomas Goirand 3d7128c55d Add File.expand_path to cinder.rb
It happened to me that a few times, puppet cannot load cinder.rb.
This should fix it.

Change-Id: I6c44eaca24fb8aed538da9064fe91e40786216b2
2018-11-28 15:55:21 +01:00
Julien Cosmao 31671ebc94 Cinder-type param is_public/access_project_ids
Added parameters is_public
  - allow create public or private cinder type
  boolean: Default to true
Added propertie access_project_ids
  - Specify list of project ids which have
  access to private cinder type

Change-Id: I7f6aac76b441cb4ac4901901c6d894a1c920d399
2018-09-24 16:30:13 +02:00
Alexandre Arents 6bed0940b7 Add cinder QOS support
cinder::qos create cinder QOS with properties and
volume-type associations

Change-Id: I35bd84e88308bf5f4cb62aab4a807103b1b1e2cf
Implements: blueprint support-cinder-qos
2018-09-24 15:16:54 +02:00
Matthias Bastian 642666b15e Make providers use auth_url for authentication
When reading credentials from the configuration's keystone_authtoken
section www_authenticate_uri was used as URL for Keystone.
As www_authenticate_uri is a public endpoint that is not necessarily
reachable for the Puppet agent, this change uses the more appropriate
auth_url as Keystone URL.

Change-Id: I16145064b8867c64abddf4a12f460464ee2d9c04
2018-08-03 11:37:00 +02:00
ZhongShengping e916d71a07 Deprecate auth_uri option
Option auth_uri from group keystone_authtoken is deprecated[1].
Use option www_authenticate_uri from group keystone_authtoken.

[1]https://review.openstack.org/#/c/508522/

Change-Id: I7072db60688fdafe122c1a9fd2b06f21f0a695e5
Depends-On: I4c82a63baabd6b9304b302c97cd751a0103d8316
Closes-Bug: #1759098
2018-04-05 11:49:45 +08:00
Saverio Proto 74c8acbcb3 Read os_region_name from cinder.conf when doing requests with the Openstack client
Closes-bug: 1720824
Change-Id: I7334d16ba11594085f88c80e9daf2358d841fa17
2017-10-03 17:07:43 +02:00
Clayton O'Neill 228627990d Fix cinder_type to work with no properties param
If the properties parameter isn't specified, then it defaults to nil.
However, when the provider iterates over the properties, it assumes
properties will be an array, and fails when it's nil.

Change-Id: Ie5342b0dde70394a32639e378aee9c7e6aa64a87
2016-09-17 23:01:50 +00:00
Matt Fischer bb1e3e67dc Cinder hooks support
This code moves all deps to an external class so that Cinder can be
installed with mechanisms besides packages (like venv or docker). This
also cleans-up the dependency tree by removing false or confusing
dependencies.

Co-Author: Craig Delatte <craig.delatte@twcable.com>

Change-Id: I55a62f6173fe463fb8fb65df6729c9f509a0fb04
2016-09-13 09:18:41 -06:00
Emilien Macchi bd49302617 Configure keystone authtoken options
In cinder::api, use keystone::resource::authtoken to configure
keystone_authtoken section in cinder.conf, with all parameters required
to configure keystonemiddleware.
This patch will allow to deploy Cinder to use Keystone v3
authentification.

Some deprecations:
cinder::api::auth_type is deprecated, use cinder::keystone::authtoken::auth_type instead.
cinder::api::identity_uri is deprecated, use cinder::keystone::authtoken::auth_url instead.
cinder::api::auth_uri is deprecated, use cinder::keystone::authtoken::auth_uri instead.
cinder::api::keystone_tenant is deprecated, use cinder::keystone::authtoken::project_name instead.
cinder::api::keystone_user is deprecated, use cinder::keystone::authtoken::username instead.
cinder::api::keystone_password is deprecated, use cinder::keystone::authtoken::password instead.
cinder::api::memcached_servers is deprecated, use cinder::keystone::authtoken::memcached_servers instead.

Closes-Bug: #1604463
Change-Id: I64736457bd8527198a8a81ea784d3bf74284063b
2016-08-02 03:09:55 +00:00
Javier Pena c58a3d7cac Enable keystone v3 support for cinder_type
Previously, the cinder_type provider used Credentialsv2_0 when
creating a new type, so it did not support Keystone v3 environments.
Switching th Credentialsv3 to support both Keystone v3.

Change-Id: Iff8e21c922c2d90108053f70cbc053436e3461de
2016-05-20 10:57:56 +02:00
Matthew J Black 2065a3a389 Fixed cinder_type provider require line
Cinder_type provider was causing an autoload error with puppet.
This change fixes the require line.

Change-Id: I81b9915d1f6493fc996edc7177f54815018bc3a1
Closes-Bug: 1581829
2016-05-14 12:30:05 -04:00
Denis Egorenko 9bc49efba8 Replace defines for managing cinder types with providers
We have define classes, which allow to manage Cinder types and their
properties. This patch switches using of define classes to puppet
providers, based on openstack auth from openstacklib.

related blueprint use-openstackclient-in-module-resources

Change-Id: I4f7e8137fa3e1ad3e141c58eaba110b12101d22c
2016-03-04 17:58:20 +03:00
Alex Schultz 667e6c0850 Switch cinder to use os_service_default fact
This change switches the cinder module to use the os_service_default
fact for configuration options that default to '<SERVICE DEFAULT>'.

Change-Id: I8c28f02794fdc7034a85eab80a66a98f664380ea
Depends-On: Ieeb92b4e7fbb556a8d32682fb24284091227c991
2015-10-07 15:48:56 -05:00
Yanis Guenane b554d30aaf Reflect provider change in puppet-openstacklib
With the creation of the new openstack_config provider, some processing
that was done in cinder_config has been centralized in
openstack_config.

Impacted methods are :

  * section
  * setting
  * separator

Also, this commit adds the fact that, when passing a specific string
(ensure_absent_val) the provider will behave as if ensure => absent was
specified. '<SERVICE DEFAULT>' is the default value for
ensure_absent_val.

The use case is the following :

cinder_config { 'DEFAULT/foo' : value => 'bar' } # will work as usual

cinder_config { 'DEFAULT/foo' : value => '<SERVICE DEFAULT>' } # will mean absent

That means that all the current :

if $myvar {
  cinder_config { 'DEFAULT/foo' : value => $myvar }
} else {
  cinder_config { 'DEFAULT/foo' : ensure => absent }
}

can be removed in favor of :

cinder_config { 'DEFAULT/foo' : value => $myvar }

If for any reason '<SERVICE DEFAULT>' turns out to be a valid value for
a specific parameter. One could by pass that doing the following :

cinder_config { 'DEFAULT/foo' : value => '<SERVICE DEFAULT>',
ensure_absent_val => 'foo' }

Change-Id: I10931ea201b567ff6576fd3f87d05f2fd0816166
Depends-On: I0eeebde3aac2662cc7e69bfad7f8d2481463a218
2015-08-19 10:49:25 +02:00
Yanis Guenane 69bfb7cb81 Rely on autorequire for config resource ordering
Currently we specify the ordering of config resources wherever it is
necessary based on the presence of the file it will write to, or the
presence of the package in charge of providing the file it will write
to.

Those kind of ordering can be specified directly at the resource level
using the autorequire mechanism. With this patch, any config resource
will make sure the package in charge of providing the file will be
installed first.

Change-Id: I42bc4700302b4c3141345fe442168771c079f712
2015-08-12 18:54:38 +02:00
Mathieu Gagné 9686bb830b Allow to hide config values from Puppet logs
Hide configuration value from Puppet logs if the secret parameter
is set to true.

Fixes: bug #1173322
Change-Id: I380a86b834c2f6cb6f347cade6137ee2e757f091
2013-05-28 15:17:58 -04:00
Mathieu Gagné 56644f7914 Capitalize boolean values in config files
This patch allows the usage of Puppet boolean values and still
configure values with OpenStack boolean style: True/False.

Change-Id: I972ac41757f253500f43dc285784f5f8af6ce2ab
2013-05-21 19:28:01 -04:00
Dan Bode 02d89b88c9 add support for purging config files
the same as:
https://github.com/puppetlabs/puppetlabs-glance/pull/68
2013-03-04 16:16:18 -08:00
Dan Bode 14a96dc17f update cinder for folsome
These are my initial changes to Joe's initial cinder module.
2012-10-11 02:11:23 -07:00