Using credentials in keystone_authtoken options for glance_* resources
was deprecated some cycles ago[1].
[1] 17cc71c509
Change-Id: I57a2ecc763ccac52d9122afa86871ad74bca7450
This change improves coverage of the file backend parameters. Because
the filesystem_store_datadirs parameter is MultiStrOpt, support for
MultiStrOpt is also introduced to the glance_cache_config resource
type.
Change-Id: I5785605bf4224c0f189fd7700d5a9b05def058e8
This change adds the new project_id/name attribute to the glance_image
resource type, so that users can customize owner of glance images
managed by the resource.
Change-Id: I79c231d857079896bf101408aa758ef056669585
The api-paste.ini accepts not only "=" but also ":" and some services
like Barbican have been using ":" for their default api-paste.ini
files.
[composite:main]
use = egg:Paste#urlmap
/: barbican_version
/v1: barbican-api-keystone
This change allows users to use ":" so that they can update the ini
files with keeping it consistent with the default fules
Depends-on: https://review.opendev.org/813614
Change-Id: I200a971d120feed0afaa7833ee383f01bfe6b9b7
This replaces the provider implementation of glance_api_config type
so that MultiStrOpt, which is used by several options like
- oslo_messaging_notifications/driver
- oslo_policy/policy_dirs
is handled correctly.
Change-Id: I6c0ea1276d16722c9908a20333890a4a17404b61
This patch is adding the configuration of the number of workers,
threads, and the size of the listen queue in Debian, which uses
uwsgi to run Glance API. Therefore, this patch adds a new
glance_api_uwsgi_config provider as well as a new
glance::wsgi::uwsgi class.
Change-Id: If02def38d583f2255b8a0219dc53c26f0980521c
This change drops remaining items about support for glance-registry.
These were deprecated by the removal patch[1] which was merged during
the previous cycle thus we are now ready to drop them.
[1] 11599ba429
Change-Id: If2d371a372cf4d95d84e3d71fb4ce272565ac659
This patch removes support for glance-registry service, because it has
been removed from glance [1].
[1] https://review.opendev.org/#/c/738671/
Change-Id: Id05f736dbbddaff2cb90aa6678c777b9a0318e40
... so that correct packages and services are required according
without re-defining them in resource implementations.
Change-Id: I03016890692b406ca86750d7ec8b3b3e1d276b1a
Glance image conversion configuration is not enabled by
puppet-glance in glance-image-import.conf.
Adding image_import_plugins & output format parameters to enable
glance image conversion.
Change-Id: I098aa0cabf2518b8861d5b58b885d9bdef54a7f6
Closes-Bug: #1807366
The glance_image resource provides the ability to
download remote images using the source parameter.
Specifying the proxy parameter will allow one to
use a proxy server when downloading the image.
Change-Id: I540a29be3eb6c95b1c3975228c23c9154b1a0cbe
Closes-Bug: 1719874
Glare service is now totally dropped from Glance [1] and now should
be configured only with puppet-glare module.
[1] https://review.openstack.org/#/c/427535/
Change-Id: I695ad518285a92a80dd7a9d5bebd11e804359224
when more then one pair of key/value's are given
then this code shows wrong behavior:
vm_mode=exe,cinder_img_volume_type=vstorage
it makes this:
vm_mode=''exe',cinder_img_volume_type=vstorage'
Reason is the first conversion being to broad, and 2nd match matches
the whole string.
Change-Id: I5bcf23374b57197680b87b554392ee172bf90571
"ploop" image format is supported in upstream Glance:
https://review.openstack.org/341633
And also in python-openstackclient
in Ic79f29a1fe9ea5016d3d5520c2b06e39da01ff61
Change-Id: I2336687db363136e12c5fca5d46e9ce0ba5d791c
In glance, user can specify the desired id when creating
a new image. This can be convenient for some cases where
users want predictable ids for image, as referencing ramdisk_id
or kernel_id for AMI images.
Change-Id: I7868f2005041dea6ecd63cd601e9244cefd08e5b
This change updates the glance_image provider to support the ability to
specify properties for an image. This change only adds the support for
setting properties. The conversion and update to using the v2 will
require further rework of this provider.
Change-Id: I22b92c5ccd0f77c837e9abe987cee07c7d90867e
Co-Authored-By: Alex Schultz <aschultz@mirantis.com>
In Mitaka Glance v3 was moved to stand alone service [1] - now
it's called Glance Artifacts Repository (Glare).
This patch adds appropriate service managing, package installation,
configuration and related spec tests.
[1] I5b7bd4cdcc5f2a40fc4a5f74bcc422fd700c4fb0
Change-Id: I3371d1d57486e79ccfae565417f2195d3ae66bc9
Closes-bug: #1555697
For working with Swift backend, Glance needs authentication parameters,
which are supplied to Swift when making calls to its storage system.
Glance will use information from the file specified under parameter
swift_store_config_file. When this parameter is set to the same file
(glance-api.conf), we have lot of non-critical errors in glance-api
log, because of 'Invalid format of swift store config'.
The same problem, when we have RadosGW.
Change-Id: I18ee8f68f7ce793d2580685e79ed636556c57ddd
Related-bug: #1540890
This commit moves conditionals based on values obtained from Facter
inside code blocks that are only executed on agents and replaces
the use of Facter['osfamily'].value with Facter.value:(:osfamily).
Without this change we are returning values based off the master's
facts, so if a Debian agent checks into a RedHat master then the type
is currently making a decision based off of RedHat and not the actual
OS of the agent running the catalog. Code ran outside blocks is
evaluated on masters and inside a block is evaluated by the agent when
the catalog is executed. We do not notice this because all our
testing uses "puppet apply" and autorequire only matters when they
find a matching resource name in the catalog. The latter results
in no error because the relationship is simply ignored on the Debian
agent if a package resource with the RedHat name is not found.
This issue was found by running facter 3, the C++11 re-implementation
under the jruby and clojure implemented puppetserver. The clojure
jni shim written so that facter can be ran inside of puppetserver does
not implement the [] method for the Facter module but the ruby shim
does. So I noticed that the code had an issue when
Facter['osfamily'].value was executed on the master, which returned a
not method error. Once again, something we didn't notice becuase we
do not test against a master. I decided to migrate to
Facter.value(:osfamily) to simply keep to an API that is consistent
across both puppet and puppetserver but fixing where the code runs
does actually solve the not method found error.
Change-Id: I773f20e0bc1e917f6ec5fa8830f5bbfa60b6cd8a
Some distros (RHEL based) have a single glance package. On those
distros the ensure_package/autorequire stuff doesn't quite work
correctly as per the type code it is assumed two packages 'glance-api'
and 'glance-registry'
This commit makes sure that on RHEL based distros type only autorequire
'openstack-glance' while on other distros it correctly autorequire
'glance-api' and 'glance-registry'
Change-Id: I17c84b2282beadaec80f4db42fa5696b7967159f
Closes-bug: #1493442
Co-Authored-By: Yanis Guenane <yguenane@redhat.com>
With the creation of the new openstack_config provider, some processing
that was done in glance_api_config has been centralized in
openstack_config.
The same changes apply for glance_registry_config and
glance_cache_config
Impacted methods are :
* section
* setting
* separator
Also, this commit adds the fact that, when passing a specific string
(ensure_absent_val) the provider will behave as if ensure => absent was
specified. '<SERVICE DEFAULT>' is the default value for
ensure_absent_val.
The use case is the following :
glance_api_config { 'DEFAULT/foo' : value => 'bar' } # will work as usual
glance_api_config { 'DEFAULT/foo' : value => '<SERVICE DEFAULT>' } # will mean absent
That means that all the current :
if $myvar {
glance_api_config { 'DEFAULT/foo' : value => $myvar }
} else {
glance_api_config { 'DEFAULT/foo' : ensure => absent }
}
can be removed in favor of :
glance_api_config { 'DEFAULT/foo' : value => $myvar }
If for any reason '<SERVICE DEFAULT>' turns out to be a valid value for
a specific parameter. One could by pass that doing the following :
glance_api_config { 'DEFAULT/foo' : value => '<SERVICE DEFAULT>',
ensure_absent_val => 'foo' }
Change-Id: I3bbdf63d1b9b5a2daba30fd4ba897db703f979ae
Depends-On: I0eeebde3aac2662cc7e69bfad7f8d2481463a218
Currently we specify the ordering of config resources wherever it is
necessary based on the presence of the file it will write to, or the
presence of the package in charge of providing the file it will write
to.
Those kind of ordering can be specified directly at the resource level
using the autorequire mechanism. With this patch, any config resource
will make sure the package in charge of providing the file will be
installed first.
Change-Id: Idb19da25958e79787b0c66e4ae275216849a9a2e
As we discovered before[1] with puppet-keystone, rspec-puppet has
trouble loading paths in some circumstances. This patch updates the
$LOAD_PATH in the newly rewritten glance_image type so that unit tests
in other modules can properly load the openstacklib backend.
[1] https://bugs.launchpad.net/puppet-keystone/+bug/1408531
Change-Id: Ifa3cbd46b8b32695848d4c2e8f837881c46a7d98
This patch changes the glance_image provider to use
puppet-openstacklib's authentication methods, which use
python-openstackclient as an interface, instead of the glance command
line client. The benefits of this is:
- Code reduction. This patch reduces the amount of code in the
glance parent provider and glance_image provider by reusing code from
Puppet::Provider::Openstack instead of implementing authentication,
retries, and response parsing in the provider.
- Presumed reduction in sudden API changes that require quick fixes in
this module, such as f377c0229c.
- Ability to set project-based access control for images
Additional reasoning for this change is in the blueprint.
Important note: this change does not work on Ubuntu under Juno due to a
major bug in the version of python-openstackclient shipped in UCA [1].
This change targets the Kilo releases.
Note about performance: the self.instances and instances methods make
API requests for each image found in the list of instances. This is not
a change from how this was implemented before. The --long formatted
list, either from the glance client or openstackclient, does not
provide all information needed to query an instance and populate
setters. Future patches could possibly improve on this.
Other details of this change:
- Removes auth_glance method, replaced by the request and
glance_request methods
- Removes auth_glance_stdin method which was not being used
- Removes parse_table which is now unnecessary because openstackclient
formats its responses as CSV and Puppet::Provider::Openstack#request
returns the results a hash
- Removes remove_warnings methods which are handled by
Puppet::Provider::Openstack#request
- Removes list_glance_images and get_glance_image_attr which are
sufficiently replaced by using the 'list' and 'show' commands with
Puppet::Provider::Openstack's request method.
- Removed self.prefetch since we can't populate auth parameters during
a prefetch. Instead we prepopulate the list via the instances method.
- Added a flush method to do updates more efficiently
- Changed is_public property to accept true/false in addition to yes/no
and to munge to a symbol instead of a capitalized string, for
consistency with keystone_tenant's enabled property
- Move the reset method into the spec tests since it is only necessary
for testing
- Added tests for glance_image, which did not exist before
- Removed connection retry test since this is taken care of in
openstacklib
[1] https://bugs.launchpad.net/python-openstackclient/+bug/1269821
blueprint use-openstackclient-in-module-resources
Change-Id: Iceab5e1c6138e7aba0f883ed4acb8f7ecbcd2830
The location property of the glance_image type has nearly identical
functionality as the source param, yet one is a param and one is a
property. It is possible to change either of these for a glance image,
but only if it is as of yet unset, and therefore unsaved. It is not
possible to change the location of a glance image once it has been
saved, nor is it possible to query it afterward. Since having location
be a property when it is usually unsettable and is always unqueryable
does not make much sense, we change it to be a param to be consistent
with the source param.
Change-Id: I686c3fec9bf571d18e282888c626d795c9958a6b
Commit 031609b572 changed the way
is_public was munged. However, when testing it it looks like it
was always seen as an empty string after this, so all created
images were private. Changing the way the 'if' block is done fixes
it.
Change-Id: If2eb52a6d0d9be89c9323702616f62f8ecba5e02
glance expects True/False values whereas this type uses Yes/No.
Without this patch, puppet would return the following message with an
existing glance image with is_public attribute already set to 'True'.
puppet-agent[18190]: (/Stage[main]/Site::Controller/Glance_image[raring-server-cloudimg-amd64]/is_public) is_public changed 'True' to 'Yes'
Change-Id: I532e08e6815a8b03f5eb6a9495d886b9855762c8
Currently secrets like rabbit_password or admin_password are displayed in
puppet logs when changed. This commit changes glance_*_config and
glance_*_ini types adding a new parameter that triggers obfuscation of
the values in puppet logs.
Change-Id: I31f974a9afadef42939ee092ecba3b8f4333bb8b
Closes-Bug: #1328448
This patch allows the usage of Puppet boolean values and still
configure values with OpenStack boolean style: True/False.
Change-Id: I1f96bf979e67fd7fb8fd1d984809fd072783224c
- Add native types to manage all existing ini files
- remove all unused templates
- convert all concat with ini_setting resources
- remove all concat code