From e68ef3ce8c6b4745e5fb9e710917718236e4ba32 Mon Sep 17 00:00:00 2001 From: Jan Klare Date: Wed, 14 Dec 2016 16:02:11 +0100 Subject: [PATCH] retire unmaintained project Change-Id: I750101fd295b7210dd7e5c490f375a3237fbc455 --- .gitignore | 9 - .gitreview | 4 - .rubocop.yml | 30 - .rubocop_todo.yml | 11 - Berksfile | 8 - CONTRIBUTING.md | 37 - Gemfile | 14 - MAINTAINERS.md | 3 - README.md | 78 +- Rakefile | 40 - TESTING.md | 30 - attributes/default.rb | 118 --- bootstrap.sh | 9 - metadata.rb | 16 - recipes/api.rb | 62 -- recipes/conductor.rb | 48 - recipes/default.rb | 19 - recipes/identity_registration.rb | 86 -- recipes/ironic-common.rb | 104 --- spec/api_spec.rb | 75 -- spec/conductor_spec.rb | 65 -- spec/identity_registration_spec.rb | 74 -- spec/ironic-common_spec.rb | 312 ------- spec/spec_helper.rb | 41 - templates/default/ironic.conf.erb | 1334 --------------------------- templates/default/rootwrap.conf.erb | 29 - 26 files changed, 5 insertions(+), 2651 deletions(-) delete mode 100644 .gitignore delete mode 100644 .gitreview delete mode 100644 .rubocop.yml delete mode 100644 .rubocop_todo.yml delete mode 100644 Berksfile delete mode 100644 CONTRIBUTING.md delete mode 100644 Gemfile delete mode 100644 MAINTAINERS.md delete mode 100644 Rakefile delete mode 100644 TESTING.md delete mode 100644 attributes/default.rb delete mode 100755 bootstrap.sh delete mode 100644 metadata.rb delete mode 100644 recipes/api.rb delete mode 100644 recipes/conductor.rb delete mode 100644 recipes/default.rb delete mode 100644 recipes/identity_registration.rb delete mode 100644 recipes/ironic-common.rb delete mode 100644 spec/api_spec.rb delete mode 100644 spec/conductor_spec.rb delete mode 100644 spec/identity_registration_spec.rb delete mode 100644 spec/ironic-common_spec.rb delete mode 100644 spec/spec_helper.rb delete mode 100644 templates/default/ironic.conf.erb delete mode 100644 templates/default/rootwrap.conf.erb diff --git a/.gitignore b/.gitignore deleted file mode 100644 index d7ee44a..0000000 --- a/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -.bundle/ -berks-cookbooks/ -.kitchen -.vagrant -.coverage/ -*.swp -Berksfile.lock -Vagrantfile -Gemfile.lock diff --git a/.gitreview b/.gitreview deleted file mode 100644 index 2142587..0000000 --- a/.gitreview +++ /dev/null @@ -1,4 +0,0 @@ -[gerrit] -host=review.openstack.org -port=29418 -project=openstack/cookbook-openstack-bare-metal.git diff --git a/.rubocop.yml b/.rubocop.yml deleted file mode 100644 index 5e0be9f..0000000 --- a/.rubocop.yml +++ /dev/null @@ -1,30 +0,0 @@ -inherit_from: .rubocop_todo.yml - -AllCops: - Include: - - metadata.rb - - Gemfile - - attributes/** - - libraries/** - - providers/** - - recipes/** - - resources/** - - spec/** - Exclude: - - .cookbooks/**/* - - berks-cookbooks/**/* - - .bundle/**/* - -Encoding: - Exclude: - - metadata.rb - - Gemfile - -NumericLiterals: - Enabled: false - -LineLength: - Enabled: false - -WordArray: - MinSize: 3 diff --git a/.rubocop_todo.yml b/.rubocop_todo.yml deleted file mode 100644 index 08b657d..0000000 --- a/.rubocop_todo.yml +++ /dev/null @@ -1,11 +0,0 @@ -# This configuration was generated by `rubocop --auto-gen-config` -# on 2015-05-28 13:09:57 -0500 using RuboCop version 0.29.1. -# The point is for the user to remove these configuration records -# one by one as the offenses are removed from the code base. -# Note that changes in the inspected code, or installation of new -# versions of RuboCop, may require this file to be generated again. - -# Offense count: 4 -# Configuration parameters: EnforcedStyle, SupportedStyles. -Style/ClassAndModuleChildren: - Enabled: false diff --git a/Berksfile b/Berksfile deleted file mode 100644 index b25b09c..0000000 --- a/Berksfile +++ /dev/null @@ -1,8 +0,0 @@ -source "https://supermarket.chef.io" - -metadata - -cookbook "openstack-common", - github: "openstack/cookbook-openstack-common" -cookbook 'openstack-identity', - github: 'openstack/cookbook-openstack-identity' diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md deleted file mode 100644 index 62f808f..0000000 --- a/CONTRIBUTING.md +++ /dev/null @@ -1,37 +0,0 @@ -Contributing -============ - -How To Get Started ------------------- - -If you would like to contribute to the development of OpenStack Chef Cookbooks, -you must follow the steps in this page: - - http://docs.openstack.org/infra/manual/developers.html - -Gerrit Workflow ---------------- - -Once those steps have been completed, changes to OpenStack -should be submitted for review via the Gerrit tool, following -the workflow documented at: - - http://docs.openstack.org/infra/manual/developers.html#development-workflow - -Pull requests submitted through GitHub will be ignored. - -Bugs ----- - -Bugs should be filed on Launchpad, not GitHub: - - https://bugs.launchpad.net/openstack-chef - -Contacts --------- - -Mailing List URL: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -Mailing List Topic: [chef] -IRC: #openstack-chef is our channel on irc.freenode.net -Wiki: https://wiki.openstack.org/wiki/Chef -Twitter: @chefopenstack diff --git a/Gemfile b/Gemfile deleted file mode 100644 index 31c90b5..0000000 --- a/Gemfile +++ /dev/null @@ -1,14 +0,0 @@ -## THIS GEMFILE IS DEPRECATED AND WILL BE REMOVED AFTER THE NEXT RELEASE -## THERE WON'T BE ANY UPDATES TO THIS FILE DURING THIS RELEASE CYCLE -## WE SWITCHED TO CHEFDK AS THE BUNDLE FOR THE NEEDED GEMS - -source 'https://rubygems.org' - -gem 'chef', '~> 11.18.6' -gem 'json', '<= 1.7.7' # chef 11 dependency -gem 'berkshelf', '~> 3.2.1' -gem 'hashie', '~> 2.0' -gem 'chefspec', '~> 4.0.0' -gem 'rspec', '~> 3.0.0' -gem 'foodcritic', '~> 4.0' -gem 'rubocop', '~> 0.29.1' diff --git a/MAINTAINERS.md b/MAINTAINERS.md deleted file mode 100644 index 87266d4..0000000 --- a/MAINTAINERS.md +++ /dev/null @@ -1,3 +0,0 @@ -The chef core reviewer membership and contact information is centrally maintained [here](http://bit.ly/openstack-chef-maintainers). - -Please don't hesitate to reach out of you have questions or concerns related to this project. We are here to help. diff --git a/README.md b/README.md index 156cf38..b72ee4f 100644 --- a/README.md +++ b/README.md @@ -1,74 +1,6 @@ -Team and repository tags -======================== +This project is no longer maintained. -[![Team and repository tags](http://governance.openstack.org/badges/cookbook-openstack-bare-metal.svg)](http://governance.openstack.org/reference/tags/index.html) - - - -# THIS COOKBOOK IS CURRENTLY NOT MAINTAINED AND THERE WILL BE NO REALEASE FOR -STABLE/MITAKA. IF YOU ARE INTERESTED IN HELPING MAINTAINING IT, PLEASE JOIN OUR -WEEKLY MEETING ON IRC OR PING US IN THE #openstack-chef CHANNEL ON freenode. - -cookbook-openstack-bare-metal Cookbook -====================================== - -This cookbook installs the OpenStack Bare Metal service **Ironic** as part of -the OpenStack reference deployment Chef for OpenStack. Ironic is currently -installed from packages. - -https://wiki.openstack.org/wiki/Ironic - -Requirements ------------- - -Chef 12 or higher required (for Chef environment use). - -Attributes ----------- - -Please see the extensive inline documentation in `attributes/*.rb` for descriptions -of all the settable attributes for this cookbook. - -There are also many common attributes shared across the cookbooks that are found in -the cookbook-openstack-common cookbook attribute files. - -Note that all attributes are in the `default["openstack"]` "namespace" - - -Usage ------ -#### cookbook-openstack-bare-metal::default -TODO: Write usage instructions for each cookbook. - - -Contributing ------------- - -Please refer to the [CONTRIBUTING.md](CONTRIBUTING.md) for instructions for contributing. - -Testing -------- - -Please refer to the [TESTING.md](TESTING.md) for instructions for testing the cookbook. - -License and Authors -------------------- - -| | | -|:---------------------|:---------------------------------------------------| -| **Author** | Wen Cheng Ma() | -| | | -| **Copyright** | Copyright (c) 2014-2015, IBM, Corp. | - - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. +The contents of this repository are still available in the Git +source code management system. To see the contents of this +repository before it reached its end of life, please check out the +previous commit with "git checkout HEAD^1". diff --git a/Rakefile b/Rakefile deleted file mode 100644 index 594b959..0000000 --- a/Rakefile +++ /dev/null @@ -1,40 +0,0 @@ -task default: ["test"] - -task :test #=> [:lint, :style, :unit] - -desc "Vendor the cookbooks in the Berksfile" -task :berks_prep do - sh %{chef exec berks vendor} -end - -desc "Run FoodCritic (lint) tests" -task :lint do - sh %{chef exec foodcritic --epic-fail any --tags ~FC003 --tags ~FC023 .} -end - -desc "Run RuboCop (style) tests" -task :style do - sh %{chef exec rubocop} -end - -desc "Run RSpec (unit) tests" -task :unit => :berks_prep do - sh %{chef exec rspec --format documentation} -end - -desc "Remove the berks-cookbooks directory and the Berksfile.lock" -task :clean do - rm_rf [ - 'berks-cookbooks', - 'Berksfile.lock' - ] -end - -desc "All-in-One Neutron build Infra using Common task" -task :integration do - # Use the common integration task - sh %(wget -nv -t 3 -O Rakefile-Common https://raw.githubusercontent.com/openstack/cookbook-openstack-common/master/Rakefile) - load './Rakefile-Common' - Rake::Task["common_integration"].invoke -end - diff --git a/TESTING.md b/TESTING.md deleted file mode 100644 index 1dd45c5..0000000 --- a/TESTING.md +++ /dev/null @@ -1,30 +0,0 @@ -# Testing the Cookbook # - -This cookbook uses [chefdk](https://downloads.chef.io/chef-dk/) and [berkshelf](http://berkshelf.com/) to isolate dependencies. Make sure you have chefdk and the header files for `gecode` installed before continuing. Make sure that you're using gecode version 3. More info [here](https://github.com/opscode/dep-selector-libgecode/tree/0bad63fea305ede624c58506423ced697dd2545e#using-a-system-gecode-instead). For more detailed information on what needs to be installed, you can have a quick look into the bootstrap.sh file in this repository, which does install all the needed things to get going on ubuntu trusty. The tests defined in the Rakefile include lint, style and unit. For integration testing please refere to the [openstack-chef-repo](https://github.com/openstack/openstack-chef-repo). - -We have three test suites which you can run either, individually (there are three rake tasks): - - $ chef exec rake lint - $ chef exec rake style - $ chef exec rake unit - -or altogether: - - $ chef exec rake - -The `rake` tasks will take care of installing the needed cookbooks with `berkshelf`. - -## Rubocop ## - -[Rubocop](https://github.com/bbatsov/rubocop) is a static Ruby code analyzer, based on the community [Ruby style guide](https://github.com/bbatsov/ruby-style-guide). We are attempting to adhere to this where applicable, slowly cleaning up the cookbooks until we can turn on Rubocop for gating the commits. - -## Foodcritic ## - -[Foodcritic](http://acrmp.github.io/foodcritic/) is a lint tool for Chef cookbooks. We ignore the following rules: - -* [FC003](http://acrmp.github.io/foodcritic/#FC003) These cookbooks are not intended for Chef Solo. -* [FC023](http://acrmp.github.io/foodcritic/#FC023) Prefer conditional attributes. - -## Chefspec - -[ChefSpec](https://github.com/sethvargo/chefspec) is a unit testing framework for testing Chef cookbooks. ChefSpec makes it easy to write examples and get fast feedback on cookbook changes without the need for virtual machines or cloud servers. diff --git a/attributes/default.rb b/attributes/default.rb deleted file mode 100644 index 7f5537d..0000000 --- a/attributes/default.rb +++ /dev/null @@ -1,118 +0,0 @@ -# encoding: UTF-8 -# -# Cookbook Name:: openstack-bare-metal -# Attributes:: default -# -# Copyright 2015, IBM, Corp -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# Set to some text value if you want templated config files -# to contain a custom banner at the top of the written file -default['openstack']['bare-metal']['custom_template_banner'] = " -# This file autogenerated by Chef -# Do not edit, changes will be overwritten -" - -default['openstack']['bare-metal']['verbose'] = 'false' -default['openstack']['bare-metal']['debug'] = 'false' - -# Maximum number of worker threads that can be started -# simultaneously by a periodic task. Should be less than RPC -# thread pool size. (integer value) -default['openstack']['bare-metal']['conductor']['periodic_max_workers'] = 8 - -# The size of the workers greenthread pool. (integer value) -default['openstack']['bare-metal']['conductor']['workers_pool_size'] = 100 - -# Common rpc definitions -default['openstack']['bare-metal']['rpc_thread_pool_size'] = 64 -default['openstack']['bare-metal']['rpc_conn_pool_size'] = 30 -default['openstack']['bare-metal']['rpc_response_timeout'] = 60 - -# The name of the Chef role that knows about the message queue server -# that Ironic uses -default['openstack']['bare-metal']['rabbit_server_chef_role'] = 'os-ops-messaging' - -case node['openstack']['mq']['service_type'] -when 'rabbitmq' - default['openstack']['bare-metal']['rpc_backend'] = 'rabbit' -when 'qpid' - default['openstack']['bare-metal']['rpc_backend'] = 'qpid' -end - -# The AMQP exchange to connect to if using RabbitMQ or Qpid -default['openstack']['bare-metal']['control_exchange'] = node['openstack']['mq']['bare-metal']['control_exchange'] - -# Logging stuff -default['openstack']['bare-metal']['log_dir'] = '/var/log/ironic' - -default['openstack']['bare-metal']['syslog']['use'] = false -default['openstack']['bare-metal']['syslog']['facility'] = 'LOG_LOCAL1' -default['openstack']['bare-metal']['syslog']['config_facility'] = 'local1' - -default['openstack']['bare-metal']['region'] = node['openstack']['region'] - -# Keystone settings -default['openstack']['bare-metal']['api']['auth_strategy'] = 'keystone' - -default['openstack']['bare-metal']['api']['auth']['version'] = node['openstack']['api']['auth']['version'] - -# Whether to allow the client to perform insecure SSL (https) requests -default['openstack']['bare-metal']['api']['auth']['insecure'] = false - -# Keystone PKI signing directories -default['openstack']['bare-metal']['api']['auth']['cache_dir'] = '/var/cache/ironic/api' - -default['openstack']['bare-metal']['service_tenant_name'] = 'service' -default['openstack']['bare-metal']['service_user'] = 'ironic' -default['openstack']['bare-metal']['service_role'] = 'admin' - -default['openstack']['bare-metal']['user'] = 'ironic' -default['openstack']['bare-metal']['group'] = 'ironic' - -# Setup the tftp variables -default['openstack']['bare-metal']['tftp']['enabled'] = false -# IP address of Ironic compute node's tftp server -default['openstack']['bare-metal']['tftp']['server'] = '127.0.0.1' -# Ironic compute node's tftp root path -default['openstack']['bare-metal']['tftp']['root_path'] = '/var/lib/tftpboot' -# Directory where master tftp images are stored on disk -default['openstack']['bare-metal']['tftp']['master_path'] = "#{node['openstack']['bare-metal']['tftp']['root_path']}/master_images" - -# rootwrap.conf -default['openstack']['bare-metal']['rootwrap']['filters_path'] = '/etc/ironic/rootwrap.d,/usr/share/ironic/rootwrap' -default['openstack']['bare-metal']['rootwrap']['exec_dirs'] = '/sbin,/usr/sbin,/bin,/usr/bin' -default['openstack']['bare-metal']['rootwrap']['use_syslog'] = false -default['openstack']['bare-metal']['rootwrap']['syslog_log_facility'] = 'syslog' -default['openstack']['bare-metal']['rootwrap']['syslog_log_level'] = 'ERROR' - -case platform_family -when 'fedora', 'rhel' - default['openstack']['bare-metal']['platform'] = { - 'ironic_api_packages' => ['openstack-ironic-api'], - 'ironic_api_service' => 'openstack-ironic-api', - 'ironic_conductor_packages' => ['openstack-ironic-conductor', 'shellinabox', 'ipmitool'], - 'ironic_conductor_service' => 'openstack-ironic-conductor', - 'ironic_common_packages' => ['openstack-ironic-common', 'python-ironicclient'] - } -when 'debian' - default['openstack']['bare-metal']['platform'] = { - 'ironic_api_packages' => ['ironic-api'], - 'ironic_api_service' => 'ironic-api', - 'ironic_conductor_packages' => ['ironic-conductor', 'shellinabox', 'ipmitool'], - 'ironic_conductor_service' => 'ironic-conductor', - 'ironic_common_packages' => ['python-ironicclient', 'ironic-common'] - } -end diff --git a/bootstrap.sh b/bootstrap.sh deleted file mode 100755 index fe49ef2..0000000 --- a/bootstrap.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -x -## This script is for installing all the needed packages on trusty to run the chef tests with 'chef exec rake'. -## It relies on the common bootstrap.sh from openstack/cookbook-openstack-common for installing common dependencies. - -curl https://raw.githubusercontent.com/openstack/cookbook-openstack-common/master/bootstrap.sh \ - --retry 3 \ - --silent \ - --show-error \ - | /bin/bash -x diff --git a/metadata.rb b/metadata.rb deleted file mode 100644 index 97b2b93..0000000 --- a/metadata.rb +++ /dev/null @@ -1,16 +0,0 @@ -name 'openstack-bare-metal' -maintainer 'openstack-chef' -maintainer_email 'openstack-dev@lists.openstack.org' -license 'Apache 2.0' -description 'Installs/Configures OpenStack Bare Metal service Ironic' -long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) -version '12.0.0' - -recipe 'openstack-bare-metal::api', 'Installs the ironic-api, sets up the ironic database' -recipe 'openstack-bare-metal::conductor', 'Installs the ironic-conductor service' -recipe 'openstack-bare-metal::default', 'Temp workaround to create ironic db with user' -recipe 'openstack-bare-metal::identity_registration', 'Registers ironic service/user/endpoints in keystone' -recipe 'openstack-bare-metal::ironic-common', 'Defines the common pieces of repeated code from the other recipes' - -depends 'openstack-common', '>= 12.0.0' -depends 'openstack-identity', '>= 12.0.0' diff --git a/recipes/api.rb b/recipes/api.rb deleted file mode 100644 index 7e0e39d..0000000 --- a/recipes/api.rb +++ /dev/null @@ -1,62 +0,0 @@ -# Encoding: utf-8 -# -# Cookbook Name:: openstack-bare-metal -# Recipe:: api -# -# Copyright 2015, IBM Corp. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class ::Chef::Recipe # rubocop:disable Documentation - include ::Openstack -end - -include_recipe 'openstack-bare-metal::ironic-common' - -platform_options = node['openstack']['bare-metal']['platform'] - -platform_options['ironic_api_packages'].each do |pkg| - package pkg do - action :upgrade - - notifies :restart, 'service[ironic-api]', :delayed - end -end - -directory '/var/cache/ironic' do - owner node['openstack']['bare-metal']['user'] - group node['openstack']['bare-metal']['group'] - mode 00700 - action :create -end - -service 'ironic-api' do - service_name platform_options['ironic_api_service'] - supports status: true, restart: true - - action [:enable] - - subscribes :restart, 'template[/etc/ironic/ironic.conf]' - - platform_options['ironic_common_packages'].each do |pkg| - subscribes :restart, "package[#{pkg}]", :delayed - end -end - -execute 'ironic db sync' do - command 'ironic-dbsync --config-file /etc/ironic/ironic.conf upgrade' - user 'root' - group 'root' - action :run -end diff --git a/recipes/conductor.rb b/recipes/conductor.rb deleted file mode 100644 index 2341194..0000000 --- a/recipes/conductor.rb +++ /dev/null @@ -1,48 +0,0 @@ -# Encoding: utf-8 -# -# Cookbook Name:: openstack-bare-metal -# Recipe:: conductor -# -# Copyright 2015, IBM Corp. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class ::Chef::Recipe # rubocop:disable Documentation - include ::Openstack -end - -include_recipe 'openstack-bare-metal::ironic-common' - -platform_options = node['openstack']['bare-metal']['platform'] - -platform_options['ironic_conductor_packages'].each do |pkg| - package pkg do - action :upgrade - - notifies :restart, 'service[ironic-conductor]', :delayed - end -end - -service 'ironic-conductor' do - service_name platform_options['ironic_conductor_service'] - supports status: true, restart: true - - action [:enable] - - subscribes :restart, 'template[/etc/ironic/ironic.conf]' - - platform_options['ironic_common_packages'].each do |pkg| - subscribes :restart, "package[#{pkg}]", :delayed - end -end diff --git a/recipes/default.rb b/recipes/default.rb deleted file mode 100644 index f65c07c..0000000 --- a/recipes/default.rb +++ /dev/null @@ -1,19 +0,0 @@ -# Encoding: utf-8 -# -# Cookbook Name:: openstack-bare-metal -# Recipe:: default -# -# Copyright 2015, IBM Corp. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# diff --git a/recipes/identity_registration.rb b/recipes/identity_registration.rb deleted file mode 100644 index 764c465..0000000 --- a/recipes/identity_registration.rb +++ /dev/null @@ -1,86 +0,0 @@ -# encoding: UTF-8 -# -# Cookbook Name:: openstack-bare-metal -# Recipe:: identity_registration -# -# Copyright 2015, IBM, Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require 'uri' - -class ::Chef::Recipe # rubocop:disable Documentation - include ::Openstack -end - -identity_admin_endpoint = endpoint 'identity-admin' -bootstrap_token = get_password 'token', 'openstack_identity_bootstrap_token' -auth_uri = ::URI.decode identity_admin_endpoint.to_s -ironic_api_endpoint = endpoint 'bare-metal-api' -service_pass = get_password 'service', 'openstack-bare-metal' -region = node['openstack']['bare-metal']['region'] -service_tenant_name = node['openstack']['bare-metal']['service_tenant_name'] -service_user = node['openstack']['bare-metal']['service_user'] -service_role = node['openstack']['bare-metal']['service_role'] - -openstack_identity_register 'Register Service Tenant' do - auth_uri auth_uri - bootstrap_token bootstrap_token - tenant_name service_tenant_name - tenant_description 'Service Tenant' - - action :create_tenant -end - -openstack_identity_register 'Register Ironic bare metal Service' do - auth_uri auth_uri - bootstrap_token bootstrap_token - service_name 'ironic' - service_type 'baremetal' - service_description 'Ironic bare metal provisioning service' - - action :create_service -end - -openstack_identity_register 'Register Ironic bare metal Endpoint' do - auth_uri auth_uri - bootstrap_token bootstrap_token - service_type 'baremetal' - endpoint_region region - endpoint_adminurl ::URI.decode ironic_api_endpoint.to_s - endpoint_internalurl ::URI.decode ironic_api_endpoint.to_s - endpoint_publicurl ::URI.decode ironic_api_endpoint.to_s - - action :create_endpoint -end - -openstack_identity_register 'Register Ironic bare metal Service User' do - auth_uri auth_uri - bootstrap_token bootstrap_token - tenant_name service_tenant_name - user_name service_user - user_pass service_pass - - action :create_user -end - -openstack_identity_register 'Grant admin Role to Ironic Service User for Ironic Service Tenant' do - auth_uri auth_uri - bootstrap_token bootstrap_token - tenant_name service_tenant_name - user_name service_user - role_name service_role - - action :grant_role -end diff --git a/recipes/ironic-common.rb b/recipes/ironic-common.rb deleted file mode 100644 index 64d3785..0000000 --- a/recipes/ironic-common.rb +++ /dev/null @@ -1,104 +0,0 @@ -# Encoding: utf-8 -# -# Cookbook Name:: openstack-bare-metal -# Recipe:: ironic-common -# -# Copyright 2015, IBM Corp. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -class ::Chef::Recipe # rubocop:disable Documentation - include ::Openstack -end - -if node['openstack']['bare-metal']['syslog']['use'] - include_recipe 'openstack-common::logging' -end - -platform_options = node['openstack']['bare-metal']['platform'] - -platform_options['ironic_common_packages'].each do |pkg| - package pkg do - action :upgrade - end -end - -db_type = node['openstack']['db']['bare-metal']['service_type'] -node['openstack']['db']['python_packages'][db_type].each do |pkg| - package pkg do - action :upgrade - end -end - -directory '/etc/ironic' do - owner node['openstack']['bare-metal']['user'] - group node['openstack']['bare-metal']['group'] - mode 00750 - action :create -end - -db_user = node['openstack']['db']['bare-metal']['username'] -db_pass = get_password 'db', 'ironic' -db_connection = db_uri('bare-metal', db_user, db_pass) - -mq_service_type = node['openstack']['mq']['bare-metal']['service_type'] - -if mq_service_type == 'rabbitmq' - node['openstack']['mq']['bare-metal']['rabbit']['ha'] && (rabbit_hosts = rabbit_servers) - mq_password = get_password 'user', node['openstack']['mq']['bare-metal']['rabbit']['userid'] -elsif mq_service_type == 'qpid' - mq_password = get_password 'user', node['openstack']['mq']['bare-metal']['qpid']['username'] -end - -image_endpoint = endpoint 'image-api' - -identity_endpoint = internal_endpoint 'identity-internal' -identity_admin_endpoint = admin_endpoint 'identity-admin' -service_pass = get_password 'service', 'openstack-bare-metal' - -auth_uri = auth_uri_transform(identity_endpoint.to_s, node['openstack']['bare-metal']['api']['auth']['version']) -identity_uri = identity_uri_transform(identity_admin_endpoint) - -network_endpoint = internal_endpoint 'network-api' || {} -api_bind = internal_endpoint 'bare-metal-api-bind' - -template '/etc/ironic/ironic.conf' do - source 'ironic.conf.erb' - owner node['openstack']['bare-metal']['user'] - group node['openstack']['bare-metal']['group'] - mode 00640 - variables( - api_bind_address: api_bind.host, - api_bind_port: api_bind.port, - db_connection: db_connection, - mq_service_type: mq_service_type, - mq_password: mq_password, - rabbit_hosts: rabbit_hosts, - network_endpoint: network_endpoint, - glance_protocol: image_endpoint.scheme, - glance_host: image_endpoint.host, - glance_port: image_endpoint.port, - auth_uri: auth_uri, - identity_uri: identity_uri, - service_pass: service_pass - ) -end - -template '/etc/ironic/rootwrap.conf' do - source 'rootwrap.conf.erb' - # Must be root! - owner 'root' - group 'root' - mode 00644 -end diff --git a/spec/api_spec.rb b/spec/api_spec.rb deleted file mode 100644 index ea253e8..0000000 --- a/spec/api_spec.rb +++ /dev/null @@ -1,75 +0,0 @@ -# Encoding: utf-8 -# -# Cookbook Name:: openstack-bare-metal -# Spec:: api_spec -# -# Copyright 2015, IBM Corp. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require_relative 'spec_helper' - -describe 'openstack-bare-metal::api' do - describe 'ubuntu' do - let(:runner) { ChefSpec::SoloRunner.new(UBUNTU_OPTS) } - let(:node) { runner.node } - let(:chef_run) { runner.converge(described_recipe) } - - include_context 'bare-metal-stubs' - - it 'includes ironic common recipe' do - expect(chef_run).to include_recipe('openstack-bare-metal::ironic-common') - end - - it 'upgrades ironic api packages' do - expect(chef_run).to upgrade_package('ironic-api') - end - - describe 'ironic-api packages' do - let(:package) { chef_run.package('ironic-api') } - - it 'sends a notification to the service' do - expect(package).to notify('service[ironic-api]').to(:restart).delayed - end - end - - it 'should create the directory /var/cache/ironic' do - expect(chef_run).to create_directory('/var/cache/ironic').with( - user: 'ironic', - group: 'ironic', - mode: 00700 - ) - end - - it 'enables ironic api on boot' do - expect(chef_run).to enable_service('ironic-api') - end - - describe 'ironic-api' do - let(:service) { chef_run.service('ironic-api') } - - it 'subscribes to the template creation' do - expect(service).to subscribe_to('template[/etc/ironic/ironic.conf]') - end - - it 'subscribes to the common packages' do - expect(service).to subscribe_to('package[python-ironicclient]').delayed - end - end - - it 'runs db migrations' do - expect(chef_run).to run_execute('ironic db sync').with(user: 'root', group: 'root') - end - end -end diff --git a/spec/conductor_spec.rb b/spec/conductor_spec.rb deleted file mode 100644 index 04deaee..0000000 --- a/spec/conductor_spec.rb +++ /dev/null @@ -1,65 +0,0 @@ -# Encoding: utf-8 -# -# Cookbook Name:: openstack-bare-metal -# Spec:: conductor_spec -# -# Copyright 2015, IBM Corp. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require_relative 'spec_helper' - -describe 'openstack-bare-metal::conductor' do - describe 'ubuntu' do - let(:runner) { ChefSpec::SoloRunner.new(UBUNTU_OPTS) } - let(:node) { runner.node } - let(:chef_run) { runner.converge(described_recipe) } - - include_context 'bare-metal-stubs' - - it 'includes ironic common recipe' do - expect(chef_run).to include_recipe('openstack-bare-metal::ironic-common') - end - - it 'upgrades ironic conductor packages' do - %w(ironic-conductor shellinabox ipmitool).each do |pkg| - expect(chef_run).to upgrade_package(pkg) - end - end - - describe 'ironic-conductor packages' do - let(:package) { chef_run.package('ironic-conductor') } - - it 'sends a notification to the service' do - expect(package).to notify('service[ironic-conductor]').to(:restart).delayed - end - end - - it 'enables ironic conductor on boot' do - expect(chef_run).to enable_service('ironic-conductor') - end - - describe 'ironic-conductor' do - let(:service) { chef_run.service('ironic-conductor') } - - it 'subscribes to the template creation' do - expect(service).to subscribe_to('template[/etc/ironic/ironic.conf]') - end - - it 'subscribes to the common packages' do - expect(service).to subscribe_to('package[python-ironicclient]').delayed - end - end - end -end diff --git a/spec/identity_registration_spec.rb b/spec/identity_registration_spec.rb deleted file mode 100644 index 093884f..0000000 --- a/spec/identity_registration_spec.rb +++ /dev/null @@ -1,74 +0,0 @@ -# encoding: UTF-8 - -require_relative 'spec_helper' - -describe 'openstack-bare-metal::identity_registration' do - describe 'ubuntu' do - let(:runner) { ChefSpec::SoloRunner.new(UBUNTU_OPTS) } - let(:node) { runner.node } - let(:chef_run) { runner.converge(described_recipe) } - - include_context 'bare-metal-stubs' - - it 'registers service tenant' do - expect(chef_run).to create_tenant_openstack_identity_register( - 'Register Service Tenant' - ).with( - auth_uri: 'http://127.0.0.1:35357/v2.0', - bootstrap_token: 'bootstrap-token', - tenant_name: 'service', - tenant_description: 'Service Tenant' - ) - end - - it 'registers bare metal service' do - expect(chef_run).to create_service_openstack_identity_register( - 'Register Ironic bare metal Service' - ).with( - auth_uri: 'http://127.0.0.1:35357/v2.0', - bootstrap_token: 'bootstrap-token', - service_name: 'ironic', - service_type: 'baremetal', - service_description: 'Ironic bare metal provisioning service' - ) - end - - it 'registers bare metal endpoint' do - expect(chef_run).to create_endpoint_openstack_identity_register( - 'Register Ironic bare metal Endpoint' - ).with( - auth_uri: 'http://127.0.0.1:35357/v2.0', - bootstrap_token: 'bootstrap-token', - service_type: 'baremetal', - endpoint_region: 'RegionOne', - endpoint_adminurl: 'http://127.0.0.1:6385', - endpoint_internalurl: 'http://127.0.0.1:6385', - endpoint_publicurl: 'http://127.0.0.1:6385' - ) - end - - it 'registers bare metal service user' do - expect(chef_run).to create_user_openstack_identity_register( - 'Register Ironic bare metal Service User' - ).with( - auth_uri: 'http://127.0.0.1:35357/v2.0', - bootstrap_token: 'bootstrap-token', - tenant_name: 'service', - user_name: 'ironic', - user_pass: 'service_pass' - ) - end - - it 'grants admin role to service user for service tenant' do - expect(chef_run).to grant_role_openstack_identity_register( - 'Grant admin Role to Ironic Service User for Ironic Service Tenant' - ).with( - auth_uri: 'http://127.0.0.1:35357/v2.0', - bootstrap_token: 'bootstrap-token', - tenant_name: 'service', - role_name: 'admin', - user_name: 'ironic' - ) - end - end -end diff --git a/spec/ironic-common_spec.rb b/spec/ironic-common_spec.rb deleted file mode 100644 index 9c9818f..0000000 --- a/spec/ironic-common_spec.rb +++ /dev/null @@ -1,312 +0,0 @@ -# Encoding: utf-8 -# -# Cookbook Name:: openstack-bare-metal -# Spec:: ironic_common_spec -# -# Copyright 2015, IBM Corp. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require_relative 'spec_helper' - -describe 'openstack-bare-metal::ironic-common' do - describe 'ubuntu' do - let(:runner) { ChefSpec::SoloRunner.new(UBUNTU_OPTS) } - let(:node) { runner.node } - let(:chef_run) { runner.converge(described_recipe) } - - include_context 'bare-metal-stubs' - - it 'upgrades ironic common packages' do - expect(chef_run).to upgrade_package('python-ironicclient') - expect(chef_run).to upgrade_package('ironic-common') - end - - it 'upgrades mysql python package' do - expect(chef_run).to upgrade_package('python-mysqldb') - end - - describe '/etc/ironic' do - let(:dir) { chef_run.directory('/etc/ironic') } - - it 'should create the directory' do - expect(chef_run).to create_directory(dir.name).with( - user: 'ironic', - group: 'ironic', - mode: 0750 - ) - end - end - - describe 'ironic.conf' do - let(:file) { chef_run.template('/etc/ironic/ironic.conf') } - - it 'should create the ironic.conf template' do - expect(chef_run).to create_template(file.name).with( - user: 'ironic', - group: 'ironic', - mode: 0640 - ) - end - - it 'has the default api attributes' do - [ - /^host_ip=127.0.0.1$/, - /^port=6385$/ - ].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('api', line) - end - end - - it 'has the default glance attributes' do - [ - /^glance_host=127.0.0.1$/, - /^glance_port=9292$/, - /^glance_protocol=http$/ - ].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('glance', line) - end - end - - it 'has the default conductor attributes' do - [ - /^periodic_max_workers=8$/, - /^workers_pool_size=100$/ - ].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('conductor', line) - end - end - - context 'template contents' do - it 'has the default rpc_backend attribute' do - expect(chef_run).to render_config_file(file.name).with_section_content('DEFAULT', /^rpc_backend=rabbit$/) - end - - it 'overrides the default rpc_backend attribute' do - node.set['openstack']['bare-metal']['rpc_backend'] = 'qpid' - - expect(chef_run).to render_config_file(file.name).with_section_content('DEFAULT', /^rpc_backend=qpid$/) - end - - it 'sets the default auth attributes' do - [ - /^insecure=false$/, - %r{^signing_dir=/var/cache/ironic/api$}, - %r{^auth_uri=http://127.0.0.1:5000/v2.0$}, - %r{^identity_uri=http://127.0.0.1:35357/$}, - /^auth_version=v2.0$/, - /^admin_user=ironic$/, - /^admin_password=service_pass$/, - /^admin_tenant_name=service$/ - ].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('keystone_authtoken', line) - end - end - end - - it 'has default neutron attributes' do - expect(chef_run).to render_config_file(file.name).with_section_content('neutron', %r{^url=http://127.0.0.1:9696$}) - end - - context 'tftp' do - before do - node.set['openstack']['bare-metal']['tftp']['enabled'] = true - end - - it 'sets tftp attributes' do - [ - /^tftp_server=127.0.0.1$/, - %r{^tftp_root=/var/lib/tftpboot$}, - %r{^tftp_master_path=/var/lib/tftpboot/master_images$} - ].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('pxe', line) - end - end - end - - context 'qpid as mq service' do - before do - node.set['openstack']['mq']['bare-metal']['service_type'] = 'qpid' - end - - it 'has default RPC/AMQP options set' do - [/^rpc_conn_pool_size=30$/, - /^amqp_durable_queues=false$/, - /^amqp_auto_delete=false$/].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_qpid', line) - end - end - - %w(port username sasl_mechanisms reconnect reconnect_timeout reconnect_limit - reconnect_interval_min reconnect_interval_max reconnect_interval heartbeat protocol - tcp_nodelay).each do |attr| - it "has qpid_#{attr} attribute" do - node.set['openstack']['mq']['bare-metal']['qpid'][attr] = "qpid_#{attr}_value" - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_qpid', /^qpid_#{attr}=qpid_#{attr}_value$/) - end - end - - it 'has qpid_hostname' do - node.set['openstack']['mq']['bare-metal']['qpid']['host'] = 'qpid_host_value' - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_qpid', /^qpid_hostname=qpid_host_value$/) - end - - it 'has qpid_password' do - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_qpid', /^qpid_password=user_pass$/) - end - - it 'has default qpid topology version' do - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_qpid', /^qpid_topology_version=1$/) - end - end - - context 'rabbit mq backend' do - before do - node.set['openstack']['mq']['bare-metal']['service_type'] = 'rabbitmq' - end - - it 'has default RPC/AMQP options set' do - [/^rpc_conn_pool_size=30$/, - /^amqp_durable_queues=false$/, - /^amqp_auto_delete=false$/, - /^heartbeat_timeout_threshold=0$/, - /^heartbeat_rate=2$/].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line) - end - end - - it 'does not have ssl config set' do - [/^rabbit_use_ssl=/, - /^kombu_ssl_version=/, - /^kombu_ssl_keyfile=/, - /^kombu_ssl_certfile=/, - /^kombu_ssl_ca_certs=/, - /^kombu_reconnect_delay=/, - /^kombu_reconnect_timeout=/].each do |line| - expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line) - end - end - - it 'sets ssl config' do - node.set['openstack']['mq']['bare-metal']['rabbit']['use_ssl'] = true - node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_version'] = 'TLSv1.2' - node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_keyfile'] = 'keyfile' - node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_certfile'] = 'certfile' - node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_ca_certs'] = 'certsfile' - node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_reconnect_delay'] = 123.123 - node.set['openstack']['mq']['bare-metal']['rabbit']['kombu_reconnect_timeout'] = 123 - [/^rabbit_use_ssl=true/, - /^kombu_ssl_version=TLSv1.2$/, - /^kombu_ssl_keyfile=keyfile$/, - /^kombu_ssl_certfile=certfile$/, - /^kombu_ssl_ca_certs=certsfile$/, - /^kombu_reconnect_delay=123.123$/, - /^kombu_reconnect_timeout=123$/].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', line) - end - end - - context 'ha attributes' do - before do - node.set['openstack']['mq']['bare-metal']['rabbit']['ha'] = true - end - - it 'has a rabbit_hosts attribute' do - allow_any_instance_of(Chef::Recipe).to receive(:rabbit_servers) - .and_return('rabbit_servers_value') - - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_hosts=rabbit_servers_value$/) - end - - %w(host port).each do |attr| - it "does not have rabbit_#{attr} attribute" do - expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_#{attr}=/) - end - end - end - - context 'non ha attributes' do - before do - node.set['openstack']['mq']['bare-metal']['rabbit']['ha'] = false - end - - %w(host port).each do |attr| - it "has rabbit_#{attr} attribute" do - node.set['openstack']['mq']['bare-metal']['rabbit'][attr] = "rabbit_#{attr}_value" - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_#{attr}=rabbit_#{attr}_value$/) - end - end - - it 'does not have a rabbit_hosts attribute' do - expect(chef_run).not_to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_hosts=/) - end - end - - it 'has rabbit_userid' do - node.set['openstack']['mq']['bare-metal']['rabbit']['userid'] = 'rabbit_userid_value' - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_userid=rabbit_userid_value$/) - end - - it 'has rabbit_password' do - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_password=user_pass$/) - end - - it 'has rabbit_virtual_host' do - node.set['openstack']['mq']['bare-metal']['rabbit']['vhost'] = 'vhost_value' - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_virtual_host=vhost_value$/) - end - - it 'has the default rabbit_retry_interval set' do - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_retry_interval=1$/) - end - - it 'has the default rabbit_max_retries set' do - expect(chef_run).to render_config_file(file.name).with_section_content('oslo_messaging_rabbit', /^rabbit_max_retries=0$/) - end - end - end - - describe 'rootwrap.conf' do - let(:file) { chef_run.template('/etc/ironic/rootwrap.conf') } - - it 'should create the /etc/ironic/rootwrap.conf file' do - expect(chef_run).to create_template(file.name).with( - user: 'root', - group: 'root', - mode: 0644 - ) - end - - context 'template contents' do - it 'shows the custom banner' do - node.set['openstack']['bare-metal']['custom_template_banner'] = 'banner' - - expect(chef_run).to render_file(file.name).with_content(/^banner$/) - end - - it 'sets the default attributes' do - [ - %r{^filters_path=/etc/ironic/rootwrap.d,/usr/share/ironic/rootwrap$}, - %r{^exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin$}, - /^use_syslog=false$/, - /^syslog_log_facility=syslog$/, - /^syslog_log_level=ERROR$/ - ].each do |line| - expect(chef_run).to render_config_file(file.name).with_section_content('DEFAULT', line) - end - end - end - end - end -end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb deleted file mode 100644 index e3d6056..0000000 --- a/spec/spec_helper.rb +++ /dev/null @@ -1,41 +0,0 @@ -# encoding: UTF-8 - -require 'chefspec' -require 'chefspec/berkshelf' -require 'chef/application' - -LOG_LEVEL = :fatal -SUSE_OPTS = { - platform: 'suse', - version: '11.3', - log_level: ::LOG_LEVEL -} -REDHAT_OPTS = { - platform: 'redhat', - version: '7.1', - log_level: ::LOG_LEVEL -} -UBUNTU_OPTS = { - platform: 'ubuntu', - version: '14.04', - log_level: ::LOG_LEVEL -} - -shared_context 'bare-metal-stubs' do - before do - allow_any_instance_of(Chef::Recipe).to receive(:get_password) - .with('service', anything) - .and_return('service_pass') - allow_any_instance_of(Chef::Recipe).to receive(:get_password) - .with('db', anything) - .and_return('db_pass') - allow_any_instance_of(Chef::Recipe).to receive(:get_password) - .with('user', anything) - .and_return('user_pass') - allow_any_instance_of(Chef::Recipe).to receive(:get_password) - .with('token', 'openstack_identity_bootstrap_token') - .and_return('bootstrap-token') - allow_any_instance_of(Chef::Recipe).to receive(:rabbit_servers) - .and_return('1.1.1.1:5672,2.2.2.2:5672') - end -end diff --git a/templates/default/ironic.conf.erb b/templates/default/ironic.conf.erb deleted file mode 100644 index dad31c8..0000000 --- a/templates/default/ironic.conf.erb +++ /dev/null @@ -1,1334 +0,0 @@ -<%= node['openstack']['bare-metal']['custom_template_banner'] %> - -[DEFAULT] - -# Deprecated, use rpc_backend=kombu+memory or rpc_backend=fake -# (boolean value) -#fake_rabbit=false - -# ZeroMQ bind address. Should be a wildcard (*), an ethernet -# interface, or IP. The "host" option should point or resolve -# to this address. (string value) -#rpc_zmq_bind_address=* - -# MatchMaker driver. (string value) -#rpc_zmq_matchmaker=oslo.messaging._drivers.matchmaker.MatchMakerLocalhost - -# ZeroMQ receiver listening port. (integer value) -#rpc_zmq_port=9501 - -# Number of ZeroMQ contexts, defaults to 1. (integer value) -#rpc_zmq_contexts=1 - -# Maximum number of ingress messages to locally buffer per -# topic. Default is unlimited. (integer value) -#rpc_zmq_topic_backlog= - -# Directory for holding IPC sockets. (string value) -#rpc_zmq_ipc_dir=/var/run/openstack - -# Name of this node. Must be a valid hostname, FQDN, or IP -# address. Must match "host" option, if running Nova. (string -# value) -#rpc_zmq_host=ironic - -# Seconds to wait before a cast expires (TTL). Only supported -# by impl_zmq. (integer value) -#rpc_cast_timeout=30 - -# Heartbeat frequency. (integer value) -#matchmaker_heartbeat_freq=300 - -# Heartbeat time-to-live. (integer value) -#matchmaker_heartbeat_ttl=600 - -# Size of RPC greenthread pool. (integer value) -rpc_thread_pool_size=<%= node['openstack']['bare-metal']['rpc_thread_pool_size'] %> - -# Driver or drivers to handle sending notifications. (multi -# valued) -#notification_driver= - -# AMQP topic used for OpenStack notifications. (list value) -# Deprecated group/name - [rpc_notifier2]/topics -#notification_topics=notifications - -# Seconds to wait for a response from a call. (integer value) -rpc_response_timeout=<%= node['openstack']['bare-metal']['rpc_response_timeout'] %> - -# A URL representing the messaging driver to use and its full -# configuration. If not set, we fall back to the rpc_backend -# option and driver specific configuration. (string value) -#transport_url= - -# The messaging driver to use, defaults to rabbit. Other -# drivers include qpid and zmq. (string value) -rpc_backend=<%= node['openstack']['bare-metal']['rpc_backend'] %> - -# The default exchange under which topics are scoped. May be -# overridden by an exchange name specified in the -# transport_url option. (string value) -control_exchange=<%= node['openstack']['bare-metal']['control_exchange'] %> - - -# -# Options defined in ironic.netconf -# - -# IP address of this host. (string value) -#my_ip=10.0.0.1 - - -# -# Options defined in ironic.api.app -# - -# Method to use for authentication: noauth or keystone. -# (string value) -auth_strategy=<%= node['openstack']['bare-metal']['api']['auth_strategy'] %> - - -# -# Options defined in ironic.common.driver_factory -# - -# Specify the list of drivers to load during service -# initialization. Missing drivers, or drivers which fail to -# initialize, will prevent the conductor service from -# starting. The option default is a recommended set of -# production-oriented drivers. A complete list of drivers -# present on your system may be found by enumerating the -# "ironic.drivers" entrypoint. An example may be found in the -# developer documentation online. (list value) -#enabled_drivers=pxe_ipmitool - - -# -# Options defined in ironic.common.exception -# - -# Make exception message format errors fatal. (boolean value) -#fatal_exception_format_errors=false - - -# -# Options defined in ironic.common.hash_ring -# - -# Exponent to determine number of hash partitions to use when -# distributing load across conductors. Larger values will -# result in more even distribution of load and less load when -# rebalancing the ring, but more memory usage. Number of -# partitions per conductor is (2^hash_partition_exponent). -# This determines the granularity of rebalancing: given 10 -# hosts, and an exponent of the 2, there are 40 partitions in -# the ring.A few thousand partitions should make rebalancing -# smooth in most cases. The default is suitable for up to a -# few hundred conductors. Too many partitions has a CPU -# impact. (integer value) -#hash_partition_exponent=5 - -# [Experimental Feature] Number of hosts to map onto each hash -# partition. Setting this to more than one will cause -# additional conductor services to prepare deployment -# environments and potentially allow the Ironic cluster to -# recover more quickly if a conductor instance is terminated. -# (integer value) -#hash_distribution_replicas=1 - - -# -# Options defined in ironic.common.images -# - -# Force backing images to raw format. (boolean value) -#force_raw_images=true - -# Path to isolinux binary file. (string value) -#isolinux_bin=/usr/lib/syslinux/isolinux.bin - -# Template file for isolinux configuration file. (string -# value) -#isolinux_config_template=$pybasedir/common/isolinux_config.template - - -# -# Options defined in ironic.common.paths -# - -# Directory where the ironic python module is installed. -# (string value) -#pybasedir=/usr/lib/python/site-packages/ironic - -# Directory where ironic binaries are installed. (string -# value) -#bindir=$pybasedir/bin - -# Top-level directory for maintaining ironic's state. (string -# value) -#state_path=$pybasedir - - -# -# Options defined in ironic.common.service -# - -# Seconds between running periodic tasks. (integer value) -#periodic_interval=60 - -# Name of this node. This can be an opaque identifier. It is -# not necessarily a hostname, FQDN, or IP address. However, -# the node name must be valid within an AMQP key, and if using -# ZeroMQ, a valid hostname, FQDN, or IP address. (string -# value) -#host=ironic - - -# -# Options defined in ironic.common.utils -# - -# Path to the rootwrap configuration file to use for running -# commands as root. (string value) -#rootwrap_config=/etc/ironic/rootwrap.conf - -# Explicitly specify the temporary working directory. (string -# value) -#tempdir= - - -# -# Options defined in ironic.drivers.modules.image_cache -# - -# Run image downloads and raw format conversions in parallel. -# (boolean value) -#parallel_image_downloads=false - - -# -# Options defined in ironic.openstack.common.eventlet_backdoor -# - -# Enable eventlet backdoor. Acceptable values are 0, , -# and :, where 0 results in listening on a random -# tcp port number; results in listening on the -# specified port number (and not enabling backdoor if that -# port is in use); and : results in listening on -# the smallest unused port number within the specified range -# of port numbers. The chosen port is displayed in the -# service's log file. (string value) -#backdoor_port= - - -# -# Options defined in ironic.openstack.common.log -# - -# Print debugging output (set logging level to DEBUG instead -# of default WARNING level). (boolean value) -debug=<%= node['openstack']['bare-metal']['debug'] %> - -# Print more verbose output (set logging level to INFO instead -# of default WARNING level). (boolean value) -verbose=<%= node['openstack']['bare-metal']['verbose'] %> - -# Log output to standard error. (boolean value) -#use_stderr=true - -# Format string to use for log messages with context. (string -# value) -#logging_context_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s - -# Format string to use for log messages without context. -# (string value) -#logging_default_format_string=%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s - -# Data to append to log format when level is DEBUG. (string -# value) -#logging_debug_format_suffix=%(funcName)s %(pathname)s:%(lineno)d - -# Prefix each line of exception output with this format. -# (string value) -#logging_exception_prefix=%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s - -# List of logger=LEVEL pairs. (list value) -#default_log_levels=amqp=WARN,amqplib=WARN,boto=WARN,qpid=WARN,sqlalchemy=WARN,suds=INFO,oslo.messaging=INFO,iso8601=WARN,requests.packages.urllib3.connectionpool=WARN,urllib3.connectionpool=WARN,websocket=WARN,keystonemiddleware=WARN,routes.middleware=WARN,stevedore=WARN - -# Enables or disables publication of error events. (boolean -# value) -#publish_errors=false - -# Enables or disables fatal status of deprecations. (boolean -# value) -#fatal_deprecations=false - -# The format for an instance that is passed with the log -# message. (string value) -#instance_format="[instance: %(uuid)s] " - -# The format for an instance UUID that is passed with the log -# message. (string value) -#instance_uuid_format="[instance: %(uuid)s] " - -# The name of a logging configuration file. This file is -# appended to any existing logging configuration files. For -# details about logging configuration files, see the Python -# logging module documentation. (string value) -# Deprecated group/name - [DEFAULT]/log_config -<% if node['openstack']['bare-metal']['syslog']['use'] %> -log_config_append=/etc/openstack/logging.conf -<% end %> - -# DEPRECATED. A logging.Formatter log message format string -# which may use any of the available logging.LogRecord -# attributes. This option is deprecated. Please use -# logging_context_format_string and -# logging_default_format_string instead. (string value) -#log_format= - -# Format string for %%(asctime)s in log records. Default: -# %(default)s . (string value) -#log_date_format=%Y-%m-%d %H:%M:%S - -# (Optional) Name of log file to output to. If no default is -# set, logging will go to stdout. (string value) -# Deprecated group/name - [DEFAULT]/logfile -#log_file= - -# (Optional) The base directory used for relative --log-file -# paths. (string value) -# Deprecated group/name - [DEFAULT]/logdir -log_dir=<%= node['openstack']['bare-metal']['log_dir'] %> - -# Use syslog for logging. Existing syslog format is DEPRECATED -# during I, and will change in J to honor RFC5424. (boolean -# value) -#use_syslog=false - -# (Optional) Enables or disables syslog rfc5424 format for -# logging. If enabled, prefixes the MSG part of the syslog -# message with APP-NAME (RFC5424). The format without the APP- -# NAME is deprecated in I, and will be removed in J. (boolean -# value) -#use_syslog_rfc_format=false - -# Syslog facility to receive log lines. (string value) -#syslog_log_facility=LOG_USER - - -# -# Options defined in ironic.openstack.common.periodic_task -# - -# Some periodic tasks can be run in a separate process. Should -# we run them here? (boolean value) -#run_external_periodic_tasks=true - - -# -# Options defined in ironic.openstack.common.policy -# - -# The JSON file that defines policies. (string value) -#policy_file=policy.json - -# Default rule. Enforced when a requested rule is not found. -# (string value) -#policy_default_rule=default - -# Directories where policy configuration files are stored. -# They can be relative to any directory in the search path -# defined by the config_dir option, or absolute paths. The -# file defined by policy_file must exist for these directories -# to be searched. (multi valued) -#policy_dirs=policy.d - - -[agent] - -# -# Options defined in ironic.drivers.modules.agent -# - -# Additional append parameters for baremetal PXE boot. (string -# value) -#agent_pxe_append_params=nofb nomodeset vga=normal - -# Template file for PXE configuration. (string value) -#agent_pxe_config_template=$pybasedir/drivers/modules/agent_config.template - -# Neutron bootfile DHCP parameter. (string value) -#agent_pxe_bootfile_name=pxelinux.0 - -# Maximum interval (in seconds) for agent heartbeats. (integer -# value) -#heartbeat_timeout=300 - - -# -# Options defined in ironic.drivers.modules.agent_client -# - -# API version to use for communicating with the ramdisk agent. -# (string value) -#agent_api_version=v1 - - -[api] - -# -# Options defined in ironic.api -# - -# The listen IP for the Ironic API server. (string value) -host_ip=<%= @api_bind_address %> - -# The port for the Ironic API server. (integer value) -port=<%= @api_bind_port %> - -# The maximum number of items returned in a single response -# from a collection resource. (integer value) -#max_limit=1000 - - -[conductor] - -# -# Options defined in ironic.conductor.manager -# - -# URL of Ironic API service. If not set ironic can get the -# current value from the keystone service catalog. (string -# value) -#api_url= - -# Seconds between conductor heart beats. (integer value) -#heartbeat_interval=10 - -# Maximum time (in seconds) since the last check-in of a -# conductor. (integer value) -#heartbeat_timeout=60 - -# Interval between syncing the node power state to the -# database, in seconds. (integer value) -#sync_power_state_interval=60 - -# Interval between checks of provision timeouts, in seconds. -# (integer value) -#check_provision_state_interval=60 - -# Timeout (seconds) for waiting callback from deploy ramdisk. -# 0 - unlimited. (integer value) -#deploy_callback_timeout=1800 - -# During sync_power_state, should the hardware power state be -# set to the state recorded in the database (True) or should -# the database be updated based on the hardware state (False). -# (boolean value) -#force_power_state_during_sync=true - -# During sync_power_state failures, limit the number of times -# Ironic should try syncing the hardware node power state with -# the node power state in DB (integer value) -#power_state_sync_max_retries=3 - -# Maximum number of worker threads that can be started -# simultaneously by a periodic task. Should be less than RPC -# thread pool size. (integer value) -periodic_max_workers=<%= node['openstack']['bare-metal']['conductor']['periodic_max_workers'] %> - -# The size of the workers greenthread pool. (integer value) -workers_pool_size=<%= node['openstack']['bare-metal']['conductor']['workers_pool_size'] %> - -# Number of attempts to grab a node lock. (integer value) -#node_locked_retry_attempts=3 - -# Seconds to sleep between node lock attempts. (integer value) -#node_locked_retry_interval=1 - -# Enable sending sensor data message via the notification bus -# (boolean value) -#send_sensor_data=false - -# Seconds between conductor sending sensor data message to -# ceilometer via the notification bus. (integer value) -#send_sensor_data_interval=600 - -# List of comma separated metric types which need to be sent -# to Ceilometer. The default value, "ALL", is a special value -# meaning send all the sensor data. (list value) -#send_sensor_data_types=ALL - -# When conductors join or leave the cluster, existing -# conductors may need to update any persistent local state as -# nodes are moved around the cluster. This option controls how -# often, in seconds, each conductor will check for nodes that -# it should "take over". Set it to a negative value to disable -# the check entirely. (integer value) -#sync_local_state_interval=180 - - -[console] - -# -# Options defined in ironic.drivers.modules.console_utils -# - -# Path to serial console terminal program (string value) -#terminal=shellinaboxd - -# Directory containing the terminal SSL cert(PEM) for serial -# console access (string value) -#terminal_cert_dir= - -# Directory for holding terminal pid files. If not specified, -# the temporary directory will be used. (string value) -#terminal_pid_dir= - -# Time interval (in seconds) for checking the status of -# console subprocess. (integer value) -#subprocess_checking_interval=1 - -# Time (in seconds) to wait for the console subprocess to -# start. (integer value) -#subprocess_timeout=10 - - -[database] - -# -# Options defined in oslo.db -# - -# The file name to use with SQLite. (string value) -#sqlite_db=oslo.sqlite - -# If True, SQLite uses synchronous mode. (boolean value) -#sqlite_synchronous=true - -# The back end to use for the database. (string value) -# Deprecated group/name - [DEFAULT]/db_backend -#backend=sqlalchemy - -# The SQLAlchemy connection string to use to connect to the -# database. (string value) -# Deprecated group/name - [DEFAULT]/sql_connection -# Deprecated group/name - [DATABASE]/sql_connection -# Deprecated group/name - [sql]/connection -connection=<%= @db_connection %> - -# The SQLAlchemy connection string to use to connect to the -# slave database. (string value) -#slave_connection= - -# The SQL mode to be used for MySQL sessions. This option, -# including the default, overrides any server-set SQL mode. To -# use whatever SQL mode is set by the server configuration, -# set this to no value. Example: mysql_sql_mode= (string -# value) -#mysql_sql_mode=TRADITIONAL - -# Timeout before idle SQL connections are reaped. (integer -# value) -# Deprecated group/name - [DEFAULT]/sql_idle_timeout -# Deprecated group/name - [DATABASE]/sql_idle_timeout -# Deprecated group/name - [sql]/idle_timeout -#idle_timeout=3600 - -# Minimum number of SQL connections to keep open in a pool. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_min_pool_size -# Deprecated group/name - [DATABASE]/sql_min_pool_size -#min_pool_size=1 - -# Maximum number of SQL connections to keep open in a pool. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_pool_size -# Deprecated group/name - [DATABASE]/sql_max_pool_size -#max_pool_size= - -# Maximum number of database connection retries during -# startup. Set to -1 to specify an infinite retry count. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_retries -# Deprecated group/name - [DATABASE]/sql_max_retries -#max_retries=10 - -# Interval between retries of opening a SQL connection. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_retry_interval -# Deprecated group/name - [DATABASE]/reconnect_interval -#retry_interval=10 - -# If set, use this value for max_overflow with SQLAlchemy. -# (integer value) -# Deprecated group/name - [DEFAULT]/sql_max_overflow -# Deprecated group/name - [DATABASE]/sqlalchemy_max_overflow -#max_overflow= - -# Verbosity of SQL debugging information: 0=None, -# 100=Everything. (integer value) -# Deprecated group/name - [DEFAULT]/sql_connection_debug -#connection_debug=0 - -# Add Python stack traces to SQL as comment strings. (boolean -# value) -# Deprecated group/name - [DEFAULT]/sql_connection_trace -#connection_trace=false - -# If set, use this value for pool_timeout with SQLAlchemy. -# (integer value) -# Deprecated group/name - [DATABASE]/sqlalchemy_pool_timeout -#pool_timeout= - -# Enable the experimental use of database reconnect on -# connection lost. (boolean value) -#use_db_reconnect=false - -# Seconds between database connection retries. (integer value) -#db_retry_interval=1 - -# If True, increases the interval between database connection -# retries up to db_max_retry_interval. (boolean value) -#db_inc_retry_interval=true - -# If db_inc_retry_interval is set, the maximum seconds between -# database connection retries. (integer value) -#db_max_retry_interval=10 - -# Maximum database connection retries before error is raised. -# Set to -1 to specify an infinite retry count. (integer -# value) -#db_max_retries=20 - - -# -# Options defined in ironic.db.sqlalchemy.models -# - -# MySQL engine to use. (string value) -#mysql_engine=InnoDB - - -[deploy] - -# -# Options defined in ironic.drivers.modules.deploy_utils -# - -# Block size to use when writing to the nodes disk. (string -# value) -#dd_block_size=1M - - -[dhcp] - -# -# Options defined in ironic.common.dhcp_factory -# - -# DHCP provider to use. "neutron" uses Neutron, and "none" -# uses a no-op provider. (string value) -#dhcp_provider=neutron - - -[disk_partitioner] - -# -# Options defined in ironic.common.disk_partitioner -# - -# After Ironic has completed creating the partition table, it -# continues to check for activity on the attached iSCSI device -# status at this interval prior to copying the image to the -# node, in seconds (integer value) -#check_device_interval=1 - -# The maximum number of times to check that the device is not -# accessed by another process. If the device is still busy -# after that, the disk partitioning will be treated as having -# failed. (integer value) -#check_device_max_retries=20 - - -[glance] - -# -# Options defined in ironic.common.glance_service.v2.image_service -# - -# A list of URL schemes that can be downloaded directly via -# the direct_url. Currently supported schemes: [file]. (list -# value) -#allowed_direct_url_schemes= - -# The secret token given to Swift to allow temporary URL -# downloads. Required for temporary URLs. (string value) -#swift_temp_url_key= - -# The length of time in seconds that the temporary URL will be -# valid for. Defaults to 20 minutes. If some deploys get a 401 -# response code when trying to download from the temporary -# URL, try raising this duration. (integer value) -#swift_temp_url_duration=1200 - -# The "endpoint" (scheme, hostname, optional port) for the -# Swift URL of the form -# "endpoint_url/api_version/account/container/object_id". Do -# not include trailing "/". For example, use -# "https://swift.example.com". Required for temporary URLs. -# (string value) -#swift_endpoint_url= - -# The Swift API version to create a temporary URL for. -# Defaults to "v1". Swift temporary URL format: -# "endpoint_url/api_version/account/container/object_id" -# (string value) -#swift_api_version=v1 - -# The account that Glance uses to communicate with Swift. The -# format is "AUTH_uuid". "uuid" is the UUID for the account -# configured in the glance-api.conf. Required for temporary -# URLs. For example: -# "AUTH_a422b2-91f3-2f46-74b7-d7c9e8958f5d30". Swift temporary -# URL format: -# "endpoint_url/api_version/account/container/object_id" -# (string value) -#swift_account= - -# The Swift container Glance is configured to store its images -# in. Defaults to "glance", which is the default in glance- -# api.conf. Swift temporary URL format: -# "endpoint_url/api_version/account/container/object_id" -# (string value) -#swift_container=glance - - -# -# Options defined in ironic.common.image_service -# - -# Default glance hostname or IP address. (string value) -glance_host=<%= @glance_host %> - -# Default glance port. (integer value) -glance_port=<%= @glance_port %> - -# Default protocol to use when connecting to glance. Set to -# https for SSL. (string value) -glance_protocol=<%= @glance_protocol %> - -# A list of the glance api servers available to ironic. Prefix -# with https:// for SSL-based glance API servers. Format is -# [hostname|IP]:port. (list value) -#glance_api_servers= - -# Allow to perform insecure SSL (https) requests to glance. -# (boolean value) -#glance_api_insecure=false - -# Number of retries when downloading an image from glance. -# (integer value) -#glance_num_retries=0 - -# Default protocol to use when connecting to glance. Set to -# https for SSL. (string value) -#auth_strategy=keystone - - -[ilo] - -# -# Options defined in ironic.drivers.modules.ilo.common -# - -# Timeout (in seconds) for iLO operations (integer value) -#client_timeout=60 - -# Port to be used for iLO operations (integer value) -#client_port=443 - -# The Swift iLO container to store data. (string value) -#swift_ilo_container=ironic_ilo_container - -# Amount of time in seconds for Swift objects to auto-expire. -# (integer value) -#swift_object_expiry_timeout=900 - - -# -# Options defined in ironic.drivers.modules.ilo.power -# - -# Number of times a power operation needs to be retried -# (integer value) -#power_retry=6 - -# Amount of time in seconds to wait in between power -# operations (integer value) -#power_wait=2 - - -[ipmi] - -# -# Options defined in ironic.drivers.modules.ipminative -# - -# Maximum time in seconds to retry IPMI operations. (integer -# value) -#retry_timeout=60 - -# Minimum time, in seconds, between IPMI operations sent to a -# server. There is a risk with some hardware that setting this -# too low may cause the BMC to crash. Recommended setting is 5 -# seconds. (integer value) -#min_command_interval=5 - - -[keystone_authtoken] - -# -# Options defined in keystonemiddleware.auth_token -# - -# Complete public Identity API endpoint. (string value) -auth_uri=<%= @auth_uri %> - -# Complete admin Identity API endpoint. This should specify -# the unversioned root endpoint e.g. https://localhost:35357/ -# (string value) -identity_uri=<%= @identity_uri %> - -# API version of the admin Identity API endpoint. (string -# value) -auth_version=<%= node['openstack']['bare-metal']['api']['auth']['version'] %> - -# Keystone account username (string value) -admin_user=<%= node['openstack']['bare-metal']['service_user'] %> - -# Keystone account password (string value) -admin_password=<%= @service_pass %> - -# Keystone service account tenant name to validate user tokens -# (string value) -admin_tenant_name=<%= node['openstack']['bare-metal']['service_tenant_name'] %> - -# Do not handle authorization requests within the middleware, -# but delegate the authorization decision to downstream WSGI -# components. (boolean value) -#delay_auth_decision=false - -# Request timeout value for communicating with Identity API -# server. (integer value) -#http_connect_timeout= - -# How many times are we trying to reconnect when communicating -# with Identity API Server. (integer value) -#http_request_max_retries=3 - -# Env key for the swift cache. (string value) -#cache= - -# Required if identity server requires client certificate -# (string value) -#certfile= - -# Required if identity server requires client certificate -# (string value) -#keyfile= - -# A PEM encoded Certificate Authority to use when verifying -# HTTPs connections. Defaults to system CAs. (string value) -#cafile= - -# Verify HTTPS connections. (boolean value) -insecure=<%= node['openstack']['bare-metal']['api']['auth']['insecure'] %> - -# Directory used to cache files related to PKI tokens. (string -# value) -signing_dir=<%= node['openstack']['bare-metal']['api']['auth']['cache_dir'] %> - -# Optionally specify a list of memcached server(s) to use for -# caching. If left undefined, tokens will instead be cached -# in-process. (list value) -# Deprecated group/name - [DEFAULT]/memcache_servers -#memcached_servers= - -# In order to prevent excessive effort spent validating -# tokens, the middleware caches previously-seen tokens for a -# configurable duration (in seconds). Set to -1 to disable -# caching completely. (integer value) -#token_cache_time=300 - -# Determines the frequency at which the list of revoked tokens -# is retrieved from the Identity service (in seconds). A high -# number of revocation events combined with a low cache -# duration may significantly reduce performance. (integer -# value) -#revocation_cache_time=10 - -# (Optional) If defined, indicate whether token data should be -# authenticated or authenticated and encrypted. Acceptable -# values are MAC or ENCRYPT. If MAC, token data is -# authenticated (with HMAC) in the cache. If ENCRYPT, token -# data is encrypted and authenticated in the cache. If the -# value is not one of these options or empty, auth_token will -# raise an exception on initialization. (string value) -#memcache_security_strategy= - -# (Optional, mandatory if memcache_security_strategy is -# defined) This string is used for key derivation. (string -# value) -#memcache_secret_key= - -# (Optional) Number of seconds memcached server is considered -# dead before it is tried again. (integer value) -#memcache_pool_dead_retry=300 - -# (Optional) Maximum total number of open connections to every -# memcached server. (integer value) -#memcache_pool_maxsize=10 - -# (Optional) Socket timeout in seconds for communicating with -# a memcache server. (integer value) -#memcache_pool_socket_timeout=3 - -# (Optional) Number of seconds a connection to memcached is -# held unused in the pool before it is closed. (integer value) -#memcache_pool_unused_timeout=60 - -# (Optional) Number of seconds that an operation will wait to -# get a memcache client connection from the pool. (integer -# value) -#memcache_pool_conn_get_timeout=10 - -# (Optional) Use the advanced (eventlet safe) memcache client -# pool. The advanced pool will only work under python 2.x. -# (boolean value) -#memcache_use_advanced_pool=false - -# (Optional) Indicate whether to set the X-Service-Catalog -# header. If False, middleware will not ask for service -# catalog on token validation and will not set the X-Service- -# Catalog header. (boolean value) -#include_service_catalog=true - -# Used to control the use and type of token binding. Can be -# set to: "disabled" to not check token binding. "permissive" -# (default) to validate binding information if the bind type -# is of a form known to the server and ignore it if not. -# "strict" like "permissive" but if the bind type is unknown -# the token will be rejected. "required" any form of token -# binding is needed to be allowed. Finally the name of a -# binding method that must be present in tokens. (string -# value) -#enforce_token_bind=permissive - -# If true, the revocation list will be checked for cached -# tokens. This requires that PKI tokens are configured on the -# identity server. (boolean value) -#check_revocations_for_cached=false - -# Hash algorithms to use for hashing PKI tokens. This may be a -# single algorithm or multiple. The algorithms are those -# supported by Python standard hashlib.new(). The hashes will -# be tried in the order given, so put the preferred one first -# for performance. The result of the first hash will be stored -# in the cache. This will typically be set to multiple values -# only while migrating from a less secure algorithm to a more -# secure one. Once all the old tokens are expired this option -# should be set to a single value for better performance. -# (list value) -#hash_algorithms=md5 - - -[matchmaker_redis] - -# -# Options defined in oslo.messaging -# - -# Host to locate redis. (string value) -#host=127.0.0.1 - -# Use this port to connect to redis host. (integer value) -#port=6379 - -# Password for Redis server (optional). (string value) -#password= - - -[matchmaker_ring] - -# -# Options defined in oslo.messaging -# - -# Matchmaker ring file (JSON). (string value) -# Deprecated group/name - [DEFAULT]/matchmaker_ringfile -#ringfile=/etc/oslo/matchmaker_ring.json - - -[neutron] - -# -# Options defined in ironic.dhcp.neutron -# - -# URL for connecting to neutron. (string value) -url=<%= @network_endpoint %> - -# Timeout value for connecting to neutron in seconds. (integer -# value) -#url_timeout=30 - -# Client retries in the case of a failed request. (integer -# value) -#retries=3 - -# Default authentication strategy to use when connecting to -# neutron. Can be either "keystone" or "noauth". Running -# neutron in noauth mode (related to but not affected by this -# setting) is insecure and should only be used for testing. -# (string value) -#auth_strategy=keystone - - -[oslo_messaging_amqp] - -# -# Options defined in oslo.messaging -# - -# address prefix used when sending to a specific server -# (string value) -#server_request_prefix=exclusive - -# address prefix used when broadcasting to all servers (string -# value) -#broadcast_prefix=broadcast - -# address prefix when sending to any server in group (string -# value) -#group_request_prefix=unicast - -# Name for the AMQP container (string value) -#container_name= - -# Timeout for inactive connections (in seconds) (integer -# value) -#idle_timeout=0 - -# Debug: dump AMQP frames to stdout (boolean value) -#trace=false - -# CA certificate PEM file for verifing server certificate -# (string value) -#ssl_ca_file= - -# Identifying certificate PEM file to present to clients -# (string value) -#ssl_cert_file= - -# Private key PEM file used to sign cert_file certificate -# (string value) -#ssl_key_file= - -# Password for decrypting ssl_key_file (if encrypted) (string -# value) -#ssl_key_password= - -# Accept clients using either SSL or plain TCP (boolean value) -#allow_insecure_clients=false - - -<% if @mq_service_type == "qpid" %> -[oslo_messaging_qpid] - -# -# From oslo.messaging -# - -# Use durable queues in AMQP. (boolean value) -# Deprecated group/name - [DEFAULT]/rabbit_durable_queues -amqp_durable_queues=<%= node['openstack']['mq']['bare-metal']['durable_queues'] %> - -# Auto-delete queues in AMQP. (boolean value) -amqp_auto_delete=<%= node['openstack']['mq']['bare-metal']['auto_delete'] %> - -# Size of RPC connection pool. (integer value) -rpc_conn_pool_size=<%= node['openstack']['bare-metal']['rpc_conn_pool_size'] %> - -##### QPID ##### -# Qpid broker hostname. (string value) -qpid_hostname=<%= node['openstack']['mq']['bare-metal']['qpid']['host'] %> - -# Qpid broker port. (integer value) -qpid_port=<%= node['openstack']['mq']['bare-metal']['qpid']['port'] %> - -# Password for Qpid connection. (string value) -qpid_password=<%= @mq_password %> - -# Username for Qpid connection. (string value) -qpid_username=<%= node['openstack']['mq']['bare-metal']['qpid']['username'] %> - -# Space separated list of SASL mechanisms to use for auth. -# (string value) -qpid_sasl_mechanisms=<%= node['openstack']['mq']['bare-metal']['qpid']['sasl_mechanisms'] %> -qpid_reconnect=<%= node['openstack']['mq']['bare-metal']['qpid']['reconnect'] %> -qpid_reconnect_timeout=<%= node['openstack']['mq']['bare-metal']['qpid']['reconnect_timeout'] %> -qpid_reconnect_limit=<%= node['openstack']['mq']['bare-metal']['qpid']['reconnect_limit'] %> -qpid_reconnect_interval_min=<%= node['openstack']['mq']['bare-metal']['qpid']['reconnect_interval_min'] %> -qpid_reconnect_interval_max=<%= node['openstack']['mq']['bare-metal']['qpid']['reconnect_interval_max'] %> -qpid_reconnect_interval=<%= node['openstack']['mq']['bare-metal']['qpid']['reconnect_interval'] %> - -# Seconds between connection keepalive heartbeats. (integer -# value) -qpid_heartbeat=<%= node['openstack']['mq']['bare-metal']['qpid']['heartbeat'] %> - -# qpid protocol. default 'tcp'. set to 'ssl' to enable SSL -qpid_protocol=<%= node['openstack']['mq']['bare-metal']['qpid']['protocol'] %> - -# Whether to disable the Nagle algorithm. (boolean value) -qpid_tcp_nodelay=<%= node['openstack']['mq']['bare-metal']['qpid']['tcp_nodelay'] %> - -# The qpid topology version to use. Version 1 is what was -# originally used by impl_qpid. Version 2 includes some -# backwards-incompatible changes that allow broker federation -# to work. Users should update to version 2 when they are -# able to take everything down, as it requires a clean break. -# (integer value) -qpid_topology_version=<%= node['openstack']['mq']['bare-metal']['qpid']['topology_version'] %> - -# Qpid HA cluster host:port pairs. (list value) -#qpid_hosts=$qpid_hostname:$qpid_port - -# The number of prefetched messages held by receiver. (integer -# value) -#qpid_receiver_capacity=1 -<% end %> - - -<% if @mq_service_type == "rabbitmq" %> -[oslo_messaging_rabbit] - -# -# From oslo.messaging -# - -# Number of seconds after which the Rabbit broker is considered down if heartbeat's keep-alive fails (0 disable the heartbeat) -heartbeat_timeout_threshold=<%= node['openstack']['mq']['bare-metal']['rabbit']['heartbeat_timeout_threshold'] %> - -# How often times during the heartbeat_timeout_threshold we check the heartbeat -heartbeat_rate=<%= node['openstack']['mq']['bare-metal']['rabbit']['heartbeat_rate'] %> - -# Use durable queues in AMQP. (boolean value) -# Deprecated group/name - [DEFAULT]/rabbit_durable_queues -amqp_durable_queues=<%= node['openstack']['mq']['bare-metal']['durable_queues'] %> - -# Auto-delete queues in AMQP. (boolean value) -amqp_auto_delete=<%= node['openstack']['mq']['bare-metal']['auto_delete'] %> - -# Size of RPC connection pool. (integer value) -rpc_conn_pool_size=<%= node['openstack']['bare-metal']['rpc_conn_pool_size'] %> - -<% if node['openstack']['mq']['bare-metal']['rabbit']['use_ssl'] -%> - -# Connect over SSL for RabbitMQ. (boolean value) -rabbit_use_ssl=true - -<% if node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_version'] -%> -# SSL version to use (valid only if SSL enabled). valid values -# are TLSv1 and SSLv23. SSLv2 and SSLv3 may be available on -# some distributions. (string value) -kombu_ssl_version=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_version'] %> -<% end -%> -<% if node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_keyfile'] -%> -# SSL key file (valid only if SSL enabled) -kombu_ssl_keyfile=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_keyfile'] %> -<% end -%> -<% if node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_certfile'] -%> -# SSL cert file (valid only if SSL enabled) -kombu_ssl_certfile=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_certfile'] %> -<% end -%> -<% if node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_ca_certs'] -%> -# SSL certification authority file (valid only if SSL enabled) -kombu_ssl_ca_certs=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_ssl_ca_certs'] %> -<% end -%> -# How long to wait before reconnecting in response to an AMQP consumer cancel notification -kombu_reconnect_delay=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_reconnect_delay'] %> -# How long to wait before considering a reconnect attempt to have failed. -# This value should not be longer than rpc_response_timeout -kombu_reconnect_timeout=<%= node['openstack']['mq']['bare-metal']['rabbit']['kombu_reconnect_timeout'] %> -<% end -%> - -##### RABBITMQ ##### -# The RabbitMQ userid. (string value) -rabbit_userid=<%= node['openstack']['mq']['bare-metal']['rabbit']['userid'] %> - -# The RabbitMQ password. (string value) -rabbit_password=<%= @mq_password %> - -# The RabbitMQ virtual host. (string value) -rabbit_virtual_host=<%= node['openstack']['mq']['bare-metal']['rabbit']['vhost'] %> -<% if node['openstack']['mq']['bare-metal']['rabbit']['ha'] -%> -# RabbitMQ HA cluster host:port pairs. (list value) -rabbit_hosts=<%= @rabbit_hosts %> - -# Use HA queues in RabbitMQ (x-ha-policy: all). If you change -# this option, you must wipe the RabbitMQ database. (boolean -# value) -rabbit_ha_queues=True - -<% else -%> -# The RabbitMQ broker address where a single node is used. -# (string value) -rabbit_host=<%= node['openstack']['mq']['bare-metal']['rabbit']['host'] %> - -# The RabbitMQ broker port where a single node is used. -# (integer value) -rabbit_port=<%= node['openstack']['mq']['bare-metal']['rabbit']['port'] %> -<% end -%> - -# The RabbitMQ login method. (string value) -#rabbit_login_method=AMQPLAIN - -# How frequently to retry connecting with RabbitMQ. (integer -# value) -rabbit_retry_interval=<%= node['openstack']['mq']['bare-metal']['rabbit']['rabbit_retry_interval'] %> - -# How long to backoff for between retries when connecting to -# RabbitMQ. (integer value) -#rabbit_retry_backoff=2 - -# Maximum number of RabbitMQ connection retries. Default is 0 -# (infinite retry count). (integer value) -rabbit_max_retries=<%= node['openstack']['mq']['bare-metal']['rabbit']['rabbit_max_retries'] %> -<% end -%> - -[pxe] - -# -# Options defined in ironic.drivers.modules.iscsi_deploy -# - -# Additional append parameters for baremetal PXE boot. (string -# value) -#pxe_append_params=nofb nomodeset vga=normal - -# Default file system format for ephemeral partition, if one -# is created. (string value) -#default_ephemeral_format=ext4 - -# Directory where images are stored on disk. (string value) -#images_path=/var/lib/ironic/images/ - -# Directory where master instance images are stored on disk. -# (string value) -#instance_master_path=/var/lib/ironic/master_images - -# Maximum size (in MiB) of cache for master images, including -# those in use. (integer value) -#image_cache_size=20480 - -# Maximum TTL (in minutes) for old master images in cache. -# (integer value) -#image_cache_ttl=10080 - -# The disk devices to scan while doing the deploy. (string -# value) -#disk_devices=cciss/c0d0,sda,hda,vda - - -# -# Options defined in ironic.drivers.modules.pxe -# - -# Template file for PXE configuration. (string value) -#pxe_config_template=$pybasedir/drivers/modules/pxe_config.template - -# Template file for PXE configuration for UEFI boot loader. -# (string value) -#uefi_pxe_config_template=$pybasedir/drivers/modules/elilo_efi_pxe_config.template - -<% if node['openstack']['bare-metal']['tftp']['enabled'] %> -# IP address of Ironic compute node's tftp server. (string -# value) -tftp_server=<%= node['openstack']['bare-metal']['tftp']['server'] %> - -# Ironic compute node's tftp root path. (string value) -tftp_root=<%= node['openstack']['bare-metal']['tftp']['root_path'] %> - -# Directory where master tftp images are stored on disk. -# (string value) -tftp_master_path=<%= node['openstack']['bare-metal']['tftp']['master_path'] %> -<% end %> - -# Bootfile DHCP parameter. (string value) -#pxe_bootfile_name=pxelinux.0 - -# Bootfile DHCP parameter for UEFI boot mode. (string value) -#uefi_pxe_bootfile_name=elilo.efi - -# Ironic compute node's HTTP server URL. Example: -# http://192.1.2.3:8080 (string value) -#http_url= - -# Ironic compute node's HTTP root path. (string value) -#http_root=/httpboot - -# Enable iPXE boot. (boolean value) -#ipxe_enabled=false - -# The path to the main iPXE script file. (string value) -#ipxe_boot_script=$pybasedir/drivers/modules/boot.ipxe - - -[seamicro] - -# -# Options defined in ironic.drivers.modules.seamicro -# - -# Maximum retries for SeaMicro operations (integer value) -#max_retry=3 - -# Seconds to wait for power action to be completed (integer -# value) -#action_timeout=10 - - -[snmp] - -# -# Options defined in ironic.drivers.modules.snmp -# - -# Seconds to wait for power action to be completed (integer -# value) -#power_timeout=10 - - -[ssh] - -# -# Options defined in ironic.drivers.modules.ssh -# - -# libvirt uri (string value) -#libvirt_uri=qemu:///system - - -[swift] - -# -# Options defined in ironic.common.swift -# - -# Maximum number of times to retry a Swift request, before -# failing. (integer value) -#swift_max_retries=2 - - diff --git a/templates/default/rootwrap.conf.erb b/templates/default/rootwrap.conf.erb deleted file mode 100644 index 81a06c9..0000000 --- a/templates/default/rootwrap.conf.erb +++ /dev/null @@ -1,29 +0,0 @@ -<%= node['openstack']['bare-metal']['custom_template_banner'] %> - -# Configuration for ironic-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=<%= node['openstack']['bare-metal']['rootwrap']['filters_path'] %> - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=<%= node['openstack']['bare-metal']['rootwrap']['exec_dirs'] %> - -# Enable logging to syslog -# Default value is False -use_syslog=<%= node['openstack']['bare-metal']['rootwrap']['use_syslog'] %> - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, local0, local1... -# Default value is 'syslog' -syslog_log_facility=<%= node['openstack']['bare-metal']['rootwrap']['syslog_log_facility'] %> - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=<%= node['openstack']['bare-metal']['rootwrap']['syslog_log_level'] %>