Merge pull request #7 from retr0h/working

formatting and endpoint_uri cleanups

README.md

@@ -109,6 +109,8 @@ Attributes
 * `glance["verbose"]` - Enables/disables verbose output for glance services.
 * `glance["debug"]` - Enables/disables debug output for glance services.
 * `glance["keystone_service_chef_role"]` - The name of the Chef role that installs the Keystone Service API
+* `glance["user"] - User glance runs as
+* `glance["group"] - Group glance runs as
 * `glance["glance_api_chef_role"]` - The name of the Chef role that installs the Glance API service
 * `glance["db"]["name"]` - Name of glance database
 * `glance["db"]["user"]` - Username for glance database access

attributes/default.rb

@@ -34,6 +34,9 @@ default["glance"]["debug"] = "False"
 # This is the name of the Chef role that will install the Keystone Service API
 default["glance"]["keystone_service_chef_role"] = "keystone"
 
+default["glance"]["user"] = "glance"
+default["glance"]["group"] = "glance"
+
 # The name of the Chef role that knows about the message queue server
 # that Glance uses
 default["glance"]["rabbit_server_chef_role"] = "rabbitmq-server"

recipes/api.rb

@@ -41,39 +41,42 @@ end
 service "glance-api" do
   service_name platform_options["glance_api_service"]
   supports :status => true, :restart => true
+
   action :enable
 end
 
 directory "/etc/glance" do
+  owner node["glance"]["user"]
+  group node["glance"]["group"]
+  mode  00700
+
   action :create
-  group "glance"
-  owner "glance"
-  mode "0700"
 end
 
 # FIXME: seems like misfeature
 template "/etc/glance/policy.json" do
   source "policy.json.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
+
   notifies :restart, resources(:service => "glance-api"), :immediately
-  not_if do
-    File.exists?("/etc/glance/policy.json")
-  end
+
+  not_if { File.exists? "/etc/glance/policy.json" }
 end
 
 rabbit_server_role = node["glance"]["rabbit_server_chef_role"]
-rabbit_info = get_settings_by_role(rabbit_server_role, "queue")
+rabbit_info = get_settings_by_role rabbit_server_role, "queue"
 
 keystone_service_role = node["glance"]["keystone_service_chef_role"]
-keystone = get_settings_by_role(keystone_service_role, "keystone")
-identity_admin_endpoint = endpoint('identity-admin')
-identity_endpoint = endpoint('identity-api')
-glance = get_settings_by_role(node["glance"]["glance_api_chef_role"], "glance")
+keystone = get_settings_by_role keystone_service_role, "keystone"
+identity_admin_endpoint = endpoint_uri "identity-admin"
+identity_endpoint = endpoint_uri "identity-api"
 
-registry_endpoint = endpoint("image-registry")
-api_endpoint = endpoint("image-api")
+glance = get_settings_by_role node["glance"]["glance_api_chef_role"], "glance"
+
+registry_endpoint = endpoint_uri "image-registry"
+api_endpoint = endpoint_uri "image-api"
 
 # Possible combinations of options here
 # - default_store=file
@@ -87,7 +90,7 @@ api_endpoint = endpoint("image-api")
 #           to the swift compatible API service running elsewhere - possibly
 #           Rackspace Cloud Files.
 if glance["api"]["swift_store_auth_address"].nil?
-  swift_store_auth_address="http://#{identity_admin_endpoint["host"]}:#{identity_endpoint["port"]}/v2.0"
+  swift_store_auth_address=identity_admin_endpoint.to_s
   swift_store_user="#{glance["service_tenant_name"]}:#{glance["service_user"]}"
   swift_store_key=glance["service_pass"]
   swift_store_auth_version=2
@@ -107,83 +110,86 @@ end
 
 template "/etc/glance/glance-api.conf" do
   source "glance-api.conf.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
   variables(
-    "custom_template_banner" => node["glance"]["custom_template_banner"],
-    "api_bind_address" => api_endpoint["host"],
-    "api_bind_port" => api_endpoint["port"],
-    "registry_ip_address" => registry_endpoint["host"],
-    "registry_port" => registry_endpoint["port"],
-    "use_syslog" => node["glance"]["syslog"]["use"],
-    "log_facility" => node["glance"]["syslog"]["facility"],
-    "rabbit_ipaddress" => rabbit_info["ipaddress"],    #FIXME!
-    "default_store" => glance["api"]["default_store"],
-    "glance_flavor" => glance_flavor,
-    "swift_store_key" => swift_store_key,
-    "swift_store_user" => swift_store_user,
-    "swift_store_auth_address" => swift_store_auth_address,
-    "swift_store_auth_version" => swift_store_auth_version,
-    "swift_large_object_size" => glance["api"]["swift"]["store_large_object_size"],
-    "swift_large_object_chunk_size" => glance["api"]["swift"]["store_large_object_chunk_size"],
-    "swift_store_container" => glance["api"]["swift"]["store_container"]
-    )
+    :custom_template_banner => node["glance"]["custom_template_banner"],
+    :api_bind_address => api_endpoint.host,
+    :api_bind_port => api_endpoint.port,
+    :registry_ip_address => registry_endpoint.host,
+    :registry_port => registry_endpoint.port,
+    :use_syslog => node["glance"]["syslog"]["use"],
+    :log_facility => node["glance"]["syslog"]["facility"],
+    :rabbit_ipaddress => rabbit_info["ipaddress"],    #FIXME!
+    :default_store => glance["api"]["default_store"],
+    :glance_flavor => glance_flavor,
+    :swift_store_key => swift_store_key,
+    :swift_store_user => swift_store_user,
+    :swift_store_auth_address => swift_store_auth_address,
+    :swift_store_auth_version => swift_store_auth_version,
+    :swift_large_object_size => glance["api"]["swift"]["store_large_object_size"],
+    :swift_large_object_chunk_size => glance["api"]["swift"]["store_large_object_chunk_size"],
+    :swift_store_container => glance["api"]["swift"]["store_container"]
+  )
+
   notifies :restart, resources(:service => "glance-api"), :immediately
 end
 
 template "/etc/glance/glance-api-paste.ini" do
   source "glance-api-paste.ini.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
   variables(
-    "custom_template_banner" => node["glance"]["custom_template_banner"],
-    "keystone_api_ipaddress" => identity_admin_endpoint["host"],
-    "keystone_service_port" => identity_endpoint["port"],
-    "keystone_admin_port" => identity_admin_endpoint["port"],
-    "keystone_admin_token" => keystone["admin_token"],
-    "service_tenant_name" => node["glance"]["service_tenant_name"],
-    "service_user" => node["glance"]["service_user"],
-    "service_pass" => node["glance"]["service_pass"]
-    )
+    :custom_template_banner => node["glance"]["custom_template_banner"],
+    :identity_admin_endpoint => identity_admin_endpoint,
+    :identity_endpoint => identity_endpoint,
+    :keystone_admin_token => keystone["admin_token"],
+    :service_tenant_name => node["glance"]["service_tenant_name"],
+    :service_user => node["glance"]["service_user"],
+    :service_pass => node["glance"]["service_pass"]
+  )
+
   notifies :restart, resources(:service => "glance-api"), :immediately
 end
 
 template "/etc/glance/glance-cache.conf" do
   source "glance-cache.conf.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
   variables(
-    "custom_template_banner" => node["glance"]["custom_template_banner"],
-    "registry_ip_address" => registry_endpoint["host"],
-    "registry_port" => registry_endpoint["port"],
-    "use_syslog" => node["glance"]["syslog"]["use"],
-    "log_facility" => node["glance"]["syslog"]["facility"],
-    "image_cache_max_size" => node["glance"]["api"]["cache"]["image_cache_max_size"]
-    )
+    :custom_template_banner => node["glance"]["custom_template_banner"],
+    :registry_ip_address => registry_endpoint.host,
+    :registry_port => registry_endpoint.port,
+    :use_syslog => node["glance"]["syslog"]["use"],
+    :log_facility => node["glance"]["syslog"]["facility"],
+    :image_cache_max_size => node["glance"]["api"]["cache"]["image_cache_max_size"]
+  )
+
   notifies :restart, resources(:service => "glance-api"), :delayed
 end
 
 template "/etc/glance/glance-cache-paste.ini" do
   source "glance-cache-paste.ini.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
+
   notifies :restart, resources(:service => "glance-api"), :delayed
 end
 
 template "/etc/glance/glance-scrubber.conf" do
   source "glance-scrubber.conf.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
   variables(
-    "custom_template_banner" => node["glance"]["custom_template_banner"],
-    "registry_ip_address" => registry_endpoint["host"],
-    "registry_port" => registry_endpoint["port"]
-    )
+    :custom_template_banner => node["glance"]["custom_template_banner"],
+    :registry_ip_address => registry_endpoint.host,
+    :registry_port => registry_endpoint.port
+  )
 end
 
 # Configure glance-cache-pruner to run every 30 minutes
@@ -194,43 +200,45 @@ end
 
 # Configure glance-cache-cleaner to run at 00:01 everyday
 cron "glance-cache-cleaner" do
-  minute "01"
-  hour "00"
+  minute  "01"
+  hour    "00"
   command "/usr/bin/glance-cache-cleaner"
 end
 
 template "/etc/glance/glance-scrubber-paste.ini" do
   source "glance-scrubber-paste.ini.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
 end
 
 # Register Image Service
 keystone_register "Register Image Service" do
-  auth_host identity_admin_endpoint["host"]
-  auth_port identity_admin_endpoint["port"]
-  auth_protocol identity_admin_endpoint["scheme"]
-  api_ver identity_admin_endpoint["path"]
+  auth_host identity_admin_endpoint.host
+  auth_port identity_admin_endpoint.port.to_s
+  auth_protocol identity_admin_endpoint.scheme
+  api_ver identity_admin_endpoint.path
   auth_token keystone["admin_token"]
   service_name "glance"
   service_type "image"
   service_description "Glance Image Service"
+
   action :create_service
 end
 
 # Register Image Endpoint
 keystone_register "Register Image Endpoint" do
-  auth_host identity_admin_endpoint["host"]
-  auth_port identity_admin_endpoint["port"]
-  auth_protocol identity_admin_endpoint["scheme"]
-  api_ver identity_admin_endpoint["path"]
+  auth_host identity_admin_endpoint.host
+  auth_port identity_admin_endpoint.port.to_s
+  auth_protocol identity_admin_endpoint.scheme
+  api_ver identity_admin_endpoint.path
   auth_token keystone["admin_token"]
   service_type "image"
   endpoint_region "RegionOne"
-  endpoint_adminurl api_endpoint["uri"]
-  endpoint_internalurl api_endpoint["uri"]
-  endpoint_publicurl api_endpoint["uri"]
+  endpoint_adminurl api_endpoint.to_s
+  endpoint_internalurl api_endpoint.to_s
+  endpoint_publicurl api_endpoint.to_s
+
   action :create_endpoint
 end
 
@@ -247,8 +255,8 @@ if node["glance"]["image_upload"]
       user "root"
       environment ({"OS_USERNAME" => keystone_admin_user,
           "OS_PASSWORD" => keystone_admin_password,
-		      "OS_TENANT_NAME" => keystone_tenant,
-		      "OS_AUTH_URL" => identity_admin_endpoint["uri"]})
+          "OS_TENANT_NAME" => keystone_tenant,
+          "OS_AUTH_URL" => identity_admin_endpoint.to_s})
       case File.extname(node["glance"]["image"][img.to_sym])
       when ".gz", ".tgz"
         code <<-EOH
@@ -280,10 +288,10 @@ if node["glance"]["image_upload"]
             EOH
       when ".img", ".qcow2"
         code <<-EOH
-	        glance --silent-upload add name="#{img.to_s}-image" is_public=true container_format=bare disk_format=qcow2 location="#{node["glance"]["image"][img]}"
+          glance --silent-upload add name="#{img.to_s}-image" is_public=true container_format=bare disk_format=qcow2 location="#{node["glance"]["image"][img]}"
             EOH
       end
-      not_if "glance -f -I #{keystone_admin_user} -K #{keystone_admin_password} -T #{keystone_tenant} -N #{identity_admin_endpoint["uri"]} index | grep #{img.to_s}-image"
+      not_if "glance -f -I #{keystone_admin_user} -K #{keystone_admin_password} -T #{keystone_tenant} -N #{identity_admin_endpoint.to_s} index | grep #{img.to_s}-image"
     end
   end
 end

recipes/db.rb

@@ -38,5 +38,6 @@ else
 end
 
 db_create_with_user("image",
-                    node["glance"]["db"]["username"],
-                    node["glance"]["db"]["password"])
+  node["glance"]["db"]["username"],
+  node["glance"]["db"]["password"]
+)

recipes/registry.rb

@@ -31,16 +31,16 @@ package "python-keystone" do
   action :install
 end
 
-identity_admin_endpoint = endpoint('identity-admin')
-identity_endpoint = endpoint('identity-api')
+identity_admin_endpoint = endpoint_uri "identity-admin"
+identity_endpoint = endpoint_uri "identity-api"
+
 db_user = node["glance"]["db"]["username"]
 db_pass = node["glance"]["db"]["password"]
-
 sql_connection = db_uri("image", db_user, db_pass)
 
-keystone = get_settings_by_role(node["glance"]["keystone_service_chef_role"], "keystone")
+keystone = get_settings_by_role node["glance"]["keystone_service_chef_role"], "keystone"
 
-registry_endpoint = endpoint("image-registry")
+registry_endpoint = endpoint_uri "image-registry"
 
 package "curl" do
   action :install
@@ -61,12 +61,15 @@ end
 service "glance-registry" do
   service_name platform_options["glance_registry_service"]
   supports :status => true, :restart => true
+
   action :enable
 end
 
 execute "glance-manage db_sync" do
   command "sudo -u glance glance-manage db_sync"
+
   action :nothing
+
   notifies :restart, resources(:service => "glance-registry"), :immediately
 end
 
@@ -74,10 +77,12 @@ end
 # https://bugs.launchpad.net/ubuntu/+source/glance/+bug/981111
 execute "glance-manage version_control" do
   command "sudo -u glance glance-manage version_control 0"
-  action :nothing
-  not_if "sudo -u glance glance-manage db_version"
+
   notifies :run, resources(:execute => "glance-manage db_sync"), :immediately
+  not_if "sudo -u glance glance-manage db_version"
   only_if { platform?(%w{ubuntu debian}) }
+
+  action :nothing
 end
 
 file "/var/lib/glance/glance.sqlite" do
@@ -86,80 +91,85 @@ end
 
 # Register Service Tenant
 keystone_register "Register Service Tenant" do
-  auth_host identity_admin_endpoint["host"]
-  auth_port identity_admin_endpoint["port"]
-  auth_protocol identity_admin_endpoint["scheme"]
-  api_ver identity_admin_endpoint["path"]
+  auth_host identity_admin_endpoint.host
+  auth_port identity_admin_endpoint.port.to_s
+  auth_protocol identity_admin_endpoint.scheme
+  api_ver identity_admin_endpoint.path
   auth_token keystone["admin_token"]
   tenant_name node["glance"]["service_tenant_name"]
   tenant_description "Service Tenant"
   tenant_enabled "true" # Not required as this is the default
+
   action :create_tenant
 end
 
 # Register Service User
 keystone_register "Register Service User" do
-  auth_host identity_admin_endpoint["host"]
-  auth_port identity_admin_endpoint["port"]
-  auth_protocol identity_admin_endpoint["scheme"]
-  api_ver identity_admin_endpoint["path"]
+  auth_host identity_admin_endpoint.host
+  auth_port identity_admin_endpoint.port.to_s
+  auth_protocol identity_admin_endpoint.scheme
+  api_ver identity_admin_endpoint.path
   auth_token keystone["admin_token"]
   tenant_name node["glance"]["service_tenant_name"]
   user_name node["glance"]["service_user"]
   user_pass node["glance"]["service_pass"]
   user_enabled "true" # Not required as this is the default
+
   action :create_user
 end
 
 ## Grant Admin role to Service User for Service Tenant ##
 keystone_register "Grant 'admin' Role to Service User for Service Tenant" do
-  auth_host identity_admin_endpoint["host"]
-  auth_port identity_admin_endpoint["port"]
-  auth_protocol identity_admin_endpoint["scheme"]
-  api_ver identity_admin_endpoint["path"]
+  auth_host identity_admin_endpoint.host
+  auth_port identity_admin_endpoint.port.to_s
+  auth_protocol identity_admin_endpoint.scheme
+  api_ver identity_admin_endpoint.path
   auth_token keystone["admin_token"]
   tenant_name node["glance"]["service_tenant_name"]
   user_name node["glance"]["service_user"]
   role_name node["glance"]["service_role"]
+
   action :grant_role
 end
 
 directory "/etc/glance" do
+  owner node["glance"]["user"]
+  group node["glance"]["group"]
+  mode  00700
+
   action :create
-  group "glance"
-  owner "glance"
-  mode "0700"
 end
 
 template "/etc/glance/glance-registry.conf" do
   source "glance-registry.conf.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
   variables(
-    "custom_template_banner" => node["glance"]["custom_template_banner"],
-    "registry_bind_address" => registry_endpoint["host"],
-    "registry_port" => registry_endpoint["port"],
-    "sql_connection" => sql_connection,
-    "use_syslog" => node["glance"]["syslog"]["use"],
-    "log_facility" => node["glance"]["syslog"]["facility"]
-    )
+    :custom_template_banner => node["glance"]["custom_template_banner"],
+    :registry_bind_address => registry_endpoint.host,
+    :registry_port => registry_endpoint.port,
+    :sql_connection => sql_connection,
+    :use_syslog => node["glance"]["syslog"]["use"],
+    :log_facility => node["glance"]["syslog"]["facility"]
+  )
+
   notifies :run, resources(:execute => "glance-manage version_control"), :immediately
 end
 
 template "/etc/glance/glance-registry-paste.ini" do
   source "glance-registry-paste.ini.erb"
-  owner "root"
-  group "root"
-  mode "0644"
+  owner  "root"
+  group  "root"
+  mode   00644
   variables(
-    "custom_template_banner" => node["glance"]["custom_template_banner"],
-    "keystone_api_ipaddress" => identity_admin_endpoint["host"],
-    "keystone_service_port" => identity_endpoint["port"],
-    "keystone_admin_port" => identity_admin_endpoint["port"],
-    "service_tenant_name" => node["glance"]["service_tenant_name"],
-    "service_user" => node["glance"]["service_user"],
-    "service_pass" => node["glance"]["service_pass"]
-    )
+    :custom_template_banner => node["glance"]["custom_template_banner"],
+    :identity_admin_endpoint => identity_admin_endpoint,
+    :identity_endpoint => identity_endpoint,
+    :service_tenant_name => node["glance"]["service_tenant_name"],
+    :service_user => node["glance"]["service_user"],
+    :service_pass => node["glance"]["service_pass"]
+  )
+
   notifies :restart, resources(:service => "glance-registry"), :immediately
 end

templates/default/glance-api-paste.ini.erb

@@ -65,13 +65,13 @@ glance.filter_factory = glance.common.context:ContextMiddleware
 
 [filter:authtoken]
 paste.filter_factory = keystone.middleware.auth_token:filter_factory
-service_protocol = http
-service_host = <%= @keystone_api_ipaddress %>
-service_port = <%= @keystone_service_port %>
-auth_host = <%= @keystone_api_ipaddress %>
-auth_port = <%= @keystone_admin_port %>
-auth_protocol = http
-auth_uri = http://<%= @keystone_api_ipaddress %>:<%= @keystone_service_port %>/
+service_protocol = <%= @identity_endpoint.scheme %>
+service_host = <%= @identity_endpoint.host %>
+service_port = <%= @identity_endpoint.port %>
+auth_host = <%= @identity_admin_endpoint.host %>
+auth_port = <%= @identity_admin_endpoint.port %>
+auth_protocol = <%= @identity_admin_endpoint.scheme %>
+auth_uri = <%= @identity_admin_endpoint.to_s %>
 admin_tenant_name = <%= @service_tenant_name %>
 admin_user = <%= @service_user %>
 admin_password = <%= @service_pass %>

templates/default/glance-registry-paste.ini.erb

@@ -22,13 +22,13 @@ glance.filter_factory = glance.common.context:ContextMiddleware
 
 [filter:authtoken]
 paste.filter_factory = keystone.middleware.auth_token:filter_factory
-service_protocol = http
-service_host = <%= @keystone_api_ipaddress %>
-service_port = <%= @keystone_service_port %>
-auth_host = <%= @keystone_api_ipaddress %>
-auth_port = <%= @keystone_admin_port %>
-auth_protocol = http
-auth_uri = http://<%= @keystone_api_ipaddress %>:<%= @keystone_service_port %>/
+service_protocol = <%= @identity_endpoint.scheme %>
+service_host = <%= @identity_endpoint.host %>
+service_port = <%= @identity_endpoint.port %>
+auth_host = <%= @identity_admin_endpoint.host %>
+auth_port = <%= @identity_admin_endpoint.port %>
+auth_protocol = <%= @identity_admin_endpoint.scheme %>
+auth_uri = <%= @identity_admin_endpoint.to_s %>
 admin_tenant_name = <%= @service_tenant_name %>
 admin_user = <%= @service_user %>
 admin_password = <%= @service_pass %>