Create tenant/user and grant admin role for metering.
Create tenant/user and grant admin role for metering. Change-Id: Ia1803d7b7b34bf48fd1282785967ac82a571a8a9 Closes-Bug: #1288047
This commit is contained in:
parent
bad82e472a
commit
e3db2693b5
|
@ -42,7 +42,7 @@ common
|
||||||
|
|
||||||
identity_registration
|
identity_registration
|
||||||
----
|
----
|
||||||
- Registers the endpoints with Keystone.
|
- Registers the endpoints, tenant and user for metering service with Keystone.
|
||||||
|
|
||||||
Attributes
|
Attributes
|
||||||
==========
|
==========
|
||||||
|
|
|
@ -38,6 +38,7 @@ default['openstack']['metering']['group'] = 'ceilometer'
|
||||||
default['openstack']['metering']['region'] = node['openstack']['region']
|
default['openstack']['metering']['region'] = node['openstack']['region']
|
||||||
default['openstack']['metering']['service_user'] = 'ceilometer'
|
default['openstack']['metering']['service_user'] = 'ceilometer'
|
||||||
default['openstack']['metering']['service_tenant_name'] = 'service'
|
default['openstack']['metering']['service_tenant_name'] = 'service'
|
||||||
|
default['openstack']['metering']['service_role'] = 'admin'
|
||||||
|
|
||||||
case platform
|
case platform
|
||||||
when 'suse' # :pragma-foodcritic: ~FC024 - won't fix this
|
when 'suse' # :pragma-foodcritic: ~FC024 - won't fix this
|
||||||
|
|
|
@ -12,7 +12,7 @@ recipe 'openstack-metering::api', 'Installs API service.'
|
||||||
recipe 'openstack-metering::client', 'Installs client.'
|
recipe 'openstack-metering::client', 'Installs client.'
|
||||||
recipe 'openstack-metering::collector', 'Installs nova network service.'
|
recipe 'openstack-metering::collector', 'Installs nova network service.'
|
||||||
recipe 'openstack-metering::common', 'Common metering configuration.'
|
recipe 'openstack-metering::common', 'Common metering configuration.'
|
||||||
recipe 'openstack-metering::identity_registration', 'Registers the endpoints with Keystone'
|
recipe 'openstack-metering::identity_registration', 'Registers the endpoints, tenant and user for metering service with Keystone'
|
||||||
|
|
||||||
%w{ ubuntu suse }.each do |os|
|
%w{ ubuntu suse }.each do |os|
|
||||||
supports os
|
supports os
|
||||||
|
|
|
@ -42,7 +42,7 @@ db_pass = get_password 'db', 'ceilometer'
|
||||||
db_uri = db_uri('metering', db_user, db_pass).to_s
|
db_uri = db_uri('metering', db_user, db_pass).to_s
|
||||||
|
|
||||||
service_user = node['openstack']['metering']['service_user']
|
service_user = node['openstack']['metering']['service_user']
|
||||||
service_pass = get_password 'service', 'openstack-compute'
|
service_pass = get_password 'service', 'openstack-ceilometer'
|
||||||
service_tenant = node['openstack']['metering']['service_tenant_name']
|
service_tenant = node['openstack']['metering']['service_tenant_name']
|
||||||
|
|
||||||
identity_endpoint = endpoint 'identity-api'
|
identity_endpoint = endpoint 'identity-api'
|
||||||
|
|
|
@ -28,6 +28,42 @@ api_endpoint = endpoint 'metering-api'
|
||||||
identity_admin_endpoint = endpoint 'identity-admin'
|
identity_admin_endpoint = endpoint 'identity-admin'
|
||||||
bootstrap_token = secret 'secrets', 'openstack_identity_bootstrap_token'
|
bootstrap_token = secret 'secrets', 'openstack_identity_bootstrap_token'
|
||||||
auth_uri = ::URI.decode identity_admin_endpoint.to_s
|
auth_uri = ::URI.decode identity_admin_endpoint.to_s
|
||||||
|
service_pass = get_password 'service', 'openstack-ceilometer'
|
||||||
|
service_user = node['openstack']['metering']['service_user']
|
||||||
|
service_role = node['openstack']['metering']['service_role']
|
||||||
|
service_tenant_name = node['openstack']['metering']['service_tenant_name']
|
||||||
|
|
||||||
|
# Register Service Tenant
|
||||||
|
openstack_identity_register 'Register Service Tenant' do
|
||||||
|
auth_uri auth_uri
|
||||||
|
bootstrap_token bootstrap_token
|
||||||
|
tenant_name service_tenant_name
|
||||||
|
tenant_description 'Service Tenant'
|
||||||
|
|
||||||
|
action :create_tenant
|
||||||
|
end
|
||||||
|
|
||||||
|
# Register Service User
|
||||||
|
openstack_identity_register 'Register Service User' do
|
||||||
|
auth_uri auth_uri
|
||||||
|
bootstrap_token bootstrap_token
|
||||||
|
tenant_name service_tenant_name
|
||||||
|
user_name service_user
|
||||||
|
user_pass service_pass
|
||||||
|
|
||||||
|
action :create_user
|
||||||
|
end
|
||||||
|
|
||||||
|
# Grant Admin role to Service User for Service Tenant
|
||||||
|
openstack_identity_register "Grant 'admin' Role to Service User for Service Tenant" do
|
||||||
|
auth_uri auth_uri
|
||||||
|
bootstrap_token bootstrap_token
|
||||||
|
tenant_name service_tenant_name
|
||||||
|
user_name service_user
|
||||||
|
role_name service_role
|
||||||
|
|
||||||
|
action :grant_role
|
||||||
|
end
|
||||||
|
|
||||||
openstack_identity_register 'Register Metering Service' do
|
openstack_identity_register 'Register Metering Service' do
|
||||||
auth_uri auth_uri
|
auth_uri auth_uri
|
||||||
|
|
|
@ -8,36 +8,64 @@ describe 'openstack-metering::identity_registration' do
|
||||||
@chef_run.converge 'openstack-metering::identity_registration'
|
@chef_run.converge 'openstack-metering::identity_registration'
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'registers metering service' do
|
it 'registers service tenant' do
|
||||||
resource = @chef_run.find_resource(
|
expect(@chef_run).to create_tenant_openstack_identity_register(
|
||||||
'openstack-identity_register',
|
'Register Service Tenant'
|
||||||
'Register Metering Service'
|
).with(
|
||||||
).to_hash
|
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||||
|
bootstrap_token: 'bootstrap-token',
|
||||||
|
tenant_name: 'service',
|
||||||
|
tenant_description: 'Service Tenant'
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
expect(resource).to include(
|
it 'registers service user' do
|
||||||
|
expect(@chef_run).to create_user_openstack_identity_register(
|
||||||
|
'Register Service User'
|
||||||
|
).with(
|
||||||
|
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||||
|
bootstrap_token: 'bootstrap-token',
|
||||||
|
tenant_name: 'service',
|
||||||
|
user_name: 'ceilometer',
|
||||||
|
user_pass: 'ceilometer-pass'
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'grants admin role to service user for service tenant' do
|
||||||
|
expect(@chef_run).to grant_role_openstack_identity_register(
|
||||||
|
"Grant 'admin' Role to Service User for Service Tenant"
|
||||||
|
).with(
|
||||||
|
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||||
|
bootstrap_token: 'bootstrap-token',
|
||||||
|
tenant_name: 'service',
|
||||||
|
user_name: 'ceilometer',
|
||||||
|
role_name: 'admin',
|
||||||
|
action: [:grant_role]
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'registers metering service' do
|
||||||
|
expect(@chef_run).to create_service_openstack_identity_register(
|
||||||
|
'Register Metering Service'
|
||||||
|
).with(
|
||||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||||
bootstrap_token: 'bootstrap-token',
|
bootstrap_token: 'bootstrap-token',
|
||||||
service_name: 'ceilometer',
|
service_name: 'ceilometer',
|
||||||
service_type: 'metering',
|
service_type: 'metering'
|
||||||
action: [:create_service]
|
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'registers metering endpoint' do
|
it 'registers metering endpoint' do
|
||||||
resource = @chef_run.find_resource(
|
expect(@chef_run).to create_endpoint_openstack_identity_register(
|
||||||
'openstack-identity_register',
|
|
||||||
'Register Metering Endpoint'
|
'Register Metering Endpoint'
|
||||||
).to_hash
|
).with(
|
||||||
|
|
||||||
expect(resource).to include(
|
|
||||||
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
auth_uri: 'http://127.0.0.1:35357/v2.0',
|
||||||
bootstrap_token: 'bootstrap-token',
|
bootstrap_token: 'bootstrap-token',
|
||||||
service_type: 'metering',
|
service_type: 'metering',
|
||||||
endpoint_region: 'RegionOne',
|
endpoint_region: 'RegionOne',
|
||||||
endpoint_adminurl: 'http://127.0.0.1:8777',
|
endpoint_adminurl: 'http://127.0.0.1:8777',
|
||||||
endpoint_internalurl: 'http://127.0.0.1:8777',
|
endpoint_internalurl: 'http://127.0.0.1:8777',
|
||||||
endpoint_publicurl: 'http://127.0.0.1:8777',
|
endpoint_publicurl: 'http://127.0.0.1:8777'
|
||||||
action: [:create_endpoint]
|
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -47,14 +75,10 @@ describe 'openstack-metering::identity_registration' do
|
||||||
end
|
end
|
||||||
@chef_run.converge 'openstack-metering::identity_registration'
|
@chef_run.converge 'openstack-metering::identity_registration'
|
||||||
|
|
||||||
resource = @chef_run.find_resource(
|
expect(@chef_run).to create_endpoint_openstack_identity_register(
|
||||||
'openstack-identity_register',
|
|
||||||
'Register Metering Endpoint'
|
'Register Metering Endpoint'
|
||||||
).to_hash
|
).with(
|
||||||
|
endpoint_region: 'meteringRegion'
|
||||||
expect(resource).to include(
|
|
||||||
endpoint_region: 'meteringRegion',
|
|
||||||
action: [:create_endpoint]
|
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -27,8 +27,8 @@ def metering_stubs # rubocop:disable MethodLength
|
||||||
.with('db', anything)
|
.with('db', anything)
|
||||||
.and_return('')
|
.and_return('')
|
||||||
::Chef::Recipe.any_instance.stub(:get_password)
|
::Chef::Recipe.any_instance.stub(:get_password)
|
||||||
.with('service', anything)
|
.with('service', 'openstack-ceilometer')
|
||||||
.and_return('')
|
.and_return('ceilometer-pass')
|
||||||
::Chef::Recipe.any_instance.stub(:get_password)
|
::Chef::Recipe.any_instance.stub(:get_password)
|
||||||
.with('user', 'guest')
|
.with('user', 'guest')
|
||||||
.and_return('rabbit-pass')
|
.and_return('rabbit-pass')
|
||||||
|
|
Loading…
Reference in New Issue