Replace legacy facts and use fact hash
... because the latest lint no longer allows usage of legacy facts and top scope fact. Change-Id: I35dced2e96a4aa3ba29a385b4c81062be4feb48c
This commit is contained in:
Takashi Kajinami
parent
f5c271ae44
commit
1d11686c5b
154
manifests/api.pp
154
manifests/api.pp
|
|
@ -5,75 +5,75 @@
|
|||
# === Parameters
|
||||
#
|
||||
# All options are optional unless specified otherwise.
|
||||
# All options defaults to $::os_service_default and
|
||||
# All options defaults to $facts['os_service_default'] and
|
||||
# the default values from the service are used.
|
||||
#
|
||||
# === API
|
||||
#
|
||||
# [*keystone_ec2_tokens_url*]
|
||||
# URL to authenticate token from ec2 request.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ec2_timestamp_expiry*]
|
||||
# Time in seconds before ec2 timestamp expires.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === Service
|
||||
#
|
||||
# [*ec2api_listen*]
|
||||
# The IP address on which the EC2 API will listen.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ec2api_listen_port*]
|
||||
# The port on which the EC2 API will listen.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ec2api_use_ssl*]
|
||||
# Enable ssl connections or not for EC2 API.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ec2api_workers*]
|
||||
# Number of workers for EC2 API service.
|
||||
# The default will be equal to the number of CPUs available.
|
||||
# Default: $::os_workers
|
||||
# Default: $facts['os_workers']
|
||||
#
|
||||
# [*service_down_time*]
|
||||
# Maximum time since last check-in for up service.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === WSGI
|
||||
#
|
||||
# [*api_paste_config*]
|
||||
# File name for the paste.deploy config for ec2api.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ssl_ca_file*]
|
||||
# CA certificate file to use to verify connecting clients.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ssl_cert_file*]
|
||||
# SSL certificate of API server.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ssl_key_file*]
|
||||
# SSL private key of API server.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*tcp_keepidle*]
|
||||
# Sets the value of TCP_KEEPIDLE in seconds for each
|
||||
# server socket. Not supported on OS X.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*wsgi_default_pool_size*]
|
||||
# Size of the pool of greenthreads used by wsgi.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*max_header_line*]
|
||||
# Maximum line size of message headers to be accepted.
|
||||
# max_header_line may need to be increased when using
|
||||
# large tokens (typically those generated by the
|
||||
# Keystone v3 API with big service catalogs).
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === API clients
|
||||
#
|
||||
|
|
@ -82,118 +82,118 @@
|
|||
# catalog. Should be v2.1 with microversion support.
|
||||
# If it is obsolete v2, a lot of useful EC2 compliant
|
||||
# instance properties will be unavailable.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*cinder_service_type*]
|
||||
# Service type of Volume API, registered in Keystone catalog.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*admin_user*]
|
||||
# Admin user to access specific cloud resources.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*admin_password*]
|
||||
# Admin password.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*admin_tenant_name*]
|
||||
# Admin tenant name.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === Auth
|
||||
#
|
||||
# [*api_rate_limit*]
|
||||
# Whether to use per-user rate limiting for the API.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*use_forwarded_for*]
|
||||
# Treat X-Forwarded-For as the canonical remote address.
|
||||
# Only enable this if you have a sanitizing proxy.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === ec2utils
|
||||
#
|
||||
# [*external_network*]
|
||||
# Name of the external network, which is used to connect VPCs to
|
||||
# Internet and to allocate Elastic IPs.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === Availability zone
|
||||
#
|
||||
# [*internal_service_availability_zone*]
|
||||
# The availability_zone to show internal services under.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*my_ip*]
|
||||
# IP address of this host.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ec2_host*]
|
||||
# The IP address of the EC2 API server.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ec2_port*]
|
||||
# The port of the EC2 API server.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ec2_scheme*]
|
||||
# The protocol to use when connecting to the EC2 API server (http, https).
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*ec2_path*]
|
||||
# The path prefix used to call the ec2 API server.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*region_list*]
|
||||
# List of region=fqdn pairs separated by commas.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === DHCP options
|
||||
#
|
||||
# [*network_device_mtu*]
|
||||
# MTU size to set by DHCP for instances.
|
||||
# Corresponds with the network_device_mtu in ec2api.conf.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === Common
|
||||
#
|
||||
# [*full_vpc_support*]
|
||||
# True if server supports Neutron for full VPC access.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === Instance
|
||||
#
|
||||
# [*ec2_private_dns_show_ip*]
|
||||
# Return the IP address as private dns hostname in describe instances
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*default_flavor*]
|
||||
# A flavor to use as a default instance type
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === Exception
|
||||
#
|
||||
# [*fatal_exception_format_errors*]
|
||||
# Make exception message format errors fatal.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === Paths
|
||||
#
|
||||
# [*tempdir*]
|
||||
# Explicitly specify the temporary working directory.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*pybasedir*]
|
||||
# Directory where the ec2api python module is installed.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*bindir*]
|
||||
# Directory where ec2api binaries are installed.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*state_path*]
|
||||
# Top-level directory for maintaining ec2api's state.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# === Manage service
|
||||
#
|
||||
|
|
@ -211,55 +211,55 @@
|
|||
#
|
||||
class ec2api::api (
|
||||
# API
|
||||
$keystone_ec2_tokens_url = $::os_service_default,
|
||||
$ec2_timestamp_expiry = $::os_service_default,
|
||||
$keystone_ec2_tokens_url = $facts['os_service_default'],
|
||||
$ec2_timestamp_expiry = $facts['os_service_default'],
|
||||
# Service
|
||||
$ec2api_listen = $::os_service_default,
|
||||
$ec2api_listen_port = $::os_service_default,
|
||||
$ec2api_use_ssl = $::os_service_default,
|
||||
$ec2api_workers = $::os_workers,
|
||||
$service_down_time = $::os_service_default,
|
||||
$ec2api_listen = $facts['os_service_default'],
|
||||
$ec2api_listen_port = $facts['os_service_default'],
|
||||
$ec2api_use_ssl = $facts['os_service_default'],
|
||||
$ec2api_workers = $facts['os_workers'],
|
||||
$service_down_time = $facts['os_service_default'],
|
||||
# WSGI
|
||||
$api_paste_config = $::os_service_default,
|
||||
$ssl_ca_file = $::os_service_default,
|
||||
$ssl_cert_file = $::os_service_default,
|
||||
$ssl_key_file = $::os_service_default,
|
||||
$tcp_keepidle = $::os_service_default,
|
||||
$wsgi_default_pool_size = $::os_service_default,
|
||||
$max_header_line = $::os_service_default,
|
||||
$api_paste_config = $facts['os_service_default'],
|
||||
$ssl_ca_file = $facts['os_service_default'],
|
||||
$ssl_cert_file = $facts['os_service_default'],
|
||||
$ssl_key_file = $facts['os_service_default'],
|
||||
$tcp_keepidle = $facts['os_service_default'],
|
||||
$wsgi_default_pool_size = $facts['os_service_default'],
|
||||
$max_header_line = $facts['os_service_default'],
|
||||
# API clients
|
||||
$nova_service_type = $::os_service_default,
|
||||
$cinder_service_type = $::os_service_default,
|
||||
$admin_user = $::os_service_default,
|
||||
$admin_password = $::os_service_default,
|
||||
$admin_tenant_name = $::os_service_default,
|
||||
$nova_service_type = $facts['os_service_default'],
|
||||
$cinder_service_type = $facts['os_service_default'],
|
||||
$admin_user = $facts['os_service_default'],
|
||||
$admin_password = $facts['os_service_default'],
|
||||
$admin_tenant_name = $facts['os_service_default'],
|
||||
# auth
|
||||
$api_rate_limit = $::os_service_default,
|
||||
$use_forwarded_for = $::os_service_default,
|
||||
$api_rate_limit = $facts['os_service_default'],
|
||||
$use_forwarded_for = $facts['os_service_default'],
|
||||
# ec2utils
|
||||
$external_network = $::os_service_default,
|
||||
$external_network = $facts['os_service_default'],
|
||||
# Availability zone
|
||||
$internal_service_availability_zone = $::os_service_default,
|
||||
$my_ip = $::os_service_default,
|
||||
$ec2_host = $::os_service_default,
|
||||
$ec2_port = $::os_service_default,
|
||||
$ec2_scheme = $::os_service_default,
|
||||
$ec2_path = $::os_service_default,
|
||||
$region_list = $::os_service_default,
|
||||
$internal_service_availability_zone = $facts['os_service_default'],
|
||||
$my_ip = $facts['os_service_default'],
|
||||
$ec2_host = $facts['os_service_default'],
|
||||
$ec2_port = $facts['os_service_default'],
|
||||
$ec2_scheme = $facts['os_service_default'],
|
||||
$ec2_path = $facts['os_service_default'],
|
||||
$region_list = $facts['os_service_default'],
|
||||
# DHCP options
|
||||
$network_device_mtu = $::os_service_default,
|
||||
$network_device_mtu = $facts['os_service_default'],
|
||||
# Common
|
||||
$full_vpc_support = $::os_service_default,
|
||||
$full_vpc_support = $facts['os_service_default'],
|
||||
# Instance
|
||||
$ec2_private_dns_show_ip = $::os_service_default,
|
||||
$default_flavor = $::os_service_default,
|
||||
$ec2_private_dns_show_ip = $facts['os_service_default'],
|
||||
$default_flavor = $facts['os_service_default'],
|
||||
# Exception
|
||||
$fatal_exception_format_errors = $::os_service_default,
|
||||
$fatal_exception_format_errors = $facts['os_service_default'],
|
||||
# Paths
|
||||
$tempdir = $::os_service_default,
|
||||
$pybasedir = $::os_service_default,
|
||||
$bindir = $::os_service_default,
|
||||
$state_path = $::os_service_default,
|
||||
$tempdir = $facts['os_service_default'],
|
||||
$pybasedir = $facts['os_service_default'],
|
||||
$bindir = $facts['os_service_default'],
|
||||
$state_path = $facts['os_service_default'],
|
||||
# Manage service
|
||||
$manage_service = true,
|
||||
$service_name = $::ec2api::params::api_service_name,
|
||||
|
|
|
|||
|
|
@ -9,99 +9,99 @@
|
|||
# the cache region. This should not need to be changed unless there
|
||||
# is another dogpile.cache region with the same configuration name.
|
||||
# (string value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*expiration_time*]
|
||||
# (Optional) Default TTL, in seconds, for any cached item in the
|
||||
# dogpile.cache region. This applies to any cached method that
|
||||
# doesn't have an explicit cache expiration time defined for it.
|
||||
# (integer value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*backend*]
|
||||
# (Optional) Dogpile.cache backend module. It is recommended that
|
||||
# Memcache with pooling (oslo_cache.memcache_pool) or Redis
|
||||
# (dogpile.cache.redis) be used in production deployments. (string value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*backend_argument*]
|
||||
# (Optional) Arguments supplied to the backend module. Specify this option
|
||||
# once per argument to be passed to the dogpile.cache backend.
|
||||
# Example format: "<argname>:<value>". (list value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*proxies*]
|
||||
# (Optional) Proxy classes to import that will affect the way the
|
||||
# dogpile.cache backend functions. See the dogpile.cache documentation on
|
||||
# changing-backend-behavior. (list value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*enabled*]
|
||||
# (Optional) Global toggle for caching. (boolean value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*debug_cache_backend*]
|
||||
# (Optional) Extra debugging from the cache backend (cache keys,
|
||||
# get/set/delete/etc calls). This is only really useful if you need
|
||||
# to see the specific cache-backend get/set/delete calls with the keys/values.
|
||||
# Typically this should be left set to false. (boolean value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*memcache_servers*]
|
||||
# (Optional) Memcache servers in the format of "host:port".
|
||||
# (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).
|
||||
# (list value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*memcache_dead_retry*]
|
||||
# (Optional) Number of seconds memcached server is considered dead before
|
||||
# it is tried again. (dogpile.cache.memcache and oslo_cache.memcache_pool
|
||||
# backends only). (integer value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*memcache_socket_timeout*]
|
||||
# (Optional) Timeout in seconds for every call to a server.
|
||||
# (dogpile.cache.memcache and oslo_cache.memcache_pool backends only).
|
||||
# (floating point value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*enable_socket_keepalive*]
|
||||
# (Optional) Global toggle for the socket keepalive of dogpile's
|
||||
# pymemcache backend
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*socket_keepalive_idle*]
|
||||
# (Optional) The time (in seconds) the connection needs to remain idle
|
||||
# before TCP starts sending keepalive probes. Should be a positive integer
|
||||
# most greater than zero.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*socket_keepalive_interval*]
|
||||
# (Optional) The time (in seconds) between individual keepalive probes.
|
||||
# Should be a positive integer most greater than zero.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*socket_keepalive_count*]
|
||||
# (Optional) The maximum number of keepalive probes TCP should send before
|
||||
# dropping the connection. Should be a positive integer most greater than
|
||||
# zero.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*memcache_pool_maxsize*]
|
||||
# (Optional) Max total number of open connections to every memcached server.
|
||||
# (oslo_cache.memcache_pool backend only). (integer value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*memcache_pool_unused_timeout*]
|
||||
# (Optional) Number of seconds a connection to memcached is held unused
|
||||
# in the pool before it is closed. (oslo_cache.memcache_pool backend only)
|
||||
# (integer value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*memcache_pool_connection_get_timeout*]
|
||||
# (Optional) Number of seconds that an operation will wait to get a memcache
|
||||
# client connection. (integer value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*manage_backend_package*]
|
||||
# (Optional) Whether to install the backend package for the cache.
|
||||
|
|
@ -110,13 +110,13 @@
|
|||
# [*tls_enabled*]
|
||||
# (Optional) Global toggle for TLS usage when communicating with
|
||||
# the caching servers.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*tls_cafile*]
|
||||
# (Optional) Path to a file of concatenated CA certificates in PEM
|
||||
# format necessary to establish the caching server's authenticity.
|
||||
# If tls_enabled is False, this option is ignored.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*tls_certfile*]
|
||||
# (Optional) Path to a single file in PEM format containing the
|
||||
|
|
@ -124,83 +124,83 @@
|
|||
# needed to establish the certificate's authenticity. This file
|
||||
# is only required when client side authentication is necessary.
|
||||
# If tls_enabled is False, this option is ignored.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*tls_keyfile*]
|
||||
# (Optional) Path to a single file containing the client's private
|
||||
# key in. Otherwise the private key will be taken from the file
|
||||
# specified in tls_certfile. If tls_enabled is False, this option
|
||||
# is ignored.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*tls_allowed_ciphers*]
|
||||
# (Optional) Set the available ciphers for sockets created with
|
||||
# the TLS context. It should be a string in the OpenSSL cipher
|
||||
# list format. If not specified, all OpenSSL enabled ciphers will
|
||||
# be available.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*enable_retry_client*]
|
||||
# (Optional) Enable retry client mechanisms to handle failure.
|
||||
# Those mechanisms can be used to wrap all kind of pymemcache
|
||||
# clients. The wrapper allows you to define how many attempts
|
||||
# to make and how long to wait between attempts.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*retry_attempts*]
|
||||
# (Optional) Number of times to attempt an action before failing.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*retry_delay*]
|
||||
# (Optional) Number of seconds to sleep between each attempt.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*hashclient_retry_attempts*]
|
||||
# (Optional) Amount of times a client should be tried
|
||||
# before it is marked dead and removed from the pool in
|
||||
# the HashClient's internal mechanisms.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*hashclient_retry_delay*]
|
||||
# (Optional) Time in seconds that should pass between
|
||||
# retry attempts in the HashClient's internal mechanisms.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
# [*dead_timeout*]
|
||||
# (Optional) Time in seconds before attempting to add a node
|
||||
# back in the pool in the HashClient's internal mechanisms.
|
||||
# Default to $::os_service_default
|
||||
# Default to $facts['os_service_default']
|
||||
#
|
||||
class ec2api::cache (
|
||||
$config_prefix = $::os_service_default,
|
||||
$expiration_time = $::os_service_default,
|
||||
$backend = $::os_service_default,
|
||||
$backend_argument = $::os_service_default,
|
||||
$proxies = $::os_service_default,
|
||||
$enabled = $::os_service_default,
|
||||
$debug_cache_backend = $::os_service_default,
|
||||
$memcache_servers = $::os_service_default,
|
||||
$memcache_dead_retry = $::os_service_default,
|
||||
$memcache_socket_timeout = $::os_service_default,
|
||||
$enable_socket_keepalive = $::os_service_default,
|
||||
$socket_keepalive_idle = $::os_service_default,
|
||||
$socket_keepalive_interval = $::os_service_default,
|
||||
$socket_keepalive_count = $::os_service_default,
|
||||
$memcache_pool_maxsize = $::os_service_default,
|
||||
$memcache_pool_unused_timeout = $::os_service_default,
|
||||
$memcache_pool_connection_get_timeout = $::os_service_default,
|
||||
$config_prefix = $facts['os_service_default'],
|
||||
$expiration_time = $facts['os_service_default'],
|
||||
$backend = $facts['os_service_default'],
|
||||
$backend_argument = $facts['os_service_default'],
|
||||
$proxies = $facts['os_service_default'],
|
||||
$enabled = $facts['os_service_default'],
|
||||
$debug_cache_backend = $facts['os_service_default'],
|
||||
$memcache_servers = $facts['os_service_default'],
|
||||
$memcache_dead_retry = $facts['os_service_default'],
|
||||
$memcache_socket_timeout = $facts['os_service_default'],
|
||||
$enable_socket_keepalive = $facts['os_service_default'],
|
||||
$socket_keepalive_idle = $facts['os_service_default'],
|
||||
$socket_keepalive_interval = $facts['os_service_default'],
|
||||
$socket_keepalive_count = $facts['os_service_default'],
|
||||
$memcache_pool_maxsize = $facts['os_service_default'],
|
||||
$memcache_pool_unused_timeout = $facts['os_service_default'],
|
||||
$memcache_pool_connection_get_timeout = $facts['os_service_default'],
|
||||
$manage_backend_package = true,
|
||||
$tls_enabled = $::os_service_default,
|
||||
$tls_cafile = $::os_service_default,
|
||||
$tls_certfile = $::os_service_default,
|
||||
$tls_keyfile = $::os_service_default,
|
||||
$tls_allowed_ciphers = $::os_service_default,
|
||||
$enable_retry_client = $::os_service_default,
|
||||
$retry_attempts = $::os_service_default,
|
||||
$retry_delay = $::os_service_default,
|
||||
$hashclient_retry_attempts = $::os_service_default,
|
||||
$hashclient_retry_delay = $::os_service_default,
|
||||
$dead_timeout = $::os_service_default,
|
||||
$tls_enabled = $facts['os_service_default'],
|
||||
$tls_cafile = $facts['os_service_default'],
|
||||
$tls_certfile = $facts['os_service_default'],
|
||||
$tls_keyfile = $facts['os_service_default'],
|
||||
$tls_allowed_ciphers = $facts['os_service_default'],
|
||||
$enable_retry_client = $facts['os_service_default'],
|
||||
$retry_attempts = $facts['os_service_default'],
|
||||
$retry_delay = $facts['os_service_default'],
|
||||
$hashclient_retry_attempts = $facts['os_service_default'],
|
||||
$hashclient_retry_delay = $facts['os_service_default'],
|
||||
$dead_timeout = $facts['os_service_default'],
|
||||
) {
|
||||
|
||||
include ec2api::deps
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@
|
|||
# [*database_db_max_retries*]
|
||||
# (optional) Maximum retries in case of connection error or deadlock error
|
||||
# before error is raised. Set to -1 to specify an infinite retry count.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*database_connection*]
|
||||
# Url used to connect to database.
|
||||
|
|
@ -15,44 +15,44 @@
|
|||
#
|
||||
# [*database_connection_recycle_time*]
|
||||
# Timeout when db connections should be reaped.
|
||||
# (Optional) Defaults to $::os_service_default
|
||||
# (Optional) Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*database_max_retries*]
|
||||
# Maximum number of database connection retries during startup.
|
||||
# Setting -1 implies an infinite retry count.
|
||||
# (Optional) Defaults to $::os_service_default
|
||||
# (Optional) Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*database_retry_interval*]
|
||||
# Interval between retries of opening a database connection.
|
||||
# (Optional) Defaults to $::os_service_default
|
||||
# (Optional) Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*database_max_pool_size*]
|
||||
# Maximum number of SQL connections to keep open in a pool.
|
||||
# (Optional) Defaults to $::os_service_default
|
||||
# (Optional) Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*database_max_overflow*]
|
||||
# If set, use this value for max_overflow with sqlalchemy.
|
||||
# (Optional) Defaults to $::os_service_default
|
||||
# (Optional) Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*database_pool_timeout*]
|
||||
# (Optional) If set, use this value for pool_timeout with SQLAlchemy.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*mysql_enable_ndb*]
|
||||
# (Optional) If True, transparently enables support for handling MySQL
|
||||
# Cluster (NDB).
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
class ec2api::db (
|
||||
$database_connection = 'sqlite:////var/lib/ec2api/ec2api.sqlite',
|
||||
$database_connection_recycle_time = $::os_service_default,
|
||||
$database_max_pool_size = $::os_service_default,
|
||||
$database_db_max_retries = $::os_service_default,
|
||||
$database_max_retries = $::os_service_default,
|
||||
$database_retry_interval = $::os_service_default,
|
||||
$database_max_overflow = $::os_service_default,
|
||||
$database_pool_timeout = $::os_service_default,
|
||||
$mysql_enable_ndb = $::os_service_default,
|
||||
$database_connection_recycle_time = $facts['os_service_default'],
|
||||
$database_max_pool_size = $facts['os_service_default'],
|
||||
$database_db_max_retries = $facts['os_service_default'],
|
||||
$database_max_retries = $facts['os_service_default'],
|
||||
$database_retry_interval = $facts['os_service_default'],
|
||||
$database_max_overflow = $facts['os_service_default'],
|
||||
$database_pool_timeout = $facts['os_service_default'],
|
||||
$mysql_enable_ndb = $facts['os_service_default'],
|
||||
) {
|
||||
|
||||
include ec2api::deps
|
||||
|
|
|
|||
|
|
@ -29,17 +29,17 @@
|
|||
#
|
||||
# [*system_scope*]
|
||||
# (Optional) Scope for system operations
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*insecure*]
|
||||
# (Optional) If true, explicitly allow TLS without checking server cert
|
||||
# against any certificate authorities. WARNING: not recommended. Use with
|
||||
# caution.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*auth_section*]
|
||||
# (Optional) Config Section from which to load plugin specific options
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*auth_type*]
|
||||
# (Optional) Authentication type to load
|
||||
|
|
@ -51,26 +51,26 @@
|
|||
#
|
||||
# [*auth_version*]
|
||||
# (Optional) API version of the admin Identity API endpoint.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*cache*]
|
||||
# (Optional) Env key for the swift cache.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*cafile*]
|
||||
# (Optional) A PEM encoded Certificate Authority to use when verifying HTTPs
|
||||
# connections.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*certfile*]
|
||||
# (Optional) Required if identity server requires client certificate
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*delay_auth_decision*]
|
||||
# (Optional) Do not handle authorization requests within the middleware, but
|
||||
# delegate the authorization decision to downstream WSGI components. Boolean
|
||||
# value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*enforce_token_bind*]
|
||||
# (Optional) Used to control the use and type of token binding. Can be set
|
||||
|
|
@ -80,57 +80,57 @@
|
|||
# type is unknown the token will be rejected. "required" any form of token
|
||||
# binding is needed to be allowed. Finally the name of a binding method that
|
||||
# must be present in tokens. String value.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*http_connect_timeout*]
|
||||
# (Optional) Request timeout value for communicating with Identity API
|
||||
# server.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*http_request_max_retries*]
|
||||
# (Optional) How many times are we trying to reconnect when communicating
|
||||
# with Identity API Server. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*include_service_catalog*]
|
||||
# (Optional) Indicate whether to set the X-Service-Catalog header. If False,
|
||||
# middleware will not ask for service catalog on token validation and will
|
||||
# not set the X-Service-Catalog header. Boolean value.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*keyfile*]
|
||||
# (Optional) Required if identity server requires client certificate
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcache_pool_conn_get_timeout*]
|
||||
# (Optional) Number of seconds that an operation will wait to get a memcached
|
||||
# client connection from the pool. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcache_pool_dead_retry*]
|
||||
# (Optional) Number of seconds memcached server is considered dead before it
|
||||
# is tried again. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcache_pool_maxsize*]
|
||||
# (Optional) Maximum total number of open connections to every memcached
|
||||
# server. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcache_pool_socket_timeout*]
|
||||
# (Optional) Number of seconds a connection to memcached is held unused in
|
||||
# the pool before it is closed. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcache_pool_unused_timeout*]
|
||||
# (Optional) Number of seconds a connection to memcached is held unused in
|
||||
# the pool before it is closed. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcache_secret_key*]
|
||||
# (Optional, mandatory if memcache_security_strategy is defined) This string
|
||||
# is used for key derivation.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcache_security_strategy*]
|
||||
# (Optional) If defined, indicate whether token data should be authenticated
|
||||
|
|
@ -138,17 +138,17 @@
|
|||
# HMAC) in the cache. If ENCRYPT, token data is encrypted and authenticated in the
|
||||
# cache. If the value is not one of these options or empty, auth_token will
|
||||
# raise an exception on initialization.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcache_use_advanced_pool*]
|
||||
# (Optional) Use the advanced (eventlet safe) memcached client pool. The
|
||||
# advanced pool will only work under python 2.x Boolean value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*memcached_servers*]
|
||||
# (Optional) Optionally specify a list of memcached server(s) to use for
|
||||
# caching. If left undefined, tokens will instead be cached in-process.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*manage_memcache_package*]
|
||||
# (Optional) Whether to install the python-memcache package.
|
||||
|
|
@ -156,13 +156,13 @@
|
|||
#
|
||||
# [*region_name*]
|
||||
# (Optional) The region in which the identity server can be found.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*token_cache_time*]
|
||||
# (Optional) In order to prevent excessive effort spent validating tokens,
|
||||
# the middleware caches previously-seen tokens for a configurable duration
|
||||
# (in seconds). Set to -1 to disable caching completely. Integer value
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*service_token_roles*]
|
||||
# (Optional) A choice of roles that must be present in a service token.
|
||||
|
|
@ -172,23 +172,23 @@
|
|||
# here are applied as an ANY check so any role in this list
|
||||
# must be present. For backwards compatibility reasons this
|
||||
# currently only affects the allow_expired check. (list value)
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*service_token_roles_required*]
|
||||
# (optional) backwards compatibility to ensure that the service tokens are
|
||||
# compared against a list of possible roles for validity
|
||||
# true/false
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*service_type*]
|
||||
# (Optional) The name or type of the service as it appears in the service
|
||||
# catalog. This is used to validate tokens that have restricted access rules.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*interface*]
|
||||
# (Optional) Interface to use for the Identity API endpoint. Valid values are
|
||||
# "public", "internal" or "admin".
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
class ec2api::keystone::authtoken(
|
||||
$password,
|
||||
|
|
@ -197,37 +197,37 @@ class ec2api::keystone::authtoken(
|
|||
$project_name = 'services',
|
||||
$user_domain_name = 'Default',
|
||||
$project_domain_name = 'Default',
|
||||
$system_scope = $::os_service_default,
|
||||
$insecure = $::os_service_default,
|
||||
$auth_section = $::os_service_default,
|
||||
$system_scope = $facts['os_service_default'],
|
||||
$insecure = $facts['os_service_default'],
|
||||
$auth_section = $facts['os_service_default'],
|
||||
$auth_type = 'password',
|
||||
$www_authenticate_uri = 'http://localhost:5000',
|
||||
$auth_version = $::os_service_default,
|
||||
$cache = $::os_service_default,
|
||||
$cafile = $::os_service_default,
|
||||
$certfile = $::os_service_default,
|
||||
$delay_auth_decision = $::os_service_default,
|
||||
$enforce_token_bind = $::os_service_default,
|
||||
$http_connect_timeout = $::os_service_default,
|
||||
$http_request_max_retries = $::os_service_default,
|
||||
$include_service_catalog = $::os_service_default,
|
||||
$keyfile = $::os_service_default,
|
||||
$memcache_pool_conn_get_timeout = $::os_service_default,
|
||||
$memcache_pool_dead_retry = $::os_service_default,
|
||||
$memcache_pool_maxsize = $::os_service_default,
|
||||
$memcache_pool_socket_timeout = $::os_service_default,
|
||||
$memcache_pool_unused_timeout = $::os_service_default,
|
||||
$memcache_secret_key = $::os_service_default,
|
||||
$memcache_security_strategy = $::os_service_default,
|
||||
$memcache_use_advanced_pool = $::os_service_default,
|
||||
$memcached_servers = $::os_service_default,
|
||||
$auth_version = $facts['os_service_default'],
|
||||
$cache = $facts['os_service_default'],
|
||||
$cafile = $facts['os_service_default'],
|
||||
$certfile = $facts['os_service_default'],
|
||||
$delay_auth_decision = $facts['os_service_default'],
|
||||
$enforce_token_bind = $facts['os_service_default'],
|
||||
$http_connect_timeout = $facts['os_service_default'],
|
||||
$http_request_max_retries = $facts['os_service_default'],
|
||||
$include_service_catalog = $facts['os_service_default'],
|
||||
$keyfile = $facts['os_service_default'],
|
||||
$memcache_pool_conn_get_timeout = $facts['os_service_default'],
|
||||
$memcache_pool_dead_retry = $facts['os_service_default'],
|
||||
$memcache_pool_maxsize = $facts['os_service_default'],
|
||||
$memcache_pool_socket_timeout = $facts['os_service_default'],
|
||||
$memcache_pool_unused_timeout = $facts['os_service_default'],
|
||||
$memcache_secret_key = $facts['os_service_default'],
|
||||
$memcache_security_strategy = $facts['os_service_default'],
|
||||
$memcache_use_advanced_pool = $facts['os_service_default'],
|
||||
$memcached_servers = $facts['os_service_default'],
|
||||
$manage_memcache_package = false,
|
||||
$region_name = $::os_service_default,
|
||||
$token_cache_time = $::os_service_default,
|
||||
$service_token_roles = $::os_service_default,
|
||||
$service_token_roles_required = $::os_service_default,
|
||||
$service_type = $::os_service_default,
|
||||
$interface = $::os_service_default,
|
||||
$region_name = $facts['os_service_default'],
|
||||
$token_cache_time = $facts['os_service_default'],
|
||||
$service_token_roles = $facts['os_service_default'],
|
||||
$service_token_roles_required = $facts['os_service_default'],
|
||||
$service_type = $facts['os_service_default'],
|
||||
$interface = $facts['os_service_default'],
|
||||
) {
|
||||
|
||||
include ec2api::deps
|
||||
|
|
|
|||
|
|
@ -6,31 +6,31 @@
|
|||
#
|
||||
# [*debug*]
|
||||
# (Optional) Should the daemons log debug messages
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*use_syslog*]
|
||||
# (Optional) Use syslog for logging.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*use_json*]
|
||||
# (Optional) Use json for logging.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*use_journal*]
|
||||
# (Optional) Use journal for logging.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*use_stderr*]
|
||||
# (Optional) Use stderr for logging
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*log_facility*]
|
||||
# (Optional) Syslog facility to receive log lines.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*log_dir*]
|
||||
# (Optional) Directory where logs should be stored.
|
||||
# If set to $::os_service_default, it will not log to any directory.
|
||||
# If set to $facts['os_service_default'], it will not log to any directory.
|
||||
# Defaults to '/var/log/ec2api'.
|
||||
#
|
||||
# [*log_file*]
|
||||
|
|
@ -39,38 +39,38 @@
|
|||
#
|
||||
# [*watch_log_file*]
|
||||
# (Optional) Uses logging handler designed to watch file system (boolean value).
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*logging_context_format_string*]
|
||||
# (Optional) Format string to use for log messages with context.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
|
||||
# [%(request_id)s %(user_identity)s] %(instance)s%(message)s'
|
||||
#
|
||||
# [*logging_default_format_string*]
|
||||
# (Optional) Format string to use for log messages without context.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
# Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\
|
||||
# [-] %(instance)s%(message)s'
|
||||
#
|
||||
# [*logging_debug_format_suffix*]
|
||||
# (Optional) Formatted data to append to log format when level is DEBUG.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
# Example: '%(funcName)s %(pathname)s:%(lineno)d'
|
||||
#
|
||||
# [*logging_exception_prefix*]
|
||||
# (Optional) Prefix each line of exception output with this format.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
# Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s'
|
||||
#
|
||||
# [*log_config_append*]
|
||||
# (Optional) The name of an additional logging configuration file.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
# See https://docs.python.org/2/howto/logging.html
|
||||
#
|
||||
# [*default_log_levels*]
|
||||
# (Optional) Hash of logger (keys) and level (values) pairs.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
# Example:
|
||||
# { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN',
|
||||
# 'sqlalchemy' => 'WARN', 'suds' => 'INFO',
|
||||
|
|
@ -82,11 +82,11 @@
|
|||
#
|
||||
# [*publish_errors*]
|
||||
# (Optional) Publish error events (boolean value).
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*fatal_deprecations*]
|
||||
# (Optional) Make deprecations fatal (boolean value)
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*instance_format*]
|
||||
# (Optional) If an instance is passed with the log message, format it
|
||||
|
|
@ -97,35 +97,35 @@
|
|||
# [*instance_uuid_format*]
|
||||
# (Optional) If an instance UUID is passed with the log message, format
|
||||
# it like this (string value).
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
# Example: instance_uuid_format='[instance: %(uuid)s] '
|
||||
#
|
||||
# [*log_date_format*]
|
||||
# (Optional) Format string for %%(asctime)s in log records.
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
# Example: 'Y-%m-%d %H:%M:%S'
|
||||
#
|
||||
class ec2api::logging(
|
||||
$use_syslog = $::os_service_default,
|
||||
$use_json = $::os_service_default,
|
||||
$use_journal = $::os_service_default,
|
||||
$use_stderr = $::os_service_default,
|
||||
$log_facility = $::os_service_default,
|
||||
$use_syslog = $facts['os_service_default'],
|
||||
$use_json = $facts['os_service_default'],
|
||||
$use_journal = $facts['os_service_default'],
|
||||
$use_stderr = $facts['os_service_default'],
|
||||
$log_facility = $facts['os_service_default'],
|
||||
$log_dir = '/var/log/ec2api',
|
||||
$log_file = '/var/log/ec2api/ec2api.log',
|
||||
$watch_log_file = $::os_service_default,
|
||||
$debug = $::os_service_default,
|
||||
$logging_context_format_string = $::os_service_default,
|
||||
$logging_default_format_string = $::os_service_default,
|
||||
$logging_debug_format_suffix = $::os_service_default,
|
||||
$logging_exception_prefix = $::os_service_default,
|
||||
$log_config_append = $::os_service_default,
|
||||
$default_log_levels = $::os_service_default,
|
||||
$publish_errors = $::os_service_default,
|
||||
$fatal_deprecations = $::os_service_default,
|
||||
$instance_format = $::os_service_default,
|
||||
$instance_uuid_format = $::os_service_default,
|
||||
$log_date_format = $::os_service_default,
|
||||
$watch_log_file = $facts['os_service_default'],
|
||||
$debug = $facts['os_service_default'],
|
||||
$logging_context_format_string = $facts['os_service_default'],
|
||||
$logging_default_format_string = $facts['os_service_default'],
|
||||
$logging_debug_format_suffix = $facts['os_service_default'],
|
||||
$logging_exception_prefix = $facts['os_service_default'],
|
||||
$log_config_append = $facts['os_service_default'],
|
||||
$default_log_levels = $facts['os_service_default'],
|
||||
$publish_errors = $facts['os_service_default'],
|
||||
$fatal_deprecations = $facts['os_service_default'],
|
||||
$instance_format = $facts['os_service_default'],
|
||||
$instance_uuid_format = $facts['os_service_default'],
|
||||
$log_date_format = $facts['os_service_default'],
|
||||
) {
|
||||
|
||||
include ec2api::deps
|
||||
|
|
|
|||
|
|
@ -8,58 +8,58 @@
|
|||
#
|
||||
# [*nova_metadata_ip*]
|
||||
# IP address used by Nova metadata server
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*nova_metadata_port*]
|
||||
# TCP Port used by Nova metadata server
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*nova_metadata_protocol*]
|
||||
# Protocol to access nova metadata, http or https
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*nova_metadata_insecure*]
|
||||
# Allow to perform insecure SSL (https) requests to nova metadata
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*auth_ca_cert*]
|
||||
# Certificate Authority public key (CA cert) file for ssl
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*nova_client_cert*]
|
||||
# Client certificate for nova metadata api server
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*nova_client_priv_key*]
|
||||
# Private key of client certificate
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*metadata_proxy_shared_secret*]
|
||||
# Shared secret to sign instance-id request
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*cache_expiration*]
|
||||
# The time (in seconds) to cache metadata
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# ==== Service
|
||||
#
|
||||
# [*metadata_listen*]
|
||||
# The IP address on which the metadata API will listen.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*metadata_listen_port*]
|
||||
# The port on which the metadata API will listen.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*metadata_use_ssl*]
|
||||
# Enable ssl connections or not for EC2 API Metadata.
|
||||
# Default: $::os_service_default
|
||||
# Default: $facts['os_service_default']
|
||||
#
|
||||
# [*metadata_workers*]
|
||||
# Number of workers for metadata service.
|
||||
# The default will be the number of CPUs available.
|
||||
# Default: $::os_workers
|
||||
# Default: $facts['os_workers']
|
||||
#
|
||||
# ==== Manage Service
|
||||
#
|
||||
|
|
@ -77,20 +77,20 @@
|
|||
#
|
||||
class ec2api::metadata (
|
||||
# Metadata
|
||||
$nova_metadata_ip = $::os_service_default,
|
||||
$nova_metadata_port = $::os_service_default,
|
||||
$nova_metadata_protocol = $::os_service_default,
|
||||
$nova_metadata_insecure = $::os_service_default,
|
||||
$auth_ca_cert = $::os_service_default,
|
||||
$nova_client_cert = $::os_service_default,
|
||||
$nova_client_priv_key = $::os_service_default,
|
||||
$metadata_proxy_shared_secret = $::os_service_default,
|
||||
$cache_expiration = $::os_service_default,
|
||||
$nova_metadata_ip = $facts['os_service_default'],
|
||||
$nova_metadata_port = $facts['os_service_default'],
|
||||
$nova_metadata_protocol = $facts['os_service_default'],
|
||||
$nova_metadata_insecure = $facts['os_service_default'],
|
||||
$auth_ca_cert = $facts['os_service_default'],
|
||||
$nova_client_cert = $facts['os_service_default'],
|
||||
$nova_client_priv_key = $facts['os_service_default'],
|
||||
$metadata_proxy_shared_secret = $facts['os_service_default'],
|
||||
$cache_expiration = $facts['os_service_default'],
|
||||
# Service
|
||||
$metadata_listen = $::os_service_default,
|
||||
$metadata_listen_port = $::os_service_default,
|
||||
$metadata_use_ssl = $::os_service_default,
|
||||
$metadata_workers = $::os_workers,
|
||||
$metadata_listen = $facts['os_service_default'],
|
||||
$metadata_listen_port = $facts['os_service_default'],
|
||||
$metadata_use_ssl = $facts['os_service_default'],
|
||||
$metadata_workers = $facts['os_workers'],
|
||||
# Manage service
|
||||
$manage_service = true,
|
||||
$service_name = $::ec2api::params::metadata_service_name,
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ class ec2api::params {
|
|||
$user = 'ec2api'
|
||||
$group = 'ec2api'
|
||||
|
||||
case $::osfamily {
|
||||
case $facts['os']['family'] {
|
||||
'RedHat': {
|
||||
$package_name = 'openstack-ec2-api'
|
||||
$api_service_name = 'openstack-ec2-api'
|
||||
|
|
@ -22,7 +22,7 @@ class ec2api::params {
|
|||
$metadata_service_name = 'ec2-api-metadata'
|
||||
}
|
||||
default: {
|
||||
fail("Unsupported osfamily: ${::osfamily} operatingsystem")
|
||||
fail("Unsupported osfamily: ${facts['os']['family']}")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,12 +6,12 @@
|
|||
#
|
||||
# [*enforce_scope*]
|
||||
# (Optional) Whether or not to enforce scope when evaluating policies.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*enforce_new_defaults*]
|
||||
# (Optional) Whether or not to use old deprecated defaults when evaluating
|
||||
# policies.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*policies*]
|
||||
# (Optional) Set of policies to configure for ec2api
|
||||
|
|
@ -34,11 +34,11 @@
|
|||
#
|
||||
# [*policy_default_rule*]
|
||||
# (Optional) Default rule. Enforced when a requested rule is not found.
|
||||
# Defaults to $::os_service_default.
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*policy_dirs*]
|
||||
# (Optional) Path to the ec2api policy folder
|
||||
# Defaults to $::os_service_default
|
||||
# Defaults to $facts['os_service_default']
|
||||
#
|
||||
# [*purge_config*]
|
||||
# (optional) Whether to set only the specified policy rules in the policy
|
||||
|
|
@ -46,12 +46,12 @@
|
|||
# Defaults to false.
|
||||
#
|
||||
class ec2api::policy (
|
||||
$enforce_scope = $::os_service_default,
|
||||
$enforce_new_defaults = $::os_service_default,
|
||||
$enforce_scope = $facts['os_service_default'],
|
||||
$enforce_new_defaults = $facts['os_service_default'],
|
||||
$policies = {},
|
||||
$policy_path = '/etc/ec2api/policy.yaml',
|
||||
$policy_default_rule = $::os_service_default,
|
||||
$policy_dirs = $::os_service_default,
|
||||
$policy_default_rule = $facts['os_service_default'],
|
||||
$policy_dirs = $facts['os_service_default'],
|
||||
$purge_config = false,
|
||||
) {
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue