Merge "Create Heat Domain with Keystone_domain resource"
This commit is contained in:
commit
16b4eca4c9
|
@ -1,12 +1,23 @@
|
|||
# == Class: heat::keystone::domain
|
||||
#
|
||||
# Configures heat domain in Keystone.
|
||||
#
|
||||
# Note: Implementation is done by heat-keystone-setup-domain script temporarily
|
||||
# because currently puppet-keystone does not support v3 API
|
||||
# Configures Heat domain in Keystone.
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*domain_name*]
|
||||
# Heat domain name. Defaults to 'heat'.
|
||||
#
|
||||
# [*domain_admin*]
|
||||
# Keystone domain admin user which will be created. Defaults to 'heat_admin'.
|
||||
#
|
||||
# [*domain_admin_email*]
|
||||
# Keystone domain admin user email address. Defaults to 'heat_admin@localhost'.
|
||||
|
||||
# [*domain_password*]
|
||||
# Keystone domain admin user password. Defaults to 'changeme'.
|
||||
#
|
||||
# === Deprecated Parameters
|
||||
#
|
||||
# [*auth_url*]
|
||||
# Keystone auth url
|
||||
#
|
||||
|
@ -19,48 +30,54 @@
|
|||
# [*keystone_tenant*]
|
||||
# Keystone admin tenant name
|
||||
#
|
||||
# [*domain_name*]
|
||||
# Heat domain name. Defaults to 'heat'.
|
||||
#
|
||||
# [*domain_admin*]
|
||||
# Keystone domain admin user which will be created. Defaults to 'heat_admin'.
|
||||
#
|
||||
# [*domain_password*]
|
||||
# Keystone domain admin user password. Defaults to 'changeme'.
|
||||
#
|
||||
class heat::keystone::domain (
|
||||
$auth_url = undef,
|
||||
$keystone_admin = undef,
|
||||
$keystone_password = undef,
|
||||
$keystone_tenant = undef,
|
||||
$domain_name = 'heat',
|
||||
$domain_admin = 'heat_admin',
|
||||
$domain_password = 'changeme',
|
||||
$domain_name = 'heat',
|
||||
$domain_admin = 'heat_admin',
|
||||
$domain_admin_email = 'heat_admin@localhost',
|
||||
$domain_password = 'changeme',
|
||||
|
||||
# DEPRECATED PARAMETERS
|
||||
$auth_url = undef,
|
||||
$keystone_admin = undef,
|
||||
$keystone_password = undef,
|
||||
$keystone_tenant = undef,
|
||||
) {
|
||||
|
||||
include ::heat::params
|
||||
|
||||
$cmd_evn = [
|
||||
"OS_TENANT_NAME=${keystone_tenant}",
|
||||
"OS_USERNAME=${keystone_admin}",
|
||||
"OS_PASSWORD=${keystone_password}",
|
||||
"OS_AUTH_URL=${auth_url}",
|
||||
"HEAT_DOMAIN=${domain_name}",
|
||||
"HEAT_DOMAIN_ADMIN=${domain_admin}",
|
||||
"HEAT_DOMAIN_PASSWORD=${domain_password}"
|
||||
]
|
||||
exec { 'heat_domain_create':
|
||||
path => '/usr/bin',
|
||||
command => 'heat-keystone-setup-domain',
|
||||
environment => $cmd_evn,
|
||||
require => Package['heat-common'],
|
||||
logoutput => 'on_failure'
|
||||
if $auth_url {
|
||||
warning('The auth_url parameter is deprecated and will be removed in future releases')
|
||||
}
|
||||
if $keystone_admin {
|
||||
warning('The keystone_admin parameter is deprecated and will be removed in future releases')
|
||||
}
|
||||
if $keystone_password {
|
||||
warning('The keystone_password parameter is deprecated and will be removed in future releases')
|
||||
}
|
||||
if $keystone_tenant {
|
||||
warning('The keystone_tenant parameter is deprecated and will be removed in future releases')
|
||||
}
|
||||
|
||||
ensure_resource('keystone_domain', 'heat_domain', {
|
||||
'ensure' => 'present',
|
||||
'enabled' => true,
|
||||
'name' => $domain_name
|
||||
})
|
||||
ensure_resource('keystone_user', 'heat_domain_admin', {
|
||||
'ensure' => 'present',
|
||||
'enabled' => true,
|
||||
'name' => $domain_admin,
|
||||
'email' => $domain_admin_email,
|
||||
'password' => $domain_password,
|
||||
'domain' => $domain_name,
|
||||
})
|
||||
ensure_resource('keystone_user_role', "${domain_admin}@::${domain_name}", {
|
||||
'roles' => ['admin'],
|
||||
})
|
||||
|
||||
heat_config {
|
||||
'DEFAULT/stack_domain_admin': value => $domain_admin;
|
||||
'DEFAULT/stack_domain_admin_password': value => $domain_password, secret => true;
|
||||
'DEFAULT/stack_user_domain_name': value => $domain_name;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -70,8 +70,9 @@ describe 'basic heat' do
|
|||
enabled => true,
|
||||
}
|
||||
class { '::keystone::roles::admin':
|
||||
email => 'test@example.tld',
|
||||
password => 'a_big_secret',
|
||||
email => 'test@example.tld',
|
||||
password => 'a_big_secret',
|
||||
admin_roles => ['admin', '_member_', 'heat_stack_owner']
|
||||
}
|
||||
class { '::keystone::endpoint':
|
||||
public_url => "https://${::fqdn}:5000/",
|
||||
|
@ -95,6 +96,9 @@ describe 'basic heat' do
|
|||
class { '::heat::keystone::auth':
|
||||
password => 'a_big_secret',
|
||||
}
|
||||
class { '::heat::keystone::domain':
|
||||
domain_password => 'oh_my_no_secret',
|
||||
}
|
||||
class { '::heat::client': }
|
||||
class { '::heat::api': }
|
||||
class { '::heat::engine':
|
||||
|
|
|
@ -3,13 +3,10 @@ require 'spec_helper'
|
|||
describe 'heat::keystone::domain' do
|
||||
|
||||
let :params do {
|
||||
:auth_url => 'http://127.0.0.1:35357/v2.0',
|
||||
:keystone_admin => 'admin',
|
||||
:keystone_password => 'admin_passwd',
|
||||
:keystone_tenant => 'admin',
|
||||
:domain_name => 'heat',
|
||||
:domain_admin => 'heat_admin',
|
||||
:domain_password => 'domain_passwd'
|
||||
:domain_name => 'heat',
|
||||
:domain_admin => 'heat_admin',
|
||||
:domain_admin_email => 'heat_admin@localhost',
|
||||
:domain_password => 'domain_passwd'
|
||||
}
|
||||
end
|
||||
|
||||
|
@ -21,21 +18,23 @@ describe 'heat::keystone::domain' do
|
|||
is_expected.to contain_heat_config('DEFAULT/stack_user_domain_name').with_value(params[:domain_name])
|
||||
end
|
||||
|
||||
it 'should exec helper script' do
|
||||
is_expected.to contain_exec('heat_domain_create').with(
|
||||
:command => 'heat-keystone-setup-domain',
|
||||
:path => '/usr/bin',
|
||||
:require => 'Package[heat-common]',
|
||||
:logoutput => 'on_failure',
|
||||
:environment => [
|
||||
"OS_TENANT_NAME=#{params[:keystone_tenant]}",
|
||||
"OS_USERNAME=#{params[:keystone_admin]}",
|
||||
"OS_PASSWORD=#{params[:keystone_password]}",
|
||||
"OS_AUTH_URL=#{params[:auth_url]}",
|
||||
"HEAT_DOMAIN=#{params[:domain_name]}",
|
||||
"HEAT_DOMAIN_ADMIN=#{params[:domain_admin]}",
|
||||
"HEAT_DOMAIN_PASSWORD=#{params[:domain_password]}"
|
||||
]
|
||||
it 'should create keystone domain' do
|
||||
is_expected.to contain_keystone_domain('heat_domain').with(
|
||||
:ensure => 'present',
|
||||
:enabled => 'true',
|
||||
:name => params[:domain_name]
|
||||
)
|
||||
|
||||
is_expected.to contain_keystone_user('heat_domain_admin').with(
|
||||
:ensure => 'present',
|
||||
:enabled => 'true',
|
||||
:name => params[:domain_admin],
|
||||
:email => params[:domain_admin_email],
|
||||
:password => params[:domain_password],
|
||||
:domain => params[:domain_name],
|
||||
)
|
||||
is_expected.to contain_keystone_user_role('heat_admin@::heat').with(
|
||||
:roles => ['admin'],
|
||||
)
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue