openstack
/
puppet-horizon
Code Issues Proposed changes

Stop replacing a dict value 

Currently we completely replace some dict values in local_settings but
this causes a few problems.

 - Some keys(eg OPENSTACK_HYPERVISOR_FEATURES['enable_quotas']) are
   missing from the default dict value, which overrides its default
   value (True) in Horizon

 - We have to maintain the default values defined in our manifest
   according to any update in Horizon side.

This updates the logic to override keys only when requested, so that
the configuration basically leverage the defaults defined in Horizon.

Change-Id: I0fa105e595ff053d389e75004638af5856dbb734
This commit is contained in:
Takashi Kajinami 2023-08-28 21:45:57 +09:00
parent bec3f3a214
commit 19db7a0d2f
3 changed files with 127 additions and 160 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
manifests/init.pp
View File

@ -178,60 +178,23 @@
#
# [*cinder_options*]
# (optional) A hash of parameters to enable features specific to
# Cinder. These include:
# 'enable_backup': Boolean to enable or disable Cinder's backup feature.
# Defaults to False.
# Cinder.
# Defaults to {}
#
# [*keystone_options*]
# (optional) A hash of parameters to enable features specific to
# Keystone. These include:
# 'name': String
# 'can_edit_user': Boolean
# 'can_edit_group': Boolean
# 'can_edit_project': Boolean
# 'can_edit_domain': Boolean
# 'can_edit_role': Boolean
# Keystone.
# Defaults to {}
#
# [*neutron_options*]
# (optional) A hash of parameters to enable features specific to
# Neutron. These include:
# 'enable_quotas': Boolean to enable or disable Neutron quotas.
# Defaults to True.
# 'enable_security_group': Boolean to enable or disable Neutron
# security groups. Defaults to True.
# 'enable_distributed_router': Boolean to enable or disable Neutron
# distributed virtual router (DVR) feature in the Router panel.
# Defaults to False.
# 'enable_ha_router': Enable or disable HA (High Availability) mode in
# Neutron virtual router in the Router panel. Defaults to False.
# Neutron.
# Defaults to {}
#
# [*instance_options*]
# (optional) A hash of parameters to enable or disable instance options
# when using the launch instance options under Compute Instances tab.
# These options include:
# 'config_drive': Boolean to set default value of config drive options.
# A value of 'True' to have a check in the checkbox or 'False' to have it
# unchecked.
# Defaults to True.
# 'create_volume': Boolean to set 'Create Volume' to 'Yes' or 'No' on source
# options. Values are True (Yes) or False (No).
# Defaults to True.
# 'disable_image': Boolean to not show 'Image' as a boot source option.
# Defaults to False.
# 'disable_instance_snapshot': Boolean to not show 'Instance Snapshot' as a
# boot source option.
# Defaults to False.
# 'disable_volume': Boolean to not show 'Volume' as a boot source option.
# Defaults to False.
# 'disable_volume_snapshot': Boolean to not show 'Volume Snapshot' as a
# boot source option.
# Defaults to False.
# 'enable_scheduler_hints': Boolean to allow scheduler hints to be provided.
# Defaults to True.
# 'default_availability_zone': The default availability zone for a new server
# creation. If 'Any' is specified, the default availability zone is decided
# by the nova scheduler.
# Defaults to 'Any'
# Defaults to {}
#
# [*use_simple_tenant_usage*]
# (optional) Use SimpleTenantUsage nova API in the usage overview.
@ -679,57 +642,8 @@ class horizon(
fail('websso_initial_choice is required when websso_choices_hide_keystone is true')
}
# Default options for the OPENSTACK_CINDER_FEATURES section. These will
# be merged with user-provided options when the local_settings.py.erb
# template is interpolated.
$cinder_defaults = {
'enable_backup' => false,
}
# Default options for the OPENSTACK_KEYSTONE_BACKEND section. These will
# be merged with user-provided options when the local_settings.py.erb
# template is interpolated.
$keystone_defaults = {
'name' => 'native',
'can_edit_user' => true,
'can_edit_group' => true,
'can_edit_project' => true,
'can_edit_domain' => true,
'can_edit_role' => true,
}
# Default options for the OPENSTACK_NEUTRON_NETWORK section. These will
# be merged with user-provided options when the local_settings.py.erb
# template is interpolated.
$neutron_defaults = {
'enable_quotas' => true,
'enable_security_group' => true,
'enable_distributed_router' => false,
'enable_ha_router' => false,
}
# Default options for the LAUNCH_INSTANCE_DEFAULTS section. These will
# be merged with user-provided options when the local_settings.py.erb
# template is interpolated.
$instance_defaults = {
'config_drive' => false,
'create_volume' => true,
'hide_create_volume' => false,
'disable_image' => false,
'disable_instance_snapshot' => false,
'disable_volume' => false,
'disable_volume_snapshot' => false,
'enable_scheduler_hints' => true,
'default_availability_zone' => 'Any',
}
Service <| title == 'memcached' |> -> Class['horizon']
$cinder_options_real = merge($cinder_defaults,$cinder_options)
$keystone_options_real = merge($keystone_defaults, $keystone_options)
$neutron_options_real = merge($neutron_defaults,$neutron_options)
$instance_options_real = merge($instance_defaults,$instance_options)
if $policy_files_path != undef {
$policy_files_path_real = $policy_files_path
} else {

29
spec/classes/horizon_init_spec.rb
View File

@ -70,10 +70,6 @@ describe 'horizon' do
"SECRET_KEY = secret_key.generate_or_read_from_file('#{platforms_params[:secret_key_file]}')",
'OPENSTACK_KEYSTONE_URL = "http://127.0.0.1:5000"',
'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "member"',
" 'enable_distributed_router': False,",
" 'enable_ha_router': False,",
" 'enable_quotas': True,",
" 'enable_security_group': True,",
'TIME_ZONE = "UTC"',
" 'handlers': ['file'],",
'COMPRESS_OFFLINE = True',
@ -175,32 +171,39 @@ describe 'horizon' do
'OPENSTACK_KEYSTONE_URL = "https://keystone.example.com:4682"',
'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "SwiftOperator"',
'OPENSTACK_SSL_NO_VERIFY = True',
"OPENSTACK_KEYSTONE_BACKEND = {",
'from openstack_dashboard.settings import OPENSTACK_KEYSTONE_BACKEND',
'OPENSTACK_KEYSTONE_BACKEND.update({',
" 'name': 'native',",
" 'can_edit_user': True,",
" 'can_edit_group': True,",
" 'can_edit_project': True,",
" 'can_edit_domain': False,",
" 'can_edit_role': False,",
"}",
'from openstack_dashboard.settings import OPENSTACK_HYPERVISOR_FEATURES',
'OPENSTACK_HYPERVISOR_FEATURES.update({',
" 'can_set_mount_point': False,",
" 'can_set_password': True,",
'from openstack_dashboard.settings import OPENSTACK_CINDER_FEATURES',
'OPENSTACK_CINDER_FEATURES.update({',
" 'enable_backup': True,",
'from openstack_dashboard.settings import OPENSTACK_NEUTRON_NETWORK',
'OPENSTACK_NEUTRON_NETWORK.update({',
" 'default_ipv4_subnet_pool_label': None,",
" 'enable_quotas': False,",
" 'enable_security_group': False,",
" 'enable_distributed_router': False,",
" 'enable_ha_router': False,",
" 'supported_provider_types': ['flat', 'vxlan'],",
" 'supported_vnic_types': ['*'],",
'OPENSTACK_ENABLE_PASSWORD_RETRIEVE = True',
'CREATE_IMAGE_DEFAULTS = {',
'from openstack_dashboard.settings import CREATE_IMAGE_DEFAULTS',
'CREATE_IMAGE_DEFAULTS.update({',
" 'image_visibility': 'private',",
" 'config_drive': False,",
" 'create_volume': False,",
" 'disable_image': True,",
" 'disable_instance_snapshot': True,",
" 'disable_volume': True,",
" 'disable_volume_snapshot': True,",
" 'enable_scheduler_hints': True,",
'OPENSTACK_ENDPOINT_TYPE = "internalURL"',
'SECONDARY_ENDPOINT_TYPE = "ANY-VALUE"',
'OPENSTACK_KEYSTONE_ENDPOINT_TYPE = "public"',
@ -208,17 +211,17 @@ describe 'horizon' do
'API_RESULT_PAGE_SIZE = 40',
'DROPDOWN_MAX_ITEMS = 123',
'TIME_ZONE = "Asia/Shanghai"',
"AVAILABLE_THEMES = [",
'AVAILABLE_THEMES = [',
" ('default', 'Default', 'themes/default'),",
" ('material', 'Material', 'themes/material'),",
"]",
']',
"DEFAULT_THEME = 'default'",
" 'level': 'DEBUG',",
" 'handlers': ['console', 'syslog'],",
"SESSION_TIMEOUT = 1800",
'SESSION_TIMEOUT = 1800',
'COMPRESS_OFFLINE = False',
"FILE_UPLOAD_TEMP_DIR = '/var/spool/horizon'",
"OVERVIEW_DAYS_RANGE = 1",
'OVERVIEW_DAYS_RANGE = 1',
'DISALLOW_IFRAME_EMBED = True',
])
end

158
templates/local_settings.py.erb
View File

@ -91,12 +91,13 @@ SESSION_COOKIE_HTTPONLY = True
# "volume": 3,
# "compute": 2,
#}
<% if ! (@api_versions.empty?) and @api_versions.kind_of?(Hash) -%>
OPENSTACK_API_VERSIONS = {
<% if ! (@api_versions.empty?) -%>
from openstack_dashboard.settings import OPENSTACK_API_VERSIONS
OPENSTACK_API_VERSIONS.update({
<% @api_versions.sort.each do |opt_name,opt_val| -%>
'<%= opt_name -%>': <%= opt_val -%>,
<% end -%>
}
})
<% end -%>
# Set this to True if running on multi-domain model. When this is enabled, it
@ -403,9 +404,18 @@ OPENSTACK_SSL_CACERT = '<%= @openstack_ssl_cacert %>'
# can_edit_user to False and name to 'ldap'.
#
# TODO(tres): Remove these once Keystone has an API to identify auth backend.
<% if @keystone_options_real.kind_of?(Hash) -%>
OPENSTACK_KEYSTONE_BACKEND = {
<% @keystone_options_real.sort.each do |opt_name,opt_val| -%>
#OPENSTACK_KEYSTONE_BACKEND = {
# 'name': 'native',
# 'can_edit_domain': True,
# 'can_edit_group': True,
# 'can_edit_project': True,
# 'can_edit_role': True,
# 'can_edit_user': True,
#}
<% if ! (@keystone_options.empty?) -%>
from openstack_dashboard.settings import OPENSTACK_KEYSTONE_BACKEND
OPENSTACK_KEYSTONE_BACKEND.update({
<% @keystone_options.sort.each do |opt_name,opt_val| -%>
<%- if opt_val == true or opt_val == false -%>
'<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>,
<%- elsif opt_val == 'None' -%>
@ -414,7 +424,7 @@ OPENSTACK_KEYSTONE_BACKEND = {
'<%= opt_name -%>': '<%= opt_val -%>',
<%-end-%>
<% end -%>
}
})
<% end -%>
# Setting this to True, will add a new "Retrieve Password" action on instance,
@ -443,15 +453,13 @@ OPENSTACK_USE_SIMPLE_TENANT_USAGE = <%= @use_simple_tenant_usage.to_s.capitalize
# 'enable_quotas': True,
# 'requires_keypair': False,
#}
# The OPENSTACK_HYPERVISOR_FEATURES settings can be used to enable optional
# services provided by hypervisors.
<%- if ! (@hypervisor_options.empty?) -%>
OPENSTACK_HYPERVISOR_FEATURES = {
from openstack_dashboard.settings import OPENSTACK_HYPERVISOR_FEATURES
OPENSTACK_HYPERVISOR_FEATURES.update({
<%- @hypervisor_options.sort.each do |opt_name,opt_val| -%>
'<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>,
<%-end-%>
}
})
<%-end-%>
# The OPENSTACK_CINDER_FEATURES settings can be used to enable optional
@ -459,64 +467,105 @@ OPENSTACK_HYPERVISOR_FEATURES = {
#OPENSTACK_CINDER_FEATURES = {
# 'enable_backup': False,
#}
<%- if ! (@cinder_options_real.empty?) -%>
OPENSTACK_CINDER_FEATURES = {
<%- @cinder_options_real.sort.each do |opt_name,opt_val| -%>
<%- if ! (@cinder_options.empty?) -%>
from openstack_dashboard.settings import OPENSTACK_CINDER_FEATURES
OPENSTACK_CINDER_FEATURES.update({
<%- @cinder_options.sort.each do |opt_name,opt_val| -%>
'<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>,
<%-end-%>
}
})
<%-end-%>
<%- if ! (@instance_options_real.empty?) -%>
LAUNCH_INSTANCE_DEFAULTS = {
<%- @instance_options_real.sort.each do |opt_name,opt_val| -%>
# A dictionary of settings which can be used to provide the default values for
# properties found in the Launch Instance modal.
#LAUNCH_INSTANCE_DEFAULTS = {
# 'config_drive': False,
# 'create_volume': True,
# 'hide_create_volume': False,
# 'disable_image': False,
# 'disable_instance_snapshot': False,
# 'disable_volume': False,
# 'disable_volume_snapshot': False,
# 'enable_scheduler_hints': True,
# 'enable_metadata': True,
# 'enable_net_ports': True,
# 'default_availability_zone': 'Any',
#}
<%- if ! (@instance_options.empty?) -%>
from openstack_dashboard.settings import LAUNCH_INSTANCE_DEFAULTS
LAUNCH_INSTANCE_DEFAULTS.update({
<%- @instance_options.sort.each do |opt_name,opt_val| -%>
<%- if opt_val.kind_of?(String) -%>
'<%= opt_name -%>': '<%= opt_val -%>',
<%- else -%>
'<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>,
<%-end-%>
<%-end-%>
}
})
<%-end-%>
# The OPENSTACK_NEUTRON_NETWORK settings can be used to enable optional
# services provided by neutron. Options currently available are load
# balancer service, security groups, quotas, VPN service.
#OPENSTACK_NEUTRON_NETWORK = {
# 'enable_router': True,
# 'enable_quotas': True,
# 'enable_ipv6': True,
# 'enable_auto_allocated_network': False,
# 'enable_distributed_router': False,
# 'enable_ha_router': False,
# 'enable_fip_topology_check': True,
# Neutron can be configured with a default Subnet Pool to be used for IPv4
# subnet-allocation. Specify the label you wish to display in the Address
# pool selector on the create subnet step if you want to use this feature.
#'default_ipv4_subnet_pool_label': None,
# Neutron can be configured with a default Subnet Pool to be used for IPv6
# subnet-allocation. Specify the label you wish to display in the Address
# pool selector on the create subnet step if you want to use this feature.
# You must set this to enable IPv6 Prefix Delegation in a PD-capable
# environment.
#'default_ipv6_subnet_pool_label': None,
# Set which provider network types are supported. Only the network types
# in this list will be available to choose from when creating a network.
# Network types include local, flat, vlan, gre, and vxlan.
#'supported_provider_types': ['*'],
# Set which VNIC types are supported for port binding. Only the VNIC
# types in this list will be available to choose from when creating a
# port.
# VNIC types include 'normal', 'macvtap' and 'direct'.
# Set to empty list or None to disable VNIC type selection.
#'supported_vnic_types': ['*']
# 'enable_ha_router': False,
# 'enable_ipv6': True,
# 'enable_quotas': True,
# 'enable_rbac_policy': True,
# 'enable_router': True,
#
# # Default dns servers you would like to use when a subnet is
# # created. This is only a default, users can still choose a different
# # list of dns servers when creating a new subnet.
# # The entries below are examples only, and are not appropriate for
# # real deployments
# # 'default_dns_nameservers': ["8.8.8.8", "8.8.4.4", "208.67.222.222"],
# 'default_dns_nameservers': [],
#
# # Set which provider network types are supported. Only the network types
# # in this list will be available to choose from when creating a network.
# # Network types include local, flat, vlan, gre, vxlan and geneve.
# 'supported_provider_types': ['*'],
#
# # You can configure available segmentation ID range per network type
# # in your deployment.
# # 'segmentation_id_range': {
# # 'vlan': [1024, 2048],
# # 'vxlan': [4094, 65536],
# # },
# 'segmentation_id_range': {},
#
# # You can define additional provider network types here.
# # 'extra_provider_types': {
# # 'awesome_type': {
# # 'display_name': 'Awesome New Type',
# # 'require_physical_network': False,
# # 'require_segmentation_id': True,
# # }
# # },
# 'extra_provider_types': {},
#
# # Set which VNIC types are supported for port binding. Only the VNIC
# # types in this list will be available to choose from when creating a
# # port.
# # VNIC types include 'normal', 'direct', 'direct-physical', 'macvtap',
# # 'baremetal' and 'virtio-forwarder'
# # Set to empty list or None to disable VNIC type selection.
# 'supported_vnic_types': ['*'],
#
# # Set list of available physical networks to be selected in the physical
# # network field on the admin create network modal. If it's set to an empty
# # list, the field will be a regular input field.
# # e.g. ['default', 'test']
# 'physical_networks': [],
#}
<%- if ! (@neutron_options_real.empty?) -%>
OPENSTACK_NEUTRON_NETWORK = {
<%- @neutron_options_real.sort.each do |opt_name,opt_val| -%>
<%- if ! (@neutron_options.empty?) -%>
from openstack_dashboard.settings import OPENSTACK_NEUTRON_NETWORK
OPENSTACK_NEUTRON_NETWORK.update({
<%- @neutron_options.sort.each do |opt_name,opt_val| -%>
<%- if opt_val == true or opt_val == false -%>
'<%= opt_name -%>': <%= opt_val.to_s.capitalize -%>,
<%- elsif opt_val == 'None' -%>
@ -527,7 +576,7 @@ OPENSTACK_NEUTRON_NETWORK = {
'<%= opt_name -%>': '<%= opt_val -%>',
<%-end-%>
<%-end-%>
}
})
<%-end-%>
# The OPENSTACK_IMAGE_BACKEND settings can be used to customize features
@ -584,11 +633,12 @@ OPENSTACK_IMAGE_BACKEND = {
# 'image_visibility': "public",
#}
<% if @create_image_defaults -%>
CREATE_IMAGE_DEFAULTS = {
from openstack_dashboard.settings import CREATE_IMAGE_DEFAULTS
CREATE_IMAGE_DEFAULTS.update({
<%- @create_image_defaults.sort.each do |opt_name,opt_val| -%>
'<%= opt_name %>': '<%= opt_val %>',
<%- end -%>
}
})
<% end -%>
# OPENSTACK_ENDPOINT_TYPE specifies the endpoint type to use for the endpoints