From aa57603fb4e9a67bd628caa7e37ccb390b4186a9 Mon Sep 17 00:00:00 2001 From: Alfredo Moralejo Date: Thu, 19 Oct 2017 16:05:43 +0000 Subject: [PATCH] Force trove_auth_url to point to the v3 api URL After removing keystone API v2, trove requires that trove_auth_url parameter has the v3 URL. Note that versionless url is not valid for trove_auth_url so this patch enforces v3 url even when auth_url is not versioned. Additionally, the default value for auth_url parameter has been updated to point to v3. Change-Id: I8d0e200958c813101d72e180c6da8343b5fcae6e --- README.md | 8 ++++---- manifests/api.pp | 3 ++- manifests/conductor.pp | 7 ++++--- manifests/guestagent.pp | 8 +++++--- manifests/taskmanager.pp | 8 +++++--- .../notes/switch-to-keystone-v3-6e8e02a1f2445ad9.yaml | 5 +++++ spec/classes/trove_api_spec.rb | 2 +- spec/classes/trove_guestagent_spec.rb | 4 ++-- templates/trove-guestagent.conf.erb | 2 +- 9 files changed, 29 insertions(+), 18 deletions(-) create mode 100644 releasenotes/notes/switch-to-keystone-v3-6e8e02a1f2445ad9.yaml diff --git a/README.md b/README.md index dddc8e54..736e105d 100644 --- a/README.md +++ b/README.md @@ -80,11 +80,11 @@ The `trove_conductor_config` provider is a children of the ini_setting provider. ```puppet trove_conductor_config { 'DEFAULT/auth_url' : - value => http://localhost:5000/v2.0, + value => http://localhost:5000/v3, } ``` -This will write `auth_url=http://localhost:5000/v2.0` in the `[DEFAULT]` section. +This will write `auth_url=http://localhost:5000/v3` in the `[DEFAULT]` section. ##### name @@ -108,11 +108,11 @@ The `trove_guestagent_config` provider is a children of the ini_setting provider ```puppet trove_guestagent_config { 'DEFAULT/trove_auth_url' : - value => http://localhost:5000/v2.0, + value => http://localhost:5000/v3, } ``` -This will write `trove_auth_url=http://localhost:5000/v2.0` in the `[DEFAULT]` section. +This will write `trove_auth_url=http://localhost:5000/v3` in the `[DEFAULT]` section. ##### name diff --git a/manifests/api.pp b/manifests/api.pp index c9d20289..b16fca1f 100644 --- a/manifests/api.pp +++ b/manifests/api.pp @@ -204,8 +204,9 @@ the future release. Please use trove::api::package_ensure instead.") if $auth_strategy == 'keystone' { include ::trove::keystone::authtoken + $trove_auth_url = "${regsubst($::trove::keystone::authtoken::auth_uri, '(\/v3$|\/v2.0$|\/$)', '')}/v3" trove_config { - 'DEFAULT/trove_auth_url' : value => $::trove::keystone::authtoken::auth_uri; + 'DEFAULT/trove_auth_url' : value => $trove_auth_url; } } diff --git a/manifests/conductor.pp b/manifests/conductor.pp index 938aed8d..b56dfffc 100644 --- a/manifests/conductor.pp +++ b/manifests/conductor.pp @@ -40,7 +40,7 @@ # # [*auth_url*] # (optional) Authentication URL. -# Defaults to 'http://localhost:5000/v2.0'. +# Defaults to 'http://localhost:5000/v3'. # # [*conductor_manager*] # (optional) Trove conductor manager. @@ -73,7 +73,7 @@ class trove::conductor( $log_dir = '/var/log/trove', $use_syslog = $::os_service_default, $log_facility = $::os_service_default, - $auth_url = 'http://localhost:5000/v2.0', + $auth_url = 'http://localhost:5000/v3', $conductor_manager = 'trove.conductor.manager.Manager', $workers = $::os_workers, $enable_profiler = $::os_service_default, @@ -111,8 +111,9 @@ the future release. Please use trove::conductor::package_ensure instead.") } # basic service config + $trove_auth_url = "${regsubst($auth_url, '(\/v3$|\/v2.0$|\/$)', '')}/v3" trove_conductor_config { - 'DEFAULT/trove_auth_url': value => $auth_url; + 'DEFAULT/trove_auth_url': value => $trove_auth_url; 'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user; 'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name; 'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass; diff --git a/manifests/guestagent.pp b/manifests/guestagent.pp index dbf55c64..ac4d082a 100644 --- a/manifests/guestagent.pp +++ b/manifests/guestagent.pp @@ -40,7 +40,7 @@ # # [*auth_url*] # (optional) Authentication URL. -# Defaults to 'http://localhost:5000/v2.0'. +# Defaults to 'http://localhost:5000/v3'. # # [*swift_url*] # (optional) Swift URL. If this is unset in the class, Trove will @@ -120,7 +120,7 @@ class trove::guestagent( $log_dir = '/var/log/trove', $use_syslog = $::os_service_default, $log_facility = $::os_service_default, - $auth_url = 'http://localhost:5000/v2.0', + $auth_url = 'http://localhost:5000/v3', $swift_url = $::os_service_default, $swift_service_type = $::os_service_default, $default_transport_url = $::trove::default_transport_url, @@ -161,9 +161,11 @@ in the future release. Please use trove::guestagent::package_ensure instead.") trove::control_exchange instead.") } + $trove_auth_url = "${regsubst($auth_url, '(\/v3$|\/v2.0$|\/$)', '')}/v3" + # basic service config trove_guestagent_config { - 'DEFAULT/trove_auth_url': value => $auth_url; + 'DEFAULT/trove_auth_url': value => $trove_auth_url; 'DEFAULT/swift_url': value => $swift_url; 'DEFAULT/swift_service_type': value => $swift_service_type; 'DEFAULT/root_grant': value => $root_grant; diff --git a/manifests/taskmanager.pp b/manifests/taskmanager.pp index 8c87543a..4e952a05 100644 --- a/manifests/taskmanager.pp +++ b/manifests/taskmanager.pp @@ -62,7 +62,7 @@ # # [*auth_url*] # (optional) Authentication URL. -# Defaults to 'http://localhost:5000/v2.0'. +# Defaults to 'http://localhost:5000/v3'. # # [*heat_url*] # (optional) URL without the tenant segment. @@ -103,7 +103,7 @@ class trove::taskmanager( $use_syslog = $::os_service_default, $guest_log_file = '/var/log/trove/trove-guestagent.log', $log_facility = $::os_service_default, - $auth_url = 'http://localhost:5000/v2.0', + $auth_url = 'http://localhost:5000/v3', $heat_url = false, $package_ensure = 'present', $guestagent_config_file = '/etc/trove/trove-guestagent.conf', @@ -153,9 +153,11 @@ the future release. Please use trove::default_neutron_networks instead.") } } + $trove_auth_url = "${regsubst($auth_url, '(\/v3$|\/v2.0$|\/$)', '')}/v3" + # basic service config trove_taskmanager_config { - 'DEFAULT/trove_auth_url': value => $auth_url; + 'DEFAULT/trove_auth_url': value => $trove_auth_url; 'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user; 'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass; 'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name; diff --git a/releasenotes/notes/switch-to-keystone-v3-6e8e02a1f2445ad9.yaml b/releasenotes/notes/switch-to-keystone-v3-6e8e02a1f2445ad9.yaml new file mode 100644 index 00000000..8ad6c8a4 --- /dev/null +++ b/releasenotes/notes/switch-to-keystone-v3-6e8e02a1f2445ad9.yaml @@ -0,0 +1,5 @@ +--- +fixes: + - | + In queens cycle, Keystone API v2.0 has been retired. Default values for auth_url + parameter in the different classes have been changed to point to the v3 URL. diff --git a/spec/classes/trove_api_spec.rb b/spec/classes/trove_api_spec.rb index 82e2c371..f3c0536a 100644 --- a/spec/classes/trove_api_spec.rb +++ b/spec/classes/trove_api_spec.rb @@ -62,7 +62,7 @@ describe 'trove::api' do is_expected.to contain_trove_config('DEFAULT/bind_port').with_value('8779') is_expected.to contain_trove_config('DEFAULT/backlog').with_value('4096') is_expected.to contain_trove_config('DEFAULT/trove_api_workers').with_value('8') - is_expected.to contain_trove_config('DEFAULT/trove_auth_url').with_value('http://localhost:5000') + is_expected.to contain_trove_config('DEFAULT/trove_auth_url').with_value('http://localhost:5000/v3') is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_user').with_value('admin') is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_pass').with_value('verysecrete') is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_tenant_name').with_value('admin') diff --git a/spec/classes/trove_guestagent_spec.rb b/spec/classes/trove_guestagent_spec.rb index 73734ffe..ccbc15bf 100644 --- a/spec/classes/trove_guestagent_spec.rb +++ b/spec/classes/trove_guestagent_spec.rb @@ -127,7 +127,7 @@ describe 'trove::guestagent' do end let :params do - { :auth_url => "http://10.0.0.1:5000/v2.0", + { :auth_url => "http://10.0.0.1:5000/", :swift_url => "http://10.0.0.1:8080/v1/AUTH_", :swift_service_type => 'object-store', :rabbit_host => '10.1.0.1', @@ -136,7 +136,7 @@ describe 'trove::guestagent' do } end it 'configures trove-guestagent with custom parameters' do - is_expected.to contain_trove_guestagent_config('DEFAULT/trove_auth_url').with_value('http://10.0.0.1:5000/v2.0') + is_expected.to contain_trove_guestagent_config('DEFAULT/trove_auth_url').with_value('http://10.0.0.1:5000/v3') is_expected.to contain_trove_guestagent_config('DEFAULT/swift_url').with_value('http://10.0.0.1:8080/v1/AUTH_') is_expected.to contain_trove_guestagent_config('DEFAULT/swift_service_type').with_value('object-store') is_expected.to contain_trove_guestagent_config('oslo_messaging_rabbit/rabbit_host').with_value('10.1.0.1') diff --git a/templates/trove-guestagent.conf.erb b/templates/trove-guestagent.conf.erb index da98a791..9230fe3d 100644 --- a/templates/trove-guestagent.conf.erb +++ b/templates/trove-guestagent.conf.erb @@ -32,7 +32,7 @@ api_extensions_path = trove/extensions/routes # These options are for an admin user in your keystone config. # It proxies the token received from the user to send to nova via this admin users creds, # basically acting like the client via that proxy token. -trove_auth_url = <%= @auth_url %> +trove_auth_url = <%= @trove_auth_url %> <%- if @swift_url and @swift_url != "" -%> swift_url = <%= @swift_url %> <%- end -%>