Adapt synced Heat module for Fuel usage

Key moments: * Fix lint errors * Remove duplication of package->service dependencies * Workoaround for MySQL module * Fix name for heat-engine service in heat_ha class * Remove heat_config options from osnailyfacter class * Configure delegated roles from heat class * Add retries to heat domain creation command commit I2fbb97adde6743153fc81f8dba153356c382cb52 * Add retry to heat_domain_id commit: I1630f54cdfa850a6b4dcbc9b714ebc6195de1fb0 * Update in heat_domain_id_setter commit: I4c0df7600e10d57429eda854cd8aa6208e1c6539 * Add noop tests for new parameters Implements: blueprint upgrade-openstack-puppet-modules Change-Id: Ib9fa8acc54c124f8656d49accbdbbf733f2d3fd3
2015-06-17 17:46:03 +03:00 · 2015-06-17 17:46:03 +03:00 · 99ad7e2dde
parent 8b9839a8d7
commit 99ad7e2dde
7 changed files with 114 additions and 89 deletions
--- a/deployment/puppet/heat/lib/puppet/provider/heat_domain_id_setter/ruby.rb
+++ b/deployment/puppet/heat/lib/puppet/provider/heat_domain_id_setter/ruby.rb
@ -21,6 +21,9 @@ end
 class KeystoneAPIError < KeystoneError
 end

+RETRY_COUNT = 10
+RETRY_SLEEP = 3
+
 # Provides common request handling semantics to the other methods in
 # this module.
 #
@ -97,6 +100,7 @@ def heat_handle_requests(auth_url,
        post_args['auth']['tenantName'] = tenantName
    end

+    auth_url.sub!('v3', 'v2.0')
    url = URI.parse("#{auth_url}/tokens")
    req = Net::HTTP::Post.new url.path
    req['content-type'] = 'application/json'
@ -167,17 +171,26 @@ Puppet::Type.type(:heat_domain_id_setter).provide(:ruby) do
    # - There are multiple matches, or
    # - There are zero matches
    def get_domain_id
-        token = authenticate
-        domains = find_domain_by_name(token)
+        RETRY_COUNT.times do |n|
+            begin
+                domains = find_domain_by_name(authenticate)
+            rescue => e
+                debug "Request failed: '#{e.message}' Retry: '#{n}'"
+                sleep RETRY_SLEEP
+                next
+            end

-        if domains.length == 1
-            return domains[0]['id']
-        elsif domains.length > 1
-            name = domains[0]['name']
-            raise KeystoneAPIError, 'Found multiple matches for domain name "#{name}"'
-        else
-            raise KeystoneAPIError, 'Unable to find matching domain'
+            if domains.length == 1
+                return domains[0]['id']
+            elsif domains.length > 1
+                name = domains[0]['name']
+                raise KeystoneAPIError, 'Found multiple matches for domain name "#{name}"'
+            else
+                debug "Domain '#{@resource[:domain_name]}' not found! Retry: '#{n}'"
+                sleep RETRY_SLEEP
+            end
        end
+        raise KeystoneAPIError, "Unable to find domain with name: '#{@resource[:domain_name]}'"
    end

    def config
--- a/deployment/puppet/heat/manifests/keystone/domain.pp
+++ b/deployment/puppet/heat/manifests/keystone/domain.pp
@ -54,7 +54,10 @@ class heat::keystone::domain (
    command     => 'heat-keystone-setup-domain',
    environment => $cmd_evn,
    require     => Package['heat-common'],
-    logoutput   => 'on_failure'
+    logoutput   => 'on_failure',
+    # TODO (iberezovskiy): propose upstream patch for retries
+    tries       => 10,
+    try_sleep   => 3
  }

  heat_domain_id_setter { 'heat_domain_id':
--- a/deployment/puppet/heat_ha/manifests/engine.pp
+++ b/deployment/puppet/heat_ha/manifests/engine.pp
@ -1,10 +1,12 @@
 class heat_ha::engine inherits heat::engine {
+  include heat::params
+
  $primitive_type  = 'heat-engine'

-  #  if $::osfamily == 'RedHat' {    
-  #  $ocf_script_template = 'heat/heat_engine_centos.ocf.erb'    
-  #} else {    
-  #  $ocf_script_template = 'heat/heat_engine_ubuntu.ocf.erb'    
+  #  if $::osfamily == 'RedHat' {
+  #  $ocf_script_template = 'heat/heat_engine_centos.ocf.erb'
+  #} else {
+  #  $ocf_script_template = 'heat/heat_engine_ubuntu.ocf.erb'
  #}

  # migration-threshold is number of tries to
@ -31,7 +33,7 @@ class heat_ha::engine inherits heat::engine {
    'interleave' => true,
  }

-  pacemaker_wrappers::service { $service_name :
+  pacemaker_wrappers::service { $::heat::params::engine_service_name :
    primitive_type      => $primitive_type,
    metadata            => $metadata,
    complex_type        => 'clone',
--- a/deployment/puppet/openstack/manifests/heat.pp
+++ b/deployment/puppet/openstack/manifests/heat.pp
@ -16,6 +16,7 @@ class openstack::heat (
  $keystone_ec2_uri              = false,
  $region                        = 'RegionOne',
  $auth_uri                      = false,
+  $trusts_delegated_roles        = [],

  $verbose                       = false,
  $debug                         = false,
@ -58,9 +59,7 @@ class openstack::heat (
 ){

  # No empty passwords allowed
-  validate_string($keystone_password)
  validate_string($amqp_password)
-  validate_string($db_password)

  # Generate values logic
  if $keystone_ec2_uri {
@ -68,11 +67,6 @@ class openstack::heat (
  } else {
    $keystone_ec2_uri_real    = "${keystone_protocol}://${keystone_host}:${keystone_port}/v2.0/ec2tokens"
  }
-  if $auth_uri {
-    $auth_uri_real            = $auth_uri
-  } else {
-    $auth_uri_real            = "${keystone_protocol}://${keystone_host}:${keystone_service_port}/v2.0"
-  }
  if $heat_metadata_server_url {
    $metadata_server_url      = $heat_metadata_server_url
  } else {
@ -101,6 +95,13 @@ class openstack::heat (
  |> ->
  Service<| title == 'heat-api-cfn' or title == 'heat-api-cloudwatch' |>

+  # Syslog configuration
+  if $use_syslog {
+    heat_config {
+      'DEFAULT/use_syslog_rfc_format': value => true;
+    }
+  }
+
  # Firewall rules for APIs
  firewall { '206 heat-api-cloudwatch' :
    dport  => [ $api_cloudwatch_bind_port ],
@ -135,7 +136,7 @@ class openstack::heat (
      admin_protocol                 => 'http',
      internal_protocol              => 'http',
      configure_endpoint             => true,
-
+      trusts_delegated_roles         => $trusts_delegated_roles,
    }
    #todo(bogdando) clarify this new to fuel heat auth cfn patterns
    class { 'heat::keystone::auth_cfn' :
@ -158,52 +159,39 @@ class openstack::heat (
  }
  # Common configuration, logging and RPC
  class { '::heat':
-    auth_uri                      => $auth_uri_real,
-    keystone_ec2_uri              => $keystone_ec2_uri_real,
-    keystone_host                 => $keystone_host,
-    keystone_port                 => $keystone_port,
-    keystone_protocol             => $keystone_protocol,
-    keystone_user                 => $keystone_user,
-    keystone_tenant               => $keystone_tenant,
-    keystone_password             => $keystone_password,
+    auth_uri              => $auth_uri,
+    keystone_ec2_uri      => $keystone_ec2_uri_real,
+    keystone_host         => $keystone_host,
+    keystone_port         => $keystone_port,
+    keystone_protocol     => $keystone_protocol,
+    keystone_user         => $keystone_user,
+    keystone_tenant       => $keystone_tenant,
+    keystone_password     => $keystone_password,
+    region_name           => $region,

-    sql_connection                => $sql_connection,
-    database_idle_timeout         => $idle_timeout,
+    sql_connection        => $sql_connection,
+    database_idle_timeout => $idle_timeout,

-    rpc_backend                   => $rpc_backend,
-    rabbit_hosts                  => $amqp_hosts,
-    rabbit_userid                 => $amqp_user,
-    rabbit_password               => $amqp_password,
-    rabbit_virtual_host           => $rabbit_virtualhost,
+    rpc_backend           => $rpc_backend,
+    rabbit_hosts          => $amqp_hosts,
+    rabbit_userid         => $amqp_user,
+    rabbit_password       => $amqp_password,
+    rabbit_virtual_host   => $rabbit_virtualhost,

-    log_dir                       => $log_dir,
-    verbose                       => $verbose,
-    debug                         => $debug,
-    use_syslog                    => $use_syslog,
-    log_facility                  => $syslog_log_facility,
+    log_dir               => $log_dir,
+    verbose               => $verbose,
+    debug                 => $debug,
+    use_syslog            => $use_syslog,
+    log_facility          => $syslog_log_facility,
  }

  heat_config {
    'DEFAULT/notification_driver': value => 'heat.openstack.common.notifier.rpc_notifier';
-    'DEFAULT/region_name_for_services': value => $region;
    'DATABASE/max_pool_size':      value => $max_pool_size;
    'DATABASE/max_overflow':       value => $max_overflow;
    'DATABASE/max_retries':        value => $max_retries;
  }

-  # Syslog configuration
-  if $use_syslog {
-    heat_config {
-      'DEFAULT/use_syslog_rfc_format': value => true;
-    }
-  }
-
-  $deps_routes_package_name     = 'python-routes'
-  package { 'python-routes':
-    ensure  => $ensure,
-    name    => $deps_routes_package_name,
-  } ->  Package <| title == 'heat-api' |>
-
  # Engine
  class { 'heat::engine' :
    auth_encryption_key           => $auth_encryption_key,
@ -211,43 +199,26 @@ class openstack::heat (
    heat_metadata_server_url      => $metadata_server_url,
    heat_waitcondition_server_url => $waitcondition_server_url,
    heat_watch_server_url         => $watch_server_url,
+    trusts_delegated_roles        => $trusts_delegated_roles,
  }

  # Install the heat APIs
  class { 'heat::api':
-    bind_host                     => $api_bind_host,
-    bind_port                     => $api_bind_port,
-    enabled                       => $enabled,
+    bind_host => $api_bind_host,
+    bind_port => $api_bind_port,
+    enabled   => $enabled,
  }
  class { 'heat::api_cfn' :
-    bind_host                     => $api_cfn_bind_host,
-    bind_port                     => $api_cfn_bind_port,
-    enabled                       => $enabled,
+    bind_host => $api_cfn_bind_host,
+    bind_port => $api_cfn_bind_port,
+    enabled   => $enabled,
  }
  class { 'heat::api_cloudwatch' :
-    bind_host                     => $api_cloudwatch_bind_host,
-    bind_port                     => $api_cloudwatch_bind_port,
-    enabled                       => $enabled,
+    bind_host => $api_cloudwatch_bind_host,
+    bind_port => $api_cloudwatch_bind_port,
+    enabled   => $enabled,
  }

  # Client
  class { 'heat::client' :  }
-
-  # Patching openstack related notifications
-  Package<| title == 'heat-engine'|> ~> Service<| title == 'heat-engine'|>
-  if !defined(Service['heat-engine']) {
-    notify{ "Module ${module_name} cannot notify service heat-engine on package update": }
-  }
-  Package<| title == 'heat-api'|> ~> Service<| title == 'heat-api'|>
-  if !defined(Service['heat-api']) {
-    notify{ "Module ${module_name} cannot notify service heat-api on package update": }
-  }
-  Package<| title == 'heat-api-cfn'|> ~> Service<| title == 'heat-api-cfn'|>
-  if !defined(Service['heat-api-cfn']) {
-    notify{ "Module ${module_name} cannot notify service heat-api-cfn on package update": }
-  }
-  Package<| title == 'heat-api-cloudwatch'|> ~> Service<| title == 'heat-api-cloudwatch'|>
-  if !defined(Service['heat-api-cloudwatch']) {
-    notify{ "Module ${module_name} cannot notify service heat-api-cloudwatch on package update": }
-  }
 }
--- a/deployment/puppet/osnailyfacter/modular/heat/heat.pp
+++ b/deployment/puppet/osnailyfacter/modular/heat/heat.pp
@ -127,11 +127,6 @@ class { 'heat::keystone::domain' :

 Class['heat'] -> Class['heat::keystone::domain'] ~> Service<| title == 'heat-engine' |>

-heat_config {
-  'DEFAULT/deferred_auth_method'    : value => 'trusts';
-  'DEFAULT/trusts_delegated_roles'  : value => '';
-}
-
 ######################

 exec { 'wait_for_heat_config' :
--- a/tests/noop/spec/hosts/heat/heat_db_spec.rb
+++ b/tests/noop/spec/hosts/heat/heat_db_spec.rb
@ -3,6 +3,15 @@ require 'shared-examples'
 manifest = 'heat/heat_db.pp'

 describe manifest do
+  shared_examples 'catalog' do
+
+    it 'should contain openstack::heat class with db_allowed_hosts parameter' do
+      hostname = Noop.hostname
+      db_allowed_hosts = [ hostname, 'localhost', '127.0.0.1', '%' ]
+      should contain_class('heat::db::mysql').with('allowed_hosts' => db_allowed_hosts)
+    end
+
+  end # end of shared_examples
  test_ubuntu_and_centos manifest
 end

--- a/tests/noop/spec/hosts/heat/heat_spec.rb
+++ b/tests/noop/spec/hosts/heat/heat_spec.rb
@ -3,6 +3,38 @@ require 'shared-examples'
 manifest = 'heat/heat.pp'

 describe manifest do
+  shared_examples 'catalog' do
+
+    use_syslog = Noop.hiera 'use_syslog'
+
+    it 'should set empty trusts_delegated_roles for heat authentication and engine' do
+      should contain_class('heat::keystone::auth').with(
+        'trusts_delegated_roles' => [],
+      )
+      should contain_class('heat::engine').with(
+        'trusts_delegated_roles' => [],
+      )
+      should contain_heat_config('DEFAULT/trusts_delegated_roles').with(
+        'value' => [],
+      )
+    end
+
+    it 'should configure syslog rfc format for heat' do
+      should contain_heat_config('DEFAULT/use_syslog_rfc_format').with(:value => use_syslog)
+    end
+
+    it 'should configure region name for heat' do
+      region = Noop.hiera 'region'
+      if !region
+        region = 'RegionOne'
+      end
+      should contain_heat_config('DEFAULT/region_name_for_services').with(
+        'value' => region,
+      )
+    end
+
+  end # end of shared_examples
+
  test_ubuntu_and_centos manifest
 end