From fc85e13cad45b076b05e80c2483f09e998557510 Mon Sep 17 00:00:00 2001 From: Alan Bishop Date: Tue, 12 Feb 2019 16:20:26 -0500 Subject: [PATCH] Don't create keystone service or endpoint for API v1 Cinder removed support for API v1 in Queens [1], so don't create the keystone service or endpoint for v1. Existing keystone catalog entries for v1 are not removed. It is the user's responsibility for removing them. [1] https://review.openstack.org/499342 Change-Id: I4a317d0eb2a2359c484b70eec97e8411dc22e9e8 --- manifests/keystone/auth.pp | 115 ++++++++++-------- .../notes/remove-api-v1-2987e0317436bc69.yaml | 19 +++ spec/classes/cinder_keystone_auth_spec.rb | 35 +----- 3 files changed, 87 insertions(+), 82 deletions(-) create mode 100644 releasenotes/notes/remove-api-v1-2987e0317436bc69.yaml diff --git a/manifests/keystone/auth.pp b/manifests/keystone/auth.pp index 1936c428..629bd07c 100644 --- a/manifests/keystone/auth.pp +++ b/manifests/keystone/auth.pp @@ -39,11 +39,6 @@ # (Optional) Username for Cinder v3 service. # Defaults to 'cinderv3'. # -# [*configure_endpoint*] -# (Optional) Should Cinder endpoint be configured? -# API v1 endpoint should be enabled in Icehouse for compatibility with Nova. -# Defaults to true -# # [*configure_endpoint_v2*] # (Optional) Should Cinder v2 endpoint be configured? # Defaults to true @@ -76,10 +71,6 @@ # (Optional) Should the admin role be configured for the service user for cinder v3? # Defaults to false # -# [*service_name*] -# (Optional) Name of the service. -# Defaults to 'cinder'. -# # [*service_name_v2*] # (Optional) Name of the v2 service. # Defaults to 'cinderv2'. @@ -88,10 +79,6 @@ # (Optional) Name of the v3 service. # Defaults to 'cinderv3'. # -# [*service_type*] -# (Optional) Type of service. -# Defaults to 'volume'. -# # [*service_type_v2*] # (Optional) Type of API v2 service. # Defaults to 'volumev2'. @@ -100,10 +87,6 @@ # (Optional) Type of API v3 service. # Defaults to 'volumev3'. # -# [*service_description*] -# (Optional) Description for keystone service. -# Defaults to 'Cinder Service'. -# # [*service_description_v2*] # (Optional) Description for keystone v2 service. # Defaults to 'Cinder Service v2'. @@ -128,21 +111,6 @@ # (Optional) Tenant for Cinder v3 user. # Defaults to 'services'. # -# [*public_url*] -# (Optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s') -# This url should *not* contain any trailing '/'. -# Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s' -# -# [*internal_url*] -# (Optional) The endpoint's internal url. -# This url should *not* contain any trailing '/'. -# Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s' -# -# [*admin_url*] -# (Optional) The endpoint's admin url. -# This url should *not* contain any trailing '/'. -# Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s' -# # [*public_url_v2*] # (Optional) The v2 endpoint's public url. # This url should *not* contain any trailing '/'. @@ -176,11 +144,45 @@ # === Examples # # class { 'cinder::keystone::auth': -# public_url => 'https://10.0.0.10:8776/v1/%(tenant_id)s', -# internal_url => 'https://10.0.0.20:8776/v1/%(tenant_id)s', -# admin_url => 'https://10.0.0.30:8776/v1/%(tenant_id)s', +# public_url => 'https://10.0.0.10:8776/v3/%(tenant_id)s', +# internal_url => 'https://10.0.0.20:8776/v3/%(tenant_id)s', +# admin_url => 'https://10.0.0.30:8776/v3/%(tenant_id)s', # } # +# DEPRECATED PARAMETERS +# +# [*configure_endpoint*] +# (Optional) Should Cinder v1 endpoint be configured? +# API v1 was removed in Queens. +# Defaults to undef +# +# [*public_url*] +# (Optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s') +# This url should *not* contain any trailing '/'. +# Defaults to undef +# +# [*internal_url*] +# (Optional) The endpoint's internal url. +# This url should *not* contain any trailing '/'. +# Defaults to undef +# +# [*admin_url*] +# (Optional) The endpoint's admin url. +# This url should *not* contain any trailing '/'. +# Defaults to undef +# +# [*service_name*] +# (Optional) Name of the service. +# Defaults to undef +# +# [*service_type*] +# (Optional) Type of service. +# Defaults to undef +# +# [*service_description*] +# (Optional) Description for keystone service. +# Defaults to undef +# class cinder::keystone::auth ( $password, $password_user_v2 = undef, @@ -194,16 +196,12 @@ class cinder::keystone::auth ( $email = 'cinder@localhost', $email_user_v2 = 'cinderv2@localhost', $email_user_v3 = 'cinderv3@localhost', - $public_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s', - $internal_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s', - $admin_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s', $public_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s', $internal_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s', $admin_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s', $public_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s', $internal_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s', $admin_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s', - $configure_endpoint = true, $configure_endpoint_v2 = true, $configure_endpoint_v3 = true, $configure_user = true, @@ -212,23 +210,41 @@ class cinder::keystone::auth ( $configure_user_role = true, $configure_user_role_v2 = false, $configure_user_role_v3 = false, - $service_name = 'cinder', $service_name_v2 = 'cinderv2', $service_name_v3 = 'cinderv3', - $service_type = 'volume', $service_type_v2 = 'volumev2', $service_type_v3 = 'volumev3', - $service_description = 'Cinder Service', $service_description_v2 = 'Cinder Service v2', $service_description_v3 = 'Cinder Service v3', $region = 'RegionOne', + # DEPRECATED PARAMETERS + $configure_endpoint = undef, + $public_url = undef, + $internal_url = undef, + $admin_url = undef, + $service_name = undef, + $service_type = undef, + $service_description = undef, ) { include ::cinder::deps - if $configure_endpoint { - Keystone_endpoint["${region}/${service_name}::${service_type}"] -> Anchor['cinder::service::end'] + $deprecated_param_names = [ + 'configure_endpoint', + 'public_url', + 'internal_url', + 'admin_url', + 'service_name', + 'service_type', + 'service_description', + ] + $deprecated_param_names.each |$param_name| { + $param = getvar($param_name) + if $param != undef{ + warning("The ${param_name} parameter is deprecated, has no effect and will be removed in the future release.") + } } + if $configure_endpoint_v2 { Keystone_endpoint["${region}/${service_name_v2}::${service_type_v2}"] -> Anchor['cinder::service::end'] } @@ -236,21 +252,18 @@ class cinder::keystone::auth ( Keystone_endpoint["${region}/${service_name_v3}::${service_type_v3}"] -> Anchor['cinder::service::end'] } + # Always configure the original (non-v2|v3) user and user roles, as these + # can be used by the v2 and v3 services. keystone::resource::service_identity { 'cinder': configure_user => $configure_user, configure_user_role => $configure_user_role, - configure_endpoint => $configure_endpoint, - service_type => $service_type, - service_description => $service_description, - service_name => $service_name, + configure_endpoint => false, + configure_service => false, region => $region, auth_name => $auth_name, password => $password, email => $email, tenant => $tenant, - public_url => $public_url, - admin_url => $admin_url, - internal_url => $internal_url, } keystone::resource::service_identity { 'cinderv2': diff --git a/releasenotes/notes/remove-api-v1-2987e0317436bc69.yaml b/releasenotes/notes/remove-api-v1-2987e0317436bc69.yaml new file mode 100644 index 00000000..d098c3f2 --- /dev/null +++ b/releasenotes/notes/remove-api-v1-2987e0317436bc69.yaml @@ -0,0 +1,19 @@ +--- +upgrade: + - | + Keystone catalog entries for Cinder's v1 API are no longer created, + but existing entries will not be automatically deleted. +deprecations: + - | + The following parameters associated with the v1 API are deprecated. + * configure_endpoint + * public_url + * internal_url + * admin_url + * service_name + * service_type + * service_description +fixes: + - | + The keystone service and endpoint for Cinder's API v1 are no longer + created. Cinder removed support for its v1 API in Queens. diff --git a/spec/classes/cinder_keystone_auth_spec.rb b/spec/classes/cinder_keystone_auth_spec.rb index 8a8f1b37..3dfb0a2a 100644 --- a/spec/classes/cinder_keystone_auth_spec.rb +++ b/spec/classes/cinder_keystone_auth_spec.rb @@ -20,11 +20,6 @@ describe 'cinder::keystone::auth' do :roles => ['admin'] )} - it { should contain_keystone_service('cinder::volume').with( - :ensure => 'present', - :description => 'Cinder Service' - )} - it { should contain_keystone_service('cinderv2::volumev2').with( :ensure => 'present', :description => 'Cinder Service v2' @@ -35,13 +30,6 @@ describe 'cinder::keystone::auth' do :description => 'Cinder Service v3' )} - it { should contain_keystone_endpoint('RegionOne/cinder::volume').with( - :ensure => 'present', - :public_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s', - :admin_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s', - :internal_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s' - )} - it { should contain_keystone_endpoint('RegionOne/cinderv2::volumev2').with( :ensure => 'present', :public_url => 'http://127.0.0.1:8776/v2/%(tenant_id)s', @@ -61,9 +49,6 @@ describe 'cinder::keystone::auth' do before do params.merge!({ :region => 'RegionThree', - :public_url => 'https://10.0.42.1:4242/v41/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v41/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v41/%(tenant_id)s', :public_url_v2 => 'https://10.0.42.1:4242/v42/%(tenant_id)s', :admin_url_v2 => 'https://10.0.42.2:4242/v42/%(tenant_id)s', :internal_url_v2 => 'https://10.0.42.3:4242/v42/%(tenant_id)s', @@ -73,13 +58,6 @@ describe 'cinder::keystone::auth' do }) end - it { should contain_keystone_endpoint('RegionThree/cinder::volume').with( - :ensure => 'present', - :public_url => 'https://10.0.42.1:4242/v41/%(tenant_id)s', - :admin_url => 'https://10.0.42.2:4242/v41/%(tenant_id)s', - :internal_url => 'https://10.0.42.3:4242/v41/%(tenant_id)s' - )} - it { should contain_keystone_endpoint('RegionThree/cinderv2::volumev2').with( :ensure => 'present', :public_url => 'https://10.0.42.1:4242/v42/%(tenant_id)s', @@ -98,13 +76,11 @@ describe 'cinder::keystone::auth' do context 'when endpoint should not be configured' do before do params.merge!( - :configure_endpoint => false, :configure_endpoint_v2 => false, :configure_endpoint_v3 => false ) end - it { should_not contain_keystone_endpoint('RegionOne/cinder::volume') } it { should_not contain_keystone_endpoint('RegionOne/cinderv2::volumev2') } it { should_not contain_keystone_endpoint('RegionOne/cinderv3::volumev3') } end @@ -119,9 +95,9 @@ describe 'cinder::keystone::auth' do it { should_not contain_keystone_user('cinder') } it { should contain_keystone_user_role('cinder@services') } - it { should contain_keystone_service('cinder::volume').with( + it { should contain_keystone_service('cinderv3::volumev3').with( :ensure => 'present', - :description => 'Cinder Service' + :description => 'Cinder Service v3' )} end @@ -136,9 +112,9 @@ describe 'cinder::keystone::auth' do it { should_not contain_keystone_user('cinder') } it { should_not contain_keystone_user_role('cinder@services') } - it { should contain_keystone_service('cinder::volume').with( + it { should contain_keystone_service('cinderv3::volumev3').with( :ensure => 'present', - :description => 'Cinder Service' + :description => 'Cinder Service v3' )} end @@ -177,7 +153,6 @@ describe 'cinder::keystone::auth' do context 'when overriding service names' do before do params.merge!( - :service_name => 'cinder_service', :service_name_v2 => 'cinder_service_v2', :service_name_v3 => 'cinder_service_v3', ) @@ -185,10 +160,8 @@ describe 'cinder::keystone::auth' do it { should contain_keystone_user('cinder') } it { should contain_keystone_user_role('cinder@services') } - it { should contain_keystone_service('cinder_service::volume') } it { should contain_keystone_service('cinder_service_v2::volumev2') } it { should contain_keystone_service('cinder_service_v3::volumev3') } - it { should contain_keystone_endpoint('RegionOne/cinder_service::volume') } it { should contain_keystone_endpoint('RegionOne/cinder_service_v2::volumev2') } it { should contain_keystone_endpoint('RegionOne/cinder_service_v3::volumev3') } end