openstack
/
puppet-neutron
Code Issues Proposed changes

Remove old authtoken options 

Since we are in ocata lets remove all old parameters in api
to configure the keystone_authtoken section

Change-Id: I3a0d3796beff7dc88f1d47f8c7c83eabca555ad1
This commit is contained in:
Iury Gregory Melo Ferreira 2016-11-07 23:58:22 -03:00
parent f27b001128
commit 16459f98a0
24 changed files with 113 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
manifests/keystone/authtoken.pp
View File

@ -223,32 +223,21 @@ class neutron::keystone::authtoken(
$token_cache_time = $::os_service_default,
) {
if is_service_default($password) and ! $::neutron::server::password {
if is_service_default($password) {
fail('Please set password for neutron service user')
}
$auth_uri_real = pick($::neutron::server::auth_uri,$auth_uri)
$auth_url_real = pick($::neutron::server::auth_url,$auth_url)
$auth_type_real = pick($::neutron::server::keystone_auth_type,$auth_type)
$memcached_servers_real = pick($::neutron::server::memcached_servers,$memcached_servers)
$password_real = pick($::neutron::server::password,$password)
$project_domain_name_real = pick($::neutron::server::project_domain_name,$project_domain_name)
$project_name_real = pick($::neutron::server::project_name,$project_name)
$region_name_real = pick($::neutron::server::region_name,$region_name)
$username_real = pick($::neutron::server::username,$username)
$user_domain_name_real = pick($::neutron::server::user_domain_name,$user_domain_name)
keystone::resource::authtoken { 'neutron_config':
username => $username_real,
password => $password_real,
project_name => $project_name_real,
auth_url => $auth_url_real,
auth_uri => $auth_uri_real,
username => $username,
password => $password,
project_name => $project_name,
auth_url => $auth_url,
auth_uri => $auth_uri,
auth_version => $auth_version,
auth_type => $auth_type_real,
auth_type => $auth_type,
auth_section => $auth_section,
user_domain_name => $user_domain_name_real,
project_domain_name => $project_domain_name_real,
user_domain_name => $user_domain_name,
project_domain_name => $project_domain_name,
insecure => $insecure,
cache => $cache,
cafile => $cafile,
@ -269,11 +258,10 @@ class neutron::keystone::authtoken(
memcache_security_strategy => $memcache_security_strategy,
memcache_use_advanced_pool => $memcache_use_advanced_pool,
memcache_pool_unused_timeout => $memcache_pool_unused_timeout,
memcached_servers => $memcached_servers_real,
region_name => $region_name_real,
memcached_servers => $memcached_servers,
region_name => $region_name,
revocation_cache_time => $revocation_cache_time,
signing_dir => $signing_dir,
token_cache_time => $token_cache_time,
}
}

129
manifests/server.pp
View File

@ -220,63 +220,6 @@
# Deprecated. (optional) Minimum number of l3 agents which a HA router will be scheduled on.
# Defaults to undef
#
# [*keystone_auth_type*]
# (optional) Deprecated Use neutron::keystone::authtoken::auth_type instead.
# Defaults to undef
#
# [*auth_uri*]
# (optional) Deprecated Use neutron::keystone::authtoken::auth_uri
# Defaults to undef
#
# [*auth_url*]
# (optional) Deprecated Use neutron::keystone::authtoken::auth_url instead
# Defaults to undef
#
# [*username*]
# (optional) Deprecated Use neutron::keystone::authtoken::username instead
# Defaults to undef
#
# [*password*]
# (optional) Deprecated Use neutron::keystone::authtoken::password
# Defaults to undef
#
# [*project_domain_id*]
# Deprecated. Auth user project's domain ID
# Defaults to $::os_service_default
#
# [*project_domain_name*]
# (optional) Deprecated
# Use neutron::keystone::authtoken::project_domain_name instead
# Defaults to undef
#
# [*project_name*]
# (optional) Deprecated Use neutron::keystone::authtoken::project_name
# instead
# Defaults to undef
#
# [*user_domain_id*]
# (optional) Deprecated Use neutron::keystone::authtoken::
# Defaults to $::os_service_default
#
# [*user_domain_name*]
# (optional) Deprecated Use neutron::keystone::authtoken::user_domain_name
# instead
# Defaults to undef
#
# [*region_name*]
# (optional) Deprecated Use neutron::keystone::authtoken::region_name
# instead.
# Defaults to undef
#
# [*memcached_servers*]
# (optional) Deprecated Use neutron::keystone::authtoken::memcached_servers
# instead
# Defaults to undef
#
# [*auth_type*]
# (optional) Deprecated Use auth_strategy instead.
# Defaults to undef
#
class neutron::server (
$package_ensure = 'present',
$enabled = true,
@ -319,19 +262,6 @@ class neutron::server (
$lock_path = undef,
$ensure_lbaas_package = false,
$min_l3_agents_per_router = undef,
$keystone_auth_type = undef,
$auth_uri = undef,
$auth_url = undef,
$username = undef,
$password = undef,
$region_name = undef,
$project_domain_name = undef,
$project_name = undef,
$user_domain_name = undef,
$memcached_servers = undef,
$project_domain_id = $::os_service_default,
$user_domain_id = $::os_service_default,
$auth_type = undef,
) inherits ::neutron::params {
include ::neutron::deps
@ -340,58 +270,6 @@ class neutron::server (
# Work-around LP#1551974. neutron requires the keystoneclient to auth tokens
include ::keystone::client
if $auth_type {
warning('neutron::server::auth_type is deprecated, use neutron::server::auth_strategy instead.')
}
if $keystone_auth_type {
warning('neutron::server::keystone_auth_type is deprecated, use neutron::keystone::authtoken::auth_type instead.')
}
if $auth_uri {
warning('neutron::server::auth_uri is deprecated, use neutron::keystone::authtoken::auth_uri instead.')
}
if $auth_url {
warning('neutron::server::auth_url is deprecated, use neutron::keystone::authtoken::auth_url instead.')
}
if $username {
warning('neutron::server::username is deprecated, use neutron::keystone::authtoken::username instead.')
}
if $password {
warning('neutron::server::password is deprecated, use neutron::keystone::authtoken::password instead.')
}
if ! is_service_default($project_domain_id) {
warning('neutron::server::project_domain_id is deprecated, use neutron::keystone::authtoken::project_domain_name instead.')
}
if $project_domain_name {
warning('neutron::server::project_domain_name is deprecated, use neutron::keystone::authtoken::project_domain_name instead.')
}
if $project_name {
warning('neutron::server::project_name is deprecated, use neutron::keystone::authtoken::project_name instead.')
}
if ! is_service_default($user_domain_id) {
warning('neutron::server::user_domain_id is deprecated, use neutron::keystone::authtoken::user_domain_name instead.')
}
if $user_domain_name {
warning('neutron::server::user_domain_name is deprecated, use neutron::keystone::authtoken::user_domain_name instead.')
}
if $region_name {
warning('neutron::server::region_name is deprecated, use neutron::keystone::authtoken::region_name instead.')
}
if $memcached_servers {
warning('neutron::server::memcached_servers is deprecated, use neutron::keystone::authtoken::memcached_servers instead')
}
if !is_service_default($default_availability_zones) {
validate_array($default_availability_zones)
}
@ -507,12 +385,7 @@ class neutron::server (
}
}
neutron_config {
'DEFAULT/auth_type': value => $auth_type;
}
$auth_strategy_real = pick($auth_type, $auth_strategy)
if ($auth_strategy_real == 'keystone') {
if ($auth_strategy == 'keystone') {
include ::neutron::keystone::authtoken

15
releasenotes/notes/remove_old_authtoken_options-a0f3822c84aad01d.yaml Normal file
View File

@ -0,0 +1,15 @@
---
other:
- removed deprecated neutron::server::keystone_auth_type
- removed deprecated neutron::server::auth_uri
- removed deprecated neutron::server::auth_url
- removed deprecated neutron::server::username
- removed deprecated neutron::server::password
- removed deprecated neutron::server::project_domain_id
- removed deprecated neutron::server::project_domain_name
- removed deprecated neutron::server::project_name
- removed deprecated neutron::server::user_domain_id
- removed deprecated neutron::server::user_domain_name
- removed deprecated neutron::server::region_name
- removed deprecated neutron::server::memcached_servers
- removed deprecated neutron::server::auth_type

5
spec/acceptance/basic_neutron_spec.rb
View File

@ -49,10 +49,11 @@ describe 'basic neutron' do
tenant_network_types => ['vxlan'],
mechanism_drivers => ['openvswitch'],
}
class { '::neutron::keystone::authtoken':
password => 'a_big_secret',
}
class { '::neutron::server':
database_connection => 'mysql+pymysql://neutron:a_big_secret@127.0.0.1/neutron?charset=utf8',
password => 'a_big_secret',
auth_url => 'http://127.0.0.1:35357/',
sync_db => true,
service_providers => [
'LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver'

5
spec/classes/neutron_keystone_auth_spec.rb
View File

@ -42,7 +42,10 @@ describe 'neutron::keystone::auth' do
describe 'when configuring neutron-server' do
let :pre_condition do
"class { 'neutron::server': password => 'test' }"
"class { '::neutron::keystone::authtoken':
password => 'test',
}
class { 'neutron::server': }"
end
let :facts do

5
spec/classes/neutron_plugins_cisco_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::cisco' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron': rabbit_password => 'passw0rd' }"
end

7
spec/classes/neutron_plugins_midonet_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::midonet' do
let :pre_condition do
"class { 'neutron::server': password => 'password' }
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron': rabbit_password => 'passw0rd' }"
end
@ -37,7 +40,7 @@ describe 'neutron::plugins::midonet' do
it 'should install package python-networking-midonet' do
is_expected.to contain_package('python-networking-midonet').with(
:ensure => 'present')
end
end
it 'should create plugin symbolic link' do
is_expected.to contain_file('/etc/neutron/plugin.ini').with(

5
spec/classes/neutron_plugins_ml2_arista_l3_spec.rb
View File

@ -22,7 +22,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::arista::l3' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_arista_spec.rb
View File

@ -22,7 +22,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::arista' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_bigswitch_restproxy_spec.rb
View File

@ -7,7 +7,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::bigswitch::restproxy' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_bigswitch_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::bigswitch' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_cisco_nexus1000v_spec.rb
View File

@ -7,7 +7,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::cisco::nexus1000v' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_cisco_nexus_spec.rb
View File

@ -7,7 +7,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::cisco::nexus' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_cisco_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::cisco' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_cisco_type_nexus_vxlan_spec.rb
View File

@ -7,7 +7,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::cisco::type_nexus_vxlan' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_cisco_ucsm_spec.rb
View File

@ -7,7 +7,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::cisco::ucsm' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_midonet_spec.rb
View File

@ -7,7 +7,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::midonet' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_opendaylight_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::opendaylight' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

5
spec/classes/neutron_plugins_ml2_ovn_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::ml2::ovn' do
let :pre_condition do
"class { 'neutron::server': password => 'password' }
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron': rabbit_password => 'passw0rd' }"
end

6
spec/classes/neutron_plugins_nuage_spec.rb
View File

@ -6,7 +6,10 @@ describe 'neutron::plugins::nuage' do
"class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'nuage_neutron.plugins.nuage.plugin.NuagePlugin' }
class { 'neutron::server': password => 'password' }"
class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }"
end
let :test_facts do
@ -129,4 +132,3 @@ describe 'neutron::plugins::nuage' do
end
end

5
spec/classes/neutron_plugins_opencontrail_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::opencontrail' do
let :pre_condition do
"class { 'neutron::server': password => 'password' }
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron': rabbit_password => 'passw0rd' }"
end

5
spec/classes/neutron_plugins_ovs_opendaylight_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::ovs::opendaylight' do
let :pre_condition do
"class { 'neutron::server': password => 'password'}
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron':
rabbit_password => 'passw0rd',
core_plugin => 'neutron.plugins.ml2.plugin.Ml2Plugin' }"

8
spec/classes/neutron_plugins_plumgrid_spec.rb
View File

@ -3,7 +3,10 @@ require 'spec_helper'
describe 'neutron::plugins::plumgrid' do
let :pre_condition do
"class { 'neutron::server': password => 'password' }
"class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}
class { 'neutron::server': }
class { 'neutron': rabbit_password => 'passw0rd' }"
end
@ -78,9 +81,6 @@ describe 'neutron::plugins::plumgrid' do
end
it 'should perform default configuration of plumgrid plumlib' do
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/admin_user').with_value('admin')
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/admin_password').with_value('<SERVICE DEFAULT>')
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/admin_tenant_name').with_value('admin')
auth_uri = params[:auth_protocol] + "://" + params[:controller_priv_host] + ":" + "35357/" + params[:identity_version];
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/auth_uri').with_value(auth_uri)
is_expected.to contain_neutron_plumlib_plumgrid('keystone_authtoken/identity_version').with_value(params[:identity_version])

23
spec/classes/neutron_server_spec.rb
View File

@ -3,22 +3,20 @@ require 'spec_helper'
describe 'neutron::server' do
let :pre_condition do
"class { 'neutron': rabbit_password => 'passw0rd' }"
"class { 'neutron': rabbit_password => 'passw0rd' }
class { '::neutron::keystone::authtoken':
password => 'passw0rd',
}"
end
let :params do
{ :password => 'passw0rd',
:username => 'neutron',
:keystone_auth_type => 'password',
:project_domain_name => 'Default',
:project_name => 'services',
:user_domain_name => 'Default'}
{}
end
let :default_params do
{ :package_ensure => 'present',
:enabled => true,
:auth_type => 'keystone',
:auth_strategy => 'keystone',
:database_connection => 'sqlite:////var/lib/neutron/ovs.sqlite',
:database_max_retries => 10,
:database_idle_timeout => 3600,
@ -228,13 +226,6 @@ describe 'neutron::server' do
end
end
shared_examples_for 'a neutron server with broken authentication' do
before do
params.delete(:password)
end
it_raises 'a Puppet::Error', /Please set password for neutron service user/
end
shared_examples_for 'VPNaaS, FWaaS and LBaaS package installation' do
before do
params.merge!(
@ -274,7 +265,6 @@ describe 'neutron::server' do
end
it_configures 'a neutron server'
it_configures 'a neutron server with broken authentication'
it_configures 'a neutron server without database synchronization'
end
@ -291,7 +281,6 @@ describe 'neutron::server' do
end
it_configures 'a neutron server'
it_configures 'a neutron server with broken authentication'
it_configures 'a neutron server without database synchronization'
end
end