From e4156702ed0b2c72f737b0f5185a4d15b86e53d1 Mon Sep 17 00:00:00 2001 From: Alejandro Andreu Date: Thu, 24 Nov 2016 17:47:51 +0100 Subject: [PATCH] Enable MidoNet Cluster to work with non-admin user As of now it was only possible to make it work with the admin token, now it will be possible to set it up with a user as long as it has the "admin" role. Change-Id: Ic09d35228e31fd677c2c581492370a501d8f714f --- manifests/cluster.pp | 92 ++++++++++++---------- manifests/cluster/run.pp | 7 +- templates/cluster/mn-cluster_config.sh.erb | 11 ++- 3 files changed, 65 insertions(+), 45 deletions(-) diff --git a/manifests/cluster.pp b/manifests/cluster.pp index cf5ee64..c537afa 100644 --- a/manifests/cluster.pp +++ b/manifests/cluster.pp @@ -113,26 +113,31 @@ class midonet::cluster ( $zookeeper_hosts, $cassandra_servers, $cassandra_rep_factor, - $keystone_admin_token, $keystone_host, - $keystone_protocol = undef, - $keystone_tenant_name = undef, - $package_name = undef, - $package_ensure = undef, - $service_name = undef, - $service_ensure = undef, - $service_enable = undef, - $cluster_config_path = undef, - $cluster_jvm_config_path = undef, - $cluster_host = undef, - $cluster_port = undef, - $keystone_port = undef, - $max_heap_size = undef, - $heap_newsize = undef, - $is_mem = undef, - $is_insights = undef, - $insights_ssl = undef, - $analytics_ip = undef, + $keystone_protocol = undef, + $keystone_admin_token = undef, + $keystone_user_name = undef, + $keystone_user_password = undef, + $keystone_tenant_name = undef, + $keystone_domain_name = undef, + $keystone_domain_id = undef, + $keystone_keystone_version = undef, + $package_name = undef, + $package_ensure = undef, + $service_name = undef, + $service_ensure = undef, + $service_enable = undef, + $cluster_config_path = undef, + $cluster_jvm_config_path = undef, + $cluster_host = undef, + $cluster_port = undef, + $keystone_port = undef, + $max_heap_size = undef, + $heap_newsize = undef, + $is_mem = undef, + $is_insights = undef, + $insights_ssl = undef, + $analytics_ip = undef, ) { class { 'midonet::cluster::install': @@ -143,28 +148,33 @@ class midonet::cluster ( contain 'midonet::cluster::install' class { 'midonet::cluster::run': - service_name => $service_name, - service_ensure => $service_ensure, - service_enable => $service_enable, - cluster_config_path => $cluster_config_path, - cluster_jvm_config_path => $cluster_config_path, - cluster_host => $cluster_host, - cluster_port => $cluster_port, - max_heap_size => $max_heap_size, - heap_newsize => $heap_newsize, - zookeeper_hosts => $zookeeper_hosts, - cassandra_servers => $cassandra_servers, - cassandra_rep_factor => $cassandra_rep_factor, - keystone_admin_token => $keystone_admin_token, - keystone_host => $keystone_host, - keystone_port => $keystone_port, - keystone_tenant_name => $keystone_tenant_name, - keystone_protocol => $keystone_protocol, - is_insights => $is_insights, - insights_ssl => $insights_ssl, - analytics_ip => $analytics_ip, - package_ensure => $package_ensure, - require => Class['midonet::cluster::install'] + service_name => $service_name, + service_ensure => $service_ensure, + service_enable => $service_enable, + cluster_config_path => $cluster_config_path, + cluster_jvm_config_path => $cluster_config_path, + cluster_host => $cluster_host, + cluster_port => $cluster_port, + max_heap_size => $max_heap_size, + heap_newsize => $heap_newsize, + zookeeper_hosts => $zookeeper_hosts, + cassandra_servers => $cassandra_servers, + cassandra_rep_factor => $cassandra_rep_factor, + keystone_admin_token => $keystone_admin_token, + keystone_host => $keystone_host, + keystone_port => $keystone_port, + keystone_tenant_name => $keystone_tenant_name, + keystone_protocol => $keystone_protocol, + keystone_user_name => undef, + keystone_user_password => undef, + keystone_domain_name => 'Default', + keystone_domain_id => 'default', + keystone_keystone_version => '3', + is_insights => $is_insights, + insights_ssl => $insights_ssl, + analytics_ip => $analytics_ip, + package_ensure => $package_ensure, + require => Class['midonet::cluster::install'] } contain 'midonet::cluster::run' } diff --git a/manifests/cluster/run.pp b/manifests/cluster/run.pp index 567c0c5..9991498 100644 --- a/manifests/cluster/run.pp +++ b/manifests/cluster/run.pp @@ -87,11 +87,16 @@ class midonet::cluster::run ( $zookeeper_hosts, $cassandra_servers, $cassandra_rep_factor, - $keystone_admin_token, $keystone_host, + $keystone_admin_token = undef, + $keystone_user_name = undef, + $keystone_user_password = undef, $keystone_protocol = 'http', $keystone_port = '35357', $keystone_tenant_name = 'admin', + $keystone_domain_name = 'Default', + $keystone_domain_id = 'default', + $keystone_keystone_version = '3', $service_name = 'midonet-cluster', $service_ensure = 'running', $service_enable = true, diff --git a/templates/cluster/mn-cluster_config.sh.erb b/templates/cluster/mn-cluster_config.sh.erb index 6b49bc8..bbb468c 100644 --- a/templates/cluster/mn-cluster_config.sh.erb +++ b/templates/cluster/mn-cluster_config.sh.erb @@ -43,9 +43,14 @@ cluster.auth { admin_role = "admin" keystone.tenant_name = "<%= @keystone_tenant_name %>" keystone.admin_token = "<%= @keystone_admin_token %>" - keystone.host = <%= @keystone_host %> - keystone.port = <%= @keystone_port %> - keystone.protocol = <%= @keystone_protocol %> + keystone.host = "<%= @keystone_host %>" + keystone.port = "<%= @keystone_port %>" + keystone.protocol = "<%= @keystone_protocol %>" + keystone.domain_name = "<%= @keystone_domain_name %>" + keystone.domain_id = "<%= @keystone_domain_id %>" + keystone.user_name = "<%= @keystone_user_name %>" + keystone.user_password = "<%= @keystone_user_password %>" + keystone.version = "<%= @keystone_keystone_version %>" } cluster.rest_api { http_host = <%= @cluster_host %>