openstack/puppet-cinder
Code Issues Proposed changes

Don't create keystone service or endpoint for API v1

Browse Source 
Cinder removed support for API v1 in Queens [1], so don't create the
keystone service or endpoint for v1.

Existing keystone catalog entries for v1 are not removed. It is the
user's responsibility for removing them.

[1] https://review.openstack.org/499342

Change-Id: I4a317d0eb2a2359c484b70eec97e8411dc22e9e8
This commit is contained in:
Alan Bishop 2019-02-12 16:20:26 -05:00
parent 1530dac810
commit fc85e13cad
3 changed files with 87 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
manifests/keystone/auth.pp
View File

@ -39,11 +39,6 @@
# (Optional) Username for Cinder v3 service.
# Defaults to 'cinderv3'.
#
# [*configure_endpoint*]
# (Optional) Should Cinder endpoint be configured?
# API v1 endpoint should be enabled in Icehouse for compatibility with Nova.
# Defaults to true
#
# [*configure_endpoint_v2*]
# (Optional) Should Cinder v2 endpoint be configured?
# Defaults to true
@ -76,10 +71,6 @@
# (Optional) Should the admin role be configured for the service user for cinder v3?
# Defaults to false
#
# [*service_name*]
# (Optional) Name of the service.
# Defaults to 'cinder'.
#
# [*service_name_v2*]
# (Optional) Name of the v2 service.
# Defaults to 'cinderv2'.
@ -88,10 +79,6 @@
# (Optional) Name of the v3 service.
# Defaults to 'cinderv3'.
#
# [*service_type*]
# (Optional) Type of service.
# Defaults to 'volume'.
#
# [*service_type_v2*]
# (Optional) Type of API v2 service.
# Defaults to 'volumev2'.
@ -100,10 +87,6 @@
# (Optional) Type of API v3 service.
# Defaults to 'volumev3'.
#
# [*service_description*]
# (Optional) Description for keystone service.
# Defaults to 'Cinder Service'.
#
# [*service_description_v2*]
# (Optional) Description for keystone v2 service.
# Defaults to 'Cinder Service v2'.
@ -128,21 +111,6 @@
# (Optional) Tenant for Cinder v3 user.
# Defaults to 'services'.
#
# [*public_url*]
# (Optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
# Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s'
#
# [*internal_url*]
# (Optional) The endpoint's internal url.
# This url should *not* contain any trailing '/'.
# Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s'
#
# [*admin_url*]
# (Optional) The endpoint's admin url.
# This url should *not* contain any trailing '/'.
# Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s'
#
# [*public_url_v2*]
# (Optional) The v2 endpoint's public url.
# This url should *not* contain any trailing '/'.
@ -176,11 +144,45 @@
# === Examples
#
# class { 'cinder::keystone::auth':
# public_url => 'https://10.0.0.10:8776/v1/%(tenant_id)s',
# internal_url => 'https://10.0.0.20:8776/v1/%(tenant_id)s',
# admin_url => 'https://10.0.0.30:8776/v1/%(tenant_id)s',
# public_url => 'https://10.0.0.10:8776/v3/%(tenant_id)s',
# internal_url => 'https://10.0.0.20:8776/v3/%(tenant_id)s',
# admin_url => 'https://10.0.0.30:8776/v3/%(tenant_id)s',
# }
#
# DEPRECATED PARAMETERS
#
# [*configure_endpoint*]
# (Optional) Should Cinder v1 endpoint be configured?
# API v1 was removed in Queens.
# Defaults to undef
#
# [*public_url*]
# (Optional) The endpoint's public url. (Defaults to 'http://127.0.0.1:8776/v1/%(tenant_id)s')
# This url should *not* contain any trailing '/'.
# Defaults to undef
#
# [*internal_url*]
# (Optional) The endpoint's internal url.
# This url should *not* contain any trailing '/'.
# Defaults to undef
#
# [*admin_url*]
# (Optional) The endpoint's admin url.
# This url should *not* contain any trailing '/'.
# Defaults to undef
#
# [*service_name*]
# (Optional) Name of the service.
# Defaults to undef
#
# [*service_type*]
# (Optional) Type of service.
# Defaults to undef
#
# [*service_description*]
# (Optional) Description for keystone service.
# Defaults to undef
#
class cinder::keystone::auth (
$password,
$password_user_v2 = undef,
@ -194,16 +196,12 @@ class cinder::keystone::auth (
$email = 'cinder@localhost',
$email_user_v2 = 'cinderv2@localhost',
$email_user_v3 = 'cinderv3@localhost',
$public_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s',
$internal_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s',
$admin_url = 'http://127.0.0.1:8776/v1/%(tenant_id)s',
$public_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s',
$internal_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s',
$admin_url_v2 = 'http://127.0.0.1:8776/v2/%(tenant_id)s',
$public_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s',
$internal_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s',
$admin_url_v3 = 'http://127.0.0.1:8776/v3/%(tenant_id)s',
$configure_endpoint = true,
$configure_endpoint_v2 = true,
$configure_endpoint_v3 = true,
$configure_user = true,
@ -212,23 +210,41 @@ class cinder::keystone::auth (
$configure_user_role = true,
$configure_user_role_v2 = false,
$configure_user_role_v3 = false,
$service_name = 'cinder',
$service_name_v2 = 'cinderv2',
$service_name_v3 = 'cinderv3',
$service_type = 'volume',
$service_type_v2 = 'volumev2',
$service_type_v3 = 'volumev3',
$service_description = 'Cinder Service',
$service_description_v2 = 'Cinder Service v2',
$service_description_v3 = 'Cinder Service v3',
$region = 'RegionOne',
# DEPRECATED PARAMETERS
$configure_endpoint = undef,
$public_url = undef,
$internal_url = undef,
$admin_url = undef,
$service_name = undef,
$service_type = undef,
$service_description = undef,
) {
include ::cinder::deps
if $configure_endpoint {
Keystone_endpoint["${region}/${service_name}::${service_type}"] -> Anchor['cinder::service::end']
$deprecated_param_names = [
'configure_endpoint',
'public_url',
'internal_url',
'admin_url',
'service_name',
'service_type',
'service_description',
]
$deprecated_param_names.each |$param_name| {
$param = getvar($param_name)
if $param != undef{
warning("The ${param_name} parameter is deprecated, has no effect and will be removed in the future release.")
}
}
if $configure_endpoint_v2 {
Keystone_endpoint["${region}/${service_name_v2}::${service_type_v2}"] -> Anchor['cinder::service::end']
}
@ -236,21 +252,18 @@ class cinder::keystone::auth (
Keystone_endpoint["${region}/${service_name_v3}::${service_type_v3}"] -> Anchor['cinder::service::end']
}
# Always configure the original (non-v2|v3) user and user roles, as these
# can be used by the v2 and v3 services.
keystone::resource::service_identity { 'cinder':
configure_user => $configure_user,
configure_user_role => $configure_user_role,
configure_endpoint => $configure_endpoint,
service_type => $service_type,
service_description => $service_description,
service_name => $service_name,
configure_endpoint => false,
configure_service => false,
region => $region,
auth_name => $auth_name,
password => $password,
email => $email,
tenant => $tenant,
public_url => $public_url,
admin_url => $admin_url,
internal_url => $internal_url,
}
keystone::resource::service_identity { 'cinderv2':

19
releasenotes/notes/remove-api-v1-2987e0317436bc69.yaml Normal file
View File

@ -0,0 +1,19 @@
---
upgrade:
- |
Keystone catalog entries for Cinder's v1 API are no longer created,
but existing entries will not be automatically deleted.
deprecations:
- |
The following parameters associated with the v1 API are deprecated.
* configure_endpoint
* public_url
* internal_url
* admin_url
* service_name
* service_type
* service_description
fixes:
- |
The keystone service and endpoint for Cinder's API v1 are no longer
created. Cinder removed support for its v1 API in Queens.

35
spec/classes/cinder_keystone_auth_spec.rb
View File

@ -20,11 +20,6 @@ describe 'cinder::keystone::auth' do
:roles => ['admin']
)}
it { should contain_keystone_service('cinder::volume').with(
:ensure => 'present',
:description => 'Cinder Service'
)}
it { should contain_keystone_service('cinderv2::volumev2').with(
:ensure => 'present',
:description => 'Cinder Service v2'
@ -35,13 +30,6 @@ describe 'cinder::keystone::auth' do
:description => 'Cinder Service v3'
)}
it { should contain_keystone_endpoint('RegionOne/cinder::volume').with(
:ensure => 'present',
:public_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s',
:admin_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s',
:internal_url => 'http://127.0.0.1:8776/v1/%(tenant_id)s'
)}
it { should contain_keystone_endpoint('RegionOne/cinderv2::volumev2').with(
:ensure => 'present',
:public_url => 'http://127.0.0.1:8776/v2/%(tenant_id)s',
@ -61,9 +49,6 @@ describe 'cinder::keystone::auth' do
before do
params.merge!({
:region => 'RegionThree',
:public_url => 'https://10.0.42.1:4242/v41/%(tenant_id)s',
:admin_url => 'https://10.0.42.2:4242/v41/%(tenant_id)s',
:internal_url => 'https://10.0.42.3:4242/v41/%(tenant_id)s',
:public_url_v2 => 'https://10.0.42.1:4242/v42/%(tenant_id)s',
:admin_url_v2 => 'https://10.0.42.2:4242/v42/%(tenant_id)s',
:internal_url_v2 => 'https://10.0.42.3:4242/v42/%(tenant_id)s',
@ -73,13 +58,6 @@ describe 'cinder::keystone::auth' do
})
end
it { should contain_keystone_endpoint('RegionThree/cinder::volume').with(
:ensure => 'present',
:public_url => 'https://10.0.42.1:4242/v41/%(tenant_id)s',
:admin_url => 'https://10.0.42.2:4242/v41/%(tenant_id)s',
:internal_url => 'https://10.0.42.3:4242/v41/%(tenant_id)s'
)}
it { should contain_keystone_endpoint('RegionThree/cinderv2::volumev2').with(
:ensure => 'present',
:public_url => 'https://10.0.42.1:4242/v42/%(tenant_id)s',
@ -98,13 +76,11 @@ describe 'cinder::keystone::auth' do
context 'when endpoint should not be configured' do
before do
params.merge!(
:configure_endpoint => false,
:configure_endpoint_v2 => false,
:configure_endpoint_v3 => false
)
end
it { should_not contain_keystone_endpoint('RegionOne/cinder::volume') }
it { should_not contain_keystone_endpoint('RegionOne/cinderv2::volumev2') }
it { should_not contain_keystone_endpoint('RegionOne/cinderv3::volumev3') }
end
@ -119,9 +95,9 @@ describe 'cinder::keystone::auth' do
it { should_not contain_keystone_user('cinder') }
it { should contain_keystone_user_role('cinder@services') }
it { should contain_keystone_service('cinder::volume').with(
it { should contain_keystone_service('cinderv3::volumev3').with(
:ensure => 'present',
:description => 'Cinder Service'
:description => 'Cinder Service v3'
)}
end
@ -136,9 +112,9 @@ describe 'cinder::keystone::auth' do
it { should_not contain_keystone_user('cinder') }
it { should_not contain_keystone_user_role('cinder@services') }
it { should contain_keystone_service('cinder::volume').with(
it { should contain_keystone_service('cinderv3::volumev3').with(
:ensure => 'present',
:description => 'Cinder Service'
:description => 'Cinder Service v3'
)}
end
@ -177,7 +153,6 @@ describe 'cinder::keystone::auth' do
context 'when overriding service names' do
before do
params.merge!(
:service_name => 'cinder_service',
:service_name_v2 => 'cinder_service_v2',
:service_name_v3 => 'cinder_service_v3',
)
@ -185,10 +160,8 @@ describe 'cinder::keystone::auth' do
it { should contain_keystone_user('cinder') }
it { should contain_keystone_user_role('cinder@services') }
it { should contain_keystone_service('cinder_service::volume') }
it { should contain_keystone_service('cinder_service_v2::volumev2') }
it { should contain_keystone_service('cinder_service_v3::volumev3') }
it { should contain_keystone_endpoint('RegionOne/cinder_service::volume') }
it { should contain_keystone_endpoint('RegionOne/cinder_service_v2::volumev2') }
it { should contain_keystone_endpoint('RegionOne/cinder_service_v3::volumev3') }
end