Puppet Class: st2::auth::keystone

Inherits:
st2
Defined in:
manifests/auth/keystone.pp

Summary

Auth class to configure and setup Keystone Based Authentication

Overview

For information on parameters see the backend documentation

Examples:

Instantiate via st2

class { 'st2':
  auth_backend        => 'keystone',
  auth_backend_config => {
    keystone_url     => 'http://keystone.domain.tld:5000',
    keystone_version => '3',
  },
}

Instantiate via Hiera

st2::auth_backend: "keystone"
st2::auth_backend_config:
  keystone_url: "http://keystone.domain.tld:5000"
  keystone_version: "3"

Parameters:

  • conf_file (Any) (defaults to: $st2::conf_file)

    The path where st2 config is stored

  • keystone_url (Any) (defaults to: 'http://127.0.0.1:5000')

    Keystone URL to connect to (default: ‘127.0.0.1’)

  • keystone_version (Any) (defaults to: '2')

    Keystone API version (default: ‘2’)



28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
 
# File 'manifests/auth/keystone.pp', line 28

class st2::auth::keystone (
  $conf_file        = $st2::conf_file,
  $keystone_url     = 'http://127.0.0.1:5000',
  $keystone_version = '2',
) inherits st2 {
  include st2::auth::common

  # config
  ini_setting { 'auth_backend':
    ensure  => present,
    path    => $conf_file,
    section => 'auth',
    setting => 'backend',
    value   => 'keystone',
    tag     => 'st2::config',
  }
  ini_setting { 'auth_backend_kwargs':
    ensure  => present,
    path    => $conf_file,
    section => 'auth',
    setting => 'backend_kwargs',
    value   => "{\"keystone_url\": \"${keystone_url}\", \
      \"keystone_version\": \"${keystone_version}\"}",
    tag     => 'st2::config',
  }

  # install the backend package
  python::pip { 'st2-auth-backend-keystone':
    ensure     => present,
    pkgname    => 'st2-auth-backend-keystone',
    url        => 'git+https://github.com/StackStorm/st2-auth-backend-keystone.git@master#egg=st2_auth_backend_keystone',
    owner      => 'root',
    virtualenv => '/opt/stackstorm/st2',
    timeout    => 1800,
  }

  ##############
  # Dependencies
  Package<| tag == 'st2::server::packages' |>
  -> Python::Pip['st2-auth-backend-keystone']
  ~> Service['st2auth']
}