Puppet Class: ceilometer::keystone::auth

Defined in:
manifests/keystone/auth.pp

Overview

Class: ceilometer::keystone::auth

Configures Ceilometer user, service and endpoint in Keystone.

Parameters

password

Password for Ceilometer user. Required.

email

Email for Ceilometer user. Optional. Defaults to ‘ceilometer@localhost’.

auth_name

Username for Ceilometer service. Optional. Defaults to ‘ceilometer’.

configure_endpoint

Should Ceilometer endpoint be configured? Optional. Defaults to ‘true’.

configure_user

Should Ceilometer service user be configured? Optional. Defaults to ‘true’.

configure_user_role

Should roles be configured on Ceilometer service user? Optional. Defaults to ‘true’.

service_name

Name of the service. Optional. Defaults to value of auth_name.

service_type

Type of service. Optional. Defaults to ‘metering’.

public_address

Public address for endpoint. Optional. Defaults to ‘127.0.0.1’.

admin_address

Admin address for endpoint. Optional. Defaults to ‘127.0.0.1’.

internal_address

Internal address for endpoint. Optional. Defaults to ‘127.0.0.1’.

port

Default port for enpoints. Optional. Defaults to ‘8777’.

region

Region for endpoint. Optional. Defaults to ‘RegionOne’.

tenant

Tenant for Ceilometer user. Optional. Defaults to ‘services’.

public_protocol

Protocol for public endpoint. Optional. Defaults to ‘http’.

admin_protocol

Protocol for admin endpoint. Optional. Defaults to ‘http’.

internal_protocol

Protocol for public endpoint. Optional. Defaults to ‘http’.

public_url

The endpoint’s public url. Optional. Defaults to $public_protocol://$public_address:$port This url should not contain any API version and should have no trailing ‘/’ Setting this variable overrides other $public_* parameters.

admin_url

The endpoint’s admin url. Optional. Defaults to $admin_protocol://$admin_address:$port This url should not contain any API version and should have no trailing ‘/’ Setting this variable overrides other $admin_* parameters.

internal_url

The endpoint’s internal url. Optional. Defaults to $internal_protocol://$internal_address:$port This url should not contain any API version and should have no trailing ‘/’ Setting this variable overrides other $internal_* parameters.

Parameters:

  • password (Any) (defaults to: false)
  • email (Any) (defaults to: 'ceilometer@localhost')
  • auth_name (Any) (defaults to: 'ceilometer')
  • configure_user (Any) (defaults to: true)
  • configure_user_role (Any) (defaults to: true)
  • service_name (Any) (defaults to: undef)
  • service_type (Any) (defaults to: 'metering')
  • public_address (Any) (defaults to: '127.0.0.1')
  • admin_address (Any) (defaults to: '127.0.0.1')
  • internal_address (Any) (defaults to: '127.0.0.1')
  • port (Any) (defaults to: '8777')
  • region (Any) (defaults to: 'RegionOne')
  • tenant (Any) (defaults to: 'services')
  • public_protocol (Any) (defaults to: 'http')
  • admin_protocol (Any) (defaults to: 'http')
  • internal_protocol (Any) (defaults to: 'http')
  • configure_endpoint (Any) (defaults to: true)
  • public_url (Any) (defaults to: undef)
  • admin_url (Any) (defaults to: undef)
  • internal_url (Any) (defaults to: undef) 


79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
 
# File 'manifests/keystone/auth.pp', line 79

class ceilometer::keystone::auth (
  $password             = false,
  $email                = 'ceilometer@localhost',
  $auth_name            = 'ceilometer',
  $configure_user       = true,
  $configure_user_role  = true,
  $service_name         = undef,
  $service_type         = 'metering',
  $public_address       = '127.0.0.1',
  $admin_address        = '127.0.0.1',
  $internal_address     = '127.0.0.1',
  $port                 = '8777',
  $region               = 'RegionOne',
  $tenant               = 'services',
  $public_protocol      = 'http',
  $admin_protocol       = 'http',
  $internal_protocol    = 'http',
  $configure_endpoint   = true,
  $public_url           = undef,
  $admin_url            = undef,
  $internal_url         = undef,
) {

  validate_string($password)

  if $public_url {
    $public_url_real = $public_url
  } else {
    $public_url_real = "${public_protocol}://${public_address}:${port}"
  }

  if $admin_url {
    $admin_url_real = $admin_url
  } else {
    $admin_url_real = "${admin_protocol}://${admin_address}:${port}"
  }

  if $internal_url {
    $internal_url_real = $internal_url
  } else {
    $internal_url_real = "${internal_protocol}://${internal_address}:${port}"
  }

  if $service_name {
    $real_service_name = $service_name
  } else {
    $real_service_name = $auth_name
  }

  if $configure_user {
    keystone_user { $auth_name:
      ensure   => present,
      password => $password,
      email    => $email,
      tenant   => $tenant,
    }
  }

  if $configure_user_role {
    Keystone_user_role["${auth_name}@${tenant}"] ~>
      Service <| name == 'ceilometer-api' |>

    if !defined(Keystone_role['ResellerAdmin']) {
      keystone_role { 'ResellerAdmin':
        ensure => present,
      }
    }
    keystone_user_role { "${auth_name}@${tenant}":
      ensure  => present,
      roles   => ['admin', 'ResellerAdmin'],
      require => Keystone_role['ResellerAdmin'],
    }
  }

  keystone_service { $real_service_name:
    ensure      => present,
    type        => $service_type,
    description => 'Openstack Metering Service',
  }
  if $configure_endpoint {
    keystone_endpoint { "${region}/${real_service_name}":
      ensure       => present,
      public_url   => $public_url_real,
      admin_url    => $admin_url_real,
      internal_url => $internal_url_real,
    }
  }
}