Puppet Class: profile::openstack::base::envscripts
- Defined in:
- modules/profile/manifests/openstack/base/envscripts.pp
Overview
SPDX-License-Identifier: Apache-2.0
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
# File 'modules/profile/manifests/openstack/base/envscripts.pp', line 2
class profile::openstack::base::envscripts(
$ldap_user_pass = lookup('profile::openstack::base::ldap_user_pass'),
Stdlib::Fqdn $keystone_api_fqdn = lookup('profile::openstack::base::keystone_api_fqdn'),
$region = lookup('profile::openstack::base::region'),
$nova_db_pass = lookup('profile::openstack::base::nova::db_pass'),
$wmflabsdotorg_admin = lookup('profile::openstack::base::designate::wmflabsdotorg_admin'),
$wmflabsdotorg_pass = lookup('profile::openstack::base::designate::wmflabsdotorg_pass'),
$wmflabsdotorg_project = lookup('profile::openstack::base::designate::wmflabsdotorg_project'),
$osstackcanary_pass = lookup('profile::openstack::base::nova::fullstack_pass'),
) {
$root_clouds_file = '/root/.config/openstack/clouds.yaml'
# Specify the novaadmin user in the 'admin' project. This gets us
# a project-scoped token
openstack::util::envscript { 'novaadmin':
region => $region,
keystone_api_fqdn => $keystone_api_fqdn,
keystone_api_port => 25357,
keystone_api_interface => 'admin',
os_user => 'novaadmin',
os_password => $ldap_user_pass,
os_project => 'admin',
os_db_password => $nova_db_pass,
scriptpath => '/root/novaenv.sh',
yaml_mode => '0440',
clouds_files => [$root_clouds_file],
os_project_domain_id => 'default',
os_user_domain_id => 'default',
}
# system-scoped token:
openstack::util::envscript { 'ossystemadmin':
region => $region,
keystone_api_fqdn => $keystone_api_fqdn,
keystone_api_port => 25357,
keystone_api_interface => 'admin',
os_user => 'novaadmin',
os_password => $ldap_user_pass,
os_db_password => $nova_db_pass,
scriptpath => '/root/ossystemenv.sh',
yaml_mode => '0440',
clouds_files => [$root_clouds_file],
os_project_domain_id => 'default',
os_user_domain_id => 'default',
os_system_scope => 'all',
}
openstack::util::envscript { 'wmflabsorg-domainadminenv':
region => $region,
keystone_api_fqdn => $keystone_api_fqdn,
keystone_api_port => 25357,
keystone_api_interface => 'admin',
os_user => $wmflabsdotorg_admin,
os_password => $wmflabsdotorg_project,
os_project => $wmflabsdotorg_project,
scriptpath => '/root/wmflabsorg-domainadminenv.sh',
yaml_mode => '0440',
clouds_files => [$root_clouds_file],
os_project_domain_id => 'default',
os_user_domain_id => 'default',
}
# Creds for a mortal user with membership only in select projects.
# Will be used for policy tests.
openstack::util::envscript { 'oss-canary':
region => $region,
keystone_api_fqdn => $keystone_api_fqdn,
keystone_api_port => 25000,
os_password => $osstackcanary_pass,
keystone_api_interface => 'public',
os_user => 'osstackcanary',
os_project => 'admin-monitoring',
scriptpath => '/usr/local/bin/osscanaryenv.sh',
yaml_mode => '0440',
clouds_files => [$root_clouds_file],
os_project_domain_id => 'default',
os_user_domain_id => 'default',
}
}
|