Puppet Class: profile::openstack::base::envscripts

Defined in:
modules/profile/manifests/openstack/base/envscripts.pp

Overview

SPDX-License-Identifier: Apache-2.0

Parameters:

  • ldap_user_pass (Any) (defaults to: lookup('profile::openstack::base::ldap_user_pass'))
  • keystone_api_fqdn (Stdlib::Fqdn) (defaults to: lookup('profile::openstack::base::keystone_api_fqdn'))
  • region (Any) (defaults to: lookup('profile::openstack::base::region'))
  • nova_db_pass (Any) (defaults to: lookup('profile::openstack::base::nova::db_pass'))
  • wmflabsdotorg_admin (Any) (defaults to: lookup('profile::openstack::base::designate::wmflabsdotorg_admin'))
  • wmflabsdotorg_pass (Any) (defaults to: lookup('profile::openstack::base::designate::wmflabsdotorg_pass'))
  • wmflabsdotorg_project (Any) (defaults to: lookup('profile::openstack::base::designate::wmflabsdotorg_project'))
  • osstackcanary_pass (Any) (defaults to: lookup('profile::openstack::base::nova::fullstack_pass'))


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# File 'modules/profile/manifests/openstack/base/envscripts.pp', line 2

class profile::openstack::base::envscripts(
    $ldap_user_pass = lookup('profile::openstack::base::ldap_user_pass'),
    Stdlib::Fqdn $keystone_api_fqdn = lookup('profile::openstack::base::keystone_api_fqdn'),
    $region = lookup('profile::openstack::base::region'),
    $nova_db_pass = lookup('profile::openstack::base::nova::db_pass'),
    $wmflabsdotorg_admin = lookup('profile::openstack::base::designate::wmflabsdotorg_admin'),
    $wmflabsdotorg_pass = lookup('profile::openstack::base::designate::wmflabsdotorg_pass'),
    $wmflabsdotorg_project = lookup('profile::openstack::base::designate::wmflabsdotorg_project'),
    $osstackcanary_pass = lookup('profile::openstack::base::nova::fullstack_pass'),
) {
    $root_clouds_file = '/root/.config/openstack/clouds.yaml'

    # Specify the novaadmin user in the 'admin' project. This gets us
    #  a project-scoped token
    openstack::util::envscript { 'novaadmin':
        region                 => $region,
        keystone_api_fqdn      => $keystone_api_fqdn,
        keystone_api_port      => 25357,
        keystone_api_interface => 'admin',
        os_user                => 'novaadmin',
        os_password            => $ldap_user_pass,
        os_project             => 'admin',
        os_db_password         => $nova_db_pass,
        scriptpath             => '/root/novaenv.sh',
        yaml_mode              => '0440',
        clouds_files           => [$root_clouds_file],
        os_project_domain_id   => 'default',
        os_user_domain_id      => 'default',
    }

    #  system-scoped token:
    openstack::util::envscript { 'ossystemadmin':
        region                 => $region,
        keystone_api_fqdn      => $keystone_api_fqdn,
        keystone_api_port      => 25357,
        keystone_api_interface => 'admin',
        os_user                => 'novaadmin',
        os_password            => $ldap_user_pass,
        os_db_password         => $nova_db_pass,
        scriptpath             => '/root/ossystemenv.sh',
        yaml_mode              => '0440',
        clouds_files           => [$root_clouds_file],
        os_project_domain_id   => 'default',
        os_user_domain_id      => 'default',
        os_system_scope        => 'all',
    }

    openstack::util::envscript { 'wmflabsorg-domainadminenv':
        region                 => $region,
        keystone_api_fqdn      => $keystone_api_fqdn,
        keystone_api_port      => 25357,
        keystone_api_interface => 'admin',
        os_user                => $wmflabsdotorg_admin,
        os_password            => $wmflabsdotorg_project,
        os_project             => $wmflabsdotorg_project,
        scriptpath             => '/root/wmflabsorg-domainadminenv.sh',
        yaml_mode              => '0440',
        clouds_files           => [$root_clouds_file],
        os_project_domain_id   => 'default',
        os_user_domain_id      => 'default',
    }

    # Creds for a mortal user with membership only in select projects.
    # Will be used for policy tests.
    openstack::util::envscript { 'oss-canary':
        region                 => $region,
        keystone_api_fqdn      => $keystone_api_fqdn,
        keystone_api_port      => 25000,
        os_password            => $osstackcanary_pass,
        keystone_api_interface => 'public',
        os_user                => 'osstackcanary',
        os_project             => 'admin-monitoring',
        scriptpath             => '/usr/local/bin/osscanaryenv.sh',
        yaml_mode              => '0440',
        clouds_files           => [$root_clouds_file],
        os_project_domain_id   => 'default',
        os_user_domain_id      => 'default',
    }
}