1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
# File 'modules/openstack/manifests/nova/libvirt/secret.pp', line 1
define openstack::nova::libvirt::secret (
String[1] $keydata,
String[1] $client_name,
String[1] $libvirt_uuid,
Stdlib::Unixpath $data_dir = '/etc/libvirt',
) {
ensure_packages(['libvirt-clients'])
$xmlfile = "${data_dir}/libvirt-secret-${client_name}.xml"
file { $xmlfile:
ensure => present,
mode => '0400',
owner => 'root',
group => 'root',
content => epp(
'openstack/nova/libvirt-secret.xml.epp',
{ 'uuid' => $libvirt_uuid, 'ceph_client_name' => $client_name },
),
show_diff => false,
require => Package['libvirt-clients'],
}
$check_secret_exec_name = "check-virsh-secret-for-${client_name}"
exec { $check_secret_exec_name:
command => "/usr/bin/virsh secret-define --file ${xmlfile}",
unless => "/usr/bin/virsh secret-list | grep -q ${libvirt_uuid}",
logoutput => false,
require => File[$xmlfile],
}
$set_secret_exec_name = "set-virsh-secret-for-${client_name}"
exec { $set_secret_exec_name:
command => "/usr/bin/virsh secret-set-value --secret ${libvirt_uuid} --base64 ${keydata}",
unless => "/usr/bin/virsh secret-get-value --secret ${libvirt_uuid} | grep -q ${keydata}",
logoutput => false,
require => Exec[$check_secret_exec_name],
}
}
|