1 # == Class keystone::service
3 # Encapsulates the keystone service to a class.
4 # This allows resources that require keystone to
5 # require this class, which can optionally
6 # validate that the service can actually accept
12 # (optional) The desired state of the keystone service
13 # Defaults to 'running'
16 # (optional) The name of the keystone service
17 # Defaults to $::keystone::params::service_name
20 # (optional) Whether to enable the keystone service
24 # (optional) Whether the keystone service has status
28 # (optional) Whether the keystone service has restart
32 # (optional) Provider for keystone service
33 # Defaults to $::keystone::params::service_provider
36 # (optional) Whether to validate the service is working
37 # after any service refreshes
41 # (optional) The admin token to use for validation
45 # (optional) The admin endpont to use for validation
46 # Defaults to 'http://localhost:35357/v2.0'
49 # (optional) Number of times to retry validation
53 # (optional) Number of seconds between validation attempts
57 # (optional) Whether to validate keystone connections
58 # using the --insecure option with keystone client.
62 # (optional) Whether to validate keystone connections
63 # using the specified argument with the --os-cacert option
64 # with keystone client.
67 class keystone::service(
69 $service_name = $::keystone::params::service_name,
73 $provider = $::keystone::params::service_provider,
76 $admin_endpoint = 'http://localhost:35357/v2.0',
82 include keystone::params
86 name => $service_name,
88 hasstatus => $hasstatus,
89 hasrestart => $hasrestart,
94 $insecure_s = '--insecure'
100 $cacert_s = "--os-cacert ${cacert}"
105 if $validate and $admin_token and $admin_endpoint {
106 $cmd = "keystone --os-endpoint ${admin_endpoint} --os-token ${admin_token} ${insecure_s} ${cacert_s} user-list"
108 exec { 'validate_keystone_connection':
109 path => '/usr/bin:/bin:/usr/sbin:/sbin',
112 subscribe => Service['keystone'],
118 Exec['validate_keystone_connection'] -> Keystone_user<||>
119 Exec['validate_keystone_connection'] -> Keystone_role<||>
120 Exec['validate_keystone_connection'] -> Keystone_tenant<||>
121 Exec['validate_keystone_connection'] -> Keystone_service<||>
122 Exec['validate_keystone_connection'] -> Keystone_endpoint<||>