--- /dev/null
+# == Class: cinder::keystone::auth
+#
+# Configures Cinder user, service and endpoint in Keystone.
+#
+# === Parameters
+#
+# [*password*]
+# Password for Cinder user. Required.
+#
+# [*email*]
+# Email for Cinder user. Optional. Defaults to 'cinder@localhost'.
+#
+# [*auth_name*]
+# Username for Cinder service. Optional. Defaults to 'cinder'.
+#
+# [*auth_name_v2*]
+# Username for Cinder v2 service. Optional. Defaults to 'cinder2'.
+#
+# [*configure_endpoint*]
+# Should Cinder endpoint be configured? Optional. Defaults to 'true'.
+# API v1 endpoint should be enabled in Icehouse for compatibility with Nova.
+#
+# [*configure_endpoint_v2*]
+# Should Cinder v2 endpoint be configured? Optional. Defaults to 'true'.
+#
+# [*configure_user*]
+# Should the service user be configured? Optional. Defaults to 'true'.
+#
+# [*configure_user_role*]
+# Should the admin role be configured for the service user?
+# Optional. Defaults to 'true'.
+#
+# [*service_type*]
+# Type of service. Optional. Defaults to 'volume'.
+#
+# [*service_type_v2*]
+# Type of API v2 service. Optional. Defaults to 'volume2'.
+#
+# [*public_address*]
+# Public address for endpoint. Optional. Defaults to '127.0.0.1'.
+#
+# [*admin_address*]
+# Admin address for endpoint. Optional. Defaults to '127.0.0.1'.
+#
+# [*internal_address*]
+# Internal address for endpoint. Optional. Defaults to '127.0.0.1'.
+#
+# [*port*]
+# Port for endpoint. Optional. Defaults to '8776'.
+#
+# [*volume_version*]
+# Cinder API version. Optional. Defaults to 'v1'.
+#
+# [*region*]
+# Region for endpoint. Optional. Defaults to 'RegionOne'.
+#
+# [*tenant*]
+# Tenant for Cinder user. Optional. Defaults to 'services'.
+#
+# [*public_protocol*]
+# Protocol for public endpoint. Optional. Defaults to 'http'.
+#
+# [*internal_protocol*]
+# Protocol for internal endpoint. Optional. Defaults to 'http'.
+#
+# [*admin_protocol*]
+# Protocol for admin endpoint. Optional. Defaults to 'http'.
+#
+class cinder::keystone::auth (
+ $password,
+ $auth_name = 'cinder',
+ $auth_name_v2 = 'cinderv2',
+ $email = 'cinder@localhost',
+ $tenant = 'services',
+ $configure_endpoint = true,
+ $configure_endpoint_v2 = true,
+ $configure_user = true,
+ $configure_user_role = true,
+ $service_type = 'volume',
+ $service_type_v2 = 'volumev2',
+ $public_address = '127.0.0.1',
+ $admin_address = '127.0.0.1',
+ $internal_address = '127.0.0.1',
+ $port = '8776',
+ $volume_version = 'v1',
+ $region = 'RegionOne',
+ $public_protocol = 'http',
+ $admin_protocol = 'http',
+ $internal_protocol = 'http'
+) {
+
+ if $configure_user {
+ keystone_user { $auth_name:
+ ensure => present,
+ password => $password,
+ email => $email,
+ tenant => $tenant,
+ }
+ }
+
+ if $configure_user_role {
+ Keystone_user_role["${auth_name}@${tenant}"] ~> Service <| name == 'cinder-api' |>
+
+ keystone_user_role { "${auth_name}@${tenant}":
+ ensure => present,
+ roles => 'admin',
+ }
+ }
+
+ keystone_service { $auth_name:
+ ensure => present,
+ type => $service_type,
+ description => 'Cinder Service',
+ }
+ keystone_service { $auth_name_v2:
+ ensure => present,
+ type => $service_type_v2,
+ description => 'Cinder Service v2',
+ }
+
+ if $configure_endpoint {
+ keystone_endpoint { "${region}/${auth_name}":
+ ensure => present,
+ public_url => "${public_protocol}://${public_address}:${port}/${volume_version}/%(tenant_id)s",
+ admin_url => "${admin_protocol}://${admin_address}:${port}/${volume_version}/%(tenant_id)s",
+ internal_url => "${internal_protocol}://${internal_address}:${port}/${volume_version}/%(tenant_id)s",
+ }
+ }
+ if $configure_endpoint_v2 {
+ keystone_endpoint { "${region}/${auth_name_v2}":
+ ensure => present,
+ public_url => "${public_protocol}://${public_address}:${port}/v2/%(tenant_id)s",
+ admin_url => "${admin_protocol}://${admin_address}:${port}/v2/%(tenant_id)s",
+ internal_url => "${internal_protocol}://${internal_address}:${port}/v2/%(tenant_id)s",
+ }
+ }
+}
projects / dsa-puppet.git / blobdiff