1 # == Class keystone::service
3 # Encapsulates the keystone service to a class.
4 # This allows resources that require keystone to
5 # require this class, which can optionally
6 # validate that the service can actually accept
12 # (optional) The desired state of the keystone service
16 # (optional) The name of the keystone service
17 # Defaults to $::keystone::params::service_name
20 # (optional) Whether to enable the keystone service
24 # (optional) Whether the keystone service has status
28 # (optional) Whether the keystone service has restart
32 # (optional) Provider for keystone service
33 # Defaults to $::keystone::params::service_provider
36 # (optional) Whether to validate the service is working after any service refreshes
40 # (optional) The admin token to use for validation
44 # (optional) The admin endpont to use for validation
45 # Defaults to 'http://localhost:35357/v2.0'
48 # (optional) Number of times to retry validation
52 # (optional) Number of seconds between validation attempts
56 # (optional) Whether to validate keystone connections
57 # using the --insecure option with keystone client.
61 # (optional) Whether to validate keystone connections
62 # using the specified argument with the --os-cacert option
63 # with keystone client.
66 class keystone::service(
68 $service_name = $::keystone::params::service_name,
72 $provider = $::keystone::params::service_provider,
75 $admin_endpoint = 'http://localhost:35357/v2.0',
81 include ::keystone::params
85 name => $service_name,
87 hasstatus => $hasstatus,
88 hasrestart => $hasrestart,
93 $insecure_s = '--insecure'
99 $cacert_s = "--os-cacert ${cacert}"
104 if $validate and $admin_token and $admin_endpoint {
105 $cmd = "openstack --os-auth-url ${admin_endpoint} --os-token ${admin_token} ${insecure_s} ${cacert_s} user list"
107 exec { 'validate_keystone_connection':
108 path => '/usr/bin:/bin:/usr/sbin:/sbin',
111 subscribe => Service['keystone'],
117 Exec['validate_keystone_connection'] -> Keystone_user<||>
118 Exec['validate_keystone_connection'] -> Keystone_role<||>
119 Exec['validate_keystone_connection'] -> Keystone_tenant<||>
120 Exec['validate_keystone_connection'] -> Keystone_service<||>
121 Exec['validate_keystone_connection'] -> Keystone_endpoint<||>