1 # == Class: nova::keystone::auth
3 # Creates nova endpoints and service account in keystone
8 # Password to create for the service user
11 # (optional) The name of the nova service user
15 # (optional) The name of the nova v3 service user
16 # Defaults to 'novav3'
19 # (optional) Name of the service.
20 # Defaults to the value of auth_name.
23 # (optional) Name of the v3 service.
24 # Defaults to the value of auth_name_v3.
27 # (optional) The public nova-api endpoint
28 # Defaults to '127.0.0.1'
31 # (optional) The admin nova-api endpoint
32 # Defaults to '127.0.0.1'
34 # [*internal_address*]
35 # (optional) The internal nova-api endpoint
36 # Defaults to '127.0.0.1'
39 # (optional) The port to use for the compute endpoint
43 # (optional) The port to use for the ec2 endpoint
47 # (optional) The version of the compute api to put in the endpoint
51 # (optional) The region in which to place the endpoints
52 # Defaults to 'RegionOne'
55 # (optional) The tenant to use for the nova service user
56 # Defaults to 'services'
59 # (optional) The email address for the nova service user
60 # Defaults to 'nova@localhost'
62 # [*configure_ec2_endpoint*]
63 # (optional) Whether to create an ec2 endpoint
66 # [*configure_endpoint*]
67 # (optional) Whether to create the endpoint.
70 # [*configure_endpoint_v3*]
71 # (optional) Whether to create the v3 endpoint.
75 # (optional) Whether to create the service user.
78 # [*configure_user_role*]
79 # (optional) Whether to configure the admin role for the service user.
83 # (optional) Deprecated and has no effect
87 # (optional) Protocol to use for the public endpoint. Can be http or https.
91 # Protocol for admin endpoints. Defaults to 'http'.
93 # [*internal_protocol*]
94 # Protocol for internal endpoints. Defaults to 'http'.
96 class nova::keystone::auth(
99 $auth_name_v3 = 'novav3',
100 $service_name = undef,
101 $service_name_v3 = undef,
102 $public_address = '127.0.0.1',
103 $admin_address = '127.0.0.1',
104 $internal_address = '127.0.0.1',
105 $compute_port = '8774',
107 $compute_version = 'v2',
108 $region = 'RegionOne',
109 $tenant = 'services',
110 $email = 'nova@localhost',
111 $configure_ec2_endpoint = true,
113 $public_protocol = 'http',
114 $configure_endpoint = true,
115 $configure_endpoint_v3 = true,
116 $configure_user = true,
117 $configure_user_role = true,
118 $admin_protocol = 'http',
119 $internal_protocol = 'http'
122 if $cinder != undef {
123 warning('The cinder parameter is deprecated and has no effect.')
126 if $service_name == undef {
127 $real_service_name = $auth_name
129 $real_service_name = $service_name
132 if $service_name_v3 == undef {
133 $real_service_name_v3 = $auth_name_v3
135 $real_service_name_v3 = $service_name_v3
138 Keystone_endpoint["${region}/${real_service_name}"] ~> Service <| name == 'nova-api' |>
141 keystone_user { $auth_name:
143 password => $password,
149 if $configure_user_role {
150 keystone_user_role { "${auth_name}@${tenant}":
156 keystone_service { $real_service_name:
159 description => 'Openstack Compute Service',
162 if $configure_endpoint {
163 keystone_endpoint { "${region}/${real_service_name}":
165 public_url => "${public_protocol}://${public_address}:${compute_port}/${compute_version}/%(tenant_id)s",
166 admin_url => "${admin_protocol}://${admin_address}:${compute_port}/${compute_version}/%(tenant_id)s",
167 internal_url => "${internal_protocol}://${internal_address}:${compute_port}/${compute_version}/%(tenant_id)s",
171 if $configure_endpoint_v3 {
172 keystone_service { $real_service_name_v3:
175 description => 'Openstack Compute Service v3',
177 keystone_endpoint { "${region}/${real_service_name_v3}":
179 public_url => "${public_protocol}://${public_address}:${compute_port}/v3",
180 admin_url => "${admin_protocol}://${admin_address}:${compute_port}/v3",
181 internal_url => "${internal_protocol}://${internal_address}:${compute_port}/v3",
185 if $configure_ec2_endpoint {
186 keystone_service { "${real_service_name}_ec2":
189 description => 'EC2 Service',
191 keystone_endpoint { "${region}/${real_service_name}_ec2":
193 public_url => "${public_protocol}://${public_address}:${ec2_port}/services/Cloud",
194 admin_url => "${admin_protocol}://${admin_address}:${ec2_port}/services/Admin",
195 internal_url => "${internal_protocol}://${internal_address}:${ec2_port}/services/Cloud",