7 1. [Overview - What is the openstacklib module?](#overview)
8 2. [Module Description - What does the module do?](#module-description)
9 3. [Setup - The basics of getting started with openstacklib](#setup)
10 4. [Implementation - An under-the-hood peek at what the module is doing](#implementation)
11 5. [Limitations - OS compatibility, etc.](#limitations)
12 6. [Development - Guide for contributing to the module](#development)
13 7. [Contributors - Those with commits](#contributors)
14 8. [Release Notes - Notes on the most recent updates to the module](#release-notes)
19 The openstacklib module is a part of [Stackforge](https://github.com/stackforge),
20 an effort by the Openstack infrastructure team to provide continuous integration
21 testing and code review for Openstack and Openstack community projects not part
22 of the core software. The module itself is used to expose common functionality
23 between Openstack modules as a library that can be utilized to avoid code
29 The openstacklib module is a library module for other Openstack modules to
30 utilize. A thorough description will be added later.
32 This module is tested in combination with other modules needed to build and
33 leverage an entire Openstack software stack. These modules can be found, all
34 pulled together in the [openstack module](https://github.com/stackforge/puppet-openstack).
39 ### Installing openstacklib
41 example% puppet module install puppetlabs/openstacklib
46 ### Classes and Defined Types
48 #### Defined type: openstacklib::db::mysql
50 The db::mysql resource is a library resource that can be used by nova, cinder,
51 ceilometer, etc., to create a mysql database with configurable privileges for
52 a user connecting from defined hosts.
54 Typically this resource will be declared with a notify parameter to configure
55 the sync command to execute when the database resource is changed.
57 For example, in heat::db::mysql you might declare:
60 ::openstacklib::db::mysql { 'heat':
61 password_hash => mysql_password($password),
67 allowed_hosts => $allowed_hosts,
68 notify => Exec['heat-dbsync'],
72 Some modules should ensure that the database is created before the service is
73 set up. For example, in keystone::db::mysql you would have:
76 ::openstacklib::db::mysql { 'keystone':
77 password_hash => mysql_password($password),
83 allowed_hosts => $allowed_hosts,
84 notify => Exec['keystone-manage db_sync'],
85 before => Service['keystone'],
89 ** Parameters for openstacklib::db::mysql: **
92 Password hash to use for the database user for this service;
96 The name of the database
97 string; optional; default to the $title of the resource, i.e. 'nova'
100 The database user to create;
101 string; optional; default to the $title of the resource, i.e. 'nova'
104 The IP address or hostname of the user in mysql_grant;
105 string; optional; default to '127.0.0.1'
108 The charset to use for the database;
109 string; optional; default to 'utf8'
112 The collate to use for the database;
113 string; optional; default to 'utf8_general_ci'
116 Additional hosts that are allowed to access this database;
117 array or string; optional; default to undef
120 Privileges given to the database user;
121 string or array of strings; optional; default to 'ALL'
124 #### Defined type: openstacklib::service_validation
126 The service_validation resource is a library resource that can be used by nova, cinder,
127 ceilometer, etc., to validate that a resource is actually up and running.
129 For example, in nova::api you might declare:
132 ::openstacklib::service_validation { 'nova-api':
133 command => 'nova list',
136 This defined resource creates an exec-anchor pair where the anchor depends upon
137 the successful exec run.
139 ** Parameters for openstacklib::service_validation: **
142 Command to run for validating the service;
146 The name of the service to validate;
147 string; optional; default to the $title of the resource, i.e. 'nova-api'
150 The path of the command to validate the service;
151 string; optional; default to '/usr/bin:/bin:/usr/sbin:/sbin'
154 The provider to use for the exec command;
155 string; optional; default to 'shell'
158 Number of times to retry validation;
159 string; optional; default to '10'
162 Number of seconds between validation attempts;
163 string; optional; default to '2'
165 ### Types and Providers
169 #####`Puppet::add_aviator_params`
171 The aviator type is not a real type, but it serves to simulate a mixin model,
172 whereby other types can call out to the Puppet::add\_aviator\_params method in
173 order to add aviator-specific parameters to themselves. Currently this adds the
174 auth parameter to the given type. The method must be called after the type is
178 require 'puppet/type/aviator'
179 Puppet::Type.newtype(:my_type) do
182 Puppet::add_aviator_params(:my_type)
185 #####`Puppet::Provider::Aviator`
187 The aviator provider is a parent provider intended to serve as a base for other
188 providers that need to authenticate against keystone in order to accomplish a
191 **`Puppet::Provider::Aviator#authenticate`**
193 Either creates an authenticated session or sets up an unauthenticated session
194 with instance variables initialized with a token to inject into the next request.
195 It takes as arguments a set of authentication parameters as a hash and a path
196 to a log file. Puppet::Provider::Aviator#authencate looks for five different
197 possible methods of authenticating, in the following order:
199 1) Username and password credentials in the auth parameters
200 2) The path to an openrc file containing credentials to read in the auth
202 3) A service token in the auth parameters
203 4) Environment variables set for the environment in which Puppet is running
204 5) A service token in /etc/keystone/keystone.conf. This option provides
205 backwards compatibility with earlier keystone providers.
207 If the provider has password credentials, it can create an authenticated
208 session. If it only has a service token, it initializes an unauthenciated
209 session and a hash of session data that can be injected into a future request.
211 **`Puppet::Provider::Aviator#make_request`**
213 After creating a session, the make\_request method provides an interface that
214 providers can use to make requests without worrying about whether they have an
215 authenticated or unauthenticated session. It takes as arguments the
216 Aviator::Service it is making a request at (for example, keystone), a symbol for
217 the request (for example, :list\_tenants), and optionally a block to execute
218 that will set parameters for an update request.
225 openstacklib is a combination of Puppet manifest and ruby code to delivery
226 configuration and extra functionality through types and providers.
231 * Limitations will be added as they are discovered.
236 Developer documentation for the entire puppet-openstack project.
238 * https://wiki.openstack.org/wiki/Puppet-openstack#Developer_documentation
243 * https://github.com/stackforge/puppet-openstacklib/graphs/contributors
248 This module has been given version 5 to track the puppet-openstack modules. The
249 versioning for the puppet-openstack modules are as follows:
252 Puppet Module :: OpenStack Version :: OpenStack Codename
253 2.0.0 -> 2013.1.0 -> Grizzly
254 3.0.0 -> 2013.2.0 -> Havana
255 4.0.0 -> 2014.1.0 -> Icehouse
256 5.0.0 -> 2014.2.0 -> Juno
264 * Update .gitreview file for project rename
265 * Adding augeas insertion check
266 * MySQL: change default MySQL collate to utf8_general_ci
267 * spec: pin rspec-puppet to 1.0.1
271 * This is the initial release of this module.