2be3e3f9d2
* Manage Puppet OpenStack CI CA and create a common certificate, auto-signed. * Configure RabbitMQ to activate SSL on scenario002 * Configure OpenStack services that run on scenario002 to connect to RabbitMQ using SSL protocol. Change-Id: Ic435078472ba4e0e0eaf04a64e5bcb7aabba7b3d
99 lines
2.7 KiB
Puppet
99 lines
2.7 KiB
Puppet
# Configure the Glance service
|
|
#
|
|
# [*backend*]
|
|
# (optional) Glance backend to use.
|
|
# Can be 'file', 'swift' or 'rbd'.
|
|
# Defaults to 'file'.
|
|
#
|
|
# [*ssl*]
|
|
# (optional) Boolean to enable or not SSL.
|
|
# Defaults to false.
|
|
#
|
|
class openstack_integration::glance (
|
|
$backend = 'file',
|
|
$ssl = false,
|
|
) {
|
|
|
|
if $ssl {
|
|
$rabbit_port = '5671'
|
|
} else {
|
|
$rabbit_port = '5672'
|
|
}
|
|
|
|
rabbitmq_user { 'glance':
|
|
admin => true,
|
|
password => 'an_even_bigger_secret',
|
|
provider => 'rabbitmqctl',
|
|
require => Class['::rabbitmq'],
|
|
}
|
|
rabbitmq_user_permissions { 'glance@/':
|
|
configure_permission => '.*',
|
|
write_permission => '.*',
|
|
read_permission => '.*',
|
|
provider => 'rabbitmqctl',
|
|
require => Class['::rabbitmq'],
|
|
}
|
|
|
|
class { '::glance::db::mysql':
|
|
password => 'glance',
|
|
}
|
|
include ::glance
|
|
include ::glance::client
|
|
class { '::glance::keystone::auth':
|
|
password => 'a_big_secret',
|
|
}
|
|
case $backend {
|
|
'file': {
|
|
include ::glance::backend::file
|
|
$backend_store = ['file']
|
|
}
|
|
'rbd': {
|
|
class { '::glance::backend::rbd':
|
|
rbd_store_user => 'openstack',
|
|
rbd_store_pool => 'glance',
|
|
}
|
|
$backend_store = ['rbd']
|
|
# make sure ceph pool exists before running Glance API
|
|
Exec['create-glance'] -> Service['glance-api']
|
|
}
|
|
'swift': {
|
|
Service<| tag == 'swift-service' |> -> Service['glance-api']
|
|
$backend_store = ['swift']
|
|
class { '::glance::backend::swift':
|
|
swift_store_user => 'services:glance',
|
|
swift_store_key => 'a_big_secret',
|
|
swift_store_create_container_on_put => 'True',
|
|
}
|
|
}
|
|
default: {
|
|
fail("Unsupported backend (${backend})")
|
|
}
|
|
}
|
|
$http_store = ['http']
|
|
$glance_stores = concat($http_store, $backend_store)
|
|
class { '::glance::api':
|
|
debug => true,
|
|
verbose => true,
|
|
database_connection => 'mysql+pymysql://glance:glance@127.0.0.1/glance?charset=utf8',
|
|
keystone_password => 'a_big_secret',
|
|
workers => 2,
|
|
known_stores => $glance_stores,
|
|
}
|
|
class { '::glance::registry':
|
|
debug => true,
|
|
verbose => true,
|
|
database_connection => 'mysql+pymysql://glance:glance@127.0.0.1/glance?charset=utf8',
|
|
keystone_password => 'a_big_secret',
|
|
workers => 2,
|
|
}
|
|
class { '::glance::notify::rabbitmq':
|
|
rabbit_userid => 'glance',
|
|
rabbit_password => 'an_even_bigger_secret',
|
|
rabbit_host => '127.0.0.1',
|
|
rabbit_port => $rabbit_port,
|
|
notification_driver => 'messagingv2',
|
|
rabbit_use_ssl => $ssl,
|
|
}
|
|
|
|
}
|