From 84e8dbb3c279d50b0ae3ca67339b7bba30a006ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Charlier?= <francois.charlier@enovance.com>
Date: Wed, 23 Jul 2014 16:59:32 +0200
Subject: [PATCH 1/2] ceph keys: ensure correct dependencies

the added dependencies ensure that the catalog will compile event if
there's no ceph::key collected by the spaceship operator.
---
 manifests/compute/hypervisor.pp | 5 ++---
 manifests/image/api.pp          | 2 +-
 manifests/volume/backend/rbd.pp | 5 ++---
 3 files changed, 5 insertions(+), 7 deletions(-)

diff --git a/manifests/compute/hypervisor.pp b/manifests/compute/hypervisor.pp
index 1253855e..65840dec 100644
--- a/manifests/compute/hypervisor.pp
+++ b/manifests/compute/hypervisor.pp
@@ -180,9 +180,6 @@ Host *
     Exec <<| tag == 'get_or_set_virsh_secret' |>>
     Exec <<| tag == 'set_secret_value_virsh' |>>
 
-    # Configure Ceph keyring
-    Ceph::Key <<| title == $cinder_rbd_user |>>
-
     # If Cinder & Nova reside on the same node, we need a group
     # where nova & cinder users have read permissions.
     ensure_resource('group', 'cephkeyring', {
@@ -195,6 +192,8 @@ Host *
       'unless'  => 'groups nova | grep cephkeyring'
     })
 
+    # Configure Ceph keyring
+    Ceph::Key <<| title == $cinder_rbd_user |>> ->
     ensure_resource('file', "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", {
       owner   => 'root',
       group   => 'cephkeyring',
diff --git a/manifests/image/api.pp b/manifests/image/api.pp
index 22e45f22..4ea20c3c 100644
--- a/manifests/image/api.pp
+++ b/manifests/image/api.pp
@@ -157,7 +157,7 @@ class cloud::image::api(
       rbd_store_pool => $glance_rbd_pool
     }
 
-    Ceph::Key <<| title == $glance_rbd_user |>>
+    Ceph::Key <<| title == $glance_rbd_user |>> ->
     file { '/etc/ceph/ceph.client.glance.keyring':
       owner   => 'glance',
       group   => 'glance',
diff --git a/manifests/volume/backend/rbd.pp b/manifests/volume/backend/rbd.pp
index 6a5c6a71..db2416f7 100644
--- a/manifests/volume/backend/rbd.pp
+++ b/manifests/volume/backend/rbd.pp
@@ -71,9 +71,6 @@ define cloud::volume::backend::rbd (
     volume_tmp_dir                   => '/tmp'
   }
 
-  # Configure Ceph keyring
-  Ceph::Key <<| title == $rbd_user |>>
-
   # If Cinder & Nova reside on the same node, we need a group
   # where nova & cinder users have read permissions.
   ensure_resource('group', 'cephkeyring', {
@@ -86,6 +83,8 @@ define cloud::volume::backend::rbd (
     'unless'  => 'groups cinder | grep cephkeyring'
   })
 
+  # Configure Ceph keyring
+  Ceph::Key <<| title == $rbd_user |>> ->
   ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", {
     owner   => 'root',
     group   => 'cephkeyring',

From 2aeb9c1992b4c69b7cc77a58c5ff65a27ced09fb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fran=C3=A7ois=20Charlier?= <francois.charlier@enovance.com>
Date: Thu, 24 Jul 2014 16:30:41 +0200
Subject: [PATCH 2/2] ceph keys dependencies: use correct syntax for
 ensure_resource

---
 manifests/compute/hypervisor.pp | 21 +++++++++++++--------
 manifests/volume/backend/rbd.pp | 16 +++++++++-------
 2 files changed, 22 insertions(+), 15 deletions(-)

diff --git a/manifests/compute/hypervisor.pp b/manifests/compute/hypervisor.pp
index 65840dec..621a21be 100644
--- a/manifests/compute/hypervisor.pp
+++ b/manifests/compute/hypervisor.pp
@@ -193,14 +193,19 @@ Host *
     })
 
     # Configure Ceph keyring
-    Ceph::Key <<| title == $cinder_rbd_user |>> ->
-    ensure_resource('file', "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", {
-      owner   => 'root',
-      group   => 'cephkeyring',
-      mode    => '0440',
-      require => Ceph::Key[$cinder_rbd_user],
-      notify  => Service['nova-compute'],
-    })
+    Ceph::Key <<| title == $cinder_rbd_user |>>
+    if defined(Ceph::Key[$cinder_rbd_user]) {
+      ensure_resource(
+        'file',
+        "/etc/ceph/ceph.client.${cinder_rbd_user}.keyring", {
+          owner   => 'root',
+          group   => 'cephkeyring',
+          mode    => '0440',
+          require => Ceph::Key[$cinder_rbd_user],
+          notify  => Service['nova-compute'],
+        }
+      )
+    }
 
     Concat::Fragment <<| title == 'ceph-client-os' |>>
   } else {
diff --git a/manifests/volume/backend/rbd.pp b/manifests/volume/backend/rbd.pp
index db2416f7..04392b06 100644
--- a/manifests/volume/backend/rbd.pp
+++ b/manifests/volume/backend/rbd.pp
@@ -84,13 +84,15 @@ define cloud::volume::backend::rbd (
   })
 
   # Configure Ceph keyring
-  Ceph::Key <<| title == $rbd_user |>> ->
-  ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", {
-    owner   => 'root',
-    group   => 'cephkeyring',
-    mode    => '0440',
-    require => Ceph::Key[$rbd_user],
-  })
+  Ceph::Key <<| title == $rbd_user |>>
+  if defined(Ceph::Key[$rbd_user]) {
+    ensure_resource('file', "/etc/ceph/ceph.client.${rbd_user}.keyring", {
+      owner   => 'root',
+      group   => 'cephkeyring',
+      mode    => '0440',
+      require => Ceph::Key[$rbd_user],
+      })
+  }
 
   Concat::Fragment <<| title == 'ceph-client-os' |>>