Remove keystone bootstrap

This commit removes the keystone bootstrap class from Puppet, following the migration of keystone bootstrap to Ansible: https://review.opendev.org/c/starlingx/ansible-playbooks/+/915284. Test plan: All of the following items were tested with the addition of the changes from the above specified commit. 1. PASS: Deploy a DC system with one system controller and two subclouds and ensure the subclouds can be managed 2. PASS: Deploy an AIO-SX system and verify the host unlocks 3. PASS: Perform bootstrap replay and ensure the host unlocks after re-execution 4. PASS: Verify the creation of the services project, _member_ role and the admin user update to the correct e-mail address 5. PASS: Verify the keystone.conf and keystone-extra.conf files for each deployment type 6. PASS: Validate the sql dump of the keystone database generated in a subcloud deployment in relation to the one generated before the changes 7. PASS: Validate the permissions in /etc/keystone and /opt/platform/keystone 8. PASS: Validate that the admin and sysinv users have the ignore_lockout_failure_attempts set to true 9. PASS: Perform backup and restore on a system controller and an AIO-SX deployment Depends-On: https://review.opendev.org/c/starlingx/ansible-playbooks/+/915284 Story: 2011035 Task: 49924 Change-Id: I02a964ce47cd4fe624980e5b5c50f7ad164d70b9 Signed-off-by: Raphael Lima <Raphael.Lima@windriver.com>
2024-04-15 11:08:36 -03:00 · 2024-04-15 11:08:36 -03:00 · b36711a365
commit b36711a365
parent 29471b23fb
2 changed files with 1 additions and 104 deletions
--- a/puppet-manifests/src/manifests/ansible_bootstrap.pp
+++ b/puppet-manifests/src/manifests/ansible_bootstrap.pp
@ -15,7 +15,6 @@ include ::platform::drbd::bootstrap
 include ::platform::postgresql::bootstrap
 include ::platform::amqp::bootstrap

-include ::openstack::keystone::bootstrap
 include ::platform::client::bootstrap

 # Puppet classes to enable the bring up of kubernetes master
--- a/puppet-manifests/src/modules/openstack/manifests/keystone.pp
+++ b/puppet-manifests/src/modules/openstack/manifests/keystone.pp
@ -191,6 +191,7 @@ define openstack::keystone::delete_endpoints (
  }
 }

+
 class openstack::keystone::api
  inherits ::openstack::keystone::params {

@ -220,109 +221,6 @@ class openstack::keystone::api
 }


-class openstack::keystone::bootstrap(
-  $default_domain = 'Default',
-  $dc_services_project_id = undef,
-) {
-  include ::platform::params
-  include ::platform::amqp::params
-  include ::platform::drbd::platform::params
-  include ::platform::client::params
-
-  $keystone_key_repo_path = "${::platform::drbd::platform::params::mountpoint}/keystone"
-  if $::platform::params::distributed_cloud_role =='systemcontroller' {
-    $eng_workers = min($::platform::params::eng_workers, 10)
-  } else {
-    $eng_workers = $::platform::params::eng_workers
-  }
-  $bind_host = '[::]'
-
-  # In the case of a classical Multi-Region deployment, apply the Keystone
-  # controller configuration for Primary Region ONLY
-  # (i.e. on which region_config is False), since Keystone is a Shared service
-  #
-  # In the case of a Distributed Cloud deployment, apply the Keystone
-  # controller configuration for each SubCloud, since Keystone is also
-  # a localized service.
-
-  if (!$::platform::params::region_config or
-      $::platform::params::distributed_cloud_role == 'subcloud') {
-
-    include ::keystone::db::postgresql
-
-    Class[$name] -> Class['::platform::client']
-
-    # Create the parent directory for fernet keys repository
-    file { $keystone_key_repo_path:
-      ensure  => 'directory',
-      owner   => 'root',
-      group   => 'root',
-      mode    => '0755',
-      require => Class['::platform::drbd::platform'],
-    }
-    -> file { '/etc/keystone/keystone-extra.conf':
-      ensure  => present,
-      owner   => 'root',
-      group   => 'keystone',
-      mode    => '0640',
-      content => template('openstack/keystone-extra.conf.erb'),
-      before  => Class['::keystone']
-    }
-
-    case $::osfamily {
-        'RedHat': {
-            class { '::keystone':
-              enabled               => true,
-              enable_bootstrap      => true,
-              fernet_key_repository => "${keystone_key_repo_path}/fernet-keys",
-              sync_db               => true,
-              default_domain        => $default_domain,
-              default_transport_url => $::platform::amqp::params::transport_url,
-            }
-            include ::keystone::client
-            include ::keystone::endpoint
-            include ::keystone::roles::admin
-            # disabling the admin token per openstack recommendation
-            include ::keystone::disable_admin_token_auth
-            $dc_required_classes = [ Class['::keystone::roles::admin'] ]
-        }
-
-        default: {
-            # overrides keystone class, including hieradata service_name
-            #  service_name          => 'keystone',
-
-            class { '::keystone':
-              enabled               => true,
-              service_name          => 'keystone',
-              fernet_key_repository => "${keystone_key_repo_path}/fernet-keys",
-              sync_db               => true,
-              default_domain        => $default_domain,
-              default_transport_url => $::platform::amqp::params::transport_url,
-            }
-
-            class { '::keystone::bootstrap':
-              password => lookup('keystone::roles::admin::password'),
-            }
-            $dc_required_classes = [ Class['::keystone::bootstrap'] ]
-        }
-    }
-
-    # Ensure the default _member_ role is present
-    keystone_role { '_member_':
-      ensure => present,
-    }
-
-    ini_setting { 'Set keystone default log level to INFO':
-      ensure  => present,
-      path    => '/etc/keystone/logging.conf',
-      section => 'logger_root',
-      setting => 'level',
-      value   => 'INFO',
-    }
-  }
-}
-
-
 class openstack::keystone::reload {
  platform::sm::restart {'keystone': }
 }