File: auth.pp

package info (click to toggle)
puppet-module-ceilometer 25.0.0-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,272 kB
  • sloc: ruby: 1,856; python: 38; makefile: 11; sh: 10
file content (87 lines) | stat: -rw-r--r-- 2,488 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
# == Class: ceilometer::keystone::auth
#
# Configures Ceilometer user, service and endpoint in Keystone.
#
# === Parameters:
#
# [*password*]
#   (Required) Password for Ceilometer user.
#
# [*email*]
#   (Optional) Email for Ceilometer user.
#   Defaults to 'ceilometer@localhost'.
#
# [*auth_name*]
#   (Optional) Username for Ceilometer service.
#   Defaults to 'ceilometer'.
#
# [*configure_user*]
#   (Optional) Should Ceilometer service user be configured?
#   Defaults to true.
#
# [*configure_user_role*]
#   (Optional) Should roles be configured on Ceilometer service user?
#   Defaults to true.
#
# [*region*]
#   (Optional) Region for endpoint.
#   Defaults to 'RegionOne'.
#
# [*tenant*]
#   (Optional) Tenant for Ceilometer user.
#   Defaults to 'services'.
#
# [*roles*]
#   (Optional) List of roles assigned to ceilometer user.
#   Defaults to ['admin']
#
# [*system_scope*]
#   (Optional) Scope for system operations.
#   Defaults to 'all'
#
# [*system_roles*]
#   (Optional) List of system roles assigned to ceilometer user.
#   Defaults to []
#
# === Examples:
#
#  class { 'ceilometer::keystone::auth':
#    password => 'secrete',
#  }
#
class ceilometer::keystone::auth (
  String[1] $password,
  $email               = 'ceilometer@localhost',
  $auth_name           = 'ceilometer',
  $configure_user      = true,
  $configure_user_role = true,
  $region              = 'RegionOne',
  $tenant              = 'services',
  $roles               = ['admin'],
  $system_scope        = 'all',
  $system_roles        = [],
) {

  include ceilometer::deps

  # NOTE(tkajinam): ceilometer does not have api service, so we can use
  #                 the begin anchor without causing circular dependencies
  Keystone::Resource::Service_identity['ceilometer'] -> Anchor['ceilometer::service::begin']

  # Ceilometer requires only its user, project, and role assignment.
  # service and endpoint should be disabled since ceilometer-api has been removed.
  keystone::resource::service_identity { 'ceilometer':
    configure_user      => $configure_user,
    configure_user_role => $configure_user_role,
    configure_endpoint  => false,
    configure_service   => false,
    region              => $region,
    auth_name           => $auth_name,
    password            => $password,
    email               => $email,
    tenant              => $tenant,
    roles               => $roles,
    system_scope        => $system_scope,
    system_roles        => $system_roles,
  }
}