Merge pull request #132 from xbezdick/master

Update openstack modules to their latest master branches

Puppetfile

@@ -3,15 +3,15 @@ mod 'apache',
   :git => 'https://github.com/puppetlabs/puppetlabs-apache.git'
 
 mod 'ceilometer',
-  :commit => '08fc9d9159cd9eb0830d550abb1058bc2b9b5759',
+  :commit => '065a353aae3fb869395908289be5d61840d5d38b',
   :git => 'https://github.com/stackforge/puppet-ceilometer.git'
 
 mod 'certmonger',
-  :commit => '5fbf10fbbff4aed4db30e839c63c99b195e8425a',
+  :commit => '3f86b9973fc30c14a066b0f215023d5f1398b874',
   :git => 'https://github.com/rcritten/puppet-certmonger.git'
 
 mod 'cinder',
-  :commit => '2da616a4a52d3086fe3a291b9199fc7313575504',
+  :commit => '987c51bc097fa049a8692741ffbeaffa2f3770e9',
   :git => 'https://github.com/stackforge/puppet-cinder.git'
 
 mod 'common',
@@ -23,11 +23,11 @@ mod 'concat',
   :git => 'https://github.com/puppetlabs/puppetlabs-concat.git'
 
 mod 'firewall',
-  :commit => 'd5a10f5a52d84b9fcfb8fc65ef505685a07d5799',
+  :commit => 'f061452461c841e83f20df1f9dd0aea485fb9744',
   :git => 'https://github.com/puppetlabs/puppetlabs-firewall.git'
 
 mod 'galera',
-  :commit => 'e35922bbb31ef2e6a86c7973cbafea96a8b160af',
+  :commit => 'a63ab112aabdc9faa5e66fc095ef9dcc865d6999',
   :git => 'https://github.com/rohara/puppet-galera.git'
 
 mod 'glance',
@@ -43,23 +43,23 @@ mod 'haproxy',
   :git => 'https://github.com/puppetlabs/puppetlabs-haproxy.git'
 
 mod 'heat',
-  :commit => 'e9e1ba05e13948b8e0c7a72b1b68cefbedd2b40d',
+  :commit => '27f39cd68e894eacc2a068cfee7aea3c49223892',
   :git => 'https://github.com/stackforge/puppet-heat.git'
 
 mod 'horizon',
-  :commit => '16b482ea21a70d8dd06ab4c98ac5a218399b0213',
+  :commit => 'f1e5acfe6fdd3709b4c34f12b90786cc7fd52a07',
   :git => 'https://github.com/stackforge/puppet-horizon.git'
 
 mod 'inifile',
   :commit => 'fe9b0d5229ea37179a08c4b49239da9bc950acd1',
   :git => 'https://github.com/puppetlabs/puppetlabs-inifile.git'
 
 mod 'ipa',
-  :commit => '2cbd870b0dba2b8f588d74fc5ff8aa9cd0dc9ccf',
+  :commit => '08e51e96ac2c9265499deec3485e396b792587d3',
   :git => 'https://github.com/xbezdick/puppet-ipa.git'
 
 mod 'keystone',
-  :commit => '605161f3d4b7bbcffc657c86b367159701dfdcbe',
+  :commit => '3f64ee48fa04ca6c5f8173a3dbadad946ca41239',
   :git => 'https://github.com/stackforge/puppet-keystone.git'
 
 mod 'memcached',
@@ -75,7 +75,7 @@ mod 'mongodb',
   :git => 'https://github.com/puppetlabs/puppetlabs-mongodb.git'
 
 mod 'mysql',
-  :commit => 'c70fc13fc15740b61b8eccd3c79168d3e417a374',
+  :commit => '40dd1805886aee56dc02860565f161c6e3b4c7e5',
   :git => 'https://github.com/puppetlabs/puppetlabs-mysql.git'
 
 mod 'n1k-vsm',
@@ -87,11 +87,11 @@ mod 'nagios',
   :git => 'https://github.com/gildub/puppet-nagios-openstack.git'
 
 mod 'neutron',
-  :commit => 'dcd122e477713421d9601d93d13725a4871b9c42',
+  :commit => '4b7360b16e37e0460ee20d48cba408b796b029c3',
   :git => 'https://github.com/stackforge/puppet-neutron.git'
 
 mod 'nova',
-  :commit => 'a79e5338df5f85cb299183e54b39e8a22a640f59',
+  :commit => '648c9e85830204995c24ae43d15efe278b9fa56b',
   :git => 'https://github.com/stackforge/puppet-nova.git'
 
 mod 'nssdb',
@@ -107,7 +107,7 @@ mod 'openstack',
   :git => 'https://github.com/stackforge/puppet-openstack.git'
 
 mod 'openstacklib',
-  :commit => 'c374bed10f8af6000601fa407ebaef0833e1999c',
+  :commit => '28130971a816859ff69eef037b9f9b1036a7720e',
   :git => 'https://github.com/stackforge/puppet-openstacklib.git'
 
 mod 'pacemaker',
@@ -119,19 +119,19 @@ mod 'puppet',
   :git => 'https://github.com/purpleidea/puppet-puppet.git'
 
 mod 'qpid',
-  :commit => '1f0c32b39ad17e7acbd440b50fb6f0875971f5e1',
+  :commit => '9ffb2788c536f1694980e07a43e8133ff85fa28c',
   :git => 'https://github.com/dprince/puppet-qpid'
 
 mod 'rabbitmq',
-  :commit => 'cbda1ced336f9768ebd442415b4d9c7c4ddb48c7',
+  :commit => '4832bd61b5b1bfea7c9cc985508e65cd10081652',
   :git => 'https://github.com/puppetlabs/puppetlabs-rabbitmq.git'
 
 mod 'rsync',
   :commit => '357d51f3a6a22bc3da842736176c3510e507b4fb',
   :git => 'https://github.com/puppetlabs/puppetlabs-rsync.git'
 
 mod 'sahara',
-  :commit => 'f4e5681cfb289113be1ba49c12709145ecbad938',
+  :commit => '6b696cffcba6692975dbcfee144e81b6e90e5ecf',
   :git => 'https://github.com/stackforge/puppet-sahara.git'
 
 mod 'ssh',
@@ -147,7 +147,7 @@ mod 'stdlib',
   :git => 'https://github.com/puppetlabs/puppetlabs-stdlib.git'
 
 mod 'swift',
-  :commit => '3ea00440361ff2452561d2cce808d938e39cce56',
+  :commit => '7b30dbb3979ec1597173608e17b60144eefbeeec',
   :git => 'https://github.com/stackforge/puppet-swift.git'
 
 mod 'sysctl',
@@ -167,7 +167,7 @@ mod 'vlan',
   :git => 'https://github.com/derekhiggins/puppet-vlan.git'
 
 mod 'vswitch',
-  :commit => '17b62e56e07eeed25fd2aaef278a16c97155a115',
+  :commit => '51fd30c22b79d927fb0329e6e2b58fe67217ecee',
   :git => 'https://github.com/stackforge/puppet-vswitch.git'
 
 mod 'xinetd',

ceilometer/Rakefile

@@ -4,3 +4,4 @@ require 'puppet-lint/tasks/puppet-lint'
 PuppetLint.configuration.fail_on_warnings = true
 PuppetLint.configuration.send('disable_80chars')
 PuppetLint.configuration.send('disable_class_parameter_defaults')
+PuppetLint.configuration.send('disable_only_variable_string')

ceilometer/manifests/alarm/evaluator.pp

@@ -36,7 +36,7 @@
 
   include ceilometer::params
 
-  validate_re($evaluation_interval,'^(\d+)$')
+  validate_re("${evaluation_interval}",'^(\d+)$')
 
   Ceilometer_config<||> ~> Service['ceilometer-alarm-evaluator']
 

ceilometer/metadata.json

@@ -0,0 +1,39 @@
+{
+  "name": "stackforge-ceilometer",
+  "version": "5.0.0",
+  "author": "eNovance and StackForge Contributors",
+  "summary": "Puppet module for OpenStack Ceilometer",
+  "license": "Apache License 2.0",
+  "source": "git://github.com/stackforge/puppet-ceilometer.git",
+  "project_page": "https://launchpad.net/puppet-ceilometer",
+  "issues_url": "https://bugs.launchpad.net/puppet-ceilometer",
+  "requirements": [
+    { "name": "pe","version_requirement": "3.x" },
+    { "name": "puppet","version_requirement": "3.x" }
+  ],
+  "operatingsystem_support": [
+    {
+      "operatingsystem": "Debian",
+      "operatingsystemrelease": ["7"]
+    },
+    {
+      "operatingsystem": "Fedora",
+      "operatingsystemrelease": ["20"]
+    },
+    {
+      "operatingsystem": "RedHat",
+      "operatingsystemrelease": ["6.5","7"]
+    },
+    {
+      "operatingsystem": "Ubuntu",
+      "operatingsystemrelease": ["12.04","14.04"]
+    }
+  ],
+  "description": "Installs and configures OpenStack Ceilometer (Telemetry).",
+  "dependencies": [
+    { "name": "puppetlabs/inifile", "version_requirement": ">=1.0.0 <2.0.0" },
+    { "name": "stackforge/keystone", "version_requirement": ">=5.0.0 <6.0.0" },
+    { "name": "puppetlabs/stdlib", "version_requirement": ">=4.0.0 <5.0.0" },
+    { "name": "stackforge/openstacklib", "version_requirement": ">=5.0.0" }
+  ]
+}

certmonger/Modulefile

@@ -1,5 +1,5 @@
 name    'rcritten/certmonger'
-version '1.0.2'
+version '1.0.3'
 source 'git://github.com/rcritten/puppet-certmonger.git'
 author 'Rob Crittenden <[email protected]>'
 license 'Apache'

certmonger/manifests/request_ipa_cert.pp

@@ -57,108 +57,65 @@
 ) {
   include certmonger::server
 
-  if "$ipa_client_configured" == 'true' {
-
-    $principal_no_slash = regsubst($principal, '\/', '_')
+  $principal_no_slash = regsubst($principal, '\/', '_')
 
-    if $hostname == undef {
-        $subject = ''
-    } else {
-        $subject = "-N cn=${hostname}"
-    }
+  # Only execute certmonger if IPA client is configured
+  $onlyif = "/usr/bin/test -s /etc/ipa/default.conf"
 
-    if $seclib == 'nss' {
-        $options = "-d ${basedir}/${dbname} -n ${nickname} -p ${basedir}/${dbname}/password.conf"
+  if $hostname == undef {
+      $subject = ''
+  } else {
+      $subject = "-N cn=${hostname}"
+  }
 
-        file {"${basedir}/${dbname}/requested":
-          ensure  => directory,
-          mode    => 0600,
-          owner   => 0,
-          group   => 0,
-        }
-
-        # Semaphore file to determine if we've already requested a certificate.
-        file {"${basedir}/${dbname}/requested/${principal_no_slash}":
-          ensure  => file,
-          mode    => 0600,
-          owner   => $owner_id,
-          group   => $group_id,
-          require => [
-            Exec["get_cert_nss_${title}"]
-          ],
-        }
-        exec {"get_cert_nss_${title}":
-          command => "/usr/bin/ipa-getcert request ${options} -K ${principal} ${subject}",
-          creates => "${basedir}/${dbname}/requested/${principal_no_slash}",
-          require => [
-              Package['certmonger'],
-              File["${basedir}/${dbname}/password.conf"],
-          ],
-        }
-    }
-    elsif $seclib == 'openssl' {
+  if $seclib == 'nss' {
+      $options = "-d ${basedir}/${dbname} -n ${nickname} -p ${basedir}/${dbname}/password.conf"
+      $unless = "/usr/bin/getcert list -d ${basedir}/${dbname} -n ${nickname}"
 
-        $options = "-k ${key} -f ${cert}"
+      exec {"get_cert_nss_${title}":
+        command => "/usr/bin/ipa-getcert request ${options} -K ${principal} ${subject}",
+        onlyif  => "${onlyif}",
+        unless  => "${unless}",
+        require => [
+            Service['certmonger'],
+            File["${basedir}/${dbname}/password.conf"],
+        ],
+      }
+  }
+  elsif $seclib == 'openssl' {
 
-        # NOTE: Order is extremely important here. If the key file exists
-        # (content doesn't matter) then certmonger will attempt to use that
-        # as the key. You could end up in a NEWLY_ADDED_NEED_KEYINFO_READ_PIN
-        # state if the key file doesn't actually contain a key.
+      $options = "-k ${key} -f ${cert}"
+      $unless = "/usr/bin/getcert list -f ${cert}"
 
-        file {"${cert}":
-          ensure  => file,
-          mode    => 0444,
-          owner   => $owner_id,
-          group   => $group_id,
-        }
-        file {"${key}":
-          ensure  => file,
-          mode    => 0440,
-          owner   => $owner_id,
-          group   => $group_id,
-        }
-        exec {"get_cert_openssl_${title}":
-          command => "/usr/bin/ipa-getcert request ${options} -K ${principal} ${subject}",
-          creates => [
-            "${key}",
-            "${cert}",
-          ],
-          require => [
-              Package['certmonger'],
-          ],
-          before => [
-              File["${key}"],
-              File["${cert}"],
-          ],
-          notify => Exec["wait_for_certmonger_${title}"],
-        }
+      exec {"get_cert_openssl_${title}":
+        command => "/usr/bin/ipa-getcert request ${options} -K ${principal} ${subject}",
+        onlyif  => "${onlyif}",
+        unless  => "${unless}",
+        require => [
+            Service['certmonger'],
+        ],
+        notify => Exec["wait_for_certmonger_${title}"],
+      }
 
-        # We need certmonger to finish creating the key before we
-        # can proceed. Use onlyif as a way to execute multiple
-        # commands without restorting to shipping a shell script.
-        # This will call getcert to check the status of our cert
-        # 5 times. This doesn't short circuit though, so all 5 will
-        # always run, causing a 5-second delay.
-        exec {"wait_for_certmonger_${title}":
-          command => "true",
-          onlyif => [
-            "sleep 1 && getcert list -f ${cert}",
-            "sleep 1 && getcert list -f ${cert}",
-            "sleep 1 && getcert list -f ${cert}",
-            "sleep 1 && getcert list -f ${cert}",
-            "sleep 1 && getcert list -f ${cert}",
-          ],
-          path => "/usr/bin:/bin",
-          before => [
-              File["${key}"],
-              File["${cert}"],
-          ],
-          refreshonly => true,
-        }
-    } else {
-      fail("Unrecognized security library: ${seclib}")
-    }
+      # We need certmonger to finish creating the key before we
+      # can proceed. Use onlyif as a way to execute multiple
+      # commands without restorting to shipping a shell script.
+      # This will call getcert to check the status of our cert
+      # 5 times. This doesn't short circuit though, so all 5 will
+      # always run, causing a 5-second delay.
+      exec {"wait_for_certmonger_${title}":
+        command => "true",
+        onlyif => [
+          "sleep 1 && getcert list -f ${cert}",
+          "sleep 1 && getcert list -f ${cert}",
+          "sleep 1 && getcert list -f ${cert}",
+          "sleep 1 && getcert list -f ${cert}",
+          "sleep 1 && getcert list -f ${cert}",
+        ],
+        path => "/usr/bin:/bin",
+        refreshonly => true,
+      }
   } else {
-    fail("ipa not configured")
+    fail("Unrecognized security library: ${seclib}")
   }
 }