For Puppet on Fedora, we have Packstack and The Foreman. But if you are doing development, you need to know what is going on at the nuts and bolts level. I need to do some work on the Puppet modules for Keystone. This is a developers setup, running out of git repositories.
Started by installing a new virtual machine and running yum update. Then, make sure git, puppet and facter are installed:
sudo yum install git sudo yum install puppet sudo yum install facter
From https://github.com/stackforge/puppet-openstack#setup
cd /etc/puppet/modules gem install librarian-puppet librarian-puppet install --path ./
Add in the clones for keystone, mysql, and postgresql.
git clone https://github.com/stackforge/puppet-keystone.git keystone git clone https://github.com/puppetlabs/puppetlabs-postgresql.git postgresql git clone https://github.com/puppetlabs/puppetlabs-mysql.git mysql
You can see the additional dependendcies for Keystone in the file keystone.Modulefile
dependency 'puppetlabs/inifile', '>=1.0.0 <2.0.0' dependency 'puppetlabs/mysql', '>=0.6.1 <1.0.0' dependency 'puppetlabs/stdlib', '>= 2.5.0'
Get those from Git as well.
git clone https://github.com/puppetlabs/puppetlabs-stdlib.git stdlib git clone https://github.com/puppetlabs/puppetlabs-concat.git concat
I’m going to make one .pp file per thing I need to configure. For mysql:
class { 'mysql::server': } mysql::db{ 'keystone': user => 'keystone', password => 'keystone', grant => 'all', }
For postgresql
class { 'postgresql::server': config_hash => { 'listen_addresses' => '*', }, } postgresql::db{ 'keystone': user => 'keystone', password => 'keystone', grant => 'all', }
These can be applied to your system with:
sudo puppet apply ~/mysql.pp
or
sudo puppet apply ~/postgresql.pp
To test Mysql
mysql -h localhost -u keystone keystone --password=keystone
To test Postgresql
psql -h localhost -d keystone -U keystone
Now to set up Keystone. This is a modified version of keystone.pp from openstack-puppet
git://github.com/stackforge/puppet-openstack.git openstack
class { 'openstack::keystone': db_host => '127.0.0.1', db_password => 'keystone', admin_token => '12345', admin_email => 'keystone@localhost', admin_password => 'keystone', glance_user_password => 'glance', nova_user_password => 'nova', cinder_user_password => 'cinder', neutron_user_password => 'neutron', public_address => '127.0.0.1', internal_address => '127.0.0.1', admin_address => '127.0.0.1', glance => 'false', nova => 'false', cinder => 'false', neutron => 'false', swift => 'false', } class openstack::keystone ( $db_password, $admin_token, $admin_email, $admin_password, $glance_user_password, $nova_user_password, $cinder_user_password, $neutron_user_password, $public_address, $public_protocol = 'http', $db_host = '127.0.0.1', $idle_timeout = '200', $db_type = 'mysql', $db_user = 'keystone', $db_name = 'keystone', $admin_tenant = 'admin', $verbose = false, $debug = false, $bind_host = '0.0.0.0', $region = 'RegionOne', $internal_address = false, $admin_address = false, $enabled = true ) { # Install and configure Keystone if $db_type == 'mysql' { $sql_conn = "mysql://${db_user}:${db_password}@${db_host}/${db_name}" } else { fail("db_type ${db_type} is not supported") } # munging b/c parameters are not # set procedurally in Puppet if($internal_address) { $internal_real = $internal_address } else { $internal_real = $public_address } if($admin_address) { $admin_real = $admin_address } else { $admin_real = $internal_real } class { '::keystone': verbose => $verbose, debug => $debug, bind_host => $bind_host, idle_timeout => $idle_timeout, catalog_type => 'sql', admin_token => $admin_token, enabled => $enabled, sql_connection => $sql_conn, } if ($enabled) { # Setup the admin user class { 'keystone::roles::admin': email => $admin_email, password => $admin_password, admin_tenant => $admin_tenant, } # Setup the Keystone Identity Endpoint class { 'keystone::endpoint': public_address => $public_address, public_protocol => $public_protocol, admin_address => $admin_real, internal_address => $internal_real, region => $region, } } }
run it with
sudo puppet apply ~/keystone.pp
Once it runs, test that Keystone is running with:
keystone --os-token 12345 --os-endpoint=http://localhost:35357/v2.0/ user-list