On 01/04/2016 02:06 PM, Russell Cecala wrote:
Hi Emilien,
I am trying to use https://github.com/openstack/puppet-keystone to set
up a Kilo keystone node.
I'm assuming you're using the kilo branch there?
I was hoping to could help me out so I can get my team to adopt puppet
for setting up OpenStack.
On my keystone node I am running centos7 with selinux disabled ...
What version of openstackclient are you using?
Do you have a $HOME/openrc or /root/openrc, or are you otherwise
defining OS_* environment variables in the environment before running
puppet?
[root@svl-ost-mgmt-centos-001 ~]# sestatus
SELinux status: disabled
... and I have flushed my iptables ...
[root@svl-ost-mgmt-centos-001 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Yet when I run "puppet agent -t" I get these errors:
[root@ost-mgmt-centos-001 ~]# puppet agent -t
Info: Retrieving pluginfacts
Info: Retrieving plugin
Info: Loading facts
Error: NetworkManager is not running.
Info: Caching catalog for ost-mgmt-centos-001.example.com
<http://ost-mgmt-centos-001.example.com>
*Warning: The tenant parameter is deprecated and will be removed in
the future. Please use keystone_user_role to assign a user to a project.*
*Warning: The ignore_default_tenant parameter is deprecated and will
be removed in the future.*
Info: Applying configuration version '1451940682'
*Error: /Stage[main]/Keystone::Roles::Admin/Keystone_user[admin]:
Could not evaluate: Execution of '/usr/bin/openstack token issue
--format value' returned 1: ERROR: openstack The resource could not be
found. (HTTP 404) (Request-ID: req-ca2a6dd1-fdb6-48f4-94fe-8f736fcc01dd)*
Notice:
/Stage[main]/Keystone::Roles::Admin/Keystone_user_role[admin@openstack]:
Dependency Keystone_user[admin] has failures: true
*Warning:
/Stage[main]/Keystone::Roles::Admin/Keystone_user_role[admin@openstack]:
Skipping because of failed dependencies*
Notice: Finished catalog run in 12.38 seconds
Here's code I am using on my puppet master ...
classwrapcontroller(
... big list of parameters I am not using until I can get keystone
going ...
) {
exec{ '/bin/yum -y install
http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm':
unless=> '/bin/rpm -q epel-release', }
exec{ '/bin/yum -y install
http://rdo.fedorapeople.org/openstack-kilo/rdo-release-kilo.rpm':
unless=> '/bin/rpm -q rdo-release', }
package { 'mariadb': ensure => present, }
exec{ 'keystone_database_init':
command=> '/usr/bin/keystone-manage db_sync',
onlyif => [
"/usr/bin/mysql
-u$keystone_db_user-p$keystone_db_pass-h$db_host-P$db_port$keystone_db_name-e
'show tables'",
"/usr/bin/test -z \"`/usr/bin/mysql -u$keystone_db_user
-p$keystone_db_pass -h$db_host -P$db_port $keystone_db_name -e 'show
tables'`\""
],
require => Package['mariadb'],
}
class{'::keystone':
admin_token => $keystone_auth_token,
database_connection =>
"mysql://${keystone_db_user}:${keystone_db_pass}@${db_host}:${db_port}/${keystone_db_name}",
debug => $debug,
enabled => true,
enable_ssl => false,
service_name => 'httpd',# this is a kilo thing
verbose => $debug,
}
include ::apache
class{ '::keystone::wsgi::apache': ssl=> false, }
class{ '::keystone::roles::admin':
email => $keystone_admin_email,
password => $keystone_admin_password,
}
class{ '::keystone::endpoint':
public_url => "http://127.0.0.1:5000";,
admin_url => "http://127.0.0.1:35357";,
default_domain=> 'admin',
}
}
Thanks! And Happy New Year to you :)
Red
On Tue, Nov 24, 2015 at 2:38 PM, Emilien Macchi <[email protected]
<mailto:[email protected]>> wrote:
On 11/24/2015 11:21 PM, Russell Cecala wrote:
> I am trying to use the OpenStack community puppet modules.
Here's the
> keystone module I am using:
https://github.com/openstack/puppet-keystone
> I am using the stable juno branch. I have in my puppet manifest
for my
> controller nodes this resource definition:
>
> class { '::keystone::roles::admin':
> admin => $keystone_admin_user,
> email => $keystone_admin_email,
> password => $keystone_admin_password,
> } ->
>
> And when puppet runs that code I get this error:
>
> Error:
>
/Stage[main]/Keystone::Roles::Admin/Keystone_user_role[keystone_admin_user@openstack]:
> Could not evaluate: Execution of '/usr/bin/openstack domain show
> --format shell' returned 2: usage: openstack domain show [-h] [-f
> {shell,table,value}] [-c COLUMN]
> [--max-width <integer>]
[--prefix PREFIX]
> <domain>
> openstack domain show: error: too few arguments
Sounds like an issue with your version of openstackclient, can you
provide it?
>
> Can anyone help me? Are these Puppet modules still being supported?
Yes :-)
> Does anyone use them? Thanks!
Double yes.
--
Emilien Macchi
_______________________________________________
OpenStack-operators mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
_______________________________________________
OpenStack-operators mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
