├── releasenotes ├── source │ ├── _static │ │ └── .placeholder │ ├── unreleased.rst │ ├── zed.rst │ ├── train.rst │ ├── xena.rst │ ├── yoga.rst │ ├── 2023.2.rst │ ├── 2024.1.rst │ ├── 2024.2.rst │ ├── 2025.1.rst │ ├── 2025.2.rst │ ├── ussuri.rst │ ├── 2023.1.rst │ ├── pike.rst │ ├── rocky.rst │ ├── stein.rst │ ├── victoria.rst │ ├── wallaby.rst │ ├── queens.rst │ ├── ocata.rst │ └── index.rst └── notes │ ├── drop-fedora-56709758aa310b8d.yaml │ ├── remove-puppet-6-9e125b530b4ef4d7.yaml │ ├── add_wsgi_support-98135d2375f323e8.yaml │ ├── host-ac5889dbd6c24113.yaml │ ├── openstack_db_tag-8c7bcab4734ad950.yaml │ ├── puppet-8-7240b2eaae8b9761.yaml │ ├── collector-8c7882fca3595152.yaml │ ├── datasources-6349e5c19f463c81.yaml │ ├── oslo-reports-2833d20b51e1c924.yaml │ ├── remove-amqp1-368ef5ce07b3ce28.yaml │ ├── remove_idle_timeout_option-b5fedb12f38746bd.yaml │ ├── remove-centos-8-186295728cc259bd.yaml │ ├── remove-puppet-7-6f1ad6158bba77f3.yaml │ ├── deprecate-use_ssl-e944756f793be4c8.yaml │ ├── centos-9-support-70be8930bd26fcca.yaml │ ├── log-json-a87130f234e8771d.yaml │ ├── prometheus_client-8263eb5873bf0708.yaml │ ├── puppet4-mysql-func-6d6424c84aff4a6c.yaml │ ├── remove_deprecated_ensure_package_option-989408783eac7d73.yaml │ ├── dont-include-logging-init-92644b6fcd5ea382.yaml │ ├── notification-retry-8f6b11a94613fdc8.yaml │ ├── add_mysql_enable_ndb-option-827bb4c2f9aae8fa.yaml │ ├── remove-watch_log_file-ed46ae46b102b317.yaml │ ├── add_watch_log_file-option-ab78b7cabe9dd509.yaml │ ├── migrate-policy-format-from-json-to-yaml-dcdae5898ee6657a.yaml │ ├── policy_default_rule-7e3c4ff9743a721a.yaml │ ├── rabbit-quorum-queue-a05e425a7e25a686.yaml │ ├── remove-auth-uri-cf2fd17d1f66740f.yaml │ ├── remove_deprecated_rabbit_max_retries_option-886e2102ff813c90.yaml │ ├── add-service_token_roles-option-ae5c0d502076878f.yaml │ ├── cleanup-client_api_version-905613eeea94283f.yaml │ ├── deprecate-watch_log_file-14671e9b45171daa.yaml │ ├── remove-use_ssl-f041e852b691608b.yaml │ ├── configure_service-2af61120e1959b40.yaml │ ├── remove-amqp_allow_insecure_clients-1c253082c8cd2ca3.yaml │ ├── remove-rabbit_heartbeat_in_pthread-fc3c9beaee157973.yaml │ ├── system_scope-all-8c56342fed47d232.yaml │ ├── cleanup-watcher_clients-f84a02181142a249.yaml │ ├── policy-enforce_new_defaults-985d95217cd2e7df.yaml │ ├── wsgi_process_options-a4089bef3f83070f.yaml │ ├── cache-backend-expiration-time-3bf5147ae4a4a192.yaml │ ├── cache-memcache-sasl-90ca4b3fd56d5ce6.yaml │ ├── cache-opts-1d4d358b81b76d2c.yaml │ ├── enable_cancel_on_failover-aae8980cb5401411.yaml │ ├── rabbit_transient_quorum_queue-4c6fe9818d502858.yaml │ ├── policy-dirs-b7655be6af895394.yaml │ ├── update_watcher_client_project_name-abd703bec044d78d.yaml │ ├── apache-headers-61aa1ceb5012239f.yaml │ ├── deprecate-auth_uri-90a44ad54c0d57bb.yaml │ ├── memcache_pool_flush_on_reconnect-ed66de4dc7486c80.yaml │ ├── remove_deprecated_keystone_revocation_cache_time_option-be8d023807173463.yaml │ ├── ubuntu-noble-a96489e16f0995f0.yaml │ ├── deprecate_allow_insecure_clients-option-8440060a378c7306.yaml │ ├── deprecate_database_min_pool_size-option-8876b9fb67414556.yaml │ ├── deprecate_revocation_cache_time_parameter-833ea914b2355a29.yaml │ ├── deprecate_auth_uri_parameter-93fd3119f74b8769.yaml │ ├── deprecate_rabbit_max_retries-8135a8723f235d61.yaml │ ├── remove-deprecated-rabbit-params-a34e86d1c1d0a6fc.yaml │ ├── add-use_journal-option-for-logging-99d82c6c8d195dcf.yaml │ ├── queue_manager-and-stream_fanout-cbb3bebc082d2922.yaml │ ├── remove-service-validation-112f0bc7d169ad87.yaml │ ├── service-role-552095bd1c9de70f.yaml │ ├── add-pool_timeout-option-for-db-a72dd0ebec01c9c5.yaml │ ├── add-user-domain-name-config-56c23698d3306ad0.yaml │ ├── bug-1973316-01c21c61c865b3b5.yaml │ ├── remove_deprecated_pki_related_options-a2c2fa2293718348.yaml │ ├── deprecate_rpc_backend_parameter-afa0e60e3d5f87e0.yaml │ ├── use-cinderv3-812bc19403fc73c2.yaml │ ├── deprecate-rabbit_heartbeat_in_pthread-22181d3776e58738.yaml │ ├── deprecate_ensure_package_parameter-12a9e89713d6791f.yaml │ ├── deprecate_idle_timeout_parameter-b131e1bb6f927b3a.yaml │ ├── disable-apache-ssl-2599fd907b0ce8c2.yaml │ ├── oslo_policy-enforce_scope-9b8d378dd3617f98.yaml │ ├── ubuntu-jammy-e0d33aca769dcf1d.yaml │ ├── wsgi-use-workers-02a0232bf3aac3fe.yaml │ ├── deprecate-default_domain_name-b29df5955675de28.yaml │ ├── deprecate-service-validation-a8d7f27af3981c1a.yaml │ ├── keystone-authtoken-service_type-276f4e9509781776.yaml │ ├── decision-engine-max-workers-f8a17184c10e65c3.yaml │ ├── keystone-authtoken-interface-7148ae51c1971a27.yaml │ ├── cron-db_purge-43ea67b564185d97.yaml │ ├── drop-hardcoded-log_file-3f656a530073379f.yaml │ ├── deprecate-removed-clients-c25c4899964144e2.yaml │ ├── deprecate-decision_engine_workers-0537dc11fb0aee19.yaml │ ├── default_domain-b1fb03d5e12a9f7d.yaml │ ├── new-client-9f675a778c7da5b0.yaml │ ├── prepare-to-change-apache-ssl-27faed5d04d1d5fa.yaml │ ├── change_nova_api_version_default-f372441622a9ebd2.yaml │ ├── default-bind_host-7ab540eba59c4135.yaml │ ├── rabbitmq-heartbeat-over-pthread-a074c263f0b7469d.yaml │ ├── deprecate_pki_related_parameters-bc2f6013b96eaeeb.yaml │ ├── httpd-logs-piped-syslog-bab044bf788d548d.yaml │ ├── service_token_roles_required-a4f14cc2f29c8c12.yaml │ ├── policy_purge_config-2adf94616be63444.yaml │ ├── cleanup-api-opts-c078c50c79a004c1.yaml │ ├── cache-rename-hashclient-params-b72c48b3242cb61d.yaml │ ├── cache-redis-opts-38d736d94ef2b6e1.yaml │ ├── client-classes-e167f5676c4888d1.yaml │ ├── rename-api-opts-e954f36e0ee0e49b.yaml │ ├── system_scope-keystone-54ba872a490ebc74.yaml │ ├── remove-deprecated-params-78073b78bf60b01b.yaml │ ├── release-note-ubuntu-py3-1e6f7db20e3428b0.yaml │ ├── deprecate-zmq-87517d8c3abef0dd.yaml │ └── watcher_clients_auth-49c8642cf6384a95.yaml ├── Rakefile ├── spec ├── spec_helper_acceptance.rb ├── shared_examples.rb ├── spec_helper.rb ├── acceptance │ ├── 10_basic_watcher_spec.rb │ └── 99_watcher_config_spec.rb ├── classes │ ├── watcher_client_spec.rb │ ├── watcher_db_postgresql_spec.rb │ ├── watcher_keystone_client_spec.rb │ ├── watcher_reports_spec.rb │ ├── watcher_nova_client_spec.rb │ ├── watcher_cinder_client_spec.rb │ ├── watcher_glance_client_spec.rb │ ├── watcher_ironic_client_spec.rb │ ├── watcher_collector_spec.rb │ ├── watcher_gnocchi_client_spec.rb │ ├── watcher_datasources_spec.rb │ ├── watcher_neutron_client_spec.rb │ ├── watcher_placement_client_spec.rb │ ├── watcher_db_upgrade_spec.rb │ ├── watcher_db_create_schema_spec.rb │ ├── watcher_db_mysql_spec.rb │ ├── watcher_prometheus_client_spec.rb │ ├── watcher_db_spec.rb │ ├── watcher_policy_spec.rb │ ├── watcher_cron_db_purge_spec.rb │ ├── watcher_keystone_auth_spec.rb │ ├── watcher_api_spec.rb │ ├── watcher_watcher_clients_auth_spec.rb │ ├── watcher_applier_spec.rb │ ├── watcher_decision_engine_spec.rb │ ├── watcher_logging_spec.rb │ ├── watcher_wsgi_apache_spec.rb │ └── watcher_keystone_authtoken_spec.rb └── unit │ ├── provider │ └── watcher_config │ │ └── openstackconfig_spec.rb │ └── type │ └── watcher_config_spec.rb ├── .gitreview ├── doc └── requirements.txt ├── .zuul.yaml ├── lib └── puppet │ ├── provider │ └── watcher_config │ │ └── openstackconfig.rb │ └── type │ └── watcher_config.rb ├── tox.ini ├── bindep.txt ├── examples └── init.pp ├── manifests ├── client.pp ├── keystone_client.pp ├── config.pp ├── db │ ├── create_schema.pp │ ├── upgrade.pp │ ├── postgresql.pp │ └── mysql.pp ├── cinder_client.pp ├── nova_client.pp ├── datasources.pp ├── collector.pp ├── ironic_client.pp ├── gnocchi_client.pp ├── placement_client.pp ├── deps.pp ├── reports.pp ├── glance_client.pp ├── neutron_client.pp ├── params.pp ├── prometheus_client.pp ├── policy.pp ├── applier.pp ├── db.pp ├── watcher_clients_auth.pp ├── cron │ └── db_purge.pp ├── keystone │ └── auth.pp ├── decision_engine.pp ├── api.pp ├── logging.pp └── wsgi │ └── apache.pp ├── CONTRIBUTING.rst ├── .gitignore ├── .pdkignore ├── Gemfile ├── metadata.json └── README.md /releasenotes/source/_static/.placeholder: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- 1 | require 'puppet-openstack_spec_helper/rake_tasks' 2 | -------------------------------------------------------------------------------- /spec/spec_helper_acceptance.rb: -------------------------------------------------------------------------------- 1 | require 'puppet-openstack_spec_helper/litmus_spec_helper' 2 | -------------------------------------------------------------------------------- /.gitreview: -------------------------------------------------------------------------------- 1 | [gerrit] 2 | host=review.opendev.org 3 | port=29418 4 | project=openstack/puppet-watcher.git 5 | -------------------------------------------------------------------------------- /releasenotes/notes/drop-fedora-56709758aa310b8d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Fedora is no longer supported. -------------------------------------------------------------------------------- /releasenotes/notes/remove-puppet-6-9e125b530b4ef4d7.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Puppet 6 is no longer supported. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/add_wsgi_support-98135d2375f323e8.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Add support to run watcher-api with mod-wsgi. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/host-ac5889dbd6c24113.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::host`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/openstack_db_tag-8c7bcab4734ad950.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Add openstack-db tag to Exec that run db-sync. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/puppet-8-7240b2eaae8b9761.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | This module now officially supports Puppet 8. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/collector-8c7882fca3595152.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::collector`` class has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/datasources-6349e5c19f463c81.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::datasources`` class has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/oslo-reports-2833d20b51e1c924.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::reports`` class has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-amqp1-368ef5ce07b3ce28.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Support for amqp1 messaging driver has been removed. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove_idle_timeout_option-b5fedb12f38746bd.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - Deprecated idle_timeout option has been removed. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-centos-8-186295728cc259bd.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | CentOS 8 Stream is no longer supported by this module. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-puppet-7-6f1ad6158bba77f3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Puppet 7 is no longer supported. Use Puppet 8 instead. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-use_ssl-e944756f793be4c8.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The ``watcher::use_ssl`` parameter has been deprecated. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/centos-9-support-70be8930bd26fcca.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Now this module supports CentOS 9 and Red Hat Enterprise Linux 9. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/log-json-a87130f234e8771d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Expose use_json logging parameter, which enables JSON formatted logging. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/prometheus_client-8263eb5873bf0708.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::prometheus_client`` class has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/puppet4-mysql-func-6d6424c84aff4a6c.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | This module now requires a puppetlabs-mysql version >= 6.0.0 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove_deprecated_ensure_package_option-989408783eac7d73.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - Deprecated ensure_package option has been removed. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/dont-include-logging-init-92644b6fcd5ea382.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | watcher::logging is now not included in init class by default. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/notification-retry-8f6b11a94613fdc8.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::notification_retry`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/source/unreleased.rst: -------------------------------------------------------------------------------- 1 | ============================== 2 | Current Series Release Notes 3 | ============================== 4 | 5 | .. release-notes:: 6 | -------------------------------------------------------------------------------- /releasenotes/notes/add_mysql_enable_ndb-option-827bb4c2f9aae8fa.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Add mysql_enable_ndb parameter to select mysql storage engine. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-watch_log_file-ed46ae46b102b317.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``watcher::logging::watch_log_file`` parameter has been removed. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/add_watch_log_file-option-ab78b7cabe9dd509.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::logging::watch_log_file`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/migrate-policy-format-from-json-to-yaml-dcdae5898ee6657a.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Now policy.yaml is used by default instead of policy.json. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/policy_default_rule-7e3c4ff9743a721a.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::policy::policy_default_rule`` parameter has been added. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/rabbit-quorum-queue-a05e425a7e25a686.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``watcher`` class now supports options for quorum queues in RabbitMQ. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-auth-uri-cf2fd17d1f66740f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The deprecated parameter auth_uri is now removed, please use www_authenticate_uri. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove_deprecated_rabbit_max_retries_option-886e2102ff813c90.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - Deprecated watcher::rabbit_max_retries option has been removed. 4 | -------------------------------------------------------------------------------- /releasenotes/source/zed.rst: -------------------------------------------------------------------------------- 1 | ======================== 2 | Zed Series Release Notes 3 | ======================== 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/zed 7 | -------------------------------------------------------------------------------- /releasenotes/notes/add-service_token_roles-option-ae5c0d502076878f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Add support to configure service_token_roles in authtoken middleware. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/cleanup-client_api_version-905613eeea94283f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``watcher::_client_api_version`` parameters have been removed. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-watch_log_file-14671e9b45171daa.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The ``watcher::logging::watch_log_file`` parameter has been deprecated. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-use_ssl-f041e852b691608b.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The deprecated and ineffective ``watcher::use_ssl`` parameter has been 5 | removed. 6 | -------------------------------------------------------------------------------- /releasenotes/source/train.rst: -------------------------------------------------------------------------------- 1 | ========================== 2 | Train Series Release Notes 3 | ========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/train 7 | -------------------------------------------------------------------------------- /releasenotes/source/xena.rst: -------------------------------------------------------------------------------- 1 | ========================= 2 | Xena Series Release Notes 3 | ========================= 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/xena 7 | -------------------------------------------------------------------------------- /releasenotes/source/yoga.rst: -------------------------------------------------------------------------------- 1 | ========================= 2 | Yoga Series Release Notes 3 | ========================= 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/yoga 7 | -------------------------------------------------------------------------------- /releasenotes/notes/configure_service-2af61120e1959b40.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::keystone::auth::configure_service`` parameter has been 5 | added. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-amqp_allow_insecure_clients-1c253082c8cd2ca3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``watcher::amqp_allow_insecure_clients`` parameter has been removed. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-rabbit_heartbeat_in_pthread-fc3c9beaee157973.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``watcher::rabbit_heartbeat_in_pthread`` parameter has been removed. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/system_scope-all-8c56342fed47d232.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::watcher_clients_auth::system_scope`` parameter has been 5 | added. 6 | -------------------------------------------------------------------------------- /releasenotes/source/2023.2.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2023.2 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2023.2 7 | -------------------------------------------------------------------------------- /releasenotes/source/2024.1.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2024.1 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2024.1 7 | -------------------------------------------------------------------------------- /releasenotes/source/2024.2.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2024.2 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2024.2 7 | -------------------------------------------------------------------------------- /releasenotes/source/2025.1.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2025.1 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2025.1 7 | -------------------------------------------------------------------------------- /releasenotes/source/2025.2.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2025.2 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/2025.2 7 | -------------------------------------------------------------------------------- /releasenotes/source/ussuri.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | Ussuri Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: stable/ussuri 7 | -------------------------------------------------------------------------------- /releasenotes/notes/cleanup-watcher_clients-f84a02181142a249.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The deprecated ``watcher::api::watcher_clinet_*`` parameters have been 5 | removed. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/policy-enforce_new_defaults-985d95217cd2e7df.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::policy::enforce_new_defaults`` parameter has been 5 | added. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/wsgi_process_options-a4089bef3f83070f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Add parameter to apache_wsgi to allow overwrite 4 | and/or add additional wsgi process options. 5 | -------------------------------------------------------------------------------- /releasenotes/source/2023.1.rst: -------------------------------------------------------------------------------- 1 | =========================== 2 | 2023.1 Series Release Notes 3 | =========================== 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/2023.1 7 | -------------------------------------------------------------------------------- /releasenotes/notes/cache-backend-expiration-time-3bf5147ae4a4a192.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::cache::backend_expiration_time`` parameter has been 5 | added. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/cache-memcache-sasl-90ca4b3fd56d5ce6.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``watcher::cache`` class now supports options to allow memcached 5 | with SASL enabled. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/cache-opts-1d4d358b81b76d2c.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::cache`` class, to manage parameters of the oslo.cache 5 | library, has been added. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/enable_cancel_on_failover-aae8980cb5401411.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::rabbit_enable_cancel_on_failover`` parameter has been 5 | added. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/rabbit_transient_quorum_queue-4c6fe9818d502858.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::rabbit_transient_quorum_queue`` parameter has been 5 | added. 6 | -------------------------------------------------------------------------------- /releasenotes/source/pike.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Pike Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: stable/pike 7 | -------------------------------------------------------------------------------- /releasenotes/source/rocky.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Rocky Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: stable/rocky 7 | -------------------------------------------------------------------------------- /releasenotes/source/stein.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Stein Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: stable/stein 7 | -------------------------------------------------------------------------------- /releasenotes/source/victoria.rst: -------------------------------------------------------------------------------- 1 | ============================= 2 | Victoria Series Release Notes 3 | ============================= 4 | 5 | .. release-notes:: 6 | :branch: stable/victoria 7 | -------------------------------------------------------------------------------- /releasenotes/source/wallaby.rst: -------------------------------------------------------------------------------- 1 | ============================ 2 | Wallaby Series Release Notes 3 | ============================ 4 | 5 | .. release-notes:: 6 | :branch: unmaintained/wallaby 7 | -------------------------------------------------------------------------------- /releasenotes/notes/policy-dirs-b7655be6af895394.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | There is now a new policy_dirs parameter in the watcher::policy class, 5 | so one can set a custom path. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/update_watcher_client_project_name-abd703bec044d78d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - The default value for watcher::api::watcher_client_project_name is 4 | changed to 'services'. 5 | -------------------------------------------------------------------------------- /releasenotes/source/queens.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Queens Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: stable/queens 7 | -------------------------------------------------------------------------------- /releasenotes/notes/apache-headers-61aa1ceb5012239f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``watcher::wsgi::apache`` class now supports customizing 5 | request/response headers added by apache. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-auth_uri-90a44ad54c0d57bb.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The ``watcher::api::watcher_client_auth_uri`` parameter has been deprecated 5 | and has no effect. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/memcache_pool_flush_on_reconnect-ed66de4dc7486c80.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::cache::memcache_pool_flush_on_reconnect`` parameter has 5 | been added. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/remove_deprecated_keystone_revocation_cache_time_option-be8d023807173463.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - Deprecated keystone::authtoken::revocation_cache_time option has been removed. 4 | -------------------------------------------------------------------------------- /releasenotes/notes/ubuntu-noble-a96489e16f0995f0.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Ubuntu 24.04 is now formally supported. 5 | 6 | upgrade: 7 | - | 8 | Ubuntu 22.04 is no longer supported. 9 | -------------------------------------------------------------------------------- /releasenotes/source/ocata.rst: -------------------------------------------------------------------------------- 1 | =================================== 2 | Ocata Series Release Notes 3 | =================================== 4 | 5 | .. release-notes:: 6 | :branch: origin/stable/ocata 7 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_allow_insecure_clients-option-8440060a378c7306.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - allow_insecure_clients option is now deprecated for removal, the 4 | parameter has no effect. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_database_min_pool_size-option-8876b9fb67414556.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - database_min_pool_size option is now deprecated for removal, the 4 | parameter has no effect. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_revocation_cache_time_parameter-833ea914b2355a29.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - revocation_cache_time option is now deprecated for removal, the 4 | parameter has no effect. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_auth_uri_parameter-93fd3119f74b8769.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - auth_uri is deprecated and will be removed in a future release. 4 | Please use www_authenticate_uri instead. 5 | -------------------------------------------------------------------------------- /doc/requirements.txt: -------------------------------------------------------------------------------- 1 | # This is required for the docs build jobs 2 | sphinx>=3.5.1 # BSD 3 | openstackdocstheme>=2.2.7 # Apache-2.0 4 | 5 | # This is required for the releasenotes build jobs 6 | reno>=3.2.0 # Apache-2.0 7 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_rabbit_max_retries-8135a8723f235d61.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The configuration option ``rabbit_max_retries`` is now deprecated and 5 | will be removed in the future. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-deprecated-rabbit-params-a34e86d1c1d0a6fc.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The deprecated watcher::rpc_backend is now removed. Please use 5 | watcher::default_transport_url instead. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/add-use_journal-option-for-logging-99d82c6c8d195dcf.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Adds the use_journal option for configuring oslo.log. This will enable 5 | passing the logs to journald. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/queue_manager-and-stream_fanout-cbb3bebc082d2922.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``watcher`` class now has two new parameters 5 | ``rabbit_use_queue_manager`` and ``rabbit_stream_fanout``. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-service-validation-112f0bc7d169ad87.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The ``validate`` parameter and the ``validation_options`` parameter of 5 | the ``watcher::api`` class have been removed. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/service-role-552095bd1c9de70f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``watcher::keystone::auth`` class now adds the ``service`` role by 5 | default. Set the ``roles`` parameter not to add the role. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/add-pool_timeout-option-for-db-a72dd0ebec01c9c5.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Adds the pool_timeout option for configuring oslo.db. This will 5 | configure this value for pool_timeout with SQLAlchemy. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/add-user-domain-name-config-56c23698d3306ad0.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Add [watcher_clients_auth]/user_domain_name config parameter, 5 | this parameter is required to communicate to keystone v3. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/bug-1973316-01c21c61c865b3b5.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Validation of the deprecated ``watcher::api::watcher_client_password`` 5 | parameter has been removed and the parameter is no longer required. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/remove_deprecated_pki_related_options-a2c2fa2293718348.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The deprecated pki related options check_revocations_for_cached and 5 | hash_algorithms option has been removed. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_rpc_backend_parameter-afa0e60e3d5f87e0.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - watcher::rpc_backend is deprecated and will be removed in a future 4 | release. Please use watcher::default_transport_url instead. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/use-cinderv3-812bc19403fc73c2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | Default value of the ``watcher::cinder_client_api_version`` has been updated from 5 | ``2`` to ``3`` to use cinder v3 API instead of removed v2. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-rabbit_heartbeat_in_pthread-22181d3776e58738.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The ``watcher::rabbit_heartbeat_in_pthread`` parameter has been deprecated 5 | and will be removed in the future release. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_ensure_package_parameter-12a9e89713d6791f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - watcher::ensure_package is now deprecated and will be removed in the 4 | future release. Please use watcher::package_ensure instead. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_idle_timeout_parameter-b131e1bb6f927b3a.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - database_idle_timeout is deprecated and will be removed in a future 4 | release. Please use database_connection_recycle_time instead. 5 | -------------------------------------------------------------------------------- /releasenotes/notes/disable-apache-ssl-2599fd907b0ce8c2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Default value of the ``watcher::wsgi::apache::ssl`` parameter has been 5 | changed from ``true`` to ``false`` and now ssl is disabled by default. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/oslo_policy-enforce_scope-9b8d378dd3617f98.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::policy::enforce_scope`` parameter has been added to 5 | support the corresponding parameter in oslo.policy library. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/ubuntu-jammy-e0d33aca769dcf1d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | This module now supports Ubuntu 22.04 (Jammy Jellyfish). 5 | 6 | upgrade: 7 | - | 8 | This module no longer supports Ubuntu 20.04 (Focal Fossa). 9 | -------------------------------------------------------------------------------- /releasenotes/notes/wsgi-use-workers-02a0232bf3aac3fe.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | In wsgi configuration, now workers is used to define concurrency by default 5 | instead of threads, to be consistent with the other puppet modules. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-default_domain_name-b29df5955675de28.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The ``watcher::api::watcher_client_default_domain_name`` parameter has been 5 | deprecated. The parameter has never been used actually. 6 | -------------------------------------------------------------------------------- /spec/shared_examples.rb: -------------------------------------------------------------------------------- 1 | shared_examples_for "a Puppet::Error" do |description| 2 | it "with message matching #{description.inspect}" do 3 | expect { is_expected.to have_class_count(1) }.to raise_error(Puppet::Error, description) 4 | end 5 | end 6 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-service-validation-a8d7f27af3981c1a.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The service validation feature of the ``watcher::api`` class is deprecated, 5 | and the ``watcher::api::validate`` parameter has no effect now. 6 | -------------------------------------------------------------------------------- /.zuul.yaml: -------------------------------------------------------------------------------- 1 | - project: 2 | templates: 3 | - puppet-openstack-check-jobs 4 | - puppet-openstack-module-unit-jobs 5 | - puppet-openstack-integration-jobs-scenario001 6 | - puppet-openstack-litmus-jobs 7 | - release-notes-jobs-python3 8 | -------------------------------------------------------------------------------- /releasenotes/notes/keystone-authtoken-service_type-276f4e9509781776.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::keystone::authtoken::service_type`` parameter has been 5 | added to configure the service_type parameter in authtoken middleware. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/decision-engine-max-workers-f8a17184c10e65c3.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``watcher::decision_engine`` class now supports the following two new 5 | parameters. 6 | 7 | - ``max_audit_workers`` 8 | - ``max_general_workers`` 9 | -------------------------------------------------------------------------------- /releasenotes/notes/keystone-authtoken-interface-7148ae51c1971a27.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::keystone::authtoken::interface`` parameter has been added, 5 | which can be used to set the interface parameter in authtoken middleware. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/cron-db_purge-43ea67b564185d97.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::cron::db_purge`` class has been added. This class can be 5 | used to configure cron job to periodically purge deleted or orphaned 6 | objects from database. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/drop-hardcoded-log_file-3f656a530073379f.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | fixes: 3 | - | 4 | The ``watcher::logging::log_file`` now defaults to the os_service_default 5 | fact so that log file name is determined automatically accoridng to 6 | the process names. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-removed-clients-c25c4899964144e2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The following classes are now deprecated and will be removed in a future 5 | release. 6 | 7 | - ``watcher::glance_client`` 8 | - ``watcher::neutron_client`` 9 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-decision_engine_workers-0537dc11fb0aee19.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The ``watcher::decision_engine::decision_engine_workers`` parameter has 5 | been deprecated and has no effect now. It will be removed in a future 6 | release. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/default_domain-b1fb03d5e12a9f7d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | issues: 3 | - | 4 | Keystone v2.0 API was removed so we need to set a default value 5 | for user_domain_name and project_domain name, which will be 6 | Default as it is already in some other classes in modules. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/new-client-9f675a778c7da5b0.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The following new classes have been added. 5 | 6 | - ``watcher::gnocchi_client`` 7 | - ``watcher::ironic_client`` 8 | - ``watcher::keystone_client`` 9 | - ``watcher::placement_client`` 10 | -------------------------------------------------------------------------------- /releasenotes/notes/prepare-to-change-apache-ssl-27faed5d04d1d5fa.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Default value of the ``watcher::wsgi::apache::ssl`` parameter will be 5 | changed from ``true`` to ``false`` in a future release. Make sure 6 | the parameter is set to the desired value. 7 | -------------------------------------------------------------------------------- /lib/puppet/provider/watcher_config/openstackconfig.rb: -------------------------------------------------------------------------------- 1 | Puppet::Type.type(:watcher_config).provide( 2 | :openstackconfig, 3 | :parent => Puppet::Type.type(:openstack_config).provider(:ruby) 4 | ) do 5 | 6 | def self.file_path 7 | '/etc/watcher/watcher.conf' 8 | end 9 | 10 | end 11 | -------------------------------------------------------------------------------- /releasenotes/notes/change_nova_api_version_default-f372441622a9ebd2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | other: 3 | - | 4 | Integer based api_version is no longer supported since 5 | https://review.opendev.org/#/c/659194/. It's good to rely 6 | on watcher service default to configure [nova_client]/api_version. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/default-bind_host-7ab540eba59c4135.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | Default value of the ``watcher::api::bind_host`` parameter has been changed 5 | from ``0.0.0.0`` to the service default(``127.0.0.1``). The parameter 6 | should be configured propelry during upgrade. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/rabbitmq-heartbeat-over-pthread-a074c263f0b7469d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Allow users to run the RabbitMQ heartbeat over a native python thread in the 5 | oslo.messaging RabbitMQ driver, by using the `rabbit_heartbeat_in_pthread` 6 | option in configuration. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate_pki_related_parameters-bc2f6013b96eaeeb.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - check_revocations_for_cached option is now deprecated for removal, the 4 | parameter has no effect. 5 | - hash_algorithms option is now deprecated for removal, the parameter 6 | has no effect. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/httpd-logs-piped-syslog-bab044bf788d548d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Added parameters for advanced configuration of httpd access and error log 5 | destinations including piped logging and syslog (see `mod_syslog`). Note 6 | that mod_syslog requires Apache2 >= 2.5.0. 7 | -------------------------------------------------------------------------------- /releasenotes/notes/service_token_roles_required-a4f14cc2f29c8c12.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - Service_token_roles_required missing in the server config file which 4 | allows backwards compatibility to ensure that the service tokens are 5 | compared against a list of possible roles for validity. 6 | -------------------------------------------------------------------------------- /releasenotes/notes/policy_purge_config-2adf94616be63444.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | Adds new purge_config parameter. When set to true, the policy file is 5 | cleared during configuration process. This allows to remove any existing 6 | rules before applying them or clean the file when all policies got removed. 7 | -------------------------------------------------------------------------------- /tox.ini: -------------------------------------------------------------------------------- 1 | [tox] 2 | minversion = 3.1 3 | envlist = releasenotes 4 | 5 | [testenv:releasenotes] 6 | deps = -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master} 7 | -r{toxinidir}/doc/requirements.txt 8 | commands = sphinx-build -a -E -W -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html 9 | -------------------------------------------------------------------------------- /releasenotes/notes/cleanup-api-opts-c078c50c79a004c1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The following parameters of the ``watcher::api`` class have been removed. 5 | 6 | - ``watcher_api_port`` 7 | - ``watcher_api_max_limit`` 8 | - ``watcher_api_bind_host`` 9 | - ``watcher_api_workers`` 10 | - ``watcher_api_enable_ssl_api`` 11 | 12 | -------------------------------------------------------------------------------- /releasenotes/notes/cache-rename-hashclient-params-b72c48b3242cb61d.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The ``watcher::cache::hashclient_retry_delay`` parameter was deprecated 5 | in favor of the new ``hashclient_retry_timeout`` parameter. 6 | - | 7 | The ``watcher::cache::dead_timeout`` parameter was deprecated in favor 8 | of the new ``hashclient_dead_timeout`` parameter. 9 | -------------------------------------------------------------------------------- /releasenotes/notes/cache-redis-opts-38d736d94ef2b6e1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``watcher::cache`` class now supports the following new options for 5 | Redis backend and Redis Sentinel backend. 6 | 7 | - ``redis_server`` 8 | - ``redis_username`` 9 | - ``redis_password`` 10 | - ``redis_sentinels`` 11 | - ``redis_socket_timeout`` 12 | - ``redis_sentinel_service_name`` 13 | -------------------------------------------------------------------------------- /releasenotes/notes/client-classes-e167f5676c4888d1.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The following new class have been added. 5 | 6 | - ``watcher::cinder_client`` 7 | - ``watcher::glance_client`` 8 | - ``watcher::neutron_client`` 9 | - ``watcher::nova_client`` 10 | 11 | deprecations: 12 | - | 13 | The ``watcher::_client_api_version`` parameters have been 14 | deprecated in favor of the new ``watcher::_client`` classes. 15 | -------------------------------------------------------------------------------- /bindep.txt: -------------------------------------------------------------------------------- 1 | # This is a cross-platform list tracking distribution packages needed by tests; 2 | # see https://docs.openstack.org/infra/bindep/ for additional information. 3 | 4 | libxml2-devel [test platform:rpm] 5 | libxml2-dev [test platform:dpkg] 6 | libxslt-devel [test platform:rpm] 7 | libxslt1-dev [test platform:dpkg] 8 | ruby-devel [test platform:rpm] 9 | ruby-dev [test platform:dpkg] 10 | zlib1g-dev [test platform:dpkg] 11 | zlib-devel [test platform:rpm] 12 | puppet [build] 13 | -------------------------------------------------------------------------------- /releasenotes/notes/rename-api-opts-e954f36e0ee0e49b.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The following parameters of the ``watcher::api`` class have been deprecaed. 5 | 6 | - ``watcher_api_port`` (replaced by ``port``) 7 | - ``watcher_api_max_limit`` (replaced by ``max_limit``) 8 | - ``watcher_api_bind_host`` (replaced by ``bind_host``) 9 | - ``watcher_api_workers`` (replaced by ``workers``) 10 | - ``watcher_api_enable_ssl_api`` (replaced by ``enable_ssl_api``) 11 | -------------------------------------------------------------------------------- /releasenotes/notes/system_scope-keystone-54ba872a490ebc74.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The ``system_scope`` parameter has been added to 5 | the ``watcher::keystone::authtoken`` class. 6 | 7 | - | 8 | The ``watcher::keystone::auth`` class now supports customizing roles 9 | assigned to the watcher service user. 10 | 11 | - | 12 | The ``watcher::keystone::auth`` class now supports defining assignmet of 13 | system-scoped roles to the watcher service user. 14 | -------------------------------------------------------------------------------- /releasenotes/notes/remove-deprecated-params-78073b78bf60b01b.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | upgrade: 3 | - | 4 | The rpc_cast_timeout, rpc_poll_timeout, rpc_zmq_bind_address, 5 | rpc_zmq_bind_port_retries, rpc_zmq_concurrency, rpc_zmq_contexts, 6 | rpc_zmq_host, rpc_zmq_ipc_dir, rpc_zmq_matchmaker, 7 | rpc_zmq_max_port, rpc_zmq_min_port, rpc_zmq_topic_backlog, use_pub_sub 8 | and zmq_target_expire parameters in watcher init class is removed. 9 | - | 10 | The database_min_pool_size parameter in watcher::db class is removed. 11 | -------------------------------------------------------------------------------- /examples/init.pp: -------------------------------------------------------------------------------- 1 | # The baseline for module testing used by Puppet Inc. is that each manifest 2 | # should have a corresponding test manifest that declares that class or defined 3 | # type. 4 | # 5 | # Tests are then run by using puppet apply --noop (to check for compilation 6 | # errors and view a log of events) or by fully applying the test in a virtual 7 | # environment (to compare the resulting system state to the desired state). 8 | # 9 | # Learn more about module testing here: 10 | # https://puppet.com/docs/puppet/latest/bgtm.html#testing-your-module 11 | # 12 | include watcher 13 | -------------------------------------------------------------------------------- /releasenotes/notes/release-note-ubuntu-py3-1e6f7db20e3428b0.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | prelude: > 3 | In this release Ubuntu has moved all projects that supported it to python3 4 | which means that there will be a lot of changes. The Puppet OpenStack project 5 | does not test the upgrade path from python2 to python3 packages so there might 6 | be manual steps required when moving to the python3 packages. 7 | upgrade: 8 | - | 9 | Ubuntu packages are now using python3, the upgrade path is not tested by 10 | Puppet OpenStack. Manual steps may be required when upgrading. 11 | -------------------------------------------------------------------------------- /releasenotes/source/index.rst: -------------------------------------------------------------------------------- 1 | ======================================== 2 | Welcome to puppet-watcher Release Notes! 3 | ======================================== 4 | 5 | Contents 6 | ======== 7 | 8 | .. toctree:: 9 | :maxdepth: 2 10 | 11 | unreleased 12 | 2025.2 13 | 2025.1 14 | 2024.2 15 | 2024.1 16 | 2023.2 17 | 2023.1 18 | zed 19 | yoga 20 | xena 21 | wallaby 22 | victoria 23 | ussuri 24 | train 25 | stein 26 | rocky 27 | queens 28 | pike 29 | ocata 30 | 31 | 32 | Indices and tables 33 | ================== 34 | 35 | * :ref:`genindex` 36 | * :ref:`search` 37 | -------------------------------------------------------------------------------- /manifests/client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::client 2 | # 3 | # Installs the watcher python library. 4 | # 5 | # === Parameters: 6 | # 7 | # [*ensure*] 8 | # (Optional) Ensure state for pachage. 9 | # Defaults to 'present'. 10 | # 11 | class watcher::client ( 12 | Stdlib::Ensure::Package $ensure = 'present', 13 | ) { 14 | include watcher::deps 15 | include watcher::params 16 | 17 | package { 'python-watcherclient': 18 | ensure => $ensure, 19 | name => $watcher::params::client_package_name, 20 | tag => ['openstack', 'openstackclient'], 21 | } 22 | 23 | include openstacklib::openstackclient 24 | } 25 | -------------------------------------------------------------------------------- /releasenotes/notes/deprecate-zmq-87517d8c3abef0dd.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | deprecations: 3 | - | 4 | The following ZeroMQ related parameters has been deprecated in ::watcher, 5 | has no effect and will be removed in the next release: 6 | 7 | - ``rpc_cast_timeout`` 8 | - ``rpc_poll_timeout`` 9 | - ``rpc_zmq_bind_address`` 10 | - ``rpc_zmq_port_retries`` 11 | - ``rpc_zmq_concurrency`` 12 | - ``rpc_zmq_contexts`` 13 | - ``rpc_zmq_host`` 14 | - ``rpc_zmq_ipc_dir`` 15 | - ``rpc_zmq_matchmaker`` 16 | - ``rpc_zmq_max_port`` 17 | - ``rpc_zmq_min_port`` 18 | - ``rpc_zmq_topic_backlog`` 19 | - ``use_pub_sub`` 20 | - ``zmq_target_expire`` 21 | -------------------------------------------------------------------------------- /CONTRIBUTING.rst: -------------------------------------------------------------------------------- 1 | The source repository for this project can be found at: 2 | 3 | https://opendev.org/openstack/puppet-watcher 4 | 5 | Pull requests submitted through GitHub are not monitored. 6 | 7 | To start contributing to OpenStack, follow the steps in the contribution guide 8 | to set up and use Gerrit: 9 | 10 | https://docs.openstack.org/contributors/code-and-documentation/quick-start.html 11 | 12 | Bugs should be filed on Launchpad: 13 | 14 | https://bugs.launchpad.net/puppet-watcher 15 | 16 | For more specific information about contributing to this repository, see the 17 | Puppet OpenStack contributor guide: 18 | 19 | https://docs.openstack.org/puppet-openstack-guide/latest/contributor/contributing.html 20 | -------------------------------------------------------------------------------- /releasenotes/notes/watcher_clients_auth-49c8642cf6384a95.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | features: 3 | - | 4 | The new ``watcher::watcher_clients_auth`` class has been added. 5 | 6 | deprecations: 7 | - | 8 | The following parameters of the ``watcher::api`` class have been 9 | deprecated in favor of the new ``watcher::watcher_clients_auth`` class. 10 | 11 | - ``watcher_client_password`` 12 | - ``watcher_client_username`` 13 | - ``watcher_client_auth_url`` 14 | - ``watcher_client_user_domain_name`` 15 | - ``watcher_client_project_domain_name`` 16 | - ``watcher_client_insecure`` 17 | - ``watcher_client_keyfile`` 18 | - ``watcher_client_certfile`` 19 | - ``watcher_client_cafile`` 20 | - ``watcher_client_auth_type`` 21 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Add patterns in here to exclude files created by tools integrated with this 2 | # repository, such as test frameworks from the project's recommended workflow, 3 | # rendered documentation and package builds. 4 | # 5 | # Don't add patterns to exclude files created by preferred personal tools 6 | # (editors, IDEs, your operating system itself even). These should instead be 7 | # maintained outside the repository, for example in a ~/.gitignore file added 8 | # with: 9 | # 10 | # git config --global core.excludesfile '~/.gitignore' 11 | 12 | pkg/ 13 | Gemfile.lock 14 | vendor/ 15 | spec/fixtures/ 16 | .vagrant/ 17 | .bundle/ 18 | coverage/ 19 | .idea/ 20 | *.iml 21 | /openstack 22 | /log 23 | 24 | # Files created by releasenotes build 25 | releasenotes/build 26 | .tox 27 | -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- 1 | # Load libraries here to simulate how they live together in a real puppet run (for provider unit tests) 2 | $LOAD_PATH.push(File.join(File.dirname(__FILE__), 'fixtures', 'modules', 'inifile', 'lib')) 3 | $LOAD_PATH.push(File.join(File.dirname(__FILE__), 'fixtures', 'modules', 'openstacklib', 'lib')) 4 | require 'puppetlabs_spec_helper/module_spec_helper' 5 | require 'shared_examples' 6 | require 'puppet-openstack_spec_helper/facts' 7 | 8 | fixture_path = File.expand_path(File.join(File.dirname(__FILE__), 'fixtures')) 9 | 10 | RSpec.configure do |c| 11 | c.alias_it_should_behave_like_to :it_configures, 'configures' 12 | c.alias_it_should_behave_like_to :it_raises, 'raises' 13 | 14 | c.module_path = File.join(fixture_path, 'modules') 15 | end 16 | 17 | at_exit { RSpec::Puppet::Coverage.report! } 18 | -------------------------------------------------------------------------------- /manifests/keystone_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::keystone_client 2 | # 3 | # Configure the keystone_client options 4 | # 5 | # === Parameters 6 | # 7 | # [*endpoint_type*] 8 | # (Optional) Type of endpoint to use in keystoneclient. 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*region_name*] 12 | # (Optional) Region in Identify service catalog to use for communication 13 | # with the OpenStack service. 14 | # Defaults to $facts['os_service_default']. 15 | # 16 | class watcher::keystone_client ( 17 | $endpoint_type = $facts['os_service_default'], 18 | $region_name = $facts['os_service_default'], 19 | ) { 20 | include watcher::deps 21 | include watcher::params 22 | 23 | watcher_config { 24 | 'keystone_client/endpoint_type': value => $endpoint_type; 25 | 'keystone_client/region_name': value => $region_name; 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /.pdkignore: -------------------------------------------------------------------------------- 1 | # common list used in puppetlabs repos 2 | .git/ 3 | .*.sw[op] 4 | .metadata 5 | .yardoc 6 | .yardwarns 7 | *.iml 8 | /.bundle/ 9 | /.idea/ 10 | /.vagrant/ 11 | /coverage/ 12 | /bin/ 13 | /doc/ 14 | /Gemfile.local 15 | /Gemfile.lock 16 | /junit/ 17 | /log/ 18 | /pkg/ 19 | /spec/fixtures/manifests/ 20 | /spec/fixtures/modules/* 21 | /tmp/ 22 | /vendor/ 23 | /convert_report.txt 24 | /update_report.txt 25 | .DS_Store 26 | .project 27 | .envrc 28 | /inventory.yaml 29 | /spec/fixtures/litmus_inventory.yaml 30 | /.fixtures.yml 31 | /Gemfile 32 | /.gitattributes 33 | /.gitignore 34 | /.pdkignore 35 | /.puppet-lint.rc 36 | /Rakefile 37 | /rakelib/ 38 | /.rspec 39 | /..yml 40 | /.yardopts 41 | /spec/ 42 | /.vscode/ 43 | /.sync.yml 44 | /.devcontainer/ 45 | # OpenStack-specific files 46 | /bindep.txt 47 | /.gitreview 48 | /releasenotes/ 49 | /setup.cfg 50 | /setup.py 51 | /tox.ini 52 | /.zuul.yaml 53 | -------------------------------------------------------------------------------- /manifests/config.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::config 2 | # 3 | # This class is used to manage arbitrary watcher configurations. 4 | # 5 | # === Parameters 6 | # 7 | # [*watcher_config*] 8 | # (optional) Allow configuration of arbitrary watcher configurations. 9 | # The value is an hash of watcher_config resources. Example: 10 | # { 'DEFAULT/foo' => { value => 'fooValue'}, 11 | # 'DEFAULT/bar' => { value => 'barValue'} 12 | # } 13 | # In yaml format, Example: 14 | # watcher_config: 15 | # DEFAULT/foo: 16 | # value: fooValue 17 | # DEFAULT/bar: 18 | # value: barValue 19 | # 20 | # NOTE: The configuration MUST NOT be already handled by this module 21 | # or Puppet catalog compilation will fail with duplicate resources. 22 | # 23 | class watcher::config ( 24 | Hash $watcher_config = {}, 25 | ) { 26 | include watcher::deps 27 | 28 | create_resources('watcher_config', $watcher_config) 29 | } 30 | -------------------------------------------------------------------------------- /manifests/db/create_schema.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Class to execute watcher-db-manage create_schema 3 | # 4 | # == Parameters 5 | # 6 | # [*extra_params*] 7 | # (Optional) String of extra command line parameters to append 8 | # to the watcher-db-manage create_schema command. 9 | # Defaults to '' 10 | # 11 | class watcher::db::create_schema ( 12 | $extra_params = '', 13 | ) { 14 | include watcher::deps 15 | include watcher::params 16 | 17 | exec { 'watcher-db-manage-create_schema': 18 | command => "watcher-db-manage ${extra_params} create_schema", 19 | path => '/usr/bin', 20 | user => $watcher::params::user, 21 | refreshonly => true, 22 | try_sleep => 5, 23 | tries => 10, 24 | logoutput => on_failure, 25 | subscribe => [ 26 | Anchor['watcher::install::end'], 27 | Anchor['watcher::config::end'], 28 | Anchor['watcher::db::create_schema::begin'] 29 | ], 30 | notify => Anchor['watcher::db::create_schema::end'], 31 | tag => 'openstack-db', 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /manifests/cinder_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::cinder_client 2 | # 3 | # Configure the cinder_client options 4 | # 5 | # === Parameters 6 | # 7 | # [*api_version*] 8 | # (Optional) Version of Cinder API to use in cinderclient. 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*endpoint_type*] 12 | # (Optional) Type of endpoint to use in cinderclient. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*region_name*] 16 | # (Optional) Region in Identify service catalog to use for communication 17 | # with the OpenStack service. 18 | # Defaults to $facts['os_service_default']. 19 | # 20 | class watcher::cinder_client ( 21 | $api_version = $facts['os_service_default'], 22 | $endpoint_type = $facts['os_service_default'], 23 | $region_name = $facts['os_service_default'], 24 | ) { 25 | include watcher::deps 26 | 27 | watcher_config { 28 | 'cinder_client/api_version': value => $api_version; 29 | 'cinder_client/endpoint_type': value => $endpoint_type; 30 | 'cinder_client/region_name': value => $region_name; 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /manifests/db/upgrade.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Class to execute watcher-db-manage upgrade 3 | # It's because watcher-db-manage doesn't support sync db. 4 | # 5 | # == Parameters 6 | # 7 | # [*extra_params*] 8 | # (Optional) String of extra command line parameters to append 9 | # to the watcher-db-manage upgrade command. 10 | # Defaults to '' 11 | # 12 | class watcher::db::upgrade ( 13 | $extra_params = '', 14 | ) { 15 | include watcher::deps 16 | include watcher::params 17 | 18 | exec { 'watcher-db-manage-upgrade': 19 | command => "watcher-db-manage ${extra_params} upgrade", 20 | path => '/usr/bin', 21 | user => $watcher::params::user, 22 | refreshonly => true, 23 | try_sleep => 5, 24 | tries => 10, 25 | logoutput => on_failure, 26 | subscribe => [ 27 | Anchor['watcher::install::end'], 28 | Anchor['watcher::config::end'], 29 | Anchor['watcher::db::create_schema::end'], 30 | Anchor['watcher::db::upgrade::begin'] 31 | ], 32 | notify => Anchor['watcher::db::upgrade::end'], 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /manifests/nova_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::nova_client 2 | # 3 | # Configure the nova_client options 4 | # 5 | # === Parameters 6 | # 7 | # [*api_version*] 8 | # (Optional) Version of Nova API to use in novaclient. 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*endpoint_type*] 12 | # (Optional) Type of endpoint to use in novaclient. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*region_name*] 16 | # (Optional) Region in Identify service catalog to use for communication 17 | # with the OpenStack service. 18 | # Defaults to $facts['os_service_default']. 19 | # 20 | class watcher::nova_client ( 21 | $api_version = $facts['os_service_default'], 22 | $endpoint_type = $facts['os_service_default'], 23 | $region_name = $facts['os_service_default'], 24 | ) { 25 | include watcher::deps 26 | include watcher::params 27 | 28 | watcher_config { 29 | 'nova_client/api_version': value => $api_version; 30 | 'nova_client/endpoint_type': value => $endpoint_type; 31 | 'nova_client/region_name': value => $region_name; 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /manifests/datasources.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::datasources 2 | # 3 | # Configure the datasources options 4 | # 5 | # === Parameters 6 | # 7 | # [*datasources*] 8 | # (Optional) Datasources to use in order to query the needed metrics. 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*query_max_retries*] 12 | # (Optional) How many times Watcher is trying to query again. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*query_interval*] 16 | # (Optional) How many seconds Watcher should wait to do query again. 17 | # Defaults to $facts['os_service_default'] 18 | # 19 | class watcher::datasources ( 20 | $datasources = $facts['os_service_default'], 21 | $query_max_retries = $facts['os_service_default'], 22 | $query_interval = $facts['os_service_default'], 23 | ) { 24 | include watcher::deps 25 | 26 | watcher_config { 27 | 'datasources/datasources': value => join(any2array($datasources), ','); 28 | 'datasources/query_max_retries': value => $query_max_retries; 29 | 'datasources/query_interval': value => $query_interval; 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /manifests/collector.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::collector 2 | # 3 | # Configure the collector options 4 | # 5 | # === Parameters 6 | # 7 | # [*collector_plugins*] 8 | # (Optional) The cluster data model plugin names 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*api_query_retries*] 12 | # (Optional) Number of retries before giving up on external service queries. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*api_query_interval*] 16 | # (Optional) How many seconds Watcher should wait to do query again. 17 | # Defaults to $facts['os_service_default'] 18 | # 19 | class watcher::collector ( 20 | $collector_plugins = $facts['os_service_default'], 21 | $api_query_retries = $facts['os_service_default'], 22 | $api_query_interval = $facts['os_service_default'], 23 | ) { 24 | include watcher::deps 25 | 26 | watcher_config { 27 | 'collector/collector_plugins': value => join(any2array($collector_plugins), ','); 28 | 'collector/api_query_retries': value => $api_query_retries; 29 | 'collector/api_query_interval': value => $api_query_interval; 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /manifests/ironic_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::ironic_client 2 | # 3 | # Configure the ironic_client options 4 | # 5 | # === Parameters 6 | # 7 | # [*api_version*] 8 | # (Optional) Version of Ironic API to use in ironicclient. 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*endpoint_type*] 12 | # (Optional) Type of endpoint to use in ironicclient. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*region_name*] 16 | # (Optional) Region in Identify service catalog to use for communication 17 | # with the OpenStack service. 18 | # Defaults to $facts['os_service_default']. 19 | # 20 | class watcher::ironic_client ( 21 | $api_version = $facts['os_service_default'], 22 | $endpoint_type = $facts['os_service_default'], 23 | $region_name = $facts['os_service_default'], 24 | ) { 25 | include watcher::deps 26 | include watcher::params 27 | 28 | watcher_config { 29 | 'ironic_client/api_version': value => $api_version; 30 | 'ironic_client/endpoint_type': value => $endpoint_type; 31 | 'ironic_client/region_name': value => $region_name; 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /spec/acceptance/10_basic_watcher_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper_acceptance' 2 | 3 | describe 'basic watcher' do 4 | 5 | context 'default parameters' do 6 | 7 | it 'should work with no errors' do 8 | pp= <<-EOS 9 | include openstack_integration 10 | include openstack_integration::repos 11 | include openstack_integration::apache 12 | include openstack_integration::rabbitmq 13 | include openstack_integration::mysql 14 | include openstack_integration::memcached 15 | include openstack_integration::keystone 16 | 17 | include openstack_integration::watcher 18 | EOS 19 | 20 | # Run it twice and test for idempotency 21 | apply_manifest(pp, :catch_failures => true) 22 | apply_manifest(pp, :catch_changes => true) 23 | end 24 | 25 | describe port(9322) do 26 | it { is_expected.to be_listening } 27 | end 28 | 29 | describe cron do 30 | it { is_expected.to have_entry('1 0 * * * watcher-db-manage purge -d 30 >>/var/log/watcher/watcher-rowsflush.log 2>&1').with_user('watcher') } 31 | end 32 | end 33 | end 34 | -------------------------------------------------------------------------------- /manifests/gnocchi_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::gnocchi_client 2 | # 3 | # Configure the gnocchi_client options 4 | # 5 | # === Parameters 6 | # 7 | # [*api_version*] 8 | # (Optional) Version of Gnocchi API to use in gnocchiclient. 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*endpoint_type*] 12 | # (Optional) Type of endpoint to use in gnocchiclient. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*region_name*] 16 | # (Optional) Region in Identify service catalog to use for communication 17 | # with the OpenStack service. 18 | # Defaults to $facts['os_service_default']. 19 | # 20 | class watcher::gnocchi_client ( 21 | $api_version = $facts['os_service_default'], 22 | $endpoint_type = $facts['os_service_default'], 23 | $region_name = $facts['os_service_default'], 24 | ) { 25 | include watcher::deps 26 | include watcher::params 27 | 28 | watcher_config { 29 | 'gnocchi_client/api_version': value => $api_version; 30 | 'gnocchi_client/endpoint_type': value => $endpoint_type; 31 | 'gnocchi_client/region_name': value => $region_name; 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /manifests/placement_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::placement_client 2 | # 3 | # Configure the placement_client options 4 | # 5 | # === Parameters 6 | # 7 | # [*api_version*] 8 | # (Optional) Microversion of placement API when using placement service. 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*interface*] 12 | # (Optional) Type of endpoint when using placement service. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*region_name*] 16 | # (Optional) Region in Identify service catalog to use for communication 17 | # with the OpenStack service. 18 | # Defaults to $facts['os_service_default']. 19 | # 20 | class watcher::placement_client ( 21 | $api_version = $facts['os_service_default'], 22 | $interface = $facts['os_service_default'], 23 | $region_name = $facts['os_service_default'], 24 | ) { 25 | include watcher::deps 26 | include watcher::params 27 | 28 | watcher_config { 29 | 'placement_client/api_version': value => $api_version; 30 | 'placement_client/interface': value => $interface; 31 | 'placement_client/region_name': value => $region_name; 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /manifests/deps.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::deps 2 | # 3 | # watcher anchors and dependency management 4 | # 5 | class watcher::deps { 6 | anchor { 'watcher::install::begin': } 7 | -> Package<| tag == 'watcher-package'|> 8 | ~> anchor { 'watcher::install::end': } 9 | -> anchor { 'watcher::config::begin': } 10 | -> Watcher_config<||> 11 | ~> anchor { 'watcher::config::end': } 12 | ~> anchor { 'watcher::db::begin': } 13 | ~> anchor { 'watcher::db::end': } 14 | ~> anchor { 'watcher::db::create_schema::begin': } 15 | ~> anchor { 'watcher::db::create_schema::end': } 16 | ~> anchor { 'watcher::db::upgrade::begin': } 17 | ~> anchor { 'watcher::db::upgrade::end': } 18 | ~> anchor { 'watcher::service::begin': } 19 | ~> Service<| tag == 'watcher-service' |> 20 | ~> anchor { 'watcher::service::end': } 21 | 22 | Anchor['watcher::install::end'] ~> Anchor['watcher::service::begin'] 23 | Anchor['watcher::config::end'] ~> Anchor['watcher::service::begin'] 24 | 25 | anchor { 'watcher-start': 26 | require => Anchor['watcher::install::end'], 27 | before => Anchor['watcher::config::begin'], 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /manifests/reports.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::reports 2 | # 3 | # Configure oslo_reports options 4 | # 5 | # === Parameters 6 | # 7 | # [*log_dir*] 8 | # (Optional) Path to a log directory where to create a file 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*file_event_handler*] 12 | # (Optional) The path to a file to watch for changes to trigger the reports. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*file_event_handler_interval*] 16 | # (Optional) How many seconds to wait between pools when file_event_handler 17 | # is set. 18 | # Defaults to $facts['os_service_default'] 19 | # 20 | class watcher::reports ( 21 | $log_dir = $facts['os_service_default'], 22 | $file_event_handler = $facts['os_service_default'], 23 | $file_event_handler_interval = $facts['os_service_default'], 24 | ) { 25 | include watcher::deps 26 | 27 | oslo::reports { 'watcher_config': 28 | log_dir => $log_dir, 29 | file_event_handler => $file_event_handler, 30 | file_event_handler_interval => $file_event_handler_interval, 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /manifests/glance_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::glance_client 2 | # 3 | # DEPRECATED !! 4 | # Configure the glance_client options 5 | # 6 | # === Parameters 7 | # 8 | # [*api_version*] 9 | # (Optional) Version of Glance API to use in glanceclient. 10 | # Defaults to $facts['os_service_default'] 11 | # 12 | # [*endpoint_type*] 13 | # (Optional) Type of endpoint to use in glanceclient. 14 | # Defaults to $facts['os_service_default'] 15 | # 16 | # [*region_name*] 17 | # (Optional) Region in Identify service catalog to use for communication 18 | # with the OpenStack service. 19 | # Defaults to $facts['os_service_default']. 20 | # 21 | class watcher::glance_client ( 22 | $api_version = $facts['os_service_default'], 23 | $endpoint_type = $facts['os_service_default'], 24 | $region_name = $facts['os_service_default'], 25 | ) { 26 | warning('the watcher::glance_client class is deprecated') 27 | 28 | include watcher::deps 29 | include watcher::params 30 | 31 | watcher_config { 32 | 'glance_client/api_version': value => $api_version; 33 | 'glance_client/endpoint_type': value => $endpoint_type; 34 | 'glance_client/region_name': value => $region_name; 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /spec/classes/watcher_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::client' do 4 | 5 | shared_examples_for 'watcher client' do 6 | 7 | it { is_expected.to contain_class('watcher::deps') } 8 | it { is_expected.to contain_class('watcher::params') } 9 | 10 | it 'installs watcher client package' do 11 | is_expected.to contain_package('python-watcherclient').with( 12 | :ensure => 'present', 13 | :name => platform_params[:client_package_name], 14 | :tag => ['openstack', 'openstackclient'], 15 | ) 16 | end 17 | end 18 | 19 | on_supported_os({ 20 | :supported_os => OSDefaults.get_supported_os 21 | }).each do |os,facts| 22 | context "on #{os}" do 23 | let (:facts) do 24 | facts.merge!(OSDefaults.get_facts()) 25 | end 26 | 27 | let(:platform_params) do 28 | case facts[:os]['family'] 29 | when 'Debian' 30 | { :client_package_name => 'python3-watcherclient' } 31 | when 'RedHat' 32 | { :client_package_name => 'python3-watcherclient' } 33 | end 34 | end 35 | 36 | it_behaves_like 'watcher client' 37 | end 38 | end 39 | 40 | end 41 | -------------------------------------------------------------------------------- /manifests/neutron_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::neutron_client 2 | # 3 | # DEPRECATED !! 4 | # Configure the neutron_client options 5 | # 6 | # === Parameters 7 | # 8 | # [*api_version*] 9 | # (Optional) Version of Neutron API to use in neutronclient. 10 | # Defaults to $facts['os_service_default'] 11 | # 12 | # [*endpoint_type*] 13 | # (Optional) Type of endpoint to use in neutronclient. 14 | # Defaults to $facts['os_service_default'] 15 | # 16 | # [*region_name*] 17 | # (Optional) Region in Identify service catalog to use for communication 18 | # with the OpenStack service. 19 | # Defaults to $facts['os_service_default']. 20 | # 21 | class watcher::neutron_client ( 22 | $api_version = $facts['os_service_default'], 23 | $endpoint_type = $facts['os_service_default'], 24 | $region_name = $facts['os_service_default'], 25 | ) { 26 | warning('The watcher::glance_client class is deprecated') 27 | 28 | include watcher::deps 29 | include watcher::params 30 | 31 | watcher_config { 32 | 'neutron_client/api_version': value => $api_version; 33 | 'neutron_client/endpoint_type': value => $endpoint_type; 34 | 'neutron_client/region_name': value => $region_name; 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- 1 | source ENV['GEM_SOURCE'] || "https://rubygems.org" 2 | 3 | group :development, :test, :system_tests do 4 | spec_helper_dir = '/home/zuul/src/opendev.org/openstack/puppet-openstack_spec_helper' 5 | if File.directory?(spec_helper_dir) 6 | if ENV['ZUUL_PROJECT'] == 'openstack/puppet-openstack_spec_helper' 7 | gem 'puppet-openstack_spec_helper', 8 | :path => '../..', 9 | :require => 'false' 10 | else 11 | gem 'puppet-openstack_spec_helper', 12 | :path => spec_helper_dir, 13 | :require => 'false' 14 | end 15 | else 16 | spec_helper_version = ENV['ZUUL_BRANCH'] || "master" 17 | gem 'puppet-openstack_spec_helper', 18 | :git => 'https://opendev.org/openstack/puppet-openstack_spec_helper', 19 | :ref => spec_helper_version, 20 | :require => 'false' 21 | end 22 | end 23 | 24 | if facterversion = ENV['FACTER_GEM_VERSION'] 25 | gem 'facter', facterversion, :require => false 26 | else 27 | gem 'facter', :require => false 28 | end 29 | 30 | if puppetversion = ENV['PUPPET_GEM_VERSION'] 31 | gem 'puppet', puppetversion, :require => false 32 | else 33 | gem 'puppet', :require => false 34 | end 35 | 36 | # vim:ft=ruby 37 | -------------------------------------------------------------------------------- /manifests/db/postgresql.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::db::postgresql 2 | # 3 | # Class that configures postgresql for watcher 4 | # Requires the Puppetlabs postgresql module. 5 | # 6 | # === Parameters 7 | # 8 | # [*password*] 9 | # (Required) Password to connect to the database. 10 | # 11 | # [*dbname*] 12 | # (Optional) Name of the database. 13 | # Defaults to 'watcher'. 14 | # 15 | # [*user*] 16 | # (Optional) User to connect to the database. 17 | # Defaults to 'watcher'. 18 | # 19 | # [*encoding*] 20 | # (Optional) The charset to use for the database. 21 | # Default to undef. 22 | # 23 | # [*privileges*] 24 | # (Optional) Privileges given to the database user. 25 | # Default to 'ALL' 26 | # 27 | class watcher::db::postgresql ( 28 | $password, 29 | $dbname = 'watcher', 30 | $user = 'watcher', 31 | $encoding = undef, 32 | $privileges = 'ALL', 33 | ) { 34 | include watcher::deps 35 | 36 | openstacklib::db::postgresql { 'watcher': 37 | password => $password, 38 | dbname => $dbname, 39 | user => $user, 40 | encoding => $encoding, 41 | privileges => $privileges, 42 | } 43 | 44 | Anchor['watcher::db::begin'] 45 | ~> Class['watcher::db::postgresql'] 46 | ~> Anchor['watcher::db::end'] 47 | } 48 | -------------------------------------------------------------------------------- /spec/classes/watcher_db_postgresql_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::db::postgresql' do 4 | 5 | let :pre_condition do 6 | 'include postgresql::server' 7 | end 8 | 9 | let :required_params do 10 | { :password => 'watcherpass' } 11 | end 12 | 13 | shared_examples_for 'watcher::db::postgresql' do 14 | context 'with only required parameters' do 15 | let :params do 16 | required_params 17 | end 18 | 19 | it { is_expected.to contain_class('watcher::deps') } 20 | 21 | it { is_expected.to contain_openstacklib__db__postgresql('watcher').with( 22 | :user => 'watcher', 23 | :password => 'watcherpass', 24 | :dbname => 'watcher', 25 | :encoding => nil, 26 | :privileges => 'ALL', 27 | )} 28 | end 29 | end 30 | 31 | on_supported_os({ 32 | :supported_os => OSDefaults.get_supported_os 33 | }).each do |os,facts| 34 | context "on #{os}" do 35 | let (:facts) do 36 | facts.merge!(OSDefaults.get_facts({ 37 | # puppet-postgresql requires the service_provider fact provided by 38 | # puppetlabs-postgresql. 39 | :service_provider => 'systemd' 40 | })) 41 | end 42 | 43 | it_behaves_like 'watcher::db::postgresql' 44 | end 45 | end 46 | end 47 | -------------------------------------------------------------------------------- /spec/classes/watcher_keystone_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::keystone_client' do 4 | 5 | shared_examples 'watcher::keystone_client' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('keystone_client/endpoint_type').with_value('') 13 | should contain_watcher_config('keystone_client/region_name').with_value('') 14 | end 15 | end 16 | 17 | context 'with parameters overridden' do 18 | let :params do 19 | { 20 | :endpoint_type => 'publicURL', 21 | :region_name => 'regionOne' 22 | } 23 | end 24 | 25 | it 'should set the overridden values' do 26 | should contain_watcher_config('keystone_client/endpoint_type').with_value('publicURL') 27 | should contain_watcher_config('keystone_client/region_name').with_value('regionOne') 28 | end 29 | end 30 | end 31 | 32 | on_supported_os({ 33 | :supported_os => OSDefaults.get_supported_os 34 | }).each do |os,facts| 35 | context "on #{os}" do 36 | let (:facts) do 37 | facts.merge!(OSDefaults.get_facts()) 38 | end 39 | it_behaves_like 'watcher::keystone_client' 40 | end 41 | end 42 | 43 | end 44 | -------------------------------------------------------------------------------- /spec/classes/watcher_reports_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::reports' do 4 | shared_examples 'watcher::reports' do 5 | context 'with default parameters' do 6 | it { 7 | is_expected.to contain_oslo__reports('watcher_config').with( 8 | :log_dir => '', 9 | :file_event_handler => '', 10 | :file_event_handler_interval => '', 11 | ) 12 | } 13 | end 14 | 15 | context 'with specified parameters' do 16 | let :params do 17 | { 18 | :log_dir => '/var/log/watcher', 19 | :file_event_handler => '/var/tmp/watcher/reports', 20 | :file_event_handler_interval => 1, 21 | } 22 | end 23 | 24 | it { 25 | is_expected.to contain_oslo__reports('watcher_config').with( 26 | :log_dir => '/var/log/watcher', 27 | :file_event_handler => '/var/tmp/watcher/reports', 28 | :file_event_handler_interval => 1, 29 | ) 30 | } 31 | end 32 | end 33 | 34 | on_supported_os({ 35 | :supported_os => OSDefaults.get_supported_os 36 | }).each do |os,facts| 37 | context "on #{os}" do 38 | let (:facts) do 39 | facts.merge(OSDefaults.get_facts()) 40 | end 41 | 42 | it_behaves_like 'watcher::reports' 43 | end 44 | end 45 | end 46 | -------------------------------------------------------------------------------- /spec/classes/watcher_nova_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::nova_client' do 4 | 5 | shared_examples 'watcher::nova_client' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('nova_client/api_version').with_value('') 13 | should contain_watcher_config('nova_client/endpoint_type').with_value('') 14 | should contain_watcher_config('nova_client/region_name').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :api_version => 2, 22 | :endpoint_type => 'publicURL', 23 | :region_name => 'regionOne' 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('nova_client/api_version').with_value(2) 29 | should contain_watcher_config('nova_client/endpoint_type').with_value('publicURL') 30 | should contain_watcher_config('nova_client/region_name').with_value('regionOne') 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::nova_client' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /spec/classes/watcher_cinder_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::cinder_client' do 4 | 5 | shared_examples 'watcher::cinder_client' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('cinder_client/api_version').with_value('') 13 | should contain_watcher_config('cinder_client/endpoint_type').with_value('') 14 | should contain_watcher_config('cinder_client/region_name').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :api_version => 3, 22 | :endpoint_type => 'publicURL', 23 | :region_name => 'regionOne' 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('cinder_client/api_version').with_value(3) 29 | should contain_watcher_config('cinder_client/endpoint_type').with_value('publicURL') 30 | should contain_watcher_config('cinder_client/region_name').with_value('regionOne') 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::cinder_client' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /spec/classes/watcher_glance_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::glance_client' do 4 | 5 | shared_examples 'watcher::glance_client' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('glance_client/api_version').with_value('') 13 | should contain_watcher_config('glance_client/endpoint_type').with_value('') 14 | should contain_watcher_config('glance_client/region_name').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :api_version => 2, 22 | :endpoint_type => 'publicURL', 23 | :region_name => 'regionOne' 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('glance_client/api_version').with_value(2) 29 | should contain_watcher_config('glance_client/endpoint_type').with_value('publicURL') 30 | should contain_watcher_config('glance_client/region_name').with_value('regionOne') 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::glance_client' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /spec/classes/watcher_ironic_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::ironic_client' do 4 | 5 | shared_examples 'watcher::ironic_client' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('ironic_client/api_version').with_value('') 13 | should contain_watcher_config('ironic_client/endpoint_type').with_value('') 14 | should contain_watcher_config('ironic_client/region_name').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :api_version => 1, 22 | :endpoint_type => 'publicURL', 23 | :region_name => 'regionOne' 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('ironic_client/api_version').with_value(1) 29 | should contain_watcher_config('ironic_client/endpoint_type').with_value('publicURL') 30 | should contain_watcher_config('ironic_client/region_name').with_value('regionOne') 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::ironic_client' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /spec/classes/watcher_collector_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::collector' do 4 | 5 | shared_examples 'watcher::collector' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('collector/collector_plugins').with_value('') 13 | should contain_watcher_config('collector/api_query_retries').with_value('') 14 | should contain_watcher_config('collector/api_query_interval').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :collector_plugins => ['compute', 'storage'], 22 | :api_query_retries => 10, 23 | :api_query_interval => 1, 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('collector/collector_plugins').with_value('compute,storage') 29 | should contain_watcher_config('collector/api_query_retries').with_value(10) 30 | should contain_watcher_config('collector/api_query_interval').with_value(1) 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::collector' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /spec/classes/watcher_gnocchi_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::gnocchi_client' do 4 | 5 | shared_examples 'watcher::gnocchi_client' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('gnocchi_client/api_version').with_value('') 13 | should contain_watcher_config('gnocchi_client/endpoint_type').with_value('') 14 | should contain_watcher_config('gnocchi_client/region_name').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :api_version => 1, 22 | :endpoint_type => 'publicURL', 23 | :region_name => 'regionOne' 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('gnocchi_client/api_version').with_value(1) 29 | should contain_watcher_config('gnocchi_client/endpoint_type').with_value('publicURL') 30 | should contain_watcher_config('gnocchi_client/region_name').with_value('regionOne') 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::gnocchi_client' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /spec/unit/provider/watcher_config/openstackconfig_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | provider_class = Puppet::Type.type(:watcher_config).provider(:openstackconfig) 3 | describe provider_class do 4 | 5 | it 'should default to the default setting when no other one is specified' do 6 | resource = Puppet::Type::Watcher_config.new( 7 | {:name => 'DEFAULT/foo', :value => 'bar'} 8 | ) 9 | provider = provider_class.new(resource) 10 | expect(provider.section).to eq('DEFAULT') 11 | expect(provider.setting).to eq('foo') 12 | end 13 | 14 | it 'should allow setting to be set explicitly' do 15 | resource = Puppet::Type::Watcher_config.new( 16 | {:name => 'dude/foo', :value => 'bar'} 17 | ) 18 | provider = provider_class.new(resource) 19 | expect(provider.section).to eq('dude') 20 | expect(provider.setting).to eq('foo') 21 | end 22 | 23 | it 'should ensure absent when is specified as a value' do 24 | resource = Puppet::Type::Watcher_config.new( 25 | {:name => 'dude/foo', :value => ''} 26 | ) 27 | provider = provider_class.new(resource) 28 | provider.exists? 29 | expect(resource[:ensure]).to eq :absent 30 | end 31 | 32 | it 'should ensure absent when value matches ensure_absent_val' do 33 | resource = Puppet::Type::Watcher_config.new( 34 | {:name => 'dude/foo', :value => 'foo', :ensure_absent_val => 'foo' } 35 | ) 36 | provider = provider_class.new(resource) 37 | provider.exists? 38 | expect(resource[:ensure]).to eq :absent 39 | end 40 | 41 | end 42 | -------------------------------------------------------------------------------- /spec/classes/watcher_datasources_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::datasources' do 4 | 5 | shared_examples 'watcher::datasources' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('datasources/datasources').with_value('') 13 | should contain_watcher_config('datasources/query_max_retries').with_value('') 14 | should contain_watcher_config('datasources/query_interval').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :datasources => ['gnocchi', 'prometheus'], 22 | :query_max_retries => 10, 23 | :query_interval => 0, 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('datasources/datasources').with_value('gnocchi,prometheus') 29 | should contain_watcher_config('datasources/query_max_retries').with_value(10) 30 | should contain_watcher_config('datasources/query_interval').with_value(0) 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::datasources' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /spec/classes/watcher_neutron_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::neutron_client' do 4 | 5 | shared_examples 'watcher::neutron_client' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('neutron_client/api_version').with_value('') 13 | should contain_watcher_config('neutron_client/endpoint_type').with_value('') 14 | should contain_watcher_config('neutron_client/region_name').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :api_version => 2.0, 22 | :endpoint_type => 'publicURL', 23 | :region_name => 'regionOne' 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('neutron_client/api_version').with_value(2.0) 29 | should contain_watcher_config('neutron_client/endpoint_type').with_value('publicURL') 30 | should contain_watcher_config('neutron_client/region_name').with_value('regionOne') 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::neutron_client' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /spec/classes/watcher_placement_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::placement_client' do 4 | 5 | shared_examples 'watcher::placement_client' do 6 | context 'with defaults' do 7 | let :params do 8 | {} 9 | end 10 | 11 | it 'should set the defaults' do 12 | should contain_watcher_config('placement_client/api_version').with_value('') 13 | should contain_watcher_config('placement_client/interface').with_value('') 14 | should contain_watcher_config('placement_client/region_name').with_value('') 15 | end 16 | end 17 | 18 | context 'with parameters overridden' do 19 | let :params do 20 | { 21 | :api_version => 1, 22 | :interface => 'publicURL', 23 | :region_name => 'regionOne' 24 | } 25 | end 26 | 27 | it 'should set the overridden values' do 28 | should contain_watcher_config('placement_client/api_version').with_value(1) 29 | should contain_watcher_config('placement_client/interface').with_value('publicURL') 30 | should contain_watcher_config('placement_client/region_name').with_value('regionOne') 31 | end 32 | end 33 | end 34 | 35 | on_supported_os({ 36 | :supported_os => OSDefaults.get_supported_os 37 | }).each do |os,facts| 38 | context "on #{os}" do 39 | let (:facts) do 40 | facts.merge!(OSDefaults.get_facts()) 41 | end 42 | it_behaves_like 'watcher::placement_client' 43 | end 44 | end 45 | 46 | end 47 | -------------------------------------------------------------------------------- /lib/puppet/type/watcher_config.rb: -------------------------------------------------------------------------------- 1 | Puppet::Type.newtype(:watcher_config) do 2 | 3 | ensurable 4 | 5 | newparam(:name, :namevar => true) do 6 | desc 'Section/setting name to manage from watcher.conf' 7 | newvalues(/\S+\/\S+/) 8 | end 9 | 10 | newproperty(:value, :array_matching => :all) do 11 | desc 'The value of the setting to be defined.' 12 | def insync?(is) 13 | return true if @should.empty? 14 | return false unless is.is_a? Array 15 | return false unless is.length == @should.length 16 | return ( 17 | is & @should == is or 18 | is & @should.map(&:to_s) == is 19 | ) 20 | end 21 | munge do |value| 22 | value = value.to_s.strip 23 | value.capitalize! if value =~ /^(true|false)$/i 24 | value 25 | end 26 | 27 | def is_to_s( currentvalue ) 28 | if resource.secret? 29 | return '[old secret redacted]' 30 | else 31 | return currentvalue 32 | end 33 | end 34 | 35 | def should_to_s( newvalue ) 36 | if resource.secret? 37 | return '[new secret redacted]' 38 | else 39 | return newvalue 40 | end 41 | end 42 | end 43 | 44 | newparam(:secret, :boolean => true) do 45 | desc 'Whether to hide the value from Puppet logs. Defaults to `false`.' 46 | 47 | newvalues(:true, :false) 48 | 49 | defaultto false 50 | end 51 | 52 | newparam(:ensure_absent_val) do 53 | desc 'A value that is specified as the value property will behave as if ensure => absent was specified' 54 | defaultto('') 55 | end 56 | 57 | autorequire(:anchor) do 58 | ['watcher::install::end'] 59 | end 60 | 61 | end 62 | -------------------------------------------------------------------------------- /manifests/db/mysql.pp: -------------------------------------------------------------------------------- 1 | # The watcher::db::mysql class implements mysql backend for watcher 2 | # 3 | # This class can be used to create tables, users and grant 4 | # privilege for a mysql watcher database. 5 | # 6 | # == Parameters 7 | # 8 | # [*password*] 9 | # (Required) Password to connect to the database. 10 | # 11 | # [*dbname*] 12 | # (Optional) Name of the database. 13 | # Defaults to 'watcher'. 14 | # 15 | # [*user*] 16 | # (Optional) User to connect to the database. 17 | # Defaults to 'watcher'. 18 | # 19 | # [*host*] 20 | # (Optional) The default source host user is allowed to connect from. 21 | # Defaults to '127.0.0.1' 22 | # 23 | # [*allowed_hosts*] 24 | # (Optional) Other hosts the user is allowed to connect from. 25 | # Defaults to 'undef'. 26 | # 27 | # [*charset*] 28 | # (Optional) The database charset. 29 | # Defaults to 'utf8' 30 | # 31 | # [*collate*] 32 | # (Optional) The database collate. 33 | # Only used with mysql modules >= 2.2. 34 | # Defaults to 'utf8_general_ci' 35 | # 36 | class watcher::db::mysql ( 37 | String[1] $password, 38 | $dbname = 'watcher', 39 | $user = 'watcher', 40 | $host = '127.0.0.1', 41 | $charset = 'utf8', 42 | $collate = 'utf8_general_ci', 43 | $allowed_hosts = undef 44 | ) { 45 | include watcher::deps 46 | 47 | openstacklib::db::mysql { 'watcher': 48 | user => $user, 49 | password => $password, 50 | dbname => $dbname, 51 | host => $host, 52 | charset => $charset, 53 | collate => $collate, 54 | allowed_hosts => $allowed_hosts, 55 | } 56 | 57 | Anchor['watcher::db::begin'] 58 | ~> Class['watcher::db::mysql'] 59 | ~> Anchor['watcher::db::end'] 60 | } 61 | -------------------------------------------------------------------------------- /manifests/params.pp: -------------------------------------------------------------------------------- 1 | # Parameters for puppet-watcher 2 | # 3 | class watcher::params { 4 | include openstacklib::defaults 5 | 6 | $pyver3 = $openstacklib::defaults::pyver3 7 | 8 | $client_package_name = 'python3-watcherclient' 9 | $user = 'watcher' 10 | $group = 'watcher' 11 | 12 | case $facts['os']['family'] { 13 | 'RedHat': { 14 | $api_service_name = 'openstack-watcher-api' 15 | $api_package_name = 'openstack-watcher-api' 16 | $common_package_name = 'openstack-watcher-common' 17 | $applier_package_name = 'openstack-watcher-applier' 18 | $applier_service_name = 'openstack-watcher-applier' 19 | $decision_engine_package_name = 'openstack-watcher-decision-engine' 20 | $decision_engine_service_name = 'openstack-watcher-decision-engine' 21 | $watcher_wsgi_script_source = "/usr/lib/python${pyver3}/site-packages/watcher/wsgi/api.py" 22 | $watcher_wsgi_script_path = '/var/www/cgi-bin/watcher' 23 | } 24 | 'Debian': { 25 | $api_service_name = 'watcher-api' 26 | $api_package_name = 'watcher-api' 27 | $common_package_name = 'watcher-common' 28 | $applier_package_name = 'watcher-applier' 29 | $applier_service_name = 'watcher-applier' 30 | $decision_engine_package_name = 'watcher-decision-engine' 31 | $decision_engine_service_name = 'watcher-decision-engine' 32 | $watcher_wsgi_script_source = '/usr/bin/watcher-api-wsgi' 33 | $watcher_wsgi_script_path = '/usr/lib/cgi-bin/watcher' 34 | } 35 | default: { 36 | fail("Unsupported osfamily: ${facts['os']['family']}") 37 | } 38 | } # Case $facts['os']['family'] 39 | } 40 | -------------------------------------------------------------------------------- /spec/acceptance/99_watcher_config_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper_acceptance' 2 | 3 | describe 'basic watcher_config resource' do 4 | 5 | context 'default parameters' do 6 | 7 | it 'should work with no errors' do 8 | pp= <<-EOS 9 | Exec { logoutput => 'on_failure' } 10 | 11 | File <||> -> Watcher_config <||> 12 | 13 | file { '/etc/watcher' : 14 | ensure => directory, 15 | } 16 | file { '/etc/watcher/watcher.conf' : 17 | ensure => file, 18 | } 19 | 20 | watcher_config { 'DEFAULT/thisshouldexist' : 21 | value => 'foo', 22 | } 23 | 24 | watcher_config { 'DEFAULT/thisshouldnotexist' : 25 | value => '', 26 | } 27 | 28 | watcher_config { 'DEFAULT/thisshouldexist2' : 29 | value => '', 30 | ensure_absent_val => 'toto', 31 | } 32 | 33 | watcher_config { 'DEFAULT/thisshouldnotexist2' : 34 | value => 'toto', 35 | ensure_absent_val => 'toto', 36 | } 37 | 38 | watcher_config { 'DEFAULT/thisshouldexist3' : 39 | value => ['foo', 'bar'], 40 | } 41 | EOS 42 | 43 | 44 | # Run it twice and test for idempotency 45 | apply_manifest(pp, :catch_failures => true) 46 | apply_manifest(pp, :catch_changes => true) 47 | end 48 | 49 | describe file('/etc/watcher/watcher.conf') do 50 | it { is_expected.to exist } 51 | it { is_expected.to contain('thisshouldexist=foo') } 52 | it { is_expected.to contain('thisshouldexist2=') } 53 | it { is_expected.to contain('thisshouldexist3=foo') } 54 | it { is_expected.to contain('thisshouldexist3=bar') } 55 | 56 | describe '#content' do 57 | subject { super().content } 58 | it { is_expected.to_not match /thisshouldnotexist/ } 59 | end 60 | end 61 | end 62 | end 63 | -------------------------------------------------------------------------------- /manifests/prometheus_client.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::prometheus_client 2 | # 3 | # Configure the prometheus_client options 4 | # 5 | # === Parameters 6 | # 7 | # [*host*] 8 | # (Required) The hostname of IP address for the prometheus server. 9 | # 10 | # [*port*] 11 | # (Optional) The port number used by the prometheus server. 12 | # Defaults to $facts['os_service_default'] 13 | # 14 | # [*fqdn_label*] 15 | # (Optional) The label that Prometheus uses to store the fqdn of exporters. 16 | # Defaults to $facts['os_service_default'] 17 | # 18 | # [*instance_uuid_label*] 19 | # (Optional) The label that Prometheus uses to store the uuid of OpenStack 20 | # instances. 21 | # Defaults to $facts['os_service_default'] 22 | # 23 | # [*username*] 24 | # (Optional) The basic_auth username to use to authenticate with 25 | # the Prometheus server. 26 | # Defaults to $facts['os_service_default']. 27 | # 28 | # [*password*] 29 | # (Optional) The basic_auth password to use to authenticate with 30 | # the Prometheus server. 31 | # Defaults to $facts['os_service_default']. 32 | # 33 | class watcher::prometheus_client ( 34 | $host, 35 | $port = $facts['os_service_default'], 36 | $fqdn_label = $facts['os_service_default'], 37 | $instance_uuid_label = $facts['os_service_default'], 38 | $username = $facts['os_service_default'], 39 | $password = $facts['os_service_default'], 40 | ) { 41 | include watcher::deps 42 | 43 | watcher_config { 44 | 'prometheus_client/host': value => $host; 45 | 'prometheus_client/port': value => $port; 46 | 'prometheus_client/fqdn_label': value => $fqdn_label; 47 | 'prometheus_client/instance_uuid_label': value => $instance_uuid_label; 48 | 'prometheus_client/username': value => $username; 49 | 'prometheus_client/password': value => $password, secret => true; 50 | } 51 | } 52 | -------------------------------------------------------------------------------- /metadata.json: -------------------------------------------------------------------------------- 1 | { 2 | "author": "OpenStack Contributors", 3 | "dependencies": [ 4 | { 5 | "name": "puppetlabs/inifile", 6 | "version_requirement": ">=2.0.0 <7.0.0" 7 | }, 8 | { 9 | "name": "puppetlabs/stdlib", 10 | "version_requirement": ">=9.0.0 <10.0.0" 11 | }, 12 | { 13 | "name": "openstack/keystone", 14 | "version_requirement": ">=27.0.0 <28.0.0" 15 | }, 16 | { 17 | "name": "openstack/openstacklib", 18 | "version_requirement": ">=27.0.0 <28.0.0" 19 | }, 20 | { 21 | "name": "openstack/oslo", 22 | "version_requirement": ">=27.0.0 <28.0.0" 23 | } 24 | ], 25 | "description": "Installs and configures OpenStack Watcher.", 26 | "issues_url": "https://bugs.launchpad.net/puppet-watcher", 27 | "license": "Apache-2.0", 28 | "name": "openstack-watcher", 29 | "operatingsystem_support": [ 30 | { 31 | "operatingsystem": "Debian", 32 | "operatingsystemrelease": [ 33 | "13" 34 | ] 35 | }, 36 | { 37 | "operatingsystem": "RedHat", 38 | "operatingsystemrelease": [ 39 | "9" 40 | ] 41 | }, 42 | { 43 | "operatingsystem": "CentOS", 44 | "operatingsystemrelease": [ 45 | "9" 46 | ] 47 | }, 48 | { 49 | "operatingsystem": "Ubuntu", 50 | "operatingsystemrelease": [ 51 | "24.04" 52 | ] 53 | } 54 | ], 55 | "project_page": "https://launchpad.net/puppet-watcher", 56 | "requirements": [ 57 | { 58 | "name": "puppet", 59 | "version_requirement": ">= 8.0.0 < 9.0.0" 60 | } 61 | ], 62 | "source": "https://opendev.org/openstack/puppet-watcher.git", 63 | "summary": "Puppet module for OpenStack Watcher", 64 | "version": "27.0.0" 65 | } 66 | -------------------------------------------------------------------------------- /spec/classes/watcher_db_upgrade_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::db::upgrade' do 4 | 5 | shared_examples_for 'watcher-db-manage-upgrade' do 6 | 7 | it 'runs watcher-db-manage' do 8 | is_expected.to contain_exec('watcher-db-manage-upgrade').with( 9 | :command => 'watcher-db-manage upgrade', 10 | :path => '/usr/bin', 11 | :user => 'watcher', 12 | :refreshonly => 'true', 13 | :try_sleep => 5, 14 | :tries => 10, 15 | :logoutput => 'on_failure', 16 | :subscribe => [ 17 | 'Anchor[watcher::install::end]', 18 | 'Anchor[watcher::config::end]', 19 | 'Anchor[watcher::db::create_schema::end]', 20 | 'Anchor[watcher::db::upgrade::begin]' 21 | ], 22 | :notify => 'Anchor[watcher::db::upgrade::end]', 23 | ) 24 | end 25 | 26 | describe 'overriding extra_params' do 27 | let :params do 28 | { 29 | :extra_params => '--config-file /etc/watcher/watcher01.conf', 30 | } 31 | end 32 | 33 | it { 34 | is_expected.to contain_exec('watcher-db-manage-upgrade').with( 35 | :command => 'watcher-db-manage --config-file /etc/watcher/watcher01.conf upgrade', 36 | :path => '/usr/bin', 37 | :user => 'watcher', 38 | :refreshonly => 'true', 39 | :try_sleep => 5, 40 | :tries => 10, 41 | :logoutput => 'on_failure', 42 | :subscribe => [ 43 | 'Anchor[watcher::install::end]', 44 | 'Anchor[watcher::config::end]', 45 | 'Anchor[watcher::db::create_schema::end]', 46 | 'Anchor[watcher::db::upgrade::begin]' 47 | ], 48 | :notify => 'Anchor[watcher::db::upgrade::end]', 49 | ) 50 | } 51 | end 52 | 53 | end 54 | 55 | on_supported_os({ 56 | :supported_os => OSDefaults.get_supported_os 57 | }).each do |os,facts| 58 | context "on #{os}" do 59 | let (:facts) do 60 | facts.merge!(OSDefaults.get_facts()) 61 | end 62 | it_configures 'watcher-db-manage-upgrade' 63 | end 64 | end 65 | 66 | end 67 | -------------------------------------------------------------------------------- /spec/classes/watcher_db_create_schema_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::db::create_schema' do 4 | 5 | shared_examples_for 'watcher-db-manage-create_schema' do 6 | 7 | it 'runs watcher-db-manage' do 8 | is_expected.to contain_exec('watcher-db-manage-create_schema').with( 9 | :command => 'watcher-db-manage create_schema', 10 | :path => '/usr/bin', 11 | :user => 'watcher', 12 | :refreshonly => 'true', 13 | :try_sleep => 5, 14 | :tries => 10, 15 | :logoutput => 'on_failure', 16 | :subscribe => [ 17 | 'Anchor[watcher::install::end]', 18 | 'Anchor[watcher::config::end]', 19 | 'Anchor[watcher::db::create_schema::begin]' 20 | ], 21 | :notify => 'Anchor[watcher::db::create_schema::end]', 22 | :tag => 'openstack-db', 23 | ) 24 | end 25 | 26 | describe 'overriding extra_params' do 27 | let :params do 28 | { 29 | :extra_params => '--config-file /etc/watcher/watcher01.conf', 30 | } 31 | end 32 | 33 | it { 34 | is_expected.to contain_exec('watcher-db-manage-create_schema').with( 35 | :command => 'watcher-db-manage --config-file /etc/watcher/watcher01.conf create_schema', 36 | :path => '/usr/bin', 37 | :user => 'watcher', 38 | :refreshonly => 'true', 39 | :try_sleep => 5, 40 | :tries => 10, 41 | :logoutput => 'on_failure', 42 | :subscribe => [ 43 | 'Anchor[watcher::install::end]', 44 | 'Anchor[watcher::config::end]', 45 | 'Anchor[watcher::db::create_schema::begin]' 46 | ], 47 | :notify => 'Anchor[watcher::db::create_schema::end]', 48 | :tag => 'openstack-db', 49 | ) 50 | } 51 | end 52 | 53 | end 54 | 55 | on_supported_os({ 56 | :supported_os => OSDefaults.get_supported_os 57 | }).each do |os,facts| 58 | context "on #{os}" do 59 | let (:facts) do 60 | facts.merge!(OSDefaults.get_facts()) 61 | end 62 | it_configures 'watcher-db-manage-create_schema' 63 | end 64 | end 65 | 66 | end 67 | -------------------------------------------------------------------------------- /spec/unit/type/watcher_config_spec.rb: -------------------------------------------------------------------------------- 1 | require 'puppet' 2 | require 'puppet/type/watcher_config' 3 | 4 | describe 'Puppet::Type.type(:watcher_config)' do 5 | before :each do 6 | @watcher_config = Puppet::Type.type(:watcher_config).new(:name => 'DEFAULT/foo', :value => 'bar') 7 | end 8 | 9 | it 'should require a name' do 10 | expect { 11 | Puppet::Type.type(:watcher_config).new({}) 12 | }.to raise_error(Puppet::Error, 'Title or name must be provided') 13 | end 14 | 15 | it 'should not expect a name with whitespace' do 16 | expect { 17 | Puppet::Type.type(:watcher_config).new(:name => 'f oo') 18 | }.to raise_error(Puppet::Error, /Parameter name failed/) 19 | end 20 | 21 | it 'should fail when there is no section' do 22 | expect { 23 | Puppet::Type.type(:watcher_config).new(:name => 'foo') 24 | }.to raise_error(Puppet::Error, /Parameter name failed/) 25 | end 26 | 27 | it 'should not require a value when ensure is absent' do 28 | Puppet::Type.type(:watcher_config).new(:name => 'DEFAULT/foo', :ensure => :absent) 29 | end 30 | 31 | it 'should accept a valid value' do 32 | @watcher_config[:value] = 'bar' 33 | expect(@watcher_config[:value]).to eq(['bar']) 34 | end 35 | 36 | it 'should accept a value with whitespace' do 37 | @watcher_config[:value] = 'b ar' 38 | expect(@watcher_config[:value]).to eq(['b ar']) 39 | end 40 | 41 | it 'should accept valid ensure values' do 42 | @watcher_config[:ensure] = :present 43 | expect(@watcher_config[:ensure]).to eq(:present) 44 | @watcher_config[:ensure] = :absent 45 | expect(@watcher_config[:ensure]).to eq(:absent) 46 | end 47 | 48 | it 'should not accept invalid ensure values' do 49 | expect { 50 | @watcher_config[:ensure] = :latest 51 | }.to raise_error(Puppet::Error, /Invalid value/) 52 | end 53 | 54 | it 'should autorequire the package that install the file' do 55 | catalog = Puppet::Resource::Catalog.new 56 | anchor = Puppet::Type.type(:anchor).new(:name => 'watcher::install::end') 57 | catalog.add_resource anchor, @watcher_config 58 | dependency = @watcher_config.autorequire 59 | expect(dependency.size).to eq(1) 60 | expect(dependency[0].target).to eq(@watcher_config) 61 | expect(dependency[0].source).to eq(anchor) 62 | end 63 | 64 | end 65 | -------------------------------------------------------------------------------- /spec/classes/watcher_db_mysql_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::db::mysql' do 4 | 5 | let :pre_condition do 6 | 'include mysql::server' 7 | end 8 | 9 | let :required_params do 10 | { :password => 'watcherpass', } 11 | end 12 | 13 | shared_examples_for 'watcher-db-mysql' do 14 | context 'with only required params' do 15 | let :params do 16 | required_params 17 | end 18 | 19 | it { should contain_class('watcher::deps') } 20 | 21 | it { is_expected.to contain_openstacklib__db__mysql('watcher').with( 22 | :user => 'watcher', 23 | :password => 'watcherpass', 24 | :dbname => 'watcher', 25 | :host => '127.0.0.1', 26 | :charset => 'utf8', 27 | :collate => 'utf8_general_ci', 28 | )} 29 | end 30 | 31 | context 'overriding allowed_hosts param to array' do 32 | let :params do 33 | { :allowed_hosts => ['127.0.0.1','%'] }.merge(required_params) 34 | end 35 | 36 | it { is_expected.to contain_openstacklib__db__mysql('watcher').with( 37 | :user => 'watcher', 38 | :password => 'watcherpass', 39 | :dbname => 'watcher', 40 | :host => '127.0.0.1', 41 | :charset => 'utf8', 42 | :collate => 'utf8_general_ci', 43 | :allowed_hosts => ['127.0.0.1','%'] 44 | )} 45 | end 46 | 47 | describe 'overriding allowed_hosts param to string' do 48 | let :params do 49 | { :allowed_hosts => '192.168.1.1' }.merge(required_params) 50 | end 51 | 52 | it { is_expected.to contain_openstacklib__db__mysql('watcher').with( 53 | :user => 'watcher', 54 | :password => 'watcherpass', 55 | :dbname => 'watcher', 56 | :host => '127.0.0.1', 57 | :charset => 'utf8', 58 | :collate => 'utf8_general_ci', 59 | :allowed_hosts => '192.168.1.1' 60 | )} 61 | end 62 | end 63 | 64 | on_supported_os({ 65 | :supported_os => OSDefaults.get_supported_os 66 | }).each do |os,facts| 67 | context "on #{os}" do 68 | let (:facts) do 69 | facts.merge!(OSDefaults.get_facts()) 70 | end 71 | 72 | it_behaves_like 'watcher-db-mysql' 73 | end 74 | end 75 | end 76 | -------------------------------------------------------------------------------- /spec/classes/watcher_prometheus_client_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::prometheus_client' do 4 | 5 | shared_examples 'watcher::prometheus_client' do 6 | let :params do 7 | { 8 | :host => '127.0.0.1' 9 | } 10 | end 11 | 12 | context 'with defaults' do 13 | it 'should set the defaults' do 14 | should contain_watcher_config('prometheus_client/host').with_value('127.0.0.1') 15 | should contain_watcher_config('prometheus_client/port').with_value('') 16 | should contain_watcher_config('prometheus_client/fqdn_label').with_value('') 17 | should contain_watcher_config('prometheus_client/instance_uuid_label').with_value('') 18 | should contain_watcher_config('prometheus_client/username').with_value('') 19 | should contain_watcher_config('prometheus_client/password').with_value('').with_secret(true) 20 | end 21 | end 22 | 23 | context 'with parameters overridden' do 24 | before :each do 25 | params.merge!({ 26 | :port => 9090, 27 | :fqdn_label => 'fqdn', 28 | :instance_uuid_label => 'resource', 29 | :username => 'promuser', 30 | :password => 'prompass' 31 | }) 32 | end 33 | 34 | it 'should set the overridden values' do 35 | should contain_watcher_config('prometheus_client/host').with_value('127.0.0.1') 36 | should contain_watcher_config('prometheus_client/port').with_value(9090) 37 | should contain_watcher_config('prometheus_client/fqdn_label').with_value('fqdn') 38 | should contain_watcher_config('prometheus_client/instance_uuid_label').with_value('resource') 39 | should contain_watcher_config('prometheus_client/username').with_value('promuser') 40 | should contain_watcher_config('prometheus_client/password').with_value('prompass').with_secret(true) 41 | end 42 | end 43 | end 44 | 45 | on_supported_os({ 46 | :supported_os => OSDefaults.get_supported_os 47 | }).each do |os,facts| 48 | context "on #{os}" do 49 | let (:facts) do 50 | facts.merge!(OSDefaults.get_facts()) 51 | end 52 | it_behaves_like 'watcher::prometheus_client' 53 | end 54 | end 55 | 56 | end 57 | -------------------------------------------------------------------------------- /spec/classes/watcher_db_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::db' do 4 | shared_examples 'watcher::db' do 5 | context 'with default parameters' do 6 | it { should contain_class('watcher::deps') } 7 | 8 | it { should contain_oslo__db('watcher_config').with( 9 | :db_max_retries => '', 10 | :connection => 'sqlite:////var/lib/watcher/watcher.sqlite', 11 | :connection_recycle_time => '', 12 | :max_pool_size => '', 13 | :max_retries => '', 14 | :retry_interval => '', 15 | :max_overflow => '', 16 | :pool_timeout => '', 17 | :mysql_enable_ndb => '', 18 | )} 19 | end 20 | 21 | context 'with specific parameters' do 22 | let :params do 23 | { 24 | :database_connection => 'mysql+pymysql://watcher:watcher@localhost/watcher', 25 | :database_connection_recycle_time => '3601', 26 | :database_db_max_retries => '-1', 27 | :database_max_retries => '11', 28 | :database_retry_interval => '11', 29 | :database_max_pool_size => '11', 30 | :database_max_overflow => '21', 31 | :database_pool_timeout => '21', 32 | :mysql_enable_ndb => true, 33 | } 34 | end 35 | 36 | it { should contain_class('watcher::deps') } 37 | 38 | it { should contain_oslo__db('watcher_config').with( 39 | :db_max_retries => '-1', 40 | :connection => 'mysql+pymysql://watcher:watcher@localhost/watcher', 41 | :connection_recycle_time => '3601', 42 | :max_pool_size => '11', 43 | :max_retries => '11', 44 | :retry_interval => '11', 45 | :max_overflow => '21', 46 | :pool_timeout => '21', 47 | :mysql_enable_ndb => true, 48 | )} 49 | end 50 | end 51 | 52 | on_supported_os({ 53 | :supported_os => OSDefaults.get_supported_os 54 | }).each do |os,facts| 55 | context "on #{os}" do 56 | let (:facts) do 57 | facts.merge!(OSDefaults.get_facts()) 58 | end 59 | 60 | it_behaves_like 'watcher::db' 61 | end 62 | end 63 | end 64 | -------------------------------------------------------------------------------- /manifests/policy.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::policy 2 | # 3 | # Configure the watcher policies 4 | # 5 | # === Parameters 6 | # 7 | # [*enforce_scope*] 8 | # (Optional) Whether or not to enforce scope when evaluating policies. 9 | # Defaults to $facts['os_service_default']. 10 | # 11 | # [*enforce_new_defaults*] 12 | # (Optional) Whether or not to use old deprecated defaults when evaluating 13 | # policies. 14 | # Defaults to $facts['os_service_default']. 15 | # 16 | # [*policies*] 17 | # (Optional) Set of policies to configure for watcher 18 | # Example : 19 | # { 20 | # 'watcher-context_is_admin' => { 21 | # 'key' => 'context_is_admin', 22 | # 'value' => 'true' 23 | # }, 24 | # 'watcher-default' => { 25 | # 'key' => 'default', 26 | # 'value' => 'rule:admin_or_owner' 27 | # } 28 | # } 29 | # Defaults to empty hash. 30 | # 31 | # [*policy_path*] 32 | # (Optional) Path to the watcher policy.yaml file 33 | # Defaults to /etc/watcher/policy.yaml 34 | # 35 | # [*policy_default_rule*] 36 | # (Optional) Default rule. Enforced when a requested rule is not found. 37 | # Defaults to $facts['os_service_default']. 38 | # 39 | # [*policy_dirs*] 40 | # (Optional) Path to the watcher policy folder 41 | # Defaults to $facts['os_service_default'] 42 | # 43 | # [*purge_config*] 44 | # (optional) Whether to set only the specified policy rules in the policy 45 | # file. 46 | # Defaults to false. 47 | # 48 | class watcher::policy ( 49 | $enforce_scope = $facts['os_service_default'], 50 | $enforce_new_defaults = $facts['os_service_default'], 51 | Openstacklib::Policies $policies = {}, 52 | Stdlib::Absolutepath $policy_path = '/etc/watcher/policy.yaml', 53 | $policy_default_rule = $facts['os_service_default'], 54 | $policy_dirs = $facts['os_service_default'], 55 | Boolean $purge_config = false, 56 | ) { 57 | include watcher::deps 58 | include watcher::params 59 | 60 | $policy_parameters = { 61 | policies => $policies, 62 | policy_path => $policy_path, 63 | file_user => 'root', 64 | file_group => $watcher::params::group, 65 | file_format => 'yaml', 66 | purge_config => $purge_config, 67 | } 68 | 69 | create_resources('openstacklib::policy', { $policy_path => $policy_parameters }) 70 | 71 | # policy config should occur in the config block also. 72 | Anchor['watcher::config::begin'] 73 | -> Openstacklib::Policy[$policy_path] 74 | -> Anchor['watcher::config::end'] 75 | 76 | oslo::policy { 'watcher_config': 77 | enforce_scope => $enforce_scope, 78 | enforce_new_defaults => $enforce_new_defaults, 79 | policy_file => $policy_path, 80 | policy_default_rule => $policy_default_rule, 81 | policy_dirs => $policy_dirs, 82 | } 83 | } 84 | -------------------------------------------------------------------------------- /manifests/applier.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::applier 2 | # 3 | # === Parameters 4 | # 5 | # [*package_ensure*] 6 | # (Optional) The state of the package. 7 | # Defaults to 'present'. 8 | # 9 | # [*enabled*] 10 | # (Optional) The state of the service 11 | # Defaults to 'true'. 12 | # 13 | # [*manage_service*] 14 | # (Optional) Whether to start/stop the service. 15 | # Defaults to 'true'. 16 | # 17 | # [*applier_workers*] 18 | # (Optional) Number of workers for watcher applier service. 19 | # Defaults to $facts['os_service_default'] 20 | # 21 | # [*applier_conductor_topic*] 22 | # (Optional) The topic name used forcontrol events, this topic used 23 | # for rpc call 24 | # Defaults to $facts['os_service_default'] 25 | # 26 | # [*applier_status_topic*] 27 | # (Optional) The topic name used for status events, this topic is used 28 | # so as to notifythe others components of the system 29 | # Defaults to $facts['os_service_default'] 30 | # 31 | # [*applier_publisher_id*] 32 | # (Optional) The identifier used by watcher module on the message broker 33 | # Defaults to $facts['os_service_default'] 34 | # 35 | # [*applier_workflow_engine*] 36 | # (Optional) Select the engine to use to execute the workflow 37 | # Defaults to $facts['os_service_default'] 38 | # 39 | class watcher::applier ( 40 | Stdlib::Ensure::Package $package_ensure = 'present', 41 | Boolean $enabled = true, 42 | Boolean $manage_service = true, 43 | $applier_workers = $facts['os_service_default'], 44 | $applier_conductor_topic = $facts['os_service_default'], 45 | $applier_status_topic = $facts['os_service_default'], 46 | $applier_publisher_id = $facts['os_service_default'], 47 | $applier_workflow_engine = $facts['os_service_default'], 48 | ) { 49 | include watcher::params 50 | include watcher::deps 51 | 52 | package { 'watcher-applier': 53 | ensure => $package_ensure, 54 | name => $watcher::params::applier_package_name, 55 | tag => ['openstack', 'watcher-package'], 56 | } 57 | 58 | if $manage_service { 59 | if $enabled { 60 | $service_ensure = 'running' 61 | } else { 62 | $service_ensure = 'stopped' 63 | } 64 | 65 | service { 'watcher-applier': 66 | ensure => $service_ensure, 67 | name => $watcher::params::applier_service_name, 68 | enable => $enabled, 69 | hasstatus => true, 70 | hasrestart => true, 71 | tag => ['watcher-service'], 72 | } 73 | } 74 | 75 | watcher_config { 76 | 'watcher_applier/workers': value => $applier_workers; 77 | 'watcher_applier/conductor_topic': value => $applier_conductor_topic; 78 | 'watcher_applier/status_topic': value => $applier_status_topic; 79 | 'watcher_applier/publisher_id': value => $applier_publisher_id; 80 | 'watcher_applier/workflow_engine': value => $applier_workflow_engine; 81 | } 82 | } 83 | -------------------------------------------------------------------------------- /spec/classes/watcher_policy_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::policy' do 4 | shared_examples 'watcher::policy' do 5 | 6 | context 'setup policy with parameters' do 7 | let :params do 8 | { 9 | :enforce_scope => false, 10 | :enforce_new_defaults => false, 11 | :policy_path => '/etc/watcher/policy.yaml', 12 | :policy_default_rule => 'default', 13 | :policy_dirs => '/etc/watcher/policy.d', 14 | :policies => { 15 | 'context_is_admin' => { 16 | 'key' => 'context_is_admin', 17 | 'value' => 'foo:bar' 18 | } 19 | } 20 | } 21 | end 22 | 23 | it 'set up the policies' do 24 | is_expected.to contain_openstacklib__policy('/etc/watcher/policy.yaml').with( 25 | :policies => { 26 | 'context_is_admin' => { 27 | 'key' => 'context_is_admin', 28 | 'value' => 'foo:bar' 29 | } 30 | }, 31 | :policy_path => '/etc/watcher/policy.yaml', 32 | :file_user => 'root', 33 | :file_group => 'watcher', 34 | :file_format => 'yaml', 35 | :purge_config => false, 36 | ) 37 | is_expected.to contain_oslo__policy('watcher_config').with( 38 | :enforce_scope => false, 39 | :enforce_new_defaults => false, 40 | :policy_file => '/etc/watcher/policy.yaml', 41 | :policy_default_rule => 'default', 42 | :policy_dirs => '/etc/watcher/policy.d', 43 | ) 44 | end 45 | end 46 | 47 | context 'with empty policies and purge_config enabled' do 48 | let :params do 49 | { 50 | :enforce_scope => false, 51 | :enforce_new_defaults => false, 52 | :policy_path => '/etc/watcher/policy.yaml', 53 | :policies => {}, 54 | :purge_config => true, 55 | } 56 | end 57 | 58 | it 'set up the policies' do 59 | is_expected.to contain_openstacklib__policy('/etc/watcher/policy.yaml').with( 60 | :policies => {}, 61 | :policy_path => '/etc/watcher/policy.yaml', 62 | :file_user => 'root', 63 | :file_group => 'watcher', 64 | :file_format => 'yaml', 65 | :purge_config => true, 66 | ) 67 | is_expected.to contain_oslo__policy('watcher_config').with( 68 | :enforce_scope => false, 69 | :enforce_new_defaults => false, 70 | :policy_file => '/etc/watcher/policy.yaml', 71 | ) 72 | end 73 | end 74 | end 75 | 76 | on_supported_os({ 77 | :supported_os => OSDefaults.get_supported_os 78 | }).each do |os,facts| 79 | context "on #{os}" do 80 | let (:facts) do 81 | facts.merge!(OSDefaults.get_facts()) 82 | end 83 | 84 | it_behaves_like 'watcher::policy' 85 | end 86 | end 87 | end 88 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | Team and repository tags 2 | ======================== 3 | 4 | [![Team and repository tags](https://governance.openstack.org/tc/badges/puppet-watcher.svg)](https://governance.openstack.org/tc/reference/tags/index.html) 5 | 6 | 7 | 8 | watcher 9 | ======= 10 | 11 | #### Table of Contents 12 | 13 | 1. [Overview - What is the watcher module?](#overview) 14 | 2. [Module Description - What does the module do?](#module-description) 15 | 3. [Setup - The basics of getting started with watcher](#setup) 16 | 4. [Implementation - An under-the-hood peek at what the module is doing](#implementation) 17 | 5. [Limitations - OS compatibility, etc.](#limitations) 18 | 6. [Development - Guide for contributing to the module](#development) 19 | 7. [Contributors - Those with commits](#contributors) 20 | 8. [Release Notes - Release notes for the project](#release-notes) 21 | 9. [Repository - The project source code repository](#repository) 22 | 23 | Overview 24 | -------- 25 | 26 | The watcher module is a part of [OpenStack](https://opendev.org/openstack), an effort by the OpenStack infrastructure team to provide continuous integration testing and code review for OpenStack and OpenStack community projects not part of the core software. The module itself is used to flexibly configure and manage the Watcher service for OpenStack. 27 | 28 | Module Description 29 | ------------------ 30 | 31 | The watcher module is a thorough attempt to make Puppet capable of managing the entirety of watcher. This includes manifests to provision region specific endpoint and database connections. Types are shipped as part of the watcher module to assist in manipulation of configuration files. 32 | 33 | Setup 34 | ----- 35 | 36 | **What the watcher module affects** 37 | 38 | * [Watcher](https://docs.openstack.org/watcher/latest/), the Watcher service for OpenStack. 39 | 40 | ### Installing watcher 41 | 42 | watcher is not currently in Puppet Forge, but is anticipated to be added soon. Once that happens, you'll be able to install watcher with: 43 | puppet module install openstack/watcher 44 | 45 | ### Beginning with watcher 46 | 47 | To utilize the watcher module's functionality you will need to declare multiple resources. 48 | 49 | Implementation 50 | -------------- 51 | 52 | ### watcher 53 | 54 | watcher is a combination of Puppet manifest and ruby code to delivery configuration and extra functionality through types and providers. 55 | 56 | Limitations 57 | ------------ 58 | 59 | * All the watcher types use the CLI tools and so need to be ran on the watcher node. 60 | 61 | Development 62 | ----------- 63 | 64 | Developer documentation for the entire puppet-openstack project. 65 | 66 | * https://docs.openstack.org/puppet-openstack-guide/latest/ 67 | 68 | Contributors 69 | ------------ 70 | 71 | * https://github.com/openstack/puppet-watcher/graphs/contributors 72 | 73 | Release Notes 74 | ------------- 75 | 76 | * https://docs.openstack.org/releasenotes/puppet-watcher 77 | 78 | Repository 79 | ---------- 80 | 81 | * https://opendev.org/openstack/puppet-watcher 82 | -------------------------------------------------------------------------------- /manifests/db.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::db 2 | # 3 | # Configure the watcher database 4 | # 5 | # === Parameters 6 | # 7 | # [*database_connection*] 8 | # (Optional) Url used to connect to database. 9 | # Defaults to "sqlite:////var/lib/watcher/watcher.sqlite". 10 | # 11 | # [*database_connection_recycle_time*] 12 | # (Optional) Timeout when db connections should be reaped. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*database_db_max_retries*] 16 | # (optional) Maximum retries in case of connection error or deadlock error 17 | # before error is raised. Set to -1 to specify an infinite retry count. 18 | # Defaults to $facts['os_service_default'] 19 | # 20 | # [*database_max_retries*] 21 | # (Optional) Maximum number of database connection retries during startup. 22 | # Setting -1 implies an infinite retry count. 23 | # Defaults to $facts['os_service_default'] 24 | # 25 | # [*database_retry_interval*] 26 | # (Optional) Interval between retries of opening a database connection. 27 | # Defaults to $facts['os_service_default'] 28 | # 29 | # [*database_max_pool_size*] 30 | # (Optional) Maximum number of SQL connections to keep open in a pool. 31 | # Defaults to $facts['os_service_default'] 32 | # 33 | # [*database_max_overflow*] 34 | # (Optional) If set, use this value for max_overflow with sqlalchemy. 35 | # Defaults to $facts['os_service_default'] 36 | # 37 | # [*database_pool_timeout*] 38 | # (Optional) If set, use this value for pool_timeout with SQLAlchemy. 39 | # Defaults to $facts['os_service_default'] 40 | # 41 | # [*mysql_enable_ndb*] 42 | # (Optional) If True, transparently enables support for handling MySQL 43 | # Cluster (NDB). 44 | # Defaults to $facts['os_service_default'] 45 | # 46 | class watcher::db ( 47 | $database_connection = 'sqlite:////var/lib/watcher/watcher.sqlite', 48 | $database_connection_recycle_time = $facts['os_service_default'], 49 | $database_max_pool_size = $facts['os_service_default'], 50 | $database_db_max_retries = $facts['os_service_default'], 51 | $database_max_retries = $facts['os_service_default'], 52 | $database_retry_interval = $facts['os_service_default'], 53 | $database_max_overflow = $facts['os_service_default'], 54 | $database_pool_timeout = $facts['os_service_default'], 55 | $mysql_enable_ndb = $facts['os_service_default'], 56 | ) { 57 | include watcher::deps 58 | 59 | oslo::db { 'watcher_config': 60 | connection => $database_connection, 61 | connection_recycle_time => $database_connection_recycle_time, 62 | db_max_retries => $database_db_max_retries, 63 | max_retries => $database_max_retries, 64 | retry_interval => $database_retry_interval, 65 | max_pool_size => $database_max_pool_size, 66 | max_overflow => $database_max_overflow, 67 | pool_timeout => $database_pool_timeout, 68 | mysql_enable_ndb => $mysql_enable_ndb, 69 | } 70 | 71 | # all db settings should be applied and all packages should be installed 72 | # before dbsync starts 73 | Oslo::Db['watcher_config'] -> Anchor['watcher::db::create_schema::begin'] 74 | } 75 | -------------------------------------------------------------------------------- /manifests/watcher_clients_auth.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::watcher_clients_auth 2 | # 3 | # Configure the watcher_clients_auth options 4 | # 5 | # === Parameters 6 | # 7 | # [*password*] 8 | # (required) User's password 9 | # 10 | # [*auth_url*] 11 | # (optional) Specifies the admin Identity URI for Watcher to use. 12 | # Defaults to 'http://localhost:5000/' 13 | # 14 | # [*username*] 15 | # (optional) The name of the auth user 16 | # Defaults to watcher. 17 | # 18 | # [*project_name*] 19 | # (Optional) Service project name. 20 | # Defaults to 'services' 21 | # 22 | # [*project_domain_name*] 23 | # (Optional) Domain name containing project. 24 | # Defaults to 'Default' 25 | # 26 | # [*user_domain_name*] 27 | # (Optional) User Domain name. 28 | # Defaults to 'Default' 29 | # 30 | # [*system_scope*] 31 | # (Optional) Scope for system operations. 32 | # Defaults to $facts['os_service_default'] 33 | # 34 | # [*auth_type*] 35 | # (Optional) Authentication type to load. 36 | # Defaults to 'password' 37 | # 38 | # [*insecure*] 39 | # (Optional) Verify HTTPS connections. 40 | # Defaults to $facts['os_service_default'] 41 | # 42 | # [*keyfile*] 43 | # (Optional) PEM encoded client certificate key file. 44 | # Defaults to $facts['os_service_default'] 45 | # 46 | # [*certfile*] 47 | # (Optional) PEM encoded client certificate cert file. 48 | # Defaults to $facts['os_service_default'] 49 | # 50 | # [*cafile*] 51 | # (Optional)PEM encoded Certificate Authority to use when verifying HTTPs 52 | # connections. 53 | # Defaults to $facts['os_service_default'] 54 | # 55 | class watcher::watcher_clients_auth ( 56 | $password, 57 | $auth_url = 'http://localhost:5000/', 58 | $username = 'watcher', 59 | $project_name = 'services', 60 | $project_domain_name = 'Default', 61 | $user_domain_name = 'Default', 62 | $system_scope = $facts['os_service_default'], 63 | $auth_type = 'password', 64 | $insecure = $facts['os_service_default'], 65 | $certfile = $facts['os_service_default'], 66 | $cafile = $facts['os_service_default'], 67 | $keyfile = $facts['os_service_default'], 68 | ) { 69 | include watcher::deps 70 | 71 | if is_service_default($system_scope) { 72 | $project_name_real = $project_name 73 | $project_domain_name_real = $project_domain_name 74 | } else { 75 | $project_name_real = $facts['os_service_default'] 76 | $project_domain_name_real = $facts['os_service_default'] 77 | } 78 | 79 | watcher_config { 80 | 'watcher_clients_auth/password': value => $password, secret => true; 81 | 'watcher_clients_auth/username': value => $username; 82 | 'watcher_clients_auth/auth_url': value => $auth_url; 83 | 'watcher_clients_auth/project_name': value => $project_name_real; 84 | 'watcher_clients_auth/project_domain_name': value => $project_domain_name_real; 85 | 'watcher_clients_auth/user_domain_name': value => $user_domain_name; 86 | 'watcher_clients_auth/system_scope': value => $system_scope; 87 | 'watcher_clients_auth/insecure': value => $insecure; 88 | 'watcher_clients_auth/auth_type': value => $auth_type; 89 | 'watcher_clients_auth/cafile': value => $cafile; 90 | 'watcher_clients_auth/certfile': value => $certfile; 91 | 'watcher_clients_auth/keyfile': value => $keyfile; 92 | } 93 | } 94 | -------------------------------------------------------------------------------- /spec/classes/watcher_cron_db_purge_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::cron::db_purge' do 4 | let :params do 5 | { 6 | :minute => 1, 7 | :hour => 0, 8 | :monthday => '*', 9 | :month => '*', 10 | :weekday => '*', 11 | :user => 'watcher', 12 | :age => '30', 13 | :maxdelay => 0, 14 | :destination => '/var/log/watcher/watcher-rowsflush.log' 15 | } 16 | end 17 | 18 | shared_examples 'watcher::cron::db_purge' do 19 | context 'with required parameters' do 20 | it { is_expected.to contain_cron('watcher-db-manage purge').with( 21 | :ensure => :present, 22 | :command => "watcher-db-manage purge -d #{params[:age]} >>#{params[:destination]} 2>&1", 23 | :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', 24 | :user => params[:user], 25 | :minute => params[:minute], 26 | :hour => params[:hour], 27 | :monthday => params[:monthday], 28 | :month => params[:month], 29 | :weekday => params[:weekday], 30 | :require => 'Anchor[watcher::db::upgrade::end]' 31 | )} 32 | end 33 | 34 | context 'with ensure set to absent' do 35 | before :each do 36 | params.merge!( 37 | :ensure => :absent 38 | ) 39 | end 40 | 41 | it { should contain_cron('watcher-db-manage purge').with_ensure(:absent) } 42 | end 43 | 44 | context 'with required parameters with max delay enabled' do 45 | before :each do 46 | params.merge!( 47 | :maxdelay => 600 48 | ) 49 | end 50 | 51 | it { should contain_cron('watcher-db-manage purge').with( 52 | :ensure => :present, 53 | :command => "sleep `expr ${RANDOM} \\% #{params[:maxdelay]}`; watcher-db-manage purge -d #{params[:age]} >>#{params[:destination]} 2>&1", 54 | :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', 55 | :user => params[:user], 56 | :minute => params[:minute], 57 | :hour => params[:hour], 58 | :monthday => params[:monthday], 59 | :month => params[:month], 60 | :weekday => params[:weekday], 61 | :require => 'Anchor[watcher::db::upgrade::end]' 62 | )} 63 | end 64 | 65 | context 'with additional parameters' do 66 | before :each do 67 | params.merge!( 68 | :exclude_orphans => true, 69 | :max_number => 100, 70 | ) 71 | end 72 | 73 | it { should contain_cron('watcher-db-manage purge').with( 74 | :ensure => :present, 75 | :command => "watcher-db-manage purge -d #{params[:age]} -e -n #{params[:max_number]} >>#{params[:destination]} 2>&1", 76 | :environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', 77 | :user => params[:user], 78 | :minute => params[:minute], 79 | :hour => params[:hour], 80 | :monthday => params[:monthday], 81 | :month => params[:month], 82 | :weekday => params[:weekday], 83 | :require => 'Anchor[watcher::db::upgrade::end]' 84 | )} 85 | end 86 | end 87 | 88 | on_supported_os({ 89 | :supported_os => OSDefaults.get_supported_os 90 | }).each do |os,facts| 91 | context "on #{os}" do 92 | let (:facts) do 93 | facts.merge!(OSDefaults.get_facts()) 94 | end 95 | 96 | it_behaves_like 'watcher::cron::db_purge' 97 | end 98 | end 99 | end 100 | -------------------------------------------------------------------------------- /spec/classes/watcher_keystone_auth_spec.rb: -------------------------------------------------------------------------------- 1 | # 2 | # Unit tests for watcher::keystone::auth 3 | # 4 | 5 | require 'spec_helper' 6 | 7 | describe 'watcher::keystone::auth' do 8 | shared_examples_for 'watcher::keystone::auth' do 9 | context 'with default class parameters' do 10 | let :params do 11 | { :password => 'watcher_password' } 12 | end 13 | 14 | it { is_expected.to contain_keystone__resource__service_identity('watcher').with( 15 | :configure_user => true, 16 | :configure_user_role => true, 17 | :configure_endpoint => true, 18 | :configure_service => true, 19 | :service_name => 'watcher', 20 | :service_type => 'infra-optim', 21 | :service_description => 'Infrastructure Optimization service', 22 | :region => 'RegionOne', 23 | :auth_name => 'watcher', 24 | :password => 'watcher_password', 25 | :email => 'watcher@localhost', 26 | :tenant => 'services', 27 | :roles => ['admin', 'service'], 28 | :system_scope => 'all', 29 | :system_roles => [], 30 | :public_url => 'http://127.0.0.1:9322', 31 | :internal_url => 'http://127.0.0.1:9322', 32 | :admin_url => 'http://127.0.0.1:9322', 33 | ) } 34 | end 35 | 36 | context 'when overriding parameters' do 37 | let :params do 38 | { :password => 'watcher_password', 39 | :auth_name => 'alt_watcher', 40 | :email => 'alt_watcher@alt_localhost', 41 | :tenant => 'alt_service', 42 | :roles => ['admin'], 43 | :system_scope => 'alt_all', 44 | :system_roles => ['admin', 'member', 'reader'], 45 | :configure_endpoint => false, 46 | :configure_user => false, 47 | :configure_user_role => false, 48 | :configure_service => false, 49 | :service_description => 'Alternative Infrastructure Optimization service', 50 | :service_name => 'alt_service', 51 | :service_type => 'alt_infra-optim', 52 | :region => 'RegionTwo', 53 | :public_url => 'https://10.10.10.10:80', 54 | :internal_url => 'http://10.10.10.11:81', 55 | :admin_url => 'http://10.10.10.12:81' } 56 | end 57 | 58 | it { is_expected.to contain_keystone__resource__service_identity('watcher').with( 59 | :configure_user => false, 60 | :configure_user_role => false, 61 | :configure_endpoint => false, 62 | :configure_service => false, 63 | :service_name => 'alt_service', 64 | :service_type => 'alt_infra-optim', 65 | :service_description => 'Alternative Infrastructure Optimization service', 66 | :region => 'RegionTwo', 67 | :auth_name => 'alt_watcher', 68 | :password => 'watcher_password', 69 | :email => 'alt_watcher@alt_localhost', 70 | :tenant => 'alt_service', 71 | :roles => ['admin'], 72 | :system_scope => 'alt_all', 73 | :system_roles => ['admin', 'member', 'reader'], 74 | :public_url => 'https://10.10.10.10:80', 75 | :internal_url => 'http://10.10.10.11:81', 76 | :admin_url => 'http://10.10.10.12:81', 77 | ) } 78 | end 79 | end 80 | 81 | on_supported_os({ 82 | :supported_os => OSDefaults.get_supported_os 83 | }).each do |os,facts| 84 | context "on #{os}" do 85 | let (:facts) do 86 | facts.merge!(OSDefaults.get_facts()) 87 | end 88 | 89 | it_behaves_like 'watcher::keystone::auth' 90 | end 91 | end 92 | end 93 | -------------------------------------------------------------------------------- /manifests/cron/db_purge.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Copyright (C) 2023 Red Hat Inc. 3 | # 4 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 5 | # not use this file except in compliance with the License. You may obtain 6 | # a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 12 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 13 | # License for the specific language governing permissions and limitations 14 | # under the License. 15 | # 16 | # == Class: watcher::cron::db_purge 17 | # 18 | # Purge soft-deleted or orphaned records from database. 19 | # 20 | # === Parameters 21 | # 22 | # [*ensure*] 23 | # (optional) Ensure cron jobs present or absent 24 | # Defaults to present. 25 | # 26 | # [*minute*] 27 | # (optional) Defaults to '1'. 28 | # 29 | # [*hour*] 30 | # (optional) Defaults to '0'. 31 | # 32 | # [*monthday*] 33 | # (optional) Defaults to '*'. 34 | # 35 | # [*month*] 36 | # (optional) Defaults to '*'. 37 | # 38 | # [*weekday*] 39 | # (optional) Defaults to '*'. 40 | # 41 | # [*user*] 42 | # (optional) User with access to watcher files. 43 | # Defaults to 'watcher'. 44 | # 45 | # [*age*] 46 | # (optional) Number of days prior to today for deletion, 47 | # e.g. value 60 means to purge deleted rows that have the "deleted_at" 48 | # column greater than 60 days ago. 49 | # Defaults to 30 50 | # 51 | # [*destination*] 52 | # (optional) Path to file to which rows should be archived 53 | # Defaults to '/var/log/watcher/watcher-rowsflush.log'. 54 | # 55 | # [*maxdelay*] 56 | # (optional) In Seconds. Should be a positive integer. 57 | # Induces a random delay before running the cronjob to avoid running 58 | # all cron jobs at the same time on all hosts this job is configured. 59 | # Defaults to 0. 60 | # 61 | # [*exclude_orphans*] 62 | # (optional) Flag to indicate whether orhans should be excluded from 63 | # deletion. 64 | # Defaults to false 65 | # 66 | # [*max_number*] 67 | # (optional) Max number of objects expected to be deleted. 68 | # Defaults to undef 69 | # 70 | class watcher::cron::db_purge ( 71 | Enum['present', 'absent'] $ensure = 'present', 72 | $minute = 1, 73 | $hour = 0, 74 | $monthday = '*', 75 | $month = '*', 76 | $weekday = '*', 77 | $user = $watcher::params::user, 78 | $age = 30, 79 | $destination = '/var/log/watcher/watcher-rowsflush.log', 80 | Integer[0] $maxdelay = 0, 81 | Boolean $exclude_orphans = false, 82 | $max_number = undef, 83 | ) inherits watcher::params { 84 | include watcher::deps 85 | 86 | $sleep = $maxdelay ? { 87 | 0 => '', 88 | default => "sleep `expr \${RANDOM} \\% ${maxdelay}`; ", 89 | } 90 | 91 | $exclude_orphans_opt = $exclude_orphans ? { 92 | true => ' -e', 93 | default => '', 94 | } 95 | 96 | $max_number_opt = $max_number ? { 97 | undef => '', 98 | default => " -n ${max_number}", 99 | } 100 | 101 | cron { 'watcher-db-manage purge': 102 | ensure => $ensure, 103 | command => "${sleep}watcher-db-manage purge -d ${age}${exclude_orphans_opt}${max_number_opt} >>${destination} 2>&1", 104 | environment => 'PATH=/bin:/usr/bin:/usr/sbin SHELL=/bin/sh', 105 | user => $user, 106 | minute => $minute, 107 | hour => $hour, 108 | monthday => $monthday, 109 | month => $month, 110 | weekday => $weekday, 111 | require => Anchor['watcher::db::upgrade::end'], 112 | } 113 | } 114 | -------------------------------------------------------------------------------- /spec/classes/watcher_api_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::api' do 4 | 5 | let :params do 6 | { 7 | :enabled => true, 8 | :package_ensure => 'latest', 9 | } 10 | end 11 | 12 | let :pre_condition do 13 | "include watcher::db 14 | class { 'watcher': } 15 | class { 'watcher::keystone::authtoken': 16 | password => 'a_big_secret', 17 | }" 18 | end 19 | 20 | shared_examples 'watcher-api' do 21 | 22 | it { is_expected.to contain_class('watcher::params') } 23 | it { is_expected.to contain_class('watcher::deps') } 24 | 25 | it 'installs watcher-api package' do 26 | is_expected.to contain_package('watcher-api').with( 27 | :ensure => 'latest', 28 | :name => platform_params[:api_package_name], 29 | :tag => ['openstack', 'watcher-package'], 30 | ) 31 | end 32 | 33 | [{:enabled => true}, {:enabled => false}].each do |param_hash| 34 | context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do 35 | before do 36 | params.merge!(param_hash) 37 | end 38 | 39 | it 'configures watcher-api service' do 40 | is_expected.to contain_service('watcher-api').with( 41 | :ensure => params[:enabled] ? 'running' : 'stopped', 42 | :name => platform_params[:api_service_name], 43 | :enable => params[:enabled], 44 | :hasstatus => true, 45 | :hasrestart => true, 46 | :tag => ['watcher-service'], 47 | ) 48 | end 49 | end 50 | end 51 | 52 | context 'with default api configuration' do 53 | it 'should configure the api configurations section when enabled' do 54 | is_expected.to contain_watcher_config('api/port').with_value('') 55 | is_expected.to contain_watcher_config('api/max_limit').with_value('') 56 | is_expected.to contain_watcher_config('api/host').with_value('') 57 | is_expected.to contain_watcher_config('api/workers').with_value(2) 58 | is_expected.to contain_watcher_config('api/enable_ssl_api').with_value('') 59 | end 60 | end 61 | 62 | context 'with disabled service managing' do 63 | before do 64 | params.merge!({ 65 | :manage_service => false, 66 | }) 67 | end 68 | 69 | it 'should not configure watcher-api service' do 70 | is_expected.to_not contain_service('watcher-api') 71 | end 72 | end 73 | 74 | context 'when running watcher-api in wsgi' do 75 | before do 76 | params.merge!({ :service_name => 'httpd' }) 77 | end 78 | 79 | let :pre_condition do 80 | "include apache 81 | include watcher::db 82 | class { 'watcher': } 83 | class { 'watcher::keystone::authtoken': 84 | password => 'a_big_secret', 85 | }" 86 | end 87 | 88 | it 'configures watcher-api service with Apache' do 89 | is_expected.to contain_service('watcher-api').with( 90 | :ensure => 'stopped', 91 | :name => platform_params[:api_service_name], 92 | :enable => false, 93 | :tag => ['watcher-service'], 94 | ) 95 | end 96 | end 97 | end 98 | 99 | on_supported_os({ 100 | :supported_os => OSDefaults.get_supported_os 101 | }).each do |os,facts| 102 | context "on #{os}" do 103 | let (:facts) do 104 | facts.merge!(OSDefaults.get_facts()) 105 | end 106 | let(:platform_params) do 107 | case facts[:os]['family'] 108 | when 'Debian' 109 | { :api_package_name => 'watcher-api', 110 | :api_service_name => 'watcher-api' } 111 | when 'RedHat' 112 | { :api_package_name => 'openstack-watcher-api', 113 | :api_service_name => 'openstack-watcher-api' } 114 | end 115 | end 116 | it_behaves_like 'watcher-api' 117 | end 118 | end 119 | 120 | end 121 | -------------------------------------------------------------------------------- /spec/classes/watcher_watcher_clients_auth_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::watcher_clients_auth' do 4 | 5 | shared_examples 'watcher::watcher_clients_auth' do 6 | let :params do 7 | { :password => 'watcher_password' } 8 | end 9 | 10 | context 'with defaults' do 11 | it 'should set the defaults' do 12 | should contain_watcher_config('watcher_clients_auth/password').with_value('watcher_password').with_secret(true) 13 | should contain_watcher_config('watcher_clients_auth/auth_url').with_value('http://localhost:5000/') 14 | should contain_watcher_config('watcher_clients_auth/username').with_value('watcher') 15 | should contain_watcher_config('watcher_clients_auth/project_name').with_value('services') 16 | should contain_watcher_config('watcher_clients_auth/user_domain_name').with_value('Default') 17 | should contain_watcher_config('watcher_clients_auth/project_domain_name').with_value('Default') 18 | should contain_watcher_config('watcher_clients_auth/system_scope').with_value('') 19 | should contain_watcher_config('watcher_clients_auth/insecure').with_value('') 20 | should contain_watcher_config('watcher_clients_auth/certfile').with_value('') 21 | should contain_watcher_config('watcher_clients_auth/cafile').with_value('') 22 | should contain_watcher_config('watcher_clients_auth/keyfile').with_value('') 23 | end 24 | end 25 | 26 | context 'with parameters overridden' do 27 | before do 28 | params.merge!({ 29 | :auth_url => 'http://127.0.0.1:5000/', 30 | :username => 'alt_watcher', 31 | :project_name => 'alt_services', 32 | :project_domain_name => 'project_domain', 33 | :user_domain_name => 'user_domain', 34 | :insecure => false, 35 | :certfile => 'path_to_cert', 36 | :cafile => 'path_to_ca', 37 | :keyfile => 'path_to_key', 38 | }) 39 | end 40 | 41 | it 'should set the overridden values' do 42 | should contain_watcher_config('watcher_clients_auth/auth_url').with_value('http://127.0.0.1:5000/') 43 | should contain_watcher_config('watcher_clients_auth/username').with_value('alt_watcher') 44 | should contain_watcher_config('watcher_clients_auth/project_name').with_value('alt_services') 45 | should contain_watcher_config('watcher_clients_auth/user_domain_name').with_value('user_domain') 46 | should contain_watcher_config('watcher_clients_auth/project_domain_name').with_value('project_domain') 47 | should contain_watcher_config('watcher_clients_auth/system_scope').with_value('') 48 | should contain_watcher_config('watcher_clients_auth/insecure').with_value(false) 49 | should contain_watcher_config('watcher_clients_auth/certfile').with_value('path_to_cert') 50 | should contain_watcher_config('watcher_clients_auth/cafile').with_value('path_to_ca') 51 | should contain_watcher_config('watcher_clients_auth/keyfile').with_value('path_to_key') 52 | end 53 | end 54 | 55 | context 'when system_scope is set' do 56 | before do 57 | params.merge!( 58 | :system_scope => 'all' 59 | ) 60 | end 61 | it 'configures system-scoped credential' do 62 | is_expected.to contain_watcher_config('watcher_clients_auth/project_domain_name').with_value('') 63 | is_expected.to contain_watcher_config('watcher_clients_auth/project_name').with_value('') 64 | is_expected.to contain_watcher_config('watcher_clients_auth/system_scope').with_value('all') 65 | end 66 | end 67 | end 68 | 69 | on_supported_os({ 70 | :supported_os => OSDefaults.get_supported_os 71 | }).each do |os,facts| 72 | context "on #{os}" do 73 | let (:facts) do 74 | facts.merge!(OSDefaults.get_facts()) 75 | end 76 | it_behaves_like 'watcher::watcher_clients_auth' 77 | end 78 | end 79 | 80 | end 81 | -------------------------------------------------------------------------------- /spec/classes/watcher_applier_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::applier' do 4 | 5 | shared_examples 'watcher-applier' do 6 | 7 | context 'with default parameters' do 8 | 9 | it 'installs packages' do 10 | is_expected.to contain_package('watcher-applier').with( 11 | :name => platform_params[:watcher_applier_package], 12 | :ensure => 'present', 13 | :tag => ['openstack', 'watcher-package'] 14 | ) 15 | end 16 | 17 | it 'configures watcher applier service' do 18 | is_expected.to contain_watcher_config('watcher_applier/workers').with_value('') 19 | is_expected.to contain_watcher_config('watcher_applier/conductor_topic').with_value('') 20 | is_expected.to contain_watcher_config('watcher_applier/status_topic').with_value('') 21 | is_expected.to contain_watcher_config('watcher_applier/publisher_id').with_value('') 22 | is_expected.to contain_watcher_config('watcher_applier/workflow_engine').with_value('') 23 | end 24 | end 25 | 26 | [{:enabled => true}, {:enabled => false}].each do |param_hash| 27 | context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do 28 | let :params do 29 | { :enabled => true, } 30 | end 31 | before do 32 | params.merge!(param_hash) 33 | end 34 | 35 | it 'configures watcher applier service' do 36 | is_expected.to contain_service('watcher-applier').with( 37 | :ensure => params[:enabled] ? 'running' : 'stopped', 38 | :name => platform_params[:applier_service_name], 39 | :enable => params[:enabled], 40 | :hasstatus => true, 41 | :hasrestart => true, 42 | :tag => ['watcher-service'], 43 | ) 44 | end 45 | end 46 | end 47 | 48 | context 'with disabled service managing' do 49 | let :params do 50 | { 51 | :manage_service => false, 52 | } 53 | end 54 | 55 | it 'should not configure watcher-applier service' do 56 | is_expected.to_not contain_service('watcher-applier') 57 | end 58 | end 59 | 60 | context 'with overridden parameters' do 61 | let :params do 62 | { 63 | :package_ensure => '2012.1.1-15.el6', 64 | :applier_workers => '10', 65 | :applier_conductor_topic => 'applier123', 66 | :applier_status_topic => 'someStatus', 67 | :applier_publisher_id => '20120101', 68 | :applier_workflow_engine => 'taskFloooow', 69 | } 70 | end 71 | it 'configures watcher applier' do 72 | is_expected.to contain_watcher_config('watcher_applier/workers').with_value('10') 73 | is_expected.to contain_watcher_config('watcher_applier/conductor_topic').with_value('applier123') 74 | is_expected.to contain_watcher_config('watcher_applier/status_topic').with_value('someStatus') 75 | is_expected.to contain_watcher_config('watcher_applier/publisher_id').with_value('20120101') 76 | is_expected.to contain_watcher_config('watcher_applier/workflow_engine').with_value('taskFloooow') 77 | end 78 | end 79 | end 80 | 81 | on_supported_os({ 82 | :supported_os => OSDefaults.get_supported_os 83 | }).each do |os,facts| 84 | context "on #{os}" do 85 | let (:facts) do 86 | facts.merge!(OSDefaults.get_facts()) 87 | end 88 | let(:platform_params) do 89 | case facts[:os]['family'] 90 | when 'Debian' 91 | { :watcher_applier_package => 'watcher-applier', 92 | :applier_service_name => 'watcher-applier', 93 | } 94 | when 'RedHat' 95 | { :watcher_applier_package => 'openstack-watcher-applier', 96 | :applier_service_name => 'openstack-watcher-applier', 97 | } 98 | end 99 | end 100 | it_behaves_like 'watcher-applier' 101 | end 102 | end 103 | end 104 | -------------------------------------------------------------------------------- /manifests/keystone/auth.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::keystone::auth 2 | # 3 | # Configures watcher user, service and endpoint in Keystone. 4 | # 5 | # === Parameters 6 | # 7 | # [*password*] 8 | # (Required) Password for watcher user. 9 | # 10 | # [*auth_name*] 11 | # (Optional) Username for watcher service. 12 | # Defaults to 'watcher'. 13 | # 14 | # [*email*] 15 | # (Optional) Email for watcher user. 16 | # Defaults to 'watcher@localhost'. 17 | # 18 | # [*tenant*] 19 | # (Optional) Tenant for watcher user. 20 | # Defaults to 'services'. 21 | # 22 | # [*roles*] 23 | # (Optional) List of roles assigned to watcher user. 24 | # Defaults to ['admin', 'service'] 25 | # 26 | # [*system_scope*] 27 | # (Optional) Scope for system operations. 28 | # Defaults to 'all' 29 | # 30 | # [*system_roles*] 31 | # (Optional) List of system roles assigned to watcher user. 32 | # Defaults to [] 33 | # 34 | # [*configure_endpoint*] 35 | # (Optional) Should watcher endpoint be configured? 36 | # Defaults to true. 37 | # 38 | # [*configure_user*] 39 | # (Optional) Should the service user be configured? 40 | # Defaults to true. 41 | # 42 | # [*configure_user_role*] 43 | # (Optional) Should the admin role be configured for the service user? 44 | # Defaults to true. 45 | # 46 | # [*configure_service*] 47 | # (Optional) Should the service be configurd? 48 | # Defaults to True 49 | # 50 | # [*service_type*] 51 | # (Optional) Type of service. 52 | # Defaults to 'infra-optim'. 53 | # 54 | # [*region*] 55 | # (Optional) Region for endpoint. 56 | # Defaults to 'RegionOne'. 57 | # 58 | # [*service_name*] 59 | # (Optional) Name of the service. 60 | # Defaults to the value of auth_name. 61 | # 62 | # [*service_description*] 63 | # (Optional) Description of the service. 64 | # Default to 'watcher API Service' 65 | # 66 | # [*public_url*] 67 | # (0ptional) The endpoint's public url. 68 | # This url should *not* contain any trailing '/'. 69 | # Defaults to 'http://127.0.0.1:9322' 70 | # 71 | # [*admin_url*] 72 | # (Optional) The endpoint's admin url. 73 | # This url should *not* contain any trailing '/'. 74 | # Defaults to 'http://127.0.0.1:9322' 75 | # 76 | # [*internal_url*] 77 | # (Optional) The endpoint's internal url. 78 | # This url should *not* contain any trailing '/'. 79 | # Defaults to 'http://127.0.0.1:9322' 80 | # 81 | class watcher::keystone::auth ( 82 | String[1] $password, 83 | String[1] $auth_name = 'watcher', 84 | String[1] $email = 'watcher@localhost', 85 | String[1] $tenant = 'services', 86 | Array[String[1]] $roles = ['admin', 'service'], 87 | String[1] $system_scope = 'all', 88 | Array[String[1]] $system_roles = [], 89 | Boolean $configure_endpoint = true, 90 | Boolean $configure_user = true, 91 | Boolean $configure_user_role = true, 92 | Boolean $configure_service = true, 93 | Optional[String[1]] $service_name = undef, 94 | String[1] $service_description = 'Infrastructure Optimization service', 95 | String[1] $service_type = 'infra-optim', 96 | String[1] $region = 'RegionOne', 97 | Keystone::PublicEndpointUrl $public_url = 'http://127.0.0.1:9322', 98 | Keystone::EndpointUrl $admin_url = 'http://127.0.0.1:9322', 99 | Keystone::EndpointUrl $internal_url = 'http://127.0.0.1:9322', 100 | ) { 101 | include watcher::deps 102 | 103 | $real_service_name = pick($service_name, $auth_name) 104 | 105 | Keystone::Resource::Service_identity['watcher'] -> Anchor['watcher::service::end'] 106 | 107 | keystone::resource::service_identity { 'watcher': 108 | configure_user => $configure_user, 109 | configure_user_role => $configure_user_role, 110 | configure_endpoint => $configure_endpoint, 111 | configure_service => $configure_service, 112 | service_name => $real_service_name, 113 | service_type => $service_type, 114 | service_description => $service_description, 115 | region => $region, 116 | auth_name => $auth_name, 117 | password => $password, 118 | email => $email, 119 | tenant => $tenant, 120 | roles => $roles, 121 | system_scope => $system_scope, 122 | system_roles => $system_roles, 123 | public_url => $public_url, 124 | internal_url => $internal_url, 125 | admin_url => $admin_url, 126 | } 127 | } 128 | -------------------------------------------------------------------------------- /manifests/decision_engine.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::decision_engine 2 | # 3 | # === Parameters 4 | # 5 | # [*package_ensure*] 6 | # (Optional) The state of the package. 7 | # Defaults to 'present'. 8 | # 9 | # [*enabled*] 10 | # (Optional) The state of the service 11 | # Defaults to 'true'. 12 | # 13 | # [*max_audit_workers*] 14 | # (Optional) The maximum number of threads that can be used to execute 15 | # audits in pararell. 16 | # Defaults to $facts['os_service_default'] 17 | # 18 | # [*max_general_workers*] 19 | # (Optional) The maximum number of threads that can be used to execute 20 | # general tasks in parallel. 21 | # Defaults to $facts['os_service_default'] 22 | # 23 | # [*manage_service*] 24 | # (Optional) Whether to start/stop the service. 25 | # Defaults to 'true'. 26 | # 27 | # [*decision_engine_conductor_topic*] 28 | # (Optional) The topic name used forcontrol events, this topic used 29 | # for rpc call 30 | # Defaults to $facts['os_service_default'] 31 | # 32 | # [*decision_engine_status_topic*] 33 | # (Optional) The topic name used for status events, this topic is used 34 | # so as to notifythe others components of the system 35 | # Defaults to $facts['os_service_default'] 36 | # 37 | # [*decision_engine_notification_topics*] 38 | # (Optional) The topic names from which notification events will be 39 | # listened to (list value) 40 | # Defaults to $facts['os_service_default'] 41 | # 42 | # [*decision_engine_publisher_id*] 43 | # (Optional) The identifier used by watcher module on the message broker 44 | # Defaults to $facts['os_service_default'] 45 | # 46 | # [*planner*] 47 | # (Optional) The selected planner used to schedule the actions (string value) 48 | # Defaults to $facts['os_service_default'] 49 | # 50 | # [*weights*] 51 | # (Optional) Hash of weights used to schedule the actions (dict value). 52 | # The key is an action, value is an order number. 53 | # Defaults to $facts['os_service_default'] 54 | # Example: 55 | # { 'change_nova_service_state' => '2', 56 | # 'migrate' => '3', 'nop' => '0', 'sleep' => '1' } 57 | # 58 | # DEPRECATED PARAMETERS 59 | # 60 | # [*decision_engine_workers*] 61 | # (Optional) The maximum number of threads that can be used to execute 62 | # strategies 63 | # Defaults to $facts['os_service_default'] 64 | # 65 | class watcher::decision_engine ( 66 | Stdlib::Ensure::Package $package_ensure = 'present', 67 | Boolean $enabled = true, 68 | Boolean $manage_service = true, 69 | $max_audit_workers = $facts['os_service_default'], 70 | $max_general_workers = $facts['os_service_default'], 71 | $decision_engine_conductor_topic = $facts['os_service_default'], 72 | $decision_engine_status_topic = $facts['os_service_default'], 73 | $decision_engine_notification_topics = $facts['os_service_default'], 74 | $decision_engine_publisher_id = $facts['os_service_default'], 75 | $planner = $facts['os_service_default'], 76 | $weights = $facts['os_service_default'], 77 | # DEPRECATED PARAMETERS 78 | $decision_engine_workers = undef, 79 | ) { 80 | include watcher::params 81 | include watcher::deps 82 | 83 | if $decision_engine_workers { 84 | warning('The decision_engine_workers parameter is deprecated and has no effect.') 85 | } 86 | 87 | if $weights =~ Hash { 88 | $weights_real = join(sort(join_keys_to_values($weights, ':')), ',') 89 | } else { 90 | $weights_real = join(any2array($weights), ',') 91 | } 92 | 93 | package { 'watcher-decision-engine': 94 | ensure => $package_ensure, 95 | name => $watcher::params::decision_engine_package_name, 96 | tag => ['openstack', 'watcher-package'], 97 | } 98 | 99 | if $manage_service { 100 | if $enabled { 101 | $service_ensure = 'running' 102 | } else { 103 | $service_ensure = 'stopped' 104 | } 105 | 106 | service { 'watcher-decision-engine': 107 | ensure => $service_ensure, 108 | name => $watcher::params::decision_engine_service_name, 109 | enable => $enabled, 110 | hasstatus => true, 111 | hasrestart => true, 112 | tag => ['watcher-service'], 113 | } 114 | } 115 | 116 | watcher_config { 117 | 'watcher_decision_engine/max_audit_workers': value => $max_audit_workers; 118 | 'watcher_decision_engine/max_general_workers': value => $max_general_workers; 119 | 'watcher_decision_engine/conductor_topic': value => $decision_engine_conductor_topic; 120 | 'watcher_decision_engine/status_topic': value => $decision_engine_status_topic; 121 | 'watcher_decision_engine/notification_topics': value => join(any2array($decision_engine_notification_topics), ','); 122 | 'watcher_decision_engine/publisher_id': value => $decision_engine_publisher_id; 123 | } 124 | 125 | # TODO(tkajinam): Remove this after 2026.1 release 126 | watcher_config { 127 | 'watcher_decision_engine/max_workers': ensure => absent; 128 | } 129 | 130 | watcher_config { 131 | 'watcher_planner/planner': value => $planner; 132 | 'watcher_planners.default/weights': value => $weights_real; 133 | } 134 | } 135 | -------------------------------------------------------------------------------- /manifests/api.pp: -------------------------------------------------------------------------------- 1 | # == Class: watcher::api 2 | # 3 | # Configure Watcher API service. 4 | # 5 | # === Parameters: 6 | # 7 | # All options are optional unless specified otherwise. 8 | # All options defaults to $facts['os_service_default'] and 9 | # the default values from the service are used. 10 | # 11 | # === Watcher configuration 12 | # 13 | # [*package_ensure*] 14 | # (Optional)Ensure state of the openstackclient package. 15 | # Defaults to 'present'. 16 | # 17 | # [*enabled*] 18 | # (Optional) Whether the watcher api service will be run 19 | # Defaults to true 20 | # 21 | # [*manage_service*] 22 | # (Optional) Whether the service should be managed by Puppet. 23 | # Defaults to true. 24 | # 25 | # [*port*] 26 | # (Optional) The port on which the watcher API will listen. 27 | # Defaults to $facts['os_service_default']. 28 | # 29 | # [*max_limit*] 30 | # (Optional)The maximum number of items returned in a single response from a 31 | # collection resource. 32 | # Defaults to $facts['os_service_default']. 33 | # 34 | # [*bind_host*] 35 | # (Optional) Listen IP for the watcher API server. 36 | # Defaults to $facts['os_service_default']. 37 | # 38 | # [*workers*] 39 | # (Optional) Number of worker processors to for the Watcher API service. 40 | # Defaults to $facts['os_workers']. 41 | # 42 | # [*enable_ssl_api*] 43 | # (Optional) Enable the integrated stand-alone API to service requests via HTTPS instead 44 | # of HTTP. If there is a front-end service performing HTTPS offloading from the 45 | # service, this option should be False; note, you will want to change public 46 | # API endpoint to represent SSL termination URL with 'public_endpoint' option. 47 | # Defaults to $facts['os_service_default']. 48 | # 49 | # [*service_name*] 50 | # (optional) Name of the service that will be providing the 51 | # server functionality of watcher-api. 52 | # If the value is 'httpd', this means watcher-api will be a web 53 | # service, and you must use another class to configure that 54 | # web service. For example, use class { 'watcher::wsgi::apache'...} 55 | # to make watcher-api be a web app using apache mod_wsgi. 56 | # Defaults to '$watcher::params::api_service_name' 57 | # 58 | # === DB management 59 | # 60 | # [*create_db_schema*] 61 | # (Optional) Run watcher-db-manage create_schema on api nodes after 62 | # installing the package. 63 | # Defaults to false 64 | # 65 | # [*upgrade_db*] 66 | # (Optional) Run watcher-db-manage upgrade on api nodes after 67 | # installing the package. 68 | # Defaults to false 69 | # 70 | # [*auth_strategy*] 71 | # (optional) Type of authentication to be used. 72 | # Defaults to 'keystone' 73 | # 74 | class watcher::api ( 75 | Stdlib::Ensure::Package $package_ensure = 'present', 76 | Boolean $enabled = true, 77 | Boolean $manage_service = true, 78 | $port = $facts['os_service_default'], 79 | $max_limit = $facts['os_service_default'], 80 | $bind_host = $facts['os_service_default'], 81 | $workers = $facts['os_workers'], 82 | $enable_ssl_api = $facts['os_service_default'], 83 | String[1] $service_name = $watcher::params::api_service_name, 84 | Boolean $create_db_schema = false, 85 | Boolean $upgrade_db = false, 86 | $auth_strategy = 'keystone', 87 | ) inherits watcher::params { 88 | include watcher::deps 89 | include watcher::policy 90 | 91 | if $auth_strategy == 'keystone' { 92 | include watcher::keystone::authtoken 93 | } 94 | 95 | package { 'watcher-api': 96 | ensure => $package_ensure, 97 | name => $watcher::params::api_package_name, 98 | tag => ['openstack', 'watcher-package'], 99 | } 100 | 101 | if $create_db_schema { 102 | include watcher::db::create_schema 103 | } 104 | 105 | if $upgrade_db { 106 | include watcher::db::upgrade 107 | } 108 | 109 | if $manage_service { 110 | case $service_name { 111 | 'httpd': { 112 | Service <| title == 'httpd' |> { tag +> 'watcher-service' } 113 | 114 | service { 'watcher-api': 115 | ensure => 'stopped', 116 | name => $watcher::params::api_service_name, 117 | enable => false, 118 | tag => ['watcher-service'], 119 | } 120 | 121 | # we need to make sure watcher-api/eventlet is stopped before trying to start apache 122 | Service['watcher-api'] -> Service['httpd'] 123 | } 124 | default: { 125 | $service_ensure = $enabled ? { 126 | true => 'running', 127 | default => 'stopped', 128 | } 129 | 130 | service { 'watcher-api': 131 | ensure => $service_ensure, 132 | name => $service_name, 133 | enable => $enabled, 134 | hasstatus => true, 135 | hasrestart => true, 136 | tag => ['watcher-service'], 137 | } 138 | } 139 | } 140 | } 141 | 142 | watcher_config { 143 | 'api/port': value => $port; 144 | 'api/max_limit': value => $max_limit; 145 | 'api/host': value => $bind_host; 146 | 'api/workers': value => $workers; 147 | 'api/enable_ssl_api': value => $enable_ssl_api; 148 | } 149 | } 150 | -------------------------------------------------------------------------------- /spec/classes/watcher_decision_engine_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::decision_engine' do 4 | 5 | shared_examples 'watcher-decision-engine' do 6 | 7 | context 'with default parameters' do 8 | 9 | it 'installs packages' do 10 | is_expected.to contain_package('watcher-decision-engine').with( 11 | :name => platform_params[:watcher_decision_engine_package], 12 | :ensure => 'present', 13 | :tag => ['openstack', 'watcher-package'] 14 | ) 15 | end 16 | 17 | it 'configures watcher decision engine service' do 18 | is_expected.to contain_watcher_config('watcher_decision_engine/max_audit_workers').with_value('') 19 | is_expected.to contain_watcher_config('watcher_decision_engine/max_general_workers').with_value('') 20 | is_expected.to contain_watcher_config('watcher_decision_engine/conductor_topic').with_value('') 21 | is_expected.to contain_watcher_config('watcher_decision_engine/status_topic').with_value('') 22 | is_expected.to contain_watcher_config('watcher_decision_engine/notification_topics').with_value('') 23 | is_expected.to contain_watcher_config('watcher_decision_engine/publisher_id').with_value('') 24 | is_expected.to contain_watcher_config('watcher_planner/planner').with_value('') 25 | is_expected.to contain_watcher_config('watcher_planners.default/weights').with_value('') 26 | end 27 | end 28 | 29 | [{:enabled => true}, {:enabled => false}].each do |param_hash| 30 | context "when service should be #{param_hash[:enabled] ? 'enabled' : 'disabled'}" do 31 | let :params do 32 | { :enabled => true } 33 | end 34 | before do 35 | params.merge!(param_hash) 36 | end 37 | 38 | it 'configures watcher decision engine service' do 39 | is_expected.to contain_service('watcher-decision-engine').with( 40 | :ensure => params[:enabled] ? 'running' : 'stopped', 41 | :name => platform_params[:decision_engine_service_name], 42 | :enable => params[:enabled], 43 | :hasstatus => true, 44 | :hasrestart => true, 45 | :tag => ['watcher-service'], 46 | ) 47 | end 48 | end 49 | end 50 | 51 | context 'with disabled service managing' do 52 | let :params do 53 | { 54 | :manage_service => false 55 | } 56 | end 57 | 58 | it 'should not configure watcher-decision-engine service' do 59 | is_expected.to_not contain_service('watcher-decision-engine') 60 | end 61 | end 62 | 63 | context 'with overridden parameters' do 64 | let :params do 65 | { 66 | :package_ensure => '2012.1.1-15.el6', 67 | :max_audit_workers => 2, 68 | :max_general_workers => 4, 69 | :decision_engine_conductor_topic => 'test_conductor_topic', 70 | :decision_engine_status_topic => 'niceTopic', 71 | :decision_engine_notification_topics => ['topic_1','topic_2'], 72 | :decision_engine_publisher_id => '123456', 73 | :planner => 'NoPlanner', 74 | :weights => { 75 | 'foo1' => 'fooValue1', 76 | 'foo2' => 'fooValue2' 77 | }, 78 | } 79 | end 80 | it 'configures watcher decision engine' do 81 | is_expected.to contain_watcher_config('watcher_decision_engine/max_audit_workers').with_value(2) 82 | is_expected.to contain_watcher_config('watcher_decision_engine/max_general_workers').with_value(4) 83 | is_expected.to contain_watcher_config('watcher_decision_engine/conductor_topic').with_value('test_conductor_topic') 84 | is_expected.to contain_watcher_config('watcher_decision_engine/status_topic').with_value('niceTopic') 85 | is_expected.to contain_watcher_config('watcher_decision_engine/notification_topics').with_value('topic_1,topic_2') 86 | is_expected.to contain_watcher_config('watcher_decision_engine/publisher_id').with_value('123456') 87 | is_expected.to contain_watcher_config('watcher_planner/planner').with_value('NoPlanner') 88 | is_expected.to contain_watcher_config('watcher_planners.default/weights').with_value('foo1:fooValue1,foo2:fooValue2') 89 | end 90 | end 91 | end 92 | 93 | on_supported_os({ 94 | :supported_os => OSDefaults.get_supported_os 95 | }).each do |os,facts| 96 | context "on #{os}" do 97 | let (:facts) do 98 | 99 | facts.merge!(OSDefaults.get_facts()) 100 | end 101 | let(:platform_params) do 102 | case facts[:os]['family'] 103 | when 'Debian' 104 | { :watcher_decision_engine_package => 'watcher-decision-engine', 105 | :decision_engine_service_name => 'watcher-decision-engine', 106 | } 107 | when 'RedHat' 108 | { :watcher_decision_engine_package => 'openstack-watcher-decision-engine', 109 | :decision_engine_service_name => 'openstack-watcher-decision-engine', 110 | } 111 | end 112 | end 113 | it_behaves_like 'watcher-decision-engine' 114 | end 115 | end 116 | end 117 | -------------------------------------------------------------------------------- /spec/classes/watcher_logging_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::logging' do 4 | 5 | let :params do 6 | { 7 | } 8 | end 9 | 10 | let :log_params do 11 | { 12 | :logging_context_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', 13 | :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', 14 | :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', 15 | :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', 16 | :log_config_append => '/etc/watcher/logging.conf', 17 | :publish_errors => true, 18 | :default_log_levels => { 19 | 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', 20 | 'sqlalchemy' => 'WARN', 'suds' => 'INFO', 'iso8601' => 'WARN', 21 | 'requests.packages.urllib3.connectionpool' => 'WARN' }, 22 | :fatal_deprecations => true, 23 | :instance_format => '[instance: %(uuid)s] ', 24 | :instance_uuid_format => '[instance: %(uuid)s] ', 25 | :log_date_format => '%Y-%m-%d %H:%M:%S', 26 | :use_syslog => true, 27 | :use_json => true, 28 | :use_journal => true, 29 | :use_stderr => false, 30 | :syslog_log_facility => 'LOG_FOO', 31 | :log_dir => '/var/log', 32 | :log_file => '/var/tmp/watcher_random.log', 33 | :debug => true, 34 | } 35 | end 36 | 37 | shared_examples_for 'watcher-logging' do 38 | 39 | context 'with basic logging options and default settings' do 40 | it_configures 'basic default logging settings' 41 | end 42 | 43 | context 'with basic logging options and non-default settings' do 44 | before { params.merge!( log_params ) } 45 | it_configures 'basic non-default logging settings' 46 | end 47 | 48 | context 'with extended logging options' do 49 | before { params.merge!( log_params ) } 50 | it_configures 'logging params set' 51 | end 52 | 53 | context 'without extended logging options' do 54 | it_configures 'logging params unset' 55 | end 56 | 57 | end 58 | 59 | shared_examples 'basic default logging settings' do 60 | it 'configures watcher logging settings with default values' do 61 | is_expected.to contain_oslo__log('watcher_config').with( 62 | :use_syslog => '', 63 | :use_json => '', 64 | :use_journal => '', 65 | :use_stderr => '', 66 | :syslog_log_facility => '', 67 | :log_dir => '/var/log/watcher', 68 | :log_file => '', 69 | :debug => '', 70 | ) 71 | end 72 | end 73 | 74 | shared_examples 'basic non-default logging settings' do 75 | it 'configures watcher logging settings with non-default values' do 76 | is_expected.to contain_oslo__log('watcher_config').with( 77 | :use_syslog => true, 78 | :use_json => true, 79 | :use_journal => true, 80 | :use_stderr => false, 81 | :syslog_log_facility => 'LOG_FOO', 82 | :log_dir => '/var/log', 83 | :log_file => '/var/tmp/watcher_random.log', 84 | :debug => true, 85 | ) 86 | end 87 | end 88 | 89 | shared_examples_for 'logging params set' do 90 | it 'enables logging params' do 91 | is_expected.to contain_oslo__log('watcher_config').with( 92 | :logging_context_format_string => 93 | '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s', 94 | :logging_default_format_string => '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s', 95 | :logging_debug_format_suffix => '%(funcName)s %(pathname)s:%(lineno)d', 96 | :logging_exception_prefix => '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s', 97 | :log_config_append => '/etc/watcher/logging.conf', 98 | :publish_errors => true, 99 | :default_log_levels => { 100 | 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', 101 | 'sqlalchemy' => 'WARN', 'suds' => 'INFO', 'iso8601' => 'WARN', 102 | 'requests.packages.urllib3.connectionpool' => 'WARN' }, 103 | :fatal_deprecations => true, 104 | :instance_format => '[instance: %(uuid)s] ', 105 | :instance_uuid_format => '[instance: %(uuid)s] ', 106 | :log_date_format => '%Y-%m-%d %H:%M:%S', 107 | ) 108 | end 109 | end 110 | 111 | shared_examples_for 'logging params unset' do 112 | [ :logging_context_format_string, :logging_default_format_string, 113 | :logging_debug_format_suffix, :logging_exception_prefix, 114 | :log_config_append, :publish_errors, 115 | :default_log_levels, :fatal_deprecations, 116 | :instance_format, :instance_uuid_format, 117 | :log_date_format, ].each { |param| 118 | it { is_expected.to contain_oslo__log('watcher_config').with("#{param}" => '') } 119 | } 120 | end 121 | 122 | on_supported_os({ 123 | :supported_os => OSDefaults.get_supported_os 124 | }).each do |os,facts| 125 | context "on #{os}" do 126 | let (:facts) do 127 | facts.merge!(OSDefaults.get_facts()) 128 | end 129 | 130 | it_behaves_like 'watcher-logging' 131 | end 132 | end 133 | end 134 | -------------------------------------------------------------------------------- /spec/classes/watcher_wsgi_apache_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::wsgi::apache' do 4 | 5 | shared_examples_for 'apache serving watcher with mod_wsgi' do 6 | context 'with default parameters' do 7 | it { is_expected.to contain_class('watcher::params') } 8 | it { is_expected.to contain_openstacklib__wsgi__apache('watcher_wsgi').with( 9 | :bind_port => 9322, 10 | :group => 'watcher', 11 | :path => '/', 12 | :priority => 10, 13 | :servername => 'foo.example.com', 14 | :ssl => false, 15 | :threads => 1, 16 | :user => 'watcher', 17 | :workers => facts[:os_workers], 18 | :wsgi_daemon_process => 'watcher', 19 | :wsgi_process_group => 'watcher', 20 | :wsgi_script_dir => platform_params[:wsgi_script_path], 21 | :wsgi_script_file => 'app', 22 | :wsgi_script_source => platform_params[:wsgi_script_source], 23 | :headers => nil, 24 | :request_headers => nil, 25 | :custom_wsgi_process_options => {}, 26 | :access_log_file => nil, 27 | :access_log_pipe => nil, 28 | :access_log_syslog => nil, 29 | :access_log_format => nil, 30 | :error_log_file => nil, 31 | :error_log_pipe => nil, 32 | :error_log_syslog => nil, 33 | )} 34 | end 35 | 36 | context 'when overriding parameters' do 37 | let :params do 38 | { 39 | :servername => 'dummy.host', 40 | :bind_host => '10.42.51.1', 41 | :port => 12345, 42 | :ssl => true, 43 | :wsgi_process_display_name => 'watcher', 44 | :workers => 37, 45 | :custom_wsgi_process_options => { 46 | 'python_path' => '/my/python/path', 47 | }, 48 | :headers => ['set X-XSS-Protection "1; mode=block"'], 49 | :request_headers => ['set Content-Type "application/json"'], 50 | } 51 | end 52 | it { is_expected.to contain_class('watcher::params') } 53 | it { is_expected.to contain_openstacklib__wsgi__apache('watcher_wsgi').with( 54 | :bind_host => '10.42.51.1', 55 | :bind_port => 12345, 56 | :group => 'watcher', 57 | :path => '/', 58 | :servername => 'dummy.host', 59 | :ssl => true, 60 | :threads => 1, 61 | :user => 'watcher', 62 | :workers => 37, 63 | :wsgi_daemon_process => 'watcher', 64 | :wsgi_process_display_name => 'watcher', 65 | :wsgi_process_group => 'watcher', 66 | :wsgi_script_dir => platform_params[:wsgi_script_path], 67 | :wsgi_script_file => 'app', 68 | :wsgi_script_source => platform_params[:wsgi_script_source], 69 | :headers => ['set X-XSS-Protection "1; mode=block"'], 70 | :request_headers => ['set Content-Type "application/json"'], 71 | :custom_wsgi_process_options => { 72 | 'python_path' => '/my/python/path', 73 | }, 74 | )} 75 | end 76 | 77 | context 'with custom access logging' do 78 | let :params do 79 | { 80 | :access_log_format => 'foo', 81 | :access_log_syslog => 'syslog:local0', 82 | :error_log_syslog => 'syslog:local1', 83 | } 84 | end 85 | 86 | it { should contain_openstacklib__wsgi__apache('watcher_wsgi').with( 87 | :access_log_format => params[:access_log_format], 88 | :access_log_syslog => params[:access_log_syslog], 89 | :error_log_syslog => params[:error_log_syslog], 90 | )} 91 | end 92 | 93 | context 'with access_log_file' do 94 | let :params do 95 | { 96 | :access_log_file => '/path/to/file', 97 | } 98 | end 99 | 100 | it { should contain_openstacklib__wsgi__apache('watcher_wsgi').with( 101 | :access_log_file => params[:access_log_file], 102 | )} 103 | end 104 | 105 | context 'with access_log_pipe' do 106 | let :params do 107 | { 108 | :access_log_pipe => 'pipe', 109 | } 110 | end 111 | 112 | it { should contain_openstacklib__wsgi__apache('watcher_wsgi').with( 113 | :access_log_pipe => params[:access_log_pipe], 114 | )} 115 | end 116 | 117 | context 'with error_log_file' do 118 | let :params do 119 | { 120 | :error_log_file => '/path/to/file', 121 | } 122 | end 123 | 124 | it { should contain_openstacklib__wsgi__apache('watcher_wsgi').with( 125 | :error_log_file => params[:error_log_file], 126 | )} 127 | end 128 | 129 | context 'with error_log_pipe' do 130 | let :params do 131 | { 132 | :error_log_pipe => 'pipe', 133 | } 134 | end 135 | 136 | it { should contain_openstacklib__wsgi__apache('watcher_wsgi').with( 137 | :error_log_pipe => params[:error_log_pipe], 138 | )} 139 | end 140 | end 141 | 142 | on_supported_os({ 143 | :supported_os => OSDefaults.get_supported_os 144 | }).each do |os,facts| 145 | context "on #{os}" do 146 | let (:facts) do 147 | facts.merge!(OSDefaults.get_facts({ 148 | :os_workers => 42, 149 | })) 150 | end 151 | 152 | let(:platform_params) do 153 | case facts[:os]['family'] 154 | when 'Debian' 155 | { 156 | :wsgi_script_path => '/usr/lib/cgi-bin/watcher', 157 | :wsgi_script_source => '/usr/bin/watcher-api-wsgi' 158 | } 159 | when 'RedHat' 160 | { 161 | :wsgi_script_path => '/var/www/cgi-bin/watcher', 162 | :wsgi_script_source => '/usr/lib/python3.9/site-packages/watcher/wsgi/api.py', 163 | } 164 | end 165 | end 166 | 167 | it_behaves_like 'apache serving watcher with mod_wsgi' 168 | end 169 | end 170 | end 171 | -------------------------------------------------------------------------------- /manifests/logging.pp: -------------------------------------------------------------------------------- 1 | # Class watcher::logging 2 | # 3 | # watcher logging configuration 4 | # 5 | # == parameters 6 | # 7 | # [*debug*] 8 | # (Optional) Should the daemons log debug messages 9 | # Defaults to $facts['os_service_default'] 10 | # 11 | # [*use_syslog*] 12 | # (Optional) Use syslog for logging. 13 | # Defaults to $facts['os_service_default'] 14 | # 15 | # [*use_json*] 16 | # (Optional) Use json for logging. 17 | # Defaults to $facts['os_service_default'] 18 | # 19 | # [*use_journal*] 20 | # (Optional) Use journal for logging. 21 | # Defaults to $facts['os_service_default'] 22 | # 23 | # [*use_stderr*] 24 | # (Optional) Use stderr for logging 25 | # Defaults to $facts['os_service_default'] 26 | # 27 | # [*syslog_log_facility*] 28 | # (Optional) Syslog facility to receive log lines. 29 | # Defaults to $facts['os_service_default'] 30 | # 31 | # [*log_dir*] 32 | # (Optional) Directory where logs should be stored. 33 | # If set to $facts['os_service_default'], it will not log to any directory. 34 | # Defaults to '/var/log/watcher'. 35 | # 36 | # [*log_file*] 37 | # (Optional) File where logs should be stored. 38 | # Defaults to $facts['os_service_default'] 39 | # 40 | # [*logging_context_format_string*] 41 | # (Optional) Format string to use for log messages with context. 42 | # Defaults to $facts['os_service_default'] 43 | # Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ 44 | # [%(request_id)s %(user_identity)s] %(instance)s%(message)s' 45 | # 46 | # [*logging_default_format_string*] 47 | # (Optional) Format string to use for log messages without context. 48 | # Defaults to $facts['os_service_default'] 49 | # Example: '%(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s\ 50 | # [-] %(instance)s%(message)s' 51 | # 52 | # [*logging_debug_format_suffix*] 53 | # (Optional) Formatted data to append to log format when level is DEBUG. 54 | # Defaults to $facts['os_service_default'] 55 | # Example: '%(funcName)s %(pathname)s:%(lineno)d' 56 | # 57 | # [*logging_exception_prefix*] 58 | # (Optional) Prefix each line of exception output with this format. 59 | # Defaults to $facts['os_service_default'] 60 | # Example: '%(asctime)s.%(msecs)03d %(process)d TRACE %(name)s %(instance)s' 61 | # 62 | # [*log_config_append*] 63 | # (Optional) The name of an additional logging configuration file. 64 | # Defaults to $facts['os_service_default'] 65 | # See https://docs.python.org/2/howto/logging.html 66 | # 67 | # [*default_log_levels*] 68 | # (0ptional) Hash of logger (keys) and level (values) pairs. 69 | # Defaults to $facts['os_service_default'] 70 | # Example: 71 | # { 'amqp' => 'WARN', 'amqplib' => 'WARN', 'boto' => 'WARN', 72 | # 'sqlalchemy' => 'WARN', 'suds' => 'INFO', 73 | # 'oslo.messaging' => 'INFO', 'iso8601' => 'WARN', 74 | # 'requests.packages.urllib3.connectionpool' => 'WARN', 75 | # 'urllib3.connectionpool' => 'WARN', 76 | # 'websocket' => 'WARN', 'watchermiddleware' => 'WARN', 77 | # 'routes.middleware' => 'WARN', stevedore => 'WARN' } 78 | # 79 | # [*publish_errors*] 80 | # (Optional) Publish error events (boolean value). 81 | # Defaults to $facts['os_service_default'] 82 | # 83 | # [*fatal_deprecations*] 84 | # (Optional) Make deprecations fatal (boolean value) 85 | # Defaults to $facts['os_service_default'] 86 | # 87 | # [*instance_format*] 88 | # (Optional) If an instance is passed with the log message, format it 89 | # like this (string value). 90 | # Defaults to undef. 91 | # Example: '[instance: %(uuid)s] ' 92 | # 93 | # [*instance_uuid_format*] 94 | # (Optional) If an instance UUID is passed with the log message, format 95 | # it like this (string value). 96 | # Defaults to $facts['os_service_default'] 97 | # Example: instance_uuid_format='[instance: %(uuid)s] ' 98 | # 99 | # [*log_date_format*] 100 | # (Optional) Format string for %%(asctime)s in log records. 101 | # Defaults to $facts['os_service_default'] 102 | # Example: 'Y-%m-%d %H:%M:%S' 103 | # 104 | class watcher::logging ( 105 | $use_syslog = $facts['os_service_default'], 106 | $use_json = $facts['os_service_default'], 107 | $use_journal = $facts['os_service_default'], 108 | $use_stderr = $facts['os_service_default'], 109 | $syslog_log_facility = $facts['os_service_default'], 110 | $log_dir = '/var/log/watcher', 111 | $log_file = $facts['os_service_default'], 112 | $debug = $facts['os_service_default'], 113 | $logging_context_format_string = $facts['os_service_default'], 114 | $logging_default_format_string = $facts['os_service_default'], 115 | $logging_debug_format_suffix = $facts['os_service_default'], 116 | $logging_exception_prefix = $facts['os_service_default'], 117 | $log_config_append = $facts['os_service_default'], 118 | $default_log_levels = $facts['os_service_default'], 119 | $publish_errors = $facts['os_service_default'], 120 | $fatal_deprecations = $facts['os_service_default'], 121 | $instance_format = $facts['os_service_default'], 122 | $instance_uuid_format = $facts['os_service_default'], 123 | $log_date_format = $facts['os_service_default'], 124 | ) { 125 | include watcher::deps 126 | 127 | oslo::log { 'watcher_config': 128 | use_stderr => $use_stderr, 129 | use_syslog => $use_syslog, 130 | use_json => $use_json, 131 | use_journal => $use_journal, 132 | log_dir => $log_dir, 133 | log_file => $log_file, 134 | debug => $debug, 135 | logging_context_format_string => $logging_context_format_string, 136 | logging_default_format_string => $logging_default_format_string, 137 | logging_debug_format_suffix => $logging_debug_format_suffix, 138 | logging_exception_prefix => $logging_exception_prefix, 139 | log_config_append => $log_config_append, 140 | default_log_levels => $default_log_levels, 141 | publish_errors => $publish_errors, 142 | fatal_deprecations => $fatal_deprecations, 143 | instance_format => $instance_format, 144 | instance_uuid_format => $instance_uuid_format, 145 | log_date_format => $log_date_format, 146 | syslog_log_facility => $syslog_log_facility, 147 | } 148 | } 149 | -------------------------------------------------------------------------------- /manifests/wsgi/apache.pp: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed under the Apache License, Version 2.0 (the "License"); you may 3 | # not use this file except in compliance with the License. You may obtain 4 | # a copy of the License at 5 | # 6 | # http://www.apache.org/licenses/LICENSE-2.0 7 | # 8 | # Unless required by applicable law or agreed to in writing, software 9 | # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 10 | # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 11 | # License for the specific language governing permissions and limitations 12 | # under the License. 13 | # 14 | # Class to serve Cinder API with apache mod_wsgi in place of watcher service. 15 | # 16 | # Serving Cinder API from apache is the recommended way to go for production 17 | # because of limited performance for concurrent accesses when running eventlet. 18 | # 19 | # When using this class you should disable your watcher service. 20 | # 21 | # == Parameters 22 | # 23 | # [*servername*] 24 | # The servername for the virtualhost. 25 | # Optional. Defaults to $facts['networking']['fqdn'] 26 | # 27 | # [*port*] 28 | # The port. 29 | # Optional. Defaults to 9322 30 | # 31 | # [*bind_host*] 32 | # The host/ip address Apache will listen on. 33 | # Optional. Defaults to undef (listen on all ip addresses). 34 | # 35 | # [*path*] 36 | # The prefix for the endpoint. 37 | # Optional. Defaults to '/' 38 | # 39 | # [*ssl*] 40 | # Use ssl ? (boolean) 41 | # Optional. Defaults to false 42 | # 43 | # [*workers*] 44 | # Number of WSGI workers to spawn. 45 | # Optional. Defaults to $facts['os_workers'] 46 | # 47 | # [*priority*] 48 | # (optional) The priority for the vhost. 49 | # Defaults to 10 50 | # 51 | # [*threads*] 52 | # (optional) The number of threads for the vhost. 53 | # Defaults to 1 54 | # 55 | # [*access_log_file*] 56 | # The log file name for the virtualhost. 57 | # Optional. Defaults to undef. 58 | # 59 | # [*access_log_pipe*] 60 | # Specifies a pipe where Apache sends access logs for the virtualhost. 61 | # Optional. Defaults to undef. 62 | # 63 | # [*access_log_syslog*] 64 | # Sends the virtualhost access log messages to syslog. 65 | # Optional. Defaults to undef. 66 | # 67 | # [*access_log_format*] 68 | # The log format for the virtualhost. 69 | # Optional. Defaults to undef. 70 | # 71 | # [*error_log_file*] 72 | # The error log file name for the virtualhost. 73 | # Optional. Defaults to undef. 74 | # 75 | # [*error_log_pipe*] 76 | # Specifies a pipe where Apache sends error logs for the virtualhost. 77 | # Optional. Defaults to undef. 78 | # 79 | # [*error_log_syslog*] 80 | # Sends the virtualhost error log messages to syslog. 81 | # Optional. Defaults to undef. 82 | # 83 | # [*wsgi_process_display_name*] 84 | # (optional) Name of the WSGI process display-name. 85 | # Defaults to undef 86 | # 87 | # [*ssl_cert*] 88 | # [*ssl_key*] 89 | # [*ssl_chain*] 90 | # [*ssl_ca*] 91 | # [*ssl_crl_path*] 92 | # [*ssl_crl*] 93 | # [*ssl_certs_dir*] 94 | # apache::vhost ssl parameters. 95 | # Optional. Default to apache::vhost 'ssl_*' defaults. 96 | # 97 | # [*custom_wsgi_process_options*] 98 | # (optional) gives you the oportunity to add custom process options or to 99 | # overwrite the default options for the WSGI main process. 100 | # eg. to use a virtual python environment for the WSGI process 101 | # you could set it to: 102 | # { python-path => '/my/python/virtualenv' } 103 | # Defaults to {} 104 | # 105 | # [*headers*] 106 | # (optional) Headers for the vhost. 107 | # Defaults to undef 108 | # 109 | # [*request_headers*] 110 | # (optional) Modifies collected request headers in various ways. 111 | # Defaults to undef 112 | # 113 | # == Dependencies 114 | # 115 | # requires Class['apache'] & Class['watcher'] 116 | # 117 | # == Examples 118 | # 119 | # include apache 120 | # 121 | # class { 'watcher::wsgi::apache': } 122 | # 123 | class watcher::wsgi::apache ( 124 | $servername = $facts['networking']['fqdn'], 125 | $port = 9322, 126 | $bind_host = undef, 127 | $path = '/', 128 | $ssl = false, 129 | $workers = $facts['os_workers'], 130 | $ssl_cert = undef, 131 | $ssl_key = undef, 132 | $ssl_chain = undef, 133 | $ssl_ca = undef, 134 | $ssl_crl_path = undef, 135 | $ssl_crl = undef, 136 | $ssl_certs_dir = undef, 137 | $wsgi_process_display_name = undef, 138 | $threads = 1, 139 | $priority = 10, 140 | $access_log_file = undef, 141 | $access_log_pipe = undef, 142 | $access_log_syslog = undef, 143 | $access_log_format = undef, 144 | $error_log_file = undef, 145 | $error_log_pipe = undef, 146 | $error_log_syslog = undef, 147 | $custom_wsgi_process_options = {}, 148 | $headers = undef, 149 | $request_headers = undef, 150 | ) { 151 | include watcher::deps 152 | include watcher::params 153 | 154 | Anchor['watcher::install::end'] -> Class['apache'] 155 | 156 | openstacklib::wsgi::apache { 'watcher_wsgi': 157 | bind_host => $bind_host, 158 | bind_port => $port, 159 | group => $watcher::params::group, 160 | path => $path, 161 | priority => $priority, 162 | servername => $servername, 163 | ssl => $ssl, 164 | ssl_ca => $ssl_ca, 165 | ssl_cert => $ssl_cert, 166 | ssl_certs_dir => $ssl_certs_dir, 167 | ssl_chain => $ssl_chain, 168 | ssl_crl => $ssl_crl, 169 | ssl_crl_path => $ssl_crl_path, 170 | ssl_key => $ssl_key, 171 | threads => $threads, 172 | user => $watcher::params::user, 173 | workers => $workers, 174 | wsgi_daemon_process => 'watcher', 175 | wsgi_process_display_name => $wsgi_process_display_name, 176 | wsgi_process_group => 'watcher', 177 | wsgi_script_dir => $watcher::params::watcher_wsgi_script_path, 178 | wsgi_script_file => 'app', 179 | wsgi_script_source => $watcher::params::watcher_wsgi_script_source, 180 | headers => $headers, 181 | request_headers => $request_headers, 182 | custom_wsgi_process_options => $custom_wsgi_process_options, 183 | access_log_file => $access_log_file, 184 | access_log_pipe => $access_log_pipe, 185 | access_log_syslog => $access_log_syslog, 186 | access_log_format => $access_log_format, 187 | error_log_file => $error_log_file, 188 | error_log_pipe => $error_log_pipe, 189 | error_log_syslog => $error_log_syslog, 190 | } 191 | } 192 | -------------------------------------------------------------------------------- /spec/classes/watcher_keystone_authtoken_spec.rb: -------------------------------------------------------------------------------- 1 | require 'spec_helper' 2 | 3 | describe 'watcher::keystone::authtoken' do 4 | 5 | let :params do 6 | { :password => 'watcher_password', } 7 | end 8 | 9 | shared_examples 'watcher::keystone::authtoken' do 10 | 11 | context 'with default parameters' do 12 | 13 | it 'configure keystone_authtoken' do 14 | is_expected.to contain_keystone__resource__authtoken('watcher_config').with( 15 | :username => 'watcher', 16 | :password => 'watcher_password', 17 | :auth_url => 'http://localhost:5000', 18 | :project_name => 'services', 19 | :user_domain_name => 'Default', 20 | :project_domain_name => 'Default', 21 | :system_scope => '', 22 | :insecure => '', 23 | :auth_section => '', 24 | :auth_type => 'password', 25 | :www_authenticate_uri => 'http://localhost:5000', 26 | :auth_version => '', 27 | :cache => '', 28 | :cafile => '', 29 | :certfile => '', 30 | :delay_auth_decision => '', 31 | :enforce_token_bind => '', 32 | :http_connect_timeout => '', 33 | :http_request_max_retries => '', 34 | :include_service_catalog => '', 35 | :keyfile => '', 36 | :memcache_pool_conn_get_timeout => '', 37 | :memcache_pool_dead_retry => '', 38 | :memcache_pool_maxsize => '', 39 | :memcache_pool_socket_timeout => '', 40 | :memcache_pool_unused_timeout => '', 41 | :memcache_secret_key => '', 42 | :memcache_security_strategy => '', 43 | :memcache_use_advanced_pool => '', 44 | :memcached_servers => '', 45 | :manage_memcache_package => false, 46 | :region_name => '', 47 | :token_cache_time => '', 48 | :service_token_roles => '', 49 | :service_token_roles_required => '', 50 | :service_type => '', 51 | :interface => '', 52 | ) 53 | end 54 | end 55 | 56 | context 'when overriding parameters' do 57 | before do 58 | params.merge!({ 59 | :www_authenticate_uri => 'https://10.0.0.1:9999/', 60 | :username => 'myuser', 61 | :password => 'mypasswd', 62 | :auth_url => 'http://127.0.0.1:5000', 63 | :project_name => 'service_project', 64 | :user_domain_name => 'domainX', 65 | :project_domain_name => 'domainX', 66 | :system_scope => 'all', 67 | :insecure => false, 68 | :auth_section => 'new_section', 69 | :auth_type => 'password', 70 | :auth_version => 'v3', 71 | :cache => 'somevalue', 72 | :cafile => '/opt/stack/data/cafile.pem', 73 | :certfile => 'certfile.crt', 74 | :delay_auth_decision => false, 75 | :enforce_token_bind => 'permissive', 76 | :http_connect_timeout => '300', 77 | :http_request_max_retries => '3', 78 | :include_service_catalog => true, 79 | :keyfile => 'keyfile', 80 | :memcache_pool_conn_get_timeout => '9', 81 | :memcache_pool_dead_retry => '302', 82 | :memcache_pool_maxsize => '11', 83 | :memcache_pool_socket_timeout => '2', 84 | :memcache_pool_unused_timeout => '61', 85 | :memcache_secret_key => 'secret_key', 86 | :memcache_security_strategy => 'ENCRYPT', 87 | :memcache_use_advanced_pool => true, 88 | :memcached_servers => ['memcached01:11211','memcached02:11211'], 89 | :manage_memcache_package => true, 90 | :region_name => 'region2', 91 | :token_cache_time => '301', 92 | :service_token_roles => ['service'], 93 | :service_token_roles_required => false, 94 | :service_type => 'identity', 95 | :interface => 'internal', 96 | }) 97 | end 98 | 99 | it 'configure keystone_authtoken' do 100 | is_expected.to contain_keystone__resource__authtoken('watcher_config').with( 101 | :www_authenticate_uri => 'https://10.0.0.1:9999/', 102 | :username => 'myuser', 103 | :password => 'mypasswd', 104 | :auth_url => 'http://127.0.0.1:5000', 105 | :project_name => 'service_project', 106 | :user_domain_name => 'domainX', 107 | :project_domain_name => 'domainX', 108 | :system_scope => 'all', 109 | :insecure => false, 110 | :auth_section => 'new_section', 111 | :auth_type => 'password', 112 | :auth_version => 'v3', 113 | :cache => 'somevalue', 114 | :cafile => '/opt/stack/data/cafile.pem', 115 | :certfile => 'certfile.crt', 116 | :delay_auth_decision => false, 117 | :enforce_token_bind => 'permissive', 118 | :http_connect_timeout => '300', 119 | :http_request_max_retries => '3', 120 | :include_service_catalog => true, 121 | :keyfile => 'keyfile', 122 | :memcache_pool_conn_get_timeout => '9', 123 | :memcache_pool_dead_retry => '302', 124 | :memcache_pool_maxsize => '11', 125 | :memcache_pool_socket_timeout => '2', 126 | :memcache_pool_unused_timeout => '61', 127 | :memcache_secret_key => 'secret_key', 128 | :memcache_security_strategy => 'ENCRYPT', 129 | :memcache_use_advanced_pool => true, 130 | :memcached_servers => ['memcached01:11211','memcached02:11211'], 131 | :manage_memcache_package => true, 132 | :region_name => 'region2', 133 | :token_cache_time => '301', 134 | :service_token_roles => ['service'], 135 | :service_token_roles_required => false, 136 | :service_type => 'identity', 137 | :interface => 'internal', 138 | ) 139 | end 140 | end 141 | end 142 | 143 | on_supported_os({ 144 | :supported_os => OSDefaults.get_supported_os 145 | }).each do |os,facts| 146 | context "on #{os}" do 147 | let (:facts) do 148 | facts.merge!(OSDefaults.get_facts()) 149 | end 150 | 151 | it_configures 'watcher::keystone::authtoken' 152 | end 153 | end 154 | 155 | end 156 | --------------------------------------------------------------------------------