puppet not able to find non-puppet managed services resources

Bug #1506996 reported by Emilien Macchi on 2015-10-16
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
puppet-keystone
Undecided
Sofer Athlan-Guyot

Bug Description

Full background: https://review.openstack.org/#/c/234704

puppet keystone_endpoint provider is using service name to create the endpoints.
If the service already exists but is not managed by puppet, the catalog will fail to create the endpoint because the endpoint will fail to be created. This is an issue in openstackclient:

[stack@instack-centos7 ~]$ /bin/openstack endpoint create --format shell nova --region regionOne --publicurl "http://192.0.2.1:8774/v2/%(tenant_id)s" --internalurl "http://192.0.2.1:8774/v2/%(tenant_id)s" --adminurl "http://192.0.2.1:8774/v2/%(tenant_id)s"
 No service with a type, name or ID of 'nova' exists.

while the service already exists:
 [stack@instack-centos7 ~]$ openstack service list
 +----------------------------------+------------+---------------+
 | ID | Name | Type |
 +----------------------------------+------------+---------------+
 | 07639ddebe7a4b249f3aaf90aa271295 | glance | image |
 | 1fbb6aa0bcd14f2c8789dd7c695940c8 | neutron | network |
 | 2a0c1642b4e643f9a64cda7300e2e2bf | nova | compute |
 | 2b73fd25f4864333b16a251cae81ba75 | novav3 | computev3 |
 | 36fdfd3211db4c5fa5f0b340def962c9 | ceilometer | metering |
 | 3b4189b88f584f50a42acda353d94c07 | heat | orchestration |
 | 48a0ec444d8843f48f1dd0fe45058647 | tuskar | management |
 | 512b28d0ffc1402a8a40cf64ee615c0f | nova | compute |
 | 55dd87d8f8b64f0a88debe028aeeaa43 | ironic | baremetal |
 | 5d421e4aad534dc883a5f7c4b023d6f2 | keystone | identity |
 | d043ff13fc9d4469b3f30fbf19e90602 | swift | object-store |
 +----------------------------------+------------+---------------+

While the bug is reported & fixed in openstackclient, we can fix it in puppet by using service ID in keystone_endpoint provider code, when creating the endpoint, instead of using the service name.

The problem here is that the endpoint resource lacks the "type" parameter. As such it's impossible for the keystone_endpoint to get the correct id of the service only with the name as the same name can appear multiple times in the db.

Fix proposed to branch: master
Review: https://review.openstack.org/239434

Changed in puppet-keystone:
assignee: nobody → Athlan-Guyot sofer (sofer-athlan-guyot)
status: New → In Progress
Changed in puppet-keystone:
assignee: Athlan-Guyot sofer (sofer-athlan-guyot) → Gilles Dubreuil (gdubreui)
Changed in puppet-keystone:
assignee: Gilles Dubreuil (gdubreui) → Athlan-Guyot sofer (sofer-athlan-guyot)
Changed in puppet-keystone:
assignee: Athlan-Guyot sofer (sofer-athlan-guyot) → Gilles Dubreuil (gdubreui)
Changed in puppet-keystone:
assignee: Gilles Dubreuil (gdubreui) → Athlan-Guyot sofer (sofer-athlan-guyot)

Reviewed: https://review.openstack.org/239434
Committed: https://git.openstack.org/cgit/openstack/puppet-keystone/commit/?id=0a4e06abb0f5b3f324464ff5219d2885816311ce
Submitter: Jenkins
Branch: master

commit 0a4e06abb0f5b3f324464ff5219d2885816311ce
Author: Sofer Athlan-Guyot <email address hidden>
Date: Mon Oct 26 14:28:32 2015 +0100

    Keystone_endpoint match service by name/type.

    This enable keystone_endpoint to specify the type of the service
    matched. This way one can match services which are different only by
    type and not only by name, like services nova/compute and nova/computev3
    for instance. It does so by fetching the _id_ of the service when it
    has the type information instead of just using the name.

    This should be required, and deprecation has been added, as the current
    code work only because of a convention.

    Change-Id: I9ea20fbad274d583485bc09a52b9df8000eb1af5
    Closes-Bug: #1506996

Changed in puppet-keystone:
status: In Progress → Fix Committed
Matt Fischer (mfisch) on 2016-09-21
Changed in puppet-keystone:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers