Thank you for the reply Rich, Here are the versions of my puppet modules:
[root@ost-puppet-centos-001 keystone]# puppet module list /etc/puppetlabs/puppet/environments/production/modules ├── nanliu-staging (v1.0.3) ├── openstack-keystone (v6.1.0) ├── openstack-openstacklib (v6.1.0) ├── puppetlabs-apache (v1.7.0) ├── puppetlabs-apt (v1.8.0) ├── puppetlabs-concat (v1.2.4) ├── puppetlabs-firewall (v1.7.1) ├── puppetlabs-inifile (v1.4.2) ├── puppetlabs-mysql (v3.6.1) ├── puppetlabs-postgresql (v3.4.2) ├── puppetlabs-rabbitmq (v5.3.1) └── puppetlabs-stdlib (v4.9.0) /etc/puppetlabs/puppet/modules ├── cisco-gis-openstack (???) ├── haproxy (???) ├── keepalived (???) ├── mikduart-unnamed (v0.1.0) ├── mikduart-unnamed (v0.1.0) ├── mikduart-unnamed (v0.1.0) ├── puppetlabs-mongodb (v0.10.0) ├── saz-memcached (v2.4.0) ├── setup_mariadb_script (???) ├── sysctl (???) └── wrapmongodb (???) /opt/puppet/share/puppet/modules ├── puppetlabs-pe_accounts (v2.0.2-8-g8acc04e) ├── puppetlabs-pe_concat (v1.1.2-4-g2b7bba2) ├── puppetlabs-pe_console_prune (v0.1.1-4-g293f45b) ├── puppetlabs-pe_inifile (v1.1.4-16-gcb39966) ├── puppetlabs-pe_java_ks (v1.2.4-35-g44fbb26) ├── puppetlabs-pe_postgresql (v3.4.4-15-g32e56ed) ├── puppetlabs-pe_razor (v0.2.1-9-g8d78ec2) ├── puppetlabs-pe_repo (v0.7.7-59-g4514315) ├── puppetlabs-pe_staging (v0.3.3-6-gbd9db2b) └── puppetlabs-puppet_enterprise (v3.7.1-117-g9c48e73) I am not sure I have the right values in my openrc but I have been using: # cat openrc.localhost export OS_AUTH_URL=http://127.0.0.1:5000/v2.0 export OS_PASSWORD=xxxxxxxxxxxxxxxx export OS_TENANT_NAME=admin export OS_USERNAME=admin I believe this is the openstackclient version I am using: [root@ost-mgmt-centos-001 ~]# rpm -qa | grep openstackclient python-*openstackclient*-1.0.3-2.el7.noarch On Mon, Jan 4, 2016 at 1:19 PM, Rich Megginson <rmegg...@redhat.com> wrote: > On 01/04/2016 02:06 PM, Russell Cecala wrote: > > Hi Emilien, > > > I am trying to use https://github.com/openstack/puppet-keystone to set up > a Kilo keystone node. > > > I'm assuming you're using the kilo branch there? > > I was hoping to could help me out so I can get my team to adopt puppet for > setting up OpenStack. > > On my keystone node I am running centos7 with selinux disabled ... > > > What version of openstackclient are you using? > > Do you have a $HOME/openrc or /root/openrc, or are you otherwise defining > OS_* environment variables in the environment before running puppet? > > > [root@svl-ost-mgmt-centos-001 ~]# sestatus > > SELinux status: disabled > > ... and I have flushed my iptables ... > > > [root@svl-ost-mgmt-centos-001 ~]# iptables -L > > Chain INPUT (policy ACCEPT) > > target prot opt source destination > > > Chain FORWARD (policy ACCEPT) > > target prot opt source destination > > > Chain OUTPUT (policy ACCEPT) > > target prot opt source destination > > > Yet when I run "puppet agent -t" I get these errors: > > > [root@ost-mgmt-centos-001 ~]# puppet agent -t > > Info: Retrieving pluginfacts > > Info: Retrieving plugin > > Info: Loading facts > > Error: NetworkManager is not running. > > Info: Caching catalog for ost-mgmt-centos-001.example.com > > *Warning: The tenant parameter is deprecated and will be removed in the > future. Please use keystone_user_role to assign a user to a project.* > > *Warning: The ignore_default_tenant parameter is deprecated and will be > removed in the future.* > > Info: Applying configuration version '1451940682' > > *Error: /Stage[main]/Keystone::Roles::Admin/Keystone_user[admin]: Could > not evaluate: Execution of '/usr/bin/openstack token issue --format value' > returned 1: ERROR: openstack The resource could not be found. (HTTP 404) > (Request-ID: req-ca2a6dd1-fdb6-48f4-94fe-8f736fcc01dd)* > > Notice: > /Stage[main]/Keystone::Roles::Admin/Keystone_user_role[admin@openstack]: > Dependency Keystone_user[admin] has failures: true > > *Warning: > /Stage[main]/Keystone::Roles::Admin/Keystone_user_role[admin@openstack]: > Skipping because of failed dependencies* > > Notice: Finished catalog run in 12.38 seconds > > Here's code I am using on my puppet master ... > > class wrapcontroller( > > ... big list of parameters I am not using until I can get keystone going > ... > > ) { > > > exec { '/bin/yum -y install > <http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm> > http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm > ': unless => '/bin/rpm -q epel-release', } > > exec { '/bin/yum -y install > <http://rdo.fedorapeople.org/openstack-kilo/rdo-release-kilo.rpm> > http://rdo.fedorapeople.org/openstack-kilo/rdo-release-kilo.rpm': unless > => '/bin/rpm -q rdo-release', } > > > package { 'mariadb': ensure => present, } > > exec { 'keystone_database_init': > > command => '/usr/bin/keystone-manage db_sync', > > onlyif => [ > > "/usr/bin/mysql -u$keystone_db_user -p$keystone_db_pass -h > $db_host -P$db_port $keystone_db_name -e 'show tables'", > > "/usr/bin/test -z \"`/usr/bin/mysql -u$keystone_db_user -p > $keystone_db_pass -h$db_host -P$db_port $keystone_db_name -e 'show > tables'`\"" > > ], > > require => Package['mariadb'], > > } > > > class {'::keystone': > > admin_token => $keystone_auth_token, > > database_connection => "mysql://${keystone_db_user}: > ${keystone_db_pass}@${db_host}:${db_port}/${keystone_db_name}", > > debug => $debug, > > enabled => true, > > enable_ssl => false, > > service_name => 'httpd', # this is a kilo thing > > verbose => $debug, > > } > > > include ::apache > > class { '::keystone::wsgi::apache': ssl => false, } > > class { '::keystone::roles::admin': > > email => $keystone_admin_email, > > password => $keystone_admin_password, > > } > > class { '::keystone::endpoint': > > public_url => "http://127.0.0.1:5000", > > admin_url => "http://127.0.0.1:35357", > > default_domain => 'admin', > > } > > } > Thanks! And Happy New Year to you :) > Red > > > > On Tue, Nov 24, 2015 at 2:38 PM, Emilien Macchi <emil...@redhat.com> > wrote: > >> >> >> On 11/24/2015 11:21 PM, Russell Cecala wrote: >> > I am trying to use the OpenStack community puppet modules. Here's the >> > keystone module I am using: >> <https://github.com/openstack/puppet-keystone> >> https://github.com/openstack/puppet-keystone >> > I am using the stable juno branch. I have in my puppet manifest for my >> > controller nodes this resource definition: >> > >> > class { '::keystone::roles::admin': >> > admin => $keystone_admin_user, >> > email => $keystone_admin_email, >> > password => $keystone_admin_password, >> > } -> >> > >> > And when puppet runs that code I get this error: >> > >> > Error: >> > >> /Stage[main]/Keystone::Roles::Admin/Keystone_user_role[keystone_admin_user@openstack >> ]: >> > Could not evaluate: Execution of '/usr/bin/openstack domain show >> > --format shell' returned 2: usage: openstack domain show [-h] [-f >> > {shell,table,value}] [-c COLUMN] >> > [--max-width <integer>] [--prefix >> PREFIX] >> > <domain> >> > openstack domain show: error: too few arguments >> >> Sounds like an issue with your version of openstackclient, can you >> provide it? >> >> > >> > Can anyone help me? Are these Puppet modules still being supported? >> >> Yes :-) >> >> > Does anyone use them? Thanks! >> >> Double yes. >> -- >> Emilien Macchi >> >> > > > _______________________________________________ > OpenStack-operators mailing > listOpenStack-operators@lists.openstack.orghttp://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > > > > _______________________________________________ > OpenStack-operators mailing list > OpenStack-operators@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > >
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators