[PKG-Openstack-devel] OpenStack switching to a unified template system
Justin B Rye
justin.byam.rye at gmail.com
Tue Mar 6 12:11:51 UTC 2018
Comments, revised versions, and diff to the originals.
Thomas Goirand wrote:
>> (I'm hoping that also makes it obvious that we don't mean "dots and
>> dashes" in the sense of "· · · — — — · · ·".)
>
> I'm using a regular expression to make sure what's entered isn't too
> bad. Probably the SOS what you wrote above would work, [...]
I hope not, it's middots and m-dashes!
>>> # ### rabbitmq access configuration ###
>>> Template: ospt/configure_rabbit
>>> Type: boolean
>>> Default: false
>>> _Description: Configure rabbitmq with debconf?
>>
>> When should this (and others) be rabbitmq and when should it be
>> RabbitMQ? I'll leave it for now.
>
> I'm thinking that probably this sentence isn't good enough. We're not
> configuring RabbitMQ, but a given OpenStack service's RabbitMQ login,
> pass and host, so that it can connect to RabbitMQ. In fact, it goes like
> this in for example nova.conf:
>
> transport_url = rabbitmq://login:password@rabbitmq-server-hostname
>
> Would this be better?
>
> _Description: Configure RabbitMQ credentials for this service with debconf?
>
> I'm sure you'll have something nicer and shorter to propose...
I think "Configure RabbitMQ credentials with debconf" would do
(oh, or "Configure RabbitMQ access with debconf?").
> I've also added an example on how to create RabbitMQ users with
> rabbitmqctl, as I really want to push Debian users to do that.
>
> Since the templates where heavily modified, I've re-attached them to
> this message, just for if you want to check them again.
Okay, looking at the diff...
(In openstack-pkg-tools.configure-db.templates:)
- If some of these requirements are missing, do not choose this option, and run with
- regular SQLite support.
+ If some of these requirements are missing, do not choose this option. Run
+ with regular SQLite support instead.
Good idea.
(In openstack-pkg-tools.configure-endpoint.templates:)
-_Description: Keystone admin name:
- To create the service endpoint, this package needs to know the Admin login,
- username, project name, and password, so it can issue commands through the
+_Description: Keystone admin username:
+ To create the service endpoint, this package needs to know the Admin
+ name, project name, and password, so it can issue commands through the
Keystone API.
Wait, you've changed "admin name" to "admin username" in the synopsis,
but reverted "Admin login, username, [etc]" to "Admin name, [etc]" in
the long description? Probably you want "Admin username, [etc]".
You've also split off the text that we want to recycle elsewhere into
a separate paragraph; okay.
(In openstack-pkg-tools.configure-rabbit.templates:)
-_Description: Configure rabbitmq with debconf?
+_Description: Configure RabbitMQ access with debconf?
[whitespace changes]
- Note that only access to rabbitmq is handled, and that rabbitmq-server user
- creation isn't performed (you must create usernames and set passwords
- before installing this package). Also, the standard rabbitmq-server guest
- account cannot be used for remote connection.
+ Only access to RabbitMQ is handled, and that the RabbitMQ user creation isn't
^^^^^^^^
+ performed. If you wish to create a new RabbitMQ user, you can do it this way:
Orphaned "that". And to avoiding using up a wish, say "A new RabbitMQ
user can be created with the commands:"
Then later (twice):
- Please specify the username used to connect to the RabbitMQ server.
+ Please specify the username used to connect to that RabbitMQ server.
Good idea. Meanwhile victory points out that in
openstack-pkg-tools.configure-db.templates we've got
[...] generally MySQL is a good
choice, and other implementation like Postgress or SQLite are often
problematic [...]
which should indeed say "PostgreSQL". Or does this need to be updated
to recognise the existence of MariaDB?
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
-------------- next part --------------
diff -ru orig/openstack-pkg-tools.configure-db.templates jbr2/openstack-pkg-tools.configure-db.templates
--- orig/openstack-pkg-tools.configure-db.templates 2018-03-06 01:21:29.371256201 +0000
+++ jbr2/openstack-pkg-tools.configure-db.templates 2018-03-06 11:56:30.304654583 +0000
@@ -6,9 +6,9 @@
No database has been set up for this package. Before continuing, you should
make sure you have the following information:
.
- * the type of database that you want to use, generally MySQL is a good
- choice, other implementation like Postgress or SQLite are often
- problematic with OpenStack (this depends on each service);
+ * the type of database that you want to use - generally MySQL is a good
+ choice, and other implementation like PostgreSQL or SQLite are often
+ problematic with OpenStack (this depends on the service);
* the database server hostname (that server must allow TCP connections from
this machine);
* a username and password to access the database.
@@ -18,8 +18,8 @@
and the remote database server needs to be configured with adequate
credentials.
.
- If some of these requirements are missing, do not choose this option and run with
- regular SQLite support.
+ If some of these requirements are missing, do not choose this option. Run
+ with regular SQLite support instead.
.
You can change this setting later on by running "dpkg-reconfigure -plow".
diff -ru orig/openstack-pkg-tools.configure-endpoint.templates jbr2/openstack-pkg-tools.configure-endpoint.templates
--- orig/openstack-pkg-tools.configure-endpoint.templates 2018-03-06 01:21:32.723150352 +0000
+++ jbr2/openstack-pkg-tools.configure-endpoint.templates 2018-03-06 11:57:38.458501149 +0000
@@ -11,8 +11,8 @@
connect using a known admin project name, admin username and password. The
admin auth token is not used anymore.
.
- Also, if a service of the matching name for this service is already present
- in the Keystone catalog, endpoint registration will be aborted.
+ Also, if a service with a matching name is already present in the Keystone
+ catalog, endpoint registration will be aborted.
Template: ospt/api-keystone-address
Type: string
@@ -26,9 +26,9 @@
Template: ospt/api-keystone-admin-username
Type: string
Default: admin
-_Description: Keystone admin name:
- To create the service endpoint, this package needs to know the Admin login,
- name, project name, and password, so it can issue commands through the the
+_Description: Keystone admin username:
+ To create the service endpoint, this package needs to know the Admin
+ username, project name, and password, so it can issue commands through the
Keystone API.
Template: ospt/api-keystone-admin-project-name
@@ -36,19 +36,19 @@
Default: admin
_Description: Keystone admin project name:
To create the service endpoint, this package needs to know the Admin login,
- name, project name, and password, so it can issue commands through the the
+ username, project name, and password, so it can issue commands through the the
Keystone API.
Template: ospt/api-keystone-admin-password
Type: password
_Description: Keystone admin password:
To create the service endpoint, this package needs to know the Admin login,
- name, project name, and password, so it can issue commands through the the
+ username, project name, and password, so it can issue commands through the the
Keystone API.
Template: ospt/api-endpoint-address
Type: string
-_Description: This service endpoint IP address:
+_Description: Service endpoint IP address:
Please enter the endpoint address that will be used to contact this service.
.
This address should be accessible from the clients that will use this
@@ -65,7 +65,8 @@
location (usually a different data center). Please enter the region name that
you wish to use when registering the endpoint.
.
- The region name is usually a string containing only valid latin alphabet
- chars, dots and dashes. A non-valid string will abort the API endpoint
- registration.
+ The region name is usually a string containing only ASCII alphanumerics,
+ dots, and dashes.
+ .
+ A non-valid string will abort the API endpoint registration.
diff -ru orig/openstack-pkg-tools.configure-ksat.templates jbr2/openstack-pkg-tools.configure-ksat.templates
--- orig/openstack-pkg-tools.configure-ksat.templates 2018-03-06 01:21:34.767085808 +0000
+++ jbr2/openstack-pkg-tools.configure-ksat.templates 2018-03-06 11:25:36.163533151 +0000
@@ -11,14 +11,14 @@
Template: ospt/ksat-public-url
Type: string
Default: http://localhost:5000
-_Description: Auth server public endpoint url:
+_Description: Auth server public endpoint URL:
Specify the URL of your Keystone authentication server public endpoint. This
value will be set in the www_authenticate_uri directive.
Template: ospt/ksat-admin-url
Type: string
Default: http://localhost:35357
-_Description: Auth server admin endpoint url:
+_Description: Auth server admin endpoint URL:
Specify the URL of your Keystone authentication server admin endpoint. This
value will be set in auth_url.
@@ -27,13 +27,16 @@
Default: regionOne
_Description: Keystone region:
Specify the Keystone region to use.
+ .
+ The region name is usually a string containing only ASCII alphanumerics,
+ dots, and dashes.
Template: ospt/ksat-create-service-user
Type: boolean
Default: true
_Description: Create service user?
This package can reuse an already existing username, or create one right now.
- If you wish to create one, then you will be prompt for the admin credentials.
+ If you wish to create one, then you will be prompted for the admin credentials.
Template: ospt/ksat-admin-username
Type: string
diff -ru orig/openstack-pkg-tools.configure-rabbit.templates jbr2/openstack-pkg-tools.configure-rabbit.templates
--- orig/openstack-pkg-tools.configure-rabbit.templates 2018-03-06 01:21:36.211040210 +0000
+++ jbr2/openstack-pkg-tools.configure-rabbit.templates 2018-03-06 12:02:24.753446533 +0000
@@ -2,15 +2,19 @@
Template: ospt/configure_rabbit
Type: boolean
Default: false
-_Description: Configure rabbitmq with debconf?
- OpenStack services needs access to a message queue server. This is
- configured through the transport_url directive. Specify if you
- wish this package configuration to be handled through debconf.
- .
- Note that only access to rabbitmq is handled, and that rabbitmq-server user
- creation isn't performed (you must create usernames and set passwords
- before installing this package). Also, the standard rabbitmq-server guest
- account cannot be used for remote connection.
+_Description: Configure RabbitMQ access with debconf?
+ OpenStack services need access to a message queue server, defined by the
+ transport_url directive. Please specify whether configuring this should be
+ handled through debconf.
+ .
+ Only access to RabbitMQ is handled; the RabbitMQ user creation isn't
+ performed. A new RabbitMQ user can be created with the commands:
+ .
+ - rabbitmqctl add_user openstack PASSWORD
+ - rabbitmqctl set_permissions -p / openstack ".*" ".*" ".*"
+ .
+ Note that the default RabbitMQ guest account cannot be used for remote
+ connections.
Template: ospt/rabbit-host
Type: string
@@ -28,7 +32,7 @@
In order to interoperate with other components of OpenStack, this package
needs to connect to a central RabbitMQ server.
.
- Please specify the username used to connect to the RabbitMQ server.
+ Please specify the username used to connect to that RabbitMQ server.
Template: ospt/rabbit-password
Type: password
@@ -36,5 +40,5 @@
In order to interoperate with other components of OpenStack, this package
needs to connect to a central RabbitMQ server.
.
- Please specify the password used to connect to the RabbitMQ server.
+ Please specify the password used to connect to that RabbitMQ server.
-------------- next part --------------
# ### database configuration ###
Template: ospt/configure_db
Type: boolean
Default: false
_Description: Set up a database for this package?
No database has been set up for this package. Before continuing, you should
make sure you have the following information:
.
* the type of database that you want to use - generally MySQL is a good
choice, and other implementation like PostgreSQL or SQLite are often
problematic with OpenStack (this depends on the service);
* the database server hostname (that server must allow TCP connections from
this machine);
* a username and password to access the database.
.
Note that if you plan on using a remote database server, you must first
configure dbconfig-common to do so (using dpkg-reconfigure dbconfig-common),
and the remote database server needs to be configured with adequate
credentials.
.
If some of these requirements are missing, do not choose this option. Run
with regular SQLite support instead.
.
You can change this setting later on by running "dpkg-reconfigure -plow".
-------------- next part --------------
# ### service and endpoint registration ###
Template: ospt/configure_api-endpoint
Type: boolean
Default: false
_Description: Register this service in the Keystone endpoint catalog?
Each OpenStack service (each API) must be registered in the Keystone catalog
in order to be accessible. This is done using "openstack service create" and
"openstack endpoint create". This can be done automatically now.
.
Note that you will need to have an up and running Keystone server on which to
connect using a known admin project name, admin username and password. The
admin auth token is not used anymore.
.
Also, if a service with a matching name is already present in the Keystone
catalog, endpoint registration will be aborted.
Template: ospt/api-keystone-address
Type: string
_Description: Keystone server address:
Please enter the address (IP or resolvable address) of the Keystone server,
for creating the new service and endpoints.
.
Any non-valid ipv4, ipv6 or host address string will abort the endpoint
registration.
Template: ospt/api-keystone-admin-username
Type: string
Default: admin
_Description: Keystone admin username:
To create the service endpoint, this package needs to know the Admin
username, project name, and password, so it can issue commands through the
Keystone API.
Template: ospt/api-keystone-admin-project-name
Type: string
Default: admin
_Description: Keystone admin project name:
To create the service endpoint, this package needs to know the Admin login,
username, project name, and password, so it can issue commands through the the
Keystone API.
Template: ospt/api-keystone-admin-password
Type: password
_Description: Keystone admin password:
To create the service endpoint, this package needs to know the Admin login,
username, project name, and password, so it can issue commands through the the
Keystone API.
Template: ospt/api-endpoint-address
Type: string
_Description: Service endpoint IP address:
Please enter the endpoint address that will be used to contact this service.
.
This address should be accessible from the clients that will use this
service, so if you are installing a public cloud, this should be a public
address. You can specify either a Fully Qualified Domain Name (FQDN) or an IP
address. If you specify an FQDN, it must be resolvable for every host in this
cloud, preferably through the /etc/hosts file rather than a DNS query.
Template: ospt/api-endpoint-region-name
Type: string
Default: regionOne
_Description: Name of the region to register:
OpenStack supports using regions, with each region representing a different
location (usually a different data center). Please enter the region name that
you wish to use when registering the endpoint.
.
The region name is usually a string containing only ASCII alphanumerics,
dots, and dashes.
.
A non-valid string will abort the API endpoint registration.
-------------- next part --------------
# ### keystone_authtoken configuration ###
# ksat stands for keystone authtoken
Template: ospt/configure_ksat
Type: boolean
Default: false
_Description: Manage keystone_authtoken with debconf?
Every OpenStack service must contact Keystone, and this is configured through
the [keystone_authtoken] section of the configuration. Specify if you wish to
handle this configuration through debconf.
Template: ospt/ksat-public-url
Type: string
Default: http://localhost:5000
_Description: Auth server public endpoint URL:
Specify the URL of your Keystone authentication server public endpoint. This
value will be set in the www_authenticate_uri directive.
Template: ospt/ksat-admin-url
Type: string
Default: http://localhost:35357
_Description: Auth server admin endpoint URL:
Specify the URL of your Keystone authentication server admin endpoint. This
value will be set in auth_url.
Template: ospt/ksat-region
Type: string
Default: regionOne
_Description: Keystone region:
Specify the Keystone region to use.
.
The region name is usually a string containing only ASCII alphanumerics,
dots, and dashes.
Template: ospt/ksat-create-service-user
Type: boolean
Default: true
_Description: Create service user?
This package can reuse an already existing username, or create one right now.
If you wish to create one, then you will be prompted for the admin credentials.
Template: ospt/ksat-admin-username
Type: string
Default: admin
_Description: Auth server admin username:
Template: ospt/ksat-admin-project-name
Type: string
Default: admin
_Description: Auth server admin project name:
Template: ospt/ksat-admin-password
Type: password
_Description: Auth server admin password:
Template: ospt/ksat-service-username
Type: string
_Description: Auth server service username:
Template: ospt/ksat-service-project-name
Type: string
Default: service
_Description: Auth server service project name:
Template: ospt/ksat-service-password
Type: password
_Description: Auth server service password:
-------------- next part --------------
# ### rabbitmq access configuration ###
Template: ospt/configure_rabbit
Type: boolean
Default: false
_Description: Configure RabbitMQ access with debconf?
OpenStack services need access to a message queue server, defined by the
transport_url directive. Please specify whether configuring this should be
handled through debconf.
.
Only access to RabbitMQ is handled; the RabbitMQ user creation isn't
performed. A new RabbitMQ user can be created with the commands:
.
- rabbitmqctl add_user openstack PASSWORD
- rabbitmqctl set_permissions -p / openstack ".*" ".*" ".*"
.
Note that the default RabbitMQ guest account cannot be used for remote
connections.
Template: ospt/rabbit-host
Type: string
Default: localhost
_Description: IP address of your RabbitMQ host:
In order to interoperate with other components of OpenStack, this package
needs to connect to a central RabbitMQ server.
.
Please specify the IP address of that server.
Template: ospt/rabbit-userid
Type: string
Default: guest
_Description: Username for connection to the RabbitMQ server:
In order to interoperate with other components of OpenStack, this package
needs to connect to a central RabbitMQ server.
.
Please specify the username used to connect to that RabbitMQ server.
Template: ospt/rabbit-password
Type: password
_Description: Password for connection to the RabbitMQ server:
In order to interoperate with other components of OpenStack, this package
needs to connect to a central RabbitMQ server.
.
Please specify the password used to connect to that RabbitMQ server.
More information about the Openstack-devel
mailing list