openstack
/
puppet-ceilometer
Code Issues Proposed changes

Add RabbitMQ SSL support 

Change-Id: I6efe4819fb703ea815de259cb91b2ee50f51a0e3
This commit is contained in:
John Eckersberg 2014-05-05 16:20:49 -04:00
parent a914270e28
commit 76423fd42a
2 changed files with 98 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
manifests/init.pp
View File

@ -37,6 +37,23 @@
# password to connect to the rabbit_server. Optional. Defaults to empty.
# [*rabbit_virtual_host*]
# virtualhost to use. Optional. Defaults to '/'
# [*rabbit_use_ssl*]
# (optional) Connect over SSL for RabbitMQ
# Defaults to false
# [*kombu_ssl_ca_certs*]
# (optional) SSL certification authority file (valid only if SSL enabled).
# Defaults to undef
# [*kombu_ssl_certfile*]
# (optional) SSL cert file (valid only if SSL enabled).
# Defaults to undef
# [*kombu_ssl_keyfile*]
# (optional) SSL key file (valid only if SSL enabled).
# Defaults to undef
# [*kombu_ssl_version*]
# (optional) SSL version to use (valid only if SSL enabled).
# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
# available on some distributions.
# Defaults to 'SSLv3'
#
# [*qpid_hostname*]
# [*qpid_port*]
@ -70,6 +87,11 @@ class ceilometer(
$rabbit_userid = 'guest',
$rabbit_password = '',
$rabbit_virtual_host = '/',
$rabbit_use_ssl = false,
$kombu_ssl_ca_certs = undef,
$kombu_ssl_certfile = undef,
$kombu_ssl_keyfile = undef,
$kombu_ssl_version = 'SSLv3',
$qpid_hostname = 'localhost',
$qpid_port = 5672,
$qpid_username = 'guest',
@ -151,6 +173,40 @@ class ceilometer(
'DEFAULT/rabbit_userid' : value => $rabbit_userid;
'DEFAULT/rabbit_password' : value => $rabbit_password;
'DEFAULT/rabbit_virtual_host' : value => $rabbit_virtual_host;
'DEFAULT/rabbit_use_ssl' : value => $rabbit_use_ssl;
}
if $rabbit_use_ssl {
if $kombu_ssl_ca_certs {
ceilometer_config { 'DEFAULT/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs }
} else {
ceilometer_config { 'DEFAULT/kombu_ssl_ca_certs': ensure => absent}
}
if $kombu_ssl_certfile {
ceilometer_config { 'DEFAULT/kombu_ssl_certfile': value => $kombu_ssl_certfile }
} else {
ceilometer_config { 'DEFAULT/kombu_ssl_certfile': ensure => absent}
}
if $kombu_ssl_keyfile {
ceilometer_config { 'DEFAULT/kombu_ssl_keyfile': value => $kombu_ssl_keyfile }
} else {
ceilometer_config { 'DEFAULT/kombu_ssl_keyfile': ensure => absent}
}
if $kombu_ssl_version {
ceilometer_config { 'DEFAULT/kombu_ssl_version': value => $kombu_ssl_version }
} else {
ceilometer_config { 'DEFAULT/kombu_ssl_version': ensure => absent}
}
} else {
ceilometer_config {
'DEFAULT/kombu_ssl_ca_certs': ensure => absent;
'DEFAULT/kombu_ssl_certfile': ensure => absent;
'DEFAULT/kombu_ssl_keyfile': ensure => absent;
'DEFAULT/kombu_ssl_version': ensure => absent;
}
}
}

42
spec/classes/ceilometer_init_spec.rb
View File

@ -37,6 +37,7 @@ describe 'ceilometer' do
context 'with rabbit_host parameter' do
before { params.merge!( rabbit_params ) }
it_configures 'a ceilometer base installation'
it_configures 'rabbit with SSL support'
it_configures 'rabbit without HA support (with backward compatibility)'
end
@ -44,12 +45,14 @@ describe 'ceilometer' do
context 'with one server' do
before { params.merge!( rabbit_params ).merge!( :rabbit_hosts => ['127.0.0.1:5672'] ) }
it_configures 'a ceilometer base installation'
it_configures 'rabbit with SSL support'
it_configures 'rabbit without HA support (without backward compatibility)'
end
context 'with multiple servers' do
before { params.merge!( rabbit_params ).merge!( :rabbit_hosts => ['rabbit1:5672', 'rabbit2:5672'] ) }
it_configures 'a ceilometer base installation'
it_configures 'rabbit with SSL support'
it_configures 'rabbit with HA support'
end
end
@ -208,6 +211,45 @@ describe 'ceilometer' do
it { should contain_ceilometer_config('DEFAULT/rabbit_ha_queues').with_value('true') }
end
shared_examples_for 'rabbit with SSL support' do
context "with default parameters" do
it { should contain_ceilometer_config('DEFAULT/rabbit_use_ssl').with_value('false') }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_ca_certs').with_ensure('absent') }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_certfile').with_ensure('absent') }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_keyfile').with_ensure('absent') }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_ensure('absent') }
end
context "with SSL enabled" do
before { params.merge!( :rabbit_use_ssl => 'true' ) }
it { should contain_ceilometer_config('DEFAULT/rabbit_use_ssl').with_value('true') }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_ca_certs').with_ensure('absent') }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_certfile').with_ensure('absent') }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_keyfile').with_ensure('absent') }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_value('SSLv3') }
context "with ca_certs" do
before { params.merge!( :kombu_ssl_ca_certs => '/path/to/ca.crt' ) }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_ca_certs').with_value('/path/to/ca.crt') }
end
context "with certfile" do
before { params.merge!( :kombu_ssl_certfile => '/path/to/cert.crt' ) }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_certfile').with_value('/path/to/cert.crt') }
end
context "with keyfile" do
before { params.merge!( :kombu_ssl_keyfile => '/path/to/cert.key' ) }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_keyfile').with_value('/path/to/cert.key') }
end
context "with version" do
before { params.merge!( :kombu_ssl_version => 'TLSv1' ) }
it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_value('TLSv1') }
end
end
end
shared_examples_for 'qpid support' do
context("with default parameters") do
it { should contain_ceilometer_config('DEFAULT/qpid_reconnect').with_value(true) }