Add ceilometer::agent::auth.

Adds a new agent::auth manifest to hold common auth
parameters used by the Ceilometer compute and central agents.

This fixes a deployment issue where you would get duplicate
auth parameter errors when trying to configure the compute
and central agent on the same machine.

Fixes Bug #1220810.

Change-Id: I167c6c570bdebb4be2ef99cd0b9cf81f37856d9f

examples/site.pp

@@ -28,6 +28,10 @@ node default {
     keystone_password => 'tralalayouyou'
   }
 
+  # Set common auth parameters used by all agents (compute/central)
+  class { 'ceilometer::agent::auth':
+  }
+
   # Install compute agent
   class { 'ceilometer::agent::compute':
   }

manifests/agent/auth.pp

@@ -0,0 +1,62 @@
+# The ceilometer::agent::auth class helps configure common
+# auth settings for the agents.
+#
+# == Parameters
+#  [*auth_url*]
+#    the keystone public endpoint
+#    Optional. Defaults to 'http://localhost:5000/v2.0'
+#
+#  [*auth_region*]
+#    the keystone region of this node
+#    Optional. Defaults to 'RegionOne'
+#
+#  [*auth_user*]
+#    the keystone user for ceilometer services
+#    Optional. Defaults to 'ceilometer'
+#
+#  [*auth_password*]
+#    the keystone password for ceilometer services
+#    Required.
+#
+#  [*auth_tenant_name*]
+#    the keystone tenant name for ceilometer services
+#    Optional. Defaults to 'services'
+#
+#  [*auth_tenant_id*]
+#    the keystone tenant id for ceilometer services.
+#    Optional. Defaults to empty.
+#
+#  [*auth_cacert*]
+#    Certificate chain for SSL validation. Optional; Defaults to 'None'
+#
+class ceilometer::agent::auth (
+  $auth_password,
+  $auth_url         = 'http://localhost:5000/v2.0',
+  $auth_region      = 'RegionOne',
+  $auth_user        = 'ceilometer',
+  $auth_tenant_name = 'services',
+  $auth_tenant_id   = '',
+  $auth_cacert      = undef,
+) {
+
+  if ! $auth_cacert {
+    ceilometer_config { 'DEFAULT/os_cacert': ensure => absent }
+  } else {
+    ceilometer_config { 'DEFAULT/os_cacert': value => $auth_cacert }
+  }
+
+  ceilometer_config {
+    'DEFAULT/os_auth_url'         : value => $auth_url;
+    'DEFAULT/os_auth_region'      : value => $auth_region;
+    'DEFAULT/os_username'         : value => $auth_user;
+    'DEFAULT/os_password'         : value => $auth_password;
+    'DEFAULT/os_tenant_name'      : value => $auth_tenant_name;
+  }
+
+  if ($auth_tenant_id != '') {
+    ceilometer_config {
+      'DEFAULT/os_tenant_id'        : value => $auth_tenant_id;
+    }
+  }
+
+}

manifests/agent/central.pp

@@ -1,38 +1,10 @@
 # Installs/configures the ceilometer central agent
 #
 # == Parameters
-#  [*auth_url*]
-#    Keystone URL. Optional. Defaults to 'http://localhost:5000/v2.0'
-#
-#  [*auth_region*]
-#    Keystone region. Optional. Defaults to 'RegionOne'
-#
-#  [*auth_user*]
-#    Keystone user for ceilometer. Optional. Defaults to 'ceilometer'
-#
-#  [*auth_password*]
-#    Keystone password for ceilometer. Optional. Defaults to 'password'
-#
-#  [*auth_tenant_name*]
-#    Keystone tenant name for ceilometer. Optional. Defaults to 'services'
-#
-#  [*auth_tenant_id*]
-#    Keystone tenant id for ceilometer. Optional. Defaults to empty.
-#
-#  [*auth_cacert*]
-#    Certificate chain for SSL validation. Optional; Defaults to 'None'
-#
 #  [*enabled*]
 #    Should the service be enabled. Optional. Defauls to true
 #
 class ceilometer::agent::central (
-  $auth_url         = 'http://localhost:5000/v2.0',
-  $auth_region      = 'RegionOne',
-  $auth_user        = 'ceilometer',
-  $auth_password    = 'password',
-  $auth_tenant_name = 'services',
-  $auth_tenant_id   = '',
-  $auth_cacert      = undef,
   $enabled          = true,
 ) {
 
@@ -46,12 +18,6 @@ class ceilometer::agent::central (
     name   => $::ceilometer::params::agent_central_package_name,
   }
 
-  if ! $auth_cacert {
-    ceilometer_config { 'DEFAULT/os_cacert': ensure => absent }
-  } else {
-    ceilometer_config { 'DEFAULT/os_cacert': value => $auth_cacert }
-  }
-
   if $enabled {
     $service_ensure = 'running'
   } else {
@@ -67,17 +33,4 @@ class ceilometer::agent::central (
     hasrestart => true,
   }
 
-  ceilometer_config {
-    'DEFAULT/os_auth_url'         : value => $auth_url;
-    'DEFAULT/os_auth_region'      : value => $auth_region;
-    'DEFAULT/os_username'         : value => $auth_user;
-    'DEFAULT/os_password'         : value => $auth_password;
-    'DEFAULT/os_tenant_name'      : value => $auth_tenant_name;
-  }
-
-  if ($auth_tenant_id != '') {
-    ceilometer_config {
-      'DEFAULT/os_tenant_id'        : value => $auth_tenant_id;
-    }
-  }
 }

manifests/agent/compute.pp

@@ -2,45 +2,11 @@
 # Include this class on all nova compute nodes
 #
 # == Parameters
-#  [*auth_url*]
-#    the keystone public endpoint
-#    Optional. Defaults to 'http://localhost:5000/v2.0'
-#
-#  [*auth_region*]
-#    the keystone region of this compute node
-#    Optional. Defaults to 'RegionOne'
-#
-#  [*auth_user*]
-#    the keystone user for ceilometer services
-#    Optional. Defaults to 'ceilometer'
-#
-#  [*auth_password*]
-#    the keystone password for ceilometer services
-#    Optional. Defaults to 'password'
-#
-#  [*auth_tenant_name*]
-#    the keystone tenant name for ceilometer services
-#    Optional. Defaults to 'services'
-#
-#  [*auth_tenant_id*]
-#    the keystone tenant id for ceilometer services.
-#    Optional. Defaults to empty.
-#
-#  [*auth_cacert*]
-#    Certificate chain for SSL validation. Optional; Defaults to 'None'
-#
 #  [*enabled*]
 #    should the service be started or not
 #    Optional. Defaults to true
 #
 class ceilometer::agent::compute (
-  $auth_url         = 'http://localhost:5000/v2.0',
-  $auth_region      = 'RegionOne',
-  $auth_user        = 'ceilometer',
-  $auth_password    = 'password',
-  $auth_tenant_name = 'services',
-  $auth_tenant_id   = '',
-  $auth_cacert      = undef,
   $enabled          = true,
 ) inherits ceilometer {
 
@@ -54,20 +20,12 @@ class ceilometer::agent::compute (
     name   => $::ceilometer::params::agent_compute_package_name,
   }
 
-  if ! $auth_cacert {
-    ceilometer_config { 'DEFAULT/os_cacert': ensure => absent }
-  } else {
-    ceilometer_config { 'DEFAULT/os_cacert': value => $auth_cacert }
-  }
-
-
   if $::ceilometer::params::libvirt_group {
     User['ceilometer'] {
       groups +> [$::ceilometer::params::libvirt_group]
     }
   }
 
-
   if $enabled {
     $service_ensure = 'running'
   } else {
@@ -83,20 +41,6 @@ class ceilometer::agent::compute (
     hasrestart => true,
   }
 
-  ceilometer_config {
-    'DEFAULT/os_auth_url'         : value => $auth_url;
-    'DEFAULT/os_auth_region'      : value => $auth_region;
-    'DEFAULT/os_username'         : value => $auth_user;
-    'DEFAULT/os_password'         : value => $auth_password;
-    'DEFAULT/os_tenant_name'      : value => $auth_tenant_name;
-  }
-
-  if ($auth_tenant_id != '') {
-    ceilometer_config {
-      'DEFAULT/os_tenant_id'        : value => $auth_tenant_id;
-    }
-  }
-
   nova_config {
     'DEFAULT/instance_usage_audit'        : value => 'True';
     'DEFAULT/instance_usage_audit_period' : value => 'hour';

spec/classes/ceilometer_agent_auth_spec.rb

@@ -0,0 +1,39 @@
+require 'spec_helper'
+
+describe 'ceilometer::agent::auth' do
+
+  let :pre_condition do
+    "class { 'ceilometer': metering_secret => 's3cr3t' }"
+  end
+
+  let :params do
+    { :auth_url         => 'http://localhost:5000/v2.0',
+      :auth_region      => 'RegionOne',
+      :auth_user        => 'ceilometer',
+      :auth_password    => 'password',
+      :auth_tenant_name => 'services',
+      :enabled          => true,
+    }
+  end
+
+  shared_examples_for 'ceilometer-agent-auth' do
+
+    it 'configures authentication' do
+      should contain_ceilometer_config('DEFAULT/os_auth_url').with_value('http://localhost:5000/v2.0')
+      should contain_ceilometer_config('DEFAULT/os_auth_region').with_value('RegionOne')
+      should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer')
+      should contain_ceilometer_config('DEFAULT/os_password').with_value('password')
+      should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services')
+      should contain_ceilometer_config('DEFAULT/os_cacert').with(:ensure => 'absent')
+    end
+
+    context 'when overriding parameters' do
+      before do
+        params.merge!(:auth_cacert => '/tmp/dummy.pem')
+      end
+      it { should contain_ceilometer_config('DEFAULT/os_cacert').with_value(params[:auth_cacert]) }
+    end
+
+  end
+
+end

spec/classes/ceilometer_agent_central_spec.rb

@@ -7,13 +7,7 @@ describe 'ceilometer::agent::central' do
   end
 
   let :params do
-    { :auth_url         => 'http://localhost:5000/v2.0',
-      :auth_region      => 'RegionOne',
-      :auth_user        => 'ceilometer',
-      :auth_password    => 'password',
-      :auth_tenant_name => 'services',
-      :enabled          => true,
-    }
+    { :enabled          => true }
   end
 
   shared_examples_for 'ceilometer-agent-central' do
@@ -44,21 +38,7 @@ describe 'ceilometer::agent::central' do
       )
     end
 
-    it 'configures authentication' do
-      should contain_ceilometer_config('DEFAULT/os_auth_url').with_value('http://localhost:5000/v2.0')
-      should contain_ceilometer_config('DEFAULT/os_auth_region').with_value('RegionOne')
-      should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer')
-      should contain_ceilometer_config('DEFAULT/os_password').with_value('password')
-      should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services')
-    end
-
-    context 'when overriding parameters' do
-      before do
-        params.merge!(:auth_cacert => '/tmp/dummy.pem')
-      end
-      it { should contain_ceilometer_config('DEFAULT/os_cacert').with_value(params[:auth_cacert]) }
-    end
-end
+  end
 
   context 'on Debian platforms' do
     let :facts do

spec/classes/ceilometer_agent_compute_spec.rb

@@ -9,13 +9,7 @@ describe 'ceilometer::agent::compute' do
   end
 
   let :params do
-    { :auth_url         => 'http://localhost:5000/v2.0',
-      :auth_region      => 'RegionOne',
-      :auth_user        => 'ceilometer',
-      :auth_password    => 'password',
-      :auth_tenant_name => 'services',
-      :enabled          => true,
-    }
+    { :enabled          => true }
   end
 
   shared_examples_for 'ceilometer-agent-compute' do
@@ -52,22 +46,6 @@ describe 'ceilometer::agent::compute' do
       )
     end
 
-    it 'configures authentication' do
-      should contain_ceilometer_config('DEFAULT/os_auth_url').with_value('http://localhost:5000/v2.0')
-      should contain_ceilometer_config('DEFAULT/os_auth_region').with_value('RegionOne')
-      should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer')
-      should contain_ceilometer_config('DEFAULT/os_password').with_value('password')
-      should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services')
-      should contain_ceilometer_config('DEFAULT/os_cacert').with(:ensure => 'absent')
-    end
-
-    context 'when overriding parameters' do
-      before do
-        params.merge!(:auth_cacert => '/tmp/dummy.pem')
-      end
-      it { should contain_ceilometer_config('DEFAULT/os_cacert').with_value(params[:auth_cacert]) }
-    end
-
     it 'configures instance usage audit in nova' do
       should contain_nova_config('DEFAULT/instance_usage_audit').with_value('True')
       should contain_nova_config('DEFAULT/instance_usage_audit_period').with_value('hour')
@@ -85,7 +63,8 @@ describe 'ceilometer::agent::compute' do
         :notify => 'Service[nova-compute]'
       )
     end
-end
+
+  end
 
   context 'on Debian platforms' do
     let :facts do