Improve cinder::nova support for auth_type password

Add ability to configure the [nova] settings required when the auth_type
is password. This allows cinder to access the nova API as a privileged
user.

Change-Id: Ia357ea41f8472d47e266d853f120a14b767e880d
(cherry picked from commit 05d6b0851f)
(cherry picked from commit 9dfd4bbe50)
This commit is contained in:
Alan Bishop 2018-11-14 16:34:46 -05:00
parent 14ed2f7dd8
commit 93b3d6841f
2 changed files with 70 additions and 13 deletions

View File

@ -55,19 +55,49 @@
# specific options.
# Defaults to $::os_service_default
#
# [*auth_url*]
# (Optional) Identity service url.
# Defaults to $::os_service_default
#
# [*username*]
# (Optional) Nova admin username.
# Defaults to 'nova'
#
# [*user_domain_name*]
# (Optional) Nova admin user domain name.
# Defaults to 'Default'
#
# [*password*]
# (Optional) Nova admin password.
# Defaults to undef
#
# [*project_name*]
# (Optional) Nova admin project name.
# Defaults to 'service'
#
# [*project_domain_name*]
# (Optional) Nova admin project domain name.
# Defaults to 'Default'
#
class cinder::nova (
$region_name = $::os_service_default,
$interface = $::os_service_default,
$token_auth_url = $::os_service_default,
$cafile = $::os_service_default,
$certfile = $::os_service_default,
$keyfile = $::os_service_default,
$insecure = $::os_service_default,
$timeout = $::os_service_default,
$collect_timing = $::os_service_default,
$split_loggers = $::os_service_default,
$auth_type = $::os_service_default,
$auth_section = $::os_service_default,
$region_name = $::os_service_default,
$interface = $::os_service_default,
$token_auth_url = $::os_service_default,
$cafile = $::os_service_default,
$certfile = $::os_service_default,
$keyfile = $::os_service_default,
$insecure = $::os_service_default,
$timeout = $::os_service_default,
$collect_timing = $::os_service_default,
$split_loggers = $::os_service_default,
$auth_type = $::os_service_default,
$auth_section = $::os_service_default,
$auth_url = $::os_service_default,
$username = 'nova',
$user_domain_name = 'Default',
$password = undef,
$project_name = 'service',
$project_domain_name = 'Default',
) {
include ::cinder::deps
@ -86,4 +116,15 @@ class cinder::nova (
'nova/auth_type': value => $auth_type;
'nova/auth_section': value => $auth_section;
}
if $auth_type == 'password' {
cinder_config {
'nova/auth_url': value => $auth_url;
'nova/username': value => $username;
'nova/user_domain_name': value => $user_domain_name;
'nova/password': value => $password, secret => true;
'nova/project_name': value => $project_name;
'nova/project_domain_name': value => $project_domain_name;
}
}
}

View File

@ -16,6 +16,14 @@ describe 'cinder::nova' do
should contain_cinder_config('nova/split_loggers').with_value('<SERVICE DEFAULT>')
should contain_cinder_config('nova/auth_type').with_value('<SERVICE DEFAULT>')
should contain_cinder_config('nova/auth_section').with_value('<SERVICE DEFAULT>')
# These should be added only when auth_type is 'password'
should_not contain_cinder_config('nova/auth_url')
should_not contain_cinder_config('nova/username')
should_not contain_cinder_config('nova/user_domain_name')
should_not contain_cinder_config('nova/password')
should_not contain_cinder_config('nova/project_name')
should_not contain_cinder_config('nova/project_domain_name')
}
end
@ -33,7 +41,9 @@ describe 'cinder::nova' do
:collect_timing => true,
:split_loggers => true,
:auth_type => 'password',
:auth_section => 'my_section'
:auth_section => 'my_section',
:auth_url => 'http://127.0.0.2:5000',
:password => 'foo',
}
end
@ -50,6 +60,12 @@ describe 'cinder::nova' do
should contain_cinder_config('nova/split_loggers').with_value(true)
should contain_cinder_config('nova/auth_type').with_value('password')
should contain_cinder_config('nova/auth_section').with_value('my_section')
should contain_cinder_config('nova/auth_url').with_value('http://127.0.0.2:5000')
should contain_cinder_config('nova/username').with_value('nova')
should contain_cinder_config('nova/user_domain_name').with_value('Default')
should contain_cinder_config('nova/password').with_value('foo')
should contain_cinder_config('nova/project_name').with_value('service')
should contain_cinder_config('nova/project_domain_name').with_value('Default')
}
end
end