Changes the server manifest
This patch changes the server.pp manifest: * Adds a doc header * Sets auth_password to false so noauth can be used * Wraps the auth stuff into a conditional block so noauth can be used * Formatting cleanup Change-Id: Ia6e4522c5b45c5c4b59becae70d7468757a79f6a
This commit is contained in:
parent
14bfcf7e50
commit
8a3c185f1c
@ -1,17 +1,68 @@
|
||||
# == Class: quantum::server
|
||||
#
|
||||
# Setup and configure the quantum API endpoint
|
||||
#
|
||||
# === Parameters
|
||||
#
|
||||
# [*package_ensure*]
|
||||
# (optional) The state of the package
|
||||
# Defaults to present
|
||||
#
|
||||
# [*enabled*]
|
||||
# (optional) The state of the service
|
||||
# Defaults to true
|
||||
#
|
||||
# [*log_file*]
|
||||
# (optional) Where to log
|
||||
# Defaults to /var/log/quantum/server.log
|
||||
#
|
||||
# [*auth_password*]
|
||||
# (optional) The password to use for authentication (keystone)
|
||||
# Defaults to false. Set a value unless you are using noauth
|
||||
#
|
||||
# [*auth_type*]
|
||||
# (optional) What auth system to use
|
||||
# Defaults to 'keystone'. Can other be 'noauth'
|
||||
#
|
||||
# [*auth_host*]
|
||||
# (optional) The keystone host
|
||||
# Defaults to localhost
|
||||
#
|
||||
# [*auth_protocol*]
|
||||
# (optional) The protocol used to access the auth host
|
||||
# Defaults to http.
|
||||
#
|
||||
# [*auth_port*]
|
||||
# (optional) The keystone auth port
|
||||
# Defaults to 35357
|
||||
#
|
||||
# [*auth_tenant*]
|
||||
# (optional) The tenant of the auth user
|
||||
# Defaults to services
|
||||
#
|
||||
# [*auth_user*]
|
||||
# (optional) The name of the auth user
|
||||
# Defaults to quantum
|
||||
#
|
||||
# [*auth_protocol*]
|
||||
# (optional) The protocol to connect to keystone
|
||||
# Defaults to http
|
||||
#
|
||||
class quantum::server (
|
||||
$auth_password,
|
||||
$package_ensure = 'present',
|
||||
$enabled = true,
|
||||
$log_file = '/var/log/quantum/server.log',
|
||||
$auth_type = 'keystone',
|
||||
$auth_host = 'localhost',
|
||||
$auth_port = '35357',
|
||||
$auth_tenant = 'services',
|
||||
$auth_user = 'quantum'
|
||||
$package_ensure = 'present',
|
||||
$enabled = true,
|
||||
$auth_password = false,
|
||||
$auth_type = 'keystone',
|
||||
$auth_host = 'localhost',
|
||||
$auth_port = '35357',
|
||||
$auth_tenant = 'services',
|
||||
$auth_user = 'quantum',
|
||||
$auth_protocol = 'http',
|
||||
$log_file = '/var/log/quantum/server.log'
|
||||
) {
|
||||
include 'quantum::params'
|
||||
|
||||
require 'keystone::python'
|
||||
include quantum::params
|
||||
require keystone::python
|
||||
|
||||
Quantum_config<||> ~> Service['quantum-server']
|
||||
Quantum_api_config<||> ~> Service['quantum-server']
|
||||
@ -20,21 +71,13 @@ class quantum::server (
|
||||
'DEFAULT/log_file': value => $log_file
|
||||
}
|
||||
|
||||
quantum_api_config {
|
||||
'filter:authtoken/auth_host': value => $auth_host;
|
||||
'filter:authtoken/auth_port': value => $auth_port;
|
||||
'filter:authtoken/admin_tenant_name': value => $auth_tenant;
|
||||
'filter:authtoken/admin_user': value => $auth_user;
|
||||
'filter:authtoken/admin_password': value => $auth_password;
|
||||
}
|
||||
|
||||
if $enabled {
|
||||
$service_ensure = 'running'
|
||||
} else {
|
||||
$service_ensure = 'stopped'
|
||||
}
|
||||
|
||||
if($::quantum::params::server_package) {
|
||||
if ($::quantum::params::server_package) {
|
||||
Package['quantum-server'] -> Quantum_api_config<||>
|
||||
Package['quantum-server'] -> Quantum_config<||>
|
||||
package {'quantum-server':
|
||||
@ -43,6 +86,31 @@ class quantum::server (
|
||||
}
|
||||
}
|
||||
|
||||
if ($auth_type == 'keystone') {
|
||||
|
||||
if ($auth_password == false) {
|
||||
fail('$auth_password must be set when using keystone authentication.')
|
||||
} else {
|
||||
quantum_config {
|
||||
'keystone_authtoken/auth_host': value => $auth_host;
|
||||
'keystone_authtoken/auth_port': value => $auth_port;
|
||||
'keystone_authtoken/auth_protocol': value => $auth_protocol;
|
||||
'keystone_authtoken/admin_tenant_name': value => $auth_user;
|
||||
'keystone_authtoken/admin_user': value => $auth_user;
|
||||
'keystone_authtoken/admin_password': value => $keystone_password;
|
||||
}
|
||||
|
||||
quantum_api_config {
|
||||
'filter:authtoken/auth_host': value => $auth_host;
|
||||
'filter:authtoken/auth_port': value => $auth_port;
|
||||
'filter:authtoken/auth_protocol': value => $auth_protocol;
|
||||
'filter:authtoken/admin_tenant_name': value => $auth_tenant;
|
||||
'filter:authtoken/admin_user': value => $auth_user;
|
||||
'filter:authtoken/admin_password': value => $keystone_password;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
service {'quantum-server':
|
||||
name => $::quantum::params::server_service,
|
||||
ensure => $service_ensure,
|
||||
|
@ -3,15 +3,47 @@ require 'spec_helper'
|
||||
describe 'quantum::server' do
|
||||
|
||||
let :params do
|
||||
{ :auth_password => 'passw0rd' }
|
||||
{
|
||||
:auth_password => 'passw0rd',
|
||||
:auth_user => 'quantum'
|
||||
}
|
||||
end
|
||||
|
||||
shared_examples_for 'a quantum server' do
|
||||
it { should include_class('quantum::params') }
|
||||
it 'configures quantum.conf' do
|
||||
should contain_quantum_config('keystone_authtoken/admin_user').with(
|
||||
:value => params[:auth_user]
|
||||
)
|
||||
end
|
||||
it 'configures quantum-api.conf' do
|
||||
should contain_quantum_api_config('filter:authtoken/admin_user').with(
|
||||
:value => params[:auth_user]
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples_for 'a quantum server with broken authentication' do
|
||||
before do
|
||||
params.delete(:auth_password)
|
||||
end
|
||||
it do
|
||||
expect {
|
||||
should contain_quantum_api_config('filter:authtoken/admin_user').with(
|
||||
:value => params[:auth_user]
|
||||
)
|
||||
}.to raise_error(Puppet::Error, /auth_password must be set/)
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
context 'on Debian platforms' do
|
||||
let :facts do
|
||||
{ :osfamily => 'Debian' }
|
||||
end
|
||||
|
||||
it { should contain_class('quantum::server') }
|
||||
it_configures 'a quantum server'
|
||||
it_configures 'a quantum server with broken authentication'
|
||||
end
|
||||
|
||||
context 'on RedHat platforms' do
|
||||
@ -19,6 +51,7 @@ describe 'quantum::server' do
|
||||
{ :osfamily => 'RedHat' }
|
||||
end
|
||||
|
||||
it { should contain_class('quantum::server') }
|
||||
it_configures 'a quantum server'
|
||||
it_configures 'a quantum server with broken authentication'
|
||||
end
|
||||
end
|
||||
|
Loading…
x
Reference in New Issue
Block a user