Changes the server manifest

This patch changes the server.pp manifest:

  * Adds a doc header
  * Sets auth_password to false so noauth can be used
  * Wraps the auth stuff into a conditional block so noauth can be used
  * Formatting cleanup

Change-Id: Ia6e4522c5b45c5c4b59becae70d7468757a79f6a
This commit is contained in:
Joe Topjian 2013-05-06 14:15:29 -06:00
parent 14bfcf7e50
commit 8a3c185f1c
2 changed files with 124 additions and 23 deletions
manifests
spec/classes

@ -1,17 +1,68 @@
# == Class: quantum::server
#
# Setup and configure the quantum API endpoint
#
# === Parameters
#
# [*package_ensure*]
# (optional) The state of the package
# Defaults to present
#
# [*enabled*]
# (optional) The state of the service
# Defaults to true
#
# [*log_file*]
# (optional) Where to log
# Defaults to /var/log/quantum/server.log
#
# [*auth_password*]
# (optional) The password to use for authentication (keystone)
# Defaults to false. Set a value unless you are using noauth
#
# [*auth_type*]
# (optional) What auth system to use
# Defaults to 'keystone'. Can other be 'noauth'
#
# [*auth_host*]
# (optional) The keystone host
# Defaults to localhost
#
# [*auth_protocol*]
# (optional) The protocol used to access the auth host
# Defaults to http.
#
# [*auth_port*]
# (optional) The keystone auth port
# Defaults to 35357
#
# [*auth_tenant*]
# (optional) The tenant of the auth user
# Defaults to services
#
# [*auth_user*]
# (optional) The name of the auth user
# Defaults to quantum
#
# [*auth_protocol*]
# (optional) The protocol to connect to keystone
# Defaults to http
#
class quantum::server (
$auth_password,
$package_ensure = 'present',
$enabled = true,
$log_file = '/var/log/quantum/server.log',
$auth_type = 'keystone',
$auth_host = 'localhost',
$auth_port = '35357',
$auth_tenant = 'services',
$auth_user = 'quantum'
$package_ensure = 'present',
$enabled = true,
$auth_password = false,
$auth_type = 'keystone',
$auth_host = 'localhost',
$auth_port = '35357',
$auth_tenant = 'services',
$auth_user = 'quantum',
$auth_protocol = 'http',
$log_file = '/var/log/quantum/server.log'
) {
include 'quantum::params'
require 'keystone::python'
include quantum::params
require keystone::python
Quantum_config<||> ~> Service['quantum-server']
Quantum_api_config<||> ~> Service['quantum-server']
@ -20,21 +71,13 @@ class quantum::server (
'DEFAULT/log_file': value => $log_file
}
quantum_api_config {
'filter:authtoken/auth_host': value => $auth_host;
'filter:authtoken/auth_port': value => $auth_port;
'filter:authtoken/admin_tenant_name': value => $auth_tenant;
'filter:authtoken/admin_user': value => $auth_user;
'filter:authtoken/admin_password': value => $auth_password;
}
if $enabled {
$service_ensure = 'running'
} else {
$service_ensure = 'stopped'
}
if($::quantum::params::server_package) {
if ($::quantum::params::server_package) {
Package['quantum-server'] -> Quantum_api_config<||>
Package['quantum-server'] -> Quantum_config<||>
package {'quantum-server':
@ -43,6 +86,31 @@ class quantum::server (
}
}
if ($auth_type == 'keystone') {
if ($auth_password == false) {
fail('$auth_password must be set when using keystone authentication.')
} else {
quantum_config {
'keystone_authtoken/auth_host': value => $auth_host;
'keystone_authtoken/auth_port': value => $auth_port;
'keystone_authtoken/auth_protocol': value => $auth_protocol;
'keystone_authtoken/admin_tenant_name': value => $auth_user;
'keystone_authtoken/admin_user': value => $auth_user;
'keystone_authtoken/admin_password': value => $keystone_password;
}
quantum_api_config {
'filter:authtoken/auth_host': value => $auth_host;
'filter:authtoken/auth_port': value => $auth_port;
'filter:authtoken/auth_protocol': value => $auth_protocol;
'filter:authtoken/admin_tenant_name': value => $auth_tenant;
'filter:authtoken/admin_user': value => $auth_user;
'filter:authtoken/admin_password': value => $keystone_password;
}
}
}
service {'quantum-server':
name => $::quantum::params::server_service,
ensure => $service_ensure,

@ -3,15 +3,47 @@ require 'spec_helper'
describe 'quantum::server' do
let :params do
{ :auth_password => 'passw0rd' }
{
:auth_password => 'passw0rd',
:auth_user => 'quantum'
}
end
shared_examples_for 'a quantum server' do
it { should include_class('quantum::params') }
it 'configures quantum.conf' do
should contain_quantum_config('keystone_authtoken/admin_user').with(
:value => params[:auth_user]
)
end
it 'configures quantum-api.conf' do
should contain_quantum_api_config('filter:authtoken/admin_user').with(
:value => params[:auth_user]
)
end
end
shared_examples_for 'a quantum server with broken authentication' do
before do
params.delete(:auth_password)
end
it do
expect {
should contain_quantum_api_config('filter:authtoken/admin_user').with(
:value => params[:auth_user]
)
}.to raise_error(Puppet::Error, /auth_password must be set/)
end
end
context 'on Debian platforms' do
let :facts do
{ :osfamily => 'Debian' }
end
it { should contain_class('quantum::server') }
it_configures 'a quantum server'
it_configures 'a quantum server with broken authentication'
end
context 'on RedHat platforms' do
@ -19,6 +51,7 @@ describe 'quantum::server' do
{ :osfamily => 'RedHat' }
end
it { should contain_class('quantum::server') }
it_configures 'a quantum server'
it_configures 'a quantum server with broken authentication'
end
end