Adds tls_priority parameter to nova::compute::libvirt
Override the compile time default TLS priority string. The default is usually "NORMAL" unless overridden at build time. Only set this if it is desired for libvirt to deviate from the global default settings. Conflicts: manifests/compute/libvirt.pp Change-Id: I221d48ba720e8ad820050fb5f735cd20d75f2f7a Related-Bug: #1840447 (cherry picked from commit7f9c58f86c
) (cherry picked from commitb28b01a01f
) (cherry picked from commitef1499a4c6
)
This commit is contained in:
parent
78e70e16e2
commit
4120d79e13
|
@ -159,6 +159,13 @@
|
||||||
# https://libvirt.org/logging.html
|
# https://libvirt.org/logging.html
|
||||||
# Defaults to undef
|
# Defaults to undef
|
||||||
#
|
#
|
||||||
|
# [*tls_priority*]
|
||||||
|
# (optional) Override the compile time default TLS priority string. The
|
||||||
|
# default is usually "NORMAL" unless overridden at build time.
|
||||||
|
# Only set this if it is desired for libvirt to deviate from
|
||||||
|
# the global default settings.
|
||||||
|
# Defaults to undef
|
||||||
|
#
|
||||||
class nova::compute::libvirt (
|
class nova::compute::libvirt (
|
||||||
$ensure_package = 'present',
|
$ensure_package = 'present',
|
||||||
$libvirt_virt_type = 'kvm',
|
$libvirt_virt_type = 'kvm',
|
||||||
|
@ -189,6 +196,7 @@ class nova::compute::libvirt (
|
||||||
$nfs_mount_options = $::os_service_default,
|
$nfs_mount_options = $::os_service_default,
|
||||||
$mem_stats_period_seconds = $::os_service_default,
|
$mem_stats_period_seconds = $::os_service_default,
|
||||||
$log_filters = undef,
|
$log_filters = undef,
|
||||||
|
$tls_priority = undef,
|
||||||
) inherits nova::params {
|
) inherits nova::params {
|
||||||
|
|
||||||
include ::nova::deps
|
include ::nova::deps
|
||||||
|
@ -231,6 +239,12 @@ class nova::compute::libvirt (
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if $tls_priority {
|
||||||
|
libvirtd_config {
|
||||||
|
'tls_priority': value => "\"${tls_priority}\"";
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
# manage_libvirt_services is here for backward compatibility to support
|
# manage_libvirt_services is here for backward compatibility to support
|
||||||
# deployments that do not include nova::compute::libvirt::services
|
# deployments that do not include nova::compute::libvirt::services
|
||||||
#
|
#
|
||||||
|
|
|
@ -0,0 +1,8 @@
|
||||||
|
---
|
||||||
|
features:
|
||||||
|
- |
|
||||||
|
Add tls_priority parameter to nova::compute::libvirt class
|
||||||
|
to override the compile time default TLS priority string. The
|
||||||
|
default is usually "NORMAL" unless overridden at build time.
|
||||||
|
Only set this if it is desired for libvirt to deviate from
|
||||||
|
the global default settings.
|
|
@ -64,6 +64,7 @@ describe 'nova::compute::libvirt' do
|
||||||
it { is_expected.to contain_nova_config('libvirt/nfs_mount_options').with_ensure('<SERVICE DEFAULT>')}
|
it { is_expected.to contain_nova_config('libvirt/nfs_mount_options').with_ensure('<SERVICE DEFAULT>')}
|
||||||
it { is_expected.to contain_nova_config('libvirt/mem_stats_period_seconds').with_value('<SERVICE DEFAULT>')}
|
it { is_expected.to contain_nova_config('libvirt/mem_stats_period_seconds').with_value('<SERVICE DEFAULT>')}
|
||||||
it { is_expected.to contain_libvirtd_config('log_filters').with_ensure('absent')}
|
it { is_expected.to contain_libvirtd_config('log_filters').with_ensure('absent')}
|
||||||
|
it { is_expected.to contain_libvirtd_config('tls_priority').with_ensure('absent')}
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'with params' do
|
describe 'with params' do
|
||||||
|
@ -92,6 +93,7 @@ describe 'nova::compute::libvirt' do
|
||||||
:nfs_mount_options => 'rw,intr,nolock',
|
:nfs_mount_options => 'rw,intr,nolock',
|
||||||
:mem_stats_period_seconds => 20,
|
:mem_stats_period_seconds => 20,
|
||||||
:log_filters => '1:qemu',
|
:log_filters => '1:qemu',
|
||||||
|
:tls_priority => 'NORMAL:-VERS-SSL3.0',
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -119,6 +121,7 @@ describe 'nova::compute::libvirt' do
|
||||||
it { is_expected.to contain_nova_config('libvirt/nfs_mount_options').with_value('rw,intr,nolock')}
|
it { is_expected.to contain_nova_config('libvirt/nfs_mount_options').with_value('rw,intr,nolock')}
|
||||||
it { is_expected.to contain_nova_config('libvirt/mem_stats_period_seconds').with_value(20)}
|
it { is_expected.to contain_nova_config('libvirt/mem_stats_period_seconds').with_value(20)}
|
||||||
it { is_expected.to contain_libvirtd_config('log_filters').with_value("\"#{params[:log_filters]}\"")}
|
it { is_expected.to contain_libvirtd_config('log_filters').with_value("\"#{params[:log_filters]}\"")}
|
||||||
|
it { is_expected.to contain_libvirtd_config('tls_priority').with_value("\"#{params[:tls_priority]}\"")}
|
||||||
it {
|
it {
|
||||||
is_expected.to contain_service('libvirt').with(
|
is_expected.to contain_service('libvirt').with(
|
||||||
:name => 'custom_service',
|
:name => 'custom_service',
|
||||||
|
|
Loading…
Reference in New Issue