Merge "Add TLS options to oslo.cache"
This commit is contained in:
commit
09f3403974
|
@ -113,6 +113,39 @@
|
|||
# client connection. (integer value)
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*tls_enabled*]
|
||||
# (Optional) Global toggle for TLS usage when comunicating with
|
||||
# the caching servers.
|
||||
# Default to $::os_service_default
|
||||
#
|
||||
# [*tls_cafile*]
|
||||
# (Optional) Path to a file of concatenated CA certificates in PEM
|
||||
# format necessary to establish the caching server's authenticity.
|
||||
# If tls_enabled is False, this option is ignored.
|
||||
# Default to $::os_service_default
|
||||
#
|
||||
# [*tls_certfile*]
|
||||
# (Optional) Path to a single file in PEM format containing the
|
||||
# client's certificate as well as any number of CA certificates
|
||||
# needed to establish the certificate's authenticity. This file
|
||||
# is only required when client side authentication is necessary.
|
||||
# If tls_enabled is False, this option is ignored.
|
||||
# Default to $::os_service_default
|
||||
#
|
||||
# [*tls_keyfile*]
|
||||
# (Optional) Path to a single file containing the client's private
|
||||
# key in. Otherwhise the private key will be taken from the file
|
||||
# specified in tls_certfile. If tls_enabled is False, this option
|
||||
# is ignored.
|
||||
# Default to $::os_service_default
|
||||
#
|
||||
# [*tls_allowed_ciphers*]
|
||||
# (Optional) Set the available ciphers for sockets created with
|
||||
# the TLS context. It should be a string in the OpenSSL cipher
|
||||
# list format. If not specified, all OpenSSL enabled ciphers will
|
||||
# be available.
|
||||
# Default to $::os_service_default
|
||||
#
|
||||
# [*manage_backend_package*]
|
||||
# (Optional) Whether to install the backend package.
|
||||
# Defaults to true.
|
||||
|
@ -131,6 +164,11 @@ define oslo::cache(
|
|||
$memcache_pool_maxsize = $::os_service_default,
|
||||
$memcache_pool_unused_timeout = $::os_service_default,
|
||||
$memcache_pool_connection_get_timeout = $::os_service_default,
|
||||
$tls_enabled = $::os_service_default,
|
||||
$tls_cafile = $::os_service_default,
|
||||
$tls_certfile = $::os_service_default,
|
||||
$tls_keyfile = $::os_service_default,
|
||||
$tls_allowed_ciphers = $::os_service_default,
|
||||
$manage_backend_package = true,
|
||||
){
|
||||
|
||||
|
@ -183,6 +221,11 @@ define oslo::cache(
|
|||
'cache/memcache_pool_maxsize' => { value => $memcache_pool_maxsize },
|
||||
'cache/memcache_pool_unused_timeout' => { value => $memcache_pool_unused_timeout },
|
||||
'cache/memcache_pool_connection_get_timeout' => { value => $memcache_pool_connection_get_timeout },
|
||||
'cache/tls_enabled' => { value => $tls_enabled },
|
||||
'cache/tls_cafile' => { value => $tls_cafile },
|
||||
'cache/tls_certfile' => { value => $tls_certfile },
|
||||
'cache/tls_keyfile' => { value => $tls_keyfile },
|
||||
'cache/tls_allowed_ciphers' => { value => $tls_allowed_ciphers },
|
||||
}
|
||||
|
||||
create_resources($name, $cache_options)
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
Add TLS options to oslo.cache
|
|
@ -21,6 +21,11 @@ describe 'oslo::cache' do
|
|||
is_expected.to contain_keystone_config('cache/memcache_pool_maxsize').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('cache/memcache_pool_connection_get_timeout').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('cache/tls_enabled').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('cache/tls_cafile').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('cache/tls_certfile').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('cache/tls_keyfile').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_keystone_config('cache/tls_allowed_ciphers').with_value('<SERVICE DEFAULT>')
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -40,6 +45,11 @@ describe 'oslo::cache' do
|
|||
:memcache_pool_maxsize => '10',
|
||||
:memcache_pool_unused_timeout => '60',
|
||||
:memcache_pool_connection_get_timeout => '10',
|
||||
:tls_enabled => false,
|
||||
:tls_cafile => nil,
|
||||
:tls_certfile => nil,
|
||||
:tls_keyfile => nil,
|
||||
:tls_allowed_ciphers => nil,
|
||||
}
|
||||
end
|
||||
|
||||
|
@ -57,6 +67,11 @@ describe 'oslo::cache' do
|
|||
is_expected.to contain_keystone_config('cache/memcache_pool_maxsize').with_value('10')
|
||||
is_expected.to contain_keystone_config('cache/memcache_pool_unused_timeout').with_value('60')
|
||||
is_expected.to contain_keystone_config('cache/memcache_pool_connection_get_timeout').with_value('10')
|
||||
is_expected.to contain_keystone_config('cache/tls_enabled').with_value('false')
|
||||
is_expected.to contain_keystone_config('cache/tls_cafile').with_value('nil')
|
||||
is_expected.to contain_keystone_config('cache/tls_certfile').with_value('nil')
|
||||
is_expected.to contain_keystone_config('cache/tls_keyfile').with_value('nil')
|
||||
is_expected.to contain_keystone_config('cache/tls_allowed_ciphers').with_value('nil')
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue