proxy: Support options to enable SSL
Swift has built-in feature to enable SSL for proxy-server. Add support for the options to use this feature so that we can test deployment with SSL enabled for swift. Change-Id: I9dc2b1fb752b2e4bf27ce252b724ae9220053cd2
This commit is contained in:
Takashi Kajinami
parent
80db22c066
commit
84c31437c0
@ -10,6 +10,14 @@
|
||||
# (optional) The port to which the proxy server will bind.
|
||||
# Defaults to 8080.
|
||||
#
|
||||
# [*cert_file*]
|
||||
# (optional) Certificate file to use for HTTPS
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*key_file*]
|
||||
# (optional) Key file to use for HTTPS
|
||||
# Defaults to $facts['os_service_default'].
|
||||
#
|
||||
# [*pipeline*]
|
||||
# (optional) The list of elements of the swift proxy pipeline.
|
||||
# Currently supports healthcheck, cache, proxy-server, and
|
||||
@ -188,6 +196,8 @@
|
||||
class swift::proxy(
|
||||
$proxy_local_net_ip,
|
||||
$port = '8080',
|
||||
$cert_file = $facts['os_service_default'],
|
||||
$key_file = $facts['os_service_default'],
|
||||
Swift::Pipeline $pipeline = [
|
||||
'catch_errors', 'gatekeeper', 'healthcheck', 'proxy-logging', 'cache',
|
||||
'listing_formats', 'tempauth', 'copy', 'proxy-logging', 'proxy-server'],
|
||||
@ -271,6 +281,8 @@ class swift::proxy(
|
||||
swift_proxy_config {
|
||||
'DEFAULT/bind_port': value => $port;
|
||||
'DEFAULT/bind_ip': value => $proxy_local_net_ip;
|
||||
'DEFAULT/cert_file': value => $cert_file;
|
||||
'DEFAULT/key_file': value => $key_file;
|
||||
'DEFAULT/workers': value => $workers;
|
||||
'DEFAULT/user': value => $::swift::params::user;
|
||||
'DEFAULT/log_name': value => $log_name;
|
||||
|
||||
5
releasenotes/notes/proxy-ssl-f9ca617598b2a1a3.yaml
Normal file
5
releasenotes/notes/proxy-ssl-f9ca617598b2a1a3.yaml
Normal file
@ -0,0 +1,5 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
The ``cert_file`` parameter and the ``key_file`` parameter have been added
|
||||
to the ``swift::proxy`` class.
|
||||
@ -57,6 +57,8 @@ describe 'swift::proxy' do
|
||||
it { should contain_service('swift-proxy-server').that_notifies('Anchor[swift::service::end]') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/bind_port').with_value('8080') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/bind_ip').with_value('127.0.0.1') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/cert_file').with_value('<SERVICE DEFAULT>') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/key_file').with_value('<SERVICE DEFAULT>') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/workers').with_value('2') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/user').with_value('swift') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/log_name').with_value('proxy-server') }
|
||||
@ -136,6 +138,8 @@ describe 'swift::proxy' do
|
||||
{
|
||||
:proxy_local_net_ip => '10.0.0.2',
|
||||
:port => '80',
|
||||
:cert_file => '/path/to/cert',
|
||||
:key_file => '/path/to/key',
|
||||
:workers => 3,
|
||||
:pipeline => ['swauth', 'proxy-server'],
|
||||
:allow_account_management => false,
|
||||
@ -166,6 +170,8 @@ describe 'swift::proxy' do
|
||||
|
||||
it { should contain_swift_proxy_config('DEFAULT/bind_port').with_value('80') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/bind_ip').with_value('10.0.0.2') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/cert_file').with_value('/path/to/cert') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/key_file').with_value('/path/to/key') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/workers').with_value('3') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/user').with_value('swift') }
|
||||
it { should contain_swift_proxy_config('DEFAULT/log_name').with_value('swift-proxy-server') }
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user