diff --git a/Puppetfile_extras b/Puppetfile_extras index 2db2c5473..8655ca424 100644 --- a/Puppetfile_extras +++ b/Puppetfile_extras @@ -52,3 +52,8 @@ mod 'opendaylight', mod 'ssh', :git => 'https://github.com/saz/puppet-ssh', :ref => 'v3.0.1' + +mod 'snmp', + :git => 'https://github.com/razorsedge/puppet-snmp', + :ref => 'master' + diff --git a/manifests/profile/base/snmp.pp b/manifests/profile/base/snmp.pp index ecef5ae21..6c26e1c48 100644 --- a/manifests/profile/base/snmp.pp +++ b/manifests/profile/base/snmp.pp @@ -18,6 +18,20 @@ # # === Parameters # +# [*snmpd_config*] +# An array of snmp config. +# Example: +# snmpd_config: +# - 'createUser ro_snmp_user MD5 "secrete"', +# - 'rouser ro_snmp_user' +# - 'proc neutron-server' +# - 'proc nova-api' +# Note: since we give total freedom to configure snmpd_config and don't +# verify the content, the user will have to ensure that the parameters +# related to user / password in the array, are the same given to +# THT via SnmpdReadonlyUserName and SnmpdReadonlyUserPassword. +# Defaults to undef. +# # [*snmpd_password*] # The SNMP password # Defaults to hiera('snmpd_readonly_user_password') @@ -32,6 +46,7 @@ # Defaults to hiera('step') # class tripleo::profile::base::snmp ( + $snmpd_config = undef, $snmpd_password = hiera('snmpd_readonly_user_password'), $snmpd_user = hiera('snmpd_readonly_user_name'), $step = Integer(hiera('step')), @@ -41,17 +56,24 @@ class tripleo::profile::base::snmp ( authtype => 'MD5', authpass => $snmpd_password, } - class { '::snmp': - snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), - join(['rouser ', $snmpd_user]), - 'proc cron', - 'includeAllDisks 10%', - 'master agentx', - 'trapsink localhost public', - 'iquerySecName internalUser', - 'rouser internalUser', - 'defaultMonitors yes', - 'linkUpDownNotifications yes' ], + if $snmpd_config { + validate_array($snmpd_config) + class { '::snmp': + snmpd_config => $snmpd_config, + } + } else { + class { '::snmp': + snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), + join(['rouser ', $snmpd_user]), + 'proc cron', + 'includeAllDisks 10%', + 'master agentx', + 'trapsink localhost public', + 'iquerySecName internalUser', + 'rouser internalUser', + 'defaultMonitors yes', + 'linkUpDownNotifications yes' ], + } } } } diff --git a/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml b/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml new file mode 100644 index 000000000..4db033ae5 --- /dev/null +++ b/releasenotes/notes/snmdd_config-db21f3175967be4a.yaml @@ -0,0 +1,11 @@ +--- +features: + - | + Expose a new Puppet parameter to snmp profile, ``snmpd_config`` which + is an array definded to undef by default. + It can be used to override all snmpd configuration for advanced + deployments. + If used, all parameters have to be configured included users and + passwords, which should be the same as given to snmpd_password + and snmpd_user. There is no logic that will verify the content + of ``snmpd_config``. diff --git a/spec/classes/tripleo_profile_base_snmp_spec.rb b/spec/classes/tripleo_profile_base_snmp_spec.rb new file mode 100644 index 000000000..c8a7074f2 --- /dev/null +++ b/spec/classes/tripleo_profile_base_snmp_spec.rb @@ -0,0 +1,83 @@ +# +# Copyright (C) 2017 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# + +require 'spec_helper' + +describe 'tripleo::profile::base::snmp' do + + shared_examples_for 'tripleo::profile::base::snmp' do + context 'with default configuration' do + let :params do + { + :snmpd_user => 'ro_snmp_user', + :snmpd_password => 'secrete', + :step => 4, + } + end + + it 'should configure snmpd' do + is_expected.to contain_class('snmp').with( + :snmpd_config => [ + 'createUser ro_snmp_user MD5 "secrete"', + 'rouser ro_snmp_user', + 'proc cron', + 'includeAllDisks 10%', + 'master agentx', + 'trapsink localhost public', + 'iquerySecName internalUser', + 'rouser internalUser', + 'defaultMonitors yes', + 'linkUpDownNotifications yes', + ] + ) + end + end + context 'with snmpd_config setting' do + let :params do + { + :snmpd_user => 'ro_snmp_user', + :snmpd_password => 'secrete', + :snmpd_config => [ + 'createUser ro_snmp_user MD5 "secrete"', + 'rouser ro_snmp_user', + 'proc neutron-server', + ], + :step => 4, + } + end + + it 'should configure snmpd with custom parameters' do + is_expected.to contain_class('snmp').with( + :snmpd_config => [ + 'createUser ro_snmp_user MD5 "secrete"', + 'rouser ro_snmp_user', + 'proc neutron-server', + ] + ) + end + end + end + + on_supported_os.each do |os, facts| + context "on #{os}" do + let(:facts) { + facts + } + + it_behaves_like 'tripleo::profile::base::snmp' + end + end +end