Allow to configure snmpd_config

Expose a new Puppet parameter to snmp profile, ``snmpd_config`` which
is an array definded to undef by default.
It can be used to override all snmpd configuration for advanced
deployments.
If used, all parameters have to be configured included users and
passwords, which should be the same as given to snmpd_password
and snmpd_user. There is no logic that will verify the content
of ``snmpd_config``.

Example of hieradata which configures snmpd_config:
  snmpd_config:
    - 'createUser ro_snmp_user MD5 "secrete"',
    - 'rouser ro_snmp_user'
    - 'proc neutron-server'
    - 'proc nova-api'

Depends-On: I5c322b3f5350261b58ef065bd3ded0369cadbc4c
Change-Id: Ief2518d5e47137215a34e9ae3b35c27c87fa6e08
Closes-Bug: #1720868
This commit is contained in:
Emilien Macchi 2017-10-02 13:47:10 -07:00
parent 5007f9d7c9
commit c211ba78ca
4 changed files with 132 additions and 11 deletions

View File

@ -52,3 +52,8 @@ mod 'opendaylight',
mod 'ssh', mod 'ssh',
:git => 'https://github.com/saz/puppet-ssh', :git => 'https://github.com/saz/puppet-ssh',
:ref => 'v3.0.1' :ref => 'v3.0.1'
mod 'snmp',
:git => 'https://github.com/razorsedge/puppet-snmp',
:ref => 'master'

View File

@ -18,6 +18,20 @@
# #
# === Parameters # === Parameters
# #
# [*snmpd_config*]
# An array of snmp config.
# Example:
# snmpd_config:
# - 'createUser ro_snmp_user MD5 "secrete"',
# - 'rouser ro_snmp_user'
# - 'proc neutron-server'
# - 'proc nova-api'
# Note: since we give total freedom to configure snmpd_config and don't
# verify the content, the user will have to ensure that the parameters
# related to user / password in the array, are the same given to
# THT via SnmpdReadonlyUserName and SnmpdReadonlyUserPassword.
# Defaults to undef.
#
# [*snmpd_password*] # [*snmpd_password*]
# The SNMP password # The SNMP password
# Defaults to hiera('snmpd_readonly_user_password') # Defaults to hiera('snmpd_readonly_user_password')
@ -32,6 +46,7 @@
# Defaults to hiera('step') # Defaults to hiera('step')
# #
class tripleo::profile::base::snmp ( class tripleo::profile::base::snmp (
$snmpd_config = undef,
$snmpd_password = hiera('snmpd_readonly_user_password'), $snmpd_password = hiera('snmpd_readonly_user_password'),
$snmpd_user = hiera('snmpd_readonly_user_name'), $snmpd_user = hiera('snmpd_readonly_user_name'),
$step = Integer(hiera('step')), $step = Integer(hiera('step')),
@ -41,17 +56,24 @@ class tripleo::profile::base::snmp (
authtype => 'MD5', authtype => 'MD5',
authpass => $snmpd_password, authpass => $snmpd_password,
} }
class { '::snmp': if $snmpd_config {
snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']), validate_array($snmpd_config)
join(['rouser ', $snmpd_user]), class { '::snmp':
'proc cron', snmpd_config => $snmpd_config,
'includeAllDisks 10%', }
'master agentx', } else {
'trapsink localhost public', class { '::snmp':
'iquerySecName internalUser', snmpd_config => [ join(['createUser ', $snmpd_user, ' MD5 "', $snmpd_password, '"']),
'rouser internalUser', join(['rouser ', $snmpd_user]),
'defaultMonitors yes', 'proc cron',
'linkUpDownNotifications yes' ], 'includeAllDisks 10%',
'master agentx',
'trapsink localhost public',
'iquerySecName internalUser',
'rouser internalUser',
'defaultMonitors yes',
'linkUpDownNotifications yes' ],
}
} }
} }
} }

View File

@ -0,0 +1,11 @@
---
features:
- |
Expose a new Puppet parameter to snmp profile, ``snmpd_config`` which
is an array definded to undef by default.
It can be used to override all snmpd configuration for advanced
deployments.
If used, all parameters have to be configured included users and
passwords, which should be the same as given to snmpd_password
and snmpd_user. There is no logic that will verify the content
of ``snmpd_config``.

View File

@ -0,0 +1,83 @@
#
# Copyright (C) 2017 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
require 'spec_helper'
describe 'tripleo::profile::base::snmp' do
shared_examples_for 'tripleo::profile::base::snmp' do
context 'with default configuration' do
let :params do
{
:snmpd_user => 'ro_snmp_user',
:snmpd_password => 'secrete',
:step => 4,
}
end
it 'should configure snmpd' do
is_expected.to contain_class('snmp').with(
:snmpd_config => [
'createUser ro_snmp_user MD5 "secrete"',
'rouser ro_snmp_user',
'proc cron',
'includeAllDisks 10%',
'master agentx',
'trapsink localhost public',
'iquerySecName internalUser',
'rouser internalUser',
'defaultMonitors yes',
'linkUpDownNotifications yes',
]
)
end
end
context 'with snmpd_config setting' do
let :params do
{
:snmpd_user => 'ro_snmp_user',
:snmpd_password => 'secrete',
:snmpd_config => [
'createUser ro_snmp_user MD5 "secrete"',
'rouser ro_snmp_user',
'proc neutron-server',
],
:step => 4,
}
end
it 'should configure snmpd with custom parameters' do
is_expected.to contain_class('snmp').with(
:snmpd_config => [
'createUser ro_snmp_user MD5 "secrete"',
'rouser ro_snmp_user',
'proc neutron-server',
]
)
end
end
end
on_supported_os.each do |os, facts|
context "on #{os}" do
let(:facts) {
facts
}
it_behaves_like 'tripleo::profile::base::snmp'
end
end
end