Merge "Use service credential parameters to define keystone v3 auth"
This commit is contained in:
commit
8ef84388ff
examples
manifests
releasenotes/notes
spec/classes
@ -19,7 +19,22 @@ class { 'trove::db::mysql':
|
||||
class { 'trove':
|
||||
database_connection => 'mysql://trove:secrete@10.0.0.1/trove?charset=utf8',
|
||||
default_transport_url => 'rabbit://trove:an_even_bigger_secret@10.0.0.1:5672/trove',
|
||||
nova_proxy_admin_pass => 'novapass',
|
||||
}
|
||||
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
|
||||
class { 'trove::task_manager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
|
||||
class { 'trove::guestagent::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
|
||||
class { 'trove::api':
|
||||
|
@ -119,16 +119,14 @@ class trove::api(
|
||||
include trove::db
|
||||
include trove::db::sync
|
||||
include trove::params
|
||||
include trove::api::service_credentials
|
||||
|
||||
# basic service config
|
||||
trove_config {
|
||||
'DEFAULT/bind_host': value => $bind_host;
|
||||
'DEFAULT/bind_port': value => $bind_port;
|
||||
'DEFAULT/backlog': value => $backlog;
|
||||
'DEFAULT/trove_api_workers': value => $workers;
|
||||
'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user;
|
||||
'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass;
|
||||
'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name;
|
||||
'DEFAULT/bind_host': value => $bind_host;
|
||||
'DEFAULT/bind_port': value => $bind_port;
|
||||
'DEFAULT/backlog': value => $backlog;
|
||||
'DEFAULT/trove_api_workers': value => $workers;
|
||||
}
|
||||
|
||||
if $::trove::single_tenant_mode {
|
||||
@ -154,11 +152,6 @@ class trove::api(
|
||||
|
||||
if $auth_strategy == 'keystone' {
|
||||
include trove::keystone::authtoken
|
||||
|
||||
$trove_auth_url = "${regsubst($::trove::keystone::authtoken::www_authenticate_uri, '(\/v3$|\/v2.0$|\/$)', '')}/v3"
|
||||
trove_config {
|
||||
'DEFAULT/trove_auth_url' : value => $trove_auth_url;
|
||||
}
|
||||
}
|
||||
|
||||
# SSL Options
|
||||
@ -203,14 +196,6 @@ class trove::api(
|
||||
purge => $purge_config,
|
||||
}
|
||||
|
||||
# region name
|
||||
if $::trove::os_region_name {
|
||||
trove_config { 'DEFAULT/os_region_name': value => $::trove::os_region_name }
|
||||
}
|
||||
else {
|
||||
trove_config {'DEFAULT/os_region_name': ensure => absent }
|
||||
}
|
||||
|
||||
# services type
|
||||
trove_config {
|
||||
'DEFAULT/nova_compute_service_type': value => $::trove::nova_compute_service_type;
|
||||
|
71
manifests/api/service_credentials.pp
Normal file
71
manifests/api/service_credentials.pp
Normal file
@ -0,0 +1,71 @@
|
||||
# The trove::api::service_credentials class helps configure auth settings
|
||||
#
|
||||
# == Parameters
|
||||
# [*auth_url*]
|
||||
# (optional) the keystone public endpoint
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*region_name*]
|
||||
# (optional) the keystone region of this node
|
||||
# Optional. Defaults to 'RegionOne'
|
||||
#
|
||||
# [*username*]
|
||||
# (optional) the keystone user for trove services
|
||||
# Defaults to 'trove'
|
||||
#
|
||||
# [*password*]
|
||||
# (required) the keystone password for trove services
|
||||
#
|
||||
# [*project_name*]
|
||||
# (optional) the keystone tenant name for trove services
|
||||
# Defaults to 'services'
|
||||
#
|
||||
# [*project_domain_name*]
|
||||
# (optional) the keystone project domain name for trove services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
# [*user_domain_name*]
|
||||
# (optional) the keystone user domain name for trove services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
class trove::api::service_credentials (
|
||||
$password = $::os_service_default,
|
||||
$auth_url = undef,
|
||||
$region_name = 'RegionOne',
|
||||
$username = 'trove',
|
||||
$project_name = 'services',
|
||||
$project_domain_name = 'Default',
|
||||
$user_domain_name = 'Default',
|
||||
) {
|
||||
|
||||
include trove::deps
|
||||
|
||||
if $auth_url == undef {
|
||||
warning('The auto detection of auth_url from www_authenticate_uri will be \
|
||||
removed in a future release. Please set trove::api::service_credentials::auth_url .')
|
||||
$auth_url_base = pick($::trove::keystone::authtoken::www_authenticate_uri, 'http://127.0.0.1:5000/v3')
|
||||
} else {
|
||||
$auth_url_base = $auth_url
|
||||
}
|
||||
$auth_url_real = "${regsubst($auth_url_base, '(\/v3$|\/v2.0$|\/$)', '')}/v3"
|
||||
|
||||
$username_real = pick($::trove::nova_proxy_admin_user, $username)
|
||||
$password_real = pick($::trove::nova_proxy_admin_pass, $password)
|
||||
$project_name_real = pick($::trove::nova_proxy_tenant_name, $project_name)
|
||||
$region_name_real = pick($::trove::os_region_name, $region_name)
|
||||
|
||||
if is_service_default($password_real) {
|
||||
fail('trove::api::service_credentials::password should be set')
|
||||
}
|
||||
|
||||
trove_config {
|
||||
'service_credentials/auth_url': value => $auth_url_real;
|
||||
'service_credentials/username': value => $username_real;
|
||||
'service_credentials/password': value => $password_real, secret => true;
|
||||
'service_credentials/project_name': value => $project_name_real;
|
||||
'service_credentials/project_domain_name': value => $project_domain_name;
|
||||
'service_credentials/user_domain_name': value => $user_domain_name;
|
||||
'service_credentials/region_name': value => $region_name_real;
|
||||
}
|
||||
|
||||
}
|
@ -76,6 +76,7 @@ class trove::conductor(
|
||||
|
||||
include trove::deps
|
||||
include trove::params
|
||||
include trove::conductor::service_credentials
|
||||
|
||||
if $::trove::database_connection {
|
||||
if($::trove::database_connection =~ /mysql:\/\/\S+:\S+@\S+\/\S+/) {
|
||||
@ -95,14 +96,10 @@ class trove::conductor(
|
||||
}
|
||||
|
||||
# basic service config
|
||||
$trove_auth_url = "${regsubst($auth_url, '(\/v3$|\/v2.0$|\/$)', '')}/v3"
|
||||
trove_conductor_config {
|
||||
'DEFAULT/trove_auth_url': value => $trove_auth_url;
|
||||
'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user;
|
||||
'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name;
|
||||
'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass;
|
||||
'DEFAULT/trove_conductor_workers': value => $workers;
|
||||
'DEFAULT/trove_conductor_workers': value => $workers;
|
||||
}
|
||||
|
||||
# profiler config
|
||||
trove_conductor_config {
|
||||
'profiler/enabled': value => $enable_profiler;
|
||||
|
71
manifests/conductor/service_credentials.pp
Normal file
71
manifests/conductor/service_credentials.pp
Normal file
@ -0,0 +1,71 @@
|
||||
# The trove::conductor::service_credentials class helps configure auth settings
|
||||
#
|
||||
# == Parameters
|
||||
# [*auth_url*]
|
||||
# (optional) the keystone public endpoint
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*region_name*]
|
||||
# (optional) the keystone region of this node
|
||||
# Optional. Defaults to 'RegionOne'
|
||||
#
|
||||
# [*username*]
|
||||
# (optional) the keystone user for trove services
|
||||
# Defaults to 'trove'
|
||||
#
|
||||
# [*password*]
|
||||
# (required) the keystone password for trove services
|
||||
#
|
||||
# [*project_name*]
|
||||
# (optional) the keystone tenant name for trove services
|
||||
# Defaults to 'services'
|
||||
#
|
||||
# [*project_domain_name*]
|
||||
# (optional) the keystone project domain name for trove services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
# [*user_domain_name*]
|
||||
# (optional) the keystone user domain name for trove services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
class trove::conductor::service_credentials (
|
||||
$password = $::os_service_default,
|
||||
$auth_url = undef,
|
||||
$region_name = 'RegionOne',
|
||||
$username = 'trove',
|
||||
$project_name = 'services',
|
||||
$project_domain_name = 'Default',
|
||||
$user_domain_name = 'Default',
|
||||
) {
|
||||
|
||||
include trove::deps
|
||||
|
||||
if $auth_url == undef {
|
||||
warning('The auto detection of auth_url from www_authenticate_uri will be \
|
||||
removed in a future release. Please set trove::conductor::service_credentials::auth_url .')
|
||||
$auth_url_base = pick($::trove::keystone::authtoken::www_authenticate_uri, 'http://127.0.0.1:5000/v3')
|
||||
} else {
|
||||
$auth_url_base = $auth_url
|
||||
}
|
||||
$auth_url_real = "${regsubst($auth_url_base, '(\/v3$|\/v2.0$|\/$)', '')}/v3"
|
||||
|
||||
$username_real = pick($::trove::nova_proxy_admin_user, $username)
|
||||
$password_real = pick($::trove::nova_proxy_admin_pass, $password)
|
||||
$project_name_real = pick($::trove::nova_proxy_tenant_name, $project_name)
|
||||
$region_name_real = pick($::trove::os_region_name, $region_name)
|
||||
|
||||
if is_service_default(password_real) {
|
||||
fail('trove::conductor::service_credentials::password should be set')
|
||||
}
|
||||
|
||||
trove_conductor_config {
|
||||
'service_credentials/auth_url': value => $auth_url_real;
|
||||
'service_credentials/username': value => $username_real;
|
||||
'service_credentials/password': value => $password_real, secret => true;
|
||||
'service_credentials/project_name': value => $project_name_real;
|
||||
'service_credentials/project_domain_name': value => $project_domain_name;
|
||||
'service_credentials/user_domain_name': value => $user_domain_name;
|
||||
'service_credentials/region_name': value => $region_name_real;
|
||||
}
|
||||
|
||||
}
|
@ -38,10 +38,6 @@
|
||||
# (optional) Syslog facility to receive log lines.
|
||||
# Defaults to 'LOG_USER'.
|
||||
#
|
||||
# [*auth_url*]
|
||||
# (optional) Authentication URL.
|
||||
# Defaults to 'http://localhost:5000/v3'.
|
||||
#
|
||||
# [*swift_url*]
|
||||
# (optional) Swift URL. If this is unset in the class, Trove will
|
||||
# lookup the URL using the Keystone catalog.
|
||||
@ -64,12 +60,6 @@
|
||||
# guests need to talk to the rabbit cluster via
|
||||
# a different ssl connection option.
|
||||
#
|
||||
# [*backup_aes_cbc_key*]
|
||||
# (optional) Default OpenSSL aes_cbc key
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*root_grant*]
|
||||
# (optional) Permissions to grant "root" user.
|
||||
# Defaults to $::os_service_default.
|
||||
@ -82,10 +72,20 @@
|
||||
# (optional) Default password Length for root password.
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# [*backup_aes_cbc_key*]
|
||||
# (optional) Default OpenSSL aes_cbc key
|
||||
# Defaults to $::os_service_default.
|
||||
#
|
||||
# DEPRECATED PARAMETERS
|
||||
#
|
||||
# [*control_exchange*]
|
||||
# (Optional) Moved to init.pp. The default exchange to scope topics.
|
||||
# Defaults to undef.
|
||||
#
|
||||
# [*auth_url*]
|
||||
# (optional) Authentication URL.
|
||||
# Defaults to undef.
|
||||
#
|
||||
class trove::guestagent(
|
||||
$enabled = true,
|
||||
$manage_service = true,
|
||||
@ -95,7 +95,6 @@ class trove::guestagent(
|
||||
$log_dir = '/var/log/trove',
|
||||
$use_syslog = $::os_service_default,
|
||||
$log_facility = $::os_service_default,
|
||||
$auth_url = 'http://localhost:5000/v3',
|
||||
$swift_url = $::os_service_default,
|
||||
$swift_service_type = $::os_service_default,
|
||||
$default_transport_url = $::trove::default_transport_url,
|
||||
@ -106,21 +105,20 @@ class trove::guestagent(
|
||||
$backup_aes_cbc_key = $::os_service_default,
|
||||
#Deprecated
|
||||
$control_exchange = undef,
|
||||
$auth_url = undef,
|
||||
) inherits trove {
|
||||
|
||||
include trove::deps
|
||||
include trove::params
|
||||
include trove::guestagent::service_credentials
|
||||
|
||||
if $control_exchange {
|
||||
warning("control_exchange parameter is deprecated. Please use \
|
||||
trove::control_exchange instead.")
|
||||
}
|
||||
|
||||
$trove_auth_url = "${regsubst($auth_url, '(\/v3$|\/v2.0$|\/$)', '')}/v3"
|
||||
|
||||
# basic service config
|
||||
trove_guestagent_config {
|
||||
'DEFAULT/trove_auth_url': value => $trove_auth_url;
|
||||
'DEFAULT/swift_url': value => $swift_url;
|
||||
'DEFAULT/swift_service_type': value => $swift_service_type;
|
||||
'DEFAULT/root_grant': value => $root_grant;
|
||||
@ -135,14 +133,6 @@ trove::control_exchange instead.")
|
||||
rpc_response_timeout => $::trove::rpc_response_timeout,
|
||||
}
|
||||
|
||||
# region name
|
||||
if $::trove::os_region_name {
|
||||
trove_guestagent_config { 'DEFAULT/os_region_name': value => $::trove::os_region_name }
|
||||
}
|
||||
else {
|
||||
trove_guestagent_config { 'DEFAULT/os_region_name': ensure => absent }
|
||||
}
|
||||
|
||||
oslo::messaging::notifications { 'trove_guestagent_config':
|
||||
transport_url => $::trove::notification_transport_url,
|
||||
driver => $::trove::notification_driver,
|
||||
|
65
manifests/guestagent/service_credentials.pp
Normal file
65
manifests/guestagent/service_credentials.pp
Normal file
@ -0,0 +1,65 @@
|
||||
# The trove::guestagent::service_credentials class helps configure auth settings
|
||||
#
|
||||
# == Parameters
|
||||
# [*auth_url*]
|
||||
# (optional) the keystone public endpoint
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*region_name*]
|
||||
# (optional) the keystone region of this node
|
||||
# Optional. Defaults to 'RegionOne'
|
||||
#
|
||||
# [*username*]
|
||||
# (optional) the keystone user for trove services
|
||||
# Defaults to 'trove'
|
||||
#
|
||||
# [*password*]
|
||||
# (required) the keystone password for trove services
|
||||
#
|
||||
# [*project_name*]
|
||||
# (optional) the keystone tenant name for trove services
|
||||
# Defaults to 'services'
|
||||
#
|
||||
# [*project_domain_name*]
|
||||
# (optional) the keystone project domain name for trove services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
# [*user_domain_name*]
|
||||
# (optional) the keystone user domain name for trove services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
class trove::guestagent::service_credentials (
|
||||
$password = $::os_service_default,
|
||||
$auth_url = 'http://127.0.0.1:5000/v3',
|
||||
$region_name = 'RegionOne',
|
||||
$username = 'trove',
|
||||
$project_name = 'services',
|
||||
$project_domain_name = 'Default',
|
||||
$user_domain_name = 'Default',
|
||||
) {
|
||||
|
||||
include trove::deps
|
||||
|
||||
$auth_url_base = pick($::trove::guestagent::auth_url, $auth_url)
|
||||
$auth_url_real = "${regsubst($auth_url_base, '(\/v3$|\/v2.0$|\/$)', '')}/v3"
|
||||
|
||||
$username_real = pick($::trove::nova_proxy_admin_user, $username)
|
||||
$password_real = pick($::trove::nova_proxy_admin_pass, $password)
|
||||
$project_name_real = pick($::trove::nova_proxy_tenant_name, $project_name)
|
||||
$region_name_real = pick($::trove::os_region_name, $region_name)
|
||||
|
||||
if is_service_default(password_real) {
|
||||
fail('trove::guestagent::service_credentials::password should be set')
|
||||
}
|
||||
|
||||
trove_guestagent_config {
|
||||
'service_credentials/auth_url': value => $auth_url_real;
|
||||
'service_credentials/username': value => $username_real;
|
||||
'service_credentials/password': value => $password_real, secret => true;
|
||||
'service_credentials/project_name': value => $project_name_real;
|
||||
'service_credentials/project_domain_name': value => $project_domain_name;
|
||||
'service_credentials/user_domain_name': value => $user_domain_name;
|
||||
'service_credentials/region_name': value => $region_name_real;
|
||||
}
|
||||
|
||||
}
|
@ -196,17 +196,6 @@
|
||||
# (optional) URL without the tenant segment.
|
||||
# Defaults to false.
|
||||
#
|
||||
# [*nova_proxy_admin_user*]
|
||||
# (optional) Admin username used to connect to nova.
|
||||
# Defaults to 'admin'
|
||||
#
|
||||
# [*nova_proxy_admin_pass*]
|
||||
# (required) Admin password used to connect to nova.
|
||||
#
|
||||
# [*nova_proxy_admin_tenant_name*]
|
||||
# (optional) Admin tenant name used to connect to nova.
|
||||
# Defaults to 'admin'
|
||||
#
|
||||
# [*rpc_response_timeout*]
|
||||
# (Optional) Seconds to wait for a response from a call.
|
||||
# Defaults to $::os_service_default
|
||||
@ -227,13 +216,6 @@
|
||||
# (optional) Neutron URL without the tenant segment.
|
||||
# Defaults to false.
|
||||
#
|
||||
# [*os_region_name*]
|
||||
# (optional) Sets the os_region_name flag. For environments with
|
||||
# more than one endpoint per service. If you don't set this and
|
||||
# you have multiple endpoints, you will get Ambiguous Endpoint
|
||||
# exceptions in the trove API service.
|
||||
# Defaults to undef.
|
||||
#
|
||||
# [*nova_compute_service_type*]
|
||||
# (optional) Nova service type to use when searching catalog.
|
||||
# Defaults to 'compute'.
|
||||
@ -296,8 +278,26 @@
|
||||
# (optional) Minimum number of SQL connections to keep open in a pool.
|
||||
# Defaults to: undef.
|
||||
#
|
||||
# [*nova_proxy_admin_user*]
|
||||
# (optional) Admin username used to connect to nova.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*nova_proxy_admin_pass*]
|
||||
# (optional) Admin password used to connect to nova.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*nova_proxy_admin_tenant_name*]
|
||||
# (optional) Admin tenant name used to connect to nova.
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*os_region_name*]
|
||||
# (optional) Sets the os_region_name flag. For environments with
|
||||
# more than one endpoint per service. If you don't set this and
|
||||
# you have multiple endpoints, you will get Ambiguous Endpoint
|
||||
# exceptions in the trove API service.
|
||||
# Defaults to undef.
|
||||
#
|
||||
class trove(
|
||||
$nova_proxy_admin_pass,
|
||||
$default_transport_url = $::os_service_default,
|
||||
$notification_transport_url = $::os_service_default,
|
||||
$notification_driver = $::os_service_default,
|
||||
@ -337,14 +337,11 @@ class trove(
|
||||
$database_max_overflow = undef,
|
||||
$single_tenant_mode = false,
|
||||
$nova_compute_url = false,
|
||||
$nova_proxy_admin_user = 'admin',
|
||||
$nova_proxy_admin_tenant_name = 'admin',
|
||||
$rpc_response_timeout = $::os_service_default,
|
||||
$control_exchange = 'trove',
|
||||
$cinder_url = false,
|
||||
$swift_url = false,
|
||||
$neutron_url = false,
|
||||
$os_region_name = undef,
|
||||
$nova_compute_service_type = 'compute',
|
||||
$cinder_service_type = 'volumev2',
|
||||
$swift_service_type = 'object-store',
|
||||
@ -361,6 +358,10 @@ class trove(
|
||||
$package_ensure = 'present',
|
||||
# DEPRECATED PARAMETERS
|
||||
$database_min_pool_size = undef,
|
||||
$nova_proxy_admin_user = undef,
|
||||
$nova_proxy_admin_pass = undef,
|
||||
$nova_proxy_admin_tenant_name = undef,
|
||||
$os_region_name = undef,
|
||||
) {
|
||||
|
||||
include trove::deps
|
||||
|
@ -107,6 +107,7 @@ class trove::taskmanager(
|
||||
|
||||
include trove::deps
|
||||
include trove::params
|
||||
include trove::taskmanager::service_credentials
|
||||
|
||||
if $default_neutron_networks {
|
||||
warning("trove::taskmanager::default_neutron_networks is deprecated and will be removed in \
|
||||
@ -135,23 +136,9 @@ the future release. Please use trove::default_neutron_networks instead.")
|
||||
}
|
||||
}
|
||||
|
||||
$trove_auth_url = "${regsubst($auth_url, '(\/v3$|\/v2.0$|\/$)', '')}/v3"
|
||||
|
||||
# basic service config
|
||||
trove_taskmanager_config {
|
||||
'DEFAULT/trove_auth_url': value => $trove_auth_url;
|
||||
'DEFAULT/nova_proxy_admin_user': value => $::trove::nova_proxy_admin_user;
|
||||
'DEFAULT/nova_proxy_admin_pass': value => $::trove::nova_proxy_admin_pass;
|
||||
'DEFAULT/nova_proxy_admin_tenant_name': value => $::trove::nova_proxy_admin_tenant_name;
|
||||
'DEFAULT/taskmanager_manager': value => $taskmanager_manager;
|
||||
}
|
||||
|
||||
# region name
|
||||
if $::trove::os_region_name {
|
||||
trove_taskmanager_config { 'DEFAULT/os_region_name': value => $::trove::os_region_name }
|
||||
}
|
||||
else {
|
||||
trove_taskmanager_config {'DEFAULT/os_region_name': ensure => absent }
|
||||
'DEFAULT/taskmanager_manager': value => $taskmanager_manager;
|
||||
}
|
||||
|
||||
# services type
|
||||
|
71
manifests/taskmanager/service_credentials.pp
Normal file
71
manifests/taskmanager/service_credentials.pp
Normal file
@ -0,0 +1,71 @@
|
||||
# The trove::taskmanager::service_credentials class helps configure auth settings
|
||||
#
|
||||
# == Parameters
|
||||
# [*auth_url*]
|
||||
# (optional) the keystone public endpoint
|
||||
# Defaults to undef
|
||||
#
|
||||
# [*region_name*]
|
||||
# (optional) the keystone region of this node
|
||||
# Optional. Defaults to 'RegionOne'
|
||||
#
|
||||
# [*username*]
|
||||
# (optional) the keystone user for trove services
|
||||
# Defaults to 'trove'
|
||||
#
|
||||
# [*password*]
|
||||
# (required) the keystone password for trove services
|
||||
#
|
||||
# [*project_name*]
|
||||
# (optional) the keystone tenant name for trove services
|
||||
# Defaults to 'services'
|
||||
#
|
||||
# [*project_domain_name*]
|
||||
# (optional) the keystone project domain name for trove services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
# [*user_domain_name*]
|
||||
# (optional) the keystone user domain name for trove services
|
||||
# Defaults to 'Default'
|
||||
#
|
||||
class trove::taskmanager::service_credentials (
|
||||
$password = $::os_service_default,
|
||||
$auth_url = undef,
|
||||
$region_name = 'RegionOne',
|
||||
$username = 'trove',
|
||||
$project_name = 'services',
|
||||
$project_domain_name = 'Default',
|
||||
$user_domain_name = 'Default',
|
||||
) {
|
||||
|
||||
include trove::deps
|
||||
|
||||
if $auth_url == undef {
|
||||
warning('The auto detection of auth_url from www_authenticate_uri will be \
|
||||
removed in a future release. Please set trove::taskmanager::service_credentials::auth_url .')
|
||||
$auth_url_base = pick($::trove::keystone::authtoken::www_authenticate_uri, 'http://127.0.0.1:5000/v3')
|
||||
} else {
|
||||
$auth_url_base = $auth_url
|
||||
}
|
||||
$auth_url_real = "${regsubst($auth_url_base, '(\/v3$|\/v2.0$|\/$)', '')}/v3"
|
||||
|
||||
$username_real = pick($::trove::nova_proxy_admin_user, $username)
|
||||
$password_real = pick($::trove::nova_proxy_admin_pass, $password)
|
||||
$project_name_real = pick($::trove::nova_proxy_tenant_name, $project_name)
|
||||
$region_name_real = pick($::trove::os_region_name, $region_name)
|
||||
|
||||
if is_service_default($password_real) {
|
||||
fail('trove::taskmanager::service_credentials::password should be set')
|
||||
}
|
||||
|
||||
trove_taskmanager_config {
|
||||
'service_credentials/auth_url': value => $auth_url_real;
|
||||
'service_credentials/username': value => $username_real;
|
||||
'service_credentials/password': value => $password_real, secret => true;
|
||||
'service_credentials/project_name': value => $project_name_real;
|
||||
'service_credentials/project_domain_name': value => $project_domain_name;
|
||||
'service_credentials/user_domain_name': value => $user_domain_name;
|
||||
'service_credentials/region_name': value => $region_name_real;
|
||||
}
|
||||
|
||||
}
|
29
releasenotes/notes/keystone-v3-auth-1572c6fe82f65b8b.yaml
Normal file
29
releasenotes/notes/keystone-v3-auth-1572c6fe82f65b8b.yaml
Normal file
@ -0,0 +1,29 @@
|
||||
---
|
||||
features:
|
||||
- |
|
||||
The following classes have been added to set parameters to define service
|
||||
credentials.
|
||||
|
||||
- ``trove::api::service_credentials``
|
||||
- ``trove::conductor::service_credentials``
|
||||
- ``trove::guestagent::service_credentials``
|
||||
- ``trove::taskmanager::service_credentials``
|
||||
deprecations:
|
||||
- |
|
||||
The following parameters in ``trove`` class has been deprecated and will
|
||||
be removed in a future release. Use the parameters in ``trove::auth`` class
|
||||
to set required parameters for keystone v3 auth.
|
||||
|
||||
- ``nova_proxy_admin_user``
|
||||
- ``nova_proxy_admin_pass``
|
||||
- ``nova_proxy_admin_tenant_name``
|
||||
- ``os_region_name``
|
||||
|
||||
- |
|
||||
The auto detection of auth_url parameter from www_authenticate_uri is
|
||||
deprecated and will be removed in a future release. Please set
|
||||
auth_url parameter before the detection is removed.
|
||||
|
||||
- |
|
||||
The ``trove::guestagent::auth_url`` parmaeter has been deprecated. Use
|
||||
``trove::taskmanager::service_credentials::auth_url`` instead.
|
73
spec/classes/trove_api_service_credentials_spec.rb
Normal file
73
spec/classes/trove_api_service_credentials_spec.rb
Normal file
@ -0,0 +1,73 @@
|
||||
#
|
||||
# Copyright (C) 2020 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'trove::api::service_credentials' do
|
||||
|
||||
shared_examples 'trove::api::service_credentials' do
|
||||
|
||||
context 'with default parameters' do
|
||||
let :params do
|
||||
{
|
||||
:auth_url => 'http://127.0.0.1:5000/v3',
|
||||
:password => 'verysecrete'
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures service credentials with default parameters' do
|
||||
is_expected.to contain_trove_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_config('service_credentials/username').with_value('trove')
|
||||
is_expected.to contain_trove_config('service_credentials/password').with_value('verysecrete').with_secret(true)
|
||||
is_expected.to contain_trove_config('service_credentials/project_name').with_value('services')
|
||||
is_expected.to contain_trove_config('service_credentials/region_name').with_value('RegionOne')
|
||||
is_expected.to contain_trove_config('service_credentials/user_domain_name').with_value('Default')
|
||||
is_expected.to contain_trove_config('service_credentials/project_domain_name').with_value('Default')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when overriding defaults' do
|
||||
let :params do
|
||||
{
|
||||
:auth_url => 'http://127.0.0.1:5000/v3',
|
||||
:password => 'verysecrete',
|
||||
:username => 'trove2',
|
||||
:project_name => 'services2',
|
||||
:region_name => 'RegionTwo',
|
||||
:user_domain_name => 'MyDomain',
|
||||
:project_domain_name => 'MyDomain',
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures service credentials with default parameters' do
|
||||
is_expected.to contain_trove_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_config('service_credentials/username').with_value('trove2')
|
||||
is_expected.to contain_trove_config('service_credentials/project_name').with_value('services2')
|
||||
is_expected.to contain_trove_config('service_credentials/region_name').with_value('RegionTwo')
|
||||
is_expected.to contain_trove_config('service_credentials/user_domain_name').with_value('MyDomain')
|
||||
is_expected.to contain_trove_config('service_credentials/project_domain_name').with_value('MyDomain')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
:supported_os => OSDefaults.get_supported_os
|
||||
}).each do |os,facts|
|
||||
context "on #{os}" do
|
||||
it_configures 'trove::api::service_credentials'
|
||||
end
|
||||
end
|
||||
|
||||
end
|
@ -31,25 +31,34 @@ describe 'trove::api' do
|
||||
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
os_region_name => 'RegionOne',
|
||||
nova_compute_service_type => 'compute',
|
||||
cinder_service_type => 'volume',
|
||||
swift_service_type => 'object-store',
|
||||
neutron_service_type => 'network',
|
||||
glance_service_type => 'image',
|
||||
nova_compute_endpoint_type => '<SERVICE DEFAULT>',
|
||||
cinder_endpoint_type => '<SERVICE DEFAULT>',
|
||||
swift_endpoint_type => '<SERVICE DEFAULT>',
|
||||
trove_endpoint_type => '<SERVICE DEFAULT>',
|
||||
glance_endpoint_type => '<SERVICE DEFAULT>',
|
||||
neutron_endpoint_type => '<SERVICE DEFAULT>',
|
||||
nova_compute_service_type => 'compute',
|
||||
cinder_service_type => 'volume',
|
||||
swift_service_type => 'object-store',
|
||||
neutron_service_type => 'network',
|
||||
glance_service_type => 'image',
|
||||
nova_compute_endpoint_type => '<SERVICE DEFAULT>',
|
||||
cinder_endpoint_type => '<SERVICE DEFAULT>',
|
||||
swift_endpoint_type => '<SERVICE DEFAULT>',
|
||||
trove_endpoint_type => '<SERVICE DEFAULT>',
|
||||
glance_endpoint_type => '<SERVICE DEFAULT>',
|
||||
neutron_endpoint_type => '<SERVICE DEFAULT>',
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysectrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
end
|
||||
|
||||
it 'includes required classes' do
|
||||
is_expected.to contain_class('trove::deps')
|
||||
is_expected.to contain_class('trove::db')
|
||||
is_expected.to contain_class('trove::db::sync')
|
||||
is_expected.to contain_class('trove::params')
|
||||
is_expected.to contain_class('trove::api::service_credentials')
|
||||
end
|
||||
|
||||
it 'installs trove-api package and service' do
|
||||
is_expected.to contain_service('trove-api').with(
|
||||
:name => platform_params[:api_service_name],
|
||||
@ -69,13 +78,8 @@ describe 'trove::api' do
|
||||
is_expected.to contain_trove_config('DEFAULT/bind_port').with_value('8779')
|
||||
is_expected.to contain_trove_config('DEFAULT/backlog').with_value('4096')
|
||||
is_expected.to contain_trove_config('DEFAULT/trove_api_workers').with_value('8')
|
||||
is_expected.to contain_trove_config('DEFAULT/trove_auth_url').with_value('http://localhost:5000/v3')
|
||||
is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_user').with_value('admin')
|
||||
is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_pass').with_value('verysecrete')
|
||||
is_expected.to contain_trove_config('DEFAULT/nova_proxy_admin_tenant_name').with_value('admin')
|
||||
is_expected.to contain_trove_config('DEFAULT/default_neutron_networks').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_trove_config('DEFAULT/control_exchange').with_value('trove')
|
||||
is_expected.to contain_trove_config('DEFAULT/os_region_name').with_value('RegionOne')
|
||||
is_expected.to contain_trove_config('DEFAULT/nova_compute_service_type').with_value('compute')
|
||||
is_expected.to contain_trove_config('DEFAULT/cinder_service_type').with_value('volume')
|
||||
is_expected.to contain_trove_config('DEFAULT/swift_service_type').with_value('object-store')
|
||||
@ -152,8 +156,11 @@ describe 'trove::api' do
|
||||
context 'with single tenant mode enabled' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
single_tenant_mode => 'true'}
|
||||
single_tenant_mode => 'true'
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
@ -167,8 +174,9 @@ describe 'trove::api' do
|
||||
|
||||
context 'when using a single RabbitMQ server' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
"class { 'trove': }
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
@ -183,13 +191,15 @@ describe 'trove::api' do
|
||||
context 'when using a single RabbitMQ server with enable ha options' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_ha_queues => 'true',
|
||||
amqp_durable_queues => 'true',
|
||||
rabbit_ha_queues => 'true',
|
||||
amqp_durable_queues => 'true',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-api with RabbitMQ' do
|
||||
is_expected.to contain_trove_config('oslo_messaging_rabbit/rabbit_ha_queues').with_value('true')
|
||||
@ -200,8 +210,10 @@ describe 'trove::api' do
|
||||
context 'when using multiple RabbitMQ servers' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_ha_queues => 'true',
|
||||
rabbit_ha_queues => 'true',
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
@ -215,10 +227,12 @@ describe 'trove::api' do
|
||||
context 'when using Neutron' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
use_neutron => true,
|
||||
default_neutron_networks => 'trove_service',
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
@ -237,8 +251,10 @@ describe 'trove::api' do
|
||||
context 'when using Nova Network' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
use_neutron => false
|
||||
use_neutron => false
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
@ -260,12 +276,15 @@ describe 'trove::api' do
|
||||
context 'with SSL enabled with kombu' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_use_ssl => true,
|
||||
kombu_ssl_ca_certs => '/path/to/ssl/ca/certs',
|
||||
kombu_ssl_certfile => '/path/to/ssl/cert/file',
|
||||
kombu_ssl_keyfile => '/path/to/ssl/keyfile',
|
||||
kombu_ssl_version => 'TLSv1'}
|
||||
kombu_ssl_version => 'TLSv1'
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
@ -285,8 +304,11 @@ describe 'trove::api' do
|
||||
context 'with SSL enabled without kombu' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_use_ssl => true}
|
||||
rabbit_use_ssl => true
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
@ -306,8 +328,11 @@ describe 'trove::api' do
|
||||
context 'with SSL disabled' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_use_ssl => false}
|
||||
rabbit_use_ssl => false
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
@ -327,11 +352,14 @@ describe 'trove::api' do
|
||||
context 'with transport_url entries' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
default_transport_url => 'rabbit://rabbit_user:password@localhost:5673',
|
||||
rpc_response_timeout => '120',
|
||||
control_exchange => 'openstack',
|
||||
notification_transport_url => 'rabbit://rabbit_user:password@localhost:5673' }
|
||||
notification_transport_url => 'rabbit://rabbit_user:password@localhost:5673'
|
||||
}
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
@ -347,8 +375,9 @@ describe 'trove::api' do
|
||||
|
||||
context 'with amqp rpc' do
|
||||
let :pre_condition do
|
||||
"class { 'trove' :
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
"class { 'trove': }
|
||||
class { 'trove::api::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
|
73
spec/classes/trove_conductor_service_credentials_spec.rb
Normal file
73
spec/classes/trove_conductor_service_credentials_spec.rb
Normal file
@ -0,0 +1,73 @@
|
||||
#
|
||||
# Copyright (C) 2020 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'trove::conductor::service_credentials' do
|
||||
|
||||
shared_examples 'trove::conductor::service_credentials' do
|
||||
|
||||
context 'with default parameters' do
|
||||
let :params do
|
||||
{
|
||||
:auth_url => 'http://127.0.0.1:5000/v3',
|
||||
:password => 'verysecrete'
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures service credentials with default parameters' do
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/username').with_value('trove')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/password').with_value('verysecrete').with_secret(true)
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/project_name').with_value('services')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/region_name').with_value('RegionOne')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/user_domain_name').with_value('Default')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/project_domain_name').with_value('Default')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when overriding defaults' do
|
||||
let :params do
|
||||
{
|
||||
:auth_url => 'http://127.0.0.1:5000/v3',
|
||||
:password => 'verysecrete',
|
||||
:username => 'trove2',
|
||||
:project_name => 'services2',
|
||||
:region_name => 'RegionTwo',
|
||||
:user_domain_name => 'MyDomain',
|
||||
:project_domain_name => 'MyDomain',
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures service credentials with default parameters' do
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/username').with_value('trove2')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/project_name').with_value('services2')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/region_name').with_value('RegionTwo')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/user_domain_name').with_value('MyDomain')
|
||||
is_expected.to contain_trove_conductor_config('service_credentials/project_domain_name').with_value('MyDomain')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
:supported_os => OSDefaults.get_supported_os
|
||||
}).each do |os,facts|
|
||||
context "on #{os}" do
|
||||
it_configures 'trove::conductor::service_credentials'
|
||||
end
|
||||
end
|
||||
|
||||
end
|
@ -7,8 +7,16 @@ describe 'trove::conductor' do
|
||||
context 'with default parameters' do
|
||||
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete'}"
|
||||
"class { 'trove': }
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it 'includes required classes' do
|
||||
is_expected.to contain_class('trove::deps')
|
||||
is_expected.to contain_class('trove::params')
|
||||
is_expected.to contain_class('trove::conductor::service_credentials')
|
||||
end
|
||||
|
||||
it 'installs trove-conductor package and service' do
|
||||
@ -26,9 +34,6 @@ describe 'trove::conductor' do
|
||||
end
|
||||
|
||||
it 'configures trove-conductor with default parameters' do
|
||||
is_expected.to contain_trove_conductor_config('DEFAULT/nova_proxy_admin_user').with_value('admin')
|
||||
is_expected.to contain_trove_conductor_config('DEFAULT/nova_proxy_admin_pass').with_value('verysecrete')
|
||||
is_expected.to contain_trove_conductor_config('DEFAULT/nova_proxy_admin_tenant_name').with_value('admin')
|
||||
is_expected.to contain_trove_conductor_config('DEFAULT/transport_url').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_trove_conductor_config('DEFAULT/rpc_response_timeout').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_trove_conductor_config('DEFAULT/control_exchange').with_value('trove')
|
||||
@ -60,8 +65,10 @@ describe 'trove::conductor' do
|
||||
context 'with single tenant mode enabled' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
single_tenant_mode => 'true'}
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
@ -75,8 +82,9 @@ describe 'trove::conductor' do
|
||||
|
||||
context 'when using a single RabbitMQ server' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
"class { 'trove': }
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-conductor with RabbitMQ' do
|
||||
@ -88,9 +96,11 @@ describe 'trove::conductor' do
|
||||
context 'when using a single RabbitMQ server with enable ha options' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_ha_queues => 'true',
|
||||
amqp_durable_queues => 'true',
|
||||
rabbit_ha_queues => 'true',
|
||||
amqp_durable_queues => 'true',
|
||||
}
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-api with RabbitMQ' do
|
||||
@ -102,8 +112,10 @@ describe 'trove::conductor' do
|
||||
context 'when using multiple RabbitMQ servers' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_ha_queues => true,
|
||||
rabbit_ha_queues => true,
|
||||
}
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-conductor with RabbitMQ' do
|
||||
@ -114,8 +126,11 @@ describe 'trove::conductor' do
|
||||
context 'when using MySQL' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
database_connection => 'mysql://trove:pass@10.0.0.1/trove'}"
|
||||
database_connection => 'mysql://trove:pass@10.0.0.1/trove'
|
||||
}
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-conductor with RabbitMQ' do
|
||||
is_expected.to contain_trove_conductor_config('database/connection').with_value('mysql://trove:pass@10.0.0.1/trove')
|
||||
@ -148,8 +163,11 @@ describe 'trove::conductor' do
|
||||
context 'with SSL enabled without kombu' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_use_ssl => true}"
|
||||
rabbit_use_ssl => true
|
||||
}
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it do
|
||||
@ -166,8 +184,11 @@ describe 'trove::conductor' do
|
||||
context 'with SSL disabled' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_use_ssl => false}"
|
||||
rabbit_use_ssl => false
|
||||
}
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it do
|
||||
@ -201,8 +222,10 @@ describe 'trove::conductor' do
|
||||
|
||||
context 'with amqp messaging' do
|
||||
let :pre_condition do
|
||||
"class { 'trove' :
|
||||
nova_proxy_admin_pass => 'verysecrete'}"
|
||||
"class { 'trove' : }
|
||||
class { 'trove::conductor::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it do
|
||||
|
70
spec/classes/trove_guestagent_service_credentials_spec.rb
Normal file
70
spec/classes/trove_guestagent_service_credentials_spec.rb
Normal file
@ -0,0 +1,70 @@
|
||||
#
|
||||
# Copyright (C) 2020 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'trove::guestagent::service_credentials' do
|
||||
|
||||
shared_examples 'trove::guestagent::service_credentials' do
|
||||
|
||||
context 'with default parameters' do
|
||||
let :params do
|
||||
{ :password => 'verysecrete' }
|
||||
end
|
||||
|
||||
it 'configures service credentials with default parameters' do
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/username').with_value('trove')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/password').with_value('verysecrete').with_secret(true)
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/project_name').with_value('services')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/region_name').with_value('RegionOne')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/user_domain_name').with_value('Default')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/project_domain_name').with_value('Default')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when overriding defaults' do
|
||||
let :params do
|
||||
{
|
||||
:auth_url => 'http://127.0.0.1:5000/v3',
|
||||
:password => 'verysecrete',
|
||||
:username => 'trove2',
|
||||
:project_name => 'services2',
|
||||
:region_name => 'RegionTwo',
|
||||
:user_domain_name => 'MyDomain',
|
||||
:project_domain_name => 'MyDomain',
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures service credentials with default parameters' do
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/username').with_value('trove2')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/project_name').with_value('services2')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/region_name').with_value('RegionTwo')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/user_domain_name').with_value('MyDomain')
|
||||
is_expected.to contain_trove_guestagent_config('service_credentials/project_domain_name').with_value('MyDomain')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
:supported_os => OSDefaults.get_supported_os
|
||||
}).each do |os,facts|
|
||||
context "on #{os}" do
|
||||
it_configures 'trove::guestagent::service_credentials'
|
||||
end
|
||||
end
|
||||
|
||||
end
|
@ -8,8 +8,17 @@ describe 'trove::guestagent' do
|
||||
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
os_region_name => 'RegionOne',
|
||||
nova_proxy_admin_pass => 'verysecrete'}"
|
||||
nova_proxy_admin_pass => 'verysecrete'
|
||||
}
|
||||
class { 'trove::guestagent::service_credentials':
|
||||
password => 'verysectrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it 'includes required classes' do
|
||||
is_expected.to contain_class('trove::deps')
|
||||
is_expected.to contain_class('trove::params')
|
||||
is_expected.to contain_class('trove::guestagent::service_credentials')
|
||||
end
|
||||
|
||||
it 'installs trove-guestagent package and service' do
|
||||
@ -27,7 +36,6 @@ describe 'trove::guestagent' do
|
||||
end
|
||||
|
||||
it 'configures trove-guestagent with default parameters' do
|
||||
is_expected.to contain_trove_guestagent_config('DEFAULT/os_region_name').with_value('RegionOne')
|
||||
is_expected.to contain_trove_guestagent_config('DEFAULT/control_exchange').with_value('trove')
|
||||
is_expected.to contain_trove_guestagent_config('DEFAULT/transport_url').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_trove_guestagent_config('DEFAULT/rpc_response_timeout').with_value('<SERVICE DEFAULT>')
|
||||
@ -64,6 +72,9 @@ describe 'trove::guestagent' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
}
|
||||
class { 'trove::guestagent::service_credentials':
|
||||
password => 'verysectrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-guestagent with RabbitMQ' do
|
||||
@ -78,6 +89,9 @@ describe 'trove::guestagent' do
|
||||
rabbit_ha_queues => 'true',
|
||||
rabbit_heartbeat_in_pthread => 'true',
|
||||
amqp_durable_queues => 'true',
|
||||
}
|
||||
class { 'trove::guestagent::service_credentials':
|
||||
password => 'verysectrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-api with RabbitMQ' do
|
||||
@ -92,6 +106,9 @@ describe 'trove::guestagent' do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_ha_queues => true,
|
||||
}
|
||||
class { 'trove::guestagent::service_credentials':
|
||||
password => 'verysectrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-guestagent with RabbitMQ' do
|
||||
@ -105,7 +122,11 @@ describe 'trove::guestagent' do
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
default_transport_url => 'rabbit://user:pass@host:1234/virt',
|
||||
rpc_response_timeout => '120',
|
||||
control_exchange => 'openstack',}"
|
||||
control_exchange => 'openstack',
|
||||
}
|
||||
class { 'trove::guestagent::service_credentials':
|
||||
password => 'verysectrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-guestagent with DEFAULT/transport_url' do
|
||||
is_expected.to contain_trove_guestagent_config('DEFAULT/transport_url').with_value('rabbit://user:pass@host:1234/virt')
|
||||
@ -119,18 +140,21 @@ describe 'trove::guestagent' do
|
||||
context 'with custom parameters' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete'}"
|
||||
nova_proxy_admin_pass => 'verysecrete'
|
||||
}
|
||||
class { 'trove::guestagent::service_credentials':
|
||||
password => 'verysectrete',
|
||||
}"
|
||||
end
|
||||
|
||||
let :params do
|
||||
{ :auth_url => "http://10.0.0.1:5000/",
|
||||
{
|
||||
:swift_url => "http://10.0.0.1:8080/v1/AUTH_",
|
||||
:swift_service_type => 'object-store',
|
||||
:rabbit_use_ssl => 'true'
|
||||
}
|
||||
end
|
||||
it 'configures trove-guestagent with custom parameters' do
|
||||
is_expected.to contain_trove_guestagent_config('DEFAULT/trove_auth_url').with_value('http://10.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_guestagent_config('DEFAULT/swift_url').with_value('http://10.0.0.1:8080/v1/AUTH_')
|
||||
is_expected.to contain_trove_guestagent_config('DEFAULT/swift_service_type').with_value('object-store')
|
||||
is_expected.to contain_oslo__messaging__rabbit('trove_guestagent_config').with(
|
||||
|
73
spec/classes/trove_taskmanager_service_credentials_spec.rb
Normal file
73
spec/classes/trove_taskmanager_service_credentials_spec.rb
Normal file
@ -0,0 +1,73 @@
|
||||
#
|
||||
# Copyright (C) 2020 Red Hat, Inc.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'trove::taskmanager::service_credentials' do
|
||||
|
||||
shared_examples 'trove::taskmanager::service_credentials' do
|
||||
|
||||
context 'with default parameters' do
|
||||
let :params do
|
||||
{
|
||||
:auth_url => 'http://127.0.0.1:5000/v3',
|
||||
:password => 'verysecrete'
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures service credentials with default parameters' do
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/username').with_value('trove')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/password').with_value('verysecrete').with_secret(true)
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/project_name').with_value('services')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/region_name').with_value('RegionOne')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/user_domain_name').with_value('Default')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/project_domain_name').with_value('Default')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when overriding defaults' do
|
||||
let :params do
|
||||
{
|
||||
:auth_url => 'http://127.0.0.1:5000/v3',
|
||||
:password => 'verysecrete',
|
||||
:username => 'trove2',
|
||||
:project_name => 'services2',
|
||||
:region_name => 'RegionTwo',
|
||||
:user_domain_name => 'MyDomain',
|
||||
:project_domain_name => 'MyDomain',
|
||||
}
|
||||
end
|
||||
|
||||
it 'configures service credentials with default parameters' do
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/auth_url').with_value('http://127.0.0.1:5000/v3')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/username').with_value('trove2')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/project_name').with_value('services2')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/region_name').with_value('RegionTwo')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/user_domain_name').with_value('MyDomain')
|
||||
is_expected.to contain_trove_taskmanager_config('service_credentials/project_domain_name').with_value('MyDomain')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
on_supported_os({
|
||||
:supported_os => OSDefaults.get_supported_os
|
||||
}).each do |os,facts|
|
||||
context "on #{os}" do
|
||||
it_configures 'trove::taskmanager::service_credentials'
|
||||
end
|
||||
end
|
||||
|
||||
end
|
@ -27,8 +27,6 @@ describe 'trove::taskmanager' do
|
||||
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
os_region_name => 'RegionOne',
|
||||
nova_compute_service_type => 'compute',
|
||||
cinder_service_type => 'volume',
|
||||
swift_service_type => 'object-store',
|
||||
@ -40,9 +38,19 @@ describe 'trove::taskmanager' do
|
||||
trove_endpoint_type => '<SERVICE DEFAULT>',
|
||||
glance_endpoint_type => '<SERVICE DEFAULT>',
|
||||
neutron_endpoint_type => '<SERVICE DEFAULT>',
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
region_name => 'RegionOne',
|
||||
}"
|
||||
end
|
||||
|
||||
it 'includes required classes' do
|
||||
is_expected.to contain_class('trove::deps')
|
||||
is_expected.to contain_class('trove::params')
|
||||
is_expected.to contain_class('trove::taskmanager::service_credentials')
|
||||
end
|
||||
|
||||
it 'installs trove-taskmanager package and service' do
|
||||
is_expected.to contain_service('trove-taskmanager').with(
|
||||
:name => platform_params[:taskmanager_service_name],
|
||||
@ -58,11 +66,7 @@ describe 'trove::taskmanager' do
|
||||
end
|
||||
|
||||
it 'configures trove-taskmanager with default parameters' do
|
||||
is_expected.to contain_trove_taskmanager_config('DEFAULT/nova_proxy_admin_user').with_value('admin')
|
||||
is_expected.to contain_trove_taskmanager_config('DEFAULT/nova_proxy_admin_pass').with_value('verysecrete')
|
||||
is_expected.to contain_trove_taskmanager_config('DEFAULT/nova_proxy_admin_tenant_name').with_value('admin')
|
||||
is_expected.to contain_trove_taskmanager_config('DEFAULT/default_neutron_networks').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_trove_taskmanager_config('DEFAULT/os_region_name').with_value('RegionOne')
|
||||
is_expected.to contain_trove_taskmanager_config('DEFAULT/nova_compute_service_type').with_value('compute')
|
||||
is_expected.to contain_trove_taskmanager_config('DEFAULT/cinder_service_type').with_value('volume')
|
||||
is_expected.to contain_trove_taskmanager_config('DEFAULT/swift_service_type').with_value('object-store')
|
||||
@ -105,10 +109,13 @@ describe 'trove::taskmanager' do
|
||||
|
||||
context 'when set use_guestagent_template to false' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',}
|
||||
class { 'trove::taskmanager':
|
||||
use_guestagent_template => false,}"
|
||||
"class { 'trove': }
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::taskmanager':
|
||||
use_guestagent_template => false,
|
||||
}"
|
||||
end
|
||||
it 'configures trove-taskmanager with trove::guestagent' do
|
||||
is_expected.to contain_class('trove::guestagent').with(
|
||||
@ -121,8 +128,11 @@ describe 'trove::taskmanager' do
|
||||
context 'with single tenant mode enabled' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
single_tenant_mode => 'true'}
|
||||
single_tenant_mode => 'true'
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::keystone::authtoken':
|
||||
password => 'a_big_secret',
|
||||
}"
|
||||
@ -136,8 +146,9 @@ describe 'trove::taskmanager' do
|
||||
|
||||
context 'when using a single RabbitMQ server' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
"class { 'trove': }
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
"
|
||||
end
|
||||
@ -153,9 +164,11 @@ describe 'trove::taskmanager' do
|
||||
context 'when using a single RabbitMQ server with enable rabbbit ha options' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_ha_queues => 'true',
|
||||
amqp_durable_queues => 'true',
|
||||
rabbit_ha_queues => 'true',
|
||||
amqp_durable_queues => 'true',
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-api with RabbitMQ' do
|
||||
@ -171,8 +184,10 @@ describe 'trove::taskmanager' do
|
||||
context 'when using multiple RabbitMQ servers' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_ha_queues => 'true',
|
||||
rabbit_ha_queues => 'true',
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-taskmanager with RabbitMQ' do
|
||||
@ -186,8 +201,11 @@ describe 'trove::taskmanager' do
|
||||
context 'when using MySQL' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
database_connection => 'mysql://trove:pass@10.0.0.1/trove'}"
|
||||
database_connection => 'mysql://trove:pass@10.0.0.1/trove'
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
it 'configures trove-taskmanager with RabbitMQ' do
|
||||
is_expected.to contain_trove_taskmanager_config('database/connection').with_value('mysql://trove:pass@10.0.0.1/trove')
|
||||
@ -197,8 +215,11 @@ describe 'trove::taskmanager' do
|
||||
context 'when using Neutron' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
use_neutron => true}
|
||||
use_neutron => true
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}
|
||||
class { 'trove::taskmanager':
|
||||
default_neutron_networks => 'trove_service',
|
||||
}
|
||||
@ -220,8 +241,11 @@ describe 'trove::taskmanager' do
|
||||
context 'when using Nova Network' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
use_neutron => false}"
|
||||
use_neutron => false
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
|
||||
end
|
||||
|
||||
@ -238,12 +262,15 @@ describe 'trove::taskmanager' do
|
||||
context 'with SSL enabled with kombu' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_use_ssl => true,
|
||||
kombu_ssl_ca_certs => '/path/to/ssl/ca/certs',
|
||||
kombu_ssl_certfile => '/path/to/ssl/cert/file',
|
||||
kombu_ssl_keyfile => '/path/to/ssl/keyfile',
|
||||
kombu_ssl_version => 'TLSv1'}"
|
||||
kombu_ssl_version => 'TLSv1'
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it do
|
||||
@ -260,8 +287,11 @@ describe 'trove::taskmanager' do
|
||||
context 'with SSL enabled without kombu' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_use_ssl => true}"
|
||||
rabbit_use_ssl => true
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it do
|
||||
@ -278,8 +308,11 @@ describe 'trove::taskmanager' do
|
||||
context 'with SSL disabled' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
rabbit_use_ssl => false}"
|
||||
rabbit_use_ssl => false
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it do
|
||||
@ -296,11 +329,14 @@ describe 'trove::taskmanager' do
|
||||
context 'with transport_url entries' do
|
||||
let :pre_condition do
|
||||
"class { 'trove':
|
||||
nova_proxy_admin_pass => 'verysecrete',
|
||||
default_transport_url => 'rabbit://rabbit_user:password@localhost:5673',
|
||||
rpc_response_timeout => '120',
|
||||
control_exchange => 'openstack',
|
||||
notification_transport_url => 'rabbit://rabbit_user:password@localhost:5673' }"
|
||||
notification_transport_url => 'rabbit://rabbit_user:password@localhost:5673'
|
||||
}
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it do
|
||||
@ -313,8 +349,10 @@ describe 'trove::taskmanager' do
|
||||
|
||||
context 'with amqp messaging' do
|
||||
let :pre_condition do
|
||||
"class { 'trove' :
|
||||
nova_proxy_admin_pass => 'verysecrete'}"
|
||||
"class { 'trove' : }
|
||||
class { 'trove::taskmanager::service_credentials':
|
||||
password => 'verysecrete',
|
||||
}"
|
||||
end
|
||||
|
||||
it do
|
||||
|
Loading…
Reference in New Issue
Block a user