diff --git a/deployment/snmp/snmp-baremetal-puppet.yaml b/deployment/snmp/snmp-baremetal-puppet.yaml index 55aa82eb15..f7b40f45c1 100644 --- a/deployment/snmp/snmp-baremetal-puppet.yaml +++ b/deployment/snmp/snmp-baremetal-puppet.yaml @@ -29,6 +29,10 @@ parameters: description: Mapping of service endpoint -> protocol. Typically set via parameter_defaults in the resource registry. type: json + SnmpdReadonlyUserAuthType: + default: MD5 + description: The user auth type for SNMPd with readonly rights running on all Overcloud nodes + type: string SnmpdReadonlyUserName: default: ro_snmp_user description: The user name for SNMPd with readonly rights running on all Overcloud nodes @@ -80,6 +84,7 @@ outputs: proto: 'udp' source: <%net_cidr%> config_settings: + tripleo::profile::base::snmp::snmpd_auth_type: {get_param: SnmpdReadonlyUserAuthType} tripleo::profile::base::snmp::snmpd_user: {get_param: SnmpdReadonlyUserName} tripleo::profile::base::snmp::snmpd_password: {get_param: SnmpdReadonlyUserPassword} snmp::agentaddress: {get_param: SnmpdBindHost} diff --git a/releasenotes/notes/add-authtype-for-snmp-readonly-user-c90c9e5a12c92893.yaml b/releasenotes/notes/add-authtype-for-snmp-readonly-user-c90c9e5a12c92893.yaml new file mode 100644 index 0000000000..daffc088bd --- /dev/null +++ b/releasenotes/notes/add-authtype-for-snmp-readonly-user-c90c9e5a12c92893.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + Add parameter to set the auth type for the snmpd_user. Possible options are + MD5 (which is what was hardcoded before and is the default now) and SHA. This + should be set to SHA on FIPS environments.