stackforge/puppet-openstack-cloud
Code Issues Proposed changes

Add support for keepalived authentication

Browse Source 
In some circonstances, if an existing vrrp instance is on the network it
will try to join our vrrp instance, thus adding an authentication method
ensures that we won't face this situation.

Signed-off-by: Sébastien Han <sebastien.han@enovance.com>
This commit is contained in:
Sébastien Han
2014-10-07 12:10:25 +02:00
parent 11b504de35
commit 5baa2b30b1
2 changed files with 53 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
manifests/loadbalancer.pp
View File

@@ -52,6 +52,16 @@
# Should be an array.
# Defaults to false (disabled)
#
# [*keepalived_auth_type*]
# (optional) Authentication method.
# Supported methods are simple Passwd (PASS) or IPSEC AH (AH).
# Defaults to undef
#
# [*keepalived_auth_pass*]
# (optional) Authentication password.
# Password string (up to 8 characters).
# Defaults to undef
#
# [*swift_api*]
# (optional) Enable or not Swift public binding.
# If true, both public and internal will attempt to be created except if vip_internal_ip is set to false (backward compatibility).
@@ -193,6 +203,8 @@ class cloud::loadbalancer(
$keepalived_public_ipvs = ['127.0.0.1'],
$keepalived_internal_interface = 'eth1',
$keepalived_internal_ipvs = [],
$keepalived_auth_type = undef,
$keepalived_auth_pass = undef,
$ceilometer_bind_options = [],
$cinder_bind_options = [],
$ec2_bind_options = [],
@@ -286,6 +298,8 @@ class cloud::loadbalancer(
state => $keepalived_state,
track_script => ['haproxy'],
priority => $keepalived_priority,
auth_type => $keepalived_auth_type,
auth_pass => $keepalived_auth_pass,
notify_master => '"/etc/init.d/haproxy start"',
notify_backup => '"/etc/init.d/haproxy stop"',
}
@@ -302,6 +316,8 @@ class cloud::loadbalancer(
state => $keepalived_state,
track_script => ['haproxy'],
priority => $keepalived_priority,
auth_type => $keepalived_auth_type,
auth_pass => $keepalived_auth_pass,
notify_master => '"/etc/init.d/haproxy start"',
notify_backup => '"/etc/init.d/haproxy stop"',
}

10
spec/classes/cloud_loadbalancer_spec.rb
View File

@@ -62,6 +62,8 @@ describe 'cloud::loadbalancer' do
:keepalived_vrrp_interface => false,
:keepalived_public_interface => 'eth0',
:keepalived_public_ipvs => ['10.0.0.1', '10.0.0.2'],
:keepalived_auth_type => 'PASS',
:keepalived_auth_pass => 'secret',
:horizon_port => '80',
:spice_port => '6082',
:vip_public_ip => '10.0.0.1',
@@ -111,6 +113,8 @@ describe 'cloud::loadbalancer' do
'track_script' => ['haproxy'],
'state' => 'BACKUP',
'priority' => params[:keepalived_priority],
'auth_type' => 'PASS',
'auth_pass' => 'secret',
'notify_master' => '"/etc/init.d/haproxy start"',
'notify_backup' => '"/etc/init.d/haproxy stop"',
})
@@ -133,6 +137,8 @@ describe 'cloud::loadbalancer' do
'track_script' => ['haproxy'],
'state' => 'BACKUP',
'priority' => params[:keepalived_priority],
'auth_type' => 'PASS',
'auth_pass' => 'secret',
'notify_master' => '"/etc/init.d/haproxy start"',
'notify_backup' => '"/etc/init.d/haproxy stop"',
})
@@ -158,6 +164,8 @@ describe 'cloud::loadbalancer' do
'track_script' => ['haproxy'],
'state' => params[:keepalived_state],
'priority' => params[:keepalived_priority],
'auth_type' => 'PASS',
'auth_pass' => 'secret',
'notify_master' => '"/etc/init.d/haproxy start"',
'notify_backup' => '"/etc/init.d/haproxy stop"',
})
@@ -177,6 +185,8 @@ describe 'cloud::loadbalancer' do
'track_script' => ['haproxy'],
'state' => 'MASTER',
'priority' => params[:keepalived_priority],
'auth_type' => 'PASS',
'auth_pass' => 'secret',
'notify_master' => '"/etc/init.d/haproxy start"',
'notify_backup' => '"/etc/init.d/haproxy stop"',
})