diff --git a/manifests/controller.pp b/manifests/controller.pp index ccc39af..b8e6fde 100644 --- a/manifests/controller.pp +++ b/manifests/controller.pp @@ -5,6 +5,7 @@ # # [public_interface] Public interface used to route public traffic. Required. # [public_address] Public address for public endpoints. Required. +# [public_protocol] Protocol used by public endpoints. Defaults to 'http' # [private_interface] Interface used for vm networking connectivity. Required. # [internal_address] Internal address used for management. Required. # [mysql_root_password] Root password for mysql server. @@ -164,6 +165,7 @@ class openstack::controller ( $keystone_admin_tenant = 'admin', $keystone_bind_address = '0.0.0.0', $region = 'RegionOne', + $public_protocol = 'http', # Glance $glance_registry_host = '0.0.0.0', $glance_db_user = 'glance', @@ -320,6 +322,7 @@ class openstack::controller ( admin_email => $admin_email, admin_password => $admin_password, public_address => $public_address, + public_protocol => $public_protocol, internal_address => $internal_address_real, admin_address => $admin_address_real, region => $region, diff --git a/manifests/keystone.pp b/manifests/keystone.pp index 231a257..a49ff51 100644 --- a/manifests/keystone.pp +++ b/manifests/keystone.pp @@ -14,6 +14,7 @@ # [glance_user_password] Auth password for glance user. Required. # [nova_user_password] Auth password for nova user. Required. # [public_address] Public address where keystone can be accessed. Required. +# [public_protocol] Public protocol over which keystone can be accessed. Defaults to 'http' # [db_type] Type of DB used. Currently only supports mysql. Optional. Defaults to 'mysql' # [db_user] Name of keystone db user. Optional. Defaults to 'keystone' # [db_name] Name of keystone DB. Optional. Defaults to 'keystone' @@ -57,6 +58,7 @@ class openstack::keystone ( $cinder_user_password, $quantum_user_password, $public_address, + $public_protocol = 'http', $db_host = '127.0.0.1', $idle_timeout = '200', $swift_user_password = false, @@ -210,6 +212,7 @@ class openstack::keystone ( # Setup the Keystone Identity Endpoint class { 'keystone::endpoint': public_address => $public_address, + public_protocol => $public_protocol, admin_address => $admin_real, internal_address => $internal_real, region => $region, @@ -220,6 +223,7 @@ class openstack::keystone ( class { 'glance::keystone::auth': password => $glance_user_password, public_address => $glance_public_real, + public_protocol => $public_protocol, admin_address => $glance_admin_real, internal_address => $glance_internal_real, region => $region, @@ -231,6 +235,7 @@ class openstack::keystone ( class { 'nova::keystone::auth': password => $nova_user_password, public_address => $nova_public_real, + public_protocol => $public_protocol, admin_address => $nova_admin_real, internal_address => $nova_internal_real, region => $region, @@ -244,6 +249,7 @@ class openstack::keystone ( class { 'cinder::keystone::auth': password => $cinder_user_password, public_address => $cinder_public_real, + public_protocol => $public_protocol, admin_address => $cinder_admin_real, internal_address => $cinder_internal_real, region => $region, @@ -253,6 +259,7 @@ class openstack::keystone ( class { 'quantum::keystone::auth': password => $quantum_user_password, public_address => $quantum_public_real, + public_protocol => $public_protocol, admin_address => $quantum_admin_real, internal_address => $quantum_internal_real, region => $region, @@ -268,6 +275,7 @@ class openstack::keystone ( class { 'swift::keystone::auth': password => $swift_user_password, public_address => $swift_public_real, + public_protocol => $public_protocol, admin_address => $swift_admin_real, internal_address => $swift_internal_real, address => $swift_public_real, diff --git a/spec/classes/openstack_controller_spec.rb b/spec/classes/openstack_controller_spec.rb index 6faba8b..bc6d9c4 100644 --- a/spec/classes/openstack_controller_spec.rb +++ b/spec/classes/openstack_controller_spec.rb @@ -204,6 +204,7 @@ describe 'openstack::controller' do ) should contain_class('keystone::endpoint').with( :public_address => '10.0.0.1', + :public_protocol => 'http', :internal_address => '127.0.0.1', :admin_address => '127.0.0.1', :region => 'RegionOne' @@ -217,6 +218,7 @@ describe 'openstack::controller' do should contain_class("#{type}::keystone::auth").with( :password => pw, :public_address => '10.0.0.1', + :public_protocol => 'http', :internal_address => '10.0.0.1', :admin_address => '10.0.0.1', :region => 'RegionOne' @@ -254,6 +256,21 @@ describe 'openstack::controller' do should_not contain_class('nova::keystone::auth') end end + + context 'when public_protocol is set to https' do + + let :params do + default_params.merge(:public_protocol => 'https') + end + + it 'should propagate it to the endpoints' do + should contain_class('keystone::endpoint').with(:public_protocol => 'https') + should contain_class('glance::keystone::auth').with(:public_protocol => 'https') + should contain_class('nova::keystone::auth').with(:public_protocol => 'https') + should contain_class('cinder::keystone::auth').with(:public_protocol => 'https') + end + end + end it do