Merge "Add support for CA authentication in Keystone"
This commit is contained in:
commit
df323d97e6
manifests/agent
spec/classes
@ -14,10 +14,13 @@
|
|||||||
# Keystone password for ceilometer. Optional. Defaults to 'password'
|
# Keystone password for ceilometer. Optional. Defaults to 'password'
|
||||||
#
|
#
|
||||||
# [*auth_tenant_name*]
|
# [*auth_tenant_name*]
|
||||||
# Keystone tenant name for ceilometer. Optional. Defauls to 'services'
|
# Keystone tenant name for ceilometer. Optional. Defaults to 'services'
|
||||||
#
|
#
|
||||||
# [*auth_tenant_id*]
|
# [*auth_tenant_id*]
|
||||||
# Keystone tenant id for ceilometer. Optional. Defaults to ''
|
# Keystone tenant id for ceilometer. Optional. Defaults to empty.
|
||||||
|
#
|
||||||
|
# [*auth_cacert*]
|
||||||
|
# Certificate chain for SSL validation. Optional; Defaults to 'None'
|
||||||
#
|
#
|
||||||
# [*enabled*]
|
# [*enabled*]
|
||||||
# Should the service be enabled. Optional. Defauls to true
|
# Should the service be enabled. Optional. Defauls to true
|
||||||
@ -29,6 +32,7 @@ class ceilometer::agent::central (
|
|||||||
$auth_password = 'password',
|
$auth_password = 'password',
|
||||||
$auth_tenant_name = 'services',
|
$auth_tenant_name = 'services',
|
||||||
$auth_tenant_id = '',
|
$auth_tenant_id = '',
|
||||||
|
$auth_cacert = undef,
|
||||||
$enabled = true,
|
$enabled = true,
|
||||||
) {
|
) {
|
||||||
|
|
||||||
@ -42,6 +46,12 @@ class ceilometer::agent::central (
|
|||||||
name => $::ceilometer::params::agent_central_package_name,
|
name => $::ceilometer::params::agent_central_package_name,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ! $auth_cacert {
|
||||||
|
ceilometer_config { 'DEFAULT/os_cacert': ensure => absent }
|
||||||
|
} else {
|
||||||
|
ceilometer_config { 'DEFAULT/os_cacert': value => $auth_cacert }
|
||||||
|
}
|
||||||
|
|
||||||
if $enabled {
|
if $enabled {
|
||||||
$service_ensure = 'running'
|
$service_ensure = 'running'
|
||||||
} else {
|
} else {
|
||||||
|
@ -26,6 +26,9 @@
|
|||||||
# the keystone tenant id for ceilometer services.
|
# the keystone tenant id for ceilometer services.
|
||||||
# Optional. Defaults to empty.
|
# Optional. Defaults to empty.
|
||||||
#
|
#
|
||||||
|
# [*auth_cacert*]
|
||||||
|
# Certificate chain for SSL validation. Optional; Defaults to 'None'
|
||||||
|
#
|
||||||
# [*enabled*]
|
# [*enabled*]
|
||||||
# should the service be started or not
|
# should the service be started or not
|
||||||
# Optional. Defaults to true
|
# Optional. Defaults to true
|
||||||
@ -37,6 +40,7 @@ class ceilometer::agent::compute (
|
|||||||
$auth_password = 'password',
|
$auth_password = 'password',
|
||||||
$auth_tenant_name = 'services',
|
$auth_tenant_name = 'services',
|
||||||
$auth_tenant_id = '',
|
$auth_tenant_id = '',
|
||||||
|
$auth_cacert = undef,
|
||||||
$enabled = true,
|
$enabled = true,
|
||||||
) inherits ceilometer {
|
) inherits ceilometer {
|
||||||
|
|
||||||
@ -50,6 +54,13 @@ class ceilometer::agent::compute (
|
|||||||
name => $::ceilometer::params::agent_compute_package_name,
|
name => $::ceilometer::params::agent_compute_package_name,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ! $auth_cacert {
|
||||||
|
ceilometer_config { 'DEFAULT/os_cacert': ensure => absent }
|
||||||
|
} else {
|
||||||
|
ceilometer_config { 'DEFAULT/os_cacert': value => $auth_cacert }
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
if $::ceilometer::params::libvirt_group {
|
if $::ceilometer::params::libvirt_group {
|
||||||
User['ceilometer'] {
|
User['ceilometer'] {
|
||||||
groups +> [$::ceilometer::params::libvirt_group]
|
groups +> [$::ceilometer::params::libvirt_group]
|
||||||
|
88
spec/classes/ceilometer_agent_central_spec.rb
Normal file
88
spec/classes/ceilometer_agent_central_spec.rb
Normal file
@ -0,0 +1,88 @@
|
|||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe 'ceilometer::agent::central' do
|
||||||
|
|
||||||
|
let :pre_condition do
|
||||||
|
"class { 'ceilometer': metering_secret => 's3cr3t' }"
|
||||||
|
end
|
||||||
|
|
||||||
|
let :params do
|
||||||
|
{ :auth_url => 'http://localhost:5000/v2.0',
|
||||||
|
:auth_region => 'RegionOne',
|
||||||
|
:auth_user => 'ceilometer',
|
||||||
|
:auth_password => 'password',
|
||||||
|
:auth_tenant_name => 'services',
|
||||||
|
:enabled => true,
|
||||||
|
}
|
||||||
|
end
|
||||||
|
|
||||||
|
shared_examples_for 'ceilometer-agent-central' do
|
||||||
|
|
||||||
|
it { should include_class('ceilometer::params') }
|
||||||
|
|
||||||
|
it 'installs ceilometer-agent-central package' do
|
||||||
|
should contain_package('ceilometer-agent-central').with(
|
||||||
|
:ensure => 'installed',
|
||||||
|
:name => platform_params[:agent_package_name],
|
||||||
|
:before => 'Service[ceilometer-agent-central]'
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'ensures ceilometer-common is installed before the service' do
|
||||||
|
should contain_package('ceilometer-common').with(
|
||||||
|
:before => /Service\[ceilometer-agent-central\]/
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'configures ceilometer-agent-central service' do
|
||||||
|
should contain_service('ceilometer-agent-central').with(
|
||||||
|
:ensure => 'running',
|
||||||
|
:name => platform_params[:agent_service_name],
|
||||||
|
:enable => true,
|
||||||
|
:hasstatus => true,
|
||||||
|
:hasrestart => true
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'configures authentication' do
|
||||||
|
should contain_ceilometer_config('DEFAULT/os_auth_url').with_value('http://localhost:5000/v2.0')
|
||||||
|
should contain_ceilometer_config('DEFAULT/os_auth_region').with_value('RegionOne')
|
||||||
|
should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer')
|
||||||
|
should contain_ceilometer_config('DEFAULT/os_password').with_value('password')
|
||||||
|
should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services')
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when overriding parameters' do
|
||||||
|
before do
|
||||||
|
params.merge!(:auth_cacert => '/tmp/dummy.pem')
|
||||||
|
end
|
||||||
|
it { should contain_ceilometer_config('DEFAULT/os_cacert').with_value(params[:auth_cacert]) }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'on Debian platforms' do
|
||||||
|
let :facts do
|
||||||
|
{ :osfamily => 'Debian' }
|
||||||
|
end
|
||||||
|
|
||||||
|
let :platform_params do
|
||||||
|
{ :agent_package_name => 'ceilometer-agent-central',
|
||||||
|
:agent_service_name => 'ceilometer-agent-central' }
|
||||||
|
end
|
||||||
|
|
||||||
|
it_configures 'ceilometer-agent-central'
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'on RedHat platforms' do
|
||||||
|
let :facts do
|
||||||
|
{ :osfamily => 'RedHat' }
|
||||||
|
end
|
||||||
|
|
||||||
|
let :platform_params do
|
||||||
|
{ :agent_package_name => 'openstack-ceilometer-central',
|
||||||
|
:agent_service_name => 'openstack-ceilometer-central' }
|
||||||
|
end
|
||||||
|
|
||||||
|
it_configures 'ceilometer-agent-central'
|
||||||
|
end
|
||||||
|
end
|
@ -58,6 +58,14 @@ describe 'ceilometer::agent::compute' do
|
|||||||
should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer')
|
should contain_ceilometer_config('DEFAULT/os_username').with_value('ceilometer')
|
||||||
should contain_ceilometer_config('DEFAULT/os_password').with_value('password')
|
should contain_ceilometer_config('DEFAULT/os_password').with_value('password')
|
||||||
should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services')
|
should contain_ceilometer_config('DEFAULT/os_tenant_name').with_value('services')
|
||||||
|
should contain_ceilometer_config('DEFAULT/os_cacert').with(:ensure => 'absent')
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when overriding parameters' do
|
||||||
|
before do
|
||||||
|
params.merge!(:auth_cacert => '/tmp/dummy.pem')
|
||||||
|
end
|
||||||
|
it { should contain_ceilometer_config('DEFAULT/os_cacert').with_value(params[:auth_cacert]) }
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'configures instance usage audit in nova' do
|
it 'configures instance usage audit in nova' do
|
||||||
@ -77,8 +85,7 @@ describe 'ceilometer::agent::compute' do
|
|||||||
:notify => 'Service[nova-compute]'
|
:notify => 'Service[nova-compute]'
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
context 'on Debian platforms' do
|
context 'on Debian platforms' do
|
||||||
let :facts do
|
let :facts do
|
||||||
|
Loading…
x
Reference in New Issue
Block a user