Deprecate outdated options
- auth_plugin option was deprecated if favor of auth_type - lock_path should be set in oslo_concurrency section Change-Id: I3997dae2bafce3c08fad6e0a820a430db85a0dee
This commit is contained in:
Sergey Kolekonov
@@ -406,9 +406,9 @@ class neutron (
|
||||
'DEFAULT/rpc_backend': value => $rpc_backend;
|
||||
'DEFAULT/api_extensions_path': value => $api_extensions_path;
|
||||
'DEFAULT/state_path': value => $state_path;
|
||||
'DEFAULT/lock_path': value => $lock_path;
|
||||
'DEFAULT/rpc_response_timeout': value => $rpc_response_timeout;
|
||||
'DEFAULT/network_device_mtu': value => $network_device_mtu;
|
||||
'oslo_concurrency/lock_path': value => $lock_path;
|
||||
'agent/root_helper': value => $root_helper;
|
||||
'agent/report_interval': value => $report_interval;
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@
|
||||
# (optional) What auth system to use
|
||||
# Defaults to 'keystone'. Can other be 'noauth'
|
||||
#
|
||||
# [*auth_plugin*]
|
||||
# [*keystone_auth_type*]
|
||||
# (optional) An authentication plugin to use with an OpenStack Identity server.
|
||||
# Defaults to 'password'
|
||||
#
|
||||
@@ -247,13 +247,18 @@
|
||||
# (optional) The password to use for authentication (keystone)
|
||||
# Defaults to false. Set a value unless you are using noauth
|
||||
#
|
||||
# [*auth_plugin*]
|
||||
# Deprecated. keystone_auth_type should be used instead
|
||||
# An authentication plugin to use with an OpenStack Identity server.
|
||||
# Defaults to $::os_service_plugin
|
||||
#
|
||||
class neutron::server (
|
||||
$package_ensure = 'present',
|
||||
$enabled = true,
|
||||
$manage_service = true,
|
||||
$service_name = $::neutron::params::server_service,
|
||||
$auth_type = 'keystone',
|
||||
$auth_plugin = 'password',
|
||||
$keystone_auth_type = 'password',
|
||||
$auth_uri = 'http://localhost:5000/',
|
||||
$auth_url = 'http://localhost:35357/',
|
||||
$username = 'neutron',
|
||||
@@ -297,6 +302,7 @@ class neutron::server (
|
||||
$auth_tenant = 'services',
|
||||
$auth_user = 'neutron',
|
||||
$identity_uri = 'http://localhost:35357/',
|
||||
$auth_plugin = $::os_service_default,
|
||||
) inherits ::neutron::params {
|
||||
|
||||
include ::neutron::db
|
||||
@@ -401,7 +407,7 @@ class neutron::server (
|
||||
|
||||
warning('The lock_path parameter is deprecated. Use the lock_path parameter on the base neutron class instead.')
|
||||
|
||||
Neutron_config <| title == 'DEFAULT/lock_path' |> {
|
||||
Neutron_config <| title == 'oslo_concurrency/lock_path' |> {
|
||||
value => $lock_path,
|
||||
}
|
||||
}
|
||||
@@ -466,7 +472,6 @@ class neutron::server (
|
||||
|
||||
neutron_config {
|
||||
'keystone_authtoken/auth_url': value => $auth_url;
|
||||
'keystone_authtoken/auth_plugin': value => $auth_plugin;
|
||||
'keystone_authtoken/tenant_name': value => $tenant_name;
|
||||
'keystone_authtoken/username': value => $username;
|
||||
'keystone_authtoken/password': value => $password, secret => true;
|
||||
@@ -486,6 +491,17 @@ class neutron::server (
|
||||
'filter:authtoken/admin_password': ensure => absent;
|
||||
'filter:authtoken/identity_uri': ensure => absent;
|
||||
}
|
||||
|
||||
if ! is_service_default ($auth_plugin) and ($auth_plugin) {
|
||||
warning('auth_plugin parameter is deprecated, keystone_auth_type should be used instead')
|
||||
neutron_config {
|
||||
'keystone_authtoken/auth_plugin': value => $auth_plugin;
|
||||
}
|
||||
} else {
|
||||
neutron_config {
|
||||
'keystone_authtoken/auth_type': value => $keystone_auth_type;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -35,8 +35,9 @@
|
||||
# currently).
|
||||
# Defaults to 'http://127.0.0.1:8774/v2'
|
||||
#
|
||||
# [*auth_plugin*]
|
||||
# (optional) An authentication plugin to use with an OpenStack Identity server.
|
||||
# [*auth_type*]
|
||||
# (optional) An authentication type to use with an OpenStack Identity server.
|
||||
# The value should contain auth plugin name
|
||||
# Defaults to 'password'
|
||||
#
|
||||
# [*username*]
|
||||
@@ -111,13 +112,18 @@
|
||||
# one region.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*auth_plugin*]
|
||||
# Deprecated. auth_type should be used instead
|
||||
# An authentication plugin to use with an OpenStack Identity server.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
|
||||
class neutron::server::notifications (
|
||||
$notify_nova_on_port_status_changes = true,
|
||||
$notify_nova_on_port_data_changes = true,
|
||||
$send_events_interval = $::os_service_default,
|
||||
$nova_url = 'http://127.0.0.1:8774/v2',
|
||||
$auth_plugin = 'password',
|
||||
$auth_type = 'password',
|
||||
$username = 'nova',
|
||||
$password = false,
|
||||
$tenant_id = $::os_service_default,
|
||||
@@ -134,6 +140,7 @@ class neutron::server::notifications (
|
||||
$nova_admin_tenant_id = $::os_service_default,
|
||||
$nova_admin_password = false,
|
||||
$nova_region_name = $::os_service_default,
|
||||
$auth_plugin = $::os_service_default,
|
||||
) {
|
||||
|
||||
# Depend on the specified keystone_user resource, if it exists.
|
||||
@@ -175,7 +182,6 @@ class neutron::server::notifications (
|
||||
|
||||
if $password {
|
||||
neutron_config {
|
||||
'nova/auth_plugin': value => $auth_plugin;
|
||||
'nova/auth_url': value => $auth_url;
|
||||
'nova/username': value => $username;
|
||||
'nova/password': value => $password, secret => true;
|
||||
@@ -184,6 +190,16 @@ class neutron::server::notifications (
|
||||
'nova/user_domain_id': value => $user_domain_id;
|
||||
'nova/region_name': value => $region_name;
|
||||
}
|
||||
if ! is_service_default ($auth_plugin) and ($auth_plugin) {
|
||||
warning('auth_plugin parameter is deprecated, auth_type should be used instead')
|
||||
neutron_config {
|
||||
'nova/auth_plugin': value => $auth_plugin;
|
||||
}
|
||||
} else {
|
||||
neutron_config {
|
||||
'nova/auth_type': value => $auth_type;
|
||||
}
|
||||
}
|
||||
if ! is_service_default ($tenant_id) {
|
||||
if $tenant_id {
|
||||
neutron_config {
|
||||
|
||||
@@ -132,7 +132,7 @@ describe 'neutron' do
|
||||
is_expected.to contain_neutron_config('DEFAULT/api_extensions_path').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_neutron_config('DEFAULT/control_exchange').with_value('neutron')
|
||||
is_expected.to contain_neutron_config('DEFAULT/state_path').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_neutron_config('DEFAULT/lock_path').with_value('$state_path/lock')
|
||||
is_expected.to contain_neutron_config('oslo_concurrency/lock_path').with_value('$state_path/lock')
|
||||
is_expected.to contain_neutron_config('DEFAULT/rpc_response_timeout').with_value( '<SERVICE DEFAULT>' )
|
||||
is_expected.to contain_neutron_config('agent/root_helper').with_value('sudo neutron-rootwrap /etc/neutron/rootwrap.conf')
|
||||
is_expected.to contain_neutron_config('agent/report_interval').with_value('<SERVICE DEFAULT>')
|
||||
@@ -403,7 +403,7 @@ describe 'neutron' do
|
||||
)}
|
||||
it {
|
||||
is_expected.to contain_neutron_config('DEFAULT/state_path').with_value('state_path')
|
||||
is_expected.to contain_neutron_config('DEFAULT/lock_path').with_value('lock_path')
|
||||
is_expected.to contain_neutron_config('oslo_concurrency/lock_path').with_value('lock_path')
|
||||
}
|
||||
end
|
||||
|
||||
|
||||
@@ -25,7 +25,7 @@ describe 'neutron::server::notifications' do
|
||||
:notify_nova_on_port_status_changes => true,
|
||||
:notify_nova_on_port_data_changes => true,
|
||||
:nova_url => 'http://127.0.0.1:8774/v2',
|
||||
:auth_plugin => 'password',
|
||||
:auth_type => 'password',
|
||||
:username => 'nova',
|
||||
:tenant_name => 'services',
|
||||
:project_domain_id => 'default',
|
||||
@@ -60,6 +60,7 @@ describe 'neutron::server::notifications' do
|
||||
is_expected.to contain_neutron_config('DEFAULT/notify_nova_on_port_data_changes').with_value(true)
|
||||
is_expected.to contain_neutron_config('DEFAULT/send_events_interval').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_neutron_config('DEFAULT/nova_url').with_value('http://127.0.0.1:8774/v2')
|
||||
is_expected.to contain_neutron_config('nova/auth_type').with_value('password')
|
||||
is_expected.to contain_neutron_config('nova/auth_url').with_value('http://127.0.0.1:35357')
|
||||
is_expected.to contain_neutron_config('nova/username').with_value('nova')
|
||||
is_expected.to contain_neutron_config('nova/password').with_value('secrete')
|
||||
@@ -72,6 +73,7 @@ describe 'neutron::server::notifications' do
|
||||
is_expected.not_to contain_neutron_config('DEFAULT/nova_admin_password')
|
||||
is_expected.not_to contain_neutron_config('DEFAULT/nova_admin_password')
|
||||
is_expected.not_to contain_neutron_config('DEFAULT/nova_admin_tenant_id')
|
||||
is_expected.not_to contain_neutron_config('nova/auth_plugin')
|
||||
end
|
||||
|
||||
context 'when overriding parameters' do
|
||||
@@ -82,7 +84,7 @@ describe 'neutron::server::notifications' do
|
||||
:send_events_interval => '10',
|
||||
:nova_url => 'http://nova:8774/v3',
|
||||
:auth_url => 'http://keystone:35357/v2.0',
|
||||
:auth_plugin => 'v2.password',
|
||||
:auth_type => 'v2password',
|
||||
:username => 'joe',
|
||||
:region_name => 'MyRegion',
|
||||
:tenant_id => 'UUID2'
|
||||
@@ -94,7 +96,7 @@ describe 'neutron::server::notifications' do
|
||||
is_expected.to contain_neutron_config('DEFAULT/send_events_interval').with_value('10')
|
||||
is_expected.to contain_neutron_config('DEFAULT/nova_url').with_value('http://nova:8774/v3')
|
||||
is_expected.to contain_neutron_config('nova/auth_url').with_value('http://keystone:35357/v2.0')
|
||||
is_expected.to contain_neutron_config('nova/auth_plugin').with_value('v2.password')
|
||||
is_expected.to contain_neutron_config('nova/auth_type').with_value('v2password')
|
||||
is_expected.to contain_neutron_config('nova/username').with_value('joe')
|
||||
is_expected.to contain_neutron_config('nova/password').with_value('secrete')
|
||||
is_expected.to contain_neutron_config('nova/password').with_secret( true )
|
||||
@@ -128,6 +130,18 @@ describe 'neutron::server::notifications' do
|
||||
end
|
||||
end
|
||||
|
||||
context 'when auth_plugin is provided' do
|
||||
before :each do
|
||||
params.merge!(
|
||||
:auth_plugin => 'v3password',
|
||||
)
|
||||
end
|
||||
it 'should configure auth_plugin for nova notifications' do
|
||||
is_expected.to contain_neutron_config('nova/auth_plugin').with_value('v3password')
|
||||
is_expected.not_to contain_neutron_config('nova/auth_type')
|
||||
end
|
||||
end
|
||||
|
||||
context 'when no nova_admin_password or password is specified' do
|
||||
before :each do
|
||||
params.merge!({
|
||||
|
||||
@@ -7,13 +7,13 @@ describe 'neutron::server' do
|
||||
end
|
||||
|
||||
let :params do
|
||||
{ :password => 'passw0rd',
|
||||
:username => 'neutron',
|
||||
:auth_plugin => 'password',
|
||||
:project_domain_id => 'Default',
|
||||
:project_name => 'services',
|
||||
:user_domain_id => 'Default',
|
||||
:tenant_name => 'services' }
|
||||
{ :password => 'passw0rd',
|
||||
:username => 'neutron',
|
||||
:keystone_auth_type => 'password',
|
||||
:project_domain_id => 'Default',
|
||||
:project_name => 'services',
|
||||
:user_domain_id => 'Default',
|
||||
:tenant_name => 'services' }
|
||||
end
|
||||
|
||||
let :default_params do
|
||||
@@ -51,7 +51,7 @@ describe 'neutron::server' do
|
||||
it { is_expected.to contain_class('neutron::policy') }
|
||||
|
||||
it 'configures authentication middleware' do
|
||||
is_expected.to contain_neutron_config('keystone_authtoken/auth_plugin').with_value(p[:auth_plugin]);
|
||||
is_expected.to contain_neutron_config('keystone_authtoken/auth_type').with_value(p[:keystone_auth_type]);
|
||||
is_expected.to contain_neutron_config('keystone_authtoken/tenant_name').with_value(p[:tenant_name]);
|
||||
is_expected.to contain_neutron_config('keystone_authtoken/username').with_value(p[:username]);
|
||||
is_expected.to contain_neutron_config('keystone_authtoken/password').with_value(p[:password]);
|
||||
@@ -174,7 +174,7 @@ describe 'neutron::server' do
|
||||
end
|
||||
it 'should override state_path and lock_path from base class' do
|
||||
is_expected.to contain_neutron_config('DEFAULT/state_path').with_value(p[:state_path])
|
||||
is_expected.to contain_neutron_config('DEFAULT/lock_path').with_value(p[:lock_path])
|
||||
is_expected.to contain_neutron_config('oslo_concurrency/lock_path').with_value(p[:lock_path])
|
||||
end
|
||||
end
|
||||
|
||||
@@ -192,6 +192,16 @@ describe 'neutron::server' do
|
||||
is_expected.to contain_neutron_config('qos/notification_drivers').with_value('message_queue')
|
||||
end
|
||||
end
|
||||
|
||||
context 'with deprecated auth_plugin parameter' do
|
||||
before :each do
|
||||
params.merge!(:auth_plugin => 'v2password')
|
||||
end
|
||||
it 'should configure auth_plugin' do
|
||||
is_expected.to contain_neutron_config('keystone_authtoken/auth_plugin').with_value('v2password')
|
||||
is_expected.not_to contain_neutron_config('keystone_authtoken/auth_type')
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
shared_examples_for 'a neutron server with broken authentication' do
|
||||
@@ -275,12 +285,12 @@ describe 'neutron::server' do
|
||||
end
|
||||
before do
|
||||
params.merge!({
|
||||
:auth_uri => 'https://foo.bar:5000/',
|
||||
:auth_url => 'https://foo.bar:35357/v3',
|
||||
:auth_plugin => 'v3password',
|
||||
:project_domain_id => 'non_default',
|
||||
:project_name => 'new_services',
|
||||
:user_domain_id => 'non_default'
|
||||
:auth_uri => 'https://foo.bar:5000/',
|
||||
:auth_url => 'https://foo.bar:35357/v3',
|
||||
:keystone_auth_type => 'v3password',
|
||||
:project_domain_id => 'non_default',
|
||||
:project_name => 'new_services',
|
||||
:user_domain_id => 'non_default'
|
||||
})
|
||||
end
|
||||
it 'configures keystone authentication params' do
|
||||
|
||||
Reference in New Issue
Block a user