diff --git a/manifests/api.pp b/manifests/api.pp index dc1392e37..4fb90bb43 100644 --- a/manifests/api.pp +++ b/manifests/api.pp @@ -11,6 +11,7 @@ # * admin_tenant_name # * admin_user # * enabled_apis +# * quantum_metadata_proxy_shared_secret # class nova::api( $admin_password, @@ -27,7 +28,8 @@ class nova::api( $enabled_apis = 'ec2,osapi_compute,metadata', $volume_api_class = 'nova.volume.cinder.API', $workers = $::processorcount, - $sync_db = true + $sync_db = true, + $quantum_metadata_proxy_shared_secret = undef ) { include nova::params @@ -62,6 +64,19 @@ class nova::api( 'DEFAULT/osapi_compute_workers': value => $workers; } + if ($quantum_metadata_proxy_shared_secret){ + nova_config { + 'DEFAULT/service_quantum_metadata_proxy': value => true; + 'DEFAULT/quantum_metadata_proxy_shared_secret': + value => $quantum_metadata_proxy_shared_secret; + } + } else { + nova_config { + 'DEFAULT/service_quantum_metadata_proxy': value => false; + 'DEFAULT/quantum_metadata_proxy_shared_secret': ensure => absent; + } + } + nova_paste_api_ini { 'filter:authtoken/auth_host': value => $auth_host; 'filter:authtoken/auth_port': value => $auth_port; diff --git a/spec/classes/nova_api_spec.rb b/spec/classes/nova_api_spec.rb index ff179ad37..09bb2f655 100644 --- a/spec/classes/nova_api_spec.rb +++ b/spec/classes/nova_api_spec.rb @@ -63,6 +63,10 @@ describe 'nova::api' do it { should contain_nova_config('DEFAULT/osapi_compute_listen').with('value' => '0.0.0.0') } it { should contain_nova_config('DEFAULT/metadata_listen').with('value' => '0.0.0.0') } it { should contain_nova_config('DEFAULT/osapi_volume_listen').with('value' => '0.0.0.0') } + it 'should unconfigure quantum_metadata proxy' do + should contain_nova_config('DEFAULT/service_quantum_metadata_proxy').with('value' => false) + should contain_nova_config('DEFAULT/quantum_metadata_proxy_shared_secret').with('ensure' => 'absent') + end end describe 'with params' do let :facts do @@ -73,16 +77,17 @@ describe 'nova::api' do end let :params do { - :auth_strategy => 'foo', - :auth_host => '10.0.0.1', - :auth_port => 1234, - :auth_protocol => 'https', - :admin_tenant_name => 'service2', - :admin_user => 'nova2', - :admin_password => 'passw0rd2', - :api_bind_address => '192.168.56.210', - :metadata_listen => '127.0.0.1', - :volume_api_class => 'nova.volume.cinder.API' + :auth_strategy => 'foo', + :auth_host => '10.0.0.1', + :auth_port => 1234, + :auth_protocol => 'https', + :admin_tenant_name => 'service2', + :admin_user => 'nova2', + :admin_password => 'passw0rd2', + :api_bind_address => '192.168.56.210', + :metadata_listen => '127.0.0.1', + :volume_api_class => 'nova.volume.cinder.API', + :quantum_metadata_proxy_shared_secret => 'secrete', } end it 'should use default params for api-paste.init' do @@ -104,6 +109,8 @@ describe 'nova::api' do it { should contain_nova_config('DEFAULT/metadata_listen').with('value' => '127.0.0.1') } it { should contain_nova_config('DEFAULT/osapi_volume_listen').with('value' => '192.168.56.210') } it { should contain_nova_config('DEFAULT/osapi_compute_workers').with('value' => '5') } + it { should contain_nova_config('DEFAULT/service_quantum_metadata_proxy').with('value' => 'true') } + it { should contain_nova_config('DEFAULT/quantum_metadata_proxy_shared_secret').with('value' => 'secrete') } end end describe 'on rhel' do