summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJenkins <jenkins@review.openstack.org>2017-06-15 20:21:47 +0000
committerGerrit Code Review <review@openstack.org>2017-06-15 20:21:47 +0000
commitee5366fc5e71d047c1b91af4522a46c6acbef589 (patch)
tree861511ce03c539011536ff31691ad7a96f799042
parent7511c4738cc59303b51a74547750df06048cffc0 (diff)
parentd46db3b9ed053bfa7a647fd44a60993fb267ddc9 (diff)
Merge "Add support for Cinder "NAS secure" driver params" into stable/ocata
-rw-r--r--manifests/profile/base/cinder/volume/netapp.pp2
-rw-r--r--manifests/profile/base/cinder/volume/nfs.pp33
2 files changed, 29 insertions, 6 deletions
diff --git a/manifests/profile/base/cinder/volume/netapp.pp b/manifests/profile/base/cinder/volume/netapp.pp
index fc652c9..43978da 100644
--- a/manifests/profile/base/cinder/volume/netapp.pp
+++ b/manifests/profile/base/cinder/volume/netapp.pp
@@ -59,6 +59,8 @@ class tripleo::profile::base::cinder::volume::netapp (
59 netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef), 59 netapp_storage_pools => hiera('cinder::backend::netapp::netapp_storage_pools', undef),
60 netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef), 60 netapp_eseries_host_type => hiera('cinder::backend::netapp::netapp_eseries_host_type', undef),
61 netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef), 61 netapp_webservice_path => hiera('cinder::backend::netapp::netapp_webservice_path', undef),
62 nas_secure_file_operations => hiera('cinder::backend::netapp::nas_secure_file_operations', undef),
63 nas_secure_file_permissions => hiera('cinder::backend::netapp::nas_secure_file_permissions', undef),
62 } 64 }
63 } 65 }
64 66
diff --git a/manifests/profile/base/cinder/volume/nfs.pp b/manifests/profile/base/cinder/volume/nfs.pp
index 7b1f1b9..e384a79 100644
--- a/manifests/profile/base/cinder/volume/nfs.pp
+++ b/manifests/profile/base/cinder/volume/nfs.pp
@@ -29,6 +29,23 @@
29# (Optional) List of mount options for the NFS share 29# (Optional) List of mount options for the NFS share
30# Defaults to '' 30# Defaults to ''
31# 31#
32# [*cinder_nas_secure_file_operations*]
33# (Optional) Allow network-attached storage systems to operate in a secure
34# environment where root level access is not permitted. If set to False,
35# access is as the root user and insecure. If set to True, access is not as
36# root. If set to auto, a check is done to determine if this is a new
37# installation: True is used if so, otherwise False. Default is auto.
38# Defaults to $::os_service_default
39#
40# [*cinder_nas_secure_file_permissions*]
41# (Optional) Set more secure file permissions on network-attached storage
42# volume files to restrict broad other/world access. If set to False,
43# volumes are created with open permissions. If set to True, volumes are
44# created with permissions for the cinder user and group (660). If set to
45# auto, a check is done to determine if this is a new installation: True is
46# used if so, otherwise False. Default is auto.
47# Defaults to $::os_service_default
48#
32# [*step*] 49# [*step*]
33# (Optional) The current step in deployment. See tripleo-heat-templates 50# (Optional) The current step in deployment. See tripleo-heat-templates
34# for more details. 51# for more details.
@@ -36,9 +53,11 @@
36# 53#
37class tripleo::profile::base::cinder::volume::nfs ( 54class tripleo::profile::base::cinder::volume::nfs (
38 $cinder_nfs_servers, 55 $cinder_nfs_servers,
39 $backend_name = hiera('cinder::backend::nfs::volume_backend_name', 'tripleo_nfs'), 56 $backend_name = hiera('cinder::backend::nfs::volume_backend_name', 'tripleo_nfs'),
40 $cinder_nfs_mount_options = '', 57 $cinder_nfs_mount_options = '',
41 $step = hiera('step'), 58 $cinder_nas_secure_file_operations = $::os_service_default,
59 $cinder_nas_secure_file_permissions = $::os_service_default,
60 $step = hiera('step'),
42) { 61) {
43 include ::tripleo::profile::base::cinder::volume 62 include ::tripleo::profile::base::cinder::volume
44 63
@@ -52,9 +71,11 @@ class tripleo::profile::base::cinder::volume::nfs (
52 71
53 package {'nfs-utils': } -> 72 package {'nfs-utils': } ->
54 cinder::backend::nfs { $backend_name : 73 cinder::backend::nfs { $backend_name :
55 nfs_servers => $cinder_nfs_servers, 74 nfs_servers => $cinder_nfs_servers,
56 nfs_mount_options => $cinder_nfs_mount_options, 75 nfs_mount_options => $cinder_nfs_mount_options,
57 nfs_shares_config => '/etc/cinder/shares-nfs.conf', 76 nfs_shares_config => '/etc/cinder/shares-nfs.conf',
77 nas_secure_file_operations => $cinder_nas_secure_file_operations,
78 nas_secure_file_permissions => $cinder_nas_secure_file_permissions,
58 } 79 }
59 } 80 }
60 81