Add clients configurations for Heat
This commit adds some clients configurations for Heat into cookbook so that they are configurable. Change-Id: Ie8db8238cd75e99bd4c6942a82f1734777c91966 Closes-Bug: #1381907
This commit is contained in:
parent
241b22cca4
commit
d1d2c9c7ad
|
@ -11,6 +11,7 @@ This file is used to list changes made in each version of cookbook-openstack-orc
|
||||||
* Add attributes for stack role and domain users
|
* Add attributes for stack role and domain users
|
||||||
* Bump Chef gem to 11.16
|
* Bump Chef gem to 11.16
|
||||||
* Create role and domain setup for heat template defined users
|
* Create role and domain setup for heat template defined users
|
||||||
|
* Add cert_file, key_file, ca_file and insecure for clients so that they are configurable.
|
||||||
|
|
||||||
## 9.2.0
|
## 9.2.0
|
||||||
* python_packages database client attributes have been migrated to
|
* python_packages database client attributes have been migrated to
|
||||||
|
|
|
@ -83,6 +83,13 @@ Attributes for the Heat service are in the ['openstack']['orchestration'] namesp
|
||||||
* `openstack['orchestration']['api']['auth']['cafile']` - A PEM encoded Certificate Authority to use when verifying HTTPs connections.
|
* `openstack['orchestration']['api']['auth']['cafile']` - A PEM encoded Certificate Authority to use when verifying HTTPs connections.
|
||||||
* `openstack['orchestration']['api']['auth']['insecure']` - Whether to allow the client to perform insecure SSL (https) requests.
|
* `openstack['orchestration']['api']['auth']['insecure']` - Whether to allow the client to perform insecure SSL (https) requests.
|
||||||
|
|
||||||
|
Clients configurations
|
||||||
|
----------------------
|
||||||
|
* `openstack['orchestration']['clients']['ca_file']` - A PEM encoded Certificate Authority to use for clients when verifying HTTPs connections.
|
||||||
|
* `openstack['orchestration']['clients']['cert_file']` - Cert file to use for clients when verifying HTTPs connections.
|
||||||
|
* `openstack['orchestration']['clients']['key_file']` - Private key file to use for clients when verifying HTTPs connections.
|
||||||
|
* `openstack['orchestration']['clients']['insecure']` - Whether to allow insecure SSL (https) requests when calling clients.
|
||||||
|
|
||||||
Notification definitions
|
Notification definitions
|
||||||
------------------------
|
------------------------
|
||||||
* `openstack['orchestration']['notification_driver']` - driver
|
* `openstack['orchestration']['notification_driver']` - driver
|
||||||
|
|
|
@ -42,6 +42,15 @@ default['openstack']['orchestration']['service_role'] = 'admin'
|
||||||
|
|
||||||
default['openstack']['orchestration']['api']['auth']['version'] = node['openstack']['api']['auth']['version']
|
default['openstack']['orchestration']['api']['auth']['version'] = node['openstack']['api']['auth']['version']
|
||||||
|
|
||||||
|
# A PEM encoded Certificate Authority to use for clients when verifying HTTPs connections.
|
||||||
|
default['openstack']['orchestration']['clients']['ca_file'] = nil
|
||||||
|
# Cert file to use for clients when verifying HTTPs connections.
|
||||||
|
default['openstack']['orchestration']['clients']['cert_file'] = nil
|
||||||
|
# Private key file to use for clients when verifying HTTPs connections.
|
||||||
|
default['openstack']['orchestration']['clients']['key_file'] = nil
|
||||||
|
# Whether to allow insecure SSL (https) requests when calling clients.
|
||||||
|
default['openstack']['orchestration']['clients']['insecure'] = false
|
||||||
|
|
||||||
# A list of memcached server(s) for caching
|
# A list of memcached server(s) for caching
|
||||||
default['openstack']['orchestration']['api']['auth']['memcached_servers'] = nil
|
default['openstack']['orchestration']['api']['auth']['memcached_servers'] = nil
|
||||||
|
|
||||||
|
|
|
@ -192,6 +192,29 @@ shared_examples 'expects to create heat conf' do
|
||||||
expect(chef_run).to render_file(file.name).with_content(/^insecure=false$/)
|
expect(chef_run).to render_file(file.name).with_content(/^insecure=false$/)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe 'default values for certificates files' do
|
||||||
|
it 'has no such values' do
|
||||||
|
[
|
||||||
|
/^ca_file=/,
|
||||||
|
/^cert_file=/,
|
||||||
|
/^key_file=/
|
||||||
|
].each do |line|
|
||||||
|
expect(chef_run).not_to render_file(file.name).with_content(line)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'sets clients ca_file cert_file key_file insecure' do
|
||||||
|
node.set['openstack']['orchestration']['clients']['ca_file'] = 'dir/to/path'
|
||||||
|
node.set['openstack']['orchestration']['clients']['cert_file'] = 'dir/to/path'
|
||||||
|
node.set['openstack']['orchestration']['clients']['key_file'] = 'dir/to/path'
|
||||||
|
node.set['openstack']['orchestration']['clients']['insecure'] = true
|
||||||
|
expect(chef_run).to render_file(file.name).with_content(%r{^ca_file=dir/to/path$})
|
||||||
|
expect(chef_run).to render_file(file.name).with_content(%r{^cert_file=dir/to/path$})
|
||||||
|
expect(chef_run).to render_file(file.name).with_content(%r{^key_file=dir/to/path$})
|
||||||
|
expect(chef_run).to render_file(file.name).with_content(/^insecure=true$/)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'default values' do
|
describe 'default values' do
|
||||||
it 'has default conf values' do
|
it 'has default conf values' do
|
||||||
[
|
[
|
||||||
|
|
|
@ -603,19 +603,32 @@ log_config = /etc/openstack/logging.conf
|
||||||
|
|
||||||
# Optional CA cert file to use in SSL connections. (string
|
# Optional CA cert file to use in SSL connections. (string
|
||||||
# value)
|
# value)
|
||||||
|
<% if node['openstack']['orchestration']['clients']['ca_file'] -%>
|
||||||
|
ca_file=<%= node['openstack']['orchestration']['clients']['ca_file'] %>
|
||||||
|
<% else -%>
|
||||||
#ca_file=<None>
|
#ca_file=<None>
|
||||||
|
<% end -%>
|
||||||
|
|
||||||
# Optional PEM-formatted certificate chain file. (string
|
# Optional PEM-formatted certificate chain file. (string
|
||||||
# value)
|
# value)
|
||||||
|
<% if node['openstack']['orchestration']['clients']['cert_file'] -%>
|
||||||
|
cert_file=<%= node['openstack']['orchestration']['clients']['cert_file'] %>
|
||||||
|
<% else -%>
|
||||||
#cert_file=<None>
|
#cert_file=<None>
|
||||||
|
<% end -%>
|
||||||
|
|
||||||
# Optional PEM-formatted file that contains the private key.
|
# Optional PEM-formatted file that contains the private key.
|
||||||
# (string value)
|
# (string value)
|
||||||
|
<% if node['openstack']['orchestration']['clients']['key_file'] -%>
|
||||||
|
key_file=<%= node['openstack']['orchestration']['clients']['key_file'] %>
|
||||||
|
<% else -%>
|
||||||
#key_file=<None>
|
#key_file=<None>
|
||||||
|
<% end -%>
|
||||||
|
|
||||||
# If set, then the server's certificate will not be verified.
|
# If set, then the server's certificate will not be verified.
|
||||||
# (boolean value)
|
# (boolean value)
|
||||||
#insecure=false
|
#insecure=false
|
||||||
|
insecure=<%= node['openstack']['orchestration']['clients']['insecure'] %>
|
||||||
|
|
||||||
|
|
||||||
[clients_ceilometer]
|
[clients_ceilometer]
|
||||||
|
|
Loading…
Reference in New Issue