diff --git a/manifests/proxy/authtoken.pp b/manifests/proxy/authtoken.pp index 0a28583f..86c67b0a 100644 --- a/manifests/proxy/authtoken.pp +++ b/manifests/proxy/authtoken.pp @@ -49,6 +49,10 @@ # (Optional) id of domain for $username # Defaults to 'default' # +# [*region_name*] +# (Optional) The region in which the identity server can be found. +# Defaults to $::os_service_default. +# # [*include_service_catalog*] # (Optional) Indicate whether to set the X-Service-Catalog header. If False, # middleware will not ask for service catalog on token validation and will @@ -113,6 +117,7 @@ class swift::proxy::authtoken( $project_name = 'services', $username = 'swift', $password = 'password', + $region_name = $::os_service_default, $include_service_catalog = false, $service_token_roles = $::os_service_default, $service_token_roles_required = $::os_service_default, @@ -177,6 +182,7 @@ class swift::proxy::authtoken( 'filter:authtoken/project_name': value => $project_name_real; 'filter:authtoken/username': value => $username_real; 'filter:authtoken/password': value => $password_real; + 'filter:authtoken/region_name': value => $region_name; 'filter:authtoken/delay_auth_decision': value => $delay_auth_decision; 'filter:authtoken/cache': value => $cache; 'filter:authtoken/include_service_catalog': value => $include_service_catalog; diff --git a/manifests/proxy/ceilometer.pp b/manifests/proxy/ceilometer.pp index 133ab399..c13308ec 100644 --- a/manifests/proxy/ceilometer.pp +++ b/manifests/proxy/ceilometer.pp @@ -75,6 +75,10 @@ # (Optional) The password for the user # Defaults to 'password' # +# [*region_name*] +# (Optional) The region in which the identity server can be found. +# Defaults to $::os_service_default. +# # [*notification_ssl_ca_file*] # (optional) SSL certification authority file (valid only if SSL enabled). # (string value) @@ -129,6 +133,7 @@ class swift::proxy::ceilometer( $project_name = 'services', $username = 'swift', $password = 'password', + $region_name = $::os_service_default, $notification_ssl_ca_file = $::os_service_default, $notification_ssl_cert_file = $::os_service_default, $notification_ssl_key_file = $::os_service_default, @@ -173,6 +178,7 @@ class swift::proxy::ceilometer( 'filter:ceilometer/project_name': value => $project_name; 'filter:ceilometer/username': value => $username; 'filter:ceilometer/password': value => $password; + 'filter:ceilometer/region_name': value => $region_name; } if $default_transport_url =~ /^rabbit.*/ { diff --git a/releasenotes/notes/keystone-region-416dd0806629397a.yaml b/releasenotes/notes/keystone-region-416dd0806629397a.yaml new file mode 100644 index 00000000..a8e3da07 --- /dev/null +++ b/releasenotes/notes/keystone-region-416dd0806629397a.yaml @@ -0,0 +1,6 @@ +--- +features: + - | + Add swift::proxy::authtoken::region_name and + swift::proxy::ceilometer::region_name to specify keystone region + where we expect identity resources like swift user are created. diff --git a/spec/classes/swift_proxy_authtoken_spec.rb b/spec/classes/swift_proxy_authtoken_spec.rb index 91ccf198..3771d8c0 100644 --- a/spec/classes/swift_proxy_authtoken_spec.rb +++ b/spec/classes/swift_proxy_authtoken_spec.rb @@ -29,6 +29,7 @@ describe 'swift::proxy::authtoken' do it { is_expected.to contain_swift_proxy_config('filter:authtoken/project_name').with_value('services') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/username').with_value('swift') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/password').with_value('password') } + it { is_expected.to contain_swift_proxy_config('filter:authtoken/region_name').with_value('') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/delay_auth_decision').with_value('1') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/cache').with_value('swift.cache') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/include_service_catalog').with_value('false') } @@ -42,6 +43,7 @@ describe 'swift::proxy::authtoken' do :admin_tenant_name => 'admin', :admin_user => 'swiftuser', :admin_password => 'swiftpassword', + :region_name => 'region2', :cache => 'foo', :delay_auth_decision => '0', :signing_dir => '/home/swift/keystone-signing', @@ -61,6 +63,7 @@ describe 'swift::proxy::authtoken' do it { is_expected.to contain_swift_proxy_config('filter:authtoken/project_name').with_value('admin') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/username').with_value('swiftuser') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/password').with_value('swiftpassword') } + it { is_expected.to contain_swift_proxy_config('filter:authtoken/region_name').with_value('region2') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/delay_auth_decision').with_value('0') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/cache').with_value('foo') } it { is_expected.to contain_swift_proxy_config('filter:authtoken/include_service_catalog').with_value('false') } diff --git a/spec/classes/swift_proxy_ceilometer_spec.rb b/spec/classes/swift_proxy_ceilometer_spec.rb index 9d56a0d9..edcf2873 100644 --- a/spec/classes/swift_proxy_ceilometer_spec.rb +++ b/spec/classes/swift_proxy_ceilometer_spec.rb @@ -32,14 +32,15 @@ describe 'swift::proxy::ceilometer' do :control_exchange => 'swift', :nonblocking_notify => true, :ignore_projects => ['services'], - :auth_uri => 'http://127.0.0.1:5000', - :auth_url => 'http://127.0.0.1:5000', - :auth_type => 'password', - :project_domain_name => 'Default', - :user_domain_name => 'Default', - :project_name => 'services', - :username => 'swift', - :password => 'password', + :auth_uri => 'http://127.0.0.1:5000', + :auth_url => 'http://127.0.0.1:5000', + :auth_type => 'password', + :project_domain_name => 'Default', + :user_domain_name => 'Default', + :project_name => 'services', + :username => 'swift', + :password => 'password', + :region_name => 'region2' } end @@ -52,14 +53,15 @@ describe 'swift::proxy::ceilometer' do it { is_expected.to contain_swift_proxy_config('filter:ceilometer/control_exchange').with_value('swift') } it { is_expected.to contain_swift_proxy_config('filter:ceilometer/nonblocking_notify').with_value('true') } it { is_expected.to contain_swift_proxy_config('filter:ceilometer/ignore_projects').with_value(['services']) } - it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_uri').with_value('http://127.0.0.1:5000') } - it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_url').with_value('http://127.0.0.1:5000') } + it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_uri').with_value('http://127.0.0.1:5000') } + it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_url').with_value('http://127.0.0.1:5000') } it { is_expected.to contain_swift_proxy_config('filter:ceilometer/auth_type').with_value('password') } it { is_expected.to contain_swift_proxy_config('filter:ceilometer/project_domain_name').with_value('Default') } it { is_expected.to contain_swift_proxy_config('filter:ceilometer/user_domain_name').with_value('Default') } it { is_expected.to contain_swift_proxy_config('filter:ceilometer/project_name').with_value('services') } it { is_expected.to contain_swift_proxy_config('filter:ceilometer/username').with_value('swift') } it { is_expected.to contain_swift_proxy_config('filter:ceilometer/password').with_value('password') } + it { is_expected.to contain_swift_proxy_config('filter:ceilometer/region_name').with_value('region2') } end context 'with default transport url' do