Configure glance_api_insecure and glance_api_servers

This change adds some attributes into the cookbook so
that they are configurable. They are mainly to configure
for glance_api_insecure and make glance_api_servers to be
prefixed with scheme(http or https).

Change-Id: I79e04b47918fe1ec0b45472bd2cec9afa73d5897
Closes-Bug: #1383619

CHANGELOG.md

@@ -8,6 +8,7 @@ This file is used to list changes made in each version of the openstack-block-st
 * Bump Chef gem to 11.16
 * Update deprecated keystoneclient.middleware.auth_token in api-paste.ini
 * Add attributes for quota_snapshots, no_snapshot_gb_quota and use_default_quota_class
+* Add glance_api_insecure and make glance_api_servers to be prefixed with scheme
 
 ## 10.0.0
 * Upgrading to Juno

README.md

@@ -57,6 +57,11 @@ Attributes
 * `openstack['block-storage']['api']['auth']['hash_algorithms']` - Hash algorithms to use for hashing PKI tokens
 * `openstack['block-storage']['api']['auth']['cafile']` - A PEM encoded Certificate Authority to use when verifying HTTPs connections
 * `openstack['block-storage']['api']['auth']['insecure']` - Set whether to verify HTTPS connections
+
+Glance Attributes
+-----------------
+* `openstack["block-storage"]["image"]["glance_api_insecure"]` - If True, this indicates that glance-api allows the client to perform insecure SSL(https) requests, this should be the same as the setting in the glance-api service
+
 MQ attributes
 -------------
 * `openstack["block-storage"]["mq"]["service_type"]` - Select qpid or rabbitmq. default rabbitmq

attributes/default.rb

@@ -89,6 +89,11 @@ default['openstack']['block-storage']['api']['auth']['cafile'] = nil
 # Verify HTTPS connections
 default['openstack']['block-storage']['api']['auth']['insecure'] = false
 
+# If True, this indicates that glance-api allows the client to perform
+# insecure SSL(https) requests; this should be the same as the setting
+# in the glance-api service.
+default['openstack']['block-storage']['image']['glance_api_insecure'] = false
+
 # Maximum allocatable gigabytes
 # Should equal total backend storage, default is 10TB
 default['openstack']['block-storage']['max_gigabytes'] = '10000'

recipes/cinder-common.rb

@@ -96,6 +96,7 @@ template '/etc/cinder/cinder.conf' do
     mq_service_type: mq_service_type,
     mq_password: mq_password,
     rabbit_hosts: rabbit_hosts,
+    glance_scheme: glance_api_endpoint.scheme,
     glance_host: glance_api_endpoint.host,
     glance_port: glance_api_endpoint.port,
     ibmnas_pass: ibmnas_pass,

spec/cinder_common_spec.rb

@@ -262,6 +262,19 @@ describe 'openstack-block-storage::cinder-common' do
         end
 
         context 'glance endpoint' do
+          it 'has a glance_api_servers attribute' do
+            expect(chef_run).to render_file(file.name).with_content(%r{^glance_api_servers=scheme://host:port$})
+          end
+
+          it 'has a glance_api_insecure attribute' do
+            expect(chef_run).to render_file(file.name).with_content(/^glance_api_insecure=false$/)
+          end
+
+          it 'sets insecure for glance' do
+            node.set['openstack']['block-storage']['image']['glance_api_insecure'] = true
+            expect(chef_run).to render_file(file.name).with_content(/^glance_api_insecure=true$/)
+          end
+
           %w(host port).each do |glance_attr|
             it "has a glance #{glance_attr} attribute" do
               expect(chef_run).to render_file(file.name).with_content(/^glance_#{glance_attr}=#{glance_attr}$/)

templates/default/cinder.conf.erb

@@ -81,9 +81,12 @@ glance_host=<%= @glance_host %>
 glance_port=<%= @glance_port %>
 #### (IntOpt) default glance port
 
-# glance_api_servers=$glance_host:$glance_port
+glance_api_servers=<%= @glance_scheme %>://<%= @glance_host %>:<%= @glance_port %>
 #### (ListOpt) A list of the glance api servers available to cinder
-####           ([hostname|ip]:port)
+####           ([http|https]://[hostname|ip]:port)
+
+glance_api_insecure=<%= node['openstack']['block-storage']['image']['glance_api_insecure'] %>
+#### (BoolOpt) Allow to perform insecure SSL (https) requests to 'glance'
 
 # glance_num_retries=0
 #### (IntOpt) Number retries when downloading an image from glance