Configure Glance SSL verification settings (VMware backend)
Fetch CA certificate bundle and pass it into puppet-glance module (glance::backend::vsphere class). Default behaviour of class is to turn off verification (we pass `undef' value to ::glance::backend::vsphere class), if `vcenter_ca_file' is provided certificate is verified. Support of CA certificate setting was introduced in change request of puppet-glance module Icef5c35ad1128df465da548dd880a0dfeeadb5e1 CA bundle file gets uploaded to `/etc/glance/'. Provide noop test case. Closes-bug: #1559067 Change-Id: Id0976706221dbac60c424ba9eb865d84411fc6d0
This commit is contained in:
parent
77d84efa2f
commit
ac2801b8ba
|
@ -72,6 +72,7 @@ class openstack_tasks::glance::glance {
|
|||
$glance_vcenter_datastore = $glance_hash['vc_datastore']
|
||||
$glance_vcenter_image_dir = $glance_hash['vc_image_dir']
|
||||
$glance_vcenter_api_retry_count = '20'
|
||||
$glance_vcenter_ca_file = $glance_hash['vc_ca_file']
|
||||
$glance_image_cache_max_size = $glance_hash['image_cache_max_size']
|
||||
$pipeline = pick($glance_hash['pipeline'], 'keystone')
|
||||
$glance_large_object_size = pick($glance_hash['large_object_size'], '5120')
|
||||
|
@ -295,6 +296,22 @@ class openstack_tasks::glance::glance {
|
|||
}
|
||||
}
|
||||
'vmware': {
|
||||
if ! empty($glance_vcenter_ca_file['content']) {
|
||||
$vcenter_ca_filename = $glance_vcenter_ca_file['name']
|
||||
$vcenter_ca_filepath = "/etc/glance/${glance_vcenter_ca_filename}"
|
||||
|
||||
file { $vcenter_ca_filepath:
|
||||
ensure => file,
|
||||
content => $glance_vcenter_ca_file['content'],
|
||||
mode => '0644',
|
||||
owner => 'root',
|
||||
group => 'root',
|
||||
}
|
||||
Class['::glance::backend::vsphere']->File[$vcenter_ca_filepath]
|
||||
} else {
|
||||
$vcenter_ca_filepath = undef
|
||||
}
|
||||
|
||||
class { '::glance::backend::vsphere':
|
||||
vcenter_host => $glance_vcenter_host,
|
||||
vcenter_user => $glance_vcenter_user,
|
||||
|
@ -303,6 +320,7 @@ class openstack_tasks::glance::glance {
|
|||
vcenter_datastore => $glance_vcenter_datastore,
|
||||
vcenter_image_dir => $glance_vcenter_image_dir,
|
||||
vcenter_api_retry_count => $glance_vcenter_api_retry_count,
|
||||
vcenter_ca_file => $vcenter_ca_filepath,
|
||||
glare_enabled => true,
|
||||
}
|
||||
}
|
||||
|
|
|
@ -192,13 +192,19 @@ describe manifest do
|
|||
else
|
||||
show_image_direct_url = true
|
||||
end
|
||||
let :params do { :glance_backend => 'vmware', } end
|
||||
let :params do { :glance_backend => 'vmware', :glance_vcenter_ca_file => { 'name' => 'vcenter-ca.pem', 'content' => 'RSA'} } end
|
||||
it 'should declare vmware backend' do
|
||||
should contain_class('glance::backend::vsphere').with(:glare_enabled => true)
|
||||
end
|
||||
it 'should configure show_image_direct_url' do
|
||||
should contain_glance_api_config('DEFAULT/show_image_direct_url').with_value(show_image_direct_url)
|
||||
end
|
||||
it 'should configure vmware_ca_file setting' do
|
||||
should contain_glance_api_config('glance_store/vmware_ca_file').with_value('vcenter-ca.pem')
|
||||
end
|
||||
it 'should contain CA certificate for vCenter server' do
|
||||
should contain_file('/etc/glance/vcenter-ca.pem').with_content('RSA')
|
||||
end
|
||||
else
|
||||
if glance_config && glance_config.has_key?('show_image_direct_url')
|
||||
show_image_direct_url = glance_config['show_image_direct_url']
|
||||
|
|
Loading…
Reference in New Issue