Add domain parameters to switch, neutron and glance auth modules
These are required to use Identity v3 authentication with them. Change-Id: I50068d5f29641fb0f01cf1ded3487bb44b324558 Related-Bug: #1661250
This commit is contained in:
parent
d3589fc525
commit
f60b27493a
|
@ -32,6 +32,14 @@
|
|||
# The admin password for ironic to connect to glance.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*user_domain_name*]
|
||||
# The name of user's domain (required for Identity V3).
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*project_domain_name*]
|
||||
# The name of project's domain (required for Identity V3).
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*api_servers*]
|
||||
# (optional) A list of the glance api servers available to ironic.
|
||||
# Should be an array with [hostname|ip]:port
|
||||
|
@ -66,6 +74,8 @@ class ironic::glance (
|
|||
$project_name = 'services',
|
||||
$username = 'ironic',
|
||||
$password = $::os_service_default,
|
||||
$user_domain_name = $::os_service_default,
|
||||
$project_domain_name = $::os_service_default,
|
||||
$api_servers = $::os_service_default,
|
||||
$num_retries = $::os_service_default,
|
||||
$api_insecure = $::os_service_default,
|
||||
|
@ -94,6 +104,8 @@ class ironic::glance (
|
|||
'glance/password': value => $password, secret => true;
|
||||
'glance/auth_url': value => $auth_url;
|
||||
'glance/project_name': value => $project_name;
|
||||
'glance/user_domain_name': value => $user_domain_name;
|
||||
'glance/project_domain_name': value => $project_domain_name;
|
||||
'glance/glance_api_servers': value => $api_servers_converted;
|
||||
'glance/glance_num_retries': value => $num_retries_real;
|
||||
'glance/glance_api_insecure': value => $api_insecure_real;
|
||||
|
|
|
@ -36,23 +36,35 @@
|
|||
# The admin password for ironic to connect to neutron.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*user_domain_name*]
|
||||
# The name of user's domain (required for Identity V3).
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*project_domain_name*]
|
||||
# The name of project's domain (required for Identity V3).
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
class ironic::neutron (
|
||||
$api_endpoint = $::os_service_default,
|
||||
$auth_type = 'password',
|
||||
$auth_url = $::os_service_default,
|
||||
$project_name = 'services',
|
||||
$username = 'ironic',
|
||||
$password = $::os_service_default,
|
||||
$api_endpoint = $::os_service_default,
|
||||
$auth_type = 'password',
|
||||
$auth_url = $::os_service_default,
|
||||
$project_name = 'services',
|
||||
$username = 'ironic',
|
||||
$password = $::os_service_default,
|
||||
$user_domain_name = $::os_service_default,
|
||||
$project_domain_name = $::os_service_default,
|
||||
) {
|
||||
|
||||
$api_endpoint_real = pick($::ironic::api::neutron_url, $api_endpoint)
|
||||
|
||||
ironic_config {
|
||||
'neutron/url': value => $api_endpoint_real;
|
||||
'neutron/auth_type': value => $auth_type;
|
||||
'neutron/username': value => $username;
|
||||
'neutron/password': value => $password, secret => true;
|
||||
'neutron/auth_url': value => $auth_url;
|
||||
'neutron/project_name': value => $project_name;
|
||||
'neutron/url': value => $api_endpoint_real;
|
||||
'neutron/auth_type': value => $auth_type;
|
||||
'neutron/username': value => $username;
|
||||
'neutron/password': value => $password, secret => true;
|
||||
'neutron/auth_url': value => $auth_url;
|
||||
'neutron/project_name': value => $project_name;
|
||||
'neutron/user_domain_name': value => $user_domain_name;
|
||||
'neutron/project_domain_name': value => $project_domain_name;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -32,19 +32,31 @@
|
|||
# The admin password for ironic to connect to swift.
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*user_domain_name*]
|
||||
# The name of user's domain (required for Identity V3).
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
# [*project_domain_name*]
|
||||
# The name of project's domain (required for Identity V3).
|
||||
# Defaults to $::os_service_default
|
||||
#
|
||||
class ironic::swift (
|
||||
$auth_type = 'password',
|
||||
$auth_url = $::os_service_default,
|
||||
$project_name = 'services',
|
||||
$username = 'ironic',
|
||||
$password = $::os_service_default,
|
||||
$auth_type = 'password',
|
||||
$auth_url = $::os_service_default,
|
||||
$project_name = 'services',
|
||||
$username = 'ironic',
|
||||
$password = $::os_service_default,
|
||||
$user_domain_name = $::os_service_default,
|
||||
$project_domain_name = $::os_service_default,
|
||||
) {
|
||||
|
||||
ironic_config {
|
||||
'swift/auth_type': value => $auth_type;
|
||||
'swift/username': value => $username;
|
||||
'swift/password': value => $password, secret => true;
|
||||
'swift/auth_url': value => $auth_url;
|
||||
'swift/project_name': value => $project_name;
|
||||
'swift/auth_type': value => $auth_type;
|
||||
'swift/username': value => $username;
|
||||
'swift/password': value => $password, secret => true;
|
||||
'swift/auth_url': value => $auth_url;
|
||||
'swift/project_name': value => $project_name;
|
||||
'swift/user_domain_name': value => $user_domain_name;
|
||||
'swift/project_domain_name': value => $project_domain_name;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
Add "user_domain_name" and "project_domain_name" to "ironic::glance",
|
||||
"ironic::swift" and "ironic::neutron" manifests. These are required to
|
||||
support Identity v3 authentication.
|
|
@ -39,6 +39,8 @@ describe 'ironic::glance' do
|
|||
is_expected.to contain_ironic_config('glance/project_name').with_value(p[:project_name])
|
||||
is_expected.to contain_ironic_config('glance/username').with_value(p[:username])
|
||||
is_expected.to contain_ironic_config('glance/password').with_value('<SERVICE DEFAULT>').with_secret(true)
|
||||
is_expected.to contain_ironic_config('glance/user_domain_name').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_ironic_config('glance/project_domain_name').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_ironic_config('glance/glance_api_servers').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_ironic_config('glance/glance_api_insecure').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_ironic_config('glance/glance_num_retries').with_value('<SERVICE DEFAULT>')
|
||||
|
@ -55,6 +57,8 @@ describe 'ironic::glance' do
|
|||
:project_name => 'project1',
|
||||
:username => 'admin',
|
||||
:password => 'pa$$w0rd',
|
||||
:user_domain_name => 'NonDefault',
|
||||
:project_domain_name => 'NonDefault',
|
||||
:api_servers => '10.0.0.1:9292',
|
||||
:api_insecure => true,
|
||||
:num_retries => 42,
|
||||
|
@ -70,6 +74,8 @@ describe 'ironic::glance' do
|
|||
is_expected.to contain_ironic_config('glance/project_name').with_value(p[:project_name])
|
||||
is_expected.to contain_ironic_config('glance/username').with_value(p[:username])
|
||||
is_expected.to contain_ironic_config('glance/password').with_value(p[:password]).with_secret(true)
|
||||
is_expected.to contain_ironic_config('glance/user_domain_name').with_value(p[:user_domain_name])
|
||||
is_expected.to contain_ironic_config('glance/project_domain_name').with_value(p[:project_domain_name])
|
||||
is_expected.to contain_ironic_config('glance/glance_api_servers').with_value(p[:api_servers])
|
||||
is_expected.to contain_ironic_config('glance/glance_api_insecure').with_value(p[:api_insecure])
|
||||
is_expected.to contain_ironic_config('glance/glance_num_retries').with_value(p[:num_retries])
|
||||
|
@ -82,14 +88,16 @@ describe 'ironic::glance' do
|
|||
context 'when overriding parameters with 2 glance servers' do
|
||||
before :each do
|
||||
params.merge!(
|
||||
:auth_type => 'noauth',
|
||||
:auth_url => 'http://example.com',
|
||||
:project_name => 'project1',
|
||||
:username => 'admin',
|
||||
:password => 'pa$$w0rd',
|
||||
:api_servers => ['10.0.0.1:9292','10.0.0.2:9292'],
|
||||
:api_insecure => true,
|
||||
:num_retries => 42
|
||||
:auth_type => 'noauth',
|
||||
:auth_url => 'http://example.com',
|
||||
:project_name => 'project1',
|
||||
:username => 'admin',
|
||||
:password => 'pa$$w0rd',
|
||||
:user_domain_name => 'NonDefault',
|
||||
:project_domain_name => 'NonDefault',
|
||||
:api_servers => ['10.0.0.1:9292','10.0.0.2:9292'],
|
||||
:api_insecure => true,
|
||||
:num_retries => 42
|
||||
)
|
||||
end
|
||||
|
||||
|
@ -99,6 +107,8 @@ describe 'ironic::glance' do
|
|||
is_expected.to contain_ironic_config('glance/project_name').with_value(p[:project_name])
|
||||
is_expected.to contain_ironic_config('glance/username').with_value(p[:username])
|
||||
is_expected.to contain_ironic_config('glance/password').with_value(p[:password]).with_secret(true)
|
||||
is_expected.to contain_ironic_config('glance/user_domain_name').with_value(p[:user_domain_name])
|
||||
is_expected.to contain_ironic_config('glance/project_domain_name').with_value(p[:project_domain_name])
|
||||
is_expected.to contain_ironic_config('glance/glance_api_servers').with_value(p[:api_servers].join(','))
|
||||
is_expected.to contain_ironic_config('glance/glance_api_insecure').with_value(p[:api_insecure])
|
||||
is_expected.to contain_ironic_config('glance/glance_num_retries').with_value(p[:num_retries])
|
||||
|
|
|
@ -40,17 +40,21 @@ describe 'ironic::neutron' do
|
|||
is_expected.to contain_ironic_config('neutron/project_name').with_value(p[:project_name])
|
||||
is_expected.to contain_ironic_config('neutron/username').with_value(p[:username])
|
||||
is_expected.to contain_ironic_config('neutron/password').with_value('<SERVICE DEFAULT>').with_secret(true)
|
||||
is_expected.to contain_ironic_config('neutron/user_domain_name').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_ironic_config('neutron/project_domain_name').with_value('<SERVICE DEFAULT>')
|
||||
end
|
||||
|
||||
context 'when overriding parameters' do
|
||||
before :each do
|
||||
params.merge!(
|
||||
:api_endpoint => 'http://neutron.example.com',
|
||||
:auth_type => 'noauth',
|
||||
:auth_url => 'http://example.com',
|
||||
:project_name => 'project1',
|
||||
:username => 'admin',
|
||||
:password => 'pa$$w0rd',
|
||||
:api_endpoint => 'http://neutron.example.com',
|
||||
:auth_type => 'noauth',
|
||||
:auth_url => 'http://example.com',
|
||||
:project_name => 'project1',
|
||||
:username => 'admin',
|
||||
:password => 'pa$$w0rd',
|
||||
:user_domain_name => 'NonDefault',
|
||||
:project_domain_name => 'NonDefault',
|
||||
)
|
||||
end
|
||||
|
||||
|
@ -61,6 +65,8 @@ describe 'ironic::neutron' do
|
|||
is_expected.to contain_ironic_config('neutron/project_name').with_value(p[:project_name])
|
||||
is_expected.to contain_ironic_config('neutron/username').with_value(p[:username])
|
||||
is_expected.to contain_ironic_config('neutron/password').with_value(p[:password]).with_secret(true)
|
||||
is_expected.to contain_ironic_config('neutron/user_domain_name').with_value(p[:user_domain_name])
|
||||
is_expected.to contain_ironic_config('neutron/project_domain_name').with_value(p[:project_domain_name])
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -39,16 +39,20 @@ describe 'ironic::swift' do
|
|||
is_expected.to contain_ironic_config('swift/project_name').with_value(p[:project_name])
|
||||
is_expected.to contain_ironic_config('swift/username').with_value(p[:username])
|
||||
is_expected.to contain_ironic_config('swift/password').with_value('<SERVICE DEFAULT>').with_secret(true)
|
||||
is_expected.to contain_ironic_config('swift/user_domain_name').with_value('<SERVICE DEFAULT>')
|
||||
is_expected.to contain_ironic_config('swift/project_domain_name').with_value('<SERVICE DEFAULT>')
|
||||
end
|
||||
|
||||
context 'when overriding parameters' do
|
||||
before :each do
|
||||
params.merge!(
|
||||
:auth_type => 'noauth',
|
||||
:auth_url => 'http://example.com',
|
||||
:project_name => 'project1',
|
||||
:username => 'admin',
|
||||
:password => 'pa$$w0rd',
|
||||
:auth_type => 'noauth',
|
||||
:auth_url => 'http://example.com',
|
||||
:project_name => 'project1',
|
||||
:username => 'admin',
|
||||
:password => 'pa$$w0rd',
|
||||
:user_domain_name => 'NonDefault',
|
||||
:project_domain_name => 'NonDefault',
|
||||
)
|
||||
end
|
||||
|
||||
|
@ -58,6 +62,8 @@ describe 'ironic::swift' do
|
|||
is_expected.to contain_ironic_config('swift/project_name').with_value(p[:project_name])
|
||||
is_expected.to contain_ironic_config('swift/username').with_value(p[:username])
|
||||
is_expected.to contain_ironic_config('swift/password').with_value(p[:password]).with_secret(true)
|
||||
is_expected.to contain_ironic_config('swift/user_domain_name').with_value(p[:user_domain_name])
|
||||
is_expected.to contain_ironic_config('swift/project_domain_name').with_value(p[:project_domain_name])
|
||||
end
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue