# (Optional) A list of memcached server(s) to use for caching. (list value)
# Defaults to $::os_service_default
#
+# [*cache_tls_enabled*]
+# (Optional) Global toggle for TLS usage when comunicating with
+# the caching servers.
+# Default to $::os_service_default
+#
+# [*cache_tls_cafile*]
+# (Optional) Path to a file of concatenated CA certificates in PEM
+# format necessary to establish the caching server's authenticity.
+# If tls_enabled is False, this option is ignored.
+# Default to $::os_service_default
+#
+# [*cache_tls_certfile*]
+# (Optional) Path to a single file in PEM format containing the
+# client's certificate as well as any number of CA certificates
+# needed to establish the certificate's authenticity. This file
+# is only required when client side authentication is necessary.
+# If tls_enabled is False, this option is ignored.
+# Default to $::os_service_default
+#
+# [*cache_tls_keyfile*]
+# (Optional) Path to a single file containing the client's private
+# key in. Otherwhise the private key will be taken from the file
+# specified in tls_certfile. If tls_enabled is False, this option
+# is ignored.
+# Default to $::os_service_default
+#
+# [*cache_tls_allowed_ciphers*]
+# (Optional) Set the available ciphers for sockets created with
+# the TLS context. It should be a string in the OpenSSL cipher
+# list format. If not specified, all OpenSSL enabled ciphers will
+# be available.
+# Default to $::os_service_default
+#
# [*manage_backend_package*]
# (Optional) If we should install the cache backend package.
# Defaults to true
$kombu_compression = $::os_service_default,
$cache_backend = $::os_service_default,
$memcache_servers = $::os_service_default,
+ $cache_tls_enabled = $::os_service_default,
+ $cache_tls_cafile = $::os_service_default,
+ $cache_tls_certfile = $::os_service_default,
+ $cache_tls_keyfile = $::os_service_default,
+ $cache_tls_allowed_ciphers = $::os_service_default,
$manage_backend_package = true,
$amqp_server_request_prefix = $::os_service_default,
$amqp_broadcast_prefix = $::os_service_default,
oslo::cache { 'ceilometer_config':
backend => $cache_backend,
memcache_servers => $memcache_servers,
+ tls_enabled => $cache_tls_enabled,
+ tls_cafile => $cache_tls_cafile,
+ tls_certfile => $cache_tls_certfile,
+ tls_keyfile => $cache_tls_keyfile,
+ tls_allowed_ciphers => $cache_tls_allowed_ciphers,
manage_backend_package => $manage_backend_package,
}
}
is_expected.to contain_oslo__cache('ceilometer_config').with(
:backend => '<SERVICE DEFAULT>',
:memcache_servers => '<SERVICE DEFAULT>',
+ :tls_enabled => '<SERVICE DEFAULT>',
+ :tls_cafile => '<SERVICE DEFAULT>',
+ :tls_certfile => '<SERVICE DEFAULT>',
+ :tls_keyfile => '<SERVICE DEFAULT>',
+ :tls_allowed_ciphers => '<SERVICE DEFAULT>',
:manage_backend_package => true,
)
end
params.merge!(
:cache_backend => 'memcache',
:memcache_servers => 'host1:11211,host2:11211',
+ :cache_tls_enabled => true,
:manage_backend_package => false,
)
}
is_expected.to contain_oslo__cache('ceilometer_config').with(
:backend => 'memcache',
:memcache_servers => 'host1:11211,host2:11211',
+ :tls_enabled => true,
:manage_backend_package => false,
)
end
Code Review / puppet-modules / puppet-ceilometer.git / commitdiff