# password to connect to the rabbit_server. Optional. Defaults to empty.
# [*rabbit_virtual_host*]
# virtualhost to use. Optional. Defaults to '/'
+# [*rabbit_use_ssl*]
+# (optional) Connect over SSL for RabbitMQ
+# Defaults to false
+# [*kombu_ssl_ca_certs*]
+# (optional) SSL certification authority file (valid only if SSL enabled).
+# Defaults to undef
+# [*kombu_ssl_certfile*]
+# (optional) SSL cert file (valid only if SSL enabled).
+# Defaults to undef
+# [*kombu_ssl_keyfile*]
+# (optional) SSL key file (valid only if SSL enabled).
+# Defaults to undef
+# [*kombu_ssl_version*]
+# (optional) SSL version to use (valid only if SSL enabled).
+# Valid values are TLSv1, SSLv23 and SSLv3. SSLv2 may be
+# available on some distributions.
+# Defaults to 'SSLv3'
#
# [*qpid_hostname*]
# [*qpid_port*]
$rabbit_userid = 'guest',
$rabbit_password = '',
$rabbit_virtual_host = '/',
+ $rabbit_use_ssl = false,
+ $kombu_ssl_ca_certs = undef,
+ $kombu_ssl_certfile = undef,
+ $kombu_ssl_keyfile = undef,
+ $kombu_ssl_version = 'SSLv3',
$qpid_hostname = 'localhost',
$qpid_port = 5672,
$qpid_username = 'guest',
'DEFAULT/rabbit_userid' : value => $rabbit_userid;
'DEFAULT/rabbit_password' : value => $rabbit_password;
'DEFAULT/rabbit_virtual_host' : value => $rabbit_virtual_host;
+ 'DEFAULT/rabbit_use_ssl' : value => $rabbit_use_ssl;
+ }
+
+ if $rabbit_use_ssl {
+ if $kombu_ssl_ca_certs {
+ ceilometer_config { 'DEFAULT/kombu_ssl_ca_certs': value => $kombu_ssl_ca_certs }
+ } else {
+ ceilometer_config { 'DEFAULT/kombu_ssl_ca_certs': ensure => absent}
+ }
+
+ if $kombu_ssl_certfile {
+ ceilometer_config { 'DEFAULT/kombu_ssl_certfile': value => $kombu_ssl_certfile }
+ } else {
+ ceilometer_config { 'DEFAULT/kombu_ssl_certfile': ensure => absent}
+ }
+
+ if $kombu_ssl_keyfile {
+ ceilometer_config { 'DEFAULT/kombu_ssl_keyfile': value => $kombu_ssl_keyfile }
+ } else {
+ ceilometer_config { 'DEFAULT/kombu_ssl_keyfile': ensure => absent}
+ }
+
+ if $kombu_ssl_version {
+ ceilometer_config { 'DEFAULT/kombu_ssl_version': value => $kombu_ssl_version }
+ } else {
+ ceilometer_config { 'DEFAULT/kombu_ssl_version': ensure => absent}
+ }
+ } else {
+ ceilometer_config {
+ 'DEFAULT/kombu_ssl_ca_certs': ensure => absent;
+ 'DEFAULT/kombu_ssl_certfile': ensure => absent;
+ 'DEFAULT/kombu_ssl_keyfile': ensure => absent;
+ 'DEFAULT/kombu_ssl_version': ensure => absent;
+ }
}
}
context 'with rabbit_host parameter' do
before { params.merge!( rabbit_params ) }
it_configures 'a ceilometer base installation'
+ it_configures 'rabbit with SSL support'
it_configures 'rabbit without HA support (with backward compatibility)'
end
context 'with one server' do
before { params.merge!( rabbit_params ).merge!( :rabbit_hosts => ['127.0.0.1:5672'] ) }
it_configures 'a ceilometer base installation'
+ it_configures 'rabbit with SSL support'
it_configures 'rabbit without HA support (without backward compatibility)'
end
context 'with multiple servers' do
before { params.merge!( rabbit_params ).merge!( :rabbit_hosts => ['rabbit1:5672', 'rabbit2:5672'] ) }
it_configures 'a ceilometer base installation'
+ it_configures 'rabbit with SSL support'
it_configures 'rabbit with HA support'
end
end
it { should contain_ceilometer_config('DEFAULT/rabbit_ha_queues').with_value('true') }
end
+ shared_examples_for 'rabbit with SSL support' do
+ context "with default parameters" do
+ it { should contain_ceilometer_config('DEFAULT/rabbit_use_ssl').with_value('false') }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_ca_certs').with_ensure('absent') }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_certfile').with_ensure('absent') }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_keyfile').with_ensure('absent') }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_ensure('absent') }
+ end
+
+ context "with SSL enabled" do
+ before { params.merge!( :rabbit_use_ssl => 'true' ) }
+ it { should contain_ceilometer_config('DEFAULT/rabbit_use_ssl').with_value('true') }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_ca_certs').with_ensure('absent') }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_certfile').with_ensure('absent') }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_keyfile').with_ensure('absent') }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_value('SSLv3') }
+
+ context "with ca_certs" do
+ before { params.merge!( :kombu_ssl_ca_certs => '/path/to/ca.crt' ) }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_ca_certs').with_value('/path/to/ca.crt') }
+ end
+
+ context "with certfile" do
+ before { params.merge!( :kombu_ssl_certfile => '/path/to/cert.crt' ) }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_certfile').with_value('/path/to/cert.crt') }
+ end
+
+ context "with keyfile" do
+ before { params.merge!( :kombu_ssl_keyfile => '/path/to/cert.key' ) }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_keyfile').with_value('/path/to/cert.key') }
+ end
+
+ context "with version" do
+ before { params.merge!( :kombu_ssl_version => 'TLSv1' ) }
+ it { should contain_ceilometer_config('DEFAULT/kombu_ssl_version').with_value('TLSv1') }
+ end
+ end
+ end
+
shared_examples_for 'qpid support' do
context("with default parameters") do
it { should contain_ceilometer_config('DEFAULT/qpid_reconnect').with_value(true) }
Code Review / puppet-modules / puppet-ceilometer.git / commitdiff